@credo-ts/core 0.5.11 → 0.5.12-alpha-20240927180637

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -37,6 +37,12 @@ class W3cCredentialsModule {
37
37
  ],
38
38
  keyTypes: [crypto_1.KeyType.Ed25519],
39
39
  });
40
+ dependencyManager.registerInstance(SignatureSuiteRegistry_1.SignatureSuiteToken, {
41
+ suiteClass: signature_suites_1.Ed25519Signature2020,
42
+ proofType: 'Ed25519Signature2020',
43
+ verificationMethodTypes: [dids_1.VERIFICATION_METHOD_TYPE_ED25519_VERIFICATION_KEY_2020],
44
+ keyTypes: [crypto_1.KeyType.Ed25519],
45
+ });
40
46
  }
41
47
  }
42
48
  exports.W3cCredentialsModule = W3cCredentialsModule;
@@ -1 +1 @@
1
- {"version":3,"file":"W3cCredentialsModule.js","sourceRoot":"","sources":["../../../src/modules/vc/W3cCredentialsModule.ts"],"names":[],"mappings":";;;AAGA,yCAAsC;AACtC,kCAGgB;AAEhB,iEAA6D;AAC7D,2DAAuD;AACvD,6EAAyE;AACzE,oFAAqG;AACrG,4FAAwF;AACxF,wEAAwE;AACxE,qCAAkD;AAClD,kFAA8E;AAE9E;;GAEG;AACH,MAAa,oBAAoB;IAI/B,YAAmB,MAA0C;QAF7C,QAAG,GAAG,qCAAiB,CAAA;QAGrC,IAAI,CAAC,MAAM,GAAG,IAAI,uDAA0B,CAAC,MAAM,CAAC,CAAA;IACtD,CAAC;IAEM,QAAQ,CAAC,iBAAoC;QAClD,iBAAiB,CAAC,iBAAiB,CAAC,2CAAoB,CAAC,CAAA;QACzD,iBAAiB,CAAC,iBAAiB,CAAC,gCAAuB,CAAC,CAAA;QAC5D,iBAAiB,CAAC,iBAAiB,CAAC,uDAA0B,CAAC,CAAA;QAC/D,iBAAiB,CAAC,iBAAiB,CAAC,iDAAuB,CAAC,CAAA;QAE5D,iBAAiB,CAAC,iBAAiB,CAAC,+CAAsB,CAAC,CAAA;QAE3D,sBAAsB;QACtB,iBAAiB,CAAC,gBAAgB,CAAC,uDAA0B,EAAE,IAAI,CAAC,MAAM,CAAC,CAAA;QAE3E,0CAA0C;QAC1C,iBAAiB,CAAC,gBAAgB,CAAC,4CAAmB,EAAE;YACtD,UAAU,EAAE,uCAAoB;YAChC,SAAS,EAAE,sBAAsB;YACjC,uBAAuB,EAAE;gBACvB,6DAAsD;gBACtD,6DAAsD;aACvD;YACD,QAAQ,EAAE,CAAC,gBAAO,CAAC,OAAO,CAAC;SAC5B,CAAC,CAAA;IACJ,CAAC;CACF;AA9BD,oDA8BC"}
1
+ {"version":3,"file":"W3cCredentialsModule.js","sourceRoot":"","sources":["../../../src/modules/vc/W3cCredentialsModule.ts"],"names":[],"mappings":";;;AAGA,yCAAsC;AACtC,kCAGgB;AAEhB,iEAA6D;AAC7D,2DAAuD;AACvD,6EAAyE;AACzE,oFAAqG;AACrG,4FAAwF;AACxF,wEAA8F;AAC9F,qCAAkD;AAClD,kFAA8E;AAE9E;;GAEG;AACH,MAAa,oBAAoB;IAI/B,YAAmB,MAA0C;QAF7C,QAAG,GAAG,qCAAiB,CAAA;QAGrC,IAAI,CAAC,MAAM,GAAG,IAAI,uDAA0B,CAAC,MAAM,CAAC,CAAA;IACtD,CAAC;IAEM,QAAQ,CAAC,iBAAoC;QAClD,iBAAiB,CAAC,iBAAiB,CAAC,2CAAoB,CAAC,CAAA;QACzD,iBAAiB,CAAC,iBAAiB,CAAC,gCAAuB,CAAC,CAAA;QAC5D,iBAAiB,CAAC,iBAAiB,CAAC,uDAA0B,CAAC,CAAA;QAC/D,iBAAiB,CAAC,iBAAiB,CAAC,iDAAuB,CAAC,CAAA;QAE5D,iBAAiB,CAAC,iBAAiB,CAAC,+CAAsB,CAAC,CAAA;QAE3D,sBAAsB;QACtB,iBAAiB,CAAC,gBAAgB,CAAC,uDAA0B,EAAE,IAAI,CAAC,MAAM,CAAC,CAAA;QAE3E,0CAA0C;QAC1C,iBAAiB,CAAC,gBAAgB,CAAC,4CAAmB,EAAE;YACtD,UAAU,EAAE,uCAAoB;YAChC,SAAS,EAAE,sBAAsB;YACjC,uBAAuB,EAAE;gBACvB,6DAAsD;gBACtD,6DAAsD;aACvD;YACD,QAAQ,EAAE,CAAC,gBAAO,CAAC,OAAO,CAAC;SAC5B,CAAC,CAAA;QACF,iBAAiB,CAAC,gBAAgB,CAAC,4CAAmB,EAAE;YACtD,UAAU,EAAE,uCAAoB;YAChC,SAAS,EAAE,sBAAsB;YACjC,uBAAuB,EAAE,CAAC,6DAAsD,CAAC;YACjF,QAAQ,EAAE,CAAC,gBAAO,CAAC,OAAO,CAAC;SAC5B,CAAC,CAAA;IACJ,CAAC;CACF;AApCD,oDAoCC"}
@@ -0,0 +1,106 @@
1
+ import type { DocumentLoader, JsonLdDoc, Proof, VerificationMethod } from '../../jsonldUtil';
2
+ import type { JwsLinkedDataSignatureOptions } from '../JwsLinkedDataSignature';
3
+ import { JwsLinkedDataSignature } from '../JwsLinkedDataSignature';
4
+ type Ed25519Signature2020Options = Pick<JwsLinkedDataSignatureOptions, 'key' | 'proof' | 'date' | 'useNativeCanonize' | 'LDKeyClass'>;
5
+ export declare class Ed25519Signature2020 extends JwsLinkedDataSignature {
6
+ static CONTEXT_URL: string;
7
+ static CONTEXT: any;
8
+ /**
9
+ * @param {object} options - Options hashmap.
