npm - @nuggetslife/vc - Versions diffs - 0.0.7 → 0.0.8 - Mend

@nuggetslife/vc 0.0.7 → 0.0.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/Cargo.toml CHANGED Viewed

@@ -10,6 +10,7 @@ crate-type = ["cdylib"]
 # Default enable napi4 feature, see https://nodejs.org/api/n-api.html#node-api-version-matrix
 base64 = "0.22.1"
 bs58 = "0.5.1"
+hex = "0.4.3"
 # Default enable napi4 feature, see https://nodejs.org/api/n-api.html#node-api-version-matrix
 napi = { version = "2.12.2", default-features = false, features = ["napi4", "tokio_rt"] }
 napi-derive = "2.12.2"

package/index.d.ts CHANGED Viewed

@@ -15,6 +15,14 @@ export interface JwkKeyPairOptions {
   privateKeyJwk?: JsonWebKey
   publicKeyJwk?: JsonWebKey
 }
+export interface FingerPrintFromPublicKeyOptions {
+  publicKeyBase58: string
+}
+export interface KeyPairFromFingerPrintOptions {
+  id?: string
+  controller?: string
+  fingerprint: string
+}
 export interface JsonWebKey {
   /**
    * Indicates the key type used
@@ -96,10 +104,16 @@ export class Bls12381G2KeyPair {
   static generate(options?: GenerateKeyPairOptions | undefined | null): Promise<Bls12381G2KeyPair>
   static from(options: KeyPairOptions): Promise<Bls12381G2KeyPair>
   static fromJwk(options: JwkKeyPairOptions): Promise<Bls12381G2KeyPair>
+  static fromFingerprint(options: KeyPairFromFingerPrintOptions): Promise<Bls12381G2KeyPair>
   get publicKey(): string | null
+  publicKeyJwk(): JsonWebKey
   get privateKey(): string | null
+  privateKeyJwk(): JsonWebKey
   signer(): KeyPairSigner
   verifier(): KeyPairVerifier
+  fingerprint(): string
+  static fingerprintFromPublicKey(options: FingerPrintFromPublicKeyOptions): string
+  verifyFingerprint(fingerprint: string): void
 }
 export class KeyPairSigner {
   sign(options: KeyPairSignerOptions): Promise<Uint8Array>

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@nuggetslife/vc",
-  "version": "0.0.7",
+  "version": "0.0.8",
   "main": "index.js",
   "types": "index.d.ts",
   "napi": {
@@ -38,6 +38,6 @@
   },
   "packageManager": "yarn@4.3.1",
   "optionalDependencies": {
-    "@nuggetslife/vc-darwin-arm64": "0.0.7"
+    "@nuggetslife/vc-darwin-arm64": "0.0.8"
   }
 }

package/src/lib.rs CHANGED Viewed

@@ -3,12 +3,19 @@
 #[macro_use]
 extern crate napi_derive;
-use base64::{engine::general_purpose::URL_SAFE, Engine as _};
+use base64::{
+  engine::general_purpose::URL_SAFE, engine::general_purpose::URL_SAFE_NO_PAD, Engine as _,
+};
 use napi::bindgen_prelude::*;
-use types::{Bls12381G2KeyPair, GenerateKeyPairOptions, JwkKeyPairOptions, KeyPairOptions};
+use types::{
+  Bls12381G2KeyPair, BlsCurveName, FingerPrintFromPublicKeyOptions, GenerateKeyPairOptions,
+  JsonWebKey, JwkKeyPairOptions, JwkKty, KeyPairFromFingerPrintOptions, KeyPairOptions,
+};
 use validators::{assert_bls_12381_g2_private_jwk, assert_bls_12381_g2_public_jwk};
 use vc::bbs_signatures::bls12381::{
   bls_generate_g2_key, bls_sign, bls_verify, BlsBbsSignRequest, BlsBbsVerifyRequest, BlsKeyPair,
+  BLS12381G2_MULTICODEC_IDENTIFIER, DEFAULT_BLS12381_G2_PUBLIC_KEY_LENGTH,
+  MULTIBASE_ENCODED_BASE58_IDENTIFIER, VARIABLE_INTEGER_TRAILING_BYTE,
 };
 pub mod types;
@@ -151,6 +158,84 @@ impl Bls12381G2KeyPair {
     }
   }
+  #[napi(factory)]
+  pub async fn from_fingerprint(
+    options: KeyPairFromFingerPrintOptions,
+  ) -> Result<Bls12381G2KeyPair> {
+    let KeyPairFromFingerPrintOptions {
+      id,
+      controller,
+      fingerprint,
+    } = options;
+    let mut chars = fingerprint.chars();
+    let head = chars
+      .next()
+      .ok_or(napi::Error::from_reason("fingerprint string is empty"))?
+      .to_string();
+    if head != MULTIBASE_ENCODED_BASE58_IDENTIFIER {
+      return Err(napi::Error::from_reason(
+      format!("Unsupported fingerprint type: expected first character to be `z` indicating base58 encoding, received {head}")
+    ));
+    };
+    let rest = chars.collect::<String>();
+    let buffer = bs58::decode(rest).into_vec().map_err(|err| {
+      napi::Error::from_reason(format!(
+        "failed to decode bs58 fingerprint to bytes. error: {err}"
+      ))
+    })?;
+    if buffer.len() != BLS12381G2_MULTICODEC_IDENTIFIER as usize {
+      return Err(napi::Error::from_reason(
+      format!("Unsupported public key length: expected `${DEFAULT_BLS12381_G2_PUBLIC_KEY_LENGTH}` received {}", buffer.len())
+    ));
+    }
+    if buffer[0] != DEFAULT_BLS12381_G2_PUBLIC_KEY_LENGTH {
+      return Err(napi::Error::from_reason(
+      format!("Unsupported public key identifier: expected second character to be {BLS12381G2_MULTICODEC_IDENTIFIER} indicating BLS12381G2 key pair, received  {}", buffer[0])
+    ));
+    }
+    if buffer[1] != VARIABLE_INTEGER_TRAILING_BYTE {
+      return Err(napi::Error::from_reason(
+      format!("Missing variable integer trailing byte: expected third character to be {BLS12381G2_MULTICODEC_IDENTIFIER} indicating BLS12381G2 key pair, received  {}", buffer[1])
+    ));
+    }
+    let pubkey_base58 = bs58::encode(buffer).into_string();
+    let opts = FingerPrintFromPublicKeyOptions {
+      public_key_base58: pubkey_base58.clone(),
+    };
+    let fingerprint = Bls12381G2KeyPair::fingerprint_from_public_key(opts).map_err(|err| {
+      napi::Error::from_reason(format!("fingerprint_from_public_key failed. error: {err}"))
+    })?;
+    let mapped_controller = match controller {
+      Some(v) => v,
+      None => {
+        format!("did:key:{fingerprint}",)
+      }
+    };
+    let mapped_id = match id {
+      Some(v) => v,
+      None => {
+        format!("#{fingerprint}",)
+      }
+    };
+    let kp = Bls12381G2KeyPair::new(Some(KeyPairOptions {
+      id: Some(mapped_id),
+      controller: Some(mapped_controller),
+      public_key_base58: Some(pubkey_base58),
+      private_key_base58: None,
+    }))
+    .await;
+    Ok(kp)
+  }
   #[napi(getter)]
   pub fn public_key(&self) -> Option<String> {
     self
@@ -159,6 +244,26 @@ impl Bls12381G2KeyPair {
       .map(|b| bs58::encode(b).into_string())
   }
+  #[napi]
+  pub fn public_key_jwk(&self) -> Result<JsonWebKey> {
+    let Some(ref public_key_buffer) = self.public_key_buffer else {
+      return Err(napi::Error::from_reason("no public_key_buffer"));
+    };
+    Ok(JsonWebKey {
+      kid: self.id.to_owned(),
+      kty: JwkKty::EC.into(),
+      crv: BlsCurveName::G2.into(),
+      x: URL_SAFE_NO_PAD.encode(public_key_buffer),
+      use_: None,
+      key_ops: None,
+      alg: None,
+      d: None,
+      y: None,
+      ext: None,
+    })
+  }
   #[napi(getter)]
   pub fn private_key(&self) -> Option<String> {
     self
@@ -167,14 +272,115 @@ impl Bls12381G2KeyPair {
       .map(|b| bs58::encode(b).into_string())
   }
+  #[napi]
+  pub fn private_key_jwk(&self) -> Result<JsonWebKey> {
+    let Some(ref public_key_buffer) = self.public_key_buffer else {
+      return Err(napi::Error::from_reason("no public_key_buffer"));
+    };
+    let Some(ref private_key_buffer) = self.private_key_buffer else {
+      return Err(napi::Error::from_reason("no private_key_buffer"));
+    };
+    Ok(JsonWebKey {
+      kid: self.id.to_owned(),
+      kty: JwkKty::EC.into(),
+      crv: BlsCurveName::G2.into(),
+      x: URL_SAFE_NO_PAD.encode(public_key_buffer),
+      d: Some(URL_SAFE_NO_PAD.encode(private_key_buffer)),
+      use_: None,
+      key_ops: None,
+      alg: None,
+      y: None,
+      ext: None,
+    })
+  }
   #[napi]
   pub fn signer(&self) -> KeyPairSigner {
     KeyPairSigner { key: self.clone() }
   }
   #[napi]
   pub fn verifier(&self) -> KeyPairVerifier {
     KeyPairVerifier { key: self.clone() }
   }
+  #[napi]
+  pub fn fingerprint(&self) -> Result<String> {
+    let Some(public_key_base58) = self.public_key() else {
+      return Err(napi::Error::from_reason("no public key"));
+    };
+    Bls12381G2KeyPair::fingerprint_from_public_key(FingerPrintFromPublicKeyOptions {
+      public_key_base58,
+    })
+  }
+  #[napi]
+  pub fn fingerprint_from_public_key(options: FingerPrintFromPublicKeyOptions) -> Result<String> {
+    let FingerPrintFromPublicKeyOptions { public_key_base58 } = options;
+    let mut key_bytes = bs58::decode(public_key_base58).into_vec().map_err(|err| {
+      napi::Error::from_reason(format!(
+        "failed to decode public_key_base58 value. error: {err}"
+      ))
+    })?;
+    let mut buffer = vec![
+      BLS12381G2_MULTICODEC_IDENTIFIER,
+      VARIABLE_INTEGER_TRAILING_BYTE,
+    ];
+    buffer.append(&mut key_bytes);
+    Ok(format!(
+      "{}{}",
+      MULTIBASE_ENCODED_BASE58_IDENTIFIER,
+      bs58::encode(buffer).into_string()
+    ))
+  }
+  #[napi]
+  pub fn verify_fingerprint(&self, fingerprint: String) -> Result<()> {
+    // fingerprint should have `z` prefix indicating
+    // that it's multi-base encoded
+    let mut chars = fingerprint.chars();
+    let head = chars
+      .next()
+      .ok_or(napi::Error::from_reason("fingerprint string is empty"))?
+      .to_string();
+    let rest = chars.collect::<String>();
+    if head != MULTIBASE_ENCODED_BASE58_IDENTIFIER {
+      return Err(napi::Error::from_reason(
+        "`fingerprint` must be a multibase encoded string.",
+      ));
+    };
+    let fingerprint_buffer = bs58::decode(rest).into_vec().map_err(|err| {
+      napi::Error::from_reason(format!("failed to decode bs58 value: error: {err}"))
+    })?;
+    let public_key_buffer = self
+      .public_key_buffer
+      .clone()
+      .ok_or(napi::Error::from_reason("public key buffer is missing"))?;
+    let leader = hex::encode(&fingerprint_buffer[..2]);
+    let leader_match = if leader == "eb01" { true } else { false };
+    let bytes_match = if &public_key_buffer == &fingerprint_buffer[2..] {
+      true
+    } else {
+      false
+    };
+    if leader_match && bytes_match {
+      Ok(())
+    } else {
+      Err(napi::Error::from_reason(
+        "The fingerprint does not match the public key",
+      ))
+    }
+  }
 }
 pub fn convert_base64_url_to_base58(value: String) -> Result<String> {

package/src/types.rs CHANGED Viewed

@@ -27,6 +27,18 @@ pub struct JwkKeyPairOptions {
   pub public_key_jwk: Option<JsonWebKey>,
 }
+#[napi(object)]
+pub struct FingerPrintFromPublicKeyOptions {
+  pub public_key_base58: String,
+}
+#[napi(object)]
+pub struct KeyPairFromFingerPrintOptions {
+  pub id: Option<String>,
+  pub controller: Option<String>,
+  pub fingerprint: String,
+}
 #[napi(object)]
 pub struct JsonWebKey {
   /////
@@ -130,6 +142,17 @@ impl TryFrom<&str> for BlsCurveName {
   }
 }
+impl Into<String> for BlsCurveName {
+  fn into(self) -> String {
+    match self {
+      BlsCurveName::DeprecatedG1 => String::from("BLS12381_G1"),
+      BlsCurveName::DeprecatedG2 => String::from("BLS12381_G2"),
+      BlsCurveName::G1 => String::from("Bls12381G1"),
+      BlsCurveName::G2 => String::from("Bls12381G2"),
+    }
+  }
+}
 #[derive(PartialEq)]
 pub enum JwkKty {
   OctetKeyPair,
@@ -152,3 +175,13 @@ impl TryFrom<&str> for JwkKty {
     }
   }
 }
+impl Into<String> for JwkKty {
+  fn into(self) -> String {
+    match self {
+      JwkKty::OctetKeyPair => String::from("OKP"),
+      JwkKty::EC => String::from("EC"),
+      JwkKty::RSA => String::from("RSA"),
+    }
+  }
+}