@dwn-protocol/id-sdk 0.2.5 → 0.2.6

package/src/crypto/crypto-algorithms/ecdh.ts

@@ -1,115 +0,0 @@
-import type { IDCrypto } from '../types/iddwn-crypto.js';
-import type { BytesKeyPair } from '../types/crypto-key.js';
-
-import { isBytesKeyPair } from '../utils.js';
-import { Secp256k1, X25519 } from '../crypto-primitives/index.js';
-import { CryptoKey, BaseEcdhAlgorithm, OperationError } from '../algorithms-api/index.js';
-
-export class EcdhAlgorithm extends BaseEcdhAlgorithm {
-  public readonly namedCurves = ['secp256k1', 'X25519'];
-
-  public async deriveBits(options: {
-    algorithm: IDCrypto.EcdhDeriveKeyOptions,
-    baseKey: IDCrypto.CryptoKey,
-    length: number | null
-  }): Promise<Uint8Array> {
-    const { algorithm, baseKey, length } = options;
-
-    this.checkAlgorithmOptions({ algorithm, baseKey });
-    // The base key must be allowed to be used for deriveBits operations.
-    this.checkKeyUsages({ keyUsages: ['deriveBits'], allowedKeyUsages: baseKey.usages });
-    // The public key must be allowed to be used for deriveBits operations.
-    this.checkKeyUsages({ keyUsages: ['deriveBits'], allowedKeyUsages: algorithm.publicKey.usages });
-
-    let sharedSecret: Uint8Array;
-
-    const ownKeyAlgorithm = baseKey.algorithm as IDCrypto.EcGenerateKeyOptions; // Type guard.
-
-    switch (ownKeyAlgorithm.namedCurve) {
-
-      case 'secp256k1': {
-        const ownPrivateKey = baseKey.material;
-        const otherPartyPublicKey = algorithm.publicKey.material;
-        sharedSecret = await Secp256k1.sharedSecret({
-          privateKey : ownPrivateKey,
-          publicKey  : otherPartyPublicKey
-        });
-        break;
-      }
-
-      case 'X25519': {
-        const ownPrivateKey = baseKey.material;
-        const otherPartyPublicKey = algorithm.publicKey.material;
-        sharedSecret = await X25519.sharedSecret({
-          privateKey : ownPrivateKey,
-          publicKey  : otherPartyPublicKey
-        });
-        break;
-      }
-
-      default:
-        throw new TypeError(`Out of range: '${ownKeyAlgorithm.namedCurve}'. Must be one of '${this.namedCurves.join(', ')}'`);
-    }
-
-    // Length is null, return the full derived secret.
-    if (length === null)
-      return sharedSecret;
-
-    // If the length is not a multiple of 8, throw.
-    if (length && length % 8 !== 0)
-      throw new OperationError(`To be compatible with all browsers, 'length' must be a multiple of 8.`);
-
-    // Convert length from bits to bytes.
-    const lengthInBytes = length / 8;
-
-    // If length (converted to bytes) is larger than the derived secret, throw.
-    if (sharedSecret.byteLength < lengthInBytes)
-      throw new OperationError(`Requested 'length' exceeds the byte length of the derived secret.`);
-
-    // Otherwise, either return the secret or a truncated slice.
-    return lengthInBytes === sharedSecret.byteLength ?
-      sharedSecret :
-      sharedSecret.slice(0, lengthInBytes);
-  }
-
-  public async generateKey(options: {
-    algorithm: IDCrypto.EcGenerateKeyOptions | IDCrypto.EcdsaGenerateKeyOptions,
-    extractable: boolean,
-    keyUsages: IDCrypto.KeyUsage[]
-  }): Promise<IDCrypto.CryptoKeyPair> {
-    const { algorithm, extractable, keyUsages } = options;
-
-    this.checkGenerateKey({ algorithm, keyUsages });
-
-    let keyPair: BytesKeyPair | undefined;
-    let cryptoKeyPair: IDCrypto.CryptoKeyPair;
-
-    switch (algorithm.namedCurve) {
-
-      case 'secp256k1': {
-        (algorithm as IDCrypto.EcdsaGenerateKeyOptions).compressedPublicKey ??= true;
-        keyPair = await Secp256k1.generateKeyPair({
-          compressedPublicKey: (algorithm as IDCrypto.EcdsaGenerateKeyOptions).compressedPublicKey
-        });
-        break;
-      }
-
-      case 'X25519': {
-        keyPair = await X25519.generateKeyPair();
-        break;
-      }
-      // Default case not needed because checkGenerateKey() already validates the specified namedCurve is supported.
-    }
-
-    if (!isBytesKeyPair(keyPair)) {
-      throw new Error('Operation failed to generate key pair.');
-    }
-
-    cryptoKeyPair = {
-      privateKey : new CryptoKey(algorithm, extractable, keyPair.privateKey, 'private', this.keyUsages.privateKey),
-      publicKey  : new CryptoKey(algorithm, true, keyPair.publicKey, 'public', this.keyUsages.publicKey)
-    };
-
-    return cryptoKeyPair;
-  }
-}

