@sphereon/ssi-sdk-ext.key-manager 0.24.1-unstable.10 → 0.24.1-unstable.112

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (15) hide show
  1. package/dist/agent/SphereonKeyManager.d.ts +7 -4
  2. package/dist/agent/SphereonKeyManager.d.ts.map +1 -1
  3. package/dist/agent/SphereonKeyManager.js +113 -16
  4. package/dist/agent/SphereonKeyManager.js.map +1 -1
  5. package/dist/ssi-sdk-ext.key-manager.d.ts +58 -21
  6. package/dist/tsdoc-metadata.json +1 -1
  7. package/dist/types/ISphereonKeyManager.d.ts +32 -3
  8. package/dist/types/ISphereonKeyManager.d.ts.map +1 -1
  9. package/dist/types/ISphereonKeyManager.js +7 -0
  10. package/dist/types/ISphereonKeyManager.js.map +1 -1
  11. package/package.json +8 -7
  12. package/plugin.schema.json +66 -20
  13. package/src/__tests__/SphereonKeyManager.test.ts +72 -0
  14. package/src/agent/SphereonKeyManager.ts +98 -18
  15. package/src/types/ISphereonKeyManager.ts +39 -3
package/dist/agent/SphereonKeyManager.d.ts CHANGED
@@ -1,6 +1,6 @@
1
- import { KeyManager as VeramoKeyManager, AbstractKeyManagementSystem, AbstractKeyStore } from '@veramo/key-manager';
2
- import { ManagedKeyInfo } from '@veramo/core';
3
- import { ISphereonKeyManager, ISphereonKeyManagerSignArgs, ISphereonKeyManagerVerifyArgs } from '../types/ISphereonKeyManager';
1
+ import { IKey, ManagedKeyInfo } from '@veramo/core';
2
+ import { AbstractKeyManagementSystem, AbstractKeyStore, KeyManager as VeramoKeyManager } from '@veramo/key-manager';
3
+ import { IKeyManagerGetArgs, ISphereonKeyManager, ISphereonKeyManagerCreateArgs, ISphereonKeyManagerHandleExpirationsArgs, ISphereonKeyManagerSignArgs, ISphereonKeyManagerVerifyArgs } from '../types/ISphereonKeyManager';
4
4
  export declare const sphereonKeyManagerMethods: Array<string>;
5
5
  export declare class SphereonKeyManager extends VeramoKeyManager {
6
6
  private localStore;
@@ -10,9 +10,12 @@ export declare class SphereonKeyManager extends VeramoKeyManager {
10
10
  store: AbstractKeyStore;
11
11
  kms: Record<string, AbstractKeyManagementSystem>;
12
12
  });
13
- private getAvailableKms;
13
+ keyManagerCreate(args: ISphereonKeyManagerCreateArgs): Promise<ManagedKeyInfo>;
14
14
  keyManagerSign(args: ISphereonKeyManagerSignArgs): Promise<string>;
15
15
  keyManagerVerify(args: ISphereonKeyManagerVerifyArgs): Promise<boolean>;
16
16
  keyManagerListKeys(): Promise<ManagedKeyInfo[]>;
17
+ keyManagerHandleExpirations(args: ISphereonKeyManagerHandleExpirationsArgs): Promise<Array<ManagedKeyInfo>>;
18
+ private getKmsByName;
19
+ keyManagerGet({ kid }: IKeyManagerGetArgs): Promise<IKey>;
17
20
  }
18
21
  //# sourceMappingURL=SphereonKeyManager.d.ts.map
package/dist/agent/SphereonKeyManager.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"SphereonKeyManager.d.ts","sourceRoot":"","sources":["../../src/agent/SphereonKeyManager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,IAAI,gBAAgB,EAAE,2BAA2B,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAA;AAEnH,OAAO,EAAQ,cAAc,EAAY,MAAM,cAAc,CAAA;AAE7D,OAAO,EAAE,mBAAmB,EAAE,2BAA2B,EAAE,6BAA6B,EAAE,MAAM,8BAA8B,CAAA;AAE9H,eAAO,MAAM,yBAAyB,EAAE,KAAK,CAAC,MAAM,CAMnD,CAAA;AAED,qBAAa,kBAAmB,SAAQ,gBAAgB;IACtD,OAAO,CAAC,UAAU,CAAkB;IACpC,OAAO,CAAC,QAAQ,CAAC,cAAc,CAA6C;IAC5E,QAAQ,CAAC,YAAY,EAAE,mBAAmB,CAAA;gBAE9B,OAAO,EAAE;QAAE,KAAK,EAAE,gBAAgB,CAAC;QAAC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,2BAA2B,CAAC,CAAA;KAAE;IAUlG,OAAO,CAAC,eAAe;IASjB,cAAc,CAAC,IAAI,EAAE,2BAA2B,GAAG,OAAO,CAAC,MAAM,CAAC;IAUlE,gBAAgB,CAAC,IAAI,EAAE,6BAA6B,GAAG,OAAO,CAAC,OAAO,CAAC;IASvE,kBAAkB,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;CAGtD"}
1
+ {"version":3,"file":"SphereonKeyManager.d.ts","sourceRoot":"","sources":["../../src/agent/SphereonKeyManager.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAe,cAAc,EAAE,MAAM,cAAc,CAAA;AAChE,OAAO,EAAE,2BAA2B,EAAE,gBAAgB,EAAE,UAAU,IAAI,gBAAgB,EAAE,MAAM,qBAAqB,CAAA;AACnH,OAAO,EAEL,kBAAkB,EAClB,mBAAmB,EACnB,6BAA6B,EAC7B,wCAAwC,EACxC,2BAA2B,EAC3B,6BAA6B,EAC9B,MAAM,8BAA8B,CAAA;AAIrC,eAAO,MAAM,yBAAyB,EAAE,KAAK,CAAC,MAAM,CAQnD,CAAA;AAED,qBAAa,kBAAmB,SAAQ,gBAAgB;IAEtD,OAAO,CAAC,UAAU,CAAkB;IACpC,OAAO,CAAC,QAAQ,CAAC,cAAc,CAA6C;IAC5E,QAAQ,CAAC,YAAY,EAAE,mBAAmB,CAAA;gBAE9B,OAAO,EAAE;QAAE,KAAK,EAAE,gBAAgB,CAAC;QAAC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,2BAA2B,CAAC,CAAA;KAAE;IAUnF,gBAAgB,CAAC,IAAI,EAAE,6BAA6B,GAAG,OAAO,CAAC,cAAc,CAAC;IAyBvF,cAAc,CAAC,IAAI,EAAE,2BAA2B,GAAG,OAAO,CAAC,MAAM,CAAC;IAUlE,gBAAgB,CAAC,IAAI,EAAE,6BAA6B,GAAG,OAAO,CAAC,OAAO,CAAC;IAevE,kBAAkB,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;IAI/C,2BAA2B,CAAC,IAAI,EAAE,wCAAwC,GAAG,OAAO,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC;IAiBjH,OAAO,CAAC,YAAY;IASd,aAAa,CAAC,EAAE,GAAG,EAAE,EAAE,kBAAkB,GAAG,OAAO,CAAC,IAAI,CAAC;CAmBhE"}
package/dist/agent/SphereonKeyManager.js CHANGED
@@ -1,4 +1,27 @@
1
1
  "use strict";
2
+ var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
3
+ if (k2 === undefined) k2 = k;
4
+ var desc = Object.getOwnPropertyDescriptor(m, k);
5
+ if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
6
+ desc = { enumerable: true, get: function() { return m[k]; } };
7
+ }
8
+ Object.defineProperty(o, k2, desc);
9
+ }) : (function(o, m, k, k2) {
10
+ if (k2 === undefined) k2 = k;
11
+ o[k2] = m[k];
12
+ }));
13
+ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
14
+ Object.defineProperty(o, "default", { enumerable: true, value: v });
15
+ }) : function(o, v) {
16
+ o["default"] = v;
17
+ });
18
+ var __importStar = (this && this.__importStar) || function (mod) {
19
+ if (mod && mod.__esModule) return mod;
20
+ var result = {};
21
+ if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
22
+ __setModuleDefault(result, mod);
23
+ return result;
24
+ };
2
25
  var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
3
26
  function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
4
27
  return new (P || (P = Promise))(function (resolve, reject) {
@@ -10,14 +33,18 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
10
33
  };
11
34
  Object.defineProperty(exports, "__esModule", { value: true });
12
35
  exports.SphereonKeyManager = exports.sphereonKeyManagerMethods = void 0;
36
+ const ssi_sdk_ext_key_utils_1 = require("@sphereon/ssi-sdk-ext.key-utils");
13
37
  const key_manager_1 = require("@veramo/key-manager");
14
- const ssi_sdk_ext_kms_local_1 = require("@sphereon/ssi-sdk-ext.kms-local");
38
+ const ISphereonKeyManager_1 = require("../types/ISphereonKeyManager");
39
+ const u8a = __importStar(require("uint8arrays"));
15
40
  exports.sphereonKeyManagerMethods = [
16
41
  'keyManagerCreate',
42
+ 'keyManagerGet',
17
43
  'keyManagerImport',
18
44
  'keyManagerSign',
19
45
  'keyManagerVerify',
20
46
  'keyManagerListKeys',
