npm - @bitwarden/sdk-internal - Versions diffs - 0.2.0-main.11 → 0.2.0-main.110 - Mend

@bitwarden/sdk-internal 0.2.0-main.11 → 0.2.0-main.110

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

package/VERSION +1 -0
package/bitwarden_wasm_internal.d.ts +218 -69
package/bitwarden_wasm_internal.js +1 -0
package/bitwarden_wasm_internal_bg.js +893 -606
package/bitwarden_wasm_internal_bg.wasm +0 -0
package/bitwarden_wasm_internal_bg.wasm.d.ts +88 -33
package/bitwarden_wasm_internal_bg.wasm.js +1 -1
package/node/bitwarden_wasm_internal.d.ts +218 -69
package/node/bitwarden_wasm_internal.js +904 -613
package/node/bitwarden_wasm_internal_bg.wasm +0 -0
package/node/bitwarden_wasm_internal_bg.wasm.d.ts +88 -33
package/package.json +5 -4

package/VERSION ADDED Viewed

	@@ -0,0 +1 @@
1	+ 131cbfae6dbd68f3ee53e94181fcbb4646e372ae

package/bitwarden_wasm_internal.d.ts CHANGED Viewed

@@ -1,10 +1,34 @@
 /* tslint:disable */
 /* eslint-disable */
+export function set_log_level(level: LogLevel): void;
+export function init_sdk(log_level?: LogLevel | null): void;
 /**
- * @param {KeyAlgorithm} key_algorithm
- * @returns {GenerateSshKeyResult}
+ * Generate a new SSH key pair
+ *
+ * # Arguments
+ * - `key_algorithm` - The algorithm to use for the key pair
+ *
+ * # Returns
+ * - `Ok(SshKey)` if the key was successfully generated
+ * - `Err(KeyGenerationError)` if the key could not be generated
+ */
+export function generate_ssh_key(key_algorithm: KeyAlgorithm): SshKeyView;
+/**
+ * Convert a PCKS8 or OpenSSH encrypted or unencrypted private key
+ * to an OpenSSH private key with public key and fingerprint
+ *
+ * # Arguments
+ * - `imported_key` - The private key to convert
+ * - `password` - The password to use for decrypting the key
+ *
+ * # Returns
+ * - `Ok(SshKey)` if the key was successfully coneverted
+ * - `Err(PasswordRequired)` if the key is encrypted and no password was provided
+ * - `Err(WrongPassword)` if the password provided is incorrect
+ * - `Err(ParsingError)` if the key could not be parsed
+ * - `Err(UnsupportedKeyType)` if the key type is not supported
  */
-export function generate_ssh_key(key_algorithm: KeyAlgorithm): GenerateSshKeyResult;
+export function import_ssh_key(imported_key: string, password?: string | null): SshKeyView;
 export enum LogLevel {
   Trace = 0,
   Debug = 1,
@@ -56,30 +80,42 @@ export interface InitOrgCryptoRequest {
   organizationKeys: Map<Uuid, AsymmetricEncString>;
 }
-export interface CoreError extends Error {
-  name: "CoreError";
-  variant:
-    | "MissingFieldError"
-    | "VaultLocked"
-    | "NotAuthenticated"
-    | "AccessTokenInvalid"
-    | "InvalidResponse"
-    | "Crypto"
-    | "IdentityFail"
-    | "Reqwest"
-    | "Serde"
-    | "Io"
-    | "InvalidBase64"
-    | "Chrono"
-    | "ResponseContent"
-    | "ValidationError"
-    | "InvalidStateFileVersion"
-    | "InvalidStateFile"
-    | "Internal"
-    | "EncryptionSettings";
+export interface MakeKeyPairResponse {
+  /**
+   * The user\'s public key
+   */
+  userPublicKey: string;
+  /**
+   * User\'s private key, encrypted with the user key
+   */
+  userKeyEncryptedPrivateKey: EncString;
+}
+export interface VerifyAsymmetricKeysRequest {
+  /**
+   * The user\'s user key
+   */
+  userKey: string;
+  /**
+   * The user\'s public key
+   */
+  userPublicKey: string;
+  /**
+   * User\'s private key, encrypted with the user key
+   */
+  userKeyEncryptedPrivateKey: EncString;
 }
-export function isCoreError(error: any): error is CoreError;
+export interface VerifyAsymmetricKeysResponse {
+  /**
+   * Whether the user\'s private key was decryptable by the user key.
+   */
+  privateKeyDecryptable: boolean;
+  /**
+   * Whether the user\'s private key was a valid RSA key and matched the public key provided.
+   */
+  validPrivateKey: boolean;
+}
 export interface EncryptionSettingsError extends Error {
   name: "EncryptionSettingsError";
@@ -166,14 +202,47 @@ export type Kdf =
