[iOS Verifier App] Verifiable Credentials with Matching KID But False Public Key Data Are Accepted #141
Assignees
Labels
Comments
RalicaY
added
1st Prio - High
|
05.05.2022: Retest with iOS Verifier 1.3.1(34) was not successful. Actual result: "Barcode-Fehler" |
|
tvt, 10.05.2022: Priority reduced from Medium to Low, because the described failed acception of the wrong Credential is not occured anymore. Just only a not expected (consistent to Android) error messaged is now displayed. |
ltranvan
added
3rd Prio - Low
|
tvt, 10.05.2022: retested successully by Ralica with IOS-version 1.3.1.1 (42) HL and 1.3.1 (38) BF. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
We scanned verifiable clredentials with matching KID but manipulated public key data so that the signature was no more valid for the issuer with this KID. The app scanned these without any error.
Expected behaviour
The app should recognize that the credential has an invalid signature.
Technical details
Verifier App 1.3.1.1(33) Hash & iOS Verifier 1.3.1 (31) Bloom
The text was updated successfully, but these errors were encountered: