From 95eb0db28ae8391dde365c89475bbfcc52528324 Mon Sep 17 00:00:00 2001 From: Martin Auer Date: Tue, 8 Oct 2024 20:17:22 +0200 Subject: [PATCH] fix: some nits Signed-off-by: Martin Auer --- packages/core/package.json | 6 +- .../DifPresentationExchangeService.ts | 134 +++++++++--------- .../utils/credentialSelection.ts | 16 +-- packages/core/src/modules/mdoc/Mdoc.ts | 38 +++-- packages/core/src/modules/mdoc/MdocApi.ts | 6 +- packages/core/src/modules/mdoc/MdocContext.ts | 24 +++- .../src/modules/mdoc/MdocDeviceResponse.ts | 4 +- packages/core/src/modules/mdoc/MdocOptions.ts | 6 +- packages/core/src/modules/mdoc/MdocService.ts | 6 +- .../mdoc.deviceResponse.openid4vp.test.ts | 2 +- .../__tests__/mdoc.deviceResponse.test.ts | 2 +- .../mdoc/__tests__/mdoc.service.test.ts | 8 +- ...fPresentationExchangeProofFormatService.ts | 4 + .../OpenId4vcSiopHolderService.ts | 2 +- packages/openid4vc/src/shared/transform.ts | 2 +- pnpm-lock.yaml | 34 ++--- 16 files changed, 165 insertions(+), 129 deletions(-) diff --git a/packages/core/package.json b/packages/core/package.json index f33db3b5e..4a9fc5dcd 100644 --- a/packages/core/package.json +++ b/packages/core/package.json @@ -35,9 +35,9 @@ "@peculiar/asn1-schema": "^2.3.8", "@peculiar/asn1-x509": "^2.3.8", "@peculiar/x509": "^1.11.0", - "@protokoll/core": "0.2.26", - "@protokoll/crypto": "0.2.26", - "@protokoll/mdoc-client": "0.2.26", + "@protokoll/core": "0.2.27", + "@protokoll/crypto": "0.2.27", + "@protokoll/mdoc-client": "0.2.27", "@sd-jwt/core": "^0.7.0", "@sd-jwt/decode": "^0.7.0", "@sd-jwt/jwt-status-list": "^0.7.0", diff --git a/packages/core/src/modules/dif-presentation-exchange/DifPresentationExchangeService.ts b/packages/core/src/modules/dif-presentation-exchange/DifPresentationExchangeService.ts index ca4da4666..e2925a989 100644 --- a/packages/core/src/modules/dif-presentation-exchange/DifPresentationExchangeService.ts +++ b/packages/core/src/modules/dif-presentation-exchange/DifPresentationExchangeService.ts @@ -22,7 +22,7 @@ import type { W3CVerifiablePresentation, } from '@sphereon/ssi-types' -import { PEVersion, PEX, Status } from '@sphereon/pex' +import { PEVersion, PEX, PresentationSubmissionLocation, Status } from '@sphereon/pex' import { PartialSdJwtDecodedVerifiableCredential } from '@sphereon/pex/dist/main/lib' import { injectable } from 'tsyringe' @@ -197,7 +197,7 @@ export class DifPresentationExchangeService { const { deviceResponseBase64Url, presentationSubmission } = await MdocDeviceResponse.openId4Vp(agentContext, { mdocs: [Mdoc.fromBase64Url(mdocRecord.base64Url)], - presentationDefinition: presentationDefinition as DifPresentationExchangeDefinitionV2, + presentationDefinition: presentationDefinition, sessionTranscriptOptions: { ...openid4vp, }, @@ -211,81 +211,79 @@ export class DifPresentationExchangeService { }, claimFormat: presentationToCreate.claimFormat, }) + } else { + // Get all the credentials for the presentation + const credentialsForPresentation = presentationToCreate.verifiableCredentials.map((c) => + getSphereonOriginalVerifiableCredential(c.credential) + ) - continue - } - - // Get all the credentials for the presentation - const credentialsForPresentation = presentationToCreate.verifiableCredentials.map((c) => - getSphereonOriginalVerifiableCredential(c.credential) - ) - - const verifiablePresentationResult = await