@bitwarden/sdk-internal 0.2.0-main.1 → 0.2.0-main.100

package/VERSION

@@ -0,0 +1 @@
+120b30e0919d9b38666d287cb41fe2f5913c7890

package/bitwarden_wasm_internal.d.ts

@@ -1,5 +1,32 @@
 /* tslint:disable */
 /* eslint-disable */
+/**
+ * Generate a new SSH key pair
+ *
+ * # Arguments
+ * - `key_algorithm` - The algorithm to use for the key pair
+ *
+ * # Returns
+ * - `Ok(SshKey)` if the key was successfully generated
+ * - `Err(KeyGenerationError)` if the key could not be generated
+ */
+export function generate_ssh_key(key_algorithm: KeyAlgorithm): SshKeyView;
+/**
+ * Convert a PCKS8 or OpenSSH encrypted or unencrypted private key
+ * to an OpenSSH private key with public key and fingerprint
+ *
+ * # Arguments
+ * - `imported_key` - The private key to convert
+ * - `password` - The password to use for decrypting the key
+ *
+ * # Returns
+ * - `Ok(SshKey)` if the key was successfully coneverted
+ * - `Err(PasswordRequired)` if the key is encrypted and no password was provided
+ * - `Err(WrongPassword)` if the password provided is incorrect
+ * - `Err(ParsingError)` if the key could not be parsed
+ * - `Err(UnsupportedKeyType)` if the key type is not supported
+ */
+export function import_ssh_key(imported_key: string, password?: string | null): SshKeyView;
 export enum LogLevel {
   Trace = 0,
   Debug = 1,
@@ -51,6 +78,50 @@ export interface InitOrgCryptoRequest {
   organizationKeys: Map<Uuid, AsymmetricEncString>;
 }
 
+export interface MakeKeyPairResponse {
+  /**
+   * The user\'s public key
+   */
+  userPublicKey: string;
+  /**
+   * User\'s private key, encrypted with the user key
+   */
+  userKeyEncryptedPrivateKey: EncString;
+}
+
+export interface VerifyAsymmetricKeysRequest {
+  /**
+   * The user\'s user key
+   */
+  userKey: string;
+  /**
+   * The user\'s public key
+   */
+  userPublicKey: string;
+  /**
+   * User\'s private key, encrypted with the user key
+   */
+  userKeyEncryptedPrivateKey: EncString;
+}
+
+export interface VerifyAsymmetricKeysResponse {
+  /**
+   * Whether the user\'s private key was decryptable by the user key.
+   */
+  privateKeyDecryptable: boolean;
+  /**
+   * Whether the user\'s private key was a valid RSA key and matched the public key provided.
+   */
+  validPrivateKey: boolean;
+}
+
+export interface EncryptionSettingsError extends Error {
+  name: "EncryptionSettingsError";
+  variant: "Crypto" | "InvalidBase64" | "VaultLocked" | "InvalidPrivateKey" | "MissingPrivateKey";
+}
+
+export function isEncryptionSettingsError(error: any): error is EncryptionSettingsError;
+
 export type DeviceType =
   | "Android"
   | "iOS"
@@ -129,6 +200,52 @@ export type Kdf =
   | { pBKDF2: { iterations: NonZeroU32 } }
   | { argon2id: { iterations: NonZeroU32; memory: NonZeroU32; parallelism: NonZeroU32 } };
 
+export interface CryptoError extends Error {
+  name: "CryptoError";
+  variant:
+    | "InvalidKey"
+    | "InvalidMac"
+    | "MacNotProvided"
+    | "KeyDecrypt"
+    | "InvalidKeyLen"
+    | "InvalidUtf8String"
+    | "MissingKey"
+    | "MissingField"
+    | "MissingKeyId"
+    | "ReadOnlyKeyStore"
+    | "InsufficientKdfParameters"
+    | "EncString"
+    | "RsaError"
+    | "FingerprintError"
+    | "ArgonError"
+    | "ZeroNumber";
+}
+
+export function isCryptoError(error: any): error is CryptoError;
+
+export type KeyAlgorithm = "Ed25519" | "Rsa3072" | "Rsa4096";
+
+export interface SshKeyExportError extends Error {
+  name: "SshKeyExportError";
+  variant: "KeyConversionError";
+}
+
+export function isSshKeyExportError(error: any): error is SshKeyExportError;
+
+export interface SshKeyImportError extends Error {
+  name: "SshKeyImportError";
+  variant: "ParsingError" | "PasswordRequired" | "WrongPassword" | "UnsupportedKeyType";
+}
+
+export function isSshKeyImportError(error: any): error is SshKeyImportError;
+
+export interface KeyGenerationError extends Error {
+  name: "KeyGenerationError";
+  variant: "KeyGenerationError" | "KeyConversionError";
+}
+
+export function isKeyGenerationError(error: any): error is KeyGenerationError;
+
 export interface Folder {
   id: Uuid | undefined;
   name: EncString;
@@ -141,6 +258,67 @@ export interface FolderView {
   revisionDate: DateTime<Utc>;
 }
 
