feat: merge with main and dc api fixes

.changeset/brave-cars-deny.md

@@ -0,0 +1,5 @@
+---
+'@credo-ts/core': minor
+---
+
+`createDeviceResponse` now returns bytes and not base64 encoded bytes

.changeset/cool-pets-grab.md

@@ -0,0 +1,9 @@
+---
+'@credo-ts/anoncreds': minor
+'@credo-ts/askar': minor
+'@credo-ts/core': minor
+---
+
+- Rely on Uint8Array instead of Buffer for internal key bytes representation
+- Remove dependency on external Big Number libraries
+- Default to use of uncompressed keys for Secp256k1, Secp256r1, Secp384r1 and Secp521r1

.changeset/cuddly-jobs-learn.md

@@ -0,0 +1,5 @@
+---
+'@credo-ts/openid4vc': minor
+---
+
+fix: typo statefull -> stateful in configuration of OpenID4VCI module

.changeset/cyan-parents-relax.md

@@ -0,0 +1,9 @@
+---
+'@credo-ts/anoncreds': patch
+'@credo-ts/askar': patch
+'@credo-ts/core': patch
+---
+
+- Remove usage of Big Number libraries and rely on native implementations
+- By default rely on uncompressed keys instead of compressed (for P256, P384, P521 and K256)
+- Utilze Uint8Array more instead of Buffer (i.e. for internally representing a key)

.changeset/eleven-deers-rush.md

@@ -0,0 +1,5 @@
+---
+'@credo-ts/core': minor
+---
+
+refactor: split async `getData` method on x509 certificate to sync `.data` getter and async `getThumbprint` method

.changeset/serious-rivers-clap.md

@@ -0,0 +1,6 @@
+---
+'@credo-ts/askar': patch
+'@credo-ts/core': patch
+---
+
+feat: support A128CBC-HS256 encryption algorithm for JWE

.changeset/smooth-balloons-breathe.md

@@ -0,0 +1,6 @@
+---
+'@credo-ts/indy-sdk-to-askar-migration': minor
+'@credo-ts/askar': minor
+---
+
+- depend on @openwallet-foundation/askar instead of @hyperledger/aries-askar

.changeset/wet-pianos-walk.md

@@ -0,0 +1,7 @@
+---
+"@credo-ts/cheqd": patch
+---
+
+fix(cheqd): cheqd revocationRegistryDefinition resource name
+
+Creating two revocation registries with same name would lead to updating the resource. Adding credential definition tag in the resource name fixes this issue

.github/workflows/continuous-integration.yml

@@ -17,7 +17,7 @@ env:
 # "When concurrency is specified at the job level, order is not guaranteed for jobs or runs that queue within 5 minutes of each other."
 concurrency:
   # Cancel previous runs that are not completed yet
-  group: ${{ github.workflow }}-${{ github.ref }}
+  group: ${{ github.workflow }}-${{ github.ref }}-${{ github.event_name }}
   cancel-in-progress: true
 
 jobs:

demo-openid/package.json

@@ -17,9 +17,9 @@
   },
   "dependencies": {
     "@hyperledger/anoncreds-nodejs": "^0.2.2",
-    "@hyperledger/aries-askar-nodejs": "^0.2.3",
     "@hyperledger/indy-vdr-nodejs": "^0.2.2",
     "@koa/bodyparser": "^5.1.1",
+    "@openwallet-foundation/askar-nodejs": "^0.3.1",
     "express": "^4.18.1",
     "inquirer": "^8.2.5",
     "jose": "^5.3.0",

demo-openid/src/Holder.ts

@@ -20,14 +20,14 @@ import {
   OpenId4VciAuthorizationFlow,
   preAuthorizedCodeGrantIdentifier,
 } from '@credo-ts/openid4vc'
-import { ariesAskar } from '@hyperledger/aries-askar-nodejs'
+import { askar } from '@openwallet-foundation/askar-nodejs'
 
 import { BaseAgent } from './BaseAgent'
 import { greenText, Output } from './OutputClass'
 
 function getOpenIdHolderModules() {
   return {
-    askar: new AskarModule({ ariesAskar }),
+    askar: new AskarModule({ askar }),
     openId4VcHolder: new OpenId4VcHolderModule(),
     x509: new X509Module({
       getTrustedCertificatesForVerification: (agentContext, { certificateChain, verification }) => {

demo-openid/src/Issuer.ts

@@ -33,7 +33,7 @@ import {
   OpenId4VcVerifierModule,
   OpenId4VciCredentialFormatProfile,
 } from '@credo-ts/openid4vc'
-import { ariesAskar } from '@hyperledger/aries-askar-nodejs'
+import { askar } from '@openwallet-foundation/askar-nodejs'
 import { Router } from 'express'
 
