@sphereon/ssi-sdk.sd-jwt 0.24.1-unstable.49 → 0.25.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/action-handler.d.ts +1 -0
- package/dist/action-handler.d.ts.map +1 -1
- package/dist/action-handler.js +23 -18
- package/dist/action-handler.js.map +1 -1
- package/dist/ssi-sdk.sd-jwt.d.ts +1 -0
- package/dist/tsdoc-metadata.json +1 -1
- package/dist/types.d.ts.map +1 -1
- package/package.json +9 -8
- package/src/__tests__/sd-jwt.test.ts +28 -47
- package/src/action-handler.ts +26 -32
- package/src/types.ts +2 -8
package/dist/action-handler.d.ts
CHANGED
|
@@ -64,5 +64,6 @@ export declare class SDJwtPlugin implements IAgentPlugin {
|
|
|
64
64
|
* @returns
|
|
65
65
|
*/
|
|
66
66
|
verifySdJwtPresentation(args: IVerifySdJwtPresentationArgs, context: IRequiredContext): Promise<IVerifySdJwtPresentationResult>;
|
|
67
|
+
private getKeyTypeAlgorithm;
|
|
67
68
|
}
|
|
68
69
|
//# sourceMappingURL=action-handler.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"action-handler.d.ts","sourceRoot":"","sources":["../src/action-handler.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"action-handler.d.ts","sourceRoot":"","sources":["../src/action-handler.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,eAAe,EAAkB,MAAM,mBAAmB,CAAA;AAEnE,OAAO,EAAE,YAAY,EAAE,MAAM,cAAc,CAAA;AAC3C,OAAO,EACL,mBAAmB,EACnB,kBAAkB,EAClB,oBAAoB,EACpB,4BAA4B,EAC5B,8BAA8B,EAC9B,gBAAgB,EAChB,YAAY,EACZ,kBAAkB,EAClB,oBAAoB,EACpB,4BAA4B,EAC5B,8BAA8B,EAE/B,MAAM,SAAS,CAAA;AAIhB;;;GAGG;AACH,qBAAa,WAAY,YAAW,YAAY;IAGlC,OAAO,CAAC,UAAU;IAF9B,QAAQ,CAAC,MAAM,MAAsB;gBAEjB,UAAU,EAAE,mBAAmB;IAGnD,QAAQ,CAAC,OAAO,EAAE,YAAY,CAK7B;IAED;;;;;OAKG;IACG,aAAa,CAAC,IAAI,EAAE,kBAAkB,EAAE,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,oBAAoB,CAAC;IAuBvG;;;;;OAKG;YACW,UAAU;IAmBxB;;;;;OAKG;IACG,uBAAuB,CAAC,IAAI,EAAE,4BAA4B,EAAE,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,8BAA8B,CAAC;IA+BrI;;;;;OAKG;IACG,aAAa,CAAC,IAAI,EAAE,kBAAkB,EAAE,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,oBAAoB,CAAC;IAWvG;;;;;;;;OAQG;IACH,OAAO,CAAC,QAAQ;IAQhB;;;;;;;OAOG;IACG,MAAM,CAAC,KAAK,EAAE,eAAe,EAAE,OAAO,EAAE,gBAAgB,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM;IAqB/F;;;;;OAKG;IACG,uBAAuB,CAAC,IAAI,EAAE,4BAA4B,EAAE,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,8BAA8B,CAAC;IAgBrI,OAAO,CAAC,mBAAmB;CAY5B"}
|
package/dist/action-handler.js
CHANGED
|
@@ -8,13 +8,18 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
8
8
|
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
9
9
|
});
|
|
10
10
|
};
|
|
11
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
12
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
13
|
+
};
|
|
11
14
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
15
|
exports.SDJwtPlugin = void 0;
|
|
16
|
+
const debug_1 = __importDefault(require("debug"));
|
|
13
17
|
const index_1 = require("./index");
|
|
14
18
|
const core_1 = require("@sd-jwt/core");
|
|
15
19
|
const sd_jwt_vc_1 = require("@sd-jwt/sd-jwt-vc");
|
|
16
20
|
const ssi_sdk_ext_did_utils_1 = require("@sphereon/ssi-sdk-ext.did-utils");
|
|
17
21
|
const utils_1 = require("@veramo/utils");
|
|
22
|
+
const debug = (0, debug_1.default)('sd-jwt');
|
|
18
23
|
/**
|
|
19
24
|
* @beta
|
|
20
25
|
* SD-JWT plugin for Veramo
|
|
@@ -65,6 +70,7 @@ class SDJwtPlugin {
|
|
|
65
70
|
*/
|
|
66
71
|
getSignKey(issuer, context) {
|
|
67
72
|
return __awaiter(this, void 0, void 0, function* () {
|
|
73
|
+
debug(`Getting signing key for issuer ${issuer}`);
|
|
68
74
|
const identifier = yield context.agent.didManagerGet({
|
|
69
75
|
did: issuer.split('#')[0],
|
|
70
76
|
});
|
|
@@ -76,21 +82,8 @@ class SDJwtPlugin {
|
|
|
76
82
|
if (!key) {
|
|
77
83
|
throw new Error(`No key found with the given id: ${issuer}`);
|
|
78
84
|
}
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
switch (key.type) {
|
|
82
|
-
case 'Ed25519':
|
|
83
|
-
alg = 'EdDSA';
|
|
84
|
-
break;
|
|
85
|
-
case 'Secp256k1':
|
|
86
|
-
alg = 'ES256K';
|
|
87
|
-
break;
|
|
88
|
-
case 'Secp256r1':
|
|
89
|
-
alg = 'ES256';
|
|
90
|
-
break;
|
|
91
|
-
default:
|
|
92
|
-
throw new Error(`unsupported key type ${key.type}`);
|
|
93
|
-
}
|
|
85
|
+
const alg = this.getKeyTypeAlgorithm(key.type);
|
|
86
|
+
debug(`Signing key ${key.publicKeyHex} found for issuer ${issuer}`);
|
|
94
87
|
return { alg, key };
|
|
95
88
|
});
|
|
96
89
|
}
|
|
@@ -109,7 +102,7 @@ class SDJwtPlugin {
|
|
|
109
102
|
// we primarly look for a cnf field, if it's not there we look for a sub field. If this is also not given, we throw an error since we can not sign it.
