Update errorhandling for Wallets, SIOP QR Codes #33
Conversation
This reverts commit 9db765f.
May be used by implementations to store the credentials
There was a problem hiding this comment.
Looks good except for the remnants of hardcoded P-256-based algos. But that's a separate issue and should be done in a separate PR (but still before 3.4.0, becuase now we have a CryptoService that supports all curves, but other pieces of the puzzle are hardcoded to only fit P-256.
| @@ -95,6 +95,48 @@ class OidcSiopVerifier( | |||
| ) | |||
| } | |||
|
|
|||
| private val containerJwt = FormatContainerJwt(algorithms = arrayOf(JwsAlgorithm.ES256.identifier)) | |||
There was a problem hiding this comment.
Why is the algo hardcoded here?
There was a problem hiding this comment.
Fixed that in recent commits, for several usages of hardcoded algorithms in the OID4VCI/SIOP implementations.
| @@ -231,9 +235,10 @@ class OidcSiopWallet( | |||
| ) | |||
| val jwsPayload = idToken.serialize().encodeToByteArray() | |||
| val jwsHeader = JwsHeader(algorithm = JwsAlgorithm.ES256) | |||
There was a problem hiding this comment.
should we not take this opportunity to get rid of all the hardcoded stuff and at least make it a constructor property, that defaults to ES256? I'm not saying this PR should do it, but before we release 3.4.0, those hardcoded values should go.
There was a problem hiding this comment.
But in JwsHeader, the algorithm parameter is required, i.e. non-null.
There was a problem hiding this comment.
Looks good except for the remnants of hardcoded P-256-based algos. But that's a separate issue and should be done in a separate PR (but still before 3.4.0, becuase now we have a CryptoService that supports all curves, but other pieces of the puzzle are hardcoded to only fit P-256.
Implements improvements for Wallet Apps:
JwsServiceIn my opinion we should release version 3.4.0 afterwards.