The purpose of this test suite is to demonstrate a path to interoperability for the ECDSA data integrity cryptosuites. The technologies explored in this test suite are experimental. This document contains the most recent interoperability report for a DataIntegrityProof using the `ecdsa-rdfc-2019`, `ecdsa-jcs-2019`, or `ecdsa-sd-2023` cryptosuites. This report is auto-generated.
Tests passed 388/424 91%
Tests failed 36/424 9%
Failures 36
Tests skipped 0
Total tests 424
These tests were run on
The results of the tests are shown below:
Issuer ⇒
⇓Test Name
|
apicatalog.com: P-256 | apicatalog.com: P-384 | Digital Bazaar: P-256 | Digital Bazaar: P-384 | SpruceID: P-256 | bovine: P-256 |
---|---|---|---|---|---|---|
"proof" field MUST exist and MUST be either a single object or an unordered set of objects. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
if "proof.id" field exists, it MUST be a valid URL. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
"proof.type" field MUST exist and be a string. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
"proof.type" field MUST be "DataIntegrityProof" and the associated document MUST include expected contexts. |
✓
|
✓
|
✓
|
✓
|
❌
|
✓
|
"proof.cryptosuite" field MUST exist and be a string. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
if "proof.created" field exists, it MUST be a valid XMLSCHEMA-11 dateTimeStamp value. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
if "proof.expires" field exists, it MUST be a valid XMLSCHEMA-11 dateTimeStamp value. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
"proof.verificationMethod" field MUST exist and be a valid URL. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
"proof.proofPurpose" field MUST exist and be a string. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
"proof.proofValue" field MUST exist and be a string. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
The contents of the value ("proof.proofValue") MUST be expressed with a header and encoding as described in Section 2.4 Multibase. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
if "proof.domain" field exists, it MUST be either a string, or an unordered set of strings. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
if "proof.challenge" field exists, it MUST be a string. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
if "proof.previousProof" field exists, it MUST be a string. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
if "proof.nonce" field exists, it MUST be a string. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
Implementation ⇒
⇓Test Name
|
apicatalog.com: P-256 | apicatalog.com: P-384 | Digital Bazaar: P-256 | Digital Bazaar: P-384 | SpruceID: P-256 | bovine: P-256 |
---|---|---|---|---|---|---|
The (proof) type property MUST be DataIntegrityProof. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
The cryptosuite property of the proof MUST be ecdsa-rdfc-2019 or ecdsa-jcs-2019. |
✓
|
✓
|
✓
|
✓
|
❌
|
✓
|
the signature value (proofValue) MUST be expressed according to section 7 of [RFC4754] (sometimes referred to as the IEEE P1363 format) and encoded according to the specific cryptosuite proof generation algorithm. |
✓
|
✓
|
✓
|
✓
|
❌
|
✓
|
The "proof" MUST verify with a conformant verifier. |
❌
|
❌
|
✓
|
✓
|
❌
|
✓
|
The "proof.proofPurpose" field MUST match the verification relationship expressed by the verification method controller. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
Dereferencing "verificationMethod" MUST result in an object containing a type property with "Multikey" value. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
The "publicKeyMultibase" property of the verification method MUST be public key encoded according to MULTICODEC and formatted according to MULTIBASE. |
✓
|
✓
|
✓
|
✓
|
✓
|
✓
|
Implementation ⇒
⇓Test Name
|
---|
Verifier ⇒
⇓Test Name
|
apicatalog.com: P-256, P-384 | Digital Bazaar: P-256, P-384 | SpruceID: P-256 | bovine: P-256 |
---|---|---|---|---|
If the "proof" field is missing, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
If the "proof" field is invalid, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
If the "proof.type" field is missing, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