47
+ 'keyManagerHandleExpirations',
21
48
  ];
22
49
  class SphereonKeyManager extends key_manager_1.KeyManager {
23
50
  constructor(options) {
@@ -29,12 +56,26 @@ class SphereonKeyManager extends key_manager_1.KeyManager {
29
56
  methods.keyManagerListKeys = this.keyManagerListKeys.bind(this);
30
57
  this.localMethods = methods;
31
58
  }
32
- getAvailableKms(name) {
33
- const kms = this.availableKMSes[name];
34
- if (!kms) {
35
- throw Error(`invalid_argument: This agent has no registered KeyManagementSystem with name='${name}'`);
36
- }
37
- return kms;
59
+ keyManagerCreate(args) {
60
+ return __awaiter(this, void 0, void 0, function* () {
61
+ var _a, _b, _c, _d;
62
+ const kms = this.getKmsByName(args.kms);
63
+ const meta = Object.assign(Object.assign({}, args.meta), (args.opts && { opts: args.opts }));
64
+ if ((0, ISphereonKeyManager_1.hasKeyOptions)(meta) && ((_a = meta.opts) === null || _a === void 0 ? void 0 : _a.ephemeral) && !((_b = meta.opts.expiration) === null || _b === void 0 ? void 0 : _b.removalDate)) {
65
+ // Make sure we set a delete date on an ephemeral key
66
+ meta.opts = Object.assign(Object.assign({}, meta.opts), { expiration: Object.assign(Object.assign({}, (_c = meta.opts) === null || _c === void 0 ? void 0 : _c.expiration), { removalDate: new Date(Date.now() + 5 * 60 * 1000) }) });
67
+ }
68
+ const partialKey = yield kms.createKey({ type: args.type, meta });
69
+ const key = Object.assign(Object.assign({}, partialKey), { kms: args.kms });
70
+ key.meta = Object.assign(Object.assign({}, meta), key.meta);
71
+ key.meta.jwkThumbprint = (_d = key.meta.jwkThumbprint) !== null && _d !== void 0 ? _d : (0, ssi_sdk_ext_key_utils_1.calculateJwkThumbprintForKey)({ key });
72
+ yield this.localStore.import(key);
73
+ if (key.privateKeyHex) {
74
+ // Make sure to not export the private key
75
+ delete key.privateKeyHex;
76
+ }
77
+ return key;
78
+ });
38
79
  }
39
80
  //FIXME extend the IKeyManagerSignArgs.data to be a string or array of strings
40
81
  keyManagerSign(args) {
@@ -43,27 +84,83 @@ class SphereonKeyManager extends key_manager_1.KeyManager {
43
84
  });
44
85
  return __awaiter(this, void 0, void 0, function* () {
45
86
  const keyInfo = (yield this.localStore.get({ kid: args.keyRef }));
46
- const kms = this.getAvailableKms(keyInfo.kms);
47
- if (keyInfo.type === ssi_sdk_ext_kms_local_1.KeyType.Bls12381G2) {
87
+ const kms = this.getKmsByName(keyInfo.kms);
88
+ if (keyInfo.type === 'Bls12381G2') {
48
89
  return yield kms.sign({ keyRef: keyInfo, data: Uint8Array.from(Buffer.from(args.data)) });
49
90
  }
50
- // @ts-ignore
91
+ // @ts-ignore // we can pass in uint8arrays as well, which the super also can handle but does not expose in its types
51
92
  return yield _super.keyManagerSign.call(this, args);
52
93
  });
53
94
  }
54
95
  keyManagerVerify(args) {
55
96
  return __awaiter(this, void 0, void 0, function* () {
56
- const kms = this.getAvailableKms(args.kms);
57
- if (('verify' in kms && typeof kms.verify === 'function') || kms instanceof ssi_sdk_ext_kms_local_1.SphereonKeyManagementSystem) {
58
- // @ts-ignore
59
- return yield kms.verify(args);
97
+ if (args.kms) {
98
+ const kms = this.getKmsByName(args.kms);
99
+ if (kms && 'verify' in kms && typeof kms.verify === 'function') {
100
+ // @ts-ignore
101
+ return yield kms.verify(args);
102
+ }
60
103
  }
61
- throw Error(`KMS ${kms} does not support verification`);
104
+ return yield (0, ssi_sdk_ext_key_utils_1.verifySignatureWithSubtle)({
105
+ key: (0, ssi_sdk_ext_key_utils_1.toJwk)(args.publicKeyHex, args.type),
106
+ data: args.data,
107
+ signature: u8a.fromString(args.signature, 'utf-8'),
108
+ });
62
109
  });
63
110
  }
64
111
  keyManagerListKeys() {
65
112
  return __awaiter(this, void 0, void 0, function* () {
66
- return this.localStore.list({}); // FIXME there are no args it seems
113
+ return this.localStore.list({});
114
+ });
115
+ }
116
+ keyManagerHandleExpirations(args) {
117
+ return __awaiter(this, void 0, void 0, function* () {
118
+ const keys = yield this.keyManagerListKeys();
119
+ const expiredKeys = keys
120
+ .filter((key) => (0, ISphereonKeyManager_1.hasKeyOptions)(key.meta))
121
+ .filter((key) => {
122
+ var _a, _b;
123
+ if ((0, ISphereonKeyManager_1.hasKeyOptions)(key.meta) && ((_b = (_a = key.meta) === null || _a === void 0 ? void 0 : _a.opts) === null || _b === void 0 ? void 0 : _b.expiration)) {
124
+ const expiration = key.meta.opts.expiration;
125
+ return !(expiration.expiryDate && expiration.expiryDate.getMilliseconds() > Date.now());
126
+ }
127
+ return false;
128
+ });
129
+ if (args.skipRemovals !== true) {
130
+ yield Promise.all(expiredKeys.map((key) => this.keyManagerDelete({ kid: key.kid })));
131
+ }
132
+ return keys;
133
+ });
134
+ }
135
+ getKmsByName(name) {
136
+ const kms = this.availableKMSes[name];
137
+ if (!kms) {
138
+ throw Error(`invalid_argument: This agent has no registered KeyManagementSystem with name='${name}'`);
139
+ }
140
+ return kms;
141
+ }
142
+ //todo https://sphereon.atlassian.net/browse/SDK-28 improve the logic for keyManagerGet in sphereon-key-manager
143
+ keyManagerGet(_a) {
144
+ return __awaiter(this, arguments, void 0, function* ({ kid }) {
145
+ try {
146
+ const key = yield this.localStore.get({ kid });
147
+ return key;
148
+ }
149
+ catch (e) {
150
+ const keys = yield this.keyManagerListKeys();
151
+ const foundKey = keys.find((key) => {
152
+ var _a, _b;
153
+ return key.publicKeyHex === kid ||
154
+ ((_a = key.meta) === null || _a === void 0 ? void 0 : _a.jwkThumbprint) === kid ||
155
+ (((_b = key.meta) === null || _b === void 0 ? void 0 : _b.jwkThumbprint) == null && (0, ssi_sdk_ext_key_utils_1.calculateJwkThumbprintForKey)({ key }) === kid);
156
+ });
157
+ if (foundKey) {
158
+ return foundKey;
159
+ }
160
+ else {
161
+ throw new Error(`Key with kid ${kid} not found`);
162
+ }
163
+ }
67
164
  });
68
165
  }
69
166
  }
