Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix issues with Credential Response Encryption. #203

Merged
merged 3 commits into from
Aug 23, 2024
Merged

Fix issues with Credential Response Encryption. #203

merged 3 commits into from
Aug 23, 2024

Commits on Aug 23, 2024

  1. Fix issues with Credential Response Encryption. 

    1. RequestedResponseEncryption.Required now accepts JWK with keyUse null as well. When keyUse is null, the JWK can be used for all purposes, including encryption.
2. Properly verify during issuance that RequestedResponseEncryption is supported by the issuers configured CredentialResponseEncryption. Previously when CredentialResponseEncryption was set to Required, but the CredentialRequestTO contained no CredentialResponseEncryptionTO, the issuance would continue and an unencrypted credential would be issued, even though the issuer was configured to require encryption.
    @dzarras
    dzarras committed Aug 23, 2024
    Configuration menu
    Copy the full SHA
    903c30c View commit details
    Browse the repository at this point in the history

  2. Do not accept JWKs with keyUse null for Credential Response Encryption.

    @dzarras
    dzarras committed Aug 23, 2024
    Configuration menu
    Copy the full SHA
    974e1c0 View commit details
    Browse the repository at this point in the history

  3. Express checks using ensure instead of using try/catch/throw/raise.

    @dzarras
    dzarras committed Aug 23, 2024
    Configuration menu
    Copy the full SHA
    efc6dee View commit details
    Browse the repository at this point in the history