From a2fa0edd51b9ec17c49d6a2d7fbe1aed8e7eca34 Mon Sep 17 00:00:00 2001
From: suzannajiwani <69648786+suzannajiwani@users.noreply.github.com>
Date: Tue, 3 Dec 2024 11:42:35 -0500
Subject: [PATCH] Don't Base64.UrlSafe Encode x5c in Request (#812)

Used java.util.Base64.getEncoder() to encode the
the x5c instead.

Tested manually against java.util.Base64.getDecoder()
.decode to ensure decoding doesn't throw error.

Signed-off-by: Suzanna Jiwani <suzannaj@google.com>
---
 .../com/android/identity/wallet/server/VerifierServlet.kt    | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/server/src/main/java/com/android/identity/wallet/server/VerifierServlet.kt b/server/src/main/java/com/android/identity/wallet/server/VerifierServlet.kt
index 18c0840f0..722dd201c 100644
--- a/server/src/main/java/com/android/identity/wallet/server/VerifierServlet.kt
+++ b/server/src/main/java/com/android/identity/wallet/server/VerifierServlet.kt
@@ -63,6 +63,7 @@ import kotlinx.datetime.DateTimePeriod
 import kotlinx.datetime.TimeZone
 import kotlinx.datetime.plus
 import kotlinx.io.bytestring.ByteString
+import kotlinx.io.bytestring.encode
 import kotlinx.serialization.Serializable
 import kotlinx.serialization.encodeToString
 import kotlinx.serialization.json.Json
@@ -83,6 +84,7 @@ import java.net.NetworkInterface
 import java.net.URLEncoder
 import java.security.interfaces.ECPrivateKey
 import java.security.interfaces.ECPublicKey
+import kotlin.io.encoding.ExperimentalEncodingApi
 import kotlin.random.Random
 
 enum class Protocol {
@@ -823,6 +825,7 @@ lrW+vvdmRHBgS+ss56uWyYor6W7ah9ygBwYFK4EEACI=
         Logger.i(TAG, "Sending handleOpenID4VPBegin response: $responseString")
     }
 
+    @OptIn(ExperimentalEncodingApi::class)
     private fun handleOpenID4VPRequest(
         remoteHost: String,
         req: HttpServletRequest,
@@ -870,7 +873,7 @@ lrW+vvdmRHBgS+ss56uWyYor6W7ah9ygBwYFK4EEACI=
         )
 
         val readerX5c = singleUseReaderKeyCertChain.certificates.map { cert ->
-            Base64.from(cert.encodedCertificate.toBase64Url())
+            Base64.from(kotlin.io.encoding.Base64.Default.encode(cert.encodedCertificate))
         }
 
         val request = lookupWellknownRequest(session.requestFormat, session.requestDocType, session.requestId)