npm - @storacha/encrypt-upload-client - Versions diffs - 0.0.39 → 1.0.0 - Mend

@storacha/encrypt-upload-client 0.0.39 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (55) hide show

package/dist/config/env.d.ts.map +1 -1
package/dist/config/env.js +19 -6
package/dist/core/client.d.ts +8 -12
package/dist/core/client.d.ts.map +1 -1
package/dist/core/client.js +12 -21
package/dist/core/metadata/encrypted-metadata.d.ts +8 -0
package/dist/core/metadata/encrypted-metadata.d.ts.map +1 -0
package/dist/core/metadata/encrypted-metadata.js +69 -0
package/dist/core/metadata/kms-metadata.d.ts +36 -0
package/dist/core/metadata/kms-metadata.d.ts.map +1 -0
package/dist/core/metadata/kms-metadata.js +156 -0
package/dist/core/{encrypted-metadata.d.ts → metadata/lit-metadata.d.ts} +11 -11
package/dist/core/metadata/lit-metadata.d.ts.map +1 -0
package/dist/core/{encrypted-metadata.js → metadata/lit-metadata.js} +32 -42
package/dist/crypto/adapters/kms-crypto-adapter.d.ts +148 -0
package/dist/crypto/adapters/kms-crypto-adapter.d.ts.map +1 -0
package/dist/crypto/adapters/kms-crypto-adapter.js +321 -0
package/dist/crypto/adapters/lit-crypto-adapter.d.ts +96 -0
package/dist/crypto/adapters/lit-crypto-adapter.d.ts.map +1 -0
package/dist/crypto/adapters/lit-crypto-adapter.js +210 -0
package/dist/crypto/factories.browser.d.ts +11 -0
package/dist/crypto/factories.browser.d.ts.map +1 -0
package/dist/crypto/factories.browser.js +16 -0
package/dist/crypto/factories.node.d.ts +26 -0
package/dist/crypto/factories.node.d.ts.map +1 -0
package/dist/crypto/factories.node.js +38 -0
package/dist/crypto/index.d.ts +5 -0
package/dist/crypto/index.d.ts.map +1 -0
package/dist/crypto/index.js +7 -0
package/dist/crypto/symmetric/generic-aes-ctr-streaming-crypto.d.ts +76 -0
package/dist/crypto/symmetric/generic-aes-ctr-streaming-crypto.d.ts.map +1 -0
package/dist/crypto/symmetric/generic-aes-ctr-streaming-crypto.js +177 -0
package/dist/crypto/symmetric/node-aes-cbc-crypto.d.ts +43 -0
package/dist/crypto/symmetric/node-aes-cbc-crypto.d.ts.map +1 -0
package/dist/crypto/symmetric/node-aes-cbc-crypto.js +110 -0
package/dist/handlers/decrypt-handler.d.ts +9 -4
package/dist/handlers/decrypt-handler.d.ts.map +1 -1
package/dist/handlers/decrypt-handler.js +62 -93
package/dist/handlers/encrypt-handler.d.ts +1 -1
package/dist/handlers/encrypt-handler.d.ts.map +1 -1
package/dist/handlers/encrypt-handler.js +31 -41
package/dist/index.d.ts +0 -1
package/dist/index.js +0 -1
package/dist/protocols/lit.d.ts +1 -3
package/dist/protocols/lit.d.ts.map +1 -1
package/dist/types.d.ts +135 -20
package/dist/types.d.ts.map +1 -1
package/package.json +27 -18
package/dist/core/encrypted-metadata.d.ts.map +0 -1
package/dist/crypto-adapters/browser-crypto-adapter.d.ts +0 -42
package/dist/crypto-adapters/browser-crypto-adapter.d.ts.map +0 -1
package/dist/crypto-adapters/browser-crypto-adapter.js +0 -109
package/dist/crypto-adapters/node-crypto-adapter.d.ts +0 -17
package/dist/crypto-adapters/node-crypto-adapter.d.ts.map +0 -1
package/dist/crypto-adapters/node-crypto-adapter.js +0 -66

