@cubist-labs/cubesigner-sdk 0.2.28 → 0.3.1

package/dist/esm/src/signer_session.js

@@ -0,0 +1,72 @@
+var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+};
+var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (receiver, state, value, kind, f) {
+    if (kind === "m") throw new TypeError("Private method is not writable");
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
+    return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
+};
+var _SignerSessionInfo_csc, _SignerSessionInfo_sessionId;
+import { CubeSignerClient } from "./client";
+import { toKeyInfo } from "./key";
+import { SignerSessionManager } from "./session/signer_session_manager";
+/** Signer session info. Can only be used to revoke a token, but not for authentication. */
+export class SignerSessionInfo {
+    /** Revoke this session */
+    async revoke() {
+        await __classPrivateFieldGet(this, _SignerSessionInfo_csc, "f").sessionRevoke(__classPrivateFieldGet(this, _SignerSessionInfo_sessionId, "f"));
+    }
+    // --------------------------------------------------------------------------
+    // -- INTERNAL --------------------------------------------------------------
+    // --------------------------------------------------------------------------
+    /**
+     * Internal constructor.
+     * @param {CubeSignerClient} cs CubeSigner instance to use when calling `revoke`
+     * @param {string} sessionId The ID of the session; can be used for revocation but not for auth
+     * @param {string} purpose Session purpose
+     * @internal
+     */
+    constructor(cs, sessionId, purpose) {
+        _SignerSessionInfo_csc.set(this, void 0);
+        _SignerSessionInfo_sessionId.set(this, void 0);
+        __classPrivateFieldSet(this, _SignerSessionInfo_csc, cs, "f");
+        __classPrivateFieldSet(this, _SignerSessionInfo_sessionId, sessionId, "f");
+        this.purpose = purpose;
+    }
+}
+_SignerSessionInfo_csc = new WeakMap(), _SignerSessionInfo_sessionId = new WeakMap();
+/**
+ * Signer session.
+ * Extends {@link CubeSignerClient} and provides a few convenience methods on top.
+ */
+export class SignerSession extends CubeSignerClient {
+    /**
+     * Loads an existing signer session from storage.
+     * @param {SignerSessionStorage} storage The session storage to use
+     * @return {Promise<SingerSession>} New signer session
+     */
+    static async loadSignerSession(storage) {
+        const manager = await SignerSessionManager.loadFromStorage(storage);
+        return new SignerSession(manager);
+    }
+    /**
+     * Constructor.
+     * @param {SignerSessionManager} sessionMgr The session manager to use
+     * @internal
+     */
+    constructor(sessionMgr) {
+        super(sessionMgr);
+    }
+    /**
+     * Returns the list of keys that this token grants access to.
+     * @return {KeyInfo[]} The list of keys.
+     */
+    async keys() {
+        const keys = await this.sessionKeysList();
+        return keys.map((k) => toKeyInfo(k));
+    }
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2lnbmVyX3Nlc3Npb24uanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvc2lnbmVyX3Nlc3Npb24udHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7O0FBQUEsT0FBTyxFQUFFLGdCQUFnQixFQUFFLE1BQU0sVUFBVSxDQUFDO0FBQzVDLE9BQU8sRUFBVyxTQUFTLEVBQUUsTUFBTSxPQUFPLENBQUM7QUFDM0MsT0FBTyxFQUFFLG9CQUFvQixFQUF3QixNQUFNLGtDQUFrQyxDQUFDO0FBRTlGLDJGQUEyRjtBQUMzRixNQUFNLE9BQU8saUJBQWlCO0lBSzVCLDBCQUEwQjtJQUMxQixLQUFLLENBQUMsTUFBTTtRQUNWLE1BQU0sdUJBQUEsSUFBSSw4QkFBSyxDQUFDLGFBQWEsQ0FBQyx1QkFBQSxJQUFJLG9DQUFXLENBQUMsQ0FBQztJQUNqRCxDQUFDO0lBRUQsNkVBQTZFO0lBQzdFLDZFQUE2RTtJQUM3RSw2RUFBNkU7SUFFN0U7Ozs7OztPQU1HO0lBQ0gsWUFBWSxFQUFvQixFQUFFLFNBQWlCLEVBQUUsT0FBZTtRQXBCM0QseUNBQXVCO1FBQ3ZCLCtDQUFtQjtRQW9CMUIsdUJBQUEsSUFBSSwwQkFBUSxFQUFFLE1BQUEsQ0FBQztRQUNmLHVCQUFBLElBQUksZ0NBQWMsU0FBUyxNQUFBLENBQUM7UUFDNUIsSUFBSSxDQUFDLE9BQU8sR0FBRyxPQUFPLENBQUM7SUFDekIsQ0FBQztDQUNGOztBQUVEOzs7R0FHRztBQUNILE1BQU0sT0FBTyxhQUFjLFNBQVEsZ0JBQWdCO0lBQ2pEOzs7O09BSUc7SUFDSCxNQUFNLENBQUMsS0FBSyxDQUFDLGlCQUFpQixDQUFDLE9BQTZCO1FBQzFELE1BQU0sT0FBTyxHQUFHLE1BQU0sb0JBQW9CLENBQUMsZUFBZSxDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBQ3BFLE9BQU8sSUFBSSxhQUFhLENBQUMsT0FBTyxDQUFDLENBQUM7SUFDcEMsQ0FBQztJQUVEOzs7O09BSUc7SUFDSCxZQUFZLFVBQWdDO1FBQzFDLEtBQUssQ0FBQyxVQUFVLENBQUMsQ0FBQztJQUNwQixDQUFDO0lBRUQ7OztPQUdHO0lBQ0gsS0FBSyxDQUFDLElBQUk7UUFDUixNQUFNLElBQUksR0FBRyxNQUFNLElBQUksQ0FBQyxlQUFlLEVBQUUsQ0FBQztRQUMxQyxPQUFPLElBQUksQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDLFNBQVMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDO0lBQ3ZDLENBQUM7Q0FDRiIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IEN1YmVTaWduZXJDbGllbnQgfSBmcm9tIFwiLi9jbGllbnRcIjtcbmltcG9ydCB7IEtleUluZm8sIHRvS2V5SW5mbyB9IGZyb20gXCIuL2tleVwiO1xuaW1wb3J0IHsgU2lnbmVyU2Vzc2lvbk1hbmFnZXIsIFNpZ25lclNlc3Npb25TdG9yYWdlIH0gZnJvbSBcIi4vc2Vzc2lvbi9zaWduZXJfc2Vzc2lvbl9tYW5hZ2VyXCI7XG5cbi8qKiBTaWduZXIgc2Vzc2lvbiBpbmZvLiBDYW4gb25seSBiZSB1c2VkIHRvIHJldm9rZSBhIHRva2VuLCBidXQgbm90IGZvciBhdXRoZW50aWNhdGlvbi4gKi9cbmV4cG9ydCBjbGFzcyBTaWduZXJTZXNzaW9uSW5mbyB7XG4gIHJlYWRvbmx5ICNjc2M6IEN1YmVTaWduZXJDbGllbnQ7XG4gIHJlYWRvbmx5ICNzZXNzaW9uSWQ6IHN0cmluZztcbiAgcHVibGljIHJlYWRvbmx5IHB1cnBvc2U6IHN0cmluZztcblxuICAvKiogUmV2b2tlIHRoaXMgc2Vzc2lvbiAqL1xuICBhc3luYyByZXZva2UoKSB7XG4gICAgYXdhaXQgdGhpcy4jY3NjLnNlc3Npb25SZXZva2UodGhpcy4jc2Vzc2lvbklkKTtcbiAgfVxuXG4gIC8vIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tXG4gIC8vIC0tIElOVEVSTkFMIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tXG4gIC8vIC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tXG5cbiAgLyoqXG4gICAqIEludGVybmFsIGNvbnN0cnVjdG9yLlxuICAgKiBAcGFyYW0ge0N1YmVTaWduZXJDbGllbnR9IGNzIEN1YmVTaWduZXIgaW5zdGFuY2UgdG8gdXNlIHdoZW4gY2FsbGluZyBgcmV2b2tlYFxuICAgKiBAcGFyYW0ge3N0cmluZ30gc2Vzc2lvbklkIFRoZSBJRCBvZiB0aGUgc2Vzc2lvbjsgY2FuIGJlIHVzZWQgZm9yIHJldm9jYXRpb24gYnV0IG5vdCBmb3IgYXV0aFxuICAgKiBAcGFyYW0ge3N0cmluZ30gcHVycG9zZSBTZXNzaW9uIHB1cnBvc2VcbiAgICogQGludGVybmFsXG4gICAqL1xuICBjb25zdHJ1Y3RvcihjczogQ3ViZVNpZ25lckNsaWVudCwgc2Vzc2lvbklkOiBzdHJpbmcsIHB1cnBvc2U6IHN0cmluZykge1xuICAgIHRoaXMuI2NzYyA9IGNzO1xuICAgIHRoaXMuI3Nlc3Npb25JZCA9IHNlc3Npb25JZDtcbiAgICB0aGlzLnB1cnBvc2UgPSBwdXJwb3NlO1xuICB9XG59XG5cbi8qKlxuICogU2lnbmVyIHNlc3Npb24uXG4gKiBFeHRlbmRzIHtAbGluayBDdWJlU2lnbmVyQ2xpZW50fSBhbmQgcHJvdmlkZXMgYSBmZXcgY29udmVuaWVuY2UgbWV0aG9kcyBvbiB0b3AuXG4gKi9cbmV4cG9ydCBjbGFzcyBTaWduZXJTZXNzaW9uIGV4dGVuZHMgQ3ViZVNpZ25lckNsaWVudCB7XG4gIC8qKlxuICAgKiBMb2FkcyBhbiBleGlzdGluZyBzaWduZXIgc2Vzc2lvbiBmcm9tIHN0b3JhZ2UuXG4gICAqIEBwYXJhbSB7U2lnbmVyU2Vzc2lvblN0b3JhZ2V9IHN0b3JhZ2UgVGhlIHNlc3Npb24gc3RvcmFnZSB0byB1c2VcbiAgICogQHJldHVybiB7UHJvbWlzZTxTaW5nZXJTZXNzaW9uPn0gTmV3IHNpZ25lciBzZXNzaW9uXG4gICAqL1xuICBzdGF0aWMgYXN5bmMgbG9hZFNpZ25lclNlc3Npb24oc3RvcmFnZTogU2lnbmVyU2Vzc2lvblN0b3JhZ2UpOiBQcm9taXNlPFNpZ25lclNlc3Npb24+IHtcbiAgICBjb25zdCBtYW5hZ2VyID0gYXdhaXQgU2lnbmVyU2Vzc2lvbk1hbmFnZXIubG9hZEZyb21TdG9yYWdlKHN0b3JhZ2UpO1xuICAgIHJldHVybiBuZXcgU2lnbmVyU2Vzc2lvbihtYW5hZ2VyKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBDb25zdHJ1Y3Rvci5cbiAgICogQHBhcmFtIHtTaWduZXJTZXNzaW9uTWFuYWdlcn0gc2Vzc2lvbk1nciBUaGUgc2Vzc2lvbiBtYW5hZ2VyIHRvIHVzZVxuICAgKiBAaW50ZXJuYWxcbiAgICovXG4gIGNvbnN0cnVjdG9yKHNlc3Npb25NZ3I6IFNpZ25lclNlc3Npb25NYW5hZ2VyKSB7XG4gICAgc3VwZXIoc2Vzc2lvbk1ncik7XG4gIH1cblxuICAvKipcbiAgICogUmV0dXJucyB0aGUgbGlzdCBvZiBrZXlzIHRoYXQgdGhpcyB0b2tlbiBncmFudHMgYWNjZXNzIHRvLlxuICAgKiBAcmV0dXJuIHtLZXlJbmZvW119IFRoZSBsaXN0IG9mIGtleXMuXG4gICAqL1xuICBhc3luYyBrZXlzKCk6IFByb21pc2U8S2V5SW5mb1tdPiB7XG4gICAgY29uc3Qga2V5cyA9IGF3YWl0IHRoaXMuc2Vzc2lvbktleXNMaXN0KCk7XG4gICAgcmV0dXJuIGtleXMubWFwKChrKSA9PiB0b0tleUluZm8oaykpO1xuICB9XG59XG4iXX0=

package/dist/esm/src/user_export.d.ts

@@ -0,0 +1,52 @@
+import { UserExportCompleteResponse, UserExportKeyMaterial } from "./schema_types";
+import type { CipherSuite } from "@hpke/core";
+/** Get the HPKE ciphersuite for user-export decryption.
+ *
+ * @return {any} The HPKE ciphersuite for user export.
+ */
+export declare function userExportCipherSuite(): Promise<CipherSuite>;
+/**
+ * Generate a key pair for user export.
+ *
+ * @return {Promise<CryptoKeyPair>} The newly generated key pair.
+ */
+export declare function userExportKeygen(): Promise<CryptoKeyPair>;
+/**
+ * Decrypt a user export.
+ *
+ * @param {CryptoKey} recipientKey The NIST P-256 secret key corresponding to the `publicKey` argument to the `userExportComplete` invocation that returned `response`.
+ * @param {UserExportCompleteResponse} response The response from a successful `userExportComplete` request.
+ * @return {Promise<UserExportKeyMaterial>} The decrypted key material.
+ */
+export declare function userExportDecrypt(recipientKey: CryptoKey, response: UserExportCompleteResponse): Promise<UserExportKeyMaterial>;
+/**
+ * Figure out how to load SubtleCrypto in the current environment.
+ *
+ * This functionality is reproduced from the hpke-js package,
+ *   https://github.com/dajiaji/hpke-js/
+ * which is Copyright (C) 2022 Ajitomi Daisuke and licensed
+ * under the MIT License, which follows:
+ *
+ * MIT License
+ *
+ * Copyright (c) 2022 Ajitomi Daisuke
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+export declare function loadSubtleCrypto(): Promise<SubtleCrypto>;

package/dist/esm/src/user_export.js

@@ -0,0 +1,99 @@
+import { decodeBase64 } from "./util";
+/** Get the HPKE ciphersuite for user-export decryption.
+ *
+ * @return {any} The HPKE ciphersuite for user export.
+ */
+export async function userExportCipherSuite() {
+    const hpke = await import("@hpke/core"); // eslint-disable-line @typescript-eslint/no-var-requires
+    const suite = new hpke.CipherSuite({
+        kem: new hpke.DhkemP256HkdfSha256(),
+        kdf: new hpke.HkdfSha256(),
+        aead: new hpke.Aes256Gcm(),
+    });
+    return suite;
+}
+/**
+ * Generate a key pair for user export.
+ *
+ * @return {Promise<CryptoKeyPair>} The newly generated key pair.
+ */
+export async function userExportKeygen() {
+    return (await userExportCipherSuite()).kem.generateKeyPair();
+}
+/**
+ * Get the ArrayBuffer slice represented by a Buffer
+ *
+ * @param {Uint8Array} b The buffer to convert
+ * @return {ArrayBuffer} The resulting ArrayBuffer
+ */
+function toArrayBuffer(b) {
+    return b.buffer.slice(b.byteOffset, b.byteOffset + b.byteLength);
+}
+/**
+ * Decrypt a user export.
+ *
+ * @param {CryptoKey} recipientKey The NIST P-256 secret key corresponding to the `publicKey` argument to the `userExportComplete` invocation that returned `response`.
+ * @param {UserExportCompleteResponse} response The response from a successful `userExportComplete` request.
+ * @return {Promise<UserExportKeyMaterial>} The decrypted key material.
+ */
+export async function userExportDecrypt(recipientKey, response) {
+    // The ciphersuite we use for decryption
+    const suite = await userExportCipherSuite();
+    // decrypt the export ciphertext using the HPKE one-shot API
+    const tenc = new TextEncoder();
+    const tdec = new TextDecoder();
+    const info = toArrayBuffer(tenc.encode(`cubist-signer::UserExportOwner::${response.user_id}`));
+    const public_key = toArrayBuffer(decodeBase64(response.ephemeral_public_key));
+    const ctxt = toArrayBuffer(decodeBase64(response.encrypted_key_material));
+    const decrypted = JSON.parse(tdec.decode(await suite.open({
+        recipientKey,
+        enc: public_key,
+        info: info,
+    }, ctxt)));
+    return decrypted;
+}
+/**
+ * Figure out how to load SubtleCrypto in the current environment.
+ *
+ * This functionality is reproduced from the hpke-js package,
+ *   https://github.com/dajiaji/hpke-js/
+ * which is Copyright (C) 2022 Ajitomi Daisuke and licensed
+ * under the MIT License, which follows:
+ *
+ * MIT License
+ *
+ * Copyright (c) 2022 Ajitomi Daisuke
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+export async function loadSubtleCrypto() {
+    if (globalThis !== undefined && globalThis.crypto !== undefined) {
+        // Browsers, Node.js >= v19, Cloudflare Workers, Bun, etc.
+        return globalThis.crypto.subtle;
+    }
+    // Node.js <= v18
+    try {
+        const { webcrypto } = await import("crypto"); // node:crypto
+        return webcrypto.subtle;
+    }
+    catch (e) {
+        throw new Error("subtle crypto not supported");
+    }
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidXNlcl9leHBvcnQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvdXNlcl9leHBvcnQudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQ0EsT0FBTyxFQUFFLFlBQVksRUFBRSxNQUFNLFFBQVEsQ0FBQztBQUd0Qzs7O0dBR0c7QUFDSCxNQUFNLENBQUMsS0FBSyxVQUFVLHFCQUFxQjtJQUN6QyxNQUFNLElBQUksR0FBRyxNQUFNLE1BQU0sQ0FBQyxZQUFZLENBQUMsQ0FBQyxDQUFDLHlEQUF5RDtJQUNsRyxNQUFNLEtBQUssR0FBRyxJQUFJLElBQUksQ0FBQyxXQUFXLENBQUM7UUFDakMsR0FBRyxFQUFFLElBQUksSUFBSSxDQUFDLG1CQUFtQixFQUFFO1FBQ25DLEdBQUcsRUFBRSxJQUFJLElBQUksQ0FBQyxVQUFVLEVBQUU7UUFDMUIsSUFBSSxFQUFFLElBQUksSUFBSSxDQUFDLFNBQVMsRUFBRTtLQUMzQixDQUFDLENBQUM7SUFDSCxPQUFPLEtBQUssQ0FBQztBQUNmLENBQUM7QUFFRDs7OztHQUlHO0FBQ0gsTUFBTSxDQUFDLEtBQUssVUFBVSxnQkFBZ0I7SUFDcEMsT0FBTyxDQUFDLE1BQU0scUJBQXFCLEVBQUUsQ0FBQyxDQUFDLEdBQUcsQ0FBQyxlQUFlLEVBQUUsQ0FBQztBQUMvRCxDQUFDO0FBRUQ7Ozs7O0dBS0c7QUFDSCxTQUFTLGFBQWEsQ0FBQyxDQUFhO0lBQ2xDLE9BQU8sQ0FBQyxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLFVBQVUsRUFBRSxDQUFDLENBQUMsVUFBVSxHQUFHLENBQUMsQ0FBQyxVQUFVLENBQUMsQ0FBQztBQUNuRSxDQUFDO0FBRUQ7Ozs7OztHQU1HO0FBQ0gsTUFBTSxDQUFDLEtBQUssVUFBVSxpQkFBaUIsQ0FDckMsWUFBdUIsRUFDdkIsUUFBb0M7SUFFcEMsd0NBQXdDO0lBQ3hDLE1BQU0sS0FBSyxHQUFHLE1BQU0scUJBQXFCLEVBQUUsQ0FBQztJQUU1Qyw0REFBNEQ7SUFDNUQsTUFBTSxJQUFJLEdBQUcsSUFBSSxXQUFXLEVBQUUsQ0FBQztJQUMvQixNQUFNLElBQUksR0FBRyxJQUFJLFdBQVcsRUFBRSxDQUFDO0lBQy9CLE1BQU0sSUFBSSxHQUFHLGFBQWEsQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLG1DQUFtQyxRQUFRLENBQUMsT0FBTyxFQUFFLENBQUMsQ0FBQyxDQUFDO0lBQy9GLE1BQU0sVUFBVSxHQUFHLGFBQWEsQ0FBQyxZQUFZLENBQUMsUUFBUSxDQUFDLG9CQUFvQixDQUFDLENBQUMsQ0FBQztJQUM5RSxNQUFNLElBQUksR0FBRyxhQUFhLENBQUMsWUFBWSxDQUFDLFFBQVEsQ0FBQyxzQkFBc0IsQ0FBQyxDQUFDLENBQUM7SUFDMUUsTUFBTSxTQUFTLEdBQTBCLElBQUksQ0FBQyxLQUFLLENBQ2pELElBQUksQ0FBQyxNQUFNLENBQ1QsTUFBTSxLQUFLLENBQUMsSUFBSSxDQUNkO1FBQ0UsWUFBWTtRQUNaLEdBQUcsRUFBRSxVQUFVO1FBQ2YsSUFBSSxFQUFFLElBQUk7S0FDWCxFQUNELElBQUksQ0FDTCxDQUNGLENBQ0YsQ0FBQztJQUVGLE9BQU8sU0FBUyxDQUFDO0FBQ25CLENBQUM7QUFFRDs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7R0E2Qkc7QUFDSCxNQUFNLENBQUMsS0FBSyxVQUFVLGdCQUFnQjtJQUNwQyxJQUFJLFVBQVUsS0FBSyxTQUFTLElBQUksVUFBVSxDQUFDLE1BQU0sS0FBSyxTQUFTLEVBQUUsQ0FBQztRQUNoRSwwREFBMEQ7UUFDMUQsT0FBTyxVQUFVLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQztJQUNsQyxDQUFDO0lBQ0QsaUJBQWlCO0lBQ2pCLElBQUksQ0FBQztRQUNILE1BQU0sRUFBRSxTQUFTLEVBQUUsR0FBRyxNQUFNLE1BQU0sQ0FBQyxRQUFRLENBQUMsQ0FBQyxDQUFDLGNBQWM7UUFDNUQsT0FBUSxTQUErQixDQUFDLE1BQU0sQ0FBQztJQUNqRCxDQUFDO0lBQUMsT0FBTyxDQUFVLEVBQUUsQ0FBQztRQUNwQixNQUFNLElBQUksS0FBSyxDQUFDLDZCQUE2QixDQUFDLENBQUM7SUFDakQsQ0FBQztBQUNILENBQUMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBVc2VyRXhwb3J0Q29tcGxldGVSZXNwb25zZSwgVXNlckV4cG9ydEtleU1hdGVyaWFsIH0gZnJvbSBcIi4vc2NoZW1hX3R5cGVzXCI7XG5pbXBvcnQgeyBkZWNvZGVCYXNlNjQgfSBmcm9tIFwiLi91dGlsXCI7XG5pbXBvcnQgdHlwZSB7IENpcGhlclN1aXRlIH0gZnJvbSBcIkBocGtlL2NvcmVcIjtcblxuLyoqIEdldCB0aGUgSFBLRSBjaXBoZXJzdWl0ZSBmb3IgdXNlci1leHBvcnQgZGVjcnlwdGlvbi5cbiAqXG4gKiBAcmV0dXJuIHthbnl9IFRoZSBIUEtFIGNpcGhlcnN1aXRlIGZvciB1c2VyIGV4cG9ydC5cbiAqL1xuZXhwb3J0IGFzeW5jIGZ1bmN0aW9uIHVzZXJFeHBvcnRDaXBoZXJTdWl0ZSgpOiBQcm9taXNlPENpcGhlclN1aXRlPiB7XG4gIGNvbnN0IGhwa2UgPSBhd2FpdCBpbXBvcnQoXCJAaHBrZS9jb3JlXCIpOyAvLyBlc2xpbnQtZGlzYWJsZS1saW5lIEB0eXBlc2NyaXB0LWVzbGludC9uby12YXItcmVxdWlyZXNcbiAgY29uc3Qgc3VpdGUgPSBuZXcgaHBrZS5DaXBoZXJTdWl0ZSh7XG4gICAga2VtOiBuZXcgaHBrZS5EaGtlbVAyNTZIa2RmU2hhMjU2KCksXG4gICAga2RmOiBuZXcgaHBrZS5Ia2RmU2hhMjU2KCksXG4gICAgYWVhZDogbmV3IGhwa2UuQWVzMjU2R2NtKCksXG4gIH0pO1xuICByZXR1cm4gc3VpdGU7XG59XG5cbi8qKlxuICogR2VuZXJhdGUgYSBrZXkgcGFpciBmb3IgdXNlciBleHBvcnQuXG4gKlxuICogQHJldHVybiB7UHJvbWlzZTxDcnlwdG9LZXlQYWlyPn0gVGhlIG5ld2x5IGdlbmVyYXRlZCBrZXkgcGFpci5cbiAqL1xuZXhwb3J0IGFzeW5jIGZ1bmN0aW9uIHVzZXJFeHBvcnRLZXlnZW4oKTogUHJvbWlzZTxDcnlwdG9LZXlQYWlyPiB7XG4gIHJldHVybiAoYXdhaXQgdXNlckV4cG9ydENpcGhlclN1aXRlKCkpLmtlbS5nZW5lcmF0ZUtleVBhaXIoKTtcbn1cblxuLyoqXG4gKiBHZXQgdGhlIEFycmF5QnVmZmVyIHNsaWNlIHJlcHJlc2VudGVkIGJ5IGEgQnVmZmVyXG4gKlxuICogQHBhcmFtIHtVaW50OEFycmF5fSBiIFRoZSBidWZmZXIgdG8gY29udmVydFxuICogQHJldHVybiB7QXJyYXlCdWZmZXJ9IFRoZSByZXN1bHRpbmcgQXJyYXlCdWZmZXJcbiAqL1xuZnVuY3Rpb24gdG9BcnJheUJ1ZmZlcihiOiBVaW50OEFycmF5KTogQXJyYXlCdWZmZXIge1xuICByZXR1cm4gYi5idWZmZXIuc2xpY2UoYi5ieXRlT2Zmc2V0LCBiLmJ5dGVPZmZzZXQgKyBiLmJ5dGVMZW5ndGgpO1xufVxuXG4vKipcbiAqIERlY3J5cHQgYSB1c2VyIGV4cG9ydC5cbiAqXG4gKiBAcGFyYW0ge0NyeXB0b0tleX0gcmVjaXBpZW50S2V5IFRoZSBOSVNUIFAtMjU2IHNlY3JldCBrZXkgY29ycmVzcG9uZGluZyB0byB0aGUgYHB1YmxpY0tleWAgYXJndW1lbnQgdG8gdGhlIGB1c2VyRXhwb3J0Q29tcGxldGVgIGludm9jYXRpb24gdGhhdCByZXR1cm5lZCBgcmVzcG9uc2VgLlxuICogQHBhcmFtIHtVc2VyRXhwb3J0Q29tcGxldGVSZXNwb25zZX0gcmVzcG9uc2UgVGhlIHJlc3BvbnNlIGZyb20gYSBzdWNjZXNzZnVsIGB1c2VyRXhwb3J0Q29tcGxldGVgIHJlcXVlc3QuXG4gKiBAcmV0dXJuIHtQcm9taXNlPFVzZXJFeHBvcnRLZXlNYXRlcmlhbD59IFRoZSBkZWNyeXB0ZWQga2V5IG1hdGVyaWFsLlxuICovXG5leHBvcnQgYXN5bmMgZnVuY3Rpb24gdXNlckV4cG9ydERlY3J5cHQoXG4gIHJlY2lwaWVudEtleTogQ3J5cHRvS2V5LFxuICByZXNwb25zZTogVXNlckV4cG9ydENvbXBsZXRlUmVzcG9uc2UsXG4pOiBQcm9taXNlPFVzZXJFeHBvcnRLZXlNYXRlcmlhbD4ge1xuICAvLyBUaGUgY2lwaGVyc3VpdGUgd2UgdXNlIGZvciBkZWNyeXB0aW9uXG4gIGNvbnN0IHN1aXRlID0gYXdhaXQgdXNlckV4cG9ydENpcGhlclN1aXRlKCk7XG5cbiAgLy8gZGVjcnlwdCB0aGUgZXhwb3J0IGNpcGhlcnRleHQgdXNpbmcgdGhlIEhQS0Ugb25lLXNob3QgQVBJXG4gIGNvbnN0IHRlbmMgPSBuZXcgVGV4dEVuY29kZXIoKTtcbiAgY29uc3QgdGRlYyA9IG5ldyBUZXh0RGVjb2RlcigpO1xuICBjb25zdCBpbmZvID0gdG9BcnJheUJ1ZmZlcih0ZW5jLmVuY29kZShgY3ViaXN0LXNpZ25lcjo6VXNlckV4cG9ydE93bmVyOjoke3Jlc3BvbnNlLnVzZXJfaWR9YCkpO1xuICBjb25zdCBwdWJsaWNfa2V5ID0gdG9BcnJheUJ1ZmZlcihkZWNvZGVCYXNlNjQocmVzcG9uc2UuZXBoZW1lcmFsX3B1YmxpY19rZXkpKTtcbiAgY29uc3QgY3R4dCA9IHRvQXJyYXlCdWZmZXIoZGVjb2RlQmFzZTY0KHJlc3BvbnNlLmVuY3J5cHRlZF9rZXlfbWF0ZXJpYWwpKTtcbiAgY29uc3QgZGVjcnlwdGVkOiBVc2VyRXhwb3J0S2V5TWF0ZXJpYWwgPSBKU09OLnBhcnNlKFxuICAgIHRkZWMuZGVjb2RlKFxuICAgICAgYXdhaXQgc3VpdGUub3BlbihcbiAgICAgICAge1xuICAgICAgICAgIHJlY2lwaWVudEtleSxcbiAgICAgICAgICBlbmM6IHB1YmxpY19rZXksXG4gICAgICAgICAgaW5mbzogaW5mbyxcbiAgICAgICAgfSxcbiAgICAgICAgY3R4dCxcbiAgICAgICksXG4gICAgKSxcbiAgKTtcblxuICByZXR1cm4gZGVjcnlwdGVkO1xufVxuXG4vKipcbiAqIEZpZ3VyZSBvdXQgaG93IHRvIGxvYWQgU3VidGxlQ3J5cHRvIGluIHRoZSBjdXJyZW50IGVudmlyb25tZW50LlxuICpcbiAqIFRoaXMgZnVuY3Rpb25hbGl0eSBpcyByZXByb2R1Y2VkIGZyb20gdGhlIGhwa2UtanMgcGFja2FnZSxcbiAqICAgaHR0cHM6Ly9naXRodWIuY29tL2RhamlhamkvaHBrZS1qcy9cbiAqIHdoaWNoIGlzIENvcHlyaWdodCAoQykgMjAyMiBBaml0b21pIERhaXN1a2UgYW5kIGxpY2Vuc2VkXG4gKiB1bmRlciB0aGUgTUlUIExpY2Vuc2UsIHdoaWNoIGZvbGxvd3M6XG4gKlxuICogTUlUIExpY2Vuc2VcbiAqXG4gKiBDb3B5cmlnaHQgKGMpIDIwMjIgQWppdG9taSBEYWlzdWtlXG4gKlxuICogUGVybWlzc2lvbiBpcyBoZXJlYnkgZ3JhbnRlZCwgZnJlZSBvZiBjaGFyZ2UsIHRvIGFueSBwZXJzb24gb2J0YWluaW5nIGEgY29weVxuICogb2YgdGhpcyBzb2Z0d2FyZSBhbmQgYXNzb2NpYXRlZCBkb2N1bWVudGF0aW9uIGZpbGVzICh0aGUgXCJTb2Z0d2FyZVwiKSwgdG8gZGVhbFxuICogaW4gdGhlIFNvZnR3YXJlIHdpdGhvdXQgcmVzdHJpY3Rpb24sIGluY2x1ZGluZyB3aXRob3V0IGxpbWl0YXRpb24gdGhlIHJpZ2h0c1xuICogdG8gdXNlLCBjb3B5LCBtb2RpZnksIG1lcmdlLCBwdWJsaXNoLCBkaXN0cmlidXRlLCBzdWJsaWNlbnNlLCBhbmQvb3Igc2VsbFxuICogY29waWVzIG9mIHRoZSBTb2Z0d2FyZSwgYW5kIHRvIHBlcm1pdCBwZXJzb25zIHRvIHdob20gdGhlIFNvZnR3YXJlIGlzXG4gKiBmdXJuaXNoZWQgdG8gZG8gc28sIHN1YmplY3QgdG8gdGhlIGZvbGxvd2luZyBjb25kaXRpb25zOlxuICpcbiAqIFRoZSBhYm92ZSBjb3B5cmlnaHQgbm90aWNlIGFuZCB0aGlzIHBlcm1pc3Npb24gbm90aWNlIHNoYWxsIGJlIGluY2x1ZGVkIGluIGFsbFxuICogY29waWVzIG9yIHN1YnN0YW50aWFsIHBvcnRpb25zIG9mIHRoZSBTb2Z0d2FyZS5cbiAqXG4gKiBUSEUgU09GVFdBUkUgSVMgUFJPVklERUQgXCJBUyBJU1wiLCBXSVRIT1VUIFdBUlJBTlRZIE9GIEFOWSBLSU5ELCBFWFBSRVNTIE9SXG4gKiBJTVBMSUVELCBJTkNMVURJTkcgQlVUIE5PVCBMSU1JVEVEIFRPIFRIRSBXQVJSQU5USUVTIE9GIE1FUkNIQU5UQUJJTElUWSxcbiAqIEZJVE5FU1MgRk9SIEEgUEFSVElDVUxBUiBQVVJQT1NFIEFORCBOT05JTkZSSU5HRU1FTlQuIElOIE5PIEVWRU5UIFNIQUxMIFRIRVxuICogQVVUSE9SUyBPUiBDT1BZUklHSFQgSE9MREVSUyBCRSBMSUFCTEUgRk9SIEFOWSBDTEFJTSwgREFNQUdFUyBPUiBPVEhFUlxuICogTElBQklMSVRZLCBXSEVUSEVSIElOIEFOIEFDVElPTiBPRiBDT05UUkFDVCwgVE9SVCBPUiBPVEhFUldJU0UsIEFSSVNJTkcgRlJPTSxcbiAqIE9VVCBPRiBPUiBJTiBDT05ORUNUSU9OIFdJVEggVEhFIFNPRlRXQVJFIE9SIFRIRSBVU0UgT1IgT1RIRVIgREVBTElOR1MgSU4gVEhFXG4gKiBTT0ZUV0FSRS5cbiAqL1xuZXhwb3J0IGFzeW5jIGZ1bmN0aW9uIGxvYWRTdWJ0bGVDcnlwdG8oKSB7XG4gIGlmIChnbG9iYWxUaGlzICE9PSB1bmRlZmluZWQgJiYgZ2xvYmFsVGhpcy5jcnlwdG8gIT09IHVuZGVmaW5lZCkge1xuICAgIC8vIEJyb3dzZXJzLCBOb2RlLmpzID49IHYxOSwgQ2xvdWRmbGFyZSBXb3JrZXJzLCBCdW4sIGV0Yy5cbiAgICByZXR1cm4gZ2xvYmFsVGhpcy5jcnlwdG8uc3VidGxlO1xuICB9XG4gIC8vIE5vZGUuanMgPD0gdjE4XG4gIHRyeSB7XG4gICAgY29uc3QgeyB3ZWJjcnlwdG8gfSA9IGF3YWl0IGltcG9ydChcImNyeXB0b1wiKTsgLy8gbm9kZTpjcnlwdG9cbiAgICByZXR1cm4gKHdlYmNyeXB0byBhcyB1bmtub3duIGFzIENyeXB0bykuc3VidGxlO1xuICB9IGNhdGNoIChlOiB1bmtub3duKSB7XG4gICAgdGhyb3cgbmV3IEVycm9yKFwic3VidGxlIGNyeXB0byBub3Qgc3VwcG9ydGVkXCIpO1xuICB9XG59XG4iXX0=

