@sphereon/ssi-sdk-ext.key-utils 0.10.2-next.20

package/dist/jwk-jcs.js

@@ -0,0 +1,178 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.jcsCanonicalize = exports.jwkJcsDecode = exports.jwkJcsEncode = void 0;
+const web_encoding_1 = require("web-encoding");
+const lodash_isplainobject_1 = __importDefault(require("lodash.isplainobject"));
+const textEncoder = new web_encoding_1.TextEncoder();
+const textDecoder = new web_encoding_1.TextDecoder();
+/**
+ * Checks if the value is a non-empty string.
+ *
+ * @param value - The value to check.
+ * @param description - Description of the value to check.
+ */
+function check(value, description) {
+    if (typeof value !== 'string' || !value) {
+        throw new Error(`${description} missing or invalid`);
+    }
+}
+/**
+ * Checks if the value is a valid JSON object.
+ *
+ * @param value - The value to check.
+ */
+function validatePlainObject(value) {
+    if (!(0, lodash_isplainobject_1.default)(value)) {
+        throw new Error('JWK must be an object');
+    }
+}
+/**
+ * Checks if the JWK is valid. It must contain all the required members.
+ *
+ * @see https://www.rfc-editor.org/rfc/rfc7518#section-6
+ * @see https://www.rfc-editor.org/rfc/rfc8037#section-2
+ *
+ * @param jwk - The JWK to check.
+ */
+function validateJwk(jwk) {
+    validatePlainObject(jwk);
+    // Check JWK required members based on the key type
+    switch (jwk.kty) {
+        /**
+         * @see https://www.rfc-editor.org/rfc/rfc7518#section-6.2.1
+         */
+        case 'EC':
+            check(jwk.crv, '"crv" (Curve) Parameter');
+            check(jwk.x, '"x" (X Coordinate) Parameter');
+            check(jwk.y, '"y" (Y Coordinate) Parameter');
+            break;
+        /**
+         * @see https://www.rfc-editor.org/rfc/rfc8037#section-2
+         */
+        case 'OKP':
+            check(jwk.crv, '"crv" (Subtype of Key Pair) Parameter');
+            check(jwk.x, '"x" (Public Key) Parameter');
+            break;
+        /**
+         * @see https://www.rfc-editor.org/rfc/rfc7518#section-6.3.1
+         */
+        case 'RSA':
+            check(jwk.e, '"e" (Exponent) Parameter');
+            check(jwk.n, '"n" (Modulus) Parameter');
+            break;
+        default:
+            throw new Error('"kty" (Key Type) Parameter missing or unsupported');
+    }
+}
+/**
+ * Extracts the required members of the JWK and canonicalizes it.
+ *
+ * @param jwk - The JWK to canonicalize.
+ * @returns The JWK with only the required members, ordered lexicographically.
+ */
+function minimalJwk(jwk) {
+    // "default" case is not needed
+    // eslint-disable-next-line default-case
+    switch (jwk.kty) {
+        case 'EC':
+            return { crv: jwk.crv, kty: jwk.kty, x: jwk.x, y: jwk.y };
+        case 'OKP':
+            return { crv: jwk.crv, kty: jwk.kty, x: jwk.x };
+        case 'RSA':
+            return { e: jwk.e, kty: jwk.kty, n: jwk.n };
+    }
+    throw Error(`Unsupported key type (kty) provided: ${jwk.kty}`);
+}
+/**
+ * Encodes a JWK into a Uint8Array. Only the required JWK members are encoded.
+ *
+ * @see https://www.rfc-editor.org/rfc/rfc7518#section-6
+ * @see https://www.rfc-editor.org/rfc/rfc8037#section-2
+ * @see https://github.com/panva/jose/blob/3b8aa47b92d07a711bf5c3125276cc9a011794a4/src/jwk/thumbprint.ts#L37
+ *
+ * @param jwk - JSON Web Key.
+ * @returns Uint8Array-encoded JWK.
+ */
+function jwkJcsEncode(jwk) {
+    validateJwk(jwk);
+    const strippedJwk = minimalJwk(jwk);
+    return textEncoder.encode(jcsCanonicalize(strippedJwk));
+}
+exports.jwkJcsEncode = jwkJcsEncode;
+/**
+ * Decodes an array of bytes into a JWK. Throws an error if the JWK is not valid.
+ *
+ * @param bytes - The array of bytes to decode.
+ * @returns The corresponding JSON Web Key.
+ */
+function jwkJcsDecode(bytes) {
+    const jwk = JSON.parse(textDecoder.decode(bytes));
+    validateJwk(jwk);
+    if (JSON.stringify(jwk) !== jcsCanonicalize(minimalJwk(jwk))) {
+        throw new Error('The JWK embedded in the DID is not correctly formatted');
+    }
+    return jwk;
+}
+exports.jwkJcsDecode = jwkJcsDecode;
+// From: https://github.com/cyberphone/json-canonicalization
+function jcsCanonicalize(object) {
+    let buffer = '';
+    serialize(object);
+    return buffer;
+    function serialize(object) {
+        if (object === null || typeof object !== 'object' || object.toJSON != null) {
+            /////////////////////////////////////////////////
+            // Primitive type or toJSON - Use ES6/JSON     //
+            /////////////////////////////////////////////////
+            buffer += JSON.stringify(object);
+        }
+        else if (Array.isArray(object)) {
+            /////////////////////////////////////////////////
+            // Array - Maintain element order              //
+            /////////////////////////////////////////////////
+            buffer += '[';
+            let next = false;
+            object.forEach((element) => {
+                if (next) {
+                    buffer += ',';
+                }
+                next = true;
+                /////////////////////////////////////////
+                // Array element - Recursive expansion //
+                /////////////////////////////////////////
+                serialize(element);
+            });
+            buffer += ']';
+        }
+        else {
+            /////////////////////////////////////////////////
+            // Object - Sort properties before serializing //
+            /////////////////////////////////////////////////
+            buffer += '{';
+            let next = false;
+            Object.keys(object)
+                .sort()
+                .forEach((property) => {
+                if (next) {
+                    buffer += ',';
+                }
+                next = true;
+                ///////////////////////////////////////////////
+                // Property names are strings - Use ES6/JSON //
+                ///////////////////////////////////////////////
+                buffer += JSON.stringify(property);
+                buffer += ':';
+                //////////////////////////////////////////
+                // Property value - Recursive expansion //
+                //////////////////////////////////////////
+                serialize(object[property]);
+            });
+            buffer += '}';
+        }
+    }
+}
+exports.jcsCanonicalize = jcsCanonicalize;
+//# sourceMappingURL=jwk-jcs.js.map

