@abaxxtech/id 0.0.0

package/dist/esm/src/utils/encryption.js

@@ -0,0 +1,128 @@
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+import * as crypto from 'crypto';
+import * as eciesjs from 'eciesjs';
+import { Readable } from 'readable-stream';
+// compress publicKey for message encryption
+eciesjs.ECIES_CONFIG.isEphemeralKeyCompressed = true;
+/**
+ * Utility class for performing common, non-DWN specific encryption operations.
+ */
+export class Encryption {
+    /**
+     * Encrypts the given plaintext stream using AES-256-CTR algorithm.
+     */
+    static aes256CtrEncrypt(key, initializationVector, plaintextStream) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const cipher = crypto.createCipheriv('aes-256-ctr', key, initializationVector);
+            const cipherStream = new Readable({
+                read() { }
+            });
+            plaintextStream.on('data', (chunk) => {
+                const encryptedChunk = cipher.update(chunk);
+                cipherStream.push(encryptedChunk);
+            });
+            plaintextStream.on('end', () => {
+                const finalChunk = cipher.final();
+                cipherStream.push(finalChunk);
+                cipherStream.push(null);
+            });
+            plaintextStream.on('error', (err) => {
+                cipherStream.emit('error', err);
+            });
+            return cipherStream;
+        });
+    }
+    /**
+     * Decrypts the given cipher stream using AES-256-CTR algorithm.
+     */
+    static aes256CtrDecrypt(key, initializationVector, cipherStream) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const decipher = crypto.createDecipheriv('aes-256-ctr', key, initializationVector);
+            const plaintextStream = new Readable({
+                read() { }
+            });
+            cipherStream.on('data', (chunk) => {
+                const decryptedChunk = decipher.update(chunk);
+                plaintextStream.push(decryptedChunk);
+            });
+            cipherStream.on('end', () => {
+                const finalChunk = decipher.final();
+                plaintextStream.push(finalChunk);
+                plaintextStream.push(null);
+            });
+            cipherStream.on('error', (err) => {
+                plaintextStream.emit('error', err);
+            });
+            return plaintextStream;
+        });
+    }
+    /**
+     * Encrypts the given plaintext using ECIES (Elliptic Curve Integrated Encryption Scheme)
+     * with SECP256K1 for the asymmetric calculations, HKDF as the key-derivation function,
+     * and AES-GCM for the symmetric encryption and MAC algorithms.
+     */
+    static eciesSecp256k1Encrypt(publicKeyBytes, plaintext) {
+        return __awaiter(this, void 0, void 0, function* () {
+            // underlying library requires Buffer as input
+            const publicKey = Buffer.from(publicKeyBytes);
+            const plaintextBuffer = Buffer.from(plaintext);
+            const cryptogram = eciesjs.encrypt(publicKey, plaintextBuffer);
+            // split cryptogram returned into constituent parts
+            let start = 0;
+            let end = Encryption.isEphemeralKeyCompressed ? 33 : 65;
+            const ephemeralPublicKey = cryptogram.subarray(start, end);
+            start = end;
+            end += eciesjs.ECIES_CONFIG.symmetricNonceLength;
+            const initializationVector = cryptogram.subarray(start, end);
+            start = end;
+            end += 16; // eciesjs.consts.AEAD_TAG_LENGTH
+            const messageAuthenticationCode = cryptogram.subarray(start, end);
+            const ciphertext = cryptogram.subarray(end);
+            return {
+                ciphertext,
+                ephemeralPublicKey,
+                initializationVector,
+                messageAuthenticationCode
+            };
+        });
+    }
+    /**
+     * Decrypt the given plaintext using ECIES (Elliptic Curve Integrated Encryption Scheme)
+     * with SECP256K1 for the asymmetric calculations, HKDF as the key-derivation function,
+     * and AES-GCM for the symmetric encryption and MAC algorithms.
+     */
+    static eciesSecp256k1Decrypt(input) {
+        return __awaiter(this, void 0, void 0, function* () {
+            // underlying library requires Buffer as input
+            const privateKeyBuffer = Buffer.from(input.privateKey);
+            const eciesEncryptionOutput = Buffer.concat([
+                input.ephemeralPublicKey,
+                input.initializationVector,
+                input.messageAuthenticationCode,
+                input.ciphertext
+            ]);
+            const plaintext = eciesjs.decrypt(privateKeyBuffer, eciesEncryptionOutput);
+            return plaintext;
+        });
+    }
+    /**
+     * Expose eciesjs library configuration
+     */
+    static get isEphemeralKeyCompressed() {
+        return eciesjs.ECIES_CONFIG.isEphemeralKeyCompressed;
+    }
+}
+export var EncryptionAlgorithm;
+(function (EncryptionAlgorithm) {
+    EncryptionAlgorithm["Aes256Ctr"] = "A256CTR";
+    EncryptionAlgorithm["EciesSecp256k1"] = "ECIES-ES256K";
+})(EncryptionAlgorithm || (EncryptionAlgorithm = {}));
+//# sourceMappingURL=encryption.js.map

