Skip to content

Latest commit

 

History

History
56 lines (45 loc) · 1.41 KB

README.md

File metadata and controls

56 lines (45 loc) · 1.41 KB

COSE Signatures

with Google Cloud Key Management Service

CI

Usage

🔥 This package is not stable or suitable for production use 🚧

nvm use 18
npm install @transmute/google-cloud-kms-cose-sign
import { KeyManagementServiceClient } from "@google-cloud/kms";
import * as kms from "@transmute/google-cloud-kms-cose-sign";
import * as cose from "@transmute/cose";

const name = process.env.GOOGLE_KMS_KEY_NAME || "";
const email = process.env.GOOGLE_SA_EMAIL || "";
const private_key = process.env.GOOGLE_SA_PRIVATE_KEY || "";
const message = `⌛ My lungs taste the air of Time Blown past falling sands ⌛`;
const payload = new TextEncoder().encode(message);
const client = new KeyManagementServiceClient({
  credentials: {
    client_email: email,
    private_key: private_key.replace(/\\n/g, "\n"),
  },
});

const coseSign1 = await cose
  .signer({
    remote: await kms.cose.remote({ client, name, alg: "ES256" }),
  })
  .sign({
    protectedHeader: cose.ProtectedHeader([
      [cose.Protected.Alg, cose.Signature.ES256],
    ]),
    payload,
  });

const verified = await kms.cose.verifier({ client, name }).verify({
  coseSign1,
});

Develop

npm i
npm t
npm run lint
npm run build