EUDIPLO's presentation encryption algorithm is not supported#951
Merged
Conversation
Magnus-Kuhn
changed the title
Magnus-Kuhn
added
bug
tnotheis
force-pushed
the
update-eudiplo
branch
from
a38c2af to
80f8c7e
Compare
tnotheis
previously approved these changes
Feb 17, 2026
…o update-eudiplo
tnotheis
requested changes
Feb 18, 2026
tnotheis
previously approved these changes
Feb 19, 2026
tnotheis
approved these changes
Feb 19, 2026
erbenjak
added a commit
that referenced
this pull request
May 28, 2026
* feat: add openid4vc controller * feat: add openid4vc facade * feat: add ReolveCredentialOffer UseCase * feat: add dummy resolve credential offer datatype * chore: rename facade * chore: install credo library * feat: add first simple test * feat: first working version * feat: add attribute value type VerifiableCredential * WIP * feat: finish openid4vc controller * chore: activate skip lib check * chore: correct dependencies * feat: add mocks for some credo functionalities * feat: make test fetch offer url on its own * feat: change holder to work without node spcific code * fix: facade return type * fix: return value * chore: update schemas * fix: remove reference to global * WIP * chore: add noble cyphers * chore: rename storage * feature: allow presentation using the runtime * chore remove peackock styling * chore: credo version bump + automatic patch * chore: cleanup + renaming * chore: additional cleanup please adapt holder and baseAgent to credo version bump * feat: remove hard coded information from * fix: comments * chore: update npm version * chore: remove credoId from verifiable credentialId * fix: make libsodium-wrappers a dependency * fix: complete previous commit * chore: make tarballs * feature: overhaul to storring credentials in the repository * fix: unused comment * chore: patch case sensitive compare * chore: add audit exclude * fix: export VerifiableCredential * fix: type some functions * chore: audit fix * Update formatting and naming (#835) * chore: update formatting * chore: rename storrage to storage * refactor: properly query OwnIdentityAttributes * chore: rm some console logs * Resolve credential offer is throwing an error (#836) * fix. update controller * fix: update usecases * fix: get rid of more anys * fix: properly parse message * Remove zipped libraries (#838) * chore: remove consumption * chore: remove content * chore: remove runtime * Run OID4VC tests on testcontainers instead of publicly available oid4vc-service instance (#832) Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> Co-authored-by: Julian König <julian.koenig@js-soft.com> * Cleanup package jsons (#840) * chore: undo changing to only test openid4vc tests locally * chore: remove added https package * chore: move @types declaration to package * chore: sort pjsons --------- Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> * Update naming and parameters of authorization requests (#848) * refactor: update runtime types * refactor: update consumption * refactor: update runtime * test: add tests for new behavior * refactor: change almost anything * Web bundle is not possible anymore (#849) * fix: remove default dependency in Transport.ts * fix: do not use undici in consumption * chore: undo change * fix: remove export * fix: add node logger * Add EUDIPLO tests (#831) Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> Co-authored-by: mkuhn <magnus.kuhn@js-soft.com> Co-authored-by: Julian König <33655937+jkoenig134@users.noreply.github.com> Co-authored-by: Magnus Kuhn <127854942+Magnus-Kuhn@users.noreply.github.com> * Get rid of the fakeKeyStorage and implement it the enmeshed way (#853) * feat: add keyStorage * feat: use keyStorage * fix: satisfy eslint * chore: rename keymanagement * fix: mongodb * chore: rename * libsodium-wrappers increases the bundle size (#854) * fix: do not use libsodium-wrappers * fix: do not use libsodium-wrappers * Authorization request contains non-json payload causing crashes in the app (#857) * fix: toJson * fix: use stringifySafe * Upgrade dcql (#858) * chore: update dcql * chore: remove patch * Only extract used credentials when one request is satisfied (#859) * refactor: move extracting the used credentials to a helper method * chore: rename helper method * chore: update lockfile * Improve namings in the oid4vc use cases (#861) * refactor: change the use case and related namings * refactor: remove combination use case, rename response * chore: build schemas * refactor: use more responses * fix: complete response usage * fix: don't use credo type in runtime * More precise OpenID4VC interfaces (#863) * refactor: more precise interfaces * feat: credential format validation * fix: undo string cast * Remove unused oid4vc coding (#864) * refactor: remove unused code * feat: throw when unimplemented methods are used --------- Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> * Audit fix (#865) * The ResolveCredentialOffer UseCase is returning non json payloads (#866) * chore: remove duplicate dependency declaration * fix: return proper json from ResolveCredentialOffer * Remove obsolete VerifiableCredentialDTO (#867) * chore: remove dto * chore: remove export * Bump credo (#868) * chore: bump credo * fix: store legacy key id * fix: re-add encoded credential * test: remove only * refactor: remove comment * fix: only re-add for PEX * Audit fix (#871) * chore: audit fix * chore: formatting * chore: formatting * Bump credo (#874) * chore: bump credo * test: make jest work * test: slimmer jest config * test: apply the fixes in other package.jsons too * ci: remove audit exclude * Reuse holder (#878) * chore: move skipLibCheck comment * refactor: reuse holder in OpenId4VcController * refactor: move keyStorage init * Key cannot be loaded (#879) * Separate RequestCredentials from StoreCredentials (#875) * feat: separate requestCredentials from acceptCredentials * chore: build schemas * test: use new functions * chore: audit fix * chore: jsonparse stringifySafe REquestCredentialsResponse * refactor: rename storeCredentials * chore: save change in index file * chore: run build * fix: it works for now --------- Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> Co-authored-by: Julian König <julian.koenig@js-soft.com> * Receive mdocs via OpenID4VCI (#884) * test: add mdoc test * fix: be more lenient * test: restructure tests * chore: update images * fix: cleanup merge * refactor: naming usedCredentials -> matchingCredentials * Transfer credential offers over requests (#885) * fix: remove hacky key solution * feat: add ShareCredentialOfferRequestItem * feat: add empty ShareCredentialOfferRequestItemProcessor * feat: add event * refactor: move code to OpenId4VciCredentialResponseJSON * feat: implement processor * feat: add ShareCredentialOfferRequestItemDVO * test: add test * fix: build schemas * chore: remove comments * fix: add request item to check * refactor: naming * fix: use nameof * refactor: types * chore: use property directly * fix: add error cause to ValidationResult error message * chore: naming * fix: event namespace + wording * fix: use typed property * fix: stuff * chore: one-liner * Bump credo to 0.6.0 (#888) * chore: bump credo * ci: bump oid4vc service image --------- Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> * Remove old display fetching workaround (#889) * chore: remove hacky display fetching method * chore: formatting * Error when synchronizing the datawallet modification for a RequestedCredentialCacheEntry (#893) Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> * Process openid urls over the string processor (#902) * chore: WIP * feat: add retry * chore: add log * feat: implement processOpenID4VPURL * fix: renamings * fix: remove duplicated code * chore: add another error code * fix: update fake ui bridge * chore: implement MockUIBridge * fix: proper error * chore: timos hidden PR comments * Update packages/app-runtime/test/lib/MockUIBridge.matchers.ts Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Update packages/app-runtime/test/lib/MockUIBridge.matchers.ts Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * chore: remove test * refactor: move error --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * An error is shown when cancelling requesting a credential (#906) * chore: add check * fix: only show error on check * chore: trigger ci * Add support for openid4vci external auth flow (#892) * feat: add pin secured VC test * working version * feat: add pin secured VC test * working version * fix: bad merge * fix: simplify token passing * fix: remov unnecessary linting directive * refactor: some initial code clean up * fx: remove accidental change * chore: readd missing test * fix: use correct version * chore: update schemas * fix: transfer token in a proper manner and only allow token or pin * feat: add pin secured VC test * working version * fix: bad merge * feat: add pin secured VC test * working version * fix: simplify token passing * refactor: some initial code clean up * fx: remove accidental change * chore: readd missing test * fix: use correct version * chore: update schemas * fix: transfer token in a proper manner and only allow token or pin * chore: update the lockfile * chore: undo changes * feat: call external authentication through UI bridge * feat: improve OAuth errors * feat: dont show error when auth is cancelled * fix:remove duplicate test * test if auth servers are empty * refactor: inline unecessary type object * refactor: inline unecessary type object * refactor: fix datatype for good * chore: improve ui bridge function naming * fix: simplify logic * fix: improve type safety * chore: remove unecessary comments and variables * chore: remove unecessary comments and variables --------- Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> Co-authored-by: Julian König <julian.koenig@js-soft.com> * Remove auto-selector for presentation (#910) * feat: add dcql * feat: remove auto-selector * fix: correct input descriptor * test: adapt tests * fix: typo * test: correct runtime services no, credential