1 files changed, 46 insertions, 0 deletions

diff --git a/packages/server/src/services/settingsService.ts b/packages/server/src/services/settingsService.ts
new file mode 100644
index 0000000..d697103
--- /dev/null
+++ b/packages/server/src/services/settingsService.ts
@@ -0,0 +1,46 @@
+import fs from 'fs';
+import path from 'path';
+
+import { AttestationFormat } from '../helpers/decodeAttestationObject';
+import convertCertBufferToPEM from '../helpers/convertCertBufferToPEM';
+
+class SettingsService {
+  // Certificates are stored as PEM-formatted strings
+  private pemCertificates: Map<AttestationFormat, string>;
+
+  constructor() {
+    this.pemCertificates = new Map();
+  }
+
+  /**
+   * Allow setting custom root certificates for attestation formats that use them
+   *
+   * The certificate can be specified as a raw `Buffer`, or as a PEM-formatted string. If a
+   * `Buffer` is passed in it will be converted to PEM format.
+   */
+  setRootCertificate(opts: {
+    attestationFormat: AttestationFormat;
+    certificate: Buffer | string;
+  }): void {
+    const { attestationFormat } = opts;
+    let { certificate: newCertificate } = opts;
+
+    if (newCertificate instanceof Buffer) {
+      newCertificate = convertCertBufferToPEM(newCertificate);
+    }
+
+    this.pemCertificates.set(attestationFormat, newCertificate);
+  }
+
+  /**
+   * Get any registered root certificates for the specified attestation format
+   */
+  getRootCertificate(opts: { attestationFormat: AttestationFormat }): string {
+    const { attestationFormat } = opts;
+    return this.pemCertificates.get(attestationFormat) ?? '';
+  }
+}
+
+const settingsService = new SettingsService();
+
+export default settingsService;