this.pex.verifiablePresentationFrom( - presentationDefinitionForSubject, - credentialsForPresentation, - this.getPresentationSignCallback(agentContext, presentationToCreate), - { - proofOptions: { - challenge, - domain, - }, - signatureOptions: {}, - presentationSubmissionLocation: - presentationSubmissionLocation ?? DifPresentationExchangeSubmissionLocation.PRESENTATION, - } - ) + const verifiablePresentationResult = await this.pex.verifiablePresentationFrom( + presentationDefinitionForSubject, + credentialsForPresentation, + this.getPresentationSignCallback(agentContext, presentationToCreate), + { + proofOptions: { + challenge, + domain, + }, + signatureOptions: {}, + presentationSubmissionLocation: + presentationSubmissionLocation ?? DifPresentationExchangeSubmissionLocation.PRESENTATION, + } + ) - verifiablePresentationResultsWithFormat.push({ - verifiablePresentationResult, - claimFormat: presentationToCreate.claimFormat, - }) - } + verifiablePresentationResultsWithFormat.push({ + verifiablePresentationResult, + claimFormat: presentationToCreate.claimFormat, + }) + } - if (verifiablePresentationResultsWithFormat.length === 0) { - throw new DifPresentationExchangeError('No verifiable presentations created') - } + if (verifiablePresentationResultsWithFormat.length === 0) { + throw new DifPresentationExchangeError('No verifiable presentations created') + } - if (presentationsToCreate.length !== verifiablePresentationResultsWithFormat.length) { - throw new DifPresentationExchangeError('Invalid amount of verifiable presentations created') - } + if (presentationsToCreate.length !== verifiablePresentationResultsWithFormat.length) { + throw new DifPresentationExchangeError('Invalid amount of verifiable presentations created') + } - const presentationSubmission: DifPresentationExchangeSubmission = { - id: verifiablePresentationResultsWithFormat[0].verifiablePresentationResult.presentationSubmission.id, - definition_id: - verifiablePresentationResultsWithFormat[0].verifiablePresentationResult.presentationSubmission.definition_id, - descriptor_map: [], - } + const presentationSubmission: DifPresentationExchangeSubmission = { + id: verifiablePresentationResultsWithFormat[0].verifiablePresentationResult.presentationSubmission.id, + definition_id: + verifiablePresentationResultsWithFormat[0].verifiablePresentationResult.presentationSubmission.definition_id, + descriptor_map: [], + } - verifiablePresentationResultsWithFormat.forEach(({ verifiablePresentationResult }, index) => { - const descriptorMap = verifiablePresentationResult.presentationSubmission.descriptor_map.map((d) => { - const descriptor = { ...d } - - // when multiple presentations are submitted, path should be $[0], $[1] - // FIXME: this should be addressed in the PEX/OID4VP lib. - // See https://github.com/Sphereon-Opensource/SIOP-OID4VP/issues/62 - if ( - presentationSubmissionLocation === DifPresentationExchangeSubmissionLocation.EXTERNAL && - verifiablePresentationResultsWithFormat.length > 1 - ) { - descriptor.path = `$[${index}]` - } + verifiablePresentationResultsWithFormat.forEach(({ verifiablePresentationResult }, index) => { + const descriptorMap = verifiablePresentationResult.presentationSubmission.descriptor_map.map((d) => { + const descriptor = { ...d } + + // when multiple presentations are submitted, path should be $[0], $[1] + // FIXME: this should be addressed in the PEX/OID4VP lib. + // See