 import { BaseAgent } from './BaseAgent'
@@ -206,7 +206,7 @@ export class Issuer extends BaseAgent<{
       port,
       name,
       modules: {
-        askar: new AskarModule({ ariesAskar }),
+        askar: new AskarModule({ askar }),
         openId4VcVerifier: new OpenId4VcVerifierModule({
           baseUrl: `${url}/oid4vp`,
           router: openId4VpRouter,

demo-openid/src/Verifier.ts

@@ -3,7 +3,7 @@ import type { OpenId4VcVerifierRecord } from '@credo-ts/openid4vc'
 
 import { AskarModule } from '@credo-ts/askar'
 import { OpenId4VcVerifierModule } from '@credo-ts/openid4vc'
-import { ariesAskar } from '@hyperledger/aries-askar-nodejs'
+import { askar } from '@openwallet-foundation/askar-nodejs'
 import { Router } from 'express'
 
 import { BaseAgent } from './BaseAgent'
@@ -159,7 +159,7 @@ export class Verifier extends BaseAgent<{ askar: AskarModule; openId4VcVerifier:
       port,
       name,
       modules: {
-        askar: new AskarModule({ ariesAskar }),
+        askar: new AskarModule({ askar }),
         openId4VcVerifier: new OpenId4VcVerifierModule({
           baseUrl: `${url}/siop`,
           router: openId4VcSiopRouter,

demo/package.json

@@ -15,7 +15,7 @@
   "dependencies": {
     "@hyperledger/indy-vdr-nodejs": "^0.2.2",
     "@hyperledger/anoncreds-nodejs": "^0.2.2",
-    "@hyperledger/aries-askar-nodejs": "^0.2.3",
+    "@openwallet-foundation/askar-nodejs": "^0.3.1",
     "inquirer": "^8.2.5"
   },
   "devDependencies": {

demo/src/BaseAgent.ts

@@ -34,8 +34,8 @@ import {
 import { IndyVdrIndyDidResolver, IndyVdrAnonCredsRegistry, IndyVdrModule } from '@credo-ts/indy-vdr'
 import { agentDependencies, HttpInboundTransport } from '@credo-ts/node'
 import { anoncreds } from '@hyperledger/anoncreds-nodejs'
-import { ariesAskar } from '@hyperledger/aries-askar-nodejs'
 import { indyVdr } from '@hyperledger/indy-vdr-nodejs'
+import { askar } from '@openwallet-foundation/askar-nodejs'
 
 import { greenText } from './OutputClass'
 
@@ -144,7 +144,7 @@ function getAskarAnonCredsIndyModules(didcommConfig: DidCommModuleConfigOptions)
       registrars: [new CheqdDidRegistrar()],
     }),
     askar: new AskarModule({
-      ariesAskar,
+      askar,
     }),
   } as const
 }

package.json

@@ -35,9 +35,8 @@
     "@babel/core": "^7.25.8",
     "@babel/preset-env": "^7.25.8",
     "@changesets/cli": "^2.27.5",
-    "@hyperledger/aries-askar-nodejs": "^0.2.3",
+    "@openwallet-foundation/askar-nodejs": "^0.3.1",
     "@jest/types": "^29.6.3",
-    "@types/bn.js": "^5.1.5",
     "@types/cors": "^2.8.10",
     "@types/eslint": "^8.21.2",
     "@types/express": "^4.17.13",
@@ -49,7 +48,6 @@
     "@types/ws": "^8.5.4",
     "@typescript-eslint/eslint-plugin": "^7.14.1",
     "@typescript-eslint/parser": "^7.14.1",
-    "bn.js": "^5.2.1",
     "cors": "^2.8.5",
     "eslint": "^8.36.0",
     "eslint-config-prettier": "^8.3.0",
@@ -70,6 +68,14 @@
     "undici": "^6.20.1",
     "ws": "^8.13.0"
   },
+  "pnpm": {
+    "overrides": {
+      "@openid4vc/oid4vci": "file:./local/openid4vc-oid4vci-0.2.0.tgz",
+      "@openid4vc/oid4vp": "file:./local/openid4vc-oid4vp-0.1.4.tgz",
+      "@openid4vc/oauth2": "file:./local/openid4vc-oauth2-0.2.0.tgz",
+      "@openid4vc/utils": "file:./local/openid4vc-utils-0.2.0.tgz"
+    }
+  },
   "resolutions": {
     "@types/node": "18.18.8",
     "undici": "^6.20.1"