package/dist/config/env.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"env.d.ts","sourceRoot":"","sources":["../../src/config/env.js"],"names":[],"mappings":";~~AAwBA~~;;;GAAsC;~~uBAvBf~~,cAAc"}
1	+ {"version":3,"file":"env.d.ts","sourceRoot":"","sources":["../../src/config/env.js"],"names":[],"mappings":";AAwCA;;;GAAsC;uBAxCf,cAAc"}

package/dist/config/env.js CHANGED Viewed

@@ -1,9 +1,17 @@
-import dotenv from 'dotenv';
 import { Schema } from '@ucanto/core';
 import { LIT_NETWORK } from '@lit-protocol/constants';
-// Only load env variables if running in node
-if (typeof window === 'undefined') {
-    dotenv.config();
+// Only conditionally load dotenv in Node.js environments to prevent browser bundling issues
+if (typeof window === 'undefined' &&
+    typeof process !== 'undefined' &&
+    process.versions) {
+    try {
+        // Use eval to prevent webpack from bundling dotenv in browser builds
+        const dotenv = eval('require')('dotenv');
+        dotenv.config();
+    }
+    catch (error) {
+        // dotenv not available or we're in a browser-like environment, continue with defaults
+    }
 }
 const envSchema = Schema.struct({
     LIT_NETWORK: Schema.enum([
@@ -14,9 +22,14 @@ const envSchema = Schema.struct({
     ]).default(LIT_NETWORK.DatilTest),
     LIT_DEBUG: Schema.boolean().default(false),
 });
+// Safe environment variable access
 const processEnv = {
-    LIT_DEBUG: process.env.LIT_DEBUG,
-    LIT_NETWORK: process.env.LIT_NETWORK,
+    LIT_DEBUG: typeof process !== 'undefined' && process.env
+        ? process.env.LIT_DEBUG
+        : undefined,
+    LIT_NETWORK: typeof process !== 'undefined' && process.env
+        ? process.env.LIT_NETWORK
+        : undefined,
 };
 const env = envSchema.from(processEnv);
 export default env;

package/dist/core/client.d.ts CHANGED Viewed

@@ -3,10 +3,9 @@ export class EncryptedClient implements Type.EncryptedClient {
     /**
      * @param {import('@storacha/client').Client} storachaClient
      * @param {Type.CryptoAdapter} cryptoAdapter
-     * @param {import('@lit-protocol/lit-node-client').LitNodeClient} litClient
      * @param {URL} gatewayURL
      */
-    constructor(storachaClient: import("@storacha/client").Client, cryptoAdapter: Type.CryptoAdapter, litClient: import("@lit-protocol/lit-node-client").LitNodeClient, gatewayURL: URL);
+    constructor(storachaClient: import("@storacha/client").Client, cryptoAdapter: Type.CryptoAdapter, gatewayURL: URL);
     /**
      * @type {Type.CryptoAdapter}
      * @protected
@@ -17,32 +16,29 @@ export class EncryptedClient implements Type.EncryptedClient {
      * @protected
      */
     protected _storachaClient: import("@storacha/client").Client;
-    /**
-     * @type {import('@lit-protocol/lit-node-client').LitNodeClient}
-     * @protected
-     */
-    protected _litClient: import("@lit-protocol/lit-node-client").LitNodeClient;
     /**
      * @type {URL}
      * @protected
      */
     protected _gatewayURL: URL;
     /**
-     * Upload an encrypted file to the Storacha network
+     * Encrypt and upload a file to the Storacha network
      *
      * @param {Type.BlobLike} file - The file to upload
+     * @param {Type.EncryptionConfig} encryptionConfig - User-provided encryption configuration
+     * @param {Type.UploadOptions} [uploadOptions] - User-provided upload options
      * @returns {Promise<Type.AnyLink>} - The link to the uploaded file
      */
-    uploadEncryptedFile(file: Type.BlobLike): Promise<Type.AnyLink>;
+    encryptAndUploadFile(file: Type.BlobLike, encryptionConfig: Type.EncryptionConfig, uploadOptions?: Type.UploadOptions): Promise<Type.AnyLink>;
     /**
      * Retrieve and decrypt a file from the Storacha network
      *
-     * @param {Type.LitWalletSigner | Type.LitPkpSigner} signer - The wallet or PKP key signer to decrypt the file
      * @param {Type.AnyLink} cid - The link to the file to retrieve
-     * @param {Uint8Array} delegationCAR - The delegation that gives permission to decrypt the file
+     * @param {Uint8Array} delegationCAR - The delegation that gives permission to decrypt (required for both strategies)
+     * @param {Type.DecryptionOptions} decryptionOptions - User-provided decryption options
      * @returns {Promise<ReadableStream>} - The decrypted file
      */
-    retrieveAndDecryptFile(signer: Type.LitWalletSigner | Type.LitPkpSigner, cid: Type.AnyLink, delegationCAR: Uint8Array): Promise<ReadableStream>;
+    retrieveAndDecryptFile(cid: Type.AnyLink, delegationCAR: Uint8Array, decryptionOptions: Type.DecryptionOptions): Promise<ReadableStream>;
 }
 export function create(options: Type.EncryptedClientOptions): Promise<EncryptedClient>;
 import * as Type from '../types.js';