count * test: skip some tests * test: prettier tests * chore: fix vulnerability * test: update service image * refactor: method name * refactor: method name/extraction * chore: cleaner qs dependency handling * refactor: review comments * ci: exclude elliptic vulnerability --------- Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> * Send OID4VP authorization requests in Requests (#898) * feat: add dcql * feat: remove auto-selector * fix: correct input descriptor * test: adapt tests * fix: typo * test: correct runtime services no, credential count * test: skip some tests * test: prettier tests * chore: fix vulnerability * test: update service image * feat: presentation request requests * feat: remove event * refactor: split folder * fix: make expander work * feat: improve no match error msg * feat: adapt to new plan * refactor: prettier test * test: adapt test * chore: build schemas * chore: remove package override * test: correct services no * Create Tokens with credential presentations (#886) * feat: add default presentations * chore: build schemas * feat: allow key binding * test: check presentation * test: change test order * test: adapt tests after merge * test: set attribute id * feat: validate existence of configuration * refactor: use case import * refactor: linter * refactor: rename property to include ...config * chore: build schemas * feat: updated usage with token * fix: address circular dependency * test: update service image * chore: build schemas * chore: cleaner qs dependency handling * test: missing mdoc encryption * refactor: rename default presentation * refactor: separate VP type * fix: proper type implementation * refactor: split presentation and credential --------- Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> * Bump credo to 0.6.1 (#920) * Improve ShareAuthorizationRequestRequestItem (#921) * refactor: narrower dvo typing * feat: accept with attribute id * test: adapt the test * feat: update item processor * test: correct response item * feat: catch resolution in can accept * test: add non-matching test * Rename `createPresentationTokenContent` (#936) * refactor: use consistent naming * chore: audit fix * refactor: rename createPresentationTokenContent * chore: npm i with new node version * EUDIPLO's presentation encryption algorithm is not supported (#951) * test: update eudiplo * test: try another tenant * fix: allow AES128GCM * test: fix eudiplo tests * test: check reading of enmeshed data * test: make tests work * test: add eudiplo pin test * test: check display information * test: update eudiplo assets and test to eudiplo * test: update compose openid4vc * chore: disable lint * chore: update dependencies * chore: updates in compose * chore: fix eudiplo config property names * chore: fix eudiplo base url * chore: log error in ShareAuthorizationRequestRequestItemProcessor.accept * chore: remove obsolete configs * chore: remove mongodb dep * refactor: rename to oid4vc service config * chore: remove unnecessary port mapping * test: remove eudiploContainer * chore: add docker compose dependencies to oid4vc-service * chore: move environment variables to compose file * test: remove unnecessary test service * fix: correct healthcheck * test: correctly set env vars * chore: upgrade oid4vc-service to 3.0.1 * test: make connector auto accept pending relationships * fix: switch to localhost in tests * refactor: add comment * test: disable eslint * fix: don't change every test behavior * chore: update dependencies * chore: clean npm install * refactor: satisfy linter * ci: exclude ajv vulnerability * chore: remove tar override * ci: ignore minimatch vulnerability * chore: clean install again * ci: readd vulnerability exclude lost in merge --------- Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> Co-authored-by: Timo Notheisen <timo.notheisen@js-soft.com> * Credential offer can be resolved multiple times simultaneously (#966) * fix: introduce cache to ensure that each credential is only fetched once * chore: improve error handeling * ci: ignore vulnerabilities * chore: update dependency * chore: npm audit fix --------- Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> * package-lock.json is incorrect (#968) * Incorrect auth server is used for credential offers (#974) * Process token with VerifiablePresentation content over the app string processor (#984) * chore: process token with verifiable presentation content * chore: run prettier * chore: add isTechnicallyValid param * chore: run audit fix * chore: pr comments * The `type` and `displayInformation` is neglected creating a VerifiablePresentation (#992) * chore: npm audit fix * test: displayInformation is transferred in PresentationToken * fix: explicitly hand over type and displayInformation when creating VerifiablePresentation * Specify `expiresAt` and `ephemeral` when creating a PresentationToken (#994) * feat: expose expiresAt and ephemeral when creating a presentation token * refactor: specify type of input string * chore: rebuild