package/dist/esm/src/utils/encryption.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"encryption.js","sourceRoot":"","sources":["../../../../src/utils/encryption.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,KAAK,MAAM,MAAM,QAAQ,CAAC;AACjC,OAAO,KAAK,OAAO,MAAM,SAAS,CAAC;AACnC,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAE3C,4CAA4C;AAC5C,OAAO,CAAC,YAAY,CAAC,wBAAwB,GAAG,IAAI,CAAC;AAErD;;GAEG;AACH,MAAM,OAAO,UAAU;IACrB;;OAEG;IACI,MAAM,CAAO,gBAAgB,CAAC,GAAe,EAAE,oBAAgC,EAAE,eAAyB;;YAC/G,MAAM,MAAM,GAAG,MAAM,CAAC,cAAc,CAAC,aAAa,EAAE,GAAG,EAAE,oBAAoB,CAAC,CAAC;YAE/E,MAAM,YAAY,GAAG,IAAI,QAAQ,CAAC;gBAChC,IAAI,KAAW,CAAC;aACjB,CAAC,CAAC;YAEH,eAAe,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE;gBACnC,MAAM,cAAc,GAAG,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBAC5C,YAAY,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;YACpC,CAAC,CAAC,CAAC;YAEH,eAAe,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE;gBAC7B,MAAM,UAAU,GAAG,MAAM,CAAC,KAAK,EAAE,CAAC;gBAClC,YAAY,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;gBAC9B,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC1B,CAAC,CAAC,CAAC;YAEH,eAAe,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE;gBAClC,YAAY,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;YAClC,CAAC,CAAC,CAAC;YAEH,OAAO,YAAY,CAAC;QACtB,CAAC;KAAA;IAED;;OAEG;IACI,MAAM,CAAO,gBAAgB,CAAC,GAAe,EAAE,oBAAgC,EAAE,YAAsB;;YAC5G,MAAM,QAAQ,GAAG,MAAM,CAAC,gBAAgB,CAAC,aAAa,EAAE,GAAG,EAAE,oBAAoB,CAAC,CAAC;YAEnF,MAAM,eAAe,GAAG,IAAI,QAAQ,CAAC;gBACnC,IAAI,KAAW,CAAC;aACjB,CAAC,CAAC;YAEH,YAAY,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE;gBAChC,MAAM,cAAc,GAAG,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBAC9C,eAAe,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;YACvC,CAAC,CAAC,CAAC;YAEH,YAAY,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE;gBAC1B,MAAM,UAAU,GAAG,QAAQ,CAAC,KAAK,EAAE,CAAC;gBACpC,eAAe,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;gBACjC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC7B,CAAC,CAAC,CAAC;YAEH,YAAY,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE;gBAC/B,eAAe,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;YACrC,CAAC,CAAC,CAAC;YAEH,OAAO,eAAe,CAAC;QACzB,CAAC;KAAA;IAED;;;;OAIG;IACI,MAAM,CAAO,qBAAqB,CAAC,cAA0B,EAAE,SAAqB;;YACzF,8CAA8C;YAC9C,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;YAC9C,MAAM,eAAe,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAE/C,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,SAAS,EAAE,eAAe,CAAC,CAAC;YAE/D,mDAAmD;YACnD,IAAI,KAAK,GAAG,CAAC,CAAC;YACd,IAAI,GAAG,GAAG,UAAU,CAAC,wBAAwB,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACxD,MAAM,kBAAkB,GAAG,UAAU,CAAC,QAAQ,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;YAE3D,KAAK,GAAG,GAAG,CAAC;YACZ,GAAG,IAAI,OAAO,CAAC,YAAY,CAAC,oBAAoB,CAAC;YACjD,MAAM,oBAAoB,GAAG,UAAU,CAAC,QAAQ,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;YAE7D,KAAK,GAAG,GAAG,CAAC;YACZ,GAAG,IAAI,EAAE,CAAC,CAAC,iCAAiC;YAC5C,MAAM,yBAAyB,GAAG,UAAU,CAAC,QAAQ,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;YAElE,MAAM,UAAU,GAAG,UAAU,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;YAE5C,OAAO;gBACL,UAAU;gBACV,kBAAkB;gBAClB,oBAAoB;gBACpB,yBAAyB;aAC1B,CAAC;QACJ,CAAC;KAAA;IAED;;;;OAIG;IACI,MAAM,CAAO,qBAAqB,CAAC,KAA2B;;YACnE,8CAA8C;YAC9C,MAAM,gBAAgB,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;YACvD,MAAM,qBAAqB,GAAG,MAAM,CAAC,MAAM,CAAC;gBAC1C,KAAK,CAAC,kBAAkB;gBACxB,KAAK,CAAC,oBAAoB;gBAC1B,KAAK,CAAC,yBAAyB;gBAC/B,KAAK,CAAC,UAAU;aACjB,CAAC,CAAC;YAEH,MAAM,SAAS,GAAG,OAAO,CAAC,OAAO,CAAC,gBAAgB,EAAE,qBAAqB,CAAC,CAAC;YAE3E,OAAO,SAAS,CAAC;QACnB,CAAC;KAAA;IAED;;OAEG;IACH,MAAM,KAAK,wBAAwB;QACjC,OAAO,OAAO,CAAC,YAAY,CAAC,wBAAwB,CAAC;IACvD,CAAC;CACF;AAaD,MAAM,CAAN,IAAY,mBAGX;AAHD,WAAY,mBAAmB;IAC7B,4CAAqB,CAAA;IACrB,sDAA+B,CAAA;AACjC,CAAC,EAHW,mBAAmB,KAAnB,mBAAmB,QAG9B"}

