npm - @ledgerhq/device-trusted-app-kit-ledger-keyring-protocol - Versions diffs - 0.0.0-web-ble-29-08---20250829104351 → 0.0.0-wrong-error-when-in-experimental-provider-20251021161219 - Mend

@ledgerhq/device-trusted-app-kit-ledger-keyring-protocol 0.0.0-web-ble-29-08---20250829104351 → 0.0.0-wrong-error-when-in-experimental-provider-20251021161219

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (467) hide show

package/lib/cjs/internal/app-binder/device-action/AuthenticateWithKeypairDeviceAction.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../../src/internal/app-binder/device-action/AuthenticateWithKeypairDeviceAction.ts"],
-  "sourcesContent": ["import {\n  type DeviceActionStateMachine,\n  type ExecuteDeviceActionReturnType,\n  type StateMachineTypes,\n  UserInteractionRequired,\n  XStateDeviceAction,\n} from \"@ledgerhq/device-management-kit\";\nimport { type Either, EitherAsync, Left, Right } from \"purify-ts\";\nimport { assign, fromPromise, setup } from \"xstate\";\n\nimport {\n  type AuthenticateDAError,\n  type AuthenticateDAIntermediateValue,\n  type AuthenticateDAOutput,\n  AuthenticateDAStep,\n} from \"@api/app-binder/AuthenticateDeviceActionTypes\";\nimport {\n  LKRPDataSourceError,\n  LKRPUnauthorizedError,\n  LKRPUnknownError,\n} from \"@api/app-binder/Errors\";\nimport { type JWT, type Keypair } from \"@api/index\";\nimport { AuthenticateTask } from \"@internal/app-binder/task/AuthenticateTask\";\nimport { ExtractEncryptionKeyTask } from \"@internal/app-binder/task/ExtractEncryptionKeyTask\";\nimport { SignChallengeWithKeypairTask } from \"@internal/app-binder/task/SignChallengeWithKeypairTask\";\nimport { type LKRPDataSource } from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport { eitherSeqRecord } from \"@internal/utils/eitherSeqRecord\";\nimport { type LKRPBlockStream } from \"@internal/utils/LKRPBlockStream\";\nimport { required } from \"@internal/utils/required\";\n\nimport {\n  type AuthenticateWithKeypairDAInput,\n  type AuthenticateWithKeypairDAInternalState,\n} from \"./models/AuthenticateWithKeypairDeviceActionTypes\";\nimport { raiseAndAssign } from \"./utils/raiseAndAssign\";\n\nexport class AuthenticateWithKeypairDeviceAction extends XStateDeviceAction<\n  AuthenticateDAOutput,\n  AuthenticateWithKeypairDAInput,\n  AuthenticateDAError,\n  AuthenticateDAIntermediateValue,\n  AuthenticateWithKeypairDAInternalState\n> {\n  execute(): ExecuteDeviceActionReturnType<\n    AuthenticateDAOutput,\n    AuthenticateDAError,\n    AuthenticateDAIntermediateValue\n  > {\n    const stateMachine = this.makeStateMachine();\n    return this._subscribeToStateMachine(stateMachine);\n  }\n\n  makeStateMachine(): DeviceActionStateMachine<\n    AuthenticateDAOutput,\n    AuthenticateWithKeypairDAInput,\n    AuthenticateDAError,\n    AuthenticateDAIntermediateValue,\n    AuthenticateWithKeypairDAInternalState\n  > {\n    type types = StateMachineTypes<\n      AuthenticateDAOutput,\n      AuthenticateWithKeypairDAInput,\n      AuthenticateDAError,\n      AuthenticateDAIntermediateValue,\n      AuthenticateWithKeypairDAInternalState\n    >;\n\n    const { keypairAuth, getTrustchain, extractEncryptionKey } =\n      this.extractDependencies();\n\n    return setup({\n      types: {\n        input: {} as types[\"input\"],\n        context: {} as types[\"context\"],\n        output: {} as types[\"output\"],\n      },\n\n      actors: {\n        keypairAuth: fromPromise(keypairAuth),\n        getTrustchain: fromPromise(getTrustchain),\n        extractEncryptionKey: fromPromise(extractEncryptionKey),\n      },\n\n      actions: {\n        assignErrorFromEvent: raiseAndAssign(\n          ({ event }) =>\n            Left(\n              new LKRPUnknownError(\n                String((event as { error?: unknown }).error),\n              ),\n            ), // NOTE: it should never happen, the error is not typed anymore here\n        ),\n      },\n    }).createMachine({\n      /** @xstate-layout N4IgpgJg5mDOIC5QEECuAXAFmAduglgMYCG6YA6vlgNJgCeADsfgE4AiYAbkWMoQQHscAOlqNmLNFgDEEIWGH4cnAQGsF68aymYA2gAYAuolAMBsKviEmQAD0QBGfQFZhADgDMAdgBMXh24AbG7Ozl4ePgA0IHSOnsI+PoEuzg4ALACcGT4BAL650Tq4BCRklDT0TKwc3IS8-FYiYlWSGJjSYCwsAizCDAA2pABmPQC2wpotOgbGSCBmFoI4NvYI2cLJbj4eAZnpgWlRMYhBwofByV6BHmke2V75hW3FRKQUVJjNEjU8fEuilQkOmksFQhDqsFgMxsC0s1jmqxubg2IT8XmcGQxaQcDkC0ViCA8+g8wgcXi89y8+jcGWCPjSjxARTwrzKHy+1S4vwaQgBWlaMk63RY0LmsKWK0QSJRzjRGKxOLxxwQgVxwkxGSJaWcHhuHmcDIKTOeLNK7wq-J+dT+jWEAHEwOgACosVCwdCETDMHCyeSKZRqBQwZ2u92e72i0zmOHLBGIA36YTeDG0hx+BzOQJHAm7YQuTVZfTorxpTJuRnMkpvcqfQGc2r1f4OkNuj1epQdLo9PqDdAjFjjYMu1vhpSR+bRiVxhA6kn6HEZ0vOfQXfEnLwJZI+fRpYLZLPaismqtsi0tK2N23N4dh9s+0HguBQowwyeNSUINz6RPhTXakJpG4JZroSO55jiSROIcRIZkeWAvGaNYcuwXLWjyIjXqGbbep2wrjuK77Tl+P53DczgAUBaQgZkrjYiEZLXJikFwdgprVuydYoQ2Nq8gAorY6AsMQ-C8TghAsIwSxiL6OAKEoKjqMI-GCcJ6CieJkmNGI+FvvCoCrE4TjCKEGSZNutKeJ4IFksiPhZIksqpIqO4sQh7Fnt8qGXnxAlCSJYkSQwUn0Lh3YDMMYxKb5qnqYFwV0DpiyEfpjjzg4CQGjStypG4pZeCBbjpcu35EkEu66rKrlsaetaWl5PEiMpflqQFmlCNJD4Qs+sxRklel2I4uoZBlATeHZma6iBWruEupnJtcgEPEalasuatXnvV6FRSp-kaUFWkhUKPSJTGH4OENI2eL4mLXB4U2ZuqkHBLiZH6s4+RGjgAgQHANgrYhHF1dx6Gvn1sYpQgAC0DggZDrhZAjiNIx4VUnmtyEXg1fJTG0oOndOaT5cqPghHmPiyjRHgHDuKPLceq1IZxmNbZhI53njU4Q4TrjomSVymdi5UgSTrghCEf5Zok6K0088HVejTObf8TUxa1+3tfQHPJQNax+O4Li5bKxJFtkwtfnmGS5Q4tLJpbYSowzgMbcD-wAMpgl1Wv9QZu6BEmo1UwcHiWdmUpgTTOS0vompkjLxpy2jjNA9yytdiwXvgzr+x+zsniB7cIfUaZGxkmSu7LoEXhfkt+RAA */\n\n      id: \"AuthenticateWithKeypairDeviceAction\",\n      context: ({ input }): types[\"context\"] => ({\n        input,\n        intermediateValue: {\n          requiredUserInteraction: UserInteractionRequired.None,\n        },\n        _internalState: Right({\n          jwt: null,\n          trustchain: null,\n          encryptionKey: null,\n        }),\n      }),\n\n      initial: \"KeypairAuth\",\n      states: {\n        KeypairAuth: {\n          entry: assign({\n            intermediateValue: {\n              requiredUserInteraction: UserInteractionRequired.None,\n              step: AuthenticateDAStep.Authenticate,\n            },\n          }),\n          on: { success: \"GetTrustchain\", error: \"Error\" },\n          invoke: {\n            id: \"keypairAuth\",\n            src: \"keypairAuth\",\n            input: ({ context }) => context.input,\n            onError: { actions: \"assignErrorFromEvent\" },\n            onDone: {\n              actions: raiseAndAssign(({ context, event }) =>\n                event.output\n                  .map(({ jwt }) => ({ raise: \"success\", assign: { jwt } }))\n                  .mapLeft((error) =>\n                    error instanceof LKRPDataSourceError &&\n                    error.status === \"UNAUTHORIZED\"\n                      ? new LKRPUnauthorizedError(context.input.trustchainId)\n                      : error,\n                  ),\n              ),\n            },\n          },\n        },\n\n        GetTrustchain: {\n          entry: assign({\n            intermediateValue: {\n              requiredUserInteraction: UserInteractionRequired.None,\n              step: AuthenticateDAStep.GetTrustchain,\n            },\n          }),\n          on: { success: \"ExtractEncryptionKey\", error: \"Error\" },\n          invoke: {\n            id: \"getTrustchain\",\n            src: \"getTrustchain\",\n            input: ({ context }) => ({\n              lkrpDataSource: context.input.lkrpDataSource,\n              trustchainId: context.input.trustchainId,\n              jwt: context._internalState.chain(({ jwt }) =>\n                required(jwt, \"Missing JWT for GetTrustchain\"),\n              ),\n            }),\n            onError: { actions: \"assignErrorFromEvent\" },\n            onDone: {\n              actions: raiseAndAssign(({ event }) =>\n                event.output.map((trustchain) => ({\n                  raise: \"success\",\n                  assign: { trustchain },\n                })),\n              ),\n            },\n          },\n        },\n\n        ExtractEncryptionKey: {\n          entry: assign({\n            intermediateValue: {\n              requiredUserInteraction: UserInteractionRequired.None,\n              step: AuthenticateDAStep.ExtractEncryptionKey,\n            },\n          }),\n          on: { success: \"Success\", error: \"Error\" },\n          invoke: {\n            id: \"ExtractEncryptionKey\",\n            src: \"extractEncryptionKey\",\n            input: ({ context }) => ({\n              keypair: context.input.keypair,\n              stream: context._internalState.chain(({ trustchain }) =>\n                required(\n                  trustchain?.getAppStream(context.input.appId).extract(),\n                  \"Missing application stream for ExtractEncryptionKey\",\n                ),\n              ),\n            }),\n            onError: { actions: \"assignErrorFromEvent\" },\n            onDone: {\n              actions: raiseAndAssign(({ event }) =>\n                event.output.map((encryptionKey) => ({\n                  raise: \"success\",\n                  assign: { encryptionKey },\n                })),\n              ),\n            },\n          },\n        },\n\n        Success: { type: \"final\" },\n\n        Error: { type: \"final\" },\n      },\n\n      output: ({ context }) =>\n        context._internalState.chain((state) =>\n          eitherSeqRecord({\n            trustchainId: context.input.trustchainId,\n            jwt: () => required(state.jwt, \"Missing JWT in the output\"),\n            applicationPath: () =>\n              required(\n                state.trustchain\n                  ?.getAppStream(context.input.appId)\n                  .chain((stream) => stream.getPath())\n                  .extract(),\n                \"Missing application path in the output\",\n              ),\n            encryptionKey: () =>\n              required(\n                state.encryptionKey,\n                \"Missing encryption key in the output\",\n              ),\n          }),\n        ),\n    });\n  }\n\n  extractDependencies() {\n    const authentication = new AuthenticateTask();\n    const encryptionKeyExtraction = new ExtractEncryptionKeyTask();\n\n    return {\n      keypairAuth: ({ input }: { input: AuthenticateWithKeypairDAInput }) =>\n        authentication.run(\n          input.lkrpDataSource,\n          new SignChallengeWithKeypairTask(input.keypair, input.trustchainId),\n        ),\n\n      getTrustchain: ({\n        input,\n      }: {\n        input: {\n          lkrpDataSource: LKRPDataSource;\n          trustchainId: string;\n          jwt: Either<AuthenticateDAError, JWT>;\n        };\n      }) =>\n        EitherAsync.liftEither(input.jwt)\n          .chain((jwt) =>\n            input.lkrpDataSource.getTrustchainById(input.trustchainId, jwt),\n          )\n          .run(),\n\n      extractEncryptionKey: async ({\n        input,\n      }: {\n        input: {\n          keypair: Keypair;\n          stream: Either<AuthenticateDAError, LKRPBlockStream>;\n        };\n      }) =>\n        EitherAsync.liftEither(input.stream).chain((stream) =>\n          encryptionKeyExtraction.run(input.keypair, stream),\n        ),\n    };\n  }\n}\n"],
-  "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,yCAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAMO,2CACPC,EAAsD,qBACtDC,EAA2C,kBAE3CC,EAKO,yDACPC,EAIO,kCAEPC,EAAiC,sDACjCC,EAAyC,8DACzCC,EAA6C,kEAE7CC,EAAgC,2CAEhCC,EAAyB,oCAMzBC,EAA+B,kCAExB,MAAMZ,UAA4C,oBAMvD,CACA,SAIE,CACA,MAAMa,EAAe,KAAK,iBAAiB,EAC3C,OAAO,KAAK,yBAAyBA,CAAY,CACnD,CAEA,kBAME,CASA,KAAM,CAAE,YAAAC,EAAa,cAAAC,EAAe,qBAAAC,CAAqB,EACvD,KAAK,oBAAoB,EAE3B,SAAO,SAAM,CACX,MAAO,CACL,MAAO,CAAC,EACR,QAAS,CAAC,EACV,OAAQ,CAAC,CACX,EAEA,OAAQ,CACN,eAAa,eAAYF,CAAW,EACpC,iBAAe,eAAYC,CAAa,EACxC,wBAAsB,eAAYC,CAAoB,CACxD,EAEA,QAAS,CACP,wBAAsB,kBACpB,CAAC,CAAE,MAAAC,CAAM,OACP,QACE,IAAI,mBACF,OAAQA,EAA8B,KAAK,CAC7C,CACF,CACJ,CACF,CACF,CAAC,EAAE,cAAc,CAGf,GAAI,sCACJ,QAAS,CAAC,CAAE,MAAAC,CAAM,KAAyB,CACzC,MAAAA,EACA,kBAAmB,CACjB,wBAAyB,0BAAwB,IACnD,EACA,kBAAgB,SAAM,CACpB,IAAK,KACL,WAAY,KACZ,cAAe,IACjB,CAAC,CACH,GAEA,QAAS,cACT,OAAQ,CACN,YAAa,CACX,SAAO,UAAO,CACZ,kBAAmB,CACjB,wBAAyB,0BAAwB,KACjD,KAAM,qBAAmB,YAC3B,CACF,CAAC,EACD,GAAI,CAAE,QAAS,gBAAiB,MAAO,OAAQ,EAC/C,OAAQ,CACN,GAAI,cACJ,IAAK,cACL,MAAO,CAAC,CAAE,QAAAC,CAAQ,IAAMA,EAAQ,MAChC,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,QAAAA,EAAS,MAAAF,CAAM,IACxCA,EAAM,OACH,IAAI,CAAC,CAAE,IAAAG,CAAI,KAAO,CAAE,MAAO,UAAW,OAAQ,CAAE,IAAAA,CAAI,CAAE,EAAE,EACxD,QAASC,GACRA,aAAiB,uBACjBA,EAAM,SAAW,eACb,IAAI,wBAAsBF,EAAQ,MAAM,YAAY,EACpDE,CACN,CACJ,CACF,CACF,CACF,EAEA,cAAe,CACb,SAAO,UAAO,CACZ,kBAAmB,CACjB,wBAAyB,0BAAwB,KACjD,KAAM,qBAAmB,aAC3B,CACF,CAAC,EACD,GAAI,CAAE,QAAS,uBAAwB,MAAO,OAAQ,EACtD,OAAQ,CACN,GAAI,gBACJ,IAAK,gBACL,MAAO,CAAC,CAAE,QAAAF,CAAQ,KAAO,CACvB,eAAgBA,EAAQ,MAAM,eAC9B,aAAcA,EAAQ,MAAM,aAC5B,IAAKA,EAAQ,eAAe,MAAM,CAAC,CAAE,IAAAC,CAAI,OACvC,YAASA,EAAK,+BAA+B,CAC/C,CACF,GACA,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,MAAAH,CAAM,IAC/BA,EAAM,OAAO,IAAKK,IAAgB,CAChC,MAAO,UACP,OAAQ,CAAE,WAAAA,CAAW,CACvB,EAAE,CACJ,CACF,CACF,CACF,EAEA,qBAAsB,CACpB,SAAO,UAAO,CACZ,kBAAmB,CACjB,wBAAyB,0BAAwB,KACjD,KAAM,qBAAmB,oBAC3B,CACF,CAAC,EACD,GAAI,CAAE,QAAS,UAAW,MAAO,OAAQ,EACzC,OAAQ,CACN,GAAI,uBACJ,IAAK,uBACL,MAAO,CAAC,CAAE,QAAAH,CAAQ,KAAO,CACvB,QAASA,EAAQ,MAAM,QACvB,OAAQA,EAAQ,eAAe,MAAM,CAAC,CAAE,WAAAG,CAAW,OACjD,YACEA,GAAY,aAAaH,EAAQ,MAAM,KAAK,EAAE,QAAQ,EACtD,qDACF,CACF,CACF,GACA,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,MAAAF,CAAM,IAC/BA,EAAM,OAAO,IAAKM,IAAmB,CACnC,MAAO,UACP,OAAQ,CAAE,cAAAA,CAAc,CAC1B,EAAE,CACJ,CACF,CACF,CACF,EAEA,QAAS,CAAE,KAAM,OAAQ,EAEzB,MAAO,CAAE,KAAM,OAAQ,CACzB,EAEA,OAAQ,CAAC,CAAE,QAAAJ,CAAQ,IACjBA,EAAQ,eAAe,MAAOK,MAC5B,mBAAgB,CACd,aAAcL,EAAQ,MAAM,aAC5B,IAAK,OAAM,YAASK,EAAM,IAAK,2BAA2B,EAC1D,gBAAiB,OACf,YACEA,EAAM,YACF,aAAaL,EAAQ,MAAM,KAAK,EACjC,MAAOM,GAAWA,EAAO,QAAQ,CAAC,EAClC,QAAQ,EACX,wCACF,EACF,cAAe,OACb,YACED,EAAM,cACN,sCACF,CACJ,CAAC,CACH,CACJ,CAAC,CACH,CAEA,qBAAsB,CACpB,MAAME,EAAiB,IAAI,mBACrBC,EAA0B,IAAI,2BAEpC,MAAO,CACL,YAAa,CAAC,CAAE,MAAAT,CAAM,IACpBQ,EAAe,IACbR,EAAM,eACN,IAAI,+BAA6BA,EAAM,QAASA,EAAM,YAAY,CACpE,EAEF,cAAe,CAAC,CACd,MAAAA,CACF,IAOE,cAAY,WAAWA,EAAM,GAAG,EAC7B,MAAOE,GACNF,EAAM,eAAe,kBAAkBA,EAAM,aAAcE,CAAG,CAChE,EACC,IAAI,EAET,qBAAsB,MAAO,CAC3B,MAAAF,CACF,IAME,cAAY,WAAWA,EAAM,MAAM,EAAE,MAAOO,GAC1CE,EAAwB,IAAIT,EAAM,QAASO,CAAM,CACnD,CACJ,CACF,CACF",
+  "sourcesContent": ["import {\n  type DeviceActionStateMachine,\n  type ExecuteDeviceActionReturnType,\n  type StateMachineTypes,\n  UserInteractionRequired,\n  XStateDeviceAction,\n} from \"@ledgerhq/device-management-kit\";\nimport { type Either, EitherAsync, Left, Right } from \"purify-ts\";\nimport { assign, fromPromise, setup } from \"xstate\";\n\nimport {\n  type AuthenticateDAError,\n  type AuthenticateDAIntermediateValue,\n  type AuthenticateDAOutput,\n  AuthenticateDAStep,\n} from \"@api/app-binder/AuthenticateDeviceActionTypes\";\nimport { type CryptoService } from \"@api/crypto/CryptoService\";\nimport { type KeyPair } from \"@api/crypto/KeyPair\";\nimport {\n  LKRPDataSourceError,\n  LKRPUnauthorizedError,\n  LKRPUnknownError,\n} from \"@api/model/Errors\";\nimport { type JWT } from \"@api/model/JWT\";\nimport { AuthenticateTask } from \"@internal/app-binder/task/AuthenticateTask\";\nimport { ExtractEncryptionKeyTask } from \"@internal/app-binder/task/ExtractEncryptionKeyTask\";\nimport { SignChallengeWithKeypairTask } from \"@internal/app-binder/task/SignChallengeWithKeypairTask\";\nimport { type LKRPDataSource } from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport { eitherSeqRecord } from \"@internal/utils/eitherSeqRecord\";\nimport { type LKRPBlockStream } from \"@internal/utils/LKRPBlockStream\";\nimport { required } from \"@internal/utils/required\";\n\nimport {\n  type AuthenticateWithKeypairDAInput,\n  type AuthenticateWithKeypairDAInternalState,\n} from \"./models/AuthenticateWithKeypairDeviceActionTypes\";\nimport { raiseAndAssign } from \"./utils/raiseAndAssign\";\n\nexport class AuthenticateWithKeypairDeviceAction extends XStateDeviceAction<\n  AuthenticateDAOutput,\n  AuthenticateWithKeypairDAInput,\n  AuthenticateDAError,\n  AuthenticateDAIntermediateValue,\n  AuthenticateWithKeypairDAInternalState\n> {\n  execute(): ExecuteDeviceActionReturnType<\n    AuthenticateDAOutput,\n    AuthenticateDAError,\n    AuthenticateDAIntermediateValue\n  > {\n    const stateMachine = this.makeStateMachine();\n    return this._subscribeToStateMachine(stateMachine);\n  }\n\n  makeStateMachine(): DeviceActionStateMachine<\n    AuthenticateDAOutput,\n    AuthenticateWithKeypairDAInput,\n    AuthenticateDAError,\n    AuthenticateDAIntermediateValue,\n    AuthenticateWithKeypairDAInternalState\n  > {\n    type types = StateMachineTypes<\n      AuthenticateDAOutput,\n      AuthenticateWithKeypairDAInput,\n      AuthenticateDAError,\n      AuthenticateDAIntermediateValue,\n      AuthenticateWithKeypairDAInternalState\n    >;\n\n    const { keypairAuth, getTrustchain, extractEncryptionKey } =\n      this.extractDependencies();\n\n    return setup({\n      types: {\n        input: {} as types[\"input\"],\n        context: {} as types[\"context\"],\n        output: {} as types[\"output\"],\n      },\n\n      actors: {\n        keypairAuth: fromPromise(keypairAuth),\n        getTrustchain: fromPromise(getTrustchain),\n        extractEncryptionKey: fromPromise(extractEncryptionKey),\n      },\n\n      actions: {\n        assignErrorFromEvent: raiseAndAssign(\n          ({ event }) =>\n            Left(\n              new LKRPUnknownError(\n                String((event as { error?: unknown }).error),\n              ),\n            ), // NOTE: it should never happen, the error is not typed anymore here\n        ),\n      },\n    }).createMachine({\n      /** @xstate-layout N4IgpgJg5mDOIC5QEECuAXAFmAduglgMYCG6YA6vlgNJgCeADsfgE4AiYAbkWMoQQHscAOlqNmLNFgDEEIWGH4cnAQGsF68aymYA2gAYAuolAMBsKviEmQAD0QBGfQFZhADgDMAdgBMXh24AbG7Ozl4ePgA0IHSOnsI+PoEuzg4ALACcGT4BAL650Tq4BCRklDT0TKwc3IS8-FYiYlWSGJjSYCwsAizCDAA2pABmPQC2wpotOgbGSCBmFoI4NvYI2cLJbj4eAZnpgWlRMYhBwofByV6BHmke2V75hW3FRKQUVJjNEjU8fEuilQkOmksFQhDqsFgMxsC0s1jmqxubg2IT8XmcGQxaQcDkC0ViCA8+g8wgcXi89y8+jcGWCPjSjxARTwrzKHy+1S4vwaQgBWlaMk63RY0LmsKWK0QSJRzjRGKxOLxxwQgVxwkxGSJaWcHhuHmcDIKTOeLNK7wq-J+dT+jWEAHEwOgACosVCwdCETDMHCyeSKZRqBQwZ2u92e72i0zmOHLBGIA36YTeDG0hx+BzOQJHAm7YQuTVZfTorxpTJuRnMkpvcqfQGc2r1f4OkNuj1epQdLo9PqDdAjFjjYMu1vhpSR+bRiVxhA6kn6HEZ0vOfQXfEnLwJZI+fRpYLZLPaismqtsi0tK2N23N4dh9s+0HguBQowwyeNSUINz6RPhTXakJpG4JZroSO55jiSROIcRIZkeWAvGaNYcuwXLWjyIjXqGbbep2wrjuK77Tl+P53DczgAUBaQgZkrjYiEZLXJikFwdgprVuydYoQ2Nq8gAorY6AsMQ-C8TghAsIwSxiL6OAKEoKjqMI-GCcJ6CieJkmNGI+FvvCoCrE4TjCKEGSZNutKeJ4IFksiPhZIksqpIqO4sQh7Fnt8qGXnxAlCSJYkSQwUn0Lh3YDMMYxKb5qnqYFwV0DpiyEfpjjzg4CQGjStypG4pZeCBbjpcu35EkEu66rKrlsaetaWl5PEiMpflqQFmlCNJD4Qs+sxRklel2I4uoZBlATeHZma6iBWruEupnJtcgEPEalasuatXnvV6FRSp-kaUFWkhUKPSJTGH4OENI2eL4mLXB4U2ZuqkHBLiZH6s4+RGjgAgQHANgrYhHF1dx6Gvn1sYpQgAC0DggZDrhZAjiNIx4VUnmtyEXg1fJTG0oOndOaT5cqPghHmPiyjRHgHDuKPLceq1IZxmNbZhI53njU4Q4TrjomSVymdi5UgSTrghCEf5Zok6K0088HVejTObf8TUxa1+3tfQHPJQNax+O4Li5bKxJFtkwtfnmGS5Q4tLJpbYSowzgMbcD-wAMpgl1Wv9QZu6BEmo1UwcHiWdmUpgTTOS0vompkjLxpy2jjNA9yytdiwXvgzr+x+zsniB7cIfUaZGxkmSu7LoEXhfkt+RAA */\n\n      id: \"AuthenticateWithKeypairDeviceAction\",\n      context: ({ input }): types[\"context\"] => ({\n        input,\n        intermediateValue: {\n          requiredUserInteraction: UserInteractionRequired.None,\n        },\n        _internalState: Right({\n          jwt: null,\n          trustchain: null,\n          encryptionKey: null,\n        }),\n      }),\n\n      initial: \"KeypairAuth\",\n      states: {\n        KeypairAuth: {\n          entry: assign({\n            intermediateValue: {\n              requiredUserInteraction: UserInteractionRequired.None,\n              step: AuthenticateDAStep.Authenticate,\n            },\n          }),\n          on: { success: \"GetTrustchain\", error: \"Error\" },\n          invoke: {\n            id: \"keypairAuth\",\n            src: \"keypairAuth\",\n            input: ({ context }) => context.input,\n            onError: { actions: \"assignErrorFromEvent\" },\n            onDone: {\n              actions: raiseAndAssign(({ context, event }) =>\n                event.output\n                  .map(({ jwt }) => ({ raise: \"success\", assign: { jwt } }))\n                  .mapLeft((error) =>\n                    error instanceof LKRPDataSourceError &&\n                    error.status === \"UNAUTHORIZED\"\n                      ? new LKRPUnauthorizedError(context.input.trustchainId)\n                      : error,\n                  ),\n              ),\n            },\n          },\n        },\n\n        GetTrustchain: {\n          entry: assign({\n            intermediateValue: {\n              requiredUserInteraction: UserInteractionRequired.None,\n              step: AuthenticateDAStep.GetTrustchain,\n            },\n          }),\n          on: { success: \"ExtractEncryptionKey\", error: \"Error\" },\n          invoke: {\n            id: \"getTrustchain\",\n            src: \"getTrustchain\",\n            input: ({ context }) => ({\n              lkrpDataSource: context.input.lkrpDataSource,\n              trustchainId: context.input.trustchainId,\n              jwt: context._internalState.chain(({ jwt }) =>\n                required(jwt, \"Missing JWT for GetTrustchain\"),\n              ),\n            }),\n            onError: { actions: \"assignErrorFromEvent\" },\n            onDone: {\n              actions: raiseAndAssign(({ event }) =>\n                event.output.map((trustchain) => ({\n                  raise: \"success\",\n                  assign: { trustchain },\n                })),\n              ),\n            },\n          },\n        },\n\n        ExtractEncryptionKey: {\n          entry: assign({\n            intermediateValue: {\n              requiredUserInteraction: UserInteractionRequired.None,\n              step: AuthenticateDAStep.ExtractEncryptionKey,\n            },\n          }),\n          on: { success: \"Success\", error: \"Error\" },\n          invoke: {\n            id: \"ExtractEncryptionKey\",\n            src: \"extractEncryptionKey\",\n            input: ({ context }) => ({\n              cryptoService: context.input.cryptoService,\n              keypair: context.input.keypair,\n              stream: context._internalState.chain(({ trustchain }) =>\n                required(\n                  trustchain?.getAppStream(context.input.appId).extract(),\n                  \"Missing application stream for ExtractEncryptionKey\",\n                ),\n              ),\n            }),\n            onError: { actions: \"assignErrorFromEvent\" },\n            onDone: {\n              actions: raiseAndAssign(({ event }) =>\n                event.output.map((encryptionKey) => ({\n                  raise: \"success\",\n                  assign: { encryptionKey },\n                })),\n              ),\n            },\n          },\n        },\n\n        Success: { type: \"final\" },\n\n        Error: { type: \"final\" },\n      },\n\n      output: ({ context }) =>\n        context._internalState.chain((state) =>\n          eitherSeqRecord({\n            trustchainId: context.input.trustchainId,\n            jwt: () => required(state.jwt, \"Missing JWT in the output\"),\n            applicationPath: () =>\n              required(\n                state.trustchain\n                  ?.getAppStream(context.input.appId)\n                  .chain((stream) => stream.getPath())\n                  .extract(),\n                \"Missing application path in the output\",\n              ),\n            encryptionKey: () =>\n              required(\n                state.encryptionKey,\n                \"Missing encryption key in the output\",\n              ),\n          }),\n        ),\n    });\n  }\n\n  extractDependencies() {\n    const authentication = new AuthenticateTask();\n    const encryptionKeyExtraction = new ExtractEncryptionKeyTask();\n\n    return {\n      keypairAuth: ({ input }: { input: AuthenticateWithKeypairDAInput }) =>\n        authentication.run(\n          input.lkrpDataSource,\n          new SignChallengeWithKeypairTask(\n            input.cryptoService,\n            input.keypair,\n            input.trustchainId,\n          ),\n        ),\n\n      getTrustchain: ({\n        input,\n      }: {\n        input: {\n          lkrpDataSource: LKRPDataSource;\n          trustchainId: string;\n          jwt: Either<AuthenticateDAError, JWT>;\n        };\n      }) =>\n        EitherAsync.liftEither(input.jwt)\n          .chain((jwt) =>\n            input.lkrpDataSource.getTrustchainById(input.trustchainId, jwt),\n          )\n          .run(),\n\n      extractEncryptionKey: async ({\n        input,\n      }: {\n        input: {\n          cryptoService: CryptoService;\n          keypair: KeyPair;\n          stream: Either<AuthenticateDAError, LKRPBlockStream>;\n        };\n      }) =>\n        EitherAsync.liftEither(input.stream).chain((stream) =>\n          encryptionKeyExtraction.run(\n            input.cryptoService,\n            input.keypair,\n            stream,\n          ),\n        ),\n    };\n  }\n}\n"],
+  "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,yCAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAMO,2CACPC,EAAsD,qBACtDC,EAA2C,kBAE3CC,EAKO,yDAGPC,EAIO,6BAEPC,EAAiC,sDACjCC,EAAyC,8DACzCC,EAA6C,kEAE7CC,EAAgC,2CAEhCC,EAAyB,oCAMzBC,EAA+B,kCAExB,MAAMZ,UAA4C,oBAMvD,CACA,SAIE,CACA,MAAMa,EAAe,KAAK,iBAAiB,EAC3C,OAAO,KAAK,yBAAyBA,CAAY,CACnD,CAEA,kBAME,CASA,KAAM,CAAE,YAAAC,EAAa,cAAAC,EAAe,qBAAAC,CAAqB,EACvD,KAAK,oBAAoB,EAE3B,SAAO,SAAM,CACX,MAAO,CACL,MAAO,CAAC,EACR,QAAS,CAAC,EACV,OAAQ,CAAC,CACX,EAEA,OAAQ,CACN,eAAa,eAAYF,CAAW,EACpC,iBAAe,eAAYC,CAAa,EACxC,wBAAsB,eAAYC,CAAoB,CACxD,EAEA,QAAS,CACP,wBAAsB,kBACpB,CAAC,CAAE,MAAAC,CAAM,OACP,QACE,IAAI,mBACF,OAAQA,EAA8B,KAAK,CAC7C,CACF,CACJ,CACF,CACF,CAAC,EAAE,cAAc,CAGf,GAAI,sCACJ,QAAS,CAAC,CAAE,MAAAC,CAAM,KAAyB,CACzC,MAAAA,EACA,kBAAmB,CACjB,wBAAyB,0BAAwB,IACnD,EACA,kBAAgB,SAAM,CACpB,IAAK,KACL,WAAY,KACZ,cAAe,IACjB,CAAC,CACH,GAEA,QAAS,cACT,OAAQ,CACN,YAAa,CACX,SAAO,UAAO,CACZ,kBAAmB,CACjB,wBAAyB,0BAAwB,KACjD,KAAM,qBAAmB,YAC3B,CACF,CAAC,EACD,GAAI,CAAE,QAAS,gBAAiB,MAAO,OAAQ,EAC/C,OAAQ,CACN,GAAI,cACJ,IAAK,cACL,MAAO,CAAC,CAAE,QAAAC,CAAQ,IAAMA,EAAQ,MAChC,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,QAAAA,EAAS,MAAAF,CAAM,IACxCA,EAAM,OACH,IAAI,CAAC,CAAE,IAAAG,CAAI,KAAO,CAAE,MAAO,UAAW,OAAQ,CAAE,IAAAA,CAAI,CAAE,EAAE,EACxD,QAASC,GACRA,aAAiB,uBACjBA,EAAM,SAAW,eACb,IAAI,wBAAsBF,EAAQ,MAAM,YAAY,EACpDE,CACN,CACJ,CACF,CACF,CACF,EAEA,cAAe,CACb,SAAO,UAAO,CACZ,kBAAmB,CACjB,wBAAyB,0BAAwB,KACjD,KAAM,qBAAmB,aAC3B,CACF,CAAC,EACD,GAAI,CAAE,QAAS,uBAAwB,MAAO,OAAQ,EACtD,OAAQ,CACN,GAAI,gBACJ,IAAK,gBACL,MAAO,CAAC,CAAE,QAAAF,CAAQ,KAAO,CACvB,eAAgBA,EAAQ,MAAM,eAC9B,aAAcA,EAAQ,MAAM,aAC5B,IAAKA,EAAQ,eAAe,MAAM,CAAC,CAAE,IAAAC,CAAI,OACvC,YAASA,EAAK,+BAA+B,CAC/C,CACF,GACA,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,MAAAH,CAAM,IAC/BA,EAAM,OAAO,IAAKK,IAAgB,CAChC,MAAO,UACP,OAAQ,CAAE,WAAAA,CAAW,CACvB,EAAE,CACJ,CACF,CACF,CACF,EAEA,qBAAsB,CACpB,SAAO,UAAO,CACZ,kBAAmB,CACjB,wBAAyB,0BAAwB,KACjD,KAAM,qBAAmB,oBAC3B,CACF,CAAC,EACD,GAAI,CAAE,QAAS,UAAW,MAAO,OAAQ,EACzC,OAAQ,CACN,GAAI,uBACJ,IAAK,uBACL,MAAO,CAAC,CAAE,QAAAH,CAAQ,KAAO,CACvB,cAAeA,EAAQ,MAAM,cAC7B,QAASA,EAAQ,MAAM,QACvB,OAAQA,EAAQ,eAAe,MAAM,CAAC,CAAE,WAAAG,CAAW,OACjD,YACEA,GAAY,aAAaH,EAAQ,MAAM,KAAK,EAAE,QAAQ,EACtD,qDACF,CACF,CACF,GACA,QAAS,CAAE,QAAS,sBAAuB,EAC3C,OAAQ,CACN,WAAS,kBAAe,CAAC,CAAE,MAAAF,CAAM,IAC/BA,EAAM,OAAO,IAAKM,IAAmB,CACnC,MAAO,UACP,OAAQ,CAAE,cAAAA,CAAc,CAC1B,EAAE,CACJ,CACF,CACF,CACF,EAEA,QAAS,CAAE,KAAM,OAAQ,EAEzB,MAAO,CAAE,KAAM,OAAQ,CACzB,EAEA,OAAQ,CAAC,CAAE,QAAAJ,CAAQ,IACjBA,EAAQ,eAAe,MAAOK,MAC5B,mBAAgB,CACd,aAAcL,EAAQ,MAAM,aAC5B,IAAK,OAAM,YAASK,EAAM,IAAK,2BAA2B,EAC1D,gBAAiB,OACf,YACEA,EAAM,YACF,aAAaL,EAAQ,MAAM,KAAK,EACjC,MAAOM,GAAWA,EAAO,QAAQ,CAAC,EAClC,QAAQ,EACX,wCACF,EACF,cAAe,OACb,YACED,EAAM,cACN,sCACF,CACJ,CAAC,CACH,CACJ,CAAC,CACH,CAEA,qBAAsB,CACpB,MAAME,EAAiB,IAAI,mBACrBC,EAA0B,IAAI,2BAEpC,MAAO,CACL,YAAa,CAAC,CAAE,MAAAT,CAAM,IACpBQ,EAAe,IACbR,EAAM,eACN,IAAI,+BACFA,EAAM,cACNA,EAAM,QACNA,EAAM,YACR,CACF,EAEF,cAAe,CAAC,CACd,MAAAA,CACF,IAOE,cAAY,WAAWA,EAAM,GAAG,EAC7B,MAAOE,GACNF,EAAM,eAAe,kBAAkBA,EAAM,aAAcE,CAAG,CAChE,EACC,IAAI,EAET,qBAAsB,MAAO,CAC3B,MAAAF,CACF,IAOE,cAAY,WAAWA,EAAM,MAAM,EAAE,MAAOO,GAC1CE,EAAwB,IACtBT,EAAM,cACNA,EAAM,QACNO,CACF,CACF,CACJ,CACF,CACF",
   "names": ["AuthenticateWithKeypairDeviceAction_exports", "__export", "AuthenticateWithKeypairDeviceAction", "__toCommonJS", "import_device_management_kit", "import_purify_ts", "import_xstate", "import_AuthenticateDeviceActionTypes", "import_Errors", "import_AuthenticateTask", "import_ExtractEncryptionKeyTask", "import_SignChallengeWithKeypairTask", "import_eitherSeqRecord", "import_required", "import_raiseAndAssign", "stateMachine", "keypairAuth", "getTrustchain", "extractEncryptionKey", "event", "input", "context", "jwt", "error", "trustchain", "encryptionKey", "state", "stream", "authentication", "encryptionKeyExtraction"]
 }