|
|
110
103
|
if ((_a = claims.cnf) === null || _a === void 0 ? void 0 : _a.jwk) {
|
|
111
104
|
const key = claims.cnf.jwk;
|
|
112
|
-
//TODO: convert the JWK to hex and search for the appropriate key and associated DID
|
|
105
|
+
//TODO SDK-19: convert the JWK to hex and search for the appropriate key and associated DID
|
|
113
106
|
//doesn't apply to did:jwk only, as you can represent any DID key as a JWK. So whenever you encounter a JWK it doesn't mean it had to come from a did:jwk in the system. It just can always be represented as a did:jwk
|
|
114
107
|
holderDID = `did:jwk:${(0, utils_1.encodeJoseBlob)(key)}#0`;
|
|
115
108
|
}
|
|
@@ -185,12 +178,12 @@ class SDJwtPlugin {
|
|
|
185
178
|
if (!didDoc) {
|
|
186
179
|
throw new Error('invalid_issuer: issuer did not resolve to a did document');
|
|
187
180
|
}
|
|
188
|
-
//TODO: This should be checking for an assertionMethod and not just an verificationMethod with an id
|
|
181
|
+
//TODO SDK-20: This should be checking for an assertionMethod and not just an verificationMethod with an id
|
|
189
182
|
const didDocumentKey = (_b = (_a = didDoc.didDocument) === null || _a === void 0 ? void 0 : _a.verificationMethod) === null || _b === void 0 ? void 0 : _b.find((key) => key.id);
|
|
190
183
|
if (!didDocumentKey) {
|
|
191
184
|
throw new Error('invalid_issuer: issuer did document does not include referenced key');
|
|
192
185
|
}
|
|
193
|
-
//FIXME: in case it's another did method, the value of the key can be also encoded as a base64url
|
|
186
|
+
//FIXME SDK-21: in case it's another did method, the value of the key can be also encoded as a base64url
|
|
194
187
|
//needs more checks. some DID methods do not expose the keys as publicKeyJwk
|
|
195
188
|
const key = didDocumentKey.publicKeyJwk;
|
|
196
189
|
return this.algorithms.verifySignature(data, signature, key);
|
|
@@ -217,6 +210,18 @@ class SDJwtPlugin {
|
|
|
217
210
|
return { verifiedPayloads };
|
|
218
211
|
});
|
|
219
212
|
}
|
|
213
|
+
getKeyTypeAlgorithm(keyType) {
|
|
214
|
+
switch (keyType) {
|
|
215
|
+
case 'Ed25519':
|
|
216
|
+
return 'EdDSA';
|
|
217
|
+
case 'Secp256k1':
|
|
218
|
+
return 'ES256K';
|
|
219
|
+
case 'Secp256r1':
|
|
220
|
+
return 'ES256';
|
|
221
|
+
default:
|
|
222
|
+
throw new Error(`unsupported key type ${keyType}`);
|
|
223
|
+
}
|
|
224
|
+
}
|
|
220
225
|
}
|
|
221
226
|
exports.SDJwtPlugin = SDJwtPlugin;
|
|
222
227
|
//# sourceMappingURL=action-handler.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"action-handler.js","sourceRoot":"","sources":["../src/action-handler.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"action-handler.js","sourceRoot":"","sources":["../src/action-handler.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,kDAAyB;AAEzB,mCAAgC;AAChC,uCAAyC;AACzC,iDAAmE;AAiBnE,2EAAsF;AACtF,yCAA8C;AAC9C,MAAM,KAAK,GAAG,IAAA,eAAK,EAAC,QAAQ,CAAC,CAAA;AAC7B;;;GAGG;AACH,MAAa,WAAW;IAGtB,YAAoB,UAA+B;QAA/B,eAAU,GAAV,UAAU,CAAqB;QAF1C,WAAM,GAAG,cAAM,CAAC,YAAY,CAAA;QAIrC,mEAAmE;QAC1D,YAAO,GAAiB;YAC/B,aAAa,EAAE,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC;YAC5C,uBAAuB,EAAE,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,IAAI,CAAC;YAChE,aAAa,EAAE,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC;YAC5C,uBAAuB,EAAE,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,IAAI,CAAC;SACjE,CAAA;IARqD,CAAC;IAUvD;;;;;OAKG;IACG,aAAa,CAAC,IAAwB,EAAE,OAAyB;;YACrE,MAAM,MAAM,GAAG,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAA;YACzC,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAA;YACxD,CAAC;YAED,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;YAE3D,0DAA0D;YAC1D,MAAM,MAAM,