package/dist/jwk-jcs.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"jwk-jcs.js","sourceRoot":"","sources":["../src/jwk-jcs.ts"],"names":[],"mappings":";;;;;;AAAA,+CAAuD;AACvD,gFAAgD;AAIhD,MAAM,WAAW,GAAG,IAAI,0BAAW,EAAE,CAAA;AACrC,MAAM,WAAW,GAAG,IAAI,0BAAW,EAAE,CAAA;AAErC;;;;;GAKG;AACH,SAAS,KAAK,CAAC,KAAc,EAAE,WAAmB;IAChD,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,CAAC,KAAK,EAAE;QACvC,MAAM,IAAI,KAAK,CAAC,GAAG,WAAW,qBAAqB,CAAC,CAAA;KACrD;AACH,CAAC;AAED;;;;GAIG;AACH,SAAS,mBAAmB,CAAC,KAAc;IACzC,IAAI,CAAC,IAAA,8BAAa,EAAC,KAAK,CAAC,EAAE;QACzB,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAA;KACzC;AACH,CAAC;AAED;;;;;;;GAOG;AACH,SAAS,WAAW,CAAC,GAAQ;IAC3B,mBAAmB,CAAC,GAAG,CAAC,CAAA;IACxB,mDAAmD;IACnD,QAAQ,GAAG,CAAC,GAAG,EAAE;QACf;;WAEG;QACH,KAAK,IAAI;YACP,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,yBAAyB,CAAC,CAAA;YACzC,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,8BAA8B,CAAC,CAAA;YAC5C,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,8BAA8B,CAAC,CAAA;YAC5C,MAAK;QACP;;WAEG;QACH,KAAK,KAAK;YACR,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,uCAAuC,CAAC,CAAA;YACvD,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,4BAA4B,CAAC,CAAA;YAC1C,MAAK;QACP;;WAEG;QACH,KAAK,KAAK;YACR,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,0BAA0B,CAAC,CAAA;YACxC,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,yBAAyB,CAAC,CAAA;YACvC,MAAK;QACP;YACE,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAA;KACvE;AACH,CAAC;AAED;;;;;GAKG;AACH,SAAS,UAAU,CAAC,GAAQ;IAC1B,+BAA+B;IAC/B,wCAAwC;IACxC,QAAQ,GAAG,CAAC,GAAG,EAAE;QACf,KAAK,IAAI;YACP,OAAO,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,CAAA;QAC3D,KAAK,KAAK;YACR,OAAO,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,CAAA;QACjD,KAAK,KAAK;YACR,OAAO,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,CAAA;KAC9C;IACD,MAAM,KAAK,CAAC,wCAAwC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAA;AAChE,CAAC;AAED;;;;;;;;;GASG;AACH,SAAgB,YAAY,CAAC,GAAY;IACvC,WAAW,CAAC,GAAG,CAAC,CAAA;IAChB,MAAM,WAAW,GAAG,UAAU,CAAC,GAAG,CAAC,CAAA;IACnC,OAAO,WAAW,CAAC,MAAM,CAAC,eAAe,CAAC,WAAW,CAAC,CAAC,CAAA;AACzD,CAAC;AAJD,oCAIC;AAED;;;;;GAKG;AACH,SAAgB,YAAY,CAAC,KAA2B;IACtD,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAA;IACjD,WAAW,CAAC,GAAG,CAAC,CAAA;IAChB,IAAI,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,eAAe,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,EAAE;QAC5D,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAA;KAC1E;IACD,OAAO,GAAG,CAAA;AACZ,CAAC;AAPD,oCAOC;AAED,4DAA4D;AAC5D,SAAgB,eAAe,CAAC,MAAW;IACzC,IAAI,MAAM,GAAG,EAAE,CAAA;IACf,SAAS,CAAC,MAAM,CAAC,CAAA;IACjB,OAAO,MAAM,CAAA;IAEb,SAAS,SAAS,CAAC,MAAW;QAC5B,IAAI,MAAM,KAAK,IAAI,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,MAAM,CAAC,MAAM,IAAI,IAAI,EAAE;YAC1E,iDAAiD;YACjD,iDAAiD;YACjD,iDAAiD;YACjD,MAAM,IAAI,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAA;SACjC;aAAM,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE;YAChC,iDAAiD;YACjD,iDAAiD;YACjD,iDAAiD;YACjD,MAAM,IAAI,GAAG,CAAA;YACb,IAAI,IAAI,GAAG,KAAK,CAAA;YAChB,MAAM,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;gBACzB,IAAI,IAAI,EAAE;oBACR,MAAM,IAAI,GAAG,CAAA;iBACd;gBACD,IAAI,GAAG,IAAI,CAAA;gBACX,yCAAyC;gBACzC,yCAAyC;gBACzC,yCAAyC;gBACzC,SAAS,CAAC,OAAO,CAAC,CAAA;YACpB,CAAC,CAAC,CAAA;YACF,MAAM,IAAI,GAAG,CAAA;SACd;aAAM;YACL,iDAAiD;YACjD,iDAAiD;YACjD,iDAAiD;YACjD,MAAM,IAAI,GAAG,CAAA;YACb,IAAI,IAAI,GAAG,KAAK,CAAA;YAChB,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC;iBAChB,IAAI,EAAE;iBACN,OAAO,CAAC,CAAC,QAAQ,EAAE,EAAE;gBACpB,IAAI,IAAI,EAAE;oBACR,MAAM,IAAI,GAAG,CAAA;iBACd;gBACD,IAAI,GAAG,IAAI,CAAA;gBACX,+CAA+C;gBAC/C,+CAA+C;gBAC/C,+CAA+C;gBAC/C,MAAM,IAAI,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAA;gBAClC,MAAM,IAAI,GAAG,CAAA;gBACb,0CAA0C;gBAC1C,0CAA0C;gBAC1C,0CAA0C;gBAC1C,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAA;YAC7B,CAAC,CAAC,CAAA;YACJ,MAAM,IAAI,GAAG,CAAA;SACd;IACH,CAAC;AACH,CAAC;AAtDD,0CAsDC"}