package/dist/esm/src/util.d.ts

@@ -0,0 +1,56 @@
+/** JSON map type */
+export interface JsonMap {
+    [member: string]: string | number | boolean | null | JsonArray | JsonMap;
+}
+/** JSON array type */
+export type JsonArray = Array<string | number | boolean | null | JsonArray | JsonMap>;
+/**
+ * Path join
+ * @param {string} dir Parent directory
+ * @param {string} file Pathname
+ * @return {string} New pathname
+ */
+export declare function pathJoin(dir: string, file: string): string;
+/**
+ * Browser-friendly helper for decoding a 'base64'-encoded string into a byte array.
+ *
+ * @param {string} b64 The 'base64'-encoded string to decode
+ * @return {Uint8Array} Decoded byte array
+ */
+export declare function decodeBase64(b64: string): Uint8Array;
+/**
+ * Browser-friendly helper for decoding a 'base64url'-encoded string into a byte array.
+ *
+ * @param {string} b64url The 'base64url'-encoded string to decode
+ * @return {Uint8Array} Decoded byte array
+ */
+export declare function decodeBase64Url(b64url: string): Uint8Array;
+/**
+ *
+ * Browser-friendly helper for encoding a byte array into a padded `base64`-encoded string.
+ *
+ * @param {Iterable<number>} buffer The byte array to encode
+ * @return {string} The 'base64' encoding of the byte array.
+ */
+export declare function encodeToBase64(buffer: Iterable<number>): string;
+/**
+ * Browser-friendly helper for encoding a byte array into a 'base64url`-encoded string.
+ *
+ * @param {Iterable<number>} buffer The byte array to encode
+ * @return {string} The 'base64url' encoding of the byte array.
+ */
+export declare function encodeToBase64Url(buffer: Iterable<number>): string;
+/**
+ * Sleeps for `ms` milliseconds.
+ *
+ * @param {number} ms Milliseconds to sleep
+ * @return {Promise<void>} A promise that is resolved after `ms` milliseconds.
+ */
+export declare function delay(ms: number): Promise<void>;
+/**
+ * Converts a string or a uint8 array into a hex string. Strings are encoded in UTF-8 before
+ * being converted to hex.
+ * @param {string | Uint8Array} message The input
+ * @return {string} Hex string prefixed with "0x"
+ */
+export declare function encodeToHex(message: string | Uint8Array): string;

package/dist/esm/src/util.js

@@ -0,0 +1,76 @@
+/**
+ * Path join
+ * @param {string} dir Parent directory
+ * @param {string} file Pathname
+ * @return {string} New pathname
+ */
+export function pathJoin(dir, file) {
+    const sep = globalThis?.process?.platform === "win32" ? "\\" : "/";
+    return `${dir}${sep}${file}`;
+}
+/**
+ * Browser-friendly helper for decoding a 'base64'-encoded string into a byte array.
+ *
+ * @param {string} b64 The 'base64'-encoded string to decode
+ * @return {Uint8Array} Decoded byte array
+ */
+export function decodeBase64(b64) {
+    return typeof Buffer === "function"
+        ? Buffer.from(b64, "base64")
+        : Uint8Array.from(atob(b64), (c) => c.charCodeAt(0));
+}
+/**
+ * Browser-friendly helper for decoding a 'base64url'-encoded string into a byte array.
+ *
+ * @param {string} b64url The 'base64url'-encoded string to decode
+ * @return {Uint8Array} Decoded byte array
+ */
+export function decodeBase64Url(b64url) {
+    // NOTE: there is no "base64url" encoding in the "buffer" module for the browser (unlike in node.js)
+    const b64 = b64url.replace(/-/g, "+").replace(/_/g, "/").replace(/=*$/g, "");
+    return decodeBase64(b64);
+}
+/**
+ *
+ * Browser-friendly helper for encoding a byte array into a padded `base64`-encoded string.
+ *
+ * @param {Iterable<number>} buffer The byte array to encode
+ * @return {string} The 'base64' encoding of the byte array.
+ */
+export function encodeToBase64(buffer) {
+    const bytes = new Uint8Array(buffer);
+    const b64 = typeof Buffer === "function"
+        ? Buffer.from(bytes).toString("base64")
+        : btoa(bytes.reduce((s, b) => s + String.fromCharCode(b), ""));
+    return b64;
+}
+/**
+ * Browser-friendly helper for encoding a byte array into a 'base64url`-encoded string.