package/dist/esm/src/utils/hd-key.js

@@ -0,0 +1,60 @@
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+import { Secp256k1 } from './secp256k1.js';
+export var KeyDerivationScheme;
+(function (KeyDerivationScheme) {
+    /**
+     * Key derivation using the `dataFormat` value for Flat-space records.
+     */
+    KeyDerivationScheme["DataFormats"] = "dataFormats";
+    KeyDerivationScheme["ProtocolContext"] = "protocolContext";
+    KeyDerivationScheme["ProtocolPath"] = "protocolPath";
+    /**
+     * Key derivation using the `schema` value for Flat-space records.
+     */
+    KeyDerivationScheme["Schemas"] = "schemas";
+})(KeyDerivationScheme || (KeyDerivationScheme = {}));
+/**
+ * Class containing hierarchical deterministic key related utility methods used by the DWN.
+ */
+export class HdKey {
+    /**
+     * Derives a descendant private key.
+     * NOTE: currently only supports SECP256K1 keys.
+     */
+    static derivePrivateKey(ancestorKey, subDerivationPath) {
+        return __awaiter(this, void 0, void 0, function* () {
+            var _a;
+            const ancestorPrivateKey = Secp256k1.privateJwkToBytes(ancestorKey.derivedPrivateKey);
+            const ancestorPrivateKeyDerivationPath = (_a = ancestorKey.derivationPath) !== null && _a !== void 0 ? _a : [];
+            const derivedPrivateKeyBytes = yield Secp256k1.derivePrivateKey(ancestorPrivateKey, subDerivationPath);
+            const derivedPrivateJwk = yield Secp256k1.privateKeyToJwk(derivedPrivateKeyBytes);
+            const derivedDescendantPrivateKey = {
+                rootKeyId: ancestorKey.rootKeyId,
+                derivationScheme: ancestorKey.derivationScheme,
+                derivationPath: [...ancestorPrivateKeyDerivationPath, ...subDerivationPath],
+                derivedPrivateKey: derivedPrivateJwk
+            };
+            return derivedDescendantPrivateKey;
+        });
+    }
+    /**
+     * Derives a descendant public key from an ancestor private key.
+     * NOTE: currently only supports SECP256K1 keys.
+     */
+    static derivePublicKey(ancestorKey, subDerivationPath) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const derivedDescendantPrivateKey = yield HdKey.derivePrivateKey(ancestorKey, subDerivationPath);
+            const derivedDescendantPublicKey = yield Secp256k1.getPublicJwk(derivedDescendantPrivateKey.derivedPrivateKey);
+            return derivedDescendantPublicKey;
+        });
+    }
+}
+//# sourceMappingURL=hd-key.js.map