package/dist/types/index.d.ts

@@ -0,0 +1,2 @@
+export * from './key-util-types';
+//# sourceMappingURL=index.d.ts.map

package/dist/types/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/types/index.ts"],"names":[],"mappings":"AAAA,cAAc,kBAAkB,CAAA"}

package/dist/types/index.js

@@ -0,0 +1,18 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./key-util-types"), exports);
+//# sourceMappingURL=index.js.map

package/dist/types/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/types/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,mDAAgC"}

package/dist/types/key-util-types.d.ts

@@ -0,0 +1,36 @@
+export declare const JWK_JCS_PUB_NAME = "jwk_jcs-pub";
+export declare const JWK_JCS_PUB_PREFIX = 60241;
+export type TKeyType = 'Ed25519' | 'Secp256k1' | 'Secp256r1' | 'X25519' | 'Bls12381G1' | 'Bls12381G2' | 'RSA';
+export declare enum Key {
+    Ed25519 = "Ed25519",
+    Secp256k1 = "Secp256k1",
+    Secp256r1 = "Secp256r1"
+}
+export declare enum JwkKeyUse {
+    Encryption = "enc",
+    Signature = "sig"
+}
+export declare enum KeyCurve {
+    Secp256k1 = "secp256k1",
+    P_256 = "P-256",
+    Ed25519 = "Ed25519"
+}
+export declare enum KeyType {
+    EC = "EC",
+    OKP = "OKP"
+}
+export declare const SIG_KEY_ALGS: string[];
+export declare const ENC_KEY_ALGS: string[];
+export interface JWK extends JsonWebKey {
+    x5c?: string;
+    x5u?: string;
+}
+export type KeyVisibility = 'public' | 'private';
+export interface X509Opts {
+    cn?: string;
+    privateKeyPEM?: string;
+    certificatePEM?: string;
+    certificateChainURL?: string;
+    certificateChainPEM?: string;
+}
+//# sourceMappingURL=key-util-types.d.ts.map

package/dist/types/key-util-types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"key-util-types.d.ts","sourceRoot":"","sources":["../../src/types/key-util-types.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,gBAAgB,gBAAgB,CAAA;AAC7C,eAAO,MAAM,kBAAkB,QAAS,CAAA;AAExC,MAAM,MAAM,QAAQ,GAAG,SAAS,GAAG,WAAW,GAAG,WAAW,GAAG,QAAQ,GAAG,YAAY,GAAG,YAAY,GAAG,KAAK,CAAA;AAE7G,oBAAY,GAAG;IACb,OAAO,YAAY;IACnB,SAAS,cAAc;IACvB,SAAS,cAAc;CACxB;AAED,oBAAY,SAAS;IACnB,UAAU,QAAQ;IAClB,SAAS,QAAQ;CAClB;AAED,oBAAY,QAAQ;IAClB,SAAS,cAAc;IACvB,KAAK,UAAU;IACf,OAAO,YAAY;CACpB;AAED,oBAAY,OAAO;IACjB,EAAE,OAAO;IACT,GAAG,QAAQ;CACZ;AAED,eAAO,MAAM,YAAY,UAAkH,CAAA;AAC3I,eAAO,MAAM,YAAY,UAA+C,CAAA;AAExE,MAAM,WAAW,GAAI,SAAQ,UAAU;IACrC,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,GAAG,CAAC,EAAE,MAAM,CAAA;CACb;AAED,MAAM,MAAM,aAAa,GAAG,QAAQ,GAAG,SAAS,CAAA;AAEhD,MAAM,WAAW,QAAQ;IACvB,EAAE,CAAC,EAAE,MAAM,CAAA;IACX,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,cAAc,CAAC,EAAE,MAAM,CAAA;IACvB,mBAAmB,CAAC,EAAE,MAAM,CAAA;IAC5B,mBAAmB,CAAC,EAAE,MAAM,CAAA;CAC7B"}

