feature/SDK-8

packages/did-provider-ebsi/__tests__/EbsiDidProvider.test.ts

@@ -12,6 +12,11 @@ const ebsiDidProvider = new EbsiDidProvider({
   defaultKms: 'mem',
 })
 
+jest.mock('../src/services/EbsiRPCService', () => ({
+  ...jest.requireActual('../src/services/EbsiRPCService'),
+  callRpcMethod: jest.fn().mockResolvedValue({ result: { r: '', s: '', v: '' } }),
+}))
+
 const agent = createAgent<IKeyManager & IDIDManager>({
   plugins: [
     new SphereonKeyManager({

packages/did-provider-ebsi/package.json

@@ -11,12 +11,15 @@
   },
   "dependencies": {
     "@ethersproject/random": "^5.7.0",
-    "@sphereon/ssi-sdk-ext.did-resolver-ebsi": "workspace:*",
+    "@sphereon/ssi-sdk-ext.did-resolver-ebsi": "workspace:^",
+    "@sphereon/ssi-sdk-ext.key-utils": "workspace:^",
     "@veramo/core": "4.2.0",
     "@veramo/did-manager": "4.2.0",
     "@veramo/did-provider-key": "4.2.0",
+    "cross-fetch": "^4.0.0",
     "debug": "^4.3.4",
     "did-resolver": "^4.1.0",
+    "ethers": "^6.11.1",
     "multiformats": "9.9.0",
     "uint8arrays": "3.1.1"
   },

packages/did-provider-ebsi/src/EbsiDidProvider.ts

@@ -1,38 +1,39 @@
-import { IAgentContext, IIdentifier, IKeyManager, MinimalImportableKey } from '@veramo/core'
+import { IAgentContext, IDIDManager, IIdentifier, IKeyManager } from '@veramo/core'
 import Debug from 'debug'
 import { AbstractIdentifierProvider } from '@veramo/did-manager/build/abstract-identifier-provider'
-import { DIDDocument } from 'did-resolver'
 import { IKey, IService } from '@veramo/core/build/types/IIdentifier'
-import * as u8a from 'uint8arrays'
-import { ebsiDIDSpecInfo, EbsiKeyType, EbsiPublicKeyPurpose, IContext, ICreateIdentifierArgs, IKeyOpts } from './types'
-import { generateEbsiPrivateKeyHex, generateMethodSpecificId } from './functions'
+import { ApiOpts, ebsiDIDSpecInfo, IContext, ICreateIdentifierArgs, UpdateIdentifierParams } from './types'
+import { createEbsiDid, generateEbsiKeyPair, generateMethodSpecificId } from './functions'
 
 const debug = Debug('sphereon:did-provider-ebsi')
 
 export class EbsiDidProvider extends AbstractIdentifierProvider {
   private readonly defaultKms?: string
+  private readonly apiOpts?: ApiOpts
 
-  constructor(options: { defaultKms?: string }) {
+  constructor(options: { defaultKms?: string; apiOpts?: ApiOpts }) {
     super()
     this.defaultKms = options.defaultKms
+    this.apiOpts = options.apiOpts
   }
 
   async createIdentifier(args: ICreateIdentifierArgs, context: IContext): Promise<Omit<IIdentifier, 'provider'>> {
     const { type, options, kms, alias } = { ...args }
+
     if (!type || type === ebsiDIDSpecInfo.V1) {
-      const secp256k1ManagedKeyInfo = await this.generateEbsiKeyPair(
+      const secp256k1ManagedKeyInfo = await generateEbsiKeyPair(
         {
           keyOpts: options?.secp256k1Key,
           keyType: 'Secp256k1',
-          kms,
+          kms: kms ?? this.defaultKms,
         },
         context
       )
-      const secp256r1ManagedKeyInfo = await this.generateEbsiKeyPair(
+      const secp256r1ManagedKeyInfo = await generateEbsiKeyPair(
         {
           keyOpts: options?.secp256r1Key,
           keyType: 'Secp256r1',
-          kms,
+          kms: kms ?? this.defaultKms,
         },
         context
       )
@@ -45,28 +46,32 @@ export class EbsiDidProvider extends AbstractIdentifierProvider {
         alias,
         services: [],
       }
+      const id = Math.floor(Math.random() * Number.MAX_SAFE_INTEGER)
+
+      if (options === undefined) {
+        throw new Error(`Options must be provided ${JSON.stringify(options)}`)
+      }
+
+      await createEbsiDid(
+        {
+          identifier,
+          secp256k1ManagedKeyInfo,
+          secp256r1ManagedKeyInfo,
+          id,
+          from: options.from,
+          notBefore: options.notBefore,
+          notAfter: options.notAfter,
+          apiOpts: options.apiOpts ?? this.apiOpts,
+        },
+        context
+      )
+
       debug('Created', identifier.did)
       return identifier
     } else if (type === ebsiDIDSpecInfo.KEY) {
-      throw Error(`Type ${type} not supported. Please use @sphereon/ssi-sdk-ext.did-provider-key for Natural Person EBSI DIDs`)
-    }
-    throw Error(`Type ${type} not supported`)
-  }
-
-  private async generateEbsiKeyPair(args: { keyOpts?: IKeyOpts; keyType: EbsiKeyType; kms?: string }, context: IAgentContext<IKeyManager>) {
-    const { keyOpts, keyType, kms } = args
-    let privateKeyHex = generateEbsiPrivateKeyHex(
-      ebsiDIDSpecInfo.V1,
-      keyOpts?.privateKeyHex ? u8a.fromString(keyOpts.privateKeyHex, 'base16') : undefined
-    )
-    if (privateKeyHex.startsWith('0x')) {
-      privateKeyHex = privateKeyHex.substring(2)
+      throw new Error(`Type ${type} not supported. Please use @sphereon/ssi-sdk-ext.did-provider-key for Natural Person EBSI DIDs`)
     }
-    if (!privateKeyHex || privateKeyHex.length !== 64) {
-      throw Error('Private key should be 32 bytes / 64 chars hex')
-    }
-    const importableKey = this.assertedKey({ key: { ...keyOpts, privateKeyHex }, type: keyType, kms })
-    return await context.agent.keyManagerImport(importableKey)
+    throw new Error(`Type ${type} not supported`)
   }
 
