@sphereon/ssi-sdk-ext.did-resolver-key 0.10.2-next.20

package/src/__tests__/secp521r1.test.ts

@@ -0,0 +1,202 @@
+// Brent Shambaugh <brent.shambaugh@gmail.com>. 2021.
+
+import * as varint from 'varint'
+import * as mapper from '../drivers/secp521r1'
+import * as u8a from 'uint8arrays'
+import { base58btc } from 'multiformats/bases/base58'
+
+describe('Secp521r1 mapper', () => {
+  /*  const mf = await import('multiformats/bases/base58')
+  const base58btc = mf.base58btc*/
+  // testing the key from the did:key from the compressed public key
+  it('successfully resolves the document from did', async () => {
+    const id = 'z2J9gcGdb2nEyMDmzQYv2QZQcM1vXktvy1Pw4MduSWxGabLZ9XESSWLQgbuPhwnXN7zP7HpTzWqrMTzaY5zWe6hpzJ2jnw4f'
+    const multiformatPubKey = base58btc.decode(id)
+    varint.decode(multiformatPubKey) // decode is changing param multiformatPubKey as well
+    const pubKeyBytes = multiformatPubKey.slice(varint.decode.bytes)
+    const doc = await mapper.keyToDidDoc({ pubKeyBytes, fingerprint: id })
+    expect(doc).toMatchSnapshot()
+  })
+
+  // testing the key from the did:key from the compressed public key
+  it('successfully resolves the document from did', async () => {
+    const id = 'z2J9gaYxrKVpdoG9A4gRnmpnRCcxU6agDtFVVBVdn1JedouoZN7SzcyREXXzWgt3gGiwpoHq7K68X4m32D8HgzG8wv3sY5j7'
+    const multiformatPubKey = base58btc.decode(id)
+    varint.decode(multiformatPubKey) // decode is changing param multiformatPubKey as well
+    const pubKeyBytes = multiformatPubKey.slice(varint.decode.bytes)
+    const doc = await mapper.keyToDidDoc({ pubKeyBytes, fingerprint: id })
+    expect(doc).toMatchSnapshot()
+  })
+
+  // testing the key from the did:key from the compressed public key
+  it('successfully resolves the document from did', async () => {
+    const id = 'z2J9gaYaTUV4Ps5GYNNMm4nAyj4pGxd3Nh2zyeFjpEy631ZJ3dYfTDZ68GAhYbNuTn2eMAhKd6hhbzfxLn66vrQ6992jCSxX'
+    const multiformatPubKey = base58btc.decode(id)
+    varint.decode(multiformatPubKey) // decode is changing param multiformatPubKey as well
+    const pubKeyBytes = multiformatPubKey.slice(varint.decode.bytes)
+    const doc = await mapper.keyToDidDoc({ pubKeyBytes, fingerprint: id })
+    expect(doc).toMatchSnapshot()
+  })
+
+  // testing the key from the did:key from the compressed public key
+  it('successfully resolves the document from did', async () => {
+    const id = 'z2J9gcGTLNfNooB4Mvx7qeEBccSWARJ3y1xjwbMH9A7ra6oq71rD1daVSVm2YmjUZRWJms18QTZXTnhaH5ihiKiVaG52cuAs'
+    const multiformatPubKey = base58btc.decode(id)
+    varint.decode(multiformatPubKey) // decode is changing param multiformatPubKey as well
+    const pubKeyBytes = multiformatPubKey.slice(varint.decode.bytes)
+    const doc = await mapper.keyToDidDoc({ pubKeyBytes, fingerprint: id })
+    expect(doc).toMatchSnapshot()
+  })
+
+  // testing the key from the did:key from the compressed public key
+  it('successfully resolves the document from did', async () => {
+    const id = 'z2J9gaZDkUkcV4j5nMPp4dzks3vygMwKRSZWg9j7HNYcR5JLRu361LN6TwrBK3r19VisFYUZEGEXhqqffAprjgmVtCwfCUB1'
+    const multiformatPubKey = base58btc.decode(id)
+    varint.decode(multiformatPubKey) // decode is changing param multiformatPubKey as well
+    const pubKeyBytes = multiformatPubKey.slice(varint.decode.bytes)
+    const doc = await mapper.keyToDidDoc({ pubKeyBytes, fingerprint: id })
