Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: mosip-mediator cryptology back #41

Open
wants to merge 7 commits into
base: main
Choose a base branch
from
Open

chore: mosip-mediator cryptology back #41

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
1044341
chore: initially bring mosip-mediator cryptology back
naftis Jan 21, 2025
2b908df
fix: update imports
naftis Jan 21, 2025
8fa4935
fix: typo
naftis Jan 21, 2025
1497397
refactor: begin to mock the mosip-mediator routes
naftis Jan 21, 2025
24b3858
chore: add some placeholders for encryption
naftis Jan 22, 2025
a848d64
Merge branch 'main' of github.com:opencrvs/mosip into mosip-mediator-…
naftis Jan 28, 2025
e44a02f
feat: use pkcs12 files like mosip does, and refactor mock to work wit…
naftis Jan 28, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
0 ...ages/esignet-mock/src/dev-secrets/jwk.txt → config/jwk.txt
View file
Open in desktop
File renamed without changes.
Binary file added config/keystore.p12
View file
Open in desktop
Binary file not shown.
19 changes: 19 additions & 0 deletions config/mosip-certificate.pem
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
-----BEGIN CERTIFICATE-----
MIIDETCCAfkCFEuJlYaoJWlqAhGqqnpRCIujbooeMA0GCSqGSIb3DQEBCwUAMEUx
CzAJBgNVBAYTAkJHMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRl
cm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMjUwMTI4MDc0NzQ4WhcNMjYwMTI4MDc0
NzQ4WjBFMQswCQYDVQQGEwJCRzETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UE
CgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA0Ku1bkM+xqpNempivJEvu2upOoaeHtq9l/1d98MWOQ5AfiQQ
lGtBcWruq3wGY0bWBgH1GjfhLM16zEdPMBXzKJCQC0Wsqc6R64cizgaqyi9qunk3
XTIhrF7/Vf3XNZrdzsKjbJXiLfPLANawVVgHTrQVfSe6mB6m1fl+bPXpNuW6wUVo
3L8UTbrUyKNlwXre2+repD4EKUtApiFQl3qiqfeDjQw4OxkQqQ75SS7kPvfwD4vz
US5C/nmmv9WVF98qBPVVCOUu/0cOACzs4II8Wd+pFgttiUMG2x094N3h2nk5+F4U
c3sp6oGYOL7QZf8y9yUOVTd/x7F9nYC58qAatQIDAQABMA0GCSqGSIb3DQEBCwUA
A4IBAQCSWitTrls0diOtMZilODZhF7RF5m+7IHlNAETQqoqhiWbjmL/poO/up4np
MIZMM6Ofd6ZtUJJLhNQYH4+Ac/xnt5rePuVQuVVmMLAekKu+uJXEI8ORzR1lK7RW
CFo+Ugk+qJRvjNg0vR6WQkOaaL0MzDQh1ZcSlkXkAs+OzmLd7tqtEfhfAoTxI1Qr
csctaFaNG7OtYpXozIgm3je9GemoJrYrQ84EsgFiJcVpaYly9mKDadCMERYyo66w
OsFQJJVW7EWaGOhqGvimp/ueBVcjNCDXArSOVJnq0iou/FXCxDIN0roYUtBaGNwN
fMWV+rji9hHU1TAoJDop/oAUZkNk
-----END CERTIFICATE-----
