@sphereon/ssi-sdk-ext.key-manager 0.24.1-unstable.54 → 0.24.1-unstable.71

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. package/dist/agent/SphereonKeyManager.d.ts +6 -4
  2. package/dist/agent/SphereonKeyManager.d.ts.map +1 -1
  3. package/dist/agent/SphereonKeyManager.js +57 -14
  4. package/dist/agent/SphereonKeyManager.js.map +1 -1
  5. package/dist/ssi-sdk-ext.key-manager.d.ts +56 -22
  6. package/dist/types/ISphereonKeyManager.d.ts +31 -2
  7. package/dist/types/ISphereonKeyManager.d.ts.map +1 -1
  8. package/dist/types/ISphereonKeyManager.js +7 -0
  9. package/dist/types/ISphereonKeyManager.js.map +1 -1
  10. package/package.json +4 -4
  11. package/plugin.schema.json +66 -19
  12. package/src/__tests__/SphereonKeyManager.test.ts +0 -2
  13. package/src/agent/SphereonKeyManager.ts +67 -16
  14. package/src/types/ISphereonKeyManager.ts +38 -2
package/dist/agent/SphereonKeyManager.d.ts CHANGED
@@ -1,6 +1,6 @@
1
- import { KeyManager as VeramoKeyManager, AbstractKeyManagementSystem, AbstractKeyStore } from '@veramo/key-manager';
2
- import { IKey, IKeyManagerGetArgs, ManagedKeyInfo } from '@veramo/core';
3
- import { ISphereonKeyManager, ISphereonKeyManagerSignArgs, ISphereonKeyManagerVerifyArgs } from '../types/ISphereonKeyManager';
1
+ import { IKey, ManagedKeyInfo } from '@veramo/core';
2
+ import { AbstractKeyManagementSystem, AbstractKeyStore, KeyManager as VeramoKeyManager } from '@veramo/key-manager';
3
+ import { IKeyManagerGetArgs, ISphereonKeyManager, ISphereonKeyManagerCreateArgs, ISphereonKeyManagerHandleExpirationsArgs, ISphereonKeyManagerSignArgs, ISphereonKeyManagerVerifyArgs } from '../types/ISphereonKeyManager';
4
4
  export declare const sphereonKeyManagerMethods: Array<string>;
5
5
  export declare class SphereonKeyManager extends VeramoKeyManager {
6
6
  private localStore;
@@ -10,10 +10,12 @@ export declare class SphereonKeyManager extends VeramoKeyManager {
10
10
  store: AbstractKeyStore;
11
11
  kms: Record<string, AbstractKeyManagementSystem>;
12
12
  });
13
- private getAvailableKms;
13
+ keyManagerCreate(args: ISphereonKeyManagerCreateArgs): Promise<ManagedKeyInfo>;
14
14
  keyManagerSign(args: ISphereonKeyManagerSignArgs): Promise<string>;
15
15
  keyManagerVerify(args: ISphereonKeyManagerVerifyArgs): Promise<boolean>;
16
16
  keyManagerListKeys(): Promise<ManagedKeyInfo[]>;
17
+ keyManagerHandleExpirations(args: ISphereonKeyManagerHandleExpirationsArgs): Promise<Array<ManagedKeyInfo>>;
18
+ private getKmsByName;
17
19
  keyManagerGet({ kid }: IKeyManagerGetArgs): Promise<IKey>;
18
20
  }
19
21
  //# sourceMappingURL=SphereonKeyManager.d.ts.map
package/dist/agent/SphereonKeyManager.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"SphereonKeyManager.d.ts","sourceRoot":"","sources":["../../src/agent/SphereonKeyManager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,IAAI,gBAAgB,EAAE,2BAA2B,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAA;AAEnH,OAAO,EAAE,IAAI,EAAE,kBAAkB,EAAE,cAAc,EAAY,MAAM,cAAc,CAAA;AAEjF,OAAO,EAAE,mBAAmB,EAAE,2BAA2B,EAAE,6BAA6B,EAAE,MAAM,8BAA8B,CAAA;AAG9H,eAAO,MAAM,yBAAyB,EAAE,KAAK,CAAC,MAAM,CAMnD,CAAA;AAED,qBAAa,kBAAmB,SAAQ,gBAAgB;IACtD,OAAO,CAAC,UAAU,CAAkB;IACpC,OAAO,CAAC,QAAQ,CAAC,cAAc,CAA6C;IAC5E,QAAQ,CAAC,YAAY,EAAE,mBAAmB,CAAA;gBAE9B,OAAO,EAAE;QAAE,KAAK,EAAE,gBAAgB,CAAC;QAAC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,2BAA2B,CAAC,CAAA;KAAE;IAUlG,OAAO,CAAC,eAAe;IASjB,cAAc,CAAC,IAAI,EAAE,2BAA2B,GAAG,OAAO,CAAC,MAAM,CAAC;IAUlE,gBAAgB,CAAC,IAAI,EAAE,6BAA6B,GAAG,OAAO,CAAC,OAAO,CAAC;IASvE,kBAAkB,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;IAI/C,aAAa,CAAC,EAAE,GAAG,EAAE,EAAE,kBAAkB,GAAG,OAAO,CAAC,IAAI,CAAC;CAmBhE"}
1
+ {"version":3,"file":"SphereonKeyManager.d.ts","sourceRoot":"","sources":["../../src/agent/SphereonKeyManager.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAe,cAAc,EAAE,MAAM,cAAc,CAAA;AAChE,OAAO,EAAE,2BAA2B,EAAE,gBAAgB,EAAE,UAAU,IAAI,gBAAgB,EAAE,MAAM,qBAAqB,CAAA;AACnH,OAAO,EAEL,kBAAkB,EAClB,mBAAmB,EACnB,6BAA6B,EAC7B,wCAAwC,EACxC,2BAA2B,EAC3B,6BAA6B,EAC9B,MAAM,8BAA8B,CAAA;AAErC,eAAO,MAAM,yBAAyB,EAAE,KAAK,CAAC,MAAM,CAQnD,CAAA;AAED,qBAAa,kBAAmB,SAAQ,gBAAgB;IAEtD,OAAO,CAAC,UAAU,CAAkB;IACpC,OAAO,CAAC,QAAQ,CAAC,cAAc,CAA6C;IAC5E,QAAQ,CAAC,YAAY,EAAE,mBAAmB,CAAA;gBAE9B,OAAO,EAAE;QAAE,KAAK,EAAE,gBAAgB,CAAC;QAAC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,2BAA2B,CAAC,CAAA;KAAE;IAUnF,gBAAgB,CAAC,IAAI,EAAE,6BAA6B,GAAG,OAAO,CAAC,cAAc,CAAC;IAyBvF,cAAc,CAAC,IAAI,EAAE,2BAA2B,GAAG,OAAO,CAAC,MAAM,CAAC;IAUlE,gBAAgB,CAAC,IAAI,EAAE,6BAA6B,GAAG,OAAO,CAAC,OAAO,CAAC;IASvE,kBAAkB,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;IAI/C,2BAA2B,CAAC,IAAI,EAAE,wCAAwC,GAAG,OAAO,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC;IAiBjH,OAAO,CAAC,YAAY;IASd,aAAa,CAAC,EAAE,GAAG,EAAE,EAAE,kBAAkB,GAAG,OAAO,CAAC,IAAI,CAAC;CAmBhE"}
package/dist/agent/SphereonKeyManager.js CHANGED
@@ -10,15 +10,17 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
10
10
  };
11
11
  Object.defineProperty(exports, "__esModule", { value: true });
12
12
  exports.SphereonKeyManager = exports.sphereonKeyManagerMethods = void 0;
13
- const key_manager_1 = require("@veramo/key-manager");
14
- const ssi_sdk_ext_kms_local_1 = require("@sphereon/ssi-sdk-ext.kms-local");
15
13
  const ssi_sdk_ext_key_utils_1 = require("@sphereon/ssi-sdk-ext.key-utils");
14
+ const key_manager_1 = require("@veramo/key-manager");
15
+ const ISphereonKeyManager_1 = require("../types/ISphereonKeyManager");
16
16
  exports.sphereonKeyManagerMethods = [
17
17
  'keyManagerCreate',
18
+ 'keyManagerGet',
18
19
  'keyManagerImport',
19
20
  'keyManagerSign',
20
21
  'keyManagerVerify',
21
22
  'keyManagerListKeys',
23
+ 'keyManagerHandleExpirations',
22
24
  ];
23
25
  class SphereonKeyManager extends key_manager_1.KeyManager {
24
26
  constructor(options) {
@@ -30,12 +32,26 @@ class SphereonKeyManager extends key_manager_1.KeyManager {
30
32
  methods.keyManagerListKeys = this.keyManagerListKeys.bind(this);
31
33
  this.localMethods = methods;
32
34
  }
33
- getAvailableKms(name) {
34
- const kms = this.availableKMSes[name];
35
- if (!kms) {
36
- throw Error(`invalid_argument: This agent has no registered KeyManagementSystem with name='${name}'`);