package/lib/cjs/internal/app-binder/device-action/models/AuthenticateWithDeviceDeviceActionTypes.js CHANGED Viewed

@@ -1,2 +1,2 @@
-"use strict";var a=Object.defineProperty;var o=Object.getOwnPropertyDescriptor;var y=Object.getOwnPropertyNames;var p=Object.prototype.hasOwnProperty;var l=(t,e,i,n)=>{if(e&&typeof e=="object"||typeof e=="function")for(let r of y(e))!p.call(t,r)&&r!==i&&a(t,r,{get:()=>e[r],enumerable:!(n=o(e,r))||n.enumerable});return t};var u=t=>l(a({},"__esModule",{value:!0}),t);var s={};module.exports=u(s);
+"use strict";var i=Object.defineProperty;var a=Object.getOwnPropertyDescriptor;var y=Object.getOwnPropertyNames;var p=Object.prototype.hasOwnProperty;var l=(r,e,n,o)=>{if(e&&typeof e=="object"||typeof e=="function")for(let t of y(e))!p.call(r,t)&&t!==n&&i(r,t,{get:()=>e[t],enumerable:!(o=a(e,t))||o.enumerable});return r};var c=r=>l(i({},"__esModule",{value:!0}),r);var u={};module.exports=c(u);
 //# sourceMappingURL=AuthenticateWithDeviceDeviceActionTypes.js.map

package/lib/cjs/internal/app-binder/device-action/models/AuthenticateWithDeviceDeviceActionTypes.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../../../src/internal/app-binder/device-action/models/AuthenticateWithDeviceDeviceActionTypes.ts"],
-  "sourcesContent": ["import { type Either } from \"purify-ts\";\n\nimport {\n  type AuthenticateDAError,\n  type JWT,\n  type Keypair,\n  type Permissions,\n} from \"@api/index\";\nimport { type LKRPDataSource } from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport { type Trustchain } from \"@internal/utils/Trustchain\";\n\nexport type AuthenticateWithDeviceDAInput = {\n  readonly lkrpDataSource: LKRPDataSource;\n  readonly appId: number;\n  readonly keypair: Keypair;\n  readonly clientName: string;\n  readonly permissions: Permissions;\n};\n\nexport type AuthenticateWithDeviceDAInternalState = Either<\n  AuthenticateDAError,\n  {\n    readonly trustchainId: string | null;\n    readonly jwt: JWT | null;\n    readonly trustchain: Trustchain | null;\n    readonly encryptionKey: Uint8Array | null;\n    readonly wasAddedToTrustchain: boolean;\n  }\n>;\n"],
+  "sourcesContent": ["import { type Either } from \"purify-ts\";\n\nimport { type CryptoService } from \"@api/crypto/CryptoService\";\nimport { type KeyPair } from \"@api/crypto/KeyPair\";\nimport {\n  type AuthenticateDAError,\n  type JWT,\n  type Permissions,\n} from \"@api/index\";\nimport { type LKRPDataSource } from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport { type Trustchain } from \"@internal/utils/Trustchain\";\n\nexport type AuthenticateWithDeviceDAInput = {\n  readonly lkrpDataSource: LKRPDataSource;\n  readonly appId: number;\n  readonly cryptoService: CryptoService;\n  readonly keypair: KeyPair;\n  readonly clientName: string;\n  readonly permissions: Permissions;\n};\n\nexport type AuthenticateWithDeviceDAInternalState = Either<\n  AuthenticateDAError,\n  {\n    readonly trustchainId: string | null;\n    readonly jwt: JWT | null;\n    readonly trustchain: Trustchain | null;\n    readonly encryptionKey: Uint8Array | null;\n    readonly wasAddedToTrustchain: boolean;\n  }\n>;\n"],
   "mappings": "+WAAA,IAAAA,EAAA,kBAAAC,EAAAD",
   "names": ["AuthenticateWithDeviceDeviceActionTypes_exports", "__toCommonJS"]
 }

package/lib/cjs/internal/app-binder/device-action/models/AuthenticateWithKeypairDeviceActionTypes.js CHANGED Viewed

@@ -1,2 +1,2 @@
-"use strict";var n=Object.defineProperty;var p=Object.getOwnPropertyDescriptor;var o=Object.getOwnPropertyNames;var y=Object.prototype.hasOwnProperty;var u=(r,t,i,a)=>{if(t&&typeof t=="object"||typeof t=="function")for(let e of o(t))!y.call(r,e)&&e!==i&&n(r,e,{get:()=>t[e],enumerable:!(a=p(t,e))||a.enumerable});return r};var l=r=>u(n({},"__esModule",{value:!0}),r);var c={};module.exports=l(c);
+"use strict";var o=Object.defineProperty;var p=Object.getOwnPropertyDescriptor;var y=Object.getOwnPropertyNames;var n=Object.prototype.hasOwnProperty;var c=(t,r,i,a)=>{if(r&&typeof r=="object"||typeof r=="function")for(let e of y(r))!n.call(t,e)&&e!==i&&o(t,e,{get:()=>r[e],enumerable:!(a=p(r,e))||a.enumerable});return t};var l=t=>c(o({},"__esModule",{value:!0}),t);var u={};module.exports=l(u);
 //# sourceMappingURL=AuthenticateWithKeypairDeviceActionTypes.js.map

package/lib/cjs/internal/app-binder/device-action/models/AuthenticateWithKeypairDeviceActionTypes.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../../../src/internal/app-binder/device-action/models/AuthenticateWithKeypairDeviceActionTypes.ts"],
-  "sourcesContent": ["import { type Either } from \"purify-ts\";\n\nimport { type AuthenticateDAError, type JWT, type Keypair } from \"@api/index\";\nimport { type LKRPDataSource } from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport { type Trustchain } from \"@internal/utils/Trustchain\";\n\nexport type AuthenticateWithKeypairDAInput = {\n  readonly lkrpDataSource: LKRPDataSource;\n  readonly appId: number;\n  readonly keypair: Keypair;\n  readonly trustchainId: string;\n};\n\nexport type AuthenticateWithKeypairDAInternalState = Either<\n  AuthenticateDAError,\n  {\n    readonly jwt: JWT | null;\n    readonly trustchain: Trustchain | null;\n    readonly encryptionKey: Uint8Array | null;\n  }\n>;\n"],
+  "sourcesContent": ["import { type Either } from \"purify-ts\";\n\nimport { type CryptoService } from \"@api/crypto/CryptoService\";\nimport { type KeyPair } from \"@api/crypto/KeyPair\";\nimport { type AuthenticateDAError, type JWT } from \"@api/index\";\nimport { type LKRPDataSource } from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport { type Trustchain } from \"@internal/utils/Trustchain\";\n\nexport type AuthenticateWithKeypairDAInput = {\n  readonly lkrpDataSource: LKRPDataSource;\n  readonly appId: number;\n  readonly cryptoService: CryptoService;\n  readonly keypair: KeyPair;\n  readonly trustchainId: string;\n};\n\nexport type AuthenticateWithKeypairDAInternalState = Either<\n  AuthenticateDAError,\n  {\n    readonly jwt: JWT | null;\n    readonly trustchain: Trustchain | null;\n    readonly encryptionKey: Uint8Array | null;\n  }\n>;\n"],
   "mappings": "+WAAA,IAAAA,EAAA,kBAAAC,EAAAD",
   "names": ["AuthenticateWithKeypairDeviceActionTypes_exports", "__toCommonJS"]
 }

package/lib/cjs/internal/app-binder/task/ExtractEncryptionKeyTask.js CHANGED Viewed

@@ -1,2 +1,2 @@
-"use strict";var a=Object.defineProperty;var n=Object.getOwnPropertyDescriptor;var y=Object.getOwnPropertyNames;var m=Object.prototype.hasOwnProperty;var c=(e,r)=>{for(var t in r)a(e,t,{get:r[t],enumerable:!0})},K=(e,r,t,p)=>{if(r&&typeof r=="object"||typeof r=="function")for(let o of y(r))!m.call(e,o)&&o!==t&&a(e,o,{get:()=>r[o],enumerable:!(p=n(r,o))||p.enumerable});return e};var s=e=>K(a({},"__esModule",{value:!0}),e);var l={};c(l,{ExtractEncryptionKeyTask:()=>k});module.exports=s(l);var i=require("../../../api/app-binder/Errors");class k{async run(r,t){return Promise.resolve(t.getPublishedKey(r).map(p=>p.privateKey).toEither(new i.LKRPUnknownError("There is no encryption key for the current member in the application stream.")))}}0&&(module.exports={ExtractEncryptionKeyTask});
+"use strict";var p=Object.defineProperty;var n=Object.getOwnPropertyDescriptor;var m=Object.getOwnPropertyNames;var y=Object.prototype.hasOwnProperty;var c=(e,r)=>{for(var o in r)p(e,o,{get:r[o],enumerable:!0})},K=(e,r,o,i)=>{if(r&&typeof r=="object"||typeof r=="function")for(let t of m(r))!y.call(e,t)&&t!==o&&p(e,t,{get:()=>r[t],enumerable:!(i=n(r,t))||i.enumerable});return e};var s=e=>K(p({},"__esModule",{value:!0}),e);var f={};c(f,{ExtractEncryptionKeyTask:()=>P});module.exports=s(f);var a=require("../../../api/model/Errors");class P{async run(r,o,i){return(await i.getPublishedKey(r,o)).map(t=>t.privateKey).toEither(new a.LKRPUnknownError("There is no encryption key for the current member in the application stream."))}}0&&(module.exports={ExtractEncryptionKeyTask});
 //# sourceMappingURL=ExtractEncryptionKeyTask.js.map

package/lib/cjs/internal/app-binder/task/ExtractEncryptionKeyTask.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../../src/internal/app-binder/task/ExtractEncryptionKeyTask.ts"],
-  "sourcesContent": ["import { LKRPUnknownError } from \"@api/app-binder/Errors\";\nimport { type Keypair } from \"@api/index\";\nimport { type LKRPBlockStream } from \"@internal/utils/LKRPBlockStream\";\n\nexport type ExtractEncryptionKeyTaskInput = {\n  applicationStream: LKRPBlockStream;\n  keypair: Keypair;\n};\n\nexport class ExtractEncryptionKeyTask {\n  async run(keypair: Keypair, stream: LKRPBlockStream) {\n    // TODO additional derivations should be supported:\n    // https://github.com/LedgerHQ/ledger-live/blob/develop/libs/hw-ledger-key-ring-protocol/src/Device.ts#L216...L226\n    // Probably not needed for Ledger Sync\n    return Promise.resolve(\n      stream\n        .getPublishedKey(keypair)\n        .map((key) => key.privateKey)\n        .toEither(\n          new LKRPUnknownError(\n            \"There is no encryption key for the current member in the application stream.\",\n          ),\n        ),\n    );\n  }\n}\n"],
-  "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,8BAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAAiC,kCAS1B,MAAMF,CAAyB,CACpC,MAAM,IAAIG,EAAkBC,EAAyB,CAInD,OAAO,QAAQ,QACbA,EACG,gBAAgBD,CAAO,EACvB,IAAKE,GAAQA,EAAI,UAAU,EAC3B,SACC,IAAI,mBACF,8EACF,CACF,CACJ,CACF,CACF",
-  "names": ["ExtractEncryptionKeyTask_exports", "__export", "ExtractEncryptionKeyTask", "__toCommonJS", "import_Errors", "keypair", "stream", "key"]
+  "sourcesContent": ["import { type CryptoService } from \"@api/crypto/CryptoService\";\nimport { type KeyPair } from \"@api/crypto/KeyPair\";\nimport { LKRPUnknownError } from \"@api/model/Errors\";\nimport { type LKRPBlockStream } from \"@internal/utils/LKRPBlockStream\";\n\nexport class ExtractEncryptionKeyTask {\n  async run(\n    cryptoService: CryptoService,\n    keypair: KeyPair,\n    stream: LKRPBlockStream,\n  ) {\n    // TODO additional derivations should be supported:\n    // https://github.com/LedgerHQ/ledger-live/blob/develop/libs/hw-ledger-key-ring-protocol/src/Device.ts#L216...L226\n    // Probably not needed for Ledger Sync\n    return (await stream.getPublishedKey(cryptoService, keypair))\n      .map((key) => key.privateKey)\n      .toEither(\n        new LKRPUnknownError(\n          \"There is no encryption key for the current member in the application stream.\",\n        ),\n      );\n  }\n}\n"],
+  "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,8BAAAE,IAAA,eAAAC,EAAAH,GAEA,IAAAI,EAAiC,6BAG1B,MAAMF,CAAyB,CACpC,MAAM,IACJG,EACAC,EACAC,EACA,CAIA,OAAQ,MAAMA,EAAO,gBAAgBF,EAAeC,CAAO,GACxD,IAAKE,GAAQA,EAAI,UAAU,EAC3B,SACC,IAAI,mBACF,8EACF,CACF,CACJ,CACF",
+  "names": ["ExtractEncryptionKeyTask_exports", "__export", "ExtractEncryptionKeyTask", "__toCommonJS", "import_Errors", "cryptoService", "keypair", "stream", "key"]
 }