10
+ *
11
+ * Either a `key` OR at least one of `signer`/`verifier` is required.
12
+ *
13
+ * @param {object} [options.key] - An optional key object (containing an
14
+ * `id` property, and either `signer` or `verifier`, depending on the
15
+ * intended operation. Useful for when the application is managing keys
16
+ * itself (when using a KMS, you never have access to the private key,
17
+ * and so should use the `signer` param instead).
18
+ * @param {Function} [options.signer] - Signer function that returns an
19
+ * object with an async sign() method. This is useful when interfacing
20
+ * with a KMS (since you don't get access to the private key and its
21
+ * `signer()`, the KMS client gives you only the signer function to use).
22
+ * @param {Function} [options.verifier] - Verifier function that returns
23
+ * an object with an async `verify()` method. Useful when working with a
24
+ * KMS-provided verifier function.
25
+ *
26
+ * Advanced optional parameters and overrides.
27
+ *
28
+ * @param {object} [options.proof] - A JSON-LD document with options to use
29
+ * for the `proof` node. Any other custom fields can be provided here
30
+ * using a context different from security-v2).
31
+ * @param {string|Date} [options.date] - Signing date to use if not passed.
32
+ * @param {boolean} [options.useNativeCanonize] - Whether to use a native
33
+ * canonize algorithm.
34
+ */
35
+ constructor(options: Ed25519Signature2020Options);
36
+ assertVerificationMethod(document: JsonLdDoc): Promise<void>;
37
+ getVerificationMethod(options: {
38
+ proof: Proof;
39
+ documentLoader?: DocumentLoader;
40
+ }): Promise<any>;
41
+ /**
42
+ * Ensures the document to be signed contains the required signature suite
43
+ * specific `@context`, by either adding it (if `addSuiteContext` is true),
44
+ * or throwing an error if it's missing.
45
+ *
46
+ * @override
47
+ *
48
+ * @param {object} options - Options hashmap.
49
+ * @param {object} options.document - JSON-LD document to be signed.
50
+ * @param {boolean} options.addSuiteContext - Add suite context?
51
+ */
52
+ ensureSuiteContext(options: {
53
+ document: JsonLdDoc;
54
+ addSuiteContext: boolean;
55
+ }): void;
56
+ /**
57
+ * Checks whether a given proof exists in the document.
58
+ *
59
+ * @override
60
+ *
61
+ * @param {object} options - Options hashmap.
62
+ * @param {object} options.proof - A proof.
63
+ * @param {object} options.document - A JSON-LD document.
64
+ * @param {object} options.purpose - A jsonld-signatures ProofPurpose
65
+ * instance (e.g. AssertionProofPurpose, AuthenticationProofPurpose, etc).
66
+ * @param {Function} options.documentLoader - A secure document loader (it is
67
+ * recommended to use one that provides static known documents, instead of
68
+ * fetching from the web) for returning contexts, controller documents,
69
+ * keys, and other relevant URLs needed for the proof.
70
+ *
71
+ * @returns {Promise<boolean>} Whether a match for the proof was found.
72
+ */
73
+ matchProof(options: {
74
+ proof: Proof;
75
+ document: VerificationMethod;
76
+ purpose: any;
77
+ documentLoader?: DocumentLoader;
78
+ }): Promise<boolean>;
79
+ /**
80
+ * @param options - Options hashmap.
81
+ * @param options.verifyData - The data to sign.
82
+ * @param options.proof - A JSON-LD document with options to use
83
+ * for the `proof` node. Any other custom fields can be provided here
84
+ * using a context different from `security-v2`.
85
+ *
86
+ * @returns The proof containing the signature value.
87
+ */
88
+ sign(options: {
89
+ verifyData: Uint8Array;
90
+ proof: Proof;
91
+ }): Promise<Proof>;
92
+ /**
93
+ * @param options - Options hashmap.
94
+ * @param options.verifyData - The data to verify.
95
+ * @param options.verificationMethod - A verification method.
96
+ * @param options.proof - The proof to be verified.
97
+ *
98
+ * @returns Resolves with the verification result.
99
+ */
100
+ verifySignature(options: {
101
+ verifyData: Uint8Array;
102
+ verificationMethod: VerificationMethod;
103
+ proof: Proof;
104
+ }): Promise<any>;
105
+ }
106
+ export {};
@@ -0,0 +1,196 @@
1
+ "use strict";
2
+ var __importDefault = (this && this.__importDefault) || function (mod) {
3
+ return (mod && mod.__esModule) ? mod : { "default": mod };
4
+ };
5
+ Object.defineProperty(exports, "__esModule", { value: true });
6
+ exports.Ed25519Signature2020 = void 0;
7
+ const crypto_1 = require("../../../../../crypto");
8
+ const utils_1 = require("../../../../../utils");
9
+ const constants_1 = require("../../../constants");
10
+ const jsonldUtil_1 = require("../../jsonldUtil");
11
+ const jsonld_1 = __importDefault(require("../../libraries/jsonld"));
12
+ const JwsLinkedDataSignature_1 = require("../JwsLinkedDataSignature");
13
+ const constants_2 = require("./constants");
14
+ const context2020_1 = require("./context2020");
15
+ class Ed25519Signature2020 extends JwsLinkedDataSignature_1.JwsLinkedDataSignature {
16
+ /**
17
+ * @param {object} options - Options hashmap.
18
+ *
19
+ * Either a `key` OR at least one of `signer`/`verifier` is required.
20
+ *
21
+ * @param {object} [options.key] - An optional key object (containing an
22
+ * `id` property, and either `signer` or `verifier`, depending on the
23
+ * intended operation. Useful for when the application is managing keys
24
+ * itself (when using a KMS, you never have access to the private key,
25
+ * and so should use the `signer` param instead).
26
+ * @param {Function} [options.signer] - Signer function that returns an
27
+ * object with an async sign() method. This is useful when interfacing
28
+ * with a KMS (since you don't get access to the private key and its
29
+ * `signer()`, the KMS client gives you only the signer function to use).
30
+ * @param {Function} [options.verifier] - Verifier function that returns
31
+ * an object with an async `verify()` method. Useful when working with a
32
+ * KMS-provided verifier function.
33
+ *
34
+ * Advanced optional parameters and overrides.
35
+ *
36
+ * @param {object} [options.proof] - A JSON-LD document with options to use
37
+ * for the `proof` node. Any other custom fields can be provided here
38
+ * using a context different from security-v2).
39
+ * @param {string|Date} [options.date] - Signing date to use if not passed.
40
+ * @param {boolean} [options.useNativeCanonize] - Whether to use a native
41
+ * canonize algorithm.
42
+ */
43
+ constructor(options) {
44
+ super({
45
+ type: 'Ed25519Signature2020',
46
+ algorithm: 'EdDSA',
47
+ LDKeyClass: options.LDKeyClass,
48
+ contextUrl: constants_2.ED25519_SUITE_CONTEXT_URL_2020,
49
+ key: options.key,
50
+ proof: options.proof,
51
+ date: options.date,
52
+ useNativeCanonize: options.useNativeCanonize,
53
+ });
54
+ this.requiredKeyType = 'Ed25519VerificationKey2020';
55
+ }
56
+ async assertVerificationMethod(document) {
57
+ if (!_includesCompatibleContext({ document: document })) {
58
+ // For DID Documents, since keys do not have their own contexts,
59
+ // the suite context is usually provided by the documentLoader logic
60
+ throw new TypeError(`The '@context' of the verification method (key) MUST contain the context url "${this.contextUrl}".`);
61
+ }
62
+ if (!_isEd2020Key(document)) {
63
+ const verificationMethodType = jsonld_1.default.getValues(document, 'type')[0];
64
+ throw new Error(`Unsupported verification method type '${verificationMethodType}'. Verification method type MUST be 'Ed25519VerificationKey2020'.`);
65
+ }
66
+ else if (_isEd2020Key(document) && !_includesEd2020Context(document)) {
67
+ throw new Error(`For verification method type 'Ed25519VerificationKey2020' the '@context' MUST contain the context url "${constants_2.ED25519_SUITE_CONTEXT_URL_2020}".`);
68
+ }
69
+ // ensure verification method has not been revoked
70
+ if (document.revoked !== undefined) {
71
+ throw new Error('The verification method has been revoked.');
72
+ }
73
+ }
74
+ async getVerificationMethod(options) {
75
+ let verificationMethod = await super.getVerificationMethod({
76
+ proof: options.proof,
77
+ documentLoader: options.documentLoader,
78
+ });
79
+ // convert Ed25519VerificationKey2020 to Ed25519VerificationKey2018
80
+ if (_isEd2020Key(verificationMethod) && _includesEd2020Context(verificationMethod)) {
81
+ // -- convert multibase to base58 --
82
+ const publicKeyBase58 = crypto_1.Key.fromFingerprint(verificationMethod.publicKeyMultibase).publicKeyBase58;
83
+ // -- update type
84
+ verificationMethod.type = 'Ed25519VerificationKey2018';
85
+ verificationMethod = Object.assign(Object.assign({}, verificationMethod), { publicKeyMultibase: undefined, publicKeyBase58 });
86
+ }
87
+ return verificationMethod;
88
+ }
89
+ /**
90
+ * Ensures the document to be signed contains the required signature suite
91
+ * specific `@context`, by either adding it (if `addSuiteContext` is true),
92
+ * or throwing an error if it's missing.
93
+ *
94
+ * @override
95
+ *
96
+ * @param {object} options - Options hashmap.
97
+ * @param {object} options.document - JSON-LD document to be signed.
