@sphereon/ssi-sdk-ext.identifier-resolution 0.28.1-feature.esm.cjs.9 → 0.28.1-feature.oyd.cmsm.improv.16

package/src/agent/IdentifierResolution.ts

@@ -1,7 +1,7 @@
 import { globalCrypto } from '@sphereon/ssi-sdk-ext.key-utils'
 import { IAgentContext, IAgentPlugin, IDIDManager, IKeyManager } from '@veramo/core'
 import { ExternalIdentifierOIDFEntityIdOpts, ExternalIdentifierOIDFEntityIdResult } from '../types'
-import { schema } from '../index'
+import { schema } from '..'
 import { resolveExternalIdentifier, ensureManagedIdentifierResult } from '../functions'
 import {
   ExternalIdentifierDidOpts,
@@ -34,27 +34,24 @@ import {
 } from '../types'
 import { IOIDFClient } from '@sphereon/ssi-sdk.oidf-client'
 
-import { webcrypto } from 'node:crypto'
-
 /**
  * @public
  */
 export class IdentifierResolution implements IAgentPlugin {
-
-  readonly _crypto: webcrypto.Crypto
+  private readonly _crypto: Crypto
 
   readonly schema = schema.IMnemonicInfoGenerator
   readonly methods: IIdentifierResolution = {
-    identifierManagedGet: this.identifierManagedGet.bind(this),
-    identifierManagedGetByDid: this.identifierManagedGetByDid.bind(this),
-    identifierManagedGetByKid: this.identifierManagedGetByKid.bind(this),
-    identifierManagedGetByJwk: this.identifierManagedGetByJwk.bind(this),
-    identifierManagedGetByX5c: this.identifierManagedGetByX5c.bind(this),
-    identifierManagedGetByKey: this.identifierManagedGetByKey.bind(this),
-    identifierManagedGetByCoseKey: this.identifierManagedGetByCoseKey.bind(this),
-    identifierManagedGetByOID4VCIssuer: this.identifierManagedGetByOID4VCIssuer.bind(this),
-
-    identifierExternalResolve: this.identifierExternalResolve.bind(this),
+    identifierManagedGet: this.identifierGetManaged.bind(this),
+    identifierManagedGetByDid: this.identifierGetManagedByDid.bind(this),
+    identifierManagedGetByKid: this.identifierGetManagedByKid.bind(this),
+    identifierManagedGetByJwk: this.identifierGetManagedByJwk.bind(this),
+    identifierManagedGetByX5c: this.identifierGetManagedByX5c.bind(this),
+    identifierManagedGetByKey: this.identifierGetManagedByKey.bind(this),
+    identifierManagedGetByCoseKey: this.identifierGetManagedByCoseKey.bind(this),
+    identifierManagedGetByOID4VCIssuer: this.identifierGetManagedByOID4VCIssuer.bind(this),
+
+    identifierExternalResolve: this.identifierResolveExternal.bind(this),
     identifierExternalResolveByDid: this.identifierExternalResolveByDid.bind(this),
     identifierExternalResolveByX5c: this.identifierExternalResolveByX5c.bind(this),
     identifierExternalResolveByJwk: this.identifierExternalResolveByJwk.bind(this),
@@ -67,9 +64,7 @@ export class IdentifierResolution implements IAgentPlugin {
   /**
    * TODO: Add a cache, as we are retrieving the same keys/info quite often
    */
-  constructor(opts?: {
-    crypto?: webcrypto.Crypto
-  }) {
+  constructor(opts?: { crypto?: Crypto }) {
     this._crypto = globalCrypto(false, opts?.crypto)
   }
 
@@ -78,64 +73,65 @@ export class IdentifierResolution implements IAgentPlugin {
    * integrate a plugin for anomaly detection. Having a single method helps
    * @param args
    * @param context
+   * @private
    */
-  private async identifierManagedGet(
+  private async identifierGetManaged(
     args: ManagedIdentifierOptsOrResult,
     context: IAgentContext<IKeyManager & IIdentifierResolution>
   ): Promise<ManagedIdentifierResult> {
     return await ensureManagedIdentifierResult({ ...args, crypto: this._crypto }, context)
   }
 
