UNPKG

@sphereon/gx-compliance-client

Version:

<!--suppress HtmlDeprecatedAttribute --> <h1 align="center"> <br> <a href="https://www.sphereon.com"><img src="https://sphereon.com/content/themes/sphereon/assets/img/logo.svg" alt="Sphereon" width="400"></a> <br>Gaia-X Compliance client (Typescript

github.com/Sphereon/gx-agent

Sphereon/gx-agent

75 lines (68 loc) 3.13 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
import { DIDDocument, IIdentifier, IService } from '@veramo/core' import { ExportFileResult, GXRequiredContext, IImportDIDArg } from '../types' import { privateKeyHexFromPEM, publicKeyHexFromPEM, x5cToPemCertChain } from '@sphereon/ssi-sdk-did-utils' import { exportToDIDDocument } from '../utils' import fs from 'fs' import { TKeyType } from '@veramo/core/src/types/IIdentifier' export class DID { public static async createDIDFromX509( { domain, privateKeyPEM, certificatePEM, certificateChainPEM, certificateChainURL, kms, kid }: IImportDIDArg, context: GXRequiredContext ): Promise<IIdentifier> { const x509 = { cn: domain, certificatePEM, certificateChainPEM, privateKeyPEM, certificateChainURL, } const privateKeyHex = privateKeyHexFromPEM(privateKeyPEM) const meta = { x509 } const kidResult = kid ? kid : publicKeyHexFromPEM(privateKeyPEM) const controllerKeyId = kidResult //kid ? (kidResult.includes(domain) ? kidResult : `${domain}#${kid}`) : `${domain}#JWK2020-RSA` return await context.agent.didManagerImport({ did: `did:web:${domain}`, provider: 'did:web', alias: domain, keys: [{ kid: kid ? kid : kidResult, privateKeyHex, type: 'RSA' as TKeyType, meta, kms: kms ? kms : 'local' }], controllerKeyId, }) } public static async exportDocument( { domain, services }: { domain: string; services?: IService[] }, context: GXRequiredContext ): Promise<DIDDocument> { const id = await context.agent.didManagerGet({ did: `did:web:${domain}` }) return await exportToDIDDocument(id, { services }) } public static async exportToPath( { domain, services, path }: { domain: string; path?: string; services?: IService[] }, context: GXRequiredContext ): Promise<ExportFileResult[]> { const id = await context.agent.didManagerGet({ did: `did:web:${domain}` }) // we go through the agent from the context const doc = await context.agent.exportDIDDocument({ domain, services }) const basePath = path ? `./${path.replace('.well-known', '')}/${domain}` : `./exported/${domain}` const exports: ExportFileResult[] = [] const didPath = `${basePath}/.well-known/did.json` exports.push({ file: 'did.json', path: didPath }) fs.mkdirSync(`${basePath}/.well-known`, { recursive: true }) fs.writeFileSync(didPath, JSON.stringify(doc, null, 2)) id.keys.forEach((key) => { if (key.type !== ('RSA' as TKeyType)) { return } if (key.meta?.x509?.x5u && key.meta?.x509?.x5c) { const x5cPath = `${basePath}/${key.meta.x509.x5u.replace(/https?:\/\/[^/]+\//, '')}` const file = x5cPath.split('\\').pop()!.split('/').pop()! fs.mkdirSync(x5cPath.replace(file, ''), { recursive: true }) if (!file) { throw Error(`Could not deduce path for x5 ca chain from x5u URL ${key.meta.x509.x5u}`) } fs.writeFileSync(x5cPath, key.meta.certChainPEM ? key.meta.certChainPEM : x5cToPemCertChain(key.meta.x509.x5c)) exports.push({ file, path: x5cPath }) } }) return exports } }