Rust Changes to OID4VCI for Custom Profiles (#85)

spruceid · Jan 14, 2025 · 0e1956b · 0e1956b
1 parent a268a1a
commit 0e1956b
Show file tree

Hide file tree

Showing 8 changed files with 197 additions and 127 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -20,7 +20,7 @@ cose-rs = { git = "https://github.com/spruceid/cose-rs", rev = "0018c9b", featur
     "time",
 ] }
 isomdl = { git = "https://github.com/spruceid/isomdl", rev = "1f4f762" }
-oid4vci = { git = "https://github.com/spruceid/oid4vci-rs", rev = "3717043" }
+oid4vci = { git = "https://github.com/spruceid/oid4vci-rs", rev = "e97b01e" }
 openid4vp = { git = "https://github.com/spruceid/openid4vp", rev = "335c843" }
 ssi = { version = "0.10.1", features = ["secp256r1", "secp384r1"] }
 

diff --git a/MobileSdkRs/Sources/MobileSdkRs/mobile_sdk_rs.swift b/MobileSdkRs/Sources/MobileSdkRs/mobile_sdk_rs.swift
@@ -11080,11 +11080,11 @@ public func establishSession(uri: String, requestedItems: [String: [String: Bool
     )
 })
 }
-public func generatePopComplete(signingInput: Data, signature: Data)throws  -> String {
+public func generatePopComplete(signingInput: Data, signatureDer: Data)throws  -> String {
     return try  FfiConverterString.lift(try rustCallWithError(FfiConverterTypeOid4vciError.lift) {
     uniffi_mobile_sdk_rs_fn_func_generate_pop_complete(
         FfiConverterData.lower(signingInput),
-        FfiConverterData.lower(signature),$0
+        FfiConverterData.lower(signatureDer),$0
     )
 })
 }
@@ -11322,7 +11322,7 @@ private var initializationResult: InitializationResult = {
     if (uniffi_mobile_sdk_rs_checksum_func_establish_session() != 26937) {
         return InitializationResult.apiChecksumMismatch
     }
-    if (uniffi_mobile_sdk_rs_checksum_func_generate_pop_complete() != 56778) {
+    if (uniffi_mobile_sdk_rs_checksum_func_generate_pop_complete() != 41207) {
         return InitializationResult.apiChecksumMismatch
     }
     if (uniffi_mobile_sdk_rs_checksum_func_generate_pop_prepare() != 54105) {

diff --git a/src/oid4vci/mod.rs b/src/oid4vci/mod.rs
diff --git a/src/oid4vci/session.rs b/src/oid4vci/session.rs
@@ -1,12 +1,5 @@
 use futures::lock::Mutex;
-use oid4vci::{
-    core::{
-        client, metadata,
-        profiles::{self},
-    },
-    credential_offer::CredentialOfferGrants,
-    token,
-};
+use oid4vci::{credential_offer::CredentialOfferGrants, profiles::metadata, token};
 
 use crate::credential::CredentialFormat;
 
@@ -33,7 +26,7 @@ impl Oid4vciSession {
         }
     }
 
-    pub fn get_client(&self) -> &client::Client {
+    pub fn get_client(&self) -> &oid4vci::profiles::client::Client {
         &self.client.0
     }
 
@@ -68,7 +61,7 @@ impl Oid4vciSession {
 
     pub fn get_credential_requests(
         &self,
-    ) -> Result<Vec<profiles::CoreProfilesCredentialRequest>, Oid4vciError> {
+    ) -> Result<Vec<oid4vci::profiles::ProfilesCredentialRequest>, Oid4vciError> {
         self.credential_request
             .try_lock()
             .ok_or(Oid4vciError::LockError("credential_request".into()))?
@@ -81,7 +74,7 @@ impl Oid4vciSession {
 
     pub fn set_credential_request(
         &self,
-        credential_request: profiles::CoreProfilesCredentialRequest,
+        credential_request: oid4vci::profiles::ProfilesCredentialRequest,
     ) -> Result<(), Oid4vciError> {
         *(self
             .credential_request
@@ -94,7 +87,7 @@ impl Oid4vciSession {
 
     pub fn set_credential_requests(
         &self,
-        credential_requests: Vec<profiles::CoreProfilesCredentialRequest>,
+        credential_requests: Vec<oid4vci::profiles::ProfilesCredentialRequest>,
     ) -> Result<(), Oid4vciError> {
         *(self
             .credential_request
@@ -136,17 +129,17 @@ macro_rules! wrap_external_type {
     };
 }
 