GAAW,CAAO,IAAY,EAAE,EAAE,gDAAC,OAAA,OAAO,CAAC,KAAK,CAAC,cAAc,CAAC,EAAE,MAAM,EAAE,GAAG,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAA,GAAA,CAAA;YAEtG,MAAM,KAAK,GAAG,IAAI,2BAAe,CAAC;gBAChC,MAAM;gBACN,MAAM,EAAE,IAAI,CAAC,UAAU,CAAC,MAAM;gBAC9B,aAAa,EAAE,IAAI,CAAC,UAAU,CAAC,aAAa;gBAC5C,OAAO,EAAE,GAAG;gBACZ,OAAO,EAAE,SAAS;aACnB,CAAC,CAAA;YAEF,MAAM,UAAU,GAAG,MAAM,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,iBAAiB,EAAE,IAAI,CAAC,eAAiE,CAAC,CAAA;YACpI,OAAO,EAAE,UAAU,EAAE,CAAA;QACvB,CAAC;KAAA;IAED;;;;;OAKG;IACW,UAAU,CAAC,MAAc,EAAE,OAAyB;;YAChE,KAAK,CAAC,kCAAkC,MAAM,EAAE,CAAC,CAAA;YACjD,MAAM,UAAU,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,aAAa,CAAC;gBACnD,GAAG,EAAE,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;aAC1B,CAAC,CAAA;YACF,MAAM,GAAG,GAAG,MAAM,IAAA,4DAAoC,EAAC,UAAU,EAAE,iBAAiB,EAAE,OAAO,CAAC,CAAA;YAC9F,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC7B,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAA;YAC7C,CAAC;YACD,MAAM,GAAG,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,kBAAkB,CAAC,EAAE,KAAK,MAAM,CAAC,CAAA;YACxE,IAAI,CAAC,GAAG,EAAE,CAAC;gBACT,MAAM,IAAI,KAAK,CAAC,mCAAmC,MAAM,EAAE,CAAC,CAAA;YAC9D,CAAC;YACD,MAAM,GAAG,GAAG,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;YAC9C,KAAK,CAAC,eAAe,GAAG,CAAC,YAAY,qBAAqB,MAAM,EAAE,CAAC,CAAA;YAEnE,OAAO,EAAE,GAAG,EAAE,GAAG,EAAE,CAAA;QACrB,CAAC;KAAA;IAED;;;;;OAKG;IACG,uBAAuB,CAAC,IAAkC,EAAE,OAAyB;;;YACzF,MAAM,IAAI,GAAG,MAAM,YAAK,CAAC,UAAU,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAA;YAC9E,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,SAAS,CAAS,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAA;YACnE,IAAI,SAAiB,CAAA;YACrB,sJAAsJ;YACtJ,IAAI,MAAA,MAAM,CAAC,GAAG,0CAAE,GAAG,EAAE,CAAC;gBACpB,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC,GAAG,CAAA;gBAC1B,2FAA2F;gBAC3F,uNAAuN;gBACvN,SAAS,GAAG,WAAW,IAAA,sBAAc,EAAC,GAAG,CAAC,IAAI,CAAA;YAChD,CAAC;iBAAM,IAAI,MAAM,CAAC,GAAG,EAAE,CAAC;gBACtB,SAAS,GAAG,MAAM,CAAC,GAAa,CAAA;YAClC,CAAC;iBAAM,CAAC;gBACN,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAA;YACrF,CAAC;YACD,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,SAAS,EAAE,OAAO,CAAC,CAAA;YAE9D,MAAM,MAAM,GAAW,CAAO,IAAY,EAAE,EAAE;gBAC5C,OAAO,OAAO,CAAC,KAAK,CAAC,cAAc,CAAC,EAAE,MAAM,EAAE,GAAG,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAA;YAChE,CAAC,CAAA,CAAA;YAED,MAAM,KAAK,GAAG,IAAI,2BAAe,CAAC;gBAChC,MAAM,EAAE,IAAI,CAAC,UAAU,CAAC,MAAM;gBAC9B,aAAa,EAAE,IAAI,CAAC,UAAU,CAAC,aAAa;gBAC5C,QAAQ,EAAE,MAAM;gBAChB,SAAS,EAAE,GAAG;aACf,CAAC,CAAA;YACF,MAAM,UAAU,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,iBAAsD,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC,CAAA;YACvI,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,CAAA;QACrC,CAAC;KAAA;IAED;;;;;OAKG;IACG,aAAa,CAAC,IAAwB,EAAE,OAAyB;;YACrE,kDAAkD;YAClD,IAAI,KAAsB,CAAA;YAC1B,MAAM,QAAQ,GAAa,CAAO,IAAY,EAAE,SAAiB,EAAE,EAAE,gDAAC,OAAA,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,CAAC,CAAA,GAAA,CAAA;YAElH,KAAK,GAAG,IAAI,2BAAe,CAAC,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC,CAAA;YACzE,MAAM,gBAAgB,GAAG,MAAM,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;YAE5D,OAAO,EAAE,gBAAgB,EAAE,CAAA;QAC7B,CAAC;KAAA;IAED;;;;;;;;OAQG;IACK,QAAQ,CAAC,KAAsB,EAAE,OAAyB,EAAE,IAAY,EAAE,SAAiB,EAAE,OAAmB;QACtH,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;YACjB,MAAM,KAAK,CAAC,4CAA4C,CAAC,CAAA;QAC3D,CAAC;QACD,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,GAAiB,CAAA;QACzC,OAAO,IAAI,CAAC,UAAU,CAAC,eAAe,CAAC,IAAI,EAAE,SAAS,EAAE,GAAG,CAAC,CAAA;IAC9D,CAAC;IAED;;;;;;;OAOG;IACG,MAAM,CAAC,KAAsB,EAAE,OAAyB,EAAE,IAAY,EAAE,SAAiB;;;YAC7F,MAAM,SAAS,GAAG,MAAM,KAAK,CAAC,MAAM,CAAC,GAAG,IAAI,IAAI,SAAS,EAAE,CAAC,CAAA;YAC5D,MAAM,MAAM,GAAa,SAAS,CAAC,GAAW,CAAC,OAAmC,CAAC,GAAa,CAAA;YAChG,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC/B,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAA;YACzD,CAAC;YACD,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAA;YACjE,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,MAAM,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAA;YAC7E,CAAC;YACD,2GAA2G;YAC3G,MAAM,cAAc,GAAG,MAAA,MAAA,MAAM,CAAC,WAAW,0CAAE,kBAAkB,0CAAE,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAA;YACpF,IAAI,CAAC,cAAc,EAAE,CAAC;gBACpB,MAAM,IAAI,KAAK,CAAC,qEAAqE,CAAC,CAAA;YACxF,CAAC;YACD,wGAAwG;YACxG,4EAA4E;YAC5E,MAAM,GAAG,GAAG,cAAc,CAAC,YAA0B,CAAA;YACrD,OAAO,IAAI,CAAC,UAAU,CAAC,eAAe,CAAC,IAAI,EAAE,SAAS,EAAE,GAAG,CAAC,CAAA;QAC9D,CAAC;KAAA;IAED;;;;;OAKG;IACG,uBAAuB,CAAC,IAAkC,EAAE,OAAyB;;YACzF,kDAAkD;YAClD,IAAI,KAAsB,CAAA;YAC1B,MAAM,QAAQ,GAAa,CAAO,IAAY,EAAE,SAAiB,EAAE,EAAE,gDAAC,OAAA,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,CAAC,CAAA,GAAA,CAAA;YAClH,MAAM,UAAU,GAAe,CAAO,IAAY,EAAE,SAAiB,EAAE,OAAmB,EAAE,EAAE,gDAC5F,OAAA,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,CAAC,CAAA,GAAA,CAAA;YACzD,KAAK,GAAG,IAAI,2BAAe,CAAC;gBAC1B,QAAQ;gBACR,MAAM,EAAE,IAAI,CAAC,UAAU,CAAC,MAAM;gBAC9B,UAAU,EAAE,UAAU;aACvB,CAAC,CAAA;YACF,MAAM,gBAAgB,GAAG,MAAM,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,iBAAiB,EAAE,IAAI,CAAC,EAAE,CAAC,CAAA;YAE/F,OAAO,EAAE,gBAAgB,EAAE,CAAA;QAC7B,CAAC;KAAA;IAEO,mBAAmB,CAAC,OAAe;QACzC,QAAQ,OAAO,EAAE,CAAC;YAChB,KAAK,SAAS;gBACZ,OAAO,OAAO,CAAA;YAChB,KAAK,WAAW;gBACd,OAAO,QAAQ,CAAA;YACjB,KAAK,WAAW;gBACd,OAAO,OAAO,CAAA;YAChB;gBACE,MAAM,IAAI,KAAK,CAAC,wBAAwB,OAAO,EAAE,CAAC,CAAA;QACtD,CAAC;IACH,CAAC;CACF;AAzMD,kCAyMC"}
|
package/dist/ssi-sdk.sd-jwt.d.ts
CHANGED
|
@@ -255,6 +255,7 @@ export declare class SDJwtPlugin implements IAgentPlugin {
|
|
|
255
255
|
* @returns
|
|
256
256
|
*/
|
|
257
257
|
verifySdJwtPresentation(args: IVerifySdJwtPresentationArgs, context: IRequiredContext): Promise<IVerifySdJwtPresentationResult>;
|
|
258
|
+
private getKeyTypeAlgorithm;
|
|
258
259
|
}
|
|
259
260
|
|
|
260
261
|
export { }
|
package/dist/tsdoc-metadata.json
CHANGED
package/dist/types.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,eAAe,CAAA;AAChE,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAA;AAClD,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,WAAW,EAAE,gBAAgB,EAAE,SAAS,EAAE,MAAM,cAAc,CAAA;AAEnG;;;;;;;;;;;;;;;;;;;GAmBG;AACH,MAAM,WAAW,YAAa,SAAQ,gBAAgB;IACpD;;;;;;;OAOG;IACH;;;;OAIG;IACH,aAAa,CAAC,IAAI,EAAE,kBAAkB,EAAE,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAAA;IAEjG;;;;OAIG;IACH,uBAAuB,
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,eAAe,CAAA;AAChE,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAA;AAClD,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,WAAW,EAAE,gBAAgB,EAAE,SAAS,EAAE,MAAM,cAAc,CAAA;AAEnG;;;;;;;;;;;;;;;;;;;GAmBG;AACH,MAAM,WAAW,YAAa,SAAQ,gBAAgB;IACpD;;;;;;;OAOG;IACH;;;;OAIG;IACH,aAAa,CAAC,IAAI,EAAE,kBAAkB,EAAE,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAAA;IAEjG;;;;OAIG;IACH,uBAAuB,CAAC,IAAI,EAAE,4BAA4B,EAAE,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,8BAA8B,CAAC,CAAA;IAE/H;;;;OAIG;IACH,aAAa,CAAC,IAAI,EAAE,kBAAkB,EAAE,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAAA;IAEjG;;;;OAIG;IACH,uBAAuB,CAAC,IAAI,EAAE,4BAA4B,EAAE,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,8BAA8B,CAAC,CAAA;CAChI;AAED;;;;GAIG;AACH,MAAM,WAAW,kBAAkB;IACjC,iBAAiB,EAAE,cAAc,CAAA;IAGjC,eAAe,CAAC,EAAE,gBAAgB,CAAA;CACnC;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,GAAG,CAAC,EAAE,MAAM,EAAE,CAAA;IACd,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