feature: Enhance SD-JWT VC handling with transaction data support

Author: leoScytales

wallet-core/build.gradle.kts

@@ -125,7 +125,7 @@ dependencies {
     // OpenID4VCI
     implementation(libs.nimbus.oauth2.oidc.sdk)
     // Siop-Openid4VP library
-    implementation(libs.eudi.lib.jvm.siop.openid4vp.kt) {
+    api(libs.eudi.lib.jvm.siop.openid4vp.kt) {
         exclude(group = "org.bouncycastle")
     }
     // SD-JWT VC library

wallet-core/src/main/java/eu/europa/ec/eudi/wallet/dcapi/Utils.kt

@@ -26,6 +26,8 @@ import java.util.Locale
 import kotlin.io.encoding.ExperimentalEncodingApi
 import androidx.core.graphics.scale
 
+private const val SHA_256_ALGORITHM = "SHA-256"
+
 /**
  * Utility functions for DCAPI.
  */
@@ -89,7 +91,7 @@ internal fun getDCAPIIsoMdocSessionTranscript(encryptionInfoBase64: String, orig
             Add(encryptionInfoBase64)
             Add(origin)
         }.EncodeToBytes()
-    val dcapiInfoHash = MessageDigest.getInstance("SHA-256").digest(dcapiInfo)
+    val dcapiInfoHash = MessageDigest.getInstance(SHA_256_ALGORITHM).digest(dcapiInfo)
     val dcapiIsoMdocHandover = CBORObject.NewArray().apply {
         Add(DCAPI)
         Add(dcapiInfoHash)

wallet-core/src/main/java/eu/europa/ec/eudi/wallet/internal/OpenId4VpUtils.kt

@@ -51,6 +51,7 @@ import eu.europa.ec.eudi.openid4vp.ResolvedRequestObject
 import eu.europa.ec.eudi.openid4vp.ResponseEncryptionConfiguration
 import eu.europa.ec.eudi.openid4vp.ResponseMode
 import eu.europa.ec.eudi.openid4vp.SupportedClientIdPrefix
+import eu.europa.ec.eudi.openid4vp.TransactionData
 import eu.europa.ec.eudi.openid4vp.VPConfiguration
 import eu.europa.ec.eudi.openid4vp.VerifiablePresentation
 import eu.europa.ec.eudi.openid4vp.VerifierId
@@ -84,6 +85,8 @@ import java.security.SecureRandom
 import java.util.Base64
 import java.util.Date
 
+private const val SHA_256_ALGORITHM = "SHA-256"
+
 /**
  *  Utility to generate the session transcript for the OpenID4VP protocol.
  *
@@ -164,8 +167,8 @@ internal fun generateOpenId4VpHandover(
         Add(mdocGeneratedNonce)
     }.EncodeToBytes()
 
-    val clientIdHash = MessageDigest.getInstance("SHA-256").digest(clientIdToHash)
-    val responseUriHash = MessageDigest.getInstance("SHA-256").digest(responseUriToHash)
+    val clientIdHash = MessageDigest.getInstance(SHA_256_ALGORITHM).digest(clientIdToHash)
+    val responseUriHash = MessageDigest.getInstance(SHA_256_ALGORITHM).digest(responseUriToHash)
 
     val openID4VPHandover = CBORObject.NewArray().apply {
         Add(clientIdHash)
@@ -317,6 +320,7 @@ internal val EncryptionMethod.nimbus: com.nimbusds.jose.EncryptionMethod
  * @param nonce The nonce for the session.
  * @param signatureAlgorithm The algorithm to use for signing.
  * @param issueDate The date of issuance.
+ * @param transactionData Optional list of transaction data
  * @return The serialized SD-JWT as a string.
  */
 internal suspend fun SdJwt<JwtAndClaims>.serializeWithKeyBinding(
@@ -326,6 +330,7 @@ internal suspend fun SdJwt<JwtAndClaims>.serializeWithKeyBinding(
     nonce: String,
     signatureAlgorithm: Algorithm,
     issueDate: Date,
+    transactionData: List<TransactionData.SdJwtVc>? = null,
 ): String {
     val algorithm = JWSAlgorithm.parse((signatureAlgorithm).joseAlgorithmIdentifier)
     val publicKey = credential.secureArea.getKeyInfo(credential.alias).publicKey
@@ -350,17 +355,31 @@ internal suspend fun SdJwt<JwtAndClaims>.serializeWithKeyBinding(
         audience(clientId.clientId)
         claim("nonce", nonce)
         issueTime(issueDate)
+        if (!transactionData.isNullOrEmpty()) {
+            val transactionDataHashes = transactionData.map { td ->
+                computeTransactionDataHash(td.value)
+            }
+            claim("transaction_data_hashes", transactionDataHashes)
+            claim("transaction_data_hashes_alg", "sha-256")
+        }
     }
     return serializeWithKeyBinding(buildKbJwt).getOrThrow()
 }
 
+internal fun computeTransactionDataHash(transactionDataValue: String): String {
+    val digest = MessageDigest.getInstance(SHA_256_ALGORITHM)
+    digest.update(transactionDataValue.encodeToByteArray())
+    return Base64.getUrlEncoder().withoutPadding().encodeToString(digest.digest())
+}
+
 /**
  * Constructs a verifiable presentation for an SD-JWT VC credential.
  *
  * @param resolvedRequestObject The resolved OpenID4VP authorization request.
  * @param document The issued document containing the credential.
  * @param disclosedDocument The document with disclosed claims.
  * @param signatureAlgorithm The algorithm to use for signing.
+ * @param transactionData Optional list of SD-JWT VC transaction data applicable to this presentation.
  * @return The constructed [VerifiablePresentation.Generic].
  * @throws IllegalArgumentException if no claims are disclosed or presentation creation fails.
  */
@@ -369,6 +388,7 @@ internal suspend fun verifiablePresentationForSdJwtVc(
     document: IssuedDocument,
     disclosedDocument: DisclosedDocument,
     signatureAlgorithm: Algorithm,
+    transactionData: List<TransactionData.SdJwtVc>? = null,
 ): VerifiablePresentation.Generic {
     return document.consumingCredential {
         val credentialIssuedData =
@@ -399,7 +419,8 @@ internal suspend fun verifiablePresentationForSdJwtVc(
                 clientId = resolvedRequestObject.client.id,
                 nonce = resolvedRequestObject.nonce,
                 signatureAlgorithm = signatureAlgorithm,
-                issueDate = Date()
+                issueDate = Date(),
+                transactionData = transactionData
             )
         } else {
             presentation.serialize()

wallet-core/src/main/java/eu/europa/ec/eudi/wallet/transfer/openId4vp/OpenId4VpManager.kt

@@ -24,7 +24,6 @@ import eu.europa.ec.eudi.iso18013.transfer.response.Response
 import eu.europa.ec.eudi.openid4vp.DispatchOutcome
 import eu.europa.ec.eudi.openid4vp.OpenId4Vp
 import eu.europa.ec.eudi.openid4vp.Resolution
-import eu.europa.ec.eudi.openid4vp.ResolvedRequestObject
 import eu.europa.ec.eudi.openid4vp.asException
 import eu.europa.ec.eudi.wallet.internal.d
 import eu.europa.ec.eudi.wallet.internal.e

wallet-core/src/main/java/eu/europa/ec/eudi/wallet/transfer/openId4vp/SdJwtVcItem.kt

@@ -22,4 +22,7 @@ import eu.europa.ec.eudi.iso18013.transfer.response.DocItem
  * Represents a SD-JWT VC item.
  * @property path The path of the item.
  */
-class SdJwtVcItem(val path: List<String>) : DocItem
+class SdJwtVcItem(val path: List<String>) : DocItem
+
+// query id dcql gia kathe ena apanta me document , ta query ids dn ta dinw sto ui, prepei na
+// xeri pia tranction data aforoun pio query

wallet-core/src/main/java/eu/europa/ec/eudi/wallet/transfer/openId4vp/dcql/ProcessedDcqlRequest.kt

