@sphereon/ssi-sdk-ext.kms-musap-rn 0.26.1-next.9 → 0.27.1-fix.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/dist/MusapKeyManagerSystem.d.ts +14 -4
  2. package/dist/MusapKeyManagerSystem.d.ts.map +1 -1
  3. package/dist/MusapKeyManagerSystem.js +106 -16
  4. package/dist/MusapKeyManagerSystem.js.map +1 -1
  5. package/package.json +5 -5
  6. package/src/MusapKeyManagerSystem.ts +146 -23
package/dist/MusapKeyManagerSystem.d.ts CHANGED
@@ -1,12 +1,19 @@
1
1
  import { IKey, ManagedKeyInfo, MinimalImportableKey, TKeyType } from '@veramo/core';
2
- import { SscdType } from '@sphereon/musap-react-native';
2
+ import { ExternalSscdSettings, SscdType } from '@sphereon/musap-react-native';
3
3
  import { AbstractKeyManagementSystem } from '@veramo/key-manager';
4
4
  import { KeyMetadata } from './index';
5
5
  export declare const logger: import("@sphereon/ssi-types").ISimpleLogger<unknown>;
6
6
  export declare class MusapKeyManagementSystem extends AbstractKeyManagementSystem {
7
- private musapKeyStore;
8
- private sscdType;
9
- constructor(sscdType?: SscdType);
7
+ private musapClient;
8
+ private readonly sscdType;
9
+ private readonly sscdId;
10
+ private readonly defaultKeyAttributes;
11
+ private readonly defaultSignAttributes;
12
+ constructor(sscdType?: SscdType, sscdId?: string, opts?: {
13
+ externalSscdSettings?: ExternalSscdSettings;
14
+ defaultKeyAttributes?: Record<string, string>;
15
+ defaultSignAttributes?: Record<string, string>;
16
+ });
10
17
  listKeys(): Promise<ManagedKeyInfo[]>;
11
18
  createKey(args: {
12
19
  type: TKeyType;
@@ -27,10 +34,13 @@ export declare class MusapKeyManagementSystem extends AbstractKeyManagementSyste
27
34
  importKey(args: Omit<MinimalImportableKey, 'kms'> & {
28
35
  privateKeyPEM?: string;
29
36
  }): Promise<ManagedKeyInfo>;
37
+ private decodeMusapPublicKey;
30
38
  private asMusapKeyInfo;
31
39
  sharedSecret(args: {
32
40
  myKeyRef: Pick<IKey, 'kid'>;
33
41
  theirKey: Pick<IKey, 'publicKeyHex' | 'type'>;
34
42
  }): Promise<string>;
43
+ private recordToKeyAttributes;
44
+ private recordToSignatureAttributes;
35
45
  }
36
46
  //# sourceMappingURL=MusapKeyManagerSystem.d.ts.map
package/dist/MusapKeyManagerSystem.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"MusapKeyManagerSystem.d.ts","sourceRoot":"","sources":["../src/MusapKeyManagerSystem.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,cAAc,EAAE,oBAAoB,EAAE,QAAQ,EAAE,MAAM,cAAc,CAAA;AAenF,OAAO,EAAgB,QAAQ,EAAE,MAAM,8BAA8B,CAAA;AACrE,OAAO,EAAE,2BAA2B,EAAE,MAAM,qBAAqB,CAAA;AAGjE,OAAO,EAAE,WAAW,EAAE,MAAM,SAAS,CAAA;AAUrC,eAAO,MAAM,MAAM,sDAA+C,CAAA;AAElE,qBAAa,wBAAyB,SAAQ,2BAA2B;IACvE,OAAO,CAAC,aAAa,CAAiB;IACtC,OAAO,CAAC,QAAQ,CAAU;gBAEd,QAAQ,CAAC,EAAE,QAAQ;IAYzB,QAAQ,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;IAKrC,SAAS,CAAC,IAAI,EAAE;QAAE,IAAI,EAAE,QAAQ,CAAC;QAAC,IAAI,CAAC,EAAE,WAAW,CAAA;KAAE,GAAG,OAAO,CAAC,cAAc,CAAC;IA6BtF,OAAO,CAAC,yBAAyB,CAWhC;IAED,OAAO,CAAC,yBAAyB,CAWhC;IAEK,SAAS,CAAC,EAAE,GAAG,EAAE,EAAE;QAAE,GAAG,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,OAAO,CAAC;IAU3D,OAAO,CAAC,kBAAkB;IAapB,IAAI,CAAC,IAAI,EAAE;QAAE,MAAM,EAAE,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,UAAU,CAAC;QAAC,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAA;KAAE,GAAG,OAAO,CAAC,MAAM,CAAC;IAoBlH,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC,oBAAoB,EAAE,KAAK,CAAC,GAAG;QAAE,aAAa,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,cAAc,CAAC;IAI9G,OAAO,CAAC,cAAc;IAoBtB,YAAY,CAAC,IAAI,EAAE;QAAE,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,cAAc,GAAG,MAAM,CAAC,CAAA;KAAE,GAAG,OAAO,CAAC,MAAM,CAAC;CAGpH"}
1
+ {"version":3,"file":"MusapKeyManagerSystem.d.ts","sourceRoot":"","sources":["../src/MusapKeyManagerSystem.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,cAAc,EAAE,oBAAoB,EAAE,QAAQ,EAAE,MAAM,cAAc,CAAA;AACnF,OAAO,EACL,oBAAoB,EAepB,QAAQ,EACT,MAAM,8BAA8B,CAAA;AACrC,OAAO,EAAE,2BAA2B,EAAE,MAAM,qBAAqB,CAAA;AAGjE,OAAO,EAAE,WAAW,EAAE,MAAM,SAAS,CAAA;AAUrC,eAAO,MAAM,MAAM,sDAA+C,CAAA;AAElE,qBAAa,wBAAyB,SAAQ,2BAA2B;IACvE,OAAO,CAAC,WAAW,CAAc;IACjC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAU;IACnC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAQ;IAC/B,OAAO,CAAC,QAAQ,CAAC,oBAAoB,CAAoC;IACzE,OAAO,CAAC,QAAQ,CAAC,qBAAqB,CAAoC;gBAE9D,QAAQ,CAAC,EAAE,QAAQ,EAAE,MAAM,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE;QACvD,oBAAoB,CAAC,EAAE,oBAAoB,CAAC;QAC5C,oBAAoB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAC9C,qBAAqB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;KAC/C;IAmBK,QAAQ,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;IAKrC,SAAS,CAAC,IAAI,EAAE;QAAE,IAAI,EAAE,QAAQ,CAAC;QAAC,IAAI,CAAC,EAAE,WAAW,CAAA;KAAE,GAAG,OAAO,CAAC,cAAc,CAAC;IAuCtF,OAAO,CAAC,yBAAyB,CAWhC;IAED,OAAO,CAAC,yBAAyB,CAchC;IAEK,SAAS,CAAC,EAAE,GAAG,EAAE,EAAE;QAAE,GAAG,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,OAAO,CAAC;IAc3D,OAAO,CAAC,kBAAkB;IAapB,IAAI,CAAC,IAAI,EAAE;QACf,MAAM,EAAE,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QAC1B,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,IAAI,EAAE,UAAU,CAAC;QACjB,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAA;KACjB,GAAG,OAAO,CAAC,MAAM,CAAC;IAuBb,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC,oBAAoB,EAAE,KAAK,CAAC,GAAG;QAAE,aAAa,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,cAAc,CAAC;IAK9G,OAAO,CAAC,oBAAoB,CAyD3B;IAED,OAAO,CAAC,cAAc;IAqBtB,YAAY,CAAC,IAAI,EAAE;QAAE,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,cAAc,GAAG,MAAM,CAAC,CAAA;KAAE,GAAG,OAAO,CAAC,MAAM,CAAC;IAInH,OAAO,CAAC,qBAAqB;IAU7B,OAAO,CAAC,2BAA2B;CASpC"}
