[INJIMOB-2550] use ed25519 key type for signing the vp token in VP sh…

…aring flow (#1741)

* [INJIMOB-2550] set default key type to ed25519 for signing the vp token in VP sharing flow

Signed-off-by: PuBHARGAVI <[email protected]>

* [INJIMOB-2550]: encode ed25519 public key and pass to library

Signed-off-by: adityankannan-tw <[email protected]>

* [INJIMOB-2550] rename ovp signing algorithm and suite name variables to make them more meaningful

Signed-off-by: PuBHARGAVI <[email protected]>

---------

Signed-off-by: PuBHARGAVI <[email protected]>
Signed-off-by: adityankannan-tw <[email protected]>
Co-authored-by: adityankannan-tw <[email protected]>

.talismanrc

@@ -396,4 +396,6 @@ fileignoreconfig:
     checksum: 9f29c9b0b91eba7fd7f5f4d1f78f9b6f96ef2c850c1346d712058a438d01036a
   - filename: assets/InjiHomeLogo.svg
     checksum: 6600a3d75033af4d702dd8c9663e12ad7c2c096a529bac2771bb856cc75a5ed0
+  - filename: machines/openID4VP/openID4VPModel.ts
+    checksum: 5d1ed430f84852d6c85bc439c47641cfb5b19cbd1a03faf8918429685db51e07
     version: ""

machines/openID4VP/openID4VPModel.ts

@@ -57,7 +57,7 @@ export const openID4VPModel = createModel(
     error: '' as string,
     publicKey: '',
     privateKey: '',
-    keyType: KeyTypes.RS256,
+    keyType: KeyTypes.ED25519,
     flowType: '' as string,
     miniViewSelectedVC: {} as VC,
     openID4VPRetryCount: 0,

machines/openID4VP/openID4VPServices.ts

@@ -1,12 +1,13 @@
 import {CACHED_API} from '../../shared/api';
 import {fetchKeyPair} from '../../shared/cryptoutil/cryptoUtil';
 import {hasKeyPair} from '../../shared/openId4VCI/Utils';
+import base64url from 'base64url';
 import {
   constructProofJWT,
   isClientValidationRequired,
   OpenID4VP,
   OpenID4VP_Domain,
-  OpenID4VP_Proof_Algo_Type,
+  OpenID4VP_Proof_Sign_Algo_Suite,
 } from '../../shared/openID4VP/OpenID4VP';
 
 export const openID4VPServices = () => {
@@ -52,8 +53,8 @@ export const openID4VPServices = () => {
 
       const vpResponseMetadata = {
         jws: proofJWT,
-        signatureAlgorithm: OpenID4VP_Proof_Algo_Type,
-        publicKey: context.publicKey,
+        signatureAlgorithm: OpenID4VP_Proof_Sign_Algo_Suite,
+        publicKey: base64url(context.publicKey),
         domain: OpenID4VP_Domain,
       };
       return await OpenID4VP.shareVerifiablePresentation(vpResponseMetadata);

screens/Scan/SendVPScreenController.ts

@@ -218,7 +218,10 @@ export function useSendVPScreen() {
       secondaryButtonEvent: CANCEL,
       title: t('consentDialog.title'),
       titleTestID: 'consentTitle',
-      message: t('consentDialog.message', {verifierName: vpVerifierName}),
+      message: t('consentDialog.message', {
+        verifierName: vpVerifierName,
+        interpolation: {escapeValue: false},
+      }),
       messageTestID: 'consentMsg',
       onCancel: DISMISS_POPUP,
     };

shared/openID4VP/OpenID4VP.ts

@@ -6,8 +6,9 @@ import {getJWK} from '../openId4VCI/Utils';
 import getAllConfigurations from '../api';
 
 export const OpenID4VP_Key_Ref = 'OpenID4VP_KeyPair';
-export const OpenID4VP_Proof_Algo_Type = 'RsaSignature2018';
+export const OpenID4VP_Proof_Sign_Algo_Suite = 'Ed25519Signature2018';
 export const OpenID4VP_Domain = 'OpenID4VP';
+export const OpenID4VP_Proof_Sign_Algo = 'EdDSA';
 
 export class OpenID4VP {
   static InjiOpenID4VP = NativeModules.InjiOpenID4VP;
@@ -62,13 +63,13 @@ export class OpenID4VP {
 }
 
 export async function constructProofJWT(
-  publicKey: string,
-  privateKey: string,
+  publicKey: any,
+  privateKey: any,
   vpToken: Object,
   keyType: string,
 ): Promise<string> {
   const jwtHeader = {
-    alg: keyType,
+    alg: OpenID4VP_Proof_Sign_Algo,
     jwk: await getJWK(publicKey, keyType),
   };