28 changes: 28 additions & 0 deletions config/mosip-private-key.pem
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDQq7VuQz7Gqk16
amK8kS+7a6k6hp4e2r2X/V33wxY5DkB+JBCUa0Fxau6rfAZjRtYGAfUaN+EszXrM
R08wFfMokJALRaypzpHrhyLOBqrKL2q6eTddMiGsXv9V/dc1mt3OwqNsleIt88sA
1rBVWAdOtBV9J7qYHqbV+X5s9ek25brBRWjcvxRNutTIo2XBet7b6t6kPgQpS0Cm
IVCXeqKp94ONDDg7GRCpDvlJLuQ+9/APi/NRLkL+eaa/1ZUX3yoE9VUI5S7/Rw4A
LOzggjxZ36kWC22JQwbbHT3g3eHaeTn4XhRzeynqgZg4vtBl/zL3JQ5VN3/HsX2d
gLnyoBq1AgMBAAECggEAUmSKRdhNcDoMT5q0E8qr8y/maRKAWqR6GgpT0SF5o9up
wWTSGxhihbr4NEPLbeWpWkPpmImZ4ovbwc8iSFVSZqD2D01aiM3ktf/s0Ta2txCT
7r8wCh9iRmJYJYcOM79Ld3lI9/YSkZxieplKlNgmQoA+v+Uw+yGXNIPH1JQgmqjS
OTAj3rbo+Qiwvg0OzZRznLNvIyjcLWSeVB3bDhX0FfHF25Tx6rsLqAJx6MvlB4Su
g0rCAicZjJhKNIs3epfdZxkVJ9K0ocoZoww7AR07xzWIlQRw5qrrAROAp76fMEBe
jRtKpPw/55ALC5EqimdRz/R9oZJlVJrHIFEYy/SjPQKBgQDvsr5J3yRIXEOOHS+z
jLm7a7bE95P59oIq2TQVrV8zH5CTC16hykaA3yvVZG5ZinlvKquvqnITL2c+nZzq
RvFl1JXp1o4a2ICgGiwqCEdbfEwp4Jh5eX9dK+aXKUdNZArkNBacdLYkfEuLiu+4
iiVfIDGcv/1oJ1wY4e9QznUSxwKBgQDe3MM9bsW5q+bpDiViiqwYHobdyVqTh6Y3
GlFEGIFKuFYkqKDrdD7vZ0sG5Rmt1zsufvI8nkkTRU3gE9e8YMTZYUnhF4gYA8Q/
pb1ZmZhoTjvqqR4DZQOBXF1nk+5mfcakORjEPMojD9AlZTjltK0ZbIoRabKZbogH
PkqTdnuqowKBgAt5MdSVYsY37F/kE8FzbfyDpmb9Ns8TNp3Ycb7L4q+uxhvTwn7a
EM/gXtfDC+krUK66iydIcFdswHNl1fn81Vc7esWLqJeuX1HKjuygItJFO9wRTRsb
brZGAK6hojEZJdBQkfiBOaq7bF5MkzbxHeLUxqsrIXUX1Te3sN3cVAxHAoGBAKWl
Any7w7zgVy2r9P+MQKNgtS9NxMPY1CMqrXJmoFqwLl7q80huS4TXin1idTavve4u
Ls/9eiUXou1E8lmytz03QZlLSz1GN2xzPQzGy+/jDke5UXSGdReGVmpxGoYVQDq5
sX3SDRAIZdYVqTealfpKoUiV/khqTjLMCtQWAY7vAoGBANd1t0UfSO2fTs92fgI2
8pe1F7QjvbPYfB5fyTp5pbtIxo4FsN3XjtbmLopuhau9bXN0xZPc9yuu4KOGi81V
FSxw7Bgaa8aiwkX2rcnwh/jFqMSgs0pDcNNUiB//rHdiNzD4vm7jgd2wUkQBcf8O
a6RhI68wZP/YtTDEhb6p+fwb
-----END PRIVATE KEY-----
9 changes: 9 additions & 0 deletions config/mosip-public-key.pem
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Ku1bkM+xqpNempivJEv
u2upOoaeHtq9l/1d98MWOQ5AfiQQlGtBcWruq3wGY0bWBgH1GjfhLM16zEdPMBXz
KJCQC0Wsqc6R64cizgaqyi9qunk3XTIhrF7/Vf3XNZrdzsKjbJXiLfPLANawVVgH
TrQVfSe6mB6m1fl+bPXpNuW6wUVo3L8UTbrUyKNlwXre2+repD4EKUtApiFQl3qi
qfeDjQw4OxkQqQ75SS7kPvfwD4vzUS5C/nmmv9WVF98qBPVVCOUu/0cOACzs4II8
Wd+pFgttiUMG2x094N3h2nk5+F4Uc3sp6oGYOL7QZf8y9yUOVTd/x7F9nYC58qAa
tQIDAQAB
-----END PUBLIC KEY-----
2 changes: 1 addition & 1 deletion docs/installation.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
# Installation

