@sphereon/ssi-sdk-ext.did-utils 0.28.1-feature.esm.cjs.11 → 0.28.1-feature.esm.cjs.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/dist/index.cjs +169 -138
  2. package/dist/index.cjs.map +1 -1
  3. package/package.json +7 -7
package/dist/index.cjs CHANGED
@@ -1,17 +1,84 @@
1
- "use strict";Object.defineProperty(exports, "__esModule", {value: true}); function _interopRequireWildcard(obj) { if (obj && obj.__esModule) { return obj; } else { var newObj = {}; if (obj != null) { for (var key in obj) { if (Object.prototype.hasOwnProperty.call(obj, key)) { newObj[key] = obj[key]; } } } newObj.default = obj; return newObj; } } function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } function _nullishCoalesce(lhs, rhsFn) { if (lhs != null) { return lhs; } else { return rhsFn(); } } async function _asyncNullishCoalesce(lhs, rhsFn) { if (lhs != null) { return lhs; } else { return await rhsFn(); } } function _optionalChain(ops) { let lastAccessLHS = undefined; let value = ops[0]; let i = 1; while (i < ops.length) { const op = ops[i]; const fn = ops[i + 1]; i += 2; if ((op === 'optionalAccess' || op === 'optionalCall') && value == null) { return undefined; } if (op === 'access' || op === 'optionalAccess') { lastAccessLHS = value; value = fn(value); } else if (op === 'call' || op === 'optionalCall') { value = fn((...args) => value.call(lastAccessLHS, ...args)); lastAccessLHS = undefined; } } return value; }var __defProp = Object.defineProperty;
1
+ "use strict";
2
+ var __create = Object.create;
3
+ var __defProp = Object.defineProperty;
4
+ var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
5
+ var __getOwnPropNames = Object.getOwnPropertyNames;
6
+ var __getProtoOf = Object.getPrototypeOf;
7
+ var __hasOwnProp = Object.prototype.hasOwnProperty;
2
8
  var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
9
+ var __export = (target, all) => {
10
+ for (var name in all)
11
+ __defProp(target, name, { get: all[name], enumerable: true });
12
+ };
13
+ var __copyProps = (to, from, except, desc) => {
14
+ if (from && typeof from === "object" || typeof from === "function") {
15
+ for (let key of __getOwnPropNames(from))
16
+ if (!__hasOwnProp.call(to, key) && key !== except)
17
+ __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
18
+ }
19
+ return to;
20
+ };
21
+ var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
22
+ // If the importer is in node compatibility mode or this is not an ESM
23
+ // file that has been converted to a CommonJS file using a Babel-
24
+ // compatible transform (i.e. "__esModule" has not been set), then set
25
+ // "default" to the CommonJS "module.exports" for node compatibility.
26
+ isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
27
+ mod
28
+ ));
29
+ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
30
+
31
+ // src/index.ts
32
+ var index_exports = {};
33
+ __export(index_exports, {
34
+ AgentDIDResolver: () => AgentDIDResolver,
35
+ DID_PREFIX: () => DID_PREFIX,
36
+ IdentifierAliasEnum: () => IdentifierAliasEnum,
37
+ SupportedDidMethodEnum: () => SupportedDidMethodEnum,
38
+ asDidWeb: () => asDidWeb,
39
+ createIdentifier: () => createIdentifier,
40
+ dereferenceDidKeysWithJwkSupport: () => dereferenceDidKeysWithJwkSupport,
41
+ determineKid: () => determineKid,
42
+ didDocumentToJwks: () => didDocumentToJwks,
43
+ extractPublicKeyHex: () => extractPublicKeyHex,
44
+ extractPublicKeyHexWithJwkSupport: () => extractPublicKeyHexWithJwkSupport,
45
+ getAgentDIDMethods: () => getAgentDIDMethods,
46
+ getAgentResolver: () => getAgentResolver,
47
+ getAuthenticationKey: () => getAuthenticationKey,
48
+ getControllerKey: () => getControllerKey,
49
+ getDID: () => getDID,
50
+ getDidSigner: () => getDidSigner,
51
+ getEthereumAddressFromKey: () => getEthereumAddressFromKey,
52
+ getFirstKeyWithRelation: () => getFirstKeyWithRelation,
53
+ getFirstKeyWithRelationFromDIDDoc: () => getFirstKeyWithRelationFromDIDDoc,
54
+ getKey: () => getKey,
55
+ getKeys: () => getKeys,
56
+ getOrCreatePrimaryIdentifier: () => getOrCreatePrimaryIdentifier,
57
+ getPrimaryIdentifier: () => getPrimaryIdentifier,
58
+ getSupportedDIDMethods: () => getSupportedDIDMethods,
59
+ isEvenHexString: () => isEvenHexString,
60
+ jwkTtoPublicKeyHex: () => jwkTtoPublicKeyHex,
61
+ mapIdentifierKeysToDocWithJwkSupport: () => mapIdentifierKeysToDocWithJwkSupport,
62
+ signDidJWT: () => signDidJWT,
63
+ toDID: () => toDID,
64
+ toDIDs: () => toDIDs,
65
+ toDidDocument: () => toDidDocument,
66
+ toDidResolutionResult: () => toDidResolutionResult,
67
+ verificationMethodToJwk: () => verificationMethodToJwk
68
+ });
69
+ module.exports = __toCommonJS(index_exports);
3
70
 
4
71
  // src/did-functions.ts
5
- var _transactions = require('@ethersproject/transactions');
6
- var _diduniclient = require('@sphereon/did-uni-client');
7
- var _ssisdkextkeyutils = require('@sphereon/ssi-sdk-ext.key-utils');
8
- var _ssisdkextx509utils = require('@sphereon/ssi-sdk-ext.x509-utils');
9
- var _ssisdkcore = require('@sphereon/ssi-sdk.core');
10
- var _ed25519 = require('@stablelib/ed25519');
11
- var _utils = require('@veramo/utils');
12
- var _didjwt = require('did-jwt');
13
- var _elliptic = require('elliptic'); var _elliptic2 = _interopRequireDefault(_elliptic);
14
- var _uint8arrays = require('uint8arrays'); var u8a = _interopRequireWildcard(_uint8arrays);
72
+ var import_transactions = require("@ethersproject/transactions");
73
+ var import_did_uni_client = require("@sphereon/did-uni-client");
74
+ var import_ssi_sdk_ext = require("@sphereon/ssi-sdk-ext.key-utils");
75
+ var import_ssi_sdk_ext2 = require("@sphereon/ssi-sdk-ext.x509-utils");
76
+ var import_ssi_sdk = require("@sphereon/ssi-sdk.core");
77
+ var import_ed25519 = require("@stablelib/ed25519");
78
+ var import_utils = require("@veramo/utils");
79
+ var import_did_jwt = require("did-jwt");
80
+ var import_elliptic = __toESM(require("elliptic"), 1);
81
+ var u8a = __toESM(require("uint8arrays"), 1);
15
82
 
16
83
  // src/types.ts
17
84
  var SupportedDidMethodEnum = /* @__PURE__ */ function(SupportedDidMethodEnum2) {
@@ -45,19 +112,19 @@ var getAuthenticationKey = /* @__PURE__ */ __name(async ({ identifier, offlineWh
45
112
  var getFirstKeyWithRelation = /* @__PURE__ */ __name(async ({ identifier, offlineWhenNoDIDRegistered, noVerificationMethodFallback, keyType, controllerKey, vmRelationship }, context) => {
46
113
  let key = void 0;
47
114
  try {
48
- key = await _asyncNullishCoalesce(await getFirstKeyWithRelationFromDIDDoc({
115
+ key = await getFirstKeyWithRelationFromDIDDoc({
49
116
  identifier,
50
117
  vmRelationship,
51
118
  errorOnNotFound: false,
52
119
  keyType,
53
120
  controllerKey
54
- }, context), async () => ( (noVerificationMethodFallback || vmRelationship === "verificationMethod" ? void 0 : await getFirstKeyWithRelationFromDIDDoc({
121
+ }, context) ?? (noVerificationMethodFallback || vmRelationship === "verificationMethod" ? void 0 : await getFirstKeyWithRelationFromDIDDoc({
55
122
  identifier,
56
123
  vmRelationship: "verificationMethod",
57
124
  errorOnNotFound: false,
58
125
  keyType,
59
126
  controllerKey
60
- }, context))));
127
+ }, context));
61
128
  } catch (e) {
62
129
  if (e instanceof Error) {
63
130
  if (!e.message.includes("404") || !offlineWhenNoDIDRegistered) {
@@ -69,23 +136,23 @@ var getFirstKeyWithRelation = /* @__PURE__ */ __name(async ({ identifier, offlin
69
136
  }
70
137
  if (!key && offlineWhenNoDIDRegistered) {
71
138
  const offlineDID = toDidDocument(identifier);
72
- key = await _asyncNullishCoalesce(await getFirstKeyWithRelationFromDIDDoc({
139
+ key = await getFirstKeyWithRelationFromDIDDoc({
73
140
  identifier,
74
141
  vmRelationship,
75
142
  errorOnNotFound: false,
76
143
  didDocument: offlineDID,
77
144
  keyType,
78
145
  controllerKey
79
- }, context), async () => ( (noVerificationMethodFallback || vmRelationship === "verificationMethod" ? void 0 : await getFirstKeyWithRelationFromDIDDoc({
146
+ }, context) ?? (noVerificationMethodFallback || vmRelationship === "verificationMethod" ? void 0 : await getFirstKeyWithRelationFromDIDDoc({
80
147
  identifier,
81
148
  vmRelationship: "verificationMethod",
82
149
  errorOnNotFound: false,
83
150
  didDocument: offlineDID,
84
151
  keyType,
85
152
  controllerKey
86
- }, context))));
153
+ }, context));
87
154
  if (!key) {
88
- key = identifier.keys.map((key2) => key2).filter((key2) => keyType === void 0 || key2.type === keyType || controllerKey && key2.kid === identifier.controllerKeyId).find((key2) => _optionalChain([key2, 'access', _ => _.meta, 'access', _2 => _2.verificationMethod, 'optionalAccess', _3 => _3.type, 'access', _4 => _4.includes, 'call', _5 => _5("authentication")]) || _optionalChain([key2, 'access', _6 => _6.meta, 'access', _7 => _7.purposes, 'optionalAccess', _8 => _8.includes, 'call', _9 => _9("authentication")]));
155
+ key = identifier.keys.map((key2) => key2).filter((key2) => keyType === void 0 || key2.type === keyType || controllerKey && key2.kid === identifier.controllerKeyId).find((key2) => key2.meta.verificationMethod?.type.includes("authentication") || key2.meta.purposes?.includes("authentication"));
89
156
  }
90
157
  }
91
158
  if (!key) {
@@ -95,8 +162,8 @@ var getFirstKeyWithRelation = /* @__PURE__ */ __name(async ({ identifier, offlin
95
162
  }, "getFirstKeyWithRelation");
96
163
  var getOrCreatePrimaryIdentifier = /* @__PURE__ */ __name(async (context, opts) => {
97
164
  const primaryIdentifier = await getPrimaryIdentifier(context, {
98
- ..._optionalChain([opts, 'optionalAccess', _10 => _10.createOpts, 'optionalAccess', _11 => _11.options]),
99
- ..._optionalChain([opts, 'optionalAccess', _12 => _12.method]) && {
165
+ ...opts?.createOpts?.options,
166
+ ...opts?.method && {
100
167
  method: opts.method
101
168
  }
102
169
  });
@@ -106,8 +173,8 @@ var getOrCreatePrimaryIdentifier = /* @__PURE__ */ __name(async (context, opts)
106
173
  result: primaryIdentifier
107
174
  };
108
175
  }
109
- if (_optionalChain([opts, 'optionalAccess', _13 => _13.method]) === SupportedDidMethodEnum.DID_KEY) {
110
- const createOpts = _nullishCoalesce(_optionalChain([opts, 'optionalAccess', _14 => _14.createOpts]), () => ( {}));
176
+ if (opts?.method === SupportedDidMethodEnum.DID_KEY) {
177
+ const createOpts = opts?.createOpts ?? {};
111
178
  createOpts.options = {
112
179
  codecName: "EBSI",
113
180
  type: "Secp256r1",
@@ -122,19 +189,19 @@ var getOrCreatePrimaryIdentifier = /* @__PURE__ */ __name(async (context, opts)
122
189
  };
123
190
  }, "getOrCreatePrimaryIdentifier");
124
191
  var getPrimaryIdentifier = /* @__PURE__ */ __name(async (context, opts) => {
125
- const identifiers = (await context.agent.didManagerFind(_optionalChain([opts, 'optionalAccess', _15 => _15.method]) ? {
126
- provider: `${DID_PREFIX}${_optionalChain([opts, 'optionalAccess', _16 => _16.method])}`
127
- } : {})).filter((identifier) => _optionalChain([opts, 'optionalAccess', _17 => _17.type]) === void 0 || identifier.keys.some((key) => key.type === _optionalChain([opts, 'optionalAccess', _18 => _18.type])));
192
+ const identifiers = (await context.agent.didManagerFind(opts?.method ? {
193
+ provider: `${DID_PREFIX}${opts?.method}`
194
+ } : {})).filter((identifier) => opts?.type === void 0 || identifier.keys.some((key) => key.type === opts?.type));
128
195
  return identifiers && identifiers.length > 0 ? identifiers[0] : void 0;
129
196
  }, "getPrimaryIdentifier");
130
197
  var createIdentifier = /* @__PURE__ */ __name(async (context, opts) => {
131
198
  return await context.agent.didManagerCreate({
132
- kms: await _ssisdkextkeyutils.getKms.call(void 0, context, _optionalChain([opts, 'optionalAccess', _19 => _19.createOpts, 'optionalAccess', _20 => _20.kms])),
133
- ..._optionalChain([opts, 'optionalAccess', _21 => _21.method]) && {
134
- provider: `${DID_PREFIX}${_optionalChain([opts, 'optionalAccess', _22 => _22.method])}`
199
+ kms: await (0, import_ssi_sdk_ext.getKms)(context, opts?.createOpts?.kms),
200
+ ...opts?.method && {
201
+ provider: `${DID_PREFIX}${opts?.method}`
135
202
  },
136
- alias: _nullishCoalesce(_optionalChain([opts, 'optionalAccess', _23 => _23.createOpts, 'optionalAccess', _24 => _24.alias]), () => ( `${IdentifierAliasEnum.PRIMARY}-${_optionalChain([opts, 'optionalAccess', _25 => _25.method])}-${_optionalChain([opts, 'optionalAccess', _26 => _26.createOpts, 'optionalAccess', _27 => _27.options, 'optionalAccess', _28 => _28.type])}-${(/* @__PURE__ */ new Date()).getTime()}`)),
137
- options: _optionalChain([opts, 'optionalAccess', _29 => _29.createOpts, 'optionalAccess', _30 => _30.options])
203
+ alias: opts?.createOpts?.alias ?? `${IdentifierAliasEnum.PRIMARY}-${opts?.method}-${opts?.createOpts?.options?.type}-${(/* @__PURE__ */ new Date()).getTime()}`,
204
+ options: opts?.createOpts?.options
138
205
  });
139
206
  }, "createIdentifier");
140
207
  var getFirstKeyWithRelationFromDIDDoc = /* @__PURE__ */ __name(async ({ identifier, vmRelationship = "verificationMethod", keyType, errorOnNotFound = false, didDocument, controllerKey }, context) => {
@@ -158,7 +225,7 @@ var getEthereumAddressFromKey = /* @__PURE__ */ __name(({ key }) => {
158
225
  if (key.type !== "Secp256k1") {
159
226
  throw Error(`Can only get ethereum address from a Secp256k1 key. Type is ${key.type} for keyRef: ${key.kid}`);
160
227
  }
161
- const ethereumAddress = _nullishCoalesce(_nullishCoalesce(_optionalChain([key, 'access', _31 => _31.meta, 'optionalAccess', _32 => _32.ethereumAddress]), () => ( _optionalChain([key, 'access', _33 => _33.meta, 'optionalAccess', _34 => _34.account, 'optionalAccess', _35 => _35.toLowerCase, 'call', _36 => _36()]))), () => ( _transactions.computeAddress.call(void 0, `0x${key.publicKeyHex}`).toLowerCase()));
228
+ const ethereumAddress = key.meta?.ethereumAddress ?? key.meta?.account?.toLowerCase() ?? (0, import_transactions.computeAddress)(`0x${key.publicKeyHex}`).toLowerCase();
162
229
  if (!ethereumAddress) {
163
230
  throw Error(`Could not get or generate ethereum address from key with keyRef ${key.kid}`);
164
231
  }
@@ -172,7 +239,7 @@ var getControllerKey = /* @__PURE__ */ __name(({ identifier }) => {
172
239
  return key;
173
240
  }, "getControllerKey");
174
241
  var getKeys = /* @__PURE__ */ __name(({ jwkThumbprint, kms, identifier, kmsKeyRef, keyType, controllerKey }) => {
175
- return identifier.keys.filter((key) => !keyType || key.type === keyType).filter((key) => !kms || key.kms === kms).filter((key) => !kmsKeyRef || key.kid === kmsKeyRef).filter((key) => !jwkThumbprint || _optionalChain([key, 'access', _37 => _37.meta, 'optionalAccess', _38 => _38.jwkThumbprint]) === jwkThumbprint).filter((key) => !controllerKey || identifier.controllerKeyId === key.kid);
242
+ return identifier.keys.filter((key) => !keyType || key.type === keyType).filter((key) => !kms || key.kms === kms).filter((key) => !kmsKeyRef || key.kid === kmsKeyRef).filter((key) => !jwkThumbprint || key.meta?.jwkThumbprint === jwkThumbprint).filter((key) => !controllerKey || identifier.controllerKeyId === key.kid);
176
243
  }, "getKeys");
177
244
  async function dereferenceDidKeysWithJwkSupport(didDocument, section = "keyAgreement", context) {
178
245
  const convert = section === "keyAgreement";
@@ -193,7 +260,7 @@ async function dereferenceDidKeysWithJwkSupport(didDocument, section = "keyAgree
193
260
  } else {
194
261
  return key;
195
262
  }
196
- }))).filter(_utils.isDefined).map((key) => {
263
+ }))).filter(import_utils.isDefined).map((key) => {
197
264
  const hexKey = extractPublicKeyHexWithJwkSupport(key, convert);
198
265
  const { publicKeyHex, publicKeyBase58, publicKeyBase64, publicKeyJwk, ...keyProps } = key;
199
266
  const newKey = {
@@ -209,22 +276,22 @@ async function dereferenceDidKeysWithJwkSupport(didDocument, section = "keyAgree
209
276
  __name(dereferenceDidKeysWithJwkSupport, "dereferenceDidKeysWithJwkSupport");
210
277
  function jwkTtoPublicKeyHex(jwk) {
211
278
  const vm = {
212
- publicKeyJwk: _ssisdkextkeyutils.sanitizedJwk.call(void 0, jwk)
279
+ publicKeyJwk: (0, import_ssi_sdk_ext.sanitizedJwk)(jwk)
213
280
  };
214
281
  return extractPublicKeyHexWithJwkSupport(vm);
215
282
  }
216
283
  __name(jwkTtoPublicKeyHex, "jwkTtoPublicKeyHex");
217
284
  function extractPublicKeyHexWithJwkSupport(pk, convert = false) {
218
285
  if (pk.publicKeyJwk) {
219
- const jwk = _ssisdkextkeyutils.sanitizedJwk.call(void 0, pk.publicKeyJwk);
286
+ const jwk = (0, import_ssi_sdk_ext.sanitizedJwk)(pk.publicKeyJwk);
220
287
  if (jwk.kty === "EC") {
221
288
  const curve = jwk.crv ? toEcLibCurve(jwk.crv) : "p256";
222
- const xHex = _ssisdkextx509utils.base64ToHex.call(void 0, jwk.x, "base64url");
223
- const yHex = _ssisdkextx509utils.base64ToHex.call(void 0, jwk.y, "base64url");
289
+ const xHex = (0, import_ssi_sdk_ext2.base64ToHex)(jwk.x, "base64url");
290
+ const yHex = (0, import_ssi_sdk_ext2.base64ToHex)(jwk.y, "base64url");
224
291
  const prefix = "04";
225
292
  const hex = `${prefix}${xHex}${yHex}`;
226
293
  try {
227
- const ec = new _elliptic2.default.ec(curve);
294
+ const ec = new import_elliptic.default.ec(curve);
228
295
  const publicKeyHex = ec.keyFromPublic(hex, "hex").getPublic(true, "hex");
229
296
  return publicKeyHex;
230
297
  } catch (error) {
@@ -233,7 +300,7 @@ function extractPublicKeyHexWithJwkSupport(pk, convert = false) {
233
300
  } else if (jwk.crv === "Ed25519") {
234
301
  return toString(fromString(jwk.x, "base64url"), "base16");
235
302
  } else if (jwk.kty === "RSA") {
236
- return _ssisdkextx509utils.hexKeyFromPEMBasedJwk.call(void 0, jwk, "public");
303
+ return (0, import_ssi_sdk_ext2.hexKeyFromPEMBasedJwk)(jwk, "public");
237
304
  }
238
305
  }
239
306
  return extractPublicKeyHex(pk, convert);
@@ -255,23 +322,23 @@ function isEvenHexString(hex) {
255
322
  __name(isEvenHexString, "isEvenHexString");
256
323
  function extractPublicKeyHex(pk, convert = false) {
257
324
  let keyBytes = extractPublicKeyBytes(pk);
258
- const jwk = pk.publicKeyJwk ? _ssisdkextkeyutils.sanitizedJwk.call(void 0, pk.publicKeyJwk) : void 0;
325
+ const jwk = pk.publicKeyJwk ? (0, import_ssi_sdk_ext.sanitizedJwk)(pk.publicKeyJwk) : void 0;
259
326
  if (convert) {
260
327
  if ([
261
328
  "Ed25519",
262
329
  "Ed25519VerificationKey2018",
263
330
  "Ed25519VerificationKey2020"
264
- ].includes(pk.type) || pk.type === "JsonWebKey2020" && _optionalChain([jwk, 'optionalAccess', _39 => _39.crv]) === "Ed25519") {
265
- keyBytes = _ed25519.convertPublicKeyToX25519.call(void 0, keyBytes);
331
+ ].includes(pk.type) || pk.type === "JsonWebKey2020" && jwk?.crv === "Ed25519") {
332
+ keyBytes = (0, import_ed25519.convertPublicKeyToX25519)(keyBytes);
266
333
  } else if (![
267
334
  "X25519",
268
335
  "X25519KeyAgreementKey2019",
269
336
  "X25519KeyAgreementKey2020"
270
