eudiplo documentation
  1. Classes
  2. KeyService

File

src/crypto/key/key.service.ts

Description

Generic interface for a key service

Index

Methods

Constructor

constructor(configService: ConfigService, certRepository: Repository<CertEntity>)
Defined in src/crypto/key/key.service.ts:30
Parameters :
Name Type Optional
configService ConfigService No
certRepository Repository<CertEntity> No

Methods

Abstract create
create(tenantId)
Defined in src/crypto/key/key.service.ts:48

Creates a new keypair

Parameters :
Name Optional
tenantId No
Returns : Promise<string>

key id of the generated key.
Protected getCertificate
getCertificate(tenantId: string, keyId: string)
Defined in src/crypto/key/key.service.ts:105

Get the certificate for the given key id.

Parameters :
Name Type Optional
tenantId string No
keyId string No
Returns : Promise<string>
Abstract getKeys
getKeys(tenantId: string)
Defined in src/crypto/key/key.service.ts:69
Parameters :
Name Type Optional
tenantId string No
Returns : Promise<KeyObj[]>
Abstract getKid
getKid(tenantId: string, type?: CertificateType)
Defined in src/crypto/key/key.service.ts:67

Get the key id

Parameters :
Name Type Optional
tenantId string No
type CertificateType Yes
Returns : Promise<string>
Abstract getPublicKey
getPublicKey(type, tenantId: string, keyId?: string)
Defined in src/crypto/key/key.service.ts:75

Get the public key

Parameters :
Name Type Optional
type No
tenantId string No
keyId string Yes
Returns : Promise<JWK>
Abstract getPublicKey
getPublicKey(type, tenantId: string, keyId?: string)
Defined in src/crypto/key/key.service.ts:80
Parameters :
Name Type Optional
type No
tenantId string No
keyId string Yes
Returns : Promise<string>
Abstract getPublicKey
getPublicKey(type: "pem" | "jwk", tenantId: string, keyId?: string)
Defined in src/crypto/key/key.service.ts:85
Parameters :
Name Type Optional
type "pem" | "jwk" No
tenantId string No
keyId string Yes
Returns : Promise<JWK | string>
Abstract import
import(tenantId: string, body: KeyImportDto)
Defined in src/crypto/key/key.service.ts:55

Import a key into the key service.

Parameters :
Name Type Optional
tenantId string No
body KeyImportDto No
Returns : Promise<string>
Abstract init
init(tenantId)
Defined in src/crypto/key/key.service.ts:41

Initialize the key service

Parameters :
Name Optional
tenantId No
Returns : Promise<string>

key id of the initialized key.
Abstract signer
signer(tenantId: string, keyId?: string)
Defined in src/crypto/key/key.service.ts:61

Get the callback for the signer function

Parameters :
Name Type Optional
tenantId string No
keyId string Yes
Returns : Promise<Signer>
Abstract signJWT
signJWT(payload: JWTPayload, header: JoseHeaderParameters, tenantId: string, keyId?: string)
Defined in src/crypto/key/key.service.ts:92
Parameters :
Name Type Optional
payload JWTPayload No
header JoseHeaderParameters No
tenantId string No
keyId string Yes
Returns : Promise<string> 
import { Signer } from '@sd-jwt/types';
import { JWK, JWTPayload, JoseHeaderParameters } from 'jose';
import { KeyImportDto } from './dto/key-import.dto';
import { ConfigService } from '@nestjs/config';
import { Repository } from 'typeorm';
import { CertEntity, CertificateType } from './entities/cert.entity';
import { ConflictException } from '@nestjs/common';

/**
 * Represents a key entity with its unique identifier, public key, and certificate.
 */
export class KeyObj {
    /**
     * Unique identifier for the key.
     */
    id: string;
    /**
     * Public key in JWK format.
     */
    publicKey: JWK;
    /**
     * Certificate in PEM format.
     */
    crt: string;
}

/**
 * Generic interface for a key service
 */
export abstract class KeyService {
    constructor(
        protected configService: ConfigService,
        protected certRepository: Repository<CertEntity>,
    ) {}

    /**
     * Initialize the key service
     * @param tenantId
     * @returns key id of the initialized key.
     */
    abstract init(tenantId): Promise<string>;

    /**
     * Creates a new keypair
     * @param tenantId
     * @return key id of the generated key.
     */
    abstract create(tenantId): Promise<string>;

    /**
     * Import a key into the key service.
     * @param tenantId
     * @param body
     */
    abstract import(tenantId: string, body: KeyImportDto): Promise<string>;

    /**
     * Get the callback for the signer function
     * @param tenantId
     */
    abstract signer(tenantId: string, keyId?: string): Promise<Signer>;

    /**
     * Get the key id
     * @returns
     */
    abstract getKid(tenantId: string, type?: CertificateType): Promise<string>;

    abstract getKeys(tenantId: string): Promise<KeyObj[]>;

    /**
     * Get the public key
     * @returns
     */
    abstract getPublicKey(
        type: 'jwk',
        tenantId: string,
        keyId?: string,
    ): Promise<JWK>;
    abstract getPublicKey(
        type: 'pem',
        tenantId: string,
        keyId?: string,
    ): Promise<string>;
    abstract getPublicKey(
        type: 'pem' | 'jwk',
        tenantId: string,
        keyId?: string,
    ): Promise<JWK | string>;

    //TODO: this can be handled via the signer callback
    abstract signJWT(
        payload: JWTPayload,
        header: JoseHeaderParameters,
        tenantId: string,
        keyId?: string,
    ): Promise<string>;

    /**
     * Get the certificate for the given key id.
     * @param tenantId
     * @param keyId
     * @returns
     */
    protected getCertificate(tenantId: string, keyId: string): Promise<string> {
        return this.certRepository
            .findOneByOrFail({
                tenantId,
                keyId,
            })
            .then(
                (cert) => cert.crt,
                () => {
                    throw new ConflictException('Certificate not found');
                },
            );
    }
}

results matching ""

    No results matching ""