package/dist/types/key-util-types.js

@@ -0,0 +1,30 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ENC_KEY_ALGS = exports.SIG_KEY_ALGS = exports.KeyType = exports.KeyCurve = exports.JwkKeyUse = exports.Key = exports.JWK_JCS_PUB_PREFIX = exports.JWK_JCS_PUB_NAME = void 0;
+exports.JWK_JCS_PUB_NAME = 'jwk_jcs-pub';
+exports.JWK_JCS_PUB_PREFIX = 0xeb51;
+var Key;
+(function (Key) {
+    Key["Ed25519"] = "Ed25519";
+    Key["Secp256k1"] = "Secp256k1";
+    Key["Secp256r1"] = "Secp256r1";
+})(Key = exports.Key || (exports.Key = {}));
+var JwkKeyUse;
+(function (JwkKeyUse) {
+    JwkKeyUse["Encryption"] = "enc";
+    JwkKeyUse["Signature"] = "sig";
+})(JwkKeyUse = exports.JwkKeyUse || (exports.JwkKeyUse = {}));
+var KeyCurve;
+(function (KeyCurve) {
+    KeyCurve["Secp256k1"] = "secp256k1";
+    KeyCurve["P_256"] = "P-256";
+    KeyCurve["Ed25519"] = "Ed25519";
+})(KeyCurve = exports.KeyCurve || (exports.KeyCurve = {}));
+var KeyType;
+(function (KeyType) {
+    KeyType["EC"] = "EC";
+    KeyType["OKP"] = "OKP";
+})(KeyType = exports.KeyType || (exports.KeyType = {}));
+exports.SIG_KEY_ALGS = ['ES256', 'ES384', 'ES512', 'EdDSA', 'ES256K', 'Ed25519', 'Secp256k1', 'Secp256r1', 'Bls12381G1', 'Bls12381G2'];
+exports.ENC_KEY_ALGS = ['X25519', 'ECDH_ES_A256KW', 'RSA_OAEP_256'];
+//# sourceMappingURL=key-util-types.js.map

package/dist/types/key-util-types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"key-util-types.js","sourceRoot":"","sources":["../../src/types/key-util-types.ts"],"names":[],"mappings":";;;AAAa,QAAA,gBAAgB,GAAG,aAAa,CAAA;AAChC,QAAA,kBAAkB,GAAG,MAAM,CAAA;AAIxC,IAAY,GAIX;AAJD,WAAY,GAAG;IACb,0BAAmB,CAAA;IACnB,8BAAuB,CAAA;IACvB,8BAAuB,CAAA;AACzB,CAAC,EAJW,GAAG,GAAH,WAAG,KAAH,WAAG,QAId;AAED,IAAY,SAGX;AAHD,WAAY,SAAS;IACnB,+BAAkB,CAAA;IAClB,8BAAiB,CAAA;AACnB,CAAC,EAHW,SAAS,GAAT,iBAAS,KAAT,iBAAS,QAGpB;AAED,IAAY,QAIX;AAJD,WAAY,QAAQ;IAClB,mCAAuB,CAAA;IACvB,2BAAe,CAAA;IACf,+BAAmB,CAAA;AACrB,CAAC,EAJW,QAAQ,GAAR,gBAAQ,KAAR,gBAAQ,QAInB;AAED,IAAY,OAGX;AAHD,WAAY,OAAO;IACjB,oBAAS,CAAA;IACT,sBAAW,CAAA;AACb,CAAC,EAHW,OAAO,GAAP,eAAO,KAAP,eAAO,QAGlB;AAEY,QAAA,YAAY,GAAG,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,WAAW,EAAE,WAAW,EAAE,YAAY,EAAE,YAAY,CAAC,CAAA;AAC9H,QAAA,YAAY,GAAG,CAAC,QAAQ,EAAE,gBAAgB,EAAE,cAAc,CAAC,CAAA"}

package/dist/x509-utils.d.ts

@@ -0,0 +1,24 @@
+import { JWK, KeyVisibility } from './types';
+export declare function pemCertChainTox5c(cert: string, maxDepth?: number): string[];
+export declare function x5cToPemCertChain(x5c: string[], maxDepth?: number): string;
+export declare const toKeyObject: (PEM: string, visibility?: KeyVisibility) => {
+    pem: string;
+    jwk: JWK;
+    keyHex: string;
+    keyType: KeyVisibility;
+};
+export declare const jwkToPEM: (jwk: JWK, visibility?: KeyVisibility) => string;
+export declare const PEMToJwk: (pem: string, visibility?: KeyVisibility) => JWK;
+export declare const privateKeyHexFromPEM: (PEM: string) => string;
+export declare const hexKeyFromPEMBasedJwk: (jwk: JWK, visibility?: KeyVisibility) => string;
+export declare const publicKeyHexFromPEM: (PEM: string) => string;
+export declare const PEMToHex: (PEM: string, headerKey?: string) => string;
+/**
+ * Converts a base64 encoded string to hex string, removing any non-base64 characters, including newlines
+ * @param input The input in base64, with optional newlines
+ * @param inputEncoding
+ */
+export declare const base64ToHex: (input: string, inputEncoding?: 'base64pad' | 'base64urlpad') => string;
+export declare const hexToPEM: (hex: string, type: KeyVisibility) => string;
+export declare function base64ToPEM(cert: string, headerKey?: 'PUBLIC KEY' | 'RSA PRIVATE KEY' | 'PRIVATE KEY' | 'CERTIFICATE'): string;
+//# sourceMappingURL=x509-utils.d.ts.map