37
- }
38
- return kms;
35
+ keyManagerCreate(args) {
36
+ return __awaiter(this, void 0, void 0, function* () {
37
+ var _a, _b, _c, _d;
38
+ const kms = this.getKmsByName(args.kms);
39
+ const meta = Object.assign(Object.assign({}, args.meta), (args.opts && { opts: args.opts }));
40
+ if ((0, ISphereonKeyManager_1.hasKeyOptions)(meta) && ((_a = meta.opts) === null || _a === void 0 ? void 0 : _a.ephemeral) && !((_b = meta.opts.expiration) === null || _b === void 0 ? void 0 : _b.removalDate)) {
41
+ // Make sure we set a delete date on an ephemeral key
42
+ meta.opts = Object.assign(Object.assign({}, meta.opts), { expiration: Object.assign(Object.assign({}, (_c = meta.opts) === null || _c === void 0 ? void 0 : _c.expiration), { removalDate: new Date(Date.now() + 5 * 60 * 1000) }) });
43
+ }
44
+ const partialKey = yield kms.createKey({ type: args.type, meta });
45
+ const key = Object.assign(Object.assign({}, partialKey), { kms: args.kms });
46
+ key.meta = Object.assign(Object.assign({}, meta), key.meta);
47
+ key.meta.jwkThumbprint = (_d = key.meta.jwkThumbprint) !== null && _d !== void 0 ? _d : (0, ssi_sdk_ext_key_utils_1.calculateJwkThumbprintForKey)({ key });
48
+ yield this.localStore.import(key);
49
+ if (key.privateKeyHex) {
50
+ // Make sure to not export the private key
51
+ delete key.privateKeyHex;
52
+ }
53
+ return key;
54
+ });
39
55
  }
40
56
  //FIXME extend the IKeyManagerSignArgs.data to be a string or array of strings
41
57
  keyManagerSign(args) {
@@ -44,18 +60,18 @@ class SphereonKeyManager extends key_manager_1.KeyManager {
44
60
  });
45
61
  return __awaiter(this, void 0, void 0, function* () {
46
62
  const keyInfo = (yield this.localStore.get({ kid: args.keyRef }));
47
- const kms = this.getAvailableKms(keyInfo.kms);
48
- if (keyInfo.type === ssi_sdk_ext_kms_local_1.KeyType.Bls12381G2) {
63
+ const kms = this.getKmsByName(keyInfo.kms);
64
+ if (keyInfo.type === 'Bls12381G2') {
49
65
  return yield kms.sign({ keyRef: keyInfo, data: Uint8Array.from(Buffer.from(args.data)) });
50
66
  }
51
- // @ts-ignore
67
+ // @ts-ignore // we can pass in uint8arrays as well, which the super also can handle but does not expose in its types
52
68
  return yield _super.keyManagerSign.call(this, args);
53
69
  });
54
70
  }
55
71
  keyManagerVerify(args) {
56
72
  return __awaiter(this, void 0, void 0, function* () {
57
- const kms = this.getAvailableKms(args.kms);
58
- if (('verify' in kms && typeof kms.verify === 'function') || kms instanceof ssi_sdk_ext_kms_local_1.SphereonKeyManagementSystem) {
73
+ const kms = this.getKmsByName(args.kms);
74
+ if ('verify' in kms && typeof kms.verify === 'function') {
59
75
  // @ts-ignore
60
76
  return yield kms.verify(args);
61
77
  }
@@ -64,9 +80,36 @@ class SphereonKeyManager extends key_manager_1.KeyManager {
64
80
  }
65
81
  keyManagerListKeys() {
66
82
  return __awaiter(this, void 0, void 0, function* () {
67
- return this.localStore.list({}); // FIXME there are no args it seems
83
+ return this.localStore.list({});
68
84
  });
69
85
  }
86
+ keyManagerHandleExpirations(args) {
87
+ return __awaiter(this, void 0, void 0, function* () {
88
+ const keys = yield this.keyManagerListKeys();
89
+ const expiredKeys = keys
90
+ .filter((key) => (0, ISphereonKeyManager_1.hasKeyOptions)(key.meta))
91
+ .filter((key) => {
92
+ var _a, _b;
93
+ if ((0, ISphereonKeyManager_1.hasKeyOptions)(key.meta) && ((_b = (_a = key.meta) === null || _a === void 0 ? void 0 : _a.opts) === null || _b === void 0 ? void 0 : _b.expiration)) {
94
+ const expiration = key.meta.opts.expiration;
95
+ return !(expiration.expiryDate && expiration.expiryDate.getMilliseconds() > Date.now());
96
+ }
97
+ return false;
98
+ });
99
+ if (args.skipRemovals !== true) {
100
+ yield Promise.all(expiredKeys.map((key) => this.keyManagerDelete({ kid: key.kid })));
101
+ }
102
+ return keys;
103
+ });
104
+ }
105
+ getKmsByName(name) {
106
+ const kms = this.availableKMSes[name];
107
+ if (!kms) {
108
+ throw Error(`invalid_argument: This agent has no registered KeyManagementSystem with name='${name}'`);
109
+ }
110
+ return kms;
111
+ }
112
+ //todo https://sphereon.atlassian.net/browse/SDK-28 improve the logic for keyManagerGet in sphereon-key-manager
70
113
  keyManagerGet(_a) {
71
114
  return __awaiter(this, arguments, void 0, function* ({ kid }) {
72
115
  try {
package/dist/agent/SphereonKeyManager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"SphereonKeyManager.js","sourceRoot":"","sources":["../../src/agent/SphereonKeyManager.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,qDAAmH;AAGnH,2EAAsF;AAEtF,2EAA8E;AAEjE,QAAA,yBAAyB,GAAkB;IACtD,kBAAkB;IAClB,kBAAkB;IAClB,gBAAgB;IAChB,kBAAkB;IAClB,oBAAoB;CACrB,CAAA;AAED,MAAa,kBAAmB,SAAQ,wBAAgB;IAKtD,YAAY,OAAsF;QAChG,KAAK,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,GAAG,EAAE,OAAO,CAAC,GAAG,EAAE,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,GAAG,OAAO,CAAC,KAAK,CAAA;QAC/B,IAAI,CAAC,cAAc,GAAG,OAAO,CAAC,GAAG,CAAA;QACjC,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAC5B,OAAO,CAAC,gBAAgB,GAAG,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAC3D,OAAO,CAAC,kBAAkB,GAAG,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAC/D,IAAI,CAAC,YAAY,GAAkC,OAAQ,CAAA;IAC7D,CAAC;IAEO,eAAe,CAAC,IAAY;QAClC,MAAM,GAAG,GAAG,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,CAAA;QACrC,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,MAAM,KAAK,CAAC,iFAAiF,IAAI,GAAG,CAAC,CAAA;QACvG,CAAC;QACD,OAAO,GAAG,CAAA;IACZ,CAAC;IAED,8EAA8E;IACxE,cAAc,CAAC,IAAiC;;;;;YACpD,MAAM,OAAO,GAAS,CAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,CAAS,CAAA;YAC/E,MAAM,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;YAC7C,IAAI,OAAO,CAAC,IAAI,KAAe,+BAAO,CAAC,UAAU,EAAE,CAAC;gBAClD,OAAO,MAAM,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,CAAA;YAC3F,CAAC;YACD,aAAa;YACb,OAAO,MAAM,OAAM,cAAc,YAAC,IAAI,CAAC,CAAA;QACzC,CAAC;KAAA;IAEK,gBAAgB,CAAC,IAAmC;;YACxD,MAAM,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;YAC1C,IAAI,CAAC,QAAQ,IAAI,GAAG,IAAI,OAAO,GAAG,CAAC,MAAM,KAAK,UAAU,CAAC,IAAI,GAAG,YAAY,mDAA2B,EAAE,CAAC;gBACxG,aAAa;gBACb,OAAO,MAAM,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;YAC/B,CAAC;YACD,MAAM,KAAK,CAAC,OAAO,GAAG,gCAAgC,CAAC,CAAA;QACzD,CAAC;KAAA;IAEK,kBAAkB;;YACtB,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA,CAAC,mCAAmC;QACrE,CAAC;KAAA;IAEK,aAAa;6DAAC,EAAE,GAAG,EAAsB;YAC7C,IAAI,CAAC;gBACH,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAA;gBAC9C,OAAO,GAAG,CAAA;YACZ,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,MAAM,IAAI,GAAqB,MAAM,IAAI,CAAC,kBAAkB,EAAE,CAAA;gBAC9D,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CACxB,CAAC,GAAG,EAAE,EAAE;;oBACN,OAAA,GAAG,CAAC,YAAY,KAAK,GAAG;wBACxB,CAAA,MAAA,GAAG,CAAC,IAAI,0CAAE,aAAa,MAAK,GAAG;wBAC/B,CAAC,CAAA,MAAA,GAAG,CAAC,IAAI,0CAAE,aAAa,KAAI,IAAI,IAAI,IAAA,oDAA4B,EAAC,EAAE,GAAG,EAAE,CAAC,KAAK,GAAG,CAAC,CAAA;iBAAA,CACrF,CAAA;gBACD,IAAI,QAAQ,EAAE,CAAC;oBACb,OAAO,QAAgB,CAAA;gBACzB,CAAC;qBAAM,CAAC;oBACN,MAAM,IAAI,KAAK,CAAC,gBAAgB,GAAG,YAAY,CAAC,CAAA;gBAClD,CAAC;YACH,CAAC;QACH,CAAC;KAAA;CACF;AAlED,gDAkEC"}