package/src/crypto/crypto-algorithms/ecdsa.ts

@@ -1,111 +0,0 @@
-import type { IDCrypto } from '../types/iddwn-crypto.js';
-import type { BytesKeyPair } from '../types/crypto-key.js';
-
-import { isBytesKeyPair } from '../utils.js';
-import { Secp256k1 } from '../crypto-primitives/index.js';
-import { CryptoKey, BaseEcdsaAlgorithm } from '../algorithms-api/index.js';
-export class EcdsaAlgorithm extends BaseEcdsaAlgorithm {
-  public readonly hashAlgorithms = ['SHA-256'];
-  public readonly namedCurves = ['secp256k1'];
-
-  public async generateKey(options: {
-    algorithm: IDCrypto.EcdsaGenerateKeyOptions,
-    extractable: boolean,
-    keyUsages: IDCrypto.KeyUsage[]
-  }): Promise<IDCrypto.CryptoKeyPair> {
-    const { algorithm, extractable, keyUsages } = options;
-
-    this.checkGenerateKey({ algorithm, keyUsages });
-
-    let keyPair: BytesKeyPair | undefined;
-    let cryptoKeyPair: IDCrypto.CryptoKeyPair;
-
-    switch (algorithm.namedCurve) {
-
-      case 'secp256k1': {
-        algorithm.compressedPublicKey ??= true;
-        keyPair = await Secp256k1.generateKeyPair({ compressedPublicKey: algorithm.compressedPublicKey });
-        break;
-      }
-      // Default case not needed because checkGenerateKey() already validates the specified namedCurve is supported.
-    }
-
-    if (!isBytesKeyPair(keyPair)) {
-      throw new Error('Operation failed to generate key pair.');
-    }
-
-    cryptoKeyPair = {
-      privateKey : new CryptoKey(algorithm, extractable, keyPair.privateKey, 'private', this.keyUsages.privateKey),
-      publicKey  : new CryptoKey(algorithm, true, keyPair.publicKey, 'public', this.keyUsages.publicKey)
-    };
-
-    return cryptoKeyPair;
-  }
-
-  public async sign(options: {
-    algorithm: IDCrypto.EcdsaOptions,
-    key: IDCrypto.CryptoKey,
-    data: Uint8Array
-  }): Promise<Uint8Array> {
-    const { algorithm, key, data } = options;
-
-    this.checkAlgorithmOptions({ algorithm });
-    // The key's algorithm must match the algorithm implementation processing the operation.
-    this.checkKeyAlgorithm({ keyAlgorithmName: key.algorithm.name });
-    // The key must be a private key.
-    this.checkKeyType({ keyType: key.type, allowedKeyType: 'private' });
-    // The key must be allowed to be used for sign operations.
-    this.checkKeyUsages({ keyUsages: ['sign'], allowedKeyUsages: key.usages });
-
-    let signature: Uint8Array;
-
-    const keyAlgorithm = key.algorithm as IDCrypto.EcdsaGenerateKeyOptions; // Type guard.
-
-    switch (keyAlgorithm.namedCurve) {
-
-      case 'secp256k1': {
-        signature = await Secp256k1.sign({ hash: algorithm.hash, key: key.material, data });
-        break;
-      }
-
-      default:
-        throw new TypeError(`Out of range: '${keyAlgorithm.namedCurve}'. Must be one of '${this.namedCurves.join(', ')}'`);
-    }
-
-    return signature;
-  }
-
-  public async verify(options: {
-    algorithm: IDCrypto.EcdsaOptions;
-    key: IDCrypto.CryptoKey;
-    signature: Uint8Array;
-    data: Uint8Array;
-  }): Promise<boolean> {
-    const { algorithm, key, signature, data } = options;
-
-    this.checkAlgorithmOptions({ algorithm });
-    // The key's algorithm must match the algorithm implementation processing the operation.
-    this.checkKeyAlgorithm({ keyAlgorithmName: key.algorithm.name });
-    // The key must be a public key.
-    this.checkKeyType({ keyType: key.type, allowedKeyType: 'public' });
-    // The key must be allowed to be used for verify operations.
-    this.checkKeyUsages({ keyUsages: ['verify'], allowedKeyUsages: key.usages });
-
-    let isValid: boolean;
-
-    const keyAlgorithm = key.algorithm as IDCrypto.EcdsaGenerateKeyOptions; // Type guard.
-
-    switch (keyAlgorithm.namedCurve) {
-
-      case 'secp256k1': {
-        isValid = await Secp256k1.verify({ hash: algorithm.hash, key: key.material, signature, data });
-        break;
-      }
-
-      default:
-        throw new TypeError(`Out of range: '${keyAlgorithm.namedCurve}'. Must be one of '${this.namedCurves.join(', ')}'`);
-    }
-
-    return isValid;
-  }
-}