+    expect(doc).toMatchSnapshot()
+  })
+
+  // testing the key from the did:key from the compressed public key
+  it('successfully resolves the document from did', async () => {
+    const id = 'z2J9gaYd3MzVdZSQDj1zqsxv2tLD5Np3oD7G5F5dHbsF7Sbf1ovGkRfFcaUZMSSDKheREWxapez3vzVwkRYvrSMt4PM4Am1z'
+    const multiformatPubKey = base58btc.decode(id)
+    varint.decode(multiformatPubKey) // decode is changing param multiformatPubKey as well
+    const pubKeyBytes = multiformatPubKey.slice(varint.decode.bytes)
+    const doc = await mapper.keyToDidDoc({ pubKeyBytes, fingerprint: id })
+    expect(doc).toMatchSnapshot()
+  })
+
+  // testing the key from the did:key from the compressed public key
+  it('successfully resolves the document from did', async () => {
+    const id = 'z2J9gaYhkf4Ax2QA65KkcrSxr8JDSxUBwzFq3jmq5iBroY2tE7s1uohXVqEvALPxbvdzbWWQTtHvTprUdbNFha3HawyPcD9P'
+
+    const multiformatPubKey = base58btc.decode(id)
+    varint.decode(multiformatPubKey) // decode is changing param multiformatPubKey as well
+    const pubKeyBytes = multiformatPubKey.slice(varint.decode.bytes)
+    const doc = await mapper.keyToDidDoc({ pubKeyBytes, fingerprint: id })
+    expect(doc).toMatchSnapshot()
+  })
+
+  // testing the key from the did:key from the compressed public key
+  it('successfully resolves the document from did', async () => {
+    const id = 'z2J9gcGdbo8riFqfRzgo3gjJyFcbNJm75hrnpDrZTNqQQxgNVBTtKndBiKxzGXrAbyw5W88VDbR1B1FvRQNTnSezghqnJ7p6'
+
+    const multiformatPubKey = base58btc.decode(id)
+    varint.decode(multiformatPubKey) // decode is changing param multiformatPubKey as well
+    const pubKeyBytes = multiformatPubKey.slice(varint.decode.bytes)
+    const doc = await mapper.keyToDidDoc({ pubKeyBytes, fingerprint: id })
+    expect(doc).toMatchSnapshot()
+  })
+
+  // testing the key from the did:key from the compressed public key
+  it('successfully resolves the document from did', async () => {
+    const id = 'z2J9gcGTjd3NaNifwmaNZN27xioMAzHHCDBmkuQ552hm9kWrzhUepDCSAhiuRYBj1sSXR1LBxgqh6vasYzc8JhC12FpaNDhT'
+
+    const multiformatPubKey = base58btc.decode(id)
+    varint.decode(multiformatPubKey) // decode is changing param multiformatPubKey as well
+    const pubKeyBytes = multiformatPubKey.slice(varint.decode.bytes)
+    const doc = await mapper.keyToDidDoc({ pubKeyBytes, fingerprint: id })
+    expect(doc).toMatchSnapshot()
+  })
+})
+
+test('expect publicKeyBytesToXY to throw an error for undefined', () => {
+  expect(() => {
+    mapper.pubKeyBytesToXY(undefined as never)
+  }).toThrowError('input must be a Uint8Array')
+})
+
+test('expect publicKeyBytesToXY to throw an error for null', () => {
+  expect(() => {
+    mapper.pubKeyBytesToXY(null as never)
+  }).toThrowError('input must be a Uint8Array')
+})
+
+test('expect publicKeyBytesToXY to throw an error for and integer input', () => {
+  expect(() => {
+    // @ts-ignore
+    mapper.pubKeyBytesToXY(5)
+  }).toThrowError('input must be a Uint8Array')
+})
+
+test('test a compressed public key in hex to an x,y point with x, and y url encoded with an unsupported prefixi: try2', () => {
+  const inputPublicKeyHex =
+    '050013673d87114741d183ee420e19472782c1c50a35794abad05d453246b5fd56c1bbb6baea58fa5a19e26586d4bc3db18ff91fac537cdf0913a204c5c6a9949cce8c'
+  const publicKey_u8a = pubKeyHexToUint8Array(inputPublicKeyHex)
+  expect(() => {