   | { pBKDF2: { iterations: NonZeroU32 } }
   | { argon2id: { iterations: NonZeroU32; memory: NonZeroU32; parallelism: NonZeroU32 } };
-export interface GenerateSshKeyResult {
-  private_key: string;
-  public_key: string;
-  key_fingerprint: string;
+export interface CryptoError extends Error {
+  name: "CryptoError";
+  variant:
+    | "InvalidKey"
+    | "InvalidMac"
+    | "MacNotProvided"
+    | "KeyDecrypt"
+    | "InvalidKeyLen"
+    | "InvalidUtf8String"
+    | "MissingKey"
+    | "MissingField"
+    | "MissingKeyId"
+    | "ReadOnlyKeyStore"
+    | "InsufficientKdfParameters"
+    | "EncString"
+    | "RsaError"
+    | "FingerprintError"
+    | "ArgonError"
+    | "ZeroNumber"
+    | "OperationNotSupported"
+    | "WrongKeyType";
 }
+export function isCryptoError(error: any): error is CryptoError;
 export type KeyAlgorithm = "Ed25519" | "Rsa3072" | "Rsa4096";
+export interface SshKeyExportError extends Error {
+  name: "SshKeyExportError";
+  variant: "KeyConversionError";
+}
+export function isSshKeyExportError(error: any): error is SshKeyExportError;
+export interface SshKeyImportError extends Error {
+  name: "SshKeyImportError";
+  variant: "ParsingError" | "PasswordRequired" | "WrongPassword" | "UnsupportedKeyType";
+}
+export function isSshKeyImportError(error: any): error is SshKeyImportError;
 export interface KeyGenerationError extends Error {
   name: "KeyGenerationError";
   variant: "KeyGenerationError" | "KeyConversionError";
@@ -193,11 +262,66 @@ export interface FolderView {
   revisionDate: DateTime<Utc>;
 }
-export interface TestError extends Error {
-  name: "TestError";
+export interface DecryptFileError extends Error {
+  name: "DecryptFileError";
+  variant: "Decrypt" | "Io";
 }
-export function isTestError(error: any): error is TestError;
+export function isDecryptFileError(error: any): error is DecryptFileError;
+export interface EncryptFileError extends Error {
+  name: "EncryptFileError";
+  variant: "Encrypt" | "Io";
+}
+export function isEncryptFileError(error: any): error is EncryptFileError;
+export interface DecryptError extends Error {
+  name: "DecryptError";
+  variant: "Crypto" | "VaultLocked";
+}
+export function isDecryptError(error: any): error is DecryptError;
+export interface EncryptError extends Error {
+  name: "EncryptError";
+  variant: "Crypto" | "VaultLocked";
+}
+export function isEncryptError(error: any): error is EncryptError;
+export interface TotpResponse {
+  /**
+   * Generated TOTP code
+   */
+  code: string;
+  /**
+   * Time period
+   */
+  period: number;
+}
+export interface TotpError extends Error {
+  name: "TotpError";
+  variant: "InvalidOtpauth" | "MissingSecret" | "CryptoError" | "VaultLocked";
+}
+export function isTotpError(error: any): error is TotpError;
+export interface SshKeyView {
+  /**
+   * SSH private key (ed25519/rsa) in unencrypted openssh private key format [OpenSSH private key](https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.key)
+   */
+  privateKey: string;
+  /**
+   * SSH public key (ed25519/rsa) according to [RFC4253](https://datatracker.ietf.org/doc/html/rfc4253#section-6.6)
+   */
+  publicKey: string;
+  /**
+   * SSH fingerprint using SHA256 in the format: `SHA256:BASE64_ENCODED_FINGERPRINT`
+   */
+  fingerprint: string;
+}
 export type Uuid = string;
@@ -217,73 +341,98 @@ export type Utc = unknown;
  */
 export type NonZeroU32 = number;
+export interface TestError extends Error {
+  name: "TestError";
+}
+export function isTestError(error: any): error is TestError;
 export class BitwardenClient {
   free(): void;
-  /**
-   * @param {ClientSettings | undefined} [settings]
-   * @param {LogLevel | undefined} [log_level]
-   */
-  constructor(settings?: ClientSettings, log_level?: LogLevel);
+  constructor(settings?: ClientSettings | null);
   /**
    * Test method, echoes back the input
-   * @param {string} msg
-   * @returns {string}
    */