-  private async identifierManagedGetByDid(
+  private async identifierGetManagedByDid(
     args: ManagedIdentifierDidOpts,
     context: IAgentContext<IKeyManager & IDIDManager & IIdentifierResolution>
   ): Promise<ManagedIdentifierDidResult> {
-    return (await this.identifierManagedGet({ ...args, method: 'did' }, context)) as ManagedIdentifierDidResult
+    return (await this.identifierGetManaged({ ...args, method: 'did' }, context)) as ManagedIdentifierDidResult
   }
 
-  private async identifierManagedGetByKid(
+  private async identifierGetManagedByKid(
     args: ManagedIdentifierKidOpts,
     context: IAgentContext<IKeyManager & IIdentifierResolution>
   ): Promise<ManagedIdentifierKidResult> {
-    return (await this.identifierManagedGet({ ...args, method: 'kid' }, context)) as ManagedIdentifierKidResult
+    return (await this.identifierGetManaged({ ...args, method: 'kid' }, context)) as ManagedIdentifierKidResult
   }
 
-  private async identifierManagedGetByKey(
+  private async identifierGetManagedByKey(
     args: ManagedIdentifierKeyOpts,
     context: IAgentContext<IKeyManager & IIdentifierResolution>
   ): Promise<ManagedIdentifierKeyResult> {
-    return (await this.identifierManagedGet({ ...args, method: 'key' }, context)) as ManagedIdentifierKeyResult
+    return (await this.identifierGetManaged({ ...args, method: 'key' }, context)) as ManagedIdentifierKeyResult
   }
 
-  private async identifierManagedGetByCoseKey(
+  private async identifierGetManagedByCoseKey(
     args: ManagedIdentifierCoseKeyOpts,
     context: IAgentContext<IKeyManager & IIdentifierResolution>
   ): Promise<ManagedIdentifierCoseKeyResult> {
-    return (await this.identifierManagedGet({ ...args, method: 'cose_key' }, context)) as ManagedIdentifierCoseKeyResult
+    return (await this.identifierGetManaged({ ...args, method: 'cose_key' }, context)) as ManagedIdentifierCoseKeyResult
   }
 
-  private async identifierManagedGetByOID4VCIssuer(
+  private async identifierGetManagedByOID4VCIssuer(
     args: ManagedIdentifierOID4VCIssuerOpts,
     context: IAgentContext<IKeyManager & IIdentifierResolution>
   ): Promise<ManagedIdentifierOID4VCIssuerResult> {
-    return (await this.identifierManagedGet({ ...args, method: 'oid4vci-issuer' }, context)) as ManagedIdentifierOID4VCIssuerResult
+    return (await this.identifierGetManaged({ ...args, method: 'oid4vci-issuer' }, context)) as ManagedIdentifierOID4VCIssuerResult
   }
 
-  private async identifierManagedGetByJwk(
+  private async identifierGetManagedByJwk(
     args: ManagedIdentifierJwkOpts,
     context: IAgentContext<IKeyManager & IIdentifierResolution>
   ): Promise<ManagedIdentifierJwkResult> {
-    return (await this.identifierManagedGet({ ...args, method: 'jwk' }, context)) as ManagedIdentifierJwkResult
+    return (await this.identifierGetManaged({ ...args, method: 'jwk' }, context)) as ManagedIdentifierJwkResult
   }
 
-  private async identifierManagedGetByX5c(
+  private async identifierGetManagedByX5c(
     args: ManagedIdentifierX5cOpts,
     context: IAgentContext<IKeyManager & IIdentifierResolution>
   ): Promise<ManagedIdentifierX5cResult> {
-    return (await this.identifierManagedGet({ ...args, method: 'x5c' }, context)) as ManagedIdentifierX5cResult
+    return (await this.identifierGetManaged({ ...args, method: 'x5c' }, context)) as ManagedIdentifierX5cResult
   }
 
