@road-labs/ocmf-crypto 0.0.1

package/build/cjs/asn1.js

@@ -0,0 +1,95 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.curveToOid = exports.oidToCurve = exports.oidEllipticCurveKey = void 0;
+exports.decodePkcs8PrivateKeyInfo = decodePkcs8PrivateKeyInfo;
+exports.encodePkixSubjectPublicKeyInfo = encodePkixSubjectPublicKeyInfo;
+exports.decodePkixSubjectPublicKeyInfo = decodePkixSubjectPublicKeyInfo;
+exports.encodePkixEcdsaSigValue = encodePkixEcdsaSigValue;
+exports.decodePkixEcdsaSigValue = decodePkixEcdsaSigValue;
+const asn1_schema_1 = require("@peculiar/asn1-schema");
+const asn1_pkcs8_1 = require("@peculiar/asn1-pkcs8");
+const asn1_ecc_1 = require("@peculiar/asn1-ecc");
+const asn1_x509_1 = require("@peculiar/asn1-x509");
+exports.oidEllipticCurveKey = asn1_ecc_1.id_ecPublicKey;
+const id_brainpool256r1 = '1.3.36.3.3.2.8.1.1.7';
+const id_brainpool384r1 = '1.3.36.3.3.2.8.1.1.11';
+const id_secp192k1 = '1.3.132.0.31';
+const id_secp256k1 = '1.3.132.0.10';
+exports.oidToCurve = new Map([
+    [id_brainpool256r1, 'brainpool256r1'],
+    [id_brainpool384r1, 'brainpool384r1'],
+    [id_secp192k1, 'secp192k1'],
+    [asn1_ecc_1.id_secp192r1, 'secp192r1'],
+    [id_secp256k1, 'secp256k1'],
+    [asn1_ecc_1.id_secp256r1, 'secp256r1'],
+    [asn1_ecc_1.id_secp384r1, 'secp384r1'],
+]);
+exports.curveToOid = new Map([
+    ['brainpool256r1', id_brainpool256r1],
+    ['brainpool384r1', id_brainpool384r1],
+    ['secp192k1', id_secp192k1],
+    ['secp192r1', asn1_ecc_1.id_secp192r1],
+    ['secp256k1', id_secp256k1],
+    ['secp256r1', asn1_ecc_1.id_secp256r1],
+    ['secp384r1', asn1_ecc_1.id_secp384r1],
+]);
+function decodePkcs8PrivateKeyInfo(value) {
+    const privateKeyInfo = asn1_schema_1.AsnParser.parse(value, asn1_pkcs8_1.PrivateKeyInfo);
+    if (privateKeyInfo?.privateKeyAlgorithm?.algorithm !== exports.oidEllipticCurveKey) {
+        throw new Error(`Unexpected private key algorithm: ${privateKeyInfo?.privateKeyAlgorithm?.algorithm}`);
+    }
+    const privateKey = asn1_schema_1.AsnParser.parse(privateKeyInfo.privateKey.buffer, asn1_ecc_1.ECPrivateKey);
+    return {
+        version: privateKeyInfo.version,
+        privateKeyAlgorithm: privateKeyInfo.privateKeyAlgorithm,
+        privateKey: {
+            version: privateKey.version,
+            parameters: privateKey.parameters,
+            privateKey: new Uint8Array(privateKey.privateKey.buffer),
+            publicKey: privateKey.publicKey
+                ? new Uint8Array(privateKey.publicKey)
+                : undefined,
+        },
+    };
+}
+function encodePkixSubjectPublicKeyInfo(keyInfo) {
+    const asn1 = new asn1_x509_1.SubjectPublicKeyInfo({
+        algorithm: new asn1_x509_1.AlgorithmIdentifier({
+            algorithm: keyInfo.algorithm.algorithm,
+            parameters: asn1_schema_1.AsnConvert.serialize(new asn1_ecc_1.ECParameters(keyInfo.algorithm.parameters)),
+        }),
+        subjectPublicKey: keyInfo.subjectPublicKey,
+    });
+    return new Uint8Array(asn1_schema_1.AsnConvert.serialize(asn1));
+}
+function decodePkixSubjectPublicKeyInfo(value) {
+    const subjectPublicKeyInfo = asn1_schema_1.AsnParser.parse(value, asn1_x509_1.SubjectPublicKeyInfo);
+    if (subjectPublicKeyInfo?.algorithm?.algorithm !== exports.oidEllipticCurveKey) {
+        throw new Error(`Unexpected public key algorithm: ${subjectPublicKeyInfo?.algorithm?.algorithm}`);
+    }
+    let parameters;
+    if (subjectPublicKeyInfo.algorithm.parameters) {
+        parameters = asn1_schema_1.AsnParser.parse(subjectPublicKeyInfo.algorithm.parameters, asn1_ecc_1.ECParameters);
+    }
+    return {
+        algorithm: {
+            algorithm: subjectPublicKeyInfo.algorithm.algorithm,
+            parameters,
+        },
+        subjectPublicKey: new Uint8Array(subjectPublicKeyInfo.subjectPublicKey),
+    };
+}
+function encodePkixEcdsaSigValue(sigValue) {
+    const asn1 = new asn1_ecc_1.ECDSASigValue({
+        r: sigValue.r,
+        s: sigValue.s,
+    });
+    return new Uint8Array(asn1_schema_1.AsnConvert.serialize(asn1));
+}
+function decodePkixEcdsaSigValue(value) {
+    const subjectPublicKeyInfo = asn1_schema_1.AsnParser.parse(value, asn1_ecc_1.ECDSASigValue);
+    return {
+        r: new Uint8Array(subjectPublicKeyInfo.r),
+        s: new Uint8Array(subjectPublicKeyInfo.s),
+    };
+}