package/src/crypto/crypto-algorithms/eddsa.ts

@@ -1,110 +0,0 @@
-import type { IDCrypto } from '../types/iddwn-crypto.js';
-import type { BytesKeyPair } from '../types/crypto-key.js';
-
-import { isBytesKeyPair } from '../utils.js';
-import { Ed25519 } from '../crypto-primitives/index.js';
-import { CryptoKey, BaseEdDsaAlgorithm } from '../algorithms-api/index.js';
-
-export class EdDsaAlgorithm extends BaseEdDsaAlgorithm {
-  public readonly namedCurves = ['Ed25519', 'Ed448'];
-
-  public async generateKey(options: {
-    algorithm: IDCrypto.EdDsaGenerateKeyOptions,
-    extractable: boolean,
-    keyUsages: IDCrypto.KeyUsage[]
-  }): Promise<IDCrypto.CryptoKeyPair> {
-    const { algorithm, extractable, keyUsages } = options;
-
-    this.checkGenerateKey({ algorithm, keyUsages });
-
-    let keyPair: BytesKeyPair | undefined;
-    let cryptoKeyPair: IDCrypto.CryptoKeyPair;
-
-    switch (algorithm.namedCurve) {
-
-      case 'Ed25519': {
-        keyPair = await Ed25519.generateKeyPair();
-        break;
-      }
-      // Default case not needed because checkGenerateKey() already validates the specified namedCurve is supported.
-    }
-
-    if (!isBytesKeyPair(keyPair)) {
-      throw new Error('Operation failed to generate key pair.');
-    }
-
-    cryptoKeyPair = {
-      privateKey : new CryptoKey(algorithm, extractable, keyPair.privateKey, 'private', this.keyUsages.privateKey),
-      publicKey  : new CryptoKey(algorithm, true, keyPair.publicKey, 'public', this.keyUsages.publicKey)
-    };
-
-    return cryptoKeyPair;
-  }
-
-  public async sign(options: {
-    algorithm: IDCrypto.EdDsaOptions,
-    key: IDCrypto.CryptoKey,
-    data: Uint8Array
-  }): Promise<Uint8Array> {
-    const { algorithm, key, data } = options;
-
-    this.checkAlgorithmOptions({ algorithm });
-    // The key's algorithm must match the algorithm implementation processing the operation.
-    this.checkKeyAlgorithm({ keyAlgorithmName: key.algorithm.name });
-    // The key must be a private key.
-    this.checkKeyType({ keyType: key.type, allowedKeyType: 'private' });
-    // The key must be allowed to be used for sign operations.
-    this.checkKeyUsages({ keyUsages: ['sign'], allowedKeyUsages: key.usages });
-
-    let signature: Uint8Array;
-
-    const keyAlgorithm = key.algorithm as IDCrypto.EdDsaGenerateKeyOptions; // Type guard.
-
-    switch (keyAlgorithm.namedCurve) {
-
-      case 'Ed25519': {
-        signature = await Ed25519.sign({ key: key.material, data });
-        break;
-      }
-
-      default:
-        throw new TypeError(`Out of range: '${keyAlgorithm.namedCurve}'. Must be one of '${this.namedCurves.join(', ')}'`);
-    }
-
-    return signature;
-  }
-
-  public async verify(options: {
-    algorithm: IDCrypto.EdDsaOptions;
-    key: IDCrypto.CryptoKey;
-    signature: Uint8Array;
-    data: Uint8Array;
-  }): Promise<boolean> {
-    const { algorithm, key, signature, data } = options;
-
-    this.checkAlgorithmOptions({ algorithm });
-    // The key's algorithm must match the algorithm implementation processing the operation.
-    this.checkKeyAlgorithm({ keyAlgorithmName: key.algorithm.name });
-    // The key must be a public key.
-    this.checkKeyType({ keyType: key.type, allowedKeyType: 'public' });
-    // The key must be allowed to be used for verify operations.
-    this.checkKeyUsages({ keyUsages: ['verify'], allowedKeyUsages: key.usages });
-
-    let isValid: boolean;
-
-    const keyAlgorithm = key.algorithm as IDCrypto.EdDsaGenerateKeyOptions; // Type guard.
-
-    switch (keyAlgorithm.namedCurve) {
-
-      case 'Ed25519': {
-        isValid = await Ed25519.verify({ key: key.material, signature, data });
-        break;
-      }
-
-      default:
-        throw new TypeError(`Out of range: '${keyAlgorithm.namedCurve}'. Must be one of '${this.namedCurves.join(', ')}'`);
-    }
-
-    return isValid;
-  }
-}