-  private async identifierExternalResolve(
+  private async identifierResolveExternal(
     args: ExternalIdentifierOpts,
     context: IAgentContext<IKeyManager | IOIDFClient>
   ): Promise<ExternalIdentifierResult> {
@@ -143,28 +139,28 @@ export class IdentifierResolution implements IAgentPlugin {
   }
 
   private async identifierExternalResolveByDid(args: ExternalIdentifierDidOpts, context: IAgentContext<any>): Promise<ExternalIdentifierDidResult> {
-    return (await this.identifierExternalResolve({ ...args, method: 'did' }, context)) as ExternalIdentifierDidResult
+    return (await this.identifierResolveExternal({ ...args, method: 'did' }, context)) as ExternalIdentifierDidResult
   }
 
   private async identifierExternalResolveByX5c(args: ExternalIdentifierX5cOpts, context: IAgentContext<any>): Promise<ExternalIdentifierX5cResult> {
-    return (await this.identifierExternalResolve({ ...args, method: 'x5c' }, context)) as ExternalIdentifierX5cResult
+    return (await this.identifierResolveExternal({ ...args, method: 'x5c' }, context)) as ExternalIdentifierX5cResult
   }
 
   private async identifierExternalResolveByCoseKey(
     args: ExternalIdentifierCoseKeyOpts,
     context: IAgentContext<any>
   ): Promise<ExternalIdentifierCoseKeyResult> {
-    return (await this.identifierExternalResolve({ ...args, method: 'cose_key' }, context)) as ExternalIdentifierCoseKeyResult
+    return (await this.identifierResolveExternal({ ...args, method: 'cose_key' }, context)) as ExternalIdentifierCoseKeyResult
   }
 
   private async identifierExternalResolveByJwk(args: ExternalIdentifierJwkOpts, context: IAgentContext<any>): Promise<ExternalIdentifierJwkResult> {
-    return (await this.identifierExternalResolve({ ...args, method: 'jwk' }, context)) as ExternalIdentifierJwkResult
+    return (await this.identifierResolveExternal({ ...args, method: 'jwk' }, context)) as ExternalIdentifierJwkResult
   }
 
   private async identifierExternalResolveByOIDFEntityId(
     args: ExternalIdentifierOIDFEntityIdOpts,
     context: IAgentContext<any>
   ): Promise<ExternalIdentifierOIDFEntityIdResult> {
-    return (await this.identifierExternalResolve({ ...args, method: 'entity_id' }, context)) as ExternalIdentifierOIDFEntityIdResult
+    return (await this.identifierResolveExternal({ ...args, method: 'entity_id' }, context)) as ExternalIdentifierOIDFEntityIdResult
   }
 }

package/src/functions/externalIdentifierFunctions.ts

@@ -36,10 +36,9 @@ import {
 } from '../types'
 import { resolveExternalOIDFEntityIdIdentifier } from '.'
 
-import { webcrypto } from 'node:crypto'
 export async function resolveExternalIdentifier(
   opts: ExternalIdentifierOpts & {
-    crypto?: webcrypto.Crypto
+    crypto?: Crypto
   },
   context: IAgentContext<any>
 ): Promise<ExternalIdentifierResult> {
@@ -66,7 +65,7 @@ export async function resolveExternalIdentifier(
 
