@sphereon/ssi-sdk-ext.jwt-service 0.28.1-feature.esm.cjs.8 → 0.28.1-feature.oyd.cmsm.improv.16

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (29) hide show
  1. package/dist/agent/JwtService.d.ts +17 -0
  2. package/dist/agent/JwtService.d.ts.map +1 -0
  3. package/dist/agent/JwtService.js +137 -0
  4. package/dist/agent/JwtService.js.map +1 -0
  5. package/dist/functions/JWE.d.ts +75 -0
  6. package/dist/functions/JWE.d.ts.map +1 -0
  7. package/dist/functions/JWE.js +280 -0
  8. package/dist/functions/JWE.js.map +1 -0
  9. package/dist/functions/index.d.ts +35 -0
  10. package/dist/functions/index.d.ts.map +1 -0
  11. package/dist/functions/index.js +385 -0
  12. package/dist/functions/index.js.map +1 -0
  13. package/dist/index.d.ts +8 -273
  14. package/dist/index.d.ts.map +1 -0
  15. package/dist/index.js +30 -14772
  16. package/dist/index.js.map +1 -1
  17. package/dist/tsdoc-metadata.json +1 -1
  18. package/dist/types/IJwtService.d.ts +222 -0
  19. package/dist/types/IJwtService.d.ts.map +1 -0
  20. package/dist/types/IJwtService.js +75 -0
  21. package/dist/types/IJwtService.js.map +1 -0
  22. package/package.json +22 -34
  23. package/plugin.schema.json +4315 -12439
  24. package/src/agent/JwtService.ts +3 -6
  25. package/src/functions/JWE.ts +4 -10
  26. package/src/functions/index.ts +3 -5
  27. package/dist/index.cjs +0 -14802
  28. package/dist/index.cjs.map +0 -1
  29. package/dist/index.d.cts +0 -278
package/dist/agent/JwtService.d.ts ADDED
@@ -0,0 +1,17 @@
1
+ import { IAgentPlugin } from '@veramo/core';
2
+ import { IJwtService } from '..';
3
+ /**
4
+ * @public
5
+ */
6
+ export declare class JwtService implements IAgentPlugin {
7
+ readonly schema: any;
8
+ readonly methods: IJwtService;
9
+ private jwtPrepareJws;
10
+ private jwtCreateJwsJsonGeneralSignature;
11
+ private jwtCreateJwsJsonFlattenedSignature;
12
+ private jwtCreateJwsCompactSignature;
13
+ private jwtVerifyJwsSignature;
14
+ private jwtEncryptJweCompactJwt;
15
+ private jwtDecryptJweCompactJwt;
16
+ }
17
+ //# sourceMappingURL=JwtService.d.ts.map
package/dist/agent/JwtService.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"JwtService.d.ts","sourceRoot":"","sources":["../../src/agent/JwtService.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,cAAc,CAAA;AAK3C,OAAO,EAUL,WAAW,EAaZ,MAAM,IAAI,CAAA;AAGX;;GAEG;AACH,qBAAa,UAAW,YAAW,YAAY;IAC7C,QAAQ,CAAC,MAAM,MAAqB;IACpC,QAAQ,CAAC,OAAO,EAAE,WAAW,CAQ5B;YAEa,aAAa;YAIb,gCAAgC;YAIhC,kCAAkC;YAIlC,4BAA4B;YAK5B,qBAAqB;YAIrB,uBAAuB;YA8CvB,uBAAuB;CAGtC"}
package/dist/agent/JwtService.js ADDED
@@ -0,0 +1,137 @@
1
+ "use strict";
2
+ var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
3
+ if (k2 === undefined) k2 = k;
4
+ var desc = Object.getOwnPropertyDescriptor(m, k);
5
+ if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
6
+ desc = { enumerable: true, get: function() { return m[k]; } };
7
+ }
8
+ Object.defineProperty(o, k2, desc);
9
+ }) : (function(o, m, k, k2) {
10
+ if (k2 === undefined) k2 = k;
11
+ o[k2] = m[k];
12
+ }));
13
+ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
14
+ Object.defineProperty(o, "default", { enumerable: true, value: v });
15
+ }) : function(o, v) {
16
+ o["default"] = v;
17
+ });
18
+ var __importStar = (this && this.__importStar) || function (mod) {
19
+ if (mod && mod.__esModule) return mod;
20
+ var result = {};
21
+ if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
22
+ __setModuleDefault(result, mod);
23
+ return result;
24
+ };
25
+ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
26
+ function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
27
+ return new (P || (P = Promise))(function (resolve, reject) {
28
+ function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
29
+ function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
30
+ function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
31
+ step((generator = generator.apply(thisArg, _arguments || [])).next());
32
+ });
33
+ };
34
+ var __importDefault = (this && this.__importDefault) || function (mod) {
35
+ return (mod && mod.__esModule) ? mod : { "default": mod };
36
+ };
37
+ Object.defineProperty(exports, "__esModule", { value: true });
38
+ exports.JwtService = void 0;
39
+ const debug_1 = __importDefault(require("debug"));
40
+ const jose_1 = require("jose");
41
+ const u8a = __importStar(require("uint8arrays"));
42
+ const __1 = require("..");
43
+ const JWE_1 = require("../functions/JWE");
44
+ /**
45
+ * @public
46
+ */
47
+ class JwtService {
48
+ constructor() {
49
+ this.schema = __1.schema.IJwtService;
50
+ this.methods = {
51
+ jwtPrepareJws: this.jwtPrepareJws.bind(this),
52
+ jwtCreateJwsJsonGeneralSignature: this.jwtCreateJwsJsonGeneralSignature.bind(this),
53
+ jwtCreateJwsJsonFlattenedSignature: this.jwtCreateJwsJsonFlattenedSignature.bind(this),
54
+ jwtCreateJwsCompactSignature: this.jwtCreateJwsCompactSignature.bind(this),
55
+ jwtVerifyJwsSignature: this.jwtVerifyJwsSignature.bind(this),
56
+ jwtEncryptJweCompactJwt: this.jwtEncryptJweCompactJwt.bind(this),
57
+ jwtDecryptJweCompactJwt: this.jwtDecryptJweCompactJwt.bind(this),
58
+ };
59
+ }
60
+ jwtPrepareJws(args, context) {
61
+ return __awaiter(this, void 0, void 0, function* () {
62
+ return yield (0, __1.prepareJwsObject)(args, context);
63
+ });
64
+ }
65
+ jwtCreateJwsJsonGeneralSignature(args, context) {
66
+ return __awaiter(this, void 0, void 0, function* () {
67
+ return yield (0, __1.createJwsJsonGeneral)(args, context);
68
+ });
69
+ }
70
+ jwtCreateJwsJsonFlattenedSignature(args, context) {
71
+ return __awaiter(this, void 0, void 0, function* () {
72
+ return yield (0, __1.createJwsJsonFlattened)(args, context);
73
+ });
74
+ }
75
+ jwtCreateJwsCompactSignature(args, context) {
76