- ].includes(pk.type) && !(pk.type === "JsonWebKey2020" && _optionalChain([jwk, 'optionalAccess', _40 => _40.crv]) === "X25519")) {
337
+ ].includes(pk.type) && !(pk.type === "JsonWebKey2020" && jwk?.crv === "X25519")) {
271
338
  return "";
272
339
  }
273
340
  }
274
- return _ssisdkcore.bytesToHex.call(void 0, keyBytes);
341
+ return (0, import_ssi_sdk.bytesToHex)(keyBytes);
275
342
  }
276
343
  __name(extractPublicKeyHex, "extractPublicKeyHex");
277
344
  function toEcLibCurve(input) {
@@ -280,17 +347,17 @@ function toEcLibCurve(input) {
280
347
  __name(toEcLibCurve, "toEcLibCurve");
281
348
  function extractPublicKeyBytes(pk) {
282
349
  if (pk.publicKeyBase58) {
283
- return _ssisdkcore.base58ToBytes.call(void 0, pk.publicKeyBase58);
350
+ return (0, import_ssi_sdk.base58ToBytes)(pk.publicKeyBase58);
284
351
  } else if (pk.publicKeyMultibase) {
285
- return _ssisdkcore.multibaseKeyToBytes.call(void 0, pk.publicKeyMultibase);
352
+ return (0, import_ssi_sdk.multibaseKeyToBytes)(pk.publicKeyMultibase);
286
353
  } else if (pk.publicKeyBase64) {
287
- return _ssisdkcore.base64ToBytes.call(void 0, pk.publicKeyBase64);
354
+ return (0, import_ssi_sdk.base64ToBytes)(pk.publicKeyBase64);
288
355
  } else if (pk.publicKeyHex) {
289
- return _ssisdkcore.hexToBytes.call(void 0, pk.publicKeyHex);
290
- } else if (_optionalChain([pk, 'access', _41 => _41.publicKeyJwk, 'optionalAccess', _42 => _42.crv]) && pk.publicKeyJwk.x && pk.publicKeyJwk.y) {
291
- return _ssisdkcore.hexToBytes.call(void 0, extractPublicKeyHexWithJwkSupport(pk));
356
+ return (0, import_ssi_sdk.hexToBytes)(pk.publicKeyHex);
357
+ } else if (pk.publicKeyJwk?.crv && pk.publicKeyJwk.x && pk.publicKeyJwk.y) {
358
+ return (0, import_ssi_sdk.hexToBytes)(extractPublicKeyHexWithJwkSupport(pk));
292
359
  } else if (pk.publicKeyJwk && (pk.publicKeyJwk.crv === "Ed25519" || pk.publicKeyJwk.crv === "X25519") && pk.publicKeyJwk.x) {
293
- return _ssisdkcore.base64ToBytes.call(void 0, pk.publicKeyJwk.x);
360
+ return (0, import_ssi_sdk.base64ToBytes)(pk.publicKeyJwk.x);
294
361
  }
295
362
  return new Uint8Array();
296
363
  }
@@ -298,8 +365,8 @@ __name(extractPublicKeyBytes, "extractPublicKeyBytes");
298
365
  function verificationMethodToJwk(vm) {
299
366
  let jwk = vm.publicKeyJwk;
300
367
  if (!jwk) {
301
- let publicKeyHex = _nullishCoalesce(vm.publicKeyHex, () => ( toString(extractPublicKeyBytes(vm), "hex")));
302
- jwk = _ssisdkextkeyutils.toJwk.call(void 0, publicKeyHex, _ssisdkextkeyutils.keyTypeFromCryptographicSuite.call(void 0, {
368
+ let publicKeyHex = vm.publicKeyHex ?? toString(extractPublicKeyBytes(vm), "hex");
369
+ jwk = (0, import_ssi_sdk_ext.toJwk)(publicKeyHex, (0, import_ssi_sdk_ext.keyTypeFromCryptographicSuite)({
303
370
  crv: vm.type
304
371
  }));
305
372
  }
@@ -307,11 +374,11 @@ function verificationMethodToJwk(vm) {
307
374
  throw Error(`Could not convert verification method to jwk`);
308
375
  }
309
376
  jwk.kid = vm.id;
310
- return _ssisdkextkeyutils.sanitizedJwk.call(void 0, jwk);
377
+ return (0, import_ssi_sdk_ext.sanitizedJwk)(jwk);
311
378
  }
312
379
  __name(verificationMethodToJwk, "verificationMethodToJwk");
313
380
  function didDocumentSectionToJwks(didDocumentSection, searchForVerificationMethods, verificationMethods) {
314
- const jwks = new Set((_nullishCoalesce(searchForVerificationMethods, () => ( []))).map((vmOrId) => typeof vmOrId === "object" ? vmOrId : _optionalChain([verificationMethods, 'optionalAccess', _43 => _43.find, 'call', _44 => _44((vm) => vm.id === vmOrId)])).filter(_utils.isDefined).map((vm) => verificationMethodToJwk(vm)));
381
+ const jwks = new Set((searchForVerificationMethods ?? []).map((vmOrId) => typeof vmOrId === "object" ? vmOrId : verificationMethods?.find((vm) => vm.id === vmOrId)).filter(import_utils.isDefined).map((vm) => verificationMethodToJwk(vm)));
315
382
  return {
316
383
  didDocumentSection,
317
384
  jwks: Array.from(jwks)
@@ -333,15 +400,15 @@ function didDocumentToJwks(didDocument) {
333
400
  }
334
401
  __name(didDocumentToJwks, "didDocumentToJwks");
335
402
  async function mapIdentifierKeysToDocWithJwkSupport({ identifier, vmRelationship = "verificationMethod", didDocument }, context) {
336
- const didDoc = await _asyncNullishCoalesce(didDocument, async () => ( await getAgentResolver(context).resolve(identifier.did).then((result) => result.didDocument)));
403
+ const didDoc = didDocument ?? await getAgentResolver(context).resolve(identifier.did).then((result) => result.didDocument);
337
404
  if (!didDoc) {
338
405
  throw Error(`Could not resolve DID ${identifier.did}`);
339
406
  }
340
- const keys = didDoc ? [] : await _utils.mapIdentifierKeysToDoc.call(void 0, identifier, vmRelationship, context);
407
+ const keys = didDoc ? [] : await (0, import_utils.mapIdentifierKeysToDoc)(identifier, vmRelationship, context);
341
408
  const documentKeys = await dereferenceDidKeysWithJwkSupport(didDoc, vmRelationship, context);
342
- const localKeys = vmRelationship === "keyAgreement" ? _utils.convertIdentifierEncryptionKeys.call(void 0, identifier) : _utils.compressIdentifierSecp256k1Keys.call(void 0, identifier);
409
+ const localKeys = vmRelationship === "keyAgreement" ? (0, import_utils.convertIdentifierEncryptionKeys)(identifier) : (0, import_utils.compressIdentifierSecp256k1Keys)(identifier);
343
410
  const extendedKeys = documentKeys.map((verificationMethod) => {
344
- const localKey = localKeys.find((localKey2) => localKey2.publicKeyHex === verificationMethod.publicKeyHex || _optionalChain([verificationMethod, 'access', _45 => _45.publicKeyHex, 'optionalAccess', _46 => _46.startsWith, 'call', _47 => _47(localKey2.publicKeyHex)]) || compareBlockchainAccountId(localKey2, verificationMethod));
411
+ const localKey = localKeys.find((localKey2) => localKey2.publicKeyHex === verificationMethod.publicKeyHex || verificationMethod.publicKeyHex?.startsWith(localKey2.publicKeyHex) || compareBlockchainAccountId(localKey2, verificationMethod));
345
412
  if (localKey) {
346
413
  const { meta, ...localProps } = localKey;
347
414
  return {
@@ -354,7 +421,7 @@ async function mapIdentifierKeysToDocWithJwkSupport({ identifier, vmRelationship
354
421
  } else {
355
422
  return null;
356
423
  }
357
- }).filter(_utils.isDefined);
424
+ }).filter(import_utils.isDefined);
358
425
  return keys.concat(extendedKeys);
359
426
  }
360
427
  __name(mapIdentifierKeysToDocWithJwkSupport, "mapIdentifierKeysToDocWithJwkSupport");
@@ -362,11 +429,11 @@ function compareBlockchainAccountId(localKey, verificationMethod) {
362
429
  if (verificationMethod.type !== "EcdsaSecp256k1RecoveryMethod2020" && verificationMethod.type !== "EcdsaSecp256k1VerificationKey2019" || localKey.type !== "Secp256k1") {
363
430
  return false;
364
431
  }
365
- let vmEthAddr = _utils.getEthereumAddress.call(void 0, verificationMethod);
366
- if (_optionalChain([localKey, 'access', _48 => _48.meta, 'optionalAccess', _49 => _49.account])) {
367
- return vmEthAddr === _optionalChain([localKey, 'access', _50 => _50.meta, 'optionalAccess', _51 => _51.account, 'access', _52 => _52.toLowerCase, 'call', _53 => _53()]);
432
+ let vmEthAddr = (0, import_utils.getEthereumAddress)(verificationMethod);
433
+ if (localKey.meta?.account) {
434
+ return vmEthAddr === localKey.meta?.account.toLowerCase();
368
435
  }
369
- const computedAddr = _transactions.computeAddress.call(void 0, "0x" + localKey.publicKeyHex).toLowerCase();
436
+ const computedAddr = (0, import_transactions.computeAddress)("0x" + localKey.publicKeyHex).toLowerCase();
370
437
  return computedAddr === vmEthAddr;
371
438
  }
372
439
  __name(compareBlockchainAccountId, "compareBlockchainAccountId");
@@ -404,9 +471,9 @@ async function getKey({ identifier, vmRelationship = "authentication", kmsKeyRef
404
471
  if (!identifier) {
405
472
  return Promise.reject(new Error(`No identifier provided to getKey method!`));
406
473
  }
407
- const kmsKeyRefParts = _optionalChain([kmsKeyRef, 'optionalAccess', _54 => _54.split, 'call', _55 => _55(`#`)]);
408
- const kid = kmsKeyRefParts ? _optionalChain([kmsKeyRefParts, 'optionalAccess', _56 => _56.length]) === 2 ? kmsKeyRefParts[1] : kmsKeyRefParts[0] : void 0;
409
- let identifierKey = kmsKeyRef ? identifier.keys.find((key) => key.kid === kid || _optionalChain([key, 'optionalAccess', _57 => _57.meta, 'optionalAccess', _58 => _58.jwkThumbprint]) === kid) : void 0;
474
+ const kmsKeyRefParts = kmsKeyRef?.split(`#`);
475
+ const kid = kmsKeyRefParts ? kmsKeyRefParts?.length === 2 ? kmsKeyRefParts[1] : kmsKeyRefParts[0] : void 0;
476
+ let identifierKey = kmsKeyRef ? identifier.keys.find((key) => key.kid === kid || key?.meta?.jwkThumbprint === kid) : void 0;
410
477
  if (!identifierKey) {
411
478
  const keys = await mapIdentifierKeysToDocWithJwkSupport({
412
479
  identifier,
@@ -416,10 +483,10 @@ async function getKey({ identifier, vmRelationship = "authentication", kmsKeyRef
416
483
  throw new Error(`No keys found for verificationMethodSection: ${vmRelationship} and did ${identifier.did}`);
417
484
  }
418
485
  if (kmsKeyRef) {
419
- identifierKey = keys.find((key) => _optionalChain([key, 'access', _59 => _59.meta, 'access', _60 => _60.verificationMethod, 'optionalAccess', _61 => _61.id]) === kmsKeyRef || kid && _optionalChain([key, 'access', _62 => _62.meta, 'access', _63 => _63.verificationMethod, 'optionalAccess', _64 => _64.id, 'optionalAccess', _65 => _65.includes, 'call', _66 => _66(kid)]));
486
+ identifierKey = keys.find((key) => key.meta.verificationMethod?.id === kmsKeyRef || kid && key.meta.verificationMethod?.id?.includes(kid));
420
487
  }
421
488
  if (!identifierKey) {
422
- identifierKey = keys.find((key) => _optionalChain([key, 'access', _67 => _67.meta, 'access', _68 => _68.verificationMethod, 'optionalAccess', _69 => _69.type]) === vmRelationship || _optionalChain([key, 'access', _70 => _70.meta, 'access', _71 => _71.purposes, 'optionalAccess', _72 => _72.includes, 'call', _73 => _73(vmRelationship)]));
489
+ identifierKey = keys.find((key) => key.meta.verificationMethod?.type === vmRelationship || key.meta.purposes?.includes(vmRelationship));
423
490
  }
424
491
  if (!identifierKey) {
425
492
  identifierKey = keys[0];
@@ -441,8 +508,8 @@ async function legacyGetIdentifier({ identifier }, context) {
441
508
  }
442
509
  __name(legacyGetIdentifier, "legacyGetIdentifier");
443
510
  async function determineKid({ key, idOpts }, context) {
444
- if (_optionalChain([key, 'access', _74 => _74.meta, 'optionalAccess', _75 => _75.verificationMethod, 'optionalAccess', _76 => _76.id])) {
445
- return _optionalChain([key, 'access', _77 => _77.meta, 'optionalAccess', _78 => _78.verificationMethod, 'optionalAccess', _79 => _79.id]);
511
+ if (key.meta?.verificationMethod?.id) {
512
+ return key.meta?.verificationMethod?.id;
446
513
  }
447
514
  const identifier = await legacyGetIdentifier(idOpts, context);
448
515
  const mappedKeys = await mapIdentifierKeysToDocWithJwkSupport({
@@ -451,13 +518,13 @@ async function determineKid({ key, idOpts }, context) {
451
518
  }, context);
452
519
  const vmKey = mappedKeys.find((extendedKey) => extendedKey.kid === key.kid);
453
520
  if (vmKey) {
454
- return _nullishCoalesce(_nullishCoalesce(_nullishCoalesce(_optionalChain([vmKey, 'access', _80 => _80.meta, 'optionalAccess', _81 => _81.verificationMethod, 'optionalAccess', _82 => _82.id]), () => ( _optionalChain([vmKey, 'access', _83 => _83.meta, 'optionalAccess', _84 => _84.jwkThumbprint]))), () => ( idOpts.kmsKeyRef)), () => ( vmKey.kid));
521
+ return vmKey.meta?.verificationMethod?.id ?? vmKey.meta?.jwkThumbprint ?? idOpts.kmsKeyRef ?? vmKey.kid;
455
522
  }
456
- return _nullishCoalesce(_nullishCoalesce(_optionalChain([key, 'access', _85 => _85.meta, 'optionalAccess', _86 => _86.jwkThumbprint]), () => ( idOpts.kmsKeyRef)), () => ( key.kid));
523
+ return key.meta?.jwkThumbprint ?? idOpts.kmsKeyRef ?? key.kid;
457
524
  }
458
525
  __name(determineKid, "determineKid");
459
526
  async function getSupportedDIDMethods(didOpts, context) {
460
- return await _asyncNullishCoalesce(didOpts.supportedDIDMethods, async () => ( await getAgentDIDMethods(context)));
527
+ return didOpts.supportedDIDMethods ?? await getAgentDIDMethods(context);
461
528
  }
462
529
  __name(getSupportedDIDMethods, "getSupportedDIDMethods");
463
530
  function getAgentResolver(context, opts) {
@@ -468,15 +535,15 @@ var AgentDIDResolver = class {
468
535
  static {
469
536
  __name(this, "AgentDIDResolver");
470
537
  }
471
-
472
-
473
-
474
-
538
+ context;
539
+ resolverResolution;
540
+ uniresolverResolution;
541
+ localResolution;
475
542
  constructor(context, opts) {
476
543
  this.context = context;
477
- this.resolverResolution = _optionalChain([opts, 'optionalAccess', _87 => _87.resolverResolution]) !== false;
478
- this.uniresolverResolution = _optionalChain([opts, 'optionalAccess', _88 => _88.uniresolverResolution]) !== false;
479
- this.localResolution = _optionalChain([opts, 'optionalAccess', _89 => _89.localResolution]) !== false;
544
+ this.resolverResolution = opts?.resolverResolution !== false;
545
+ this.uniresolverResolution = opts?.uniresolverResolution !== false;
546
+ this.localResolution = opts?.localResolution !== false;
480
547
  }
481
548
  async resolve(didUrl, options) {
482
549
  let resolutionResult;
@@ -534,7 +601,7 @@ var AgentDIDResolver = class {
534
601
  }
535
602
  if (!resolutionResult && this.uniresolverResolution) {
536
603
  console.log(`Using universal resolver resolution for did ${didUrl} `);
537
- resolutionResult = await new (0, _diduniclient.UniResolver)().resolve(didUrl, options);
604
+ resolutionResult = await new import_did_uni_client.UniResolver().resolve(didUrl, options);
538
605
  if (!origResolutionResult) {
539
606
  origResolutionResult = resolutionResult;
540
607
  }
@@ -548,13 +615,13 @@ var AgentDIDResolver = class {
548
615
  if (!resolutionResult && !origResolutionResult) {
549
616
  throw `Could not resolve ${didUrl}. Resolutions tried: online: ${this.resolverResolution}, local: ${this.localResolution}, uni resolver: ${this.uniresolverResolution}`;
550
617
  }
551
- return _nullishCoalesce(resolutionResult, () => ( origResolutionResult));
618
+ return resolutionResult ?? origResolutionResult;
552
619
  }
553
620
  };
554
621
  function toDidDocument(identifier, opts) {
555
622
  let didDocument = void 0;
556
623
  if (identifier) {
557
- const did = _nullishCoalesce(identifier.did, () => ( _optionalChain([opts, 'optionalAccess', _90 => _90.did])));
624
+ const did = identifier.did ?? opts?.did;
558
625
  didDocument = {
559
626
  "@context": "https://www.w3.org/ns/did/v1",
560
627
  id: did,
@@ -562,48 +629,48 @@ function toDidDocument(identifier, opts) {
562
629
  const vm = {
563
630
  controller: did,
564
631
  id: key.kid.startsWith(did) && key.kid.includes("#") ? key.kid : `${did}#${key.kid}`,
565
- publicKeyJwk: _ssisdkextkeyutils.toJwk.call(void 0, key.publicKeyHex, key.type, {
566
- use: _ssisdkextkeyutils.ENC_KEY_ALGS.includes(key.type) ? _ssisdkextkeyutils.JwkKeyUse.Encryption : _ssisdkextkeyutils.JwkKeyUse.Signature,
632
+ publicKeyJwk: (0, import_ssi_sdk_ext.toJwk)(key.publicKeyHex, key.type, {
633
+ use: import_ssi_sdk_ext.ENC_KEY_ALGS.includes(key.type) ? import_ssi_sdk_ext.JwkKeyUse.Encryption : import_ssi_sdk_ext.JwkKeyUse.Signature,
567
634
  key
568
635
  }),
569
636
  type: "JsonWebKey2020"
570
637
  };
571
638
  return vm;
572
639
  }),
573
- ...(_optionalChain([opts, 'optionalAccess', _91 => _91.use]) === void 0 || _optionalChain([opts, 'optionalAccess', _92 => _92.use, 'optionalAccess', _93 => _93.includes, 'call', _94 => _94(_ssisdkextkeyutils.JwkKeyUse.Signature)])) && identifier.keys && {
574
- assertionMethod: identifier.keys.filter((key) => _optionalChain([key, 'optionalAccess', _95 => _95.meta, 'optionalAccess', _96 => _96.purpose]) === void 0 || _optionalChain([key, 'optionalAccess', _97 => _97.meta, 'optionalAccess', _98 => _98.purpose]) === "assertionMethod" || _optionalChain([key, 'optionalAccess', _99 => _99.meta, 'optionalAccess', _100 => _100.purposes, 'optionalAccess', _101 => _101.includes, 'call', _102 => _102("assertionMethod")])).map((key) => {
640
+ ...(opts?.use === void 0 || opts?.use?.includes(import_ssi_sdk_ext.JwkKeyUse.Signature)) && identifier.keys && {
641
+ assertionMethod: identifier.keys.filter((key) => key?.meta?.purpose === void 0 || key?.meta?.purpose === "assertionMethod" || key?.meta?.purposes?.includes("assertionMethod")).map((key) => {
575
642
  if (key.kid.startsWith(did) && key.kid.includes("#")) {
576
643
  return key.kid;
577
644
  }
578
645
  return `${did}#${key.kid}`;
579
646
  })
580
647
  },
581
- ...(_optionalChain([opts, 'optionalAccess', _103 => _103.use]) === void 0 || _optionalChain([opts, 'optionalAccess', _104 => _104.use, 'optionalAccess', _105 => _105.includes, 'call', _106 => _106(_ssisdkextkeyutils.JwkKeyUse.Signature)])) && identifier.keys && {
582
- authentication: identifier.keys.filter((key) => _optionalChain([key, 'optionalAccess', _107 => _107.meta, 'optionalAccess', _108 => _108.purpose]) === void 0 || _optionalChain([key, 'optionalAccess', _109 => _109.meta, 'optionalAccess', _110 => _110.purpose]) === "authentication" || _optionalChain([key, 'optionalAccess', _111 => _111.meta, 'optionalAccess', _112 => _112.purposes, 'optionalAccess', _113 => _113.includes, 'call', _114 => _114("authentication")])).map((key) => {
648
+ ...(opts?.use === void 0 || opts?.use?.includes(import_ssi_sdk_ext.JwkKeyUse.Signature)) && identifier.keys && {
649
+ authentication: identifier.keys.filter((key) => key?.meta?.purpose === void 0 || key?.meta?.purpose === "authentication" || key?.meta?.purposes?.includes("authentication")).map((key) => {
583
650
  if (key.kid.startsWith(did) && key.kid.includes("#")) {
584
651
  return key.kid;
585
652
  }
586
653
  return `${did}#${key.kid}`;
587
654
  })
588
655
  },
589
- ...(_optionalChain([opts, 'optionalAccess', _115 => _115.use]) === void 0 || _optionalChain([opts, 'optionalAccess', _116 => _116.use, 'optionalAccess', _117 => _117.includes, 'call', _118 => _118(_ssisdkextkeyutils.JwkKeyUse.Encryption)])) && identifier.keys && {
590
- keyAgreement: identifier.keys.filter((key) => key.type === "X25519" || _optionalChain([key, 'optionalAccess', _119 => _119.meta, 'optionalAccess', _120 => _120.purpose]) === "keyAgreement" || _optionalChain([key, 'optionalAccess', _121 => _121.meta, 'optionalAccess', _122 => _122.purposes, 'optionalAccess', _123 => _123.includes, 'call', _124 => _124("keyAgreement")])).map((key) => {
656
+ ...(opts?.use === void 0 || opts?.use?.includes(import_ssi_sdk_ext.JwkKeyUse.Encryption)) && identifier.keys && {
657
+ keyAgreement: identifier.keys.filter((key) => key.type === "X25519" || key?.meta?.purpose === "keyAgreement" || key?.meta?.purposes?.includes("keyAgreement")).map((key) => {
591
658
  if (key.kid.startsWith(did) && key.kid.includes("#")) {
592
659
  return key.kid;
593
660
  }
594
661
  return `${did}#${key.kid}`;
595
662
  })
596
663
  },
597
- ...(_optionalChain([opts, 'optionalAccess', _125 => _125.use]) === void 0 || _optionalChain([opts, 'optionalAccess', _126 => _126.use, 'optionalAccess', _127 => _127.includes, 'call', _128 => _128(_ssisdkextkeyutils.JwkKeyUse.Encryption)])) && identifier.keys && {
598
- capabilityInvocation: identifier.keys.filter((key) => key.type === "X25519" || _optionalChain([key, 'optionalAccess', _129 => _129.meta, 'optionalAccess', _130 => _130.purpose]) === "capabilityInvocation" || _optionalChain([key, 'optionalAccess', _131 => _131.meta, 'optionalAccess', _132 => _132.purposes, 'optionalAccess', _133 => _133.includes, 'call', _134 => _134("capabilityInvocation")])).map((key) => {
664
+ ...(opts?.use === void 0 || opts?.use?.includes(import_ssi_sdk_ext.JwkKeyUse.Encryption)) && identifier.keys && {
665
+ capabilityInvocation: identifier.keys.filter((key) => key.type === "X25519" || key?.meta?.purpose === "capabilityInvocation" || key?.meta?.purposes?.includes("capabilityInvocation")).map((key) => {
599
666
  if (key.kid.startsWith(did) && key.kid.includes("#")) {
600
667
  return key.kid;
601
668
  }
602
669
  return `${did}#${key.kid}`;
603
670
  })
604
671
  },
605
- ...(_optionalChain([opts, 'optionalAccess', _135 => _135.use]) === void 0 || _optionalChain([opts, 'optionalAccess', _136 => _136.use, 'optionalAccess', _137 => _137.includes, 'call', _138 => _138(_ssisdkextkeyutils.JwkKeyUse.Encryption)])) && identifier.keys && {
606
- capabilityDelegation: identifier.keys.filter((key) => key.type === "X25519" || _optionalChain([key, 'optionalAccess', _139 => _139.meta, 'optionalAccess', _140 => _140.purpose]) === "capabilityDelegation" || _optionalChain([key, 'optionalAccess', _141 => _141.meta, 'optionalAccess', _142 => _142.purposes, 'optionalAccess', _143 => _143.includes, 'call', _144 => _144("capabilityDelegation")])).map((key) => {
672
+ ...(opts?.use === void 0 || opts?.use?.includes(import_ssi_sdk_ext.JwkKeyUse.Encryption)) && identifier.keys && {
673
+ capabilityDelegation: identifier.keys.filter((key) => key.type === "X25519" || key?.meta?.purpose === "capabilityDelegation" || key?.meta?.purposes?.includes("capabilityDelegation")).map((key) => {
607
674
  if (key.kid.startsWith(did) && key.kid.includes("#")) {
608
675
  return key.kid;
609
676
  }
@@ -619,7 +686,7 @@ function toDidDocument(identifier, opts) {
619
686
  }
620
687
  __name(toDidDocument, "toDidDocument");
621
688
  function toDidResolutionResult(identifier, opts) {
622
- const didDocument = _nullishCoalesce(toDidDocument(identifier, opts), () => ( null));
689
+ const didDocument = toDidDocument(identifier, opts) ?? null;
623
690
  const resolutionResult = {
624
691
  "@context": "https://w3id.org/did-resolution/v1",
625
692
  didDocument,
@@ -627,13 +694,13 @@ function toDidResolutionResult(identifier, opts) {
627
694
  ...!didDocument && {
628
695
  error: "notFound"
629
696
  },
630
- ...Array.isArray(_optionalChain([opts, 'optionalAccess', _145 => _145.supportedMethods])) && identifier && !_optionalChain([opts, 'optionalAccess', _146 => _146.supportedMethods, 'access', _147 => _147.includes, 'call', _148 => _148(identifier.provider.replace("did:", ""))]) && {
697
+ ...Array.isArray(opts?.supportedMethods) && identifier && !opts?.supportedMethods.includes(identifier.provider.replace("did:", "")) && {
631
698
  error: "unsupportedDidMethod"
632
699
  }
633
700
  },
634
701
  didDocumentMetadata: {
635
- ..._optionalChain([identifier, 'optionalAccess', _149 => _149.alias]) && {
636
- equivalentId: _optionalChain([identifier, 'optionalAccess', _150 => _150.alias])
702
+ ...identifier?.alias && {
703
+ equivalentId: identifier?.alias
637
704
  }
638
705
  }
639
706
  };
@@ -660,7 +727,7 @@ var signDidJWT = /* @__PURE__ */ __name(async (args) => {
660
727
  context
661
728
  })
662
729
  };
663
- return _didjwt.createJWT.call(void 0, payload, jwtOptions, header);
730
+ return (0, import_did_jwt.createJWT)(payload, jwtOptions, header);
664
731
  }, "signDidJWT");
665
732
  var getDidSigner = /* @__PURE__ */ __name(async (args) => {
666
733
  const { idOpts, context } = args;
@@ -670,7 +737,7 @@ var getDidSigner = /* @__PURE__ */ __name(async (args) => {
670
737
  vmRelationship: idOpts.verificationMethodSection,
671
738
  kmsKeyRef: idOpts.kmsKeyRef
672
739
  }, context);
673
- const algorithm = await _ssisdkextkeyutils.signatureAlgorithmFromKey.call(void 0, {
740
+ const algorithm = await (0, import_ssi_sdk_ext.signatureAlgorithmFromKey)({
674
741
  key
675
742
  });
676
743
  return async (data) => {
@@ -682,40 +749,4 @@ var getDidSigner = /* @__PURE__ */ __name(async (args) => {
682
749
  });
683
750
  };
684
751
  }, "getDidSigner");
685
-
686
-
687
-
688
-
689
-
690
-
691
-
692
-
693
-
694
-
695
-
696
-
697
-
698
-
699
-
700
-
701
-
702
-
703
-
704
-
705
-
706
-
707
-
708
-
709
-
710
-
711
-
712
-
713
-
714
-
715
-
716
-
717
-
718
-
719
-
720
- exports.AgentDIDResolver = AgentDIDResolver; exports.DID_PREFIX = DID_PREFIX; exports.IdentifierAliasEnum = IdentifierAliasEnum; exports.SupportedDidMethodEnum = SupportedDidMethodEnum; exports.asDidWeb = asDidWeb; exports.createIdentifier = createIdentifier; exports.dereferenceDidKeysWithJwkSupport = dereferenceDidKeysWithJwkSupport; exports.determineKid = determineKid; exports.didDocumentToJwks = didDocumentToJwks; exports.extractPublicKeyHex = extractPublicKeyHex; exports.extractPublicKeyHexWithJwkSupport = extractPublicKeyHexWithJwkSupport; exports.getAgentDIDMethods = getAgentDIDMethods; exports.getAgentResolver = getAgentResolver; exports.getAuthenticationKey = getAuthenticationKey; exports.getControllerKey = getControllerKey; exports.getDID = getDID; exports.getDidSigner = getDidSigner; exports.getEthereumAddressFromKey = getEthereumAddressFromKey; exports.getFirstKeyWithRelation = getFirstKeyWithRelation; exports.getFirstKeyWithRelationFromDIDDoc = getFirstKeyWithRelationFromDIDDoc; exports.getKey = getKey; exports.getKeys = getKeys; exports.getOrCreatePrimaryIdentifier = getOrCreatePrimaryIdentifier; exports.getPrimaryIdentifier = getPrimaryIdentifier; exports.getSupportedDIDMethods = getSupportedDIDMethods; exports.isEvenHexString = isEvenHexString; exports.jwkTtoPublicKeyHex = jwkTtoPublicKeyHex; exports.mapIdentifierKeysToDocWithJwkSupport = mapIdentifierKeysToDocWithJwkSupport; exports.signDidJWT = signDidJWT; exports.toDID = toDID; exports.toDIDs = toDIDs; exports.toDidDocument = toDidDocument; exports.toDidResolutionResult = toDidResolutionResult; exports.verificationMethodToJwk = verificationMethodToJwk;
721
752
  //# sourceMappingURL=index.cjs.map
package/dist/index.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["/home/runner/work/SSI-SDK-crypto-extensions/SSI-SDK-crypto-extensions/packages/did-utils/dist/index.cjs","../src/did-functions.ts","../src/types.ts"],"names":["SupportedDidMethodEnum","IdentifierAliasEnum","DID_PREFIX","fromString","toString","u8a","getAuthenticationKey","identifier","offlineWhenNoDIDRegistered","noVerificationMethodFallback","keyType","controllerKey","context","getFirstKeyWithRelation","vmRelationship","key","undefined","getFirstKeyWithRelationFromDIDDoc","errorOnNotFound","e","Error","message","includes","offlineDID","toDidDocument","didDocument","keys","map","filter","type","kid","controllerKeyId","find","meta","verificationMethod","purposes","did","opts","options","method","primaryIdentifier","createOpts","createdIdentifier","some","kms","result","toLowerCase","ethereumAddress","kmsKeyRef","section","convert","keyProps","hexKey","newKey","dereferenceDidKeysWithJwkSupport","jwk","vm","jwkTtoPublicKeyHex","yHex","curve","publicKeyHex","extractPublicKeyHexWithJwkSupport","lastChar","isEvenHexString","pk","keyBytes","extractPublicKeyHex","toEcLibCurve","y","publicKeyJwk","Uint8Array","extractPublicKeyBytes","id","verificationMethodToJwk","searchForVerificationMethods","didDocumentSection","jwks","didDocumentSectionToJwks","authentication","keyAgreement","didDocumentToJwks","convertIdentifierEncryptionKeys","localKey","localProps","isDefined","extendedKeys","mapIdentifierKeysToDocWithJwkSupport","vmEthAddr","compareBlockchainAccountId","provider","getAgentDIDMethods","getDID","toDID","toDIDs","kmsKeyRefParts","identifierKey","getKey","legacyGetIdentifier","jwkThumbprint","determineKid","getSupportedDIDMethods","getAgentResolver","AgentDIDResolver","resolverResolution","uniresolverResolution","localResolution","resolutionResult","origResolutionResult","err","didUrl","error","JwkKeyUse","purpose","services","supportedMethods","alias","toDidResolutionResult","hostnameOrDID","asDidWeb","args","idOpts","header","verificationMethodSection","data","TextDecoder","algorithm","input"],"mappings":"AAAA,4pCAAI,UAAU,EAAE,MAAM,CAAC,cAAc;AACrC,IAAI,OAAO,EAAE,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,SAAS,CAAC,MAAM,EAAE,MAAM,EAAE,EAAE,KAAK,EAAE,YAAY,EAAE,KAAK,CAAC,CAAC;AACxF;AACA;ACHA,2DAA+B;AAC/B,wDAA4B;AAC5B,oEASO;AACP,sEAAmD;AACnD,oDAA0F;AAE1F,6CAAyC;AAEzC,sCASO;AACP,iCAAkC;AAGlC,wFAAqB;AAErB,2FAAqB;ADlBrB;AACA;AEVO,IAAKA,uBAAAA,kBAAAA,QAAAA,CAAAA,uBAAAA,EAAAA;AFYZ,EAAE,uBAAuB,CAAC,UAAU,EAAE,EAAE,MAAM;AAC9C,EAAE,uBAAuB,CAAC,SAAS,EAAE,EAAE,KAAK;AAC5C,EAAE,uBAAuB,CAAC,SAAS,EAAE,EAAE,KAAK;AAC5C,EAAE,uBAAuB,CAAC,SAAS,EAAE,EAAE,KAAK;AAC5C,EAAE,uBAAuB,CAAC,UAAU,EAAE,EAAE,MAAM;AAC9C,EAAE,uBAAuB,CAAC,SAAS,EAAE,EAAE,KAAK;AAC5C,EAAE,uBAAuB,CAAC,SAAS,EAAE,EAAE,KAAK;AAC5C,EAAE,OEnBUA,uBAAAA;AFoBZ,CAAC,CAAC,CAAC,CAAC,CAAC;AEVE,IAAKC,oBAAAA,kBAAAA,QAAAA,CAAAA,oBAAAA,EAAAA;AFYZ,EAAE,oBAAoB,CAAC,SAAS,EAAE,EAAE,SAAS;AAC7C,EAAE,OEbUA,oBAAAA;AFcZ,CAAC,CAAC,CAAC,CAAC,CAAC;AE8BE,IAAMC,WAAAA,EAAa,MAAA;AF5B1B;AACA;ACCA,IAAM,EAAEC,UAAAA,EAAYC,SAAQ,EAAA,EAAKC,GAAAA;AAc1B,IAAMC,qBAAAA,kBAAuB,MAAA,CAAA,MAAA,CAClC,EACEC,UAAAA,EACAC,0BAAAA,EACAC,4BAAAA,EACAC,OAAAA,EACAC,cAAa,CAAA,EAQfC,OAAAA,EAAAA,GAAAA;AAEA,EAAA,OAAO,MAAMC,uBAAAA,CACX;AD5BJ,IC6BMN,UAAAA;AD5BN,IC6BMC,0BAAAA;AD5BN,IC6BMC,4BAAAA;AD5BN,IC6BMC,OAAAA;AD5BN,IC6BMC,aAAAA;AD5BN,IC6BMG,cAAAA,EAAgB;AD5BtB,EC6BI,CAAA,EACAF,OAAAA,CAAAA;AAEJ,CAAA,EA3BoC,sBAAA,CAAA;AA4B7B,IAAMC,wBAAAA,kBAA0B,MAAA,CAAA,MAAA,CACrC,EACEN,UAAAA,EACAC,0BAAAA,EACAC,4BAAAA,EACAC,OAAAA,EACAC,aAAAA,EACAG,eAAc,CAAA,EAShBF,OAAAA,EAAAA,GAAAA;AAEA,EAAA,IAAIG,IAAAA,EAAiCC,KAAAA,CAAAA;AACrC,EAAA,IAAI;AACFD,IAAAA,IAAAA,8BACG,MAAME,iCAAAA,CACL;ADjDR,MCkDUV,UAAAA;ADjDV,MCkDUO,cAAAA;ADjDV,MCkDUI,eAAAA,EAAiB,KAAA;ADjD3B,MCkDUR,OAAAA;ADjDV,MCkDUC;ADjDV,ICkDQ,CAAA,EACAC,OAAAA,CAAAA,gBAAAA,CAEDH,6BAAAA,GAAgCK,eAAAA,IAAmB,qBAAA,EAChDE,KAAAA,EAAAA,EACA,MAAMC,iCAAAA,CACJ;ADvDZ,MCwDcV,UAAAA;ADvDd,MCwDcO,cAAAA,EAAgB,oBAAA;ADvD9B,MCwDcI,eAAAA,EAAiB,KAAA;ADvD/B,MCwDcR,OAAAA;ADvDd,MCwDcC;ADvDd,ICwDY,CAAA,EACAC,OAAAA,CAAAA,GAAAA;ADxDZ,EC0DE,EAAA,MAAA,CAASO,CAAAA,EAAG;AACV,IAAA,GAAA,CAAIA,EAAAA,WAAaC,KAAAA,EAAO;AACtB,MAAA,GAAA,CAAI,CAACD,CAAAA,CAAEE,OAAAA,CAAQC,QAAAA,CAAS,KAAA,EAAA,GAAU,CAACd,0BAAAA,EAA4B;AAC7D,QAAA,MAAMW,CAAAA;ADzDd,MC0DM;ADzDN,IC0DI,EAAA,KAAO;AACL,MAAA,MAAMA,CAAAA;ADzDZ,IC0DI;ADzDJ,EC0DE;AACA,EAAA,GAAA,CAAI,CAACJ,IAAAA,GAAOP,0BAAAA,EAA4B;AACtC,IAAA,MAAMe,WAAAA,EAAaC,aAAAA,CAAcjB,UAAAA,CAAAA;AACjCQ,IAAAA,IAAAA,8BACG,MAAME,iCAAAA,CACL;AD3DR,MC4DUV,UAAAA;AD3DV,MC4DUO,cAAAA;AD3DV,MC4DUI,eAAAA,EAAiB,KAAA;AD3D3B,MC4DUO,WAAAA,EAAaF,UAAAA;AD3DvB,MC4DUb,OAAAA;AD3DV,MC4DUC;AD3DV,IC4DQ,CAAA,EACAC,OAAAA,CAAAA,gBAAAA,CAEDH,6BAAAA,GAAgCK,eAAAA,IAAmB,qBAAA,EAChDE,KAAAA,EAAAA,EACA,MAAMC,iCAAAA,CACJ;ADjEZ,MCkEcV,UAAAA;ADjEd,MCkEcO,cAAAA,EAAgB,oBAAA;ADjE9B,MCkEcI,eAAAA,EAAiB,KAAA;ADjE/B,MCkEcO,WAAAA,EAAaF,UAAAA;ADjE3B,MCkEcb,OAAAA;ADjEd,MCkEcC;ADjEd,ICkEY,CAAA,EACAC,OAAAA,CAAAA,GAAAA;AAER,IAAA,GAAA,CAAI,CAACG,GAAAA,EAAK;AACRA,MAAAA,IAAAA,EAAMR,UAAAA,CAAWmB,IAAAA,CACdC,GAAAA,CAAI,CAACZ,IAAAA,EAAAA,GAAQA,IAAAA,CAAAA,CACba,MAAAA,CAAO,CAACb,IAAAA,EAAAA,GAAQL,QAAAA,IAAYM,KAAAA,EAAAA,GAAaD,IAAAA,CAAIc,KAAAA,IAASnB,QAAAA,GAAYC,cAAAA,GAAiBI,IAAAA,CAAIe,IAAAA,IAAQvB,UAAAA,CAAWwB,eAAe,CAAA,CACzHC,IAAAA,CAAK,CAACjB,IAAAA,EAAAA,mBAAQA,IAAAA,mBAAIkB,IAAAA,qBAAKC,kBAAAA,6BAAoBL,IAAAA,qBAAKP,QAAAA,mBAAS,gBAAA,IAAA,mBAAqBP,IAAAA,qBAAIkB,IAAAA,qBAAKE,QAAAA,6BAAUb,QAAAA,mBAAS,gBAAA,GAAA,CAAA;ADtEnH,ICuEI;ADtEJ,ECuEE;AACA,EAAA,GAAA,CAAI,CAACP,GAAAA,EAAK;AACR,IAAA,MAAMK,KAAAA,CAAM,CAAA,0CAAA,EAA6Cb,UAAAA,CAAW6B,GAAG,CAAA,CAAA;AACzE,EAAA;AACOrB,EAAAA;AAzF8B;AA8FrCsB;AAE8D,EAAA;AAAuBC,IAAAA;AAA6B,IAAA;AAAeC,MAAAA;AAAO,IAAA;AAAG,EAAA;AACtG,EAAA;AAC5B,IAAA;AACI,MAAA;AACDC,MAAAA;AACV,IAAA;AACF,EAAA;AAEqD,EAAA;AACX,IAAA;AACnB,IAAA;AAAa,MAAA;AAAc,MAAA;AAAgBC,MAAAA;AAAW,IAAA;AACzDA,IAAAA;AACpB,EAAA;AAC0DJ,EAAAA;AACnD,EAAA;AACI,IAAA;AACDK,IAAAA;AACV,EAAA;AArB0C;AAwBoCL;AACP,EAAA;AAAkCE,IAAAA;AAC9BI,EAAAA;AAGX3B,EAAAA;AAL9B;AAQwCqB;AAC9B,EAAA;AACGO,IAAAA;AACzB,IAAA;AAAkCL,MAAAA;AAAS,IAAA;AACKF,IAAAA;AACzCC,IAAAA;AAC7B,EAAA;AAN8B;AAW5B/B;AAgB6D,EAAA;AAAEA,IAAAA;AAAYO,IAAAA;AAAgBW,IAAAA;AAAeb,EAAAA;AAClD,EAAA;AAEhBiB,IAAAA;AAE5B,IAAA;AACHgB,MAAAA;AACT,IAAA;AACF,EAAA;AACqB,EAAA;AAEuB/B,IAAAA;AAE5C,EAAA;AACOE,EAAAA;AAhCwC;AAmCe;AAChC,EAAA;AAChB,IAAA;AACd,EAAA;AACwE8B,EAAAA;AAClD,EAAA;AACR,IAAA;AACd,EAAA;AACOC,EAAAA;AARgC;AAWmC;AACThB,EAAAA;AACvD,EAAA;AAC+D,IAAA;AACzE,EAAA;AACOhB,EAAAA;AALuB;AAY9BiC;AAaGpB,EAAAA;AAjBkB;AAoCS;AAGF,EAAA;AACD,EAAA;AAClB,IAAA;AACT,EAAA;AAG4Cb,EAAAA;AACT,IAAA;AACvB,MAAA;AAC8C,QAAA;AAC9CU,UAAAA;AACQV,UAAAA;AACRkC,UAAAA;AACF,QAAA;AACU,MAAA;AACH,QAAA;AACT,MAAA;AACK,IAAA;AACElC,MAAAA;AACT,IAAA;AAKEA,EAAAA;AACkDmC,IAAAA;AACgB,IAAA;AACvD,IAAA;AAAKC,MAAAA;AAAwBC,MAAAA;AAAO,IAAA;AACU,IAAA;AAC7C,MAAA;AAChB,IAAA;AACOC,IAAAA;AACT,EAAA;AACJ;AAtCsBC;AAwCqB;AAGD,EAAA;AACXC,IAAAA;AAC7B,EAAA;AACyCC,EAAAA;AAC3C;AAPgBC;AAkBkF;AAC3E,EAAA;AACqB,IAAA;AAClB,IAAA;AAC4B,MAAA;AACf,MAAA;AACA,MAAA;AAClB,MAAA;AAGgBC,MAAAA;AAC3B,MAAA;AACyBC,QAAAA;AAEuC,QAAA;AAE3DC,QAAAA;AACY,MAAA;AAC0CD,QAAAA;AAC/D,MAAA;AACgC,IAAA;AACiB,MAAA;AACrB,IAAA;AACM,MAAA;AACpC,IAAA;AACF,EAAA;AAE+BT,EAAAA;AACjC;AA5BgBW;AA8B2B;AACO,EAAA;AACzC,EAAA;AAAC,IAAA;AAAK,IAAA;AAAK,IAAA;AAAK,IAAA;AAAK,IAAA;AAAK,IAAA;AAAK,IAAA;AAAK,IAAA;AAAcC,EAAAA;AAC3D;AAHgBC;AAkB6E;AACtDC,EAAAA;AACyBhD,EAAAA;AACjD,EAAA;AAET,IAAA;AAAC,MAAA;AAAW,MAAA;AAA8B,MAAA;AACI,IAAA;AAEViD,MAAAA;AAEnC,IAAA;AAAC,MAAA;AAAU,MAAA;AAA6B,MAAA;AACM,IAAA;AAExC,MAAA;AACT,IAAA;AACF,EAAA;AACkBA,EAAAA;AACpB;AAjBgBC;AAmBmB;AACwB,EAAA;AAC3D;AAFSC;AAI4C;AAC3B,EAAA;AACiB,IAAA;AACP,EAAA;AACgB,IAAA;AACS,EAAA;AACU,IAAA;AACzC,EAAA;AACO,IAAA;AACqCC,EAAAA;AAClBJ,IAAAA;AACiBK,EAAAA;AAC/B,IAAA;AACxC,EAAA;AACWC,EAAAA;AACb;AAfSC;AAiBqD;AAC9BF,EAAAA;AACpB,EAAA;AAC6Db,IAAAA;AACb,IAAA;AAAU3B,MAAAA;AAAK,IAAA;AACzE,EAAA;AACU,EAAA;AACkD,IAAA;AAC5D,EAAA;AACa2C,EAAAA;AACOjB,EAAAA;AACtB;AAXgBkB;AAedC;AAKsB,EAAA;AAIf,EAAA;AAAEC,IAAAA;AAAqCC,IAAAA;AAAM,EAAA;AACtD;AAZSC;AAgBiD;AACjD,EAAA;AACe,IAAA;AAC8CpD,MAAAA;AACFS,MAAAA;ADtJQ,IAAA;ACwJXT,IAAAA;AACUqD,IAAAA;AACJC,IAAAA;AACItD,IAAAA;AACAA,IAAAA;AACzE,EAAA;AACF;AAZgBuD;AAkCZlE;AAYWP,EAAAA;AAEA,EAAA;AAC0C,IAAA;AACvD,EAAA;AAKoEO,EAAAA;AAGsBA,EAAAA;AAEpCmE,EAAAA;AAI9C/C,EAAAA;AAMS0B,IAAAA;AAIC,IAAA;AACoBsB,MAAAA;AACzB,MAAA;AAAKC,QAAAA;AAAkB,QAAA;AAAKlD,UAAAA;AAAMC,UAAAA;AAAmB,QAAA;AAAE,MAAA;AACzD,IAAA;AACE,MAAA;AACT,IAAA;AAEMkD,EAAAA;AAESC,EAAAA;AACrB;AArDsBC;AAmEoE;AAEnBpD,EAAAA;AAG5D,IAAA;AACT,EAAA;AACmCA,EAAAA;AACP,EAAA;AACkBY,IAAAA;AAC9C,EAAA;AACkEA,EAAAA;AAC1CyC,EAAAA;AAC1B;AAbSC;AAemE;AACFC,EAAAA;AAC1E;AAFsBC;AAI6C;AACtB,EAAA;AAC3BnF,IAAAA;AACkC,EAAA;AACvB6B,IAAAA;AAC3B,EAAA;AACkD,EAAA;AACpD;AAPgBuD;AAS6D;AACvC,EAAA;AAC3BpF,IAAAA;AACT,EAAA;AACoB,EAAA;AACA6B,IAAAA;AACpB,EAAA;AACgD,EAAA;AAClD;AARgBwD;AAUoE;AAChE,EAAA;AACT,IAAA;AACT,EAAA;AACuBA,EAAAA;AACzB;AALgBC;AAWZ7C;AAQe,EAAA;AACiB,IAAA;AAClC,EAAA;AAE2C,EAAA;AACkB8C,EAAAA;AAEmBhE,EAAAA;AAC5D,EAAA;AACsC,IAAA;AAAEvB,MAAAA;AAAYO,MAAAA;AAAkCF,IAAAA;AACxE,IAAA;AACkCE,MAAAA;AAClE,IAAA;AACe,IAAA;AAE0C0D,MAAAA;AAEzD,IAAA;AACoB,IAAA;AAEqC3C,MAAAA;AAEzD,IAAA;AACoB,IAAA;AACG,MAAA;AACvB,IAAA;AACF,EAAA;AACoB,EAAA;AAEhB,IAAA;AAEJ,EAAA;AAEOkE,EAAAA;AACT;AA9CsBC;AA6De;AAEC,EAAA;AACO,IAAA;AAAOzF,MAAAA;AAAW,IAAA;AAC7D,EAAA;AACOA,EAAAA;AACT;AAZe0F;AA4BkC;AAET,EAAA;AACCzB,IAAAA;AACvC,EAAA;AACqD5D,EAAAA;AAEnD,EAAA;AACEL,IAAAA;AACgB,IAAA;AAElBK,EAAAA;AAEwE,EAAA;AAC/D,EAAA;AACgDsF,IAAAA;AAC3D,EAAA;AAE0DpE,EAAAA;AAC5D;AA3BsBqE;AA6BgF;AACpCvF,EAAAA;AAClE;AAFsBwF;AAUnB;AAEoC/D,EAAAA;AACvC;AATgBgE;AAWHC;AAAAA,EAAAA;ADzQ+D,IAAA;AACA,EAAA;ACyQzD1F,EAAAA;AACA2F,EAAAA;AACAC,EAAAA;AACAC,EAAAA;AAKf,EAAA;AACe7F,IAAAA;AACwC,IAAA;AACM,IAAA;AACZ,IAAA;AACnD,EAAA;AAE4F,EAAA;AACtF8F,IAAAA;AACAC,IAAAA;AACAC,IAAAA;AAC2DJ,IAAAA;AACjD,MAAA;AACd,IAAA;AAC6B,IAAA;AACvB,MAAA;AACqD,QAAA;AAAEK,UAAAA;AAAQvE,UAAAA;AAAQ,QAAA;AAClD,MAAA;AACjBwE,QAAAA;AACR,MAAA;AACF,IAAA;AACsB,IAAA;AACGJ,MAAAA;AACoB,MAAA;AACtB1F,QAAAA;AACrB,MAAA;AACK,IAAA;AACO,MAAA;AACd,IAAA;AAC+C,IAAA;AACjC,MAAA;AACR,MAAA;AAC4B,QAAA;AAC6B,QAAA;AAAEoB,UAAAA;AAAI,QAAA;AACX,QAAA;AAAEA,UAAAA;AAAI,QAAA;AAC1B,QAAA;AAC1BpB,UAAAA;AACD,QAAA;AAC0DoB,UAAAA;AACjE,QAAA;AACuB,MAAA;AACb,QAAA;AACF0E,UAAAA;AACR,QAAA;AACF,MAAA;AACF,IAAA;AACsB,IAAA;AACO,MAAA;AACFJ,QAAAA;AACzB,MAAA;AACmC,MAAA;AACd1F,QAAAA;AACrB,MAAA;AACF,IAAA;AACqD,IAAA;AACiB,MAAA;AACTsB,MAAAA;AAChC,MAAA;AACFoE,QAAAA;AACzB,MAAA;AACkC,MAAA;AAC1B1F,QAAAA;AACR,MAAA;AACF,IAAA;AAES,IAAA;AAED4F,MAAAA;AACR,IAAA;AACgD,IAAA;AACwBL,MAAAA;AACxE,IAAA;AAC2BI,IAAAA;AAC7B,EAAA;AACF;AAiBG;AAE0C3F,EAAAA;AAE3B,EAAA;AACsBoB,IAAAA;AACtB,IAAA;AACA,MAAA;AACRA,MAAAA;AACqCrB,MAAAA;AACR,QAAA;AACjBqB,UAAAA;AACqD,UAAA;AACjB,UAAA;AACgB2E,YAAAA;AAC9DhG,YAAAA;AACF,UAAA;AACM,UAAA;AACR,QAAA;AACOyC,QAAAA;AACT,MAAA;AACuE,MAAA;AAKlDwD,QAAAA;AAGyC,UAAA;AACzClF,YAAAA;AACb,UAAA;AACwB,UAAA;AAC1B,QAAA;AACJ,MAAA;AACqE,MAAA;AAI3CkF,QAAAA;AAGkC,UAAA;AACzClF,YAAAA;AACb,UAAA;AACwB,UAAA;AAC1B,QAAA;AACJ,MAAA;AACsE,MAAA;AAGpC,QAAA;AAE0B,UAAA;AACzCA,YAAAA;AACb,UAAA;AACwB,UAAA;AAC1B,QAAA;AACJ,MAAA;AACsE,MAAA;AAI1C,QAAA;AAGgC,UAAA;AACzCA,YAAAA;AACb,UAAA;AACwB,UAAA;AAC1B,QAAA;AACJ,MAAA;AACsE,MAAA;AAI1C,QAAA;AAGgC,UAAA;AACzCA,YAAAA;AACb,UAAA;AACwB,UAAA;AAC1B,QAAA;AACJ,MAAA;AAC2D,MAAA;AAAsBmF,QAAAA;AAAS,MAAA;AAC9F,IAAA;AACF,EAAA;AACOxF,EAAAA;AACT;AA9FgBD;AAqGb;AAEsD,EAAA;AAET,EAAA;AAChC,IAAA;AACZC,IAAAA;AACuB,IAAA;AACD,MAAA;AAAS,QAAA;AAAW,MAAA;AAG/ByF,MAAAA;AAA+E,QAAA;AAAuB,MAAA;AACjH,IAAA;AACqB,IAAA;AACM,MAAA;AAA4BC,QAAAA;AAAM,MAAA;AAC7D,IAAA;AACF,EAAA;AACOT,EAAAA;AACT;AAvBgBU;AAyBoC;AACxCC,EAAAA;AACA,EAAA;AACI,IAAA;AACd,EAAA;AACgC,EAAA;AACvBjF,IAAAA;AACT,EAAA;AAC+DU,EAAAA;AACjE;AATsBwE;AAcWC;AACuBA,EAAAA;AACnC,EAAA;AACdjF,IAAAA;AACwB,IAAA;AAAEkF,MAAAA;AAAQ5G,MAAAA;AAAQ,IAAA;AAC/C,EAAA;AAEsC6G,EAAAA;AAPd;AAcxBF;AAiB4BA,EAAAA;AAEyB3G,EAAAA;AAEnD,EAAA;AACEL,IAAAA;AACuBmH,IAAAA;AACL1E,IAAAA;AAEpBpC,EAAAA;AAEgD,EAAA;AAAEG,IAAAA;AAAI,EAAA;AAE1C4G,EAAAA;AAC0DC,IAAAA;AAC5B,IAAA;AAC5B9F,MAAAA;AACZ+F,MAAAA;AACMC,MAAAA;AACR,IAAA;AACF,EAAA;AAtC0B;ADpSgD;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA","file":"/home/runner/work/SSI-SDK-crypto-extensions/SSI-SDK-crypto-extensions/packages/did-utils/dist/index.cjs","sourcesContent":[null,"import { computeAddress } from '@ethersproject/transactions'\nimport { UniResolver } from '@sphereon/did-uni-client'\nimport {\n ENC_KEY_ALGS,\n getKms,\n JwkKeyUse,\n keyTypeFromCryptographicSuite,\n sanitizedJwk,\n signatureAlgorithmFromKey,\n TKeyType,\n toJwk,\n} from '@sphereon/ssi-sdk-ext.key-utils'\nimport { base64ToHex, hexKeyFromPEMBasedJwk } from '@sphereon/ssi-sdk-ext.x509-utils'\nimport { base58ToBytes, base64ToBytes, bytesToHex, hexToBytes, multibaseKeyToBytes } from '@sphereon/ssi-sdk.core'\nimport { JWK } from '@sphereon/ssi-types'\nimport { convertPublicKeyToX25519 } from '@stablelib/ed25519'\nimport { DIDDocument, DIDDocumentSection, DIDResolutionResult, IAgentContext, IDIDManager, IIdentifier, IKey, IResolver } from '@veramo/core'\nimport {\n _ExtendedIKey,\n _ExtendedVerificationMethod,\n _NormalizedVerificationMethod,\n compressIdentifierSecp256k1Keys,\n convertIdentifierEncryptionKeys,\n getEthereumAddress,\n isDefined,\n mapIdentifierKeysToDoc,\n} from '@veramo/utils'\nimport { createJWT, Signer } from 'did-jwt'\nimport { DIDResolutionOptions, JsonWebKey, Resolvable, VerificationMethod } from 'did-resolver'\n// @ts-ignore\nimport elliptic from 'elliptic'\n// @ts-ignore\nimport * as u8a from 'uint8arrays'\nconst { fromString, toString } = u8a\nimport {\n CreateIdentifierOpts,\n CreateOrGetIdentifierOpts,\n DID_PREFIX,\n GetOrCreateResult,\n GetSignerArgs,\n IdentifierAliasEnum,\n IdentifierProviderOpts,\n IDIDOptions,\n SignJwtArgs,\n SupportedDidMethodEnum,\n} from './types'\n\nexport const getAuthenticationKey = async (\n {\n identifier,\n offlineWhenNoDIDRegistered,\n noVerificationMethodFallback,\n keyType,\n controllerKey,\n }: {\n identifier: IIdentifier\n keyType?: TKeyType\n offlineWhenNoDIDRegistered?: boolean\n noVerificationMethodFallback?: boolean\n controllerKey?: boolean\n },\n context: IAgentContext<IResolver & IDIDManager>\n): Promise<_ExtendedIKey> => {\n return await getFirstKeyWithRelation(\n {\n identifier,\n offlineWhenNoDIDRegistered,\n noVerificationMethodFallback,\n keyType,\n controllerKey,\n vmRelationship: 'authentication',\n },\n context\n )\n}\nexport const getFirstKeyWithRelation = async (\n {\n identifier,\n offlineWhenNoDIDRegistered,\n noVerificationMethodFallback,\n keyType,\n controllerKey,\n vmRelationship,\n }: {\n identifier: IIdentifier\n keyType?: TKeyType\n offlineWhenNoDIDRegistered?: boolean\n noVerificationMethodFallback?: boolean\n controllerKey?: boolean\n vmRelationship: DIDDocumentSection\n },\n context: IAgentContext<IResolver & IDIDManager>\n): Promise<_ExtendedIKey> => {\n let key: _ExtendedIKey | undefined = undefined\n try {\n key =\n (await getFirstKeyWithRelationFromDIDDoc(\n {\n identifier,\n vmRelationship,\n errorOnNotFound: false,\n keyType,\n controllerKey,\n },\n context\n )) ??\n (noVerificationMethodFallback || vmRelationship === 'verificationMethod' // let's not fallback to the same value again\n ? undefined\n : await getFirstKeyWithRelationFromDIDDoc(\n {\n identifier,\n vmRelationship: 'verificationMethod',\n errorOnNotFound: false,\n keyType,\n controllerKey,\n },\n context\n ))\n } catch (e) {\n if (e instanceof Error) {\n if (!e.message.includes('404') || !offlineWhenNoDIDRegistered) {\n throw e\n }\n } else {\n throw e\n }\n }\n if (!key && offlineWhenNoDIDRegistered) {\n const offlineDID = toDidDocument(identifier)\n key =\n (await getFirstKeyWithRelationFromDIDDoc(\n {\n identifier,\n vmRelationship,\n errorOnNotFound: false,\n didDocument: offlineDID,\n keyType,\n controllerKey,\n },\n context\n )) ??\n (noVerificationMethodFallback || vmRelationship === 'verificationMethod' // let's not fallback to the same value again\n ? undefined\n : await getFirstKeyWithRelationFromDIDDoc(\n {\n identifier,\n vmRelationship: 'verificationMethod',\n errorOnNotFound: false,\n didDocument: offlineDID,\n keyType,\n controllerKey,\n },\n context\n ))\n if (!key) {\n key = identifier.keys\n .map((key) => key as _ExtendedIKey)\n .filter((key) => keyType === undefined || key.type === keyType || (controllerKey && key.kid === identifier.controllerKeyId))\n .find((key) => key.meta.verificationMethod?.type.includes('authentication') || key.meta.purposes?.includes('authentication'))\n }\n }\n if (!key) {\n throw Error(`Could not find authentication key for DID ${identifier.did}`)\n }\n return key\n}\n\nexport const getOrCreatePrimaryIdentifier = async (\n context: IAgentContext<IDIDManager>,\n opts?: CreateOrGetIdentifierOpts\n): Promise<GetOrCreateResult<IIdentifier>> => {\n const primaryIdentifier = await getPrimaryIdentifier(context, { ...opts?.createOpts?.options, ...(opts?.method && { method: opts.method }) })\n if (primaryIdentifier !== undefined) {\n return {\n created: false,\n result: primaryIdentifier,\n }\n }\n\n if (opts?.method === SupportedDidMethodEnum.DID_KEY) {\n const createOpts = opts?.createOpts ?? {}\n createOpts.options = { codecName: 'EBSI', type: 'Secp256r1', ...createOpts }\n opts.createOpts = createOpts\n }\n const createdIdentifier = await createIdentifier(context, opts)\n return {\n created: true,\n result: createdIdentifier,\n }\n}\n\nexport const getPrimaryIdentifier = async (context: IAgentContext<IDIDManager>, opts?: IdentifierProviderOpts): Promise<IIdentifier | undefined> => {\n const identifiers = (await context.agent.didManagerFind(opts?.method ? { provider: `${DID_PREFIX}${opts?.method}` } : {})).filter(\n (identifier: IIdentifier) => opts?.type === undefined || identifier.keys.some((key: IKey) => key.type === opts?.type)\n )\n\n return identifiers && identifiers.length > 0 ? identifiers[0] : undefined\n}\n\nexport const createIdentifier = async (context: IAgentContext<IDIDManager>, opts?: CreateIdentifierOpts): Promise<IIdentifier> => {\n return await context.agent.didManagerCreate({\n kms: await getKms(context, opts?.createOpts?.kms),\n ...(opts?.method && { provider: `${DID_PREFIX}${opts?.method}` }),\n alias: opts?.createOpts?.alias ?? `${IdentifierAliasEnum.PRIMARY}-${opts?.method}-${opts?.createOpts?.options?.type}-${new Date().getTime()}`,\n options: opts?.createOpts?.options,\n })\n}\n\nexport const getFirstKeyWithRelationFromDIDDoc = async (\n {\n identifier,\n vmRelationship = 'verificationMethod',\n keyType,\n errorOnNotFound = false,\n didDocument,\n controllerKey,\n }: {\n identifier: IIdentifier\n controllerKey?: boolean\n vmRelationship?: DIDDocumentSection\n keyType?: TKeyType\n errorOnNotFound?: boolean\n didDocument?: DIDDocument\n },\n context: IAgentContext<IResolver & IDIDManager>\n): Promise<_ExtendedIKey | undefined> => {\n const matchedKeys = await mapIdentifierKeysToDocWithJwkSupport({ identifier, vmRelationship, didDocument }, context)\n if (Array.isArray(matchedKeys) && matchedKeys.length > 0) {\n const result = matchedKeys.find(\n (key) => keyType === undefined || key.type === keyType || (controllerKey && key.kid === identifier.controllerKeyId)\n )\n if (result) {\n return result\n }\n }\n if (errorOnNotFound) {\n throw new Error(\n `Could not find key with relationship ${vmRelationship} in DID document for ${identifier.did}${keyType ? ' and key type: ' + keyType : ''}`\n )\n }\n return undefined\n}\n\nexport const getEthereumAddressFromKey = ({ key }: { key: IKey }) => {\n if (key.type !== 'Secp256k1') {\n throw Error(`Can only get ethereum address from a Secp256k1 key. Type is ${key.type} for keyRef: ${key.kid}`)\n }\n const ethereumAddress = key.meta?.ethereumAddress ?? key.meta?.account?.toLowerCase() ?? computeAddress(`0x${key.publicKeyHex}`).toLowerCase()\n if (!ethereumAddress) {\n throw Error(`Could not get or generate ethereum address from key with keyRef ${key.kid}`)\n }\n return ethereumAddress\n}\n\nexport const getControllerKey = ({ identifier }: { identifier: IIdentifier }) => {\n const key = identifier.keys.find((key) => key.kid === identifier.controllerKeyId)\n if (!key) {\n throw Error(`Could not get controller key for identifier ${identifier}`)\n }\n return key\n}\n\nexport const getKeys = ({\n jwkThumbprint,\n kms,\n identifier,\n kmsKeyRef,\n keyType,\n controllerKey,\n}: {\n identifier: IIdentifier\n kmsKeyRef?: string\n keyType?: TKeyType\n kms?: string\n jwkThumbprint?: string\n controllerKey?: boolean\n}) => {\n return identifier.keys\n .filter((key) => !keyType || key.type === keyType)\n .filter((key) => !kms || key.kms === kms)\n .filter((key) => !kmsKeyRef || key.kid === kmsKeyRef)\n .filter((key) => !jwkThumbprint || key.meta?.jwkThumbprint === jwkThumbprint)\n .filter((key) => !controllerKey || identifier.controllerKeyId === key.kid)\n}\n\n//TODO: Move to ssi-sdk/core and create PR upstream\n/**\n * Dereferences keys from DID document and normalizes them for easy comparison.\n *\n * When dereferencing keyAgreement keys, only Ed25519 and X25519 curves are supported.\n * Other key types are omitted from the result and Ed25519 keys are converted to X25519\n *\n * @returns a Promise that resolves to the list of dereferenced keys.\n *\n * @beta This API may change without a BREAKING CHANGE notice.\n */\nexport async function dereferenceDidKeysWithJwkSupport(\n didDocument: DIDDocument,\n section: DIDDocumentSection = 'keyAgreement',\n context: IAgentContext<IResolver>\n): Promise<_NormalizedVerificationMethod[]> {\n const convert = section === 'keyAgreement'\n if (section === 'service') {\n return []\n }\n return (\n await Promise.all(\n (didDocument[section] || []).map(async (key: string | VerificationMethod) => {\n if (typeof key === 'string') {\n try {\n return (await context.agent.getDIDComponentById({\n didDocument,\n didUrl: key,\n section,\n })) as _ExtendedVerificationMethod\n } catch (e) {\n return null\n }\n } else {\n return key as _ExtendedVerificationMethod\n }\n })\n )\n )\n .filter(isDefined)\n .map((key) => {\n const hexKey = extractPublicKeyHexWithJwkSupport(key, convert)\n const { publicKeyHex, publicKeyBase58, publicKeyBase64, publicKeyJwk, ...keyProps } = key\n const newKey = { ...keyProps, publicKeyHex: hexKey }\n if (convert && 'Ed25519VerificationKey2018' === newKey.type) {\n newKey.type = 'X25519KeyAgreementKey2019'\n }\n return newKey\n })\n}\n\nexport function jwkTtoPublicKeyHex(jwk: JWK): string {\n // todo: Hacky way to convert this to a VM. Should extract the logic from the below methods\n // @ts-ignore\n const vm: _ExtendedVerificationMethod = {\n publicKeyJwk: sanitizedJwk(jwk),\n }\n return extractPublicKeyHexWithJwkSupport(vm)\n}\n\n/**\n * Converts the publicKey of a VerificationMethod to hex encoding (publicKeyHex)\n *\n * @param pk - the VerificationMethod to be converted\n * @param convert - when this flag is set to true, Ed25519 keys are converted to their X25519 pairs\n * @returns the hex encoding of the public key\n *\n * @beta This API may change without a BREAKING CHANGE notice.\n */\nexport function extractPublicKeyHexWithJwkSupport(pk: _ExtendedVerificationMethod, convert = false): string {\n if (pk.publicKeyJwk) {\n const jwk = sanitizedJwk(pk.publicKeyJwk)\n if (jwk.kty === 'EC') {\n const curve = jwk.crv ? toEcLibCurve(jwk.crv) : 'p256'\n const xHex = base64ToHex(jwk.x!, 'base64url')\n const yHex = base64ToHex(jwk.y!, 'base64url')\n const prefix = '04' // isEven(yHex) ? '02' : '03'\n // Uncompressed Hex format: 04<x><y>\n // Compressed Hex format: 02<x> (for even y) or 03<x> (for uneven y)\n const hex = `${prefix}${xHex}${yHex}`\n try {\n const ec = new elliptic.ec(curve)\n // We return directly as we don't want to convert the result back into Uint8Array and then convert again to hex as the elliptic lib already returns hex strings\n const publicKeyHex = ec.keyFromPublic(hex, 'hex').getPublic(true, 'hex')\n // This returns a short form (x) with 02 or 03 prefix\n return publicKeyHex\n } catch (error: any) {\n console.error(`Error converting EC with elliptic lib curve ${curve} from JWK to hex. x: ${jwk.x}, y: ${jwk.y}, error: ${error}`, error)\n }\n } else if (jwk.crv === 'Ed25519') {\n return toString(fromString(jwk.x!, 'base64url'), 'base16')\n } else if (jwk.kty === 'RSA') {\n return hexKeyFromPEMBasedJwk(jwk, 'public')\n }\n }\n // delegate the other types to the original Veramo function\n return extractPublicKeyHex(pk, convert)\n}\n\nexport function isEvenHexString(hex: string) {\n const lastChar = hex[hex.length - 1].toLowerCase()\n return ['0', '2', '4', '6', '8', 'a', 'c', 'e'].includes(lastChar)\n}\n\ninterface LegacyVerificationMethod extends VerificationMethod {\n publicKeyBase64: string\n}\n\n/**\n * Converts the publicKey of a VerificationMethod to hex encoding (publicKeyHex)\n *\n * @param pk - the VerificationMethod to be converted\n * @param convert - when this flag is set to true, Ed25519 keys are converted to their X25519 pairs\n * @returns the hex encoding of the public key\n *\n * @beta This API may change without a BREAKING CHANGE notice.\n */\nexport function extractPublicKeyHex(pk: _ExtendedVerificationMethod, convert: boolean = false): string {\n let keyBytes = extractPublicKeyBytes(pk)\n const jwk = pk.publicKeyJwk ? sanitizedJwk(pk.publicKeyJwk) : undefined\n if (convert) {\n if (\n ['Ed25519', 'Ed25519VerificationKey2018', 'Ed25519VerificationKey2020'].includes(pk.type) ||\n (pk.type === 'JsonWebKey2020' && jwk?.crv === 'Ed25519')\n ) {\n keyBytes = convertPublicKeyToX25519(keyBytes)\n } else if (\n !['X25519', 'X25519KeyAgreementKey2019', 'X25519KeyAgreementKey2020'].includes(pk.type) &&\n !(pk.type === 'JsonWebKey2020' && jwk?.crv === 'X25519')\n ) {\n return ''\n }\n }\n return bytesToHex(keyBytes)\n}\n\nfunction toEcLibCurve(input: string) {\n return input.toLowerCase().replace('-', '').replace('_', '')\n}\n\nfunction extractPublicKeyBytes(pk: VerificationMethod): Uint8Array {\n if (pk.publicKeyBase58) {\n return base58ToBytes(pk.publicKeyBase58)\n } else if (pk.publicKeyMultibase) {\n return multibaseKeyToBytes(pk.publicKeyMultibase)\n } else if ((<LegacyVerificationMethod>pk).publicKeyBase64) {\n return base64ToBytes((<LegacyVerificationMethod>pk).publicKeyBase64)\n } else if (pk.publicKeyHex) {\n return hexToBytes(pk.publicKeyHex)\n } else if (pk.publicKeyJwk?.crv && pk.publicKeyJwk.x && pk.publicKeyJwk.y) {\n return hexToBytes(extractPublicKeyHexWithJwkSupport(pk))\n } else if (pk.publicKeyJwk && (pk.publicKeyJwk.crv === 'Ed25519' || pk.publicKeyJwk.crv === 'X25519') && pk.publicKeyJwk.x) {\n return base64ToBytes(pk.publicKeyJwk.x)\n }\n return new Uint8Array()\n}\n\nexport function verificationMethodToJwk(vm: VerificationMethod): JWK {\n let jwk: JWK | undefined = vm.publicKeyJwk as JWK\n if (!jwk) {\n let publicKeyHex = vm.publicKeyHex ?? toString(extractPublicKeyBytes(vm), 'hex')\n jwk = toJwk(publicKeyHex, keyTypeFromCryptographicSuite({ crv: vm.type }))\n }\n if (!jwk) {\n throw Error(`Could not convert verification method to jwk`)\n }\n jwk.kid = vm.id\n return sanitizedJwk(jwk)\n}\n\nfunction didDocumentSectionToJwks(\n didDocumentSection: DIDDocumentSection,\n searchForVerificationMethods?: (VerificationMethod | string)[],\n verificationMethods?: VerificationMethod[]\n) {\n const jwks = new Set(\n (searchForVerificationMethods ?? [])\n .map((vmOrId) => (typeof vmOrId === 'object' ? vmOrId : verificationMethods?.find((vm) => vm.id === vmOrId)))\n .filter(isDefined)\n .map((vm) => verificationMethodToJwk(vm))\n )\n return { didDocumentSection, jwks: Array.from(jwks) }\n}\n\nexport type DidDocumentJwks = Record<Exclude<DIDDocumentSection, 'publicKey' | 'service'>, Array<JWK>>\n\nexport function didDocumentToJwks(didDocument: DIDDocument): DidDocumentJwks {\n return {\n verificationMethod: [\n ...didDocumentSectionToJwks('publicKey', didDocument.publicKey, didDocument.verificationMethod).jwks, // legacy support\n ...didDocumentSectionToJwks('verificationMethod', didDocument.verificationMethod, didDocument.verificationMethod).jwks,\n ],\n assertionMethod: didDocumentSectionToJwks('assertionMethod', didDocument.assertionMethod, didDocument.verificationMethod).jwks,\n authentication: didDocumentSectionToJwks('authentication', didDocument.authentication, didDocument.verificationMethod).jwks,\n keyAgreement: didDocumentSectionToJwks('keyAgreement', didDocument.keyAgreement, didDocument.verificationMethod).jwks,\n capabilityInvocation: didDocumentSectionToJwks('capabilityInvocation', didDocument.capabilityInvocation, didDocument.verificationMethod).jwks,\n capabilityDelegation: didDocumentSectionToJwks('capabilityDelegation', didDocument.capabilityDelegation, didDocument.verificationMethod).jwks,\n }\n}\n\n/**\n * Maps the keys of a locally managed {@link @veramo/core#IIdentifier | IIdentifier} to the corresponding\n * {@link did-resolver#VerificationMethod | VerificationMethod} entries from the DID document.\n *\n * @param identifier - the identifier to be mapped\n * @param section - the section of the DID document to be mapped (see\n * {@link https://www.w3.org/TR/did-core/#verification-relationships | verification relationships}), but can also be\n * `verificationMethod` to map all the keys.\n * @param didDocument\n * @param context - the veramo agent context, which must contain a {@link @veramo/core#IResolver | IResolver}\n * implementation that can resolve the DID document of the identifier.\n *\n * @returns an array of mapped keys. The corresponding verification method is added to the `meta.verificationMethod`\n * property of the key.\n *\n * @beta This API may change without a BREAKING CHANGE notice.\n */\nexport async function mapIdentifierKeysToDocWithJwkSupport(\n {\n identifier,\n vmRelationship = 'verificationMethod',\n didDocument,\n }: {\n identifier: IIdentifier\n vmRelationship?: DIDDocumentSection\n didDocument?: DIDDocument\n },\n context: IAgentContext<IResolver & IDIDManager>\n): Promise<_ExtendedIKey[]> {\n const didDoc =\n didDocument ??\n (await getAgentResolver(context)\n .resolve(identifier.did)\n .then((result) => result.didDocument))\n if (!didDoc) {\n throw Error(`Could not resolve DID ${identifier.did}`)\n }\n\n // const rsaDidWeb = identifier.keys && identifier.keys.length > 0 && identifier.keys.find((key) => key.type === 'RSA') && didDocument\n\n // We skip mapping in case the identifier is RSA and a did document is supplied.\n const keys = didDoc ? [] : await mapIdentifierKeysToDoc(identifier, vmRelationship, context)\n\n // dereference all key agreement keys from DID document and normalize\n const documentKeys: VerificationMethod[] = await dereferenceDidKeysWithJwkSupport(didDoc, vmRelationship, context)\n\n const localKeys = vmRelationship === 'keyAgreement' ? convertIdentifierEncryptionKeys(identifier) : compressIdentifierSecp256k1Keys(identifier)\n\n // finally map the didDocument keys to the identifier keys by comparing `publicKeyHex`\n const extendedKeys: _ExtendedIKey[] = documentKeys\n .map((verificationMethod) => {\n /*if (verificationMethod.type !