Support attestation-based client authentication

babisRoutis commented 4 months ago

Closes #217

ydanneg commented 4 months ago

Dear @babisRoutis it would be great to be able to provide a custom signer implementation in case of remote signing. With no access to a private key. Similar to KeyBindingSigner in sdjwt lib.

babisRoutis commented 4 months ago

Dear @babisRoutis it would be great to be able to provide a custom signer implementation in case of remote signing. With no access to a private key. Similar to KeyBindingSigner in sdjwt lib.

Hi @ydanneg

You are right. Perhaps, the self-attested issuer has little value. I was thinking moving the later to the tests. Not sure yet. In addition,

Client.Attested probably cannot contain the instance key pair either (if this comes from secure element)
I noticed that in ISO 23220-1, ClientAttestationJwt should contain, besides the cnf for the pub instance key, the pub keys (device keys in ISO terminology) that would be later used for the PoP of VS.

In any case thanks for the comment.

babisRoutis commented 2 months ago

Closing this PR, since main has diverged.

Part of it will be probably included in a new PR

eu-digital-identity-wallet / eudi-lib-jvm-openid4vci-kt

Support attestation-based client authentication #225