package/build/cjs/crypto.js

@@ -0,0 +1,18 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.UnsupportedSignatureFormatError = exports.UnsupportedPublicKeyFormatError = exports.UnsupportedPrivateKeyFormatError = exports.UnsupportedHashError = exports.UnsupportedCurveError = void 0;
+class UnsupportedCurveError extends Error {
+}
+exports.UnsupportedCurveError = UnsupportedCurveError;
+class UnsupportedHashError extends Error {
+}
+exports.UnsupportedHashError = UnsupportedHashError;
+class UnsupportedPrivateKeyFormatError extends Error {
+}
+exports.UnsupportedPrivateKeyFormatError = UnsupportedPrivateKeyFormatError;
+class UnsupportedPublicKeyFormatError extends Error {
+}
+exports.UnsupportedPublicKeyFormatError = UnsupportedPublicKeyFormatError;
+class UnsupportedSignatureFormatError extends Error {
+}
+exports.UnsupportedSignatureFormatError = UnsupportedSignatureFormatError;

package/build/cjs/index.js

@@ -0,0 +1,19 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./types"), exports);
+__exportStar(require("./asn1"), exports);
+__exportStar(require("./crypto"), exports);

package/build/cjs/types.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/build/es2022/asn1.js

@@ -0,0 +1,87 @@
+import { AsnConvert, AsnParser } from '@peculiar/asn1-schema';
+import { PrivateKeyInfo } from '@peculiar/asn1-pkcs8';
+import { ECDSASigValue, ECParameters, ECPrivateKey, id_ecPublicKey, id_secp192r1, id_secp256r1, id_secp384r1, } from '@peculiar/asn1-ecc';
+import { AlgorithmIdentifier, SubjectPublicKeyInfo } from '@peculiar/asn1-x509';
+export const oidEllipticCurveKey = id_ecPublicKey;
+const id_brainpool256r1 = '1.3.36.3.3.2.8.1.1.7';
+const id_brainpool384r1 = '1.3.36.3.3.2.8.1.1.11';
+const id_secp192k1 = '1.3.132.0.31';
+const id_secp256k1 = '1.3.132.0.10';
+export const oidToCurve = new Map([
+    [id_brainpool256r1, 'brainpool256r1'],
+    [id_brainpool384r1, 'brainpool384r1'],
+    [id_secp192k1, 'secp192k1'],
+    [id_secp192r1, 'secp192r1'],
+    [id_secp256k1, 'secp256k1'],
+    [id_secp256r1, 'secp256r1'],
+    [id_secp384r1, 'secp384r1'],
+]);
+export const curveToOid = new Map([
+    ['brainpool256r1', id_brainpool256r1],
+    ['brainpool384r1', id_brainpool384r1],
+    ['secp192k1', id_secp192k1],
+    ['secp192r1', id_secp192r1],
+    ['secp256k1', id_secp256k1],
+    ['secp256r1', id_secp256r1],
+    ['secp384r1', id_secp384r1],
+]);
+export function decodePkcs8PrivateKeyInfo(value) {
+    const privateKeyInfo = AsnParser.parse(value, PrivateKeyInfo);
+    if (privateKeyInfo?.privateKeyAlgorithm?.algorithm !== oidEllipticCurveKey) {
+        throw new Error(`Unexpected private key algorithm: ${privateKeyInfo?.privateKeyAlgorithm?.algorithm}`);
+    }