https://github.com/Sphereon-Opensource/SIOP-OID4VP/issues/62 + if ( + presentationSubmissionLocation === DifPresentationExchangeSubmissionLocation.EXTERNAL && + verifiablePresentationResultsWithFormat.length > 1 + ) { + descriptor.path = `$[${index}]` + } + + return descriptor + }) - return descriptor + presentationSubmission.descriptor_map.push(...descriptorMap) }) - presentationSubmission.descriptor_map.push(...descriptorMap) - }) - - return { - verifiablePresentations: verifiablePresentationResultsWithFormat.map((resultWithFormat) => - getVerifiablePresentationFromEncoded( - agentContext, - resultWithFormat.verifiablePresentationResult.verifiablePresentation - ) - ), - presentationSubmission, - presentationSubmissionLocation: - verifiablePresentationResultsWithFormat[0].verifiablePresentationResult.presentationSubmissionLocation, + return { + verifiablePresentations: verifiablePresentationResultsWithFormat.map((resultWithFormat) => + getVerifiablePresentationFromEncoded( + agentContext, + resultWithFormat.verifiablePresentationResult.verifiablePresentation + ) + ), + presentationSubmission, + presentationSubmissionLocation: + verifiablePresentationResultsWithFormat[0].verifiablePresentationResult.presentationSubmissionLocation, + } } } diff --git a/packages/core/src/modules/dif-presentation-exchange/utils/credentialSelection.ts b/packages/core/src/modules/dif-presentation-exchange/utils/credentialSelection.ts index 4d53f127d..38f798e79 100644 --- a/packages/core/src/modules/dif-presentation-exchange/utils/credentialSelection.ts +++ b/packages/core/src/modules/dif-presentation-exchange/utils/credentialSelection.ts @@ -31,8 +31,8 @@ export async function getCredentialsForRequest( credentialRecords: Array ): Promise { const encodedCredentials = credentialRecords - .filter((c) => c instanceof MdocRecord === false) - .map((c) => getSphereonOriginalVerifiableCredential(c as SdJwtVcRecord | W3cCredentialRecord)) + .filter((c): c is Exclude => c instanceof MdocRecord === false) + .map((c) => getSphereonOriginalVerifiableCredential(c)) const { mdocPresentationDefinition, nonMdocPresentationDefinition } = MdocDeviceResponse.partitionPresentationDefinition(presentationDefinition) @@ -41,12 +41,6 @@ export async function getCredentialsForRequest( const selectResults: CredentialRecordSelectResults = { ...selectResultsRaw, - areRequiredCredentialsPresent: - mdocPresentationDefinition.input_descriptors.length >= 1 - ? 'warn' // we don't know yet wheater the required credentials are present - : nonMdocPresentationDefinition.input_descriptors.length >= 1 - ? selectResultsRaw.areRequiredCredentialsPresent - : 'error', // Map the encoded credential to their respective w3c credential record verifiableCredential: selectResultsRaw.verifiableCredential?.map((selectedEncoded): SubmissionEntryCredential => { const credentialRecordIndex = encodedCredentials.findIndex((encoded) => { @@ -126,7 +120,11 @@ export async function getCredentialsForRequest( ) } - if (submissionRequirementMatch.vc_path.length >= 1) selectResults.matches.push(submissionRequirementMatch) + if (submissionRequirementMatch.vc_path.length >= 1) { + selectResults.matches.push(submissionRequirementMatch) + } else { + selectResultsRaw.areRequiredCredentialsPresent = 'error' + } } const presentationSubmission: DifPexCredentialsForRequest = { diff --git a/packages/core/src/modules/mdoc/Mdoc.ts b/packages/core/src/modules/mdoc/Mdoc.ts