UNPKG

@sphereon/ssi-sdk-ext.key-utils

Version:

Sphereon SSI-SDK plugin for key creation.

66 lines (53 loc) 2.39 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
import type { IKey, MinimalImportableKey } from '@veramo/core' export const JWK_JCS_PUB_NAME = 'jwk_jcs-pub' as const export const JWK_JCS_PUB_PREFIX = 0xeb51 export type TKeyType = 'Ed25519' | 'Secp256k1' | 'Secp256r1' | 'Secp384r1' | 'Secp521r1' | 'X25519' | 'Bls12381G1' | 'Bls12381G2' | 'RSA' export enum Key { Ed25519 = 'Ed25519', Secp256k1 = 'Secp256k1', Secp256r1 = 'Secp256r1', } export enum JwkKeyUse { Encryption = 'enc', Signature = 'sig', } export const SIG_KEY_ALGS = ['ES256', 'ES384', 'ES512', 'EdDSA', 'ES256K', 'Ed25519', 'Secp256k1', 'Secp256r1', 'Bls12381G1', 'Bls12381G2'] export const ENC_KEY_ALGS = ['X25519', 'ECDH_ES_A256KW', 'RSA_OAEP_256'] export type KeyVisibility = 'public' | 'private' export type DigestAlgorithm = 'SHA-256' | 'sha256' | 'SHA-384' | 'sha384' | 'SHA-512' | 'sha512' export interface X509Opts { cn?: string // The certificate Common Name. Will be used as the KID for the private key. Uses alias if not provided. privateKeyPEM?: string // Optional as you also need to provide it in hex format, but advisable to use it certificatePEM?: string // Optional, as long as the certificate then is part of the certificateChainPEM certificateChainURL?: string // Certificate chain URL. If used this is where the certificateChainPEM will be hosted/found. certificateChainPEM?: string // Base64 (not url!) encoded DER certificate chain. Please provide even if certificateChainURL is used! } export interface IImportProvidedOrGeneratedKeyArgs { providerName: string kms?: string alias?: string options?: IKeyOpts } export interface IKeyOpts { key?: Partial<MinimalImportableKey> // Optional key to import with only privateKeyHex mandatory. If not specified a key with random kid will be created type?: Exclude<TKeyType, 'Secp384r1' | 'Secp521r1'> // The key type. Defaults to Secp256k1. The exclude is there as we do not support it yet for key generation use?: JwkKeyUse // The key use x509?: X509Opts } /* // Needed to make a single property required type WithRequiredProperty<Type, Key extends keyof Type> = Type & { [Property in Key]-?: Type[Property] }*/ export type SignatureAlgorithmFromKeyArgs = { key: IKey } export type SignatureAlgorithmFromKeyTypeArgs = { type: TKeyType algorithms?: string[] } export type KeyTypeFromCryptographicSuiteArgs = { crv?: string kty?: string alg?: string }