98
+ * @param {boolean} options.addSuiteContext - Add suite context?
99
+ */
100
+ ensureSuiteContext(options) {
101
+ if (_includesCompatibleContext({ document: options.document })) {
102
+ return;
103
+ }
104
+ super.ensureSuiteContext({ document: options.document, addSuiteContext: options.addSuiteContext });
105
+ }
106
+ /**
107
+ * Checks whether a given proof exists in the document.
108
+ *
109
+ * @override
110
+ *
111
+ * @param {object} options - Options hashmap.
112
+ * @param {object} options.proof - A proof.
113
+ * @param {object} options.document - A JSON-LD document.
114
+ * @param {object} options.purpose - A jsonld-signatures ProofPurpose
115
+ * instance (e.g. AssertionProofPurpose, AuthenticationProofPurpose, etc).
116
+ * @param {Function} options.documentLoader - A secure document loader (it is
117
+ * recommended to use one that provides static known documents, instead of
118
+ * fetching from the web) for returning contexts, controller documents,
119
+ * keys, and other relevant URLs needed for the proof.
120
+ *
121
+ * @returns {Promise<boolean>} Whether a match for the proof was found.
122
+ */
123
+ async matchProof(options) {
124
+ if (!_includesCompatibleContext({ document: options.document })) {
125
+ return false;
126
+ }
127
+ return super.matchProof({
128
+ proof: options.proof,
129
+ document: options.document,
130
+ purpose: options.purpose,
131
+ documentLoader: options.documentLoader,
132
+ });
133
+ }
134
+ /**
135
+ * @param options - Options hashmap.
136
+ * @param options.verifyData - The data to sign.
137
+ * @param options.proof - A JSON-LD document with options to use
138
+ * for the `proof` node. Any other custom fields can be provided here
139
+ * using a context different from `security-v2`.
140
+ *
141
+ * @returns The proof containing the signature value.
142
+ */
143
+ async sign(options) {
144
+ if (!(this.signer && typeof this.signer.sign === 'function')) {
145
+ throw new Error('A signer API has not been specified.');
146
+ }
147
+ const signature = await this.signer.sign({ data: options.verifyData });
148
+ const encodedSignature = utils_1.MultiBaseEncoder.encode(signature, 'base58btc');
149
+ // create detached content signature
150
+ options.proof.proofValue = encodedSignature;
151
+ return options.proof;
152
+ }
153
+ /**
154
+ * @param options - Options hashmap.
155
+ * @param options.verifyData - The data to verify.
156
+ * @param options.verificationMethod - A verification method.
157
+ * @param options.proof - The proof to be verified.
158
+ *
159
+ * @returns Resolves with the verification result.
160
+ */
161
+ async verifySignature(options) {
162
+ if (!(options.proof.proofValue && typeof options.proof.proofValue === 'string')) {
163
+ throw new TypeError('The proof does not include a valid "proofValue" property.');
164
+ }
165
+ const signature = utils_1.MultiBaseEncoder.decode(options.proof.proofValue).data;
166
+ let { verifier } = this;
167
+ if (!verifier) {
168
+ const key = await this.LDKeyClass.from(options.verificationMethod);
169
+ verifier = key.verifier();
170
+ }
171
+ return verifier.verify({ data: options.verifyData, signature });
172
+ }
173
+ }
174
+ exports.Ed25519Signature2020 = Ed25519Signature2020;
175
+ Ed25519Signature2020.CONTEXT_URL = constants_2.ED25519_SUITE_CONTEXT_URL_2020;
176
+ Ed25519Signature2020.CONTEXT = context2020_1.ed25519Signature2020Context.get(constants_2.ED25519_SUITE_CONTEXT_URL_2020);
177
+ function _includesCompatibleContext(options) {
178
+ // Handle the unfortunate Ed25519Signature2018 / credentials/v1 collision
179
+ const hasEd2020 = (0, jsonldUtil_1._includesContext)({
180
+ document: options.document,
181
+ contextUrl: constants_2.ED25519_SUITE_CONTEXT_URL_2020,
182
+ });
183