index d78754f74..182ea2e05 100644 --- a/packages/core/src/modules/mdoc/Mdoc.ts +++ b/packages/core/src/modules/mdoc/Mdoc.ts @@ -1,4 +1,4 @@ -import type { MdocCreateOptions, MdocNameSpaces, MdocVerifyOptions } from './MdocOptions' +import type { MdocSignOptions, MdocNameSpaces, MdocVerifyOptions } from './MdocOptions' import type { AgentContext } from '../../agent' import type { IssuerSignedDocument } from '@protokoll/mdoc-client' @@ -62,7 +62,7 @@ export class Mdoc { return this.issuerSignedDocument.allIssuerSignedNamespaces } - public static async create(agentContext: AgentContext, options: MdocCreateOptions) { + public static async sign(agentContext: AgentContext, options: MdocSignOptions) { const { docType, validityInfo, namespaces, holderPublicKey, issuerCertificate } = options const mdocContext = getMdocContext(agentContext) @@ -77,11 +77,30 @@ export class Mdoc { } const cert = X509Certificate.fromEncodedCertificate(issuerCertificate) - const issuerPrivateJwk = await getJwkFromKey(options.issuerKey ?? cert.publicKey) + const issuerKey = await getJwkFromKey(options.issuerKey ?? cert.publicKey) + + const alg = issuerKey.supportedSignatureAlgorithms.find( + (alg): alg is JwaSignatureAlgorithm.ES256 | JwaSignatureAlgorithm.ES384 | JwaSignatureAlgorithm.ES512 => { + return ( + alg === JwaSignatureAlgorithm.ES256 || + alg === JwaSignatureAlgorithm.ES384 || + alg === JwaSignatureAlgorithm.ES512 + ) + } + ) + + if (!alg) { + throw new MdocError( + `Cannot find a suitable JwaSignatureAlgorithm for signing the mdoc. Supported algorithms are 'ES256', 'ES384', 'ES512'. The issuer key supports: ${issuerKey.supportedSignatureAlgorithms.join( + ', ' + )}` + ) + } + const issuerSignedDocument = await document.sign( { - issuerPrivateKey: issuerPrivateJwk.toJson(), - alg: issuerPrivateJwk.supportedSignatureAlgorithms[0] as 'ES256' | 'ES384' | 'ES512' | 'EdDSA', + issuerPrivateKey: issuerKey.toJson(), + alg, issuerCertificate, kid: cert.publicKey.fingerprint, }, @@ -91,7 +110,10 @@ export class Mdoc { return new Mdoc(issuerSignedDocument) } - public async verify(agentContext: AgentContext, options?: MdocVerifyOptions): Promise { + public async verify( + agentContext: AgentContext, + options?: MdocVerifyOptions + ): Promise<{ isValid: true } | { isValid: false; error: string }> { const trustedCerts = options?.trustedCertificates ?? agentContext.dependencyManager.resolve(X509ModuleConfig).trustedCertificates @@ -113,9 +135,9 @@ export class Mdoc { ) await verifier.verifyData({ mdoc: this.issuerSignedDocument }, mdocContext) - return true + return { isValid: true } } catch (error) { - return false + return { isValid: false, error: error.message } } } } diff --git a/packages/core/src/modules/mdoc/MdocApi.ts b/packages/core/src/modules/mdoc/MdocApi.ts index 2287ed3ac..a9e71f302 100644 --- a/packages/core/src/modules/mdoc/MdocApi.ts +++ b/packages/core/src/modules/mdoc/MdocApi.ts @@ -1,4 +1,4 @@ -import type { MdocCreateOptions, MdocVerifyOptions } from './MdocOptions' +import type { MdocSignOptions, MdocVerifyOptions } from './MdocOptions' import type { MdocRecord } from './repository' import type { Query, QueryOptions } from '../../storage/StorageService' @@ -24,10 +24,10 @@ export class MdocApi { /** * Create a new Mdoc, with a spcific doctype, namespace, and validity info. * - * @param options {MdocCreateOptions} + * @param options {MdocSignOptions} * @returns {Promise} */ - public async create(options: MdocCreateOptions) { + public async create(options: MdocSignOptions) { return await this.mdocService.createMdoc(this.agentContext, options) } diff --git a/packages/core/src/modules/mdoc/MdocContext.ts b/packages/core/src/modules/mdoc/MdocContext.ts index 50271133e..ce50b862c 100644 --- a/packages/core/src/modules/mdoc/MdocContext.ts +++ b/packages/core/src/modules/mdoc/MdocContext.ts @@ -6,7 +6,7 @@ import { p256 } from '@noble/curves/p256' import { hkdf } from '@noble/hashes/hkdf' import { sha256 } from '@noble/hashes/sha2' import * as x509 from '@peculiar/x509' -import { exportJwk, importX509, verifyWithJwk } from '@protokoll/crypto' +import { exportJwk, importX509 } from '@protokoll/crypto' import { CredoWebCrypto, getJwkFromJson, Hasher } from '../../crypto' import { Buffer, TypedArrayEncoder } from '../../utils' @@ -54,8 +54,13 @@ export const getMdocContext = (agentContext: AgentContext): MdocContext => { }, verify: async (input) => { const { mac0, jwk, options } = input - const { data, signature, alg } = mac0.getRawVerificationData(options) - return await verifyWithJwk({ jwk, signature, data, alg }) + const { data, signature } = mac0.getRawVerificationData(options) + + return await agentContext.wallet.verify({ + key: getJwkFromJson(jwk as JwkJson).key, + data: Buffer.from(data), + signature: new Buffer(signature), + }) }, }, sign1: { @@ -69,8 +74,12 @@ export const getMdocContext = (agentContext: AgentContext): MdocContext => { }, verify: async (input) => { const { sign1, jwk, options } = input - const { data, signature, alg } = sign1.getRawVerificationData(options) - return await verifyWithJwk({ jwk, signature, data, alg, crypto }) + const { data, signature } = sign1.getRawVerificationData(options) + return await agentContext.wallet.verify({ + key: getJwkFromJson(jwk as JwkJson).key, + data: Buffer.from(data), + signature: new Buffer(signature), + }) }, }, }, @@ -82,6 +91,11 @@ export const getMdocContext = (agentContext: AgentContext): MdocContext => { return x509Certificate.getIssuerNameField(field) }, getPublicKey: async (input) => { + //const comp = X509Certificate.fromRawCertificate(input.certificate) + //const x = getJwkFromKey(comp.publicKey).toJson() + //////// eslint-disable-next-line @typescript-eslint/no-unused-vars + //return x + const certificate = new x509.X509Certificate(input.certificate) const key = await importX509({ x509: certificate.toString(), diff --git a/packages/core/src/modules/mdoc/MdocDeviceResponse.ts b/packages/core/src/modules/mdoc/MdocDeviceResponse.ts index 6f16ae5fa..eab94919d 100644 --- a/packages/core/src/modules/mdoc/MdocDeviceResponse.ts +++ b/packages/core/src/modules/mdoc/MdocDeviceResponse.ts @@ -16,6 +16,7 @@ import { import { getJwkFromKey } from '../../crypto/jose/jwk/transform' import { CredoError } from '../../error' +import { uuid } from '../../utils/uuid' import { X509Certificate } from '../x509/X509Certificate' import { X509ModuleConfig } from '../x509/X509ModuleConfig' @@ -136,7 +137,6 @@ export class MdocDeviceResponse { const publicDeviceJwk = COSEKey.import(deviceKeyInfo.deviceKey).toJWK() - deviceKeyInfo.deviceKey const deviceResponseBuilder = await DeviceResponse.from(mdoc) // eslint-disable-next-line @typescript-eslint/no-explicit-any .usingPresentationDefinition(presentationDefinition as any) @@ -152,7 +152,7 @@ export class