@auth0/mdl
v0.3.0
Published
Parse and and validate MDOC CBOR encoded binaries according to ISO 18013-5.
Downloads
163
Maintainers
jfromaniello
edgarchirivella-okta
sanjay.manikandhan
ncluer
vic-dev
enriquepina
ece-okta
pubalokta
dougmiller-okta
zak.nour
stheller
jamescgarrett-okta
madhuri.rm23
willvedd
david.renaud.okta
jeff.shuman
auth0-oss
codepete
ziluvatar
iaco
cocojoe
auth0npm
auth0brokkr
hzalaz
aaguiarz
charlesrea
lbalmaceda
julien.wollscheid
cristiandouce
sambego
stevehobbsdev
sandrinodimattia
lzychowski
joshcanhelp
davidpatrick0
widcket
adamjmcgrath
jim.andersoon
frederikprijck
sergii.biienko
tomauth0
jpadilla
jessele
rhamzeh_auth0Readme
mDL
ISO 18013-5 defines mDL (mobile Driver Licenses): an ISO standard for digital driver licenses.
This is a Node.js library to issue and verify mDL CBOR encoded documents.
Installation
npm i @auth0/mdlVerifying a credential
import { Verifier } from "@auth0/mdl";
import { inspect } from "node:util";
import fs from "node:fs";
(async () => {
const encodedDeviceResponse = Buffer.from(encodedDeviceResponseHex, 'hex');
const encodedSessionTranscript = Buffer.from(encodedSessionTranscriptHex, 'hex');
const ephemeralReaderKey = Buffer.from(ephemeralReaderKeyHex, 'hex');
const trustedCerts = [fs.readFileSync('./caCert1.pem')/*, ... */];
const verifier = new Verifier(trustedCerts);
const mdoc = await verifier.verify(encodedDeviceResponse, {
ephemeralReaderKey,
encodedSessionTranscript,
});
//at this point the issuer and device signature are valids.
inspect(mdoc);
})();Getting diagnostic information
import { Verifier } from "@auth0/mdl";
import { inspect } from "node:util";
import fs from "node:fs";
(async () => {
const encodedDeviceResponse = Buffer.from(encodedDeviceResponseHex, 'hex');
const encodedSessionTranscript = Buffer.from(encodedSessionTranscriptHex, 'hex');
const ephemeralReaderKey = Buffer.from(ephemeralReaderKeyHex, 'hex');
const trustedCerts = [fs.readFileSync('./caCert1.pem')/*, ... */];
const verifier = new Verifier(trustedCerts);
const diagnosticInfo = await verifier.getDiagnosticInformation(encodedDeviceResponse, {
ephemeralReaderKey,
encodedSessionTranscript,
});
inspect(diagnosticInfo);
})();Issuing a credential
import { MDoc, Document } from "@auth0/mdl";
import { inspect } from "node:util";
import fs from "node:fs";
(async () => {
const document = await new Document('org.iso.18013.5.1.mDL')
.addIssuerNameSpace('org.iso.18013.5.1', {
family_name: 'Jones',
given_name: 'Ava',
birth_date: '2007-03-25',
})
.useDigestAlgorithm('SHA-256')
.addValidityInfo({
signed: new Date(),
})
.addDeviceKeyInfo({ deviceKey: publicKeyJWK })
.sign({
issuerPrivateKey,
issuerCertificate,
});
const mdoc = new MDoc([document]).encode();
inspect(encoded);
})();Generating a device response
import { DeviceResponse } from "@auth0/mdl";
(() => {
let issuerMDoc;
let deviceResponseMDoc;
// This is what the MDL issuer does to generate a credential:
{
const document = await new Document('org.iso.18013.5.1.mDL')
.addIssuerNameSpace('org.iso.18013.5.1', {
family_name: 'Jones',
given_name: 'Ava',
birth_date: '2007-03-25',
})
.useDigestAlgorithm('SHA-256')
.addValidityInfo({
signed: new Date(),
})
.addDeviceKeyInfo({ deviceKey: publicKeyJWK })
.sign({
issuerPrivateKey,
issuerCertificate,
alg: 'ES256',
});
issuerMDoc = new MDoc([document]).encode();
}
// This is what the DEVICE does to generate a response:
{
deviceResponseMDoc = await DeviceResponse.from(issuerMDoc)
.usingPresentationDefinition(PRESENTATION_DEFINITION_1)
.usingHandover([mdocGeneratedNonce, clientId, responseUri, verifierGeneratedNonce])
.authenticateWithSignature(devicePrivateKey, 'ES256')
.sign();
}
})();License
Apache-2.0