   addKey(
@@ -77,7 +82,7 @@ export class EbsiDidProvider extends AbstractIdentifierProvider {
     },
     context: IAgentContext<IKeyManager>
   ): Promise<any> {
-    throw Error(`Not (yet) implemented for the EBSI did provider`)
+    throw new Error(`Not (yet) implemented for the EBSI did provider`)
   }
 
   addService(
@@ -88,7 +93,7 @@ export class EbsiDidProvider extends AbstractIdentifierProvider {
     },
     context: IAgentContext<IKeyManager>
   ): Promise<any> {
-    throw Error(`Not (yet) implemented for the EBSI did provider`)
+    throw new Error(`Not (yet) implemented for the EBSI did provider`)
   }
 
   deleteIdentifier(args: IIdentifier, context: IAgentContext<IKeyManager>): Promise<boolean> {
@@ -103,7 +108,7 @@ export class EbsiDidProvider extends AbstractIdentifierProvider {
     },
     context: IAgentContext<IKeyManager>
   ): Promise<any> {
-    throw Error(`Not (yet) implemented for the EBSI did provider`)
+    throw new Error(`Not (yet) implemented for the EBSI did provider`)
   }
 
   removeService(
@@ -114,83 +119,11 @@ export class EbsiDidProvider extends AbstractIdentifierProvider {
     },
     context: IAgentContext<IKeyManager>
   ): Promise<any> {
-    throw Error(`Not (yet) implemented for the EBSI did provider`)
-  }
-
-  updateIdentifier(
-    args: {
-      did: string
-      document: Partial<DIDDocument>
-      options?: { [p: string]: any }
-    },
-    context: IAgentContext<IKeyManager>
-  ): Promise<IIdentifier> {
-    throw Error(`Not (yet) implemented for the EBSI did provider`)
-  }
-
-  private assertedKey = (args: { key?: IKeyOpts; type: EbsiKeyType; kms?: string }): MinimalImportableKey => {
-    const { key, type, kms } = args
-    const minimalImportableKey: Partial<MinimalImportableKey> = { ...key } ?? {}
-    minimalImportableKey.kms = this.assertedKms(kms)
-    minimalImportableKey.type = this.setDefaultKeyType({ key, type })
-    minimalImportableKey.meta = { purposes: this.assertedPurposes({ key }) ?? this.setDefaultPurposes({ key, type }) }
-    return minimalImportableKey as MinimalImportableKey
-  }
-
-  private assertedKms(kms?: string) {
-    const result = kms ?? this.defaultKms
-    if (!!result) {
-      return result
-    }
-    throw Error('no KMS supplied')
-  }
-
-  private setDefaultKeyType = (args: { key?: IKeyOpts; type: EbsiKeyType }): EbsiKeyType => {
-    if (!args.key?.type) {
-      return args.type
-    }
-    return args.key.type
-  }
-
-  private assertedPurposes = (args: { key?: IKeyOpts }): EbsiPublicKeyPurpose[] | undefined => {
-    const { key } = args
-    if (key?.purposes && key.purposes.length > 0) {
-      switch (key.type) {
-        case 'Secp256k1': {
-          if (key?.purposes && key.purposes.length > 0 && key.purposes?.includes(EbsiPublicKeyPurpose.CapabilityInvocation)) {
-            return key.purposes
-          }
-          throw new Error(`Secp256k1 key requires ${EbsiPublicKeyPurpose.CapabilityInvocation} purpose`)
-        }
-        case 'Secp256r1': {
-          if (
-            key?.purposes &&
-            key.purposes.length > 0 &&
-            key.purposes.every((purpose) => [EbsiPublicKeyPurpose.AssertionMethod, EbsiPublicKeyPurpose.Authentication].includes(purpose))
-          ) {
-            return key.purposes
-          }
-          throw new Error(`Secp256r1 key requires ${[EbsiPublicKeyPurpose.AssertionMethod, EbsiPublicKeyPurpose.Authentication].join(', ')} purposes`)
-        }
-        default:
-          throw new Error(`Unsupported key type: ${key.type}`)
-      }
-    }
-    return key?.purposes
+    throw new Error(`Not (yet) implemented for the EBSI did provider`)
   }
 
-  private setDefaultPurposes = (args: { key?: IKeyOpts; type: EbsiKeyType }): EbsiPublicKeyPurpose[] => {
-    const { key, type } = args
-    if (!key?.purposes || key.purposes.length === 0) {
-      switch (type) {
-        case 'Secp256k1':
-          return [EbsiPublicKeyPurpose.CapabilityInvocation]
-        case 'Secp256r1':
-          return [EbsiPublicKeyPurpose.AssertionMethod, EbsiPublicKeyPurpose.Authentication]
-        default:
-          throw new Error(`Unsupported key type: ${key?.type}`)
-      }
-    }
-    return key.purposes
+  // TODO How does it work? Not inferable from the api: https://hub.ebsi.eu/apis/pilot/did-registry/v5/post-jsonrpc#updatebasedocument
+  async updateIdentifier(args: UpdateIdentifierParams, context: IAgentContext<IKeyManager & IDIDManager>): Promise<IIdentifier> {
+    throw new Error(`Not (yet) implemented for the EBSI did provider`)
   }
 }