@@ -23,6 +23,7 @@ import eu.europa.ec.eudi.iso18013.transfer.response.RequestedDocuments
 import eu.europa.ec.eudi.iso18013.transfer.response.ResponseResult
 import eu.europa.ec.eudi.openid4vp.Consensus
 import eu.europa.ec.eudi.openid4vp.ResolvedRequestObject
+import eu.europa.ec.eudi.openid4vp.TransactionData
 import eu.europa.ec.eudi.openid4vp.VerifiablePresentation
 import eu.europa.ec.eudi.openid4vp.VerifiablePresentations
 import eu.europa.ec.eudi.openid4vp.dcql.QueryId
@@ -63,6 +64,17 @@ class ProcessedDcqlRequest(
     private val queryMap: RequestedDocumentsByQueryId,
     val msoMdocNonce: String,
 ) : RequestProcessor.ProcessedRequest.Success(RequestedDocuments(queryMap.flatMap { it.value.requestedDocuments })) {
+
+    val transactionData: List<TransactionData>?
+        get() = resolvedRequestObject.transactionData
+
+    private fun getTransactionDataForQuery(queryId: QueryId): List<TransactionData.SdJwtVc>? {
+        return transactionData
+            ?.filterIsInstance<TransactionData.SdJwtVc>()
+            ?.filter { it.credentialIds.contains(queryId) }
+            ?.takeIf { it.isNotEmpty() }
+    }
+
     /**
      * Generates an OpenID4VP response with verifiable presentations for the selected documents.
      *
@@ -103,6 +115,7 @@ class ProcessedDcqlRequest(
                         respondedDocuments.add(respondedDocument)
                         val verifiablePresentation = runBlocking {
                             vpFromRequestedDocuments(
+                                queryId = queryId,
                                 format = format,
                                 requestedDocuments = requestedDocuments,
                                 disclosedDocument = disclosedDocument,
@@ -140,6 +153,7 @@ class ProcessedDcqlRequest(
      * This method handles the conversion of different document formats into their
      * corresponding verifiable presentation formats as defined by OpenID4VP specifications.
      *
+     * @param queryId The DCQL query ID
      * @param format Document format identifier (MSO_MDOC or SD_JWT_VC)
      * @param requestedDocuments The collection of all requested documents for this query
      * @param disclosedDocument The specific document selected to disclose
@@ -148,6 +162,7 @@ class ProcessedDcqlRequest(
      * @throws IllegalArgumentException If document format doesn't match expected format or is unsupported
      */
     private suspend fun vpFromRequestedDocuments(
+        queryId: QueryId,
         format: String,
         requestedDocuments: RequestedDocuments,
         disclosedDocument: DisclosedDocument,
@@ -170,7 +185,7 @@ class ProcessedDcqlRequest(
         // Generate the appropriate verifiable presentation based on format
         val vp = when (format) {
             FORMAT_MSO_MDOC -> {
-                // For MSO mdoc, include session transcript and handle devic engagement
+                // MSO mdoc does not support transaction data binding in the same way as SD-JWT VC
                 verifiablePresentationForMsoMdoc(
                     documentManager = documentManager,
                     sessionTranscript = resolvedRequestObject
@@ -182,12 +197,14 @@ class ProcessedDcqlRequest(
             }
 
             FORMAT_SD_JWT_VC -> {
-                // For SD-JWT, create presentation according to SD-JWT VC format
+                // Filter transaction data to only include entries that reference this query ID
+                val queryTransactionData = getTransactionDataForQuery(queryId)
                 verifiablePresentationForSdJwtVc(
                     resolvedRequestObject = resolvedRequestObject,
                     document = document,
                     disclosedDocument = disclosedDocument,
-                    signatureAlgorithm = signatureAlgorithm
+                    signatureAlgorithm = signatureAlgorithm,
+                    transactionData = queryTransactionData
                 )
             }
 

wallet-core/src/test/java/eu/europa/ec/eudi/wallet/internal/Openid4VpUtilsTest.kt

