From b9de9b82c47d6c730c63fa74abc317b92c640624 Mon Sep 17 00:00:00 2001 From: Rinkal Bhojani Date: Mon, 13 Oct 2025 19:34:22 +0530 Subject: [PATCH 1/2] updated creat x509 method and few types Signed-off-by: Rinkal Bhojani --- src/controllers/x509/crypto-util.ts | 37 +- src/controllers/x509/x509.Controller.ts | 68 +- src/controllers/x509/x509.service.ts | 173 +++-- src/controllers/x509/x509.types.ts | 204 +++++ src/routes/routes.ts | 617 +++++++++------ src/routes/swagger.json | 968 ++++++++++++++++-------- src/utils/oid4vc-agent.ts | 7 +- 7 files changed, 1379 insertions(+), 695 deletions(-) create mode 100644 src/controllers/x509/x509.types.ts diff --git a/src/controllers/x509/crypto-util.ts b/src/controllers/x509/crypto-util.ts index 74c1fef6..32e92046 100644 --- a/src/controllers/x509/crypto-util.ts +++ b/src/controllers/x509/crypto-util.ts @@ -1,4 +1,4 @@ -import { createPrivateKey, KeyObject } from 'crypto'; +import { createPrivateKey, KeyObject } from 'crypto' /** * Extracts the raw private key (hex) from a PEM-encoded EC (P-256) private key. @@ -7,29 +7,32 @@ async function pemToRawEcPrivateKey(pem: string): Promise { const keyObj: KeyObject = createPrivateKey({ key: pem, format: 'pem', - }); + }) // Extract raw private key (as Buffer) const rawPrivateKey = keyObj.export({ format: 'jwk', - }).d!; + }).d! - return Buffer.from(rawPrivateKey, 'base64').toString('hex'); + return Buffer.from(rawPrivateKey, 'base64').toString('hex') } /** * Extracts the raw private key (hex) from a PEM-encoded Ed25519 private key. */ -export async function pemToRawEd25519PrivateKey(pem: string): Promise { - const keyObj: KeyObject = createPrivateKey({ - key: pem.replace(/\\n/g, '\n'), - format: 'pem', - }); - - // Ed25519 JWK exports the *seed* (first 32 bytes of the private key) - const jwk = keyObj.export({ format: 'jwk' }); - if (!jwk.d) throw new Error("Not an Ed25519 private key"); - - return Buffer.from(jwk.d, 'base64').toString('hex'); - } - +export async function pemToRawEd25519PrivateKey(derKey: string | Buffer): Promise { + // If it's a base64 string, convert to Buffer + const keyBuffer = typeof derKey === 'string' ? Buffer.from(derKey, 'base64') : derKey + + const keyObj: KeyObject = createPrivateKey({ + key: keyBuffer, + format: 'der', + type: 'pkcs8', // Use 'pkcs8' for private keys (works for Ed25519, P256, RSA) + }) + + // Ed25519 JWK exports the *seed* (first 32 bytes of the private key) + const jwk = keyObj.export({ format: 'jwk' }) + if (!jwk.d) throw new Error('Not an Ed25519 private key') + + return Buffer.from(jwk.d, 'base64').toString('hex') +} diff --git a/src/controllers/x509/x509.Controller.ts b/src/controllers/x509/x509.Controller.ts index 90f38867..61a412eb 100644 --- a/src/controllers/x509/x509.Controller.ts +++ b/src/controllers/x509/x509.Controller.ts @@ -1,17 +1,12 @@ -import type { RestMultiTenantAgentModules } from '../../cliAgent' -import type { TenantRecord } from '@credo-ts/tenants' - -import { Agent, JsonTransformer, injectable, RecordNotFoundError, X509CreateCertificateOptions, X509Service, X509KeyUsage, KeyType, TypedArrayEncoder, CredoError, X509ExtendedKeyUsage, Key } from '@credo-ts/core' +import { injectable } from '@credo-ts/core' import { Request as Req } from 'express' -import jwt from 'jsonwebtoken' -import { Body, Controller, Delete, Post, Route, Tags, Path, Security, Request, Res, TsoaResponse, Get } from 'tsoa' +import { Body, Controller, Post, Route, Tags, Security, Request, Get } from 'tsoa' -import { AgentRole, SCOPES } from '../../enums' +import { SCOPES } from '../../enums' import ErrorHandlingService from '../../errorHandlingService' -import { BasicX509CreateCertificateConfig, CreateTenantOptions, X509ImportCertificateOptionsDto } from '../types' -import { generateSecretKey, getCertificateValidityForSystem } from '../../utils/helpers' +import { X509ImportCertificateOptionsDto } from '../types' import { x509ServiceT } from './x509.service' - +import { X509CreateCertificateOptionsDto } from './x509.types' @Tags('x509') @Security('jwt', [SCOPES.TENANT_AGENT, SCOPES.DEDICATED_AGENT]) @@ -19,35 +14,39 @@ import { x509ServiceT } from './x509.service' @injectable() export class X509Controller extends Controller { @Post('/') - public async createSelfSignedDCS(@Request() request: Req, @Body() createX509Options: BasicX509CreateCertificateConfig) { - + public async createX509Certificate( + @Request() request: Req, + @Body() createX509Options: X509CreateCertificateOptionsDto, + ) { try { - - return await x509ServiceT.createSelfSignedDCS(createX509Options, request); + return await x509ServiceT.createCertificate(request, createX509Options) } catch (error) { throw ErrorHandlingService.handle(error) } } - @Post('/import') - public async ImportX509Certficates(@Request() request: Req, @Body() importX509Options: X509ImportCertificateOptionsDto) { - + public async ImportX509Certificates( + @Request() request: Req, + @Body() importX509Options: X509ImportCertificateOptionsDto, + ) { try { - - return await x509ServiceT.ImportX509Certficates(request, importX509Options); + return await x509ServiceT.ImportX509Certificates(request, importX509Options) } catch (error) { throw ErrorHandlingService.handle(error) } } @Post('/trusted') - public async addTrustedCertificate(@Request() request: Req, @Body() options: { - certificate: string - }) { + public async addTrustedCertificate( + @Request() request: Req, + @Body() + options: { + certificate: string + }, + ) { try { - - return await x509ServiceT.addTrustedCertificate(request, options); + return await x509ServiceT.addTrustedCertificate(request, options) } catch (error) { throw ErrorHandlingService.handle(error) } @@ -55,26 +54,25 @@ export class X509Controller extends Controller { @Get('/trusted') public async getTrustedCertificates(@Request() request: Req) { - try { - return await x509ServiceT.getTrustedCertificates(request); + return await x509ServiceT.getTrustedCertificates(request) } catch (error) { throw ErrorHandlingService.handle(error) } } - @Post('/decode') - public async decodeCertificate(@Request() request: Req, @Body() options: { - certificate: string - }) { + public async decodeCertificate( + @Request() request: Req, + @Body() + options: { + certificate: string + }, + ) { try { - - return await x509ServiceT.decodeCertificate(request, options); + return await x509ServiceT.decodeCertificate(request, options) } catch (error) { throw ErrorHandlingService.handle(error) } } - - -} \ No newline at end of file +} diff --git a/src/controllers/x509/x509.service.ts b/src/controllers/x509/x509.service.ts index 1813cd93..94d7d7a6 100644 --- a/src/controllers/x509/x509.service.ts +++ b/src/controllers/x509/x509.service.ts @@ -1,26 +1,29 @@ +import type { X509CreateCertificateOptionsDto } from './x509.types' +import type { BasicX509CreateCertificateConfig, X509ImportCertificateOptionsDto } from '../types' +import type { CredoError, Key } from '@credo-ts/core' +import type { Request as Req } from 'express' + +import { + KeyType, + TypedArrayEncoder, + WalletKeyExistsError, + X509Certificate, + X509ExtendedKeyUsage, + X509KeyUsage, + X509ModuleConfig, + X509Service, + type Agent, +} from '@credo-ts/core' -import { CredoError, KeyType, TypedArrayEncoder, WalletKeyExistsError, X509Certificate, X509ExtendedKeyUsage, X509KeyUsage, X509ModuleConfig, X509Service, type Agent } from '@credo-ts/core' -import type { OpenId4VcIssuanceSessionState } from '@credo-ts/openid4vc' - -import { OpenId4VcIssuanceSessionRepository } from '@credo-ts/openid4vc/build/openid4vc-issuer/repository' - - -import { Request as Req } from 'express' - -import { BasicX509CreateCertificateConfig, X509ImportCertificateOptionsDto } from '../types' import { generateSecretKey, getCertificateValidityForSystem } from '../../utils/helpers' -import { pemToRawEd25519PrivateKey } from './crypto-util' +import { pemToRawEd25519PrivateKey } from './crypto-util' class x509Service { - - public async createSelfSignedDCS( - createX509Options: BasicX509CreateCertificateConfig, - agentReq: Req - ) { + public async createSelfSignedDCS(createX509Options: BasicX509CreateCertificateConfig, agentReq: Req) { const agent = agentReq.agent - const authorityKey = await createKey(agent as Agent, createX509Options.keyType); + const authorityKey = await createKey(agent as Agent, createX509Options.keyType) const AGENT_HOST = createX509Options.issuerAlternativeNameURL const AGENT_DNS = AGENT_HOST.replace('https://', '') const selfSignedx509certificate = await X509Service.createCertificate(agent.context, { @@ -36,12 +39,18 @@ class x509Service { markAsCritical: true, }, subjectAlternativeName: { - name: [{ type: 'dns', value: AGENT_DNS }, { type: 'url', value: AGENT_HOST }], + name: [ + { type: 'dns', value: AGENT_DNS }, + { type: 'url', value: AGENT_HOST }, + ], }, issuerAlternativeName: { // biome-ignore lint/style/noNonNullAssertion: //name: rootCertificate.issuerAlternativeNames!, - name: [{ type: 'dns', value: AGENT_DNS }, { type: 'url', value: AGENT_HOST }], + name: [ + { type: 'dns', value: AGENT_DNS }, + { type: 'url', value: AGENT_HOST }, + ], }, extendedKeyUsage: { usages: [X509ExtendedKeyUsage.MdlDs], @@ -59,21 +68,64 @@ class x509Service { }, }) - console.log('======= X.509 IACA Self Signed Certificate ===========') + agent.config.logger.info('======= X.509 IACA Self Signed Certificate ===========') const selfSignedx509certificateBase64 = selfSignedx509certificate.toString('base64') - console.log('selfSignedx509certificateBase64', selfSignedx509certificateBase64); - return { selfSignedx509certificateBase64 }; - + agent.config.logger.debug('selfSignedx509certificateBase64', { selfSignedx509certificateBase64 }) + return { publicCertificateBase64: selfSignedx509certificateBase64 } } + public async createCertificate(agentReq: Req, options: X509CreateCertificateOptionsDto) { + const agent = agentReq.agent - public async ImportX509Certficates(agentReq: Req - , options: X509ImportCertificateOptionsDto - ) { + let authorityKeyID, subjectPublicKeyID + + agent.config.logger.debug(`createCertificate options:`, options) + + if (options.authorityKey && options?.authorityKey?.seed) { + authorityKeyID = await agent.context.wallet.createKey({ + keyType: options.authorityKey.keyType ?? KeyType.P256, + seed: TypedArrayEncoder.fromString(options.authorityKey.seed), + }) + } else { + authorityKeyID = await agent.context.wallet.createKey({ + keyType: KeyType.P256, + }) + } + + if (options.subjectPublicKey) { + if (options?.subjectPublicKey?.seed) { + subjectPublicKeyID = await agent.context.wallet.createKey({ + keyType: options.subjectPublicKey.keyType ?? KeyType.P256, + seed: TypedArrayEncoder.fromString(options.subjectPublicKey.seed), + }) + } else { + subjectPublicKeyID = await agent.context.wallet.createKey({ + keyType: KeyType.P256, + }) + } + } + + const certificate = await agent.x509.createCertificate({ + authorityKey: authorityKeyID as Key, + subjectPublicKey: (subjectPublicKeyID as Key) ?? undefined, + serialNumber: options.serialNumber, + issuer: options.issuer, + extensions: options.extensions, + subject: options.subject, + validity: options.validity, + }) + + const issuerCertificate = certificate.toString('base64') + return { publicCertificateBase64: issuerCertificate } + } + + public async ImportX509Certificates(agentReq: Req, options: X509ImportCertificateOptionsDto) { const agent = agentReq.agent + agent.config.logger.debug(`Start validating keys`) const secretHexKey = await pemToRawEd25519PrivateKey(options.privateKey ?? '') const privateKey = TypedArrayEncoder.fromHex(secretHexKey) + agent.config.logger.debug(`Decode certificate`) const parsedCertificate = X509Service.parseCertificate(agent.context, { encodedCertificate: options.certificate, }) @@ -82,74 +134,73 @@ class x509Service { try { const documentSignerKey = await agent.wallet.createKey({ privateKey: privateKey, - keyType: options.keyType + keyType: options.keyType, }) if ( parsedCertificate.publicKey.keyType !== options.keyType || !Buffer.from(parsedCertificate.publicKey.publicKey).equals(Buffer.from(documentSignerKey.publicKey)) ) { - throw new Error( - `Key mismatched in provided X509_CERTIFICATE to import` - ) + throw new Error(`Key mismatched in provided X509_CERTIFICATE to import`) } console.log(`Keys matched with certificate`) - } - catch (error) { - + } catch (error) { // If the key already exists, we assume the self-signed certificate is already created if (error instanceof WalletKeyExistsError) { - console.error(`key already exists while importing certificate ${JSON.stringify(parsedCertificate.privateKey)}`, parsedCertificate.privateKey) - + console.error( + `key already exists while importing certificate ${JSON.stringify(parsedCertificate.privateKey)}`, + parsedCertificate.privateKey, + ) } else { + agent.config.logger.error(`${JSON.stringify(error)}`) throw error } } - return { issuerCertficicate }; + return { issuerCertficicate } } - public addTrustedCertificate(agentReq: Req, options: { - certificate: string - }) { + public addTrustedCertificate( + agentReq: Req, + options: { + certificate: string + }, + ) { const agent = agentReq.agent - return agent.x509.addTrustedCertificate(options.certificate); + return agent.x509.addTrustedCertificate(options.certificate) } public getTrustedCertificates(agentReq: Req) { + const trustedCertificates = agentReq.agent.context.dependencyManager + .resolve(X509ModuleConfig) + .trustedCertificates?.map((cert) => X509Certificate.fromEncodedCertificate(cert).toString('base64')) // as [string, ...string[]] - const trustedCertificates = agentReq.agent.context.dependencyManager.resolve(X509ModuleConfig) - .trustedCertificates?.map((cert) => - X509Certificate.fromEncodedCertificate(cert).toString('base64') - )// as [string, ...string[]] - - return trustedCertificates; + return trustedCertificates } /** - * Parses a base64-encoded X.509 certificate into a X509Certificate - * - * @param issuerAgent {Agent} - * @param options {x509Input} - * @returns - */ - public decodeCertificate(agentReq: Req, options: { - certificate: string - }) { + * Parses a base64-encoded X.509 certificate into a X509Certificate + * + * @param issuerAgent {Agent} + * @param options {x509Input} + * @returns + */ + public decodeCertificate( + agentReq: Req, + options: { + certificate: string + }, + ) { const parsedCertificate = X509Service.parseCertificate(agentReq.agent.context, { encodedCertificate: options.certificate, }) - return parsedCertificate; + return parsedCertificate } - - } - export const x509ServiceT = new x509Service() - export async function createKey(agent: Agent, keyType: KeyType) { try { const seed = await generateSecretKey(keyType === KeyType.P256 ? 64 : 32) @@ -164,6 +215,6 @@ export async function createKey(agent: Agent, keyType: KeyType) { return authorityKey } catch (error) { agent.config.logger.debug(`Error while creating authorityKey`, { message: (error as CredoError).message }) - throw error; + throw error } -} \ No newline at end of file +} diff --git a/src/controllers/x509/x509.types.ts b/src/controllers/x509/x509.types.ts new file mode 100644 index 00000000..45eca35c --- /dev/null +++ b/src/controllers/x509/x509.types.ts @@ -0,0 +1,204 @@ +import type { KeyType, X509ExtendedKeyUsage, X509KeyUsage } from '@credo-ts/core' + +import { Extension, Example } from 'tsoa' + +// Enum remains the same +export enum GeneralNameType { + DNS = 'dns', + DN = 'dn', + EMAIL = 'email', + GUID = 'guid', + IP = 'ip', + URL = 'url', + UPN = 'upn', + REGISTERED_ID = 'id', +} + +export interface AuthorityAndSubjectKeyDto { + /** + * @example "my-seed-12345" + * @description Seed to deterministically derive the key (optional) + */ + seed?: string + + /** + * @example "3yPQbnk6WwLgX8K3JZ4t7vBnJ8XqY2mMpRcD9fNvGtHw" + * @description publicKeyBase58 for using existing key in wallet (optional) + */ + publicKeyBase58?: string + + /** + * @example "p256" + * @description Type of the key used for signing the X.509 Certificate (default is p256) + */ + keyType?: KeyType +} + +export interface NameDto { + /** + * @example "dns" + */ + type: GeneralNameType + + /** + * @example "example.com" + */ + value: string +} + +export interface X509CertificateIssuerAndSubjectOptionsDto { + /** + * @example "US" + */ + countryName?: string + + /** + * @example "California" + */ + stateOrProvinceName?: string + + /** + * @example "IT Department" + */ + organizationalUnit?: string + + /** + * @example "Example Corporation" + */ + commonName?: string +} + +export interface ValidityDto { + /** + * @example "2024-01-01T00:00:00.000Z" + */ + notBefore?: Date + + /** + * @example "2025-01-01T00:00:00.000Z" + */ + notAfter?: Date +} + +export interface KeyUsageDto { + /** + * @example ["digitalSignature", "keyEncipherment", "crlSign"] + */ + usages: X509KeyUsage[] + + /** + * @example true + */ + markAsCritical?: boolean +} + +export interface ExtendedKeyUsageDto { + /** + * @example ["MdlDs", "ServerAuth", "ClientAuth"] + */ + usages: X509ExtendedKeyUsage[] + + /** + * @example true + */ + markAsCritical?: boolean +} + +export interface NameListDto { + /** + * @example [{ "type": "dns", "value": "example.com" }, { "type": "email", "value": "admin@example.com" }] + */ + name: NameDto[] + + /** + * @example true + */ + markAsCritical?: boolean +} + +export interface AuthorityAndSubjectKeyIdentifierDto { + /** + * @example true + */ + include: boolean + + /** + * @example true + */ + markAsCritical?: boolean +} + +export interface BasicConstraintsDto { + /** + * @example false + */ + ca: boolean + + /** + * @example 0 + */ + pathLenConstraint?: number + + /** + * @example true + */ + markAsCritical?: boolean +} + +export interface CrlDistributionPointsDto { + /** + * @example ["http://crl.example.com/ca.crl"] + */ + urls: string[] + + /** + * @example true + */ + markAsCritical?: boolean +} + +export interface X509CertificateExtensionsOptionsDto { + keyUsage?: KeyUsageDto + extendedKeyUsage?: ExtendedKeyUsageDto + authorityKeyIdentifier?: AuthorityAndSubjectKeyIdentifierDto + subjectKeyIdentifier?: AuthorityAndSubjectKeyIdentifierDto + issuerAlternativeName?: NameListDto + subjectAlternativeName?: NameListDto + basicConstraints?: BasicConstraintsDto + crlDistributionPoints?: CrlDistributionPointsDto +} + +// Main DTO Interface +export interface X509CreateCertificateOptionsDto { + authorityKey?: AuthorityAndSubjectKeyDto + subjectPublicKey?: AuthorityAndSubjectKeyDto + + /** + * @example "1234567890" + */ + serialNumber?: string + + /** + * @example { + * "countryName": "US", + * "stateOrProvinceName": "California", + * "commonName": "Example CA" + * } + * OR + * @example "/C=US/ST=California/O=Example Corporation/CN=Example CA" + */ + issuer: X509CertificateIssuerAndSubjectOptionsDto | string + + /** + * @example { + * "countryName": "US", + * "commonName": "www.example.com" + * } + * OR + * @example "/C=US/CN=www.example.com" + */ + subject?: X509CertificateIssuerAndSubjectOptionsDto | string + + validity?: ValidityDto + extensions?: X509CertificateExtensionsOptionsDto +} diff --git a/src/routes/routes.ts b/src/routes/routes.ts index a5bbe254..fa10f105 100644 --- a/src/routes/routes.ts +++ b/src/routes/routes.ts @@ -4,6 +4,8 @@ import type { TsoaRoute } from '@tsoa/runtime'; import { fetchMiddlewares, ExpressTemplateService } from '@tsoa/runtime'; // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa +import { X509Controller } from './../controllers/x509/x509.Controller'; +// WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa import { Polygon } from './../controllers/polygon/PolygonController'; // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa import { EndorserTransactionController } from './../controllers/anoncreds/endorser-transaction/EndorserTransactionController'; @@ -39,8 +41,6 @@ import { IssuerController } from './../controllers/openid4vc/issuers/issuer.Cont import { VerificationSessionsController } from './../controllers/openid4vc/verifier-sessions/verification-sessions.Controller'; // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa import { VerifierController } from './../controllers/openid4vc/verifiers/verifier.Controller'; -// WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa -import { X509Controller } from './../controllers/x509/x509.Controller'; import { expressAuthentication } from './../authentication'; // @ts-ignore - no great way to install types from subpackage import { iocContainer } from './../utils/tsyringeTsoaIocContainer'; @@ -53,6 +53,184 @@ const expressAuthenticationRecasted = expressAuthentication as (req: ExRequest, // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa const models: TsoaRoute.Models = { + "KeyType": { + "dataType": "refEnum", + "enums": ["ed25519","bls12381g1g2","bls12381g1","bls12381g2","x25519","p256","p384","p521","k256"], + }, + // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa + "AuthorityAndSubjectKeyDto": { + "dataType": "refObject", + "properties": { + "seed": {"dataType":"string"}, + "publicKeyBase58": {"dataType":"string"}, + "keyType": {"ref":"KeyType"}, + }, + "additionalProperties": false, + }, + // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa + "X509CertificateIssuerAndSubjectOptionsDto": { + "dataType": "refObject", + "properties": { + "countryName": {"dataType":"string"}, + "stateOrProvinceName": {"dataType":"string"}, + "organizationalUnit": {"dataType":"string"}, + "commonName": {"dataType":"string"}, + }, + "additionalProperties": false, + }, + // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa + "ValidityDto": { + "dataType": "refObject", + "properties": { + "notBefore": {"dataType":"datetime"}, + "notAfter": {"dataType":"datetime"}, + }, + "additionalProperties": false, + }, + // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa + "X509KeyUsage": { + "dataType": "refEnum", + "enums": [1,2,4,8,16,32,64,128,256], + }, + // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa + "KeyUsageDto": { + "dataType": "refObject", + "properties": { + "usages": {"dataType":"array","array":{"dataType":"refEnum","ref":"X509KeyUsage"},"required":true}, + "markAsCritical": {"dataType":"boolean"}, + }, + "additionalProperties": false, + }, + // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa + "X509ExtendedKeyUsage": { + "dataType": "refEnum", + "enums": ["1.3.6.1.5.5.7.3.1","1.3.6.1.5.5.7.3.2","1.3.6.1.5.5.7.3.3","1.3.6.1.5.5.7.3.4","1.3.6.1.5.5.7.3.8","1.3.6.1.5.5.7.3.9","1.0.18013.5.1.2"], + }, + // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa + "ExtendedKeyUsageDto": { + "dataType": "refObject", + "properties": { + "usages": {"dataType":"array","array":{"dataType":"refEnum","ref":"X509ExtendedKeyUsage"},"required":true}, + "markAsCritical": {"dataType":"boolean"}, + }, + "additionalProperties": false, + }, + // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa + "AuthorityAndSubjectKeyIdentifierDto": { + "dataType": "refObject", + "properties": { + "include": {"dataType":"boolean","required":true}, + "markAsCritical": {"dataType":"boolean"}, + }, + "additionalProperties": false, + }, + // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa + "GeneralNameType": { + "dataType": "refEnum", + "enums": ["dns","dn","email","guid","ip","url","upn","id"], + }, + // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa + "NameDto": { + "dataType": "refObject", + "properties": { + "type": {"ref":"GeneralNameType","required":true}, + "value": {"dataType":"string","required":true}, + }, + "additionalProperties": false, + }, + // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa + "NameListDto": { + "dataType": "refObject", + "properties": { + "name": {"dataType":"array","array":{"dataType":"refObject","ref":"NameDto"},"required":true}, + "markAsCritical": {"dataType":"boolean"}, + }, + "additionalProperties": false, + }, + // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa + "BasicConstraintsDto": { + "dataType": "refObject", + "properties": { + "ca": {"dataType":"boolean","required":true}, + "pathLenConstraint": {"dataType":"double"}, + "markAsCritical": {"dataType":"boolean"}, + }, + "additionalProperties": false, + }, + // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa + "CrlDistributionPointsDto": { + "dataType": "refObject", + "properties": { + "urls": {"dataType":"array","array":{"dataType":"string"},"required":true}, + "markAsCritical": {"dataType":"boolean"}, + }, + "additionalProperties": false, + }, + // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa + "X509CertificateExtensionsOptionsDto": { + "dataType": "refObject", + "properties": { + "keyUsage": {"ref":"KeyUsageDto"}, + "extendedKeyUsage": {"ref":"ExtendedKeyUsageDto"}, + "authorityKeyIdentifier": {"ref":"AuthorityAndSubjectKeyIdentifierDto"}, + "subjectKeyIdentifier": {"ref":"AuthorityAndSubjectKeyIdentifierDto"}, + "issuerAlternativeName": {"ref":"NameListDto"}, + "subjectAlternativeName": {"ref":"NameListDto"}, + "basicConstraints": {"ref":"BasicConstraintsDto"}, + "crlDistributionPoints": {"ref":"CrlDistributionPointsDto"}, + }, + "additionalProperties": false, + }, + // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa + "X509CreateCertificateOptionsDto": { + "dataType": "refObject", + "properties": { + "authorityKey": {"ref":"AuthorityAndSubjectKeyDto"}, + "subjectPublicKey": {"ref":"AuthorityAndSubjectKeyDto"}, + "serialNumber": {"dataType":"string"}, + "issuer": {"dataType":"union","subSchemas":[{"ref":"X509CertificateIssuerAndSubjectOptionsDto"},{"dataType":"string"}],"required":true}, + "subject": {"dataType":"union","subSchemas":[{"ref":"X509CertificateIssuerAndSubjectOptionsDto"},{"dataType":"string"}]}, + "validity": {"ref":"ValidityDto"}, + "extensions": {"ref":"X509CertificateExtensionsOptionsDto"}, + }, + "additionalProperties": false, + }, + // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa + "X509ImportCertificateOptionsDto": { + "dataType": "refObject", + "properties": { + "certificate": {"dataType":"string","required":true}, + "privateKey": {"dataType":"string"}, + "keyType": {"ref":"KeyType","required":true}, + }, + "additionalProperties": false, + }, + // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa + "Uint8Array": { + "dataType": "refObject", + "properties": { + }, + "additionalProperties": false, + }, + // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa + "Key": { + "dataType": "refObject", + "properties": { + "publicKey": {"ref":"Uint8Array","required":true}, + "keyType": {"ref":"KeyType","required":true}, + }, + "additionalProperties": false, + }, + // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa + "X509Certificate": { + "dataType": "refObject", + "properties": { + "publicKey": {"ref":"Key","required":true}, + "privateKey": {"ref":"Uint8Array"}, + }, + "additionalProperties": false, + }, + // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa "Record_string.unknown_": { "dataType": "refAlias", "type": {"dataType":"nestedObjectLiteral","nestedProperties":{},"additionalProperties":{"dataType":"any"},"validators":{}}, @@ -348,11 +526,6 @@ const models: TsoaRoute.Models = { "type": {"dataType":"string","validators":{}}, }, // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa - "KeyType": { - "dataType": "refEnum", - "enums": ["ed25519","bls12381g1g2","bls12381g1","bls12381g2","x25519","p256","p384","p521","k256"], - }, - // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa "DidCreate": { "dataType": "refObject", "properties": { @@ -856,22 +1029,6 @@ const models: TsoaRoute.Models = { "type": {"ref":"PlaintextMessage","validators":{}}, }, // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa - "Uint8Array": { - "dataType": "refObject", - "properties": { - }, - "additionalProperties": false, - }, - // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa - "Key": { - "dataType": "refObject", - "properties": { - "publicKey": {"ref":"Uint8Array","required":true}, - "keyType": {"ref":"KeyType","required":true}, - }, - "additionalProperties": false, - }, - // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa "Routing": { "dataType": "refObject", "properties": { @@ -1735,55 +1892,207 @@ const models: TsoaRoute.Models = { "type": {"ref":"Record_string.unknown_","validators":{}}, }, // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa - "BasicX509CreateCertificateConfig": { - "dataType": "refObject", - "properties": { - "countryName": {"dataType":"string"}, - "stateOrProvinceName": {"dataType":"string"}, - "organizationalUnit": {"dataType":"string"}, - "commonName": {"dataType":"string"}, - "keyType": {"ref":"KeyType","required":true}, - "issuerAlternativeNameURL": {"dataType":"string","required":true}, - }, - "additionalProperties": false, - }, - // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa - "X509ImportCertificateOptionsDto": { - "dataType": "refObject", - "properties": { - "certificate": {"dataType":"string","required":true}, - "privateKey": {"dataType":"string"}, - "keyType": {"ref":"KeyType","required":true}, - }, - "additionalProperties": false, - }, - // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa - "X509Certificate": { - "dataType": "refObject", - "properties": { - "publicKey": {"ref":"Key","required":true}, - "privateKey": {"ref":"Uint8Array"}, - }, - "additionalProperties": false, - }, - // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa }; const templateService = new ExpressTemplateService(models, {"noImplicitAdditionalProperties":"throw-on-extras","bodyCoercion":true}); -// WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa +// WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa + + + + +export function RegisterRoutes(app: Router) { + + // ########################################################################################################### + // NOTE: If you do not see routes for all of your controllers in this file, then you might not have informed tsoa of where to look + // Please look into the "controllerPathGlobs" config option described in the readme: https://github.com/lukeautry/tsoa + // ########################################################################################################### + + + + const argsX509Controller_createX509Certificate: Record = { + request: {"in":"request","name":"request","required":true,"dataType":"object"}, + createX509Options: {"in":"body","name":"createX509Options","required":true,"ref":"X509CreateCertificateOptionsDto"}, + }; + app.post('/x509', + authenticateMiddleware([{"jwt":["tenant","dedicated"]}]), + ...(fetchMiddlewares(X509Controller)), + ...(fetchMiddlewares(X509Controller.prototype.createX509Certificate)), + + async function X509Controller_createX509Certificate(request: ExRequest, response: ExResponse, next: any) { + + // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa + + let validatedArgs: any[] = []; + try { + validatedArgs = templateService.getValidatedArgs({ args: argsX509Controller_createX509Certificate, request, response }); + + const container: IocContainer = typeof iocContainer === 'function' ? (iocContainer as IocContainerFactory)(request) : iocContainer; + + const controller: any = await container.get(X509Controller); + if (typeof controller['setStatus'] === 'function') { + controller.setStatus(undefined); + } + + await templateService.apiHandler({ + methodName: 'createX509Certificate', + controller, + response, + next, + validatedArgs, + successStatus: undefined, + }); + } catch (err) { + return next(err); + } + }); + // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa + const argsX509Controller_ImportX509Certificates: Record = { + request: {"in":"request","name":"request","required":true,"dataType":"object"}, + importX509Options: {"in":"body","name":"importX509Options","required":true,"ref":"X509ImportCertificateOptionsDto"}, + }; + app.post('/x509/import', + authenticateMiddleware([{"jwt":["tenant","dedicated"]}]), + ...(fetchMiddlewares(X509Controller)), + ...(fetchMiddlewares(X509Controller.prototype.ImportX509Certificates)), + + async function X509Controller_ImportX509Certificates(request: ExRequest, response: ExResponse, next: any) { + + // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa + + let validatedArgs: any[] = []; + try { + validatedArgs = templateService.getValidatedArgs({ args: argsX509Controller_ImportX509Certificates, request, response }); + + const container: IocContainer = typeof iocContainer === 'function' ? (iocContainer as IocContainerFactory)(request) : iocContainer; + + const controller: any = await container.get(X509Controller); + if (typeof controller['setStatus'] === 'function') { + controller.setStatus(undefined); + } + + await templateService.apiHandler({ + methodName: 'ImportX509Certificates', + controller, + response, + next, + validatedArgs, + successStatus: undefined, + }); + } catch (err) { + return next(err); + } + }); + // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa + const argsX509Controller_addTrustedCertificate: Record = { + request: {"in":"request","name":"request","required":true,"dataType":"object"}, + options: {"in":"body","name":"options","required":true,"dataType":"nestedObjectLiteral","nestedProperties":{"certificate":{"dataType":"string","required":true}}}, + }; + app.post('/x509/trusted', + authenticateMiddleware([{"jwt":["tenant","dedicated"]}]), + ...(fetchMiddlewares(X509Controller)), + ...(fetchMiddlewares(X509Controller.prototype.addTrustedCertificate)), + + async function X509Controller_addTrustedCertificate(request: ExRequest, response: ExResponse, next: any) { + + // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa + + let validatedArgs: any[] = []; + try { + validatedArgs = templateService.getValidatedArgs({ args: argsX509Controller_addTrustedCertificate, request, response }); + + const container: IocContainer = typeof iocContainer === 'function' ? (iocContainer as IocContainerFactory)(request) : iocContainer; + + const controller: any = await container.get(X509Controller); + if (typeof controller['setStatus'] === 'function') { + controller.setStatus(undefined); + } + + await templateService.apiHandler({ + methodName: 'addTrustedCertificate', + controller, + response, + next, + validatedArgs, + successStatus: undefined, + }); + } catch (err) { + return next(err); + } + }); + // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa + const argsX509Controller_getTrustedCertificates: Record = { + request: {"in":"request","name":"request","required":true,"dataType":"object"}, + }; + app.get('/x509/trusted', + authenticateMiddleware([{"jwt":["tenant","dedicated"]}]), + ...(fetchMiddlewares(X509Controller)), + ...(fetchMiddlewares(X509Controller.prototype.getTrustedCertificates)), + + async function X509Controller_getTrustedCertificates(request: ExRequest, response: ExResponse, next: any) { + // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa + let validatedArgs: any[] = []; + try { + validatedArgs = templateService.getValidatedArgs({ args: argsX509Controller_getTrustedCertificates, request, response }); + const container: IocContainer = typeof iocContainer === 'function' ? (iocContainer as IocContainerFactory)(request) : iocContainer; -export function RegisterRoutes(app: Router) { + const controller: any = await container.get(X509Controller); + if (typeof controller['setStatus'] === 'function') { + controller.setStatus(undefined); + } - // ########################################################################################################### - // NOTE: If you do not see routes for all of your controllers in this file, then you might not have informed tsoa of where to look - // Please look into the "controllerPathGlobs" config option described in the readme: https://github.com/lukeautry/tsoa - // ########################################################################################################### + await templateService.apiHandler({ + methodName: 'getTrustedCertificates', + controller, + response, + next, + validatedArgs, + successStatus: undefined, + }); + } catch (err) { + return next(err); + } + }); + // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa + const argsX509Controller_decodeCertificate: Record = { + request: {"in":"request","name":"request","required":true,"dataType":"object"}, + options: {"in":"body","name":"options","required":true,"dataType":"nestedObjectLiteral","nestedProperties":{"certificate":{"dataType":"string","required":true}}}, + }; + app.post('/x509/decode', + authenticateMiddleware([{"jwt":["tenant","dedicated"]}]), + ...(fetchMiddlewares(X509Controller)), + ...(fetchMiddlewares(X509Controller.prototype.decodeCertificate)), + + async function X509Controller_decodeCertificate(request: ExRequest, response: ExResponse, next: any) { + // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa - + let validatedArgs: any[] = []; + try { + validatedArgs = templateService.getValidatedArgs({ args: argsX509Controller_decodeCertificate, request, response }); + + const container: IocContainer = typeof iocContainer === 'function' ? (iocContainer as IocContainerFactory)(request) : iocContainer; + + const controller: any = await container.get(X509Controller); + if (typeof controller['setStatus'] === 'function') { + controller.setStatus(undefined); + } + + await templateService.apiHandler({ + methodName: 'decodeCertificate', + controller, + response, + next, + validatedArgs, + successStatus: undefined, + }); + } catch (err) { + return next(err); + } + }); + // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa const argsPolygon_createKeyPair: Record = { }; app.post('/polygon/create-keys', @@ -5210,190 +5519,6 @@ export function RegisterRoutes(app: Router) { } }); // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa - const argsX509Controller_createSelfSignedDCS: Record = { - request: {"in":"request","name":"request","required":true,"dataType":"object"}, - createX509Options: {"in":"body","name":"createX509Options","required":true,"ref":"BasicX509CreateCertificateConfig"}, - }; - app.post('/x509', - authenticateMiddleware([{"jwt":["tenant","dedicated"]}]), - ...(fetchMiddlewares(X509Controller)), - ...(fetchMiddlewares(X509Controller.prototype.createSelfSignedDCS)), - - async function X509Controller_createSelfSignedDCS(request: ExRequest, response: ExResponse, next: any) { - - // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa - - let validatedArgs: any[] = []; - try { - validatedArgs = templateService.getValidatedArgs({ args: argsX509Controller_createSelfSignedDCS, request, response }); - - const container: IocContainer = typeof iocContainer === 'function' ? (iocContainer as IocContainerFactory)(request) : iocContainer; - - const controller: any = await container.get(X509Controller); - if (typeof controller['setStatus'] === 'function') { - controller.setStatus(undefined); - } - - await templateService.apiHandler({ - methodName: 'createSelfSignedDCS', - controller, - response, - next, - validatedArgs, - successStatus: undefined, - }); - } catch (err) { - return next(err); - } - }); - // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa - const argsX509Controller_ImportX509Certficates: Record = { - request: {"in":"request","name":"request","required":true,"dataType":"object"}, - importX509Options: {"in":"body","name":"importX509Options","required":true,"ref":"X509ImportCertificateOptionsDto"}, - }; - app.post('/x509/import', - authenticateMiddleware([{"jwt":["tenant","dedicated"]}]), - ...