gmulhearn-anonyome
commented
5 months ago ~TODO - verify still working in Acapy aath~
still works at standard of previous PR ✅
Closed gmulhearn-anonyome closed 4 months ago
gmulhearn-anonyome
commented
5 months ago ~TODO - verify still working in Acapy aath~
still works at standard of previous PR ✅
gmulhearn-anonyome
commented
5 months ago @JamesKEbert this is ready for review after #1230 is merged
gmulhearn-anonyome
commented
5 months ago alright this should be good to review now
branched off #1230 diff: https://github.com/anonyome/aries-vcx/compare/gm/1228-did-exch-1_1...anonyome:aries-vcx:gm/1226-didexchange-signature-checks
fixes part 2 of #1226.
adds JWS signature verification when receiving a response. The new approach mostly matches ACApy's implementation found here: https://github.com/hyperledger/aries-cloudagent-python/blob/main/aries_cloudagent/protocols/didexchange/v1_0/manager.py#L942.
It is a relatively aggressive approach where it will fail if neither DIDDoc attachments nor DIDRotate attachment have signatures.