package/dist/esm/src/utils/hd-key.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"hd-key.js","sourceRoot":"","sources":["../../../../src/utils/hd-key.ts"],"names":[],"mappings":";;;;;;;;;AAEA,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAE3C,MAAM,CAAN,IAAY,mBAWX;AAXD,WAAY,mBAAmB;IAC7B;;OAEG;IACH,kDAA2B,CAAA;IAC3B,0DAAmC,CAAA;IACnC,oDAA6B,CAAA;IAC7B;;OAEG;IACH,0CAAmB,CAAA;AACrB,CAAC,EAXW,mBAAmB,KAAnB,mBAAmB,QAW9B;AASD;;GAEG;AACH,MAAM,OAAO,KAAK;IAChB;;;OAGG;IACI,MAAM,CAAO,gBAAgB,CAAC,WAA8B,EAAE,iBAA2B;;;YAC9F,MAAM,kBAAkB,GAAG,SAAS,CAAC,iBAAiB,CAAC,WAAW,CAAC,iBAAiB,CAAC,CAAC;YACtF,MAAM,gCAAgC,GAAG,MAAA,WAAW,CAAC,cAAc,mCAAI,EAAE,CAAC;YAC1E,MAAM,sBAAsB,GAAG,MAAM,SAAS,CAAC,gBAAgB,CAAC,kBAAkB,EAAE,iBAAiB,CAAC,CAAC;YACvG,MAAM,iBAAiB,GAAG,MAAM,SAAS,CAAC,eAAe,CAAC,sBAAsB,CAAC,CAAC;YAClF,MAAM,2BAA2B,GAAsB;gBACrD,SAAS,EAAW,WAAW,CAAC,SAAS;gBACzC,gBAAgB,EAAI,WAAW,CAAC,gBAAgB;gBAChD,cAAc,EAAM,CAAC,GAAG,gCAAgC,EAAE,GAAG,iBAAiB,CAAC;gBAC/E,iBAAiB,EAAG,iBAAiB;aACtC,CAAC;YAEF,OAAO,2BAA2B,CAAC;QACrC,CAAC;KAAA;IAED;;;OAGG;IACI,MAAM,CAAO,eAAe,CAAC,WAA8B,EAAE,iBAA2B;;YAC7F,MAAM,2BAA2B,GAAG,MAAM,KAAK,CAAC,gBAAgB,CAAC,WAAW,EAAE,iBAAiB,CAAC,CAAC;YACjG,MAAM,0BAA0B,GAAG,MAAM,SAAS,CAAC,YAAY,CAAC,2BAA2B,CAAC,iBAAiB,CAAC,CAAC;YAE/G,OAAO,0BAA0B,CAAC;QACpC,CAAC;KAAA;CACF"}

package/dist/esm/src/utils/jws.js

@@ -0,0 +1,89 @@
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+import isPlainObject from 'lodash/isPlainObject.js';
+import { Encoder } from './encoder.js';
+import { PrivateKeySigner } from './private-key-signer.js';
+import { signatureAlgorithms } from '../jose/algorithms/signing/signature-algorithms.js';
+import { DwnError, DwnErrorCode } from '../core/dwn-error.js';
+/**
+ * Utility class for JWS related operations.
+ */
+export class Jws {
+    /**
+     * Gets the `kid` from a general JWS signature entry.
+     */
+    static getKid(signatureEntry) {
+        const { kid } = Encoder.base64UrlToObject(signatureEntry.protected);
+        return kid;
+    }
+    /**
+     * Gets the signer DID from a general JWS signature entry.
+     */
+    static getSignerDid(signatureEntry) {
+        const kid = Jws.getKid(signatureEntry);
+        const did = Jws.extractDid(kid);
+        return did;
+    }
+    /**
+     * Verifies the signature against the given payload.
+     * @returns `true` if signature is valid; `false` otherwise
+     */
+    static verifySignature(base64UrlPayload, signatureEntry, jwkPublic) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const signatureAlgorithm = signatureAlgorithms[jwkPublic.crv];
+            if (!signatureAlgorithm) {
+                throw new DwnError(DwnErrorCode.JwsVerifySignatureUnsupportedCrv, `unsupported crv. crv must be one of ${Object.keys(signatureAlgorithms)}`);
+            }
+            const payload = Encoder.stringToBytes(`${signatureEntry.protected}.${base64UrlPayload}`);
+            const signatureBytes = Encoder.base64UrlToBytes(signatureEntry.signature);
+            return yield signatureAlgorithm.verify(payload, signatureBytes, jwkPublic);
+        });
+    }
+    /**
+     * Decodes the payload of the given JWS object as a plain object.
+     */
+    static decodePlainObjectPayload(jws) {
+        let payloadJson;
+        try {
+            payloadJson = Encoder.base64UrlToObject(jws.payload);
+        }
+        catch (_a) {
+            throw new DwnError(DwnErrorCode.JwsDecodePlainObjectPayloadInvalid, 'payload is not a JSON object');
+        }
+        if (!isPlainObject(payloadJson)) {
+            throw new DwnError(DwnErrorCode.JwsDecodePlainObjectPayloadInvalid, 'signed payload must be a plain object');
+        }
+        return payloadJson;
+    }
+    /**
+     * Extracts the DID from the given `kid` string.
+     */
+    static extractDid(kid) {
+        const [did] = kid.split('#');
+        return did;
+    }
+    /**
+     * Creates a Signer[] from the given Personas.
+     */
+    static createSigners(keyMaterials) {
+        const signers = keyMaterials.map((keyMaterial) => Jws.createSigner(keyMaterial));
+        return signers;
+    }
+    /**
+     * Creates a Signer from the given Persona.
+     */
+    static createSigner(keyMaterial) {
+        const privateJwk = keyMaterial.keyPair.privateJwk;
+        const keyId = keyMaterial.keyId;
+        const signer = new PrivateKeySigner({ privateJwk, keyId });
+        return signer;
+    }
+}
+//# sourceMappingURL=jws.js.map