(fetchMiddlewares(X509Controller)), - ...(fetchMiddlewares(X509Controller.prototype.ImportX509Certficates)), - - async function X509Controller_ImportX509Certficates(request: ExRequest, response: ExResponse, next: any) { - - // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa - - let validatedArgs: any[] = []; - try { - validatedArgs = templateService.getValidatedArgs({ args: argsX509Controller_ImportX509Certficates, request, response }); - - const container: IocContainer = typeof iocContainer === 'function' ? (iocContainer as IocContainerFactory)(request) : iocContainer; - - const controller: any = await container.get(X509Controller); - if (typeof controller['setStatus'] === 'function') { - controller.setStatus(undefined); - } - - await templateService.apiHandler({ - methodName: 'ImportX509Certficates', - controller, - response, - next, - validatedArgs, - successStatus: undefined, - }); - } catch (err) { - return next(err); - } - }); - // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa - const argsX509Controller_addTrustedCertificate: Record = { - request: {"in":"request","name":"request","required":true,"dataType":"object"}, - options: {"in":"body","name":"options","required":true,"dataType":"nestedObjectLiteral","nestedProperties":{"certificate":{"dataType":"string","required":true}}}, - }; - app.post('/x509/trusted', - authenticateMiddleware([{"jwt":["tenant","dedicated"]}]), - ...(fetchMiddlewares(X509Controller)), - ...(fetchMiddlewares(X509Controller.prototype.addTrustedCertificate)), - - async function X509Controller_addTrustedCertificate(request: ExRequest, response: ExResponse, next: any) { - - // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa - - let validatedArgs: any[] = []; - try { - validatedArgs = templateService.getValidatedArgs({ args: argsX509Controller_addTrustedCertificate, request, response }); - - const container: IocContainer = typeof iocContainer === 'function' ? (iocContainer as IocContainerFactory)(request) : iocContainer; - - const controller: any = await container.get(X509Controller); - if (typeof controller['setStatus'] === 'function') { - controller.setStatus(undefined); - } - - await templateService.apiHandler({ - methodName: 'addTrustedCertificate', - controller, - response, - next, - validatedArgs, - successStatus: undefined, - }); - } catch (err) { - return next(err); - } - }); - // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa - const argsX509Controller_getTrustedCertificates: Record = { - request: {"in":"request","name":"request","required":true,"dataType":"object"}, - }; - app.get('/x509/trusted', - authenticateMiddleware([{"jwt":["tenant","dedicated"]}]), - ...(fetchMiddlewares(X509Controller)), - ...(fetchMiddlewares(X509Controller.prototype.getTrustedCertificates)), - - async function X509Controller_getTrustedCertificates(request: ExRequest, response: ExResponse, next: any) { - - // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa - - let validatedArgs: any[] = []; - try { - validatedArgs = templateService.getValidatedArgs({ args: argsX509Controller_getTrustedCertificates, request, response }); - - const container: IocContainer = typeof iocContainer === 'function' ? (iocContainer as IocContainerFactory)(request) : iocContainer; - - const controller: any = await container.get(X509Controller); - if (typeof controller['setStatus'] === 'function') { - controller.setStatus(undefined); - } - - await templateService.apiHandler({ - methodName: 'getTrustedCertificates', - controller, - response, - next, - validatedArgs, - successStatus: undefined, - }); - } catch (err) { - return next(err); - } - }); - // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa - const argsX509Controller_decodeCertificate: Record = { - request: {"in":"request","name":"request","required":true,"dataType":"object"}, - options: {"in":"body","name":"options","required":true,"dataType":"nestedObjectLiteral","nestedProperties":{"certificate":{"dataType":"string","required":true}}}, - }; - app.post('/x509/decode', - authenticateMiddleware([{"jwt":["tenant","dedicated"]}]), - ...(fetchMiddlewares(X509Controller)), - ...(fetchMiddlewares(X509Controller.prototype.decodeCertificate)), - - async function X509Controller_decodeCertificate(request: ExRequest, response: ExResponse, next: any) { - - // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa - - let validatedArgs: any[] = []; - try { - validatedArgs = templateService.getValidatedArgs({ args: argsX509Controller_decodeCertificate, request, response }); - - const container: IocContainer = typeof iocContainer === 'function' ? (iocContainer as IocContainerFactory)(request) : iocContainer; - - const controller: any = await container.get(X509Controller); - if (typeof controller['setStatus'] === 'function') { - controller.setStatus(undefined); - } - - await templateService.apiHandler({ - methodName: 'decodeCertificate', - controller, - response, - next, - validatedArgs, - successStatus: undefined, - }); - } catch (err) { - return next(err); - } - }); - // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa // WARNING: This file was auto-generated with tsoa. Please do not modify it. Re-run tsoa to re-generate this file: https://github.com/lukeautry/tsoa diff --git a/src/routes/swagger.json b/src/routes/swagger.json index e24dff20..575ba001 100644 --- a/src/routes/swagger.json +++ b/src/routes/swagger.json @@ -7,6 +7,402 @@ "requestBodies": {}, "responses": {}, "schemas": { + "KeyType": { + "enum": [ + "ed25519", + "bls12381g1g2", + "bls12381g1", + "bls12381g2", + "x25519", + "p256", + "p384", + "p521", + "k256" + ], + "type": "string" + }, + "AuthorityAndSubjectKeyDto": { + "properties": { + "seed": { + "type": "string", + "example": "my-seed-12345" + }, + "publicKeyBase58": { + "type": "string", + "example": "3yPQbnk6WwLgX8K3JZ4t7vBnJ8XqY2mMpRcD9fNvGtHw" + }, + "keyType": { + "$ref": "#/components/schemas/KeyType", + "example": "p256" + } + }, + "type": "object", + "additionalProperties": false + }, + "X509CertificateIssuerAndSubjectOptionsDto": { + "properties": { + "countryName": { + "type": "string", + "example": "US" + }, + "stateOrProvinceName": { + "type": "string", + "example": "California" + }, + "organizationalUnit": { + "type": "string", + "example": "IT Department" + }, + "commonName": { + "type": "string", + "example": "Example Corporation" + } + }, + "type": "object", + "additionalProperties": false + }, + "ValidityDto": { + "properties": { + "notBefore": { + "type": "string", + "format": "date-time", + "example": "2024-01-01T00:00:00.000Z" + }, + "notAfter": { + "type": "string", + "format": "date-time", + "example": "2025-01-01T00:00:00.000Z" + } + }, + "type": "object", + "additionalProperties": false + }, + "X509KeyUsage": { + "enum": [ + 1, + 2, + 4, + 8, + 16, + 32, + 64, + 128, + 256 + ], + "type": "number" + }, + "KeyUsageDto": { + "properties": { + "usages": { + "items": { + "$ref": "#/components/schemas/X509KeyUsage" + }, + "type": "array", + "example": [ + "digitalSignature", + "keyEncipherment", + "crlSign" + ] + }, + "markAsCritical": { + "type": "boolean", + "example": true + } + }, + "required": [ + "usages" + ], + "type": "object", + "additionalProperties": false + }, + "X509ExtendedKeyUsage": { + "enum": [ + "1.3.6.1.5.5.7.3.1", + "1.3.6.1.5.5.7.3.2", + "1.3.6.1.5.5.7.3.3", + "1.3.6.1.5.5.7.3.4", + "1.3.6.1.5.5.7.3.8", + "1.3.6.1.5.5.7.3.9", + "1.0.18013.5.1.2" + ], + "type": "string" + }, + "ExtendedKeyUsageDto": { + "properties": { + "usages": { + "items": { + "$ref": "#/components/schemas/X509ExtendedKeyUsage" + }, + "type": "array", + "example": [ + "MdlDs", + "ServerAuth", + "ClientAuth" + ] + }, + "markAsCritical": { + "type": "boolean", + "example": true + } + }, + "required": [ + "usages" + ], + "type": "object", + "additionalProperties": false + }, + "AuthorityAndSubjectKeyIdentifierDto": { + "properties": { + "include": { + "type": "boolean", + "example": true + }, + "markAsCritical": { + "type": "boolean", + "example": true + } + }, + "required": [ + "include" + ], + "type": "object", + "additionalProperties": false + }, + "GeneralNameType": { + "enum": [ + "dns", + "dn", + "email", + "guid", + "ip", + "url", + "upn", + "id" + ], + "type": "string" + }, + "NameDto": { + "properties": { + "type": { + "$ref": "#/components/schemas/GeneralNameType", + "example": "dns" + }, + "value": { + "type": "string", + "example": "example.com" + } + }, + "required": [ + "type", + "value" + ], + "type": "object", + "additionalProperties": false + }, + "NameListDto": { + "properties": { + "name": { + "items": { + "$ref": "#/components/schemas/NameDto" + }, + "type": "array", + "example": [ + { + "type": "dns", + "value": "example.com" + }, + { + "type": "email", + "value": "admin@example.com" + } + ] + }, + "markAsCritical": { + "type": "boolean", + "example": true + } + }, + "required": [ + "name" + ], + "type": "object", + "additionalProperties": false + }, + "BasicConstraintsDto": { + "properties": { + "ca": { + "type": "boolean", + "example": false + }, + "pathLenConstraint": { + "type": "number", + "format": "double", + "example": 0 + }, + "markAsCritical": { + "type": "boolean", + "example": true + } + }, + "required": [ + "ca" + ], + "type": "object", + "additionalProperties": false + }, + "CrlDistributionPointsDto": { + "properties": { + "urls": { + "items": { + "type": "string" + }, + "type": "array", + "example": [ + "http://crl.example.com/ca.crl" + ] + }, + "markAsCritical": { + "type": "boolean", + "example": true + } + }, + "required": [ + "urls" + ], + "type": "object", + "additionalProperties": false + }, + "X509CertificateExtensionsOptionsDto": { + "properties": { + "keyUsage": { + "$ref": "#/components/schemas/KeyUsageDto" + }, + "extendedKeyUsage": { + "$ref": "#/components/schemas/ExtendedKeyUsageDto" + }, + "authorityKeyIdentifier": { + "$ref": "#/components/schemas/AuthorityAndSubjectKeyIdentifierDto" + }, + "subjectKeyIdentifier": { + "$ref": "#/components/schemas/AuthorityAndSubjectKeyIdentifierDto" + }, + "issuerAlternativeName": { + "$ref": "#/components/schemas/NameListDto" + }, + "subjectAlternativeName": { + "$ref": "#/components/schemas/NameListDto" + }, + "basicConstraints": { + "$ref": "#/components/schemas/BasicConstraintsDto" + }, + "crlDistributionPoints": { + "$ref": "#/components/schemas/CrlDistributionPointsDto" + } + }, + "type": "object", + "additionalProperties": false + }, + "X509CreateCertificateOptionsDto": { + "properties": { + "authorityKey": { + "$ref": "#/components/schemas/AuthorityAndSubjectKeyDto" + }, + "subjectPublicKey": { + "$ref": "#/components/schemas/AuthorityAndSubjectKeyDto" + }, + "serialNumber": { + "type": "string", + "example": "1234567890" + }, + "issuer": { + "anyOf": [ + { + "$ref": "#/components/schemas/X509CertificateIssuerAndSubjectOptionsDto" + }, + { + "type": "string" + } + ] + }, + "subject": { + "anyOf": [ + { + "$ref": "#/components/schemas/X509CertificateIssuerAndSubjectOptionsDto" + }, + { + "type": "string" + } + ] + }, + "validity": { + "$ref": "#/components/schemas/ValidityDto" + }, + "extensions": { + "$ref": "#/components/schemas/X509CertificateExtensionsOptionsDto" + } + }, + "required": [ + "issuer" + ], + "type": "object", + "additionalProperties": false + }, + "X509ImportCertificateOptionsDto": { + "properties": { + "certificate": { + "type": "string" + }, + "privateKey": { + "type": "string" + }, + "keyType": { + "$ref": "#/components/schemas/KeyType" + } + }, + "required": [ + "certificate", + "keyType" + ], + "type": "object", + "additionalProperties": false + }, + "Uint8Array": { + "description": "A typed array of 8-bit unsigned integer values. The contents are initialized to 0. If the\nrequested number of bytes could not be allocated an exception is raised.", + "properties": {}, + "type": "object", + "additionalProperties": false + }, + "Key": { + "properties": { + "publicKey": { + "$ref": "#/components/schemas/Uint8Array" + }, + "keyType": { + "$ref": "#/components/schemas/KeyType" + } + }, + "required": [ + "publicKey", + "keyType" + ], + "type": "object", + "additionalProperties": false + }, + "X509Certificate": { + "properties": { + "publicKey": { + "$ref": "#/components/schemas/Key" + }, + "privateKey": { + "$ref": "#/components/schemas/Uint8Array" + } + }, + "required": [ + "publicKey" + ], + "type": "object", + "additionalProperties": false + }, "Record_string.unknown_": { "properties": {}, "additionalProperties": {}, @@ -730,20 +1126,6 @@ "type": "string", "example": "did:key:z6Mkk7yqnGF3YwTrLpqrW6PGsKci7dNqh1CjnvMbzrMerSeL" }, - "KeyType": { - "enum": [ - "ed25519", - "bls12381g1g2", - "bls12381g1", - "bls12381g2", - "x25519", - "p256", - "p384", - "p521", - "k256" - ], - "type": "string" - }, "DidCreate": { "properties": { "keyType": { @@ -1884,42 +2266,20 @@ }, "proposal": { "$ref": "#/components/schemas/ProofFormatDataMessagePayload__40_LegacyIndyProofFormat-or-AnonCredsProofFormat-or-DifPresentationExchangeProofFormat_41_-Array.proposal_" - } - }, - "type": "object" - }, - "HandshakeProtocol": { - "description": "Enum values should be sorted based on order of preference. Values will be\nincluded in this order when creating out of band invitations.", - "enum": [ - "https://didcomm.org/didexchange/1.x", - "https://didcomm.org/connections/1.x" - ], - "type": "string" - }, - "AgentMessage": { - "$ref": "#/components/schemas/PlaintextMessage" - }, - "Uint8Array": { - "description": "A typed array of 8-bit unsigned integer values. The contents are initialized to 0. If the\nrequested number of bytes could not be allocated an exception is raised.", - "properties": {}, - "type": "object", - "additionalProperties": false - }, - "Key": { - "properties": { - "publicKey": { - "$ref": "#/components/schemas/Uint8Array" - }, - "keyType": { - "$ref": "#/components/schemas/KeyType" - } - }, - "required": [ - "publicKey", - "keyType" + } + }, + "type": "object" + }, + "HandshakeProtocol": { + "description": "Enum values should be sorted based on order of preference. Values will be\nincluded in this order when creating out of band invitations.", + "enum": [ + "https://didcomm.org/didexchange/1.x", + "https://didcomm.org/connections/1.x" ], - "type": "object", - "additionalProperties": false + "type": "string" + }, + "AgentMessage": { + "$ref": "#/components/schemas/PlaintextMessage" }, "Routing": { "properties": { @@ -3963,93 +4323,242 @@ "OpenId4VcVerifierRecord": { "$ref": "#/components/schemas/Record_string.unknown_", "description": "For OID4VC you need to expos metadata files. Each issuer needs to host this metadata. This is not the case for DIDComm where we can just have one /didcomm endpoint.