patches local (#23)

* patches

Signed-off-by: Timo Glastra <timo@animo.id>

* fix: patches are updated

Signed-off-by: Berend Sliedrecht <sliedrecht@berend.io>

* feat: udpate credo (#24)

---------

Signed-off-by: Timo Glastra <timo@animo.id>
Signed-off-by: Berend Sliedrecht <sliedrecht@berend.io>
Co-authored-by: Timo Glastra <timo@animo.id>
Co-authored-by: Martin Auer <martin.auer97@gmail.com>

agent/package.json

@@ -1,12 +1,12 @@
 {
   "name": "agent",
   "dependencies": {
-    "@credo-ts/askar": "0.5.11-pr-1996-20240826150533",
-    "@credo-ts/cheqd": "0.5.11-pr-1996-20240826150533",
-    "@credo-ts/core": "0.5.11-pr-1996-20240826150533",
-    "@credo-ts/indy-vdr": "0.5.11-pr-1996-20240826150533",
-    "@credo-ts/node": "0.5.11-pr-1996-20240826150533",
-    "@credo-ts/openid4vc": "0.5.11-pr-1996-20240826150533",
+    "@credo-ts/askar": "0.5.11-pr-1996-20240827124430",
+    "@credo-ts/cheqd": "0.5.11-pr-1996-20240827124430",
+    "@credo-ts/core": "0.5.11-pr-1996-20240827124430",
+    "@credo-ts/indy-vdr": "0.5.11-pr-1996-20240827124430",
+    "@credo-ts/node": "0.5.11-pr-1996-20240827124430",
+    "@credo-ts/openid4vc": "0.5.11-pr-1996-20240827124430",
     "@hyperledger/aries-askar-nodejs": "^0.2.3",
     "cors": "^2.8.5",
     "dotenv": "^16.4.5",
@@ -30,9 +30,9 @@
       "@sphereon/did-auth-siop": "file:./sphereon-did-auth-siop-0.16.0.tgz"
     },
     "patchedDependencies": {
-      "@sphereon/did-auth-siop@0.16.0": "patches/@sphereon__did-auth-siop@0.16.0.patch",
-      "@credo-ts/openid4vc@0.5.11-pr-1996-20240826150533": "patches/@credo-ts__openid4vc@0.5.11-pr-1996-20240826150533.patch",
-      "@credo-ts/core@0.5.11-pr-1996-20240826150533": "patches/@credo-ts__core@0.5.11-pr-1996-20240826150533.patch"
+      "@sphereon/did-auth-siop@file:sphereon-did-auth-siop-0.16.0.tgz": "patches/@sphereon__did-auth-siop@0.16.0.patch",
+      "@credo-ts/openid4vc@0.5.11-pr-1996-20240827124430": "patches/@credo-ts__openid4vc@0.5.11-pr-1996-20240827124430.patch",
+      "@credo-ts/core@0.5.11-pr-1996-20240827124430": "patches/@credo-ts__core@0.5.11-pr-1996-20240827124430.patch"
     }
   }
 }

agent/src/endpoints.ts

@@ -139,34 +139,8 @@ apiRouter.post('/requests/create', async (request: Request, response: Response)
 
   const definition = createPresentationRequestBody.presentationDefinition
 
-  try {
-    // TODO: disable for real credential
-    // Key for the fake credential. Can be removed when the pid issuer updated
-    await agent.wallet.createKey({
-      keyType: KeyType.P256,
-      privateKey: TypedArrayEncoder.fromHex('ad38184e0d5d9af97b023b6421707dc079f7d66a185bfd4c589837e3cb69fbfb'),
-    })
-    // Ignore key already exist
-  } catch {}
-
-  const askarKey = AskarKey.fromSecretBytes({
-    secretKey: new Uint8Array(
-      TypedArrayEncoder.fromHex('ad38184e0d5d9af97b023b6421707dc079f7d66a185bfd4c589837e3cb69fbfb')
-    ),
-    algorithm: KeyAlgs.EcSecp256r1,
-  })
-
-  const additionalPayloadClaims = {
-    rp_eph_pub: {
-      jwk: askarKey.jwkPublic,
-    },
-  }
-
-  // TODO: enable for real credential
-  // const key = await agent.context.wallet.createKey({keyType: KeyType.P256})
-  // additionalClaims["rp_eph_pub"] = {
-  //   jwk: getJwkFromKey(key).toJson(),
-  // };
+  const key = await agent.context.wallet.createKey({ keyType: KeyType.P256 })
+  const additionalPayloadClaims = { rp_eph_pub: getJwkFromKey(key).toJson() }
 
