@credo-ts/core 0.6.2-alpha-20251222120740 → 0.6.2-pr-2610-20260107224024
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/build/crypto/index.d.mts +1 -1
- package/build/crypto/index.mjs +1 -0
- package/build/crypto/webcrypto/CredoWebCryptoKey.d.mts +3 -3
- package/build/crypto/webcrypto/CredoWebCryptoKey.mjs.map +1 -1
- package/build/crypto/webcrypto/index.d.mts +1 -1
- package/build/crypto/webcrypto/index.mjs +1 -0
- package/build/crypto/webcrypto/types.d.mts +16 -2
- package/build/crypto/webcrypto/types.d.mts.map +1 -1
- package/build/crypto/webcrypto/types.mjs +50 -1
- package/build/crypto/webcrypto/types.mjs.map +1 -1
- package/build/crypto/webcrypto/utils/keyAlgorithmConversion.d.mts +2 -2
- package/build/crypto/webcrypto/utils/keyAlgorithmConversion.mjs +31 -2
- package/build/crypto/webcrypto/utils/keyAlgorithmConversion.mjs.map +1 -1
- package/build/index.d.mts +4 -3
- package/build/index.d.mts.map +1 -1
- package/build/index.mjs +3 -1
- package/build/index.mjs.map +1 -1
- package/build/modules/dids/domain/keyDidDocument.mjs +2 -2
- package/build/modules/dids/domain/keyDidDocument.mjs.map +1 -1
- package/build/modules/dids/methods/jwk/DidJwk.mjs +1 -1
- package/build/modules/dids/methods/jwk/DidJwk.mjs.map +1 -1
- package/build/modules/kms/jwk/PublicJwk.d.mts +9 -2
- package/build/modules/kms/jwk/PublicJwk.d.mts.map +1 -1
- package/build/modules/kms/jwk/PublicJwk.mjs +19 -9
- package/build/modules/kms/jwk/PublicJwk.mjs.map +1 -1
- package/build/modules/kms/jwk/kty/PublicJwk.d.mts +1 -1
- package/build/modules/kms/jwk/kty/PublicJwk.d.mts.map +1 -1
- package/build/modules/kms/jwk/kty/ec/P256PublicJwk.d.mts +1 -1
- package/build/modules/kms/jwk/kty/ec/P256PublicJwk.d.mts.map +1 -1
- package/build/modules/kms/jwk/kty/ec/P256PublicJwk.mjs +1 -1
- package/build/modules/kms/jwk/kty/ec/P256PublicJwk.mjs.map +1 -1
- package/build/modules/kms/jwk/kty/ec/P384PublicJwk.d.mts +1 -1
- package/build/modules/kms/jwk/kty/ec/P384PublicJwk.d.mts.map +1 -1
- package/build/modules/kms/jwk/kty/ec/P384PublicJwk.mjs +1 -1
- package/build/modules/kms/jwk/kty/ec/P384PublicJwk.mjs.map +1 -1
- package/build/modules/kms/jwk/kty/ec/P521PublicJwk.d.mts +1 -1
- package/build/modules/kms/jwk/kty/ec/P521PublicJwk.d.mts.map +1 -1
- package/build/modules/kms/jwk/kty/ec/P521PublicJwk.mjs +1 -1
- package/build/modules/kms/jwk/kty/ec/P521PublicJwk.mjs.map +1 -1
- package/build/modules/kms/jwk/kty/ec/Secp256k1PublicJwk.d.mts +1 -1
- package/build/modules/kms/jwk/kty/ec/Secp256k1PublicJwk.d.mts.map +1 -1
- package/build/modules/kms/jwk/kty/ec/Secp256k1PublicJwk.mjs +1 -1
- package/build/modules/kms/jwk/kty/ec/Secp256k1PublicJwk.mjs.map +1 -1
- package/build/modules/kms/jwk/kty/okp/Ed25519PublicJwk.d.mts +1 -1
- package/build/modules/kms/jwk/kty/okp/Ed25519PublicJwk.d.mts.map +1 -1
- package/build/modules/kms/jwk/kty/okp/Ed25519PublicJwk.mjs +1 -1
- package/build/modules/kms/jwk/kty/okp/Ed25519PublicJwk.mjs.map +1 -1
- package/build/modules/kms/jwk/kty/okp/X25519PublicJwk.d.mts +1 -1
- package/build/modules/kms/jwk/kty/okp/X25519PublicJwk.d.mts.map +1 -1
- package/build/modules/kms/jwk/kty/okp/X25519PublicJwk.mjs +1 -1
- package/build/modules/kms/jwk/kty/okp/X25519PublicJwk.mjs.map +1 -1
- package/build/modules/kms/jwk/kty/rsa/RsaPublicJwk.d.mts +2 -2
- package/build/modules/kms/jwk/kty/rsa/RsaPublicJwk.d.mts.map +1 -1
- package/build/modules/kms/jwk/kty/rsa/RsaPublicJwk.mjs +1 -1
- package/build/modules/kms/jwk/kty/rsa/RsaPublicJwk.mjs.map +1 -1
- package/build/modules/mdoc/MdocContext.mjs +1 -1
- package/build/modules/mdoc/MdocContext.mjs.map +1 -1
- package/build/modules/x509/CertificateSigningRequest.d.mts +58 -0
- package/build/modules/x509/CertificateSigningRequest.d.mts.map +1 -0
- package/build/modules/x509/CertificateSigningRequest.mjs +148 -0
- package/build/modules/x509/CertificateSigningRequest.mjs.map +1 -0
- package/build/modules/x509/X509Api.d.mts +4 -1
- package/build/modules/x509/X509Api.d.mts.map +1 -1
- package/build/modules/x509/X509Api.mjs +6 -0
- package/build/modules/x509/X509Api.mjs.map +1 -1
- package/build/modules/x509/X509Certificate.d.mts +4 -4
- package/build/modules/x509/X509Certificate.d.mts.map +1 -1
- package/build/modules/x509/X509Certificate.mjs +3 -3
- package/build/modules/x509/X509Certificate.mjs.map +1 -1
- package/build/modules/x509/X509Service.d.mts +8 -3
- package/build/modules/x509/X509Service.d.mts.map +1 -1
- package/build/modules/x509/X509Service.mjs +10 -2
- package/build/modules/x509/X509Service.mjs.map +1 -1
- package/build/modules/x509/X509ServiceOptions.d.mts +22 -1
- package/build/modules/x509/X509ServiceOptions.d.mts.map +1 -1
- package/build/modules/x509/index.d.mts +2 -1
- package/build/modules/x509/index.mjs +1 -0
- package/build/modules/x509/utils/nameConversion.mjs +1 -1
- package/build/modules/x509/utils/nameConversion.mjs.map +1 -1
- package/package.json +1 -1
|
@@ -32,8 +32,14 @@ declare class PublicJwk<Jwk extends SupportedPublicJwk = SupportedPublicJwk> {
|
|
|
32
32
|
}?: {
|
|
33
33
|
includeKid?: boolean;
|
|
34
34
|
}): Jwk['jwk'];
|
|
35
|
+
/**
|
|
36
|
+
* Get the signature algorithms supported for this jwk.
|
|
37
|
+
*
|
|
38
|
+
* If the jwk has an `alg` field defined it will only return that alg
|
|
39
|
+
* and otherwise return all known supported signature algorithm.
|
|
40
|
+
*/
|
|
35
41
|
get supportedSignatureAlgorithms(): KnownJwaSignatureAlgorithm[];
|
|
36
|
-
get
|
|
42
|
+
get supportedEncryptionKeyAgreementAlgorithms(): KnownJwaKeyAgreementAlgorithm[];
|
|
37
43
|
/**
|
|
38
44
|
* key type as defined in [JWA Specification](https://tools.ietf.org/html/rfc7518#section-6.1)
|
|
39
45
|
*/
|
|
@@ -57,12 +63,13 @@ declare class PublicJwk<Jwk extends SupportedPublicJwk = SupportedPublicJwk> {
|
|
|
57
63
|
*/
|
|
58
64
|
getJwkThumbprint(hashAlgorithm?: HashName): Uint8Array<ArrayBuffer>;
|
|
59
65
|
/**
|
|
60
|
-
* Get the signature algorithm to use with this jwk. If the jwk has an `alg` field defined
|
|
66
|
+
* Get the first signature algorithm to use with this jwk. If the jwk has an `alg` field defined
|
|
61
67
|
* it will use that alg, and otherwise fall back to the first supported signature algorithm.
|
|
62
68
|
*
|
|
63
69
|
* If no algorithm is supported it will throw an error
|
|
64
70
|
*/
|
|
65
71
|
get signatureAlgorithm(): this["supportedSignatureAlgorithms"][number];
|
|
72
|
+
assertSignatureAlgorithmSupported(alg: KnownJwaSignatureAlgorithm): asserts alg is this['supportedSignatureAlgorithms'][number];
|
|
66
73
|
static fromPublicKey<Supported extends SupportedPublicJwk['publicKey']>(publicKey: Supported): PublicJwk<ExtractByPublicKey<SupportedPublicJwk, Supported>>;
|
|
67
74
|
/**
|
|
68
75
|
* Returns the jwk encoded a Base58 multibase encoded multicodec key
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"PublicJwk.d.mts","names":[],"sources":["../../../../src/modules/kms/jwk/PublicJwk.ts"],"sourcesContent":[],"mappings":";;;;;;;;;;;;;;;cAuBa,6BAAmB,0BAAA,uBAAA,uBAAA,uBAAA,sBAAA,4BAAA;KASpB,uBAAA,WAAkC;KAClC,kBAAA,GACR,mBACA,gBACA,gBACA,gBACA,eACA,qBACA;KAEC,qBAAqB;;KAA8B,UAAU,IAAI;KAEjE,2BAA2B;;KAAoC,UAAU,IAAI;cAErE,sBAAsB,qBAAqB;;;EAvB3C,OAAA,WAAA,CAAA,OAQZ,EAAA,OAAA,CAAA,EAkB2C,SAlB3C,CAkB2C,kBAlB3C,CAAA;EAR+B,OAAA,aAAA,CAAA,YAiFU,sBAjFV,CAAA,CAAA,GAAA,EAiFuC,GAjFvC,CAAA,EAkFS,SAlFT,CAmF1B,YAnF0B,CAmFb,kBAnFa,EAmFO,GAnFP,CAAA,SAAA,KAAA,GAmF4B,kBAnF5B,GAmFiD,YAnFjD,CAmF8D,kBAnF9D,EAmFkF,GAnFlF,CAAA,CAAA;EAAA,MAAA,CAAA;IAAA;EAAA,CAAA,CAAA,EAAA;IAAA,UAAA,CAAA,EAAA,OAAA;EAAA,CAAA,CAAA,EAuFuC,GAvFvC,CAAA,KAAA,CAAA;EAAA,IAAA,4BAAA,CAAA,CAAA,
|
|
1
|
+
{"version":3,"file":"PublicJwk.d.mts","names":[],"sources":["../../../../src/modules/kms/jwk/PublicJwk.ts"],"sourcesContent":[],"mappings":";;;;;;;;;;;;;;;cAuBa,6BAAmB,0BAAA,uBAAA,uBAAA,uBAAA,sBAAA,4BAAA;KASpB,uBAAA,WAAkC;KAClC,kBAAA,GACR,mBACA,gBACA,gBACA,gBACA,eACA,qBACA;KAEC,qBAAqB;;KAA8B,UAAU,IAAI;KAEjE,2BAA2B;;KAAoC,UAAU,IAAI;cAErE,sBAAsB,qBAAqB;;;EAvB3C,OAAA,WAAA,CAAA,OAQZ,EAAA,OAAA,CAAA,EAkB2C,SAlB3C,CAkB2C,kBAlB3C,CAAA;EAR+B,OAAA,aAAA,CAAA,YAiFU,sBAjFV,CAAA,CAAA,GAAA,EAiFuC,GAjFvC,CAAA,EAkFS,SAlFT,CAmF1B,YAnF0B,CAmFb,kBAnFa,EAmFO,GAnFP,CAAA,SAAA,KAAA,GAmF4B,kBAnF5B,GAmFiD,YAnFjD,CAmF8D,kBAnF9D,EAmFkF,GAnFlF,CAAA,CAAA;EAAA,MAAA,CAAA;IAAA;EAAA,CAAA,CAAA,EAAA;IAAA,UAAA,CAAA,EAAA,OAAA;EAAA,CAAA,CAAA,EAuFuC,GAvFvC,CAAA,KAAA,CAAA;EAAA;;;;AAShC;AACA;EACI,IAAA,4BAAA,CAAA,CAAA,EA0FyC,0BA1FzC,EAAA;EACA,IAAA,yCAAA,CAAA,CAAA,EAyGsD,6BAzGtD,EAAA;EACA;;;EAGA,IAAA,GAAA,CAAA,CAAA,EA4GgB,GA5GhB,CAAA,KAAA,CAAA,CAAA,KAAA,CAAA;EACA;;AAAe;;EAEqC,IAAA,KAAA,CAAA,CAAA,EAAA,MAAA;EAAU,IAAA,QAAA,CAAA,CAAA,EAAA,OAAA;EAAI,IAAA,KAAA,CAAA,KAAA,EAAA,MAAA;EAAC,IAAA,WAAA,CAAA,CAAA,EAAA,MAAA;EAElE,IAAA,SAAA,CAAA,CAAA,EAiIqB,GAjIrB,CAAkB,WAAA,CAAA;EAAS;;;EAAkD,IAAA,mBAAA,CAAA,CAAA,EAwI9C,GAxI8C,CAAA,qBAAA,CAAA;EAAC,IAAA,QAAA,CAAA,CAAA,EA6IhD,uBA7IgD;EAEtE;;;EAG+B,gBAAA,CAAA,aAAA,CAAA,EA8IH,QA9IG,CAAA,EA8IiB,UA9IjB,CA8IiB,WA9IjB,CAAA;EAAA;;;;;;EAyDgB,IAAA,kBAAA,CAAA,CAAA,EAAA,IAAA,CAAA,8BAAA,CAAA,CAAA,MAAA,CAAA;EAAkC,iCAAA,CAAA,GAAA,EA4GrF,0BA5GqF,CAAA,EAAA,QAAA,GAAA,IAAA,IAAA,CAAA,8BAAA,CAAA,CAAA,MAAA,CAAA;EAAoB,OAAA,aAAA,CAAA,kBAmHlE,kBAnHkE,CAAA,WAAA,CAAA,CAAA,CAAA,SAAA,EAmHtB,SAnHsB,CAAA,EAkJzE,SAlJyE,CAkJ/D,kBAlJ+D,CAkJ5C,kBAlJ4C,EAkJxB,SAlJwB,CAAA,CAAA;EAAjC;;;EAIV,IAAA,WAAA,CAAA,CAAA,EAAA,MAAA;EAc1B;;;EAiDnB,OAAA,eAAA,CAAA,WAAA,EAAA,MAAA,CAAA,EA+FyB,SA/FzB,CA+FyB,gBA/FzB,GA+FyB,aA/FzB,GA+FyB,aA/FzB,GA+FyB,aA/FzB,GA+FyB,YA/FzB,GA+FyB,kBA/FzB,GA+FyB,eA/FzB,CAAA;EAOU;;;EAWyB,EAAA,CAAA,aA+F5C,kBA/F4C,EAAA,aAgG5C,kBAhG4C,GAgGvB,IAhGuB,EAAA,aAiG5C,kBAjG4C,GAiGvB,IAjGuB,CAAA,CAAA,QAAA,EAmG/C,WAnG+C,CAmGnC,IAnGmC,CAAA,EAAA,QAAA,CAAA,EAoG9C,WApG8C,CAoGlC,IApGkC,CAAA,EAAA,QAAA,CAAA,EAqG9C,WArG8C,CAqGlC,IArGkC,CAAA,CAAA,EAAA,IAAA,IAsGhD,SAtGgD,CAsGtC,IAtGsC,CAAA,GAsG9B,SAtG8B,CAsGpB,IAtGoB,CAAA,GAsGZ,SAtGY,CAsGF,IAtGE,CAAA;EAAA;;;;;EA6D6B,SAAA,CAAA,IAAA,EAoDhF,GApDgF,SAoDpE,gBApDoE,GAAA,OAoD1C,eApD0C,GAAA,KAAA,CAAA,EAqDrF,GArDqF,SAqDzE,gBArDyE,GAqDtD,SArDsD,CAqD5C,eArD4C,CAAA,GAAA,KAAA;EAAvC;;;;;EAgBA,MAAA,CAAA,KAAA,EAoD5B,SApD4B,CAAA,EAAA,OAAA;EAAA;;;;EAkBlC,IAAA,uBAAA,CAAA,CAAA,EAAA,MAAA;EACA,OAAA,4CAAA,CAAA,GAAA,EA6CiD,0BA7CjD,CAAA,EA6C8E,uBA7C9E"}
|
|
@@ -77,11 +77,22 @@ var PublicJwk = class PublicJwk {
|
|
|
77
77
|
const { kid, ...jwk } = this.jwk.jwk;
|
|
78
78
|
return jwk;
|
|
79
79
|
}
|
|
80
|
+
/**
|
|
81
|
+
* Get the signature algorithms supported for this jwk.
|
|
82
|
+
*
|
|
83
|
+
* If the jwk has an `alg` field defined it will only return that alg
|
|
84
|
+
* and otherwise return all known supported signature algorithm.
|
|
85
|
+
*/
|
|
80
86
|
get supportedSignatureAlgorithms() {
|
|
81
|
-
|
|
87
|
+
const supportedSignatureAlgorithms = this.jwk.supportedSignatureAlgorithms ?? [];
|
|
88
|
+
if (this.jwk.jwk.alg) {
|
|
89
|
+
if (!supportedSignatureAlgorithms.includes(this.jwk.jwk.alg)) throw new KeyManagementError(`${this.jwkTypeHumanDescription} defines alg '${this.jwk.jwk.alg}' but this alg is not supported.`);
|
|
90
|
+
return [this.jwk.jwk.alg];
|
|
91
|
+
}
|
|
92
|
+
return supportedSignatureAlgorithms;
|
|
82
93
|
}
|
|
83
|
-
get
|
|
84
|
-
return this.jwk.