packages/anoncreds/package.json

@@ -30,8 +30,6 @@
     "@credo-ts/core": "workspace:*",
     "@credo-ts/didcomm": "workspace:*",
     "@sphereon/pex-models": "^2.3.1",
-    "big-integer": "^1.6.51",
-    "bn.js": "^5.2.1",
     "class-transformer": "0.5.1",
     "class-validator": "0.14.1",
     "reflect-metadata": "^0.1.13"

packages/anoncreds/src/anoncreds-rs/AnonCredsDataIntegrityService.ts

@@ -24,10 +24,10 @@ import {
   injectable,
   ClaimFormat,
 } from '@credo-ts/core'
-import BigNumber from 'bn.js'
 
 import { AnonCredsHolderServiceSymbol, AnonCredsVerifierServiceSymbol } from '../services'
 import { fetchCredentialDefinitions, fetchSchemas } from '../utils/anonCredsObjects'
+import { bytesToBigint } from '../utils/bytesToBigint'
 import { assertLinkSecretsMatch } from '../utils/linkSecret'
 import { getAnonCredsTagsFromRecord } from '../utils/w3cAnonCredsUtils'
 
@@ -163,7 +163,7 @@ export class AnonCredsDataIntegrityService implements IAnonCredsDataIntegritySer
     const credentialsWithMetadata: CredentialWithRevocationMetadata[] = []
 
     const hash = Hasher.hash(TypedArrayEncoder.fromString(challenge), 'sha-256')
-    const nonce = new BigNumber(hash).toString().slice(0, 20)
+    const nonce = bytesToBigint(hash).toString().slice(0, 20)
 
     const anonCredsProofRequest: AnonCredsProofRequest = {
       version: '1.0',

packages/anoncreds/src/utils/bytesToBigint.ts

@@ -0,0 +1,12 @@
+export function bytesToBigint(b: Uint8Array): bigint {
+  if (b.length === 0) {
+    throw new Error('Empty byte array is not supported')
+  }
+
+  let value = 0n
+  for (let i = 0; i < b.length; i++) {
+    value = (value << 8n) | BigInt(b[i])
+  }
+
+  return value
+}

packages/anoncreds/src/utils/credential.ts

@@ -1,9 +1,10 @@
 import type { AnonCredsSchema, AnonCredsCredentialValues } from '../models'
 import type { CredentialPreviewAttributeOptions, LinkedAttachment } from '@credo-ts/didcomm'
 
-import { Buffer, CredoError, Hasher, TypedArrayEncoder } from '@credo-ts/core'
+import { CredoError, Hasher, TypedArrayEncoder } from '@credo-ts/core'
 import { encodeAttachment } from '@credo-ts/didcomm'
-import bigInt from 'big-integer'
+
+import { bytesToBigint } from './bytesToBigint'
 
 export type AnonCredsClaimRecord = Record<string, string | number>
 
@@ -66,9 +67,8 @@ export function encodeCredentialValue(value: unknown) {
 
   const buffer = TypedArrayEncoder.fromString(String(value))
   const hash = Hasher.hash(buffer, 'sha-256')
-  const hex = Buffer.from(hash).toString('hex')
 
-  return bigInt(hex, 16).toString()
+  return bytesToBigint(hash).toString()
 }
 
 export const mapAttributeRawValuesToAnonCredsCredentialValues = (

packages/anoncreds/tests/InMemoryAnonCredsRegistry.ts

@@ -20,13 +20,13 @@ import type {
 import type { AgentContext } from '@credo-ts/core'
 
 import { Hasher, utils } from '@credo-ts/core'
-import BigNumber from 'bn.js'
 
 import {
   getDidIndyCredentialDefinitionId,
   getDidIndyRevocationRegistryDefinitionId,
   getDidIndySchemaId,
 } from '../../indy-vdr/src/anoncreds/utils/identifiers'
+import { bytesToBigint } from '../src/utils/bytesToBigint'
 import {
   getUnQualifiedDidIndyDid,
   getUnqualifiedRevocationRegistryDefinitionId,
@@ -377,7 +377,6 @@ export class InMemoryAnonCredsRegistry implements AnonCredsRegistry {
  * Does this by hashing the schema id, transforming the hash to a number and taking the first 6 digits.
  */
 function getSeqNoFromSchemaId(schemaId: string) {
-  const seqNo = Number(new BigNumber(Hasher.hash(schemaId, 'sha-256')).toString().slice(0, 5))
-
-  return seqNo
+  const hash = Hasher.hash(schemaId, 'sha-256')
+  return bytesToBigint(hash).toString().slice(0, 5)
 }

