fix eu-digital-identity-wallet#91 class cast exception when generatin…

…g session transcript bytes
niscy-eudiw · Jan 30, 2025 · 84f1b2b · 84f1b2b
1 parent 6c9fd74
commit 84f1b2b
Show file tree

Hide file tree

Showing 2 changed files with 89 additions and 5 deletions.
diff --git a/wallet-core/src/main/java/eu/europa/ec/eudi/wallet/internal/OpenId4VpUtils.kt b/wallet-core/src/main/java/eu/europa/ec/eudi/wallet/internal/OpenId4VpUtils.kt
@@ -106,7 +106,7 @@ internal object OpenId4VpUtils {
         responseUri: String,
         nonce: String,
         mdocGeneratedNonce: String,
-    ): com.upokecenter.cbor.CBORObject {
+    ): CBORObject {
         val clientIdToHash = CBORObject.NewArray().apply {
             Add(clientId)
             Add(mdocGeneratedNonce)
@@ -195,9 +195,10 @@ internal object OpenId4VpUtils {
         mdocGeneratedNonce: String,
     ): SessionTranscriptBytes {
         val clientId = this.client.id
-        val responseUri =
-            (this.responseMode as ResponseMode.DirectPostJwt?)?.responseURI?.toString()
-                ?: ""
+        val responseUri = when(val mode = this.responseMode) {
+            is ResponseMode.DirectPostJwt -> mode.responseURI.toString()
+            else -> ""
+        }
         val nonce = this.nonce
 
         val sessionTranscriptBytes = generateSessionTranscript(

diff --git a/wallet-core/src/test/java/eu/europa/ec/eudi/wallet/internal/Openid4VpUtilsTest.kt b/wallet-core/src/test/java/eu/europa/ec/eudi/wallet/internal/Openid4VpUtilsTest.kt
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2023-2024 European Commission
+ * Copyright (c) 2023-2025 European Commission
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,8 +16,19 @@
 
 package eu.europa.ec.eudi.wallet.internal
 
+import com.upokecenter.cbor.CBORObject
+import eu.europa.ec.eudi.openid4vp.Client
+import eu.europa.ec.eudi.openid4vp.ResolvedRequestObject
+import eu.europa.ec.eudi.openid4vp.ResponseMode
+import eu.europa.ec.eudi.openid4vp.VpFormat
+import eu.europa.ec.eudi.openid4vp.VpFormats
+import eu.europa.ec.eudi.wallet.internal.OpenId4VpUtils.getSessionTranscriptBytes
+import io.mockk.mockk
 import org.bouncycastle.util.encoders.Hex
+import java.net.URL
+import java.security.MessageDigest
 import kotlin.test.Test
+import kotlin.test.assertContentEquals
 import kotlin.test.assertEquals
 
 
@@ -60,4 +71,76 @@ class Openid4VpUtilsTest {
         )
         assertEquals(ANNEX_B_SESSION_TRANSCRIPT, Hex.toHexString(sessionTranscript).uppercase())
     }
+
+    @Test
+    fun testGetSessionTranscriptBytes() {
+        val expected = CBORObject.NewArray()
+            .Add(CBORObject.Null)
+            .Add(CBORObject.Null)
+            .Add(
+                CBORObject.NewArray()
+                    .Add(MessageDigest.getInstance("SHA-256").digest(
+                        CBORObject.NewArray()
+                            .Add(clientId)
+                            .Add(mdocGeneratedNonce)
+                            .EncodeToBytes()
+                    ))
+                    .Add(MessageDigest.getInstance("SHA-256").digest(
+                        CBORObject.NewArray()
+                            .Add(responseUri)
+                            .Add(mdocGeneratedNonce)
+                            .EncodeToBytes()
+                    ))
+                    .Add(nonce)
+            )
+            .EncodeToBytes()
+        val auth = ResolvedRequestObject.OpenId4VPAuthorization(
+            client = Client.Preregistered(clientId, legalName = clientId),
+            responseMode = ResponseMode.DirectPostJwt(URL(responseUri)),
+            nonce = nonce,
+            state = "state",
+            vpFormats = VpFormats(listOf(VpFormat.MsoMdoc)),
+            jarmRequirement = mockk(),
+            presentationDefinition = mockk()
+        )
+        val mdocGeneratedNonce = mdocGeneratedNonce
+        val sessionTranscriptBytes = auth.getSessionTranscriptBytes(mdocGeneratedNonce)
+        assertContentEquals(expected, sessionTranscriptBytes)
+    }
+
+    @Test
+    fun testGetSessionTranscriptBytesWithOtherThanDirectPostJwtLeadsToEmtpyResponseUri() {
+        val expected = CBORObject.NewArray()
+            .Add(CBORObject.Null)
+            .Add(CBORObject.Null)
+            .Add(
+                CBORObject.NewArray()
+                    .Add(MessageDigest.getInstance("SHA-256").digest(
+                        CBORObject.NewArray()
+                            .Add(clientId)
+                            .Add(mdocGeneratedNonce)
+                            .EncodeToBytes()
+                    ))
+                    .Add(MessageDigest.getInstance("SHA-256").digest(
+                        CBORObject.NewArray()
+                            .Add("")
+                            .Add(mdocGeneratedNonce)
+                            .EncodeToBytes()
+                    ))
+                    .Add(nonce)
+            )
+            .EncodeToBytes()
+        val auth = ResolvedRequestObject.OpenId4VPAuthorization(
+            client = Client.Preregistered(clientId, legalName = clientId),
+            responseMode = ResponseMode.DirectPost(URL(responseUri)),
+            nonce = nonce,
+            state = "state",
+            vpFormats = VpFormats(listOf(VpFormat.MsoMdoc)),
+            jarmRequirement = mockk(),
+            presentationDefinition = mockk()
+        )
+        val mdocGeneratedNonce = mdocGeneratedNonce
+        val sessionTranscriptBytes = auth.getSessionTranscriptBytes(mdocGeneratedNonce)
+        assertContentEquals(expected, sessionTranscriptBytes)
+    }
 }