diff --git a/apps/easypid/src/app/(app)/_layout.tsx b/apps/easypid/src/app/(app)/_layout.tsx index 4980d4cd..d5084138 100644 --- a/apps/easypid/src/app/(app)/_layout.tsx +++ b/apps/easypid/src/app/(app)/_layout.tsx @@ -32,17 +32,19 @@ export default function AppLayout() { // It could be that the onboarding is cut of mid-process, and e.g. the user closes the app // if this is the case we will redo the onboarding const [hasFinishedOnboarding] = useHasFinishedOnboarding() - const [resetWalletState, setResetWalletState] = useState<'resetting' | 'reset'>() + const [hasResetWallet, setHasResetWallet] = useState(false) const shouldResetWallet = secureUnlock.state !== 'not-configured' && secureUnlock.state !== 'initializing' && !hasFinishedOnboarding const isWalletLocked = secureUnlock.state === 'locked' || secureUnlock.state === 'acquired-wallet-key' useEffect(() => { - if (resetWalletState || !shouldResetWallet) return + // Reset state + if (hasResetWallet && !shouldResetWallet) setHasResetWallet(false) + if (!shouldResetWallet || hasResetWallet) return - setResetWalletState('resetting') - resetWallet(secureUnlock).then(() => setResetWalletState('reset')) - }, [secureUnlock, resetWalletState, shouldResetWallet]) + setHasResetWallet(true) + resetWallet(secureUnlock) + }, [secureUnlock, hasResetWallet, shouldResetWallet]) // If we are intializing and the wallet was opened using a deeplinkg we will be redirected // to the authentication screen. We first save the redirection url and use that when navigation @@ -66,7 +68,7 @@ export default function AppLayout() { } // This should show the splash screen - if (secureUnlock.state === 'initializing' || (shouldResetWallet && resetWalletState !== 'reset')) { + if (secureUnlock.state === 'initializing' || shouldResetWallet) { return null } diff --git a/apps/easypid/src/app/+native-intent.tsx b/apps/easypid/src/app/+native-intent.tsx index a526b4fd..82366ec1 100644 --- a/apps/easypid/src/app/+native-intent.tsx +++ b/apps/easypid/src/app/+native-intent.tsx @@ -1,8 +1,8 @@ import { parseInvitationUrl } from '@package/agent' import { deeplinkSchemes } from '@package/app' import * as Haptics from 'expo-haptics' -import { Platform } from 'react-native' import { router } from 'expo-router' +import { Platform } from 'react-native' export async function redirectSystemPath({ path, initial }: { path: string; initial: boolean }) { const isRecognizedDeeplink = deeplinkSchemes.some((scheme) => path.startsWith(scheme)) diff --git a/apps/easypid/src/constants.ts b/apps/easypid/src/constants.ts index 38fd84e7..b86b4810 100644 --- a/apps/easypid/src/constants.ts +++ b/apps/easypid/src/constants.ts @@ -17,12 +17,16 @@ const animoFunkeRelyingPartyCertificate = const ubiqueRootCertificate = 'MIIBZjCCAQygAwIBAgIGAZGJt173MAoGCCqGSM49BAMCMB8xHTAbBgNVBAMMFGh0dHBzOi8vYXV0aG9yaXR5LmNoMB4XDTI0MDgyNTEzMjYyMVoXDTI1MDgyNTEzMjYyMVowHzEdMBsGA1UEAwwUaHR0cHM6Ly9hdXRob3JpdHkuY2gwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAScIjAmHrkp3TC6bisgaqmszbKkpY0iGTdHF2rcRemJCV+ikotDt7G+ApwG0m6fxt8aBJHeJ2mssLvZBmZj5LtWozQwMjAfBgNVHREEGDAWghRodHRwczovL2F1dGhvcml0eS5jaDAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMCA0gAMEUCIQCpQsxyQx/5knqhGnDCiAo6MpQmTCd7vA9WehF4/1P8/QIgEnAtFVTP1uThuTEna1RD4Ji35+z1h8pDoMyLPd3Uaig=' +const ubiqueIssuer = + 'MIICsTCCAlegAwIBAgIUeN7cTJgPmbK39asN8Wf3VLOSCTAwCgYIKoZIzj0EAwIwgcYxCzAJBgNVBAYTAkRFMR0wGwYDVQQIDBRHZW1laW5kZSBNdXN0ZXJzdGFkdDEUMBIGA1UEBwwLTXVzdGVyc3RhZHQxHTAbBgNVBAoMFEdlbWVpbmRlIE11c3RlcnN0YWR0MQswCQYDVQQLDAJJVDEpMCcGA1UEAwwgaXNzdWFuY2UuZ2VtZWluZGUtbXVzdGVyc3RhZHQuZGUxKzApBgkqhkiG9w0BCQEWHHRlc3RAZ2VtZWluZGUtbXVzdGVyc3RhZHQuZGUwHhcNMjQxMTE1MDgzNzA4WhcNMzQxMTEzMDgzNzA4WjCBxjELMAkGA1UEBhMCREUxHTAbBgNVBAgMFEdlbWVpbmRlIE11c3RlcnN0YWR0MRQwEgYDVQQHDAtNdXN0ZXJzdGFkdDEdMBsGA1UECgwUR2VtZWluZGUgTXVzdGVyc3RhZHQxCzAJBgNVBAsMAklUMSkwJwYDVQQDDCBpc3N1YW5jZS5nZW1laW5kZS1tdXN0ZXJzdGFkdC5kZTErMCkGCSqGSIb3DQEJARYcdGVzdEBnZW1laW5kZS1tdXN0ZXJzdGFkdC5kZTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDYXt8M+5E1ADj5N2Rv/zIwBlvkTlt3gsscrKP4owg6km9Ejv5bHqDWY+nQi29ezNH2tkhGrKe0ZsmeH9ZqUsI+jITAfMB0GA1UdDgQWBBRSW2AGYj1dJ5Nz84/XojDDjH00XzAKBggqhkjOPQQDAgNIADBFAiBJ7ohG3x9iBlbTeSLnJGTFdwfw10mM9sd1J/TpoijcfAIhALgJgE/w3/J7jJMvZq+EiUT8DkhKTTUNhN74uA+bL4v6' + export