+    const privateKey = AsnParser.parse(privateKeyInfo.privateKey.buffer, ECPrivateKey);
+    return {
+        version: privateKeyInfo.version,
+        privateKeyAlgorithm: privateKeyInfo.privateKeyAlgorithm,
+        privateKey: {
+            version: privateKey.version,
+            parameters: privateKey.parameters,
+            privateKey: new Uint8Array(privateKey.privateKey.buffer),
+            publicKey: privateKey.publicKey
+                ? new Uint8Array(privateKey.publicKey)
+                : undefined,
+        },
+    };
+}
+export function encodePkixSubjectPublicKeyInfo(keyInfo) {
+    const asn1 = new SubjectPublicKeyInfo({
+        algorithm: new AlgorithmIdentifier({
+            algorithm: keyInfo.algorithm.algorithm,
+            parameters: AsnConvert.serialize(new ECParameters(keyInfo.algorithm.parameters)),
+        }),
+        subjectPublicKey: keyInfo.subjectPublicKey,
+    });
+    return new Uint8Array(AsnConvert.serialize(asn1));
+}
+export function decodePkixSubjectPublicKeyInfo(value) {
+    const subjectPublicKeyInfo = AsnParser.parse(value, SubjectPublicKeyInfo);
+    if (subjectPublicKeyInfo?.algorithm?.algorithm !== oidEllipticCurveKey) {
+        throw new Error(`Unexpected public key algorithm: ${subjectPublicKeyInfo?.algorithm?.algorithm}`);
+    }
+    let parameters;
+    if (subjectPublicKeyInfo.algorithm.parameters) {
+        parameters = AsnParser.parse(subjectPublicKeyInfo.algorithm.parameters, ECParameters);
+    }
+    return {
+        algorithm: {
+            algorithm: subjectPublicKeyInfo.algorithm.algorithm,
+            parameters,
+        },
+        subjectPublicKey: new Uint8Array(subjectPublicKeyInfo.subjectPublicKey),
+    };
+}
+export function encodePkixEcdsaSigValue(sigValue) {
+    const asn1 = new ECDSASigValue({
+        r: sigValue.r,
+        s: sigValue.s,
+    });
+    return new Uint8Array(AsnConvert.serialize(asn1));
+}
+export function decodePkixEcdsaSigValue(value) {
+    const subjectPublicKeyInfo = AsnParser.parse(value, ECDSASigValue);
+    return {
+        r: new Uint8Array(subjectPublicKeyInfo.r),
+        s: new Uint8Array(subjectPublicKeyInfo.s),
+    };
+}

package/build/es2022/crypto.js

@@ -0,0 +1,10 @@
+export class UnsupportedCurveError extends Error {
+}
+export class UnsupportedHashError extends Error {
+}
+export class UnsupportedPrivateKeyFormatError extends Error {
+}
+export class UnsupportedPublicKeyFormatError extends Error {
+}
+export class UnsupportedSignatureFormatError extends Error {
+}

package/build/es2022/index.js

@@ -0,0 +1,3 @@
+export * from './types';
+export * from './asn1';
+export * from './crypto';

package/build/es2022/types.js

@@ -0,0 +1 @@
+export {};