,MAAM,GAAG,gBAAgB,GAAG,SAAS,CAAA;CAC9D;AAED;;;;GAIG;AACH,MAAM,WAAW,oBAAoB;IACnC;;OAEG;IACH,UAAU,EAAE,MAAM,CAAA;CACnB;AAED;;;GAGG;AACH,MAAM,WAAW,4BAA4B;IAC3C;;OAEG;IACH,YAAY,EAAE,MAAM,CAAA;IAOpB,iBAAiB,CAAC,EAAE,kBAAkB,CAAA;IAEtC;;OAEG;IACH,EAAE,CAAC,EAAE,SAAS,CAAA;CACf;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,CAAC,CAAC,EAAE,MAAM,GAAG,OAAO,GAAG,kBAAkB,CAAA;CAC1C;AAED;;;GAGG;AACH,MAAM,WAAW,8BAA8B;IAC7C;;OAEG;IACH,YAAY,EAAE,MAAM,CAAA;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,UAAU,EAAE,MAAM,CAAA;CACnB;AAED;;GAEG;AACH,MAAM,MAAM,oBAAoB,GAAG;IACjC,gBAAgB,EAAE,OAAO,CAAA;CAC1B,CAAA;AAED;;GAEG;AACH,MAAM,WAAW,4BAA4B;IAC3C,YAAY,EAAE,MAAM,CAAA;IAEpB,iBAAiB,CAAC,EAAE,MAAM,EAAE,CAAA;IAE5B,EAAE,CAAC,EAAE,OAAO,CAAA;CACb;AAED;;GAEG;AACH,MAAM,MAAM,8BAA8B,GAAG;IAC3C,gBAAgB,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;CAC1C,CAAA;AAED;;;;;;;GAOG;AACH,MAAM,MAAM,gBAAgB,GAAG,aAAa,CAAC,WAAW,GAAG,SAAS,GAAG,WAAW,CAAC,CAAA;AACnF,MAAM,WAAW,mBAAmB;IAClC,aAAa,EAAE,aAAa,CAAA;IAC5B,MAAM,EAAE,MAAM,CAAA;IACd,eAAe,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,UAAU,KAAK,OAAO,CAAC,OAAO,CAAC,CAAA;CAC9F;AAED,MAAM,WAAW,MAAM;IACrB;;OAEG;IACH,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,GAAG,CAAC,EAAE;QACJ,GAAG,EAAE,UAAU,CAAA;KAChB,CAAA;IACD,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAA;CACvB"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@sphereon/ssi-sdk.sd-jwt",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.25.0",
|
|
4
4
|
"source": "src/index.ts",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|
|
@@ -17,17 +17,18 @@
|
|
|
17
17
|
"dependencies": {
|
|
18
18
|
"@sd-jwt/core": "^0.6.1",
|
|
19
19
|
"@sd-jwt/sd-jwt-vc": "^0.6.1",
|
|
20
|
-
"@sphereon/ssi-sdk-ext.did-utils": "0.
|
|
21
|
-
"@veramo/utils": "4.2.0"
|
|
20
|
+
"@sphereon/ssi-sdk-ext.did-utils": "0.20.0",
|
|
21
|
+
"@veramo/utils": "4.2.0",
|
|
22
|
+
"debug": "^4.3.5"
|
|
22
23
|
},
|
|
23
24
|
"devDependencies": {
|
|
24
25
|
"@sd-jwt/decode": "^0.6.1",
|
|
25
26
|
"@sd-jwt/types": "^0.6.1",
|
|
26
27
|
"@sd-jwt/utils": "^0.6.1",
|
|
27
|
-
"@sphereon/ssi-sdk-ext.did-provider-jwk": "0.
|
|
28
|
-
"@sphereon/ssi-sdk-ext.did-resolver-jwk": "0.
|
|
29
|
-
"@sphereon/ssi-sdk-ext.key-manager": "0.
|
|
30
|
-
"@sphereon/ssi-sdk-ext.kms-local": "0.
|
|
28
|
+
"@sphereon/ssi-sdk-ext.did-provider-jwk": "0.20.0",
|
|
29
|
+
"@sphereon/ssi-sdk-ext.did-resolver-jwk": "0.20.0",
|
|
30
|
+
"@sphereon/ssi-sdk-ext.key-manager": "0.20.0",
|
|
31
|
+
"@sphereon/ssi-sdk-ext.kms-local": "0.20.0",
|
|
31
32
|
"@types/node": "18.15.3",
|
|
32
33
|
"@veramo/core": "4.2.0",
|
|
33
34
|
"@veramo/data-store": "4.2.0",
|
|
@@ -61,5 +62,5 @@
|
|
|
61
62
|
"Selective Disclosure",
|
|
62
63
|
"Verifiable Credential"
|
|
63
64
|
],
|
|
64
|
-
"gitHead": "
|
|
65
|
+
"gitHead": "99bf4e65105924a3a186bb15e402ae8457731400"
|
|
65
66
|
}
|
|
@@ -10,35 +10,22 @@ import { decodeSdJwt } from '@sd-jwt/decode'
|
|
|
10
10
|
import { KBJwt } from '@sd-jwt/core'
|
|
11
11
|
import { ISDJwtPlugin, SDJwtPlugin } from '../index'
|
|
12
12
|
import { createHash, randomBytes, subtle } from 'crypto'
|
|
13
|
-
import {MemoryKeyStore, MemoryPrivateKeyStore, SphereonKeyManager} from '@sphereon/ssi-sdk-ext.key-manager'
|
|
14
|
-
import {SphereonKeyManagementSystem} from '@sphereon/ssi-sdk-ext.kms-local'
|
|
13
|
+
import { MemoryKeyStore, MemoryPrivateKeyStore, SphereonKeyManager } from '@sphereon/ssi-sdk-ext.key-manager'
|
|
14
|
+
import { SphereonKeyManagementSystem } from '@sphereon/ssi-sdk-ext.kms-local'
|
|
15
15
|
|
|
16
16
|
const generateDigest = (data: string, algorithm: string) => {
|
|
17
