no_suitable_keys: DID document for did:ion:
See original GitHub issueHello, im trying to verify the JWTCredential, i made a resolver for the did:ion that resolves a DIDdocument like this:
{
"@context":"https://w3id.org/did-resolution/v1",
"didDocument":{
"id":"did:ion:EiAbPkmihA4QYekuRDZLRJXCJmRXujIt27bzoQ7V8TIjBA",
"@context":[
"https://www.w3.org/ns/did/v1",
{
"@base":"did:ion:EiAbPkmihA4QYekuRDZLRJXCJmRXujIt27bzoQ7V8TIjBA"
}
],
"service":[
{
"id":"#gemeente",
"type":"LinkedDomain",
"serviceEndpoint":"fictievegemeente.nl"
}
],
"verificationMethod":[
{
"id":"#key-1",
"controller":"",
"type":"EcdsaSecp256k1VerificationKey2019",
"publicKeyJwk":{
"kty":"EC",
"crv":"secp256k1",
"x":"IWzoDukXeTR_YUk_0OnLKDWsMSBL4oaKZSYRhi6Bq0o",
"y":"iFt2Ct4Qcl0E8Oy_fUUkIlaqw_Wc0z4iA1Pk1-lLK8k"
}
}
],
"authentication":[
"#key-1"
]
},
"didDocumentMetadata":{
"method":{
"published":true,
"recoveryCommitment":"EiAwYZXpWB27sbYKQspL3O1SjX15Du7i-j5y17QClzHW8A",
"updateCommitment":"EiAnMhGvlhGmp0wA-LjlgRdmXNSsl_gIJalf8H8JzFgbFQ"
},
"canonicalId":"did:ion:EiAbPkmihA4QYekuRDZLRJXCJmRXujIt27bzoQ7V8TIjBA"
}
}
The code i run is:
const IonResolver = getResolver()
const didResolver = new Resolver({
...IonResolver
})
export async function generateVc(){
//this is an object wich holds the keys for the issuer
var did = DID;
var iondid = {
did: did.state.longForm,
signer: ES256KSigner(did.privateJwk.d, true),
alg: "ES256K"
}
const issuer = iondid as Issuer
const vcPayload: JwtCredentialPayload = {
sub: did.state.shortForm,
nbf: 1562950282,
vc: {
'@context': ['https://www.w3.org/2018/credentials/v1'],
type: ['VerifiableCredential'],
credentialSubject: {
degree: {
type: 'Stemgerechtigd',
name: 'Je mag stemmen'
}
}
}
}
const vcJwt = await createVerifiableCredentialJwt(vcPayload, issuer,{ header: { alg: 'ES256K' }})
const verifiedVC = await verifyCredential(vcJwt, didResolver,{ header: { alg: 'ES256K' }})
}
The Algorithms are matching, but it keeps saying that they can’t find the public key to verify the VC. But the verification method is present in the DIDDocument.
Error: no_suitable_keys: DID document for did:ion:EiAbPkmihA4QYekuRDZLRJXCJmRXujIt27bzoQ7V8TIjBA:eyJkZWx0YSI6eyJwYXRjaGVzIjpbeyJhY3Rpb24iOiJyZXBsYWNlIiwiZG9jdW1lbnQiOnsicHVibGljS2V5cyI6W3siaWQiOiJrZXktMSIsInB1YmxpY0tleUp3ayI6eyJjcnYiOiJzZWNwMjU2azEiLCJrdHkiOiJFQyIsIngiOiJJV3pvRHVrWGVUUl9ZVWtfME9uTEtEV3NNU0JMNG9hS1pTWVJoaTZCcTBvIiwieSI6ImlGdDJDdDRRY2wwRThPeV9mVVVrSWxhcXdfV2MwejRpQTFQazEtbExLOGsifSwicHVycG9zZXMiOlsiYXV0aGVudGljYXRpb24iXSwidHlwZSI6IkVjZHNhU2VjcDI1NmsxVmVyaWZpY2F0aW9uS2V5MjAxOSJ9XSwic2VydmljZXMiOlt7ImlkIjoiZ2VtZWVudGUiLCJzZXJ2aWNlRW5kcG9pbnQiOiJmaWN0aWV2ZWdlbWVlbnRlLm5sIiwidHlwZSI6IkxpbmtlZERvbWFpbiJ9XX19XSwidXBkYXRlQ29tbWl0bWVudCI6IkVpQW5NaEd2bGhHbXAwd0EtTGpsZ1JkbVhOU3NsX2dJSmFsZjhIOEp6RmdiRlEifSwic3VmZml4RGF0YSI6eyJkZWx0YUhhc2giOiJFaUJmT3RBREFEWG44b09lc0xxcHduMlpfZ2d1V2VkYy05dHp3Q2lJdWxyZEhBIiwicmVjb3ZlcnlDb21taXRtZW50IjoiRWlBd1laWHBXQjI3c2JZS1FzcEwzTzFTalgxNUR1N2ktajV5MTdRQ2x6SFc4QSJ9fQ does not have public keys for ES256K
I think I’m missing a step, can someone help me?
Issue Analytics
- State:
- Created 2 years ago
- Reactions:1
- Comments:8 (4 by maintainers)
Top GitHub Comments
The problem is fixed i made 2 mistakes:
The private key was not encoded in base64.
The resolver resolved the DIDDocument in a wrong way, so the VerifyJWT could not find the PublicKey.
Thanks for the help!
@vollit I wasn’t able to reproduce your issue. I added a test in #99 that uses a DID document with
publicKeyJwk
. Everything works out fine.While writing the test, I noticed 2 thing in your sample:
the publicKeyJwk you are using is hardcoded but the private key is not. Please ensure that your public key is derived from your
did.privateJwk.d
, since that is what you are using to sign.the Signer you are using is actually creating
ES256K-R
signatures, but you are specifyingES256K
as algorithm. This can be fixed like so: