feat: add new openid4vp session transcript methods (#82)

Signed-off-by: Timo Glastra <timo@animo.id>

Author: TimoGlastra

.changeset/good-starfishes-chew.md

@@ -0,0 +1,9 @@
+---
+"@animo-id/mdoc": minor
+---
+
+feat: add new openid4vp session transcript calculation methods.
+
+NOTE that this introduces breaking chnages since `calculateSessionTranscriptBytesForOid4VpDcApi` has been renamed to `calculateSessionTranscriptBytesForOid4VpDcApiDraft24`. The `calculateSessionTranscriptBytesForOid4VpDcApi` method is now used for the latest (draft29/1.0) session transcript structure.
+
+In addtion, `calculateSessionTranscriptBytesForOid4Vp` has been renamed to `calculateSessionTranscriptBytesForOid4VpDraft18`. The `calculateSessionTranscriptBytesForOid4Vp` method is now used for the latest (draft29/1.0) session transcript structure.

src/mdoc/models/session-transcript.ts

@@ -43,7 +43,7 @@ export class SessionTranscript extends CborStructure {
     ]
   }
 
-  public static async calculateSessionTranscriptBytesForOid4VpDcApi(
+  public static async calculateSessionTranscriptBytesForOid4VpDcApiDraft24(
     options: { clientId: string; origin: string; verifierGeneratedNonce: string },
     ctx: Pick<MdocContext, 'crypto'>
   ) {
@@ -62,7 +62,54 @@ export class SessionTranscript extends CborStructure {
     )
   }
 
+  public static async calculateSessionTranscriptBytesForOid4VpDcApi(
+    options: { origin: string; verifierGeneratedNonce: string; jwkThumbprint?: Uint8Array },
+    ctx: Pick<MdocContext, 'crypto'>
+  ) {
+    return cborEncode(
+      DataItem.fromData([
+        null,
+        null,
+        [
+          'OpenID4VPDCAPIHandover',
+          await ctx.crypto.digest({
+            digestAlgorithm: 'SHA-256',
+            bytes: cborEncode([options.origin, options.verifierGeneratedNonce, options.jwkThumbprint ?? null]),
+          }),
+        ],
+      ])
+    )
+  }
+
   public static async calculateSessionTranscriptBytesForOid4Vp(
+    options: { clientId: string; verifierGeneratedNonce: string; jwkThumbprint?: Uint8Array; responseUri: string },
+    ctx: Pick<MdocContext, 'crypto'>
+  ) {
+    return cborEncode(
+      DataItem.fromData([
+        null,
+        null,
+        [
+          'OpenID4VPHandover',
+          await ctx.crypto.digest({
+            digestAlgorithm: 'SHA-256',
+            bytes: cborEncode([
+              options.clientId,
+              options.verifierGeneratedNonce,
+              options.jwkThumbprint ?? null,
+              options.responseUri,
+            ]),
+          }),
+        ],
+      ])
+    )
+  }
+
+  /**
+   * Calculate the session transcript bytes as defined in 18013-7 first edition, based
+   * on OpenID4VP draft 18.
+   */
+  public static async calculateSessionTranscriptBytesForOid4VpDraft18(
     options: { clientId: string; responseUri: string; verifierGeneratedNonce: string; mdocGeneratedNonce: string },
     ctx: Pick<MdocContext, 'crypto'>
   ) {

tests/examples/france/verify.test.ts

@@ -21,7 +21,7 @@ describe('French playground mdoc implementation', () => {
         await DeviceResponse.decode(deviceResponse).validate(
           {
             trustedCertificates: [new Uint8Array(issuerCertificate.rawData)],
-            sessionTranscript: await SessionTranscript.calculateSessionTranscriptBytesForOid4Vp(
+            sessionTranscript: await SessionTranscript.calculateSessionTranscriptBytesForOid4VpDraft18(
               {
                 clientId,
                 responseUri,

tests/examples/google/verify.test.ts

@@ -26,7 +26,7 @@ describe('Google CM Wallet mdoc implementation', () => {
               // to trust the signing certificate for now
               new Uint8Array(signingCertificate.rawData),
             ],
-            sessionTranscript: await SessionTranscript.calculateSessionTranscriptBytesForOid4VpDcApi(
+            sessionTranscript: await SessionTranscript.calculateSessionTranscriptBytesForOid4VpDcApiDraft24(
               {
                 origin,
                 clientId,

tests/examples/ubique/verify.test.ts

@@ -21,7 +21,7 @@ describe('Ubique mdoc implementation', () => {
         await DeviceResponse.decode(deviceResponse).validate(
           {
             trustedCertificates: [new Uint8Array(issuerCertificate.rawData)],
-            sessionTranscript: await SessionTranscript.calculateSessionTranscriptBytesForOid4Vp(
+            sessionTranscript: await SessionTranscript.calculateSessionTranscriptBytesForOid4VpDraft18(
               {
                 clientId,
                 responseUri,

tests/models/session-transcript.test.ts

@@ -1,9 +1,11 @@
 import { describe, expect, test } from 'vitest'
+import { cborDecode, cborEncode } from '../../src'
 import { DeviceEngagement } from '../../src/mdoc/models/device-engagement'
 import { EReaderKey } from '../../src/mdoc/models/e-reader-key'
 import { NfcHandover } from '../../src/mdoc/models/nfc-handover'
 import { SessionTranscript } from '../../src/mdoc/models/session-transcript'
 import { hex } from '../../src/utils'
+import { mdocContext } from '../context'
 
 const cbor =
   'd81859024183d8185858a20063312e30018201d818584ba4010220012158205a88d182bce5f42efa59943f33359d2e8a968ff289d93e5fa444b624343167fe225820b16e8cf858ddc7690407ba61d4c338237a8cfcf3de6aa672fc60a557aa32fc67d818584ba40102200121582060e3392385041f51403051f2415531cb56dd3f999c71687013aac6768bc8187e225820e58deb8fdbe907f7dd5368245551a34796f7d2215c440c339bb0f7b67beccdfa8258c391020f487315d10209616301013001046d646f631a200c016170706c69636174696f6e2f766e642e626c7565746f6f74682e6c652e6f6f6230081b28128b37282801021c015c1e580469736f2e6f72673a31383031333a646576696365656e676167656d656e746d646f63a20063312e30018201d818584ba4010220012158205a88d182bce5f42efa59943f33359d2e8a968ff289d93e5fa444b624343167fe225820b16e8cf858ddc7690407ba61d4c338237a8cfcf3de6aa672fc60a557aa32fc6758cd91022548721591020263720102110204616301013000110206616301036e6663005102046163010157001a201e016170706c69636174696f6e2f766e642e626c7565746f6f74682e6c652e6f6f6230081b28078080bf2801021c021107c832fff6d26fa0beb34dfcd555d4823a1c11010369736f2e6f72673a31383031333a6e66636e6663015a172b016170706c69636174696f6e2f766e642e7766612e6e616e57030101032302001324fec9a70b97ac9684a4e326176ef5b981c5e8533e5f00298cfccbc35e700a6b020414'
@@ -21,4 +23,35 @@ describe('session transcript', () => {
     expect(nh.selectMessage).toBeDefined()
     expect(nh.requestMessage).toBeDefined()
   })
+
+  test('calculateSessionTranscriptBytesForOid4VpDcApi against OpenID4VP test vector', async () => {
+    const sessionTranscript = await SessionTranscript.calculateSessionTranscriptBytesForOid4VpDcApi(
+      {
+        origin: 'https://example.com',
+        verifierGeneratedNonce: 'exc7gBkxjx1rdc9udRrveKvSsJIq80avlXeLHhGwqtA',
+        jwkThumbprint: Buffer.from('4283ec927ae0f208daaa2d026a814f2b22dca52cf85ffa8f3f8626c6bd669047', 'hex'),
+      },
+      mdocContext
+    )
+
+    expect(Buffer.from(cborEncode(cborDecode(sessionTranscript))).toString('hex')).toEqual(
+      '83f6f682764f70656e4944345650444341504948616e646f7665725820fbece366f4212f9762c74cfdbf83b8c69e371d5d68cea09cb4c48ca6daab761a'
+    )
+  })
+
+  test('calculateSessionTranscriptBytesForOid4Vp against OpenID4VP test vector', async () => {
+    const sessionTranscript = await SessionTranscript.calculateSessionTranscriptBytesForOid4Vp(
+      {
+        clientId: 'x509_san_dns:example.com',
+        verifierGeneratedNonce: 'exc7gBkxjx1rdc9udRrveKvSsJIq80avlXeLHhGwqtA',
+        jwkThumbprint: Buffer.from('4283ec927ae0f208daaa2d026a814f2b22dca52cf85ffa8f3f8626c6bd669047', 'hex'),
+        responseUri: 'https://example.com/response',
+      },
+      mdocContext
+    )
+
+    expect(Buffer.from(cborEncode(cborDecode(sessionTranscript))).toString('hex')).toEqual(
+      '83f6f682714f70656e494434565048616e646f7665725820048bc053c00442af9b8eed494cefdd9d95240d254b046b11b68013722aad38ac'
+    )
+  })
 })