@enbox/agent 0.1.2 → 0.1.4

package/src/prototyping/crypto/algorithms/eddsa.ts

@@ -1,311 +0,0 @@
-import type {
-  AsymmetricKeyConverter,
-  AsymmetricKeyGenerator,
-  ComputePublicKeyParams,
-  GenerateKeyParams,
-  GetPublicKeyParams,
-  Jwk,
-  KeyConverter,
-  Signer,
-  SignParams,
-  VerifyParams,
-} from '@enbox/crypto';
-
-import { CryptoAlgorithm, Ed25519, isOkpPrivateJwk, isOkpPublicJwk } from '@enbox/crypto';
-
-import type { BytesToPrivateKeyParams, BytesToPublicKeyParams, PrivateKeyToBytesParams, PublicKeyToBytesParams } from '../types/params-direct.js';
-import { CryptoError, CryptoErrorCode } from '../crypto-error.js';
-
-/**
- * The `EdDsaGenerateKeyParams` interface defines the algorithm-specific parameters that should be
- * passed into the `generateKey()` method when using the EdDSA algorithm.
- */
-export interface EdDsaGenerateKeyParams extends GenerateKeyParams {
-  /**
-   * A string defining the type of key to generate. The value must be one of the following:
-   * - `"Ed25519"`: EdDSA using the Ed25519 curve.
-   */
-  algorithm: 'Ed25519';
-}
-
-/**
- * The `EdDsaAlgorithm` class provides a concrete implementation for cryptographic operations using
- * the Edwards-curve Digital Signature Algorithm (EdDSA). This class implements both
- * {@link Signer | `Signer`} and { @link AsymmetricKeyGenerator | `AsymmetricKeyGenerator`}
- * interfaces, providing private key generation, public key derivation, and creation/verification
- * of signatures.
- *
- * This class is typically accessed through implementations that extend the
- * {@link CryptoApi | `CryptoApi`} interface.
- */
-export class EdDsaAlgorithm extends CryptoAlgorithm
-  implements AsymmetricKeyGenerator<EdDsaGenerateKeyParams, Jwk, GetPublicKeyParams>,
-             KeyConverter, AsymmetricKeyConverter,
-             Signer<SignParams, VerifyParams> {
-
-  public async bytesToPrivateKey({ algorithm, privateKeyBytes }:
-    BytesToPrivateKeyParams & { algorithm: 'Ed25519' }
-  ): Promise<Jwk> {
-    switch (algorithm) {
-
-      case 'Ed25519': {
-        const privateKey = await Ed25519.bytesToPrivateKey({ privateKeyBytes });
-        privateKey.alg = 'EdDSA';
-        return privateKey;
-      }
-
-      default: {
-        throw new CryptoError(CryptoErrorCode.AlgorithmNotSupported, `Algorithm not supported: ${algorithm}`);
-      }
-    }
-  }
-
-  public async bytesToPublicKey({ algorithm, publicKeyBytes }:
-    BytesToPublicKeyParams & { algorithm: 'Ed25519' }
-  ): Promise<Jwk> {
-    switch (algorithm) {
-
-      case 'Ed25519': {
-        const publicKey = await Ed25519.bytesToPublicKey({ publicKeyBytes });
-        publicKey.alg = 'EdDSA';
-        return publicKey;
-      }
-
-      default: {
-        throw new CryptoError(CryptoErrorCode.AlgorithmNotSupported, `Algorithm not supported: ${algorithm}`);
-      }
-    }
-  }
-
-  /**
-   * Derives the public key in JWK format from a given private key.
-   *
-   * @remarks
-   * This method takes a private key in JWK format and derives its corresponding public key,
-   * also in JWK format. The process ensures that the derived public key correctly corresponds to
-   * the given private key.
-   *
-   * @example
-   * ```ts
-   * const eddsa = new EdDsaAlgorithm();
-   * const privateKey = { ... }; // A Jwk object representing a private key
-   * const publicKey = await eddsa.computePublicKey({ key: privateKey });
-   * ```
-   *
-   * @param params - The parameters for the public key derivation.
-   * @param params.key - The private key in JWK format from which to derive the public key.
