@digitalbazaar/oid4-client 5.2.1 → 5.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/lib/oid4vp/authorizationRequest.js +7 -2
  2. package/lib/oid4vp/authorizationResponse.js +2 -1
  3. package/lib/oid4vp/verifier.js +1 -1
  4. package/package.json +1 -1
package/lib/oid4vp/authorizationRequest.js CHANGED
@@ -13,6 +13,9 @@ import {
13
13
  const REQUIRED_SIGNED_AUTHZ_REQUEST_CLIENT_ID_SCHEMES = new Set([
14
14
  'x509_san_dns', 'x509_hash', 'did', 'decentralized_identifier'
15
15
  ]);
16
+ const SUPPORTED_AUTHORIZATION_ENCRYPTED_RESPONSE_ENC = new Set([
17
+ 'A256GCM', 'A128GCM'
18
+ ]);
16
19
  const SUPPORTED_CLIENT_ID_SCHEMES = new Set([
17
20
  'redirect_uri',
18
21
  'x509_san_dns', 'x509_hash', 'did', 'decentralized_identifier'
@@ -177,10 +180,12 @@ export async function validate({authorizationRequest, expectedClientId}) {
177
180
  name: 'NotSupportedError'
178
181
  });
179
182
  }
180
- if(authorization_encrypted_response_enc !== 'A256GCM') {
183
+ if(!SUPPORTED_AUTHORIZATION_ENCRYPTED_RESPONSE_ENC.has(
184
+ authorization_encrypted_response_enc)) {
185
+ const supported = [...SUPPORTED_AUTHORIZATION_ENCRYPTED_RESPONSE_ENC];
181
186
  throw createNamedError({
182
187
  message: `"${authorization_encrypted_response_enc}" is not ` +
183
- 'supported; only "A256GCM" is supported.',
188
+ `supported; supported values are: ${supported.join(', ')}`,
184
189
  name: 'NotSupportedError'
185
190
  });
186
191
  }
package/lib/oid4vp/authorizationResponse.js CHANGED
@@ -239,7 +239,8 @@ async function _encrypt({
239
239
  };
240
240
  const jwt = await new EncryptJWT(claimSet)
241
241
  .setProtectedHeader({
242
- alg: 'ECDH-ES', enc: 'A256GCM',
242
+ alg: 'ECDH-ES',
243
+ enc: encryptionOptions?.enc ?? 'A256GCM',
243
244
  kid: recipientPublicJwk.kid
244
245
  })
245
246
  .setKeyManagementParameters(keyManagementParameters)
package/lib/oid4vp/verifier.js CHANGED
@@ -96,7 +96,7 @@ async function _decrypt({jwt, getDecryptParameters}) {
96
96
 
97
97
  return jwtDecrypt(jwt, getKey, {
98
98
  // only supported algorithms at this time:
99
- contentEncryptionAlgorithms: ['A256GCM'],
99
+ contentEncryptionAlgorithms: ['A256GCM', 'A128GCM'],
100
100
  keyManagementAlgorithms: ['ECDH-ES']
101
101
  });
102
102
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@digitalbazaar/oid4-client",
3
- "version": "5.2.1",
3
+ "version": "5.3.0",
4
4
  "description": "An OID4 (VC + VP) client",
5
5
  "homepage": "https://github.com/digitalbazaar/oid4-client",
6
6
  "author": {