 export async function resolveExternalX5cIdentifier(
   opts: ExternalIdentifierX5cOpts & {
-    crypto?: webcrypto.Crypto
+    crypto?: Crypto
   },
   context: IAgentContext<IResolver & IDIDManager>
 ): Promise<ExternalIdentifierX5cResult> {
@@ -246,24 +245,18 @@ export async function resolveExternalDidIdentifier(
   const didDocument = didResolutionResult.didDocument ?? undefined
   const didJwks = didDocument ? didDocumentToJwks(didDocument) : undefined
   const jwks = didJwks
-    ? Array.from(
-        new Set(
-          Array.from(
-            Object.values(didJwks)
-              .filter((jwks) => isDefined(jwks) && jwks.length > 0)
-              .flatMap((jwks) => jwks)
-          )
-            .flatMap((jwk) => {
-              return {
-                jwk,
-                jwkThumbprint: calculateJwkThumbprint({ jwk }),
-                kid: jwk.kid,
-                publicKeyHex: jwkTtoPublicKeyHex(jwk),
-              }
-            })
-            .map((jwk) => JSON.stringify(jwk))
-        )
-      ).map((jwks) => JSON.parse(jwks))
+    ? Array.from(new Set(Array.from(
+          Object.values(didJwks)
+            .filter((jwks) => isDefined(jwks) && jwks.length > 0)
+            .flatMap((jwks) => jwks)
+      ).flatMap((jwk) => {
+        return {
+          jwk,
+          jwkThumbprint: calculateJwkThumbprint({ jwk }),
+          kid: jwk.kid,
+          publicKeyHex: jwkTtoPublicKeyHex(jwk),
+        }
+      }).map(jwk => JSON.stringify(jwk)))).map((jwks) => JSON.parse(jwks))
     : []
 
   if (didResolutionResult?.didDocument) {

package/src/functions/externalOIDFIdentifier.ts

@@ -2,11 +2,8 @@ import { ErrorMessage, ExternalIdentifierOIDFEntityIdOpts, ExternalIdentifierOID
 import { IAgentContext } from '@veramo/core'
 import { IOIDFClient } from '@sphereon/ssi-sdk.oidf-client'
 import { contextHasPlugin } from '@sphereon/ssi-sdk.agent-config'
-import { IJwsValidationResult, JwsPayload } from '../types/IJwtService'
-// @ts-ignore
-import { fromString } from 'uint8arrays/from-string'
-// @ts-ignore
-import { toString } from 'uint8arrays/to-string'
+import {IJwsValidationResult, JwsPayload} from '../types/IJwtService'
+import * as u8a from 'uint8arrays'
 /**
  * Resolves an OIDF Entity ID against multiple trust anchors to establish trusted relationships
  *
@@ -68,7 +65,7 @@ export async function resolveExternalOIDFEntityIdIdentifier(
         continue
       }
 
-      payload = JSON.parse(toString(fromString(jwtVerifyResult.jws.payload, 'base64url')))
+      payload = JSON.parse(u8a.toString(u8a.fromString(jwtVerifyResult.jws.payload, 'base64url')))
       const signature = jwtVerifyResult.jws.signatures[0]
       if (signature.identifier.jwks.length === 0) {
         errorList[trustAnchor] = 'No JWK was present in the trust anchor signature'

package/src/functions/managedIdentifierFunctions.ts

@@ -5,7 +5,6 @@ import { contextHasDidManager, contextHasKeyManager } from '@sphereon/ssi-sdk.ag
 import { ICoseKeyJson, JWK } from '@sphereon/ssi-types'
 import { IAgentContext, IIdentifier, IKey, IKeyManager } from '@veramo/core'
 import { CryptoEngine, setEngine } from 'pkijs'
-import { webcrypto } from 'node:crypto'
 import {
   IIdentifierResolution,
   isManagedIdentifierCoseKeyOpts,
@@ -48,13 +47,13 @@ export async function getManagedKidIdentifier(
     return Promise.reject(Error(`Cannot get Key/JWK identifier if KeyManager plugin is not enabled!`))
   } else if (opts.identifier.startsWith('did:')) {
     const did = opts.identifier.split('#')[0]
-    const didIdentifier = await getManagedDidIdentifier({ ...opts, method: 'did', identifier: did }, context)
+    const didIdentifier = await getManagedDidIdentifier({...opts, method: 'did', identifier: did}, context)
     key = didIdentifier.key
     issuer = didIdentifier.issuer
     kid = opts?.kid ?? (key.meta?.verificationMethod?.id as string) ?? didIdentifier.kid
   }
   if (!key) {
-    key = await context.agent.keyManagerGet({ kid: opts.kmsKeyRef ?? opts.identifier })
+    key = await context.agent.keyManagerGet({kid: opts.kmsKeyRef ?? opts.identifier})
   }
   const jwk = toJwk(key.publicKeyHex, key.type, { key })
   const jwkThumbprint = (key.meta?.jwkThumbprint as string) ?? calculateJwkThumbprint({ jwk })
@@ -81,7 +80,7 @@ export async function getManagedKidIdentifier(
 