package/src/crypto/crypto-algorithms/index.ts

@@ -1,6 +0,0 @@
-export * from './bbs.js';
-export * from './ecdh.js';
-export * from './ecdsa.js';
-export * from './eddsa.js';
-export * from './pbkdf2.js';
-export * from './aes-ctr.js';

package/src/crypto/crypto-algorithms/pbkdf2.ts

@@ -1,54 +0,0 @@
-import type { IDCrypto } from '../types/iddwn-crypto.js';
-
-import { BasePbkdf2Algorithm, CryptoKey, OperationError } from '../algorithms-api/index.js';
-import { Pbkdf2 } from '../crypto-primitives/pbkdf2.js';
-
-export class Pbkdf2Algorithm extends BasePbkdf2Algorithm {
-  public readonly hashAlgorithms = ['SHA-256', 'SHA-384', 'SHA-512'];
-
-  public async deriveBits(options: {
-    algorithm: IDCrypto.Pbkdf2Options,
-    baseKey: IDCrypto.CryptoKey,
-    length: number
-  }): Promise<Uint8Array> {
-    const { algorithm, baseKey, length } = options;
-
-    this.checkAlgorithmOptions({ algorithm, baseKey });
-    // The base key must be allowed to be used for deriveBits operations.
-    this.checkKeyUsages({ keyUsages: ['deriveBits'], allowedKeyUsages: baseKey.usages });
-    // If the length is 0, throw.
-    if (typeof length !== 'undefined' && length === 0) {
-      throw new OperationError(`The value of 'length' cannot be zero.`);
-    }
-    // If the length is not a multiple of 8, throw.
-    if (length && length % 8 !== 0) {
-      throw new OperationError(`To be compatible with all browsers, 'length' must be a multiple of 8.`);
-    }
-
-    const derivedBits = Pbkdf2.deriveKey({
-      hash       : algorithm.hash as 'SHA-256' | 'SHA-384' | 'SHA-512',
-      iterations : algorithm.iterations,
-      length     : length,
-      password   : baseKey.material,
-      salt       : algorithm.salt
-    });
-
-    return derivedBits;
-  }
-
-  public async importKey(options: {
-    format: IDCrypto.KeyFormat,
-    keyData: Uint8Array,
-    algorithm: IDCrypto.Algorithm,
-    extractable: boolean,
-    keyUsages: IDCrypto.KeyUsage[]
-  }): Promise<IDCrypto.CryptoKey> {
-    const { format, keyData, algorithm, extractable, keyUsages } = options;
-
-    this.checkImportKey({ algorithm, format, extractable, keyUsages });
-
-    const cryptoKey = new CryptoKey(algorithm, extractable, keyData, 'secret', keyUsages);
-
-    return cryptoKey;
-  }
-}

