@sphereon/ssi-sdk.mdl-mdoc 0.34.1-feature.SSISDK.26.RP.55 → 0.34.1-feature.SSISDK.26.RP.58
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +33 -30
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +50 -51
- package/dist/index.d.ts +50 -51
- package/dist/index.js +33 -30
- package/dist/index.js.map +1 -1
- package/package.json +13 -13
- package/src/agent/mDLMdoc.ts +5 -4
- package/src/functions/index.ts +32 -31
- package/src/types/ImDLMdoc.ts +27 -26
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@sphereon/ssi-sdk.mdl-mdoc",
|
|
3
|
-
"version": "0.34.1-feature.SSISDK.26.RP.
|
|
3
|
+
"version": "0.34.1-feature.SSISDK.26.RP.58+9389054b",
|
|
4
4
|
"source": "src/index.ts",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "./dist/index.cjs",
|
|
@@ -30,11 +30,11 @@
|
|
|
30
30
|
"@sphereon/kmp-mdoc-core": "0.2.0-SNAPSHOT.26",
|
|
31
31
|
"@sphereon/pex": "5.0.0-unstable.28",
|
|
32
32
|
"@sphereon/pex-models": "^2.3.2",
|
|
33
|
-
"@sphereon/ssi-sdk-ext.did-utils": "0.34.1-feature.SSISDK.26.RP.
|
|
34
|
-
"@sphereon/ssi-sdk-ext.key-utils": "0.34.1-feature.SSISDK.26.RP.
|
|
35
|
-
"@sphereon/ssi-sdk-ext.x509-utils": "0.34.1-feature.SSISDK.26.RP.
|
|
36
|
-
"@sphereon/ssi-sdk.core": "0.34.1-feature.SSISDK.26.RP.
|
|
37
|
-
"@sphereon/ssi-types": "0.34.1-feature.SSISDK.26.RP.
|
|
33
|
+
"@sphereon/ssi-sdk-ext.did-utils": "0.34.1-feature.SSISDK.26.RP.58+9389054b",
|
|
34
|
+
"@sphereon/ssi-sdk-ext.key-utils": "0.34.1-feature.SSISDK.26.RP.58+9389054b",
|
|
35
|
+
"@sphereon/ssi-sdk-ext.x509-utils": "0.34.1-feature.SSISDK.26.RP.58+9389054b",
|
|
36
|
+
"@sphereon/ssi-sdk.core": "0.34.1-feature.SSISDK.26.RP.58+9389054b",
|
|
37
|
+
"@sphereon/ssi-types": "0.34.1-feature.SSISDK.26.RP.58+9389054b",
|
|
38
38
|
"@veramo/core": "4.2.0",
|
|
39
39
|
"@veramo/did-manager": "4.2.0",
|
|
40
40
|
"@veramo/utils": "4.2.0",
|
|
@@ -49,12 +49,12 @@
|
|
|
49
49
|
"devDependencies": {
|
|
50
50
|
"@sphereon/oid4vci-client": "0.19.1-feature.SSISDK.13.32",
|
|
51
51
|
"@sphereon/oid4vci-common": "0.19.1-feature.SSISDK.13.32",
|
|
52
|
-
"@sphereon/ssi-express-support": "0.34.1-feature.SSISDK.26.RP.
|
|
53
|
-
"@sphereon/ssi-sdk-ext.key-manager": "0.34.1-feature.SSISDK.26.RP.
|
|
54
|
-
"@sphereon/ssi-sdk-ext.kms-local": "0.34.1-feature.SSISDK.26.RP.
|
|
55
|
-
"@sphereon/ssi-sdk.agent-config": "0.34.1-feature.SSISDK.26.RP.
|
|
56
|
-
"@sphereon/ssi-sdk.data-store": "0.34.1-feature.SSISDK.26.RP.
|
|
57
|
-
"@sphereon/ssi-sdk.public-key-hosting": "0.34.1-feature.SSISDK.26.RP.
