npm - @ledgerhq/device-trusted-app-kit-ledger-keyring-protocol - Versions diffs - 0.0.0-legacy-speculos-datasource-20250820121907 → 0.0.0-lifi-with-logger-20251208144248 - Mend

@ledgerhq/device-trusted-app-kit-ledger-keyring-protocol 0.0.0-legacy-speculos-datasource-20250820121907 → 0.0.0-lifi-with-logger-20251208144248

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (542) hide show

package/lib/esm/internal/app-binder/task/SignBlockTask.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../../src/internal/app-binder/task/SignBlockTask.ts"],
-  "sourcesContent": ["import {\n  bufferToHexaString,\n  CommandResultStatus,\n  type InternalApi,\n  UnknownDAError,\n} from \"@ledgerhq/device-management-kit\";\nimport { Either, EitherAsync, Left, Right } from \"purify-ts\";\n\nimport {\n  type LKRPHttpRequestError,\n  type LKRPMissingDataError,\n  type LKRPParsingError,\n} from \"@api/app-binder/Errors\";\nimport { type JWT, type Keypair } from \"@api/index\";\nimport { SignBlockHeaderCommand } from \"@internal/app-binder/command/SignBlockHeader\";\nimport { SignBlockSignatureCommand } from \"@internal/app-binder/command/SignBlockSignatureCommand\";\nimport { SignBlockSingleCommand } from \"@internal/app-binder/command/SignBlockSingleCommand\";\nimport { type LKRPDeviceCommandError } from \"@internal/app-binder/command/utils/ledgerKeyringProtocolErrors\";\nimport { type LKRPDataSource } from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport { CryptoUtils } from \"@internal/utils/crypto\";\nimport {\n  eitherAsyncSeqRecord,\n  eitherSeqRecord,\n} from \"@internal/utils/eitherSeqRecord\";\nimport { LKRPBlock } from \"@internal/utils/LKRPBlock\";\nimport { LKRPCommand } from \"@internal/utils/LKRPCommand\";\nimport { CommandTags, GeneralTags } from \"@internal/utils/TLVTags\";\nimport {\n  type AddMemberUnsignedData,\n  type EncryptedCommand,\n  type EncryptedDeriveCommand,\n  type EncryptedPublishKeyCommand,\n} from \"@internal/utils/types\";\n\nimport { TrustedProperties } from \"./utils/TrustedProperties\";\n\ntype BlockFlow =\n  | { type: \"derive\"; data: AddMemberBlockData }\n  | { type: \"addMember\"; data: AddMemberBlockData };\n\ntype AddMemberBlockData = {\n  name: string;\n  publicKey: Uint8Array;\n  permissions: number;\n};\n\ntype HeaderPayload = {\n  iv: Uint8Array;\n  issuer: Uint8Array;\n};\ntype SignaturePayload = {\n  secret: Uint8Array;\n  signature: Uint8Array;\n};\n\ntype EncryptedBlock = {\n  header: HeaderPayload;\n  commands: EncryptedCommand[];\n  signature: SignaturePayload;\n};\n\nexport type SignBlockError =\n  | LKRPDeviceCommandError\n  | LKRPParsingError\n  | LKRPMissingDataError\n  | LKRPHttpRequestError\n  | UnknownDAError;\n\nexport type SignBlockTaskInput = {\n  lkrpDataSource: LKRPDataSource;\n  trustchainId: string;\n  path: string;\n  jwt: JWT;\n  parent: Uint8Array;\n  blockFlow: BlockFlow;\n  sessionKeypair: Keypair;\n};\n\nexport const ISSUER_PLACEHOLDER = new Uint8Array([\n  3, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,\n  0, 0, 0, 0, 0, 0, 0,\n]);\n\nexport class SignBlockTask {\n  constructor(private readonly api: InternalApi) {}\n\n  run({\n    lkrpDataSource,\n    trustchainId,\n    path,\n    jwt,\n    parent,\n    blockFlow,\n    sessionKeypair,\n  }: SignBlockTaskInput): EitherAsync<SignBlockError, void> {\n    const commands = this.signCommands(path, blockFlow);\n    return eitherAsyncSeqRecord({\n      header: this.signBlockHeader(parent, commands.length),\n      commands: EitherAsync.sequence(commands),\n      signature: this.signBlockSignature(sessionKeypair),\n    })\n      .chain((encryptedBlock) =>\n        EitherAsync.liftEither(this.decryptBlock(parent, encryptedBlock)),\n      )\n      .chain((block) => {\n        switch (blockFlow.type) {\n          case \"derive\":\n            return lkrpDataSource.postDerivation(trustchainId, block, jwt);\n          case \"addMember\":\n            return lkrpDataSource.putCommands(trustchainId, path, block, jwt);\n        }\n      });\n  }\n\n  signBlockHeader(\n    parent: Uint8Array,\n    commandCount: number,\n  ): EitherAsync<SignBlockError, HeaderPayload> {\n    return EitherAsync.fromPromise(async () => {\n      const header = Uint8Array.from(\n        [\n          [GeneralTags.Int, 1, 1], // Version 1\n          [GeneralTags.Hash, parent.length, ...parent], // Parent block hash\n          [\n            GeneralTags.PublicKey,\n            ISSUER_PLACEHOLDER.length,\n            ...ISSUER_PLACEHOLDER,\n          ], // Placeholder for issuer public key (will be replaced by the device)\n          [GeneralTags.Int, 1, commandCount],\n        ].flat(),\n      );\n      try {\n        const response = await this.api.sendCommand(\n          new SignBlockHeaderCommand({ header }),\n        );\n        if (response.status !== CommandResultStatus.Success) {\n          return Left(response.error);\n        }\n        const trustedProps = new TrustedProperties(response.data);\n        return eitherSeqRecord({\n          iv: () => trustedProps.getIv(),\n          issuer: () => trustedProps.getIssuer(),\n        }) as Either<SignBlockError, HeaderPayload>;\n      } catch (error) {\n        return Left(new UnknownDAError(String(error)));\n      }\n    });\n  }\n\n  signBlockSignature(\n    sessionKeypair: Keypair,\n  ): EitherAsync<SignBlockError, SignaturePayload> {\n    return EitherAsync.fromPromise(async () => {\n      try {\n        const response = await this.api.sendCommand(\n          new SignBlockSignatureCommand(),\n        );\n        if (response.status !== CommandResultStatus.Success) {\n          return Left(response.error);\n        }\n        const { signature, deviceSessionKey } = response.data;\n        // At this step, the shared secret is used directly as an encryption key after removing the first byte\n        const secret = sessionKeypair.ecdh(deviceSessionKey).slice(1);\n        return Right({ signature, secret });\n      } catch (error) {\n        return Left(new UnknownDAError(String(error)));\n      }\n    });\n  }\n\n  signCommands(\n    applicationPath: string,\n    block: BlockFlow,\n  ): EitherAsync<SignBlockError, EncryptedCommand>[] {\n    switch (block.type) {\n      case \"derive\":\n        return [\n          this.signDeriveCommand(applicationPath),\n          this.signAddMemberCommand(block.data),\n          this.signPublishKeyCommand(block.data),\n        ];\n      case \"addMember\":\n        return [\n          this.signAddMemberCommand(block.data),\n          this.signPublishKeyCommand(block.data),\n        ];\n    }\n  }\n\n  signSingleCommand(command: Uint8Array) {\n    return EitherAsync.fromPromise(\n      async (): Promise<Either<SignBlockError, TrustedProperties>> => {\n        try {\n          const response = await this.api.sendCommand(\n            new SignBlockSingleCommand({ command }),\n          );\n          if (response.status !== CommandResultStatus.Success) {\n            return Left(response.error);\n          }\n          return Right(new TrustedProperties(response.data));\n        } catch (error) {\n          return Left(new UnknownDAError(String(error)));\n        }\n      },\n    );\n  }\n\n  signDeriveCommand(applicationPath: string) {\n    return this.signSingleCommand(\n      LKRPCommand.bytesFromUnsignedData({\n        type: CommandTags.Derive,\n        path: applicationPath,\n      }),\n    ).chain((trustedProps) =>\n      EitherAsync.liftEither<SignBlockError, EncryptedDeriveCommand>(\n        eitherSeqRecord({\n          type: CommandTags.Derive,\n          path: applicationPath,\n          iv: () => trustedProps.getIv(),\n          xpriv: () => trustedProps.getXPriv(),\n          ephemeralPublicKey: () => trustedProps.getEphemeralPublicKey(),\n          commandIv: () => trustedProps.getCommandIv(),\n          groupKey: () => trustedProps.getGroupKey(),\n          newMember: () => trustedProps.getNewMember(), // Just validate it's there\n        }),\n      ),\n    );\n  }\n\n  signAddMemberCommand({ name, publicKey, permissions }: AddMemberBlockData) {\n    return this.signSingleCommand(\n      LKRPCommand.bytesFromUnsignedData({\n        type: CommandTags.AddMember,\n        name,\n        publicKey,\n        permissions,\n      }),\n    ).chain((trustedProps) =>\n      EitherAsync.liftEither<SignBlockError, AddMemberUnsignedData>(\n        eitherSeqRecord({\n          type: CommandTags.AddMember,\n          name,\n          publicKey,\n          permissions,\n          iv: () => trustedProps.getIv(), // Just validate it's there\n          newMember: () => trustedProps.getNewMember(), // Just validate it's there\n        }),\n      ),\n    );\n  }\n\n  signPublishKeyCommand({ publicKey }: Pick<AddMemberBlockData, \"publicKey\">) {\n    return this.signSingleCommand(\n      LKRPCommand.bytesFromUnsignedData({\n        type: CommandTags.PublishKey,\n        recipient: publicKey,\n      }),\n    ).chain((trustedProps) =>\n      EitherAsync.liftEither<SignBlockError, EncryptedPublishKeyCommand>(\n        eitherSeqRecord({\n          type: CommandTags.PublishKey,\n          recipient: publicKey,\n          iv: () => trustedProps.getIv(),\n          xpriv: () => trustedProps.getXPriv(),\n          ephemeralPublicKey: () => trustedProps.getEphemeralPublicKey(),\n          commandIv: () => trustedProps.getCommandIv(),\n          newMember: () => trustedProps.getNewMember(), // Just validate it's there,\n        }),\n      ),\n    );\n  }\n\n  decryptBlock(\n    parent: Uint8Array,\n    { header, commands, signature }: EncryptedBlock,\n  ): Either<SignBlockError, LKRPBlock> {\n    const decryptedIssuer = CryptoUtils.decrypt(\n      signature.secret,\n      header.iv,\n      header.issuer,\n    );\n    return Either.sequence(\n      commands.map((command) => this.decryptCommand(signature.secret, command)),\n    ).map((decryptedCommands) =>\n      LKRPBlock.fromData({\n        parent: bufferToHexaString(parent),\n        issuer: decryptedIssuer,\n        commands: decryptedCommands,\n        signature: signature.signature,\n      }),\n    );\n  }\n\n  decryptCommand(\n    secret: Uint8Array,\n    command: EncryptedCommand,\n  ): Either<UnknownDAError, LKRPCommand> {\n    switch (command.type) {\n      case CommandTags.Derive:\n      case CommandTags.PublishKey: {\n        const encryptedXpriv = CryptoUtils.decrypt(\n          secret,\n          command.iv,\n          command.xpriv,\n        );\n        return Right(\n          LKRPCommand.fromData({\n            ...command,\n            initializationVector: command.commandIv,\n            encryptedXpriv,\n          }),\n        );\n      }\n      case CommandTags.AddMember:\n        return Right(LKRPCommand.fromData({ ...command }));\n      default:\n        return Left(new UnknownDAError(\"Unsupported command type\"));\n    }\n  }\n}\n"],
-  "mappings": "AAAA,OACE,sBAAAA,EACA,uBAAAC,EAEA,kBAAAC,MACK,kCACP,OAAS,UAAAC,EAAQ,eAAAC,EAAa,QAAAC,EAAM,SAAAC,MAAa,YAQjD,OAAS,0BAAAC,MAA8B,+CACvC,OAAS,6BAAAC,MAAiC,yDAC1C,OAAS,0BAAAC,MAA8B,sDAGvC,OAAS,eAAAC,MAAmB,yBAC5B,OACE,wBAAAC,EACA,mBAAAC,MACK,kCACP,OAAS,aAAAC,MAAiB,4BAC1B,OAAS,eAAAC,MAAmB,8BAC5B,OAAS,eAAAC,EAAa,eAAAC,MAAmB,0BAQzC,OAAS,qBAAAC,MAAyB,4BA4C3B,MAAMC,EAAqB,IAAI,WAAW,CAC/C,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,EAC3E,EAAG,EAAG,EAAG,EAAG,EAAG,EAAG,CACpB,CAAC,EAEM,MAAMC,CAAc,CACzB,YAA6BC,EAAkB,CAAlB,SAAAA,CAAmB,CAEhD,IAAI,CACF,eAAAC,EACA,aAAAC,EACA,KAAAC,EACA,IAAAC,EACA,OAAAC,EACA,UAAAC,EACA,eAAAC,CACF,EAA0D,CACxD,MAAMC,EAAW,KAAK,aAAaL,EAAMG,CAAS,EAClD,OAAOf,EAAqB,CAC1B,OAAQ,KAAK,gBAAgBc,EAAQG,EAAS,MAAM,EACpD,SAAUxB,EAAY,SAASwB,CAAQ,EACvC,UAAW,KAAK,mBAAmBD,CAAc,CACnD,CAAC,EACE,MAAOE,GACNzB,EAAY,WAAW,KAAK,aAAaqB,EAAQI,CAAc,CAAC,CAClE,EACC,MAAOC,GAAU,CAChB,OAAQJ,EAAU,KAAM,CACtB,IAAK,SACH,OAAOL,EAAe,eAAeC,EAAcQ,EAAON,CAAG,EAC/D,IAAK,YACH,OAAOH,EAAe,YAAYC,EAAcC,EAAMO,EAAON,CAAG,CACpE,CACF,CAAC,CACL,CAEA,gBACEC,EACAM,EAC4C,CAC5C,OAAO3B,EAAY,YAAY,SAAY,CACzC,MAAM4B,EAAS,WAAW,KACxB,CACE,CAAChB,EAAY,IAAK,EAAG,CAAC,EACtB,CAACA,EAAY,KAAMS,EAAO,OAAQ,GAAGA,CAAM,EAC3C,CACET,EAAY,UACZE,EAAmB,OACnB,GAAGA,CACL,EACA,CAACF,EAAY,IAAK,EAAGe,CAAY,CACnC,EAAE,KAAK,CACT,EACA,GAAI,CACF,MAAME,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI1B,EAAuB,CAAE,OAAAyB,CAAO,CAAC,CACvC,EACA,GAAIC,EAAS,SAAWhC,EAAoB,QAC1C,OAAOI,EAAK4B,EAAS,KAAK,EAE5B,MAAMC,EAAe,IAAIjB,EAAkBgB,EAAS,IAAI,EACxD,OAAOrB,EAAgB,CACrB,GAAI,IAAMsB,EAAa,MAAM,EAC7B,OAAQ,IAAMA,EAAa,UAAU,CACvC,CAAC,CACH,OAASC,EAAO,CACd,OAAO9B,EAAK,IAAIH,EAAe,OAAOiC,CAAK,CAAC,CAAC,CAC/C,CACF,CAAC,CACH,CAEA,mBACER,EAC+C,CAC/C,OAAOvB,EAAY,YAAY,SAAY,CACzC,GAAI,CACF,MAAM6B,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAIzB,CACN,EACA,GAAIyB,EAAS,SAAWhC,EAAoB,QAC1C,OAAOI,EAAK4B,EAAS,KAAK,EAE5B,KAAM,CAAE,UAAAG,EAAW,iBAAAC,CAAiB,EAAIJ,EAAS,KAE3CK,EAASX,EAAe,KAAKU,CAAgB,EAAE,MAAM,CAAC,EAC5D,OAAO/B,EAAM,CAAE,UAAA8B,EAAW,OAAAE,CAAO,CAAC,CACpC,OAASH,EAAO,CACd,OAAO9B,EAAK,IAAIH,EAAe,OAAOiC,CAAK,CAAC,CAAC,CAC/C,CACF,CAAC,CACH,CAEA,aACEI,EACAT,EACiD,CACjD,OAAQA,EAAM,KAAM,CAClB,IAAK,SACH,MAAO,CACL,KAAK,kBAAkBS,CAAe,EACtC,KAAK,qBAAqBT,EAAM,IAAI,EACpC,KAAK,sBAAsBA,EAAM,IAAI,CACvC,EACF,IAAK,YACH,MAAO,CACL,KAAK,qBAAqBA,EAAM,IAAI,EACpC,KAAK,sBAAsBA,EAAM,IAAI,CACvC,CACJ,CACF,CAEA,kBAAkBU,EAAqB,CACrC,OAAOpC,EAAY,YACjB,SAAgE,CAC9D,GAAI,CACF,MAAM6B,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAIxB,EAAuB,CAAE,QAAA+B,CAAQ,CAAC,CACxC,EACA,OAAIP,EAAS,SAAWhC,EAAoB,QACnCI,EAAK4B,EAAS,KAAK,EAErB3B,EAAM,IAAIW,EAAkBgB,EAAS,IAAI,CAAC,CACnD,OAASE,EAAO,CACd,OAAO9B,EAAK,IAAIH,EAAe,OAAOiC,CAAK,CAAC,CAAC,CAC/C,CACF,CACF,CACF,CAEA,kBAAkBI,EAAyB,CACzC,OAAO,KAAK,kBACVzB,EAAY,sBAAsB,CAChC,KAAMC,EAAY,OAClB,KAAMwB,CACR,CAAC,CACH,EAAE,MAAOL,GACP9B,EAAY,WACVQ,EAAgB,CACd,KAAMG,EAAY,OAClB,KAAMwB,EACN,GAAI,IAAML,EAAa,MAAM,EAC7B,MAAO,IAAMA,EAAa,SAAS,EACnC,mBAAoB,IAAMA,EAAa,sBAAsB,EAC7D,UAAW,IAAMA,EAAa,aAAa,EAC3C,SAAU,IAAMA,EAAa,YAAY,EACzC,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,qBAAqB,CAAE,KAAAO,EAAM,UAAAC,EAAW,YAAAC,CAAY,EAAuB,CACzE,OAAO,KAAK,kBACV7B,EAAY,sBAAsB,CAChC,KAAMC,EAAY,UAClB,KAAA0B,EACA,UAAAC,EACA,YAAAC,CACF,CAAC,CACH,EAAE,MAAOT,GACP9B,EAAY,WACVQ,EAAgB,CACd,KAAMG,EAAY,UAClB,KAAA0B,EACA,UAAAC,EACA,YAAAC,EACA,GAAI,IAAMT,EAAa,MAAM,EAC7B,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,sBAAsB,CAAE,UAAAQ,CAAU,EAA0C,CAC1E,OAAO,KAAK,kBACV5B,EAAY,sBAAsB,CAChC,KAAMC,EAAY,WAClB,UAAW2B,CACb,CAAC,CACH,EAAE,MAAOR,GACP9B,EAAY,WACVQ,EAAgB,CACd,KAAMG,EAAY,WAClB,UAAW2B,EACX,GAAI,IAAMR,EAAa,MAAM,EAC7B,MAAO,IAAMA,EAAa,SAAS,EACnC,mBAAoB,IAAMA,EAAa,sBAAsB,EAC7D,UAAW,IAAMA,EAAa,aAAa,EAC3C,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,aACET,EACA,CAAE,OAAAO,EAAQ,SAAAJ,EAAU,UAAAQ,CAAU,EACK,CACnC,MAAMQ,EAAkBlC,EAAY,QAClC0B,EAAU,OACVJ,EAAO,GACPA,EAAO,MACT,EACA,OAAO7B,EAAO,SACZyB,EAAS,IAAKY,GAAY,KAAK,eAAeJ,EAAU,OAAQI,CAAO,CAAC,CAC1E,EAAE,IAAKK,GACLhC,EAAU,SAAS,CACjB,OAAQb,EAAmByB,CAAM,EACjC,OAAQmB,EACR,SAAUC,EACV,UAAWT,EAAU,SACvB,CAAC,CACH,CACF,CAEA,eACEE,EACAE,EACqC,CACrC,OAAQA,EAAQ,KAAM,CACpB,KAAKzB,EAAY,OACjB,KAAKA,EAAY,WAAY,CAC3B,MAAM+B,EAAiBpC,EAAY,QACjC4B,EACAE,EAAQ,GACRA,EAAQ,KACV,EACA,OAAOlC,EACLQ,EAAY,SAAS,CACnB,GAAG0B,EACH,qBAAsBA,EAAQ,UAC9B,eAAAM,CACF,CAAC,CACH,CACF,CACA,KAAK/B,EAAY,UACf,OAAOT,EAAMQ,EAAY,SAAS,CAAE,GAAG0B,CAAQ,CAAC,CAAC,EACnD,QACE,OAAOnC,EAAK,IAAIH,EAAe,0BAA0B,CAAC,CAC9D,CACF,CACF",
-  "names": ["bufferToHexaString", "CommandResultStatus", "UnknownDAError", "Either", "EitherAsync", "Left", "Right", "SignBlockHeaderCommand", "SignBlockSignatureCommand", "SignBlockSingleCommand", "CryptoUtils", "eitherAsyncSeqRecord", "eitherSeqRecord", "LKRPBlock", "LKRPCommand", "CommandTags", "GeneralTags", "TrustedProperties", "ISSUER_PLACEHOLDER", "SignBlockTask", "api", "lkrpDataSource", "trustchainId", "path", "jwt", "parent", "blockFlow", "sessionKeypair", "commands", "encryptedBlock", "block", "commandCount", "header", "response", "trustedProps", "error", "signature", "deviceSessionKey", "secret", "applicationPath", "command", "name", "publicKey", "permissions", "decryptedIssuer", "decryptedCommands", "encryptedXpriv"]
+  "sourcesContent": ["import {\n  bufferToHexaString,\n  CommandResultStatus,\n  type InternalApi,\n} from \"@ledgerhq/device-management-kit\";\nimport { Either, EitherAsync, Left, Right } from \"purify-ts\";\n\nimport { type CryptoService, EncryptionAlgo } from \"@api/crypto/CryptoService\";\nimport { type KeyPair } from \"@api/crypto/KeyPair\";\nimport {\n  LKRPDataSourceError,\n  type LKRPMissingDataError,\n  LKRPOutdatedTrustchainError,\n  type LKRPParsingError,\n  LKRPUnknownError,\n  LKRPUnsupportedCommandError,\n} from \"@api/model/Errors\";\nimport { type JWT } from \"@api/model/JWT\";\nimport { SignBlockHeaderCommand } from \"@internal/app-binder/command/SignBlockHeader\";\nimport { SignBlockSignatureCommand } from \"@internal/app-binder/command/SignBlockSignatureCommand\";\nimport { SignBlockSingleCommand } from \"@internal/app-binder/command/SignBlockSingleCommand\";\nimport { type LKRPDeviceCommandError } from \"@internal/app-binder/command/utils/ledgerKeyringProtocolErrors\";\nimport { type LKRPDataSource } from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport {\n  type AddMemberUnsignedData,\n  type EncryptedCommand,\n  type EncryptedDeriveCommand,\n  type EncryptedPublishKeyCommand,\n} from \"@internal/models/LKRPCommandTypes\";\nimport { CommandTags } from \"@internal/models/Tags\";\nimport {\n  eitherAsyncSeqRecord,\n  eitherSeqRecord,\n} from \"@internal/utils/eitherSeqRecord\";\nimport { LKRPBlock } from \"@internal/utils/LKRPBlock\";\nimport { LKRPCommand } from \"@internal/utils/LKRPCommand\";\n\nimport { TrustedProperties } from \"./utils/TrustedProperties\";\n\ntype BlockFlow =\n  | { type: \"derive\"; data: AddMemberBlockData }\n  | { type: \"addMember\"; data: AddMemberBlockData };\n\ntype AddMemberBlockData = {\n  name: string;\n  publicKey: Uint8Array;\n  permissions: number;\n};\n\ntype HeaderPayload = {\n  iv: Uint8Array;\n  issuer: Uint8Array;\n};\ntype SignaturePayload = {\n  secret: Uint8Array;\n  signature: Uint8Array;\n};\n\ntype EncryptedBlock = {\n  header: HeaderPayload;\n  commands: EncryptedCommand[];\n  signature: SignaturePayload;\n};\n\ntype SignBlockError =\n  | LKRPDeviceCommandError\n  | LKRPParsingError\n  | LKRPMissingDataError\n  | LKRPDataSourceError\n  | LKRPOutdatedTrustchainError\n  | LKRPUnknownError;\n\nexport type SignBlockTaskInput = {\n  lkrpDataSource: LKRPDataSource;\n  trustchainId: string;\n  path: string;\n  jwt: JWT;\n  parent: Uint8Array;\n  blockFlow: BlockFlow;\n  sessionKeypair: KeyPair;\n};\n\nexport class SignBlockTask {\n  constructor(\n    private readonly api: InternalApi,\n    private readonly cryptoService: CryptoService,\n  ) {}\n\n  run({\n    lkrpDataSource,\n    trustchainId,\n    path,\n    jwt,\n    parent,\n    blockFlow,\n    sessionKeypair,\n  }: SignBlockTaskInput): EitherAsync<SignBlockError, void> {\n    const commands = this.signCommands(path, blockFlow);\n    return eitherAsyncSeqRecord({\n      header: this.signBlockHeader(parent, commands.length),\n      commands: EitherAsync.sequence(commands),\n      signature: this.signBlockSignature(sessionKeypair),\n    })\n      .chain(async (encryptedBlock) =>\n        this.decryptBlock(parent, encryptedBlock),\n      )\n      .chain((block) => {\n        switch (blockFlow.type) {\n          case \"derive\":\n            return lkrpDataSource.postDerivation(trustchainId, block, jwt);\n          case \"addMember\":\n            return lkrpDataSource.putCommands(trustchainId, path, block, jwt);\n        }\n      })\n      .mapLeft((error) =>\n        error instanceof LKRPDataSourceError && error.status === \"BAD_REQUEST\"\n          ? new LKRPOutdatedTrustchainError()\n          : error,\n      );\n  }\n\n  signBlockHeader(\n    parent: Uint8Array,\n    commandCount: number,\n  ): EitherAsync<SignBlockError, HeaderPayload> {\n    return EitherAsync.fromPromise(async () => {\n      try {\n        const response = await this.api.sendCommand(\n          new SignBlockHeaderCommand({ parent, commandCount }),\n        );\n        if (response.status !== CommandResultStatus.Success) {\n          return Left(response.error);\n        }\n        const trustedProps = new TrustedProperties(response.data);\n        return eitherSeqRecord({\n          iv: () => trustedProps.getIv(),\n          issuer: () => trustedProps.getIssuer(),\n        }) as Either<SignBlockError, HeaderPayload>;\n      } catch (error) {\n        return Left(new LKRPUnknownError(String(error)));\n      }\n    });\n  }\n\n  signBlockSignature(\n    sessionKeypair: KeyPair,\n  ): EitherAsync<SignBlockError, SignaturePayload> {\n    return EitherAsync.fromPromise(async () => {\n      try {\n        const response = await this.api.sendCommand(\n          new SignBlockSignatureCommand(),\n        );\n        if (response.status !== CommandResultStatus.Success) {\n          return Left(response.error);\n        }\n        const { signature, deviceSessionKey } = response.data;\n        // At this step, the shared secret is used directly as an encryption key after removing the first byte\n        const secret = (\n          await sessionKeypair.deriveSharedSecret(deviceSessionKey)\n        ).slice(1);\n        return Right({ signature, secret });\n      } catch (error) {\n        return Left(new LKRPUnknownError(String(error)));\n      }\n    });\n  }\n\n  signCommands(\n    applicationPath: string,\n    block: BlockFlow,\n  ): EitherAsync<SignBlockError, EncryptedCommand>[] {\n    switch (block.type) {\n      case \"derive\":\n        return [\n          this.signDeriveCommand(applicationPath),\n          this.signAddMemberCommand(block.data),\n          this.signPublishKeyCommand(block.data),\n        ];\n      case \"addMember\":\n        return [\n          this.signAddMemberCommand(block.data),\n          this.signPublishKeyCommand(block.data),\n        ];\n    }\n  }\n\n  signSingleCommand(command: Uint8Array) {\n    return EitherAsync.fromPromise(\n      async (): Promise<Either<SignBlockError, TrustedProperties>> => {\n        try {\n          const response = await this.api.sendCommand(\n            new SignBlockSingleCommand({ command }),\n          );\n          if (response.status !== CommandResultStatus.Success) {\n            return Left(response.error);\n          }\n          return Right(new TrustedProperties(response.data));\n        } catch (error) {\n          return Left(new LKRPUnknownError(String(error)));\n        }\n      },\n    );\n  }\n\n  signDeriveCommand(applicationPath: string) {\n    return this.signSingleCommand(\n      LKRPCommand.bytesFromUnsignedData({\n        type: CommandTags.Derive,\n        path: applicationPath,\n      }),\n    ).chain((trustedProps) =>\n      EitherAsync.liftEither<SignBlockError, EncryptedDeriveCommand>(\n        eitherSeqRecord({\n          type: CommandTags.Derive,\n          path: applicationPath,\n          iv: () => trustedProps.getIv(),\n          xpriv: () => trustedProps.getXPriv(),\n          ephemeralPublicKey: () => trustedProps.getEphemeralPublicKey(),\n          commandIv: () => trustedProps.getCommandIv(),\n          groupKey: () => trustedProps.getGroupKey(),\n          newMember: () => trustedProps.getNewMember(), // Just validate it's there\n        }),\n      ),\n    );\n  }\n\n  signAddMemberCommand({ name, publicKey, permissions }: AddMemberBlockData) {\n    return this.signSingleCommand(\n      LKRPCommand.bytesFromUnsignedData({\n        type: CommandTags.AddMember,\n        name,\n        publicKey,\n        permissions,\n      }),\n    ).chain((trustedProps) =>\n      EitherAsync.liftEither<SignBlockError, AddMemberUnsignedData>(\n        eitherSeqRecord({\n          type: CommandTags.AddMember,\n          name,\n          publicKey,\n          permissions,\n          iv: () => trustedProps.getIv(), // Just validate it's there\n          newMember: () => trustedProps.getNewMember(), // Just validate it's there\n        }),\n      ),\n    );\n  }\n\n  signPublishKeyCommand({ publicKey }: Pick<AddMemberBlockData, \"publicKey\">) {\n    return this.signSingleCommand(\n      LKRPCommand.bytesFromUnsignedData({\n        type: CommandTags.PublishKey,\n        recipient: publicKey,\n      }),\n    ).chain((trustedProps) =>\n      EitherAsync.liftEither<SignBlockError, EncryptedPublishKeyCommand>(\n        eitherSeqRecord({\n          type: CommandTags.PublishKey,\n          recipient: publicKey,\n          iv: () => trustedProps.getIv(),\n          xpriv: () => trustedProps.getXPriv(),\n          ephemeralPublicKey: () => trustedProps.getEphemeralPublicKey(),\n          commandIv: () => trustedProps.getCommandIv(),\n          newMember: () => trustedProps.getNewMember(), // Just validate it's there,\n        }),\n      ),\n    );\n  }\n\n  decryptBlock(\n    parent: Uint8Array,\n    { header, commands, signature }: EncryptedBlock,\n  ): EitherAsync<SignBlockError, LKRPBlock> {\n    return EitherAsync(async ({ throwE }) => {\n      const key = this.cryptoService.importSymmetricKey(\n        signature.secret,\n        EncryptionAlgo.AES256_GCM,\n      );\n      const decryptedIssuer = await key.decrypt(header.iv, header.issuer);\n      return Either.sequence(\n        await Promise.all(\n          commands.map((command) =>\n            this.decryptCommand(signature.secret, command).run(),\n          ),\n        ),\n      ).caseOf({\n        Left: (error) => {\n          throwE(error);\n          throw error;\n        },\n        Right: (decryptedCommands) =>\n          LKRPBlock.fromData({\n            parent: bufferToHexaString(parent),\n            issuer: decryptedIssuer,\n            commands: decryptedCommands,\n            signature: signature.signature,\n          }),\n      });\n    });\n  }\n\n  decryptCommand(\n    secret: Uint8Array,\n    command: EncryptedCommand,\n  ): EitherAsync<LKRPUnknownError, LKRPCommand> {\n    return EitherAsync<LKRPUnknownError, LKRPCommand>(async ({ throwE }) => {\n      switch (command.type) {\n        case CommandTags.Derive:\n        case CommandTags.PublishKey: {\n          const key = this.cryptoService.importSymmetricKey(\n            secret,\n            EncryptionAlgo.AES256_GCM,\n          );\n          const encryptedXpriv = await key.decrypt(command.iv, command.xpriv);\n          return LKRPCommand.fromData({\n            ...command,\n            initializationVector: command.commandIv,\n            encryptedXpriv,\n          });\n        }\n        case CommandTags.AddMember:\n          return LKRPCommand.fromData({ ...command });\n        default:\n          throwE(new LKRPUnsupportedCommandError(command));\n          throw new LKRPUnsupportedCommandError(command);\n      }\n    });\n  }\n}\n"],
+  "mappings": "AAAA,OACE,sBAAAA,EACA,uBAAAC,MAEK,kCACP,OAAS,UAAAC,EAAQ,eAAAC,EAAa,QAAAC,EAAM,SAAAC,MAAa,YAEjD,OAA6B,kBAAAC,MAAsB,4BAEnD,OACE,uBAAAC,EAEA,+BAAAC,EAEA,oBAAAC,EACA,+BAAAC,MACK,oBAEP,OAAS,0BAAAC,MAA8B,+CACvC,OAAS,6BAAAC,MAAiC,yDAC1C,OAAS,0BAAAC,MAA8B,sDASvC,OAAS,eAAAC,MAAmB,wBAC5B,OACE,wBAAAC,EACA,mBAAAC,MACK,kCACP,OAAS,aAAAC,MAAiB,4BAC1B,OAAS,eAAAC,MAAmB,8BAE5B,OAAS,qBAAAC,MAAyB,4BA6C3B,MAAMC,CAAc,CACzB,YACmBC,EACAC,EACjB,CAFiB,SAAAD,EACA,mBAAAC,CAChB,CAEH,IAAI,CACF,eAAAC,EACA,aAAAC,EACA,KAAAC,EACA,IAAAC,EACA,OAAAC,EACA,UAAAC,EACA,eAAAC,CACF,EAA0D,CACxD,MAAMC,EAAW,KAAK,aAAaL,EAAMG,CAAS,EAClD,OAAOb,EAAqB,CAC1B,OAAQ,KAAK,gBAAgBY,EAAQG,EAAS,MAAM,EACpD,SAAU3B,EAAY,SAAS2B,CAAQ,EACvC,UAAW,KAAK,mBAAmBD,CAAc,CACnD,CAAC,EACE,MAAM,MAAOE,GACZ,KAAK,aAAaJ,EAAQI,CAAc,CAC1C,EACC,MAAOC,GAAU,CAChB,OAAQJ,EAAU,KAAM,CACtB,IAAK,SACH,OAAOL,EAAe,eAAeC,EAAcQ,EAAON,CAAG,EAC/D,IAAK,YACH,OAAOH,EAAe,YAAYC,EAAcC,EAAMO,EAAON,CAAG,CACpE,CACF,CAAC,EACA,QAASO,GACRA,aAAiB1B,GAAuB0B,EAAM,SAAW,cACrD,IAAIzB,EACJyB,CACN,CACJ,CAEA,gBACEN,EACAO,EAC4C,CAC5C,OAAO/B,EAAY,YAAY,SAAY,CACzC,GAAI,CACF,MAAMgC,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAIxB,EAAuB,CAAE,OAAAgB,EAAQ,aAAAO,CAAa,CAAC,CACrD,EACA,GAAIC,EAAS,SAAWlC,EAAoB,QAC1C,OAAOG,EAAK+B,EAAS,KAAK,EAE5B,MAAMC,EAAe,IAAIjB,EAAkBgB,EAAS,IAAI,EACxD,OAAOnB,EAAgB,CACrB,GAAI,IAAMoB,EAAa,MAAM,EAC7B,OAAQ,IAAMA,EAAa,UAAU,CACvC,CAAC,CACH,OAASH,EAAO,CACd,OAAO7B,EAAK,IAAIK,EAAiB,OAAOwB,CAAK,CAAC,CAAC,CACjD,CACF,CAAC,CACH,CAEA,mBACEJ,EAC+C,CAC/C,OAAO1B,EAAY,YAAY,SAAY,CACzC,GAAI,CACF,MAAMgC,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAIvB,CACN,EACA,GAAIuB,EAAS,SAAWlC,EAAoB,QAC1C,OAAOG,EAAK+B,EAAS,KAAK,EAE5B,KAAM,CAAE,UAAAE,EAAW,iBAAAC,CAAiB,EAAIH,EAAS,KAE3CI,GACJ,MAAMV,EAAe,mBAAmBS,CAAgB,GACxD,MAAM,CAAC,EACT,OAAOjC,EAAM,CAAE,UAAAgC,EAAW,OAAAE,CAAO,CAAC,CACpC,OAASN,EAAO,CACd,OAAO7B,EAAK,IAAIK,EAAiB,OAAOwB,CAAK,CAAC,CAAC,CACjD,CACF,CAAC,CACH,CAEA,aACEO,EACAR,EACiD,CACjD,OAAQA,EAAM,KAAM,CAClB,IAAK,SACH,MAAO,CACL,KAAK,kBAAkBQ,CAAe,EACtC,KAAK,qBAAqBR,EAAM,IAAI,EACpC,KAAK,sBAAsBA,EAAM,IAAI,CACvC,EACF,IAAK,YACH,MAAO,CACL,KAAK,qBAAqBA,EAAM,IAAI,EACpC,KAAK,sBAAsBA,EAAM,IAAI,CACvC,CACJ,CACF,CAEA,kBAAkBS,EAAqB,CACrC,OAAOtC,EAAY,YACjB,SAAgE,CAC9D,GAAI,CACF,MAAMgC,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAItB,EAAuB,CAAE,QAAA4B,CAAQ,CAAC,CACxC,EACA,OAAIN,EAAS,SAAWlC,EAAoB,QACnCG,EAAK+B,EAAS,KAAK,EAErB9B,EAAM,IAAIc,EAAkBgB,EAAS,IAAI,CAAC,CACnD,OAASF,EAAO,CACd,OAAO7B,EAAK,IAAIK,EAAiB,OAAOwB,CAAK,CAAC,CAAC,CACjD,CACF,CACF,CACF,CAEA,kBAAkBO,EAAyB,CACzC,OAAO,KAAK,kBACVtB,EAAY,sBAAsB,CAChC,KAAMJ,EAAY,OAClB,KAAM0B,CACR,CAAC,CACH,EAAE,MAAOJ,GACPjC,EAAY,WACVa,EAAgB,CACd,KAAMF,EAAY,OAClB,KAAM0B,EACN,GAAI,IAAMJ,EAAa,MAAM,EAC7B,MAAO,IAAMA,EAAa,SAAS,EACnC,mBAAoB,IAAMA,EAAa,sBAAsB,EAC7D,UAAW,IAAMA,EAAa,aAAa,EAC3C,SAAU,IAAMA,EAAa,YAAY,EACzC,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,qBAAqB,CAAE,KAAAM,EAAM,UAAAC,EAAW,YAAAC,CAAY,EAAuB,CACzE,OAAO,KAAK,kBACV1B,EAAY,sBAAsB,CAChC,KAAMJ,EAAY,UAClB,KAAA4B,EACA,UAAAC,EACA,YAAAC,CACF,CAAC,CACH,EAAE,MAAOR,GACPjC,EAAY,WACVa,EAAgB,CACd,KAAMF,EAAY,UAClB,KAAA4B,EACA,UAAAC,EACA,YAAAC,EACA,GAAI,IAAMR,EAAa,MAAM,EAC7B,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,sBAAsB,CAAE,UAAAO,CAAU,EAA0C,CAC1E,OAAO,KAAK,kBACVzB,EAAY,sBAAsB,CAChC,KAAMJ,EAAY,WAClB,UAAW6B,CACb,CAAC,CACH,EAAE,MAAOP,GACPjC,EAAY,WACVa,EAAgB,CACd,KAAMF,EAAY,WAClB,UAAW6B,EACX,GAAI,IAAMP,EAAa,MAAM,EAC7B,MAAO,IAAMA,EAAa,SAAS,EACnC,mBAAoB,IAAMA,EAAa,sBAAsB,EAC7D,UAAW,IAAMA,EAAa,aAAa,EAC3C,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,aACET,EACA,CAAE,OAAAkB,EAAQ,SAAAf,EAAU,UAAAO,CAAU,EACU,CACxC,OAAOlC,EAAY,MAAO,CAAE,OAAA2C,CAAO,IAAM,CAKvC,MAAMC,EAAkB,MAJZ,KAAK,cAAc,mBAC7BV,EAAU,OACV/B,EAAe,UACjB,EACkC,QAAQuC,EAAO,GAAIA,EAAO,MAAM,EAClE,OAAO3C,EAAO,SACZ,MAAM,QAAQ,IACZ4B,EAAS,IAAKW,GACZ,KAAK,eAAeJ,EAAU,OAAQI,CAAO,EAAE,IAAI,CACrD,CACF,CACF,EAAE,OAAO,CACP,KAAOR,GAAU,CACf,MAAAa,EAAOb,CAAK,EACNA,CACR,EACA,MAAQe,GACN/B,EAAU,SAAS,CACjB,OAAQjB,EAAmB2B,CAAM,EACjC,OAAQoB,EACR,SAAUC,EACV,UAAWX,EAAU,SACvB,CAAC,CACL,CAAC,CACH,CAAC,CACH,CAEA,eACEE,EACAE,EAC4C,CAC5C,OAAOtC,EAA2C,MAAO,CAAE,OAAA2C,CAAO,IAAM,CACtE,OAAQL,EAAQ,KAAM,CACpB,KAAK3B,EAAY,OACjB,KAAKA,EAAY,WAAY,CAK3B,MAAMmC,EAAiB,MAJX,KAAK,cAAc,mBAC7BV,EACAjC,EAAe,UACjB,EACiC,QAAQmC,EAAQ,GAAIA,EAAQ,KAAK,EAClE,OAAOvB,EAAY,SAAS,CAC1B,GAAGuB,EACH,qBAAsBA,EAAQ,UAC9B,eAAAQ,CACF,CAAC,CACH,CACA,KAAKnC,EAAY,UACf,OAAOI,EAAY,SAAS,CAAE,GAAGuB,CAAQ,CAAC,EAC5C,QACE,MAAAK,EAAO,IAAIpC,EAA4B+B,CAAO,CAAC,EACzC,IAAI/B,EAA4B+B,CAAO,CACjD,CACF,CAAC,CACH,CACF",
+  "names": ["bufferToHexaString", "CommandResultStatus", "Either", "EitherAsync", "Left", "Right", "EncryptionAlgo", "LKRPDataSourceError", "LKRPOutdatedTrustchainError", "LKRPUnknownError", "LKRPUnsupportedCommandError", "SignBlockHeaderCommand", "SignBlockSignatureCommand", "SignBlockSingleCommand", "CommandTags", "eitherAsyncSeqRecord", "eitherSeqRecord", "LKRPBlock", "LKRPCommand", "TrustedProperties", "SignBlockTask", "api", "cryptoService", "lkrpDataSource", "trustchainId", "path", "jwt", "parent", "blockFlow", "sessionKeypair", "commands", "encryptedBlock", "block", "error", "commandCount", "response", "trustedProps", "signature", "deviceSessionKey", "secret", "applicationPath", "command", "name", "publicKey", "permissions", "header", "throwE", "decryptedIssuer", "decryptedCommands", "encryptedXpriv"]
 }