package/src/crypto/crypto-primitives/aes-ctr.ts

@@ -1,131 +0,0 @@
-import { crypto } from '@noble/hashes/crypto';
-
-/**
- * The `AesCtr` class provides an interface for AES-CTR
- * (Advanced Encryption Standard - Counter) encryption and decryption
- * operations. The class uses the Web Crypto API for cryptographic operations.
- *
- * All methods of this class are asynchronous and return Promises. They all
- * use the Uint8Array type for keys and data, providing a consistent
- * interface for working with binary data.
- *
- * Example usage:
- *
- * ```ts
- * const key = await AesCtr.generateKey({ length: 128 });
- * const counter = new Uint8Array(16); // initialize a 16-byte counter
- * const message = new TextEncoder().encode('Hello, world!');
- * const ciphertext = await AesCtr.encrypt({
- *   counter,
- *   data: message,
- *   key,
- *   length: 128 // counter length in bits
- * });
- * const plaintext = await AesCtr.decrypt({
- *   counter,
- *   data: ciphertext,
- *   key,
- *   length: 128 // counter length in bits
- * });
- * console.log(new TextDecoder().decode(plaintext)); // 'Hello, world!'
- * ```
- */
-export class AesCtr {
-  /**
-   * Decrypts the provided data using AES-CTR.
-   *
-   * @param options - The options for the decryption operation.
-   * @param options.counter - The initial value of the counter block.
-   * @param options.data - The data to decrypt.
-   * @param options.key - The key to use for decryption.
-   * @param options.length - The length of the counter block in bits.
-   * @returns A Promise that resolves to the decrypted data as a Uint8Array.
-   */
-  public static async decrypt(options: {
-    counter: Uint8Array,
-    data: Uint8Array,
-    key: Uint8Array,
-    length: number
-  }): Promise<Uint8Array> {
-    const { counter, data, key, length } = options;
-
-    const webCryptoKey = await this.importKey(key);
-
-    const plaintextBuffer = await crypto.subtle.decrypt(
-      { name: 'AES-CTR', counter, length },
-      webCryptoKey,
-      data
-    );
-
-    // Convert from ArrayBuffer to Uint8Array.
-    const plaintext = new Uint8Array(plaintextBuffer);
-
-    return plaintext;
-  }
-
-  /**
-   * Encrypts the provided data using AES-CTR.
-   *
-   * @param options - The options for the encryption operation.
-   * @param options.counter - The initial value of the counter block.
-   * @param options.data - The data to encrypt.
-   * @param options.key - The key to use for encryption.
-   * @param options.length - The length of the counter block in bits.
-   * @returns A Promise that resolves to the encrypted data as a Uint8Array.
-   */
-  public static async encrypt(options: {
-    counter: Uint8Array,
-    data: Uint8Array,
-    key: Uint8Array,
-    length: number
-  }): Promise<Uint8Array> {
-    const { counter, data, key, length } = options;
-
-    const webCryptoKey = await this.importKey(key);
-
-    const ciphertextBuffer = await crypto.subtle.encrypt(
-      { name: 'AES-CTR', counter, length },
-      webCryptoKey,
-      data
-    );
-
-    // Convert from ArrayBuffer to Uint8Array.
-    const ciphertext = new Uint8Array(ciphertextBuffer);
-
-    return ciphertext;
-  }
-
-  /**
-   * Generates an AES key of a given length.
-   *
-   * @param length - The length of the key in bits.
-   * @returns A Promise that resolves to the generated key as a Uint8Array.
-   */
-  public static async generateKey(options: {
-    length: number
-  }): Promise<Uint8Array> {
-    const { length } = options;
-
-    // Generate the secret key.
-    const lengthInBytes = length / 8;
-    const secretKey = crypto.getRandomValues(new Uint8Array(lengthInBytes));
-
-    return secretKey;
-  }
-
-  /**
-   * A private method to import a raw key for use with the Web Crypto API.
-   *
-   * @param key - The raw key material.
-   * @returns A Promise that resolves to a CryptoKey.
-   */
-  private static async importKey(key: Uint8Array): Promise<CryptoKey> {
-    return crypto.subtle.importKey(
-      'raw',
-      key.buffer,
-      { name: 'AES-CTR', length: key.byteLength * 8 },
-      true,
-      ['encrypt', 'decrypt']
-    );
-  }
-}