   const { authorizationRequest, verificationSession } =
     await agent.modules.openId4VcVerifier.createAuthorizationRequest({
@@ -184,6 +158,8 @@ apiRouter.post('/requests/create', async (request: Request, response: Response)
       additionalPayloadClaims,
     })
 
+  console.log(authorizationRequest)
+
   return response.json({
     authorizationRequestUri: authorizationRequest,
     verificationSessionId: verificationSession.id,

agent/src/verifyHs256Callback.ts

@@ -90,16 +90,12 @@ const compressP256PublicKey = (uncompressed: Uint8Array): Uint8Array => {
 }
 
 export const verifyHs256Callback = (context: AgentContext, verifierKey: Record<string, unknown>) => {
-  const cert = X509Service.parseCertificate(context, {
-    encodedCertificate: bdrPidIssuerCertificate,
-  })
-  return async (data: Uint8Array, signatureBase64Url: string) => {
-    console.error('arrived!')
+  return async (key: Key, data: Uint8Array, signatureBase64Url: string) => {
     const mac = TypedArrayEncoder.fromBase64(signatureBase64Url)
 
     const jwk = getJwkFromJson(verifierKey as JwkJson)
 
-    const theirKeyBytes = compressP256PublicKey(new Uint8Array(cert.publicKey.publicKey))
+    const theirKeyBytes = compressP256PublicKey(new Uint8Array(key.publicKey))
 
     const isValid = await diffieHellmanKeyExchangeAndVerify({
       mac: Buffer.from(mac),

app/components/IssueTab.tsx

@@ -3,11 +3,11 @@ import { Card } from '@/components/ui/card'
 import { Label } from '@/components/ui/label'
 import { Select, SelectContent, SelectGroup, SelectItem, SelectTrigger, SelectValue } from '@/components/ui/select'
 import { Tooltip, TooltipContent, TooltipProvider, TooltipTrigger } from '@/components/ui/tooltip'
+import { ExclamationTriangleIcon } from '@radix-ui/react-icons'
 import { type FormEvent, useEffect, useState } from 'react'
 import QRCode from 'react-qr-code'
 import { createOffer, getIssuer, getX509Certificate } from '../lib/api'
-import { ExclamationTriangleIcon } from '@radix-ui/react-icons'
-import { Alert, AlertTitle, AlertDescription } from './ui/alert'
+import { Alert, AlertDescription, AlertTitle } from './ui/alert'
 
 export function IssueTab({ disabled = false }: { disabled?: boolean }) {
   const [x509Certificate, setX509Certificate] = useState<string>()

app/components/ReceiveTab.tsx

@@ -2,10 +2,10 @@ import { HighLight } from '@/components/highLight'
 import { Button } from '@/components/ui/button'
 import { Card } from '@/components/ui/card'
 import { Label } from '@/components/ui/label'
+import { ExclamationTriangleIcon } from '@radix-ui/react-icons'
 import { type FormEvent, useState } from 'react'
 import { receiveOffer, receiveRequest } from '../lib/api'
 import { Alert, AlertDescription, AlertTitle } from './ui/alert'
-import { ExclamationTriangleIcon } from '@radix-ui/react-icons'
 
 export function ReceiveTab({ disabled = false }: { disabled?: boolean }) {
   const [receiveCredentialOfferOrPresentationUri, setReceiveCredentialOfferUri] = useState<string>()

app/components/VerifyBlock.tsx

@@ -8,9 +8,9 @@ import { HighLight } from './highLight'
 import { Alert, AlertDescription, AlertTitle } from './ui/alert'
 import { Button } from './ui/button'
 import { Card } from './ui/card'
-import { TypographyH3, TypographyH4 } from './ui/typography'
 import { Label } from './ui/label'
 import { Select, SelectContent, SelectGroup, SelectItem, SelectTrigger, SelectValue } from './ui/select'
+import { TypographyH3, TypographyH4 } from './ui/typography'
 
