feat: Allow to pass in additional keys for EBSI

Sphereon-Opensource · Jul 14, 2024 · 16aa9e2 · 16aa9e2
1 parent 422cf14
commit 16aa9e2
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 1 deletion.
diff --git a/packages/ebsi-support/src/did/EbsiDidProvider.ts b/packages/ebsi-support/src/did/EbsiDidProvider.ts
@@ -35,6 +35,7 @@ export class EbsiDidProvider extends AbstractIdentifierProvider {
       notAfter,
       secp256k1Key,
       secp256r1Key,
+      keys,
       accessTokenOpts,
       executeLedgerOperation = !!args.options?.accessTokenOpts,
       methodSpecificId = generateEbsiMethodSpecificId(EBSI_DID_SPEC_INFOS.V1),
@@ -48,9 +49,11 @@ export class EbsiDidProvider extends AbstractIdentifierProvider {
     const rpcId = options?.rpcId ?? randomRpcId()
 
     if (type === EBSI_DID_SPEC_INFOS.KEY) {
-      throw new Error(`Type ${type} not supported. Please use @sphereon/ssi-sdk-ext.did-provider-key for Natural Person EBSI DIDs`)
+      return Promise.reject(Error(`Type ${type} not supported. Please use @sphereon/ssi-sdk-ext.did-provider-key for Natural Person EBSI DIDs`))
     } else if (!kms) {
       return Promise.reject(Error(`No KMS value provided`))
+    } else if (keys && keys.length > 0 && !executeLedgerOperation) {
+      return Promise.reject(Error(`Cannot add additional keys if ledger operation is not enabled at creation. Please add the keys later yourself`))
     }
 
     // CapabilityInvocation purpose
@@ -106,6 +109,20 @@ export class EbsiDidProvider extends AbstractIdentifierProvider {
         },
         context,
       )
+      if (keys && keys.length > 0) {
+        for (const keyOpts of keys) {
+          const key = await ebsiGenerateOrUseKeyPair(
+            {
+              keyOpts,
+              keyType: keyOpts.type ?? 'Secp256r1',
+              kms,
+            },
+            context,
+          )
+          const managedKeyInfo = await context.agent.keyManagerImport(key)
+          console.warn(`FIXME: Anchor additional key on EBSI`, managedKeyInfo)
+        }
+      }
     }
 
     debug('Created', identifier.did)

diff --git a/packages/ebsi-support/src/did/types.ts b/packages/ebsi-support/src/did/types.ts
@@ -83,6 +83,7 @@ export type EbsiCreateIdentifierOpts = {
   rpcId?: number
   secp256k1Key?: IKeyOpts
   secp256r1Key?: IKeyOpts
+  keys?: IKeyOpts[] // additional importable keys, but only in case execute ledger is true
   executeLedgerOperation?: boolean // Whether to persist on the EBSI ledger. By default looks at whether access token opts are set or not
   baseDocument?: string
   notBefore?: number