-wrap_external_type!(client::Client, Client);
+wrap_external_type!(oid4vci::profiles::client::Client, Client);
 wrap_external_type!(metadata::CredentialIssuerMetadata, CredentialIssuerMetadata);
 wrap_external_type!(
-    Vec<profiles::CoreProfilesCredentialRequest>,
+    Vec<oid4vci::profiles::ProfilesCredentialRequest>,
     CredentialRequest
 );
 wrap_external_type!(token::Response, TokenResponse);
 wrap_external_type!(CredentialOfferGrants, Grants);
 
-impl From<profiles::CoreProfilesCredentialRequest> for CredentialRequest {
-    fn from(value: profiles::CoreProfilesCredentialRequest) -> Self {
+impl From<oid4vci::profiles::ProfilesCredentialRequest> for CredentialRequest {
+    fn from(value: oid4vci::profiles::ProfilesCredentialRequest) -> Self {
         CredentialRequest(vec![value])
     }
 }

diff --git a/src/oid4vp/holder.rs b/src/oid4vp/holder.rs
@@ -363,11 +363,13 @@ pub(crate) mod tests {
         pub async fn sign_jwt(&self, payload: Vec<u8>) -> Result<Vec<u8>, PresentationError> {
             let sig = self
                 .jwk
-                .sign(payload)
+                .sign_bytes(&payload)
                 .await
                 .expect("failed to sign Jws Payload");
 
-            Ok(sig.as_bytes().to_vec())
+            p256::ecdsa::Signature::from_slice(&sig)
+                .map(|sig| sig.to_der().as_bytes().to_vec())
+                .map_err(|e| PresentationError::Signing(format!("{e:?}")))
         }
     }
 

diff --git a/src/oid4vp/presentation.rs b/src/oid4vp/presentation.rs
@@ -206,7 +206,7 @@ pub struct PresentationOptions<'a> {
     pub(crate) context_map: Option<HashMap<String, String>>,
 }
 
-impl<'a> MessageSigner<WithProtocol<Algorithm, AnyProtocol>> for PresentationOptions<'a> {
+impl MessageSigner<WithProtocol<Algorithm, AnyProtocol>> for PresentationOptions<'_> {
     #[allow(async_fn_in_trait)]
     async fn sign(
         self,
@@ -247,7 +247,7 @@ impl<'a> MessageSigner<WithProtocol<Algorithm, AnyProtocol>> for PresentationOpt
     }
 }
 
-impl<'a, M> ssi::verification_methods::Signer<M> for PresentationOptions<'a>
+impl<M> ssi::verification_methods::Signer<M> for PresentationOptions<'_>
 where
     M: ssi::verification_methods::VerificationMethod,
 {

diff --git a/src/proof_of_possession/mod.rs b/src/proof_of_possession/mod.rs
@@ -1,5 +1,6 @@
 use std::str::FromStr;
 
+use base64::prelude::*;
 use oid4vci::{
     proof_of_possession::{
         ProofOfPossession, ProofOfPossessionController, ProofOfPossessionParams,
@@ -53,15 +54,17 @@ pub async fn generate_pop_prepare(
 #[uniffi::export]
 pub fn generate_pop_complete(
     signing_input: Vec<u8>,
-    signature: Vec<u8>,
+    signature_der: Vec<u8>,
 ) -> Result<String, Oid4vciError> {
+    let signature = p256::ecdsa::Signature::from_der(&signature_der)
+        .map_err(|e| Oid4vciError::Generic(e.to_string()))
+        .expect("from_der");
+
     Ok([
         String::from_utf8(signing_input)
             .map_err(|e| e.to_string())
             .map_err(Oid4vciError::from)?,
-        String::from_utf8(signature)
-            .map_err(|e| e.to_string())
-            .map_err(Oid4vciError::from)?,
+        BASE64_URL_SAFE_NO_PAD.encode(signature.to_bytes()),
     ]
     .join("."))
 }