Support vci 1.0 for sdjwts

QZHelen · QZHelen · commit 6a35919d23d7 · 2025-10-23T16:27:05.000-07:00
diff --git a/app/src/main/java/com/credman/cmwallet/createcred/CreateCredentialViewModel.kt b/app/src/main/java/com/credman/cmwallet/createcred/CreateCredentialViewModel.kt
@@ -29,12 +29,15 @@ import com.credman.cmwallet.mdoc.MDoc
 import com.credman.cmwallet.openid4vci.OpenId4VCI
 import com.credman.cmwallet.openid4vci.data.AuthorizationDetailResponseOpenIdCredential
 import com.credman.cmwallet.openid4vci.data.CredentialConfigurationMDoc
+import com.credman.cmwallet.openid4vci.data.CredentialConfigurationSdJwtVc
 import com.credman.cmwallet.openid4vci.data.CredentialRequest
 import com.credman.cmwallet.openid4vci.data.GrantAuthorizationCode
 import com.credman.cmwallet.openid4vci.data.TokenRequest
 import com.credman.cmwallet.openid4vci.data.TokenResponse
 import com.credman.cmwallet.openid4vci.data.imageUriToImageB64
 import com.credman.cmwallet.openid4vp.OpenId4VP
+import com.credman.cmwallet.sdjwt.IssuerJwt
+import com.credman.cmwallet.toBase64UrlNoPadding
 import com.credman.cmwallet.toFixedByteArray
 import kotlinx.coroutines.launch
 import org.json.JSONObject
@@ -148,6 +151,16 @@ class CreateCredentialViewModel : ViewModel() {
                                 x == deviceKey.first && y == deviceKey.second
                             }
                         }
+                        is CredentialConfigurationSdJwtVc -> {
+                            val issuerJwtString = it.credential.split('~')[0]
+                            val cnfKey = IssuerJwt(issuerJwtString).payload.getJSONObject("cnf").getJSONObject("jwk")
+                            deviceKeys.firstOrNull {
+                                val public = it.public as ECPublicKey
+                                val x = public.w.affineX.toFixedByteArray(32).toBase64UrlNoPadding()
+                                val y = public.w.affineY.toFixedByteArray(32).toBase64UrlNoPadding()
+                                x == cnfKey.getString("x") && y == cnfKey.getString("y")
+                            }
+                        }
                         else -> throw UnsupportedOperationException("Unknown configuration $config")
                     }
                     Credential(
diff --git a/app/src/main/java/com/credman/cmwallet/sdjwt/SdJwt.kt b/app/src/main/java/com/credman/cmwallet/sdjwt/SdJwt.kt
@@ -9,7 +9,6 @@ import java.math.BigInteger
 import java.nio.ByteBuffer
 import java.security.MessageDigest
 import android.util.Base64
-import android.util.Log
 import com.credman.cmwallet.createJWTES256
 import com.credman.cmwallet.jwsDeserialization
 import com.credman.cmwallet.loadECPrivateKey
@@ -126,7 +125,7 @@ class VerificationResult(
 )
 
 fun verify(issuerJwtSerialization: String, disclosures: List<String>): VerificationResult {
-    val issuerJwt = Jwt(issuerJwtSerialization)
+    val issuerJwt = IssuerJwt(issuerJwtSerialization)
 
     if (issuerJwt.payload.has("_sd_alg")) {
         assert(issuerJwt.payload["_sd_alg"] == "sha-256") {"Only support sha-256"}
@@ -212,7 +211,7 @@ private fun verifyInternal(
     }
 }
 
-class Jwt {
+class IssuerJwt {
     var header: JSONObject = JSONObject()
     var payload: JSONObject = JSONObject()
     private lateinit var signature: ByteArray