MdocDeviceResponse { return { deviceResponseBase64Url: TypedArrayEncoder.toBase64URL(deviceResponseMdoc.encode()), presentationSubmission: MdocDeviceResponse.createPresentationSubmission({ - id: 'MdocPresentationSubmission ' + agentContext.wallet.generateNonce(), + id: 'MdocPresentationSubmission ' + uuid(), presentationDefinition, }), } diff --git a/packages/core/src/modules/mdoc/MdocOptions.ts b/packages/core/src/modules/mdoc/MdocOptions.ts index 29767f625..8a73a1391 100644 --- a/packages/core/src/modules/mdoc/MdocOptions.ts +++ b/packages/core/src/modules/mdoc/MdocOptions.ts @@ -1,6 +1,6 @@ import type { Mdoc } from './Mdoc' import type { Key } from '../../crypto/Key' -import type { DifPresentationExchangeDefinitionV2 } from '../dif-presentation-exchange' +import type { DifPresentationExchangeDefinition } from '../dif-presentation-exchange' import type { ValidityInfo, MdocNameSpaces } from '@protokoll/mdoc-client' export type { MdocNameSpaces } from '@protokoll/mdoc-client' @@ -19,7 +19,7 @@ export type MdocOpenId4VpSessionTranscriptOptions = { export type MdocDeviceResponseOpenId4VpOptions = { mdocs: [Mdoc, ...Mdoc[]] - presentationDefinition: DifPresentationExchangeDefinitionV2 + presentationDefinition: DifPresentationExchangeDefinition deviceNameSpaces?: MdocNameSpaces sessionTranscriptOptions: MdocOpenId4VpSessionTranscriptOptions } @@ -40,7 +40,7 @@ export type MdocDeviceResponseVerifyOptions = { now?: Date } -export type MdocCreateOptions = { +export type MdocSignOptions = { // eslint-disable-next-line @typescript-eslint/ban-types docType: 'org.iso.18013.5.1.mDL' | (string & {}) validityInfo?: Partial diff --git a/packages/core/src/modules/mdoc/MdocService.ts b/packages/core/src/modules/mdoc/MdocService.ts index 3e8d0f72e..df966f2b3 100644 --- a/packages/core/src/modules/mdoc/MdocService.ts +++ b/packages/core/src/modules/mdoc/MdocService.ts @@ -1,5 +1,5 @@ import type { - MdocCreateOptions, + MdocSignOptions, MdocDeviceResponseOpenId4VpOptions, MdocDeviceResponseVerifyOptions, MdocVerifyOptions, @@ -29,8 +29,8 @@ export class MdocService { return Mdoc.fromBase64Url(hexEncodedMdoc) } - public createMdoc(agentContext: AgentContext, options: MdocCreateOptions) { - return Mdoc.create(agentContext, options) + public createMdoc(agentContext: AgentContext, options: MdocSignOptions) { + return Mdoc.sign(agentContext, options) } public async verifyMdoc(agentContext: AgentContext, mdoc: Mdoc, options: MdocVerifyOptions) { diff --git a/packages/core/src/modules/mdoc/__tests__/mdoc.deviceResponse.openid4vp.test.ts b/packages/core/src/modules/mdoc/__tests__/mdoc.deviceResponse.openid4vp.test.ts index 4a44f79c1..6f0140d1f 100644 --- a/packages/core/src/modules/mdoc/__tests__/mdoc.deviceResponse.openid4vp.test.ts +++ b/packages/core/src/modules/mdoc/__tests__/mdoc.deviceResponse.openid4vp.test.ts @@ -142,7 +142,7 @@ describe('mdoc device-response openid4vp test', () => { // this is the ISSUER side { - mdoc = await Mdoc.create(agent.context, { + mdoc = await Mdoc.sign(agent.context, { docType: 'org.iso.18013.5.1.mDL', validityInfo: { signed: new Date('2023-10-24'), diff --git a/packages/core/src/modules/mdoc/__tests__/mdoc.deviceResponse.test.ts b/packages/core/src/modules/mdoc/__tests__/mdoc.deviceResponse.test.ts index 9a9fa4e82..5609c93ff 100644 --- a/packages/core/src/modules/mdoc/__tests__/mdoc.deviceResponse.test.ts +++ b/packages/core/src/modules/mdoc/__tests__/mdoc.deviceResponse.test.ts @@ -33,7 +33,7 @@ describe('mdoc device-response test', () => { const issuerCertificate = selfSignedCertificate.toString('pem') - const mdoc = await Mdoc.create(agent.context, { + const mdoc = await Mdoc.sign(agent.context, { docType: 'org.iso.18013.5.1.mDL', holderPublicKey: holderKey, namespaces: { diff --git a/packages/core/src/modules/mdoc/__tests__/mdoc.service.test.ts b/packages/core/src/modules/mdoc/__tests__/mdoc.service.test.ts index ea36c4bb1..c6cd67ae4 100644 --- a/packages/core/src/modules/mdoc/__tests__/mdoc.service.test.ts +++ b/packages/core/src/modules/mdoc/__tests__/mdoc.service.test.ts @@ -53,7 +53,7 @@ describe('mdoc service test', () => { const issuerCertificate = selfSignedCertificate.toString('pem') - const mdoc = await Mdoc.create(agentContext, { + const mdoc = await Mdoc.sign(agentContext, { docType: 'org.iso.18013.5.1.mDL', holderPublicKey: holderKey, namespaces: { @@ -77,10 +77,10 @@ describe('mdoc service test', () => { expect(() => mdoc.deviceSignedNamespaces).toThrow() - const res = await mdoc.verify(agentContext, { + const { isValid } = await mdoc.verify(agentContext, { trustedCertificates: [selfSignedCertificate.toString('base64')], }) - expect(res).toBeTruthy() + expect(isValid).toBeTruthy() }) test('can decode claims from namespaces', async () => { @@ -123,7 +123,7 @@ describe('mdoc service test', () => { test('can verify sprindFunkeTestVector Issuer Signed', async () => { const mdoc = Mdoc.fromBase64Url(sprindFunkeTestVectorBase64Url) const now = new Date('2024-08-12T14:50:42.124Z') - const isValid = await mdoc.verify(agentContext, { + const { isValid } = await mdoc.verify(agentContext, { trustedCertificates: [sprindFunkeX509TrustedCertificate], now, }) diff --git a/packages/core/src/modules/proofs/formats/dif-presentation-exchange/DifPresentationExchangeProofFormatService.ts b/packages/core/src/modules/proofs/formats/dif-presentation-exchange/DifPresentationExchangeProofFormatService.ts index 9ca916851..39dae088b 100644 --- a/packages/core/src/modules/proofs/formats/dif-presentation-exchange/DifPresentationExchangeProofFormatService.ts +++ b/packages/core/src/modules/proofs/formats/dif-presentation-exchange/DifPresentationExchangeProofFormatService.ts @@ -209,6 +209,10 @@ export class DifPresentationExchangeProofFormatService domain: options?.domain, }) + if (!presentation) { + throw new CredoError('Failed to create presentation for request.') + } + if (presentation.verifiablePresentations.length > 1) { throw new CredoError('Invalid amount of verifiable presentations. Only one is allowed.') } diff --git a/packages/openid4vc/src/openid4vc-holder/OpenId4vcSiopHolderService.ts b/packages/openid4vc/src/openid4vc-holder/OpenId4vcSiopHolderService.ts index 06e929269..5c7ccb748 100644 --- a/packages/openid4vc/src/openid4vc-holder/OpenId4vcSiopHolderService.ts +++ b/packages/openid4vc/src/openid4vc-holder/OpenId4vcSiopHolderService.ts @@ -116,7 +116,7 @@ export class OpenId4VcSiopHolderService { mdocGeneratedNonce: await agentContext.wallet.generateNonce(), responseUri: authorizationRequest.authorizationRequestPayload.response_uri ?? - authorizationRequest.authorizationRequestPayload.response_uri, + authorizationRequest.authorizationRequestPayload.request_uri, }, }) diff --git a/packages/openid4vc/src/shared/transform.ts b/packages/openid4vc/src/shared/transform.ts