package/lib/esm/internal/app-binder/task/SignChallengeWithKeypairTask.js CHANGED Viewed

@@ -1,2 +1,2 @@
-import{ByteArrayParser as s,UnknownDAError as g}from"@ledgerhq/device-management-kit";import{EitherAsync as p,Left as h,Maybe as y}from"purify-ts";import{LKRPMissingDataError as i}from"../../../api/app-binder/Errors";import{CryptoUtils as c}from"../../utils/crypto";import{eitherSeqRecord as m}from"../../utils/eitherSeqRecord";import{bytesToHex as o,hexToBytes as x}from"../../utils/hex";class f{constructor(r,n){this.keypair=r;this.trustchainId=n}run(r){const n=this.getAttestation(),a=this.getCredential(this.keypair.pubKeyToHex());return p.liftEither(this.getUnsignedChallengeTLV(r.tlv)).map(c.hash).map(e=>this.keypair.sign(e)).map(o).map(e=>({challenge:r.json,signature:{attestation:n,credential:a,signature:e}})).mapLeft(e=>e instanceof i?e:new g(String(e)))}getAttestation(){const r=new TextEncoder().encode(this.trustchainId),n=Uint8Array.from([2,r.length,...r]);return o(n)}getCredential(r){return{version:0,curveId:33,signAlgorithm:1,publicKey:r}}getUnsignedChallengeTLV(r){const n=new s(x(r)),a=new Map(function*(){for(;;){const t=n.extractFieldTLVEncoded();if(!t)break;yield[t.tag,t.value]}}());if(a.size>10)return h(new i("Challenge TLV contains unexpected data"));const e=(t,l)=>y.fromNullable(a.get(t)).toEither(new i(`Missing ${l} field`));return m({payloadType:()=>e(1,"Payload type"),version:()=>e(2,"Version"),challengeExpiry:()=>e(22,"Challenge expiry"),host:()=>e(32,"Host"),protocolVersion:()=>e(96,"Protocol version"),curveId:()=>e(50,"Curve ID"),publicKey:()=>e(51,"Public key"),challengeData:()=>e(18,"Challenge data"),signAlgorithm:()=>e(20,"Sign algorithm"),rpSignatureField:()=>e(21,"RP signature field")}).map(t=>Uint8Array.from([[1,t.payloadType.length,...t.payloadType],[2,t.version.length,...t.version],[18,t.challengeData.length,...t.challengeData],[22,t.challengeExpiry.length,...t.challengeExpiry],[32,t.host.length,...t.host],[96,t.protocolVersion.length,...t.protocolVersion]].flat()))}}export{f as SignChallengeWithKeypairTask};
+import{bufferToHexaString as o,ByteArrayParser as s,hexaStringToBuffer as g}from"@ledgerhq/device-management-kit";import{EitherAsync as h,Left as p,Maybe as c}from"purify-ts";import{HashAlgo as y}from"../../../api/crypto/CryptoService";import{SigFormat as m}from"../../../api/crypto/KeyPair";import{LKRPMissingDataError as i,LKRPUnknownError as u}from"../../../api/model/Errors";import{eitherSeqRecord as x}from"../../utils/eitherSeqRecord";class S{constructor(r,n,a){this.cryptoService=r;this.keyPair=n;this.trustchainId=a}run(r){const n=this.getAttestation(),a=this.getCredential(this.keyPair.getPublicKeyToHex());return h.liftEither(this.getUnsignedChallengeTLV(r.tlv)).map(e=>this.cryptoService.hash(e,y.SHA256)).map(e=>this.keyPair.sign(e,m.DER)).map(e=>o(e,!1)).map(e=>({challenge:r.json,signature:{attestation:n,credential:a,signature:e}})).mapLeft(e=>e instanceof i?e:new u(String(e)))}getAttestation(){const r=new TextEncoder().encode(this.trustchainId),n=Uint8Array.from([2,r.length,...r]);return o(n,!1)}getCredential(r){return{version:0,curveId:33,signAlgorithm:1,publicKey:r}}getUnsignedChallengeTLV(r){const n=new s(g(r)??new Uint8Array),a=new Map(function*(){for(;;){const t=n.extractFieldTLVEncoded();if(!t)break;yield[t.tag,t.value]}}());if(a.size>10)return p(new i("Challenge TLV contains unexpected data"));const e=(t,l)=>c.fromNullable(a.get(t)).toEither(new i(`Missing ${l} field`));return x({payloadType:()=>e(1,"Payload type"),version:()=>e(2,"Version"),challengeExpiry:()=>e(22,"Challenge expiry"),host:()=>e(32,"Host"),protocolVersion:()=>e(96,"Protocol version"),curveId:()=>e(50,"Curve ID"),publicKey:()=>e(51,"Public key"),challengeData:()=>e(18,"Challenge data"),signAlgorithm:()=>e(20,"Sign algorithm"),rpSignatureField:()=>e(21,"RP signature field")}).map(t=>Uint8Array.from([[1,t.payloadType.length,...t.payloadType],[2,t.version.length,...t.version],[18,t.challengeData.length,...t.challengeData],[22,t.challengeExpiry.length,...t.challengeExpiry],[32,t.host.length,...t.host],[96,t.protocolVersion.length,...t.protocolVersion]].flat()))}}export{S as SignChallengeWithKeypairTask};
 //# sourceMappingURL=SignChallengeWithKeypairTask.js.map

package/lib/esm/internal/app-binder/task/SignChallengeWithKeypairTask.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../../src/internal/app-binder/task/SignChallengeWithKeypairTask.ts"],
-  "sourcesContent": ["import {\n  ByteArrayParser,\n  UnknownDAError,\n} from \"@ledgerhq/device-management-kit\";\nimport { type Either, EitherAsync, Left, Maybe } from \"purify-ts\";\n\nimport { LKRPMissingDataError } from \"@api/app-binder/Errors\";\nimport { type Keypair } from \"@api/app-binder/LKRPTypes\";\nimport {\n  type AuthenticationPayload,\n  type Challenge,\n} from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport { CryptoUtils } from \"@internal/utils/crypto\";\nimport { eitherSeqRecord } from \"@internal/utils/eitherSeqRecord\";\nimport { bytesToHex, hexToBytes } from \"@internal/utils/hex\";\n\nexport class SignChallengeWithKeypairTask {\n  constructor(\n    private readonly keypair: Keypair,\n    private readonly trustchainId: string,\n  ) {}\n\n  run(\n    challenge: Challenge,\n  ): EitherAsync<LKRPMissingDataError | UnknownDAError, AuthenticationPayload> {\n    const attestation = this.getAttestation();\n    const credential = this.getCredential(this.keypair.pubKeyToHex());\n\n    return EitherAsync.liftEither(this.getUnsignedChallengeTLV(challenge.tlv))\n      .map(CryptoUtils.hash)\n      .map((hash) => this.keypair.sign(hash))\n      .map(bytesToHex)\n      .map((signature) => ({\n        challenge: challenge.json,\n        signature: { attestation, credential, signature },\n      }))\n      .mapLeft((error) =>\n        error instanceof LKRPMissingDataError\n          ? error\n          : new UnknownDAError(String(error)),\n      );\n  }\n\n  // Spec https://ledgerhq.atlassian.net/wiki/spaces/TA/pages/4335960138/ARCH+LedgerLive+Auth+specifications\n  private getAttestation() {\n    const bytes = new TextEncoder().encode(this.trustchainId);\n    const attestation = Uint8Array.from([0x02, bytes.length, ...bytes]);\n    return bytesToHex(attestation);\n  }\n\n  private getCredential(publicKey: string) {\n    return { version: 0, curveId: 33, signAlgorithm: 1, publicKey };\n  }\n\n  private getUnsignedChallengeTLV(\n    tlv: string,\n  ): Either<LKRPMissingDataError, Uint8Array> {\n    const parser = new ByteArrayParser(hexToBytes(tlv));\n    const parsed = new Map(\n      (function* () {\n        while (true) {\n          const field = parser.extractFieldTLVEncoded();\n          if (!field) break; // No more fields to extract\n          yield [field.tag, field.value];\n        }\n      })(),\n    );\n\n    // We expect 10 fields in the TLV\n    if (parsed.size > 10) {\n      return Left(\n        new LKRPMissingDataError(\"Challenge TLV contains unexpected data\"),\n      );\n    }\n\n    const getField = (tag: number, fieldName: string) =>\n      Maybe.fromNullable(parsed.get(tag)).toEither(\n        new LKRPMissingDataError(`Missing ${fieldName} field`),\n      );\n\n    return eitherSeqRecord({\n      // Unsigned fields\n      payloadType: () => getField(0x01, \"Payload type\"),\n      version: () => getField(0x02, \"Version\"),\n      challengeExpiry: () => getField(0x16, \"Challenge expiry\"),\n      host: () => getField(0x20, \"Host\"),\n      protocolVersion: () => getField(0x60, \"Protocol version\"),\n\n      // Signed fields\n      curveId: () => getField(0x32, \"Curve ID\"),\n      publicKey: () => getField(0x33, \"Public key\"),\n      challengeData: () => getField(0x12, \"Challenge data\"),\n      signAlgorithm: () => getField(0x14, \"Sign algorithm\"),\n      rpSignatureField: () => getField(0x15, \"RP signature field\"),\n    }).map((fields) =>\n      Uint8Array.from(\n        [\n          [0x01, fields.payloadType.length, ...fields.payloadType],\n          [0x02, fields.version.length, ...fields.version],\n          [0x12, fields.challengeData.length, ...fields.challengeData],\n          [0x16, fields.challengeExpiry.length, ...fields.challengeExpiry],\n          [0x20, fields.host.length, ...fields.host],\n          [0x60, fields.protocolVersion.length, ...fields.protocolVersion],\n        ].flat(),\n      ),\n    );\n  }\n}\n"],
-  "mappings": "AAAA,OACE,mBAAAA,EACA,kBAAAC,MACK,kCACP,OAAsB,eAAAC,EAAa,QAAAC,EAAM,SAAAC,MAAa,YAEtD,OAAS,wBAAAC,MAA4B,yBAMrC,OAAS,eAAAC,MAAmB,yBAC5B,OAAS,mBAAAC,MAAuB,kCAChC,OAAS,cAAAC,EAAY,cAAAC,MAAkB,sBAEhC,MAAMC,CAA6B,CACxC,YACmBC,EACAC,EACjB,CAFiB,aAAAD,EACA,kBAAAC,CAChB,CAEH,IACEC,EAC2E,CAC3E,MAAMC,EAAc,KAAK,eAAe,EAClCC,EAAa,KAAK,cAAc,KAAK,QAAQ,YAAY,CAAC,EAEhE,OAAOb,EAAY,WAAW,KAAK,wBAAwBW,EAAU,GAAG,CAAC,EACtE,IAAIP,EAAY,IAAI,EACpB,IAAKU,GAAS,KAAK,QAAQ,KAAKA,CAAI,CAAC,EACrC,IAAIR,CAAU,EACd,IAAKS,IAAe,CACnB,UAAWJ,EAAU,KACrB,UAAW,CAAE,YAAAC,EAAa,WAAAC,EAAY,UAAAE,CAAU,CAClD,EAAE,EACD,QAASC,GACRA,aAAiBb,EACba,EACA,IAAIjB,EAAe,OAAOiB,CAAK,CAAC,CACtC,CACJ,CAGQ,gBAAiB,CACvB,MAAMC,EAAQ,IAAI,YAAY,EAAE,OAAO,KAAK,YAAY,EAClDL,EAAc,WAAW,KAAK,CAAC,EAAMK,EAAM,OAAQ,GAAGA,CAAK,CAAC,EAClE,OAAOX,EAAWM,CAAW,CAC/B,CAEQ,cAAcM,EAAmB,CACvC,MAAO,CAAE,QAAS,EAAG,QAAS,GAAI,cAAe,EAAG,UAAAA,CAAU,CAChE,CAEQ,wBACNC,EAC0C,CAC1C,MAAMC,EAAS,IAAItB,EAAgBS,EAAWY,CAAG,CAAC,EAC5CE,EAAS,IAAI,IAChB,WAAa,CACZ,OAAa,CACX,MAAMC,EAAQF,EAAO,uBAAuB,EAC5C,GAAI,CAACE,EAAO,MACZ,KAAM,CAACA,EAAM,IAAKA,EAAM,KAAK,CAC/B,CACF,EAAG,CACL,EAGA,GAAID,EAAO,KAAO,GAChB,OAAOpB,EACL,IAAIE,EAAqB,wCAAwC,CACnE,EAGF,MAAMoB,EAAW,CAACC,EAAaC,IAC7BvB,EAAM,aAAamB,EAAO,IAAIG,CAAG,CAAC,EAAE,SAClC,IAAIrB,EAAqB,WAAWsB,CAAS,QAAQ,CACvD,EAEF,OAAOpB,EAAgB,CAErB,YAAa,IAAMkB,EAAS,EAAM,cAAc,EAChD,QAAS,IAAMA,EAAS,EAAM,SAAS,EACvC,gBAAiB,IAAMA,EAAS,GAAM,kBAAkB,EACxD,KAAM,IAAMA,EAAS,GAAM,MAAM,EACjC,gBAAiB,IAAMA,EAAS,GAAM,kBAAkB,EAGxD,QAAS,IAAMA,EAAS,GAAM,UAAU,EACxC,UAAW,IAAMA,EAAS,GAAM,YAAY,EAC5C,cAAe,IAAMA,EAAS,GAAM,gBAAgB,EACpD,cAAe,IAAMA,EAAS,GAAM,gBAAgB,EACpD,iBAAkB,IAAMA,EAAS,GAAM,oBAAoB,CAC7D,CAAC,EAAE,IAAKG,GACN,WAAW,KACT,CACE,CAAC,EAAMA,EAAO,YAAY,OAAQ,GAAGA,EAAO,WAAW,EACvD,CAAC,EAAMA,EAAO,QAAQ,OAAQ,GAAGA,EAAO,OAAO,EAC/C,CAAC,GAAMA,EAAO,cAAc,OAAQ,GAAGA,EAAO,aAAa,EAC3D,CAAC,GAAMA,EAAO,gBAAgB,OAAQ,GAAGA,EAAO,eAAe,EAC/D,CAAC,GAAMA,EAAO,KAAK,OAAQ,GAAGA,EAAO,IAAI,EACzC,CAAC,GAAMA,EAAO,gBAAgB,OAAQ,GAAGA,EAAO,eAAe,CACjE,EAAE,KAAK,CACT,CACF,CACF,CACF",
-  "names": ["ByteArrayParser", "UnknownDAError", "EitherAsync", "Left", "Maybe", "LKRPMissingDataError", "CryptoUtils", "eitherSeqRecord", "bytesToHex", "hexToBytes", "SignChallengeWithKeypairTask", "keypair", "trustchainId", "challenge", "attestation", "credential", "hash", "signature", "error", "bytes", "publicKey", "tlv", "parser", "parsed", "field", "getField", "tag", "fieldName", "fields"]
+  "sourcesContent": ["import {\n  bufferToHexaString,\n  ByteArrayParser,\n  hexaStringToBuffer,\n} from \"@ledgerhq/device-management-kit\";\nimport { type Either, EitherAsync, Left, Maybe } from \"purify-ts\";\n\nimport { type CryptoService, HashAlgo } from \"@api/crypto/CryptoService\";\nimport { type KeyPair, SigFormat } from \"@api/crypto/KeyPair\";\nimport { LKRPMissingDataError, LKRPUnknownError } from \"@api/model/Errors\";\nimport {\n  type AuthenticationPayload,\n  type Challenge,\n} from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport { eitherSeqRecord } from \"@internal/utils/eitherSeqRecord\";\n\nexport class SignChallengeWithKeypairTask {\n  constructor(\n    private readonly cryptoService: CryptoService,\n    private readonly keyPair: KeyPair,\n    private readonly trustchainId: string,\n  ) {}\n\n  run(\n    challenge: Challenge,\n  ): EitherAsync<\n    LKRPMissingDataError | LKRPUnknownError,\n    AuthenticationPayload\n  > {\n    const attestation = this.getAttestation();\n    const credential = this.getCredential(this.keyPair.getPublicKeyToHex());\n\n    return EitherAsync.liftEither(this.getUnsignedChallengeTLV(challenge.tlv))\n      .map((buf) => this.cryptoService.hash(buf, HashAlgo.SHA256))\n      .map((hash) => this.keyPair.sign(hash, SigFormat.DER))\n      .map((str) => bufferToHexaString(str, false))\n      .map((signature) => ({\n        challenge: challenge.json,\n        signature: { attestation, credential, signature },\n      }))\n      .mapLeft((error) =>\n        error instanceof LKRPMissingDataError\n          ? error\n          : new LKRPUnknownError(String(error)),\n      );\n  }\n\n  // Spec https://ledgerhq.atlassian.net/wiki/spaces/TA/pages/4335960138/ARCH+LedgerLive+Auth+specifications\n  private getAttestation() {\n    const bytes = new TextEncoder().encode(this.trustchainId);\n    const attestation = Uint8Array.from([0x02, bytes.length, ...bytes]);\n    return bufferToHexaString(attestation, false);\n  }\n\n  private getCredential(publicKey: string) {\n    return { version: 0, curveId: 33, signAlgorithm: 1, publicKey };\n  }\n\n  private getUnsignedChallengeTLV(\n    tlv: string,\n  ): Either<LKRPMissingDataError, Uint8Array> {\n    const parser = new ByteArrayParser(\n      hexaStringToBuffer(tlv) ?? new Uint8Array(),\n    );\n    const parsed = new Map(\n      (function* () {\n        while (true) {\n          const field = parser.extractFieldTLVEncoded();\n          if (!field) break; // No more fields to extract\n          yield [field.tag, field.value];\n        }\n      })(),\n    );\n\n    // We expect 10 fields in the TLV\n    if (parsed.size > 10) {\n      return Left(\n        new LKRPMissingDataError(\"Challenge TLV contains unexpected data\"),\n      );\n    }\n\n    const getField = (tag: number, fieldName: string) =>\n      Maybe.fromNullable(parsed.get(tag)).toEither(\n        new LKRPMissingDataError(`Missing ${fieldName} field`),\n      );\n\n    return eitherSeqRecord({\n      // Unsigned fields\n      payloadType: () => getField(0x01, \"Payload type\"),\n      version: () => getField(0x02, \"Version\"),\n      challengeExpiry: () => getField(0x16, \"Challenge expiry\"),\n      host: () => getField(0x20, \"Host\"),\n      protocolVersion: () => getField(0x60, \"Protocol version\"),\n\n      // Signed fields\n      curveId: () => getField(0x32, \"Curve ID\"),\n      publicKey: () => getField(0x33, \"Public key\"),\n      challengeData: () => getField(0x12, \"Challenge data\"),\n      signAlgorithm: () => getField(0x14, \"Sign algorithm\"),\n      rpSignatureField: () => getField(0x15, \"RP signature field\"),\n    }).map((fields) =>\n      Uint8Array.from(\n        [\n          [0x01, fields.payloadType.length, ...fields.payloadType],\n          [0x02, fields.version.length, ...fields.version],\n          [0x12, fields.challengeData.length, ...fields.challengeData],\n          [0x16, fields.challengeExpiry.length, ...fields.challengeExpiry],\n          [0x20, fields.host.length, ...fields.host],\n          [0x60, fields.protocolVersion.length, ...fields.protocolVersion],\n        ].flat(),\n      ),\n    );\n  }\n}\n"],
+  "mappings": "AAAA,OACE,sBAAAA,EACA,mBAAAC,EACA,sBAAAC,MACK,kCACP,OAAsB,eAAAC,EAAa,QAAAC,EAAM,SAAAC,MAAa,YAEtD,OAA6B,YAAAC,MAAgB,4BAC7C,OAAuB,aAAAC,MAAiB,sBACxC,OAAS,wBAAAC,EAAsB,oBAAAC,MAAwB,oBAKvD,OAAS,mBAAAC,MAAuB,kCAEzB,MAAMC,CAA6B,CACxC,YACmBC,EACAC,EACAC,EACjB,CAHiB,mBAAAF,EACA,aAAAC,EACA,kBAAAC,CAChB,CAEH,IACEC,EAIA,CACA,MAAMC,EAAc,KAAK,eAAe,EAClCC,EAAa,KAAK,cAAc,KAAK,QAAQ,kBAAkB,CAAC,EAEtE,OAAOd,EAAY,WAAW,KAAK,wBAAwBY,EAAU,GAAG,CAAC,EACtE,IAAKG,GAAQ,KAAK,cAAc,KAAKA,EAAKZ,EAAS,MAAM,CAAC,EAC1D,IAAKa,GAAS,KAAK,QAAQ,KAAKA,EAAMZ,EAAU,GAAG,CAAC,EACpD,IAAKa,GAAQpB,EAAmBoB,EAAK,EAAK,CAAC,EAC3C,IAAKC,IAAe,CACnB,UAAWN,EAAU,KACrB,UAAW,CAAE,YAAAC,EAAa,WAAAC,EAAY,UAAAI,CAAU,CAClD,EAAE,EACD,QAASC,GACRA,aAAiBd,EACbc,EACA,IAAIb,EAAiB,OAAOa,CAAK,CAAC,CACxC,CACJ,CAGQ,gBAAiB,CACvB,MAAMC,EAAQ,IAAI,YAAY,EAAE,OAAO,KAAK,YAAY,EAClDP,EAAc,WAAW,KAAK,CAAC,EAAMO,EAAM,OAAQ,GAAGA,CAAK,CAAC,EAClE,OAAOvB,EAAmBgB,EAAa,EAAK,CAC9C,CAEQ,cAAcQ,EAAmB,CACvC,MAAO,CAAE,QAAS,EAAG,QAAS,GAAI,cAAe,EAAG,UAAAA,CAAU,CAChE,CAEQ,wBACNC,EAC0C,CAC1C,MAAMC,EAAS,IAAIzB,EACjBC,EAAmBuB,CAAG,GAAK,IAAI,UACjC,EACME,EAAS,IAAI,IAChB,WAAa,CACZ,OAAa,CACX,MAAMC,EAAQF,EAAO,uBAAuB,EAC5C,GAAI,CAACE,EAAO,MACZ,KAAM,CAACA,EAAM,IAAKA,EAAM,KAAK,CAC/B,CACF,EAAG,CACL,EAGA,GAAID,EAAO,KAAO,GAChB,OAAOvB,EACL,IAAII,EAAqB,wCAAwC,CACnE,EAGF,MAAMqB,EAAW,CAACC,EAAaC,IAC7B1B,EAAM,aAAasB,EAAO,IAAIG,CAAG,CAAC,EAAE,SAClC,IAAItB,EAAqB,WAAWuB,CAAS,QAAQ,CACvD,EAEF,OAAOrB,EAAgB,CAErB,YAAa,IAAMmB,EAAS,EAAM,cAAc,EAChD,QAAS,IAAMA,EAAS,EAAM,SAAS,EACvC,gBAAiB,IAAMA,EAAS,GAAM,kBAAkB,EACxD,KAAM,IAAMA,EAAS,GAAM,MAAM,EACjC,gBAAiB,IAAMA,EAAS,GAAM,kBAAkB,EAGxD,QAAS,IAAMA,EAAS,GAAM,UAAU,EACxC,UAAW,IAAMA,EAAS,GAAM,YAAY,EAC5C,cAAe,IAAMA,EAAS,GAAM,gBAAgB,EACpD,cAAe,IAAMA,EAAS,GAAM,gBAAgB,EACpD,iBAAkB,IAAMA,EAAS,GAAM,oBAAoB,CAC7D,CAAC,EAAE,IAAKG,GACN,WAAW,KACT,CACE,CAAC,EAAMA,EAAO,YAAY,OAAQ,GAAGA,EAAO,WAAW,EACvD,CAAC,EAAMA,EAAO,QAAQ,OAAQ,GAAGA,EAAO,OAAO,EAC/C,CAAC,GAAMA,EAAO,cAAc,OAAQ,GAAGA,EAAO,aAAa,EAC3D,CAAC,GAAMA,EAAO,gBAAgB,OAAQ,GAAGA,EAAO,eAAe,EAC/D,CAAC,GAAMA,EAAO,KAAK,OAAQ,GAAGA,EAAO,IAAI,EACzC,CAAC,GAAMA,EAAO,gBAAgB,OAAQ,GAAGA,EAAO,eAAe,CACjE,EAAE,KAAK,CACT,CACF,CACF,CACF",
+  "names": ["bufferToHexaString", "ByteArrayParser", "hexaStringToBuffer", "EitherAsync", "Left", "Maybe", "HashAlgo", "SigFormat", "LKRPMissingDataError", "LKRPUnknownError", "eitherSeqRecord", "SignChallengeWithKeypairTask", "cryptoService", "keyPair", "trustchainId", "challenge", "attestation", "credential", "buf", "hash", "str", "signature", "error", "bytes", "publicKey", "tlv", "parser", "parsed", "field", "getField", "tag", "fieldName", "fields"]
 }

package/lib/esm/internal/app-binder/task/SignChallengeWithKeypairTask.test.js CHANGED Viewed

@@ -1,2 +1,2 @@
-import{LKRPMissingDataError as s}from"../../../api/app-binder/Errors";import{KeypairFromBytes as f}from"../../../api/app-binder/KeypairFromBytes";import{hexToBytes as b}from"../../utils/hex";import{SignChallengeWithKeypairTask as d}from"./SignChallengeWithKeypairTask";describe("SignChallengeWithKeypairTask",()=>{it("should sign a challenge with a keypair",async()=>{const{challenge:e,keypair:a,trustchainId:c}=i(),n=await new d(a,c).run(e).run();expect(n.isRight()).toBe(!0),n.ifRight(t=>{expect(t.challenge).toBe(e.json),expect(t.signature.credential).toEqual({version:0,curveId:33,signAlgorithm:1,publicKey:a.pubKeyToHex()}),expect(t.signature.attestation).toBe("0242303062373538386231393136633036373635343632656266343530363734346665323565643164623831393635326532646562613732313338393738396364633337"),expect(t.signature.signature).toBe("3045022100e9fead4e341f4e145f8888d7897184ff585e23c832a4c7acd15b5a2e53c58d2902204c58596d039960ab9b56ba4f9d27dbc5e647dbe779089e5e7e608501c5270049")})}),it("should handle invalid challenge",async()=>{const{challenge:e,keypair:a,trustchainId:c}=i({tlv:"invalid-tlv"});(await new d(a,c).run(e).run()).ifLeft(t=>expect(t).toBeInstanceOf(s))})});function i({privateKey:e="b21ef366414b1aaba29b9576b7c1a661d663cfd8b4f998257dddbf7dc60d315d",trustchainId:a="00b7588b1916c06765462ebf4506744fe25ed1db819652e2deba721389789cdc37",tlv:c="0101070201001210bb1ea0c98526e1ea2deb7c7537f2989514010115473045022038632e8fa245483f0ecdbaa4ca0d455a03e7510da269d2089fed0d5cfa69d3d6022100c2f938d60bf1c34e96a2d332822a86059d90ec26ea222189cd9731834a5c151216046878ab74202b7472757374636861696e2d6261636b656e642e6170692e6177732e7374672e6c64672d746563682e636f6d320121332103cb7628e7248ddf9c07da54b979f16bf081fb3d173aac0992ad2a44ef6a388ae2600401000000"}={}){return{challenge:{tlv:c,json:{}},keypair:new f(b(e)),trustchainId:a}}
+import{hexaStringToBuffer as f}from"@ledgerhq/device-management-kit";import{Curve as o}from"../../../api/crypto/CryptoService";import{NobleCryptoService as b}from"../../../api/crypto/noble/NobleCryptoService";import{LKRPMissingDataError as l}from"../../../api/model/Errors";import{SignChallengeWithKeypairTask as n}from"./SignChallengeWithKeypairTask";const r=new b;describe("SignChallengeWithKeypairTask",()=>{it("should sign a challenge with a keyPair",async()=>{const{challenge:e,keyPair:a,trustchainId:c}=d(),i=await new n(r,a,c).run(e).run();expect(i.isRight()).toBe(!0),i.ifRight(t=>{expect(t.challenge).toBe(e.json),expect(t.signature.credential).toEqual({version:0,curveId:33,signAlgorithm:1,publicKey:a.getPublicKeyToHex()}),expect(t.signature.attestation).toBe("0242303062373538386231393136633036373635343632656266343530363734346665323565643164623831393635326532646562613732313338393738396364633337"),expect(t.signature.signature).toBe("3045022100e9fead4e341f4e145f8888d7897184ff585e23c832a4c7acd15b5a2e53c58d2902204c58596d039960ab9b56ba4f9d27dbc5e647dbe779089e5e7e608501c5270049")})}),it("should handle invalid challenge",async()=>{const{challenge:e,keyPair:a,trustchainId:c}=d({tlv:"invalid-tlv"});(await new n(r,a,c).run(e).run()).ifLeft(t=>expect(t).toBeInstanceOf(l))})});function d({privateKey:e="b21ef366414b1aaba29b9576b7c1a661d663cfd8b4f998257dddbf7dc60d315d",trustchainId:a="00b7588b1916c06765462ebf4506744fe25ed1db819652e2deba721389789cdc37",tlv:c="0101070201001210bb1ea0c98526e1ea2deb7c7537f2989514010115473045022038632e8fa245483f0ecdbaa4ca0d455a03e7510da269d2089fed0d5cfa69d3d6022100c2f938d60bf1c34e96a2d332822a86059d90ec26ea222189cd9731834a5c151216046878ab74202b7472757374636861696e2d6261636b656e642e6170692e6177732e7374672e6c64672d746563682e636f6d320121332103cb7628e7248ddf9c07da54b979f16bf081fb3d173aac0992ad2a44ef6a388ae2600401000000"}={}){return{challenge:{tlv:c,json:{}},keyPair:r.importKeyPair(f(e),o.K256),trustchainId:a}}
 //# sourceMappingURL=SignChallengeWithKeypairTask.test.js.map

package/lib/esm/internal/app-binder/task/SignChallengeWithKeypairTask.test.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../../src/internal/app-binder/task/SignChallengeWithKeypairTask.test.ts"],
-  "sourcesContent": ["import { LKRPMissingDataError } from \"@api/app-binder/Errors\";\nimport { KeypairFromBytes } from \"@api/app-binder/KeypairFromBytes\";\nimport { type Challenge } from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport { hexToBytes } from \"@internal/utils/hex\";\n\nimport { SignChallengeWithKeypairTask } from \"./SignChallengeWithKeypairTask\";\n\ndescribe(\"SignChallengeWithKeypairTask\", () => {\n  it(\"should sign a challenge with a keypair\", async () => {\n    // GIVEN\n    const { challenge, keypair, trustchainId } = getParameters();\n\n    // WHEN\n    const task = new SignChallengeWithKeypairTask(keypair, trustchainId);\n    const result = await task.run(challenge).run();\n\n    // THEN\n    expect(result.isRight()).toBe(true);\n    result.ifRight((payload) => {\n      expect(payload.challenge).toBe(challenge.json);\n      expect(payload.signature.credential).toEqual({\n        version: 0,\n        curveId: 33,\n        signAlgorithm: 1,\n        publicKey: keypair.pubKeyToHex(),\n      });\n      expect(payload.signature.attestation).toBe(\n        \"0242303062373538386231393136633036373635343632656266343530363734346665323565643164623831393635326532646562613732313338393738396364633337\",\n      );\n      expect(payload.signature.signature).toBe(\n        \"3045022100e9fead4e341f4e145f8888d7897184ff585e23c832a4c7acd15b5a2e53c58d2902204c58596d039960ab9b56ba4f9d27dbc5e647dbe779089e5e7e608501c5270049\",\n      );\n    });\n  });\n\n  it(\"should handle invalid challenge\", async () => {\n    // GIVEN\n    const { challenge, keypair, trustchainId } = getParameters({\n      tlv: \"invalid-tlv\", // Invalid TLV\n    });\n\n    // WHEN\n    const task = new SignChallengeWithKeypairTask(keypair, trustchainId);\n    const result = await task.run(challenge).run();\n\n    // THEN\n    result.ifLeft((error) =>\n      expect(error).toBeInstanceOf(LKRPMissingDataError),\n    );\n  });\n});\n\nfunction getParameters({\n  privateKey = \"b21ef366414b1aaba29b9576b7c1a661d663cfd8b4f998257dddbf7dc60d315d\",\n  trustchainId = \"00b7588b1916c06765462ebf4506744fe25ed1db819652e2deba721389789cdc37\",\n  tlv = \"0101070201001210bb1ea0c98526e1ea2deb7c7537f2989514010115473045022038632e8fa245483f0ecdbaa4ca0d455a03e7510da269d2089fed0d5cfa69d3d6022100c2f938d60bf1c34e96a2d332822a86059d90ec26ea222189cd9731834a5c151216046878ab74202b7472757374636861696e2d6261636b656e642e6170692e6177732e7374672e6c64672d746563682e636f6d320121332103cb7628e7248ddf9c07da54b979f16bf081fb3d173aac0992ad2a44ef6a388ae2600401000000\",\n} = {}) {\n  return {\n    challenge: { tlv, json: {} as Challenge[\"json\"] },\n    keypair: new KeypairFromBytes(hexToBytes(privateKey)),\n    trustchainId,\n  };\n}\n"],
-  "mappings": "AAAA,OAAS,wBAAAA,MAA4B,yBACrC,OAAS,oBAAAC,MAAwB,mCAEjC,OAAS,cAAAC,MAAkB,sBAE3B,OAAS,gCAAAC,MAAoC,iCAE7C,SAAS,+BAAgC,IAAM,CAC7C,GAAG,yCAA0C,SAAY,CAEvD,KAAM,CAAE,UAAAC,EAAW,QAAAC,EAAS,aAAAC,CAAa,EAAIC,EAAc,EAIrDC,EAAS,MADF,IAAIL,EAA6BE,EAASC,CAAY,EACzC,IAAIF,CAAS,EAAE,IAAI,EAG7C,OAAOI,EAAO,QAAQ,CAAC,EAAE,KAAK,EAAI,EAClCA,EAAO,QAASC,GAAY,CAC1B,OAAOA,EAAQ,SAAS,EAAE,KAAKL,EAAU,IAAI,EAC7C,OAAOK,EAAQ,UAAU,UAAU,EAAE,QAAQ,CAC3C,QAAS,EACT,QAAS,GACT,cAAe,EACf,UAAWJ,EAAQ,YAAY,CACjC,CAAC,EACD,OAAOI,EAAQ,UAAU,WAAW,EAAE,KACpC,0IACF,EACA,OAAOA,EAAQ,UAAU,SAAS,EAAE,KAClC,gJACF,CACF,CAAC,CACH,CAAC,EAED,GAAG,kCAAmC,SAAY,CAEhD,KAAM,CAAE,UAAAL,EAAW,QAAAC,EAAS,aAAAC,CAAa,EAAIC,EAAc,CACzD,IAAK,aACP,CAAC,GAIc,MADF,IAAIJ,EAA6BE,EAASC,CAAY,EACzC,IAAIF,CAAS,EAAE,IAAI,GAGtC,OAAQM,GACb,OAAOA,CAAK,EAAE,eAAeV,CAAoB,CACnD,CACF,CAAC,CACH,CAAC,EAED,SAASO,EAAc,CACrB,WAAAI,EAAa,mEACb,aAAAL,EAAe,qEACf,IAAAM,EAAM,wYACR,EAAI,CAAC,EAAG,CACN,MAAO,CACL,UAAW,CAAE,IAAAA,EAAK,KAAM,CAAC,CAAuB,EAChD,QAAS,IAAIX,EAAiBC,EAAWS,CAAU,CAAC,EACpD,aAAAL,CACF,CACF",
-  "names": ["LKRPMissingDataError", "KeypairFromBytes", "hexToBytes", "SignChallengeWithKeypairTask", "challenge", "keypair", "trustchainId", "getParameters", "result", "payload", "error", "privateKey", "tlv"]
+  "sourcesContent": ["import { hexaStringToBuffer } from \"@ledgerhq/device-management-kit\";\n\nimport { Curve } from \"@api/crypto/CryptoService\";\nimport { NobleCryptoService } from \"@api/crypto/noble/NobleCryptoService\";\nimport { LKRPMissingDataError } from \"@api/model/Errors\";\nimport { type Challenge } from \"@internal/lkrp-datasource/data/LKRPDataSource\";\n\nimport { SignChallengeWithKeypairTask } from \"./SignChallengeWithKeypairTask\";\n\nconst cryptoService = new NobleCryptoService();\n\ndescribe(\"SignChallengeWithKeypairTask\", () => {\n  it(\"should sign a challenge with a keyPair\", async () => {\n    // GIVEN\n    const { challenge, keyPair, trustchainId } = getParameters();\n\n    // WHEN\n    const task = new SignChallengeWithKeypairTask(\n      cryptoService,\n      keyPair,\n      trustchainId,\n    );\n    const result = await task.run(challenge).run();\n\n    // THEN\n    expect(result.isRight()).toBe(true);\n    result.ifRight((payload) => {\n      expect(payload.challenge).toBe(challenge.json);\n      expect(payload.signature.credential).toEqual({\n        version: 0,\n        curveId: 33,\n        signAlgorithm: 1,\n        publicKey: keyPair.getPublicKeyToHex(),\n      });\n      expect(payload.signature.attestation).toBe(\n        \"0242303062373538386231393136633036373635343632656266343530363734346665323565643164623831393635326532646562613732313338393738396364633337\",\n      );\n      expect(payload.signature.signature).toBe(\n        \"3045022100e9fead4e341f4e145f8888d7897184ff585e23c832a4c7acd15b5a2e53c58d2902204c58596d039960ab9b56ba4f9d27dbc5e647dbe779089e5e7e608501c5270049\",\n      );\n    });\n  });\n\n  it(\"should handle invalid challenge\", async () => {\n    // GIVEN\n    const { challenge, keyPair, trustchainId } = getParameters({\n      tlv: \"invalid-tlv\", // Invalid TLV\n    });\n\n    // WHEN\n    const task = new SignChallengeWithKeypairTask(\n      cryptoService,\n      keyPair,\n      trustchainId,\n    );\n    const result = await task.run(challenge).run();\n\n    // THEN\n    result.ifLeft((error) =>\n      expect(error).toBeInstanceOf(LKRPMissingDataError),\n    );\n  });\n});\n\nfunction getParameters({\n  privateKey = \"b21ef366414b1aaba29b9576b7c1a661d663cfd8b4f998257dddbf7dc60d315d\",\n  trustchainId = \"00b7588b1916c06765462ebf4506744fe25ed1db819652e2deba721389789cdc37\",\n  tlv = \"0101070201001210bb1ea0c98526e1ea2deb7c7537f2989514010115473045022038632e8fa245483f0ecdbaa4ca0d455a03e7510da269d2089fed0d5cfa69d3d6022100c2f938d60bf1c34e96a2d332822a86059d90ec26ea222189cd9731834a5c151216046878ab74202b7472757374636861696e2d6261636b656e642e6170692e6177732e7374672e6c64672d746563682e636f6d320121332103cb7628e7248ddf9c07da54b979f16bf081fb3d173aac0992ad2a44ef6a388ae2600401000000\",\n} = {}) {\n  return {\n    challenge: { tlv, json: {} as Challenge[\"json\"] },\n    keyPair: cryptoService.importKeyPair(\n      hexaStringToBuffer(privateKey)!,\n      Curve.K256,\n    ),\n    trustchainId,\n  };\n}\n"],
+  "mappings": "AAAA,OAAS,sBAAAA,MAA0B,kCAEnC,OAAS,SAAAC,MAAa,4BACtB,OAAS,sBAAAC,MAA0B,uCACnC,OAAS,wBAAAC,MAA4B,oBAGrC,OAAS,gCAAAC,MAAoC,iCAE7C,MAAMC,EAAgB,IAAIH,EAE1B,SAAS,+BAAgC,IAAM,CAC7C,GAAG,yCAA0C,SAAY,CAEvD,KAAM,CAAE,UAAAI,EAAW,QAAAC,EAAS,aAAAC,CAAa,EAAIC,EAAc,EAQrDC,EAAS,MALF,IAAIN,EACfC,EACAE,EACAC,CACF,EAC0B,IAAIF,CAAS,EAAE,IAAI,EAG7C,OAAOI,EAAO,QAAQ,CAAC,EAAE,KAAK,EAAI,EAClCA,EAAO,QAASC,GAAY,CAC1B,OAAOA,EAAQ,SAAS,EAAE,KAAKL,EAAU,IAAI,EAC7C,OAAOK,EAAQ,UAAU,UAAU,EAAE,QAAQ,CAC3C,QAAS,EACT,QAAS,GACT,cAAe,EACf,UAAWJ,EAAQ,kBAAkB,CACvC,CAAC,EACD,OAAOI,EAAQ,UAAU,WAAW,EAAE,KACpC,0IACF,EACA,OAAOA,EAAQ,UAAU,SAAS,EAAE,KAClC,gJACF,CACF,CAAC,CACH,CAAC,EAED,GAAG,kCAAmC,SAAY,CAEhD,KAAM,CAAE,UAAAL,EAAW,QAAAC,EAAS,aAAAC,CAAa,EAAIC,EAAc,CACzD,IAAK,aACP,CAAC,GAQc,MALF,IAAIL,EACfC,EACAE,EACAC,CACF,EAC0B,IAAIF,CAAS,EAAE,IAAI,GAGtC,OAAQM,GACb,OAAOA,CAAK,EAAE,eAAeT,CAAoB,CACnD,CACF,CAAC,CACH,CAAC,EAED,SAASM,EAAc,CACrB,WAAAI,EAAa,mEACb,aAAAL,EAAe,qEACf,IAAAM,EAAM,wYACR,EAAI,CAAC,EAAG,CACN,MAAO,CACL,UAAW,CAAE,IAAAA,EAAK,KAAM,CAAC,CAAuB,EAChD,QAAST,EAAc,cACrBL,EAAmBa,CAAU,EAC7BZ,EAAM,IACR,EACA,aAAAO,CACF,CACF",
+  "names": ["hexaStringToBuffer", "Curve", "NobleCryptoService", "LKRPMissingDataError", "SignChallengeWithKeypairTask", "cryptoService", "challenge", "keyPair", "trustchainId", "getParameters", "result", "payload", "error", "privateKey", "tlv"]
 }

package/lib/esm/internal/app-binder/task/utils/TrustedProperties.js CHANGED Viewed

@@ -1,2 +1,2 @@
-import{ByteArrayParser as a}from"@ledgerhq/device-management-kit";import{Either as p,Left as o,Right as i}from"purify-ts";import{LKRPParsingError as P}from"../../../../api/app-binder/Errors";import{required as e}from"../../../utils/required";import{TPTags as t}from"../../../utils/TLVTags";class h{constructor(r){this.bytes=r;this.parser=new a(r)}parser;iv=null;encryptedProps=null;getIv(){if(!this.iv){const r=this.parser.extractFieldTLVEncoded();if(!r||r.tag!==0)return o(new P("Invalid trusted property: missing IV"));this.iv=r.value}return i(this.iv)}getIssuer(){return this.parseEncryptedProps().chain(r=>e(r.get(t.ISSUER)?.value,"Missing issuer in trusted properties"))}getXPriv(){return this.parseEncryptedProps().chain(r=>e(r.get(t.XPRIV)?.value,"Missing xpriv in trusted properties"))}getEphemeralPublicKey(){return this.parseEncryptedProps().chain(r=>e(r.get(t.EPHEMERAL_PUBLIC_KEY)?.value,"Missing ephemeral public key in trusted properties"))}getCommandIv(){return this.parseEncryptedProps().chain(r=>e(r.get(t.COMMAND_IV)?.value,"Missing command IV in trusted properties"))}getGroupKey(){return this.parseEncryptedProps().chain(r=>e(r.get(t.GROUPKEY)?.value,"Missing group key in trusted properties"))}getNewMember(){return this.parseEncryptedProps().chain(r=>e(r.get(t.NEW_MEMBER)?.tlv,"Missing new member in trusted properties"))}parseEncryptedProps(){return this.encryptedProps?i(this.encryptedProps):this.getIv().chain(()=>p.sequence(Array.from(E(this.parser)))).map(r=>new Map(r.map(n=>[n.tag,n]))).ifRight(r=>{this.encryptedProps=r})}}function*E(s){for(;;){const r=s.extractFieldTLVEncoded();if(!r)return;yield i(r)}}export{h as TrustedProperties};
+import{ByteArrayParser as a}from"@ledgerhq/device-management-kit";import{Either as p,Left as o,Right as i}from"purify-ts";import{LKRPParsingError as P}from"../../../../api/model/Errors";import{TPTags as e}from"../../../models/Tags";import{required as t}from"../../../utils/required";class h{constructor(r){this.bytes=r;this.parser=new a(r)}parser;iv=null;encryptedProps=null;getIv(){if(!this.iv){const r=this.parser.extractFieldTLVEncoded();if(!r||r.tag!==0)return o(new P("Invalid trusted property: missing IV"));this.iv=r.value}return i(this.iv)}getIssuer(){return this.parseEncryptedProps().chain(r=>t(r.get(e.ISSUER)?.value,"Missing issuer in trusted properties"))}getXPriv(){return this.parseEncryptedProps().chain(r=>t(r.get(e.XPRIV)?.value,"Missing xpriv in trusted properties"))}getEphemeralPublicKey(){return this.parseEncryptedProps().chain(r=>t(r.get(e.EPHEMERAL_PUBLIC_KEY)?.value,"Missing ephemeral public key in trusted properties"))}getCommandIv(){return this.parseEncryptedProps().chain(r=>t(r.get(e.COMMAND_IV)?.value,"Missing command IV in trusted properties"))}getGroupKey(){return this.parseEncryptedProps().chain(r=>t(r.get(e.GROUPKEY)?.value,"Missing group key in trusted properties"))}getNewMember(){return this.parseEncryptedProps().chain(r=>t(r.get(e.NEW_MEMBER)?.tlv,"Missing new member in trusted properties"))}parseEncryptedProps(){return this.encryptedProps?i(this.encryptedProps):this.getIv().chain(()=>p.sequence(Array.from(E(this.parser)))).map(r=>new Map(r.map(n=>[n.tag,n]))).ifRight(r=>{this.encryptedProps=r})}}function*E(s){for(;;){const r=s.extractFieldTLVEncoded();if(!r)return;yield i(r)}}export{h as TrustedProperties};
 //# sourceMappingURL=TrustedProperties.js.map

package/lib/esm/internal/app-binder/task/utils/TrustedProperties.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../../../src/internal/app-binder/task/utils/TrustedProperties.ts"],
-  "sourcesContent": ["import { ByteArrayParser } from \"@ledgerhq/device-management-kit\";\nimport { Either, Left, Right } from \"purify-ts\";\n\nimport {\n  type LKRPMissingDataError,\n  LKRPParsingError,\n} from \"@api/app-binder/Errors\";\nimport { required } from \"@internal/utils/required\";\nimport { TPTags } from \"@internal/utils/TLVTags\";\n\ntype EncryptedTPTag = Exclude<TPTags, TPTags.IV>;\ntype EncryptedTP = { tag: EncryptedTPTag; value: Uint8Array; tlv: Uint8Array };\n\nexport class TrustedProperties {\n  private readonly parser: ByteArrayParser;\n  private iv: Uint8Array | null = null;\n  private encryptedProps: Map<EncryptedTPTag, EncryptedTP> | null = null;\n\n  constructor(public readonly bytes: Uint8Array) {\n    this.parser = new ByteArrayParser(bytes);\n  }\n\n  getIv(): Either<LKRPParsingError, Uint8Array> {\n    if (!this.iv) {\n      const field = this.parser.extractFieldTLVEncoded();\n      if (!field || field.tag !== 0x00) {\n        return Left(\n          new LKRPParsingError(\"Invalid trusted property: missing IV\"),\n        );\n      }\n\n      this.iv = field.value;\n    }\n    return Right(this.iv);\n  }\n\n  getIssuer(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.ISSUER)?.value,\n        \"Missing issuer in trusted properties\",\n      ),\n    );\n  }\n\n  getXPriv(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.XPRIV)?.value,\n        \"Missing xpriv in trusted properties\",\n      ),\n    );\n  }\n\n  getEphemeralPublicKey(): Either<\n    LKRPParsingError | LKRPMissingDataError,\n    Uint8Array\n  > {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.EPHEMERAL_PUBLIC_KEY)?.value,\n        \"Missing ephemeral public key in trusted properties\",\n      ),\n    );\n  }\n\n  getCommandIv(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.COMMAND_IV)?.value,\n        \"Missing command IV in trusted properties\",\n      ),\n    );\n  }\n\n  getGroupKey(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.GROUPKEY)?.value,\n        \"Missing group key in trusted properties\",\n      ),\n    );\n  }\n\n  getNewMember(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.NEW_MEMBER)?.tlv,\n        \"Missing new member in trusted properties\",\n      ),\n    );\n  }\n\n  parseEncryptedProps(): Either<\n    LKRPParsingError,\n    Map<EncryptedTPTag, EncryptedTP>\n  > {\n    return this.encryptedProps\n      ? Right(this.encryptedProps)\n      : this.getIv()\n          .chain(() => Either.sequence(Array.from(parseTPs(this.parser))))\n          .map((fields) => new Map(fields.map((field) => [field.tag, field])))\n          .ifRight((props) => {\n            this.encryptedProps = props;\n          });\n  }\n}\n\nfunction* parseTPs(\n  parser: ByteArrayParser,\n): Generator<Either<LKRPParsingError, EncryptedTP>> {\n  while (true) {\n    const field = parser.extractFieldTLVEncoded();\n    if (!field) return;\n    yield Right(field);\n  }\n}\n"],
-  "mappings": "AAAA,OAAS,mBAAAA,MAAuB,kCAChC,OAAS,UAAAC,EAAQ,QAAAC,EAAM,SAAAC,MAAa,YAEpC,OAEE,oBAAAC,MACK,yBACP,OAAS,YAAAC,MAAgB,2BACzB,OAAS,UAAAC,MAAc,0BAKhB,MAAMC,CAAkB,CAK7B,YAA4BC,EAAmB,CAAnB,WAAAA,EAC1B,KAAK,OAAS,IAAIR,EAAgBQ,CAAK,CACzC,CANiB,OACT,GAAwB,KACxB,eAA0D,KAMlE,OAA8C,CAC5C,GAAI,CAAC,KAAK,GAAI,CACZ,MAAMC,EAAQ,KAAK,OAAO,uBAAuB,EACjD,GAAI,CAACA,GAASA,EAAM,MAAQ,EAC1B,OAAOP,EACL,IAAIE,EAAiB,sCAAsC,CAC7D,EAGF,KAAK,GAAKK,EAAM,KAClB,CACA,OAAON,EAAM,KAAK,EAAE,CACtB,CAEA,WAAyE,CACvE,OAAO,KAAK,oBAAoB,EAAE,MAAOO,GACvCL,EACEK,EAAM,IAAIJ,EAAO,MAAM,GAAG,MAC1B,sCACF,CACF,CACF,CAEA,UAAwE,CACtE,OAAO,KAAK,oBAAoB,EAAE,MAAOI,GACvCL,EACEK,EAAM,IAAIJ,EAAO,KAAK,GAAG,MACzB,qCACF,CACF,CACF,CAEA,uBAGE,CACA,OAAO,KAAK,oBAAoB,EAAE,MAAOI,GACvCL,EACEK,EAAM,IAAIJ,EAAO,oBAAoB,GAAG,MACxC,oDACF,CACF,CACF,CAEA,cAA4E,CAC1E,OAAO,KAAK,oBAAoB,EAAE,MAAOI,GACvCL,EACEK,EAAM,IAAIJ,EAAO,UAAU,GAAG,MAC9B,0CACF,CACF,CACF,CAEA,aAA2E,CACzE,OAAO,KAAK,oBAAoB,EAAE,MAAOI,GACvCL,EACEK,EAAM,IAAIJ,EAAO,QAAQ,GAAG,MAC5B,yCACF,CACF,CACF,CAEA,cAA4E,CAC1E,OAAO,KAAK,oBAAoB,EAAE,MAAOI,GACvCL,EACEK,EAAM,IAAIJ,EAAO,UAAU,GAAG,IAC9B,0CACF,CACF,CACF,CAEA,qBAGE,CACA,OAAO,KAAK,eACRH,EAAM,KAAK,cAAc,EACzB,KAAK,MAAM,EACR,MAAM,IAAMF,EAAO,SAAS,MAAM,KAAKU,EAAS,KAAK,MAAM,CAAC,CAAC,CAAC,EAC9D,IAAKC,GAAW,IAAI,IAAIA,EAAO,IAAKH,GAAU,CAACA,EAAM,IAAKA,CAAK,CAAC,CAAC,CAAC,EAClE,QAASC,GAAU,CAClB,KAAK,eAAiBA,CACxB,CAAC,CACT,CACF,CAEA,SAAUC,EACRE,EACkD,CAClD,OAAa,CACX,MAAMJ,EAAQI,EAAO,uBAAuB,EAC5C,GAAI,CAACJ,EAAO,OACZ,MAAMN,EAAMM,CAAK,CACnB,CACF",
-  "names": ["ByteArrayParser", "Either", "Left", "Right", "LKRPParsingError", "required", "TPTags", "TrustedProperties", "bytes", "field", "props", "parseTPs", "fields", "parser"]
+  "sourcesContent": ["import { ByteArrayParser } from \"@ledgerhq/device-management-kit\";\nimport { Either, Left, Right } from \"purify-ts\";\n\nimport { type LKRPMissingDataError, LKRPParsingError } from \"@api/model/Errors\";\nimport { TPTags } from \"@internal/models/Tags\";\nimport { required } from \"@internal/utils/required\";\n\ntype EncryptedTPTag = Exclude<TPTags, TPTags.IV>;\ntype EncryptedTP = { tag: EncryptedTPTag; value: Uint8Array; tlv: Uint8Array };\n\nexport class TrustedProperties {\n  private readonly parser: ByteArrayParser;\n  private iv: Uint8Array | null = null;\n  private encryptedProps: Map<EncryptedTPTag, EncryptedTP> | null = null;\n\n  constructor(public readonly bytes: Uint8Array) {\n    this.parser = new ByteArrayParser(bytes);\n  }\n\n  getIv(): Either<LKRPParsingError, Uint8Array> {\n    if (!this.iv) {\n      const field = this.parser.extractFieldTLVEncoded();\n      if (!field || field.tag !== 0x00) {\n        return Left(\n          new LKRPParsingError(\"Invalid trusted property: missing IV\"),\n        );\n      }\n\n      this.iv = field.value;\n    }\n    return Right(this.iv);\n  }\n\n  getIssuer(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.ISSUER)?.value,\n        \"Missing issuer in trusted properties\",\n      ),\n    );\n  }\n\n  getXPriv(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.XPRIV)?.value,\n        \"Missing xpriv in trusted properties\",\n      ),\n    );\n  }\n\n  getEphemeralPublicKey(): Either<\n    LKRPParsingError | LKRPMissingDataError,\n    Uint8Array\n  > {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.EPHEMERAL_PUBLIC_KEY)?.value,\n        \"Missing ephemeral public key in trusted properties\",\n      ),\n    );\n  }\n\n  getCommandIv(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.COMMAND_IV)?.value,\n        \"Missing command IV in trusted properties\",\n      ),\n    );\n  }\n\n  getGroupKey(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.GROUPKEY)?.value,\n        \"Missing group key in trusted properties\",\n      ),\n    );\n  }\n\n  getNewMember(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.NEW_MEMBER)?.tlv,\n        \"Missing new member in trusted properties\",\n      ),\n    );\n  }\n\n  parseEncryptedProps(): Either<\n    LKRPParsingError,\n    Map<EncryptedTPTag, EncryptedTP>\n  > {\n    return this.encryptedProps\n      ? Right(this.encryptedProps)\n      : this.getIv()\n          .chain(() => Either.sequence(Array.from(parseTPs(this.parser))))\n          .map((fields) => new Map(fields.map((field) => [field.tag, field])))\n          .ifRight((props) => {\n            this.encryptedProps = props;\n          });\n  }\n}\n\nfunction* parseTPs(\n  parser: ByteArrayParser,\n): Generator<Either<LKRPParsingError, EncryptedTP>> {\n  while (true) {\n    const field = parser.extractFieldTLVEncoded();\n    if (!field) return;\n    yield Right(field);\n  }\n}\n"],
+  "mappings": "AAAA,OAAS,mBAAAA,MAAuB,kCAChC,OAAS,UAAAC,EAAQ,QAAAC,EAAM,SAAAC,MAAa,YAEpC,OAAoC,oBAAAC,MAAwB,oBAC5D,OAAS,UAAAC,MAAc,wBACvB,OAAS,YAAAC,MAAgB,2BAKlB,MAAMC,CAAkB,CAK7B,YAA4BC,EAAmB,CAAnB,WAAAA,EAC1B,KAAK,OAAS,IAAIR,EAAgBQ,CAAK,CACzC,CANiB,OACT,GAAwB,KACxB,eAA0D,KAMlE,OAA8C,CAC5C,GAAI,CAAC,KAAK,GAAI,CACZ,MAAMC,EAAQ,KAAK,OAAO,uBAAuB,EACjD,GAAI,CAACA,GAASA,EAAM,MAAQ,EAC1B,OAAOP,EACL,IAAIE,EAAiB,sCAAsC,CAC7D,EAGF,KAAK,GAAKK,EAAM,KAClB,CACA,OAAON,EAAM,KAAK,EAAE,CACtB,CAEA,WAAyE,CACvE,OAAO,KAAK,oBAAoB,EAAE,MAAOO,GACvCJ,EACEI,EAAM,IAAIL,EAAO,MAAM,GAAG,MAC1B,sCACF,CACF,CACF,CAEA,UAAwE,CACtE,OAAO,KAAK,oBAAoB,EAAE,MAAOK,GACvCJ,EACEI,EAAM,IAAIL,EAAO,KAAK,GAAG,MACzB,qCACF,CACF,CACF,CAEA,uBAGE,CACA,OAAO,KAAK,oBAAoB,EAAE,MAAOK,GACvCJ,EACEI,EAAM,IAAIL,EAAO,oBAAoB,GAAG,MACxC,oDACF,CACF,CACF,CAEA,cAA4E,CAC1E,OAAO,KAAK,oBAAoB,EAAE,MAAOK,GACvCJ,EACEI,EAAM,IAAIL,EAAO,UAAU,GAAG,MAC9B,0CACF,CACF,CACF,CAEA,aAA2E,CACzE,OAAO,KAAK,oBAAoB,EAAE,MAAOK,GACvCJ,EACEI,EAAM,IAAIL,EAAO,QAAQ,GAAG,MAC5B,yCACF,CACF,CACF,CAEA,cAA4E,CAC1E,OAAO,KAAK,oBAAoB,EAAE,MAAOK,GACvCJ,EACEI,EAAM,IAAIL,EAAO,UAAU,GAAG,IAC9B,0CACF,CACF,CACF,CAEA,qBAGE,CACA,OAAO,KAAK,eACRF,EAAM,KAAK,cAAc,EACzB,KAAK,MAAM,EACR,MAAM,IAAMF,EAAO,SAAS,MAAM,KAAKU,EAAS,KAAK,MAAM,CAAC,CAAC,CAAC,EAC9D,IAAKC,GAAW,IAAI,IAAIA,EAAO,IAAKH,GAAU,CAACA,EAAM,IAAKA,CAAK,CAAC,CAAC,CAAC,EAClE,QAASC,GAAU,CAClB,KAAK,eAAiBA,CACxB,CAAC,CACT,CACF,CAEA,SAAUC,EACRE,EACkD,CAClD,OAAa,CACX,MAAMJ,EAAQI,EAAO,uBAAuB,EAC5C,GAAI,CAACJ,EAAO,OACZ,MAAMN,EAAMM,CAAK,CACnB,CACF",
+  "names": ["ByteArrayParser", "Either", "Left", "Right", "LKRPParsingError", "TPTags", "required", "TrustedProperties", "bytes", "field", "props", "parseTPs", "fields", "parser"]
 }