-   *
-   * @returns A Promise that resolves to the derived public key in JWK format.
-   */
-  public async computePublicKey({ key }:
-    ComputePublicKeyParams
-  ): Promise<Jwk> {
-    if (!isOkpPrivateJwk(key)) {throw new TypeError('Invalid key provided. Must be an octet key pair (OKP) private key.');}
-
-    switch (key.crv) {
-
-      case 'Ed25519': {
-        const publicKey = await Ed25519.computePublicKey({ key });
-        publicKey.alg = 'EdDSA';
-        return publicKey;
-      }
-
-      default: {
-        throw new CryptoError(CryptoErrorCode.AlgorithmNotSupported, `Curve not supported: ${key.crv}`);
-      }
-    }
-  }
-
-  /**
-   * Generates a new private key with the specified algorithm in JSON Web Key (JWK) format.
-   *
-   * @example
-   * ```ts
-   * const eddsa = new EdDsaAlgorithm();
-   * const privateKey = await eddsa.generateKey({ algorithm: 'Ed25519' });
-   * ```
-   *
-   * @param params - The parameters for key generation.
-   * @param params.algorithm - The algorithm to use for key generation.
-   *
-   * @returns A Promise that resolves to the generated private key in JWK format.
-   */
-  async generateKey({ algorithm }:
-    EdDsaGenerateKeyParams
-  ): Promise<Jwk> {
-    switch (algorithm) {
-
-      case 'Ed25519': {
-        const privateKey = await Ed25519.generateKey();
-        privateKey.alg = 'EdDSA';
-        return privateKey;
-      }
-    }
-  }
-
-  /**
-   * Retrieves the public key properties from a given private key in JWK format.
-   *
-   * @remarks
-   * This method extracts the public key portion from an EdDSA private key in JWK format. It does
-   * so by removing the private key property 'd' and making a shallow copy, effectively yielding the
-   * public key.
-   *
-   * Note: This method offers a significant performance advantage, being about 100 times faster
-   * than `computePublicKey()`. However, it does not mathematically validate the private key, nor
-   * does it derive the public key from the private key. It simply extracts existing public key
-   * properties from the private key object. This makes it suitable for scenarios where speed is
-   * critical and the private key's integrity is already assured.
-   *
-   * @example
-   * ```ts
-   * const eddsa = new EdDsaAlgorithm();
-   * const privateKey = { ... }; // A Jwk object representing a private key
-   * const publicKey = await eddsa.getPublicKey({ key: privateKey });
-   * ```
-   *
-   * @param params - The parameters for retrieving the public key properties.
-   * @param params.key - The private key in JWK format.
-   *
-   * @returns A Promise that resolves to the public key in JWK format.
-   */
-  public async getPublicKey({ key }:
-    GetPublicKeyParams
-  ): Promise<Jwk> {
-    if (!isOkpPrivateJwk(key)) {throw new TypeError('Invalid key provided. Must be an octet key pair (OKP) private key.');}
-
-    switch (key.crv) {
-
-      case 'Ed25519': {
-        const publicKey = await Ed25519.getPublicKey({ key });
-        publicKey.alg = 'EdDSA';
-        return publicKey;
-      }
-
-      default: {
-        throw new Error(`Unsupported curve: ${key.crv}`);
-      }
-    }
-  }
-
-  public async privateKeyToBytes({ privateKey }:
-    PrivateKeyToBytesParams
-  ): Promise<Uint8Array> {
-    switch (privateKey.crv) {
-
-      case 'Ed25519': {
-        return await Ed25519.privateKeyToBytes({ privateKey });
-      }
-
-      default: {
-        throw new CryptoError(CryptoErrorCode.AlgorithmNotSupported, `Curve not supported: ${privateKey.crv}`);
-      }
-    }
-  }
-
-  public async publicKeyToBytes({ publicKey }:
-    PublicKeyToBytesParams
-  ): Promise<Uint8Array> {
-    switch (publicKey.crv) {
-
-      case 'Ed25519': {
-        return await Ed25519.publicKeyToBytes({ publicKey });
-      }
-
-      default: {
-        throw new CryptoError(CryptoErrorCode.AlgorithmNotSupported, `Curve not supported: ${publicKey.crv}`);
-      }
-    }
-  }
-
-  /**
-   * Generates an EdDSA signature of given data using a private key.
-   *
-   * @remarks
-   * This method uses the signature algorithm determined by the given `algorithm` to sign the
-   * provided data.
-   *
-   * The signature can later be verified by parties with access to the corresponding
-   * public key, ensuring that the data has not been tampered with and was indeed signed by the
-   * holder of the private key.
-   *
-   * @example
-   * ```ts
-   * const eddsa = new EdDsaAlgorithm();
-   * const data = new TextEncoder().encode('Message');
-   * const privateKey = { ... }; // A Jwk object representing a private key
-   * const signature = await eddsa.sign({
-   *   key: privateKey,
-   *   data
-   * });
-   * ```
-   *
-   * @param params - The parameters for the signing operation.
-   * @param params.key - The private key to use for signing, represented in JWK format.
-   * @param params.data - The data to sign.
-   *
-   * @returns A Promise resolving to the digital signature as a `Uint8Array`.
-   */
-  public async sign({ key, data }:
-    SignParams
-  ): Promise<Uint8Array> {
-    if (!isOkpPrivateJwk(key)) {throw new TypeError('Invalid key provided. Must be an octet key pair (OKP) private key.');}
-
-    switch (key.crv) {
-
-      case 'Ed25519': {
-        return await Ed25519.sign({ key, data });
-      }
-
-      default: {
-        throw new CryptoError(CryptoErrorCode.AlgorithmNotSupported, `Curve not supported: ${key.crv}`);
-      }
-    }
-  }
-
-  /**
-   * Verifies an EdDSA signature associated with the provided data using the provided key.
-   *
-   * @remarks
-   * This method uses the signature algorithm determined by the `crv` property of the provided key
-   * to check the validity of a digital signature against the original data. It confirms whether the
-   * signature was created by the holder of the corresponding private key and that the data has not
-   * been tampered with.
-   *s
-   * @example
-   * ```ts
-   * const eddsa = new EdDsaAlgorithm();
-   * const publicKey = { ... }; // Public key in JWK format corresponding to the private key that signed the data
-   * const signature = new Uint8Array([...]); // Signature to verify
-   * const data = new TextEncoder().encode('Message');
-   * const isValid = await eddsa.verify({
-   *   key: publicKey,
-   *   signature,
-   *   data
-   * });
-   * ```
-   *
-   * @param params - The parameters for the verification operation.
-   * @param params.key - The key to use for verification.
-   * @param params.signature - The signature to verify.
-   * @param params.data - The data to verify.
-   *
-   * @returns A Promise resolving to a boolean indicating whether the signature is valid.
-   */
-  public async verify({ key, signature, data }:
-    VerifyParams
-  ): Promise<boolean> {
-    if (!isOkpPublicJwk(key)) {throw new TypeError('Invalid key provided. Must be an octet key pair (OKP) public key.');}
-
-    switch (key.crv) {
-
-      case 'Ed25519': {
-        return await Ed25519.verify({ key, signature, data });
-      }
-
-      default: {
-        throw new CryptoError(CryptoErrorCode.AlgorithmNotSupported, `Curve not supported: ${key.crv}`);
-      }
-    }
-  }
-}

package/src/prototyping/crypto/algorithms/hkdf.ts

@@ -1,38 +0,0 @@
-import type { KeyBytesDeriver } from '../types/key-deriver.js';
-import type { DeriveKeyBytesParams, HkdfParams } from '@enbox/crypto';
-
-import { CryptoAlgorithm, Hkdf } from '@enbox/crypto';
-
-/**
- * The `HkdfDeriveKeyBytesParams` interface defines the algorithm-specific parameters that should be
- * passed into the `deriveKeyBytes()` method when using the HKDF algorithm.
- */
-export interface HkdfDeriveKeyBytesParams extends DeriveKeyBytesParams {
-  /** Specifies the algorithm variant for HKDF key derivation.
-   * The value determines the hash function that will be used and must be one of the following:
-   * - `"HKDF-256"`: HKDF with SHA-256.
-   * - `"HKDF-384"`: HKDF with SHA-384.
-   * - `"HKDF-512"`: HKDF with SHA-512.
-   */
-  algorithm: 'HKDF-256' | 'HKDF-384' | 'HKDF-512';
-}
-
-export class HkdfAlgorithm extends CryptoAlgorithm
-  implements KeyBytesDeriver<HkdfDeriveKeyBytesParams, Uint8Array> {
-
-  public async deriveKeyBytes({ algorithm, ...params }:
-    HkdfDeriveKeyBytesParams & Omit<HkdfParams, 'hash'>
-  ): Promise<Uint8Array> {
-    // Map algorithm name to hash function.
-    const hash = {
-      'HKDF-256' : 'SHA-256' as const,
-      'HKDF-384' : 'SHA-384' as const,
-      'HKDF-512' : 'SHA-512' as const
-    }[algorithm];
-
-    // Derive a cryptographic byte array using HKDF.
-    const derivedKeyBytes = await Hkdf.deriveKeyBytes({ ...params, hash });
-
-    return derivedKeyBytes;
-  }
-}

package/src/prototyping/crypto/algorithms/pbkdf2.ts

@@ -1,41 +0,0 @@
-import type { KeyBytesDeriver } from '../types/key-deriver.js';
-import type { DeriveKeyBytesParams, Pbkdf2Params } from '@enbox/crypto';
-
-import { CryptoAlgorithm, Pbkdf2 } from '@enbox/crypto';
-
-/**
- * The `Pbkdf2DeriveKeyBytesParams` interface defines the algorithm-specific parameters that
- * should be passed into the `deriveKeyBytes()` method when using the PBKDF2 algorithm.
- */
-export interface Pbkdf2DeriveKeyBytesParams extends DeriveKeyBytesParams {
-  /** Specifies the algorithm variant for PBKDF2 key derivation.
-   * The value determines the hash function that will be used and must be one of the following:
-   * - `"PBKDF2-HS256+A128KW"`: PBKDF2 with HMAC SHA-256 and A128KW key wrapping.
-   * - `"PBKDF2-HS384+A192KW"`: PBKDF2 with HMAC SHA-384 and A192KW key wrapping.
-   * - `"PBKDF2-HS512+A256KW"`: PBKDF2 with HMAC SHA-512 and A256KW key wrapping.
-   */
-  algorithm: 'PBES2-HS256+A128KW' | 'PBES2-HS384+A192KW' | 'PBES2-HS512+A256KW';
-}
-
-export class Pbkdf2Algorithm extends CryptoAlgorithm
-  implements KeyBytesDeriver<Pbkdf2DeriveKeyBytesParams, Uint8Array> {
-
-  public async deriveKeyBytes({ algorithm, ...params }:
-    Pbkdf2DeriveKeyBytesParams & Omit<Pbkdf2Params, 'hash'>
-  ): Promise<Uint8Array> {
-    // Extract the hash function component of the `algorithm` parameter.
-    const [, hashFunction] = algorithm.split(/[-+]/);
-
-    // Map from JOSE algorithm name to "SHA" hash function identifier.
-    const hash = {
-      'HS256' : 'SHA-256' as const,
-      'HS384' : 'SHA-384' as const,
-      'HS512' : 'SHA-512' as const
-    }[hashFunction]!;
-
-    // Derive a cryptographic byte array using PBKDF2.
-    const derivedKeyBytes = await Pbkdf2.deriveKeyBytes({ ...params, hash });
-
-    return derivedKeyBytes;
-  }
-}

package/src/prototyping/crypto/crypto-error.ts

@@ -1,45 +0,0 @@
-/**
- * A custom error class for Crypto-related errors.
- */
-export class CryptoError extends Error {
-  /**
-   * Constructs an instance of CryptoError, a custom error class for handling Crypto-related errors.
-   *
-   * @param code - A {@link CryptoErrorCode} representing the specific type of error encountered.
-   * @param message - A human-readable description of the error.
-   */
-  constructor(public code: CryptoErrorCode, message: string) {
-    super(message);
-    this.name = 'CryptoError';
-
-    // Ensures that instanceof works properly, the correct prototype chain when using inheritance,
-    // and that V8 stack traces (like Chrome, Edge, and Node.js) are more readable and relevant.
-    Object.setPrototypeOf(this, new.target.prototype);
-
-    // Captures the stack trace in V8 engines (like Chrome, Edge, and Node.js).
-    // In non-V8 environments, the stack trace will still be captured.
-    if (Error.captureStackTrace) {
-      Error.captureStackTrace(this, CryptoError);
-    }
-  }
-}
-
-/**
- * An enumeration of possible Crypto error codes.
- */
-export enum CryptoErrorCode {
-  /** The supplied algorithm identifier is not supported by the implementation. */
-  AlgorithmNotSupported = 'algorithmNotSupported',
-
-  /** The encoding operation (either encoding or decoding) failed. */
-  EncodingError = 'encodingError',
-
-  /** The JWE supplied does not conform to valid syntax. */
-  InvalidJwe = 'invalidJwe',
-
-  /** The JWK supplied does not conform to valid syntax. */
-  InvalidJwk = 'invalidJwk',
-
-  /** The requested operation is not supported by the implementation. */
-  OperationNotSupported = 'operationNotSupported',
-}

package/src/prototyping/crypto/types/crypto-api.ts

@@ -1,77 +0,0 @@
-import type {
-  Cipher,
-  DigestParams,
-  GenerateKeyParams,
-  GetPublicKeyParams,
-  Jwk,
-  KeyWrapper,
-  CryptoApi as OldCryptoApi,
-  SignParams,
-  VerifyParams,
-} from '@enbox/crypto';
-
-import type { AsymmetricKeyConverter, KeyConverter } from './key-converter.js';
-import type { BytesToPrivateKeyParams, BytesToPublicKeyParams, CipherParams, DeriveKeyBytesParams, DeriveKeyParams, PrivateKeyToBytesParams, PublicKeyToBytesParams, UnwrapKeyParams, WrapKeyParams } from './params-direct.js';
-import type { KeyBytesDeriver, KeyDeriver } from './key-deriver.js';
-
-/**
- * The `DsaApi` interface integrates key generation, hashing, and signing functionalities,
- * designed for use with a Key Management System (KMS). It extends `AsymmetricKeyGenerator` for
- * generating asymmetric keys, `Hasher` for hash digest computations, and `Signer` for signing and
- * verifying operations.
- *
- * Concrete implementations of this interface are intended to be used with a KMS, which is
- * responsible for generating and storing cryptographic keys. The KMS is also responsible for
- * performing cryptographic operations using the keys it manages. The KMS is typically a cloud
- * service, but it can also be a hardware device or software application.
- *
- * Guidelines for implementing this interface:
- * - Must use JSON Web Keys ({@link Jwk | JWK}) as the key format.
- * - Must IANA registered JSON Object Signing and Encryption
- *   {@ link https://www.iana.org/assignments/jose/jose.xhtml#web-signature-encryption-algorithms | (JOSE)}
- *   names for algorithm, curves, etc. whenever possible.
- * - All I/O that interacts with private or secret keys must be done via reference using a
- *   {@link KeyIdentifier | `KeyIdentifier`}. Implementations can use any string as the key
- *   identifier (e.g. JWK thumbprint, UUID generated by hosted KMS, etc.).
- * - Must support key generation, hashing, signing, and verifying operations.
- * - May be extended to support other cryptographic operations.
- * - Implementations of the `DsaApi` interface can be passed as an argument to the public API
- *   methods of Web5 libraries that involve key material (e.g., DID creation, VC signing, arbitrary
- *   data signing/verification, etc.).
- */
-export interface DsaApi<
-  GenerateKeyInput = GenerateKeyParams,
-  GenerateKeyOutput = Jwk,
-  GetPublicKeyInput = GetPublicKeyParams,
-  DigestInput = DigestParams,
-  SignInput = SignParams,
-  VerifyInput = VerifyParams
-> extends OldCryptoApi<GenerateKeyInput, GenerateKeyOutput, GetPublicKeyInput, DigestInput, SignInput, VerifyInput> {}
-
-export interface CryptoApi<
-  GenerateKeyInput = GenerateKeyParams,
-  GenerateKeyOutput = Jwk,
-  GetPublicKeyInput = GetPublicKeyParams,
-  DigestInput = DigestParams,
-  SignInput = SignParams,
-  VerifyInput = VerifyParams,
-  EncryptInput = CipherParams,
-  DecryptInput = CipherParams,
-  BytesToPublicKeyInput = BytesToPublicKeyParams,
-  PublicKeyToBytesInput = PublicKeyToBytesParams,
-  BytesToPrivateKeyInput = BytesToPrivateKeyParams,
-  PrivateKeyToBytesInput = PrivateKeyToBytesParams,
-  DeriveKeyInput = DeriveKeyParams,
-  DeriveKeyOutput = Jwk,
-  DeriveKeyBytesInput = DeriveKeyBytesParams,
-  DeriveKeyBytesOutput = Uint8Array,
-  WrapKeyInput = WrapKeyParams,
-  UnwrapKeyInput = UnwrapKeyParams
-> extends
-  DsaApi<GenerateKeyInput, GenerateKeyOutput, GetPublicKeyInput, DigestInput, SignInput, VerifyInput>,
-  Cipher<EncryptInput, DecryptInput>,
-  AsymmetricKeyConverter<BytesToPublicKeyInput, PublicKeyToBytesInput>,
-  KeyConverter<BytesToPrivateKeyInput, PrivateKeyToBytesInput>,
-  KeyDeriver<DeriveKeyInput, DeriveKeyOutput>,
-  KeyBytesDeriver<DeriveKeyBytesInput, DeriveKeyBytesOutput>,
-  KeyWrapper<WrapKeyInput, UnwrapKeyInput> {}

package/src/prototyping/crypto/types/key-converter.ts

@@ -1,53 +0,0 @@
-import type { Jwk } from '@enbox/crypto';
-
-/**
- * `KeyConverter` interface for converting private keys between byte array and JWK formats.
- */
-export interface KeyConverter<BytesToPrivateKeyInput, PrivateKeyToBytesInput> {
-
-  /**
-   * Converts a private key from a byte array to JWK format.
-   *
-   * @param params - The parameters for the private key conversion.
-   * @param params.privateKeyBytes - The raw private key as a Uint8Array.
-   *
-   * @returns A Promise that resolves to the private key in JWK format.
-   */
-  bytesToPrivateKey(params: BytesToPrivateKeyInput): Promise<Jwk>;
-
-  /**
-   * Converts a private key from JWK format to a byte array.
-   *
-   * @param params - The parameters for the private key conversion.
-   * @param params.privateKey - The private key in JWK format.
-   *
-   * @returns A Promise that resolves to the private key as a Uint8Array.
-   */
-  privateKeyToBytes(params: PrivateKeyToBytesInput): Promise<Uint8Array>;
-}
-
-/**
- * `AsymmetricKeyConverter` interface extends {@link KeyConverter |`KeyConverter`}, adding support
- * for public key conversions.
- */
-export interface AsymmetricKeyConverter<BytesToPublicKeyInput, PublicKeyToBytesInput> {
-  /**
-   * Converts a public key from a byte array to JWK format.
-   *
-   * @param params - The parameters for the public key conversion.
-   * @param params.publicKeyBytes - The raw public key as a Uint8Array.
-   *
-   * @returns A Promise that resolves to the public key in JWK format.
-   */
-  bytesToPublicKey(params: BytesToPublicKeyInput): Promise<Jwk>;
-
-  /**
-   * Converts a public key from JWK format to a byte array.
-   *
-   * @param params - The parameters for the public key conversion.
-   * @param params.publicKey - The public key in JWK format.
-   *
-   * @returns A Promise that resolves to the public key as a Uint8Array.
-   */
-  publicKeyToBytes(params: PublicKeyToBytesInput): Promise<Uint8Array>;
-}

package/src/prototyping/crypto/types/key-deriver.ts

@@ -1,56 +0,0 @@
-/**
- * The `KeyDeriver` interface provide a method for key derivation.
- *
- * The `deriveKey()` method derives a {@link Jwk | JWK} from input data using the specified key
- * derivation algorithm. This interface is designed to support various key derivation
- * algorithms, accommodating different input and output types.
- */
-export interface KeyDeriver<
-  DeriveKeyInput,
-  DeriveKeyOutput,
-> {
-  /**
-   * Derives a cryptographic key in JWK format based on the provided input parameters.
-   *
-   * @remarks
-   * The `deriveKey()` method of the {@link KeyDeriver | `KeyDeriver`} interface is utilized to
-   * generate cryptographic keys for operations like encryption, decryption, or signing. The method
-   * takes in parameters tailored to the key derivation algorithm being used and returns a promise
-   * that resolves to the derived key.
-   *
-   * @param params - The parameters for the key derivation process, specific to the chosen
-   *                 algorithm.
-   *
-   * @returns A Promise resolving to the derived key in the specified output format.
-   */
-  deriveKey(params: DeriveKeyInput): Promise<DeriveKeyOutput>;
-}
-
-/**
- * The `KeyBytesDeriver` interface provide a method for deriving a byte array using a key derivation
- * algorithm.
- *
- * The `deriveKeyBytes()` method to derives cryptographic bits from input data using the specified
- * key derivation algorithm. This interface is designed to support various key derivation
- * algorithms, accommodating different input and output types.
- */
-export interface KeyBytesDeriver<
-  DeriveKeyBytesInput,
-  DeriveKeyBytesOutput
-> {
-  /**
-   * Generates a specified number of cryptographic bits from given input parameters.
-   *
-   * @remarks
-   * The `deriveKeyBytes()` method of the {@link KeyBytesDeriver | `KeyBytesDeriver`} interface is
-   * used to create cryptographic material such as initialization vectors or keys from various
-   * sources. The method takes in parameters specific to the chosen key derivation algorithm and
-   * outputs a promise that resolves to a `Uint8Array` containing the derived bits.
-   *
-   * @param params - The parameters for the key derivation process, specific to the chosen
-   *                 algorithm.
-   *
-   * @returns A Promise resolving to the derived bits in the specified format.
-   */
-  deriveKeyBytes(params: DeriveKeyBytesInput): Promise<DeriveKeyBytesOutput>;
-}

package/src/prototyping/crypto/types/key-io.ts

@@ -1,51 +0,0 @@
-import type { Jwk } from '@enbox/crypto';
-
-/**
- * The `KeyExporter` interface provides a method for exporting cryptographic keys.
- */
-export interface KeyExporter<ExportKeyInput, ExportKeyOutput = Jwk> {
-  /**
-   * Exports a cryptographic key to an external JWK object.
-   *
-   * @remarks
-   * The `exportKey()` method of the {@link KeyImporterExporter | `KeyImporterExporter`} interface
-   * returns a cryptographic key in JWK format, facilitating interoperability and backup.
-   *
-   * @param params - The parameters for the key export operation.
-   *
-   * @returns A Promise resolving to the exported key in JWK format.
-   */
-  exportKey(params: ExportKeyInput): Promise<ExportKeyOutput>;
-}
-
-/**
- * The `KeyImporter` interface provides a method for importing cryptographic keys.
- */
-export interface KeyImporter<ImportKeyInput, ImportKeyOutput = void> {
-  /**
-   * Imports an external key in JWK format.
-   *
-   * @remarks
-   * The `importKey()` method of the {@link KeyImporterExporter | `KeyImporterExporter`} interface
-   * takes as input an external key in JWK format and typically returns a key identifier reference
-   * for the imported key.
-   *
-   * @param params - The parameters for the key import operation.
-   *
-   * @returns A Promise resolving to the key identifier of the imported key.
-   */
-  importKey(params: ImportKeyInput): Promise<ImportKeyOutput>;
-}
-
-export interface KeyDeleter<DeleteKeyInput> {
-  /**
-   * Deletes a cryptographic key.
-   *
-   * @remarks
-   * The `deleteKey()` method of the {@link KeyDeleter | `KeyDeleter`} interface deletes a cryptographic
-   * key from the key store.
-   *
-   * @param params - The parameters for the key deletion operation.
-   */
-  deleteKey(params: DeleteKeyInput): Promise<void>;
-}