npm - @msssystems/mss-link-sdk - Versions diffs - 0.1.9 → 0.1.11 - Mend

@msssystems/mss-link-sdk 0.1.9 → 0.1.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/dist/client/drive-key-wrapping.contracts.d.ts +55 -0
package/dist/client/drive-key-wrapping.contracts.js +1 -0
package/dist/client/drive-key-wrapping.d.ts +2 -0
package/dist/client/drive-key-wrapping.js +112 -0
package/dist/client/drive-sharing.js +1 -1
package/dist/client/index.d.ts +2 -0
package/dist/client/index.js +2 -0
package/dist/client/mss-link-browser-client.d.ts +2 -0
package/dist/client/mss-link-browser-client.js +4 -0
package/package.json +1 -1

package/dist/client/drive-key-wrapping.contracts.d.ts ADDED Viewed

@@ -0,0 +1,55 @@
+import type { DriveItemType, DriveWrappedItemKey } from './drive-sharing.contracts';
+export type DriveRecipientPublicKeyAlgorithm = 'X25519';
+export type DriveWrappedItemKeyAlgorithm = 'MSS-DRIVE-PUBLIC-KEY-WRAPPED-ITEM-KEY-v1';
+export interface DriveRecipientPublicKey {
+    algorithm: DriveRecipientPublicKeyAlgorithm;
+    keyId: string;
+    publicKeyBase64: string;
+}
+export interface DriveRecipientKeyTarget {
+    accountId?: string;
+    userId?: string;
+    username?: string;
+    publicKey: DriveRecipientPublicKey;
+}
+export interface DriveItemContentKeyEnvelope {
+    algorithm?: 'AES-256-GCM' | string | null;
+    keyId?: string | null;
+    nonce?: string | null;
+    wrappedKey: string;
+}
+export interface DrivePublicKeyWrappingInput {
+    additionalData: string;
+    payload: DriveWrappedItemKeyPayload;
+    recipient: DriveRecipientKeyTarget;
+}
+export interface DrivePublicKeyWrappingOutput {
+    encryptedItemKey: string;
+    keyAlgorithm?: DriveWrappedItemKeyAlgorithm | string;
+    keyNonce?: string;
+    keyRecipientId?: string;
+}
+export interface DrivePublicKeyWrappingAdapter {
+    wrapDriveItemKey(input: DrivePublicKeyWrappingInput): Promise<DrivePublicKeyWrappingOutput>;
+}
+export interface CreateDriveWrappedItemKeyForRecipientInput {
+    itemId: string;
+    itemType: DriveItemType;
+    contentKey: DriveItemContentKeyEnvelope;
+    recipient: DriveRecipientKeyTarget;
+    wrappingAdapter: DrivePublicKeyWrappingAdapter;
+}
+export interface DriveWrappedItemKeyPayload {
+    contentAlgorithm: string;
+    contentKey: string;
+    contentKeyId?: string;
+    contentNonce?: string;
+    createdAt: string;
+    itemId: string;
+    itemType: DriveItemType;
+    schema: 'mss.link.drive.item-key.v1';
+}
+export interface DriveWrappedItemKeyForRecipientResult {
+    payload: DriveWrappedItemKeyPayload;
+    wrappedItemKey: DriveWrappedItemKey;
+}

package/dist/client/drive-key-wrapping.contracts.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/client/drive-key-wrapping.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import type { CreateDriveWrappedItemKeyForRecipientInput, DriveWrappedItemKeyForRecipientResult } from './drive-key-wrapping.contracts';
2	+ export declare function createDriveWrappedItemKeyForRecipient(input: CreateDriveWrappedItemKeyForRecipientInput): Promise<DriveWrappedItemKeyForRecipientResult>;