package/dist/agent/SphereonKeyManager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"SphereonKeyManager.js","sourceRoot":"","sources":["../../src/agent/SphereonKeyManager.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,qDAAmH;AAGnH,2EAAsF;AAGzE,QAAA,yBAAyB,GAAkB;IACtD,kBAAkB;IAClB,kBAAkB;IAClB,gBAAgB;IAChB,kBAAkB;IAClB,oBAAoB;CACrB,CAAA;AAED,MAAa,kBAAmB,SAAQ,wBAAgB;IAKtD,YAAY,OAAsF;QAChG,KAAK,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,GAAG,EAAE,OAAO,CAAC,GAAG,EAAE,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,GAAG,OAAO,CAAC,KAAK,CAAA;QAC/B,IAAI,CAAC,cAAc,GAAG,OAAO,CAAC,GAAG,CAAA;QACjC,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAC5B,OAAO,CAAC,gBAAgB,GAAG,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAC3D,OAAO,CAAC,kBAAkB,GAAG,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAC/D,IAAI,CAAC,YAAY,GAAkC,OAAQ,CAAA;IAC7D,CAAC;IAEO,eAAe,CAAC,IAAY;QAClC,MAAM,GAAG,GAAG,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,CAAA;QACrC,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,MAAM,KAAK,CAAC,iFAAiF,IAAI,GAAG,CAAC,CAAA;QACvG,CAAC;QACD,OAAO,GAAG,CAAA;IACZ,CAAC;IAED,8EAA8E;IACxE,cAAc,CAAC,IAAiC;;;;;YACpD,MAAM,OAAO,GAAS,CAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,CAAS,CAAA;YAC/E,MAAM,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;YAC7C,IAAI,OAAO,CAAC,IAAI,KAAe,+BAAO,CAAC,UAAU,EAAE,CAAC;gBAClD,OAAO,MAAM,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,CAAA;YAC3F,CAAC;YACD,aAAa;YACb,OAAO,MAAM,OAAM,cAAc,YAAC,IAAI,CAAC,CAAA;QACzC,CAAC;KAAA;IAEK,gBAAgB,CAAC,IAAmC;;YACxD,MAAM,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;YAC1C,IAAI,CAAC,QAAQ,IAAI,GAAG,IAAI,OAAO,GAAG,CAAC,MAAM,KAAK,UAAU,CAAC,IAAI,GAAG,YAAY,mDAA2B,EAAE,CAAC;gBACxG,aAAa;gBACb,OAAO,MAAM,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;YAC/B,CAAC;YACD,MAAM,KAAK,CAAC,OAAO,GAAG,gCAAgC,CAAC,CAAA;QACzD,CAAC;KAAA;IAEK,kBAAkB;;YACtB,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA,CAAC,mCAAmC;QACrE,CAAC;KAAA;CACF;AA9CD,gDA8CC"}
1
+ {"version":3,"file":"SphereonKeyManager.js","sourceRoot":"","sources":["../../src/agent/SphereonKeyManager.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,2EAAgH;AAEhH,qDAAmH;AACnH,sEAQqC;AAErC,iDAAkC;AAErB,QAAA,yBAAyB,GAAkB;IACtD,kBAAkB;IAClB,eAAe;IACf,kBAAkB;IAClB,gBAAgB;IAChB,kBAAkB;IAClB,oBAAoB;IACpB,6BAA6B;CAC9B,CAAA;AAED,MAAa,kBAAmB,SAAQ,wBAAgB;IAMtD,YAAY,OAAsF;QAChG,KAAK,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,GAAG,EAAE,OAAO,CAAC,GAAG,EAAE,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,GAAG,OAAO,CAAC,KAAK,CAAA;QAC/B,IAAI,CAAC,cAAc,GAAG,OAAO,CAAC,GAAG,CAAA;QACjC,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAC5B,OAAO,CAAC,gBAAgB,GAAG,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAC3D,OAAO,CAAC,kBAAkB,GAAG,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAC/D,IAAI,CAAC,YAAY,GAAkC,OAAQ,CAAA;IAC7D,CAAC;IAEc,gBAAgB,CAAC,IAAmC;;;YACjE,MAAM,GAAG,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;YACvC,MAAM,IAAI,mCAAqB,IAAI,CAAC,IAAI,GAAK,CAAC,IAAI,CAAC,IAAI,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,CAAE,CAAA;YACjF,IAAI,IAAA,mCAAa,EAAC,IAAI,CAAC,KAAI,MAAA,IAAI,CAAC,IAAI,0CAAE,SAAS,CAAA,IAAI,CAAC,CAAA,MAAA,IAAI,CAAC,IAAI,CAAC,UAAU,0CAAE,WAAW,CAAA,EAAE,CAAC;gBACtF,qDAAqD;gBACrD,IAAI,CAAC,IAAI,mCACJ,IAAI,CAAC,IAAI,KACZ,UAAU,kCAAO,MAAA,IAAI,CAAC,IAAI,0CAAE,UAAU,KAAE,WAAW,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,MAC1F,CAAA;YACH,CAAC;YACD,MAAM,UAAU,GAAG,MAAM,GAAG,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAA;YACjE,MAAM,GAAG,mCAAc,UAAU,KAAE,GAAG,EAAE,IAAI,CAAC,GAAG,GAAE,CAAA;YAClD,GAAG,CAAC,IAAI,mCAAQ,IAAI,GAAK,GAAG,CAAC,IAAI,CAAE,CAAA;YACnC,GAAG,CAAC,IAAI,CAAC,aAAa,GAAG,MAAA,GAAG,CAAC,IAAI,CAAC,aAAa,mCAAI,IAAA,oDAA4B,EAAC,EAAE,GAAG,EAAE,CAAC,CAAA;YAExF,MAAM,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA;YACjC,IAAI,GAAG,CAAC,aAAa,EAAE,CAAC;gBACtB,0CAA0C;gBAC1C,OAAO,GAAG,CAAC,aAAa,CAAA;YAC1B,CAAC;YACD,OAAO,GAAG,CAAA;QACZ,CAAC;KAAA;IAED,8EAA8E;IAExE,cAAc,CAAC,IAAiC;;;;;YACpD,MAAM,OAAO,GAAS,CAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,CAAS,CAAA;YAC/E,MAAM,GAAG,GAAG,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;YAC1C,IAAI,OAAO,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;gBAClC,OAAO,MAAM,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,CAAA;YAC3F,CAAC;YACD,qHAAqH;YACrH,OAAO,MAAM,OAAM,cAAc,YAAC,IAAI,CAAC,CAAA;QACzC,CAAC;KAAA;IAEK,gBAAgB,CAAC,IAAmC;;YACxD,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC;gBACb,MAAM,GAAG,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;gBACvC,IAAI,GAAG,IAAI,QAAQ,IAAI,GAAG,IAAI,OAAO,GAAG,CAAC,MAAM,KAAK,UAAU,EAAE,CAAC;oBAC/D,aAAa;oBACb,OAAO,MAAM,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;gBAC/B,CAAC;YACH,CAAC;YACD,OAAO,MAAM,IAAA,iDAAyB,EAAC;gBACrC,GAAG,EAAE,IAAA,6BAAK,EAAC,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,IAAI,CAAC;gBACxC,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,SAAS,EAAE,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS,EAAE,OAAO,CAAC;aACnD,CAAC,CAAA;QACJ,CAAC;KAAA;IAEK,kBAAkB;;YACtB,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACjC,CAAC;KAAA;IAEK,2BAA2B,CAAC,IAA8C;;YAC9E,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,kBAAkB,EAAE,CAAA;YAC5C,MAAM,WAAW,GAAG,IAAI;iBACrB,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAA,mCAAa,EAAC,GAAG,CAAC,IAAI,CAAC,CAAC;iBACxC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE;;gBACd,IAAI,IAAA,mCAAa,EAAC,GAAG,CAAC,IAAI,CAAC,KAAI,MAAA,MAAA,GAAG,CAAC,IAAI,0CAAE,IAAI,0CAAE,UAAU,CAAA,EAAE,CAAC;oBAC1D,MAAM,UAAU,GAAG,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAA;oBAC3C,OAAO,CAAC,CAAC,UAAU,CAAC,UAAU,IAAI,UAAU,CAAC,UAAU,CAAC,eAAe,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAA;gBACzF,CAAC;gBACD,OAAO,KAAK,CAAA;YACd,CAAC,CAAC,CAAA;YACJ,IAAI,IAAI,CAAC,YAAY,KAAK,IAAI,EAAE,CAAC;gBAC/B,MAAM,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAA;YACtF,CAAC;YACD,OAAO,IAAI,CAAA;QACb,CAAC;KAAA;IAEO,YAAY,CAAC,IAAY;QAC/B,MAAM,GAAG,GAAG,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,CAAA;QACrC,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,MAAM,KAAK,CAAC,iFAAiF,IAAI,GAAG,CAAC,CAAA;QACvG,CAAC;QACD,OAAO,GAAG,CAAA;IACZ,CAAC;IAED,+GAA+G;IACzG,aAAa;6DAAC,EAAE,GAAG,EAAsB;YAC7C,IAAI,CAAC;gBACH,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAA;gBAC9C,OAAO,GAAG,CAAA;YACZ,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,MAAM,IAAI,GAAqB,MAAM,IAAI,CAAC,kBAAkB,EAAE,CAAA;gBAC9D,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CACxB,CAAC,GAAG,EAAE,EAAE;;oBACN,OAAA,GAAG,CAAC,YAAY,KAAK,GAAG;wBACxB,CAAA,MAAA,GAAG,CAAC,IAAI,0CAAE,aAAa,MAAK,GAAG;wBAC/B,CAAC,CAAA,MAAA,GAAG,CAAC,IAAI,0CAAE,aAAa,KAAI,IAAI,IAAI,IAAA,oDAA4B,EAAC,EAAE,GAAG,EAAE,CAAC,KAAK,GAAG,CAAC,CAAA;iBAAA,CACrF,CAAA;gBACD,IAAI,QAAQ,EAAE,CAAC;oBACb,OAAO,QAAgB,CAAA;gBACzB,CAAC;qBAAM,CAAC;oBACN,MAAM,IAAI,KAAK,CAAC,gBAAgB,GAAG,YAAY,CAAC,CAAA;gBAClD,CAAC;YACH,CAAC;QACH,CAAC;KAAA;CACF;AAnHD,gDAmHC"}
package/dist/ssi-sdk-ext.key-manager.d.ts CHANGED
@@ -1,5 +1,6 @@
1
1
  import { AbstractKeyManagementSystem } from '@veramo/key-manager';
2
2
  import { AbstractKeyStore } from '@veramo/key-manager';
3
+ import { IKey } from '@veramo/core';
3
4
  import { IKeyManager } from '@veramo/core';
4
5
  import { IKeyManagerSignArgs } from '@veramo/core';
5
6
  import { IPluginMethodMap } from '@veramo/core';
@@ -9,24 +10,9 @@ import { ManagedKeyInfo } from '@veramo/core';
9
10
  import { MinimalImportableKey } from '@veramo/core';
10
11
  import { TKeyType } from '@veramo/core';
11
12
 