== 'JsonWebKey2020') {\n return null\n }*/\n const localKey = localKeys.find(\n (localKey) =>\n localKey.publicKeyHex === verificationMethod.publicKeyHex ||\n verificationMethod.publicKeyHex?.startsWith(localKey.publicKeyHex) ||\n compareBlockchainAccountId(localKey, verificationMethod)\n )\n if (localKey) {\n const { meta, ...localProps } = localKey\n return { ...localProps, meta: { ...meta, verificationMethod } }\n } else {\n return null\n }\n })\n .filter(isDefined)\n\n return keys.concat(extendedKeys)\n}\n\n/**\n * Compares the `blockchainAccountId` of a `EcdsaSecp256k1RecoveryMethod2020` verification method with the address\n * computed from a locally managed key.\n *\n * @returns true if the local key address corresponds to the `blockchainAccountId`\n *\n * @param localKey - The locally managed key\n * @param verificationMethod - a {@link did-resolver#VerificationMethod | VerificationMethod} with a\n * `blockchainAccountId`\n *\n * @beta This API may change without a BREAKING CHANGE notice.\n */\nfunction compareBlockchainAccountId(localKey: IKey, verificationMethod: VerificationMethod): boolean {\n if (\n (verificationMethod.type !== 'EcdsaSecp256k1RecoveryMethod2020' && verificationMethod.type !== 'EcdsaSecp256k1VerificationKey2019') ||\n localKey.type !== 'Secp256k1'\n ) {\n return false\n }\n let vmEthAddr = getEthereumAddress(verificationMethod)\n if (localKey.meta?.account) {\n return vmEthAddr === localKey.meta?.account.toLowerCase()\n }\n const computedAddr = computeAddress('0x' + localKey.publicKeyHex).toLowerCase()\n return computedAddr === vmEthAddr\n}\n\nexport async function getAgentDIDMethods(context: IAgentContext<IDIDManager>) {\n return (await context.agent.didManagerGetProviders()).map((provider) => provider.toLowerCase().replace('did:', ''))\n}\n\nexport function getDID(idOpts: { identifier: IIdentifier | string }): string {\n if (typeof idOpts.identifier === 'string') {\n return idOpts.identifier\n } else if (typeof idOpts.identifier === 'object') {\n return idOpts.identifier.did\n }\n throw Error(`Cannot get DID from identifier value`)\n}\n\nexport function toDID(identifier: string | IIdentifier | Partial<IIdentifier>): string {\n if (typeof identifier === 'string') {\n return identifier\n }\n if (identifier.did) {\n return identifier.did\n }\n throw Error(`No DID value present in identifier`)\n}\n\nexport function toDIDs(identifiers?: (string | IIdentifier | Partial<IIdentifier>)[]): string[] {\n if (!identifiers) {\n return []\n }\n return identifiers.map(toDID)\n}\n\nexport async function getKey(\n {\n identifier,\n vmRelationship = 'authentication',\n kmsKeyRef,\n }: {\n identifier: IIdentifier\n vmRelationship?: DIDDocumentSection\n kmsKeyRef?: string\n },\n context: IAgentContext<IResolver & IDIDManager>\n): Promise<IKey> {\n if (!identifier) {\n return Promise.reject(new Error(`No identifier provided to getKey method!`))\n }\n // normalize to kid, in case keyId was passed in as did#vm or #vm\n const kmsKeyRefParts = kmsKeyRef?.split(`#`)\n const kid = kmsKeyRefParts ? (kmsKeyRefParts?.length === 2 ? kmsKeyRefParts[1] : kmsKeyRefParts[0]) : undefined\n // todo: We really should do a keyRef and external kid here\n let identifierKey = kmsKeyRef ? identifier.keys.find((key: IKey) => key.kid === kid || key?.meta?.jwkThumbprint === kid) : undefined\n if (!identifierKey) {\n const keys = await mapIdentifierKeysToDocWithJwkSupport({ identifier, vmRelationship: vmRelationship }, context)\n if (!keys || keys.length === 0) {\n throw new Error(`No keys found for verificationMethodSection: ${vmRelationship} and did ${identifier.did}`)\n }\n if (kmsKeyRef) {\n identifierKey = keys.find(\n (key: _ExtendedIKey) => key.meta.verificationMethod?.id === kmsKeyRef || (kid && key.meta.verificationMethod?.id?.includes(kid))\n )\n }\n if (!identifierKey) {\n identifierKey = keys.find(\n (key: _ExtendedIKey) => key.meta.verificationMethod?.type === vmRelationship || key.meta.purposes?.includes(vmRelationship)\n )\n }\n if (!identifierKey) {\n identifierKey = keys[0]\n }\n }\n if (!identifierKey) {\n throw new Error(\n `No matching verificationMethodSection key found for keyId: ${kmsKeyRef} and vmSection: ${vmRelationship} for id ${identifier.did}`\n )\n }\n\n return identifierKey\n}\n\n/**\n *\n * @param identifier\n * @param context\n *\n * @deprecated Replaced by the identfier resolution plugin\n */\nasync function legacyGetIdentifier(\n {\n identifier,\n }: {\n identifier: string | IIdentifier\n },\n context: IAgentContext<IDIDManager>\n): Promise<IIdentifier> {\n if (typeof identifier === 'string') {\n return await context.agent.didManagerGet({ did: identifier })\n }\n return identifier\n}\n\n/**\n * Get the real kid as used in JWTs. This is the kid in the VM or in the JWT, not the kid in the Veramo/Sphereon keystore. That was just a poorly chosen name\n * @param key\n * @param idOpts\n * @param context\n */\nexport async function determineKid(\n {\n key,\n idOpts,\n }: {\n key: IKey\n idOpts: { identifier: IIdentifier | string; kmsKeyRef?: string }\n },\n context: IAgentContext<IResolver & IDIDManager>\n): Promise<string> {\n if (key.meta?.verificationMethod?.id) {\n return key.meta?.verificationMethod?.id\n }\n const identifier = await legacyGetIdentifier(idOpts, context)\n const mappedKeys = await mapIdentifierKeysToDocWithJwkSupport(\n {\n identifier,\n vmRelationship: 'verificationMethod',\n },\n context\n )\n const vmKey = mappedKeys.find((extendedKey) => extendedKey.kid === key.kid)\n if (vmKey) {\n return vmKey.meta?.verificationMethod?.id ?? vmKey.meta?.jwkThumbprint ?? idOpts.kmsKeyRef ?? vmKey.kid\n }\n\n return key.meta?.jwkThumbprint ?? idOpts.kmsKeyRef ?? key.kid\n}\n\nexport async function getSupportedDIDMethods(didOpts: IDIDOptions, context: IAgentContext<IDIDManager>) {\n return didOpts.supportedDIDMethods ?? (await getAgentDIDMethods(context))\n}\n\nexport function getAgentResolver(\n context: IAgentContext<IResolver & IDIDManager>,\n opts?: {\n localResolution?: boolean // Resolve identifiers hosted by the agent\n uniresolverResolution?: boolean // Resolve identifiers using universal resolver\n resolverResolution?: boolean // Use registered drivers\n }\n): Resolvable {\n return new AgentDIDResolver(context, opts)\n}\n\nexport class AgentDIDResolver implements Resolvable {\n private readonly context: IAgentContext<IResolver & IDIDManager>\n private readonly resolverResolution: boolean\n private readonly uniresolverResolution: boolean\n private readonly localResolution: boolean\n\n constructor(\n context: IAgentContext<IResolver & IDIDManager>,\n opts?: { uniresolverResolution?: boolean; localResolution?: boolean; resolverResolution?: boolean }\n ) {\n this.context = context\n this.resolverResolution = opts?.resolverResolution !== false\n this.uniresolverResolution = opts?.uniresolverResolution !== false\n this.localResolution = opts?.localResolution !== false\n }\n\n async resolve(didUrl: string, options?: DIDResolutionOptions): Promise<DIDResolutionResult> {\n let resolutionResult: DIDResolutionResult | undefined\n let origResolutionResult: DIDResolutionResult | undefined\n let err: any\n if (!this.resolverResolution && !this.localResolution && !this.uniresolverResolution) {\n throw Error(`No agent hosted DID resolution, regular agent resolution nor universal resolver resolution is enabled. Cannot resolve DIDs.`)\n }\n if (this.resolverResolution) {\n try {\n resolutionResult = await this.context.agent.resolveDid({ didUrl, options })\n } catch (error: unknown) {\n err = error\n }\n }\n if (resolutionResult) {\n origResolutionResult = resolutionResult\n if (resolutionResult.didDocument === null) {\n resolutionResult = undefined\n }\n } else {\n console.log(`Agent resolver resolution is disabled. This typically isn't desirable!`)\n }\n if (!resolutionResult && this.localResolution) {\n console.log(`Using local DID resolution, looking at DIDs hosted by the agent.`)\n try {\n const did = didUrl.split('#')[0]\n const iIdentifier = await this.context.agent.didManagerGet({ did })\n resolutionResult = toDidResolutionResult(iIdentifier, { did })\n if (resolutionResult.didDocument) {\n err = undefined\n } else {\n console.log(`Local resolution resulted in a DID Document for ${did}`)\n }\n } catch (error: unknown) {\n if (!err) {\n err = error\n }\n }\n }\n if (resolutionResult) {\n if (!origResolutionResult) {\n origResolutionResult = resolutionResult\n }\n if (!resolutionResult.didDocument) {\n resolutionResult = undefined\n }\n }\n if (!resolutionResult && this.uniresolverResolution) {\n console.log(`Using universal resolver resolution for did ${didUrl} `)\n resolutionResult = await new UniResolver().resolve(didUrl, options)\n if (!origResolutionResult) {\n origResolutionResult = resolutionResult\n }\n if (resolutionResult.didDocument) {\n err = undefined\n }\n }\n\n if (err) {\n // throw original error\n throw err\n }\n if (!resolutionResult && !origResolutionResult) {\n throw `Could not resolve ${didUrl}. Resolutions tried: online: ${this.resolverResolution}, local: ${this.localResolution}, uni resolver: ${this.uniresolverResolution}`\n }\n return resolutionResult ?? origResolutionResult!\n }\n}\n\n/**\n * Please note that this is not an exact representation of the actual DID Document.\n *\n * We try to do our best, to map keys onto relevant verification methods and relationships, but we simply lack the context\n * of the actual DID method here. Do not relly on this method for DID resolution. It is only handy for offline use cases\n * when no DID Document is cached. For DID:WEB it does provide an accurate representation!\n *\n * @param identifier\n * @param opts\n */\nexport function toDidDocument(\n identifier?: IIdentifier,\n opts?: {\n did?: string\n use?: JwkKeyUse[]\n }\n): DIDDocument | undefined {\n let didDocument: DIDDocument | undefined = undefined\n // TODO: Introduce jwk thumbprints here\n if (identifier) {\n const did = identifier.did ?? opts?.did\n didDocument = {\n '@context': 'https://www.w3.org/ns/did/v1',\n id: did,\n verificationMethod: identifier.keys.map((key) => {\n const vm: VerificationMethod = {\n controller: did,\n id: key.kid.startsWith(did) && key.kid.includes('#') ? key.kid : `${did}#${key.kid}`,\n publicKeyJwk: toJwk(key.publicKeyHex, key.type, {\n use: ENC_KEY_ALGS.includes(key.type) ? JwkKeyUse.Encryption : JwkKeyUse.Signature,\n key,\n }) as JsonWebKey,\n type: 'JsonWebKey2020',\n }\n return vm\n }),\n ...((opts?.use === undefined || opts?.use?.includes(JwkKeyUse.Signature)) &&\n identifier.keys && {\n assertionMethod: identifier.keys\n .filter(\n (key) =>\n key?.meta?.purpose === undefined || key?.meta?.purpose === 'assertionMethod' || key?.meta?.purposes?.includes('assertionMethod')\n )\n .map((key) => {\n if (key.kid.startsWith(did) && key.kid.includes('#')) {\n return key.kid\n }\n return `${did}#${key.kid}`\n }),\n }),\n ...((opts?.use === undefined || opts?.use?.includes(JwkKeyUse.Signature)) &&\n identifier.keys && {\n authentication: identifier.keys\n .filter(\n (key) => key?.meta?.purpose === undefined || key?.meta?.purpose === 'authentication' || key?.meta?.purposes?.includes('authentication')\n )\n .map((key) => {\n if (key.kid.startsWith(did) && key.kid.includes('#')) {\n return key.kid\n }\n return `${did}#${key.kid}`\n }),\n }),\n ...((opts?.use === undefined || opts?.use?.includes(JwkKeyUse.Encryption)) &&\n identifier.keys && {\n keyAgreement: identifier.keys\n .filter((key) => key.type === 'X25519' || key?.meta?.purpose === 'keyAgreement' || key?.meta?.purposes?.includes('keyAgreement'))\n .map((key) => {\n if (key.kid.startsWith(did) && key.kid.includes('#')) {\n return key.kid\n }\n return `${did}#${key.kid}`\n }),\n }),\n ...((opts?.use === undefined || opts?.use?.includes(JwkKeyUse.Encryption)) &&\n identifier.keys && {\n capabilityInvocation: identifier.keys\n .filter(\n (key) => key.type === 'X25519' || key?.meta?.purpose === 'capabilityInvocation' || key?.meta?.purposes?.includes('capabilityInvocation')\n )\n .map((key) => {\n if (key.kid.startsWith(did) && key.kid.includes('#')) {\n return key.kid\n }\n return `${did}#${key.kid}`\n }),\n }),\n ...((opts?.use === undefined || opts?.use?.includes(JwkKeyUse.Encryption)) &&\n identifier.keys && {\n capabilityDelegation: identifier.keys\n .filter(\n (key) => key.type === 'X25519' || key?.meta?.purpose === 'capabilityDelegation' || key?.meta?.purposes?.includes('capabilityDelegation')\n )\n .map((key) => {\n if (key.kid.startsWith(did) && key.kid.includes('#')) {\n return key.kid\n }\n return `${did}#${key.kid}`\n }),\n }),\n ...(identifier.services && identifier.services.length > 0 && { service: identifier.services }),\n }\n }\n return didDocument\n}\n\nexport function toDidResolutionResult(\n identifier?: IIdentifier,\n opts?: {\n did?: string\n supportedMethods?: string[]\n }\n): DIDResolutionResult {\n const didDocument = toDidDocument(identifier, opts) ?? null // null is used in case of errors and required by the did resolution spec\n\n const resolutionResult: DIDResolutionResult = {\n '@context': 'https://w3id.org/did-resolution/v1',\n didDocument,\n didResolutionMetadata: {\n ...(!didDocument && { error: 'notFound' }),\n ...(Array.isArray(opts?.supportedMethods) &&\n identifier &&\n !opts?.supportedMethods.includes(identifier.provider.replace('did:', '')) && { error: 'unsupportedDidMethod' }),\n },\n didDocumentMetadata: {\n ...(identifier?.alias && { equivalentId: identifier?.alias }),\n },\n }\n return resolutionResult\n}\n\nexport async function asDidWeb(hostnameOrDID: string): Promise<string> {\n let did = hostnameOrDID\n if (!did) {\n throw Error('Domain or DID expected, but received nothing.')\n }\n if (did.startsWith('did:web:')) {\n return did\n }\n return `did:web:${did.replace(/https?:\\/\\/([^/?#]+).*/i, '$1').toLowerCase()}`\n}\n\n/**\n * @deprecated Replaced by the new signer service\n */\nexport const signDidJWT = async (args: SignJwtArgs): Promise<string> => {\n const { idOpts, header, payload, context, options } = args\n const jwtOptions = {\n ...options,\n signer: await getDidSigner({ idOpts, context }),\n }\n\n return createJWT(payload, jwtOptions, header)\n}\n\n/**\n * @deprecated Replaced by the new signer service\n */\nexport const getDidSigner = async (\n args: GetSignerArgs & {\n idOpts: {\n /**\n * @deprecated\n */\n identifier: IIdentifier | string\n /**\n * @deprecated\n */\n verificationMethodSection?: DIDDocumentSection\n /**\n * @deprecated\n */\n kmsKeyRef?: string\n }\n }\n): Promise<Signer> => {\n const { idOpts, context } = args\n\n const identifier = await legacyGetIdentifier(idOpts, context)\n const key = await getKey(\n {\n identifier,\n vmRelationship: idOpts.verificationMethodSection,\n kmsKeyRef: idOpts.kmsKeyRef,\n },\n context\n )\n const algorithm = await signatureAlgorithmFromKey({ key })\n\n return async (data: string | Uint8Array): Promise<string> => {\n const input = data instanceof Object.getPrototypeOf(Uint8Array) ? new TextDecoder().decode(data as Uint8Array) : (data as string)\n return await context.agent.keyManagerSign({\n keyRef: key.kid,\n algorithm,\n data: input,\n })\n }\n}\n","import { TKeyType } from '@sphereon/ssi-sdk-ext.key-utils'\nimport { IAgentContext, IDIDManager, IIdentifier, IKeyManager, IResolver } from '@veramo/core'\nimport { JWTHeader, JWTPayload, JWTVerifyOptions } from 'did-jwt'\nimport { Resolvable } from 'did-resolver'\n\nexport enum SupportedDidMethodEnum {\n DID_ETHR = 'ethr',\n DID_KEY = 'key',\n DID_LTO = 'lto',\n DID_ION = 'ion',\n DID_EBSI = 'ebsi',\n DID_JWK = 'jwk',\n DID_OYD = 'oyd',\n}\n\nexport enum IdentifierAliasEnum {\n PRIMARY = 'primary',\n}\n\nexport interface ResolveOpts {\n jwtVerifyOpts?: JWTVerifyOptions\n resolver?: Resolvable\n resolveUrl?: string\n noUniversalResolverFallback?: boolean\n subjectSyntaxTypesSupported?: string[]\n}\n\n/**\n * @deprecated Replaced by the identifier resolution service\n */\nexport interface IDIDOptions {\n resolveOpts?: ResolveOpts\n idOpts: LegacyIIdentifierOpts\n supportedDIDMethods?: string[]\n}\n\nexport type IdentifierProviderOpts = {\n type?: TKeyType\n use?: string\n method?: SupportedDidMethodEnum\n [x: string]: any\n}\n\nexport type CreateIdentifierOpts = {\n method: SupportedDidMethodEnum\n createOpts?: CreateIdentifierCreateOpts\n}\n\nexport type CreateIdentifierCreateOpts = {\n kms?: string\n alias?: string\n options?: IdentifierProviderOpts\n}\n\nexport type CreateOrGetIdentifierOpts = {\n method: SupportedDidMethodEnum\n createOpts?: CreateIdentifierCreateOpts\n}\n\nexport const DID_PREFIX = 'did:'\n\nexport interface GetOrCreateResult<T> {\n created: boolean\n result: T\n}\n\n/**\n * @deprecated Replaced by new signer\n */\nexport type SignJwtArgs = {\n idOpts: LegacyIIdentifierOpts\n header: Partial<JWTHeader>\n payload: Partial<JWTPayload>\n options: { issuer: string; expiresIn?: number; canonicalize?: boolean }\n context: IRequiredSignAgentContext\n}\n\n/**\n * @deprecated Replaced by new signer\n */\nexport type GetSignerArgs = {\n idOpts: LegacyIIdentifierOpts\n context: IRequiredSignAgentContext\n}\n\n/**\n * @deprecated Replaced by the identifier resolution service\n */\ntype LegacyIIdentifierOpts = {\n identifier: IIdentifier | string\n}\nexport type IRequiredSignAgentContext = IAgentContext<IKeyManager & IDIDManager & IResolver>\n"]}
1
