@pagopa/io-react-native-wallet 1.5.0 → 1.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/commonjs/credential/issuance/07-verify-and-parse-credential.js +33 -21
- package/lib/commonjs/credential/issuance/07-verify-and-parse-credential.js.map +1 -1
- package/lib/commonjs/credential/presentation/07-evaluate-input-descriptor.js +192 -58
- package/lib/commonjs/credential/presentation/07-evaluate-input-descriptor.js.map +1 -1
- package/lib/commonjs/credential/presentation/08-send-authorization-response.js +32 -15
- package/lib/commonjs/credential/presentation/08-send-authorization-response.js.map +1 -1
- package/lib/commonjs/credential/presentation/types.js +1 -1
- package/lib/commonjs/credential/presentation/types.js.map +1 -1
- package/lib/commonjs/entity/trust/chain.js.map +1 -1
- package/lib/commonjs/mdoc/index.js +45 -13
- package/lib/commonjs/mdoc/index.js.map +1 -1
- package/lib/commonjs/utils/crypto.js +70 -4
- package/lib/commonjs/utils/crypto.js.map +1 -1
- package/lib/commonjs/utils/string.js +4 -4
- package/lib/commonjs/utils/string.js.map +1 -1
- package/lib/module/credential/issuance/07-verify-and-parse-credential.js +33 -21
- package/lib/module/credential/issuance/07-verify-and-parse-credential.js.map +1 -1
- package/lib/module/credential/presentation/07-evaluate-input-descriptor.js +186 -55
- package/lib/module/credential/presentation/07-evaluate-input-descriptor.js.map +1 -1
- package/lib/module/credential/presentation/08-send-authorization-response.js +32 -15
- package/lib/module/credential/presentation/08-send-authorization-response.js.map +1 -1
- package/lib/module/credential/presentation/types.js +1 -1
- package/lib/module/credential/presentation/types.js.map +1 -1
- package/lib/module/entity/trust/chain.js.map +1 -1
- package/lib/module/mdoc/index.js +43 -12
- package/lib/module/mdoc/index.js.map +1 -1
- package/lib/module/utils/crypto.js +67 -2
- package/lib/module/utils/crypto.js.map +1 -1
- package/lib/module/utils/string.js +4 -4
- package/lib/module/utils/string.js.map +1 -1
- package/lib/typescript/credential/issuance/07-verify-and-parse-credential.d.ts +1 -1
- package/lib/typescript/credential/issuance/07-verify-and-parse-credential.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/07-evaluate-input-descriptor.d.ts +49 -13
- package/lib/typescript/credential/presentation/07-evaluate-input-descriptor.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/08-send-authorization-response.d.ts +3 -2
- package/lib/typescript/credential/presentation/08-send-authorization-response.d.ts.map +1 -1
- package/lib/typescript/credential/presentation/types.d.ts +10 -7
- package/lib/typescript/credential/presentation/types.d.ts.map +1 -1
- package/lib/typescript/entity/trust/chain.d.ts.map +1 -1
- package/lib/typescript/mdoc/index.d.ts +6 -2
- package/lib/typescript/mdoc/index.d.ts.map +1 -1
- package/lib/typescript/utils/crypto.d.ts +8 -0
- package/lib/typescript/utils/crypto.d.ts.map +1 -1
- package/lib/typescript/utils/errors.d.ts.map +1 -1
- package/lib/typescript/utils/misc.d.ts.map +1 -1
- package/lib/typescript/utils/string.d.ts +3 -3
- package/lib/typescript/utils/string.d.ts.map +1 -1
- package/package.json +14 -12
- package/src/credential/issuance/07-verify-and-parse-credential.ts +37 -16
- package/src/credential/presentation/07-evaluate-input-descriptor.ts +278 -97
- package/src/credential/presentation/08-send-authorization-response.ts +35 -25
- package/src/credential/presentation/types.ts +9 -6
- package/src/entity/trust/chain.ts +14 -10
- package/src/mdoc/index.ts +72 -15
- package/src/utils/crypto.ts +61 -2
- package/src/utils/errors.ts +2 -2
- package/src/utils/misc.ts +2 -2
- package/src/utils/string.ts +4 -4
|
@@ -9,6 +9,7 @@ var _reactNativeUuid = _interopRequireDefault(require("react-native-uuid"));
|
|
|
9
9
|
var _errors = require("./errors");
|
|
10
10
|
var _misc = require("../../utils/misc");
|
|
11
11
|
var z = _interopRequireWildcard(require("zod"));
|
|
12
|
+
var _jsBase = require("js-base64");
|
|
12
13
|
function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
|
|
13
14
|
function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
|
|
14
15
|
function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
|
|
@@ -51,7 +52,9 @@ const choosePublicKeyToEncrypt = rpJwkKeys => {
|
|
|
51
52
|
exports.choosePublicKeyToEncrypt = choosePublicKeyToEncrypt;
|
|
52
53
|
const buildDirectPostBody = async (requestObject, payload) => {
|
|
53
54
|
const formUrlEncodedBody = new URLSearchParams({
|
|
54
|
-
|
|
55
|
+
...(requestObject.state ? {
|
|
56
|
+
state: requestObject.state
|
|
57
|
+
} : {}),
|
|
55
58
|
...Object.fromEntries(Object.entries(payload).map(_ref => {
|
|
56
59
|
let [key, value] = _ref;
|
|
57
60
|
return [key, Array.isArray(value) || typeof value === "object" ? JSON.stringify(value) : value];
|
|
@@ -66,11 +69,12 @@ const buildDirectPostBody = async (requestObject, payload) => {
|
|
|
66
69
|
* @param jwkKeys - Array of JWKs from the Relying Party for encryption.
|
|
67
70
|
* @param requestObject - Contains state, nonce, and other relevant info.
|
|
68
71
|
* @param payload - Object that contains either the VP token to encrypt and the mapping of the credential disclosures or the error code
|
|
72
|
+
* @param generatedNonce - Optional nonce for the `apu` claim in the JWE header, it is used during ISO 18013-7.
|
|
69
73
|
* @returns A URL-encoded string for an `application/x-www-form-urlencoded` POST body,
|
|
70
74
|
* where `response` contains the encrypted JWE.
|
|
71
75
|
*/
|
|
72
76
|
exports.buildDirectPostBody = buildDirectPostBody;
|
|
73
|
-
const buildDirectPostJwtBody = async (jwkKeys, requestObject, payload) => {
|
|
77
|
+
const buildDirectPostJwtBody = async (jwkKeys, requestObject, payload, generatedNonce) => {
|
|
74
78
|
// Prepare the authorization response payload to be encrypted
|
|
75
79
|
const authzResponsePayload = JSON.stringify({
|
|
76
80
|
state: requestObject.state,
|
|
@@ -79,7 +83,6 @@ const buildDirectPostJwtBody = async (jwkKeys, requestObject, payload) => {
|
|
|
79
83
|
|
|
80
84
|
// Choose a suitable RSA public key for encryption
|
|
81
85
|
const encPublicJwk = choosePublicKeyToEncrypt(jwkKeys);
|
|
82
|
-
|
|
83
86
|
// Encrypt the authorization payload
|
|
84
87
|
const {
|
|
85
88
|
client_metadata
|
|
@@ -87,13 +90,20 @@ const buildDirectPostJwtBody = async (jwkKeys, requestObject, payload) => {
|
|
|
87
90
|
const encryptedResponse = await new _ioReactNativeJwt.EncryptJwe(authzResponsePayload, {
|
|
88
91
|
alg: (client_metadata === null || client_metadata === void 0 ? void 0 : client_metadata.authorization_encrypted_response_alg) || "RSA-OAEP-256",
|
|
89
92
|
enc: (client_metadata === null || client_metadata === void 0 ? void 0 : client_metadata.authorization_encrypted_response_enc) || "A256CBC-HS512",
|
|
90
|
-
kid: encPublicJwk.kid
|
|
93
|
+
kid: encPublicJwk.kid,
|
|
94
|
+
/* ISO 18013-7 */
|
|
95
|
+
apv: _jsBase.Base64.encodeURI(requestObject.nonce),
|
|
96
|
+
...(generatedNonce ? {
|
|
97
|
+
apu: _jsBase.Base64.encodeURI(generatedNonce)
|
|
98
|
+
} : {})
|
|
91
99
|
}).encrypt(encPublicJwk);
|
|
92
100
|
|
|
93
101
|
// Build the x-www-form-urlencoded form body
|
|
94
102
|
const formBody = new URLSearchParams({
|
|
95
103
|
response: encryptedResponse,
|
|
96
|
-
|
|
104
|
+
...(requestObject.state ? {
|
|
105
|
+
state: requestObject.state
|
|
106
|
+
} : {})
|
|
97
107
|
});
|
|
98
108
|
return formBody.toString();
|
|
99
109
|
};
|
|
@@ -114,21 +124,25 @@ exports.buildDirectPostJwtBody = buildDirectPostJwtBody;
|
|
|
114
124
|
* @param context - Contains optional custom fetch implementation.
|
|
115
125
|
* @returns Parsed and validated authorization response from the Relying Party.
|
|
116
126
|
*/
|
|
117
|
-
const sendAuthorizationResponse = async function (requestObject, presentationDefinitionId, jwkKeys,
|
|
118
|
-
var
|
|
127
|
+
const sendAuthorizationResponse = async function (requestObject, presentationDefinitionId, jwkKeys, remotePresentation) {
|
|
128
|
+
var _presentations$;
|
|
119
129
|
let {
|
|
120
130
|
appFetch = fetch
|
|
121
131
|
} = arguments.length > 4 && arguments[4] !== undefined ? arguments[4] : {};
|
|
132
|
+
const {
|
|
133
|
+
generatedNonce,
|
|
134
|
+
presentations
|
|
135
|
+
} = remotePresentation;
|
|
122
136
|
/**
|
|
123
137
|
* 1. Prepare the VP token and presentation submission
|
|
124
138
|
* If there is only one credential, `vpToken` is a single string.
|
|
125
139
|
* If there are multiple credential, `vpToken` is an array of string.