 export type CredentialType = 'mdoc' | 'sdjwt'
 export type RequestType = 'name_age_over_21' | 'city' | 'age_birth_family_name'
@@ -91,7 +91,8 @@ export const VerifyBlock: React.FC<VerifyBlockProps> = ({ createRequest, flowNam
           . It is only compatible with the current deployed version of{' '}
           <a className="underline" href="https://github.com/animo/paradym-wallet/tree/main/apps/easypid">
             Animo's EUDI Wallet Prototype
-          </a>.
+          </a>
+          .
         </AlertDescription>
       </Alert>
       <TypographyH3>{flowName}</TypographyH3>

app/components/VerifyTab.tsx

@@ -9,7 +9,7 @@ export function VerifyTab() {
     credentialType: CredentialType
     requestType: RequestType
   }) => {
-    const issuer = (await getIssuer()).availableX509Certificates[0]  
+    const issuer = (await getIssuer()).availableX509Certificates[0]
     return await createRequest({
       presentationDefinition:
         options.credentialType === 'sdjwt'

app/components/main.tsx

@@ -1,10 +1,10 @@
 'use client'
 
 import { Tabs, TabsContent, TabsList, TabsTrigger } from '@/components/ui/tabs'
-import { VerifyTab } from './VerifyTab'
+import { GitHubLogoIcon } from '@radix-ui/react-icons'
 import { IssueTab } from './IssueTab'
 import { ReceiveTab } from './ReceiveTab'
-import { GitHubLogoIcon } from '@radix-ui/react-icons'
+import { VerifyTab } from './VerifyTab'
 
 export function Main() {
   return (

patches/@credo-ts__core@0.5.11-pr-1996-20240826150533.patch

@@ -9,7 +9,7 @@ index de5fe62881d049c4030125e0a4cc8ca38de41be9..1c1a48e75f081f2f52bddd0a970544e7
 +    verifyHs256Callback?: (key: Key, data: Uint8Array, signatureBase64Url: string) => Promise<string>
  };
 diff --git a/build/modules/sd-jwt-vc/SdJwtVcService.js b/build/modules/sd-jwt-vc/SdJwtVcService.js
-index add911d9570edcad9945c4819bfc56cf6f715201..76bc45a0ac804a8d8f9318fc2847caddb753781e 100644
+index add911d9570edcad9945c4819bfc56cf6f715201..90f49bad702beb85194a0a7895dc9a9f8ad66b8c 100644
 --- a/build/modules/sd-jwt-vc/SdJwtVcService.js
 +++ b/build/modules/sd-jwt-vc/SdJwtVcService.js
 @@ -112,7 +112,7 @@ let SdJwtVcService = class SdJwtVcService {
@@ -48,22 +48,12 @@ index add911d9570edcad9945c4819bfc56cf6f715201..76bc45a0ac804a8d8f9318fc2847cadd
 +              const parsedHeader = utils_2.TypedArrayEncoder.fromBase64(header).toString()
 +              const { alg } = JSON.parse(parsedHeader)
 +              if(alg === "DVS-P256-SHA256-HS256") {
-+                return await verifyHs256Callback(new Uint8Array(utils_2.TypedArrayEncoder.fromString(message)), signatureBase64Url)
++                return await verifyHs256Callback(key, new Uint8Array(utils_2.TypedArrayEncoder.fromString(message)), signatureBase64Url)
 +              }
              }
              return await agentContext.wallet.verify({
                  signature: utils_2.TypedArrayEncoder.fromBase64(signatureBase64Url),
-@@ -274,6 +283,9 @@ let SdJwtVcService = class SdJwtVcService {
-         };
-     }
-     async extractKeyFromIssuer(agentContext, issuer) {
-+        if(issuer.method === 'http') {
-+          return { key: '' }
-+        }
-         if (issuer.method === 'did') {
-             const parsedDid = (0, dids_1.parseDid)(issuer.didUrl);
-             if (!parsedDid.fragment) {
-@@ -373,6 +385,11 @@ let SdJwtVcService = class SdJwtVcService {
+@@ -373,6 +382,11 @@ let SdJwtVcService = class SdJwtVcService {
                  didUrl,
              };
          }