+    mapper.pubKeyBytesToXY(publicKey_u8a)
+  }).toThrowError('Unexpected pubKeyBytes')
+})
+
+test('test a compressed public key in hex to an x,y point with x, and y url encoded with an unsupported prefixi: try3', () => {
+  const inputPublicKeyHex =
+    '040024fd2216f69ad8a84a8ec630fa4879f82639795a83fa07769d134544130f3af5cfd86ff5460ee7e88a21115cfb9c91898c8ca492feca1992b35c23690af58bd112'
+  const publicKey_u8a = pubKeyHexToUint8Array(inputPublicKeyHex)
+  expect(() => {
+    mapper.pubKeyBytesToXY(publicKey_u8a)
+  }).toThrowError('Unexpected pubKeyBytes')
+})
+
+test('test a compressed public key in hex to an x,y point with x, and y url encoded with an unsupported prefix', () => {
+  const inputPublicKeyHex =
+    '010024fd2216f69ad8a84a8ec630fa4879f82639795a83fa07769d134544130f3af5cfd86ff5460ee7e88a21115cfb9c91898c8ca492feca1992b35c23690af58bd112'
+  const publicKey_u8a = pubKeyHexToUint8Array(inputPublicKeyHex)
+  expect(() => {
+    mapper.pubKeyBytesToXY(publicKey_u8a)
+  }).toThrowError('Unexpected pubKeyBytes')
+})
+
+test('test a compressed public key in hex to an x,y point with x, and y url encoded with an unexpected length', () => {
+  const inputPublicKeyHex = '030024fd2216f69ad8a84a8ec630fa4879f82639795a83fa07769d134544130f3af5cfd86ff5460ee7e88a21115cfb9c91898c8ca492feca19'
+  const publicKey_u8a = pubKeyHexToUint8Array(inputPublicKeyHex)
+  expect(() => {
+    mapper.pubKeyBytesToXY(publicKey_u8a)
+  }).toThrowError('Unexpected pubKeyBytes')
+})
+
+test('test a hex string longer than 67 bytes', () => {
+  const inputPublicKeyHex =
+    '010024fd2216f69ad8a84a8ec630fa4879f82639795a83fa07769d134544130f3af5cfd86ff5460ee7e88a21115cfb9c91898c8ca492feca1992b35c23690af58bd112000'
+  const publicKey_u8a = pubKeyHexToUint8Array(inputPublicKeyHex)
+  expect(() => {
+    mapper.pubKeyBytesToXY(publicKey_u8a)
+  }).toThrowError('Unexpected pubKeyBytes')
+})
+
+test('test a hex string longer than 67 bytes: try2', () => {
+  const inputPublicKeyHex =
+    '030024fd2216f69ad8a84a8ec630fa4879f82639795a83fa07769d134544130f3af5cfd86ff5460ee7e88a21115cfb9c91898c8ca492feca1992b35c23690af58bd11200'
+  const publicKey_u8a = pubKeyHexToUint8Array(inputPublicKeyHex)
+  expect(() => {
+    mapper.pubKeyBytesToXY(publicKey_u8a)
+  }).toThrowError('Unexpected pubKeyBytes')
+})
+
+test('test a compressed public key in hex to an x,y point with x, and y url encoded', () => {
+  const inputPublicKeyHex =
+    '0300978fcb87684ebbfb723e695fa6e46640e05624f3e3be9e01c23f713088aa542a8006c259b6a8152f5991bf3713eada06b9eb30c0fcc5c9f877143e51d0c960f8e4'
+  const output = {
+    xm: 'l4_Lh2hOu_tyPmlfpuRmQOBWJPPjvp4Bwj9xMIiqVCqABsJZtqgVL1mRvzcT6toGueswwPzFyfh3FD5R0Mlg-OQ',
+    ym: 'iV1Wy8VO05NKYylHjeXy7RL5zM2gG5pP8PIqBjbFXdo9MPZ3MsyyIF54Ykz76jFp55cD3CrynsUTD41JCQyFrJs',
+  }
+  const publicKey_u8a = pubKeyHexToUint8Array(inputPublicKeyHex)
+  const pubKeyBytesToXY = mapper.pubKeyBytesToXY(publicKey_u8a)
+  expect(pubKeyBytesToXY).toEqual(output)
+})
+
+//**** end of tests
+
+// Function for test. Eliminate this when key-did-resolver is written.
+
+function pubKeyHexToUint8Array(publicKeyHex: string) {
+  if (!publicKeyHex) {
+    throw new TypeError('input cannot be null or undefined.')
+  }
+  if (publicKeyHex.length % 2 == 0) {
+    return u8a.fromString(publicKeyHex, 'base16')
+  } else {
+    return u8a.fromString('0' + publicKeyHex, 'base16')
+  }
+}