17
|
return createHash(algorithm).update(data).digest()
|
|
18
18
|
}
|
|
19
19
|
|
|
20
20
|
const generateSalt = (): string => {
|
|
21
|
-
return randomBytes(16).toString('hex')
|
|
21
|
+
return randomBytes(16).toString('hex')
|
|
22
22
|
}
|
|
23
23
|
|
|
24
24
|
async function verifySignature<T>(data: string, signature: string, key: JsonWebKey) {
|
|
25
25
|
let { alg, crv } = key
|
|
26
26
|
if (alg === 'ES256') alg = 'ECDSA'
|
|
27
|
-
const publicKey = await subtle.importKey(
|
|
28
|
-
|
|
29
|
-
key,
|
|
30
|
-
{ name: alg, namedCurve: crv } as EcKeyImportParams,
|
|
31
|
-
true,
|
|
32
|
-
['verify'],
|
|
33
|
-
)
|
|
34
|
-
return Promise.resolve(
|
|
35
|
-
subtle.verify(
|
|
36
|
-
{ name: alg as string, hash: 'SHA-256' },
|
|
37
|
-
publicKey,
|
|
38
|
-
Buffer.from(signature, 'base64'),
|
|
39
|
-
Buffer.from(data),
|
|
40
|
-
),
|
|
41
|
-
)
|
|
27
|
+
const publicKey = await subtle.importKey('jwk', key, { name: alg, namedCurve: crv } as EcKeyImportParams, true, ['verify'])
|
|
28
|
+
return Promise.resolve(subtle.verify({ name: alg as string, hash: 'SHA-256' }, publicKey, Buffer.from(signature, 'base64'), Buffer.from(data)))
|
|
42
29
|
}
|
|
43
30
|
|
|
44
31
|
type AgentType = IDIDManager & IKeyManager & IResolver & ISDJwtPlugin
|
|
@@ -77,7 +64,7 @@ describe('Agent plugin', () => {
|
|
|
77
64
|
new SDJwtPlugin({
|
|
78
65
|
hasher: generateDigest,
|
|
79
66
|
saltGenerator: generateSalt,
|
|
80
|
-
verifySignature
|
|
67
|
+
verifySignature,
|
|
81
68
|
}),
|
|
82
69
|
new SphereonKeyManager({
|
|
83
70
|
store: new MemoryKeyStore(),
|
|
@@ -102,26 +89,26 @@ describe('Agent plugin', () => {
|
|
|
102
89
|
],
|
|
103
90
|
})
|
|
104
91
|
issuer = await agent
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
92
|
+
.didManagerCreate({
|
|
93
|
+
kms: 'local',
|
|
94
|
+
provider: 'did:jwk',
|
|
95
|
+
alias: 'issuer',
|
|
96
|
+
//we use this curve since nodejs does not support ES256k which is the default one.
|
|
97
|
+
options: { keyType: 'Secp256r1' },
|
|
98
|
+
})
|
|
99
|
+
.then((did) => {
|
|
100
|
+
// we add a key reference
|
|
101
|
+
return `${did.did}#0`
|
|
102
|
+
})
|
|
116
103
|
holder = await agent
|
|
117
|
-
|
|
118
|
-
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
|
|
124
|
-
|
|
104
|
+
.didManagerCreate({
|
|
105
|
+
kms: 'local',
|
|
106
|
+
provider: 'did:jwk',
|
|
107
|
+
alias: 'holder',
|
|
108
|
+
//we use this curve since nodejs does not support ES256k which is the default one.
|
|
109
|
+
options: { keyType: 'Secp256r1' },
|
|
110
|
+
})
|
|
111
|
+
.then((did) => `${did.did}#0`)
|
|
125
112
|
claims.sub = holder
|
|
126
113
|
})
|
|
127
114
|
|
|
@@ -200,9 +187,7 @@ describe('Agent plugin', () => {
|
|
|
200
187
|
it('create presentation with cnf', async () => {
|
|
201
188
|
const did = await agent.didManagerFind({ alias: 'holder' }).then((dids) => dids[0])
|
|
202
189
|
const resolvedDid = await agent.resolveDid({ didUrl: `${did.did}#0` })
|
|
203
|
-
const jwk: JsonWebKey = (
|
|
204
|
-
(resolvedDid.didDocument as DIDDocument).verificationMethod as VerificationMethod[]
|
|
205
|
-
)[0].publicKeyJwk as JsonWebKey
|
|
190
|
+
const jwk: JsonWebKey = ((resolvedDid.didDocument as DIDDocument).verificationMethod as VerificationMethod[])[0].publicKeyJwk as JsonWebKey
|
|
206
191
|
const credentialPayload: SdJwtVcPayload = {
|
|
207
192
|
...claims,
|
|
208
193
|
cnf: {
|
|
@@ -262,9 +247,7 @@ describe('Agent plugin', () => {
|
|
|
262
247
|
|
|
263
248
|
it('verify a presentation', async () => {
|
|
264
249
|
const holderDId = await agent.resolveDid({ didUrl: holder })
|
|
265
|
-
const jwk: JsonWebKey = (
|