package/dist/core/client.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../src/core/client.js"],"names":[],"mappings":"~~AAMA~~,yCAAyC;AACzC,wCADiB,IAAI,CAAC,eAAe;~~IA0BnC;;;;;OAKG~~;IACH,~~4BALW~~,OAAO,kBAAkB,EAAE,MAAM,iBACjC,IAAI,CAAC,aAAa,~~aAClB~~,~~OAAO,+BAA+B,EAAE,aAAa,cACrD,~~GAAG,~~EAOb~~;~~IAnCD~~;;;OAGG;IACH,0BAHU,IAAI,CAAC,aAAa,CAGd;IAEd;;;OAGG;IACH,2BAHU,OAAO,kBAAkB,EAAE,MAAM,CAG5B;IAEf;;;OAGG;IACH,~~sBAHU,OAAO,+BAA+B,EAAE,aAAa,CAGrD;IAEV;;;OAGG;IACH,~~uBAHU,GAAG,CAGF;~~IAeX;;;;;OAKG~~;IACH,~~0BAHW~~,IAAI,CAAC,QAAQ,~~GACX~~,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,~~CASjC~~;IAED;;;;;;;OAOG;IACH~~,+BALW~~,IAAI,CAAC,~~eAAe~~,~~GAAG~~,~~IAAI~~,~~CAAC~~,~~YAAY,OACxC,~~IAAI,CAAC,~~OAAO~~,~~iBACZ~~,~~UAAU,GACR,~~OAAO,CAAC,cAAc,CAAC,~~CAYnC~~;CACF;~~AAWM~~,gCAFI,IAAI,CAAC,sBAAsB,~~4BAcrC~~;~~sBAtGqB~~,aAAa"}
1	+ {"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../src/core/client.js"],"names":[],"mappings":"AAKA,yCAAyC;AACzC,wCADiB,IAAI,CAAC,eAAe;IAoBnC;;;;OAIG;IACH,4BAJW,OAAO,kBAAkB,EAAE,MAAM,iBACjC,IAAI,CAAC,aAAa,cAClB,GAAG,EAMb;IA3BD;;;OAGG;IACH,0BAHU,IAAI,CAAC,aAAa,CAGd;IAEd;;;OAGG;IACH,2BAHU,OAAO,kBAAkB,EAAE,MAAM,CAG5B;IAEf;;;OAGG;IACH,uBAHU,GAAG,CAGF;IAaX;;;;;;;OAOG;IACH,2BALW,IAAI,CAAC,QAAQ,oBACb,IAAI,CAAC,gBAAgB,kBACrB,IAAI,CAAC,aAAa,GAChB,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAUjC;IAED;;;;;;;OAOG;IACH,4BALW,IAAI,CAAC,OAAO,iBACZ,UAAU,qBACV,IAAI,CAAC,iBAAiB,GACpB,OAAO,CAAC,cAAc,CAAC,CAWnC;CACF;AASM,gCAFI,IAAI,CAAC,sBAAsB,4BAQrC;sBAvFqB,aAAa"}