package/dist/esm/src/utils/jws.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"jws.js","sourceRoot":"","sources":["../../../../src/utils/jws.ts"],"names":[],"mappings":";;;;;;;;;AAKA,OAAO,aAAa,MAAM,yBAAyB,CAAC;AAEpD,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AACvC,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,EAAE,mBAAmB,EAAE,MAAM,oDAAoD,CAAC;AACzF,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AAG9D;;GAEG;AACH,MAAM,OAAO,GAAG;IACd;;OAEG;IACI,MAAM,CAAC,MAAM,CAAC,cAA8B;QACjD,MAAM,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC,iBAAiB,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;QACpE,OAAO,GAAG,CAAC;IACb,CAAC;IAED;;OAEG;IACI,MAAM,CAAC,YAAY,CAAC,cAA8B;QACvD,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC;QACvC,MAAM,GAAG,GAAG,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;QAChC,OAAO,GAAG,CAAC;IACb,CAAC;IAED;;;OAGG;IACI,MAAM,CAAO,eAAe,CAAC,gBAAwB,EAAE,cAA8B,EAAE,SAAoB;;YAChH,MAAM,kBAAkB,GAAG,mBAAmB,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;YAE9D,IAAI,CAAC,kBAAkB,EAAE,CAAC;gBACxB,MAAM,IAAI,QAAQ,CAAC,YAAY,CAAC,gCAAgC,EAAE,uCAAuC,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,EAAE,CAAC,CAAC;YAC/I,CAAC;YAED,MAAM,OAAO,GAAG,OAAO,CAAC,aAAa,CAAC,GAAG,cAAc,CAAC,SAAS,IAAI,gBAAgB,EAAE,CAAC,CAAC;YACzF,MAAM,cAAc,GAAG,OAAO,CAAC,gBAAgB,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;YAE1E,OAAO,MAAM,kBAAkB,CAAC,MAAM,CAAC,OAAO,EAAE,cAAc,EAAE,SAAS,CAAC,CAAC;QAC7E,CAAC;KAAA;IAED;;OAEG;IACI,MAAM,CAAC,wBAAwB,CAAC,GAAe;QACpD,IAAI,WAAW,CAAC;QAChB,IAAI,CAAC;YACH,WAAW,GAAG,OAAO,CAAC,iBAAiB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACvD,CAAC;QAAC,WAAM,CAAC;YACP,MAAM,IAAI,QAAQ,CAAC,YAAY,CAAC,kCAAkC,EAAE,8BAA8B,CAAC,CAAC;QACtG,CAAC;QAED,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,EAAE,CAAC;YAChC,MAAM,IAAI,QAAQ,CAAC,YAAY,CAAC,kCAAkC,EAAE,uCAAuC,CAAC,CAAC;QAC/G,CAAC;QAED,OAAO,WAAW,CAAC;IACrB,CAAC;IAED;;OAEG;IACI,MAAM,CAAC,UAAU,CAAC,GAAW;QAClC,MAAM,CAAE,GAAG,CAAE,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC/B,OAAO,GAAG,CAAC;IACb,CAAC;IAED;;OAEG;IACI,MAAM,CAAC,aAAa,CAAC,YAA2B;QACrD,MAAM,OAAO,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC,GAAG,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC,CAAC;QACjF,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACI,MAAM,CAAC,YAAY,CAAC,WAAwB;QACjD,MAAM,UAAU,GAAG,WAAW,CAAC,OAAO,CAAC,UAAU,CAAC;QAClD,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC;QAChC,MAAM,MAAM,GAAG,IAAI,gBAAgB,CAAC,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC,CAAC;QAC3D,OAAO,MAAM,CAAC;IAChB,CAAC;CACF"}