package/dist/MusapKeyManagerSystem.js CHANGED
@@ -29,7 +29,7 @@ const ssi_types_1 = require("@sphereon/ssi-types");
29
29
  const ssi_sdk_ext_key_utils_1 = require("@sphereon/ssi-sdk-ext.key-utils");
30
30
  exports.logger = ssi_types_1.Loggers.DEFAULT.get('sphereon:musap-rn-kms');
31
31
  class MusapKeyManagementSystem extends key_manager_1.AbstractKeyManagementSystem {
32
- constructor(sscdType) {
32
+ constructor(sscdType, sscdId, opts) {
33
33
  super();
34
34
  this.mapKeyTypeToAlgorithmType = (type) => {
35
35
  switch (type) {
@@ -49,16 +49,73 @@ class MusapKeyManagementSystem extends key_manager_1.AbstractKeyManagementSystem
49
49
  return 'Secp256k1';
50
50
  case 'eccp256r1':
51
51
  return 'Secp256r1';
52
+ case 'ecc_ed25519':
53
+ return 'Ed25519';
54
+ case 'rsa2k':
52
55
  case 'rsa4k':
53
56
  return 'RSA';
54
57
  default:
55
58
  throw new Error(`Key type ${type} is not supported.`);
56
59
  }
57
60
  };
61
+ this.decodeMusapPublicKey = (args) => {
62
+ const { publicKey, keyType } = args;
63
+ try {
64
+ // First try the normal PEM decoding path
65
+ const pemBinary = (0, ssi_sdk_ext_x509_utils_1.PEMToBinary)(publicKey.pem);
66
+ // Check if we got a string that looks like base64 (might be double encoded)
67
+ const isDoubleEncoded = pemBinary.length > 0 &&
68
+ typeof Buffer.from(pemBinary).toString() === 'string' &&
69
+ Buffer.from(pemBinary).toString().startsWith('MF');
70
+ if (isDoubleEncoded) {
71
+ // Handle double-encoded case
72
+ const innerBase64 = Buffer.from(pemBinary).toString();
73
+ const actualDerBytes = Buffer.from(innerBase64, 'base64');
74
+ // For double-encoded case, we know the key data starts after the header
75
+ const keyDataStart = 24;
76
+ const keyData = actualDerBytes.slice(keyDataStart);
77
+ // Convert to public key hex
78
+ let publicKeyHex = Buffer.from(keyData).toString('hex');
79
+ // If it's not compressed yet and doesn't start with 0x04 (uncompressed point marker), add it
80
+ if (publicKeyHex.length <= 128 && !publicKeyHex.startsWith('04')) {
81
+ publicKeyHex = '04' + publicKeyHex;
82
+ }
83
+ // Ensure we have full 65 bytes for uncompressed keys
84
+ while (publicKeyHex.startsWith('04') && publicKeyHex.length < 130) {
85
+ publicKeyHex = publicKeyHex + '0';
86
+ }
87
+ // Now convert to compressed format if needed
88
+ if (publicKeyHex.startsWith('04') && publicKeyHex.length === 130) {
89
+ const xCoord = Buffer.from(publicKeyHex.slice(2, 66), 'hex');
90
+ const yCoord = Buffer.from(publicKeyHex.slice(66, 130), 'hex');
91
+ const prefix = Buffer.from([yCoord[31] % 2 === 0 ? 0x02 : 0x03]);
92
+ const compressedKey = Buffer.concat([prefix, xCoord]);
93
+ return compressedKey.toString('hex');
94
+ }
95
+ return publicKeyHex;
96
+ }
97
+ // Not double encoded, proceed with normal path
98
+ const publicKeyBinary = (0, ssi_sdk_ext_key_utils_1.isAsn1Der)(pemBinary) ? (0, ssi_sdk_ext_key_utils_1.asn1DerToRawPublicKey)(pemBinary, keyType) : pemBinary;
99
+ return (0, ssi_sdk_ext_key_utils_1.isRawCompressedPublicKey)(publicKeyBinary)
100
+ ? (0, ssi_sdk_ext_key_utils_1.hexStringFromUint8Array)(publicKeyBinary)
101
+ : (0, ssi_sdk_ext_key_utils_1.toRawCompressedHexPublicKey)(publicKeyBinary, keyType);
102
+ }
103
+ catch (error) {
104
+ console.warn('Error decoding public key:', error);
105
+ // If all else fails, try direct conversion
106
+ return publicKey.pem;
107
+ }
108
+ };
58
109
  try {
59
- this.musapKeyStore = musap_react_native_1.MusapModule;
110
+ this.musapClient = musap_react_native_1.MusapClient;
60
111
  this.sscdType = sscdType ? sscdType : 'TEE';
61
- this.musapKeyStore.enableSscd(this.sscdType);
112
+ this.sscdId = sscdId !== null && sscdId !== void 0 ? sscdId : this.sscdType;
113
+ this.defaultKeyAttributes = opts === null || opts === void 0 ? void 0 : opts.defaultKeyAttributes;
114
+ this.defaultSignAttributes = opts === null || opts === void 0 ? void 0 : opts.defaultSignAttributes;
115
+ const enabledSscds = this.musapClient.listEnabledSscds();
116
+ if (!enabledSscds.some(value => value.sscdId == sscdId)) {
117
+ this.musapClient.enableSscd(this.sscdType, this.sscdId, opts === null || opts === void 0 ? void 0 : opts.externalSscdSettings);
118
+ }
62
119
  }
63
120
  catch (e) {
64
121
  console.error('enableSscd', e);
@@ -67,7 +124,7 @@ class MusapKeyManagementSystem extends key_manager_1.AbstractKeyManagementSystem
67
124
  }
68
125
  listKeys() {
69
126
  return __awaiter(this, void 0, void 0, function* () {
70
- const keysJson = (yield this.musapKeyStore.listKeys());
127
+ const keysJson = (this.musapClient.listKeys());
71
128
  return keysJson.map((key) => this.asMusapKeyInfo(key));
72
129
  });
73
130
  }
@@ -77,18 +134,27 @@ class MusapKeyManagementSystem extends key_manager_1.AbstractKeyManagementSystem
77
134
  if (meta === undefined || !('keyAlias' in meta)) {
78
135
  return Promise.reject(Error('a unique keyAlias field is required for MUSAP'));
79
136
  }
137
+ if (this.sscdType == 'EXTERNAL') {
138
+ const existingKeys = (this.musapClient.listKeys());
139
+ const extKey = existingKeys.find(musapKey => musapKey.sscdType === 'External Signature'); // FIXME returning does not match SscdType enum
140
+ if (extKey) {
141
+ extKey.algorithm = 'eccp256r1'; // FIXME MUSAP announces key as rsa2k, but it's actually EC
142
+ return this.asMusapKeyInfo(extKey);
143
+ }
144
+ return Promise.reject(Error(`No external key was bound yet for sscd ${this.sscdId}`));
145
+ }
80
146
  const keyGenReq = {
81
147
  keyAlgorithm: this.mapKeyTypeToAlgorithmType(type),
82
148
  keyUsage: 'keyUsage' in meta ? meta.keyUsage : 'sign',
83
149
  keyAlias: meta.keyAlias,
84
- attributes: 'attributes' in meta ? meta.attributes : [],
150
+ attributes: this.recordToKeyAttributes(Object.assign(Object.assign({}, this.defaultKeyAttributes), ('attributes' in meta ? meta.attributes : {}))),
85
151
  role: 'role' in meta ? meta.role : 'administrator',
86
152
  };
87
153
  try {
88
- const generatedKeyUri = yield this.musapKeyStore.generateKey(this.sscdType, keyGenReq);
154
+ const generatedKeyUri = yield this.musapClient.generateKey(this.sscdType, keyGenReq);
89
155
  if (generatedKeyUri) {
90
156
  exports.logger.debug('Generated key:', generatedKeyUri);
91
- const key = yield this.musapKeyStore.getKeyByUri(generatedKeyUri);
157
+ const key = this.musapClient.getKeyByUri(generatedKeyUri);
92
158
  return this.asMusapKeyInfo(key);
93
159
  }
94
160
  else {
@@ -104,7 +170,11 @@ class MusapKeyManagementSystem extends key_manager_1.AbstractKeyManagementSystem
104
170
  deleteKey(_a) {
105
171
  return __awaiter(this, arguments, void 0, function* ({ kid }) {
106
172
  try {
107
- this.musapKeyStore.removeKey(kid);
173
+ const key = this.musapClient.getKeyById(kid);
174
+ if (key.sscdType === 'External Signature') {
175
+ return true; // FIXME we can't remove a eSim key for now because this would mean onboarding again
176
+ }
177
+ void this.musapClient.removeKey(kid);
108
178
  return true;
109
179
  }
110
180
  catch (error) {
@@ -130,7 +200,10 @@ class MusapKeyManagementSystem extends key_manager_1.AbstractKeyManagementSystem
130
200
  throw new Error('key_not_found: No key ref provided');
131
201
  }
132
202
  const data = new text_encoding_1.TextDecoder().decode(args.data);
133
- const key = this.musapKeyStore.getKeyById(args.keyRef.kid);
203
+ const key = this.musapClient.getKeyById(args.keyRef.kid);
204
+ if (key.sscdType === 'External Signature') {
205
+ key.algorithm = 'eccp256r1'; // FIXME MUSAP announces key as rsa2k, but it's actually EC
206
+ }
134
207
  const signatureReq = {
135
208
  keyUri: key.keyUri,
136
209
  data,
@@ -138,9 +211,9 @@ class MusapKeyManagementSystem extends key_manager_1.AbstractKeyManagementSystem
138
211
  displayText: args.displayText,
139
212
  transId: args.transId,
140
213
  format: (_a = args.format) !== null && _a !== void 0 ? _a : 'RAW',
141
- attributes: args.attributes,
214
+ attributes: this.recordToSignatureAttributes(Object.assign(Object.assign({}, this.defaultSignAttributes), args.attributes)),
142
215
  };
143
- return this.musapKeyStore.sign(signatureReq);
216
+ return this.musapClient.sign(signatureReq);
144
217
  });
145
218
  }
146
219
  importKey(args) {
@@ -151,11 +224,10 @@ class MusapKeyManagementSystem extends key_manager_1.AbstractKeyManagementSystem
151
224
  asMusapKeyInfo(args) {
152
225
  const _a = Object.assign({}, args), { keyId, publicKey } = _a, metadata = __rest(_a, ["keyId", "publicKey"]);
153
226
  const keyType = this.mapAlgorithmTypeToKeyType(args.algorithm);
154
- const pemBinary = (0, ssi_sdk_ext_x509_utils_1.PEMToBinary)(args.publicKey.pem); // The der is flawed, it's not binary but a string [123, 4567]
155
- const publicKeyBinary = (0, ssi_sdk_ext_key_utils_1.isAsn1Der)(pemBinary) ? (0, ssi_sdk_ext_key_utils_1.asn1DerToRawPublicKey)(pemBinary, keyType) : pemBinary;
156
- const publicKeyHex = (0, ssi_sdk_ext_key_utils_1.isRawCompressedPublicKey)(publicKeyBinary) // TODO In the future I think it's better to have an option in KeyGenReq to specify which public key format we want back. Now it's different in iOS vs Android and we need to handle that inconsistency afterwards
157
- ? (0, ssi_sdk_ext_key_utils_1.hexStringFromUint8Array)(publicKeyBinary)
158
- : (0, ssi_sdk_ext_key_utils_1.toRawCompressedHexPublicKey)(publicKeyBinary, keyType);
227
+ const publicKeyHex = this.decodeMusapPublicKey({
228
+ publicKey: publicKey,
229
+ keyType: keyType
230
+ });
159
231
  const keyInfo = {
160
232
  kid: keyId,
161
233
  type: keyType,
@@ -169,6 +241,24 @@ class MusapKeyManagementSystem extends key_manager_1.AbstractKeyManagementSystem
169
241
  sharedSecret(args) {
170
242
  throw new Error('Not supported.');
171
243
  }
244
+ recordToKeyAttributes(record) {
245
+ if (!record) {
246
+ return [];
247
+ }
248
+ return Object.entries(record).map(([key, value]) => ({
249
+ name: key,
250
+ value,
251
+ }));
252
+ }
253
+ recordToSignatureAttributes(record) {
254
+ if (!record) {
255
+ return [];
256
+ }
257
+ return Object.entries(record).map(([key, value]) => ({
258
+ name: key,
259
+ value,
260
+ }));
261
+ }
172
262
  }
173
263
  exports.MusapKeyManagementSystem = MusapKeyManagementSystem;
174
264
  //# sourceMappingURL=MusapKeyManagerSystem.js.map
package/dist/MusapKeyManagerSystem.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"MusapKeyManagerSystem.js","sourceRoot":"","sources":["../src/MusapKeyManagerSystem.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;AAAA,6EAA8D;AAE9D,qEAaqC;AAErC,qDAAiE;AACjE,iDAA2C;AAC3C,mDAA6C;AAE7C,2EAOwC;AAE3B,QAAA,MAAM,GAAG,mBAAO,CAAC,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAA;AAElE,MAAa,wBAAyB,SAAQ,yCAA2B;IAIvE,YAAY,QAAmB;QAC7B,KAAK,EAAE,CAAA;QA6CD,8BAAyB,GAAG,CAAC,IAAc,EAAoB,EAAE;YACvE,QAAQ,IAAI,EAAE,CAAC;gBACb,KAAK,WAAW;oBACd,OAAO,WAAW,CAAA;gBACpB,KAAK,WAAW;oBACd,OAAO,WAAW,CAAA;gBACpB,KAAK,KAAK;oBACR,OAAO,OAAO,CAAA;gBAChB;oBACE,MAAM,IAAI,KAAK,CAAC,YAAY,IAAI,4BAA4B,CAAC,CAAA;YACjE,CAAC;QACH,CAAC,CAAA;QAEO,8BAAyB,GAAG,CAAC,IAAkB,EAAY,EAAE;YACnE,QAAQ,IAAI,EAAE,CAAC;gBACb,KAAK,WAAW;oBACd,OAAO,WAAW,CAAA;gBACpB,KAAK,WAAW;oBACd,OAAO,WAAW,CAAA;gBACpB,KAAK,OAAO;oBACV,OAAO,KAAK,CAAA;gBACd;oBACE,MAAM,IAAI,KAAK,CAAC,YAAY,IAAI,oBAAoB,CAAC,CAAA;YACzD,CAAC;QACH,CAAC,CAAA;QApEC,IAAI,CAAC;YACH,IAAI,CAAC,aAAa,GAAG,gCAAW,CAAA;YAChC,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAA;YAC3C,IAAI,CAAC,aAAa,CAAC,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QAC9C,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,OAAO,CAAC,KAAK,CAAC,YAAY,EAAE,CAAC,CAAC,CAAA;YAC9B,MAAM,KAAK,CAAC,mBAAmB,CAAC,CAAA;QAClC,CAAC;IACH,CAAC;IAEK,QAAQ;;YACZ,MAAM,QAAQ,GAAe,CAAC,MAAM,IAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,CAAe,CAAA;YAChF,OAAO,QAAQ,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAA;QACxD,CAAC;KAAA;IAEK,SAAS,CAAC,IAA4C;;YAC1D,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,IAAI,CAAA;YAC3B,IAAI,IAAI,KAAK,SAAS,IAAI,CAAC,CAAC,UAAU,IAAI,IAAI,CAAC,EAAE,CAAC;gBAChD,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,+CAA+C,CAAC,CAAC,CAAA;YAC/E,CAAC;YAED,MAAM,SAAS,GAAG;gBAChB,YAAY,EAAE,IAAI,CAAC,yBAAyB,CAAC,IAAI,CAAC;gBAClD,QAAQ,EAAE,UAAU,IAAI,IAAI,CAAC,CAAC,CAAE,IAAI,CAAC,QAAmB,CAAC,CAAC,CAAC,MAAM;gBACjE,QAAQ,EAAE,IAAI,CAAC,QAAkB;gBACjC,UAAU,EAAE,YAAY,IAAI,IAAI,CAAC,CAAC,CAAE,IAAI,CAAC,UAA6B,CAAC,CAAC,CAAC,EAAE;gBAC3E,IAAI,EAAE,MAAM,IAAI,IAAI,CAAC,CAAC,CAAE,IAAI,CAAC,IAAe,CAAC,CAAC,CAAC,eAAe;aAC3C,CAAA;YAErB,IAAI,CAAC;gBACH,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,IAAI,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAA;gBACtF,IAAI,eAAe,EAAE,CAAC;oBACpB,cAAM,CAAC,KAAK,CAAC,gBAAgB,EAAE,eAAe,CAAC,CAAA;oBAC/C,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,eAAe,CAAC,CAAA;oBACjE,OAAO,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,CAAA;gBACjC,CAAC;qBAAM,CAAC;oBACN,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC,CAAA;gBACxE,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,cAAM,CAAC,KAAK,CAAC,oBAAoB,EAAE,KAAK,CAAC,CAAA;gBACzC,MAAM,KAAK,CAAA;YACb,CAAC;QACH,CAAC;KAAA;IA4BK,SAAS;6DAAC,EAAE,GAAG,EAAmB;YACtC,IAAI,CAAC;gBACH,IAAI,CAAC,aAAa,CAAC,SAAS,CAAC,GAAG,CAAC,CAAA;gBACjC,OAAO,IAAI,CAAA;YACb,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,IAAI,CAAC,uBAAuB,EAAE,KAAK,CAAC,CAAA;gBAC5C,OAAO,KAAK,CAAA;YACd,CAAC;QACH,CAAC;KAAA;IAEO,kBAAkB,CAAC,iBAAqC,EAAE,YAA0B;QAC1F,IAAI,iBAAiB,KAAK,SAAS,EAAE,CAAC;YACpC,OAAO,IAAA,uDAAkC,EAAC,YAAY,CAAC,CAAA;QACzD,CAAC;QAED,IAAI,IAAA,6CAAwB,EAAC,iBAAiB,CAAC,EAAE,CAAC;YAChD,OAAO,iBAAiB,CAAA;QAC1B,CAAC;QAED,6CAA6C;QAC7C,OAAO,IAAA,uDAAkC,EAAC,iBAAiC,CAAC,CAAA;IAC9E,CAAC;IAEK,IAAI,CAAC,IAA2F;;;YACpG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;gBACjB,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAA;YACvD,CAAC;YAED,MAAM,IAAI,GAAG,IAAI,2BAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,IAAkB,CAAC,CAAA;YAE9D,MAAM,GAAG,GAAa,IAAI,CAAC,aAAa,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAa,CAAA;YAChF,MAAM,YAAY,GAAiB;gBACjC,MAAM,EAAE,GAAG,CAAC,MAAM;gBAClB,IAAI;gBACJ,SAAS,EAAE,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,SAAS,EAAE,GAAG,CAAC,SAAS,CAAC;gBACjE,WAAW,EAAE,IAAI,CAAC,WAAW;gBAC7B,OAAO,EAAE,IAAI,CAAC,OAAO;gBACrB,MAAM,EAAE,MAAC,IAAI,CAAC,MAA0B,mCAAI,KAAK;gBACjD,UAAU,EAAE,IAAI,CAAC,UAAU;aAC5B,CAAA;YACD,OAAO,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,YAAY,CAAC,CAAA;QAC9C,CAAC;KAAA;IAEK,SAAS,CAAC,IAAoE;;YAClF,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAA;QAC/E,CAAC;KAAA;IAEO,cAAc,CAAC,IAAc;QACnC,MAAM,uBAAsD,IAAI,CAAE,EAA5D,EAAE,KAAK,EAAE,SAAS,OAA0C,EAArC,QAAQ,cAA/B,sBAAiC,CAA2B,CAAA;QAClE,MAAM,OAAO,GAAG,IAAI,CAAC,yBAAyB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;QAC9D,MAAM,SAAS,GAAG,IAAA,oCAAW,EAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAA,CAAC,8DAA8D;QAChH,MAAM,eAAe,GAAG,IAAA,iCAAS,EAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAA,6CAAqB,EAAC,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACpG,MAAM,YAAY,GAAG,IAAA,gDAAwB,EAAC,eAAe,CAAC,CAAC,kNAAkN;YAC/Q,CAAC,CAAC,IAAA,+CAAuB,EAAC,eAAe,CAAC;YAC1C,CAAC,CAAC,IAAA,mDAA2B,EAAC,eAAe,EAAE,OAAO,CAAC,CAAA;QACzD,MAAM,OAAO,GAA4B;YACvC,GAAG,EAAE,KAAK;YACV,IAAI,EAAE,OAAO;YACb,YAAY;YACZ,IAAI,EAAE,QAAQ;SACf,CAAA;QAED,MAAM,aAAa,GAAG,IAAA,oDAA4B,EAAC,EAAE,GAAG,EAAE,OAAyB,EAAE,CAAC,CAAA;QACtF,OAAO,CAAC,IAAI,mCAAQ,OAAO,CAAC,IAAI,KAAE,aAAa,GAAE,CAAA;QACjD,OAAO,OAAyB,CAAA;IAClC,CAAC;IAED,YAAY,CAAC,IAAoF;QAC/F,MAAM,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAAA;IACnC,CAAC;CACF;AAlJD,4DAkJC"}
1
+ {"version":3,"file":"MusapKeyManagerSystem.js","sourceRoot":"","sources":["../src/MusapKeyManagerSystem.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;AAAA,6EAA8D;AAE9D,qEAiBqC;AACrC,qDAAiE;AACjE,iDAA2C;AAC3C,mDAA6C;AAE7C,2EAOwC;AAE3B,QAAA,MAAM,GAAG,mBAAO,CAAC,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAA;AAElE,MAAa,wBAAyB,SAAQ,yCAA2B;IAOvE,YAAY,QAAmB,EAAE,MAAe,EAAE,IAIjD;QACC,KAAK,EAAE,CAAA;QA8DD,8BAAyB,GAAG,CAAC,IAAc,EAAoB,EAAE;YACvE,QAAQ,IAAI,EAAE,CAAC;gBACb,KAAK,WAAW;oBACd,OAAO,WAAW,CAAA;gBACpB,KAAK,WAAW;oBACd,OAAO,WAAW,CAAA;gBACpB,KAAK,KAAK;oBACR,OAAO,OAAO,CAAA;gBAChB;oBACE,MAAM,IAAI,KAAK,CAAC,YAAY,IAAI,4BAA4B,CAAC,CAAA;YACjE,CAAC;QACH,CAAC,CAAA;QAEO,8BAAyB,GAAG,CAAC,IAAkB,EAAY,EAAE;YACnE,QAAQ,IAAI,EAAE,CAAC;gBACb,KAAK,WAAW;oBACd,OAAO,WAAW,CAAA;gBACpB,KAAK,WAAW;oBACd,OAAO,WAAW,CAAA;gBACpB,KAAK,aAAa;oBAChB,OAAO,SAAS,CAAA;gBAClB,KAAK,OAAO,CAAC;gBACb,KAAK,OAAO;oBACV,OAAO,KAAK,CAAA;gBACd;oBACE,MAAM,IAAI,KAAK,CAAC,YAAY,IAAI,oBAAoB,CAAC,CAAA;YACzD,CAAC;QACH,CAAC,CAAA;QA8DO,yBAAoB,GAAG,CAAC,IAAuD,EAAU,EAAE;YACjG,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,GAAG,IAAI,CAAC;YAEpC,IAAI,CAAC;gBACH,yCAAyC;gBACzC,MAAM,SAAS,GAAG,IAAA,oCAAW,EAAC,SAAS,CAAC,GAAG,CAAC,CAAA;gBAE5C,4EAA4E;gBAC5E,MAAM,eAAe,GAAG,SAAS,CAAC,MAAM,GAAG,CAAC;oBAC1C,OAAO,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,QAAQ,EAAE,KAAK,QAAQ;oBACrD,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,QAAQ,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;gBAErD,IAAI,eAAe,EAAE,CAAC;oBACpB,6BAA6B;oBAC7B,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,QAAQ,EAAE,CAAA;oBACrD,MAAM,cAAc,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAA;oBAEzD,wEAAwE;oBACxE,MAAM,YAAY,GAAG,EAAE,CAAA;oBACvB,MAAM,OAAO,GAAG,cAAc,CAAC,KAAK,CAAC,YAAY,CAAC,CAAA;oBAElD,4BAA4B;oBAC5B,IAAI,YAAY,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;oBAEvD,6FAA6F;oBAC7F,IAAI,YAAY,CAAC,MAAM,IAAI,GAAG,IAAI,CAAC,YAAY,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;wBACjE,YAAY,GAAG,IAAI,GAAG,YAAY,CAAA;oBACpC,CAAC;oBAED,qDAAqD;oBACrD,OAAO,YAAY,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,YAAY,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;wBAClE,YAAY,GAAG,YAAY,GAAG,GAAG,CAAA;oBACnC,CAAC;oBAED,6CAA6C;oBAC7C,IAAI,YAAY,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,YAAY,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;wBACjE,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,KAAK,CAAC,CAAA;wBAC5D,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,EAAE,EAAE,GAAG,CAAC,EAAE,KAAK,CAAC,CAAA;wBAC9D,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAA;wBAChE,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAA;wBACrD,OAAO,aAAa,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;oBACtC,CAAC;oBAED,OAAO,YAAY,CAAA;gBACrB,CAAC;gBAED,+CAA+C;gBAC/C,MAAM,eAAe,GAAG,IAAA,iCAAS,EAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAA,6CAAqB,EAAC,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;gBACpG,OAAO,IAAA,gDAAwB,EAAC,eAAe,CAAC;oBAC9C,CAAC,CAAC,IAAA,+CAAuB,EAAC,eAAe,CAAC;oBAC1C,CAAC,CAAC,IAAA,mDAA2B,EAAC,eAAe,EAAE,OAAO,CAAC,CAAA;YAE3D,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,IAAI,CAAC,4BAA4B,EAAE,KAAK,CAAC,CAAA;gBACjD,2CAA2C;gBAC3C,OAAO,SAAS,CAAC,GAAG,CAAA;YACtB,CAAC;QACH,CAAC,CAAA;QA/MC,IAAI,CAAC;YACH,IAAI,CAAC,WAAW,GAAG,gCAAW,CAAA;YAC9B,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAA;YAC3C,IAAI,CAAC,MAAM,GAAG,MAAM,aAAN,MAAM,cAAN,MAAM,GAAI,IAAI,CAAC,QAAQ,CAAA;YACrC,IAAI,CAAC,oBAAoB,GAAG,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,oBAAoB,CAAA;YACtD,IAAI,CAAC,qBAAqB,GAAG,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,qBAAqB,CAAA;YAExD,MAAM,YAAY,GAAG,IAAI,CAAC,WAAW,CAAC,gBAAgB,EAAE,CAAA;YACxD,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,MAAM,IAAI,MAAM,CAAC,EAAE,CAAC;gBACxD,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,MAAM,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,oBAAoB,CAAC,CAAA;YACrF,CAAC;QACH,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,OAAO,CAAC,KAAK,CAAC,YAAY,EAAE,CAAC,CAAC,CAAA;YAC9B,MAAM,KAAK,CAAC,mBAAmB,CAAC,CAAA;QAClC,CAAC;IACH,CAAC;IAEK,QAAQ;;YACZ,MAAM,QAAQ,GAAe,CAAC,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAe,CAAA;YACxE,OAAO,QAAQ,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAA;QACxD,CAAC;KAAA;IAEK,SAAS,CAAC,IAA4C;;YAC1D,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,IAAI,CAAA;YAC3B,IAAI,IAAI,KAAK,SAAS,IAAI,CAAC,CAAC,UAAU,IAAI,IAAI,CAAC,EAAE,CAAC;gBAChD,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,+CAA+C,CAAC,CAAC,CAAA;YAC/E,CAAC;YAED,IAAI,IAAI,CAAC,QAAQ,IAAI,UAAU,EAAE,CAAC;gBAChC,MAAM,YAAY,GAAe,CAAC,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAe,CAAA;gBAC5E,MAAM,MAAM,GAAG,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,QAAQ,CAAC,QAAkB,KAAK,oBAAoB,CAAC,CAAA,CAAC,+CAA+C;gBAClJ,IAAI,MAAM,EAAE,CAAC;oBACX,MAAM,CAAC,SAAS,GAAG,WAAW,CAAA,CAAC,2DAA2D;oBAC1F,OAAO,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,CAAA;gBACpC,CAAC;gBACD,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,0CAA0C,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,CAAA;YACvF,CAAC;YAED,MAAM,SAAS,GAAG;gBAChB,YAAY,EAAE,IAAI,CAAC,yBAAyB,CAAC,IAAI,CAAC;gBAClD,QAAQ,EAAE,UAAU,IAAI,IAAI,CAAC,CAAC,CAAE,IAAI,CAAC,QAAmB,CAAC,CAAC,CAAC,MAAM;gBACjE,QAAQ,EAAE,IAAI,CAAC,QAAkB;gBACjC,UAAU,EAAE,IAAI,CAAC,qBAAqB,iCAAM,IAAI,CAAC,oBAAoB,GAAK,CAAC,YAAY,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,EAAG;gBAC1H,IAAI,EAAE,MAAM,IAAI,IAAI,CAAC,CAAC,CAAE,IAAI,CAAC,IAAe,CAAC,CAAC,CAAC,eAAe;aAC3C,CAAA;YAErB,IAAI,CAAC;gBACH,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,IAAI,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAA;gBACpF,IAAI,eAAe,EAAE,CAAC;oBACpB,cAAM,CAAC,KAAK,CAAC,gBAAgB,EAAE,eAAe,CAAC,CAAA;oBAC/C,MAAM,GAAG,GAAG,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,eAAe,CAAC,CAAA;oBACzD,OAAO,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,CAAA;gBACjC,CAAC;qBAAM,CAAC;oBACN,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC,CAAA;gBACxE,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,cAAM,CAAC,KAAK,CAAC,oBAAoB,EAAE,KAAK,CAAC,CAAA;gBACzC,MAAM,KAAK,CAAA;YACb,CAAC;QACH,CAAC;KAAA;IA+BK,SAAS;6DAAC,EAAE,GAAG,EAAmB;YACpC,IAAI,CAAC;gBACH,MAAM,GAAG,GAAa,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,GAAG,CAAa,CAAA;gBAClE,IAAI,GAAG,CAAC,QAAkB,KAAK,oBAAoB,EAAE,CAAC;oBACpD,OAAO,IAAI,CAAA,CAAC,oFAAoF;gBAClG,CAAC;gBACD,KAAK,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,GAAG,CAAC,CAAA;gBACtC,OAAO,IAAI,CAAA;YACb,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,IAAI,CAAC,uBAAuB,EAAE,KAAK,CAAC,CAAA;gBAC5C,OAAO,KAAK,CAAA;YACd,CAAC;QACH,CAAC;KAAA;IAEO,kBAAkB,CAAC,iBAAqC,EAAE,YAA0B;QAC1F,IAAI,iBAAiB,KAAK,SAAS,EAAE,CAAC;YACpC,OAAO,IAAA,uDAAkC,EAAC,YAAY,CAAC,CAAA;QACzD,CAAC;QAED,IAAI,IAAA,6CAAwB,EAAC,iBAAiB,CAAC,EAAE,CAAC;YAChD,OAAO,iBAAiB,CAAA;QAC1B,CAAC;QAED,6CAA6C;QAC7C,OAAO,IAAA,uDAAkC,EAAC,iBAAiC,CAAC,CAAA;IAC9E,CAAC;IAEK,IAAI,CAAC,IAKV;;;YACC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;gBACjB,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAA;YACvD,CAAC;YAED,MAAM,IAAI,GAAG,IAAI,2BAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,IAAkB,CAAC,CAAA;YAE9D,MAAM,GAAG,GAAa,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAa,CAAA;YAC9E,IAAI,GAAG,CAAC,QAAkB,KAAK,oBAAoB,EAAE,CAAC;gBACpD,GAAG,CAAC,SAAS,GAAG,WAAW,CAAA,CAAC,2DAA2D;YACzF,CAAC;YACD,MAAM,YAAY,GAAiB;gBACjC,MAAM,EAAE,GAAG,CAAC,MAAM;gBAClB,IAAI;gBACJ,SAAS,EAAE,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,SAAS,EAAE,GAAG,CAAC,SAAS,CAAC;gBACjE,WAAW,EAAE,IAAI,CAAC,WAAW;gBAC7B,OAAO,EAAE,IAAI,CAAC,OAAO;gBACrB,MAAM,EAAE,MAAC,IAAI,CAAC,MAA0B,mCAAI,KAAK;gBACjD,UAAU,EAAE,IAAI,CAAC,2BAA2B,iCAAM,IAAI,CAAC,qBAAqB,GAAK,IAAI,CAAC,UAAU,EAAG;aACpG,CAAA;YACD,OAAO,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,YAAY,CAAC,CAAA;QAC5C,CAAC;KAAA;IAEK,SAAS,CAAC,IAAoE;;YAClF,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAA;QAC/E,CAAC;KAAA;IA8DO,cAAc,CAAC,IAAc;QACnC,MAAM,uBAAsD,IAAI,CAAE,EAA5D,EAAE,KAAK,EAAE,SAAS,OAA0C,EAArC,QAAQ,cAA/B,sBAAiC,CAA2B,CAAA;QAClE,MAAM,OAAO,GAAG,IAAI,CAAC,yBAAyB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;QAE9D,MAAM,YAAY,GAAG,IAAI,CAAC,oBAAoB,CAAC;YAC7C,SAAS,EAAE,SAAS;YACpB,OAAO,EAAE,OAAO;SACjB,CAAC,CAAA;QAEF,MAAM,OAAO,GAA4B;YACvC,GAAG,EAAE,KAAK;YACV,IAAI,EAAE,OAAO;YACb,YAAY;YACZ,IAAI,EAAE,QAAQ;SACf,CAAA;QAED,MAAM,aAAa,GAAG,IAAA,oDAA4B,EAAC,EAAE,GAAG,EAAE,OAAyB,EAAE,CAAC,CAAA;QACtF,OAAO,CAAC,IAAI,mCAAQ,OAAO,CAAC,IAAI,KAAE,aAAa,GAAE,CAAA;QACjD,OAAO,OAAyB,CAAA;IAClC,CAAC;IAED,YAAY,CAAC,IAAoF;QAC/F,MAAM,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAAA;IACnC,CAAC;IAEO,qBAAqB,CAAC,MAA+B;QAC3D,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,OAAO,EAAE,CAAA;QACX,CAAC;QACD,OAAO,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;YACnD,IAAI,EAAE,GAAG;YACT,KAAK;SACN,CAAC,CAAC,CAAA;IACL,CAAC;IAEO,2BAA2B,CAAC,MAA+B;QACjE,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,OAAO,EAAE,CAAA;QACX,CAAC;QACD,OAAO,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;YACnD,IAAI,EAAE,GAAG;YACT,KAAK;SACN,CAAC,CAAC,CAAA;IACL,CAAC;CACF;AA1QD,4DA0QC"}
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@sphereon/ssi-sdk-ext.kms-musap-rn",
3
3
  "description": "Sphereon SSI-SDK react-native plugin for management of keys with musap.",
4
- "version": "0.26.1-next.9+a173106",
4
+ "version": "0.27.1-fix.6+3d16b19",
5
5
  "source": "src/index.ts",
6
6
  "main": "dist/index.js",
7
7
  "types": "dist/index.d.ts",
@@ -10,9 +10,9 @@
10
10
  "build:clean": "tsc --build --clean && tsc --build"
11
11
  },
12
12
  "dependencies": {
13
- "@sphereon/musap-react-native": "0.0.1-next.154",
14
- "@sphereon/ssi-sdk-ext.key-utils": "0.26.1-next.9+a173106",
15
- "@sphereon/ssi-sdk-ext.x509-utils": "0.26.1-next.9+a173106",
13
+ "@sphereon/musap-react-native": "0.2.1-next.170",
14
+ "@sphereon/ssi-sdk-ext.key-utils": "0.27.1-fix.6+3d16b19",
15
+ "@sphereon/ssi-sdk-ext.x509-utils": "0.27.1-fix.6+3d16b19",
16
16
  "@sphereon/ssi-types": "0.30.2-feature.SDK.41.oidf.support.286",
17
17
  "@veramo/core": "4.2.0",
18
18
  "@veramo/key-manager": "4.2.0",
@@ -41,5 +41,5 @@
41
41
  "react-native",
42
42
  "Veramo"
43
43
  ],
44
- "gitHead": "a173106e58c2e78b94a35f02be00aee1fea14b74"
44
+ "gitHead": "3d16b1912900bc3c3c50941d0bd3d930fdb8421a"
45
45
  }
package/src/MusapKeyManagerSystem.ts CHANGED
@@ -1,20 +1,23 @@
1
1
  import { PEMToBinary } from '@sphereon/ssi-sdk-ext.x509-utils'
2
2
  import { IKey, ManagedKeyInfo, MinimalImportableKey, TKeyType } from '@veramo/core'
3
3
  import {
4
+ ExternalSscdSettings,
5
+ IMusapClient,
4
6
  isSignatureAlgorithmType,
5
7
  JWSAlgorithm,
6
8
  KeyAlgorithm,
7
9
  KeyAlgorithmType,
10
+ KeyAttribute,
8
11
  KeyGenReq,
12
+ MusapClient,
9
13
  MusapKey,
10
- MusapModule,
11
- MusapModuleType,
12
14
  signatureAlgorithmFromKeyAlgorithm,
13
15
  SignatureAlgorithmType,
16
+ SignatureAttribute,
14
17
  SignatureFormat,
15
18
  SignatureReq,
19
+ SscdType,
16
20
  } from '@sphereon/musap-react-native'
17
- import { KeyAttribute, SscdType } from '@sphereon/musap-react-native'
18
21
  import { AbstractKeyManagementSystem } from '@veramo/key-manager'
19
22
  import { TextDecoder } from 'text-encoding'
20
23
  import { Loggers } from '@sphereon/ssi-types'
@@ -31,15 +34,29 @@ import {
31
34
  export const logger = Loggers.DEFAULT.get('sphereon:musap-rn-kms')
32
35
 
33
36
  export class MusapKeyManagementSystem extends AbstractKeyManagementSystem {
34
- private musapKeyStore: MusapModuleType
35
- private sscdType: SscdType
37
+ private musapClient: IMusapClient
38
+ private readonly sscdType: SscdType
39
+ private readonly sscdId: string
40
+ private readonly defaultKeyAttributes: Record<string, string> | undefined
41
+ private readonly defaultSignAttributes: Record<string, string> | undefined
36
42
 
37
- constructor(sscdType?: SscdType) {
43
+ constructor(sscdType?: SscdType, sscdId?: string, opts?: {
44
+ externalSscdSettings?: ExternalSscdSettings,
45
+ defaultKeyAttributes?: Record<string, string>,
46
+ defaultSignAttributes?: Record<string, string>
47
+ }) {
38
48
  super()
39
49
  try {
40
- this.musapKeyStore = MusapModule
50
+ this.musapClient = MusapClient
41
51
  this.sscdType = sscdType ? sscdType : 'TEE'
42
- this.musapKeyStore.enableSscd(this.sscdType)
52
+ this.sscdId = sscdId ?? this.sscdType
53
+ this.defaultKeyAttributes = opts?.defaultKeyAttributes
54
+ this.defaultSignAttributes = opts?.defaultSignAttributes
55
+
56
+ const enabledSscds = this.musapClient.listEnabledSscds()
57
+ if (!enabledSscds.some(value => value.sscdId == sscdId)) {
58
+ this.musapClient.enableSscd(this.sscdType, this.sscdId, opts?.externalSscdSettings)
59
+ }
43
60
  } catch (e) {
44
61
  console.error('enableSscd', e)
45
62
  throw Error('enableSscd failed')
@@ -47,7 +64,7 @@ export class MusapKeyManagementSystem extends AbstractKeyManagementSystem {
47
64
  }
48
65
 
49
66
  async listKeys(): Promise<ManagedKeyInfo[]> {
50
- const keysJson: MusapKey[] = (await this.musapKeyStore.listKeys()) as MusapKey[]
67
+ const keysJson: MusapKey[] = (this.musapClient.listKeys()) as MusapKey[]
51
68
  return keysJson.map((key) => this.asMusapKeyInfo(key))
52
69
  }
53
70
 
@@ -57,19 +74,29 @@ export class MusapKeyManagementSystem extends AbstractKeyManagementSystem {
57
74
  return Promise.reject(Error('a unique keyAlias field is required for MUSAP'))
58
75
  }
59
76
 
77
+ if (this.sscdType == 'EXTERNAL') {
78
+ const existingKeys: MusapKey[] = (this.musapClient.listKeys()) as MusapKey[]
79
+ const extKey = existingKeys.find(musapKey => musapKey.sscdType as string === 'External Signature') // FIXME returning does not match SscdType enum
80
+ if (extKey) {
81
+ extKey.algorithm = 'eccp256r1' // FIXME MUSAP announces key as rsa2k, but it's actually EC
82
+ return this.asMusapKeyInfo(extKey)
83
+ }
84
+ return Promise.reject(Error(`No external key was bound yet for sscd ${this.sscdId}`))
85
+ }
86
+
60
87
  const keyGenReq = {
61
88
  keyAlgorithm: this.mapKeyTypeToAlgorithmType(type),
62
89
  keyUsage: 'keyUsage' in meta ? (meta.keyUsage as string) : 'sign',
63
90
  keyAlias: meta.keyAlias as string,
64
- attributes: 'attributes' in meta ? (meta.attributes as KeyAttribute[]) : [],
91
+ attributes: this.recordToKeyAttributes({ ...this.defaultKeyAttributes, ...('attributes' in meta ? meta.attributes : {}) }),
65
92
  role: 'role' in meta ? (meta.role as string) : 'administrator',
66
93
  } satisfies KeyGenReq
67
94
 
68
95
  try {
69
- const generatedKeyUri = await this.musapKeyStore.generateKey(this.sscdType, keyGenReq)
96
+ const generatedKeyUri = await this.musapClient.generateKey(this.sscdType, keyGenReq)
70
97
  if (generatedKeyUri) {
71
98
  logger.debug('Generated key:', generatedKeyUri)
72
- const key = await this.musapKeyStore.getKeyByUri(generatedKeyUri)
99
+ const key = this.musapClient.getKeyByUri(generatedKeyUri)
73
100
  return this.asMusapKeyInfo(key)
74
101
  } else {
75
102
  return Promise.reject(new Error('Failed to generate key. No key URI'))
@@ -99,6 +126,9 @@ export class MusapKeyManagementSystem extends AbstractKeyManagementSystem {
99
126
  return 'Secp256k1'
100
127
  case 'eccp256r1':
101
128
  return 'Secp256r1'
129
+ case 'ecc_ed25519':
130
+ return 'Ed25519'
131
+ case 'rsa2k':
102
132
  case 'rsa4k':
103
133
  return 'RSA'
104
134
  default:
@@ -107,8 +137,12 @@ export class MusapKeyManagementSystem extends AbstractKeyManagementSystem {
107
137
  }
108
138
 
109
139
  async deleteKey({ kid }: { kid: string }): Promise<boolean> {
110
- try {
111
- this.musapKeyStore.removeKey(kid)
140
+ try {
141
+ const key: MusapKey = this.musapClient.getKeyById(kid) as MusapKey
142
+ if (key.sscdType as string === 'External Signature') {
143
+ return true // FIXME we can't remove a eSim key for now because this would mean onboarding again
144
+ }
145
+ void this.musapClient.removeKey(kid)
112
146
  return true
113
147
  } catch (error) {
114
148
  console.warn('Failed to delete key:', error)
@@ -129,14 +163,22 @@ export class MusapKeyManagementSystem extends AbstractKeyManagementSystem {
129
163
  return signatureAlgorithmFromKeyAlgorithm(providedAlgorithm as JWSAlgorithm)
130
164
  }
131
165
 
132
- async sign(args: { keyRef: Pick<IKey, 'kid'>; algorithm?: string; data: Uint8Array; [x: string]: any }): Promise<string> {
166
+ async sign(args: {
167
+ keyRef: Pick<IKey, 'kid'>;
168
+ algorithm?: string;
169
+ data: Uint8Array;
170
+ [x: string]: any
171
+ }): Promise<string> {
133
172
  if (!args.keyRef) {
134
173
  throw new Error('key_not_found: No key ref provided')
135
174
  }
136
175
 
137
176
  const data = new TextDecoder().decode(args.data as Uint8Array)
138
177
 
139
- const key: MusapKey = this.musapKeyStore.getKeyById(args.keyRef.kid) as MusapKey
178
+ const key: MusapKey = this.musapClient.getKeyById(args.keyRef.kid) as MusapKey
179
+ if (key.sscdType as string === 'External Signature') {
180
+ key.algorithm = 'eccp256r1' // FIXME MUSAP announces key as rsa2k, but it's actually EC
181
+ }
140
182
  const signatureReq: SignatureReq = {
141
183
  keyUri: key.keyUri,
142
184
  data,
@@ -144,23 +186,84 @@ export class MusapKeyManagementSystem extends AbstractKeyManagementSystem {
144
186
  displayText: args.displayText,
145
187
  transId: args.transId,
146
188
  format: (args.format as SignatureFormat) ?? 'RAW',
147
- attributes: args.attributes,
189
+ attributes: this.recordToSignatureAttributes({ ...this.defaultSignAttributes, ...args.attributes }),
148
190
  }
149
- return this.musapKeyStore.sign(signatureReq)
191
+ return this.musapClient.sign(signatureReq)
150
192
  }
151
193
 
152
194
  async importKey(args: Omit<MinimalImportableKey, 'kms'> & { privateKeyPEM?: string }): Promise<ManagedKeyInfo> {
153
195
  throw new Error('importKey is not implemented for MusapKeyManagementSystem.')
154
196
  }
155
197
 
198
+
199
+ private decodeMusapPublicKey = (args: { publicKey: { pem: string }, keyType: TKeyType }): string => {
200
+ const { publicKey, keyType } = args;
201
+
202
+ try {
203
+ // First try the normal PEM decoding path
204
+ const pemBinary = PEMToBinary(publicKey.pem)
205
+
206
+ // Check if we got a string that looks like base64 (might be double encoded)
207
+ const isDoubleEncoded = pemBinary.length > 0 &&
208
+ typeof Buffer.from(pemBinary).toString() === 'string' &&
209
+ Buffer.from(pemBinary).toString().startsWith('MF');
210
+
211
+ if (isDoubleEncoded) {
212
+ // Handle double-encoded case
213
+ const innerBase64 = Buffer.from(pemBinary).toString()
214
+ const actualDerBytes = Buffer.from(innerBase64, 'base64')
215
+
216
+ // For double-encoded case, we know the key data starts after the header
217
+ const keyDataStart = 24
218
+ const keyData = actualDerBytes.slice(keyDataStart)
219
+
220
+ // Convert to public key hex
221
+ let publicKeyHex = Buffer.from(keyData).toString('hex')
222
+
223
+ // If it's not compressed yet and doesn't start with 0x04 (uncompressed point marker), add it
224
+ if (publicKeyHex.length <= 128 && !publicKeyHex.startsWith('04')) {
225
+ publicKeyHex = '04' + publicKeyHex
226
+ }
227
+
228
+ // Ensure we have full 65 bytes for uncompressed keys
229
+ while (publicKeyHex.startsWith('04') && publicKeyHex.length < 130) {
230
+ publicKeyHex = publicKeyHex + '0'
231
+ }
232
+
233
+ // Now convert to compressed format if needed
234
+ if (publicKeyHex.startsWith('04') && publicKeyHex.length === 130) {
235
+ const xCoord = Buffer.from(publicKeyHex.slice(2, 66), 'hex')
236
+ const yCoord = Buffer.from(publicKeyHex.slice(66, 130), 'hex')
237
+ const prefix = Buffer.from([yCoord[31] % 2 === 0 ? 0x02 : 0x03])
238
+ const compressedKey = Buffer.concat([prefix, xCoord])
239
+ return compressedKey.toString('hex')
240
+ }
241
+
242
+ return publicKeyHex
243
+ }
244
+
245
+ // Not double encoded, proceed with normal path
246
+ const publicKeyBinary = isAsn1Der(pemBinary) ? asn1DerToRawPublicKey(pemBinary, keyType) : pemBinary
247
+ return isRawCompressedPublicKey(publicKeyBinary)
248
+ ? hexStringFromUint8Array(publicKeyBinary)
249
+ : toRawCompressedHexPublicKey(publicKeyBinary, keyType)
250
+
251
+ } catch (error) {
252
+ console.warn('Error decoding public key:', error)
253
+ // If all else fails, try direct conversion
254
+ return publicKey.pem
255
+ }
256
+ }
257
+
156
258
  private asMusapKeyInfo(args: MusapKey): ManagedKeyInfo {
157
259
  const { keyId, publicKey, ...metadata }: KeyMetadata = { ...args }
158
260
  const keyType = this.mapAlgorithmTypeToKeyType(args.algorithm)
159
- const pemBinary = PEMToBinary(args.publicKey.pem) // The der is flawed, it's not binary but a string [123, 4567]
160
- const publicKeyBinary = isAsn1Der(pemBinary) ? asn1DerToRawPublicKey(pemBinary, keyType) : pemBinary
161
- const publicKeyHex = isRawCompressedPublicKey(publicKeyBinary) // TODO In the future I think it's better to have an option in KeyGenReq to specify which public key format we want back. Now it's different in iOS vs Android and we need to handle that inconsistency afterwards
162
- ? hexStringFromUint8Array(publicKeyBinary)
163
- : toRawCompressedHexPublicKey(publicKeyBinary, keyType)
261
+
262
+ const publicKeyHex = this.decodeMusapPublicKey({
263
+ publicKey: publicKey,
264
+ keyType: keyType
265
+ })
266
+
164
267
  const keyInfo: Partial<ManagedKeyInfo> = {
165
268
  kid: keyId,
166
269
  type: keyType,
@@ -176,4 +279,24 @@ export class MusapKeyManagementSystem extends AbstractKeyManagementSystem {
176
279
  sharedSecret(args: { myKeyRef: Pick<IKey, 'kid'>; theirKey: Pick<IKey, 'publicKeyHex' | 'type'> }): Promise<string> {
177
280
  throw new Error('Not supported.')
178
281
  }
282
+
283
+ private recordToKeyAttributes(record?: Record<string, string>): KeyAttribute[] {
284
+ if (!record) {
285
+ return []
286
+ }
287
+ return Object.entries(record).map(([key, value]) => ({
288
+ name: key,
289
+ value,
290
+ }))
291
+ }
292
+
293
+ private recordToSignatureAttributes(record?: Record<string, string>): SignatureAttribute[] {
294
+ if (!record) {
295
+ return []
296
+ }
297
+ return Object.entries(record).map(([key, value]) => ({
298
+ name: key,
299
+ value,
300
+ }))
301
+ }
179
302
  }