1
+ {"version":3,"file":"SphereonKeyManager.js","sourceRoot":"","sources":["../../src/agent/SphereonKeyManager.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2EAA8E;AAE9E,qDAAmH;AACnH,sEAQqC;AAExB,QAAA,yBAAyB,GAAkB;IACtD,kBAAkB;IAClB,eAAe;IACf,kBAAkB;IAClB,gBAAgB;IAChB,kBAAkB;IAClB,oBAAoB;IACpB,6BAA6B;CAC9B,CAAA;AAED,MAAa,kBAAmB,SAAQ,wBAAgB;IAMtD,YAAY,OAAsF;QAChG,KAAK,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,GAAG,EAAE,OAAO,CAAC,GAAG,EAAE,CAAC,CAAA;QACjD,IAAI,CAAC,UAAU,GAAG,OAAO,CAAC,KAAK,CAAA;QAC/B,IAAI,CAAC,cAAc,GAAG,OAAO,CAAC,GAAG,CAAA;QACjC,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;QAC5B,OAAO,CAAC,gBAAgB,GAAG,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAC3D,OAAO,CAAC,kBAAkB,GAAG,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAC/D,IAAI,CAAC,YAAY,GAAkC,OAAQ,CAAA;IAC7D,CAAC;IAEc,gBAAgB,CAAC,IAAmC;;;YACjE,MAAM,GAAG,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;YACvC,MAAM,IAAI,mCAAqB,IAAI,CAAC,IAAI,GAAK,CAAC,IAAI,CAAC,IAAI,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,CAAE,CAAA;YACjF,IAAI,IAAA,mCAAa,EAAC,IAAI,CAAC,KAAI,MAAA,IAAI,CAAC,IAAI,0CAAE,SAAS,CAAA,IAAI,CAAC,CAAA,MAAA,IAAI,CAAC,IAAI,CAAC,UAAU,0CAAE,WAAW,CAAA,EAAE,CAAC;gBACtF,qDAAqD;gBACrD,IAAI,CAAC,IAAI,mCACJ,IAAI,CAAC,IAAI,KACZ,UAAU,kCAAO,MAAA,IAAI,CAAC,IAAI,0CAAE,UAAU,KAAE,WAAW,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,MAC1F,CAAA;YACH,CAAC;YACD,MAAM,UAAU,GAAG,MAAM,GAAG,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAA;YACjE,MAAM,GAAG,mCAAc,UAAU,KAAE,GAAG,EAAE,IAAI,CAAC,GAAG,GAAE,CAAA;YAClD,GAAG,CAAC,IAAI,mCAAQ,IAAI,GAAK,GAAG,CAAC,IAAI,CAAE,CAAA;YACnC,GAAG,CAAC,IAAI,CAAC,aAAa,GAAG,MAAA,GAAG,CAAC,IAAI,CAAC,aAAa,mCAAI,IAAA,oDAA4B,EAAC,EAAE,GAAG,EAAE,CAAC,CAAA;YAExF,MAAM,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA;YACjC,IAAI,GAAG,CAAC,aAAa,EAAE,CAAC;gBACtB,0CAA0C;gBAC1C,OAAO,GAAG,CAAC,aAAa,CAAA;YAC1B,CAAC;YACD,OAAO,GAAG,CAAA;QACZ,CAAC;KAAA;IAED,8EAA8E;IAExE,cAAc,CAAC,IAAiC;;;;;YACpD,MAAM,OAAO,GAAS,CAAC,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,CAAS,CAAA;YAC/E,MAAM,GAAG,GAAG,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;YAC1C,IAAI,OAAO,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;gBAClC,OAAO,MAAM,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,CAAA;YAC3F,CAAC;YACD,qHAAqH;YACrH,OAAO,MAAM,OAAM,cAAc,YAAC,IAAI,CAAC,CAAA;QACzC,CAAC;KAAA;IAEK,gBAAgB,CAAC,IAAmC;;YACxD,MAAM,GAAG,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;YACvC,IAAI,QAAQ,IAAI,GAAG,IAAI,OAAO,GAAG,CAAC,MAAM,KAAK,UAAU,EAAE,CAAC;gBACxD,aAAa;gBACb,OAAO,MAAM,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;YAC/B,CAAC;YACD,MAAM,KAAK,CAAC,OAAO,GAAG,gCAAgC,CAAC,CAAA;QACzD,CAAC;KAAA;IAEK,kBAAkB;;YACtB,OAAO,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACjC,CAAC;KAAA;IAEK,2BAA2B,CAAC,IAA8C;;YAC9E,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,kBAAkB,EAAE,CAAA;YAC5C,MAAM,WAAW,GAAG,IAAI;iBACrB,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAA,mCAAa,EAAC,GAAG,CAAC,IAAI,CAAC,CAAC;iBACxC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE;;gBACd,IAAI,IAAA,mCAAa,EAAC,GAAG,CAAC,IAAI,CAAC,KAAI,MAAA,MAAA,GAAG,CAAC,IAAI,0CAAE,IAAI,0CAAE,UAAU,CAAA,EAAE,CAAC;oBAC1D,MAAM,UAAU,GAAG,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAA;oBAC3C,OAAO,CAAC,CAAC,UAAU,CAAC,UAAU,IAAI,UAAU,CAAC,UAAU,CAAC,eAAe,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAA;gBACzF,CAAC;gBACD,OAAO,KAAK,CAAA;YACd,CAAC,CAAC,CAAA;YACJ,IAAI,IAAI,CAAC,YAAY,KAAK,IAAI,EAAE,CAAC;gBAC/B,MAAM,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAA;YACtF,CAAC;YACD,OAAO,IAAI,CAAA;QACb,CAAC;KAAA;IAEO,YAAY,CAAC,IAAY;QAC/B,MAAM,GAAG,GAAG,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,CAAA;QACrC,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,MAAM,KAAK,CAAC,iFAAiF,IAAI,GAAG,CAAC,CAAA;QACvG,CAAC;QACD,OAAO,GAAG,CAAA;IACZ,CAAC;IAED,+GAA+G;IACzG,aAAa;6DAAC,EAAE,GAAG,EAAsB;YAC7C,IAAI,CAAC;gBACH,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAA;gBAC9C,OAAO,GAAG,CAAA;YACZ,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,MAAM,IAAI,GAAqB,MAAM,IAAI,CAAC,kBAAkB,EAAE,CAAA;gBAC9D,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CACxB,CAAC,GAAG,EAAE,EAAE;;oBACN,OAAA,GAAG,CAAC,YAAY,KAAK,GAAG;wBACxB,CAAA,MAAA,GAAG,CAAC,IAAI,0CAAE,aAAa,MAAK,GAAG;wBAC/B,CAAC,CAAA,MAAA,GAAG,CAAC,IAAI,0CAAE,aAAa,KAAI,IAAI,IAAI,IAAA,oDAA4B,EAAC,EAAE,GAAG,EAAE,CAAC,KAAK,GAAG,CAAC,CAAA;iBAAA,CACrF,CAAA;gBACD,IAAI,QAAQ,EAAE,CAAC;oBACb,OAAO,QAAgB,CAAA;gBACzB,CAAC;qBAAM,CAAC;oBACN,MAAM,IAAI,KAAK,CAAC,gBAAgB,GAAG,YAAY,CAAC,CAAA;gBAClD,CAAC;YACH,CAAC;QACH,CAAC;KAAA;CACF;AA7GD,gDA6GC"}
package/dist/ssi-sdk-ext.key-manager.d.ts CHANGED
@@ -2,7 +2,6 @@ import { AbstractKeyManagementSystem } from '@veramo/key-manager';
2
2
  import { AbstractKeyStore } from '@veramo/key-manager';
3
3
  import { IKey } from '@veramo/core';
4
4
  import { IKeyManager } from '@veramo/core';
5
- import { IKeyManagerGetArgs as IKeyManagerGetArgs_2 } from '@veramo/core';
6
5
  import { IKeyManagerSignArgs } from '@veramo/core';
7
6
  import { IPluginMethodMap } from '@veramo/core';
8
7
  import { KeyManager } from '@veramo/key-manager';
@@ -11,24 +10,9 @@ import { ManagedKeyInfo } from '@veramo/core';
11
10
  import { MinimalImportableKey } from '@veramo/core';
12
11
  import { TKeyType } from '@veramo/core';
13
12
 
