Summary
Hi! I have some problems when I try to use this signing tool (I was follow gx-compliance repository).
I tried to generate private/public keys using openSSL and then generate a self signed certificate, the content of these keys are used in .env file.
I used the following script to generate keys/cert:
openssl genrsa -out keypair.pem 2048
openssl rsa -in keypair.pem -pubout -out publickey.crt
openssl pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in keypair.pem -out pkcs8.key
openssl req -new -key pkcs8.key -out my_request.csr
openssl x509 -req -days 3650 -in my_request.csr -signkey pkcs8.key -out cert.key
rm my_request.csr
So, using the previous script the key was in PKCS8 format. I think thats correct. Isnt it?
Anyway, I have modified the code (env and index.js) to add a variable JWT_ALGORITHM inside the .env file (so I can switch to use for example X509)... but I have tried to change this variable and change the method to generate keys and it still fails.
Current Behavior
Fails when try to check self description with the Compliance Service:
๐ Loaded ./config/self-description.json
๐ Hashed canonized SD 1efd1a5039805ed10455271e11ade83d2a6e044761c25da5cb1ecc4b6294e8b1
๐ SD signed successfully (local)
โ
Verification successful (local)
๐ ./output/1663918326577_self-signed_LegalPerson.json saved
๐ ./output/1663918326577_did.json saved
๐ Checking Self Description with the Compliance Service...
'Something went wrong:'
{
statusCode: 409,
message: 'Verification for the given jwk and jws failed.',
error: 'Conflict'
}
Expected Behavior
A successful process
Steps to Reproduce
node ./index.js
after modify self-description.json and env file.
Environment
PRIVATE_KEY="-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCz8c/UjRnLRIm0
V5XZrX+YtEe57pjtjkjhs3kDpKI8gw04jtr+XHtxF1dPykdYG/WzIpk8KNW5U6Ci
...
Q7RgZby31d1Sok6YubMMdtDa0eDVaSdFEIfr+LdFzBHC9RGt/FJLvdhHCOUNHnAl
FKYM055z0JJC4wZdCSYmPQSumIPHfcJWaKKMnDvsVHoh7tNtOLAX9BrFgHolsY3+
+1zPmXn1KZuyolUXHKpMjPRc
-----END PRIVATE KEY-----"
CERTIFICATE="-----BEGIN CERTIFICATE-----
MIIDfTCCAmUCFEb5J7SaEulAVI/WltT09D4cWBT7MA0GCSqGSIb3DQEBCwUAMHsx
...
nMO89712xzIR64Ch5DI5yKCQ5NVFDUUrcfqvrWd2hzAU723VxPEHu6jlD8ISKTJI
MwGwF/i9VqRwGiAMv6+1QjqXazjCiXX4KJQP2czY1fSN
-----END CERTIFICATE-----"
JWT_ALGORITH="PS256" #PS256 or ES256 (X509)
VERIFICATION_METHOD="did:web:compliance.gaia-x.eu"
X5U_URL="https://compliance.gaia-x.eu/.well-known/x509CertificateChain.pem"
API_VERSION="2204"
BASE_URL="https://compliance.gaia-x.eu"
Anything else
When i used yours Hackaton tool everything works!
Also, my self description is the following one:
{
"@context": [
"http://www.w3.org/ns/shacl#",
"http://www.w3.org/2001/XMLSchema#",
"http://w3id.org/gaia-x/participant#"
],
"@id": "http://example.org/participant-dp6gtq7i75lmk9p4j2tfgCTICTICTIC2",
"@type": [
"VerifiableCredential",
"LegalPerson"
],
"credentialSubject": {
"id": "did:web:examnple.com",
"gx-participant:registrationNumber": {
"@value": "G-33906637",
"@type": "xsd:string"
},
"gx-participant:headquarterAddress": {
"@type": "gx-participant:Address",
"gx-participant:country": {
"@type": "xsd:string",
"@value": "ES"
},
"gx-participant:street-address": {
"@value": "C. Ada Byron, 39",
"@type": "xsd:string"
},
"gx-participant:postal-code": {
"@value": "33203",
"@type": "xsd:string"
},
"gx-participant:locality": {
"@value": "Gijon",
"@type": "xsd:string"
}
},
"gx-participant:legalAddress": {
"@type": "gx-participant:Address",
"gx-participant:country": {
"@type": "xsd:string",
"@value": "ES"
},
"gx-participant:street-address": {
"@value": "C. Ada Byron, 39",
"@type": "xsd:string"
},
"gx-participant:postal-code": {
"@value": "33203",
"@type": "xsd:string"
},
"gx-participant:locality": {
"@value": "Gijon",
"@type": "xsd:string"
}
}
}
}
Thanks a lot!!!
Type: Bug