|
|
126
140
|
**/
|
|
127
|
-
const vp_token = (
|
|
128
|
-
const descriptor_map =
|
|
129
|
-
id:
|
|
130
|
-
path:
|
|
131
|
-
format:
|
|
141
|
+
const vp_token = (presentations === null || presentations === void 0 ? void 0 : presentations.length) === 1 ? (_presentations$ = presentations[0]) === null || _presentations$ === void 0 ? void 0 : _presentations$.vpToken : presentations.map(presentation => presentation.vpToken);
|
|
142
|
+
const descriptor_map = presentations.map((presentation, index) => ({
|
|
143
|
+
id: presentation.inputDescriptor.id,
|
|
144
|
+
path: (presentations === null || presentations === void 0 ? void 0 : presentations.length) === 1 ? `$` : `$[${index}]`,
|
|
145
|
+
format: presentation.format
|
|
132
146
|
}));
|
|
133
147
|
const presentation_submission = {
|
|
134
148
|
id: _reactNativeUuid.default.v4(),
|
|
@@ -140,19 +154,22 @@ const sendAuthorizationResponse = async function (requestObject, presentationDef
|
|
|
140
154
|
const requestBody = requestObject.response_mode === "direct_post.jwt" ? await buildDirectPostJwtBody(jwkKeys, requestObject, {
|
|
141
155
|
vp_token,
|
|
142
156
|
presentation_submission
|
|
143
|
-
}) : await buildDirectPostBody(requestObject, {
|
|
157
|
+
}, generatedNonce) : await buildDirectPostBody(requestObject, {
|
|
144
158
|
vp_token,
|
|
145
159
|
presentation_submission: presentation_submission
|
|
146
160
|
});
|
|
147
161
|
|
|
148
162
|
// 3. Send the authorization response via HTTP POST and validate the response
|
|
149
|
-
|
|
163
|
+
const authResponse = await appFetch(requestObject.response_uri, {
|
|
150
164
|
method: "POST",
|
|
151
165
|
headers: {
|
|
152
166
|
"Content-Type": "application/x-www-form-urlencoded"
|
|
153
167
|
},
|
|
154
168
|
body: requestBody
|
|
155
|
-
}).then((0, _misc.hasStatusOrThrow)(200)).then(res => res.json()).then(AuthorizationResponse.
|
|
169
|
+
}).then((0, _misc.hasStatusOrThrow)(200)).then(res => res.json()).then(AuthorizationResponse.safeParse);
|
|
170
|
+
|
|
171
|
+
// Some Relying Parties may return an empty body.
|
|
172
|
+
return authResponse.success ? authResponse.data : {};
|
|
156
173
|
};
|
|
157
174
|
|
|
158
175
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_ioReactNativeJwt","require","_reactNativeUuid","_interopRequireDefault","_errors","_misc","z","_interopRequireWildcard","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","AuthorizationResponse","object","status","string","optional","response_code","redirect_uri","exports","choosePublicKeyToEncrypt","rpJwkKeys","encKey","filter","jwk","use","NoSuitableKeysFoundInEntityConfiguration","buildDirectPostBody","requestObject","payload","formUrlEncodedBody","URLSearchParams","state","fromEntries","entries","map","_ref","value","Array","isArray","JSON","stringify","toString","buildDirectPostJwtBody","jwkKeys","authzResponsePayload","encPublicJwk","client_metadata","encryptedResponse","EncryptJwe","alg","authorization_encrypted_response_alg","enc","authorization_encrypted_response_enc","kid","encrypt","formBody","response","sendAuthorizationResponse","presentationDefinitionId","
|
|
1
|
+
{"version":3,"names":["_ioReactNativeJwt","require","_reactNativeUuid","_interopRequireDefault","_errors","_misc","z","_interopRequireWildcard","_jsBase","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","AuthorizationResponse","object","status","string","optional","response_code","redirect_uri","exports","choosePublicKeyToEncrypt","rpJwkKeys","encKey","filter","jwk","use","NoSuitableKeysFoundInEntityConfiguration","buildDirectPostBody","requestObject","payload","formUrlEncodedBody","URLSearchParams","state","fromEntries","entries","map","_ref","value","Array","isArray","JSON","stringify","toString","buildDirectPostJwtBody","jwkKeys","generatedNonce","authzResponsePayload","encPublicJwk","client_metadata","encryptedResponse","EncryptJwe","alg","authorization_encrypted_response_alg","enc","authorization_encrypted_response_enc","kid","apv","Base64","encodeURI","nonce","apu","encrypt","formBody","response","sendAuthorizationResponse","presentationDefinitionId","remotePresentation","_presentations$","appFetch","fetch","arguments","length","undefined","presentations","vp_token","vpToken","presentation","descriptor_map","index","id","inputDescriptor","path","format","presentation_submission","uuid","v4","definition_id","requestBody","response_mode","authResponse","response_uri","method","headers","body","then","hasStatusOrThrow","res","json","safeParse","success","data","sendAuthorizationErrorResponse","error","parse"],"sourceRoot":"../../../../src","sources":["credential/presentation/08-send-authorization-response.ts"],"mappings":";;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AACA,IAAAC,gBAAA,GAAAC,sBAAA,CAAAF,OAAA;AAGA,IAAAG,OAAA,GAAAH,OAAA;AACA,IAAAI,KAAA,GAAAJ,OAAA;AAMA,IAAAK,CAAA,GAAAC,uBAAA,CAAAN,OAAA;AAEA,IAAAO,OAAA,GAAAP,OAAA;AAAmC,SAAAQ,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAH,wBAAAO,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAAA,SAAAjB,uBAAAW,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAG5B,MAAMiB,qBAAqB,GAAGzB,CAAC,CAAC0B,MAAM,CAAC;EAC5CC,MAAM,EAAE3B,CAAC,CAAC4B,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC,CAAC;EAC7BC,aAAa,EAAE9B,CAAC,CACb4B,MAAM,CAAC,CAAC,CAAC;AACd;AACA;AACA;AACA,8BAJc,CAKTC,QAAQ,CAAC,CAAC;EACbE,YAAY,EAAE/B,CAAC,CAAC4B,MAAM,CAAC,CAAC,CAACC,QAAQ,CAAC;AACpC,CAAC,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAPAG,OAAA,CAAAP,qBAAA,GAAAA,qBAAA;AAQO,MAAMQ,wBAAwB,GACnCC,SAAiC,IACzB;EACR,MAAM,CAACC,MAAM,CAAC,GAAGD,SAAS,CAACE,MAAM,CAAEC,GAAG,IAAKA,GAAG,CAACC,GAAG,KAAK,KAAK,CAAC;EAE7D,IAAIH,MAAM,EAAE;IACV,OAAOA,MAAM;EACf;;EAEA;EACA,MAAM,IAAII,gDAAwC,CAChD,8CACF,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AANAP,OAAA,CAAAC,wBAAA,GAAAA,wBAAA;AAOO,MAAMO,mBAAmB,GAAG,MAAAA,CACjCC,aAAiE,EACjEC,OAAuC,KACnB;EACpB,MAAMC,kBAAkB,GAAG,IAAIC,eAAe,CAAC;IAC7C,IAAIH,aAAa,CAACI,KAAK,GAAG;MAAEA,KAAK,EAAEJ,aAAa,CAACI;IAAM,CAAC,GAAG,CAAC,CAAC,CAAC;IAC9D,GAAG7B,MAAM,CAAC8B,WAAW,CACnB9B,MAAM,CAAC+B,OAAO,CAACL,OAAO,CAAC,CAACM,GAAG,CAACC,IAAA,IAAkB;MAAA,IAAjB,CAAC9B,GAAG,EAAE+B,KAAK,CAAC,GAAAD,IAAA;MACvC,OAAO,CACL9B,GAAG,EACHgC,KAAK,CAACC,OAAO,CAACF,KAAK,CAAC,IAAI,OAAOA,KAAK,KAAK,QAAQ,GAC7CG,IAAI,CAACC,SAAS,CAACJ,KAAK,CAAC,GACrBA,KAAK,CACV;IACH,CAAC,CACH;EACF,CAAC,CAAC;EAEF,OAAOP,kBAAkB,CAACY,QAAQ,CAAC,CAAC;AACtC,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AATAvB,OAAA,CAAAQ,mBAAA,GAAAA,mBAAA;AAUO,MAAMgB,sBAAsB,GAAG,MAAAA,CACpCC,OAA+B,EAC/BhB,aAAiE,EACjEC,OAAuC,EACvCgB,cAAuB,KACH;EACpB;EACA,MAAMC,oBAAoB,GAAGN,IAAI,CAACC,SAAS,CAAC;IAC1CT,KAAK,EAAEJ,aAAa,CAACI,KAAK;IAC1B,GAAGH;EACL,CAAC,CAAC;;EAEF;EACA,MAAMkB,YAAY,GAAG3B,wBAAwB,CAACwB,OAAO,CAAC;EACtD;EACA,MAAM;IAAEI;EAAgB,CAAC,GAAGpB,aAAa;EACzC,MAAMqB,iBAAiB,GAAG,MAAM,IAAIC,4BAAU,CAACJ,oBAAoB,EAAE;IACnEK,GAAG,EACD,CAACH,eAAe,aAAfA,eAAe,uBAAfA,eAAe,CAAEI,oCAAoC,KAEnC,cAAc;IACnCC,GAAG,EACD,CAACL,eAAe,aAAfA,eAAe,uBAAfA,eAAe,CAAEM,oCAAoC,KAE9B,eAAe;IACzCC,GAAG,EAAER,YAAY,CAACQ,GAAG;IACrB;IACAC,GAAG,EAAEC,cAAM,CAACC,SAAS,CAAC9B,aAAa,CAAC+B,KAAK,CAAC;IAC1C,IAAId,cAAc,GAAG;MAAEe,GAAG,EAAEH,cAAM,CAACC,SAAS,CAACb,cAAc;IAAE,CAAC,GAAG,CAAC,CAAC;EACrE,CAAC,CAAC,CAACgB,OAAO,CAACd,YAAY,CAAC;;EAExB;EACA,MAAMe,QAAQ,GAAG,IAAI/B,eAAe,CAAC;IACnCgC,QAAQ,EAAEd,iBAAiB;IAC3B,IAAIrB,aAAa,CAACI,KAAK,GAAG;MAAEA,KAAK,EAAEJ,aAAa,CAACI;IAAM,CAAC,GAAG,CAAC,CAAC;EAC/D,CAAC,CAAC;EACF,OAAO8B,QAAQ,CAACpB,QAAQ,CAAC,CAAC;AAC5B,CAAC;;AAED;AACA;AACA;AACA;AAHAvB,OAAA,CAAAwB,sBAAA,GAAAA,sBAAA;AAcA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMqB,yBAAoD,GAAG,eAAAA,CAClEpC,aAAa,EACbqC,wBAAwB,EACxBrB,OAAO,EACPsB,kBAAkB,EAEiB;EAAA,IAAAC,eAAA;EAAA,IADnC;IAAEC,QAAQ,GAAGC;EAAM,CAAC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEzB,MAAM;IAAEzB,cAAc;IAAE4B;EAAc,CAAC,GAAGP,kBAAkB;EAC5D;AACF;AACA;AACA;AACA;EACE,MAAMQ,QAAQ,GACZ,CAAAD,aAAa,aAAbA,aAAa,uBAAbA,aAAa,CAAEF,MAAM,MAAK,CAAC,IAAAJ,eAAA,GACvBM,aAAa,CAAC,CAAC,CAAC,cAAAN,eAAA,uBAAhBA,eAAA,CAAkBQ,OAAO,GACzBF,aAAa,CAACtC,GAAG,CAAEyC,YAAY,IAAKA,YAAY,CAACD,OAAO,CAAC;EAE/D,MAAME,cAAc,GAAGJ,aAAa,CAACtC,GAAG,CAAC,CAACyC,YAAY,EAAEE,KAAK,MAAM;IACjEC,EAAE,EAAEH,YAAY,CAACI,eAAe,CAACD,EAAE;IACnCE,IAAI,EAAE,CAAAR,aAAa,aAAbA,aAAa,uBAAbA,aAAa,CAAEF,MAAM,MAAK,CAAC,GAAI,GAAE,GAAI,KAAIO,KAAM,GAAE;IACvDI,MAAM,EAAEN,YAAY,CAACM;EACvB,CAAC,CAAC,CAAC;EAEH,MAAMC,uBAAuB,GAAG;IAC9BJ,EAAE,EAAEK,wBAAI,CAACC,EAAE,CAAC,CAAC;IACbC,aAAa,EAAErB,wBAAwB;IACvCY;EACF,CAAC;;EAED;EACA,MAAMU,WAAW,GACf3D,aAAa,CAAC4D,aAAa,KAAK,iBAAiB,GAC7C,MAAM7C,sBAAsB,CAC1BC,OAAO,EACPhB,aAAa,EACb;IACE8C,QAAQ;IACRS;EACF,CAAC,EACDtC,cACF,CAAC,GACD,MAAMlB,mBAAmB,CAACC,aAAa,EAAE;IACvC8C,QAAQ;IACRS,uBAAuB,EAAEA;EAC3B,CAAC,CAAC;;EAER;EACA,MAAMM,YAAY,GAAG,MAAMrB,QAAQ,CAACxC,aAAa,CAAC8D,YAAY,EAAE;IAC9DC,MAAM,EAAE,MAAM;IACdC,OAAO,EAAE;MACP,cAAc,EAAE;IAClB,CAAC;IACDC,IAAI,EAAEN;EACR,CAAC,CAAC,CACCO,IAAI,CAAC,IAAAC,sBAAgB,EAAC,GAAG,CAAC,CAAC,CAC3BD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAAClF,qBAAqB,CAACsF,SAAS,CAAC;;EAExC;EACA,OAAOT,YAAY,CAACU,OAAO,GAAGV,YAAY,CAACW,IAAI,GAAG,CAAC,CAAC;AACtD,CAAC;;AAED;AACA;AACA;AACA;AAHAjF,OAAA,CAAA6C,yBAAA,GAAAA,yBAAA;AAaA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMqC,8BAA8D,GACzE,eAAAA,CACEzE,aAAa,EACb0E,KAAK,EACL1D,OAAO,EAE4B;EAAA,IADnC;IAAEwB,QAAQ,GAAGC;EAAM,CAAC,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,CAAC,CAAC;EAEzB;EACA,MAAMiB,WAAW,GACf3D,aAAa,CAAC4D,aAAa,KAAK,iBAAiB,GAC7C,MAAM7C,sBAAsB,CAACC,OAAO,EAAEhB,aAAa,EAAE;IAAE0E;EAAM,CAAC,CAAC,GAC/D,MAAM3E,mBAAmB,CAACC,aAAa,EAAE;IAAE0E;EAAM,CAAC,CAAC;EACzD;EACA,OAAO,MAAMlC,QAAQ,CAACxC,aAAa,CAAC8D,YAAY,EAAE;IAChDC,MAAM,EAAE,MAAM;IACdC,OAAO,EAAE;MACP,cAAc,EAAE;IAClB,CAAC;IACDC,IAAI,EAAEN;EACR,CAAC,CAAC,CACCO,IAAI,CAAC,IAAAC,sBAAgB,EAAC,GAAG,CAAC,CAAC,CAC3BD,IAAI,CAAEE,GAAG,IAAKA,GAAG,CAACC,IAAI,CAAC,CAAC,CAAC,CACzBH,IAAI,CAAClF,qBAAqB,CAAC2F,KAAK,CAAC;AACtC,CAAC;AAACpF,OAAA,CAAAkF,8BAAA,GAAAA,8BAAA"}
|
|
@@ -86,7 +86,7 @@ const RequestObject = z.object({
|
|
|
86
86
|
//optional by RFC 7519, mandatory for Potential
|
|
87
87
|
iat: _types.UnixTime.optional(),
|
|
88
88
|
exp: _types.UnixTime.optional(),
|
|
89
|
-
state: z.string(),
|
|
89
|
+
state: z.string().optional(),
|
|
90
90
|
nonce: z.string(),
|
|
91
91
|
response_uri: z.string(),
|
|
92
92
|
response_type: z.literal("vp_token"),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_types","require","z","_interopRequireWildcard","_jwk","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","Fields","object","path","array","string","min","id","optional","purpose","name","filter","any","boolean","intent_to_retain","Constraints","fields","limit_disclosure","enum","InputDescriptor","format","record","constraints","group","exports","SubmissionRequirement","rule","from","from_nested","count","number","PresentationDefinition","input_descriptors","submission_requirements","RequestObject","iss","iat","UnixTime","exp","state","nonce","response_uri","response_type","literal","response_mode","client_id","client_id_scheme","client_metadata","authorization_encrypted_response_alg","authorization_encrypted_response_enc","jwks_uri","jwks","JWKS","scope","presentation_definition","ErrorResponse","DirectAuthorizationBodyPayload","union","vp_token","presentation_submission","unknown","error"],"sourceRoot":"../../../../src","sources":["credential/presentation/types.ts"],"mappings":";;;;;;AACA,IAAAA,MAAA,GAAAC,OAAA;AACA,IAAAC,CAAA,GAAAC,uBAAA,CAAAF,OAAA;AACA,IAAAG,IAAA,GAAAH,OAAA;AAAuC,SAAAI,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAH,wBAAAO,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAEvC;AACA;AACA;;AAOA;AACA;AACA;;
|
|
1
|
+
{"version":3,"names":["_types","require","z","_interopRequireWildcard","_jwk","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","Fields","object","path","array","string","min","id","optional","purpose","name","filter","any","boolean","intent_to_retain","Constraints","fields","limit_disclosure","enum","InputDescriptor","format","record","constraints","group","exports","SubmissionRequirement","rule","from","from_nested","count","number","PresentationDefinition","input_descriptors","submission_requirements","RequestObject","iss","iat","UnixTime","exp","state","nonce","response_uri","response_type","literal","response_mode","client_id","client_id_scheme","client_metadata","authorization_encrypted_response_alg","authorization_encrypted_response_enc","jwks_uri","jwks","JWKS","scope","presentation_definition","ErrorResponse","DirectAuthorizationBodyPayload","union","vp_token","presentation_submission","unknown","error"],"sourceRoot":"../../../../src","sources":["credential/presentation/types.ts"],"mappings":";;;;;;AACA,IAAAA,MAAA,GAAAC,OAAA;AACA,IAAAC,CAAA,GAAAC,uBAAA,CAAAF,OAAA;AACA,IAAAG,IAAA,GAAAH,OAAA;AAAuC,SAAAI,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAH,wBAAAO,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAEvC;AACA;AACA;;AAOA;AACA;AACA;;AAWA,MAAMW,MAAM,GAAGzB,CAAC,CAAC0B,MAAM,CAAC;EACtBC,IAAI,EAAE3B,CAAC,CAAC4B,KAAK,CAAC5B,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC,CAAC;EAAE;EAClCC,EAAE,EAAE/B,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAAE;EAC3BC,OAAO,EAAEjC,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAAE;EAChCE,IAAI,EAAElC,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAAE;EAC7BG,MAAM,EAAEnC,CAAC,CAACoC,GAAG,CAAC,CAAC,CAACJ,QAAQ,CAAC,CAAC;EAAE;EAC5BA,QAAQ,EAAEhC,CAAC,CAACqC,OAAO,CAAC,CAAC,CAACL,QAAQ,CAAC,CAAC;EAAE;EAClCM,gBAAgB,EAAEtC,CAAC,CAACqC,OAAO,CAAC,CAAC,CAACL,QAAQ,CAAC,CAAC,CAAE;AAC5C,CAAC,CAAC;;AAEF;AACA,MAAMO,WAAW,GAAGvC,CAAC,CAAC0B,MAAM,CAAC;EAC3Bc,MAAM,EAAExC,CAAC,CAAC4B,KAAK,CAACH,MAAM,CAAC,CAACO,QAAQ,CAAC,CAAC;EAAE;EACpCS,gBAAgB,EAAEzC,CAAC,CAAC0C,IAAI,CAAC,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC,CAACV,QAAQ,CAAC,CAAC,CAAE;AAClE,CAAC,CAAC;;AAEF;;AAEO,MAAMW,eAAe,GAAG3C,CAAC,CAAC0B,MAAM,CAAC;EACtCK,EAAE,EAAE/B,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC;EAAE;EACvBI,IAAI,EAAElC,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAAE;EAC7BC,OAAO,EAAEjC,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAAE;EAChCY,MAAM,EAAE5C,CAAC,CAAC6C,MAAM,CAAC7C,CAAC,CAAC6B,MAAM,CAAC,CAAC,EAAE7B,CAAC,CAACoC,GAAG,CAAC,CAAC,CAAC,CAACJ,QAAQ,CAAC,CAAC;EAAE;EAClDc,WAAW,EAAEP,WAAW;EAAE;EAC1BQ,KAAK,EAAE/C,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC,CAAE;AAChC,CAAC,CAAC;AAACgB,OAAA,CAAAL,eAAA,GAAAA,eAAA;AAEH,MAAMM,qBAAqB,GAAGjD,CAAC,CAAC0B,MAAM,CAAC;EACrCQ,IAAI,EAAElC,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAC3BC,OAAO,EAAEjC,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAC9BkB,IAAI,EAAElD,CAAC,CAAC6B,MAAM,CAAC,CAAC;EAAE;EAClBsB,IAAI,EAAEnD,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAAE;EAC7BoB,WAAW,EAAEpD,CAAC,CACX4B,KAAK,CACJ5B,CAAC,CAAC0B,MAAM,CAAC;IACPQ,IAAI,EAAElC,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;IAC3BC,OAAO,EAAEjC,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;IAC9BkB,IAAI,EAAElD,CAAC,CAAC6B,MAAM,CAAC,CAAC;IAChBsB,IAAI,EAAEnD,CAAC,CAAC6B,MAAM,CAAC;EACjB,CAAC,CACH,CAAC,CACAG,QAAQ,CAAC,CAAC;EACbqB,KAAK,EAAErD,CAAC,CAACsD,MAAM,CAAC,CAAC,CAACtB,QAAQ,CAAC;EAC3B;AACF,CAAC,CAAC;;AAGK,MAAMuB,sBAAsB,GAAGvD,CAAC,CAAC0B,MAAM,CAAC;EAC7CK,EAAE,EAAE/B,CAAC,CAAC6B,MAAM,CAAC,CAAC;EACdK,IAAI,EAAElC,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAC3BC,OAAO,EAAEjC,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAC9BwB,iBAAiB,EAAExD,CAAC,CAAC4B,KAAK,CAACe,eAAe,CAAC;EAC3Cc,uBAAuB,EAAEzD,CAAC,CAAC4B,KAAK,CAACqB,qBAAqB,CAAC,CAACjB,QAAQ,CAAC;AACnE,CAAC,CAAC;AAACgB,OAAA,CAAAO,sBAAA,GAAAA,sBAAA;AAGI,MAAMG,aAAa,GAAG1D,CAAC,CAAC0B,MAAM,CAAC;EACpCiC,GAAG,EAAE3D,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAAE;EAC5B4B,GAAG,EAAEC,eAAQ,CAAC7B,QAAQ,CAAC,CAAC;EACxB8B,GAAG,EAAED,eAAQ,CAAC7B,QAAQ,CAAC,CAAC;EACxB+B,KAAK,EAAE/D,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAC5BgC,KAAK,EAAEhE,CAAC,CAAC6B,MAAM,CAAC,CAAC;EACjBoC,YAAY,EAAEjE,CAAC,CAAC6B,MAAM,CAAC,CAAC;EACxBqC,aAAa,EAAElE,CAAC,CAACmE,OAAO,CAAC,UAAU,CAAC;EACpCC,aAAa,EAAEpE,CAAC,CAAC0C,IAAI,CAAC,CAAC,iBAAiB,EAAE,aAAa,CAAC,CAAC;EACzD2B,SAAS,EAAErE,CAAC,CAAC6B,MAAM,CAAC,CAAC;EACrByC,gBAAgB,EAAEtE,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAAE;EACzCuC,eAAe,EAAEvE,CAAC,CACf0B,MAAM,CAAC;IACN8C,oCAAoC,EAAExE,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;IAC3DyC,oCAAoC,EAAEzE,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;IAC3D0C,QAAQ,EAAE1E,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;IAC/B2C,IAAI,EAAEC,SAAI,CAAC5C,QAAQ,CAAC;EACtB,CAAC,CAAC,CACDA,QAAQ,CAAC,CAAC;EAAE;EACf6C,KAAK,EAAE7E,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAC5B8C,uBAAuB,EAAEvB,sBAAsB,CAACvB,QAAQ,CAAC;AAC3D,CAAC,CAAC;;AAEF;AACA;AACA;AACA;AAHAgB,OAAA,CAAAU,aAAA,GAAAA,aAAA;AAKO,MAAMqB,aAAa,GAAG/E,CAAC,CAAC0C,IAAI,CAAC,CAClC,eAAe,EACf,iBAAiB,EACjB,gBAAgB,EAChB,eAAe,CAChB,CAAC;;AAEF;AACA;AACA;AAFAM,OAAA,CAAA+B,aAAA,GAAAA,aAAA;AAMO,MAAMC,8BAA8B,GAAGhF,CAAC,CAACiF,KAAK,CAAC,CACpDjF,CAAC,CAAC0B,MAAM,CAAC;EACPwD,QAAQ,EAAElF,CAAC,CAACiF,KAAK,CAAC,CAACjF,CAAC,CAAC6B,MAAM,CAAC,CAAC,EAAE7B,CAAC,CAAC4B,KAAK,CAAC5B,CAAC,CAAC6B,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAACG,QAAQ,CAAC,CAAC;EAC/DmD,uBAAuB,EAAEnF,CAAC,CAAC6C,MAAM,CAAC7C,CAAC,CAAC6B,MAAM,CAAC,CAAC,EAAE7B,CAAC,CAACoF,OAAO,CAAC,CAAC;AAC3D,CAAC,CAAC,EACFpF,CAAC,CAAC0B,MAAM,CAAC;EAAE2D,KAAK,EAAEN;AAAc,CAAC,CAAC,CACnC,CAAC;AAAC/B,OAAA,CAAAgC,8BAAA,GAAAA,8BAAA"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_ioReactNativeJwt","require","_types","_errors","z","_interopRequireWildcard","_","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","verify","token","kid","jwks","jwk","find","k","Error","protectedHeader","header","payload","verifyJwt","decode","decodeJwt","FirstElementShape","EntityConfiguration","MiddleElementShape","EntityStatement","LastElementShape","union","TrustAnchorEntityConfiguration","validateTrustChain","trustAnchorEntity","chain","length","IoWalletError","selectTokenShape","elementIndex","selectKid","currentIndex","shape","parse","selectKeys","keys","nextIndex","nextToken","Promise","all","map","i","args","renewTrustChain","appFetch","arguments","undefined","fetch","e","safeParse","_ref","es","ec","success","getSignedEntityConfiguration","data","iss","getSignedEntityStatement","sub","reject"],"sourceRoot":"../../../../src","sources":["entity/trust/chain.ts"],"mappings":";;;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAIA,IAAAC,MAAA,GAAAD,OAAA;AAMA,IAAAE,OAAA,GAAAF,OAAA;AACA,IAAAG,CAAA,GAAAC,uBAAA,CAAAJ,OAAA;AACA,IAAAK,CAAA,GAAAL,OAAA;AAA2E,SAAAM,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAH,wBAAAO,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAO3E;AACA;AACA,MAAMW,MAAM,GAAG,MAAAA,CACbC,KAAa,EACbC,GAAW,EACXC,IAAW,KACc;EACzB,MAAMC,GAAG,GAAGD,IAAI,CAACE,IAAI,CAAEC,CAAC,IAAKA,CAAC,CAACJ,GAAG,KAAKA,GAAG,CAAC;EAC3C,IAAI,CAACE,GAAG,EAAE;IACR,MAAM,IAAIG,KAAK,CAAE,gBAAeL,GAAI,YAAWD,KAAM,EAAC,CAAC;EACzD;EACA,MAAM;IAAEO,eAAe,EAAEC,MAAM;IAAEC;EAAQ,CAAC,GAAG,MAAM,IAAAC,wBAAS,EAACV,KAAK,EAAEG,GAAG,CAAC;EACxE,OAAO;IAAEK,MAAM;IAAEC;EAAQ,CAAC;AAC5B,CAAC;AAED,MAAME,MAAM,GAAIX,KAAa,IAAK;EAChC,MAAM;IAAEO,eAAe,EAAEC,MAAM;IAAEC;EAAQ,CAAC,GAAG,IAAAG,wBAAS,EAACZ,KAAK,CAAC;EAC7D,OAAO;IAAEQ,MAAM;IAAEC;EAAQ,CAAC;AAC5B,CAAC;;AAED;AACA,MAAMI,iBAAiB,GAAGC,0BAAmB;AAC7C;AACA,MAAMC,kBAAkB,GAAGC,sBAAe;AAC1C;AACA;AACA,MAAMC,gBAAgB,GAAG3C,CAAC,CAAC4C,KAAK,CAAC,CAC/BF,sBAAe,EACfG,qCAA8B,CAC/B,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,eAAeC,kBAAkBA,CACtCC,iBAAiD,EACjDC,KAAe,EACS;EACxB;EACA,IAAIA,KAAK,CAACC,MAAM,KAAK,CAAC,EAAE;IACtB,MAAM,IAAIC,qBAAa,CAAC,iCAAiC,CAAC;EAC5D;;EAEA;EACA,MAAMC,gBAAgB,GAAIC,YAAoB,IAC5CA,YAAY,KAAK,CAAC,GACdb,iBAAiB,GACjBa,YAAY,KAAKJ,KAAK,CAACC,MAAM,GAAG,CAAC,
|
|
1
|
+