@@ -37,8 +37,11 @@ package eu.europa.ec.eudi.wallet.internal
 //import eu.europa.ec.eudi.wallet.transfer.openId4vp.OpenId4VpReaderTrust
 import eu.europa.ec.eudi.wallet.transfer.openId4vp.OpenId4VpReaderTrustImpl
 import org.bouncycastle.util.encoders.Hex
+import java.security.MessageDigest
+import java.util.Base64
 import kotlin.test.Test
 import kotlin.test.assertEquals
+import kotlin.test.assertNotEquals
 
 
 /**
@@ -212,4 +215,57 @@ class Openid4VpUtilsTest {
 //        val sessionTranscriptBytes = auth.getSessionTranscriptBytes(mdocGeneratedNonce)
 //        assertContentEquals(expected, sessionTranscriptBytes)
     }
+
+    /**
+     * Tests for transaction data hash computation.
+     * Per OpenID4VP spec, transaction data hashes use SHA-256 and are base64url-encoded without padding.
+     */
+    @Test
+    fun testComputeTransactionDataHash_producesCorrectHash() {
+        // Test with a known input - a simple base64url-encoded JSON object
+        val transactionDataValue = "eyJ0eXBlIjoiZXUuZXVyb3BhLmVjLmV1ZGkuZmFtaWx5LW5hbWUtcHJlc2VudGF0aW9uIiwiY3JlZGVudGlhbF9pZHMiOlsicGlkX3NkX2p3dCJdfQ"
+
+        // Compute the hash using our function
+        val hash = computeTransactionDataHash(transactionDataValue)
+
+        // Manually compute expected hash for verification
+        val digest = MessageDigest.getInstance("SHA-256")
+        digest.update(transactionDataValue.encodeToByteArray())
+        val expectedHash = Base64.getUrlEncoder().withoutPadding().encodeToString(digest.digest())
+
+        assertEquals(expectedHash, hash)
+    }
+
+    @Test
+    fun testComputeTransactionDataHash_differentInputsProduceDifferentHashes() {
+        val transactionDataValue1 = "eyJ0eXBlIjoiZXhhbXBsZTEifQ"
+        val transactionDataValue2 = "eyJ0eXBlIjoiZXhhbXBsZTIifQ"
+
+        val hash1 = computeTransactionDataHash(transactionDataValue1)
+        val hash2 = computeTransactionDataHash(transactionDataValue2)
+
+        assertNotEquals(hash1, hash2, "Different inputs should produce different hashes")
+    }
+
+    @Test
+    fun testComputeTransactionDataHash_sameInputProducesSameHash() {
+        val transactionDataValue = "eyJ0eXBlIjoiZXhhbXBsZSJ9"
+
+        val hash1 = computeTransactionDataHash(transactionDataValue)
+        val hash2 = computeTransactionDataHash(transactionDataValue)
+
+        assertEquals(hash1, hash2, "Same input should always produce the same hash")
+    }
+
+    @Test
+    fun testComputeTransactionDataHash_outputIsBase64UrlWithoutPadding() {
+        val transactionDataValue = "eyJ0eXBlIjoiZXhhbXBsZSJ9"
+
+        val hash = computeTransactionDataHash(transactionDataValue)
+
+        // Verify it doesn't contain standard base64 characters that differ in base64url
+        assert(!hash.contains('+')) { "Hash should not contain '+' (base64url uses '-' instead)" }
+        assert(!hash.contains('/')) { "Hash should not contain '/' (base64url uses '_' instead)" }
+        assert(!hash.contains('=')) { "Hash should not contain '=' padding" }
+    }
 }