fix: allow verifier to pass in session transcript bytes (#103)

Signed-off-by: Berend Sliedrecht <[email protected]>

Author: berendsliedrecht

src/mdoc/models/device-auth.ts

@@ -65,7 +65,7 @@ export class DeviceAuth extends CborStructure {
       document: Document
       verificationCallback?: VerificationCallback
       ephemeralMacPrivateKey?: CoseKey
-      sessionTranscript: SessionTranscript
+      sessionTranscript: SessionTranscript | Uint8Array
     },
     ctx: Pick<MdocContext, 'crypto' | 'cose'>
   ) {

src/mdoc/models/device-authentication.ts

@@ -17,24 +17,23 @@ export type DeviceAuthenticationOptions = {
 }
 
 export class DeviceAuthentication extends CborStructure {
-  public sessionTranscript: SessionTranscript
+  public sessionTranscript: SessionTranscript | Uint8Array
   public docType: DocType
   public deviceNamespaces: DeviceNamespaces
 
   public constructor(options: DeviceAuthenticationOptions) {
     super()
-    this.sessionTranscript =
-      options.sessionTranscript instanceof SessionTranscript
-        ? options.sessionTranscript
-        : SessionTranscript.decode(options.sessionTranscript)
+    this.sessionTranscript = options.sessionTranscript
     this.docType = options.docType
     this.deviceNamespaces = options.deviceNamespaces
   }
 
   public encodedStructure(): DeviceAuthenticationStructure {
     return [
       'DeviceAuthentication',
-      this.sessionTranscript.encodedStructure(),
+      this.sessionTranscript instanceof SessionTranscript
+        ? this.sessionTranscript.encodedStructure()
+        : cborDecode(this.sessionTranscript),
       this.docType,
       DataItem.fromData(this.deviceNamespaces.encodedStructure()),
     ]

src/mdoc/models/device-mac.ts

@@ -2,7 +2,7 @@ import { type CborDecodeOptions, cborDecode } from '../../cbor'
 import type { MdocContext } from '../../context'
 import type { CoseKey } from '../../cose'
 import { Mac0, type Mac0Structure } from '../../cose/mac0'
-import type { SessionTranscript } from './session-transcript'
+import { SessionTranscript } from './session-transcript'
 
 export type DeviceMacStructure = Mac0Structure
 
@@ -12,14 +12,17 @@ export class DeviceMac extends Mac0 {
       publicKey: CoseKey
       privateKey: CoseKey
       info?: 'EMacKey' | 'SKReader' | 'SKDevice'
-      sessionTranscript: SessionTranscript
+      sessionTranscript: SessionTranscript | Uint8Array
     },
     ctx: Pick<MdocContext, 'crypto' | 'cose'>
   ) {
     const key = await ctx.crypto.calculateEphemeralMacKey({
       privateKey: options.privateKey.privateKey,
       publicKey: options.publicKey.publicKey,
-      sessionTranscriptBytes: options.sessionTranscript.encode({ asDataItem: true }),
+      sessionTranscriptBytes:
+        options.sessionTranscript instanceof SessionTranscript
+          ? options.sessionTranscript.encode({ asDataItem: true })
+          : options.sessionTranscript,
       info: options.info ?? 'EMacKey',
     })
 

src/mdoc/models/device-response.ts

@@ -17,7 +17,7 @@ import { DeviceSigned } from './device-signed'
 import { Document, type DocumentStructure } from './document'
 import { DocumentError, type DocumentErrorStructure } from './document-error'
 import { IssuerSigned } from './issuer-signed'
-import { SessionTranscript } from './session-transcript'
+import type { SessionTranscript } from './session-transcript'
 
 export type DeviceResponseStructure = {
   version: string
@@ -128,10 +128,7 @@ export class DeviceResponse extends CborStructure {
         {
           document,
           ephemeralMacPrivateKey: options.ephemeralReaderKey,
-          sessionTranscript:
-            options.sessionTranscript instanceof SessionTranscript
-              ? options.sessionTranscript
-              : SessionTranscript.decode(options.sessionTranscript),
+          sessionTranscript: options.sessionTranscript,
           verificationCallback: onCheck,
         },
         ctx

src/verifier.ts

@@ -4,11 +4,6 @@ import type { VerificationCallback } from './mdoc/check-callback.js'
 import { type DeviceRequest, DeviceResponse, type SessionTranscript } from './mdoc/index.js'
 
 export class Verifier {
-  /**
-   *
-   * @todo check whether the device response is compatible with the device request / dcql request
-   *
-   */
   public static async verifyDeviceResponse(
     options: {
       deviceRequest?: DeviceRequest

tests/verification/verify.test.ts

@@ -2,6 +2,7 @@ import { X509Certificate } from '@peculiar/x509'
 import { expect, suite, test } from 'vitest'
 import {
   CoseKey,
+  cborEncode,
   DeviceRequest,
   DeviceResponse,
   DocRequest,
@@ -201,6 +202,86 @@ suite('Verification', () => {
     ).resolves.toBeUndefined()
   })
 
+  test('Verify with custom session transcript', async () => {
+    const issuer = new Issuer('org.iso.18013.5.1', mdocContext)
+
+    issuer.addIssuerNamespace('org.iso.18013.5.1.mDL', {
+      first_name: 'First',
+      last_name: 'Last',
+    })
+
+    const issuerSigned = await issuer.sign({
+      signingKey: CoseKey.fromJwk(ISSUER_PRIVATE_KEY_JWK),
+      certificate: new Uint8Array(new X509Certificate(ISSUER_CERTIFICATE).rawData),
+      algorithm: SignatureAlgorithm.ES256,
+      digestAlgorithm: 'SHA-256',
+      deviceKeyInfo: { deviceKey: CoseKey.fromJwk(DEVICE_JWK) },
+      validityInfo: { signed, validFrom, validUntil },
+    })
+
+    const encodedIssuerSigned = issuerSigned.encodedForOid4Vci
+
+    // openid4vci protocol
+
+    const credential = IssuerSigned.fromEncodedForOid4Vci(encodedIssuerSigned)
+
+    await expect(
+      Holder.verifyIssuerSigned(
+        {
+          issuerSigned: credential,
+          trustedCertificates: [new Uint8Array(new X509Certificate(ISSUER_CERTIFICATE).rawData)],
+        },
+        mdocContext
+      )
+    ).resolves.toBeUndefined()
+
+    const deviceRequest = new DeviceRequest({
+      docRequests: [
+        new DocRequest({
+          itemsRequest: new ItemsRequest({
+            docType: 'org.iso.18013.5.1',
+            namespaces: {
+              'org.iso.18013.5.1.mDL': {
+                first_name: true,
+                last_name: true,
+              },
+            },
+          }),
+        }),
+      ],
+    })
+
+    const fakeSessionTranscript = cborEncode([1, 2, 3])
+
+    const deviceResponse = await Holder.createDeviceResponseForDeviceRequest(
+      {
+        deviceRequest,
+        issuerSigned: [credential],
+        sessionTranscript: fakeSessionTranscript,
+        signature: { signingKey: CoseKey.fromJwk(DEVICE_JWK) },
+      },
+      mdocContext
+    )
+
+    const encodedDeviceResponse = deviceResponse.encodedForOid4Vp
+
+    // openid4vp protocol
+
+    const decodedDeviceResponse = DeviceResponse.fromEncodedForOid4Vp(encodedDeviceResponse)
+
+    await expect(
+      Verifier.verifyDeviceResponse(
+        {
+          deviceRequest,
+          deviceResponse: decodedDeviceResponse,
+          sessionTranscript: fakeSessionTranscript,
+          trustedCertificates: [new Uint8Array(new X509Certificate(ISSUER_CERTIFICATE).rawData)],
+        },
+        mdocContext
+      )
+    ).resolves.toBeUndefined()
+  })
+
   test('Fail to create mdoc with not enough attributes', async () => {
     const issuer = new Issuer('org.iso.18013.5.1', mdocContext)