|
|
52
|
+
"@sphereon/ssi-express-support": "0.34.1-feature.SSISDK.26.RP.58+9389054b",
|
|
53
|
+
"@sphereon/ssi-sdk-ext.key-manager": "0.34.1-feature.SSISDK.26.RP.58+9389054b",
|
|
54
|
+
"@sphereon/ssi-sdk-ext.kms-local": "0.34.1-feature.SSISDK.26.RP.58+9389054b",
|
|
55
|
+
"@sphereon/ssi-sdk.agent-config": "0.34.1-feature.SSISDK.26.RP.58+9389054b",
|
|
56
|
+
"@sphereon/ssi-sdk.data-store": "0.34.1-feature.SSISDK.26.RP.58+9389054b",
|
|
57
|
+
"@sphereon/ssi-sdk.public-key-hosting": "0.34.1-feature.SSISDK.26.RP.58+9389054b",
|
|
58
58
|
"@transmute/json-web-signature": "0.7.0-unstable.81",
|
|
59
59
|
"@types/cors": "^2.8.17",
|
|
60
60
|
"@types/express": "^4.17.21",
|
|
@@ -89,5 +89,5 @@
|
|
|
89
89
|
"EBSI",
|
|
90
90
|
"EBSI Authorization Client"
|
|
91
91
|
],
|
|
92
|
-
"gitHead": "
|
|
92
|
+
"gitHead": "9389054b1da3dda085e28b2ec27063e20cc296c6"
|
|
93
93
|
}
|
package/src/agent/mDLMdoc.ts
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
|
-
import
|
|
1
|
+
import mdocPkg from '@sphereon/kmp-mdoc-core'
|
|
2
|
+
const { com } = mdocPkg
|
|
2
3
|
import { calculateJwkThumbprint } from '@sphereon/ssi-sdk-ext.key-utils'
|
|
3
4
|
import { CertificateInfo, getCertificateInfo, pemOrDerToX509Certificate, X509ValidationResult } from '@sphereon/ssi-sdk-ext.x509-utils'
|
|
4
5
|
import { JWK } from '@sphereon/ssi-types'
|
|
@@ -121,7 +122,7 @@ export class MDLMdoc implements IAgentPlugin {
|
|
|
121
122
|
presentationDefinition as IOid4VPPresentationDefinition,
|
|
122
123
|
)
|
|
123
124
|
const docsAndDescriptors: DocumentDescriptorMatchResult[] = []
|
|
124
|
-
let lastError:
|
|
125
|
+
let lastError: mdocPkg.com.sphereon.crypto.generic.IVerifyResults<mdocPkg.com.sphereon.crypto.cose.ICoseKeyCbor> | undefined = undefined
|
|
125
126
|
for (let match of allMatches) {
|
|
126
127
|
if (match.document) {
|
|
127
128
|
const result = await validate(match.document)
|
|
@@ -194,7 +195,7 @@ export class MDLMdoc implements IAgentPlugin {
|
|
|
194
195
|
*/
|
|
195
196
|
private async mdocOid4vpRPVerify(args: MdocOid4vpRPVerifyArgs, _context: IRequiredContext): Promise<MdocOid4vpRPVerifyResult> {
|
|
196
197
|
const { vp_token, presentation_submission, trustAnchors } = args
|
|
197
|
-
const deviceResponse =
|
|
198
|
+
const deviceResponse = com.sphereon.mdoc.data.device.DeviceResponseCbor.Static.cborDecode(decodeFrom(vp_token, Encoding.BASE64URL))
|
|
198
199
|
if (!deviceResponse.documents) {
|
|
199
200
|
return Promise.reject(Error(`No documents found in vp_token`))
|
|
200
201
|
}
|
|
@@ -252,7 +253,7 @@ export class MDLMdoc implements IAgentPlugin {
|
|
|
252
253
|
const { input, keyInfo, requireX5Chain } = args
|
|
253
254
|
const coseKeyInfo = keyInfo && CoseJoseKeyMappingService.toCoseKeyInfo(keyInfo)
|
|
254
255
|
const verification = await new CoseCryptoServiceJS(new CoseCryptoService(context)).verify1(
|
|
255
|
-
|
|
256
|
+
com.sphereon.crypto.cose.CoseSign1Json.Static.fromDTO(input).toCbor(),
|
|
256
257
|
coseKeyInfo,
|
|
257
258
|