package/lib/esm/internal/di.js CHANGED Viewed

@@ -1,2 +1,2 @@
-import{Container as a}from"inversify";import{appBindingModuleFactory as s}from"./app-binder/di/appBinderModule";import{lkrpDatasourceModuleFactory as m}from"./lkrp-datasource/di/lkrpDatasourceModuleFactory";import{useCasesModuleFactory as p}from"./use-cases/di/useCasesModule";import{externalTypes as o}from"./externalTypes";const D=({dmk:t,sessionId:n,baseUrl:r,stub:i})=>{const e=new a;return e.bind(o.Dmk).toConstantValue(t),e.bind(o.SessionId).toConstantValue(n),e.loadSync(s(),m({baseUrl:r,stub:i}),p()),e};export{D as makeContainer};
+import{Container as m}from"inversify";import{LKRPEnv as o}from"../api/index";import{appBindingModuleFactory as s}from"./app-binder/di/appBinderModule";import{lkrpDatasourceModuleFactory as l}from"./lkrp-datasource/di/lkrpDatasourceModuleFactory";import{useCasesModuleFactory as v}from"./use-cases/di/useCasesModule";import{externalTypes as e}from"./externalTypes";const f=({dmk:r,applicationId:n,cryptoService:a,env:i=o.PROD,baseUrl:p,stub:c})=>{const t=new m;return t.bind(e.Dmk).toConstantValue(r),t.bind(e.ApplicationId).toConstantValue(n),t.bind(e.CryptoService).toConstantValue(a),t.loadSync(s(),l({baseUrl:p??d.get(i),stub:c}),v()),t},d=new Map([[o.PROD,"https://trustchain.api.live.ledger.com/v1"],[o.STAGING,"https://trustchain-backend.api.aws.stg.ldg-tech.com/v1"]]);export{f as makeContainer};
 //# sourceMappingURL=di.js.map

package/lib/esm/internal/di.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../src/internal/di.ts"],
-  "sourcesContent": ["import {\n  type DeviceManagementKit,\n  type DeviceSessionId,\n} from \"@ledgerhq/device-management-kit\";\nimport { Container } from \"inversify\";\n\nimport { appBindingModuleFactory } from \"@internal/app-binder/di/appBinderModule\";\n\nimport { lkrpDatasourceModuleFactory } from \"./lkrp-datasource/di/lkrpDatasourceModuleFactory\";\nimport { useCasesModuleFactory } from \"./use-cases/di/useCasesModule\";\nimport { externalTypes } from \"./externalTypes\";\n\nexport type MakeContainerProps = {\n  dmk: DeviceManagementKit;\n  sessionId: DeviceSessionId;\n  baseUrl?: string; // Optional base URL for the LKRP network requests\n  stub?: boolean;\n};\n\nexport const makeContainer = ({\n  dmk,\n  sessionId,\n  baseUrl,\n  stub,\n}: MakeContainerProps) => {\n  const container = new Container();\n\n  container.bind<DeviceManagementKit>(externalTypes.Dmk).toConstantValue(dmk);\n  container\n    .bind<DeviceSessionId>(externalTypes.SessionId)\n    .toConstantValue(sessionId);\n\n  container.loadSync(\n    appBindingModuleFactory(),\n    lkrpDatasourceModuleFactory({ baseUrl, stub }),\n    useCasesModuleFactory(),\n  );\n\n  return container;\n};\n"],
-  "mappings": "AAIA,OAAS,aAAAA,MAAiB,YAE1B,OAAS,2BAAAC,MAA+B,0CAExC,OAAS,+BAAAC,MAAmC,mDAC5C,OAAS,yBAAAC,MAA6B,gCACtC,OAAS,iBAAAC,MAAqB,kBASvB,MAAMC,EAAgB,CAAC,CAC5B,IAAAC,EACA,UAAAC,EACA,QAAAC,EACA,KAAAC,CACF,IAA0B,CACxB,MAAMC,EAAY,IAAIV,EAEtB,OAAAU,EAAU,KAA0BN,EAAc,GAAG,EAAE,gBAAgBE,CAAG,EAC1EI,EACG,KAAsBN,EAAc,SAAS,EAC7C,gBAAgBG,CAAS,EAE5BG,EAAU,SACRT,EAAwB,EACxBC,EAA4B,CAAE,QAAAM,EAAS,KAAAC,CAAK,CAAC,EAC7CN,EAAsB,CACxB,EAEOO,CACT",
-  "names": ["Container", "appBindingModuleFactory", "lkrpDatasourceModuleFactory", "useCasesModuleFactory", "externalTypes", "makeContainer", "dmk", "sessionId", "baseUrl", "stub", "container"]
+  "sourcesContent": ["import { type DeviceManagementKit } from \"@ledgerhq/device-management-kit\";\nimport { Container } from \"inversify\";\n\nimport { type CryptoService } from \"@api/crypto/CryptoService\";\nimport { LKRPEnv } from \"@api/index\";\nimport { appBindingModuleFactory } from \"@internal/app-binder/di/appBinderModule\";\n\nimport { lkrpDatasourceModuleFactory } from \"./lkrp-datasource/di/lkrpDatasourceModuleFactory\";\nimport { useCasesModuleFactory } from \"./use-cases/di/useCasesModule\";\nimport { externalTypes } from \"./externalTypes\";\n\nexport type MakeContainerProps = {\n  dmk: DeviceManagementKit;\n  applicationId: number;\n  cryptoService: CryptoService;\n  env?: LKRPEnv;\n  baseUrl?: string; // Optional base URL for the LKRP network requests\n  stub?: boolean;\n};\n\nexport const makeContainer = ({\n  dmk,\n  applicationId,\n  cryptoService,\n  env = LKRPEnv.PROD,\n  baseUrl,\n  stub,\n}: MakeContainerProps) => {\n  const container = new Container();\n\n  container.bind<DeviceManagementKit>(externalTypes.Dmk).toConstantValue(dmk);\n  container.bind(externalTypes.ApplicationId).toConstantValue(applicationId);\n  container\n    .bind<CryptoService>(externalTypes.CryptoService)\n    .toConstantValue(cryptoService);\n\n  container.loadSync(\n    appBindingModuleFactory(),\n    lkrpDatasourceModuleFactory({\n      baseUrl: baseUrl ?? lkrpBaseUrlMap.get(env),\n      stub,\n    }),\n    useCasesModuleFactory(),\n  );\n\n  return container;\n};\n\nconst lkrpBaseUrlMap = new Map<LKRPEnv, string>([\n  [LKRPEnv.PROD, \"https://trustchain.api.live.ledger.com/v1\"],\n  [LKRPEnv.STAGING, \"https://trustchain-backend.api.aws.stg.ldg-tech.com/v1\"],\n]);\n"],
+  "mappings": "AACA,OAAS,aAAAA,MAAiB,YAG1B,OAAS,WAAAC,MAAe,aACxB,OAAS,2BAAAC,MAA+B,0CAExC,OAAS,+BAAAC,MAAmC,mDAC5C,OAAS,yBAAAC,MAA6B,gCACtC,OAAS,iBAAAC,MAAqB,kBAWvB,MAAMC,EAAgB,CAAC,CAC5B,IAAAC,EACA,cAAAC,EACA,cAAAC,EACA,IAAAC,EAAMT,EAAQ,KACd,QAAAU,EACA,KAAAC,CACF,IAA0B,CACxB,MAAMC,EAAY,IAAIb,EAEtB,OAAAa,EAAU,KAA0BR,EAAc,GAAG,EAAE,gBAAgBE,CAAG,EAC1EM,EAAU,KAAKR,EAAc,aAAa,EAAE,gBAAgBG,CAAa,EACzEK,EACG,KAAoBR,EAAc,aAAa,EAC/C,gBAAgBI,CAAa,EAEhCI,EAAU,SACRX,EAAwB,EACxBC,EAA4B,CAC1B,QAASQ,GAAWG,EAAe,IAAIJ,CAAG,EAC1C,KAAAE,CACF,CAAC,EACDR,EAAsB,CACxB,EAEOS,CACT,EAEMC,EAAiB,IAAI,IAAqB,CAC9C,CAACb,EAAQ,KAAM,2CAA2C,EAC1D,CAACA,EAAQ,QAAS,wDAAwD,CAC5E,CAAC",
+  "names": ["Container", "LKRPEnv", "appBindingModuleFactory", "lkrpDatasourceModuleFactory", "useCasesModuleFactory", "externalTypes", "makeContainer", "dmk", "applicationId", "cryptoService", "env", "baseUrl", "stub", "container", "lkrpBaseUrlMap"]
 }

package/lib/esm/internal/externalTypes.js CHANGED Viewed

@@ -1,2 +1,2 @@
-const r={Dmk:Symbol.for("Dmk"),SessionId:Symbol.for("SessionId")};export{r as externalTypes};
+const r={Dmk:Symbol.for("Dmk"),ApplicationId:Symbol.for("ApplicationId"),CryptoService:Symbol.for("CryptoService")};export{r as externalTypes};
 //# sourceMappingURL=externalTypes.js.map

package/lib/esm/internal/externalTypes.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../src/internal/externalTypes.ts"],
-  "sourcesContent": ["export const externalTypes = {\n  Dmk: Symbol.for(\"Dmk\"),\n  SessionId: Symbol.for(\"SessionId\"),\n};\n\nexport type TrustedProperty = {\n  iv: Uint8Array;\n  issuer: Uint8Array;\n  xpriv: Uint8Array;\n  ephemeralPubKey: Uint8Array;\n  commandIV: Uint8Array;\n  groupKey: Uint8Array;\n  newMember: Uint8Array;\n};\n"],
-  "mappings": "AAAO,MAAMA,EAAgB,CAC3B,IAAK,OAAO,IAAI,KAAK,EACrB,UAAW,OAAO,IAAI,WAAW,CACnC",
+  "sourcesContent": ["export const externalTypes = {\n  Dmk: Symbol.for(\"Dmk\"),\n  ApplicationId: Symbol.for(\"ApplicationId\"),\n  CryptoService: Symbol.for(\"CryptoService\"),\n};\n\nexport type TrustedProperty = {\n  iv: Uint8Array;\n  issuer: Uint8Array;\n  xpriv: Uint8Array;\n  ephemeralPubKey: Uint8Array;\n  commandIV: Uint8Array;\n  groupKey: Uint8Array;\n  newMember: Uint8Array;\n};\n"],
+  "mappings": "AAAO,MAAMA,EAAgB,CAC3B,IAAK,OAAO,IAAI,KAAK,EACrB,cAAe,OAAO,IAAI,eAAe,EACzC,cAAe,OAAO,IAAI,eAAe,CAC3C",
   "names": ["externalTypes"]
 }

package/lib/esm/internal/lkrp-datasource/data/HttpLKRPDataSource.js CHANGED Viewed

@@ -1,2 +1,2 @@
-var d=Object.defineProperty;var f=Object.getOwnPropertyDescriptor;var m=(n,t,e,r)=>{for(var i=r>1?void 0:r?f(t,e):t,s=n.length-1,o;s>=0;s--)(o=n[s])&&(i=(r?o(t,e,i):o(i))||i);return r&&i&&d(t,e,i),i},c=(n,t)=>(e,r)=>t(e,r,n);import{inject as g,injectable as y}from"inversify";import{EitherAsync as R,Just as u,Maybe as b,Nothing as l,Right as p}from"purify-ts";import{LKRPHttpRequestError as h,LKRPUnauthorizedError as T}from"../../../api/app-binder/Errors";import{lkrpDatasourceTypes as P}from"../../lkrp-datasource/di/lkrpDatasourceTypes";import{LKRPBlockStream as $}from"../../utils/LKRPBlockStream";let a=class{constructor(t){this.baseUrl=t}getChallenge(){return this.request("/challenge",l)}authenticate(t){return this.request("/authenticate",l,{method:"POST",body:JSON.stringify(t)}).map(e=>({jwt:e,trustchainId:b.fromNullable(Object.keys(e.permissions).find(r=>!!e.permissions[r]?.["m/"]))}))}getTrustchainById(t,e){return this.request(`/trustchain/${t}`,u(e)).map(r=>Object.fromEntries(Object.entries(r).map(([i,s])=>[i,$.fromHex(s)])))}postDerivation(t,e,r){return this.request(`/trustchain/${t}/derivation`,u(r),{method:"POST",body:JSON.stringify(e.toString())})}putCommands(t,e,r,i){return this.request(`/trustchain/${t}/commands`,u(i),{method:"PUT",body:JSON.stringify({path:e,blocks:[r.toString()]})})}request(t,e,r){const i=this.baseUrl+t;return R.fromPromise(async()=>{const s=await fetch(i,{...r,headers:{...r?.headers,"Content-Type":"application/json",...e.mapOrDefault(({access_token:o})=>({Authorization:`Bearer ${o}`}),{})}});switch(s.status){case 204:return p(void 0);case 401:throw new T(`Unauthorized request to ${i}: [${s.status}] ${s.statusText}`);default:if(!s.ok)throw new h(`Failed to fetch ${i}: [${s.status}] ${s.statusText}`);return p(await s.json())}}).mapLeft(s=>s instanceof h?s:new h(s))}};a=m([y(),c(0,g(P.BaseUrl))],a);export{a as HttpLKRPDataSource};
+var d=Object.defineProperty;var y=Object.getOwnPropertyDescriptor;var g=(s,t,e,r)=>{for(var i=r>1?void 0:r?y(t,e):t,o=s.length-1,n;o>=0;o--)(n=s[o])&&(i=(r?n(t,e,i):n(i))||i);return r&&i&&d(t,e,i),i},f=(s,t)=>(e,r)=>t(e,r,s);import{inject as S,injectable as T}from"inversify";import{EitherAsync as c,Just as m,Left as R,Maybe as b,Nothing as l,Right as p}from"purify-ts";import{LKRPDataSourceError as N}from"../../../api/model/Errors";import{lkrpDatasourceTypes as k}from"../../lkrp-datasource/di/lkrpDatasourceTypes";import{Trustchain as L}from"../../utils/Trustchain";let u=class{constructor(t){this.baseUrl=t}getChallenge(){return this.request("/challenge",l)}authenticate(t){return this.request("/authenticate",l,{method:"POST",body:JSON.stringify(t)}).map(e=>({jwt:e,trustchainId:b.fromNullable(Object.keys(e.permissions).find(r=>!!e.permissions[r]?.["m/"]))}))}getTrustchainById(t,e){return this.request(`/trustchain/${t}`,m(e)).map(r=>new L(t,r))}postDerivation(t,e,r){return this.request(`/trustchain/${t}/derivation`,m(r),{method:"POST",body:JSON.stringify(e.toString())})}putCommands(t,e,r,i){return this.request(`/trustchain/${t}/commands`,m(i),{method:"PUT",body:JSON.stringify({path:e,blocks:[r.toString()]})})}request(t,e,r){const i=this.baseUrl+t,o={...r?.headers,"Content-Type":"application/json",...e.mapOrDefault(({access_token:n})=>({Authorization:`Bearer ${n}`}),{})};return c(()=>fetch(i,{...r,headers:o})).mapLeft(n=>({status:"UNKNOWN",message:h(n)})).chain(async n=>{switch(n.status){case 204:return p(void 0);default:return c(()=>n.json()).mapLeft(h).map(a=>n.ok?p(a):R(h(a))).chain(c.liftEither).mapLeft(a=>({status:P.get(n.status)??"UNKNOWN",message:`[${n.status}] ${a||n.statusText}`}))}}).mapLeft(({status:n,message:a})=>new N({status:n,message:`${a||"Unknown error"} (from: ${i})`}))}};u=g([T(),f(0,S(k.BaseUrl))],u);const P=new Map([[400,"BAD_REQUEST"],[401,"UNAUTHORIZED"]]);function h(s){if(s){if(typeof s!="object"||s.toString!=={}.toString)return String(s);if("message"in s)return String(s.message)}}export{u as HttpLKRPDataSource};
 //# sourceMappingURL=HttpLKRPDataSource.js.map

