fix build

wwWallet · Dec 10, 2024 · a5446d0 · a5446d0
1 parent 02c03bf
commit a5446d0
Show file tree

Hide file tree

Showing 2 changed files with 29 additions and 12 deletions.
diff --git a/src/services/LocalStorageKeystore.ts b/src/services/LocalStorageKeystore.ts
@@ -8,6 +8,7 @@ import { useOnUserInactivity } from "../hooks/useOnUserInactivity";
 
 import * as keystore from "./keystore";
 import type { AsymmetricEncryptedContainer, AsymmetricEncryptedContainerKeys, EncryptedContainer, OpenedContainer, PrivateData, UnlockSuccess, WebauthnPrfEncryptionKeyInfo, WebauthnPrfSaltInfo, WrappedKeyInfo } from "./keystore";
+import { VerifiableCredentialFormat } from "../lib/schemas/vc";
 
 
 type UserData = {
@@ -67,7 +68,7 @@ export interface LocalStorageKeystore {
 	getUserHandleB64u(): string | null,
 
 	signJwtPresentation(nonce: string, audience: string, verifiableCredentials: any[]): Promise<{ vpjwt: string }>,
-	generateOpenid4vciProofs(requests: { nonce: string, audience: string, issuer: string }[]): Promise<[
+	generateOpenid4vciProofs(requests: { nonce: string, audience: string, issuer: string, format?: VerifiableCredentialFormat }[]): Promise<[
 		{ proof_jwts: string[] },
 		AsymmetricEncryptedContainer,
 		CommitCallback,
@@ -369,20 +370,21 @@ export function useLocalStorageKeystore(): LocalStorageKeystore {
 			await keystore.signJwtPresentation(await openPrivateData(), nonce, audience, verifiableCredentials)
 		),
 
-		generateOpenid4vciProofs: async (requests: { nonce: string, audience: string, issuer: string }[]): Promise<[
+		generateOpenid4vciProofs: async (requests: { nonce: string, audience: string, issuer: string, format?: VerifiableCredentialFormat }[]): Promise<[
 			{ proof_jwts: string[] },
 			AsymmetricEncryptedContainer,
 			CommitCallback,
 		]> => (
 			await editPrivateData(async (originalContainer) => {
-				const { nonce, audience, issuer } = requests[0]; // the first row is enough since the nonce remains the same
+				const { nonce, audience, issuer, format } = requests[0]; // the first row is enough since the nonce remains the same
 				const [{ proof_jwts }, newContainer] = await keystore.generateOpenid4vciProofs(
 					originalContainer,
 					config.DID_KEY_VERSION,
 					nonce,
 					audience,
 					issuer,
-					requests.length
+					requests.length,
+					format,
 				);
 				return [{ proof_jwts }, newContainer];
 			})

diff --git a/src/services/keystore.ts b/src/services/keystore.ts
@@ -10,6 +10,7 @@ import * as config from '../config';
 import type { DidKeyVersion } from '../config';
 import { byteArrayEquals, filterObject, jsonParseTaggedBinary, jsonStringifyTaggedBinary, toBase64Url } from "../util";
 import { SdJwt } from "@sd-jwt/core";
+import { VerifiableCredentialFormat } from "../lib/schemas/vc";
 
 
 const keyDidResolver = KeyDidResolver.getResolver();
@@ -1050,6 +1051,7 @@ async function addNewCredentialKeypairs(
 	privateKeys: CryptoKey[],
 	keypairs: CredentialKeyPair[],
 	newPrivateData: OpenedContainer,
+	dids: string[],
 }> {
 
 	const keypairsWithPrivateKeys = await Promise.all(Array.from({ length: numberOfKeyPairs }).map(async () => {
@@ -1071,13 +1073,14 @@ async function addNewCredentialKeypairs(
 			wrappedPrivateKey,
 		};
 
-		return { kid, keypair, privateKey };
+		return { did, kid, keypair, privateKey };
 	}));
 
 
 
 	console.log("addNewredentialKeypair: Before update private data")
 	return {
+		dids: keypairsWithPrivateKeys.map((k) => k.did),
 		privateKeys: keypairsWithPrivateKeys.map((k) => k.privateKey),
 		keypairs: keypairsWithPrivateKeys.map((k) => k.keypair),
 		newPrivateData: await updatePrivateData(
@@ -1151,27 +1154,39 @@ export async function generateOpenid4vciProofs(
 	nonce: string,
 	audience: string,
 	issuer: string,
-	numberOfKeyPairs: number = 1
+	numberOfKeyPairs: number = 1,
+	format?: VerifiableCredentialFormat
 ): Promise<[{ proof_jwts: string[] }, OpenedContainer]> {
 	const deriveKid = async (publicKey: CryptoKey) => {
 		const pubKey = await crypto.subtle.exportKey("jwk", publicKey);
 		const jwkThumbprint = await jose.calculateJwkThumbprint(pubKey as JWK, "sha256");
 		return jwkThumbprint;
 	};
-	const { privateKeys, newPrivateData, keypairs } = await addNewCredentialKeypairs(container, didKeyVersion, deriveKid, numberOfKeyPairs);
+	const { privateKeys, newPrivateData, keypairs, dids } = await addNewCredentialKeypairs(container, didKeyVersion, deriveKid, numberOfKeyPairs);
 
 	const proof_jwts = await Promise.all(keypairs.map(async (keypair, index) => {
 		const privateKey = privateKeys[index];
+		const did = dids[index];
+
+		const header = format === VerifiableCredentialFormat.JWT_VC_JSON
+		? {
+			alg: keypair.alg,
+			typ: "openid4vci-proof+jwt",
+			kid: did
+		}
+		: {
+			alg: keypair.alg,
+			typ: "openid4vci-proof+jwt",
+			jwk: { ...keypair.publicKey, key_ops: ['verify'] } as JWK,
+		};
+
 		const jws: string = await new SignJWT({
 			nonce: nonce,
 			aud: audience,
 			iss: issuer,
+			client_id: issuer,
 		})
-			.setProtectedHeader({
-				alg: keypair.alg,
-				typ: "openid4vci-proof+jwt",
-				jwk: { ...keypair.publicKey, key_ops: ['verify'] } as JWK,
-			})
+			.setProtectedHeader(header)
 			.setIssuedAt()
 			.sign(privateKey);
 		return jws;