requireX5Chain,
|
|
258
259
|
)
|
package/src/functions/index.ts
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
|
-
import
|
|
1
|
+
import mdocPkg from '@sphereon/kmp-mdoc-core'
|
|
2
|
+
const { com } = mdocPkg
|
|
2
3
|
import { Nullable } from '@sphereon/kmp-mdoc-core'
|
|
3
4
|
|
|
4
5
|
import { calculateJwkThumbprint, globalCrypto, verifyRawSignature } from '@sphereon/ssi-sdk-ext.key-utils'
|
|
@@ -18,24 +19,24 @@ import { Certificate, CryptoEngine, setEngine } from 'pkijs'
|
|
|
18
19
|
import { fromString } from 'uint8arrays/from-string'
|
|
19
20
|
import { IRequiredContext, VerifyCertificateChainArgs } from '../types/ImDLMdoc'
|
|
20
21
|
|
|
21
|
-
type CoseKeyCbor =
|
|
22
|
-
type ICoseKeyCbor =
|
|
23
|
-
type ToBeSignedCbor =
|
|
24
|
-
const CoseJoseKeyMappingService =
|
|
25
|
-
type SignatureAlgorithm =
|
|
26
|
-
type ICoseCryptoCallbackJS =
|
|
27
|
-
type IKey =
|
|
28
|
-
type IX509ServiceJS =
|
|
29
|
-
type Jwk =
|
|
30
|
-
const KeyInfo =
|
|
31
|
-
type X509VerificationProfile =
|
|
32
|
-
const DateTimeUtils =
|
|
33
|
-
const decodeFrom =
|
|
34
|
-
const encodeTo =
|
|
35
|
-
const Encoding =
|
|
36
|
-
type LocalDateTimeKMP =
|
|
37
|
-
const SignatureAlgorithm =
|
|
38
|
-
const DefaultCallbacks =
|
|
22
|
+
type CoseKeyCbor = mdocPkg.com.sphereon.crypto.cose.CoseKeyCbor
|
|
23
|
+
type ICoseKeyCbor = mdocPkg.com.sphereon.crypto.cose.ICoseKeyCbor
|
|
24
|
+
type ToBeSignedCbor = mdocPkg.com.sphereon.crypto.cose.ToBeSignedCbor
|
|
25
|
+
const CoseJoseKeyMappingService = com.sphereon.crypto.CoseJoseKeyMappingService
|
|
26
|
+
type SignatureAlgorithm = mdocPkg.com.sphereon.crypto.generic.SignatureAlgorithm
|
|
27
|
+
type ICoseCryptoCallbackJS = mdocPkg.com.sphereon.crypto.ICoseCryptoCallbackJS
|
|
28
|
+
type IKey = mdocPkg.com.sphereon.crypto.IKey
|
|
29
|
+
type IX509ServiceJS = mdocPkg.com.sphereon.crypto.IX509ServiceJS
|
|
30
|
+
type Jwk = mdocPkg.com.sphereon.crypto.jose.Jwk
|
|
31
|
+
const KeyInfo = mdocPkg.com.sphereon.crypto.KeyInfo
|
|
32
|
+
type X509VerificationProfile = mdocPkg.com.sphereon.crypto.X509VerificationProfile
|
|
33
|
+
const DateTimeUtils = mdocPkg.com.sphereon.kmp.DateTimeUtils
|
|
34
|
+
const decodeFrom = mdocPkg.com.sphereon.kmp.decodeFrom
|
|
35
|
+
const encodeTo = mdocPkg.com.sphereon.kmp.encodeTo
|
|
36
|
+
const Encoding = mdocPkg.com.sphereon.kmp.Encoding
|
|
37
|
+
type LocalDateTimeKMP = mdocPkg.com.sphereon.kmp.LocalDateTimeKMP
|
|
38
|
+
const SignatureAlgorithm = mdocPkg.com.sphereon.crypto.generic.SignatureAlgorithm
|
|
39
|
+
const DefaultCallbacks = mdocPkg.com.sphereon.crypto.DefaultCallbacks
|
|
39
40
|
|
|
40
41
|
export class CoseCryptoService implements ICoseCryptoCallbackJS {
|
|
41
42
|
constructor(private context?: IRequiredContext) {}
|
|
@@ -55,8 +56,8 @@ export class CoseCryptoService implements ICoseCryptoCallbackJS {
|
|
|
55
56
|
if (key == null) {
|
|
56
57
|
return Promise.reject(Error('No key present in keyInfo. This implementation cannot sign without a key!'))
