@owlmeans/basic-keys 0.1.0

package/src/model.ts

@@ -0,0 +1,113 @@
+import type { KeyPairModel, KeyPairModelMaker } from './types.js'
+import { plugins } from './plugins/index.js'
+import { base64urlnopad, utf8 } from '@scure/base'
+import { assertType, prepareData, prepareKey } from './utils.js'
+import { inputToKeyPair } from './keypair.js'
+
+export const makeKeyPairModel: KeyPairModelMaker = input => {
+  const keyPair = inputToKeyPair(input)
+
+  const _model: KeyPairModel = {
+    keyPair,
+
+    sign: async (data) => {
+      data = prepareData(data)
+      assertType(_model.keyPair?.type)
+
+      if (_model.keyPair == null) {
+        throw new Error('basic.keys:missing-keypair')
+      }
+
+      if (_model.keyPair.privateKey == null) {
+        throw new Error('basic.keys:missing-pk')
+      }
+
+      return base64urlnopad.encode(
+        plugins[_model.keyPair.type].sign(
+          data as Uint8Array,
+          prepareKey(_model.keyPair.privateKey)
+        )
+      )
+    },
+    
+    verify: async (data, signature) => {
+      data = prepareData(data)
+      assertType(_model.keyPair?.type)
+      const sig = base64urlnopad.decode(signature)
+
+      if (_model.keyPair == null) {
+        throw new Error('basic.keys:missing-keypair')
+      }
+
+      return plugins[_model.keyPair.type].verify(
+        data as Uint8Array,
+        sig,
+        prepareKey(_model.keyPair.publicKey)
+      )
+    },
+
+    export: () => {
+      assertType(_model.keyPair?.type)
+
+      if (_model.keyPair == null) {
+        throw new Error('basic.keys:missing-keypair')
+      }
+
+      return `${_model.keyPair.type}:${_model.keyPair.privateKey}`
+    },
+
+    exportPublic: () => {
+      assertType(_model.keyPair?.type)
+
+      if (_model.keyPair == null) {
+        throw new Error('basic.keys:missing-keypair')
+      }
+
+      return `${_model.keyPair.type}:${_model.keyPair.publicKey}`  
+    },
+
+    exportAddress: () => {
+      assertType(_model.keyPair?.type)
+
+      if (_model.keyPair == null) {
+        throw new Error('basic.keys:missing-keypair')
+      }
+
+      return `${_model.keyPair.type}:${_model.keyPair.address}`
+    },
+
+    encrypt: async data => {
+      data = prepareData(data)
+      assertType(_model.keyPair?.type)
+
+      if (_model.keyPair == null) {
+        throw new Error('basic.keys:missing-keypair')
+      }
+
+      return base64urlnopad.encode(
+        plugins[_model.keyPair.type].encrypt(
+          data as Uint8Array,
+          prepareKey(_model.keyPair.publicKey)
+        )
+      )
+    },
+
+    decrypt: async data => utf8.encode(await _model.dcrpt(data)),
+
+    dcrpt: async data => {
+      data = data instanceof Uint8Array ? data : base64urlnopad.decode(data as string)
+      assertType(_model.keyPair?.type)
+
+      if (_model.keyPair == null) {
+        throw new Error('basic.keys:missing-keypair')
+      }
+
+      return plugins[_model.keyPair.type].decrypt(
+        data as Uint8Array,
+        prepareKey(_model.keyPair.privateKey)
+      )
+    }
+  }
+
+  return _model
+}

package/src/plugins/ed25519.ts

@@ -0,0 +1,23 @@
+import { KeyType } from '../consts.js'
+import type { KeyPlugin } from './types.js'
+import { ed25519 } from '@noble/curves/ed25519'
+import { base58 } from '@scure/base'
+import { keccak_256 } from '@noble/hashes/sha3'
+
+export const ed25519Plugin: KeyPlugin = {
+  type: KeyType.ED25519,
+
+  random: () => ed25519.utils.randomPrivateKey(),
+
+  sign: (data, pk) => ed25519.sign(data, pk),
+
+  verify: (data, signature, pub) => ed25519.verify(signature, data, pub),
+
+  toPublic: pk => ed25519.getPublicKey(pk),
+
+  toAdress: pub => base58.encode(keccak_256(pub.slice(4)).slice(-20)),
+
+  encrypt: () => { throw new Error(`${ed25519Plugin.type}:encryption-support`) },
+
+  decrypt: () => { throw new Error(`${ed25519Plugin.type}:encryption-support`) }
+}

package/src/plugins/export.ts

@@ -0,0 +1,5 @@
+
+export type * from './types.js'
+export * from './ed25519.js'
+export * from './xchacha.js'
+export * from './index.js'

package/src/plugins/index.ts

@@ -0,0 +1,8 @@
+import type { KeyPlugin } from './types.js'
+import { ed25519Plugin } from './ed25519.js'
+import { xChahaPlugin } from './xchacha.js'
+
+export const plugins: Record<string, KeyPlugin> = {}
+
+plugins[ed25519Plugin.type] = ed25519Plugin
+plugins[xChahaPlugin.type] = xChahaPlugin

package/src/plugins/types.ts

@@ -0,0 +1,13 @@
+
+export interface KeyPlugin {
+  type: string
+  random: () => Uint8Array
+  fromSeed?: (seed: Uint8Array) => Uint8Array
+  derive?: (pk: Uint8Array, path: string) => Uint8Array
+  sign: (data: Uint8Array, pk: Uint8Array) => Uint8Array
+  verify: (data: Uint8Array, signature: Uint8Array, pub: Uint8Array) => boolean
+  toPublic: (pk: Uint8Array) => Uint8Array
+  toAdress: (pub: Uint8Array) => string
+  encrypt: (data: Uint8Array, pk: Uint8Array) => Uint8Array
+  decrypt: (data: Uint8Array, pk: Uint8Array) => Uint8Array
+}

package/src/plugins/xchacha.ts

@@ -0,0 +1,23 @@
+import { KeyType } from '../consts.js'
+import type { KeyPlugin } from './types.js'
+import { xchacha20poly1305 } from '@noble/ciphers/chacha'
+import { randomBytes, managedNonce } from '@noble/ciphers/webcrypto'
+
+
+export const xChahaPlugin: KeyPlugin = {
+  type: KeyType.XCHACHA,
+
+  random: () => randomBytes(32),
+
+  sign: () => { throw new Error(`${xChahaPlugin.type}:signing`) },
+
+  verify: () => { throw new Error(`${xChahaPlugin.type}:verification`) },
+
+  toPublic: pk => pk,
+
+  toAdress: () => 'no-address',
+
+  encrypt: (data, pk) => managedNonce(xchacha20poly1305)(pk).encrypt(data),
+
+  decrypt: (data, pk) => managedNonce(xchacha20poly1305)(pk).decrypt(data),
+}

package/src/types.ts

@@ -0,0 +1,41 @@
+import type { AuthCredentials } from '@owlmeans/auth'
+
+export interface KeyPair {
+  privateKey: string
+  publicKey: string
+  address: string
+  type: string
+}
+
+export interface KeyPairModel {
+  keyPair?: KeyPair
+  sign: (data: unknown) => Promise<string>
+  verify: (data: unknown, signature: string) => Promise<boolean>
+  export: () => string
+  exportPublic: () => string
+  exportAddress: () => string
+  encrypt: (data: unknown) => Promise<string>
+  decrypt: (data: unknown) => Promise<string>
+  dcrpt: (data: unknown) => Promise<Uint8Array>
+}
+
+export interface KeyPairModelMaker {
+  (input?: KeyPair | string): KeyPairModel
+}
+
+export interface PayloadSigner {
+  <T extends {}>(payload: T): Promise<string>
+}
+
+export interface PayloadVerifier {
+  <T extends {}>(payload: T, signature: string): Promise<boolean>
+}
+
+export interface UnpackedAuthCredentials<T extends {} | undefined = undefined> {
+  unsigned: AuthCredentials | Omit<AuthCredentials, 'credential'>
+  signature: string
+  isValid?: boolean
+  extras: T
+}
+
+export type UnsignedAuthCredentials = AuthCredentials | Omit<AuthCredentials, "credential">

package/src/utils.ts

@@ -0,0 +1,35 @@
+import { keccak_256 } from '@noble/hashes/sha3'
+import { base64, utf8 } from '@scure/base'
+import { plugins } from './plugins/index.js'
+import canonicalize from 'canonicalize'
+
+export const toAddress = (publicKey: Uint8Array): Uint8Array =>
+  keccak_256(publicKey.slice(4)).slice(-20)
+
+export const prepareKey = (key: string): Uint8Array =>
+  base64.decode(key)
+
+export const prepareData = (data: unknown): Uint8Array => {
+  if (typeof data === 'object') {
+    if (!(data instanceof Uint8Array)) {
+      data = canonicalize(data)
+    }
+  }
+  if (typeof data === 'string') {
+    data = utf8.decode(data)
+  } else if (!(data instanceof Uint8Array)) {
+    throw new Error('basic.keys:sign-data-type')
+  }
+
+  if (!(data instanceof Uint8Array)) {
+    throw new Error('basic.keys:sign-data-type')
+  }
+
+  return data
+}
+
+export const assertType = (type?: string): void => {
+  if (type == null || !(type in plugins)) {
+    throw new Error('basic.keys:unknown-type')
+  }
+}

package/tsconfig.json

@@ -0,0 +1,14 @@
+{
+  "extends": [
+    "../tsconfig.default.json",
+  ],
+  "compilerOptions": {
+    "rootDir": "./src/", /* Specify the root folder within your source files. */
+    "outDir": "./build/", /* Specify an output folder for all emitted files. */
+  },
+  "exclude": [
+    "./dist/**/*",
+    "./build/**/*",
+    "./*.ts"
+  ]
+}

package/tsconfig.tsbuildinfo

@@ -0,0 +1 @@
+{"root":["./src/auth.ts","./src/bin.ts","./src/consts.ts","./src/helper.ts","./src/index.ts","./src/keypair.ts","./src/model.ts","./src/types.ts","./src/utils.ts","./src/plugins/ed25519.ts","./src/plugins/export.ts","./src/plugins/index.ts","./src/plugins/types.ts","./src/plugins/xchacha.ts"],"version":"5.6.3"}