This document describes how to setup the integration between OpenCRVS and MOSIP. In this example, we will deploy the [mosip-mock](./packages/mosip-mock), [esigneet-mock](./packages/esigneet-mock) & [mosip-api](./packages/mosip-api). In a real-world scenario, MOSIP would provide the details we're mocking.
This document describes how to setup the integration between OpenCRVS and MOSIP. In this example, we will deploy the [mosip-mock](./packages/mosip-mock), [esignet-mock](./packages/esignet-mock) & [mosip-api](./packages/mosip-api). In a real-world scenario, MOSIP would provide the details we're mocking.
57 changes: 45 additions & 12 deletions docs/playground.ipynb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,10 +13,38 @@
"metadata": {},
"outputs": [],
"source": [
"# Import birth bundle from .json\n",
"\n",
"import json\n",
"\n",
"with open('incoming-birth-bundle.json') as f:\n",
" event = json.load(f)\n"
" event = json.load(f)\n",
" record_id = event[\"entry\"][0][\"resource\"][\"id\"]\n"
]
},
{
"cell_type": "code",
"execution_count": 4,
"metadata": {},
"outputs": [],
"source": [
"# Get a record-specific token\n",
"# https://is-my-opencrvs-up.netlify.app/ token generator for the subject_token\n",
"\n",
"import requests\n",
"\n",
"url = \"http://localhost:4040/token\"\n",
"querystring = {\"subject_token\":\"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzY29wZSI6WyJyZWNvcmQuZGVjbGFyZS1iaXJ0aCIsInJlY29yZC5kZWNsYXJlLWRlYXRoIiwicmVjb3JkLmRlY2xhcmUtbWFycmlhZ2UiLCJyZWNvcmQuZGVjbGFyYXRpb24tZWRpdCIsInJlY29yZC5kZWNsYXJhdGlvbi1zdWJtaXQtZm9yLXVwZGF0ZXMiLCJyZWNvcmQucmV2aWV3LWR1cGxpY2F0ZXMiLCJyZWNvcmQuZGVjbGFyYXRpb24tYXJjaGl2ZSIsInJlY29yZC5kZWNsYXJhdGlvbi1yZWluc3RhdGUiLCJyZWNvcmQucmVnaXN0ZXIiLCJyZWNvcmQucmVnaXN0cmF0aW9uLWNvcnJlY3QiLCJyZWNvcmQuZGVjbGFyYXRpb24tcHJpbnQtc3VwcG9ydGluZy1kb2N1bWVudHMiLCJyZWNvcmQuZXhwb3J0LXJlY29yZHMiLCJyZWNvcmQudW5hc3NpZ24tb3RoZXJzIiwicmVjb3JkLnJlZ2lzdHJhdGlvbi1wcmludCZpc3N1ZS1jZXJ0aWZpZWQtY29waWVzIiwicmVjb3JkLmNvbmZpcm0tcmVnaXN0cmF0aW9uIiwicmVjb3JkLnJlamVjdC1yZWdpc3RyYXRpb24iLCJwZXJmb3JtYW5jZS5yZWFkIiwicGVyZm9ybWFuY2UucmVhZC1kYXNoYm9hcmRzIiwicHJvZmlsZS5lbGVjdHJvbmljLXNpZ25hdHVyZSIsIm9yZ2FuaXNhdGlvbi5yZWFkLWxvY2F0aW9uczpteS1vZmZpY2UiLCJzZWFyY2guYmlydGgiLCJzZWFyY2guZGVhdGgiLCJzZWFyY2gubWFycmlhZ2UiLCJkZW1vIl0sImlhdCI6MTczODA2NDI3NywiZXhwIjoxNzM4NjY5MDc3LCJhdWQiOlsib3BlbmNydnM6YXV0aC11c2VyIiwib3BlbmNydnM6dXNlci1tZ250LXVzZXIiLCJvcGVuY3J2czpoZWFydGgtdXNlciIsIm9wZW5jcnZzOmdhdGV3YXktdXNlciIsIm9wZW5jcnZzOm5vdGlmaWNhdGlvbi11c2VyIiwib3BlbmNydnM6d29ya2Zsb3ctdXNlciIsIm9wZW5jcnZzOnNlYXJjaC11c2VyIiwib3BlbmNydnM6bWV0cmljcy11c2VyIiwib3BlbmNydnM6Y291bnRyeWNvbmZpZy11c2VyIiwib3BlbmNydnM6d2ViaG9va3MtdXNlciIsIm9wZW5jcnZzOmNvbmZpZy11c2VyIiwib3BlbmNydnM6ZG9jdW1lbnRzLXVzZXIiXSwiaXNzIjoib3BlbmNydnM6YXV0aC1zZXJ2aWNlIiwic3ViIjoiNjc0ZGUwMzBmOGMwYTFjMTJlZjgwYzg3In0.gs6s4m5EEyHARj72pYpjobTpugOmAlo4QP_bIbJCd7w1VSMxxc1bqtzuqXyf7DvwXIW3ZfIJdBpuJhzY53wunXU2c2c-HJo9Da1oIvgCcKqJtritDZCwOkxkR9P7uftX0hi1yBOZWgKpcCM0QGAcl_4L3s_hkrxBJAnDM-q7S4fySPhdU4E-voREfWzoP8NsFQkYPreIBm2shFQYNSv75DvXyTXM9zDZCPdP_iXKqWUdw54ZL7bew7r8YxKwmObwJhhgREpVVkG-gXVai9NMVaCdXNC7T6rkcsEc1do2h0QJiR3hl-Jk99taKnrv6TzKh0JUsb8Gd_XdibdDuEHeIg\",\n",
" \"grant_type\":\"urn:opencrvs:oauth:grant-type:token-exchange\",\n",
" \"subject_token_type\":\"urn:ietf:params:oauth:token-type:access_token\",\n",
" \"requested_token_type\":\"urn:opencrvs:oauth:token-type:single_record_token\",\n",
" \"record_id\": record_id}\n",
"headers = {\n",