+ const hasCred = (0, jsonldUtil_1._includesContext)({ document: options.document, contextUrl: constants_1.CREDENTIALS_CONTEXT_V1_URL });
184
+ const hasSecV2 = (0, jsonldUtil_1._includesContext)({ document: options.document, contextUrl: constants_1.SECURITY_CONTEXT_URL });
185
+ // Either one by itself is fine, for this suite
186
+ return hasEd2020 || hasCred || hasSecV2;
187
+ }
188
+ function _isEd2020Key(verificationMethod) {
189
+ // eslint-disable-next-line @typescript-eslint/ban-ts-comment
190
+ // @ts-ignore - .hasValue is not part of the public API
191
+ return jsonld_1.default.hasValue(verificationMethod, 'type', 'Ed25519VerificationKey2020');
192
+ }
193
+ function _includesEd2020Context(document) {
194
+ return (0, jsonldUtil_1._includesContext)({ document, contextUrl: constants_2.ED25519_SUITE_CONTEXT_URL_2020 });
195
+ }
196
+ //# sourceMappingURL=Ed25519Signature2020.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"Ed25519Signature2020.js","sourceRoot":"","sources":["../../../../../../src/modules/vc/data-integrity/signature-suites/ed25519/Ed25519Signature2020.ts"],"names":[],"mappings":";;;;;;AAGA,kDAA2C;AAC3C,gDAAuD;AACvD,kDAAqF;AACrF,iDAAmD;AACnD,oEAA2C;AAC3C,sEAAkE;AAElE,2CAA4D;AAC5D,+CAA2D;AAO3D,MAAa,oBAAqB,SAAQ,+CAAsB;IAI9D;;;;;;;;;;;;;;;;;;;;;;;;;;OA0BG;IACH,YAAmB,OAAoC;QACrD,KAAK,CAAC;YACJ,IAAI,EAAE,sBAAsB;YAC5B,SAAS,EAAE,OAAO;YAClB,UAAU,EAAE,OAAO,CAAC,UAAU;YAC9B,UAAU,EAAE,0CAA8B;YAC1C,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,IAAI,EAAE,OAAO,CAAC,IAAI;YAClB,iBAAiB,EAAE,OAAO,CAAC,iBAAiB;SAC7C,CAAC,CAAA;QACF,IAAI,CAAC,eAAe,GAAG,4BAA4B,CAAA;IACrD,CAAC;IAEM,KAAK,CAAC,wBAAwB,CAAC,QAAmB;QACvD,IAAI,CAAC,0BAA0B,CAAC,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC,EAAE,CAAC;YACxD,gEAAgE;YAChE,oEAAoE;YACpE,MAAM,IAAI,SAAS,CACjB,iFAAiF,IAAI,CAAC,UAAU,IAAI,CACrG,CAAA;QACH,CAAC;QAED,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC5B,MAAM,sBAAsB,GAAG,gBAAM,CAAC,SAAS,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,CAAA;YACpE,MAAM,IAAI,KAAK,CACb,yCAAyC,sBAAsB,mEAAmE,CACnI,CAAA;QACH,CAAC;aAAM,IAAI,YAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,sBAAsB,CAAC,QAAQ,CAAC,EAAE,CAAC;YACvE,MAAM,IAAI,KAAK,CACb,0GAA0G,0CAA8B,IAAI,CAC7I,CAAA;QACH,CAAC;QAED,kDAAkD;QAClD,IAAI,QAAQ,CAAC,OAAO,KAAK,SAAS,EAAE,CAAC;YACnC,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAA;QAC9D,CAAC;IACH,CAAC;IAEM,KAAK,CAAC,qBAAqB,CAAC,OAA0D;QAC3F,IAAI,kBAAkB,GAAG,MAAM,KAAK,CAAC,qBAAqB,CAAC;YACzD,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,cAAc,EAAE,OAAO,CAAC,cAAc;SACvC,CAAC,CAAA;QAEF,mEAAmE;QACnE,IAAI,YAAY,CAAC,kBAAkB,CAAC,IAAI,sBAAsB,CAAC,kBAAkB,CAAC,EAAE,CAAC;YACnF,oCAAoC;YACpC,MAAM,eAAe,GAAG,YAAG,CAAC,eAAe,CAAC,kBAAkB,CAAC,kBAAkB,CAAC,CAAC,eAAe,CAAA;YAElG,iBAAiB;YACjB,kBAAkB,CAAC,IAAI,GAAG,4BAA4B,CAAA;YAEtD,kBAAkB,mCACb,kBAAkB,KACrB,kBAAkB,EAAE,SAAS,EAC7B,eAAe,GAChB,CAAA;QACH,CAAC;QAED,OAAO,kBAAkB,CAAA;IAC3B,CAAC;IAED;;;;;;;;;;OAUG;IACI,kBAAkB,CAAC,OAA0D;QAClF,IAAI,0BAA0B,CAAC,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,EAAE,CAAC;YAC/D,OAAM;QACR,CAAC;QAED,KAAK,CAAC,kBAAkB,CAAC,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,eAAe,EAAE,OAAO,CAAC,eAAe,EAAE,CAAC,CAAA;IACpG,CAAC;IAED;;;;;;;;;;;;;;;;OAgBG;IACI,KAAK,CAAC,UAAU,CAAC,OAMvB;QACC,IAAI,CAAC,0BAA0B,CAAC,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,EAAE,CAAC;YAChE,OAAO,KAAK,CAAA;QACd,CAAC;QACD,OAAO,KAAK,CAAC,UAAU,CAAC;YACtB,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,cAAc,EAAE,OAAO,CAAC,cAAc;SACvC,CAAC,CAAA;IACJ,CAAC;IAED;;;;;;;;OAQG;IACI,KAAK,CAAC,IAAI,CAAC,OAAiD;QACjE,IAAI,CAAC,CAAC,IAAI,CAAC,MAAM,IAAI,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,UAAU,CAAC,EAAE,CAAC;YAC7D,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAA;QACzD,CAAC;QACD,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,CAAC,UAAU,EAAE,CAAC,CAAA;QACtE,MAAM,gBAAgB,GAAG,wBAAgB,CAAC,MAAM,CAAC,SAAS,EAAE,WAAW,CAAC,CAAA;QAExE,oCAAoC;QACpC,OAAO,CAAC,KAAK,CAAC,UAAU,GAAG,gBAAgB,CAAA;QAC3C,OAAO,OAAO,CAAC,KAAK,CAAA;IACtB,CAAC;IAED;;;;;;;OAOG;IACI,KAAK,CAAC,eAAe,CAAC,OAI5B;QACC,IAAI,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,UAAU,IAAI,OAAO,OAAO,CAAC,KAAK,CAAC,UAAU,KAAK,QAAQ,CAAC,EAAE,CAAC;YAChF,MAAM,IAAI,SAAS,CAAC,2DAA2D,CAAC,CAAA;QAClF,CAAC;QACD,MAAM,SAAS,GAAG,wBAAgB,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,IAAI,CAAA;QAExE,IAAI,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAA;QACvB,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAA;YAClE,QAAQ,GAAG,GAAG,CAAC,QAAQ,EAAE,CAAA;QAC3B,CAAC;QACD,OAAO,QAAQ,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,OAAO,CAAC,UAAU,EAAE,SAAS,EAAE,CAAC,CAAA;IACjE,CAAC;;AAlMH,oDAmMC;AAlMe,gCAAW,GAAG,0CAA8B,CAAA;AAC5C,4BAAO,GAAG,yCAA2B,CAAC,GAAG,CAAC,0CAA8B,CAAC,CAAA;AAmMzF,SAAS,0BAA0B,CAAC,OAAgC;IAClE,yEAAyE;IACzE,MAAM,SAAS,GAAG,IAAA,6BAAgB,EAAC;QACjC,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,UAAU,EAAE,0CAA8B;KAC3C,CAAC,CAAA;IACF,MAAM,OAAO,GAAG,IAAA,6BAAgB,EAAC,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,UAAU,EAAE,sCAA0B,EAAE,CAAC,CAAA;IACxG,MAAM,QAAQ,GAAG,IAAA,6BAAgB,EAAC,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,UAAU,EAAE,gCAAoB,EAAE,CAAC,CAAA;IAEnG,+CAA+C;IAC/C,OAAO,SAAS,IAAI,OAAO,IAAI,QAAQ,CAAA;AACzC,CAAC;AAED,SAAS,YAAY,CAAC,kBAA6B;IACjD,6DAA6D;IAC7D,uDAAuD;IACvD,OAAO,gBAAM,CAAC,QAAQ,CAAC,kBAAkB,EAAE,MAAM,EAAE,4BAA4B,CAAC,CAAA;AAClF,CAAC;AAED,SAAS,sBAAsB,CAAC,QAAmB;IACjD,OAAO,IAAA,6BAAgB,EAAC,EAAE,QAAQ,EAAE,UAAU,EAAE,0CAA8B,EAAE,CAAC,CAAA;AACnF,CAAC"}
@@ -0,0 +1,95 @@
1
+ export declare const context: {
2
+ '@context': {
3
+ id: string;
4
+ type: string;
5
+ '@protected': boolean;
6
+ proof: {
7
+ '@id': string;
8
+ '@type': string;
9
+ '@container': string;
10
+ };
11
+ Ed25519VerificationKey2020: {
12
+ '@id': string;
13
+ '@context': {
14
+ '@protected': boolean;
15
+ id: string;
16
+ type: string;
17
+ controller: {
18
+ '@id': string;
19
+ '@type': string;
20
+ };
21
+ revoked: {
22
+ '@id': string;
23
+ '@type': string;
24
+ };
25
+ publicKeyMultibase: {
26
+ '@id': string;
27
+ '@type': string;
28
+ };
29
+ };
30
+ };
31
+ Ed25519Signature2020: {
32
+ '@id': string;
33
+ '@context': {
34
+ '@protected': boolean;
35
+ id: string;
36
+ type: string;
37
+ challenge: string;
38
+ created: {
39
+ '@id': string;
40
+ '@type': string;
41
+ };
42
+ domain: string;
43
+ expires: {
44
+ '@id': string;
45
+ '@type': string;
46
+ };
47
+ nonce: string;
48
+ proofPurpose: {
49
+ '@id': string;
50
+ '@type': string;
51
+ '@context': {
52
+ '@protected': boolean;
53
+ id: string;
54
+ type: string;
55
+ assertionMethod: {
56
+ '@id': string;
57
+ '@type': string;
58
+ '@container': string;
59
+ };
60
+ authentication: {
61
+ '@id': string;
62
+ '@type': string;
63
+ '@container': string;
64
+ };
65
+ capabilityInvocation: {
66
+ '@id': string;
67
+ '@type': string;
68
+ '@container': string;
69
+ };
70
+ capabilityDelegation: {
71
+ '@id': string;
72
+ '@type': string;
73
+ '@container': string;
74
+ };
75
+ keyAgreement: {
76
+ '@id': string;
77
+ '@type': string;
78
+ '@container': string;
79
+ };
80
+ };
81
+ };
82
+ proofValue: {
83
+ '@id': string;
84
+ '@type': string;
85
+ };
86
+ verificationMethod: {
87
+ '@id': string;
88
+ '@type': string;
89
+ };
90
+ };
91
+ };
92
+ };
93
+ };
94
+ declare const ed25519Signature2020Context: Map<any, any>;
95
+ export { ed25519Signature2020Context };
@@ -0,0 +1,101 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.ed25519Signature2020Context = exports.context = void 0;
4
+ const constants_1 = require("./constants");
5
+ exports.context = {
6
+ '@context': {
7
+ id: '@id',
8
+ type: '@type',
9
+ '@protected': true,
10
+ proof: {
11
+ '@id': 'https://w3id.org/security#proof',
12
+ '@type': '@id',
13
