1.3.1 • Published 2 months ago

@fabianscheidt/verifiable-credential-signer v1.3.1

Weekly downloads
-
License
MIT
Repository
-
Last release
2 months ago

Verifiable Credential Signer

Signs verifiable credentials and verifiable presentations according to the JSON Web Signature 2020 specification.

Verifiable credentials contain a proof section, which contains a cryptographic signature of the credential's contents. This service exposes a single POST endpoint which accepts an arbitrary verifiable credential as payload, adds the proof section according to the JSON Web Signature 2020 specification and returns the signed result.

The endpoint is exposed with no path prefix. If you prefer to access the service with a certain prefix, configure your load balancer accordingly. In any case, you should not expose this service publicly, as the endpoint has no protection.

Configuration Options

The service is configured via environment variables.

ConfigurationDescription
KEYPEM-formatted private key (required)
VERIFICATION_METHODVerification method to be included in the proof (required)
PORTPort to expose the service (defaults to 3000)
DEFAULT_SIGNATURE_FLAVOURThe specification is not explicit about how the signature payload is assembled. As a consequence, services related to "Gaia-X" have implemented a suite that differs from other implementations. This setting configures which "flavour" to use. Possible values are "Specification" to match the provided test vectors and "Gaia-X". The default of the HTTP API is "Gaia-X", to not introduce a breaking change in this realm. The setting can be overridden per request by setting the X-Signature-Flavour header.

You can run it locally by e.g., putting your private key into a file and running:

KEY=$(cat key.pem) VERIFICATION_METHOD=did:web:example.com#X509-JWK2020 yarn start

Running Tests

You can execute the available unit tests by running:

yarn test

Deployment

If you use Docker, there is a prebuilt image available, which is kept up to date with this repository: fabisch/verifiable-credential-signer:latest

Usage as Package

The signing functionality can also be used through an npm package: @fabianscheidt/verifiable-credential-signer

expressjosejsonldnode-josets-nodetypescript
@everything-registry/sub-chunk-311
1.3.1

2 months ago

1.3.0

2 months ago

1.2.0

4 months ago

1.1.0

5 months ago