package/dist/core/client.js CHANGED Viewed

@@ -1,5 +1,4 @@
 import * as Type from '../types.js';
-import { getLitClient } from '../protocols/lit.js';
 import { GATEWAY_URL } from '../config/constants.js';
 import { encryptAndUpload } from '../handlers/encrypt-handler.js';
 import { retrieveAndDecrypt } from '../handlers/decrypt-handler.js';
@@ -15,11 +14,6 @@ export class EncryptedClient {
      * @protected
      */
     _storachaClient;
-    /**
-     * @type {import('@lit-protocol/lit-node-client').LitNodeClient}
-     * @protected
-     */
-    _litClient;
     /**
      * @type {URL}
      * @protected
@@ -28,50 +22,47 @@ export class EncryptedClient {
     /**
      * @param {import('@storacha/client').Client} storachaClient
      * @param {Type.CryptoAdapter} cryptoAdapter
-     * @param {import('@lit-protocol/lit-node-client').LitNodeClient} litClient
      * @param {URL} gatewayURL
      */
-    constructor(storachaClient, cryptoAdapter, litClient, gatewayURL) {
+    constructor(storachaClient, cryptoAdapter, gatewayURL) {
         this._storachaClient = storachaClient;
         this._cryptoAdapter = cryptoAdapter;
-        this._litClient = litClient;
         this._gatewayURL = gatewayURL;
     }
     /**
-     * Upload an encrypted file to the Storacha network
+     * Encrypt and upload a file to the Storacha network
      *
      * @param {Type.BlobLike} file - The file to upload
+     * @param {Type.EncryptionConfig} encryptionConfig - User-provided encryption configuration
+     * @param {Type.UploadOptions} [uploadOptions] - User-provided upload options
      * @returns {Promise<Type.AnyLink>} - The link to the uploaded file
      */
-    async uploadEncryptedFile(file) {
-        return encryptAndUpload(this._storachaClient, this._litClient, this._cryptoAdapter, file);
+    async encryptAndUploadFile(file, encryptionConfig, uploadOptions = {}) {
+        return encryptAndUpload(this._storachaClient, this._cryptoAdapter, file, encryptionConfig, uploadOptions);
     }
     /**
      * Retrieve and decrypt a file from the Storacha network
      *
-     * @param {Type.LitWalletSigner | Type.LitPkpSigner} signer - The wallet or PKP key signer to decrypt the file
      * @param {Type.AnyLink} cid - The link to the file to retrieve
-     * @param {Uint8Array} delegationCAR - The delegation that gives permission to decrypt the file
+     * @param {Uint8Array} delegationCAR - The delegation that gives permission to decrypt (required for both strategies)
+     * @param {Type.DecryptionOptions} decryptionOptions - User-provided decryption options
      * @returns {Promise<ReadableStream>} - The decrypted file
      */
-    async retrieveAndDecryptFile(signer, cid, delegationCAR) {
-        return retrieveAndDecrypt(this._storachaClient, this._litClient, this._cryptoAdapter, this._gatewayURL, signer, cid, delegationCAR);
+    async retrieveAndDecryptFile(cid, delegationCAR, decryptionOptions) {
+        return retrieveAndDecrypt(this._storachaClient, this._cryptoAdapter, this._gatewayURL, cid, delegationCAR, decryptionOptions);
     }
 }
 /**
- * Creates a new EncryptClient.
- *
- * If no Lit Client is provided, one will be created based on the LIT_NETWORK environment variable, defaulting to "DatilTest" if not set.
+ * Creates a new EncryptedClient.
  *
  * If no Gateway URL is provided, the default value of 'https://w3s.link' will be used.
  *
  * @param {Type.EncryptedClientOptions} options
  */
 export const create = async (options) => {
-    const litClient = options.litClient ?? (await getLitClient());
     const cryptoAdapter = options.cryptoAdapter;
     const gatewayURL = options.gatewayURL ?? GATEWAY_URL;
     const storachaClient = options.storachaClient;
-    return new EncryptedClient(storachaClient, cryptoAdapter, litClient, gatewayURL);
+    return new EncryptedClient(storachaClient, cryptoAdapter, gatewayURL);
 };
 //# sourceMappingURL=client.js.map