|
|
94
|
+
get supportedEncryptionKeyAgreementAlgorithms() {
|
|
95
|
+
return this.jwk.supportedEncryptionKeyAgreementAlgorithms ?? [];
|
|
85
96
|
}
|
|
86
97
|
/**
|
|
87
98
|
* key type as defined in [JWA Specification](https://tools.ietf.org/html/rfc7518#section-6.1)
|
|
@@ -128,20 +139,19 @@ var PublicJwk = class PublicJwk {
|
|
|
128
139
|
});
|
|
129
140
|
}
|
|
130
141
|
/**
|
|
131
|
-
* Get the signature algorithm to use with this jwk. If the jwk has an `alg` field defined
|
|
142
|
+
* Get the first signature algorithm to use with this jwk. If the jwk has an `alg` field defined
|
|
132
143
|
* it will use that alg, and otherwise fall back to the first supported signature algorithm.
|
|
133
144
|
*
|
|
134
145
|
* If no algorithm is supported it will throw an error
|
|
135
146
|
*/
|
|
136
147
|
get signatureAlgorithm() {
|
|
137
|
-
if (this.jwk.jwk.alg) {
|
|
138
|
-
if (!this.supportedSignatureAlgorithms.includes(this.jwk.jwk.alg)) throw new KeyManagementError(`${getJwkHumanDescription(this.jwk.jwk)} defines alg '${this.jwk.jwk.alg}' but this alg is not supported.`);
|
|
139
|
-
return this.jwk.jwk.alg;
|
|
140
|
-
}
|
|
141
148
|
const alg = this.supportedSignatureAlgorithms[0];
|
|
142
|
-
if (!alg) throw new KeyManagementError(`${
|
|
149
|
+
if (!alg) throw new KeyManagementError(`${this.jwkTypeHumanDescription} has no supported signature algorithms`);
|
|
143
150
|
return alg;
|
|
144
151
|
}
|
|
152
|
+
assertSignatureAlgorithmSupported(alg) {
|
|
153
|
+
if (!this.supportedSignatureAlgorithms.includes(alg)) throw new KeyManagementError(`${this.jwkTypeHumanDescription} does not support signature alg '${alg}'.`);
|
|
154
|
+
}
|
|
145
155
|
static fromPublicKey(publicKey) {
|
|
146
156
|
let jwkInstance;
|
|
147
157
|
if (publicKey.kty === "RSA") jwkInstance = RsaPublicJwk.fromPublicKey(publicKey);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"PublicJwk.mjs","names":["jwk: Jwk","jwkInstance: SupportedPublicJwk"],"sources":["../../../../src/modules/kms/jwk/PublicJwk.ts"],"sourcesContent":["import type { HashName } from '../../../crypto'\nimport { CredoError } from '../../../error'\nimport { MultiBaseEncoder, TypedArrayEncoder, VarintEncoder } from '../../../utils'\nimport type { Constructor } from '../../../utils/mixins'\nimport { zParseWithErrorHandling } from '../../../utils/zod'\nimport { KeyManagementError } from '../error/KeyManagementError'\nimport { legacyKeyIdFromPublicJwk } from '../legacy'\nimport { asymmetricPublicJwkMatches } from './equals'\nimport { getJwkHumanDescription } from './humanDescription'\nimport type { KnownJwaKeyAgreementAlgorithm, KnownJwaSignatureAlgorithm } from './jwa'\nimport { calculateJwkThumbprint } from './jwkThumbprint'\nimport { assertJwkAsymmetric, type KmsJwkPublicAsymmetric, publicJwkFromPrivateJwk, zKmsJwkPublic } from './knownJwk'\n\nimport {\n Ed25519PublicJwk,\n P256PublicJwk,\n P384PublicJwk,\n P521PublicJwk,\n RsaPublicJwk,\n Secp256k1PublicJwk,\n X25519PublicJwk,\n} from './kty'\n\nexport const SupportedPublicJwks = [\n Ed25519PublicJwk,\n P256PublicJwk,\n P384PublicJwk,\n P521PublicJwk,\n RsaPublicJwk,\n Secp256k1PublicJwk,\n X25519PublicJwk,\n]\nexport type SupportedPublicJwkClass = (typeof SupportedPublicJwks)[number]\nexport type SupportedPublicJwk =\n | Ed25519PublicJwk\n | P256PublicJwk\n | P384PublicJwk\n | P521PublicJwk\n | RsaPublicJwk\n | Secp256k1PublicJwk\n | X25519PublicJwk\n\ntype ExtractByJwk<T, K> = T extends { jwk: infer J } ? (K extends J ? T : never) : never\n\ntype ExtractByPublicKey<T, K> = T extends { publicKey: infer J } ? (K extends J ? T : never) : never\n\nexport class PublicJwk<Jwk extends SupportedPublicJwk = SupportedPublicJwk> {\n private constructor(private readonly jwk: Jwk) {}\n\n public static fromUnknown(jwkJson: unknown) {\n // We remove any private properties if they are present\n const publicJwk = publicJwkFromPrivateJwk(zParseWithErrorHandling(zKmsJwkPublic, jwkJson, 'jwk is not a valid jwk'))\n assertJwkAsymmetric(publicJwk)\n\n let jwkInstance: SupportedPublicJwk\n if (publicJwk.kty === 'RSA') {\n jwkInstance = new RsaPublicJwk(publicJwk)\n } else if (publicJwk.kty === 'EC') {\n if (publicJwk.crv === 'P-256') {\n jwkInstance = new P256PublicJwk({\n ...publicJwk,\n crv: publicJwk.crv,\n })\n } else if (publicJwk.crv === 'P-384') {\n jwkInstance = new P384PublicJwk({\n ...publicJwk,\n crv: publicJwk.crv,\n })\n } else if (publicJwk.crv === 'P-521') {\n jwkInstance = new P521PublicJwk({\n ...publicJwk,\n crv: publicJwk.crv,\n })\n } else if (publicJwk.crv === 'secp256k1') {\n jwkInstance = new Secp256k1PublicJwk({\n ...publicJwk,\n crv: publicJwk.crv,\n })\n } else {\n throw new KeyManagementError(\n `Unsupported kty '${publicJwk.kty}' with crv '${publicJwk.crv}' for creating jwk instance`\n )\n }\n } else if (publicJwk.crv === 'Ed25519') {\n jwkInstance = new Ed25519PublicJwk({\n ...publicJwk,\n crv: publicJwk.crv,\n })\n } else if (publicJwk.crv === 'X25519') {\n jwkInstance = new X25519PublicJwk({\n ...publicJwk,\n crv: publicJwk.crv,\n })\n } else {\n throw new KeyManagementError(`Unsupported kty '${publicJwk.kty}' for creating jwk instance`)\n }\n\n return new PublicJwk(jwkInstance)\n }\n\n // FIXME: all Jwk combinations should be separate types.\n // so not kty: EC, and crv: P-256 | P-384\n // but: kty: EC, and crv: P-256 | kty: EC, and crv: P-384\n // As the first appraoch messes with TypeScript's type inference\n public static fromPublicJwk<Jwk extends KmsJwkPublicAsymmetric>(jwk: Jwk) {\n return PublicJwk.fromUnknown(jwk) as PublicJwk<\n ExtractByJwk<SupportedPublicJwk, Jwk> extends never ? SupportedPublicJwk : ExtractByJwk<SupportedPublicJwk, Jwk>\n >\n }\n\n public toJson({ includeKid = true }: { includeKid?: boolean } = {}): Jwk['jwk'] {\n if (includeKid) return this.jwk.jwk\n\n // biome-ignore lint/correctness/noUnusedVariables: no explanation\n const { kid, ...jwk } = this.jwk.jwk\n return jwk\n }\n\n public get supportedSignatureAlgorithms(): KnownJwaSignatureAlgorithm[] {\n return this.jwk.supportedSignatureAlgorithms ?? []\n }\n\n public get supportdEncryptionKeyAgreementAlgorithms(): KnownJwaKeyAgreementAlgorithm[] {\n return this.jwk.supportdEncryptionKeyAgreementAlgorithms ?? []\n }\n\n /**\n * key type as defined in [JWA Specification](https://tools.ietf.org/html/rfc7518#section-6.1)\n */\n public get kty(): Jwk['jwk']['kty'] {\n return this.jwk.jwk.kty\n }\n\n /**\n * Get the key id for a public jwk. If the public jwk does not have\n * a key id, an error will be thrown\n */\n public get keyId(): string {\n if (this.jwk.jwk.kid) return this.jwk.jwk.kid\n\n throw new KeyManagementError('Unable to determine keyId for jwk')\n }\n\n public get hasKeyId(): boolean {\n return this.jwk.jwk.kid !== undefined\n }\n\n public set keyId(keyId: string) {\n this.jwk.jwk.kid = keyId\n }\n\n public get legacyKeyId() {\n return legacyKeyIdFromPublicJwk(this)\n }\n\n public get publicKey(): Jwk['publicKey'] {\n return this.jwk.publicKey\n }\n\n /**\n * Return the compressed public key. If the key type does not support compressed public keys, it will return null\n */\n public get compressedPublicKey(): Jwk['compressedPublicKey'] {\n return this.jwk.compressedPublicKey\n }\n\n public get JwkClass() {\n return this.jwk.constructor as SupportedPublicJwkClass\n }\n\n /**\n * SHA-256 jwk thumbprint\n */\n public getJwkThumbprint(hashAlgorithm: HashName = 'sha-256') {\n return calculateJwkThumbprint({\n jwk: this.jwk.jwk,\n hashAlgorithm: hashAlgorithm,\n })\n }\n\n /**\n * Get the signature algorithm to use with this jwk. If the jwk has an `alg` field defined\n * it will use that alg, and otherwise fall back to the first supported signature algorithm.\n *\n * If no algorithm is supported it will throw an error\n */\n public get signatureAlgorithm() {\n if (this.jwk.jwk.alg) {\n if (!this.supportedSignatureAlgorithms.includes(this.jwk.jwk.alg as KnownJwaSignatureAlgorithm)) {\n throw new KeyManagementError(\n `${getJwkHumanDescription(this.jwk.jwk)} defines alg '${this.jwk.jwk.alg}' but this alg is not supported.`\n )\n }\n\n return this.jwk.jwk.alg as this['supportedSignatureAlgorithms'][number]\n }\n\n const alg = this.supportedSignatureAlgorithms[0]\n if (!alg) {\n throw new KeyManagementError(`${getJwkHumanDescription(this.jwk.jwk)} has no supported signature algorithms`)\n }\n\n return alg as this['supportedSignatureAlgorithms'][number]\n }\n\n public static fromPublicKey<Supported extends SupportedPublicJwk['publicKey']>(publicKey: Supported) {\n let jwkInstance: SupportedPublicJwk\n\n if (publicKey.kty === 'RSA') {\n jwkInstance = RsaPublicJwk.fromPublicKey(publicKey)\n } else if (publicKey.kty === 'EC') {\n if (publicKey.crv === 'P-256') {\n jwkInstance = P256PublicJwk.fromPublicKey(publicKey.publicKey)\n } else if (publicKey.crv === 'P-384') {\n jwkInstance = P384PublicJwk.fromPublicKey(publicKey.publicKey)\n } else if (publicKey.crv === 'P-521') {\n jwkInstance = P521PublicJwk.fromPublicKey(publicKey.publicKey)\n } else if (publicKey.crv === 'secp256k1') {\n jwkInstance = Secp256k1PublicJwk.fromPublicKey(publicKey.publicKey)\n } else {\n throw new KeyManagementError(\n // @ts-expect-error\n `Unsupported kty '${publicKey.kty}' with crv '${publicKey.crv}' for creating jwk instance based on public key bytes`\n )\n }\n } else if (publicKey.crv === 'X25519') {\n jwkInstance = X25519PublicJwk.fromPublicKey(publicKey.publicKey)\n } else if (publicKey.crv === 'Ed25519') {\n jwkInstance = Ed25519PublicJwk.fromPublicKey(publicKey.publicKey)\n } else {\n throw new KeyManagementError(\n // @ts-expect-error\n `Unsupported kty '${publicKey.kty}' for creating jwk instance based on public key bytes`\n )\n }\n\n return new PublicJwk(jwkInstance) as PublicJwk<ExtractByPublicKey<SupportedPublicJwk, Supported>>\n }\n\n /**\n * Returns the jwk encoded a Base58 multibase encoded multicodec key\n */\n public get fingerprint() {\n const prefixBytes = VarintEncoder.encode(this.jwk.multicodecPrefix)\n const prefixedPublicKey = new Uint8Array([...prefixBytes, ...this.jwk.multicodec])\n\n return `z${TypedArrayEncoder.toBase58(prefixedPublicKey)}`\n }\n\n /**\n * Create a jwk instance based on a Base58 multibase encoded multicodec key\n */\n public static fromFingerprint(fingerprint: string) {\n const { data } = MultiBaseEncoder.decode(fingerprint)\n const [code, byteLength] = VarintEncoder.decode(data)\n const publicKey = data.slice(byteLength)\n\n const PublicJwkClass = SupportedPublicJwks.find((JwkClass) => JwkClass.multicodecPrefix === code)\n if (!PublicJwkClass) {\n throw new KeyManagementError(`Unsupported multicodec public key with prefix '${code}'`)\n }\n\n const jwk = PublicJwkClass.fromMulticodec(publicKey)\n return new PublicJwk(jwk)\n }\n\n /**\n * Check whether this PublicJwk instance is of a specific type\n */\n public is<\n Jwk1 extends SupportedPublicJwk,\n Jwk2 extends SupportedPublicJwk = Jwk1,\n Jwk3 extends SupportedPublicJwk = Jwk1,\n >(\n jwkType1: Constructor<Jwk1>,\n jwkType2?: Constructor<Jwk2>,\n jwkType3?: Constructor<Jwk3>\n ): this is PublicJwk<Jwk1> | PublicJwk<Jwk2> | PublicJwk<Jwk3> {\n const types = [jwkType1, jwkType2, jwkType3].filter(Boolean) as Constructor<SupportedPublicJwk>[]\n return types.some((type) => this.jwk.constructor === type)\n }\n\n /**\n * Convert the PublicJwk to another type.\n *\n * NOTE: only supported for Ed25519 to X25519 at the moment\n */\n public convertTo(\n type: Jwk extends Ed25519PublicJwk ? typeof X25519PublicJwk : never\n ): Jwk extends Ed25519PublicJwk ? PublicJwk<X25519PublicJwk> : never {\n if (!this.is(Ed25519PublicJwk) || type !== X25519PublicJwk) {\n throw new KeyManagementError('Unsupported key conversion. Only Ed25519 to X25519 is supported.')\n }\n\n return PublicJwk.fromPublicJwk(this.jwk.toX25519PublicJwk()) as Jwk extends Ed25519PublicJwk\n ? PublicJwk<X25519PublicJwk>\n : never\n }\n\n /**\n * Check whether this jwk instance is the same as another jwk instance.\n * It does this by comparing the key types and public keys, not other fields\n * of the JWK such as keyId, use, etc..\n */\n public equals(other: PublicJwk) {\n return asymmetricPublicJwkMatches(this.toJson(), other.toJson())\n }\n\n /**\n * Get human description of a jwk type. This does\n * not include the (public) key material\n */\n public get jwkTypeHumanDescription() {\n return getJwkHumanDescription(this.toJson())\n }\n\n public static supportedPublicJwkClassForSignatureAlgorithm(alg: KnownJwaSignatureAlgorithm): SupportedPublicJwkClass {\n const supportedPublicJwkClass = SupportedPublicJwks.find((JwkClass) =>\n JwkClass.supportedSignatureAlgorithms.includes(alg)\n )\n\n if (!supportedPublicJwkClass) {\n throw new CredoError(`Could not determine supported public jwk class for alg '${alg}'`)\n }\n\n return supportedPublicJwkClass\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAuBA,MAAa,sBAAsB;CACjC;CACA;CACA;CACA;CACA;CACA;CACA;CACD;AAeD,IAAa,YAAb,MAAa,UAA+D;CAC1E,AAAQ,YAAY,AAAiBA,KAAU;EAAV;;CAErC,OAAc,YAAY,SAAkB;EAE1C,MAAM,YAAY,wBAAwB,wBAAwB,eAAe,SAAS,yBAAyB,CAAC;AACpH,sBAAoB,UAAU;EAE9B,IAAIC;AACJ,MAAI,UAAU,QAAQ,MACpB,eAAc,IAAI,aAAa,UAAU;WAChC,UAAU,QAAQ,KAC3B,KAAI,UAAU,QAAQ,QACpB,eAAc,IAAI,cAAc;GAC9B,GAAG;GACH,KAAK,UAAU;GAChB,CAAC;WACO,UAAU,QAAQ,QAC3B,eAAc,IAAI,cAAc;GAC9B,GAAG;GACH,KAAK,UAAU;GAChB,CAAC;WACO,UAAU,QAAQ,QAC3B,eAAc,IAAI,cAAc;GAC9B,GAAG;GACH,KAAK,UAAU;GAChB,CAAC;WACO,UAAU,QAAQ,YAC3B,eAAc,IAAI,mBAAmB;GACnC,GAAG;GACH,KAAK,UAAU;GAChB,CAAC;MAEF,OAAM,IAAI,mBACR,oBAAoB,UAAU,IAAI,cAAc,UAAU,IAAI,6BAC/D;WAEM,UAAU,QAAQ,UAC3B,eAAc,IAAI,iBAAiB;GACjC,GAAG;GACH,KAAK,UAAU;GAChB,CAAC;WACO,UAAU,QAAQ,SAC3B,eAAc,IAAI,gBAAgB;GAChC,GAAG;GACH,KAAK,UAAU;GAChB,CAAC;MAEF,OAAM,IAAI,mBAAmB,oBAAoB,UAAU,IAAI,6BAA6B;AAG9F,SAAO,IAAI,UAAU,YAAY;;CAOnC,OAAc,cAAkD,KAAU;AACxE,SAAO,UAAU,YAAY,IAAI;;CAKnC,AAAO,OAAO,EAAE,aAAa,SAAmC,EAAE,EAAc;AAC9E,MAAI,WAAY,QAAO,KAAK,IAAI;EAGhC,MAAM,EAAE,KAAK,GAAG,QAAQ,KAAK,IAAI;AACjC,SAAO;;CAGT,IAAW,+BAA6D;AACtE,SAAO,KAAK,IAAI,gCAAgC,EAAE;;CAGpD,IAAW,2CAA4E;AACrF,SAAO,KAAK,IAAI,4CAA4C,EAAE;;;;;CAMhE,IAAW,MAAyB;AAClC,SAAO,KAAK,IAAI,IAAI;;;;;;CAOtB,IAAW,QAAgB;AACzB,MAAI,KAAK,IAAI,IAAI,IAAK,QAAO,KAAK,IAAI,IAAI;AAE1C,QAAM,IAAI,mBAAmB,oCAAoC;;CAGnE,IAAW,WAAoB;AAC7B,SAAO,KAAK,IAAI,IAAI,QAAQ;;CAG9B,IAAW,MAAM,OAAe;AAC9B,OAAK,IAAI,IAAI,MAAM;;CAGrB,IAAW,cAAc;AACvB,SAAO,yBAAyB,KAAK;;CAGvC,IAAW,YAA8B;AACvC,SAAO,KAAK,IAAI;;;;;CAMlB,IAAW,sBAAkD;AAC3D,SAAO,KAAK,IAAI;;CAGlB,IAAW,WAAW;AACpB,SAAO,KAAK,IAAI;;;;;CAMlB,AAAO,iBAAiB,gBAA0B,WAAW;AAC3D,SAAO,uBAAuB;GAC5B,KAAK,KAAK,IAAI;GACC;GAChB,CAAC;;;;;;;;CASJ,IAAW,qBAAqB;AAC9B,MAAI,KAAK,IAAI,IAAI,KAAK;AACpB,OAAI,CAAC,KAAK,6BAA6B,SAAS,KAAK,IAAI,IAAI,IAAkC,CAC7F,OAAM,IAAI,mBACR,GAAG,uBAAuB,KAAK,IAAI,IAAI,CAAC,gBAAgB,KAAK,IAAI,IAAI,IAAI,kCAC1E;AAGH,UAAO,KAAK,IAAI,IAAI;;EAGtB,MAAM,MAAM,KAAK,6BAA6B;AAC9C,MAAI,CAAC,IACH,OAAM,IAAI,mBAAmB,GAAG,uBAAuB,KAAK,IAAI,IAAI,CAAC,wCAAwC;AAG/G,SAAO;;CAGT,OAAc,cAAiE,WAAsB;EACnG,IAAIA;AAEJ,MAAI,UAAU,QAAQ,MACpB,eAAc,aAAa,cAAc,UAAU;WAC1C,UAAU,QAAQ,KAC3B,KAAI,UAAU,QAAQ,QACpB,eAAc,cAAc,cAAc,UAAU,UAAU;WACrD,UAAU,QAAQ,QAC3B,eAAc,cAAc,cAAc,UAAU,UAAU;WACrD,UAAU,QAAQ,QAC3B,eAAc,cAAc,cAAc,UAAU,UAAU;WACrD,UAAU,QAAQ,YAC3B,eAAc,mBAAmB,cAAc,UAAU,UAAU;MAEnE,OAAM,IAAI,mBAER,oBAAoB,UAAU,IAAI,cAAc,UAAU,IAAI,uDAC/D;WAEM,UAAU,QAAQ,SAC3B,eAAc,gBAAgB,cAAc,UAAU,UAAU;WACvD,UAAU,QAAQ,UAC3B,eAAc,iBAAiB,cAAc,UAAU,UAAU;MAEjE,OAAM,IAAI,mBAER,oBAAoB,UAAU,IAAI,uDACnC;AAGH,SAAO,IAAI,UAAU,YAAY;;;;;CAMnC,IAAW,cAAc;EACvB,MAAM,cAAc,cAAc,OAAO,KAAK,IAAI,iBAAiB;EACnE,MAAM,oBAAoB,IAAI,WAAW,CAAC,GAAG,aAAa,GAAG,KAAK,IAAI,WAAW,CAAC;AAElF,SAAO,IAAI,kBAAkB,SAAS,kBAAkB;;;;;CAM1D,OAAc,gBAAgB,aAAqB;EACjD,MAAM,EAAE,SAAS,iBAAiB,OAAO,YAAY;EACrD,MAAM,CAAC,MAAM,cAAc,cAAc,OAAO,KAAK;EACrD,MAAM,YAAY,KAAK,MAAM,WAAW;EAExC,MAAM,iBAAiB,oBAAoB,MAAM,aAAa,SAAS,qBAAqB,KAAK;AACjG,MAAI,CAAC,eACH,OAAM,IAAI,mBAAmB,kDAAkD,KAAK,GAAG;AAIzF,SAAO,IAAI,UADC,eAAe,eAAe,UAAU,CAC3B;;;;;CAM3B,AAAO,GAKL,UACA,UACA,UAC6D;AAE7D,SADc;GAAC;GAAU;GAAU;GAAS,CAAC,OAAO,QAAQ,CAC/C,MAAM,SAAS,KAAK,IAAI,gBAAgB,KAAK;;;;;;;CAQ5D,AAAO,UACL,MACmE;AACnE,MAAI,CAAC,KAAK,GAAG,iBAAiB,IAAI,SAAS,gBACzC,OAAM,IAAI,mBAAmB,mEAAmE;AAGlG,SAAO,UAAU,cAAc,KAAK,IAAI,mBAAmB,CAAC;;;;;;;CAU9D,AAAO,OAAO,OAAkB;AAC9B,SAAO,2BAA2B,KAAK,QAAQ,EAAE,MAAM,QAAQ,CAAC;;;;;;CAOlE,IAAW,0BAA0B;AACnC,SAAO,uBAAuB,KAAK,QAAQ,CAAC;;CAG9C,OAAc,6CAA6C,KAA0D;EACnH,MAAM,0BAA0B,oBAAoB,MAAM,aACxD,SAAS,6BAA6B,SAAS,IAAI,CACpD;AAED,MAAI,CAAC,wBACH,OAAM,IAAI,WAAW,2DAA2D,IAAI,GAAG;AAGzF,SAAO"}
|
|
1
|
+
{"version":3,"file":"PublicJwk.mjs","names":["jwk: Jwk","jwkInstance: SupportedPublicJwk","supportedSignatureAlgorithms: KnownJwaSignatureAlgorithm[]"],"sources":["../../../../src/modules/kms/jwk/PublicJwk.ts"],"sourcesContent":["import type { HashName } from '../../../crypto'\nimport { CredoError } from '../../../error'\nimport { MultiBaseEncoder, TypedArrayEncoder, VarintEncoder } from '../../../utils'\nimport type { Constructor } from '../../../utils/mixins'\nimport { zParseWithErrorHandling } from '../../../utils/zod'\nimport { KeyManagementError } from '../error/KeyManagementError'\nimport { legacyKeyIdFromPublicJwk } from '../legacy'\nimport { asymmetricPublicJwkMatches } from './equals'\nimport { getJwkHumanDescription } from './humanDescription'\nimport type { KnownJwaKeyAgreementAlgorithm, KnownJwaSignatureAlgorithm } from './jwa'\nimport { calculateJwkThumbprint } from './jwkThumbprint'\nimport { assertJwkAsymmetric, type KmsJwkPublicAsymmetric, publicJwkFromPrivateJwk, zKmsJwkPublic } from './knownJwk'\n\nimport {\n Ed25519PublicJwk,\n P256PublicJwk,\n P384PublicJwk,\n P521PublicJwk,\n RsaPublicJwk,\n Secp256k1PublicJwk,\n X25519PublicJwk,\n} from './kty'\n\nexport const SupportedPublicJwks = [\n Ed25519PublicJwk,\n P256PublicJwk,\n P384PublicJwk,\n P521PublicJwk,\n RsaPublicJwk,\n Secp256k1PublicJwk,\n X25519PublicJwk,\n]\nexport type SupportedPublicJwkClass = (typeof SupportedPublicJwks)[number]\nexport type SupportedPublicJwk =\n | Ed25519PublicJwk\n | P256PublicJwk\n | P384PublicJwk\n | P521PublicJwk\n | RsaPublicJwk\n | Secp256k1PublicJwk\n | X25519PublicJwk\n\ntype ExtractByJwk<T, K> = T extends { jwk: infer J } ? (K extends J ? T : never) : never\n\ntype ExtractByPublicKey<T, K> = T extends { publicKey: infer J } ? (K extends J ? T : never) : never\n\nexport class PublicJwk<Jwk extends SupportedPublicJwk = SupportedPublicJwk> {\n private constructor(private readonly jwk: Jwk) {}\n\n public static fromUnknown(jwkJson: unknown) {\n // We remove any private properties if they are present\n const publicJwk = publicJwkFromPrivateJwk(zParseWithErrorHandling(zKmsJwkPublic, jwkJson, 'jwk is not a valid jwk'))\n assertJwkAsymmetric(publicJwk)\n\n let jwkInstance: SupportedPublicJwk\n if (publicJwk.kty === 'RSA') {\n jwkInstance = new RsaPublicJwk(publicJwk)\n } else if (publicJwk.kty === 'EC') {\n if (publicJwk.crv === 'P-256') {\n jwkInstance = new P256PublicJwk({\n ...publicJwk,\n crv: publicJwk.crv,\n })\n } else if (publicJwk.crv === 'P-384') {\n jwkInstance = new P384PublicJwk({\n ...publicJwk,\n crv: publicJwk.crv,\n })\n } else if (publicJwk.crv === 'P-521') {\n jwkInstance = new P521PublicJwk({\n ...publicJwk,\n crv: publicJwk.crv,\n })\n } else if (publicJwk.crv === 'secp256k1') {\n jwkInstance = new Secp256k1PublicJwk({\n ...publicJwk,\n crv: publicJwk.crv,\n })\n } else {\n throw new KeyManagementError(\n `Unsupported kty '${publicJwk.kty}' with crv '${publicJwk.crv}' for creating jwk instance`\n )\n }\n } else if (publicJwk.crv === 'Ed25519') {\n jwkInstance = new Ed25519PublicJwk({\n ...publicJwk,\n crv: publicJwk.crv,\n })\n } else if (publicJwk.crv === 'X25519') {\n jwkInstance = new X25519PublicJwk({\n ...publicJwk,\n crv: publicJwk.crv,\n })\n } else {\n throw new KeyManagementError(`Unsupported kty '${publicJwk.kty}' for creating jwk instance`)\n }\n\n return new PublicJwk(jwkInstance)\n }\n\n // FIXME: all Jwk combinations should be separate types.\n // so not kty: EC, and crv: P-256 | P-384\n // but: kty: EC, and crv: P-256 | kty: EC, and crv: P-384\n // As the first approach messes with TypeScript's type inference\n public static fromPublicJwk<Jwk extends KmsJwkPublicAsymmetric>(jwk: Jwk) {\n return PublicJwk.fromUnknown(jwk) as PublicJwk<\n ExtractByJwk<SupportedPublicJwk, Jwk> extends never ? SupportedPublicJwk : ExtractByJwk<SupportedPublicJwk, Jwk>\n >\n }\n\n public toJson({ includeKid = true }: { includeKid?: boolean } = {}): Jwk['jwk'] {\n if (includeKid) return this.jwk.jwk\n\n // biome-ignore lint/correctness/noUnusedVariables: no explanation\n const { kid, ...jwk } = this.jwk.jwk\n return jwk\n }\n\n /**\n * Get the signature algorithms supported for this jwk.\n *\n * If the jwk has an `alg` field defined it will only return that alg\n * and otherwise return all known supported signature algorithm.\n */\n public get supportedSignatureAlgorithms(): KnownJwaSignatureAlgorithm[] {\n const supportedSignatureAlgorithms: KnownJwaSignatureAlgorithm[] = this.jwk.supportedSignatureAlgorithms ?? []\n\n if (this.jwk.jwk.alg) {\n if (!supportedSignatureAlgorithms.includes(this.jwk.jwk.alg as KnownJwaSignatureAlgorithm)) {\n throw new KeyManagementError(\n `${this.jwkTypeHumanDescription} defines alg '${this.jwk.jwk.alg}' but this alg is not supported.`\n )\n }\n\n return [this.jwk.jwk.alg] as this['supportedSignatureAlgorithms']\n }\n\n return supportedSignatureAlgorithms\n }\n\n public get supportedEncryptionKeyAgreementAlgorithms(): KnownJwaKeyAgreementAlgorithm[] {\n return this.jwk.supportedEncryptionKeyAgreementAlgorithms ?? []\n }\n\n /**\n * key type as defined in [JWA Specification](https://tools.ietf.org/html/rfc7518#section-6.1)\n */\n public get kty(): Jwk['jwk']['kty'] {\n return this.jwk.jwk.kty\n }\n\n /**\n * Get the key id for a public jwk. If the public jwk does not have\n * a key id, an error will be thrown\n */\n public get keyId(): string {\n if (this.jwk.jwk.kid) return this.jwk.jwk.kid\n\n throw new KeyManagementError('Unable to determine keyId for jwk')\n }\n\n public get hasKeyId(): boolean {\n return this.jwk.jwk.kid !== undefined\n }\n\n public set keyId(keyId: string) {\n this.jwk.jwk.kid = keyId\n }\n\n public get legacyKeyId() {\n return legacyKeyIdFromPublicJwk(this)\n }\n\n public get publicKey(): Jwk['publicKey'] {\n return this.jwk.publicKey\n }\n\n /**\n * Return the compressed public key. If the key type does not support compressed public keys, it will return null\n */\n public get compressedPublicKey(): Jwk['compressedPublicKey'] {\n return this.jwk.compressedPublicKey\n }\n\n public get JwkClass() {\n return this.jwk.constructor as SupportedPublicJwkClass\n }\n\n /**\n * SHA-256 jwk thumbprint\n */\n public getJwkThumbprint(hashAlgorithm: HashName = 'sha-256') {\n return calculateJwkThumbprint({\n jwk: this.jwk.jwk,\n hashAlgorithm: hashAlgorithm,\n })\n }\n\n /**\n * Get the first signature algorithm to use with this jwk. If the jwk has an `alg` field defined\n * it will use that alg, and otherwise fall back to the first supported signature algorithm.\n *\n * If no algorithm is supported it will throw an error\n */\n public get signatureAlgorithm() {\n const alg = this.supportedSignatureAlgorithms[0]\n if (!alg) {\n throw new KeyManagementError(`${this.jwkTypeHumanDescription} has no supported signature algorithms`)\n }\n\n return alg as this['supportedSignatureAlgorithms'][number]\n }\n\n public assertSignatureAlgorithmSupported(\n alg: KnownJwaSignatureAlgorithm\n ): asserts alg is this['supportedSignatureAlgorithms'][number] {\n if (!this.supportedSignatureAlgorithms.includes(alg)) {\n throw new KeyManagementError(`${this.jwkTypeHumanDescription} does not support signature alg '${alg}'.`)\n }\n }\n\n public static fromPublicKey<Supported extends SupportedPublicJwk['publicKey']>(publicKey: Supported) {\n let jwkInstance: SupportedPublicJwk\n\n if (publicKey.kty === 'RSA') {\n jwkInstance = RsaPublicJwk.fromPublicKey(publicKey)\n } else if (publicKey.kty === 'EC') {\n if (publicKey.crv === 'P-256') {\n jwkInstance = P256PublicJwk.fromPublicKey(publicKey.publicKey)\n } else if (publicKey.crv === 'P-384') {\n jwkInstance = P384PublicJwk.fromPublicKey(publicKey.publicKey)\n } else if (publicKey.crv === 'P-521') {\n jwkInstance = P521PublicJwk.fromPublicKey(publicKey.publicKey)\n } else if (publicKey.crv === 'secp256k1') {\n jwkInstance = Secp256k1PublicJwk.fromPublicKey(publicKey.publicKey)\n } else {\n throw new KeyManagementError(\n // @ts-expect-error\n `Unsupported kty '${publicKey.kty}' with crv '${publicKey.crv}' for creating jwk instance based on public key bytes`\n )\n }\n } else if (publicKey.crv === 'X25519') {\n jwkInstance = X25519PublicJwk.fromPublicKey(publicKey.publicKey)\n } else if (publicKey.crv === 'Ed25519') {\n jwkInstance = Ed25519PublicJwk.fromPublicKey(publicKey.publicKey)\n } else {\n throw new KeyManagementError(\n // @ts-expect-error\n `Unsupported kty '${publicKey.kty}' for creating jwk instance based on public key bytes`\n )\n }\n\n return new PublicJwk(jwkInstance) as PublicJwk<ExtractByPublicKey<SupportedPublicJwk, Supported>>\n }\n\n /**\n * Returns the jwk encoded a Base58 multibase encoded multicodec key\n */\n public get fingerprint() {\n const prefixBytes = VarintEncoder.encode(this.jwk.multicodecPrefix)\n const prefixedPublicKey = new Uint8Array([...prefixBytes, ...this.jwk.multicodec])\n\n return `z${TypedArrayEncoder.toBase58(prefixedPublicKey)}`\n }\n\n /**\n * Create a jwk instance based on a Base58 multibase encoded multicodec key\n */\n public static fromFingerprint(fingerprint: string) {\n const { data } = MultiBaseEncoder.decode(fingerprint)\n const [code, byteLength] = VarintEncoder.decode(data)\n const publicKey = data.slice(byteLength)\n\n const PublicJwkClass = SupportedPublicJwks.find((JwkClass) => JwkClass.multicodecPrefix === code)\n if (!PublicJwkClass) {\n throw new KeyManagementError(`Unsupported multicodec public key with prefix '${code}'`)\n }\n\n const jwk = PublicJwkClass.fromMulticodec(publicKey)\n return new PublicJwk(jwk)\n }\n\n /**\n * Check whether this PublicJwk instance is of a specific type\n */\n public is<\n Jwk1 extends SupportedPublicJwk,\n Jwk2 extends SupportedPublicJwk = Jwk1,\n Jwk3 extends SupportedPublicJwk = Jwk1,\n >(\n jwkType1: Constructor<Jwk1>,\n jwkType2?: Constructor<Jwk2>,\n jwkType3?: Constructor<Jwk3>\n ): this is PublicJwk<Jwk1> | PublicJwk<Jwk2> | PublicJwk<Jwk3> {\n const types = [jwkType1, jwkType2, jwkType3].filter(Boolean) as Constructor<SupportedPublicJwk>[]\n return types.some((type) => this.jwk.constructor === type)\n }\n\n /**\n * Convert the PublicJwk to another type.\n *\n * NOTE: only supported for Ed25519 to X25519 at the moment\n */\n public convertTo(\n type: Jwk extends Ed25519PublicJwk ? typeof X25519PublicJwk : never\n ): Jwk extends Ed25519PublicJwk ? PublicJwk<X25519PublicJwk> : never {\n if (!this.is(Ed25519PublicJwk) || type !== X25519PublicJwk) {\n throw new KeyManagementError('Unsupported key conversion. Only Ed25519 to X25519 is supported.')\n }\n\n return PublicJwk.fromPublicJwk(this.jwk.toX25519PublicJwk()) as Jwk extends Ed25519PublicJwk\n ? PublicJwk<X25519PublicJwk>\n : never\n }\n\n /**\n * Check whether this jwk instance is the same as another jwk instance.\n * It does this by comparing the key types and public keys, not other fields\n * of the JWK such as keyId, use, etc..\n */\n public equals(other: PublicJwk) {\n return asymmetricPublicJwkMatches(this.toJson(), other.toJson())\n }\n\n /**\n * Get human description of a jwk type. This does\n * not include the (public) key material\n */\n public get jwkTypeHumanDescription() {\n return getJwkHumanDescription(this.toJson())\n }\n\n public static supportedPublicJwkClassForSignatureAlgorithm(alg: KnownJwaSignatureAlgorithm): SupportedPublicJwkClass {\n const supportedPublicJwkClass = SupportedPublicJwks.find((JwkClass) =>\n JwkClass.supportedSignatureAlgorithms.includes(alg)\n )\n\n if (!supportedPublicJwkClass) {\n throw new CredoError(`Could not determine supported public jwk class for alg '${alg}'`)\n }\n\n return supportedPublicJwkClass\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAuBA,MAAa,sBAAsB;CACjC;CACA;CACA;CACA;CACA;CACA;CACA;CACD;AAeD,IAAa,YAAb,MAAa,UAA+D;CAC1E,AAAQ,YAAY,AAAiBA,KAAU;EAAV;;CAErC,OAAc,YAAY,SAAkB;EAE1C,MAAM,YAAY,wBAAwB,wBAAwB,eAAe,SAAS,yBAAyB,CAAC;AACpH,sBAAoB,UAAU;EAE9B,IAAIC;AACJ,MAAI,UAAU,QAAQ,MACpB,eAAc,IAAI,aAAa,UAAU;WAChC,UAAU,QAAQ,KAC3B,KAAI,UAAU,QAAQ,QACpB,eAAc,IAAI,cAAc;GAC9B,GAAG;GACH,KAAK,UAAU;GAChB,CAAC;WACO,UAAU,QAAQ,QAC3B,eAAc,IAAI,cAAc;GAC9B,GAAG;GACH,KAAK,UAAU;GAChB,CAAC;WACO,UAAU,QAAQ,QAC3B,eAAc,IAAI,cAAc;GAC9B,GAAG;GACH,KAAK,UAAU;GAChB,CAAC;WACO,UAAU,QAAQ,YAC3B,eAAc,IAAI,mBAAmB;GACnC,GAAG;GACH,KAAK,UAAU;GAChB,CAAC;MAEF,OAAM,IAAI,mBACR,oBAAoB,UAAU,IAAI,cAAc,UAAU,IAAI,6BAC/D;WAEM,UAAU,QAAQ,UAC3B,eAAc,IAAI,iBAAiB;GACjC,GAAG;GACH,KAAK,UAAU;GAChB,CAAC;WACO,UAAU,QAAQ,SAC3B,eAAc,IAAI,gBAAgB;GAChC,GAAG;GACH,KAAK,UAAU;GAChB,CAAC;MAEF,OAAM,IAAI,mBAAmB,oBAAoB,UAAU,IAAI,6BAA6B;AAG9F,SAAO,IAAI,UAAU,YAAY;;CAOnC,OAAc,cAAkD,KAAU;AACxE,SAAO,UAAU,YAAY,IAAI;;CAKnC,AAAO,OAAO,EAAE,aAAa,SAAmC,EAAE,EAAc;AAC9E,MAAI,WAAY,QAAO,KAAK,IAAI;EAGhC,MAAM,EAAE,KAAK,GAAG,QAAQ,KAAK,IAAI;AACjC,SAAO;;;;;;;;CAST,IAAW,+BAA6D;EACtE,MAAMC,+BAA6D,KAAK,IAAI,gCAAgC,EAAE;AAE9G,MAAI,KAAK,IAAI,IAAI,KAAK;AACpB,OAAI,CAAC,6BAA6B,SAAS,KAAK,IAAI,IAAI,IAAkC,CACxF,OAAM,IAAI,mBACR,GAAG,KAAK,wBAAwB,gBAAgB,KAAK,IAAI,IAAI,IAAI,kCAClE;AAGH,UAAO,CAAC,KAAK,IAAI,IAAI,IAAI;;AAG3B,SAAO;;CAGT,IAAW,4CAA6E;AACtF,SAAO,KAAK,IAAI,6CAA6C,EAAE;;;;;CAMjE,IAAW,MAAyB;AAClC,SAAO,KAAK,IAAI,IAAI;;;;;;CAOtB,IAAW,QAAgB;AACzB,MAAI,KAAK,IAAI,IAAI,IAAK,QAAO,KAAK,IAAI,IAAI;AAE1C,QAAM,IAAI,mBAAmB,oCAAoC;;CAGnE,IAAW,WAAoB;AAC7B,SAAO,KAAK,IAAI,IAAI,QAAQ;;CAG9B,IAAW,MAAM,OAAe;AAC9B,OAAK,IAAI,IAAI,MAAM;;CAGrB,IAAW,cAAc;AACvB,SAAO,yBAAyB,KAAK;;CAGvC,IAAW,YAA8B;AACvC,SAAO,KAAK,IAAI;;;;;CAMlB,IAAW,sBAAkD;AAC3D,SAAO,KAAK,IAAI;;CAGlB,IAAW,WAAW;AACpB,SAAO,KAAK,IAAI;;;;;CAMlB,AAAO,iBAAiB,gBAA0B,WAAW;AAC3D,SAAO,uBAAuB;GAC5B,KAAK,KAAK,IAAI;GACC;GAChB,CAAC;;;;;;;;CASJ,IAAW,qBAAqB;EAC9B,MAAM,MAAM,KAAK,6BAA6B;AAC9C,MAAI,CAAC,IACH,OAAM,IAAI,mBAAmB,GAAG,KAAK,wBAAwB,wCAAwC;AAGvG,SAAO;;CAGT,AAAO,kCACL,KAC6D;AAC7D,MAAI,CAAC,KAAK,6BAA6B,SAAS,IAAI,CAClD,OAAM,IAAI,mBAAmB,GAAG,KAAK,wBAAwB,mCAAmC,IAAI,IAAI;;CAI5G,OAAc,cAAiE,WAAsB;EACnG,IAAID;AAEJ,MAAI,UAAU,QAAQ,MACpB,eAAc,aAAa,cAAc,UAAU;WAC1C,UAAU,QAAQ,KAC3B,KAAI,UAAU,QAAQ,QACpB,eAAc,cAAc,cAAc,UAAU,UAAU;WACrD,UAAU,QAAQ,QAC3B,eAAc,cAAc,cAAc,UAAU,UAAU;WACrD,UAAU,QAAQ,QAC3B,eAAc,cAAc,cAAc,UAAU,UAAU;WACrD,UAAU,QAAQ,YAC3B,eAAc,mBAAmB,cAAc,UAAU,UAAU;MAEnE,OAAM,IAAI,mBAER,oBAAoB,UAAU,IAAI,cAAc,UAAU,IAAI,uDAC/D;WAEM,UAAU,QAAQ,SAC3B,eAAc,gBAAgB,cAAc,UAAU,UAAU;WACvD,UAAU,QAAQ,UAC3B,eAAc,iBAAiB,cAAc,UAAU,UAAU;MAEjE,OAAM,IAAI,mBAER,oBAAoB,UAAU,IAAI,uDACnC;AAGH,SAAO,IAAI,UAAU,YAAY;;;;;CAMnC,IAAW,cAAc;EACvB,MAAM,cAAc,cAAc,OAAO,KAAK,IAAI,iBAAiB;EACnE,MAAM,oBAAoB,IAAI,WAAW,CAAC,GAAG,aAAa,GAAG,KAAK,IAAI,WAAW,CAAC;AAElF,SAAO,IAAI,kBAAkB,SAAS,kBAAkB;;;;;CAM1D,OAAc,gBAAgB,aAAqB;EACjD,MAAM,EAAE,SAAS,iBAAiB,OAAO,YAAY;EACrD,MAAM,CAAC,MAAM,cAAc,cAAc,OAAO,KAAK;EACrD,MAAM,YAAY,KAAK,MAAM,WAAW;EAExC,MAAM,iBAAiB,oBAAoB,MAAM,aAAa,SAAS,qBAAqB,KAAK;AACjG,MAAI,CAAC,eACH,OAAM,IAAI,mBAAmB,kDAAkD,KAAK,GAAG;AAIzF,SAAO,IAAI,UADC,eAAe,eAAe,UAAU,CAC3B;;;;;CAM3B,AAAO,GAKL,UACA,UACA,UAC6D;AAE7D,SADc;GAAC;GAAU;GAAU;GAAS,CAAC,OAAO,QAAQ,CAC/C,MAAM,SAAS,KAAK,IAAI,gBAAgB,KAAK;;;;;;;CAQ5D,AAAO,UACL,MACmE;AACnE,MAAI,CAAC,KAAK,GAAG,iBAAiB,IAAI,SAAS,gBACzC,OAAM,IAAI,mBAAmB,mEAAmE;AAGlG,SAAO,UAAU,cAAc,KAAK,IAAI,mBAAmB,CAAC;;;;;;;CAU9D,AAAO,OAAO,OAAkB;AAC9B,SAAO,2BAA2B,KAAK,QAAQ,EAAE,MAAM,QAAQ,CAAC;;;;;;CAOlE,IAAW,0BAA0B;AACnC,SAAO,uBAAuB,KAAK,QAAQ,CAAC;;CAG9C,OAAc,6CAA6C,KAA0D;EACnH,MAAM,0BAA0B,oBAAoB,MAAM,aACxD,SAAS,6BAA6B,SAAS,IAAI,CACpD;AAED,MAAI,CAAC,wBACH,OAAM,IAAI,WAAW,2DAA2D,IAAI,GAAG;AAGzF,SAAO"}
|
|
@@ -6,7 +6,7 @@ import { KmsJwkPublicAsymmetric } from "../knownJwk.mjs";
|
|
|
6
6
|
interface PublicJwkType<Jwk extends KmsJwkPublicAsymmetric = KmsJwkPublicAsymmetric> {
|
|
7
7
|
readonly jwk: Jwk;
|
|
8
8
|
supportedSignatureAlgorithms: KnownJwaSignatureAlgorithm[] | undefined;
|
|
9
|
-
|
|
9
|
+
supportedEncryptionKeyAgreementAlgorithms: KnownJwaKeyAgreementAlgorithm[] | undefined;
|
|
10
10
|
multicodec: AnyUint8Array;
|
|
11
11
|
}
|
|
12
12
|
//#endregion
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"PublicJwk.d.mts","names":[],"sources":["../../../../../src/modules/kms/jwk/kty/PublicJwk.ts"],"sourcesContent":[],"mappings":";;;;;UAIiB,0BAA0B,yBAAyB;gBACpD;gCAEgB;
|
|
1
|
+
{"version":3,"file":"PublicJwk.d.mts","names":[],"sources":["../../../../../src/modules/kms/jwk/kty/PublicJwk.ts"],"sourcesContent":[],"mappings":";;;;;UAIiB,0BAA0B,yBAAyB;gBACpD;gCAEgB;6CACa;EAJ5B,UAAA,EAMH,aANgB"}
|
|
@@ -12,7 +12,7 @@ declare class P256PublicJwk implements PublicJwkType<Jwk> {
|
|
|
12
12
|
static supportedSignatureAlgorithms: KnownJwaSignatureAlgorithm[];
|
|
13
13
|
static supportdEncryptionKeyAgreementAlgorithms: "ECDH-ES"[];
|
|
14
14
|
static multicodecPrefix: number;
|
|
15
|
-
|
|
15
|
+
supportedEncryptionKeyAgreementAlgorithms: "ECDH-ES"[];
|
|
16
16
|
supportedSignatureAlgorithms: ("HS256" | "HS384" | "HS512" | "RS256" | "RS384" | "RS512" | "ES256" | "ES384" | "ES512" | "PS256" | "PS384" | "PS512" | "EdDSA" | "Ed25519" | "ES256K")[];
|
|
17
17
|
multicodecPrefix: number;
|
|
18
18
|
constructor(jwk: Jwk);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"P256PublicJwk.d.mts","names":[],"sources":["../../../../../../src/modules/kms/jwk/kty/ec/P256PublicJwk.ts"],"sourcesContent":[],"mappings":";;;;;;KAMK,GAAA,GAAM;;;cAEE,aAAA,YAAyB,cAAc;EAF/C,SAAG,GAAA,EAWkC,GAXlC;EAEK,OAAA,4BAAc,EACmB,0BADnB,EAAA;EAAyB,OAAA,wCAAA,EAAA,SAAA,EAAA;EASV,OAAA,gBAAA,EAAA,MAAA;EARI,
|
|
1
|
+
{"version":3,"file":"P256PublicJwk.d.mts","names":[],"sources":["../../../../../../src/modules/kms/jwk/kty/ec/P256PublicJwk.ts"],"sourcesContent":[],"mappings":";;;;;;KAMK,GAAA,GAAM;;;cAEE,aAAA,YAAyB,cAAc;EAF/C,SAAG,GAAA,EAWkC,GAXlC;EAEK,OAAA,4BAAc,EACmB,0BADnB,EAAA;EAAyB,OAAA,wCAAA,EAAA,SAAA,EAAA;EASV,OAAA,gBAAA,EAAA,MAAA;EARI,yCAAA,EAAA,SAAA,EAAA;EAQJ,4BAAA,EAAA,CAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,SAAA,GAAA,QAAA,CAAA,EAAA;;mBAAA;EAkBnB,IAAA,SAAA,CAAA,CAAA,EAAA;IAIkB,GAAA,EAAA,OAAA;IAAa,GAAA,EAAA,IAAA;IAKX,SAAA,eAAA;EAAa,CAAA;EApClB,IAAA,mBAAA,CAAA,CAAA,EAAA;IAAa,GAAA,EAAA,OAAA;;;;oBA2B5B;kCAIkB,gBAAa;oCAKX,gBAAa"}
|
|
@@ -7,7 +7,7 @@ import { ecPublicJwkToPublicKey, ecPublicKeyToPublicJwk } from "./ecPublicKey.mj
|
|
|
7
7
|
var P256PublicJwk = class P256PublicJwk {
|
|
8
8
|
constructor(jwk) {
|
|
9
9
|
this.jwk = jwk;
|
|
10
|
-
this.
|
|
10
|
+
this.supportedEncryptionKeyAgreementAlgorithms = P256PublicJwk.supportdEncryptionKeyAgreementAlgorithms;
|
|
11
11
|
this.supportedSignatureAlgorithms = P256PublicJwk.supportedSignatureAlgorithms;
|
|
12
12
|
this.multicodecPrefix = P256PublicJwk.multicodecPrefix;
|
|
13
13
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"P256PublicJwk.mjs","names":["jwk: Jwk"],"sources":["../../../../../../src/modules/kms/jwk/kty/ec/P256PublicJwk.ts"],"sourcesContent":["import type { AnyUint8Array } from '../../../../../types'\nimport { KnownJwaKeyAgreementAlgorithms, type KnownJwaSignatureAlgorithm, KnownJwaSignatureAlgorithms } from '../../jwa'\nimport type { PublicJwkType } from '../PublicJwk'\nimport type { KmsJwkPublicEc } from './ecJwk'\nimport { ecPublicJwkToPublicKey, ecPublicKeyToPublicJwk } from './ecPublicKey'\n\ntype Jwk = KmsJwkPublicEc & { crv: 'P-256' }\n\nexport class P256PublicJwk implements PublicJwkType<Jwk> {\n public static supportedSignatureAlgorithms: KnownJwaSignatureAlgorithm[] = [KnownJwaSignatureAlgorithms.ES256]\n public static supportdEncryptionKeyAgreementAlgorithms = [KnownJwaKeyAgreementAlgorithms.ECDH_ES]\n public static multicodecPrefix = 4608\n\n public
|
|
1
|
+
{"version":3,"file":"P256PublicJwk.mjs","names":["jwk: Jwk"],"sources":["../../../../../../src/modules/kms/jwk/kty/ec/P256PublicJwk.ts"],"sourcesContent":["import type { AnyUint8Array } from '../../../../../types'\nimport { KnownJwaKeyAgreementAlgorithms, type KnownJwaSignatureAlgorithm, KnownJwaSignatureAlgorithms } from '../../jwa'\nimport type { PublicJwkType } from '../PublicJwk'\nimport type { KmsJwkPublicEc } from './ecJwk'\nimport { ecPublicJwkToPublicKey, ecPublicKeyToPublicJwk } from './ecPublicKey'\n\ntype Jwk = KmsJwkPublicEc & { crv: 'P-256' }\n\nexport class P256PublicJwk implements PublicJwkType<Jwk> {\n public static supportedSignatureAlgorithms: KnownJwaSignatureAlgorithm[] = [KnownJwaSignatureAlgorithms.ES256]\n public static supportdEncryptionKeyAgreementAlgorithms = [KnownJwaKeyAgreementAlgorithms.ECDH_ES]\n public static multicodecPrefix = 4608\n\n public supportedEncryptionKeyAgreementAlgorithms = P256PublicJwk.supportdEncryptionKeyAgreementAlgorithms\n public supportedSignatureAlgorithms = P256PublicJwk.supportedSignatureAlgorithms\n public multicodecPrefix = P256PublicJwk.multicodecPrefix\n\n public constructor(public readonly jwk: Jwk) {}\n\n public get publicKey() {\n return {\n crv: this.jwk.crv,\n kty: this.jwk.kty,\n publicKey: ecPublicJwkToPublicKey(this.jwk),\n }\n }\n\n public get compressedPublicKey() {\n return {\n crv: this.jwk.crv,\n kty: this.jwk.kty,\n publicKey: ecPublicJwkToPublicKey(this.jwk, { compressed: true }),\n }\n }\n\n public get multicodec() {\n return ecPublicJwkToPublicKey(this.jwk, { compressed: true })\n }\n\n public static fromPublicKey(publicKey: AnyUint8Array) {\n const jwk = ecPublicKeyToPublicJwk(publicKey, 'P-256')\n return new P256PublicJwk(jwk)\n }\n\n public static fromMulticodec(multicodec: AnyUint8Array) {\n const jwk = ecPublicKeyToPublicJwk(multicodec, 'P-256')\n return new P256PublicJwk(jwk)\n }\n}\n"],"mappings":";;;;;;AAQA,IAAa,gBAAb,MAAa,cAA4C;CASvD,AAAO,YAAY,AAAgBA,KAAU;EAAV;OAJ5B,4CAA4C,cAAc;OAC1D,+BAA+B,cAAc;OAC7C,mBAAmB,cAAc;;CAIxC,IAAW,YAAY;AACrB,SAAO;GACL,KAAK,KAAK,IAAI;GACd,KAAK,KAAK,IAAI;GACd,WAAW,uBAAuB,KAAK,IAAI;GAC5C;;CAGH,IAAW,sBAAsB;AAC/B,SAAO;GACL,KAAK,KAAK,IAAI;GACd,KAAK,KAAK,IAAI;GACd,WAAW,uBAAuB,KAAK,KAAK,EAAE,YAAY,MAAM,CAAC;GAClE;;CAGH,IAAW,aAAa;AACtB,SAAO,uBAAuB,KAAK,KAAK,EAAE,YAAY,MAAM,CAAC;;CAG/D,OAAc,cAAc,WAA0B;AAEpD,SAAO,IAAI,cADC,uBAAuB,WAAW,QAAQ,CACzB;;CAG/B,OAAc,eAAe,YAA2B;AAEtD,SAAO,IAAI,cADC,uBAAuB,YAAY,QAAQ,CAC1B;;;cArCjB,+BAA6D,CAAC,4BAA4B,MAAM;cAChG,2CAA2C,CAAC,+BAA+B,QAAQ;cACnF,mBAAmB"}
|
|
@@ -12,7 +12,7 @@ declare class P384PublicJwk implements PublicJwkType<Jwk> {
|
|
|
12
12
|
static supportedSignatureAlgorithms: KnownJwaSignatureAlgorithm[];
|
|
13
13
|
static supportdEncryptionKeyAgreementAlgorithms: "ECDH-ES"[];
|
|
14
14
|
static multicodecPrefix: number;
|
|
15
|
-
|
|
15
|
+
supportedEncryptionKeyAgreementAlgorithms: "ECDH-ES"[];
|
|
16
16
|
supportedSignatureAlgorithms: ("HS256" | "HS384" | "HS512" | "RS256" | "RS384" | "RS512" | "ES256" | "ES384" | "ES512" | "PS256" | "PS384" | "PS512" | "EdDSA" | "Ed25519" | "ES256K")[];
|
|
17
17
|
multicodecPrefix: number;
|
|
18
18
|
constructor(jwk: Jwk);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"P384PublicJwk.d.mts","names":[],"sources":["../../../../../../src/modules/kms/jwk/kty/ec/P384PublicJwk.ts"],"sourcesContent":[],"mappings":";;;;;;KAMK,GAAA,GAAM;;;cAEE,aAAA,YAAyB,cAAc;EAF/C,SAAG,GAAA,EAWkC,GAXlC;EAEK,OAAA,4BAAc,EACmB,0BADnB,EAAA;EAAyB,OAAA,wCAAA,EAAA,SAAA,EAAA;EASV,OAAA,gBAAA,EAAA,MAAA;EARI,
|
|
1
|
+
{"version":3,"file":"P384PublicJwk.d.mts","names":[],"sources":["../../../../../../src/modules/kms/jwk/kty/ec/P384PublicJwk.ts"],"sourcesContent":[],"mappings":";;;;;;KAMK,GAAA,GAAM;;;cAEE,aAAA,YAAyB,cAAc;EAF/C,SAAG,GAAA,EAWkC,GAXlC;EAEK,OAAA,4BAAc,EACmB,0BADnB,EAAA;EAAyB,OAAA,wCAAA,EAAA,SAAA,EAAA;EASV,OAAA,gBAAA,EAAA,MAAA;EARI,yCAAA,EAAA,SAAA,EAAA;EAQJ,4BAAA,EAAA,CAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,SAAA,GAAA,QAAA,CAAA,EAAA;;mBAAA;EAkBnB,IAAA,SAAA,CAAA,CAAA,EAAA;IAIkB,GAAA,EAAA,OAAA;IAAa,GAAA,EAAA,IAAA;IAKX,SAAA,eAAA;EAAa,CAAA;EApClB,IAAA,mBAAA,CAAA,CAAA,EAAA;IAAa,GAAA,EAAA,OAAA;;;;oBA2B5B;kCAIkB,gBAAa;oCAKX,gBAAa"}
|
|
@@ -7,7 +7,7 @@ import { ecPublicJwkToPublicKey, ecPublicKeyToPublicJwk } from "./ecPublicKey.mj
|
|
|
7
7
|
var P384PublicJwk = class P384PublicJwk {
|
|
8
8
|
constructor(jwk) {
|
|
9
9
|
this.jwk = jwk;
|
|
10
|
-
this.
|
|
10
|
+
this.supportedEncryptionKeyAgreementAlgorithms = P384PublicJwk.supportdEncryptionKeyAgreementAlgorithms;
|
|
11
11
|
this.supportedSignatureAlgorithms = P384PublicJwk.supportedSignatureAlgorithms;
|
|
12
12
|
this.multicodecPrefix = P384PublicJwk.multicodecPrefix;
|
|
13
13
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"P384PublicJwk.mjs","names":["jwk: Jwk"],"sources":["../../../../../../src/modules/kms/jwk/kty/ec/P384PublicJwk.ts"],"sourcesContent":["import type { AnyUint8Array } from '../../../../../types'\nimport { KnownJwaKeyAgreementAlgorithms, type KnownJwaSignatureAlgorithm, KnownJwaSignatureAlgorithms } from '../../jwa'\nimport type { PublicJwkType } from '../PublicJwk'\nimport type { KmsJwkPublicEc } from './ecJwk'\nimport { ecPublicJwkToPublicKey, ecPublicKeyToPublicJwk } from './ecPublicKey'\n\ntype Jwk = KmsJwkPublicEc & { crv: 'P-384' }\n\nexport class P384PublicJwk implements PublicJwkType<Jwk> {\n public static supportedSignatureAlgorithms: KnownJwaSignatureAlgorithm[] = [KnownJwaSignatureAlgorithms.ES384]\n public static supportdEncryptionKeyAgreementAlgorithms = [KnownJwaKeyAgreementAlgorithms.ECDH_ES]\n public static multicodecPrefix = 4609\n\n public
|
|
1
|
+
{"version":3,"file":"P384PublicJwk.mjs","names":["jwk: Jwk"],"sources":["../../../../../../src/modules/kms/jwk/kty/ec/P384PublicJwk.ts"],"sourcesContent":["import type { AnyUint8Array } from '../../../../../types'\nimport { KnownJwaKeyAgreementAlgorithms, type KnownJwaSignatureAlgorithm, KnownJwaSignatureAlgorithms } from '../../jwa'\nimport type { PublicJwkType } from '../PublicJwk'\nimport type { KmsJwkPublicEc } from './ecJwk'\nimport { ecPublicJwkToPublicKey, ecPublicKeyToPublicJwk } from './ecPublicKey'\n\ntype Jwk = KmsJwkPublicEc & { crv: 'P-384' }\n\nexport class P384PublicJwk implements PublicJwkType<Jwk> {\n public static supportedSignatureAlgorithms: KnownJwaSignatureAlgorithm[] = [KnownJwaSignatureAlgorithms.ES384]\n public static supportdEncryptionKeyAgreementAlgorithms = [KnownJwaKeyAgreementAlgorithms.ECDH_ES]\n public static multicodecPrefix = 4609\n\n public supportedEncryptionKeyAgreementAlgorithms = P384PublicJwk.supportdEncryptionKeyAgreementAlgorithms\n public supportedSignatureAlgorithms = P384PublicJwk.supportedSignatureAlgorithms\n public multicodecPrefix = P384PublicJwk.multicodecPrefix\n\n public constructor(public readonly jwk: Jwk) {}\n\n public get publicKey() {\n return {\n crv: this.jwk.crv,\n kty: this.jwk.kty,\n publicKey: ecPublicJwkToPublicKey(this.jwk),\n }\n }\n\n public get compressedPublicKey() {\n return {\n crv: this.jwk.crv,\n kty: this.jwk.kty,\n publicKey: ecPublicJwkToPublicKey(this.jwk, { compressed: true }),\n }\n }\n\n public get multicodec() {\n return ecPublicJwkToPublicKey(this.jwk, { compressed: true })\n }\n\n public static fromPublicKey(publicKey: AnyUint8Array) {\n const jwk = ecPublicKeyToPublicJwk(publicKey, 'P-384')\n return new P384PublicJwk(jwk)\n }\n\n public static fromMulticodec(multicodec: AnyUint8Array) {\n const jwk = ecPublicKeyToPublicJwk(multicodec, 'P-384')\n return new P384PublicJwk(jwk)\n }\n}\n"],"mappings":";;;;;;AAQA,IAAa,gBAAb,MAAa,cAA4C;CASvD,AAAO,YAAY,AAAgBA,KAAU;EAAV;OAJ5B,4CAA4C,cAAc;OAC1D,+BAA+B,cAAc;OAC7C,mBAAmB,cAAc;;CAIxC,IAAW,YAAY;AACrB,SAAO;GACL,KAAK,KAAK,IAAI;GACd,KAAK,KAAK,IAAI;GACd,WAAW,uBAAuB,KAAK,IAAI;GAC5C;;CAGH,IAAW,sBAAsB;AAC/B,SAAO;GACL,KAAK,KAAK,IAAI;GACd,KAAK,KAAK,IAAI;GACd,WAAW,uBAAuB,KAAK,KAAK,EAAE,YAAY,MAAM,CAAC;GAClE;;CAGH,IAAW,aAAa;AACtB,SAAO,uBAAuB,KAAK,KAAK,EAAE,YAAY,MAAM,CAAC;;CAG/D,OAAc,cAAc,WAA0B;AAEpD,SAAO,IAAI,cADC,uBAAuB,WAAW,QAAQ,CACzB;;CAG/B,OAAc,eAAe,YAA2B;AAEtD,SAAO,IAAI,cADC,uBAAuB,YAAY,QAAQ,CAC1B;;;cArCjB,+BAA6D,CAAC,4BAA4B,MAAM;cAChG,2CAA2C,CAAC,+BAA+B,QAAQ;cACnF,mBAAmB"}
|
|
@@ -12,7 +12,7 @@ declare class P521PublicJwk implements PublicJwkType<Jwk> {
|
|
|
12
12
|
static supportedSignatureAlgorithms: KnownJwaSignatureAlgorithm[];
|
|
13
13
|
static supportdEncryptionKeyAgreementAlgorithms: "ECDH-ES"[];
|
|
14
14
|
static multicodecPrefix: number;
|
|
15
|
-
|
|
15
|
+
supportedEncryptionKeyAgreementAlgorithms: "ECDH-ES"[];
|
|
16
16
|
supportedSignatureAlgorithms: ("HS256" | "HS384" | "HS512" | "RS256" | "RS384" | "RS512" | "ES256" | "ES384" | "ES512" | "PS256" | "PS384" | "PS512" | "EdDSA" | "Ed25519" | "ES256K")[];
|
|
17
17
|
multicodecPrefix: number;
|
|
18
18
|
constructor(jwk: Jwk);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"P521PublicJwk.d.mts","names":[],"sources":["../../../../../../src/modules/kms/jwk/kty/ec/P521PublicJwk.ts"],"sourcesContent":[],"mappings":";;;;;;KAMK,GAAA,GAAM;;;cAEE,aAAA,YAAyB,cAAc;EAF/C,SAAG,GAAA,EAWkC,GAXlC;EAEK,OAAA,4BAAc,EACmB,0BADnB,EAAA;EAAyB,OAAA,wCAAA,EAAA,SAAA,EAAA;EASV,OAAA,gBAAA,EAAA,MAAA;EARI,
|
|
1
|
+
{"version":3,"file":"P521PublicJwk.d.mts","names":[],"sources":["../../../../../../src/modules/kms/jwk/kty/ec/P521PublicJwk.ts"],"sourcesContent":[],"mappings":";;;;;;KAMK,GAAA,GAAM;;;cAEE,aAAA,YAAyB,cAAc;EAF/C,SAAG,GAAA,EAWkC,GAXlC;EAEK,OAAA,4BAAc,EACmB,0BADnB,EAAA;EAAyB,OAAA,wCAAA,EAAA,SAAA,EAAA;EASV,OAAA,gBAAA,EAAA,MAAA;EARI,yCAAA,EAAA,SAAA,EAAA;EAQJ,4BAAA,EAAA,CAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,SAAA,GAAA,QAAA,CAAA,EAAA;;mBAAA;EAkBnB,IAAA,SAAA,CAAA,CAAA,EAAA;IAIkB,GAAA,EAAA,OAAA;IAAa,GAAA,EAAA,IAAA;IAKX,SAAA,eAAA;EAAa,CAAA;EApClB,IAAA,mBAAA,CAAA,CAAA,EAAA;IAAa,GAAA,EAAA,OAAA;;;;oBA2B5B;kCAIkB,gBAAa;oCAKX,gBAAa"}
|
|
@@ -7,7 +7,7 @@ import { ecPublicJwkToPublicKey, ecPublicKeyToPublicJwk } from "./ecPublicKey.mj
|
|
|
7
7
|
var P521PublicJwk = class P521PublicJwk {
|
|
8
8
|
constructor(jwk) {
|
|
9
9
|
this.jwk = jwk;
|
|
10
|
-
this.
|
|
10
|
+
this.supportedEncryptionKeyAgreementAlgorithms = P521PublicJwk.supportdEncryptionKeyAgreementAlgorithms;
|
|
11
11
|
this.supportedSignatureAlgorithms = P521PublicJwk.supportedSignatureAlgorithms;
|
|
12
12
|
this.multicodecPrefix = P521PublicJwk.multicodecPrefix;
|
|
13
13
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"P521PublicJwk.mjs","names":["jwk: Jwk"],"sources":["../../../../../../src/modules/kms/jwk/kty/ec/P521PublicJwk.ts"],"sourcesContent":["import type { AnyUint8Array } from '../../../../../types'\nimport { KnownJwaKeyAgreementAlgorithms, type KnownJwaSignatureAlgorithm, KnownJwaSignatureAlgorithms } from '../../jwa'\nimport type { PublicJwkType } from '../PublicJwk'\nimport type { KmsJwkPublicEc } from './ecJwk'\nimport { ecPublicJwkToPublicKey, ecPublicKeyToPublicJwk } from './ecPublicKey'\n\ntype Jwk = KmsJwkPublicEc & { crv: 'P-521' }\n\nexport class P521PublicJwk implements PublicJwkType<Jwk> {\n public static supportedSignatureAlgorithms: KnownJwaSignatureAlgorithm[] = [KnownJwaSignatureAlgorithms.ES512]\n public static supportdEncryptionKeyAgreementAlgorithms = [KnownJwaKeyAgreementAlgorithms.ECDH_ES]\n public static multicodecPrefix = 4610\n\n public
|
|
1
|
+
{"version":3,"file":"P521PublicJwk.mjs","names":["jwk: Jwk"],"sources":["../../../../../../src/modules/kms/jwk/kty/ec/P521PublicJwk.ts"],"sourcesContent":["import type { AnyUint8Array } from '../../../../../types'\nimport { KnownJwaKeyAgreementAlgorithms, type KnownJwaSignatureAlgorithm, KnownJwaSignatureAlgorithms } from '../../jwa'\nimport type { PublicJwkType } from '../PublicJwk'\nimport type { KmsJwkPublicEc } from './ecJwk'\nimport { ecPublicJwkToPublicKey, ecPublicKeyToPublicJwk } from './ecPublicKey'\n\ntype Jwk = KmsJwkPublicEc & { crv: 'P-521' }\n\nexport class P521PublicJwk implements PublicJwkType<Jwk> {\n public static supportedSignatureAlgorithms: KnownJwaSignatureAlgorithm[] = [KnownJwaSignatureAlgorithms.ES512]\n public static supportdEncryptionKeyAgreementAlgorithms = [KnownJwaKeyAgreementAlgorithms.ECDH_ES]\n public static multicodecPrefix = 4610\n\n public supportedEncryptionKeyAgreementAlgorithms = P521PublicJwk.supportdEncryptionKeyAgreementAlgorithms\n public supportedSignatureAlgorithms = P521PublicJwk.supportedSignatureAlgorithms\n public multicodecPrefix = P521PublicJwk.multicodecPrefix\n\n public constructor(public readonly jwk: Jwk) {}\n\n public get publicKey() {\n return {\n crv: this.jwk.crv,\n kty: this.jwk.kty,\n publicKey: ecPublicJwkToPublicKey(this.jwk),\n }\n }\n\n public get compressedPublicKey() {\n return {\n crv: this.jwk.crv,\n kty: this.jwk.kty,\n publicKey: ecPublicJwkToPublicKey(this.jwk, { compressed: true }),\n }\n }\n\n public get multicodec() {\n return ecPublicJwkToPublicKey(this.jwk, { compressed: true })\n }\n\n public static fromPublicKey(publicKey: AnyUint8Array) {\n const jwk = ecPublicKeyToPublicJwk(publicKey, 'P-521')\n return new P521PublicJwk(jwk)\n }\n\n public static fromMulticodec(multicodec: AnyUint8Array) {\n const jwk = ecPublicKeyToPublicJwk(multicodec, 'P-521')\n return new P521PublicJwk(jwk)\n }\n}\n"],"mappings":";;;;;;AAQA,IAAa,gBAAb,MAAa,cAA4C;CASvD,AAAO,YAAY,AAAgBA,KAAU;EAAV;OAJ5B,4CAA4C,cAAc;OAC1D,+BAA+B,cAAc;OAC7C,mBAAmB,cAAc;;CAIxC,IAAW,YAAY;AACrB,SAAO;GACL,KAAK,KAAK,IAAI;GACd,KAAK,KAAK,IAAI;GACd,WAAW,uBAAuB,KAAK,IAAI;GAC5C;;CAGH,IAAW,sBAAsB;AAC/B,SAAO;GACL,KAAK,KAAK,IAAI;GACd,KAAK,KAAK,IAAI;GACd,WAAW,uBAAuB,KAAK,KAAK,EAAE,YAAY,MAAM,CAAC;GAClE;;CAGH,IAAW,aAAa;AACtB,SAAO,uBAAuB,KAAK,KAAK,EAAE,YAAY,MAAM,CAAC;;CAG/D,OAAc,cAAc,WAA0B;AAEpD,SAAO,IAAI,cADC,uBAAuB,WAAW,QAAQ,CACzB;;CAG/B,OAAc,eAAe,YAA2B;AAEtD,SAAO,IAAI,cADC,uBAAuB,YAAY,QAAQ,CAC1B;;;cArCjB,+BAA6D,CAAC,4BAA4B,MAAM;cAChG,2CAA2C,CAAC,+BAA+B,QAAQ;cACnF,mBAAmB"}
|
|
@@ -12,7 +12,7 @@ declare class Secp256k1PublicJwk implements PublicJwkType<Jwk> {
|
|
|
12
12
|
static supportedSignatureAlgorithms: KnownJwaSignatureAlgorithm[];
|
|
13
13
|
static supportdEncryptionKeyAgreementAlgorithms: "ECDH-ES"[];
|
|
14
14
|
static multicodecPrefix: number;
|
|
15
|
-
|
|
15
|
+
supportedEncryptionKeyAgreementAlgorithms: "ECDH-ES"[];
|
|
16
16
|
supportedSignatureAlgorithms: ("HS256" | "HS384" | "HS512" | "RS256" | "RS384" | "RS512" | "ES256" | "ES384" | "ES512" | "PS256" | "PS384" | "PS512" | "EdDSA" | "Ed25519" | "ES256K")[];
|
|
17
17
|
multicodecPrefix: number;
|
|
18
18
|
constructor(jwk: Jwk);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Secp256k1PublicJwk.d.mts","names":[],"sources":["../../../../../../src/modules/kms/jwk/kty/ec/Secp256k1PublicJwk.ts"],"sourcesContent":[],"mappings":";;;;;;KAMK,GAAA,GAAM;;;cAEE,kBAAA,YAA8B,cAAc;EAFpD,SAAG,GAAA,EAWkC,GAXlC;EAEK,OAAA,4BAAmB,EACc,0BADd,EAAA;EAAyB,OAAA,wCAAA,EAAA,SAAA,EAAA;EASf,OAAA,gBAAA,EAAA,MAAA;EARI,
|
|
1
|
+
{"version":3,"file":"Secp256k1PublicJwk.d.mts","names":[],"sources":["../../../../../../src/modules/kms/jwk/kty/ec/Secp256k1PublicJwk.ts"],"sourcesContent":[],"mappings":";;;;;;KAMK,GAAA,GAAM;;;cAEE,kBAAA,YAA8B,cAAc;EAFpD,SAAG,GAAA,EAWkC,GAXlC;EAEK,OAAA,4BAAmB,EACc,0BADd,EAAA;EAAyB,OAAA,wCAAA,EAAA,SAAA,EAAA;EASf,OAAA,gBAAA,EAAA,MAAA;EARI,yCAAA,EAAA,SAAA,EAAA;EAQJ,4BAAA,EAAA,CAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,SAAA,GAAA,QAAA,CAAA,EAAA;;mBAAA;EAkBnB,IAAA,SAAA,CAAA,CAAA,EAAA;IAIkB,GAAA,EAAA,WAAA;IAAa,GAAA,EAAA,IAAA;IAKX,SAAA,eAAA;EAAa,CAAA;EApCb,IAAA,mBAAA,CAAA,CAAA,EAAA;IAAa,GAAA,EAAA,WAAA;;;;oBA2BjC;kCAIkB,gBAAa;oCAKX,gBAAa"}
|
|
@@ -7,7 +7,7 @@ import { ecPublicJwkToPublicKey, ecPublicKeyToPublicJwk } from "./ecPublicKey.mj
|
|
|
7
7
|
var Secp256k1PublicJwk = class Secp256k1PublicJwk {
|
|
8
8
|
constructor(jwk) {
|
|
9
9
|
this.jwk = jwk;
|
|
10
|
-
this.
|
|
10
|
+
this.supportedEncryptionKeyAgreementAlgorithms = Secp256k1PublicJwk.supportdEncryptionKeyAgreementAlgorithms;
|
|
11
11
|
this.supportedSignatureAlgorithms = Secp256k1PublicJwk.supportedSignatureAlgorithms;
|
|
12
12
|
this.multicodecPrefix = Secp256k1PublicJwk.multicodecPrefix;
|
|
13
13
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Secp256k1PublicJwk.mjs","names":["jwk: Jwk"],"sources":["../../../../../../src/modules/kms/jwk/kty/ec/Secp256k1PublicJwk.ts"],"sourcesContent":["import type { AnyUint8Array } from '../../../../../types'\nimport { KnownJwaKeyAgreementAlgorithms, type KnownJwaSignatureAlgorithm, KnownJwaSignatureAlgorithms } from '../../jwa'\nimport type { PublicJwkType } from '../PublicJwk'\nimport type { KmsJwkPublicEc } from './ecJwk'\nimport { ecPublicJwkToPublicKey, ecPublicKeyToPublicJwk } from './ecPublicKey'\n\ntype Jwk = KmsJwkPublicEc & { crv: 'secp256k1' }\n\nexport class Secp256k1PublicJwk implements PublicJwkType<Jwk> {\n public static supportedSignatureAlgorithms: KnownJwaSignatureAlgorithm[] = [KnownJwaSignatureAlgorithms.ES256K]\n public static supportdEncryptionKeyAgreementAlgorithms = [KnownJwaKeyAgreementAlgorithms.ECDH_ES]\n public static multicodecPrefix = 231\n\n public
|
|
1
|
+
{"version":3,"file":"Secp256k1PublicJwk.mjs","names":["jwk: Jwk"],"sources":["../../../../../../src/modules/kms/jwk/kty/ec/Secp256k1PublicJwk.ts"],"sourcesContent":["import type { AnyUint8Array } from '../../../../../types'\nimport { KnownJwaKeyAgreementAlgorithms, type KnownJwaSignatureAlgorithm, KnownJwaSignatureAlgorithms } from '../../jwa'\nimport type { PublicJwkType } from '../PublicJwk'\nimport type { KmsJwkPublicEc } from './ecJwk'\nimport { ecPublicJwkToPublicKey, ecPublicKeyToPublicJwk } from './ecPublicKey'\n\ntype Jwk = KmsJwkPublicEc & { crv: 'secp256k1' }\n\nexport class Secp256k1PublicJwk implements PublicJwkType<Jwk> {\n public static supportedSignatureAlgorithms: KnownJwaSignatureAlgorithm[] = [KnownJwaSignatureAlgorithms.ES256K]\n public static supportdEncryptionKeyAgreementAlgorithms = [KnownJwaKeyAgreementAlgorithms.ECDH_ES]\n public static multicodecPrefix = 231\n\n public supportedEncryptionKeyAgreementAlgorithms = Secp256k1PublicJwk.supportdEncryptionKeyAgreementAlgorithms\n public supportedSignatureAlgorithms = Secp256k1PublicJwk.supportedSignatureAlgorithms\n public multicodecPrefix = Secp256k1PublicJwk.multicodecPrefix\n\n public constructor(public readonly jwk: Jwk) {}\n\n public get publicKey() {\n return {\n crv: this.jwk.crv,\n kty: this.jwk.kty,\n publicKey: ecPublicJwkToPublicKey(this.jwk),\n }\n }\n\n public get compressedPublicKey() {\n return {\n crv: this.jwk.crv,\n kty: this.jwk.kty,\n publicKey: ecPublicJwkToPublicKey(this.jwk, { compressed: true }),\n }\n }\n\n public get multicodec() {\n return ecPublicJwkToPublicKey(this.jwk, { compressed: true })\n }\n\n public static fromPublicKey(publicKey: AnyUint8Array) {\n const jwk = ecPublicKeyToPublicJwk(publicKey, 'secp256k1')\n return new Secp256k1PublicJwk(jwk)\n }\n\n public static fromMulticodec(multicodec: AnyUint8Array) {\n const jwk = ecPublicKeyToPublicJwk(multicodec, 'secp256k1')\n return new Secp256k1PublicJwk(jwk)\n }\n}\n"],"mappings":";;;;;;AAQA,IAAa,qBAAb,MAAa,mBAAiD;CAS5D,AAAO,YAAY,AAAgBA,KAAU;EAAV;OAJ5B,4CAA4C,mBAAmB;OAC/D,+BAA+B,mBAAmB;OAClD,mBAAmB,mBAAmB;;CAI7C,IAAW,YAAY;AACrB,SAAO;GACL,KAAK,KAAK,IAAI;GACd,KAAK,KAAK,IAAI;GACd,WAAW,uBAAuB,KAAK,IAAI;GAC5C;;CAGH,IAAW,sBAAsB;AAC/B,SAAO;GACL,KAAK,KAAK,IAAI;GACd,KAAK,KAAK,IAAI;GACd,WAAW,uBAAuB,KAAK,KAAK,EAAE,YAAY,MAAM,CAAC;GAClE;;CAGH,IAAW,aAAa;AACtB,SAAO,uBAAuB,KAAK,KAAK,EAAE,YAAY,MAAM,CAAC;;CAG/D,OAAc,cAAc,WAA0B;AAEpD,SAAO,IAAI,mBADC,uBAAuB,WAAW,YAAY,CACxB;;CAGpC,OAAc,eAAe,YAA2B;AAEtD,SAAO,IAAI,mBADC,uBAAuB,YAAY,YAAY,CACzB;;;mBArCtB,+BAA6D,CAAC,4BAA4B,OAAO;mBACjG,2CAA2C,CAAC,+BAA+B,QAAQ;mBACnF,mBAAmB"}
|
|
@@ -12,7 +12,7 @@ declare class Ed25519PublicJwk implements PublicJwkType<Jwk> {
|
|
|
12
12
|
static supportedSignatureAlgorithms: KnownJwaSignatureAlgorithm[];
|
|
13
13
|
static supportdEncryptionKeyAgreementAlgorithms: KnownJwaKeyAgreementAlgorithm[];
|
|
14
14
|
static multicodecPrefix: number;
|
|
15
|
-
|
|
15
|
+
supportedEncryptionKeyAgreementAlgorithms: ("ECDH-ES" | "ECDH-ES+A128KW" | "ECDH-ES+A192KW" | "ECDH-ES+A256KW" | "ECDH-HSALSA20")[];
|
|
16
16
|
supportedSignatureAlgorithms: ("HS256" | "HS384" | "HS512" | "RS256" | "RS384" | "RS512" | "ES256" | "ES384" | "ES512" | "PS256" | "PS384" | "PS512" | "EdDSA" | "Ed25519" | "ES256K")[];
|
|
17
17
|
multicodecPrefix: number;
|
|
18
18
|
constructor(jwk: Jwk);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Ed25519PublicJwk.d.mts","names":[],"sources":["../../../../../../src/modules/kms/jwk/kty/okp/Ed25519PublicJwk.ts"],"sourcesContent":[],"mappings":";;;;;;KAYK,GAAA,GAAM;;;cAEE,gBAAA,YAA4B,cAAc;EAFlD,SAAG,GAAA,EAckC,GAdlC;EAEK,OAAA,4BAAiB,EACgB,0BADhB,EAAA;EAAyB,OAAA,wCAAA,EAKG,6BALH,EAAA;EAYb,OAAA,gBAAA,EAAA,MAAA;EAXI,
|
|
1
|
+
{"version":3,"file":"Ed25519PublicJwk.d.mts","names":[],"sources":["../../../../../../src/modules/kms/jwk/kty/okp/Ed25519PublicJwk.ts"],"sourcesContent":[],"mappings":";;;;;;KAYK,GAAA,GAAM;;;cAEE,gBAAA,YAA4B,cAAc;EAFlD,SAAG,GAAA,EAckC,GAdlC;EAEK,OAAA,4BAAiB,EACgB,0BADhB,EAAA;EAAyB,OAAA,wCAAA,EAKG,6BALH,EAAA;EAYb,OAAA,gBAAA,EAAA,MAAA;EAXI,yCAAA,EAAA,CAAA,SAAA,GAAA,gBAAA,GAAA,gBAAA,GAAA,gBAAA,GAAA,eAAA,CAAA,EAAA;EAIY,4BAAA,EAAA,CAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,SAAA,GAAA,QAAA,CAAA,EAAA;EAOhB,gBAAA,EAAA,MAAA;mBAAA;EAiBnB,IAAA,SAAA,CAAA,CAAA,EAAA;IAIkB,GAAA,EAAA,SAAA;IAAa,GAAA,EAAA,KAAA;IAKX,SAAA,eAAA;EAAa,CAAA;EAtCf;;;;oBA6BlB;kCAIkB,gBAAa;oCAKX,gBAAa"}
|
|
@@ -9,7 +9,7 @@ import { convertPublicKeyToX25519 } from "@stablelib/ed25519";
|
|
|
9
9
|
var Ed25519PublicJwk = class Ed25519PublicJwk {
|
|
10
10
|
constructor(jwk) {
|
|
11
11
|
this.jwk = jwk;
|
|
12
|
-
this.
|
|
12
|
+
this.supportedEncryptionKeyAgreementAlgorithms = Ed25519PublicJwk.supportdEncryptionKeyAgreementAlgorithms;
|
|
13
13
|
this.supportedSignatureAlgorithms = Ed25519PublicJwk.supportedSignatureAlgorithms;
|
|
14
14
|
this.multicodecPrefix = Ed25519PublicJwk.multicodecPrefix;
|
|
15
15
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Ed25519PublicJwk.mjs","names":["jwk: Jwk"],"sources":["../../../../../../src/modules/kms/jwk/kty/okp/Ed25519PublicJwk.ts"],"sourcesContent":["import { convertPublicKeyToX25519 } from '@stablelib/ed25519'\nimport type { AnyUint8Array, Uint8ArrayBuffer } from '../../../../../types'\nimport {\n type KnownJwaKeyAgreementAlgorithm,\n type KnownJwaSignatureAlgorithm,\n KnownJwaSignatureAlgorithms,\n} from '../../jwa'\nimport type { PublicJwkType } from '../PublicJwk'\nimport type { KmsJwkPublicOkp } from './okpJwk'\nimport { okpPublicJwkToPublicKey, okpPublicKeyToPublicJwk } from './okpPublicKey'\nimport { X25519PublicJwk } from './X25519PublicJwk'\n\ntype Jwk = KmsJwkPublicOkp & { crv: 'Ed25519' }\n\nexport class Ed25519PublicJwk implements PublicJwkType<Jwk> {\n public static supportedSignatureAlgorithms: KnownJwaSignatureAlgorithm[] = [\n KnownJwaSignatureAlgorithms.EdDSA,\n KnownJwaSignatureAlgorithms.Ed25519,\n ]\n public static supportdEncryptionKeyAgreementAlgorithms: KnownJwaKeyAgreementAlgorithm[] = []\n public static multicodecPrefix = 237\n\n public
|
|
1
|
+
{"version":3,"file":"Ed25519PublicJwk.mjs","names":["jwk: Jwk"],"sources":["../../../../../../src/modules/kms/jwk/kty/okp/Ed25519PublicJwk.ts"],"sourcesContent":["import { convertPublicKeyToX25519 } from '@stablelib/ed25519'\nimport type { AnyUint8Array, Uint8ArrayBuffer } from '../../../../../types'\nimport {\n type KnownJwaKeyAgreementAlgorithm,\n type KnownJwaSignatureAlgorithm,\n KnownJwaSignatureAlgorithms,\n} from '../../jwa'\nimport type { PublicJwkType } from '../PublicJwk'\nimport type { KmsJwkPublicOkp } from './okpJwk'\nimport { okpPublicJwkToPublicKey, okpPublicKeyToPublicJwk } from './okpPublicKey'\nimport { X25519PublicJwk } from './X25519PublicJwk'\n\ntype Jwk = KmsJwkPublicOkp & { crv: 'Ed25519' }\n\nexport class Ed25519PublicJwk implements PublicJwkType<Jwk> {\n public static supportedSignatureAlgorithms: KnownJwaSignatureAlgorithm[] = [\n KnownJwaSignatureAlgorithms.EdDSA,\n KnownJwaSignatureAlgorithms.Ed25519,\n ]\n public static supportdEncryptionKeyAgreementAlgorithms: KnownJwaKeyAgreementAlgorithm[] = []\n public static multicodecPrefix = 237\n\n public supportedEncryptionKeyAgreementAlgorithms = Ed25519PublicJwk.supportdEncryptionKeyAgreementAlgorithms\n public supportedSignatureAlgorithms = Ed25519PublicJwk.supportedSignatureAlgorithms\n public multicodecPrefix = Ed25519PublicJwk.multicodecPrefix\n\n public constructor(public readonly jwk: Jwk) {}\n\n public get publicKey() {\n return {\n crv: this.jwk.crv,\n kty: this.jwk.kty,\n publicKey: okpPublicJwkToPublicKey(this.jwk),\n }\n }\n\n /**\n * Not supported for Ed25519\n */\n public get compressedPublicKey() {\n return null\n }\n\n public get multicodec() {\n return okpPublicJwkToPublicKey(this.jwk)\n }\n\n public static fromPublicKey(publicKey: AnyUint8Array) {\n const jwk = okpPublicKeyToPublicJwk(publicKey, 'Ed25519')\n return new Ed25519PublicJwk(jwk)\n }\n\n public static fromMulticodec(multicodec: AnyUint8Array) {\n const jwk = okpPublicKeyToPublicJwk(multicodec, 'Ed25519')\n return new Ed25519PublicJwk(jwk)\n }\n\n public toX25519PublicJwk() {\n return X25519PublicJwk.fromPublicKey(convertPublicKeyToX25519(this.publicKey.publicKey) as Uint8ArrayBuffer).jwk\n }\n}\n"],"mappings":";;;;;;;;AAcA,IAAa,mBAAb,MAAa,iBAA+C;CAY1D,AAAO,YAAY,AAAgBA,KAAU;EAAV;OAJ5B,4CAA4C,iBAAiB;OAC7D,+BAA+B,iBAAiB;OAChD,mBAAmB,iBAAiB;;CAI3C,IAAW,YAAY;AACrB,SAAO;GACL,KAAK,KAAK,IAAI;GACd,KAAK,KAAK,IAAI;GACd,WAAW,wBAAwB,KAAK,IAAI;GAC7C;;;;;CAMH,IAAW,sBAAsB;AAC/B,SAAO;;CAGT,IAAW,aAAa;AACtB,SAAO,wBAAwB,KAAK,IAAI;;CAG1C,OAAc,cAAc,WAA0B;AAEpD,SAAO,IAAI,iBADC,wBAAwB,WAAW,UAAU,CACzB;;CAGlC,OAAc,eAAe,YAA2B;AAEtD,SAAO,IAAI,iBADC,wBAAwB,YAAY,UAAU,CAC1B;;CAGlC,AAAO,oBAAoB;AACzB,SAAO,gBAAgB,cAAc,yBAAyB,KAAK,UAAU,UAAU,CAAqB,CAAC;;;iBA3CjG,+BAA6D,CACzE,4BAA4B,OAC5B,4BAA4B,QAC7B;iBACa,2CAA4E,EAAE;iBAC9E,mBAAmB"}
|
|
@@ -12,7 +12,7 @@ declare class X25519PublicJwk implements PublicJwkType<Jwk> {
|
|
|
12
12
|
static supportdEncryptionKeyAgreementAlgorithms: "ECDH-HSALSA20"[];
|
|
13
13
|
static supportedSignatureAlgorithms: KnownJwaSignatureAlgorithm[];
|
|
14
14
|
static multicodecPrefix: number;
|
|
15
|
-
|
|
15
|
+
supportedEncryptionKeyAgreementAlgorithms: "ECDH-HSALSA20"[];
|
|
16
16
|
supportedSignatureAlgorithms: ("HS256" | "HS384" | "HS512" | "RS256" | "RS384" | "RS512" | "ES256" | "ES384" | "ES512" | "PS256" | "PS384" | "PS512" | "EdDSA" | "Ed25519" | "ES256K")[];
|
|
17
17
|
multicodecPrefix: number;
|
|
18
18
|
constructor(jwk: Jwk);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"X25519PublicJwk.d.mts","names":[],"sources":["../../../../../../src/modules/kms/jwk/kty/okp/X25519PublicJwk.ts"],"sourcesContent":[],"mappings":";;;;;;KAMK,GAAA,GAAM;;;cAEE,eAAA,YAA2B,cAAc;EAFjD,SAAG,GAAA,EAWkC,GAXlC;EAEK,OAAA,wCAAgB,EAAA,eAAA,EAAA;EAAyB,OAAA,4BAAA,EAER,0BAFQ,EAAA;EASZ,OAAA,gBAAA,EAAA,MAAA;EAPI,
|
|
1
|
+
{"version":3,"file":"X25519PublicJwk.d.mts","names":[],"sources":["../../../../../../src/modules/kms/jwk/kty/okp/X25519PublicJwk.ts"],"sourcesContent":[],"mappings":";;;;;;KAMK,GAAA,GAAM;;;cAEE,eAAA,YAA2B,cAAc;EAFjD,SAAG,GAAA,EAWkC,GAXlC;EAEK,OAAA,wCAAgB,EAAA,eAAA,EAAA;EAAyB,OAAA,4BAAA,EAER,0BAFQ,EAAA;EASZ,OAAA,gBAAA,EAAA,MAAA;EAPI,yCAAA,EAAA,eAAA,EAAA;EAOJ,4BAAA,EAAA,CAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,SAAA,GAAA,QAAA,CAAA,EAAA;;EAiBnB,WAAA,CAAA,GAAA,EAjBmB,GAiBnB;EAIkB,IAAA,SAAA,CAAA,CAAA,EAAA;IAAa,GAAA,EAAA,QAAA;IAKX,GAAA,EAAA,KAAA;IAAa,SAAA,eAAA;EAnChB,CAAA;EAAa;;;;oBA0B9B;kCAIkB,gBAAa;oCAKX,gBAAa"}
|
|
@@ -7,7 +7,7 @@ import { okpPublicJwkToPublicKey, okpPublicKeyToPublicJwk } from "./okpPublicKey
|
|
|
7
7
|
var X25519PublicJwk = class X25519PublicJwk {
|
|
8
8
|
constructor(jwk) {
|
|
9
9
|
this.jwk = jwk;
|
|
10
|
-
this.
|
|
10
|
+
this.supportedEncryptionKeyAgreementAlgorithms = X25519PublicJwk.supportdEncryptionKeyAgreementAlgorithms;
|
|
11
11
|
this.supportedSignatureAlgorithms = X25519PublicJwk.supportedSignatureAlgorithms;
|
|
12
12
|
this.multicodecPrefix = X25519PublicJwk.multicodecPrefix;
|
|
13
13
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"X25519PublicJwk.mjs","names":["jwk: Jwk"],"sources":["../../../../../../src/modules/kms/jwk/kty/okp/X25519PublicJwk.ts"],"sourcesContent":["import type { AnyUint8Array } from '../../../../../types'\nimport { KnownJwaKeyAgreementAlgorithms, type KnownJwaSignatureAlgorithm } from '../../jwa'\nimport type { PublicJwkType } from '../PublicJwk'\nimport type { KmsJwkPublicOkp } from './okpJwk'\nimport { okpPublicJwkToPublicKey, okpPublicKeyToPublicJwk } from './okpPublicKey'\n\ntype Jwk = KmsJwkPublicOkp & { crv: 'X25519' }\n\nexport class X25519PublicJwk implements PublicJwkType<Jwk> {\n public static supportdEncryptionKeyAgreementAlgorithms = [KnownJwaKeyAgreementAlgorithms.ECDH_HSALSA20]\n public static supportedSignatureAlgorithms: KnownJwaSignatureAlgorithm[] = []\n public static multicodecPrefix = 236\n\n public
|
|
1
|
+
{"version":3,"file":"X25519PublicJwk.mjs","names":["jwk: Jwk"],"sources":["../../../../../../src/modules/kms/jwk/kty/okp/X25519PublicJwk.ts"],"sourcesContent":["import type { AnyUint8Array } from '../../../../../types'\nimport { KnownJwaKeyAgreementAlgorithms, type KnownJwaSignatureAlgorithm } from '../../jwa'\nimport type { PublicJwkType } from '../PublicJwk'\nimport type { KmsJwkPublicOkp } from './okpJwk'\nimport { okpPublicJwkToPublicKey, okpPublicKeyToPublicJwk } from './okpPublicKey'\n\ntype Jwk = KmsJwkPublicOkp & { crv: 'X25519' }\n\nexport class X25519PublicJwk implements PublicJwkType<Jwk> {\n public static supportdEncryptionKeyAgreementAlgorithms = [KnownJwaKeyAgreementAlgorithms.ECDH_HSALSA20]\n public static supportedSignatureAlgorithms: KnownJwaSignatureAlgorithm[] = []\n public static multicodecPrefix = 236\n\n public supportedEncryptionKeyAgreementAlgorithms = X25519PublicJwk.supportdEncryptionKeyAgreementAlgorithms\n public supportedSignatureAlgorithms = X25519PublicJwk.supportedSignatureAlgorithms\n public multicodecPrefix = X25519PublicJwk.multicodecPrefix\n\n public constructor(public readonly jwk: Jwk) {}\n\n public get publicKey() {\n return {\n crv: this.jwk.crv,\n kty: this.jwk.kty,\n publicKey: okpPublicJwkToPublicKey(this.jwk),\n }\n }\n\n /**\n * Not supported for X25519\n */\n public get compressedPublicKey() {\n return null\n }\n\n public get multicodec() {\n return okpPublicJwkToPublicKey(this.jwk)\n }\n\n public static fromPublicKey(publicKey: AnyUint8Array) {\n const jwk = okpPublicKeyToPublicJwk(publicKey, 'X25519')\n return new X25519PublicJwk(jwk)\n }\n\n public static fromMulticodec(multicodec: AnyUint8Array) {\n const jwk = okpPublicKeyToPublicJwk(multicodec, 'X25519')\n return new X25519PublicJwk(jwk)\n }\n}\n"],"mappings":";;;;;;AAQA,IAAa,kBAAb,MAAa,gBAA8C;CASzD,AAAO,YAAY,AAAgBA,KAAU;EAAV;OAJ5B,4CAA4C,gBAAgB;OAC5D,+BAA+B,gBAAgB;OAC/C,mBAAmB,gBAAgB;;CAI1C,IAAW,YAAY;AACrB,SAAO;GACL,KAAK,KAAK,IAAI;GACd,KAAK,KAAK,IAAI;GACd,WAAW,wBAAwB,KAAK,IAAI;GAC7C;;;;;CAMH,IAAW,sBAAsB;AAC/B,SAAO;;CAGT,IAAW,aAAa;AACtB,SAAO,wBAAwB,KAAK,IAAI;;CAG1C,OAAc,cAAc,WAA0B;AAEpD,SAAO,IAAI,gBADC,wBAAwB,WAAW,SAAS,CACzB;;CAGjC,OAAc,eAAe,YAA2B;AAEtD,SAAO,IAAI,gBADC,wBAAwB,YAAY,SAAS,CAC1B;;;gBApCnB,2CAA2C,CAAC,+BAA+B,cAAc;gBACzF,+BAA6D,EAAE;gBAC/D,mBAAmB"}
|
|
@@ -10,8 +10,8 @@ declare class RsaPublicJwk implements PublicJwkType<KmsJwkPublicRsa> {
|
|
|
10
10
|
static supportedSignatureAlgorithms: KnownJwaSignatureAlgorithm[];
|
|
11
11
|
static multicodecPrefix: number;
|
|
12
12
|
multicodecPrefix: number;
|
|
13
|
-
|
|
14
|
-
get supportedSignatureAlgorithms(): ("
|
|
13
|
+
supportedEncryptionKeyAgreementAlgorithms: ("ECDH-ES" | "ECDH-ES+A128KW" | "ECDH-ES+A192KW" | "ECDH-ES+A256KW" | "ECDH-HSALSA20")[];
|
|
14
|
+
get supportedSignatureAlgorithms(): ("RS256" | "RS384" | "RS512" | "PS256" | "PS384" | "PS512")[];
|
|
15
15
|
constructor(jwk: KmsJwkPublicRsa);
|
|
16
16
|
get publicKey(): {
|
|
17
17
|
modulus: AnyUint8Array;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"RsaPublicJwk.d.mts","names":[],"sources":["../../../../../../src/modules/kms/jwk/kty/rsa/RsaPublicJwk.ts"],"sourcesContent":[],"mappings":";;;;;;cAQa,YAAA,YAAwB,cAAc;gBA0BT;mDAzBgB;uCACZ;EAFjC,OAAA,gBAAa,EAAA,MAAA;EAAyB,gBAAA,EAAA,MAAA;EA0BT,
|
|
1
|
+
{"version":3,"file":"RsaPublicJwk.d.mts","names":[],"sources":["../../../../../../src/modules/kms/jwk/kty/rsa/RsaPublicJwk.ts"],"sourcesContent":[],"mappings":";;;;;;cAQa,YAAA,YAAwB,cAAc;gBA0BT;mDAzBgB;uCACZ;EAFjC,OAAA,gBAAa,EAAA,MAAA;EAAyB,gBAAA,EAAA,MAAA;EA0BT,yCAAA,EAAA,CAAA,SAAA,GAAA,gBAAA,GAAA,gBAAA,GAAA,gBAAA,GAAA,eAAA,CAAA,EAAA;EAzBgB,IAAA,4BAAA,CAAA,CAAA,EAAA,CAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,GAAA,OAAA,CAAA,EAAA;EACZ,WAAA,CAAA,GAAA,EAwBJ,eAxBI;EAwBJ,IAAA,SAAA,CAAA,CAAA,EAAA;;;IAgBf,GAAA,EAAA,KAAA;EAIyB,CAAA;EAAyB;;;EAIjB,IAAA,mBAAA,CAAA,CAAA,EAAA,IAAA;EAlDvB,IAAA,UAAA,CAAA,CAAA,EA0CV,gBA1CU;EAAa,OAAA,aAAA,CAAA,SAAA,EAAA;aA8CE;cAAyB;MAAe;qCAIhD,gBAAgB"}
|
|
@@ -25,7 +25,7 @@ var RsaPublicJwk = class RsaPublicJwk {
|
|
|
25
25
|
constructor(jwk) {
|
|
26
26
|
this.jwk = jwk;
|
|
27
27
|
this.multicodecPrefix = RsaPublicJwk.multicodecPrefix;
|
|
28
|
-
this.
|
|
28
|
+
this.supportedEncryptionKeyAgreementAlgorithms = RsaPublicJwk.supportdEncryptionKeyAgreementAlgorithms;
|
|
29
29
|
}
|
|
30
30
|
get publicKey() {
|
|
31
31
|
return {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"RsaPublicJwk.mjs","names":["
|
|
1
|
+
{"version":3,"file":"RsaPublicJwk.mjs","names":["jwk: KmsJwkPublicRsa"],"sources":["../../../../../../src/modules/kms/jwk/kty/rsa/RsaPublicJwk.ts"],"sourcesContent":["import type { AnyUint8Array, Uint8ArrayBuffer } from '../../../../../types'\nimport { TypedArrayEncoder } from '../../../../../utils'\nimport { KeyManagementError } from '../../../error/KeyManagementError'\nimport type { KnownJwaKeyAgreementAlgorithm, KnownJwaSignatureAlgorithm } from '../../jwa'\nimport type { PublicJwkType } from '../PublicJwk'\nimport type { KmsJwkPublicRsa } from './rsaJwk'\nimport { rsaPublicJwkToPublicKey, rsaPublicKeyToPublicJwk } from './rsaPublicKey'\n\nexport class RsaPublicJwk implements PublicJwkType<KmsJwkPublicRsa> {\n public static supportdEncryptionKeyAgreementAlgorithms: KnownJwaKeyAgreementAlgorithm[] = []\n public static supportedSignatureAlgorithms: KnownJwaSignatureAlgorithm[] = [\n 'PS256',\n 'RS256',\n 'RS384',\n 'PS384',\n 'RS512',\n 'PS512',\n ]\n public static multicodecPrefix = 4613\n\n public multicodecPrefix = RsaPublicJwk.multicodecPrefix\n public supportedEncryptionKeyAgreementAlgorithms = RsaPublicJwk.supportdEncryptionKeyAgreementAlgorithms\n\n public get supportedSignatureAlgorithms() {\n const keyBits = TypedArrayEncoder.fromBase64(this.jwk.n).length * 8\n\n // RSA needs minimum bit lengths for each algorithm\n const minBits2048 = ['PS256', 'RS256'] satisfies KnownJwaSignatureAlgorithm[]\n const minBits3072 = [...minBits2048, 'RS384', 'PS384'] satisfies KnownJwaSignatureAlgorithm[]\n const minBits4096 = [...minBits3072, 'RS512', 'PS512'] satisfies KnownJwaSignatureAlgorithm[]\n\n return keyBits >= 4096 ? minBits4096 : keyBits >= 3072 ? minBits3072 : keyBits >= 2048 ? minBits2048 : []\n }\n\n public constructor(public readonly jwk: KmsJwkPublicRsa) {}\n\n public get publicKey() {\n return {\n kty: this.jwk.kty,\n ...rsaPublicJwkToPublicKey(this.jwk),\n }\n }\n\n /**\n * Not supported for RSA\n */\n public get compressedPublicKey() {\n return null\n }\n\n public get multicodec(): Uint8ArrayBuffer {\n throw new KeyManagementError('multicodec not supported for RsaPublicJwk')\n }\n\n public static fromPublicKey(publicKey: { modulus: AnyUint8Array; exponent: AnyUint8Array }) {\n return new RsaPublicJwk(rsaPublicKeyToPublicJwk(publicKey))\n }\n\n public static fromMulticodec(_multicodec: AnyUint8Array): RsaPublicJwk {\n throw new KeyManagementError('fromMulticodec not supported for RsaPublicJwk')\n }\n}\n"],"mappings":";;;;;;;;AAQA,IAAa,eAAb,MAAa,aAAuD;CAelE,IAAW,+BAA+B;EACxC,MAAM,UAAU,kBAAkB,WAAW,KAAK,IAAI,EAAE,CAAC,SAAS;EAGlE,MAAM,cAAc,CAAC,SAAS,QAAQ;EACtC,MAAM,cAAc;GAAC,GAAG;GAAa;GAAS;GAAQ;EACtD,MAAM,cAAc;GAAC,GAAG;GAAa;GAAS;GAAQ;AAEtD,SAAO,WAAW,OAAO,cAAc,WAAW,OAAO,cAAc,WAAW,OAAO,cAAc,EAAE;;CAG3G,AAAO,YAAY,AAAgBA,KAAsB;EAAtB;OAd5B,mBAAmB,aAAa;OAChC,4CAA4C,aAAa;;CAehE,IAAW,YAAY;AACrB,SAAO;GACL,KAAK,KAAK,IAAI;GACd,GAAG,wBAAwB,KAAK,IAAI;GACrC;;;;;CAMH,IAAW,sBAAsB;AAC/B,SAAO;;CAGT,IAAW,aAA+B;AACxC,QAAM,IAAI,mBAAmB,4CAA4C;;CAG3E,OAAc,cAAc,WAAgE;AAC1F,SAAO,IAAI,aAAa,wBAAwB,UAAU,CAAC;;CAG7D,OAAc,eAAe,aAA0C;AACrE,QAAM,IAAI,mBAAmB,gDAAgD;;;aAlDjE,2CAA4E,EAAE;aAC9E,+BAA6D;CACzE;CACA;CACA;CACA;CACA;CACA;CACD;aACa,mBAAmB"}
|
|
@@ -117,7 +117,7 @@ const getMdocContext = (agentContext) => {
|
|
|
117
117
|
const x509Certificate = X509Certificate.fromRawCertificate(certificate);
|
|
118
118
|
return {
|
|
119
119
|
...x509Certificate.data,
|
|
120
|
-
thumbprint: await x509Certificate.
|
|
120
|
+
thumbprint: await x509Certificate.getThumbprintInHex(agentContext)
|
|
121
121
|
};
|
|
122
122
|
}
|
|
123
123
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"MdocContext.mjs","names":[],"sources":["../../../src/modules/mdoc/MdocContext.ts"],"sourcesContent":["import type { MdocContext, X509Context } from '@animo-id/mdoc'\nimport { p256 } from '@noble/curves/nist.js'\nimport { hkdf } from '@noble/hashes/hkdf.js'\nimport { sha256 } from '@noble/hashes/sha2.js'\nimport type { AgentContext } from '../../agent'\nimport { CredoWebCrypto, Hasher } from '../../crypto'\nimport { TypedArrayEncoder } from '../../utils'\nimport { KeyManagementApi, type KmsJwkPublicAsymmetric, type KnownJwaSignatureAlgorithm, PublicJwk } from '../kms'\nimport { X509Certificate, X509Service } from '../x509'\n\nexport const getMdocContext = (agentContext: AgentContext): MdocContext => {\n const crypto = new CredoWebCrypto(agentContext)\n const kms = agentContext.resolve(KeyManagementApi)\n\n return {\n crypto: {\n digest: async (input) => {\n const { bytes, digestAlgorithm } = input\n\n return new Uint8Array(\n crypto.digest(\n digestAlgorithm,\n // NOTE: extra Uint8Array wrapping is needed here, somehow if we use `bytes.buffer` directly\n // it's not working. Maybe due to Uint8array lengt\n new Uint8Array(bytes).buffer\n )\n )\n },\n random: (length) => {\n return crypto.getRandomValues(new Uint8Array(length))\n },\n calculateEphemeralMacKeyJwk: async (input) => {\n const { privateKey, publicKey, sessionTranscriptBytes } = input\n const ikm = p256.getSharedSecret(privateKey, publicKey, true).slice(1)\n const salt = Hasher.hash(sessionTranscriptBytes, 'sha-256')\n const info = TypedArrayEncoder.fromString('EMacKey')\n const hk1 = hkdf(sha256, ikm, salt, info, 32)\n\n return {\n key_ops: ['sign', 'verify'],\n ext: true,\n kty: 'oct',\n k: TypedArrayEncoder.toBase64URL(hk1),\n alg: 'HS256',\n }\n },\n },\n\n cose: {\n mac0: {\n sign: async (input) => {\n const { jwk, mac0 } = input\n const { data } = mac0.getRawSigningData()\n\n const publicJwk = PublicJwk.fromUnknown(jwk)\n const algorithm = mac0.algName ?? publicJwk.signatureAlgorithm\n\n const { signature } = await kms.sign({\n data,\n algorithm,\n keyId: publicJwk.keyId,\n })\n\n return signature\n },\n verify: async (input) => {\n const { mac0, jwk, options } = input\n const { data, signature } = mac0.getRawVerificationData(options)\n\n const publicJwk = PublicJwk.fromUnknown(jwk)\n const algorithm = mac0.algName ?? publicJwk.signatureAlgorithm\n\n const { verified } = await kms.verify({\n key: {\n publicJwk: jwk as KmsJwkPublicAsymmetric,\n },\n data,\n algorithm,\n signature,\n })\n\n return verified\n },\n },\n sign1: {\n sign: async (input) => {\n const { jwk, sign1 } = input\n const { data } = sign1.getRawSigningData()\n\n const publicJwk = PublicJwk.fromUnknown(jwk)\n const algorithm = sign1.algName ?? publicJwk.signatureAlgorithm\n\n const { signature } = await kms.sign({\n data,\n algorithm: algorithm as KnownJwaSignatureAlgorithm,\n keyId: publicJwk.keyId,\n })\n\n return signature\n },\n verify: async (input) => {\n const { sign1, jwk, options } = input\n const { data, signature } = sign1.getRawVerificationData(options)\n\n const publicJwk = PublicJwk.fromUnknown(jwk)\n const algorithm = sign1.algName ?? publicJwk.signatureAlgorithm\n\n const { verified } = await kms.verify({\n key: {\n publicJwk: jwk as KmsJwkPublicAsymmetric,\n },\n data,\n algorithm: algorithm as KnownJwaSignatureAlgorithm,\n signature,\n })\n\n return verified\n },\n },\n },\n\n x509: {\n getIssuerNameField: (input) => {\n const { certificate, field } = input\n const x509Certificate = X509Certificate.fromRawCertificate(certificate)\n return x509Certificate.getIssuerNameField(field)\n },\n getPublicKey: async (input) => {\n const certificate = X509Certificate.fromRawCertificate(input.certificate)\n return certificate.publicJwk.toJson()\n },\n validateCertificateChain: async (input) => {\n const certificateChain = input.x5chain.map((cert) => X509Certificate.fromRawCertificate(cert).toString('pem'))\n const trustedCertificates = input.trustedCertificates.map((cert) =>\n X509Certificate.fromRawCertificate(cert).toString('pem')\n ) as [string, ...string[]]\n\n await X509Service.validateCertificateChain(agentContext, {\n certificateChain,\n trustedCertificates,\n })\n },\n getCertificateData: async (input) => {\n const { certificate } = input\n const x509Certificate = X509Certificate.fromRawCertificate(certificate)\n return {\n ...x509Certificate.data,\n thumbprint: await x509Certificate.
|
|
1
|
+
{"version":3,"file":"MdocContext.mjs","names":[],"sources":["../../../src/modules/mdoc/MdocContext.ts"],"sourcesContent":["import type { MdocContext, X509Context } from '@animo-id/mdoc'\nimport { p256 } from '@noble/curves/nist.js'\nimport { hkdf } from '@noble/hashes/hkdf.js'\nimport { sha256 } from '@noble/hashes/sha2.js'\nimport type { AgentContext } from '../../agent'\nimport { CredoWebCrypto, Hasher } from '../../crypto'\nimport { TypedArrayEncoder } from '../../utils'\nimport { KeyManagementApi, type KmsJwkPublicAsymmetric, type KnownJwaSignatureAlgorithm, PublicJwk } from '../kms'\nimport { X509Certificate, X509Service } from '../x509'\n\nexport const getMdocContext = (agentContext: AgentContext): MdocContext => {\n const crypto = new CredoWebCrypto(agentContext)\n const kms = agentContext.resolve(KeyManagementApi)\n\n return {\n crypto: {\n digest: async (input) => {\n const { bytes, digestAlgorithm } = input\n\n return new Uint8Array(\n crypto.digest(\n digestAlgorithm,\n // NOTE: extra Uint8Array wrapping is needed here, somehow if we use `bytes.buffer` directly\n // it's not working. Maybe due to Uint8array lengt\n new Uint8Array(bytes).buffer\n )\n )\n },\n random: (length) => {\n return crypto.getRandomValues(new Uint8Array(length))\n },\n calculateEphemeralMacKeyJwk: async (input) => {\n const { privateKey, publicKey, sessionTranscriptBytes } = input\n const ikm = p256.getSharedSecret(privateKey, publicKey, true).slice(1)\n const salt = Hasher.hash(sessionTranscriptBytes, 'sha-256')\n const info = TypedArrayEncoder.fromString('EMacKey')\n const hk1 = hkdf(sha256, ikm, salt, info, 32)\n\n return {\n key_ops: ['sign', 'verify'],\n ext: true,\n kty: 'oct',\n k: TypedArrayEncoder.toBase64URL(hk1),\n alg: 'HS256',\n }\n },\n },\n\n cose: {\n mac0: {\n sign: async (input) => {\n const { jwk, mac0 } = input\n const { data } = mac0.getRawSigningData()\n\n const publicJwk = PublicJwk.fromUnknown(jwk)\n const algorithm = mac0.algName ?? publicJwk.signatureAlgorithm\n\n const { signature } = await kms.sign({\n data,\n algorithm,\n keyId: publicJwk.keyId,\n })\n\n return signature\n },\n verify: async (input) => {\n const { mac0, jwk, options } = input\n const { data, signature } = mac0.getRawVerificationData(options)\n\n const publicJwk = PublicJwk.fromUnknown(jwk)\n const algorithm = mac0.algName ?? publicJwk.signatureAlgorithm\n\n const { verified } = await kms.verify({\n key: {\n publicJwk: jwk as KmsJwkPublicAsymmetric,\n },\n data,\n algorithm,\n signature,\n })\n\n return verified\n },\n },\n sign1: {\n sign: async (input) => {\n const { jwk, sign1 } = input\n const { data } = sign1.getRawSigningData()\n\n const publicJwk = PublicJwk.fromUnknown(jwk)\n const algorithm = sign1.algName ?? publicJwk.signatureAlgorithm\n\n const { signature } = await kms.sign({\n data,\n algorithm: algorithm as KnownJwaSignatureAlgorithm,\n keyId: publicJwk.keyId,\n })\n\n return signature\n },\n verify: async (input) => {\n const { sign1, jwk, options } = input\n const { data, signature } = sign1.getRawVerificationData(options)\n\n const publicJwk = PublicJwk.fromUnknown(jwk)\n const algorithm = sign1.algName ?? publicJwk.signatureAlgorithm\n\n const { verified } = await kms.verify({\n key: {\n publicJwk: jwk as KmsJwkPublicAsymmetric,\n },\n data,\n algorithm: algorithm as KnownJwaSignatureAlgorithm,\n signature,\n })\n\n return verified\n },\n },\n },\n\n x509: {\n getIssuerNameField: (input) => {\n const { certificate, field } = input\n const x509Certificate = X509Certificate.fromRawCertificate(certificate)\n return x509Certificate.getIssuerNameField(field)\n },\n getPublicKey: async (input) => {\n const certificate = X509Certificate.fromRawCertificate(input.certificate)\n return certificate.publicJwk.toJson()\n },\n validateCertificateChain: async (input) => {\n const certificateChain = input.x5chain.map((cert) => X509Certificate.fromRawCertificate(cert).toString('pem'))\n const trustedCertificates = input.trustedCertificates.map((cert) =>\n X509Certificate.fromRawCertificate(cert).toString('pem')\n ) as [string, ...string[]]\n\n await X509Service.validateCertificateChain(agentContext, {\n certificateChain,\n trustedCertificates,\n })\n },\n getCertificateData: async (input) => {\n const { certificate } = input\n const x509Certificate = X509Certificate.fromRawCertificate(certificate)\n return {\n ...x509Certificate.data,\n thumbprint: await x509Certificate.getThumbprintInHex(agentContext),\n }\n },\n } satisfies X509Context,\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;AAUA,MAAa,kBAAkB,iBAA4C;CACzE,MAAM,SAAS,IAAI,eAAe,aAAa;CAC/C,MAAM,MAAM,aAAa,QAAQ,iBAAiB;AAElD,QAAO;EACL,QAAQ;GACN,QAAQ,OAAO,UAAU;IACvB,MAAM,EAAE,OAAO,oBAAoB;AAEnC,WAAO,IAAI,WACT,OAAO,OACL,iBAGA,IAAI,WAAW,MAAM,CAAC,OACvB,CACF;;GAEH,SAAS,WAAW;AAClB,WAAO,OAAO,gBAAgB,IAAI,WAAW,OAAO,CAAC;;GAEvD,6BAA6B,OAAO,UAAU;IAC5C,MAAM,EAAE,YAAY,WAAW,2BAA2B;IAI1D,MAAM,MAAM,KAAK,QAHL,KAAK,gBAAgB,YAAY,WAAW,KAAK,CAAC,MAAM,EAAE,EACzD,OAAO,KAAK,wBAAwB,UAAU,EAC9C,kBAAkB,WAAW,UAAU,EACV,GAAG;AAE7C,WAAO;KACL,SAAS,CAAC,QAAQ,SAAS;KAC3B,KAAK;KACL,KAAK;KACL,GAAG,kBAAkB,YAAY,IAAI;KACrC,KAAK;KACN;;GAEJ;EAED,MAAM;GACJ,MAAM;IACJ,MAAM,OAAO,UAAU;KACrB,MAAM,EAAE,KAAK,SAAS;KACtB,MAAM,EAAE,SAAS,KAAK,mBAAmB;KAEzC,MAAM,YAAY,UAAU,YAAY,IAAI;KAC5C,MAAM,YAAY,KAAK,WAAW,UAAU;KAE5C,MAAM,EAAE,cAAc,MAAM,IAAI,KAAK;MACnC;MACA;MACA,OAAO,UAAU;MAClB,CAAC;AAEF,YAAO;;IAET,QAAQ,OAAO,UAAU;KACvB,MAAM,EAAE,MAAM,KAAK,YAAY;KAC/B,MAAM,EAAE,MAAM,cAAc,KAAK,uBAAuB,QAAQ;KAEhE,MAAM,YAAY,UAAU,YAAY,IAAI;KAC5C,MAAM,YAAY,KAAK,WAAW,UAAU;KAE5C,MAAM,EAAE,aAAa,MAAM,IAAI,OAAO;MACpC,KAAK,EACH,WAAW,KACZ;MACD;MACA;MACA;MACD,CAAC;AAEF,YAAO;;IAEV;GACD,OAAO;IACL,MAAM,OAAO,UAAU;KACrB,MAAM,EAAE,KAAK,UAAU;KACvB,MAAM,EAAE,SAAS,MAAM,mBAAmB;KAE1C,MAAM,YAAY,UAAU,YAAY,IAAI;KAC5C,MAAM,YAAY,MAAM,WAAW,UAAU;KAE7C,MAAM,EAAE,cAAc,MAAM,IAAI,KAAK;MACnC;MACW;MACX,OAAO,UAAU;MAClB,CAAC;AAEF,YAAO;;IAET,QAAQ,OAAO,UAAU;KACvB,MAAM,EAAE,OAAO,KAAK,YAAY;KAChC,MAAM,EAAE,MAAM,cAAc,MAAM,uBAAuB,QAAQ;KAEjE,MAAM,YAAY,UAAU,YAAY,IAAI;KAC5C,MAAM,YAAY,MAAM,WAAW,UAAU;KAE7C,MAAM,EAAE,aAAa,MAAM,IAAI,OAAO;MACpC,KAAK,EACH,WAAW,KACZ;MACD;MACW;MACX;MACD,CAAC;AAEF,YAAO;;IAEV;GACF;EAED,MAAM;GACJ,qBAAqB,UAAU;IAC7B,MAAM,EAAE,aAAa,UAAU;AAE/B,WADwB,gBAAgB,mBAAmB,YAAY,CAChD,mBAAmB,MAAM;;GAElD,cAAc,OAAO,UAAU;AAE7B,WADoB,gBAAgB,mBAAmB,MAAM,YAAY,CACtD,UAAU,QAAQ;;GAEvC,0BAA0B,OAAO,UAAU;IACzC,MAAM,mBAAmB,MAAM,QAAQ,KAAK,SAAS,gBAAgB,mBAAmB,KAAK,CAAC,SAAS,MAAM,CAAC;IAC9G,MAAM,sBAAsB,MAAM,oBAAoB,KAAK,SACzD,gBAAgB,mBAAmB,KAAK,CAAC,SAAS,MAAM,CACzD;AAED,UAAM,YAAY,yBAAyB,cAAc;KACvD;KACA;KACD,CAAC;;GAEJ,oBAAoB,OAAO,UAAU;IACnC,MAAM,EAAE,gBAAgB;IACxB,MAAM,kBAAkB,gBAAgB,mBAAmB,YAAY;AACvE,WAAO;KACL,GAAG,gBAAgB;KACnB,YAAY,MAAM,gBAAgB,mBAAmB,aAAa;KACnE;;GAEJ;EACF"}
|