File

src/crypto/key/key.service.ts

Description

Generic interface for a key service

Index

Methods

Abstract create
Protected getCertificate
Abstract getKid
Abstract getPublicKey
Abstract getPublicKey
Abstract getPublicKey
Abstract import
Abstract init
Abstract signer
Abstract signJWT

Constructor

constructor(configService: ConfigService, certRepository: Repository<CertEntity>)

Defined in src/crypto/key/key.service.ts:12

Parameters :

Name	Type	Optional
configService	`ConfigService`	No
certRepository	`Repository<CertEntity>`	No

Methods

Abstract create

create(tenantId)

Defined in src/crypto/key/key.service.ts:30

Creates a new keypair

Parameters :

Name	Optional
tenantId	No

Returns : Promise<string>

key id of the generated key.

Protected getCertificate

getCertificate(tenantId: string, keyId: string)

Defined in src/crypto/key/key.service.ts:85

Get the certificate for the given key id.

Parameters :

Name	Type	Optional
tenantId	`string`	No
keyId	`string`	No

Returns : Promise<string>

Abstract getKid

getKid(tenantId: string, type?: CertificateType)

Defined in src/crypto/key/key.service.ts:49

Get the key id

Parameters :

Name	Type	Optional
tenantId	`string`	No
type	`CertificateType`	Yes

Returns : Promise<string>

Abstract getPublicKey

getPublicKey(type, tenantId: string, keyId?: string)

Defined in src/crypto/key/key.service.ts:55

Get the public key

Parameters :

Name	Type	Optional
type		No
tenantId	`string`	No
keyId	`string`	Yes

Returns : Promise<JWK>

Abstract getPublicKey

getPublicKey(type, tenantId: string, keyId?: string)

Defined in src/crypto/key/key.service.ts:60

Parameters :

Name	Type	Optional
type		No
tenantId	`string`	No
keyId	`string`	Yes

Returns : Promise<string>

Abstract getPublicKey

getPublicKey(type: "pem" | "jwk", tenantId: string, keyId?: string)

Defined in src/crypto/key/key.service.ts:65

Parameters :

Name	Type	Optional
type	`"pem" \| "jwk"`	No
tenantId	`string`	No
keyId	`string`	Yes

Returns : Promise<JWK | string>

Abstract import

import(tenantId: string, body: KeyImportDto)

Defined in src/crypto/key/key.service.ts:37

Import a key into the key service.

Parameters :

Name	Type	Optional
tenantId	`string`	No
body	`KeyImportDto`	No

Returns : Promise<string>

Abstract init

init(tenantId)

Defined in src/crypto/key/key.service.ts:23

Initialize the key service

Parameters :

Name	Optional
tenantId	No

Returns : Promise<string>

key id of the initialized key.

Abstract signer

signer(tenantId: string, keyId?: string)

Defined in src/crypto/key/key.service.ts:43

Get the callback for the signer function

Parameters :

Name	Type	Optional
tenantId	`string`	No
keyId	`string`	Yes

Returns : Promise<Signer>

Abstract signJWT

signJWT(payload: JWTPayload, header: JoseHeaderParameters, tenantId: string, keyId?: string)

Defined in src/crypto/key/key.service.ts:72

Parameters :

Name	Type	Optional
payload	`JWTPayload`	No
header	`JoseHeaderParameters`	No
tenantId	`string`	No
keyId	`string`	Yes

Returns : Promise<string>

import { ConflictException } from "@nestjs/common";
import { ConfigService } from "@nestjs/config";
import { Signer } from "@sd-jwt/types";
import { JoseHeaderParameters, JWK, JWTPayload } from "jose";
import { Repository } from "typeorm";
import { KeyImportDto } from "./dto/key-import.dto";
import { CertEntity, CertificateType } from "./entities/cert.entity";

/**
 * Generic interface for a key service
 */
export abstract class KeyService {
    constructor(
        protected configService: ConfigService,
        protected certRepository: Repository<CertEntity>,
    ) {}

    /**
     * Initialize the key service
     * @param tenantId
     * @returns key id of the initialized key.
     */
    abstract init(tenantId): Promise<string>;

    /**
     * Creates a new keypair
     * @param tenantId
     * @return key id of the generated key.
     */
    abstract create(tenantId): Promise<string>;

    /**
     * Import a key into the key service.
     * @param tenantId
     * @param body
     */
    abstract import(tenantId: string, body: KeyImportDto): Promise<string>;

    /**
     * Get the callback for the signer function
     * @param tenantId
     */
    abstract signer(tenantId: string, keyId?: string): Promise<Signer>;

    /**
     * Get the key id
     * @returns
     */
    abstract getKid(tenantId: string, type?: CertificateType): Promise<string>;

    /**
     * Get the public key
     * @returns
     */
    abstract getPublicKey(
        type: "jwk",
        tenantId: string,
        keyId?: string,
    ): Promise<JWK>;
    abstract getPublicKey(
        type: "pem",
        tenantId: string,
        keyId?: string,
    ): Promise<string>;
    abstract getPublicKey(
        type: "pem" | "jwk",
        tenantId: string,
        keyId?: string,
    ): Promise<JWK | string>;

    //TODO: this can be handled via the signer callback
    abstract signJWT(
        payload: JWTPayload,
        header: JoseHeaderParameters,
        tenantId: string,
        keyId?: string,
    ): Promise<string>;

    /**
     * Get the certificate for the given key id.
     * @param tenantId
     * @param keyId
     * @returns
     */
    protected getCertificate(tenantId: string, keyId: string): Promise<string> {
        return this.certRepository
            .findOneByOrFail({
                tenantId,
                id: keyId,
            })
            .then(
                (cert) => cert.crt,
                () => {
                    throw new ConflictException("Certificate not found");
                },
            );
    }
}

File

Description

Index

Methods

Constructor

Methods

results matching ""

No results matching ""