package/dist/core/metadata/encrypted-metadata.d.ts ADDED Viewed

@@ -0,0 +1,8 @@
+export function extract(archive: Uint8Array): any;
+export function create(strategy: "lit" | "kms", data: any): import("../../types.js").LitMetadataView | import("../../types.js").KMSMetadataView;
+export function getSupportedVersions(): string[];
+export function isVersionSupported(version: string): boolean;
+import * as LitMetadata from './lit-metadata.js';
+import * as KMSMetadata from './kms-metadata.js';
+export { LitMetadata, KMSMetadata };
+//# sourceMappingURL=encrypted-metadata.d.ts.map

package/dist/core/metadata/encrypted-metadata.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"encrypted-metadata.d.ts","sourceRoot":"","sources":["../../../src/core/metadata/encrypted-metadata.js"],"names":[],"mappings":"AAuBO,iCAHI,UAAU,GACR,GAAG,CA8Bf;AAQM,iCAHI,KAAK,GAAG,KAAK,QACb,GAAG,uFAWb;AAKM,iDAAuD;AAOvD,4CAFI,MAAM,WAEgD;6BA1EpC,mBAAmB;6BACnB,mBAAmB"}

package/dist/core/metadata/encrypted-metadata.js ADDED Viewed

@@ -0,0 +1,69 @@
+/**
+ * Universal Encrypted Metadata Orchestrator
+ * Routes between different encryption strategies (Lit, KMS, etc.)
+ * Each network gets its own version
+ */
+import * as LitMetadata from './lit-metadata.js';
+import * as KMSMetadata from './kms-metadata.js';
+import { CAR, error } from '@ucanto/core';
+import * as dagCBOR from '@ipld/dag-cbor';
+import { UnknownFormat } from '../errors.js';
+const FORMATS = {
+    [LitMetadata.version]: LitMetadata, // 'encrypted-metadata@0.1'
+    [KMSMetadata.version]: KMSMetadata, // 'encrypted-metadata@0.2'
+};
+/**
+ * Universal extract function - tries each registered format
+ *
+ * @param {Uint8Array} archive
+ * @returns {any}
+ */
+export const extract = (archive) => {
+    // Decode CAR to check version
+    const { roots } = CAR.decode(archive);
+    if (!roots.length) {
+        return error(new UnknownFormat('missing root block'));
+    }
+    const { code } = roots[0].cid;
+    if (code !== dagCBOR.code) {
+        return error(new UnknownFormat(`unexpected root CID codec: 0x${code.toString(16)}`));
+    }
+    // Check which version this metadata uses
+    const value = dagCBOR.decode(roots[0].bytes);
+    for (const [version, formatModule] of Object.entries(FORMATS)) {
+        if (value && typeof value === 'object' && version in value) {
+            // Found matching version, delegate to specific format module
+            return formatModule.extract(archive);
+        }
+    }
+    return error(new UnknownFormat('Unknown metadata format - no matching version found'));
+};
+/**
+ * Create metadata for specific strategy
+ *
+ * @param {'lit' | 'kms'} strategy
+ * @param {any} data
+ */
+export const create = (strategy, data) => {
+    switch (strategy) {
+        case 'lit':
+            return LitMetadata.create(data);
+        case 'kms':
+            return KMSMetadata.create(data);
+        default:
+            throw new Error(`Unknown encryption strategy: ${strategy}`);
+    }
+};
+/**
+ * Get available format versions
+ */
+export const getSupportedVersions = () => Object.keys(FORMATS);
+/**
+ * Check if a version is supported
+ *
+ * @param {string} version
+ */
+export const isVersionSupported = (version) => version in FORMATS;
+// Re-export format modules for direct access if needed
+export { LitMetadata, KMSMetadata };
+//# sourceMappingURL=encrypted-metadata.js.map