{"version":3,"names":["_ioReactNativeJwt","require","_types","_errors","z","_interopRequireWildcard","_","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","verify","token","kid","jwks","jwk","find","k","Error","protectedHeader","header","payload","verifyJwt","decode","decodeJwt","FirstElementShape","EntityConfiguration","MiddleElementShape","EntityStatement","LastElementShape","union","TrustAnchorEntityConfiguration","validateTrustChain","trustAnchorEntity","chain","length","IoWalletError","selectTokenShape","elementIndex","selectKid","currentIndex","shape","parse","selectKeys","keys","nextIndex","nextToken","Promise","all","map","i","args","renewTrustChain","appFetch","arguments","undefined","fetch","e","safeParse","_ref","es","ec","success","getSignedEntityConfiguration","data","iss","getSignedEntityStatement","sub","reject"],"sourceRoot":"../../../../src","sources":["entity/trust/chain.ts"],"mappings":";;;;;;;AAAA,IAAAA,iBAAA,GAAAC,OAAA;AAIA,IAAAC,MAAA,GAAAD,OAAA;AAMA,IAAAE,OAAA,GAAAF,OAAA;AACA,IAAAG,CAAA,GAAAC,uBAAA,CAAAJ,OAAA;AACA,IAAAK,CAAA,GAAAL,OAAA;AAA2E,SAAAM,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAH,wBAAAO,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAO3E;AACA;AACA,MAAMW,MAAM,GAAG,MAAAA,CACbC,KAAa,EACbC,GAAW,EACXC,IAAW,KACc;EACzB,MAAMC,GAAG,GAAGD,IAAI,CAACE,IAAI,CAAEC,CAAC,IAAKA,CAAC,CAACJ,GAAG,KAAKA,GAAG,CAAC;EAC3C,IAAI,CAACE,GAAG,EAAE;IACR,MAAM,IAAIG,KAAK,CAAE,gBAAeL,GAAI,YAAWD,KAAM,EAAC,CAAC;EACzD;EACA,MAAM;IAAEO,eAAe,EAAEC,MAAM;IAAEC;EAAQ,CAAC,GAAG,MAAM,IAAAC,wBAAS,EAACV,KAAK,EAAEG,GAAG,CAAC;EACxE,OAAO;IAAEK,MAAM;IAAEC;EAAQ,CAAC;AAC5B,CAAC;AAED,MAAME,MAAM,GAAIX,KAAa,IAAK;EAChC,MAAM;IAAEO,eAAe,EAAEC,MAAM;IAAEC;EAAQ,CAAC,GAAG,IAAAG,wBAAS,EAACZ,KAAK,CAAC;EAC7D,OAAO;IAAEQ,MAAM;IAAEC;EAAQ,CAAC;AAC5B,CAAC;;AAED;AACA,MAAMI,iBAAiB,GAAGC,0BAAmB;AAC7C;AACA,MAAMC,kBAAkB,GAAGC,sBAAe;AAC1C;AACA;AACA,MAAMC,gBAAgB,GAAG3C,CAAC,CAAC4C,KAAK,CAAC,CAC/BF,sBAAe,EACfG,qCAA8B,CAC/B,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,eAAeC,kBAAkBA,CACtCC,iBAAiD,EACjDC,KAAe,EACS;EACxB;EACA,IAAIA,KAAK,CAACC,MAAM,KAAK,CAAC,EAAE;IACtB,MAAM,IAAIC,qBAAa,CAAC,iCAAiC,CAAC;EAC5D;;EAEA;EACA,MAAMC,gBAAgB,GAAIC,YAAoB,IAC5CA,YAAY,KAAK,CAAC,GACdb,iBAAiB,GACjBa,YAAY,KAAKJ,KAAK,CAACC,MAAM,GAAG,CAAC,GAC/BN,gBAAgB,GAChBF,kBAAkB;;EAE1B;EACA,MAAMY,SAAS,GAAIC,YAAoB,IAAa;IAClD,MAAM5B,KAAK,GAAGsB,KAAK,CAACM,YAAY,CAAC;IACjC,IAAI,CAAC5B,KAAK,EAAE;MACV,MAAM,IAAIwB,qBAAa,CAAE,gCAA+B,CAAC;IAC3D;IACA,MAAMK,KAAK,GAAGJ,gBAAgB,CAACG,YAAY,CAAC;IAC5C,OAAOC,KAAK,CAACC,KAAK,CAACnB,MAAM,CAACX,KAAK,CAAC,CAAC,CAACQ,MAAM,CAACP,GAAG;EAC9C,CAAC;;EAED;EACA;EACA,MAAM8B,UAAU,GAAIH,YAAoB,IAAY;IAClD,IAAIA,YAAY,KAAKN,KAAK,CAACC,MAAM,GAAG,CAAC,EAAE;MACrC,OAAOF,iBAAiB,CAACZ,OAAO,CAACP,IAAI,CAAC8B,IAAI;IAC5C;IAEA,MAAMC,SAAS,GAAGL,YAAY,GAAG,CAAC;IAClC,MAAMM,SAAS,GAAGZ,KAAK,CAACW,SAAS,CAAC;IAClC,IAAI,CAACC,SAAS,EAAE;MACd,MAAM,IAAIV,qBAAa,CAAE,qCAAoC,CAAC;IAChE;IACA,MAAMK,KAAK,GAAGJ,gBAAgB,CAACQ,SAAS,CAAC;IACzC,OAAOJ,KAAK,CAACC,KAAK,CAACnB,MAAM,CAACuB,SAAS,CAAC,CAAC,CAACzB,OAAO,CAACP,IAAI,CAAC8B,IAAI;EACzD,CAAC;;EAED;EACA;EACA,OAAOG,OAAO,CAACC,GAAG,CAChBd,KAAK,CACFe,GAAG,CAAC,CAACrC,KAAK,EAAEsC,CAAC,KAAK,CAACtC,KAAK,EAAE2B,SAAS,CAACW,CAAC,CAAC,EAAEP,UAAU,CAACO,CAAC,CAAC,CAAU,CAAC,CAChED,GAAG,CAAEE,IAAI,IAAKxC,MAAM,CAAC,GAAGwC,IAAI,CAAC,CAClC,CAAC;AACH;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,SAASC,eAAeA,CAC7BlB,KAAe,EAEf;EAAA,IADAmB,QAA8B,GAAAC,SAAA,CAAAnB,MAAA,QAAAmB,SAAA,QAAAC,SAAA,GAAAD,SAAA,MAAGE,KAAK;EAEtC,OAAOT,OAAO,CAACC,GAAG,CAChBd;EACE;EAAA,CACCe,GAAG,CAAC1B,MAAM,CAAC,CACX0B,GAAG,CACDQ,CAAC,IACA,CACE7B,sBAAe,CAAC8B,SAAS,CAACD,CAAC,CAAC,EAC5B/B,0BAAmB,CAACgC,SAAS,CAACD,CAAC,CAAC,CAEtC;EACA;EAAA,CACCR,GAAG,CAAC,CAAAU,IAAA,EAAWT,CAAC;IAAA,IAAX,CAACU,EAAE,EAAEC,EAAE,CAAC,GAAAF,IAAA;IAAA,OACZE,EAAE,CAACC,OAAO,GACN,IAAAC,8BAA4B,EAACF,EAAE,CAACG,IAAI,CAAC3C,OAAO,CAAC4C,GAAG,EAAE;MAAEZ;IAAS,CAAC,CAAC,GAC/DO,EAAE,CAACE,OAAO,GACR,IAAAI,0BAAwB,EACtBN,EAAE,CAACI,IAAI,CAAC3C,OAAO,CAAC4C,GAAG,EACnBL,EAAE,CAACI,IAAI,CAAC3C,OAAO,CAAC8C,GAAG,EACnB;MACEd;IACF,CACF,CAAC;IACD;IACAN,OAAO,CAACqB,MAAM,CACZ,IAAIhC,qBAAa,CACd,iDAAgDc,CAAE,uBACrD,CACF,CAAC;EAAA,CACT,CACJ,CAAC;AACH"}
|
|
@@ -3,26 +3,58 @@
|
|
|
3
3
|
Object.defineProperty(exports, "__esModule", {
|
|
4
4
|
value: true
|
|
5
5
|
});
|
|
6
|
-
exports.verify = void 0;
|
|
6
|
+
exports.verify = exports.prepareVpTokenMdoc = void 0;
|
|
7
7
|
var _ioReactNativeCbor = require("@pagopa/io-react-native-cbor");
|
|
8
|
-
|
|
8
|
+
var _jsrsasign = require("jsrsasign");
|
|
9
|
+
var _crypto = require("../utils/crypto");
|
|
10
|
+
var _string = require("../utils/string");
|
|
11
|
+
const verify = async (token, _) => {
|
|
12
|
+
var _issuerSigned$issuerA;
|
|
9
13
|
// get decoded data
|
|
10
|
-
const
|
|
11
|
-
if (!
|
|
14
|
+
const issuerSigned = await _ioReactNativeCbor.CBOR.decodeIssuerSigned(token);
|
|
15
|
+
if (!issuerSigned) {
|
|
12
16
|
throw new Error("Invalid mDoc");
|
|
13
17
|
}
|
|
14
|
-
const
|
|
15
|
-
if (!
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
18
|
+
const cert = (_issuerSigned$issuerA = issuerSigned.issuerAuth.unprotectedHeader[0]) === null || _issuerSigned$issuerA === void 0 ? void 0 : _issuerSigned$issuerA.keyId;
|
|
19
|
+
if (!cert) throw new Error("Certificate not present in credential");
|
|
20
|
+
const pemcert = (0, _crypto.convertCertToPem)((0, _jsrsasign.b64utob64)(cert));
|
|
21
|
+
const publickey = (0, _crypto.parsePublicKey)(pemcert);
|
|
22
|
+
if (!publickey) throw new Error("Certificate not present in credential");
|
|
23
|
+
const jwk = (0, _crypto.getSigningJwk)(publickey);
|
|
24
|
+
jwk.x = (0, _jsrsasign.b64utob64)(jwk.x);
|
|
25
|
+
jwk.y = (0, _jsrsasign.b64utob64)(jwk.y);
|
|
26
|
+
const signatureCorrect = await _ioReactNativeCbor.COSE.verify((0, _jsrsasign.b64utob64)(issuerSigned.issuerAuth.rawValue), jwk).catch(() => false);
|
|
27
|
+
if (!signatureCorrect) throw new Error("Invalid mDoc signature");
|
|
28
|
+
return {
|
|
29
|
+
issuerSigned
|
|
30
|
+
};
|
|
31
|
+
};
|
|
32
|
+
exports.verify = verify;
|
|
33
|
+
const prepareVpTokenMdoc = async (requestNonce, generatedNonce, clientId, responseUri, docType, keyTag, _ref) => {
|
|
34
|
+
let [verifiableCredential, requestedClaims, _] = _ref;
|
|
35
|
+
/* verifiableCredential is a IssuerSigned structure */
|
|
36
|
+
const documents = [{
|
|
37
|
+
issuerSignedContent: verifiableCredential,
|
|
38
|
+
alias: keyTag,
|
|
39
|
+
docType
|
|
40
|
+
}];
|
|
20
41
|
|
|
21
|
-
|
|
42
|
+
/* we map each requested claim as for ex. { "org.iso.18013.5.1.mDL" { <claim-name>: true, ... }} for selective disclosure */
|
|
43
|
+
const fieldRequestedAndAccepted = JSON.stringify({
|
|
44
|
+
[docType]: requestedClaims.reduce((acc, item) => {
|
|
45
|
+
return {
|
|
46
|
+
...acc,
|
|
47
|
+
[item]: true
|
|
48
|
+
};
|
|
49
|
+
}, {})
|
|
50
|
+
});
|
|
22
51
|
|
|
52
|
+
/* clientId,responseUri,requestNonce are retrieved by Auth Request Object */
|
|
53
|
+
/* create DeviceResponse as { documents: { docType, issuerSigned, deviceSigned }, version, status } */
|
|
54
|
+
const vp_token = await _ioReactNativeCbor.ISO18013.generateOID4VPDeviceResponse(clientId, responseUri, requestNonce, generatedNonce, documents, fieldRequestedAndAccepted);
|
|
23
55
|
return {
|
|
24
|
-
|
|
56
|
+
vp_token: (0, _string.base64ToBase64Url)(vp_token)
|
|
25
57
|
};
|
|
26
58
|
};
|
|
27
|
-
exports.
