@sphereon/ssi-sdk.kms-rest-client 0.34.1-feature.IDK.11.49 → 0.34.1-feature.IDK.11.50

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. package/dist/index.cjs +914 -924
  2. package/dist/index.cjs.map +1 -1
  3. package/dist/index.d.cts +1126 -6
  4. package/dist/index.d.ts +1126 -6
  5. package/dist/index.js +907 -918
  6. package/dist/index.js.map +1 -1
  7. package/package.json +3 -3
  8. package/src/agent/KmsRestClient.ts +4 -4
  9. package/src/index.ts +1 -1
package/dist/index.cjs CHANGED
@@ -4,9 +4,6 @@ var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
4
4
  var __getOwnPropNames = Object.getOwnPropertyNames;
5
5
  var __hasOwnProp = Object.prototype.hasOwnProperty;
6
6
  var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
7
- var __commonJS = (cb, mod) => function __require() {
8
- return mod || (0, cb[__getOwnPropNames(cb)[0]])((mod = { exports: {} }).exports, mod), mod.exports;
9
- };
10
7
  var __export = (target, all) => {
11
8
  for (var name in all)
12
9
  __defProp(target, name, { get: all[name], enumerable: true });
@@ -21,1023 +18,1019 @@ var __copyProps = (to, from, except, desc) => {
21
18
  };
22
19
  var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
23
20
 
21
+ // src/index.ts
22
+ var index_exports = {};
23
+ __export(index_exports, {
24
+ KmsRestClient: () => KmsRestClient,
25
+ schema: () => plugin_schema_default
26
+ });
27
+ module.exports = __toCommonJS(index_exports);
28
+
24
29
  // plugin.schema.json
25
- var require_plugin_schema = __commonJS({
26
- "plugin.schema.json"(exports, module2) {
27
- module2.exports = {
28
- IKmsRestClient: {
29
- components: {
30
- schemas: {
31
- KmsCreateRawSignatureArgs: {
32
- type: "object",
33
- additionalProperties: false,
34
- properties: {
35
- keyInfo: {
36
- $ref: "#/components/schemas/KeyInfo"
37
- },
38
- input: {
39
- type: "string"
40
- },
41
- baseUrl: {
42
- type: "string"
43
- }
30
+ var plugin_schema_default = {
31
+ IKmsRestClient: {
32
+ components: {
33
+ schemas: {
34
+ KmsCreateRawSignatureArgs: {
35
+ type: "object",
36
+ additionalProperties: false,
37
+ properties: {
38
+ keyInfo: {
39
+ $ref: "#/components/schemas/KeyInfo"
40
+ },
41
+ input: {
42
+ type: "string"
43
+ },
44
+ baseUrl: {
45
+ type: "string"
46
+ }
47
+ },
48
+ required: ["input", "keyInfo"]
49
+ },
50
+ KeyInfo: {
51
+ type: "object",
52
+ properties: {
53
+ kid: {
54
+ type: "string",
55
+ description: "Unique identifier for the cryptographic key. Can be null if the key identifier is not provided."
56
+ },
57
+ key: {
58
+ $ref: "#/components/schemas/Jwk"
59
+ },
60
+ signatureAlgorithm: {
61
+ $ref: "#/components/schemas/SignatureAlgorithm"
62
+ },
63
+ keyVisibility: {
64
+ $ref: "#/components/schemas/KeyVisibility"
65
+ },
66
+ x5c: {
67
+ type: "array",
68
+ items: {
69
+ type: "string"
44
70
  },
45
- required: ["input", "keyInfo"]
71
+ description: "X.509 certificate chain associated with the key."
46
72
  },
47
- KeyInfo: {
73
+ alias: {
74
+ type: "string",
75
+ description: "A reference or alias to the key in the Key Management Service (KMS)."
76
+ },
77
+ providerId: {
78
+ type: "string",
79
+ description: "The Key Management System (KMS) identifier associated with the key."
80
+ },
81
+ keyType: {
82
+ $ref: "#/components/schemas/KeyType"
83
+ },
84
+ keyEncoding: {
85
+ $ref: "#/components/schemas/KeyEncoding"
86
+ },
87
+ opts: {
48
88
  type: "object",
49
- properties: {
50
- kid: {
51
- type: "string",
52
- description: "Unique identifier for the cryptographic key. Can be null if the key identifier is not provided."
53
- },
54
- key: {
55
- $ref: "#/components/schemas/Jwk"
56
- },
57
- signatureAlgorithm: {
58
- $ref: "#/components/schemas/SignatureAlgorithm"
59
- },
60
- keyVisibility: {
61
- $ref: "#/components/schemas/KeyVisibility"
62
- },
63
- x5c: {
64
- type: "array",
65
- items: {
66
- type: "string"
67
- },
68
- description: "X.509 certificate chain associated with the key."
69
- },
70
- alias: {
71
- type: "string",
72
- description: "A reference or alias to the key in the Key Management Service (KMS)."
73
- },
74
- providerId: {
75
- type: "string",
76
- description: "The Key Management System (KMS) identifier associated with the key."
77
- },
78
- keyType: {
79
- $ref: "#/components/schemas/KeyType"
80
- },
81
- keyEncoding: {
82
- $ref: "#/components/schemas/KeyEncoding"
83
- },
84
- opts: {
85
- type: "object",
86
- additionalProperties: {
87
- type: "string"
88
- },
89
- description: "Additional configuration options as key-value pairs."
90
- }
89
+ additionalProperties: {
90
+ type: "string"
91
91
  },
92
- additionalProperties: false,
93
- description: "Information about a cryptographic key, providing metadata and configuration details necessary for cryptographic operations."
92
+ description: "Additional configuration options as key-value pairs."
93
+ }
94
+ },
95
+ additionalProperties: false,
96
+ description: "Information about a cryptographic key, providing metadata and configuration details necessary for cryptographic operations."
97
+ },
98
+ Jwk: {
99
+ type: "object",
100
+ properties: {
101
+ kty: {
102
+ $ref: "#/components/schemas/JwkKeyType"
94
103
  },
95
- Jwk: {
96
- type: "object",
97
- properties: {
98
- kty: {
99
- $ref: "#/components/schemas/JwkKeyType"
100
- },
101
- kid: {
102
- type: "string",
103
- description: "Key identifier used to uniquely identify the key."
104
- },
105
- alg: {
106
- type: "string",
107
- description: "The algorithm intended for use with the key (JWA algorithm name)."
108
- },
109
- use: {
110
- $ref: "#/components/schemas/JwkUse"
111
- },
112
- keyOps: {
113
- type: "array",
114
- items: {
115
- $ref: "#/components/schemas/KeyOperations"
116
- },
117
- description: "The allowed cryptographic operations for the key."
118
- },
119
- crv: {
120
- $ref: "#/components/schemas/Curve"
121
- },
122
- x: {
123
- type: "string",
124
- description: "The x coordinate for elliptic curve keys (base64url-encoded)."
125
- },
126
- y: {
127
- type: "string",
128
- description: "The y coordinate for elliptic curve keys (base64url-encoded)."
129
- },
130
- d: {
131
- type: "string",
132
- description: "The private key parameter (base64url-encoded)."
133
- },
134
- n: {
135
- type: "string",
136
- description: "The modulus value for RSA keys (base64url-encoded)."
137
- },
138
- e: {
139
- type: "string",
140
- description: "The public exponent for RSA keys (base64url-encoded)."
141
- },
142
- p: {
143
- type: "string",
144
- description: "The first prime factor for RSA private keys (base64url-encoded)."
145
- },
146
- q: {
147
- type: "string",
148
- description: "The second prime factor for RSA private keys (base64url-encoded)."
149
- },
150
- dp: {
151
- type: "string",
152
- description: "The first factor CRT exponent for RSA private keys (base64url-encoded)."
153
- },
154
- dq: {
155
- type: "string",
156
- description: "The second factor CRT exponent for RSA private keys (base64url-encoded)."
157
- },
158
- qi: {
159
- type: "string",
160
- description: "The first CRT coefficient for RSA private keys (base64url-encoded)."
161
- },
162
- k: {
163
- type: "string",
164
- description: "The symmetric key value (base64url-encoded)."
165
- },
166
- x5c: {
167
- type: "array",
168
- items: {
169
- type: "string"
170
- },
171
- description: "X.509 certificate chain as base64-encoded DER certificates."
172
- },
173
- x5t: {
174
- type: "string",
175
- description: "X.509 certificate SHA-1 thumbprint (base64url-encoded)."
176
- },
177
- x5u: {
178
- type: "string",
179
- description: "URL pointing to X.509 certificate or certificate chain."
180
- },
181
- x5tS256: {
182
- type: "string",
183
- description: "X.509 certificate SHA-256 thumbprint (base64url-encoded)."
184
- }
104
+ kid: {
105
+ type: "string",
106
+ description: "Key identifier used to uniquely identify the key."
107
+ },
108
+ alg: {
109
+ type: "string",
110
+ description: "The algorithm intended for use with the key (JWA algorithm name)."
111
+ },
112
+ use: {
113
+ $ref: "#/components/schemas/JwkUse"
114
+ },
115
+ keyOps: {
116
+ type: "array",
117
+ items: {
118
+ $ref: "#/components/schemas/KeyOperations"
185
119
  },
186
- required: ["kty"],
187
- additionalProperties: false,
188
- description: "Represents a JSON Web Key (JWK) as defined by the JSON Web Key specification."
120
+ description: "The allowed cryptographic operations for the key."
121
+ },
122
+ crv: {
123
+ $ref: "#/components/schemas/Curve"
189
124
  },
190
- JwkKeyType: {
125
+ x: {
191
126
  type: "string",
192
- enum: ["EC", "RSA", "OKP", "oct"],
193
- description: "JSON Web Key (JWK) key type parameter identifying the cryptographic algorithm family."
127
+ description: "The x coordinate for elliptic curve keys (base64url-encoded)."
194
128
  },
195
- JwkUse: {
129
+ y: {
196
130
  type: "string",
197
- enum: ["sig", "enc"],
198
- description: "Intended use of the key (signing or encryption)."
131
+ description: "The y coordinate for elliptic curve keys (base64url-encoded)."
199
132
  },
200
- KeyOperations: {
133
+ d: {
201
134
  type: "string",
202
- enum: ["sign", "verify", "encrypt", "decrypt", "wrapKey", "unwrapKey", "deriveKey", "deriveBits"],
203
- description: "Specific operations the key is intended for."
135
+ description: "The private key parameter (base64url-encoded)."
204
136
  },
205
- Curve: {
137
+ n: {
206
138
  type: "string",
207
- enum: ["P-256", "P-384", "P-521", "secp256k1", "Ed25519", "Ed448", "X25519", "X448"],
208
- description: "Elliptic curve identifier."
139
+ description: "The modulus value for RSA keys (base64url-encoded)."
209
140
  },
210
- SignatureAlgorithm: {
141
+ e: {
211
142
  type: "string",
212
- enum: [
213
- "ED25519",
214
- "ECDSA_SHA256",
215
- "ECDSA_SHA384",
216
- "ECDSA_SHA512",
217
- "ES256K",
218
- "ECKA_DH_SHA256",
219
- "HMAC_SHA256",
220
- "HMAC_SHA384",
221
- "HMAC_SHA512",
222
- "RSA_SSA_PSS_SHA256_MGF1",
223
- "RSA_SSA_PSS_SHA384_MGF1",
224
- "RSA_SSA_PSS_SHA512_MGF1"
225
- ],
226
- description: "Cryptographic signature algorithm identifier."
227
- },
228
- KeyVisibility: {
143
+ description: "The public exponent for RSA keys (base64url-encoded)."
144
+ },
145
+ p: {
229
146
  type: "string",
230
- enum: ["PUBLIC", "PRIVATE"],
231
- description: "Indicates the visibility status of a cryptographic key."
147
+ description: "The first prime factor for RSA private keys (base64url-encoded)."
232
148
  },
233
- KeyType: {
149
+ q: {
234
150
  type: "string",
235
- enum: ["OKP", "EC", "RSA"],
236
- description: "Cryptographic key type identifier."
151
+ description: "The second prime factor for RSA private keys (base64url-encoded)."
237
152
  },
238
- KeyEncoding: {
153
+ dp: {
239
154
  type: "string",
240
- enum: ["COSE", "JOSE"],
241
- description: "The encoding format of the cryptographic key."
155
+ description: "The first factor CRT exponent for RSA private keys (base64url-encoded)."
242
156
  },
243
- CreateRawSignatureResponse: {
244
- type: "object",
245
- properties: {
246
- signature: {
247
- type: "string",
248
- description: "The created signature encoded as a base64 string."
249
- }
250
- },
251
- required: ["signature"],
252
- additionalProperties: false,
253
- description: "Response body containing the created signature."
157
+ dq: {
158
+ type: "string",
159
+ description: "The second factor CRT exponent for RSA private keys (base64url-encoded)."
254
160
  },
255
- KmsDeleteKeyArgs: {
256
- type: "object",
257
- properties: {
258
- baseUrl: {
259
- type: "string"
260
- },
261
- aliasOrKid: {
262
- type: "string"
263
- }
264
- },
265
- additionalProperties: false
161
+ qi: {
162
+ type: "string",
163
+ description: "The first CRT coefficient for RSA private keys (base64url-encoded)."
266
164
  },
267
- KmsGenerateKeyArgs: {
268
- type: "object",
269
- additionalProperties: false,
270
- properties: {
271
- alias: {
272
- type: "string",
273
- description: "Alias for the generated key."
274
- },
275
- use: {
276
- $ref: "#/components/schemas/JwkUse"
277
- },
278
- keyOperations: {
279
- type: "array",
280
- items: {
281
- $ref: "#/components/schemas/KeyOperations"
282
- }
283
- },
284
- alg: {
285
- $ref: "#/components/schemas/SignatureAlgorithm"
286
- },
287
- providerId: {
288
- type: "string",
289
- description: "Optional provider ID. If not specified, the default provider will be used."
290
- },
291
- baseUrl: {
292
- type: "string"
293
- }
294
- }
165
+ k: {
166
+ type: "string",
167
+ description: "The symmetric key value (base64url-encoded)."
295
168
  },
296
- ManagedKeyPair: {
297
- type: "object",
298
- properties: {
299
- kid: {
300
- type: "string",
301
- description: "Key identifier, may be null."
302
- },
303
- providerId: {
304
- type: "string",
305
- description: "Key Management System identifier."
306
- },
307
- alias: {
308
- type: "string",
309
- description: "Reference to the key in the KMS."
310
- },
311
- cose: {
312
- $ref: "#/components/schemas/CoseKeyPair"
313
- },
314
- jose: {
315
- $ref: "#/components/schemas/JoseKeyPair"
316
- }
169
+ x5c: {
170
+ type: "array",
171
+ items: {
172
+ type: "string"
317
173
  },
318
- required: ["providerId", "alias", "cose", "jose"],
319
- additionalProperties: false,
320
- description: "Represents a key pair used by a crypto provider, encapsulating both JOSE and COSE key pairs."
174
+ description: "X.509 certificate chain as base64-encoded DER certificates."
321
175
  },
322
- CoseKeyPair: {
323
- type: "object",
324
- properties: {
325
- privateCoseKey: {
326
- $ref: "#/components/schemas/CoseKey"
327
- },
328
- publicCoseKey: {
329
- $ref: "#/components/schemas/CoseKey"
330
- }
331
- },
332
- required: ["publicCoseKey"],
333
- additionalProperties: false,
334
- description: "Represents a cryptographic key pair for COSE (CBOR Object Signing and Encryption) operations."
176
+ x5t: {
177
+ type: "string",
178
+ description: "X.509 certificate SHA-1 thumbprint (base64url-encoded)."