package/dist/core/metadata/kms-metadata.d.ts ADDED Viewed

@@ -0,0 +1,36 @@
+export const version: "encrypted-metadata@0.2";
+export const KMSMetadataSchema: Schema.VariantSchema<{
+    "encrypted-metadata@0.2": Schema.StructSchema<{
+        encryptedDataCID: Schema.Schema<Link.Link<unknown, number, number, 0 | 1>, any>;
+        encryptedSymmetricKey: Schema.StringSchema<string, unknown>;
+        space: Schema.StringSchema<string, unknown>;
+        kms: Schema.StructSchema<{
+            provider: Schema.StringSchema<string, unknown>;
+            keyId: Schema.StringSchema<string, unknown>;
+            algorithm: Schema.StringSchema<string, unknown>;
+        }, any>;
+    }, unknown>;
+}, unknown>;
+export const KMSMetadataInputSchema: Schema.StructSchema<{
+    encryptedDataCID: Schema.StringSchema<string, unknown>;
+    encryptedSymmetricKey: Schema.StringSchema<string, unknown>;
+    space: Schema.StringSchema<string, unknown>;
+    kms: Schema.StructSchema<{
+        provider: Schema.StringSchema<string, unknown>;
+        keyId: Schema.StringSchema<string, unknown>;
+        algorithm: Schema.StringSchema<string, unknown>;
+    }, any>;
+}, unknown>;
+export function create(kmsMetadataInput: Types.KMSMetadata | Types.KMSMetadataInput): Types.KMSMetadataView;
+export function toJSON(kmsMetadata: Types.KMSMetadataView): Types.KMSMetadataInput;
+export function parse(kmsMetadataInput: Types.KMSMetadataInput): Types.KMSMetadata;
+export function archiveBlock(kmsMetadataInput: Types.KMSMetadata): Promise<import("@ucanto/interface").Block>;
+export function archive(kmsMetadata: Types.KMSMetadata): Promise<Types.Result<Uint8Array>>;
+export function extract(archive: Uint8Array): Types.Result<Types.KMSMetadataView, Types.UnknownFormat>;
+export function view({ root }: {
+    root: Types.IPLDBlock;
+}): Types.Result<Types.KMSMetadataView, Types.UnknownFormat>;
+import * as Link from 'multiformats/link';
+import { Schema } from '@ucanto/core';
+import * as Types from '../../types.js';
+//# sourceMappingURL=kms-metadata.d.ts.map

package/dist/core/metadata/kms-metadata.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"kms-metadata.d.ts","sourceRoot":"","sources":["../../../src/core/metadata/kms-metadata.js"],"names":[],"mappings":"AASA,sBAAuB,wBAAwB,CAAA;AAE/C;;;;;;;;;;;YAWE;AAEF;;;;;;;;;YASE;AAgEK,yCAHI,KAAK,CAAC,WAAW,GAAC,KAAK,CAAC,gBAAgB,GACtC,KAAK,CAAC,eAAe,CAE2C;AAMtE,oCAHI,KAAK,CAAC,eAAe,GACnB,KAAK,CAAC,gBAAgB,CAOjC;AAMK,wCAHI,KAAK,CAAC,gBAAgB,GACpB,KAAK,CAAC,WAAW,CAO5B;AAMK,+CAHI,KAAK,CAAC,WAAW,GACf,OAAO,CAAC,OAAO,mBAAmB,EAAE,KAAK,CAAC,CAOtD;AAMM,qCAHI,KAAK,CAAC,WAAW,GACf,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAK7C;AAMM,iCAHI,UAAU,GACR,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,eAAe,EAAE,KAAK,CAAC,aAAa,CAAC,CAiBpE;AAOM,+BAHJ;IAAgC,IAAI,EAA5B,KAAK,CAAC,SAAS;CACvB,GAAU,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,eAAe,EAAE,KAAK,CAAC,aAAa,CAAC,CAiBpE;sBApLqB,mBAAmB;uBAEF,cAAc;uBAE9B,gBAAgB"}