package/dist/client/drive-key-wrapping.js ADDED Viewed

@@ -0,0 +1,112 @@
+const CONTENT_KEY_SCHEMA = 'mss.link.drive.item-key.v1';
+const WRAPPED_ITEM_KEY_ALGORITHM = 'MSS-DRIVE-PUBLIC-KEY-WRAPPED-ITEM-KEY-v1';
+export async function createDriveWrappedItemKeyForRecipient(input) {
+    const itemId = normalizeRequiredText(input.itemId, 'Drive item id is required for key wrapping.');
+    const itemType = input.itemType;
+    const recipient = normalizeRecipient(input.recipient);
+    const contentKey = normalizeContentKey(input.contentKey);
+    const wrappingAdapter = normalizeWrappingAdapter(input.wrappingAdapter);
+    const payload = buildWrappedItemKeyPayload({
+        contentKey,
+        itemId,
+        itemType,
+    });
+    const additionalData = buildWrappingAdditionalData({
+        itemId,
+        itemType,
+        recipientPublicKeyId: recipient.publicKey.keyId,
+    });
+    const wrapped = await wrappingAdapter.wrapDriveItemKey({
+        additionalData,
+        payload,
+        recipient,
+    });
+    return {
+        payload,
+        wrappedItemKey: normalizeWrappedItemKeyOutput({
+            output: wrapped,
+            recipientPublicKeyId: recipient.publicKey.keyId,
+        }),
+    };
+}
+function buildWrappedItemKeyPayload({ contentKey, itemId, itemType, }) {
+    return {
+        schema: CONTENT_KEY_SCHEMA,
+        itemId,
+        itemType,
+        contentAlgorithm: contentKey.algorithm,
+        contentKey: contentKey.wrappedKey,
+        createdAt: new Date().toISOString(),
+        ...(contentKey.keyId ? { contentKeyId: contentKey.keyId } : {}),
+        ...(contentKey.nonce ? { contentNonce: contentKey.nonce } : {}),
+    };
+}
+function normalizeRecipient(recipient) {
+    const accountId = normalizeOptionalText(recipient.accountId) ?? '';
+    const userId = normalizeOptionalText(recipient.userId) ?? '';
+    const username = normalizeOptionalText(recipient.username)?.replace(/^@/, '') ?? '';
+    const publicKey = normalizeRecipientPublicKey(recipient.publicKey);
+    if (!accountId && !userId && !username) {
+        throw new Error('Drive share recipient must include accountId, userId or username.');
+    }
+    return {
+        accountId,
+        userId,
+        username,
+        publicKey,
+    };
+}
+function normalizeRecipientPublicKey(key) {
+    if (key.algorithm !== 'X25519') {
+        throw new Error(`Unsupported Drive recipient public key algorithm: ${key.algorithm}`);
+    }
+    return {
+        algorithm: key.algorithm,
+        keyId: normalizeRequiredText(key.keyId, 'Drive recipient public key id is required.'),
+        publicKeyBase64: normalizeRequiredText(key.publicKeyBase64, 'Drive recipient public key material is required.'),
+    };
+}
+function normalizeContentKey(contentKey) {
+    const algorithm = contentKey.algorithm?.trim() || 'AES-256-GCM';
+    if (algorithm !== 'AES-256-GCM') {
+        throw new Error(`Unsupported Drive item content key algorithm: ${algorithm}`);
+    }
+    return {
+        algorithm,
+        keyId: normalizeOptionalText(contentKey.keyId) ?? '',
+        nonce: normalizeOptionalText(contentKey.nonce) ?? '',
+        wrappedKey: normalizeRequiredText(contentKey.wrappedKey, 'Drive item content key is required.'),
+    };
+}
+function normalizeWrappingAdapter(adapter) {
+    if (!adapter || typeof adapter.wrapDriveItemKey !== 'function') {
+        throw new Error('Drive public-key wrapping adapter is not configured.');
+    }
+    return adapter;
+}
+function normalizeWrappedItemKeyOutput({ output, recipientPublicKeyId, }) {
+    const encryptedItemKey = normalizeRequiredText(output.encryptedItemKey, 'Drive public-key wrapping adapter returned empty encrypted item key.');
+    const keyAlgorithm = normalizeOptionalText(output.keyAlgorithm) ?? WRAPPED_ITEM_KEY_ALGORITHM;
+    const keyNonce = normalizeOptionalText(output.keyNonce);
+    const keyRecipientId = normalizeOptionalText(output.keyRecipientId) ?? recipientPublicKeyId;
+    return {
+        encryptedItemKey,
+        keyAlgorithm,
+        ...(keyNonce ? { keyNonce } : {}),
+        keyRecipientId,
+    };
+}
+function buildWrappingAdditionalData({ itemId, itemType, recipientPublicKeyId, }) {
+    return `${CONTENT_KEY_SCHEMA}:${itemType}:${itemId}:${recipientPublicKeyId}`;
+}
+function normalizeRequiredText(value, message) {
+    const normalized = normalizeOptionalText(value);
+    if (!normalized) {
+        throw new Error(message);
+    }
+    return normalized;
+}
+function normalizeOptionalText(value) {
+    const normalized = value?.trim();
+    return normalized ? normalized : undefined;
+}

