GitLab

The URL to the server to which issuance records and revocation commands are sent now no longer needs to be put in the scheme, and may thus be kept private to the issuer. Instead multiple URLs are now in the scheme, which are only required to host revocation records for irmaclients and requestors to update their revocation state.

feat: Breaking change: support conjunctions of disjunctions of conjunctions when requesting attributes in any of the three supported session types

Instead of requesting several attributes, one can now request several groups of attributes. Within each such group, attributes belonging to the same credential type always come from the same credential instance. This affects all three session types, as in each of them attributes can be disclosed.

When parsing irma_configuration, we now check the timestamp of each scheme manager to decide if that manager must be copied out of the assets into storage, instead of the (scheme manager-transcending) file irma_configuration/timestamp.

Attributes may now also remotely be made optional.

Authenticity of the scheme manager files in the irma_configuration
folder is now checked as follows.
Each scheme manager must henceforth include three new files in its
root folder: index, index.sig, and pk.pem. index lists all files
under this manager as well as their SHA256-hash. index.sig is a
ECDSA signature over index, signed with the private key corresponding
to the public key pk.pem. Thus, a file under the scheme manager
is authenticated if its hash matches the one in the index file,
and if the signature over the index file is valid.

Authenticity of all xml files, including the Idemix public keys,
is verified in this way automatically when these files are loaded.
For issuer and credential logos, use Configuration.ReadAuthenticatedFile.