index 6e416322d..d73cfa638 100644 --- a/packages/openid4vc/src/shared/transform.ts +++ b/packages/openid4vc/src/shared/transform.ts @@ -46,7 +46,7 @@ export function getSphereonVerifiablePresentation( } else if (verifiablePresentation instanceof W3cJwtVerifiablePresentation) { return verifiablePresentation.serializedJwt } else if (verifiablePresentation instanceof MdocVerifiablePresentation) { - throw new CredoError('Mdoc verifiable credential is not yet supported.') + throw new CredoError('Mdoc verifiable presentation is not yet supported.') } else { return verifiablePresentation.compact } diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index ed95e2ff1..8b3c4a2fd 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -433,14 +433,14 @@ importers: specifier: ^1.11.0 version: 1.12.1 '@protokoll/core': - specifier: 0.2.26 - version: 0.2.26(typescript@5.5.4) + specifier: 0.2.27 + version: 0.2.27(typescript@5.5.4) '@protokoll/crypto': - specifier: 0.2.26 - version: 0.2.26(typescript@5.5.4) + specifier: 0.2.27 + version: 0.2.27(typescript@5.5.4) '@protokoll/mdoc-client': - specifier: 0.2.26 - version: 0.2.26(typescript@5.5.4) + specifier: 0.2.27 + version: 0.2.27(typescript@5.5.4) '@sd-jwt/core': specifier: ^0.7.0 version: 0.7.2 @@ -2335,14 +2335,14 @@ packages: '@protobufjs/utf8@1.1.0': resolution: {integrity: sha512-Vvn3zZrhQZkkBE8LSuW3em98c0FwgO4nxzv6OdSxPKJIEKY2bGbHn+mhGIPerzI4twdxaP8/0+06HBpwf345Lw==} - '@protokoll/core@0.2.26': - resolution: {integrity: sha512-mZeFrBKBvjS++c/ooi0sI0yN/RlgrJKWIfSz4QJMmUKBlRpGvGVF6UPxlDWKBZwkxZAAWLoW/GzMg20gPKqW5g==} + '@protokoll/core@0.2.27': + resolution: {integrity: sha512-9+SOTmrehKxfb3UJBleplC8tZ99TBZDCqgB54L9JAsApqJqSRVhU/kTm4XWknn7pG5Sq4oUtQifo4Eo2nrmOhw==} - '@protokoll/crypto@0.2.26': - resolution: {integrity: sha512-CpJm0n7QvwITwOUa+E0jiiv2KayAAOOrW6bufZ1XIdxED7v2+0zQh/Li5hJip1N13T3YZpyYDX8qonE6e1ZXVA==} + '@protokoll/crypto@0.2.27': + resolution: {integrity: sha512-dIp5t7T5muW+G0leFNC80ra8VCXOnQNebQ9bIGuwskrzdEdY4KS2ZrljaQIu61fKx/YBFLhHkM3TO0hgrATlSg==} - '@protokoll/mdoc-client@0.2.26': - resolution: {integrity: sha512-LN7Rk5UWtD6VHl7jLh/Qlsa3XPssfypJ8tzIEjOnRtDxLO5I1RrFWdcZgT4IMcJRswTx0MheIQ1+jSayjGo/7w==} + '@protokoll/mdoc-client@0.2.27': + resolution: {integrity: sha512-1z7ZLVgsInGsFW8b+VhhLGZR0rS8emZxXfRTkcZTyePSSpQilT4IoINBTfUeNMj47ANqkMBsgHmZs9UEKNSYSQ==} '@react-native-community/cli-clean@10.1.1': resolution: {integrity: sha512-iNsrjzjIRv9yb5y309SWJ8NDHdwYtnCpmxZouQDyOljUdC9MwdZ4ChbtA4rwQyAwgOVfS9F/j56ML3Cslmvrxg==} @@ -9931,7 +9931,7 @@ snapshots: '@protobufjs/utf8@1.1.0': {} - '@protokoll/core@0.2.26(typescript@5.5.4)': + '@protokoll/core@0.2.27(typescript@5.5.4)': dependencies: '@credo-ts/core': link:packages/core jwt-decode: 4.0.0 @@ -9939,17 +9939,17 @@ snapshots: transitivePeerDependencies: - typescript - '@protokoll/crypto@0.2.26(typescript@5.5.4)': + '@protokoll/crypto@0.2.27(typescript@5.5.4)': dependencies: - '@protokoll/core': 0.2.26(typescript@5.5.4) + '@protokoll/core': 0.2.27(typescript@5.5.4) valibot: 0.37.0(typescript@5.5.4) transitivePeerDependencies: - typescript - '@protokoll/mdoc-client@0.2.26(typescript@5.5.4)': + '@protokoll/mdoc-client@0.2.27(typescript@5.5.4)': dependencies: '@jfromaniello/typedmap': 1.4.0 - '@protokoll/core': 0.2.26(typescript@5.5.4) + '@protokoll/core': 0.2.27(typescript@5.5.4) cbor-x: 1.6.0 compare-versions: 6.1.1 transitivePeerDependencies: