@sphereon/ssi-sdk-ext.key-utils 0.34.1-next.91 → 0.36.1-feat.SSISDK.83.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. package/dist/index.cjs +29 -11
  2. package/dist/index.cjs.map +1 -1
  3. package/dist/index.d.cts +3 -1
  4. package/dist/index.d.ts +3 -1
  5. package/dist/index.js +30 -12
  6. package/dist/index.js.map +1 -1
  7. package/package.json +4 -4
  8. package/src/digest-methods.ts +1 -1
  9. package/src/functions.ts +48 -30
  10. package/src/types/key-util-types.ts +1 -0
package/dist/index.d.ts CHANGED
@@ -28,6 +28,7 @@ interface X509Opts {
28
28
  certificateChainPEM?: string;
29
29
  }
30
30
  interface IImportProvidedOrGeneratedKeyArgs {
31
+ providerName: string;
31
32
  kms?: string;
32
33
  alias?: string;
33
34
  options?: IKeyOpts;
@@ -117,6 +118,7 @@ declare const jwkToRawHexKey: (jwk: JWK) => Promise<string>;
117
118
  * @returns A string representing the RSA key in raw hexadecimal format.
118
119
  */
119
120
  declare function rsaJwkToRawHexKey(jwk: JsonWebKey): string;
121
+ declare function x25519PublicHexFromPrivateHex(privateKeyHex: string): string;
120
122
  /**
121
123
  * Determines the use param based upon the key/signature type or supplied use value.
122
124
  *
@@ -228,4 +230,4 @@ declare const digestMethodParams: (hashAlgorithm: HashAlgorithm) => {
228
230
  };
229
231
  declare const shaHasher: HasherSync;
230
232
 
231
- export { ENC_KEY_ALGS, type HashAlgorithm, type IImportProvidedOrGeneratedKeyArgs, type IKeyOpts, JWK_JCS_PUB_NAME, JWK_JCS_PUB_PREFIX, JwkKeyUse, Key, type KeyTypeFromCryptographicSuiteArgs, type KeyVisibility, SIG_KEY_ALGS, type SignatureAlgorithmFromKeyArgs, type SignatureAlgorithmFromKeyTypeArgs, type TDigestMethod, type TKeyType, type X509Opts, asn1DerToRawPublicKey, calculateJwkThumbprint, calculateJwkThumbprintForKey, coseKeyToJwk, coseToJoseCurve, coseToJoseKeyOperation, coseToJoseKty, coseToJoseSignatureAlg, digestMethodParams, generatePrivateKeyHex, getKms, globalCrypto, hexStringFromUint8Array, importProvidedOrGeneratedKey, isAsn1Der, isRawCompressedPublicKey, jcsCanonicalize, joseToCoseCurve, joseToCoseKeyOperation, joseToCoseKty, joseToCoseSignatureAlg, jwkDetermineUse, jwkJcsDecode, jwkJcsEncode, jwkToCoseKey, jwkToRawHexKey, keyTypeFromCryptographicSuite, logger, minimalJwk, padLeft, removeNulls, rsaJwkToRawHexKey, sanitizedJwk, shaHasher, signatureAlgorithmFromKey, signatureAlgorithmFromKeyType, toBase64url, toJwk, toJwkFromKey, toPkcs1, toPkcs1FromHex, toRawCompressedHexPublicKey, validateJwk, verifyRawSignature };
233
+ export { ENC_KEY_ALGS, type HashAlgorithm, type IImportProvidedOrGeneratedKeyArgs, type IKeyOpts, JWK_JCS_PUB_NAME, JWK_JCS_PUB_PREFIX, JwkKeyUse, Key, type KeyTypeFromCryptographicSuiteArgs, type KeyVisibility, SIG_KEY_ALGS, type SignatureAlgorithmFromKeyArgs, type SignatureAlgorithmFromKeyTypeArgs, type TDigestMethod, type TKeyType, type X509Opts, asn1DerToRawPublicKey, calculateJwkThumbprint, calculateJwkThumbprintForKey, coseKeyToJwk, coseToJoseCurve, coseToJoseKeyOperation, coseToJoseKty, coseToJoseSignatureAlg, digestMethodParams, generatePrivateKeyHex, getKms, globalCrypto, hexStringFromUint8Array, importProvidedOrGeneratedKey, isAsn1Der, isRawCompressedPublicKey, jcsCanonicalize, joseToCoseCurve, joseToCoseKeyOperation, joseToCoseKty, joseToCoseSignatureAlg, jwkDetermineUse, jwkJcsDecode, jwkJcsEncode, jwkToCoseKey, jwkToRawHexKey, keyTypeFromCryptographicSuite, logger, minimalJwk, padLeft, removeNulls, rsaJwkToRawHexKey, sanitizedJwk, shaHasher, signatureAlgorithmFromKey, signatureAlgorithmFromKeyType, toBase64url, toJwk, toJwkFromKey, toPkcs1, toPkcs1FromHex, toRawCompressedHexPublicKey, validateJwk, verifyRawSignature, x25519PublicHexFromPrivateHex };
package/dist/index.js CHANGED
@@ -4,7 +4,7 @@ var __name = (target, value) => __defProp(target, "name", { value, configurable:
4
4
  // src/functions.ts
5
5
  import { randomBytes } from "@ethersproject/random";
6
6
  import { bls12_381 } from "@noble/curves/bls12-381";
7
- import { ed25519 } from "@noble/curves/ed25519";
7
+ import { ed25519, x25519 } from "@noble/curves/ed25519";
8
8
  import { p256 } from "@noble/curves/p256";
9
9
  import { p384 } from "@noble/curves/p384";
10
10
  import { p521 } from "@noble/curves/p521";
@@ -296,14 +296,20 @@ var keyMetaAlgorithmsFromKeyType = /* @__PURE__ */ __name((type) => {
296
296
  async function importProvidedOrGeneratedKey(args, context) {
297
297
  const type = args.options?.type ?? args.options?.key?.type ?? args.options?.keyType ?? "Secp256r1";
298
298
  const key = args?.options?.key;
299
- if (args.options?.x509 && key) {
299
+ if (key) {
300
300
  key.meta = {
301
301
  ...key.meta,
302
- x509: {
303
- ...args.options.x509,
304
- ...key.meta?.x509
305
- }
302
+ providerName: args.providerName
306
303
  };
304
+ if (args.options?.x509) {
305
+ key.meta = {
306
+ ...key.meta,
307
+ x509: {
308
+ ...args.options.x509,
309
+ ...key.meta?.x509
310
+ }
311
+ };
312
+ }
307
313
  }
308
314
  if (args.options && args.options?.use === JwkKeyUse.Encryption && !ENC_KEY_ALGS.includes(type)) {
309
315
  throw new Error(`${type} keys are not valid for encryption`);
@@ -329,7 +335,9 @@ async function importProvidedOrGeneratedKey(args, context) {
329
335
  meta: {
330
336
  ...key?.meta,
331
337
  algorithms: keyMetaAlgorithmsFromKeyType(type),
332
- keyAlias: args.alias
338
+ ...key?.meta?.keyAlias ? {} : {
339
+ keyAlias: args.alias
340
+ }
333
341
  }
334
342
  });
335
343
  }
@@ -550,6 +558,15 @@ function octJwkToRawHexKey(jwk) {
550
558
  return toString2(key, "hex");
551
559
  }
552
560
  __name(octJwkToRawHexKey, "octJwkToRawHexKey");
561
+ function x25519PublicHexFromPrivateHex(privateKeyHex) {
562
+ if (!/^[0-9a-fA-F]{64}$/.test(privateKeyHex)) {
563
+ throw new Error("Private key must be 32-byte hex (64 chars)");
564
+ }
565
+ const priv = Uint8Array.from(Buffer.from(privateKeyHex, "hex"));
566
+ const pub = x25519.getPublicKey(priv);
567
+ return Buffer.from(pub).toString("hex");
568
+ }
569
+ __name(x25519PublicHexFromPrivateHex, "x25519PublicHexFromPrivateHex");
553
570
  var jwkDetermineUse = /* @__PURE__ */ __name((type, suppliedUse) => {
554
571
  return suppliedUse ? suppliedUse : SIG_KEY_ALGS.includes(type) ? JwkKeyUse.Signature : ENC_KEY_ALGS.includes(type) ? JwkKeyUse.Encryption : void 0;
555
572
  }, "jwkDetermineUse");
@@ -586,8 +603,8 @@ var toSecp256k1Jwk = /* @__PURE__ */ __name((keyHex, opts) => {
586
603
  },
587
604
  kty: JwkKeyType.EC,
588
605
  crv: JoseCurve.secp256k1,
589
- x: hexToBase64(pubPoint.getX().toString("hex"), "base64url"),
590
- y: hexToBase64(pubPoint.getY().toString("hex"), "base64url"),
606
+ x: hexToBase64(pubPoint.getX().toString("hex").padStart(64, "0"), "base64url"),
607
+ y: hexToBase64(pubPoint.getY().toString("hex").padStart(64, "0"), "base64url"),
591
608
  ...opts?.isPrivateKey && {
592
609
  d: hexToBase64(keyPair.getPrivate("hex"), "base64url")
593
610
  }
@@ -618,8 +635,8 @@ var toSecp256r1Jwk = /* @__PURE__ */ __name((keyHex, opts) => {
618
635
  },
619
636
  kty: JwkKeyType.EC,
620
637
  crv: JoseCurve.P_256,
621
- x: hexToBase64(pubPoint.getX().toString("hex"), "base64url"),
622
- y: hexToBase64(pubPoint.getY().toString("hex"), "base64url"),
638
+ x: hexToBase64(pubPoint.getX().toString("hex").padStart(64, "0"), "base64url"),
639
+ y: hexToBase64(pubPoint.getY().toString("hex").padStart(64, "0"), "base64url"),
623
640
  ...opts?.isPrivateKey && {
624
641
  d: hexToBase64(keyPair.getPrivate("hex"), "base64url")
625
642
  }
@@ -1417,6 +1434,7 @@ export {
1417
1434
  toPkcs1FromHex,
1418
1435
  toRawCompressedHexPublicKey,
1419
1436
  validateJwk,
1420
- verifyRawSignature
1437
+ verifyRawSignature,
1438
+ x25519PublicHexFromPrivateHex
1421
1439
  };
1422
1440
  //# sourceMappingURL=index.js.map