|
|
57
58
|
}
|
|
58
|
-
const resolvedKeyInfo =
|
|
59
|
-
const jwkKeyInfo:
|
|
59
|
+
const resolvedKeyInfo = com.sphereon.crypto.ResolvedKeyInfo.Static.fromKeyInfo(keyInfo, key)
|
|
60
|
+
const jwkKeyInfo: mdocPkg.com.sphereon.crypto.ResolvedKeyInfo<Jwk> = CoseJoseKeyMappingService.toResolvedJwkKeyInfo(resolvedKeyInfo)
|
|
60
61
|
|
|
61
62
|
const kid = jwkKeyInfo.kid ?? calculateJwkThumbprint({ jwk: jwkKeyInfo.key.toJsonDTO() }) ?? jwkKeyInfo.key.getKidAsString(true)
|
|
62
63
|
if (!kid) {
|
|
@@ -74,10 +75,10 @@ export class CoseCryptoService implements ICoseCryptoCallbackJS {
|
|
|
74
75
|
}
|
|
75
76
|
|
|
76
77
|
async verify1Async<CborType>(
|
|
77
|
-
input:
|
|
78
|
-
keyInfo:
|
|
78
|
+
input: mdocPkg.com.sphereon.crypto.cose.CoseSign1Cbor<CborType>,
|
|
79
|
+
keyInfo: mdocPkg.com.sphereon.crypto.IKeyInfo<ICoseKeyCbor>,
|
|
79
80
|
requireX5Chain: Nullable<boolean>,
|
|
80
|
-
): Promise<
|
|
81
|
+
): Promise<mdocPkg.com.sphereon.crypto.generic.IVerifySignatureResult<ICoseKeyCbor>> {
|
|
81
82
|
const getCertAndKey = async (
|
|
82
83
|
x5c: Nullable<Array<string>>,
|
|
83
84
|
): Promise<{
|
|
@@ -128,7 +129,7 @@ export class CoseCryptoService implements ICoseCryptoCallbackJS {
|
|
|
128
129
|
if (kid === null) {
|
|
129
130
|
kid = coseKeyInfo.key.getKidAsString(false)
|
|
130
131
|
}
|
|
131
|
-
issuerCoseKey =
|
|
132
|
+
issuerCoseKey = com.sphereon.crypto.cose.CoseKeyCbor.Static.fromDTO(coseKeyInfo.key)
|
|
132
133
|
}
|
|
133
134
|
|
|
134
135
|
const issuerCoseKeyInfo = new KeyInfo<CoseKeyCbor>(
|
|
@@ -156,12 +157,12 @@ export class CoseCryptoService implements ICoseCryptoCallbackJS {
|
|
|
156
157
|
error: !valid,
|
|
157
158
|
message: `Signature of '${issuerCert ? getSubjectDN(issuerCert).DN : kid}' was ${valid ? '' : 'in'}valid`,
|
|
158
159
|
keyInfo: issuerCoseKeyInfo,
|
|
159
|
-
} satisfies
|
|
160
|
+
} satisfies mdocPkg.com.sphereon.crypto.generic.IVerifySignatureResult<ICoseKeyCbor>
|
|
160
161
|
}
|
|
161
162
|
|
|
162
|
-
resolvePublicKeyAsync<KT extends
|
|
163
|
-
keyInfo:
|
|
164
|
-
): Promise<
|
|
163
|
+
resolvePublicKeyAsync<KT extends mdocPkg.com.sphereon.crypto.IKey>(
|
|
164
|
+
keyInfo: mdocPkg.com.sphereon.crypto.IKeyInfo<KT>,
|
|
165
|
+
): Promise<mdocPkg.com.sphereon.crypto.IResolvedKeyInfo<KT>> {
|
|
165
166
|
if (keyInfo.key) {
|
|
166
167
|
return Promise.resolve(CoseJoseKeyMappingService.toResolvedKeyInfo(keyInfo, keyInfo.key))
|
|
167
168
|
}
|
|