+export interface DecryptFileError extends Error {
+  name: "DecryptFileError";
+  variant: "Decrypt" | "Io";
+}
+
+export function isDecryptFileError(error: any): error is DecryptFileError;
+
+export interface EncryptFileError extends Error {
+  name: "EncryptFileError";
+  variant: "Encrypt" | "Io";
+}
+
+export function isEncryptFileError(error: any): error is EncryptFileError;
+
+export interface DecryptError extends Error {
+  name: "DecryptError";
+  variant: "Crypto" | "VaultLocked";
+}
+
+export function isDecryptError(error: any): error is DecryptError;
+
+export interface EncryptError extends Error {
+  name: "EncryptError";
+  variant: "Crypto" | "VaultLocked";
+}
+
+export function isEncryptError(error: any): error is EncryptError;
+
+export interface TotpResponse {
+  /**
+   * Generated TOTP code
+   */
+  code: string;
+  /**
+   * Time period
+   */
+  period: number;
+}
+
+export interface TotpError extends Error {
+  name: "TotpError";
+  variant: "InvalidOtpauth" | "MissingSecret" | "CryptoError" | "VaultLocked";
+}
+
+export function isTotpError(error: any): error is TotpError;
+
+export interface SshKeyView {
+  /**
+   * SSH private key (ed25519/rsa) in unencrypted openssh private key format [OpenSSH private key](https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.key)
+   */
+  privateKey: string;
+  /**
+   * SSH public key (ed25519/rsa) according to [RFC4253](https://datatracker.ietf.org/doc/html/rfc4253#section-6.6)
+   */
+  publicKey: string;
+  /**
+   * SSH fingerprint using SHA256 in the format: `SHA256:BASE64_ENCODED_FINGERPRINT`
+   */
+  fingerprint: string;
+}
+
 export type Uuid = string;
 
 /**
@@ -159,72 +337,83 @@ export type Utc = unknown;
  */
 export type NonZeroU32 = number;
 
+export interface TestError extends Error {
+  name: "TestError";
+}
+
+export function isTestError(error: any): error is TestError;
+
 export class BitwardenClient {
   free(): void;
-  /**
-   * @param {ClientSettings | undefined} [settings]
-   * @param {LogLevel | undefined} [log_level]
-   */
-  constructor(settings?: ClientSettings, log_level?: LogLevel);
+  constructor(settings?: ClientSettings | null, log_level?: LogLevel | null);
   /**
    * Test method, echoes back the input
-   * @param {string} msg
-   * @returns {string}
    */
   echo(msg: string): string;
-  /**
-   * @returns {string}
-   */
   version(): string;
-  /**
-   * @param {string} msg
-   */
   throw(msg: string): void;
   /**
    * Test method, calls http endpoint
-   * @param {string} url
-   * @returns {Promise<string>}
    */
   http_get(url: string): Promise<string>;
+  crypto(): CryptoClient;
+  vault(): VaultClient;
+}
+export class ClientFolders {
+  private constructor();
+  free(): void;
   /**
-   * @returns {ClientCrypto}
+   * Decrypt folder
    */
-  crypto(): ClientCrypto;
+  decrypt(folder: Folder): FolderView;
+}
+export class ClientTotp {
+  private constructor();
+  free(): void;
   /**
-   * @returns {ClientVault}
+   * Generates a TOTP code from a provided key
+   *
+   * # Arguments
+   * - `key` - Can be:
+   *     - A base32 encoded string
+   *     - OTP Auth URI
+   *     - Steam URI
+   * - `time_ms` - Optional timestamp in milliseconds
+   *
+   * # Returns
+   * - `Ok(TotpResponse)` containing the generated code and period
+   * - `Err(TotpError)` if code generation fails
    */
-  vault(): ClientVault;
+  generate_totp(key: string, time_ms?: number | null): TotpResponse;
 }
-export class ClientCrypto {
+export class CryptoClient {
+  private constructor();
   free(): void;
   /**
    * Initialization method for the user crypto. Needs to be called before any other crypto
    * operations.
-   * @param {InitUserCryptoRequest} req
-   * @returns {Promise<void>}
    */
   initialize_user_crypto(req: InitUserCryptoRequest): Promise<void>;
   /**
    * Initialization method for the organization crypto. Needs to be called after
    * `initialize_user_crypto` but before any other crypto operations.
-   * @param {InitOrgCryptoRequest} req
-   * @returns {Promise<void>}
    */
   initialize_org_crypto(req: InitOrgCryptoRequest): Promise<void>;
-}
-export class ClientFolders {
-  free(): void;
   /**
-   * Decrypt folder
-   * @param {Folder} folder
-   * @returns {FolderView}
+   * Generates a new key pair and encrypts the private key with the provided user key.
+   * Crypto initialization not required.
    */
-  decrypt(folder: Folder): FolderView;
-}
-export class ClientVault {
-  free(): void;
+  make_key_pair(user_key: string): MakeKeyPairResponse;
   /**
-   * @returns {ClientFolders}
+   * Verifies a user's asymmetric keys by decrypting the private key with the provided user
+   * key. Returns if the private key is decryptable and if it is a valid matching key.
+   * Crypto initialization not required.
    */
+  verify_asymmetric_keys(request: VerifyAsymmetricKeysRequest): VerifyAsymmetricKeysResponse;
+}
+export class VaultClient {
+  private constructor();
+  free(): void;
   folders(): ClientFolders;
+  totp(): ClientTotp;
 }

package/bitwarden_wasm_internal.js

@@ -2,3 +2,4 @@ import * as wasm from "./bitwarden_wasm_internal_bg.wasm";
 export * from "./bitwarden_wasm_internal_bg.js";
 import { __wbg_set_wasm } from "./bitwarden_wasm_internal_bg.js";
 __wbg_set_wasm(wasm);
+wasm.__wbindgen_start();