\nSo we create a record per openid issuer/verifier that you want, and each tenant can create multiple issuers/verifiers which have different endpoints\nand metadata files" + } + }, + "securitySchemes": { + "apiKey": { + "type": "apiKey", + "name": "Authorization", + "in": "header" }, - "BasicX509CreateCertificateConfig": { - "properties": { - "countryName": { - "type": "string" - }, - "stateOrProvinceName": { - "type": "string" - }, - "organizationalUnit": { - "type": "string" - }, - "commonName": { - "type": "string" - }, - "keyType": { - "$ref": "#/components/schemas/KeyType" - }, - "issuerAlternativeNameURL": { - "type": "string" + "jwt": { + "type": "http", + "scheme": "bearer", + "bearerFormat": "JWT" + } + } + }, + "info": { + "title": "credo-controller", + "version": "2.0.0", + "description": "Rest endpoint wrapper for using your agent over HTTP", + "license": { + "name": "Apache-2.0" + }, + "contact": {} + }, + "paths": { + "/x509": { + "post": { + "operationId": "CreateX509Certificate", + "responses": { + "200": { + "description": "Ok", + "content": { + "application/json": { + "schema": { + "properties": { + "publicCertificateBase64": { + "type": "string" + } + }, + "required": [ + "publicCertificateBase64" + ], + "type": "object" + } + } + } } }, - "required": [ - "keyType", - "issuerAlternativeNameURL" + "tags": [ + "x509" ], - "type": "object", - "additionalProperties": false - }, - "X509ImportCertificateOptionsDto": { - "properties": { - "certificate": { - "type": "string" - }, - "privateKey": { - "type": "string" - }, - "keyType": { - "$ref": "#/components/schemas/KeyType" + "security": [ + { + "jwt": [ + "tenant", + "dedicated" + ] + } + ], + "parameters": [], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/X509CreateCertificateOptionsDto" + } + } + } + } + } + }, + "/x509/import": { + "post": { + "operationId": "ImportX509Certificates", + "responses": { + "200": { + "description": "Ok", + "content": { + "application/json": { + "schema": { + "properties": { + "issuerCertficicate": { + "type": "string" + } + }, + "required": [ + "issuerCertficicate" + ], + "type": "object" + } + } + } } }, - "required": [ - "certificate", - "keyType" + "tags": [ + "x509" ], - "type": "object", - "additionalProperties": false + "security": [ + { + "jwt": [ + "tenant", + "dedicated" + ] + } + ], + "parameters": [], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/X509ImportCertificateOptionsDto" + } + } + } + } + } + }, + "/x509/trusted": { + "post": { + "operationId": "AddTrustedCertificate", + "responses": { + "204": { + "description": "No content" + } + }, + "tags": [ + "x509" + ], + "security": [ + { + "jwt": [ + "tenant", + "dedicated" + ] + } + ], + "parameters": [], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "properties": { + "certificate": { + "type": "string" + } + }, + "required": [ + "certificate" + ], + "type": "object" + } + } + } + } }, - "X509Certificate": { - "properties": { - "publicKey": { - "$ref": "#/components/schemas/Key" - }, - "privateKey": { - "$ref": "#/components/schemas/Uint8Array" + "get": { + "operationId": "GetTrustedCertificates", + "responses": { + "200": { + "description": "Ok", + "content": { + "application/json": { + "schema": { + "items": { + "type": "string" + }, + "type": "array" + } + } + } + } + }, + "tags": [ + "x509" + ], + "security": [ + { + "jwt": [ + "tenant", + "dedicated" + ] + } + ], + "parameters": [] + } + }, + "/x509/decode": { + "post": { + "operationId": "DecodeCertificate", + "responses": { + "200": { + "description": "Ok", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/X509Certificate" + } + } + } + } + }, + "tags": [ + "x509" + ], + "security": [ + { + "jwt": [ + "tenant", + "dedicated" + ] } - }, - "required": [ - "publicKey" ], - "type": "object", - "additionalProperties": false - } - }, - "securitySchemes": { - "apiKey": { - "type": "apiKey", - "name": "Authorization", - "in": "header" - }, - "jwt": { - "type": "http", - "scheme": "bearer", - "bearerFormat": "JWT" + "parameters": [], + "requestBody": { + "required": true, + "content": { + "application/json": { + "schema": { + "properties": { + "certificate": { + "type": "string" + } + }, + "required": [ + "certificate" + ], + "type": "object" + } + } + } + } } - } - }, - "info": { - "title": "credo-controller", - "version": "2.0.0", - "description": "Rest endpoint wrapper for using your agent over HTTP", - "license": { - "name": "Apache-2.0" }, - "contact": {} - }, - "paths": { "/polygon/create-keys": { "post": { "operationId": "CreateKeyPair", @@ -9677,217 +10186,6 @@ } ] } - }, - "/x509": { - "post": { - "operationId": "CreateSelfSignedDCS", - "responses": { - "200": { - "description": "Ok", - "content": { - "application/json": { - "schema": { - "properties": { - "selfSignedx509certificateBase64": { - "type": "string" - } - }, - "required": [ - "selfSignedx509certificateBase64" - ], - "type": "object" - } - } - } - } - }, - "tags": [ - "x509" - ], - "security": [ - { - "jwt": [ - "tenant", - "dedicated" - ] - } - ], - "parameters": [], - "requestBody": { - "required": true, - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/BasicX509CreateCertificateConfig" - } - } - } - } - } - }, - "/x509/import": { - "post": { - "operationId": "ImportX509Certficates", - "responses": { - "200": { - "description": "Ok", - "content": { - "application/json": { - "schema": { - "properties": { - "issuerCertficicate": { - "type": "string" - } - }, - "required": [ - "issuerCertficicate" - ], - "type": "object" - } - } - } - } - }, - "tags": [ - "x509" - ], - "security": [ - { - "jwt": [ - "tenant", - "dedicated" - ] - } - ], - "parameters": [], - "requestBody": { - "required": true, - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/X509ImportCertificateOptionsDto" - } - } - } - } - } - }, - "/x509/trusted": { - "post": { - "operationId": "AddTrustedCertificate", - "responses": { - "204": { - "description": "No content" - } - }, - "tags": [ - "x509" - ], - "security": [ - { - "jwt": [ - "tenant", - "dedicated" - ] - } - ], - "parameters": [], - "requestBody": { - "required": true, - "content": { - "application/json": { - "schema": { - "properties": { - "certificate": { - "type": "string" - } - }, - "required": [ - "certificate" - ], - "type": "object" - } - } - } - } - }, - "get": { - "operationId": "GetTrustedCertificates", - "responses": { - "200": { - "description": "Ok", - "content": { - "application/json": { - "schema": { - "items": { - "type": "string" - }, - "type": "array" - } - } - } - } - }, - "tags": [ - "x509" - ], - "security": [ - { - "jwt": [ - "tenant", - "dedicated" - ] - } - ], - "parameters": [] - } - }, - "/x509/decode": { - "post": { - "operationId": "DecodeCertificate", - "responses": { - "200": { - "description": "Ok", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/X509Certificate" - } - } - } - } - }, - "tags": [ - "x509" - ], - "security": [ - { - "jwt": [ - "tenant", - "dedicated" - ] - } - ], - "parameters": [], - "requestBody": { - "required": true, - "content": { - "application/json": { - "schema": { - "properties": { - "certificate": { - "type": "string" - } - }, - "required": [ - "certificate" - ], - "type": "object" - } - } - } - } - } } }, "servers": [ diff --git a/src/utils/oid4vc-agent.ts b/src/utils/oid4vc-agent.ts index ec4bed8e..452cd27d 100644 --- a/src/utils/oid4vc-agent.ts +++ b/src/utils/oid4vc-agent.ts @@ -275,7 +275,12 @@ export function getMixedCredentialRequestToCredentialMapper(): OpenId4VciCredent credentials: holderBindings.map((holderBinding) => ({ issuerCertificate: issuerx509certificate[0], holderKey: holderBinding.key, - ...credential.payload, + namespaces: { + ...credential.payload, + // [namespace]: { + // ...credential.payload, + // }, + }, docType: credentialConfiguration.doctype, })), } satisfies OpenId4VciSignMdocCredentials From da5d152418b0afd550091487d2bc83a422c98554 Mon Sep 17 00:00:00 2001 From: Rinkal Bhojani Date: Mon, 13 Oct 2025 19:45:47 +0530 Subject: [PATCH 2/2] corrected mapper function for mdoc payload Signed-off-by: Rinkal Bhojani --- src/utils/oid4vc-agent.ts | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/src/utils/oid4vc-agent.ts b/src/utils/oid4vc-agent.ts index 452cd27d..ec4bed8e 100644 --- a/src/utils/oid4vc-agent.ts +++ b/src/utils/oid4vc-agent.ts @@ -275,12 +275,7 @@ export function getMixedCredentialRequestToCredentialMapper(): OpenId4VciCredent credentials: holderBindings.map((holderBinding) => ({ issuerCertificate: issuerx509certificate[0], holderKey: holderBinding.key, - namespaces: { - ...credential.payload, - // [namespace]: { - // ...credential.payload, - // }, - }, + ...credential.payload, docType: credentialConfiguration.doctype, })), } satisfies OpenId4VciSignMdocCredentials