packages/askar/package.json

@@ -27,25 +27,23 @@
   },
   "dependencies": {
     "@credo-ts/core": "workspace:*",
-    "bn.js": "^5.2.1",
     "class-transformer": "0.5.1",
     "class-validator": "0.14.1",
     "rxjs": "^7.8.0",
     "tsyringe": "^4.8.0"
   },
   "devDependencies": {
-    "@animo-id/expo-secure-environment": "^0.1.0-alpha.11",
-    "@hyperledger/aries-askar-nodejs": "^0.2.3",
-    "@hyperledger/aries-askar-shared": "^0.2.3",
-    "@types/bn.js": "^5.1.0",
+    "@animo-id/expo-secure-environment": "^0.1.0-alpha.12",
+    "@openwallet-foundation/askar-nodejs": "^0.3.1",
+    "@openwallet-foundation/askar-shared": "^0.3.1",
     "@types/ref-array-di": "^1.2.6",
     "@types/ref-struct-di": "^1.1.10",
     "reflect-metadata": "^0.1.13",
     "rimraf": "^4.4.0",
     "typescript": "~5.5.2"
   },
   "peerDependencies": {
-    "@hyperledger/aries-askar-shared": "^0.2.3",
+    "@openwallet-foundation/askar-shared": "^0.3.1",
     "@animo-id/expo-secure-environment": "^0.1.0-alpha.11"
   },
   "peerDependenciesMeta": {

packages/askar/src/AskarModule.ts

@@ -2,7 +2,7 @@ import type { AskarModuleConfigOptions } from './AskarModuleConfig'
 import type { AgentContext, DependencyManager, Module } from '@credo-ts/core'
 
 import { CredoError, InjectionSymbols } from '@credo-ts/core'
-import { Store } from '@hyperledger/aries-askar-shared'
+import { Store } from '@openwallet-foundation/askar-shared'
 
 import { AskarMultiWalletDatabaseScheme, AskarModuleConfig } from './AskarModuleConfig'
 import { AskarStorageService } from './storage'

packages/askar/src/AskarModuleConfig.ts

@@ -1,4 +1,4 @@
-import type { AriesAskar } from '@hyperledger/aries-askar-shared'
+import type { Askar } from '@openwallet-foundation/askar-shared'
 
 export enum AskarMultiWalletDatabaseScheme {
   /**
@@ -18,14 +18,14 @@ export interface AskarModuleConfigOptions {
    * ## Node.JS
    *
    * ```ts
-   * import { ariesAskar } from '@hyperledger/aries-askar-nodejs'
+   * import { askar } from '@openwallet-foundation/askar-nodejs'
    *
    * const agent = new Agent({
    *  config: {},
    *  dependencies: agentDependencies,
    *  modules: {
-   *   ariesAskar: new AskarModule({
-   *      ariesAskar,
+   *   askar: new AskarModule({
+   *      askar,
    *   })
    *  }
    * })
@@ -34,20 +34,20 @@ export interface AskarModuleConfigOptions {
    * ## React Native
    *
    * ```ts
-   * import { ariesAskar } from '@hyperledger/aries-askar-react-native'
+   * import { askar } from '@openwallet-foundation/askar-react-native'
    *
    * const agent = new Agent({
    *  config: {},
    *  dependencies: agentDependencies,
    *  modules: {
-   *   ariesAskar: new AskarModule({
-   *      ariesAskar,
+   *   askar: new AskarModule({
+   *      askar,
    *   })
    *  }
    * })
    * ```
    */
-  ariesAskar: AriesAskar
+  askar: Askar
 
   /**
    * Determine the strategy for storing wallets if multiple wallets are used in a single agent.
@@ -70,9 +70,9 @@ export class AskarModuleConfig {
     this.options = options
   }
 
-  /** See {@link AskarModuleConfigOptions.ariesAskar} */
-  public get ariesAskar() {
-    return this.options.ariesAskar
+  /** See {@link AskarModuleConfigOptions.askar} */
+  public get askar() {
+    return this.options.askar
   }
 
   /** See {@link AskarModuleConfigOptions.multiWalletDatabaseScheme} */

packages/askar/src/secureEnvironment/secureEnvironment.ts

@@ -1,7 +1,7 @@
 export function importSecureEnvironment(): {
   sign: (id: string, message: Uint8Array) => Promise<Uint8Array>
-  getPublicBytesForKeyId: (id: string) => Uint8Array
-  generateKeypair: (id: string) => void
+  getPublicBytesForKeyId: (id: string) => Uint8Array | Promise<Uint8Array>
+  generateKeypair: (id: string) => void | Promise<Uint8Array>
 } {
   throw new Error(
     '@animo-id/expo-secure-environment cannot be imported in Node.js. Currently, there is no hardware key support for node.js'