|
|
59
|
+
exports.prepareVpTokenMdoc = prepareVpTokenMdoc;
|
|
28
60
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_ioReactNativeCbor","require","verify","token","
|
|
1
|
+
{"version":3,"names":["_ioReactNativeCbor","require","_jsrsasign","_crypto","_string","verify","token","_","_issuerSigned$issuerA","issuerSigned","CBOR","decodeIssuerSigned","Error","cert","issuerAuth","unprotectedHeader","keyId","pemcert","convertCertToPem","b64utob64","publickey","parsePublicKey","jwk","getSigningJwk","x","y","signatureCorrect","COSE","rawValue","catch","exports","prepareVpTokenMdoc","requestNonce","generatedNonce","clientId","responseUri","docType","keyTag","_ref","verifiableCredential","requestedClaims","documents","issuerSignedContent","alias","fieldRequestedAndAccepted","JSON","stringify","reduce","acc","item","vp_token","ISO18013","generateOID4VPDeviceResponse","base64ToBase64Url"],"sourceRoot":"../../../src","sources":["mdoc/index.ts"],"mappings":";;;;;;AAAA,IAAAA,kBAAA,GAAAC,OAAA;AAGA,IAAAC,UAAA,GAAAD,OAAA;AACA,IAAAE,OAAA,GAAAF,OAAA;AAMA,IAAAG,OAAA,GAAAH,OAAA;AAEO,MAAMI,MAAM,GAAG,MAAAA,CACpBC,KAAa,EACbC,CAAc,KACmC;EAAA,IAAAC,qBAAA;EACjD;EACA,MAAMC,YAAY,GAAG,MAAMC,uBAAI,CAACC,kBAAkB,CAACL,KAAK,CAAC;EACzD,IAAI,CAACG,YAAY,EAAE;IACjB,MAAM,IAAIG,KAAK,CAAC,cAAc,CAAC;EACjC;EAEA,MAAMC,IAAI,IAAAL,qBAAA,GAAGC,YAAY,CAACK,UAAU,CAACC,iBAAiB,CAAC,CAAC,CAAC,cAAAP,qBAAA,uBAA5CA,qBAAA,CAA8CQ,KAAK;EAChE,IAAI,CAACH,IAAI,EAAE,MAAM,IAAID,KAAK,CAAC,uCAAuC,CAAC;EAEnE,MAAMK,OAAO,GAAG,IAAAC,wBAAgB,EAAC,IAAAC,oBAAS,EAACN,IAAI,CAAC,CAAC;EACjD,MAAMO,SAAS,GAAG,IAAAC,sBAAc,EAACJ,OAAO,CAAC;EACzC,IAAI,CAACG,SAAS,EAAE,MAAM,IAAIR,KAAK,CAAC,uCAAuC,CAAC;EAExE,MAAMU,GAAG,GAAG,IAAAC,qBAAa,EAACH,SAAS,CAAC;EAEpCE,GAAG,CAACE,CAAC,GAAG,IAAAL,oBAAS,EAACG,GAAG,CAACE,CAAE,CAAC;EACzBF,GAAG,CAACG,CAAC,GAAG,IAAAN,oBAAS,EAACG,GAAG,CAACG,CAAE,CAAC;EAEzB,MAAMC,gBAAgB,GAAG,MAAMC,uBAAI,CAACtB,MAAM,CACxC,IAAAc,oBAAS,EAACV,YAAY,CAACK,UAAU,CAACc,QAAS,CAAC,EAC5CN,GACF,CAAC,CAACO,KAAK,CAAC,MAAM,KAAK,CAAC;EACpB,IAAI,CAACH,gBAAgB,EAAE,MAAM,IAAId,KAAK,CAAC,wBAAwB,CAAC;EAEhE,OAAO;IAAEH;EAAa,CAAC;AACzB,CAAC;AAACqB,OAAA,CAAAzB,MAAA,GAAAA,MAAA;AAEK,MAAM0B,kBAAkB,GAAG,MAAAA,CAChCC,YAAoB,EACpBC,cAAsB,EACtBC,QAAgB,EAChBC,WAAmB,EACnBC,OAAe,EACfC,MAAc,EAAAC,IAAA,KAIV;EAAA,IAHJ,CAACC,oBAAoB,EAAEC,eAAe,EAAEjC,CAAC,CAAe,GAAA+B,IAAA;EAIxD;EACA,MAAMG,SAAS,GAAG,CAChB;IACEC,mBAAmB,EAAEH,oBAAoB;IACzCI,KAAK,EAAEN,MAAM;IACbD;EACF,CAAC,CACF;;EAED;EACA,MAAMQ,yBAAyB,GAAGC,IAAI,CAACC,SAAS,CAAC;IAC/C,CAACV,OAAO,GAAGI,eAAe,CAACO,MAAM,CAAC,CAACC,GAAG,EAAEC,IAAI,KAAK;MAC/C,OAAO;QAAE,GAAGD,GAAG;QAAE,CAACC,IAAI,GAAG;MAAK,CAAC;IACjC,CAAC,EAAE,CAAC,CAAC;EACP,CAAC,CAAC;;EAEF;EACA;EACA,MAAMC,QAAQ,GAAG,MAAMC,2BAAQ,CAACC,4BAA4B,CAC1DlB,QAAQ,EACRC,WAAW,EACXH,YAAY,EACZC,cAAc,EACdQ,SAAS,EACTG,yBACF,CAAC;EAED,OAAO;IACLM,QAAQ,EAAE,IAAAG,yBAAiB,EAACH,QAAQ;EACtC,CAAC;AACH,CAAC;AAACpB,OAAA,CAAAC,kBAAA,GAAAA,kBAAA"}
|
|
@@ -3,12 +3,13 @@
|
|
|
3
3
|
Object.defineProperty(exports, "__esModule", {
|
|
4
4
|
value: true
|
|
5
5
|
});
|
|
6
|
-
exports.withEphemeralKey = exports.parsePublicKey = exports.getSigningJwk = exports.createCryptoContextFor = exports.convertCertToPem = void 0;
|
|
6
|
+
exports.withEphemeralKey = exports.parsePublicKey = exports.getSigningJwk = exports.createCryptoContextFor = exports.convertCertToPem = exports.compareKeysByThumbprint = void 0;
|
|
7
7
|
var _ioReactNativeCrypto = require("@pagopa/io-react-native-crypto");
|
|
8
8
|
var _reactNativeUuid = _interopRequireDefault(require("react-native-uuid"));
|
|
9
9
|
var _ioReactNativeJwt = require("@pagopa/io-react-native-jwt");
|
|
10
|
-
var _jwk = require("./jwk");
|
|
11
10
|
var _jsrsasign = require("jsrsasign");
|
|
11
|
+
var _jwk = require("./jwk");
|
|
12
|
+
var _buffer = require("buffer");
|
|
12
13
|
function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
|
|
13
14
|
/**
|
|
14
15
|
* Create a CryptoContext bound to a key pair.
|
|
@@ -25,7 +26,7 @@ const createCryptoContextFor = keytag => {
|
|
|
25
26
|
* @returns The public key.
|
|
26
27
|
*/
|
|
27
28
|
async getPublicKey() {
|
|
28
|
-
return (0, _ioReactNativeCrypto.getPublicKey)(keytag).then(
|
|
29
|
+
return (0, _ioReactNativeCrypto.getPublicKey)(keytag).then(fixBase64WithLeadingZero).then(async jwk => ({
|
|
29
30
|
...jwk,
|
|
30
31
|
// Keys in the TEE are not stored with their KID, which is supposed to be assigned when they are included in JWK sets.
|
|
31
32
|
// (that is, KID is not a propoerty of the key itself, but it's property used to identify a key in a set).
|
|
@@ -46,6 +47,59 @@ const createCryptoContextFor = keytag => {
|
|
|
46
47
|
};
|
|
47
48
|
};
|
|
48
49
|
|
|
50
|
+
/**
|
|
51
|
+
* This function takes a JSON Web Key (JWK) and returns a new JWK with its base64-url properties (x, y, e, n) processed.
|
|
52
|
+
* Each property is passed through the `removeLeadingZeroAndParseb64u` function if it exists, which fixes any unwanted leading zeros.
|
|
53
|
+
*
|
|
54
|
+
* @param key - The input JSON Web Key that may contain properties with potential leading zero issues.
|
|
55
|
+
* @returns A new JSON Web Key with the processed properties.
|
|
56
|
+
*/
|
|
57
|
+
exports.createCryptoContextFor = createCryptoContextFor;
|
|
58
|
+
const fixBase64WithLeadingZero = key => {
|
|
59
|
+
const {
|
|
60
|
+
x,
|
|
61
|
+
y,
|
|
62
|
+
e,
|
|
63
|
+
n,
|
|
64
|
+
...pk
|
|
65
|
+
} = key;
|
|
66
|
+
return {
|
|
67
|
+
...pk,
|
|
68
|
+
...(x ? {
|
|
69
|
+
x: removeLeadingZeroAndParseb64u(x)
|
|
70
|
+
} : {}),
|
|
71
|
+
...(y ? {
|
|
72
|
+
y: removeLeadingZeroAndParseb64u(y)
|
|
73
|
+
} : {}),
|
|
74
|
+
...(e ? {
|
|
75
|
+
e: removeLeadingZeroAndParseb64u(e)
|
|
76
|
+
} : {}),
|
|
77
|
+
...(n ? {
|
|
78
|
+
n: removeLeadingZeroAndParseb64u(n)
|
|
79
|
+
} : {})
|
|
80
|
+
};
|
|
81
|
+
};
|
|
82
|
+
|
|
83
|
+
/**
|
|
84
|
+
* This function processes a base64-encoded string to remove any unwanted leading zeros.
|
|
85
|
+
* It converts the input base64 string into a buffer, then to a hex string, checks for a leading "00",
|
|
86
|
+
* and removes it if present. The result is then converted back to a base64-url.
|
|
87
|
+
*
|
|
88
|
+
* @param input - The base64 encoded string to process.
|
|
89
|
+
* @returns A new base64-url encoded string with any leading zero removed.
|
|
90
|
+
*/
|
|
91
|
+
const removeLeadingZeroAndParseb64u = input => {
|
|
92
|
+
// Decode base64 input into a Buffer
|
|
93
|
+
const buffer = _buffer.Buffer.from(input, "base64");
|
|
94
|
+
const hex = buffer.toString("hex");
|
|
95
|
+
// If the hex string starts with "00", remove the first two characters
|
|
96
|
+
const fixedHex = hex.startsWith("00") ? hex.slice(2) : hex;
|
|
97
|
+
const newBuffer = _buffer.Buffer.from(fixedHex, "hex");
|
|
98
|
+
|
|
99
|
+
// removePadding convert base64 string to base64-url
|
|
100
|
+
return (0, _ioReactNativeJwt.removePadding)(newBuffer.toString("base64"));
|
|
101
|
+
};
|
|
102
|
+
|
|
49
103
|
/**
|
|
50
104
|
* Executes the input function injecting an ephemeral crypto context.
|
|
51
105
|
* An ephemeral crypto context is a context which is bound to a key
|
|
@@ -54,7 +108,6 @@ const createCryptoContextFor = keytag => {
|
|
|
54
108
|
* @param fn The procedure to be executed
|
|
55
109
|
* @returns The returned value of the input procedure.