 export function isManagedIdentifierResult(
   identifier: ManagedIdentifierOptsOrResult & {
-    crypto?: webcrypto.Crypto
+    crypto?: Crypto
   }
 ): identifier is ManagedIdentifierResult {
   return 'key' in identifier && 'kmsKeyRef' in identifier && 'method' in identifier && 'opts' in identifier && 'jwkThumbprint' in identifier
@@ -94,7 +93,7 @@ export function isManagedIdentifierResult(
  */
 export async function ensureManagedIdentifierResult(
   identifier: ManagedIdentifierOptsOrResult & {
-    crypto?: webcrypto.Crypto
+    crypto?: Crypto
   },
   context: IAgentContext<IKeyManager>
 ): Promise<ManagedIdentifierResult> {
@@ -248,7 +247,7 @@ export async function getManagedJwkIdentifier(
 
 export async function getManagedX5cIdentifier(
   opts: ManagedIdentifierX5cOpts & {
-    crypto?: webcrypto.Crypto
+    crypto?: Crypto
   },
   context: IAgentContext<IKeyManager>
 ): Promise<ManagedIdentifierX5cResult> {
@@ -332,7 +331,7 @@ export async function getManagedOID4VCIssuerIdentifier(
 
 export async function getManagedIdentifier(
   opts: ManagedIdentifierOptsOrResult & {
-    crypto?: webcrypto.Crypto
+    crypto?: Crypto
   },
   context: IAgentContext<IKeyManager>
 ): Promise<ManagedIdentifierResult> {

package/src/index.ts

@@ -6,6 +6,6 @@ export { schema }
 /**
  * @public
  */
-export * from './types'
 export { IdentifierResolution } from './agent/IdentifierResolution'
 export * from './functions'
+export * from './types'

package/src/types/IIdentifierResolution.ts

@@ -41,7 +41,7 @@ export const identifierResolutionContextMethods: Array<string> = [
   'identifierManagedGetByX5c',
   'identifierManagedGetByKey',
   'identifierManagedGetByOID4VCIssuer',
-  'identifierManagedGetByCoseKey',
+  'identifierGetManagedByCoseKey',
   'identifierExternalResolve',
   'identifierExternalResolveByDid',
   'identifierExternalResolveByX5c',

package/src/types/IJwtService.d.ts

@@ -1,5 +1,5 @@
 // Copy of jwt-service typings since we cannot include that as devDependency due to cyclic dep
-/*
+
 import {
   ExternalIdentifierDidOpts,
   ExternalIdentifierResult,
@@ -7,7 +7,7 @@ import {
   IIdentifierResolution,
   ManagedIdentifierOptsOrResult,
   ManagedIdentifierResult,
-} from '../types'*/
+} from '@sphereon/ssi-sdk-ext.identifier-resolution'
 import { ClientIdScheme } from '@sphereon/ssi-sdk-ext.x509-utils'
 import { BaseJWK, IValidationResult, JoseSignatureAlgorithm, JoseSignatureAlgorithmString, JWK } from '@sphereon/ssi-types'
 import { IAgentContext, IKeyManager, IPluginMethodMap } from '@veramo/core'
@@ -25,7 +25,6 @@ export interface IJwtService extends IPluginMethodMap {
 export type IJwsValidationResult = IValidationResult & {
   jws: JwsJsonGeneralWithIdentifiers
 }
-
 export interface PreparedJws {
   protectedHeader: JwsHeader
   payload: Uint8Array

package/src/types/externalIdentifierTypes.ts

@@ -14,7 +14,7 @@ import {
   isX5cIdentifier,
   JwkInfo,
 } from './common'
-import { JwsPayload } from './IJwtService'
+import {JwsPayload} from "./IJwtService";
 
 /**
  * Use whenever we need to resolve an external identifier. We can pass in kids, DIDs, and x5chains