Initial changes for x509 support (#1482)

Signed-off-by: Rinkal Bhojani <[email protected]>

Author: RinkalBhojani

.env.demo

@@ -102,6 +102,7 @@ UTILITIES_NKEY_SEED=
 CLOUD_WALLET_NKEY_SEED=
 GEOLOCATION_NKEY_SEED=
 NOTIFICATION_NKEY_SEED=
+X509_NKEY_SEED=
 
 KEYCLOAK_DOMAIN=http://localhost:8080/
 KEYCLOAK_ADMIN_URL=http://localhost:8080

.env.sample

@@ -121,6 +121,7 @@ CREDENTAILDEFINITION_NKEY_SEED= xxxxxxxxxxxxx // Please provide Nkeys secret for
 SCHEMA_NKEY_SEED= xxxxxxxxxxxxx // Please provide Nkeys secret for schema service
 UTILITIES_NKEY_SEED= xxxxxxxxxxxxx // Please provide Nkeys secret for utilities service
 GEOLOCATION_NKEY_SEED= xxxxxxxxxxx // Please provide Nkeys secret for geo-location service
+X509_NKEY_SEED= xxxxxxxxxxx // Please provide Nkeys secret for x509 service
 
 AFJ_AGENT_TOKEN_PATH=/apps/agent-provisioning/AFJ/token/
 

apps/agent-service/src/agent-service.controller.ts

@@ -27,6 +27,11 @@ import { user } from '@prisma/client';
 import { InvitationMessage } from '@credebl/common/interfaces/agent-service.interface';
 import { AgentSpinUpStatus } from '@credebl/enum/enum';
 import { SignDataDto } from '../../api-gateway/src/agent-service/dto/agent-service.dto';
+import {
+  IX509ImportCertificateOptionsDto,
+  x509CertificateDecodeDto,
+  X509CreateCertificateOptions
+} from '@credebl/common/interfaces/x509.interface';
 
 @Controller()
 export class AgentServiceController {
@@ -380,4 +385,31 @@ export class AgentServiceController {
   async oidcDeleteCredentialOffer(payload: { url: string; orgId: string }): Promise<any> {
     return this.agentServiceService.oidcDeleteCredentialOffer(payload.url, payload.orgId);
   }
+
+  @MessagePattern({ cmd: 'agent-create-x509-certificate' })
+  async createX509Certificate(payload: {
+    options: X509CreateCertificateOptions;
+    url: string;
+    orgId: string;
+  }): Promise<object> {
+    return this.agentServiceService.createX509Certificate(payload.options, payload.url, payload.orgId);
+  }
+
+  @MessagePattern({ cmd: 'agent-decode-x509-certificate' })
+  async decodeX509Certificate(payload: {
+    options: x509CertificateDecodeDto;
+    url: string;
+    orgId: string;
+  }): Promise<object> {
+    return this.agentServiceService.decodeX509Certificate(payload.options, payload.url, payload.orgId);
+  }
+
+  @MessagePattern({ cmd: 'agent-import-x509-certificate' })
+  async importX509Certificate(payload: {
+    options: IX509ImportCertificateOptionsDto;
+    url: string;
+    orgId: string;
+  }): Promise<object> {
+    return this.agentServiceService.importX509Certificate(payload.options, payload.url, payload.orgId);
+  }
 }