" \"Content-Type\": \"application/json\",\n",
"}\n",
"\n",
"response = requests.request(\"POST\", url, headers=headers, params=querystring)\n",
"token = response.json()[\"access_token\"]"
]
},
{
Expand All @@ -33,10 +61,11 @@
}
],
"source": [
"# Register the event\n",
"\n",
"import requests\n",
"\n",
"url = \"http://localhost:2024/webhooks/opencrvs\"\n",
"token = \"your_token_here\"\n",
"url = \"http://localhost:2024/events/registration\"\n",
"headers = {\"Authorization\": f\"Bearer {token}\"}\n",
"response = requests.post(url, json=event, headers=headers)\n",
"print(response.status_code)\n"
Expand All @@ -51,7 +80,7 @@
},
{
"cell_type": "code",
"execution_count": 6,
"execution_count": 3,
"metadata": {},
"outputs": [],
"source": [
Expand All @@ -63,22 +92,26 @@
},
{
"cell_type": "code",
"execution_count": 8,
"execution_count": 2,
"metadata": {},
"outputs": [
{
"name": "stdout",
"output_type": "stream",
"text": [
"202\n"
"ename": "ModuleNotFoundError",
"evalue": "No module named 'requests'",
"output_type": "error",
"traceback": [
"\u001b[0;31m---------------------------------------------------------------------------\u001b[0m",
"\u001b[0;31mModuleNotFoundError\u001b[0m Traceback (most recent call last)",
"Cell \u001b[0;32mIn[2], line 1\u001b[0m\n\u001b[0;32m----> 1\u001b[0m \u001b[38;5;28;01mimport\u001b[39;00m \u001b[38;5;21;01mrequests\u001b[39;00m\n\u001b[1;32m 3\u001b[0m url \u001b[38;5;241m=\u001b[39m \u001b[38;5;124m\"\u001b[39m\u001b[38;5;124mhttp://localhost:2024/routes/opencrvs\u001b[39m\u001b[38;5;124m\"\u001b[39m\n\u001b[1;32m 4\u001b[0m token \u001b[38;5;241m=\u001b[39m \u001b[38;5;124m\"\u001b[39m\u001b[38;5;124myour_token_here\u001b[39m\u001b[38;5;124m\"\u001b[39m\n",
"\u001b[0;31mModuleNotFoundError\u001b[0m: No module named 'requests'"
]
}
],
"source": [
"import requests\n",
"\n",
"url = \"http://localhost:2024/webhooks/opencrvs\"\n",
"token = \"your_token_here\"\n",
"url = \"http://localhost:2024/routes/opencrvs\"\n",
"token = \"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzY29wZSI6WyJyZWdpc3RlciIsInBlcmZvcm1hbmNlIiwiY2VydGlmeSIsImRlbW8iXSwiaWF0IjoxNzM3NDcwNjI1LCJleHAiOjE3MzgwNzU0MjUsImF1ZCI6WyJvcGVuY3J2czphdXRoLXVzZXIiLCJvcGVuY3J2czp1c2VyLW1nbnQtdXNlciIsIm9wZW5jcnZzOmhlYXJ0aC11c2VyIiwib3BlbmNydnM6Z2F0ZXdheS11c2VyIiwib3BlbmNydnM6bm90aWZpY2F0aW9uLXVzZXIiLCJvcGVuY3J2czp3b3JrZmxvdy11c2VyIiwib3BlbmNydnM6c2VhcmNoLXVzZXIiLCJvcGVuY3J2czptZXRyaWNzLXVzZXIiLCJvcGVuY3J2czpjb3VudHJ5Y29uZmlnLXVzZXIiLCJvcGVuY3J2czp3ZWJob29rcy11c2VyIiwib3BlbmNydnM6Y29uZmlnLXVzZXIiLCJvcGVuY3J2czpkb2N1bWVudHMtdXNlciJdLCJpc3MiOiJvcGVuY3J2czphdXRoLXNlcnZpY2UiLCJzdWIiOiI2NzRkZTAzMGY4YzBhMWMxMmVmODBjODcifQ.BViXNILaE8aEKEXdb46gWGuuIarwxAMCY1hKM7lO6X3p7vcM7VfarPu36usM3Ca0AygOVIYwxZ5wEsJwAng1F10FSYBnu1G8vlk1nB99vqZa5_9Q0p-2lyfHkjFEOsusFjU1z7uTZ53VYJ_EsLwv6ClSF9slr4SxUL5486xC8mG9MuJpvKyGCPt9yPvfUyEX41PImrReMHJLgnE4S74bQW-B8CH2gi_CnZBGmYewljXF1Wf8AQgHqXfpTMO8M7mP947x3CMgdZVaRkd9mycsoPQCKVyH_P8kCjobwZxgPmmMAr9yfXfWGCVJvxQSJVNlpzcPpR9uygdl14IGn_eiQA\"\n",
"headers = {\"Authorization\": f\"Bearer {token}\"}\n",
"response = requests.post(url, json=event, headers=headers)\n",
"print(response.status_code)"
Expand All @@ -101,7 +134,7 @@
"name": "python",
"nbconvert_exporter": "python",
"pygments_lexer": "ipython3",
"version": "3.8.10"
"version": "3.11.11"
}
},
"nbformat": 4,
Expand Down
3 changes: 2 additions & 1 deletion packages/country-config/src/events.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,8 @@ import fetch from "node-fetch";