package/build/types/asn1.d.ts

@@ -0,0 +1,36 @@
+import { Curve } from './types';
+export declare const oidEllipticCurveKey = "1.2.840.10045.2.1";
+export declare const oidToCurve: Map<string, Curve>;
+export declare const curveToOid: Map<Curve, string>;
+export interface Pkcs8PrivateKeyInfo {
+    version: number;
+    privateKeyAlgorithm: {
+        algorithm: string;
+    };
+    privateKey: {
+        version: number;
+        privateKey: Uint8Array;
+        parameters?: {
+            namedCurve?: string;
+        };
+        publicKey?: Uint8Array;
+    };
+}
+export interface PkixSubjectPublicKeyInfo {
+    algorithm: {
+        algorithm: string;
+        parameters?: {
+            namedCurve?: string;
+        };
+    };
+    subjectPublicKey: Uint8Array;
+}
+export interface PkixEcdsaSigValue {
+    r: Uint8Array;
+    s: Uint8Array;
+}
+export declare function decodePkcs8PrivateKeyInfo(value: Uint8Array): Pkcs8PrivateKeyInfo;
+export declare function encodePkixSubjectPublicKeyInfo(keyInfo: PkixSubjectPublicKeyInfo): Uint8Array;
+export declare function decodePkixSubjectPublicKeyInfo(value: Uint8Array): PkixSubjectPublicKeyInfo;
+export declare function encodePkixEcdsaSigValue(sigValue: PkixEcdsaSigValue): Uint8Array;
+export declare function decodePkixEcdsaSigValue(value: Uint8Array): PkixEcdsaSigValue;

package/build/types/crypto.d.ts

@@ -0,0 +1,74 @@
+import { Curve, Hash, PrivateKeyFormat, PublicKeyFormat, SignatureFormat } from './types';
+export declare class UnsupportedCurveError extends Error {
+}
+export declare class UnsupportedHashError extends Error {
+}
+export declare class UnsupportedPrivateKeyFormatError extends Error {
+}
+export declare class UnsupportedPublicKeyFormatError extends Error {
+}
+export declare class UnsupportedSignatureFormatError extends Error {
+}
+export interface CryptoAdapter {
+    /**
+     * @param value - Encoded private key value
+     * @param format - Encoding format
+     * @return A private key instance
+     * @throws UnsupportedCurveError
+     * @throws UnsupportedPrivateKeyFormatError
+     * @throws Error
+     */
+    decodeEcPrivateKey(value: Uint8Array, format: PrivateKeyFormat): EcPrivateKey | Promise<EcPrivateKey>;
+    /**
+     * @param value - Encoded public key value
+     * @param format - Encoding format
+     * @return A public key instance
+     * @throws UnsupportedCurveError
+     * @throws UnsupportedPublicKeyFormatError
+     * @throws Error
+     */
+    decodeEcPublicKey(value: Uint8Array, format: PublicKeyFormat): EcPublicKey | Promise<EcPublicKey>;
+    /**
+     * @param data - Data to be signed
+     * @param privateKey - Private key to use for signing
+     * @param hash - Hash to apply
+     * @param format - Format to return the signature in
+     * @return Signature encoded in the specified format
+     * @throws UnsupportedHashError
+     * @throws UnsupportedSignatureFormatError
+     * @throws Error
+     */
+    sign(data: Uint8Array, privateKey: EcPrivateKey, hash: Hash, format: SignatureFormat): Uint8Array | Promise<Uint8Array>;
+    /**
+     * @param signature - X.509 ECDSASigValue ASN.1 type DER encoded
+     * @param data - Raw value
+     * @param key - The public key to verify against
+     * @param hash - Hash to apply
+     * @param format - Format the signature is encoded in
+     * @return true if the signature is valid
+     * @throws UnsupportedSignatureFormatError
+     * @throws Error
+     */
+    verify(signature: Uint8Array, data: Uint8Array, key: EcPublicKey, hash: Hash, format: SignatureFormat): boolean | Promise<boolean>;
+}
+export interface EcPublicKey {
+    /**
+     * @return The curve of the public key
+     */
+    getCurve(): Curve;
+    /**
+     * @param format - Format to encode with
+     * @return Encoded public key
+     */
+    encode(format: PublicKeyFormat): Uint8Array | Promise<Uint8Array>;
+}
+export interface EcPrivateKey {
+    /**
+     * @return The curve of the private key
+     */
+    getCurve(): Curve;
+    /**
+     * @return The public key, if available
+     */
+    getPublicKey(): EcPublicKey | null;
+}

package/build/types/index.d.ts

@@ -0,0 +1,3 @@
+export * from './types';
+export * from './asn1';
+export * from './crypto';