package/lib/esm/internal/lkrp-datasource/data/HttpLKRPDataSource.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../../src/internal/lkrp-datasource/data/HttpLKRPDataSource.ts"],
-  "sourcesContent": ["import { inject, injectable } from \"inversify\";\nimport { EitherAsync, Just, Maybe, Nothing, Right } from \"purify-ts\";\n\nimport {\n  LKRPHttpRequestError,\n  LKRPUnauthorizedError,\n} from \"@api/app-binder/Errors\";\nimport { JWT } from \"@api/app-binder/LKRPTypes\";\nimport { lkrpDatasourceTypes } from \"@internal/lkrp-datasource/di/lkrpDatasourceTypes\";\nimport { LKRPBlock } from \"@internal/utils/LKRPBlock\";\nimport { LKRPBlockStream } from \"@internal/utils/LKRPBlockStream\";\n\nimport {\n  AuthenticationPayload,\n  Challenge,\n  LKRPDataSource,\n} from \"./LKRPDataSource\";\n\n@injectable()\nexport class HttpLKRPDataSource implements LKRPDataSource {\n  constructor(\n    @inject(lkrpDatasourceTypes.BaseUrl) private readonly baseUrl: string,\n  ) {}\n\n  getChallenge() {\n    return this.request<Challenge>(\"/challenge\", Nothing);\n  }\n\n  authenticate(payload: AuthenticationPayload) {\n    return this.request<JWT>(\"/authenticate\", Nothing, {\n      method: \"POST\",\n      body: JSON.stringify(payload),\n    }).map((jwt) => ({\n      jwt,\n      trustchainId: Maybe.fromNullable(\n        Object.keys(jwt.permissions).find((id) =>\n          Boolean(jwt.permissions[id]?.[\"m/\"]),\n        ),\n      ),\n    }));\n  }\n\n  getTrustchainById(id: string, jwt: JWT) {\n    return this.request<{ [path: string]: string }>(\n      `/trustchain/${id}`,\n      Just(jwt),\n    ).map((serialized) =>\n      Object.fromEntries(\n        Object.entries(serialized).map(([path, stream]) => [\n          path,\n          LKRPBlockStream.fromHex(stream),\n        ]),\n      ),\n    );\n  }\n\n  postDerivation(id: string, block: LKRPBlock, jwt: JWT) {\n    return this.request<void>(`/trustchain/${id}/derivation`, Just(jwt), {\n      method: \"POST\",\n      body: JSON.stringify(block.toString()),\n    });\n  }\n\n  putCommands(id: string, path: string, block: LKRPBlock, jwt: JWT) {\n    return this.request<void>(`/trustchain/${id}/commands`, Just(jwt), {\n      method: \"PUT\",\n      body: JSON.stringify({ path, blocks: [block.toString()] }),\n    });\n  }\n\n  private request<Res>(\n    endpoint: `/${string}`,\n    jwt: Maybe<{ access_token: string }>,\n    init?: RequestInit,\n  ): EitherAsync<LKRPHttpRequestError, Res> {\n    const href = this.baseUrl + endpoint;\n\n    return EitherAsync.fromPromise(async () => {\n      const response = await fetch(href, {\n        ...init,\n        headers: {\n          ...init?.headers,\n          \"Content-Type\": \"application/json\",\n          ...jwt.mapOrDefault<{ Authorization?: string }>(\n            ({ access_token }) => ({ Authorization: `Bearer ${access_token}` }),\n            {},\n          ),\n        },\n      });\n      switch (response.status) {\n        case 204:\n          return Right(undefined as Res);\n\n        case 401:\n          throw new LKRPUnauthorizedError(\n            `Unauthorized request to ${href}: [${response.status}] ${response.statusText}`,\n          );\n\n        default:\n          if (!response.ok) {\n            throw new LKRPHttpRequestError(\n              `Failed to fetch ${href}: [${response.status}] ${response.statusText}`,\n            );\n          }\n          return Right((await response.json()) as Res);\n      }\n    }).mapLeft((error: unknown) =>\n      error instanceof LKRPHttpRequestError\n        ? error\n        : new LKRPHttpRequestError(error),\n    );\n  }\n}\n"],
-  "mappings": "iOAAA,OAAS,UAAAA,EAAQ,cAAAC,MAAkB,YACnC,OAAS,eAAAC,EAAa,QAAAC,EAAM,SAAAC,EAAO,WAAAC,EAAS,SAAAC,MAAa,YAEzD,OACE,wBAAAC,EACA,yBAAAC,MACK,yBAEP,OAAS,uBAAAC,MAA2B,mDAEpC,OAAS,mBAAAC,MAAuB,kCASzB,IAAMC,EAAN,KAAmD,CACxD,YACwDC,EACtD,CADsD,aAAAA,CACrD,CAEH,cAAe,CACb,OAAO,KAAK,QAAmB,aAAcC,CAAO,CACtD,CAEA,aAAaC,EAAgC,CAC3C,OAAO,KAAK,QAAa,gBAAiBD,EAAS,CACjD,OAAQ,OACR,KAAM,KAAK,UAAUC,CAAO,CAC9B,CAAC,EAAE,IAAKC,IAAS,CACf,IAAAA,EACA,aAAcC,EAAM,aAClB,OAAO,KAAKD,EAAI,WAAW,EAAE,KAAME,GACjC,EAAQF,EAAI,YAAYE,CAAE,IAAI,IAAI,CACpC,CACF,CACF,EAAE,CACJ,CAEA,kBAAkBA,EAAYF,EAAU,CACtC,OAAO,KAAK,QACV,eAAeE,CAAE,GACjBC,EAAKH,CAAG,CACV,EAAE,IAAKI,GACL,OAAO,YACL,OAAO,QAAQA,CAAU,EAAE,IAAI,CAAC,CAACC,EAAMC,CAAM,IAAM,CACjDD,EACAE,EAAgB,QAAQD,CAAM,CAChC,CAAC,CACH,CACF,CACF,CAEA,eAAeJ,EAAYM,EAAkBR,EAAU,CACrD,OAAO,KAAK,QAAc,eAAeE,CAAE,cAAeC,EAAKH,CAAG,EAAG,CACnE,OAAQ,OACR,KAAM,KAAK,UAAUQ,EAAM,SAAS,CAAC,CACvC,CAAC,CACH,CAEA,YAAYN,EAAYG,EAAcG,EAAkBR,EAAU,CAChE,OAAO,KAAK,QAAc,eAAeE,CAAE,YAAaC,EAAKH,CAAG,EAAG,CACjE,OAAQ,MACR,KAAM,KAAK,UAAU,CAAE,KAAAK,EAAM,OAAQ,CAACG,EAAM,SAAS,CAAC,CAAE,CAAC,CAC3D,CAAC,CACH,CAEQ,QACNC,EACAT,EACAU,EACwC,CACxC,MAAMC,EAAO,KAAK,QAAUF,EAE5B,OAAOG,EAAY,YAAY,SAAY,CACzC,MAAMC,EAAW,MAAM,MAAMF,EAAM,CACjC,GAAGD,EACH,QAAS,CACP,GAAGA,GAAM,QACT,eAAgB,mBAChB,GAAGV,EAAI,aACL,CAAC,CAAE,aAAAc,CAAa,KAAO,CAAE,cAAe,UAAUA,CAAY,EAAG,GACjE,CAAC,CACH,CACF,CACF,CAAC,EACD,OAAQD,EAAS,OAAQ,CACvB,IAAK,KACH,OAAOE,EAAM,MAAgB,EAE/B,IAAK,KACH,MAAM,IAAIC,EACR,2BAA2BL,CAAI,MAAME,EAAS,MAAM,KAAKA,EAAS,UAAU,EAC9E,EAEF,QACE,GAAI,CAACA,EAAS,GACZ,MAAM,IAAII,EACR,mBAAmBN,CAAI,MAAME,EAAS,MAAM,KAAKA,EAAS,UAAU,EACtE,EAEF,OAAOE,EAAO,MAAMF,EAAS,KAAK,CAAS,CAC/C,CACF,CAAC,EAAE,QAASK,GACVA,aAAiBD,EACbC,EACA,IAAID,EAAqBC,CAAK,CACpC,CACF,CACF,EA7FatB,EAANuB,EAAA,CADNC,EAAW,EAGPC,EAAA,EAAAC,EAAOC,EAAoB,OAAO,IAF1B3B",
-  "names": ["inject", "injectable", "EitherAsync", "Just", "Maybe", "Nothing", "Right", "LKRPHttpRequestError", "LKRPUnauthorizedError", "lkrpDatasourceTypes", "LKRPBlockStream", "HttpLKRPDataSource", "baseUrl", "Nothing", "payload", "jwt", "Maybe", "id", "Just", "serialized", "path", "stream", "LKRPBlockStream", "block", "endpoint", "init", "href", "EitherAsync", "response", "access_token", "Right", "LKRPUnauthorizedError", "LKRPHttpRequestError", "error", "__decorateClass", "injectable", "__decorateParam", "inject", "lkrpDatasourceTypes"]
+  "sourcesContent": ["import { inject, injectable } from \"inversify\";\nimport { EitherAsync, Just, Left, Maybe, Nothing, Right } from \"purify-ts\";\n\nimport {\n  LKRPDataSourceError,\n  LKRPDataSourceErrorStatus,\n} from \"@api/model/Errors\";\nimport { JWT } from \"@api/model/JWT\";\nimport { lkrpDatasourceTypes } from \"@internal/lkrp-datasource/di/lkrpDatasourceTypes\";\nimport { LKRPBlock } from \"@internal/utils/LKRPBlock\";\nimport { Trustchain } from \"@internal/utils/Trustchain\";\n\nimport {\n  AuthenticationPayload,\n  Challenge,\n  LKRPDataSource,\n} from \"./LKRPDataSource\";\n\n@injectable()\nexport class HttpLKRPDataSource implements LKRPDataSource {\n  constructor(\n    @inject(lkrpDatasourceTypes.BaseUrl) private readonly baseUrl: string,\n  ) {}\n\n  getChallenge() {\n    return this.request<Challenge>(\"/challenge\", Nothing);\n  }\n\n  authenticate(payload: AuthenticationPayload) {\n    return this.request<JWT>(\"/authenticate\", Nothing, {\n      method: \"POST\",\n      body: JSON.stringify(payload),\n    }).map((jwt) => ({\n      jwt,\n      trustchainId: Maybe.fromNullable(\n        Object.keys(jwt.permissions).find((id) =>\n          Boolean(jwt.permissions[id]?.[\"m/\"]),\n        ),\n      ),\n    }));\n  }\n\n  getTrustchainById(id: string, jwt: JWT) {\n    return this.request<{ [path: string]: string }>(\n      `/trustchain/${id}`,\n      Just(jwt),\n    ).map((serialized) => new Trustchain(id, serialized));\n  }\n\n  postDerivation(id: string, block: LKRPBlock, jwt: JWT) {\n    return this.request<void>(`/trustchain/${id}/derivation`, Just(jwt), {\n      method: \"POST\",\n      body: JSON.stringify(block.toString()),\n    });\n  }\n\n  putCommands(id: string, path: string, block: LKRPBlock, jwt: JWT) {\n    return this.request<void>(`/trustchain/${id}/commands`, Just(jwt), {\n      method: \"PUT\",\n      body: JSON.stringify({ path, blocks: [block.toString()] }),\n    });\n  }\n\n  private request<Res>(\n    endpoint: `/${string}`,\n    jwt: Maybe<{ access_token: string }>,\n    init?: RequestInit,\n  ): EitherAsync<LKRPDataSourceError, Res> {\n    const href = this.baseUrl + endpoint;\n    const headers = {\n      ...init?.headers,\n      \"Content-Type\": \"application/json\",\n      ...jwt.mapOrDefault<{ Authorization?: string }>(\n        ({ access_token }) => ({ Authorization: `Bearer ${access_token}` }),\n        {},\n      ),\n    };\n\n    return EitherAsync(() => fetch(href, { ...init, headers }))\n      .mapLeft((err) => ({\n        status: \"UNKNOWN\" as const,\n        message: errToString(err),\n      }))\n      .chain(async (response) => {\n        switch (response.status) {\n          case 204:\n            return Right(undefined as Res);\n\n          default:\n            return EitherAsync(() => response.json())\n              .mapLeft(errToString)\n              .map((data) =>\n                response.ok ? Right(data as Res) : Left(errToString(data)),\n              )\n              .chain(EitherAsync.liftEither)\n              .mapLeft((message) => ({\n                status: statusMap.get(response.status) ?? \"UNKNOWN\",\n                message: `[${response.status}] ${message || response.statusText}`,\n              }));\n        }\n      })\n      .mapLeft(\n        ({ status, message }) =>\n          new LKRPDataSourceError({\n            status,\n            message: `${message || \"Unknown error\"} (from: ${href})`,\n          }),\n      );\n  }\n}\n\nconst statusMap = new Map<unknown, LKRPDataSourceErrorStatus>([\n  [400, \"BAD_REQUEST\"],\n  [401, \"UNAUTHORIZED\"],\n]);\n\nfunction errToString(error: unknown): string | void {\n  if (!error) return undefined;\n  if (typeof error !== \"object\") return String(error);\n  if (error.toString !== {}.toString) return String(error);\n  if (\"message\" in error) return String(error.message);\n}\n"],
+  "mappings": "iOAAA,OAAS,UAAAA,EAAQ,cAAAC,MAAkB,YACnC,OAAS,eAAAC,EAAa,QAAAC,EAAM,QAAAC,EAAM,SAAAC,EAAO,WAAAC,EAAS,SAAAC,MAAa,YAE/D,OACE,uBAAAC,MAEK,oBAEP,OAAS,uBAAAC,MAA2B,mDAEpC,OAAS,cAAAC,MAAkB,6BASpB,IAAMC,EAAN,KAAmD,CACxD,YACwDC,EACtD,CADsD,aAAAA,CACrD,CAEH,cAAe,CACb,OAAO,KAAK,QAAmB,aAAcC,CAAO,CACtD,CAEA,aAAaC,EAAgC,CAC3C,OAAO,KAAK,QAAa,gBAAiBD,EAAS,CACjD,OAAQ,OACR,KAAM,KAAK,UAAUC,CAAO,CAC9B,CAAC,EAAE,IAAKC,IAAS,CACf,IAAAA,EACA,aAAcC,EAAM,aAClB,OAAO,KAAKD,EAAI,WAAW,EAAE,KAAME,GACjC,EAAQF,EAAI,YAAYE,CAAE,IAAI,IAAI,CACpC,CACF,CACF,EAAE,CACJ,CAEA,kBAAkBA,EAAYF,EAAU,CACtC,OAAO,KAAK,QACV,eAAeE,CAAE,GACjBC,EAAKH,CAAG,CACV,EAAE,IAAKI,GAAe,IAAIC,EAAWH,EAAIE,CAAU,CAAC,CACtD,CAEA,eAAeF,EAAYI,EAAkBN,EAAU,CACrD,OAAO,KAAK,QAAc,eAAeE,CAAE,cAAeC,EAAKH,CAAG,EAAG,CACnE,OAAQ,OACR,KAAM,KAAK,UAAUM,EAAM,SAAS,CAAC,CACvC,CAAC,CACH,CAEA,YAAYJ,EAAYK,EAAcD,EAAkBN,EAAU,CAChE,OAAO,KAAK,QAAc,eAAeE,CAAE,YAAaC,EAAKH,CAAG,EAAG,CACjE,OAAQ,MACR,KAAM,KAAK,UAAU,CAAE,KAAAO,EAAM,OAAQ,CAACD,EAAM,SAAS,CAAC,CAAE,CAAC,CAC3D,CAAC,CACH,CAEQ,QACNE,EACAR,EACAS,EACuC,CACvC,MAAMC,EAAO,KAAK,QAAUF,EACtBG,EAAU,CACd,GAAGF,GAAM,QACT,eAAgB,mBAChB,GAAGT,EAAI,aACL,CAAC,CAAE,aAAAY,CAAa,KAAO,CAAE,cAAe,UAAUA,CAAY,EAAG,GACjE,CAAC,CACH,CACF,EAEA,OAAOC,EAAY,IAAM,MAAMH,EAAM,CAAE,GAAGD,EAAM,QAAAE,CAAQ,CAAC,CAAC,EACvD,QAASG,IAAS,CACjB,OAAQ,UACR,QAASC,EAAYD,CAAG,CAC1B,EAAE,EACD,MAAM,MAAOE,GAAa,CACzB,OAAQA,EAAS,OAAQ,CACvB,IAAK,KACH,OAAOC,EAAM,MAAgB,EAE/B,QACE,OAAOJ,EAAY,IAAMG,EAAS,KAAK,CAAC,EACrC,QAAQD,CAAW,EACnB,IAAKG,GACJF,EAAS,GAAKC,EAAMC,CAAW,EAAIC,EAAKJ,EAAYG,CAAI,CAAC,CAC3D,EACC,MAAML,EAAY,UAAU,EAC5B,QAASO,IAAa,CACrB,OAAQC,EAAU,IAAIL,EAAS,MAAM,GAAK,UAC1C,QAAS,IAAIA,EAAS,MAAM,KAAKI,GAAWJ,EAAS,UAAU,EACjE,EAAE,CACR,CACF,CAAC,EACA,QACC,CAAC,CAAE,OAAAM,EAAQ,QAAAF,CAAQ,IACjB,IAAIG,EAAoB,CACtB,OAAAD,EACA,QAAS,GAAGF,GAAW,eAAe,WAAWV,CAAI,GACvD,CAAC,CACL,CACJ,CACF,EA1Fad,EAAN4B,EAAA,CADNC,EAAW,EAGPC,EAAA,EAAAC,EAAOC,EAAoB,OAAO,IAF1BhC,GA4Fb,MAAMyB,EAAY,IAAI,IAAwC,CAC5D,CAAC,IAAK,aAAa,EACnB,CAAC,IAAK,cAAc,CACtB,CAAC,EAED,SAASN,EAAYc,EAA+B,CAClD,GAAKA,EAEL,IADI,OAAOA,GAAU,UACjBA,EAAM,WAAa,CAAC,EAAE,SAAU,OAAO,OAAOA,CAAK,EACvD,GAAI,YAAaA,EAAO,OAAO,OAAOA,EAAM,OAAO,EACrD",
+  "names": ["inject", "injectable", "EitherAsync", "Just", "Left", "Maybe", "Nothing", "Right", "LKRPDataSourceError", "lkrpDatasourceTypes", "Trustchain", "HttpLKRPDataSource", "baseUrl", "Nothing", "payload", "jwt", "Maybe", "id", "Just", "serialized", "Trustchain", "block", "path", "endpoint", "init", "href", "headers", "access_token", "EitherAsync", "err", "errToString", "response", "Right", "data", "Left", "message", "statusMap", "status", "LKRPDataSourceError", "__decorateClass", "injectable", "__decorateParam", "inject", "lkrpDatasourceTypes", "error"]
 }

package/lib/esm/internal/lkrp-datasource/data/HttpLKRPDataSource.test.js CHANGED Viewed

@@ -1,2 +1,2 @@
-import{Just as b,Left as d,Nothing as S,Right as r}from"purify-ts";import{LKRPHttpRequestError as h,LKRPUnauthorizedError as T}from"../../../api/app-binder/Errors";import{LKRPBlock as m}from"../../utils/LKRPBlock";import{LKRPBlockStream as p}from"../../utils/LKRPBlockStream";import{HttpLKRPDataSource as c}from"./HttpLKRPDataSource";const n={access_token:"ACCESS TOKEN",permissions:{TRUSTCHAIN_ID:{"m/":["owner"]}}},i={version:0,challenge:{data:"1010101010010101010",expiry:"2025-06-30T10:00:00Z"},host:"example.com",rp:[{credential:{version:0,curveId:33,signAlgorithm:1,publicKey:"aaaaaaaaaaaaaaaaaaaaaaaaaa"},signature:"abababababababab"}],protocolVersion:{major:1,minor:0,patch:0}},u={credential:{version:0,curveId:33,signAlgorithm:1,publicKey:"bbbbbbbbbbbbbbbbbbbbbbbbbbb"},signature:"acacacacacacacac",attestation:"0000000000000000"};describe("HttpLKRPDataSource",()=>{const a=vi.spyOn(global,"fetch"),t="https://example.com";afterEach(()=>{a.mockClear()}),describe("getChallenge",()=>{it("should fetch challenge successfully",async()=>{const e={tlv:"0f1234567890",json:i};a.mockResolvedValueOnce({ok:!0,json:()=>Promise.resolve(e)});const s=await new c(t).getChallenge();expect(a).toHaveBeenCalledWith(`${t}/challenge`,{headers:{"Content-Type":"application/json"}}),expect(s).toEqual(r(e))}),it("should handle fetch error",async()=>{const e=new Error("Random error");a.mockRejectedValueOnce(e);const s=await new c(t).getChallenge();expect(s).toEqual(d(new h(e)))})}),describe("authenticate",()=>{it("should fetch a JWT when the authentication is successful",async()=>{a.mockResolvedValueOnce({ok:!0,json:()=>Promise.resolve(n)});const o=await new c(t).authenticate({challenge:i,signature:u});expect(a).toHaveBeenCalledWith(`${t}/authenticate`,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({challenge:i,signature:u})}),expect(o).toEqual(r({jwt:n,trustchainId:b("TRUSTCHAIN_ID")}))}),it("should return no trustchainId the returned JWT does not contain one",async()=>{const e={access_token:"ACCESS TOKEN",permissions:{}};a.mockResolvedValueOnce({ok:!0,json:()=>Promise.resolve(e)});const s=await new c(t).authenticate({challenge:i,signature:u});expect(s).toEqual(r({jwt:e,trustchainId:S}))}),it("should handle authentication error",async()=>{a.mockResolvedValueOnce({ok:!1,status:401,statusText:"Unauthorized"});const o=await new c(t).authenticate({challenge:i,signature:u});expect(o).toEqual(d(new T(`Unauthorized request to ${t}/authenticate: [401] Unauthorized`)))})}),describe("getTrustchainById",()=>{it("should fetch trustchain by ID successfully",async()=>{const e={"m/":"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1e1d","m/16'":"1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b"};a.mockResolvedValueOnce({ok:!0,json:()=>Promise.resolve(e)});const s=await new c(t).getTrustchainById("TRUSTCHAIN_ID",n);expect(a).toHaveBeenCalledWith(`${t}/trustchain/TRUSTCHAIN_ID`,{headers:{"Content-Type":"application/json",Authorization:`Bearer ${n.access_token}`}}),expect(s).toEqual(r({"m/":p.fromHex("0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1e1d"),"m/16'":p.fromHex("1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b")}))}),it("should handle errors",async()=>{a.mockResolvedValueOnce({ok:!1,status:500,statusText:"Internal Server Error"});const o=await new c(t).getTrustchainById("TRUSTCHAIN_ID",n);expect(o).toEqual(d(new h(`Failed to fetch ${t}/trustchain/TRUSTCHAIN_ID: [500] Internal Server Error`)))})}),describe("postDerivation",()=>{it("should post derivation successfully",async()=>{const e="0102030405060708090a0b0c0d0e0f",o=m.fromHex(e);a.mockResolvedValueOnce({ok:!0,status:204});const l=await new c(t).postDerivation("TRUSTCHAIN_ID",o,n);expect(a).toHaveBeenCalledWith(`${t}/trustchain/TRUSTCHAIN_ID/derivation`,{method:"POST",headers:{"Content-Type":"application/json",Authorization:`Bearer ${n.access_token}`},body:JSON.stringify(e)}),expect(l).toEqual(r(void 0))})}),describe("putCommands",()=>{it("should put commands successfully",async()=>{const e="0102030405060708090a0b0c0d0e0f",o=m.fromHex(e);a.mockResolvedValueOnce({ok:!0,status:204});const l=await new c(t).putCommands("TRUSTCHAIN_ID","m/0'/16'/0'",o,n);expect(a).toHaveBeenCalledWith(`${t}/trustchain/TRUSTCHAIN_ID/commands`,{method:"PUT",headers:{"Content-Type":"application/json",Authorization:`Bearer ${n.access_token}`},body:JSON.stringify({path:"m/0'/16'/0'",blocks:[e]})}),expect(l).toEqual(r(void 0))})})});
+import{Just as p,Left as d,Nothing as b,Right as r}from"purify-ts";import{LKRPDataSourceError as h}from"../../../api/model/Errors";import{LKRPBlock as m}from"../../utils/LKRPBlock";import{Trustchain as S}from"../../utils/Trustchain";import{HttpLKRPDataSource as c}from"./HttpLKRPDataSource";const n={access_token:"ACCESS TOKEN",permissions:{TRUSTCHAIN_ID:{"m/":["owner"]}}},i={version:0,challenge:{data:"1010101010010101010",expiry:"2025-06-30T10:00:00Z"},host:"example.com",rp:[{credential:{version:0,curveId:33,signAlgorithm:1,publicKey:"aaaaaaaaaaaaaaaaaaaaaaaaaa"},signature:"abababababababab"}],protocolVersion:{major:1,minor:0,patch:0}},u={credential:{version:0,curveId:33,signAlgorithm:1,publicKey:"bbbbbbbbbbbbbbbbbbbbbbbbbbb"},signature:"acacacacacacacac",attestation:"0000000000000000"};describe("HttpLKRPDataSource",()=>{const a=vi.spyOn(global,"fetch"),t="https://example.com";afterEach(()=>{a.mockClear()}),describe("getChallenge",()=>{it("should fetch challenge successfully",async()=>{const e={tlv:"0f1234567890",json:i};a.mockResolvedValueOnce({ok:!0,json:()=>Promise.resolve(e)});const s=await new c(t).getChallenge();expect(a).toHaveBeenCalledWith(`${t}/challenge`,{headers:{"Content-Type":"application/json"}}),expect(s).toEqual(r(e))}),it("should handle fetch error",async()=>{const e={status:"UNKNOWN",message:"Random error"};a.mockRejectedValueOnce(e);const s=await new c(t).getChallenge();expect(s).toEqual(d(new h({status:"UNKNOWN",message:`Random error (from: ${t}/challenge)`})))})}),describe("authenticate",()=>{it("should fetch a JWT when the authentication is successful",async()=>{a.mockResolvedValueOnce({ok:!0,json:()=>Promise.resolve(n)});const o=await new c(t).authenticate({challenge:i,signature:u});expect(a).toHaveBeenCalledWith(`${t}/authenticate`,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({challenge:i,signature:u})}),expect(o).toEqual(r({jwt:n,trustchainId:p("TRUSTCHAIN_ID")}))}),it("should return no trustchainId the returned JWT does not contain one",async()=>{const e={access_token:"ACCESS TOKEN",permissions:{}};a.mockResolvedValueOnce({ok:!0,json:()=>Promise.resolve(e)});const s=await new c(t).authenticate({challenge:i,signature:u});expect(s).toEqual(r({jwt:e,trustchainId:b}))}),it("should handle authentication error",async()=>{a.mockResolvedValueOnce({ok:!1,status:401,statusText:"Unauthorized",json:()=>Promise.resolve({message:"Unauthorized access"})});const o=await new c(t).authenticate({challenge:i,signature:u});expect(o).toEqual(d(new h({status:"UNAUTHORIZED",message:`[401] Unauthorized access (from: ${t}/authenticate)`})))})}),describe("getTrustchainById",()=>{it("should fetch trustchain by ID successfully",async()=>{const e={"m/":"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1e1d","m/16'":"1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b"};a.mockResolvedValueOnce({ok:!0,json:()=>Promise.resolve(e)});const s=await new c(t).getTrustchainById("TRUSTCHAIN_ID",n);expect(a).toHaveBeenCalledWith(`${t}/trustchain/TRUSTCHAIN_ID`,{headers:{"Content-Type":"application/json",Authorization:`Bearer ${n.access_token}`}}),expect(s).toEqual(r(new S("TRUSTCHAIN_ID",e)))}),it("should handle errors",async()=>{a.mockResolvedValueOnce({ok:!1,status:500,statusText:"Internal Server Error",json:()=>Promise.resolve({})});const o=await new c(t).getTrustchainById("TRUSTCHAIN_ID",n);expect(o).toEqual(d(new h({status:"UNKNOWN",message:`[500] Internal Server Error (from: ${t}/trustchain/TRUSTCHAIN_ID)`})))})}),describe("postDerivation",()=>{it("should post derivation successfully",async()=>{const e="0102030405060708090a0b0c0d0e0f",o=m.fromHex(e);a.mockResolvedValueOnce({ok:!0,status:204});const l=await new c(t).postDerivation("TRUSTCHAIN_ID",o,n);expect(a).toHaveBeenCalledWith(`${t}/trustchain/TRUSTCHAIN_ID/derivation`,{method:"POST",headers:{"Content-Type":"application/json",Authorization:`Bearer ${n.access_token}`},body:JSON.stringify(e)}),expect(l).toEqual(r(void 0))})}),describe("putCommands",()=>{it("should put commands successfully",async()=>{const e="0102030405060708090a0b0c0d0e0f",o=m.fromHex(e);a.mockResolvedValueOnce({ok:!0,status:204});const l=await new c(t).putCommands("TRUSTCHAIN_ID","m/0'/16'/0'",o,n);expect(a).toHaveBeenCalledWith(`${t}/trustchain/TRUSTCHAIN_ID/commands`,{method:"PUT",headers:{"Content-Type":"application/json",Authorization:`Bearer ${n.access_token}`},body:JSON.stringify({path:"m/0'/16'/0'",blocks:[e]})}),expect(l).toEqual(r(void 0))})})});
 //# sourceMappingURL=HttpLKRPDataSource.test.js.map

