From ad9e0fa9e6caace9556c40259ed0fc686cb0d8f2 Mon Sep 17 00:00:00 2001
From: Emmanouil Koukoularis <koukoularisman@gmail.com>
Date: Thu, 18 Dec 2025 14:05:42 +0200
Subject: [PATCH 1/2] support credential_request_encryption in
 OpenIDCredentialIssuerMetadata and minor improvementso on
 SupportedCredentialConfiguration schema

---
 src/schemas/CredentialConfigurationSupportedSchema.ts | 5 +----
 src/schemas/OpenidCredentialIssuerMetadataSchema.ts   | 8 ++++++++
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/src/schemas/CredentialConfigurationSupportedSchema.ts b/src/schemas/CredentialConfigurationSupportedSchema.ts
index 389b0b8..56d94a9 100644
--- a/src/schemas/CredentialConfigurationSupportedSchema.ts
+++ b/src/schemas/CredentialConfigurationSupportedSchema.ts
@@ -59,11 +59,8 @@ const msoDocSchema = commonSchema.extend({
 	doctype: z.string()
 });
 
-const otherFormatsSchema = commonSchema.extend({
-	format: z.string(),
-});
 
-export const CredentialConfigurationSupportedSchema = sdJwtSchema.or(msoDocSchema).or(otherFormatsSchema);
+export const CredentialConfigurationSupportedSchema = sdJwtSchema.or(msoDocSchema);
 
 export type CredentialConfigurationSupported = z.infer<typeof CredentialConfigurationSupportedSchema>;
 
diff --git a/src/schemas/OpenidCredentialIssuerMetadataSchema.ts b/src/schemas/OpenidCredentialIssuerMetadataSchema.ts
index 35915a6..f29f7fa 100644
--- a/src/schemas/OpenidCredentialIssuerMetadataSchema.ts
+++ b/src/schemas/OpenidCredentialIssuerMetadataSchema.ts
@@ -5,6 +5,14 @@ export const OpenidCredentialIssuerMetadataSchema = z.object({
 	credential_issuer: z.string(),
 	credential_endpoint: z.string(),
 	nonce_endpoint: z.string().optional(),
+	credential_request_encryption: z.object({
+		jwks: z.array(z.object({
+			kid: z.string(),
+		}).passthrough()).min(1),
+		enc_values_supported: z.array(z.string()).min(1),
+		zip_values_supported: z.array(z.string()).min(1).optional(),
+		encryption_required: z.boolean(),
+	}).optional(),
 	credential_response_encryption: z.object({
 		alg_values_supported: z.array(z.string()),
 		enc_values_supported: z.array(z.string()),

From d0b67bea564700f587e4b0c57ba1739295d32f7d Mon Sep 17 00:00:00 2001
From: Emmanouil Koukoularis <koukoularisman@gmail.com>
Date: Thu, 18 Dec 2025 14:14:27 +0200
Subject: [PATCH 2/2] according to new changes on schema,
 OpenidCredentialIssuerMetadataSchemaTest1.test.ts is expected to fail

---
 src/schemas/OpenidCredentialIssuerMetadataSchemaTest1.test.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/schemas/OpenidCredentialIssuerMetadataSchemaTest1.test.ts b/src/schemas/OpenidCredentialIssuerMetadataSchemaTest1.test.ts
index 33ec87a..005903b 100644
--- a/src/schemas/OpenidCredentialIssuerMetadataSchemaTest1.test.ts
+++ b/src/schemas/OpenidCredentialIssuerMetadataSchemaTest1.test.ts
@@ -2712,6 +2712,6 @@ describe("OpenidCredentialIssuerMetadataSchemaValera", () => {
 		if (res.error) {
 			console.dir(res.error, { depth: null });
 		}
-		assert(res.success === true);
+		assert(res.success === false);
 	})
 })