npm - @sphereon/ssi-sdk-ext.key-utils - Versions diffs - 0.34.1-fix.80 → 0.34.1-next.299 - Mend

@sphereon/ssi-sdk-ext.key-utils 0.34.1-fix.80 → 0.34.1-next.299

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/dist/index.cjs +30 -15
package/dist/index.cjs.map +1 -1
package/dist/index.d.cts +3 -1
package/dist/index.d.ts +3 -1
package/dist/index.js +31 -16
package/dist/index.js.map +1 -1
package/package.json +4 -4
package/src/functions.ts +47 -30
package/src/types/key-util-types.ts +1 -0

package/dist/index.d.cts CHANGED Viewed

@@ -28,6 +28,7 @@ interface X509Opts {
     certificateChainPEM?: string;
 }
 interface IImportProvidedOrGeneratedKeyArgs {
+    providerName: string;
     kms?: string;
     alias?: string;
     options?: IKeyOpts;
@@ -117,6 +118,7 @@ declare const jwkToRawHexKey: (jwk: JWK) => Promise<string>;
  * @returns A string representing the RSA key in raw hexadecimal format.
  */
 declare function rsaJwkToRawHexKey(jwk: JsonWebKey): string;
+declare function x25519PublicHexFromPrivateHex(privateKeyHex: string): string;
 /**
  * Determines the use param based upon the key/signature type or supplied use value.
  *
@@ -228,4 +230,4 @@ declare const digestMethodParams: (hashAlgorithm: HashAlgorithm) => {
 };
 declare const shaHasher: HasherSync;
-export { ENC_KEY_ALGS, type HashAlgorithm, type IImportProvidedOrGeneratedKeyArgs, type IKeyOpts, JWK_JCS_PUB_NAME, JWK_JCS_PUB_PREFIX, JwkKeyUse, Key, type KeyTypeFromCryptographicSuiteArgs, type KeyVisibility, SIG_KEY_ALGS, type SignatureAlgorithmFromKeyArgs, type SignatureAlgorithmFromKeyTypeArgs, type TDigestMethod, type TKeyType, type X509Opts, asn1DerToRawPublicKey, calculateJwkThumbprint, calculateJwkThumbprintForKey, coseKeyToJwk, coseToJoseCurve, coseToJoseKeyOperation, coseToJoseKty, coseToJoseSignatureAlg, digestMethodParams, generatePrivateKeyHex, getKms, globalCrypto, hexStringFromUint8Array, importProvidedOrGeneratedKey, isAsn1Der, isRawCompressedPublicKey, jcsCanonicalize, joseToCoseCurve, joseToCoseKeyOperation, joseToCoseKty, joseToCoseSignatureAlg, jwkDetermineUse, jwkJcsDecode, jwkJcsEncode, jwkToCoseKey, jwkToRawHexKey, keyTypeFromCryptographicSuite, logger, minimalJwk, padLeft, removeNulls, rsaJwkToRawHexKey, sanitizedJwk, shaHasher, signatureAlgorithmFromKey, signatureAlgorithmFromKeyType, toBase64url, toJwk, toJwkFromKey, toPkcs1, toPkcs1FromHex, toRawCompressedHexPublicKey, validateJwk, verifyRawSignature };
+export { ENC_KEY_ALGS, type HashAlgorithm, type IImportProvidedOrGeneratedKeyArgs, type IKeyOpts, JWK_JCS_PUB_NAME, JWK_JCS_PUB_PREFIX, JwkKeyUse, Key, type KeyTypeFromCryptographicSuiteArgs, type KeyVisibility, SIG_KEY_ALGS, type SignatureAlgorithmFromKeyArgs, type SignatureAlgorithmFromKeyTypeArgs, type TDigestMethod, type TKeyType, type X509Opts, asn1DerToRawPublicKey, calculateJwkThumbprint, calculateJwkThumbprintForKey, coseKeyToJwk, coseToJoseCurve, coseToJoseKeyOperation, coseToJoseKty, coseToJoseSignatureAlg, digestMethodParams, generatePrivateKeyHex, getKms, globalCrypto, hexStringFromUint8Array, importProvidedOrGeneratedKey, isAsn1Der, isRawCompressedPublicKey, jcsCanonicalize, joseToCoseCurve, joseToCoseKeyOperation, joseToCoseKty, joseToCoseSignatureAlg, jwkDetermineUse, jwkJcsDecode, jwkJcsEncode, jwkToCoseKey, jwkToRawHexKey, keyTypeFromCryptographicSuite, logger, minimalJwk, padLeft, removeNulls, rsaJwkToRawHexKey, sanitizedJwk, shaHasher, signatureAlgorithmFromKey, signatureAlgorithmFromKeyType, toBase64url, toJwk, toJwkFromKey, toPkcs1, toPkcs1FromHex, toRawCompressedHexPublicKey, validateJwk, verifyRawSignature, x25519PublicHexFromPrivateHex };

package/dist/index.d.ts CHANGED Viewed

@@ -28,6 +28,7 @@ interface X509Opts {
     certificateChainPEM?: string;
 }
 interface IImportProvidedOrGeneratedKeyArgs {
+    providerName: string;
     kms?: string;
     alias?: string;
     options?: IKeyOpts;
@@ -117,6 +118,7 @@ declare const jwkToRawHexKey: (jwk: JWK) => Promise<string>;
  * @returns A string representing the RSA key in raw hexadecimal format.
  */
 declare function rsaJwkToRawHexKey(jwk: JsonWebKey): string;
+declare function x25519PublicHexFromPrivateHex(privateKeyHex: string): string;
 /**
  * Determines the use param based upon the key/signature type or supplied use value.
  *
@@ -228,4 +230,4 @@ declare const digestMethodParams: (hashAlgorithm: HashAlgorithm) => {
 };
 declare const shaHasher: HasherSync;
-export { ENC_KEY_ALGS, type HashAlgorithm, type IImportProvidedOrGeneratedKeyArgs, type IKeyOpts, JWK_JCS_PUB_NAME, JWK_JCS_PUB_PREFIX, JwkKeyUse, Key, type KeyTypeFromCryptographicSuiteArgs, type KeyVisibility, SIG_KEY_ALGS, type SignatureAlgorithmFromKeyArgs, type SignatureAlgorithmFromKeyTypeArgs, type TDigestMethod, type TKeyType, type X509Opts, asn1DerToRawPublicKey, calculateJwkThumbprint, calculateJwkThumbprintForKey, coseKeyToJwk, coseToJoseCurve, coseToJoseKeyOperation, coseToJoseKty, coseToJoseSignatureAlg, digestMethodParams, generatePrivateKeyHex, getKms, globalCrypto, hexStringFromUint8Array, importProvidedOrGeneratedKey, isAsn1Der, isRawCompressedPublicKey, jcsCanonicalize, joseToCoseCurve, joseToCoseKeyOperation, joseToCoseKty, joseToCoseSignatureAlg, jwkDetermineUse, jwkJcsDecode, jwkJcsEncode, jwkToCoseKey, jwkToRawHexKey, keyTypeFromCryptographicSuite, logger, minimalJwk, padLeft, removeNulls, rsaJwkToRawHexKey, sanitizedJwk, shaHasher, signatureAlgorithmFromKey, signatureAlgorithmFromKeyType, toBase64url, toJwk, toJwkFromKey, toPkcs1, toPkcs1FromHex, toRawCompressedHexPublicKey, validateJwk, verifyRawSignature };
+export { ENC_KEY_ALGS, type HashAlgorithm, type IImportProvidedOrGeneratedKeyArgs, type IKeyOpts, JWK_JCS_PUB_NAME, JWK_JCS_PUB_PREFIX, JwkKeyUse, Key, type KeyTypeFromCryptographicSuiteArgs, type KeyVisibility, SIG_KEY_ALGS, type SignatureAlgorithmFromKeyArgs, type SignatureAlgorithmFromKeyTypeArgs, type TDigestMethod, type TKeyType, type X509Opts, asn1DerToRawPublicKey, calculateJwkThumbprint, calculateJwkThumbprintForKey, coseKeyToJwk, coseToJoseCurve, coseToJoseKeyOperation, coseToJoseKty, coseToJoseSignatureAlg, digestMethodParams, generatePrivateKeyHex, getKms, globalCrypto, hexStringFromUint8Array, importProvidedOrGeneratedKey, isAsn1Der, isRawCompressedPublicKey, jcsCanonicalize, joseToCoseCurve, joseToCoseKeyOperation, joseToCoseKty, joseToCoseSignatureAlg, jwkDetermineUse, jwkJcsDecode, jwkJcsEncode, jwkToCoseKey, jwkToRawHexKey, keyTypeFromCryptographicSuite, logger, minimalJwk, padLeft, removeNulls, rsaJwkToRawHexKey, sanitizedJwk, shaHasher, signatureAlgorithmFromKey, signatureAlgorithmFromKeyType, toBase64url, toJwk, toJwkFromKey, toPkcs1, toPkcs1FromHex, toRawCompressedHexPublicKey, validateJwk, verifyRawSignature, x25519PublicHexFromPrivateHex };

package/dist/index.js CHANGED Viewed

@@ -4,7 +4,7 @@ var __name = (target, value) => __defProp(target, "name", { value, configurable:
 // src/functions.ts
 import { randomBytes } from "@ethersproject/random";
 import { bls12_381 } from "@noble/curves/bls12-381";
-import { ed25519 } from "@noble/curves/ed25519";
+import { ed25519, x25519 } from "@noble/curves/ed25519";
 import { p256 } from "@noble/curves/p256";
 import { p384 } from "@noble/curves/p384";
 import { p521 } from "@noble/curves/p521";
@@ -193,17 +193,17 @@ __name(jcsCanonicalize, "jcsCanonicalize");
 // src/types/key-util-types.ts
 var JWK_JCS_PUB_NAME = "jwk_jcs-pub";
 var JWK_JCS_PUB_PREFIX = 60241;
-var Key = /* @__PURE__ */ function(Key2) {
+var Key = /* @__PURE__ */ (function(Key2) {
   Key2["Ed25519"] = "Ed25519";
   Key2["Secp256k1"] = "Secp256k1";
   Key2["Secp256r1"] = "Secp256r1";
   return Key2;
-}({});
-var JwkKeyUse = /* @__PURE__ */ function(JwkKeyUse2) {
+})({});
+var JwkKeyUse = /* @__PURE__ */ (function(JwkKeyUse2) {
   JwkKeyUse2["Encryption"] = "enc";
   JwkKeyUse2["Signature"] = "sig";
   return JwkKeyUse2;
-}({});
+})({});
 var SIG_KEY_ALGS = [
   "ES256",
   "ES384",
@@ -296,14 +296,19 @@ var keyMetaAlgorithmsFromKeyType = /* @__PURE__ */ __name((type) => {
 async function importProvidedOrGeneratedKey(args, context) {
   const type = args.options?.type ?? args.options?.key?.type ?? args.options?.keyType ?? "Secp256r1";
   const key = args?.options?.key;
-  if (args.options?.x509 && key) {
+  if (key) {
     key.meta = {
-      ...key.meta,
-      x509: {
-        ...args.options.x509,
-        ...key.meta?.x509
-      }
+      providerName: args.providerName
     };
+    if (args.options?.x509) {
+      key.meta = {
+        ...key.meta,
+        x509: {
+          ...args.options.x509,
+          ...key.meta?.x509
+        }
+      };
+    }
   }
   if (args.options && args.options?.use === JwkKeyUse.Encryption && !ENC_KEY_ALGS.includes(type)) {
     throw new Error(`${type} keys are not valid for encryption`);
@@ -550,6 +555,15 @@ function octJwkToRawHexKey(jwk) {
   return toString2(key, "hex");
 }
 __name(octJwkToRawHexKey, "octJwkToRawHexKey");
+function x25519PublicHexFromPrivateHex(privateKeyHex) {
+  if (!/^[0-9a-fA-F]{64}$/.test(privateKeyHex)) {
+    throw new Error("Private key must be 32-byte hex (64 chars)");
+  }
+  const priv = Uint8Array.from(Buffer.from(privateKeyHex, "hex"));
+  const pub = x25519.getPublicKey(priv);
+  return Buffer.from(pub).toString("hex");
+}
+__name(x25519PublicHexFromPrivateHex, "x25519PublicHexFromPrivateHex");
 var jwkDetermineUse = /* @__PURE__ */ __name((type, suppliedUse) => {
   return suppliedUse ? suppliedUse : SIG_KEY_ALGS.includes(type) ? JwkKeyUse.Signature : ENC_KEY_ALGS.includes(type) ? JwkKeyUse.Encryption : void 0;
 }, "jwkDetermineUse");
@@ -586,8 +600,8 @@ var toSecp256k1Jwk = /* @__PURE__ */ __name((keyHex, opts) => {
     },
     kty: JwkKeyType.EC,
     crv: JoseCurve.secp256k1,
-    x: hexToBase64(pubPoint.getX().toString("hex"), "base64url"),
-    y: hexToBase64(pubPoint.getY().toString("hex"), "base64url"),
+    x: hexToBase64(pubPoint.getX().toString("hex").padStart(64, "0"), "base64url"),
+    y: hexToBase64(pubPoint.getY().toString("hex").padStart(64, "0"), "base64url"),
     ...opts?.isPrivateKey && {
       d: hexToBase64(keyPair.getPrivate("hex"), "base64url")
     }
@@ -618,8 +632,8 @@ var toSecp256r1Jwk = /* @__PURE__ */ __name((keyHex, opts) => {
     },
     kty: JwkKeyType.EC,
     crv: JoseCurve.P_256,
-    x: hexToBase64(pubPoint.getX().toString("hex"), "base64url"),
-    y: hexToBase64(pubPoint.getY().toString("hex"), "base64url"),
+    x: hexToBase64(pubPoint.getX().toString("hex").padStart(64, "0"), "base64url"),
+    y: hexToBase64(pubPoint.getY().toString("hex").padStart(64, "0"), "base64url"),
     ...opts?.isPrivateKey && {
       d: hexToBase64(keyPair.getPrivate("hex"), "base64url")
     }
@@ -1417,6 +1431,7 @@ export {
   toPkcs1FromHex,
   toRawCompressedHexPublicKey,
   validateJwk,
-  verifyRawSignature
+  verifyRawSignature,
+  x25519PublicHexFromPrivateHex
 };
 //# sourceMappingURL=index.js.map