12
- /**
13
- * Input arguments for {@link ISphereonKeyManager.keyManagerCreate | keyManagerCreate}
14
- * @public
15
- */
16
- export declare interface IKeyManagerCreateArgs {
17
- /**
18
- * Key type
19
- */
20
- type: TKeyType;
21
- /**
22
- * Key Management System
23
- */
24
- kms: string;
25
- /**
26
- * Optional. Key meta data
27
- */
28
- meta?: KeyMetadata;
29
- }
13
+ export declare function hasKeyOptions(object: any): object is {
14
+ opts?: IkeyOptions;
15
+ };
30
16
 
31
17
  /**
32
18
  * Input arguments for {@link ISphereonKeyManager.keyManagerDelete | keyManagerDelete}
@@ -50,8 +36,24 @@ export declare interface IKeyManagerGetArgs {
50
36
  kid: string;
51
37
  }
52
38
 
39
+ export declare interface IkeyOptions {
40
+ /**
41
+ * Is this a temporary key?
42
+ */
43
+ ephemeral?: boolean;
44
+ /**
45
+ * Expiration and remove the key
46
+ */
47
+ expiration?: {
48
+ expiryDate?: Date;
49
+ removalDate?: Date;
50
+ };
51
+ }
52
+
53
+ export declare const isDefined: <T extends unknown>(object: T | undefined) => object is T;
54
+
53
55
  export declare interface ISphereonKeyManager extends IKeyManager, IPluginMethodMap {
54
- keyManagerCreate(args: IKeyManagerCreateArgs): Promise<PartialKey>;
56
+ keyManagerCreate(args: ISphereonKeyManagerCreateArgs): Promise<PartialKey>;
55
57
  keyManagerImport(key: MinimalImportableKey): Promise<PartialKey>;
56
58
  keyManagerSign(args: ISphereonKeyManagerSignArgs): Promise<string>;
57
59
  /**
@@ -62,6 +64,38 @@ export declare interface ISphereonKeyManager extends IKeyManager, IPluginMethodM
62
64
  */
63
65
  keyManagerVerify(args: ISphereonKeyManagerVerifyArgs): Promise<boolean>;
64
66
  keyManagerListKeys(): Promise<Array<ManagedKeyInfo>>;
67
+ /**
68
+ * Set keys to expired and remove keys eligible for deletion.
69
+ * @param args
70
+ */
71
+ keyManagerHandleExpirations(args: ISphereonKeyManagerHandleExpirationsArgs): Promise<Array<ManagedKeyInfo>>;
72
+ }
73
+
74
+ /**
75
+ * Input arguments for {@link ISphereonKeyManager.keyManagerCreate | keyManagerCreate}
76
+ * @public
77
+ */
78
+ export declare interface ISphereonKeyManagerCreateArgs {
79
+ /**
80
+ * Key type
81
+ */
82
+ type: TKeyType;
83
+ /**
84
+ * Key Management System
85
+ */
86
+ kms: string;
87
+ /**
88
+ * Key options
89
+ */
90
+ opts?: IkeyOptions;
91
+ /**
92
+ * Optional. Key meta data
93
+ */
94
+ meta?: KeyMetadata;
95
+ }
96
+
97
+ export declare interface ISphereonKeyManagerHandleExpirationsArgs {
98
+ skipRemovals?: boolean;
65
99
  }
66
100
 
67
101
  /**
@@ -76,7 +110,7 @@ export declare interface ISphereonKeyManagerSignArgs extends IKeyManagerSignArgs
76
110
  }
77
111
 
78
112
  export declare interface ISphereonKeyManagerVerifyArgs {
79
- kms: string;
113
+ kms?: string;
80
114
  publicKeyHex: string;
81
115
  type: TKeyType;
82
116
  algorithm?: string;
@@ -98,10 +132,13 @@ export declare class SphereonKeyManager extends KeyManager {
98
132
  store: AbstractKeyStore;
99
133
  kms: Record<string, AbstractKeyManagementSystem>;
100
134
  });
101
- private getAvailableKms;
135
+ keyManagerCreate(args: ISphereonKeyManagerCreateArgs): Promise<ManagedKeyInfo>;
102
136
  keyManagerSign(args: ISphereonKeyManagerSignArgs): Promise<string>;
103
137
  keyManagerVerify(args: ISphereonKeyManagerVerifyArgs): Promise<boolean>;
104
138
  keyManagerListKeys(): Promise<ManagedKeyInfo[]>;
139
+ keyManagerHandleExpirations(args: ISphereonKeyManagerHandleExpirationsArgs): Promise<Array<ManagedKeyInfo>>;
140
+ private getKmsByName;
141
+ keyManagerGet({ kid }: IKeyManagerGetArgs): Promise<IKey>;
105
142
  }
106
143
 