package/src/drivers/bls12381g2.ts

@@ -0,0 +1,24 @@
+import { DIDDocument } from 'did-resolver'
+import * as u8a from 'uint8arrays'
+import { KeyToDidDocArgs } from '../index'
+
+export const keyToDidDoc = ({ pubKeyBytes, fingerprint }: KeyToDidDocArgs): DIDDocument => {
+  const did = `did:key:${fingerprint}`
+  const keyId = `${did}#${fingerprint}`
+  return {
+    id: did,
+    verificationMethod: [
+      {
+        id: keyId,
+        type: 'Bls12381G2Key2020',
+        controller: did,
+        publicKeyBase58: u8a.toString(pubKeyBytes, 'base58btc'),
+      },
+    ],
+    authentication: [keyId],
+    assertionMethod: [keyId],
+    capabilityDelegation: [keyId],
+    capabilityInvocation: [keyId],
+  }
+}
+export default { keyToDidDoc }

package/src/drivers/ed25519.ts

@@ -0,0 +1,115 @@
+import * as u8a from 'uint8arrays'
+import { DIDDocument } from 'did-resolver'
+// import { edwardsToMontgomery } from '@noble/curves/ed25519'
+import { convertPublicKeyToX25519 } from '@stablelib/ed25519'
+import { DID_LD_JSON, KeyToDidDocArgs } from '../types'
+
+function encodeKey(key: Uint8Array, encodeKey?: number) {
+  const bytes = new Uint8Array(key.length + 2)
+  bytes[0] = encodeKey ?? 0xec
+  // The multicodec is encoded as a varint so we need to add this.
+  // See js-multicodec for a general implementation
+  bytes[1] = 0x01
+  bytes.set(key, 2)
+  return `z${u8a.toString(bytes, 'base58btc')}`
+}
+
+export const keyToDidDoc = (args: KeyToDidDocArgs) => {
+  const { options } = args
+  if (!options?.publicKeyFormat) {
+    return keyToDidDoc2020(args)
+  }
+  switch (options.publicKeyFormat) {
+    case 'Ed25519VerificationKey2018':
+    case 'X25519KeyAgreementKey2019':
+      return keyToDidDoc2018_2019(args)
+    case 'Ed25519VerificationKey2020':
+    case 'X25519KeyAgreementKey2020':
+    case 'Multikey':
+      return keyToDidDoc2020(args)
+    default:
+      throw Error(`${options.publicKeyFormat} not supported yet for the ed25519 driver`)
+  }
+}
+const keyToDidDoc2018_2019 = ({ pubKeyBytes, fingerprint, contentType }: KeyToDidDocArgs): DIDDocument => {
+  const did = `did:key:${fingerprint}`
+  const keyId = `${did}#${fingerprint}`
+
+  //todo: Move to noble lib. x25519 values differ between below methods. Current implementation is correct according to DID:key spec
+  // const pubKeyHex = u8a.toString(pubKeyBytes, 'base16')
+  // const x25519PubBytes = edwardsToMontgomery(pubKeyHex)