package/dist/client/drive-sharing.js CHANGED Viewed

@@ -1,4 +1,4 @@
-const DEFAULT_KEY_ALGORITHM = 'X25519-AES-256-GCM';
+const DEFAULT_KEY_ALGORITHM = 'MSS-DRIVE-PUBLIC-KEY-WRAPPED-ITEM-KEY-v1';
 export function createDriveShareGrantPayload(input) {
     return {
         ...normalizeWrappedItemKey(input.wrappedItemKey),

package/dist/client/index.d.ts CHANGED Viewed

@@ -3,6 +3,8 @@ export * from './client-options';
 export * from './decryption-errors';
 export * from './drive-file-runtime';
 export * from './drive-file-runtime.contracts';
+export * from './drive-key-wrapping';
+export * from './drive-key-wrapping.contracts';
 export * from './drive-sharing';
 export * from './drive-sharing.contracts';
 export * from './local-crypto-health';

package/dist/client/index.js CHANGED Viewed

@@ -3,6 +3,8 @@ export * from './client-options';
 export * from './decryption-errors';
 export * from './drive-file-runtime';
 export * from './drive-file-runtime.contracts';
+export * from './drive-key-wrapping';
+export * from './drive-key-wrapping.contracts';
 export * from './drive-sharing';
 export * from './drive-sharing.contracts';
 export * from './local-crypto-health';

package/dist/client/mss-link-browser-client.d.ts CHANGED Viewed

@@ -4,6 +4,7 @@ import type { DecryptMediaBlobInput, DecryptedMediaBlobResult, EncryptedMediaBlo
 import type { SendMediaMessageParams } from './media-message.contracts';
 import type { DecryptedMessage } from './message.contracts';
 import type { DecryptDriveFileMetadataInput, DecryptDriveFolderMetadataInput, DecryptedDriveFileMetadata, DecryptedDriveFolderMetadata, EncryptedDriveFileMetadata, EncryptedDriveFolderMetadata, EncryptDriveFileMetadataInput, EncryptDriveFolderMetadataInput } from './storage-metadata-crypto.contracts';
+import type { CreateDriveWrappedItemKeyForRecipientInput, DriveWrappedItemKeyForRecipientResult } from './drive-key-wrapping.contracts';
 export declare class MssLinkBrowserClient {
     private readonly userId;
     private readonly apiBaseUrl;
@@ -34,6 +35,7 @@ export declare class MssLinkBrowserClient {
     decryptDriveFolderMetadata(input: DecryptDriveFolderMetadataInput): Promise<DecryptedDriveFolderMetadata>;
     encryptDriveFileMetadata(input: EncryptDriveFileMetadataInput): Promise<EncryptedDriveFileMetadata>;
     decryptDriveFileMetadata(input: DecryptDriveFileMetadataInput): Promise<DecryptedDriveFileMetadata>;
+    createDriveWrappedItemKeyForRecipient(input: CreateDriveWrappedItemKeyForRecipientInput): Promise<DriveWrappedItemKeyForRecipientResult>;
     syncMessages(): Promise<void>;
     getLocalMessages(chatId: string): Promise<DecryptedMessage[]>;
     reset(): void;

package/dist/client/mss-link-browser-client.js CHANGED Viewed

@@ -4,6 +4,7 @@ import { checkLocalCryptoHealth } from './local-crypto-health';
 import { buildMediaMessageMetadataPayload, extractMediaAssetIds, serializeMediaMessageMetadata, } from './media-message-metadata';
 import { mapLocalSdkMessage } from './message.mapper';
 import { buildDecryptedDriveFileMetadata, buildDecryptedDriveFolderMetadata, buildEncryptedDriveFileMetadata, buildEncryptedDriveFolderMetadata, normalizeDriveFileMetadataInput, normalizeDriveFolderMetadataInput, normalizeEncryptedDriveFileMetadataInput, normalizeEncryptedDriveFolderMetadataInput, } from './storage-metadata-crypto';
+import { createDriveWrappedItemKeyForRecipient } from './drive-key-wrapping';
 import { WasmCallQueue } from './wasm-call-queue';
 const DEFAULT_DEVICE_ID = 1;
 const DEFAULT_REGISTRATION_ID = 1;
@@ -209,6 +210,9 @@ export class MssLinkBrowserClient {
             throw normalizeLocalCryptoError(error);
         }
     }
+    createDriveWrappedItemKeyForRecipient(input) {
+        return createDriveWrappedItemKeyForRecipient(input);
+    }
     async syncMessages() {
         try {
             await this.runWithClient((client) => client.syncMessages());

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@msssystems/mss-link-sdk",
-  "version": "0.1.9",
+  "version": "0.1.11",
   "description": "Official managed application SDK for MSS ecosystem",
   "type": "module",
   "main": "./dist/index.js",