107
144
  export declare const sphereonKeyManagerMethods: Array<string>;
package/dist/tsdoc-metadata.json CHANGED
@@ -5,7 +5,7 @@
5
5
  "toolPackages": [
6
6
  {
7
7
  "packageName": "@microsoft/api-extractor",
8
- "packageVersion": "7.47.3"
8
+ "packageVersion": "7.47.5"
9
9
  }
10
10
  ]
11
11
  }
package/dist/types/ISphereonKeyManager.d.ts CHANGED
@@ -4,7 +4,7 @@ export type PartialKey = ManagedKeyInfo & {
4
4
  privateKeyHex: string;
5
5
  };
6
6
  export interface ISphereonKeyManager extends IKeyManager, IPluginMethodMap {
7
- keyManagerCreate(args: IKeyManagerCreateArgs): Promise<PartialKey>;
7
+ keyManagerCreate(args: ISphereonKeyManagerCreateArgs): Promise<PartialKey>;
8
8
  keyManagerImport(key: MinimalImportableKey): Promise<PartialKey>;
9
9
  keyManagerSign(args: ISphereonKeyManagerSignArgs): Promise<string>;
10
10
  /**
@@ -15,12 +15,30 @@ export interface ISphereonKeyManager extends IKeyManager, IPluginMethodMap {
15
15
  */
16
16
  keyManagerVerify(args: ISphereonKeyManagerVerifyArgs): Promise<boolean>;
17
17
  keyManagerListKeys(): Promise<Array<ManagedKeyInfo>>;
18
+ /**
19
+ * Set keys to expired and remove keys eligible for deletion.
20
+ * @param args
21
+ */
22
+ keyManagerHandleExpirations(args: ISphereonKeyManagerHandleExpirationsArgs): Promise<Array<ManagedKeyInfo>>;
23
+ }
24
+ export interface IkeyOptions {
25
+ /**
26
+ * Is this a temporary key?
27
+ */
28
+ ephemeral?: boolean;
29
+ /**
30
+ * Expiration and remove the key
31
+ */
32
+ expiration?: {
33
+ expiryDate?: Date;
34
+ removalDate?: Date;
35
+ };
18
36
  }
19
37
  /**
20
38
  * Input arguments for {@link ISphereonKeyManager.keyManagerCreate | keyManagerCreate}
21
39
  * @public
22
40
  */
23
- export interface IKeyManagerCreateArgs {
41
+ export interface ISphereonKeyManagerCreateArgs {
24
42
  /**
25
43
  * Key type
26
44
  */
@@ -29,11 +47,18 @@ export interface IKeyManagerCreateArgs {
29
47
  * Key Management System
30
48
  */
31
49
  kms: string;
50
+ /**
51
+ * Key options
52
+ */
53
+ opts?: IkeyOptions;
32
54
  /**
33
55
  * Optional. Key meta data
34
56
  */
35
57
  meta?: KeyMetadata;
36
58
  }
59
+ export declare function hasKeyOptions(object: any): object is {
60
+ opts?: IkeyOptions;
61
+ };
37
62
  /**
38
63
  * Input arguments for {@link ISphereonKeyManager.keyManagerGet | keyManagerGet}
39
64
  * @public
@@ -64,12 +89,16 @@ export interface ISphereonKeyManagerSignArgs extends IKeyManagerSignArgs {
64
89
  */
65
90
  data: string | Uint8Array;
66
91
  }
92
+ export interface ISphereonKeyManagerHandleExpirationsArgs {
93
+ skipRemovals?: boolean;
94
+ }
67
95
  export interface ISphereonKeyManagerVerifyArgs {
68
- kms: string;
96
+ kms?: string;
69
97
  publicKeyHex: string;
70
98
  type: TKeyType;
71
99
  algorithm?: string;
72
100
  data: Uint8Array;
73
101
  signature: string;
74
102
  }
103
+ export declare const isDefined: <T extends unknown>(object: T | undefined) => object is T;
75
104
  //# sourceMappingURL=ISphereonKeyManager.d.ts.map
package/dist/types/ISphereonKeyManager.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ISphereonKeyManager.d.ts","sourceRoot":"","sources":["../../src/types/ISphereonKeyManager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,WAAW,EAAE,oBAAoB,EAAE,QAAQ,EAAE,mBAAmB,EAAE,WAAW,EAAE,MAAM,cAAc,CAAA;AAC9H,OAAO,EAAE,cAAc,EAAE,MAAM,cAAc,CAAA;AAE7C,MAAM,MAAM,UAAU,GAAG,cAAc,GAAG;IAAE,aAAa,EAAE,MAAM,CAAA;CAAE,CAAA;AAEnE,MAAM,WAAW,mBAAoB,SAAQ,WAAW,EAAE,gBAAgB;IACxE,gBAAgB,CAAC,IAAI,EAAE,qBAAqB,GAAG,OAAO,CAAC,UAAU,CAAC,CAAA;IAElE,gBAAgB,CAAC,GAAG,EAAE,oBAAoB,GAAG,OAAO,CAAC,UAAU,CAAC,CAAA;IAEhE,cAAc,CAAC,IAAI,EAAE,2BAA2B,GAAG,OAAO,CAAC,MAAM,CAAC,CAAA;IAElE;;;;;OAKG;IACH,gBAAgB,CAAC,IAAI,EAAE,6BAA6B,GAAG,OAAO,CAAC,OAAO,CAAC,CAAA;IAEvE,kBAAkB,IAAI,OAAO,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,CAAA;CACrD;AAED;;;GAGG;AACH,MAAM,WAAW,qBAAqB;IACpC;;OAEG;IACH,IAAI,EAAE,QAAQ,CAAA;IAEd;;OAEG;IACH,GAAG,EAAE,MAAM,CAAA;IAEX;;OAEG;IACH,IAAI,CAAC,EAAE,WAAW,CAAA;CACnB;AAED;;;GAGG;AACH,MAAM,WAAW,kBAAkB;IACjC;;OAEG;IACH,GAAG,EAAE,MAAM,CAAA;CACZ;AAED;;;GAGG;AACH,MAAM,WAAW,qBAAqB;IACpC;;OAEG;IACH,GAAG,EAAE,MAAM,CAAA;CACZ;AAED;;;GAGG;AAEH,MAAM,WAAW,2BAA4B,SAAQ,mBAAmB;IACtE;;OAEG;IACH,IAAI,EAAE,MAAM,GAAG,UAAU,CAAA;CAC1B;AAED,MAAM,WAAW,6BAA6B;IAC5C,GAAG,EAAE,MAAM,CAAA;IACX,YAAY,EAAE,MAAM,CAAA;IACpB,IAAI,EAAE,QAAQ,CAAA;IACd,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,IAAI,EAAE,UAAU,CAAA;IAChB,SAAS,EAAE,MAAM,CAAA;CAClB"}
1
+ {"version":3,"file":"ISphereonKeyManager.d.ts","sourceRoot":"","sources":["../../src/types/ISphereonKeyManager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,WAAW,EAAE,oBAAoB,EAAE,QAAQ,EAAE,mBAAmB,EAAE,WAAW,EAAE,MAAM,cAAc,CAAA;AAC9H,OAAO,EAAE,cAAc,EAAE,MAAM,cAAc,CAAA;AAE7C,MAAM,MAAM,UAAU,GAAG,cAAc,GAAG;IAAE,aAAa,EAAE,MAAM,CAAA;CAAE,CAAA;AAEnE,MAAM,WAAW,mBAAoB,SAAQ,WAAW,EAAE,gBAAgB;IACxE,gBAAgB,CAAC,IAAI,EAAE,6BAA6B,GAAG,OAAO,CAAC,UAAU,CAAC,CAAA;IAE1E,gBAAgB,CAAC,GAAG,EAAE,oBAAoB,GAAG,OAAO,CAAC,UAAU,CAAC,CAAA;IAEhE,cAAc,CAAC,IAAI,EAAE,2BAA2B,GAAG,OAAO,CAAC,MAAM,CAAC,CAAA;IAElE;;;;;OAKG;IACH,gBAAgB,CAAC,IAAI,EAAE,6BAA6B,GAAG,OAAO,CAAC,OAAO,CAAC,CAAA;IAEvE,kBAAkB,IAAI,OAAO,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,CAAA;IAEpD;;;OAGG;IACH,2BAA2B,CAAC,IAAI,EAAE,wCAAwC,GAAG,OAAO,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,CAAA;CAC5G;AAED,MAAM,WAAW,WAAW;IAC1B;;OAEG;IACH,SAAS,CAAC,EAAE,OAAO,CAAA;IAEnB;;OAEG;IACH,UAAU,CAAC,EAAE;QACX,UAAU,CAAC,EAAE,IAAI,CAAA;QACjB,WAAW,CAAC,EAAE,IAAI,CAAA;KACnB,CAAA;CACF;AAED;;;GAGG;AACH,MAAM,WAAW,6BAA6B;IAC5C;;OAEG;IACH,IAAI,EAAE,QAAQ,CAAA;IAEd;;OAEG;IACH,GAAG,EAAE,MAAM,CAAA;IAEX;;OAEG;IACH,IAAI,CAAC,EAAE,WAAW,CAAA;IAElB;;OAEG;IACH,IAAI,CAAC,EAAE,WAAW,CAAA;CACnB;AAED,wBAAgB,aAAa,CAAC,MAAM,EAAE,GAAG,GAAG,MAAM,IAAI;IAAE,IAAI,CAAC,EAAE,WAAW,CAAA;CAAE,CAE3E;AAED;;;GAGG;AACH,MAAM,WAAW,kBAAkB;IACjC;;OAEG;IACH,GAAG,EAAE,MAAM,CAAA;CACZ;AAED;;;GAGG;AACH,MAAM,WAAW,qBAAqB;IACpC;;OAEG;IACH,GAAG,EAAE,MAAM,CAAA;CACZ;AAED;;;GAGG;AAEH,MAAM,WAAW,2BAA4B,SAAQ,mBAAmB;IACtE;;OAEG;IACH,IAAI,EAAE,MAAM,GAAG,UAAU,CAAA;CAC1B;AAED,MAAM,WAAW,wCAAwC;IACvD,YAAY,CAAC,EAAE,OAAO,CAAA;CACvB;AAED,MAAM,WAAW,6BAA6B;IAC5C,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,YAAY,EAAE,MAAM,CAAA;IACpB,IAAI,EAAE,QAAQ,CAAA;IACd,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,IAAI,EAAE,UAAU,CAAA;IAChB,SAAS,EAAE,MAAM,CAAA;CAClB;AAED,eAAO,MAAM,SAAS,8BAA+B,CAAC,GAAG,SAAS,gBAAsC,CAAA"}
package/dist/types/ISphereonKeyManager.js CHANGED
@@ -1,3 +1,10 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.isDefined = exports.hasKeyOptions = void 0;
4
+ function hasKeyOptions(object) {
5
+ return object && 'opts' in object && ('ephemeral' in object.opts || 'expiration' in object.opts);
6
+ }
7
+ exports.hasKeyOptions = hasKeyOptions;
8
+ const isDefined = (object) => object !== undefined;
9
+ exports.isDefined = isDefined;
3
10
  //# sourceMappingURL=ISphereonKeyManager.js.map
package/dist/types/ISphereonKeyManager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ISphereonKeyManager.js","sourceRoot":"","sources":["../../src/types/ISphereonKeyManager.ts"],"names":[],"mappings":""}
1
+ {"version":3,"file":"ISphereonKeyManager.js","sourceRoot":"","sources":["../../src/types/ISphereonKeyManager.ts"],"names":[],"mappings":";;;AAsEA,SAAgB,aAAa,CAAC,MAAW;IACvC,OAAO,MAAQ,IAAI,MAAM,IAAI,MAAM,IAAI,CAAC,WAAW,IAAI,MAAM,CAAC,IAAI,IAAI,YAAY,IAAI,MAAM,CAAC,IAAI,CAAC,CAAA;AACpG,CAAC;AAFD,sCAEC;AAiDM,MAAM,SAAS,GAAG,CAAoB,MAAqB,EAAe,EAAE,CAAC,MAAM,KAAK,SAAS,CAAA;AAA3F,QAAA,SAAS,aAAkF"}
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@sphereon/ssi-sdk-ext.key-manager",
3
3
  "description": "Sphereon Key Manager plugin with BLS support",
4
- "version": "0.24.1-unstable.10+61bd444",
4
+ "version": "0.24.1-unstable.112+bb5e9a0",
5
5
  "source": "src/index.ts",
6
6
  "main": "dist/index.js",
7
7
  "types": "dist/index.d.ts",
@@ -15,14 +15,15 @@
15
15
  "generate-plugin-schema": "sphereon dev generate-plugin-schema"
16
16
  },
17
17
  "dependencies": {
18
- "@sphereon/ssi-sdk-ext.kms-local": "0.24.1-unstable.10+61bd444",
19
18
  "@veramo/core": "4.2.0",
20
- "@veramo/key-manager": "4.2.0"
19
+ "@veramo/key-manager": "4.2.0",
20
+ "uint8arrays": "^3.1.1"
21
21
  },
22
22
  "devDependencies": {
23
23
  "@mattrglobal/bbs-signatures": "^1.3.1",
24
- "@sphereon/ssi-sdk-ext.key-utils": "0.24.1-unstable.10+61bd444",
25
- "@sphereon/ssi-sdk.dev": "0.28.0"
24
+ "@sphereon/ssi-sdk-ext.key-utils": "0.24.1-unstable.112+bb5e9a0",
25
+ "@sphereon/ssi-sdk-ext.kms-local": "0.24.1-unstable.112+bb5e9a0",
26
+ "@sphereon/ssi-sdk.dev": "0.29.1-unstable.161"
26
27
  },
27
28
  "resolutions": {
28
29
  "jsonld": "npm:@digitalcredentials/jsonld@^5.2.1",
@@ -38,7 +39,7 @@
38
39
  "publishConfig": {
39
40
  "access": "public"
40
41
  },
41
- "repository": "git@github.com:Sphereon-Opensource/SSI-SDK.git",
42
+ "repository": "git@github.com:Sphereon-OpenSource/SSI-SDK-crypto-extensions.git",
42
43
  "author": "Sphereon <dev@sphereon.com>",
43
44
  "license": "Apache-2.0",
44
45
  "keywords": [
@@ -46,5 +47,5 @@
46
47
  "kms",
47
48
  "Veramo"
48
49
  ],
49
- "gitHead": "61bd4445b8a7e3da5bac0412d4359d9bf66df50c"
50
+ "gitHead": "bb5e9a06dffdec576f98d957d26dc0f4d1e9cca2"
50
51
  }
package/plugin.schema.json CHANGED
@@ -2,7 +2,7 @@
2
2
  "ISphereonKeyManager": {
3
3
  "components": {
4
4
