verify
Verifies the integrity of the returned documents, according to ISO/IEC 18013-5.
The following checks are performed for each MdocDocument instance in documents:
For MdocDocument.issuerAuth the signature is checked against the leaf certificate in the associated X.509 chain.
The document type in the MSO matches the docType in the response.
The MSO is validity period includes the passed-in atTime.
The data returned in MdocDocument.issuerNamespaces is checked against digests in the MSO.
The device-authentication structures (ECDSA or MAC) are checked.
For each transaction data in the list, verifies that transaction hash is present in the response and matches the hash of the source transaction data
The following checks are performed for each OtherDocument instance in otherDocuments:
For document format
sd-jwt+kb:The SD-JWT+KB is constructed from decompressing OtherDocument.data
Verification is done with org.multipaz.sdjwt.SdJwtKb.verify using the issuer signing key from the leaf certificate in the org.multipaz.sdjwt.SdJwt.x5c, the nonce derived from the session transcript, creation-time is checked against the passed-in atTime, and audience is checked to be derived from
ReaderAuthAllorReaderAuthfor signed requests ornonefor unsigned requests.The credential's validity period includes the passed-in atTime.
The following checks are expected to be done by the application:
Determining whether the issuer's document signing certificate is trusted. An application can use org.multipaz.trustmanagement.TrustManagerInterface to do this.
Checking whether the MSO is revoked, or any of the keys involved are revoked.
Checking the integrity of any Zero-Knowledge Proofs for documents returned in zkDocuments. An application can use org.multipaz.mdoc.zkp.ZkSystem to do this.
Checking or decrypting any encrypted documents returned in encryptedDocuments. Use EncryptedDocuments.decrypt to do this.
Parameters
the session transcript to use.
the ephemeral reader key or null if not using session encryption.
optional request to which this response is given; optional if no transaction data was sent in the request
repository that contains all known transaction types; must be given if deviceRequest is given
the point in time for validating the whether returned documents are valid.
Throws
if validation fails.