+ return __awaiter(this, void 0, void 0, function* () {
77
+ // We wrap it in a json object for remote REST calls
78
+ return { jwt: yield (0, __1.createJwsCompact)(args, context) };
79
+ });
80
+ }
81
+ jwtVerifyJwsSignature(args, context) {
82
+ return __awaiter(this, void 0, void 0, function* () {
83
+ return yield (0, __1.verifyJws)(args, context);
84
+ });
85
+ }
86
+ jwtEncryptJweCompactJwt(args, context) {
87
+ return __awaiter(this, void 0, void 0, function* () {
88
+ var _a, _b, _c, _d, _e, _f, _g;
89
+ const { payload, protectedHeader = { alg: args.alg, enc: args.enc }, recipientKey, issuer, expirationTime, audience } = args;
90
+ try {
91
+ (0, debug_1.default)(`JWE Encrypt: ${JSON.stringify(args, null, 2)}`);
92
+ const alg = (_b = (_a = (0, __1.jweAlg)(args.alg)) !== null && _a !== void 0 ? _a : (0, __1.jweAlg)(protectedHeader.alg)) !== null && _b !== void 0 ? _b : 'ECDH-ES';
93
+ const enc = (_d = (_c = (0, __1.jweEnc)(args.enc)) !== null && _c !== void 0 ? _c : (0, __1.jweEnc)(protectedHeader.enc)) !== null && _d !== void 0 ? _d : 'A256GCM';
94
+ const encJwks = recipientKey.jwks.length === 1
95
+ ? [recipientKey.jwks[0]]
96
+ : recipientKey.jwks.filter((jwk) => (jwk.kid && (jwk.kid === jwk.jwk.kid || jwk.kid === jwk.jwkThumbprint)) || jwk.jwk.use === 'enc');
97
+ if (encJwks.length === 0) {
98
+ return Promise.reject(Error(`No public JWK found that can be used to encrypt against`));
99
+ }
100
+ const jwkInfo = encJwks[0];
101
+ if (encJwks.length > 0) {
102
+ __1.JwtLogger.warning(`More than one JWK with 'enc' usage found. Selected the first one as no 'kid' was provided`, encJwks);
103
+ }
104
+ if (((_e = jwkInfo.jwk.kty) === null || _e === void 0 ? void 0 : _e.startsWith('EC')) !== true || !alg.startsWith('ECDH')) {
105
+ return Promise.reject(Error(`Currently only ECDH-ES is supported for encryption. JWK alg ${jwkInfo.jwk.kty}, header alg ${alg}`)); // TODO: Probably we support way more already
106
+ }
107
+ const apuVal = (_f = protectedHeader.apu) !== null && _f !== void 0 ? _f : args.apu;
108
+ const apu = apuVal ? u8a.fromString(apuVal, 'base64url') : undefined;
109
+ const apvVal = (_g = protectedHeader.apv) !== null && _g !== void 0 ? _g : args.apv;
110
+ const apv = apvVal ? u8a.fromString(apvVal, 'base64url') : undefined;
111
+ const pubKey = yield (0, jose_1.importJWK)(jwkInfo.jwk);
112
+ const encrypter = new JWE_1.CompactJwtEncrypter({
113
+ enc,
114
+ alg,
115
+ keyManagementParams: { apu, apv },
116
+ key: pubKey,
117
+ issuer,
118
+ expirationTime,
119
+ audience,
120
+ });
121
+ const jwe = yield encrypter.encryptCompactJWT(payload, {});
122
+ return { jwt: jwe };
123
+ }
124
+ catch (error) {
125
+ console.error(`Error encrypting JWE: ${error.message}`, error);
126
+ throw error;
127
+ }
128
+ });
129
+ }
130
+ jwtDecryptJweCompactJwt(args, context) {
131
+ return __awaiter(this, void 0, void 0, function* () {
132
+ return { jwt: 'FIXME' };
133
+ });
134
+ }
135
+ }
136
+ exports.JwtService = JwtService;
137
+ //# sourceMappingURL=JwtService.js.map
package/dist/agent/JwtService.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"JwtService.js","sourceRoot":"","sources":["../../src/agent/JwtService.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AACA,kDAAyB;AACzB,+BAAgC;AAEhC,iDAAkC;AAClC,0BAuBW;AACX,0CAAsD;AAEtD;;GAEG;AACH,MAAa,UAAU;IAAvB;QACW,WAAM,GAAG,UAAM,CAAC,WAAW,CAAA;QAC3B,YAAO,GAAgB;YAC9B,aAAa,EAAE,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC;YAC5C,gCAAgC,EAAE,IAAI,CAAC,gCAAgC,CAAC,IAAI,CAAC,IAAI,CAAC;YAClF,kCAAkC,EAAE,IAAI,CAAC,kCAAkC,CAAC,IAAI,CAAC,IAAI,CAAC;YACtF,4BAA4B,EAAE,IAAI,CAAC,4BAA4B,CAAC,IAAI,CAAC,IAAI,CAAC;YAC1E,qBAAqB,EAAE,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC;YAC5D,uBAAuB,EAAE,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,IAAI,CAAC;YAChE,uBAAuB,EAAE,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,IAAI,CAAC;SACjE,CAAA;IAwEH,CAAC;IAtEe,aAAa,CAAC,IAAuB,EAAE,OAAyB;;YAC5E,OAAO,MAAM,IAAA,oBAAgB,EAAC,IAAI,EAAE,OAAO,CAAC,CAAA;QAC9C,CAAC;KAAA;IAEa,gCAAgC,CAAC,IAAuB,EAAE,OAAyB;;YAC/F,OAAO,MAAM,IAAA,wBAAoB,EAAC,IAAI,EAAE,OAAO,CAAC,CAAA;QAClD,CAAC;KAAA;IAEa,kCAAkC,CAAC,IAA4B,EAAE,OAAyB;;YACtG,OAAO,MAAM,IAAA,0BAAsB,EAAC,IAAI,EAAE,OAAO,CAAC,CAAA;QACpD,CAAC;KAAA;IAEa,4BAA4B,CAAC,IAA0B,EAAE,OAAyB;;YAC9F,oDAAoD;YACpD,OAAO,EAAE,GAAG,EAAE,MAAM,IAAA,oBAAgB,EAAC,IAAI,EAAE,OAAO,CAAC,EAAE,CAAA;QACvD,CAAC;KAAA;IAEa,qBAAqB,CAAC,IAAmB,EAAE,OAAyB;;YAChF,OAAO,MAAM,IAAA,aAAS,EAAC,IAAI,EAAE,OAAO,CAAC,CAAA;QACvC,CAAC;KAAA;IAEa,uBAAuB,CAAC,IAA8B,EAAE,OAAyB;;;YAC7F,MAAM,EAAE,OAAO,EAAE,eAAe,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,YAAY,EAAE,MAAM,EAAE,cAAc,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAA;YAE5H,IAAI,CAAC;gBACH,IAAA,eAAK,EAAC,gBAAgB,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,CAAA;gBAEtD,MAAM,GAAG,GAAG,MAAA,MAAA,IAAA,UAAM,EAAC,IAAI,CAAC,GAAG,CAAC,mCAAI,IAAA,UAAM,EAAC,eAAe,CAAC,GAAG,CAAC,mCAAI,SAAS,CAAA;gBACxE,MAAM,GAAG,GAAG,MAAA,MAAA,IAAA,UAAM,EAAC,IAAI,CAAC,GAAG,CAAC,mCAAI,IAAA,UAAM,EAAC,eAAe,CAAC,GAAG,CAAC,mCAAI,SAAS,CAAA;gBACxE,MAAM,OAAO,GACX,YAAY,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC;oBAC5B,CAAC,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;oBACxB,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,KAAK,GAAG,CAAC,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,GAAG,KAAK,GAAG,CAAC,aAAa,CAAC,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,KAAK,KAAK,CAAC,CAAA;gBACzI,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;oBACzB,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,yDAAyD,CAAC,CAAC,CAAA;gBACzF,CAAC;gBACD,MAAM,OAAO,GAAG,OAAO,CAAC,CAAC,CAAC,CAAA;gBAC1B,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACvB,aAAS,CAAC,OAAO,CAAC,2FAA2F,EAAE,OAAO,CAAC,CAAA;gBACzH,CAAC;gBACD,IAAI,CAAA,MAAA,OAAO,CAAC,GAAG,CAAC,GAAG,0CAAE,UAAU,CAAC,IAAI,CAAC,MAAK,IAAI,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;oBAC1E,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,+DAA+D,OAAO,CAAC,GAAG,CAAC,GAAG,gBAAgB,GAAG,EAAE,CAAC,CAAC,CAAA,CAAC,6CAA6C;gBACjL,CAAC;gBACD,MAAM,MAAM,GAAG,MAAA,eAAe,CAAC,GAAG,mCAAI,IAAI,CAAC,GAAG,CAAA;gBAC9C,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;gBACpE,MAAM,MAAM,GAAG,MAAA,eAAe,CAAC,GAAG,mCAAI,IAAI,CAAC,GAAG,CAAA;gBAC9C,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;gBAEpE,MAAM,MAAM,GAAG,MAAM,IAAA,gBAAS,EAAC,OAAO,CAAC,GAAG,CAAC,CAAA;gBAC3C,MAAM,SAAS,GAAG,IAAI,yBAAmB,CAAC;oBACxC,GAAG;oBACH,GAAG;oBACH,mBAAmB,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE;oBACjC,GAAG,EAAE,MAAM;oBACX,MAAM;oBACN,cAAc;oBACd,QAAQ;iBACT,CAAC,CAAA;gBAEF,MAAM,GAAG,GAAG,MAAM,SAAS,CAAC,iBAAiB,CAAC,OAAO,EAAE,EAAE,CAAC,CAAA;gBAC1D,OAAO,EAAE,GAAG,EAAE,GAAG,EAAE,CAAA;YACrB,CAAC;YAAC,OAAO,KAAU,EAAE,CAAC;gBACpB,OAAO,CAAC,KAAK,CAAC,yBAAyB,KAAK,CAAC,OAAO,EAAE,EAAE,KAAK,CAAC,CAAA;gBAC9D,MAAM,KAAK,CAAA;YACb,CAAC;QACH,CAAC;KAAA;IAEa,uBAAuB,CAAC,IAA8B,EAAE,OAAyB;;YAC7F,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,CAAA;QACzB,CAAC;KAAA;CACF;AAlFD,gCAkFC"}
package/dist/functions/JWE.d.ts ADDED
@@ -0,0 +1,75 @@
1
+ import { RandomSource } from '@stablelib/random';
2
+ import * as jose from 'jose';
3
+ import { JWEKeyManagementHeaderParameters, JWTDecryptOptions } from 'jose';
4
+ import type { KeyLike } from 'jose/dist/types/types';
5
+ import { JweAlg, JweEnc, JweHeader, JweJsonGeneral, JweProtectedHeader, JweRecipient, JweRecipientUnprotectedHeader, JwsPayload } from '../types/IJwtService';
6
+ export interface EncryptionResult {
7
+ ciphertext: Uint8Array;
8
+ tag: Uint8Array;
9
+ iv: Uint8Array;
10
+ protectedHeader?: string;
11
+ recipients?: JweRecipient[];
12
+ cek?: Uint8Array;
13
+ }
14
+ export declare const generateContentEncryptionKey: ({ alg, randomSource, }: {
15
+ alg: JweEnc;
16
+ randomSource?: RandomSource;
17
+ }) => Promise<Uint8Array>;
18
+ export interface JwtEncrypter {
19
+ alg: string;
20
+ enc: string;
21
+ encrypt: (payload: JwsPayload, protectedHeader: JweProtectedHeader, aad?: Uint8Array) => Promise<EncryptionResult>;
22
+ encryptCek?: (cek: Uint8Array) => Promise<JweRecipient>;
23
+ }
24
+ export interface JweEncrypter {
25
+ alg: string;
26
+ enc: string;
27
+ encrypt: (payload: Uint8Array, protectedHeader: JweProtectedHeader, aad?: Uint8Array) => Promise<EncryptionResult>;
28
+ encryptCek?: (cek: Uint8Array) => Promise<JweRecipient>;
29
+ }
30
+ export interface JweDecrypter {
31
+ alg: string;
32
+ enc: string;
33
+ decrypt: (sealed: Uint8Array, iv: Uint8Array, aad?: Uint8Array, recipient?: JweRecipient) => Promise<Uint8Array | null>;
34
+ }
35
+ export declare class CompactJwtEncrypter implements JweEncrypter {
36
+ private _alg;
37
+ private _enc;
38
+ private _keyManagementParams;
39
+ private recipientKey;
40
+ private expirationTime;
41
+ private issuer;
42
+ private audience;
43
+ constructor(args: {
44
+ key: Uint8Array | jose.KeyLike;
45
+ alg?: JweAlg;
46
+ enc?: JweEnc;
47
+ keyManagementParams?: JWEKeyManagementHeaderParameters;
48
+ expirationTime?: number | string | Date;
49
+ issuer?: string;
50
+ audience?: string | string[];
51
+ });
52
+ get enc(): string;
53
+ set enc(value: JweEnc | string);
54
+ get alg(): string;
55
+ set alg(value: JweAlg | string);
56
+ encryptCompactJWT(payload: JwsPayload, jweProtectedHeader: JweProtectedHeader, aad?: Uint8Array | undefined): Promise<string>;
57
+ static decryptCompactJWT(jwt: string, key: KeyLike | Uint8Array, options?: JWTDecryptOptions): Promise<jose.JWTDecryptResult<jose.JWTPayload>>;
58
+ encrypt(payload: Uint8Array, jweProtectedHeader: JweProtectedHeader, aad?: Uint8Array | undefined): Promise<EncryptionResult>;
59
+ }
60
+ export declare function createJwe(cleartext: Uint8Array, encrypters: JweEncrypter[], protectedHeader: JweProtectedHeader, aad?: Uint8Array): Promise<JweJsonGeneral>;
61
+ /**
62
+ * Merges all headers, so we get a unified header.
63
+ *
64
+ * @param protectedHeader
65
+ * @param unprotectedHeader
66
+ * @param recipientUnprotectedHeader
67
+ */
68
+ export declare function jweMergeHeaders({ protectedHeader, unprotectedHeader, recipientUnprotectedHeader, }: {
69
+ protectedHeader?: JweProtectedHeader;
70
+ unprotectedHeader?: JweHeader;
71
+ recipientUnprotectedHeader?: JweRecipientUnprotectedHeader;
72
+ }): JweHeader;
73
+ export declare function decryptJwe(jwe: JweJsonGeneral, decrypter: JweDecrypter): Promise<Uint8Array>;
74
+ export declare function toWebCryptoCiphertext(ciphertext: string, tag: string): Uint8Array;
75
+ //# sourceMappingURL=JWE.d.ts.map
package/dist/functions/JWE.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"JWE.d.ts","sourceRoot":"","sources":["../../src/functions/JWE.ts"],"names":[],"mappings":"AAAA,OAAO,EAAoC,YAAY,EAAE,MAAM,mBAAmB,CAAA;AAElF,OAAO,KAAK,IAAI,MAAM,MAAM,CAAA;AAC5B,OAAO,EAAE,gCAAgC,EAAE,iBAAiB,EAAE,MAAM,MAAM,CAAA;AAC1E,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAA;AAEpD,OAAO,EACL,MAAM,EAEN,MAAM,EAEN,SAAS,EACT,cAAc,EACd,kBAAkB,EAClB,YAAY,EACZ,6BAA6B,EAC7B,UAAU,EACX,MAAM,sBAAsB,CAAA;AAE7B,MAAM,WAAW,gBAAgB;IAC/B,UAAU,EAAE,UAAU,CAAA;IACtB,GAAG,EAAE,UAAU,CAAA;IACf,EAAE,EAAE,UAAU,CAAA;IACd,eAAe,CAAC,EAAE,MAAM,CAAA;IACxB,UAAU,CAAC,EAAE,YAAY,EAAE,CAAA;IAC3B,GAAG,CAAC,EAAE,UAAU,CAAA;CACjB;AAED,eAAO,MAAM,4BAA4B,2BAGtC;IACD,GAAG,EAAE,MAAM,CAAA;IACX,YAAY,CAAC,EAAE,YAAY,CAAA;CAC5B,KAAG,OAAO,CAAC,UAAU,CAuBrB,CAAA;AAaD,MAAM,WAAW,YAAY;IAC3B,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;IACX,OAAO,EAAE,CAAC,OAAO,EAAE,UAAU,EAAE,eAAe,EAAE,kBAAkB,EAAE,GAAG,CAAC,EAAE,UAAU,KAAK,OAAO,CAAC,gBAAgB,CAAC,CAAA;IAClH,UAAU,CAAC,EAAE,CAAC,GAAG,EAAE,UAAU,KAAK,OAAO,CAAC,YAAY,CAAC,CAAA;CACxD;AAED,MAAM,WAAW,YAAY;IAC3B,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;IACX,OAAO,EAAE,CAAC,OAAO,EAAE,UAAU,EAAE,eAAe,EAAE,kBAAkB,EAAE,GAAG,CAAC,EAAE,UAAU,KAAK,OAAO,CAAC,gBAAgB,CAAC,CAAA;IAClH,UAAU,CAAC,EAAE,CAAC,GAAG,EAAE,UAAU,KAAK,OAAO,CAAC,YAAY,CAAC,CAAA;CACxD;AAED,MAAM,WAAW,YAAY;IAC3B,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;IACX,OAAO,EAAE,CAAC,MAAM,EAAE,UAAU,EAAE,EAAE,EAAE,UAAU,EAAE,GAAG,CAAC,EAAE,UAAU,EAAE,SAAS,CAAC,EAAE,YAAY,KAAK,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC,CAAA;CACxH;AAyCD,qBAAa,mBAAoB,YAAW,YAAY;IACtD,OAAO,CAAC,IAAI,CAAoB;IAChC,OAAO,CAAC,IAAI,CAAoB;IAChC,OAAO,CAAC,oBAAoB,CAA8C;IAC1E,OAAO,CAAC,YAAY,CAA2B;IAC/C,OAAO,CAAC,cAAc,CAAA;IACtB,OAAO,CAAC,MAAM,CAAoB;IAClC,OAAO,CAAC,QAAQ,CAA+B;gBAEnC,IAAI,EAAE;QAChB,GAAG,EAAE,UAAU,GAAG,IAAI,CAAC,OAAO,CAAA;QAC9B,GAAG,CAAC,EAAE,MAAM,CAAA;QACZ,GAAG,CAAC,EAAE,MAAM,CAAA;QACZ,mBAAmB,CAAC,EAAE,gCAAgC,CAAA;QACtD,cAAc,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAAA;QACvC,MAAM,CAAC,EAAE,MAAM,CAAA;QACf,QAAQ,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAA;KAC7B;IAcD,IAAI,GAAG,IAAI,MAAM,CAKhB;IAED,IAAI,GAAG,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,EAM7B;IAED,IAAI,GAAG,IAAI,MAAM,CAKhB;IAED,IAAI,GAAG,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,EAM7B;IAEK,iBAAiB,CAAC,OAAO,EAAE,UAAU,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,GAAG,CAAC,EAAE,UAAU,GAAG,SAAS,GAAG,OAAO,CAAC,MAAM,CAAC;WA4C/G,iBAAiB,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,GAAG,UAAU,EAAE,OAAO,CAAC,EAAE,iBAAiB;IAInG,OAAO,CAAC,OAAO,EAAE,UAAU,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,GAAG,CAAC,EAAE,UAAU,GAAG,SAAS,GAAG,OAAO,CAAC,gBAAgB,CAAC;CAsBpI;AAED,wBAAsB,SAAS,CAC7B,SAAS,EAAE,UAAU,EACrB,UAAU,EAAE,YAAY,EAAE,EAC1B,eAAe,EAAE,kBAAkB,EACnC,GAAG,CAAC,EAAE,UAAU,GACf,OAAO,CAAC,cAAc,CAAC,CAkCzB;AAED;;;;;;GAMG;AACH,wBAAgB,eAAe,CAAC,EAC9B,eAAe,EACf,iBAAiB,EACjB,0BAA0B,GAC3B,EAAE;IACD,eAAe,CAAC,EAAE,kBAAkB,CAAA;IACpC,iBAAiB,CAAC,EAAE,SAAS,CAAA;IAC7B,0BAA0B,CAAC,EAAE,6BAA6B,CAAA;CAC3D,GAAG,SAAS,CAQZ;AAED,wBAAsB,UAAU,CAAC,GAAG,EAAE,cAAc,EAAE,SAAS,EAAE,YAAY,GAAG,OAAO,CAAC,UAAU,CAAC,CA0BlG;AAED,wBAAgB,qBAAqB,CAAC,UAAU,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,UAAU,CAEjF"}
package/dist/functions/JWE.js ADDED
@@ -0,0 +1,280 @@
1
+ "use strict";
2
+ var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
3
+ if (k2 === undefined) k2 = k;
4
+ var desc = Object.getOwnPropertyDescriptor(m, k);
5
+ if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
6
+ desc = { enumerable: true, get: function() { return m[k]; } };
7
+ }
8
+ Object.defineProperty(o, k2, desc);
9
+ }) : (function(o, m, k, k2) {
10
+ if (k2 === undefined) k2 = k;
11
+ o[k2] = m[k];
12
+ }));
13
+ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
14
+ Object.defineProperty(o, "default", { enumerable: true, value: v });
15
+ }) : function(o, v) {
16
+ o["default"] = v;
17
+ });
18
+ var __importStar = (this && this.__importStar) || function (mod) {
19
+ if (mod && mod.__esModule) return mod;
20
+ var result = {};
21
+ if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
22
+ __setModuleDefault(result, mod);
23
+ return result;
24
+ };
25
+ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
26
+ function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
27
+ return new (P || (P = Promise))(function (resolve, reject) {
28
+ function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
29
+ function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
30
+ function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
31
+ step((generator = generator.apply(thisArg, _arguments || [])).next());
32
+ });
33
+ };
34
+ Object.defineProperty(exports, "__esModule", { value: true });
35
+ exports.CompactJwtEncrypter = exports.generateContentEncryptionKey = void 0;
36
+ exports.createJwe = createJwe;
37
+ exports.jweMergeHeaders = jweMergeHeaders;
38
+ exports.decryptJwe = decryptJwe;
39
+ exports.toWebCryptoCiphertext = toWebCryptoCiphertext;
40
+ const random_1 = require("@stablelib/random");
41
+ const utils_1 = require("@veramo/utils");
42
+ const jose = __importStar(require("jose"));
43
+ const u8a = __importStar(require("uint8arrays"));
44
+ const IJwtService_1 = require("../types/IJwtService");
45
+ const generateContentEncryptionKey = (_a) => __awaiter(void 0, [_a], void 0, function* ({ alg, randomSource = random_1.defaultRandomSource, }) {
46
+ let length;
47
+ switch (alg) {
48
+ case 'A128GCM':
49
+ length = 16;
50
+ break;
51
+ case 'A192GCM':
52
+ length = 24;
53
+ break;
54
+ case 'A128CBC-HS256':
55
+ case 'A256GCM':
56
+ length = 32;
57
+ break;
58
+ case 'A192CBC-HS384':
59
+ length = 48;
60
+ break;
61
+ case 'A256CBC-HS512':
62
+ length = 64;
63
+ break;
64
+ default:
65
+ length = 32;
66
+ }
67
+ return (0, random_1.randomBytes)(length, randomSource);
68
+ });
69
+ exports.generateContentEncryptionKey = generateContentEncryptionKey;
70
+ function jweAssertValid(jwe) {
71
+ if (!(jwe.protected && jwe.iv && jwe.ciphertext && jwe.tag)) {
72
+ throw Error('JWE is missing properties: protected, iv, ciphertext and/or tag');
73
+ }
74
+ if (jwe.recipients) {
75
+ jwe.recipients.map((recipient) => {
76
+ if (!(recipient.header && recipient.encrypted_key)) {
77
+ throw Error('Malformed JWE recipients; no header and encrypted key present');
78
+ }
79
+ });
80
+ }
81
+ }
82
+ function jweEncode({ ciphertext, tag, iv, protectedHeader, recipients, aad, unprotected, }) {
83
+ if (!recipients || recipients.length === 0) {
84
+ throw Error(`No recipient found`);
85
+ }
86
+ return Object.assign(Object.assign(Object.assign(Object.assign(Object.assign({}, (unprotected && { unprotected })), { protected: protectedHeader, iv: (0, utils_1.bytesToBase64url)(iv), ciphertext: (0, utils_1.bytesToBase64url)(ciphertext) }), (tag && { tag: (0, utils_1.bytesToBase64url)(tag) })), (aad && { aad: (0, utils_1.bytesToBase64url)(aad) })), { recipients });