+ *
+ * @param {Iterable<number>} buffer The byte array to encode
+ * @return {string} The 'base64url' encoding of the byte array.
+ */
+export function encodeToBase64Url(buffer) {
+    const b64 = encodeToBase64(buffer);
+    // NOTE: there is no "base64url" encoding in the "buffer" module for the browser (unlike in node.js)
+    return b64.replace(/\+/g, "-").replace(/\//g, "_").replace(/=*$/g, "");
+}
+/**
+ * Sleeps for `ms` milliseconds.
+ *
+ * @param {number} ms Milliseconds to sleep
+ * @return {Promise<void>} A promise that is resolved after `ms` milliseconds.
+ */
+export function delay(ms) {
+    return new Promise((resolve) => setTimeout(resolve, ms));
+}
+/**
+ * Converts a string or a uint8 array into a hex string. Strings are encoded in UTF-8 before
+ * being converted to hex.
+ * @param {string | Uint8Array} message The input
+ * @return {string} Hex string prefixed with "0x"
+ */
+export function encodeToHex(message) {
+    return ("0x" + (typeof message === "string" ? Buffer.from(message, "utf8") : message).toString("hex"));
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidXRpbC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy91dGlsLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQVFBOzs7OztHQUtHO0FBQ0gsTUFBTSxVQUFVLFFBQVEsQ0FBQyxHQUFXLEVBQUUsSUFBWTtJQUNoRCxNQUFNLEdBQUcsR0FBRyxVQUFVLEVBQUUsT0FBTyxFQUFFLFFBQVEsS0FBSyxPQUFPLENBQUMsQ0FBQyxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUMsR0FBRyxDQUFDO0lBQ25FLE9BQU8sR0FBRyxHQUFHLEdBQUcsR0FBRyxHQUFHLElBQUksRUFBRSxDQUFDO0FBQy9CLENBQUM7QUFFRDs7Ozs7R0FLRztBQUNILE1BQU0sVUFBVSxZQUFZLENBQUMsR0FBVztJQUN0QyxPQUFPLE9BQU8sTUFBTSxLQUFLLFVBQVU7UUFDakMsQ0FBQyxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsR0FBRyxFQUFFLFFBQVEsQ0FBQztRQUM1QixDQUFDLENBQUMsVUFBVSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUMsQ0FBQyxVQUFVLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQztBQUN6RCxDQUFDO0FBRUQ7Ozs7O0dBS0c7QUFDSCxNQUFNLFVBQVUsZUFBZSxDQUFDLE1BQWM7SUFDNUMsb0dBQW9HO0lBQ3BHLE1BQU0sR0FBRyxHQUFHLE1BQU0sQ0FBQyxPQUFPLENBQUMsSUFBSSxFQUFFLEdBQUcsQ0FBQyxDQUFDLE9BQU8sQ0FBQyxJQUFJLEVBQUUsR0FBRyxDQUFDLENBQUMsT0FBTyxDQUFDLE1BQU0sRUFBRSxFQUFFLENBQUMsQ0FBQztJQUM3RSxPQUFPLFlBQVksQ0FBQyxHQUFHLENBQUMsQ0FBQztBQUMzQixDQUFDO0FBRUQ7Ozs7OztHQU1HO0FBQ0gsTUFBTSxVQUFVLGNBQWMsQ0FBQyxNQUF3QjtJQUNyRCxNQUFNLEtBQUssR0FBRyxJQUFJLFVBQVUsQ0FBQyxNQUFNLENBQUMsQ0FBQztJQUNyQyxNQUFNLEdBQUcsR0FDUCxPQUFPLE1BQU0sS0FBSyxVQUFVO1FBQzFCLENBQUMsQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxDQUFDLFFBQVEsQ0FBQyxRQUFRLENBQUM7UUFDdkMsQ0FBQyxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsTUFBTSxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUMsRUFBRSxFQUFFLENBQUMsQ0FBQyxHQUFHLE1BQU0sQ0FBQyxZQUFZLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUMsQ0FBQztJQUNuRSxPQUFPLEdBQUcsQ0FBQztBQUNiLENBQUM7QUFFRDs7Ozs7R0FLRztBQUNILE1BQU0sVUFBVSxpQkFBaUIsQ0FBQyxNQUF3QjtJQUN4RCxNQUFNLEdBQUcsR0FBRyxjQUFjLENBQUMsTUFBTSxDQUFDLENBQUM7SUFDbkMsb0dBQW9HO0lBQ3BHLE9BQU8sR0FBRyxDQUFDLE9BQU8sQ0FBQyxLQUFLLEVBQUUsR0FBRyxDQUFDLENBQUMsT0FBTyxDQUFDLEtBQUssRUFBRSxHQUFHLENBQUMsQ0FBQyxPQUFPLENBQUMsTUFBTSxFQUFFLEVBQUUsQ0FBQyxDQUFDO0FBQ3pFLENBQUM7QUFFRDs7Ozs7R0FLRztBQUNILE1BQU0sVUFBVSxLQUFLLENBQUMsRUFBVTtJQUM5QixPQUFPLElBQUksT0FBTyxDQUFDLENBQUMsT0FBTyxFQUFFLEVBQUUsQ0FBQyxVQUFVLENBQUMsT0FBTyxFQUFFLEVBQUUsQ0FBQyxDQUFDLENBQUM7QUFDM0QsQ0FBQztBQUVEOzs7OztHQUtHO0FBQ0gsTUFBTSxVQUFVLFdBQVcsQ0FBQyxPQUE0QjtJQUN0RCxPQUFPLENBQ0wsSUFBSSxHQUFHLENBQUMsT0FBTyxPQUFPLEtBQUssUUFBUSxDQUFDLENBQUMsQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLE9BQU8sRUFBRSxNQUFNLENBQUMsQ0FBQyxDQUFDLENBQUMsT0FBTyxDQUFDLENBQUMsUUFBUSxDQUFDLEtBQUssQ0FBQyxDQUM5RixDQUFDO0FBQ0osQ0FBQyIsInNvdXJjZXNDb250ZW50IjpbIi8qKiBKU09OIG1hcCB0eXBlICovXG5leHBvcnQgaW50ZXJmYWNlIEpzb25NYXAge1xuICBbbWVtYmVyOiBzdHJpbmddOiBzdHJpbmcgfCBudW1iZXIgfCBib29sZWFuIHwgbnVsbCB8IEpzb25BcnJheSB8IEpzb25NYXA7XG59XG5cbi8qKiBKU09OIGFycmF5IHR5cGUgKi9cbmV4cG9ydCB0eXBlIEpzb25BcnJheSA9IEFycmF5PHN0cmluZyB8IG51bWJlciB8IGJvb2xlYW4gfCBudWxsIHwgSnNvbkFycmF5IHwgSnNvbk1hcD47XG5cbi8qKlxuICogUGF0aCBqb2luXG4gKiBAcGFyYW0ge3N0cmluZ30gZGlyIFBhcmVudCBkaXJlY3RvcnlcbiAqIEBwYXJhbSB7c3RyaW5nfSBmaWxlIFBhdGhuYW1lXG4gKiBAcmV0dXJuIHtzdHJpbmd9IE5ldyBwYXRobmFtZVxuICovXG5leHBvcnQgZnVuY3Rpb24gcGF0aEpvaW4oZGlyOiBzdHJpbmcsIGZpbGU6IHN0cmluZyk6IHN0cmluZyB7XG4gIGNvbnN0IHNlcCA9IGdsb2JhbFRoaXM/LnByb2Nlc3M/LnBsYXRmb3JtID09PSBcIndpbjMyXCIgPyBcIlxcXFxcIiA6IFwiL1wiO1xuICByZXR1cm4gYCR7ZGlyfSR7c2VwfSR7ZmlsZX1gO1xufVxuXG4vKipcbiAqIEJyb3dzZXItZnJpZW5kbHkgaGVscGVyIGZvciBkZWNvZGluZyBhICdiYXNlNjQnLWVuY29kZWQgc3RyaW5nIGludG8gYSBieXRlIGFycmF5LlxuICpcbiAqIEBwYXJhbSB7c3RyaW5nfSBiNjQgVGhlICdiYXNlNjQnLWVuY29kZWQgc3RyaW5nIHRvIGRlY29kZVxuICogQHJldHVybiB7VWludDhBcnJheX0gRGVjb2RlZCBieXRlIGFycmF5XG4gKi9cbmV4cG9ydCBmdW5jdGlvbiBkZWNvZGVCYXNlNjQoYjY0OiBzdHJpbmcpOiBVaW50OEFycmF5IHtcbiAgcmV0dXJuIHR5cGVvZiBCdWZmZXIgPT09IFwiZnVuY3Rpb25cIlxuICAgID8gQnVmZmVyLmZyb20oYjY0LCBcImJhc2U2NFwiKVxuICAgIDogVWludDhBcnJheS5mcm9tKGF0b2IoYjY0KSwgKGMpID0+IGMuY2hhckNvZGVBdCgwKSk7