3.2.0 • Published 2 years ago

dsd-module-keystore v3.2.0

Weekly downloads
-
License
-
Repository
-
Last release
2 years ago

==========

Module Source code requirements:

//add asm-config.json to the root of module { "asmSigPubKey": "0x818..9303f", "asmSigPrvKey": "0x1205c..aa", "id": 1, //id of module in ASM system "encPubKey": "0x046525fb..cef" "unlockerUrl": "..." //optional }

//add ./init/initsecret.json { "k2encrypted": "05..52", "initsecret": { "encPrvKey": "0x7f..b0", "symPwd": "12..r", "moduleSpecificKeys": { .. } } }

//include in source code:

var asmConfig = require("./asm-config.json");

const args = require('yargs').argv; const unlockerUrl = args.unlockrpcaddr ? args.unlockrpcaddr : asmConfig.unlockerUrl;

const ModuleKeystore = require("../dsd-module-keystore/keystore"); const moduleKeystore = new ModuleKeystore("./", asmConfig, unlockerUrl ? unlockerUrl : 'http://localhost:5440');

var SECRET_OPTs = {}; var secretCfg;

moduleKeystore.getSecretCfg(SECRET_OPTs).then(scfg => { secretCfg = scfg; });

//on some module's API call: async function handle_acceptsecret(opts) { let data = require("./init/initsecret.json");

try {
    SECRET_OPTs= { ...SECRET_OPTs, ...data };

    let isAccepted = await moduleKeystore.getSecretCfg(SECRET_OPTs);
    ...

} catch (dataErr) {
    ...
}

}

==========

Module Installation instruction:

DSD Admin (DA) Module's Owner (MO)

  1. Admin actions:

    DA: 1- Generate Asm keys (dsd-common-lib/ npm run keys) for the module and place it to the module's cfg DA: 2- Build docker image of the module DA: 3- Launch unlocker (or ensure it is running) DA: 4- Call unlocker.admin_addModule(...)

  2. Module's Owner actions:

    MO: 1- Install docker container with the Module MO: 2- create: - symPwd (just random password), - generate encryption keys pair unlocker.generateEncKeyPair() (or locally via dsd-common-lib) - specific for module: e.g. for vault: create GS-account and get its credentials

    MO: 3- Call unlocker.generateModuleK2(...) and get K2encrypted MO: 4- Create file /init/initsecret.json with such structure: { "k2encrypted": "9f...710", "encPrvKey": "0x7f...cb0", "symPwd": "12...pqr", "moduleSpecificKeys": { "type": "service_account", "project_id": "dsd-phase1", "private_key_id": "39...e2", ... } }

    MO: 5- Call Module (GET/POST module_url/acceptsecret) to apply secret initializaton MO: 6- Delete file /init/initsecret.json

  3. That's it!

debugdsd-common-libyargsaxios
@everything-registry/sub-chunk-1518@infinitebrahmanuniverse/nolb-dsd
3.2.0

2 years ago

1.0.2

2 years ago

1.0.1

2 years ago