package/lib/esm/internal/lkrp-datasource/data/HttpLKRPDataSource.test.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../../src/internal/lkrp-datasource/data/HttpLKRPDataSource.test.ts"],
-  "sourcesContent": ["import { Just, Left, Nothing, Right } from \"purify-ts\";\n\nimport {\n  LKRPHttpRequestError,\n  LKRPUnauthorizedError,\n} from \"@api/app-binder/Errors\";\nimport { LKRPBlock } from \"@internal/utils/LKRPBlock\";\nimport { LKRPBlockStream } from \"@internal/utils/LKRPBlockStream\";\n\nimport { HttpLKRPDataSource } from \"./HttpLKRPDataSource\";\n\nconst mockJwt = {\n  access_token: \"ACCESS TOKEN\",\n  permissions: { TRUSTCHAIN_ID: { \"m/\": [\"owner\"] } },\n};\n\nconst mockChallengeJSON = {\n  version: 0,\n  challenge: {\n    data: \"1010101010010101010\",\n    expiry: \"2025-06-30T10:00:00Z\",\n  },\n  host: \"example.com\",\n  rp: [\n    {\n      credential: {\n        version: 0,\n        curveId: 33,\n        signAlgorithm: 1,\n        publicKey: \"aaaaaaaaaaaaaaaaaaaaaaaaaa\",\n      },\n      signature: \"abababababababab\",\n    },\n  ],\n  protocolVersion: { major: 1, minor: 0, patch: 0 },\n};\n\nconst mockSignature = {\n  credential: {\n    version: 0,\n    curveId: 33,\n    signAlgorithm: 1,\n    publicKey: \"bbbbbbbbbbbbbbbbbbbbbbbbbbb\",\n  },\n  signature: \"acacacacacacacac\",\n  attestation: \"0000000000000000\",\n};\n\ndescribe(\"HttpLKRPDataSource\", () => {\n  const fetchSpy = vi.spyOn(global, \"fetch\");\n  const baseUrl = \"https://example.com\";\n\n  afterEach(() => {\n    fetchSpy.mockClear();\n  });\n\n  describe(\"getChallenge\", () => {\n    it(\"should fetch challenge successfully\", async () => {\n      // GIVEN\n      const mockChallenge = {\n        tlv: \"0f1234567890\",\n        json: mockChallengeJSON,\n      };\n\n      fetchSpy.mockResolvedValueOnce({\n        ok: true,\n        json: () => Promise.resolve(mockChallenge),\n      } as Response);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.getChallenge();\n      expect(fetchSpy).toHaveBeenCalledWith(`${baseUrl}/challenge`, {\n        headers: {\n          \"Content-Type\": \"application/json\",\n        },\n      });\n\n      // THEN\n      expect(result).toEqual(Right(mockChallenge));\n    });\n\n    it(\"should handle fetch error\", async () => {\n      // GIVEN\n      const error = new Error(\"Random error\");\n      fetchSpy.mockRejectedValueOnce(error);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.getChallenge();\n\n      // THEN\n      expect(result).toEqual(Left(new LKRPHttpRequestError(error)));\n    });\n  });\n\n  describe(\"authenticate\", () => {\n    it(\"should fetch a JWT when the authentication is successful\", async () => {\n      // GIVEN\n      fetchSpy.mockResolvedValueOnce({\n        ok: true,\n        json: () => Promise.resolve(mockJwt),\n      } as Response);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.authenticate({\n        challenge: mockChallengeJSON,\n        signature: mockSignature,\n      });\n\n      // THEN\n      expect(fetchSpy).toHaveBeenCalledWith(`${baseUrl}/authenticate`, {\n        method: \"POST\",\n        headers: {\n          \"Content-Type\": \"application/json\",\n        },\n        body: JSON.stringify({\n          challenge: mockChallengeJSON,\n          signature: mockSignature,\n        }),\n      });\n      expect(result).toEqual(\n        Right({ jwt: mockJwt, trustchainId: Just(\"TRUSTCHAIN_ID\") }),\n      );\n    });\n\n    it(\"should return no trustchainId the returned JWT does not contain one\", async () => {\n      // GIVEN\n      const jwtWithoutTrustchainId = {\n        access_token: \"ACCESS TOKEN\",\n        permissions: {},\n      };\n      fetchSpy.mockResolvedValueOnce({\n        ok: true,\n        json: () => Promise.resolve(jwtWithoutTrustchainId),\n      } as Response);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.authenticate({\n        challenge: mockChallengeJSON,\n        signature: mockSignature,\n      });\n\n      // THEN\n      expect(result).toEqual(\n        Right({ jwt: jwtWithoutTrustchainId, trustchainId: Nothing }),\n      );\n    });\n\n    it(\"should handle authentication error\", async () => {\n      // GIVEN\n      fetchSpy.mockResolvedValueOnce({\n        ok: false,\n        status: 401,\n        statusText: \"Unauthorized\",\n      } as Response);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.authenticate({\n        challenge: mockChallengeJSON,\n        signature: mockSignature,\n      });\n\n      // THEN\n      expect(result).toEqual(\n        Left(\n          new LKRPUnauthorizedError(\n            `Unauthorized request to ${baseUrl}/authenticate: [401] Unauthorized`,\n          ),\n        ),\n      );\n    });\n  });\n\n  describe(\"getTrustchainById\", () => {\n    it(\"should fetch trustchain by ID successfully\", async () => {\n      // GIVEN\n      const mockTrustchain = {\n        \"m/\": \"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1e1d\",\n        \"m/16'\": \"1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b\",\n      };\n      fetchSpy.mockResolvedValueOnce({\n        ok: true,\n        json: () => Promise.resolve(mockTrustchain),\n      } as Response);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.getTrustchainById(\n        \"TRUSTCHAIN_ID\",\n        mockJwt,\n      );\n\n      // THEN\n      expect(fetchSpy).toHaveBeenCalledWith(\n        `${baseUrl}/trustchain/TRUSTCHAIN_ID`,\n        {\n          headers: {\n            \"Content-Type\": \"application/json\",\n            Authorization: `Bearer ${mockJwt.access_token}`,\n          },\n        },\n      );\n      expect(result).toEqual(\n        Right({\n          \"m/\": LKRPBlockStream.fromHex(\n            \"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1e1d\",\n          ),\n          \"m/16'\": LKRPBlockStream.fromHex(\n            \"1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b\",\n          ),\n        }),\n      );\n    });\n\n    it(\"should handle errors\", async () => {\n      // GIVEN\n      fetchSpy.mockResolvedValueOnce({\n        ok: false,\n        status: 500,\n        statusText: \"Internal Server Error\",\n      } as Response);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.getTrustchainById(\n        \"TRUSTCHAIN_ID\",\n        mockJwt,\n      );\n\n      // THEN\n      expect(result).toEqual(\n        Left(\n          new LKRPHttpRequestError(\n            `Failed to fetch ${baseUrl}/trustchain/TRUSTCHAIN_ID: [500] Internal Server Error`,\n          ),\n        ),\n      );\n    });\n  });\n\n  describe(\"postDerivation\", () => {\n    it(\"should post derivation successfully\", async () => {\n      // GIVEN\n      const hex = \"0102030405060708090a0b0c0d0e0f\";\n      const mockBlock = LKRPBlock.fromHex(hex);\n      fetchSpy.mockResolvedValueOnce({\n        ok: true,\n        status: 204,\n      } as Response);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.postDerivation(\n        \"TRUSTCHAIN_ID\",\n        mockBlock,\n        mockJwt,\n      );\n\n      // THEN\n      expect(fetchSpy).toHaveBeenCalledWith(\n        `${baseUrl}/trustchain/TRUSTCHAIN_ID/derivation`,\n        {\n          method: \"POST\",\n          headers: {\n            \"Content-Type\": \"application/json\",\n            Authorization: `Bearer ${mockJwt.access_token}`,\n          },\n          body: JSON.stringify(hex),\n        },\n      );\n      expect(result).toEqual(Right(undefined));\n    });\n  });\n\n  describe(\"putCommands\", () => {\n    it(\"should put commands successfully\", async () => {\n      // GIVEN\n      const hex = \"0102030405060708090a0b0c0d0e0f\";\n      const mockBlock = LKRPBlock.fromHex(hex);\n      fetchSpy.mockResolvedValueOnce({\n        ok: true,\n        status: 204,\n      } as Response);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.putCommands(\n        \"TRUSTCHAIN_ID\",\n        \"m/0'/16'/0'\",\n        mockBlock,\n        mockJwt,\n      );\n\n      // THEN\n      expect(fetchSpy).toHaveBeenCalledWith(\n        `${baseUrl}/trustchain/TRUSTCHAIN_ID/commands`,\n        {\n          method: \"PUT\",\n          headers: {\n            \"Content-Type\": \"application/json\",\n            Authorization: `Bearer ${mockJwt.access_token}`,\n          },\n          body: JSON.stringify({ path: \"m/0'/16'/0'\", blocks: [hex] }),\n        },\n      );\n      expect(result).toEqual(Right(undefined));\n    });\n  });\n});\n"],
-  "mappings": "AAAA,OAAS,QAAAA,EAAM,QAAAC,EAAM,WAAAC,EAAS,SAAAC,MAAa,YAE3C,OACE,wBAAAC,EACA,yBAAAC,MACK,yBACP,OAAS,aAAAC,MAAiB,4BAC1B,OAAS,mBAAAC,MAAuB,kCAEhC,OAAS,sBAAAC,MAA0B,uBAEnC,MAAMC,EAAU,CACd,aAAc,eACd,YAAa,CAAE,cAAe,CAAE,KAAM,CAAC,OAAO,CAAE,CAAE,CACpD,EAEMC,EAAoB,CACxB,QAAS,EACT,UAAW,CACT,KAAM,sBACN,OAAQ,sBACV,EACA,KAAM,cACN,GAAI,CACF,CACE,WAAY,CACV,QAAS,EACT,QAAS,GACT,cAAe,EACf,UAAW,4BACb,EACA,UAAW,kBACb,CACF,EACA,gBAAiB,CAAE,MAAO,EAAG,MAAO,EAAG,MAAO,CAAE,CAClD,EAEMC,EAAgB,CACpB,WAAY,CACV,QAAS,EACT,QAAS,GACT,cAAe,EACf,UAAW,6BACb,EACA,UAAW,mBACX,YAAa,kBACf,EAEA,SAAS,qBAAsB,IAAM,CACnC,MAAMC,EAAW,GAAG,MAAM,OAAQ,OAAO,EACnCC,EAAU,sBAEhB,UAAU,IAAM,CACdD,EAAS,UAAU,CACrB,CAAC,EAED,SAAS,eAAgB,IAAM,CAC7B,GAAG,sCAAuC,SAAY,CAEpD,MAAME,EAAgB,CACpB,IAAK,eACL,KAAMJ,CACR,EAEAE,EAAS,sBAAsB,CAC7B,GAAI,GACJ,KAAM,IAAM,QAAQ,QAAQE,CAAa,CAC3C,CAAa,EAIb,MAAMC,EAAS,MADI,IAAIP,EAAmBK,CAAO,EACjB,aAAa,EAC7C,OAAOD,CAAQ,EAAE,qBAAqB,GAAGC,CAAO,aAAc,CAC5D,QAAS,CACP,eAAgB,kBAClB,CACF,CAAC,EAGD,OAAOE,CAAM,EAAE,QAAQZ,EAAMW,CAAa,CAAC,CAC7C,CAAC,EAED,GAAG,4BAA6B,SAAY,CAE1C,MAAME,EAAQ,IAAI,MAAM,cAAc,EACtCJ,EAAS,sBAAsBI,CAAK,EAIpC,MAAMD,EAAS,MADI,IAAIP,EAAmBK,CAAO,EACjB,aAAa,EAG7C,OAAOE,CAAM,EAAE,QAAQd,EAAK,IAAIG,EAAqBY,CAAK,CAAC,CAAC,CAC9D,CAAC,CACH,CAAC,EAED,SAAS,eAAgB,IAAM,CAC7B,GAAG,2DAA4D,SAAY,CAEzEJ,EAAS,sBAAsB,CAC7B,GAAI,GACJ,KAAM,IAAM,QAAQ,QAAQH,CAAO,CACrC,CAAa,EAIb,MAAMM,EAAS,MADI,IAAIP,EAAmBK,CAAO,EACjB,aAAa,CAC3C,UAAWH,EACX,UAAWC,CACb,CAAC,EAGD,OAAOC,CAAQ,EAAE,qBAAqB,GAAGC,CAAO,gBAAiB,CAC/D,OAAQ,OACR,QAAS,CACP,eAAgB,kBAClB,EACA,KAAM,KAAK,UAAU,CACnB,UAAWH,EACX,UAAWC,CACb,CAAC,CACH,CAAC,EACD,OAAOI,CAAM,EAAE,QACbZ,EAAM,CAAE,IAAKM,EAAS,aAAcT,EAAK,eAAe,CAAE,CAAC,CAC7D,CACF,CAAC,EAED,GAAG,sEAAuE,SAAY,CAEpF,MAAMiB,EAAyB,CAC7B,aAAc,eACd,YAAa,CAAC,CAChB,EACAL,EAAS,sBAAsB,CAC7B,GAAI,GACJ,KAAM,IAAM,QAAQ,QAAQK,CAAsB,CACpD,CAAa,EAIb,MAAMF,EAAS,MADI,IAAIP,EAAmBK,CAAO,EACjB,aAAa,CAC3C,UAAWH,EACX,UAAWC,CACb,CAAC,EAGD,OAAOI,CAAM,EAAE,QACbZ,EAAM,CAAE,IAAKc,EAAwB,aAAcf,CAAQ,CAAC,CAC9D,CACF,CAAC,EAED,GAAG,qCAAsC,SAAY,CAEnDU,EAAS,sBAAsB,CAC7B,GAAI,GACJ,OAAQ,IACR,WAAY,cACd,CAAa,EAIb,MAAMG,EAAS,MADI,IAAIP,EAAmBK,CAAO,EACjB,aAAa,CAC3C,UAAWH,EACX,UAAWC,CACb,CAAC,EAGD,OAAOI,CAAM,EAAE,QACbd,EACE,IAAII,EACF,2BAA2BQ,CAAO,mCACpC,CACF,CACF,CACF,CAAC,CACH,CAAC,EAED,SAAS,oBAAqB,IAAM,CAClC,GAAG,6CAA8C,SAAY,CAE3D,MAAMK,EAAiB,CACrB,KAAM,+DACN,QAAS,8DACX,EACAN,EAAS,sBAAsB,CAC7B,GAAI,GACJ,KAAM,IAAM,QAAQ,QAAQM,CAAc,CAC5C,CAAa,EAIb,MAAMH,EAAS,MADI,IAAIP,EAAmBK,CAAO,EACjB,kBAC9B,gBACAJ,CACF,EAGA,OAAOG,CAAQ,EAAE,qBACf,GAAGC,CAAO,4BACV,CACE,QAAS,CACP,eAAgB,mBAChB,cAAe,UAAUJ,EAAQ,YAAY,EAC/C,CACF,CACF,EACA,OAAOM,CAAM,EAAE,QACbZ,EAAM,CACJ,KAAMI,EAAgB,QACpB,8DACF,EACA,QAASA,EAAgB,QACvB,8DACF,CACF,CAAC,CACH,CACF,CAAC,EAED,GAAG,uBAAwB,SAAY,CAErCK,EAAS,sBAAsB,CAC7B,GAAI,GACJ,OAAQ,IACR,WAAY,uBACd,CAAa,EAIb,MAAMG,EAAS,MADI,IAAIP,EAAmBK,CAAO,EACjB,kBAC9B,gBACAJ,CACF,EAGA,OAAOM,CAAM,EAAE,QACbd,EACE,IAAIG,EACF,mBAAmBS,CAAO,wDAC5B,CACF,CACF,CACF,CAAC,CACH,CAAC,EAED,SAAS,iBAAkB,IAAM,CAC/B,GAAG,sCAAuC,SAAY,CAEpD,MAAMM,EAAM,iCACNC,EAAYd,EAAU,QAAQa,CAAG,EACvCP,EAAS,sBAAsB,CAC7B,GAAI,GACJ,OAAQ,GACV,CAAa,EAIb,MAAMG,EAAS,MADI,IAAIP,EAAmBK,CAAO,EACjB,eAC9B,gBACAO,EACAX,CACF,EAGA,OAAOG,CAAQ,EAAE,qBACf,GAAGC,CAAO,uCACV,CACE,OAAQ,OACR,QAAS,CACP,eAAgB,mBAChB,cAAe,UAAUJ,EAAQ,YAAY,EAC/C,EACA,KAAM,KAAK,UAAUU,CAAG,CAC1B,CACF,EACA,OAAOJ,CAAM,EAAE,QAAQZ,EAAM,MAAS,CAAC,CACzC,CAAC,CACH,CAAC,EAED,SAAS,cAAe,IAAM,CAC5B,GAAG,mCAAoC,SAAY,CAEjD,MAAMgB,EAAM,iCACNC,EAAYd,EAAU,QAAQa,CAAG,EACvCP,EAAS,sBAAsB,CAC7B,GAAI,GACJ,OAAQ,GACV,CAAa,EAIb,MAAMG,EAAS,MADI,IAAIP,EAAmBK,CAAO,EACjB,YAC9B,gBACA,cACAO,EACAX,CACF,EAGA,OAAOG,CAAQ,EAAE,qBACf,GAAGC,CAAO,qCACV,CACE,OAAQ,MACR,QAAS,CACP,eAAgB,mBAChB,cAAe,UAAUJ,EAAQ,YAAY,EAC/C,EACA,KAAM,KAAK,UAAU,CAAE,KAAM,cAAe,OAAQ,CAACU,CAAG,CAAE,CAAC,CAC7D,CACF,EACA,OAAOJ,CAAM,EAAE,QAAQZ,EAAM,MAAS,CAAC,CACzC,CAAC,CACH,CAAC,CACH,CAAC",
-  "names": ["Just", "Left", "Nothing", "Right", "LKRPHttpRequestError", "LKRPUnauthorizedError", "LKRPBlock", "LKRPBlockStream", "HttpLKRPDataSource", "mockJwt", "mockChallengeJSON", "mockSignature", "fetchSpy", "baseUrl", "mockChallenge", "result", "error", "jwtWithoutTrustchainId", "mockTrustchain", "hex", "mockBlock"]
+  "sourcesContent": ["import { Just, Left, Nothing, Right } from \"purify-ts\";\n\nimport { LKRPDataSourceError } from \"@api/model/Errors\";\nimport { LKRPBlock } from \"@internal/utils/LKRPBlock\";\nimport { Trustchain } from \"@internal/utils/Trustchain\";\n\nimport { HttpLKRPDataSource } from \"./HttpLKRPDataSource\";\n\nconst mockJwt = {\n  access_token: \"ACCESS TOKEN\",\n  permissions: { TRUSTCHAIN_ID: { \"m/\": [\"owner\"] } },\n};\n\nconst mockChallengeJSON = {\n  version: 0,\n  challenge: {\n    data: \"1010101010010101010\",\n    expiry: \"2025-06-30T10:00:00Z\",\n  },\n  host: \"example.com\",\n  rp: [\n    {\n      credential: {\n        version: 0,\n        curveId: 33,\n        signAlgorithm: 1,\n        publicKey: \"aaaaaaaaaaaaaaaaaaaaaaaaaa\",\n      },\n      signature: \"abababababababab\",\n    },\n  ],\n  protocolVersion: { major: 1, minor: 0, patch: 0 },\n};\n\nconst mockSignature = {\n  credential: {\n    version: 0,\n    curveId: 33,\n    signAlgorithm: 1,\n    publicKey: \"bbbbbbbbbbbbbbbbbbbbbbbbbbb\",\n  },\n  signature: \"acacacacacacacac\",\n  attestation: \"0000000000000000\",\n};\n\ndescribe(\"HttpLKRPDataSource\", () => {\n  const fetchSpy = vi.spyOn(global, \"fetch\");\n  const baseUrl = \"https://example.com\";\n\n  afterEach(() => {\n    fetchSpy.mockClear();\n  });\n\n  describe(\"getChallenge\", () => {\n    it(\"should fetch challenge successfully\", async () => {\n      // GIVEN\n      const mockChallenge = {\n        tlv: \"0f1234567890\",\n        json: mockChallengeJSON,\n      };\n\n      fetchSpy.mockResolvedValueOnce({\n        ok: true,\n        json: () => Promise.resolve(mockChallenge),\n      } as Response);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.getChallenge();\n      expect(fetchSpy).toHaveBeenCalledWith(`${baseUrl}/challenge`, {\n        headers: {\n          \"Content-Type\": \"application/json\",\n        },\n      });\n\n      // THEN\n      expect(result).toEqual(Right(mockChallenge));\n    });\n\n    it(\"should handle fetch error\", async () => {\n      // GIVEN\n      const error = { status: \"UNKNOWN\", message: \"Random error\" } as const;\n      fetchSpy.mockRejectedValueOnce(error);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.getChallenge();\n\n      // THEN\n      expect(result).toEqual(\n        Left(\n          new LKRPDataSourceError({\n            status: \"UNKNOWN\",\n            message: `Random error (from: ${baseUrl}/challenge)`,\n          }),\n        ),\n      );\n    });\n  });\n\n  describe(\"authenticate\", () => {\n    it(\"should fetch a JWT when the authentication is successful\", async () => {\n      // GIVEN\n      fetchSpy.mockResolvedValueOnce({\n        ok: true,\n        json: () => Promise.resolve(mockJwt),\n      } as Response);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.authenticate({\n        challenge: mockChallengeJSON,\n        signature: mockSignature,\n      });\n\n      // THEN\n      expect(fetchSpy).toHaveBeenCalledWith(`${baseUrl}/authenticate`, {\n        method: \"POST\",\n        headers: {\n          \"Content-Type\": \"application/json\",\n        },\n        body: JSON.stringify({\n          challenge: mockChallengeJSON,\n          signature: mockSignature,\n        }),\n      });\n      expect(result).toEqual(\n        Right({ jwt: mockJwt, trustchainId: Just(\"TRUSTCHAIN_ID\") }),\n      );\n    });\n\n    it(\"should return no trustchainId the returned JWT does not contain one\", async () => {\n      // GIVEN\n      const jwtWithoutTrustchainId = {\n        access_token: \"ACCESS TOKEN\",\n        permissions: {},\n      };\n      fetchSpy.mockResolvedValueOnce({\n        ok: true,\n        json: () => Promise.resolve(jwtWithoutTrustchainId),\n      } as Response);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.authenticate({\n        challenge: mockChallengeJSON,\n        signature: mockSignature,\n      });\n\n      // THEN\n      expect(result).toEqual(\n        Right({ jwt: jwtWithoutTrustchainId, trustchainId: Nothing }),\n      );\n    });\n\n    it(\"should handle authentication error\", async () => {\n      // GIVEN\n      fetchSpy.mockResolvedValueOnce({\n        ok: false,\n        status: 401,\n        statusText: \"Unauthorized\",\n        json: () => Promise.resolve({ message: \"Unauthorized access\" }),\n      } as Response);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.authenticate({\n        challenge: mockChallengeJSON,\n        signature: mockSignature,\n      });\n\n      // THEN\n      expect(result).toEqual(\n        Left(\n          new LKRPDataSourceError({\n            status: \"UNAUTHORIZED\",\n            message: `[401] Unauthorized access (from: ${baseUrl}/authenticate)`,\n          }),\n        ),\n      );\n    });\n  });\n\n  describe(\"getTrustchainById\", () => {\n    it(\"should fetch trustchain by ID successfully\", async () => {\n      // GIVEN\n      const mockTrustchainData = {\n        \"m/\": \"0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1e1d\",\n        \"m/16'\": \"1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b\",\n      };\n      fetchSpy.mockResolvedValueOnce({\n        ok: true,\n        json: () => Promise.resolve(mockTrustchainData),\n      } as Response);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.getTrustchainById(\n        \"TRUSTCHAIN_ID\",\n        mockJwt,\n      );\n\n      // THEN\n      expect(fetchSpy).toHaveBeenCalledWith(\n        `${baseUrl}/trustchain/TRUSTCHAIN_ID`,\n        {\n          headers: {\n            \"Content-Type\": \"application/json\",\n            Authorization: `Bearer ${mockJwt.access_token}`,\n          },\n        },\n      );\n      expect(result).toEqual(\n        Right(new Trustchain(\"TRUSTCHAIN_ID\", mockTrustchainData)),\n      );\n    });\n\n    it(\"should handle errors\", async () => {\n      // GIVEN\n      fetchSpy.mockResolvedValueOnce({\n        ok: false,\n        status: 500,\n        statusText: \"Internal Server Error\",\n        json: () => Promise.resolve({}),\n      } as Response);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.getTrustchainById(\n        \"TRUSTCHAIN_ID\",\n        mockJwt,\n      );\n\n      // THEN\n      expect(result).toEqual(\n        Left(\n          new LKRPDataSourceError({\n            status: \"UNKNOWN\",\n            message: `[500] Internal Server Error (from: ${baseUrl}/trustchain/TRUSTCHAIN_ID)`,\n          }),\n        ),\n      );\n    });\n  });\n\n  describe(\"postDerivation\", () => {\n    it(\"should post derivation successfully\", async () => {\n      // GIVEN\n      const hex = \"0102030405060708090a0b0c0d0e0f\";\n      const mockBlock = LKRPBlock.fromHex(hex);\n      fetchSpy.mockResolvedValueOnce({\n        ok: true,\n        status: 204,\n      } as Response);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.postDerivation(\n        \"TRUSTCHAIN_ID\",\n        mockBlock,\n        mockJwt,\n      );\n\n      // THEN\n      expect(fetchSpy).toHaveBeenCalledWith(\n        `${baseUrl}/trustchain/TRUSTCHAIN_ID/derivation`,\n        {\n          method: \"POST\",\n          headers: {\n            \"Content-Type\": \"application/json\",\n            Authorization: `Bearer ${mockJwt.access_token}`,\n          },\n          body: JSON.stringify(hex),\n        },\n      );\n      expect(result).toEqual(Right(undefined));\n    });\n  });\n\n  describe(\"putCommands\", () => {\n    it(\"should put commands successfully\", async () => {\n      // GIVEN\n      const hex = \"0102030405060708090a0b0c0d0e0f\";\n      const mockBlock = LKRPBlock.fromHex(hex);\n      fetchSpy.mockResolvedValueOnce({\n        ok: true,\n        status: 204,\n      } as Response);\n\n      // WHEN\n      const dataSource = new HttpLKRPDataSource(baseUrl);\n      const result = await dataSource.putCommands(\n        \"TRUSTCHAIN_ID\",\n        \"m/0'/16'/0'\",\n        mockBlock,\n        mockJwt,\n      );\n\n      // THEN\n      expect(fetchSpy).toHaveBeenCalledWith(\n        `${baseUrl}/trustchain/TRUSTCHAIN_ID/commands`,\n        {\n          method: \"PUT\",\n          headers: {\n            \"Content-Type\": \"application/json\",\n            Authorization: `Bearer ${mockJwt.access_token}`,\n          },\n          body: JSON.stringify({ path: \"m/0'/16'/0'\", blocks: [hex] }),\n        },\n      );\n      expect(result).toEqual(Right(undefined));\n    });\n  });\n});\n"],
+  "mappings": "AAAA,OAAS,QAAAA,EAAM,QAAAC,EAAM,WAAAC,EAAS,SAAAC,MAAa,YAE3C,OAAS,uBAAAC,MAA2B,oBACpC,OAAS,aAAAC,MAAiB,4BAC1B,OAAS,cAAAC,MAAkB,6BAE3B,OAAS,sBAAAC,MAA0B,uBAEnC,MAAMC,EAAU,CACd,aAAc,eACd,YAAa,CAAE,cAAe,CAAE,KAAM,CAAC,OAAO,CAAE,CAAE,CACpD,EAEMC,EAAoB,CACxB,QAAS,EACT,UAAW,CACT,KAAM,sBACN,OAAQ,sBACV,EACA,KAAM,cACN,GAAI,CACF,CACE,WAAY,CACV,QAAS,EACT,QAAS,GACT,cAAe,EACf,UAAW,4BACb,EACA,UAAW,kBACb,CACF,EACA,gBAAiB,CAAE,MAAO,EAAG,MAAO,EAAG,MAAO,CAAE,CAClD,EAEMC,EAAgB,CACpB,WAAY,CACV,QAAS,EACT,QAAS,GACT,cAAe,EACf,UAAW,6BACb,EACA,UAAW,mBACX,YAAa,kBACf,EAEA,SAAS,qBAAsB,IAAM,CACnC,MAAMC,EAAW,GAAG,MAAM,OAAQ,OAAO,EACnCC,EAAU,sBAEhB,UAAU,IAAM,CACdD,EAAS,UAAU,CACrB,CAAC,EAED,SAAS,eAAgB,IAAM,CAC7B,GAAG,sCAAuC,SAAY,CAEpD,MAAME,EAAgB,CACpB,IAAK,eACL,KAAMJ,CACR,EAEAE,EAAS,sBAAsB,CAC7B,GAAI,GACJ,KAAM,IAAM,QAAQ,QAAQE,CAAa,CAC3C,CAAa,EAIb,MAAMC,EAAS,MADI,IAAIP,EAAmBK,CAAO,EACjB,aAAa,EAC7C,OAAOD,CAAQ,EAAE,qBAAqB,GAAGC,CAAO,aAAc,CAC5D,QAAS,CACP,eAAgB,kBAClB,CACF,CAAC,EAGD,OAAOE,CAAM,EAAE,QAAQX,EAAMU,CAAa,CAAC,CAC7C,CAAC,EAED,GAAG,4BAA6B,SAAY,CAE1C,MAAME,EAAQ,CAAE,OAAQ,UAAW,QAAS,cAAe,EAC3DJ,EAAS,sBAAsBI,CAAK,EAIpC,MAAMD,EAAS,MADI,IAAIP,EAAmBK,CAAO,EACjB,aAAa,EAG7C,OAAOE,CAAM,EAAE,QACbb,EACE,IAAIG,EAAoB,CACtB,OAAQ,UACR,QAAS,uBAAuBQ,CAAO,aACzC,CAAC,CACH,CACF,CACF,CAAC,CACH,CAAC,EAED,SAAS,eAAgB,IAAM,CAC7B,GAAG,2DAA4D,SAAY,CAEzED,EAAS,sBAAsB,CAC7B,GAAI,GACJ,KAAM,IAAM,QAAQ,QAAQH,CAAO,CACrC,CAAa,EAIb,MAAMM,EAAS,MADI,IAAIP,EAAmBK,CAAO,EACjB,aAAa,CAC3C,UAAWH,EACX,UAAWC,CACb,CAAC,EAGD,OAAOC,CAAQ,EAAE,qBAAqB,GAAGC,CAAO,gBAAiB,CAC/D,OAAQ,OACR,QAAS,CACP,eAAgB,kBAClB,EACA,KAAM,KAAK,UAAU,CACnB,UAAWH,EACX,UAAWC,CACb,CAAC,CACH,CAAC,EACD,OAAOI,CAAM,EAAE,QACbX,EAAM,CAAE,IAAKK,EAAS,aAAcR,EAAK,eAAe,CAAE,CAAC,CAC7D,CACF,CAAC,EAED,GAAG,sEAAuE,SAAY,CAEpF,MAAMgB,EAAyB,CAC7B,aAAc,eACd,YAAa,CAAC,CAChB,EACAL,EAAS,sBAAsB,CAC7B,GAAI,GACJ,KAAM,IAAM,QAAQ,QAAQK,CAAsB,CACpD,CAAa,EAIb,MAAMF,EAAS,MADI,IAAIP,EAAmBK,CAAO,EACjB,aAAa,CAC3C,UAAWH,EACX,UAAWC,CACb,CAAC,EAGD,OAAOI,CAAM,EAAE,QACbX,EAAM,CAAE,IAAKa,EAAwB,aAAcd,CAAQ,CAAC,CAC9D,CACF,CAAC,EAED,GAAG,qCAAsC,SAAY,CAEnDS,EAAS,sBAAsB,CAC7B,GAAI,GACJ,OAAQ,IACR,WAAY,eACZ,KAAM,IAAM,QAAQ,QAAQ,CAAE,QAAS,qBAAsB,CAAC,CAChE,CAAa,EAIb,MAAMG,EAAS,MADI,IAAIP,EAAmBK,CAAO,EACjB,aAAa,CAC3C,UAAWH,EACX,UAAWC,CACb,CAAC,EAGD,OAAOI,CAAM,EAAE,QACbb,EACE,IAAIG,EAAoB,CACtB,OAAQ,eACR,QAAS,oCAAoCQ,CAAO,gBACtD,CAAC,CACH,CACF,CACF,CAAC,CACH,CAAC,EAED,SAAS,oBAAqB,IAAM,CAClC,GAAG,6CAA8C,SAAY,CAE3D,MAAMK,EAAqB,CACzB,KAAM,+DACN,QAAS,8DACX,EACAN,EAAS,sBAAsB,CAC7B,GAAI,GACJ,KAAM,IAAM,QAAQ,QAAQM,CAAkB,CAChD,CAAa,EAIb,MAAMH,EAAS,MADI,IAAIP,EAAmBK,CAAO,EACjB,kBAC9B,gBACAJ,CACF,EAGA,OAAOG,CAAQ,EAAE,qBACf,GAAGC,CAAO,4BACV,CACE,QAAS,CACP,eAAgB,mBAChB,cAAe,UAAUJ,EAAQ,YAAY,EAC/C,CACF,CACF,EACA,OAAOM,CAAM,EAAE,QACbX,EAAM,IAAIG,EAAW,gBAAiBW,CAAkB,CAAC,CAC3D,CACF,CAAC,EAED,GAAG,uBAAwB,SAAY,CAErCN,EAAS,sBAAsB,CAC7B,GAAI,GACJ,OAAQ,IACR,WAAY,wBACZ,KAAM,IAAM,QAAQ,QAAQ,CAAC,CAAC,CAChC,CAAa,EAIb,MAAMG,EAAS,MADI,IAAIP,EAAmBK,CAAO,EACjB,kBAC9B,gBACAJ,CACF,EAGA,OAAOM,CAAM,EAAE,QACbb,EACE,IAAIG,EAAoB,CACtB,OAAQ,UACR,QAAS,sCAAsCQ,CAAO,4BACxD,CAAC,CACH,CACF,CACF,CAAC,CACH,CAAC,EAED,SAAS,iBAAkB,IAAM,CAC/B,GAAG,sCAAuC,SAAY,CAEpD,MAAMM,EAAM,iCACNC,EAAYd,EAAU,QAAQa,CAAG,EACvCP,EAAS,sBAAsB,CAC7B,GAAI,GACJ,OAAQ,GACV,CAAa,EAIb,MAAMG,EAAS,MADI,IAAIP,EAAmBK,CAAO,EACjB,eAC9B,gBACAO,EACAX,CACF,EAGA,OAAOG,CAAQ,EAAE,qBACf,GAAGC,CAAO,uCACV,CACE,OAAQ,OACR,QAAS,CACP,eAAgB,mBAChB,cAAe,UAAUJ,EAAQ,YAAY,EAC/C,EACA,KAAM,KAAK,UAAUU,CAAG,CAC1B,CACF,EACA,OAAOJ,CAAM,EAAE,QAAQX,EAAM,MAAS,CAAC,CACzC,CAAC,CACH,CAAC,EAED,SAAS,cAAe,IAAM,CAC5B,GAAG,mCAAoC,SAAY,CAEjD,MAAMe,EAAM,iCACNC,EAAYd,EAAU,QAAQa,CAAG,EACvCP,EAAS,sBAAsB,CAC7B,GAAI,GACJ,OAAQ,GACV,CAAa,EAIb,MAAMG,EAAS,MADI,IAAIP,EAAmBK,CAAO,EACjB,YAC9B,gBACA,cACAO,EACAX,CACF,EAGA,OAAOG,CAAQ,EAAE,qBACf,GAAGC,CAAO,qCACV,CACE,OAAQ,MACR,QAAS,CACP,eAAgB,mBAChB,cAAe,UAAUJ,EAAQ,YAAY,EAC/C,EACA,KAAM,KAAK,UAAU,CAAE,KAAM,cAAe,OAAQ,CAACU,CAAG,CAAE,CAAC,CAC7D,CACF,EACA,OAAOJ,CAAM,EAAE,QAAQX,EAAM,MAAS,CAAC,CACzC,CAAC,CACH,CAAC,CACH,CAAC",
+  "names": ["Just", "Left", "Nothing", "Right", "LKRPDataSourceError", "LKRPBlock", "Trustchain", "HttpLKRPDataSource", "mockJwt", "mockChallengeJSON", "mockSignature", "fetchSpy", "baseUrl", "mockChallenge", "result", "error", "jwtWithoutTrustchainId", "mockTrustchainData", "hex", "mockBlock"]
 }