+ {"version":3,"sources":["../src/index.ts","../src/did-functions.ts","../src/types.ts"],"sourcesContent":["export * from './did-functions'\nexport * from './types'\n","import { computeAddress } from '@ethersproject/transactions'\nimport { UniResolver } from '@sphereon/did-uni-client'\nimport {\n ENC_KEY_ALGS,\n getKms,\n JwkKeyUse,\n keyTypeFromCryptographicSuite,\n sanitizedJwk,\n signatureAlgorithmFromKey,\n TKeyType,\n toJwk,\n} from '@sphereon/ssi-sdk-ext.key-utils'\nimport { base64ToHex, hexKeyFromPEMBasedJwk } from '@sphereon/ssi-sdk-ext.x509-utils'\nimport { base58ToBytes, base64ToBytes, bytesToHex, hexToBytes, multibaseKeyToBytes } from '@sphereon/ssi-sdk.core'\nimport { JWK } from '@sphereon/ssi-types'\nimport { convertPublicKeyToX25519 } from '@stablelib/ed25519'\nimport { DIDDocument, DIDDocumentSection, DIDResolutionResult, IAgentContext, IDIDManager, IIdentifier, IKey, IResolver } from '@veramo/core'\nimport {\n _ExtendedIKey,\n _ExtendedVerificationMethod,\n _NormalizedVerificationMethod,\n compressIdentifierSecp256k1Keys,\n convertIdentifierEncryptionKeys,\n getEthereumAddress,\n isDefined,\n mapIdentifierKeysToDoc,\n} from '@veramo/utils'\nimport { createJWT, Signer } from 'did-jwt'\nimport { DIDResolutionOptions, JsonWebKey, Resolvable, VerificationMethod } from 'did-resolver'\n// @ts-ignore\nimport elliptic from 'elliptic'\n// @ts-ignore\nimport * as u8a from 'uint8arrays'\nconst { fromString, toString } = u8a\nimport {\n CreateIdentifierOpts,\n CreateOrGetIdentifierOpts,\n DID_PREFIX,\n GetOrCreateResult,\n GetSignerArgs,\n IdentifierAliasEnum,\n IdentifierProviderOpts,\n IDIDOptions,\n SignJwtArgs,\n SupportedDidMethodEnum,\n} from './types'\n\nexport const getAuthenticationKey = async (\n {\n identifier,\n offlineWhenNoDIDRegistered,\n noVerificationMethodFallback,\n keyType,\n controllerKey,\n }: {\n identifier: IIdentifier\n keyType?: TKeyType\n offlineWhenNoDIDRegistered?: boolean\n noVerificationMethodFallback?: boolean\n controllerKey?: boolean\n },\n context: IAgentContext<IResolver & IDIDManager>\n): Promise<_ExtendedIKey> => {\n return await getFirstKeyWithRelation(\n {\n identifier,\n offlineWhenNoDIDRegistered,\n noVerificationMethodFallback,\n keyType,\n controllerKey,\n vmRelationship: 'authentication',\n },\n context\n )\n}\nexport const getFirstKeyWithRelation = async (\n {\n identifier,\n offlineWhenNoDIDRegistered,\n noVerificationMethodFallback,\n keyType,\n controllerKey,\n vmRelationship,\n }: {\n identifier: IIdentifier\n keyType?: TKeyType\n offlineWhenNoDIDRegistered?: boolean\n noVerificationMethodFallback?: boolean\n controllerKey?: boolean\n vmRelationship: DIDDocumentSection\n },\n context: IAgentContext<IResolver & IDIDManager>\n): Promise<_ExtendedIKey> => {\n let key: _ExtendedIKey | undefined = undefined\n try {\n key =\n (await getFirstKeyWithRelationFromDIDDoc(\n {\n identifier,\n vmRelationship,\n errorOnNotFound: false,\n keyType,\n controllerKey,\n },\n context\n )) ??\n (noVerificationMethodFallback || vmRelationship === 'verificationMethod' // let's not fallback to the same value again\n ? undefined\n : await getFirstKeyWithRelationFromDIDDoc(\n {\n identifier,\n vmRelationship: 'verificationMethod',\n errorOnNotFound: false,\n keyType,\n controllerKey,\n },\n context\n ))\n } catch (e) {\n if (e instanceof Error) {\n if (!e.message.includes('404') || !offlineWhenNoDIDRegistered) {\n throw e\n }\n } else {\n throw e\n }\n }\n if (!key && offlineWhenNoDIDRegistered) {\n const offlineDID = toDidDocument(identifier)\n key =\n (await getFirstKeyWithRelationFromDIDDoc(\n {\n identifier,\n vmRelationship,\n errorOnNotFound: false,\n didDocument: offlineDID,\n keyType,\n controllerKey,\n },\n context\n )) ??\n (noVerificationMethodFallback || vmRelationship === 'verificationMethod' // let's not fallback to the same value again\n ? undefined\n : await getFirstKeyWithRelationFromDIDDoc(\n {\n identifier,\n vmRelationship: 'verificationMethod',\n errorOnNotFound: false,\n didDocument: offlineDID,\n keyType,\n controllerKey,\n },\n context\n ))\n if (!key) {\n key = identifier.keys\n .map((key) => key as _ExtendedIKey)\n .filter((key) => keyType === undefined || key.type === keyType || (controllerKey && key.kid === identifier.controllerKeyId))\n .find((key) => key.meta.verificationMethod?.type.includes('authentication') || key.meta.purposes?.includes('authentication'))\n }\n }\n if (!key) {\n throw Error(`Could not find authentication key for DID ${identifier.did}`)\n }\n return key\n}\n\nexport const getOrCreatePrimaryIdentifier = async (\n context: IAgentContext<IDIDManager>,\n opts?: CreateOrGetIdentifierOpts\n): Promise<GetOrCreateResult<IIdentifier>> => {\n const primaryIdentifier = await getPrimaryIdentifier(context, { ...opts?.createOpts?.options, ...(opts?.method && { method: opts.method }) })\n if (primaryIdentifier !== undefined) {\n return {\n created: false,\n result: primaryIdentifier,\n }\n }\n\n if (opts?.method === SupportedDidMethodEnum.DID_KEY) {\n const createOpts = opts?.createOpts ?? {}\n createOpts.options = { codecName: 'EBSI', type: 'Secp256r1', ...createOpts }\n opts.createOpts = createOpts\n }\n const createdIdentifier = await createIdentifier(context, opts)\n return {\n created: true,\n result: createdIdentifier,\n }\n}\n\nexport const getPrimaryIdentifier = async (context: IAgentContext<IDIDManager>, opts?: IdentifierProviderOpts): Promise<IIdentifier | undefined> => {\n const identifiers = (await context.agent.didManagerFind(opts?.method ? { provider: `${DID_PREFIX}${opts?.method}` } : {})).filter(\n (identifier: IIdentifier) => opts?.type === undefined || identifier.keys.some((key: IKey) => key.type === opts?.type)\n )\n\n return identifiers && identifiers.length > 0 ? identifiers[0] : undefined\n}\n\nexport const createIdentifier = async (context: IAgentContext<IDIDManager>, opts?: CreateIdentifierOpts): Promise<IIdentifier> => {\n return await context.agent.didManagerCreate({\n kms: await getKms(context, opts?.createOpts?.kms),\n ...(opts?.method && { provider: `${DID_PREFIX}${opts?.method}` }),\n alias: opts?.createOpts?.alias ?? `${IdentifierAliasEnum.PRIMARY}-${opts?.method}-${opts?.createOpts?.options?.type}-${new Date().getTime()}`,\n options: opts?.createOpts?.options,\n })\n}\n\nexport const getFirstKeyWithRelationFromDIDDoc = async (\n {\n identifier,\n vmRelationship = 'verificationMethod',\n keyType,\n errorOnNotFound = false,\n didDocument,\n controllerKey,\n }: {\n identifier: IIdentifier\n controllerKey?: boolean\n vmRelationship?: DIDDocumentSection\n keyType?: TKeyType\n errorOnNotFound?: boolean\n didDocument?: DIDDocument\n },\n context: IAgentContext<IResolver & IDIDManager>\n): Promise<_ExtendedIKey | undefined> => {\n const matchedKeys = await mapIdentifierKeysToDocWithJwkSupport({ identifier, vmRelationship, didDocument }, context)\n if (Array.isArray(matchedKeys) && matchedKeys.length > 0) {\n const result = matchedKeys.find(\n (key) => keyType === undefined || key.type === keyType || (controllerKey && key.kid === identifier.controllerKeyId)\n )\n if (result) {\n return result\n }\n }\n if (errorOnNotFound) {\n throw new Error(\n `Could not find key with relationship ${vmRelationship} in DID document for ${identifier.did}${keyType ? ' and key type: ' + keyType : ''}`\n )\n }\n return undefined\n}\n\nexport const getEthereumAddressFromKey = ({ key }: { key: IKey }) => {\n if (key.type !== 'Secp256k1') {\n throw Error(`Can only get ethereum address from a Secp256k1 key. Type is ${key.type} for keyRef: ${key.kid}`)\n }\n const ethereumAddress = key.meta?.ethereumAddress ?? key.meta?.account?.toLowerCase() ?? computeAddress(`0x${key.publicKeyHex}`).toLowerCase()\n if (!ethereumAddress) {\n throw Error(`Could not get or generate ethereum address from key with keyRef ${key.kid}`)\n }\n return ethereumAddress\n}\n\nexport const getControllerKey = ({ identifier }: { identifier: IIdentifier }) => {\n const key = identifier.keys.find((key) => key.kid === identifier.controllerKeyId)\n if (!key) {\n throw Error(`Could not get controller key for identifier ${identifier}`)\n }\n return key\n}\n\nexport const getKeys = ({\n jwkThumbprint,\n kms,\n identifier,\n kmsKeyRef,\n keyType,\n controllerKey,\n}: {\n identifier: IIdentifier\n kmsKeyRef?: string\n keyType?: TKeyType\n kms?: string\n jwkThumbprint?: string\n controllerKey?: boolean\n}) => {\n return identifier.keys\n .filter((key) => !keyType || key.type === keyType)\n .filter((key) => !kms || key.kms === kms)\n .filter((key) => !kmsKeyRef || key.kid === kmsKeyRef)\n .filter((key) => !jwkThumbprint || key.meta?.jwkThumbprint === jwkThumbprint)\n .filter((key) => !controllerKey || identifier.controllerKeyId === key.kid)\n}\n\n//TODO: Move to ssi-sdk/core and create PR upstream\n/**\n * Dereferences keys from DID document and normalizes them for easy comparison.\n *\n * When dereferencing keyAgreement keys, only Ed25519 and X25519 curves are supported.\n * Other key types are omitted from the result and Ed25519 keys are converted to X25519\n *\n * @returns a Promise that resolves to the list of dereferenced keys.\n *\n * @beta This API may change without a BREAKING CHANGE notice.\n */\nexport async function dereferenceDidKeysWithJwkSupport(\n didDocument: DIDDocument,\n section: DIDDocumentSection = 'keyAgreement',\n context: IAgentContext<IResolver>\n): Promise<_NormalizedVerificationMethod[]> {\n const convert = section === 'keyAgreement'\n if (section === 'service') {\n return []\n }\n return (\n await Promise.all(\n (didDocument[section] || []).map(async (key: string | VerificationMethod) => {\n if (typeof key === 'string') {\n try {\n return (await context.agent.getDIDComponentById({\n didDocument,\n didUrl: key,\n section,\n })) as _ExtendedVerificationMethod\n } catch (e) {\n return null\n }\n } else {\n return key as _ExtendedVerificationMethod\n }\n })\n )\n )\n .filter(isDefined)\n .map((key) => {\n const hexKey = extractPublicKeyHexWithJwkSupport(key, convert)\n const { publicKeyHex, publicKeyBase58, publicKeyBase64, publicKeyJwk, ...keyProps } = key\n const newKey = { ...keyProps, publicKeyHex: hexKey }\n if (convert && 'Ed25519VerificationKey2018' === newKey.type) {\n newKey.type = 'X25519KeyAgreementKey2019'\n }\n return newKey\n })\n}\n\nexport function jwkTtoPublicKeyHex(jwk: JWK): string {\n // todo: Hacky way to convert this to a VM. Should extract the logic from the below methods\n // @ts-ignore\n const vm: _ExtendedVerificationMethod = {\n publicKeyJwk: sanitizedJwk(jwk),\n }\n return extractPublicKeyHexWithJwkSupport(vm)\n}\n\n/**\n * Converts the publicKey of a VerificationMethod to hex encoding (publicKeyHex)\n *\n * @param pk - the VerificationMethod to be converted\n * @param convert - when this flag is set to true, Ed25519 keys are converted to their X25519 pairs\n * @returns the hex encoding of the public key\n *\n * @beta This API may change without a BREAKING CHANGE notice.\n */\nexport function extractPublicKeyHexWithJwkSupport(pk: _ExtendedVerificationMethod, convert = false): string {\n if (pk.publicKeyJwk) {\n const jwk = sanitizedJwk(pk.publicKeyJwk)\n if (jwk.kty === 'EC') {\n const curve = jwk.crv ? toEcLibCurve(jwk.crv) : 'p256'\n const xHex = base64ToHex(jwk.x!, 'base64url')\n const yHex = base64ToHex(jwk.y!, 'base64url')\n const prefix = '04' // isEven(yHex) ? '02' : '03'\n // Uncompressed Hex format: 04<x><y>\n // Compressed Hex format: 02<x> (for even y) or 03<x> (for uneven y)\n const hex = `${prefix}${xHex}${yHex}`\n try {\n const ec = new elliptic.ec(curve)\n // We return directly as we don't want to convert the result back into Uint8Array and then convert again to hex as the elliptic lib already returns hex strings\n const publicKeyHex = ec.keyFromPublic(hex, 'hex').getPublic(true, 'hex')\n // This returns a short form (x) with 02 or 03 prefix\n return publicKeyHex\n } catch (error: any) {\n console.error(`Error converting EC with elliptic lib curve ${curve} from JWK to hex. x: ${jwk.x}, y: ${jwk.y}, error: ${error}`, error)\n }\n } else if (jwk.crv === 'Ed25519') {\n return toString(fromString(jwk.x!, 'base64url'), 'base16')\n } else if (jwk.kty === 'RSA') {\n return hexKeyFromPEMBasedJwk(jwk, 'public')\n }\n }\n // delegate the other types to the original Veramo function\n return extractPublicKeyHex(pk, convert)\n}\n\nexport function isEvenHexString(hex: string) {\n const lastChar = hex[hex.length - 1].toLowerCase()\n return ['0', '2', '4', '6', '8', 'a', 'c', 'e'].includes(lastChar)\n}\n\ninterface LegacyVerificationMethod extends VerificationMethod {\n publicKeyBase64: string\n}\n\n/**\n * Converts the publicKey of a VerificationMethod to hex encoding (publicKeyHex)\n *\n * @param pk - the VerificationMethod to be converted\n * @param convert - when this flag is set to true, Ed25519 keys are converted to their X25519 pairs\n * @returns the hex encoding of the public key\n *\n * @beta This API may change without a BREAKING CHANGE notice.\n */\nexport function extractPublicKeyHex(pk: _ExtendedVerificationMethod, convert: boolean = false): string {\n let keyBytes = extractPublicKeyBytes(pk)\n const jwk = pk.publicKeyJwk ? sanitizedJwk(pk.publicKeyJwk) : undefined\n if (convert) {\n if (\n ['Ed25519', 'Ed25519VerificationKey2018', 'Ed25519VerificationKey2020'].includes(pk.type) ||\n (pk.type === 'JsonWebKey2020' && jwk?.crv === 'Ed25519')\n ) {\n keyBytes = convertPublicKeyToX25519(keyBytes)\n } else if (\n !['X25519', 'X25519KeyAgreementKey2019', 'X25519KeyAgreementKey2020'].includes(pk.type) &&\n !(pk.type === 'JsonWebKey2020' && jwk?.crv === 'X25519')\n ) {\n return ''\n }\n }\n return bytesToHex(keyBytes)\n}\n\nfunction toEcLibCurve(input: string) {\n return input.toLowerCase().replace('-', '').replace('_', '')\n}\n\nfunction extractPublicKeyBytes(pk: VerificationMethod): Uint8Array {\n if (pk.publicKeyBase58) {\n return base58ToBytes(pk.publicKeyBase58)\n } else if (pk.publicKeyMultibase) {\n return multibaseKeyToBytes(pk.publicKeyMultibase)\n } else if ((<LegacyVerificationMethod>pk).publicKeyBase64) {\n return base64ToBytes((<LegacyVerificationMethod>pk).publicKeyBase64)\n } else if (pk.publicKeyHex) {\n return hexToBytes(pk.publicKeyHex)\n } else if (pk.publicKeyJwk?.crv && pk.publicKeyJwk.x && pk.publicKeyJwk.y) {\n return hexToBytes(extractPublicKeyHexWithJwkSupport(pk))\n } else if (pk.publicKeyJwk && (pk.publicKeyJwk.crv === 'Ed25519' || pk.publicKeyJwk.crv === 'X25519') && pk.publicKeyJwk.x) {\n return base64ToBytes(pk.publicKeyJwk.x)\n }\n return new Uint8Array()\n}\n\nexport function verificationMethodToJwk(vm: VerificationMethod): JWK {\n let jwk: JWK | undefined = vm.publicKeyJwk as JWK\n if (!jwk) {\n let publicKeyHex = vm.publicKeyHex ?? toString(extractPublicKeyBytes(vm), 'hex')\n jwk = toJwk(publicKeyHex, keyTypeFromCryptographicSuite({ crv: vm.type }))\n }\n if (!jwk) {\n throw Error(`Could not convert verification method to jwk`)\n }\n jwk.kid = vm.id\n return sanitizedJwk(jwk)\n}\n\nfunction didDocumentSectionToJwks(\n didDocumentSection: DIDDocumentSection,\n searchForVerificationMethods?: (VerificationMethod | string)[],\n verificationMethods?: VerificationMethod[]\n) {\n const jwks = new Set(\n (searchForVerificationMethods ?? [])\n .map((vmOrId) => (typeof vmOrId === 'object' ? vmOrId : verificationMethods?.find((vm) => vm.id === vmOrId)))\n .filter(isDefined)\n .map((vm) => verificationMethodToJwk(vm))\n )\n return { didDocumentSection, jwks: Array.from(jwks) }\n}\n\nexport type DidDocumentJwks = Record<Exclude<DIDDocumentSection, 'publicKey' | 'service'>, Array<JWK>>\n\nexport function didDocumentToJwks(didDocument: DIDDocument): DidDocumentJwks {\n return {\n verificationMethod: [\n ...didDocumentSectionToJwks('publicKey', didDocument.publicKey, didDocument.verificationMethod).jwks, // legacy support\n ...didDocumentSectionToJwks('verificationMethod', didDocument.verificationMethod, didDocument.verificationMethod).jwks,\n ],\n assertionMethod: didDocumentSectionToJwks('assertionMethod', didDocument.assertionMethod, didDocument.verificationMethod).jwks,\n authentication: didDocumentSectionToJwks('authentication', didDocument.authentication, didDocument.verificationMethod).jwks,\n keyAgreement: didDocumentSectionToJwks('keyAgreement', didDocument.keyAgreement, didDocument.verificationMethod).jwks,\n capabilityInvocation: didDocumentSectionToJwks('capabilityInvocation', didDocument.capabilityInvocation, didDocument.verificationMethod).jwks,\n capabilityDelegation: didDocumentSectionToJwks('capabilityDelegation', didDocument.capabilityDelegation, didDocument.verificationMethod).jwks,\n }\n}\n\n/**\n * Maps the keys of a locally managed {@link @veramo/core#IIdentifier | IIdentifier} to the corresponding\n * {@link did-resolver#VerificationMethod | VerificationMethod} entries from the DID document.\n *\n * @param identifier - the identifier to be mapped\n * @param section - the section of the DID document to be mapped (see\n * {@link https://www.w3.org/TR/did-core/#verification-relationships | verification relationships}), but can also be\n * `verificationMethod` to map all the keys.\n * @param didDocument\n * @param context - the veramo agent context, which must contain a {@link @veramo/core#IResolver | IResolver}\n * implementation that can resolve the DID document of the identifier.\n *\n * @returns an array of mapped keys. The corresponding verification method is added to the `meta.verificationMethod`\n * property of the key.\n *\n * @beta This API may change without a BREAKING CHANGE notice.\n */\nexport async function mapIdentifierKeysToDocWithJwkSupport(\n {\n identifier,\n vmRelationship = 'verificationMethod',\n didDocument,\n }: {\n identifier: IIdentifier\n vmRelationship?: DIDDocumentSection\n didDocument?: DIDDocument\n },\n context: IAgentContext<IResolver & IDIDManager>\n): Promise<_ExtendedIKey[]> {\n const didDoc =\n didDocument ??\n (await getAgentResolver(context)\n .resolve(identifier.did)\n .then((result) => result.didDocument))\n if (!didDoc) {\n throw Error(`Could not resolve DID ${identifier.did}`)\n }\n\n // const rsaDidWeb = identifier.keys && identifier.keys.length > 0 && identifier.keys.find((key) => key.type === 'RSA') && didDocument\n\n // We skip mapping in case the identifier is RSA and a did document is supplied.\n const keys = didDoc ? [] : await mapIdentifierKeysToDoc(identifier, vmRelationship, context)\n\n // dereference all key agreement keys from DID document and normalize\n const documentKeys: VerificationMethod[] = await dereferenceDidKeysWithJwkSupport(didDoc, vmRelationship, context)\n\n const localKeys = vmRelationship === 'keyAgreement' ? convertIdentifierEncryptionKeys(identifier) : compressIdentifierSecp256k1Keys(identifier)\n\n // finally map the didDocument keys to the identifier keys by comparing `publicKeyHex`\n const extendedKeys: _ExtendedIKey[] = documentKeys\n .map((verificationMethod) => {\n /*if (verificationMethod.type !== 'JsonWebKey2020') {\n return null\n }*/\n const localKey = localKeys.find(\n (localKey) =>\n localKey.publicKeyHex === verificationMethod.publicKeyHex ||\n verificationMethod.publicKeyHex?.startsWith(localKey.publicKeyHex) ||\n compareBlockchainAccountId(localKey, verificationMethod)\n )\n if (localKey) {\n const { meta, ...localProps } = localKey\n return { ...localProps, meta: { ...meta, verificationMethod } }\n } else {\n return null\n }\n })\n .filter(isDefined)\n\n return keys.concat(extendedKeys)\n}\n\n/**\n * Compares the `blockchainAccountId` of a `EcdsaSecp256k1RecoveryMethod2020` verification method with the address\n * computed from a locally managed key.\n *\n * @returns true if the local key address corresponds to the `blockchainAccountId`\n *\n * @param localKey - The locally managed key\n * @param verificationMethod - a {@link did-resolver#VerificationMethod | VerificationMethod} with a\n * `blockchainAccountId`\n *\n * @beta This API may change without a BREAKING CHANGE notice.\n */\nfunction compareBlockchainAccountId(localKey: IKey, verificationMethod: VerificationMethod): boolean {\n if (\n (verificationMethod.type !== 'EcdsaSecp256k1RecoveryMethod2020' && verificationMethod.type !== 'EcdsaSecp256k1VerificationKey2019') ||\n localKey.type !== 'Secp256k1'\n ) {\n return false\n }\n let vmEthAddr = getEthereumAddress(verificationMethod)\n if (localKey.meta?.account) {\n return vmEthAddr === localKey.meta?.account.toLowerCase()\n }\n const computedAddr = computeAddress('0x' + localKey.publicKeyHex).toLowerCase()\n return computedAddr === vmEthAddr\n}\n\nexport async function getAgentDIDMethods(context: IAgentContext<IDIDManager>) {\n return (await context.agent.didManagerGetProviders()).map((provider) => provider.toLowerCase().replace('did:', ''))\n}\n\nexport function getDID(idOpts: { identifier: IIdentifier | string }): string {\n if (typeof idOpts.identifier === 'string') {\n return idOpts.identifier\n } else if (typeof idOpts.identifier === 'object') {\n return idOpts.identifier.did\n }\n throw Error(`Cannot get DID from identifier value`)\n}\n\nexport function toDID(identifier: string | IIdentifier | Partial<IIdentifier>): string {\n if (typeof identifier === 'string') {\n return identifier\n }\n if (identifier.did) {\n return identifier.did\n }\n throw Error(`No DID value present in identifier`)\n}\n\nexport function toDIDs(identifiers?: (string | IIdentifier | Partial<IIdentifier>)[]): string[] {\n if (!identifiers) {\n return []\n }\n return identifiers.map(toDID)\n}\n\nexport async function getKey(\n {\n identifier,\n vmRelationship = 'authentication',\n kmsKeyRef,\n }: {\n identifier: IIdentifier\n vmRelationship?: DIDDocumentSection\n kmsKeyRef?: string\n },\n context: IAgentContext<IResolver & IDIDManager>\n): Promise<IKey> {\n if (!identifier) {\n return Promise.reject(new Error(`No identifier provided to getKey method!`))\n }\n // normalize to kid, in case keyId was passed in as did#vm or #vm\n const kmsKeyRefParts = kmsKeyRef?.split(`#`)\n const kid = kmsKeyRefParts ? (kmsKeyRefParts?.length === 2 ? kmsKeyRefParts[1] : kmsKeyRefParts[0]) : undefined\n // todo: We really should do a keyRef and external kid here\n let identifierKey = kmsKeyRef ? identifier.keys.find((key: IKey) => key.kid === kid || key?.meta?.jwkThumbprint === kid) : undefined\n if (!identifierKey) {\n const keys = await mapIdentifierKeysToDocWithJwkSupport({ identifier, vmRelationship: vmRelationship }, context)\n if (!keys || keys.length === 0) {\n throw new Error(`No keys found for verificationMethodSection: ${vmRelationship} and did ${identifier.did}`)\n }\n if (kmsKeyRef) {\n identifierKey = keys.find(\n (key: _ExtendedIKey) => key.meta.verificationMethod?.id === kmsKeyRef || (kid && key.meta.verificationMethod?.id?.includes(kid))\n )\n }\n if (!identifierKey) {\n identifierKey = keys.find(\n (key: _ExtendedIKey) => key.meta.verificationMethod?.type === vmRelationship || key.meta.purposes?.includes(vmRelationship)\n )\n }\n if (!identifierKey) {\n identifierKey = keys[0]\n }\n }\n if (!identifierKey) {\n throw new Error(\n `No matching verificationMethodSection key found for keyId: ${kmsKeyRef} and vmSection: ${vmRelationship} for id ${identifier.did}`\n )\n }\n\n return identifierKey\n}\n\n/**\n *\n * @param identifier\n * @param context\n *\n * @deprecated Replaced by the identfier resolution plugin\n */\nasync function legacyGetIdentifier(\n {\n identifier,\n }: {\n identifier: string | IIdentifier\n },\n context: IAgentContext<IDIDManager>\n): Promise<IIdentifier> {\n if (typeof identifier === 'string') {\n return await context.agent.didManagerGet({ did: identifier })\n }\n return identifier\n}\n\n/**\n * Get the real kid as used in JWTs. This is the kid in the VM or in the JWT, not the kid in the Veramo/Sphereon keystore. That was just a poorly chosen name\n * @param key\n * @param idOpts\n * @param context\n */\nexport async function determineKid(\n {\n key,\n idOpts,\n }: {\n key: IKey\n idOpts: { identifier: IIdentifier | string; kmsKeyRef?: string }\n },\n context: IAgentContext<IResolver & IDIDManager>\n): Promise<string> {\n if (key.meta?.verificationMethod?.id) {\n return key.meta?.verificationMethod?.id\n }\n const identifier = await legacyGetIdentifier(idOpts, context)\n const mappedKeys = await mapIdentifierKeysToDocWithJwkSupport(\n {\n identifier,\n vmRelationship: 'verificationMethod',\n },\n context\n )\n const vmKey = mappedKeys.find((extendedKey) => extendedKey.kid === key.kid)\n if (vmKey) {\n return vmKey.meta?.verificationMethod?.id ?? vmKey.meta?.jwkThumbprint ?? idOpts.kmsKeyRef ?? vmKey.kid\n }\n\n return key.meta?.jwkThumbprint ?? idOpts.kmsKeyRef ?? key.kid\n}\n\nexport async function getSupportedDIDMethods(didOpts: IDIDOptions, context: IAgentContext<IDIDManager>) {\n return didOpts.supportedDIDMethods ?? (await getAgentDIDMethods(context))\n}\n\nexport function getAgentResolver(\n context: IAgentContext<IResolver & IDIDManager>,\n opts?: {\n localResolution?: boolean // Resolve identifiers hosted by the agent\n uniresolverResolution?: boolean // Resolve identifiers using universal resolver\n resolverResolution?: boolean // Use registered drivers\n }\n): Resolvable {\n return new AgentDIDResolver(context, opts)\n}\n\nexport class AgentDIDResolver implements Resolvable {\n private readonly context: IAgentContext<IResolver & IDIDManager>\n private readonly resolverResolution: boolean\n private readonly uniresolverResolution: boolean\n private readonly localResolution: boolean\n\n constructor(\n context: IAgentContext<IResolver & IDIDManager>,\n opts?: { uniresolverResolution?: boolean; localResolution?: boolean; resolverResolution?: boolean }\n ) {\n this.context = context\n this.resolverResolution = opts?.resolverResolution !== false\n this.uniresolverResolution = opts?.uniresolverResolution !== false\n this.localResolution = opts?.localResolution !== false\n }\n\n async resolve(didUrl: string, options?: DIDResolutionOptions): Promise<DIDResolutionResult> {\n let resolutionResult: DIDResolutionResult | undefined\n let origResolutionResult: DIDResolutionResult | undefined\n let err: any\n if (!this.resolverResolution && !this.localResolution && !this.uniresolverResolution) {\n throw Error(`No agent hosted DID resolution, regular agent resolution nor universal resolver resolution is enabled. Cannot resolve DIDs.`)\n }\n if (this.resolverResolution) {\n try {\n resolutionResult = await this.context.agent.resolveDid({ didUrl, options })\n } catch (error: unknown) {\n err = error\n }\n }\n if (resolutionResult) {\n origResolutionResult = resolutionResult\n if (resolutionResult.didDocument === null) {\n resolutionResult = undefined\n }\n } else {\n console.log(`Agent resolver resolution is disabled. This typically isn't desirable!`)\n }\n if (!resolutionResult && this.localResolution) {\n console.log(`Using local DID resolution, looking at DIDs hosted by the agent.`)\n try {\n const did = didUrl.split('#')[0]\n const iIdentifier = await this.context.agent.didManagerGet({ did })\n resolutionResult = toDidResolutionResult(iIdentifier, { did })\n if (resolutionResult.didDocument) {\n err = undefined\n } else {\n console.log(`Local resolution resulted in a DID Document for ${did}`)\n }\n } catch (error: unknown) {\n if (!err) {\n err = error\n }\n }\n }\n if (resolutionResult) {\n if (!origResolutionResult) {\n origResolutionResult = resolutionResult\n }\n if (!resolutionResult.didDocument) {\n resolutionResult = undefined\n }\n }\n if (!resolutionResult && this.uniresolverResolution) {\n console.log(`Using universal resolver resolution for did ${didUrl} `)\n resolutionResult = await new UniResolver().resolve(didUrl, options)\n if (!origResolutionResult) {\n origResolutionResult = resolutionResult\n }\n if (resolutionResult.didDocument) {\n err = undefined\n }\n }\n\n if (err) {\n // throw original error\n throw err\n }\n if (!resolutionResult && !origResolutionResult) {\n throw `Could not resolve ${didUrl}. Resolutions tried: online: ${this.resolverResolution}, local: ${this.localResolution}, uni resolver: ${this.uniresolverResolution}`\n }\n return resolutionResult ?? origResolutionResult!\n }\n}\n\n/**\n * Please note that this is not an exact representation of the actual DID Document.\n *\n * We try to do our best, to map keys onto relevant verification methods and relationships, but we simply lack the context\n * of the actual DID method here. Do not relly on this method for DID resolution. It is only handy for offline use cases\n * when no DID Document is cached. For DID:WEB it does provide an accurate representation!\n *\n * @param identifier\n * @param opts\n */\nexport function toDidDocument(\n identifier?: IIdentifier,\n opts?: {\n did?: string\n use?: JwkKeyUse[]\n }\n): DIDDocument | undefined {\n let didDocument: DIDDocument | undefined = undefined\n // TODO: Introduce jwk thumbprints here\n if (identifier) {\n const did = identifier.did ?? opts?.did\n didDocument = {\n '@context': 'https://www.w3.org/ns/did/v1',\n id: did,\n verificationMethod: identifier.keys.map((key) => {\n const vm: VerificationMethod = {\n controller: did,\n id: key.kid.startsWith(did) && key.kid.includes('#') ? key.kid : `${did}#${key.kid}`,\n publicKeyJwk: toJwk(key.publicKeyHex, key.type, {\n use: ENC_KEY_ALGS.includes(key.type) ? JwkKeyUse.Encryption : JwkKeyUse.Signature,\n key,\n }) as JsonWebKey,\n type: 'JsonWebKey2020',\n }\n return vm\n }),\n ...((opts?.use === undefined || opts?.use?.includes(JwkKeyUse.Signature)) &&\n identifier.keys && {\n assertionMethod: identifier.keys\n .filter(\n (key) =>\n key?.meta?.purpose === undefined || key?.meta?.purpose === 'assertionMethod' || key?.meta?.purposes?.includes('assertionMethod')\n )\n .map((key) => {\n if (key.kid.startsWith(did) && key.kid.includes('#')) {\n return key.kid\n }\n return `${did}#${key.kid}`\n }),\n }),\n ...((opts?.use === undefined || opts?.use?.includes(JwkKeyUse.Signature)) &&\n identifier.keys && {\n authentication: identifier.keys\n .filter(\n (key) => key?.meta?.purpose === undefined || key?.meta?.purpose === 'authentication' || key?.meta?.purposes?.includes('authentication')\n )\n .map((key) => {\n if (key.kid.startsWith(did) && key.kid.includes('#')) {\n return key.kid\n }\n return `${did}#${key.kid}`\n }),\n }),\n ...((opts?.use === undefined || opts?.use?.includes(JwkKeyUse.Encryption)) &&\n identifier.keys && {\n keyAgreement: identifier.keys\n .filter((key) => key.type === 'X25519' || key?.meta?.purpose === 'keyAgreement' || key?.meta?.purposes?.includes('keyAgreement'))\n .map((key) => {\n if (key.kid.startsWith(did) && key.kid.includes('#')) {\n return key.kid\n }\n return `${did}#${key.kid}`\n }),\n }),\n ...((opts?.use === undefined || opts?.use?.includes(JwkKeyUse.Encryption)) &&\n identifier.keys && {\n capabilityInvocation: identifier.keys\n .filter(\n (key) => key.type === 'X25519' || key?.meta?.purpose === 'capabilityInvocation' || key?.meta?.purposes?.includes('capabilityInvocation')\n )\n .map((key) => {\n if (key.kid.startsWith(did) && key.kid.includes('#')) {\n return key.kid\n }\n return `${did}#${key.kid}`\n }),\n }),\n ...((opts?.use === undefined || opts?.use?.includes(JwkKeyUse.Encryption)) &&\n identifier.keys && {\n capabilityDelegation: identifier.keys\n .filter(\n (key) => key.type === 'X25519' || key?.meta?.purpose === 'capabilityDelegation' || key?.meta?.purposes?.includes('capabilityDelegation')\n )\n .map((key) => {\n if (key.kid.startsWith(did) && key.kid.includes('#')) {\n return key.kid\n }\n return `${did}#${key.kid}`\n }),\n }),\n ...(identifier.services && identifier.services.length > 0 && { service: identifier.services }),\n }\n }\n return didDocument\n}\n\nexport function toDidResolutionResult(\n identifier?: IIdentifier,\n opts?: {\n did?: string\n supportedMethods?: string[]\n }\n): DIDResolutionResult {\n const didDocument = toDidDocument(identifier, opts) ?? null // null is used in case of errors and required by the did resolution spec\n\n const resolutionResult: DIDResolutionResult = {\n '@context': 'https://w3id.org/did-resolution/v1',\n didDocument,\n didResolutionMetadata: {\n ...(!didDocument && { error: 'notFound' }),\n ...(Array.isArray(opts?.supportedMethods) &&\n identifier &&\n !opts?.supportedMethods.includes(identifier.provider.replace('did:', '')) && { error: 'unsupportedDidMethod' }),\n },\n didDocumentMetadata: {\n ...(identifier?.alias && { equivalentId: identifier?.alias }),\n },\n }\n return resolutionResult\n}\n\nexport async function asDidWeb(hostnameOrDID: string): Promise<string> {\n let did = hostnameOrDID\n if (!did) {\n throw Error('Domain or DID expected, but received nothing.')\n }\n if (did.startsWith('did:web:')) {\n return did\n }\n return `did:web:${did.replace(/https?:\\/\\/([^/?#]+).*/i, '$1').toLowerCase()}`\n}\n\n/**\n * @deprecated Replaced by the new signer service\n */\nexport const signDidJWT = async (args: SignJwtArgs): Promise<string> => {\n const { idOpts, header, payload, context, options } = args\n const jwtOptions = {\n ...options,\n signer: await getDidSigner({ idOpts, context }),\n }\n\n return createJWT(payload, jwtOptions, header)\n}\n\n/**\n * @deprecated Replaced by the new signer service\n */\nexport const getDidSigner = async (\n args: GetSignerArgs & {\n idOpts: {\n /**\n * @deprecated\n */\n identifier: IIdentifier | string\n /**\n * @deprecated\n */\n verificationMethodSection?: DIDDocumentSection\n /**\n * @deprecated\n */\n kmsKeyRef?: string\n }\n }\n): Promise<Signer> => {\n const { idOpts, context } = args\n\n const identifier = await legacyGetIdentifier(idOpts, context)\n const key = await getKey(\n {\n identifier,\n vmRelationship: idOpts.verificationMethodSection,\n kmsKeyRef: idOpts.kmsKeyRef,\n },\n context\n )\n const algorithm = await signatureAlgorithmFromKey({ key })\n\n return async (data: string | Uint8Array): Promise<string> => {\n const input = data instanceof Object.getPrototypeOf(Uint8Array) ? new TextDecoder().decode(data as Uint8Array) : (data as string)\n return await context.agent.keyManagerSign({\n keyRef: key.kid,\n algorithm,\n data: input,\n })\n }\n}\n","import { TKeyType } from '@sphereon/ssi-sdk-ext.key-utils'\nimport { IAgentContext, IDIDManager, IIdentifier, IKeyManager, IResolver } from '@veramo/core'\nimport { JWTHeader, JWTPayload, JWTVerifyOptions } from 'did-jwt'\nimport { Resolvable } from 'did-resolver'\n\nexport enum SupportedDidMethodEnum {\n DID_ETHR = 'ethr',\n DID_KEY = 'key',\n DID_LTO = 'lto',\n DID_ION = 'ion',\n DID_EBSI = 'ebsi',\n DID_JWK = 'jwk',\n DID_OYD = 'oyd',\n}\n\nexport enum IdentifierAliasEnum {\n PRIMARY = 'primary',\n}\n\nexport interface ResolveOpts {\n jwtVerifyOpts?: JWTVerifyOptions\n resolver?: Resolvable\n resolveUrl?: string\n noUniversalResolverFallback?: boolean\n subjectSyntaxTypesSupported?: string[]\n}\n\n/**\n * @deprecated Replaced by the identifier resolution service\n */\nexport interface IDIDOptions {\n resolveOpts?: ResolveOpts\n idOpts: LegacyIIdentifierOpts\n supportedDIDMethods?: string[]\n}\n\nexport type IdentifierProviderOpts = {\n type?: TKeyType\n use?: string\n method?: SupportedDidMethodEnum\n [x: string]: any\n}\n\nexport type CreateIdentifierOpts = {\n method: SupportedDidMethodEnum\n createOpts?: CreateIdentifierCreateOpts\n}\n\nexport type CreateIdentifierCreateOpts = {\n kms?: string\n alias?: string\n options?: IdentifierProviderOpts\n}\n\nexport type CreateOrGetIdentifierOpts = {\n method: SupportedDidMethodEnum\n createOpts?: CreateIdentifierCreateOpts\n}\n\nexport const DID_PREFIX = 'did:'\n\nexport interface GetOrCreateResult<T> {\n created: boolean\n result: T\n}\n\n/**\n * @deprecated Replaced by new signer\n */\nexport type SignJwtArgs = {\n idOpts: LegacyIIdentifierOpts\n header: Partial<JWTHeader>\n payload: Partial<JWTPayload>\n options: { issuer: string; expiresIn?: number; canonicalize?: boolean }\n context: IRequiredSignAgentContext\n}\n\n/**\n * @deprecated Replaced by new signer\n */\nexport type GetSignerArgs = {\n idOpts: LegacyIIdentifierOpts\n context: IRequiredSignAgentContext\n}\n\n/**\n * @deprecated Replaced by the identifier resolution service\n */\ntype LegacyIIdentifierOpts = {\n identifier: IIdentifier | string\n}\nexport type IRequiredSignAgentContext = IAgentContext<IKeyManager & IDIDManager & IResolver>\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;ACAA,0BAA+B;AAC/B,4BAA4B;AAC5B,yBASO;AACP,IAAAA,sBAAmD;AACnD,qBAA0F;AAE1F,qBAAyC;AAEzC,mBASO;AACP,qBAAkC;AAGlC,sBAAqB;AAErB,UAAqB;;;AC3Bd,IAAKC,yBAAAA,yBAAAA,yBAAAA;;;;;;;;SAAAA;;AAUL,IAAKC,sBAAAA,yBAAAA,sBAAAA;;SAAAA;;AA4CL,IAAMC,aAAa;;;AD1B1B,IAAM,EAAEC,YAAYC,SAAQ,IAAKC;AAc1B,IAAMC,uBAAuB,8BAClC,EACEC,YACAC,4BACAC,8BACAC,SACAC,cAAa,GAQfC,YAAAA;AAEA,SAAO,MAAMC,wBACX;IACEN;IACAC;IACAC;IACAC;IACAC;IACAG,gBAAgB;EAClB,GACAF,OAAAA;AAEJ,GA3BoC;AA4B7B,IAAMC,0BAA0B,8BACrC,EACEN,YACAC,4BACAC,8BACAC,SACAC,eACAG,eAAc,GAShBF,YAAAA;AAEA,MAAIG,MAAiCC;AACrC,MAAI;AACFD,UACG,MAAME,kCACL;MACEV;MACAO;MACAI,iBAAiB;MACjBR;MACAC;IACF,GACAC,OAAAA,MAEDH,gCAAgCK,mBAAmB,uBAChDE,SACA,MAAMC,kCACJ;MACEV;MACAO,gBAAgB;MAChBI,iBAAiB;MACjBR;MACAC;IACF,GACAC,OAAAA;EAEV,SAASO,GAAG;AACV,QAAIA,aAAaC,OAAO;AACtB,UAAI,CAACD,EAAEE,QAAQC,SAAS,KAAA,KAAU,CAACd,4BAA4B;AAC7D,cAAMW;MACR;IACF,OAAO;AACL,YAAMA;IACR;EACF;AACA,MAAI,CAACJ,OAAOP,4BAA4B;AACtC,UAAMe,aAAaC,cAAcjB,UAAAA;AACjCQ,UACG,MAAME,kCACL;MACEV;MACAO;MACAI,iBAAiB;MACjBO,aAAaF;MACbb;MACAC;IACF,GACAC,OAAAA,MAEDH,gCAAgCK,mBAAmB,uBAChDE,SACA,MAAMC,kCACJ;MACEV;MACAO,gBAAgB;MAChBI,iBAAiB;MACjBO,aAAaF;MACbb;MACAC;IACF,GACAC,OAAAA;AAER,QAAI,CAACG,KAAK;AACRA,YAAMR,WAAWmB,KACdC,IAAI,CAACZ,SAAQA,IAAAA,EACba,OAAO,CAACb,SAAQL,YAAYM,UAAaD,KAAIc,SAASnB,WAAYC,iBAAiBI,KAAIe,QAAQvB,WAAWwB,eAAe,EACzHC,KAAK,CAACjB,SAAQA,KAAIkB,KAAKC,oBAAoBL,KAAKP,SAAS,gBAAA,KAAqBP,KAAIkB,KAAKE,UAAUb,SAAS,gBAAA,CAAA;IAC/G;EACF;AACA,MAAI,CAACP,KAAK;AACR,UAAMK,MAAM,6CAA6Cb,WAAW6B,GAAG,EAAE;EAC3E;AACA,SAAOrB;AACT,GA1FuC;AA4FhC,IAAMsB,+BAA+B,8BAC1CzB,SACA0B,SAAAA;AAEA,QAAMC,oBAAoB,MAAMC,qBAAqB5B,SAAS;IAAE,GAAG0B,MAAMG,YAAYC;IAAS,GAAIJ,MAAMK,UAAU;MAAEA,QAAQL,KAAKK;IAAO;EAAG,CAAA;AAC3I,MAAIJ,sBAAsBvB,QAAW;AACnC,WAAO;MACL4B,SAAS;MACTC,QAAQN;IACV;EACF;AAEA,MAAID,MAAMK,WAAWG,uBAAuBC,SAAS;AACnD,UAAMN,aAAaH,MAAMG,cAAc,CAAC;AACxCA,eAAWC,UAAU;MAAEM,WAAW;MAAQnB,MAAM;MAAa,GAAGY;IAAW;AAC3EH,SAAKG,aAAaA;EACpB;AACA,QAAMQ,oBAAoB,MAAMC,iBAAiBtC,SAAS0B,IAAAA;AAC1D,SAAO;IACLM,SAAS;IACTC,QAAQI;EACV;AACF,GAtB4C;AAwBrC,IAAMT,uBAAuB,8BAAO5B,SAAqC0B,SAAAA;AAC9E,QAAMa,eAAe,MAAMvC,QAAQwC,MAAMC,eAAef,MAAMK,SAAS;IAAEW,UAAU,GAAGC,UAAAA,GAAajB,MAAMK,MAAAA;EAAS,IAAI,CAAC,CAAA,GAAIf,OACzH,CAACrB,eAA4B+B,MAAMT,SAASb,UAAaT,WAAWmB,KAAK8B,KAAK,CAACzC,QAAcA,IAAIc,SAASS,MAAMT,IAAAA,CAAAA;AAGlH,SAAOsB,eAAeA,YAAYM,SAAS,IAAIN,YAAY,CAAA,IAAKnC;AAClE,GANoC;AAQ7B,IAAMkC,mBAAmB,8BAAOtC,SAAqC0B,SAAAA;AAC1E,SAAO,MAAM1B,QAAQwC,MAAMM,iBAAiB;IAC1CC,KAAK,UAAMC,2BAAOhD,SAAS0B,MAAMG,YAAYkB,GAAAA;IAC7C,GAAIrB,MAAMK,UAAU;MAAEW,UAAU,GAAGC,UAAAA,GAAajB,MAAMK,MAAAA;IAAS;IAC/DkB,OAAOvB,MAAMG,YAAYoB,SAAS,GAAGC,oBAAoBC,OAAO,IAAIzB,MAAMK,MAAAA,IAAUL,MAAMG,YAAYC,SAASb,IAAAA,KAAQ,oBAAImC,KAAAA,GAAOC,QAAO,CAAA;IACzIvB,SAASJ,MAAMG,YAAYC;EAC7B,CAAA;AACF,GAPgC;AASzB,IAAMzB,oCAAoC,8BAC/C,EACEV,YACAO,iBAAiB,sBACjBJ,SACAQ,kBAAkB,OAClBO,aACAd,cAAa,GASfC,YAAAA;AAEA,QAAMsD,cAAc,MAAMC,qCAAqC;IAAE5D;IAAYO;IAAgBW;EAAY,GAAGb,OAAAA;AAC5G,MAAIwD,MAAMC,QAAQH,WAAAA,KAAgBA,YAAYT,SAAS,GAAG;AACxD,UAAMZ,SAASqB,YAAYlC,KACzB,CAACjB,QAAQL,YAAYM,UAAaD,IAAIc,SAASnB,WAAYC,iBAAiBI,IAAIe,QAAQvB,WAAWwB,eAAe;AAEpH,QAAIc,QAAQ;AACV,aAAOA;IACT;EACF;AACA,MAAI3B,iBAAiB;AACnB,UAAM,IAAIE,MACR,wCAAwCN,cAAAA,wBAAsCP,WAAW6B,GAAG,GAAG1B,UAAU,oBAAoBA,UAAU,EAAA,EAAI;EAE/I;AACA,SAAOM;AACT,GAjCiD;AAmC1C,IAAMsD,4BAA4B,wBAAC,EAAEvD,IAAG,MAAiB;AAC9D,MAAIA,IAAIc,SAAS,aAAa;AAC5B,UAAMT,MAAM,+DAA+DL,IAAIc,IAAI,gBAAgBd,IAAIe,GAAG,EAAE;EAC9G;AACA,QAAMyC,kBAAkBxD,IAAIkB,MAAMsC,mBAAmBxD,IAAIkB,MAAMuC,SAASC,YAAAA,SAAiBC,oCAAe,KAAK3D,IAAI4D,YAAY,EAAE,EAAEF,YAAW;AAC5I,MAAI,CAACF,iBAAiB;AACpB,UAAMnD,MAAM,mEAAmEL,IAAIe,GAAG,EAAE;EAC1F;AACA,SAAOyC;AACT,GATyC;AAWlC,IAAMK,mBAAmB,wBAAC,EAAErE,WAAU,MAA+B;AAC1E,QAAMQ,MAAMR,WAAWmB,KAAKM,KAAK,CAACjB,SAAQA,KAAIe,QAAQvB,WAAWwB,eAAe;AAChF,MAAI,CAAChB,KAAK;AACR,UAAMK,MAAM,+CAA+Cb,UAAAA,EAAY;EACzE;AACA,SAAOQ;AACT,GANgC;AAQzB,IAAM8D,UAAU,wBAAC,EACtBC,eACAnB,KACApD,YACAwE,WACArE,SACAC,cAAa,MAQd;AACC,SAAOJ,WAAWmB,KACfE,OAAO,CAACb,QAAQ,CAACL,WAAWK,IAAIc,SAASnB,OAAAA,EACzCkB,OAAO,CAACb,QAAQ,CAAC4C,OAAO5C,IAAI4C,QAAQA,GAAAA,EACpC/B,OAAO,CAACb,QAAQ,CAACgE,aAAahE,IAAIe,QAAQiD,SAAAA,EAC1CnD,OAAO,CAACb,QAAQ,CAAC+D,iBAAiB/D,IAAIkB,MAAM6C,kBAAkBA,aAAAA,EAC9DlD,OAAO,CAACb,QAAQ,CAACJ,iBAAiBJ,WAAWwB,oBAAoBhB,IAAIe,GAAG;AAC7E,GArBuB;AAkCvB,eAAsBkD,iCACpBvD,aACAwD,UAA8B,gBAC9BrE,SAAiC;AAEjC,QAAMsE,UAAUD,YAAY;AAC5B,MAAIA,YAAY,WAAW;AACzB,WAAO,CAAA;EACT;AACA,UACE,MAAME,QAAQC,KACX3D,YAAYwD,OAAAA,KAAY,CAAA,GAAItD,IAAI,OAAOZ,QAAAA;AACtC,QAAI,OAAOA,QAAQ,UAAU;AAC3B,UAAI;AACF,eAAQ,MAAMH,QAAQwC,MAAMiC,oBAAoB;UAC9C5D;UACA6D,QAAQvE;UACRkE;QACF,CAAA;MACF,SAAS9D,GAAG;AACV,eAAO;MACT;IACF,OAAO;AACL,aAAOJ;IACT;EACF,CAAA,CAAA,GAGDa,OAAO2D,sBAAAA,EACP5D,IAAI,CAACZ,QAAAA;AACJ,UAAMyE,SAASC,kCAAkC1E,KAAKmE,OAAAA;AACtD,UAAM,EAAEP,cAAce,iBAAiBC,iBAAiBC,cAAc,GAAGC,SAAAA,IAAa9E;AACtF,UAAM+E,SAAS;MAAE,GAAGD;MAAUlB,cAAca;IAAO;AACnD,QAAIN,WAAW,iCAAiCY,OAAOjE,MAAM;AAC3DiE,aAAOjE,OAAO;IAChB;AACA,WAAOiE;EACT,CAAA;AACJ;AAtCsBd;AAwCf,SAASe,mBAAmBC,KAAQ;AAGzC,QAAMC,KAAkC;IACtCL,kBAAcM,iCAAaF,GAAAA;EAC7B;AACA,SAAOP,kCAAkCQ,EAAAA;AAC3C;AAPgBF;AAkBT,SAASN,kCAAkCU,IAAiCjB,UAAU,OAAK;AAChG,MAAIiB,GAAGP,cAAc;AACnB,UAAMI,UAAME,iCAAaC,GAAGP,YAAY;AACxC,QAAII,IAAII,QAAQ,MAAM;AACpB,YAAMC,QAAQL,IAAIM,MAAMC,aAAaP,IAAIM,GAAG,IAAI;AAChD,YAAME,WAAOC,iCAAYT,IAAIU,GAAI,WAAA;AACjC,YAAMC,WAAOF,iCAAYT,IAAIY,GAAI,WAAA;AACjC,YAAMC,SAAS;AAGf,YAAMC,MAAM,GAAGD,MAAAA,GAASL,IAAAA,GAAOG,IAAAA;AAC/B,UAAI;AACF,cAAMI,KAAK,IAAIC,gBAAAA,QAASD,GAAGV,KAAAA;AAE3B,cAAM1B,eAAeoC,GAAGE,cAAcH,KAAK,KAAA,EAAOI,UAAU,MAAM,KAAA;AAElE,eAAOvC;MACT,SAASwC,OAAY;AACnBC,gBAAQD,MAAM,+CAA+Cd,KAAAA,wBAA6BL,IAAIU,CAAC,QAAQV,IAAIY,CAAC,YAAYO,KAAAA,IAASA,KAAAA;MACnI;IACF,WAAWnB,IAAIM,QAAQ,WAAW;AAChC,aAAOlG,SAASD,WAAW6F,IAAIU,GAAI,WAAA,GAAc,QAAA;IACnD,WAAWV,IAAII,QAAQ,OAAO;AAC5B,iBAAOiB,2CAAsBrB,KAAK,QAAA;IACpC;EACF;AAEA,SAAOsB,oBAAoBnB,IAAIjB,OAAAA;AACjC;AA5BgBO;AA8BT,SAAS8B,gBAAgBT,KAAW;AACzC,QAAMU,WAAWV,IAAIA,IAAIrD,SAAS,CAAA,EAAGgB,YAAW;AAChD,SAAO;IAAC;IAAK;IAAK;IAAK;IAAK;IAAK;IAAK;IAAK;IAAKnD,SAASkG,QAAAA;AAC3D;AAHgBD;AAkBT,SAASD,oBAAoBnB,IAAiCjB,UAAmB,OAAK;AAC3F,MAAIuC,WAAWC,sBAAsBvB,EAAAA;AACrC,QAAMH,MAAMG,GAAGP,mBAAeM,iCAAaC,GAAGP,YAAY,IAAI5E;AAC9D,MAAIkE,SAAS;AACX,QACE;MAAC;MAAW;MAA8B;MAA8B5D,SAAS6E,GAAGtE,IAAI,KACvFsE,GAAGtE,SAAS,oBAAoBmE,KAAKM,QAAQ,WAC9C;AACAmB,qBAAWE,yCAAyBF,QAAAA;IACtC,WACE,CAAC;MAAC;MAAU;MAA6B;MAA6BnG,SAAS6E,GAAGtE,IAAI,KACtF,EAAEsE,GAAGtE,SAAS,oBAAoBmE,KAAKM,QAAQ,WAC/C;AACA,aAAO;IACT;EACF;AACA,aAAOsB,2BAAWH,QAAAA;AACpB;AAjBgBH;AAmBhB,SAASf,aAAasB,OAAa;AACjC,SAAOA,MAAMpD,YAAW,EAAGqD,QAAQ,KAAK,EAAA,EAAIA,QAAQ,KAAK,EAAA;AAC3D;AAFSvB;AAIT,SAASmB,sBAAsBvB,IAAsB;AACnD,MAAIA,GAAGT,iBAAiB;AACtB,eAAOqC,8BAAc5B,GAAGT,eAAe;EACzC,WAAWS,GAAG6B,oBAAoB;AAChC,eAAOC,oCAAoB9B,GAAG6B,kBAAkB;EAClD,WAAsC7B,GAAIR,iBAAiB;AACzD,eAAOuC,8BAAyC/B,GAAIR,eAAe;EACrE,WAAWQ,GAAGxB,cAAc;AAC1B,eAAOwD,2BAAWhC,GAAGxB,YAAY;EACnC,WAAWwB,GAAGP,cAAcU,OAAOH,GAAGP,aAAac,KAAKP,GAAGP,aAAagB,GAAG;AACzE,eAAOuB,2BAAW1C,kCAAkCU,EAAAA,CAAAA;EACtD,WAAWA,GAAGP,iBAAiBO,GAAGP,aAAaU,QAAQ,aAAaH,GAAGP,aAAaU,QAAQ,aAAaH,GAAGP,aAAac,GAAG;AAC1H,eAAOwB,8BAAc/B,GAAGP,aAAac,CAAC;EACxC;AACA,SAAO,IAAI0B,WAAAA;AACb;AAfSV;AAiBF,SAASW,wBAAwBpC,IAAsB;AAC5D,MAAID,MAAuBC,GAAGL;AAC9B,MAAI,CAACI,KAAK;AACR,QAAIrB,eAAesB,GAAGtB,gBAAgBvE,SAASsH,sBAAsBzB,EAAAA,GAAK,KAAA;AAC1ED,cAAMsC,0BAAM3D,kBAAc4D,kDAA8B;MAAEjC,KAAKL,GAAGpE;IAAK,CAAA,CAAA;EACzE;AACA,MAAI,CAACmE,KAAK;AACR,UAAM5E,MAAM,8CAA8C;EAC5D;AACA4E,MAAIlE,MAAMmE,GAAGuC;AACb,aAAOtC,iCAAaF,GAAAA;AACtB;AAXgBqC;AAahB,SAASI,yBACPC,oBACAC,8BACAC,qBAA0C;AAE1C,QAAMC,OAAO,IAAIC,KACdH,gCAAgC,CAAA,GAC9BhH,IAAI,CAACoH,WAAY,OAAOA,WAAW,WAAWA,SAASH,qBAAqB5G,KAAK,CAACiE,OAAOA,GAAGuC,OAAOO,MAAAA,CAAAA,EACnGnH,OAAO2D,sBAAAA,EACP5D,IAAI,CAACsE,OAAOoC,wBAAwBpC,EAAAA,CAAAA,CAAAA;AAEzC,SAAO;IAAEyC;IAAoBG,MAAMzE,MAAM4E,KAAKH,IAAAA;EAAM;AACtD;AAZSJ;AAgBF,SAASQ,kBAAkBxH,aAAwB;AACxD,SAAO;IACLS,oBAAoB;SACfuG,yBAAyB,aAAahH,YAAYyH,WAAWzH,YAAYS,kBAAkB,EAAE2G;SAC7FJ,yBAAyB,sBAAsBhH,YAAYS,oBAAoBT,YAAYS,kBAAkB,EAAE2G;;IAEpHM,iBAAiBV,yBAAyB,mBAAmBhH,YAAY0H,iBAAiB1H,YAAYS,kBAAkB,EAAE2G;IAC1HO,gBAAgBX,yBAAyB,kBAAkBhH,YAAY2H,gBAAgB3H,YAAYS,kBAAkB,EAAE2G;IACvHQ,cAAcZ,yBAAyB,gBAAgBhH,YAAY4H,cAAc5H,YAAYS,kBAAkB,EAAE2G;IACjHS,sBAAsBb,yBAAyB,wBAAwBhH,YAAY6H,sBAAsB7H,YAAYS,kBAAkB,EAAE2G;IACzIU,sBAAsBd,yBAAyB,wBAAwBhH,YAAY8H,sBAAsB9H,YAAYS,kBAAkB,EAAE2G;EAC3I;AACF;AAZgBI;AA+BhB,eAAsB9E,qCACpB,EACE5D,YACAO,iBAAiB,sBACjBW,YAAW,GAMbb,SAA+C;AAE/C,QAAM4I,SACJ/H,eACC,MAAMgI,iBAAiB7I,OAAAA,EACrB8I,QAAQnJ,WAAW6B,GAAG,EACtBuH,KAAK,CAAC9G,WAAWA,OAAOpB,WAAW;AACxC,MAAI,CAAC+H,QAAQ;AACX,UAAMpI,MAAM,yBAAyBb,WAAW6B,GAAG,EAAE;EACvD;AAKA,QAAMV,OAAO8H,SAAS,CAAA,IAAK,UAAMI,qCAAuBrJ,YAAYO,gBAAgBF,OAAAA;AAGpF,QAAMiJ,eAAqC,MAAM7E,iCAAiCwE,QAAQ1I,gBAAgBF,OAAAA;AAE1G,QAAMkJ,YAAYhJ,mBAAmB,qBAAiBiJ,8CAAgCxJ,UAAAA,QAAcyJ,8CAAgCzJ,UAAAA;AAGpI,QAAM0J,eAAgCJ,aACnClI,IAAI,CAACO,uBAAAA;AAIJ,UAAMgI,WAAWJ,UAAU9H,KACzB,CAACkI,cACCA,UAASvF,iBAAiBzC,mBAAmByC,gBAC7CzC,mBAAmByC,cAAcwF,WAAWD,UAASvF,YAAY,KACjEyF,2BAA2BF,WAAUhI,kBAAAA,CAAAA;AAEzC,QAAIgI,UAAU;AACZ,YAAM,EAAEjI,MAAM,GAAGoI,WAAAA,IAAeH;AAChC,aAAO;QAAE,GAAGG;QAAYpI,MAAM;UAAE,GAAGA;UAAMC;QAAmB;MAAE;IAChE,OAAO;AACL,aAAO;IACT;EACF,CAAA,EACCN,OAAO2D,sBAAAA;AAEV,SAAO7D,KAAK4I,OAAOL,YAAAA;AACrB;AArDsB9F;AAmEtB,SAASiG,2BAA2BF,UAAgBhI,oBAAsC;AACxF,MACGA,mBAAmBL,SAAS,sCAAsCK,mBAAmBL,SAAS,uCAC/FqI,SAASrI,SAAS,aAClB;AACA,WAAO;EACT;AACA,MAAI0I,gBAAYC,iCAAmBtI,kBAAAA;AACnC,MAAIgI,SAASjI,MAAMuC,SAAS;AAC1B,WAAO+F,cAAcL,SAASjI,MAAMuC,QAAQC,YAAAA;EAC9C;AACA,QAAMgG,mBAAe/F,oCAAe,OAAOwF,SAASvF,YAAY,EAAEF,YAAW;AAC7E,SAAOgG,iBAAiBF;AAC1B;AAbSH;AAeT,eAAsBM,mBAAmB9J,SAAmC;AAC1E,UAAQ,MAAMA,QAAQwC,MAAMuH,uBAAsB,GAAIhJ,IAAI,CAAC2B,aAAaA,SAASmB,YAAW,EAAGqD,QAAQ,QAAQ,EAAA,CAAA;AACjH;AAFsB4C;AAIf,SAASE,OAAOC,QAA4C;AACjE,MAAI,OAAOA,OAAOtK,eAAe,UAAU;AACzC,WAAOsK,OAAOtK;EAChB,WAAW,OAAOsK,OAAOtK,eAAe,UAAU;AAChD,WAAOsK,OAAOtK,WAAW6B;EAC3B;AACA,QAAMhB,MAAM,sCAAsC;AACpD;AAPgBwJ;AAST,SAASE,MAAMvK,YAAuD;AAC3E,MAAI,OAAOA,eAAe,UAAU;AAClC,WAAOA;EACT;AACA,MAAIA,WAAW6B,KAAK;AAClB,WAAO7B,WAAW6B;EACpB;AACA,QAAMhB,MAAM,oCAAoC;AAClD;AARgB0J;AAUT,SAASC,OAAO5H,aAA6D;AAClF,MAAI,CAACA,aAAa;AAChB,WAAO,CAAA;EACT;AACA,SAAOA,YAAYxB,IAAImJ,KAAAA;AACzB;AALgBC;AAOhB,eAAsBC,OACpB,EACEzK,YACAO,iBAAiB,kBACjBiE,UAAS,GAMXnE,SAA+C;AAE/C,MAAI,CAACL,YAAY;AACf,WAAO4E,QAAQ8F,OAAO,IAAI7J,MAAM,0CAA0C,CAAA;EAC5E;AAEA,QAAM8J,iBAAiBnG,WAAWoG,MAAM,GAAG;AAC3C,QAAMrJ,MAAMoJ,iBAAkBA,gBAAgBzH,WAAW,IAAIyH,eAAe,CAAA,IAAKA,eAAe,CAAA,IAAMlK;AAEtG,MAAIoK,gBAAgBrG,YAAYxE,WAAWmB,KAAKM,KAAK,CAACjB,QAAcA,IAAIe,QAAQA,OAAOf,KAAKkB,MAAM6C,kBAAkBhD,GAAAA,IAAOd;AAC3H,MAAI,CAACoK,eAAe;AAClB,UAAM1J,OAAO,MAAMyC,qCAAqC;MAAE5D;MAAYO;IAA+B,GAAGF,OAAAA;AACxG,QAAI,CAACc,QAAQA,KAAK+B,WAAW,GAAG;AAC9B,YAAM,IAAIrC,MAAM,gDAAgDN,cAAAA,YAA0BP,WAAW6B,GAAG,EAAE;IAC5G;AACA,QAAI2C,WAAW;AACbqG,sBAAgB1J,KAAKM,KACnB,CAACjB,QAAuBA,IAAIkB,KAAKC,oBAAoBsG,OAAOzD,aAAcjD,OAAOf,IAAIkB,KAAKC,oBAAoBsG,IAAIlH,SAASQ,GAAAA,CAAAA;IAE/H;AACA,QAAI,CAACsJ,eAAe;AAClBA,sBAAgB1J,KAAKM,KACnB,CAACjB,QAAuBA,IAAIkB,KAAKC,oBAAoBL,SAASf,kBAAkBC,IAAIkB,KAAKE,UAAUb,SAASR,cAAAA,CAAAA;IAEhH;AACA,QAAI,CAACsK,eAAe;AAClBA,sBAAgB1J,KAAK,CAAA;IACvB;EACF;AACA,MAAI,CAAC0J,eAAe;AAClB,UAAM,IAAIhK,MACR,8DAA8D2D,SAAAA,mBAA4BjE,cAAAA,WAAyBP,WAAW6B,GAAG,EAAE;EAEvI;AAEA,SAAOgJ;AACT;AA9CsBJ;AAuDtB,eAAeK,oBACb,EACE9K,WAAU,GAIZK,SAAmC;AAEnC,MAAI,OAAOL,eAAe,UAAU;AAClC,WAAO,MAAMK,QAAQwC,MAAMkI,cAAc;MAAElJ,KAAK7B;IAAW,CAAA;EAC7D;AACA,SAAOA;AACT;AAZe8K;AAoBf,eAAsBE,aACpB,EACExK,KACA8J,OAAM,GAKRjK,SAA+C;AAE/C,MAAIG,IAAIkB,MAAMC,oBAAoBsG,IAAI;AACpC,WAAOzH,IAAIkB,MAAMC,oBAAoBsG;EACvC;AACA,QAAMjI,aAAa,MAAM8K,oBAAoBR,QAAQjK,OAAAA;AACrD,QAAM4K,aAAa,MAAMrH,qCACvB;IACE5D;IACAO,gBAAgB;EAClB,GACAF,OAAAA;AAEF,QAAM6K,QAAQD,WAAWxJ,KAAK,CAAC0J,gBAAgBA,YAAY5J,QAAQf,IAAIe,GAAG;AAC1E,MAAI2J,OAAO;AACT,WAAOA,MAAMxJ,MAAMC,oBAAoBsG,MAAMiD,MAAMxJ,MAAM6C,iBAAiB+F,OAAO9F,aAAa0G,MAAM3J;EACtG;AAEA,SAAOf,IAAIkB,MAAM6C,iBAAiB+F,OAAO9F,aAAahE,IAAIe;AAC5D;AA3BsByJ;AA6BtB,eAAsBI,uBAAuBC,SAAsBhL,SAAmC;AACpG,SAAOgL,QAAQC,uBAAwB,MAAMnB,mBAAmB9J,OAAAA;AAClE;AAFsB+K;AAIf,SAASlC,iBACd7I,SACA0B,MAIC;AAED,SAAO,IAAIwJ,iBAAiBlL,SAAS0B,IAAAA;AACvC;AATgBmH;AAWT,IAAMqC,mBAAN,MAAMA;EA7tBb,OA6tBaA;;;EACMlL;EACAmL;EACAC;EACAC;EAEjBC,YACEtL,SACA0B,MACA;AACA,SAAK1B,UAAUA;AACf,SAAKmL,qBAAqBzJ,MAAMyJ,uBAAuB;AACvD,SAAKC,wBAAwB1J,MAAM0J,0BAA0B;AAC7D,SAAKC,kBAAkB3J,MAAM2J,oBAAoB;EACnD;EAEA,MAAMvC,QAAQpE,QAAgB5C,SAA8D;AAC1F,QAAIyJ;AACJ,QAAIC;AACJ,QAAIC;AACJ,QAAI,CAAC,KAAKN,sBAAsB,CAAC,KAAKE,mBAAmB,CAAC,KAAKD,uBAAuB;AACpF,YAAM5K,MAAM,6HAA6H;IAC3I;AACA,QAAI,KAAK2K,oBAAoB;AAC3B,UAAI;AACFI,2BAAmB,MAAM,KAAKvL,QAAQwC,MAAMkJ,WAAW;UAAEhH;UAAQ5C;QAAQ,CAAA;MAC3E,SAASyE,OAAgB;AACvBkF,cAAMlF;MACR;IACF;AACA,QAAIgF,kBAAkB;AACpBC,6BAAuBD;AACvB,UAAIA,iBAAiB1K,gBAAgB,MAAM;AACzC0K,2BAAmBnL;MACrB;IACF,OAAO;AACLoG,cAAQmF,IAAI,wEAAwE;IACtF;AACA,QAAI,CAACJ,oBAAoB,KAAKF,iBAAiB;AAC7C7E,cAAQmF,IAAI,kEAAkE;AAC9E,UAAI;AACF,cAAMnK,MAAMkD,OAAO6F,MAAM,GAAA,EAAK,CAAA;AAC9B,cAAMqB,cAAc,MAAM,KAAK5L,QAAQwC,MAAMkI,cAAc;UAAElJ;QAAI,CAAA;AACjE+J,2BAAmBM,sBAAsBD,aAAa;UAAEpK;QAAI,CAAA;AAC5D,YAAI+J,iBAAiB1K,aAAa;AAChC4K,gBAAMrL;QACR,OAAO;AACLoG,kBAAQmF,IAAI,mDAAmDnK,GAAAA,EAAK;QACtE;MACF,SAAS+E,OAAgB;AACvB,YAAI,CAACkF,KAAK;AACRA,gBAAMlF;QACR;MACF;IACF;AACA,QAAIgF,kBAAkB;AACpB,UAAI,CAACC,sBAAsB;AACzBA,+BAAuBD;MACzB;AACA,UAAI,CAACA,iBAAiB1K,aAAa;AACjC0K,2BAAmBnL;MACrB;IACF;AACA,QAAI,CAACmL,oBAAoB,KAAKH,uBAAuB;AACnD5E,cAAQmF,IAAI,+CAA+CjH,MAAAA,GAAS;AACpE6G,yBAAmB,MAAM,IAAIO,kCAAAA,EAAchD,QAAQpE,QAAQ5C,OAAAA;AAC3D,UAAI,CAAC0J,sBAAsB;AACzBA,+BAAuBD;MACzB;AACA,UAAIA,iBAAiB1K,aAAa;AAChC4K,cAAMrL;MACR;IACF;AAEA,QAAIqL,KAAK;AAEP,YAAMA;IACR;AACA,QAAI,CAACF,oBAAoB,CAACC,sBAAsB;AAC9C,YAAM,qBAAqB9G,MAAAA,gCAAsC,KAAKyG,kBAAkB,YAAY,KAAKE,eAAe,mBAAmB,KAAKD,qBAAqB;IACvK;AACA,WAAOG,oBAAoBC;EAC7B;AACF;AAYO,SAAS5K,cACdjB,YACA+B,MAGC;AAED,MAAIb,cAAuCT;AAE3C,MAAIT,YAAY;AACd,UAAM6B,MAAM7B,WAAW6B,OAAOE,MAAMF;AACpCX,kBAAc;MACZ,YAAY;MACZ+G,IAAIpG;MACJF,oBAAoB3B,WAAWmB,KAAKC,IAAI,CAACZ,QAAAA;AACvC,cAAMkF,KAAyB;UAC7B0G,YAAYvK;UACZoG,IAAIzH,IAAIe,IAAIqI,WAAW/H,GAAAA,KAAQrB,IAAIe,IAAIR,SAAS,GAAA,IAAOP,IAAIe,MAAM,GAAGM,GAAAA,IAAOrB,IAAIe,GAAG;UAClF8D,kBAAc0C,0BAAMvH,IAAI4D,cAAc5D,IAAIc,MAAM;YAC9C+K,KAAKC,gCAAavL,SAASP,IAAIc,IAAI,IAAIiL,6BAAUC,aAAaD,6BAAUE;YACxEjM;UACF,CAAA;UACAc,MAAM;QACR;AACA,eAAOoE;MACT,CAAA;MACA,IAAK3D,MAAMsK,QAAQ5L,UAAasB,MAAMsK,KAAKtL,SAASwL,6BAAUE,SAAS,MACrEzM,WAAWmB,QAAQ;QACjByH,iBAAiB5I,WAAWmB,KACzBE,OACC,CAACb,QACCA,KAAKkB,MAAMgL,YAAYjM,UAAaD,KAAKkB,MAAMgL,YAAY,qBAAqBlM,KAAKkB,MAAME,UAAUb,SAAS,iBAAA,CAAA,EAEjHK,IAAI,CAACZ,QAAAA;AACJ,cAAIA,IAAIe,IAAIqI,WAAW/H,GAAAA,KAAQrB,IAAIe,IAAIR,SAAS,GAAA,GAAM;AACpD,mBAAOP,IAAIe;UACb;AACA,iBAAO,GAAGM,GAAAA,IAAOrB,IAAIe,GAAG;QAC1B,CAAA;MACJ;MACF,IAAKQ,MAAMsK,QAAQ5L,UAAasB,MAAMsK,KAAKtL,SAASwL,6BAAUE,SAAS,MACrEzM,WAAWmB,QAAQ;QACjB0H,gBAAgB7I,WAAWmB,KACxBE,OACC,CAACb,QAAQA,KAAKkB,MAAMgL,YAAYjM,UAAaD,KAAKkB,MAAMgL,YAAY,oBAAoBlM,KAAKkB,MAAME,UAAUb,SAAS,gBAAA,CAAA,EAEvHK,IAAI,CAACZ,QAAAA;AACJ,cAAIA,IAAIe,IAAIqI,WAAW/H,GAAAA,KAAQrB,IAAIe,IAAIR,SAAS,GAAA,GAAM;AACpD,mBAAOP,IAAIe;UACb;AACA,iBAAO,GAAGM,GAAAA,IAAOrB,IAAIe,GAAG;QAC1B,CAAA;MACJ;MACF,IAAKQ,MAAMsK,QAAQ5L,UAAasB,MAAMsK,KAAKtL,SAASwL,6BAAUC,UAAU,MACtExM,WAAWmB,QAAQ;QACjB2H,cAAc9I,WAAWmB,KACtBE,OAAO,CAACb,QAAQA,IAAIc,SAAS,YAAYd,KAAKkB,MAAMgL,YAAY,kBAAkBlM,KAAKkB,MAAME,UAAUb,SAAS,cAAA,CAAA,EAChHK,IAAI,CAACZ,QAAAA;AACJ,cAAIA,IAAIe,IAAIqI,WAAW/H,GAAAA,KAAQrB,IAAIe,IAAIR,SAAS,GAAA,GAAM;AACpD,mBAAOP,IAAIe;UACb;AACA,iBAAO,GAAGM,GAAAA,IAAOrB,IAAIe,GAAG;QAC1B,CAAA;MACJ;MACF,IAAKQ,MAAMsK,QAAQ5L,UAAasB,MAAMsK,KAAKtL,SAASwL,6BAAUC,UAAU,MACtExM,WAAWmB,QAAQ;QACjB4H,sBAAsB/I,WAAWmB,KAC9BE,OACC,CAACb,QAAQA,IAAIc,SAAS,YAAYd,KAAKkB,MAAMgL,YAAY,0BAA0BlM,KAAKkB,MAAME,UAAUb,SAAS,sBAAA,CAAA,EAElHK,IAAI,CAACZ,QAAAA;AACJ,cAAIA,IAAIe,IAAIqI,WAAW/H,GAAAA,KAAQrB,IAAIe,IAAIR,SAAS,GAAA,GAAM;AACpD,mBAAOP,IAAIe;UACb;AACA,iBAAO,GAAGM,GAAAA,IAAOrB,IAAIe,GAAG;QAC1B,CAAA;MACJ;MACF,IAAKQ,MAAMsK,QAAQ5L,UAAasB,MAAMsK,KAAKtL,SAASwL,6BAAUC,UAAU,MACtExM,WAAWmB,QAAQ;QACjB6H,sBAAsBhJ,WAAWmB,KAC9BE,OACC,CAACb,QAAQA,IAAIc,SAAS,YAAYd,KAAKkB,MAAMgL,YAAY,0BAA0BlM,KAAKkB,MAAME,UAAUb,SAAS,sBAAA,CAAA,EAElHK,IAAI,CAACZ,QAAAA;AACJ,cAAIA,IAAIe,IAAIqI,WAAW/H,GAAAA,KAAQrB,IAAIe,IAAIR,SAAS,GAAA,GAAM;AACpD,mBAAOP,IAAIe;UACb;AACA,iBAAO,GAAGM,GAAAA,IAAOrB,IAAIe,GAAG;QAC1B,CAAA;MACJ;MACF,GAAIvB,WAAW2M,YAAY3M,WAAW2M,SAASzJ,SAAS,KAAK;QAAE0J,SAAS5M,WAAW2M;MAAS;IAC9F;EACF;AACA,SAAOzL;AACT;AA9FgBD;AAgGT,SAASiL,sBACdlM,YACA+B,MAGC;AAED,QAAMb,cAAcD,cAAcjB,YAAY+B,IAAAA,KAAS;AAEvD,QAAM6J,mBAAwC;IAC5C,YAAY;IACZ1K;IACA2L,uBAAuB;MACrB,GAAI,CAAC3L,eAAe;QAAE0F,OAAO;MAAW;MACxC,GAAI/C,MAAMC,QAAQ/B,MAAM+K,gBAAAA,KACtB9M,cACA,CAAC+B,MAAM+K,iBAAiB/L,SAASf,WAAW+C,SAASwE,QAAQ,QAAQ,EAAA,CAAA,KAAQ;QAAEX,OAAO;MAAuB;IACjH;IACAmG,qBAAqB;MACnB,GAAI/M,YAAYsD,SAAS;QAAE0J,cAAchN,YAAYsD;MAAM;IAC7D;EACF;AACA,SAAOsI;AACT;AAvBgBM;AAyBhB,eAAsBe,SAASC,eAAqB;AAClD,MAAIrL,MAAMqL;AACV,MAAI,CAACrL,KAAK;AACR,UAAMhB,MAAM,+CAAA;EACd;AACA,MAAIgB,IAAI+H,WAAW,UAAA,GAAa;AAC9B,WAAO/H;EACT;AACA,SAAO,WAAWA,IAAI0F,QAAQ,2BAA2B,IAAA,EAAMrD,YAAW,CAAA;AAC5E;AATsB+I;AAcf,IAAME,aAAa,8BAAOC,SAAAA;AAC/B,QAAM,EAAE9C,QAAQ+C,QAAQC,SAASjN,SAAS8B,QAAO,IAAKiL;AACtD,QAAMG,aAAa;IACjB,GAAGpL;IACHqL,QAAQ,MAAMC,aAAa;MAAEnD;MAAQjK;IAAQ,CAAA;EAC/C;AAEA,aAAOqN,0BAAUJ,SAASC,YAAYF,MAAAA;AACxC,GAR0B;AAanB,IAAMI,eAAe,8BAC1BL,SAAAA;AAiBA,QAAM,EAAE9C,QAAQjK,QAAO,IAAK+M;AAE5B,QAAMpN,aAAa,MAAM8K,oBAAoBR,QAAQjK,OAAAA;AACrD,QAAMG,MAAM,MAAMiK,OAChB;IACEzK;IACAO,gBAAgB+J,OAAOqD;IACvBnJ,WAAW8F,OAAO9F;EACpB,GACAnE,OAAAA;AAEF,QAAMuN,YAAY,UAAMC,8CAA0B;IAAErN;EAAI,CAAA;AAExD,SAAO,OAAOsN,SAAAA;AACZ,UAAMxG,QAAQwG,gBAAgBC,OAAOC,eAAenG,UAAAA,IAAc,IAAIoG,YAAAA,EAAcC,OAAOJ,IAAAA,IAAuBA;AAClH,WAAO,MAAMzN,QAAQwC,MAAMsL,eAAe;MACxCC,QAAQ5N,IAAIe;MACZqM;MACAE,MAAMxG;IACR,CAAA;EACF;AACF,GAvC4B;","names":["import_ssi_sdk_ext","SupportedDidMethodEnum","IdentifierAliasEnum","DID_PREFIX","fromString","toString","u8a","getAuthenticationKey","identifier","offlineWhenNoDIDRegistered","noVerificationMethodFallback","keyType","controllerKey","context","getFirstKeyWithRelation","vmRelationship","key","undefined","getFirstKeyWithRelationFromDIDDoc","errorOnNotFound","e","Error","message","includes","offlineDID","toDidDocument","didDocument","keys","map","filter","type","kid","controllerKeyId","find","meta","verificationMethod","purposes","did","getOrCreatePrimaryIdentifier","opts","primaryIdentifier","getPrimaryIdentifier","createOpts","options","method","created","result","SupportedDidMethodEnum","DID_KEY","codecName","createdIdentifier","createIdentifier","identifiers","agent","didManagerFind","provider","DID_PREFIX","some","length","didManagerCreate","kms","getKms","alias","IdentifierAliasEnum","PRIMARY","Date","getTime","matchedKeys","mapIdentifierKeysToDocWithJwkSupport","Array","isArray","getEthereumAddressFromKey","ethereumAddress","account","toLowerCase","computeAddress","publicKeyHex","getControllerKey","getKeys","jwkThumbprint","kmsKeyRef","dereferenceDidKeysWithJwkSupport","section","convert","Promise","all","getDIDComponentById","didUrl","isDefined","hexKey","extractPublicKeyHexWithJwkSupport","publicKeyBase58","publicKeyBase64","publicKeyJwk","keyProps","newKey","jwkTtoPublicKeyHex","jwk","vm","sanitizedJwk","pk","kty","curve","crv","toEcLibCurve","xHex","base64ToHex","x","yHex","y","prefix","hex","ec","elliptic","keyFromPublic","getPublic","error","console","hexKeyFromPEMBasedJwk","extractPublicKeyHex","isEvenHexString","lastChar","keyBytes","extractPublicKeyBytes","convertPublicKeyToX25519","bytesToHex","input","replace","base58ToBytes","publicKeyMultibase","multibaseKeyToBytes","base64ToBytes","hexToBytes","Uint8Array","verificationMethodToJwk","toJwk","keyTypeFromCryptographicSuite","id","didDocumentSectionToJwks","didDocumentSection","searchForVerificationMethods","verificationMethods","jwks","Set","vmOrId","from","didDocumentToJwks","publicKey","assertionMethod","authentication","keyAgreement","capabilityInvocation","capabilityDelegation","didDoc","getAgentResolver","resolve","then","mapIdentifierKeysToDoc","documentKeys","localKeys","convertIdentifierEncryptionKeys","compressIdentifierSecp256k1Keys","extendedKeys","localKey","startsWith","compareBlockchainAccountId","localProps","concat","vmEthAddr","getEthereumAddress","computedAddr","getAgentDIDMethods","didManagerGetProviders","getDID","idOpts","toDID","toDIDs","getKey","reject","kmsKeyRefParts","split","identifierKey","legacyGetIdentifier","didManagerGet","determineKid","mappedKeys","vmKey","extendedKey","getSupportedDIDMethods","didOpts","supportedDIDMethods","AgentDIDResolver","resolverResolution","uniresolverResolution","localResolution","constructor","resolutionResult","origResolutionResult","err","resolveDid","log","iIdentifier","toDidResolutionResult","UniResolver","controller","use","ENC_KEY_ALGS","JwkKeyUse","Encryption","Signature","purpose","services","service","didResolutionMetadata","supportedMethods","didDocumentMetadata","equivalentId","asDidWeb","hostnameOrDID","signDidJWT","args","header","payload","jwtOptions","signer","getDidSigner","createJWT","verificationMethodSection","algorithm","signatureAlgorithmFromKey","data","Object","getPrototypeOf","TextDecoder","decode","keyManagerSign","keyRef"]}
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@sphereon/ssi-sdk-ext.did-utils",
3
3
  "description": "DID Utils",
4
- "version": "0.28.1-feature.esm.cjs.11+5582cc4",
4
+ "version": "0.28.1-feature.esm.cjs.13+24ca549",
5
5
  "source": "./src/index.ts",
6
6
  "type": "module",
7
7
  "main": "./dist/index.cjs",
@@ -24,11 +24,11 @@
24
24
  "@ethersproject/networks": "^5.7.1",
25
25
  "@ethersproject/transactions": "^5.7.0",
26
26
  "@sphereon/did-uni-client": "^0.6.3",
27
- "@sphereon/ssi-sdk-ext.key-utils": "^0.28.1-feature.esm.cjs.11+5582cc4",
28
- "@sphereon/ssi-sdk-ext.x509-utils": "^0.28.1-feature.esm.cjs.11+5582cc4",
29
- "@sphereon/ssi-sdk.agent-config": " ^0.33",
30
- "@sphereon/ssi-sdk.core": " ^0.33",
31
- "@sphereon/ssi-types": " ^0.33",
27
+ "@sphereon/ssi-sdk-ext.key-utils": "^0.28.1-feature.esm.cjs.13+24ca549",
28
+ "@sphereon/ssi-sdk-ext.x509-utils": "^0.28.1-feature.esm.cjs.13+24ca549",
29
+ "@sphereon/ssi-sdk.agent-config": "0.33.1-feature.vcdm2.tsup.25",
30
+ "@sphereon/ssi-sdk.core": "0.33.1-feature.vcdm2.tsup.25",
31
+ "@sphereon/ssi-types": "0.33.1-feature.vcdm2.tsup.25",
32
32
  "@stablelib/ed25519": "^1.0.3",
33
33
  "@veramo/core": "4.2.0",
34
34
  "@veramo/utils": "4.2.0",
@@ -52,5 +52,5 @@
52
52
  "author": "Sphereon <dev@sphereon.com>",
53
53
  "license": "Apache-2.0",
54
54
  "keywords": [],
55
- "gitHead": "5582cc49ffc25ef9cef9d3b42ff7aad59ca3a480"
55
+ "gitHead": "24ca549841533d8ae29184b42dc92a416bdb246d"
56
56
  }