  "schemas": {
5
- "IKeyManagerCreateArgs": {
5
+ "ISphereonKeyManagerCreateArgs": {
6
6
  "type": "object",
7
7
  "properties": {
8
8
  "type": {
@@ -13,6 +13,10 @@
13
13
  "type": "string",
14
14
  "description": "Key Management System"
15
15
  },
16
+ "opts": {
17
+ "$ref": "#/components/schemas/IkeyOptions",
18
+ "description": "Key options"
19
+ },
16
20
  "meta": {
17
21
  "$ref": "#/components/schemas/KeyMetadata",
18
22
  "description": "Optional. Key meta data"
@@ -37,6 +41,29 @@
37
41
  ],
38
42
  "description": "Cryptographic key type."
39
43
  },
44
+ "IkeyOptions": {
45
+ "type": "object",
46
+ "properties": {
47
+ "ephemeral": {
48
+ "type": "boolean",
49
+ "description": "Is this a temporary key?"
50
+ },
51
+ "expiration": {
52
+ "type": "object",
53
+ "properties": {
54
+ "expiryDate": {
55
+ "type": "string",
56
+ "format": "date-time"
57
+ },
58
+ "removalDate": {
59
+ "type": "string",
60
+ "format": "date-time"
61
+ }
62
+ },
63
+ "description": "Expiration and remove the key"
64
+ }
65
+ }
66
+ },
40
67
  "KeyMetadata": {
41
68
  "type": "object",
42
69
  "properties": {
@@ -91,11 +118,15 @@
91
118
  "type"
92
119
  ]
93
120
  },
94
- "MinimalImportableKey": {
95
- "$ref": "#/components/schemas/RequireOnly<IKey,(\"privateKeyHex\"|\"type\"|\"kms\")>",
96
- "description": "Represents the properties required to import a key."
121
+ "ISphereonKeyManagerHandleExpirationsArgs": {
122
+ "type": "object",
123
+ "properties": {
124
+ "skipRemovals": {
125
+ "type": "boolean"
126
+ }
127
+ }
97
128
  },
98
- "RequireOnly<IKey,(\"privateKeyHex\"|\"type\"|\"kms\")>": {
129
+ "ManagedKeyInfo": {
99
130
  "type": "object",
100
131
  "properties": {
101
132
  "kid": {
@@ -114,10 +145,6 @@
114
145
  "type": "string",
115
146
  "description": "Public key"
116
147
  },
117
- "privateKeyHex": {
118
- "type": "string",
119
- "description": "Optional. Private key"
120
- },
121
148
  "meta": {
122
149
  "anyOf": [
123
150
  {
@@ -130,9 +157,19 @@
130
157
  "description": "Optional. Key metadata. This should be used to determine which algorithms are supported."
131
158
  }
132
159
  },
133
- "description": "Represents an object type where a subset of keys are required and everything else is optional."
160
+ "required": [
161
+ "kid",
162
+ "kms",
163
+ "type",
164
+ "publicKeyHex"
165
+ ],
166
+ "description": "Represents information about a managed key. Private or secret key material is NOT present."
134
167
  },
135
- "ManagedKeyInfo": {
168
+ "MinimalImportableKey": {
169
+ "$ref": "#/components/schemas/RequireOnly<IKey,(\"privateKeyHex\"|\"type\"|\"kms\")>",
170
+ "description": "Represents the properties required to import a key."
171
+ },
172
+ "RequireOnly<IKey,(\"privateKeyHex\"|\"type\"|\"kms\")>": {
136
173
  "type": "object",
137
174
  "properties": {
138
175
  "kid": {
@@ -151,6 +188,10 @@
151
188
  "type": "string",
152
189
  "description": "Public key"
153
190
  },
191
+ "privateKeyHex": {
192
+ "type": "string",
193
+ "description": "Optional. Private key"
194
+ },
154
195
  "meta": {
155
196
  "anyOf": [
156
197
  {
@@ -163,13 +204,7 @@
163
204
  "description": "Optional. Key metadata. This should be used to determine which algorithms are supported."
164
205
  }
165
206
  },
166
- "required": [
167
- "kid",
168
- "kms",
169
- "type",
170
- "publicKeyHex"
171
- ],
172
- "description": "Represents information about a managed key. Private or secret key material is NOT present."
207
+ "description": "Represents an object type where a subset of keys are required and everything else is optional."
173
208
  },
174
209
  "ISphereonKeyManagerSignArgs": {
175
210
  "type": "object",
@@ -313,7 +348,6 @@
313
348
  }
314
349
  },
315
350
  "required": [
316
- "kms",
317
351
  "publicKeyHex",
318
352
  "type",
319
353
  "data",
@@ -325,12 +359,24 @@
325
359
  "keyManagerCreate": {
326
360
  "description": "",
327
361
  "arguments": {
328
- "$ref": "#/components/schemas/IKeyManagerCreateArgs"
362
+ "$ref": "#/components/schemas/ISphereonKeyManagerCreateArgs"
329
363
  },
330
364
  "returnType": {
331
365
  "$ref": "#/components/schemas/PartialKey"
332
366
  }
333
367
  },
368
+ "keyManagerHandleExpirations": {
369
+ "description": "Set keys to expired and remove keys eligible for deletion.",
370
+ "arguments": {
371
+ "$ref": "#/components/schemas/ISphereonKeyManagerHandleExpirationsArgs"
372
+ },
373
+ "returnType": {
374
+ "type": "array",
375
+ "items": {
376
+ "$ref": "#/components/schemas/ManagedKeyInfo"
377
+ }
378
+ }
379
+ },
334
380
  "keyManagerImport": {
335
381
  "description": "",
336
382
  "arguments": {
package/src/__tests__/SphereonKeyManager.test.ts ADDED
@@ -0,0 +1,72 @@
1
+ import { SphereonKeyManager } from '../agent/SphereonKeyManager'
2
+ import { MemoryKeyStore, MemoryPrivateKeyStore } from '@veramo/key-manager'
3
+ import { SphereonKeyManagementSystem } from '@sphereon/ssi-sdk-ext.kms-local'
4
+
5
+ describe('@sphereon/ssi-sdk-ext.key-manager key functionalities', () => {
6
+ const kms = new SphereonKeyManager({
7
+ store: new MemoryKeyStore(),
8
+ kms: {
9
+ local: new SphereonKeyManagementSystem(new MemoryPrivateKeyStore()),
10
+ },
11
+ })
12
+
13
+ it('should create and fetch a RSA key', async () => {
14
+ const key = await kms.keyManagerCreate({ type: 'RSA', kms: 'local' })
15
+ const fetchByKid = await kms.keyManagerGet({ kid: key.kid })
16
+ expect(fetchByKid.kid).toEqual(key.kid)
17
+ expect(fetchByKid.publicKeyHex).toEqual(key.publicKeyHex)
18
+ expect(fetchByKid?.meta?.publicKeyJwk).toBeDefined()
19
+ expect(fetchByKid?.meta?.publicKeyPEM).toBeDefined()
20
+ expect(fetchByKid.type).toEqual('RSA')
21
+ const fetchByPublicKeyHex = await kms.keyManagerGet({ kid: key.publicKeyHex })
22
+ expect(fetchByPublicKeyHex.kid).toEqual(key.kid)
23
+ expect(fetchByPublicKeyHex?.meta?.publicKeyJwk).toBeDefined()
24
+ expect(fetchByPublicKeyHex?.meta?.publicKeyPEM).toBeDefined()
25
+ const deleteByPublicKeyHex = await kms.keyManagerDelete({ kid: key.publicKeyHex })
26
+ expect(deleteByPublicKeyHex).toBeTruthy()
27
+ })
28
+
29
+ it('should create and fetch a X25519 key', async () => {
30
+ const key = await kms.keyManagerCreate({ type: 'X25519', kms: 'local' })
31
+ const fetchByKid = await kms.keyManagerGet({ kid: key.kid })
32
+ expect(fetchByKid.type).toEqual('X25519')
33
+ expect(fetchByKid.kid).toEqual(key.kid)
34
+ expect(fetchByKid.publicKeyHex).toEqual(key.publicKeyHex)
35
+ })
36
+
37
+ it('should create and fetch a Ed25519 key', async () => {
38
+ const key = await kms.keyManagerCreate({ type: 'Ed25519', kms: 'local' })
39
+ const fetchByKid = await kms.keyManagerGet({ kid: key.kid })
40
+ expect(fetchByKid.type).toEqual('Ed25519')
41
+ expect(fetchByKid.kid).toEqual(key.kid)
42
+ expect(fetchByKid.publicKeyHex).toEqual(key.publicKeyHex)
43
+ const fetchByPublicKeyHex = await kms.keyManagerGet({ kid: key.publicKeyHex })
44
+ expect(fetchByPublicKeyHex.kid).toEqual(key.kid)
45
+ })
46
+
47
+ it('should create and fetch a Secp256k1 key', async () => {
48
+ const key = await kms.keyManagerCreate({ type: 'Secp256k1', kms: 'local' })
49
+ const fetchByKid = await kms.keyManagerGet({ kid: key.kid })
50
+ expect(fetchByKid.type).toEqual('Secp256k1')
51
+ expect(fetchByKid.kid).toEqual(key.kid)
52
+ expect(fetchByKid.publicKeyHex).toEqual(key.publicKeyHex)
53
+ expect(fetchByKid?.meta?.algorithms).toEqual(['ES256K', 'ES256K-R', 'eth_signTransaction', 'eth_signTypedData', 'eth_signMessage', 'eth_rawSign'])
54
+ const fetchByPublicKeyHex = await kms.keyManagerGet({ kid: key.publicKeyHex })
55
+ expect(fetchByPublicKeyHex.kid).toEqual(key.kid)
56
+ const fetchByThumbprint = await kms.keyManagerGet({ kid: key?.meta?.jwkThumbprint })
57
+ expect(fetchByThumbprint.kid).toEqual(fetchByThumbprint.kid)
58
+ })
59
+
60
+ it('should create and fetch a Secp256r1 key', async () => {
61
+ const key = await kms.keyManagerCreate({ type: 'Secp256r1', kms: 'local' })
62
+ const fetchByKid = await kms.keyManagerGet({ kid: key.kid })
63
+ expect(fetchByKid.kid).toEqual(key.kid)
64
+ expect(fetchByKid.type).toEqual('Secp256r1')
65
+ expect(fetchByKid.publicKeyHex).toEqual(key.publicKeyHex)
66
+ expect(fetchByKid?.meta?.algorithms).toEqual(['ES256'])
67
+ const fetchByPublicKeyHex = await kms.keyManagerGet({ kid: key.publicKeyHex })
68
+ expect(fetchByPublicKeyHex.kid).toEqual(key.kid)
69
+ const fetchByThumbprint = await kms.keyManagerGet({ kid: key?.meta?.jwkThumbprint })
70
+ expect(fetchByThumbprint.kid).toEqual(fetchByThumbprint.kid)
71
+ })
72
+ })
package/src/agent/SphereonKeyManager.ts CHANGED
@@ -1,18 +1,30 @@
1
- import { KeyManager as VeramoKeyManager, AbstractKeyManagementSystem, AbstractKeyStore } from '@veramo/key-manager'
1
+ import { calculateJwkThumbprintForKey, toJwk, verifySignatureWithSubtle } from '@sphereon/ssi-sdk-ext.key-utils'
2
+ import { IKey, KeyMetadata, ManagedKeyInfo } from '@veramo/core'
3
+ import { AbstractKeyManagementSystem, AbstractKeyStore, KeyManager as VeramoKeyManager } from '@veramo/key-manager'
4
+ import {
5
+ hasKeyOptions,
6
+ IKeyManagerGetArgs,
7
+ ISphereonKeyManager,
8
+ ISphereonKeyManagerCreateArgs,
9
+ ISphereonKeyManagerHandleExpirationsArgs,
10
+ ISphereonKeyManagerSignArgs,
11
+ ISphereonKeyManagerVerifyArgs,
12
+ } from '../types/ISphereonKeyManager'
2
13
 