+  const x25519PubBytes = convertPublicKeyToX25519(pubKeyBytes)
+
+  const x25519KeyId = `${did}#${encodeKey(x25519PubBytes)}`
+  return {
+    ...(contentType === DID_LD_JSON && {
+      '@context': [
+        'https://www.w3.org/ns/did/v1',
+        'https://w3id.org/security/suites/ed25519-2018/v1',
+        'https://w3id.org/security/suites/x25519-2019/v1',
+      ],
+    }),
+    id: did,
+    verificationMethod: [
+      {
+        id: keyId,
+        type: 'Ed25519VerificationKey2018',
+        controller: did,
+        publicKeyBase58: u8a.toString(pubKeyBytes, 'base58btc'),
+      },
+      {
+        id: x25519KeyId,
+        type: 'X25519KeyAgreementKey2019',
+        controller: did,
+        publicKeyBase58: u8a.toString(x25519PubBytes, 'base58btc'),
+      },
+    ],
+    authentication: [keyId],
+    assertionMethod: [keyId],
+    capabilityDelegation: [keyId],
+    capabilityInvocation: [keyId],
+    keyAgreement: [x25519KeyId],
+  }
+}
+
+const keyToDidDoc2020 = ({ pubKeyBytes, fingerprint, contentType }: KeyToDidDocArgs): DIDDocument => {
+  const did = `did:key:${fingerprint}`
+  const keyId = `${did}#${fingerprint}`
+  //todo: Move to noble lib. x25519 values differ between below methods. Current implementation is correct according to DID:key spec
+  // const pubKeyHex = u8a.toString(pubKeyBytes, 'base16')
+  // const x25519PubBytes = edwardsToMontgomery(pubKeyBytes)
+  const x25519PubBytes = convertPublicKeyToX25519(pubKeyBytes)
+
+  const x25519KeyId = `${did}#${encodeKey(x25519PubBytes)}`
+  return {
+    ...(contentType === DID_LD_JSON && {
+      '@context': [
+        'https://www.w3.org/ns/did/v1',
+        'https://w3id.org/security/suites/ed25519-2020/v1',
+        'https://w3id.org/security/suites/x25519-2020/v1',
+      ],
+    }),
+    id: did,
+    verificationMethod: [
+      {
+        id: keyId,
+        type: 'Ed25519VerificationKey2020',
+        controller: did,
+        publicKeyMultibase: encodeKey(pubKeyBytes, 0xed),
+      },
+    ],
+    authentication: [keyId],
+    assertionMethod: [keyId],
+    capabilityDelegation: [keyId],
+    capabilityInvocation: [keyId],
+    keyAgreement: [
+      {
+        id: x25519KeyId,
+        type: 'X25519KeyAgreementKey2020',
+        controller: did,
+        publicKeyMultibase: encodeKey(x25519PubBytes, 0xec),
+      },
+    ],
+  }
+}
+export default { keyToDidDoc }