package/lib/esm/internal/models/LKRPBlockTypes.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ //# sourceMappingURL=LKRPBlockTypes.js.map

package/lib/esm/internal/models/LKRPCommandTypes.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ //# sourceMappingURL=LKRPCommandTypes.js.map

package/lib/esm/internal/{utils/TLVTags.js → models/Tags.js} RENAMED Viewed

@@ -1,2 +1,2 @@
 var u=(x=>(x[x.Null=0]="Null",x[x.Int=1]="Int",x[x.Hash=2]="Hash",x[x.Signature=3]="Signature",x[x.String=4]="String",x[x.Bytes=5]="Bytes",x[x.PublicKey=6]="PublicKey",x))(u||{}),M=(E=>(E[E.Seed=16]="Seed",E[E.AddMember=17]="AddMember",E[E.PublishKey=18]="PublishKey",E[E.CloseStream=19]="CloseStream",E[E.EditMember=20]="EditMember",E[E.Derive=21]="Derive",E))(M||{});const t=128;var i=(x=>(x[x.IV=0]="IV",x[x.ISSUER=1|t]="ISSUER",x[x.XPRIV=2|t]="XPRIV",x[x.EPHEMERAL_PUBLIC_KEY=3]="EPHEMERAL_PUBLIC_KEY",x[x.COMMAND_IV=4]="COMMAND_IV",x[x.GROUPKEY=5]="GROUPKEY",x[x.NEW_MEMBER=6|t]="NEW_MEMBER",x))(i||{});export{M as CommandTags,u as GeneralTags,i as TPTags};
-//# sourceMappingURL=TLVTags.js.map
+//# sourceMappingURL=Tags.js.map

package/lib/esm/internal/{utils/TLVTags.js.map → models/Tags.js.map} RENAMED Viewed

@@ -1,6 +1,6 @@
 {
   "version": 3,
-  "sources": ["../../../../src/internal/utils/TLVTags.ts"],
+  "sources": ["../../../../src/internal/models/Tags.ts"],
   "sourcesContent": ["export enum GeneralTags {\n  Null = 0x00,\n  Int = 0x01,\n  Hash = 0x02,\n  Signature = 0x03,\n  String = 0x04,\n  Bytes = 0x05,\n  PublicKey = 0x06,\n}\n\nexport enum CommandTags {\n  Seed = 0x10,\n  AddMember = 0x11,\n  PublishKey = 0x12,\n  CloseStream = 0x13,\n  EditMember = 0x14,\n  Derive = 0x15,\n}\n\nconst TP_ENCRYPT = 1 << 7;\n\nexport enum TPTags {\n  IV = 0x00,\n  ISSUER = 0x01 | TP_ENCRYPT,\n  XPRIV = 0x02 | TP_ENCRYPT,\n  EPHEMERAL_PUBLIC_KEY = 0x03,\n  COMMAND_IV = 0x04,\n  GROUPKEY = 0x05,\n  NEW_MEMBER = 0x06 | TP_ENCRYPT,\n}\n"],
   "mappings": "AAAO,IAAKA,OACVA,IAAA,KAAO,GAAP,OACAA,IAAA,IAAM,GAAN,MACAA,IAAA,KAAO,GAAP,OACAA,IAAA,UAAY,GAAZ,YACAA,IAAA,OAAS,GAAT,SACAA,IAAA,MAAQ,GAAR,QACAA,IAAA,UAAY,GAAZ,YAPUA,OAAA,IAUAC,OACVA,IAAA,KAAO,IAAP,OACAA,IAAA,UAAY,IAAZ,YACAA,IAAA,WAAa,IAAb,aACAA,IAAA,YAAc,IAAd,cACAA,IAAA,WAAa,IAAb,aACAA,IAAA,OAAS,IAAT,SANUA,OAAA,IASZ,MAAMC,EAAa,IAEZ,IAAKC,OACVA,IAAA,GAAK,GAAL,KACAA,IAAA,OAAS,EAAOD,GAAhB,SACAC,IAAA,MAAQ,EAAOD,GAAf,QACAC,IAAA,qBAAuB,GAAvB,uBACAA,IAAA,WAAa,GAAb,aACAA,IAAA,SAAW,GAAX,WACAA,IAAA,WAAa,EAAOD,GAApB,aAPUC,OAAA",
   "names": ["GeneralTags", "CommandTags", "TP_ENCRYPT", "TPTags"]

package/lib/esm/internal/models/Types.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ //# sourceMappingURL=Types.js.map

package/lib/esm/internal/use-cases/authentication/AuthenticateUseCase.js CHANGED Viewed

@@ -1,2 +1,2 @@
-var g=Object.defineProperty;var s=Object.getOwnPropertyDescriptor;var c=(n,r,o,e)=>{for(var i=e>1?void 0:e?s(r,o):r,p=n.length-1,t;p>=0;p--)(t=n[p])&&(i=(e?t(r,o,i):t(i))||i);return e&&i&&g(r,o,i),i},d=(n,r)=>(o,e)=>r(o,e,n);import{inject as y,injectable as a}from"inversify";import{appBinderTypes as u}from"../../app-binder/di/appBinderTypes";let m=class{constructor(r){this.appBinder=r}execute(r,o,e,i,p,t){return this.appBinder.authenticate({keypair:r,applicationId:o,clientName:e,permissions:i,trustchainId:p,jwt:t})}};m=c([a(),d(0,y(u.AppBinding))],m);export{m as AuthenticateUseCase};
+var d=Object.defineProperty;var m=Object.getOwnPropertyDescriptor;var c=(n,e,r,t)=>{for(var i=t>1?void 0:t?m(e,r):e,s=n.length-1,a;s>=0;s--)(a=n[s])&&(i=(t?a(e,r,i):a(i))||i);return t&&i&&d(e,r,i),i},p=(n,e)=>(r,t)=>e(r,t,n);import{DeviceActionStatus as u}from"@ledgerhq/device-management-kit";import{inject as f,injectable as h}from"inversify";import{of as I}from"rxjs";import{LKRPMissingDataError as y}from"../../../api/model/Errors";import{appBinderTypes as g}from"../../app-binder/di/appBinderTypes";let o=class{constructor(e){this.appBinder=e}execute(e){if(e.trustchainId)return this.appBinder.authenticateWithKeypair(e);const r=e.sessionId;return r?this.appBinder.authenticateWithDevice({...e,sessionId:r}):{observable:I({status:u.Error,error:new y("Either a trustchainId or a device is required for authentication.")}),cancel:()=>{}}}};o=c([h(),p(0,f(g.AppBinding))],o);export{o as AuthenticateUseCase};
 //# sourceMappingURL=AuthenticateUseCase.js.map

package/lib/esm/internal/use-cases/authentication/AuthenticateUseCase.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../../src/internal/use-cases/authentication/AuthenticateUseCase.ts"],
-  "sourcesContent": ["import { inject, injectable } from \"inversify\";\n\nimport { AuthenticateDAReturnType } from \"@api/app-binder/AuthenticateDeviceActionTypes\";\nimport { JWT, Keypair, Permissions } from \"@api/app-binder/LKRPTypes\";\nimport { appBinderTypes } from \"@internal/app-binder/di/appBinderTypes\";\nimport { LedgerKeyringProtocolBinder } from \"@internal/app-binder/LedgerKeyringProtocolBinder\";\n\n@injectable()\nexport class AuthenticateUseCase {\n  constructor(\n    @inject(appBinderTypes.AppBinding)\n    private appBinder: LedgerKeyringProtocolBinder,\n  ) {}\n\n  execute(\n    keypair: Keypair,\n    applicationId: number,\n    clientName: string,\n    permissions: Permissions,\n    trustchainId?: string,\n    jwt?: JWT,\n  ): AuthenticateDAReturnType {\n    return this.appBinder.authenticate({\n      keypair,\n      applicationId,\n      clientName,\n      permissions,\n      trustchainId,\n      jwt,\n    });\n  }\n}\n"],
-  "mappings": "iOAAA,OAAS,UAAAA,EAAQ,cAAAC,MAAkB,YAInC,OAAS,kBAAAC,MAAsB,yCAIxB,IAAMC,EAAN,KAA0B,CAC/B,YAEUC,EACR,CADQ,eAAAA,CACP,CAEH,QACEC,EACAC,EACAC,EACAC,EACAC,EACAC,EAC0B,CAC1B,OAAO,KAAK,UAAU,aAAa,CACjC,QAAAL,EACA,cAAAC,EACA,WAAAC,EACA,YAAAC,EACA,aAAAC,EACA,IAAAC,CACF,CAAC,CACH,CACF,EAvBaP,EAANQ,EAAA,CADNC,EAAW,EAGPC,EAAA,EAAAC,EAAOC,EAAe,UAAU,IAFxBZ",
-  "names": ["inject", "injectable", "appBinderTypes", "AuthenticateUseCase", "appBinder", "keypair", "applicationId", "clientName", "permissions", "trustchainId", "jwt", "__decorateClass", "injectable", "__decorateParam", "inject", "appBinderTypes"]
+  "sourcesContent": ["import {\n  DeviceActionStatus,\n  DeviceSessionId,\n} from \"@ledgerhq/device-management-kit\";\nimport { inject, injectable } from \"inversify\";\nimport { of } from \"rxjs\";\n\nimport { AuthenticateDAReturnType } from \"@api/app-binder/AuthenticateDeviceActionTypes\";\nimport { KeyPair } from \"@api/crypto/KeyPair\";\nimport { LKRPMissingDataError } from \"@api/model/Errors\";\nimport { Permissions } from \"@api/model/Permissions\";\nimport { appBinderTypes } from \"@internal/app-binder/di/appBinderTypes\";\nimport { LedgerKeyringProtocolBinder } from \"@internal/app-binder/LedgerKeyringProtocolBinder\";\n\nexport type AuthenticateUsecaseInput = {\n  keyPair: KeyPair;\n  clientName: string;\n  permissions: Permissions;\n} & (\n  | { trustchainId: string; sessionId?: DeviceSessionId }\n  | { trustchainId?: undefined; sessionId: DeviceSessionId }\n);\n\n@injectable()\nexport class AuthenticateUseCase {\n  constructor(\n    @inject(appBinderTypes.AppBinding)\n    private appBinder: LedgerKeyringProtocolBinder,\n  ) {}\n\n  execute(input: AuthenticateUsecaseInput): AuthenticateDAReturnType {\n    if (input.trustchainId) {\n      return this.appBinder.authenticateWithKeypair(input);\n    }\n\n    const sessionId = input.sessionId;\n    if (sessionId) {\n      return this.appBinder.authenticateWithDevice({ ...input, sessionId });\n    }\n\n    // The AuthenticateUsecaseInput type should prevent this case\n    return {\n      observable: of({\n        status: DeviceActionStatus.Error,\n        error: new LKRPMissingDataError(\n          \"Either a trustchainId or a device is required for authentication.\",\n        ),\n      }),\n      cancel: () => undefined,\n    };\n  }\n}\n"],
+  "mappings": "iOAAA,OACE,sBAAAA,MAEK,kCACP,OAAS,UAAAC,EAAQ,cAAAC,MAAkB,YACnC,OAAS,MAAAC,MAAU,OAInB,OAAS,wBAAAC,MAA4B,oBAErC,OAAS,kBAAAC,MAAsB,yCAaxB,IAAMC,EAAN,KAA0B,CAC/B,YAEUC,EACR,CADQ,eAAAA,CACP,CAEH,QAAQC,EAA2D,CACjE,GAAIA,EAAM,aACR,OAAO,KAAK,UAAU,wBAAwBA,CAAK,EAGrD,MAAMC,EAAYD,EAAM,UACxB,OAAIC,EACK,KAAK,UAAU,uBAAuB,CAAE,GAAGD,EAAO,UAAAC,CAAU,CAAC,EAI/D,CACL,WAAYC,EAAG,CACb,OAAQC,EAAmB,MAC3B,MAAO,IAAIC,EACT,mEACF,CACF,CAAC,EACD,OAAQ,IAAG,EACb,CACF,CACF,EA3BaN,EAANO,EAAA,CADNC,EAAW,EAGPC,EAAA,EAAAC,EAAOC,EAAe,UAAU,IAFxBX",
+  "names": ["DeviceActionStatus", "inject", "injectable", "of", "LKRPMissingDataError", "appBinderTypes", "AuthenticateUseCase", "appBinder", "input", "sessionId", "of", "DeviceActionStatus", "LKRPMissingDataError", "__decorateClass", "injectable", "__decorateParam", "inject", "appBinderTypes"]
 }

package/lib/esm/internal/use-cases/authentication/DecryptDataUseCase.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ var S=Object.defineProperty;var f=Object.getOwnPropertyDescriptor;var y=(c,i,n,e)=>{for(var r=e>1?void 0:e?f(i,n):i,t=c.length-1,o;t>=0;t--)(o=c[t])&&(r=(e?o(i,n,r):o(r))\|\|r);return e&&r&&S(i,n,r),r},p=(c,i)=>(n,e)=>i(n,e,c);import{ByteArrayParser as u}from"@ledgerhq/device-management-kit";import{inject as x,injectable as A}from"inversify";import{Maybe as w}from"purify-ts";import{Curve as K,EncryptionAlgo as L,HashAlgo as B}from"../../../api/crypto/CryptoService";import{LKRPParsingError as m}from"../../../api/model/Errors";import{externalTypes as P}from"../../externalTypes";import{eitherSeqRecord as U}from"../../utils/eitherSeqRecord";let a=class{constructor(i){this.cryptoService=i}async execute(i,n){const e=new u(n);if(e.extract8BitUInt()!==0)throw new m("Unsupported serialization version");const r=(t,o)=>w.fromNullable(t).toEither(new m(`Missing ${o} field`));return U({ephemeralPublicKey:()=>r(e.extractFieldByLength(33),"ephemeral public key"),iv:()=>r(e.extractFieldByLength(16),"IV"),tag:()=>r(e.extractFieldByLength(16),"tag"),encryptedData:()=>r(e.extractFieldByLength(e.getUnparsedRemainingLength()),"encrypted data")}).map(async({ephemeralPublicKey:t,iv:o,tag:s,encryptedData:l})=>{const h=await this.cryptoService.importKeyPair(i,K.K256).deriveSharedSecret(t),d=this.cryptoService.hmac(new Uint8Array,h.slice(1),B.SHA256),g=this.cryptoService.importSymmetricKey(d,L.AES256_GCM),v=new Uint8Array([...l,...s]);return await g.decrypt(o,v)}).caseOf({Left:t=>{throw t},Right:t=>t})}};a=y([A(),p(0,x(P.CryptoService))],a);export{a as DecryptDataUseCase};
2	+ //# sourceMappingURL=DecryptDataUseCase.js.map