3
- import { IKey, ManagedKeyInfo, TKeyType } from '@veramo/core'
4
- import { KeyType, SphereonKeyManagementSystem } from '@sphereon/ssi-sdk-ext.kms-local'
5
- import { ISphereonKeyManager, ISphereonKeyManagerSignArgs, ISphereonKeyManagerVerifyArgs } from '../types/ISphereonKeyManager'
14
+ import * as u8a from 'uint8arrays'
6
15
 
7
16
  export const sphereonKeyManagerMethods: Array<string> = [
8
17
  'keyManagerCreate',
18
+ 'keyManagerGet',
9
19
  'keyManagerImport',
10
20
  'keyManagerSign',
11
21
  'keyManagerVerify',
12
22
  'keyManagerListKeys',
23
+ 'keyManagerHandleExpirations',
13
24
  ]
14
25
 
15
26
  export class SphereonKeyManager extends VeramoKeyManager {
27
+ // local store reference, given the superclass store is private, and we need additional functions/calls
16
28
  private localStore: AbstractKeyStore
17
29
  private readonly availableKMSes: Record<string, AbstractKeyManagementSystem>
18
30
  readonly localMethods: ISphereonKeyManager
@@ -27,35 +39,103 @@ export class SphereonKeyManager extends VeramoKeyManager {
27
39
  this.localMethods = <ISphereonKeyManager>(<unknown>methods)
28
40
  }
29
41
 