@@ -212,7 +213,7 @@ export class X509CallbackService implements IX509ServiceJS {
|
|
|
212
213
|
trustedCerts: Nullable<string[]>,
|
|
213
214
|
verificationProfile?: X509VerificationProfile | undefined,
|
|
214
215
|
verificationTime?: Nullable<LocalDateTimeKMP>,
|
|
215
|
-
): Promise<
|
|
216
|
+
): Promise<mdocPkg.com.sphereon.crypto.IX509VerificationResult<KeyType>> {
|
|
216
217
|
const verificationAt = verificationTime ?? DateTimeUtils.Static.DEFAULT.dateTimeLocal()
|
|
217
218
|
let chain: Array<string | Uint8Array> = []
|
|
218
219
|
if (chainDER && chainDER.length > 0) {
|
|
@@ -238,7 +239,7 @@ export class X509CallbackService implements IX509ServiceJS {
|
|
|
238
239
|
message: result.message,
|
|
239
240
|
error: result.error,
|
|
240
241
|
verificationTime: verificationAt,
|
|
241
|
-
} satisfies
|
|
242
|
+
} satisfies mdocPkg.com.sphereon.crypto.IX509VerificationResult<KeyType>
|
|
242
243
|
}
|
|
243
244
|
|
|
244
245
|
setTrustedCerts = (trustedCertsInPEM?: Array<string>) => {
|
package/src/types/ImDLMdoc.ts
CHANGED
|
@@ -1,33 +1,34 @@
|
|
|
1
|
-
import
|
|
1
|
+
import mdocPkg from '@sphereon/kmp-mdoc-core'
|
|
2
|
+
const { com } = mdocPkg
|
|
2
3
|
import { PresentationDefinitionV2, PresentationSubmission } from '@sphereon/pex-models'
|
|
3
4
|
import { ISphereonKeyManager } from '@sphereon/ssi-sdk-ext.key-manager'
|
|
4
5
|
import { CertificateInfo, SubjectAlternativeGeneralName, X509ValidationResult } from '@sphereon/ssi-sdk-ext.x509-utils'
|
|
5
6
|
import { IAgentContext, IDIDManager, IPluginMethodMap, IResolver } from '@veramo/core'
|
|
6
|
-
export type IKey =
|
|
7
|
-
export type CoseSign1Json =
|
|
8
|
-
export type CoseSign1Cbor<Any> =
|
|
9
|
-
export type ICoseKeyCbor =
|
|
10
|
-
export type ICoseKeyJson =
|
|
11
|
-
export type IKeyInfo<KT extends IKey = IKey> =
|
|
12
|
-
export type IVerifyResults<KT extends IKey> =
|
|
13
|
-
export type IVerifySignatureResult<KT extends IKey> =
|
|
14
|
-
export type DocumentJson =
|
|
15
|
-
export type DocumentCbor =
|
|
16
|
-
export const CborByteString =
|
|
17
|
-
export const CoseKeyCbor =
|
|
18
|
-
export const CoseCryptoServiceJS =
|
|
19
|
-
export const CoseJoseKeyMappingService =
|
|
20
|
-
export const KeyInfo =
|
|
21
|
-
export const DateTimeUtils =
|
|
22
|
-
export const decodeFrom =
|
|
23
|
-
export const encodeTo =
|
|
24
|
-
export const Encoding =
|
|
25
|
-
export const MdocValidations =
|
|
26
|
-
export const MdocOid4vpService =
|
|
27
|
-