If the "proof.type" field is not the string "DataIntegrityProof", an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
If the "proof.verificationMethod" field is missing, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
If the "proof.verificationMethod" field is invalid, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
If the "proof.proofPurpose" field is missing, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
If the "proof.proofPurpose" field is invalid, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
If the "proof.proofPurpose" value does not match "options.expectedProofPurpose", an error MUST be raised. |
✓
|
❌
|
✓
|
✓
|
If the "proof.proofValue" field is missing, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
If the "proof.proofValue" field is invalid, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
If the "proof.created" field is invalid, an error MUST be raised. |
✓
|
❌
|
✓
|
✓
|
If the "proof.proofValue" field is not multibase-encoded, an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
If the "options.domain" is set and it does not match "proof.domain", an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
If the "options.challenge" is set and it does not match "proof.challenge", an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
Verifier ⇒
⇓Issuer
|
apicatalog.com: P-256, P-384 | Digital Bazaar: P-256, P-384 | SpruceID: P-256 | bovine: P-256 |
---|---|---|---|---|
apicatalog.com: P-256 |
✓
|
❌
|
❌
|
✓
|
apicatalog.com: P-384 |
✓
|
❌
|
🚫
|
🚫
|
Digital Bazaar: P-256 |
✓
|
✓
|
❌
|
✓
|
Digital Bazaar: P-384 |
❌
|
✓
|
🚫
|
🚫
|
SpruceID: P-256 |
❌
|
✓
|
✓
|
❌
|
bovine: P-256 |
✓
|
✓
|
❌
|
✓
|
Issuer ⇒
⇓Test Name
|
apicatalog.com: P-256 | Digital Bazaar: P-256 | Grotto Networking: P-256 |
---|---|---|---|
"proof" field MUST exist and MUST be either a single object or an unordered set of objects. |
✓
|
✓
|
✓
|
if "proof.id" field exists, it MUST be a valid URL. |
✓
|
✓
|
✓
|
"proof.type" field MUST exist and be a string. |
✓
|
✓
|
✓
|
"proof.type" field MUST be "DataIntegrityProof" and the associated document MUST include expected contexts. |
✓
|
✓
|
✓
|
"proof.cryptosuite" field MUST exist and be a string. |
✓
|
✓
|
✓
|
if "proof.created" field exists, it MUST be a valid XMLSCHEMA-11 dateTimeStamp value. |
✓
|
✓
|
✓
|
if "proof.expires" field exists, it MUST be a valid XMLSCHEMA-11 dateTimeStamp value. |
✓
|
✓
|
✓
|
"proof.verificationMethod" field MUST exist and be a valid URL. |
✓
|
✓
|
✓
|
"proof.proofPurpose" field MUST exist and be a string. |
✓
|
✓
|
✓
|
"proof.proofValue" field MUST exist and be a string. |
✓
|
✓
|
✓
|
The contents of the value ("proof.proofValue") MUST be expressed with a header and encoding as described in Section 2.4 Multibase. |
✓
|
✓
|
✓
|
if "proof.domain" field exists, it MUST be either a string, or an unordered set of strings. |
✓
|
✓
|
✓
|
if "proof.challenge" field exists, it MUST be a string. |
✓
|
✓
|
✓
|
if "proof.previousProof" field exists, it MUST be a string. |
✓
|
✓
|
✓
|
if "proof.nonce" field exists, it MUST be a string. |
✓
|
✓
|
✓
|
Implementation ⇒
⇓Test Name
|
apicatalog.com: P-256 | Digital Bazaar: P-256 | Grotto Networking: P-256 |
---|---|---|---|
The field "cryptosuite" MUST be "ecdsa-sd-2023". |
✓
|
✓
|
✓
|
the signature value (proofValue) MUST be expressed according to section 7 of [RFC4754] (sometimes referred to as the IEEE P1363 format) and encoded according to the specific cryptosuite proof generation algorithm. |
✓
|
✓
|
✓
|
The field "proofValue" MUST start with "u". |
✓
|
✓
|
✓
|
The "proof" MUST verify when using a conformant verifier. |
❌
|
✓
|
✓
|
The "proof.proofPurpose" field MUST match the verification relationship expressed by the verification method controller. |
✓
|
✓
|
✓
|
Dereferencing "verificationMethod" MUST result in an object containing a type property with "Multikey" value. |
✓
|
✓
|
✓
|
The "publicKeyMultibase" property of the verification method MUST be public key encoded according to MULTICODEC and formatted according to MULTIBASE. |
✓
|
✓
|
✓
|
Implementation ⇒
⇓Test Name
|
---|
Verifier ⇒
⇓Test Name
|
apicatalog.com: P-256 | apicatalog.com: P-384 | Digital Bazaar: P-256 | Digital Bazaar: P-384 | SpruceID: P-256 | SpruceID: P-384 | bovine: P-256 | bovine: P-384 |
