npm - @lightsparkdev/core - Versions diffs - 0.2.1 → 0.2.2 - Mend

@lightsparkdev/core 0.2.1 → 0.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (58) hide show

package/CHANGELOG.md +6 -0
package/dist/chunk-23X5L5S3.js +604 -0
package/dist/chunk-4OZ5E62P.js +608 -0
package/dist/chunk-5FD46UVI.js +600 -0
package/dist/chunk-BAQMCJ7C.js +630 -0
package/dist/chunk-GFTKZSHK.js +627 -0
package/dist/chunk-I3HKDOEE.js +627 -0
package/dist/chunk-J6LSW6XO.js +601 -0
package/dist/chunk-JUD4MOOQ.js +608 -0
package/dist/chunk-KX6HH6CX.js +629 -0
package/dist/chunk-MZCDWVLH.js +634 -0
package/dist/chunk-NY3BK66J.js +624 -0
package/dist/chunk-Q7UUXZNC.js +26 -0
package/dist/chunk-WT2HYC6Q.js +601 -0
package/dist/chunk-YYVOX4YM.js +600 -0
package/dist/chunk-ZUIUADXH.js +616 -0
package/dist/crypto-rn-2BYOHLMG.js +72 -0
package/dist/crypto-rn-2YV53C3B.js +72 -0
package/dist/crypto-rn-3HFXYG7I.js +75 -0
package/dist/crypto-rn-3HLWLVZS.js +76 -0
package/dist/crypto-rn-3N3JTBLE.js +83 -0
package/dist/crypto-rn-3OEMMMOD.js +74 -0
package/dist/crypto-rn-5EZSRY5Y.js +82 -0
package/dist/crypto-rn-5KM2YVOI.js +82 -0
package/dist/crypto-rn-6335R2CU.js +80 -0
package/dist/crypto-rn-6ZHSL7CX.js +72 -0
package/dist/crypto-rn-7DWXMO2Q.js +75 -0
package/dist/crypto-rn-7GTI374I.js +81 -0
package/dist/crypto-rn-AXDY3LDG.js +124 -0
package/dist/crypto-rn-BZ2KZ2YR.js +68 -0
package/dist/crypto-rn-CAPL7MYC.js +80 -0
package/dist/crypto-rn-CBAKEB7C.js +68 -0
package/dist/crypto-rn-CBWHV2F5.js +82 -0
package/dist/crypto-rn-CS36MQ4X.js +77 -0
package/dist/crypto-rn-E4RZNGIB.js +82 -0
package/dist/crypto-rn-H4NIT5CT.js +70 -0
package/dist/crypto-rn-IAC27WLZ.js +74 -0
package/dist/crypto-rn-LLY6FCWE.js +82 -0
package/dist/crypto-rn-MOWVVG3L.js +78 -0
package/dist/crypto-rn-OAPLHNM5.js +73 -0
package/dist/crypto-rn-PVAG5TVH.js +80 -0
package/dist/crypto-rn-QLVBL5DI.js +75 -0
package/dist/crypto-rn-TBKXR3SR.js +68 -0
package/dist/crypto-rn-TSQJA6A3.js +81 -0
package/dist/crypto-rn-U3XEJXIM.js +77 -0
package/dist/crypto-rn-UHTZEVAR.js +74 -0
package/dist/crypto-rn-V3ZNQSFI.js +79 -0
package/dist/crypto-rn-VGNP6VZW.js +75 -0
package/dist/crypto-rn-XMYCUEGV.js +72 -0
package/dist/crypto-rn-YPOTC5RI.js +73 -0
package/dist/index.cjs +91 -114
package/dist/index.d.ts +30 -17
package/dist/index.js +90 -104
package/package.json +2 -1
package/src/crypto/NodeKeyCache.ts +18 -15
package/src/crypto/crypto.ts +72 -78
package/src/requester/Requester.ts +9 -13
package/src/utils/base64.ts +51 -2

package/dist/index.cjs CHANGED Viewed

@@ -30,6 +30,7 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
 // src/index.ts
 var src_exports = {};
 __export(src_exports, {
+  DefaultCrypto: () => DefaultCrypto,
   LightsparkAuthException: () => LightsparkAuthException_default,
   LightsparkException: () => LightsparkException_default,
   LightsparkSigningException: () => LightsparkSigningException_default,
@@ -41,19 +42,9 @@ __export(src_exports, {
   b64decode: () => b64decode,
   b64encode: () => b64encode,
   convertCurrencyAmount: () => convertCurrencyAmount,
-  decode: () => decode,
-  decrypt: () => decrypt,
-  decryptSecretWithNodePassword: () => decryptSecretWithNodePassword,
-  encrypt: () => encrypt,
-  encryptWithNodeKey: () => encryptWithNodeKey,
-  generateSigningKeyPair: () => generateSigningKeyPair,
-  getCrypto: () => getCrypto,
-  getNonce: () => getNonce,
   isBrowser: () => isBrowser,
   isNode: () => isNode,
   isType: () => isType,
-  loadNodeEncryptionKey: () => loadNodeEncryptionKey,
-  serializeSigningKey: () => serializeSigningKey,
   urlsafe_b64decode: () => urlsafe_b64decode
 });
 module.exports = __toCommonJS(src_exports);
@@ -94,14 +85,44 @@ var StubAuthProvider = class {
 };
 // src/utils/base64.ts
+var chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
+var Base64 = {
+  btoa: (input = "") => {
+    let str = input;
+    let output = "";
+    for (let block = 0, charCode, i = 0, map = chars; str.charAt(i | 0) || (map = "=", i % 1); output += map.charAt(63 & block >> 8 - i % 1 * 8)) {
+      charCode = str.charCodeAt(i += 3 / 4);
+      if (charCode > 255) {
+        throw new Error(
+          "'btoa' failed: The string to be encoded contains characters outside of the Latin1 range."
+        );
+      }
+      block = block << 8 | charCode;
+    }
+    return output;
+  },
+  atob: (input = "") => {
+    let str = input.replace(/=+$/, "");
+    let output = "";
+    if (str.length % 4 == 1) {
+      throw new Error(
+        "'atob' failed: The string to be decoded is not correctly encoded."
+      );
+    }
+    for (let bc = 0, bs = 0, buffer, i = 0; buffer = str.charAt(i++); ~buffer && (bs = bc % 4 ? bs * 64 + buffer : buffer, bc++ % 4) ? output += String.fromCharCode(255 & bs >> (-2 * bc & 6)) : 0) {
+      buffer = chars.indexOf(buffer);
+    }
+    return output;
+  }
+};
 var b64decode = (encoded) => {
-  return Uint8Array.from(atob(encoded), (c) => c.charCodeAt(0));
+  return Uint8Array.from(Base64.atob(encoded), (c) => c.charCodeAt(0));
 };
 var urlsafe_b64decode = (encoded) => {
   return b64decode(encoded.replace(/_/g, "/").replace(/-/g, "+"));
 };
 var b64encode = (data) => {
-  return btoa(
+  return Base64.btoa(
     String.fromCharCode.apply(null, Array.from(new Uint8Array(data)))
   );
 };
@@ -115,8 +136,7 @@ var LightsparkSigningException = class extends LightsparkException_default {
 var LightsparkSigningException_default = LightsparkSigningException;
 // src/crypto/crypto.ts
-var ITERATIONS = 5e5;
-function getCrypto() {
+var getCrypto = () => {
   let cryptoImplPromise;
   if (typeof crypto !== "undefined") {
     cryptoImplPromise = Promise.resolve(crypto);
@@ -126,34 +146,26 @@ function getCrypto() {
     });
   }
   return cryptoImplPromise;
-}
-var getRandomValues = async (arr) => {
-  if (typeof crypto !== "undefined") {
-    return crypto.getRandomValues(arr);
-  } else {
-    const cryptoImpl2 = await getCrypto();
-    return cryptoImpl2.getRandomValues(arr);
-  }
 };
 var getRandomValues32 = async (arr) => {
   if (typeof crypto !== "undefined") {
     return crypto.getRandomValues(arr);
   } else {
-    const cryptoImpl2 = await getCrypto();
-    return cryptoImpl2.getRandomValues(arr);
+    const cryptoImpl = await getCrypto();
+    return cryptoImpl.getRandomValues(arr);
   }
 };
 var deriveKey = async (password, salt, iterations, algorithm, bit_len) => {
   const enc = new TextEncoder();
-  const cryptoImpl2 = await getCrypto();
-  const password_key = await cryptoImpl2.subtle.importKey(
+  const cryptoImpl = await getCrypto();
+  const password_key = await cryptoImpl.subtle.importKey(
     "raw",
     enc.encode(password),
     "PBKDF2",
     false,
     ["deriveBits", "deriveKey"]
   );
-  const derived = await cryptoImpl2.subtle.deriveBits(
+  const derived = await cryptoImpl.subtle.deriveBits(
     {
       name: "PBKDF2",
       salt,
@@ -163,7 +175,7 @@ var deriveKey = async (password, salt, iterations, algorithm, bit_len) => {
     password_key,
     bit_len
   );
-  const key = await cryptoImpl2.subtle.importKey(
+  const key = await cryptoImpl.subtle.importKey(
     "raw",
     derived.slice(0, 32),
     { name: algorithm, length: 256 },
@@ -173,25 +185,6 @@ var deriveKey = async (password, salt, iterations, algorithm, bit_len) => {
   const iv = derived.slice(32);
   return [key, iv];
 };
-var encrypt = async (plaintext, password, salt) => {
-  if (!salt) {
-    salt = new Uint8Array(16);
-    getRandomValues(salt);
-  }
-  const [key, iv] = await deriveKey(password, salt, ITERATIONS, "AES-GCM", 352);
-  const cryptoImpl2 = await getCrypto();
-  const encrypted = new Uint8Array(
-    await cryptoImpl2.subtle.encrypt({ name: "AES-GCM", iv }, key, plaintext)
-  );
-  const output = new Uint8Array(salt.byteLength + encrypted.byteLength);
-  output.set(salt);
-  output.set(encrypted, salt.byteLength);
-  const header = {
-    v: 4,
-    i: ITERATIONS
-  };
-  return [JSON.stringify(header), b64encode(output)];
-};
 var decrypt = async (header_json, ciphertext, password) => {
   var decoded = b64decode(ciphertext);
   var header;
@@ -210,7 +203,7 @@ var decrypt = async (header_json, ciphertext, password) => {
       "Unknown version ".concat(header.v)
     );
   }
-  const cryptoImpl2 = await getCrypto();
+  const cryptoImpl = await getCrypto();
   const algorithm = header.v < 2 ? "AES-CBC" : "AES-GCM";
   const bit_len = header.v < 4 ? 384 : 352;
   const salt_len = header.v < 4 ? 8 : 16;
@@ -225,7 +218,7 @@ var decrypt = async (header_json, ciphertext, password) => {
       algorithm,
       256
     );
-    return await cryptoImpl2.subtle.decrypt(
+    return await cryptoImpl.subtle.decrypt(
       { name: algorithm, iv: nonce.buffer },
       key,
       cipherText
@@ -240,7 +233,7 @@ var decrypt = async (header_json, ciphertext, password) => {
       algorithm,
       bit_len
     );
-    return await cryptoImpl2.subtle.decrypt(
+    return await cryptoImpl.subtle.decrypt(
       { name: algorithm, iv },
       key,
       encrypted
@@ -256,13 +249,9 @@ async function decryptSecretWithNodePassword(cipher, encryptedSecret, nodePasswo
   }
   return decryptedValue;
 }
-function decode(arrBuff) {
-  const dec = new TextDecoder();
-  return dec.decode(arrBuff);
-}
 var generateSigningKeyPair = async () => {
-  const cryptoImpl2 = await getCrypto();
-  return await cryptoImpl2.subtle.generateKey(
+  const cryptoImpl = await getCrypto();
+  return await cryptoImpl.subtle.generateKey(
     /*algorithm:*/
     {
       name: "RSA-PSS",
@@ -277,74 +266,72 @@ var generateSigningKeyPair = async () => {
   );
 };
 var serializeSigningKey = async (key, format) => {
-  const cryptoImpl2 = await getCrypto();
-  return await cryptoImpl2.subtle.exportKey(
+  const cryptoImpl = await getCrypto();
+  return await cryptoImpl.subtle.exportKey(
     /*format*/
     format,
     /*key*/
     key
   );
 };
-var encryptWithNodeKey = async (key, data) => {
-  const enc = new TextEncoder();
-  const encoded = enc.encode(data);
-  const encrypted = await cryptoImpl.subtle.encrypt(
-    /*algorithm:*/
+var getNonce = async () => {
+  const cryptoImpl = await getCrypto();
+  const nonceSt = await getRandomValues32(new Uint32Array(1));
+  return Number(nonceSt);
+};
+var sign = async (key, data) => {
+  const cryptoImpl = await getCrypto();
+  return await cryptoImpl.subtle.sign(
     {
-      name: "RSA-OAEP"
+      name: "RSA-PSS",
+      saltLength: 32
     },
-    /*key*/
     key,
-    /*data*/
-    encoded
+    data
   );
-  return b64encode(encrypted);
 };
-var loadNodeEncryptionKey = async (rawPublicKey) => {
-  const encoded = b64decode(rawPublicKey);
-  const cryptoImpl2 = await getCrypto();
-  return await cryptoImpl2.subtle.importKey(
+var importPrivateSigningKey = async (keyData, format) => {
+  const cryptoImpl = await getCrypto();
+  return await cryptoImpl.subtle.importKey(
     /*format*/
-    "spki",
+    format,
     /*keyData*/
-    encoded,
-    /*algorithm:*/
+    keyData,
+    /*algorithm*/
     {
-      name: "RSA-OAEP",
+      name: "RSA-PSS",
       hash: "SHA-256"
     },
     /*extractable*/
     true,
     /*keyUsages*/
-    ["encrypt"]
+    ["sign"]
   );
 };
-var getNonce = async () => {
-  const nonceSt = await getRandomValues32(new Uint32Array(1));
-  return Number(nonceSt);
+var DefaultCrypto = {
+  decryptSecretWithNodePassword,
+  generateSigningKeyPair,
+  serializeSigningKey,
+  getNonce,
+  sign,
+  importPrivateSigningKey
 };
 // src/crypto/NodeKeyCache.ts
 var import_auto_bind = __toESM(require("auto-bind"), 1);
 var NodeKeyCache = class {
-  idToKey;
-  constructor() {
+  constructor(cryptoImpl = DefaultCrypto) {
+    this.cryptoImpl = cryptoImpl;
     this.idToKey = /* @__PURE__ */ new Map();
     (0, import_auto_bind.default)(this);
   }
-  async loadKey(id, rawKey) {
-    const decoded = b64decode(rawKey);
+  idToKey;
+  async loadKey(id, rawKey, format = "pkcs8") {
+    const decoded = b64decode(this.stripPemTags(rawKey));
     try {
-      const cryptoImpl2 = await getCrypto();
-      const key = await cryptoImpl2.subtle.importKey(
-        "pkcs8",
+      const key = await this.cryptoImpl.importPrivateSigningKey(
         decoded,
-        {
-          name: "RSA-PSS",
-          hash: "SHA-256"
-        },
-        true,
-        ["sign"]
+        format
       );
       this.idToKey.set(id, key);
       return key;
@@ -359,6 +346,9 @@ var NodeKeyCache = class {
   hasKey(id) {
     return this.idToKey.has(id);
   }
+  stripPemTags(pem) {
+    return pem.replace(/-----BEGIN (.*)-----/, "").replace(/-----END (.*)----/, "");
+  }
 };
 var NodeKeyCache_default = NodeKeyCache;
@@ -380,12 +370,13 @@ var LIGHTSPARK_BETA_HEADER_KEY = "X-Lightspark-Beta";
 var LIGHTSPARK_BETA_HEADER_VALUE = "z2h0BBYxTA83cjW7fi8QwWtBPCzkQKiemcuhKY08LOo";
 import_dayjs.default.extend(import_utc.default);
 var Requester = class {
-  constructor(nodeKeyCache, schemaEndpoint, sdkUserAgent, authProvider = new StubAuthProvider(), baseUrl = DEFAULT_BASE_URL) {
+  constructor(nodeKeyCache, schemaEndpoint, sdkUserAgent, authProvider = new StubAuthProvider(), baseUrl = DEFAULT_BASE_URL, cryptoImpl = DefaultCrypto) {
     this.nodeKeyCache = nodeKeyCache;
     this.schemaEndpoint = schemaEndpoint;
     this.sdkUserAgent = sdkUserAgent;
     this.authProvider = authProvider;
     this.baseUrl = baseUrl;
+    this.cryptoImpl = cryptoImpl;
     let websocketImpl;
     if (typeof WebSocket === "undefined" && typeof window === "undefined") {
       websocketImpl = import_ws.default;
@@ -511,7 +502,7 @@ var Requester = class {
     const query = queryPayload.query;
     const variables = queryPayload.variables;
     const operationName = queryPayload.operationName;
-    const nonce = await getNonce();
+    const nonce = await this.cryptoImpl.getNonce();
     const expiration = import_dayjs.default.utc().add(1, "hour").format();
     const payload = {
       query,
@@ -526,16 +517,11 @@ var Requester = class {
         "Missing node of encrypted_signing_private_key"
       );
     }
+    if (typeof TextEncoder === "undefined") {
+      const TextEncoder2 = (await import("text-encoding")).TextEncoder;
+    }
     const encodedPayload = new TextEncoder().encode(JSON.stringify(payload));
-    const cryptoImpl2 = await getCrypto();
-    const signedPayload = await cryptoImpl2.subtle.sign(
-      {
-        name: "RSA-PSS",
-        saltLength: 32
-      },
-      key,
-      encodedPayload
-    );
+    const signedPayload = await this.cryptoImpl.sign(key, encodedPayload);
     const encodedSignedPayload = b64encode(signedPayload);
     headers["X-Lightspark-Signing"] = JSON.stringify({
       v: "1",
@@ -635,6 +621,7 @@ var isType = (typename) => (node) => {
 };
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
+  DefaultCrypto,
   LightsparkAuthException,
   LightsparkException,
   LightsparkSigningException,
@@ -646,18 +633,8 @@ var isType = (typename) => (node) => {
   b64decode,
   b64encode,
   convertCurrencyAmount,
-  decode,
-  decrypt,
-  decryptSecretWithNodePassword,
-  encrypt,
-  encryptWithNodeKey,
-  generateSigningKeyPair,
-  getCrypto,
-  getNonce,
   isBrowser,
   isNode,
   isType,
-  loadNodeEncryptionKey,
-  serializeSigningKey,
   urlsafe_b64decode
 });

package/dist/index.d.ts CHANGED Viewed

@@ -27,26 +27,38 @@ declare class LightsparkSigningException extends LightsparkException {
     constructor(message: string, extraInfo?: any);
 }
-declare function getCrypto(): Promise<Crypto>;
-declare const encrypt: (plaintext: ArrayBuffer, password: string, salt?: Uint8Array) => Promise<[
-    string,
-    string
-]>;
-declare const decrypt: (header_json: string, ciphertext: string, password: string) => Promise<ArrayBuffer>;
+type CryptoInterface = {
+    decryptSecretWithNodePassword: (cipher: string, encryptedSecret: string, nodePassword: string) => Promise<ArrayBuffer | null>;
+    generateSigningKeyPair: () => Promise<{
+        publicKey: CryptoKey | string;
+        privateKey: CryptoKey | string;
+    }>;
+    serializeSigningKey: (key: CryptoKey | string, format: "pkcs8" | "spki") => Promise<ArrayBuffer>;
+    getNonce: () => Promise<number>;
+    sign: (key: CryptoKey | Uint8Array, data: Uint8Array) => Promise<ArrayBuffer>;
+    importPrivateSigningKey: (keyData: Uint8Array, format: "pkcs8" | "spki") => Promise<CryptoKey | Uint8Array>;
+};
 declare function decryptSecretWithNodePassword(cipher: string, encryptedSecret: string, nodePassword: string): Promise<ArrayBuffer | null>;
-declare function decode(arrBuff: ArrayBuffer): string;
-declare const generateSigningKeyPair: () => Promise<CryptoKeyPair>;
-declare const serializeSigningKey: (key: CryptoKey, format: "pkcs8" | "spki") => Promise<ArrayBuffer>;
-declare const encryptWithNodeKey: (key: CryptoKey, data: string) => Promise<string>;
-declare const loadNodeEncryptionKey: (rawPublicKey: string) => Promise<CryptoKey>;
-declare const getNonce: () => Promise<number>;
+declare const DefaultCrypto: {
+    decryptSecretWithNodePassword: typeof decryptSecretWithNodePassword;
+    generateSigningKeyPair: () => Promise<CryptoKeyPair | {
+        publicKey: string;
+        privateKey: string;
+    }>;
+    serializeSigningKey: (key: CryptoKey | string, format: "pkcs8" | "spki") => Promise<ArrayBuffer>;
+    getNonce: () => Promise<number>;
+    sign: (key: CryptoKey | Uint8Array, data: Uint8Array) => Promise<ArrayBuffer>;
+    importPrivateSigningKey: (keyData: Uint8Array, format: "pkcs8" | "spki") => Promise<CryptoKey | Uint8Array>;
+};
 declare class NodeKeyCache {
+    private readonly cryptoImpl;
     private idToKey;
-    constructor();
-    loadKey(id: string, rawKey: string): Promise<CryptoKey | null>;
-    getKey(id: string): CryptoKey | undefined;
+    constructor(cryptoImpl?: CryptoInterface);
+    loadKey(id: string, rawKey: string, format?: "pkcs8" | "spki"): Promise<CryptoKey | Uint8Array | null>;
+    getKey(id: string): CryptoKey | Uint8Array | undefined;
     hasKey(id: string): boolean;
+    private stripPemTags;
 }
 type Query<T> = {
@@ -68,8 +80,9 @@ declare class Requester {
     private readonly sdkUserAgent;
     private readonly authProvider;
     private readonly baseUrl;
+    private readonly cryptoImpl;
     private readonly wsClient;
-    constructor(nodeKeyCache: NodeKeyCache, schemaEndpoint: string, sdkUserAgent: string, authProvider?: AuthProvider, baseUrl?: string);
+    constructor(nodeKeyCache: NodeKeyCache, schemaEndpoint: string, sdkUserAgent: string, authProvider?: AuthProvider, baseUrl?: string, cryptoImpl?: CryptoInterface);
     executeQuery<T>(query: Query<T>): Promise<T | null>;
     subscribe(queryPayload: string, variables?: {
         [key: string]: any;
@@ -150,4 +163,4 @@ declare const isType: <T extends string>(typename: T) => <N extends {
     __typename: T;
 }>;
-export { AuthProvider, ById, ExpandRecursively, LightsparkAuthException, LightsparkException, LightsparkSigningException, Maybe, NodeKeyCache, OmitTypename, Query, Requester, ServerEnvironment, StubAuthProvider, apiDomainForEnvironment, b64decode, b64encode, convertCurrencyAmount, decode, decrypt, decryptSecretWithNodePassword, encrypt, encryptWithNodeKey, generateSigningKeyPair, getCrypto, getNonce, isBrowser, isNode, isType, loadNodeEncryptionKey, serializeSigningKey, urlsafe_b64decode };
+export { AuthProvider, ById, CryptoInterface, DefaultCrypto, ExpandRecursively, LightsparkAuthException, LightsparkException, LightsparkSigningException, Maybe, NodeKeyCache, OmitTypename, Query, Requester, ServerEnvironment, StubAuthProvider, apiDomainForEnvironment, b64decode, b64encode, convertCurrencyAmount, isBrowser, isNode, isType, urlsafe_b64decode };