export const Jwk =
|
|
28
|
-
export type DocumentDescriptorMatchResult =
|
|
29
|
-
export type IOid4VPPresentationDefinition =
|
|
30
|
-
export const Oid4VPPresentationSubmission =
|
|
7
|
+
export type IKey = mdocPkg.com.sphereon.crypto.IKey
|
|
8
|
+
export type CoseSign1Json = mdocPkg.com.sphereon.crypto.cose.CoseSign1Json
|
|
9
|
+
export type CoseSign1Cbor<Any> = mdocPkg.com.sphereon.crypto.cose.CoseSign1Cbor<Any>
|
|
10
|
+
export type ICoseKeyCbor = mdocPkg.com.sphereon.crypto.cose.ICoseKeyCbor
|
|
11
|
+
export type ICoseKeyJson = mdocPkg.com.sphereon.crypto.cose.ICoseKeyJson
|
|
12
|
+
export type IKeyInfo<KT extends IKey = IKey> = mdocPkg.com.sphereon.crypto.IKeyInfo<KT>
|
|
13
|
+
export type IVerifyResults<KT extends IKey> = mdocPkg.com.sphereon.crypto.generic.IVerifyResults<KT>
|
|
14
|
+
export type IVerifySignatureResult<KT extends IKey> = mdocPkg.com.sphereon.crypto.generic.IVerifySignatureResult<KT>
|
|
15
|
+
export type DocumentJson = mdocPkg.com.sphereon.mdoc.data.device.DocumentJson
|
|
16
|
+
export type DocumentCbor = mdocPkg.com.sphereon.mdoc.data.device.DocumentCbor
|
|
17
|
+
export const CborByteString = com.sphereon.cbor.CborByteString
|
|
18
|
+
export const CoseKeyCbor = com.sphereon.crypto.cose.CoseKeyCbor
|
|
19
|
+
export const CoseCryptoServiceJS = com.sphereon.crypto.CoseCryptoServiceJS
|
|
20
|
+
export const CoseJoseKeyMappingService = com.sphereon.crypto.CoseJoseKeyMappingService
|
|
21
|
+
export const KeyInfo = com.sphereon.crypto.KeyInfo
|
|
22
|
+
export const DateTimeUtils = com.sphereon.kmp.DateTimeUtils
|
|
23
|
+
export const decodeFrom = com.sphereon.kmp.decodeFrom
|
|
24
|
+
export const encodeTo = com.sphereon.kmp.encodeTo
|
|
25
|
+
export const Encoding = com.sphereon.kmp.Encoding
|
|
26
|
+
export const MdocValidations = com.sphereon.mdoc.data.MdocValidations
|
|
27
|
+
export const MdocOid4vpService = com.sphereon.mdoc.oid4vp.MdocOid4vpServiceJs
|
|
28
|
+
export const Jwk = com.sphereon.crypto.jose.Jwk
|
|
29
|
+
export type DocumentDescriptorMatchResult = mdocPkg.com.sphereon.mdoc.oid4vp.DocumentDescriptorMatchResult
|
|
30
|
+
export type IOid4VPPresentationDefinition = mdocPkg.com.sphereon.mdoc.oid4vp.IOid4VPPresentationDefinition
|
|
31
|
+
export const Oid4VPPresentationSubmission = com.sphereon.mdoc.oid4vp.Oid4VPPresentationSubmission
|
|
31
32
|
|
|
32
33
|
export interface ImDLMdoc extends IPluginMethodMap {
|
|
33
34
|
// TODO: Extract cert methods to its own plugin
|