|
266
|
-
(holderDId.didDocument as DIDDocument).verificationMethod as VerificationMethod[]
|
|
267
|
-
)[0].publicKeyJwk as JsonWebKey
|
|
250
|
+
const jwk: JsonWebKey = ((holderDId.didDocument as DIDDocument).verificationMethod as VerificationMethod[])[0].publicKeyJwk as JsonWebKey
|
|
268
251
|
const credentialPayload: SdJwtVcPayload = {
|
|
269
252
|
...claims,
|
|
270
253
|
iss: issuer,
|
|
@@ -301,9 +284,7 @@ describe('Agent plugin', () => {
|
|
|
301
284
|
|
|
302
285
|
it('verify a presentation with sub set', async () => {
|
|
303
286
|
const holderDId = await agent.resolveDid({ didUrl: holder })
|
|
304
|
-
const jwk: JsonWebKey = (
|
|
305
|
-
(holderDId.didDocument as DIDDocument).verificationMethod as VerificationMethod[]
|
|
306
|
-
)[0].publicKeyJwk as JsonWebKey
|
|
287
|
+
const jwk: JsonWebKey = ((holderDId.didDocument as DIDDocument).verificationMethod as VerificationMethod[])[0].publicKeyJwk as JsonWebKey
|
|
307
288
|
const credentialPayload: SdJwtVcPayload = {
|
|
308
289
|
...claims,
|
|
309
290
|
iss: issuer,
|
package/src/action-handler.ts
CHANGED
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
import Debug from 'debug'
|
|
2
|
+
|
|
1
3
|
import { schema } from './index'
|
|
2
4
|
import { Jwt, SDJwt } from '@sd-jwt/core'
|
|
3
5
|
import { SDJwtVcInstance, SdJwtVcPayload } from '@sd-jwt/sd-jwt-vc'
|
|
@@ -19,7 +21,7 @@ import {
|
|
|
19
21
|
} from './types'
|
|
20
22
|
import { mapIdentifierKeysToDocWithJwkSupport } from '@sphereon/ssi-sdk-ext.did-utils'
|
|
21
23
|
import { encodeJoseBlob } from '@veramo/utils'
|
|
22
|
-
|
|
24
|
+
const debug = Debug('sd-jwt')
|
|
23
25
|
/**
|
|
24
26
|
* @beta
|
|
25
27
|
* SD-JWT plugin for Veramo
|
|
@@ -62,10 +64,7 @@ export class SDJwtPlugin implements IAgentPlugin {
|
|
|
62
64
|
hashAlg: 'SHA-256',
|
|
63
65
|
})
|
|
64
66
|
|
|
65
|
-
const credential = await sdjwt.issue(
|
|
66
|
-
args.credentialPayload,
|
|
67
|
-
args.disclosureFrame as DisclosureFrame<typeof args.credentialPayload>,
|
|
68
|
-
)
|
|
67
|
+
const credential = await sdjwt.issue(args.credentialPayload, args.disclosureFrame as DisclosureFrame<typeof args.credentialPayload>)
|
|
69
68
|
return { credential }
|
|
70
69
|
}
|
|
71
70
|
|
|
@@ -76,6 +75,7 @@ export class SDJwtPlugin implements IAgentPlugin {
|
|
|
76
75
|
* @returns the key to sign the SD-JWT
|
|
77
76
|
*/
|
|
78
77
|
private async getSignKey(issuer: string, context: IRequiredContext) {
|
|
78
|
+
debug(`Getting signing key for issuer ${issuer}`)
|
|
79
79
|
const identifier = await context.agent.didManagerGet({
|
|
80
80
|
did: issuer.split('#')[0],
|
|
81
81
|
})
|
|
@@ -87,21 +87,8 @@ export class SDJwtPlugin implements IAgentPlugin {
|
|
|
87
87
|
if (!key) {
|
|
88
88
|
throw new Error(`No key found with the given id: ${issuer}`)
|
|
89
89
|
}
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
switch (key.type) {
|
|
93
|
-
case 'Ed25519':
|
|
94
|
-
alg = 'EdDSA'
|
|
95
|
-
break
|
|
96
|
-
case 'Secp256k1':
|
|
97
|
-
alg = 'ES256K'
|
|
98
|
-
break
|
|
99
|
-
case 'Secp256r1':
|
|
100
|
-
alg = 'ES256'
|
|
101
|
-
break
|
|
102
|
-
default:
|
|
103
|
-
throw new Error(`unsupported key type ${key.type}`)
|
|
104
|
-
}
|
|
90
|
+
const alg = this.getKeyTypeAlgorithm(key.type)
|
|
91
|
+
debug(`Signing key ${key.publicKeyHex} found for issuer ${issuer}`)
|
|
105
92
|
|
|
106
93
|
return { alg, key }
|
|
107
94
|
}
|
|
@@ -119,7 +106,7 @@ export class SDJwtPlugin implements IAgentPlugin {
|
|
|
119
106
|
// we primarly look for a cnf field, if it's not there we look for a sub field. If this is also not given, we throw an error since we can not sign it.
