diff --git a/packages/askar/src/wallet/AskarBaseWallet.ts b/packages/askar/src/wallet/AskarBaseWallet.ts index 95bc973099..c6cba16ade 100644 --- a/packages/askar/src/wallet/AskarBaseWallet.ts +++ b/packages/askar/src/wallet/AskarBaseWallet.ts @@ -193,7 +193,7 @@ export abstract class AskarBaseWallet implements Wallet { } } else if (keyBackend === KeyBackend.SecureElement && keyType === KeyType.P256) { const secureEnvironment = importSecureEnvironment() - const kid = keyId ?? utils.uuid() + const kid = utils.uuid() // Generate a hardware-backed P-256 keypair secureEnvironment.generateKeypair(kid) @@ -206,7 +206,7 @@ export abstract class AskarBaseWallet implements Wallet { keyId: kid, }) - return new Key(publicKeyBytes, keyType, kid) + return new Key(publicKeyBytes, keyType) } else { // Check if there is a signing key provider for the specified key type. if (this.signingKeyProviderRegistry.hasProviderForKeyType(keyType)) { @@ -277,15 +277,13 @@ export abstract class AskarBaseWallet implements Wallet { await this.deleteKeyPair(key.publicKeyBase58) keyPair = undefined } else { - if (!(await this.doesSecureEnvironmentKeyExist(key.keyId))) { - throw new WalletError(`Secure Environment key with id '${key.keyId}' not found`) - } + const { keyId } = await this.getSecureEnvironmentKey(key.publicKeyBase58) if (Array.isArray(data[0])) { throw new WalletError('Multi signature is not supported for the Secure Environment') } - return Buffer.from(await importSecureEnvironment().sign(key.keyId, new Uint8Array(data as Buffer))) + return Buffer.from(await importSecureEnvironment().sign(keyId, new Uint8Array(data as Buffer))) } } @@ -518,13 +516,13 @@ export abstract class AskarBaseWallet implements Wallet { } } - private async doesSecureEnvironmentKeyExist(keyId: string): Promise { + private async getSecureEnvironmentKey(keyId: string): Promise<{ keyId: string }> { try { const entryObject = await this.withSession((session) => session.fetch({ category: 'SecureEnvironmentKeyRecord', name: keyId }) ) - return !!entryObject + return JsonEncoder.fromString(entryObject?.value as string) as { keyId: string } } catch (error) { throw new WalletError('Error retrieving Secure Environment record', { cause: error }) } @@ -567,7 +565,7 @@ export abstract class AskarBaseWallet implements Wallet { await this.withSession((session) => session.insert({ category: 'SecureEnvironmentKeyRecord', - name: options.keyId, + name: options.publicKeyBase58, value: JSON.stringify(options), tags: { keyType: options.keyType, diff --git a/packages/core/src/crypto/Key.ts b/packages/core/src/crypto/Key.ts index 71e7bd9eb7..ec44eead24 100644 --- a/packages/core/src/crypto/Key.ts +++ b/packages/core/src/crypto/Key.ts @@ -9,17 +9,9 @@ export class Key { public readonly publicKey: Buffer public readonly keyType: KeyType - /** - * - * the identifier of the key. If not provided in the constructor the base58 encoded public key will be used as the key identifier by default - * - */ - public keyId: string - - public constructor(publicKey: Uint8Array, keyType: KeyType, keyId?: string) { + public constructor(publicKey: Uint8Array, keyType: KeyType) { this.publicKey = Buffer.from(publicKey) this.keyType = keyType - this.keyId = keyId ?? TypedArrayEncoder.toBase58(this.publicKey) } public static fromPublicKey(publicKey: Uint8Array, keyType: KeyType) {