package/dist/x509-utils.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"x509-utils.d.ts","sourceRoot":"","sources":["../src/x509-utils.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,GAAG,EAAE,aAAa,EAAE,MAAM,SAAS,CAAA;AAI5C,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAuB3E;AAED,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,MAAM,EAAE,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,MAAM,CAU1E;AAED,eAAO,MAAM,WAAW,QAAS,MAAM,eAAc,aAAa;;;;;CAWjE,CAAA;AAED,eAAO,MAAM,QAAQ,QAAS,GAAG,eAAc,aAAa,KAAc,MAEzE,CAAA;AAED,eAAO,MAAM,QAAQ,QAAS,MAAM,eAAc,aAAa,KAAc,GAE5E,CAAA;AACD,eAAO,MAAM,oBAAoB,QAAS,MAAM,WAE/C,CAAA;AAED,eAAO,MAAM,qBAAqB,QAAS,GAAG,eAAc,aAAa,KAAc,MAMtF,CAAA;AAED,eAAO,MAAM,mBAAmB,QAAS,MAAM,WAU9C,CAAA;AAED,eAAO,MAAM,QAAQ,QAAS,MAAM,cAAc,MAAM,KAAG,MAc1D,CAAA;AAED;;;;GAIG;AACH,eAAO,MAAM,WAAW,UAAW,MAAM,kBAAkB,WAAW,GAAG,cAAc,WAGtF,CAAA;AAUD,eAAO,MAAM,QAAQ,QAAS,MAAM,QAAQ,aAAa,KAAG,MAa3D,CAAA;AAED,wBAAgB,WAAW,CAAC,IAAI,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,YAAY,GAAG,iBAAiB,GAAG,aAAa,GAAG,aAAa,GAAG,MAAM,CAO9H"}

package/dist/x509-utils.js

@@ -0,0 +1,175 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.base64ToPEM = exports.hexToPEM = exports.base64ToHex = exports.PEMToHex = exports.publicKeyHexFromPEM = exports.hexKeyFromPEMBasedJwk = exports.privateKeyHexFromPEM = exports.PEMToJwk = exports.jwkToPEM = exports.toKeyObject = exports.x5cToPemCertChain = exports.pemCertChainTox5c = void 0;
+const u8a = __importStar(require("uint8arrays"));
+// @ts-ignore
+const keyto_1 = __importDefault(require("@trust/keyto"));
+// Based on (MIT licensed):
+// https://github.com/hildjj/node-posh/blob/master/lib/index.js
+function pemCertChainTox5c(cert, maxDepth) {
+    if (!maxDepth) {
+        maxDepth = 0;
+    }
+    /*
+     * Convert a PEM-encoded certificate to the version used in the x5c element
+     * of a [JSON Web Key](http://tools.ietf.org/html/draft-ietf-jose-json-web-key).
+     *
+     * `cert` PEM-encoded certificate chain
+     * `maxdepth` The maximum number of certificates to use from the chain.
+     */
+    const intermediate = cert
+        .replace(/-----[^\n]+\n?/gm, ',')
+        .replace(/\n/g, '')
+        .replace(/\r/g, '');
+    let x5c = intermediate.split(',').filter(function (c) {
+        return c.length > 0;
+    });
+    if (maxDepth > 0) {
+        x5c = x5c.splice(0, maxDepth);
+    }
+    return x5c;
+}
+exports.pemCertChainTox5c = pemCertChainTox5c;
+function x5cToPemCertChain(x5c, maxDepth) {
+    if (!maxDepth) {
+        maxDepth = 0;
+    }
+    const length = maxDepth === 0 ? x5c.length : Math.min(maxDepth, x5c.length);
+    let pem = '';
+    for (let i = 0; i < length; i++) {
+        pem += base64ToPEM(x5c[i], 'CERTIFICATE');
+    }
+    return pem;
+}
+exports.x5cToPemCertChain = x5cToPemCertChain;
+const toKeyObject = (PEM, visibility = 'public') => {
+    const jwk = (0, exports.PEMToJwk)(PEM, visibility);
+    const keyVisibility = jwk.d ? 'private' : 'public';
+    const keyHex = keyVisibility === 'private' ? (0, exports.privateKeyHexFromPEM)(PEM) : (0, exports.publicKeyHexFromPEM)(PEM);
+    return {
+        pem: (0, exports.hexToPEM)(keyHex, visibility),
+        jwk,
+        keyHex,
+        keyType: keyVisibility,
+    };
+};
+exports.toKeyObject = toKeyObject;
+const jwkToPEM = (jwk, visibility = 'public') => {
+    return keyto_1.default.from(jwk, 'jwk').toString('pem', visibility === 'public' ? 'public_pkcs8' : 'private_pkcs8');
+};
+exports.jwkToPEM = jwkToPEM;
+const PEMToJwk = (pem, visibility = 'public') => {
+    return keyto_1.default.from(pem, 'pem').toJwk(visibility);
+};
+exports.PEMToJwk = PEMToJwk;
+const privateKeyHexFromPEM = (PEM) => {
+    return (0, exports.PEMToHex)(PEM);
+};
+exports.privateKeyHexFromPEM = privateKeyHexFromPEM;
+const hexKeyFromPEMBasedJwk = (jwk, visibility = 'public') => {
+    if (visibility === 'private') {
+        return (0, exports.privateKeyHexFromPEM)((0, exports.jwkToPEM)(jwk, 'private'));
+    }
+    else {
+        return (0, exports.publicKeyHexFromPEM)((0, exports.jwkToPEM)(jwk, 'public'));
+    }
+};
+exports.hexKeyFromPEMBasedJwk = hexKeyFromPEMBasedJwk;
+const publicKeyHexFromPEM = (PEM) => {
+    const hex = (0, exports.PEMToHex)(PEM);
+    if (PEM.includes('CERTIFICATE')) {
+        throw Error('Cannot directly deduce public Key from PEM Certificate yet');
+    }
+    else if (!PEM.includes('PRIVATE')) {
+        return hex;
+    }
+    const publicJwk = (0, exports.PEMToJwk)(PEM, 'public');
+    const publicPEM = (0, exports.jwkToPEM)(publicJwk, 'public');
+    return (0, exports.PEMToHex)(publicPEM);
+};
+exports.publicKeyHexFromPEM = publicKeyHexFromPEM;
+const PEMToHex = (PEM, headerKey) => {
+    if (PEM.indexOf('-----BEGIN ') == -1) {
+        throw Error(`PEM header not found: ${headerKey}`);
+    }
+    let strippedPem;
+    if (headerKey) {
+        strippedPem = PEM.replace(new RegExp('^[^]*-----BEGIN ' + headerKey + '-----'), '');
+        strippedPem = strippedPem.replace(new RegExp('-----END ' + headerKey + '-----[^]*$'), '');
+    }
+    else {
+        strippedPem = PEM.replace(/^[^]*-----BEGIN [^-]+-----/, '');
+        strippedPem = strippedPem.replace(/-----END [^-]+-----[^]*$/, '');
+    }
+    return (0, exports.base64ToHex)(strippedPem, 'base64pad');
+};
+exports.PEMToHex = PEMToHex;
+/**
+ * Converts a base64 encoded string to hex string, removing any non-base64 characters, including newlines
+ * @param input The input in base64, with optional newlines
+ * @param inputEncoding
+ */
+const base64ToHex = (input, inputEncoding) => {
+    const base64NoNewlines = input.replace(/[^0-9A-Za-z\/+=]*/g, '');
+    return u8a.toString(u8a.fromString(base64NoNewlines, inputEncoding ? inputEncoding : 'base64pad'), 'base16');
+};
+exports.base64ToHex = base64ToHex;
+const hexToBase64 = (input, targetEncoding) => {
+    let hex = typeof input === 'string' ? input : input.toString(16);
+    if (hex.length % 2 === 1) {
+        hex = `0${hex}`;
+    }
+    return u8a.toString(u8a.fromString(hex, 'base16'), targetEncoding ? targetEncoding : 'base64pad');
+};
+const hexToPEM = (hex, type) => {
+    const base64 = hexToBase64(hex, 'base64pad');
+    const headerKey = type === 'private' ? 'RSA PRIVATE KEY' : 'PUBLIC KEY';
+    if (type === 'private') {
+        const pem = base64ToPEM(base64, headerKey);
+        try {
+            (0, exports.PEMToJwk)(pem); // We only use it to test the private key
+            return pem;
+        }
+        catch (error) {
+            return base64ToPEM(base64, 'PRIVATE KEY');
+        }
+    }
+    return base64ToPEM(base64, headerKey);
+};
+exports.hexToPEM = hexToPEM;
+function base64ToPEM(cert, headerKey) {
+    const key = headerKey !== null && headerKey !== void 0 ? headerKey : 'CERTIFICATE';
+    const matches = cert.match(/.{1,64}/g);
+    if (!matches) {
+        throw Error('Invalid cert input value supplied');
+    }
+    return `-----BEGIN ${key}-----\n${matches.join('\n')}\n-----END ${key}-----\n`;
+}
+exports.base64ToPEM = base64ToPEM;
+//# sourceMappingURL=x509-utils.js.map