package/dist/esm/src/utils/memory-cache.js

@@ -0,0 +1,41 @@
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+import { LRUCache } from 'lru-cache';
+/**
+ * A cache using local memory.
+ */
+export class MemoryCache {
+    /**
+     * @param timeToLiveInSeconds time-to-live for every key-value pair set in the cache
+     */
+    constructor(timeToLiveInSeconds) {
+        this.timeToLiveInSeconds = timeToLiveInSeconds;
+        this.cache = new LRUCache({
+            max: 100000,
+            ttl: timeToLiveInSeconds * 1000
+        });
+    }
+    set(key, value) {
+        return __awaiter(this, void 0, void 0, function* () {
+            try {
+                this.cache.set(key, value);
+            }
+            catch (_a) {
+                // let the code continue as this is a non-fatal error
+            }
+        });
+    }
+    get(key) {
+        return __awaiter(this, void 0, void 0, function* () {
+            return this.cache.get(key);
+        });
+    }
+}
+//# sourceMappingURL=memory-cache.js.map

package/dist/esm/src/utils/memory-cache.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"memory-cache.js","sourceRoot":"","sources":["../../../../src/utils/memory-cache.ts"],"names":[],"mappings":";;;;;;;;;AACA,OAAO,EAAE,QAAQ,EAAE,MAAM,WAAW,CAAC;AAErC;;GAEG;AACH,MAAM,OAAO,WAAW;IAGtB;;OAEG;IACH,YAA4B,mBAA2B;QAA3B,wBAAmB,GAAnB,mBAAmB,CAAQ;QACrD,IAAI,CAAC,KAAK,GAAG,IAAI,QAAQ,CAAC;YACxB,GAAG,EAAG,MAAO;YACb,GAAG,EAAG,mBAAmB,GAAG,IAAI;SACjC,CAAC,CAAC;IACL,CAAC;IAEK,GAAG,CAAC,GAAW,EAAE,KAAU;;YAC/B,IAAI,CAAC;gBACH,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YAC7B,CAAC;YAAC,WAAM,CAAC;gBACP,qDAAqD;YACvD,CAAC;QACH,CAAC;KAAA;IAEK,GAAG,CAAC,GAAW;;YACnB,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAC7B,CAAC;KAAA;CACF"}

package/dist/esm/src/utils/object.js

@@ -0,0 +1,50 @@
+import flat from 'flat';
+/**
+ * Flattens the given object.
+ * e.g. `{ a: { b: { c: 42 } } }` becomes `{ 'a.b.c': 42 }`
+ */
+export function flatten(obj) {
+    const flattened = flat.flatten(obj);
+    removeEmptyObjects(flattened);
+    return flattened;
+}
+/**
+ * Checks whether the given object has any properties.
+ */
+export function isEmptyObject(obj) {
+    if (typeof (obj) !== 'object') {
+        return false;
+    }
+    for (const _ in obj) {
+        return false;
+    }
+    return true;
+}
+/**
+ * Recursively removes all properties with an empty object or array as its value from the given object.
+ */
+export function removeEmptyObjects(obj) {
+    Object.keys(obj).forEach(key => {
+        if (typeof (obj[key]) === 'object') {
+            // recursive remove empty object or array properties in nested objects
+            removeEmptyObjects(obj[key]);
+        }
+        if (isEmptyObject(obj[key])) {
+            delete obj[key];
+        }
+    });
+}
+/**
+ * Recursively removes all properties with `undefined` as its value from the given object.
+ */
+export function removeUndefinedProperties(obj) {
+    Object.keys(obj).forEach(key => {
+        if (obj[key] === undefined) {
+            delete obj[key];
+        }
+        else if (typeof (obj[key]) === 'object') {
+            removeUndefinedProperties(obj[key]); // recursive remove `undefined` properties in nested objects
+        }
+    });
+}
+//# sourceMappingURL=object.js.map

package/dist/esm/src/utils/object.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"object.js","sourceRoot":"","sources":["../../../../src/utils/object.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,MAAM,CAAC;AAExB;;;GAGG;AACH,MAAM,UAAU,OAAO,CAAC,GAAY;IAClC,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAmC,GAAG,CAAC,CAAC;IACtE,kBAAkB,CAAC,SAAS,CAAC,CAAC;IAC9B,OAAO,SAAS,CAAC;AACnB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,GAAY;IACxC,IAAI,OAAM,CAAC,GAAG,CAAC,KAAK,QAAQ,EAAE,CAAC;QAC7B,OAAO,KAAK,CAAC;IACf,CAAC;IAED,KAAK,MAAM,CAAC,IAAI,GAAG,EAAE,CAAC;QACpB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,kBAAkB,CAAC,GAA4B;IAC7D,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE;QAC7B,IAAI,OAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,KAAK,QAAQ,EAAE,CAAC;YAClC,sEAAsE;YACtE,kBAAkB,CAAC,GAAG,CAAC,GAAG,CAA4B,CAAC,CAAC;QAC1D,CAAC;QAED,IAAI,aAAa,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;YAC5B,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC;QAClB,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,yBAAyB,CAAC,GAA4B;IACpE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE;QAC7B,IAAI,GAAG,CAAC,GAAG,CAAC,KAAK,SAAS,EAAE,CAAC;YAC3B,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC;QAClB,CAAC;aAAM,IAAI,OAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,KAAK,QAAQ,EAAE,CAAC;YACzC,yBAAyB,CAAC,GAAG,CAAC,GAAG,CAA4B,CAAC,CAAC,CAAC,4DAA4D;QAC9H,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC"}

package/dist/esm/src/utils/private-key-signer.js

@@ -0,0 +1,43 @@
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+import { signatureAlgorithms } from '../jose/algorithms/signing/signature-algorithms.js';
+import { DwnError, DwnErrorCode } from '../core/dwn-error.js';
+/**
+ * A signer that signs using a private key.
+ */
+export class PrivateKeySigner {
+    constructor(options) {
+        var _a, _b;
+        if (options.keyId === undefined && options.privateJwk.kid === undefined) {
+            throw new DwnError(DwnErrorCode.PrivateKeySignerUnableToDeduceKeyId, `Unable to deduce the key ID`);
+        }
+        // NOTE: `alg` is optional for a JWK as specified in https://datatracker.ietf.org/doc/html/rfc7517#section-4.4
+        if (options.algorithm === undefined && options.privateJwk.alg === undefined) {
+            throw new DwnError(DwnErrorCode.PrivateKeySignerUnableToDeduceAlgorithm, `Unable to deduce the signature algorithm`);
+        }
+        this.keyId = (_a = options.keyId) !== null && _a !== void 0 ? _a : options.privateJwk.kid;
+        this.algorithm = (_b = options.algorithm) !== null && _b !== void 0 ? _b : options.privateJwk.alg;
+        this.privateJwk = options.privateJwk;
+        this.signatureAlgorithm = signatureAlgorithms[options.privateJwk.crv];
+        if (!this.signatureAlgorithm) {
+            throw new DwnError(DwnErrorCode.PrivateKeySignerUnsupportedCurve, `Unsupported crv ${options.privateJwk.crv}, crv must be one of ${Object.keys(signatureAlgorithms)}`);
+        }
+    }
+    /**
+     * Signs the given content and returns the signature as bytes.
+     */
+    sign(content) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const signatureBytes = yield this.signatureAlgorithm.sign(content, this.privateJwk);
+            return signatureBytes;
+        });
+    }
+}
+//# sourceMappingURL=private-key-signer.js.map

package/dist/esm/src/utils/private-key-signer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"private-key-signer.js","sourceRoot":"","sources":["../../../../src/utils/private-key-signer.ts"],"names":[],"mappings":";;;;;;;;;AAGA,OAAO,EAAE,mBAAmB,EAAE,MAAM,oDAAoD,CAAC;AACzF,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AAsB9D;;GAEG;AACH,MAAM,OAAO,gBAAgB;IAM3B,YAAmB,OAAgC;;QACjD,IAAI,OAAO,CAAC,KAAK,KAAK,SAAS,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,KAAK,SAAS,EAAE,CAAC;YACxE,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,mCAAmC,EAChD,6BAA6B,CAC9B,CAAC;QACJ,CAAC;QAED,8GAA8G;QAC9G,IAAI,OAAO,CAAC,SAAS,KAAK,SAAS,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,KAAK,SAAS,EAAE,CAAC;YAC5E,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,uCAAuC,EACpD,0CAA0C,CAC3C,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,KAAK,GAAG,MAAA,OAAO,CAAC,KAAK,mCAAI,OAAO,CAAC,UAAU,CAAC,GAAI,CAAC;QACtD,IAAI,CAAC,SAAS,GAAG,MAAA,OAAO,CAAC,SAAS,mCAAI,OAAO,CAAC,UAAU,CAAC,GAAI,CAAC;QAC9D,IAAI,CAAC,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC;QACrC,IAAI,CAAC,kBAAkB,GAAG,mBAAmB,CAAC,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;QAEtE,IAAI,CAAC,IAAI,CAAC,kBAAkB,EAAE,CAAC;YAC7B,MAAM,IAAI,QAAQ,CAChB,YAAY,CAAC,gCAAgC,EAC7C,mBAAmB,OAAO,CAAC,UAAU,CAAC,GAAG,wBAAwB,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,EAAE,CACpG,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;OAEG;IACU,IAAI,CAAE,OAAmB;;YACpC,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;YACpF,OAAO,cAAc,CAAC;QACxB,CAAC;KAAA;CACF"}