package/build/types/types.d.ts

@@ -0,0 +1,5 @@
+export type Curve = 'brainpool256r1' | 'brainpool384r1' | 'secp192k1' | 'secp192r1' | 'secp256k1' | 'secp256r1' | 'secp384r1';
+export type PrivateKeyFormat = 'pkcs8-der';
+export type PublicKeyFormat = 'spki-der';
+export type SignatureFormat = 'sigvalue-der';
+export type Hash = 'SHA-256';

package/jest.config.js

@@ -0,0 +1,11 @@
+const { createDefaultPreset } = require('ts-jest');
+
+const tsJestTransformCfg = createDefaultPreset().transform;
+
+/** @type {import("jest").Config} **/
+module.exports = {
+  testEnvironment: 'node',
+  transform: {
+    ...tsJestTransformCfg,
+  },
+};

package/package.json

@@ -0,0 +1,36 @@
+{
+  "name": "@road-labs/ocmf-crypto",
+  "version": "0.0.1",
+  "main": "build/cjs/index.js",
+  "module": "build/es2022/index.js",
+  "types": "build/types/index.d.ts",
+  "keywords": [],
+  "author": "",
+  "license": "MIT",
+  "description": "",
+  "devDependencies": {
+    "@jest/globals": "^30.0.0",
+    "@types/node": "^22.15.30",
+    "jest": "^30.0.0",
+    "rimraf": "^6.0.1",
+    "ts-jest": "^29.4.0",
+    "ts-node": "^10.9.2",
+    "typescript": "^5.8.3"
+  },
+  "dependencies": {
+    "@peculiar/asn1-ecc": "^2.3.15",
+    "@peculiar/asn1-pkcs8": "^2.3.15",
+    "@peculiar/asn1-schema": "^2.3.15",
+    "@peculiar/asn1-x509": "^2.3.15"
+  },
+  "scripts": {
+    "clear": "rimraf build",
+    "build": "pnpm run build:module && pnpm run build:types",
+    "build:module": "pnpm run build:cjs && pnpm run build:es2022",
+    "build:cjs": "tsc -p tsconfig.json --removeComments --module commonjs --outDir build/cjs",
+    "build:es2022": "tsc -p tsconfig.json --removeComments --module es2022 --outDir build/es2022",
+    "prebuild:types": "rimraf build/types",
+    "build:types": "tsc -p tsconfig.json --outDir build/types --declaration --emitDeclarationOnly",
+    "rebuild": "pnpm run clear && pnpm run build"
+  }
+}

