@sphereon/ssi-sdk-ext.key-utils 0.12.2-next.4 → 0.12.2-unstable.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (38) hide show
  1. package/dist/functions.d.ts +18 -4
  2. package/dist/functions.d.ts.map +1 -1
  3. package/dist/functions.js +102 -28
  4. package/dist/functions.js.map +1 -1
  5. package/dist/index.d.ts +2 -1
  6. package/dist/index.d.ts.map +1 -1
  7. package/dist/index.js +2 -1
  8. package/dist/index.js.map +1 -1
  9. package/dist/types/key-util-types.d.ts +19 -2
  10. package/dist/types/key-util-types.d.ts.map +1 -1
  11. package/dist/types/key-util-types.js +2 -0
  12. package/dist/types/key-util-types.js.map +1 -1
  13. package/dist/x509/index.d.ts +4 -0
  14. package/dist/x509/index.d.ts.map +1 -0
  15. package/dist/x509/index.js +20 -0
  16. package/dist/x509/index.js.map +1 -0
  17. package/dist/x509/rsa-key.d.ts +11 -0
  18. package/dist/x509/rsa-key.d.ts.map +1 -0
  19. package/dist/x509/rsa-key.js +83 -0
  20. package/dist/x509/rsa-key.js.map +1 -0
  21. package/dist/x509/rsa-signer.d.ts +24 -0
  22. package/dist/x509/rsa-signer.d.ts.map +1 -0
  23. package/dist/x509/rsa-signer.js +102 -0
  24. package/dist/x509/rsa-signer.js.map +1 -0
  25. package/dist/{x509-utils.d.ts → x509/x509-utils.d.ts} +1 -1
  26. package/dist/x509/x509-utils.d.ts.map +1 -0
  27. package/dist/x509/x509-utils.js.map +1 -0
  28. package/package.json +4 -2
  29. package/src/functions.ts +119 -28
  30. package/src/index.ts +2 -1
  31. package/src/types/key-util-types.ts +20 -0
  32. package/src/x509/index.ts +3 -0
  33. package/src/x509/rsa-key.ts +62 -0
  34. package/src/x509/rsa-signer.ts +71 -0
  35. package/src/{x509-utils.ts → x509/x509-utils.ts} +1 -1
  36. package/dist/x509-utils.d.ts.map +0 -1
  37. package/dist/x509-utils.js.map +0 -1
  38. /package/dist/{x509-utils.js → x509/x509-utils.js} +0 -0
package/dist/functions.d.ts CHANGED
@@ -1,11 +1,22 @@
1
+ import { IAgentContext, IKey, IKeyManager } from '@veramo/core';
1
2
  import { JsonWebKey } from 'did-resolver';
2
- import { JwkKeyUse, TKeyType } from './types';
3
+ import { IImportProvidedOrGeneratedKeyArgs, JwkKeyUse, TKeyType } from './types';
3
4
  /**
4
5
  * Generates a random Private Hex Key for the specified key type
5
6
  * @param type The key type
6
7
  * @return The private key in Hex form
7
8
  */
8
- export declare const generatePrivateKeyHex: (type: TKeyType) => string;
9
+ export declare const generatePrivateKeyHex: (type: TKeyType) => Promise<string>;
10
+ /**
11
+ * We optionally generate and then import our own keys.
12
+ *
13
+ * @param args The key arguments
14
+ * @param context The Veramo agent context
15
+ * @private
16
+ */
17
+ export declare function importProvidedOrGeneratedKey(args: IImportProvidedOrGeneratedKeyArgs & {
18
+ kms: string;
19
+ }, context: IAgentContext<IKeyManager>): Promise<IKey>;
9
20
  /**
10
21
  * Converts hex value to base64url
11
22
  * @param value hex value
@@ -16,10 +27,13 @@ export declare const hex2base64url: (value: string) => string;
16
27
  * Converts a public key in hex format to a JWK
17
28
  * @param publicKeyHex public key in hex
18
29
  * @param type The type of the key (Ed25519, Secp256k1/r1)
19
- * @param use The optional use for the key (sig/enc)
30
+ * @param opts. Options, like the optional use for the key (sig/enc)
20
31
  * @return The JWK
21
32
  */
22
- export declare const toJwk: (publicKeyHex: string, type: TKeyType, use?: JwkKeyUse) => JsonWebKey;
33
+ export declare const toJwk: (publicKeyHex: string, type: TKeyType, opts?: {
34
+ use?: JwkKeyUse;
35
+ key?: IKey;
36
+ }) => JsonWebKey;
23
37
  /**
24
38
  * Determines the use param based upon the key/signature type or supplied use value.
25
39
  *
package/dist/functions.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"functions.d.ts","sourceRoot":"","sources":["../src/functions.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAA;AAEzC,OAAO,EAAwC,SAAS,EAAgB,QAAQ,EAAE,MAAM,SAAS,CAAA;AAGjG;;;;GAIG;AACH,eAAO,MAAM,qBAAqB,SAAU,QAAQ,KAAG,MAetD,CAAA;AAED;;;;GAIG;AACH,eAAO,MAAM,aAAa,UAAW,MAAM,WAM1C,CAAA;AAED;;;;;;GAMG;AACH,eAAO,MAAM,KAAK,iBAAkB,MAAM,QAAQ,QAAQ,QAAQ,SAAS,KAAG,UAW7E,CAAA;AAED;;;;;GAKG;AACH,eAAO,MAAM,eAAe,SAAU,QAAQ,gBAAgB,SAAS,KAAG,SAAS,GAAG,SAQrF,CAAA"}
1
+ {"version":3,"file":"functions.d.ts","sourceRoot":"","sources":["../src/functions.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,WAAW,EAAE,MAAM,cAAc,CAAA;AAE/D,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAA;AAGzC,OAAO,EAAgB,iCAAiC,EAAE,SAAS,EAAmC,QAAQ,EAAE,MAAM,SAAS,CAAA;AAG/H;;;;GAIG;AACH,eAAO,MAAM,qBAAqB,SAAgB,QAAQ,KAAG,QAAQ,MAAM,CAmB1E,CAAA;AAED;;;;;;GAMG;AACH,wBAAsB,4BAA4B,CAChD,IAAI,EAAE,iCAAiC,GAAG;IACxC,GAAG,EAAE,MAAM,CAAA;CACZ,EACD,OAAO,EAAE,aAAa,CAAC,WAAW,CAAC,GAClC,OAAO,CAAC,IAAI,CAAC,CAmCf;AAED;;;;GAIG;AACH,eAAO,MAAM,aAAa,UAAW,MAAM,WAO1C,CAAA;AAED;;;;;;GAMG;AACH,eAAO,MAAM,KAAK,iBAAkB,MAAM,QAAQ,QAAQ,SAAS;IAAE,GAAG,CAAC,EAAE,SAAS,CAAC;IAAC,GAAG,CAAC,EAAE,IAAI,CAAA;CAAE,KAAG,UAoBpG,CAAA;AAED;;;;;GAKG;AACH,eAAO,MAAM,eAAe,SAAU,QAAQ,gBAAgB,SAAS,KAAG,SAAS,GAAG,SAQrF,CAAA"}
package/dist/functions.js CHANGED
@@ -22,44 +22,94 @@ var __importStar = (this && this.__importStar) || function (mod) {
22
22
  __setModuleDefault(result, mod);
23
23
  return result;
24
24
  };
25
+ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
26
+ function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
27
+ return new (P || (P = Promise))(function (resolve, reject) {
28
+ function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
29
+ function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
30
+ function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
31
+ step((generator = generator.apply(thisArg, _arguments || [])).next());
32
+ });
33
+ };
25
34
  var __importDefault = (this && this.__importDefault) || function (mod) {
26
35
  return (mod && mod.__esModule) ? mod : { "default": mod };
27
36
  };
28
37
  Object.defineProperty(exports, "__esModule", { value: true });
29
- exports.jwkDetermineUse = exports.toJwk = exports.hex2base64url = exports.generatePrivateKeyHex = void 0;
38
+ exports.jwkDetermineUse = exports.toJwk = exports.hex2base64url = exports.importProvidedOrGeneratedKey = exports.generatePrivateKeyHex = void 0;
30
39
  const random_1 = require("@ethersproject/random");
31
40
  const ed25519_1 = require("@stablelib/ed25519");
41
+ const elliptic_1 = __importDefault(require("elliptic"));
32
42
  const u8a = __importStar(require("uint8arrays"));
33
43
  const types_1 = require("./types");
34
- const elliptic_1 = __importDefault(require("elliptic"));
44
+ const x509_1 = require("./x509");
35
45
  /**
36
46
  * Generates a random Private Hex Key for the specified key type
37
47
  * @param type The key type
38
48
  * @return The private key in Hex form
39
49
  */
40
- const generatePrivateKeyHex = (type) => {
50
+ const generatePrivateKeyHex = (type) => __awaiter(void 0, void 0, void 0, function* () {
41
51
  switch (type) {
42
- case types_1.Key.Ed25519: {
52
+ case 'Ed25519': {
43
53
  const keyPairEd25519 = (0, ed25519_1.generateKeyPair)();
44
54
  return u8a.toString(keyPairEd25519.secretKey, 'base16');
45
55
  }
46
56
  // The Secp256 types use the same method to generate the key
47
- case types_1.Key.Secp256r1:
48
- case types_1.Key.Secp256k1: {
57
+ case 'Secp256r1':
58
+ case 'Secp256k1': {
49
59
  const privateBytes = (0, random_1.randomBytes)(32);
50
60
  return u8a.toString(privateBytes, 'base16');
51
61
  }
62
+ case 'RSA': {
63
+ const pem = yield (0, x509_1.generateRSAKeyAsPEM)('RSA-PSS', 'SHA-256', 2048);
64
+ return (0, x509_1.privateKeyHexFromPEM)(pem);
65
+ }
52
66
  default:
53
67
  throw Error(`not_supported: Key type ${type} not yet supported for this did:jwk implementation`);
54
68
  }
55
- };
69
+ });
56
70
  exports.generatePrivateKeyHex = generatePrivateKeyHex;
71
+ /**
72
+ * We optionally generate and then import our own keys.
73
+ *
74
+ * @param args The key arguments
75
+ * @param context The Veramo agent context
76
+ * @private
77
+ */
78
+ function importProvidedOrGeneratedKey(args, context) {
79
+ var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l, _m, _o, _p, _q, _r, _s;
80
+ return __awaiter(this, void 0, void 0, function* () {
81
+ // @ts-ignore
82
+ const type = (_g = (_e = (_b = (_a = args.options) === null || _a === void 0 ? void 0 : _a.type) !== null && _b !== void 0 ? _b : (_d = (_c = args.options) === null || _c === void 0 ? void 0 : _c.key) === null || _d === void 0 ? void 0 : _d.type) !== null && _e !== void 0 ? _e : (_f = args.options) === null || _f === void 0 ? void 0 : _f.keyType) !== null && _g !== void 0 ? _g : 'Secp256r1';
83
+ const key = (_h = args === null || args === void 0 ? void 0 : args.options) === null || _h === void 0 ? void 0 : _h.key;
84
+ // Make sure x509 options are also set on the metadata as that is what the kms will look for
85
+ if (((_j = args.options) === null || _j === void 0 ? void 0 : _j.x509) && key && !((_k = key === null || key === void 0 ? void 0 : key.meta) === null || _k === void 0 ? void 0 : _k.x509)) {
86
+ key.meta = Object.assign(Object.assign({}, key.meta), { x509: Object.assign(Object.assign({}, (_l = key.meta) === null || _l === void 0 ? void 0 : _l.x509), args.options.x509) });
87
+ }
88
+ if (args.options && ((_m = args.options) === null || _m === void 0 ? void 0 : _m.use) === types_1.JwkKeyUse.Encryption && !types_1.ENC_KEY_ALGS.includes(type)) {
89
+ throw new Error(`${type} keys are not valid for encryption`);
90
+ }
91
+ let privateKeyHex;
92
+ if (key) {
93
+ privateKeyHex = (_o = key.privateKeyHex) !== null && _o !== void 0 ? _o : (_q = (_p = key.meta) === null || _p === void 0 ? void 0 : _p.x509) === null || _q === void 0 ? void 0 : _q.privateKeyHex;
94
+ if (!privateKeyHex && !((_s = (_r = key.meta) === null || _r === void 0 ? void 0 : _r.x509) === null || _s === void 0 ? void 0 : _s.privateKeyPEM)) {
95
+ throw new Error(`We need to have a private key in Hex or PEM when importing a key`);
96
+ }
97
+ }
98
+ else {
99
+ privateKeyHex = yield (0, exports.generatePrivateKeyHex)(type);
100
+ }
101
+ return context.agent.keyManagerImport(Object.assign(Object.assign({}, key), { kms: args.kms, type,
102
+ privateKeyHex }));
103
+ });
104
+ }
105
+ exports.importProvidedOrGeneratedKey = importProvidedOrGeneratedKey;
57
106
  /**
58
107
  * Converts hex value to base64url
59
108
  * @param value hex value
60
109
  * @return Base64Url encoded value
61
110
  */
62
111
  const hex2base64url = (value) => {
112
+ //fixme: Buffer to u8a
63
113