14
- /**
15
- * Input arguments for {@link ISphereonKeyManager.keyManagerCreate | keyManagerCreate}
16
- * @public
17
- */
18
- export declare interface IKeyManagerCreateArgs {
19
- /**
20
- * Key type
21
- */
22
- type: TKeyType;
23
- /**
24
- * Key Management System
25
- */
26
- kms: string;
27
- /**
28
- * Optional. Key meta data
29
- */
30
- meta?: KeyMetadata;
31
- }
13
+ export declare function hasKeyOptions(object: any): object is {
14
+ opts?: IkeyOptions;
15
+ };
32
16
 
33
17
  /**
34
18
  * Input arguments for {@link ISphereonKeyManager.keyManagerDelete | keyManagerDelete}
@@ -52,8 +36,24 @@ export declare interface IKeyManagerGetArgs {
52
36
  kid: string;
53
37
  }
54
38
 
39
+ export declare interface IkeyOptions {
40
+ /**
41
+ * Is this a temporary key?
42
+ */
43
+ ephemeral?: boolean;
44
+ /**
45
+ * Expiration and remove the key
46
+ */
47
+ expiration?: {
48
+ expiryDate?: Date;
49
+ removalDate?: Date;
50
+ };
51
+ }
52
+
53
+ export declare const isDefined: <T extends unknown>(object: T | undefined) => object is T;
54
+
55
55
  export declare interface ISphereonKeyManager extends IKeyManager, IPluginMethodMap {
56
- keyManagerCreate(args: IKeyManagerCreateArgs): Promise<PartialKey>;
56
+ keyManagerCreate(args: ISphereonKeyManagerCreateArgs): Promise<PartialKey>;
57
57
  keyManagerImport(key: MinimalImportableKey): Promise<PartialKey>;
58
58
  keyManagerSign(args: ISphereonKeyManagerSignArgs): Promise<string>;
59
59
  /**
@@ -64,6 +64,38 @@ export declare interface ISphereonKeyManager extends IKeyManager, IPluginMethodM
64
64
  */
65
65
  keyManagerVerify(args: ISphereonKeyManagerVerifyArgs): Promise<boolean>;
66
66
  keyManagerListKeys(): Promise<Array<ManagedKeyInfo>>;
67
+ /**
68
+ * Set keys to expired and remove keys eligible for deletion.
69
+ * @param args
70
+ */
71
+ keyManagerHandleExpirations(args: ISphereonKeyManagerHandleExpirationsArgs): Promise<Array<ManagedKeyInfo>>;
72
+ }
73
+
74
+ /**
75
+ * Input arguments for {@link ISphereonKeyManager.keyManagerCreate | keyManagerCreate}
76
+ * @public
77
+ */
78
+ export declare interface ISphereonKeyManagerCreateArgs {
79
+ /**
80
+ * Key type
81
+ */
82
+ type: TKeyType;
83
+ /**
84
+ * Key Management System
85
+ */
86
+ kms: string;
87
+ /**
88
+ * Key options
89
+ */
90
+ opts?: IkeyOptions;
91
+ /**
92
+ * Optional. Key meta data
93
+ */
94
+ meta?: KeyMetadata;
95
+ }
96
+
97
+ export declare interface ISphereonKeyManagerHandleExpirationsArgs {
98
+ skipRemovals?: boolean;
67
99
  }
68
100
 
69
101
  /**
@@ -100,11 +132,13 @@ export declare class SphereonKeyManager extends KeyManager {
100
132
  store: AbstractKeyStore;
101
133
  kms: Record<string, AbstractKeyManagementSystem>;
102
134
  });
103
- private getAvailableKms;
135
+ keyManagerCreate(args: ISphereonKeyManagerCreateArgs): Promise<ManagedKeyInfo>;
104
136
  keyManagerSign(args: ISphereonKeyManagerSignArgs): Promise<string>;
105
137
  keyManagerVerify(args: ISphereonKeyManagerVerifyArgs): Promise<boolean>;
106
138
  keyManagerListKeys(): Promise<ManagedKeyInfo[]>;
107
- keyManagerGet({ kid }: IKeyManagerGetArgs_2): Promise<IKey>;
139
+ keyManagerHandleExpirations(args: ISphereonKeyManagerHandleExpirationsArgs): Promise<Array<ManagedKeyInfo>>;
140
+ private getKmsByName;
141
+ keyManagerGet({ kid }: IKeyManagerGetArgs): Promise<IKey>;
108
142
  }
109
143
 