package/src/asn1.ts

@@ -0,0 +1,159 @@
+import { AsnConvert, AsnParser } from '@peculiar/asn1-schema';
+import { PrivateKeyInfo } from '@peculiar/asn1-pkcs8';
+import {
+  ECDSASigValue,
+  ECParameters,
+  ECPrivateKey,
+  id_ecPublicKey,
+  id_secp192r1,
+  id_secp256r1,
+  id_secp384r1,
+} from '@peculiar/asn1-ecc';
+import { AlgorithmIdentifier, SubjectPublicKeyInfo } from '@peculiar/asn1-x509';
+import { Curve } from './types';
+
+export const oidEllipticCurveKey = id_ecPublicKey;
+
+const id_brainpool256r1 = '1.3.36.3.3.2.8.1.1.7';
+const id_brainpool384r1 = '1.3.36.3.3.2.8.1.1.11';
+const id_secp192k1 = '1.3.132.0.31';
+const id_secp256k1 = '1.3.132.0.10';
+
+export const oidToCurve = new Map<string, Curve>([
+  [id_brainpool256r1, 'brainpool256r1'],
+  [id_brainpool384r1, 'brainpool384r1'],
+  [id_secp192k1, 'secp192k1'],
+  [id_secp192r1, 'secp192r1'],
+  [id_secp256k1, 'secp256k1'],
+  [id_secp256r1, 'secp256r1'],
+  [id_secp384r1, 'secp384r1'],
+]);
+
+export const curveToOid = new Map<Curve, string>([
+  ['brainpool256r1', id_brainpool256r1],
+  ['brainpool384r1', id_brainpool384r1],
+  ['secp192k1', id_secp192k1],
+  ['secp192r1', id_secp192r1],
+  ['secp256k1', id_secp256k1],
+  ['secp256r1', id_secp256r1],
+  ['secp384r1', id_secp384r1],
+]);
+
+export interface Pkcs8PrivateKeyInfo {
+  version: number;
+  privateKeyAlgorithm: {
+    algorithm: string;
+  };
+  privateKey: {
+    version: number;
+    privateKey: Uint8Array;
+    parameters?: {
+      namedCurve?: string;
+    };
+    publicKey?: Uint8Array;
+  };
+}
+
+export interface PkixSubjectPublicKeyInfo {
+  algorithm: {
+    algorithm: string;
+    parameters?: {
+      namedCurve?: string;
+    };
+  };
+  subjectPublicKey: Uint8Array;
+}
+
+export interface PkixEcdsaSigValue {
+  r: Uint8Array;
+  s: Uint8Array;
+}
+
+export function decodePkcs8PrivateKeyInfo(
+  value: Uint8Array
+): Pkcs8PrivateKeyInfo {
+  const privateKeyInfo = AsnParser.parse(value, PrivateKeyInfo);
+  if (privateKeyInfo?.privateKeyAlgorithm?.algorithm !== oidEllipticCurveKey) {
+    throw new Error(
+      `Unexpected private key algorithm: ${privateKeyInfo?.privateKeyAlgorithm?.algorithm}`
+    );
+  }
+
+  const privateKey = AsnParser.parse(
+    privateKeyInfo.privateKey.buffer,
+    ECPrivateKey
+  );
+
+  return {
+    version: privateKeyInfo.version,
+    privateKeyAlgorithm: privateKeyInfo.privateKeyAlgorithm,
+    privateKey: {
+      version: privateKey.version,
+      parameters: privateKey.parameters,
+      privateKey: new Uint8Array(privateKey.privateKey.buffer),
+      publicKey: privateKey.publicKey
+        ? new Uint8Array(privateKey.publicKey)
+        : undefined,
+    },
+  };
+}
+
+export function encodePkixSubjectPublicKeyInfo(
+  keyInfo: PkixSubjectPublicKeyInfo
+): Uint8Array {
+  const asn1 = new SubjectPublicKeyInfo({
+    algorithm: new AlgorithmIdentifier({
+      algorithm: keyInfo.algorithm.algorithm,
+      parameters: AsnConvert.serialize(
+        new ECParameters(keyInfo.algorithm.parameters)
+      ),
+    }),
+    subjectPublicKey: keyInfo.subjectPublicKey,
+  });
+  return new Uint8Array(AsnConvert.serialize(asn1));
+}
+
+export function decodePkixSubjectPublicKeyInfo(
+  value: Uint8Array
+): PkixSubjectPublicKeyInfo {
+  const subjectPublicKeyInfo = AsnParser.parse(value, SubjectPublicKeyInfo);
+  if (subjectPublicKeyInfo?.algorithm?.algorithm !== oidEllipticCurveKey) {
+    throw new Error(
+      `Unexpected public key algorithm: ${subjectPublicKeyInfo?.algorithm?.algorithm}`
+    );
+  }
+
+  let parameters: PkixSubjectPublicKeyInfo['algorithm']['parameters'];
+  if (subjectPublicKeyInfo.algorithm.parameters) {
+    parameters = AsnParser.parse(
+      subjectPublicKeyInfo.algorithm.parameters,
+      ECParameters
+    );
+  }
+
+  return {
+    algorithm: {
+      algorithm: subjectPublicKeyInfo.algorithm.algorithm,
+      parameters,
+    },
+    subjectPublicKey: new Uint8Array(subjectPublicKeyInfo.subjectPublicKey),
+  };
+}
+
+export function encodePkixEcdsaSigValue(
+  sigValue: PkixEcdsaSigValue
+): Uint8Array {
+  const asn1 = new ECDSASigValue({
+    r: sigValue.r,
+    s: sigValue.s,
+  });
+  return new Uint8Array(AsnConvert.serialize(asn1));
+}
+
+export function decodePkixEcdsaSigValue(value: Uint8Array): PkixEcdsaSigValue {
+  const subjectPublicKeyInfo = AsnParser.parse(value, ECDSASigValue);
+  return {
+    r: new Uint8Array(subjectPublicKeyInfo.r),
+    s: new Uint8Array(subjectPublicKeyInfo.s),
+  };
+}