schemas * Change VerifiablePresentation to TokenContentVerifiablePresentation (#993) * refactor: make VerifiablePresentation to TokenContentVerifiablePresentation * test: adjust expected type of token content * test: app-runtime test * chore: re-add TokenContentVerifiablePresentation * chore: type * refactor: add ProprietaryAttributeValue to barrel file * Use `AttributeIdString` as type for `attributeId` in requests (#995) * Use Token ID as `nonce` for PresentationToken (#1003) * feat: use token id as nonce * feat: use ephemeral for empty token * fix: use string * chore: npm audit fix * chore: exclude vulnerabilities --------- Co-authored-by: Timo Notheisen <timo.notheien@js-soft.com> * Set EUDIPLO up with config files (#1002) Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> * fix: remove passwordProtection when updating token content for presentation token * Verify presentation tokens (#1005) * feat: verify presentation token * fix: allow empty tokens without password * test: adapt app string processor test * test: remove happy path isolation test * refactor: adapt to optional password protection of empty token * refactor: export verify use case * test: cleaner file copying into container * feat: improve unsupported VC type error message * test: add negative tests * refactor: don't return classes in UseCases * test: re-add test skip * chore: build schemas * test: null checks * test: split presentation token test * test: move startEudiplo into .dev * test: fix the split * test: remove now obsolete startEudiplo function * fix: remove password protection from sendEmptyTokenParameters * fix: undo credential lifetime increase * test: make tests independent of each other * test: improve startOid4VcComposeStack helper method * chore: npm audit fix * chore: ignore vulnerability * test: rename eudiplo tenant * test: namings in app string processor test * feat: simplify use case interface * test: set correct NMSHD_TEST_BASEURL in oid4vc compose stack * fix: remove stack from error message * test: adapt runtime tests * test: re-add invalid nonce test * test: use new helper functions more --------- Co-authored-by: Timo Notheisen <timo.notheisen@js-soft.com> * Initialize `supportsCursorPagination` in EnmeshedStorageService (#1032) * fix: initialize supportsCursorPagination in EnmeshedStorageService * chore: fix linting error * feat: remove credential types currently not supported by the frosch wallet * chore: update eudiplo config to match version 4 * fix: adopt tests to no longer require deprecated openid4vc service * fix: adopt tests to sessionId seperation introduced by eudiplo 4.1.0 * chore: update eudiplo to 4.1.0 * chore: remove outdated compose file * fix: missing support for all credential formats * fix: test specific code in ShareCredentialOfferRequestItemProcessor * fix: make skipLibCheck package specific * fix: openid4vc command location is wrong * fix: improve return for null functions * fix: typo * chore: fix typo in KeyManagementService * chore: improve validations * fix: linting * fix: update eudiplo where necessary * fix: formatting * fix: bad exclude list * chore: pin azurite version * fix: bad credentials AppStringProcessorTests * chore: clean up and formatting * chore: improve error message * fix: remove unsupported Pex presentations * chore: restructure code for better readability Co-authored-by: Copilot <copilot@github.com> * fix: handle edge cases in credential querying * fix: some linting errors * fix: one last linting error * fix: unify spelling of "Id" * fix: spelling error * chore: improve comment style * chore: remove unnecessary comment * chore: remove "offer" from presentation-function name to improve clarity * fix: extract method * fix: linting error * chore: remove unused error * chore: improve messages * chore: remove unneeded audit exclussion * chore: remove unneeded function * fix: set keyholder identifier * fix: package lock * fix: security vulnerabilities * fix: comment * fix: package lock * fix: remove uneeded casts --------- Co-authored-by: Timo Notheisen <timo.notheisen@js-soft.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> Co-authored-by: Julian König <33655937+jkoenig134@users.noreply.github.com> Co-authored-by: Julian König <julian.koenig@js-soft.com> Co-authored-by: mkuhn <magnus.kuhn@js-soft.com> Co-authored-by: Timo Notheisen <65653426+tnotheis@users.noreply.github.com> Co-authored-by: Magnus Kuhn <127854942+Magnus-Kuhn@users.noreply.github.com> Co-authored-by: Milena Czierlinski <milena.czierlinski@js-soft.com> Co-authored-by: Milena Czierlinski <146972016+Milena-Czierlinski@users.noreply.github.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: Nicole E <139773901+nicole-eb@users.noreply.github.com> Co-authored-by: Timo Notheisen <timo.notheien@js-soft.com> Co-authored-by: Copilot <copilot@github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Readiness checklist
Description
Also updates the service version to 3.0.0 where credo is removed, thereby also removing all the credo tests.