|
|
56
110
|
*/
|
|
57
|
-
exports.createCryptoContextFor = createCryptoContextFor;
|
|
58
111
|
const withEphemeralKey = async fn => {
|
|
59
112
|
// Use an ephemeral key to be destroyed after use
|
|
60
113
|
const keytag = `ephemeral-${_reactNativeUuid.default.v4()}`;
|
|
@@ -101,5 +154,18 @@ const getSigningJwk = publicKey => ({
|
|
|
101
154
|
..._jwk.JWK.parse(_jsrsasign.KEYUTIL.getJWKFromKey(publicKey)),
|
|
102
155
|
use: "sig"
|
|
103
156
|
});
|
|
157
|
+
|
|
158
|
+
/**
|
|
159
|
+
* This function takes two {@link PublicKey} and evaluates and compares their thumbprints
|
|
160
|
+
* @param key1 The first key
|
|
161
|
+
* @param key2 The second key
|
|
162
|
+
* @returns true if the keys' thumbprints are equal, false otherwise
|
|
163
|
+
*/
|
|
104
164
|
exports.getSigningJwk = getSigningJwk;
|
|
165
|
+
const compareKeysByThumbprint = async (key1, key2) => {
|
|
166
|
+
//Parallel for optimization
|
|
167
|
+
const [thumbprint1, thumbprint2] = await Promise.all([(0, _ioReactNativeJwt.thumbprint)(key1), (0, _ioReactNativeJwt.thumbprint)(key2)]);
|
|
168
|
+
return thumbprint1 === thumbprint2;
|
|
169
|
+
};
|
|
170
|
+
exports.compareKeysByThumbprint = compareKeysByThumbprint;
|
|
105
171
|
//# sourceMappingURL=crypto.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["_ioReactNativeCrypto","require","_reactNativeUuid","_interopRequireDefault","_ioReactNativeJwt","_jwk","
|
|
1
|
+
{"version":3,"names":["_ioReactNativeCrypto","require","_reactNativeUuid","_interopRequireDefault","_ioReactNativeJwt","_jsrsasign","_jwk","_buffer","obj","__esModule","default","createCryptoContextFor","keytag","getPublicKey","then","fixBase64WithLeadingZero","jwk","kid","thumbprint","getSignature","value","sign","exports","key","x","y","e","n","pk","removeLeadingZeroAndParseb64u","input","buffer","Buffer","from","hex","toString","fixedHex","startsWith","slice","newBuffer","removePadding","withEphemeralKey","fn","uuid","v4","generate","ephemeralContext","finally","deleteKey","convertCertToPem","certificate","parsePublicKey","pemCert","x509","X509","readCertPEM","publicKey","RSAKey","KJUR","crypto","ECDSA","undefined","getSigningJwk","JWK","parse","KEYUTIL","getJWKFromKey","use","compareKeysByThumbprint","key1","key2","thumbprint1","thumbprint2","Promise","all"],"sourceRoot":"../../../src","sources":["utils/crypto.ts"],"mappings":";;;;;;AAAA,IAAAA,oBAAA,GAAAC,OAAA;AAOA,IAAAC,gBAAA,GAAAC,sBAAA,CAAAF,OAAA;AACA,IAAAG,iBAAA,GAAAH,OAAA;AACA,IAAAI,UAAA,GAAAJ,OAAA;AACA,IAAAK,IAAA,GAAAL,OAAA;AAEA,IAAAM,OAAA,GAAAN,OAAA;AAAgC,SAAAE,uBAAAK,GAAA,WAAAA,GAAA,IAAAA,GAAA,CAAAC,UAAA,GAAAD,GAAA,KAAAE,OAAA,EAAAF,GAAA;AAEhC;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMG,sBAAsB,GAAIC,MAAc,IAAoB;EACvE,OAAO;IACL;AACJ;AACA;AACA;AACA;IACI,MAAMC,YAAYA,CAAA,EAAG;MACnB,OAAO,IAAAA,iCAAY,EAACD,MAAM,CAAC,CACxBE,IAAI,CAACC,wBAAwB,CAAC,CAC9BD,IAAI,CAAC,MAAOE,GAAG,KAAM;QACpB,GAAGA,GAAG;QACN;QACA;QACA;QACA;QACAC,GAAG,EAAE,MAAM,IAAAC,4BAAU,EAACF,GAAG;MAC3B,CAAC,CAAC,CAAC;IACP,CAAC;IACD;AACJ;AACA;AACA;AACA;AACA;IACI,MAAMG,YAAYA,CAACC,KAAa,EAAE;MAChC,OAAO,IAAAC,yBAAI,EAACD,KAAK,EAAER,MAAM,CAAC;IAC5B;EACF,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AANAU,OAAA,CAAAX,sBAAA,GAAAA,sBAAA;AAOA,MAAMI,wBAAwB,GAAIQ,GAAQ,IAAU;EAClD,MAAM;IAAEC,CAAC;IAAEC,CAAC;IAAEC,CAAC;IAAEC,CAAC;IAAE,GAAGC;EAAG,CAAC,GAAGL,GAAG;EAEjC,OAAO;IACL,GAAGK,EAAE;IACL,IAAIJ,CAAC,GAAG;MAAEA,CAAC,EAAEK,6BAA6B,CAACL,CAAC;IAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACrD,IAAIC,CAAC,GAAG;MAAEA,CAAC,EAAEI,6BAA6B,CAACJ,CAAC;IAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACrD,IAAIC,CAAC,GAAG;MAAEA,CAAC,EAAEG,6BAA6B,CAACH,CAAC;IAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACrD,IAAIC,CAAC,GAAG;MAAEA,CAAC,EAAEE,6BAA6B,CAACF,CAAC;IAAE,CAAC,GAAG,CAAC,CAAC;EACtD,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAME,6BAA6B,GAAIC,KAAa,IAAa;EAC/D;EACA,MAAMC,MAAM,GAAGC,cAAM,CAACC,IAAI,CAACH,KAAK,EAAE,QAAQ,CAAC;EAC3C,MAAMI,GAAG,GAAGH,MAAM,CAACI,QAAQ,CAAC,KAAK,CAAC;EAClC;EACA,MAAMC,QAAQ,GAAGF,GAAG,CAACG,UAAU,CAAC,IAAI,CAAC,GAAGH,GAAG,CAACI,KAAK,CAAC,CAAC,CAAC,GAAGJ,GAAG;EAC1D,MAAMK,SAAS,GAAGP,cAAM,CAACC,IAAI,CAACG,QAAQ,EAAE,KAAK,CAAC;;EAE9C;EACA,OAAO,IAAAI,+BAAa,EAACD,SAAS,CAACJ,QAAQ,CAAC,QAAQ,CAAC,CAAC;AACpD,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMM,gBAAgB,GAAG,MAC9BC,EAAmD,IACpC;EACf;EACA,MAAM9B,MAAM,GAAI,aAAY+B,wBAAI,CAACC,EAAE,CAAC,CAAE,EAAC;EACvC,MAAM,IAAAC,6BAAQ,EAACjC,MAAM,CAAC;EACtB,MAAMkC,gBAAgB,GAAGnC,sBAAsB,CAACC,MAAM,CAAC;EACvD,OAAO8B,EAAE,CAACI,gBAAgB,CAAC,CAACC,OAAO,CAAC,MAAM,IAAAC,8BAAS,EAACpC,MAAM,CAAC,CAAC;AAC9D,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AALAU,OAAA,CAAAmB,gBAAA,GAAAA,gBAAA;AAMO,MAAMQ,gBAAgB,GAAIC,WAAmB,IACjD,gCAA+BA,WAAY,6BAA4B;;AAE1E;AACA;AACA;AACA;AACA;AACA;AACA;AANA5B,OAAA,CAAA2B,gBAAA,GAAAA,gBAAA;AAOO,MAAME,cAAc,GACzBC,OAAe,IAC4B;EAC3C,MAAMC,IAAI,GAAG,IAAIC,eAAI,CAAC,CAAC;EACvBD,IAAI,CAACE,WAAW,CAACH,OAAO,CAAC;EACzB,MAAMI,SAAS,GAAGH,IAAI,CAACxC,YAAY,CAAC,CAAC;EAErC,IAAI2C,SAAS,YAAYC,iBAAM,IAAID,SAAS,YAAYE,eAAI,CAACC,MAAM,CAACC,KAAK,EAAE;IACzE,OAAOJ,SAAS;EAClB;EAEA,OAAOK,SAAS;AAClB,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AALAvC,OAAA,CAAA6B,cAAA,GAAAA,cAAA;AAMO,MAAMW,aAAa,GAAIN,SAAqC,KAAW;EAC5E,GAAGO,QAAG,CAACC,KAAK,CAACC,kBAAO,CAACC,aAAa,CAACV,SAAS,CAAC,CAAC;EAC9CW,GAAG,EAAE;AACP,CAAC,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;AALA7C,OAAA,CAAAwC,aAAA,GAAAA,aAAA;AAMO,MAAMM,uBAAuB,GAAG,MAAAA,CACrCC,IAAe,EACfC,IAAe,KACZ;EACH;EACA,MAAM,CAACC,WAAW,EAAEC,WAAW,CAAC,GAAG,MAAMC,OAAO,CAACC,GAAG,CAAC,CACnD,IAAAxD,4BAAU,EAACmD,IAAI,CAAC,EAChB,IAAAnD,4BAAU,EAACoD,IAAI,CAAC,CACjB,CAAC;EACF,OAAOC,WAAW,KAAKC,WAAW;AACpC,CAAC;AAAClD,OAAA,CAAA8C,uBAAA,GAAAA,uBAAA"}
|
|
@@ -48,14 +48,14 @@ const obfuscateString = function (value) {
|
|
|
48
48
|
};
|
|
49
49
|
|
|
50
50
|
/**
|
|
51
|
-
* Converts a
|
|
51
|
+
* Converts a base64 string to a Base64 URL-encoded string.
|
|
52
52
|
*
|
|
53
|
-
* @param byteString - The input string in
|
|
53
|
+
* @param byteString - The input string in base64 format.
|
|
54
54
|
* @returns The Base64 URL-encoded string.