export const mosipRegistrationHandler = ({ url }: { url: string }) =>
(async (request: Hapi.Request, h: Hapi.ResponseToolkit) => {
const OPENCRVS_MOSIP_GATEWAY_URL = new URL("./webhooks/opencrvs", url);
// Corresponds to `packages/mosip-api` /events/registration -route
const OPENCRVS_MOSIP_GATEWAY_URL = new URL("./events/registration", url);

const response = await fetch(OPENCRVS_MOSIP_GATEWAY_URL, {
method: "POST",
Expand Down
2 changes: 1 addition & 1 deletion packages/esignet-mock/src/index.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ const generateSignedJwt = async (userInfo: OIDPUserInfo) => {
};

const decodeKey = Buffer.from(
readFileSync(join(__dirname, "./dev-secrets/jwk.txt")).toString(),
readFileSync(join(__dirname, "../../../config/jwk.txt")).toString(),
"base64",
)?.toString();
const jwkObject = JSON.parse(decodeKey);
Expand Down
4 changes: 3 additions & 1 deletion packages/mosip-api/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
"version": "1.7.0-alpha.13",
"license": "MPL-2.0",
"scripts": {
"dev": "NODE_ENV=development tsx watch src/index.ts",
"dev": "NODE_ENV=development DANGEROUSLY_BYPASS_ENCRYPTION=true tsx watch src/index.ts",
"start": "NODE_ENV=production tsx src/index.ts"
},
"dependencies": {
Expand All @@ -17,6 +17,7 @@
"fastify-type-provider-zod": "^4.0.2",
"jose": "^5.9.6",
"jsonwebtoken": "^9.0.2",
"node-forge": "^1.3.1",
"tsx": "^4.19.2",
"typescript": "^5.6.3",
"zod": "^3.23.8"
Expand All @@ -27,6 +28,7 @@
"@types/fhir": "^0.0.37",
"@types/jsonwebtoken": "^9.0.7",
"@types/node-fetch": "^2.6.12",
"@types/node-forge": "^1.3.11",
"eslint": "^9.13.0",
"node-fetch": "^2.6.1",
"pino-pretty": "^11.3.0",
Expand Down
33 changes: 29 additions & 4 deletions packages/mosip-api/src/constants.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
import { cleanEnv, str, port, url } from "envalid";
import { cleanEnv, str, port, url, bool } from "envalid";
import { readFileSync } from "fs";
import { join } from "path";