const trustedX509Certificates = [ + ubiqueIssuer, bdrPidIssuerCertificate, animoFunkeRelyingPartyCertificate, ubiqueRootCertificate, oldAnimoFunkeRelyingPartyCertificate, - 'MIIBKDCBzqADAgECAhAyWHL4SEss2wMO1QQybg/fMAoGCCqGSM49BAMCMA0xCzAJBgNVBAYTAk5MMB4XDTcwMDEwMTAwMDAwMFoXDTI1MTEyMjA4MjIxMlowDTELMAkGA1UEBhMCTkwwOTATBgcqhkjOPQIBBggqhkjOPQMBBwMiAALcD1XzKepFxWMAOqV+ln1fybBt7DRO5CV0f9A6mRp2xaMwMC4wLAYDVR0RBCUwI4IhMDRkNy0yMTctMTIzLTE4LTI2Lm5ncm9rLWZyZWUuYXBwMAoGCCqGSM49BAMCA0kAMEYCIQDWjkAm/iLhGWcgKILW48f43vEUByvJd2R4lxdTdK9w+wIhALcZIgrH2h9SoXHjuI9ktOMbfVHxt59iq+lOKsC4yOUQ', + 'MIIBJzCBz6ADAgECAhA0WLLsSm0Hf5R2/q7neHUKMAoGCCqGSM49BAMCMA0xCzAJBgNVBAYTAk5MMB4XDTcwMDEwMTAwMDAwMFoXDTI1MTEyMjA4MjIxMlowDTELMAkGA1UEBhMCTkwwOTATBgcqhkjOPQIBBggqhkjOPQMBBwMiAALcD1XzKepFxWMAOqV+ln1fybBt7DRO5CV0f9A6mRp2xaMxMC8wLQYDVR0RBCYwJIIiNGFjNS0xMDktMzctMTUwLTE5OC5uZ3Jvay1mcmVlLmFwcDAKBggqhkjOPQQDAgNHADBEAiAEqDL6WHBelM4YW3L0k2criU+Za/FlDEuAJKuY+LiY/AIgR0qGuW9qu4wUo/kcJ75mv+jAwV25ABmYAnbUX/7u5lI=', ] // https://gitlab.opencode.de/bmi/eudi-wallet/eidas-2.0-architekturkonzept/-/blob/main/architecture-proposal.md#pid-contents diff --git a/apps/easypid/src/features/receive/FunkeCredentialNotificationScreen.tsx b/apps/easypid/src/features/receive/FunkeCredentialNotificationScreen.tsx index a41d0cb8..589ceb32 100644 --- a/apps/easypid/src/features/receive/FunkeCredentialNotificationScreen.tsx +++ b/apps/easypid/src/features/receive/FunkeCredentialNotificationScreen.tsx @@ -74,11 +74,14 @@ export function FunkeCredentialNotificationScreen() { // TODO: where to transform? // Combine oid4vci issuer metadata and openid fed into one pipeline. If openid it's trusted const issuerMetadata = resolvedCredentialOffer?.metadata.credentialIssuer - const configuration = - resolvedCredentialOffer?.offeredCredentialConfigurations[ - // TODO: handle empty configuration ids - resolvedCredentialOffer.credentialOfferPayload.credential_configuration_ids[0] - ] + // We want the first supported configuration id + // TODO: handle empty configuration ids + const configurationId = resolvedCredentialOffer?.offeredCredentialConfigurations + ? Object.keys(resolvedCredentialOffer.offeredCredentialConfigurations)[0] + : undefined + const configuration = configurationId + ? resolvedCredentialOffer?.offeredCredentialConfigurations[configurationId] + : undefined const credentialDisplay = getCredentialDisplayWithDefaults( configuration && issuerMetadata @@ -122,11 +125,13 @@ export function FunkeCredentialNotificationScreen() { async ( resolvedCredentialOffer: OpenId4VciResolvedCredentialOffer, tokenResponse: OpenId4VciRequestTokenResponse, + configurationId: string, resolvedAuthorizationRequest?: OpenId4VciResolvedAuthorizationRequest ) => { const credentialResponses = await receiveCredentialFromOpenId4VciOffer({ agent, resolvedCredentialOffer, + credentialConfigurationIdsToRequest: [configurationId], accessToken: tokenResponse, clientId: resolvedAuthorizationRequest ? authorization.clientId : undefined, }) @@ -164,7 +169,7 @@ export function FunkeCredentialNotificationScreen() { const acquireCredentialsAuth = useCallback( async (authorizationCode: string) => { - if (!resolvedCredentialOffer || !resolvedAuthorizationRequest) { + if (!resolvedCredentialOffer || !resolvedAuthorizationRequest || !configurationId) { setErrorReason('Credential information could not be extracted') return } @@ -179,7 +184,7 @@ export function FunkeCredentialNotificationScreen() { 'codeVerifier' in resolvedAuthorizationRequest ? resolvedAuthorizationRequest.codeVerifier : undefined, }) - await retrieveCredentials(resolvedCredentialOffer, tokenResponse, resolvedAuthorizationRequest) + await retrieveCredentials(resolvedCredentialOffer, tokenResponse, configurationId, resolvedAuthorizationRequest) } catch (error) { agent.config.logger.error(`Couldn't receive credential from OpenID4VCI offer`, { error, @@ -187,12 +192,12 @@ export function FunkeCredentialNotificationScreen() { setErrorReason('Error while retrieving credentials') } }, - [resolvedCredentialOffer, resolvedAuthorizationRequest, retrieveCredentials, agent] + [resolvedCredentialOffer, resolvedAuthorizationRequest, retrieveCredentials, agent, configurationId] ) const acquireCredentialsPreAuth = useCallback( async (txCode?: string) => { - if (!resolvedCredentialOffer) { + if (!resolvedCredentialOffer || !configurationId) { setErrorReason('Credential information could not be extracted') return } @@ -203,7 +208,7 @@ export function FunkeCredentialNotificationScreen() { resolvedCredentialOffer, txCode, }) - await retrieveCredentials(resolvedCredentialOffer, tokenResponse) + await retrieveCredentials(resolvedCredentialOffer, tokenResponse, configurationId) } catch (error) { agent.config.logger.error(`Couldn't receive credential from OpenID4VCI offer`, { error, @@ -211,7 +216,7 @@ export function FunkeCredentialNotificationScreen() { setErrorReason('Error while retrieving credentials') } }, - [resolvedCredentialOffer, agent, retrieveCredentials] + [resolvedCredentialOffer, agent, retrieveCredentials, configurationId] ) const parsePresentationRequestUrl = useCallback( @@ -219,7 +224,6 @@ export function FunkeCredentialNotificationScreen() { getCredentialsForProofRequest({ agent, uri: oid4vpRequestUrl, - allowUntrustedCertificates: true, }) .then(setCredentialsForRequest) .catch((error) => { @@ -276,7 +280,6 @@ export function FunkeCredentialNotificationScreen() { agent, resolvedRequest: credentialsForRequest, selectedCredentials: {}, - allowUntrustedCertificate: true, }) const { authorizationCode } = await acquireAuthorizationCodeUsingPresentation({ diff --git a/apps/easypid/src/features/share/FunkeOpenIdPresentationNotificationScreen.tsx b/apps/easypid/src/features/share/FunkeOpenIdPresentationNotificationScreen.tsx index b9c74100..bd1c55b0 100644 --- a/apps/easypid/src/features/share/FunkeOpenIdPresentationNotificationScreen.tsx +++ b/apps/easypid/src/features/share/FunkeOpenIdPresentationNotificationScreen.tsx @@ -47,7 +47,6 @@ export function FunkeOpenIdPresentationNotificationScreen() { agent, data: params.data, uri: params.uri, - allowUntrustedCertificates: true, }) .then(setCredentialsForRequest) .catch((error) => { @@ -93,7 +92,6 @@ export function FunkeOpenIdPresentationNotificationScreen() { agent, resolvedRequest: credentialsForRequest, selectedCredentials: {}, - allowUntrustedCertificate: true, }) await addSharedActivityForCredentialsForRequest(agent, credentialsForRequest, 'success') diff --git a/apps/easypid/src/utils/resetWallet.ts b/apps/easypid/src/utils/resetWallet.ts index 157730c5..12c0f54e 100644 --- a/apps/easypid/src/utils/resetWallet.ts +++ b/apps/easypid/src/utils/resetWallet.ts @@ -12,6 +12,7 @@ import { import { removeShouldUseCloudHsm } from '../features/onboarding/useShouldUseCloudHsm' export async function resetWallet(secureUnlock: SecureUnlockReturn) { + console.log('Resetting wallet') if (secureUnlock.state === 'unlocked') { const agent = secureUnlock.context.agent secureUnlock.lock() diff --git a/package.json b/package.json index c90c0070..b135f22d 100644 --- a/package.json +++ b/package.json @@ -40,7 +40,8 @@ "@credo-ts/indy-vdr": "catalog:", "@credo-ts/openid4vc": "catalog:", "@credo-ts/question-answer": "catalog:", - "@credo-ts/react-native": "catalog:" + "@credo-ts/react-native": "catalog:", + "@sphereon/pex-models": "catalog:" }, "patchedDependencies": { "@hyperledger/indy-vdr-react-native@0.2.2": "patches/@hyperledger__indy-vdr-react-native@0.2.2.patch", diff --git a/packages/agent/src/agent.ts b/packages/agent/src/agent.ts index f3c77341..a7fb6f60 100644 --- a/packages/agent/src/agent.ts +++ b/packages/agent/src/agent.ts @@ -13,6 +13,7 @@ import { Agent, AutoAcceptCredential, AutoAcceptProof, + ClaimFormat, ConnectionsModule, CredentialsModule, DidsModule, @@ -23,6 +24,7 @@ import { KeyDidRegistrar, KeyDidResolver, LogLevel, + Mdoc, MediationRecipientModule, MediatorPickupStrategy, ProofsModule, @@ -30,6 +32,7 @@ import { V2ProofProtocol, WebDidResolver, WsOutboundTransport, + X509Module, } from '@credo-ts/core' import { IndyVdrAnonCredsRegistry, @@ -45,6 +48,7 @@ import { ariesAskar } from '@hyperledger/aries-askar-react-native' import { indyVdr } from '@hyperledger/indy-vdr-react-native' import { DidWebAnonCredsRegistry } from 'credo-ts-didweb-anoncreds' +import { bdrPidIssuerCertificate, pidSchemes } from '../../../apps/easypid/src/constants' import { indyNetworks } from './indyNetworks' import { appLogger } from './logger' @@ -80,16 +84,43 @@ export const initializeEasyPIDAgent = async ({ modules: { ariesAskar: askarModule, openId4VcHolder: new OpenId4VcHolderModule(), + x509: new X509Module({ + getTrustedCertificatesForVerification: (agentContext, { certificateChain, verification }) => { + if (verification.type === 'credential') { + // Only allow BDR certificate for PID credentials for now + if ( + verification.credential instanceof Mdoc && + pidSchemes.msoMdocDoctypes.includes(verification.credential.docType) + ) { + return [bdrPidIssuerCertificate] + } + + if ( + verification.credential.claimFormat === ClaimFormat.SdJwtVc && + pidSchemes.sdJwtVcVcts.includes(verification.credential.payload.vct as string) + ) { + return [bdrPidIssuerCertificate] + } + + // If not PID, we allow any certificate for now + return [certificateChain[0].toString('pem')] + } + + // Allow any actor for auth requests for now + if (verification.type === 'oauth2SecuredAuthorizationRequest') { + return [certificateChain[0].toString('pem')] + } + + return undefined + }, + trustedCertificates: + trustedX509Certificates.length > 0 ? (trustedX509Certificates as [string, ...string[]]) : undefined, + }), }, }) await agent.initialize() - // Register the trusted x509 certificates - for (const trustedCertificate of trustedX509Certificates) { - agent.x509.addTrustedCertificate(trustedCertificate) - } - return agent } diff --git a/packages/agent/src/format/formatPresentation.ts b/packages/agent/src/format/formatPresentation.ts index c7955bc1..26fe7192 100644 --- a/packages/agent/src/format/formatPresentation.ts +++ b/packages/agent/src/format/formatPresentation.ts @@ -207,27 +207,30 @@ export function formatDcqlCredentialsForRequest(dcqlQueryResult: DcqlQueryResult const credentialForDisplay = getCredentialForDisplay(match.record) let disclosed: FormattedSubmissionEntrySatisfiedCredential['disclosed'] - if (match.output.credentialFormat === 'vc+sd-jwt') { + if (match.output.credential_format === 'vc+sd-jwt') { if (match.record.type !== 'SdJwtVcRecord') throw new Error('Expected SdJwtRecord') if (queryCredential.format !== 'vc+sd-jwt') { throw new Error(`Expected queryr credential format ${queryCredential.format} to be vc+sd-jwt`) } - const disclosedDecoded = applyLimitdisclosureForSdJwtRequestedPayload( - match.record.compactSdJwtVc, - match.output.claims - ) + // TODO: remove once selective disclosure in credo tested + // const disclosedDecoded = applyLimitdisclosureForSdJwtRequestedPayload( + // match.record.compactSdJwtVc, + // match.output.claims + // ) - const { attributes, metadata } = getAttributesAndMetadataForSdJwtPayload(disclosedDecoded.prettyClaims) + // Creod already applied selective disclosure on payload + const { attributes, metadata } = getAttributesAndMetadataForSdJwtPayload(match.output.claims) disclosed = { attributes, metadata, paths: getDisclosedAttributePathArrays(attributes, 2), } - } else if (match.output.credentialFormat === 'mso_mdoc') { + } else if (match.output.credential_format === 'mso_mdoc') { if (match.record.type !== 'MdocRecord') throw new Error('Expected MdocRecord') + // TODO: check if fixed now // FIXME: the disclosed payload here doesn't have the correct encoding anymore // once we serialize input?? disclosed = { diff --git a/packages/agent/src/invitation/handler.ts b/packages/agent/src/invitation/handler.ts index bd282b47..21728c6c 100644 --- a/packages/agent/src/invitation/handler.ts +++ b/packages/agent/src/invitation/handler.ts @@ -398,25 +398,15 @@ export const getCredentialsForProofRequest = async ({ agent, data, uri, - allowUntrustedCertificates = false, }: { agent: EitherAgent // Either data or uri can be provided data?: string uri?: string - allowUntrustedCertificates?: boolean }) => { let requestUri: string - const { certificate = null, data: newData = null } = allowUntrustedCertificates - ? await extractCertificateFromAuthorizationRequest({ data, uri }) - : {} - - if (newData) { - // FIXME: Credo only support request string, but we already parsed it before. So we construct an request here - // but in the future we need to support the parsed request in Credo directly - requestUri = `openid://?request=${encodeURIComponent(newData)}` - } else if (data) { + if (data) { // FIXME: Credo only support request string, but we already parsed it before. So we construct an request here // but in the future we need to support the parsed request in Credo directly requestUri = `openid://?request=${encodeURIComponent(data)}` @@ -432,10 +422,7 @@ export const getCredentialsForProofRequest = async ({ requestUri, }) - // Temp solution to add and remove the trusted certificate - const resolved = await withTrustedCertificate(agent, certificate, () => - agent.modules.openId4VcHolder.resolveSiopAuthorizationRequest(requestUri) - ) + const resolved = await agent.modules.openId4VcHolder.resolveSiopAuthorizationRequest(requestUri) let formattedSubmission: FormattedSubmission if (resolved.presentationExchange) { @@ -481,12 +468,10 @@ export const shareProof = async ({ agent, resolvedRequest, selectedCredentials, - allowUntrustedCertificate = false, }: { agent: EitherAgent resolvedRequest: CredentialsForProofRequest selectedCredentials: { [inputDescriptorId: string]: string } - allowUntrustedCertificate?: boolean }) => { const { authorizationRequest } = resolvedRequest if ( @@ -525,25 +510,19 @@ export const shareProof = async ({ : undefined try { - // Temp solution to add and remove the trusted certificate - const certificate = - authorizationRequest.jwt && allowUntrustedCertificate ? extractCertificateFromJwt(authorizationRequest.jwt) : null - - const result = await withTrustedCertificate(agent, certificate, () => - agent.modules.openId4VcHolder.acceptSiopAuthorizationRequest({ - authorizationRequest, - presentationExchange: presentationExchangeCredentials - ? { - credentials: presentationExchangeCredentials, - } - : undefined, - dcql: dcqlCredentials - ? { - credentials: dcqlCredentials, - } - : undefined, - }) - ) + const result = await agent.modules.openId4VcHolder.acceptSiopAuthorizationRequest({ + authorizationRequest, + presentationExchange: presentationExchangeCredentials + ? { + credentials: presentationExchangeCredentials, + } + : undefined, + dcql: dcqlCredentials + ? { + credentials: dcqlCredentials, + } + : undefined, + }) // if redirect_uri is provided, open it in the browser // Even if the response returned an error, we must open this uri diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index a8818f4a..8dd917ec 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -53,7 +53,7 @@ overrides: '@animo-id/oid4vci': 0.1.4 '@animo-id/oauth2': 0.1.4 '@animo-id/oauth2-utils': 0.1.4 - dcql: 0.2.13 + dcql: 0.2.17 '@credo-ts/anoncreds': https://gitpkg.vercel.app/animo/aries-framework-javascript/packages/anoncreds?funke '@credo-ts/askar': https://gitpkg.vercel.app/animo/aries-framework-javascript/packages/askar?funke '@credo-ts/node': https://gitpkg.vercel.app/animo/aries-framework-javascript/packages/node?funke @@ -63,6 +63,7 @@ overrides: '@credo-ts/openid4vc': https://gitpkg.vercel.app/animo/aries-framework-javascript/packages/openid4vc?funke '@credo-ts/question-answer': https://gitpkg.vercel.app/animo/aries-framework-javascript/packages/question-answer?funke '@credo-ts/react-native': https://gitpkg.vercel.app/animo/aries-framework-javascript/packages/react-native?funke + '@sphereon/pex-models': 2.3.2 patchedDependencies: '@credo-ts/askar@0.5.13': @@ -585,7 +586,7 @@ importers: version: https://gitpkg.vercel.app/animo/aries-framework-javascript/packages/anoncreds?funke(@hyperledger/anoncreds-shared@0.2.4)(expo@51.0.39(@babel/core@7.26.0)(@babel/preset-env@7.26.0(@babel/core@7.26.0)))(react-native@0.76.3(@babel/core@7.26.0)(@babel/preset-env@7.26.0(@babel/core@7.26.0))(@react-native-community/cli-server-api@13.6.9)(@types/react@18.2.79)(react@18.3.1))(typescript@5.3.3)(web-streams-polyfill@3.3.3) '@credo-ts/askar': specifier: https://gitpkg.vercel.app/animo/aries-framework-javascript/packages/askar?funke - version: https://gitpkg.vercel.app/animo/aries-framework-javascript/packages/askar?funke(patch_hash=zbu2rcss5evxukkhh5w5venkba)(@hyperledger/aries-askar-shared@0.2.3)(expo@51.0.39(@babel/core@7.26.0)(@babel/preset-env@7.26.0(@babel/core@7.26.0)))(react-native@0.76.3(@babel/core@7.26.0)(@babel/preset-env@7.26.0(@babel/core@7.26.0))(@react-native-community/cli-server-api@13.6.9)(@types/react@18.2.79)(react@18.3.1))(typescript@5.3.3)(web-streams-polyfill@3.3.3) + version: https://gitpkg.vercel.app/animo/aries-framework-javascript/packages/askar?funke(patch_hash=zbu2rcss5evxukkhh5w5venkba)(@animo-id/expo-secure-environment@0.1.0-alpha.11(expo@51.0.39(@babel/core@7.26.0)(@babel/preset-env@7.26.0(@babel/core@7.26.0)))(react-native@0.76.3(@babel/core@7.26.0)(@babel/preset-env@7.26.0(@babel/core@7.26.0))(@react-native-community/cli-server-api@13.6.9)(@types/react@18.2.79)(react@18.3.1))(react@18.3.1))(@hyperledger/aries-askar-shared@0.2.3)(expo@51.0.39(@babel/core@7.26.0)(@babel/preset-env@7.26.0(@babel/core@7.26.0)))(react-native@0.76.3(@babel/core@7.26.0)(@babel/preset-env@7.26.0(@babel/core@7.26.0))(@react-native-community/cli-server-api@13.6.9)(@types/react@18.2.79)(react@18.3.1))(typescript@5.3.3)(web-streams-polyfill@3.3.3) '@credo-ts/cheqd': specifier: https://gitpkg.vercel.app/animo/aries-framework-javascript/packages/cheqd?funke version: https://gitpkg.vercel.app/animo/aries-framework-javascript/packages/cheqd?funke(@hyperledger/anoncreds-shared@0.2.4)(expo@51.0.39(@babel/core@7.26.0)(@babel/preset-env@7.26.0(@babel/core@7.26.0)))(react-native@0.76.3(@babel/core@7.26.0)(@babel/preset-env@7.26.0(@babel/core@7.26.0))(@react-native-community/cli-server-api@13.6.9)(@types/react@18.2.79)(react@18.3.1))(typescript@5.3.3)(web-streams-polyfill@3.3.3) @@ -1739,7 +1740,7 @@ packages: resolution: {tarball: https://gitpkg.vercel.app/animo/aries-framework-javascript/packages/askar?funke} version: 0.5.13 peerDependencies: - '@animo-id/expo-secure-environment': ^0.0.1-alpha.0 + '@animo-id/expo-secure-environment': ^0.1.0-alpha.11 '@hyperledger/aries-askar-shared': ^0.2.3 peerDependenciesMeta: '@animo-id/expo-secure-environment': @@ -2570,8 +2571,8 @@ packages: resolution: {integrity: sha512-q9CRWjpHCMIh5sVyefoD1cA7PkvILqCZsnSOEUUivORLjxCO/Irmue2DprETiNgEqktDBZaM1Bi+jrarx1XdCg==} engines: {node: ^14.17.0 || ^16.13.0 || >=18.0.0} - '@openid-federation/core@0.1.1-alpha.13': - resolution: {integrity: sha512-QC4DSbiJ7eWstLs1O3XrX/yKFgaj+3ch8cA4N/02BywVNmkiYgW9qXhcvY50ULINuCeYdqIMIqCuHbaTa0A1hw==} + '@openid-federation/core@0.1.1-alpha.17': + resolution: {integrity: sha512-Bn5JaQzQnrQ2koPisiITHN69eOEewvs26EPyD4tp5XoR6Kdh9sy2f3w4hYV4MSaDwRorpRF7ttN6PGK1piMTng==} '@peculiar/asn1-cms@2.3.13': resolution: {integrity: sha512-joqu8A7KR2G85oLPq+vB+NFr2ro7Ls4ol13Zcse/giPSzUNN0n2k3v8kMpf6QdGUhI13e5SzQYN8AKP8sJ8v4w==} @@ -3467,8 +3468,8 @@ packages: version: 0.16.0 engines: {node: '>=18'} - '@sphereon/pex-models@2.3.1': - resolution: {integrity: sha512-SByU4cJ0XYA6VZQ/L6lsSiRcFtBPHbFioCeQ4GP7/W/jQ+PSBD7uK2oTnKQ9/0iEiMK/6JYqhKgLs4a9UX3UTQ==} + '@sphereon/pex-models@2.3.2': + resolution: {integrity: sha512-foFxfLkRwcn/MOp/eht46Q7wsvpQGlO7aowowIIb5Tz9u97kYZ2kz6K2h2ODxWuv5CRA7Q0MY8XUBGE2lfOhOQ==} '@sphereon/pex@5.0.0-unstable.24': resolution: {integrity: sha512-CZc+kr8cJqPsFSpg4kHyamr5oB5xLVP2E5eJ0pbetOfOE2uSxqk0/A8zGazcPhU1zZILrO51hD4vW/hJRgtKJQ==} @@ -5529,8 +5530,8 @@ packages: dayjs@1.11.13: resolution: {integrity: sha512-oaMBel6gjolK862uaPQOVTA7q3TZhuSvuMQAAglQDOWYO9A91IrAOUJEyKVlqJlHE0vq5p5UXxzdPfMH/x6xNg==} - dcql@0.2.13: - resolution: {integrity: sha512-XfePsSz9ULj9HH3VFNguzK/xlFnliKDX2iUDb1tIrn97S+TfftcFo+jipw16m9jPlWLhhBx48QniF0D8KotIWA==} + dcql@0.2.17: + resolution: {integrity: sha512-YKNJR2anEiWooUCg7cJt/QmSFxpBS+SJQurcsNA60+8qUrjOuroh1Wd+lka/yOAV2VUdRzdNY6ISouxTV6SUaQ==} debug@2.6.9: resolution: {integrity: sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==} @@ -9570,16 +9571,16 @@ packages: resolution: {integrity: sha512-b+1eJOlsR9K8HJpow9Ok3fiWOWSIcIzXodvv0rQjVoOVNpWMpxf1wZNpt4y9h10odCNrqnYp1OBzRktckBe3sA==} hasBin: true - valibot@0.37.0: - resolution: {integrity: sha512-FQz52I8RXgFgOHym3XHYSREbNtkgSjF9prvMFH1nBsRyfL6SfCzoT1GuSDTlbsuPubM7/6Kbw0ZMQb8A+V+VsQ==} + valibot@0.42.1: + resolution: {integrity: sha512-3keXV29Ar5b//Hqi4MbSdV7lfVp6zuYLZuA9V1PvQUsXqogr+u5lvLPLk3A4f74VUXDnf/JfWMN6sB+koJ/FFw==} peerDependencies: typescript: '>=5' peerDependenciesMeta: typescript: optional: true - valibot@0.42.1: - resolution: {integrity: sha512-3keXV29Ar5b//Hqi4MbSdV7lfVp6zuYLZuA9V1PvQUsXqogr+u5lvLPLk3A4f74VUXDnf/JfWMN6sB+koJ/FFw==} + valibot@1.0.0-beta.8: + resolution: {integrity: sha512-OPAwJZtowb0j91b+bd77+ny7D1VVzsCzD7Jl9waLUlMprTsfI9Y3HHbW3hAQD7wKDKHsmGEesuiYWaYvcZL2wg==} peerDependencies: typescript: '>=5' peerDependenciesMeta: @@ -9923,6 +9924,16 @@ snapshots: react: 18.3.1 react-native: 0.74.5(@babel/core@7.26.0)(@babel/preset-env@7.26.0(@babel/core@7.26.0))(@types/react@18.2.79)(react@18.3.1) + '@animo-id/expo-secure-environment@0.1.0-alpha.11(expo@51.0.39(@babel/core@7.26.0)(@babel/preset-env@7.26.0(@babel/core@7.26.0)))(react-native@0.76.3(@babel/core@7.26.0)(@babel/preset-env@7.26.0(@babel/core@7.26.0))(@react-native-community/cli-server-api@13.6.9)(@types/react@18.2.79)(react@18.3.1))(react@18.3.1)': + dependencies: + '@peculiar/asn1-ecc': 2.3.14 + '@peculiar/asn1-schema': 2.3.13 + '@peculiar/asn1-x509': 2.3.13 + expo: 51.0.39(@babel/core@7.26.0)(@babel/preset-env@7.26.0(@babel/core@7.26.0)) + react: 18.3.1 + react-native: 0.76.3(@babel/core@7.26.0)(@babel/preset-env@7.26.0(@babel/core@7.26.0))(@react-native-community/cli-server-api@13.6.9)(@types/react@18.2.79)(react@18.3.1) + optional: true + '@animo-id/mdoc@0.2.39': dependencies: compare-versions: 6.1.1 @@ -9955,7 +9966,7 @@ snapshots: '@sd-jwt/decode': 0.7.2 '@sd-jwt/present': 0.7.2 '@sd-jwt/types': 0.7.2 - '@sphereon/pex-models': 2.3.1 + '@sphereon/pex-models': 2.3.2 '@sphereon/ssi-types': 0.30.2-next.135 ajv: 8.17.1 ajv-formats: 2.1.1(ajv@8.17.1) @@ -11122,7 +11133,7 @@ snapshots: '@astronautlabs/jsonpath': 1.1.2 '@credo-ts/core': https://gitpkg.vercel.app/animo/aries-framework-javascript/packages/core?funke(expo@51.0.39(@babel/core@7.26.0)(@babel/preset-env@7.26.0(@babel/core@7.26.0)))(react-native@0.76.3(@babel/core@7.26.0)(@babel/preset-env@7.26.0(@babel/core@7.26.0))(@react-native-community/cli-server-api@13.6.9)(@types/react@18.2.79)(react@18.3.1))(typescript@5.3.3)(web-streams-polyfill@3.3.3) '@hyperledger/anoncreds-shared': 0.2.4 - '@sphereon/pex-models': 2.3.1 + '@sphereon/pex-models': 2.3.2 big-integer: 1.6.52 bn.js: 5.2.1 class-transformer: 0.5.1 @@ -11137,7 +11148,7 @@ snapshots: - typescript - web-streams-polyfill - '@credo-ts/askar@https://gitpkg.vercel.app/animo/aries-framework-javascript/packages/askar?funke(patch_hash=zbu2rcss5evxukkhh5w5venkba)(@hyperledger/aries-askar-shared@0.2.3)(expo@51.0.39(@babel/core@7.26.0)(@babel/preset-env@7.26.0(@babel/core@7.26.0)))(react-native@0.76.3(@babel/core@7.26.0)(@babel/preset-env@7.26.0(@babel/core@7.26.0))(@react-native-community/cli-server-api@13.6.9)(@types/react@18.2.79)(react@18.3.1))(typescript@5.3.3)(web-streams-polyfill@3.3.3)': + '@credo-ts/askar@https://gitpkg.vercel.app/animo/aries-framework-javascript/packages/askar?funke(patch_hash=zbu2rcss5evxukkhh5w5venkba)(@animo-id/expo-secure-environment@0.1.0-alpha.11(expo@51.0.39(@babel/core@7.26.0)(@babel/preset-env@7.26.0(@babel/core@7.26.0)))(react-native@0.76.3(@babel/core@7.26.0)(@babel/preset-env@7.26.0(@babel/core@7.26.0))(@react-native-community/cli-server-api@13.6.9)(@types/react@18.2.79)(react@18.3.1))(react@18.3.1))(@hyperledger/aries-askar-shared@0.2.3)(expo@51.0.39(@babel/core@7.26.0)(@babel/preset-env@7.26.0(@babel/core@7.26.0)))(react-native@0.76.3(@babel/core@7.26.0)(@babel/preset-env@7.26.0(@babel/core@7.26.0))(@react-native-community/cli-server-api@13.6.9)(@types/react@18.2.79)(react@18.3.1))(typescript@5.3.3)(web-streams-polyfill@3.3.3)': dependencies: '@credo-ts/core': https://gitpkg.vercel.app/animo/aries-framework-javascript/packages/core?funke(expo@51.0.39(@babel/core@7.26.0)(@babel/preset-env@7.26.0(@babel/core@7.26.0)))(react-native@0.76.3(@babel/core@7.26.0)(@babel/preset-env@7.26.0(@babel/core@7.26.0))(@react-native-community/cli-server-api@13.6.9)(@types/react@18.2.79)(react@18.3.1))(typescript@5.3.3)(web-streams-polyfill@3.3.3) '@hyperledger/aries-askar-shared': 0.2.3 @@ -11146,6 +11157,8 @@ snapshots: class-validator: 0.14.1 rxjs: 7.8.1 tsyringe: 4.8.0 + optionalDependencies: + '@animo-id/expo-secure-environment': 0.1.0-alpha.11(expo@51.0.39(@babel/core@7.26.0)(@babel/preset-env@7.26.0(@babel/core@7.26.0)))(react-native@0.76.3(@babel/core@7.26.0)(@babel/preset-env@7.26.0(@babel/core@7.26.0))(@react-native-community/cli-server-api@13.6.9)(@types/react@18.2.79)(react@18.3.1))(react@18.3.1) transitivePeerDependencies: - domexception - encoding @@ -11204,7 +11217,7 @@ snapshots: '@sd-jwt/sd-jwt-vc': 0.7.2 '@sd-jwt/types': 0.7.2 '@sd-jwt/utils': 0.7.2 - '@sphereon/pex-models': 2.3.1 + '@sphereon/pex-models': 2.3.2 '@sphereon/ssi-types': 0.30.2-next.135 '@stablelib/ed25519': 1.0.3 '@types/ws': 8.5.12 @@ -11214,7 +11227,7 @@ snapshots: buffer: 6.0.3 class-transformer: 0.5.1 class-validator: 0.14.1 - dcql: 0.2.13(typescript@5.3.3) + dcql: 0.2.17(typescript@5.3.3) did-resolver: 4.1.0 lru_map: 0.4.1 luxon: 3.5.0 @@ -11259,7 +11272,7 @@ snapshots: '@sd-jwt/sd-jwt-vc': 0.7.2 '@sd-jwt/types': 0.7.2 '@sd-jwt/utils': 0.7.2 - '@sphereon/pex-models': 2.3.1 + '@sphereon/pex-models': 2.3.2 '@sphereon/ssi-types': 0.30.2-next.135 '@stablelib/ed25519': 1.0.3 '@types/ws': 8.5.12 @@ -11269,7 +11282,7 @@ snapshots: buffer: 6.0.3 class-transformer: 0.5.1 class-validator: 0.14.1 - dcql: 0.2.13(typescript@5.3.3) + dcql: 0.2.17(typescript@5.3.3) did-resolver: 4.1.0 lru_map: 0.4.1 luxon: 3.5.0 @@ -11312,7 +11325,7 @@ snapshots: '@animo-id/oauth2': 0.1.4(typescript@5.3.3) '@animo-id/oid4vci': 0.1.4(typescript@5.3.3) '@credo-ts/core': https://gitpkg.vercel.app/animo/aries-framework-javascript/packages/core?funke(expo@51.0.39(@babel/core@7.26.0)(@babel/preset-env@7.26.0(@babel/core@7.26.0)))(react-native@0.76.3(@babel/core@7.26.0)(@babel/preset-env@7.26.0(@babel/core@7.26.0))(@react-native-community/cli-server-api@13.6.9)(@types/react@18.2.79)(react@18.3.1))(typescript@5.3.3)(web-streams-polyfill@3.3.3) - '@openid-federation/core': 0.1.1-alpha.13 + '@openid-federation/core': 0.1.1-alpha.17 '@sphereon/did-auth-siop': https://gitpkg.vercel.app/animo/OID4VC/packages/siop-oid4vp?funke(typescript@5.3.3) '@sphereon/oid4vc-common': https://gitpkg.vercel.app/animo/OID4VC/packages/common?funke '@sphereon/ssi-types': 0.30.2-next.135 @@ -12456,7 +12469,7 @@ snapshots: dependencies: semver: 7.6.3 - '@openid-federation/core@0.1.1-alpha.13': + '@openid-federation/core@0.1.1-alpha.17': dependencies: buffer: 6.0.3 zod: 3.23.8 @@ -13693,10 +13706,10 @@ snapshots: '@sphereon/jarm': https://gitpkg.vercel.app/animo/OID4VC/packages/jarm?funke(typescript@5.3.3) '@sphereon/oid4vc-common': https://gitpkg.vercel.app/animo/OID4VC/packages/common?funke '@sphereon/pex': 5.0.0-unstable.24 - '@sphereon/pex-models': 2.3.1 + '@sphereon/pex-models': 2.3.2 '@sphereon/ssi-types': 0.30.2-next.279 cross-fetch: 4.0.0 - dcql: 0.2.13(typescript@5.3.3) + dcql: 0.2.17(typescript@5.3.3) debug: 4.3.7 events: 3.3.0 jwt-decode: 4.0.0 @@ -13733,7 +13746,7 @@ snapshots: transitivePeerDependencies: - supports-color - '@sphereon/pex-models@2.3.1': {} + '@sphereon/pex-models@2.3.2': {} '@sphereon/pex@5.0.0-unstable.24': dependencies: @@ -13741,7 +13754,7 @@ snapshots: '@sd-jwt/decode': 0.7.2 '@sd-jwt/present': 0.7.2 '@sd-jwt/types': 0.7.2 - '@sphereon/pex-models': 2.3.1 + '@sphereon/pex-models': 2.3.2 '@sphereon/ssi-types': 0.30.2-next.129 ajv: 8.17.1 ajv-formats: 2.1.1(ajv@8.17.1) @@ -16966,9 +16979,9 @@ snapshots: dayjs@1.11.13: {} - dcql@0.2.13(typescript@5.3.3): + dcql@0.2.17(typescript@5.3.3): dependencies: - valibot: 0.37.0(typescript@5.3.3) + valibot: 1.0.0-beta.8(typescript@5.3.3) transitivePeerDependencies: - typescript @@ -21849,11 +21862,11 @@ snapshots: uuid@9.0.1: {} - valibot@0.37.0(typescript@5.3.3): + valibot@0.42.1(typescript@5.3.3): optionalDependencies: typescript: 5.3.3 - valibot@0.42.1(typescript@5.3.3): + valibot@1.0.0-beta.8(typescript@5.3.3): optionalDependencies: typescript: 5.3.3 diff --git a/pnpm-workspace.yaml b/pnpm-workspace.yaml index af86d649..acb2dfd7 100644 --- a/pnpm-workspace.yaml +++ b/pnpm-workspace.yaml @@ -24,7 +24,7 @@ catalog: "@sphereon/did-auth-siop": https://gitpkg.vercel.app/animo/OID4VC/packages/siop-oid4vp?funke "@sphereon/jarm": https://gitpkg.vercel.app/animo/OID4VC/packages/jarm?funke "@sphereon/oid4vc-common": https://gitpkg.vercel.app/animo/OID4VC/packages/common?funke - dcql: 0.2.13 + dcql: 0.2.17 "@animo-id/expo-ausweis-sdk": 0.0.1-alpha.14 "@animo-id/oid4vci": 0.1.4 "@animo-id/oauth2": 0.1.4 @@ -34,4 +34,5 @@ catalog: "@animo-id/mdoc": 0.2.39 "@unimodules/react-native-adapter": "./noop" "@unimodules/core": "./noop" - expo: ~51.0.39 \ No newline at end of file + expo: ~51.0.39 + "@sphereon/pex-models": 2.3.2 \ No newline at end of file