|
|
55
55
|
*/
|
|
56
56
|
exports.obfuscateString = obfuscateString;
|
|
57
|
-
const base64ToBase64Url =
|
|
58
|
-
return
|
|
57
|
+
const base64ToBase64Url = base64 => {
|
|
58
|
+
return base64.replace(/\+/g, "-").replace(/\//g, "_").replace(/[=]+$/, "");
|
|
59
59
|
};
|
|
60
60
|
exports.base64ToBase64Url = base64ToBase64Url;
|
|
61
61
|
//# sourceMappingURL=string.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"names":["obfuscateString","value","percentage","arguments","length","undefined","obfuscatedChar","safePercentage","Math","max","min","charsToObfuscate","floor","chars","split","positions","Array","from","_","i","sort","random","slice","forEach","pos","join","exports","base64ToBase64Url","
|
|
1
|
+
{"version":3,"names":["obfuscateString","value","percentage","arguments","length","undefined","obfuscatedChar","safePercentage","Math","max","min","charsToObfuscate","floor","chars","split","positions","Array","from","_","i","sort","random","slice","forEach","pos","join","exports","base64ToBase64Url","base64","replace"],"sourceRoot":"../../../src","sources":["utils/string.ts"],"mappings":";;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMA,eAAe,GAAG,SAAAA,CAC7BC,KAAa,EAGF;EAAA,IAFXC,UAAkB,GAAAC,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,EAAE;EAAA,IACvBG,cAAsB,GAAAH,SAAA,CAAAC,MAAA,QAAAD,SAAA,QAAAE,SAAA,GAAAF,SAAA,MAAG,GAAG;EAE5B,IAAI,CAACF,KAAK,EAAE;IACV,OAAO,EAAE;EACX;;EAEA;EACA,MAAMM,cAAc,GAAGC,IAAI,CAACC,GAAG,CAAC,CAAC,EAAED,IAAI,CAACE,GAAG,CAAC,GAAG,EAAER,UAAU,CAAC,CAAC;;EAE7D;EACA,MAAMS,gBAAgB,GAAGH,IAAI,CAACI,KAAK,CAAEX,KAAK,CAACG,MAAM,GAAGG,cAAc,GAAI,GAAG,CAAC;;EAE1E;EACA,MAAMM,KAAK,GAAGZ,KAAK,CAACa,KAAK,CAAC,EAAE,CAAC;;EAE7B;EACA,MAAMC,SAAS,GAAGC,KAAK,CAACC,IAAI,CAAC;IAAEb,MAAM,EAAEH,KAAK,CAACG;EAAO,CAAC,EAAE,CAACc,CAAC,EAAEC,CAAC,KAAKA,CAAC,CAAC,CAChEC,IAAI,CAAC,MAAMZ,IAAI,CAACa,MAAM,CAAC,CAAC,GAAG,GAAG,CAAC,CAC/BC,KAAK,CAAC,CAAC,EAAEX,gBAAgB,CAAC;;EAE7B;EACAI,SAAS,CAACQ,OAAO,CAAEC,GAAG,IAAK;IACzBX,KAAK,CAACW,GAAG,CAAC,GAAGlB,cAAc;EAC7B,CAAC,CAAC;EAEF,OAAOO,KAAK,CAACY,IAAI,CAAC,EAAE,CAAC;AACvB,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AALAC,OAAA,CAAA1B,eAAA,GAAAA,eAAA;AAMO,MAAM2B,iBAAiB,GAAIC,MAAc,IAAa;EAC3D,OAAOA,MAAM,CAACC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAACA,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAACA,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC;AAC5E,CAAC;AAACH,OAAA,CAAAC,iBAAA,GAAAA,iBAAA"}
|
|
@@ -98,12 +98,12 @@ const parseCredentialSdJwt = function (credentials_supported, _ref) {
|
|
|
98
98
|
}
|
|
99
99
|
return definedValues;
|
|
100
100
|
};
|
|
101
|
-
const parseCredentialMDoc = function (credentials_supported, _ref8) {
|
|
101
|
+
const parseCredentialMDoc = function (credentials_supported, credential_type, _ref8) {
|
|
102
102
|
let {
|
|
103
|
-
|
|
103
|
+
issuerSigned
|
|
104
104
|
} = _ref8;
|
|
105
|
-
let includeUndefinedAttributes = arguments.length >
|
|
106
|
-
const credentialSubject = credentials_supported[
|
|
105
|
+
let includeUndefinedAttributes = arguments.length > 3 && arguments[3] !== undefined ? arguments[3] : false;
|
|
106
|
+
const credentialSubject = credentials_supported[credential_type];
|
|
107
107
|
if (!credentialSubject) {
|
|
108
108
|
throw new IoWalletError("Credential type not supported by the issuer");
|
|
109
109
|
}
|
|
@@ -121,10 +121,10 @@ const parseCredentialMDoc = function (credentials_supported, _ref8) {
|
|
|
121
121
|
return [namespace, claimNameKey, definition];
|
|
122
122
|
});
|
|
123
123
|
});
|
|
124
|
-
if (!
|
|
124
|
+
if (!issuerSigned.nameSpaces) {
|
|
125
125
|
throw new IoWalletError("Missing claims in the credential");
|
|
126
126
|
}
|
|
127
|
-
const flatNamespaces = Object.entries(
|
|
127
|
+
const flatNamespaces = Object.entries(issuerSigned.nameSpaces).flatMap(_ref11 => {
|
|
128
128
|
let [namespace, values] = _ref11;
|
|
129
129
|
return values.map(v => [namespace, v.elementIdentifier, v.elementValue]);
|
|
130
130
|
});
|
|
@@ -228,25 +228,37 @@ async function verifyCredentialSdJwt(rawCredential, issuerKeys, holderBindingCon
|
|
|
228
228
|
*
|
|
229
229
|
*/
|
|
230
230
|
async function verifyCredentialMDoc(rawCredential, issuerKeys, holderBindingContext) {
|
|
231
|
-
|
|
231
|
+
/**
|
|
232
|
+
* For the moment, being that issues in the crypto key generation
|
|
233
|
+
* have been found on Android, the check for the deviceKey inside
|
|
234
|
+
* of the mDoc is skipped, so we are not interested in the holderBindingKey
|
|
235
|
+
*/
|
|
236
|
+
const [decodedCredential, _] =
|
|
232
237
|
// parallel for optimization
|
|
233
238
|
await Promise.all([verifyMdoc(rawCredential, issuerKeys), holderBindingContext.getPublicKey()]);
|
|
234
|
-
|
|
235
|
-
// TODO Implement the holder binding verification for MDOC
|
|
236
|
-
|
|
237
|
-
// Get only the first decoded credential
|
|
238
|
-
|
|
239
239
|
if (!decodedCredential) {
|
|
240
240
|
throw new IoWalletError("No MDOC credentials found!");
|
|
241
241
|
}
|
|
242
|
-
|
|
243
|
-
|
|
244
|
-
|
|
242
|
+
|
|
243
|
+
/**
|
|
244
|
+
* For the moment, being that issues in the crypto key generation
|
|
245
|
+
* have been found on Android, the check for the deviceKey inside
|
|
246
|
+
* of the mDoc is skipped.
|
|
247
|
+
*/
|
|
248
|
+
//const key = decodedCredential.mDoc.issuerSigned.issuerAuth.payload.deviceKeyInfo.deviceKey;
|
|
249
|
+
//
|
|
250
|
+
//if (!compareKeysByThumbprint(key, holderBindingKey as PublicKey)) {
|
|
251
|
+
// throw new IoWalletError(
|
|
252
|
+
// `Failed to verify holder binding, holder binding key and mDoc deviceKey don't match`
|
|
253
|
+
// );
|
|
254
|
+
//}
|
|
255
|
+
|
|
256
|
+
return decodedCredential;
|
|
245
257
|
}
|
|
246
258
|
|
|
247
259
|
// utility type that specialize VerifyAndParseCredential for given format
|
|
248
260
|
|
|
249
|
-
const verifyAndParseCredentialSdJwt = async (issuerConf, credential, _, _ref18) => {
|
|
261
|
+
const verifyAndParseCredentialSdJwt = async (issuerConf, credential, _, __, _ref18) => {
|
|
250
262
|
let {
|
|
251
263
|
credentialCryptoContext,
|
|
252
264
|
ignoreMissingAttributes,
|
|
@@ -261,14 +273,14 @@ const verifyAndParseCredentialSdJwt = async (issuerConf, credential, _, _ref18)
|
|
|
261
273
|
issuedAt: typeof maybeIssuedAt === "number" ? new Date(maybeIssuedAt * 1000) : undefined
|
|
262
274
|
};
|
|
263
275
|
};
|
|
264
|
-
const verifyAndParseCredentialMDoc = async (issuerConf, credential, _, _ref19) => {
|
|
276
|
+
const verifyAndParseCredentialMDoc = async (issuerConf, credential, _, credentialType, _ref19) => {
|
|
265
277
|
var _parsedCredential$exp, _parsedCredential$iss;
|
|
266
278
|
let {
|
|
267
279
|
credentialCryptoContext,
|
|
268
280
|
ignoreMissingAttributes
|
|
269
281
|
} = _ref19;
|
|
270
282
|
const decoded = await verifyCredentialMDoc(credential, issuerConf.keys, credentialCryptoContext);
|
|
271
|
-
const parsedCredential = parseCredentialMDoc(issuerConf.credential_configurations_supported, decoded, ignoreMissingAttributes);
|
|
283
|
+
const parsedCredential = parseCredentialMDoc(issuerConf.credential_configurations_supported, credentialType, decoded, ignoreMissingAttributes);
|
|
272
284
|
const expirationDate = extractElementValueAsDate(parsedCredential === null || parsedCredential === void 0 || (_parsedCredential$exp = parsedCredential.expiry_date) === null || _parsedCredential$exp === void 0 ? void 0 : _parsedCredential$exp.value);
|
|
273
285
|
if (!expirationDate) {
|
|
274
286
|
throw new IoWalletError(`expirationDate must be present!!`);
|
|
@@ -296,12 +308,12 @@ const verifyAndParseCredentialMDoc = async (issuerConf, credential, _, _ref19) =
|
|
|
296
308
|
* @throws {IoWalletError} If the credential is not bound to the provided user key
|
|
297
309
|
* @throws {IoWalletError} If the credential data fail to parse
|
|
298
310
|
*/
|
|
299
|
-
export const verifyAndParseCredential = async (issuerConf, credential, format, context) => {
|
|
311
|
+
export const verifyAndParseCredential = async (issuerConf, credential, format, credentialType, context) => {
|
|
300
312
|
if (format === "vc+sd-jwt") {
|
|
301
|
-
return verifyAndParseCredentialSdJwt(issuerConf, credential, format, context);
|
|
313
|
+
return verifyAndParseCredentialSdJwt(issuerConf, credential, format, credentialType, context);
|
|
302
314
|
}
|
|
303
315
|
if (format === "mso_mdoc") {
|
|
304
|
-
return verifyAndParseCredentialMDoc(issuerConf, credential, format, context);
|
|
316
|
+
return verifyAndParseCredentialMDoc(issuerConf, credential, format, credentialType, context);
|
|
305
317
|
}
|
|
306
318
|
throw new IoWalletError(`Unsupported credential format: ${format}`);
|
|
307
319
|
};
|