npm - @ledgerhq/device-trusted-app-kit-ledger-keyring-protocol - Versions diffs - 0.0.0-develop-20250903001157 → 0.0.0-e2e-speculos-20250904104129 - Mend

@ledgerhq/device-trusted-app-kit-ledger-keyring-protocol 0.0.0-develop-20250903001157 → 0.0.0-e2e-speculos-20250904104129

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (535) hide show

package/lib/cjs/internal/app-binder/task/SignBlockTask.js CHANGED Viewed

@@ -1,2 +1,2 @@
-"use strict";var h=Object.defineProperty;var k=Object.getOwnPropertyDescriptor;var f=Object.getOwnPropertyNames;var A=Object.prototype.hasOwnProperty;var w=(s,r)=>{for(var e in r)h(s,e,{get:r[e],enumerable:!0})},B=(s,r,e,i)=>{if(r&&typeof r=="object"||typeof r=="function")for(let n of f(r))!A.call(s,n)&&n!==e&&h(s,n,{get:()=>r[n],enumerable:!(i=k(r,n))||i.enumerable});return s};var b=s=>B(h({},"__esModule",{value:!0}),s);var R={};w(R,{SignBlockTask:()=>D});module.exports=b(R);var g=require("@ledgerhq/device-management-kit"),t=require("purify-ts"),E=require("../../../api/crypto/CryptoService"),a=require("../../../api/model/Errors"),P=require("../../app-binder/command/SignBlockHeader"),v=require("../../app-binder/command/SignBlockSignatureCommand"),C=require("../../app-binder/command/SignBlockSingleCommand"),o=require("../../models/Tags"),y=require("../../utils/eitherSeqRecord"),K=require("../../utils/LKRPBlock"),p=require("../../utils/LKRPCommand"),S=require("./utils/TrustedProperties");class D{constructor(r,e){this.api=r;this.cryptoService=e}run({lkrpDataSource:r,trustchainId:e,path:i,jwt:n,parent:c,blockFlow:u,sessionKeypair:l}){const m=this.signCommands(i,u);return(0,y.eitherAsyncSeqRecord)({header:this.signBlockHeader(c,m.length),commands:t.EitherAsync.sequence(m),signature:this.signBlockSignature(l)}).chain(async d=>this.decryptBlock(c,d)).chain(d=>{switch(u.type){case"derive":return r.postDerivation(e,d,n);case"addMember":return r.putCommands(e,i,d,n)}}).mapLeft(d=>d instanceof a.LKRPDataSourceError&&d.status==="BAD_REQUEST"?new a.LKRPOutdatedTrustchainError:d)}signBlockHeader(r,e){return t.EitherAsync.fromPromise(async()=>{try{const i=await this.api.sendCommand(new P.SignBlockHeaderCommand({parent:r,commandCount:e}));if(i.status!==g.CommandResultStatus.Success)return(0,t.Left)(i.error);const n=new S.TrustedProperties(i.data);return(0,y.eitherSeqRecord)({iv:()=>n.getIv(),issuer:()=>n.getIssuer()})}catch(i){return(0,t.Left)(new a.LKRPUnknownError(String(i)))}})}signBlockSignature(r){return t.EitherAsync.fromPromise(async()=>{try{const e=await this.api.sendCommand(new v.SignBlockSignatureCommand);if(e.status!==g.CommandResultStatus.Success)return(0,t.Left)(e.error);const{signature:i,deviceSessionKey:n}=e.data,c=(await r.deriveSharedSecret(n)).slice(1);return(0,t.Right)({signature:i,secret:c})}catch(e){return(0,t.Left)(new a.LKRPUnknownError(String(e)))}})}signCommands(r,e){switch(e.type){case"derive":return[this.signDeriveCommand(r),this.signAddMemberCommand(e.data),this.signPublishKeyCommand(e.data)];case"addMember":return[this.signAddMemberCommand(e.data),this.signPublishKeyCommand(e.data)]}}signSingleCommand(r){return t.EitherAsync.fromPromise(async()=>{try{const e=await this.api.sendCommand(new C.SignBlockSingleCommand({command:r}));return e.status!==g.CommandResultStatus.Success?(0,t.Left)(e.error):(0,t.Right)(new S.TrustedProperties(e.data))}catch(e){return(0,t.Left)(new a.LKRPUnknownError(String(e)))}})}signDeriveCommand(r){return this.signSingleCommand(p.LKRPCommand.bytesFromUnsignedData({type:o.CommandTags.Derive,path:r})).chain(e=>t.EitherAsync.liftEither((0,y.eitherSeqRecord)({type:o.CommandTags.Derive,path:r,iv:()=>e.getIv(),xpriv:()=>e.getXPriv(),ephemeralPublicKey:()=>e.getEphemeralPublicKey(),commandIv:()=>e.getCommandIv(),groupKey:()=>e.getGroupKey(),newMember:()=>e.getNewMember()})))}signAddMemberCommand({name:r,publicKey:e,permissions:i}){return this.signSingleCommand(p.LKRPCommand.bytesFromUnsignedData({type:o.CommandTags.AddMember,name:r,publicKey:e,permissions:i})).chain(n=>t.EitherAsync.liftEither((0,y.eitherSeqRecord)({type:o.CommandTags.AddMember,name:r,publicKey:e,permissions:i,iv:()=>n.getIv(),newMember:()=>n.getNewMember()})))}signPublishKeyCommand({publicKey:r}){return this.signSingleCommand(p.LKRPCommand.bytesFromUnsignedData({type:o.CommandTags.PublishKey,recipient:r})).chain(e=>t.EitherAsync.liftEither((0,y.eitherSeqRecord)({type:o.CommandTags.PublishKey,recipient:r,iv:()=>e.getIv(),xpriv:()=>e.getXPriv(),ephemeralPublicKey:()=>e.getEphemeralPublicKey(),commandIv:()=>e.getCommandIv(),newMember:()=>e.getNewMember()})))}decryptBlock(r,{header:e,commands:i,signature:n}){return(0,t.EitherAsync)(async({throwE:c})=>{const l=await this.cryptoService.importSymmetricKey(n.secret,E.EncryptionAlgo.AES256_GCM).decrypt(e.iv,e.issuer);return t.Either.sequence(await Promise.all(i.map(m=>this.decryptCommand(n.secret,m).run()))).caseOf({Left:m=>{throw c(m),m},Right:m=>K.LKRPBlock.fromData({parent:(0,g.bufferToHexaString)(r),issuer:l,commands:m,signature:n.signature})})})}decryptCommand(r,e){return(0,t.EitherAsync)(async({throwE:i})=>{switch(e.type){case o.CommandTags.Derive:case o.CommandTags.PublishKey:{const c=await this.cryptoService.importSymmetricKey(r,E.EncryptionAlgo.AES256_GCM).decrypt(e.iv,e.xpriv);return p.LKRPCommand.fromData({...e,initializationVector:e.commandIv,encryptedXpriv:c})}case o.CommandTags.AddMember:return p.LKRPCommand.fromData({...e});default:throw i(new a.LKRPUnsupportedCommandError(e)),new a.LKRPUnsupportedCommandError(e)}})}}0&&(module.exports={SignBlockTask});
+"use strict";var g=Object.defineProperty;var b=Object.getOwnPropertyDescriptor;var P=Object.getOwnPropertyNames;var f=Object.prototype.hasOwnProperty;var B=(s,r)=>{for(var e in r)g(s,e,{get:r[e],enumerable:!0})},K=(s,r,e,i)=>{if(r&&typeof r=="object"||typeof r=="function")for(let n of P(r))!f.call(s,n)&&n!==e&&g(s,n,{get:()=>r[n],enumerable:!(i=b(r,n))||i.enumerable});return s};var D=s=>K(g({},"__esModule",{value:!0}),s);var M={};B(M,{ISSUER_PLACEHOLDER:()=>h,SignBlockTask:()=>w});module.exports=D(M);var o=require("@ledgerhq/device-management-kit"),t=require("purify-ts"),S=require("../../app-binder/command/SignBlockHeader"),C=require("../../app-binder/command/SignBlockSignatureCommand"),v=require("../../app-binder/command/SignBlockSingleCommand"),l=require("../../utils/crypto"),d=require("../../utils/eitherSeqRecord"),k=require("../../utils/LKRPBlock"),y=require("../../utils/LKRPCommand"),a=require("../../utils/TLVTags"),u=require("./utils/TrustedProperties");const h=new Uint8Array([3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]);class w{constructor(r){this.api=r}run({lkrpDataSource:r,trustchainId:e,path:i,jwt:n,parent:m,blockFlow:c,sessionKeypair:A}){const E=this.signCommands(i,c);return(0,d.eitherAsyncSeqRecord)({header:this.signBlockHeader(m,E.length),commands:t.EitherAsync.sequence(E),signature:this.signBlockSignature(A)}).chain(p=>t.EitherAsync.liftEither(this.decryptBlock(m,p))).chain(p=>{switch(c.type){case"derive":return r.postDerivation(e,p,n);case"addMember":return r.putCommands(e,i,p,n)}})}signBlockHeader(r,e){return t.EitherAsync.fromPromise(async()=>{const i=Uint8Array.from([[a.GeneralTags.Int,1,1],[a.GeneralTags.Hash,r.length,...r],[a.GeneralTags.PublicKey,h.length,...h],[a.GeneralTags.Int,1,e]].flat());try{const n=await this.api.sendCommand(new S.SignBlockHeaderCommand({header:i}));if(n.status!==o.CommandResultStatus.Success)return(0,t.Left)(n.error);const m=new u.TrustedProperties(n.data);return(0,d.eitherSeqRecord)({iv:()=>m.getIv(),issuer:()=>m.getIssuer()})}catch(n){return(0,t.Left)(new o.UnknownDAError(String(n)))}})}signBlockSignature(r){return t.EitherAsync.fromPromise(async()=>{try{const e=await this.api.sendCommand(new C.SignBlockSignatureCommand);if(e.status!==o.CommandResultStatus.Success)return(0,t.Left)(e.error);const{signature:i,deviceSessionKey:n}=e.data,m=r.ecdh(n).slice(1);return(0,t.Right)({signature:i,secret:m})}catch(e){return(0,t.Left)(new o.UnknownDAError(String(e)))}})}signCommands(r,e){switch(e.type){case"derive":return[this.signDeriveCommand(r),this.signAddMemberCommand(e.data),this.signPublishKeyCommand(e.data)];case"addMember":return[this.signAddMemberCommand(e.data),this.signPublishKeyCommand(e.data)]}}signSingleCommand(r){return t.EitherAsync.fromPromise(async()=>{try{const e=await this.api.sendCommand(new v.SignBlockSingleCommand({command:r}));return e.status!==o.CommandResultStatus.Success?(0,t.Left)(e.error):(0,t.Right)(new u.TrustedProperties(e.data))}catch(e){return(0,t.Left)(new o.UnknownDAError(String(e)))}})}signDeriveCommand(r){return this.signSingleCommand(y.LKRPCommand.bytesFromUnsignedData({type:a.CommandTags.Derive,path:r})).chain(e=>t.EitherAsync.liftEither((0,d.eitherSeqRecord)({type:a.CommandTags.Derive,path:r,iv:()=>e.getIv(),xpriv:()=>e.getXPriv(),ephemeralPublicKey:()=>e.getEphemeralPublicKey(),commandIv:()=>e.getCommandIv(),groupKey:()=>e.getGroupKey(),newMember:()=>e.getNewMember()})))}signAddMemberCommand({name:r,publicKey:e,permissions:i}){return this.signSingleCommand(y.LKRPCommand.bytesFromUnsignedData({type:a.CommandTags.AddMember,name:r,publicKey:e,permissions:i})).chain(n=>t.EitherAsync.liftEither((0,d.eitherSeqRecord)({type:a.CommandTags.AddMember,name:r,publicKey:e,permissions:i,iv:()=>n.getIv(),newMember:()=>n.getNewMember()})))}signPublishKeyCommand({publicKey:r}){return this.signSingleCommand(y.LKRPCommand.bytesFromUnsignedData({type:a.CommandTags.PublishKey,recipient:r})).chain(e=>t.EitherAsync.liftEither((0,d.eitherSeqRecord)({type:a.CommandTags.PublishKey,recipient:r,iv:()=>e.getIv(),xpriv:()=>e.getXPriv(),ephemeralPublicKey:()=>e.getEphemeralPublicKey(),commandIv:()=>e.getCommandIv(),newMember:()=>e.getNewMember()})))}decryptBlock(r,{header:e,commands:i,signature:n}){const m=l.CryptoUtils.decrypt(n.secret,e.iv,e.issuer);return t.Either.sequence(i.map(c=>this.decryptCommand(n.secret,c))).map(c=>k.LKRPBlock.fromData({parent:(0,o.bufferToHexaString)(r),issuer:m,commands:c,signature:n.signature}))}decryptCommand(r,e){switch(e.type){case a.CommandTags.Derive:case a.CommandTags.PublishKey:{const i=l.CryptoUtils.decrypt(r,e.iv,e.xpriv);return(0,t.Right)(y.LKRPCommand.fromData({...e,initializationVector:e.commandIv,encryptedXpriv:i}))}case a.CommandTags.AddMember:return(0,t.Right)(y.LKRPCommand.fromData({...e}));default:return(0,t.Left)(new o.UnknownDAError("Unsupported command type"))}}}0&&(module.exports={ISSUER_PLACEHOLDER,SignBlockTask});
 //# sourceMappingURL=SignBlockTask.js.map

package/lib/cjs/internal/app-binder/task/SignBlockTask.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../../src/internal/app-binder/task/SignBlockTask.ts"],
-  "sourcesContent": ["import {\n  bufferToHexaString,\n  CommandResultStatus,\n  type InternalApi,\n} from \"@ledgerhq/device-management-kit\";\nimport { Either, EitherAsync, Left, Right } from \"purify-ts\";\n\nimport { type CryptoService, EncryptionAlgo } from \"@api/crypto/CryptoService\";\nimport { type KeyPair } from \"@api/crypto/KeyPair\";\nimport {\n  LKRPDataSourceError,\n  type LKRPMissingDataError,\n  LKRPOutdatedTrustchainError,\n  type LKRPParsingError,\n  LKRPUnknownError,\n  LKRPUnsupportedCommandError,\n} from \"@api/model/Errors\";\nimport { type JWT } from \"@api/model/JWT\";\nimport { SignBlockHeaderCommand } from \"@internal/app-binder/command/SignBlockHeader\";\nimport { SignBlockSignatureCommand } from \"@internal/app-binder/command/SignBlockSignatureCommand\";\nimport { SignBlockSingleCommand } from \"@internal/app-binder/command/SignBlockSingleCommand\";\nimport { type LKRPDeviceCommandError } from \"@internal/app-binder/command/utils/ledgerKeyringProtocolErrors\";\nimport { type LKRPDataSource } from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport {\n  type AddMemberUnsignedData,\n  type EncryptedCommand,\n  type EncryptedDeriveCommand,\n  type EncryptedPublishKeyCommand,\n} from \"@internal/models/LKRPCommandTypes\";\nimport { CommandTags } from \"@internal/models/Tags\";\nimport {\n  eitherAsyncSeqRecord,\n  eitherSeqRecord,\n} from \"@internal/utils/eitherSeqRecord\";\nimport { LKRPBlock } from \"@internal/utils/LKRPBlock\";\nimport { LKRPCommand } from \"@internal/utils/LKRPCommand\";\n\nimport { TrustedProperties } from \"./utils/TrustedProperties\";\n\ntype BlockFlow =\n  | { type: \"derive\"; data: AddMemberBlockData }\n  | { type: \"addMember\"; data: AddMemberBlockData };\n\ntype AddMemberBlockData = {\n  name: string;\n  publicKey: Uint8Array;\n  permissions: number;\n};\n\ntype HeaderPayload = {\n  iv: Uint8Array;\n  issuer: Uint8Array;\n};\ntype SignaturePayload = {\n  secret: Uint8Array;\n  signature: Uint8Array;\n};\n\ntype EncryptedBlock = {\n  header: HeaderPayload;\n  commands: EncryptedCommand[];\n  signature: SignaturePayload;\n};\n\ntype SignBlockError =\n  | LKRPDeviceCommandError\n  | LKRPParsingError\n  | LKRPMissingDataError\n  | LKRPDataSourceError\n  | LKRPOutdatedTrustchainError\n  | LKRPUnknownError;\n\nexport type SignBlockTaskInput = {\n  lkrpDataSource: LKRPDataSource;\n  trustchainId: string;\n  path: string;\n  jwt: JWT;\n  parent: Uint8Array;\n  blockFlow: BlockFlow;\n  sessionKeypair: KeyPair;\n};\n\nexport class SignBlockTask {\n  constructor(\n    private readonly api: InternalApi,\n    private readonly cryptoService: CryptoService,\n  ) {}\n\n  run({\n    lkrpDataSource,\n    trustchainId,\n    path,\n    jwt,\n    parent,\n    blockFlow,\n    sessionKeypair,\n  }: SignBlockTaskInput): EitherAsync<SignBlockError, void> {\n    const commands = this.signCommands(path, blockFlow);\n    return eitherAsyncSeqRecord({\n      header: this.signBlockHeader(parent, commands.length),\n      commands: EitherAsync.sequence(commands),\n      signature: this.signBlockSignature(sessionKeypair),\n    })\n      .chain(async (encryptedBlock) =>\n        this.decryptBlock(parent, encryptedBlock),\n      )\n      .chain((block) => {\n        switch (blockFlow.type) {\n          case \"derive\":\n            return lkrpDataSource.postDerivation(trustchainId, block, jwt);\n          case \"addMember\":\n            return lkrpDataSource.putCommands(trustchainId, path, block, jwt);\n        }\n      })\n      .mapLeft((error) =>\n        error instanceof LKRPDataSourceError && error.status === \"BAD_REQUEST\"\n          ? new LKRPOutdatedTrustchainError()\n          : error,\n      );\n  }\n\n  signBlockHeader(\n    parent: Uint8Array,\n    commandCount: number,\n  ): EitherAsync<SignBlockError, HeaderPayload> {\n    return EitherAsync.fromPromise(async () => {\n      try {\n        const response = await this.api.sendCommand(\n          new SignBlockHeaderCommand({ parent, commandCount }),\n        );\n        if (response.status !== CommandResultStatus.Success) {\n          return Left(response.error);\n        }\n        const trustedProps = new TrustedProperties(response.data);\n        return eitherSeqRecord({\n          iv: () => trustedProps.getIv(),\n          issuer: () => trustedProps.getIssuer(),\n        }) as Either<SignBlockError, HeaderPayload>;\n      } catch (error) {\n        return Left(new LKRPUnknownError(String(error)));\n      }\n    });\n  }\n\n  signBlockSignature(\n    sessionKeypair: KeyPair,\n  ): EitherAsync<SignBlockError, SignaturePayload> {\n    return EitherAsync.fromPromise(async () => {\n      try {\n        const response = await this.api.sendCommand(\n          new SignBlockSignatureCommand(),\n        );\n        if (response.status !== CommandResultStatus.Success) {\n          return Left(response.error);\n        }\n        const { signature, deviceSessionKey } = response.data;\n        // At this step, the shared secret is used directly as an encryption key after removing the first byte\n        const secret = (\n          await sessionKeypair.deriveSharedSecret(deviceSessionKey)\n        ).slice(1);\n        return Right({ signature, secret });\n      } catch (error) {\n        return Left(new LKRPUnknownError(String(error)));\n      }\n    });\n  }\n\n  signCommands(\n    applicationPath: string,\n    block: BlockFlow,\n  ): EitherAsync<SignBlockError, EncryptedCommand>[] {\n    switch (block.type) {\n      case \"derive\":\n        return [\n          this.signDeriveCommand(applicationPath),\n          this.signAddMemberCommand(block.data),\n          this.signPublishKeyCommand(block.data),\n        ];\n      case \"addMember\":\n        return [\n          this.signAddMemberCommand(block.data),\n          this.signPublishKeyCommand(block.data),\n        ];\n    }\n  }\n\n  signSingleCommand(command: Uint8Array) {\n    return EitherAsync.fromPromise(\n      async (): Promise<Either<SignBlockError, TrustedProperties>> => {\n        try {\n          const response = await this.api.sendCommand(\n            new SignBlockSingleCommand({ command }),\n          );\n          if (response.status !== CommandResultStatus.Success) {\n            return Left(response.error);\n          }\n          return Right(new TrustedProperties(response.data));\n        } catch (error) {\n          return Left(new LKRPUnknownError(String(error)));\n        }\n      },\n    );\n  }\n\n  signDeriveCommand(applicationPath: string) {\n    return this.signSingleCommand(\n      LKRPCommand.bytesFromUnsignedData({\n        type: CommandTags.Derive,\n        path: applicationPath,\n      }),\n    ).chain((trustedProps) =>\n      EitherAsync.liftEither<SignBlockError, EncryptedDeriveCommand>(\n        eitherSeqRecord({\n          type: CommandTags.Derive,\n          path: applicationPath,\n          iv: () => trustedProps.getIv(),\n          xpriv: () => trustedProps.getXPriv(),\n          ephemeralPublicKey: () => trustedProps.getEphemeralPublicKey(),\n          commandIv: () => trustedProps.getCommandIv(),\n          groupKey: () => trustedProps.getGroupKey(),\n          newMember: () => trustedProps.getNewMember(), // Just validate it's there\n        }),\n      ),\n    );\n  }\n\n  signAddMemberCommand({ name, publicKey, permissions }: AddMemberBlockData) {\n    return this.signSingleCommand(\n      LKRPCommand.bytesFromUnsignedData({\n        type: CommandTags.AddMember,\n        name,\n        publicKey,\n        permissions,\n      }),\n    ).chain((trustedProps) =>\n      EitherAsync.liftEither<SignBlockError, AddMemberUnsignedData>(\n        eitherSeqRecord({\n          type: CommandTags.AddMember,\n          name,\n          publicKey,\n          permissions,\n          iv: () => trustedProps.getIv(), // Just validate it's there\n          newMember: () => trustedProps.getNewMember(), // Just validate it's there\n        }),\n      ),\n    );\n  }\n\n  signPublishKeyCommand({ publicKey }: Pick<AddMemberBlockData, \"publicKey\">) {\n    return this.signSingleCommand(\n      LKRPCommand.bytesFromUnsignedData({\n        type: CommandTags.PublishKey,\n        recipient: publicKey,\n      }),\n    ).chain((trustedProps) =>\n      EitherAsync.liftEither<SignBlockError, EncryptedPublishKeyCommand>(\n        eitherSeqRecord({\n          type: CommandTags.PublishKey,\n          recipient: publicKey,\n          iv: () => trustedProps.getIv(),\n          xpriv: () => trustedProps.getXPriv(),\n          ephemeralPublicKey: () => trustedProps.getEphemeralPublicKey(),\n          commandIv: () => trustedProps.getCommandIv(),\n          newMember: () => trustedProps.getNewMember(), // Just validate it's there,\n        }),\n      ),\n    );\n  }\n\n  decryptBlock(\n    parent: Uint8Array,\n    { header, commands, signature }: EncryptedBlock,\n  ): EitherAsync<SignBlockError, LKRPBlock> {\n    return EitherAsync(async ({ throwE }) => {\n      const key = this.cryptoService.importSymmetricKey(\n        signature.secret,\n        EncryptionAlgo.AES256_GCM,\n      );\n      const decryptedIssuer = await key.decrypt(header.iv, header.issuer);\n      return Either.sequence(\n        await Promise.all(\n          commands.map((command) =>\n            this.decryptCommand(signature.secret, command).run(),\n          ),\n        ),\n      ).caseOf({\n        Left: (error) => {\n          throwE(error);\n          throw error;\n        },\n        Right: (decryptedCommands) =>\n          LKRPBlock.fromData({\n            parent: bufferToHexaString(parent),\n            issuer: decryptedIssuer,\n            commands: decryptedCommands,\n            signature: signature.signature,\n          }),\n      });\n    });\n  }\n\n  decryptCommand(\n    secret: Uint8Array,\n    command: EncryptedCommand,\n  ): EitherAsync<LKRPUnknownError, LKRPCommand> {\n    return EitherAsync<LKRPUnknownError, LKRPCommand>(async ({ throwE }) => {\n      switch (command.type) {\n        case CommandTags.Derive:\n        case CommandTags.PublishKey: {\n          const key = this.cryptoService.importSymmetricKey(\n            secret,\n            EncryptionAlgo.AES256_GCM,\n          );\n          const encryptedXpriv = await key.decrypt(command.iv, command.xpriv);\n          return LKRPCommand.fromData({\n            ...command,\n            initializationVector: command.commandIv,\n            encryptedXpriv,\n          });\n        }\n        case CommandTags.AddMember:\n          return LKRPCommand.fromData({ ...command });\n        default:\n          throwE(new LKRPUnsupportedCommandError(command));\n          throw new LKRPUnsupportedCommandError(command);\n      }\n    });\n  }\n}\n"],
-  "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,mBAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAIO,2CACPC,EAAiD,qBAEjDC,EAAmD,qCAEnDC,EAOO,6BAEPC,EAAuC,wDACvCC,EAA0C,kEAC1CC,EAAuC,+DASvCC,EAA4B,iCAC5BC,EAGO,2CACPC,EAA0B,qCAC1BC,EAA4B,uCAE5BC,EAAkC,qCA6C3B,MAAMb,CAAc,CACzB,YACmBc,EACAC,EACjB,CAFiB,SAAAD,EACA,mBAAAC,CAChB,CAEH,IAAI,CACF,eAAAC,EACA,aAAAC,EACA,KAAAC,EACA,IAAAC,EACA,OAAAC,EACA,UAAAC,EACA,eAAAC,CACF,EAA0D,CACxD,MAAMC,EAAW,KAAK,aAAaL,EAAMG,CAAS,EAClD,SAAO,wBAAqB,CAC1B,OAAQ,KAAK,gBAAgBD,EAAQG,EAAS,MAAM,EACpD,SAAU,cAAY,SAASA,CAAQ,EACvC,UAAW,KAAK,mBAAmBD,CAAc,CACnD,CAAC,EACE,MAAM,MAAOE,GACZ,KAAK,aAAaJ,EAAQI,CAAc,CAC1C,EACC,MAAOC,GAAU,CAChB,OAAQJ,EAAU,KAAM,CACtB,IAAK,SACH,OAAOL,EAAe,eAAeC,EAAcQ,EAAON,CAAG,EAC/D,IAAK,YACH,OAAOH,EAAe,YAAYC,EAAcC,EAAMO,EAAON,CAAG,CACpE,CACF,CAAC,EACA,QAASO,GACRA,aAAiB,uBAAuBA,EAAM,SAAW,cACrD,IAAI,8BACJA,CACN,CACJ,CAEA,gBACEN,EACAO,EAC4C,CAC5C,OAAO,cAAY,YAAY,SAAY,CACzC,GAAI,CACF,MAAMC,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,yBAAuB,CAAE,OAAAR,EAAQ,aAAAO,CAAa,CAAC,CACrD,EACA,GAAIC,EAAS,SAAW,sBAAoB,QAC1C,SAAO,QAAKA,EAAS,KAAK,EAE5B,MAAMC,EAAe,IAAI,oBAAkBD,EAAS,IAAI,EACxD,SAAO,mBAAgB,CACrB,GAAI,IAAMC,EAAa,MAAM,EAC7B,OAAQ,IAAMA,EAAa,UAAU,CACvC,CAAC,CACH,OAASH,EAAO,CACd,SAAO,QAAK,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CAAC,CACjD,CACF,CAAC,CACH,CAEA,mBACEJ,EAC+C,CAC/C,OAAO,cAAY,YAAY,SAAY,CACzC,GAAI,CACF,MAAMM,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,2BACN,EACA,GAAIA,EAAS,SAAW,sBAAoB,QAC1C,SAAO,QAAKA,EAAS,KAAK,EAE5B,KAAM,CAAE,UAAAE,EAAW,iBAAAC,CAAiB,EAAIH,EAAS,KAE3CI,GACJ,MAAMV,EAAe,mBAAmBS,CAAgB,GACxD,MAAM,CAAC,EACT,SAAO,SAAM,CAAE,UAAAD,EAAW,OAAAE,CAAO,CAAC,CACpC,OAASN,EAAO,CACd,SAAO,QAAK,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CAAC,CACjD,CACF,CAAC,CACH,CAEA,aACEO,EACAR,EACiD,CACjD,OAAQA,EAAM,KAAM,CAClB,IAAK,SACH,MAAO,CACL,KAAK,kBAAkBQ,CAAe,EACtC,KAAK,qBAAqBR,EAAM,IAAI,EACpC,KAAK,sBAAsBA,EAAM,IAAI,CACvC,EACF,IAAK,YACH,MAAO,CACL,KAAK,qBAAqBA,EAAM,IAAI,EACpC,KAAK,sBAAsBA,EAAM,IAAI,CACvC,CACJ,CACF,CAEA,kBAAkBS,EAAqB,CACrC,OAAO,cAAY,YACjB,SAAgE,CAC9D,GAAI,CACF,MAAMN,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,yBAAuB,CAAE,QAAAM,CAAQ,CAAC,CACxC,EACA,OAAIN,EAAS,SAAW,sBAAoB,WACnC,QAAKA,EAAS,KAAK,KAErB,SAAM,IAAI,oBAAkBA,EAAS,IAAI,CAAC,CACnD,OAASF,EAAO,CACd,SAAO,QAAK,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CAAC,CACjD,CACF,CACF,CACF,CAEA,kBAAkBO,EAAyB,CACzC,OAAO,KAAK,kBACV,cAAY,sBAAsB,CAChC,KAAM,cAAY,OAClB,KAAMA,CACR,CAAC,CACH,EAAE,MAAOJ,GACP,cAAY,cACV,mBAAgB,CACd,KAAM,cAAY,OAClB,KAAMI,EACN,GAAI,IAAMJ,EAAa,MAAM,EAC7B,MAAO,IAAMA,EAAa,SAAS,EACnC,mBAAoB,IAAMA,EAAa,sBAAsB,EAC7D,UAAW,IAAMA,EAAa,aAAa,EAC3C,SAAU,IAAMA,EAAa,YAAY,EACzC,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,qBAAqB,CAAE,KAAAM,EAAM,UAAAC,EAAW,YAAAC,CAAY,EAAuB,CACzE,OAAO,KAAK,kBACV,cAAY,sBAAsB,CAChC,KAAM,cAAY,UAClB,KAAAF,EACA,UAAAC,EACA,YAAAC,CACF,CAAC,CACH,EAAE,MAAOR,GACP,cAAY,cACV,mBAAgB,CACd,KAAM,cAAY,UAClB,KAAAM,EACA,UAAAC,EACA,YAAAC,EACA,GAAI,IAAMR,EAAa,MAAM,EAC7B,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,sBAAsB,CAAE,UAAAO,CAAU,EAA0C,CAC1E,OAAO,KAAK,kBACV,cAAY,sBAAsB,CAChC,KAAM,cAAY,WAClB,UAAWA,CACb,CAAC,CACH,EAAE,MAAOP,GACP,cAAY,cACV,mBAAgB,CACd,KAAM,cAAY,WAClB,UAAWO,EACX,GAAI,IAAMP,EAAa,MAAM,EAC7B,MAAO,IAAMA,EAAa,SAAS,EACnC,mBAAoB,IAAMA,EAAa,sBAAsB,EAC7D,UAAW,IAAMA,EAAa,aAAa,EAC3C,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,aACET,EACA,CAAE,OAAAkB,EAAQ,SAAAf,EAAU,UAAAO,CAAU,EACU,CACxC,SAAO,eAAY,MAAO,CAAE,OAAAS,CAAO,IAAM,CAKvC,MAAMC,EAAkB,MAJZ,KAAK,cAAc,mBAC7BV,EAAU,OACV,iBAAe,UACjB,EACkC,QAAQQ,EAAO,GAAIA,EAAO,MAAM,EAClE,OAAO,SAAO,SACZ,MAAM,QAAQ,IACZf,EAAS,IAAKW,GACZ,KAAK,eAAeJ,EAAU,OAAQI,CAAO,EAAE,IAAI,CACrD,CACF,CACF,EAAE,OAAO,CACP,KAAOR,GAAU,CACf,MAAAa,EAAOb,CAAK,EACNA,CACR,EACA,MAAQe,GACN,YAAU,SAAS,CACjB,UAAQ,sBAAmBrB,CAAM,EACjC,OAAQoB,EACR,SAAUC,EACV,UAAWX,EAAU,SACvB,CAAC,CACL,CAAC,CACH,CAAC,CACH,CAEA,eACEE,EACAE,EAC4C,CAC5C,SAAO,eAA2C,MAAO,CAAE,OAAAK,CAAO,IAAM,CACtE,OAAQL,EAAQ,KAAM,CACpB,KAAK,cAAY,OACjB,KAAK,cAAY,WAAY,CAK3B,MAAMQ,EAAiB,MAJX,KAAK,cAAc,mBAC7BV,EACA,iBAAe,UACjB,EACiC,QAAQE,EAAQ,GAAIA,EAAQ,KAAK,EAClE,OAAO,cAAY,SAAS,CAC1B,GAAGA,EACH,qBAAsBA,EAAQ,UAC9B,eAAAQ,CACF,CAAC,CACH,CACA,KAAK,cAAY,UACf,OAAO,cAAY,SAAS,CAAE,GAAGR,CAAQ,CAAC,EAC5C,QACE,MAAAK,EAAO,IAAI,8BAA4BL,CAAO,CAAC,EACzC,IAAI,8BAA4BA,CAAO,CACjD,CACF,CAAC,CACH,CACF",
-  "names": ["SignBlockTask_exports", "__export", "SignBlockTask", "__toCommonJS", "import_device_management_kit", "import_purify_ts", "import_CryptoService", "import_Errors", "import_SignBlockHeader", "import_SignBlockSignatureCommand", "import_SignBlockSingleCommand", "import_Tags", "import_eitherSeqRecord", "import_LKRPBlock", "import_LKRPCommand", "import_TrustedProperties", "api", "cryptoService", "lkrpDataSource", "trustchainId", "path", "jwt", "parent", "blockFlow", "sessionKeypair", "commands", "encryptedBlock", "block", "error", "commandCount", "response", "trustedProps", "signature", "deviceSessionKey", "secret", "applicationPath", "command", "name", "publicKey", "permissions", "header", "throwE", "decryptedIssuer", "decryptedCommands", "encryptedXpriv"]
+  "sourcesContent": ["import {\n  bufferToHexaString,\n  CommandResultStatus,\n  type InternalApi,\n  UnknownDAError,\n} from \"@ledgerhq/device-management-kit\";\nimport { Either, EitherAsync, Left, Right } from \"purify-ts\";\n\nimport {\n  type LKRPHttpRequestError,\n  type LKRPMissingDataError,\n  type LKRPParsingError,\n} from \"@api/app-binder/Errors\";\nimport { type JWT, type Keypair } from \"@api/index\";\nimport { SignBlockHeaderCommand } from \"@internal/app-binder/command/SignBlockHeader\";\nimport { SignBlockSignatureCommand } from \"@internal/app-binder/command/SignBlockSignatureCommand\";\nimport { SignBlockSingleCommand } from \"@internal/app-binder/command/SignBlockSingleCommand\";\nimport { type LKRPDeviceCommandError } from \"@internal/app-binder/command/utils/ledgerKeyringProtocolErrors\";\nimport { type LKRPDataSource } from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport { CryptoUtils } from \"@internal/utils/crypto\";\nimport {\n  eitherAsyncSeqRecord,\n  eitherSeqRecord,\n} from \"@internal/utils/eitherSeqRecord\";\nimport { LKRPBlock } from \"@internal/utils/LKRPBlock\";\nimport { LKRPCommand } from \"@internal/utils/LKRPCommand\";\nimport { CommandTags, GeneralTags } from \"@internal/utils/TLVTags\";\nimport {\n  type AddMemberUnsignedData,\n  type EncryptedCommand,\n  type EncryptedDeriveCommand,\n  type EncryptedPublishKeyCommand,\n} from \"@internal/utils/types\";\n\nimport { TrustedProperties } from \"./utils/TrustedProperties\";\n\ntype BlockFlow =\n  | { type: \"derive\"; data: AddMemberBlockData }\n  | { type: \"addMember\"; data: AddMemberBlockData };\n\ntype AddMemberBlockData = {\n  name: string;\n  publicKey: Uint8Array;\n  permissions: number;\n};\n\ntype HeaderPayload = {\n  iv: Uint8Array;\n  issuer: Uint8Array;\n};\ntype SignaturePayload = {\n  secret: Uint8Array;\n  signature: Uint8Array;\n};\n\ntype EncryptedBlock = {\n  header: HeaderPayload;\n  commands: EncryptedCommand[];\n  signature: SignaturePayload;\n};\n\nexport type SignBlockError =\n  | LKRPDeviceCommandError\n  | LKRPParsingError\n  | LKRPMissingDataError\n  | LKRPHttpRequestError\n  | UnknownDAError;\n\nexport type SignBlockTaskInput = {\n  lkrpDataSource: LKRPDataSource;\n  trustchainId: string;\n  path: string;\n  jwt: JWT;\n  parent: Uint8Array;\n  blockFlow: BlockFlow;\n  sessionKeypair: Keypair;\n};\n\nexport const ISSUER_PLACEHOLDER = new Uint8Array([\n  3, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,\n  0, 0, 0, 0, 0, 0, 0,\n]);\n\nexport class SignBlockTask {\n  constructor(private readonly api: InternalApi) {}\n\n  run({\n    lkrpDataSource,\n    trustchainId,\n    path,\n    jwt,\n    parent,\n    blockFlow,\n    sessionKeypair,\n  }: SignBlockTaskInput): EitherAsync<SignBlockError, void> {\n    const commands = this.signCommands(path, blockFlow);\n    return eitherAsyncSeqRecord({\n      header: this.signBlockHeader(parent, commands.length),\n      commands: EitherAsync.sequence(commands),\n      signature: this.signBlockSignature(sessionKeypair),\n    })\n      .chain((encryptedBlock) =>\n        EitherAsync.liftEither(this.decryptBlock(parent, encryptedBlock)),\n      )\n      .chain((block) => {\n        switch (blockFlow.type) {\n          case \"derive\":\n            return lkrpDataSource.postDerivation(trustchainId, block, jwt);\n          case \"addMember\":\n            return lkrpDataSource.putCommands(trustchainId, path, block, jwt);\n        }\n      });\n  }\n\n  signBlockHeader(\n    parent: Uint8Array,\n    commandCount: number,\n  ): EitherAsync<SignBlockError, HeaderPayload> {\n    return EitherAsync.fromPromise(async () => {\n      const header = Uint8Array.from(\n        [\n          [GeneralTags.Int, 1, 1], // Version 1\n          [GeneralTags.Hash, parent.length, ...parent], // Parent block hash\n          [\n            GeneralTags.PublicKey,\n            ISSUER_PLACEHOLDER.length,\n            ...ISSUER_PLACEHOLDER,\n          ], // Placeholder for issuer public key (will be replaced by the device)\n          [GeneralTags.Int, 1, commandCount],\n        ].flat(),\n      );\n      try {\n        const response = await this.api.sendCommand(\n          new SignBlockHeaderCommand({ header }),\n        );\n        if (response.status !== CommandResultStatus.Success) {\n          return Left(response.error);\n        }\n        const trustedProps = new TrustedProperties(response.data);\n        return eitherSeqRecord({\n          iv: () => trustedProps.getIv(),\n          issuer: () => trustedProps.getIssuer(),\n        }) as Either<SignBlockError, HeaderPayload>;\n      } catch (error) {\n        return Left(new UnknownDAError(String(error)));\n      }\n    });\n  }\n\n  signBlockSignature(\n    sessionKeypair: Keypair,\n  ): EitherAsync<SignBlockError, SignaturePayload> {\n    return EitherAsync.fromPromise(async () => {\n      try {\n        const response = await this.api.sendCommand(\n          new SignBlockSignatureCommand(),\n        );\n        if (response.status !== CommandResultStatus.Success) {\n          return Left(response.error);\n        }\n        const { signature, deviceSessionKey } = response.data;\n        // At this step, the shared secret is used directly as an encryption key after removing the first byte\n        const secret = sessionKeypair.ecdh(deviceSessionKey).slice(1);\n        return Right({ signature, secret });\n      } catch (error) {\n        return Left(new UnknownDAError(String(error)));\n      }\n    });\n  }\n\n  signCommands(\n    applicationPath: string,\n    block: BlockFlow,\n  ): EitherAsync<SignBlockError, EncryptedCommand>[] {\n    switch (block.type) {\n      case \"derive\":\n        return [\n          this.signDeriveCommand(applicationPath),\n          this.signAddMemberCommand(block.data),\n          this.signPublishKeyCommand(block.data),\n        ];\n      case \"addMember\":\n        return [\n          this.signAddMemberCommand(block.data),\n          this.signPublishKeyCommand(block.data),\n        ];\n    }\n  }\n\n  signSingleCommand(command: Uint8Array) {\n    return EitherAsync.fromPromise(\n      async (): Promise<Either<SignBlockError, TrustedProperties>> => {\n        try {\n          const response = await this.api.sendCommand(\n            new SignBlockSingleCommand({ command }),\n          );\n          if (response.status !== CommandResultStatus.Success) {\n            return Left(response.error);\n          }\n          return Right(new TrustedProperties(response.data));\n        } catch (error) {\n          return Left(new UnknownDAError(String(error)));\n        }\n      },\n    );\n  }\n\n  signDeriveCommand(applicationPath: string) {\n    return this.signSingleCommand(\n      LKRPCommand.bytesFromUnsignedData({\n        type: CommandTags.Derive,\n        path: applicationPath,\n      }),\n    ).chain((trustedProps) =>\n      EitherAsync.liftEither<SignBlockError, EncryptedDeriveCommand>(\n        eitherSeqRecord({\n          type: CommandTags.Derive,\n          path: applicationPath,\n          iv: () => trustedProps.getIv(),\n          xpriv: () => trustedProps.getXPriv(),\n          ephemeralPublicKey: () => trustedProps.getEphemeralPublicKey(),\n          commandIv: () => trustedProps.getCommandIv(),\n          groupKey: () => trustedProps.getGroupKey(),\n          newMember: () => trustedProps.getNewMember(), // Just validate it's there\n        }),\n      ),\n    );\n  }\n\n  signAddMemberCommand({ name, publicKey, permissions }: AddMemberBlockData) {\n    return this.signSingleCommand(\n      LKRPCommand.bytesFromUnsignedData({\n        type: CommandTags.AddMember,\n        name,\n        publicKey,\n        permissions,\n      }),\n    ).chain((trustedProps) =>\n      EitherAsync.liftEither<SignBlockError, AddMemberUnsignedData>(\n        eitherSeqRecord({\n          type: CommandTags.AddMember,\n          name,\n          publicKey,\n          permissions,\n          iv: () => trustedProps.getIv(), // Just validate it's there\n          newMember: () => trustedProps.getNewMember(), // Just validate it's there\n        }),\n      ),\n    );\n  }\n\n  signPublishKeyCommand({ publicKey }: Pick<AddMemberBlockData, \"publicKey\">) {\n    return this.signSingleCommand(\n      LKRPCommand.bytesFromUnsignedData({\n        type: CommandTags.PublishKey,\n        recipient: publicKey,\n      }),\n    ).chain((trustedProps) =>\n      EitherAsync.liftEither<SignBlockError, EncryptedPublishKeyCommand>(\n        eitherSeqRecord({\n          type: CommandTags.PublishKey,\n          recipient: publicKey,\n          iv: () => trustedProps.getIv(),\n          xpriv: () => trustedProps.getXPriv(),\n          ephemeralPublicKey: () => trustedProps.getEphemeralPublicKey(),\n          commandIv: () => trustedProps.getCommandIv(),\n          newMember: () => trustedProps.getNewMember(), // Just validate it's there,\n        }),\n      ),\n    );\n  }\n\n  decryptBlock(\n    parent: Uint8Array,\n    { header, commands, signature }: EncryptedBlock,\n  ): Either<SignBlockError, LKRPBlock> {\n    const decryptedIssuer = CryptoUtils.decrypt(\n      signature.secret,\n      header.iv,\n      header.issuer,\n    );\n    return Either.sequence(\n      commands.map((command) => this.decryptCommand(signature.secret, command)),\n    ).map((decryptedCommands) =>\n      LKRPBlock.fromData({\n        parent: bufferToHexaString(parent),\n        issuer: decryptedIssuer,\n        commands: decryptedCommands,\n        signature: signature.signature,\n      }),\n    );\n  }\n\n  decryptCommand(\n    secret: Uint8Array,\n    command: EncryptedCommand,\n  ): Either<UnknownDAError, LKRPCommand> {\n    switch (command.type) {\n      case CommandTags.Derive:\n      case CommandTags.PublishKey: {\n        const encryptedXpriv = CryptoUtils.decrypt(\n          secret,\n          command.iv,\n          command.xpriv,\n        );\n        return Right(\n          LKRPCommand.fromData({\n            ...command,\n            initializationVector: command.commandIv,\n            encryptedXpriv,\n          }),\n        );\n      }\n      case CommandTags.AddMember:\n        return Right(LKRPCommand.fromData({ ...command }));\n      default:\n        return Left(new UnknownDAError(\"Unsupported command type\"));\n    }\n  }\n}\n"],
+  "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,wBAAAE,EAAA,kBAAAC,IAAA,eAAAC,EAAAJ,GAAA,IAAAK,EAKO,2CACPC,EAAiD,qBAQjDC,EAAuC,wDACvCC,EAA0C,kEAC1CC,EAAuC,+DAGvCC,EAA4B,kCAC5BC,EAGO,2CACPC,EAA0B,qCAC1BC,EAA4B,uCAC5BC,EAAyC,mCAQzCC,EAAkC,qCA4C3B,MAAMb,EAAqB,IAAI,WAAW,CAC/C,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAC3E,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,CACpB,CAAC,EAEM,MAAMC,CAAc,CACzB,YAA6Ba,EAAkB,CAAlB,SAAAA,CAAmB,CAEhD,IAAI,CACF,eAAAC,EACA,aAAAC,EACA,KAAAC,EACA,IAAAC,EACA,OAAAC,EACA,UAAAC,EACA,eAAAC,CACF,EAA0D,CACxD,MAAMC,EAAW,KAAK,aAAaL,EAAMG,CAAS,EAClD,SAAO,wBAAqB,CAC1B,OAAQ,KAAK,gBAAgBD,EAAQG,EAAS,MAAM,EACpD,SAAU,cAAY,SAASA,CAAQ,EACvC,UAAW,KAAK,mBAAmBD,CAAc,CACnD,CAAC,EACE,MAAOE,GACN,cAAY,WAAW,KAAK,aAAaJ,EAAQI,CAAc,CAAC,CAClE,EACC,MAAOC,GAAU,CAChB,OAAQJ,EAAU,KAAM,CACtB,IAAK,SACH,OAAOL,EAAe,eAAeC,EAAcQ,EAAON,CAAG,EAC/D,IAAK,YACH,OAAOH,EAAe,YAAYC,EAAcC,EAAMO,EAAON,CAAG,CACpE,CACF,CAAC,CACL,CAEA,gBACEC,EACAM,EAC4C,CAC5C,OAAO,cAAY,YAAY,SAAY,CACzC,MAAMC,EAAS,WAAW,KACxB,CACE,CAAC,cAAY,IAAK,EAAG,CAAC,EACtB,CAAC,cAAY,KAAMP,EAAO,OAAQ,GAAGA,CAAM,EAC3C,CACE,cAAY,UACZnB,EAAmB,OACnB,GAAGA,CACL,EACA,CAAC,cAAY,IAAK,EAAGyB,CAAY,CACnC,EAAE,KAAK,CACT,EACA,GAAI,CACF,MAAME,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,yBAAuB,CAAE,OAAAD,CAAO,CAAC,CACvC,EACA,GAAIC,EAAS,SAAW,sBAAoB,QAC1C,SAAO,QAAKA,EAAS,KAAK,EAE5B,MAAMC,EAAe,IAAI,oBAAkBD,EAAS,IAAI,EACxD,SAAO,mBAAgB,CACrB,GAAI,IAAMC,EAAa,MAAM,EAC7B,OAAQ,IAAMA,EAAa,UAAU,CACvC,CAAC,CACH,OAASC,EAAO,CACd,SAAO,QAAK,IAAI,iBAAe,OAAOA,CAAK,CAAC,CAAC,CAC/C,CACF,CAAC,CACH,CAEA,mBACER,EAC+C,CAC/C,OAAO,cAAY,YAAY,SAAY,CACzC,GAAI,CACF,MAAMM,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,2BACN,EACA,GAAIA,EAAS,SAAW,sBAAoB,QAC1C,SAAO,QAAKA,EAAS,KAAK,EAE5B,KAAM,CAAE,UAAAG,EAAW,iBAAAC,CAAiB,EAAIJ,EAAS,KAE3CK,EAASX,EAAe,KAAKU,CAAgB,EAAE,MAAM,CAAC,EAC5D,SAAO,SAAM,CAAE,UAAAD,EAAW,OAAAE,CAAO,CAAC,CACpC,OAASH,EAAO,CACd,SAAO,QAAK,IAAI,iBAAe,OAAOA,CAAK,CAAC,CAAC,CAC/C,CACF,CAAC,CACH,CAEA,aACEI,EACAT,EACiD,CACjD,OAAQA,EAAM,KAAM,CAClB,IAAK,SACH,MAAO,CACL,KAAK,kBAAkBS,CAAe,EACtC,KAAK,qBAAqBT,EAAM,IAAI,EACpC,KAAK,sBAAsBA,EAAM,IAAI,CACvC,EACF,IAAK,YACH,MAAO,CACL,KAAK,qBAAqBA,EAAM,IAAI,EACpC,KAAK,sBAAsBA,EAAM,IAAI,CACvC,CACJ,CACF,CAEA,kBAAkBU,EAAqB,CACrC,OAAO,cAAY,YACjB,SAAgE,CAC9D,GAAI,CACF,MAAMP,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,yBAAuB,CAAE,QAAAO,CAAQ,CAAC,CACxC,EACA,OAAIP,EAAS,SAAW,sBAAoB,WACnC,QAAKA,EAAS,KAAK,KAErB,SAAM,IAAI,oBAAkBA,EAAS,IAAI,CAAC,CACnD,OAASE,EAAO,CACd,SAAO,QAAK,IAAI,iBAAe,OAAOA,CAAK,CAAC,CAAC,CAC/C,CACF,CACF,CACF,CAEA,kBAAkBI,EAAyB,CACzC,OAAO,KAAK,kBACV,cAAY,sBAAsB,CAChC,KAAM,cAAY,OAClB,KAAMA,CACR,CAAC,CACH,EAAE,MAAOL,GACP,cAAY,cACV,mBAAgB,CACd,KAAM,cAAY,OAClB,KAAMK,EACN,GAAI,IAAML,EAAa,MAAM,EAC7B,MAAO,IAAMA,EAAa,SAAS,EACnC,mBAAoB,IAAMA,EAAa,sBAAsB,EAC7D,UAAW,IAAMA,EAAa,aAAa,EAC3C,SAAU,IAAMA,EAAa,YAAY,EACzC,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,qBAAqB,CAAE,KAAAO,EAAM,UAAAC,EAAW,YAAAC,CAAY,EAAuB,CACzE,OAAO,KAAK,kBACV,cAAY,sBAAsB,CAChC,KAAM,cAAY,UAClB,KAAAF,EACA,UAAAC,EACA,YAAAC,CACF,CAAC,CACH,EAAE,MAAOT,GACP,cAAY,cACV,mBAAgB,CACd,KAAM,cAAY,UAClB,KAAAO,EACA,UAAAC,EACA,YAAAC,EACA,GAAI,IAAMT,EAAa,MAAM,EAC7B,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,sBAAsB,CAAE,UAAAQ,CAAU,EAA0C,CAC1E,OAAO,KAAK,kBACV,cAAY,sBAAsB,CAChC,KAAM,cAAY,WAClB,UAAWA,CACb,CAAC,CACH,EAAE,MAAOR,GACP,cAAY,cACV,mBAAgB,CACd,KAAM,cAAY,WAClB,UAAWQ,EACX,GAAI,IAAMR,EAAa,MAAM,EAC7B,MAAO,IAAMA,EAAa,SAAS,EACnC,mBAAoB,IAAMA,EAAa,sBAAsB,EAC7D,UAAW,IAAMA,EAAa,aAAa,EAC3C,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,aACET,EACA,CAAE,OAAAO,EAAQ,SAAAJ,EAAU,UAAAQ,CAAU,EACK,CACnC,MAAMQ,EAAkB,cAAY,QAClCR,EAAU,OACVJ,EAAO,GACPA,EAAO,MACT,EACA,OAAO,SAAO,SACZJ,EAAS,IAAKY,GAAY,KAAK,eAAeJ,EAAU,OAAQI,CAAO,CAAC,CAC1E,EAAE,IAAKK,GACL,YAAU,SAAS,CACjB,UAAQ,sBAAmBpB,CAAM,EACjC,OAAQmB,EACR,SAAUC,EACV,UAAWT,EAAU,SACvB,CAAC,CACH,CACF,CAEA,eACEE,EACAE,EACqC,CACrC,OAAQA,EAAQ,KAAM,CACpB,KAAK,cAAY,OACjB,KAAK,cAAY,WAAY,CAC3B,MAAMM,EAAiB,cAAY,QACjCR,EACAE,EAAQ,GACRA,EAAQ,KACV,EACA,SAAO,SACL,cAAY,SAAS,CACnB,GAAGA,EACH,qBAAsBA,EAAQ,UAC9B,eAAAM,CACF,CAAC,CACH,CACF,CACA,KAAK,cAAY,UACf,SAAO,SAAM,cAAY,SAAS,CAAE,GAAGN,CAAQ,CAAC,CAAC,EACnD,QACE,SAAO,QAAK,IAAI,iBAAe,0BAA0B,CAAC,CAC9D,CACF,CACF",
+  "names": ["SignBlockTask_exports", "__export", "ISSUER_PLACEHOLDER", "SignBlockTask", "__toCommonJS", "import_device_management_kit", "import_purify_ts", "import_SignBlockHeader", "import_SignBlockSignatureCommand", "import_SignBlockSingleCommand", "import_crypto", "import_eitherSeqRecord", "import_LKRPBlock", "import_LKRPCommand", "import_TLVTags", "import_TrustedProperties", "api", "lkrpDataSource", "trustchainId", "path", "jwt", "parent", "blockFlow", "sessionKeypair", "commands", "encryptedBlock", "block", "commandCount", "header", "response", "trustedProps", "error", "signature", "deviceSessionKey", "secret", "applicationPath", "command", "name", "publicKey", "permissions", "decryptedIssuer", "decryptedCommands", "encryptedXpriv"]
 }

package/lib/cjs/internal/app-binder/task/SignChallengeWithKeypairTask.js CHANGED Viewed

@@ -1,2 +1,2 @@
-"use strict";var g=Object.defineProperty;var m=Object.getOwnPropertyDescriptor;var u=Object.getOwnPropertyNames;var x=Object.prototype.hasOwnProperty;var d=(a,t)=>{for(var n in t)g(a,n,{get:t[n],enumerable:!0})},v=(a,t,n,i)=>{if(t&&typeof t=="object"||typeof t=="function")for(let e of u(t))!x.call(a,e)&&e!==n&&g(a,e,{get:()=>t[e],enumerable:!(i=m(t,e))||i.enumerable});return a};var E=a=>v(g({},"__esModule",{value:!0}),a);var A={};d(A,{SignChallengeWithKeypairTask:()=>f});module.exports=E(A);var o=require("@ledgerhq/device-management-kit"),s=require("purify-ts"),p=require("../../../api/crypto/CryptoService"),h=require("../../../api/crypto/KeyPair"),l=require("../../../api/model/Errors"),c=require("../../utils/eitherSeqRecord");class f{constructor(t,n,i){this.cryptoService=t;this.keypair=n;this.trustchainId=i}run(t){const n=this.getAttestation(),i=this.getCredential(this.keypair.getPublicKeyToHex());return s.EitherAsync.liftEither(this.getUnsignedChallengeTLV(t.tlv)).map(e=>this.cryptoService.hash(e,p.HashAlgo.SHA256)).map(e=>this.keypair.sign(e,h.SigFormat.DER)).map(e=>(0,o.bufferToHexaString)(e,!1)).map(e=>({challenge:t.json,signature:{attestation:n,credential:i,signature:e}})).mapLeft(e=>e instanceof l.LKRPMissingDataError?e:new l.LKRPUnknownError(String(e)))}getAttestation(){const t=new TextEncoder().encode(this.trustchainId),n=Uint8Array.from([2,t.length,...t]);return(0,o.bufferToHexaString)(n,!1)}getCredential(t){return{version:0,curveId:33,signAlgorithm:1,publicKey:t}}getUnsignedChallengeTLV(t){const n=new o.ByteArrayParser((0,o.hexaStringToBuffer)(t)??new Uint8Array),i=new Map(function*(){for(;;){const r=n.extractFieldTLVEncoded();if(!r)break;yield[r.tag,r.value]}}());if(i.size>10)return(0,s.Left)(new l.LKRPMissingDataError("Challenge TLV contains unexpected data"));const e=(r,y)=>s.Maybe.fromNullable(i.get(r)).toEither(new l.LKRPMissingDataError(`Missing ${y} field`));return(0,c.eitherSeqRecord)({payloadType:()=>e(1,"Payload type"),version:()=>e(2,"Version"),challengeExpiry:()=>e(22,"Challenge expiry"),host:()=>e(32,"Host"),protocolVersion:()=>e(96,"Protocol version"),curveId:()=>e(50,"Curve ID"),publicKey:()=>e(51,"Public key"),challengeData:()=>e(18,"Challenge data"),signAlgorithm:()=>e(20,"Sign algorithm"),rpSignatureField:()=>e(21,"RP signature field")}).map(r=>Uint8Array.from([[1,r.payloadType.length,...r.payloadType],[2,r.version.length,...r.version],[18,r.challengeData.length,...r.challengeData],[22,r.challengeExpiry.length,...r.challengeExpiry],[32,r.host.length,...r.host],[96,r.protocolVersion.length,...r.protocolVersion]].flat()))}}0&&(module.exports={SignChallengeWithKeypairTask});
+"use strict";var p=Object.defineProperty;var m=Object.getOwnPropertyDescriptor;var x=Object.getOwnPropertyNames;var u=Object.prototype.hasOwnProperty;var d=(a,t)=>{for(var n in t)p(a,n,{get:t[n],enumerable:!0})},E=(a,t,n,i)=>{if(t&&typeof t=="object"||typeof t=="function")for(let e of x(t))!u.call(a,e)&&e!==n&&p(a,e,{get:()=>t[e],enumerable:!(i=m(t,e))||i.enumerable});return a};var v=a=>E(p({},"__esModule",{value:!0}),a);var C={};d(C,{SignChallengeWithKeypairTask:()=>A});module.exports=v(C);var g=require("@ledgerhq/device-management-kit"),o=require("purify-ts"),s=require("../../../api/app-binder/Errors"),h=require("../../utils/crypto"),y=require("../../utils/eitherSeqRecord"),l=require("../../utils/hex");class A{constructor(t,n){this.keypair=t;this.trustchainId=n}run(t){const n=this.getAttestation(),i=this.getCredential(this.keypair.pubKeyToHex());return o.EitherAsync.liftEither(this.getUnsignedChallengeTLV(t.tlv)).map(h.CryptoUtils.hash).map(e=>this.keypair.sign(e)).map(l.bytesToHex).map(e=>({challenge:t.json,signature:{attestation:n,credential:i,signature:e}})).mapLeft(e=>e instanceof s.LKRPMissingDataError?e:new g.UnknownDAError(String(e)))}getAttestation(){const t=new TextEncoder().encode(this.trustchainId),n=Uint8Array.from([2,t.length,...t]);return(0,l.bytesToHex)(n)}getCredential(t){return{version:0,curveId:33,signAlgorithm:1,publicKey:t}}getUnsignedChallengeTLV(t){const n=new g.ByteArrayParser((0,l.hexToBytes)(t)),i=new Map(function*(){for(;;){const r=n.extractFieldTLVEncoded();if(!r)break;yield[r.tag,r.value]}}());if(i.size>10)return(0,o.Left)(new s.LKRPMissingDataError("Challenge TLV contains unexpected data"));const e=(r,c)=>o.Maybe.fromNullable(i.get(r)).toEither(new s.LKRPMissingDataError(`Missing ${c} field`));return(0,y.eitherSeqRecord)({payloadType:()=>e(1,"Payload type"),version:()=>e(2,"Version"),challengeExpiry:()=>e(22,"Challenge expiry"),host:()=>e(32,"Host"),protocolVersion:()=>e(96,"Protocol version"),curveId:()=>e(50,"Curve ID"),publicKey:()=>e(51,"Public key"),challengeData:()=>e(18,"Challenge data"),signAlgorithm:()=>e(20,"Sign algorithm"),rpSignatureField:()=>e(21,"RP signature field")}).map(r=>Uint8Array.from([[1,r.payloadType.length,...r.payloadType],[2,r.version.length,...r.version],[18,r.challengeData.length,...r.challengeData],[22,r.challengeExpiry.length,...r.challengeExpiry],[32,r.host.length,...r.host],[96,r.protocolVersion.length,...r.protocolVersion]].flat()))}}0&&(module.exports={SignChallengeWithKeypairTask});
 //# sourceMappingURL=SignChallengeWithKeypairTask.js.map

package/lib/cjs/internal/app-binder/task/SignChallengeWithKeypairTask.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../../src/internal/app-binder/task/SignChallengeWithKeypairTask.ts"],
-  "sourcesContent": ["import {\n  bufferToHexaString,\n  ByteArrayParser,\n  hexaStringToBuffer,\n} from \"@ledgerhq/device-management-kit\";\nimport { type Either, EitherAsync, Left, Maybe } from \"purify-ts\";\n\nimport { type CryptoService, HashAlgo } from \"@api/crypto/CryptoService\";\nimport { type KeyPair, SigFormat } from \"@api/crypto/KeyPair\";\nimport { LKRPMissingDataError, LKRPUnknownError } from \"@api/model/Errors\";\nimport {\n  type AuthenticationPayload,\n  type Challenge,\n} from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport { eitherSeqRecord } from \"@internal/utils/eitherSeqRecord\";\n\nexport class SignChallengeWithKeypairTask {\n  constructor(\n    private readonly cryptoService: CryptoService,\n    private readonly keypair: KeyPair,\n    private readonly trustchainId: string,\n  ) {}\n\n  run(\n    challenge: Challenge,\n  ): EitherAsync<\n    LKRPMissingDataError | LKRPUnknownError,\n    AuthenticationPayload\n  > {\n    const attestation = this.getAttestation();\n    const credential = this.getCredential(this.keypair.getPublicKeyToHex());\n\n    return EitherAsync.liftEither(this.getUnsignedChallengeTLV(challenge.tlv))\n      .map((buf) => this.cryptoService.hash(buf, HashAlgo.SHA256))\n      .map((hash) => this.keypair.sign(hash, SigFormat.DER))\n      .map((str) => bufferToHexaString(str, false))\n      .map((signature) => ({\n        challenge: challenge.json,\n        signature: { attestation, credential, signature },\n      }))\n      .mapLeft((error) =>\n        error instanceof LKRPMissingDataError\n          ? error\n          : new LKRPUnknownError(String(error)),\n      );\n  }\n\n  // Spec https://ledgerhq.atlassian.net/wiki/spaces/TA/pages/4335960138/ARCH+LedgerLive+Auth+specifications\n  private getAttestation() {\n    const bytes = new TextEncoder().encode(this.trustchainId);\n    const attestation = Uint8Array.from([0x02, bytes.length, ...bytes]);\n    return bufferToHexaString(attestation, false);\n  }\n\n  private getCredential(publicKey: string) {\n    return { version: 0, curveId: 33, signAlgorithm: 1, publicKey };\n  }\n\n  private getUnsignedChallengeTLV(\n    tlv: string,\n  ): Either<LKRPMissingDataError, Uint8Array> {\n    const parser = new ByteArrayParser(\n      hexaStringToBuffer(tlv) ?? new Uint8Array(),\n    );\n    const parsed = new Map(\n      (function* () {\n        while (true) {\n          const field = parser.extractFieldTLVEncoded();\n          if (!field) break; // No more fields to extract\n          yield [field.tag, field.value];\n        }\n      })(),\n    );\n\n    // We expect 10 fields in the TLV\n    if (parsed.size > 10) {\n      return Left(\n        new LKRPMissingDataError(\"Challenge TLV contains unexpected data\"),\n      );\n    }\n\n    const getField = (tag: number, fieldName: string) =>\n      Maybe.fromNullable(parsed.get(tag)).toEither(\n        new LKRPMissingDataError(`Missing ${fieldName} field`),\n      );\n\n    return eitherSeqRecord({\n      // Unsigned fields\n      payloadType: () => getField(0x01, \"Payload type\"),\n      version: () => getField(0x02, \"Version\"),\n      challengeExpiry: () => getField(0x16, \"Challenge expiry\"),\n      host: () => getField(0x20, \"Host\"),\n      protocolVersion: () => getField(0x60, \"Protocol version\"),\n\n      // Signed fields\n      curveId: () => getField(0x32, \"Curve ID\"),\n      publicKey: () => getField(0x33, \"Public key\"),\n      challengeData: () => getField(0x12, \"Challenge data\"),\n      signAlgorithm: () => getField(0x14, \"Sign algorithm\"),\n      rpSignatureField: () => getField(0x15, \"RP signature field\"),\n    }).map((fields) =>\n      Uint8Array.from(\n        [\n          [0x01, fields.payloadType.length, ...fields.payloadType],\n          [0x02, fields.version.length, ...fields.version],\n          [0x12, fields.challengeData.length, ...fields.challengeData],\n          [0x16, fields.challengeExpiry.length, ...fields.challengeExpiry],\n          [0x20, fields.host.length, ...fields.host],\n          [0x60, fields.protocolVersion.length, ...fields.protocolVersion],\n        ].flat(),\n      ),\n    );\n  }\n}\n"],
-  "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,kCAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAIO,2CACPC,EAAsD,qBAEtDC,EAA6C,qCAC7CC,EAAwC,+BACxCC,EAAuD,6BAKvDC,EAAgC,2CAEzB,MAAMP,CAA6B,CACxC,YACmBQ,EACAC,EACAC,EACjB,CAHiB,mBAAAF,EACA,aAAAC,EACA,kBAAAC,CAChB,CAEH,IACEC,EAIA,CACA,MAAMC,EAAc,KAAK,eAAe,EAClCC,EAAa,KAAK,cAAc,KAAK,QAAQ,kBAAkB,CAAC,EAEtE,OAAO,cAAY,WAAW,KAAK,wBAAwBF,EAAU,GAAG,CAAC,EACtE,IAAKG,GAAQ,KAAK,cAAc,KAAKA,EAAK,WAAS,MAAM,CAAC,EAC1D,IAAKC,GAAS,KAAK,QAAQ,KAAKA,EAAM,YAAU,GAAG,CAAC,EACpD,IAAKC,MAAQ,sBAAmBA,EAAK,EAAK,CAAC,EAC3C,IAAKC,IAAe,CACnB,UAAWN,EAAU,KACrB,UAAW,CAAE,YAAAC,EAAa,WAAAC,EAAY,UAAAI,CAAU,CAClD,EAAE,EACD,QAASC,GACRA,aAAiB,uBACbA,EACA,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CACxC,CACJ,CAGQ,gBAAiB,CACvB,MAAMC,EAAQ,IAAI,YAAY,EAAE,OAAO,KAAK,YAAY,EAClDP,EAAc,WAAW,KAAK,CAAC,EAAMO,EAAM,OAAQ,GAAGA,CAAK,CAAC,EAClE,SAAO,sBAAmBP,EAAa,EAAK,CAC9C,CAEQ,cAAcQ,EAAmB,CACvC,MAAO,CAAE,QAAS,EAAG,QAAS,GAAI,cAAe,EAAG,UAAAA,CAAU,CAChE,CAEQ,wBACNC,EAC0C,CAC1C,MAAMC,EAAS,IAAI,qBACjB,sBAAmBD,CAAG,GAAK,IAAI,UACjC,EACME,EAAS,IAAI,IAChB,WAAa,CACZ,OAAa,CACX,MAAMC,EAAQF,EAAO,uBAAuB,EAC5C,GAAI,CAACE,EAAO,MACZ,KAAM,CAACA,EAAM,IAAKA,EAAM,KAAK,CAC/B,CACF,EAAG,CACL,EAGA,GAAID,EAAO,KAAO,GAChB,SAAO,QACL,IAAI,uBAAqB,wCAAwC,CACnE,EAGF,MAAME,EAAW,CAACC,EAAaC,IAC7B,QAAM,aAAaJ,EAAO,IAAIG,CAAG,CAAC,EAAE,SAClC,IAAI,uBAAqB,WAAWC,CAAS,QAAQ,CACvD,EAEF,SAAO,mBAAgB,CAErB,YAAa,IAAMF,EAAS,EAAM,cAAc,EAChD,QAAS,IAAMA,EAAS,EAAM,SAAS,EACvC,gBAAiB,IAAMA,EAAS,GAAM,kBAAkB,EACxD,KAAM,IAAMA,EAAS,GAAM,MAAM,EACjC,gBAAiB,IAAMA,EAAS,GAAM,kBAAkB,EAGxD,QAAS,IAAMA,EAAS,GAAM,UAAU,EACxC,UAAW,IAAMA,EAAS,GAAM,YAAY,EAC5C,cAAe,IAAMA,EAAS,GAAM,gBAAgB,EACpD,cAAe,IAAMA,EAAS,GAAM,gBAAgB,EACpD,iBAAkB,IAAMA,EAAS,GAAM,oBAAoB,CAC7D,CAAC,EAAE,IAAKG,GACN,WAAW,KACT,CACE,CAAC,EAAMA,EAAO,YAAY,OAAQ,GAAGA,EAAO,WAAW,EACvD,CAAC,EAAMA,EAAO,QAAQ,OAAQ,GAAGA,EAAO,OAAO,EAC/C,CAAC,GAAMA,EAAO,cAAc,OAAQ,GAAGA,EAAO,aAAa,EAC3D,CAAC,GAAMA,EAAO,gBAAgB,OAAQ,GAAGA,EAAO,eAAe,EAC/D,CAAC,GAAMA,EAAO,KAAK,OAAQ,GAAGA,EAAO,IAAI,EACzC,CAAC,GAAMA,EAAO,gBAAgB,OAAQ,GAAGA,EAAO,eAAe,CACjE,EAAE,KAAK,CACT,CACF,CACF,CACF",
-  "names": ["SignChallengeWithKeypairTask_exports", "__export", "SignChallengeWithKeypairTask", "__toCommonJS", "import_device_management_kit", "import_purify_ts", "import_CryptoService", "import_KeyPair", "import_Errors", "import_eitherSeqRecord", "cryptoService", "keypair", "trustchainId", "challenge", "attestation", "credential", "buf", "hash", "str", "signature", "error", "bytes", "publicKey", "tlv", "parser", "parsed", "field", "getField", "tag", "fieldName", "fields"]
+  "sourcesContent": ["import {\n  ByteArrayParser,\n  UnknownDAError,\n} from \"@ledgerhq/device-management-kit\";\nimport { type Either, EitherAsync, Left, Maybe } from \"purify-ts\";\n\nimport { LKRPMissingDataError } from \"@api/app-binder/Errors\";\nimport { type Keypair } from \"@api/app-binder/LKRPTypes\";\nimport {\n  type AuthenticationPayload,\n  type Challenge,\n} from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport { CryptoUtils } from \"@internal/utils/crypto\";\nimport { eitherSeqRecord } from \"@internal/utils/eitherSeqRecord\";\nimport { bytesToHex, hexToBytes } from \"@internal/utils/hex\";\n\nexport class SignChallengeWithKeypairTask {\n  constructor(\n    private readonly keypair: Keypair,\n    private readonly trustchainId: string,\n  ) {}\n\n  run(\n    challenge: Challenge,\n  ): EitherAsync<LKRPMissingDataError | UnknownDAError, AuthenticationPayload> {\n    const attestation = this.getAttestation();\n    const credential = this.getCredential(this.keypair.pubKeyToHex());\n\n    return EitherAsync.liftEither(this.getUnsignedChallengeTLV(challenge.tlv))\n      .map(CryptoUtils.hash)\n      .map((hash) => this.keypair.sign(hash))\n      .map(bytesToHex)\n      .map((signature) => ({\n        challenge: challenge.json,\n        signature: { attestation, credential, signature },\n      }))\n      .mapLeft((error) =>\n        error instanceof LKRPMissingDataError\n          ? error\n          : new UnknownDAError(String(error)),\n      );\n  }\n\n  // Spec https://ledgerhq.atlassian.net/wiki/spaces/TA/pages/4335960138/ARCH+LedgerLive+Auth+specifications\n  private getAttestation() {\n    const bytes = new TextEncoder().encode(this.trustchainId);\n    const attestation = Uint8Array.from([0x02, bytes.length, ...bytes]);\n    return bytesToHex(attestation);\n  }\n\n  private getCredential(publicKey: string) {\n    return { version: 0, curveId: 33, signAlgorithm: 1, publicKey };\n  }\n\n  private getUnsignedChallengeTLV(\n    tlv: string,\n  ): Either<LKRPMissingDataError, Uint8Array> {\n    const parser = new ByteArrayParser(hexToBytes(tlv));\n    const parsed = new Map(\n      (function* () {\n        while (true) {\n          const field = parser.extractFieldTLVEncoded();\n          if (!field) break; // No more fields to extract\n          yield [field.tag, field.value];\n        }\n      })(),\n    );\n\n    // We expect 10 fields in the TLV\n    if (parsed.size > 10) {\n      return Left(\n        new LKRPMissingDataError(\"Challenge TLV contains unexpected data\"),\n      );\n    }\n\n    const getField = (tag: number, fieldName: string) =>\n      Maybe.fromNullable(parsed.get(tag)).toEither(\n        new LKRPMissingDataError(`Missing ${fieldName} field`),\n      );\n\n    return eitherSeqRecord({\n      // Unsigned fields\n      payloadType: () => getField(0x01, \"Payload type\"),\n      version: () => getField(0x02, \"Version\"),\n      challengeExpiry: () => getField(0x16, \"Challenge expiry\"),\n      host: () => getField(0x20, \"Host\"),\n      protocolVersion: () => getField(0x60, \"Protocol version\"),\n\n      // Signed fields\n      curveId: () => getField(0x32, \"Curve ID\"),\n      publicKey: () => getField(0x33, \"Public key\"),\n      challengeData: () => getField(0x12, \"Challenge data\"),\n      signAlgorithm: () => getField(0x14, \"Sign algorithm\"),\n      rpSignatureField: () => getField(0x15, \"RP signature field\"),\n    }).map((fields) =>\n      Uint8Array.from(\n        [\n          [0x01, fields.payloadType.length, ...fields.payloadType],\n          [0x02, fields.version.length, ...fields.version],\n          [0x12, fields.challengeData.length, ...fields.challengeData],\n          [0x16, fields.challengeExpiry.length, ...fields.challengeExpiry],\n          [0x20, fields.host.length, ...fields.host],\n          [0x60, fields.protocolVersion.length, ...fields.protocolVersion],\n        ].flat(),\n      ),\n    );\n  }\n}\n"],
+  "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,kCAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAGO,2CACPC,EAAsD,qBAEtDC,EAAqC,kCAMrCC,EAA4B,kCAC5BC,EAAgC,2CAChCC,EAAuC,+BAEhC,MAAMP,CAA6B,CACxC,YACmBQ,EACAC,EACjB,CAFiB,aAAAD,EACA,kBAAAC,CAChB,CAEH,IACEC,EAC2E,CAC3E,MAAMC,EAAc,KAAK,eAAe,EAClCC,EAAa,KAAK,cAAc,KAAK,QAAQ,YAAY,CAAC,EAEhE,OAAO,cAAY,WAAW,KAAK,wBAAwBF,EAAU,GAAG,CAAC,EACtE,IAAI,cAAY,IAAI,EACpB,IAAKG,GAAS,KAAK,QAAQ,KAAKA,CAAI,CAAC,EACrC,IAAI,YAAU,EACd,IAAKC,IAAe,CACnB,UAAWJ,EAAU,KACrB,UAAW,CAAE,YAAAC,EAAa,WAAAC,EAAY,UAAAE,CAAU,CAClD,EAAE,EACD,QAASC,GACRA,aAAiB,uBACbA,EACA,IAAI,iBAAe,OAAOA,CAAK,CAAC,CACtC,CACJ,CAGQ,gBAAiB,CACvB,MAAMC,EAAQ,IAAI,YAAY,EAAE,OAAO,KAAK,YAAY,EAClDL,EAAc,WAAW,KAAK,CAAC,EAAMK,EAAM,OAAQ,GAAGA,CAAK,CAAC,EAClE,SAAO,cAAWL,CAAW,CAC/B,CAEQ,cAAcM,EAAmB,CACvC,MAAO,CAAE,QAAS,EAAG,QAAS,GAAI,cAAe,EAAG,UAAAA,CAAU,CAChE,CAEQ,wBACNC,EAC0C,CAC1C,MAAMC,EAAS,IAAI,qBAAgB,cAAWD,CAAG,CAAC,EAC5CE,EAAS,IAAI,IAChB,WAAa,CACZ,OAAa,CACX,MAAMC,EAAQF,EAAO,uBAAuB,EAC5C,GAAI,CAACE,EAAO,MACZ,KAAM,CAACA,EAAM,IAAKA,EAAM,KAAK,CAC/B,CACF,EAAG,CACL,EAGA,GAAID,EAAO,KAAO,GAChB,SAAO,QACL,IAAI,uBAAqB,wCAAwC,CACnE,EAGF,MAAME,EAAW,CAACC,EAAaC,IAC7B,QAAM,aAAaJ,EAAO,IAAIG,CAAG,CAAC,EAAE,SAClC,IAAI,uBAAqB,WAAWC,CAAS,QAAQ,CACvD,EAEF,SAAO,mBAAgB,CAErB,YAAa,IAAMF,EAAS,EAAM,cAAc,EAChD,QAAS,IAAMA,EAAS,EAAM,SAAS,EACvC,gBAAiB,IAAMA,EAAS,GAAM,kBAAkB,EACxD,KAAM,IAAMA,EAAS,GAAM,MAAM,EACjC,gBAAiB,IAAMA,EAAS,GAAM,kBAAkB,EAGxD,QAAS,IAAMA,EAAS,GAAM,UAAU,EACxC,UAAW,IAAMA,EAAS,GAAM,YAAY,EAC5C,cAAe,IAAMA,EAAS,GAAM,gBAAgB,EACpD,cAAe,IAAMA,EAAS,GAAM,gBAAgB,EACpD,iBAAkB,IAAMA,EAAS,GAAM,oBAAoB,CAC7D,CAAC,EAAE,IAAKG,GACN,WAAW,KACT,CACE,CAAC,EAAMA,EAAO,YAAY,OAAQ,GAAGA,EAAO,WAAW,EACvD,CAAC,EAAMA,EAAO,QAAQ,OAAQ,GAAGA,EAAO,OAAO,EAC/C,CAAC,GAAMA,EAAO,cAAc,OAAQ,GAAGA,EAAO,aAAa,EAC3D,CAAC,GAAMA,EAAO,gBAAgB,OAAQ,GAAGA,EAAO,eAAe,EAC/D,CAAC,GAAMA,EAAO,KAAK,OAAQ,GAAGA,EAAO,IAAI,EACzC,CAAC,GAAMA,EAAO,gBAAgB,OAAQ,GAAGA,EAAO,eAAe,CACjE,EAAE,KAAK,CACT,CACF,CACF,CACF",
+  "names": ["SignChallengeWithKeypairTask_exports", "__export", "SignChallengeWithKeypairTask", "__toCommonJS", "import_device_management_kit", "import_purify_ts", "import_Errors", "import_crypto", "import_eitherSeqRecord", "import_hex", "keypair", "trustchainId", "challenge", "attestation", "credential", "hash", "signature", "error", "bytes", "publicKey", "tlv", "parser", "parsed", "field", "getField", "tag", "fieldName", "fields"]
 }

package/lib/cjs/internal/app-binder/task/SignChallengeWithKeypairTask.test.js CHANGED Viewed

@@ -1,2 +1,2 @@
-"use strict";var s=require("@ledgerhq/device-management-kit"),f=require("../../../api/crypto/CryptoService"),o=require("../../../api/crypto/noble/NobleCryptoService"),b=require("../../../api/model/Errors"),r=require("./SignChallengeWithKeypairTask");const n=new o.NobleCryptoService;describe("SignChallengeWithKeypairTask",()=>{it("should sign a challenge with a keypair",async()=>{const{challenge:e,keypair:a,trustchainId:c}=d(),i=await new r.SignChallengeWithKeypairTask(n,a,c).run(e).run();expect(i.isRight()).toBe(!0),i.ifRight(t=>{expect(t.challenge).toBe(e.json),expect(t.signature.credential).toEqual({version:0,curveId:33,signAlgorithm:1,publicKey:a.getPublicKeyToHex()}),expect(t.signature.attestation).toBe("0242303062373538386231393136633036373635343632656266343530363734346665323565643164623831393635326532646562613732313338393738396364633337"),expect(t.signature.signature).toBe("3045022100e9fead4e341f4e145f8888d7897184ff585e23c832a4c7acd15b5a2e53c58d2902204c58596d039960ab9b56ba4f9d27dbc5e647dbe779089e5e7e608501c5270049")})}),it("should handle invalid challenge",async()=>{const{challenge:e,keypair:a,trustchainId:c}=d({tlv:"invalid-tlv"});(await new r.SignChallengeWithKeypairTask(n,a,c).run(e).run()).ifLeft(t=>expect(t).toBeInstanceOf(b.LKRPMissingDataError))})});function d({privateKey:e="b21ef366414b1aaba29b9576b7c1a661d663cfd8b4f998257dddbf7dc60d315d",trustchainId:a="00b7588b1916c06765462ebf4506744fe25ed1db819652e2deba721389789cdc37",tlv:c="0101070201001210bb1ea0c98526e1ea2deb7c7537f2989514010115473045022038632e8fa245483f0ecdbaa4ca0d455a03e7510da269d2089fed0d5cfa69d3d6022100c2f938d60bf1c34e96a2d332822a86059d90ec26ea222189cd9731834a5c151216046878ab74202b7472757374636861696e2d6261636b656e642e6170692e6177732e7374672e6c64672d746563682e636f6d320121332103cb7628e7248ddf9c07da54b979f16bf081fb3d173aac0992ad2a44ef6a388ae2600401000000"}={}){return{challenge:{tlv:c,json:{}},keypair:n.importKeyPair((0,s.hexaStringToBuffer)(e),f.Curve.K256),trustchainId:a}}
+"use strict";var r=require("../../../api/app-binder/Errors"),s=require("../../../api/app-binder/KeypairFromBytes"),f=require("../../utils/hex"),d=require("./SignChallengeWithKeypairTask");describe("SignChallengeWithKeypairTask",()=>{it("should sign a challenge with a keypair",async()=>{const{challenge:e,keypair:a,trustchainId:c}=i(),n=await new d.SignChallengeWithKeypairTask(a,c).run(e).run();expect(n.isRight()).toBe(!0),n.ifRight(t=>{expect(t.challenge).toBe(e.json),expect(t.signature.credential).toEqual({version:0,curveId:33,signAlgorithm:1,publicKey:a.pubKeyToHex()}),expect(t.signature.attestation).toBe("0242303062373538386231393136633036373635343632656266343530363734346665323565643164623831393635326532646562613732313338393738396364633337"),expect(t.signature.signature).toBe("3045022100e9fead4e341f4e145f8888d7897184ff585e23c832a4c7acd15b5a2e53c58d2902204c58596d039960ab9b56ba4f9d27dbc5e647dbe779089e5e7e608501c5270049")})}),it("should handle invalid challenge",async()=>{const{challenge:e,keypair:a,trustchainId:c}=i({tlv:"invalid-tlv"});(await new d.SignChallengeWithKeypairTask(a,c).run(e).run()).ifLeft(t=>expect(t).toBeInstanceOf(r.LKRPMissingDataError))})});function i({privateKey:e="b21ef366414b1aaba29b9576b7c1a661d663cfd8b4f998257dddbf7dc60d315d",trustchainId:a="00b7588b1916c06765462ebf4506744fe25ed1db819652e2deba721389789cdc37",tlv:c="0101070201001210bb1ea0c98526e1ea2deb7c7537f2989514010115473045022038632e8fa245483f0ecdbaa4ca0d455a03e7510da269d2089fed0d5cfa69d3d6022100c2f938d60bf1c34e96a2d332822a86059d90ec26ea222189cd9731834a5c151216046878ab74202b7472757374636861696e2d6261636b656e642e6170692e6177732e7374672e6c64672d746563682e636f6d320121332103cb7628e7248ddf9c07da54b979f16bf081fb3d173aac0992ad2a44ef6a388ae2600401000000"}={}){return{challenge:{tlv:c,json:{}},keypair:new s.KeypairFromBytes((0,f.hexToBytes)(e)),trustchainId:a}}
 //# sourceMappingURL=SignChallengeWithKeypairTask.test.js.map

package/lib/cjs/internal/app-binder/task/SignChallengeWithKeypairTask.test.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../../src/internal/app-binder/task/SignChallengeWithKeypairTask.test.ts"],
-  "sourcesContent": ["import { hexaStringToBuffer } from \"@ledgerhq/device-management-kit\";\n\nimport { Curve } from \"@api/crypto/CryptoService\";\nimport { NobleCryptoService } from \"@api/crypto/noble/NobleCryptoService\";\nimport { LKRPMissingDataError } from \"@api/model/Errors\";\nimport { type Challenge } from \"@internal/lkrp-datasource/data/LKRPDataSource\";\n\nimport { SignChallengeWithKeypairTask } from \"./SignChallengeWithKeypairTask\";\n\nconst cryptoService = new NobleCryptoService();\n\ndescribe(\"SignChallengeWithKeypairTask\", () => {\n  it(\"should sign a challenge with a keypair\", async () => {\n    // GIVEN\n    const { challenge, keypair, trustchainId } = getParameters();\n\n    // WHEN\n    const task = new SignChallengeWithKeypairTask(\n      cryptoService,\n      keypair,\n      trustchainId,\n    );\n    const result = await task.run(challenge).run();\n\n    // THEN\n    expect(result.isRight()).toBe(true);\n    result.ifRight((payload) => {\n      expect(payload.challenge).toBe(challenge.json);\n      expect(payload.signature.credential).toEqual({\n        version: 0,\n        curveId: 33,\n        signAlgorithm: 1,\n        publicKey: keypair.getPublicKeyToHex(),\n      });\n      expect(payload.signature.attestation).toBe(\n        \"0242303062373538386231393136633036373635343632656266343530363734346665323565643164623831393635326532646562613732313338393738396364633337\",\n      );\n      expect(payload.signature.signature).toBe(\n        \"3045022100e9fead4e341f4e145f8888d7897184ff585e23c832a4c7acd15b5a2e53c58d2902204c58596d039960ab9b56ba4f9d27dbc5e647dbe779089e5e7e608501c5270049\",\n      );\n    });\n  });\n\n  it(\"should handle invalid challenge\", async () => {\n    // GIVEN\n    const { challenge, keypair, trustchainId } = getParameters({\n      tlv: \"invalid-tlv\", // Invalid TLV\n    });\n\n    // WHEN\n    const task = new SignChallengeWithKeypairTask(\n      cryptoService,\n      keypair,\n      trustchainId,\n    );\n    const result = await task.run(challenge).run();\n\n    // THEN\n    result.ifLeft((error) =>\n      expect(error).toBeInstanceOf(LKRPMissingDataError),\n    );\n  });\n});\n\nfunction getParameters({\n  privateKey = \"b21ef366414b1aaba29b9576b7c1a661d663cfd8b4f998257dddbf7dc60d315d\",\n  trustchainId = \"00b7588b1916c06765462ebf4506744fe25ed1db819652e2deba721389789cdc37\",\n  tlv = \"0101070201001210bb1ea0c98526e1ea2deb7c7537f2989514010115473045022038632e8fa245483f0ecdbaa4ca0d455a03e7510da269d2089fed0d5cfa69d3d6022100c2f938d60bf1c34e96a2d332822a86059d90ec26ea222189cd9731834a5c151216046878ab74202b7472757374636861696e2d6261636b656e642e6170692e6177732e7374672e6c64672d746563682e636f6d320121332103cb7628e7248ddf9c07da54b979f16bf081fb3d173aac0992ad2a44ef6a388ae2600401000000\",\n} = {}) {\n  return {\n    challenge: { tlv, json: {} as Challenge[\"json\"] },\n    keypair: cryptoService.importKeyPair(\n      hexaStringToBuffer(privateKey)!,\n      Curve.K256,\n    ),\n    trustchainId,\n  };\n}\n"],
-  "mappings": "aAAA,IAAAA,EAAmC,2CAEnCC,EAAsB,qCACtBC,EAAmC,gDACnCC,EAAqC,6BAGrCC,EAA6C,0CAE7C,MAAMC,EAAgB,IAAI,qBAE1B,SAAS,+BAAgC,IAAM,CAC7C,GAAG,yCAA0C,SAAY,CAEvD,KAAM,CAAE,UAAAC,EAAW,QAAAC,EAAS,aAAAC,CAAa,EAAIC,EAAc,EAQrDC,EAAS,MALF,IAAI,+BACfL,EACAE,EACAC,CACF,EAC0B,IAAIF,CAAS,EAAE,IAAI,EAG7C,OAAOI,EAAO,QAAQ,CAAC,EAAE,KAAK,EAAI,EAClCA,EAAO,QAASC,GAAY,CAC1B,OAAOA,EAAQ,SAAS,EAAE,KAAKL,EAAU,IAAI,EAC7C,OAAOK,EAAQ,UAAU,UAAU,EAAE,QAAQ,CAC3C,QAAS,EACT,QAAS,GACT,cAAe,EACf,UAAWJ,EAAQ,kBAAkB,CACvC,CAAC,EACD,OAAOI,EAAQ,UAAU,WAAW,EAAE,KACpC,0IACF,EACA,OAAOA,EAAQ,UAAU,SAAS,EAAE,KAClC,gJACF,CACF,CAAC,CACH,CAAC,EAED,GAAG,kCAAmC,SAAY,CAEhD,KAAM,CAAE,UAAAL,EAAW,QAAAC,EAAS,aAAAC,CAAa,EAAIC,EAAc,CACzD,IAAK,aACP,CAAC,GAQc,MALF,IAAI,+BACfJ,EACAE,EACAC,CACF,EAC0B,IAAIF,CAAS,EAAE,IAAI,GAGtC,OAAQM,GACb,OAAOA,CAAK,EAAE,eAAe,sBAAoB,CACnD,CACF,CAAC,CACH,CAAC,EAED,SAASH,EAAc,CACrB,WAAAI,EAAa,mEACb,aAAAL,EAAe,qEACf,IAAAM,EAAM,wYACR,EAAI,CAAC,EAAG,CACN,MAAO,CACL,UAAW,CAAE,IAAAA,EAAK,KAAM,CAAC,CAAuB,EAChD,QAAST,EAAc,iBACrB,sBAAmBQ,CAAU,EAC7B,QAAM,IACR,EACA,aAAAL,CACF,CACF",
-  "names": ["import_device_management_kit", "import_CryptoService", "import_NobleCryptoService", "import_Errors", "import_SignChallengeWithKeypairTask", "cryptoService", "challenge", "keypair", "trustchainId", "getParameters", "result", "payload", "error", "privateKey", "tlv"]
+  "sourcesContent": ["import { LKRPMissingDataError } from \"@api/app-binder/Errors\";\nimport { KeypairFromBytes } from \"@api/app-binder/KeypairFromBytes\";\nimport { type Challenge } from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport { hexToBytes } from \"@internal/utils/hex\";\n\nimport { SignChallengeWithKeypairTask } from \"./SignChallengeWithKeypairTask\";\n\ndescribe(\"SignChallengeWithKeypairTask\", () => {\n  it(\"should sign a challenge with a keypair\", async () => {\n    // GIVEN\n    const { challenge, keypair, trustchainId } = getParameters();\n\n    // WHEN\n    const task = new SignChallengeWithKeypairTask(keypair, trustchainId);\n    const result = await task.run(challenge).run();\n\n    // THEN\n    expect(result.isRight()).toBe(true);\n    result.ifRight((payload) => {\n      expect(payload.challenge).toBe(challenge.json);\n      expect(payload.signature.credential).toEqual({\n        version: 0,\n        curveId: 33,\n        signAlgorithm: 1,\n        publicKey: keypair.pubKeyToHex(),\n      });\n      expect(payload.signature.attestation).toBe(\n        \"0242303062373538386231393136633036373635343632656266343530363734346665323565643164623831393635326532646562613732313338393738396364633337\",\n      );\n      expect(payload.signature.signature).toBe(\n        \"3045022100e9fead4e341f4e145f8888d7897184ff585e23c832a4c7acd15b5a2e53c58d2902204c58596d039960ab9b56ba4f9d27dbc5e647dbe779089e5e7e608501c5270049\",\n      );\n    });\n  });\n\n  it(\"should handle invalid challenge\", async () => {\n    // GIVEN\n    const { challenge, keypair, trustchainId } = getParameters({\n      tlv: \"invalid-tlv\", // Invalid TLV\n    });\n\n    // WHEN\n    const task = new SignChallengeWithKeypairTask(keypair, trustchainId);\n    const result = await task.run(challenge).run();\n\n    // THEN\n    result.ifLeft((error) =>\n      expect(error).toBeInstanceOf(LKRPMissingDataError),\n    );\n  });\n});\n\nfunction getParameters({\n  privateKey = \"b21ef366414b1aaba29b9576b7c1a661d663cfd8b4f998257dddbf7dc60d315d\",\n  trustchainId = \"00b7588b1916c06765462ebf4506744fe25ed1db819652e2deba721389789cdc37\",\n  tlv = \"0101070201001210bb1ea0c98526e1ea2deb7c7537f2989514010115473045022038632e8fa245483f0ecdbaa4ca0d455a03e7510da269d2089fed0d5cfa69d3d6022100c2f938d60bf1c34e96a2d332822a86059d90ec26ea222189cd9731834a5c151216046878ab74202b7472757374636861696e2d6261636b656e642e6170692e6177732e7374672e6c64672d746563682e636f6d320121332103cb7628e7248ddf9c07da54b979f16bf081fb3d173aac0992ad2a44ef6a388ae2600401000000\",\n} = {}) {\n  return {\n    challenge: { tlv, json: {} as Challenge[\"json\"] },\n    keypair: new KeypairFromBytes(hexToBytes(privateKey)),\n    trustchainId,\n  };\n}\n"],
+  "mappings": "aAAA,IAAAA,EAAqC,kCACrCC,EAAiC,4CAEjCC,EAA2B,+BAE3BC,EAA6C,0CAE7C,SAAS,+BAAgC,IAAM,CAC7C,GAAG,yCAA0C,SAAY,CAEvD,KAAM,CAAE,UAAAC,EAAW,QAAAC,EAAS,aAAAC,CAAa,EAAIC,EAAc,EAIrDC,EAAS,MADF,IAAI,+BAA6BH,EAASC,CAAY,EACzC,IAAIF,CAAS,EAAE,IAAI,EAG7C,OAAOI,EAAO,QAAQ,CAAC,EAAE,KAAK,EAAI,EAClCA,EAAO,QAASC,GAAY,CAC1B,OAAOA,EAAQ,SAAS,EAAE,KAAKL,EAAU,IAAI,EAC7C,OAAOK,EAAQ,UAAU,UAAU,EAAE,QAAQ,CAC3C,QAAS,EACT,QAAS,GACT,cAAe,EACf,UAAWJ,EAAQ,YAAY,CACjC,CAAC,EACD,OAAOI,EAAQ,UAAU,WAAW,EAAE,KACpC,0IACF,EACA,OAAOA,EAAQ,UAAU,SAAS,EAAE,KAClC,gJACF,CACF,CAAC,CACH,CAAC,EAED,GAAG,kCAAmC,SAAY,CAEhD,KAAM,CAAE,UAAAL,EAAW,QAAAC,EAAS,aAAAC,CAAa,EAAIC,EAAc,CACzD,IAAK,aACP,CAAC,GAIc,MADF,IAAI,+BAA6BF,EAASC,CAAY,EACzC,IAAIF,CAAS,EAAE,IAAI,GAGtC,OAAQM,GACb,OAAOA,CAAK,EAAE,eAAe,sBAAoB,CACnD,CACF,CAAC,CACH,CAAC,EAED,SAASH,EAAc,CACrB,WAAAI,EAAa,mEACb,aAAAL,EAAe,qEACf,IAAAM,EAAM,wYACR,EAAI,CAAC,EAAG,CACN,MAAO,CACL,UAAW,CAAE,IAAAA,EAAK,KAAM,CAAC,CAAuB,EAChD,QAAS,IAAI,sBAAiB,cAAWD,CAAU,CAAC,EACpD,aAAAL,CACF,CACF",
+  "names": ["import_Errors", "import_KeypairFromBytes", "import_hex", "import_SignChallengeWithKeypairTask", "challenge", "keypair", "trustchainId", "getParameters", "result", "payload", "error", "privateKey", "tlv"]
 }

package/lib/cjs/internal/app-binder/task/utils/TrustedProperties.js CHANGED Viewed

@@ -1,2 +1,2 @@
-"use strict";var p=Object.defineProperty;var g=Object.getOwnPropertyDescriptor;var y=Object.getOwnPropertyNames;var c=Object.prototype.hasOwnProperty;var d=(e,r)=>{for(var i in r)p(e,i,{get:r[i],enumerable:!0})},u=(e,r,i,o)=>{if(r&&typeof r=="object"||typeof r=="function")for(let a of y(r))!c.call(e,a)&&a!==i&&p(e,a,{get:()=>r[a],enumerable:!(o=g(r,a))||o.enumerable});return e};var h=e=>u(p({},"__esModule",{value:!0}),e);var m={};d(m,{TrustedProperties:()=>l});module.exports=h(m);var P=require("@ledgerhq/device-management-kit"),t=require("purify-ts"),E=require("../../../../api/model/Errors"),s=require("../../../models/Tags"),n=require("../../../utils/required");class l{constructor(r){this.bytes=r;this.parser=new P.ByteArrayParser(r)}parser;iv=null;encryptedProps=null;getIv(){if(!this.iv){const r=this.parser.extractFieldTLVEncoded();if(!r||r.tag!==0)return(0,t.Left)(new E.LKRPParsingError("Invalid trusted property: missing IV"));this.iv=r.value}return(0,t.Right)(this.iv)}getIssuer(){return this.parseEncryptedProps().chain(r=>(0,n.required)(r.get(s.TPTags.ISSUER)?.value,"Missing issuer in trusted properties"))}getXPriv(){return this.parseEncryptedProps().chain(r=>(0,n.required)(r.get(s.TPTags.XPRIV)?.value,"Missing xpriv in trusted properties"))}getEphemeralPublicKey(){return this.parseEncryptedProps().chain(r=>(0,n.required)(r.get(s.TPTags.EPHEMERAL_PUBLIC_KEY)?.value,"Missing ephemeral public key in trusted properties"))}getCommandIv(){return this.parseEncryptedProps().chain(r=>(0,n.required)(r.get(s.TPTags.COMMAND_IV)?.value,"Missing command IV in trusted properties"))}getGroupKey(){return this.parseEncryptedProps().chain(r=>(0,n.required)(r.get(s.TPTags.GROUPKEY)?.value,"Missing group key in trusted properties"))}getNewMember(){return this.parseEncryptedProps().chain(r=>(0,n.required)(r.get(s.TPTags.NEW_MEMBER)?.tlv,"Missing new member in trusted properties"))}parseEncryptedProps(){return this.encryptedProps?(0,t.Right)(this.encryptedProps):this.getIv().chain(()=>t.Either.sequence(Array.from(R(this.parser)))).map(r=>new Map(r.map(i=>[i.tag,i]))).ifRight(r=>{this.encryptedProps=r})}}function*R(e){for(;;){const r=e.extractFieldTLVEncoded();if(!r)return;yield(0,t.Right)(r)}}0&&(module.exports={TrustedProperties});
+"use strict";var p=Object.defineProperty;var g=Object.getOwnPropertyDescriptor;var y=Object.getOwnPropertyNames;var c=Object.prototype.hasOwnProperty;var d=(e,r)=>{for(var i in r)p(e,i,{get:r[i],enumerable:!0})},u=(e,r,i,o)=>{if(r&&typeof r=="object"||typeof r=="function")for(let a of y(r))!c.call(e,a)&&a!==i&&p(e,a,{get:()=>r[a],enumerable:!(o=g(r,a))||o.enumerable});return e};var h=e=>u(p({},"__esModule",{value:!0}),e);var m={};d(m,{TrustedProperties:()=>l});module.exports=h(m);var P=require("@ledgerhq/device-management-kit"),t=require("purify-ts"),E=require("../../../../api/app-binder/Errors"),s=require("../../../utils/required"),n=require("../../../utils/TLVTags");class l{constructor(r){this.bytes=r;this.parser=new P.ByteArrayParser(r)}parser;iv=null;encryptedProps=null;getIv(){if(!this.iv){const r=this.parser.extractFieldTLVEncoded();if(!r||r.tag!==0)return(0,t.Left)(new E.LKRPParsingError("Invalid trusted property: missing IV"));this.iv=r.value}return(0,t.Right)(this.iv)}getIssuer(){return this.parseEncryptedProps().chain(r=>(0,s.required)(r.get(n.TPTags.ISSUER)?.value,"Missing issuer in trusted properties"))}getXPriv(){return this.parseEncryptedProps().chain(r=>(0,s.required)(r.get(n.TPTags.XPRIV)?.value,"Missing xpriv in trusted properties"))}getEphemeralPublicKey(){return this.parseEncryptedProps().chain(r=>(0,s.required)(r.get(n.TPTags.EPHEMERAL_PUBLIC_KEY)?.value,"Missing ephemeral public key in trusted properties"))}getCommandIv(){return this.parseEncryptedProps().chain(r=>(0,s.required)(r.get(n.TPTags.COMMAND_IV)?.value,"Missing command IV in trusted properties"))}getGroupKey(){return this.parseEncryptedProps().chain(r=>(0,s.required)(r.get(n.TPTags.GROUPKEY)?.value,"Missing group key in trusted properties"))}getNewMember(){return this.parseEncryptedProps().chain(r=>(0,s.required)(r.get(n.TPTags.NEW_MEMBER)?.tlv,"Missing new member in trusted properties"))}parseEncryptedProps(){return this.encryptedProps?(0,t.Right)(this.encryptedProps):this.getIv().chain(()=>t.Either.sequence(Array.from(R(this.parser)))).map(r=>new Map(r.map(i=>[i.tag,i]))).ifRight(r=>{this.encryptedProps=r})}}function*R(e){for(;;){const r=e.extractFieldTLVEncoded();if(!r)return;yield(0,t.Right)(r)}}0&&(module.exports={TrustedProperties});
 //# sourceMappingURL=TrustedProperties.js.map

package/lib/cjs/internal/app-binder/task/utils/TrustedProperties.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../../../src/internal/app-binder/task/utils/TrustedProperties.ts"],
-  "sourcesContent": ["import { ByteArrayParser } from \"@ledgerhq/device-management-kit\";\nimport { Either, Left, Right } from \"purify-ts\";\n\nimport { type LKRPMissingDataError, LKRPParsingError } from \"@api/model/Errors\";\nimport { TPTags } from \"@internal/models/Tags\";\nimport { required } from \"@internal/utils/required\";\n\ntype EncryptedTPTag = Exclude<TPTags, TPTags.IV>;\ntype EncryptedTP = { tag: EncryptedTPTag; value: Uint8Array; tlv: Uint8Array };\n\nexport class TrustedProperties {\n  private readonly parser: ByteArrayParser;\n  private iv: Uint8Array | null = null;\n  private encryptedProps: Map<EncryptedTPTag, EncryptedTP> | null = null;\n\n  constructor(public readonly bytes: Uint8Array) {\n    this.parser = new ByteArrayParser(bytes);\n  }\n\n  getIv(): Either<LKRPParsingError, Uint8Array> {\n    if (!this.iv) {\n      const field = this.parser.extractFieldTLVEncoded();\n      if (!field || field.tag !== 0x00) {\n        return Left(\n          new LKRPParsingError(\"Invalid trusted property: missing IV\"),\n        );\n      }\n\n      this.iv = field.value;\n    }\n    return Right(this.iv);\n  }\n\n  getIssuer(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.ISSUER)?.value,\n        \"Missing issuer in trusted properties\",\n      ),\n    );\n  }\n\n  getXPriv(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.XPRIV)?.value,\n        \"Missing xpriv in trusted properties\",\n      ),\n    );\n  }\n\n  getEphemeralPublicKey(): Either<\n    LKRPParsingError | LKRPMissingDataError,\n    Uint8Array\n  > {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.EPHEMERAL_PUBLIC_KEY)?.value,\n        \"Missing ephemeral public key in trusted properties\",\n      ),\n    );\n  }\n\n  getCommandIv(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.COMMAND_IV)?.value,\n        \"Missing command IV in trusted properties\",\n      ),\n    );\n  }\n\n  getGroupKey(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.GROUPKEY)?.value,\n        \"Missing group key in trusted properties\",\n      ),\n    );\n  }\n\n  getNewMember(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.NEW_MEMBER)?.tlv,\n        \"Missing new member in trusted properties\",\n      ),\n    );\n  }\n\n  parseEncryptedProps(): Either<\n    LKRPParsingError,\n    Map<EncryptedTPTag, EncryptedTP>\n  > {\n    return this.encryptedProps\n      ? Right(this.encryptedProps)\n      : this.getIv()\n          .chain(() => Either.sequence(Array.from(parseTPs(this.parser))))\n          .map((fields) => new Map(fields.map((field) => [field.tag, field])))\n          .ifRight((props) => {\n            this.encryptedProps = props;\n          });\n  }\n}\n\nfunction* parseTPs(\n  parser: ByteArrayParser,\n): Generator<Either<LKRPParsingError, EncryptedTP>> {\n  while (true) {\n    const field = parser.extractFieldTLVEncoded();\n    if (!field) return;\n    yield Right(field);\n  }\n}\n"],
-  "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,uBAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAAgC,2CAChCC,EAAoC,qBAEpCC,EAA4D,6BAC5DC,EAAuB,iCACvBC,EAAyB,oCAKlB,MAAMN,CAAkB,CAK7B,YAA4BO,EAAmB,CAAnB,WAAAA,EAC1B,KAAK,OAAS,IAAI,kBAAgBA,CAAK,CACzC,CANiB,OACT,GAAwB,KACxB,eAA0D,KAMlE,OAA8C,CAC5C,GAAI,CAAC,KAAK,GAAI,CACZ,MAAMC,EAAQ,KAAK,OAAO,uBAAuB,EACjD,GAAI,CAACA,GAASA,EAAM,MAAQ,EAC1B,SAAO,QACL,IAAI,mBAAiB,sCAAsC,CAC7D,EAGF,KAAK,GAAKA,EAAM,KAClB,CACA,SAAO,SAAM,KAAK,EAAE,CACtB,CAEA,WAAyE,CACvE,OAAO,KAAK,oBAAoB,EAAE,MAAOC,MACvC,YACEA,EAAM,IAAI,SAAO,MAAM,GAAG,MAC1B,sCACF,CACF,CACF,CAEA,UAAwE,CACtE,OAAO,KAAK,oBAAoB,EAAE,MAAOA,MACvC,YACEA,EAAM,IAAI,SAAO,KAAK,GAAG,MACzB,qCACF,CACF,CACF,CAEA,uBAGE,CACA,OAAO,KAAK,oBAAoB,EAAE,MAAOA,MACvC,YACEA,EAAM,IAAI,SAAO,oBAAoB,GAAG,MACxC,oDACF,CACF,CACF,CAEA,cAA4E,CAC1E,OAAO,KAAK,oBAAoB,EAAE,MAAOA,MACvC,YACEA,EAAM,IAAI,SAAO,UAAU,GAAG,MAC9B,0CACF,CACF,CACF,CAEA,aAA2E,CACzE,OAAO,KAAK,oBAAoB,EAAE,MAAOA,MACvC,YACEA,EAAM,IAAI,SAAO,QAAQ,GAAG,MAC5B,yCACF,CACF,CACF,CAEA,cAA4E,CAC1E,OAAO,KAAK,oBAAoB,EAAE,MAAOA,MACvC,YACEA,EAAM,IAAI,SAAO,UAAU,GAAG,IAC9B,0CACF,CACF,CACF,CAEA,qBAGE,CACA,OAAO,KAAK,kBACR,SAAM,KAAK,cAAc,EACzB,KAAK,MAAM,EACR,MAAM,IAAM,SAAO,SAAS,MAAM,KAAKC,EAAS,KAAK,MAAM,CAAC,CAAC,CAAC,EAC9D,IAAKC,GAAW,IAAI,IAAIA,EAAO,IAAKH,GAAU,CAACA,EAAM,IAAKA,CAAK,CAAC,CAAC,CAAC,EAClE,QAASC,GAAU,CAClB,KAAK,eAAiBA,CACxB,CAAC,CACT,CACF,CAEA,SAAUC,EACRE,EACkD,CAClD,OAAa,CACX,MAAMJ,EAAQI,EAAO,uBAAuB,EAC5C,GAAI,CAACJ,EAAO,OACZ,QAAM,SAAMA,CAAK,CACnB,CACF",
-  "names": ["TrustedProperties_exports", "__export", "TrustedProperties", "__toCommonJS", "import_device_management_kit", "import_purify_ts", "import_Errors", "import_Tags", "import_required", "bytes", "field", "props", "parseTPs", "fields", "parser"]
+  "sourcesContent": ["import { ByteArrayParser } from \"@ledgerhq/device-management-kit\";\nimport { Either, Left, Right } from \"purify-ts\";\n\nimport {\n  type LKRPMissingDataError,\n  LKRPParsingError,\n} from \"@api/app-binder/Errors\";\nimport { required } from \"@internal/utils/required\";\nimport { TPTags } from \"@internal/utils/TLVTags\";\n\ntype EncryptedTPTag = Exclude<TPTags, TPTags.IV>;\ntype EncryptedTP = { tag: EncryptedTPTag; value: Uint8Array; tlv: Uint8Array };\n\nexport class TrustedProperties {\n  private readonly parser: ByteArrayParser;\n  private iv: Uint8Array | null = null;\n  private encryptedProps: Map<EncryptedTPTag, EncryptedTP> | null = null;\n\n  constructor(public readonly bytes: Uint8Array) {\n    this.parser = new ByteArrayParser(bytes);\n  }\n\n  getIv(): Either<LKRPParsingError, Uint8Array> {\n    if (!this.iv) {\n      const field = this.parser.extractFieldTLVEncoded();\n      if (!field || field.tag !== 0x00) {\n        return Left(\n          new LKRPParsingError(\"Invalid trusted property: missing IV\"),\n        );\n      }\n\n      this.iv = field.value;\n    }\n    return Right(this.iv);\n  }\n\n  getIssuer(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.ISSUER)?.value,\n        \"Missing issuer in trusted properties\",\n      ),\n    );\n  }\n\n  getXPriv(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.XPRIV)?.value,\n        \"Missing xpriv in trusted properties\",\n      ),\n    );\n  }\n\n  getEphemeralPublicKey(): Either<\n    LKRPParsingError | LKRPMissingDataError,\n    Uint8Array\n  > {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.EPHEMERAL_PUBLIC_KEY)?.value,\n        \"Missing ephemeral public key in trusted properties\",\n      ),\n    );\n  }\n\n  getCommandIv(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.COMMAND_IV)?.value,\n        \"Missing command IV in trusted properties\",\n      ),\n    );\n  }\n\n  getGroupKey(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.GROUPKEY)?.value,\n        \"Missing group key in trusted properties\",\n      ),\n    );\n  }\n\n  getNewMember(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.NEW_MEMBER)?.tlv,\n        \"Missing new member in trusted properties\",\n      ),\n    );\n  }\n\n  parseEncryptedProps(): Either<\n    LKRPParsingError,\n    Map<EncryptedTPTag, EncryptedTP>\n  > {\n    return this.encryptedProps\n      ? Right(this.encryptedProps)\n      : this.getIv()\n          .chain(() => Either.sequence(Array.from(parseTPs(this.parser))))\n          .map((fields) => new Map(fields.map((field) => [field.tag, field])))\n          .ifRight((props) => {\n            this.encryptedProps = props;\n          });\n  }\n}\n\nfunction* parseTPs(\n  parser: ByteArrayParser,\n): Generator<Either<LKRPParsingError, EncryptedTP>> {\n  while (true) {\n    const field = parser.extractFieldTLVEncoded();\n    if (!field) return;\n    yield Right(field);\n  }\n}\n"],
+  "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,uBAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAAgC,2CAChCC,EAAoC,qBAEpCC,EAGO,kCACPC,EAAyB,oCACzBC,EAAuB,mCAKhB,MAAMN,CAAkB,CAK7B,YAA4BO,EAAmB,CAAnB,WAAAA,EAC1B,KAAK,OAAS,IAAI,kBAAgBA,CAAK,CACzC,CANiB,OACT,GAAwB,KACxB,eAA0D,KAMlE,OAA8C,CAC5C,GAAI,CAAC,KAAK,GAAI,CACZ,MAAMC,EAAQ,KAAK,OAAO,uBAAuB,EACjD,GAAI,CAACA,GAASA,EAAM,MAAQ,EAC1B,SAAO,QACL,IAAI,mBAAiB,sCAAsC,CAC7D,EAGF,KAAK,GAAKA,EAAM,KAClB,CACA,SAAO,SAAM,KAAK,EAAE,CACtB,CAEA,WAAyE,CACvE,OAAO,KAAK,oBAAoB,EAAE,MAAOC,MACvC,YACEA,EAAM,IAAI,SAAO,MAAM,GAAG,MAC1B,sCACF,CACF,CACF,CAEA,UAAwE,CACtE,OAAO,KAAK,oBAAoB,EAAE,MAAOA,MACvC,YACEA,EAAM,IAAI,SAAO,KAAK,GAAG,MACzB,qCACF,CACF,CACF,CAEA,uBAGE,CACA,OAAO,KAAK,oBAAoB,EAAE,MAAOA,MACvC,YACEA,EAAM,IAAI,SAAO,oBAAoB,GAAG,MACxC,oDACF,CACF,CACF,CAEA,cAA4E,CAC1E,OAAO,KAAK,oBAAoB,EAAE,MAAOA,MACvC,YACEA,EAAM,IAAI,SAAO,UAAU,GAAG,MAC9B,0CACF,CACF,CACF,CAEA,aAA2E,CACzE,OAAO,KAAK,oBAAoB,EAAE,MAAOA,MACvC,YACEA,EAAM,IAAI,SAAO,QAAQ,GAAG,MAC5B,yCACF,CACF,CACF,CAEA,cAA4E,CAC1E,OAAO,KAAK,oBAAoB,EAAE,MAAOA,MACvC,YACEA,EAAM,IAAI,SAAO,UAAU,GAAG,IAC9B,0CACF,CACF,CACF,CAEA,qBAGE,CACA,OAAO,KAAK,kBACR,SAAM,KAAK,cAAc,EACzB,KAAK,MAAM,EACR,MAAM,IAAM,SAAO,SAAS,MAAM,KAAKC,EAAS,KAAK,MAAM,CAAC,CAAC,CAAC,EAC9D,IAAKC,GAAW,IAAI,IAAIA,EAAO,IAAKH,GAAU,CAACA,EAAM,IAAKA,CAAK,CAAC,CAAC,CAAC,EAClE,QAASC,GAAU,CAClB,KAAK,eAAiBA,CACxB,CAAC,CACT,CACF,CAEA,SAAUC,EACRE,EACkD,CAClD,OAAa,CACX,MAAMJ,EAAQI,EAAO,uBAAuB,EAC5C,GAAI,CAACJ,EAAO,OACZ,QAAM,SAAMA,CAAK,CACnB,CACF",
+  "names": ["TrustedProperties_exports", "__export", "TrustedProperties", "__toCommonJS", "import_device_management_kit", "import_purify_ts", "import_Errors", "import_required", "import_TLVTags", "bytes", "field", "props", "parseTPs", "fields", "parser"]
 }

package/lib/cjs/internal/di.js CHANGED Viewed

@@ -1,2 +1,2 @@
-"use strict";var c=Object.defineProperty;var u=Object.getOwnPropertyDescriptor;var y=Object.getOwnPropertyNames;var C=Object.prototype.hasOwnProperty;var g=(e,t)=>{for(var r in t)c(e,r,{get:t[r],enumerable:!0})},M=(e,t,r,a)=>{if(t&&typeof t=="object"||typeof t=="function")for(let o of y(t))!C.call(e,o)&&o!==r&&c(e,o,{get:()=>t[o],enumerable:!(a=u(t,o))||a.enumerable});return e};var b=e=>M(c({},"__esModule",{value:!0}),e);var D={};g(D,{makeContainer:()=>f});module.exports=b(D);var m=require("inversify"),p=require("../api/index"),s=require("./app-binder/di/appBinderModule"),l=require("./lkrp-datasource/di/lkrpDatasourceModuleFactory"),v=require("./use-cases/di/useCasesModule"),i=require("./externalTypes");const f=({dmk:e,applicationId:t,cryptoService:r,env:a=p.LKRPEnv.PROD,baseUrl:o,stub:d})=>{const n=new m.Container;return n.bind(i.externalTypes.Dmk).toConstantValue(e),n.bind(i.externalTypes.ApplicationId).toConstantValue(t),n.bind(i.externalTypes.CryptoService).toConstantValue(r),n.loadSync((0,s.appBindingModuleFactory)(),(0,l.lkrpDatasourceModuleFactory)({baseUrl:o??k.get(a),stub:d}),(0,v.useCasesModuleFactory)()),n},k=new Map([[p.LKRPEnv.PROD,"https://trustchain.api.live.ledger.com/v1"],[p.LKRPEnv.STAGING,"https://trustchain-backend.api.aws.stg.ldg-tech.com/v1"]]);0&&(module.exports={makeContainer});
+"use strict";var i=Object.defineProperty;var d=Object.getOwnPropertyDescriptor;var l=Object.getOwnPropertyNames;var u=Object.prototype.hasOwnProperty;var y=(t,e)=>{for(var n in e)i(t,n,{get:e[n],enumerable:!0})},D=(t,e,n,r)=>{if(e&&typeof e=="object"||typeof e=="function")for(let o of l(e))!u.call(t,o)&&o!==n&&i(t,o,{get:()=>e[o],enumerable:!(r=d(e,o))||r.enumerable});return t};var M=t=>D(i({},"__esModule",{value:!0}),t);var f={};y(f,{makeContainer:()=>C});module.exports=M(f);var s=require("inversify"),m=require("./app-binder/di/appBinderModule"),p=require("./lkrp-datasource/di/lkrpDatasourceModuleFactory"),c=require("./use-cases/di/useCasesModule"),a=require("./externalTypes");const C=({dmk:t,sessionId:e,baseUrl:n,stub:r})=>{const o=new s.Container;return o.bind(a.externalTypes.Dmk).toConstantValue(t),o.bind(a.externalTypes.SessionId).toConstantValue(e),o.loadSync((0,m.appBindingModuleFactory)(),(0,p.lkrpDatasourceModuleFactory)({baseUrl:n,stub:r}),(0,c.useCasesModuleFactory)()),o};0&&(module.exports={makeContainer});
 //# sourceMappingURL=di.js.map

package/lib/cjs/internal/di.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../src/internal/di.ts"],
-  "sourcesContent": ["import { type DeviceManagementKit } from \"@ledgerhq/device-management-kit\";\nimport { Container } from \"inversify\";\n\nimport { type CryptoService } from \"@api/crypto/CryptoService\";\nimport { LKRPEnv } from \"@api/index\";\nimport { appBindingModuleFactory } from \"@internal/app-binder/di/appBinderModule\";\n\nimport { lkrpDatasourceModuleFactory } from \"./lkrp-datasource/di/lkrpDatasourceModuleFactory\";\nimport { useCasesModuleFactory } from \"./use-cases/di/useCasesModule\";\nimport { externalTypes } from \"./externalTypes\";\n\nexport type MakeContainerProps = {\n  dmk: DeviceManagementKit;\n  applicationId: number;\n  cryptoService: CryptoService;\n  env?: LKRPEnv;\n  baseUrl?: string; // Optional base URL for the LKRP network requests\n  stub?: boolean;\n};\n\nexport const makeContainer = ({\n  dmk,\n  applicationId,\n  cryptoService,\n  env = LKRPEnv.PROD,\n  baseUrl,\n  stub,\n}: MakeContainerProps) => {\n  const container = new Container();\n\n  container.bind<DeviceManagementKit>(externalTypes.Dmk).toConstantValue(dmk);\n  container.bind(externalTypes.ApplicationId).toConstantValue(applicationId);\n  container\n    .bind<CryptoService>(externalTypes.CryptoService)\n    .toConstantValue(cryptoService);\n\n  container.loadSync(\n    appBindingModuleFactory(),\n    lkrpDatasourceModuleFactory({\n      baseUrl: baseUrl ?? lkrpBaseUrlMap.get(env),\n      stub,\n    }),\n    useCasesModuleFactory(),\n  );\n\n  return container;\n};\n\nconst lkrpBaseUrlMap = new Map<LKRPEnv, string>([\n  [LKRPEnv.PROD, \"https://trustchain.api.live.ledger.com/v1\"],\n  [LKRPEnv.STAGING, \"https://trustchain-backend.api.aws.stg.ldg-tech.com/v1\"],\n]);\n"],
-  "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,mBAAAE,IAAA,eAAAC,EAAAH,GACA,IAAAI,EAA0B,qBAG1BC,EAAwB,sBACxBC,EAAwC,mDAExCC,EAA4C,4DAC5CC,EAAsC,yCACtCC,EAA8B,2BAWvB,MAAMP,EAAgB,CAAC,CAC5B,IAAAQ,EACA,cAAAC,EACA,cAAAC,EACA,IAAAC,EAAM,UAAQ,KACd,QAAAC,EACA,KAAAC,CACF,IAA0B,CACxB,MAAMC,EAAY,IAAI,YAEtB,OAAAA,EAAU,KAA0B,gBAAc,GAAG,EAAE,gBAAgBN,CAAG,EAC1EM,EAAU,KAAK,gBAAc,aAAa,EAAE,gBAAgBL,CAAa,EACzEK,EACG,KAAoB,gBAAc,aAAa,EAC/C,gBAAgBJ,CAAa,EAEhCI,EAAU,YACR,2BAAwB,KACxB,+BAA4B,CAC1B,QAASF,GAAWG,EAAe,IAAIJ,CAAG,EAC1C,KAAAE,CACF,CAAC,KACD,yBAAsB,CACxB,EAEOC,CACT,EAEMC,EAAiB,IAAI,IAAqB,CAC9C,CAAC,UAAQ,KAAM,2CAA2C,EAC1D,CAAC,UAAQ,QAAS,wDAAwD,CAC5E,CAAC",
-  "names": ["di_exports", "__export", "makeContainer", "__toCommonJS", "import_inversify", "import_api", "import_appBinderModule", "import_lkrpDatasourceModuleFactory", "import_useCasesModule", "import_externalTypes", "dmk", "applicationId", "cryptoService", "env", "baseUrl", "stub", "container", "lkrpBaseUrlMap"]
+  "sourcesContent": ["import {\n  type DeviceManagementKit,\n  type DeviceSessionId,\n} from \"@ledgerhq/device-management-kit\";\nimport { Container } from \"inversify\";\n\nimport { appBindingModuleFactory } from \"@internal/app-binder/di/appBinderModule\";\n\nimport { lkrpDatasourceModuleFactory } from \"./lkrp-datasource/di/lkrpDatasourceModuleFactory\";\nimport { useCasesModuleFactory } from \"./use-cases/di/useCasesModule\";\nimport { externalTypes } from \"./externalTypes\";\n\nexport type MakeContainerProps = {\n  dmk: DeviceManagementKit;\n  sessionId: DeviceSessionId;\n  baseUrl?: string; // Optional base URL for the LKRP network requests\n  stub?: boolean;\n};\n\nexport const makeContainer = ({\n  dmk,\n  sessionId,\n  baseUrl,\n  stub,\n}: MakeContainerProps) => {\n  const container = new Container();\n\n  container.bind<DeviceManagementKit>(externalTypes.Dmk).toConstantValue(dmk);\n  container\n    .bind<DeviceSessionId>(externalTypes.SessionId)\n    .toConstantValue(sessionId);\n\n  container.loadSync(\n    appBindingModuleFactory(),\n    lkrpDatasourceModuleFactory({ baseUrl, stub }),\n    useCasesModuleFactory(),\n  );\n\n  return container;\n};\n"],
+  "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,mBAAAE,IAAA,eAAAC,EAAAH,GAIA,IAAAI,EAA0B,qBAE1BC,EAAwC,mDAExCC,EAA4C,4DAC5CC,EAAsC,yCACtCC,EAA8B,2BASvB,MAAMN,EAAgB,CAAC,CAC5B,IAAAO,EACA,UAAAC,EACA,QAAAC,EACA,KAAAC,CACF,IAA0B,CACxB,MAAMC,EAAY,IAAI,YAEtB,OAAAA,EAAU,KAA0B,gBAAc,GAAG,EAAE,gBAAgBJ,CAAG,EAC1EI,EACG,KAAsB,gBAAc,SAAS,EAC7C,gBAAgBH,CAAS,EAE5BG,EAAU,YACR,2BAAwB,KACxB,+BAA4B,CAAE,QAAAF,EAAS,KAAAC,CAAK,CAAC,KAC7C,yBAAsB,CACxB,EAEOC,CACT",
+  "names": ["di_exports", "__export", "makeContainer", "__toCommonJS", "import_inversify", "import_appBinderModule", "import_lkrpDatasourceModuleFactory", "import_useCasesModule", "import_externalTypes", "dmk", "sessionId", "baseUrl", "stub", "container"]
 }

package/lib/cjs/internal/externalTypes.js CHANGED Viewed

@@ -1,2 +1,2 @@
-"use strict";var i=Object.defineProperty;var p=Object.getOwnPropertyDescriptor;var n=Object.getOwnPropertyNames;var a=Object.prototype.hasOwnProperty;var m=(e,r)=>{for(var y in r)i(e,y,{get:r[y],enumerable:!0})},A=(e,r,y,o)=>{if(r&&typeof r=="object"||typeof r=="function")for(let t of n(r))!a.call(e,t)&&t!==y&&i(e,t,{get:()=>r[t],enumerable:!(o=p(r,t))||o.enumerable});return e};var l=e=>A(i({},"__esModule",{value:!0}),e);var c={};m(c,{externalTypes:()=>U});module.exports=l(c);const U={Dmk:Symbol.for("Dmk"),ApplicationId:Symbol.for("ApplicationId"),CryptoService:Symbol.for("CryptoService")};0&&(module.exports={externalTypes});
+"use strict";var n=Object.defineProperty;var o=Object.getOwnPropertyDescriptor;var a=Object.getOwnPropertyNames;var s=Object.prototype.hasOwnProperty;var m=(e,r)=>{for(var y in r)n(e,y,{get:r[y],enumerable:!0})},p=(e,r,y,i)=>{if(r&&typeof r=="object"||typeof r=="function")for(let t of a(r))!s.call(e,t)&&t!==y&&n(e,t,{get:()=>r[t],enumerable:!(i=o(r,t))||i.enumerable});return e};var A=e=>p(n({},"__esModule",{value:!0}),e);var b={};m(b,{externalTypes:()=>U});module.exports=A(b);const U={Dmk:Symbol.for("Dmk"),SessionId:Symbol.for("SessionId")};0&&(module.exports={externalTypes});
 //# sourceMappingURL=externalTypes.js.map

package/lib/cjs/internal/externalTypes.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../src/internal/externalTypes.ts"],
-  "sourcesContent": ["export const externalTypes = {\n  Dmk: Symbol.for(\"Dmk\"),\n  ApplicationId: Symbol.for(\"ApplicationId\"),\n  CryptoService: Symbol.for(\"CryptoService\"),\n};\n\nexport type TrustedProperty = {\n  iv: Uint8Array;\n  issuer: Uint8Array;\n  xpriv: Uint8Array;\n  ephemeralPubKey: Uint8Array;\n  commandIV: Uint8Array;\n  groupKey: Uint8Array;\n  newMember: Uint8Array;\n};\n"],
-  "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,mBAAAE,IAAA,eAAAC,EAAAH,GAAO,MAAME,EAAgB,CAC3B,IAAK,OAAO,IAAI,KAAK,EACrB,cAAe,OAAO,IAAI,eAAe,EACzC,cAAe,OAAO,IAAI,eAAe,CAC3C",
+  "sourcesContent": ["export const externalTypes = {\n  Dmk: Symbol.for(\"Dmk\"),\n  SessionId: Symbol.for(\"SessionId\"),\n};\n\nexport type TrustedProperty = {\n  iv: Uint8Array;\n  issuer: Uint8Array;\n  xpriv: Uint8Array;\n  ephemeralPubKey: Uint8Array;\n  commandIV: Uint8Array;\n  groupKey: Uint8Array;\n  newMember: Uint8Array;\n};\n"],
+  "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,mBAAAE,IAAA,eAAAC,EAAAH,GAAO,MAAME,EAAgB,CAC3B,IAAK,OAAO,IAAI,KAAK,EACrB,UAAW,OAAO,IAAI,WAAW,CACnC",
   "names": ["externalTypes_exports", "__export", "externalTypes", "__toCommonJS"]
 }

package/lib/cjs/internal/lkrp-datasource/data/HttpLKRPDataSource.js CHANGED Viewed

@@ -1,2 +1,2 @@
-"use strict";var m=Object.defineProperty;var f=Object.getOwnPropertyDescriptor;var T=Object.getOwnPropertyNames;var R=Object.prototype.hasOwnProperty;var b=(r,t)=>{for(var e in t)m(r,e,{get:t[e],enumerable:!0})},N=(r,t,e,n)=>{if(t&&typeof t=="object"||typeof t=="function")for(let s of T(t))!R.call(r,s)&&s!==e&&m(r,s,{get:()=>t[s],enumerable:!(n=f(t,s))||n.enumerable});return r};var k=r=>N(m({},"__esModule",{value:!0}),r),l=(r,t,e,n)=>{for(var s=n>1?void 0:n?f(t,e):t,u=r.length-1,a;u>=0;u--)(a=r[u])&&(s=(n?a(t,e,s):a(s))||s);return n&&s&&m(t,e,s),s},p=(r,t)=>(e,n)=>t(e,n,r);var P={};b(P,{HttpLKRPDataSource:()=>c});module.exports=k(P);var h=require("inversify"),i=require("purify-ts"),d=require("../../../api/model/Errors"),y=require("../../lkrp-datasource/di/lkrpDatasourceTypes"),S=require("../../utils/Trustchain");let c=class{constructor(t){this.baseUrl=t}getChallenge(){return this.request("/challenge",i.Nothing)}authenticate(t){return this.request("/authenticate",i.Nothing,{method:"POST",body:JSON.stringify(t)}).map(e=>({jwt:e,trustchainId:i.Maybe.fromNullable(Object.keys(e.permissions).find(n=>!!e.permissions[n]?.["m/"]))}))}getTrustchainById(t,e){return this.request(`/trustchain/${t}`,(0,i.Just)(e)).map(n=>new S.Trustchain(t,n))}postDerivation(t,e,n){return this.request(`/trustchain/${t}/derivation`,(0,i.Just)(n),{method:"POST",body:JSON.stringify(e.toString())})}putCommands(t,e,n,s){return this.request(`/trustchain/${t}/commands`,(0,i.Just)(s),{method:"PUT",body:JSON.stringify({path:e,blocks:[n.toString()]})})}request(t,e,n){const s=this.baseUrl+t,u={...n?.headers,"Content-Type":"application/json",...e.mapOrDefault(({access_token:a})=>({Authorization:`Bearer ${a}`}),{})};return(0,i.EitherAsync)(()=>fetch(s,{...n,headers:u})).mapLeft(a=>({status:"UNKNOWN",message:g(a)})).chain(async a=>{switch(a.status){case 204:return(0,i.Right)(void 0);default:return(0,i.EitherAsync)(()=>a.json()).mapLeft(g).map(o=>a.ok?(0,i.Right)(o):(0,i.Left)(g(o))).chain(i.EitherAsync.liftEither).mapLeft(o=>({status:L.get(a.status)??"UNKNOWN",message:`[${a.status}] ${o||a.statusText}`}))}}).mapLeft(({status:a,message:o})=>new d.LKRPDataSourceError({status:a,message:`${o||"Unknown error"} (from: ${s})`}))}};c=l([(0,h.injectable)(),p(0,(0,h.inject)(y.lkrpDatasourceTypes.BaseUrl))],c);const L=new Map([[400,"BAD_REQUEST"],[401,"UNAUTHORIZED"]]);function g(r){if(r){if(typeof r!="object"||r.toString!=={}.toString)return String(r);if("message"in r)return String(r.message)}}0&&(module.exports={HttpLKRPDataSource});
+"use strict";var m=Object.defineProperty;var l=Object.getOwnPropertyDescriptor;var y=Object.getOwnPropertyNames;var R=Object.prototype.hasOwnProperty;var b=(o,t)=>{for(var e in t)m(o,e,{get:t[e],enumerable:!0})},T=(o,t,e,s)=>{if(t&&typeof t=="object"||typeof t=="function")for(let r of y(t))!R.call(o,r)&&r!==e&&m(o,r,{get:()=>t[r],enumerable:!(s=l(t,r))||s.enumerable});return o};var P=o=>T(m({},"__esModule",{value:!0}),o),p=(o,t,e,s)=>{for(var r=s>1?void 0:s?l(t,e):t,i=o.length-1,u;i>=0;i--)(u=o[i])&&(r=(s?u(t,e,r):u(r))||r);return s&&r&&m(t,e,r),r},d=(o,t)=>(e,s)=>t(e,s,o);var $={};b($,{HttpLKRPDataSource:()=>h});module.exports=P($);var c=require("inversify"),n=require("purify-ts"),a=require("../../../api/app-binder/Errors"),f=require("../../lkrp-datasource/di/lkrpDatasourceTypes"),g=require("../../utils/LKRPBlockStream");let h=class{constructor(t){this.baseUrl=t}getChallenge(){return this.request("/challenge",n.Nothing)}authenticate(t){return this.request("/authenticate",n.Nothing,{method:"POST",body:JSON.stringify(t)}).map(e=>({jwt:e,trustchainId:n.Maybe.fromNullable(Object.keys(e.permissions).find(s=>!!e.permissions[s]?.["m/"]))}))}getTrustchainById(t,e){return this.request(`/trustchain/${t}`,(0,n.Just)(e)).map(s=>Object.fromEntries(Object.entries(s).map(([r,i])=>[r,g.LKRPBlockStream.fromHex(i)])))}postDerivation(t,e,s){return this.request(`/trustchain/${t}/derivation`,(0,n.Just)(s),{method:"POST",body:JSON.stringify(e.toString())})}putCommands(t,e,s,r){return this.request(`/trustchain/${t}/commands`,(0,n.Just)(r),{method:"PUT",body:JSON.stringify({path:e,blocks:[s.toString()]})})}request(t,e,s){const r=this.baseUrl+t;return n.EitherAsync.fromPromise(async()=>{const i=await fetch(r,{...s,headers:{...s?.headers,"Content-Type":"application/json",...e.mapOrDefault(({access_token:u})=>({Authorization:`Bearer ${u}`}),{})}});switch(i.status){case 204:return(0,n.Right)(void 0);case 401:throw new a.LKRPUnauthorizedError(`Unauthorized request to ${r}: [${i.status}] ${i.statusText}`);default:if(!i.ok)throw new a.LKRPHttpRequestError(`Failed to fetch ${r}: [${i.status}] ${i.statusText}`);return(0,n.Right)(await i.json())}}).mapLeft(i=>i instanceof a.LKRPHttpRequestError?i:new a.LKRPHttpRequestError(i))}};h=p([(0,c.injectable)(),d(0,(0,c.inject)(f.lkrpDatasourceTypes.BaseUrl))],h);0&&(module.exports={HttpLKRPDataSource});
 //# sourceMappingURL=HttpLKRPDataSource.js.map

package/lib/cjs/internal/lkrp-datasource/data/HttpLKRPDataSource.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../../src/internal/lkrp-datasource/data/HttpLKRPDataSource.ts"],
-  "sourcesContent": ["import { inject, injectable } from \"inversify\";\nimport { EitherAsync, Just, Left, Maybe, Nothing, Right } from \"purify-ts\";\n\nimport {\n  LKRPDataSourceError,\n  LKRPDataSourceErrorStatus,\n} from \"@api/model/Errors\";\nimport { JWT } from \"@api/model/JWT\";\nimport { lkrpDatasourceTypes } from \"@internal/lkrp-datasource/di/lkrpDatasourceTypes\";\nimport { LKRPBlock } from \"@internal/utils/LKRPBlock\";\nimport { Trustchain } from \"@internal/utils/Trustchain\";\n\nimport {\n  AuthenticationPayload,\n  Challenge,\n  LKRPDataSource,\n} from \"./LKRPDataSource\";\n\n@injectable()\nexport class HttpLKRPDataSource implements LKRPDataSource {\n  constructor(\n    @inject(lkrpDatasourceTypes.BaseUrl) private readonly baseUrl: string,\n  ) {}\n\n  getChallenge() {\n    return this.request<Challenge>(\"/challenge\", Nothing);\n  }\n\n  authenticate(payload: AuthenticationPayload) {\n    return this.request<JWT>(\"/authenticate\", Nothing, {\n      method: \"POST\",\n      body: JSON.stringify(payload),\n    }).map((jwt) => ({\n      jwt,\n      trustchainId: Maybe.fromNullable(\n        Object.keys(jwt.permissions).find((id) =>\n          Boolean(jwt.permissions[id]?.[\"m/\"]),\n        ),\n      ),\n    }));\n  }\n\n  getTrustchainById(id: string, jwt: JWT) {\n    return this.request<{ [path: string]: string }>(\n      `/trustchain/${id}`,\n      Just(jwt),\n    ).map((serialized) => new Trustchain(id, serialized));\n  }\n\n  postDerivation(id: string, block: LKRPBlock, jwt: JWT) {\n    return this.request<void>(`/trustchain/${id}/derivation`, Just(jwt), {\n      method: \"POST\",\n      body: JSON.stringify(block.toString()),\n    });\n  }\n\n  putCommands(id: string, path: string, block: LKRPBlock, jwt: JWT) {\n    return this.request<void>(`/trustchain/${id}/commands`, Just(jwt), {\n      method: \"PUT\",\n      body: JSON.stringify({ path, blocks: [block.toString()] }),\n    });\n  }\n\n  private request<Res>(\n    endpoint: `/${string}`,\n    jwt: Maybe<{ access_token: string }>,\n    init?: RequestInit,\n  ): EitherAsync<LKRPDataSourceError, Res> {\n    const href = this.baseUrl + endpoint;\n    const headers = {\n      ...init?.headers,\n      \"Content-Type\": \"application/json\",\n      ...jwt.mapOrDefault<{ Authorization?: string }>(\n        ({ access_token }) => ({ Authorization: `Bearer ${access_token}` }),\n        {},\n      ),\n    };\n\n    return EitherAsync(() => fetch(href, { ...init, headers }))\n      .mapLeft((err) => ({\n        status: \"UNKNOWN\" as const,\n        message: errToString(err),\n      }))\n      .chain(async (response) => {\n        switch (response.status) {\n          case 204:\n            return Right(undefined as Res);\n\n          default:\n            return EitherAsync(() => response.json())\n              .mapLeft(errToString)\n              .map((data) =>\n                response.ok ? Right(data as Res) : Left(errToString(data)),\n              )\n              .chain(EitherAsync.liftEither)\n              .mapLeft((message) => ({\n                status: statusMap.get(response.status) ?? \"UNKNOWN\",\n                message: `[${response.status}] ${message || response.statusText}`,\n              }));\n        }\n      })\n      .mapLeft(\n        ({ status, message }) =>\n          new LKRPDataSourceError({\n            status,\n            message: `${message || \"Unknown error\"} (from: ${href})`,\n          }),\n      );\n  }\n}\n\nconst statusMap = new Map<unknown, LKRPDataSourceErrorStatus>([\n  [400, \"BAD_REQUEST\"],\n  [401, \"UNAUTHORIZED\"],\n]);\n\nfunction errToString(error: unknown): string | void {\n  if (!error) return undefined;\n  if (typeof error !== \"object\") return String(error);\n  if (error.toString !== {}.toString) return String(error);\n  if (\"message\" in error) return String(error.message);\n}\n"],
-  "mappings": "okBAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,wBAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAAmC,qBACnCC,EAA+D,qBAE/DC,EAGO,6BAEPC,EAAoC,4DAEpCC,EAA2B,sCASpB,IAAMC,EAAN,KAAmD,CACxD,YACwDC,EACtD,CADsD,aAAAA,CACrD,CAEH,cAAe,CACb,OAAO,KAAK,QAAmB,aAAc,SAAO,CACtD,CAEA,aAAaC,EAAgC,CAC3C,OAAO,KAAK,QAAa,gBAAiB,UAAS,CACjD,OAAQ,OACR,KAAM,KAAK,UAAUA,CAAO,CAC9B,CAAC,EAAE,IAAKC,IAAS,CACf,IAAAA,EACA,aAAc,QAAM,aAClB,OAAO,KAAKA,EAAI,WAAW,EAAE,KAAMC,GACjC,EAAQD,EAAI,YAAYC,CAAE,IAAI,IAAI,CACpC,CACF,CACF,EAAE,CACJ,CAEA,kBAAkBA,EAAYD,EAAU,CACtC,OAAO,KAAK,QACV,eAAeC,CAAE,MACjB,QAAKD,CAAG,CACV,EAAE,IAAKE,GAAe,IAAI,aAAWD,EAAIC,CAAU,CAAC,CACtD,CAEA,eAAeD,EAAYE,EAAkBH,EAAU,CACrD,OAAO,KAAK,QAAc,eAAeC,CAAE,iBAAe,QAAKD,CAAG,EAAG,CACnE,OAAQ,OACR,KAAM,KAAK,UAAUG,EAAM,SAAS,CAAC,CACvC,CAAC,CACH,CAEA,YAAYF,EAAYG,EAAcD,EAAkBH,EAAU,CAChE,OAAO,KAAK,QAAc,eAAeC,CAAE,eAAa,QAAKD,CAAG,EAAG,CACjE,OAAQ,MACR,KAAM,KAAK,UAAU,CAAE,KAAAI,EAAM,OAAQ,CAACD,EAAM,SAAS,CAAC,CAAE,CAAC,CAC3D,CAAC,CACH,CAEQ,QACNE,EACAL,EACAM,EACuC,CACvC,MAAMC,EAAO,KAAK,QAAUF,EACtBG,EAAU,CACd,GAAGF,GAAM,QACT,eAAgB,mBAChB,GAAGN,EAAI,aACL,CAAC,CAAE,aAAAS,CAAa,KAAO,CAAE,cAAe,UAAUA,CAAY,EAAG,GACjE,CAAC,CACH,CACF,EAEA,SAAO,eAAY,IAAM,MAAMF,EAAM,CAAE,GAAGD,EAAM,QAAAE,CAAQ,CAAC,CAAC,EACvD,QAASE,IAAS,CACjB,OAAQ,UACR,QAASC,EAAYD,CAAG,CAC1B,EAAE,EACD,MAAM,MAAOE,GAAa,CACzB,OAAQA,EAAS,OAAQ,CACvB,IAAK,KACH,SAAO,SAAM,MAAgB,EAE/B,QACE,SAAO,eAAY,IAAMA,EAAS,KAAK,CAAC,EACrC,QAAQD,CAAW,EACnB,IAAKE,GACJD,EAAS,MAAK,SAAMC,CAAW,KAAI,QAAKF,EAAYE,CAAI,CAAC,CAC3D,EACC,MAAM,cAAY,UAAU,EAC5B,QAASC,IAAa,CACrB,OAAQC,EAAU,IAAIH,EAAS,MAAM,GAAK,UAC1C,QAAS,IAAIA,EAAS,MAAM,KAAKE,GAAWF,EAAS,UAAU,EACjE,EAAE,CACR,CACF,CAAC,EACA,QACC,CAAC,CAAE,OAAAI,EAAQ,QAAAF,CAAQ,IACjB,IAAI,sBAAoB,CACtB,OAAAE,EACA,QAAS,GAAGF,GAAW,eAAe,WAAWP,CAAI,GACvD,CAAC,CACL,CACJ,CACF,EA1FaV,EAANoB,EAAA,IADN,cAAW,EAGPC,EAAA,eAAO,sBAAoB,OAAO,IAF1BrB,GA4Fb,MAAMkB,EAAY,IAAI,IAAwC,CAC5D,CAAC,IAAK,aAAa,EACnB,CAAC,IAAK,cAAc,CACtB,CAAC,EAED,SAASJ,EAAYQ,EAA+B,CAClD,GAAKA,EAEL,IADI,OAAOA,GAAU,UACjBA,EAAM,WAAa,CAAC,EAAE,SAAU,OAAO,OAAOA,CAAK,EACvD,GAAI,YAAaA,EAAO,OAAO,OAAOA,EAAM,OAAO,EACrD",
-  "names": ["HttpLKRPDataSource_exports", "__export", "HttpLKRPDataSource", "__toCommonJS", "import_inversify", "import_purify_ts", "import_Errors", "import_lkrpDatasourceTypes", "import_Trustchain", "HttpLKRPDataSource", "baseUrl", "payload", "jwt", "id", "serialized", "block", "path", "endpoint", "init", "href", "headers", "access_token", "err", "errToString", "response", "data", "message", "statusMap", "status", "__decorateClass", "__decorateParam", "error"]
+  "sourcesContent": ["import { inject, injectable } from \"inversify\";\nimport { EitherAsync, Just, Maybe, Nothing, Right } from \"purify-ts\";\n\nimport {\n  LKRPHttpRequestError,\n  LKRPUnauthorizedError,\n} from \"@api/app-binder/Errors\";\nimport { JWT } from \"@api/app-binder/LKRPTypes\";\nimport { lkrpDatasourceTypes } from \"@internal/lkrp-datasource/di/lkrpDatasourceTypes\";\nimport { LKRPBlock } from \"@internal/utils/LKRPBlock\";\nimport { LKRPBlockStream } from \"@internal/utils/LKRPBlockStream\";\n\nimport {\n  AuthenticationPayload,\n  Challenge,\n  LKRPDataSource,\n} from \"./LKRPDataSource\";\n\n@injectable()\nexport class HttpLKRPDataSource implements LKRPDataSource {\n  constructor(\n    @inject(lkrpDatasourceTypes.BaseUrl) private readonly baseUrl: string,\n  ) {}\n\n  getChallenge() {\n    return this.request<Challenge>(\"/challenge\", Nothing);\n  }\n\n  authenticate(payload: AuthenticationPayload) {\n    return this.request<JWT>(\"/authenticate\", Nothing, {\n      method: \"POST\",\n      body: JSON.stringify(payload),\n    }).map((jwt) => ({\n      jwt,\n      trustchainId: Maybe.fromNullable(\n        Object.keys(jwt.permissions).find((id) =>\n          Boolean(jwt.permissions[id]?.[\"m/\"]),\n        ),\n      ),\n    }));\n  }\n\n  getTrustchainById(id: string, jwt: JWT) {\n    return this.request<{ [path: string]: string }>(\n      `/trustchain/${id}`,\n      Just(jwt),\n    ).map((serialized) =>\n      Object.fromEntries(\n        Object.entries(serialized).map(([path, stream]) => [\n          path,\n          LKRPBlockStream.fromHex(stream),\n        ]),\n      ),\n    );\n  }\n\n  postDerivation(id: string, block: LKRPBlock, jwt: JWT) {\n    return this.request<void>(`/trustchain/${id}/derivation`, Just(jwt), {\n      method: \"POST\",\n      body: JSON.stringify(block.toString()),\n    });\n  }\n\n  putCommands(id: string, path: string, block: LKRPBlock, jwt: JWT) {\n    return this.request<void>(`/trustchain/${id}/commands`, Just(jwt), {\n      method: \"PUT\",\n      body: JSON.stringify({ path, blocks: [block.toString()] }),\n    });\n  }\n\n  private request<Res>(\n    endpoint: `/${string}`,\n    jwt: Maybe<{ access_token: string }>,\n    init?: RequestInit,\n  ): EitherAsync<LKRPHttpRequestError, Res> {\n    const href = this.baseUrl + endpoint;\n\n    return EitherAsync.fromPromise(async () => {\n      const response = await fetch(href, {\n        ...init,\n        headers: {\n          ...init?.headers,\n          \"Content-Type\": \"application/json\",\n          ...jwt.mapOrDefault<{ Authorization?: string }>(\n            ({ access_token }) => ({ Authorization: `Bearer ${access_token}` }),\n            {},\n          ),\n        },\n      });\n      switch (response.status) {\n        case 204:\n          return Right(undefined as Res);\n\n        case 401:\n          throw new LKRPUnauthorizedError(\n            `Unauthorized request to ${href}: [${response.status}] ${response.statusText}`,\n          );\n\n        default:\n          if (!response.ok) {\n            throw new LKRPHttpRequestError(\n              `Failed to fetch ${href}: [${response.status}] ${response.statusText}`,\n            );\n          }\n          return Right((await response.json()) as Res);\n      }\n    }).mapLeft((error: unknown) =>\n      error instanceof LKRPHttpRequestError\n        ? error\n        : new LKRPHttpRequestError(error),\n    );\n  }\n}\n"],
+  "mappings": "okBAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,wBAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAAmC,qBACnCC,EAAyD,qBAEzDC,EAGO,kCAEPC,EAAoC,4DAEpCC,EAAgC,2CASzB,IAAMC,EAAN,KAAmD,CACxD,YACwDC,EACtD,CADsD,aAAAA,CACrD,CAEH,cAAe,CACb,OAAO,KAAK,QAAmB,aAAc,SAAO,CACtD,CAEA,aAAaC,EAAgC,CAC3C,OAAO,KAAK,QAAa,gBAAiB,UAAS,CACjD,OAAQ,OACR,KAAM,KAAK,UAAUA,CAAO,CAC9B,CAAC,EAAE,IAAKC,IAAS,CACf,IAAAA,EACA,aAAc,QAAM,aAClB,OAAO,KAAKA,EAAI,WAAW,EAAE,KAAMC,GACjC,EAAQD,EAAI,YAAYC,CAAE,IAAI,IAAI,CACpC,CACF,CACF,EAAE,CACJ,CAEA,kBAAkBA,EAAYD,EAAU,CACtC,OAAO,KAAK,QACV,eAAeC,CAAE,MACjB,QAAKD,CAAG,CACV,EAAE,IAAKE,GACL,OAAO,YACL,OAAO,QAAQA,CAAU,EAAE,IAAI,CAAC,CAACC,EAAMC,CAAM,IAAM,CACjDD,EACA,kBAAgB,QAAQC,CAAM,CAChC,CAAC,CACH,CACF,CACF,CAEA,eAAeH,EAAYI,EAAkBL,EAAU,CACrD,OAAO,KAAK,QAAc,eAAeC,CAAE,iBAAe,QAAKD,CAAG,EAAG,CACnE,OAAQ,OACR,KAAM,KAAK,UAAUK,EAAM,SAAS,CAAC,CACvC,CAAC,CACH,CAEA,YAAYJ,EAAYE,EAAcE,EAAkBL,EAAU,CAChE,OAAO,KAAK,QAAc,eAAeC,CAAE,eAAa,QAAKD,CAAG,EAAG,CACjE,OAAQ,MACR,KAAM,KAAK,UAAU,CAAE,KAAAG,EAAM,OAAQ,CAACE,EAAM,SAAS,CAAC,CAAE,CAAC,CAC3D,CAAC,CACH,CAEQ,QACNC,EACAN,EACAO,EACwC,CACxC,MAAMC,EAAO,KAAK,QAAUF,EAE5B,OAAO,cAAY,YAAY,SAAY,CACzC,MAAMG,EAAW,MAAM,MAAMD,EAAM,CACjC,GAAGD,EACH,QAAS,CACP,GAAGA,GAAM,QACT,eAAgB,mBAChB,GAAGP,EAAI,aACL,CAAC,CAAE,aAAAU,CAAa,KAAO,CAAE,cAAe,UAAUA,CAAY,EAAG,GACjE,CAAC,CACH,CACF,CACF,CAAC,EACD,OAAQD,EAAS,OAAQ,CACvB,IAAK,KACH,SAAO,SAAM,MAAgB,EAE/B,IAAK,KACH,MAAM,IAAI,wBACR,2BAA2BD,CAAI,MAAMC,EAAS,MAAM,KAAKA,EAAS,UAAU,EAC9E,EAEF,QACE,GAAI,CAACA,EAAS,GACZ,MAAM,IAAI,uBACR,mBAAmBD,CAAI,MAAMC,EAAS,MAAM,KAAKA,EAAS,UAAU,EACtE,EAEF,SAAO,SAAO,MAAMA,EAAS,KAAK,CAAS,CAC/C,CACF,CAAC,EAAE,QAASE,GACVA,aAAiB,uBACbA,EACA,IAAI,uBAAqBA,CAAK,CACpC,CACF,CACF,EA7Fad,EAANe,EAAA,IADN,cAAW,EAGPC,EAAA,eAAO,sBAAoB,OAAO,IAF1BhB",
+  "names": ["HttpLKRPDataSource_exports", "__export", "HttpLKRPDataSource", "__toCommonJS", "import_inversify", "import_purify_ts", "import_Errors", "import_lkrpDatasourceTypes", "import_LKRPBlockStream", "HttpLKRPDataSource", "baseUrl", "payload", "jwt", "id", "serialized", "path", "stream", "block", "endpoint", "init", "href", "response", "access_token", "error", "__decorateClass", "__decorateParam"]
 }

package/lib/cjs/internal/lkrp-datasource/data/HttpLKRPDataSource.test.js CHANGED Viewed

@@ -1,2 +1,2 @@
-"use strict";var o=require("purify-ts"),l=require("../../../api/model/Errors"),h=require("../../utils/LKRPBlock"),m=require("../../utils/Trustchain"),c=require("./HttpLKRPDataSource");const r={access_token:"ACCESS TOKEN",permissions:{TRUSTCHAIN_ID:{"m/":["owner"]}}},i={version:0,challenge:{data:"1010101010010101010",expiry:"2025-06-30T10:00:00Z"},host:"example.com",rp:[{credential:{version:0,curveId:33,signAlgorithm:1,publicKey:"aaaaaaaaaaaaaaaaaaaaaaaaaa"},signature:"abababababababab"}],protocolVersion:{major:1,minor:0,patch:0}},u={credential:{version:0,curveId:33,signAlgorithm:1,publicKey:"bbbbbbbbbbbbbbbbbbbbbbbbbbb"},signature:"acacacacacacacac",attestation:"0000000000000000"};describe("HttpLKRPDataSource",()=>{const a=vi.spyOn(global,"fetch"),t="https://example.com";afterEach(()=>{a.mockClear()}),describe("getChallenge",()=>{it("should fetch challenge successfully",async()=>{const e={tlv:"0f1234567890",json:i};a.mockResolvedValueOnce({ok:!0,json:()=>Promise.resolve(e)});const n=await new c.HttpLKRPDataSource(t).getChallenge();expect(a).toHaveBeenCalledWith(`${t}/challenge`,{headers:{"Content-Type":"application/json"}}),expect(n).toEqual((0,o.Right)(e))}),it("should handle fetch error",async()=>{const e={status:"UNKNOWN",message:"Random error"};a.mockRejectedValueOnce(e);const n=await new c.HttpLKRPDataSource(t).getChallenge();expect(n).toEqual((0,o.Left)(new l.LKRPDataSourceError({status:"UNKNOWN",message:`Random error (from: ${t}/challenge)`})))})}),describe("authenticate",()=>{it("should fetch a JWT when the authentication is successful",async()=>{a.mockResolvedValueOnce({ok:!0,json:()=>Promise.resolve(r)});const s=await new c.HttpLKRPDataSource(t).authenticate({challenge:i,signature:u});expect(a).toHaveBeenCalledWith(`${t}/authenticate`,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({challenge:i,signature:u})}),expect(s).toEqual((0,o.Right)({jwt:r,trustchainId:(0,o.Just)("TRUSTCHAIN_ID")}))}),it("should return no trustchainId the returned JWT does not contain one",async()=>{const e={access_token:"ACCESS TOKEN",permissions:{}};a.mockResolvedValueOnce({ok:!0,json:()=>Promise.resolve(e)});const n=await new c.HttpLKRPDataSource(t).authenticate({challenge:i,signature:u});expect(n).toEqual((0,o.Right)({jwt:e,trustchainId:o.Nothing}))}),it("should handle authentication error",async()=>{a.mockResolvedValueOnce({ok:!1,status:401,statusText:"Unauthorized",json:()=>Promise.resolve({message:"Unauthorized access"})});const s=await new c.HttpLKRPDataSource(t).authenticate({challenge:i,signature:u});expect(s).toEqual((0,o.Left)(new l.LKRPDataSourceError({status:"UNAUTHORIZED",message:`[401] Unauthorized access (from: ${t}/authenticate)`})))})}),describe("getTrustchainById",()=>{it("should fetch trustchain by ID successfully",async()=>{const e={"m/":"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1e1d","m/16'":"1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b"};a.mockResolvedValueOnce({ok:!0,json:()=>Promise.resolve(e)});const n=await new c.HttpLKRPDataSource(t).getTrustchainById("TRUSTCHAIN_ID",r);expect(a).toHaveBeenCalledWith(`${t}/trustchain/TRUSTCHAIN_ID`,{headers:{"Content-Type":"application/json",Authorization:`Bearer ${r.access_token}`}}),expect(n).toEqual((0,o.Right)(new m.Trustchain("TRUSTCHAIN_ID",e)))}),it("should handle errors",async()=>{a.mockResolvedValueOnce({ok:!1,status:500,statusText:"Internal Server Error",json:()=>Promise.resolve({})});const s=await new c.HttpLKRPDataSource(t).getTrustchainById("TRUSTCHAIN_ID",r);expect(s).toEqual((0,o.Left)(new l.LKRPDataSourceError({status:"UNKNOWN",message:`[500] Internal Server Error (from: ${t}/trustchain/TRUSTCHAIN_ID)`})))})}),describe("postDerivation",()=>{it("should post derivation successfully",async()=>{const e="0102030405060708090a0b0c0d0e0f",s=h.LKRPBlock.fromHex(e);a.mockResolvedValueOnce({ok:!0,status:204});const d=await new c.HttpLKRPDataSource(t).postDerivation("TRUSTCHAIN_ID",s,r);expect(a).toHaveBeenCalledWith(`${t}/trustchain/TRUSTCHAIN_ID/derivation`,{method:"POST",headers:{"Content-Type":"application/json",Authorization:`Bearer ${r.access_token}`},body:JSON.stringify(e)}),expect(d).toEqual((0,o.Right)(void 0))})}),describe("putCommands",()=>{it("should put commands successfully",async()=>{const e="0102030405060708090a0b0c0d0e0f",s=h.LKRPBlock.fromHex(e);a.mockResolvedValueOnce({ok:!0,status:204});const d=await new c.HttpLKRPDataSource(t).putCommands("TRUSTCHAIN_ID","m/0'/16'/0'",s,r);expect(a).toHaveBeenCalledWith(`${t}/trustchain/TRUSTCHAIN_ID/commands`,{method:"PUT",headers:{"Content-Type":"application/json",Authorization:`Bearer ${r.access_token}`},body:JSON.stringify({path:"m/0'/16'/0'",blocks:[e]})}),expect(d).toEqual((0,o.Right)(void 0))})})});
+"use strict";var o=require("purify-ts"),u=require("../../../api/app-binder/Errors"),h=require("../../utils/LKRPBlock"),m=require("../../utils/LKRPBlockStream"),c=require("./HttpLKRPDataSource");const r={access_token:"ACCESS TOKEN",permissions:{TRUSTCHAIN_ID:{"m/":["owner"]}}},i={version:0,challenge:{data:"1010101010010101010",expiry:"2025-06-30T10:00:00Z"},host:"example.com",rp:[{credential:{version:0,curveId:33,signAlgorithm:1,publicKey:"aaaaaaaaaaaaaaaaaaaaaaaaaa"},signature:"abababababababab"}],protocolVersion:{major:1,minor:0,patch:0}},l={credential:{version:0,curveId:33,signAlgorithm:1,publicKey:"bbbbbbbbbbbbbbbbbbbbbbbbbbb"},signature:"acacacacacacacac",attestation:"0000000000000000"};describe("HttpLKRPDataSource",()=>{const a=vi.spyOn(global,"fetch"),t="https://example.com";afterEach(()=>{a.mockClear()}),describe("getChallenge",()=>{it("should fetch challenge successfully",async()=>{const e={tlv:"0f1234567890",json:i};a.mockResolvedValueOnce({ok:!0,json:()=>Promise.resolve(e)});const n=await new c.HttpLKRPDataSource(t).getChallenge();expect(a).toHaveBeenCalledWith(`${t}/challenge`,{headers:{"Content-Type":"application/json"}}),expect(n).toEqual((0,o.Right)(e))}),it("should handle fetch error",async()=>{const e=new Error("Random error");a.mockRejectedValueOnce(e);const n=await new c.HttpLKRPDataSource(t).getChallenge();expect(n).toEqual((0,o.Left)(new u.LKRPHttpRequestError(e)))})}),describe("authenticate",()=>{it("should fetch a JWT when the authentication is successful",async()=>{a.mockResolvedValueOnce({ok:!0,json:()=>Promise.resolve(r)});const s=await new c.HttpLKRPDataSource(t).authenticate({challenge:i,signature:l});expect(a).toHaveBeenCalledWith(`${t}/authenticate`,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({challenge:i,signature:l})}),expect(s).toEqual((0,o.Right)({jwt:r,trustchainId:(0,o.Just)("TRUSTCHAIN_ID")}))}),it("should return no trustchainId the returned JWT does not contain one",async()=>{const e={access_token:"ACCESS TOKEN",permissions:{}};a.mockResolvedValueOnce({ok:!0,json:()=>Promise.resolve(e)});const n=await new c.HttpLKRPDataSource(t).authenticate({challenge:i,signature:l});expect(n).toEqual((0,o.Right)({jwt:e,trustchainId:o.Nothing}))}),it("should handle authentication error",async()=>{a.mockResolvedValueOnce({ok:!1,status:401,statusText:"Unauthorized"});const s=await new c.HttpLKRPDataSource(t).authenticate({challenge:i,signature:l});expect(s).toEqual((0,o.Left)(new u.LKRPUnauthorizedError(`Unauthorized request to ${t}/authenticate: [401] Unauthorized`)))})}),describe("getTrustchainById",()=>{it("should fetch trustchain by ID successfully",async()=>{const e={"m/":"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1e1d","m/16'":"1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b"};a.mockResolvedValueOnce({ok:!0,json:()=>Promise.resolve(e)});const n=await new c.HttpLKRPDataSource(t).getTrustchainById("TRUSTCHAIN_ID",r);expect(a).toHaveBeenCalledWith(`${t}/trustchain/TRUSTCHAIN_ID`,{headers:{"Content-Type":"application/json",Authorization:`Bearer ${r.access_token}`}}),expect(n).toEqual((0,o.Right)({"m/":m.LKRPBlockStream.fromHex("0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1e1d"),"m/16'":m.LKRPBlockStream.fromHex("1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b")}))}),it("should handle errors",async()=>{a.mockResolvedValueOnce({ok:!1,status:500,statusText:"Internal Server Error"});const s=await new c.HttpLKRPDataSource(t).getTrustchainById("TRUSTCHAIN_ID",r);expect(s).toEqual((0,o.Left)(new u.LKRPHttpRequestError(`Failed to fetch ${t}/trustchain/TRUSTCHAIN_ID: [500] Internal Server Error`)))})}),describe("postDerivation",()=>{it("should post derivation successfully",async()=>{const e="0102030405060708090a0b0c0d0e0f",s=h.LKRPBlock.fromHex(e);a.mockResolvedValueOnce({ok:!0,status:204});const d=await new c.HttpLKRPDataSource(t).postDerivation("TRUSTCHAIN_ID",s,r);expect(a).toHaveBeenCalledWith(`${t}/trustchain/TRUSTCHAIN_ID/derivation`,{method:"POST",headers:{"Content-Type":"application/json",Authorization:`Bearer ${r.access_token}`},body:JSON.stringify(e)}),expect(d).toEqual((0,o.Right)(void 0))})}),describe("putCommands",()=>{it("should put commands successfully",async()=>{const e="0102030405060708090a0b0c0d0e0f",s=h.LKRPBlock.fromHex(e);a.mockResolvedValueOnce({ok:!0,status:204});const d=await new c.HttpLKRPDataSource(t).putCommands("TRUSTCHAIN_ID","m/0'/16'/0'",s,r);expect(a).toHaveBeenCalledWith(`${t}/trustchain/TRUSTCHAIN_ID/commands`,{method:"PUT",headers:{"Content-Type":"application/json",Authorization:`Bearer ${r.access_token}`},body:JSON.stringify({path:"m/0'/16'/0'",blocks:[e]})}),expect(d).toEqual((0,o.Right)(void 0))})})});
 //# sourceMappingURL=HttpLKRPDataSource.test.js.map

package/lib/cjs/internal/lkrp-datasource/data/HttpLKRPDataSource.test.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../../src/internal/lkrp-datasource/data/HttpLKRPDataSource.test.ts"],
-  "sourcesContent": ["import { Just, Left, Nothing, Right } from \"purify-ts\";\n\nimport { LKRPDataSourceError } from \"@api/model/Errors\";\nimport { LKRPBlock } from \"@internal/utils/LKRPBlock\";\nimport { Trustchain } from \"@internal/utils/Trustchain\";\n\nimport { HttpLKRPDataSource } from \"./HttpLKRPDataSource\";\n\nconst mockJwt = {\n  access_token: \"ACCESS TOKEN\",\n  permissions: { TRUSTCHAIN_ID: { \"m/\": [\"owner\"] } },\n};\n\nconst mockChallengeJSON = {\n  version: 0,\n  challenge: {\n    data: \"1010101010010101010\",\n    expiry: \"2025-06-30T10:00:00Z\",\n  },\n  host: \"example.com\",\n  rp: [\n    {\n      credential: {\n        version: 0,\n        curveId: 33,\n        signAlgorithm: 1,\n        publicKey: \"aaaaaaaaaaaaaaaaaaaaaaaaaa\",\n      },\n      signature: \"abababababababab\",\n    },\n  ],\n  protocolVersion: { major: 1, minor: 0, patch: 0 },\n};\n\nconst mockSignature = {\n  credential: {\n    version: 0,\n    curveId: 33,\n    signAlgorithm: 1,\n    publicKey: \"bbbbbbbbbbbbbbbbbbbbbbbbbbb\",\n  },\n  signature: \"acacacacacacacac\",\n  attestation: \"0000000000000000\",\n};\n\ndescribe(\"HttpLKRPDataSource\", () => {\n  const fetchSpy = vi.spyOn(global, \"fetch\");\n  const baseUrl = \"https://example.com\";\n\n  afterEach(() => {\n    fetchSpy.mockClear();\n  });\n\n  describe(\"getChallenge\", () => {\n    it(\"should fetch challenge successfully\", async () => {\n      // GIVEN\n      const mockChallenge = {\n        tlv: \"0f1234567890\",\n        json: mockChallengeJSON,\n      };\n\n      fetchSpy.mockResolvedValueOnce({\n        ok: true,\n        json: () => Promise.resolve(mockChallenge),\n      } as Response);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.getChallenge();\n      expect(fetchSpy).toHaveBeenCalledWith(`${baseUrl}/challenge`, {\n        headers: {\n          \"Content-Type\": \"application/json\",\n        },\n      });\n\n      // THEN\n      expect(result).toEqual(Right(mockChallenge));\n    });\n\n    it(\"should handle fetch error\", async () => {\n      // GIVEN\n      const error = { status: \"UNKNOWN\", message: \"Random error\" } as const;\n      fetchSpy.mockRejectedValueOnce(error);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.getChallenge();\n\n      // THEN\n      expect(result).toEqual(\n        Left(\n          new LKRPDataSourceError({\n            status: \"UNKNOWN\",\n            message: `Random error (from: ${baseUrl}/challenge)`,\n          }),\n        ),\n      );\n    });\n  });\n\n  describe(\"authenticate\", () => {\n    it(\"should fetch a JWT when the authentication is successful\", async () => {\n      // GIVEN\n      fetchSpy.mockResolvedValueOnce({\n        ok: true,\n        json: () => Promise.resolve(mockJwt),\n      } as Response);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.authenticate({\n        challenge: mockChallengeJSON,\n        signature: mockSignature,\n      });\n\n      // THEN\n      expect(fetchSpy).toHaveBeenCalledWith(`${baseUrl}/authenticate`, {\n        method: \"POST\",\n        headers: {\n          \"Content-Type\": \"application/json\",\n        },\n        body: JSON.stringify({\n          challenge: mockChallengeJSON,\n          signature: mockSignature,\n        }),\n      });\n      expect(result).toEqual(\n        Right({ jwt: mockJwt, trustchainId: Just(\"TRUSTCHAIN_ID\") }),\n      );\n    });\n\n    it(\"should return no trustchainId the returned JWT does not contain one\", async () => {\n      // GIVEN\n      const jwtWithoutTrustchainId = {\n        access_token: \"ACCESS TOKEN\",\n        permissions: {},\n      };\n      fetchSpy.mockResolvedValueOnce({\n        ok: true,\n        json: () => Promise.resolve(jwtWithoutTrustchainId),\n      } as Response);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.authenticate({\n        challenge: mockChallengeJSON,\n        signature: mockSignature,\n      });\n\n      // THEN\n      expect(result).toEqual(\n        Right({ jwt: jwtWithoutTrustchainId, trustchainId: Nothing }),\n      );\n    });\n\n    it(\"should handle authentication error\", async () => {\n      // GIVEN\n      fetchSpy.mockResolvedValueOnce({\n        ok: false,\n        status: 401,\n        statusText: \"Unauthorized\",\n        json: () => Promise.resolve({ message: \"Unauthorized access\" }),\n      } as Response);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.authenticate({\n        challenge: mockChallengeJSON,\n        signature: mockSignature,\n      });\n\n      // THEN\n      expect(result).toEqual(\n        Left(\n          new LKRPDataSourceError({\n            status: \"UNAUTHORIZED\",\n            message: `[401] Unauthorized access (from: ${baseUrl}/authenticate)`,\n          }),\n        ),\n      );\n    });\n  });\n\n  describe(\"getTrustchainById\", () => {\n    it(\"should fetch trustchain by ID successfully\", async () => {\n      // GIVEN\n      const mockTrustchainData = {\n        \"m/\": \"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1e1d\",\n        \"m/16'\": \"1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b\",\n      };\n      fetchSpy.mockResolvedValueOnce({\n        ok: true,\n        json: () => Promise.resolve(mockTrustchainData),\n      } as Response);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.getTrustchainById(\n        \"TRUSTCHAIN_ID\",\n        mockJwt,\n      );\n\n      // THEN\n      expect(fetchSpy).toHaveBeenCalledWith(\n        `${baseUrl}/trustchain/TRUSTCHAIN_ID`,\n        {\n          headers: {\n            \"Content-Type\": \"application/json\",\n            Authorization: `Bearer ${mockJwt.access_token}`,\n          },\n        },\n      );\n      expect(result).toEqual(\n        Right(new Trustchain(\"TRUSTCHAIN_ID\", mockTrustchainData)),\n      );\n    });\n\n    it(\"should handle errors\", async () => {\n      // GIVEN\n      fetchSpy.mockResolvedValueOnce({\n        ok: false,\n        status: 500,\n        statusText: \"Internal Server Error\",\n        json: () => Promise.resolve({}),\n      } as Response);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.getTrustchainById(\n        \"TRUSTCHAIN_ID\",\n        mockJwt,\n      );\n\n      // THEN\n      expect(result).toEqual(\n        Left(\n          new LKRPDataSourceError({\n            status: \"UNKNOWN\",\n            message: `[500] Internal Server Error (from: ${baseUrl}/trustchain/TRUSTCHAIN_ID)`,\n          }),\n        ),\n      );\n    });\n  });\n\n  describe(\"postDerivation\", () => {\n    it(\"should post derivation successfully\", async () => {\n      // GIVEN\n      const hex = \"0102030405060708090a0b0c0d0e0f\";\n      const mockBlock = LKRPBlock.fromHex(hex);\n      fetchSpy.mockResolvedValueOnce({\n        ok: true,\n        status: 204,\n      } as Response);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.postDerivation(\n        \"TRUSTCHAIN_ID\",\n        mockBlock,\n        mockJwt,\n      );\n\n      // THEN\n      expect(fetchSpy).toHaveBeenCalledWith(\n        `${baseUrl}/trustchain/TRUSTCHAIN_ID/derivation`,\n        {\n          method: \"POST\",\n          headers: {\n            \"Content-Type\": \"application/json\",\n            Authorization: `Bearer ${mockJwt.access_token}`,\n          },\n          body: JSON.stringify(hex),\n        },\n      );\n      expect(result).toEqual(Right(undefined));\n    });\n  });\n\n  describe(\"putCommands\", () => {\n    it(\"should put commands successfully\", async () => {\n      // GIVEN\n      const hex = \"0102030405060708090a0b0c0d0e0f\";\n      const mockBlock = LKRPBlock.fromHex(hex);\n      fetchSpy.mockResolvedValueOnce({\n        ok: true,\n        status: 204,\n      } as Response);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.putCommands(\n        \"TRUSTCHAIN_ID\",\n        \"m/0'/16'/0'\",\n        mockBlock,\n        mockJwt,\n      );\n\n      // THEN\n      expect(fetchSpy).toHaveBeenCalledWith(\n        `${baseUrl}/trustchain/TRUSTCHAIN_ID/commands`,\n        {\n          method: \"PUT\",\n          headers: {\n            \"Content-Type\": \"application/json\",\n            Authorization: `Bearer ${mockJwt.access_token}`,\n          },\n          body: JSON.stringify({ path: \"m/0'/16'/0'\", blocks: [hex] }),\n        },\n      );\n      expect(result).toEqual(Right(undefined));\n    });\n  });\n});\n"],
-  "mappings": "aAAA,IAAAA,EAA2C,qBAE3CC,EAAoC,6BACpCC,EAA0B,qCAC1BC,EAA2B,sCAE3BC,EAAmC,gCAEnC,MAAMC,EAAU,CACd,aAAc,eACd,YAAa,CAAE,cAAe,CAAE,KAAM,CAAC,OAAO,CAAE,CAAE,CACpD,EAEMC,EAAoB,CACxB,QAAS,EACT,UAAW,CACT,KAAM,sBACN,OAAQ,sBACV,EACA,KAAM,cACN,GAAI,CACF,CACE,WAAY,CACV,QAAS,EACT,QAAS,GACT,cAAe,EACf,UAAW,4BACb,EACA,UAAW,kBACb,CACF,EACA,gBAAiB,CAAE,MAAO,EAAG,MAAO,EAAG,MAAO,CAAE,CAClD,EAEMC,EAAgB,CACpB,WAAY,CACV,QAAS,EACT,QAAS,GACT,cAAe,EACf,UAAW,6BACb,EACA,UAAW,mBACX,YAAa,kBACf,EAEA,SAAS,qBAAsB,IAAM,CACnC,MAAMC,EAAW,GAAG,MAAM,OAAQ,OAAO,EACnCC,EAAU,sBAEhB,UAAU,IAAM,CACdD,EAAS,UAAU,CACrB,CAAC,EAED,SAAS,eAAgB,IAAM,CAC7B,GAAG,sCAAuC,SAAY,CAEpD,MAAME,EAAgB,CACpB,IAAK,eACL,KAAMJ,CACR,EAEAE,EAAS,sBAAsB,CAC7B,GAAI,GACJ,KAAM,IAAM,QAAQ,QAAQE,CAAa,CAC3C,CAAa,EAIb,MAAMC,EAAS,MADI,IAAI,qBAAmBF,CAAO,EACjB,aAAa,EAC7C,OAAOD,CAAQ,EAAE,qBAAqB,GAAGC,CAAO,aAAc,CAC5D,QAAS,CACP,eAAgB,kBAClB,CACF,CAAC,EAGD,OAAOE,CAAM,EAAE,WAAQ,SAAMD,CAAa,CAAC,CAC7C,CAAC,EAED,GAAG,4BAA6B,SAAY,CAE1C,MAAME,EAAQ,CAAE,OAAQ,UAAW,QAAS,cAAe,EAC3DJ,EAAS,sBAAsBI,CAAK,EAIpC,MAAMD,EAAS,MADI,IAAI,qBAAmBF,CAAO,EACjB,aAAa,EAG7C,OAAOE,CAAM,EAAE,WACb,QACE,IAAI,sBAAoB,CACtB,OAAQ,UACR,QAAS,uBAAuBF,CAAO,aACzC,CAAC,CACH,CACF,CACF,CAAC,CACH,CAAC,EAED,SAAS,eAAgB,IAAM,CAC7B,GAAG,2DAA4D,SAAY,CAEzED,EAAS,sBAAsB,CAC7B,GAAI,GACJ,KAAM,IAAM,QAAQ,QAAQH,CAAO,CACrC,CAAa,EAIb,MAAMM,EAAS,MADI,IAAI,qBAAmBF,CAAO,EACjB,aAAa,CAC3C,UAAWH,EACX,UAAWC,CACb,CAAC,EAGD,OAAOC,CAAQ,EAAE,qBAAqB,GAAGC,CAAO,gBAAiB,CAC/D,OAAQ,OACR,QAAS,CACP,eAAgB,kBAClB,EACA,KAAM,KAAK,UAAU,CACnB,UAAWH,EACX,UAAWC,CACb,CAAC,CACH,CAAC,EACD,OAAOI,CAAM,EAAE,WACb,SAAM,CAAE,IAAKN,EAAS,gBAAc,QAAK,eAAe,CAAE,CAAC,CAC7D,CACF,CAAC,EAED,GAAG,sEAAuE,SAAY,CAEpF,MAAMQ,EAAyB,CAC7B,aAAc,eACd,YAAa,CAAC,CAChB,EACAL,EAAS,sBAAsB,CAC7B,GAAI,GACJ,KAAM,IAAM,QAAQ,QAAQK,CAAsB,CACpD,CAAa,EAIb,MAAMF,EAAS,MADI,IAAI,qBAAmBF,CAAO,EACjB,aAAa,CAC3C,UAAWH,EACX,UAAWC,CACb,CAAC,EAGD,OAAOI,CAAM,EAAE,WACb,SAAM,CAAE,IAAKE,EAAwB,aAAc,SAAQ,CAAC,CAC9D,CACF,CAAC,EAED,GAAG,qCAAsC,SAAY,CAEnDL,EAAS,sBAAsB,CAC7B,GAAI,GACJ,OAAQ,IACR,WAAY,eACZ,KAAM,IAAM,QAAQ,QAAQ,CAAE,QAAS,qBAAsB,CAAC,CAChE,CAAa,EAIb,MAAMG,EAAS,MADI,IAAI,qBAAmBF,CAAO,EACjB,aAAa,CAC3C,UAAWH,EACX,UAAWC,CACb,CAAC,EAGD,OAAOI,CAAM,EAAE,WACb,QACE,IAAI,sBAAoB,CACtB,OAAQ,eACR,QAAS,oCAAoCF,CAAO,gBACtD,CAAC,CACH,CACF,CACF,CAAC,CACH,CAAC,EAED,SAAS,oBAAqB,IAAM,CAClC,GAAG,6CAA8C,SAAY,CAE3D,MAAMK,EAAqB,CACzB,KAAM,+DACN,QAAS,8DACX,EACAN,EAAS,sBAAsB,CAC7B,GAAI,GACJ,KAAM,IAAM,QAAQ,QAAQM,CAAkB,CAChD,CAAa,EAIb,MAAMH,EAAS,MADI,IAAI,qBAAmBF,CAAO,EACjB,kBAC9B,gBACAJ,CACF,EAGA,OAAOG,CAAQ,EAAE,qBACf,GAAGC,CAAO,4BACV,CACE,QAAS,CACP,eAAgB,mBAChB,cAAe,UAAUJ,EAAQ,YAAY,EAC/C,CACF,CACF,EACA,OAAOM,CAAM,EAAE,WACb,SAAM,IAAI,aAAW,gBAAiBG,CAAkB,CAAC,CAC3D,CACF,CAAC,EAED,GAAG,uBAAwB,SAAY,CAErCN,EAAS,sBAAsB,CAC7B,GAAI,GACJ,OAAQ,IACR,WAAY,wBACZ,KAAM,IAAM,QAAQ,QAAQ,CAAC,CAAC,CAChC,CAAa,EAIb,MAAMG,EAAS,MADI,IAAI,qBAAmBF,CAAO,EACjB,kBAC9B,gBACAJ,CACF,EAGA,OAAOM,CAAM,EAAE,WACb,QACE,IAAI,sBAAoB,CACtB,OAAQ,UACR,QAAS,sCAAsCF,CAAO,4BACxD,CAAC,CACH,CACF,CACF,CAAC,CACH,CAAC,EAED,SAAS,iBAAkB,IAAM,CAC/B,GAAG,sCAAuC,SAAY,CAEpD,MAAMM,EAAM,iCACNC,EAAY,YAAU,QAAQD,CAAG,EACvCP,EAAS,sBAAsB,CAC7B,GAAI,GACJ,OAAQ,GACV,CAAa,EAIb,MAAMG,EAAS,MADI,IAAI,qBAAmBF,CAAO,EACjB,eAC9B,gBACAO,EACAX,CACF,EAGA,OAAOG,CAAQ,EAAE,qBACf,GAAGC,CAAO,uCACV,CACE,OAAQ,OACR,QAAS,CACP,eAAgB,mBAChB,cAAe,UAAUJ,EAAQ,YAAY,EAC/C,EACA,KAAM,KAAK,UAAUU,CAAG,CAC1B,CACF,EACA,OAAOJ,CAAM,EAAE,WAAQ,SAAM,MAAS,CAAC,CACzC,CAAC,CACH,CAAC,EAED,SAAS,cAAe,IAAM,CAC5B,GAAG,mCAAoC,SAAY,CAEjD,MAAMI,EAAM,iCACNC,EAAY,YAAU,QAAQD,CAAG,EACvCP,EAAS,sBAAsB,CAC7B,GAAI,GACJ,OAAQ,GACV,CAAa,EAIb,MAAMG,EAAS,MADI,IAAI,qBAAmBF,CAAO,EACjB,YAC9B,gBACA,cACAO,EACAX,CACF,EAGA,OAAOG,CAAQ,EAAE,qBACf,GAAGC,CAAO,qCACV,CACE,OAAQ,MACR,QAAS,CACP,eAAgB,mBAChB,cAAe,UAAUJ,EAAQ,YAAY,EAC/C,EACA,KAAM,KAAK,UAAU,CAAE,KAAM,cAAe,OAAQ,CAACU,CAAG,CAAE,CAAC,CAC7D,CACF,EACA,OAAOJ,CAAM,EAAE,WAAQ,SAAM,MAAS,CAAC,CACzC,CAAC,CACH,CAAC,CACH,CAAC",
-  "names": ["import_purify_ts", "import_Errors", "import_LKRPBlock", "import_Trustchain", "import_HttpLKRPDataSource", "mockJwt", "mockChallengeJSON", "mockSignature", "fetchSpy", "baseUrl", "mockChallenge", "result", "error", "jwtWithoutTrustchainId", "mockTrustchainData", "hex", "mockBlock"]
+  "sourcesContent": ["import { Just, Left, Nothing, Right } from \"purify-ts\";\n\nimport {\n  LKRPHttpRequestError,\n  LKRPUnauthorizedError,\n} from \"@api/app-binder/Errors\";\nimport { LKRPBlock } from \"@internal/utils/LKRPBlock\";\nimport { LKRPBlockStream } from \"@internal/utils/LKRPBlockStream\";\n\nimport { HttpLKRPDataSource } from \"./HttpLKRPDataSource\";\n\nconst mockJwt = {\n  access_token: \"ACCESS TOKEN\",\n  permissions: { TRUSTCHAIN_ID: { \"m/\": [\"owner\"] } },\n};\n\nconst mockChallengeJSON = {\n  version: 0,\n  challenge: {\n    data: \"1010101010010101010\",\n    expiry: \"2025-06-30T10:00:00Z\",\n  },\n  host: \"example.com\",\n  rp: [\n    {\n      credential: {\n        version: 0,\n        curveId: 33,\n        signAlgorithm: 1,\n        publicKey: \"aaaaaaaaaaaaaaaaaaaaaaaaaa\",\n      },\n      signature: \"abababababababab\",\n    },\n  ],\n  protocolVersion: { major: 1, minor: 0, patch: 0 },\n};\n\nconst mockSignature = {\n  credential: {\n    version: 0,\n    curveId: 33,\n    signAlgorithm: 1,\n    publicKey: \"bbbbbbbbbbbbbbbbbbbbbbbbbbb\",\n  },\n  signature: \"acacacacacacacac\",\n  attestation: \"0000000000000000\",\n};\n\ndescribe(\"HttpLKRPDataSource\", () => {\n  const fetchSpy = vi.spyOn(global, \"fetch\");\n  const baseUrl = \"https://example.com\";\n\n  afterEach(() => {\n    fetchSpy.mockClear();\n  });\n\n  describe(\"getChallenge\", () => {\n    it(\"should fetch challenge successfully\", async () => {\n      // GIVEN\n      const mockChallenge = {\n        tlv: \"0f1234567890\",\n        json: mockChallengeJSON,\n      };\n\n      fetchSpy.mockResolvedValueOnce({\n        ok: true,\n        json: () => Promise.resolve(mockChallenge),\n      } as Response);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.getChallenge();\n      expect(fetchSpy).toHaveBeenCalledWith(`${baseUrl}/challenge`, {\n        headers: {\n          \"Content-Type\": \"application/json\",\n        },\n      });\n\n      // THEN\n      expect(result).toEqual(Right(mockChallenge));\n    });\n\n    it(\"should handle fetch error\", async () => {\n      // GIVEN\n      const error = new Error(\"Random error\");\n      fetchSpy.mockRejectedValueOnce(error);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.getChallenge();\n\n      // THEN\n      expect(result).toEqual(Left(new LKRPHttpRequestError(error)));\n    });\n  });\n\n  describe(\"authenticate\", () => {\n    it(\"should fetch a JWT when the authentication is successful\", async () => {\n      // GIVEN\n      fetchSpy.mockResolvedValueOnce({\n        ok: true,\n        json: () => Promise.resolve(mockJwt),\n      } as Response);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.authenticate({\n        challenge: mockChallengeJSON,\n        signature: mockSignature,\n      });\n\n      // THEN\n      expect(fetchSpy).toHaveBeenCalledWith(`${baseUrl}/authenticate`, {\n        method: \"POST\",\n        headers: {\n          \"Content-Type\": \"application/json\",\n        },\n        body: JSON.stringify({\n          challenge: mockChallengeJSON,\n          signature: mockSignature,\n        }),\n      });\n      expect(result).toEqual(\n        Right({ jwt: mockJwt, trustchainId: Just(\"TRUSTCHAIN_ID\") }),\n      );\n    });\n\n    it(\"should return no trustchainId the returned JWT does not contain one\", async () => {\n      // GIVEN\n      const jwtWithoutTrustchainId = {\n        access_token: \"ACCESS TOKEN\",\n        permissions: {},\n      };\n      fetchSpy.mockResolvedValueOnce({\n        ok: true,\n        json: () => Promise.resolve(jwtWithoutTrustchainId),\n      } as Response);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.authenticate({\n        challenge: mockChallengeJSON,\n        signature: mockSignature,\n      });\n\n      // THEN\n      expect(result).toEqual(\n        Right({ jwt: jwtWithoutTrustchainId, trustchainId: Nothing }),\n      );\n    });\n\n    it(\"should handle authentication error\", async () => {\n      // GIVEN\n      fetchSpy.mockResolvedValueOnce({\n        ok: false,\n        status: 401,\n        statusText: \"Unauthorized\",\n      } as Response);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.authenticate({\n        challenge: mockChallengeJSON,\n        signature: mockSignature,\n      });\n\n      // THEN\n      expect(result).toEqual(\n        Left(\n          new LKRPUnauthorizedError(\n            `Unauthorized request to ${baseUrl}/authenticate: [401] Unauthorized`,\n          ),\n        ),\n      );\n    });\n  });\n\n  describe(\"getTrustchainById\", () => {\n    it(\"should fetch trustchain by ID successfully\", async () => {\n      // GIVEN\n      const mockTrustchain = {\n        \"m/\": \"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1e1d\",\n        \"m/16'\": \"1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b\",\n      };\n      fetchSpy.mockResolvedValueOnce({\n        ok: true,\n        json: () => Promise.resolve(mockTrustchain),\n      } as Response);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.getTrustchainById(\n        \"TRUSTCHAIN_ID\",\n        mockJwt,\n      );\n\n      // THEN\n      expect(fetchSpy).toHaveBeenCalledWith(\n        `${baseUrl}/trustchain/TRUSTCHAIN_ID`,\n        {\n          headers: {\n            \"Content-Type\": \"application/json\",\n            Authorization: `Bearer ${mockJwt.access_token}`,\n          },\n        },\n      );\n      expect(result).toEqual(\n        Right({\n          \"m/\": LKRPBlockStream.fromHex(\n            \"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1e1d\",\n          ),\n          \"m/16'\": LKRPBlockStream.fromHex(\n            \"1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b\",\n          ),\n        }),\n      );\n    });\n\n    it(\"should handle errors\", async () => {\n      // GIVEN\n      fetchSpy.mockResolvedValueOnce({\n        ok: false,\n        status: 500,\n        statusText: \"Internal Server Error\",\n      } as Response);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.getTrustchainById(\n        \"TRUSTCHAIN_ID\",\n        mockJwt,\n      );\n\n      // THEN\n      expect(result).toEqual(\n        Left(\n          new LKRPHttpRequestError(\n            `Failed to fetch ${baseUrl}/trustchain/TRUSTCHAIN_ID: [500] Internal Server Error`,\n          ),\n        ),\n      );\n    });\n  });\n\n  describe(\"postDerivation\", () => {\n    it(\"should post derivation successfully\", async () => {\n      // GIVEN\n      const hex = \"0102030405060708090a0b0c0d0e0f\";\n      const mockBlock = LKRPBlock.fromHex(hex);\n      fetchSpy.mockResolvedValueOnce({\n        ok: true,\n        status: 204,\n      } as Response);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.postDerivation(\n        \"TRUSTCHAIN_ID\",\n        mockBlock,\n        mockJwt,\n      );\n\n      // THEN\n      expect(fetchSpy).toHaveBeenCalledWith(\n        `${baseUrl}/trustchain/TRUSTCHAIN_ID/derivation`,\n        {\n          method: \"POST\",\n          headers: {\n            \"Content-Type\": \"application/json\",\n            Authorization: `Bearer ${mockJwt.access_token}`,\n          },\n          body: JSON.stringify(hex),\n        },\n      );\n      expect(result).toEqual(Right(undefined));\n    });\n  });\n\n  describe(\"putCommands\", () => {\n    it(\"should put commands successfully\", async () => {\n      // GIVEN\n      const hex = \"0102030405060708090a0b0c0d0e0f\";\n      const mockBlock = LKRPBlock.fromHex(hex);\n      fetchSpy.mockResolvedValueOnce({\n        ok: true,\n        status: 204,\n      } as Response);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.putCommands(\n        \"TRUSTCHAIN_ID\",\n        \"m/0'/16'/0'\",\n        mockBlock,\n        mockJwt,\n      );\n\n      // THEN\n      expect(fetchSpy).toHaveBeenCalledWith(\n        `${baseUrl}/trustchain/TRUSTCHAIN_ID/commands`,\n        {\n          method: \"PUT\",\n          headers: {\n            \"Content-Type\": \"application/json\",\n            Authorization: `Bearer ${mockJwt.access_token}`,\n          },\n          body: JSON.stringify({ path: \"m/0'/16'/0'\", blocks: [hex] }),\n        },\n      );\n      expect(result).toEqual(Right(undefined));\n    });\n  });\n});\n"],
+  "mappings": "aAAA,IAAAA,EAA2C,qBAE3CC,EAGO,kCACPC,EAA0B,qCAC1BC,EAAgC,2CAEhCC,EAAmC,gCAEnC,MAAMC,EAAU,CACd,aAAc,eACd,YAAa,CAAE,cAAe,CAAE,KAAM,CAAC,OAAO,CAAE,CAAE,CACpD,EAEMC,EAAoB,CACxB,QAAS,EACT,UAAW,CACT,KAAM,sBACN,OAAQ,sBACV,EACA,KAAM,cACN,GAAI,CACF,CACE,WAAY,CACV,QAAS,EACT,QAAS,GACT,cAAe,EACf,UAAW,4BACb,EACA,UAAW,kBACb,CACF,EACA,gBAAiB,CAAE,MAAO,EAAG,MAAO,EAAG,MAAO,CAAE,CAClD,EAEMC,EAAgB,CACpB,WAAY,CACV,QAAS,EACT,QAAS,GACT,cAAe,EACf,UAAW,6BACb,EACA,UAAW,mBACX,YAAa,kBACf,EAEA,SAAS,qBAAsB,IAAM,CACnC,MAAMC,EAAW,GAAG,MAAM,OAAQ,OAAO,EACnCC,EAAU,sBAEhB,UAAU,IAAM,CACdD,EAAS,UAAU,CACrB,CAAC,EAED,SAAS,eAAgB,IAAM,CAC7B,GAAG,sCAAuC,SAAY,CAEpD,MAAME,EAAgB,CACpB,IAAK,eACL,KAAMJ,CACR,EAEAE,EAAS,sBAAsB,CAC7B,GAAI,GACJ,KAAM,IAAM,QAAQ,QAAQE,CAAa,CAC3C,CAAa,EAIb,MAAMC,EAAS,MADI,IAAI,qBAAmBF,CAAO,EACjB,aAAa,EAC7C,OAAOD,CAAQ,EAAE,qBAAqB,GAAGC,CAAO,aAAc,CAC5D,QAAS,CACP,eAAgB,kBAClB,CACF,CAAC,EAGD,OAAOE,CAAM,EAAE,WAAQ,SAAMD,CAAa,CAAC,CAC7C,CAAC,EAED,GAAG,4BAA6B,SAAY,CAE1C,MAAME,EAAQ,IAAI,MAAM,cAAc,EACtCJ,EAAS,sBAAsBI,CAAK,EAIpC,MAAMD,EAAS,MADI,IAAI,qBAAmBF,CAAO,EACjB,aAAa,EAG7C,OAAOE,CAAM,EAAE,WAAQ,QAAK,IAAI,uBAAqBC,CAAK,CAAC,CAAC,CAC9D,CAAC,CACH,CAAC,EAED,SAAS,eAAgB,IAAM,CAC7B,GAAG,2DAA4D,SAAY,CAEzEJ,EAAS,sBAAsB,CAC7B,GAAI,GACJ,KAAM,IAAM,QAAQ,QAAQH,CAAO,CACrC,CAAa,EAIb,MAAMM,EAAS,MADI,IAAI,qBAAmBF,CAAO,EACjB,aAAa,CAC3C,UAAWH,EACX,UAAWC,CACb,CAAC,EAGD,OAAOC,CAAQ,EAAE,qBAAqB,GAAGC,CAAO,gBAAiB,CAC/D,OAAQ,OACR,QAAS,CACP,eAAgB,kBAClB,EACA,KAAM,KAAK,UAAU,CACnB,UAAWH,EACX,UAAWC,CACb,CAAC,CACH,CAAC,EACD,OAAOI,CAAM,EAAE,WACb,SAAM,CAAE,IAAKN,EAAS,gBAAc,QAAK,eAAe,CAAE,CAAC,CAC7D,CACF,CAAC,EAED,GAAG,sEAAuE,SAAY,CAEpF,MAAMQ,EAAyB,CAC7B,aAAc,eACd,YAAa,CAAC,CAChB,EACAL,EAAS,sBAAsB,CAC7B,GAAI,GACJ,KAAM,IAAM,QAAQ,QAAQK,CAAsB,CACpD,CAAa,EAIb,MAAMF,EAAS,MADI,IAAI,qBAAmBF,CAAO,EACjB,aAAa,CAC3C,UAAWH,EACX,UAAWC,CACb,CAAC,EAGD,OAAOI,CAAM,EAAE,WACb,SAAM,CAAE,IAAKE,EAAwB,aAAc,SAAQ,CAAC,CAC9D,CACF,CAAC,EAED,GAAG,qCAAsC,SAAY,CAEnDL,EAAS,sBAAsB,CAC7B,GAAI,GACJ,OAAQ,IACR,WAAY,cACd,CAAa,EAIb,MAAMG,EAAS,MADI,IAAI,qBAAmBF,CAAO,EACjB,aAAa,CAC3C,UAAWH,EACX,UAAWC,CACb,CAAC,EAGD,OAAOI,CAAM,EAAE,WACb,QACE,IAAI,wBACF,2BAA2BF,CAAO,mCACpC,CACF,CACF,CACF,CAAC,CACH,CAAC,EAED,SAAS,oBAAqB,IAAM,CAClC,GAAG,6CAA8C,SAAY,CAE3D,MAAMK,EAAiB,CACrB,KAAM,+DACN,QAAS,8DACX,EACAN,EAAS,sBAAsB,CAC7B,GAAI,GACJ,KAAM,IAAM,QAAQ,QAAQM,CAAc,CAC5C,CAAa,EAIb,MAAMH,EAAS,MADI,IAAI,qBAAmBF,CAAO,EACjB,kBAC9B,gBACAJ,CACF,EAGA,OAAOG,CAAQ,EAAE,qBACf,GAAGC,CAAO,4BACV,CACE,QAAS,CACP,eAAgB,mBAChB,cAAe,UAAUJ,EAAQ,YAAY,EAC/C,CACF,CACF,EACA,OAAOM,CAAM,EAAE,WACb,SAAM,CACJ,KAAM,kBAAgB,QACpB,8DACF,EACA,QAAS,kBAAgB,QACvB,8DACF,CACF,CAAC,CACH,CACF,CAAC,EAED,GAAG,uBAAwB,SAAY,CAErCH,EAAS,sBAAsB,CAC7B,GAAI,GACJ,OAAQ,IACR,WAAY,uBACd,CAAa,EAIb,MAAMG,EAAS,MADI,IAAI,qBAAmBF,CAAO,EACjB,kBAC9B,gBACAJ,CACF,EAGA,OAAOM,CAAM,EAAE,WACb,QACE,IAAI,uBACF,mBAAmBF,CAAO,wDAC5B,CACF,CACF,CACF,CAAC,CACH,CAAC,EAED,SAAS,iBAAkB,IAAM,CAC/B,GAAG,sCAAuC,SAAY,CAEpD,MAAMM,EAAM,iCACNC,EAAY,YAAU,QAAQD,CAAG,EACvCP,EAAS,sBAAsB,CAC7B,GAAI,GACJ,OAAQ,GACV,CAAa,EAIb,MAAMG,EAAS,MADI,IAAI,qBAAmBF,CAAO,EACjB,eAC9B,gBACAO,EACAX,CACF,EAGA,OAAOG,CAAQ,EAAE,qBACf,GAAGC,CAAO,uCACV,CACE,OAAQ,OACR,QAAS,CACP,eAAgB,mBAChB,cAAe,UAAUJ,EAAQ,YAAY,EAC/C,EACA,KAAM,KAAK,UAAUU,CAAG,CAC1B,CACF,EACA,OAAOJ,CAAM,EAAE,WAAQ,SAAM,MAAS,CAAC,CACzC,CAAC,CACH,CAAC,EAED,SAAS,cAAe,IAAM,CAC5B,GAAG,mCAAoC,SAAY,CAEjD,MAAMI,EAAM,iCACNC,EAAY,YAAU,QAAQD,CAAG,EACvCP,EAAS,sBAAsB,CAC7B,GAAI,GACJ,OAAQ,GACV,CAAa,EAIb,MAAMG,EAAS,MADI,IAAI,qBAAmBF,CAAO,EACjB,YAC9B,gBACA,cACAO,EACAX,CACF,EAGA,OAAOG,CAAQ,EAAE,qBACf,GAAGC,CAAO,qCACV,CACE,OAAQ,MACR,QAAS,CACP,eAAgB,mBAChB,cAAe,UAAUJ,EAAQ,YAAY,EAC/C,EACA,KAAM,KAAK,UAAU,CAAE,KAAM,cAAe,OAAQ,CAACU,CAAG,CAAE,CAAC,CAC7D,CACF,EACA,OAAOJ,CAAM,EAAE,WAAQ,SAAM,MAAS,CAAC,CACzC,CAAC,CACH,CAAC,CACH,CAAC",
+  "names": ["import_purify_ts", "import_Errors", "import_LKRPBlock", "import_LKRPBlockStream", "import_HttpLKRPDataSource", "mockJwt", "mockChallengeJSON", "mockSignature", "fetchSpy", "baseUrl", "mockChallenge", "result", "error", "jwtWithoutTrustchainId", "mockTrustchain", "hex", "mockBlock"]
 }

package/lib/cjs/internal/lkrp-datasource/data/LKRPDataSource.js CHANGED Viewed

@@ -1,2 +1,2 @@
-"use strict";var i=Object.defineProperty;var o=Object.getOwnPropertyDescriptor;var s=Object.getOwnPropertyNames;var l=Object.prototype.hasOwnProperty;var c=(e,t,a,n)=>{if(t&&typeof t=="object"||typeof t=="function")for(let r of s(t))!l.call(e,r)&&r!==a&&i(e,r,{get:()=>t[r],enumerable:!(n=o(t,r))||n.enumerable});return e};var g=e=>c(i({},"__esModule",{value:!0}),e);var p={};module.exports=g(p);
+"use strict";var i=Object.defineProperty;var a=Object.getOwnPropertyDescriptor;var s=Object.getOwnPropertyNames;var p=Object.prototype.hasOwnProperty;var l=(e,t,o,n)=>{if(t&&typeof t=="object"||typeof t=="function")for(let r of s(t))!p.call(e,r)&&r!==o&&i(e,r,{get:()=>t[r],enumerable:!(n=a(t,r))||n.enumerable});return e};var g=e=>l(i({},"__esModule",{value:!0}),e);var u={};module.exports=g(u);
 //# sourceMappingURL=LKRPDataSource.js.map

package/lib/cjs/internal/lkrp-datasource/data/LKRPDataSource.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../../src/internal/lkrp-datasource/data/LKRPDataSource.ts"],
-  "sourcesContent": ["import { type EitherAsync, type Maybe } from \"purify-ts\";\n\nimport { type LKRPDataSourceError } from \"@api/model/Errors\";\nimport { type JWT } from \"@api/model/JWT\";\nimport { type LKRPBlock } from \"@internal/utils/LKRPBlock\";\nimport { type Trustchain } from \"@internal/utils/Trustchain\";\n\nexport interface LKRPDataSource {\n  getChallenge(): EitherAsync<LKRPDataSourceError, Challenge>;\n\n  authenticate(\n    payload: AuthenticationPayload,\n  ): EitherAsync<LKRPDataSourceError, AuthenticationResponse>;\n\n  getTrustchainById(\n    id: string,\n    jwt: JWT,\n  ): EitherAsync<LKRPDataSourceError, Trustchain>;\n\n  postDerivation(\n    id: string,\n    blocks: LKRPBlock,\n    jwt: JWT,\n  ): EitherAsync<LKRPDataSourceError, void>;\n\n  putCommands(\n    id: string,\n    path: string,\n    block: LKRPBlock,\n    jwt: JWT,\n  ): EitherAsync<LKRPDataSourceError, void>;\n}\n\nexport type Challenge = { json: ChallengeJSON; tlv: string };\n\nexport type AuthenticationResponse = {\n  jwt: JWT;\n  trustchainId: Maybe<string>;\n};\n\nexport type AuthenticationPayload = {\n  challenge: ChallengeJSON;\n  signature: ChallengeSignature;\n};\n\ntype ChallengeJSON = {\n  version: number;\n  challenge: {\n    data: string;\n    expiry: string;\n  };\n  host: string;\n  rp: { credential: Credential; signature: string }[];\n  protocolVersion: {\n    major: number;\n    minor: number;\n    patch: number;\n  };\n};\n\ntype ChallengeSignature = {\n  credential: Credential;\n  signature: string;\n  attestation: string;\n};\n\ntype Credential = {\n  version: number;\n  curveId: number;\n  signAlgorithm: number;\n  publicKey: string;\n};\n"],
+  "sourcesContent": ["import { type EitherAsync, type Maybe } from \"purify-ts\";\n\nimport { type LKRPHttpRequestError } from \"@api/app-binder/Errors\";\nimport { type JWT } from \"@api/app-binder/LKRPTypes\";\nimport { type LKRPBlock } from \"@internal/utils/LKRPBlock\";\nimport { type Trustchain } from \"@internal/utils/types\";\n\nexport interface LKRPDataSource {\n  getChallenge(): EitherAsync<LKRPHttpRequestError, Challenge>;\n\n  authenticate(\n    payload: AuthenticationPayload,\n  ): EitherAsync<LKRPHttpRequestError, AuthenticationResponse>;\n\n  getTrustchainById(\n    id: string,\n    jwt: JWT,\n  ): EitherAsync<LKRPHttpRequestError, Trustchain>;\n\n  postDerivation(\n    id: string,\n    blocks: LKRPBlock,\n    jwt: JWT,\n  ): EitherAsync<LKRPHttpRequestError, void>;\n\n  putCommands(\n    id: string,\n    path: string,\n    block: LKRPBlock,\n    jwt: JWT,\n  ): EitherAsync<LKRPHttpRequestError, void>;\n}\n\nexport type Challenge = { json: ChallengeJSON; tlv: string };\n\nexport type AuthenticationResponse = {\n  jwt: JWT;\n  trustchainId: Maybe<string>;\n};\n\nexport type AuthenticationPayload = {\n  challenge: ChallengeJSON;\n  signature: ChallengeSignature;\n};\n\ntype ChallengeJSON = {\n  version: number;\n  challenge: {\n    data: string;\n    expiry: string;\n  };\n  host: string;\n  rp: { credential: Credential; signature: string }[];\n  protocolVersion: {\n    major: number;\n    minor: number;\n    patch: number;\n  };\n};\n\ntype ChallengeSignature = {\n  credential: Credential;\n  signature: string;\n  attestation: string;\n};\n\ntype Credential = {\n  version: number;\n  curveId: number;\n  signAlgorithm: number;\n  publicKey: string;\n};\n"],
   "mappings": "+WAAA,IAAAA,EAAA,kBAAAC,EAAAD",
   "names": ["LKRPDataSource_exports", "__toCommonJS"]
 }