Expand All @@ -7,11 +7,11 @@ export const env = cleanEnv(process.env, {
HOST: str({ default: "0.0.0.0", devDefault: "localhost" }),
LOCALE: str({ devDefault: "en" }),
MOSIP_BIRTH_WEBHOOK_URL: str({
devDefault: "http://localhost:20240/webhooks/opencrvs/birth",
devDefault: "http://localhost:20240/events/birth",
desc: "The URL where MOSIP receives birth webhooks from OpenCRVS",
}),
MOSIP_DEATH_WEBHOOK_URL: str({
devDefault: "http://localhost:20240/webhooks/opencrvs/death",
devDefault: "http://localhost:20240/events/death",
desc: "The URL where MOSIP receives death webhooks from OpenCRVS",
}),
OPENCRVS_GRAPHQL_GATEWAY_URL: str({
Expand All @@ -25,7 +25,32 @@ export const env = cleanEnv(process.env, {
OIDP_JWT_AUD_CLAIM: str({ devDefault: undefined }),
OIDP_CLIENT_PRIVATE_KEY: str({
devDefault: readFileSync(
join(__dirname, "./dev-secrets/jwk.txt"),
join(__dirname, "../../../config/jwk.txt"),
).toString(),
}),
MOSIP_AUTH_URL: str({ devDefault: "http://localhost:20240/oauth/token" }),
MOSIP_AUTH_CLIENT_ID: str({ devDefault: "mosip-mock" }),
MOSIP_AUTH_CLIENT_SECRET: str({ devDefault: "mosip-mock" }),
MOSIP_AUTH_USER: str({ devDefault: "mosip-mock" }),
MOSIP_AUTH_PASS: str({ devDefault: "mosip-mock" }),
MOSIP_GENERATE_AID_URL: str({ devDefault: "http://localhost:20240/aid" }),

PKCS12_FILE_PATH: str({
devDefault: join(__dirname, "../../../config/keystore.p12"),
}),
PKCS12_PASSWORD: str({ devDefault: "mosip123" }),

MOSIP_CERTIFICATE: str({
// NOTE! Generated in dev from `./dev-secrets/mosip-private-key.pem`, if needed for future.
// In reality, the private key would never be shared with OpenCRVS
devDefault: readFileSync(
join(__dirname, "../../../config/mosip-certificate.pem"),
).toString(),
desc: "Used to encrypt the symmetric key that MOSIP can use to decrypt the payload.",
}),

DANGEROUSLY_BYPASS_ENCRYPTION: bool({
default: false,
desc: "DO _NOT_ USE IN PRODUCTION",
}),
});
20 changes: 20 additions & 0 deletions packages/mosip-api/src/crypto/crypto-constants.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
import { env } from "../constants";
import { extractKeysFromPkcs12 } from "./extract-p12";

export const KEY_SPLITTER = "#KEY_SPLITTER#";
export const VERSION_RSA_2048 = "VER_R2";
export const SYMMETRIC_ALGORITHM = "AES-GCM";
export const ASYMMETRIC_ALGORITHM = "RSA-OAEP";
export const SYMMETRIC_KEY_SIZE = 32;
export const NONCE_SIZE = 12;
export const AAD_SIZE = 32;
export const GCM_TAG_LENGTH = 16;
export const THUMBPRINT_LENGTH = 32;

/** @TODO: Figure out if this is actually ever configured, as earlier it was from the environment? */
export const IS_THUMBPRINT = false;

export const { privateKey: OPENCRVS_PRIVATE_KEY } = extractKeysFromPkcs12(
env.PKCS12_FILE_PATH,
env.PKCS12_PASSWORD,
);
Loading
Loading