package/src/drivers/jwk.jcs.ts

@@ -0,0 +1,28 @@
+import { DIDDocument } from 'did-resolver'
+import { DID_LD_JSON, KeyToDidDocArgs } from '../index'
+import { jwkJcsDecode } from '@sphereon/ssi-sdk-ext.key-utils'
+
+export const keyToDidDoc = ({ pubKeyBytes, fingerprint, contentType }: KeyToDidDocArgs): DIDDocument => {
+  const did = `did:key:${fingerprint}`
+  const keyId = `${did}#${fingerprint}`
+  const publicKeyJwk = jwkJcsDecode(pubKeyBytes)
+  return {
+    ...(contentType === DID_LD_JSON && {
+      '@context': ['https://www.w3.org/ns/did/v1', 'https://w3id.org/security/suites/jws-2020/v1'],
+    }),
+    id: did,
+    verificationMethod: [
+      {
+        id: keyId,
+        type: 'JsonWebKey2020',
+        controller: did,
+        publicKeyJwk,
+      },
+    ],
+    authentication: [keyId],
+    assertionMethod: [keyId],
+    capabilityDelegation: [keyId],
+    capabilityInvocation: [keyId],
+  }
+}
+export default { keyToDidDoc }

package/src/drivers/secp256k1.ts

@@ -0,0 +1,25 @@
+import * as u8a from 'uint8arrays'
+import { DIDDocument } from 'did-resolver'
+import { KeyToDidDocArgs } from '../types'
+
+export const keyToDidDoc = ({ pubKeyBytes, fingerprint }: KeyToDidDocArgs): DIDDocument => {
+  const did = `did:key:${fingerprint}`
+  const keyId = `${did}#${fingerprint}`
+  return {
+    id: did,
+    verificationMethod: [
+      {
+        id: keyId,
+        type: 'Secp256k1VerificationKey2018',
+        controller: did,
+        publicKeyBase58: u8a.toString(pubKeyBytes, 'base58btc'),
+      },
+    ],
+    authentication: [keyId],
+    assertionMethod: [keyId],
+    capabilityDelegation: [keyId],
+    capabilityInvocation: [keyId],
+  }
+}
+
+export default { keyToDidDoc }

package/src/drivers/secp256r1.ts

@@ -0,0 +1,82 @@
+// Brent Shambaugh <brent.shambaugh@gmail.com>. 2021.
+
+import * as u8a from 'uint8arrays'
+
+import * as nist_weierstrauss from 'nist-weierstrauss'
+import { base64urlPoint } from 'nist-weierstrauss'
+import { KeyToDidDocArgs } from '../types'
+
+/**
+ * Constructs the document based on the method key
+ */
+export function keyToDidDoc({ pubKeyBytes, fingerprint }: KeyToDidDocArgs): any {
+  const did = `did:key:${fingerprint}`
+  const keyId = `${did}#${fingerprint}`
+  const key = pubKeyBytesToXY(pubKeyBytes)
+  return {
+    id: did,
+    verificationMethod: [
+      {
+        id: keyId,
+        type: 'JsonWebKey2020',
+        controller: did,
+        publicKeyJwk: {
+          kty: 'EC',
+          crv: 'P-256',
+          x: key.xm,
+          y: key.ym,
+        },
+      },
+    ],
+    authentication: [keyId],
+    assertionMethod: [keyId],
+    capabilityDelegation: [keyId],
+    capabilityInvocation: [keyId],
+  }
+}
+
+/**
+ *
+ * @param pubKeyBytes - public key as uncompressed byte array with no prefix (raw key),
+ *  uncompressed with 0x04 prefix, or compressed with 0x02 prefix if even and 0x03 prefix if odd.
+ * @returns point x,y with coordinates as multibase encoded base64urls
+ *
+ * See the the did:key specification: https://w3c-ccg.github.io/did-method-key/#p-256.
+ * At present only raw p-256 keys are covered in the specification.
+ * @throws TypeError: input cannot be null or undefined.
+ * @throws Error: Unexpected pubKeyBytes
+ * @internal
+ */
+export function pubKeyBytesToXY(pubKeyBytes: Uint8Array): base64urlPoint {
+  if (!nist_weierstrauss.nist_weierstrauss_common.testUint8Array(pubKeyBytes)) {
+    throw new TypeError('input must be a Uint8Array')
+  }
+  const publicKeyHex = nist_weierstrauss.nist_weierstrauss_common.pubKeyBytesToHex(pubKeyBytes)
+  const bytesCount = publicKeyHex.length / 2
+
+  // raw p-256 key
+  if (bytesCount == 64) {
+    return nist_weierstrauss.nist_weierstrauss_common.publicKeyToXY(publicKeyHex)
+  }
+
+  // uncompressed p-256 key, SEC format
+  if (bytesCount == 65) {
+    if (publicKeyHex.slice(0, 2) == '04') {
+      const publicKey = publicKeyHex.slice(2)
+      return nist_weierstrauss.nist_weierstrauss_common.publicKeyToXY(publicKey)
+    }
+  }
+
+  // compressed p-256 key, SEC format
+  if (bytesCount == 33) {
+    if (publicKeyHex.slice(0, 2) == '03' || publicKeyHex.slice(0, 2) == '02') {
+      const publicKey = u8a.fromString(publicKeyHex, 'base16')
+      const point = nist_weierstrauss.secp256r1.ECPointDecompress(publicKey)
+      return nist_weierstrauss.nist_weierstrauss_common.publicKeyIntToXY(point)
+    }
+  }
+
+  throw new Error('Unexpected pubKeyBytes')
+}
+
+export default { keyToDidDoc }