package/src/crypto.ts

@@ -0,0 +1,101 @@
+import {
+  Curve,
+  Hash,
+  PrivateKeyFormat,
+  PublicKeyFormat,
+  SignatureFormat,
+} from './types';
+
+export class UnsupportedCurveError extends Error {}
+export class UnsupportedHashError extends Error {}
+export class UnsupportedPrivateKeyFormatError extends Error {}
+export class UnsupportedPublicKeyFormatError extends Error {}
+export class UnsupportedSignatureFormatError extends Error {}
+
+export interface CryptoAdapter {
+  /**
+   * @param value - Encoded private key value
+   * @param format - Encoding format
+   * @return A private key instance
+   * @throws UnsupportedCurveError
+   * @throws UnsupportedPrivateKeyFormatError
+   * @throws Error
+   */
+  decodeEcPrivateKey(
+    value: Uint8Array,
+    format: PrivateKeyFormat
+  ): EcPrivateKey | Promise<EcPrivateKey>;
+
+  /**
+   * @param value - Encoded public key value
+   * @param format - Encoding format
+   * @return A public key instance
+   * @throws UnsupportedCurveError
+   * @throws UnsupportedPublicKeyFormatError
+   * @throws Error
+   */
+  decodeEcPublicKey(
+    value: Uint8Array,
+    format: PublicKeyFormat
+  ): EcPublicKey | Promise<EcPublicKey>;
+
+  /**
+   * @param data - Data to be signed
+   * @param privateKey - Private key to use for signing
+   * @param hash - Hash to apply
+   * @param format - Format to return the signature in
+   * @return Signature encoded in the specified format
+   * @throws UnsupportedHashError
+   * @throws UnsupportedSignatureFormatError
+   * @throws Error
+   */
+  sign(
+    data: Uint8Array,
+    privateKey: EcPrivateKey,
+    hash: Hash,
+    format: SignatureFormat
+  ): Uint8Array | Promise<Uint8Array>;
+
+  /**
+   * @param signature - X.509 ECDSASigValue ASN.1 type DER encoded
+   * @param data - Raw value
+   * @param key - The public key to verify against
+   * @param hash - Hash to apply
+   * @param format - Format the signature is encoded in
+   * @return true if the signature is valid
+   * @throws UnsupportedSignatureFormatError
+   * @throws Error
+   */
+  verify(
+    signature: Uint8Array,
+    data: Uint8Array,
+    key: EcPublicKey,
+    hash: Hash,
+    format: SignatureFormat
+  ): boolean | Promise<boolean>;
+}
+
+export interface EcPublicKey {
+  /**
+   * @return The curve of the public key
+   */
+  getCurve(): Curve;
+
+  /**
+   * @param format - Format to encode with
+   * @return Encoded public key
+   */
+  encode(format: PublicKeyFormat): Uint8Array | Promise<Uint8Array>;
+}
+
+export interface EcPrivateKey {
+  /**
+   * @return The curve of the private key
+   */
+  getCurve(): Curve;
+
+  /**
+   * @return The public key, if available
+   */
+  getPublicKey(): EcPublicKey | null;
+}

package/src/index.ts

@@ -0,0 +1,3 @@
+export * from './types';
+export * from './asn1';
+export * from './crypto';

package/src/types.ts

@@ -0,0 +1,13 @@
+export type Curve =
+  | 'brainpool256r1'
+  | 'brainpool384r1'
+  | 'secp192k1'
+  | 'secp192r1'
+  | 'secp256k1'
+  | 'secp256r1'
+  | 'secp384r1';
+
+export type PrivateKeyFormat = 'pkcs8-der'; // PKCS#8 PrivateKeyInfo ASN.1 type DER encoded
+export type PublicKeyFormat = 'spki-der'; // X.509 SubjectPublicKeyInfo ASN.1 type DER encoded
+export type SignatureFormat = 'sigvalue-der'; // X.509 ECDSASigValue ASN.1 type DER encoded
+export type Hash = 'SHA-256';

package/tsconfig.json

@@ -0,0 +1,4 @@
+{
+  "extends": "../../tsconfig.json",
+  "include": ["src/**/*"]
+}