package/dist/esm/src/utils/protocols.js

@@ -0,0 +1,51 @@
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+import { Secp256k1 } from './secp256k1.js';
+import { HdKey, KeyDerivationScheme } from '../utils/hd-key.js';
+/**
+ * Class containing Protocol related utility methods.
+ */
+export class Protocols {
+    /**
+     * Derives public encryptions keys and inject it in the `$encryption` property for each protocol path segment of the given Protocol definition,
+     * then returns the final encryption-enabled protocol definition.
+     * NOTE: The original definition passed in is unmodified.
+     */
+    static deriveAndInjectPublicEncryptionKeys(protocolDefinition, rootKeyId, privateJwk) {
+        return __awaiter(this, void 0, void 0, function* () {
+            // clone before modify
+            const encryptionEnabledProtocolDefinition = JSON.parse(JSON.stringify(protocolDefinition));
+            // a function that recursively creates and adds `$encryption` property to every rule set
+            function addEncryptionProperty(ruleSet, parentKey) {
+                return __awaiter(this, void 0, void 0, function* () {
+                    for (const key in ruleSet) {
+                        // if we encounter a nested rule set (a property name that doesn't begin with '$'), recursively inject the `$encryption` property
+                        if (!key.startsWith('$')) {
+                            const derivedPrivateKey = yield HdKey.derivePrivateKey(parentKey, [key]);
+                            const publicKeyJwk = yield Secp256k1.getPublicJwk(derivedPrivateKey.derivedPrivateKey);
+                            ruleSet[key].$encryption = { rootKeyId, publicKeyJwk };
+                            yield addEncryptionProperty(ruleSet[key], derivedPrivateKey);
+                        }
+                    }
+                });
+            }
+            // inject encryption property starting from each root level record type
+            const rootKey = {
+                derivationScheme: KeyDerivationScheme.ProtocolPath,
+                derivedPrivateKey: privateJwk,
+                rootKeyId
+            };
+            const protocolLevelDerivedKey = yield HdKey.derivePrivateKey(rootKey, [KeyDerivationScheme.ProtocolPath, protocolDefinition.protocol]);
+            yield addEncryptionProperty(encryptionEnabledProtocolDefinition.structure, protocolLevelDerivedKey);
+            return encryptionEnabledProtocolDefinition;
+        });
+    }
+}
+//# sourceMappingURL=protocols.js.map

package/dist/esm/src/utils/protocols.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"protocols.js","sourceRoot":"","sources":["../../../../src/utils/protocols.ts"],"names":[],"mappings":";;;;;;;;;AAIA,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAC3C,OAAO,EAAE,KAAK,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAEhE;;GAEG;AACH,MAAM,OAAO,SAAS;IACpB;;;;OAIG;IACI,MAAM,CAAO,mCAAmC,CACrD,kBAAsC,EACtC,SAAiB,EACjB,UAAsB;;YAEtB,sBAAsB;YACtB,MAAM,mCAAmC,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAuB,CAAC;YAEjH,wFAAwF;YACxF,SAAe,qBAAqB,CAAC,OAAwB,EAAE,SAA4B;;oBACzF,KAAK,MAAM,GAAG,IAAI,OAAO,EAAE,CAAC;wBAC1B,iIAAiI;wBACjI,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;4BACzB,MAAM,iBAAiB,GAAG,MAAM,KAAK,CAAC,gBAAgB,CAAC,SAAS,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;4BACzE,MAAM,YAAY,GAAG,MAAM,SAAS,CAAC,YAAY,CAAC,iBAAiB,CAAC,iBAAiB,CAAC,CAAC;4BAEvF,OAAO,CAAC,GAAG,CAAC,CAAC,WAAW,GAAG,EAAE,SAAS,EAAE,YAAY,EAAE,CAAC;4BACvD,MAAM,qBAAqB,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,iBAAiB,CAAC,CAAC;wBAC/D,CAAC;oBACH,CAAC;gBACH,CAAC;aAAA;YAED,uEAAuE;YACvE,MAAM,OAAO,GAAsB;gBACjC,gBAAgB,EAAI,mBAAmB,CAAC,YAAY;gBACpD,iBAAiB,EAAG,UAAU;gBAC9B,SAAS;aACV,CAAC;YACF,MAAM,uBAAuB,GAAG,MAAM,KAAK,CAAC,gBAAgB,CAAC,OAAO,EAAE,CAAC,mBAAmB,CAAC,YAAY,EAAE,kBAAkB,CAAC,QAAQ,CAAC,CAAC,CAAC;YACvI,MAAM,qBAAqB,CAAC,mCAAmC,CAAC,SAAS,EAAE,uBAAuB,CAAC,CAAC;YAEpG,OAAO,mCAAmC,CAAC;QAC7C,CAAC;KAAA;CACF"}