335
179
  },
336
- CoseKey: {
337
- type: "object",
338
- properties: {
339
- kty: {
340
- $ref: "#/components/schemas/CoseKeyType"
341
- },
342
- kid: {
343
- type: "string",
344
- description: "Key identifier (base64url-encoded byte string)."
345
- },
346
- alg: {
347
- type: "number",
348
- description: "The COSE algorithm identifier (e.g., -7=ES256, -35=ES384, -36=ES512, -8=EdDSA)."
349
- },
350
- keyOps: {
351
- type: "array",
352
- items: {
353
- type: "number"
354
- },
355
- description: "The allowed COSE key operations (1=sign, 2=verify, 3=encrypt, 4=decrypt, etc.)."
356
- },
357
- baseIV: {
358
- type: "string",
359
- description: "Base initialization vector (base64url-encoded)."
360
- },
361
- crv: {
362
- type: "number",
363
- description: "The COSE curve identifier (1=P-256, 2=P-384, 3=P-521, 8=secp256k1, 6=Ed25519, etc.)."
364
- },
365
- x: {
366
- type: "string",
367
- description: "The x coordinate (base64url-encoded byte string)."
368
- },
369
- y: {
370
- type: "string",
371
- description: "The y coordinate (base64url-encoded byte string)."
372
- },
373
- d: {
374
- type: "string",
375
- description: "The private key parameter (base64url-encoded byte string)."
376
- },
377
- x5chain: {
378
- type: "array",
379
- items: {
380
- type: "string"
381
- },
382
- description: "X.509 certificate chain as base64-encoded certificates."
383
- }
384
- },
385
- required: ["kty"],
386
- additionalProperties: false,
387
- description: "Represents a COSE (CBOR Object Signing and Encryption) key in JSON format."
180
+ x5u: {
181
+ type: "string",
182
+ description: "URL pointing to X.509 certificate or certificate chain."
388
183
  },
389
- CoseKeyType: {
390
- type: "number",
391
- enum: [1, 2, 3, 4],
392
- description: "COSE key type parameter. 1=OKP (Octet Key Pair), 2=EC2 (Elliptic Curve), 3=RSA, 4=Symmetric."
184
+ x5tS256: {
185
+ type: "string",
186
+ description: "X.509 certificate SHA-256 thumbprint (base64url-encoded)."
187
+ }
188
+ },
189
+ required: ["kty"],
190
+ additionalProperties: false,
191
+ description: "Represents a JSON Web Key (JWK) as defined by the JSON Web Key specification."
192
+ },
193
+ JwkKeyType: {
194
+ type: "string",
195
+ enum: ["EC", "RSA", "OKP", "oct"],
196
+ description: "JSON Web Key (JWK) key type parameter identifying the cryptographic algorithm family."
197
+ },
198
+ JwkUse: {
199
+ type: "string",
200
+ enum: ["sig", "enc"],
201
+ description: "Intended use of the key (signing or encryption)."
202
+ },
203
+ KeyOperations: {
204
+ type: "string",
205
+ enum: ["sign", "verify", "encrypt", "decrypt", "wrapKey", "unwrapKey", "deriveKey", "deriveBits"],
206
+ description: "Specific operations the key is intended for."
207
+ },
208
+ Curve: {
209
+ type: "string",
210
+ enum: ["P-256", "P-384", "P-521", "secp256k1", "Ed25519", "Ed448", "X25519", "X448"],
211
+ description: "Elliptic curve identifier."
212
+ },
213
+ SignatureAlgorithm: {
214
+ type: "string",
215
+ enum: [
216
+ "ED25519",
217
+ "ECDSA_SHA256",
218
+ "ECDSA_SHA384",
219
+ "ECDSA_SHA512",
220
+ "ES256K",
221
+ "ECKA_DH_SHA256",
222
+ "HMAC_SHA256",
223
+ "HMAC_SHA384",
224
+ "HMAC_SHA512",
225
+ "RSA_SSA_PSS_SHA256_MGF1",
226
+ "RSA_SSA_PSS_SHA384_MGF1",
227
+ "RSA_SSA_PSS_SHA512_MGF1"
228
+ ],
229
+ description: "Cryptographic signature algorithm identifier."
230
+ },
231
+ KeyVisibility: {
232
+ type: "string",
233
+ enum: ["PUBLIC", "PRIVATE"],
234
+ description: "Indicates the visibility status of a cryptographic key."
235
+ },
236
+ KeyType: {
237
+ type: "string",
238
+ enum: ["OKP", "EC", "RSA"],
239
+ description: "Cryptographic key type identifier."
240
+ },
241
+ KeyEncoding: {
242
+ type: "string",
243
+ enum: ["COSE", "JOSE"],
244
+ description: "The encoding format of the cryptographic key."
245
+ },
246
+ CreateRawSignatureResponse: {
247
+ type: "object",
248
+ properties: {
249
+ signature: {
250
+ type: "string",
251
+ description: "The created signature encoded as a base64 string."
252
+ }
253
+ },
254
+ required: ["signature"],
255
+ additionalProperties: false,
256
+ description: "Response body containing the created signature."
257
+ },
258
+ KmsDeleteKeyArgs: {
259
+ type: "object",
260
+ properties: {
261
+ baseUrl: {
262
+ type: "string"
393
263
  },
394
- JoseKeyPair: {
395
- type: "object",
396
- properties: {
397
- privateJwk: {
398
- $ref: "#/components/schemas/Jwk"
399
- },
400
- publicJwk: {
401
- $ref: "#/components/schemas/Jwk"
402
- }
403
- },
404
- required: ["publicJwk"],
405
- additionalProperties: false,
406
- description: "Data class representing a cryptographic key pair used with JOSE (JSON Object Signing and Encryption)."
264
+ aliasOrKid: {
265
+ type: "string"
266
+ }
267
+ },
268
+ additionalProperties: false
269
+ },
270
+ KmsGenerateKeyArgs: {
271
+ type: "object",
272
+ additionalProperties: false,
273
+ properties: {
274
+ alias: {
275
+ type: "string",
276
+ description: "Alias for the generated key."
407
277
  },
408
- KmsGetKeyArgs: {
409
- type: "object",
410
- properties: {
411
- baseUrl: {
412
- type: "string"
413
- },
414
- aliasOrKid: {
415
- type: "string"
416
- }
417
- },
418
- required: ["aliasOrKid"],
419
- additionalProperties: false
278
+ use: {
279
+ $ref: "#/components/schemas/JwkUse"
420
280
  },
421
- ManagedKeyInfo: {
422
- type: "object",
423
- properties: {
424
- kid: {
425
- type: "string",
426
- description: "Unique identifier for the cryptographic key. Can be null if the key identifier is not provided."
427
- },
428
- key: {
429
- $ref: "#/components/schemas/Jwk"
430
- },
431
- signatureAlgorithm: {
432
- $ref: "#/components/schemas/SignatureAlgorithm"
433
- },
434
- keyVisibility: {
435
- $ref: "#/components/schemas/KeyVisibility"
436
- },
437
- x5c: {
438
- type: "array",
439
- items: {
440
- type: "string"
441
- },
442
- description: "X.509 certificate chain associated with the key."
443
- },
444
- alias: {
445
- type: "string",
446
- description: "A reference or alias to the key in the Key Management Service (KMS)."
447
- },
448
- providerId: {
449
- type: "string",
450
- description: "The Key Management System (KMS) identifier associated with the key."
451
- },
452
- keyType: {
453
- $ref: "#/components/schemas/KeyType"
454
- },
455
- keyEncoding: {
456
- $ref: "#/components/schemas/KeyEncoding"
457
- },
458
- opts: {
459
- type: "object",
460
- additionalProperties: {
461
- type: "string"
462
- },
463
- description: "Additional configuration options as key-value pairs."
464
- }
465
- },
466
- required: ["key", "alias", "providerId"],
467
- additionalProperties: false,
468
- description: "Represents a managed cryptographic key information that is guaranteed to be present and resolved, part of a KMS providing concrete access to the key."