package/lib/cjs/internal/app-binder/task/InitTask.js CHANGED Viewed

@@ -1,2 +1,2 @@
-"use strict";var a=Object.defineProperty;var y=Object.getOwnPropertyDescriptor;var c=Object.getOwnPropertyNames;var u=Object.prototype.hasOwnProperty;var d=(t,r)=>{for(var e in r)a(t,e,{get:r[e],enumerable:!0})},K=(t,r,e,m)=>{if(r&&typeof r=="object"||typeof r=="function")for(let o of c(r))!u.call(t,o)&&o!==e&&a(t,o,{get:()=>r[o],enumerable:!(m=y(r,o))||m.enumerable});return t};var f=t=>K(a({},"__esModule",{value:!0}),t);var C={};d(C,{InitTask:()=>l});module.exports=f(C);var p=require("@ledgerhq/device-management-kit"),i=require("purify-ts"),n=require("../../app-binder/command/InitCommand"),s=require("../../utils/crypto");class l{constructor(r){this.api=r}async run(){const r=s.CryptoUtils.randomKeypair(),e=await this.api.sendCommand(new n.InitCommand({publicKey:r.pubKeyToU8a()}));return e.status!==p.CommandResultStatus.Success?(0,i.Left)(e.error):(0,i.Right)(r)}}0&&(module.exports={InitTask});
+"use strict";var a=Object.defineProperty;var c=Object.getOwnPropertyDescriptor;var y=Object.getOwnPropertyNames;var u=Object.prototype.hasOwnProperty;var v=(e,r)=>{for(var t in r)a(e,t,{get:r[t],enumerable:!0})},K=(e,r,t,p)=>{if(r&&typeof r=="object"||typeof r=="function")for(let i of y(r))!u.call(e,i)&&i!==t&&a(e,i,{get:()=>r[i],enumerable:!(p=c(r,i))||p.enumerable});return e};var d=e=>K(a({},"__esModule",{value:!0}),e);var C={};v(C,{InitTask:()=>l});module.exports=d(C);var m=require("@ledgerhq/device-management-kit"),o=require("purify-ts"),n=require("../../../api/crypto/CryptoService"),s=require("../../app-binder/command/InitCommand");class l{constructor(r,t){this.api=r;this.cryptoService=t}async run(){const r=await this.cryptoService.createKeyPair(n.Curve.K256),t=await this.api.sendCommand(new s.InitCommand({publicKey:r.getPublicKey()}));return t.status!==m.CommandResultStatus.Success?(0,o.Left)(t.error):(0,o.Right)(r)}}0&&(module.exports={InitTask});
 //# sourceMappingURL=InitTask.js.map

package/lib/cjs/internal/app-binder/task/InitTask.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../../src/internal/app-binder/task/InitTask.ts"],
-  "sourcesContent": ["import {\n  CommandResultStatus,\n  type InternalApi,\n} from \"@ledgerhq/device-management-kit\";\nimport { type Either, Left, Right } from \"purify-ts\";\n\nimport { type Keypair } from \"@api/index\";\nimport { InitCommand } from \"@internal/app-binder/command/InitCommand\";\nimport { type LKRPDeviceCommandError } from \"@internal/app-binder/command/utils/ledgerKeyringProtocolErrors\";\nimport { CryptoUtils } from \"@internal/utils/crypto\";\n\nexport class InitTask {\n  constructor(private readonly api: InternalApi) {}\n\n  async run(): Promise<Either<LKRPDeviceCommandError, Keypair>> {\n    const sessionKeypair = CryptoUtils.randomKeypair();\n    const response = await this.api.sendCommand(\n      new InitCommand({ publicKey: sessionKeypair.pubKeyToU8a() }),\n    );\n\n    return response.status !== CommandResultStatus.Success\n      ? Left(response.error)\n      : Right(sessionKeypair);\n  }\n}\n"],
-  "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,cAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAGO,2CACPC,EAAyC,qBAGzCC,EAA4B,oDAE5BC,EAA4B,kCAErB,MAAML,CAAS,CACpB,YAA6BM,EAAkB,CAAlB,SAAAA,CAAmB,CAEhD,MAAM,KAAwD,CAC5D,MAAMC,EAAiB,cAAY,cAAc,EAC3CC,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,cAAY,CAAE,UAAWD,EAAe,YAAY,CAAE,CAAC,CAC7D,EAEA,OAAOC,EAAS,SAAW,sBAAoB,WAC3C,QAAKA,EAAS,KAAK,KACnB,SAAMD,CAAc,CAC1B,CACF",
-  "names": ["InitTask_exports", "__export", "InitTask", "__toCommonJS", "import_device_management_kit", "import_purify_ts", "import_InitCommand", "import_crypto", "api", "sessionKeypair", "response"]
+  "sourcesContent": ["import {\n  CommandResultStatus,\n  type InternalApi,\n} from \"@ledgerhq/device-management-kit\";\nimport { type Either, Left, Right } from \"purify-ts\";\n\nimport { type CryptoService, Curve } from \"@api/crypto/CryptoService\";\nimport { type KeyPair } from \"@api/crypto/KeyPair\";\nimport { InitCommand } from \"@internal/app-binder/command/InitCommand\";\nimport { type LKRPDeviceCommandError } from \"@internal/app-binder/command/utils/ledgerKeyringProtocolErrors\";\n\nexport class InitTask {\n  constructor(\n    private readonly api: InternalApi,\n    private readonly cryptoService: CryptoService,\n  ) {}\n\n  async run(): Promise<Either<LKRPDeviceCommandError, KeyPair>> {\n    const sessionKeypair = await this.cryptoService.createKeyPair(Curve.K256);\n    const response = await this.api.sendCommand(\n      new InitCommand({ publicKey: sessionKeypair.getPublicKey() }),\n    );\n\n    return response.status !== CommandResultStatus.Success\n      ? Left(response.error)\n      : Right(sessionKeypair);\n  }\n}\n"],
+  "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,cAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAGO,2CACPC,EAAyC,qBAEzCC,EAA0C,qCAE1CC,EAA4B,oDAGrB,MAAML,CAAS,CACpB,YACmBM,EACAC,EACjB,CAFiB,SAAAD,EACA,mBAAAC,CAChB,CAEH,MAAM,KAAwD,CAC5D,MAAMC,EAAiB,MAAM,KAAK,cAAc,cAAc,QAAM,IAAI,EAClEC,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,cAAY,CAAE,UAAWD,EAAe,aAAa,CAAE,CAAC,CAC9D,EAEA,OAAOC,EAAS,SAAW,sBAAoB,WAC3C,QAAKA,EAAS,KAAK,KACnB,SAAMD,CAAc,CAC1B,CACF",
+  "names": ["InitTask_exports", "__export", "InitTask", "__toCommonJS", "import_device_management_kit", "import_purify_ts", "import_CryptoService", "import_InitCommand", "api", "cryptoService", "sessionKeypair", "response"]
 }

package/lib/cjs/internal/app-binder/task/ParseStreamToDeviceTask.js CHANGED Viewed

@@ -1,2 +1,2 @@
-"use strict";var m=Object.defineProperty;var l=Object.getOwnPropertyDescriptor;var k=Object.getOwnPropertyNames;var S=Object.prototype.hasOwnProperty;var T=(n,t)=>{for(var r in t)m(n,r,{get:t[r],enumerable:!0})},g=(n,t,r,e)=>{if(t&&typeof t=="object"||typeof t=="function")for(let a of k(t))!S.call(n,a)&&a!==r&&m(n,a,{get:()=>t[a],enumerable:!(e=l(t,a))||e.enumerable});return n};var R=n=>g(m({},"__esModule",{value:!0}),n);var L={};T(L,{ParseStreamToDeviceTask:()=>E});module.exports=R(L);var o=require("@ledgerhq/device-management-kit"),s=require("purify-ts"),i=require("../../../api/app-binder/Errors"),c=require("../../app-binder/command/ParseBlockSignatureCommand"),d=require("../../app-binder/command/ParseStreamBlockCommand"),p=require("../../app-binder/command/ParseStreamBlockHeader"),P=require("../../app-binder/command/SetTrustedMemberCommand"),h=require("../../utils/eitherSeqRecord"),u=require("../../utils/hex"),f=require("./utils/TrustedProperties");class E{constructor(t){this.api=t}lastTrustedMember=null;trustedMembers=new Map;run({seedBlock:t,applicationStream:r}){return this.parseBlock(t).chain(()=>r?this.parseStream(r):s.EitherAsync.liftEither((0,s.Right)(void 0)))}parseStream(t){return s.EitherAsync.liftEither(t.parse()).chain(r=>s.EitherAsync.sequence(r.map(e=>this.parseBlock(e))))}parseBlock(t){return s.EitherAsync.liftEither(t.parse()).chain(r=>this.setTrustedMember((0,u.bytesToHex)(r.issuer)).map(()=>r)).chain(async r=>{try{const e=await this.api.sendCommand(new p.ParseBlockHeaderCommand(r));if(e.status!==o.CommandResultStatus.Success)return(0,s.Left)(e.error)}catch(e){return(0,s.Left)(new i.LKRPUnknownError(String(e)))}return(0,s.Right)(r)}).chain(r=>s.EitherAsync.sequence(r.commands.map(e=>this.parseCommand(e,(0,u.bytesToHex)(r.issuer)))).map(()=>r)).chain(async r=>{try{const e=await this.api.sendCommand(new c.ParseBlockSignatureCommand(r));if(e.status!==o.CommandResultStatus.Success)return(0,s.Left)(e.error)}catch(e){return(0,s.Left)(new i.LKRPUnknownError(String(e)))}return(0,s.Right)(void 0)})}parseCommand(t,r){const e=t.getPublicKey().orDefault(r);return this.setTrustedMember(e).chain(async()=>{try{const a=await this.api.sendCommand(new d.ParseSingleCommand({command:t.toU8A()}));return a.status!==o.CommandResultStatus.Success?(0,s.Left)(a.error):this.recordTrustedMembers(e,a.data)}catch(a){return(0,s.Left)(new i.LKRPUnknownError(String(a)))}})}setTrustedMember(t){return s.EitherAsync.fromPromise(async()=>{if(t===this.lastTrustedMember)return(0,s.Right)(void 0);const r=this.trustedMembers.get(t);if(!r)return(0,s.Right)(void 0);try{const e=await this.api.sendCommand(new P.SetTrustedMemberCommand(r));if(e.status!==o.CommandResultStatus.Success)return(0,s.Left)(e.error)}catch(e){return(0,s.Left)(new i.LKRPUnknownError(String(e)))}return(0,s.Right)(void 0)})}recordTrustedMembers(t,r){if(this.lastTrustedMember=t,r.length===0||this.trustedMembers.has(t))return(0,s.Right)(void 0);const e=new f.TrustedProperties(r);return(0,h.eitherSeqRecord)({iv:()=>e.getIv(),memberTlv:()=>e.getNewMember()}).ifRight(a=>this.trustedMembers.set(t,a))}}0&&(module.exports={ParseStreamToDeviceTask});
+"use strict";var m=Object.defineProperty;var h=Object.getOwnPropertyDescriptor;var l=Object.getOwnPropertyNames;var k=Object.prototype.hasOwnProperty;var S=(n,t)=>{for(var r in t)m(n,r,{get:t[r],enumerable:!0})},T=(n,t,r,e)=>{if(t&&typeof t=="object"||typeof t=="function")for(let a of l(t))!k.call(n,a)&&a!==r&&m(n,a,{get:()=>t[a],enumerable:!(e=h(t,a))||e.enumerable});return n};var g=n=>T(m({},"__esModule",{value:!0}),n);var E={};S(E,{ParseStreamToDeviceTask:()=>R});module.exports=g(E);var o=require("@ledgerhq/device-management-kit"),s=require("purify-ts"),i=require("../../../api/model/Errors"),u=require("../../app-binder/command/ParseBlockSignatureCommand"),c=require("../../app-binder/command/ParseStreamBlockCommand"),d=require("../../app-binder/command/ParseStreamBlockHeader"),p=require("../../app-binder/command/SetTrustedMemberCommand"),P=require("../../utils/eitherSeqRecord"),f=require("./utils/TrustedProperties");class R{constructor(t){this.api=t}lastTrustedMember=null;trustedMembers=new Map;run({seedBlock:t,applicationStream:r}){return this.parseBlock(t).chain(()=>r?this.parseStream(r):s.EitherAsync.liftEither((0,s.Right)(void 0)))}parseStream(t){return s.EitherAsync.liftEither(t.parse()).chain(r=>s.EitherAsync.sequence(r.map(e=>this.parseBlock(e))))}parseBlock(t){return s.EitherAsync.liftEither(t.parse()).chain(r=>this.setTrustedMember((0,o.bufferToHexaString)(r.issuer,!1)).map(()=>r)).chain(async r=>{try{const e=await this.api.sendCommand(new d.ParseBlockHeaderCommand(r));if(e.status!==o.CommandResultStatus.Success)return(0,s.Left)(e.error)}catch(e){return(0,s.Left)(new i.LKRPUnknownError(String(e)))}return(0,s.Right)(r)}).chain(r=>s.EitherAsync.sequence(r.commands.map(e=>this.parseCommand(e,(0,o.bufferToHexaString)(r.issuer,!1)))).map(()=>r)).chain(async r=>{try{const e=await this.api.sendCommand(new u.ParseBlockSignatureCommand(r));if(e.status!==o.CommandResultStatus.Success)return(0,s.Left)(e.error)}catch(e){return(0,s.Left)(new i.LKRPUnknownError(String(e)))}return(0,s.Right)(void 0)})}parseCommand(t,r){const e=t.getPublicKey().orDefault(r);return this.setTrustedMember(e).chain(async()=>{try{const a=await this.api.sendCommand(new c.ParseSingleCommand({command:t.toU8A()}));return a.status!==o.CommandResultStatus.Success?(0,s.Left)(a.error):this.recordTrustedMembers(e,a.data)}catch(a){return(0,s.Left)(new i.LKRPUnknownError(String(a)))}})}setTrustedMember(t){return s.EitherAsync.fromPromise(async()=>{if(t===this.lastTrustedMember)return(0,s.Right)(void 0);const r=this.trustedMembers.get(t);if(!r)return(0,s.Right)(void 0);try{const e=await this.api.sendCommand(new p.SetTrustedMemberCommand(r));if(e.status!==o.CommandResultStatus.Success)return(0,s.Left)(e.error)}catch(e){return(0,s.Left)(new i.LKRPUnknownError(String(e)))}return(0,s.Right)(void 0)})}recordTrustedMembers(t,r){if(this.lastTrustedMember=t,r.length===0||this.trustedMembers.has(t))return(0,s.Right)(void 0);const e=new f.TrustedProperties(r);return(0,P.eitherSeqRecord)({iv:()=>e.getIv(),memberTlv:()=>e.getNewMember()}).ifRight(a=>this.trustedMembers.set(t,a))}}0&&(module.exports={ParseStreamToDeviceTask});
 //# sourceMappingURL=ParseStreamToDeviceTask.js.map

package/lib/cjs/internal/app-binder/task/ParseStreamToDeviceTask.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../../src/internal/app-binder/task/ParseStreamToDeviceTask.ts"],
-  "sourcesContent": ["import {\n  CommandResultStatus,\n  type InternalApi,\n} from \"@ledgerhq/device-management-kit\";\nimport { type Either, EitherAsync, Left, Right } from \"purify-ts\";\n\nimport {\n  type LKRPMissingDataError,\n  type LKRPParsingError,\n  LKRPUnknownError,\n} from \"@api/app-binder/Errors\";\nimport { type SetTrustedMemberCommandArgs } from \"@api/app-binder/SetTrustedMemberTypes\";\nimport { ParseBlockSignatureCommand } from \"@internal/app-binder/command/ParseBlockSignatureCommand\";\nimport { ParseSingleCommand } from \"@internal/app-binder/command/ParseStreamBlockCommand\";\nimport { ParseBlockHeaderCommand } from \"@internal/app-binder/command/ParseStreamBlockHeader\";\nimport { SetTrustedMemberCommand } from \"@internal/app-binder/command/SetTrustedMemberCommand\";\nimport { type LKRPDeviceCommandError } from \"@internal/app-binder/command/utils/ledgerKeyringProtocolErrors\";\nimport { type LKRPBlockParsedData } from \"@internal/models/LKRPBlockTypes\";\nimport { eitherSeqRecord } from \"@internal/utils/eitherSeqRecord\";\nimport { bytesToHex } from \"@internal/utils/hex\";\nimport { type LKRPBlock } from \"@internal/utils/LKRPBlock\";\nimport { type LKRPBlockStream } from \"@internal/utils/LKRPBlockStream\";\nimport { type LKRPCommand } from \"@internal/utils/LKRPCommand\";\n\nimport { TrustedProperties } from \"./utils/TrustedProperties\";\n\nexport type ParseStreamToDeviceTaskInput = {\n  seedBlock: LKRPBlock; // The seed block is mandatory for now because the trustchain creation / parse empty stream are not yet implemented\n  applicationStream: LKRPBlockStream | null;\n};\n\ntype ParseStreamTaskError =\n  | LKRPDeviceCommandError\n  | LKRPParsingError\n  | LKRPMissingDataError\n  | LKRPUnknownError;\n\nexport class ParseStreamToDeviceTask {\n  private lastTrustedMember: string | null = null;\n  private trustedMembers = new Map<string, SetTrustedMemberCommandArgs>();\n\n  constructor(private readonly api: InternalApi) {}\n\n  run({ seedBlock, applicationStream }: ParseStreamToDeviceTaskInput) {\n    return this.parseBlock(seedBlock).chain<ParseStreamTaskError, unknown>(\n      () =>\n        applicationStream\n          ? this.parseStream(applicationStream)\n          : EitherAsync.liftEither(Right(undefined)),\n    );\n  }\n\n  parseStream(stream: LKRPBlockStream) {\n    return EitherAsync.liftEither(stream.parse()).chain<\n      ParseStreamTaskError,\n      unknown\n    >((blocks) =>\n      EitherAsync.sequence(blocks.map((block) => this.parseBlock(block))),\n    );\n  }\n\n  parseBlock(block: LKRPBlock) {\n    return (\n      EitherAsync.liftEither(block.parse())\n\n        .chain<ParseStreamTaskError, LKRPBlockParsedData>((data) =>\n          this.setTrustedMember(bytesToHex(data.issuer)).map(() => data),\n        )\n\n        // Parse the block header\n        .chain<ParseStreamTaskError, LKRPBlockParsedData>(async (data) => {\n          try {\n            const response = await this.api.sendCommand(\n              new ParseBlockHeaderCommand(data),\n            );\n            if (response.status !== CommandResultStatus.Success) {\n              return Left(response.error);\n            }\n          } catch (error) {\n            return Left(new LKRPUnknownError(String(error)));\n          }\n          return Right(data);\n        })\n\n        // Parse each command\n        .chain<ParseStreamTaskError, LKRPBlockParsedData>((data) =>\n          EitherAsync.sequence(\n            data.commands.map((command) =>\n              this.parseCommand(command, bytesToHex(data.issuer)),\n            ),\n          ).map(() => data),\n        )\n\n        // Parse the block signature\n        .chain<ParseStreamTaskError, void>(async (data) => {\n          try {\n            const response = await this.api.sendCommand(\n              new ParseBlockSignatureCommand(data),\n            );\n            if (response.status !== CommandResultStatus.Success) {\n              return Left(response.error);\n            }\n          } catch (error) {\n            return Left(new LKRPUnknownError(String(error)));\n          }\n          return Right(undefined);\n        })\n    );\n  }\n\n  parseCommand(command: LKRPCommand, blockIssuer: string) {\n    const publicKey = command.getPublicKey().orDefault(blockIssuer);\n\n    // Parse the command\n    return this.setTrustedMember(publicKey).chain<\n      ParseStreamTaskError,\n      unknown\n    >(async () => {\n      try {\n        const response = await this.api.sendCommand(\n          new ParseSingleCommand({ command: command.toU8A() }),\n        );\n        if (response.status !== CommandResultStatus.Success) {\n          return Left(response.error);\n        }\n        return this.recordTrustedMembers(publicKey, response.data);\n      } catch (error) {\n        return Left(new LKRPUnknownError(String(error)));\n      }\n    });\n  }\n\n  setTrustedMember(publicKey: string) {\n    // NOTE: Set Trusted Member only when needed\n    // i.e: when this command wasn't signed by the device (see recordTrustedMembers NOTE) nor the last trusted member\n    return EitherAsync.fromPromise<ParseStreamTaskError, void>(async () => {\n      if (publicKey === this.lastTrustedMember) {\n        return Right(undefined);\n      }\n      const trustedMember = this.trustedMembers.get(publicKey);\n      if (!trustedMember) {\n        return Right(undefined);\n      }\n      try {\n        const response = await this.api.sendCommand(\n          new SetTrustedMemberCommand(trustedMember),\n        );\n        if (response.status !== CommandResultStatus.Success) {\n          return Left(response.error);\n        }\n      } catch (error) {\n        return Left(new LKRPUnknownError(String(error)));\n      }\n      return Right(undefined);\n    });\n  }\n\n  recordTrustedMembers(\n    publicKey: string,\n    trustedPropsBytes: Uint8Array,\n  ): Either<LKRPParsingError | LKRPMissingDataError, unknown> {\n    this.lastTrustedMember = publicKey;\n\n    // NOTE: Whenever a command which was signed by the device is parsed on the same device\n    // the parse block apdu returns empty trusted properties.\n    // Therefore this function will never record the device as a trusted member.\n    // (which is fine because the device doesn't need to set itself as a trusted member).\n    if (trustedPropsBytes.length === 0 || this.trustedMembers.has(publicKey)) {\n      return Right(undefined);\n    }\n\n    const trustedProps = new TrustedProperties(trustedPropsBytes);\n    return eitherSeqRecord({\n      iv: () => trustedProps.getIv(),\n      memberTlv: () => trustedProps.getNewMember(),\n    }).ifRight((trustedMember) =>\n      this.trustedMembers.set(publicKey, trustedMember),\n    );\n  }\n}\n"],
-  "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,6BAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAGO,2CACPC,EAAsD,qBAEtDC,EAIO,kCAEPC,EAA2C,mEAC3CC,EAAmC,gEACnCC,EAAwC,+DACxCC,EAAwC,gEAGxCC,EAAgC,2CAChCC,EAA2B,+BAK3BC,EAAkC,qCAa3B,MAAMX,CAAwB,CAInC,YAA6BY,EAAkB,CAAlB,SAAAA,CAAmB,CAHxC,kBAAmC,KACnC,eAAiB,IAAI,IAI7B,IAAI,CAAE,UAAAC,EAAW,kBAAAC,CAAkB,EAAiC,CAClE,OAAO,KAAK,WAAWD,CAAS,EAAE,MAChC,IACEC,EACI,KAAK,YAAYA,CAAiB,EAClC,cAAY,cAAW,SAAM,MAAS,CAAC,CAC/C,CACF,CAEA,YAAYC,EAAyB,CACnC,OAAO,cAAY,WAAWA,EAAO,MAAM,CAAC,EAAE,MAG3CC,GACD,cAAY,SAASA,EAAO,IAAKC,GAAU,KAAK,WAAWA,CAAK,CAAC,CAAC,CACpE,CACF,CAEA,WAAWA,EAAkB,CAC3B,OACE,cAAY,WAAWA,EAAM,MAAM,CAAC,EAEjC,MAAkDC,GACjD,KAAK,oBAAiB,cAAWA,EAAK,MAAM,CAAC,EAAE,IAAI,IAAMA,CAAI,CAC/D,EAGC,MAAiD,MAAOA,GAAS,CAChE,GAAI,CACF,MAAMC,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,0BAAwBD,CAAI,CAClC,EACA,GAAIC,EAAS,SAAW,sBAAoB,QAC1C,SAAO,QAAKA,EAAS,KAAK,CAE9B,OAASC,EAAO,CACd,SAAO,QAAK,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CAAC,CACjD,CACA,SAAO,SAAMF,CAAI,CACnB,CAAC,EAGA,MAAkDA,GACjD,cAAY,SACVA,EAAK,SAAS,IAAKG,GACjB,KAAK,aAAaA,KAAS,cAAWH,EAAK,MAAM,CAAC,CACpD,CACF,EAAE,IAAI,IAAMA,CAAI,CAClB,EAGC,MAAkC,MAAOA,GAAS,CACjD,GAAI,CACF,MAAMC,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,6BAA2BD,CAAI,CACrC,EACA,GAAIC,EAAS,SAAW,sBAAoB,QAC1C,SAAO,QAAKA,EAAS,KAAK,CAE9B,OAASC,EAAO,CACd,SAAO,QAAK,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CAAC,CACjD,CACA,SAAO,SAAM,MAAS,CACxB,CAAC,CAEP,CAEA,aAAaC,EAAsBC,EAAqB,CACtD,MAAMC,EAAYF,EAAQ,aAAa,EAAE,UAAUC,CAAW,EAG9D,OAAO,KAAK,iBAAiBC,CAAS,EAAE,MAGtC,SAAY,CACZ,GAAI,CACF,MAAMJ,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,qBAAmB,CAAE,QAASE,EAAQ,MAAM,CAAE,CAAC,CACrD,EACA,OAAIF,EAAS,SAAW,sBAAoB,WACnC,QAAKA,EAAS,KAAK,EAErB,KAAK,qBAAqBI,EAAWJ,EAAS,IAAI,CAC3D,OAASC,EAAO,CACd,SAAO,QAAK,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CAAC,CACjD,CACF,CAAC,CACH,CAEA,iBAAiBG,EAAmB,CAGlC,OAAO,cAAY,YAAwC,SAAY,CACrE,GAAIA,IAAc,KAAK,kBACrB,SAAO,SAAM,MAAS,EAExB,MAAMC,EAAgB,KAAK,eAAe,IAAID,CAAS,EACvD,GAAI,CAACC,EACH,SAAO,SAAM,MAAS,EAExB,GAAI,CACF,MAAML,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,0BAAwBK,CAAa,CAC3C,EACA,GAAIL,EAAS,SAAW,sBAAoB,QAC1C,SAAO,QAAKA,EAAS,KAAK,CAE9B,OAASC,EAAO,CACd,SAAO,QAAK,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CAAC,CACjD,CACA,SAAO,SAAM,MAAS,CACxB,CAAC,CACH,CAEA,qBACEG,EACAE,EAC0D,CAO1D,GANA,KAAK,kBAAoBF,EAMrBE,EAAkB,SAAW,GAAK,KAAK,eAAe,IAAIF,CAAS,EACrE,SAAO,SAAM,MAAS,EAGxB,MAAMG,EAAe,IAAI,oBAAkBD,CAAiB,EAC5D,SAAO,mBAAgB,CACrB,GAAI,IAAMC,EAAa,MAAM,EAC7B,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,EAAE,QAASF,GACV,KAAK,eAAe,IAAID,EAAWC,CAAa,CAClD,CACF,CACF",
-  "names": ["ParseStreamToDeviceTask_exports", "__export", "ParseStreamToDeviceTask", "__toCommonJS", "import_device_management_kit", "import_purify_ts", "import_Errors", "import_ParseBlockSignatureCommand", "import_ParseStreamBlockCommand", "import_ParseStreamBlockHeader", "import_SetTrustedMemberCommand", "import_eitherSeqRecord", "import_hex", "import_TrustedProperties", "api", "seedBlock", "applicationStream", "stream", "blocks", "block", "data", "response", "error", "command", "blockIssuer", "publicKey", "trustedMember", "trustedPropsBytes", "trustedProps"]
+  "sourcesContent": ["import {\n  bufferToHexaString,\n  CommandResultStatus,\n  type InternalApi,\n} from \"@ledgerhq/device-management-kit\";\nimport { type Either, EitherAsync, Left, Right } from \"purify-ts\";\n\nimport {\n  type LKRPMissingDataError,\n  type LKRPParsingError,\n  LKRPUnknownError,\n} from \"@api/model/Errors\";\nimport { ParseBlockSignatureCommand } from \"@internal/app-binder/command/ParseBlockSignatureCommand\";\nimport { ParseSingleCommand } from \"@internal/app-binder/command/ParseStreamBlockCommand\";\nimport { ParseBlockHeaderCommand } from \"@internal/app-binder/command/ParseStreamBlockHeader\";\nimport {\n  SetTrustedMemberCommand,\n  type SetTrustedMemberCommandArgs,\n} from \"@internal/app-binder/command/SetTrustedMemberCommand\";\nimport { type LKRPDeviceCommandError } from \"@internal/app-binder/command/utils/ledgerKeyringProtocolErrors\";\nimport { type LKRPBlockParsedData } from \"@internal/models/LKRPBlockTypes\";\nimport { eitherSeqRecord } from \"@internal/utils/eitherSeqRecord\";\nimport { type LKRPBlock } from \"@internal/utils/LKRPBlock\";\nimport { type LKRPBlockStream } from \"@internal/utils/LKRPBlockStream\";\nimport { type LKRPCommand } from \"@internal/utils/LKRPCommand\";\n\nimport { TrustedProperties } from \"./utils/TrustedProperties\";\n\nexport type ParseStreamToDeviceTaskInput = {\n  seedBlock: LKRPBlock; // The seed block is mandatory for now because the trustchain creation / parse empty stream are not yet implemented\n  applicationStream: LKRPBlockStream | null;\n};\n\ntype ParseStreamTaskError =\n  | LKRPDeviceCommandError\n  | LKRPParsingError\n  | LKRPMissingDataError\n  | LKRPUnknownError;\n\nexport class ParseStreamToDeviceTask {\n  private lastTrustedMember: string | null = null;\n  private trustedMembers = new Map<string, SetTrustedMemberCommandArgs>();\n\n  constructor(private readonly api: InternalApi) {}\n\n  run({ seedBlock, applicationStream }: ParseStreamToDeviceTaskInput) {\n    return this.parseBlock(seedBlock).chain<ParseStreamTaskError, unknown>(\n      () =>\n        applicationStream\n          ? this.parseStream(applicationStream)\n          : EitherAsync.liftEither(Right(undefined)),\n    );\n  }\n\n  parseStream(stream: LKRPBlockStream) {\n    return EitherAsync.liftEither(stream.parse()).chain<\n      ParseStreamTaskError,\n      unknown\n    >((blocks) =>\n      EitherAsync.sequence(blocks.map((block) => this.parseBlock(block))),\n    );\n  }\n\n  parseBlock(block: LKRPBlock) {\n    return (\n      EitherAsync.liftEither(block.parse())\n\n        .chain<ParseStreamTaskError, LKRPBlockParsedData>((data) =>\n          this.setTrustedMember(bufferToHexaString(data.issuer, false)).map(\n            () => data,\n          ),\n        )\n\n        // Parse the block header\n        .chain<ParseStreamTaskError, LKRPBlockParsedData>(async (data) => {\n          try {\n            const response = await this.api.sendCommand(\n              new ParseBlockHeaderCommand(data),\n            );\n            if (response.status !== CommandResultStatus.Success) {\n              return Left(response.error);\n            }\n          } catch (error) {\n            return Left(new LKRPUnknownError(String(error)));\n          }\n          return Right(data);\n        })\n\n        // Parse each command\n        .chain<ParseStreamTaskError, LKRPBlockParsedData>((data) =>\n          EitherAsync.sequence(\n            data.commands.map((command) =>\n              this.parseCommand(\n                command,\n                bufferToHexaString(data.issuer, false),\n              ),\n            ),\n          ).map(() => data),\n        )\n\n        // Parse the block signature\n        .chain<ParseStreamTaskError, void>(async (data) => {\n          try {\n            const response = await this.api.sendCommand(\n              new ParseBlockSignatureCommand(data),\n            );\n            if (response.status !== CommandResultStatus.Success) {\n              return Left(response.error);\n            }\n          } catch (error) {\n            return Left(new LKRPUnknownError(String(error)));\n          }\n          return Right(undefined);\n        })\n    );\n  }\n\n  parseCommand(command: LKRPCommand, blockIssuer: string) {\n    const publicKey = command.getPublicKey().orDefault(blockIssuer);\n\n    // Parse the command\n    return this.setTrustedMember(publicKey).chain<\n      ParseStreamTaskError,\n      unknown\n    >(async () => {\n      try {\n        const response = await this.api.sendCommand(\n          new ParseSingleCommand({ command: command.toU8A() }),\n        );\n        if (response.status !== CommandResultStatus.Success) {\n          return Left(response.error);\n        }\n        return this.recordTrustedMembers(publicKey, response.data);\n      } catch (error) {\n        return Left(new LKRPUnknownError(String(error)));\n      }\n    });\n  }\n\n  setTrustedMember(publicKey: string) {\n    // NOTE: Set Trusted Member only when needed\n    // i.e: when this command wasn't signed by the device (see recordTrustedMembers NOTE) nor the last trusted member\n    return EitherAsync.fromPromise<ParseStreamTaskError, void>(async () => {\n      if (publicKey === this.lastTrustedMember) {\n        return Right(undefined);\n      }\n      const trustedMember = this.trustedMembers.get(publicKey);\n      if (!trustedMember) {\n        return Right(undefined);\n      }\n      try {\n        const response = await this.api.sendCommand(\n          new SetTrustedMemberCommand(trustedMember),\n        );\n        if (response.status !== CommandResultStatus.Success) {\n          return Left(response.error);\n        }\n      } catch (error) {\n        return Left(new LKRPUnknownError(String(error)));\n      }\n      return Right(undefined);\n    });\n  }\n\n  recordTrustedMembers(\n    publicKey: string,\n    trustedPropsBytes: Uint8Array,\n  ): Either<LKRPParsingError | LKRPMissingDataError, unknown> {\n    this.lastTrustedMember = publicKey;\n\n    // NOTE: Whenever a command which was signed by the device is parsed on the same device\n    // the parse block apdu returns empty trusted properties.\n    // Therefore this function will never record the device as a trusted member.\n    // (which is fine because the device doesn't need to set itself as a trusted member).\n    if (trustedPropsBytes.length === 0 || this.trustedMembers.has(publicKey)) {\n      return Right(undefined);\n    }\n\n    const trustedProps = new TrustedProperties(trustedPropsBytes);\n    return eitherSeqRecord({\n      iv: () => trustedProps.getIv(),\n      memberTlv: () => trustedProps.getNewMember(),\n    }).ifRight((trustedMember) =>\n      this.trustedMembers.set(publicKey, trustedMember),\n    );\n  }\n}\n"],
+  "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,6BAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAIO,2CACPC,EAAsD,qBAEtDC,EAIO,6BACPC,EAA2C,mEAC3CC,EAAmC,gEACnCC,EAAwC,+DACxCC,EAGO,gEAGPC,EAAgC,2CAKhCC,EAAkC,qCAa3B,MAAMV,CAAwB,CAInC,YAA6BW,EAAkB,CAAlB,SAAAA,CAAmB,CAHxC,kBAAmC,KACnC,eAAiB,IAAI,IAI7B,IAAI,CAAE,UAAAC,EAAW,kBAAAC,CAAkB,EAAiC,CAClE,OAAO,KAAK,WAAWD,CAAS,EAAE,MAChC,IACEC,EACI,KAAK,YAAYA,CAAiB,EAClC,cAAY,cAAW,SAAM,MAAS,CAAC,CAC/C,CACF,CAEA,YAAYC,EAAyB,CACnC,OAAO,cAAY,WAAWA,EAAO,MAAM,CAAC,EAAE,MAG3CC,GACD,cAAY,SAASA,EAAO,IAAKC,GAAU,KAAK,WAAWA,CAAK,CAAC,CAAC,CACpE,CACF,CAEA,WAAWA,EAAkB,CAC3B,OACE,cAAY,WAAWA,EAAM,MAAM,CAAC,EAEjC,MAAkDC,GACjD,KAAK,oBAAiB,sBAAmBA,EAAK,OAAQ,EAAK,CAAC,EAAE,IAC5D,IAAMA,CACR,CACF,EAGC,MAAiD,MAAOA,GAAS,CAChE,GAAI,CACF,MAAMC,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,0BAAwBD,CAAI,CAClC,EACA,GAAIC,EAAS,SAAW,sBAAoB,QAC1C,SAAO,QAAKA,EAAS,KAAK,CAE9B,OAASC,EAAO,CACd,SAAO,QAAK,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CAAC,CACjD,CACA,SAAO,SAAMF,CAAI,CACnB,CAAC,EAGA,MAAkDA,GACjD,cAAY,SACVA,EAAK,SAAS,IAAKG,GACjB,KAAK,aACHA,KACA,sBAAmBH,EAAK,OAAQ,EAAK,CACvC,CACF,CACF,EAAE,IAAI,IAAMA,CAAI,CAClB,EAGC,MAAkC,MAAOA,GAAS,CACjD,GAAI,CACF,MAAMC,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,6BAA2BD,CAAI,CACrC,EACA,GAAIC,EAAS,SAAW,sBAAoB,QAC1C,SAAO,QAAKA,EAAS,KAAK,CAE9B,OAASC,EAAO,CACd,SAAO,QAAK,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CAAC,CACjD,CACA,SAAO,SAAM,MAAS,CACxB,CAAC,CAEP,CAEA,aAAaC,EAAsBC,EAAqB,CACtD,MAAMC,EAAYF,EAAQ,aAAa,EAAE,UAAUC,CAAW,EAG9D,OAAO,KAAK,iBAAiBC,CAAS,EAAE,MAGtC,SAAY,CACZ,GAAI,CACF,MAAMJ,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,qBAAmB,CAAE,QAASE,EAAQ,MAAM,CAAE,CAAC,CACrD,EACA,OAAIF,EAAS,SAAW,sBAAoB,WACnC,QAAKA,EAAS,KAAK,EAErB,KAAK,qBAAqBI,EAAWJ,EAAS,IAAI,CAC3D,OAASC,EAAO,CACd,SAAO,QAAK,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CAAC,CACjD,CACF,CAAC,CACH,CAEA,iBAAiBG,EAAmB,CAGlC,OAAO,cAAY,YAAwC,SAAY,CACrE,GAAIA,IAAc,KAAK,kBACrB,SAAO,SAAM,MAAS,EAExB,MAAMC,EAAgB,KAAK,eAAe,IAAID,CAAS,EACvD,GAAI,CAACC,EACH,SAAO,SAAM,MAAS,EAExB,GAAI,CACF,MAAML,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,0BAAwBK,CAAa,CAC3C,EACA,GAAIL,EAAS,SAAW,sBAAoB,QAC1C,SAAO,QAAKA,EAAS,KAAK,CAE9B,OAASC,EAAO,CACd,SAAO,QAAK,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CAAC,CACjD,CACA,SAAO,SAAM,MAAS,CACxB,CAAC,CACH,CAEA,qBACEG,EACAE,EAC0D,CAO1D,GANA,KAAK,kBAAoBF,EAMrBE,EAAkB,SAAW,GAAK,KAAK,eAAe,IAAIF,CAAS,EACrE,SAAO,SAAM,MAAS,EAGxB,MAAMG,EAAe,IAAI,oBAAkBD,CAAiB,EAC5D,SAAO,mBAAgB,CACrB,GAAI,IAAMC,EAAa,MAAM,EAC7B,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,EAAE,QAASF,GACV,KAAK,eAAe,IAAID,EAAWC,CAAa,CAClD,CACF,CACF",
+  "names": ["ParseStreamToDeviceTask_exports", "__export", "ParseStreamToDeviceTask", "__toCommonJS", "import_device_management_kit", "import_purify_ts", "import_Errors", "import_ParseBlockSignatureCommand", "import_ParseStreamBlockCommand", "import_ParseStreamBlockHeader", "import_SetTrustedMemberCommand", "import_eitherSeqRecord", "import_TrustedProperties", "api", "seedBlock", "applicationStream", "stream", "blocks", "block", "data", "response", "error", "command", "blockIssuer", "publicKey", "trustedMember", "trustedPropsBytes", "trustedProps"]
 }

package/lib/cjs/internal/app-binder/task/SignBlockTask.js CHANGED Viewed

@@ -1,2 +1,2 @@
-"use strict";var u=Object.defineProperty;var k=Object.getOwnPropertyDescriptor;var B=Object.getOwnPropertyNames;var b=Object.prototype.hasOwnProperty;var f=(m,r)=>{for(var e in r)u(m,e,{get:r[e],enumerable:!0})},A=(m,r,e,n)=>{if(r&&typeof r=="object"||typeof r=="function")for(let i of B(r))!b.call(m,i)&&i!==e&&u(m,i,{get:()=>r[i],enumerable:!(n=k(r,i))||n.enumerable});return m};var D=m=>A(u({},"__esModule",{value:!0}),m);var R={};f(R,{SignBlockTask:()=>w});module.exports=D(R);var g=require("@ledgerhq/device-management-kit"),t=require("purify-ts"),o=require("../../../api/app-binder/Errors"),S=require("../../app-binder/command/SignBlockHeader"),C=require("../../app-binder/command/SignBlockSignatureCommand"),P=require("../../app-binder/command/SignBlockSingleCommand"),a=require("../../models/Tags"),l=require("../../utils/crypto"),d=require("../../utils/eitherSeqRecord"),K=require("../../utils/LKRPBlock"),p=require("../../utils/LKRPCommand"),h=require("./utils/TrustedProperties");class w{constructor(r){this.api=r}run({lkrpDataSource:r,trustchainId:e,path:n,jwt:i,parent:c,blockFlow:y,sessionKeypair:v}){const E=this.signCommands(n,y);return(0,d.eitherAsyncSeqRecord)({header:this.signBlockHeader(c,E.length),commands:t.EitherAsync.sequence(E),signature:this.signBlockSignature(v)}).chain(s=>t.EitherAsync.liftEither(this.decryptBlock(c,s))).chain(s=>{switch(y.type){case"derive":return r.postDerivation(e,s,i);case"addMember":return r.putCommands(e,n,s,i)}}).mapLeft(s=>s instanceof o.LKRPDataSourceError&&s.status==="BAD_REQUEST"?new o.LKRPOutdatedTrustchainError:s)}signBlockHeader(r,e){return t.EitherAsync.fromPromise(async()=>{try{const n=await this.api.sendCommand(new S.SignBlockHeaderCommand({parent:r,commandCount:e}));if(n.status!==g.CommandResultStatus.Success)return(0,t.Left)(n.error);const i=new h.TrustedProperties(n.data);return(0,d.eitherSeqRecord)({iv:()=>i.getIv(),issuer:()=>i.getIssuer()})}catch(n){return(0,t.Left)(new o.LKRPUnknownError(String(n)))}})}signBlockSignature(r){return t.EitherAsync.fromPromise(async()=>{try{const e=await this.api.sendCommand(new C.SignBlockSignatureCommand);if(e.status!==g.CommandResultStatus.Success)return(0,t.Left)(e.error);const{signature:n,deviceSessionKey:i}=e.data,c=r.ecdh(i).slice(1);return(0,t.Right)({signature:n,secret:c})}catch(e){return(0,t.Left)(new o.LKRPUnknownError(String(e)))}})}signCommands(r,e){switch(e.type){case"derive":return[this.signDeriveCommand(r),this.signAddMemberCommand(e.data),this.signPublishKeyCommand(e.data)];case"addMember":return[this.signAddMemberCommand(e.data),this.signPublishKeyCommand(e.data)]}}signSingleCommand(r){return t.EitherAsync.fromPromise(async()=>{try{const e=await this.api.sendCommand(new P.SignBlockSingleCommand({command:r}));return e.status!==g.CommandResultStatus.Success?(0,t.Left)(e.error):(0,t.Right)(new h.TrustedProperties(e.data))}catch(e){return(0,t.Left)(new o.LKRPUnknownError(String(e)))}})}signDeriveCommand(r){return this.signSingleCommand(p.LKRPCommand.bytesFromUnsignedData({type:a.CommandTags.Derive,path:r})).chain(e=>t.EitherAsync.liftEither((0,d.eitherSeqRecord)({type:a.CommandTags.Derive,path:r,iv:()=>e.getIv(),xpriv:()=>e.getXPriv(),ephemeralPublicKey:()=>e.getEphemeralPublicKey(),commandIv:()=>e.getCommandIv(),groupKey:()=>e.getGroupKey(),newMember:()=>e.getNewMember()})))}signAddMemberCommand({name:r,publicKey:e,permissions:n}){return this.signSingleCommand(p.LKRPCommand.bytesFromUnsignedData({type:a.CommandTags.AddMember,name:r,publicKey:e,permissions:n})).chain(i=>t.EitherAsync.liftEither((0,d.eitherSeqRecord)({type:a.CommandTags.AddMember,name:r,publicKey:e,permissions:n,iv:()=>i.getIv(),newMember:()=>i.getNewMember()})))}signPublishKeyCommand({publicKey:r}){return this.signSingleCommand(p.LKRPCommand.bytesFromUnsignedData({type:a.CommandTags.PublishKey,recipient:r})).chain(e=>t.EitherAsync.liftEither((0,d.eitherSeqRecord)({type:a.CommandTags.PublishKey,recipient:r,iv:()=>e.getIv(),xpriv:()=>e.getXPriv(),ephemeralPublicKey:()=>e.getEphemeralPublicKey(),commandIv:()=>e.getCommandIv(),newMember:()=>e.getNewMember()})))}decryptBlock(r,{header:e,commands:n,signature:i}){const c=l.CryptoUtils.decrypt(i.secret,e.iv,e.issuer);return t.Either.sequence(n.map(y=>this.decryptCommand(i.secret,y))).map(y=>K.LKRPBlock.fromData({parent:(0,g.bufferToHexaString)(r),issuer:c,commands:y,signature:i.signature}))}decryptCommand(r,e){switch(e.type){case a.CommandTags.Derive:case a.CommandTags.PublishKey:{const n=l.CryptoUtils.decrypt(r,e.iv,e.xpriv);return(0,t.Right)(p.LKRPCommand.fromData({...e,initializationVector:e.commandIv,encryptedXpriv:n}))}case a.CommandTags.AddMember:return(0,t.Right)(p.LKRPCommand.fromData({...e}));default:return(0,t.Left)(new o.LKRPUnsupportedCommandError(e))}}}0&&(module.exports={SignBlockTask});
+"use strict";var h=Object.defineProperty;var k=Object.getOwnPropertyDescriptor;var f=Object.getOwnPropertyNames;var A=Object.prototype.hasOwnProperty;var w=(s,r)=>{for(var e in r)h(s,e,{get:r[e],enumerable:!0})},B=(s,r,e,i)=>{if(r&&typeof r=="object"||typeof r=="function")for(let n of f(r))!A.call(s,n)&&n!==e&&h(s,n,{get:()=>r[n],enumerable:!(i=k(r,n))||i.enumerable});return s};var b=s=>B(h({},"__esModule",{value:!0}),s);var R={};w(R,{SignBlockTask:()=>D});module.exports=b(R);var g=require("@ledgerhq/device-management-kit"),t=require("purify-ts"),E=require("../../../api/crypto/CryptoService"),a=require("../../../api/model/Errors"),P=require("../../app-binder/command/SignBlockHeader"),v=require("../../app-binder/command/SignBlockSignatureCommand"),C=require("../../app-binder/command/SignBlockSingleCommand"),o=require("../../models/Tags"),y=require("../../utils/eitherSeqRecord"),K=require("../../utils/LKRPBlock"),p=require("../../utils/LKRPCommand"),S=require("./utils/TrustedProperties");class D{constructor(r,e){this.api=r;this.cryptoService=e}run({lkrpDataSource:r,trustchainId:e,path:i,jwt:n,parent:c,blockFlow:u,sessionKeypair:l}){const m=this.signCommands(i,u);return(0,y.eitherAsyncSeqRecord)({header:this.signBlockHeader(c,m.length),commands:t.EitherAsync.sequence(m),signature:this.signBlockSignature(l)}).chain(async d=>this.decryptBlock(c,d)).chain(d=>{switch(u.type){case"derive":return r.postDerivation(e,d,n);case"addMember":return r.putCommands(e,i,d,n)}}).mapLeft(d=>d instanceof a.LKRPDataSourceError&&d.status==="BAD_REQUEST"?new a.LKRPOutdatedTrustchainError:d)}signBlockHeader(r,e){return t.EitherAsync.fromPromise(async()=>{try{const i=await this.api.sendCommand(new P.SignBlockHeaderCommand({parent:r,commandCount:e}));if(i.status!==g.CommandResultStatus.Success)return(0,t.Left)(i.error);const n=new S.TrustedProperties(i.data);return(0,y.eitherSeqRecord)({iv:()=>n.getIv(),issuer:()=>n.getIssuer()})}catch(i){return(0,t.Left)(new a.LKRPUnknownError(String(i)))}})}signBlockSignature(r){return t.EitherAsync.fromPromise(async()=>{try{const e=await this.api.sendCommand(new v.SignBlockSignatureCommand);if(e.status!==g.CommandResultStatus.Success)return(0,t.Left)(e.error);const{signature:i,deviceSessionKey:n}=e.data,c=(await r.deriveSharedSecret(n)).slice(1);return(0,t.Right)({signature:i,secret:c})}catch(e){return(0,t.Left)(new a.LKRPUnknownError(String(e)))}})}signCommands(r,e){switch(e.type){case"derive":return[this.signDeriveCommand(r),this.signAddMemberCommand(e.data),this.signPublishKeyCommand(e.data)];case"addMember":return[this.signAddMemberCommand(e.data),this.signPublishKeyCommand(e.data)]}}signSingleCommand(r){return t.EitherAsync.fromPromise(async()=>{try{const e=await this.api.sendCommand(new C.SignBlockSingleCommand({command:r}));return e.status!==g.CommandResultStatus.Success?(0,t.Left)(e.error):(0,t.Right)(new S.TrustedProperties(e.data))}catch(e){return(0,t.Left)(new a.LKRPUnknownError(String(e)))}})}signDeriveCommand(r){return this.signSingleCommand(p.LKRPCommand.bytesFromUnsignedData({type:o.CommandTags.Derive,path:r})).chain(e=>t.EitherAsync.liftEither((0,y.eitherSeqRecord)({type:o.CommandTags.Derive,path:r,iv:()=>e.getIv(),xpriv:()=>e.getXPriv(),ephemeralPublicKey:()=>e.getEphemeralPublicKey(),commandIv:()=>e.getCommandIv(),groupKey:()=>e.getGroupKey(),newMember:()=>e.getNewMember()})))}signAddMemberCommand({name:r,publicKey:e,permissions:i}){return this.signSingleCommand(p.LKRPCommand.bytesFromUnsignedData({type:o.CommandTags.AddMember,name:r,publicKey:e,permissions:i})).chain(n=>t.EitherAsync.liftEither((0,y.eitherSeqRecord)({type:o.CommandTags.AddMember,name:r,publicKey:e,permissions:i,iv:()=>n.getIv(),newMember:()=>n.getNewMember()})))}signPublishKeyCommand({publicKey:r}){return this.signSingleCommand(p.LKRPCommand.bytesFromUnsignedData({type:o.CommandTags.PublishKey,recipient:r})).chain(e=>t.EitherAsync.liftEither((0,y.eitherSeqRecord)({type:o.CommandTags.PublishKey,recipient:r,iv:()=>e.getIv(),xpriv:()=>e.getXPriv(),ephemeralPublicKey:()=>e.getEphemeralPublicKey(),commandIv:()=>e.getCommandIv(),newMember:()=>e.getNewMember()})))}decryptBlock(r,{header:e,commands:i,signature:n}){return(0,t.EitherAsync)(async({throwE:c})=>{const l=await this.cryptoService.importSymmetricKey(n.secret,E.EncryptionAlgo.AES256_GCM).decrypt(e.iv,e.issuer);return t.Either.sequence(await Promise.all(i.map(m=>this.decryptCommand(n.secret,m).run()))).caseOf({Left:m=>{throw c(m),m},Right:m=>K.LKRPBlock.fromData({parent:(0,g.bufferToHexaString)(r),issuer:l,commands:m,signature:n.signature})})})}decryptCommand(r,e){return(0,t.EitherAsync)(async({throwE:i})=>{switch(e.type){case o.CommandTags.Derive:case o.CommandTags.PublishKey:{const c=await this.cryptoService.importSymmetricKey(r,E.EncryptionAlgo.AES256_GCM).decrypt(e.iv,e.xpriv);return p.LKRPCommand.fromData({...e,initializationVector:e.commandIv,encryptedXpriv:c})}case o.CommandTags.AddMember:return p.LKRPCommand.fromData({...e});default:throw i(new a.LKRPUnsupportedCommandError(e)),new a.LKRPUnsupportedCommandError(e)}})}}0&&(module.exports={SignBlockTask});
 //# sourceMappingURL=SignBlockTask.js.map

package/lib/cjs/internal/app-binder/task/SignBlockTask.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../../src/internal/app-binder/task/SignBlockTask.ts"],
-  "sourcesContent": ["import {\n  bufferToHexaString,\n  CommandResultStatus,\n  type InternalApi,\n} from \"@ledgerhq/device-management-kit\";\nimport { Either, EitherAsync, Left, Right } from \"purify-ts\";\n\nimport {\n  LKRPDataSourceError,\n  type LKRPMissingDataError,\n  LKRPOutdatedTrustchainError,\n  type LKRPParsingError,\n  LKRPUnknownError,\n  LKRPUnsupportedCommandError,\n} from \"@api/app-binder/Errors\";\nimport { type JWT, type Keypair } from \"@api/index\";\nimport { SignBlockHeaderCommand } from \"@internal/app-binder/command/SignBlockHeader\";\nimport { SignBlockSignatureCommand } from \"@internal/app-binder/command/SignBlockSignatureCommand\";\nimport { SignBlockSingleCommand } from \"@internal/app-binder/command/SignBlockSingleCommand\";\nimport { type LKRPDeviceCommandError } from \"@internal/app-binder/command/utils/ledgerKeyringProtocolErrors\";\nimport { type LKRPDataSource } from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport {\n  type AddMemberUnsignedData,\n  type EncryptedCommand,\n  type EncryptedDeriveCommand,\n  type EncryptedPublishKeyCommand,\n} from \"@internal/models/LKRPCommandTypes\";\nimport { CommandTags } from \"@internal/models/Tags\";\nimport { CryptoUtils } from \"@internal/utils/crypto\";\nimport {\n  eitherAsyncSeqRecord,\n  eitherSeqRecord,\n} from \"@internal/utils/eitherSeqRecord\";\nimport { LKRPBlock } from \"@internal/utils/LKRPBlock\";\nimport { LKRPCommand } from \"@internal/utils/LKRPCommand\";\n\nimport { TrustedProperties } from \"./utils/TrustedProperties\";\n\ntype BlockFlow =\n  | { type: \"derive\"; data: AddMemberBlockData }\n  | { type: \"addMember\"; data: AddMemberBlockData };\n\ntype AddMemberBlockData = {\n  name: string;\n  publicKey: Uint8Array;\n  permissions: number;\n};\n\ntype HeaderPayload = {\n  iv: Uint8Array;\n  issuer: Uint8Array;\n};\ntype SignaturePayload = {\n  secret: Uint8Array;\n  signature: Uint8Array;\n};\n\ntype EncryptedBlock = {\n  header: HeaderPayload;\n  commands: EncryptedCommand[];\n  signature: SignaturePayload;\n};\n\ntype SignBlockError =\n  | LKRPDeviceCommandError\n  | LKRPParsingError\n  | LKRPMissingDataError\n  | LKRPDataSourceError\n  | LKRPOutdatedTrustchainError\n  | LKRPUnknownError;\n\nexport type SignBlockTaskInput = {\n  lkrpDataSource: LKRPDataSource;\n  trustchainId: string;\n  path: string;\n  jwt: JWT;\n  parent: Uint8Array;\n  blockFlow: BlockFlow;\n  sessionKeypair: Keypair;\n};\n\nexport class SignBlockTask {\n  constructor(private readonly api: InternalApi) {}\n\n  run({\n    lkrpDataSource,\n    trustchainId,\n    path,\n    jwt,\n    parent,\n    blockFlow,\n    sessionKeypair,\n  }: SignBlockTaskInput): EitherAsync<SignBlockError, void> {\n    const commands = this.signCommands(path, blockFlow);\n    return eitherAsyncSeqRecord({\n      header: this.signBlockHeader(parent, commands.length),\n      commands: EitherAsync.sequence(commands),\n      signature: this.signBlockSignature(sessionKeypair),\n    })\n      .chain((encryptedBlock) =>\n        EitherAsync.liftEither(this.decryptBlock(parent, encryptedBlock)),\n      )\n      .chain((block) => {\n        switch (blockFlow.type) {\n          case \"derive\":\n            return lkrpDataSource.postDerivation(trustchainId, block, jwt);\n          case \"addMember\":\n            return lkrpDataSource.putCommands(trustchainId, path, block, jwt);\n        }\n      })\n      .mapLeft((error) =>\n        error instanceof LKRPDataSourceError && error.status === \"BAD_REQUEST\"\n          ? new LKRPOutdatedTrustchainError()\n          : error,\n      );\n  }\n\n  signBlockHeader(\n    parent: Uint8Array,\n    commandCount: number,\n  ): EitherAsync<SignBlockError, HeaderPayload> {\n    return EitherAsync.fromPromise(async () => {\n      try {\n        const response = await this.api.sendCommand(\n          new SignBlockHeaderCommand({ parent, commandCount }),\n        );\n        if (response.status !== CommandResultStatus.Success) {\n          return Left(response.error);\n        }\n        const trustedProps = new TrustedProperties(response.data);\n        return eitherSeqRecord({\n          iv: () => trustedProps.getIv(),\n          issuer: () => trustedProps.getIssuer(),\n        }) as Either<SignBlockError, HeaderPayload>;\n      } catch (error) {\n        return Left(new LKRPUnknownError(String(error)));\n      }\n    });\n  }\n\n  signBlockSignature(\n    sessionKeypair: Keypair,\n  ): EitherAsync<SignBlockError, SignaturePayload> {\n    return EitherAsync.fromPromise(async () => {\n      try {\n        const response = await this.api.sendCommand(\n          new SignBlockSignatureCommand(),\n        );\n        if (response.status !== CommandResultStatus.Success) {\n          return Left(response.error);\n        }\n        const { signature, deviceSessionKey } = response.data;\n        // At this step, the shared secret is used directly as an encryption key after removing the first byte\n        const secret = sessionKeypair.ecdh(deviceSessionKey).slice(1);\n        return Right({ signature, secret });\n      } catch (error) {\n        return Left(new LKRPUnknownError(String(error)));\n      }\n    });\n  }\n\n  signCommands(\n    applicationPath: string,\n    block: BlockFlow,\n  ): EitherAsync<SignBlockError, EncryptedCommand>[] {\n    switch (block.type) {\n      case \"derive\":\n        return [\n          this.signDeriveCommand(applicationPath),\n          this.signAddMemberCommand(block.data),\n          this.signPublishKeyCommand(block.data),\n        ];\n      case \"addMember\":\n        return [\n          this.signAddMemberCommand(block.data),\n          this.signPublishKeyCommand(block.data),\n        ];\n    }\n  }\n\n  signSingleCommand(command: Uint8Array) {\n    return EitherAsync.fromPromise(\n      async (): Promise<Either<SignBlockError, TrustedProperties>> => {\n        try {\n          const response = await this.api.sendCommand(\n            new SignBlockSingleCommand({ command }),\n          );\n          if (response.status !== CommandResultStatus.Success) {\n            return Left(response.error);\n          }\n          return Right(new TrustedProperties(response.data));\n        } catch (error) {\n          return Left(new LKRPUnknownError(String(error)));\n        }\n      },\n    );\n  }\n\n  signDeriveCommand(applicationPath: string) {\n    return this.signSingleCommand(\n      LKRPCommand.bytesFromUnsignedData({\n        type: CommandTags.Derive,\n        path: applicationPath,\n      }),\n    ).chain((trustedProps) =>\n      EitherAsync.liftEither<SignBlockError, EncryptedDeriveCommand>(\n        eitherSeqRecord({\n          type: CommandTags.Derive,\n          path: applicationPath,\n          iv: () => trustedProps.getIv(),\n          xpriv: () => trustedProps.getXPriv(),\n          ephemeralPublicKey: () => trustedProps.getEphemeralPublicKey(),\n          commandIv: () => trustedProps.getCommandIv(),\n          groupKey: () => trustedProps.getGroupKey(),\n          newMember: () => trustedProps.getNewMember(), // Just validate it's there\n        }),\n      ),\n    );\n  }\n\n  signAddMemberCommand({ name, publicKey, permissions }: AddMemberBlockData) {\n    return this.signSingleCommand(\n      LKRPCommand.bytesFromUnsignedData({\n        type: CommandTags.AddMember,\n        name,\n        publicKey,\n        permissions,\n      }),\n    ).chain((trustedProps) =>\n      EitherAsync.liftEither<SignBlockError, AddMemberUnsignedData>(\n        eitherSeqRecord({\n          type: CommandTags.AddMember,\n          name,\n          publicKey,\n          permissions,\n          iv: () => trustedProps.getIv(), // Just validate it's there\n          newMember: () => trustedProps.getNewMember(), // Just validate it's there\n        }),\n      ),\n    );\n  }\n\n  signPublishKeyCommand({ publicKey }: Pick<AddMemberBlockData, \"publicKey\">) {\n    return this.signSingleCommand(\n      LKRPCommand.bytesFromUnsignedData({\n        type: CommandTags.PublishKey,\n        recipient: publicKey,\n      }),\n    ).chain((trustedProps) =>\n      EitherAsync.liftEither<SignBlockError, EncryptedPublishKeyCommand>(\n        eitherSeqRecord({\n          type: CommandTags.PublishKey,\n          recipient: publicKey,\n          iv: () => trustedProps.getIv(),\n          xpriv: () => trustedProps.getXPriv(),\n          ephemeralPublicKey: () => trustedProps.getEphemeralPublicKey(),\n          commandIv: () => trustedProps.getCommandIv(),\n          newMember: () => trustedProps.getNewMember(), // Just validate it's there,\n        }),\n      ),\n    );\n  }\n\n  decryptBlock(\n    parent: Uint8Array,\n    { header, commands, signature }: EncryptedBlock,\n  ): Either<SignBlockError, LKRPBlock> {\n    const decryptedIssuer = CryptoUtils.decrypt(\n      signature.secret,\n      header.iv,\n      header.issuer,\n    );\n    return Either.sequence(\n      commands.map((command) => this.decryptCommand(signature.secret, command)),\n    ).map((decryptedCommands) =>\n      LKRPBlock.fromData({\n        parent: bufferToHexaString(parent),\n        issuer: decryptedIssuer,\n        commands: decryptedCommands,\n        signature: signature.signature,\n      }),\n    );\n  }\n\n  decryptCommand(\n    secret: Uint8Array,\n    command: EncryptedCommand,\n  ): Either<LKRPUnknownError, LKRPCommand> {\n    switch (command.type) {\n      case CommandTags.Derive:\n      case CommandTags.PublishKey: {\n        const encryptedXpriv = CryptoUtils.decrypt(\n          secret,\n          command.iv,\n          command.xpriv,\n        );\n        return Right(\n          LKRPCommand.fromData({\n            ...command,\n            initializationVector: command.commandIv,\n            encryptedXpriv,\n          }),\n        );\n      }\n      case CommandTags.AddMember:\n        return Right(LKRPCommand.fromData({ ...command }));\n      default:\n        return Left(new LKRPUnsupportedCommandError(command));\n    }\n  }\n}\n"],
-  "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,mBAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAIO,2CACPC,EAAiD,qBAEjDC,EAOO,kCAEPC,EAAuC,wDACvCC,EAA0C,kEAC1CC,EAAuC,+DASvCC,EAA4B,iCAC5BC,EAA4B,kCAC5BC,EAGO,2CACPC,EAA0B,qCAC1BC,EAA4B,uCAE5BC,EAAkC,qCA6C3B,MAAMb,CAAc,CACzB,YAA6Bc,EAAkB,CAAlB,SAAAA,CAAmB,CAEhD,IAAI,CACF,eAAAC,EACA,aAAAC,EACA,KAAAC,EACA,IAAAC,EACA,OAAAC,EACA,UAAAC,EACA,eAAAC,CACF,EAA0D,CACxD,MAAMC,EAAW,KAAK,aAAaL,EAAMG,CAAS,EAClD,SAAO,wBAAqB,CAC1B,OAAQ,KAAK,gBAAgBD,EAAQG,EAAS,MAAM,EACpD,SAAU,cAAY,SAASA,CAAQ,EACvC,UAAW,KAAK,mBAAmBD,CAAc,CACnD,CAAC,EACE,MAAOE,GACN,cAAY,WAAW,KAAK,aAAaJ,EAAQI,CAAc,CAAC,CAClE,EACC,MAAOC,GAAU,CAChB,OAAQJ,EAAU,KAAM,CACtB,IAAK,SACH,OAAOL,EAAe,eAAeC,EAAcQ,EAAON,CAAG,EAC/D,IAAK,YACH,OAAOH,EAAe,YAAYC,EAAcC,EAAMO,EAAON,CAAG,CACpE,CACF,CAAC,EACA,QAASO,GACRA,aAAiB,uBAAuBA,EAAM,SAAW,cACrD,IAAI,8BACJA,CACN,CACJ,CAEA,gBACEN,EACAO,EAC4C,CAC5C,OAAO,cAAY,YAAY,SAAY,CACzC,GAAI,CACF,MAAMC,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,yBAAuB,CAAE,OAAAR,EAAQ,aAAAO,CAAa,CAAC,CACrD,EACA,GAAIC,EAAS,SAAW,sBAAoB,QAC1C,SAAO,QAAKA,EAAS,KAAK,EAE5B,MAAMC,EAAe,IAAI,oBAAkBD,EAAS,IAAI,EACxD,SAAO,mBAAgB,CACrB,GAAI,IAAMC,EAAa,MAAM,EAC7B,OAAQ,IAAMA,EAAa,UAAU,CACvC,CAAC,CACH,OAASH,EAAO,CACd,SAAO,QAAK,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CAAC,CACjD,CACF,CAAC,CACH,CAEA,mBACEJ,EAC+C,CAC/C,OAAO,cAAY,YAAY,SAAY,CACzC,GAAI,CACF,MAAMM,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,2BACN,EACA,GAAIA,EAAS,SAAW,sBAAoB,QAC1C,SAAO,QAAKA,EAAS,KAAK,EAE5B,KAAM,CAAE,UAAAE,EAAW,iBAAAC,CAAiB,EAAIH,EAAS,KAE3CI,EAASV,EAAe,KAAKS,CAAgB,EAAE,MAAM,CAAC,EAC5D,SAAO,SAAM,CAAE,UAAAD,EAAW,OAAAE,CAAO,CAAC,CACpC,OAASN,EAAO,CACd,SAAO,QAAK,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CAAC,CACjD,CACF,CAAC,CACH,CAEA,aACEO,EACAR,EACiD,CACjD,OAAQA,EAAM,KAAM,CAClB,IAAK,SACH,MAAO,CACL,KAAK,kBAAkBQ,CAAe,EACtC,KAAK,qBAAqBR,EAAM,IAAI,EACpC,KAAK,sBAAsBA,EAAM,IAAI,CACvC,EACF,IAAK,YACH,MAAO,CACL,KAAK,qBAAqBA,EAAM,IAAI,EACpC,KAAK,sBAAsBA,EAAM,IAAI,CACvC,CACJ,CACF,CAEA,kBAAkBS,EAAqB,CACrC,OAAO,cAAY,YACjB,SAAgE,CAC9D,GAAI,CACF,MAAMN,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,yBAAuB,CAAE,QAAAM,CAAQ,CAAC,CACxC,EACA,OAAIN,EAAS,SAAW,sBAAoB,WACnC,QAAKA,EAAS,KAAK,KAErB,SAAM,IAAI,oBAAkBA,EAAS,IAAI,CAAC,CACnD,OAASF,EAAO,CACd,SAAO,QAAK,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CAAC,CACjD,CACF,CACF,CACF,CAEA,kBAAkBO,EAAyB,CACzC,OAAO,KAAK,kBACV,cAAY,sBAAsB,CAChC,KAAM,cAAY,OAClB,KAAMA,CACR,CAAC,CACH,EAAE,MAAOJ,GACP,cAAY,cACV,mBAAgB,CACd,KAAM,cAAY,OAClB,KAAMI,EACN,GAAI,IAAMJ,EAAa,MAAM,EAC7B,MAAO,IAAMA,EAAa,SAAS,EACnC,mBAAoB,IAAMA,EAAa,sBAAsB,EAC7D,UAAW,IAAMA,EAAa,aAAa,EAC3C,SAAU,IAAMA,EAAa,YAAY,EACzC,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,qBAAqB,CAAE,KAAAM,EAAM,UAAAC,EAAW,YAAAC,CAAY,EAAuB,CACzE,OAAO,KAAK,kBACV,cAAY,sBAAsB,CAChC,KAAM,cAAY,UAClB,KAAAF,EACA,UAAAC,EACA,YAAAC,CACF,CAAC,CACH,EAAE,MAAOR,GACP,cAAY,cACV,mBAAgB,CACd,KAAM,cAAY,UAClB,KAAAM,EACA,UAAAC,EACA,YAAAC,EACA,GAAI,IAAMR,EAAa,MAAM,EAC7B,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,sBAAsB,CAAE,UAAAO,CAAU,EAA0C,CAC1E,OAAO,KAAK,kBACV,cAAY,sBAAsB,CAChC,KAAM,cAAY,WAClB,UAAWA,CACb,CAAC,CACH,EAAE,MAAOP,GACP,cAAY,cACV,mBAAgB,CACd,KAAM,cAAY,WAClB,UAAWO,EACX,GAAI,IAAMP,EAAa,MAAM,EAC7B,MAAO,IAAMA,EAAa,SAAS,EACnC,mBAAoB,IAAMA,EAAa,sBAAsB,EAC7D,UAAW,IAAMA,EAAa,aAAa,EAC3C,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,aACET,EACA,CAAE,OAAAkB,EAAQ,SAAAf,EAAU,UAAAO,CAAU,EACK,CACnC,MAAMS,EAAkB,cAAY,QAClCT,EAAU,OACVQ,EAAO,GACPA,EAAO,MACT,EACA,OAAO,SAAO,SACZf,EAAS,IAAKW,GAAY,KAAK,eAAeJ,EAAU,OAAQI,CAAO,CAAC,CAC1E,EAAE,IAAKM,GACL,YAAU,SAAS,CACjB,UAAQ,sBAAmBpB,CAAM,EACjC,OAAQmB,EACR,SAAUC,EACV,UAAWV,EAAU,SACvB,CAAC,CACH,CACF,CAEA,eACEE,EACAE,EACuC,CACvC,OAAQA,EAAQ,KAAM,CACpB,KAAK,cAAY,OACjB,KAAK,cAAY,WAAY,CAC3B,MAAMO,EAAiB,cAAY,QACjCT,EACAE,EAAQ,GACRA,EAAQ,KACV,EACA,SAAO,SACL,cAAY,SAAS,CACnB,GAAGA,EACH,qBAAsBA,EAAQ,UAC9B,eAAAO,CACF,CAAC,CACH,CACF,CACA,KAAK,cAAY,UACf,SAAO,SAAM,cAAY,SAAS,CAAE,GAAGP,CAAQ,CAAC,CAAC,EACnD,QACE,SAAO,QAAK,IAAI,8BAA4BA,CAAO,CAAC,CACxD,CACF,CACF",
-  "names": ["SignBlockTask_exports", "__export", "SignBlockTask", "__toCommonJS", "import_device_management_kit", "import_purify_ts", "import_Errors", "import_SignBlockHeader", "import_SignBlockSignatureCommand", "import_SignBlockSingleCommand", "import_Tags", "import_crypto", "import_eitherSeqRecord", "import_LKRPBlock", "import_LKRPCommand", "import_TrustedProperties", "api", "lkrpDataSource", "trustchainId", "path", "jwt", "parent", "blockFlow", "sessionKeypair", "commands", "encryptedBlock", "block", "error", "commandCount", "response", "trustedProps", "signature", "deviceSessionKey", "secret", "applicationPath", "command", "name", "publicKey", "permissions", "header", "decryptedIssuer", "decryptedCommands", "encryptedXpriv"]
+  "sourcesContent": ["import {\n  bufferToHexaString,\n  CommandResultStatus,\n  type InternalApi,\n} from \"@ledgerhq/device-management-kit\";\nimport { Either, EitherAsync, Left, Right } from \"purify-ts\";\n\nimport { type CryptoService, EncryptionAlgo } from \"@api/crypto/CryptoService\";\nimport { type KeyPair } from \"@api/crypto/KeyPair\";\nimport {\n  LKRPDataSourceError,\n  type LKRPMissingDataError,\n  LKRPOutdatedTrustchainError,\n  type LKRPParsingError,\n  LKRPUnknownError,\n  LKRPUnsupportedCommandError,\n} from \"@api/model/Errors\";\nimport { type JWT } from \"@api/model/JWT\";\nimport { SignBlockHeaderCommand } from \"@internal/app-binder/command/SignBlockHeader\";\nimport { SignBlockSignatureCommand } from \"@internal/app-binder/command/SignBlockSignatureCommand\";\nimport { SignBlockSingleCommand } from \"@internal/app-binder/command/SignBlockSingleCommand\";\nimport { type LKRPDeviceCommandError } from \"@internal/app-binder/command/utils/ledgerKeyringProtocolErrors\";\nimport { type LKRPDataSource } from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport {\n  type AddMemberUnsignedData,\n  type EncryptedCommand,\n  type EncryptedDeriveCommand,\n  type EncryptedPublishKeyCommand,\n} from \"@internal/models/LKRPCommandTypes\";\nimport { CommandTags } from \"@internal/models/Tags\";\nimport {\n  eitherAsyncSeqRecord,\n  eitherSeqRecord,\n} from \"@internal/utils/eitherSeqRecord\";\nimport { LKRPBlock } from \"@internal/utils/LKRPBlock\";\nimport { LKRPCommand } from \"@internal/utils/LKRPCommand\";\n\nimport { TrustedProperties } from \"./utils/TrustedProperties\";\n\ntype BlockFlow =\n  | { type: \"derive\"; data: AddMemberBlockData }\n  | { type: \"addMember\"; data: AddMemberBlockData };\n\ntype AddMemberBlockData = {\n  name: string;\n  publicKey: Uint8Array;\n  permissions: number;\n};\n\ntype HeaderPayload = {\n  iv: Uint8Array;\n  issuer: Uint8Array;\n};\ntype SignaturePayload = {\n  secret: Uint8Array;\n  signature: Uint8Array;\n};\n\ntype EncryptedBlock = {\n  header: HeaderPayload;\n  commands: EncryptedCommand[];\n  signature: SignaturePayload;\n};\n\ntype SignBlockError =\n  | LKRPDeviceCommandError\n  | LKRPParsingError\n  | LKRPMissingDataError\n  | LKRPDataSourceError\n  | LKRPOutdatedTrustchainError\n  | LKRPUnknownError;\n\nexport type SignBlockTaskInput = {\n  lkrpDataSource: LKRPDataSource;\n  trustchainId: string;\n  path: string;\n  jwt: JWT;\n  parent: Uint8Array;\n  blockFlow: BlockFlow;\n  sessionKeypair: KeyPair;\n};\n\nexport class SignBlockTask {\n  constructor(\n    private readonly api: InternalApi,\n    private readonly cryptoService: CryptoService,\n  ) {}\n\n  run({\n    lkrpDataSource,\n    trustchainId,\n    path,\n    jwt,\n    parent,\n    blockFlow,\n    sessionKeypair,\n  }: SignBlockTaskInput): EitherAsync<SignBlockError, void> {\n    const commands = this.signCommands(path, blockFlow);\n    return eitherAsyncSeqRecord({\n      header: this.signBlockHeader(parent, commands.length),\n      commands: EitherAsync.sequence(commands),\n      signature: this.signBlockSignature(sessionKeypair),\n    })\n      .chain(async (encryptedBlock) =>\n        this.decryptBlock(parent, encryptedBlock),\n      )\n      .chain((block) => {\n        switch (blockFlow.type) {\n          case \"derive\":\n            return lkrpDataSource.postDerivation(trustchainId, block, jwt);\n          case \"addMember\":\n            return lkrpDataSource.putCommands(trustchainId, path, block, jwt);\n        }\n      })\n      .mapLeft((error) =>\n        error instanceof LKRPDataSourceError && error.status === \"BAD_REQUEST\"\n          ? new LKRPOutdatedTrustchainError()\n          : error,\n      );\n  }\n\n  signBlockHeader(\n    parent: Uint8Array,\n    commandCount: number,\n  ): EitherAsync<SignBlockError, HeaderPayload> {\n    return EitherAsync.fromPromise(async () => {\n      try {\n        const response = await this.api.sendCommand(\n          new SignBlockHeaderCommand({ parent, commandCount }),\n        );\n        if (response.status !== CommandResultStatus.Success) {\n          return Left(response.error);\n        }\n        const trustedProps = new TrustedProperties(response.data);\n        return eitherSeqRecord({\n          iv: () => trustedProps.getIv(),\n          issuer: () => trustedProps.getIssuer(),\n        }) as Either<SignBlockError, HeaderPayload>;\n      } catch (error) {\n        return Left(new LKRPUnknownError(String(error)));\n      }\n    });\n  }\n\n  signBlockSignature(\n    sessionKeypair: KeyPair,\n  ): EitherAsync<SignBlockError, SignaturePayload> {\n    return EitherAsync.fromPromise(async () => {\n      try {\n        const response = await this.api.sendCommand(\n          new SignBlockSignatureCommand(),\n        );\n        if (response.status !== CommandResultStatus.Success) {\n          return Left(response.error);\n        }\n        const { signature, deviceSessionKey } = response.data;\n        // At this step, the shared secret is used directly as an encryption key after removing the first byte\n        const secret = (\n          await sessionKeypair.deriveSharedSecret(deviceSessionKey)\n        ).slice(1);\n        return Right({ signature, secret });\n      } catch (error) {\n        return Left(new LKRPUnknownError(String(error)));\n      }\n    });\n  }\n\n  signCommands(\n    applicationPath: string,\n    block: BlockFlow,\n  ): EitherAsync<SignBlockError, EncryptedCommand>[] {\n    switch (block.type) {\n      case \"derive\":\n        return [\n          this.signDeriveCommand(applicationPath),\n          this.signAddMemberCommand(block.data),\n          this.signPublishKeyCommand(block.data),\n        ];\n      case \"addMember\":\n        return [\n          this.signAddMemberCommand(block.data),\n          this.signPublishKeyCommand(block.data),\n        ];\n    }\n  }\n\n  signSingleCommand(command: Uint8Array) {\n    return EitherAsync.fromPromise(\n      async (): Promise<Either<SignBlockError, TrustedProperties>> => {\n        try {\n          const response = await this.api.sendCommand(\n            new SignBlockSingleCommand({ command }),\n          );\n          if (response.status !== CommandResultStatus.Success) {\n            return Left(response.error);\n          }\n          return Right(new TrustedProperties(response.data));\n        } catch (error) {\n          return Left(new LKRPUnknownError(String(error)));\n        }\n      },\n    );\n  }\n\n  signDeriveCommand(applicationPath: string) {\n    return this.signSingleCommand(\n      LKRPCommand.bytesFromUnsignedData({\n        type: CommandTags.Derive,\n        path: applicationPath,\n      }),\n    ).chain((trustedProps) =>\n      EitherAsync.liftEither<SignBlockError, EncryptedDeriveCommand>(\n        eitherSeqRecord({\n          type: CommandTags.Derive,\n          path: applicationPath,\n          iv: () => trustedProps.getIv(),\n          xpriv: () => trustedProps.getXPriv(),\n          ephemeralPublicKey: () => trustedProps.getEphemeralPublicKey(),\n          commandIv: () => trustedProps.getCommandIv(),\n          groupKey: () => trustedProps.getGroupKey(),\n          newMember: () => trustedProps.getNewMember(), // Just validate it's there\n        }),\n      ),\n    );\n  }\n\n  signAddMemberCommand({ name, publicKey, permissions }: AddMemberBlockData) {\n    return this.signSingleCommand(\n      LKRPCommand.bytesFromUnsignedData({\n        type: CommandTags.AddMember,\n        name,\n        publicKey,\n        permissions,\n      }),\n    ).chain((trustedProps) =>\n      EitherAsync.liftEither<SignBlockError, AddMemberUnsignedData>(\n        eitherSeqRecord({\n          type: CommandTags.AddMember,\n          name,\n          publicKey,\n          permissions,\n          iv: () => trustedProps.getIv(), // Just validate it's there\n          newMember: () => trustedProps.getNewMember(), // Just validate it's there\n        }),\n      ),\n    );\n  }\n\n  signPublishKeyCommand({ publicKey }: Pick<AddMemberBlockData, \"publicKey\">) {\n    return this.signSingleCommand(\n      LKRPCommand.bytesFromUnsignedData({\n        type: CommandTags.PublishKey,\n        recipient: publicKey,\n      }),\n    ).chain((trustedProps) =>\n      EitherAsync.liftEither<SignBlockError, EncryptedPublishKeyCommand>(\n        eitherSeqRecord({\n          type: CommandTags.PublishKey,\n          recipient: publicKey,\n          iv: () => trustedProps.getIv(),\n          xpriv: () => trustedProps.getXPriv(),\n          ephemeralPublicKey: () => trustedProps.getEphemeralPublicKey(),\n          commandIv: () => trustedProps.getCommandIv(),\n          newMember: () => trustedProps.getNewMember(), // Just validate it's there,\n        }),\n      ),\n    );\n  }\n\n  decryptBlock(\n    parent: Uint8Array,\n    { header, commands, signature }: EncryptedBlock,\n  ): EitherAsync<SignBlockError, LKRPBlock> {\n    return EitherAsync(async ({ throwE }) => {\n      const key = this.cryptoService.importSymmetricKey(\n        signature.secret,\n        EncryptionAlgo.AES256_GCM,\n      );\n      const decryptedIssuer = await key.decrypt(header.iv, header.issuer);\n      return Either.sequence(\n        await Promise.all(\n          commands.map((command) =>\n            this.decryptCommand(signature.secret, command).run(),\n          ),\n        ),\n      ).caseOf({\n        Left: (error) => {\n          throwE(error);\n          throw error;\n        },\n        Right: (decryptedCommands) =>\n          LKRPBlock.fromData({\n            parent: bufferToHexaString(parent),\n            issuer: decryptedIssuer,\n            commands: decryptedCommands,\n            signature: signature.signature,\n          }),\n      });\n    });\n  }\n\n  decryptCommand(\n    secret: Uint8Array,\n    command: EncryptedCommand,\n  ): EitherAsync<LKRPUnknownError, LKRPCommand> {\n    return EitherAsync<LKRPUnknownError, LKRPCommand>(async ({ throwE }) => {\n      switch (command.type) {\n        case CommandTags.Derive:\n        case CommandTags.PublishKey: {\n          const key = this.cryptoService.importSymmetricKey(\n            secret,\n            EncryptionAlgo.AES256_GCM,\n          );\n          const encryptedXpriv = await key.decrypt(command.iv, command.xpriv);\n          return LKRPCommand.fromData({\n            ...command,\n            initializationVector: command.commandIv,\n            encryptedXpriv,\n          });\n        }\n        case CommandTags.AddMember:\n          return LKRPCommand.fromData({ ...command });\n        default:\n          throwE(new LKRPUnsupportedCommandError(command));\n          throw new LKRPUnsupportedCommandError(command);\n      }\n    });\n  }\n}\n"],
+  "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,mBAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAIO,2CACPC,EAAiD,qBAEjDC,EAAmD,qCAEnDC,EAOO,6BAEPC,EAAuC,wDACvCC,EAA0C,kEAC1CC,EAAuC,+DASvCC,EAA4B,iCAC5BC,EAGO,2CACPC,EAA0B,qCAC1BC,EAA4B,uCAE5BC,EAAkC,qCA6C3B,MAAMb,CAAc,CACzB,YACmBc,EACAC,EACjB,CAFiB,SAAAD,EACA,mBAAAC,CAChB,CAEH,IAAI,CACF,eAAAC,EACA,aAAAC,EACA,KAAAC,EACA,IAAAC,EACA,OAAAC,EACA,UAAAC,EACA,eAAAC,CACF,EAA0D,CACxD,MAAMC,EAAW,KAAK,aAAaL,EAAMG,CAAS,EAClD,SAAO,wBAAqB,CAC1B,OAAQ,KAAK,gBAAgBD,EAAQG,EAAS,MAAM,EACpD,SAAU,cAAY,SAASA,CAAQ,EACvC,UAAW,KAAK,mBAAmBD,CAAc,CACnD,CAAC,EACE,MAAM,MAAOE,GACZ,KAAK,aAAaJ,EAAQI,CAAc,CAC1C,EACC,MAAOC,GAAU,CAChB,OAAQJ,EAAU,KAAM,CACtB,IAAK,SACH,OAAOL,EAAe,eAAeC,EAAcQ,EAAON,CAAG,EAC/D,IAAK,YACH,OAAOH,EAAe,YAAYC,EAAcC,EAAMO,EAAON,CAAG,CACpE,CACF,CAAC,EACA,QAASO,GACRA,aAAiB,uBAAuBA,EAAM,SAAW,cACrD,IAAI,8BACJA,CACN,CACJ,CAEA,gBACEN,EACAO,EAC4C,CAC5C,OAAO,cAAY,YAAY,SAAY,CACzC,GAAI,CACF,MAAMC,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,yBAAuB,CAAE,OAAAR,EAAQ,aAAAO,CAAa,CAAC,CACrD,EACA,GAAIC,EAAS,SAAW,sBAAoB,QAC1C,SAAO,QAAKA,EAAS,KAAK,EAE5B,MAAMC,EAAe,IAAI,oBAAkBD,EAAS,IAAI,EACxD,SAAO,mBAAgB,CACrB,GAAI,IAAMC,EAAa,MAAM,EAC7B,OAAQ,IAAMA,EAAa,UAAU,CACvC,CAAC,CACH,OAASH,EAAO,CACd,SAAO,QAAK,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CAAC,CACjD,CACF,CAAC,CACH,CAEA,mBACEJ,EAC+C,CAC/C,OAAO,cAAY,YAAY,SAAY,CACzC,GAAI,CACF,MAAMM,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,2BACN,EACA,GAAIA,EAAS,SAAW,sBAAoB,QAC1C,SAAO,QAAKA,EAAS,KAAK,EAE5B,KAAM,CAAE,UAAAE,EAAW,iBAAAC,CAAiB,EAAIH,EAAS,KAE3CI,GACJ,MAAMV,EAAe,mBAAmBS,CAAgB,GACxD,MAAM,CAAC,EACT,SAAO,SAAM,CAAE,UAAAD,EAAW,OAAAE,CAAO,CAAC,CACpC,OAASN,EAAO,CACd,SAAO,QAAK,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CAAC,CACjD,CACF,CAAC,CACH,CAEA,aACEO,EACAR,EACiD,CACjD,OAAQA,EAAM,KAAM,CAClB,IAAK,SACH,MAAO,CACL,KAAK,kBAAkBQ,CAAe,EACtC,KAAK,qBAAqBR,EAAM,IAAI,EACpC,KAAK,sBAAsBA,EAAM,IAAI,CACvC,EACF,IAAK,YACH,MAAO,CACL,KAAK,qBAAqBA,EAAM,IAAI,EACpC,KAAK,sBAAsBA,EAAM,IAAI,CACvC,CACJ,CACF,CAEA,kBAAkBS,EAAqB,CACrC,OAAO,cAAY,YACjB,SAAgE,CAC9D,GAAI,CACF,MAAMN,EAAW,MAAM,KAAK,IAAI,YAC9B,IAAI,yBAAuB,CAAE,QAAAM,CAAQ,CAAC,CACxC,EACA,OAAIN,EAAS,SAAW,sBAAoB,WACnC,QAAKA,EAAS,KAAK,KAErB,SAAM,IAAI,oBAAkBA,EAAS,IAAI,CAAC,CACnD,OAASF,EAAO,CACd,SAAO,QAAK,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CAAC,CACjD,CACF,CACF,CACF,CAEA,kBAAkBO,EAAyB,CACzC,OAAO,KAAK,kBACV,cAAY,sBAAsB,CAChC,KAAM,cAAY,OAClB,KAAMA,CACR,CAAC,CACH,EAAE,MAAOJ,GACP,cAAY,cACV,mBAAgB,CACd,KAAM,cAAY,OAClB,KAAMI,EACN,GAAI,IAAMJ,EAAa,MAAM,EAC7B,MAAO,IAAMA,EAAa,SAAS,EACnC,mBAAoB,IAAMA,EAAa,sBAAsB,EAC7D,UAAW,IAAMA,EAAa,aAAa,EAC3C,SAAU,IAAMA,EAAa,YAAY,EACzC,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,qBAAqB,CAAE,KAAAM,EAAM,UAAAC,EAAW,YAAAC,CAAY,EAAuB,CACzE,OAAO,KAAK,kBACV,cAAY,sBAAsB,CAChC,KAAM,cAAY,UAClB,KAAAF,EACA,UAAAC,EACA,YAAAC,CACF,CAAC,CACH,EAAE,MAAOR,GACP,cAAY,cACV,mBAAgB,CACd,KAAM,cAAY,UAClB,KAAAM,EACA,UAAAC,EACA,YAAAC,EACA,GAAI,IAAMR,EAAa,MAAM,EAC7B,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,sBAAsB,CAAE,UAAAO,CAAU,EAA0C,CAC1E,OAAO,KAAK,kBACV,cAAY,sBAAsB,CAChC,KAAM,cAAY,WAClB,UAAWA,CACb,CAAC,CACH,EAAE,MAAOP,GACP,cAAY,cACV,mBAAgB,CACd,KAAM,cAAY,WAClB,UAAWO,EACX,GAAI,IAAMP,EAAa,MAAM,EAC7B,MAAO,IAAMA,EAAa,SAAS,EACnC,mBAAoB,IAAMA,EAAa,sBAAsB,EAC7D,UAAW,IAAMA,EAAa,aAAa,EAC3C,UAAW,IAAMA,EAAa,aAAa,CAC7C,CAAC,CACH,CACF,CACF,CAEA,aACET,EACA,CAAE,OAAAkB,EAAQ,SAAAf,EAAU,UAAAO,CAAU,EACU,CACxC,SAAO,eAAY,MAAO,CAAE,OAAAS,CAAO,IAAM,CAKvC,MAAMC,EAAkB,MAJZ,KAAK,cAAc,mBAC7BV,EAAU,OACV,iBAAe,UACjB,EACkC,QAAQQ,EAAO,GAAIA,EAAO,MAAM,EAClE,OAAO,SAAO,SACZ,MAAM,QAAQ,IACZf,EAAS,IAAKW,GACZ,KAAK,eAAeJ,EAAU,OAAQI,CAAO,EAAE,IAAI,CACrD,CACF,CACF,EAAE,OAAO,CACP,KAAOR,GAAU,CACf,MAAAa,EAAOb,CAAK,EACNA,CACR,EACA,MAAQe,GACN,YAAU,SAAS,CACjB,UAAQ,sBAAmBrB,CAAM,EACjC,OAAQoB,EACR,SAAUC,EACV,UAAWX,EAAU,SACvB,CAAC,CACL,CAAC,CACH,CAAC,CACH,CAEA,eACEE,EACAE,EAC4C,CAC5C,SAAO,eAA2C,MAAO,CAAE,OAAAK,CAAO,IAAM,CACtE,OAAQL,EAAQ,KAAM,CACpB,KAAK,cAAY,OACjB,KAAK,cAAY,WAAY,CAK3B,MAAMQ,EAAiB,MAJX,KAAK,cAAc,mBAC7BV,EACA,iBAAe,UACjB,EACiC,QAAQE,EAAQ,GAAIA,EAAQ,KAAK,EAClE,OAAO,cAAY,SAAS,CAC1B,GAAGA,EACH,qBAAsBA,EAAQ,UAC9B,eAAAQ,CACF,CAAC,CACH,CACA,KAAK,cAAY,UACf,OAAO,cAAY,SAAS,CAAE,GAAGR,CAAQ,CAAC,EAC5C,QACE,MAAAK,EAAO,IAAI,8BAA4BL,CAAO,CAAC,EACzC,IAAI,8BAA4BA,CAAO,CACjD,CACF,CAAC,CACH,CACF",
+  "names": ["SignBlockTask_exports", "__export", "SignBlockTask", "__toCommonJS", "import_device_management_kit", "import_purify_ts", "import_CryptoService", "import_Errors", "import_SignBlockHeader", "import_SignBlockSignatureCommand", "import_SignBlockSingleCommand", "import_Tags", "import_eitherSeqRecord", "import_LKRPBlock", "import_LKRPCommand", "import_TrustedProperties", "api", "cryptoService", "lkrpDataSource", "trustchainId", "path", "jwt", "parent", "blockFlow", "sessionKeypair", "commands", "encryptedBlock", "block", "error", "commandCount", "response", "trustedProps", "signature", "deviceSessionKey", "secret", "applicationPath", "command", "name", "publicKey", "permissions", "header", "throwE", "decryptedIssuer", "decryptedCommands", "encryptedXpriv"]
 }

package/lib/cjs/internal/app-binder/task/SignChallengeWithKeypairTask.js CHANGED Viewed

@@ -1,2 +1,2 @@
-"use strict";var g=Object.defineProperty;var m=Object.getOwnPropertyDescriptor;var x=Object.getOwnPropertyNames;var u=Object.prototype.hasOwnProperty;var d=(a,t)=>{for(var n in t)g(a,n,{get:t[n],enumerable:!0})},E=(a,t,n,i)=>{if(t&&typeof t=="object"||typeof t=="function")for(let e of x(t))!u.call(a,e)&&e!==n&&g(a,e,{get:()=>t[e],enumerable:!(i=m(t,e))||i.enumerable});return a};var v=a=>E(g({},"__esModule",{value:!0}),a);var C={};d(C,{SignChallengeWithKeypairTask:()=>A});module.exports=v(C);var p=require("@ledgerhq/device-management-kit"),l=require("purify-ts"),o=require("../../../api/app-binder/Errors"),h=require("../../utils/crypto"),y=require("../../utils/eitherSeqRecord"),s=require("../../utils/hex");class A{constructor(t,n){this.keypair=t;this.trustchainId=n}run(t){const n=this.getAttestation(),i=this.getCredential(this.keypair.pubKeyToHex());return l.EitherAsync.liftEither(this.getUnsignedChallengeTLV(t.tlv)).map(h.CryptoUtils.hash).map(e=>this.keypair.sign(e)).map(s.bytesToHex).map(e=>({challenge:t.json,signature:{attestation:n,credential:i,signature:e}})).mapLeft(e=>e instanceof o.LKRPMissingDataError?e:new o.LKRPUnknownError(String(e)))}getAttestation(){const t=new TextEncoder().encode(this.trustchainId),n=Uint8Array.from([2,t.length,...t]);return(0,s.bytesToHex)(n)}getCredential(t){return{version:0,curveId:33,signAlgorithm:1,publicKey:t}}getUnsignedChallengeTLV(t){const n=new p.ByteArrayParser((0,s.hexToBytes)(t)),i=new Map(function*(){for(;;){const r=n.extractFieldTLVEncoded();if(!r)break;yield[r.tag,r.value]}}());if(i.size>10)return(0,l.Left)(new o.LKRPMissingDataError("Challenge TLV contains unexpected data"));const e=(r,c)=>l.Maybe.fromNullable(i.get(r)).toEither(new o.LKRPMissingDataError(`Missing ${c} field`));return(0,y.eitherSeqRecord)({payloadType:()=>e(1,"Payload type"),version:()=>e(2,"Version"),challengeExpiry:()=>e(22,"Challenge expiry"),host:()=>e(32,"Host"),protocolVersion:()=>e(96,"Protocol version"),curveId:()=>e(50,"Curve ID"),publicKey:()=>e(51,"Public key"),challengeData:()=>e(18,"Challenge data"),signAlgorithm:()=>e(20,"Sign algorithm"),rpSignatureField:()=>e(21,"RP signature field")}).map(r=>Uint8Array.from([[1,r.payloadType.length,...r.payloadType],[2,r.version.length,...r.version],[18,r.challengeData.length,...r.challengeData],[22,r.challengeExpiry.length,...r.challengeExpiry],[32,r.host.length,...r.host],[96,r.protocolVersion.length,...r.protocolVersion]].flat()))}}0&&(module.exports={SignChallengeWithKeypairTask});
+"use strict";var g=Object.defineProperty;var m=Object.getOwnPropertyDescriptor;var u=Object.getOwnPropertyNames;var x=Object.prototype.hasOwnProperty;var d=(a,t)=>{for(var n in t)g(a,n,{get:t[n],enumerable:!0})},v=(a,t,n,i)=>{if(t&&typeof t=="object"||typeof t=="function")for(let e of u(t))!x.call(a,e)&&e!==n&&g(a,e,{get:()=>t[e],enumerable:!(i=m(t,e))||i.enumerable});return a};var E=a=>v(g({},"__esModule",{value:!0}),a);var A={};d(A,{SignChallengeWithKeypairTask:()=>f});module.exports=E(A);var o=require("@ledgerhq/device-management-kit"),s=require("purify-ts"),p=require("../../../api/crypto/CryptoService"),h=require("../../../api/crypto/KeyPair"),l=require("../../../api/model/Errors"),c=require("../../utils/eitherSeqRecord");class f{constructor(t,n,i){this.cryptoService=t;this.keypair=n;this.trustchainId=i}run(t){const n=this.getAttestation(),i=this.getCredential(this.keypair.getPublicKeyToHex());return s.EitherAsync.liftEither(this.getUnsignedChallengeTLV(t.tlv)).map(e=>this.cryptoService.hash(e,p.HashAlgo.SHA256)).map(e=>this.keypair.sign(e,h.SigFormat.DER)).map(e=>(0,o.bufferToHexaString)(e,!1)).map(e=>({challenge:t.json,signature:{attestation:n,credential:i,signature:e}})).mapLeft(e=>e instanceof l.LKRPMissingDataError?e:new l.LKRPUnknownError(String(e)))}getAttestation(){const t=new TextEncoder().encode(this.trustchainId),n=Uint8Array.from([2,t.length,...t]);return(0,o.bufferToHexaString)(n,!1)}getCredential(t){return{version:0,curveId:33,signAlgorithm:1,publicKey:t}}getUnsignedChallengeTLV(t){const n=new o.ByteArrayParser((0,o.hexaStringToBuffer)(t)??new Uint8Array),i=new Map(function*(){for(;;){const r=n.extractFieldTLVEncoded();if(!r)break;yield[r.tag,r.value]}}());if(i.size>10)return(0,s.Left)(new l.LKRPMissingDataError("Challenge TLV contains unexpected data"));const e=(r,y)=>s.Maybe.fromNullable(i.get(r)).toEither(new l.LKRPMissingDataError(`Missing ${y} field`));return(0,c.eitherSeqRecord)({payloadType:()=>e(1,"Payload type"),version:()=>e(2,"Version"),challengeExpiry:()=>e(22,"Challenge expiry"),host:()=>e(32,"Host"),protocolVersion:()=>e(96,"Protocol version"),curveId:()=>e(50,"Curve ID"),publicKey:()=>e(51,"Public key"),challengeData:()=>e(18,"Challenge data"),signAlgorithm:()=>e(20,"Sign algorithm"),rpSignatureField:()=>e(21,"RP signature field")}).map(r=>Uint8Array.from([[1,r.payloadType.length,...r.payloadType],[2,r.version.length,...r.version],[18,r.challengeData.length,...r.challengeData],[22,r.challengeExpiry.length,...r.challengeExpiry],[32,r.host.length,...r.host],[96,r.protocolVersion.length,...r.protocolVersion]].flat()))}}0&&(module.exports={SignChallengeWithKeypairTask});
 //# sourceMappingURL=SignChallengeWithKeypairTask.js.map