package/src/drivers/secp384r1.ts

@@ -0,0 +1,82 @@
+// Brent Shambaugh <brent.shambaugh@gmail.com>. 2021.
+
+import * as u8a from 'uint8arrays'
+
+import * as nist_weierstrauss from 'nist-weierstrauss'
+import { base64urlPoint } from 'nist-weierstrauss'
+import { KeyToDidDocArgs } from '../types'
+
+/**
+ * Constructs the document based on the method key
+ */
+export function keyToDidDoc({ pubKeyBytes, fingerprint }: KeyToDidDocArgs): any {
+  const did = `did:key:${fingerprint}`
+  const keyId = `${did}#${fingerprint}`
+  const key = pubKeyBytesToXY(pubKeyBytes)
+  return {
+    id: did,
+    verificationMethod: [
+      {
+        id: keyId,
+        type: 'JsonWebKey2020',
+        controller: did,
+        publicKeyJwk: {
+          kty: 'EC',
+          crv: 'P-384',
+          x: key.xm,
+          y: key.ym,
+        },
+      },
+    ],
+    authentication: [keyId],
+    assertionMethod: [keyId],
+    capabilityDelegation: [keyId],
+    capabilityInvocation: [keyId],
+  }
+}
+
+/**
+ *
+ * @param pubKeyBytes - public key as uncompressed byte array with no prefix (raw key),
+ *  uncompressed with 0x04 prefix, or compressed with 0x02 prefix if even and 0x03 prefix if odd.
+ * @returns point x,y with coordinates as multibase encoded base64urls
+ *
+ * See the the did:key specification: https://w3c-ccg.github.io/did-method-key/#p-384.
+ * At present only raw p-384 keys are covered in the specification.
+ * @throws TypeError: input cannot be null or undefined.
+ * @throws Error: Unexpected pubKeyBytes
+ * @internal
+ */
+export function pubKeyBytesToXY(pubKeyBytes: Uint8Array): base64urlPoint {
+  if (!nist_weierstrauss.nist_weierstrauss_common.testUint8Array(pubKeyBytes)) {
+    throw new TypeError('input must be a Uint8Array')
+  }
+  const publicKeyHex = nist_weierstrauss.nist_weierstrauss_common.pubKeyBytesToHex(pubKeyBytes)
+  const bytesCount = publicKeyHex.length / 2
+
+  // raw p-384 key
+  if (bytesCount == 96) {
+    return nist_weierstrauss.nist_weierstrauss_common.publicKeyToXY(publicKeyHex)
+  }
+
+  // uncompressed p-384 key, SEC format
+  if (bytesCount == 97) {
+    if (publicKeyHex.slice(0, 2) == '04') {
+      const publicKey = publicKeyHex.slice(2)
+      return nist_weierstrauss.nist_weierstrauss_common.publicKeyToXY(publicKey)
+    }
+  }
+
+  // compressed p-384 key, SEC format
+  if (bytesCount == 49) {
+    if (publicKeyHex.slice(0, 2) == '03' || publicKeyHex.slice(0, 2) == '02') {
+      const publicKey = u8a.fromString(publicKeyHex, 'base16')
+      const point = nist_weierstrauss.secp384r1.ECPointDecompress(publicKey)
+      return nist_weierstrauss.nist_weierstrauss_common.publicKeyIntToXY(point)
+    }
+  }
+
+  throw new Error('Unexpected pubKeyBytes')
+}
+
+export default { keyToDidDoc }

