|
@ -2,6 +2,7 @@ import { Buffer } from "buffer/"; |
|
|
import { decode as cborDecode } from "cbor-x"; |
|
|
import { decode as cborDecode } from "cbor-x"; |
|
|
import { createJWS, JWTPayload, verifyJWT } from "did-jwt"; |
|
|
import { createJWS, JWTPayload, verifyJWT } from "did-jwt"; |
|
|
import { getResolver } from "@veramo/did-provider-peer"; |
|
|
import { getResolver } from "@veramo/did-provider-peer"; |
|
|
|
|
|
import { bytesToMultibase } from "@veramo/utils"; |
|
|
|
|
|
|
|
|
import { generateRandomBytes } from "@/libs/crypto"; |
|
|
import { generateRandomBytes } from "@/libs/crypto"; |
|
|
|
|
|
|
|
@ -28,7 +29,7 @@ export async function registerCredential( |
|
|
}, |
|
|
}, |
|
|
user: { |
|
|
user: { |
|
|
id: userId, |
|
|
id: userId, |
|
|
name: "current-user", |
|
|
name: "Current-User", |
|
|
displayName: "Current User", |
|
|
displayName: "Current User", |
|
|
}, |
|
|
}, |
|
|
pubKeyCredParams: [ |
|
|
pubKeyCredParams: [ |
|
@ -63,21 +64,27 @@ export async function registerCredential( |
|
|
); |
|
|
); |
|
|
console.log("attestationObject", attestationObject); |
|
|
console.log("attestationObject", attestationObject); |
|
|
|
|
|
|
|
|
const authData = new Uint8Array(attestationObject.authData); |
|
|
const publicKeyCose = extractPublicKeyCose(attestationObject.authData); |
|
|
const publicKey = extractPublicKey(authData); |
|
|
const publicKeyJwk = extractPublicKeyJwk(attestationObject.authData); |
|
|
|
|
|
|
|
|
return { rawId: credential?.rawId, publicKey }; |
|
|
return { rawId: credential?.rawId, publicKeyJwk, publicKeyCose }; |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
function extractPublicKey(authData: Uint8Array) { |
|
|
function extractPublicKeyJwk(authData: Uint8Array) { |
|
|
// Extract the public key from authData using appropriate parsing
|
|
|
const publicKeyCose = extractPublicKeyCose(authData); // Example position
|
|
|
// This involves extracting the COSE key format and converting it to JWK
|
|
|
|
|
|
// For simplicity, we'll assume the public key is at a certain position in authData
|
|
|
|
|
|
const publicKeyCose = authData.slice(authData.length - 77); // Example position
|
|
|
|
|
|
const publicKeyJwk = coseToJwk(publicKeyCose); |
|
|
const publicKeyJwk = coseToJwk(publicKeyCose); |
|
|
return publicKeyJwk; |
|
|
return publicKeyJwk; |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
function extractPublicKeyCose(authData: Uint8Array) { |
|
|
|
|
|
// Extract the public key from authData using appropriate parsing.
|
|
|
|
|
|
// This involves extracting the COSE key format.
|
|
|
|
|
|
// For simplicity, we'll assume the public key is at a certain position in authData.
|
|
|
|
|
|
// Alternatively, see last answer here: https://chatgpt.com/share/78a5c91d-099d-46dc-aa6d-fc0c916509fa
|
|
|
|
|
|
const publicKeyCose = authData.slice(authData.length - 77); |
|
|
|
|
|
return publicKeyCose; |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
function coseToJwk(coseKey: Uint8Array) { |
|
|
function coseToJwk(coseKey: Uint8Array) { |
|
|
// Convert COSE key format to JWK
|
|
|
// Convert COSE key format to JWK
|
|
|
// This is simplified and needs appropriate parsing and conversion logic
|
|
|
// This is simplified and needs appropriate parsing and conversion logic
|
|
@ -89,6 +96,17 @@ function coseToJwk(coseKey: Uint8Array) { |
|
|
}; |
|
|
}; |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
export function createPeerDid(publicKeyCose: Uint8Array) { |
|
|
|
|
|
// https://github.com/decentralized-identity/veramo/blob/next/packages/did-provider-peer/src/peer-did-provider.ts#L67
|
|
|
|
|
|
//const provider = new PeerDIDProvider({ defaultKms: LOCAL_KMS_NAME });
|
|
|
|
|
|
const methodSpecificId = bytesToMultibase( |
|
|
|
|
|
publicKeyCose, |
|
|
|
|
|
"base58btc", |
|
|
|
|
|
"ed25519-pub", |
|
|
|
|
|
); |
|
|
|
|
|
return "did:peer:0" + methodSpecificId; |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
export async function createJwt( |
|
|
export async function createJwt( |
|
|
payload: object, |
|
|
payload: object, |
|
|
issuerDid: string, |
|
|
issuerDid: string, |
|
@ -150,10 +168,15 @@ async function generateWebAuthnSignature( |
|
|
}; |
|
|
}; |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
export async function verifyJwt(jwt: string, publicKey: JWK) { |
|
|
export async function verifyJwt( |
|
|
|
|
|
jwt: string, |
|
|
|
|
|
issuerDid: string, |
|
|
|
|
|
publicKey: JWK, |
|
|
|
|
|
) { |
|
|
const decoded = verifyJWT(jwt, { |
|
|
const decoded = verifyJWT(jwt, { |
|
|
didAuthenticator: { |
|
|
didAuthenticator: { |
|
|
authenticators: [{ publicKeyJwk: publicKey }], |
|
|
authenticators: [{ publicKeyJwk: publicKey }], |
|
|
|
|
|
issuer: issuerDid, |
|
|
}, |
|
|
}, |
|
|
resolver: getResolver(), |
|
|
resolver: getResolver(), |
|
|
}); |
|
|
}); |
|
|