package/dist/core/metadata/kms-metadata.js ADDED Viewed

@@ -0,0 +1,156 @@
+import { CID } from 'multiformats';
+import * as dagCBOR from '@ipld/dag-cbor';
+import * as Link from 'multiformats/link';
+import { sha256 } from 'multiformats/hashes/sha2';
+import { CAR, ok, error, Schema } from '@ucanto/core';
+import * as Types from '../../types.js';
+import { UnknownFormat } from '../errors.js';
+export const version = 'encrypted-metadata@0.2';
+export const KMSMetadataSchema = Schema.variant({
+    [version]: Schema.struct({
+        encryptedDataCID: Schema.link(),
+        encryptedSymmetricKey: Schema.string(),
+        space: Schema.string(), // SpaceDID as string
+        kms: Schema.struct({
+            provider: Schema.string(),
+            keyId: Schema.string(),
+            algorithm: Schema.string(),
+        }),
+    }),
+});
+export const KMSMetadataInputSchema = Schema.struct({
+    encryptedDataCID: Schema.string(),
+    encryptedSymmetricKey: Schema.string(),
+    space: Schema.string(),
+    kms: Schema.struct({
+        provider: Schema.string(),
+        keyId: Schema.string(),
+        algorithm: Schema.string(),
+    }),
+});
+/** @implements {Types.KMSMetadataView} */
+class KMSMetadata {
+    #encryptedDataCID;
+    #encryptedSymmetricKey;
+    #space;
+    #kms;
+    /** @param {Types.KMSMetadata|Types.KMSMetadataInput} kmsMetadataInput */
+    constructor(kmsMetadataInput) {
+        /** @type {Types.KMSMetadata} */
+        let kmsMetadata;
+        if (KMSMetadataInputSchema.is(kmsMetadataInput)) {
+            kmsMetadata = parse(
+            /** @type {Types.KMSMetadataInput} */ (kmsMetadataInput));
+        }
+        else {
+            kmsMetadata = /** @type {Types.KMSMetadata} */ (kmsMetadataInput);
+        }
+        this.#encryptedDataCID = kmsMetadata.encryptedDataCID;
+        this.#encryptedSymmetricKey = kmsMetadata.encryptedSymmetricKey;
+        this.#space = kmsMetadata.space;
+        this.#kms = kmsMetadata.kms;
+    }
+    get encryptedDataCID() {
+        return this.#encryptedDataCID;
+    }
+    get encryptedSymmetricKey() {
+        return this.#encryptedSymmetricKey;
+    }
+    get space() {
+        return this.#space;
+    }
+    get kms() {
+        return this.#kms;
+    }
+    archiveBlock() {
+        /** @type {Types.KMSMetadata} */
+        const input = {
+            encryptedDataCID: this.encryptedDataCID,
+            encryptedSymmetricKey: this.encryptedSymmetricKey,
+            space: this.space,
+            kms: this.kms,
+        };
+        return archiveBlock(input);
+    }
+    /** @returns {Types.KMSMetadataInput} */
+    toJSON() {
+        return toJSON(this);
+    }
+}
+/**
+ * @param {Types.KMSMetadata|Types.KMSMetadataInput} kmsMetadataInput
+ * @returns {Types.KMSMetadataView}
+ */
+export const create = (kmsMetadataInput) => new KMSMetadata(kmsMetadataInput);
+/**
+ * @param {Types.KMSMetadataView} kmsMetadata
+ * @returns {Types.KMSMetadataInput}
+ */
+export const toJSON = (kmsMetadata) => ({
+    encryptedDataCID: kmsMetadata.encryptedDataCID.toString(),
+    encryptedSymmetricKey: kmsMetadata.encryptedSymmetricKey,
+    space: kmsMetadata.space,
+    kms: kmsMetadata.kms,
+});
+/**
+ * @param {Types.KMSMetadataInput} kmsMetadataInput
+ * @returns {Types.KMSMetadata}
+ */
+export const parse = (kmsMetadataInput) => ({
+    encryptedDataCID: CID.parse(kmsMetadataInput.encryptedDataCID),
+    encryptedSymmetricKey: kmsMetadataInput.encryptedSymmetricKey,
+    space: /** @type {Types.SpaceDID} */ (kmsMetadataInput.space),
+    kms: kmsMetadataInput.kms,
+});
+/**
+ * @param {Types.KMSMetadata} kmsMetadataInput
+ * @returns {Promise<import('@ucanto/interface').Block>}
+ */
+export const archiveBlock = async (kmsMetadataInput) => {
+    const bytes = dagCBOR.encode({ [version]: kmsMetadataInput });
+    const digest = await sha256.digest(bytes);
+    const cid = Link.create(dagCBOR.code, digest);
+    return { cid, bytes };
+};
+/**
+ * @param {Types.KMSMetadata} kmsMetadata
+ * @returns {Promise<Types.Result<Uint8Array>>}
+ */
+export const archive = async (kmsMetadata) => {
+    const block = await archiveBlock(kmsMetadata);
+    return ok(CAR.encode({ roots: [block] }));
+};
+/**
+ * @param {Uint8Array} archive
+ * @returns {Types.Result<Types.KMSMetadataView, Types.UnknownFormat>}
+ */
+export const extract = (archive) => {
+    const { roots } = CAR.decode(archive);
+    if (!roots.length) {
+        return error(new UnknownFormat('missing root block'));
+    }
+    const { code } = roots[0].cid;
+    if (code !== dagCBOR.code) {
+        return error(new UnknownFormat(`unexpected root CID codec: 0x${code.toString(16)}`));
+    }
+    return view({ root: roots[0] });
+};
+/**
+ * @param {object} source
+ * @param {Types.IPLDBlock} source.root
+ * @returns {Types.Result<Types.KMSMetadataView, Types.UnknownFormat>}
+ */
+export const view = ({ root }) => {
+    const value = dagCBOR.decode(root.bytes);
+    const [matchedVersion, kmsMetadataData] = KMSMetadataSchema.match(value);
+    switch (matchedVersion) {
+        case version: {
+            const kmsMetadata = create(
+            /** @type {Types.KMSMetadata}*/ (kmsMetadataData));
+            return ok(kmsMetadata);
+        }
+        default:
+            return error(new UnknownFormat(`unknown KMS metadata version: ${matchedVersion}`));
+    }
+};
+//# sourceMappingURL=kms-metadata.js.map