package/dist/x509-utils.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"x509-utils.js","sourceRoot":"","sources":["../src/x509-utils.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,iDAAkC;AAClC,aAAa;AACb,yDAAgC;AAGhC,2BAA2B;AAC3B,+DAA+D;AAC/D,SAAgB,iBAAiB,CAAC,IAAY,EAAE,QAAiB;IAC/D,IAAI,CAAC,QAAQ,EAAE;QACb,QAAQ,GAAG,CAAC,CAAA;KACb;IACD;;;;;;OAMG;IAEH,MAAM,YAAY,GAAG,IAAI;SACtB,OAAO,CAAC,kBAAkB,EAAE,GAAG,CAAC;SAChC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC;SAClB,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAA;IACrB,IAAI,GAAG,GAAG,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC;QAClD,OAAO,CAAC,CAAC,MAAM,GAAG,CAAC,CAAA;IACrB,CAAC,CAAC,CAAA;IACF,IAAI,QAAQ,GAAG,CAAC,EAAE;QAChB,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAA;KAC9B;IACD,OAAO,GAAG,CAAA;AACZ,CAAC;AAvBD,8CAuBC;AAED,SAAgB,iBAAiB,CAAC,GAAa,EAAE,QAAiB;IAChE,IAAI,CAAC,QAAQ,EAAE;QACb,QAAQ,GAAG,CAAC,CAAA;KACb;IACD,MAAM,MAAM,GAAG,QAAQ,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,GAAG,CAAC,MAAM,CAAC,CAAA;IAC3E,IAAI,GAAG,GAAG,EAAE,CAAA;IACZ,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE,EAAE;QAC/B,GAAG,IAAI,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,aAAa,CAAC,CAAA;KAC1C;IACD,OAAO,GAAG,CAAA;AACZ,CAAC;AAVD,8CAUC;AAEM,MAAM,WAAW,GAAG,CAAC,GAAW,EAAE,aAA4B,QAAQ,EAAE,EAAE;IAC/E,MAAM,GAAG,GAAG,IAAA,gBAAQ,EAAC,GAAG,EAAE,UAAU,CAAC,CAAA;IACrC,MAAM,aAAa,GAAkB,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAA;IACjE,MAAM,MAAM,GAAG,aAAa,KAAK,SAAS,CAAC,CAAC,CAAC,IAAA,4BAAoB,EAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAA,2BAAmB,EAAC,GAAG,CAAC,CAAA;IAEjG,OAAO;QACL,GAAG,EAAE,IAAA,gBAAQ,EAAC,MAAM,EAAE,UAAU,CAAC;QACjC,GAAG;QACH,MAAM;QACN,OAAO,EAAE,aAAa;KACvB,CAAA;AACH,CAAC,CAAA;AAXY,QAAA,WAAW,eAWvB;AAEM,MAAM,QAAQ,GAAG,CAAC,GAAQ,EAAE,aAA4B,QAAQ,EAAU,EAAE;IACjF,OAAO,eAAK,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,QAAQ,CAAC,KAAK,EAAE,UAAU,KAAK,QAAQ,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,eAAe,CAAC,CAAA;AAC3G,CAAC,CAAA;AAFY,QAAA,QAAQ,YAEpB;AAEM,MAAM,QAAQ,GAAG,CAAC,GAAW,EAAE,aAA4B,QAAQ,EAAO,EAAE;IACjF,OAAO,eAAK,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,CAAA;AACjD,CAAC,CAAA;AAFY,QAAA,QAAQ,YAEpB;AACM,MAAM,oBAAoB,GAAG,CAAC,GAAW,EAAE,EAAE;IAClD,OAAO,IAAA,gBAAQ,EAAC,GAAG,CAAC,CAAA;AACtB,CAAC,CAAA;AAFY,QAAA,oBAAoB,wBAEhC;AAEM,MAAM,qBAAqB,GAAG,CAAC,GAAQ,EAAE,aAA4B,QAAQ,EAAU,EAAE;IAC9F,IAAI,UAAU,KAAK,SAAS,EAAE;QAC5B,OAAO,IAAA,4BAAoB,EAAC,IAAA,gBAAQ,EAAC,GAAG,EAAE,SAAS,CAAC,CAAC,CAAA;KACtD;SAAM;QACL,OAAO,IAAA,2BAAmB,EAAC,IAAA,gBAAQ,EAAC,GAAG,EAAE,QAAQ,CAAC,CAAC,CAAA;KACpD;AACH,CAAC,CAAA;AANY,QAAA,qBAAqB,yBAMjC;AAEM,MAAM,mBAAmB,GAAG,CAAC,GAAW,EAAE,EAAE;IACjD,MAAM,GAAG,GAAG,IAAA,gBAAQ,EAAC,GAAG,CAAC,CAAA;IACzB,IAAI,GAAG,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE;QAC/B,MAAM,KAAK,CAAC,4DAA4D,CAAC,CAAA;KAC1E;SAAM,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE;QACnC,OAAO,GAAG,CAAA;KACX;IACD,MAAM,SAAS,GAAG,IAAA,gBAAQ,EAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;IACzC,MAAM,SAAS,GAAG,IAAA,gBAAQ,EAAC,SAAS,EAAE,QAAQ,CAAC,CAAA;IAC/C,OAAO,IAAA,gBAAQ,EAAC,SAAS,CAAC,CAAA;AAC5B,CAAC,CAAA;AAVY,QAAA,mBAAmB,uBAU/B;AAEM,MAAM,QAAQ,GAAG,CAAC,GAAW,EAAE,SAAkB,EAAU,EAAE;IAClE,IAAI,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,EAAE;QACpC,MAAM,KAAK,CAAC,yBAAyB,SAAS,EAAE,CAAC,CAAA;KAClD;IAED,IAAI,WAAmB,CAAA;IACvB,IAAI,SAAS,EAAE;QACb,WAAW,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,MAAM,CAAC,kBAAkB,GAAG,SAAS,GAAG,OAAO,CAAC,EAAE,EAAE,CAAC,CAAA;QACnF,WAAW,GAAG,WAAW,CAAC,OAAO,CAAC,IAAI,MAAM,CAAC,WAAW,GAAG,SAAS,GAAG,YAAY,CAAC,EAAE,EAAE,CAAC,CAAA;KAC1F;SAAM;QACL,WAAW,GAAG,GAAG,CAAC,OAAO,CAAC,4BAA4B,EAAE,EAAE,CAAC,CAAA;QAC3D,WAAW,GAAG,WAAW,CAAC,OAAO,CAAC,0BAA0B,EAAE,EAAE,CAAC,CAAA;KAClE;IACD,OAAO,IAAA,mBAAW,EAAC,WAAW,EAAE,WAAW,CAAC,CAAA;AAC9C,CAAC,CAAA;AAdY,QAAA,QAAQ,YAcpB;AAED;;;;GAIG;AACI,MAAM,WAAW,GAAG,CAAC,KAAa,EAAE,aAA4C,EAAE,EAAE;IACzF,MAAM,gBAAgB,GAAG,KAAK,CAAC,OAAO,CAAC,oBAAoB,EAAE,EAAE,CAAC,CAAA;IAChE,OAAO,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAC,gBAAgB,EAAE,aAAa,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,WAAW,CAAC,EAAE,QAAQ,CAAC,CAAA;AAC9G,CAAC,CAAA;AAHY,QAAA,WAAW,eAGvB;AAED,MAAM,WAAW,GAAG,CAAC,KAA+B,EAAE,cAA6C,EAAU,EAAE;IAC7G,IAAI,GAAG,GAAG,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAA;IAChE,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,KAAK,CAAC,EAAE;QACxB,GAAG,GAAG,IAAI,GAAG,EAAE,CAAA;KAChB;IACD,OAAO,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAC,GAAG,EAAE,QAAQ,CAAC,EAAE,cAAc,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,WAAW,CAAC,CAAA;AACnG,CAAC,CAAA;AAEM,MAAM,QAAQ,GAAG,CAAC,GAAW,EAAE,IAAmB,EAAU,EAAE;IACnE,MAAM,MAAM,GAAG,WAAW,CAAC,GAAG,EAAE,WAAW,CAAC,CAAA;IAC5C,MAAM,SAAS,GAAG,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,YAAY,CAAA;IACvE,IAAI,IAAI,KAAK,SAAS,EAAE;QACtB,MAAM,GAAG,GAAG,WAAW,CAAC,MAAM,EAAE,SAAS,CAAC,CAAA;QAC1C,IAAI;YACF,IAAA,gBAAQ,EAAC,GAAG,CAAC,CAAA,CAAC,yCAAyC;YACvD,OAAO,GAAG,CAAA;SACX;QAAC,OAAO,KAAK,EAAE;YACd,OAAO,WAAW,CAAC,MAAM,EAAE,aAAa,CAAC,CAAA;SAC1C;KACF;IACD,OAAO,WAAW,CAAC,MAAM,EAAE,SAAS,CAAC,CAAA;AACvC,CAAC,CAAA;AAbY,QAAA,QAAQ,YAapB;AAED,SAAgB,WAAW,CAAC,IAAY,EAAE,SAA4E;IACpH,MAAM,GAAG,GAAG,SAAS,aAAT,SAAS,cAAT,SAAS,GAAI,aAAa,CAAA;IACtC,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAA;IACtC,IAAI,CAAC,OAAO,EAAE;QACZ,MAAM,KAAK,CAAC,mCAAmC,CAAC,CAAA;KACjD;IACD,OAAO,cAAc,GAAG,UAAU,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,GAAG,SAAS,CAAA;AAChF,CAAC;AAPD,kCAOC"}

package/package.json

@@ -0,0 +1,49 @@
+{
+  "name": "@sphereon/ssi-sdk-ext.key-utils",
+  "description": "Sphereon SSI-SDK plugin for key creation.",
+  "version": "0.10.2-next.20+fe74ec5",
+  "source": "src/index.ts",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "scripts": {
+    "build": "tsc --build",
+    "build:clean": "tsc --build --clean && tsc --build"
+  },
+  "dependencies": {
+    "@ethersproject/random": "^5.6.1",
+    "@stablelib/ed25519": "^1.0.2",
+    "@stablelib/sha256": "^1.0.1",
+    "@stablelib/sha512": "^1.0.1",
+    "base64url": "^3.0.1",
+    "debug": "^4.3.4",
+    "did-resolver": "^4.1.0",
+    "elliptic": "^6.5.4",
+    "lodash.isplainobject": "^4.0.6",
+    "multiformats": "^9.9.0",
+    "uint8arrays": "^3.1.1",
+    "varint": "^6.0.0",
+    "web-encoding": "^1.1.5"
+  },
+  "devDependencies": {
+    "@types/lodash.isplainobject": "^4.0.7"
+  },
+  "files": [
+    "dist/**/*",
+    "src/**/*",
+    "README.md",
+    "LICENSE"
+  ],
+  "private": false,
+  "publishConfig": {
+    "access": "public"
+  },
+  "repository": "git@github.com:Sphereon-OpenSource/ssi-sdk.git",
+  "author": "Sphereon <dev@sphereon.com>",
+  "license": "Apache-2.0",
+  "keywords": [
+    "JWK",
+    "DID",
+    "Veramo"
+  ],
+  "gitHead": "fe74ec598881102070db75141155719cc9df9812"
+}

package/src/digest-methods.ts

@@ -0,0 +1,74 @@
+import { hash as sha256 } from '@stablelib/sha256'
+import { hash as sha512 } from '@stablelib/sha512'
+import * as u8a from 'uint8arrays'
+
+export type HashAlgorithm = 'SHA-256' | 'SHA-512'
+export type TDigestMethod = (input: string) => string
+
+export const digestMethodParams = (hashAlgorithm: HashAlgorithm): { hashAlgorithm: HashAlgorithm; digestMethod: TDigestMethod } => {
+  if (hashAlgorithm === 'SHA-256') {
+    return { hashAlgorithm: 'SHA-256', digestMethod: sha256DigestMethod }
+  } else {
+    return { hashAlgorithm: 'SHA-512', digestMethod: sha512DigestMethod }
+  }
+}
+
+const sha256DigestMethod = (input: string): string => {
+  return u8a.toString(sha256(u8a.fromString(input, 'utf-8')), 'base16')
+}
+
+const sha512DigestMethod = (input: string): string => {
+  return u8a.toString(sha512(u8a.fromString(input, 'utf-8')), 'base16')
+}
+
+/*
+// PKCS#1 (PSS) mask generation function
+function pss_mgf1_str(seed, len, hash) {
+    var mask = '', i = 0;
+
+    while (mask.length < len) {
+        mask += hextorstr(hash(rstrtohex(seed + String.fromCharCode.apply(String, [
+                (i & 0xff000000) >> 24,
+                (i & 0x00ff0000) >> 16,
+                (i & 0x0000ff00) >> 8,
+                i & 0x000000ff]))));
+        i += 1;
+    }
+
+    return mask;
+}
+
+ */
+
+/*
+
+/!**
+ * Generate mask of specified length.
+ *
+ * @param {String} seed The seed for mask generation.
+ * @param maskLen Number of bytes to generate.
+ * @return {String} The generated mask.
+ *!/
+export const mgf1 = (dm: TDigestMethod, seed: string, maskLen: number) => {
+  /!* 2. Let T be the empty octet string. *!/
+  var t = new forge.util.ByteBuffer();
+
+  /!* 3. For counter from 0 to ceil(maskLen / hLen), do the following: *!/
+  var len = Math.ceil(maskLen / md.digestLength);
+  for(var i = 0; i < len; i++) {
+    /!* a. Convert counter to an octet string C of length 4 octets *!/
+    var c = new forge.util.ByteBuffer();
+    c.putInt32(i);
+
+    /!* b. Concatenate the hash of the seed mgfSeed and C to the octet
+     * string T: *!/
+    md.start();
+    md.update(seed + c.getBytes());
+    t.putBuffer(md.digest());
+  }
+
+  /!* Output the leading maskLen octets of T as the octet string mask. *!/
+  t.truncate(t.length() - maskLen);
+  return t.getBytes();
+}
+*/