Implement SdJwtVP.of(String) with enhanced error handling

This update includes validation for missing disclosures, duplicate disclosure digests, and malformed disclosure data, improving overall robustness and error handling during disclosure processing.

Closes #33020

Signed-off-by: Ogenbertrand <ogenbertrand@gmail.com>
This commit is contained in:
Ogen Bertrand 2024-10-07 15:40:54 +01:00 committed by GitHub
parent 0a1f28c5fc
commit 304da50efc
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 31 additions and 1 deletions

View file

@ -104,8 +104,16 @@ public class SdJwtVP {
int disclosureStart = sdJwtString.indexOf(SdJwt.DELIMITER);
int disclosureEnd = sdJwtString.lastIndexOf(SdJwt.DELIMITER);
if (disclosureStart == -1) {
throw new IllegalArgumentException("SD-JWT is malformed, expected to contain a '" + SdJwt.DELIMITER + "'");
}
String issuerSignedJWTString = sdJwtString.substring(0, disclosureStart);
String disclosuresString = sdJwtString.substring(disclosureStart + 1, disclosureEnd);
String disclosuresString = "";
if (disclosureEnd > disclosureStart) {
disclosuresString = sdJwtString.substring(disclosureStart + 1, disclosureEnd);
}
IssuerSignedJWT issuerSignedJWT = IssuerSignedJWT.fromJws(issuerSignedJWTString);

View file

@ -32,6 +32,8 @@ import org.keycloak.sdjwt.vp.SdJwtVP;
import java.util.Arrays;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertThrows;
import static org.junit.Assert.assertTrue;
/**
@ -196,4 +198,24 @@ public abstract class SdJwtVPTest {
.verifySignature(TestSettings.verifierContextFrom(presenteSdJwtVP.getCnfClaim(), "ES256"));
}
@Test
public void testOf_validInput() {
String sdJwtString = TestUtils.readFileAsString(getClass(), "sdjwt/s6.2-presented-sdjwtvp.txt");
SdJwtVP sdJwtVP = SdJwtVP.of(sdJwtString);
assertNotNull(sdJwtVP);
assertEquals(4, sdJwtVP.getDisclosures().size());
}
@Test
public void testOf_MalformedSdJwt_ThrowsIllegalArgumentException() {
// Given
String malformedSdJwt = "issuer-signed-jwt";
// When & Then
IllegalArgumentException exception = assertThrows(IllegalArgumentException.class, () -> SdJwtVP.of(malformedSdJwt));
assertEquals("SD-JWT is malformed, expected to contain a '~'", exception.getMessage());
}
}