apps/agent-service/src/agent-service.service.ts

@@ -80,6 +80,11 @@ import { NATSClient } from '@credebl/common/NATSClient';
 import { SignDataDto } from '../../api-gateway/src/agent-service/dto/agent-service.dto';
 import { IVerificationMethod } from 'apps/organization/interfaces/organization.interface';
 import { getAgentUrl } from '@credebl/common/common.utils';
+import {
+  IX509ImportCertificateOptionsDto,
+  x509CertificateDecodeDto,
+  X509CreateCertificateOptions
+} from '@credebl/common/interfaces/x509.interface';
 @Injectable()
 @WebSocketGateway()
 export class AgentServiceService {
@@ -89,7 +94,6 @@ export class AgentServiceService {
     private readonly agentServiceRepository: AgentServiceRepository,
     private readonly prisma: PrismaService,
     private readonly commonService: CommonService,
-    private readonly connectionService: ConnectionService,
     @Inject('NATS_CLIENT') private readonly agentServiceProxy: ClientProxy,
     @Inject(CACHE_MANAGER) private cacheService: Cache,
     private readonly userActivityRepository: UserActivityRepository,
@@ -2221,4 +2225,49 @@ export class AgentServiceService {
       throw error;
     }
   }
+
+  async createX509Certificate(options: X509CreateCertificateOptions, url: string, orgId: string): Promise<object> {
+    try {
+      this.logger.log('Start creating X509 certificate');
+      this.logger.debug('Creating X509 certificate with options', options);
+      const getApiKey = await this.getOrgAgentApiKey(orgId);
+      const x509Certificate = await this.commonService
+        .httpPost(url, options, { headers: { authorization: getApiKey } })
+        .then(async (response) => response);
+      return x509Certificate;
+    } catch (error) {
+      this.logger.error(`Error in creating x509 certificate in agent service : ${JSON.stringify(error)}`);
+      throw error;
+    }
+  }
+
+  async decodeX509Certificate(options: x509CertificateDecodeDto, url: string, orgId: string): Promise<object> {
+    try {
+      this.logger.log('Start decoding X509 certificate');
+      this.logger.debug('Decoding X509 certificate with options', options);
+      const getApiKey = await this.getOrgAgentApiKey(orgId);
+      const x509Certificate = await this.commonService
+        .httpPost(url, options, { headers: { authorization: getApiKey } })
+        .then(async (response) => response);
+      return x509Certificate;
+    } catch (error) {
+      this.logger.error(`Error in decoding x509 certificate in agent service : ${JSON.stringify(error)}`);
+      throw error;
+    }
+  }
+
+  async importX509Certificate(options: IX509ImportCertificateOptionsDto, url: string, orgId: string): Promise<object> {
+    try {
+      this.logger.log('Start importing X509 certificate');
+      this.logger.debug(`Importing X509 certificate with options`, options.certificate);
+      const getApiKey = await this.getOrgAgentApiKey(orgId);
+      const x509Certificate = await this.commonService
+        .httpPost(url, options, { headers: { authorization: getApiKey } })
+        .then(async (response) => response);
+      return x509Certificate;
+    } catch (error) {
+      this.logger.error(`Error in creating x509 certificate in agent service : ${JSON.stringify(error)}`);
+      throw error;
+    }
+  }
 }

apps/api-gateway/src/app.module.ts

@@ -33,6 +33,7 @@ import { LoggerModule } from '@credebl/logger/logger.module';
 import { GlobalConfigModule } from '@credebl/config/global-config.module';
 import { ConfigModule as PlatformConfig } from '@credebl/config/config.module';
 import { Oid4vcIssuanceModule } from './oid4vc-issuance/oid4vc-issuance.module';
+import { X509Module } from './x509/x509.module';
 
 @Module({
   imports: [
@@ -66,7 +67,8 @@ import { Oid4vcIssuanceModule } from './oid4vc-issuance/oid4vc-issuance.module';
     CacheModule.register({ store: redisStore, host: process.env.REDIS_HOST, port: process.env.REDIS_PORT }),
     GeoLocationModule,
     CloudWalletModule,
-    Oid4vcIssuanceModule
+    Oid4vcIssuanceModule,
+    X509Module
   ],
   controllers: [AppController],
   providers: [

apps/api-gateway/src/oid4vc-issuance/dtos/issuer-sessions.dto.ts

@@ -22,12 +22,6 @@ import {
 import { ApiProperty, ApiPropertyOptional } from '@nestjs/swagger';
 import { Type } from 'class-transformer';
 
-/* ========= Enums ========= */
-export enum CredentialFormat {
-  SdJwtVc = 'vc+sd-jwt',
-  Mdoc = 'mdoc'
-}
-
 /* ========= disclosureFrame custom validator ========= */
 function isDisclosureFrameValue(v: unknown): boolean {
   if ('boolean' === typeof v) {

apps/api-gateway/src/oid4vc-issuance/oid4vc-issuance.service.ts

@@ -7,6 +7,7 @@ import { BaseService } from 'libs/service/base.service';
 import { oidc_issuer, user } from '@prisma/client';
 import { CreateCredentialTemplateDto, UpdateCredentialTemplateDto } from './dtos/oid4vc-issuer-template.dto';
 import {
+  CreateCredentialOfferD2ADto,
   CreateOidcCredentialOfferDto,
   GetAllCredentialOfferDto,
   UpdateCredentialRequestDto
@@ -98,7 +99,10 @@ export class Oid4vcIssuanceService extends BaseService {
     return this.natsClient.sendNatsMessage(this.issuanceProxy, 'oid4vc-create-credential-offer', payload);
   }
 
-  async createOidcCredentialOfferD2A(oidcCredentialD2APayload, orgId: string): Promise<object> {
+  async createOidcCredentialOfferD2A(
+    oidcCredentialD2APayload: CreateCredentialOfferD2ADto,
+    orgId: string
+  ): Promise<object> {
     const payload = { oidcCredentialD2APayload, orgId };
     return this.natsClient.sendNatsMessage(this.issuanceProxy, 'oid4vc-create-credential-offer-D2A', payload);
   }