+ '@container': '@graph',
14
+ },
15
+ Ed25519VerificationKey2020: {
16
+ '@id': 'https://w3id.org/security#Ed25519VerificationKey2020',
17
+ '@context': {
18
+ '@protected': true,
19
+ id: '@id',
20
+ type: '@type',
21
+ controller: {
22
+ '@id': 'https://w3id.org/security#controller',
23
+ '@type': '@id',
24
+ },
25
+ revoked: {
26
+ '@id': 'https://w3id.org/security#revoked',
27
+ '@type': 'http://www.w3.org/2001/XMLSchema#dateTime',
28
+ },
29
+ publicKeyMultibase: {
30
+ '@id': 'https://w3id.org/security#publicKeyMultibase',
31
+ '@type': 'https://w3id.org/security#multibase',
32
+ },
33
+ },
34
+ },
35
+ Ed25519Signature2020: {
36
+ '@id': 'https://w3id.org/security#Ed25519Signature2020',
37
+ '@context': {
38
+ '@protected': true,
39
+ id: '@id',
40
+ type: '@type',
41
+ challenge: 'https://w3id.org/security#challenge',
42
+ created: {
43
+ '@id': 'http://purl.org/dc/terms/created',
44
+ '@type': 'http://www.w3.org/2001/XMLSchema#dateTime',
45
+ },
46
+ domain: 'https://w3id.org/security#domain',
47
+ expires: {
48
+ '@id': 'https://w3id.org/security#expiration',
49
+ '@type': 'http://www.w3.org/2001/XMLSchema#dateTime',
50
+ },
51
+ nonce: 'https://w3id.org/security#nonce',
52
+ proofPurpose: {
53
+ '@id': 'https://w3id.org/security#proofPurpose',
54
+ '@type': '@vocab',
55
+ '@context': {
56
+ '@protected': true,
57
+ id: '@id',
58
+ type: '@type',
59
+ assertionMethod: {
60
+ '@id': 'https://w3id.org/security#assertionMethod',
61
+ '@type': '@id',
62
+ '@container': '@set',
63
+ },
64
+ authentication: {
65
+ '@id': 'https://w3id.org/security#authenticationMethod',
66
+ '@type': '@id',
67
+ '@container': '@set',
68
+ },
69
+ capabilityInvocation: {
70
+ '@id': 'https://w3id.org/security#capabilityInvocationMethod',
71
+ '@type': '@id',
72
+ '@container': '@set',
73
+ },
74
+ capabilityDelegation: {
75
+ '@id': 'https://w3id.org/security#capabilityDelegationMethod',
76
+ '@type': '@id',
77
+ '@container': '@set',
78
+ },
79
+ keyAgreement: {
80
+ '@id': 'https://w3id.org/security#keyAgreementMethod',
81
+ '@type': '@id',
82
+ '@container': '@set',
83
+ },
84
+ },
85
+ },
86
+ proofValue: {
87
+ '@id': 'https://w3id.org/security#proofValue',
88
+ '@type': 'https://w3id.org/security#multibase',
89
+ },
90
+ verificationMethod: {
91
+ '@id': 'https://w3id.org/security#verificationMethod',
92
+ '@type': '@id',
93
+ },
94
+ },
95
+ },
96
+ },
97
+ };
98
+ const ed25519Signature2020Context = new Map();
99
+ exports.ed25519Signature2020Context = ed25519Signature2020Context;
100
+ ed25519Signature2020Context.set(constants_1.ED25519_SUITE_CONTEXT_URL_2020, exports.context);
101
+ //# sourceMappingURL=context2020.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"context2020.js","sourceRoot":"","sources":["../../../../../../src/modules/vc/data-integrity/signature-suites/ed25519/context2020.ts"],"names":[],"mappings":";;;AAAA,2CAA4D;AAE/C,QAAA,OAAO,GAAG;IACrB,UAAU,EAAE;QACV,EAAE,EAAE,KAAK;QACT,IAAI,EAAE,OAAO;QACb,YAAY,EAAE,IAAI;QAClB,KAAK,EAAE;YACL,KAAK,EAAE,iCAAiC;YACxC,OAAO,EAAE,KAAK;YACd,YAAY,EAAE,QAAQ;SACvB;QACD,0BAA0B,EAAE;YAC1B,KAAK,EAAE,sDAAsD;YAC7D,UAAU,EAAE;gBACV,YAAY,EAAE,IAAI;gBAClB,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,OAAO;gBACb,UAAU,EAAE;oBACV,KAAK,EAAE,sCAAsC;oBAC7C,OAAO,EAAE,KAAK;iBACf;gBACD,OAAO,EAAE;oBACP,KAAK,EAAE,mCAAmC;oBAC1C,OAAO,EAAE,2CAA2C;iBACrD;gBACD,kBAAkB,EAAE;oBAClB,KAAK,EAAE,8CAA8C;oBACrD,OAAO,EAAE,qCAAqC;iBAC/C;aACF;SACF;QACD,oBAAoB,EAAE;YACpB,KAAK,EAAE,gDAAgD;YACvD,UAAU,EAAE;gBACV,YAAY,EAAE,IAAI;gBAClB,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,OAAO;gBACb,SAAS,EAAE,qCAAqC;gBAChD,OAAO,EAAE;oBACP,KAAK,EAAE,kCAAkC;oBACzC,OAAO,EAAE,2CAA2C;iBACrD;gBACD,MAAM,EAAE,kCAAkC;gBAC1C,OAAO,EAAE;oBACP,KAAK,EAAE,sCAAsC;oBAC7C,OAAO,EAAE,2CAA2C;iBACrD;gBACD,KAAK,EAAE,iCAAiC;gBACxC,YAAY,EAAE;oBACZ,KAAK,EAAE,wCAAwC;oBAC/C,OAAO,EAAE,QAAQ;oBACjB,UAAU,EAAE;wBACV,YAAY,EAAE,IAAI;wBAClB,EAAE,EAAE,KAAK;wBACT,IAAI,EAAE,OAAO;wBACb,eAAe,EAAE;4BACf,KAAK,EAAE,2CAA2C;4BAClD,OAAO,EAAE,KAAK;4BACd,YAAY,EAAE,MAAM;yBACrB;wBACD,cAAc,EAAE;4BACd,KAAK,EAAE,gDAAgD;4BACvD,OAAO,EAAE,KAAK;4BACd,YAAY,EAAE,MAAM;yBACrB;wBACD,oBAAoB,EAAE;4BACpB,KAAK,EAAE,sDAAsD;4BAC7D,OAAO,EAAE,KAAK;4BACd,YAAY,EAAE,MAAM;yBACrB;wBACD,oBAAoB,EAAE;4BACpB,KAAK,EAAE,sDAAsD;4BAC7D,OAAO,EAAE,KAAK;4BACd,YAAY,EAAE,MAAM;yBACrB;wBACD,YAAY,EAAE;4BACZ,KAAK,EAAE,8CAA8C;4BACrD,OAAO,EAAE,KAAK;4BACd,YAAY,EAAE,MAAM;yBACrB;qBACF;iBACF;gBACD,UAAU,EAAE;oBACV,KAAK,EAAE,sCAAsC;oBAC7C,OAAO,EAAE,qCAAqC;iBAC/C;gBACD,kBAAkB,EAAE;oBAClB,KAAK,EAAE,8CAA8C;oBACrD,OAAO,EAAE,KAAK;iBACf;aACF;SACF;KACF;CACF,CAAA;AAED,MAAM,2BAA2B,GAAG,IAAI,GAAG,EAAE,CAAA;AAGpC,kEAA2B;AAFpC,2BAA2B,CAAC,GAAG,CAAC,0CAA8B,EAAE,eAAO,CAAC,CAAA"}
@@ -1,2 +1,3 @@
1
1
  export * from './ed25519/Ed25519Signature2018';
2
+ export * from './ed25519/Ed25519Signature2020';
2
3
  export * from './JwsLinkedDataSignature';
@@ -15,5 +15,6 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
15
15
  };
16
16
  Object.defineProperty(exports, "__esModule", { value: true });
17
17
  __exportStar(require("./ed25519/Ed25519Signature2018"), exports);
18
+ __exportStar(require("./ed25519/Ed25519Signature2020"), exports);
18
19
  __exportStar(require("./JwsLinkedDataSignature"), exports);
19
20
  //# sourceMappingURL=index.js.map
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../src/modules/vc/data-integrity/signature-suites/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,iEAA8C;AAC9C,2DAAwC"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../src/modules/vc/data-integrity/signature-suites/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,iEAA8C;AAC9C,iEAA8C;AAC9C,2DAAwC"}
@@ -39,6 +39,25 @@ export interface Wallet extends Disposable {
39
39
  generateNonce(): Promise<string>;
40
40
  getRandomValues(length: number): Uint8Array;
41
41
  generateWalletKey(): Promise<string>;
42
+ /**
43
+ * Method that enables JWT encryption using ECDH-ES and AesA256Gcm and returns it as a compact JWE.
44
+ * This method is specifically added to support OpenID4VP response encryption using JARM and should later be
45
+ * refactored into a more generic method that supports encryption/decryption.
46
+ *
47
+ * @returns compact JWE
48
+ */
49
+ directEncryptCompactJweEcdhEs?(options: WalletDirectEncryptCompactJwtEcdhEsOptions): Promise<string>;
50
+ /**
51
+ * Method that enabled JWT encryption using ECDH-ES and AesA256Gcm and returns it as a compact JWE.
52
+ * This method is specifically added to support OpenID4VP response encryption using JARM and should later be
53
+ * refactored into a more generic method that supports encryption/decryption.
54
+ *
55
+ * @returns compact JWE
56
+ */
57
+ directDecryptCompactJweEcdhEs?({ compactJwe, recipientKey, }: {
58
+ compactJwe: string;
59
+ recipientKey: Key;
60
+ }): Promise<WalletDirectDecryptCompactJwtEcdhEsReturn>;
42
61
  /**
43
62
  * Get the key types supported by the wallet implementation.
44
63
  */
@@ -65,3 +84,15 @@ export interface UnpackedMessageContext {
65
84
  senderKey?: string;
66
85
  recipientKey?: string;
67
86
  }
87
+ export interface WalletDirectEncryptCompactJwtEcdhEsOptions {
88
+ recipientKey: Key;
89
+ encryptionAlgorithm: 'A256GCM';
90
+ apu?: string;
91
+ apv?: string;
92
+ data: Buffer;
93
+ header: Record<string, unknown>;
94
+ }
95
+ export interface WalletDirectDecryptCompactJwtEcdhEsReturn {
96
+ data: Buffer;
97
+ header: Record<string, unknown>;
98
+ }
package/package.json CHANGED
@@ -2,7 +2,7 @@
2
2
  "name": "@credo-ts/core",
3
3
  "main": "build/index",
4
4
  "types": "build/index",
5
- "version": "0.5.11",
5
+ "version": "0.5.12-alpha-20240927180637",
6
6
  "files": [
7
7
  "build"
8
8
  ],