---|---|---|---|---|---|---|---|---|
MUST verify a valid VC with an ecdsa-rdfc-2019 proof. |
✓
|
❌
|
✓
|
✓
|
❌
|
❌
|
✓
|
❌
|
If the "cryptosuite" field is not the string "ecdsa-rdfc-2019" or the string "ecdsa-jcs-2019", an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
✓
|
❌
|
✓
|
❌
|
Verifier ⇒
⇓Test Name
|
apicatalog.com: P-256 | apicatalog.com: P-384 | Digital Bazaar: P-256 | Digital Bazaar: P-384 | SpruceID: P-256 | SpruceID: P-384 | bovine: P-256 | bovine: P-384 |
---|---|---|---|---|---|---|---|---|
MUST verify a valid VC with an ecdsa-rdfc-2019 proof. |
✓
|
❌
|
✓
|
✓
|
❌
|
❌
|
✓
|
❌
|
If the "cryptosuite" field is not the string "ecdsa-rdfc-2019" or the string "ecdsa-jcs-2019", an error MUST be raised. |
✓
|
✓
|
✓
|
✓
|
✓
|
❌
|
✓
|
❌
|
Verifier ⇒
⇓Test Name
|
apicatalog.com: P-256, P-384 | Digital Bazaar: P-256, P-384 | Grotto Networking: P-256 |
---|---|---|---|
If the "proof" field is missing, an error MUST be raised. |
✓
|
✓
|
✓
|
If the "proof" field is invalid, an error MUST be raised. |
✓
|
✓
|
✓
|
If the "proof.type" field is missing, an error MUST be raised. |
✓
|
✓
|
✓
|
If the "proof.type" field is not the string "DataIntegrityProof", an error MUST be raised. |
✓
|
✓
|
✓
|
If the "proof.verificationMethod" field is missing, an error MUST be raised. |
✓
|
✓
|
✓
|
If the "proof.verificationMethod" field is invalid, an error MUST be raised. |
✓
|
✓
|
✓
|
If the "proof.proofPurpose" field is missing, an error MUST be raised. |
✓
|
✓
|
✓
|
If the "proof.proofPurpose" field is invalid, an error MUST be raised. |
✓
|
✓
|
✓
|
If the "proof.proofPurpose" value does not match "options.expectedProofPurpose", an error MUST be raised. |
✓
|
❌
|
✓
|
If the "proof.proofValue" field is missing, an error MUST be raised. |
✓
|
✓
|
✓
|
If the "proof.proofValue" field is invalid, an error MUST be raised. |
✓
|
✓
|
✓
|
If the "proof.created" field is invalid, an error MUST be raised. |
✓
|
❌
|
✓
|
If the "proof.proofValue" field is not multibase-encoded, an error MUST be raised. |
✓
|
✓
|
✓
|
If the "options.domain" is set and it does not match "proof.domain", an error MUST be raised. |
✓
|
✓
|
✓
|
If the "options.challenge" is set and it does not match "proof.challenge", an error MUST be raised. |
✓
|
✓
|
✓
|
Verifier ⇒
⇓Test Name
|
apicatalog.com: P-256 | Digital Bazaar: P-256 | Grotto Networking: P-256 |
---|---|---|---|
MUST verify a valid VC with an ecdsa-sd-2023 proof. |
✓
|
✓
|
✓
|
MUST verify a valid VC with nested disclosed properties. |
✓
|
✓
|
✓
|
MUST verify a valid VC with disclosed properties and bnodes. |
✓
|
✓
|
✓
|
MUST verify with full array revealed properties |
❌
|
✓
|
✓
|
MUST verify with fewer array revealed properties |
❌
|
✓
|
✓
|
MUST verify w/o first element revealed properties |
✓
|
✓
|
✓
|
If the "proofValue" string does not start with "u", an error MUST be raised. |
✓
|
✓
|
✓
|
If the "cryptosuite" field is not the string "ecdsa-sd-2023", an error MUST be raised. |
✓
|
✓
|
✓
|
MUST fail to verify a base proof. |
✓
|
✓
|
✓
|
MUST fail to verify a modified disclosed credential. |
✓
|
✓
|
✓
|
Verifier ⇒
⇓Test Name
|
apicatalog.com: P-256 | Digital Bazaar: P-256 | Grotto Networking: P-256 |
---|---|---|---|
MUST verify a valid VC with an ecdsa-sd-2023 proof. |
✓
|
✓
|
✓
|
MUST verify a valid VC with nested disclosed properties. |
✓
|
✓
|
✓
|
MUST verify a valid VC with disclosed properties and bnodes. |
✓
|
✓
|
✓
|
MUST verify with full array revealed properties |
❌
|
✓
|
✓
|
MUST verify with fewer array revealed properties |
❌
|
✓
|
✓
|
MUST verify w/o first element revealed properties |
✓
|
✓
|
✓
|
If the "proofValue" string does not start with "u", an error MUST be raised. |
✓
|
✓
|
✓
|
If the "cryptosuite" field is not the string "ecdsa-sd-2023", an error MUST be raised. |
✓
|
✓
|
✓
|
MUST fail to verify a base proof. |
✓
|
✓
|
✓
|
MUST fail to verify a modified disclosed credential. |
✓
|
✓
|
✓
|
Verifier ⇒
⇓Issuer
|
apicatalog.com: P-256, P-384 | Digital Bazaar: P-256, P-384 | Grotto Networking: P-256 |
---|---|---|---|
apicatalog.com: P-256 |
✓
|
❌
|
✓
|
Digital Bazaar: P-256 |
✓
|
✓
|
✓
|
Grotto Networking: P-256 |
✓
|
✓
|
✓
|