110
144
  export declare const sphereonKeyManagerMethods: Array<string>;
package/dist/types/ISphereonKeyManager.d.ts CHANGED
@@ -4,7 +4,7 @@ export type PartialKey = ManagedKeyInfo & {
4
4
  privateKeyHex: string;
5
5
  };
6
6
  export interface ISphereonKeyManager extends IKeyManager, IPluginMethodMap {
7
- keyManagerCreate(args: IKeyManagerCreateArgs): Promise<PartialKey>;
7
+ keyManagerCreate(args: ISphereonKeyManagerCreateArgs): Promise<PartialKey>;
8
8
  keyManagerImport(key: MinimalImportableKey): Promise<PartialKey>;
9
9
  keyManagerSign(args: ISphereonKeyManagerSignArgs): Promise<string>;
10
10
  /**
@@ -15,12 +15,30 @@ export interface ISphereonKeyManager extends IKeyManager, IPluginMethodMap {
15
15
  */
16
16
  keyManagerVerify(args: ISphereonKeyManagerVerifyArgs): Promise<boolean>;
17
17
  keyManagerListKeys(): Promise<Array<ManagedKeyInfo>>;
18
+ /**
19
+ * Set keys to expired and remove keys eligible for deletion.
20
+ * @param args
21
+ */
22
+ keyManagerHandleExpirations(args: ISphereonKeyManagerHandleExpirationsArgs): Promise<Array<ManagedKeyInfo>>;
23
+ }
24
+ export interface IkeyOptions {
25
+ /**
26
+ * Is this a temporary key?
27
+ */
28
+ ephemeral?: boolean;
29
+ /**
30
+ * Expiration and remove the key
31
+ */
32
+ expiration?: {
33
+ expiryDate?: Date;
34
+ removalDate?: Date;
35
+ };
18
36
  }
19
37
  /**
20
38
  * Input arguments for {@link ISphereonKeyManager.keyManagerCreate | keyManagerCreate}
21
39
  * @public
22
40
  */
23
- export interface IKeyManagerCreateArgs {
41
+ export interface ISphereonKeyManagerCreateArgs {
24
42
  /**
25
43
  * Key type
26
44
  */
@@ -29,11 +47,18 @@ export interface IKeyManagerCreateArgs {
29
47
  * Key Management System
30
48
  */
31
49
  kms: string;
50
+ /**
51
+ * Key options
52
+ */
53
+ opts?: IkeyOptions;
32
54
  /**
33
55
  * Optional. Key meta data
34
56
  */
35
57
  meta?: KeyMetadata;
36
58
  }
59
+ export declare function hasKeyOptions(object: any): object is {
60
+ opts?: IkeyOptions;
61
+ };
37
62
  /**
38
63
  * Input arguments for {@link ISphereonKeyManager.keyManagerGet | keyManagerGet}
39
64
  * @public
@@ -64,6 +89,9 @@ export interface ISphereonKeyManagerSignArgs extends IKeyManagerSignArgs {
64
89
  */
65
90
  data: string | Uint8Array;
66
91
  }
92
+ export interface ISphereonKeyManagerHandleExpirationsArgs {
93
+ skipRemovals?: boolean;
94
+ }
67
95
  export interface ISphereonKeyManagerVerifyArgs {
68
96
  kms: string;
69
97
  publicKeyHex: string;
@@ -72,4 +100,5 @@ export interface ISphereonKeyManagerVerifyArgs {
72
100
  data: Uint8Array;
73
101
  signature: string;
74
102
  }
103
+ export declare const isDefined: <T extends unknown>(object: T | undefined) => object is T;
75
104
  //# sourceMappingURL=ISphereonKeyManager.d.ts.map
package/dist/types/ISphereonKeyManager.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ISphereonKeyManager.d.ts","sourceRoot":"","sources":["../../src/types/ISphereonKeyManager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,WAAW,EAAE,oBAAoB,EAAE,QAAQ,EAAE,mBAAmB,EAAE,WAAW,EAAE,MAAM,cAAc,CAAA;AAC9H,OAAO,EAAE,cAAc,EAAE,MAAM,cAAc,CAAA;AAE7C,MAAM,MAAM,UAAU,GAAG,cAAc,GAAG;IAAE,aAAa,EAAE,MAAM,CAAA;CAAE,CAAA;AAEnE,MAAM,WAAW,mBAAoB,SAAQ,WAAW,EAAE,gBAAgB;IACxE,gBAAgB,CAAC,IAAI,EAAE,qBAAqB,GAAG,OAAO,CAAC,UAAU,CAAC,CAAA;IAElE,gBAAgB,CAAC,GAAG,EAAE,oBAAoB,GAAG,OAAO,CAAC,UAAU,CAAC,CAAA;IAEhE,cAAc,CAAC,IAAI,EAAE,2BAA2B,GAAG,OAAO,CAAC,MAAM,CAAC,CAAA;IAElE;;;;;OAKG;IACH,gBAAgB,CAAC,IAAI,EAAE,6BAA6B,GAAG,OAAO,CAAC,OAAO,CAAC,CAAA;IAEvE,kBAAkB,IAAI,OAAO,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,CAAA;CACrD;AAED;;;GAGG;AACH,MAAM,WAAW,qBAAqB;IACpC;;OAEG;IACH,IAAI,EAAE,QAAQ,CAAA;IAEd;;OAEG;IACH,GAAG,EAAE,MAAM,CAAA;IAEX;;OAEG;IACH,IAAI,CAAC,EAAE,WAAW,CAAA;CACnB;AAED;;;GAGG;AACH,MAAM,WAAW,kBAAkB;IACjC;;OAEG;IACH,GAAG,EAAE,MAAM,CAAA;CACZ;AAED;;;GAGG;AACH,MAAM,WAAW,qBAAqB;IACpC;;OAEG;IACH,GAAG,EAAE,MAAM,CAAA;CACZ;AAED;;;GAGG;AAEH,MAAM,WAAW,2BAA4B,SAAQ,mBAAmB;IACtE;;OAEG;IACH,IAAI,EAAE,MAAM,GAAG,UAAU,CAAA;CAC1B;AAED,MAAM,WAAW,6BAA6B;IAC5C,GAAG,EAAE,MAAM,CAAA;IACX,YAAY,EAAE,MAAM,CAAA;IACpB,IAAI,EAAE,QAAQ,CAAA;IACd,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,IAAI,EAAE,UAAU,CAAA;IAChB,SAAS,EAAE,MAAM,CAAA;CAClB"}
1
+ {"version":3,"file":"ISphereonKeyManager.d.ts","sourceRoot":"","sources":["../../src/types/ISphereonKeyManager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,WAAW,EAAE,oBAAoB,EAAE,QAAQ,EAAE,mBAAmB,EAAE,WAAW,EAAE,MAAM,cAAc,CAAA;AAC9H,OAAO,EAAE,cAAc,EAAE,MAAM,cAAc,CAAA;AAE7C,MAAM,MAAM,UAAU,GAAG,cAAc,GAAG;IAAE,aAAa,EAAE,MAAM,CAAA;CAAE,CAAA;AAEnE,MAAM,WAAW,mBAAoB,SAAQ,WAAW,EAAE,gBAAgB;IACxE,gBAAgB,CAAC,IAAI,EAAE,6BAA6B,GAAG,OAAO,CAAC,UAAU,CAAC,CAAA;IAE1E,gBAAgB,CAAC,GAAG,EAAE,oBAAoB,GAAG,OAAO,CAAC,UAAU,CAAC,CAAA;IAEhE,cAAc,CAAC,IAAI,EAAE,2BAA2B,GAAG,OAAO,CAAC,MAAM,CAAC,CAAA;IAElE;;;;;OAKG;IACH,gBAAgB,CAAC,IAAI,EAAE,6BAA6B,GAAG,OAAO,CAAC,OAAO,CAAC,CAAA;IAEvE,kBAAkB,IAAI,OAAO,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,CAAA;IAEpD;;;OAGG;IACH,2BAA2B,CAAC,IAAI,EAAE,wCAAwC,GAAG,OAAO,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,CAAA;CAC5G;AAED,MAAM,WAAW,WAAW;IAC1B;;OAEG;IACH,SAAS,CAAC,EAAE,OAAO,CAAA;IAEnB;;OAEG;IACH,UAAU,CAAC,EAAE;QACX,UAAU,CAAC,EAAE,IAAI,CAAA;QACjB,WAAW,CAAC,EAAE,IAAI,CAAA;KACnB,CAAA;CACF;AAED;;;GAGG;AACH,MAAM,WAAW,6BAA6B;IAC5C;;OAEG;IACH,IAAI,EAAE,QAAQ,CAAA;IAEd;;OAEG;IACH,GAAG,EAAE,MAAM,CAAA;IAEX;;OAEG;IACH,IAAI,CAAC,EAAE,WAAW,CAAA;IAElB;;OAEG;IACH,IAAI,CAAC,EAAE,WAAW,CAAA;CACnB;AAED,wBAAgB,aAAa,CAAC,MAAM,EAAE,GAAG,GAAG,MAAM,IAAI;IAAE,IAAI,CAAC,EAAE,WAAW,CAAA;CAAE,CAE3E;AAED;;;GAGG;AACH,MAAM,WAAW,kBAAkB;IACjC;;OAEG;IACH,GAAG,EAAE,MAAM,CAAA;CACZ;AAED;;;GAGG;AACH,MAAM,WAAW,qBAAqB;IACpC;;OAEG;IACH,GAAG,EAAE,MAAM,CAAA;CACZ;AAED;;;GAGG;AAEH,MAAM,WAAW,2BAA4B,SAAQ,mBAAmB;IACtE;;OAEG;IACH,IAAI,EAAE,MAAM,GAAG,UAAU,CAAA;CAC1B;AAED,MAAM,WAAW,wCAAwC;IACvD,YAAY,CAAC,EAAE,OAAO,CAAA;CACvB;AAED,MAAM,WAAW,6BAA6B;IAC5C,GAAG,EAAE,MAAM,CAAA;IACX,YAAY,EAAE,MAAM,CAAA;IACpB,IAAI,EAAE,QAAQ,CAAA;IACd,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,IAAI,EAAE,UAAU,CAAA;IAChB,SAAS,EAAE,MAAM,CAAA;CAClB;AAED,eAAO,MAAM,SAAS,8BAA+B,CAAC,GAAG,SAAS,gBAAsC,CAAA"}
package/dist/types/ISphereonKeyManager.js CHANGED
@@ -1,3 +1,10 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.isDefined = exports.hasKeyOptions = void 0;
4
+ function hasKeyOptions(object) {
5
+ return object && 'opts' in object && ('ephemeral' in object.opts || 'expiration' in object.opts);
6
+ }
7
+ exports.hasKeyOptions = hasKeyOptions;
8
+ const isDefined = (object) => object !== undefined;
9
+ exports.isDefined = isDefined;
3
10
  //# sourceMappingURL=ISphereonKeyManager.js.map