package/lib/cjs/internal/app-binder/task/SignChallengeWithKeypairTask.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../../src/internal/app-binder/task/SignChallengeWithKeypairTask.ts"],
-  "sourcesContent": ["import { ByteArrayParser } from \"@ledgerhq/device-management-kit\";\nimport { type Either, EitherAsync, Left, Maybe } from \"purify-ts\";\n\nimport { LKRPMissingDataError, LKRPUnknownError } from \"@api/app-binder/Errors\";\nimport { type Keypair } from \"@api/app-binder/LKRPTypes\";\nimport {\n  type AuthenticationPayload,\n  type Challenge,\n} from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport { CryptoUtils } from \"@internal/utils/crypto\";\nimport { eitherSeqRecord } from \"@internal/utils/eitherSeqRecord\";\nimport { bytesToHex, hexToBytes } from \"@internal/utils/hex\";\n\nexport class SignChallengeWithKeypairTask {\n  constructor(\n    private readonly keypair: Keypair,\n    private readonly trustchainId: string,\n  ) {}\n\n  run(\n    challenge: Challenge,\n  ): EitherAsync<\n    LKRPMissingDataError | LKRPUnknownError,\n    AuthenticationPayload\n  > {\n    const attestation = this.getAttestation();\n    const credential = this.getCredential(this.keypair.pubKeyToHex());\n\n    return EitherAsync.liftEither(this.getUnsignedChallengeTLV(challenge.tlv))\n      .map(CryptoUtils.hash)\n      .map((hash) => this.keypair.sign(hash))\n      .map(bytesToHex)\n      .map((signature) => ({\n        challenge: challenge.json,\n        signature: { attestation, credential, signature },\n      }))\n      .mapLeft((error) =>\n        error instanceof LKRPMissingDataError\n          ? error\n          : new LKRPUnknownError(String(error)),\n      );\n  }\n\n  // Spec https://ledgerhq.atlassian.net/wiki/spaces/TA/pages/4335960138/ARCH+LedgerLive+Auth+specifications\n  private getAttestation() {\n    const bytes = new TextEncoder().encode(this.trustchainId);\n    const attestation = Uint8Array.from([0x02, bytes.length, ...bytes]);\n    return bytesToHex(attestation);\n  }\n\n  private getCredential(publicKey: string) {\n    return { version: 0, curveId: 33, signAlgorithm: 1, publicKey };\n  }\n\n  private getUnsignedChallengeTLV(\n    tlv: string,\n  ): Either<LKRPMissingDataError, Uint8Array> {\n    const parser = new ByteArrayParser(hexToBytes(tlv));\n    const parsed = new Map(\n      (function* () {\n        while (true) {\n          const field = parser.extractFieldTLVEncoded();\n          if (!field) break; // No more fields to extract\n          yield [field.tag, field.value];\n        }\n      })(),\n    );\n\n    // We expect 10 fields in the TLV\n    if (parsed.size > 10) {\n      return Left(\n        new LKRPMissingDataError(\"Challenge TLV contains unexpected data\"),\n      );\n    }\n\n    const getField = (tag: number, fieldName: string) =>\n      Maybe.fromNullable(parsed.get(tag)).toEither(\n        new LKRPMissingDataError(`Missing ${fieldName} field`),\n      );\n\n    return eitherSeqRecord({\n      // Unsigned fields\n      payloadType: () => getField(0x01, \"Payload type\"),\n      version: () => getField(0x02, \"Version\"),\n      challengeExpiry: () => getField(0x16, \"Challenge expiry\"),\n      host: () => getField(0x20, \"Host\"),\n      protocolVersion: () => getField(0x60, \"Protocol version\"),\n\n      // Signed fields\n      curveId: () => getField(0x32, \"Curve ID\"),\n      publicKey: () => getField(0x33, \"Public key\"),\n      challengeData: () => getField(0x12, \"Challenge data\"),\n      signAlgorithm: () => getField(0x14, \"Sign algorithm\"),\n      rpSignatureField: () => getField(0x15, \"RP signature field\"),\n    }).map((fields) =>\n      Uint8Array.from(\n        [\n          [0x01, fields.payloadType.length, ...fields.payloadType],\n          [0x02, fields.version.length, ...fields.version],\n          [0x12, fields.challengeData.length, ...fields.challengeData],\n          [0x16, fields.challengeExpiry.length, ...fields.challengeExpiry],\n          [0x20, fields.host.length, ...fields.host],\n          [0x60, fields.protocolVersion.length, ...fields.protocolVersion],\n        ].flat(),\n      ),\n    );\n  }\n}\n"],
-  "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,kCAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAAgC,2CAChCC,EAAsD,qBAEtDC,EAAuD,kCAMvDC,EAA4B,kCAC5BC,EAAgC,2CAChCC,EAAuC,+BAEhC,MAAMP,CAA6B,CACxC,YACmBQ,EACAC,EACjB,CAFiB,aAAAD,EACA,kBAAAC,CAChB,CAEH,IACEC,EAIA,CACA,MAAMC,EAAc,KAAK,eAAe,EAClCC,EAAa,KAAK,cAAc,KAAK,QAAQ,YAAY,CAAC,EAEhE,OAAO,cAAY,WAAW,KAAK,wBAAwBF,EAAU,GAAG,CAAC,EACtE,IAAI,cAAY,IAAI,EACpB,IAAKG,GAAS,KAAK,QAAQ,KAAKA,CAAI,CAAC,EACrC,IAAI,YAAU,EACd,IAAKC,IAAe,CACnB,UAAWJ,EAAU,KACrB,UAAW,CAAE,YAAAC,EAAa,WAAAC,EAAY,UAAAE,CAAU,CAClD,EAAE,EACD,QAASC,GACRA,aAAiB,uBACbA,EACA,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CACxC,CACJ,CAGQ,gBAAiB,CACvB,MAAMC,EAAQ,IAAI,YAAY,EAAE,OAAO,KAAK,YAAY,EAClDL,EAAc,WAAW,KAAK,CAAC,EAAMK,EAAM,OAAQ,GAAGA,CAAK,CAAC,EAClE,SAAO,cAAWL,CAAW,CAC/B,CAEQ,cAAcM,EAAmB,CACvC,MAAO,CAAE,QAAS,EAAG,QAAS,GAAI,cAAe,EAAG,UAAAA,CAAU,CAChE,CAEQ,wBACNC,EAC0C,CAC1C,MAAMC,EAAS,IAAI,qBAAgB,cAAWD,CAAG,CAAC,EAC5CE,EAAS,IAAI,IAChB,WAAa,CACZ,OAAa,CACX,MAAMC,EAAQF,EAAO,uBAAuB,EAC5C,GAAI,CAACE,EAAO,MACZ,KAAM,CAACA,EAAM,IAAKA,EAAM,KAAK,CAC/B,CACF,EAAG,CACL,EAGA,GAAID,EAAO,KAAO,GAChB,SAAO,QACL,IAAI,uBAAqB,wCAAwC,CACnE,EAGF,MAAME,EAAW,CAACC,EAAaC,IAC7B,QAAM,aAAaJ,EAAO,IAAIG,CAAG,CAAC,EAAE,SAClC,IAAI,uBAAqB,WAAWC,CAAS,QAAQ,CACvD,EAEF,SAAO,mBAAgB,CAErB,YAAa,IAAMF,EAAS,EAAM,cAAc,EAChD,QAAS,IAAMA,EAAS,EAAM,SAAS,EACvC,gBAAiB,IAAMA,EAAS,GAAM,kBAAkB,EACxD,KAAM,IAAMA,EAAS,GAAM,MAAM,EACjC,gBAAiB,IAAMA,EAAS,GAAM,kBAAkB,EAGxD,QAAS,IAAMA,EAAS,GAAM,UAAU,EACxC,UAAW,IAAMA,EAAS,GAAM,YAAY,EAC5C,cAAe,IAAMA,EAAS,GAAM,gBAAgB,EACpD,cAAe,IAAMA,EAAS,GAAM,gBAAgB,EACpD,iBAAkB,IAAMA,EAAS,GAAM,oBAAoB,CAC7D,CAAC,EAAE,IAAKG,GACN,WAAW,KACT,CACE,CAAC,EAAMA,EAAO,YAAY,OAAQ,GAAGA,EAAO,WAAW,EACvD,CAAC,EAAMA,EAAO,QAAQ,OAAQ,GAAGA,EAAO,OAAO,EAC/C,CAAC,GAAMA,EAAO,cAAc,OAAQ,GAAGA,EAAO,aAAa,EAC3D,CAAC,GAAMA,EAAO,gBAAgB,OAAQ,GAAGA,EAAO,eAAe,EAC/D,CAAC,GAAMA,EAAO,KAAK,OAAQ,GAAGA,EAAO,IAAI,EACzC,CAAC,GAAMA,EAAO,gBAAgB,OAAQ,GAAGA,EAAO,eAAe,CACjE,EAAE,KAAK,CACT,CACF,CACF,CACF",
-  "names": ["SignChallengeWithKeypairTask_exports", "__export", "SignChallengeWithKeypairTask", "__toCommonJS", "import_device_management_kit", "import_purify_ts", "import_Errors", "import_crypto", "import_eitherSeqRecord", "import_hex", "keypair", "trustchainId", "challenge", "attestation", "credential", "hash", "signature", "error", "bytes", "publicKey", "tlv", "parser", "parsed", "field", "getField", "tag", "fieldName", "fields"]
+  "sourcesContent": ["import {\n  bufferToHexaString,\n  ByteArrayParser,\n  hexaStringToBuffer,\n} from \"@ledgerhq/device-management-kit\";\nimport { type Either, EitherAsync, Left, Maybe } from \"purify-ts\";\n\nimport { type CryptoService, HashAlgo } from \"@api/crypto/CryptoService\";\nimport { type KeyPair, SigFormat } from \"@api/crypto/KeyPair\";\nimport { LKRPMissingDataError, LKRPUnknownError } from \"@api/model/Errors\";\nimport {\n  type AuthenticationPayload,\n  type Challenge,\n} from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport { eitherSeqRecord } from \"@internal/utils/eitherSeqRecord\";\n\nexport class SignChallengeWithKeypairTask {\n  constructor(\n    private readonly cryptoService: CryptoService,\n    private readonly keypair: KeyPair,\n    private readonly trustchainId: string,\n  ) {}\n\n  run(\n    challenge: Challenge,\n  ): EitherAsync<\n    LKRPMissingDataError | LKRPUnknownError,\n    AuthenticationPayload\n  > {\n    const attestation = this.getAttestation();\n    const credential = this.getCredential(this.keypair.getPublicKeyToHex());\n\n    return EitherAsync.liftEither(this.getUnsignedChallengeTLV(challenge.tlv))\n      .map((buf) => this.cryptoService.hash(buf, HashAlgo.SHA256))\n      .map((hash) => this.keypair.sign(hash, SigFormat.DER))\n      .map((str) => bufferToHexaString(str, false))\n      .map((signature) => ({\n        challenge: challenge.json,\n        signature: { attestation, credential, signature },\n      }))\n      .mapLeft((error) =>\n        error instanceof LKRPMissingDataError\n          ? error\n          : new LKRPUnknownError(String(error)),\n      );\n  }\n\n  // Spec https://ledgerhq.atlassian.net/wiki/spaces/TA/pages/4335960138/ARCH+LedgerLive+Auth+specifications\n  private getAttestation() {\n    const bytes = new TextEncoder().encode(this.trustchainId);\n    const attestation = Uint8Array.from([0x02, bytes.length, ...bytes]);\n    return bufferToHexaString(attestation, false);\n  }\n\n  private getCredential(publicKey: string) {\n    return { version: 0, curveId: 33, signAlgorithm: 1, publicKey };\n  }\n\n  private getUnsignedChallengeTLV(\n    tlv: string,\n  ): Either<LKRPMissingDataError, Uint8Array> {\n    const parser = new ByteArrayParser(\n      hexaStringToBuffer(tlv) ?? new Uint8Array(),\n    );\n    const parsed = new Map(\n      (function* () {\n        while (true) {\n          const field = parser.extractFieldTLVEncoded();\n          if (!field) break; // No more fields to extract\n          yield [field.tag, field.value];\n        }\n      })(),\n    );\n\n    // We expect 10 fields in the TLV\n    if (parsed.size > 10) {\n      return Left(\n        new LKRPMissingDataError(\"Challenge TLV contains unexpected data\"),\n      );\n    }\n\n    const getField = (tag: number, fieldName: string) =>\n      Maybe.fromNullable(parsed.get(tag)).toEither(\n        new LKRPMissingDataError(`Missing ${fieldName} field`),\n      );\n\n    return eitherSeqRecord({\n      // Unsigned fields\n      payloadType: () => getField(0x01, \"Payload type\"),\n      version: () => getField(0x02, \"Version\"),\n      challengeExpiry: () => getField(0x16, \"Challenge expiry\"),\n      host: () => getField(0x20, \"Host\"),\n      protocolVersion: () => getField(0x60, \"Protocol version\"),\n\n      // Signed fields\n      curveId: () => getField(0x32, \"Curve ID\"),\n      publicKey: () => getField(0x33, \"Public key\"),\n      challengeData: () => getField(0x12, \"Challenge data\"),\n      signAlgorithm: () => getField(0x14, \"Sign algorithm\"),\n      rpSignatureField: () => getField(0x15, \"RP signature field\"),\n    }).map((fields) =>\n      Uint8Array.from(\n        [\n          [0x01, fields.payloadType.length, ...fields.payloadType],\n          [0x02, fields.version.length, ...fields.version],\n          [0x12, fields.challengeData.length, ...fields.challengeData],\n          [0x16, fields.challengeExpiry.length, ...fields.challengeExpiry],\n          [0x20, fields.host.length, ...fields.host],\n          [0x60, fields.protocolVersion.length, ...fields.protocolVersion],\n        ].flat(),\n      ),\n    );\n  }\n}\n"],
+  "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,kCAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAIO,2CACPC,EAAsD,qBAEtDC,EAA6C,qCAC7CC,EAAwC,+BACxCC,EAAuD,6BAKvDC,EAAgC,2CAEzB,MAAMP,CAA6B,CACxC,YACmBQ,EACAC,EACAC,EACjB,CAHiB,mBAAAF,EACA,aAAAC,EACA,kBAAAC,CAChB,CAEH,IACEC,EAIA,CACA,MAAMC,EAAc,KAAK,eAAe,EAClCC,EAAa,KAAK,cAAc,KAAK,QAAQ,kBAAkB,CAAC,EAEtE,OAAO,cAAY,WAAW,KAAK,wBAAwBF,EAAU,GAAG,CAAC,EACtE,IAAKG,GAAQ,KAAK,cAAc,KAAKA,EAAK,WAAS,MAAM,CAAC,EAC1D,IAAKC,GAAS,KAAK,QAAQ,KAAKA,EAAM,YAAU,GAAG,CAAC,EACpD,IAAKC,MAAQ,sBAAmBA,EAAK,EAAK,CAAC,EAC3C,IAAKC,IAAe,CACnB,UAAWN,EAAU,KACrB,UAAW,CAAE,YAAAC,EAAa,WAAAC,EAAY,UAAAI,CAAU,CAClD,EAAE,EACD,QAASC,GACRA,aAAiB,uBACbA,EACA,IAAI,mBAAiB,OAAOA,CAAK,CAAC,CACxC,CACJ,CAGQ,gBAAiB,CACvB,MAAMC,EAAQ,IAAI,YAAY,EAAE,OAAO,KAAK,YAAY,EAClDP,EAAc,WAAW,KAAK,CAAC,EAAMO,EAAM,OAAQ,GAAGA,CAAK,CAAC,EAClE,SAAO,sBAAmBP,EAAa,EAAK,CAC9C,CAEQ,cAAcQ,EAAmB,CACvC,MAAO,CAAE,QAAS,EAAG,QAAS,GAAI,cAAe,EAAG,UAAAA,CAAU,CAChE,CAEQ,wBACNC,EAC0C,CAC1C,MAAMC,EAAS,IAAI,qBACjB,sBAAmBD,CAAG,GAAK,IAAI,UACjC,EACME,EAAS,IAAI,IAChB,WAAa,CACZ,OAAa,CACX,MAAMC,EAAQF,EAAO,uBAAuB,EAC5C,GAAI,CAACE,EAAO,MACZ,KAAM,CAACA,EAAM,IAAKA,EAAM,KAAK,CAC/B,CACF,EAAG,CACL,EAGA,GAAID,EAAO,KAAO,GAChB,SAAO,QACL,IAAI,uBAAqB,wCAAwC,CACnE,EAGF,MAAME,EAAW,CAACC,EAAaC,IAC7B,QAAM,aAAaJ,EAAO,IAAIG,CAAG,CAAC,EAAE,SAClC,IAAI,uBAAqB,WAAWC,CAAS,QAAQ,CACvD,EAEF,SAAO,mBAAgB,CAErB,YAAa,IAAMF,EAAS,EAAM,cAAc,EAChD,QAAS,IAAMA,EAAS,EAAM,SAAS,EACvC,gBAAiB,IAAMA,EAAS,GAAM,kBAAkB,EACxD,KAAM,IAAMA,EAAS,GAAM,MAAM,EACjC,gBAAiB,IAAMA,EAAS,GAAM,kBAAkB,EAGxD,QAAS,IAAMA,EAAS,GAAM,UAAU,EACxC,UAAW,IAAMA,EAAS,GAAM,YAAY,EAC5C,cAAe,IAAMA,EAAS,GAAM,gBAAgB,EACpD,cAAe,IAAMA,EAAS,GAAM,gBAAgB,EACpD,iBAAkB,IAAMA,EAAS,GAAM,oBAAoB,CAC7D,CAAC,EAAE,IAAKG,GACN,WAAW,KACT,CACE,CAAC,EAAMA,EAAO,YAAY,OAAQ,GAAGA,EAAO,WAAW,EACvD,CAAC,EAAMA,EAAO,QAAQ,OAAQ,GAAGA,EAAO,OAAO,EAC/C,CAAC,GAAMA,EAAO,cAAc,OAAQ,GAAGA,EAAO,aAAa,EAC3D,CAAC,GAAMA,EAAO,gBAAgB,OAAQ,GAAGA,EAAO,eAAe,EAC/D,CAAC,GAAMA,EAAO,KAAK,OAAQ,GAAGA,EAAO,IAAI,EACzC,CAAC,GAAMA,EAAO,gBAAgB,OAAQ,GAAGA,EAAO,eAAe,CACjE,EAAE,KAAK,CACT,CACF,CACF,CACF",
+  "names": ["SignChallengeWithKeypairTask_exports", "__export", "SignChallengeWithKeypairTask", "__toCommonJS", "import_device_management_kit", "import_purify_ts", "import_CryptoService", "import_KeyPair", "import_Errors", "import_eitherSeqRecord", "cryptoService", "keypair", "trustchainId", "challenge", "attestation", "credential", "buf", "hash", "str", "signature", "error", "bytes", "publicKey", "tlv", "parser", "parsed", "field", "getField", "tag", "fieldName", "fields"]
 }

package/lib/cjs/internal/app-binder/task/SignChallengeWithKeypairTask.test.js CHANGED Viewed

@@ -1,2 +1,2 @@
-"use strict";var r=require("../../../api/app-binder/Errors"),s=require("../../../api/app-binder/KeypairFromBytes"),f=require("../../utils/hex"),d=require("./SignChallengeWithKeypairTask");describe("SignChallengeWithKeypairTask",()=>{it("should sign a challenge with a keypair",async()=>{const{challenge:e,keypair:a,trustchainId:c}=i(),n=await new d.SignChallengeWithKeypairTask(a,c).run(e).run();expect(n.isRight()).toBe(!0),n.ifRight(t=>{expect(t.challenge).toBe(e.json),expect(t.signature.credential).toEqual({version:0,curveId:33,signAlgorithm:1,publicKey:a.pubKeyToHex()}),expect(t.signature.attestation).toBe("0242303062373538386231393136633036373635343632656266343530363734346665323565643164623831393635326532646562613732313338393738396364633337"),expect(t.signature.signature).toBe("3045022100e9fead4e341f4e145f8888d7897184ff585e23c832a4c7acd15b5a2e53c58d2902204c58596d039960ab9b56ba4f9d27dbc5e647dbe779089e5e7e608501c5270049")})}),it("should handle invalid challenge",async()=>{const{challenge:e,keypair:a,trustchainId:c}=i({tlv:"invalid-tlv"});(await new d.SignChallengeWithKeypairTask(a,c).run(e).run()).ifLeft(t=>expect(t).toBeInstanceOf(r.LKRPMissingDataError))})});function i({privateKey:e="b21ef366414b1aaba29b9576b7c1a661d663cfd8b4f998257dddbf7dc60d315d",trustchainId:a="00b7588b1916c06765462ebf4506744fe25ed1db819652e2deba721389789cdc37",tlv:c="0101070201001210bb1ea0c98526e1ea2deb7c7537f2989514010115473045022038632e8fa245483f0ecdbaa4ca0d455a03e7510da269d2089fed0d5cfa69d3d6022100c2f938d60bf1c34e96a2d332822a86059d90ec26ea222189cd9731834a5c151216046878ab74202b7472757374636861696e2d6261636b656e642e6170692e6177732e7374672e6c64672d746563682e636f6d320121332103cb7628e7248ddf9c07da54b979f16bf081fb3d173aac0992ad2a44ef6a388ae2600401000000"}={}){return{challenge:{tlv:c,json:{}},keypair:new s.KeypairFromBytes((0,f.hexToBytes)(e)),trustchainId:a}}
+"use strict";var s=require("@ledgerhq/device-management-kit"),f=require("../../../api/crypto/CryptoService"),o=require("../../../api/crypto/noble/NobleCryptoService"),b=require("../../../api/model/Errors"),r=require("./SignChallengeWithKeypairTask");const n=new o.NobleCryptoService;describe("SignChallengeWithKeypairTask",()=>{it("should sign a challenge with a keypair",async()=>{const{challenge:e,keypair:a,trustchainId:c}=d(),i=await new r.SignChallengeWithKeypairTask(n,a,c).run(e).run();expect(i.isRight()).toBe(!0),i.ifRight(t=>{expect(t.challenge).toBe(e.json),expect(t.signature.credential).toEqual({version:0,curveId:33,signAlgorithm:1,publicKey:a.getPublicKeyToHex()}),expect(t.signature.attestation).toBe("0242303062373538386231393136633036373635343632656266343530363734346665323565643164623831393635326532646562613732313338393738396364633337"),expect(t.signature.signature).toBe("3045022100e9fead4e341f4e145f8888d7897184ff585e23c832a4c7acd15b5a2e53c58d2902204c58596d039960ab9b56ba4f9d27dbc5e647dbe779089e5e7e608501c5270049")})}),it("should handle invalid challenge",async()=>{const{challenge:e,keypair:a,trustchainId:c}=d({tlv:"invalid-tlv"});(await new r.SignChallengeWithKeypairTask(n,a,c).run(e).run()).ifLeft(t=>expect(t).toBeInstanceOf(b.LKRPMissingDataError))})});function d({privateKey:e="b21ef366414b1aaba29b9576b7c1a661d663cfd8b4f998257dddbf7dc60d315d",trustchainId:a="00b7588b1916c06765462ebf4506744fe25ed1db819652e2deba721389789cdc37",tlv:c="0101070201001210bb1ea0c98526e1ea2deb7c7537f2989514010115473045022038632e8fa245483f0ecdbaa4ca0d455a03e7510da269d2089fed0d5cfa69d3d6022100c2f938d60bf1c34e96a2d332822a86059d90ec26ea222189cd9731834a5c151216046878ab74202b7472757374636861696e2d6261636b656e642e6170692e6177732e7374672e6c64672d746563682e636f6d320121332103cb7628e7248ddf9c07da54b979f16bf081fb3d173aac0992ad2a44ef6a388ae2600401000000"}={}){return{challenge:{tlv:c,json:{}},keypair:n.importKeyPair((0,s.hexaStringToBuffer)(e),f.Curve.K256),trustchainId:a}}
 //# sourceMappingURL=SignChallengeWithKeypairTask.test.js.map

package/lib/cjs/internal/app-binder/task/SignChallengeWithKeypairTask.test.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../../src/internal/app-binder/task/SignChallengeWithKeypairTask.test.ts"],
-  "sourcesContent": ["import { LKRPMissingDataError } from \"@api/app-binder/Errors\";\nimport { KeypairFromBytes } from \"@api/app-binder/KeypairFromBytes\";\nimport { type Challenge } from \"@internal/lkrp-datasource/data/LKRPDataSource\";\nimport { hexToBytes } from \"@internal/utils/hex\";\n\nimport { SignChallengeWithKeypairTask } from \"./SignChallengeWithKeypairTask\";\n\ndescribe(\"SignChallengeWithKeypairTask\", () => {\n  it(\"should sign a challenge with a keypair\", async () => {\n    // GIVEN\n    const { challenge, keypair, trustchainId } = getParameters();\n\n    // WHEN\n    const task = new SignChallengeWithKeypairTask(keypair, trustchainId);\n    const result = await task.run(challenge).run();\n\n    // THEN\n    expect(result.isRight()).toBe(true);\n    result.ifRight((payload) => {\n      expect(payload.challenge).toBe(challenge.json);\n      expect(payload.signature.credential).toEqual({\n        version: 0,\n        curveId: 33,\n        signAlgorithm: 1,\n        publicKey: keypair.pubKeyToHex(),\n      });\n      expect(payload.signature.attestation).toBe(\n        \"0242303062373538386231393136633036373635343632656266343530363734346665323565643164623831393635326532646562613732313338393738396364633337\",\n      );\n      expect(payload.signature.signature).toBe(\n        \"3045022100e9fead4e341f4e145f8888d7897184ff585e23c832a4c7acd15b5a2e53c58d2902204c58596d039960ab9b56ba4f9d27dbc5e647dbe779089e5e7e608501c5270049\",\n      );\n    });\n  });\n\n  it(\"should handle invalid challenge\", async () => {\n    // GIVEN\n    const { challenge, keypair, trustchainId } = getParameters({\n      tlv: \"invalid-tlv\", // Invalid TLV\n    });\n\n    // WHEN\n    const task = new SignChallengeWithKeypairTask(keypair, trustchainId);\n    const result = await task.run(challenge).run();\n\n    // THEN\n    result.ifLeft((error) =>\n      expect(error).toBeInstanceOf(LKRPMissingDataError),\n    );\n  });\n});\n\nfunction getParameters({\n  privateKey = \"b21ef366414b1aaba29b9576b7c1a661d663cfd8b4f998257dddbf7dc60d315d\",\n  trustchainId = \"00b7588b1916c06765462ebf4506744fe25ed1db819652e2deba721389789cdc37\",\n  tlv = \"0101070201001210bb1ea0c98526e1ea2deb7c7537f2989514010115473045022038632e8fa245483f0ecdbaa4ca0d455a03e7510da269d2089fed0d5cfa69d3d6022100c2f938d60bf1c34e96a2d332822a86059d90ec26ea222189cd9731834a5c151216046878ab74202b7472757374636861696e2d6261636b656e642e6170692e6177732e7374672e6c64672d746563682e636f6d320121332103cb7628e7248ddf9c07da54b979f16bf081fb3d173aac0992ad2a44ef6a388ae2600401000000\",\n} = {}) {\n  return {\n    challenge: { tlv, json: {} as Challenge[\"json\"] },\n    keypair: new KeypairFromBytes(hexToBytes(privateKey)),\n    trustchainId,\n  };\n}\n"],
-  "mappings": "aAAA,IAAAA,EAAqC,kCACrCC,EAAiC,4CAEjCC,EAA2B,+BAE3BC,EAA6C,0CAE7C,SAAS,+BAAgC,IAAM,CAC7C,GAAG,yCAA0C,SAAY,CAEvD,KAAM,CAAE,UAAAC,EAAW,QAAAC,EAAS,aAAAC,CAAa,EAAIC,EAAc,EAIrDC,EAAS,MADF,IAAI,+BAA6BH,EAASC,CAAY,EACzC,IAAIF,CAAS,EAAE,IAAI,EAG7C,OAAOI,EAAO,QAAQ,CAAC,EAAE,KAAK,EAAI,EAClCA,EAAO,QAASC,GAAY,CAC1B,OAAOA,EAAQ,SAAS,EAAE,KAAKL,EAAU,IAAI,EAC7C,OAAOK,EAAQ,UAAU,UAAU,EAAE,QAAQ,CAC3C,QAAS,EACT,QAAS,GACT,cAAe,EACf,UAAWJ,EAAQ,YAAY,CACjC,CAAC,EACD,OAAOI,EAAQ,UAAU,WAAW,EAAE,KACpC,0IACF,EACA,OAAOA,EAAQ,UAAU,SAAS,EAAE,KAClC,gJACF,CACF,CAAC,CACH,CAAC,EAED,GAAG,kCAAmC,SAAY,CAEhD,KAAM,CAAE,UAAAL,EAAW,QAAAC,EAAS,aAAAC,CAAa,EAAIC,EAAc,CACzD,IAAK,aACP,CAAC,GAIc,MADF,IAAI,+BAA6BF,EAASC,CAAY,EACzC,IAAIF,CAAS,EAAE,IAAI,GAGtC,OAAQM,GACb,OAAOA,CAAK,EAAE,eAAe,sBAAoB,CACnD,CACF,CAAC,CACH,CAAC,EAED,SAASH,EAAc,CACrB,WAAAI,EAAa,mEACb,aAAAL,EAAe,qEACf,IAAAM,EAAM,wYACR,EAAI,CAAC,EAAG,CACN,MAAO,CACL,UAAW,CAAE,IAAAA,EAAK,KAAM,CAAC,CAAuB,EAChD,QAAS,IAAI,sBAAiB,cAAWD,CAAU,CAAC,EACpD,aAAAL,CACF,CACF",
-  "names": ["import_Errors", "import_KeypairFromBytes", "import_hex", "import_SignChallengeWithKeypairTask", "challenge", "keypair", "trustchainId", "getParameters", "result", "payload", "error", "privateKey", "tlv"]
+  "sourcesContent": ["import { hexaStringToBuffer } from \"@ledgerhq/device-management-kit\";\n\nimport { Curve } from \"@api/crypto/CryptoService\";\nimport { NobleCryptoService } from \"@api/crypto/noble/NobleCryptoService\";\nimport { LKRPMissingDataError } from \"@api/model/Errors\";\nimport { type Challenge } from \"@internal/lkrp-datasource/data/LKRPDataSource\";\n\nimport { SignChallengeWithKeypairTask } from \"./SignChallengeWithKeypairTask\";\n\nconst cryptoService = new NobleCryptoService();\n\ndescribe(\"SignChallengeWithKeypairTask\", () => {\n  it(\"should sign a challenge with a keypair\", async () => {\n    // GIVEN\n    const { challenge, keypair, trustchainId } = getParameters();\n\n    // WHEN\n    const task = new SignChallengeWithKeypairTask(\n      cryptoService,\n      keypair,\n      trustchainId,\n    );\n    const result = await task.run(challenge).run();\n\n    // THEN\n    expect(result.isRight()).toBe(true);\n    result.ifRight((payload) => {\n      expect(payload.challenge).toBe(challenge.json);\n      expect(payload.signature.credential).toEqual({\n        version: 0,\n        curveId: 33,\n        signAlgorithm: 1,\n        publicKey: keypair.getPublicKeyToHex(),\n      });\n      expect(payload.signature.attestation).toBe(\n        \"0242303062373538386231393136633036373635343632656266343530363734346665323565643164623831393635326532646562613732313338393738396364633337\",\n      );\n      expect(payload.signature.signature).toBe(\n        \"3045022100e9fead4e341f4e145f8888d7897184ff585e23c832a4c7acd15b5a2e53c58d2902204c58596d039960ab9b56ba4f9d27dbc5e647dbe779089e5e7e608501c5270049\",\n      );\n    });\n  });\n\n  it(\"should handle invalid challenge\", async () => {\n    // GIVEN\n    const { challenge, keypair, trustchainId } = getParameters({\n      tlv: \"invalid-tlv\", // Invalid TLV\n    });\n\n    // WHEN\n    const task = new SignChallengeWithKeypairTask(\n      cryptoService,\n      keypair,\n      trustchainId,\n    );\n    const result = await task.run(challenge).run();\n\n    // THEN\n    result.ifLeft((error) =>\n      expect(error).toBeInstanceOf(LKRPMissingDataError),\n    );\n  });\n});\n\nfunction getParameters({\n  privateKey = \"b21ef366414b1aaba29b9576b7c1a661d663cfd8b4f998257dddbf7dc60d315d\",\n  trustchainId = \"00b7588b1916c06765462ebf4506744fe25ed1db819652e2deba721389789cdc37\",\n  tlv = \"0101070201001210bb1ea0c98526e1ea2deb7c7537f2989514010115473045022038632e8fa245483f0ecdbaa4ca0d455a03e7510da269d2089fed0d5cfa69d3d6022100c2f938d60bf1c34e96a2d332822a86059d90ec26ea222189cd9731834a5c151216046878ab74202b7472757374636861696e2d6261636b656e642e6170692e6177732e7374672e6c64672d746563682e636f6d320121332103cb7628e7248ddf9c07da54b979f16bf081fb3d173aac0992ad2a44ef6a388ae2600401000000\",\n} = {}) {\n  return {\n    challenge: { tlv, json: {} as Challenge[\"json\"] },\n    keypair: cryptoService.importKeyPair(\n      hexaStringToBuffer(privateKey)!,\n      Curve.K256,\n    ),\n    trustchainId,\n  };\n}\n"],
+  "mappings": "aAAA,IAAAA,EAAmC,2CAEnCC,EAAsB,qCACtBC,EAAmC,gDACnCC,EAAqC,6BAGrCC,EAA6C,0CAE7C,MAAMC,EAAgB,IAAI,qBAE1B,SAAS,+BAAgC,IAAM,CAC7C,GAAG,yCAA0C,SAAY,CAEvD,KAAM,CAAE,UAAAC,EAAW,QAAAC,EAAS,aAAAC,CAAa,EAAIC,EAAc,EAQrDC,EAAS,MALF,IAAI,+BACfL,EACAE,EACAC,CACF,EAC0B,IAAIF,CAAS,EAAE,IAAI,EAG7C,OAAOI,EAAO,QAAQ,CAAC,EAAE,KAAK,EAAI,EAClCA,EAAO,QAASC,GAAY,CAC1B,OAAOA,EAAQ,SAAS,EAAE,KAAKL,EAAU,IAAI,EAC7C,OAAOK,EAAQ,UAAU,UAAU,EAAE,QAAQ,CAC3C,QAAS,EACT,QAAS,GACT,cAAe,EACf,UAAWJ,EAAQ,kBAAkB,CACvC,CAAC,EACD,OAAOI,EAAQ,UAAU,WAAW,EAAE,KACpC,0IACF,EACA,OAAOA,EAAQ,UAAU,SAAS,EAAE,KAClC,gJACF,CACF,CAAC,CACH,CAAC,EAED,GAAG,kCAAmC,SAAY,CAEhD,KAAM,CAAE,UAAAL,EAAW,QAAAC,EAAS,aAAAC,CAAa,EAAIC,EAAc,CACzD,IAAK,aACP,CAAC,GAQc,MALF,IAAI,+BACfJ,EACAE,EACAC,CACF,EAC0B,IAAIF,CAAS,EAAE,IAAI,GAGtC,OAAQM,GACb,OAAOA,CAAK,EAAE,eAAe,sBAAoB,CACnD,CACF,CAAC,CACH,CAAC,EAED,SAASH,EAAc,CACrB,WAAAI,EAAa,mEACb,aAAAL,EAAe,qEACf,IAAAM,EAAM,wYACR,EAAI,CAAC,EAAG,CACN,MAAO,CACL,UAAW,CAAE,IAAAA,EAAK,KAAM,CAAC,CAAuB,EAChD,QAAST,EAAc,iBACrB,sBAAmBQ,CAAU,EAC7B,QAAM,IACR,EACA,aAAAL,CACF,CACF",
+  "names": ["import_device_management_kit", "import_CryptoService", "import_NobleCryptoService", "import_Errors", "import_SignChallengeWithKeypairTask", "cryptoService", "challenge", "keypair", "trustchainId", "getParameters", "result", "payload", "error", "privateKey", "tlv"]
 }

package/lib/cjs/internal/app-binder/task/utils/TrustedProperties.js CHANGED Viewed