package/src/crypto/crypto-primitives/aes-gcm.ts

@@ -1,138 +0,0 @@
-import { crypto } from '@noble/hashes/crypto';
-
-/**
- * The `AesGcm` class provides an interface for AES-GCM
- * (Advanced Encryption Standard - Galois/Counter Mode) encryption and
- * decryption operations. The class uses the Web Crypto API for
- * cryptographic operations.
- *
- * All methods of this class are asynchronous and return Promises. They all
- * use the Uint8Array type for keys and data, providing a consistent
- * interface for working with binary data.
- *
- * Example usage:
- *
- * ```ts
- * const key = await AesGcm.generateKey({ length: 128 });
- * const iv = new Uint8Array(12); // generate a 12-byte initialization vector
- * const message = new TextEncoder().encode('Hello, world!');
- * const ciphertext = await AesGcm.encrypt({
- *   data: message,
- *   iv,
- *   key,
- *   tagLength: 128
- * });
- * const plaintext = await AesGcm.decrypt({
- *   data: ciphertext,
- *   iv,
- *   key,
- *   tagLength: 128
- * });
- * console.log(new TextDecoder().decode(plaintext)); // 'Hello, world!'
- * ```
- */
-export class AesGcm {
-  /**
-   * Decrypts the provided data using AES-GCM.
-   *
-   * @param options - The options for the decryption operation.
-   * @param options.additionalData - Data that will be authenticated along with the encrypted data.
-   * @param options.data - The data to decrypt.
-   * @param options.iv - A unique initialization vector.
-   * @param options.key - The key to use for decryption.
-   * @param options.tagLength - This size of the authentication tag generated in bits.
-   * @returns A Promise that resolves to the decrypted data as a Uint8Array.
-   */
-  public static async decrypt(options: {
-    additionalData?: Uint8Array,
-    data: Uint8Array,
-    iv: Uint8Array,
-    key: Uint8Array,
-    tagLength?: number
-  }): Promise<Uint8Array> {
-    const { additionalData, data, iv, key, tagLength } = options;
-
-    const webCryptoKey = await this.importKey(key);
-
-    // Web browsers throw an error if additionalData is undefined.
-    const algorithm = (additionalData === undefined)
-      ? { name: 'AES-GCM', iv, tagLength }
-      : { name: 'AES-GCM', additionalData, iv, tagLength };
-
-    const plaintextBuffer = await crypto.subtle.decrypt(algorithm, webCryptoKey, data);
-
-    // Convert from ArrayBuffer to Uint8Array.
-    const plaintext = new Uint8Array(plaintextBuffer);
-
-    return plaintext;
-  }
-
-  /**
-   * Encrypts the provided data using AES-GCM.
-   *
-   * @param options - The options for the encryption operation.
-   * @param options.additionalData - Data that will be authenticated along with the encrypted data.
-   * @param options.data - The data to decrypt.
-   * @param options.iv - A unique initialization vector.
-   * @param options.key - The key to use for decryption.
-   * @param options.tagLength - This size of the authentication tag generated in bits.
-   * @returns A Promise that resolves to the encrypted data as a Uint8Array.
-   */
-  public static async encrypt(options: {
-    additionalData?: Uint8Array,
-    data: Uint8Array,
-    iv: Uint8Array,
-    key: Uint8Array,
-    tagLength?: number
-  }): Promise<Uint8Array> {
-    const { additionalData, data, iv, key, tagLength } = options;
-
-    const webCryptoKey = await this.importKey(key);
-
-    // Web browsers throw an error if additionalData is undefined.
-    const algorithm = (additionalData === undefined)
-      ? { name: 'AES-GCM', iv, tagLength }
-      : { name: 'AES-GCM', additionalData, iv, tagLength };
-
-    const ciphertextBuffer = await crypto.subtle.encrypt(algorithm, webCryptoKey, data);
-
-    // Convert from ArrayBuffer to Uint8Array.
-    const ciphertext = new Uint8Array(ciphertextBuffer);
-
-    return ciphertext;
-  }
-
-  /**
-   * Generates an AES key of a given length.
-   *
-   * @param length - The length of the key in bits.
-   * @returns A Promise that resolves to the generated key as a Uint8Array.
-   */
-  public static async generateKey(options: {
-    length: number
-  }): Promise<Uint8Array> {
-    const { length } = options;
-
-    // Generate the secret key.
-    const lengthInBytes = length / 8;
-    const secretKey = crypto.getRandomValues(new Uint8Array(lengthInBytes));
-
-    return secretKey;
-  }
-
-  /**
-   * A private method to import a raw key for use with the Web Crypto API.
-   *
-   * @param key - The raw key material.
-   * @returns A Promise that resolves to a CryptoKey.
-   */
-  private static async importKey(key: Uint8Array): Promise<CryptoKey> {
-    return crypto.subtle.importKey(
-      'raw',
-      key.buffer,
-      { name: 'AES-GCM', length: key.byteLength * 8 },
-      true,
-      ['encrypt', 'decrypt']
-    );
-  }
-}