package/dist/types/ISphereonKeyManager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"ISphereonKeyManager.js","sourceRoot":"","sources":["../../src/types/ISphereonKeyManager.ts"],"names":[],"mappings":""}
1
+ {"version":3,"file":"ISphereonKeyManager.js","sourceRoot":"","sources":["../../src/types/ISphereonKeyManager.ts"],"names":[],"mappings":";;;AAsEA,SAAgB,aAAa,CAAC,MAAW;IACvC,OAAO,MAAQ,IAAI,MAAM,IAAI,MAAM,IAAI,CAAC,WAAW,IAAI,MAAM,CAAC,IAAI,IAAI,YAAY,IAAI,MAAM,CAAC,IAAI,CAAC,CAAA;AACpG,CAAC;AAFD,sCAEC;AAiDM,MAAM,SAAS,GAAG,CAAoB,MAAqB,EAAe,EAAE,CAAC,MAAM,KAAK,SAAS,CAAA;AAA3F,QAAA,SAAS,aAAkF"}
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@sphereon/ssi-sdk-ext.key-manager",
3
3
  "description": "Sphereon Key Manager plugin with BLS support",
4
- "version": "0.24.1-unstable.54+5ce83cc",
4
+ "version": "0.24.1-unstable.71+8d51b5a",
5
5
  "source": "src/index.ts",
6
6
  "main": "dist/index.js",
7
7
  "types": "dist/index.d.ts",
@@ -15,13 +15,13 @@
15
15
  "generate-plugin-schema": "sphereon dev generate-plugin-schema"
16
16
  },
17
17
  "dependencies": {
18
- "@sphereon/ssi-sdk-ext.kms-local": "0.24.1-unstable.54+5ce83cc",
19
18
  "@veramo/core": "4.2.0",
20
19
  "@veramo/key-manager": "4.2.0"
21
20
  },
22
21
  "devDependencies": {
23
22
  "@mattrglobal/bbs-signatures": "^1.3.1",
24
- "@sphereon/ssi-sdk-ext.key-utils": "0.24.1-unstable.54+5ce83cc",
23
+ "@sphereon/ssi-sdk-ext.key-utils": "0.24.1-unstable.71+8d51b5a",
24
+ "@sphereon/ssi-sdk-ext.kms-local": "0.24.1-unstable.71+8d51b5a",
25
25
  "@sphereon/ssi-sdk.dev": "0.28.0"
26
26
  },
27
27
  "resolutions": {
@@ -46,5 +46,5 @@
46
46
  "kms",
47
47
  "Veramo"
48
48
  ],
49
- "gitHead": "5ce83cca64d55b664a2b0e6eb04660d299e2655c"
49
+ "gitHead": "8d51b5ae666f7dfc47ce87f9dfbe6ea0d4d4c316"
50
50
  }
package/plugin.schema.json CHANGED
@@ -2,7 +2,7 @@
2
2
  "ISphereonKeyManager": {
3
3
  "components": {
4
4
  "schemas": {
5
- "IKeyManagerCreateArgs": {
5
+ "ISphereonKeyManagerCreateArgs": {
6
6
  "type": "object",
7
7
  "properties": {
8
8
  "type": {
@@ -13,6 +13,10 @@
13
13
  "type": "string",
14
14
  "description": "Key Management System"
15
15
  },
16
+ "opts": {
17
+ "$ref": "#/components/schemas/IkeyOptions",
18
+ "description": "Key options"
19
+ },
16
20
  "meta": {
17
21
  "$ref": "#/components/schemas/KeyMetadata",
18
22
  "description": "Optional. Key meta data"
@@ -37,6 +41,29 @@
37
41
  ],
38
42
  "description": "Cryptographic key type."
39
43
  },
44
+ "IkeyOptions": {
45
+ "type": "object",
46
+ "properties": {
47
+ "ephemeral": {
48
+ "type": "boolean",
49
+ "description": "Is this a temporary key?"
50
+ },
51
+ "expiration": {
52
+ "type": "object",
53
+ "properties": {
54
+ "expiryDate": {
55
+ "type": "string",
56
+ "format": "date-time"
57
+ },
58
+ "removalDate": {
59
+ "type": "string",
60
+ "format": "date-time"
61
+ }
62
+ },
63
+ "description": "Expiration and remove the key"
64
+ }
65
+ }
66
+ },
40
67
  "KeyMetadata": {
41
68
  "type": "object",
42
69
  "properties": {
@@ -91,11 +118,15 @@
91
118
  "type"
92
119
  ]
93
120
  },
94
- "MinimalImportableKey": {
95
- "$ref": "#/components/schemas/RequireOnly<IKey,(\"privateKeyHex\"|\"type\"|\"kms\")>",
96
- "description": "Represents the properties required to import a key."
121
+ "ISphereonKeyManagerHandleExpirationsArgs": {
122
+ "type": "object",
123
+ "properties": {
124
+ "skipRemovals": {
125
+ "type": "boolean"
126
+ }
127
+ }
97
128
  },
98
- "RequireOnly<IKey,(\"privateKeyHex\"|\"type\"|\"kms\")>": {
129
+ "ManagedKeyInfo": {
99
130
  "type": "object",
100
131
  "properties": {
101
132
  "kid": {
@@ -114,10 +145,6 @@
114
145
  "type": "string",
115
146
  "description": "Public key"
116
147
  },
117
- "privateKeyHex": {
118
- "type": "string",
119
- "description": "Optional. Private key"
120
- },
121
148
  "meta": {
122
149
  "anyOf": [
123
150
  {
@@ -130,9 +157,19 @@
130
157
  "description": "Optional. Key metadata. This should be used to determine which algorithms are supported."
131
158
  }
132
159
  },
133
- "description": "Represents an object type where a subset of keys are required and everything else is optional."
160
+ "required": [
161
+ "kid",
162
+ "kms",
163
+ "type",
164
+ "publicKeyHex"
165
+ ],
166
+ "description": "Represents information about a managed key. Private or secret key material is NOT present."
134
167
  },
135
- "ManagedKeyInfo": {
168
+ "MinimalImportableKey": {
169
+ "$ref": "#/components/schemas/RequireOnly<IKey,(\"privateKeyHex\"|\"type\"|\"kms\")>",
170
+ "description": "Represents the properties required to import a key."
171
+ },
172
+ "RequireOnly<IKey,(\"privateKeyHex\"|\"type\"|\"kms\")>": {
136
173
  "type": "object",
137
174
  "properties": {
138
175
  "kid": {
@@ -151,6 +188,10 @@
151
188
  "type": "string",
152
189
  "description": "Public key"
153
190
  },
191
+ "privateKeyHex": {
192
+ "type": "string",
193
+ "description": "Optional. Private key"
194
+ },
154
195
  "meta": {
155
196
  "anyOf": [
156
197
  {
@@ -163,13 +204,7 @@
163
204
  "description": "Optional. Key metadata. This should be used to determine which algorithms are supported."
164
205
  }
165
206
  },
166
- "required": [
167
- "kid",
168
- "kms",
169
- "type",
170
- "publicKeyHex"
171
- ],
172
- "description": "Represents information about a managed key. Private or secret key material is NOT present."
207
+ "description": "Represents an object type where a subset of keys are required and everything else is optional."
173
208
  },
174
209
  "ISphereonKeyManagerSignArgs": {
175
210
  "type": "object",
@@ -325,12 +360,24 @@
325
360
  "keyManagerCreate": {
326
361
  "description": "",
327
362
  "arguments": {
328
- "$ref": "#/components/schemas/IKeyManagerCreateArgs"
363
+ "$ref": "#/components/schemas/ISphereonKeyManagerCreateArgs"
329
364
  },
330
365
  "returnType": {
331
366
  "$ref": "#/components/schemas/PartialKey"
332
367
  }
333
368
  },
369
+ "keyManagerHandleExpirations": {
370
+ "description": "Set keys to expired and remove keys eligible for deletion.",
371
+ "arguments": {
372
+ "$ref": "#/components/schemas/ISphereonKeyManagerHandleExpirationsArgs"
373
+ },
374
+ "returnType": {
375
+ "type": "array",
376
+ "items": {
377
+ "$ref": "#/components/schemas/ManagedKeyInfo"
378
+ }
379
+ }
380
+ },
334
381
  "keyManagerImport": {
335
382
  "description": "",
336
383
  "arguments": {
package/src/__tests__/SphereonKeyManager.test.ts CHANGED
@@ -32,7 +32,6 @@ describe('@sphereon/ssi-sdk-ext.key-manager key functionalities', () => {
32
32
  expect(fetchByKid.type).toEqual('X25519')
33
33
  expect(fetchByKid.kid).toEqual(key.kid)
34
34
  expect(fetchByKid.publicKeyHex).toEqual(key.publicKeyHex)
35
- expect(fetchByKid?.meta).toEqual({ algorithms: ['ECDH', 'ECDH-ES', 'ECDH-1PU'] })
36
35
  })
37
36
 
38
37
  it('should create and fetch a Ed25519 key', async () => {
@@ -41,7 +40,6 @@ describe('@sphereon/ssi-sdk-ext.key-manager key functionalities', () => {
41
40
  expect(fetchByKid.type).toEqual('Ed25519')
42
41
  expect(fetchByKid.kid).toEqual(key.kid)
43
42
  expect(fetchByKid.publicKeyHex).toEqual(key.publicKeyHex)
44
- expect(fetchByKid?.meta).toEqual({ algorithms: ['Ed25519', 'EdDSA'] })
45
43
  const fetchByPublicKeyHex = await kms.keyManagerGet({ kid: key.publicKeyHex })
46
44
  expect(fetchByPublicKeyHex.kid).toEqual(key.kid)
47
45
  })
package/src/agent/SphereonKeyManager.ts CHANGED
@@ -1,19 +1,28 @@
1
- import { KeyManager as VeramoKeyManager, AbstractKeyManagementSystem, AbstractKeyStore } from '@veramo/key-manager'
2
-
3
- import { IKey, IKeyManagerGetArgs, ManagedKeyInfo, TKeyType } from '@veramo/core'
4
- import { KeyType, SphereonKeyManagementSystem } from '@sphereon/ssi-sdk-ext.kms-local'
5
- import { ISphereonKeyManager, ISphereonKeyManagerSignArgs, ISphereonKeyManagerVerifyArgs } from '../types/ISphereonKeyManager'
6
1
  import { calculateJwkThumbprintForKey } from '@sphereon/ssi-sdk-ext.key-utils'
2
+ import { IKey, KeyMetadata, ManagedKeyInfo } from '@veramo/core'
3
+ import { AbstractKeyManagementSystem, AbstractKeyStore, KeyManager as VeramoKeyManager } from '@veramo/key-manager'
4
+ import {
5
+ hasKeyOptions,
6
+ IKeyManagerGetArgs,
7
+ ISphereonKeyManager,
8
+ ISphereonKeyManagerCreateArgs,
9
+ ISphereonKeyManagerHandleExpirationsArgs,
10
+ ISphereonKeyManagerSignArgs,
11
+ ISphereonKeyManagerVerifyArgs,
12
+ } from '../types/ISphereonKeyManager'
7
13
 
8
14
  export const sphereonKeyManagerMethods: Array<string> = [
9
15
  'keyManagerCreate',
16
+ 'keyManagerGet',
10
17
  'keyManagerImport',
11
18
  'keyManagerSign',
12
19
  'keyManagerVerify',
13
20
  'keyManagerListKeys',
21
+ 'keyManagerHandleExpirations',
14
22
  ]
15
23
 
16
24
  export class SphereonKeyManager extends VeramoKeyManager {
25
+ // local store reference, given the superclass store is private, and we need additional functions/calls
17
26
  private localStore: AbstractKeyStore
18
27
  private readonly availableKMSes: Record<string, AbstractKeyManagementSystem>
19
28
  readonly localMethods: ISphereonKeyManager
@@ -28,28 +37,44 @@ export class SphereonKeyManager extends VeramoKeyManager {
28
37
  this.localMethods = <ISphereonKeyManager>(<unknown>methods)
29
38
  }
30
39
 
31
- private getAvailableKms(name: string): AbstractKeyManagementSystem {
32
- const kms = this.availableKMSes[name]
33
- if (!kms) {
34
- throw Error(`invalid_argument: This agent has no registered KeyManagementSystem with name='${name}'`)
40
+ override async keyManagerCreate(args: ISphereonKeyManagerCreateArgs): Promise<ManagedKeyInfo> {
41
+ const kms = this.getKmsByName(args.kms)
42
+ const meta: KeyMetadata = { ...args.meta, ...(args.opts && { opts: args.opts }) }
43
+ if (hasKeyOptions(meta) && meta.opts?.ephemeral && !meta.opts.expiration?.removalDate) {
44
+ // Make sure we set a delete date on an ephemeral key
45
+ meta.opts = {
46
+ ...meta.opts,
47
+ expiration: { ...meta.opts?.expiration, removalDate: new Date(Date.now() + 5 * 60 * 1000) },
48
+ }
35
49
  }
36
- return kms
50
+ const partialKey = await kms.createKey({ type: args.type, meta })
51
+ const key: IKey = { ...partialKey, kms: args.kms }
52
+ key.meta = { ...meta, ...key.meta }
53
+ key.meta.jwkThumbprint = key.meta.jwkThumbprint ?? calculateJwkThumbprintForKey({ key })
54
+
55
+ await this.localStore.import(key)
56
+ if (key.privateKeyHex) {
57
+ // Make sure to not export the private key
58
+ delete key.privateKeyHex
59
+ }
60
+ return key
37
61
  }
38
62
 
39
63
  //FIXME extend the IKeyManagerSignArgs.data to be a string or array of strings
64
+
40
65
  async keyManagerSign(args: ISphereonKeyManagerSignArgs): Promise<string> {
41
66
  const keyInfo: IKey = (await this.localStore.get({ kid: args.keyRef })) as IKey
42
- const kms = this.getAvailableKms(keyInfo.kms)
43
- if (keyInfo.type === <TKeyType>KeyType.Bls12381G2) {
67
+ const kms = this.getKmsByName(keyInfo.kms)
68
+ if (keyInfo.type === 'Bls12381G2') {
44
69
  return await kms.sign({ keyRef: keyInfo, data: Uint8Array.from(Buffer.from(args.data)) })
45
70
  }
46
- // @ts-ignore
71
+ // @ts-ignore // we can pass in uint8arrays as well, which the super also can handle but does not expose in its types
47
72
  return await super.keyManagerSign(args)
48
73
  }
49
74
 
50
75
  async keyManagerVerify(args: ISphereonKeyManagerVerifyArgs): Promise<boolean> {
51
- const kms = this.getAvailableKms(args.kms)
52
- if (('verify' in kms && typeof kms.verify === 'function') || kms instanceof SphereonKeyManagementSystem) {
76
+ const kms = this.getKmsByName(args.kms)
77
+ if ('verify' in kms && typeof kms.verify === 'function') {
53
78
  // @ts-ignore
54
79
  return await kms.verify(args)
55
80
  }
@@ -57,9 +82,35 @@ export class SphereonKeyManager extends VeramoKeyManager {
57
82
  }
58
83
 
59
84
  async keyManagerListKeys(): Promise<ManagedKeyInfo[]> {
60
- return this.localStore.list({}) // FIXME there are no args it seems
85
+ return this.localStore.list({})
86
+ }
87
+
88
+ async keyManagerHandleExpirations(args: ISphereonKeyManagerHandleExpirationsArgs): Promise<Array<ManagedKeyInfo>> {
89
+ const keys = await this.keyManagerListKeys()
90
+ const expiredKeys = keys
91
+ .filter((key) => hasKeyOptions(key.meta))
92
+ .filter((key) => {
93
+ if (hasKeyOptions(key.meta) && key.meta?.opts?.expiration) {
94
+ const expiration = key.meta.opts.expiration
95
+ return !(expiration.expiryDate && expiration.expiryDate.getMilliseconds() > Date.now())
96
+ }
97
+ return false
98
+ })
99
+ if (args.skipRemovals !== true) {
100
+ await Promise.all(expiredKeys.map((key) => this.keyManagerDelete({ kid: key.kid })))
101
+ }
102
+ return keys
103
+ }
104
+
105
+ private getKmsByName(name: string): AbstractKeyManagementSystem {
106
+ const kms = this.availableKMSes[name]
107
+ if (!kms) {
108
+ throw Error(`invalid_argument: This agent has no registered KeyManagementSystem with name='${name}'`)
109
+ }
110
+ return kms
61
111
  }
62
112
 
113
+ //todo https://sphereon.atlassian.net/browse/SDK-28 improve the logic for keyManagerGet in sphereon-key-manager
63
114
  async keyManagerGet({ kid }: IKeyManagerGetArgs): Promise<IKey> {
64
115
  try {
65
116
  const key = await this.localStore.get({ kid })
package/src/types/ISphereonKeyManager.ts CHANGED
@@ -4,7 +4,7 @@ import { ManagedKeyInfo } from '@veramo/core'
4
4
  export type PartialKey = ManagedKeyInfo & { privateKeyHex: string }
5
5
 
6
6
  export interface ISphereonKeyManager extends IKeyManager, IPluginMethodMap {
7
- keyManagerCreate(args: IKeyManagerCreateArgs): Promise<PartialKey>
7
+ keyManagerCreate(args: ISphereonKeyManagerCreateArgs): Promise<PartialKey>
8
8
 
9
9
  keyManagerImport(key: MinimalImportableKey): Promise<PartialKey>
10
10
 
@@ -19,13 +19,34 @@ export interface ISphereonKeyManager extends IKeyManager, IPluginMethodMap {
19
19
  keyManagerVerify(args: ISphereonKeyManagerVerifyArgs): Promise<boolean>
20
20
 
21
21
  keyManagerListKeys(): Promise<Array<ManagedKeyInfo>>
22
+
23
+ /**
24
+ * Set keys to expired and remove keys eligible for deletion.
25
+ * @param args
26
+ */
27
+ keyManagerHandleExpirations(args: ISphereonKeyManagerHandleExpirationsArgs): Promise<Array<ManagedKeyInfo>>
28
+ }
29
+
30
+ export interface IkeyOptions {
31
+ /**
32
+ * Is this a temporary key?
33
+ */
34
+ ephemeral?: boolean
35
+
36
+ /**
37
+ * Expiration and remove the key
38
+ */
39
+ expiration?: {
40
+ expiryDate?: Date
41
+ removalDate?: Date
42
+ }
22
43
  }
23
44
 
24
45
  /**
25
46
  * Input arguments for {@link ISphereonKeyManager.keyManagerCreate | keyManagerCreate}
26
47
  * @public
27
48
  */
28
- export interface IKeyManagerCreateArgs {
49
+ export interface ISphereonKeyManagerCreateArgs {
29
50
  /**
30
51
  * Key type
31
52
  */
@@ -36,12 +57,21 @@ export interface IKeyManagerCreateArgs {
36
57
  */
37
58
  kms: string
38
59
 
60
+ /**
61
+ * Key options
62
+ */
63
+ opts?: IkeyOptions
64
+
39
65
  /**
40
66
  * Optional. Key meta data
41
67
  */
42
68
  meta?: KeyMetadata
43
69
  }
44
70
 
71
+ export function hasKeyOptions(object: any): object is { opts?: IkeyOptions } {
72
+ return object!! && 'opts' in object && ('ephemeral' in object.opts || 'expiration' in object.opts)
73
+ }
74
+
45
75
  /**
46
76
  * Input arguments for {@link ISphereonKeyManager.keyManagerGet | keyManagerGet}
47
77
  * @public
@@ -76,6 +106,10 @@ export interface ISphereonKeyManagerSignArgs extends IKeyManagerSignArgs {
76
106
  data: string | Uint8Array
77
107
  }
78
108
 
109
+ export interface ISphereonKeyManagerHandleExpirationsArgs {
110
+ skipRemovals?: boolean
111
+ }
112
+
79
113
  export interface ISphereonKeyManagerVerifyArgs {
80
114
  kms: string
81
115
  publicKeyHex: string
@@ -84,3 +118,5 @@ export interface ISphereonKeyManagerVerifyArgs {
84
118
  data: Uint8Array
85
119
  signature: string
86
120
  }
121
+
122
+ export const isDefined = <T extends unknown>(object: T | undefined): object is T => object !== undefined