281
+ keyOperations: {
282
+ type: "array",
283
+ items: {
284
+ $ref: "#/components/schemas/KeyOperations"
285
+ }
469
286
  },
470
- KmsGetKeyProviderArgs: {
471
- type: "object",
472
- properties: {
473
- baseUrl: {
474
- type: "string"
475
- },
476
- providerId: {
477
- type: "string"
478
- }
479
- },
480
- additionalProperties: false
287
+ alg: {
288
+ $ref: "#/components/schemas/SignatureAlgorithm"
481
289
  },
482
- KeyProviderResponse: {
483
- type: "object",
484
- properties: {
485
- providerId: {
486
- type: "string",
487
- description: "The unique identifier assigned to the Key Provider instance upon creation."
488
- },
489
- type: {
490
- $ref: "#/components/schemas/KeyProviderType"
491
- }
492
- },
493
- required: ["providerId", "type"],
494
- additionalProperties: false,
495
- description: "Response body containing the details of a Key Provider instance."
290
+ providerId: {
291
+ type: "string",
292
+ description: "Optional provider ID. If not specified, the default provider will be used."
496
293
  },
497
- KeyProviderType: {
294
+ baseUrl: {
295
+ type: "string"
296
+ }
297
+ }
298
+ },
299
+ ManagedKeyPair: {
300
+ type: "object",
301
+ properties: {
302
+ kid: {
498
303
  type: "string",
499
- enum: ["SOFTWARE", "AZURE_KEYVAULT", "AWS_KMS"],
500
- description: "The type of Key Provider. Determines the required configuration settings. - AZURE_KEYVAULT: Microsoft Azure Key Vault or Managed HSM. - AWS_KMS: Amazon Web Services Key Management Service."
304
+ description: "Key identifier, may be null."
501
305
  },
502
- kmsGetResolverArgs: {
503
- type: "object",
504
- properties: {
505
- baseUrl: {
506
- type: "string"
507
- },
508
- resolverId: {
509
- type: "string"
510
- }
511
- },
512
- required: ["resolverId"],
513
- additionalProperties: false
306
+ providerId: {
307
+ type: "string",
308
+ description: "Key Management System identifier."
514
309
  },
515
- Resolver: {
516
- type: "object",
517
- properties: {
518
- resolverId: {
519
- type: "string",
520
- description: "Unique identifier for the resolver."
521
- },
522
- supportedIdentifierMethods: {
523
- type: "array",
524
- items: {
525
- $ref: "#/components/schemas/IdentifierMethod"
526
- },
527
- description: "List of identifier methods supported by this resolver."
528
- },
529
- supportedKeyTypes: {
530
- type: "array",
531
- items: {
532
- $ref: "#/components/schemas/KeyType"
533
- },
534
- description: "List of key types supported by this resolver."
535
- }
536
- },
537
- required: ["resolverId"],
538
- additionalProperties: false,
539
- description: "Represents a key resolver configuration."
310
+ alias: {
311
+ type: "string",
312
+ description: "Reference to the key in the KMS."
540
313
  },
541
- IdentifierMethod: {
314
+ cose: {
315
+ $ref: "#/components/schemas/CoseKeyPair"
316
+ },
317
+ jose: {
318
+ $ref: "#/components/schemas/JoseKeyPair"
319
+ }
320
+ },
321
+ required: ["providerId", "alias", "cose", "jose"],
322
+ additionalProperties: false,
323
+ description: "Represents a key pair used by a crypto provider, encapsulating both JOSE and COSE key pairs."
324
+ },
325
+ CoseKeyPair: {
326
+ type: "object",
327
+ properties: {
328
+ privateCoseKey: {
329
+ $ref: "#/components/schemas/CoseKey"
330
+ },
331
+ publicCoseKey: {
332
+ $ref: "#/components/schemas/CoseKey"
333
+ }
334
+ },
335
+ required: ["publicCoseKey"],
336
+ additionalProperties: false,
337
+ description: "Represents a cryptographic key pair for COSE (CBOR Object Signing and Encryption) operations."
338
+ },
339
+ CoseKey: {
340
+ type: "object",
341
+ properties: {
342
+ kty: {
343
+ $ref: "#/components/schemas/CoseKeyType"
344
+ },
345
+ kid: {
542
346
  type: "string",
543
- enum: ["JWK", "KID", "COSE_KEY", "X5C", "DID"],
544
- description: "Method used to identify cryptographic keys."
347
+ description: "Key identifier (base64url-encoded byte string)."
545
348
  },
546
- KmsIsValidRawSignatureArgs: {
547
- type: "object",
548
- additionalProperties: false,
549
- properties: {
550
- keyInfo: {
551
- $ref: "#/components/schemas/KeyInfo"
552
- },
553
- input: {
554
- type: "string"
555
- },
556
- signature: {
557
- type: "string"
558
- },
559
- baseUrl: {
560
- type: "string"
561
- }
562
- },
563
- required: ["input", "keyInfo", "signature"]
349
+ alg: {
350
+ type: "number",
351
+ description: "The COSE algorithm identifier (e.g., -7=ES256, -35=ES384, -36=ES512, -8=EdDSA)."
564
352
  },
565
- VerifyRawSignatureResponse: {
566
- type: "object",
567
- properties: {
568
- isValid: {
569
- type: "boolean",
570
- description: "Indicates whether the signature is valid or not."
571
- }
353
+ keyOps: {
354
+ type: "array",
355
+ items: {
356
+ type: "number"
572
357
  },
573
- required: ["isValid"],
574
- additionalProperties: false,
575
- description: "Response body containing the details of the signature verification."
358
+ description: "The allowed COSE key operations (1=sign, 2=verify, 3=encrypt, 4=decrypt, etc.)."
576
359
  },
577
- KmsListKeyProvidersArgs: {
578
- type: "object",
579
- properties: {
580
- baseUrl: {
581
- type: "string"
582
- }
583
- },
584
- additionalProperties: false
360
+ baseIV: {
361
+ type: "string",
362
+ description: "Base initialization vector (base64url-encoded)."
585
363
  },
586
- ListKeyProvidersResponse: {
587
- type: "object",
588
- properties: {
589
- providers: {
590
- type: "array",
591
- items: {
592
- $ref: "#/components/schemas/KeyProvider"
593
- }
594
- }
595
- },
596
- required: ["providers"],
597
- additionalProperties: false,
598
- description: "Response body containing the details of a Key Provider instance."
364
+ crv: {
365
+ type: "number",
366
+ description: "The COSE curve identifier (1=P-256, 2=P-384, 3=P-521, 8=secp256k1, 6=Ed25519, etc.)."
599
367
  },
600
- KeyProvider: {
601
- type: "object",
602
- properties: {
603
- providerId: {
604
- type: "string",
605
- description: "The unique identifier assigned to the Key Provider instance upon creation."
606
- },
607
- type: {
608
- $ref: "#/components/schemas/KeyProviderType"
609
- }
610
- },
611
- required: ["providerId", "type"],
612
- additionalProperties: false,
613
- description: "Response body containing the details of a Key Provider instance."
368
+ x: {
369
+ type: "string",
370
+ description: "The x coordinate (base64url-encoded byte string)."
614
371
  },
615
- KmsListKeysArgs: {
616
- type: "object",
617
- properties: {
618
- baseUrl: {
619
- type: "string"
620
- },
621
- providerId: {
622
- type: "string"
623
- }
624
- },
625
- additionalProperties: false
372
+ y: {
373
+ type: "string",
374
+ description: "The y coordinate (base64url-encoded byte string)."
626
375
  },
627
- ListKeysResponse: {
628
- type: "object",
629
- properties: {
630
- keyInfos: {
631
- type: "array",
632
- items: {
633
- $ref: "#/components/schemas/ManagedKeyInfo"
634
- }
635
- }
636
- },
637
- required: ["keyInfos"],
638
- additionalProperties: false,
639
- description: "Response body containing all the managed keys."
376
+ d: {
377
+ type: "string",
378
+ description: "The private key parameter (base64url-encoded byte string)."
640
379
  },
641
- KmsListResolversArgs: {
642
- type: "object",
643
- properties: {
644
- baseUrl: {
645
- type: "string"
646
- }
380
+ x5chain: {
381
+ type: "array",
382
+ items: {
383
+ type: "string"
647
384
  },
648
- additionalProperties: false
385
+ description: "X.509 certificate chain as base64-encoded certificates."
386
+ }
387
+ },
388
+ required: ["kty"],
389
+ additionalProperties: false,
390
+ description: "Represents a COSE (CBOR Object Signing and Encryption) key in JSON format."
391
+ },
392
+ CoseKeyType: {
393
+ type: "number",
394
+ enum: [1, 2, 3, 4],
395
+ description: "COSE key type parameter. 1=OKP (Octet Key Pair), 2=EC2 (Elliptic Curve), 3=RSA, 4=Symmetric."
396
+ },
397
+ JoseKeyPair: {
398
+ type: "object",
399
+ properties: {
400
+ privateJwk: {
401
+ $ref: "#/components/schemas/Jwk"
649
402
  },
650
- ListResolversResponse: {
651
- type: "object",
652
- properties: {
653
- resolvers: {
654
- type: "array",
655
- items: {
656
- $ref: "#/components/schemas/Resolver"
657
- }
658
- }
659
- },
660
- required: ["resolvers"],
661
- additionalProperties: false,
662
- description: "Response body containing all the resolvers."
403
+ publicJwk: {
404
+ $ref: "#/components/schemas/Jwk"
405
+ }
406
+ },
407
+ required: ["publicJwk"],
408
+ additionalProperties: false,
409
+ description: "Data class representing a cryptographic key pair used with JOSE (JSON Object Signing and Encryption)."
410
+ },
411
+ KmsGetKeyArgs: {
412
+ type: "object",
413
+ properties: {
414
+ baseUrl: {
415
+ type: "string"
663
416
  },
664
- KmsProviderDeleteKeyArgs: {
665
- type: "object",
666
- properties: {
667
- baseUrl: {
668
- type: "string"
669
- },
670
- providerId: {
671
- type: "string"
672
- },
673
- aliasOrKid: {
674
- type: "string"
675
- }
676
- },
677
- required: ["providerId", "aliasOrKid"],
678
- additionalProperties: false
417
+ aliasOrKid: {
418
+ type: "string"
419
+ }
420
+ },
421
+ required: ["aliasOrKid"],
422
+ additionalProperties: false
423
+ },
424
+ ManagedKeyInfo: {
425
+ type: "object",
426
+ properties: {
427
+ kid: {
428
+ type: "string",
429
+ description: "Unique identifier for the cryptographic key. Can be null if the key identifier is not provided."
679
430
  },
680
- KmsProviderGenerateKey: {
681
- type: "object",
682
- additionalProperties: false,
683
- properties: {
684
- alias: {
685
- type: "string",
686
- description: "Alias for the generated key."
687
- },
688
- use: {
689
- $ref: "#/components/schemas/JwkUse"
690
- },
691
- keyOperations: {
692
- type: "array",
693
- items: {
694
- $ref: "#/components/schemas/KeyOperations"
695
- }
696
- },
697
- alg: {
698
- $ref: "#/components/schemas/SignatureAlgorithm"
699
- },
700
- baseUrl: {
701
- type: "string"
702
- },
703
- providerId: {
704
- type: "string"
705
- }
706
- },
707
- required: ["providerId"]
431
+ key: {
432
+ $ref: "#/components/schemas/Jwk"
708
433
  },
709
- KmsProviderGetKeyArgs: {
710
- type: "object",
711
- properties: {
712
- baseUrl: {
713
- type: "string"
714
- },
715
- providerId: {
716
- type: "string"
717
- },
718
- aliasOrKid: {
719
- type: "string"
720
- }
721
- },
722
- required: ["providerId", "aliasOrKid"],
723
- additionalProperties: false
434
+ signatureAlgorithm: {
435
+ $ref: "#/components/schemas/SignatureAlgorithm"
724
436
  },
725
- KmsProviderListKeysArgs: {
726
- type: "object",
727
- properties: {
728
- baseUrl: {
729
- type: "string"
730
- },
731
- providerId: {
732
- type: "string"
733
- }
734
- },
735
- required: ["providerId"],
736
- additionalProperties: false
437
+ keyVisibility: {
438
+ $ref: "#/components/schemas/KeyVisibility"
737
439
  },
738
- KmsProviderStoreKey: {
739
- type: "object",
740
- additionalProperties: false,
741
- properties: {
742
- keyInfo: {
743
- $ref: "#/components/schemas/ResolvedKeyInfo"
744
- },
745
- certChain: {
746
- type: "array",
747
- items: {
748
- type: "string"
749
- },
750
- description: "X.509 certificate chain as base64-encoded DER certificates."
751
- },
752
- baseUrl: {
753
- type: "string"
754
- },
755
- providerId: {
756
- type: "string"
757
- }
440
+ x5c: {
441
+ type: "array",
442
+ items: {
443
+ type: "string"
758
444
  },
759
- required: ["keyInfo", "providerId"]
445
+ description: "X.509 certificate chain associated with the key."
760
446
  },
761
- ResolvedKeyInfo: {
762
- type: "object",
763
- properties: {
764
- kid: {
765
- type: "string",
766
- description: "Unique identifier for the cryptographic key. Can be null if the key identifier is not provided."
767
- },
768
- key: {
769
- $ref: "#/components/schemas/Jwk"
770
- },
771
- signatureAlgorithm: {
772
- $ref: "#/components/schemas/SignatureAlgorithm"
773
- },
774
- keyVisibility: {
775
- $ref: "#/components/schemas/KeyVisibility"
776
- },
777
- x5c: {
778
- type: "array",
779
- items: {
780
- type: "string"
781
- },
782
- description: "X.509 certificate chain associated with the key."
783
- },
784
- alias: {
785
- type: "string",
786
- description: "A reference or alias to the key in the Key Management Service (KMS)."
787
- },
788
- providerId: {
789
- type: "string",
790
- description: "The Key Management System (KMS) identifier associated with the key."
791
- },
792
- keyType: {
793
- $ref: "#/components/schemas/KeyType"
794
- },
795
- keyEncoding: {
796
- $ref: "#/components/schemas/KeyEncoding"
797
- },
798
- opts: {
799
- type: "object",
800
- additionalProperties: {
801
- type: "string"
802
- },
803
- description: "Additional configuration options as key-value pairs."
804
- }
805
- },
806
- required: ["key"],
807
- additionalProperties: false,
808
- description: "Represents a resolved cryptographic key information where the key is guaranteed to be present and resolved, providing concrete access to the key."
447
+ alias: {
448
+ type: "string",
449
+ description: "A reference or alias to the key in the Key Management Service (KMS)."
809
450
  },
810
- KmsResolveKeyArgs: {
811
- type: "object",
812
- additionalProperties: false,
813
- properties: {
814
- keyInfo: {
815
- $ref: "#/components/schemas/KeyInfo"
816
- },
817
- identifierMethod: {
818
- $ref: "#/components/schemas/IdentifierMethod"
819
- },
820
- trustedCerts: {
821
- type: "array",
822
- items: {
823
- type: "string"
824
- },
825
- description: "Optional array of trusted certificates (base64-encoded) that may be used in the resolution process."
826
- },
827
- verifyX509CertificateChain: {
828
- type: "boolean",
829
- description: "Optional boolean indicating whether the X.509 certificate chain should be verified."
830
- },
831
- baseUrl: {
832
- type: "string"
833
- },
834
- resolverId: {
835
- $ref: "#/components/schemas/String"
836
- }
837
- },
838
- required: ["keyInfo", "resolverId"]
451
+ providerId: {
452
+ type: "string",
453
+ description: "The Key Management System (KMS) identifier associated with the key."
454
+ },
455
+ keyType: {
456
+ $ref: "#/components/schemas/KeyType"
839
457
  },
840
- String: {
458
+ keyEncoding: {
459
+ $ref: "#/components/schemas/KeyEncoding"
460
+ },
461
+ opts: {
841
462
  type: "object",
842
- properties: {
843
- length: {
844
- type: "number"
845
- }
846
- },
847
- required: ["length"],
848
463
  additionalProperties: {
849
464
  type: "string"
850
- }
851
- },
852
- KmsStoreKeyArgs: {
853
- type: "object",
854
- additionalProperties: false,
855
- properties: {
856
- keyInfo: {
857
- $ref: "#/components/schemas/ResolvedKeyInfo"
858
- },
859
- certChain: {
860
- type: "array",
861
- items: {
862
- type: "string"
863
- },
864
- description: "X.509 certificate chain as base64-encoded DER certificates."
865
- },
866
- baseUrl: {
867
- type: "string"
868
- }
869
465
  },
870
- required: ["keyInfo"]
466
+ description: "Additional configuration options as key-value pairs."
871
467
  }
872
468
  },
873
- methods: {
874
- kmsCreateRawSignature: {
875
- description: "",
876
- arguments: {
877
- $ref: "#/components/schemas/KmsCreateRawSignatureArgs"
878
- },
879
- returnType: {
880
- $ref: "#/components/schemas/CreateRawSignatureResponse"
881
- }
469
+ required: ["key", "alias", "providerId"],
470
+ additionalProperties: false,
471
+ description: "Represents a managed cryptographic key information that is guaranteed to be present and resolved, part of a KMS providing concrete access to the key."
472
+ },
473
+ KmsGetKeyProviderArgs: {
474
+ type: "object",
475
+ properties: {
476
+ baseUrl: {
477
+ type: "string"
882
478
  },
883
- kmsDeleteKey: {
884
- description: "",
885
- arguments: {
886
- $ref: "#/components/schemas/KmsDeleteKeyArgs"
887
- },
888
- returnType: {
889
- type: "boolean"
890
- }
479
+ providerId: {
480
+ type: "string"
481
+ }
482
+ },
483
+ additionalProperties: false
484
+ },
485
+ KeyProviderResponse: {
486
+ type: "object",
487
+ properties: {
488
+ providerId: {
489
+ type: "string",
490
+ description: "The unique identifier assigned to the Key Provider instance upon creation."
891
491
  },
892
- kmsGenerateKey: {
893
- description: "",
894
- arguments: {
895
- $ref: "#/components/schemas/KmsGenerateKeyArgs"
896
- },
897
- returnType: {
898
- $ref: "#/components/schemas/ManagedKeyPair"
899
- }
492
+ type: {
493
+ $ref: "#/components/schemas/KeyProviderType"
494
+ }
495
+ },
496
+ required: ["providerId", "type"],
497
+ additionalProperties: false,
498
+ description: "Response body containing the details of a Key Provider instance."
499
+ },
500
+ KeyProviderType: {
501
+ type: "string",
502
+ enum: ["SOFTWARE", "AZURE_KEYVAULT", "AWS_KMS"],
503
+ description: "The type of Key Provider. Determines the required configuration settings. - AZURE_KEYVAULT: Microsoft Azure Key Vault or Managed HSM. - AWS_KMS: Amazon Web Services Key Management Service."
504
+ },
505
+ kmsGetResolverArgs: {
506
+ type: "object",
507
+ properties: {
508
+ baseUrl: {
509
+ type: "string"
510
+ },
511
+ resolverId: {
512
+ type: "string"
513
+ }
514
+ },
515
+ required: ["resolverId"],
516
+ additionalProperties: false
517
+ },
518
+ Resolver: {
519
+ type: "object",
520
+ properties: {
521
+ resolverId: {
522
+ type: "string",
523
+ description: "Unique identifier for the resolver."
900
524
  },
901
- kmsGetKey: {
902
- description: "",
903
- arguments: {
904
- $ref: "#/components/schemas/KmsGetKeyArgs"
525
+ supportedIdentifierMethods: {
526
+ type: "array",
527
+ items: {
528
+ $ref: "#/components/schemas/IdentifierMethod"
905
529
  },
906
- returnType: {
907
- $ref: "#/components/schemas/ManagedKeyInfo"
908
- }
530
+ description: "List of identifier methods supported by this resolver."
909
531
  },
910
- kmsGetKeyProvider: {
911
- description: "",
912
- arguments: {
913
- $ref: "#/components/schemas/KmsGetKeyProviderArgs"
532
+ supportedKeyTypes: {
533
+ type: "array",
534
+ items: {
535
+ $ref: "#/components/schemas/KeyType"
914
536
  },
915
- returnType: {
916
- $ref: "#/components/schemas/KeyProviderResponse"
537
+ description: "List of key types supported by this resolver."
538
+ }
539
+ },
540
+ required: ["resolverId"],
541
+ additionalProperties: false,
542
+ description: "Represents a key resolver configuration."
543
+ },
544
+ IdentifierMethod: {
545
+ type: "string",
546
+ enum: ["JWK", "KID", "COSE_KEY", "X5C", "DID"],
547
+ description: "Method used to identify cryptographic keys."
548
+ },
549
+ KmsIsValidRawSignatureArgs: {
550
+ type: "object",
551
+ additionalProperties: false,
552
+ properties: {
553
+ keyInfo: {
554
+ $ref: "#/components/schemas/KeyInfo"
555
+ },
556
+ input: {
557
+ type: "string"
558
+ },
559
+ signature: {
560
+ type: "string"
561
+ },
562
+ baseUrl: {
563
+ type: "string"
564
+ }
565
+ },
566
+ required: ["input", "keyInfo", "signature"]
567
+ },
568
+ VerifyRawSignatureResponse: {
569
+ type: "object",
570
+ properties: {
571
+ isValid: {
572
+ type: "boolean",
573
+ description: "Indicates whether the signature is valid or not."
574
+ }
575
+ },
576
+ required: ["isValid"],
577
+ additionalProperties: false,
578
+ description: "Response body containing the details of the signature verification."
579
+ },
580
+ KmsListKeyProvidersArgs: {
581
+ type: "object",
582
+ properties: {
583
+ baseUrl: {
584
+ type: "string"
585
+ }
586
+ },
587
+ additionalProperties: false
588
+ },
589
+ ListKeyProvidersResponse: {
590
+ type: "object",
591
+ properties: {
592
+ providers: {
593
+ type: "array",
594
+ items: {
595
+ $ref: "#/components/schemas/KeyProvider"
917
596
  }
597
+ }
598
+ },
599
+ required: ["providers"],
600
+ additionalProperties: false,
601
+ description: "Response body containing the details of a Key Provider instance."
602
+ },
603
+ KeyProvider: {
604
+ type: "object",
605
+ properties: {
606
+ providerId: {
607
+ type: "string",
608
+ description: "The unique identifier assigned to the Key Provider instance upon creation."
918
609
  },
919
- kmsGetResolver: {
920
- description: "",
921
- arguments: {
922
- $ref: "#/components/schemas/kmsGetResolverArgs"
923
- },
924
- returnType: {
610
+ type: {
611
+ $ref: "#/components/schemas/KeyProviderType"
612
+ }
613
+ },
614
+ required: ["providerId", "type"],
615
+ additionalProperties: false,
616
+ description: "Response body containing the details of a Key Provider instance."
617
+ },
618
+ KmsListKeysArgs: {
619
+ type: "object",
620
+ properties: {
621
+ baseUrl: {
622
+ type: "string"
623
+ },
624
+ providerId: {
625
+ type: "string"
626
+ }
627
+ },
628
+ additionalProperties: false
629
+ },
630
+ ListKeysResponse: {
631
+ type: "object",
632
+ properties: {
633
+ keyInfos: {
634
+ type: "array",
635
+ items: {
636
+ $ref: "#/components/schemas/ManagedKeyInfo"
637
+ }
638
+ }
639
+ },
640
+ required: ["keyInfos"],
641
+ additionalProperties: false,
642
+ description: "Response body containing all the managed keys."
643
+ },
644
+ KmsListResolversArgs: {
645
+ type: "object",
646
+ properties: {
647
+ baseUrl: {
648
+ type: "string"
649
+ }
650
+ },
651
+ additionalProperties: false
652
+ },
653
+ ListResolversResponse: {
654
+ type: "object",
655
+ properties: {
656
+ resolvers: {
657
+ type: "array",
658
+ items: {
925
659
  $ref: "#/components/schemas/Resolver"
926
660
  }
661
+ }
662
+ },
663
+ required: ["resolvers"],
664
+ additionalProperties: false,
665
+ description: "Response body containing all the resolvers."
666
+ },
667
+ KmsProviderDeleteKeyArgs: {
668
+ type: "object",
669
+ properties: {
670
+ baseUrl: {
671
+ type: "string"
927
672
  },
928
- kmsIsValidRawSignature: {
929
- description: "",
930
- arguments: {
931
- $ref: "#/components/schemas/KmsIsValidRawSignatureArgs"
932
- },
933
- returnType: {
934
- $ref: "#/components/schemas/VerifyRawSignatureResponse"
935
- }
673
+ providerId: {
674
+ type: "string"
936
675
  },
937
- kmsListKeyProviders: {
938
- description: "",
939
- arguments: {
940
- $ref: "#/components/schemas/KmsListKeyProvidersArgs"
941
- },
942
- returnType: {
943
- $ref: "#/components/schemas/ListKeyProvidersResponse"
944
- }
676
+ aliasOrKid: {
677
+ type: "string"
678
+ }
679
+ },
680
+ required: ["providerId", "aliasOrKid"],
681
+ additionalProperties: false
682
+ },
683
+ KmsProviderGenerateKey: {
684
+ type: "object",
685
+ additionalProperties: false,
686
+ properties: {
687
+ alias: {
688
+ type: "string",
689
+ description: "Alias for the generated key."
945
690
  },
946
- kmsListKeys: {
947
- description: "",
948
- arguments: {
949
- $ref: "#/components/schemas/KmsListKeysArgs"
950
- },
951
- returnType: {
952
- $ref: "#/components/schemas/ListKeysResponse"
953
- }
691
+ use: {
692
+ $ref: "#/components/schemas/JwkUse"
954
693
  },
955
- kmsListResolvers: {
956
- description: "",
957
- arguments: {
958
- $ref: "#/components/schemas/KmsListResolversArgs"
959
- },
960
- returnType: {
961
- $ref: "#/components/schemas/ListResolversResponse"
694
+ keyOperations: {
695
+ type: "array",
696
+ items: {
697
+ $ref: "#/components/schemas/KeyOperations"
962
698
  }
963
699
  },
964
- kmsProviderDeleteKey: {
965
- description: "",
966
- arguments: {
967
- $ref: "#/components/schemas/KmsProviderDeleteKeyArgs"
968
- },
969
- returnType: {
970
- type: "boolean"
971
- }
700
+ alg: {
701
+ $ref: "#/components/schemas/SignatureAlgorithm"
972
702
  },
973
- kmsProviderGenerateKey: {
974
- description: "",
975
- arguments: {
976
- $ref: "#/components/schemas/KmsProviderGenerateKey"
977
- },
978
- returnType: {
979
- $ref: "#/components/schemas/ManagedKeyPair"
980
- }
703
+ baseUrl: {
704
+ type: "string"
981
705
  },
982
- kmsProviderGetKey: {
983
- description: "",
984
- arguments: {
985
- $ref: "#/components/schemas/KmsProviderGetKeyArgs"
706
+ providerId: {
707
+ type: "string"
708
+ }
709
+ },
710
+ required: ["providerId"]
711
+ },
712
+ KmsProviderGetKeyArgs: {
713
+ type: "object",
714
+ properties: {
715
+ baseUrl: {
716
+ type: "string"
717
+ },
718
+ providerId: {
719
+ type: "string"
720
+ },
721
+ aliasOrKid: {
722
+ type: "string"
723
+ }
724
+ },
725
+ required: ["providerId", "aliasOrKid"],
726
+ additionalProperties: false
727
+ },
728
+ KmsProviderListKeysArgs: {
729
+ type: "object",
730
+ properties: {
731
+ baseUrl: {
732
+ type: "string"
733
+ },
734
+ providerId: {
735
+ type: "string"
736
+ }
737
+ },
738
+ required: ["providerId"],
739
+ additionalProperties: false
740
+ },
741
+ KmsProviderStoreKey: {
742
+ type: "object",
743
+ additionalProperties: false,
744
+ properties: {
745
+ keyInfo: {
746
+ $ref: "#/components/schemas/ResolvedKeyInfo"
747
+ },
748
+ certChain: {
749
+ type: "array",
750
+ items: {
751
+ type: "string"
986
752
  },
987
- returnType: {
988
- $ref: "#/components/schemas/ManagedKeyInfo"
989
- }
753
+ description: "X.509 certificate chain as base64-encoded DER certificates."
754
+ },
755
+ baseUrl: {
756
+ type: "string"
757
+ },
758
+ providerId: {
759
+ type: "string"
760
+ }
761
+ },
762
+ required: ["keyInfo", "providerId"]
763
+ },
764
+ ResolvedKeyInfo: {
765
+ type: "object",
766
+ properties: {
767
+ kid: {
768
+ type: "string",
769
+ description: "Unique identifier for the cryptographic key. Can be null if the key identifier is not provided."
770
+ },
771
+ key: {
772
+ $ref: "#/components/schemas/Jwk"
773
+ },
774
+ signatureAlgorithm: {
775
+ $ref: "#/components/schemas/SignatureAlgorithm"
990
776
  },
991
- kmsProviderListKeys: {
992
- description: "",
993
- arguments: {
994
- $ref: "#/components/schemas/KmsProviderListKeysArgs"
777
+ keyVisibility: {
778
+ $ref: "#/components/schemas/KeyVisibility"
779
+ },
780
+ x5c: {
781
+ type: "array",
782
+ items: {
783
+ type: "string"
995
784
  },
996
- returnType: {
997
- $ref: "#/components/schemas/ListKeysResponse"
998
- }
785
+ description: "X.509 certificate chain associated with the key."
786
+ },
787
+ alias: {
788
+ type: "string",
789
+ description: "A reference or alias to the key in the Key Management Service (KMS)."
790
+ },
791
+ providerId: {
792
+ type: "string",
793
+ description: "The Key Management System (KMS) identifier associated with the key."
794
+ },
795
+ keyType: {
796
+ $ref: "#/components/schemas/KeyType"
797
+ },
798
+ keyEncoding: {
799
+ $ref: "#/components/schemas/KeyEncoding"
999
800
  },
1000
- kmsProviderStoreKey: {
1001
- description: "",
1002
- arguments: {
1003
- $ref: "#/components/schemas/KmsProviderStoreKey"
801
+ opts: {
802
+ type: "object",
803
+ additionalProperties: {
804
+ type: "string"
1004
805
  },
1005
- returnType: {
1006
- $ref: "#/components/schemas/ManagedKeyInfo"
1007
- }
806
+ description: "Additional configuration options as key-value pairs."
807
+ }
808
+ },
809
+ required: ["key"],
810
+ additionalProperties: false,
811
+ description: "Represents a resolved cryptographic key information where the key is guaranteed to be present and resolved, providing concrete access to the key."
812
+ },
813
+ KmsResolveKeyArgs: {
814
+ type: "object",
815
+ additionalProperties: false,
816
+ properties: {
817
+ keyInfo: {
818
+ $ref: "#/components/schemas/KeyInfo"
819
+ },
820
+ identifierMethod: {
821
+ $ref: "#/components/schemas/IdentifierMethod"
1008
822
  },
1009
- kmsResolveKey: {
1010
- description: "",
1011
- arguments: {
1012
- $ref: "#/components/schemas/KmsResolveKeyArgs"
823
+ trustedCerts: {
824
+ type: "array",
825
+ items: {
826
+ type: "string"
1013
827
  },
1014
- returnType: {
1015
- $ref: "#/components/schemas/ResolvedKeyInfo"
1016
- }
828
+ description: "Optional array of trusted certificates (base64-encoded) that may be used in the resolution process."
829
+ },
830
+ verifyX509CertificateChain: {
831
+ type: "boolean",
832
+ description: "Optional boolean indicating whether the X.509 certificate chain should be verified."
833
+ },
834
+ baseUrl: {
835
+ type: "string"
836
+ },
837
+ resolverId: {
838
+ $ref: "#/components/schemas/String"
839
+ }
840
+ },
841
+ required: ["keyInfo", "resolverId"]
842
+ },
843
+ String: {
844
+ type: "object",
845
+ properties: {
846
+ length: {
847
+ type: "number"
848
+ }
849
+ },
850
+ required: ["length"],
851
+ additionalProperties: {
852
+ type: "string"
853
+ }
854
+ },
855
+ KmsStoreKeyArgs: {
856
+ type: "object",
857
+ additionalProperties: false,
858
+ properties: {
859
+ keyInfo: {
860
+ $ref: "#/components/schemas/ResolvedKeyInfo"
1017
861
  },
1018
- kmsStoreKey: {
1019
- description: "",
1020
- arguments: {
1021
- $ref: "#/components/schemas/KmsStoreKeyArgs"
862
+ certChain: {
863
+ type: "array",
864
+ items: {
865
+ type: "string"
1022
866
  },
1023
- returnType: {
1024
- $ref: "#/components/schemas/ManagedKeyInfo"
1025
- }
867
+ description: "X.509 certificate chain as base64-encoded DER certificates."
868
+ },
869
+ baseUrl: {
870
+ type: "string"
1026
871
  }
872
+ },
873
+ required: ["keyInfo"]
874
+ }
875
+ },
876
+ methods: {
877
+ kmsCreateRawSignature: {
878
+ description: "",
879
+ arguments: {
880
+ $ref: "#/components/schemas/KmsCreateRawSignatureArgs"
881
+ },
882
+ returnType: {
883
+ $ref: "#/components/schemas/CreateRawSignatureResponse"
884
+ }
885
+ },
886
+ kmsDeleteKey: {
887
+ description: "",
888
+ arguments: {
889
+ $ref: "#/components/schemas/KmsDeleteKeyArgs"
890
+ },
891
+ returnType: {
892
+ type: "boolean"
893
+ }
894
+ },
895
+ kmsGenerateKey: {
896
+ description: "",
897
+ arguments: {
898
+ $ref: "#/components/schemas/KmsGenerateKeyArgs"
899
+ },
900
+ returnType: {
901
+ $ref: "#/components/schemas/ManagedKeyPair"
902
+ }
903
+ },
904
+ kmsGetKey: {
905
+ description: "",
906
+ arguments: {
907
+ $ref: "#/components/schemas/KmsGetKeyArgs"
908
+ },
909
+ returnType: {
910
+ $ref: "#/components/schemas/ManagedKeyInfo"
911
+ }
912
+ },
913
+ kmsGetKeyProvider: {
914
+ description: "",
915
+ arguments: {
916
+ $ref: "#/components/schemas/KmsGetKeyProviderArgs"
917
+ },
918
+ returnType: {
919
+ $ref: "#/components/schemas/KeyProviderResponse"
920
+ }
921
+ },
922
+ kmsGetResolver: {
923
+ description: "",
924
+ arguments: {
925
+ $ref: "#/components/schemas/kmsGetResolverArgs"
926
+ },
927
+ returnType: {
928
+ $ref: "#/components/schemas/Resolver"
929
+ }
930
+ },
931
+ kmsIsValidRawSignature: {
932
+ description: "",
933
+ arguments: {
934
+ $ref: "#/components/schemas/KmsIsValidRawSignatureArgs"
935
+ },
936
+ returnType: {
937
+ $ref: "#/components/schemas/VerifyRawSignatureResponse"
938
+ }
939
+ },
940
+ kmsListKeyProviders: {
941
+ description: "",
942
+ arguments: {
943
+ $ref: "#/components/schemas/KmsListKeyProvidersArgs"
944
+ },
945
+ returnType: {
946
+ $ref: "#/components/schemas/ListKeyProvidersResponse"
947
+ }
948
+ },
949
+ kmsListKeys: {
950
+ description: "",
951
+ arguments: {
952
+ $ref: "#/components/schemas/KmsListKeysArgs"
953
+ },
954
+ returnType: {
955
+ $ref: "#/components/schemas/ListKeysResponse"
956
+ }
957
+ },
958
+ kmsListResolvers: {
959
+ description: "",
960
+ arguments: {
961
+ $ref: "#/components/schemas/KmsListResolversArgs"
962
+ },
963
+ returnType: {
964
+ $ref: "#/components/schemas/ListResolversResponse"
965
+ }
966
+ },
967
+ kmsProviderDeleteKey: {
968
+ description: "",
969
+ arguments: {
970
+ $ref: "#/components/schemas/KmsProviderDeleteKeyArgs"
971
+ },
972
+ returnType: {
973
+ type: "boolean"
974
+ }
975
+ },
976
+ kmsProviderGenerateKey: {
977
+ description: "",
978
+ arguments: {
979
+ $ref: "#/components/schemas/KmsProviderGenerateKey"
980
+ },
981
+ returnType: {
982
+ $ref: "#/components/schemas/ManagedKeyPair"
983
+ }
984
+ },
985
+ kmsProviderGetKey: {
986
+ description: "",
987
+ arguments: {
988
+ $ref: "#/components/schemas/KmsProviderGetKeyArgs"
989
+ },
990
+ returnType: {
991
+ $ref: "#/components/schemas/ManagedKeyInfo"
992
+ }
993
+ },
994
+ kmsProviderListKeys: {
995
+ description: "",
996
+ arguments: {
997
+ $ref: "#/components/schemas/KmsProviderListKeysArgs"
998
+ },
999
+ returnType: {
1000
+ $ref: "#/components/schemas/ListKeysResponse"
1001
+ }
1002
+ },
1003
+ kmsProviderStoreKey: {
1004
+ description: "",
1005
+ arguments: {
1006
+ $ref: "#/components/schemas/KmsProviderStoreKey"
1007
+ },
1008
+ returnType: {
1009
+ $ref: "#/components/schemas/ManagedKeyInfo"
1010
+ }
1011
+ },
1012
+ kmsResolveKey: {
1013
+ description: "",
1014
+ arguments: {
1015
+ $ref: "#/components/schemas/KmsResolveKeyArgs"
1016
+ },
1017
+ returnType: {
1018
+ $ref: "#/components/schemas/ResolvedKeyInfo"
1019
+ }
1020
+ },
1021
+ kmsStoreKey: {
1022
+ description: "",
1023
+ arguments: {
1024
+ $ref: "#/components/schemas/KmsStoreKeyArgs"
1025
+ },
1026
+ returnType: {
1027
+ $ref: "#/components/schemas/ManagedKeyInfo"
1027
1028
  }
1028
1029
  }
1029
1030
  }
1030
- };
1031
+ }
1031
1032
  }
1032
- });
1033
-
1034
- // src/index.ts
1035
- var index_exports = {};
1036
- __export(index_exports, {
1037
- KmsRestClient: () => KmsRestClient,
1038
- schema: () => schema
1039
- });
1040
- module.exports = __toCommonJS(index_exports);
1033
+ };
1041
1034
 
1042
1035
  // src/agent/KmsRestClient.ts
1043
1036
  var import_ssi_types = require("@sphereon/ssi-types");
@@ -1958,7 +1951,4 @@ var KmsRestClient = class _KmsRestClient {
1958
1951
  return url;
1959
1952
  }
1960
1953
  };
1961
-
1962
- // src/index.ts
1963
- var schema = require_plugin_schema();
1964
1954
  //# sourceMappingURL=index.cjs.map