  const buffer = Buffer.from(value, 'hex');
64
114
  const base64 = buffer.toString('base64');
65
115
  const base64url = base64.replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, '');
@@ -70,17 +120,25 @@ exports.hex2base64url = hex2base64url;
70
120
  * Converts a public key in hex format to a JWK
71
121
  * @param publicKeyHex public key in hex
72
122
  * @param type The type of the key (Ed25519, Secp256k1/r1)
73
- * @param use The optional use for the key (sig/enc)
123
+ * @param opts. Options, like the optional use for the key (sig/enc)
74
124
  * @return The JWK
75
125
  */
76
- const toJwk = (publicKeyHex, type, use) => {
126
+ const toJwk = (publicKeyHex, type, opts) => {
127
+ const { key } = opts !== null && opts !== void 0 ? opts : {};
128
+ if (key && key.publicKeyHex !== publicKeyHex) {
129
+ throw Error(`Provided key with id ${key.kid}, has a different public key hex than supplied public key ${publicKeyHex}`);
130
+ }
77
131
  switch (type) {
78
- case types_1.Key.Ed25519:
79
- return toEd25519Jwk(publicKeyHex, use);
80
- case types_1.Key.Secp256k1:
81
- return toSecp256k1Jwk(publicKeyHex, use);
82
- case types_1.Key.Secp256r1:
83
- return toSecp256r1Jwk(publicKeyHex, use);
132
+ case 'Ed25519':
133
+ return toEd25519OrX25519Jwk(publicKeyHex, Object.assign(Object.assign({}, opts), { crv: types_1.KeyCurve.Ed25519 }));
134
+ case 'X25519':
135
+ return toEd25519OrX25519Jwk(publicKeyHex, Object.assign(Object.assign({}, opts), { crv: types_1.KeyCurve.X25519 }));
136
+ case 'Secp256k1':
137
+ return toSecp256k1Jwk(publicKeyHex, opts);
138
+ case 'Secp256r1':
139
+ return toSecp256r1Jwk(publicKeyHex, opts);
140
+ case 'RSA':
141
+ return toRSAJwk(publicKeyHex, opts);
84
142
  default:
85
143
  throw new Error(`not_supported: Key type ${type} not yet supported for this did:jwk implementation`);
86
144
  }
@@ -106,10 +164,15 @@ exports.jwkDetermineUse = jwkDetermineUse;
106
164
  * Assert the key has a proper length
107
165
  *
108
166
  * @param keyHex Input key
109
- * @param expectedKeyLength Expected key length
167
+ * @param expectedKeyLength Expected key length(s)
110
168
  */
111
169
  const assertProperKeyLength = (keyHex, expectedKeyLength) => {
112
- if (keyHex.length !== expectedKeyLength) {
170
+ if (Array.isArray(expectedKeyLength)) {
171
+ if (expectedKeyLength.includes(keyHex.length)) {
172
+ throw Error(`Invalid key length. Needs to be a hex string with length from ${JSON.stringify(expectedKeyLength)} instead of ${keyHex.length}. Input: ${keyHex}`);
173
+ }
174
+ }
175
+ else if (keyHex.length !== expectedKeyLength) {
113
176
  throw Error(`Invalid key length. Needs to be a hex string with length ${expectedKeyLength} instead of ${keyHex.length}. Input: ${keyHex}`);
114
177
  }
115
178
  };
@@ -119,8 +182,9 @@ const assertProperKeyLength = (keyHex, expectedKeyLength) => {
119
182
  * @param use The use for the key
120
183
  * @return The JWK
121
184
  */
122
- const toSecp256k1Jwk = (publicKeyHex, use) => {
185
+ const toSecp256k1Jwk = (publicKeyHex, opts) => {
123
186
  assertProperKeyLength(publicKeyHex, 130);
187
+ const { use } = opts !== null && opts !== void 0 ? opts : {};
124
188
  return Object.assign(Object.assign({ alg: 'ES256K' }, (use !== undefined && { use })), { kty: types_1.KeyType.EC, crv: types_1.KeyCurve.Secp256k1, x: (0, exports.hex2base64url)(publicKeyHex.substr(2, 64)), y: (0, exports.hex2base64url)(publicKeyHex.substr(66, 64)) });
125
189
  };
126
190
  /**
@@ -129,12 +193,9 @@ const toSecp256k1Jwk = (publicKeyHex, use) => {
129
193
  * @param use The use for the key
130
194
  * @return The JWK
131
195
  */
132
- const toSecp256r1Jwk = (publicKeyHex, use) => {
133
- const prefix = '';
134
- /*if (publicKeyHex.length === 128) {
135
- prefix = "04"
136
- }*/
137
- const publicKey = `${prefix}${publicKeyHex}`; // We add the 'uncompressed' type 04 prefix
196
+ const toSecp256r1Jwk = (publicKeyHex, opts) => {
197
+ const { use } = opts !== null && opts !== void 0 ? opts : {};
198
+ const publicKey = publicKeyHex;
138
199
  assertProperKeyLength(publicKey, 66);
139
200
  const secp256r1 = new elliptic_1.default.ec('p256');
140
201
  const key = secp256r1.keyFromPublic(publicKey, 'hex');
@@ -142,13 +203,26 @@ const toSecp256r1Jwk = (publicKeyHex, use) => {
142
203
  return Object.assign(Object.assign({ alg: 'ES256' }, (use !== undefined && { use })), { kty: types_1.KeyType.EC, crv: types_1.KeyCurve.P_256, x: (0, exports.hex2base64url)(pubPoint.getX().toString('hex')), y: (0, exports.hex2base64url)(pubPoint.getY().toString('hex')) });
143
204
  };
144
205
  /**
145
- * Generates a JWK from an Ed25519 public key
146
- * @param publicKeyHex Ed25519 public key in hex
206
+ * Generates a JWK from an Ed25519/X25519 public key
207
+ * @param publicKeyHex Ed25519/X25519 public key in hex
147
208
  * @param use The use for the key
148
209
  * @return The JWK
149
210
  */
150
- const toEd25519Jwk = (publicKeyHex, use) => {
211
+ const toEd25519OrX25519Jwk = (publicKeyHex, opts) => {
212
+ var _a;
151
213
  assertProperKeyLength(publicKeyHex, 64);
152
- return Object.assign(Object.assign({ alg: 'EdDSA' }, (use !== undefined && { use })), { kty: types_1.KeyType.OKP, crv: types_1.KeyCurve.Ed25519, x: (0, exports.hex2base64url)(publicKeyHex.substr(0, 64)) });
214
+ const { use } = opts !== null && opts !== void 0 ? opts : {};
215
+ return Object.assign(Object.assign({ alg: 'EdDSA' }, (use !== undefined && { use })), { kty: types_1.KeyType.OKP, crv: (_a = opts === null || opts === void 0 ? void 0 : opts.crv) !== null && _a !== void 0 ? _a : types_1.KeyCurve.Ed25519, x: (0, exports.hex2base64url)(publicKeyHex.substr(0, 64)) });
216
+ };
217
+ const toRSAJwk = (publicKeyHex, opts) => {
218
+ var _a, _b, _c;
219
+ const { key } = opts !== null && opts !== void 0 ? opts : {};
220
+ // const publicKey = publicKeyHex
221
+ // assertProperKeyLength(publicKey, [2048, 3072, 4096])
222
+ if ((_a = key === null || key === void 0 ? void 0 : key.meta) === null || _a === void 0 ? void 0 : _a.publicKeyJwk) {
223
+ return key.meta.publicKeyJwk;
224
+ }
225
+ const publicKeyPEM = (_c = (_b = key === null || key === void 0 ? void 0 : key.meta) === null || _b === void 0 ? void 0 : _b.publicKeyPEM) !== null && _c !== void 0 ? _c : (0, x509_1.hexToPEM)(publicKeyHex, 'public');
226
+ return (0, x509_1.PEMToJwk)(publicKeyPEM, 'public');
153
227
  };
154
228
  //# sourceMappingURL=functions.js.map
package/dist/functions.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"functions.js","sourceRoot":"","sources":["../src/functions.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,kDAAmD;AACnD,gDAA8E;AAG9E,iDAAkC;AAClC,mCAAiG;AACjG,wDAA+B;AAE/B;;;;GAIG;AACI,MAAM,qBAAqB,GAAG,CAAC,IAAc,EAAU,EAAE;IAC9D,QAAQ,IAAI,EAAE;QACZ,KAAK,WAAG,CAAC,OAAO,CAAC,CAAC;YAChB,MAAM,cAAc,GAAG,IAAA,yBAAsB,GAAE,CAAA;YAC/C,OAAO,GAAG,CAAC,QAAQ,CAAC,cAAc,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAA;SACxD;QACD,4DAA4D;QAC5D,KAAK,WAAG,CAAC,SAAS,CAAC;QACnB,KAAK,WAAG,CAAC,SAAS,CAAC,CAAC;YAClB,MAAM,YAAY,GAAG,IAAA,oBAAW,EAAC,EAAE,CAAC,CAAA;YACpC,OAAO,GAAG,CAAC,QAAQ,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAA;SAC5C;QACD;YACE,MAAM,KAAK,CAAC,2BAA2B,IAAI,oDAAoD,CAAC,CAAA;KACnG;AACH,CAAC,CAAA;AAfY,QAAA,qBAAqB,yBAejC;AAED;;;;GAIG;AACI,MAAM,aAAa,GAAG,CAAC,KAAa,EAAE,EAAE;IAC7C,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,KAAK,CAAC,CAAA;IACxC,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;IACxC,MAAM,SAAS,GAAG,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAA;IAElF,OAAO,SAAS,CAAA;AAClB,CAAC,CAAA;AANY,QAAA,aAAa,iBAMzB;AAED;;;;;;GAMG;AACI,MAAM,KAAK,GAAG,CAAC,YAAoB,EAAE,IAAc,EAAE,GAAe,EAAc,EAAE;IACzF,QAAQ,IAAI,EAAE;QACZ,KAAK,WAAG,CAAC,OAAO;YACd,OAAO,YAAY,CAAC,YAAY,EAAE,GAAG,CAAC,CAAA;QACxC,KAAK,WAAG,CAAC,SAAS;YAChB,OAAO,cAAc,CAAC,YAAY,EAAE,GAAG,CAAC,CAAA;QAC1C,KAAK,WAAG,CAAC,SAAS;YAChB,OAAO,cAAc,CAAC,YAAY,EAAE,GAAG,CAAC,CAAA;QAC1C;YACE,MAAM,IAAI,KAAK,CAAC,2BAA2B,IAAI,oDAAoD,CAAC,CAAA;KACvG;AACH,CAAC,CAAA;AAXY,QAAA,KAAK,SAWjB;AAED;;;;;GAKG;AACI,MAAM,eAAe,GAAG,CAAC,IAAc,EAAE,WAAuB,EAAyB,EAAE;IAChG,OAAO,WAAW;QAChB,CAAC,CAAC,WAAW;QACb,CAAC,CAAC,oBAAY,CAAC,QAAQ,CAAC,IAAI,CAAC;YAC7B,CAAC,CAAC,iBAAS,CAAC,SAAS;YACrB,CAAC,CAAC,oBAAY,CAAC,QAAQ,CAAC,IAAI,CAAC;gBAC7B,CAAC,CAAC,iBAAS,CAAC,UAAU;gBACtB,CAAC,CAAC,SAAS,CAAA;AACf,CAAC,CAAA;AARY,QAAA,eAAe,mBAQ3B;AAED;;;;;GAKG;AACH,MAAM,qBAAqB,GAAG,CAAC,MAAc,EAAE,iBAAyB,EAAE,EAAE;IAC1E,IAAI,MAAM,CAAC,MAAM,KAAK,iBAAiB,EAAE;QACvC,MAAM,KAAK,CAAC,4DAA4D,iBAAiB,eAAe,MAAM,CAAC,MAAM,YAAY,MAAM,EAAE,CAAC,CAAA;KAC3I;AACH,CAAC,CAAA;AAED;;;;;GAKG;AACH,MAAM,cAAc,GAAG,CAAC,YAAoB,EAAE,GAAe,EAAc,EAAE;IAC3E,qBAAqB,CAAC,YAAY,EAAE,GAAG,CAAC,CAAA;IACxC,qCACE,GAAG,EAAE,QAAQ,IACV,CAAC,GAAG,KAAK,SAAS,IAAI,EAAE,GAAG,EAAE,CAAC,KACjC,GAAG,EAAE,eAAO,CAAC,EAAE,EACf,GAAG,EAAE,gBAAQ,CAAC,SAAS,EACvB,CAAC,EAAE,IAAA,qBAAa,EAAC,YAAY,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAC5C,CAAC,EAAE,IAAA,qBAAa,EAAC,YAAY,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,IAC9C;AACH,CAAC,CAAA;AAED;;;;;GAKG;AACH,MAAM,cAAc,GAAG,CAAC,YAAoB,EAAE,GAAe,EAAc,EAAE;IAC3E,MAAM,MAAM,GAAG,EAAE,CAAA;IACjB;;OAEG;IACH,MAAM,SAAS,GAAG,GAAG,MAAM,GAAG,YAAY,EAAE,CAAA,CAAC,2CAA2C;IACxF,qBAAqB,CAAC,SAAS,EAAE,EAAE,CAAC,CAAA;IAEpC,MAAM,SAAS,GAAG,IAAI,kBAAQ,CAAC,EAAE,CAAC,MAAM,CAAC,CAAA;IACzC,MAAM,GAAG,GAAG,SAAS,CAAC,aAAa,CAAC,SAAS,EAAE,KAAK,CAAC,CAAA;IACrD,MAAM,QAAQ,GAAG,GAAG,CAAC,SAAS,EAAE,CAAA;IAChC,qCACE,GAAG,EAAE,OAAO,IACT,CAAC,GAAG,KAAK,SAAS,IAAI,EAAE,GAAG,EAAE,CAAC,KACjC,GAAG,EAAE,eAAO,CAAC,EAAE,EACf,GAAG,EAAE,gBAAQ,CAAC,KAAK,EACnB,CAAC,EAAE,IAAA,qBAAa,EAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EACjD,CAAC,EAAE,IAAA,qBAAa,EAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,IAClD;AACH,CAAC,CAAA;AAED;;;;;GAKG;AACH,MAAM,YAAY,GAAG,CAAC,YAAoB,EAAE,GAAe,EAAc,EAAE;IACzE,qBAAqB,CAAC,YAAY,EAAE,EAAE,CAAC,CAAA;IACvC,qCACE,GAAG,EAAE,OAAO,IACT,CAAC,GAAG,KAAK,SAAS,IAAI,EAAE,GAAG,EAAE,CAAC,KACjC,GAAG,EAAE,eAAO,CAAC,GAAG,EAChB,GAAG,EAAE,gBAAQ,CAAC,OAAO,EACrB,CAAC,EAAE,IAAA,qBAAa,EAAC,YAAY,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAC7C;AACH,CAAC,CAAA"}
1