XG59XG5cbi8qKlxuICogQnJvd3Nlci1mcmllbmRseSBoZWxwZXIgZm9yIGRlY29kaW5nIGEgJ2Jhc2U2NHVybCctZW5jb2RlZCBzdHJpbmcgaW50byBhIGJ5dGUgYXJyYXkuXG4gKlxuICogQHBhcmFtIHtzdHJpbmd9IGI2NHVybCBUaGUgJ2Jhc2U2NHVybCctZW5jb2RlZCBzdHJpbmcgdG8gZGVjb2RlXG4gKiBAcmV0dXJuIHtVaW50OEFycmF5fSBEZWNvZGVkIGJ5dGUgYXJyYXlcbiAqL1xuZXhwb3J0IGZ1bmN0aW9uIGRlY29kZUJhc2U2NFVybChiNjR1cmw6IHN0cmluZyk6IFVpbnQ4QXJyYXkge1xuICAvLyBOT1RFOiB0aGVyZSBpcyBubyBcImJhc2U2NHVybFwiIGVuY29kaW5nIGluIHRoZSBcImJ1ZmZlclwiIG1vZHVsZSBmb3IgdGhlIGJyb3dzZXIgKHVubGlrZSBpbiBub2RlLmpzKVxuICBjb25zdCBiNjQgPSBiNjR1cmwucmVwbGFjZSgvLS9nLCBcIitcIikucmVwbGFjZSgvXy9nLCBcIi9cIikucmVwbGFjZSgvPSokL2csIFwiXCIpO1xuICByZXR1cm4gZGVjb2RlQmFzZTY0KGI2NCk7XG59XG5cbi8qKlxuICpcbiAqIEJyb3dzZXItZnJpZW5kbHkgaGVscGVyIGZvciBlbmNvZGluZyBhIGJ5dGUgYXJyYXkgaW50byBhIHBhZGRlZCBgYmFzZTY0YC1lbmNvZGVkIHN0cmluZy5cbiAqXG4gKiBAcGFyYW0ge0l0ZXJhYmxlPG51bWJlcj59IGJ1ZmZlciBUaGUgYnl0ZSBhcnJheSB0byBlbmNvZGVcbiAqIEByZXR1cm4ge3N0cmluZ30gVGhlICdiYXNlNjQnIGVuY29kaW5nIG9mIHRoZSBieXRlIGFycmF5LlxuICovXG5leHBvcnQgZnVuY3Rpb24gZW5jb2RlVG9CYXNlNjQoYnVmZmVyOiBJdGVyYWJsZTxudW1iZXI+KTogc3RyaW5nIHtcbiAgY29uc3QgYnl0ZXMgPSBuZXcgVWludDhBcnJheShidWZmZXIpO1xuICBjb25zdCBiNjQgPVxuICAgIHR5cGVvZiBCdWZmZXIgPT09IFwiZnVuY3Rpb25cIlxuICAgICAgPyBCdWZmZXIuZnJvbShieXRlcykudG9TdHJpbmcoXCJiYXNlNjRcIilcbiAgICAgIDogYnRvYShieXRlcy5yZWR1Y2UoKHMsIGIpID0+IHMgKyBTdHJpbmcuZnJvbUNoYXJDb2RlKGIpLCBcIlwiKSk7XG4gIHJldHVybiBiNjQ7XG59XG5cbi8qKlxuICogQnJvd3Nlci1mcmllbmRseSBoZWxwZXIgZm9yIGVuY29kaW5nIGEgYnl0ZSBhcnJheSBpbnRvIGEgJ2Jhc2U2NHVybGAtZW5jb2RlZCBzdHJpbmcuXG4gKlxuICogQHBhcmFtIHtJdGVyYWJsZTxudW1iZXI+fSBidWZmZXIgVGhlIGJ5dGUgYXJyYXkgdG8gZW5jb2RlXG4gKiBAcmV0dXJuIHtzdHJpbmd9IFRoZSAnYmFzZTY0dXJsJyBlbmNvZGluZyBvZiB0aGUgYnl0ZSBhcnJheS5cbiAqL1xuZXhwb3J0IGZ1bmN0aW9uIGVuY29kZVRvQmFzZTY0VXJsKGJ1ZmZlcjogSXRlcmFibGU8bnVtYmVyPik6IHN0cmluZyB7XG4gIGNvbnN0IGI2NCA9IGVuY29kZVRvQmFzZTY0KGJ1ZmZlcik7XG4gIC8vIE5PVEU6IHRoZXJlIGlzIG5vIFwiYmFzZTY0dXJsXCIgZW5jb2RpbmcgaW4gdGhlIFwiYnVmZmVyXCIgbW9kdWxlIGZvciB0aGUgYnJvd3NlciAodW5saWtlIGluIG5vZGUuanMpXG4gIHJldHVybiBiNjQucmVwbGFjZSgvXFwrL2csIFwiLVwiKS5yZXBsYWNlKC9cXC8vZywgXCJfXCIpLnJlcGxhY2UoLz0qJC9nLCBcIlwiKTtcbn1cblxuLyoqXG4gKiBTbGVlcHMgZm9yIGBtc2AgbWlsbGlzZWNvbmRzLlxuICpcbiAqIEBwYXJhbSB7bnVtYmVyfSBtcyBNaWxsaXNlY29uZHMgdG8gc2xlZXBcbiAqIEByZXR1cm4ge1Byb21pc2U8dm9pZD59IEEgcHJvbWlzZSB0aGF0IGlzIHJlc29sdmVkIGFmdGVyIGBtc2AgbWlsbGlzZWNvbmRzLlxuICovXG5leHBvcnQgZnVuY3Rpb24gZGVsYXkobXM6IG51bWJlcik6IFByb21pc2U8dm9pZD4ge1xuICByZXR1cm4gbmV3IFByb21pc2UoKHJlc29sdmUpID0+IHNldFRpbWVvdXQocmVzb2x2ZSwgbXMpKTtcbn1cblxuLyoqXG4gKiBDb252ZXJ0cyBhIHN0cmluZyBvciBhIHVpbnQ4IGFycmF5IGludG8gYSBoZXggc3RyaW5nLiBTdHJpbmdzIGFyZSBlbmNvZGVkIGluIFVURi04IGJlZm9yZVxuICogYmVpbmcgY29udmVydGVkIHRvIGhleC5cbiAqIEBwYXJhbSB7c3RyaW5nIHwgVWludDhBcnJheX0gbWVzc2FnZSBUaGUgaW5wdXRcbiAqIEByZXR1cm4ge3N0cmluZ30gSGV4IHN0cmluZyBwcmVmaXhlZCB3aXRoIFwiMHhcIlxuICovXG5leHBvcnQgZnVuY3Rpb24gZW5jb2RlVG9IZXgobWVzc2FnZTogc3RyaW5nIHwgVWludDhBcnJheSk6IHN0cmluZyB7XG4gIHJldHVybiAoXG4gICAgXCIweFwiICsgKHR5cGVvZiBtZXNzYWdlID09PSBcInN0cmluZ1wiID8gQnVmZmVyLmZyb20obWVzc2FnZSwgXCJ1dGY4XCIpIDogbWVzc2FnZSkudG9TdHJpbmcoXCJoZXhcIilcbiAgKTtcbn1cbiJdfQ==

package/dist/package.json

@@ -1,68 +1,36 @@
 {
     "name": "@cubist-labs/cubesigner-sdk",
-    "author": "Cubist, Inc.",
-    "version": "0.2.28",
+    "version": "0.2.42",
     "description": "CubeSigner TypeScript SDK",
-    "homepage": "https://github.com/cubist-labs/CubeSigner-TypeScript-SDK",
-    "bugs": "https://github.com/cubist-labs/CubeSigner-TypeScript-SDK/issues",
     "license": "MIT OR Apache-2.0",
+    "author": "Cubist, Inc.",
+    "main": "dist/src/index.js",
+    "types": "dist/src/index.d.ts",
     "files": [
         "tsconfig.json",
         "src/**",
         "dist/**",
-        "NOTICE",
-        "LICENSE-APACHE",
-        "LICENSE-MIT"
+        "../..NOTICE",
+        "../..LICENSE-APACHE",
+        "../..LICENSE-MIT"
     ],
-    "main": "dist/src/index.js",
-    "types": "dist/src/index.d.ts",
     "scripts": {
         "build": "tsc",
-        "test": "jest --maxWorkers=1",
+        "gen-schema": "openapi-typescript ./spec/openapi.json --output ./src/schema.ts",
         "prepack": "tsc",
-        "typedoc": "typedoc",
-        "fix": "eslint . --ext .ts --fix",
-        "lint": "eslint . --ext .ts",
-        "fmt": "prettier --write .",
-        "fmt-check": "prettier --check .",
-        "gen-schema": "npx openapi-typescript ./spec/openapi.json --output ./src/schema.ts"
+        "test": "jest --maxWorkers=1",
+        "typedoc": "typedoc"
     },
     "dependencies": {
-        "ethers": "6.7.1",
         "openapi-fetch": "0.6.1"
     },
-    "devDependencies": {
-        "@hpke/core": "^1.2.5",
-        "@types/chai": "^4.3.11",
-        "@types/chai-as-promised": "^7.1.8",
-        "@types/jest": "^29.5.10",
-        "@types/node": "^20.10.4",
-        "@types/node-fetch": "^2.6.9",
-        "@types/tmp": "^0.2.6",
-        "@typescript-eslint/eslint-plugin": "^6.13.2",
-        "chai": "^4.3.10",