package/src/drivers/secp521r1.ts

@@ -0,0 +1,68 @@
+// Brent Shambaugh <brent.shambaugh@gmail.com>. 2021.
+
+import * as u8a from 'uint8arrays'
+
+import * as nist_weierstrauss from 'nist-weierstrauss'
+import { base64urlPoint } from 'nist-weierstrauss'
+import { KeyToDidDocArgs } from '../types'
+
+/**
+ * Constructs the document based on the method key
+ */
+export function keyToDidDoc({ pubKeyBytes, fingerprint }: KeyToDidDocArgs): any {
+  const did = `did:key:${fingerprint}`
+  const keyId = `${did}#${fingerprint}`
+  const key = pubKeyBytesToXY(pubKeyBytes)
+  return {
+    id: did,
+    verificationMethod: [
+      {
+        id: keyId,
+        type: 'JsonWebKey2020',
+        controller: did,
+        publicKeyJwk: {
+          kty: 'EC',
+          crv: 'P-521',
+          x: key.xm,
+          y: key.ym,
+        },
+      },
+    ],
+    authentication: [keyId],
+    assertionMethod: [keyId],
+    capabilityDelegation: [keyId],
+    capabilityInvocation: [keyId],
+  }
+}
+
+/**
+ *
+ * @param pubKeyBytes - public key as compressed with 0x02 prefix if even and 0x03 prefix if odd.
+ * @returns point x,y with coordinates as multibase encoded base64urls
+ *
+ * See the the did:key specification: https://w3c-ccg.github.io/did-method-key/#p-521.
+ * For compression see: https://tools.ietf.org/id/draft-jivsov-ecc-compact-05.html#rfc.section.3
+ * @throws TypeError: input cannot be null or undefined.
+ * @throws Error: Unexpected pubKeyBytes
+ * @internal
+ */
+export function pubKeyBytesToXY(pubKeyBytes: Uint8Array): base64urlPoint {
+  if (!nist_weierstrauss.nist_weierstrauss_common.testUint8Array(pubKeyBytes)) {
+    throw new TypeError('input must be a Uint8Array')
+  }
+  const publicKeyHex = nist_weierstrauss.nist_weierstrauss_common.pubKeyBytesToHex(pubKeyBytes)
+
+  // compressed p-521 key, SEC format
+  // publicKeyHex.length / 2.0 = 67.0 bytes
+  if (132 <= publicKeyHex.length && publicKeyHex.length <= 134) {
+    if (publicKeyHex.slice(0, 2) == '03' || publicKeyHex.slice(0, 2) == '02') {
+      const publicKey = u8a.fromString(publicKeyHex, 'base16')
+      const point = nist_weierstrauss.secp521r1.ECPointDecompress(publicKey)
+      return nist_weierstrauss.nist_weierstrauss_common.publicKeyIntToXY(point)
+    }
+  }
+
+  throw new Error('Unexpected pubKeyBytes')
+}
+
+export default { keyToDidDoc }