@@ -1,2 +1,2 @@
-"use strict";var p=Object.defineProperty;var g=Object.getOwnPropertyDescriptor;var y=Object.getOwnPropertyNames;var c=Object.prototype.hasOwnProperty;var d=(e,r)=>{for(var i in r)p(e,i,{get:r[i],enumerable:!0})},u=(e,r,i,o)=>{if(r&&typeof r=="object"||typeof r=="function")for(let a of y(r))!c.call(e,a)&&a!==i&&p(e,a,{get:()=>r[a],enumerable:!(o=g(r,a))||o.enumerable});return e};var h=e=>u(p({},"__esModule",{value:!0}),e);var m={};d(m,{TrustedProperties:()=>l});module.exports=h(m);var P=require("@ledgerhq/device-management-kit"),t=require("purify-ts"),E=require("../../../../api/app-binder/Errors"),s=require("../../../models/Tags"),n=require("../../../utils/required");class l{constructor(r){this.bytes=r;this.parser=new P.ByteArrayParser(r)}parser;iv=null;encryptedProps=null;getIv(){if(!this.iv){const r=this.parser.extractFieldTLVEncoded();if(!r||r.tag!==0)return(0,t.Left)(new E.LKRPParsingError("Invalid trusted property: missing IV"));this.iv=r.value}return(0,t.Right)(this.iv)}getIssuer(){return this.parseEncryptedProps().chain(r=>(0,n.required)(r.get(s.TPTags.ISSUER)?.value,"Missing issuer in trusted properties"))}getXPriv(){return this.parseEncryptedProps().chain(r=>(0,n.required)(r.get(s.TPTags.XPRIV)?.value,"Missing xpriv in trusted properties"))}getEphemeralPublicKey(){return this.parseEncryptedProps().chain(r=>(0,n.required)(r.get(s.TPTags.EPHEMERAL_PUBLIC_KEY)?.value,"Missing ephemeral public key in trusted properties"))}getCommandIv(){return this.parseEncryptedProps().chain(r=>(0,n.required)(r.get(s.TPTags.COMMAND_IV)?.value,"Missing command IV in trusted properties"))}getGroupKey(){return this.parseEncryptedProps().chain(r=>(0,n.required)(r.get(s.TPTags.GROUPKEY)?.value,"Missing group key in trusted properties"))}getNewMember(){return this.parseEncryptedProps().chain(r=>(0,n.required)(r.get(s.TPTags.NEW_MEMBER)?.tlv,"Missing new member in trusted properties"))}parseEncryptedProps(){return this.encryptedProps?(0,t.Right)(this.encryptedProps):this.getIv().chain(()=>t.Either.sequence(Array.from(R(this.parser)))).map(r=>new Map(r.map(i=>[i.tag,i]))).ifRight(r=>{this.encryptedProps=r})}}function*R(e){for(;;){const r=e.extractFieldTLVEncoded();if(!r)return;yield(0,t.Right)(r)}}0&&(module.exports={TrustedProperties});
+"use strict";var p=Object.defineProperty;var g=Object.getOwnPropertyDescriptor;var y=Object.getOwnPropertyNames;var c=Object.prototype.hasOwnProperty;var d=(e,r)=>{for(var i in r)p(e,i,{get:r[i],enumerable:!0})},u=(e,r,i,o)=>{if(r&&typeof r=="object"||typeof r=="function")for(let a of y(r))!c.call(e,a)&&a!==i&&p(e,a,{get:()=>r[a],enumerable:!(o=g(r,a))||o.enumerable});return e};var h=e=>u(p({},"__esModule",{value:!0}),e);var m={};d(m,{TrustedProperties:()=>l});module.exports=h(m);var P=require("@ledgerhq/device-management-kit"),t=require("purify-ts"),E=require("../../../../api/model/Errors"),s=require("../../../models/Tags"),n=require("../../../utils/required");class l{constructor(r){this.bytes=r;this.parser=new P.ByteArrayParser(r)}parser;iv=null;encryptedProps=null;getIv(){if(!this.iv){const r=this.parser.extractFieldTLVEncoded();if(!r||r.tag!==0)return(0,t.Left)(new E.LKRPParsingError("Invalid trusted property: missing IV"));this.iv=r.value}return(0,t.Right)(this.iv)}getIssuer(){return this.parseEncryptedProps().chain(r=>(0,n.required)(r.get(s.TPTags.ISSUER)?.value,"Missing issuer in trusted properties"))}getXPriv(){return this.parseEncryptedProps().chain(r=>(0,n.required)(r.get(s.TPTags.XPRIV)?.value,"Missing xpriv in trusted properties"))}getEphemeralPublicKey(){return this.parseEncryptedProps().chain(r=>(0,n.required)(r.get(s.TPTags.EPHEMERAL_PUBLIC_KEY)?.value,"Missing ephemeral public key in trusted properties"))}getCommandIv(){return this.parseEncryptedProps().chain(r=>(0,n.required)(r.get(s.TPTags.COMMAND_IV)?.value,"Missing command IV in trusted properties"))}getGroupKey(){return this.parseEncryptedProps().chain(r=>(0,n.required)(r.get(s.TPTags.GROUPKEY)?.value,"Missing group key in trusted properties"))}getNewMember(){return this.parseEncryptedProps().chain(r=>(0,n.required)(r.get(s.TPTags.NEW_MEMBER)?.tlv,"Missing new member in trusted properties"))}parseEncryptedProps(){return this.encryptedProps?(0,t.Right)(this.encryptedProps):this.getIv().chain(()=>t.Either.sequence(Array.from(R(this.parser)))).map(r=>new Map(r.map(i=>[i.tag,i]))).ifRight(r=>{this.encryptedProps=r})}}function*R(e){for(;;){const r=e.extractFieldTLVEncoded();if(!r)return;yield(0,t.Right)(r)}}0&&(module.exports={TrustedProperties});
 //# sourceMappingURL=TrustedProperties.js.map

package/lib/cjs/internal/app-binder/task/utils/TrustedProperties.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../../../src/internal/app-binder/task/utils/TrustedProperties.ts"],
-  "sourcesContent": ["import { ByteArrayParser } from \"@ledgerhq/device-management-kit\";\nimport { Either, Left, Right } from \"purify-ts\";\n\nimport {\n  type LKRPMissingDataError,\n  LKRPParsingError,\n} from \"@api/app-binder/Errors\";\nimport { TPTags } from \"@internal/models/Tags\";\nimport { required } from \"@internal/utils/required\";\n\ntype EncryptedTPTag = Exclude<TPTags, TPTags.IV>;\ntype EncryptedTP = { tag: EncryptedTPTag; value: Uint8Array; tlv: Uint8Array };\n\nexport class TrustedProperties {\n  private readonly parser: ByteArrayParser;\n  private iv: Uint8Array | null = null;\n  private encryptedProps: Map<EncryptedTPTag, EncryptedTP> | null = null;\n\n  constructor(public readonly bytes: Uint8Array) {\n    this.parser = new ByteArrayParser(bytes);\n  }\n\n  getIv(): Either<LKRPParsingError, Uint8Array> {\n    if (!this.iv) {\n      const field = this.parser.extractFieldTLVEncoded();\n      if (!field || field.tag !== 0x00) {\n        return Left(\n          new LKRPParsingError(\"Invalid trusted property: missing IV\"),\n        );\n      }\n\n      this.iv = field.value;\n    }\n    return Right(this.iv);\n  }\n\n  getIssuer(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.ISSUER)?.value,\n        \"Missing issuer in trusted properties\",\n      ),\n    );\n  }\n\n  getXPriv(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.XPRIV)?.value,\n        \"Missing xpriv in trusted properties\",\n      ),\n    );\n  }\n\n  getEphemeralPublicKey(): Either<\n    LKRPParsingError | LKRPMissingDataError,\n    Uint8Array\n  > {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.EPHEMERAL_PUBLIC_KEY)?.value,\n        \"Missing ephemeral public key in trusted properties\",\n      ),\n    );\n  }\n\n  getCommandIv(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.COMMAND_IV)?.value,\n        \"Missing command IV in trusted properties\",\n      ),\n    );\n  }\n\n  getGroupKey(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.GROUPKEY)?.value,\n        \"Missing group key in trusted properties\",\n      ),\n    );\n  }\n\n  getNewMember(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.NEW_MEMBER)?.tlv,\n        \"Missing new member in trusted properties\",\n      ),\n    );\n  }\n\n  parseEncryptedProps(): Either<\n    LKRPParsingError,\n    Map<EncryptedTPTag, EncryptedTP>\n  > {\n    return this.encryptedProps\n      ? Right(this.encryptedProps)\n      : this.getIv()\n          .chain(() => Either.sequence(Array.from(parseTPs(this.parser))))\n          .map((fields) => new Map(fields.map((field) => [field.tag, field])))\n          .ifRight((props) => {\n            this.encryptedProps = props;\n          });\n  }\n}\n\nfunction* parseTPs(\n  parser: ByteArrayParser,\n): Generator<Either<LKRPParsingError, EncryptedTP>> {\n  while (true) {\n    const field = parser.extractFieldTLVEncoded();\n    if (!field) return;\n    yield Right(field);\n  }\n}\n"],
-  "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,uBAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAAgC,2CAChCC,EAAoC,qBAEpCC,EAGO,kCACPC,EAAuB,iCACvBC,EAAyB,oCAKlB,MAAMN,CAAkB,CAK7B,YAA4BO,EAAmB,CAAnB,WAAAA,EAC1B,KAAK,OAAS,IAAI,kBAAgBA,CAAK,CACzC,CANiB,OACT,GAAwB,KACxB,eAA0D,KAMlE,OAA8C,CAC5C,GAAI,CAAC,KAAK,GAAI,CACZ,MAAMC,EAAQ,KAAK,OAAO,uBAAuB,EACjD,GAAI,CAACA,GAASA,EAAM,MAAQ,EAC1B,SAAO,QACL,IAAI,mBAAiB,sCAAsC,CAC7D,EAGF,KAAK,GAAKA,EAAM,KAClB,CACA,SAAO,SAAM,KAAK,EAAE,CACtB,CAEA,WAAyE,CACvE,OAAO,KAAK,oBAAoB,EAAE,MAAOC,MACvC,YACEA,EAAM,IAAI,SAAO,MAAM,GAAG,MAC1B,sCACF,CACF,CACF,CAEA,UAAwE,CACtE,OAAO,KAAK,oBAAoB,EAAE,MAAOA,MACvC,YACEA,EAAM,IAAI,SAAO,KAAK,GAAG,MACzB,qCACF,CACF,CACF,CAEA,uBAGE,CACA,OAAO,KAAK,oBAAoB,EAAE,MAAOA,MACvC,YACEA,EAAM,IAAI,SAAO,oBAAoB,GAAG,MACxC,oDACF,CACF,CACF,CAEA,cAA4E,CAC1E,OAAO,KAAK,oBAAoB,EAAE,MAAOA,MACvC,YACEA,EAAM,IAAI,SAAO,UAAU,GAAG,MAC9B,0CACF,CACF,CACF,CAEA,aAA2E,CACzE,OAAO,KAAK,oBAAoB,EAAE,MAAOA,MACvC,YACEA,EAAM,IAAI,SAAO,QAAQ,GAAG,MAC5B,yCACF,CACF,CACF,CAEA,cAA4E,CAC1E,OAAO,KAAK,oBAAoB,EAAE,MAAOA,MACvC,YACEA,EAAM,IAAI,SAAO,UAAU,GAAG,IAC9B,0CACF,CACF,CACF,CAEA,qBAGE,CACA,OAAO,KAAK,kBACR,SAAM,KAAK,cAAc,EACzB,KAAK,MAAM,EACR,MAAM,IAAM,SAAO,SAAS,MAAM,KAAKC,EAAS,KAAK,MAAM,CAAC,CAAC,CAAC,EAC9D,IAAKC,GAAW,IAAI,IAAIA,EAAO,IAAKH,GAAU,CAACA,EAAM,IAAKA,CAAK,CAAC,CAAC,CAAC,EAClE,QAASC,GAAU,CAClB,KAAK,eAAiBA,CACxB,CAAC,CACT,CACF,CAEA,SAAUC,EACRE,EACkD,CAClD,OAAa,CACX,MAAMJ,EAAQI,EAAO,uBAAuB,EAC5C,GAAI,CAACJ,EAAO,OACZ,QAAM,SAAMA,CAAK,CACnB,CACF",
+  "sourcesContent": ["import { ByteArrayParser } from \"@ledgerhq/device-management-kit\";\nimport { Either, Left, Right } from \"purify-ts\";\n\nimport { type LKRPMissingDataError, LKRPParsingError } from \"@api/model/Errors\";\nimport { TPTags } from \"@internal/models/Tags\";\nimport { required } from \"@internal/utils/required\";\n\ntype EncryptedTPTag = Exclude<TPTags, TPTags.IV>;\ntype EncryptedTP = { tag: EncryptedTPTag; value: Uint8Array; tlv: Uint8Array };\n\nexport class TrustedProperties {\n  private readonly parser: ByteArrayParser;\n  private iv: Uint8Array | null = null;\n  private encryptedProps: Map<EncryptedTPTag, EncryptedTP> | null = null;\n\n  constructor(public readonly bytes: Uint8Array) {\n    this.parser = new ByteArrayParser(bytes);\n  }\n\n  getIv(): Either<LKRPParsingError, Uint8Array> {\n    if (!this.iv) {\n      const field = this.parser.extractFieldTLVEncoded();\n      if (!field || field.tag !== 0x00) {\n        return Left(\n          new LKRPParsingError(\"Invalid trusted property: missing IV\"),\n        );\n      }\n\n      this.iv = field.value;\n    }\n    return Right(this.iv);\n  }\n\n  getIssuer(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.ISSUER)?.value,\n        \"Missing issuer in trusted properties\",\n      ),\n    );\n  }\n\n  getXPriv(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.XPRIV)?.value,\n        \"Missing xpriv in trusted properties\",\n      ),\n    );\n  }\n\n  getEphemeralPublicKey(): Either<\n    LKRPParsingError | LKRPMissingDataError,\n    Uint8Array\n  > {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.EPHEMERAL_PUBLIC_KEY)?.value,\n        \"Missing ephemeral public key in trusted properties\",\n      ),\n    );\n  }\n\n  getCommandIv(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.COMMAND_IV)?.value,\n        \"Missing command IV in trusted properties\",\n      ),\n    );\n  }\n\n  getGroupKey(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.GROUPKEY)?.value,\n        \"Missing group key in trusted properties\",\n      ),\n    );\n  }\n\n  getNewMember(): Either<LKRPParsingError | LKRPMissingDataError, Uint8Array> {\n    return this.parseEncryptedProps().chain((props) =>\n      required(\n        props.get(TPTags.NEW_MEMBER)?.tlv,\n        \"Missing new member in trusted properties\",\n      ),\n    );\n  }\n\n  parseEncryptedProps(): Either<\n    LKRPParsingError,\n    Map<EncryptedTPTag, EncryptedTP>\n  > {\n    return this.encryptedProps\n      ? Right(this.encryptedProps)\n      : this.getIv()\n          .chain(() => Either.sequence(Array.from(parseTPs(this.parser))))\n          .map((fields) => new Map(fields.map((field) => [field.tag, field])))\n          .ifRight((props) => {\n            this.encryptedProps = props;\n          });\n  }\n}\n\nfunction* parseTPs(\n  parser: ByteArrayParser,\n): Generator<Either<LKRPParsingError, EncryptedTP>> {\n  while (true) {\n    const field = parser.extractFieldTLVEncoded();\n    if (!field) return;\n    yield Right(field);\n  }\n}\n"],
+  "mappings": "yaAAA,IAAAA,EAAA,GAAAC,EAAAD,EAAA,uBAAAE,IAAA,eAAAC,EAAAH,GAAA,IAAAI,EAAgC,2CAChCC,EAAoC,qBAEpCC,EAA4D,6BAC5DC,EAAuB,iCACvBC,EAAyB,oCAKlB,MAAMN,CAAkB,CAK7B,YAA4BO,EAAmB,CAAnB,WAAAA,EAC1B,KAAK,OAAS,IAAI,kBAAgBA,CAAK,CACzC,CANiB,OACT,GAAwB,KACxB,eAA0D,KAMlE,OAA8C,CAC5C,GAAI,CAAC,KAAK,GAAI,CACZ,MAAMC,EAAQ,KAAK,OAAO,uBAAuB,EACjD,GAAI,CAACA,GAASA,EAAM,MAAQ,EAC1B,SAAO,QACL,IAAI,mBAAiB,sCAAsC,CAC7D,EAGF,KAAK,GAAKA,EAAM,KAClB,CACA,SAAO,SAAM,KAAK,EAAE,CACtB,CAEA,WAAyE,CACvE,OAAO,KAAK,oBAAoB,EAAE,MAAOC,MACvC,YACEA,EAAM,IAAI,SAAO,MAAM,GAAG,MAC1B,sCACF,CACF,CACF,CAEA,UAAwE,CACtE,OAAO,KAAK,oBAAoB,EAAE,MAAOA,MACvC,YACEA,EAAM,IAAI,SAAO,KAAK,GAAG,MACzB,qCACF,CACF,CACF,CAEA,uBAGE,CACA,OAAO,KAAK,oBAAoB,EAAE,MAAOA,MACvC,YACEA,EAAM,IAAI,SAAO,oBAAoB,GAAG,MACxC,oDACF,CACF,CACF,CAEA,cAA4E,CAC1E,OAAO,KAAK,oBAAoB,EAAE,MAAOA,MACvC,YACEA,EAAM,IAAI,SAAO,UAAU,GAAG,MAC9B,0CACF,CACF,CACF,CAEA,aAA2E,CACzE,OAAO,KAAK,oBAAoB,EAAE,MAAOA,MACvC,YACEA,EAAM,IAAI,SAAO,QAAQ,GAAG,MAC5B,yCACF,CACF,CACF,CAEA,cAA4E,CAC1E,OAAO,KAAK,oBAAoB,EAAE,MAAOA,MACvC,YACEA,EAAM,IAAI,SAAO,UAAU,GAAG,IAC9B,0CACF,CACF,CACF,CAEA,qBAGE,CACA,OAAO,KAAK,kBACR,SAAM,KAAK,cAAc,EACzB,KAAK,MAAM,EACR,MAAM,IAAM,SAAO,SAAS,MAAM,KAAKC,EAAS,KAAK,MAAM,CAAC,CAAC,CAAC,EAC9D,IAAKC,GAAW,IAAI,IAAIA,EAAO,IAAKH,GAAU,CAACA,EAAM,IAAKA,CAAK,CAAC,CAAC,CAAC,EAClE,QAASC,GAAU,CAClB,KAAK,eAAiBA,CACxB,CAAC,CACT,CACF,CAEA,SAAUC,EACRE,EACkD,CAClD,OAAa,CACX,MAAMJ,EAAQI,EAAO,uBAAuB,EAC5C,GAAI,CAACJ,EAAO,OACZ,QAAM,SAAMA,CAAK,CACnB,CACF",
   "names": ["TrustedProperties_exports", "__export", "TrustedProperties", "__toCommonJS", "import_device_management_kit", "import_purify_ts", "import_Errors", "import_Tags", "import_required", "bytes", "field", "props", "parseTPs", "fields", "parser"]
 }

package/lib/cjs/internal/di.js CHANGED Viewed

@@ -1,2 +1,2 @@
-"use strict";var p=Object.defineProperty;var u=Object.getOwnPropertyDescriptor;var g=Object.getOwnPropertyNames;var v=Object.prototype.hasOwnProperty;var M=(e,t)=>{for(var o in t)p(e,o,{get:t[o],enumerable:!0})},b=(e,t,o,a)=>{if(t&&typeof t=="object"||typeof t=="function")for(let n of g(t))!v.call(e,n)&&n!==o&&p(e,n,{get:()=>t[n],enumerable:!(a=u(t,n))||a.enumerable});return e};var k=e=>b(p({},"__esModule",{value:!0}),e);var C={};M(C,{makeContainer:()=>f});module.exports=k(C);var m=require("inversify"),i=require("../api/index"),c=require("./app-binder/di/appBinderModule"),l=require("./lkrp-datasource/di/lkrpDatasourceModuleFactory"),d=require("./use-cases/di/useCasesModule"),s=require("./externalTypes");const f=({dmk:e,applicationId:t,env:o=i.LKRPEnv.PROD,baseUrl:a,stub:n})=>{const r=new m.Container;return r.bind(s.externalTypes.Dmk).toConstantValue(e),r.bind(s.externalTypes.ApplicationId).toConstantValue(t),r.loadSync((0,c.appBindingModuleFactory)(),(0,l.lkrpDatasourceModuleFactory)({baseUrl:a??y.get(o),stub:n}),(0,d.useCasesModuleFactory)()),r},y=new Map([[i.LKRPEnv.PROD,"https://trustchain.api.live.ledger.com/v1"],[i.LKRPEnv.STAGING,"https://trustchain-backend.api.aws.stg.ldg-tech.com/v1"]]);0&&(module.exports={makeContainer});
+"use strict";var c=Object.defineProperty;var u=Object.getOwnPropertyDescriptor;var y=Object.getOwnPropertyNames;var C=Object.prototype.hasOwnProperty;var g=(e,t)=>{for(var r in t)c(e,r,{get:t[r],enumerable:!0})},M=(e,t,r,a)=>{if(t&&typeof t=="object"||typeof t=="function")for(let o of y(t))!C.call(e,o)&&o!==r&&c(e,o,{get:()=>t[o],enumerable:!(a=u(t,o))||a.enumerable});return e};var b=e=>M(c({},"__esModule",{value:!0}),e);var D={};g(D,{makeContainer:()=>f});module.exports=b(D);var m=require("inversify"),p=require("../api/index"),s=require("./app-binder/di/appBinderModule"),l=require("./lkrp-datasource/di/lkrpDatasourceModuleFactory"),v=require("./use-cases/di/useCasesModule"),i=require("./externalTypes");const f=({dmk:e,applicationId:t,cryptoService:r,env:a=p.LKRPEnv.PROD,baseUrl:o,stub:d})=>{const n=new m.Container;return n.bind(i.externalTypes.Dmk).toConstantValue(e),n.bind(i.externalTypes.ApplicationId).toConstantValue(t),n.bind(i.externalTypes.CryptoService).toConstantValue(r),n.loadSync((0,s.appBindingModuleFactory)(),(0,l.lkrpDatasourceModuleFactory)({baseUrl:o??k.get(a),stub:d}),(0,v.useCasesModuleFactory)()),n},k=new Map([[p.LKRPEnv.PROD,"https://trustchain.api.live.ledger.com/v1"],[p.LKRPEnv.STAGING,"https://trustchain-backend.api.aws.stg.ldg-tech.com/v1"]]);0&&(module.exports={makeContainer});
 //# sourceMappingURL=di.js.map