-        "chai-as-promised": "^7.1.1",
-        "dotenv": "^16.3.1",
-        "eslint": "^8.55.0",
-        "eslint-config-google": "^0.14.0",
-        "eslint-config-prettier": "^9.1.0",
-        "jest": "^29.7.0",
-        "openapi-typescript": "^6.7.1",
-        "otplib": "^12.0.1",
-        "prettier": "3.1.1",
-        "tmp": "^0.2.1",
-        "ts-jest": "^29.1.0",
-        "ts-node": "^10.9.1",
-        "typescript": "^5.3.3"
-    },
     "optionalDependencies": {
-        "@aws-sdk/client-cognito-identity-provider": "^3.470.0",
         "@hpke/core": "^1.2.5"
     },
-    "prettier": {
-        "printWidth": 100
-    },
     "engines": {
         "node": ">=18.0.0"
+    },
+    "directories": {
+        "test": "test"
     }
 }

package/dist/src/api.d.ts

@@ -1,7 +1,7 @@
 import createClient, { FetchOptions, FetchResponse, FilterKeys, HttpMethod, PathsWith } from "openapi-fetch";
 import { paths, operations } from "./schema";
 import { SignerSessionData, SignerSessionLifetime, SignerSessionManager } from "./session/signer_session_manager";
-import { CreateOidcUserOptions, IdentityProof, KeyInRoleInfo, KeyInfoApi, ListKeysResponse, ListRoleKeysResponse, ListRoleUsersResponse, ListRolesResponse, OidcIdentity, SessionsResponse, PublicKeyCredential, RoleInfo, UpdateKeyRequest, UpdateOrgRequest, UpdateOrgResponse, UpdateRoleRequest, UserIdInfo, UserInRoleInfo, UserInfo, SessionInfo, OrgInfo, RatchetConfig, EvmSignRequest, EvmSignResponse, Eth2SignRequest, Eth2SignResponse, Eth2StakeRequest, Eth2StakeResponse, Eth2UnstakeRequest, Eth2UnstakeResponse, BlobSignRequest, BlobSignResponse, BtcSignResponse, BtcSignRequest, SolanaSignRequest, SolanaSignResponse, AvaSignResponse, AvaTx, MfaRequestInfo, MemberRole, UserExportCompleteResponse, UserExportInitResponse, UserExportListResponse, Empty } from "./schema_types";
+import { CreateOidcUserOptions, IdentityProof, KeyInRoleInfo, KeyInfoApi, ListKeysResponse, ListRoleKeysResponse, ListRoleUsersResponse, ListRolesResponse, OidcIdentity, SessionsResponse, PublicKeyCredential, RoleInfo, UpdateKeyRequest, UpdateOrgRequest, UpdateOrgResponse, UpdateRoleRequest, UserIdInfo, UserInRoleInfo, UserInfo, SessionInfo, OrgInfo, RatchetConfig, Eip191SignRequest, Eip712SignRequest, Eip191Or712SignResponse, EvmSignRequest, EvmSignResponse, Eth2SignRequest, Eth2SignResponse, Eth2StakeRequest, Eth2StakeResponse, Eth2UnstakeRequest, Eth2UnstakeResponse, BlobSignRequest, BlobSignResponse, BtcSignResponse, BtcSignRequest, SolanaSignRequest, SolanaSignResponse, AvaSignResponse, AvaTx, MfaRequestInfo, MemberRole, UserExportCompleteResponse, UserExportInitResponse, UserExportListResponse, Empty } from "./schema_types";
 import { AddFidoChallenge, MfaFidoChallenge, MfaReceipt, TotpChallenge } from "./mfa";
 import { CubeSignerResponse } from "./response";
 import { Key, KeyType } from "./key";
@@ -460,6 +460,28 @@ export declare class CubeSignerApi {
      * @return {Promise<EvmSignResponse | AcceptedResponse>} Signature (or MFA approval request).
      */
     signEvm(key: Key | string, req: EvmSignRequest, mfaReceipt?: MfaReceipt): Promise<CubeSignerResponse<EvmSignResponse>>;
+    /**
+     * Sign EIP-191 typed data.
+     *
+     * This requires the key to have a '"AllowEip191Signing"' {@link KeyPolicy}.
+     *
+     * @param {Key | string} key The key to sign with (either {@link Key} or its material ID).
+     * @param {BlobSignRequest} req What to sign
+     * @param {MfaReceipt} mfaReceipt Optional MFA receipt
+     * @return {Promise<EvmSignResponse | AcceptedResponse>} Signature (or MFA approval request).
+     */
+    signEip191(key: Key | string, req: Eip191SignRequest, mfaReceipt?: MfaReceipt): Promise<CubeSignerResponse<Eip191Or712SignResponse>>;
+    /**
+     * Sign EIP-712 typed data.
+     *
+     * This requires the key to have a '"AllowEip712Signing"' {@link KeyPolicy}.
+     *
+     * @param {Key | string} key The key to sign with (either {@link Key} or its material ID).
+     * @param {BlobSignRequest} req What to sign
+     * @param {MfaReceipt} mfaReceipt Optional MFA receipt
+     * @return {Promise<EvmSignResponse | AcceptedResponse>} Signature (or MFA approval request).
+     */
+    signEip712(key: Key | string, req: Eip712SignRequest, mfaReceipt?: MfaReceipt): Promise<CubeSignerResponse<Eip191Or712SignResponse>>;
     /**
      * Sign an Eth2/Beacon-chain validation message.
      *
@@ -569,6 +591,12 @@ export declare class CubeSignerApi {
      * @return {Promise<UserExportCompleteResponse | AcceptedResponse>} The response.
      */
     userExportComplete(keyId: string, publicKey: CryptoKey, mfaReceipt?: MfaReceipt): Promise<CubeSignerResponse<UserExportCompleteResponse>>;
+    /**
+     * Send a heartbeat / upcheck request.
+     *
+     * @return { Promise<void> } The response.
+     */
+    heartbeat(): Promise<void>;
 }
 /**
  * Client to use to send requests to CubeSigner services