+ {"version":3,"file":"functions.js","sourceRoot":"","sources":["../src/functions.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,kDAAmD;AACnD,gDAA8E;AAI9E,wDAA+B;AAC/B,iDAAkC;AAClC,mCAA+H;AAC/H,iCAAsF;AAEtF;;;;GAIG;AACI,MAAM,qBAAqB,GAAG,CAAO,IAAc,EAAmB,EAAE;IAC7E,QAAQ,IAAI,EAAE;QACZ,KAAK,SAAS,CAAC,CAAC;YACd,MAAM,cAAc,GAAG,IAAA,yBAAsB,GAAE,CAAA;YAC/C,OAAO,GAAG,CAAC,QAAQ,CAAC,cAAc,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAA;SACxD;QACD,4DAA4D;QAC5D,KAAK,WAAW,CAAC;QACjB,KAAK,WAAW,CAAC,CAAC;YAChB,MAAM,YAAY,GAAG,IAAA,oBAAW,EAAC,EAAE,CAAC,CAAA;YACpC,OAAO,GAAG,CAAC,QAAQ,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAA;SAC5C;QACD,KAAK,KAAK,CAAC,CAAC;YACV,MAAM,GAAG,GAAG,MAAM,IAAA,0BAAmB,EAAC,SAAS,EAAE,SAAS,EAAE,IAAI,CAAC,CAAA;YACjE,OAAO,IAAA,2BAAoB,EAAC,GAAG,CAAC,CAAA;SACjC;QACD;YACE,MAAM,KAAK,CAAC,2BAA2B,IAAI,oDAAoD,CAAC,CAAA;KACnG;AACH,CAAC,CAAA,CAAA;AAnBY,QAAA,qBAAqB,yBAmBjC;AAED;;;;;;GAMG;AACH,SAAsB,4BAA4B,CAChD,IAEC,EACD,OAAmC;;;QAEnC,aAAa;QACb,MAAM,IAAI,GAAG,MAAA,MAAA,MAAA,MAAA,IAAI,CAAC,OAAO,0CAAE,IAAI,mCAAI,MAAA,MAAA,IAAI,CAAC,OAAO,0CAAE,GAAG,0CAAE,IAAI,mCAAI,MAAA,IAAI,CAAC,OAAO,0CAAE,OAAO,mCAAI,WAAW,CAAA;QAClG,MAAM,GAAG,GAAG,MAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,OAAO,0CAAE,GAAG,CAAA;QAC9B,4FAA4F;QAC5F,IAAI,CAAA,MAAA,IAAI,CAAC,OAAO,0CAAE,IAAI,KAAI,GAAG,IAAI,CAAC,CAAA,MAAA,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,IAAI,0CAAE,IAAI,CAAA,EAAE;YACjD,GAAG,CAAC,IAAI,mCACH,GAAG,CAAC,IAAI,KACX,IAAI,kCACC,MAAA,GAAG,CAAC,IAAI,0CAAE,IAAI,GACd,IAAI,CAAC,OAAO,CAAC,IAAI,IAEvB,CAAA;SACF;QAED,IAAI,IAAI,CAAC,OAAO,IAAI,CAAA,MAAA,IAAI,CAAC,OAAO,0CAAE,GAAG,MAAK,iBAAS,CAAC,UAAU,IAAI,CAAC,oBAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE;YAC9F,MAAM,IAAI,KAAK,CAAC,GAAG,IAAI,oCAAoC,CAAC,CAAA;SAC7D;QAED,IAAI,aAAqB,CAAA;QACzB,IAAI,GAAG,EAAE;YACP,aAAa,GAAG,MAAA,GAAG,CAAC,aAAa,mCAAI,MAAA,MAAA,GAAG,CAAC,IAAI,0CAAE,IAAI,0CAAE,aAAa,CAAA;YAClE,IAAI,CAAC,aAAa,IAAI,CAAC,CAAA,MAAA,MAAA,GAAG,CAAC,IAAI,0CAAE,IAAI,0CAAE,aAAa,CAAA,EAAE;gBACpD,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAA;aACpF;SACF;aAAM;YACL,aAAa,GAAG,MAAM,IAAA,6BAAqB,EAAC,IAAI,CAAC,CAAA;SAClD;QAED,OAAO,OAAO,CAAC,KAAK,CAAC,gBAAgB,iCAChC,GAAG,KACN,GAAG,EAAE,IAAI,CAAC,GAAG,EACb,IAAI;YACJ,aAAa,IACb,CAAA;;CACH;AAxCD,oEAwCC;AAED;;;;GAIG;AACI,MAAM,aAAa,GAAG,CAAC,KAAa,EAAE,EAAE;IAC7C,sBAAsB;IACtB,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,KAAK,CAAC,CAAA;IACxC,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;IACxC,MAAM,SAAS,GAAG,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAA;IAElF,OAAO,SAAS,CAAA;AAClB,CAAC,CAAA;AAPY,QAAA,aAAa,iBAOzB;AAED;;;;;;GAMG;AACI,MAAM,KAAK,GAAG,CAAC,YAAoB,EAAE,IAAc,EAAE,IAAsC,EAAc,EAAE;IAChH,MAAM,EAAE,GAAG,EAAE,GAAG,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,EAAE,CAAA;IAC1B,IAAI,GAAG,IAAI,GAAG,CAAC,YAAY,KAAK,YAAY,EAAE;QAC5C,MAAM,KAAK,CAAC,wBAAwB,GAAG,CAAC,GAAG,6DAA6D,YAAY,EAAE,CAAC,CAAA;KACxH;IACD,QAAQ,IAAI,EAAE;QACZ,KAAK,SAAS;YACZ,OAAO,oBAAoB,CAAC,YAAY,kCAAO,IAAI,KAAE,GAAG,EAAE,gBAAQ,CAAC,OAAO,IAAG,CAAA;QAC/E,KAAK,QAAQ;YACX,OAAO,oBAAoB,CAAC,YAAY,kCAAO,IAAI,KAAE,GAAG,EAAE,gBAAQ,CAAC,MAAM,IAAG,CAAA;QAC9E,KAAK,WAAW;YACd,OAAO,cAAc,CAAC,YAAY,EAAE,IAAI,CAAC,CAAA;QAC3C,KAAK,WAAW;YACd,OAAO,cAAc,CAAC,YAAY,EAAE,IAAI,CAAC,CAAA;QAC3C,KAAK,KAAK;YACR,OAAO,QAAQ,CAAC,YAAY,EAAE,IAAI,CAAC,CAAA;QAErC;YACE,MAAM,IAAI,KAAK,CAAC,2BAA2B,IAAI,oDAAoD,CAAC,CAAA;KACvG;AACH,CAAC,CAAA;AApBY,QAAA,KAAK,SAoBjB;AAED;;;;;GAKG;AACI,MAAM,eAAe,GAAG,CAAC,IAAc,EAAE,WAAuB,EAAyB,EAAE;IAChG,OAAO,WAAW;QAChB,CAAC,CAAC,WAAW;QACb,CAAC,CAAC,oBAAY,CAAC,QAAQ,CAAC,IAAI,CAAC;YAC7B,CAAC,CAAC,iBAAS,CAAC,SAAS;YACrB,CAAC,CAAC,oBAAY,CAAC,QAAQ,CAAC,IAAI,CAAC;gBAC7B,CAAC,CAAC,iBAAS,CAAC,UAAU;gBACtB,CAAC,CAAC,SAAS,CAAA;AACf,CAAC,CAAA;AARY,QAAA,eAAe,mBAQ3B;AAED;;;;;GAKG;AACH,MAAM,qBAAqB,GAAG,CAAC,MAAc,EAAE,iBAAoC,EAAE,EAAE;IACrF,IAAI,KAAK,CAAC,OAAO,CAAC,iBAAiB,CAAC,EAAE;QACpC,IAAI,iBAAiB,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE;YAC7C,MAAM,KAAK,CACT,iEAAiE,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAC,eAChG,MAAM,CAAC,MACT,YAAY,MAAM,EAAE,CACrB,CAAA;SACF;KACF;SAAM,IAAI,MAAM,CAAC,MAAM,KAAK,iBAAiB,EAAE;QAC9C,MAAM,KAAK,CAAC,4DAA4D,iBAAiB,eAAe,MAAM,CAAC,MAAM,YAAY,MAAM,EAAE,CAAC,CAAA;KAC3I;AACH,CAAC,CAAA;AAED;;;;;GAKG;AACH,MAAM,cAAc,GAAG,CAAC,YAAoB,EAAE,IAA0B,EAAc,EAAE;IACtF,qBAAqB,CAAC,YAAY,EAAE,GAAG,CAAC,CAAA;IACxC,MAAM,EAAE,GAAG,EAAE,GAAG,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,EAAE,CAAA;IAC1B,qCACE,GAAG,EAAE,QAAQ,IACV,CAAC,GAAG,KAAK,SAAS,IAAI,EAAE,GAAG,EAAE,CAAC,KACjC,GAAG,EAAE,eAAO,CAAC,EAAE,EACf,GAAG,EAAE,gBAAQ,CAAC,SAAS,EACvB,CAAC,EAAE,IAAA,qBAAa,EAAC,YAAY,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAC5C,CAAC,EAAE,IAAA,qBAAa,EAAC,YAAY,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,IAC9C;AACH,CAAC,CAAA;AAED;;;;;GAKG;AACH,MAAM,cAAc,GAAG,CAAC,YAAoB,EAAE,IAA0B,EAAc,EAAE;IACtF,MAAM,EAAE,GAAG,EAAE,GAAG,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,EAAE,CAAA;IAC1B,MAAM,SAAS,GAAG,YAAY,CAAA;IAC9B,qBAAqB,CAAC,SAAS,EAAE,EAAE,CAAC,CAAA;IAEpC,MAAM,SAAS,GAAG,IAAI,kBAAQ,CAAC,EAAE,CAAC,MAAM,CAAC,CAAA;IACzC,MAAM,GAAG,GAAG,SAAS,CAAC,aAAa,CAAC,SAAS,EAAE,KAAK,CAAC,CAAA;IACrD,MAAM,QAAQ,GAAG,GAAG,CAAC,SAAS,EAAE,CAAA;IAChC,qCACE,GAAG,EAAE,OAAO,IACT,CAAC,GAAG,KAAK,SAAS,IAAI,EAAE,GAAG,EAAE,CAAC,KACjC,GAAG,EAAE,eAAO,CAAC,EAAE,EACf,GAAG,EAAE,gBAAQ,CAAC,KAAK,EACnB,CAAC,EAAE,IAAA,qBAAa,EAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EACjD,CAAC,EAAE,IAAA,qBAAa,EAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,IAClD;AACH,CAAC,CAAA;AAED;;;;;GAKG;AACH,MAAM,oBAAoB,GAAG,CAC3B,YAAoB,EACpB,IAGC,EACW,EAAE;;IACd,qBAAqB,CAAC,YAAY,EAAE,EAAE,CAAC,CAAA;IACvC,MAAM,EAAE,GAAG,EAAE,GAAG,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,EAAE,CAAA;IAC1B,qCACE,GAAG,EAAE,OAAO,IACT,CAAC,GAAG,KAAK,SAAS,IAAI,EAAE,GAAG,EAAE,CAAC,KACjC,GAAG,EAAE,eAAO,CAAC,GAAG,EAChB,GAAG,EAAE,MAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,GAAG,mCAAI,gBAAQ,CAAC,OAAO,EAClC,CAAC,EAAE,IAAA,qBAAa,EAAC,YAAY,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAC7C;AACH,CAAC,CAAA;AAED,MAAM,QAAQ,GAAG,CAAC,YAAoB,EAAE,IAAsC,EAAc,EAAE;;IAC5F,MAAM,EAAE,GAAG,EAAE,GAAG,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,EAAE,CAAA;IAC1B,iCAAiC;IACjC,uDAAuD;IAEvD,IAAI,MAAA,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,IAAI,0CAAE,YAAY,EAAE;QAC3B,OAAO,GAAG,CAAC,IAAI,CAAC,YAA0B,CAAA;KAC3C;IAED,MAAM,YAAY,GAAG,MAAA,MAAA,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,IAAI,0CAAE,YAAY,mCAAI,IAAA,eAAQ,EAAC,YAAY,EAAE,QAAQ,CAAC,CAAA;IAChF,OAAO,IAAA,eAAQ,EAAC,YAAY,EAAE,QAAQ,CAAe,CAAA;AACvD,CAAC,CAAA"}
package/dist/index.d.ts CHANGED
@@ -4,9 +4,10 @@
4
4
  *
5
5
  * @packageDocumentation
6
6
  */
7
+ export * from './x509';
7
8
  export * from './functions';
8
9
  export * from './jwk-jcs';
9
10
  export * from './types';
10
- export * from './x509-utils';
11
+ export * from './x509/x509-utils';
11
12
  export * from './digest-methods';
12
13
  //# sourceMappingURL=index.d.ts.map
package/dist/index.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,cAAc,aAAa,CAAA;AAC3B,cAAc,WAAW,CAAA;AACzB,cAAc,SAAS,CAAA;AACvB,cAAc,cAAc,CAAA;AAC5B,cAAc,kBAAkB,CAAA"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,cAAc,QAAQ,CAAA;AACtB,cAAc,aAAa,CAAA;AAC3B,cAAc,WAAW,CAAA;AACzB,cAAc,SAAS,CAAA;AACvB,cAAc,mBAAmB,CAAA;AACjC,cAAc,kBAAkB,CAAA"}
package/dist/index.js CHANGED
@@ -20,9 +20,10 @@ Object.defineProperty(exports, "__esModule", { value: true });
20
20
  *
21
21
  * @packageDocumentation
22
22
  */
23
+ __exportStar(require("./x509"), exports);
23
24
  __exportStar(require("./functions"), exports);
24
25
  __exportStar(require("./jwk-jcs"), exports);
25
26
  __exportStar(require("./types"), exports);
26
- __exportStar(require("./x509-utils"), exports);
27
+ __exportStar(require("./x509/x509-utils"), exports);
27
28
  __exportStar(require("./digest-methods"), exports);
28
29
  //# sourceMappingURL=index.js.map
package/dist/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA;;;;;GAKG;AACH,8CAA2B;AAC3B,4CAAyB;AACzB,0CAAuB;AACvB,+CAA4B;AAC5B,mDAAgC"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA;;;;;GAKG;AACH,yCAAsB;AACtB,8CAA2B;AAC3B,4CAAyB;AACzB,0CAAuB;AACvB,oDAAiC;AACjC,mDAAgC"}
package/dist/types/key-util-types.d.ts CHANGED
@@ -1,3 +1,4 @@
1
+ import { MinimalImportableKey } from '@veramo/core';
1
2
  export declare const JWK_JCS_PUB_NAME = "jwk_jcs-pub";
2
3
  export declare const JWK_JCS_PUB_PREFIX = 60241;
3
4
  export type TKeyType = 'Ed25519' | 'Secp256k1' | 'Secp256r1' | 'X25519' | 'Bls12381G1' | 'Bls12381G2' | 'RSA';
@@ -13,11 +14,13 @@ export declare enum JwkKeyUse {
13
14
  export declare enum KeyCurve {
14
15
  Secp256k1 = "secp256k1",
15
16
  P_256 = "P-256",
16
- Ed25519 = "Ed25519"
17
+ Ed25519 = "Ed25519",
18
+ X25519 = "X25519"
17
19
  }
18
20
  export declare enum KeyType {
19
21
  EC = "EC",
20
- OKP = "OKP"
22
+ OKP = "OKP",
23
+ RSA = "RSA"
21
24
  }
22
25
  export declare const SIG_KEY_ALGS: string[];
23
26
  export declare const ENC_KEY_ALGS: string[];
@@ -33,4 +36,18 @@ export interface X509Opts {
33
36
  certificateChainURL?: string;
34
37
  certificateChainPEM?: string;
35
38
  }
39
+ export interface IImportProvidedOrGeneratedKeyArgs {
40
+ kms?: string;
41
+ options?: IKeyOpts;
42
+ }
43
+ export interface IKeyOpts {
44
+ key?: WithRequiredProperty<Partial<MinimalImportableKey>, 'privateKeyHex'>;
45
+ type?: TKeyType;
46
+ use?: JwkKeyUse;
47
+ x509?: X509Opts;
48
+ }
49
+ type WithRequiredProperty<Type, Key extends keyof Type> = Type & {
50
+ [Property in Key]-?: Type[Property];
51
+ };
52
+ export {};
36
53
  //# sourceMappingURL=key-util-types.d.ts.map
package/dist/types/key-util-types.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"key-util-types.d.ts","sourceRoot":"","sources":["../../src/types/key-util-types.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,gBAAgB,gBAAgB,CAAA;AAC7C,eAAO,MAAM,kBAAkB,QAAS,CAAA;AAExC,MAAM,MAAM,QAAQ,GAAG,SAAS,GAAG,WAAW,GAAG,WAAW,GAAG,QAAQ,GAAG,YAAY,GAAG,YAAY,GAAG,KAAK,CAAA;AAE7G,oBAAY,GAAG;IACb,OAAO,YAAY;IACnB,SAAS,cAAc;IACvB,SAAS,cAAc;CACxB;AAED,oBAAY,SAAS;IACnB,UAAU,QAAQ;IAClB,SAAS,QAAQ;CAClB;AAED,oBAAY,QAAQ;IAClB,SAAS,cAAc;IACvB,KAAK,UAAU;IACf,OAAO,YAAY;CACpB;AAED,oBAAY,OAAO;IACjB,EAAE,OAAO;IACT,GAAG,QAAQ;CACZ;AAED,eAAO,MAAM,YAAY,UAAkH,CAAA;AAC3I,eAAO,MAAM,YAAY,UAA+C,CAAA;AAExE,MAAM,WAAW,GAAI,SAAQ,UAAU;IACrC,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,GAAG,CAAC,EAAE,MAAM,CAAA;CACb;AAED,MAAM,MAAM,aAAa,GAAG,QAAQ,GAAG,SAAS,CAAA;AAEhD,MAAM,WAAW,QAAQ;IACvB,EAAE,CAAC,EAAE,MAAM,CAAA;IACX,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,cAAc,CAAC,EAAE,MAAM,CAAA;IACvB,mBAAmB,CAAC,EAAE,MAAM,CAAA;IAC5B,mBAAmB,CAAC,EAAE,MAAM,CAAA;CAC7B"}
1
+ {"version":3,"file":"key-util-types.d.ts","sourceRoot":"","sources":["../../src/types/key-util-types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oBAAoB,EAAE,MAAM,cAAc,CAAA;AAEnD,eAAO,MAAM,gBAAgB,gBAAgB,CAAA;AAC7C,eAAO,MAAM,kBAAkB,QAAS,CAAA;AAExC,MAAM,MAAM,QAAQ,GAAG,SAAS,GAAG,WAAW,GAAG,WAAW,GAAG,QAAQ,GAAG,YAAY,GAAG,YAAY,GAAG,KAAK,CAAA;AAE7G,oBAAY,GAAG;IACb,OAAO,YAAY;IACnB,SAAS,cAAc;IACvB,SAAS,cAAc;CACxB;AAED,oBAAY,SAAS;IACnB,UAAU,QAAQ;IAClB,SAAS,QAAQ;CAClB;AAED,oBAAY,QAAQ;IAClB,SAAS,cAAc;IACvB,KAAK,UAAU;IACf,OAAO,YAAY;IACnB,MAAM,WAAW;CAClB;AAED,oBAAY,OAAO;IACjB,EAAE,OAAO;IACT,GAAG,QAAQ;IACX,GAAG,QAAQ;CACZ;AAED,eAAO,MAAM,YAAY,UAAkH,CAAA;AAC3I,eAAO,MAAM,YAAY,UAA+C,CAAA;AAExE,MAAM,WAAW,GAAI,SAAQ,UAAU;IACrC,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,GAAG,CAAC,EAAE,MAAM,CAAA;CACb;AAED,MAAM,MAAM,aAAa,GAAG,QAAQ,GAAG,SAAS,CAAA;AAEhD,MAAM,WAAW,QAAQ;IACvB,EAAE,CAAC,EAAE,MAAM,CAAA;IACX,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,cAAc,CAAC,EAAE,MAAM,CAAA;IACvB,mBAAmB,CAAC,EAAE,MAAM,CAAA;IAC5B,mBAAmB,CAAC,EAAE,MAAM,CAAA;CAC7B;AAED,MAAM,WAAW,iCAAiC;IAChD,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,OAAO,CAAC,EAAE,QAAQ,CAAA;CACnB;AACD,MAAM,WAAW,QAAQ;IACvB,GAAG,CAAC,EAAE,oBAAoB,CAAC,OAAO,CAAC,oBAAoB,CAAC,EAAE,eAAe,CAAC,CAAA;IAC1E,IAAI,CAAC,EAAE,QAAQ,CAAA;IACf,GAAG,CAAC,EAAE,SAAS,CAAA;IACf,IAAI,CAAC,EAAE,QAAQ,CAAA;CAChB;AAGD,KAAK,oBAAoB,CAAC,IAAI,EAAE,GAAG,SAAS,MAAM,IAAI,IAAI,IAAI,GAAG;KAC9D,QAAQ,IAAI,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC;CACpC,CAAA"}
package/dist/types/key-util-types.js CHANGED
@@ -19,11 +19,13 @@ var KeyCurve;
19
19
  KeyCurve["Secp256k1"] = "secp256k1";
20
20
  KeyCurve["P_256"] = "P-256";
21
21
  KeyCurve["Ed25519"] = "Ed25519";
22
+ KeyCurve["X25519"] = "X25519";
22
23
  })(KeyCurve = exports.KeyCurve || (exports.KeyCurve = {}));
23
24
  var KeyType;
24
25
  (function (KeyType) {
25
26
  KeyType["EC"] = "EC";
26
27
  KeyType["OKP"] = "OKP";
28
+ KeyType["RSA"] = "RSA";
27
29
  })(KeyType = exports.KeyType || (exports.KeyType = {}));
28
30
  exports.SIG_KEY_ALGS = ['ES256', 'ES384', 'ES512', 'EdDSA', 'ES256K', 'Ed25519', 'Secp256k1', 'Secp256r1', 'Bls12381G1', 'Bls12381G2'];
29
31
  exports.ENC_KEY_ALGS = ['X25519', 'ECDH_ES_A256KW', 'RSA_OAEP_256'];
package/dist/types/key-util-types.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"key-util-types.js","sourceRoot":"","sources":["../../src/types/key-util-types.ts"],"names":[],"mappings":";;;AAAa,QAAA,gBAAgB,GAAG,aAAa,CAAA;AAChC,QAAA,kBAAkB,GAAG,MAAM,CAAA;AAIxC,IAAY,GAIX;AAJD,WAAY,GAAG;IACb,0BAAmB,CAAA;IACnB,8BAAuB,CAAA;IACvB,8BAAuB,CAAA;AACzB,CAAC,EAJW,GAAG,GAAH,WAAG,KAAH,WAAG,QAId;AAED,IAAY,SAGX;AAHD,WAAY,SAAS;IACnB,+BAAkB,CAAA;IAClB,8BAAiB,CAAA;AACnB,CAAC,EAHW,SAAS,GAAT,iBAAS,KAAT,iBAAS,QAGpB;AAED,IAAY,QAIX;AAJD,WAAY,QAAQ;IAClB,mCAAuB,CAAA;IACvB,2BAAe,CAAA;IACf,+BAAmB,CAAA;AACrB,CAAC,EAJW,QAAQ,GAAR,gBAAQ,KAAR,gBAAQ,QAInB;AAED,IAAY,OAGX;AAHD,WAAY,OAAO;IACjB,oBAAS,CAAA;IACT,sBAAW,CAAA;AACb,CAAC,EAHW,OAAO,GAAP,eAAO,KAAP,eAAO,QAGlB;AAEY,QAAA,YAAY,GAAG,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,WAAW,EAAE,WAAW,EAAE,YAAY,EAAE,YAAY,CAAC,CAAA;AAC9H,QAAA,YAAY,GAAG,CAAC,QAAQ,EAAE,gBAAgB,EAAE,cAAc,CAAC,CAAA"}
1
+ {"version":3,"file":"key-util-types.js","sourceRoot":"","sources":["../../src/types/key-util-types.ts"],"names":[],"mappings":";;;AAEa,QAAA,gBAAgB,GAAG,aAAa,CAAA;AAChC,QAAA,kBAAkB,GAAG,MAAM,CAAA;AAIxC,IAAY,GAIX;AAJD,WAAY,GAAG;IACb,0BAAmB,CAAA;IACnB,8BAAuB,CAAA;IACvB,8BAAuB,CAAA;AACzB,CAAC,EAJW,GAAG,GAAH,WAAG,KAAH,WAAG,QAId;AAED,IAAY,SAGX;AAHD,WAAY,SAAS;IACnB,+BAAkB,CAAA;IAClB,8BAAiB,CAAA;AACnB,CAAC,EAHW,SAAS,GAAT,iBAAS,KAAT,iBAAS,QAGpB;AAED,IAAY,QAKX;AALD,WAAY,QAAQ;IAClB,mCAAuB,CAAA;IACvB,2BAAe,CAAA;IACf,+BAAmB,CAAA;IACnB,6BAAiB,CAAA;AACnB,CAAC,EALW,QAAQ,GAAR,gBAAQ,KAAR,gBAAQ,QAKnB;AAED,IAAY,OAIX;AAJD,WAAY,OAAO;IACjB,oBAAS,CAAA;IACT,sBAAW,CAAA;IACX,sBAAW,CAAA;AACb,CAAC,EAJW,OAAO,GAAP,eAAO,KAAP,eAAO,QAIlB;AAEY,QAAA,YAAY,GAAG,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,WAAW,EAAE,WAAW,EAAE,YAAY,EAAE,YAAY,CAAC,CAAA;AAC9H,QAAA,YAAY,GAAG,CAAC,QAAQ,EAAE,gBAAgB,EAAE,cAAc,CAAC,CAAA"}
package/dist/x509/index.d.ts ADDED
@@ -0,0 +1,4 @@
1
+ export * from './rsa-key';
2
+ export * from './rsa-signer';
3
+ export * from './x509-utils';
4
+ //# sourceMappingURL=index.d.ts.map
package/dist/x509/index.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/x509/index.ts"],"names":[],"mappings":"AAAA,cAAc,WAAW,CAAA;AACzB,cAAc,cAAc,CAAA;AAC5B,cAAc,cAAc,CAAA"}
package/dist/x509/index.js ADDED
@@ -0,0 +1,20 @@
1
+ "use strict";
2
+ var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
3
+ if (k2 === undefined) k2 = k;
4
+ var desc = Object.getOwnPropertyDescriptor(m, k);
5
+ if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
6
+ desc = { enumerable: true, get: function() { return m[k]; } };
7
+ }
8
+ Object.defineProperty(o, k2, desc);
9
+ }) : (function(o, m, k, k2) {
10
+ if (k2 === undefined) k2 = k;
11
+ o[k2] = m[k];
12
+ }));
13
+ var __exportStar = (this && this.__exportStar) || function(m, exports) {
14
+ for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
15
+ };
16
+ Object.defineProperty(exports, "__esModule", { value: true });
17
+ __exportStar(require("./rsa-key"), exports);
18
+ __exportStar(require("./rsa-signer"), exports);
19
+ __exportStar(require("./x509-utils"), exports);
20
+ //# sourceMappingURL=index.js.map
package/dist/x509/index.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/x509/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,4CAAyB;AACzB,+CAA4B;AAC5B,+CAA4B"}
package/dist/x509/rsa-key.d.ts ADDED
@@ -0,0 +1,11 @@
1
+ import { HashAlgorithm } from '../digest-methods';
2
+ import { JWK } from '../types';
3
+ export type RSASignatureSchemes = 'RSASSA-PKCS1-V1_5' | 'RSA-PSS';
4
+ export type RSAEncryptionSchemes = 'RSAES-PKCS-v1_5 ' | 'RSAES-OAEP';
5
+ export declare const signAlgorithmToSchemeAndHashAlg: (signingAlg: string) => {
6
+ scheme: "RSASSA-PKCS1-V1_5" | "RSA-PSS";
7
+ hashAlgorithm: HashAlgorithm;
8
+ };
9
+ export declare const cryptoSubtleImportRSAKey: (jwk: JWK, scheme: RSAEncryptionSchemes | RSASignatureSchemes, hashAlgorithm?: HashAlgorithm) => Promise<CryptoKey>;
10
+ export declare const generateRSAKeyAsPEM: (scheme: RSAEncryptionSchemes | RSASignatureSchemes, hashAlgorithm?: HashAlgorithm, modulusLength?: number) => Promise<string>;
11
+ //# sourceMappingURL=rsa-key.d.ts.map
package/dist/x509/rsa-key.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"rsa-key.d.ts","sourceRoot":"","sources":["../../src/x509/rsa-key.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAA;AACjD,OAAO,EAAE,GAAG,EAAE,MAAM,UAAU,CAAA;AAG9B,MAAM,MAAM,mBAAmB,GAAG,mBAAmB,GAAG,SAAS,CAAA;AAEjE,MAAM,MAAM,oBAAoB,GAAG,kBAAkB,GAAG,YAAY,CAAA;AAOpE,eAAO,MAAM,+BAA+B,eAAgB,MAAM;;;CAajE,CAAA;AAED,eAAO,MAAM,wBAAwB,QAC9B,GAAG,UACA,oBAAoB,GAAG,mBAAmB,kBAClC,aAAa,KAC5B,QAAQ,SAAS,CAKnB,CAAA;AAED,eAAO,MAAM,mBAAmB,WACtB,oBAAoB,GAAG,mBAAmB,kBAClC,aAAa,kBACb,MAAM,KACrB,QAAQ,MAAM,CAgBhB,CAAA"}
package/dist/x509/rsa-key.js ADDED
@@ -0,0 +1,83 @@
1
+ "use strict";
2
+ var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
3
+ if (k2 === undefined) k2 = k;
4
+ var desc = Object.getOwnPropertyDescriptor(m, k);
5
+ if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
6
+ desc = { enumerable: true, get: function() { return m[k]; } };
7
+ }
8
+ Object.defineProperty(o, k2, desc);
9
+ }) : (function(o, m, k, k2) {
10
+ if (k2 === undefined) k2 = k;
11
+ o[k2] = m[k];
12
+ }));
13
+ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
14
+ Object.defineProperty(o, "default", { enumerable: true, value: v });
15
+ }) : function(o, v) {
16
+ o["default"] = v;
17
+ });
18
+ var __importStar = (this && this.__importStar) || function (mod) {
19
+ if (mod && mod.__esModule) return mod;
20
+ var result = {};
21
+ if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
22
+ __setModuleDefault(result, mod);
23
+ return result;
24
+ };
25
+ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
26
+ function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
27
+ return new (P || (P = Promise))(function (resolve, reject) {
28
+ function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
29
+ function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
30
+ function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
31
+ step((generator = generator.apply(thisArg, _arguments || [])).next());
32
+ });
33
+ };
34
+ var __importDefault = (this && this.__importDefault) || function (mod) {
35
+ return (mod && mod.__esModule) ? mod : { "default": mod };
36
+ };
37
+ Object.defineProperty(exports, "__esModule", { value: true });
38
+ exports.generateRSAKeyAsPEM = exports.cryptoSubtleImportRSAKey = exports.signAlgorithmToSchemeAndHashAlg = void 0;
39
+ const isomorphic_webcrypto_1 = __importDefault(require("@sphereon/isomorphic-webcrypto"));
40
+ const u8a = __importStar(require("uint8arrays"));
41
+ const x509_utils_1 = require("./x509-utils");
42
+ const usage = (jwk) => {
43
+ // "decrypt" | "deriveBits" | "deriveKey" | "encrypt" | "sign" | "unwrapKey" | "verify" | "wrapKey";
44
+ return jwk.d ? ['sign', 'decrypt', 'verify', 'encrypt'] : ['verify', 'encrypt'];
45
+ };
46
+ const signAlgorithmToSchemeAndHashAlg = (signingAlg) => {
47
+ const alg = signingAlg.toUpperCase();
48
+ let scheme;
49
+ if (alg.startsWith('RS')) {
50
+ scheme = 'RSASSA-PKCS1-V1_5';
51
+ }
52
+ else if (alg.startsWith('PS')) {
53
+ scheme = 'RSA-PSS';
54
+ }
55
+ else {
56
+ throw Error(`Invalid signing algorithm supplied ${signingAlg}`);
57
+ }
58
+ const hashAlgorithm = `SHA-${alg.substring(2)}`;
59
+ return { scheme, hashAlgorithm };
60
+ };
61
+ exports.signAlgorithmToSchemeAndHashAlg = signAlgorithmToSchemeAndHashAlg;
62
+ const cryptoSubtleImportRSAKey = (jwk, scheme, hashAlgorithm) => __awaiter(void 0, void 0, void 0, function* () {
63
+ const hashName = hashAlgorithm ? hashAlgorithm : jwk.alg ? `SHA-${jwk.alg.substring(2)}` : 'SHA-256';
64
+ const importParams = { name: scheme, hash: hashName };
65
+ return yield isomorphic_webcrypto_1.default.subtle.importKey('jwk', jwk, importParams, false, usage(jwk));
66
+ });
67
+ exports.cryptoSubtleImportRSAKey = cryptoSubtleImportRSAKey;
68
+ const generateRSAKeyAsPEM = (scheme, hashAlgorithm, modulusLength) => __awaiter(void 0, void 0, void 0, function* () {
69
+ const hashName = hashAlgorithm ? hashAlgorithm : 'SHA-256';
70
+ const params = {
71
+ name: scheme,
72
+ hash: hashName,
73
+ modulusLength: modulusLength ? modulusLength : 2048,
74
+ publicExponent: new Uint8Array([1, 0, 1]),
75
+ };
76
+ const keyUsage = scheme === 'RSA-PSS' || scheme === 'RSASSA-PKCS1-V1_5' ? ['sign', 'verify'] : ['encrypt', 'decrypt'];
77
+ const keypair = yield isomorphic_webcrypto_1.default.subtle.generateKey(params, true, keyUsage);
78
+ const pkcs8 = yield isomorphic_webcrypto_1.default.subtle.exportKey('pkcs8', keypair.privateKey);
79
+ const uint8Array = new Uint8Array(pkcs8);
80
+ return (0, x509_utils_1.base64ToPEM)(u8a.toString(uint8Array, 'base64pad'), 'RSA PRIVATE KEY');
81
+ });
82
+ exports.generateRSAKeyAsPEM = generateRSAKeyAsPEM;
83
+ //# sourceMappingURL=rsa-key.js.map
package/dist/x509/rsa-key.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"rsa-key.js","sourceRoot":"","sources":["../../src/x509/rsa-key.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,0FAAmD;AACnD,iDAAkC;AAGlC,6CAA0C;AAM1C,MAAM,KAAK,GAAG,CAAC,GAAQ,EAAc,EAAE;IACrC,oGAAoG;IACpG,OAAO,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAA;AACjF,CAAC,CAAA;AAEM,MAAM,+BAA+B,GAAG,CAAC,UAAkB,EAAE,EAAE;IACpE,MAAM,GAAG,GAAG,UAAU,CAAC,WAAW,EAAE,CAAA;IACpC,IAAI,MAAkD,CAAA;IACtD,IAAI,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE;QACxB,MAAM,GAAG,mBAAmB,CAAA;KAC7B;SAAM,IAAI,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE;QAC/B,MAAM,GAAG,SAAS,CAAA;KACnB;SAAM;QACL,MAAM,KAAK,CAAC,sCAAsC,UAAU,EAAE,CAAC,CAAA;KAChE;IAED,MAAM,aAAa,GAAG,OAAO,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,EAAmB,CAAA;IAChE,OAAO,EAAE,MAAM,EAAE,aAAa,EAAE,CAAA;AAClC,CAAC,CAAA;AAbY,QAAA,+BAA+B,mCAa3C;AAEM,MAAM,wBAAwB,GAAG,CACtC,GAAQ,EACR,MAAkD,EAClD,aAA6B,EACT,EAAE;IACtB,MAAM,QAAQ,GAAG,aAAa,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,GAAG,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAA;IAEpG,MAAM,YAAY,GAA0B,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAA;IAC5E,OAAO,MAAM,8BAAM,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,EAAE,GAAiB,EAAE,YAAY,EAAE,KAAK,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAA;AACjG,CAAC,CAAA,CAAA;AATY,QAAA,wBAAwB,4BASpC;AAEM,MAAM,mBAAmB,GAAG,CACjC,MAAkD,EAClD,aAA6B,EAC7B,aAAsB,EACL,EAAE;IACnB,MAAM,QAAQ,GAAG,aAAa,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAA;IAE1D,MAAM,MAAM,GAA0B;QACpC,IAAI,EAAE,MAAM;QACZ,IAAI,EAAE,QAAQ;QACd,aAAa,EAAE,aAAa,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI;QACnD,cAAc,EAAE,IAAI,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;KAC1C,CAAA;IACD,MAAM,QAAQ,GAAe,MAAM,KAAK,SAAS,IAAI,MAAM,KAAK,mBAAmB,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,EAAE,SAAS,CAAC,CAAA;IAEjI,MAAM,OAAO,GAAG,MAAM,8BAAM,CAAC,MAAM,CAAC,WAAW,CAAC,MAAM,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAA;IACvE,MAAM,KAAK,GAAG,MAAM,8BAAM,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE,OAAO,CAAC,UAAU,CAAC,CAAA;IAExE,MAAM,UAAU,GAAG,IAAI,UAAU,CAAC,KAAK,CAAC,CAAA;IACxC,OAAO,IAAA,wBAAW,EAAC,GAAG,CAAC,QAAQ,CAAC,UAAU,EAAE,WAAW,CAAC,EAAE,iBAAiB,CAAC,CAAA;AAC9E,CAAC,CAAA,CAAA;AApBY,QAAA,mBAAmB,uBAoB/B"}
package/dist/x509/rsa-signer.d.ts ADDED
@@ -0,0 +1,24 @@
1
+ import { HashAlgorithm } from '../digest-methods';
2
+ import { JWK } from '../types';
3
+ import { RSAEncryptionSchemes, RSASignatureSchemes } from './rsa-key';
4
+ export declare class RSASigner {
5
+ private readonly hashAlgorithm;
6
+ private readonly jwk;
7
+ private key;
8
+ private readonly scheme;
9
+ /**
10
+ *
11
+ * @param key Either in PEM or JWK format (no raw hex keys here!)
12
+ * @param opts The algorithm and signature/encryption schemes
13
+ */
14
+ constructor(key: string | JWK, opts?: {
15
+ hashAlgorithm?: HashAlgorithm;
16
+ scheme?: RSAEncryptionSchemes | RSASignatureSchemes;
17
+ });
18
+ private getImportParams;
19
+ private getKey;
20
+ private bufferToString;
21
+ sign(data: string | Uint8Array): Promise<string>;
22
+ verify(data: string | Uint8Array, signature: string | Uint8Array): Promise<boolean>;
23
+ }
24
+ //# sourceMappingURL=rsa-signer.d.ts.map
package/dist/x509/rsa-signer.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"rsa-signer.d.ts","sourceRoot":"","sources":["../../src/x509/rsa-signer.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAA;AACjD,OAAO,EAAE,GAAG,EAAE,MAAM,UAAU,CAAA;AAC9B,OAAO,EAA4B,oBAAoB,EAAE,mBAAmB,EAAE,MAAM,WAAW,CAAA;AAG/F,qBAAa,SAAS;IACpB,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAe;IAC7C,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAK;IAEzB,OAAO,CAAC,GAAG,CAAuB;IAClC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA4C;IAEnE;;;;OAIG;gBACS,GAAG,EAAE,MAAM,GAAG,GAAG,EAAE,IAAI,CAAC,EAAE;QAAE,aAAa,CAAC,EAAE,aAAa,CAAC;QAAC,MAAM,CAAC,EAAE,oBAAoB,GAAG,mBAAmB,CAAA;KAAE;IAW5H,OAAO,CAAC,eAAe;YAQT,MAAM;IAOpB,OAAO,CAAC,cAAc;IAKT,IAAI,CAAC,IAAI,EAAE,MAAM,GAAG,UAAU,GAAG,OAAO,CAAC,MAAM,CAAC;IAYhD,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,UAAU,EAAE,SAAS,EAAE,MAAM,GAAG,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC;CAQjG"}
package/dist/x509/rsa-signer.js ADDED
@@ -0,0 +1,102 @@
1
+ "use strict";
2
+ var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
3
+ if (k2 === undefined) k2 = k;
4
+ var desc = Object.getOwnPropertyDescriptor(m, k);
5
+ if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
6
+ desc = { enumerable: true, get: function() { return m[k]; } };
7
+ }
8
+ Object.defineProperty(o, k2, desc);
9
+ }) : (function(o, m, k, k2) {
10
+ if (k2 === undefined) k2 = k;
11
+ o[k2] = m[k];
12
+ }));
13
+ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
14
+ Object.defineProperty(o, "default", { enumerable: true, value: v });
15
+ }) : function(o, v) {
16
+ o["default"] = v;
17
+ });
18
+ var __importStar = (this && this.__importStar) || function (mod) {
19
+ if (mod && mod.__esModule) return mod;
20
+ var result = {};
21
+ if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
22
+ __setModuleDefault(result, mod);
23
+ return result;
24
+ };
25
+ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
26
+ function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
27
+ return new (P || (P = Promise))(function (resolve, reject) {
28
+ function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
29
+ function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
30
+ function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
31
+ step((generator = generator.apply(thisArg, _arguments || [])).next());
32
+ });
33
+ };
34
+ var __importDefault = (this && this.__importDefault) || function (mod) {
35
+ return (mod && mod.__esModule) ? mod : { "default": mod };
36
+ };
37
+ Object.defineProperty(exports, "__esModule", { value: true });
38
+ exports.RSASigner = void 0;
39
+ const u8a = __importStar(require("uint8arrays"));
40
+ const isomorphic_webcrypto_1 = __importDefault(require("@sphereon/isomorphic-webcrypto"));
41
+ const rsa_key_1 = require("./rsa-key");
42
+ const x509_utils_1 = require("./x509-utils");
43
+ class RSASigner {
44
+ /**
45
+ *
46
+ * @param key Either in PEM or JWK format (no raw hex keys here!)
47
+ * @param opts The algorithm and signature/encryption schemes
48
+ */
49
+ constructor(key, opts) {
50
+ var _a, _b;
51
+ if (typeof key === 'string') {
52
+ this.jwk = (0, x509_utils_1.PEMToJwk)(key);
53
+ }
54
+ else {
55
+ this.jwk = key;
56
+ }
57
+ this.hashAlgorithm = (_a = opts === null || opts === void 0 ? void 0 : opts.hashAlgorithm) !== null && _a !== void 0 ? _a : 'SHA-256';
58
+ this.scheme = (_b = opts === null || opts === void 0 ? void 0 : opts.scheme) !== null && _b !== void 0 ? _b : 'RSA-PSS';
59
+ }
60
+ getImportParams() {
61
+ if (this.scheme === 'RSA-PSS') {
62
+ return { name: this.scheme, saltLength: 32 };
63
+ }
64
+ // console.log({ name: this.scheme /*, hash: this.hashAlgorithm*/ })
65
+ return { name: this.scheme /*, hash: this.hashAlgorithm*/ };
66
+ }
67
+ getKey() {
68
+ return __awaiter(this, void 0, void 0, function* () {
69
+ if (!this.key) {
70
+ this.key = yield (0, rsa_key_1.cryptoSubtleImportRSAKey)(this.jwk, this.scheme, this.hashAlgorithm);
71
+ }
72
+ return this.key;
73
+ });
74
+ }
75
+ bufferToString(buf) {
76
+ const uint8Array = new Uint8Array(buf);
77
+ return u8a.toString(uint8Array, 'base64url'); // Needs to be base64url for JsonWebSignature2020. Don't change!
78
+ }
79
+ sign(data) {
80
+ return __awaiter(this, void 0, void 0, function* () {
81
+ const input = typeof data === 'string' ? u8a.fromString(data, 'utf-8') : data;
82
+ const key = yield this.getKey();
83
+ const signature = this.bufferToString(yield isomorphic_webcrypto_1.default.subtle.sign(this.getImportParams(), key, input));
84
+ if (!signature) {
85
+ throw Error('Could not sign input data');
86
+ }
87
+ // base64url signature
88
+ return signature;
89
+ });
90
+ }
91
+ verify(data, signature) {
92
+ return __awaiter(this, void 0, void 0, function* () {
93
+ const sig = typeof signature === 'string' ? signature : u8a.toString(signature, 'base64url');
94
+ const jws = sig.includes('.') ? sig.split('.')[2] : sig;
95
+ const input = typeof data == 'string' ? u8a.fromString(data, 'utf-8') : data;
96
+ const verificationResult = yield isomorphic_webcrypto_1.default.subtle.verify(this.getImportParams(), yield this.getKey(), u8a.fromString(jws, 'base64url'), input);
97
+ return verificationResult;
98
+ });
99
+ }
100
+ }
101
+ exports.RSASigner = RSASigner;
102
+ //# sourceMappingURL=rsa-signer.js.map
package/dist/x509/rsa-signer.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"rsa-signer.js","sourceRoot":"","sources":["../../src/x509/rsa-signer.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,iDAAkC;AAClC,0FAAmD;AAGnD,uCAA+F;AAC/F,6CAAuC;AAEvC,MAAa,SAAS;IAOpB;;;;OAIG;IACH,YAAY,GAAiB,EAAE,IAA6F;;QAC1H,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE;YAC3B,IAAI,CAAC,GAAG,GAAG,IAAA,qBAAQ,EAAC,GAAG,CAAC,CAAA;SACzB;aAAM;YACL,IAAI,CAAC,GAAG,GAAG,GAAG,CAAA;SACf;QAED,IAAI,CAAC,aAAa,GAAG,MAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,aAAa,mCAAI,SAAS,CAAA;QACrD,IAAI,CAAC,MAAM,GAAG,MAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,MAAM,mCAAI,SAAS,CAAA;IACzC,CAAC;IAEO,eAAe;QACrB,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,EAAE;YAC7B,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,MAAM,EAAE,UAAU,EAAE,EAAE,EAAE,CAAA;SAC7C;QACD,oEAAoE;QACpE,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,8BAA8B,EAAE,CAAA;IAC7D,CAAC;IAEa,MAAM;;YAClB,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE;gBACb,IAAI,CAAC,GAAG,GAAG,MAAM,IAAA,kCAAwB,EAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,aAAa,CAAC,CAAA;aACrF;YACD,OAAO,IAAI,CAAC,GAAG,CAAA;QACjB,CAAC;KAAA;IAEO,cAAc,CAAC,GAAgB;QACrC,MAAM,UAAU,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,CAAA;QACtC,OAAO,GAAG,CAAC,QAAQ,CAAC,UAAU,EAAE,WAAW,CAAC,CAAA,CAAC,gEAAgE;IAC/G,CAAC;IAEY,IAAI,CAAC,IAAyB;;YACzC,MAAM,KAAK,GAAG,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;YAC7E,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,MAAM,EAAE,CAAA;YAC/B,MAAM,SAAS,GAAG,IAAI,CAAC,cAAc,CAAC,MAAM,8BAAM,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,EAAE,GAAG,EAAE,KAAK,CAAC,CAAC,CAAA;YACnG,IAAI,CAAC,SAAS,EAAE;gBACd,MAAM,KAAK,CAAC,2BAA2B,CAAC,CAAA;aACzC;YAED,uBAAuB;YACvB,OAAO,SAAS,CAAA;QAClB,CAAC;KAAA;IAEY,MAAM,CAAC,IAAyB,EAAE,SAA8B;;YAC3E,MAAM,GAAG,GAAG,OAAO,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,EAAE,WAAW,CAAC,CAAA;YAC5F,MAAM,GAAG,GAAG,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAA;YAEvD,MAAM,KAAK,GAAG,OAAO,IAAI,IAAI,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;YAC5E,MAAM,kBAAkB,GAAG,MAAM,8BAAM,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,eAAe,EAAE,EAAE,MAAM,IAAI,CAAC,MAAM,EAAE,EAAE,GAAG,CAAC,UAAU,CAAC,GAAG,EAAE,WAAW,CAAC,EAAE,KAAK,CAAC,CAAA;YAC3I,OAAO,kBAAkB,CAAA;QAC3B,CAAC;KAAA;CACF;AA/DD,8BA+DC"}
package/dist/{x509-utils.d.ts → x509/x509-utils.d.ts} RENAMED
@@ -1,4 +1,4 @@
1
- import { JWK, KeyVisibility } from './types';
1
+ import { JWK, KeyVisibility } from '../types';
2
2
  export declare function pemCertChainTox5c(cert: string, maxDepth?: number): string[];
3
3
  export declare function x5cToPemCertChain(x5c: string[], maxDepth?: number): string;
4
4
  export declare const toKeyObject: (PEM: string, visibility?: KeyVisibility) => {
package/dist/x509/x509-utils.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"x509-utils.d.ts","sourceRoot":"","sources":["../../src/x509/x509-utils.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,GAAG,EAAE,aAAa,EAAE,MAAM,UAAU,CAAA;AAI7C,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAuB3E;AAED,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,MAAM,EAAE,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,MAAM,CAU1E;AAED,eAAO,MAAM,WAAW,QAAS,MAAM,eAAc,aAAa;;;;;CAWjE,CAAA;AAED,eAAO,MAAM,QAAQ,QAAS,GAAG,eAAc,aAAa,KAAc,MAEzE,CAAA;AAED,eAAO,MAAM,QAAQ,QAAS,MAAM,eAAc,aAAa,KAAc,GAE5E,CAAA;AACD,eAAO,MAAM,oBAAoB,QAAS,MAAM,WAE/C,CAAA;AAED,eAAO,MAAM,qBAAqB,QAAS,GAAG,eAAc,aAAa,KAAc,MAMtF,CAAA;AAED,eAAO,MAAM,mBAAmB,QAAS,MAAM,WAU9C,CAAA;AAED,eAAO,MAAM,QAAQ,QAAS,MAAM,cAAc,MAAM,KAAG,MAc1D,CAAA;AAED;;;;GAIG;AACH,eAAO,MAAM,WAAW,UAAW,MAAM,kBAAkB,WAAW,GAAG,cAAc,WAGtF,CAAA;AAUD,eAAO,MAAM,QAAQ,QAAS,MAAM,QAAQ,aAAa,KAAG,MAa3D,CAAA;AAED,wBAAgB,WAAW,CAAC,IAAI,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,YAAY,GAAG,iBAAiB,GAAG,aAAa,GAAG,aAAa,GAAG,MAAM,CAO9H"}
package/dist/x509/x509-utils.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"x509-utils.js","sourceRoot":"","sources":["../../src/x509/x509-utils.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,iDAAkC;AAClC,aAAa;AACb,yDAAgC;AAGhC,2BAA2B;AAC3B,+DAA+D;AAC/D,SAAgB,iBAAiB,CAAC,IAAY,EAAE,QAAiB;IAC/D,IAAI,CAAC,QAAQ,EAAE;QACb,QAAQ,GAAG,CAAC,CAAA;KACb;IACD;;;;;;OAMG;IAEH,MAAM,YAAY,GAAG,IAAI;SACtB,OAAO,CAAC,kBAAkB,EAAE,GAAG,CAAC;SAChC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC;SAClB,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAA;IACrB,IAAI,GAAG,GAAG,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC;QAClD,OAAO,CAAC,CAAC,MAAM,GAAG,CAAC,CAAA;IACrB,CAAC,CAAC,CAAA;IACF,IAAI,QAAQ,GAAG,CAAC,EAAE;QAChB,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAA;KAC9B;IACD,OAAO,GAAG,CAAA;AACZ,CAAC;AAvBD,8CAuBC;AAED,SAAgB,iBAAiB,CAAC,GAAa,EAAE,QAAiB;IAChE,IAAI,CAAC,QAAQ,EAAE;QACb,QAAQ,GAAG,CAAC,CAAA;KACb;IACD,MAAM,MAAM,GAAG,QAAQ,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,GAAG,CAAC,MAAM,CAAC,CAAA;IAC3E,IAAI,GAAG,GAAG,EAAE,CAAA;IACZ,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE,EAAE;QAC/B,GAAG,IAAI,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,aAAa,CAAC,CAAA;KAC1C;IACD,OAAO,GAAG,CAAA;AACZ,CAAC;AAVD,8CAUC;AAEM,MAAM,WAAW,GAAG,CAAC,GAAW,EAAE,aAA4B,QAAQ,EAAE,EAAE;IAC/E,MAAM,GAAG,GAAG,IAAA,gBAAQ,EAAC,GAAG,EAAE,UAAU,CAAC,CAAA;IACrC,MAAM,aAAa,GAAkB,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAA;IACjE,MAAM,MAAM,GAAG,aAAa,KAAK,SAAS,CAAC,CAAC,CAAC,IAAA,4BAAoB,EAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAA,2BAAmB,EAAC,GAAG,CAAC,CAAA;IAEjG,OAAO;QACL,GAAG,EAAE,IAAA,gBAAQ,EAAC,MAAM,EAAE,UAAU,CAAC;QACjC,GAAG;QACH,MAAM;QACN,OAAO,EAAE,aAAa;KACvB,CAAA;AACH,CAAC,CAAA;AAXY,QAAA,WAAW,eAWvB;AAEM,MAAM,QAAQ,GAAG,CAAC,GAAQ,EAAE,aAA4B,QAAQ,EAAU,EAAE;IACjF,OAAO,eAAK,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,QAAQ,CAAC,KAAK,EAAE,UAAU,KAAK,QAAQ,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,eAAe,CAAC,CAAA;AAC3G,CAAC,CAAA;AAFY,QAAA,QAAQ,YAEpB;AAEM,MAAM,QAAQ,GAAG,CAAC,GAAW,EAAE,aAA4B,QAAQ,EAAO,EAAE;IACjF,OAAO,eAAK,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,CAAA;AACjD,CAAC,CAAA;AAFY,QAAA,QAAQ,YAEpB;AACM,MAAM,oBAAoB,GAAG,CAAC,GAAW,EAAE,EAAE;IAClD,OAAO,IAAA,gBAAQ,EAAC,GAAG,CAAC,CAAA;AACtB,CAAC,CAAA;AAFY,QAAA,oBAAoB,wBAEhC;AAEM,MAAM,qBAAqB,GAAG,CAAC,GAAQ,EAAE,aAA4B,QAAQ,EAAU,EAAE;IAC9F,IAAI,UAAU,KAAK,SAAS,EAAE;QAC5B,OAAO,IAAA,4BAAoB,EAAC,IAAA,gBAAQ,EAAC,GAAG,EAAE,SAAS,CAAC,CAAC,CAAA;KACtD;SAAM;QACL,OAAO,IAAA,2BAAmB,EAAC,IAAA,gBAAQ,EAAC,GAAG,EAAE,QAAQ,CAAC,CAAC,CAAA;KACpD;AACH,CAAC,CAAA;AANY,QAAA,qBAAqB,yBAMjC;AAEM,MAAM,mBAAmB,GAAG,CAAC,GAAW,EAAE,EAAE;IACjD,MAAM,GAAG,GAAG,IAAA,gBAAQ,EAAC,GAAG,CAAC,CAAA;IACzB,IAAI,GAAG,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE;QAC/B,MAAM,KAAK,CAAC,4DAA4D,CAAC,CAAA;KAC1E;SAAM,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE;QACnC,OAAO,GAAG,CAAA;KACX;IACD,MAAM,SAAS,GAAG,IAAA,gBAAQ,EAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;IACzC,MAAM,SAAS,GAAG,IAAA,gBAAQ,EAAC,SAAS,EAAE,QAAQ,CAAC,CAAA;IAC/C,OAAO,IAAA,gBAAQ,EAAC,SAAS,CAAC,CAAA;AAC5B,CAAC,CAAA;AAVY,QAAA,mBAAmB,uBAU/B;AAEM,MAAM,QAAQ,GAAG,CAAC,GAAW,EAAE,SAAkB,EAAU,EAAE;IAClE,IAAI,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,EAAE;QACpC,MAAM,KAAK,CAAC,yBAAyB,SAAS,EAAE,CAAC,CAAA;KAClD;IAED,IAAI,WAAmB,CAAA;IACvB,IAAI,SAAS,EAAE;QACb,WAAW,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,MAAM,CAAC,kBAAkB,GAAG,SAAS,GAAG,OAAO,CAAC,EAAE,EAAE,CAAC,CAAA;QACnF,WAAW,GAAG,WAAW,CAAC,OAAO,CAAC,IAAI,MAAM,CAAC,WAAW,GAAG,SAAS,GAAG,YAAY,CAAC,EAAE,EAAE,CAAC,CAAA;KAC1F;SAAM;QACL,WAAW,GAAG,GAAG,CAAC,OAAO,CAAC,4BAA4B,EAAE,EAAE,CAAC,CAAA;QAC3D,WAAW,GAAG,WAAW,CAAC,OAAO,CAAC,0BAA0B,EAAE,EAAE,CAAC,CAAA;KAClE;IACD,OAAO,IAAA,mBAAW,EAAC,WAAW,EAAE,WAAW,CAAC,CAAA;AAC9C,CAAC,CAAA;AAdY,QAAA,QAAQ,YAcpB;AAED;;;;GAIG;AACI,MAAM,WAAW,GAAG,CAAC,KAAa,EAAE,aAA4C,EAAE,EAAE;IACzF,MAAM,gBAAgB,GAAG,KAAK,CAAC,OAAO,CAAC,oBAAoB,EAAE,EAAE,CAAC,CAAA;IAChE,OAAO,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAC,gBAAgB,EAAE,aAAa,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,WAAW,CAAC,EAAE,QAAQ,CAAC,CAAA;AAC9G,CAAC,CAAA;AAHY,QAAA,WAAW,eAGvB;AAED,MAAM,WAAW,GAAG,CAAC,KAA+B,EAAE,cAA6C,EAAU,EAAE;IAC7G,IAAI,GAAG,GAAG,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAA;IAChE,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,KAAK,CAAC,EAAE;QACxB,GAAG,GAAG,IAAI,GAAG,EAAE,CAAA;KAChB;IACD,OAAO,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAC,GAAG,EAAE,QAAQ,CAAC,EAAE,cAAc,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,WAAW,CAAC,CAAA;AACnG,CAAC,CAAA;AAEM,MAAM,QAAQ,GAAG,CAAC,GAAW,EAAE,IAAmB,EAAU,EAAE;IACnE,MAAM,MAAM,GAAG,WAAW,CAAC,GAAG,EAAE,WAAW,CAAC,CAAA;IAC5C,MAAM,SAAS,GAAG,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,YAAY,CAAA;IACvE,IAAI,IAAI,KAAK,SAAS,EAAE;QACtB,MAAM,GAAG,GAAG,WAAW,CAAC,MAAM,EAAE,SAAS,CAAC,CAAA;QAC1C,IAAI;YACF,IAAA,gBAAQ,EAAC,GAAG,CAAC,CAAA,CAAC,yCAAyC;YACvD,OAAO,GAAG,CAAA;SACX;QAAC,OAAO,KAAK,EAAE;YACd,OAAO,WAAW,CAAC,MAAM,EAAE,aAAa,CAAC,CAAA;SAC1C;KACF;IACD,OAAO,WAAW,CAAC,MAAM,EAAE,SAAS,CAAC,CAAA;AACvC,CAAC,CAAA;AAbY,QAAA,QAAQ,YAapB;AAED,SAAgB,WAAW,CAAC,IAAY,EAAE,SAA4E;IACpH,MAAM,GAAG,GAAG,SAAS,aAAT,SAAS,cAAT,SAAS,GAAI,aAAa,CAAA;IACtC,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAA;IACtC,IAAI,CAAC,OAAO,EAAE;QACZ,MAAM,KAAK,CAAC,mCAAmC,CAAC,CAAA;KACjD;IACD,OAAO,cAAc,GAAG,UAAU,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,GAAG,SAAS,CAAA;AAChF,CAAC;AAPD,kCAOC"}
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@sphereon/ssi-sdk-ext.key-utils",
3
3
  "description": "Sphereon SSI-SDK plugin for key creation.",
4
- "version": "0.12.2-next.4+f930958",
4
+ "version": "0.12.2-unstable.11+8335fbe",
5
5
  "source": "src/index.ts",
6
6
  "main": "dist/index.js",
7
7
  "types": "dist/index.d.ts",
@@ -11,9 +11,11 @@
11
11
  },
12
12
  "dependencies": {
13
13
  "@ethersproject/random": "^5.6.1",
14
+ "@sphereon/isomorphic-webcrypto": "^2.4.0-unstable.4",
14
15
  "@stablelib/ed25519": "^1.0.2",
15
16
  "@stablelib/sha256": "^1.0.1",
16
17
  "@stablelib/sha512": "^1.0.1",
18
+ "@veramo/core": "4.2.0",
17
19
  "base64url": "^3.0.1",
18
20
  "debug": "^4.3.4",
19
21
  "did-resolver": "^4.1.0",
@@ -45,5 +47,5 @@
45
47
  "DID",
46
48
  "Veramo"
47
49
  ],
48
- "gitHead": "f9309583995e9ff10f1dc7cd09197be5edb614d5"
50
+ "gitHead": "8335fbe16e4a7740a11e225c99afb516c305d27f"
49
51
  }
package/src/functions.ts CHANGED
@@ -1,39 +1,95 @@
1
1
  import { randomBytes } from '@ethersproject/random'
2
2
  import { generateKeyPair as generateSigningKeyPair } from '@stablelib/ed25519'
3
+ import { IAgentContext, IKey, IKeyManager } from '@veramo/core'
3
4
 
4
5
  import { JsonWebKey } from 'did-resolver'
5
- import * as u8a from 'uint8arrays'
6
- import { ENC_KEY_ALGS, Key, KeyCurve, KeyType, JwkKeyUse, SIG_KEY_ALGS, TKeyType } from './types'
7
6
  import elliptic from 'elliptic'
7
+ import * as u8a from 'uint8arrays'
8
+ import { ENC_KEY_ALGS, IImportProvidedOrGeneratedKeyArgs, JwkKeyUse, KeyCurve, KeyType, SIG_KEY_ALGS, TKeyType } from './types'
9
+ import { generateRSAKeyAsPEM, hexToPEM, PEMToJwk, privateKeyHexFromPEM } from './x509'
8
10
 
9
11
  /**
10
12
  * Generates a random Private Hex Key for the specified key type
11
13
  * @param type The key type
12
14
  * @return The private key in Hex form
13
15
  */
14
- export const generatePrivateKeyHex = (type: TKeyType): string => {
16
+ export const generatePrivateKeyHex = async (type: TKeyType): Promise<string> => {
15
17
  switch (type) {
16
- case Key.Ed25519: {
18
+ case 'Ed25519': {
17
19
  const keyPairEd25519 = generateSigningKeyPair()
18
20
  return u8a.toString(keyPairEd25519.secretKey, 'base16')
19
21
  }
20
22
  // The Secp256 types use the same method to generate the key
21
- case Key.Secp256r1:
22
- case Key.Secp256k1: {
23
+ case 'Secp256r1':
24
+ case 'Secp256k1': {
23
25
  const privateBytes = randomBytes(32)
24
26
  return u8a.toString(privateBytes, 'base16')
25
27
  }
28
+ case 'RSA': {
29
+ const pem = await generateRSAKeyAsPEM('RSA-PSS', 'SHA-256', 2048)
30
+ return privateKeyHexFromPEM(pem)
31
+ }
26
32
  default:
27
33
  throw Error(`not_supported: Key type ${type} not yet supported for this did:jwk implementation`)
28
34
  }
29
35
  }
30
36
 
37
+ /**
38
+ * We optionally generate and then import our own keys.
39
+ *
40
+ * @param args The key arguments
41
+ * @param context The Veramo agent context
42
+ * @private
43
+ */
44
+ export async function importProvidedOrGeneratedKey(
45
+ args: IImportProvidedOrGeneratedKeyArgs & {
46
+ kms: string
47
+ },
48
+ context: IAgentContext<IKeyManager>
49
+ ): Promise<IKey> {
50
+ // @ts-ignore
51
+ const type = args.options?.type ?? args.options?.key?.type ?? args.options?.keyType ?? 'Secp256r1'
52
+ const key = args?.options?.key
53
+ // Make sure x509 options are also set on the metadata as that is what the kms will look for
54
+ if (args.options?.x509 && key && !key?.meta?.x509) {
55
+ key.meta = {
56
+ ...key.meta,
57
+ x509: {
58
+ ...key.meta?.x509,
59
+ ...args.options.x509,
60
+ },
61
+ }
62
+ }
63
+
64
+ if (args.options && args.options?.use === JwkKeyUse.Encryption && !ENC_KEY_ALGS.includes(type)) {
65
+ throw new Error(`${type} keys are not valid for encryption`)
66
+ }
67
+
68
+ let privateKeyHex: string
69
+ if (key) {
70
+ privateKeyHex = key.privateKeyHex ?? key.meta?.x509?.privateKeyHex
71
+ if (!privateKeyHex && !key.meta?.x509?.privateKeyPEM) {
72
+ throw new Error(`We need to have a private key in Hex or PEM when importing a key`)
73
+ }
74
+ } else {
75
+ privateKeyHex = await generatePrivateKeyHex(type)
76
+ }
77
+
78
+ return context.agent.keyManagerImport({
79
+ ...key,
80
+ kms: args.kms,
81
+ type,
82
+ privateKeyHex,
83
+ })
84
+ }
85
+
31
86
  /**
32
87
  * Converts hex value to base64url
33
88
  * @param value hex value
34
89
  * @return Base64Url encoded value
35
90
  */
36
91
  export const hex2base64url = (value: string) => {
92
+ //fixme: Buffer to u8a
37
93
  const buffer = Buffer.from(value, 'hex')
38
94
  const base64 = buffer.toString('base64')
39
95
  const base64url = base64.replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, '')
@@ -45,17 +101,26 @@ export const hex2base64url = (value: string) => {
45
101
  * Converts a public key in hex format to a JWK
46
102
  * @param publicKeyHex public key in hex
47
103
  * @param type The type of the key (Ed25519, Secp256k1/r1)
48
- * @param use The optional use for the key (sig/enc)
104
+ * @param opts. Options, like the optional use for the key (sig/enc)
49
105
  * @return The JWK
50
106
  */
51
- export const toJwk = (publicKeyHex: string, type: TKeyType, use?: JwkKeyUse): JsonWebKey => {
107
+ export const toJwk = (publicKeyHex: string, type: TKeyType, opts?: { use?: JwkKeyUse; key?: IKey }): JsonWebKey => {
108
+ const { key } = opts ?? {}
109
+ if (key && key.publicKeyHex !== publicKeyHex) {
110
+ throw Error(`Provided key with id ${key.kid}, has a different public key hex than supplied public key ${publicKeyHex}`)
111
+ }
52
112
  switch (type) {
53
- case Key.Ed25519:
54
- return toEd25519Jwk(publicKeyHex, use)
55
- case Key.Secp256k1:
56
- return toSecp256k1Jwk(publicKeyHex, use)
57
- case Key.Secp256r1:
58
- return toSecp256r1Jwk(publicKeyHex, use)
113
+ case 'Ed25519':
114
+ return toEd25519OrX25519Jwk(publicKeyHex, { ...opts, crv: KeyCurve.Ed25519 })
115
+ case 'X25519':
116
+ return toEd25519OrX25519Jwk(publicKeyHex, { ...opts, crv: KeyCurve.X25519 })
117
+ case 'Secp256k1':
118
+ return toSecp256k1Jwk(publicKeyHex, opts)
119
+ case 'Secp256r1':
120
+ return toSecp256r1Jwk(publicKeyHex, opts)
121
+ case 'RSA':
122
+ return toRSAJwk(publicKeyHex, opts)
123
+
59
124
  default:
60
125
  throw new Error(`not_supported: Key type ${type} not yet supported for this did:jwk implementation`)
61
126
  }
@@ -81,10 +146,18 @@ export const jwkDetermineUse = (type: TKeyType, suppliedUse?: JwkKeyUse): JwkKey
81
146
  * Assert the key has a proper length
82
147
  *
83
148
  * @param keyHex Input key
84
- * @param expectedKeyLength Expected key length
149
+ * @param expectedKeyLength Expected key length(s)
85
150
  */
86
- const assertProperKeyLength = (keyHex: string, expectedKeyLength: number) => {
87
- if (keyHex.length !== expectedKeyLength) {
151
+ const assertProperKeyLength = (keyHex: string, expectedKeyLength: number | number[]) => {
152
+ if (Array.isArray(expectedKeyLength)) {
153
+ if (expectedKeyLength.includes(keyHex.length)) {
154
+ throw Error(
155
+ `Invalid key length. Needs to be a hex string with length from ${JSON.stringify(expectedKeyLength)} instead of ${
156
+ keyHex.length
157
+ }. Input: ${keyHex}`
158
+ )
159
+ }
160
+ } else if (keyHex.length !== expectedKeyLength) {
88
161
  throw Error(`Invalid key length. Needs to be a hex string with length ${expectedKeyLength} instead of ${keyHex.length}. Input: ${keyHex}`)
89
162
  }
90
163
  }
@@ -95,8 +168,9 @@ const assertProperKeyLength = (keyHex: string, expectedKeyLength: number) => {
95
168
  * @param use The use for the key
96
169
  * @return The JWK
97
170
  */
98
- const toSecp256k1Jwk = (publicKeyHex: string, use?: JwkKeyUse): JsonWebKey => {
171
+ const toSecp256k1Jwk = (publicKeyHex: string, opts?: { use?: JwkKeyUse }): JsonWebKey => {
99
172
  assertProperKeyLength(publicKeyHex, 130)
173
+ const { use } = opts ?? {}
100
174
  return {
101
175
  alg: 'ES256K',
102
176
  ...(use !== undefined && { use }),
@@ -113,12 +187,9 @@ const toSecp256k1Jwk = (publicKeyHex: string, use?: JwkKeyUse): JsonWebKey => {
113
187
  * @param use The use for the key
114
188
  * @return The JWK
115
189
  */
116
- const toSecp256r1Jwk = (publicKeyHex: string, use?: JwkKeyUse): JsonWebKey => {
117
- const prefix = ''
118
- /*if (publicKeyHex.length === 128) {
119
- prefix = "04"
120
- }*/
121
- const publicKey = `${prefix}${publicKeyHex}` // We add the 'uncompressed' type 04 prefix
190
+ const toSecp256r1Jwk = (publicKeyHex: string, opts?: { use?: JwkKeyUse }): JsonWebKey => {
191
+ const { use } = opts ?? {}
192
+ const publicKey = publicKeyHex
122
193
  assertProperKeyLength(publicKey, 66)
123
194
 
124
195
  const secp256r1 = new elliptic.ec('p256')
@@ -135,18 +206,38 @@ const toSecp256r1Jwk = (publicKeyHex: string, use?: JwkKeyUse): JsonWebKey => {
135
206
  }
136
207
 
137
208
  /**
138
- * Generates a JWK from an Ed25519 public key
139
- * @param publicKeyHex Ed25519 public key in hex
209
+ * Generates a JWK from an Ed25519/X25519 public key
210
+ * @param publicKeyHex Ed25519/X25519 public key in hex
140
211
  * @param use The use for the key
141
212
  * @return The JWK
142
213
  */
143
- const toEd25519Jwk = (publicKeyHex: string, use?: JwkKeyUse): JsonWebKey => {
214
+ const toEd25519OrX25519Jwk = (
215
+ publicKeyHex: string,
216
+ opts: {
217
+ use?: JwkKeyUse
218
+ crv: KeyCurve.Ed25519 | KeyCurve.X25519
219
+ }
220
+ ): JsonWebKey => {
144
221
  assertProperKeyLength(publicKeyHex, 64)
222
+ const { use } = opts ?? {}
145
223
  return {
146
224
  alg: 'EdDSA',
147
225
  ...(use !== undefined && { use }),
148
226
  kty: KeyType.OKP,
149
- crv: KeyCurve.Ed25519,
227
+ crv: opts?.crv ?? KeyCurve.Ed25519,
150
228
  x: hex2base64url(publicKeyHex.substr(0, 64)),
151
229
  }
152
230
  }
231
+
232
+ const toRSAJwk = (publicKeyHex: string, opts?: { use?: JwkKeyUse; key?: IKey }): JsonWebKey => {
233
+ const { key } = opts ?? {}
234
+ // const publicKey = publicKeyHex
235
+ // assertProperKeyLength(publicKey, [2048, 3072, 4096])
236
+
237
+ if (key?.meta?.publicKeyJwk) {
238
+ return key.meta.publicKeyJwk as JsonWebKey
239
+ }
240
+
241
+ const publicKeyPEM = key?.meta?.publicKeyPEM ?? hexToPEM(publicKeyHex, 'public')
242
+ return PEMToJwk(publicKeyPEM, 'public') as JsonWebKey
243
+ }
package/src/index.ts CHANGED
@@ -4,8 +4,9 @@
4
4
  *
5
5
  * @packageDocumentation
6
6
  */
7
+ export * from './x509'
7
8
  export * from './functions'
8
9
  export * from './jwk-jcs'
9
10
  export * from './types'
10
- export * from './x509-utils'
11
+ export * from './x509/x509-utils'
11
12
  export * from './digest-methods'
package/src/types/key-util-types.ts CHANGED
@@ -1,3 +1,5 @@
1
+ import { MinimalImportableKey } from '@veramo/core'
2
+
1
3
  export const JWK_JCS_PUB_NAME = 'jwk_jcs-pub'
2
4
  export const JWK_JCS_PUB_PREFIX = 0xeb51
3
5
 
@@ -18,11 +20,13 @@ export enum KeyCurve {
18
20
  Secp256k1 = 'secp256k1',
19
21
  P_256 = 'P-256',
20
22
  Ed25519 = 'Ed25519',
23
+ X25519 = 'X25519',
21
24
  }
22
25
 
23
26
  export enum KeyType {
24
27
  EC = 'EC',
25
28
  OKP = 'OKP',
29
+ RSA = 'RSA',
26
30
  }
27
31
 
28
32
  export const SIG_KEY_ALGS = ['ES256', 'ES384', 'ES512', 'EdDSA', 'ES256K', 'Ed25519', 'Secp256k1', 'Secp256r1', 'Bls12381G1', 'Bls12381G2']
@@ -42,3 +46,19 @@ export interface X509Opts {
42
46
  certificateChainURL?: string // Certificate chain URL. If used this is where the certificateChainPEM will be hosted/found.
43
47
  certificateChainPEM?: string // Base64 (not url!) encoded DER certificate chain. Please provide even if certificateChainURL is used!
44
48
  }
49
+
50
+ export interface IImportProvidedOrGeneratedKeyArgs {
51
+ kms?: string
52
+ options?: IKeyOpts
53
+ }
54
+ export interface IKeyOpts {
55
+ key?: WithRequiredProperty<Partial<MinimalImportableKey>, 'privateKeyHex'> // Optional key to import with only privateKeyHex mandatory. If not specified a key with random kid will be created
56
+ type?: TKeyType // The key type. Defaults to Secp256k1
57
+ use?: JwkKeyUse // The key use
58
+ x509?: X509Opts
59
+ }
60
+
61
+ // Needed to make a single property required
62
+ type WithRequiredProperty<Type, Key extends keyof Type> = Type & {
63
+ [Property in Key]-?: Type[Property]
64
+ }
package/src/x509/index.ts ADDED
@@ -0,0 +1,3 @@
1
+ export * from './rsa-key'
2
+ export * from './rsa-signer'
3
+ export * from './x509-utils'
package/src/x509/rsa-key.ts ADDED
@@ -0,0 +1,62 @@
1
+ import crypto from '@sphereon/isomorphic-webcrypto'
2
+ import * as u8a from 'uint8arrays'
3
+ import { HashAlgorithm } from '../digest-methods'
4
+ import { JWK } from '../types'
5
+ import { base64ToPEM } from './x509-utils'
6
+
7
+ export type RSASignatureSchemes = 'RSASSA-PKCS1-V1_5' | 'RSA-PSS'
8
+
9
+ export type RSAEncryptionSchemes = 'RSAES-PKCS-v1_5 ' | 'RSAES-OAEP'
10
+
11
+ const usage = (jwk: JWK): KeyUsage[] => {
12
+ // "decrypt" | "deriveBits" | "deriveKey" | "encrypt" | "sign" | "unwrapKey" | "verify" | "wrapKey";
13
+ return jwk.d ? ['sign', 'decrypt', 'verify', 'encrypt'] : ['verify', 'encrypt']
14
+ }
15
+
16
+ export const signAlgorithmToSchemeAndHashAlg = (signingAlg: string) => {
17
+ const alg = signingAlg.toUpperCase()
18
+ let scheme: RSAEncryptionSchemes | RSASignatureSchemes
19
+ if (alg.startsWith('RS')) {
20
+ scheme = 'RSASSA-PKCS1-V1_5'
21
+ } else if (alg.startsWith('PS')) {
22
+ scheme = 'RSA-PSS'
23
+ } else {
24
+ throw Error(`Invalid signing algorithm supplied ${signingAlg}`)
25
+ }
26
+
27
+ const hashAlgorithm = `SHA-${alg.substring(2)}` as HashAlgorithm
28
+ return { scheme, hashAlgorithm }
29
+ }
30
+
31
+ export const cryptoSubtleImportRSAKey = async (
32
+ jwk: JWK,
33
+ scheme: RSAEncryptionSchemes | RSASignatureSchemes,
34
+ hashAlgorithm?: HashAlgorithm
35
+ ): Promise<CryptoKey> => {
36
+ const hashName = hashAlgorithm ? hashAlgorithm : jwk.alg ? `SHA-${jwk.alg.substring(2)}` : 'SHA-256'
37
+
38
+ const importParams: RsaHashedImportParams = { name: scheme, hash: hashName }
39
+ return await crypto.subtle.importKey('jwk', jwk as JsonWebKey, importParams, false, usage(jwk))
40
+ }
41
+
42
+ export const generateRSAKeyAsPEM = async (
43
+ scheme: RSAEncryptionSchemes | RSASignatureSchemes,
44
+ hashAlgorithm?: HashAlgorithm,
45
+ modulusLength?: number
46
+ ): Promise<string> => {
47
+ const hashName = hashAlgorithm ? hashAlgorithm : 'SHA-256'
48
+
49
+ const params: RsaHashedKeyGenParams = {
50
+ name: scheme,
51
+ hash: hashName,
52
+ modulusLength: modulusLength ? modulusLength : 2048,
53
+ publicExponent: new Uint8Array([1, 0, 1]),
54
+ }
55
+ const keyUsage: KeyUsage[] = scheme === 'RSA-PSS' || scheme === 'RSASSA-PKCS1-V1_5' ? ['sign', 'verify'] : ['encrypt', 'decrypt']
56
+
57
+ const keypair = await crypto.subtle.generateKey(params, true, keyUsage)
58
+ const pkcs8 = await crypto.subtle.exportKey('pkcs8', keypair.privateKey)
59
+
60
+ const uint8Array = new Uint8Array(pkcs8)
61
+ return base64ToPEM(u8a.toString(uint8Array, 'base64pad'), 'RSA PRIVATE KEY')
62
+ }
package/src/x509/rsa-signer.ts ADDED
@@ -0,0 +1,71 @@
1
+ import * as u8a from 'uint8arrays'
2
+ import crypto from '@sphereon/isomorphic-webcrypto'
3
+ import { HashAlgorithm } from '../digest-methods'
4
+ import { JWK } from '../types'
5
+ import { cryptoSubtleImportRSAKey, RSAEncryptionSchemes, RSASignatureSchemes } from './rsa-key'
6
+ import { PEMToJwk } from './x509-utils'
7
+
8
+ export class RSASigner {
9
+ private readonly hashAlgorithm: HashAlgorithm
10
+ private readonly jwk: JWK
11
+
12
+ private key: CryptoKey | undefined
13
+ private readonly scheme: RSAEncryptionSchemes | RSASignatureSchemes
14
+
15
+ /**
16
+ *
17
+ * @param key Either in PEM or JWK format (no raw hex keys here!)
18
+ * @param opts The algorithm and signature/encryption schemes
19
+ */
20
+ constructor(key: string | JWK, opts?: { hashAlgorithm?: HashAlgorithm; scheme?: RSAEncryptionSchemes | RSASignatureSchemes }) {
21
+ if (typeof key === 'string') {
22
+ this.jwk = PEMToJwk(key)
23
+ } else {
24
+ this.jwk = key
25
+ }
26
+
27
+ this.hashAlgorithm = opts?.hashAlgorithm ?? 'SHA-256'
28
+ this.scheme = opts?.scheme ?? 'RSA-PSS'
29
+ }
30
+
31
+ private getImportParams(): AlgorithmIdentifier | RsaPssParams {
32
+ if (this.scheme === 'RSA-PSS') {
33
+ return { name: this.scheme, saltLength: 32 }
34
+ }
35
+ // console.log({ name: this.scheme /*, hash: this.hashAlgorithm*/ })
36
+ return { name: this.scheme /*, hash: this.hashAlgorithm*/ }
37
+ }
38
+
39
+ private async getKey(): Promise<CryptoKey> {
40
+ if (!this.key) {
41
+ this.key = await cryptoSubtleImportRSAKey(this.jwk, this.scheme, this.hashAlgorithm)
42
+ }
43
+ return this.key
44
+ }
45
+
46
+ private bufferToString(buf: ArrayBuffer) {
47
+ const uint8Array = new Uint8Array(buf)
48
+ return u8a.toString(uint8Array, 'base64url') // Needs to be base64url for JsonWebSignature2020. Don't change!
49
+ }
50
+
51
+ public async sign(data: string | Uint8Array): Promise<string> {
52
+ const input = typeof data === 'string' ? u8a.fromString(data, 'utf-8') : data
53
+ const key = await this.getKey()
54
+ const signature = this.bufferToString(await crypto.subtle.sign(this.getImportParams(), key, input))
55
+ if (!signature) {
56
+ throw Error('Could not sign input data')
57
+ }
58
+
59
+ // base64url signature
60
+ return signature
61
+ }
62
+
63
+ public async verify(data: string | Uint8Array, signature: string | Uint8Array): Promise<boolean> {
64
+ const sig = typeof signature === 'string' ? signature : u8a.toString(signature, 'base64url')
65
+ const jws = sig.includes('.') ? sig.split('.')[2] : sig
66
+
67
+ const input = typeof data == 'string' ? u8a.fromString(data, 'utf-8') : data
68
+ const verificationResult = await crypto.subtle.verify(this.getImportParams(), await this.getKey(), u8a.fromString(jws, 'base64url'), input)
69
+ return verificationResult
70
+ }
71
+ }
package/src/{x509-utils.ts → x509/x509-utils.ts} RENAMED
@@ -1,7 +1,7 @@
1
1
  import * as u8a from 'uint8arrays'
2
2
  // @ts-ignore
3
3
  import keyto from '@trust/keyto'
4
- import { JWK, KeyVisibility } from './types'
4
+ import { JWK, KeyVisibility } from '../types'
5
5
 
6
6
  // Based on (MIT licensed):
7
7
  // https://github.com/hildjj/node-posh/blob/master/lib/index.js
package/dist/x509-utils.d.ts.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"x509-utils.d.ts","sourceRoot":"","sources":["../src/x509-utils.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,GAAG,EAAE,aAAa,EAAE,MAAM,SAAS,CAAA;AAI5C,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAuB3E;AAED,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,MAAM,EAAE,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,MAAM,CAU1E;AAED,eAAO,MAAM,WAAW,QAAS,MAAM,eAAc,aAAa;;;;;CAWjE,CAAA;AAED,eAAO,MAAM,QAAQ,QAAS,GAAG,eAAc,aAAa,KAAc,MAEzE,CAAA;AAED,eAAO,MAAM,QAAQ,QAAS,MAAM,eAAc,aAAa,KAAc,GAE5E,CAAA;AACD,eAAO,MAAM,oBAAoB,QAAS,MAAM,WAE/C,CAAA;AAED,eAAO,MAAM,qBAAqB,QAAS,GAAG,eAAc,aAAa,KAAc,MAMtF,CAAA;AAED,eAAO,MAAM,mBAAmB,QAAS,MAAM,WAU9C,CAAA;AAED,eAAO,MAAM,QAAQ,QAAS,MAAM,cAAc,MAAM,KAAG,MAc1D,CAAA;AAED;;;;GAIG;AACH,eAAO,MAAM,WAAW,UAAW,MAAM,kBAAkB,WAAW,GAAG,cAAc,WAGtF,CAAA;AAUD,eAAO,MAAM,QAAQ,QAAS,MAAM,QAAQ,aAAa,KAAG,MAa3D,CAAA;AAED,wBAAgB,WAAW,CAAC,IAAI,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,YAAY,GAAG,iBAAiB,GAAG,aAAa,GAAG,aAAa,GAAG,MAAM,CAO9H"}
package/dist/x509-utils.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"x509-utils.js","sourceRoot":"","sources":["../src/x509-utils.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,iDAAkC;AAClC,aAAa;AACb,yDAAgC;AAGhC,2BAA2B;AAC3B,+DAA+D;AAC/D,SAAgB,iBAAiB,CAAC,IAAY,EAAE,QAAiB;IAC/D,IAAI,CAAC,QAAQ,EAAE;QACb,QAAQ,GAAG,CAAC,CAAA;KACb;IACD;;;;;;OAMG;IAEH,MAAM,YAAY,GAAG,IAAI;SACtB,OAAO,CAAC,kBAAkB,EAAE,GAAG,CAAC;SAChC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC;SAClB,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAA;IACrB,IAAI,GAAG,GAAG,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC;QAClD,OAAO,CAAC,CAAC,MAAM,GAAG,CAAC,CAAA;IACrB,CAAC,CAAC,CAAA;IACF,IAAI,QAAQ,GAAG,CAAC,EAAE;QAChB,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAA;KAC9B;IACD,OAAO,GAAG,CAAA;AACZ,CAAC;AAvBD,8CAuBC;AAED,SAAgB,iBAAiB,CAAC,GAAa,EAAE,QAAiB;IAChE,IAAI,CAAC,QAAQ,EAAE;QACb,QAAQ,GAAG,CAAC,CAAA;KACb;IACD,MAAM,MAAM,GAAG,QAAQ,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,GAAG,CAAC,MAAM,CAAC,CAAA;IAC3E,IAAI,GAAG,GAAG,EAAE,CAAA;IACZ,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE,EAAE;QAC/B,GAAG,IAAI,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,aAAa,CAAC,CAAA;KAC1C;IACD,OAAO,GAAG,CAAA;AACZ,CAAC;AAVD,8CAUC;AAEM,MAAM,WAAW,GAAG,CAAC,GAAW,EAAE,aAA4B,QAAQ,EAAE,EAAE;IAC/E,MAAM,GAAG,GAAG,IAAA,gBAAQ,EAAC,GAAG,EAAE,UAAU,CAAC,CAAA;IACrC,MAAM,aAAa,GAAkB,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAA;IACjE,MAAM,MAAM,GAAG,aAAa,KAAK,SAAS,CAAC,CAAC,CAAC,IAAA,4BAAoB,EAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAA,2BAAmB,EAAC,GAAG,CAAC,CAAA;IAEjG,OAAO;QACL,GAAG,EAAE,IAAA,gBAAQ,EAAC,MAAM,EAAE,UAAU,CAAC;QACjC,GAAG;QACH,MAAM;QACN,OAAO,EAAE,aAAa;KACvB,CAAA;AACH,CAAC,CAAA;AAXY,QAAA,WAAW,eAWvB;AAEM,MAAM,QAAQ,GAAG,CAAC,GAAQ,EAAE,aAA4B,QAAQ,EAAU,EAAE;IACjF,OAAO,eAAK,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,QAAQ,CAAC,KAAK,EAAE,UAAU,KAAK,QAAQ,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,eAAe,CAAC,CAAA;AAC3G,CAAC,CAAA;AAFY,QAAA,QAAQ,YAEpB;AAEM,MAAM,QAAQ,GAAG,CAAC,GAAW,EAAE,aAA4B,QAAQ,EAAO,EAAE;IACjF,OAAO,eAAK,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,CAAA;AACjD,CAAC,CAAA;AAFY,QAAA,QAAQ,YAEpB;AACM,MAAM,oBAAoB,GAAG,CAAC,GAAW,EAAE,EAAE;IAClD,OAAO,IAAA,gBAAQ,EAAC,GAAG,CAAC,CAAA;AACtB,CAAC,CAAA;AAFY,QAAA,oBAAoB,wBAEhC;AAEM,MAAM,qBAAqB,GAAG,CAAC,GAAQ,EAAE,aAA4B,QAAQ,EAAU,EAAE;IAC9F,IAAI,UAAU,KAAK,SAAS,EAAE;QAC5B,OAAO,IAAA,4BAAoB,EAAC,IAAA,gBAAQ,EAAC,GAAG,EAAE,SAAS,CAAC,CAAC,CAAA;KACtD;SAAM;QACL,OAAO,IAAA,2BAAmB,EAAC,IAAA,gBAAQ,EAAC,GAAG,EAAE,QAAQ,CAAC,CAAC,CAAA;KACpD;AACH,CAAC,CAAA;AANY,QAAA,qBAAqB,yBAMjC;AAEM,MAAM,mBAAmB,GAAG,CAAC,GAAW,EAAE,EAAE;IACjD,MAAM,GAAG,GAAG,IAAA,gBAAQ,EAAC,GAAG,CAAC,CAAA;IACzB,IAAI,GAAG,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE;QAC/B,MAAM,KAAK,CAAC,4DAA4D,CAAC,CAAA;KAC1E;SAAM,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE;QACnC,OAAO,GAAG,CAAA;KACX;IACD,MAAM,SAAS,GAAG,IAAA,gBAAQ,EAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;IACzC,MAAM,SAAS,GAAG,IAAA,gBAAQ,EAAC,SAAS,EAAE,QAAQ,CAAC,CAAA;IAC/C,OAAO,IAAA,gBAAQ,EAAC,SAAS,CAAC,CAAA;AAC5B,CAAC,CAAA;AAVY,QAAA,mBAAmB,uBAU/B;AAEM,MAAM,QAAQ,GAAG,CAAC,GAAW,EAAE,SAAkB,EAAU,EAAE;IAClE,IAAI,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,EAAE;QACpC,MAAM,KAAK,CAAC,yBAAyB,SAAS,EAAE,CAAC,CAAA;KAClD;IAED,IAAI,WAAmB,CAAA;IACvB,IAAI,SAAS,EAAE;QACb,WAAW,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,MAAM,CAAC,kBAAkB,GAAG,SAAS,GAAG,OAAO,CAAC,EAAE,EAAE,CAAC,CAAA;QACnF,WAAW,GAAG,WAAW,CAAC,OAAO,CAAC,IAAI,MAAM,CAAC,WAAW,GAAG,SAAS,GAAG,YAAY,CAAC,EAAE,EAAE,CAAC,CAAA;KAC1F;SAAM;QACL,WAAW,GAAG,GAAG,CAAC,OAAO,CAAC,4BAA4B,EAAE,EAAE,CAAC,CAAA;QAC3D,WAAW,GAAG,WAAW,CAAC,OAAO,CAAC,0BAA0B,EAAE,EAAE,CAAC,CAAA;KAClE;IACD,OAAO,IAAA,mBAAW,EAAC,WAAW,EAAE,WAAW,CAAC,CAAA;AAC9C,CAAC,CAAA;AAdY,QAAA,QAAQ,YAcpB;AAED;;;;GAIG;AACI,MAAM,WAAW,GAAG,CAAC,KAAa,EAAE,aAA4C,EAAE,EAAE;IACzF,MAAM,gBAAgB,GAAG,KAAK,CAAC,OAAO,CAAC,oBAAoB,EAAE,EAAE,CAAC,CAAA;IAChE,OAAO,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAC,gBAAgB,EAAE,aAAa,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,WAAW,CAAC,EAAE,QAAQ,CAAC,CAAA;AAC9G,CAAC,CAAA;AAHY,QAAA,WAAW,eAGvB;AAED,MAAM,WAAW,GAAG,CAAC,KAA+B,EAAE,cAA6C,EAAU,EAAE;IAC7G,IAAI,GAAG,GAAG,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAA;IAChE,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,KAAK,CAAC,EAAE;QACxB,GAAG,GAAG,IAAI,GAAG,EAAE,CAAA;KAChB;IACD,OAAO,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAC,GAAG,EAAE,QAAQ,CAAC,EAAE,cAAc,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,WAAW,CAAC,CAAA;AACnG,CAAC,CAAA;AAEM,MAAM,QAAQ,GAAG,CAAC,GAAW,EAAE,IAAmB,EAAU,EAAE;IACnE,MAAM,MAAM,GAAG,WAAW,CAAC,GAAG,EAAE,WAAW,CAAC,CAAA;IAC5C,MAAM,SAAS,GAAG,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,YAAY,CAAA;IACvE,IAAI,IAAI,KAAK,SAAS,EAAE;QACtB,MAAM,GAAG,GAAG,WAAW,CAAC,MAAM,EAAE,SAAS,CAAC,CAAA;QAC1C,IAAI;YACF,IAAA,gBAAQ,EAAC,GAAG,CAAC,CAAA,CAAC,yCAAyC;YACvD,OAAO,GAAG,CAAA;SACX;QAAC,OAAO,KAAK,EAAE;YACd,OAAO,WAAW,CAAC,MAAM,EAAE,aAAa,CAAC,CAAA;SAC1C;KACF;IACD,OAAO,WAAW,CAAC,MAAM,EAAE,SAAS,CAAC,CAAA;AACvC,CAAC,CAAA;AAbY,QAAA,QAAQ,YAapB;AAED,SAAgB,WAAW,CAAC,IAAY,EAAE,SAA4E;IACpH,MAAM,GAAG,GAAG,SAAS,aAAT,SAAS,cAAT,SAAS,GAAI,aAAa,CAAA;IACtC,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAA;IACtC,IAAI,CAAC,OAAO,EAAE;QACZ,MAAM,KAAK,CAAC,mCAAmC,CAAC,CAAA;KACjD;IACD,OAAO,cAAc,GAAG,UAAU,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,GAAG,SAAS,CAAA;AAChF,CAAC;AAPD,kCAOC"}
/package/dist/{x509-utils.js → x509/x509-utils.js} RENAMED
File without changes