Reorganize utility functions.

dlongley · dlongley · commit 21717c34ec30 · 2025-10-18T17:46:20.000-04:00
diff --git a/lib/oid4vp/authorizationRequest.js b/lib/oid4vp/authorizationRequest.js
@@ -2,7 +2,8 @@
  * Copyright (c) 2023-2025 Digital Bazaar, Inc. All rights reserved.
  */
 import {
-  assert, assertOptional, base64Encode, createNamedError, fetchJSON, selectJwk
+  assert, assertOptional, base64Encode,
+  createNamedError, fetchJSON, selectJwk, sha256
 } from '../util.js';
 import {decodeJwt, importX509, jwtVerify} from 'jose';
 import {
@@ -269,7 +270,7 @@ async function _checkClientIdSchemeRequirements({
       and it includes the client ID. */
     } else if(clientIdScheme === 'x509_hash') {
       // `x509_hash:<base64url sha256-hash of DER leaf cert>`
-      const hash = base64Encode(await _sha256(chain[0].toBER()));
+      const hash = base64Encode(await sha256(chain[0].toBER()));
       if(clientId !== hash) {
         throw createNamedError({
           message:
@@ -444,14 +445,6 @@ function _parseOID4VPUrl({url}) {
   return {authorizationRequest};
 }
 
-async function _sha256(data) {
-  if(typeof data === 'string') {
-    data = new TextEncoder().encode(data);
-  }
-  const algorithm = {name: 'SHA-256'};
-  return new Uint8Array(await crypto.subtle.digest(algorithm, data));
-}
-
 function _throwKeyNotFound(protectedHeader) {
   const error = new Error(
     'Could not verify signed authorization request; ' +
diff --git a/lib/oid4vp/verifier.js b/lib/oid4vp/verifier.js
@@ -1,7 +1,7 @@
 /*!
  * Copyright (c) 2023-2025 Digital Bazaar, Inc. All rights reserved.
  */
-import {createNamedError, selectJwk} from '../util.js';
+import {createNamedError, parseJSON, selectJwk} from '../util.js';
 import {importJWK, jwtDecrypt} from 'jose';
 
 // parses (and decrypts) an authz response from a response body object
@@ -31,7 +31,7 @@ export async function parseAuthorizationResponse({
     responseMode = 'direct_post';
     _assertSupportedResponseMode({responseMode, supportedResponseModes});
     payload = body;
-    parsed.presentationSubmission = _jsonParse(
+    parsed.presentationSubmission = parseJSON(
       payload.presentation_submission, 'presentation_submission');
   }
 
@@ -46,7 +46,7 @@ export async function parseAuthorizationResponse({
   if(typeof vp_token === 'string' &&
     (vp_token.startsWith('{') || vp_token.startsWith('[') ||
     vp_token.startsWith('"'))) {
-    parsed.vpToken = _jsonParse(vp_token, 'vp_token');
+    parsed.vpToken = parseJSON(vp_token, 'vp_token');
   } else {
     parsed.vpToken = vp_token;
   }
@@ -100,16 +100,3 @@ async function _decrypt({jwt, getDecryptParameters}) {
     keyManagementAlgorithms: ['ECDH-ES']
   });
 }
-
-function _jsonParse(x, name) {
-  try {
-    return JSON.parse(x);
-  } catch(cause) {
-    throw createNamedError({
-      message: `Could not parse "${name}".`,
-      name: 'DataError',
-      details: {httpStatusCode: 400, public: true},
-      cause
-    });
-  }
-}
diff --git a/lib/util.js b/lib/util.js
@@ -58,6 +58,19 @@ export function fetchJSON({url, agent} = {}) {
   return httpClient.get(url, fetchOptions);
 }
 
+export function parseJSON(x, name) {
+  try {
+    return JSON.parse(x);
+  } catch(cause) {
+    throw createNamedError({
+      message: `Could not parse "${name}".`,
+      name: 'DataError',
+      details: {httpStatusCode: 400, public: true},
+      cause
+    });
+  }
+}
+
 export function selectJwk({keys, kid, alg, kty, crv, use} = {}) {
   /* Example JWKs "keys":
   "jwks": {
@@ -101,6 +114,14 @@ export function selectJwk({keys, kid, alg, kty, crv, use} = {}) {
   });
 }
 
+export async function sha256(data) {
+  if(typeof data === 'string') {
+    data = new TextEncoder().encode(data);
+  }
+  const algorithm = {name: 'SHA-256'};
+  return new Uint8Array(await crypto.subtle.digest(algorithm, data));
+}
+
 export async function signJWT({payload, protectedHeader, signer} = {}) {
   // encode payload and protected header
   const b64Payload = base64url.encode(JSON.stringify(payload));