87
+ }
88
+ class CompactJwtEncrypter {
89
+ constructor(args) {
90
+ if (args === null || args === void 0 ? void 0 : args.alg) {
91
+ this._alg = args.alg;
92
+ }
93
+ if (args === null || args === void 0 ? void 0 : args.enc) {
94
+ this._enc = args.enc;
95
+ }
96
+ this._keyManagementParams = args.keyManagementParams;
97
+ this.recipientKey = args.key;
98
+ this.expirationTime = args.expirationTime;
99
+ this.issuer = args.issuer;
100
+ this.audience = args.audience;
101
+ }
102
+ get enc() {
103
+ if (!this._enc) {
104
+ throw Error(`enc not set`);
105
+ }
106
+ return this._enc;
107
+ }
108
+ set enc(value) {
109
+ // @ts-ignore
110
+ if (!IJwtService_1.JweEncs.includes(value)) {
111
+ throw Error(`invalid JWE enc value ${value}`);
112
+ }
113
+ this._enc = value;
114
+ }
115
+ get alg() {
116
+ if (!this._alg) {
117
+ throw Error(`alg not set`);
118
+ }
119
+ return this._alg;
120
+ }
121
+ set alg(value) {
122
+ // @ts-ignore
123
+ if (!IJwtService_1.JweAlgs.includes(value)) {
124
+ throw Error(`invalid JWE alg value ${value}`);
125
+ }
126
+ this._alg = value;
127
+ }
128
+ encryptCompactJWT(payload, jweProtectedHeader, aad) {
129
+ return __awaiter(this, void 0, void 0, function* () {
130
+ var _a, _b;
131
+ const protectedHeader = Object.assign(Object.assign({}, jweProtectedHeader), { alg: (_a = jweProtectedHeader.alg) !== null && _a !== void 0 ? _a : this._alg, enc: (_b = jweProtectedHeader.enc) !== null && _b !== void 0 ? _b : this._enc });
132
+ if (!protectedHeader.alg || !protectedHeader.enc) {
133
+ return Promise.reject(Error(`no 'alg' or 'enc' value set for the protected JWE header!`));
134
+ }
135
+ this.enc = protectedHeader.enc;
136
+ this.alg = protectedHeader.alg;
137
+ if (payload.exp) {
138
+ this.expirationTime = payload.exp;
139
+ }
140
+ if (payload.iss) {
141
+ this.issuer = payload.iss;
142
+ }
143
+ if (payload.aud) {
144
+ this.audience = payload.aud;
145
+ }
146
+ const encrypt = new jose.EncryptJWT(payload).setProtectedHeader(Object.assign(Object.assign({}, protectedHeader), { alg: this.alg, enc: this.enc }));
147
+ if (this._alg.startsWith('ECDH')) {
148
+ if (!this._keyManagementParams) {
149
+ return Promise.reject(Error(`ECDH requires key management params`));
150
+ }
151
+ encrypt.setKeyManagementParameters(this._keyManagementParams);
152
+ }
153
+ if (this.expirationTime !== undefined) {
154
+ encrypt.setExpirationTime(this.expirationTime);
155
+ }
156
+ if (this.issuer) {
157
+ encrypt.setIssuer(this.issuer);
158
+ }
159
+ if (this.audience) {
160
+ encrypt.setAudience(this.audience);
161
+ }
162
+ return yield encrypt.encrypt(this.recipientKey);
163
+ });
164
+ }
165
+ static decryptCompactJWT(jwt, key, options) {
166
+ return __awaiter(this, void 0, void 0, function* () {
167
+ return yield jose.jwtDecrypt(jwt, key, options);
168
+ });
169
+ }
170
+ encrypt(payload, jweProtectedHeader, aad) {
171
+ return __awaiter(this, void 0, void 0, function* () {
172
+ const jwt = yield this.encryptCompactJWT(JSON.parse(u8a.toString(payload)), jweProtectedHeader, aad);
173
+ const [protectedHeader, encryptedKey, ivB64, payloadB64, tagB64] = jwt.split('.');
174
+ //[jwe.protected, jwe.encrypted_key, jwe.iv, jwe.ciphertext, jwe.tag].join('.');
175
+ console.log(`FIXME: TO EncryptionResult`);
176
+ return {
177
+ protectedHeader,
178
+ tag: (0, utils_1.base64ToBytes)(tagB64),
179
+ ciphertext: (0, utils_1.base64ToBytes)(payloadB64),
180
+ iv: (0, utils_1.base64ToBytes)(ivB64),
181
+ recipients: [
182
+ Object.assign({}, (encryptedKey && { encrypted_key: encryptedKey })),
183
+ ],
184
+ };
185
+ });
186
+ }
187
+ }
188
+ exports.CompactJwtEncrypter = CompactJwtEncrypter;
189
+ function createJwe(cleartext, encrypters, protectedHeader, aad) {
190
+ return __awaiter(this, void 0, void 0, function* () {
191
+ var _a, _b;
192
+ if (encrypters.length === 0) {
193
+ throw Error('JWE needs at least 1 encryptor');
194
+ }
195
+ if (encrypters.find((enc) => enc.alg === 'dir' || enc.alg === 'ECDH-ES')) {
196
+ if (encrypters.length !== 1) {
197
+ throw Error(`JWE can only do "dir" or "ECDH-ES" encryption with one key. ${encrypters.length} supplied`);
198
+ }
199
+ const encryptionResult = yield encrypters[0].encrypt(cleartext, protectedHeader, aad);
200
+ return jweEncode(Object.assign(Object.assign({}, encryptionResult), { aad }));
201
+ }
202
+ else {
203
+ const tmpEnc = encrypters[0].enc;
204
+ if (!encrypters.reduce((acc, encrypter) => acc && encrypter.enc === tmpEnc, true)) {
205
+ throw new Error('invalid_argument: Incompatible encrypters passed');
206
+ }
207
+ let cek = undefined;
208
+ let jwe = undefined;
209
+ for (const encrypter of encrypters) {
210
+ if (!cek) {
211
+ const encryptionResult = yield encrypter.encrypt(cleartext, protectedHeader, aad);
212
+ cek = encryptionResult.cek;
213
+ jwe = jweEncode(Object.assign(Object.assign({}, encryptionResult), { aad }));
214
+ }
215
+ else {
216
+ const recipient = yield ((_a = encrypter.encryptCek) === null || _a === void 0 ? void 0 : _a.call(encrypter, cek));
217
+ if (recipient) {
218
+ (_b = jwe === null || jwe === void 0 ? void 0 : jwe.recipients) === null || _b === void 0 ? void 0 : _b.push(recipient);
219
+ }
220
+ }
221
+ }
222
+ if (!jwe) {
223
+ throw Error(`No JWE constructed`);
224
+ }
225
+ return jwe;
226
+ }
227
+ });
228
+ }
229
+ /**
230
+ * Merges all headers, so we get a unified header.
231
+ *
232
+ * @param protectedHeader
233
+ * @param unprotectedHeader
234
+ * @param recipientUnprotectedHeader
235
+ */
236
+ function jweMergeHeaders({ protectedHeader, unprotectedHeader, recipientUnprotectedHeader, }) {
237
+ // TODO: Check that all headers/params are disjoint!
238
+ const header = Object.assign(Object.assign(Object.assign({}, protectedHeader), unprotectedHeader), recipientUnprotectedHeader);
239
+ if (!header.alg || !header.enc) {
240
+ throw Error(`Either 'alg' or 'enc' are missing from the headers`);
241
+ }
242
+ return header;
243
+ }
244
+ function decryptJwe(jwe, decrypter) {
245
+ return __awaiter(this, void 0, void 0, function* () {
246
+ jweAssertValid(jwe);
247
+ const protectedHeader = JSON.parse((0, utils_1.decodeBase64url)(jwe.protected));
248
+ if ((protectedHeader === null || protectedHeader === void 0 ? void 0 : protectedHeader.enc) !== decrypter.enc) {
249
+ return Promise.reject(Error(`Decrypter enc '${decrypter.enc}' does not support header enc '${protectedHeader.enc}'`));
250
+ }
251
+ else if (!jwe.tag) {
252
+ return Promise.reject(Error(`Decrypter enc '${decrypter.enc}' does not support header enc '${protectedHeader.enc}'`));
253
+ }
254
+ const sealed = toWebCryptoCiphertext(jwe.ciphertext, jwe.tag);
255
+ const aad = u8a.fromString(jwe.aad ? `${jwe.protected}.${jwe.aad}` : jwe.protected);
256
+ let cleartext = null;
257
+ if (protectedHeader.alg === 'dir' && decrypter.alg === 'dir') {
258
+ cleartext = yield decrypter.decrypt(sealed, (0, utils_1.base64ToBytes)(jwe.iv), aad);
259
+ }
260
+ else if (!jwe.recipients || jwe.recipients.length === 0) {
261
+ throw Error('missing recipients for JWE');
262
+ }
263
+ else {
264
+ for (let i = 0; !cleartext && i < jwe.recipients.length; i++) {
265
+ const recipient = jwe.recipients[i];
266
+ recipient.header = Object.assign(Object.assign({}, recipient.header), protectedHeader);
267
+ if (recipient.header.alg === decrypter.alg) {
268
+ cleartext = yield decrypter.decrypt(sealed, (0, utils_1.base64ToBytes)(jwe.iv), aad, recipient);
269
+ }
270
+ }
271
+ }
272
+ if (cleartext === null)
273
+ throw new Error('failure: Failed to decrypt');
274
+ return cleartext;
275
+ });
276
+ }
277
+ function toWebCryptoCiphertext(ciphertext, tag) {
278
+ return u8a.concat([(0, utils_1.base64ToBytes)(ciphertext), (0, utils_1.base64ToBytes)(tag)]);
279
+ }
280
+ //# sourceMappingURL=JWE.js.map
package/dist/functions/JWE.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"JWE.js","sourceRoot":"","sources":["../../src/functions/JWE.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAsQA,8BAuCC;AASD,0CAgBC;AAED,gCA0BC;AAED,sDAEC;AAtWD,8CAAkF;AAClF,yCAAgF;AAChF,2CAA4B;AAG5B,iDAAkC;AAClC,sDAW6B;AAWtB,MAAM,4BAA4B,GAAG,KAMpB,EAAE,4CANyB,EACjD,GAAG,EACH,YAAY,GAAG,4BAAmB,GAInC;IACC,IAAI,MAAc,CAAA;IAClB,QAAQ,GAAG,EAAE,CAAC;QACZ,KAAK,SAAS;YACZ,MAAM,GAAG,EAAE,CAAA;YACX,MAAK;QACP,KAAK,SAAS;YACZ,MAAM,GAAG,EAAE,CAAA;YACX,MAAK;QACP,KAAK,eAAe,CAAC;QACrB,KAAK,SAAS;YACZ,MAAM,GAAG,EAAE,CAAA;YACX,MAAK;QACP,KAAK,eAAe;YAClB,MAAM,GAAG,EAAE,CAAA;YACX,MAAK;QACP,KAAK,eAAe;YAClB,MAAM,GAAG,EAAE,CAAA;YACX,MAAK;QACP;YACE,MAAM,GAAG,EAAE,CAAA;IACf,CAAC;IACD,OAAO,IAAA,oBAAW,EAAC,MAAM,EAAE,YAAY,CAAC,CAAA;AAC1C,CAAC,CAAA,CAAA;AA7BY,QAAA,4BAA4B,gCA6BxC;AAiCD,SAAS,cAAc,CAAC,GAAmB;IACzC,IAAI,CAAC,CAAC,GAAG,CAAC,SAAS,IAAI,GAAG,CAAC,EAAE,IAAI,GAAG,CAAC,UAAU,IAAI,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;QAC5D,MAAM,KAAK,CAAC,iEAAiE,CAAC,CAAA;IAChF,CAAC;IACD,IAAI,GAAG,CAAC,UAAU,EAAE,CAAC;QACnB,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,SAAuB,EAAE,EAAE;YAC7C,IAAI,CAAC,CAAC,SAAS,CAAC,MAAM,IAAI,SAAS,CAAC,aAAa,CAAC,EAAE,CAAC;gBACnD,MAAM,KAAK,CAAC,+DAA+D,CAAC,CAAA;YAC9E,CAAC;QACH,CAAC,CAAC,CAAA;IACJ,CAAC;AACH,CAAC;AAED,SAAS,SAAS,CAAC,EACjB,UAAU,EACV,GAAG,EACH,EAAE,EACF,eAAe,EACf,UAAU,EACV,GAAG,EACH,WAAW,GAIZ;IACC,IAAI,CAAC,UAAU,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC3C,MAAM,KAAK,CAAC,oBAAoB,CAAC,CAAA;IACnC,CAAC;IACD,OAAO,0EACF,CAAC,WAAW,IAAI,EAAE,WAAW,EAAE,CAAC,KACnC,SAAS,EAAU,eAAe,EAClC,EAAE,EAAE,IAAA,wBAAgB,EAAC,EAAE,CAAC,EACxB,UAAU,EAAE,IAAA,wBAAgB,EAAC,UAAU,CAAC,KACrC,CAAC,GAAG,IAAI,EAAE,GAAG,EAAE,IAAA,wBAAgB,EAAC,GAAG,CAAC,EAAE,CAAC,GACvC,CAAC,GAAG,IAAI,EAAE,GAAG,EAAE,IAAA,wBAAgB,EAAC,GAAG,CAAC,EAAE,CAAC,KAC1C,UAAU,GACc,CAAA;AAC5B,CAAC;AAED,MAAa,mBAAmB;IAS9B,YAAY,IAQX;QACC,IAAI,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,GAAG,EAAE,CAAC;YACd,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,GAAG,CAAA;QACtB,CAAC;QACD,IAAI,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,GAAG,EAAE,CAAC;YACd,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,GAAG,CAAA;QACtB,CAAC;QACD,IAAI,CAAC,oBAAoB,GAAG,IAAI,CAAC,mBAAmB,CAAA;QACpD,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,GAAG,CAAA;QAC5B,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,cAAc,CAAA;QACzC,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAA;QACzB,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAA;IAC/B,CAAC;IAED,IAAI,GAAG;QACL,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;YACf,MAAM,KAAK,CAAC,aAAa,CAAC,CAAA;QAC5B,CAAC;QACD,OAAO,IAAI,CAAC,IAAI,CAAA;IAClB,CAAC;IAED,IAAI,GAAG,CAAC,KAAsB;QAC5B,aAAa;QACb,IAAI,CAAC,qBAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YAC7B,MAAM,KAAK,CAAC,yBAAyB,KAAK,EAAE,CAAC,CAAA;QAC/C,CAAC;QACD,IAAI,CAAC,IAAI,GAAG,KAAe,CAAA;IAC7B,CAAC;IAED,IAAI,GAAG;QACL,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;YACf,MAAM,KAAK,CAAC,aAAa,CAAC,CAAA;QAC5B,CAAC;QACD,OAAO,IAAI,CAAC,IAAI,CAAA;IAClB,CAAC;IAED,IAAI,GAAG,CAAC,KAAsB;QAC5B,aAAa;QACb,IAAI,CAAC,qBAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YAC7B,MAAM,KAAK,CAAC,yBAAyB,KAAK,EAAE,CAAC,CAAA;QAC/C,CAAC;QACD,IAAI,CAAC,IAAI,GAAG,KAAe,CAAA;IAC7B,CAAC;IAEK,iBAAiB,CAAC,OAAmB,EAAE,kBAAsC,EAAE,GAA4B;;;YAC/G,MAAM,eAAe,mCAChB,kBAAkB,KACrB,GAAG,EAAE,MAAA,kBAAkB,CAAC,GAAG,mCAAI,IAAI,CAAC,IAAI,EACxC,GAAG,EAAE,MAAA,kBAAkB,CAAC,GAAG,mCAAI,IAAI,CAAC,IAAI,GACzC,CAAA;YACD,IAAI,CAAC,eAAe,CAAC,GAAG,IAAI,CAAC,eAAe,CAAC,GAAG,EAAE,CAAC;gBACjD,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,2DAA2D,CAAC,CAAC,CAAA;YAC3F,CAAC;YACD,IAAI,CAAC,GAAG,GAAG,eAAe,CAAC,GAAG,CAAA;YAC9B,IAAI,CAAC,GAAG,GAAG,eAAe,CAAC,GAAG,CAAA;YAC9B,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;gBAChB,IAAI,CAAC,cAAc,GAAG,OAAO,CAAC,GAAG,CAAA;YACnC,CAAC;YACD,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;gBAChB,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,GAAG,CAAA;YAC3B,CAAC;YACD,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;gBAChB,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAA;YAC7B,CAAC;YACD,MAAM,OAAO,GAAG,IAAI,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,kBAAkB,iCAC1D,eAAe,KAClB,GAAG,EAAE,IAAI,CAAC,GAAG,EACb,GAAG,EAAE,IAAI,CAAC,GAAG,IACb,CAAA;YACF,IAAI,IAAI,CAAC,IAAK,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;gBAClC,IAAI,CAAC,IAAI,CAAC,oBAAoB,EAAE,CAAC;oBAC/B,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,qCAAqC,CAAC,CAAC,CAAA;gBACrE,CAAC;gBACD,OAAO,CAAC,0BAA0B,CAAC,IAAI,CAAC,oBAAqB,CAAC,CAAA;YAChE,CAAC;YACD,IAAI,IAAI,CAAC,cAAc,KAAK,SAAS,EAAE,CAAC;gBACtC,OAAO,CAAC,iBAAiB,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;YAChD,CAAC;YAED,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;gBAChB,OAAO,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;YAChC,CAAC;YACD,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAClB,OAAO,CAAC,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;YACpC,CAAC;YACD,OAAO,MAAM,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,CAAA;QACjD,CAAC;KAAA;IAEM,MAAM,CAAO,iBAAiB,CAAC,GAAW,EAAE,GAAyB,EAAE,OAA2B;;YACvG,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,GAAG,EAAE,OAAO,CAAC,CAAA;QACjD,CAAC;KAAA;IAEK,OAAO,CAAC,OAAmB,EAAE,kBAAsC,EAAE,GAA4B;;YACrG,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,EAAE,kBAAkB,EAAE,GAAG,CAAC,CAAA;YACpG,MAAM,CAAC,eAAe,EAAE,YAAY,EAAE,KAAK,EAAE,UAAU,EAAE,MAAM,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;YACjF,gFAAgF;YAChF,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAC,CAAA;YAEzC,OAAO;gBACL,eAAe;gBACf,GAAG,EAAE,IAAA,qBAAa,EAAC,MAAM,CAAC;gBAC1B,UAAU,EAAE,IAAA,qBAAa,EAAC,UAAU,CAAC;gBACrC,EAAE,EAAE,IAAA,qBAAa,EAAC,KAAK,CAAC;gBACxB,UAAU,EAAE;sCAIL,CAAC,YAAY,IAAI,EAAE,aAAa,EAAE,YAAY,EAAE,CAAC;iBAEvD;aACF,CAAA;QACH,CAAC;KAAA;CAGF;AAnID,kDAmIC;AAED,SAAsB,SAAS,CAC7B,SAAqB,EACrB,UAA0B,EAC1B,eAAmC,EACnC,GAAgB;;;QAEhB,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC5B,MAAM,KAAK,CAAC,gCAAgC,CAAC,CAAA;QAC/C,CAAC;QACD,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,KAAK,KAAK,IAAI,GAAG,CAAC,GAAG,KAAK,SAAS,CAAC,EAAE,CAAC;YACzE,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC5B,MAAM,KAAK,CAAC,+DAA+D,UAAU,CAAC,MAAM,WAAW,CAAC,CAAA;YAC1G,CAAC;YACD,MAAM,gBAAgB,GAAG,MAAM,UAAU,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,SAAS,EAAE,eAAe,EAAE,GAAG,CAAC,CAAA;YACrF,OAAO,SAAS,iCAAM,gBAAgB,KAAE,GAAG,IAAG,CAAA;QAChD,CAAC;aAAM,CAAC;YACN,MAAM,MAAM,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC,GAAG,CAAA;YAChC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,SAAS,EAAE,EAAE,CAAC,GAAG,IAAI,SAAS,CAAC,GAAG,KAAK,MAAM,EAAE,IAAI,CAAC,EAAE,CAAC;gBAClF,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAA;YACrE,CAAC;YACD,IAAI,GAAG,GAA2B,SAAS,CAAA;YAC3C,IAAI,GAAG,GAA+B,SAAS,CAAA;YAC/C,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;gBACnC,IAAI,CAAC,GAAG,EAAE,CAAC;oBACT,MAAM,gBAAgB,GAAG,MAAM,SAAS,CAAC,OAAO,CAAC,SAAS,EAAE,eAAe,EAAE,GAAG,CAAC,CAAA;oBACjF,GAAG,GAAG,gBAAgB,CAAC,GAAG,CAAA;oBAC1B,GAAG,GAAG,SAAS,iCAAM,gBAAgB,KAAE,GAAG,IAAG,CAAA;gBAC/C,CAAC;qBAAM,CAAC;oBACN,MAAM,SAAS,GAAG,MAAM,CAAA,MAAA,SAAS,CAAC,UAAU,0DAAG,GAAG,CAAC,CAAA,CAAA;oBACnD,IAAI,SAAS,EAAE,CAAC;wBACd,MAAA,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,UAAU,0CAAE,IAAI,CAAC,SAAS,CAAC,CAAA;oBAClC,CAAC;gBACH,CAAC;YACH,CAAC;YACD,IAAI,CAAC,GAAG,EAAE,CAAC;gBACT,MAAM,KAAK,CAAC,oBAAoB,CAAC,CAAA;YACnC,CAAC;YACD,OAAO,GAAG,CAAA;QACZ,CAAC;IACH,CAAC;CAAA;AAED;;;;;;GAMG;AACH,SAAgB,eAAe,CAAC,EAC9B,eAAe,EACf,iBAAiB,EACjB,0BAA0B,GAK3B;IACC,oDAAoD;IACpD,MAAM,MAAM,iDAAQ,eAAe,GAAK,iBAAiB,GAAK,0BAA0B,CAAE,CAAA;IAE1F,IAAI,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;QAC/B,MAAM,KAAK,CAAC,oDAAoD,CAAC,CAAA;IACnE,CAAC;IACD,OAAO,MAAmB,CAAA;AAC5B,CAAC;AAED,SAAsB,UAAU,CAAC,GAAmB,EAAE,SAAuB;;QAC3E,cAAc,CAAC,GAAG,CAAC,CAAA;QACnB,MAAM,eAAe,GAAuB,IAAI,CAAC,KAAK,CAAC,IAAA,uBAAe,EAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAA;QACtF,IAAI,CAAA,eAAe,aAAf,eAAe,uBAAf,eAAe,CAAE,GAAG,MAAK,SAAS,CAAC,GAAG,EAAE,CAAC;YAC3C,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,kBAAkB,SAAS,CAAC,GAAG,kCAAkC,eAAe,CAAC,GAAG,GAAG,CAAC,CAAC,CAAA;QACvH,CAAC;aAAM,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC;YACpB,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,kBAAkB,SAAS,CAAC,GAAG,kCAAkC,eAAe,CAAC,GAAG,GAAG,CAAC,CAAC,CAAA;QACvH,CAAC;QACD,MAAM,MAAM,GAAG,qBAAqB,CAAC,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,GAAG,CAAC,CAAA;QAC7D,MAAM,GAAG,GAAG,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,SAAS,IAAI,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,CAAA;QACnF,IAAI,SAAS,GAAG,IAAI,CAAA;QACpB,IAAI,eAAe,CAAC,GAAG,KAAK,KAAK,IAAI,SAAS,CAAC,GAAG,KAAK,KAAK,EAAE,CAAC;YAC7D,SAAS,GAAG,MAAM,SAAS,CAAC,OAAO,CAAC,MAAM,EAAE,IAAA,qBAAa,EAAC,GAAG,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAA;QACzE,CAAC;aAAM,IAAI,CAAC,GAAG,CAAC,UAAU,IAAI,GAAG,CAAC,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1D,MAAM,KAAK,CAAC,4BAA4B,CAAC,CAAA;QAC3C,CAAC;aAAM,CAAC;YACN,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,SAAS,IAAI,CAAC,GAAG,GAAG,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC7D,MAAM,SAAS,GAAiB,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,CAAA;gBACjD,SAAS,CAAC,MAAM,GAAG,gCAAK,SAAS,CAAC,MAAM,GAAK,eAAe,CAAmC,CAAA;gBAC/F,IAAI,SAAS,CAAC,MAAM,CAAC,GAAG,KAAK,SAAS,CAAC,GAAG,EAAE,CAAC;oBAC3C,SAAS,GAAG,MAAM,SAAS,CAAC,OAAO,CAAC,MAAM,EAAE,IAAA,qBAAa,EAAC,GAAG,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,SAAS,CAAC,CAAA;gBACpF,CAAC;YACH,CAAC;QACH,CAAC;QACD,IAAI,SAAS,KAAK,IAAI;YAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAA;QACrE,OAAO,SAAS,CAAA;IAClB,CAAC;CAAA;AAED,SAAgB,qBAAqB,CAAC,UAAkB,EAAE,GAAW;IACnE,OAAO,GAAG,CAAC,MAAM,CAAC,CAAC,IAAA,qBAAa,EAAC,UAAU,CAAC,EAAE,IAAA,qBAAa,EAAC,GAAG,CAAC,CAAC,CAAC,CAAA;AACpE,CAAC"}
package/dist/functions/index.d.ts ADDED
@@ -0,0 +1,35 @@
1
+ import { ExternalIdentifierDidOpts, ExternalIdentifierX5cOpts, IIdentifierResolution, ManagedIdentifierResult } from '@sphereon/ssi-sdk-ext.identifier-resolution';
2
+ import { JWK } from '@sphereon/ssi-types';
3
+ import { IAgentContext } from '@veramo/core';
4
+ import { CreateJwsCompactArgs, CreateJwsFlattenedArgs, CreateJwsJsonArgs, IJwsValidationResult, IRequiredContext, Jws, JwsCompact, JwsHeader, JwsIdentifierMode, JwsJsonFlattened, JwsJsonGeneral, JwsJsonGeneralWithIdentifiers, PreparedJwsObject, VerifyJwsArgs } from '../types/IJwtService';
5
+ export declare const prepareJwsObject: (args: CreateJwsJsonArgs, context: IRequiredContext) => Promise<PreparedJwsObject>;
6
+ export declare const createJwsCompact: (args: CreateJwsCompactArgs, context: IRequiredContext) => Promise<JwsCompact>;
7
+ export declare const createJwsJsonFlattened: (args: CreateJwsFlattenedArgs, context: IRequiredContext) => Promise<JwsJsonFlattened>;
8
+ export declare const createJwsJsonGeneral: (args: CreateJwsJsonArgs, context: IRequiredContext) => Promise<JwsJsonGeneral>;
9
+ /**
10
+ * Updates the JWT header to include x5c, kid, jwk objects using the supplied issuer identifier that will be used to sign. If not present will automatically make the header objects available
11
+ * @param mode The type of header to check or include
12
+ * @param identifier The identifier of the signer. This identifier will be used later to sign
13
+ * @param header The JWT header
14
+ * @param noIdentifierInHeader
15
+ * @param context
16
+ */
17
+ export declare const checkAndUpdateJwsHeader: ({ mode, identifier, header, noIdentifierInHeader, }: {
18
+ mode?: JwsIdentifierMode;
19
+ identifier: ManagedIdentifierResult;
20
+ noIdentifierInHeader?: boolean;
21
+ header: JwsHeader;
22
+ }, context: IRequiredContext) => Promise<undefined>;
23
+ export declare const verifyJws: (args: VerifyJwsArgs, context: IAgentContext<IIdentifierResolution>) => Promise<IJwsValidationResult>;
24
+ export declare const toJwsJsonGeneral: ({ jws }: {
25
+ jws: Jws;
26
+ }, context: IAgentContext<any>) => Promise<JwsJsonGeneral>;
27
+ export declare const toJwsJsonGeneralWithIdentifiers: (args: {
28
+ jws: Jws;
29
+ jwk?: JWK;
30
+ opts?: {
31
+ x5c?: Omit<ExternalIdentifierX5cOpts, "identifier">;
32
+ did?: Omit<ExternalIdentifierDidOpts, "identifier">;
33
+ };
34
+ }, context: IAgentContext<IIdentifierResolution>) => Promise<JwsJsonGeneralWithIdentifiers>;
35
+ //# sourceMappingURL=index.d.ts.map
package/dist/functions/index.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/functions/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,yBAAyB,EACzB,yBAAyB,EACzB,qBAAqB,EAIrB,uBAAuB,EAExB,MAAM,6CAA6C,CAAA;AAEpD,OAAO,EAAE,GAAG,EAAE,MAAM,qBAAqB,CAAA;AACzC,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAA;AAG5C,OAAO,EACL,oBAAoB,EACpB,sBAAsB,EACtB,iBAAiB,EACjB,oBAAoB,EACpB,gBAAgB,EAKhB,GAAG,EACH,UAAU,EACV,SAAS,EACT,iBAAiB,EACjB,gBAAgB,EAChB,cAAc,EACd,6BAA6B,EAI7B,iBAAiB,EACjB,aAAa,EACd,MAAM,sBAAsB,CAAA;AAQ7B,eAAO,MAAM,gBAAgB,SAAgB,iBAAiB,WAAW,gBAAgB,KAAG,OAAO,CAAC,iBAAiB,CAoCpH,CAAA;AAED,eAAO,MAAM,gBAAgB,SAAgB,oBAAoB,WAAW,gBAAgB,KAAG,OAAO,CAAC,UAAU,CAGhH,CAAA;AAED,eAAO,MAAM,sBAAsB,SAAgB,sBAAsB,WAAW,gBAAgB,KAAG,OAAO,CAAC,gBAAgB,CAS9H,CAAA;AAED,eAAO,MAAM,oBAAoB,SAAgB,iBAAiB,WAAW,gBAAgB,KAAG,OAAO,CAAC,cAAc,CA4BrH,CAAA;AAED;;;;;;;GAOG;AAEH,eAAO,MAAM,uBAAuB,wDAM/B;IACD,IAAI,CAAC,EAAE,iBAAiB,CAAA;IACxB,UAAU,EAAE,uBAAuB,CAAA;IACnC,oBAAoB,CAAC,EAAE,OAAO,CAAA;IAC9B,MAAM,EAAE,SAAS,CAAA;CAClB,WACQ,gBAAgB,uBAqB1B,CAAA;AAoID,eAAO,MAAM,SAAS,SAAgB,aAAa,WAAW,aAAa,CAAC,qBAAqB,CAAC,KAAG,OAAO,CAAC,oBAAoB,CAgDhI,CAAA;AAED,eAAO,MAAM,gBAAgB,YAAmB;IAAE,GAAG,EAAE,GAAG,CAAA;CAAE,WAAW,aAAa,CAAC,GAAG,CAAC,KAAG,OAAO,CAAC,cAAc,CAyBjH,CAAA;AAsDD,eAAO,MAAM,+BAA+B,SACpC;IACJ,GAAG,EAAE,GAAG,CAAA;IACR,GAAG,CAAC,EAAE,GAAG,CAAA;IACT,IAAI,CAAC,EAAE;QAAE,GAAG,CAAC,EAAE,IAAI,CAAC,yBAAyB,EAAE,YAAY,CAAC,CAAC;QAAC,GAAG,CAAC,EAAE,IAAI,CAAC,yBAAyB,EAAE,YAAY,CAAC,CAAA;KAAE,CAAA;CACpH,WACQ,aAAa,CAAC,qBAAqB,CAAC,KAC5C,OAAO,CAAC,6BAA6B,CAiBvC,CAAA"}