   echo(msg: string): string;
-  /**
-   * @returns {string}
-   */
   version(): string;
-  /**
-   * @param {string} msg
-   * @returns {Promise<void>}
-   */
-  throw(msg: string): Promise<void>;
+  throw(msg: string): void;
   /**
    * Test method, calls http endpoint
-   * @param {string} url
-   * @returns {Promise<string>}
    */
   http_get(url: string): Promise<string>;
+  crypto(): CryptoClient;
+  vault(): VaultClient;
+}
+export class ClientFolders {
+  private constructor();
+  free(): void;
   /**
-   * @returns {ClientCrypto}
+   * Decrypt folder
    */
-  crypto(): ClientCrypto;
+  decrypt(folder: Folder): FolderView;
+}
+export class ClientTotp {
+  private constructor();
+  free(): void;
   /**
-   * @returns {ClientVault}
+   * Generates a TOTP code from a provided key
+   *
+   * # Arguments
+   * - `key` - Can be:
+   *     - A base32 encoded string
+   *     - OTP Auth URI
+   *     - Steam URI
+   * - `time_ms` - Optional timestamp in milliseconds
+   *
+   * # Returns
+   * - `Ok(TotpResponse)` containing the generated code and period
+   * - `Err(TotpError)` if code generation fails
    */
-  vault(): ClientVault;
+  generate_totp(key: string, time_ms?: number | null): TotpResponse;
 }
-export class ClientCrypto {
+export class CryptoClient {
+  private constructor();
   free(): void;
   /**
    * Initialization method for the user crypto. Needs to be called before any other crypto
    * operations.
-   * @param {InitUserCryptoRequest} req
-   * @returns {Promise<void>}
    */
   initialize_user_crypto(req: InitUserCryptoRequest): Promise<void>;
   /**
    * Initialization method for the organization crypto. Needs to be called after
    * `initialize_user_crypto` but before any other crypto operations.
-   * @param {InitOrgCryptoRequest} req
-   * @returns {Promise<void>}
    */
   initialize_org_crypto(req: InitOrgCryptoRequest): Promise<void>;
-}
-export class ClientFolders {
-  free(): void;
   /**
-   * Decrypt folder
-   * @param {Folder} folder
-   * @returns {FolderView}
+   * Generates a new key pair and encrypts the private key with the provided user key.
+   * Crypto initialization not required.
    */
-  decrypt(folder: Folder): FolderView;
-}
-export class ClientVault {
-  free(): void;
+  make_key_pair(user_key: string): MakeKeyPairResponse;
   /**
-   * @returns {ClientFolders}
+   * Verifies a user's asymmetric keys by decrypting the private key with the provided user
+   * key. Returns if the private key is decryptable and if it is a valid matching key.
+   * Crypto initialization not required.
    */
+  verify_asymmetric_keys(request: VerifyAsymmetricKeysRequest): VerifyAsymmetricKeysResponse;
+}
+/**
+ * This module represents a stopgap solution to provide access to primitive crypto functions for JS
+ * clients. It is not intended to be used outside of the JS clients and this pattern should not be
+ * proliferated. It is necessary because we want to use SDK crypto prior to the SDK being fully
+ * responsible for state and keys.
+ */
+export class PureCrypto {
+  private constructor();
+  free(): void;
+  static symmetric_decrypt(enc_string: string, key_b64: string): string;
+  static symmetric_decrypt_to_bytes(enc_string: string, key_b64: string): Uint8Array;
+  static symmetric_decrypt_array_buffer(enc_bytes: Uint8Array, key_b64: string): Uint8Array;
+  static symmetric_encrypt(plain: string, key_b64: string): string;
+  static symmetric_encrypt_to_array_buffer(plain: Uint8Array, key_b64: string): Uint8Array;
+}
+export class VaultClient {
+  private constructor();
+  free(): void;
   folders(): ClientFolders;
+  totp(): ClientTotp;
 }

package/bitwarden_wasm_internal.js CHANGED Viewed

@@ -2,3 +2,4 @@ import * as wasm from "./bitwarden_wasm_internal_bg.wasm";
 export * from "./bitwarden_wasm_internal_bg.js";
 import { __wbg_set_wasm } from "./bitwarden_wasm_internal_bg.js";
 __wbg_set_wasm(wasm);
+wasm.__wbindgen_start();