30
- private getAvailableKms(name: string): AbstractKeyManagementSystem {
31
- const kms = this.availableKMSes[name]
32
- if (!kms) {
33
- throw Error(`invalid_argument: This agent has no registered KeyManagementSystem with name='${name}'`)
42
+ override async keyManagerCreate(args: ISphereonKeyManagerCreateArgs): Promise<ManagedKeyInfo> {
43
+ const kms = this.getKmsByName(args.kms)
44
+ const meta: KeyMetadata = { ...args.meta, ...(args.opts && { opts: args.opts }) }
45
+ if (hasKeyOptions(meta) && meta.opts?.ephemeral && !meta.opts.expiration?.removalDate) {
46
+ // Make sure we set a delete date on an ephemeral key
47
+ meta.opts = {
48
+ ...meta.opts,
49
+ expiration: { ...meta.opts?.expiration, removalDate: new Date(Date.now() + 5 * 60 * 1000) },
50
+ }
34
51
  }
35
- return kms
52
+ const partialKey = await kms.createKey({ type: args.type, meta })
53
+ const key: IKey = { ...partialKey, kms: args.kms }
54
+ key.meta = { ...meta, ...key.meta }
55
+ key.meta.jwkThumbprint = key.meta.jwkThumbprint ?? calculateJwkThumbprintForKey({ key })
56
+
57
+ await this.localStore.import(key)
58
+ if (key.privateKeyHex) {
59
+ // Make sure to not export the private key
60
+ delete key.privateKeyHex
61
+ }
62
+ return key
36
63
  }
37
64
 
38
65
  //FIXME extend the IKeyManagerSignArgs.data to be a string or array of strings
66
+
39
67
  async keyManagerSign(args: ISphereonKeyManagerSignArgs): Promise<string> {
40
68
  const keyInfo: IKey = (await this.localStore.get({ kid: args.keyRef })) as IKey
41
- const kms = this.getAvailableKms(keyInfo.kms)
42
- if (keyInfo.type === <TKeyType>KeyType.Bls12381G2) {
69
+ const kms = this.getKmsByName(keyInfo.kms)
70
+ if (keyInfo.type === 'Bls12381G2') {
43
71
  return await kms.sign({ keyRef: keyInfo, data: Uint8Array.from(Buffer.from(args.data)) })
44
72
  }
45
- // @ts-ignore
73
+ // @ts-ignore // we can pass in uint8arrays as well, which the super also can handle but does not expose in its types
46
74
  return await super.keyManagerSign(args)
47
75
  }
48
76
 
49
77
  async keyManagerVerify(args: ISphereonKeyManagerVerifyArgs): Promise<boolean> {
50
- const kms = this.getAvailableKms(args.kms)
51
- if (('verify' in kms && typeof kms.verify === 'function') || kms instanceof SphereonKeyManagementSystem) {
52
- // @ts-ignore
53
- return await kms.verify(args)
78
+ if (args.kms) {
79
+ const kms = this.getKmsByName(args.kms)
80
+ if (kms && 'verify' in kms && typeof kms.verify === 'function') {
81
+ // @ts-ignore
82
+ return await kms.verify(args)
83
+ }
54
84
  }
55
- throw Error(`KMS ${kms} does not support verification`)
85
+ return await verifySignatureWithSubtle({
86
+ key: toJwk(args.publicKeyHex, args.type),
87
+ data: args.data,
88
+ signature: u8a.fromString(args.signature, 'utf-8'),
89
+ })
56
90
  }
57
91
 
58
92
  async keyManagerListKeys(): Promise<ManagedKeyInfo[]> {
59
- return this.localStore.list({}) // FIXME there are no args it seems
93
+ return this.localStore.list({})
94
+ }
95
+
96
+ async keyManagerHandleExpirations(args: ISphereonKeyManagerHandleExpirationsArgs): Promise<Array<ManagedKeyInfo>> {
97
+ const keys = await this.keyManagerListKeys()
98
+ const expiredKeys = keys
99
+ .filter((key) => hasKeyOptions(key.meta))
100
+ .filter((key) => {
101
+ if (hasKeyOptions(key.meta) && key.meta?.opts?.expiration) {
102
+ const expiration = key.meta.opts.expiration
103
+ return !(expiration.expiryDate && expiration.expiryDate.getMilliseconds() > Date.now())
104
+ }
105
+ return false
106
+ })
107
+ if (args.skipRemovals !== true) {
108
+ await Promise.all(expiredKeys.map((key) => this.keyManagerDelete({ kid: key.kid })))
109
+ }
110
+ return keys
111
+ }
112
+
113
+ private getKmsByName(name: string): AbstractKeyManagementSystem {
114
+ const kms = this.availableKMSes[name]
115
+ if (!kms) {
116
+ throw Error(`invalid_argument: This agent has no registered KeyManagementSystem with name='${name}'`)
117
+ }
118
+ return kms
119
+ }
120
+
121
+ //todo https://sphereon.atlassian.net/browse/SDK-28 improve the logic for keyManagerGet in sphereon-key-manager
122
+ async keyManagerGet({ kid }: IKeyManagerGetArgs): Promise<IKey> {
123
+ try {
124
+ const key = await this.localStore.get({ kid })
125
+ return key
126
+ } catch (e) {
127
+ const keys: ManagedKeyInfo[] = await this.keyManagerListKeys()
128
+ const foundKey = keys.find(
129
+ (key) =>
130
+ key.publicKeyHex === kid ||
131
+ key.meta?.jwkThumbprint === kid ||
132
+ (key.meta?.jwkThumbprint == null && calculateJwkThumbprintForKey({ key }) === kid)
133
+ )
134
+ if (foundKey) {
135
+ return foundKey as IKey
136
+ } else {
137
+ throw new Error(`Key with kid ${kid} not found`)
138
+ }
139
+ }
60
140
  }
61
141
  }
package/src/types/ISphereonKeyManager.ts CHANGED
@@ -4,7 +4,7 @@ import { ManagedKeyInfo } from '@veramo/core'
4
4
  export type PartialKey = ManagedKeyInfo & { privateKeyHex: string }
5
5
 
6
6
  export interface ISphereonKeyManager extends IKeyManager, IPluginMethodMap {
7
- keyManagerCreate(args: IKeyManagerCreateArgs): Promise<PartialKey>
7
+ keyManagerCreate(args: ISphereonKeyManagerCreateArgs): Promise<PartialKey>
8
8
 
9
9
  keyManagerImport(key: MinimalImportableKey): Promise<PartialKey>
10
10
 
@@ -19,13 +19,34 @@ export interface ISphereonKeyManager extends IKeyManager, IPluginMethodMap {
19
19
  keyManagerVerify(args: ISphereonKeyManagerVerifyArgs): Promise<boolean>
20
20
 
21
21
  keyManagerListKeys(): Promise<Array<ManagedKeyInfo>>
22
+
23
+ /**
24
+ * Set keys to expired and remove keys eligible for deletion.
25
+ * @param args
26
+ */
27
+ keyManagerHandleExpirations(args: ISphereonKeyManagerHandleExpirationsArgs): Promise<Array<ManagedKeyInfo>>
28
+ }
29
+
30
+ export interface IkeyOptions {
31
+ /**
32
+ * Is this a temporary key?
33
+ */
34
+ ephemeral?: boolean
35
+
36
+ /**
37
+ * Expiration and remove the key
38
+ */
39
+ expiration?: {
40
+ expiryDate?: Date
41
+ removalDate?: Date
42
+ }
22
43
  }
23
44
 
24
45
  /**
25
46
  * Input arguments for {@link ISphereonKeyManager.keyManagerCreate | keyManagerCreate}
26
47
  * @public
27
48
  */
28
- export interface IKeyManagerCreateArgs {
49
+ export interface ISphereonKeyManagerCreateArgs {
29
50
  /**
30
51
  * Key type
31
52
  */
@@ -36,12 +57,21 @@ export interface IKeyManagerCreateArgs {
36
57
  */
37
58
  kms: string
38
59
 
60
+ /**
61
+ * Key options
62
+ */
63
+ opts?: IkeyOptions
64
+
39
65
  /**
40
66
  * Optional. Key meta data
41
67
  */
42
68
  meta?: KeyMetadata
43
69
  }
44
70
 
71
+ export function hasKeyOptions(object: any): object is { opts?: IkeyOptions } {
72
+ return object!! && 'opts' in object && ('ephemeral' in object.opts || 'expiration' in object.opts)
73
+ }
74
+
45
75
  /**
46
76
  * Input arguments for {@link ISphereonKeyManager.keyManagerGet | keyManagerGet}
47
77
  * @public
@@ -76,11 +106,17 @@ export interface ISphereonKeyManagerSignArgs extends IKeyManagerSignArgs {
76
106
  data: string | Uint8Array
77
107
  }
78
108
 
109
+ export interface ISphereonKeyManagerHandleExpirationsArgs {
110
+ skipRemovals?: boolean
111
+ }
112
+
79
113
  export interface ISphereonKeyManagerVerifyArgs {
80
- kms: string
114
+ kms?: string
81
115
  publicKeyHex: string
82
116
  type: TKeyType
83
117
  algorithm?: string
84
118
  data: Uint8Array
85
119
  signature: string
86
120
  }
121
+
122
+ export const isDefined = <T extends unknown>(object: T | undefined): object is T => object !== undefined