feat: add sdk jwt revocation verification #231
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Francisco Javier Ribó Labrador <[email protected]>
Signed-off-by: Francisco Javier Ribó Labrador <[email protected]>
Signed-off-by: Francisco Javier Ribó Labrador <[email protected]>
Signed-off-by: Francisco Javier Ribó Labrador <[email protected]>
Signed-off-by: Javier Ribó <[email protected]>
elribonazo
requested review from
amagyar-iohk,
todorkoleviohk and
curtis-h
as code owners
Signed-off-by: Francisco Javier Ribó Labrador <[email protected]>
Signed-off-by: Francisco Javier Ribó Labrador <[email protected]>
Signed-off-by: Francisco Javier Ribó Labrador <[email protected]>
Signed-off-by: Francisco Javier Ribó Labrador <[email protected]>
Signed-off-by: Francisco Javier Ribó Labrador <[email protected]>
…e medium severity issues (crypto-js and replication firebase plugin) Signed-off-by: Francisco Javier Ribó Labrador <[email protected]>
JUnit
|
fix: backup not waiting for the keys to be restored during the recovery
curtis-h
approved these changes
Jun 17, 2024
elribonazo
added a commit
that referenced
this pull request
Jul 19, 2024
Signed-off-by: Javier Ribó <[email protected]>
yshyn-iohk
pushed a commit
that referenced
this pull request
Jul 20, 2024
# [6.0.0](v5.0.0...v6.0.0) (2024-07-20) ### Bug Fixes * Rename the documentation file accordingly. ([#204](#204)) ([90c1f54](90c1f54)) * add compliant dates not in ms, but in seconds. ([#206](#206)) ([76f4f48](76f4f48)) * add e2e tests for jwt revocation, sdk verification for jwt and anoncreds ([#244](#244)) ([5c2519b](5c2519b)) * add missing files in package to clean rxdb vulnerabilities to fix e2e ([#233](#233)) ([8b4c9e8](8b4c9e8)) * Agent.createNewPrismDID to use derivationPath ([#158](#158)) ([06bc2cc](06bc2cc)) * attachment descriptor parameters ([#240](#240)) ([2391f01](2391f01)) * attachment encoding fallback base64 + base64url by default ([#239](#239)) ([78cd8f7](78cd8f7)) * build node wasm not bundled up ([#226](#226)) ([48e78e3](48e78e3)) * **Castor:** createPrismDID and resolveDID key id conflicts ([#243](#243)) ([5024818](5024818)) * Compatibility issues with osx and unix platforms around the sed ([#217](#217)) ([8287eed](8287eed)) * ConnectionManager emit Messages ([#190](#190)) ([776e55a](776e55a)) * create custom class to verify bitstring position more precisely. ([#234](#234)) ([255184b](255184b)) * db cannot be created twice with the same name which crashes demos ([#193](#193)) ([27f771c](27f771c)) * deprecate browser demos ([#221](#221)) ([a6f9bdb](a6f9bdb)) * e2e issues fix ([#236](#236)) ([12019b9](12019b9)) * e2e issues with latest websocket changes ([#200](#200)) ([969fc06](969fc06)) * escape the `<->` sequence to fix the build error in the identus-… ([#248](#248)) ([15cf694](15cf694)) * generate docs after releasing as we cannot access a package that… ([#255](#255)) ([70efa8b](70efa8b)) * issue with build script not replacing some files that have been … ([#191](#191)) ([c26f014](c26f014)) * jwe rust library for backup encryption not including the node wa… ([#237](#237)) ([b1177a6](b1177a6)) * Message properties body, createdTime, expiresTimePlus ([#232](#232)) ([cf7db9f](cf7db9f)) * moving to hyperledger namespace ([#245](#245)) ([2139a78](2139a78)) * optin to websockets for the mediator live mode as an experiment,… ([#199](#199)) ([950bc76](950bc76)) * prevent broken links to exist in order for docs site to build pr… ([#205](#205)) ([f33f029](f33f029)) * releasing to HL ([#253](#253)) ([ed0fdf3](ed0fdf3)) * remove typo in release pipeline ([#254](#254)) ([34597e1](34597e1)) * Removing the if condition in CI pipeline for release branches ([#179](#179)) ([a8c4ebc](a8c4ebc)) * rename prism-agent into edge-agent ([#203](#203)) ([2a1fa1e](2a1fa1e)) * rename references ([#218](#218)) ([7d79d6f](7d79d6f)) * type references are lost in the package. ([#202](#202)) ([86ea42e](86ea42e)) * update event callback argument type ([#216](#216)) ([ec92fcb](ec92fcb)) * updating references to Identus ([#197](#197)) ([8fcb792](8fcb792)) * using rust dependency for jwe ([#235](#235)) ([0a35296](0a35296)) * wasm build folder change ([#186](#186)) ([11ad81f](11ad81f)) ### Features * add sdk jwt revocation verification ([#231](#231)) ([115c2c6](115c2c6)) * Backup and Restore ([#215](#215)) ([bf15325](bf15325)) * Implement sd+jwt for issuance and verification flows with cloud agent ([#228](#228)) ([a8c0b21](a8c0b21)) * Implementing JWT Credential revocation notification ([#184](#184)) ([9aa8b8b](9aa8b8b)) * implementing SDK Verification Phase2 Anoncreds ([#219](#219)) ([e80549c](e80549c)) * updating Anoncreds to io fork ([#157](#157)) ([8987de2](8987de2)) ### BREAKING CHANGES * Pollux instance now requires to have Apollo first constructor parameter (used internally) Deprecated internal function processJWTCredential, processAnoncredsCredential and extractCredentialFormatFromMessage. Internally, in order to process any type of credential offer just call pollux.processCredentialOffer instead. In order to extract the credentialFormat from a DIDComm message if available, use message.credentialFormat (will return known CredentialType or unknown) In order to extract the payload of whatever DIDComm message, use message.payload which will decode it into the right object instance JWT class now needs apollo and castor in constructor as they now instantiate from JWTCore (used internally) Derivable Private key is not deriving using the derivationPath as a string not the DerivationPath class (used internally)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description:
Implementing JWT Revocation proof verification, the edge agent.
RXDB is using crypto-js and firebase with 2 medium severity vulnerabilities.
All is programmatically done through preinstall and postinstall hooks in npm, please check that out.
I've started upgrading the RXDB storages to the latest version of rxdb but still in future version patching will be required for the firebase dependency. Will work as a side work on upgrading the sdk to the latest version just for better performance.
Checklist: