@ledgerhq/device-trusted-app-kit-ledger-keyring-protocol 0.0.0-ledger-button-20250806141658 → 0.0.0-ledger-button-20250808005842

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (167) hide show
  1. package/lib/cjs/api/LedgerKeyringProtocol.js +1 -1
  2. package/lib/cjs/api/LedgerKeyringProtocol.js.map +1 -1
  3. package/lib/cjs/api/app-binder/AddToTrustchainDeviceActionTypes.js +1 -1
  4. package/lib/cjs/api/app-binder/AddToTrustchainDeviceActionTypes.js.map +1 -1
  5. package/lib/cjs/api/app-binder/AuthenticateDeviceActionTypes.js +1 -1
  6. package/lib/cjs/api/app-binder/AuthenticateDeviceActionTypes.js.map +1 -1
  7. package/lib/cjs/api/app-binder/Errors.js +1 -1
  8. package/lib/cjs/api/app-binder/Errors.js.map +3 -3
  9. package/lib/cjs/api/app-binder/SignBlockHeaderCommandTypes.js +1 -1
  10. package/lib/cjs/api/app-binder/SignBlockHeaderCommandTypes.js.map +1 -1
  11. package/lib/cjs/internal/DefaultLedgerKeyringProtocol.js +1 -1
  12. package/lib/cjs/internal/DefaultLedgerKeyringProtocol.js.map +3 -3
  13. package/lib/cjs/internal/app-binder/command/SetTrustedMemberCommand.js +1 -1
  14. package/lib/cjs/internal/app-binder/command/SetTrustedMemberCommand.js.map +3 -3
  15. package/lib/cjs/internal/app-binder/command/SignBlockHeader.js +1 -1
  16. package/lib/cjs/internal/app-binder/command/SignBlockHeader.js.map +3 -3
  17. package/lib/cjs/internal/app-binder/command/SignBlockHeader.test.js +1 -1
  18. package/lib/cjs/internal/app-binder/command/SignBlockHeader.test.js.map +3 -3
  19. package/lib/cjs/internal/app-binder/device-action/AddToTrustchainDeviceAction.js +1 -1
  20. package/lib/cjs/internal/app-binder/device-action/AddToTrustchainDeviceAction.js.map +3 -3
  21. package/lib/cjs/internal/app-binder/device-action/AuthenticateDeviceAction.js +1 -1
  22. package/lib/cjs/internal/app-binder/device-action/AuthenticateDeviceAction.js.map +2 -2
  23. package/lib/cjs/internal/app-binder/task/ParseStreamToDeviceTask.js +1 -1
  24. package/lib/cjs/internal/app-binder/task/ParseStreamToDeviceTask.js.map +3 -3
  25. package/lib/cjs/internal/app-binder/task/SignBlockTask.js +1 -1
  26. package/lib/cjs/internal/app-binder/task/SignBlockTask.js.map +3 -3
  27. package/lib/cjs/internal/app-binder/task/SignChallengeWithKeypairTask.js +1 -1
  28. package/lib/cjs/internal/app-binder/task/SignChallengeWithKeypairTask.js.map +2 -2
  29. package/lib/cjs/internal/app-binder/task/utils/TrustedProperties.js +1 -1
  30. package/lib/cjs/internal/app-binder/task/utils/TrustedProperties.js.map +3 -3
  31. package/lib/cjs/internal/lkrp-datasource/data/HttpLKRPDataSource.js +1 -1
  32. package/lib/cjs/internal/lkrp-datasource/data/HttpLKRPDataSource.js.map +3 -3
  33. package/lib/cjs/internal/lkrp-datasource/data/HttpLKRPDataSource.test.js +1 -1
  34. package/lib/cjs/internal/lkrp-datasource/data/HttpLKRPDataSource.test.js.map +2 -2
  35. package/lib/cjs/internal/lkrp-datasource/data/LKRPDataSource.js +1 -1
  36. package/lib/cjs/internal/lkrp-datasource/data/LKRPDataSource.js.map +1 -1
  37. package/lib/cjs/internal/models/LKRPBlockTypes.js +2 -0
  38. package/lib/cjs/internal/models/LKRPBlockTypes.js.map +7 -0
  39. package/lib/cjs/internal/models/LKRPCommandTypes.js +2 -0
  40. package/lib/cjs/internal/models/LKRPCommandTypes.js.map +7 -0
  41. package/lib/cjs/internal/{utils/TLVTags.js → models/Tags.js} +1 -1
  42. package/lib/cjs/internal/{utils/TLVTags.js.map → models/Tags.js.map} +2 -2
  43. package/lib/cjs/internal/models/Types.js +2 -0
  44. package/lib/cjs/internal/models/Types.js.map +7 -0
  45. package/lib/cjs/internal/utils/LKRPBlock.js.map +2 -2
  46. package/lib/cjs/internal/utils/LKRPBlock.test.js +1 -1
  47. package/lib/cjs/internal/utils/LKRPBlock.test.js.map +3 -3
  48. package/lib/cjs/internal/utils/LKRPBlockStream.js +2 -2
  49. package/lib/cjs/internal/utils/LKRPBlockStream.js.map +3 -3
  50. package/lib/cjs/internal/utils/LKRPBlockStream.test.js +3 -3
  51. package/lib/cjs/internal/utils/LKRPBlockStream.test.js.map +3 -3
  52. package/lib/cjs/internal/utils/LKRPCommand.js +2 -2
  53. package/lib/cjs/internal/utils/LKRPCommand.js.map +3 -3
  54. package/lib/cjs/internal/utils/LKRPCommand.test.js +1 -1
  55. package/lib/cjs/internal/utils/LKRPCommand.test.js.map +3 -3
  56. package/lib/cjs/internal/utils/TLVBuilder.js +1 -1
  57. package/lib/cjs/internal/utils/TLVBuilder.js.map +3 -3
  58. package/lib/cjs/internal/utils/TLVParser.js +1 -1
  59. package/lib/cjs/internal/utils/TLVParser.js.map +3 -3
  60. package/lib/cjs/internal/utils/TLVParser.test.js +1 -1
  61. package/lib/cjs/internal/utils/TLVParser.test.js.map +3 -3
  62. package/lib/cjs/package.json +1 -0
  63. package/lib/esm/api/app-binder/Errors.js +1 -1
  64. package/lib/esm/api/app-binder/Errors.js.map +3 -3
  65. package/lib/esm/internal/DefaultLedgerKeyringProtocol.js +1 -1
  66. package/lib/esm/internal/DefaultLedgerKeyringProtocol.js.map +3 -3
  67. package/lib/esm/internal/app-binder/command/SetTrustedMemberCommand.js +1 -1
  68. package/lib/esm/internal/app-binder/command/SetTrustedMemberCommand.js.map +2 -2
  69. package/lib/esm/internal/app-binder/command/SignBlockHeader.js +1 -1
  70. package/lib/esm/internal/app-binder/command/SignBlockHeader.js.map +3 -3
  71. package/lib/esm/internal/app-binder/command/SignBlockHeader.test.js +1 -1
  72. package/lib/esm/internal/app-binder/command/SignBlockHeader.test.js.map +3 -3
  73. package/lib/esm/internal/app-binder/device-action/AddToTrustchainDeviceAction.js +1 -1
  74. package/lib/esm/internal/app-binder/device-action/AddToTrustchainDeviceAction.js.map +3 -3
  75. package/lib/esm/internal/app-binder/device-action/AuthenticateDeviceAction.js +1 -1
  76. package/lib/esm/internal/app-binder/device-action/AuthenticateDeviceAction.js.map +3 -3
  77. package/lib/esm/internal/app-binder/task/ParseStreamToDeviceTask.js +1 -1
  78. package/lib/esm/internal/app-binder/task/ParseStreamToDeviceTask.js.map +3 -3
  79. package/lib/esm/internal/app-binder/task/SignBlockTask.js +1 -1
  80. package/lib/esm/internal/app-binder/task/SignBlockTask.js.map +3 -3
  81. package/lib/esm/internal/app-binder/task/SignChallengeWithKeypairTask.js +1 -1
  82. package/lib/esm/internal/app-binder/task/SignChallengeWithKeypairTask.js.map +3 -3
  83. package/lib/esm/internal/app-binder/task/utils/TrustedProperties.js +1 -1
  84. package/lib/esm/internal/app-binder/task/utils/TrustedProperties.js.map +3 -3
  85. package/lib/esm/internal/lkrp-datasource/data/HttpLKRPDataSource.js +1 -1
  86. package/lib/esm/internal/lkrp-datasource/data/HttpLKRPDataSource.js.map +3 -3
  87. package/lib/esm/internal/lkrp-datasource/data/HttpLKRPDataSource.test.js +1 -1
  88. package/lib/esm/internal/lkrp-datasource/data/HttpLKRPDataSource.test.js.map +3 -3
  89. package/lib/esm/internal/models/LKRPBlockTypes.js +1 -0
  90. package/lib/esm/internal/models/LKRPCommandTypes.js +1 -0
  91. package/lib/esm/internal/models/LKRPCommandTypes.js.map +7 -0
  92. package/lib/esm/internal/{utils/TLVTags.js → models/Tags.js} +1 -1
  93. package/lib/esm/internal/{utils/TLVTags.js.map → models/Tags.js.map} +1 -1
  94. package/lib/esm/internal/models/Types.js +1 -0
  95. package/lib/esm/internal/models/Types.js.map +7 -0
  96. package/lib/esm/internal/utils/LKRPBlock.js.map +2 -2
  97. package/lib/esm/internal/utils/LKRPBlock.test.js +1 -1
  98. package/lib/esm/internal/utils/LKRPBlock.test.js.map +3 -3
  99. package/lib/esm/internal/utils/LKRPBlockStream.js +2 -2
  100. package/lib/esm/internal/utils/LKRPBlockStream.js.map +3 -3
  101. package/lib/esm/internal/utils/LKRPBlockStream.test.js +3 -3
  102. package/lib/esm/internal/utils/LKRPBlockStream.test.js.map +3 -3
  103. package/lib/esm/internal/utils/LKRPCommand.js +2 -2
  104. package/lib/esm/internal/utils/LKRPCommand.js.map +3 -3
  105. package/lib/esm/internal/utils/LKRPCommand.test.js +1 -1
  106. package/lib/esm/internal/utils/LKRPCommand.test.js.map +3 -3
  107. package/lib/esm/internal/utils/TLVBuilder.js +1 -1
  108. package/lib/esm/internal/utils/TLVBuilder.js.map +2 -2
  109. package/lib/esm/internal/utils/TLVParser.js +1 -1
  110. package/lib/esm/internal/utils/TLVParser.js.map +3 -3
  111. package/lib/esm/internal/utils/TLVParser.test.js +1 -1
  112. package/lib/esm/internal/utils/TLVParser.test.js.map +3 -3
  113. package/lib/esm/package.json +1 -0
  114. package/lib/types/api/LedgerKeyringProtocol.d.ts +1 -2
  115. package/lib/types/api/LedgerKeyringProtocol.d.ts.map +1 -1
  116. package/lib/types/api/app-binder/AddToTrustchainDeviceActionTypes.d.ts +4 -4
  117. package/lib/types/api/app-binder/AddToTrustchainDeviceActionTypes.d.ts.map +1 -1
  118. package/lib/types/api/app-binder/AuthenticateDeviceActionTypes.d.ts +5 -4
  119. package/lib/types/api/app-binder/AuthenticateDeviceActionTypes.d.ts.map +1 -1
  120. package/lib/types/api/app-binder/Errors.d.ts +38 -12
  121. package/lib/types/api/app-binder/Errors.d.ts.map +1 -1
  122. package/lib/types/api/app-binder/SignBlockHeaderCommandTypes.d.ts +2 -1
  123. package/lib/types/api/app-binder/SignBlockHeaderCommandTypes.d.ts.map +1 -1
  124. package/lib/types/internal/DefaultLedgerKeyringProtocol.d.ts +1 -2
  125. package/lib/types/internal/DefaultLedgerKeyringProtocol.d.ts.map +1 -1
  126. package/lib/types/internal/app-binder/command/SignBlockHeader.d.ts +1 -0
  127. package/lib/types/internal/app-binder/command/SignBlockHeader.d.ts.map +1 -1
  128. package/lib/types/internal/app-binder/device-action/AddToTrustchainDeviceAction.d.ts +2 -2
  129. package/lib/types/internal/app-binder/device-action/AddToTrustchainDeviceAction.d.ts.map +1 -1
  130. package/lib/types/internal/app-binder/device-action/AuthenticateDeviceAction.d.ts +1 -1
  131. package/lib/types/internal/app-binder/device-action/AuthenticateDeviceAction.d.ts.map +1 -1
  132. package/lib/types/internal/app-binder/task/ParseStreamToDeviceTask.d.ts +3 -3
  133. package/lib/types/internal/app-binder/task/ParseStreamToDeviceTask.d.ts.map +1 -1
  134. package/lib/types/internal/app-binder/task/SignBlockTask.d.ts +6 -7
  135. package/lib/types/internal/app-binder/task/SignBlockTask.d.ts.map +1 -1
  136. package/lib/types/internal/app-binder/task/SignChallengeWithKeypairTask.d.ts +2 -3
  137. package/lib/types/internal/app-binder/task/SignChallengeWithKeypairTask.d.ts.map +1 -1
  138. package/lib/types/internal/app-binder/task/utils/TrustedProperties.d.ts +1 -1
  139. package/lib/types/internal/app-binder/task/utils/TrustedProperties.d.ts.map +1 -1
  140. package/lib/types/internal/lkrp-datasource/data/HttpLKRPDataSource.d.ts +6 -6
  141. package/lib/types/internal/lkrp-datasource/data/HttpLKRPDataSource.d.ts.map +1 -1
  142. package/lib/types/internal/lkrp-datasource/data/LKRPDataSource.d.ts +7 -7
  143. package/lib/types/internal/lkrp-datasource/data/LKRPDataSource.d.ts.map +1 -1
  144. package/lib/types/internal/models/LKRPBlockTypes.d.ts +11 -0
  145. package/lib/types/internal/models/LKRPBlockTypes.d.ts.map +1 -0
  146. package/lib/types/internal/{utils/types.d.ts → models/LKRPCommandTypes.d.ts} +6 -29
  147. package/lib/types/internal/models/LKRPCommandTypes.d.ts.map +1 -0
  148. package/lib/types/internal/{utils/TLVTags.d.ts → models/Tags.d.ts} +1 -1
  149. package/lib/types/internal/models/Tags.d.ts.map +1 -0
  150. package/lib/types/internal/models/Types.d.ts +14 -0
  151. package/lib/types/internal/models/Types.d.ts.map +1 -0
  152. package/lib/types/internal/utils/LKRPBlock.d.ts +1 -1
  153. package/lib/types/internal/utils/LKRPBlock.d.ts.map +1 -1
  154. package/lib/types/internal/utils/LKRPBlockStream.d.ts +3 -3
  155. package/lib/types/internal/utils/LKRPBlockStream.d.ts.map +1 -1
  156. package/lib/types/internal/utils/LKRPCommand.d.ts +3 -2
  157. package/lib/types/internal/utils/LKRPCommand.d.ts.map +1 -1
  158. package/lib/types/internal/utils/TLVParser.d.ts +3 -2
  159. package/lib/types/internal/utils/TLVParser.d.ts.map +1 -1
  160. package/lib/types/tsconfig.prod.tsbuildinfo +1 -1
  161. package/package.json +4 -3
  162. package/lib/cjs/internal/utils/types.js +0 -2
  163. package/lib/cjs/internal/utils/types.js.map +0 -7
  164. package/lib/esm/internal/utils/types.js +0 -1
  165. package/lib/types/internal/utils/TLVTags.d.ts.map +0 -1
  166. package/lib/types/internal/utils/types.d.ts.map +0 -1
  167. /package/lib/esm/internal/{utils/types.js.map → models/LKRPBlockTypes.js.map} +0 -0
package/lib/cjs/internal/app-binder/device-action/AuthenticateDeviceAction.js.map CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "version": 3,
3
3
  "sources": ["../../../../../src/internal/app-binder/device-action/AuthenticateDeviceAction.ts"],
4
- "sourcesContent": ["import {\n type DeviceActionStateMachine,\n type InternalApi,\n OpenAppDeviceAction,\n type StateMachineTypes,\n UnknownDAError,\n UserInteractionRequired,\n XStateDeviceAction,\n} from \"@ledgerhq/device-management-kit\";\nimport { type Either, EitherAsync, Left, Right } from \"purify-ts\";\nimport { assign, fromPromise, setup } from \"xstate\";\n\nimport {\n type AuthenticateDAError,\n type AuthenticateDAInput,\n type AuthenticateDAIntermediateValue,\n type AuthenticateDAInternalState,\n type AuthenticateDAOutput,\n} from \"@api/app-binder/AuthenticateDeviceActionTypes\";\nimport {\n LKRPMissingDataError,\n LKRPUnauthorizedError,\n LKRPUnhandledState,\n} from \"@api/app-binder/Errors\";\nimport { type Keypair } from \"@api/app-binder/LKRPTypes\";\nimport { type JWT } from \"@api/index\";\nimport { SignChallengeWithDeviceTask } from \"@internal/app-binder/task/SignChallengeWithDeviceTask\";\nimport { SignChallengeWithKeypairTask } from \"@internal/app-binder/task/SignChallengeWithKeypairTask\";\nimport {\n type AuthenticationPayload,\n type Challenge,\n type LKRPDataSource,\n} from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport { eitherSeqRecord } from \"@internal/utils/eitherSeqRecord\";\nimport { LKRPBlockStream } from \"@internal/utils/LKRPBlockStream\";\nimport { required } from \"@internal/utils/required\";\n\nimport { raiseAndAssign } from \"./utils/raiseAndAssign\";\nimport { AddToTrustchainDeviceAction } from \"./AddToTrustchainDeviceAction\";\n\nconst APP_NAME = \"Ledger Sync\";\n\nexport class AuthenticateDeviceAction extends XStateDeviceAction<\n AuthenticateDAOutput,\n AuthenticateDAInput,\n AuthenticateDAError,\n AuthenticateDAIntermediateValue,\n AuthenticateDAInternalState\n> {\n makeStateMachine(\n internalApi: InternalApi,\n ): DeviceActionStateMachine<\n AuthenticateDAOutput,\n AuthenticateDAInput,\n AuthenticateDAError,\n AuthenticateDAIntermediateValue,\n AuthenticateDAInternalState\n > {\n type types = StateMachineTypes<\n AuthenticateDAOutput,\n AuthenticateDAInput,\n AuthenticateDAError,\n AuthenticateDAIntermediateValue,\n AuthenticateDAInternalState\n >;\n\n const { deviceAuth, keypairAuth, getTrustchain, extractEncryptionKey } =\n this.extractDependencies(internalApi);\n\n return setup({\n types: {\n input: {} as types[\"input\"],\n context: {} as types[\"context\"],\n output: {} as types[\"output\"],\n },\n\n actors: {\n openAppStateMachine: new OpenAppDeviceAction({\n input: { appName: APP_NAME },\n }).makeStateMachine(internalApi),\n\n deviceAuth: fromPromise(deviceAuth),\n keypairAuth: fromPromise(keypairAuth),\n\n getTrustchain: fromPromise(getTrustchain),\n\n addToTrustchainStateMachine: new AddToTrustchainDeviceAction({\n input: Left(\n new LKRPMissingDataError(\"Missing input for GetEncryptionKey\"),\n ),\n }).makeStateMachine(internalApi),\n\n extractEncryptionKey: fromPromise(extractEncryptionKey),\n },\n\n actions: {\n assignErrorFromEvent: raiseAndAssign(\n ({ event }) =>\n Left(\n new UnknownDAError(String((event as { error?: unknown }).error)),\n ), // NOTE: it should never happen, the error is not typed anymore here\n ),\n },\n\n guards: {\n hasNoTrustchainId: ({ context }) => !context.input.trustchainId,\n hasNoJwt: ({ context }) => !context.input.jwt,\n isTrustchainMember: ({ context }) =>\n context._internalState\n .toMaybe()\n .map(\n (state) =>\n state.wasAddedToTrustchain ||\n state.applicationStream?.hasMember(\n context.input.keypair.pubKeyToHex(),\n ),\n )\n .extract() ?? false,\n },\n }).createMachine({\n /** @xstate-layout N4IgpgJg5mDOIC5QEECuAXAFmAduglgMYCG6YAImAG5FjKEED2OAdAMLaEDWbATpLgLEANrADEAbQAMAXUSgADo1j4mOeSAAeiAMxSALC30BOHfoDsAJinGAHADYp94wBoQAT0QBaAKwsf9lYBAIzB9jrm5vr6OgC+sW5oWIJEpBTUtPRq7Jw8-BApIuISwXJIIEoqahraCDrBOizG+pb2tq06PlJStvo+bp4IPsZSLBHBprZWnVI+tvGJGNh4qWSUNIR0DPjMOWDcfAIrRZKWZYrKqjvq5bU6lsZGkb0Rsz1TOgOII34+oebGQJmOytBYgJLLAgkNYZTZZa4sADSYHcCmI+F4ELEEGYYBY+BwVEYXDxJNR6MxS2k5wql2qt0Q9miLEsJh8lmewWGrK+Q30wSMOk61k6OjaLTBEJS0PSGy22WR5IxWLAvF4jF4LAUwlIADMNQBbFhktHKqmyDSVK7MGqM+r+Fr6WyA8xM2zBSy86LmJq2Axi-T2YZTQGSpbStLrTLbXaK02UrBiWCoQibWCwamWunXW0IYw+H2BVmWOa2MxScy88xSAXmYJlh5CiYBYxh5IrGVRuEx1hxilYglUET4CCHArHUSZ8pW+mgWrO0b8-kPYyWDkxfS8gujWb2Cb3fmRAxtyGrWXRhUo+MqtUaqcXKo5hl55xNMzBCyzZp9TceRl-FhHCcHo11aKIfBPCMYTleFdi7OgliTFM0wzC1p2zG1nw9fRRmaRwTDXcIuk9P8EEDUZzB0fNLGCOtzB8LpWwScFww7SNYXlBF4JvdVeHvWlH0wudEA-GwjFomsDBsHDPlIj9DFsdkAldZ4WhLSC2Ogi8uI4iEWAAeQUXBkAUBRsVxfFCWJPFGCMnATIUfiZyfYSEHsIMmkiB4PUsCJ3RIwZaMaBouVdFoqJ8Cx5mYqVNPPbtsm4pYDLshyxFVXitR1dB9V4I1bOM0ynIwm5XKZQwGMi3yzHuBsq0eQJehsCZFNdCYNKhdiYJ7FgkqwFLCrM5NUzgVCaWcoStG+MIWArYIDF6BiPzaXkHgq3o2qZSxFLiGLWM6rSEp0mDkqxHEcDxQdrJYAoTqwYrBNKqaEHm0wWHaLoJnMP12nCXl61sFkPymAJulscHAw6s9uJ6vrMBYHiNSyvVDRu3TzXGkrc3mgExmMBoTBGIifFkwZmhYNrqzLejGLsKHO10nqAHEwHQAAVXhUFgdBCEwdEcHMi7LKJEkWBgdnOe53n+Ye60ntqBoAPc4wrHCewaO+gLEHdAVqbaJwwmaXbFnbA74s43YWYlrmeb5gl0tvTVtRRvKxdZjmbelglZdnZ6CYq-MLDMaIpAefpSLrPwehsBxqw9Tp6a67TLfdyXbf5pCRvTH2XL9gI-HoktXv5aTeVMRpJidZ0HgrGxE8Oi3WCtj2pbtgXB2HUd8kKSc0IfOXc3CQHKJ0Z0zHV9oJl5BwKOmesbGLMt6-N2Cm9Tz224d3ic8mhWTEBlpXWaKQxXaepeSDAUgLaEsZnm42WNN6HGeyDh9i4ABJWAAFkwANAAjVU4h8CwAAAQGj-oAvifcBIDywmPQC3RPx6Eos4Um3wVbvX9A8QIPRL7Lxhq-XIX9f4AKAWIEBoCcCMHQOAyBqod7yxEiGCmykGjuiApRMuvkjABFHv5eoJgCEvwRG-bgJD6G8HEBlO8MCJpMJeuBd6Jh1azDDs4C+Stug3xJp9E+wjurZGQBACAbNGAt3Tvbc6l0rKi2MaY8xacvY4EYbmGizoxjemMCMU+oRbD1UaM6J0dg5jxwfrFM2hCET2LMRY5xW8kbOxyqjGJjiN4yzkVjZ8NERizQ9ACVohF6JVgMLNIC3R6glimJYAxydWCpLiZvYaKFXHZL6IDPQYRb4ODFKYMuHkIZ+iIt4qItSjq7AaU4zeMjoGY0em4z8-hwg0Vqg0E+v5Bjg0BmEP4gIzAPGsPYMZjcWAAFFNDoF4MQBgpycCEF4KiNQipM4tMyfM7JE93oAnaFMb6AJ0EvXWf4CswwIishPq6Y5q8zkXKuTcu5DyFBPJRAk2ZWZ3muVaDWFgH5lreL9Ixew-S-AQzrICE+phjxgmoQUeA5QInP0MbneRuY-Q4vmlMQIEwwiOErKRLw+Yxg0VLJEAGYpwn7UZXUvYBxu4Tjpf3X2Cttrsp6Cpbl7kKy8i8D6d0VgTA1lqvmJee0n4MyZbGK8-Yljorga5dkPoR7OnmkGCp4dBjhEeODTVjp2GzChbDdGWBbVKsQA6poq5Vzg1mO6fx-LdXCudN9dyJM6zRRNqec10q4YDXsqZENudagFj8N4g50bQlxsGByAUcwLAxCZOXMwAbEpBvhhCAtu8RIUtVWEPo4ryqrQcIBfWLRfpgWCM2hEzcpn8w7Qoj0DExj0XxSTcqAL8aLlHhYRwTJd1HNNZmpO4zWBiM-j-SRCrYGhpem0A+1gGw0VmH8d12tvFNACNEfMdZgIQQPVBFePVJnpIJHOtxu5ZpRBaiYLyGztZlgprRJNURVFNr-XFKJuxzmXOuegW59zHnXEVKBtpM0Qx7kog4RwHp-pAq6K6fW4rKL6EnbsAAyshUaxHMWuksEK9R312j4xo0KFkBYmQ7JGN0cwLHWCnMdlx56HJ6IshLNtcC3ogz9MMOECwxYnTAn3fEIAA */\n\n id: \"AuthenticateDeviceAction\",\n context: ({ input }): types[\"context\"] => ({\n input,\n intermediateValue: {\n requiredUserInteraction: UserInteractionRequired.None,\n },\n _internalState: Right({\n trustchainId: null,\n jwt: null,\n trustchain: null,\n applicationStream: null,\n encryptionKey: null,\n wasAddedToTrustchain: false,\n }),\n }),\n\n initial: \"CheckCredentials\",\n states: {\n CheckCredentials: {\n always: [\n { target: \"DeviceAuth\", guard: \"hasNoTrustchainId\" },\n { target: \"KeypairAuth\", guard: \"hasNoJwt\" },\n { target: \"GetTrustchain\" },\n ],\n },\n\n KeypairAuth: {\n on: {\n success: \"GetTrustchain\",\n invalidCredentials: \"DeviceAuth\",\n error: \"Error\",\n },\n invoke: {\n id: \"keypairAuth\",\n src: \"keypairAuth\",\n input: ({ context }) => ({\n lkrpDataSource: context.input.lkrpDataSource,\n keypair: context.input.keypair,\n trustchainId: required(\n context.input.trustchainId,\n \"Missing Trustchain ID in the input\",\n ),\n }),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output\n .map(({ jwt }) => ({\n raise: \"success\",\n assign: { jwt },\n }))\n .chainLeft((error) =>\n error instanceof LKRPUnauthorizedError\n ? Right({ raise: \"invalidCredentials\" })\n : Left(error),\n ),\n ),\n },\n },\n },\n\n DeviceAuth: {\n on: { success: \"GetTrustchain\", error: \"Error\" },\n initial: \"OpenApp\",\n states: {\n OpenApp: {\n // TODO snapshot for intermediateValue\n on: { success: \"Auth\" },\n invoke: {\n id: \"openApp\",\n src: \"openAppStateMachine\",\n input: { appName: APP_NAME },\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(() => ({ raise: \"success\" })),\n ),\n },\n },\n },\n\n Auth: {\n entry: assign({\n intermediateValue: {\n requiredUserInteraction: \"connect-ledger-sync\",\n },\n }),\n exit: assign({\n intermediateValue: {\n requiredUserInteraction: UserInteractionRequired.None,\n },\n }),\n invoke: {\n id: \"deviceAuth\",\n src: \"deviceAuth\",\n input: ({ context }) => context.input,\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.chain((payload) =>\n payload.trustchainId.caseOf({\n Nothing: () =>\n Left(\n new LKRPUnhandledState(\"The trustchain is empty\"),\n ),\n Just: (trustchainId) =>\n Right({\n raise: \"success\",\n assign: { jwt: payload.jwt, trustchainId },\n }),\n }),\n ),\n ),\n },\n },\n },\n },\n },\n\n GetTrustchain: {\n on: {\n success: \"CheckIsMembers\",\n invalidCredentials: \"KeypairAuth\",\n error: \"Error\",\n },\n invoke: {\n id: \"getTrustchain\",\n src: \"getTrustchain\",\n input: ({ context }) =>\n context._internalState.chain((state) =>\n eitherSeqRecord({\n lkrpDataSource: context.input.lkrpDataSource,\n applicationId: context.input.applicationId,\n trustchainId: () =>\n required(\n state.trustchainId ?? context.input.trustchainId,\n \"Missing Trustchain ID in the input for GetTrustchain\",\n ),\n jwt: () =>\n required(\n state.jwt ?? context.input.jwt,\n \"Missing JWT in the input for GetTrustchain\",\n ),\n }),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(({ trustchain, applicationStream }) => ({\n raise: \"success\",\n assign: { trustchain, applicationStream },\n })),\n ),\n },\n },\n },\n\n CheckIsMembers: {\n always: [\n { target: \"ExtractEncryptionKey\", guard: \"isTrustchainMember\" },\n { target: \"AddToTrustchain\" },\n ],\n },\n\n AddToTrustchain: {\n // TODO snapshot for intermediateValue\n on: {\n success: \"GetTrustchain\",\n error: \"Error\",\n },\n invoke: {\n id: \"AddToTrustchain\",\n src: \"addToTrustchainStateMachine\",\n input: ({ context }) =>\n context._internalState\n .mapLeft(\n () =>\n new LKRPMissingDataError(\n \"Missing data in the input for AddToTrustchain\",\n ),\n )\n .chain((state) =>\n eitherSeqRecord({\n lkrpDataSource: context.input.lkrpDataSource,\n keypair: context.input.keypair,\n clientName: context.input.clientName,\n permissions: context.input.permissions,\n jwt: () =>\n required(\n state.jwt ?? context.input.jwt,\n \"Missing JWT in the input for AddToTrustchain\",\n ),\n trustchainId: () =>\n required(\n state.trustchainId ?? context.input.trustchainId,\n \"Missing Trustchain ID in the input for GetTrustchain\",\n ),\n trustchain: () =>\n required(\n state.trustchain,\n \"Missing Trustchain in the input for AddToTrustchain\",\n ),\n applicationStream: () =>\n required(\n state.applicationStream,\n \"Missing application stream in the input for AddToTrustchain\",\n ),\n }),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(() => ({\n raise: \"success\",\n assign: { wasAddedToTrustchain: true },\n })),\n ),\n },\n },\n },\n\n ExtractEncryptionKey: {\n on: { success: \"Success\", error: \"Error\" },\n invoke: {\n id: \"ExtractEncryptionKey\",\n src: \"extractEncryptionKey\",\n input: ({ context }) =>\n context._internalState.chain((state) =>\n required(\n state.applicationStream,\n \"Missing application stream\",\n ).map((applicationStream) => ({\n applicationStream,\n keypair: context.input.keypair,\n })),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map((encryptionKey) => ({\n raise: \"success\",\n assign: { encryptionKey },\n })),\n ),\n },\n },\n },\n\n Success: { type: \"final\" },\n\n Error: { type: \"final\" },\n },\n\n output: ({ context }) =>\n context._internalState.chain((state) =>\n eitherSeqRecord({\n trustchainId: () =>\n required(\n state.trustchainId ?? context.input.trustchainId,\n \"Missing Trustchain ID in the output\",\n ),\n jwt: () =>\n required(\n state.jwt ?? context.input.jwt,\n \"Missing JWT in the output\",\n ),\n applicationPath: () =>\n required(\n state.applicationStream?.getPath().extract(),\n \"Missing application path in the output\",\n ),\n encryptionKey: () =>\n required(\n state.encryptionKey,\n \"Missing encryption key in the output\",\n ),\n }),\n ),\n });\n }\n\n extractDependencies(internalApi: InternalApi) {\n return {\n deviceAuth: (args: { input: { lkrpDataSource: LKRPDataSource } }) =>\n this.auth(\n args.input.lkrpDataSource,\n new SignChallengeWithDeviceTask(internalApi),\n ).run(),\n\n keypairAuth: (args: {\n input: Pick<AuthenticateDAInput, \"lkrpDataSource\" | \"keypair\"> & {\n trustchainId: Either<LKRPMissingDataError, string>;\n };\n }) => {\n const { lkrpDataSource, keypair } = args.input;\n return EitherAsync.liftEither(args.input.trustchainId)\n .chain((trustchainId) =>\n this.auth(\n lkrpDataSource,\n new SignChallengeWithKeypairTask(keypair, trustchainId),\n ),\n )\n .run();\n },\n\n getTrustchain: (args: {\n input: Either<\n AuthenticateDAError,\n {\n applicationId: number;\n lkrpDataSource: LKRPDataSource;\n trustchainId: string;\n jwt: JWT;\n }\n >;\n }) =>\n EitherAsync.liftEither(args.input)\n .chain(({ applicationId, lkrpDataSource, trustchainId, jwt }) =>\n lkrpDataSource\n .getTrustchainById(trustchainId, jwt)\n .map((trustchain) => ({\n trustchain,\n applicationStream:\n trustchain[`m/${applicationId}'`] ??\n LKRPBlockStream.fromPath(`m/0'/${applicationId}'/0'`),\n })),\n )\n .run(),\n\n extractEncryptionKey: async (args: {\n input: Either<\n AuthenticateDAError,\n {\n applicationStream: LKRPBlockStream;\n keypair: Keypair;\n }\n >;\n }) => {\n // TODO additional derivations should be supported:\n // https://github.com/LedgerHQ/ledger-live/blob/develop/libs/hw-ledger-key-ring-protocol/src/Device.ts#L216...L226\n // Probably not needed for Ledger Sync\n return Promise.resolve(\n args.input\n .chain(({ applicationStream, keypair }) =>\n applicationStream\n .getPublishedKey(keypair)\n .toEither(\n new UnknownDAError(\n \"There is no encryption key for the current member in the application stream.\",\n ),\n ),\n )\n .map((key) => key.privateKey),\n );\n },\n };\n }\n\n private auth(\n lkrpDataSource: LKRPDataSource,\n signerTask: {\n run: (\n challenge: Challenge,\n ) => PromiseLike<Either<AuthenticateDAError, AuthenticationPayload>>;\n },\n ) {\n return lkrpDataSource\n .getChallenge()\n .chain((challenge) => signerTask.run(challenge))\n .chain((payload) => lkrpDataSource.authenticate(payload));\n }\n}\n"],
5
- "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,8BAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAQO,2CACPC,EAAsD,qBACtDC,EAA2C,kBAS3CC,EAIO,kCAGPC,EAA4C,iEAC5CC,EAA6C,kEAM7CC,EAAgC,2CAChCC,EAAgC,2CAChCC,EAAyB,oCAEzBC,EAA+B,kCAC/BC,EAA4C,yCAE5C,MAAMC,EAAW,cAEV,MAAMb,UAAiC,oBAM5C,CACA,iBACEc,EAOA,CASA,KAAM,CAAE,WAAAC,EAAY,YAAAC,EAAa,cAAAC,EAAe,qBAAAC,CAAqB,EACnE,KAAK,oBAAoBJ,CAAW,EAEtC,SAAO,SAAM,CACX,MAAO,CACL,MAAO,CAAC,EACR,QAAS,CAAC,EACV,OAAQ,CAAC,CACX,EAEA,OAAQ,CACN,oBAAqB,IAAI,sBAAoB,CAC3C,MAAO,CAAE,QAASD,CAAS,CAC7B,CAAC,EAAE,iBAAiBC,CAAW,EAE/B,cAAY,eAAYC,CAAU,EAClC,eAAa,eAAYC,CAAW,EAEpC,iBAAe,eAAYC,CAAa,EAExC,4BAA6B,IAAI,8BAA4B,CAC3D,SAAO,QACL,IAAI,uBAAqB,oCAAoC,CAC/D,CACF,CAAC,EAAE,iBAAiBH,CAAW,EAE/B,wBAAsB,eAAYI,CAAoB,CACxD,EAEA,QAAS,CACP,wBAAsB,kBACpB,CAAC,CAAE,MAAAC,CAAM,OACP,QACE,IAAI,iBAAe,OAAQA,EAA8B,KAAK,CAAC,CACjE,CACJ,CACF,EAEA,OAAQ,CACN,kBAAmB,CAAC,CAAE,QAAAC,CAAQ,IAAM,CAACA,EAAQ,MAAM,aACnD,SAAU,CAAC,CAAE,QAAAA,CAAQ,IAAM,CAACA,EAAQ,MAAM,IAC1C,mBAAoB,CAAC,CAAE,QAAAA,CAAQ,IAC7BA,EAAQ,eACL,QAAQ,EACR,IACEC,GACCA,EAAM,sBACNA,EAAM,mBAAmB,UACvBD,EAAQ,MAAM,QAAQ,YAAY,CACpC,CACJ,EACC,QAAQ,GAAK,EACpB,CACF,CAAC,EAAE,cAAc,CAGf,GAAI,2BACJ,QAAS,CAAC,CAAE,MAAAE,CAAM,KAAyB,CACzC,MAAAA,EACA,kBAAmB,CACjB,wBAAyB,0BAAwB,IACnD,EACA,kBAAgB,SAAM,CACpB,aAAc,KACd,IAAK,KACL,WAAY,KACZ,kBAAmB,KACnB,cAAe,KACf,qBAAsB,EACxB,CAAC,CACH,GAEA,QAAS,mBACT,OAAQ,CACN,iBAAkB,CAChB,OAAQ,CACN,CAAE,OAAQ,aAAc,MAAO,mBAAoB,EACnD,CAAE,OAAQ,cAAe,MAAO,UAAW,EAC3C,CAAE,OAAQ,eAAgB,CAC5B,CACF,EAEA,YAAa,CACX,GAAI,CACF,QAAS,gBACT,mBAAoB,aACpB,MAAO,OACT,EACA,OAAQ,CACN,GAAI,cACJ,IAAK,cACL,MAAO,CAAC,CAAE,QAAAF,CAAQ,KAAO,CACvB,eAAgBA,EAAQ,MAAM,eAC9B,QAASA,EAAQ,MAAM,QACvB,gBAAc,YACZA,EAAQ,MAAM,aACd,oCACF,CACF,GACA,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,MAAAD,CAAM,IAC/BA,EAAM,OACH,IAAI,CAAC,CAAE,IAAAI,CAAI,KAAO,CACjB,MAAO,UACP,OAAQ,CAAE,IAAAA,CAAI,CAChB,EAAE,EACD,UAAWC,GACVA,aAAiB,2BACb,SAAM,CAAE,MAAO,oBAAqB,CAAC,KACrC,QAAKA,CAAK,CAChB,CACJ,CACF,CACF,CACF,EAEA,WAAY,CACV,GAAI,CAAE,QAAS,gBAAiB,MAAO,OAAQ,EAC/C,QAAS,UACT,OAAQ,CACN,QAAS,CAEP,GAAI,CAAE,QAAS,MAAO,EACtB,OAAQ,CACN,GAAI,UACJ,IAAK,sBACL,MAAO,CAAE,QAASX,CAAS,EAC3B,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,MAAAM,CAAM,IAC/BA,EAAM,OAAO,IAAI,KAAO,CAAE,MAAO,SAAU,EAAE,CAC/C,CACF,CACF,CACF,EAEA,KAAM,CACJ,SAAO,UAAO,CACZ,kBAAmB,CACjB,wBAAyB,qBAC3B,CACF,CAAC,EACD,QAAM,UAAO,CACX,kBAAmB,CACjB,wBAAyB,0BAAwB,IACnD,CACF,CAAC,EACD,OAAQ,CACN,GAAI,aACJ,IAAK,aACL,MAAO,CAAC,CAAE,QAAAC,CAAQ,IAAMA,EAAQ,MAChC,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,MAAAD,CAAM,IAC/BA,EAAM,OAAO,MAAOM,GAClBA,EAAQ,aAAa,OAAO,CAC1B,QAAS,OACP,QACE,IAAI,qBAAmB,yBAAyB,CAClD,EACF,KAAOC,MACL,SAAM,CACJ,MAAO,UACP,OAAQ,CAAE,IAAKD,EAAQ,IAAK,aAAAC,CAAa,CAC3C,CAAC,CACL,CAAC,CACH,CACF,CACF,CACF,CACF,CACF,CACF,EAEA,cAAe,CACb,GAAI,CACF,QAAS,iBACT,mBAAoB,cACpB,MAAO,OACT,EACA,OAAQ,CACN,GAAI,gBACJ,IAAK,gBACL,MAAO,CAAC,CAAE,QAAAN,CAAQ,IAChBA,EAAQ,eAAe,MAAOC,MAC5B,mBAAgB,CACd,eAAgBD,EAAQ,MAAM,eAC9B,cAAeA,EAAQ,MAAM,cAC7B,aAAc,OACZ,YACEC,EAAM,cAAgBD,EAAQ,MAAM,aACpC,sDACF,EACF,IAAK,OACH,YACEC,EAAM,KAAOD,EAAQ,MAAM,IAC3B,4CACF,CACJ,CAAC,CACH,EACF,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,MAAAD,CAAM,IAC/BA,EAAM,OAAO,IAAI,CAAC,CAAE,WAAAQ,EAAY,kBAAAC,CAAkB,KAAO,CACvD,MAAO,UACP,OAAQ,CAAE,WAAAD,EAAY,kBAAAC,CAAkB,CAC1C,EAAE,CACJ,CACF,CACF,CACF,EAEA,eAAgB,CACd,OAAQ,CACN,CAAE,OAAQ,uBAAwB,MAAO,oBAAqB,EAC9D,CAAE,OAAQ,iBAAkB,CAC9B,CACF,EAEA,gBAAiB,CAEf,GAAI,CACF,QAAS,gBACT,MAAO,OACT,EACA,OAAQ,CACN,GAAI,kBACJ,IAAK,8BACL,MAAO,CAAC,CAAE,QAAAR,CAAQ,IAChBA,EAAQ,eACL,QACC,IACE,IAAI,uBACF,+CACF,CACJ,EACC,MAAOC,MACN,mBAAgB,CACd,eAAgBD,EAAQ,MAAM,eAC9B,QAASA,EAAQ,MAAM,QACvB,WAAYA,EAAQ,MAAM,WAC1B,YAAaA,EAAQ,MAAM,YAC3B,IAAK,OACH,YACEC,EAAM,KAAOD,EAAQ,MAAM,IAC3B,8CACF,EACF,aAAc,OACZ,YACEC,EAAM,cAAgBD,EAAQ,MAAM,aACpC,sDACF,EACF,WAAY,OACV,YACEC,EAAM,WACN,qDACF,EACF,kBAAmB,OACjB,YACEA,EAAM,kBACN,6DACF,CACJ,CAAC,CACH,EACJ,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,MAAAF,CAAM,IAC/BA,EAAM,OAAO,IAAI,KAAO,CACtB,MAAO,UACP,OAAQ,CAAE,qBAAsB,EAAK,CACvC,EAAE,CACJ,CACF,CACF,CACF,EAEA,qBAAsB,CACpB,GAAI,CAAE,QAAS,UAAW,MAAO,OAAQ,EACzC,OAAQ,CACN,GAAI,uBACJ,IAAK,uBACL,MAAO,CAAC,CAAE,QAAAC,CAAQ,IAChBA,EAAQ,eAAe,MAAOC,MAC5B,YACEA,EAAM,kBACN,4BACF,EAAE,IAAKO,IAAuB,CAC5B,kBAAAA,EACA,QAASR,EAAQ,MAAM,OACzB,EAAE,CACJ,EACF,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,MAAAD,CAAM,IAC/BA,EAAM,OAAO,IAAKU,IAAmB,CACnC,MAAO,UACP,OAAQ,CAAE,cAAAA,CAAc,CAC1B,EAAE,CACJ,CACF,CACF,CACF,EAEA,QAAS,CAAE,KAAM,OAAQ,EAEzB,MAAO,CAAE,KAAM,OAAQ,CACzB,EAEA,OAAQ,CAAC,CAAE,QAAAT,CAAQ,IACjBA,EAAQ,eAAe,MAAOC,MAC5B,mBAAgB,CACd,aAAc,OACZ,YACEA,EAAM,cAAgBD,EAAQ,MAAM,aACpC,qCACF,EACF,IAAK,OACH,YACEC,EAAM,KAAOD,EAAQ,MAAM,IAC3B,2BACF,EACF,gBAAiB,OACf,YACEC,EAAM,mBAAmB,QAAQ,EAAE,QAAQ,EAC3C,wCACF,EACF,cAAe,OACb,YACEA,EAAM,cACN,sCACF,CACJ,CAAC,CACH,CACJ,CAAC,CACH,CAEA,oBAAoBP,EAA0B,CAC5C,MAAO,CACL,WAAagB,GACX,KAAK,KACHA,EAAK,MAAM,eACX,IAAI,8BAA4BhB,CAAW,CAC7C,EAAE,IAAI,EAER,YAAcgB,GAIR,CACJ,KAAM,CAAE,eAAAC,EAAgB,QAAAC,CAAQ,EAAIF,EAAK,MACzC,OAAO,cAAY,WAAWA,EAAK,MAAM,YAAY,EAClD,MAAOJ,GACN,KAAK,KACHK,EACA,IAAI,+BAA6BC,EAASN,CAAY,CACxD,CACF,EACC,IAAI,CACT,EAEA,cAAgBI,GAWd,cAAY,WAAWA,EAAK,KAAK,EAC9B,MAAM,CAAC,CAAE,cAAAG,EAAe,eAAAF,EAAgB,aAAAL,EAAc,IAAAH,CAAI,IACzDQ,EACG,kBAAkBL,EAAcH,CAAG,EACnC,IAAKI,IAAgB,CACpB,WAAAA,EACA,kBACEA,EAAW,KAAKM,CAAa,GAAG,GAChC,kBAAgB,SAAS,QAAQA,CAAa,MAAM,CACxD,EAAE,CACN,EACC,IAAI,EAET,qBAAsB,MAAOH,GAYpB,QAAQ,QACbA,EAAK,MACF,MAAM,CAAC,CAAE,kBAAAF,EAAmB,QAAAI,CAAQ,IACnCJ,EACG,gBAAgBI,CAAO,EACvB,SACC,IAAI,iBACF,8EACF,CACF,CACJ,EACC,IAAKE,GAAQA,EAAI,UAAU,CAChC,CAEJ,CACF,CAEQ,KACNH,EACAI,EAKA,CACA,OAAOJ,EACJ,aAAa,EACb,MAAOK,GAAcD,EAAW,IAAIC,CAAS,CAAC,EAC9C,MAAOX,GAAYM,EAAe,aAAaN,CAAO,CAAC,CAC5D,CACF",
4
+ "sourcesContent": ["import {\n type DeviceActionStateMachine,\n type InternalApi,\n OpenAppDeviceAction,\n type StateMachineTypes,\n UserInteractionRequired,\n XStateDeviceAction,\n} from \"@ledgerhq/device-management-kit\";\nimport { type Either, EitherAsync, Left, Right } from \"purify-ts\";\nimport { assign, fromPromise, setup } from \"xstate\";\n\nimport {\n type AuthenticateDAError,\n type AuthenticateDAInput,\n type AuthenticateDAIntermediateValue,\n type AuthenticateDAInternalState,\n type AuthenticateDAOutput,\n} from \"@api/app-binder/AuthenticateDeviceActionTypes\";\nimport {\n LKRPDataSourceError,\n LKRPMissingDataError,\n LKRPTrustchainNotReady,\n LKRPUnauthorizedError,\n LKRPUnknownError,\n} from \"@api/app-binder/Errors\";\nimport { type Keypair } from \"@api/app-binder/LKRPTypes\";\nimport { type JWT } from \"@api/index\";\nimport { SignChallengeWithDeviceTask } from \"@internal/app-binder/task/SignChallengeWithDeviceTask\";\nimport { SignChallengeWithKeypairTask } from \"@internal/app-binder/task/SignChallengeWithKeypairTask\";\nimport {\n type AuthenticationPayload,\n type Challenge,\n type LKRPDataSource,\n} from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport { eitherSeqRecord } from \"@internal/utils/eitherSeqRecord\";\nimport { LKRPBlockStream } from \"@internal/utils/LKRPBlockStream\";\nimport { required } from \"@internal/utils/required\";\n\nimport { raiseAndAssign } from \"./utils/raiseAndAssign\";\nimport { AddToTrustchainDeviceAction } from \"./AddToTrustchainDeviceAction\";\n\nconst APP_NAME = \"Ledger Sync\";\n\nexport class AuthenticateDeviceAction extends XStateDeviceAction<\n AuthenticateDAOutput,\n AuthenticateDAInput,\n AuthenticateDAError,\n AuthenticateDAIntermediateValue,\n AuthenticateDAInternalState\n> {\n makeStateMachine(\n internalApi: InternalApi,\n ): DeviceActionStateMachine<\n AuthenticateDAOutput,\n AuthenticateDAInput,\n AuthenticateDAError,\n AuthenticateDAIntermediateValue,\n AuthenticateDAInternalState\n > {\n type types = StateMachineTypes<\n AuthenticateDAOutput,\n AuthenticateDAInput,\n AuthenticateDAError,\n AuthenticateDAIntermediateValue,\n AuthenticateDAInternalState\n >;\n\n const { deviceAuth, keypairAuth, getTrustchain, extractEncryptionKey } =\n this.extractDependencies(internalApi);\n\n return setup({\n types: {\n input: {} as types[\"input\"],\n context: {} as types[\"context\"],\n output: {} as types[\"output\"],\n },\n\n actors: {\n openAppStateMachine: new OpenAppDeviceAction({\n input: { appName: APP_NAME },\n }).makeStateMachine(internalApi),\n\n deviceAuth: fromPromise(deviceAuth),\n keypairAuth: fromPromise(keypairAuth),\n\n getTrustchain: fromPromise(getTrustchain),\n\n addToTrustchainStateMachine: new AddToTrustchainDeviceAction({\n input: Left(\n new LKRPMissingDataError(\"Missing input for GetEncryptionKey\"),\n ),\n }).makeStateMachine(internalApi),\n\n extractEncryptionKey: fromPromise(extractEncryptionKey),\n },\n\n actions: {\n assignErrorFromEvent: raiseAndAssign(\n ({ event }) =>\n Left(\n new LKRPUnknownError(\n String((event as { error?: unknown }).error),\n ),\n ), // NOTE: it should never happen, the error is not typed anymore here\n ),\n },\n\n guards: {\n hasNoTrustchainId: ({ context }) => !context.input.trustchainId,\n hasNoJwt: ({ context }) => !context.input.jwt,\n isTrustchainMember: ({ context }) =>\n context._internalState\n .toMaybe()\n .map(\n (state) =>\n state.wasAddedToTrustchain ||\n state.applicationStream?.hasMember(\n context.input.keypair.pubKeyToHex(),\n ),\n )\n .extract() ?? false,\n },\n }).createMachine({\n /** @xstate-layout N4IgpgJg5mDOIC5QEECuAXAFmAduglgMYCG6YAImAG5FjKEED2OAdAMLaEDWbATpLgLEANrADEAbQAMAXUSgADo1j4mOeSAAeiAMxSALC30BOHfoDsAJinGAHADYp94wBoQAT0QBaAKwsf9lYBAIzB9jrm5vr6OgC+sW5oWIJEpBTUtPRq7Jw8-BApIuISwXJIIEoqahraCDrBOizG+pb2tq06PlJStvo+bp4IPsZSLBHBprZWnVI+tvGJGNh4qWSUNIR0DPjMOWDcfAIrRZKWZYrKqjvq5bU6lsZGkb0Rsz1TOgOII34+oebGQJmOytBYgJLLAgkNYZTZZa4sADSYHcCmI+F4ELEEGYYBY+BwVEYXDxJNR6MxS2k5wql2qt0Q9miLEsJh8lmewWGrK+Q30wSMOk61k6OjaLTBEJS0PSGy22WR5IxWLAvF4jF4LAUwlIADMNQBbFhktHKqmyDSVK7MGqM+r+Fr6WyA8xM2zBSy86LmJq2Axi-T2YZTQGSpbStLrTLbXaK02UrBiWCoQibWCwamWunXW0IYw+H2BVmWOa2MxScy88xSAXmYJlh5CiYBYxh5IrGVRuEx1hxilYglUET4CCHArHUSZ8pW+mgWrO0b8-kPYyWDkxfS8gujWb2Cb3fmRAxtyGrWXRhUo+MqtUaqcXKo5hl55xNMzBCyzZp9TceRl-FhHCcHo11aKIfBPCMYTleFdi7OgliTFM0wzC1p2zG1nw9fRRmaRwTDXcIuk9P8EEDUZzB0fNLGCOtzB8LpWwScFww7SNYXlBF4JvdVeHvWlH0wudEA-GwjFomsDBsHDPlIj9DFsdkAldZ4WhLSC2Ogi8uI4iEWAAeQUXBkAUBRsVxfFCWJPFGCMnATIUfiZyfYSEHsIMmkiB4PUsCJ3RIwZaMaBouVdFoqJ8Cx5mYqVNPPbtsm4pYDLshyxFVXitR1dB9V4I1bOM0ynIwm5XKZQwGMi3yzHuBsq0eQJehsCZFNdCYNKhdiYJ7FgkqwFLCrM5NUzgVCaWcoStG+MIWArYIDF6BiPzaXkHgq3o2qZSxFLiGLWM6rSEp0mDkqxHEcDxQdrJYAoTqwYrBNKqaEHm0wWHaLoJnMP12nCXl61sFkPymAJulscHAw6s9uJ6vrMBYHiNSyvVDRu3TzXGkrc3mgExmMBoTBGIifFkwZmhYNrqzLejGLsKHO10nqAHEwHQAAVXhUFgdBCEwdEcHMi7LKJEkWBgdnOe53n+Ye60ntqBoAPc4wrHCewaO+gLEHdAVqbaJwwmaXbFnbA74s43YWYlrmeb5gl0tvTVtRRvKxdZjmbelglZdnZ6CYq-MLDMaIpAefpSLrPwehsBxqw9Tp6a67TLfdyXbf5pCRvTH2XL9gI-HoktXv5aTeVMRpJidZ0HgrGxE8Oi3WCtj2pbtgXB2HUd8kKSc0IfOXc3CQHKJ0Z0zHV9oJl5BwKOmesbGLMt6-N2Cm9Tz224d3ic8mhWTEBlpXWaKQxXaepeSDAUgLaEsZnm42WNN6HGeyDh9i4ABJWAAFkwANAAjVU4h8CwAAAQGj-oAvifcBIDywmPQC3RPx6Eos4Um3wVbvX9A8QIPRL7Lxhq-XIX9f4AKAWIEBoCcCMHQOAyBqod7yxEiGCmykGjuiApRMuvkjABFHv5eoJgCEvwRG-bgJD6G8HEBlO8MCJpMJeuBd6Jh1azDDs4C+Stug3xJp9E+wjurZGQBACAbNGAt3Tvbc6l0rKi2MaY8xacvY4EYbmGizoxjemMCMU+oRbD1UaM6J0dg5jxwfrFM2hCET2LMRY5xW8kbOxyqjGJjiN4yzkVjZ8NERizQ9ACVohF6JVgMLNIC3R6glimJYAxydWCpLiZvYaKFXHZL6IDPQYRb4ODFKYMuHkIZ+iIt4qItSjq7AaU4zeMjoGY0em4z8-hwg0Vqg0E+v5Bjg0BmEP4gIzAPGsPYMZjcWAAFFNDoF4MQBgpycCEF4KiNQipM4tMyfM7JE93oAnaFMb6AJ0EvXWf4CswwIishPq6Y5q8zkXKuTcu5DyFBPJRAk2ZWZ3muVaDWFgH5lreL9Ixew-S-AQzrICE+phjxgmoQUeA5QInP0MbneRuY-Q4vmlMQIEwwiOErKRLw+Yxg0VLJEAGYpwn7UZXUvYBxu4Tjpf3X2Cttrsp6Cpbl7kKy8i8D6d0VgTA1lqvmJee0n4MyZbGK8-Yljorga5dkPoR7OnmkGCp4dBjhEeODTVjp2GzChbDdGWBbVKsQA6poq5Vzg1mO6fx-LdXCudN9dyJM6zRRNqec10q4YDXsqZENudagFj8N4g50bQlxsGByAUcwLAxCZOXMwAbEpBvhhCAtu8RIUtVWEPo4ryqrQcIBfWLRfpgWCM2hEzcpn8w7Qoj0DExj0XxSTcqAL8aLlHhYRwTJd1HNNZmpO4zWBiM-j-SRCrYGhpem0A+1gGw0VmH8d12tvFNACNEfMdZgIQQPVBFePVJnpIJHOtxu5ZpRBaiYLyGztZlgprRJNURVFNr-XFKJuxzmXOuegW59zHnXEVKBtpM0Qx7kog4RwHp-pAq6K6fW4rKL6EnbsAAyshUaxHMWuksEK9R312j4xo0KFkBYmQ7JGN0cwLHWCnMdlx56HJ6IshLNtcC3ogz9MMOECwxYnTAn3fEIAA */\n\n id: \"AuthenticateDeviceAction\",\n context: ({ input }): types[\"context\"] => ({\n input,\n intermediateValue: {\n requiredUserInteraction: UserInteractionRequired.None,\n },\n _internalState: Right({\n trustchainId: null,\n jwt: null,\n trustchain: null,\n applicationStream: null,\n encryptionKey: null,\n wasAddedToTrustchain: false,\n }),\n }),\n\n initial: \"CheckCredentials\",\n states: {\n CheckCredentials: {\n always: [\n { target: \"DeviceAuth\", guard: \"hasNoTrustchainId\" },\n { target: \"KeypairAuth\", guard: \"hasNoJwt\" },\n { target: \"GetTrustchain\" },\n ],\n },\n\n KeypairAuth: {\n on: {\n success: \"GetTrustchain\",\n invalidCredentials: \"DeviceAuth\",\n error: \"Error\",\n },\n invoke: {\n id: \"keypairAuth\",\n src: \"keypairAuth\",\n input: ({ context }) => ({\n lkrpDataSource: context.input.lkrpDataSource,\n keypair: context.input.keypair,\n trustchainId: required(\n context.input.trustchainId,\n \"Missing Trustchain ID in the input\",\n ),\n }),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ context, event }) =>\n event.output\n .map(({ jwt }) => ({ raise: \"success\", assign: { jwt } }))\n .mapLeft((error) =>\n error instanceof LKRPDataSourceError &&\n error.status === \"UNAUTHORIZED\"\n ? new LKRPUnauthorizedError(context.input.trustchainId)\n : error,\n ),\n ),\n },\n },\n },\n\n DeviceAuth: {\n on: { success: \"GetTrustchain\", error: \"Error\" },\n initial: \"OpenApp\",\n states: {\n OpenApp: {\n // TODO snapshot for intermediateValue\n on: { success: \"Auth\" },\n invoke: {\n id: \"openApp\",\n src: \"openAppStateMachine\",\n input: { appName: APP_NAME },\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(() => ({ raise: \"success\" })),\n ),\n },\n },\n },\n\n Auth: {\n entry: assign({\n intermediateValue: {\n requiredUserInteraction: \"connect-ledger-sync\",\n },\n }),\n exit: assign({\n intermediateValue: {\n requiredUserInteraction: UserInteractionRequired.None,\n },\n }),\n invoke: {\n id: \"deviceAuth\",\n src: \"deviceAuth\",\n input: ({ context }) => context.input,\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.chain((payload) =>\n payload.trustchainId.caseOf({\n Nothing: () => Left(new LKRPTrustchainNotReady()),\n Just: (trustchainId) =>\n Right({\n raise: \"success\",\n assign: { jwt: payload.jwt, trustchainId },\n }),\n }),\n ),\n ),\n },\n },\n },\n },\n },\n\n GetTrustchain: {\n on: {\n success: \"CheckIsMembers\",\n invalidCredentials: \"KeypairAuth\",\n error: \"Error\",\n },\n invoke: {\n id: \"getTrustchain\",\n src: \"getTrustchain\",\n input: ({ context }) =>\n context._internalState.chain((state) =>\n eitherSeqRecord({\n lkrpDataSource: context.input.lkrpDataSource,\n applicationId: context.input.applicationId,\n trustchainId: () =>\n required(\n state.trustchainId ?? context.input.trustchainId,\n \"Missing Trustchain ID in the input for GetTrustchain\",\n ),\n jwt: () =>\n required(\n state.jwt ?? context.input.jwt,\n \"Missing JWT in the input for GetTrustchain\",\n ),\n }),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(({ trustchain, applicationStream }) => ({\n raise: \"success\",\n assign: { trustchain, applicationStream },\n })),\n ),\n },\n },\n },\n\n CheckIsMembers: {\n always: [\n { target: \"ExtractEncryptionKey\", guard: \"isTrustchainMember\" },\n { target: \"AddToTrustchain\" },\n ],\n },\n\n AddToTrustchain: {\n // TODO snapshot for intermediateValue\n on: {\n success: \"GetTrustchain\",\n error: \"Error\",\n },\n invoke: {\n id: \"AddToTrustchain\",\n src: \"addToTrustchainStateMachine\",\n input: ({ context }) =>\n context._internalState\n .mapLeft(\n () =>\n new LKRPMissingDataError(\n \"Missing data in the input for AddToTrustchain\",\n ),\n )\n .chain((state) =>\n eitherSeqRecord({\n lkrpDataSource: context.input.lkrpDataSource,\n keypair: context.input.keypair,\n clientName: context.input.clientName,\n permissions: context.input.permissions,\n jwt: () =>\n required(\n state.jwt ?? context.input.jwt,\n \"Missing JWT in the input for AddToTrustchain\",\n ),\n trustchainId: () =>\n required(\n state.trustchainId ?? context.input.trustchainId,\n \"Missing Trustchain ID in the input for GetTrustchain\",\n ),\n trustchain: () =>\n required(\n state.trustchain,\n \"Missing Trustchain in the input for AddToTrustchain\",\n ),\n applicationStream: () =>\n required(\n state.applicationStream,\n \"Missing application stream in the input for AddToTrustchain\",\n ),\n }),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map(() => ({\n raise: \"success\",\n assign: { wasAddedToTrustchain: true },\n })),\n ),\n },\n },\n },\n\n ExtractEncryptionKey: {\n on: { success: \"Success\", error: \"Error\" },\n invoke: {\n id: \"ExtractEncryptionKey\",\n src: \"extractEncryptionKey\",\n input: ({ context }) =>\n context._internalState.chain((state) =>\n required(\n state.applicationStream,\n \"Missing application stream\",\n ).map((applicationStream) => ({\n applicationStream,\n keypair: context.input.keypair,\n })),\n ),\n onError: { actions: \"assignErrorFromEvent\" },\n onDone: {\n actions: raiseAndAssign(({ event }) =>\n event.output.map((encryptionKey) => ({\n raise: \"success\",\n assign: { encryptionKey },\n })),\n ),\n },\n },\n },\n\n Success: { type: \"final\" },\n\n Error: { type: \"final\" },\n },\n\n output: ({ context }) =>\n context._internalState.chain((state) =>\n eitherSeqRecord({\n trustchainId: () =>\n required(\n state.trustchainId ?? context.input.trustchainId,\n \"Missing Trustchain ID in the output\",\n ),\n jwt: () =>\n required(\n state.jwt ?? context.input.jwt,\n \"Missing JWT in the output\",\n ),\n applicationPath: () =>\n required(\n state.applicationStream?.getPath().extract(),\n \"Missing application path in the output\",\n ),\n encryptionKey: () =>\n required(\n state.encryptionKey,\n \"Missing encryption key in the output\",\n ),\n }),\n ),\n });\n }\n\n extractDependencies(internalApi: InternalApi) {\n return {\n deviceAuth: (args: { input: { lkrpDataSource: LKRPDataSource } }) =>\n this.auth(\n args.input.lkrpDataSource,\n new SignChallengeWithDeviceTask(internalApi),\n ).run(),\n\n keypairAuth: (args: {\n input: Pick<AuthenticateDAInput, \"lkrpDataSource\" | \"keypair\"> & {\n trustchainId: Either<LKRPMissingDataError, string>;\n };\n }) => {\n const { lkrpDataSource, keypair } = args.input;\n return EitherAsync.liftEither(args.input.trustchainId)\n .chain((trustchainId) =>\n this.auth(\n lkrpDataSource,\n new SignChallengeWithKeypairTask(keypair, trustchainId),\n ),\n )\n .run();\n },\n\n getTrustchain: (args: {\n input: Either<\n AuthenticateDAError,\n {\n applicationId: number;\n lkrpDataSource: LKRPDataSource;\n trustchainId: string;\n jwt: JWT;\n }\n >;\n }) =>\n EitherAsync.liftEither(args.input)\n .chain(({ applicationId, lkrpDataSource, trustchainId, jwt }) =>\n lkrpDataSource\n .getTrustchainById(trustchainId, jwt)\n .map((trustchain) => ({\n trustchain,\n applicationStream:\n trustchain[`m/${applicationId}'`] ??\n LKRPBlockStream.fromPath(`m/0'/${applicationId}'/0'`),\n })),\n )\n .run(),\n\n extractEncryptionKey: async (args: {\n input: Either<\n AuthenticateDAError,\n {\n applicationStream: LKRPBlockStream;\n keypair: Keypair;\n }\n >;\n }) => {\n // TODO additional derivations should be supported:\n // https://github.com/LedgerHQ/ledger-live/blob/develop/libs/hw-ledger-key-ring-protocol/src/Device.ts#L216...L226\n // Probably not needed for Ledger Sync\n return Promise.resolve(\n args.input\n .chain(({ applicationStream, keypair }) =>\n applicationStream\n .getPublishedKey(keypair)\n .toEither(\n new LKRPUnknownError(\n \"There is no encryption key for the current member in the application stream.\",\n ),\n ),\n )\n .map((key) => key.privateKey),\n );\n },\n };\n }\n\n private auth(\n lkrpDataSource: LKRPDataSource,\n signerTask: {\n run: (\n challenge: Challenge,\n ) => PromiseLike<Either<AuthenticateDAError, AuthenticationPayload>>;\n },\n ) {\n return lkrpDataSource\n .getChallenge()\n .chain((challenge) => signerTask.run(challenge))\n .chain((payload) => lkrpDataSource.authenticate(payload));\n }\n}\n"],
5
+ "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,8BAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAOO,2CACPC,EAAsD,qBACtDC,EAA2C,kBAS3CC,EAMO,kCAGPC,EAA4C,iEAC5CC,EAA6C,kEAM7CC,EAAgC,2CAChCC,EAAgC,2CAChCC,EAAyB,oCAEzBC,EAA+B,kCAC/BC,EAA4C,yCAE5C,MAAMC,EAAW,cAEV,MAAMb,UAAiC,oBAM5C,CACA,iBACEc,EAOA,CASA,KAAM,CAAE,WAAAC,EAAY,YAAAC,EAAa,cAAAC,EAAe,qBAAAC,CAAqB,EACnE,KAAK,oBAAoBJ,CAAW,EAEtC,SAAO,SAAM,CACX,MAAO,CACL,MAAO,CAAC,EACR,QAAS,CAAC,EACV,OAAQ,CAAC,CACX,EAEA,OAAQ,CACN,oBAAqB,IAAI,sBAAoB,CAC3C,MAAO,CAAE,QAASD,CAAS,CAC7B,CAAC,EAAE,iBAAiBC,CAAW,EAE/B,cAAY,eAAYC,CAAU,EAClC,eAAa,eAAYC,CAAW,EAEpC,iBAAe,eAAYC,CAAa,EAExC,4BAA6B,IAAI,8BAA4B,CAC3D,SAAO,QACL,IAAI,uBAAqB,oCAAoC,CAC/D,CACF,CAAC,EAAE,iBAAiBH,CAAW,EAE/B,wBAAsB,eAAYI,CAAoB,CACxD,EAEA,QAAS,CACP,wBAAsB,kBACpB,CAAC,CAAE,MAAAC,CAAM,OACP,QACE,IAAI,mBACF,OAAQA,EAA8B,KAAK,CAC7C,CACF,CACJ,CACF,EAEA,OAAQ,CACN,kBAAmB,CAAC,CAAE,QAAAC,CAAQ,IAAM,CAACA,EAAQ,MAAM,aACnD,SAAU,CAAC,CAAE,QAAAA,CAAQ,IAAM,CAACA,EAAQ,MAAM,IAC1C,mBAAoB,CAAC,CAAE,QAAAA,CAAQ,IAC7BA,EAAQ,eACL,QAAQ,EACR,IACEC,GACCA,EAAM,sBACNA,EAAM,mBAAmB,UACvBD,EAAQ,MAAM,QAAQ,YAAY,CACpC,CACJ,EACC,QAAQ,GAAK,EACpB,CACF,CAAC,EAAE,cAAc,CAGf,GAAI,2BACJ,QAAS,CAAC,CAAE,MAAAE,CAAM,KAAyB,CACzC,MAAAA,EACA,kBAAmB,CACjB,wBAAyB,0BAAwB,IACnD,EACA,kBAAgB,SAAM,CACpB,aAAc,KACd,IAAK,KACL,WAAY,KACZ,kBAAmB,KACnB,cAAe,KACf,qBAAsB,EACxB,CAAC,CACH,GAEA,QAAS,mBACT,OAAQ,CACN,iBAAkB,CAChB,OAAQ,CACN,CAAE,OAAQ,aAAc,MAAO,mBAAoB,EACnD,CAAE,OAAQ,cAAe,MAAO,UAAW,EAC3C,CAAE,OAAQ,eAAgB,CAC5B,CACF,EAEA,YAAa,CACX,GAAI,CACF,QAAS,gBACT,mBAAoB,aACpB,MAAO,OACT,EACA,OAAQ,CACN,GAAI,cACJ,IAAK,cACL,MAAO,CAAC,CAAE,QAAAF,CAAQ,KAAO,CACvB,eAAgBA,EAAQ,MAAM,eAC9B,QAASA,EAAQ,MAAM,QACvB,gBAAc,YACZA,EAAQ,MAAM,aACd,oCACF,CACF,GACA,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,QAAAA,EAAS,MAAAD,CAAM,IACxCA,EAAM,OACH,IAAI,CAAC,CAAE,IAAAI,CAAI,KAAO,CAAE,MAAO,UAAW,OAAQ,CAAE,IAAAA,CAAI,CAAE,EAAE,EACxD,QAASC,GACRA,aAAiB,uBACjBA,EAAM,SAAW,eACb,IAAI,wBAAsBJ,EAAQ,MAAM,YAAY,EACpDI,CACN,CACJ,CACF,CACF,CACF,EAEA,WAAY,CACV,GAAI,CAAE,QAAS,gBAAiB,MAAO,OAAQ,EAC/C,QAAS,UACT,OAAQ,CACN,QAAS,CAEP,GAAI,CAAE,QAAS,MAAO,EACtB,OAAQ,CACN,GAAI,UACJ,IAAK,sBACL,MAAO,CAAE,QAASX,CAAS,EAC3B,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,MAAAM,CAAM,IAC/BA,EAAM,OAAO,IAAI,KAAO,CAAE,MAAO,SAAU,EAAE,CAC/C,CACF,CACF,CACF,EAEA,KAAM,CACJ,SAAO,UAAO,CACZ,kBAAmB,CACjB,wBAAyB,qBAC3B,CACF,CAAC,EACD,QAAM,UAAO,CACX,kBAAmB,CACjB,wBAAyB,0BAAwB,IACnD,CACF,CAAC,EACD,OAAQ,CACN,GAAI,aACJ,IAAK,aACL,MAAO,CAAC,CAAE,QAAAC,CAAQ,IAAMA,EAAQ,MAChC,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,MAAAD,CAAM,IAC/BA,EAAM,OAAO,MAAOM,GAClBA,EAAQ,aAAa,OAAO,CAC1B,QAAS,OAAM,QAAK,IAAI,wBAAwB,EAChD,KAAOC,MACL,SAAM,CACJ,MAAO,UACP,OAAQ,CAAE,IAAKD,EAAQ,IAAK,aAAAC,CAAa,CAC3C,CAAC,CACL,CAAC,CACH,CACF,CACF,CACF,CACF,CACF,CACF,EAEA,cAAe,CACb,GAAI,CACF,QAAS,iBACT,mBAAoB,cACpB,MAAO,OACT,EACA,OAAQ,CACN,GAAI,gBACJ,IAAK,gBACL,MAAO,CAAC,CAAE,QAAAN,CAAQ,IAChBA,EAAQ,eAAe,MAAOC,MAC5B,mBAAgB,CACd,eAAgBD,EAAQ,MAAM,eAC9B,cAAeA,EAAQ,MAAM,cAC7B,aAAc,OACZ,YACEC,EAAM,cAAgBD,EAAQ,MAAM,aACpC,sDACF,EACF,IAAK,OACH,YACEC,EAAM,KAAOD,EAAQ,MAAM,IAC3B,4CACF,CACJ,CAAC,CACH,EACF,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,MAAAD,CAAM,IAC/BA,EAAM,OAAO,IAAI,CAAC,CAAE,WAAAQ,EAAY,kBAAAC,CAAkB,KAAO,CACvD,MAAO,UACP,OAAQ,CAAE,WAAAD,EAAY,kBAAAC,CAAkB,CAC1C,EAAE,CACJ,CACF,CACF,CACF,EAEA,eAAgB,CACd,OAAQ,CACN,CAAE,OAAQ,uBAAwB,MAAO,oBAAqB,EAC9D,CAAE,OAAQ,iBAAkB,CAC9B,CACF,EAEA,gBAAiB,CAEf,GAAI,CACF,QAAS,gBACT,MAAO,OACT,EACA,OAAQ,CACN,GAAI,kBACJ,IAAK,8BACL,MAAO,CAAC,CAAE,QAAAR,CAAQ,IAChBA,EAAQ,eACL,QACC,IACE,IAAI,uBACF,+CACF,CACJ,EACC,MAAOC,MACN,mBAAgB,CACd,eAAgBD,EAAQ,MAAM,eAC9B,QAASA,EAAQ,MAAM,QACvB,WAAYA,EAAQ,MAAM,WAC1B,YAAaA,EAAQ,MAAM,YAC3B,IAAK,OACH,YACEC,EAAM,KAAOD,EAAQ,MAAM,IAC3B,8CACF,EACF,aAAc,OACZ,YACEC,EAAM,cAAgBD,EAAQ,MAAM,aACpC,sDACF,EACF,WAAY,OACV,YACEC,EAAM,WACN,qDACF,EACF,kBAAmB,OACjB,YACEA,EAAM,kBACN,6DACF,CACJ,CAAC,CACH,EACJ,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,MAAAF,CAAM,IAC/BA,EAAM,OAAO,IAAI,KAAO,CACtB,MAAO,UACP,OAAQ,CAAE,qBAAsB,EAAK,CACvC,EAAE,CACJ,CACF,CACF,CACF,EAEA,qBAAsB,CACpB,GAAI,CAAE,QAAS,UAAW,MAAO,OAAQ,EACzC,OAAQ,CACN,GAAI,uBACJ,IAAK,uBACL,MAAO,CAAC,CAAE,QAAAC,CAAQ,IAChBA,EAAQ,eAAe,MAAOC,MAC5B,YACEA,EAAM,kBACN,4BACF,EAAE,IAAKO,IAAuB,CAC5B,kBAAAA,EACA,QAASR,EAAQ,MAAM,OACzB,EAAE,CACJ,EACF,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,MAAAD,CAAM,IAC/BA,EAAM,OAAO,IAAKU,IAAmB,CACnC,MAAO,UACP,OAAQ,CAAE,cAAAA,CAAc,CAC1B,EAAE,CACJ,CACF,CACF,CACF,EAEA,QAAS,CAAE,KAAM,OAAQ,EAEzB,MAAO,CAAE,KAAM,OAAQ,CACzB,EAEA,OAAQ,CAAC,CAAE,QAAAT,CAAQ,IACjBA,EAAQ,eAAe,MAAOC,MAC5B,mBAAgB,CACd,aAAc,OACZ,YACEA,EAAM,cAAgBD,EAAQ,MAAM,aACpC,qCACF,EACF,IAAK,OACH,YACEC,EAAM,KAAOD,EAAQ,MAAM,IAC3B,2BACF,EACF,gBAAiB,OACf,YACEC,EAAM,mBAAmB,QAAQ,EAAE,QAAQ,EAC3C,wCACF,EACF,cAAe,OACb,YACEA,EAAM,cACN,sCACF,CACJ,CAAC,CACH,CACJ,CAAC,CACH,CAEA,oBAAoBP,EAA0B,CAC5C,MAAO,CACL,WAAagB,GACX,KAAK,KACHA,EAAK,MAAM,eACX,IAAI,8BAA4BhB,CAAW,CAC7C,EAAE,IAAI,EAER,YAAcgB,GAIR,CACJ,KAAM,CAAE,eAAAC,EAAgB,QAAAC,CAAQ,EAAIF,EAAK,MACzC,OAAO,cAAY,WAAWA,EAAK,MAAM,YAAY,EAClD,MAAOJ,GACN,KAAK,KACHK,EACA,IAAI,+BAA6BC,EAASN,CAAY,CACxD,CACF,EACC,IAAI,CACT,EAEA,cAAgBI,GAWd,cAAY,WAAWA,EAAK,KAAK,EAC9B,MAAM,CAAC,CAAE,cAAAG,EAAe,eAAAF,EAAgB,aAAAL,EAAc,IAAAH,CAAI,IACzDQ,EACG,kBAAkBL,EAAcH,CAAG,EACnC,IAAKI,IAAgB,CACpB,WAAAA,EACA,kBACEA,EAAW,KAAKM,CAAa,GAAG,GAChC,kBAAgB,SAAS,QAAQA,CAAa,MAAM,CACxD,EAAE,CACN,EACC,IAAI,EAET,qBAAsB,MAAOH,GAYpB,QAAQ,QACbA,EAAK,MACF,MAAM,CAAC,CAAE,kBAAAF,EAAmB,QAAAI,CAAQ,IACnCJ,EACG,gBAAgBI,CAAO,EACvB,SACC,IAAI,mBACF,8EACF,CACF,CACJ,EACC,IAAKE,GAAQA,EAAI,UAAU,CAChC,CAEJ,CACF,CAEQ,KACNH,EACAI,EAKA,CACA,OAAOJ,EACJ,aAAa,EACb,MAAOK,GAAcD,EAAW,IAAIC,CAAS,CAAC,EAC9C,MAAOX,GAAYM,EAAe,aAAaN,CAAO,CAAC,CAC5D,CACF",
6
6
  "names": ["AuthenticateDeviceAction_exports", "__export", "AuthenticateDeviceAction", "__toCommonJS", "import_device_management_kit", "import_purify_ts", "import_xstate", "import_Errors", "import_SignChallengeWithDeviceTask", "import_SignChallengeWithKeypairTask", "import_eitherSeqRecord", "import_LKRPBlockStream", "import_required", "import_raiseAndAssign", "import_AddToTrustchainDeviceAction", "APP_NAME", "internalApi", "deviceAuth", "keypairAuth", "getTrustchain", "extractEncryptionKey", "event", "context", "state", "input", "jwt", "error", "payload", "trustchainId", "trustchain", "applicationStream", "encryptionKey", "args", "lkrpDataSource", "keypair", "applicationId", "key", "signerTask", "challenge"]
7
7
  }
package/lib/cjs/internal/app-binder/task/ParseStreamToDeviceTask.js CHANGED
@@ -1,2 +1,2 @@
1
- "use strict";var i=Object.defineProperty;var f=Object.getOwnPropertyDescriptor;var l=Object.getOwnPropertyNames;var k=Object.prototype.hasOwnProperty;var S=(o,t)=>{for(var r in t)i(o,r,{get:t[r],enumerable:!0})},T=(o,t,r,e)=>{if(t&&typeof t=="object"||typeof t=="function")for(let a of l(t))!k.call(o,a)&&a!==r&&i(o,a,{get:()=>t[a],enumerable:!(e=f(t,a))||e.enumerable});return o};var g=o=>T(i({},"__esModule",{value:!0}),o);var R={};S(R,{ParseStreamToDeviceTask:()=>E});module.exports=g(R);var n=require("@ledgerhq/device-management-kit"),s=require("purify-ts"),u=require("../../app-binder/command/ParseBlockSignatureCommand"),c=require("../../app-binder/command/ParseStreamBlockCommand"),d=require("../../app-binder/command/ParseStreamBlockHeader"),p=require("../../app-binder/command/SetTrustedMemberCommand"),P=require("../../utils/eitherSeqRecord"),m=require("../../utils/hex"),h=require("./utils/TrustedProperties");class E{constructor(t){this.api=t}lastTrustedMember=null;trustedMembers=new Map;run({seedBlock:t,applicationStream:r}){return this.parseBlock(t).chain(()=>r?this.parseStream(r):s.EitherAsync.liftEither((0,s.Right)(void 0)))}parseStream(t){return s.EitherAsync.liftEither(t.parse()).chain(r=>s.EitherAsync.sequence(r.map(e=>this.parseBlock(e))))}parseBlock(t){return s.EitherAsync.liftEither(t.parse()).chain(r=>this.setTrustedMember((0,m.bytesToHex)(r.issuer)).map(()=>r)).chain(async r=>{try{const e=await this.api.sendCommand(new d.ParseBlockHeaderCommand(r));if(e.status!==n.CommandResultStatus.Success)return(0,s.Left)(e.error)}catch(e){return(0,s.Left)(new n.UnknownDAError(String(e)))}return(0,s.Right)(r)}).chain(r=>s.EitherAsync.sequence(r.commands.map(e=>this.parseCommand(e,(0,m.bytesToHex)(r.issuer)))).map(()=>r)).chain(async r=>{try{const e=await this.api.sendCommand(new u.ParseBlockSignatureCommand(r));if(e.status!==n.CommandResultStatus.Success)return(0,s.Left)(e.error)}catch(e){return(0,s.Left)(new n.UnknownDAError(String(e)))}return(0,s.Right)(void 0)})}parseCommand(t,r){const e=t.getPublicKey().orDefault(r);return this.setTrustedMember(e).chain(async()=>{try{const a=await this.api.sendCommand(new c.ParseSingleCommand({command:t.toU8A()}));return a.status!==n.CommandResultStatus.Success?(0,s.Left)(a.error):this.recordTrustedMembers(e,a.data)}catch(a){return(0,s.Left)(new n.UnknownDAError(String(a)))}})}setTrustedMember(t){return s.EitherAsync.fromPromise(async()=>{if(t===this.lastTrustedMember)return(0,s.Right)(void 0);const r=this.trustedMembers.get(t);if(!r)return(0,s.Right)(void 0);try{const e=await this.api.sendCommand(new p.SetTrustedMemberCommand(r));if(e.status!==n.CommandResultStatus.Success)return(0,s.Left)(e.error)}catch(e){return(0,s.Left)(new n.UnknownDAError(String(e)))}return(0,s.Right)(void 0)})}recordTrustedMembers(t,r){if(this.lastTrustedMember=t,r.length===0||this.trustedMembers.has(t))return(0,s.Right)(void 0);const e=new h.TrustedProperties(r);return(0,P.eitherSeqRecord)({iv:()=>e.getIv(),memberTlv:()=>e.getNewMember()}).ifRight(a=>this.trustedMembers.set(t,a))}}0&&(module.exports={ParseStreamToDeviceTask});
1
+ "use strict";var m=Object.defineProperty;var l=Object.getOwnPropertyDescriptor;var k=Object.getOwnPropertyNames;var S=Object.prototype.hasOwnProperty;var T=(n,t)=>{for(var r in t)m(n,r,{get:t[r],enumerable:!0})},g=(n,t,r,e)=>{if(t&&typeof t=="object"||typeof t=="function")for(let a of k(t))!S.call(n,a)&&a!==r&&m(n,a,{get:()=>t[a],enumerable:!(e=l(t,a))||e.enumerable});return n};var R=n=>g(m({},"__esModule",{value:!0}),n);var L={};T(L,{ParseStreamToDeviceTask:()=>E});module.exports=R(L);var o=require("@ledgerhq/device-management-kit"),s=require("purify-ts"),i=require("../../../api/app-binder/Errors"),c=require("../../app-binder/command/ParseBlockSignatureCommand"),d=require("../../app-binder/command/ParseStreamBlockCommand"),p=require("../../app-binder/command/ParseStreamBlockHeader"),P=require("../../app-binder/command/SetTrustedMemberCommand"),h=require("../../utils/eitherSeqRecord"),u=require("../../utils/hex"),f=require("./utils/TrustedProperties");class E{constructor(t){this.api=t}lastTrustedMember=null;trustedMembers=new Map;run({seedBlock:t,applicationStream:r}){return this.parseBlock(t).chain(()=>r?this.parseStream(r):s.EitherAsync.liftEither((0,s.Right)(void 0)))}parseStream(t){return s.EitherAsync.liftEither(t.parse()).chain(r=>s.EitherAsync.sequence(r.map(e=>this.parseBlock(e))))}parseBlock(t){return s.EitherAsync.liftEither(t.parse()).chain(r=>this.setTrustedMember((0,u.bytesToHex)(r.issuer)).map(()=>r)).chain(async r=>{try{const e=await this.api.sendCommand(new p.ParseBlockHeaderCommand(r));if(e.status!==o.CommandResultStatus.Success)return(0,s.Left)(e.error)}catch(e){return(0,s.Left)(new i.LKRPUnknownError(String(e)))}return(0,s.Right)(r)}).chain(r=>s.EitherAsync.sequence(r.commands.map(e=>this.parseCommand(e,(0,u.bytesToHex)(r.issuer)))).map(()=>r)).chain(async r=>{try{const e=await this.api.sendCommand(new c.ParseBlockSignatureCommand(r));if(e.status!==o.CommandResultStatus.Success)return(0,s.Left)(e.error)}catch(e){return(0,s.Left)(new i.LKRPUnknownError(String(e)))}return(0,s.Right)(void 0)})}parseCommand(t,r){const e=t.getPublicKey().orDefault(r);return this.setTrustedMember(e).chain(async()=>{try{const a=await this.api.sendCommand(new d.ParseSingleCommand({command:t.toU8A()}));return a.status!==o.CommandResultStatus.Success?(0,s.Left)(a.error):this.recordTrustedMembers(e,a.data)}catch(a){return(0,s.Left)(new i.LKRPUnknownError(String(a)))}})}setTrustedMember(t){return s.EitherAsync.fromPromise(async()=>{if(t===this.lastTrustedMember)return(0,s.Right)(void 0);const r=this.trustedMembers.get(t);if(!r)return(0,s.Right)(void 0);try{const e=await this.api.sendCommand(new P.SetTrustedMemberCommand(r));if(e.status!==o.CommandResultStatus.Success)return(0,s.Left)(e.error)}catch(e){return(0,s.Left)(new i.LKRPUnknownError(String(e)))}return(0,s.Right)(void 0)})}recordTrustedMembers(t,r){if(this.lastTrustedMember=t,r.length===0||this.trustedMembers.has(t))return(0,s.Right)(void 0);const e=new f.TrustedProperties(r);return(0,h.eitherSeqRecord)({iv:()=>e.getIv(),memberTlv:()=>e.getNewMember()}).ifRight(a=>this.trustedMembers.set(t,a))}}0&&(module.exports={ParseStreamToDeviceTask});
2
2
  //# sourceMappingURL=ParseStreamToDeviceTask.js.map
package/lib/cjs/internal/app-binder/task/ParseStreamToDeviceTask.js.map CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "version": 3,
3
3
  "sources": ["../../../../../src/internal/app-binder/task/ParseStreamToDeviceTask.ts"],
4
- "sourcesContent": ["import {\n CommandResultStatus,\n type InternalApi,\n UnknownDAError,\n} from \"@ledgerhq/device-management-kit\";\nimport { type Either, EitherAsync, Left, Right } from \"purify-ts\";\n\nimport {\n type LKRPMissingDataError,\n type LKRPParsingError,\n} from \"@api/app-binder/Errors\";\nimport { type SetTrustedMemberCommandArgs } from \"@api/app-binder/SetTrustedMemberTypes\";\nimport { ParseBlockSignatureCommand } from \"@internal/app-binder/command/ParseBlockSignatureCommand\";\nimport { ParseSingleCommand } from \"@internal/app-binder/command/ParseStreamBlockCommand\";\nimport { ParseBlockHeaderCommand } from \"@internal/app-binder/command/ParseStreamBlockHeader\";\nimport { SetTrustedMemberCommand } from \"@internal/app-binder/command/SetTrustedMemberCommand\";\nimport { type LKRPDeviceCommandError } from \"@internal/app-binder/command/utils/ledgerKeyringProtocolErrors\";\nimport { eitherSeqRecord } from \"@internal/utils/eitherSeqRecord\";\nimport { bytesToHex } from \"@internal/utils/hex\";\nimport { type LKRPBlock } from \"@internal/utils/LKRPBlock\";\nimport { type LKRPBlockStream } from \"@internal/utils/LKRPBlockStream\";\nimport { type LKRPCommand } from \"@internal/utils/LKRPCommand\";\nimport { type LKRPBlockParsedData } from \"@internal/utils/types\";\n\nimport { TrustedProperties } from \"./utils/TrustedProperties\";\n\nexport type ParseStreamToDeviceTaskInput = {\n seedBlock: LKRPBlock; // The seed block is mandatory for now because the trustchain creation / parse empty stream are not yet implemented\n applicationStream: LKRPBlockStream | null;\n};\n\ntype ParseStreamTaskError =\n | LKRPDeviceCommandError\n | LKRPParsingError\n | LKRPMissingDataError\n | UnknownDAError;\n\nexport class ParseStreamToDeviceTask {\n private lastTrustedMember: string | null = null;\n private trustedMembers = new Map<string, SetTrustedMemberCommandArgs>();\n\n constructor(private readonly api: InternalApi) {}\n\n run({ seedBlock, applicationStream }: ParseStreamToDeviceTaskInput) {\n return this.parseBlock(seedBlock).chain<ParseStreamTaskError, unknown>(\n () =>\n applicationStream\n ? this.parseStream(applicationStream)\n : EitherAsync.liftEither(Right(undefined)),\n );\n }\n\n parseStream(stream: LKRPBlockStream) {\n return EitherAsync.liftEither(stream.parse()).chain<\n ParseStreamTaskError,\n unknown\n >((blocks) =>\n EitherAsync.sequence(blocks.map((block) => this.parseBlock(block))),\n );\n }\n\n parseBlock(block: LKRPBlock) {\n return (\n EitherAsync.liftEither(block.parse())\n\n .chain<ParseStreamTaskError, LKRPBlockParsedData>((data) =>\n this.setTrustedMember(bytesToHex(data.issuer)).map(() => data),\n )\n\n // Parse the block header\n .chain<ParseStreamTaskError, LKRPBlockParsedData>(async (data) => {\n try {\n const response = await this.api.sendCommand(\n new ParseBlockHeaderCommand(data),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n } catch (error) {\n return Left(new UnknownDAError(String(error)));\n }\n return Right(data);\n })\n\n // Parse each command\n .chain<ParseStreamTaskError, LKRPBlockParsedData>((data) =>\n EitherAsync.sequence(\n data.commands.map((command) =>\n this.parseCommand(command, bytesToHex(data.issuer)),\n ),\n ).map(() => data),\n )\n\n // Parse the block signature\n .chain<ParseStreamTaskError, void>(async (data) => {\n try {\n const response = await this.api.sendCommand(\n new ParseBlockSignatureCommand(data),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n } catch (error) {\n return Left(new UnknownDAError(String(error)));\n }\n return Right(undefined);\n })\n );\n }\n\n parseCommand(command: LKRPCommand, blockIssuer: string) {\n const publicKey = command.getPublicKey().orDefault(blockIssuer);\n\n // Parse the command\n return this.setTrustedMember(publicKey).chain<\n ParseStreamTaskError,\n unknown\n >(async () => {\n try {\n const response = await this.api.sendCommand(\n new ParseSingleCommand({ command: command.toU8A() }),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n return this.recordTrustedMembers(publicKey, response.data);\n } catch (error) {\n return Left(new UnknownDAError(String(error)));\n }\n });\n }\n\n setTrustedMember(publicKey: string) {\n // NOTE: Set Trusted Member only when needed\n // i.e: when this command wasn't signed by the device (see recordTrustedMembers NOTE) nor the last trusted member\n return EitherAsync.fromPromise<ParseStreamTaskError, void>(async () => {\n if (publicKey === this.lastTrustedMember) {\n return Right(undefined);\n }\n const trustedMember = this.trustedMembers.get(publicKey);\n if (!trustedMember) {\n return Right(undefined);\n }\n try {\n const response = await this.api.sendCommand(\n new SetTrustedMemberCommand(trustedMember),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n } catch (error) {\n return Left(new UnknownDAError(String(error)));\n }\n return Right(undefined);\n });\n }\n\n recordTrustedMembers(\n publicKey: string,\n trustedPropsBytes: Uint8Array,\n ): Either<LKRPParsingError | LKRPMissingDataError, unknown> {\n this.lastTrustedMember = publicKey;\n\n // NOTE: Whenever a command which was signed by the device is parsed on the same device\n // the parse block apdu returns empty trusted properties.\n // Therefore this function will never record the device as a trusted member.\n // (which is fine because the device doesn't need to set itself as a trusted member).\n if (trustedPropsBytes.length === 0 || this.trustedMembers.has(publicKey)) {\n return Right(undefined);\n }\n\n const trustedProps = new TrustedProperties(trustedPropsBytes);\n return eitherSeqRecord({\n iv: () => trustedProps.getIv(),\n memberTlv: () => trustedProps.getNewMember(),\n }).ifRight((trustedMember) =>\n this.trustedMembers.set(publicKey, trustedMember),\n );\n }\n}\n"],
5
- "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,6BAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAIO,2CACPC,EAAsD,qBAOtDC,EAA2C,mEAC3CC,EAAmC,gEACnCC,EAAwC,+DACxCC,EAAwC,gEAExCC,EAAgC,2CAChCC,EAA2B,+BAM3BC,EAAkC,qCAa3B,MAAMV,CAAwB,CAInC,YAA6BW,EAAkB,CAAlB,SAAAA,CAAmB,CAHxC,kBAAmC,KACnC,eAAiB,IAAI,IAI7B,IAAI,CAAE,UAAAC,EAAW,kBAAAC,CAAkB,EAAiC,CAClE,OAAO,KAAK,WAAWD,CAAS,EAAE,MAChC,IACEC,EACI,KAAK,YAAYA,CAAiB,EAClC,cAAY,cAAW,SAAM,MAAS,CAAC,CAC/C,CACF,CAEA,YAAYC,EAAyB,CACnC,OAAO,cAAY,WAAWA,EAAO,MAAM,CAAC,EAAE,MAG3CC,GACD,cAAY,SAASA,EAAO,IAAKC,GAAU,KAAK,WAAWA,CAAK,CAAC,CAAC,CACpE,CACF,CAEA,WAAWA,EAAkB,CAC3B,OACE,cAAY,WAAWA,EAAM,MAAM,CAAC,EAEjC,MAAkDC,GACjD,KAAK,oBAAiB,cAAWA,EAAK,MAAM,CAAC,EAAE,IAAI,IAAMA,CAAI,CAC/D,EAGC,MAAiD,MAAOA,GAAS,CAChE,GAAI,CACF,MAAMC,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,0BAAwBD,CAAI,CAClC,EACA,GAAIC,EAAS,SAAW,sBAAoB,QAC1C,SAAO,QAAKA,EAAS,KAAK,CAE9B,OAASC,EAAO,CACd,SAAO,QAAK,IAAI,iBAAe,OAAOA,CAAK,CAAC,CAAC,CAC/C,CACA,SAAO,SAAMF,CAAI,CACnB,CAAC,EAGA,MAAkDA,GACjD,cAAY,SACVA,EAAK,SAAS,IAAKG,GACjB,KAAK,aAAaA,KAAS,cAAWH,EAAK,MAAM,CAAC,CACpD,CACF,EAAE,IAAI,IAAMA,CAAI,CAClB,EAGC,MAAkC,MAAOA,GAAS,CACjD,GAAI,CACF,MAAMC,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,6BAA2BD,CAAI,CACrC,EACA,GAAIC,EAAS,SAAW,sBAAoB,QAC1C,SAAO,QAAKA,EAAS,KAAK,CAE9B,OAASC,EAAO,CACd,SAAO,QAAK,IAAI,iBAAe,OAAOA,CAAK,CAAC,CAAC,CAC/C,CACA,SAAO,SAAM,MAAS,CACxB,CAAC,CAEP,CAEA,aAAaC,EAAsBC,EAAqB,CACtD,MAAMC,EAAYF,EAAQ,aAAa,EAAE,UAAUC,CAAW,EAG9D,OAAO,KAAK,iBAAiBC,CAAS,EAAE,MAGtC,SAAY,CACZ,GAAI,CACF,MAAMJ,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,qBAAmB,CAAE,QAASE,EAAQ,MAAM,CAAE,CAAC,CACrD,EACA,OAAIF,EAAS,SAAW,sBAAoB,WACnC,QAAKA,EAAS,KAAK,EAErB,KAAK,qBAAqBI,EAAWJ,EAAS,IAAI,CAC3D,OAASC,EAAO,CACd,SAAO,QAAK,IAAI,iBAAe,OAAOA,CAAK,CAAC,CAAC,CAC/C,CACF,CAAC,CACH,CAEA,iBAAiBG,EAAmB,CAGlC,OAAO,cAAY,YAAwC,SAAY,CACrE,GAAIA,IAAc,KAAK,kBACrB,SAAO,SAAM,MAAS,EAExB,MAAMC,EAAgB,KAAK,eAAe,IAAID,CAAS,EACvD,GAAI,CAACC,EACH,SAAO,SAAM,MAAS,EAExB,GAAI,CACF,MAAML,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,0BAAwBK,CAAa,CAC3C,EACA,GAAIL,EAAS,SAAW,sBAAoB,QAC1C,SAAO,QAAKA,EAAS,KAAK,CAE9B,OAASC,EAAO,CACd,SAAO,QAAK,IAAI,iBAAe,OAAOA,CAAK,CAAC,CAAC,CAC/C,CACA,SAAO,SAAM,MAAS,CACxB,CAAC,CACH,CAEA,qBACEG,EACAE,EAC0D,CAO1D,GANA,KAAK,kBAAoBF,EAMrBE,EAAkB,SAAW,GAAK,KAAK,eAAe,IAAIF,CAAS,EACrE,SAAO,SAAM,MAAS,EAGxB,MAAMG,EAAe,IAAI,oBAAkBD,CAAiB,EAC5D,SAAO,mBAAgB,CACrB,GAAI,IAAMC,EAAa,MAAM,EAC7B,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,EAAE,QAASF,GACV,KAAK,eAAe,IAAID,EAAWC,CAAa,CAClD,CACF,CACF",
6
- "names": ["ParseStreamToDeviceTask_exports", "__export", "ParseStreamToDeviceTask", "__toCommonJS", "import_device_management_kit", "import_purify_ts", "import_ParseBlockSignatureCommand", "import_ParseStreamBlockCommand", "import_ParseStreamBlockHeader", "import_SetTrustedMemberCommand", "import_eitherSeqRecord", "import_hex", "import_TrustedProperties", "api", "seedBlock", "applicationStream", "stream", "blocks", "block", "data", "response", "error", "command", "blockIssuer", "publicKey", "trustedMember", "trustedPropsBytes", "trustedProps"]
4
+ "sourcesContent": ["import {\n CommandResultStatus,\n type InternalApi,\n} from \"@ledgerhq/device-management-kit\";\nimport { type Either, EitherAsync, Left, Right } from \"purify-ts\";\n\nimport {\n type LKRPMissingDataError,\n type LKRPParsingError,\n LKRPUnknownError,\n} from \"@api/app-binder/Errors\";\nimport { type SetTrustedMemberCommandArgs } from \"@api/app-binder/SetTrustedMemberTypes\";\nimport { ParseBlockSignatureCommand } from \"@internal/app-binder/command/ParseBlockSignatureCommand\";\nimport { ParseSingleCommand } from \"@internal/app-binder/command/ParseStreamBlockCommand\";\nimport { ParseBlockHeaderCommand } from \"@internal/app-binder/command/ParseStreamBlockHeader\";\nimport { SetTrustedMemberCommand } from \"@internal/app-binder/command/SetTrustedMemberCommand\";\nimport { type LKRPDeviceCommandError } from \"@internal/app-binder/command/utils/ledgerKeyringProtocolErrors\";\nimport { type LKRPBlockParsedData } from \"@internal/models/LKRPBlockTypes\";\nimport { eitherSeqRecord } from \"@internal/utils/eitherSeqRecord\";\nimport { bytesToHex } from \"@internal/utils/hex\";\nimport { type LKRPBlock } from \"@internal/utils/LKRPBlock\";\nimport { type LKRPBlockStream } from \"@internal/utils/LKRPBlockStream\";\nimport { type LKRPCommand } from \"@internal/utils/LKRPCommand\";\n\nimport { TrustedProperties } from \"./utils/TrustedProperties\";\n\nexport type ParseStreamToDeviceTaskInput = {\n seedBlock: LKRPBlock; // The seed block is mandatory for now because the trustchain creation / parse empty stream are not yet implemented\n applicationStream: LKRPBlockStream | null;\n};\n\ntype ParseStreamTaskError =\n | LKRPDeviceCommandError\n | LKRPParsingError\n | LKRPMissingDataError\n | LKRPUnknownError;\n\nexport class ParseStreamToDeviceTask {\n private lastTrustedMember: string | null = null;\n private trustedMembers = new Map<string, SetTrustedMemberCommandArgs>();\n\n constructor(private readonly api: InternalApi) {}\n\n run({ seedBlock, applicationStream }: ParseStreamToDeviceTaskInput) {\n return this.parseBlock(seedBlock).chain<ParseStreamTaskError, unknown>(\n () =>\n applicationStream\n ? this.parseStream(applicationStream)\n : EitherAsync.liftEither(Right(undefined)),\n );\n }\n\n parseStream(stream: LKRPBlockStream) {\n return EitherAsync.liftEither(stream.parse()).chain<\n ParseStreamTaskError,\n unknown\n >((blocks) =>\n EitherAsync.sequence(blocks.map((block) => this.parseBlock(block))),\n );\n }\n\n parseBlock(block: LKRPBlock) {\n return (\n EitherAsync.liftEither(block.parse())\n\n .chain<ParseStreamTaskError, LKRPBlockParsedData>((data) =>\n this.setTrustedMember(bytesToHex(data.issuer)).map(() => data),\n )\n\n // Parse the block header\n .chain<ParseStreamTaskError, LKRPBlockParsedData>(async (data) => {\n try {\n const response = await this.api.sendCommand(\n new ParseBlockHeaderCommand(data),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n } catch (error) {\n return Left(new LKRPUnknownError(String(error)));\n }\n return Right(data);\n })\n\n // Parse each command\n .chain<ParseStreamTaskError, LKRPBlockParsedData>((data) =>\n EitherAsync.sequence(\n data.commands.map((command) =>\n this.parseCommand(command, bytesToHex(data.issuer)),\n ),\n ).map(() => data),\n )\n\n // Parse the block signature\n .chain<ParseStreamTaskError, void>(async (data) => {\n try {\n const response = await this.api.sendCommand(\n new ParseBlockSignatureCommand(data),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n } catch (error) {\n return Left(new LKRPUnknownError(String(error)));\n }\n return Right(undefined);\n })\n );\n }\n\n parseCommand(command: LKRPCommand, blockIssuer: string) {\n const publicKey = command.getPublicKey().orDefault(blockIssuer);\n\n // Parse the command\n return this.setTrustedMember(publicKey).chain<\n ParseStreamTaskError,\n unknown\n >(async () => {\n try {\n const response = await this.api.sendCommand(\n new ParseSingleCommand({ command: command.toU8A() }),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n return this.recordTrustedMembers(publicKey, response.data);\n } catch (error) {\n return Left(new LKRPUnknownError(String(error)));\n }\n });\n }\n\n setTrustedMember(publicKey: string) {\n // NOTE: Set Trusted Member only when needed\n // i.e: when this command wasn't signed by the device (see recordTrustedMembers NOTE) nor the last trusted member\n return EitherAsync.fromPromise<ParseStreamTaskError, void>(async () => {\n if (publicKey === this.lastTrustedMember) {\n return Right(undefined);\n }\n const trustedMember = this.trustedMembers.get(publicKey);\n if (!trustedMember) {\n return Right(undefined);\n }\n try {\n const response = await this.api.sendCommand(\n new SetTrustedMemberCommand(trustedMember),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n } catch (error) {\n return Left(new LKRPUnknownError(String(error)));\n }\n return Right(undefined);\n });\n }\n\n recordTrustedMembers(\n publicKey: string,\n trustedPropsBytes: Uint8Array,\n ): Either<LKRPParsingError | LKRPMissingDataError, unknown> {\n this.lastTrustedMember = publicKey;\n\n // NOTE: Whenever a command which was signed by the device is parsed on the same device\n // the parse block apdu returns empty trusted properties.\n // Therefore this function will never record the device as a trusted member.\n // (which is fine because the device doesn't need to set itself as a trusted member).\n if (trustedPropsBytes.length === 0 || this.trustedMembers.has(publicKey)) {\n return Right(undefined);\n }\n\n const trustedProps = new TrustedProperties(trustedPropsBytes);\n return eitherSeqRecord({\n iv: () => trustedProps.getIv(),\n memberTlv: () => trustedProps.getNewMember(),\n }).ifRight((trustedMember) =>\n this.trustedMembers.set(publicKey, trustedMember),\n );\n }\n}\n"],
5
+ "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,6BAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAGO,2CACPC,EAAsD,qBAEtDC,EAIO,kCAEPC,EAA2C,mEAC3CC,EAAmC,gEACnCC,EAAwC,+DACxCC,EAAwC,gEAGxCC,EAAgC,2CAChCC,EAA2B,+BAK3BC,EAAkC,qCAa3B,MAAMX,CAAwB,CAInC,YAA6BY,EAAkB,CAAlB,SAAAA,CAAmB,CAHxC,kBAAmC,KACnC,eAAiB,IAAI,IAI7B,IAAI,CAAE,UAAAC,EAAW,kBAAAC,CAAkB,EAAiC,CAClE,OAAO,KAAK,WAAWD,CAAS,EAAE,MAChC,IACEC,EACI,KAAK,YAAYA,CAAiB,EAClC,cAAY,cAAW,SAAM,MAAS,CAAC,CAC/C,CACF,CAEA,YAAYC,EAAyB,CACnC,OAAO,cAAY,WAAWA,EAAO,MAAM,CAAC,EAAE,MAG3CC,GACD,cAAY,SAASA,EAAO,IAAKC,GAAU,KAAK,WAAWA,CAAK,CAAC,CAAC,CACpE,CACF,CAEA,WAAWA,EAAkB,CAC3B,OACE,cAAY,WAAWA,EAAM,MAAM,CAAC,EAEjC,MAAkDC,GACjD,KAAK,oBAAiB,cAAWA,EAAK,MAAM,CAAC,EAAE,IAAI,IAAMA,CAAI,CAC/D,EAGC,MAAiD,MAAOA,GAAS,CAChE,GAAI,CACF,MAAMC,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,0BAAwBD,CAAI,CAClC,EACA,GAAIC,EAAS,SAAW,sBAAoB,QAC1C,SAAO,QAAKA,EAAS,KAAK,CAE9B,OAASC,EAAO,CACd,SAAO,QAAK,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CAAC,CACjD,CACA,SAAO,SAAMF,CAAI,CACnB,CAAC,EAGA,MAAkDA,GACjD,cAAY,SACVA,EAAK,SAAS,IAAKG,GACjB,KAAK,aAAaA,KAAS,cAAWH,EAAK,MAAM,CAAC,CACpD,CACF,EAAE,IAAI,IAAMA,CAAI,CAClB,EAGC,MAAkC,MAAOA,GAAS,CACjD,GAAI,CACF,MAAMC,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,6BAA2BD,CAAI,CACrC,EACA,GAAIC,EAAS,SAAW,sBAAoB,QAC1C,SAAO,QAAKA,EAAS,KAAK,CAE9B,OAASC,EAAO,CACd,SAAO,QAAK,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CAAC,CACjD,CACA,SAAO,SAAM,MAAS,CACxB,CAAC,CAEP,CAEA,aAAaC,EAAsBC,EAAqB,CACtD,MAAMC,EAAYF,EAAQ,aAAa,EAAE,UAAUC,CAAW,EAG9D,OAAO,KAAK,iBAAiBC,CAAS,EAAE,MAGtC,SAAY,CACZ,GAAI,CACF,MAAMJ,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,qBAAmB,CAAE,QAASE,EAAQ,MAAM,CAAE,CAAC,CACrD,EACA,OAAIF,EAAS,SAAW,sBAAoB,WACnC,QAAKA,EAAS,KAAK,EAErB,KAAK,qBAAqBI,EAAWJ,EAAS,IAAI,CAC3D,OAASC,EAAO,CACd,SAAO,QAAK,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CAAC,CACjD,CACF,CAAC,CACH,CAEA,iBAAiBG,EAAmB,CAGlC,OAAO,cAAY,YAAwC,SAAY,CACrE,GAAIA,IAAc,KAAK,kBACrB,SAAO,SAAM,MAAS,EAExB,MAAMC,EAAgB,KAAK,eAAe,IAAID,CAAS,EACvD,GAAI,CAACC,EACH,SAAO,SAAM,MAAS,EAExB,GAAI,CACF,MAAML,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,0BAAwBK,CAAa,CAC3C,EACA,GAAIL,EAAS,SAAW,sBAAoB,QAC1C,SAAO,QAAKA,EAAS,KAAK,CAE9B,OAASC,EAAO,CACd,SAAO,QAAK,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CAAC,CACjD,CACA,SAAO,SAAM,MAAS,CACxB,CAAC,CACH,CAEA,qBACEG,EACAE,EAC0D,CAO1D,GANA,KAAK,kBAAoBF,EAMrBE,EAAkB,SAAW,GAAK,KAAK,eAAe,IAAIF,CAAS,EACrE,SAAO,SAAM,MAAS,EAGxB,MAAMG,EAAe,IAAI,oBAAkBD,CAAiB,EAC5D,SAAO,mBAAgB,CACrB,GAAI,IAAMC,EAAa,MAAM,EAC7B,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,EAAE,QAASF,GACV,KAAK,eAAe,IAAID,EAAWC,CAAa,CAClD,CACF,CACF",
6
+ "names": ["ParseStreamToDeviceTask_exports", "__export", "ParseStreamToDeviceTask", "__toCommonJS", "import_device_management_kit", "import_purify_ts", "import_Errors", "import_ParseBlockSignatureCommand", "import_ParseStreamBlockCommand", "import_ParseStreamBlockHeader", "import_SetTrustedMemberCommand", "import_eitherSeqRecord", "import_hex", "import_TrustedProperties", "api", "seedBlock", "applicationStream", "stream", "blocks", "block", "data", "response", "error", "command", "blockIssuer", "publicKey", "trustedMember", "trustedPropsBytes", "trustedProps"]
7
7
  }
package/lib/cjs/internal/app-binder/task/SignBlockTask.js CHANGED
@@ -1,2 +1,2 @@
1
- "use strict";var g=Object.defineProperty;var b=Object.getOwnPropertyDescriptor;var P=Object.getOwnPropertyNames;var f=Object.prototype.hasOwnProperty;var B=(s,r)=>{for(var e in r)g(s,e,{get:r[e],enumerable:!0})},K=(s,r,e,i)=>{if(r&&typeof r=="object"||typeof r=="function")for(let n of P(r))!f.call(s,n)&&n!==e&&g(s,n,{get:()=>r[n],enumerable:!(i=b(r,n))||i.enumerable});return s};var D=s=>K(g({},"__esModule",{value:!0}),s);var M={};B(M,{ISSUER_PLACEHOLDER:()=>h,SignBlockTask:()=>w});module.exports=D(M);var o=require("@ledgerhq/device-management-kit"),t=require("purify-ts"),S=require("../../app-binder/command/SignBlockHeader"),C=require("../../app-binder/command/SignBlockSignatureCommand"),v=require("../../app-binder/command/SignBlockSingleCommand"),l=require("../../utils/crypto"),d=require("../../utils/eitherSeqRecord"),k=require("../../utils/LKRPBlock"),y=require("../../utils/LKRPCommand"),a=require("../../utils/TLVTags"),u=require("./utils/TrustedProperties");const h=new Uint8Array([3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]);class w{constructor(r){this.api=r}run({lkrpDataSource:r,trustchainId:e,path:i,jwt:n,parent:m,blockFlow:c,sessionKeypair:A}){const E=this.signCommands(i,c);return(0,d.eitherAsyncSeqRecord)({header:this.signBlockHeader(m,E.length),commands:t.EitherAsync.sequence(E),signature:this.signBlockSignature(A)}).chain(p=>t.EitherAsync.liftEither(this.decryptBlock(m,p))).chain(p=>{switch(c.type){case"derive":return r.postDerivation(e,p,n);case"addMember":return r.putCommands(e,i,p,n)}})}signBlockHeader(r,e){return t.EitherAsync.fromPromise(async()=>{const i=Uint8Array.from([[a.GeneralTags.Int,1,1],[a.GeneralTags.Hash,r.length,...r],[a.GeneralTags.PublicKey,h.length,...h],[a.GeneralTags.Int,1,e]].flat());try{const n=await this.api.sendCommand(new S.SignBlockHeaderCommand({header:i}));if(n.status!==o.CommandResultStatus.Success)return(0,t.Left)(n.error);const m=new u.TrustedProperties(n.data);return(0,d.eitherSeqRecord)({iv:()=>m.getIv(),issuer:()=>m.getIssuer()})}catch(n){return(0,t.Left)(new o.UnknownDAError(String(n)))}})}signBlockSignature(r){return t.EitherAsync.fromPromise(async()=>{try{const e=await this.api.sendCommand(new C.SignBlockSignatureCommand);if(e.status!==o.CommandResultStatus.Success)return(0,t.Left)(e.error);const{signature:i,deviceSessionKey:n}=e.data,m=r.ecdh(n).slice(1);return(0,t.Right)({signature:i,secret:m})}catch(e){return(0,t.Left)(new o.UnknownDAError(String(e)))}})}signCommands(r,e){switch(e.type){case"derive":return[this.signDeriveCommand(r),this.signAddMemberCommand(e.data),this.signPublishKeyCommand(e.data)];case"addMember":return[this.signAddMemberCommand(e.data),this.signPublishKeyCommand(e.data)]}}signSingleCommand(r){return t.EitherAsync.fromPromise(async()=>{try{const e=await this.api.sendCommand(new v.SignBlockSingleCommand({command:r}));return e.status!==o.CommandResultStatus.Success?(0,t.Left)(e.error):(0,t.Right)(new u.TrustedProperties(e.data))}catch(e){return(0,t.Left)(new o.UnknownDAError(String(e)))}})}signDeriveCommand(r){return this.signSingleCommand(y.LKRPCommand.bytesFromUnsignedData({type:a.CommandTags.Derive,path:r})).chain(e=>t.EitherAsync.liftEither((0,d.eitherSeqRecord)({type:a.CommandTags.Derive,path:r,iv:()=>e.getIv(),xpriv:()=>e.getXPriv(),ephemeralPublicKey:()=>e.getEphemeralPublicKey(),commandIv:()=>e.getCommandIv(),groupKey:()=>e.getGroupKey(),newMember:()=>e.getNewMember()})))}signAddMemberCommand({name:r,publicKey:e,permissions:i}){return this.signSingleCommand(y.LKRPCommand.bytesFromUnsignedData({type:a.CommandTags.AddMember,name:r,publicKey:e,permissions:i})).chain(n=>t.EitherAsync.liftEither((0,d.eitherSeqRecord)({type:a.CommandTags.AddMember,name:r,publicKey:e,permissions:i,iv:()=>n.getIv(),newMember:()=>n.getNewMember()})))}signPublishKeyCommand({publicKey:r}){return this.signSingleCommand(y.LKRPCommand.bytesFromUnsignedData({type:a.CommandTags.PublishKey,recipient:r})).chain(e=>t.EitherAsync.liftEither((0,d.eitherSeqRecord)({type:a.CommandTags.PublishKey,recipient:r,iv:()=>e.getIv(),xpriv:()=>e.getXPriv(),ephemeralPublicKey:()=>e.getEphemeralPublicKey(),commandIv:()=>e.getCommandIv(),newMember:()=>e.getNewMember()})))}decryptBlock(r,{header:e,commands:i,signature:n}){const m=l.CryptoUtils.decrypt(n.secret,e.iv,e.issuer);return t.Either.sequence(i.map(c=>this.decryptCommand(n.secret,c))).map(c=>k.LKRPBlock.fromData({parent:(0,o.bufferToHexaString)(r),issuer:m,commands:c,signature:n.signature}))}decryptCommand(r,e){switch(e.type){case a.CommandTags.Derive:case a.CommandTags.PublishKey:{const i=l.CryptoUtils.decrypt(r,e.iv,e.xpriv);return(0,t.Right)(y.LKRPCommand.fromData({...e,initializationVector:e.commandIv,encryptedXpriv:i}))}case a.CommandTags.AddMember:return(0,t.Right)(y.LKRPCommand.fromData({...e}));default:return(0,t.Left)(new o.UnknownDAError("Unsupported command type"))}}}0&&(module.exports={ISSUER_PLACEHOLDER,SignBlockTask});
1
+ "use strict";var u=Object.defineProperty;var k=Object.getOwnPropertyDescriptor;var B=Object.getOwnPropertyNames;var b=Object.prototype.hasOwnProperty;var f=(m,r)=>{for(var e in r)u(m,e,{get:r[e],enumerable:!0})},A=(m,r,e,n)=>{if(r&&typeof r=="object"||typeof r=="function")for(let i of B(r))!b.call(m,i)&&i!==e&&u(m,i,{get:()=>r[i],enumerable:!(n=k(r,i))||n.enumerable});return m};var D=m=>A(u({},"__esModule",{value:!0}),m);var R={};f(R,{SignBlockTask:()=>w});module.exports=D(R);var g=require("@ledgerhq/device-management-kit"),t=require("purify-ts"),o=require("../../../api/app-binder/Errors"),S=require("../../app-binder/command/SignBlockHeader"),C=require("../../app-binder/command/SignBlockSignatureCommand"),P=require("../../app-binder/command/SignBlockSingleCommand"),a=require("../../models/Tags"),l=require("../../utils/crypto"),d=require("../../utils/eitherSeqRecord"),K=require("../../utils/LKRPBlock"),p=require("../../utils/LKRPCommand"),h=require("./utils/TrustedProperties");class w{constructor(r){this.api=r}run({lkrpDataSource:r,trustchainId:e,path:n,jwt:i,parent:c,blockFlow:y,sessionKeypair:v}){const E=this.signCommands(n,y);return(0,d.eitherAsyncSeqRecord)({header:this.signBlockHeader(c,E.length),commands:t.EitherAsync.sequence(E),signature:this.signBlockSignature(v)}).chain(s=>t.EitherAsync.liftEither(this.decryptBlock(c,s))).chain(s=>{switch(y.type){case"derive":return r.postDerivation(e,s,i);case"addMember":return r.putCommands(e,n,s,i)}}).mapLeft(s=>s instanceof o.LKRPDataSourceError&&s.status==="BAD_REQUEST"?new o.LKRPOutdatedTrustchainError:s)}signBlockHeader(r,e){return t.EitherAsync.fromPromise(async()=>{try{const n=await this.api.sendCommand(new S.SignBlockHeaderCommand({parent:r,commandCount:e}));if(n.status!==g.CommandResultStatus.Success)return(0,t.Left)(n.error);const i=new h.TrustedProperties(n.data);return(0,d.eitherSeqRecord)({iv:()=>i.getIv(),issuer:()=>i.getIssuer()})}catch(n){return(0,t.Left)(new o.LKRPUnknownError(String(n)))}})}signBlockSignature(r){return t.EitherAsync.fromPromise(async()=>{try{const e=await this.api.sendCommand(new C.SignBlockSignatureCommand);if(e.status!==g.CommandResultStatus.Success)return(0,t.Left)(e.error);const{signature:n,deviceSessionKey:i}=e.data,c=r.ecdh(i).slice(1);return(0,t.Right)({signature:n,secret:c})}catch(e){return(0,t.Left)(new o.LKRPUnknownError(String(e)))}})}signCommands(r,e){switch(e.type){case"derive":return[this.signDeriveCommand(r),this.signAddMemberCommand(e.data),this.signPublishKeyCommand(e.data)];case"addMember":return[this.signAddMemberCommand(e.data),this.signPublishKeyCommand(e.data)]}}signSingleCommand(r){return t.EitherAsync.fromPromise(async()=>{try{const e=await this.api.sendCommand(new P.SignBlockSingleCommand({command:r}));return e.status!==g.CommandResultStatus.Success?(0,t.Left)(e.error):(0,t.Right)(new h.TrustedProperties(e.data))}catch(e){return(0,t.Left)(new o.LKRPUnknownError(String(e)))}})}signDeriveCommand(r){return this.signSingleCommand(p.LKRPCommand.bytesFromUnsignedData({type:a.CommandTags.Derive,path:r})).chain(e=>t.EitherAsync.liftEither((0,d.eitherSeqRecord)({type:a.CommandTags.Derive,path:r,iv:()=>e.getIv(),xpriv:()=>e.getXPriv(),ephemeralPublicKey:()=>e.getEphemeralPublicKey(),commandIv:()=>e.getCommandIv(),groupKey:()=>e.getGroupKey(),newMember:()=>e.getNewMember()})))}signAddMemberCommand({name:r,publicKey:e,permissions:n}){return this.signSingleCommand(p.LKRPCommand.bytesFromUnsignedData({type:a.CommandTags.AddMember,name:r,publicKey:e,permissions:n})).chain(i=>t.EitherAsync.liftEither((0,d.eitherSeqRecord)({type:a.CommandTags.AddMember,name:r,publicKey:e,permissions:n,iv:()=>i.getIv(),newMember:()=>i.getNewMember()})))}signPublishKeyCommand({publicKey:r}){return this.signSingleCommand(p.LKRPCommand.bytesFromUnsignedData({type:a.CommandTags.PublishKey,recipient:r})).chain(e=>t.EitherAsync.liftEither((0,d.eitherSeqRecord)({type:a.CommandTags.PublishKey,recipient:r,iv:()=>e.getIv(),xpriv:()=>e.getXPriv(),ephemeralPublicKey:()=>e.getEphemeralPublicKey(),commandIv:()=>e.getCommandIv(),newMember:()=>e.getNewMember()})))}decryptBlock(r,{header:e,commands:n,signature:i}){const c=l.CryptoUtils.decrypt(i.secret,e.iv,e.issuer);return t.Either.sequence(n.map(y=>this.decryptCommand(i.secret,y))).map(y=>K.LKRPBlock.fromData({parent:(0,g.bufferToHexaString)(r),issuer:c,commands:y,signature:i.signature}))}decryptCommand(r,e){switch(e.type){case a.CommandTags.Derive:case a.CommandTags.PublishKey:{const n=l.CryptoUtils.decrypt(r,e.iv,e.xpriv);return(0,t.Right)(p.LKRPCommand.fromData({...e,initializationVector:e.commandIv,encryptedXpriv:n}))}case a.CommandTags.AddMember:return(0,t.Right)(p.LKRPCommand.fromData({...e}));default:return(0,t.Left)(new o.LKRPUnsupportedCommandError(e))}}}0&&(module.exports={SignBlockTask});
2
2
  //# sourceMappingURL=SignBlockTask.js.map
package/lib/cjs/internal/app-binder/task/SignBlockTask.js.map CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "version": 3,
3
3
  "sources": ["../../../../../src/internal/app-binder/task/SignBlockTask.ts"],
4
- "sourcesContent": ["import {\n bufferToHexaString,\n CommandResultStatus,\n type InternalApi,\n UnknownDAError,\n} from \"@ledgerhq/device-management-kit\";\nimport { Either, EitherAsync, Left, Right } from \"purify-ts\";\n\nimport {\n type LKRPHttpRequestError,\n type LKRPMissingDataError,\n type LKRPParsingError,\n} from \"@api/app-binder/Errors\";\nimport { type JWT, type Keypair } from \"@api/index\";\nimport { SignBlockHeaderCommand } from \"@internal/app-binder/command/SignBlockHeader\";\nimport { SignBlockSignatureCommand } from \"@internal/app-binder/command/SignBlockSignatureCommand\";\nimport { SignBlockSingleCommand } from \"@internal/app-binder/command/SignBlockSingleCommand\";\nimport { type LKRPDeviceCommandError } from \"@internal/app-binder/command/utils/ledgerKeyringProtocolErrors\";\nimport { type LKRPDataSource } from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport { CryptoUtils } from \"@internal/utils/crypto\";\nimport {\n eitherAsyncSeqRecord,\n eitherSeqRecord,\n} from \"@internal/utils/eitherSeqRecord\";\nimport { LKRPBlock } from \"@internal/utils/LKRPBlock\";\nimport { LKRPCommand } from \"@internal/utils/LKRPCommand\";\nimport { CommandTags, GeneralTags } from \"@internal/utils/TLVTags\";\nimport {\n type AddMemberUnsignedData,\n type EncryptedCommand,\n type EncryptedDeriveCommand,\n type EncryptedPublishKeyCommand,\n} from \"@internal/utils/types\";\n\nimport { TrustedProperties } from \"./utils/TrustedProperties\";\n\ntype BlockFlow =\n | { type: \"derive\"; data: AddMemberBlockData }\n | { type: \"addMember\"; data: AddMemberBlockData };\n\ntype AddMemberBlockData = {\n name: string;\n publicKey: Uint8Array;\n permissions: number;\n};\n\ntype HeaderPayload = {\n iv: Uint8Array;\n issuer: Uint8Array;\n};\ntype SignaturePayload = {\n secret: Uint8Array;\n signature: Uint8Array;\n};\n\ntype EncryptedBlock = {\n header: HeaderPayload;\n commands: EncryptedCommand[];\n signature: SignaturePayload;\n};\n\nexport type SignBlockError =\n | LKRPDeviceCommandError\n | LKRPParsingError\n | LKRPMissingDataError\n | LKRPHttpRequestError\n | UnknownDAError;\n\nexport type SignBlockTaskInput = {\n lkrpDataSource: LKRPDataSource;\n trustchainId: string;\n path: string;\n jwt: JWT;\n parent: Uint8Array;\n blockFlow: BlockFlow;\n sessionKeypair: Keypair;\n};\n\nexport const ISSUER_PLACEHOLDER = new Uint8Array([\n 3, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,\n 0, 0, 0, 0, 0, 0, 0,\n]);\n\nexport class SignBlockTask {\n constructor(private readonly api: InternalApi) {}\n\n run({\n lkrpDataSource,\n trustchainId,\n path,\n jwt,\n parent,\n blockFlow,\n sessionKeypair,\n }: SignBlockTaskInput): EitherAsync<SignBlockError, void> {\n const commands = this.signCommands(path, blockFlow);\n return eitherAsyncSeqRecord({\n header: this.signBlockHeader(parent, commands.length),\n commands: EitherAsync.sequence(commands),\n signature: this.signBlockSignature(sessionKeypair),\n })\n .chain((encryptedBlock) =>\n EitherAsync.liftEither(this.decryptBlock(parent, encryptedBlock)),\n )\n .chain((block) => {\n switch (blockFlow.type) {\n case \"derive\":\n return lkrpDataSource.postDerivation(trustchainId, block, jwt);\n case \"addMember\":\n return lkrpDataSource.putCommands(trustchainId, path, block, jwt);\n }\n });\n }\n\n signBlockHeader(\n parent: Uint8Array,\n commandCount: number,\n ): EitherAsync<SignBlockError, HeaderPayload> {\n return EitherAsync.fromPromise(async () => {\n const header = Uint8Array.from(\n [\n [GeneralTags.Int, 1, 1], // Version 1\n [GeneralTags.Hash, parent.length, ...parent], // Parent block hash\n [\n GeneralTags.PublicKey,\n ISSUER_PLACEHOLDER.length,\n ...ISSUER_PLACEHOLDER,\n ], // Placeholder for issuer public key (will be replaced by the device)\n [GeneralTags.Int, 1, commandCount],\n ].flat(),\n );\n try {\n const response = await this.api.sendCommand(\n new SignBlockHeaderCommand({ header }),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n const trustedProps = new TrustedProperties(response.data);\n return eitherSeqRecord({\n iv: () => trustedProps.getIv(),\n issuer: () => trustedProps.getIssuer(),\n }) as Either<SignBlockError, HeaderPayload>;\n } catch (error) {\n return Left(new UnknownDAError(String(error)));\n }\n });\n }\n\n signBlockSignature(\n sessionKeypair: Keypair,\n ): EitherAsync<SignBlockError, SignaturePayload> {\n return EitherAsync.fromPromise(async () => {\n try {\n const response = await this.api.sendCommand(\n new SignBlockSignatureCommand(),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n const { signature, deviceSessionKey } = response.data;\n // At this step, the shared secret is used directly as an encryption key after removing the first byte\n const secret = sessionKeypair.ecdh(deviceSessionKey).slice(1);\n return Right({ signature, secret });\n } catch (error) {\n return Left(new UnknownDAError(String(error)));\n }\n });\n }\n\n signCommands(\n applicationPath: string,\n block: BlockFlow,\n ): EitherAsync<SignBlockError, EncryptedCommand>[] {\n switch (block.type) {\n case \"derive\":\n return [\n this.signDeriveCommand(applicationPath),\n this.signAddMemberCommand(block.data),\n this.signPublishKeyCommand(block.data),\n ];\n case \"addMember\":\n return [\n this.signAddMemberCommand(block.data),\n this.signPublishKeyCommand(block.data),\n ];\n }\n }\n\n signSingleCommand(command: Uint8Array) {\n return EitherAsync.fromPromise(\n async (): Promise<Either<SignBlockError, TrustedProperties>> => {\n try {\n const response = await this.api.sendCommand(\n new SignBlockSingleCommand({ command }),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n return Right(new TrustedProperties(response.data));\n } catch (error) {\n return Left(new UnknownDAError(String(error)));\n }\n },\n );\n }\n\n signDeriveCommand(applicationPath: string) {\n return this.signSingleCommand(\n LKRPCommand.bytesFromUnsignedData({\n type: CommandTags.Derive,\n path: applicationPath,\n }),\n ).chain((trustedProps) =>\n EitherAsync.liftEither<SignBlockError, EncryptedDeriveCommand>(\n eitherSeqRecord({\n type: CommandTags.Derive,\n path: applicationPath,\n iv: () => trustedProps.getIv(),\n xpriv: () => trustedProps.getXPriv(),\n ephemeralPublicKey: () => trustedProps.getEphemeralPublicKey(),\n commandIv: () => trustedProps.getCommandIv(),\n groupKey: () => trustedProps.getGroupKey(),\n newMember: () => trustedProps.getNewMember(), // Just validate it's there\n }),\n ),\n );\n }\n\n signAddMemberCommand({ name, publicKey, permissions }: AddMemberBlockData) {\n return this.signSingleCommand(\n LKRPCommand.bytesFromUnsignedData({\n type: CommandTags.AddMember,\n name,\n publicKey,\n permissions,\n }),\n ).chain((trustedProps) =>\n EitherAsync.liftEither<SignBlockError, AddMemberUnsignedData>(\n eitherSeqRecord({\n type: CommandTags.AddMember,\n name,\n publicKey,\n permissions,\n iv: () => trustedProps.getIv(), // Just validate it's there\n newMember: () => trustedProps.getNewMember(), // Just validate it's there\n }),\n ),\n );\n }\n\n signPublishKeyCommand({ publicKey }: Pick<AddMemberBlockData, \"publicKey\">) {\n return this.signSingleCommand(\n LKRPCommand.bytesFromUnsignedData({\n type: CommandTags.PublishKey,\n recipient: publicKey,\n }),\n ).chain((trustedProps) =>\n EitherAsync.liftEither<SignBlockError, EncryptedPublishKeyCommand>(\n eitherSeqRecord({\n type: CommandTags.PublishKey,\n recipient: publicKey,\n iv: () => trustedProps.getIv(),\n xpriv: () => trustedProps.getXPriv(),\n ephemeralPublicKey: () => trustedProps.getEphemeralPublicKey(),\n commandIv: () => trustedProps.getCommandIv(),\n newMember: () => trustedProps.getNewMember(), // Just validate it's there,\n }),\n ),\n );\n }\n\n decryptBlock(\n parent: Uint8Array,\n { header, commands, signature }: EncryptedBlock,\n ): Either<SignBlockError, LKRPBlock> {\n const decryptedIssuer = CryptoUtils.decrypt(\n signature.secret,\n header.iv,\n header.issuer,\n );\n return Either.sequence(\n commands.map((command) => this.decryptCommand(signature.secret, command)),\n ).map((decryptedCommands) =>\n LKRPBlock.fromData({\n parent: bufferToHexaString(parent),\n issuer: decryptedIssuer,\n commands: decryptedCommands,\n signature: signature.signature,\n }),\n );\n }\n\n decryptCommand(\n secret: Uint8Array,\n command: EncryptedCommand,\n ): Either<UnknownDAError, LKRPCommand> {\n switch (command.type) {\n case CommandTags.Derive:\n case CommandTags.PublishKey: {\n const encryptedXpriv = CryptoUtils.decrypt(\n secret,\n command.iv,\n command.xpriv,\n );\n return Right(\n LKRPCommand.fromData({\n ...command,\n initializationVector: command.commandIv,\n encryptedXpriv,\n }),\n );\n }\n case CommandTags.AddMember:\n return Right(LKRPCommand.fromData({ ...command }));\n default:\n return Left(new UnknownDAError(\"Unsupported command type\"));\n }\n }\n}\n"],
5
- "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,wBAAAE,EAAA,kBAAAC,IAAA,eAAAC,EAAAJ,GAAA,IAAAK,EAKO,2CACPC,EAAiD,qBAQjDC,EAAuC,wDACvCC,EAA0C,kEAC1CC,EAAuC,+DAGvCC,EAA4B,kCAC5BC,EAGO,2CACPC,EAA0B,qCAC1BC,EAA4B,uCAC5BC,EAAyC,mCAQzCC,EAAkC,qCA4C3B,MAAMb,EAAqB,IAAI,WAAW,CAC/C,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAC3E,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,CACpB,CAAC,EAEM,MAAMC,CAAc,CACzB,YAA6Ba,EAAkB,CAAlB,SAAAA,CAAmB,CAEhD,IAAI,CACF,eAAAC,EACA,aAAAC,EACA,KAAAC,EACA,IAAAC,EACA,OAAAC,EACA,UAAAC,EACA,eAAAC,CACF,EAA0D,CACxD,MAAMC,EAAW,KAAK,aAAaL,EAAMG,CAAS,EAClD,SAAO,wBAAqB,CAC1B,OAAQ,KAAK,gBAAgBD,EAAQG,EAAS,MAAM,EACpD,SAAU,cAAY,SAASA,CAAQ,EACvC,UAAW,KAAK,mBAAmBD,CAAc,CACnD,CAAC,EACE,MAAOE,GACN,cAAY,WAAW,KAAK,aAAaJ,EAAQI,CAAc,CAAC,CAClE,EACC,MAAOC,GAAU,CAChB,OAAQJ,EAAU,KAAM,CACtB,IAAK,SACH,OAAOL,EAAe,eAAeC,EAAcQ,EAAON,CAAG,EAC/D,IAAK,YACH,OAAOH,EAAe,YAAYC,EAAcC,EAAMO,EAAON,CAAG,CACpE,CACF,CAAC,CACL,CAEA,gBACEC,EACAM,EAC4C,CAC5C,OAAO,cAAY,YAAY,SAAY,CACzC,MAAMC,EAAS,WAAW,KACxB,CACE,CAAC,cAAY,IAAK,EAAG,CAAC,EACtB,CAAC,cAAY,KAAMP,EAAO,OAAQ,GAAGA,CAAM,EAC3C,CACE,cAAY,UACZnB,EAAmB,OACnB,GAAGA,CACL,EACA,CAAC,cAAY,IAAK,EAAGyB,CAAY,CACnC,EAAE,KAAK,CACT,EACA,GAAI,CACF,MAAME,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,yBAAuB,CAAE,OAAAD,CAAO,CAAC,CACvC,EACA,GAAIC,EAAS,SAAW,sBAAoB,QAC1C,SAAO,QAAKA,EAAS,KAAK,EAE5B,MAAMC,EAAe,IAAI,oBAAkBD,EAAS,IAAI,EACxD,SAAO,mBAAgB,CACrB,GAAI,IAAMC,EAAa,MAAM,EAC7B,OAAQ,IAAMA,EAAa,UAAU,CACvC,CAAC,CACH,OAASC,EAAO,CACd,SAAO,QAAK,IAAI,iBAAe,OAAOA,CAAK,CAAC,CAAC,CAC/C,CACF,CAAC,CACH,CAEA,mBACER,EAC+C,CAC/C,OAAO,cAAY,YAAY,SAAY,CACzC,GAAI,CACF,MAAMM,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,2BACN,EACA,GAAIA,EAAS,SAAW,sBAAoB,QAC1C,SAAO,QAAKA,EAAS,KAAK,EAE5B,KAAM,CAAE,UAAAG,EAAW,iBAAAC,CAAiB,EAAIJ,EAAS,KAE3CK,EAASX,EAAe,KAAKU,CAAgB,EAAE,MAAM,CAAC,EAC5D,SAAO,SAAM,CAAE,UAAAD,EAAW,OAAAE,CAAO,CAAC,CACpC,OAASH,EAAO,CACd,SAAO,QAAK,IAAI,iBAAe,OAAOA,CAAK,CAAC,CAAC,CAC/C,CACF,CAAC,CACH,CAEA,aACEI,EACAT,EACiD,CACjD,OAAQA,EAAM,KAAM,CAClB,IAAK,SACH,MAAO,CACL,KAAK,kBAAkBS,CAAe,EACtC,KAAK,qBAAqBT,EAAM,IAAI,EACpC,KAAK,sBAAsBA,EAAM,IAAI,CACvC,EACF,IAAK,YACH,MAAO,CACL,KAAK,qBAAqBA,EAAM,IAAI,EACpC,KAAK,sBAAsBA,EAAM,IAAI,CACvC,CACJ,CACF,CAEA,kBAAkBU,EAAqB,CACrC,OAAO,cAAY,YACjB,SAAgE,CAC9D,GAAI,CACF,MAAMP,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,yBAAuB,CAAE,QAAAO,CAAQ,CAAC,CACxC,EACA,OAAIP,EAAS,SAAW,sBAAoB,WACnC,QAAKA,EAAS,KAAK,KAErB,SAAM,IAAI,oBAAkBA,EAAS,IAAI,CAAC,CACnD,OAASE,EAAO,CACd,SAAO,QAAK,IAAI,iBAAe,OAAOA,CAAK,CAAC,CAAC,CAC/C,CACF,CACF,CACF,CAEA,kBAAkBI,EAAyB,CACzC,OAAO,KAAK,kBACV,cAAY,sBAAsB,CAChC,KAAM,cAAY,OAClB,KAAMA,CACR,CAAC,CACH,EAAE,MAAOL,GACP,cAAY,cACV,mBAAgB,CACd,KAAM,cAAY,OAClB,KAAMK,EACN,GAAI,IAAML,EAAa,MAAM,EAC7B,MAAO,IAAMA,EAAa,SAAS,EACnC,mBAAoB,IAAMA,EAAa,sBAAsB,EAC7D,UAAW,IAAMA,EAAa,aAAa,EAC3C,SAAU,IAAMA,EAAa,YAAY,EACzC,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,qBAAqB,CAAE,KAAAO,EAAM,UAAAC,EAAW,YAAAC,CAAY,EAAuB,CACzE,OAAO,KAAK,kBACV,cAAY,sBAAsB,CAChC,KAAM,cAAY,UAClB,KAAAF,EACA,UAAAC,EACA,YAAAC,CACF,CAAC,CACH,EAAE,MAAOT,GACP,cAAY,cACV,mBAAgB,CACd,KAAM,cAAY,UAClB,KAAAO,EACA,UAAAC,EACA,YAAAC,EACA,GAAI,IAAMT,EAAa,MAAM,EAC7B,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,sBAAsB,CAAE,UAAAQ,CAAU,EAA0C,CAC1E,OAAO,KAAK,kBACV,cAAY,sBAAsB,CAChC,KAAM,cAAY,WAClB,UAAWA,CACb,CAAC,CACH,EAAE,MAAOR,GACP,cAAY,cACV,mBAAgB,CACd,KAAM,cAAY,WAClB,UAAWQ,EACX,GAAI,IAAMR,EAAa,MAAM,EAC7B,MAAO,IAAMA,EAAa,SAAS,EACnC,mBAAoB,IAAMA,EAAa,sBAAsB,EAC7D,UAAW,IAAMA,EAAa,aAAa,EAC3C,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,aACET,EACA,CAAE,OAAAO,EAAQ,SAAAJ,EAAU,UAAAQ,CAAU,EACK,CACnC,MAAMQ,EAAkB,cAAY,QAClCR,EAAU,OACVJ,EAAO,GACPA,EAAO,MACT,EACA,OAAO,SAAO,SACZJ,EAAS,IAAKY,GAAY,KAAK,eAAeJ,EAAU,OAAQI,CAAO,CAAC,CAC1E,EAAE,IAAKK,GACL,YAAU,SAAS,CACjB,UAAQ,sBAAmBpB,CAAM,EACjC,OAAQmB,EACR,SAAUC,EACV,UAAWT,EAAU,SACvB,CAAC,CACH,CACF,CAEA,eACEE,EACAE,EACqC,CACrC,OAAQA,EAAQ,KAAM,CACpB,KAAK,cAAY,OACjB,KAAK,cAAY,WAAY,CAC3B,MAAMM,EAAiB,cAAY,QACjCR,EACAE,EAAQ,GACRA,EAAQ,KACV,EACA,SAAO,SACL,cAAY,SAAS,CACnB,GAAGA,EACH,qBAAsBA,EAAQ,UAC9B,eAAAM,CACF,CAAC,CACH,CACF,CACA,KAAK,cAAY,UACf,SAAO,SAAM,cAAY,SAAS,CAAE,GAAGN,CAAQ,CAAC,CAAC,EACnD,QACE,SAAO,QAAK,IAAI,iBAAe,0BAA0B,CAAC,CAC9D,CACF,CACF",
6
- "names": ["SignBlockTask_exports", "__export", "ISSUER_PLACEHOLDER", "SignBlockTask", "__toCommonJS", "import_device_management_kit", "import_purify_ts", "import_SignBlockHeader", "import_SignBlockSignatureCommand", "import_SignBlockSingleCommand", "import_crypto", "import_eitherSeqRecord", "import_LKRPBlock", "import_LKRPCommand", "import_TLVTags", "import_TrustedProperties", "api", "lkrpDataSource", "trustchainId", "path", "jwt", "parent", "blockFlow", "sessionKeypair", "commands", "encryptedBlock", "block", "commandCount", "header", "response", "trustedProps", "error", "signature", "deviceSessionKey", "secret", "applicationPath", "command", "name", "publicKey", "permissions", "decryptedIssuer", "decryptedCommands", "encryptedXpriv"]
4
+ "sourcesContent": ["import {\n bufferToHexaString,\n CommandResultStatus,\n type InternalApi,\n} from \"@ledgerhq/device-management-kit\";\nimport { Either, EitherAsync, Left, Right } from \"purify-ts\";\n\nimport {\n LKRPDataSourceError,\n type LKRPMissingDataError,\n LKRPOutdatedTrustchainError,\n type LKRPParsingError,\n LKRPUnknownError,\n LKRPUnsupportedCommandError,\n} from \"@api/app-binder/Errors\";\nimport { type JWT, type Keypair } from \"@api/index\";\nimport { SignBlockHeaderCommand } from \"@internal/app-binder/command/SignBlockHeader\";\nimport { SignBlockSignatureCommand } from \"@internal/app-binder/command/SignBlockSignatureCommand\";\nimport { SignBlockSingleCommand } from \"@internal/app-binder/command/SignBlockSingleCommand\";\nimport { type LKRPDeviceCommandError } from \"@internal/app-binder/command/utils/ledgerKeyringProtocolErrors\";\nimport { type LKRPDataSource } from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport {\n type AddMemberUnsignedData,\n type EncryptedCommand,\n type EncryptedDeriveCommand,\n type EncryptedPublishKeyCommand,\n} from \"@internal/models/LKRPCommandTypes\";\nimport { CommandTags } from \"@internal/models/Tags\";\nimport { CryptoUtils } from \"@internal/utils/crypto\";\nimport {\n eitherAsyncSeqRecord,\n eitherSeqRecord,\n} from \"@internal/utils/eitherSeqRecord\";\nimport { LKRPBlock } from \"@internal/utils/LKRPBlock\";\nimport { LKRPCommand } from \"@internal/utils/LKRPCommand\";\n\nimport { TrustedProperties } from \"./utils/TrustedProperties\";\n\ntype BlockFlow =\n | { type: \"derive\"; data: AddMemberBlockData }\n | { type: \"addMember\"; data: AddMemberBlockData };\n\ntype AddMemberBlockData = {\n name: string;\n publicKey: Uint8Array;\n permissions: number;\n};\n\ntype HeaderPayload = {\n iv: Uint8Array;\n issuer: Uint8Array;\n};\ntype SignaturePayload = {\n secret: Uint8Array;\n signature: Uint8Array;\n};\n\ntype EncryptedBlock = {\n header: HeaderPayload;\n commands: EncryptedCommand[];\n signature: SignaturePayload;\n};\n\ntype SignBlockError =\n | LKRPDeviceCommandError\n | LKRPParsingError\n | LKRPMissingDataError\n | LKRPDataSourceError\n | LKRPOutdatedTrustchainError\n | LKRPUnknownError;\n\nexport type SignBlockTaskInput = {\n lkrpDataSource: LKRPDataSource;\n trustchainId: string;\n path: string;\n jwt: JWT;\n parent: Uint8Array;\n blockFlow: BlockFlow;\n sessionKeypair: Keypair;\n};\n\nexport class SignBlockTask {\n constructor(private readonly api: InternalApi) {}\n\n run({\n lkrpDataSource,\n trustchainId,\n path,\n jwt,\n parent,\n blockFlow,\n sessionKeypair,\n }: SignBlockTaskInput): EitherAsync<SignBlockError, void> {\n const commands = this.signCommands(path, blockFlow);\n return eitherAsyncSeqRecord({\n header: this.signBlockHeader(parent, commands.length),\n commands: EitherAsync.sequence(commands),\n signature: this.signBlockSignature(sessionKeypair),\n })\n .chain((encryptedBlock) =>\n EitherAsync.liftEither(this.decryptBlock(parent, encryptedBlock)),\n )\n .chain((block) => {\n switch (blockFlow.type) {\n case \"derive\":\n return lkrpDataSource.postDerivation(trustchainId, block, jwt);\n case \"addMember\":\n return lkrpDataSource.putCommands(trustchainId, path, block, jwt);\n }\n })\n .mapLeft((error) =>\n error instanceof LKRPDataSourceError && error.status === \"BAD_REQUEST\"\n ? new LKRPOutdatedTrustchainError()\n : error,\n );\n }\n\n signBlockHeader(\n parent: Uint8Array,\n commandCount: number,\n ): EitherAsync<SignBlockError, HeaderPayload> {\n return EitherAsync.fromPromise(async () => {\n try {\n const response = await this.api.sendCommand(\n new SignBlockHeaderCommand({ parent, commandCount }),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n const trustedProps = new TrustedProperties(response.data);\n return eitherSeqRecord({\n iv: () => trustedProps.getIv(),\n issuer: () => trustedProps.getIssuer(),\n }) as Either<SignBlockError, HeaderPayload>;\n } catch (error) {\n return Left(new LKRPUnknownError(String(error)));\n }\n });\n }\n\n signBlockSignature(\n sessionKeypair: Keypair,\n ): EitherAsync<SignBlockError, SignaturePayload> {\n return EitherAsync.fromPromise(async () => {\n try {\n const response = await this.api.sendCommand(\n new SignBlockSignatureCommand(),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n const { signature, deviceSessionKey } = response.data;\n // At this step, the shared secret is used directly as an encryption key after removing the first byte\n const secret = sessionKeypair.ecdh(deviceSessionKey).slice(1);\n return Right({ signature, secret });\n } catch (error) {\n return Left(new LKRPUnknownError(String(error)));\n }\n });\n }\n\n signCommands(\n applicationPath: string,\n block: BlockFlow,\n ): EitherAsync<SignBlockError, EncryptedCommand>[] {\n switch (block.type) {\n case \"derive\":\n return [\n this.signDeriveCommand(applicationPath),\n this.signAddMemberCommand(block.data),\n this.signPublishKeyCommand(block.data),\n ];\n case \"addMember\":\n return [\n this.signAddMemberCommand(block.data),\n this.signPublishKeyCommand(block.data),\n ];\n }\n }\n\n signSingleCommand(command: Uint8Array) {\n return EitherAsync.fromPromise(\n async (): Promise<Either<SignBlockError, TrustedProperties>> => {\n try {\n const response = await this.api.sendCommand(\n new SignBlockSingleCommand({ command }),\n );\n if (response.status !== CommandResultStatus.Success) {\n return Left(response.error);\n }\n return Right(new TrustedProperties(response.data));\n } catch (error) {\n return Left(new LKRPUnknownError(String(error)));\n }\n },\n );\n }\n\n signDeriveCommand(applicationPath: string) {\n return this.signSingleCommand(\n LKRPCommand.bytesFromUnsignedData({\n type: CommandTags.Derive,\n path: applicationPath,\n }),\n ).chain((trustedProps) =>\n EitherAsync.liftEither<SignBlockError, EncryptedDeriveCommand>(\n eitherSeqRecord({\n type: CommandTags.Derive,\n path: applicationPath,\n iv: () => trustedProps.getIv(),\n xpriv: () => trustedProps.getXPriv(),\n ephemeralPublicKey: () => trustedProps.getEphemeralPublicKey(),\n commandIv: () => trustedProps.getCommandIv(),\n groupKey: () => trustedProps.getGroupKey(),\n newMember: () => trustedProps.getNewMember(), // Just validate it's there\n }),\n ),\n );\n }\n\n signAddMemberCommand({ name, publicKey, permissions }: AddMemberBlockData) {\n return this.signSingleCommand(\n LKRPCommand.bytesFromUnsignedData({\n type: CommandTags.AddMember,\n name,\n publicKey,\n permissions,\n }),\n ).chain((trustedProps) =>\n EitherAsync.liftEither<SignBlockError, AddMemberUnsignedData>(\n eitherSeqRecord({\n type: CommandTags.AddMember,\n name,\n publicKey,\n permissions,\n iv: () => trustedProps.getIv(), // Just validate it's there\n newMember: () => trustedProps.getNewMember(), // Just validate it's there\n }),\n ),\n );\n }\n\n signPublishKeyCommand({ publicKey }: Pick<AddMemberBlockData, \"publicKey\">) {\n return this.signSingleCommand(\n LKRPCommand.bytesFromUnsignedData({\n type: CommandTags.PublishKey,\n recipient: publicKey,\n }),\n ).chain((trustedProps) =>\n EitherAsync.liftEither<SignBlockError, EncryptedPublishKeyCommand>(\n eitherSeqRecord({\n type: CommandTags.PublishKey,\n recipient: publicKey,\n iv: () => trustedProps.getIv(),\n xpriv: () => trustedProps.getXPriv(),\n ephemeralPublicKey: () => trustedProps.getEphemeralPublicKey(),\n commandIv: () => trustedProps.getCommandIv(),\n newMember: () => trustedProps.getNewMember(), // Just validate it's there,\n }),\n ),\n );\n }\n\n decryptBlock(\n parent: Uint8Array,\n { header, commands, signature }: EncryptedBlock,\n ): Either<SignBlockError, LKRPBlock> {\n const decryptedIssuer = CryptoUtils.decrypt(\n signature.secret,\n header.iv,\n header.issuer,\n );\n return Either.sequence(\n commands.map((command) => this.decryptCommand(signature.secret, command)),\n ).map((decryptedCommands) =>\n LKRPBlock.fromData({\n parent: bufferToHexaString(parent),\n issuer: decryptedIssuer,\n commands: decryptedCommands,\n signature: signature.signature,\n }),\n );\n }\n\n decryptCommand(\n secret: Uint8Array,\n command: EncryptedCommand,\n ): Either<LKRPUnknownError, LKRPCommand> {\n switch (command.type) {\n case CommandTags.Derive:\n case CommandTags.PublishKey: {\n const encryptedXpriv = CryptoUtils.decrypt(\n secret,\n command.iv,\n command.xpriv,\n );\n return Right(\n LKRPCommand.fromData({\n ...command,\n initializationVector: command.commandIv,\n encryptedXpriv,\n }),\n );\n }\n case CommandTags.AddMember:\n return Right(LKRPCommand.fromData({ ...command }));\n default:\n return Left(new LKRPUnsupportedCommandError(command));\n }\n }\n}\n"],
5
+ "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,mBAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAIO,2CACPC,EAAiD,qBAEjDC,EAOO,kCAEPC,EAAuC,wDACvCC,EAA0C,kEAC1CC,EAAuC,+DASvCC,EAA4B,iCAC5BC,EAA4B,kCAC5BC,EAGO,2CACPC,EAA0B,qCAC1BC,EAA4B,uCAE5BC,EAAkC,qCA6C3B,MAAMb,CAAc,CACzB,YAA6Bc,EAAkB,CAAlB,SAAAA,CAAmB,CAEhD,IAAI,CACF,eAAAC,EACA,aAAAC,EACA,KAAAC,EACA,IAAAC,EACA,OAAAC,EACA,UAAAC,EACA,eAAAC,CACF,EAA0D,CACxD,MAAMC,EAAW,KAAK,aAAaL,EAAMG,CAAS,EAClD,SAAO,wBAAqB,CAC1B,OAAQ,KAAK,gBAAgBD,EAAQG,EAAS,MAAM,EACpD,SAAU,cAAY,SAASA,CAAQ,EACvC,UAAW,KAAK,mBAAmBD,CAAc,CACnD,CAAC,EACE,MAAOE,GACN,cAAY,WAAW,KAAK,aAAaJ,EAAQI,CAAc,CAAC,CAClE,EACC,MAAOC,GAAU,CAChB,OAAQJ,EAAU,KAAM,CACtB,IAAK,SACH,OAAOL,EAAe,eAAeC,EAAcQ,EAAON,CAAG,EAC/D,IAAK,YACH,OAAOH,EAAe,YAAYC,EAAcC,EAAMO,EAAON,CAAG,CACpE,CACF,CAAC,EACA,QAASO,GACRA,aAAiB,uBAAuBA,EAAM,SAAW,cACrD,IAAI,8BACJA,CACN,CACJ,CAEA,gBACEN,EACAO,EAC4C,CAC5C,OAAO,cAAY,YAAY,SAAY,CACzC,GAAI,CACF,MAAMC,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,yBAAuB,CAAE,OAAAR,EAAQ,aAAAO,CAAa,CAAC,CACrD,EACA,GAAIC,EAAS,SAAW,sBAAoB,QAC1C,SAAO,QAAKA,EAAS,KAAK,EAE5B,MAAMC,EAAe,IAAI,oBAAkBD,EAAS,IAAI,EACxD,SAAO,mBAAgB,CACrB,GAAI,IAAMC,EAAa,MAAM,EAC7B,OAAQ,IAAMA,EAAa,UAAU,CACvC,CAAC,CACH,OAASH,EAAO,CACd,SAAO,QAAK,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CAAC,CACjD,CACF,CAAC,CACH,CAEA,mBACEJ,EAC+C,CAC/C,OAAO,cAAY,YAAY,SAAY,CACzC,GAAI,CACF,MAAMM,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,2BACN,EACA,GAAIA,EAAS,SAAW,sBAAoB,QAC1C,SAAO,QAAKA,EAAS,KAAK,EAE5B,KAAM,CAAE,UAAAE,EAAW,iBAAAC,CAAiB,EAAIH,EAAS,KAE3CI,EAASV,EAAe,KAAKS,CAAgB,EAAE,MAAM,CAAC,EAC5D,SAAO,SAAM,CAAE,UAAAD,EAAW,OAAAE,CAAO,CAAC,CACpC,OAASN,EAAO,CACd,SAAO,QAAK,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CAAC,CACjD,CACF,CAAC,CACH,CAEA,aACEO,EACAR,EACiD,CACjD,OAAQA,EAAM,KAAM,CAClB,IAAK,SACH,MAAO,CACL,KAAK,kBAAkBQ,CAAe,EACtC,KAAK,qBAAqBR,EAAM,IAAI,EACpC,KAAK,sBAAsBA,EAAM,IAAI,CACvC,EACF,IAAK,YACH,MAAO,CACL,KAAK,qBAAqBA,EAAM,IAAI,EACpC,KAAK,sBAAsBA,EAAM,IAAI,CACvC,CACJ,CACF,CAEA,kBAAkBS,EAAqB,CACrC,OAAO,cAAY,YACjB,SAAgE,CAC9D,GAAI,CACF,MAAMN,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,yBAAuB,CAAE,QAAAM,CAAQ,CAAC,CACxC,EACA,OAAIN,EAAS,SAAW,sBAAoB,WACnC,QAAKA,EAAS,KAAK,KAErB,SAAM,IAAI,oBAAkBA,EAAS,IAAI,CAAC,CACnD,OAASF,EAAO,CACd,SAAO,QAAK,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CAAC,CACjD,CACF,CACF,CACF,CAEA,kBAAkBO,EAAyB,CACzC,OAAO,KAAK,kBACV,cAAY,sBAAsB,CAChC,KAAM,cAAY,OAClB,KAAMA,CACR,CAAC,CACH,EAAE,MAAOJ,GACP,cAAY,cACV,mBAAgB,CACd,KAAM,cAAY,OAClB,KAAMI,EACN,GAAI,IAAMJ,EAAa,MAAM,EAC7B,MAAO,IAAMA,EAAa,SAAS,EACnC,mBAAoB,IAAMA,EAAa,sBAAsB,EAC7D,UAAW,IAAMA,EAAa,aAAa,EAC3C,SAAU,IAAMA,EAAa,YAAY,EACzC,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,qBAAqB,CAAE,KAAAM,EAAM,UAAAC,EAAW,YAAAC,CAAY,EAAuB,CACzE,OAAO,KAAK,kBACV,cAAY,sBAAsB,CAChC,KAAM,cAAY,UAClB,KAAAF,EACA,UAAAC,EACA,YAAAC,CACF,CAAC,CACH,EAAE,MAAOR,GACP,cAAY,cACV,mBAAgB,CACd,KAAM,cAAY,UAClB,KAAAM,EACA,UAAAC,EACA,YAAAC,EACA,GAAI,IAAMR,EAAa,MAAM,EAC7B,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,sBAAsB,CAAE,UAAAO,CAAU,EAA0C,CAC1E,OAAO,KAAK,kBACV,cAAY,sBAAsB,CAChC,KAAM,cAAY,WAClB,UAAWA,CACb,CAAC,CACH,EAAE,MAAOP,GACP,cAAY,cACV,mBAAgB,CACd,KAAM,cAAY,WAClB,UAAWO,EACX,GAAI,IAAMP,EAAa,MAAM,EAC7B,MAAO,IAAMA,EAAa,SAAS,EACnC,mBAAoB,IAAMA,EAAa,sBAAsB,EAC7D,UAAW,IAAMA,EAAa,aAAa,EAC3C,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,aACET,EACA,CAAE,OAAAkB,EAAQ,SAAAf,EAAU,UAAAO,CAAU,EACK,CACnC,MAAMS,EAAkB,cAAY,QAClCT,EAAU,OACVQ,EAAO,GACPA,EAAO,MACT,EACA,OAAO,SAAO,SACZf,EAAS,IAAKW,GAAY,KAAK,eAAeJ,EAAU,OAAQI,CAAO,CAAC,CAC1E,EAAE,IAAKM,GACL,YAAU,SAAS,CACjB,UAAQ,sBAAmBpB,CAAM,EACjC,OAAQmB,EACR,SAAUC,EACV,UAAWV,EAAU,SACvB,CAAC,CACH,CACF,CAEA,eACEE,EACAE,EACuC,CACvC,OAAQA,EAAQ,KAAM,CACpB,KAAK,cAAY,OACjB,KAAK,cAAY,WAAY,CAC3B,MAAMO,EAAiB,cAAY,QACjCT,EACAE,EAAQ,GACRA,EAAQ,KACV,EACA,SAAO,SACL,cAAY,SAAS,CACnB,GAAGA,EACH,qBAAsBA,EAAQ,UAC9B,eAAAO,CACF,CAAC,CACH,CACF,CACA,KAAK,cAAY,UACf,SAAO,SAAM,cAAY,SAAS,CAAE,GAAGP,CAAQ,CAAC,CAAC,EACnD,QACE,SAAO,QAAK,IAAI,8BAA4BA,CAAO,CAAC,CACxD,CACF,CACF",
6
+ "names": ["SignBlockTask_exports", "__export", "SignBlockTask", "__toCommonJS", "import_device_management_kit", "import_purify_ts", "import_Errors", "import_SignBlockHeader", "import_SignBlockSignatureCommand", "import_SignBlockSingleCommand", "import_Tags", "import_crypto", "import_eitherSeqRecord", "import_LKRPBlock", "import_LKRPCommand", "import_TrustedProperties", "api", "lkrpDataSource", "trustchainId", "path", "jwt", "parent", "blockFlow", "sessionKeypair", "commands", "encryptedBlock", "block", "error", "commandCount", "response", "trustedProps", "signature", "deviceSessionKey", "secret", "applicationPath", "command", "name", "publicKey", "permissions", "header", "decryptedIssuer", "decryptedCommands", "encryptedXpriv"]
7
7
  }
package/lib/cjs/internal/app-binder/task/SignChallengeWithKeypairTask.js CHANGED
@@ -1,2 +1,2 @@
1
- "use strict";var p=Object.defineProperty;var m=Object.getOwnPropertyDescriptor;var x=Object.getOwnPropertyNames;var u=Object.prototype.hasOwnProperty;var d=(a,t)=>{for(var n in t)p(a,n,{get:t[n],enumerable:!0})},E=(a,t,n,i)=>{if(t&&typeof t=="object"||typeof t=="function")for(let e of x(t))!u.call(a,e)&&e!==n&&p(a,e,{get:()=>t[e],enumerable:!(i=m(t,e))||i.enumerable});return a};var v=a=>E(p({},"__esModule",{value:!0}),a);var C={};d(C,{SignChallengeWithKeypairTask:()=>A});module.exports=v(C);var g=require("@ledgerhq/device-management-kit"),o=require("purify-ts"),s=require("../../../api/app-binder/Errors"),h=require("../../utils/crypto"),y=require("../../utils/eitherSeqRecord"),l=require("../../utils/hex");class A{constructor(t,n){this.keypair=t;this.trustchainId=n}run(t){const n=this.getAttestation(),i=this.getCredential(this.keypair.pubKeyToHex());return o.EitherAsync.liftEither(this.getUnsignedChallengeTLV(t.tlv)).map(h.CryptoUtils.hash).map(e=>this.keypair.sign(e)).map(l.bytesToHex).map(e=>({challenge:t.json,signature:{attestation:n,credential:i,signature:e}})).mapLeft(e=>e instanceof s.LKRPMissingDataError?e:new g.UnknownDAError(String(e)))}getAttestation(){const t=new TextEncoder().encode(this.trustchainId),n=Uint8Array.from([2,t.length,...t]);return(0,l.bytesToHex)(n)}getCredential(t){return{version:0,curveId:33,signAlgorithm:1,publicKey:t}}getUnsignedChallengeTLV(t){const n=new g.ByteArrayParser((0,l.hexToBytes)(t)),i=new Map(function*(){for(;;){const r=n.extractFieldTLVEncoded();if(!r)break;yield[r.tag,r.value]}}());if(i.size>10)return(0,o.Left)(new s.LKRPMissingDataError("Challenge TLV contains unexpected data"));const e=(r,c)=>o.Maybe.fromNullable(i.get(r)).toEither(new s.LKRPMissingDataError(`Missing ${c} field`));return(0,y.eitherSeqRecord)({payloadType:()=>e(1,"Payload type"),version:()=>e(2,"Version"),challengeExpiry:()=>e(22,"Challenge expiry"),host:()=>e(32,"Host"),protocolVersion:()=>e(96,"Protocol version"),curveId:()=>e(50,"Curve ID"),publicKey:()=>e(51,"Public key"),challengeData:()=>e(18,"Challenge data"),signAlgorithm:()=>e(20,"Sign algorithm"),rpSignatureField:()=>e(21,"RP signature field")}).map(r=>Uint8Array.from([[1,r.payloadType.length,...r.payloadType],[2,r.version.length,...r.version],[18,r.challengeData.length,...r.challengeData],[22,r.challengeExpiry.length,...r.challengeExpiry],[32,r.host.length,...r.host],[96,r.protocolVersion.length,...r.protocolVersion]].flat()))}}0&&(module.exports={SignChallengeWithKeypairTask});
1
+ "use strict";var g=Object.defineProperty;var m=Object.getOwnPropertyDescriptor;var x=Object.getOwnPropertyNames;var u=Object.prototype.hasOwnProperty;var d=(a,t)=>{for(var n in t)g(a,n,{get:t[n],enumerable:!0})},E=(a,t,n,i)=>{if(t&&typeof t=="object"||typeof t=="function")for(let e of x(t))!u.call(a,e)&&e!==n&&g(a,e,{get:()=>t[e],enumerable:!(i=m(t,e))||i.enumerable});return a};var v=a=>E(g({},"__esModule",{value:!0}),a);var C={};d(C,{SignChallengeWithKeypairTask:()=>A});module.exports=v(C);var p=require("@ledgerhq/device-management-kit"),l=require("purify-ts"),o=require("../../../api/app-binder/Errors"),h=require("../../utils/crypto"),y=require("../../utils/eitherSeqRecord"),s=require("../../utils/hex");class A{constructor(t,n){this.keypair=t;this.trustchainId=n}run(t){const n=this.getAttestation(),i=this.getCredential(this.keypair.pubKeyToHex());return l.EitherAsync.liftEither(this.getUnsignedChallengeTLV(t.tlv)).map(h.CryptoUtils.hash).map(e=>this.keypair.sign(e)).map(s.bytesToHex).map(e=>({challenge:t.json,signature:{attestation:n,credential:i,signature:e}})).mapLeft(e=>e instanceof o.LKRPMissingDataError?e:new o.LKRPUnknownError(String(e)))}getAttestation(){const t=new TextEncoder().encode(this.trustchainId),n=Uint8Array.from([2,t.length,...t]);return(0,s.bytesToHex)(n)}getCredential(t){return{version:0,curveId:33,signAlgorithm:1,publicKey:t}}getUnsignedChallengeTLV(t){const n=new p.ByteArrayParser((0,s.hexToBytes)(t)),i=new Map(function*(){for(;;){const r=n.extractFieldTLVEncoded();if(!r)break;yield[r.tag,r.value]}}());if(i.size>10)return(0,l.Left)(new o.LKRPMissingDataError("Challenge TLV contains unexpected data"));const e=(r,c)=>l.Maybe.fromNullable(i.get(r)).toEither(new o.LKRPMissingDataError(`Missing ${c} field`));return(0,y.eitherSeqRecord)({payloadType:()=>e(1,"Payload type"),version:()=>e(2,"Version"),challengeExpiry:()=>e(22,"Challenge expiry"),host:()=>e(32,"Host"),protocolVersion:()=>e(96,"Protocol version"),curveId:()=>e(50,"Curve ID"),publicKey:()=>e(51,"Public key"),challengeData:()=>e(18,"Challenge data"),signAlgorithm:()=>e(20,"Sign algorithm"),rpSignatureField:()=>e(21,"RP signature field")}).map(r=>Uint8Array.from([[1,r.payloadType.length,...r.payloadType],[2,r.version.length,...r.version],[18,r.challengeData.length,...r.challengeData],[22,r.challengeExpiry.length,...r.challengeExpiry],[32,r.host.length,...r.host],[96,r.protocolVersion.length,...r.protocolVersion]].flat()))}}0&&(module.exports={SignChallengeWithKeypairTask});
2
2
  //# sourceMappingURL=SignChallengeWithKeypairTask.js.map
package/lib/cjs/internal/app-binder/task/SignChallengeWithKeypairTask.js.map CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "version": 3,
3
3
  "sources": ["../../../../../src/internal/app-binder/task/SignChallengeWithKeypairTask.ts"],
4
- "sourcesContent": ["import {\n ByteArrayParser,\n UnknownDAError,\n} from \"@ledgerhq/device-management-kit\";\nimport { type Either, EitherAsync, Left, Maybe } from \"purify-ts\";\n\nimport { LKRPMissingDataError } from \"@api/app-binder/Errors\";\nimport { type Keypair } from \"@api/app-binder/LKRPTypes\";\nimport {\n type AuthenticationPayload,\n type Challenge,\n} from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport { CryptoUtils } from \"@internal/utils/crypto\";\nimport { eitherSeqRecord } from \"@internal/utils/eitherSeqRecord\";\nimport { bytesToHex, hexToBytes } from \"@internal/utils/hex\";\n\nexport class SignChallengeWithKeypairTask {\n constructor(\n private readonly keypair: Keypair,\n private readonly trustchainId: string,\n ) {}\n\n run(\n challenge: Challenge,\n ): EitherAsync<LKRPMissingDataError | UnknownDAError, AuthenticationPayload> {\n const attestation = this.getAttestation();\n const credential = this.getCredential(this.keypair.pubKeyToHex());\n\n return EitherAsync.liftEither(this.getUnsignedChallengeTLV(challenge.tlv))\n .map(CryptoUtils.hash)\n .map((hash) => this.keypair.sign(hash))\n .map(bytesToHex)\n .map((signature) => ({\n challenge: challenge.json,\n signature: { attestation, credential, signature },\n }))\n .mapLeft((error) =>\n error instanceof LKRPMissingDataError\n ? error\n : new UnknownDAError(String(error)),\n );\n }\n\n // Spec https://ledgerhq.atlassian.net/wiki/spaces/TA/pages/4335960138/ARCH+LedgerLive+Auth+specifications\n private getAttestation() {\n const bytes = new TextEncoder().encode(this.trustchainId);\n const attestation = Uint8Array.from([0x02, bytes.length, ...bytes]);\n return bytesToHex(attestation);\n }\n\n private getCredential(publicKey: string) {\n return { version: 0, curveId: 33, signAlgorithm: 1, publicKey };\n }\n\n private getUnsignedChallengeTLV(\n tlv: string,\n ): Either<LKRPMissingDataError, Uint8Array> {\n const parser = new ByteArrayParser(hexToBytes(tlv));\n const parsed = new Map(\n (function* () {\n while (true) {\n const field = parser.extractFieldTLVEncoded();\n if (!field) break; // No more fields to extract\n yield [field.tag, field.value];\n }\n })(),\n );\n\n // We expect 10 fields in the TLV\n if (parsed.size > 10) {\n return Left(\n new LKRPMissingDataError(\"Challenge TLV contains unexpected data\"),\n );\n }\n\n const getField = (tag: number, fieldName: string) =>\n Maybe.fromNullable(parsed.get(tag)).toEither(\n new LKRPMissingDataError(`Missing ${fieldName} field`),\n );\n\n return eitherSeqRecord({\n // Unsigned fields\n payloadType: () => getField(0x01, \"Payload type\"),\n version: () => getField(0x02, \"Version\"),\n challengeExpiry: () => getField(0x16, \"Challenge expiry\"),\n host: () => getField(0x20, \"Host\"),\n protocolVersion: () => getField(0x60, \"Protocol version\"),\n\n // Signed fields\n curveId: () => getField(0x32, \"Curve ID\"),\n publicKey: () => getField(0x33, \"Public key\"),\n challengeData: () => getField(0x12, \"Challenge data\"),\n signAlgorithm: () => getField(0x14, \"Sign algorithm\"),\n rpSignatureField: () => getField(0x15, \"RP signature field\"),\n }).map((fields) =>\n Uint8Array.from(\n [\n [0x01, fields.payloadType.length, ...fields.payloadType],\n [0x02, fields.version.length, ...fields.version],\n [0x12, fields.challengeData.length, ...fields.challengeData],\n [0x16, fields.challengeExpiry.length, ...fields.challengeExpiry],\n [0x20, fields.host.length, ...fields.host],\n [0x60, fields.protocolVersion.length, ...fields.protocolVersion],\n ].flat(),\n ),\n );\n }\n}\n"],
5
- "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,kCAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAGO,2CACPC,EAAsD,qBAEtDC,EAAqC,kCAMrCC,EAA4B,kCAC5BC,EAAgC,2CAChCC,EAAuC,+BAEhC,MAAMP,CAA6B,CACxC,YACmBQ,EACAC,EACjB,CAFiB,aAAAD,EACA,kBAAAC,CAChB,CAEH,IACEC,EAC2E,CAC3E,MAAMC,EAAc,KAAK,eAAe,EAClCC,EAAa,KAAK,cAAc,KAAK,QAAQ,YAAY,CAAC,EAEhE,OAAO,cAAY,WAAW,KAAK,wBAAwBF,EAAU,GAAG,CAAC,EACtE,IAAI,cAAY,IAAI,EACpB,IAAKG,GAAS,KAAK,QAAQ,KAAKA,CAAI,CAAC,EACrC,IAAI,YAAU,EACd,IAAKC,IAAe,CACnB,UAAWJ,EAAU,KACrB,UAAW,CAAE,YAAAC,EAAa,WAAAC,EAAY,UAAAE,CAAU,CAClD,EAAE,EACD,QAASC,GACRA,aAAiB,uBACbA,EACA,IAAI,iBAAe,OAAOA,CAAK,CAAC,CACtC,CACJ,CAGQ,gBAAiB,CACvB,MAAMC,EAAQ,IAAI,YAAY,EAAE,OAAO,KAAK,YAAY,EAClDL,EAAc,WAAW,KAAK,CAAC,EAAMK,EAAM,OAAQ,GAAGA,CAAK,CAAC,EAClE,SAAO,cAAWL,CAAW,CAC/B,CAEQ,cAAcM,EAAmB,CACvC,MAAO,CAAE,QAAS,EAAG,QAAS,GAAI,cAAe,EAAG,UAAAA,CAAU,CAChE,CAEQ,wBACNC,EAC0C,CAC1C,MAAMC,EAAS,IAAI,qBAAgB,cAAWD,CAAG,CAAC,EAC5CE,EAAS,IAAI,IAChB,WAAa,CACZ,OAAa,CACX,MAAMC,EAAQF,EAAO,uBAAuB,EAC5C,GAAI,CAACE,EAAO,MACZ,KAAM,CAACA,EAAM,IAAKA,EAAM,KAAK,CAC/B,CACF,EAAG,CACL,EAGA,GAAID,EAAO,KAAO,GAChB,SAAO,QACL,IAAI,uBAAqB,wCAAwC,CACnE,EAGF,MAAME,EAAW,CAACC,EAAaC,IAC7B,QAAM,aAAaJ,EAAO,IAAIG,CAAG,CAAC,EAAE,SAClC,IAAI,uBAAqB,WAAWC,CAAS,QAAQ,CACvD,EAEF,SAAO,mBAAgB,CAErB,YAAa,IAAMF,EAAS,EAAM,cAAc,EAChD,QAAS,IAAMA,EAAS,EAAM,SAAS,EACvC,gBAAiB,IAAMA,EAAS,GAAM,kBAAkB,EACxD,KAAM,IAAMA,EAAS,GAAM,MAAM,EACjC,gBAAiB,IAAMA,EAAS,GAAM,kBAAkB,EAGxD,QAAS,IAAMA,EAAS,GAAM,UAAU,EACxC,UAAW,IAAMA,EAAS,GAAM,YAAY,EAC5C,cAAe,IAAMA,EAAS,GAAM,gBAAgB,EACpD,cAAe,IAAMA,EAAS,GAAM,gBAAgB,EACpD,iBAAkB,IAAMA,EAAS,GAAM,oBAAoB,CAC7D,CAAC,EAAE,IAAKG,GACN,WAAW,KACT,CACE,CAAC,EAAMA,EAAO,YAAY,OAAQ,GAAGA,EAAO,WAAW,EACvD,CAAC,EAAMA,EAAO,QAAQ,OAAQ,GAAGA,EAAO,OAAO,EAC/C,CAAC,GAAMA,EAAO,cAAc,OAAQ,GAAGA,EAAO,aAAa,EAC3D,CAAC,GAAMA,EAAO,gBAAgB,OAAQ,GAAGA,EAAO,eAAe,EAC/D,CAAC,GAAMA,EAAO,KAAK,OAAQ,GAAGA,EAAO,IAAI,EACzC,CAAC,GAAMA,EAAO,gBAAgB,OAAQ,GAAGA,EAAO,eAAe,CACjE,EAAE,KAAK,CACT,CACF,CACF,CACF",
4
+ "sourcesContent": ["import { ByteArrayParser } from \"@ledgerhq/device-management-kit\";\nimport { type Either, EitherAsync, Left, Maybe } from \"purify-ts\";\n\nimport { LKRPMissingDataError, LKRPUnknownError } from \"@api/app-binder/Errors\";\nimport { type Keypair } from \"@api/app-binder/LKRPTypes\";\nimport {\n type AuthenticationPayload,\n type Challenge,\n} from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport { CryptoUtils } from \"@internal/utils/crypto\";\nimport { eitherSeqRecord } from \"@internal/utils/eitherSeqRecord\";\nimport { bytesToHex, hexToBytes } from \"@internal/utils/hex\";\n\nexport class SignChallengeWithKeypairTask {\n constructor(\n private readonly keypair: Keypair,\n private readonly trustchainId: string,\n ) {}\n\n run(\n challenge: Challenge,\n ): EitherAsync<\n LKRPMissingDataError | LKRPUnknownError,\n AuthenticationPayload\n > {\n const attestation = this.getAttestation();\n const credential = this.getCredential(this.keypair.pubKeyToHex());\n\n return EitherAsync.liftEither(this.getUnsignedChallengeTLV(challenge.tlv))\n .map(CryptoUtils.hash)\n .map((hash) => this.keypair.sign(hash))\n .map(bytesToHex)\n .map((signature) => ({\n challenge: challenge.json,\n signature: { attestation, credential, signature },\n }))\n .mapLeft((error) =>\n error instanceof LKRPMissingDataError\n ? error\n : new LKRPUnknownError(String(error)),\n );\n }\n\n // Spec https://ledgerhq.atlassian.net/wiki/spaces/TA/pages/4335960138/ARCH+LedgerLive+Auth+specifications\n private getAttestation() {\n const bytes = new TextEncoder().encode(this.trustchainId);\n const attestation = Uint8Array.from([0x02, bytes.length, ...bytes]);\n return bytesToHex(attestation);\n }\n\n private getCredential(publicKey: string) {\n return { version: 0, curveId: 33, signAlgorithm: 1, publicKey };\n }\n\n private getUnsignedChallengeTLV(\n tlv: string,\n ): Either<LKRPMissingDataError, Uint8Array> {\n const parser = new ByteArrayParser(hexToBytes(tlv));\n const parsed = new Map(\n (function* () {\n while (true) {\n const field = parser.extractFieldTLVEncoded();\n if (!field) break; // No more fields to extract\n yield [field.tag, field.value];\n }\n })(),\n );\n\n // We expect 10 fields in the TLV\n if (parsed.size > 10) {\n return Left(\n new LKRPMissingDataError(\"Challenge TLV contains unexpected data\"),\n );\n }\n\n const getField = (tag: number, fieldName: string) =>\n Maybe.fromNullable(parsed.get(tag)).toEither(\n new LKRPMissingDataError(`Missing ${fieldName} field`),\n );\n\n return eitherSeqRecord({\n // Unsigned fields\n payloadType: () => getField(0x01, \"Payload type\"),\n version: () => getField(0x02, \"Version\"),\n challengeExpiry: () => getField(0x16, \"Challenge expiry\"),\n host: () => getField(0x20, \"Host\"),\n protocolVersion: () => getField(0x60, \"Protocol version\"),\n\n // Signed fields\n curveId: () => getField(0x32, \"Curve ID\"),\n publicKey: () => getField(0x33, \"Public key\"),\n challengeData: () => getField(0x12, \"Challenge data\"),\n signAlgorithm: () => getField(0x14, \"Sign algorithm\"),\n rpSignatureField: () => getField(0x15, \"RP signature field\"),\n }).map((fields) =>\n Uint8Array.from(\n [\n [0x01, fields.payloadType.length, ...fields.payloadType],\n [0x02, fields.version.length, ...fields.version],\n [0x12, fields.challengeData.length, ...fields.challengeData],\n [0x16, fields.challengeExpiry.length, ...fields.challengeExpiry],\n [0x20, fields.host.length, ...fields.host],\n [0x60, fields.protocolVersion.length, ...fields.protocolVersion],\n ].flat(),\n ),\n );\n }\n}\n"],
5
+ "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,kCAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAAgC,2CAChCC,EAAsD,qBAEtDC,EAAuD,kCAMvDC,EAA4B,kCAC5BC,EAAgC,2CAChCC,EAAuC,+BAEhC,MAAMP,CAA6B,CACxC,YACmBQ,EACAC,EACjB,CAFiB,aAAAD,EACA,kBAAAC,CAChB,CAEH,IACEC,EAIA,CACA,MAAMC,EAAc,KAAK,eAAe,EAClCC,EAAa,KAAK,cAAc,KAAK,QAAQ,YAAY,CAAC,EAEhE,OAAO,cAAY,WAAW,KAAK,wBAAwBF,EAAU,GAAG,CAAC,EACtE,IAAI,cAAY,IAAI,EACpB,IAAKG,GAAS,KAAK,QAAQ,KAAKA,CAAI,CAAC,EACrC,IAAI,YAAU,EACd,IAAKC,IAAe,CACnB,UAAWJ,EAAU,KACrB,UAAW,CAAE,YAAAC,EAAa,WAAAC,EAAY,UAAAE,CAAU,CAClD,EAAE,EACD,QAASC,GACRA,aAAiB,uBACbA,EACA,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CACxC,CACJ,CAGQ,gBAAiB,CACvB,MAAMC,EAAQ,IAAI,YAAY,EAAE,OAAO,KAAK,YAAY,EAClDL,EAAc,WAAW,KAAK,CAAC,EAAMK,EAAM,OAAQ,GAAGA,CAAK,CAAC,EAClE,SAAO,cAAWL,CAAW,CAC/B,CAEQ,cAAcM,EAAmB,CACvC,MAAO,CAAE,QAAS,EAAG,QAAS,GAAI,cAAe,EAAG,UAAAA,CAAU,CAChE,CAEQ,wBACNC,EAC0C,CAC1C,MAAMC,EAAS,IAAI,qBAAgB,cAAWD,CAAG,CAAC,EAC5CE,EAAS,IAAI,IAChB,WAAa,CACZ,OAAa,CACX,MAAMC,EAAQF,EAAO,uBAAuB,EAC5C,GAAI,CAACE,EAAO,MACZ,KAAM,CAACA,EAAM,IAAKA,EAAM,KAAK,CAC/B,CACF,EAAG,CACL,EAGA,GAAID,EAAO,KAAO,GAChB,SAAO,QACL,IAAI,uBAAqB,wCAAwC,CACnE,EAGF,MAAME,EAAW,CAACC,EAAaC,IAC7B,QAAM,aAAaJ,EAAO,IAAIG,CAAG,CAAC,EAAE,SAClC,IAAI,uBAAqB,WAAWC,CAAS,QAAQ,CACvD,EAEF,SAAO,mBAAgB,CAErB,YAAa,IAAMF,EAAS,EAAM,cAAc,EAChD,QAAS,IAAMA,EAAS,EAAM,SAAS,EACvC,gBAAiB,IAAMA,EAAS,GAAM,kBAAkB,EACxD,KAAM,IAAMA,EAAS,GAAM,MAAM,EACjC,gBAAiB,IAAMA,EAAS,GAAM,kBAAkB,EAGxD,QAAS,IAAMA,EAAS,GAAM,UAAU,EACxC,UAAW,IAAMA,EAAS,GAAM,YAAY,EAC5C,cAAe,IAAMA,EAAS,GAAM,gBAAgB,EACpD,cAAe,IAAMA,EAAS,GAAM,gBAAgB,EACpD,iBAAkB,IAAMA,EAAS,GAAM,oBAAoB,CAC7D,CAAC,EAAE,IAAKG,GACN,WAAW,KACT,CACE,CAAC,EAAMA,EAAO,YAAY,OAAQ,GAAGA,EAAO,WAAW,EACvD,CAAC,EAAMA,EAAO,QAAQ,OAAQ,GAAGA,EAAO,OAAO,EAC/C,CAAC,GAAMA,EAAO,cAAc,OAAQ,GAAGA,EAAO,aAAa,EAC3D,CAAC,GAAMA,EAAO,gBAAgB,OAAQ,GAAGA,EAAO,eAAe,EAC/D,CAAC,GAAMA,EAAO,KAAK,OAAQ,GAAGA,EAAO,IAAI,EACzC,CAAC,GAAMA,EAAO,gBAAgB,OAAQ,GAAGA,EAAO,eAAe,CACjE,EAAE,KAAK,CACT,CACF,CACF,CACF",
6
6
  "names": ["SignChallengeWithKeypairTask_exports", "__export", "SignChallengeWithKeypairTask", "__toCommonJS", "import_device_management_kit", "import_purify_ts", "import_Errors", "import_crypto", "import_eitherSeqRecord", "import_hex", "keypair", "trustchainId", "challenge", "attestation", "credential", "hash", "signature", "error", "bytes", "publicKey", "tlv", "parser", "parsed", "field", "getField", "tag", "fieldName", "fields"]
7
7
  }
package/lib/cjs/internal/app-binder/task/utils/TrustedProperties.js CHANGED
@@ -1,2 +1,2 @@
1
- "use strict";var p=Object.defineProperty;var g=Object.getOwnPropertyDescriptor;var y=Object.getOwnPropertyNames;var c=Object.prototype.hasOwnProperty;var d=(e,r)=>{for(var i in r)p(e,i,{get:r[i],enumerable:!0})},u=(e,r,i,o)=>{if(r&&typeof r=="object"||typeof r=="function")for(let a of y(r))!c.call(e,a)&&a!==i&&p(e,a,{get:()=>r[a],enumerable:!(o=g(r,a))||o.enumerable});return e};var h=e=>u(p({},"__esModule",{value:!0}),e);var m={};d(m,{TrustedProperties:()=>l});module.exports=h(m);var P=require("@ledgerhq/device-management-kit"),t=require("purify-ts"),E=require("../../../../api/app-binder/Errors"),s=require("../../../utils/required"),n=require("../../../utils/TLVTags");class l{constructor(r){this.bytes=r;this.parser=new P.ByteArrayParser(r)}parser;iv=null;encryptedProps=null;getIv(){if(!this.iv){const r=this.parser.extractFieldTLVEncoded();if(!r||r.tag!==0)return(0,t.Left)(new E.LKRPParsingError("Invalid trusted property: missing IV"));this.iv=r.value}return(0,t.Right)(this.iv)}getIssuer(){return this.parseEncryptedProps().chain(r=>(0,s.required)(r.get(n.TPTags.ISSUER)?.value,"Missing issuer in trusted properties"))}getXPriv(){return this.parseEncryptedProps().chain(r=>(0,s.required)(r.get(n.TPTags.XPRIV)?.value,"Missing xpriv in trusted properties"))}getEphemeralPublicKey(){return this.parseEncryptedProps().chain(r=>(0,s.required)(r.get(n.TPTags.EPHEMERAL_PUBLIC_KEY)?.value,"Missing ephemeral public key in trusted properties"))}getCommandIv(){return this.parseEncryptedProps().chain(r=>(0,s.required)(r.get(n.TPTags.COMMAND_IV)?.value,"Missing command IV in trusted properties"))}getGroupKey(){return this.parseEncryptedProps().chain(r=>(0,s.required)(r.get(n.TPTags.GROUPKEY)?.value,"Missing group key in trusted properties"))}getNewMember(){return this.parseEncryptedProps().chain(r=>(0,s.required)(r.get(n.TPTags.NEW_MEMBER)?.tlv,"Missing new member in trusted properties"))}parseEncryptedProps(){return this.encryptedProps?(0,t.Right)(this.encryptedProps):this.getIv().chain(()=>t.Either.sequence(Array.from(R(this.parser)))).map(r=>new Map(r.map(i=>[i.tag,i]))).ifRight(r=>{this.encryptedProps=r})}}function*R(e){for(;;){const r=e.extractFieldTLVEncoded();if(!r)return;yield(0,t.Right)(r)}}0&&(module.exports={TrustedProperties});
1
+ "use strict";var p=Object.defineProperty;var g=Object.getOwnPropertyDescriptor;var y=Object.getOwnPropertyNames;var c=Object.prototype.hasOwnProperty;var d=(e,r)=>{for(var i in r)p(e,i,{get:r[i],enumerable:!0})},u=(e,r,i,o)=>{if(r&&typeof r=="object"||typeof r=="function")for(let a of y(r))!c.call(e,a)&&a!==i&&p(e,a,{get:()=>r[a],enumerable:!(o=g(r,a))||o.enumerable});return e};var h=e=>u(p({},"__esModule",{value:!0}),e);var m={};d(m,{TrustedProperties:()=>l});module.exports=h(m);var P=require("@ledgerhq/device-management-kit"),t=require("purify-ts"),E=require("../../../../api/app-binder/Errors"),s=require("../../../models/Tags"),n=require("../../../utils/required");class l{constructor(r){this.bytes=r;this.parser=new P.ByteArrayParser(r)}parser;iv=null;encryptedProps=null;getIv(){if(!this.iv){const r=this.parser.extractFieldTLVEncoded();if(!r||r.tag!==0)return(0,t.Left)(new E.LKRPParsingError("Invalid trusted property: missing IV"));this.iv=r.value}return(0,t.Right)(this.iv)}getIssuer(){return this.parseEncryptedProps().chain(r=>(0,n.required)(r.get(s.TPTags.ISSUER)?.value,"Missing issuer in trusted properties"))}getXPriv(){return this.parseEncryptedProps().chain(r=>(0,n.required)(r.get(s.TPTags.XPRIV)?.value,"Missing xpriv in trusted properties"))}getEphemeralPublicKey(){return this.parseEncryptedProps().chain(r=>(0,n.required)(r.get(s.TPTags.EPHEMERAL_PUBLIC_KEY)?.value,"Missing ephemeral public key in trusted properties"))}getCommandIv(){return this.parseEncryptedProps().chain(r=>(0,n.required)(r.get(s.TPTags.COMMAND_IV)?.value,"Missing command IV in trusted properties"))}getGroupKey(){return this.parseEncryptedProps().chain(r=>(0,n.required)(r.get(s.TPTags.GROUPKEY)?.value,"Missing group key in trusted properties"))}getNewMember(){return this.parseEncryptedProps().chain(r=>(0,n.required)(r.get(s.TPTags.NEW_MEMBER)?.tlv,"Missing new member in trusted properties"))}parseEncryptedProps(){return this.encryptedProps?(0,t.Right)(this.encryptedProps):this.getIv().chain(()=>t.Either.sequence(Array.from(R(this.parser)))).map(r=>new Map(r.map(i=>[i.tag,i]))).ifRight(r=>{this.encryptedProps=r})}}function*R(e){for(;;){const r=e.extractFieldTLVEncoded();if(!r)return;yield(0,t.Right)(r)}}0&&(module.exports={TrustedProperties});
2
2
  //# sourceMappingURL=TrustedProperties.js.map
package/lib/cjs/internal/app-binder/task/utils/TrustedProperties.js.map CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "version": 3,
3
3
  "sources": ["../../../../../../src/internal/app-binder/task/utils/TrustedProperties.ts"],
4
- "sourcesContent": ["import { ByteArrayParser } from \"@ledgerhq/device-management-kit\";\nimport { Either, Left, Right } from \"purify-ts\";\n\nimport {\n type LKRPMissingDataError,\n LKRPParsingError,\n} from \"@api/app-binder/Errors\";\nimport { required } from \"@internal/utils/required\";\nimport { TPTags } from \"@internal/utils/TLVTags\";\n\ntype EncryptedTPTag = Exclude<TPTags, TPTags.IV>;\ntype EncryptedTP = { tag: EncryptedTPTag; value: Uint8Array; tlv: Uint8Array };\n\nexport class TrustedProperties {\n private readonly parser: ByteArrayParser;\n private iv: Uint8Array | null = null;\n private encryptedProps: Map<EncryptedTPTag, EncryptedTP> | null = null;\n\n constructor(public readonly bytes: Uint8Array) {\n this.parser = new ByteArrayParser(bytes);\n }\n\n getIv(): Either<LKRPParsingError, Uint8Array> {\n if (!this.iv) {\n const field = this.parser.extractFieldTLVEncoded();\n if (!field || field.tag !== 0x00) {\n return Left(\n new LKRPParsingError(\"Invalid trusted property: missing IV\"),\n );\n }\n\n this.iv = field.value;\n }\n return Right(this.iv);\n }\n\n getIssuer(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n return this.parseEncryptedProps().chain((props) =>\n required(\n props.get(TPTags.ISSUER)?.value,\n \"Missing issuer in trusted properties\",\n ),\n );\n }\n\n getXPriv(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n return this.parseEncryptedProps().chain((props) =>\n required(\n props.get(TPTags.XPRIV)?.value,\n \"Missing xpriv in trusted properties\",\n ),\n );\n }\n\n getEphemeralPublicKey(): Either<\n LKRPParsingError | LKRPMissingDataError,\n Uint8Array\n > {\n return this.parseEncryptedProps().chain((props) =>\n required(\n props.get(TPTags.EPHEMERAL_PUBLIC_KEY)?.value,\n \"Missing ephemeral public key in trusted properties\",\n ),\n );\n }\n\n getCommandIv(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n return this.parseEncryptedProps().chain((props) =>\n required(\n props.get(TPTags.COMMAND_IV)?.value,\n \"Missing command IV in trusted properties\",\n ),\n );\n }\n\n getGroupKey(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n return this.parseEncryptedProps().chain((props) =>\n required(\n props.get(TPTags.GROUPKEY)?.value,\n \"Missing group key in trusted properties\",\n ),\n );\n }\n\n getNewMember(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n return this.parseEncryptedProps().chain((props) =>\n required(\n props.get(TPTags.NEW_MEMBER)?.tlv,\n \"Missing new member in trusted properties\",\n ),\n );\n }\n\n parseEncryptedProps(): Either<\n LKRPParsingError,\n Map<EncryptedTPTag, EncryptedTP>\n > {\n return this.encryptedProps\n ? Right(this.encryptedProps)\n : this.getIv()\n .chain(() => Either.sequence(Array.from(parseTPs(this.parser))))\n .map((fields) => new Map(fields.map((field) => [field.tag, field])))\n .ifRight((props) => {\n this.encryptedProps = props;\n });\n }\n}\n\nfunction* parseTPs(\n parser: ByteArrayParser,\n): Generator<Either<LKRPParsingError, EncryptedTP>> {\n while (true) {\n const field = parser.extractFieldTLVEncoded();\n if (!field) return;\n yield Right(field);\n }\n}\n"],
5
- "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,uBAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAAgC,2CAChCC,EAAoC,qBAEpCC,EAGO,kCACPC,EAAyB,oCACzBC,EAAuB,mCAKhB,MAAMN,CAAkB,CAK7B,YAA4BO,EAAmB,CAAnB,WAAAA,EAC1B,KAAK,OAAS,IAAI,kBAAgBA,CAAK,CACzC,CANiB,OACT,GAAwB,KACxB,eAA0D,KAMlE,OAA8C,CAC5C,GAAI,CAAC,KAAK,GAAI,CACZ,MAAMC,EAAQ,KAAK,OAAO,uBAAuB,EACjD,GAAI,CAACA,GAASA,EAAM,MAAQ,EAC1B,SAAO,QACL,IAAI,mBAAiB,sCAAsC,CAC7D,EAGF,KAAK,GAAKA,EAAM,KAClB,CACA,SAAO,SAAM,KAAK,EAAE,CACtB,CAEA,WAAyE,CACvE,OAAO,KAAK,oBAAoB,EAAE,MAAOC,MACvC,YACEA,EAAM,IAAI,SAAO,MAAM,GAAG,MAC1B,sCACF,CACF,CACF,CAEA,UAAwE,CACtE,OAAO,KAAK,oBAAoB,EAAE,MAAOA,MACvC,YACEA,EAAM,IAAI,SAAO,KAAK,GAAG,MACzB,qCACF,CACF,CACF,CAEA,uBAGE,CACA,OAAO,KAAK,oBAAoB,EAAE,MAAOA,MACvC,YACEA,EAAM,IAAI,SAAO,oBAAoB,GAAG,MACxC,oDACF,CACF,CACF,CAEA,cAA4E,CAC1E,OAAO,KAAK,oBAAoB,EAAE,MAAOA,MACvC,YACEA,EAAM,IAAI,SAAO,UAAU,GAAG,MAC9B,0CACF,CACF,CACF,CAEA,aAA2E,CACzE,OAAO,KAAK,oBAAoB,EAAE,MAAOA,MACvC,YACEA,EAAM,IAAI,SAAO,QAAQ,GAAG,MAC5B,yCACF,CACF,CACF,CAEA,cAA4E,CAC1E,OAAO,KAAK,oBAAoB,EAAE,MAAOA,MACvC,YACEA,EAAM,IAAI,SAAO,UAAU,GAAG,IAC9B,0CACF,CACF,CACF,CAEA,qBAGE,CACA,OAAO,KAAK,kBACR,SAAM,KAAK,cAAc,EACzB,KAAK,MAAM,EACR,MAAM,IAAM,SAAO,SAAS,MAAM,KAAKC,EAAS,KAAK,MAAM,CAAC,CAAC,CAAC,EAC9D,IAAKC,GAAW,IAAI,IAAIA,EAAO,IAAKH,GAAU,CAACA,EAAM,IAAKA,CAAK,CAAC,CAAC,CAAC,EAClE,QAASC,GAAU,CAClB,KAAK,eAAiBA,CACxB,CAAC,CACT,CACF,CAEA,SAAUC,EACRE,EACkD,CAClD,OAAa,CACX,MAAMJ,EAAQI,EAAO,uBAAuB,EAC5C,GAAI,CAACJ,EAAO,OACZ,QAAM,SAAMA,CAAK,CACnB,CACF",
6
- "names": ["TrustedProperties_exports", "__export", "TrustedProperties", "__toCommonJS", "import_device_management_kit", "import_purify_ts", "import_Errors", "import_required", "import_TLVTags", "bytes", "field", "props", "parseTPs", "fields", "parser"]
4
+ "sourcesContent": ["import { ByteArrayParser } from \"@ledgerhq/device-management-kit\";\nimport { Either, Left, Right } from \"purify-ts\";\n\nimport {\n type LKRPMissingDataError,\n LKRPParsingError,\n} from \"@api/app-binder/Errors\";\nimport { TPTags } from \"@internal/models/Tags\";\nimport { required } from \"@internal/utils/required\";\n\ntype EncryptedTPTag = Exclude<TPTags, TPTags.IV>;\ntype EncryptedTP = { tag: EncryptedTPTag; value: Uint8Array; tlv: Uint8Array };\n\nexport class TrustedProperties {\n private readonly parser: ByteArrayParser;\n private iv: Uint8Array | null = null;\n private encryptedProps: Map<EncryptedTPTag, EncryptedTP> | null = null;\n\n constructor(public readonly bytes: Uint8Array) {\n this.parser = new ByteArrayParser(bytes);\n }\n\n getIv(): Either<LKRPParsingError, Uint8Array> {\n if (!this.iv) {\n const field = this.parser.extractFieldTLVEncoded();\n if (!field || field.tag !== 0x00) {\n return Left(\n new LKRPParsingError(\"Invalid trusted property: missing IV\"),\n );\n }\n\n this.iv = field.value;\n }\n return Right(this.iv);\n }\n\n getIssuer(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n return this.parseEncryptedProps().chain((props) =>\n required(\n props.get(TPTags.ISSUER)?.value,\n \"Missing issuer in trusted properties\",\n ),\n );\n }\n\n getXPriv(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n return this.parseEncryptedProps().chain((props) =>\n required(\n props.get(TPTags.XPRIV)?.value,\n \"Missing xpriv in trusted properties\",\n ),\n );\n }\n\n getEphemeralPublicKey(): Either<\n LKRPParsingError | LKRPMissingDataError,\n Uint8Array\n > {\n return this.parseEncryptedProps().chain((props) =>\n required(\n props.get(TPTags.EPHEMERAL_PUBLIC_KEY)?.value,\n \"Missing ephemeral public key in trusted properties\",\n ),\n );\n }\n\n getCommandIv(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n return this.parseEncryptedProps().chain((props) =>\n required(\n props.get(TPTags.COMMAND_IV)?.value,\n \"Missing command IV in trusted properties\",\n ),\n );\n }\n\n getGroupKey(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n return this.parseEncryptedProps().chain((props) =>\n required(\n props.get(TPTags.GROUPKEY)?.value,\n \"Missing group key in trusted properties\",\n ),\n );\n }\n\n getNewMember(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n return this.parseEncryptedProps().chain((props) =>\n required(\n props.get(TPTags.NEW_MEMBER)?.tlv,\n \"Missing new member in trusted properties\",\n ),\n );\n }\n\n parseEncryptedProps(): Either<\n LKRPParsingError,\n Map<EncryptedTPTag, EncryptedTP>\n > {\n return this.encryptedProps\n ? Right(this.encryptedProps)\n : this.getIv()\n .chain(() => Either.sequence(Array.from(parseTPs(this.parser))))\n .map((fields) => new Map(fields.map((field) => [field.tag, field])))\n .ifRight((props) => {\n this.encryptedProps = props;\n });\n }\n}\n\nfunction* parseTPs(\n parser: ByteArrayParser,\n): Generator<Either<LKRPParsingError, EncryptedTP>> {\n while (true) {\n const field = parser.extractFieldTLVEncoded();\n if (!field) return;\n yield Right(field);\n }\n}\n"],
5
+ "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,uBAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAAgC,2CAChCC,EAAoC,qBAEpCC,EAGO,kCACPC,EAAuB,iCACvBC,EAAyB,oCAKlB,MAAMN,CAAkB,CAK7B,YAA4BO,EAAmB,CAAnB,WAAAA,EAC1B,KAAK,OAAS,IAAI,kBAAgBA,CAAK,CACzC,CANiB,OACT,GAAwB,KACxB,eAA0D,KAMlE,OAA8C,CAC5C,GAAI,CAAC,KAAK,GAAI,CACZ,MAAMC,EAAQ,KAAK,OAAO,uBAAuB,EACjD,GAAI,CAACA,GAASA,EAAM,MAAQ,EAC1B,SAAO,QACL,IAAI,mBAAiB,sCAAsC,CAC7D,EAGF,KAAK,GAAKA,EAAM,KAClB,CACA,SAAO,SAAM,KAAK,EAAE,CACtB,CAEA,WAAyE,CACvE,OAAO,KAAK,oBAAoB,EAAE,MAAOC,MACvC,YACEA,EAAM,IAAI,SAAO,MAAM,GAAG,MAC1B,sCACF,CACF,CACF,CAEA,UAAwE,CACtE,OAAO,KAAK,oBAAoB,EAAE,MAAOA,MACvC,YACEA,EAAM,IAAI,SAAO,KAAK,GAAG,MACzB,qCACF,CACF,CACF,CAEA,uBAGE,CACA,OAAO,KAAK,oBAAoB,EAAE,MAAOA,MACvC,YACEA,EAAM,IAAI,SAAO,oBAAoB,GAAG,MACxC,oDACF,CACF,CACF,CAEA,cAA4E,CAC1E,OAAO,KAAK,oBAAoB,EAAE,MAAOA,MACvC,YACEA,EAAM,IAAI,SAAO,UAAU,GAAG,MAC9B,0CACF,CACF,CACF,CAEA,aAA2E,CACzE,OAAO,KAAK,oBAAoB,EAAE,MAAOA,MACvC,YACEA,EAAM,IAAI,SAAO,QAAQ,GAAG,MAC5B,yCACF,CACF,CACF,CAEA,cAA4E,CAC1E,OAAO,KAAK,oBAAoB,EAAE,MAAOA,MACvC,YACEA,EAAM,IAAI,SAAO,UAAU,GAAG,IAC9B,0CACF,CACF,CACF,CAEA,qBAGE,CACA,OAAO,KAAK,kBACR,SAAM,KAAK,cAAc,EACzB,KAAK,MAAM,EACR,MAAM,IAAM,SAAO,SAAS,MAAM,KAAKC,EAAS,KAAK,MAAM,CAAC,CAAC,CAAC,EAC9D,IAAKC,GAAW,IAAI,IAAIA,EAAO,IAAKH,GAAU,CAACA,EAAM,IAAKA,CAAK,CAAC,CAAC,CAAC,EAClE,QAASC,GAAU,CAClB,KAAK,eAAiBA,CACxB,CAAC,CACT,CACF,CAEA,SAAUC,EACRE,EACkD,CAClD,OAAa,CACX,MAAMJ,EAAQI,EAAO,uBAAuB,EAC5C,GAAI,CAACJ,EAAO,OACZ,QAAM,SAAMA,CAAK,CACnB,CACF",
6
+ "names": ["TrustedProperties_exports", "__export", "TrustedProperties", "__toCommonJS", "import_device_management_kit", "import_purify_ts", "import_Errors", "import_Tags", "import_required", "bytes", "field", "props", "parseTPs", "fields", "parser"]
7
7
  }
package/lib/cjs/internal/lkrp-datasource/data/HttpLKRPDataSource.js CHANGED
@@ -1,2 +1,2 @@
1
- "use strict";var m=Object.defineProperty;var l=Object.getOwnPropertyDescriptor;var y=Object.getOwnPropertyNames;var R=Object.prototype.hasOwnProperty;var b=(o,t)=>{for(var e in t)m(o,e,{get:t[e],enumerable:!0})},T=(o,t,e,s)=>{if(t&&typeof t=="object"||typeof t=="function")for(let r of y(t))!R.call(o,r)&&r!==e&&m(o,r,{get:()=>t[r],enumerable:!(s=l(t,r))||s.enumerable});return o};var P=o=>T(m({},"__esModule",{value:!0}),o),p=(o,t,e,s)=>{for(var r=s>1?void 0:s?l(t,e):t,i=o.length-1,u;i>=0;i--)(u=o[i])&&(r=(s?u(t,e,r):u(r))||r);return s&&r&&m(t,e,r),r},d=(o,t)=>(e,s)=>t(e,s,o);var $={};b($,{HttpLKRPDataSource:()=>h});module.exports=P($);var c=require("inversify"),n=require("purify-ts"),a=require("../../../api/app-binder/Errors"),f=require("../../lkrp-datasource/di/lkrpDatasourceTypes"),g=require("../../utils/LKRPBlockStream");let h=class{constructor(t){this.baseUrl=t}getChallenge(){return this.request("/challenge",n.Nothing)}authenticate(t){return this.request("/authenticate",n.Nothing,{method:"POST",body:JSON.stringify(t)}).map(e=>({jwt:e,trustchainId:n.Maybe.fromNullable(Object.keys(e.permissions).find(s=>!!e.permissions[s]?.["m/"]))}))}getTrustchainById(t,e){return this.request(`/trustchain/${t}`,(0,n.Just)(e)).map(s=>Object.fromEntries(Object.entries(s).map(([r,i])=>[r,g.LKRPBlockStream.fromHex(i)])))}postDerivation(t,e,s){return this.request(`/trustchain/${t}/derivation`,(0,n.Just)(s),{method:"POST",body:JSON.stringify(e.toString())})}putCommands(t,e,s,r){return this.request(`/trustchain/${t}/commands`,(0,n.Just)(r),{method:"PUT",body:JSON.stringify({path:e,blocks:[s.toString()]})})}request(t,e,s){const r=this.baseUrl+t;return n.EitherAsync.fromPromise(async()=>{const i=await fetch(r,{...s,headers:{...s?.headers,"Content-Type":"application/json",...e.mapOrDefault(({access_token:u})=>({Authorization:`Bearer ${u}`}),{})}});switch(i.status){case 204:return(0,n.Right)(void 0);case 401:throw new a.LKRPUnauthorizedError(`Unauthorized request to ${r}: [${i.status}] ${i.statusText}`);default:if(!i.ok)throw new a.LKRPHttpRequestError(`Failed to fetch ${r}: [${i.status}] ${i.statusText}`);return(0,n.Right)(await i.json())}}).mapLeft(i=>i instanceof a.LKRPHttpRequestError?i:new a.LKRPHttpRequestError(i))}};h=p([(0,c.injectable)(),d(0,(0,c.inject)(f.lkrpDatasourceTypes.BaseUrl))],h);0&&(module.exports={HttpLKRPDataSource});
1
+ "use strict";var c=Object.defineProperty;var l=Object.getOwnPropertyDescriptor;var R=Object.getOwnPropertyNames;var P=Object.prototype.hasOwnProperty;var S=(i,t)=>{for(var r in t)c(i,r,{get:t[r],enumerable:!0})},T=(i,t,r,e)=>{if(t&&typeof t=="object"||typeof t=="function")for(let s of R(t))!P.call(i,s)&&s!==r&&c(i,s,{get:()=>t[s],enumerable:!(e=l(t,s))||e.enumerable});return i};var b=i=>T(c({},"__esModule",{value:!0}),i),g=(i,t,r,e)=>{for(var s=e>1?void 0:e?l(t,r):t,m=i.length-1,n;m>=0;m--)(n=i[m])&&(s=(e?n(t,r,s):n(s))||s);return e&&s&&c(t,r,s),s},f=(i,t)=>(r,e)=>t(r,e,i);var k={};S(k,{HttpLKRPDataSource:()=>u});module.exports=b(k);var h=require("inversify"),a=require("purify-ts"),p=require("../../../api/app-binder/Errors"),d=require("../../lkrp-datasource/di/lkrpDatasourceTypes"),y=require("../../utils/LKRPBlockStream");let u=class{constructor(t){this.baseUrl=t}getChallenge(){return this.request("/challenge",a.Nothing)}authenticate(t){return this.request("/authenticate",a.Nothing,{method:"POST",body:JSON.stringify(t)}).map(r=>({jwt:r,trustchainId:a.Maybe.fromNullable(Object.keys(r.permissions).find(e=>!!r.permissions[e]?.["m/"]))}))}getTrustchainById(t,r){return this.request(`/trustchain/${t}`,(0,a.Just)(r)).map(e=>Object.fromEntries(Object.entries(e).map(([s,m])=>[s,y.LKRPBlockStream.fromHex(m)])))}postDerivation(t,r,e){return this.request(`/trustchain/${t}/derivation`,(0,a.Just)(e),{method:"POST",body:JSON.stringify(r.toString())})}putCommands(t,r,e,s){return this.request(`/trustchain/${t}/commands`,(0,a.Just)(s),{method:"PUT",body:JSON.stringify({path:r,blocks:[e.toString()]})})}request(t,r,e){const s=this.baseUrl+t,m={...e?.headers,"Content-Type":"application/json",...r.mapOrDefault(({access_token:n})=>({Authorization:`Bearer ${n}`}),{})};return(0,a.EitherAsync)(()=>fetch(s,{...e,headers:m})).mapLeft(n=>({status:"UNKNOWN",message:n.message||"Unknown error"})).chain(async n=>{switch(n.status){case 204:return(0,a.Right)(void 0);default:return(0,a.EitherAsync)(()=>n.json()).mapLeft(o=>o.message).map(o=>n.ok?(0,a.Right)(o):(0,a.Left)(o.message)).chain(a.EitherAsync.liftEither).mapLeft(o=>({status:E.get(n.status)??"UNKNOWN",message:`[${n.status}] ${o||n.statusText}`}))}}).mapLeft(({status:n,message:o})=>new p.LKRPDataSourceError({status:n,message:`${o??"Unknown error"} (from: ${s})`}))}};u=g([(0,h.injectable)(),f(0,(0,h.inject)(d.lkrpDatasourceTypes.BaseUrl))],u);const E=new Map([[400,"BAD_REQUEST"],[401,"UNAUTHORIZED"]]);0&&(module.exports={HttpLKRPDataSource});
2
2
  //# sourceMappingURL=HttpLKRPDataSource.js.map
package/lib/cjs/internal/lkrp-datasource/data/HttpLKRPDataSource.js.map CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "version": 3,
3
3
  "sources": ["../../../../../src/internal/lkrp-datasource/data/HttpLKRPDataSource.ts"],
4
- "sourcesContent": ["import { inject, injectable } from \"inversify\";\nimport { EitherAsync, Just, Maybe, Nothing, Right } from \"purify-ts\";\n\nimport {\n LKRPHttpRequestError,\n LKRPUnauthorizedError,\n} from \"@api/app-binder/Errors\";\nimport { JWT } from \"@api/app-binder/LKRPTypes\";\nimport { lkrpDatasourceTypes } from \"@internal/lkrp-datasource/di/lkrpDatasourceTypes\";\nimport { LKRPBlock } from \"@internal/utils/LKRPBlock\";\nimport { LKRPBlockStream } from \"@internal/utils/LKRPBlockStream\";\n\nimport {\n AuthenticationPayload,\n Challenge,\n LKRPDataSource,\n} from \"./LKRPDataSource\";\n\n@injectable()\nexport class HttpLKRPDataSource implements LKRPDataSource {\n constructor(\n @inject(lkrpDatasourceTypes.BaseUrl) private readonly baseUrl: string,\n ) {}\n\n getChallenge() {\n return this.request<Challenge>(\"/challenge\", Nothing);\n }\n\n authenticate(payload: AuthenticationPayload) {\n return this.request<JWT>(\"/authenticate\", Nothing, {\n method: \"POST\",\n body: JSON.stringify(payload),\n }).map((jwt) => ({\n jwt,\n trustchainId: Maybe.fromNullable(\n Object.keys(jwt.permissions).find((id) =>\n Boolean(jwt.permissions[id]?.[\"m/\"]),\n ),\n ),\n }));\n }\n\n getTrustchainById(id: string, jwt: JWT) {\n return this.request<{ [path: string]: string }>(\n `/trustchain/${id}`,\n Just(jwt),\n ).map((serialized) =>\n Object.fromEntries(\n Object.entries(serialized).map(([path, stream]) => [\n path,\n LKRPBlockStream.fromHex(stream),\n ]),\n ),\n );\n }\n\n postDerivation(id: string, block: LKRPBlock, jwt: JWT) {\n return this.request<void>(`/trustchain/${id}/derivation`, Just(jwt), {\n method: \"POST\",\n body: JSON.stringify(block.toString()),\n });\n }\n\n putCommands(id: string, path: string, block: LKRPBlock, jwt: JWT) {\n return this.request<void>(`/trustchain/${id}/commands`, Just(jwt), {\n method: \"PUT\",\n body: JSON.stringify({ path, blocks: [block.toString()] }),\n });\n }\n\n private request<Res>(\n endpoint: `/${string}`,\n jwt: Maybe<{ access_token: string }>,\n init?: RequestInit,\n ): EitherAsync<LKRPHttpRequestError, Res> {\n const href = this.baseUrl + endpoint;\n\n return EitherAsync.fromPromise(async () => {\n const response = await fetch(href, {\n ...init,\n headers: {\n ...init?.headers,\n \"Content-Type\": \"application/json\",\n ...jwt.mapOrDefault<{ Authorization?: string }>(\n ({ access_token }) => ({ Authorization: `Bearer ${access_token}` }),\n {},\n ),\n },\n });\n switch (response.status) {\n case 204:\n return Right(undefined as Res);\n\n case 401:\n throw new LKRPUnauthorizedError(\n `Unauthorized request to ${href}: [${response.status}] ${response.statusText}`,\n );\n\n default:\n if (!response.ok) {\n throw new LKRPHttpRequestError(\n `Failed to fetch ${href}: [${response.status}] ${response.statusText}`,\n );\n }\n return Right((await response.json()) as Res);\n }\n }).mapLeft((error: unknown) =>\n error instanceof LKRPHttpRequestError\n ? error\n : new LKRPHttpRequestError(error),\n );\n }\n}\n"],
5
- "mappings": "okBAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,wBAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAAmC,qBACnCC,EAAyD,qBAEzDC,EAGO,kCAEPC,EAAoC,4DAEpCC,EAAgC,2CASzB,IAAMC,EAAN,KAAmD,CACxD,YACwDC,EACtD,CADsD,aAAAA,CACrD,CAEH,cAAe,CACb,OAAO,KAAK,QAAmB,aAAc,SAAO,CACtD,CAEA,aAAaC,EAAgC,CAC3C,OAAO,KAAK,QAAa,gBAAiB,UAAS,CACjD,OAAQ,OACR,KAAM,KAAK,UAAUA,CAAO,CAC9B,CAAC,EAAE,IAAKC,IAAS,CACf,IAAAA,EACA,aAAc,QAAM,aAClB,OAAO,KAAKA,EAAI,WAAW,EAAE,KAAMC,GACjC,EAAQD,EAAI,YAAYC,CAAE,IAAI,IAAI,CACpC,CACF,CACF,EAAE,CACJ,CAEA,kBAAkBA,EAAYD,EAAU,CACtC,OAAO,KAAK,QACV,eAAeC,CAAE,MACjB,QAAKD,CAAG,CACV,EAAE,IAAKE,GACL,OAAO,YACL,OAAO,QAAQA,CAAU,EAAE,IAAI,CAAC,CAACC,EAAMC,CAAM,IAAM,CACjDD,EACA,kBAAgB,QAAQC,CAAM,CAChC,CAAC,CACH,CACF,CACF,CAEA,eAAeH,EAAYI,EAAkBL,EAAU,CACrD,OAAO,KAAK,QAAc,eAAeC,CAAE,iBAAe,QAAKD,CAAG,EAAG,CACnE,OAAQ,OACR,KAAM,KAAK,UAAUK,EAAM,SAAS,CAAC,CACvC,CAAC,CACH,CAEA,YAAYJ,EAAYE,EAAcE,EAAkBL,EAAU,CAChE,OAAO,KAAK,QAAc,eAAeC,CAAE,eAAa,QAAKD,CAAG,EAAG,CACjE,OAAQ,MACR,KAAM,KAAK,UAAU,CAAE,KAAAG,EAAM,OAAQ,CAACE,EAAM,SAAS,CAAC,CAAE,CAAC,CAC3D,CAAC,CACH,CAEQ,QACNC,EACAN,EACAO,EACwC,CACxC,MAAMC,EAAO,KAAK,QAAUF,EAE5B,OAAO,cAAY,YAAY,SAAY,CACzC,MAAMG,EAAW,MAAM,MAAMD,EAAM,CACjC,GAAGD,EACH,QAAS,CACP,GAAGA,GAAM,QACT,eAAgB,mBAChB,GAAGP,EAAI,aACL,CAAC,CAAE,aAAAU,CAAa,KAAO,CAAE,cAAe,UAAUA,CAAY,EAAG,GACjE,CAAC,CACH,CACF,CACF,CAAC,EACD,OAAQD,EAAS,OAAQ,CACvB,IAAK,KACH,SAAO,SAAM,MAAgB,EAE/B,IAAK,KACH,MAAM,IAAI,wBACR,2BAA2BD,CAAI,MAAMC,EAAS,MAAM,KAAKA,EAAS,UAAU,EAC9E,EAEF,QACE,GAAI,CAACA,EAAS,GACZ,MAAM,IAAI,uBACR,mBAAmBD,CAAI,MAAMC,EAAS,MAAM,KAAKA,EAAS,UAAU,EACtE,EAEF,SAAO,SAAO,MAAMA,EAAS,KAAK,CAAS,CAC/C,CACF,CAAC,EAAE,QAASE,GACVA,aAAiB,uBACbA,EACA,IAAI,uBAAqBA,CAAK,CACpC,CACF,CACF,EA7Fad,EAANe,EAAA,IADN,cAAW,EAGPC,EAAA,eAAO,sBAAoB,OAAO,IAF1BhB",
6
- "names": ["HttpLKRPDataSource_exports", "__export", "HttpLKRPDataSource", "__toCommonJS", "import_inversify", "import_purify_ts", "import_Errors", "import_lkrpDatasourceTypes", "import_LKRPBlockStream", "HttpLKRPDataSource", "baseUrl", "payload", "jwt", "id", "serialized", "path", "stream", "block", "endpoint", "init", "href", "response", "access_token", "error", "__decorateClass", "__decorateParam"]
4
+ "sourcesContent": ["import { inject, injectable } from \"inversify\";\nimport { EitherAsync, Just, Left, Maybe, Nothing, Right } from \"purify-ts\";\n\nimport {\n LKRPDataSourceError,\n LKRPDataSourceErrorStatus,\n} from \"@api/app-binder/Errors\";\nimport { JWT } from \"@api/app-binder/LKRPTypes\";\nimport { lkrpDatasourceTypes } from \"@internal/lkrp-datasource/di/lkrpDatasourceTypes\";\nimport { LKRPBlock } from \"@internal/utils/LKRPBlock\";\nimport { LKRPBlockStream } from \"@internal/utils/LKRPBlockStream\";\n\nimport {\n AuthenticationPayload,\n Challenge,\n LKRPDataSource,\n} from \"./LKRPDataSource\";\n\n@injectable()\nexport class HttpLKRPDataSource implements LKRPDataSource {\n constructor(\n @inject(lkrpDatasourceTypes.BaseUrl) private readonly baseUrl: string,\n ) {}\n\n getChallenge() {\n return this.request<Challenge>(\"/challenge\", Nothing);\n }\n\n authenticate(payload: AuthenticationPayload) {\n return this.request<JWT>(\"/authenticate\", Nothing, {\n method: \"POST\",\n body: JSON.stringify(payload),\n }).map((jwt) => ({\n jwt,\n trustchainId: Maybe.fromNullable(\n Object.keys(jwt.permissions).find((id) =>\n Boolean(jwt.permissions[id]?.[\"m/\"]),\n ),\n ),\n }));\n }\n\n getTrustchainById(id: string, jwt: JWT) {\n return this.request<{ [path: string]: string }>(\n `/trustchain/${id}`,\n Just(jwt),\n ).map((serialized) =>\n Object.fromEntries(\n Object.entries(serialized).map(([path, stream]) => [\n path,\n LKRPBlockStream.fromHex(stream),\n ]),\n ),\n );\n }\n\n postDerivation(id: string, block: LKRPBlock, jwt: JWT) {\n return this.request<void>(`/trustchain/${id}/derivation`, Just(jwt), {\n method: \"POST\",\n body: JSON.stringify(block.toString()),\n });\n }\n\n putCommands(id: string, path: string, block: LKRPBlock, jwt: JWT) {\n return this.request<void>(`/trustchain/${id}/commands`, Just(jwt), {\n method: \"PUT\",\n body: JSON.stringify({ path, blocks: [block.toString()] }),\n });\n }\n\n private request<Res>(\n endpoint: `/${string}`,\n jwt: Maybe<{ access_token: string }>,\n init?: RequestInit,\n ): EitherAsync<LKRPDataSourceError, Res> {\n const href = this.baseUrl + endpoint;\n const headers = {\n ...init?.headers,\n \"Content-Type\": \"application/json\",\n ...jwt.mapOrDefault<{ Authorization?: string }>(\n ({ access_token }) => ({ Authorization: `Bearer ${access_token}` }),\n {},\n ),\n };\n\n return EitherAsync(() => fetch(href, { ...init, headers }))\n .mapLeft((err) => ({\n status: \"UNKNOWN\" as const,\n message: (err as Partial<Error>).message || \"Unknown error\",\n }))\n .chain(async (response) => {\n switch (response.status) {\n case 204:\n return Right(undefined as Res);\n\n default:\n return EitherAsync(() => response.json())\n .mapLeft((err) => (err as Partial<Error>).message)\n .map((data) =>\n response.ok\n ? Right(data as Res)\n : Left((data as { message?: string }).message),\n )\n .chain(EitherAsync.liftEither)\n .mapLeft((message) => ({\n status: statusMap.get(response.status) ?? \"UNKNOWN\",\n message: `[${response.status}] ${message || response.statusText}`,\n }));\n }\n })\n .mapLeft(\n ({ status, message }) =>\n new LKRPDataSourceError({\n status,\n message: `${message ?? \"Unknown error\"} (from: ${href})`,\n }),\n );\n }\n}\n\nconst statusMap = new Map<unknown, LKRPDataSourceErrorStatus>([\n [400, \"BAD_REQUEST\"],\n [401, \"UNAUTHORIZED\"],\n]);\n"],
5
+ "mappings": "okBAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,wBAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAAmC,qBACnCC,EAA+D,qBAE/DC,EAGO,kCAEPC,EAAoC,4DAEpCC,EAAgC,2CASzB,IAAMC,EAAN,KAAmD,CACxD,YACwDC,EACtD,CADsD,aAAAA,CACrD,CAEH,cAAe,CACb,OAAO,KAAK,QAAmB,aAAc,SAAO,CACtD,CAEA,aAAaC,EAAgC,CAC3C,OAAO,KAAK,QAAa,gBAAiB,UAAS,CACjD,OAAQ,OACR,KAAM,KAAK,UAAUA,CAAO,CAC9B,CAAC,EAAE,IAAKC,IAAS,CACf,IAAAA,EACA,aAAc,QAAM,aAClB,OAAO,KAAKA,EAAI,WAAW,EAAE,KAAMC,GACjC,EAAQD,EAAI,YAAYC,CAAE,IAAI,IAAI,CACpC,CACF,CACF,EAAE,CACJ,CAEA,kBAAkBA,EAAYD,EAAU,CACtC,OAAO,KAAK,QACV,eAAeC,CAAE,MACjB,QAAKD,CAAG,CACV,EAAE,IAAKE,GACL,OAAO,YACL,OAAO,QAAQA,CAAU,EAAE,IAAI,CAAC,CAACC,EAAMC,CAAM,IAAM,CACjDD,EACA,kBAAgB,QAAQC,CAAM,CAChC,CAAC,CACH,CACF,CACF,CAEA,eAAeH,EAAYI,EAAkBL,EAAU,CACrD,OAAO,KAAK,QAAc,eAAeC,CAAE,iBAAe,QAAKD,CAAG,EAAG,CACnE,OAAQ,OACR,KAAM,KAAK,UAAUK,EAAM,SAAS,CAAC,CACvC,CAAC,CACH,CAEA,YAAYJ,EAAYE,EAAcE,EAAkBL,EAAU,CAChE,OAAO,KAAK,QAAc,eAAeC,CAAE,eAAa,QAAKD,CAAG,EAAG,CACjE,OAAQ,MACR,KAAM,KAAK,UAAU,CAAE,KAAAG,EAAM,OAAQ,CAACE,EAAM,SAAS,CAAC,CAAE,CAAC,CAC3D,CAAC,CACH,CAEQ,QACNC,EACAN,EACAO,EACuC,CACvC,MAAMC,EAAO,KAAK,QAAUF,EACtBG,EAAU,CACd,GAAGF,GAAM,QACT,eAAgB,mBAChB,GAAGP,EAAI,aACL,CAAC,CAAE,aAAAU,CAAa,KAAO,CAAE,cAAe,UAAUA,CAAY,EAAG,GACjE,CAAC,CACH,CACF,EAEA,SAAO,eAAY,IAAM,MAAMF,EAAM,CAAE,GAAGD,EAAM,QAAAE,CAAQ,CAAC,CAAC,EACvD,QAASE,IAAS,CACjB,OAAQ,UACR,QAAUA,EAAuB,SAAW,eAC9C,EAAE,EACD,MAAM,MAAOC,GAAa,CACzB,OAAQA,EAAS,OAAQ,CACvB,IAAK,KACH,SAAO,SAAM,MAAgB,EAE/B,QACE,SAAO,eAAY,IAAMA,EAAS,KAAK,CAAC,EACrC,QAASD,GAASA,EAAuB,OAAO,EAChD,IAAKE,GACJD,EAAS,MACL,SAAMC,CAAW,KACjB,QAAMA,EAA8B,OAAO,CACjD,EACC,MAAM,cAAY,UAAU,EAC5B,QAASC,IAAa,CACrB,OAAQC,EAAU,IAAIH,EAAS,MAAM,GAAK,UAC1C,QAAS,IAAIA,EAAS,MAAM,KAAKE,GAAWF,EAAS,UAAU,EACjE,EAAE,CACR,CACF,CAAC,EACA,QACC,CAAC,CAAE,OAAAI,EAAQ,QAAAF,CAAQ,IACjB,IAAI,sBAAoB,CACtB,OAAAE,EACA,QAAS,GAAGF,GAAW,eAAe,WAAWN,CAAI,GACvD,CAAC,CACL,CACJ,CACF,EAnGaX,EAANoB,EAAA,IADN,cAAW,EAGPC,EAAA,eAAO,sBAAoB,OAAO,IAF1BrB,GAqGb,MAAMkB,EAAY,IAAI,IAAwC,CAC5D,CAAC,IAAK,aAAa,EACnB,CAAC,IAAK,cAAc,CACtB,CAAC",
6
+ "names": ["HttpLKRPDataSource_exports", "__export", "HttpLKRPDataSource", "__toCommonJS", "import_inversify", "import_purify_ts", "import_Errors", "import_lkrpDatasourceTypes", "import_LKRPBlockStream", "HttpLKRPDataSource", "baseUrl", "payload", "jwt", "id", "serialized", "path", "stream", "block", "endpoint", "init", "href", "headers", "access_token", "err", "response", "data", "message", "statusMap", "status", "__decorateClass", "__decorateParam"]
7
7
  }
package/lib/cjs/internal/lkrp-datasource/data/HttpLKRPDataSource.test.js CHANGED
@@ -1,2 +1,2 @@
1
- "use strict";var o=require("purify-ts"),u=require("../../../api/app-binder/Errors"),h=require("../../utils/LKRPBlock"),m=require("../../utils/LKRPBlockStream"),c=require("./HttpLKRPDataSource");const r={access_token:"ACCESS TOKEN",permissions:{TRUSTCHAIN_ID:{"m/":["owner"]}}},i={version:0,challenge:{data:"1010101010010101010",expiry:"2025-06-30T10:00:00Z"},host:"example.com",rp:[{credential:{version:0,curveId:33,signAlgorithm:1,publicKey:"aaaaaaaaaaaaaaaaaaaaaaaaaa"},signature:"abababababababab"}],protocolVersion:{major:1,minor:0,patch:0}},l={credential:{version:0,curveId:33,signAlgorithm:1,publicKey:"bbbbbbbbbbbbbbbbbbbbbbbbbbb"},signature:"acacacacacacacac",attestation:"0000000000000000"};describe("HttpLKRPDataSource",()=>{const a=vi.spyOn(global,"fetch"),t="https://example.com";afterEach(()=>{a.mockClear()}),describe("getChallenge",()=>{it("should fetch challenge successfully",async()=>{const e={tlv:"0f1234567890",json:i};a.mockResolvedValueOnce({ok:!0,json:()=>Promise.resolve(e)});const n=await new c.HttpLKRPDataSource(t).getChallenge();expect(a).toHaveBeenCalledWith(`${t}/challenge`,{headers:{"Content-Type":"application/json"}}),expect(n).toEqual((0,o.Right)(e))}),it("should handle fetch error",async()=>{const e=new Error("Random error");a.mockRejectedValueOnce(e);const n=await new c.HttpLKRPDataSource(t).getChallenge();expect(n).toEqual((0,o.Left)(new u.LKRPHttpRequestError(e)))})}),describe("authenticate",()=>{it("should fetch a JWT when the authentication is successful",async()=>{a.mockResolvedValueOnce({ok:!0,json:()=>Promise.resolve(r)});const s=await new c.HttpLKRPDataSource(t).authenticate({challenge:i,signature:l});expect(a).toHaveBeenCalledWith(`${t}/authenticate`,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({challenge:i,signature:l})}),expect(s).toEqual((0,o.Right)({jwt:r,trustchainId:(0,o.Just)("TRUSTCHAIN_ID")}))}),it("should return no trustchainId the returned JWT does not contain one",async()=>{const e={access_token:"ACCESS TOKEN",permissions:{}};a.mockResolvedValueOnce({ok:!0,json:()=>Promise.resolve(e)});const n=await new c.HttpLKRPDataSource(t).authenticate({challenge:i,signature:l});expect(n).toEqual((0,o.Right)({jwt:e,trustchainId:o.Nothing}))}),it("should handle authentication error",async()=>{a.mockResolvedValueOnce({ok:!1,status:401,statusText:"Unauthorized"});const s=await new c.HttpLKRPDataSource(t).authenticate({challenge:i,signature:l});expect(s).toEqual((0,o.Left)(new u.LKRPUnauthorizedError(`Unauthorized request to ${t}/authenticate: [401] Unauthorized`)))})}),describe("getTrustchainById",()=>{it("should fetch trustchain by ID successfully",async()=>{const e={"m/":"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1e1d","m/16'":"1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b"};a.mockResolvedValueOnce({ok:!0,json:()=>Promise.resolve(e)});const n=await new c.HttpLKRPDataSource(t).getTrustchainById("TRUSTCHAIN_ID",r);expect(a).toHaveBeenCalledWith(`${t}/trustchain/TRUSTCHAIN_ID`,{headers:{"Content-Type":"application/json",Authorization:`Bearer ${r.access_token}`}}),expect(n).toEqual((0,o.Right)({"m/":m.LKRPBlockStream.fromHex("0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1e1d"),"m/16'":m.LKRPBlockStream.fromHex("1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b")}))}),it("should handle errors",async()=>{a.mockResolvedValueOnce({ok:!1,status:500,statusText:"Internal Server Error"});const s=await new c.HttpLKRPDataSource(t).getTrustchainById("TRUSTCHAIN_ID",r);expect(s).toEqual((0,o.Left)(new u.LKRPHttpRequestError(`Failed to fetch ${t}/trustchain/TRUSTCHAIN_ID: [500] Internal Server Error`)))})}),describe("postDerivation",()=>{it("should post derivation successfully",async()=>{const e="0102030405060708090a0b0c0d0e0f",s=h.LKRPBlock.fromHex(e);a.mockResolvedValueOnce({ok:!0,status:204});const d=await new c.HttpLKRPDataSource(t).postDerivation("TRUSTCHAIN_ID",s,r);expect(a).toHaveBeenCalledWith(`${t}/trustchain/TRUSTCHAIN_ID/derivation`,{method:"POST",headers:{"Content-Type":"application/json",Authorization:`Bearer ${r.access_token}`},body:JSON.stringify(e)}),expect(d).toEqual((0,o.Right)(void 0))})}),describe("putCommands",()=>{it("should put commands successfully",async()=>{const e="0102030405060708090a0b0c0d0e0f",s=h.LKRPBlock.fromHex(e);a.mockResolvedValueOnce({ok:!0,status:204});const d=await new c.HttpLKRPDataSource(t).putCommands("TRUSTCHAIN_ID","m/0'/16'/0'",s,r);expect(a).toHaveBeenCalledWith(`${t}/trustchain/TRUSTCHAIN_ID/commands`,{method:"PUT",headers:{"Content-Type":"application/json",Authorization:`Bearer ${r.access_token}`},body:JSON.stringify({path:"m/0'/16'/0'",blocks:[e]})}),expect(d).toEqual((0,o.Right)(void 0))})})});
1
+ "use strict";var o=require("purify-ts"),l=require("../../../api/app-binder/Errors"),h=require("../../utils/LKRPBlock"),m=require("../../utils/LKRPBlockStream"),c=require("./HttpLKRPDataSource");const r={access_token:"ACCESS TOKEN",permissions:{TRUSTCHAIN_ID:{"m/":["owner"]}}},i={version:0,challenge:{data:"1010101010010101010",expiry:"2025-06-30T10:00:00Z"},host:"example.com",rp:[{credential:{version:0,curveId:33,signAlgorithm:1,publicKey:"aaaaaaaaaaaaaaaaaaaaaaaaaa"},signature:"abababababababab"}],protocolVersion:{major:1,minor:0,patch:0}},u={credential:{version:0,curveId:33,signAlgorithm:1,publicKey:"bbbbbbbbbbbbbbbbbbbbbbbbbbb"},signature:"acacacacacacacac",attestation:"0000000000000000"};describe("HttpLKRPDataSource",()=>{const a=vi.spyOn(global,"fetch"),t="https://example.com";afterEach(()=>{a.mockClear()}),describe("getChallenge",()=>{it("should fetch challenge successfully",async()=>{const e={tlv:"0f1234567890",json:i};a.mockResolvedValueOnce({ok:!0,json:()=>Promise.resolve(e)});const n=await new c.HttpLKRPDataSource(t).getChallenge();expect(a).toHaveBeenCalledWith(`${t}/challenge`,{headers:{"Content-Type":"application/json"}}),expect(n).toEqual((0,o.Right)(e))}),it("should handle fetch error",async()=>{const e={status:"UNKNOWN",message:"Random error"};a.mockRejectedValueOnce(e);const n=await new c.HttpLKRPDataSource(t).getChallenge();expect(n).toEqual((0,o.Left)(new l.LKRPDataSourceError({status:"UNKNOWN",message:`Random error (from: ${t}/challenge)`})))})}),describe("authenticate",()=>{it("should fetch a JWT when the authentication is successful",async()=>{a.mockResolvedValueOnce({ok:!0,json:()=>Promise.resolve(r)});const s=await new c.HttpLKRPDataSource(t).authenticate({challenge:i,signature:u});expect(a).toHaveBeenCalledWith(`${t}/authenticate`,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({challenge:i,signature:u})}),expect(s).toEqual((0,o.Right)({jwt:r,trustchainId:(0,o.Just)("TRUSTCHAIN_ID")}))}),it("should return no trustchainId the returned JWT does not contain one",async()=>{const e={access_token:"ACCESS TOKEN",permissions:{}};a.mockResolvedValueOnce({ok:!0,json:()=>Promise.resolve(e)});const n=await new c.HttpLKRPDataSource(t).authenticate({challenge:i,signature:u});expect(n).toEqual((0,o.Right)({jwt:e,trustchainId:o.Nothing}))}),it("should handle authentication error",async()=>{a.mockResolvedValueOnce({ok:!1,status:401,statusText:"Unauthorized",json:()=>Promise.resolve({message:"Unauthorized access"})});const s=await new c.HttpLKRPDataSource(t).authenticate({challenge:i,signature:u});expect(s).toEqual((0,o.Left)(new l.LKRPDataSourceError({status:"UNAUTHORIZED",message:`[401] Unauthorized access (from: ${t}/authenticate)`})))})}),describe("getTrustchainById",()=>{it("should fetch trustchain by ID successfully",async()=>{const e={"m/":"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1e1d","m/16'":"1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b"};a.mockResolvedValueOnce({ok:!0,json:()=>Promise.resolve(e)});const n=await new c.HttpLKRPDataSource(t).getTrustchainById("TRUSTCHAIN_ID",r);expect(a).toHaveBeenCalledWith(`${t}/trustchain/TRUSTCHAIN_ID`,{headers:{"Content-Type":"application/json",Authorization:`Bearer ${r.access_token}`}}),expect(n).toEqual((0,o.Right)({"m/":m.LKRPBlockStream.fromHex("0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1e1d"),"m/16'":m.LKRPBlockStream.fromHex("1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b")}))}),it("should handle errors",async()=>{a.mockResolvedValueOnce({ok:!1,status:500,statusText:"Internal Server Error",json:()=>Promise.resolve({})});const s=await new c.HttpLKRPDataSource(t).getTrustchainById("TRUSTCHAIN_ID",r);expect(s).toEqual((0,o.Left)(new l.LKRPDataSourceError({status:"UNKNOWN",message:`[500] Internal Server Error (from: ${t}/trustchain/TRUSTCHAIN_ID)`})))})}),describe("postDerivation",()=>{it("should post derivation successfully",async()=>{const e="0102030405060708090a0b0c0d0e0f",s=h.LKRPBlock.fromHex(e);a.mockResolvedValueOnce({ok:!0,status:204});const d=await new c.HttpLKRPDataSource(t).postDerivation("TRUSTCHAIN_ID",s,r);expect(a).toHaveBeenCalledWith(`${t}/trustchain/TRUSTCHAIN_ID/derivation`,{method:"POST",headers:{"Content-Type":"application/json",Authorization:`Bearer ${r.access_token}`},body:JSON.stringify(e)}),expect(d).toEqual((0,o.Right)(void 0))})}),describe("putCommands",()=>{it("should put commands successfully",async()=>{const e="0102030405060708090a0b0c0d0e0f",s=h.LKRPBlock.fromHex(e);a.mockResolvedValueOnce({ok:!0,status:204});const d=await new c.HttpLKRPDataSource(t).putCommands("TRUSTCHAIN_ID","m/0'/16'/0'",s,r);expect(a).toHaveBeenCalledWith(`${t}/trustchain/TRUSTCHAIN_ID/commands`,{method:"PUT",headers:{"Content-Type":"application/json",Authorization:`Bearer ${r.access_token}`},body:JSON.stringify({path:"m/0'/16'/0'",blocks:[e]})}),expect(d).toEqual((0,o.Right)(void 0))})})});
2
2
  //# sourceMappingURL=HttpLKRPDataSource.test.js.map