|
|
120
107
|
if (claims.cnf?.jwk) {
|
|
121
108
|
const key = claims.cnf.jwk
|
|
122
|
-
//TODO: convert the JWK to hex and search for the appropriate key and associated DID
|
|
109
|
+
//TODO SDK-19: convert the JWK to hex and search for the appropriate key and associated DID
|
|
123
110
|
//doesn't apply to did:jwk only, as you can represent any DID key as a JWK. So whenever you encounter a JWK it doesn't mean it had to come from a did:jwk in the system. It just can always be represented as a did:jwk
|
|
124
111
|
holderDID = `did:jwk:${encodeJoseBlob(key)}#0`
|
|
125
112
|
} else if (claims.sub) {
|
|
@@ -139,11 +126,7 @@ export class SDJwtPlugin implements IAgentPlugin {
|
|
|
139
126
|
kbSigner: signer,
|
|
140
127
|
kbSignAlg: alg,
|
|
141
128
|
})
|
|
142
|
-
const credential = await sdjwt.present(
|
|
143
|
-
args.presentation,
|
|
144
|
-
args.presentationFrame as PresentationFrame<SdJwtVcPayload>,
|
|
145
|
-
{ kb: args.kb },
|
|
146
|
-
)
|
|
129
|
+
const credential = await sdjwt.present(args.presentation, args.presentationFrame as PresentationFrame<SdJwtVcPayload>, { kb: args.kb })
|
|
147
130
|
return { presentation: credential }
|
|
148
131
|
}
|
|
149
132
|
|
|
@@ -156,8 +139,7 @@ export class SDJwtPlugin implements IAgentPlugin {
|
|
|
156
139
|
async verifySdJwtVc(args: IVerifySdJwtVcArgs, context: IRequiredContext): Promise<IVerifySdJwtVcResult> {
|
|
157
140
|
// biome-ignore lint/style/useConst: <explanation>
|
|
158
141
|
let sdjwt: SDJwtVcInstance
|
|
159
|
-
const verifier: Verifier = async (data: string, signature: string) =>
|
|
160
|
-
this.verify(sdjwt, context, data, signature)
|
|
142
|
+
const verifier: Verifier = async (data: string, signature: string) => this.verify(sdjwt, context, data, signature)
|
|
161
143
|
|
|
162
144
|
sdjwt = new SDJwtVcInstance({ verifier, hasher: this.algorithms.hasher })
|
|
163
145
|
const verifiedPayloads = await sdjwt.verify(args.credential)
|
|
@@ -200,12 +182,12 @@ export class SDJwtPlugin implements IAgentPlugin {
|
|
|
200
182
|
if (!didDoc) {
|
|
201
183
|
throw new Error('invalid_issuer: issuer did not resolve to a did document')
|
|
202
184
|
}
|
|
203
|
-
//TODO: This should be checking for an assertionMethod and not just an verificationMethod with an id
|
|
185
|
+
//TODO SDK-20: This should be checking for an assertionMethod and not just an verificationMethod with an id
|
|
204
186
|
const didDocumentKey = didDoc.didDocument?.verificationMethod?.find((key) => key.id)
|
|
205
187
|
if (!didDocumentKey) {
|
|
206
188
|
throw new Error('invalid_issuer: issuer did document does not include referenced key')
|
|
207
189
|
}
|
|
208
|
-
//FIXME: in case it's another did method, the value of the key can be also encoded as a base64url
|
|
190
|
+
//FIXME SDK-21: in case it's another did method, the value of the key can be also encoded as a base64url
|
|
209
191
|
//needs more checks. some DID methods do not expose the keys as publicKeyJwk
|
|
210
192
|
const key = didDocumentKey.publicKeyJwk as JsonWebKey
|
|
211
193
|
return this.algorithms.verifySignature(data, signature, key)
|
|
@@ -220,8 +202,7 @@ export class SDJwtPlugin implements IAgentPlugin {
|
|
|
220
202
|
async verifySdJwtPresentation(args: IVerifySdJwtPresentationArgs, context: IRequiredContext): Promise<IVerifySdJwtPresentationResult> {
|
|
221
203
|
// biome-ignore lint/style/useConst: <explanation>
|
|
222
204
|
let sdjwt: SDJwtVcInstance
|
|
223
|
-
const verifier: Verifier = async (data: string, signature: string) =>
|
|
224
|
-
this.verify(sdjwt, context, data, signature)
|
|
205
|
+
const verifier: Verifier = async (data: string, signature: string) => this.verify(sdjwt, context, data, signature)
|
|
225
206
|
const verifierKb: KbVerifier = async (data: string, signature: string, payload: JwtPayload) =>
|
|
226
207
|
this.verifyKb(sdjwt, context, data, signature, payload)
|
|
227
208
|
sdjwt = new SDJwtVcInstance({
|
|
@@ -233,4 +214,17 @@ export class SDJwtPlugin implements IAgentPlugin {
|
|
|
233
214
|
|
|
234
215
|
return { verifiedPayloads }
|
|
235
216
|
}
|
|
217
|
+
|
|
218
|
+
private getKeyTypeAlgorithm(keyType: string) {
|
|
219
|
+
switch (keyType) {
|
|
220
|
+
case 'Ed25519':
|
|
221
|
+
return 'EdDSA'
|
|
222
|
+
case 'Secp256k1':
|
|
223
|
+
return 'ES256K'
|
|
224
|
+
case 'Secp256r1':
|
|
225
|
+
return 'ES256'
|
|
226
|
+
default:
|
|
227
|
+
throw new Error(`unsupported key type ${keyType}`)
|
|
228
|
+
}
|
|
229
|
+
}
|
|
236
230
|
}
|
package/src/types.ts
CHANGED
|
@@ -43,10 +43,7 @@ export interface ISDJwtPlugin extends IPluginMethodMap {
|
|
|
43
43
|
* @param args - Arguments necessary for the creation of a SD-JWT presentation.
|
|
44
44
|
* @param context - This reserved param is automatically added and handled by the framework, *do not override*
|
|
45
45
|
*/
|
|
46
|
-
createSdJwtPresentation(
|
|
47
|
-
args: ICreateSdJwtPresentationArgs,
|
|
48
|
-
context: IRequiredContext,
|
|
49
|
-
): Promise<ICreateSdJwtPresentationResult>
|
|
46
|
+
createSdJwtPresentation(args: ICreateSdJwtPresentationArgs, context: IRequiredContext): Promise<ICreateSdJwtPresentationResult>
|
|
50
47
|
|
|
51
48
|
/**
|
|
52
49
|
* Verify a signed SD-JWT credential.
|
|
@@ -60,10 +57,7 @@ export interface ISDJwtPlugin extends IPluginMethodMap {
|
|
|
60
57
|
* @param args - Arguments necessary for the verification of a SD-JWT presentation.
|
|
61
58
|
* @param context - This reserved param is automatically added and handled by the framework, *do not override*
|
|
62
59
|
*/
|
|
63
|
-
verifySdJwtPresentation(
|
|
64
|
-
args: IVerifySdJwtPresentationArgs,
|
|
65
|
-
context: IRequiredContext,
|
|
66
|
-
): Promise<IVerifySdJwtPresentationResult>
|
|
60
|
+
verifySdJwtPresentation(args: IVerifySdJwtPresentationArgs, context: IRequiredContext): Promise<IVerifySdJwtPresentationResult>
|
|
67
61
|
}
|
|
68
62
|
|
|
69
63
|
/**
|