package/dist/core/{encrypted-metadata.d.ts → metadata/lit-metadata.d.ts} RENAMED Viewed

@@ -1,5 +1,5 @@
 export const version: "encrypted-metadata@0.1";
-export const EncryptedMetadataSchema: Schema.VariantSchema<{
+export const LitMetadataSchema: Schema.VariantSchema<{
     "encrypted-metadata@0.1": Schema.StructSchema<{
         encryptedDataCID: Schema.Schema<Link.Link<unknown, number, number, 0 | 1>, any>;
         identityBoundCiphertext: Schema.Schema<Uint8Array<ArrayBufferLike>, unknown>;
@@ -7,22 +7,22 @@ export const EncryptedMetadataSchema: Schema.VariantSchema<{
         accessControlConditions: Schema.Schema<Schema.Dictionary<string, unknown>[], unknown>;
     }, unknown>;
 }, unknown>;
-export const EncryptedMetadataInputSchema: Schema.StructSchema<{
+export const LitMetadataInputSchema: Schema.StructSchema<{
     encryptedDataCID: Schema.StringSchema<string, unknown>;
     identityBoundCiphertext: Schema.StringSchema<string, unknown>;
     plaintextKeyHash: Schema.StringSchema<string, unknown>;
     accessControlConditions: Schema.Schema<Schema.Dictionary<string, unknown>[], unknown>;
 }, unknown>;
-export function create(encryptedMetadataInput: Types.EncryptedMetadata | Types.EncryptedMetadataInput): Types.EncryptedMetadataView;
-export function toJSON(encryptedMetadata: Types.EncryptedMetadataView): Types.EncryptedMetadataInput;
-export function parse(encryptedMetadataInput: Types.EncryptedMetadataInput): Types.EncryptedMetadata;
-export function archiveBlock(encryptedMetadataInput: Types.EncryptedMetadata): Promise<import("@ucanto/interface").Block>;
-export function archive(encryptedMetadataInput: Types.EncryptedMetadata): Promise<Types.Result<Uint8Array>>;
-export function extract(archive: Uint8Array): Types.Result<Types.EncryptedMetadataView, Types.UnknownFormat>;
+export function create(encryptedMetadataInput: Types.LitMetadata | Types.LitMetadataInput): Types.LitMetadataView;
+export function toJSON(encryptedMetadata: Types.LitMetadataView): Types.LitMetadataInput;
+export function parse(encryptedMetadataInput: Types.LitMetadataInput): Types.LitMetadata;
+export function archiveBlock(encryptedMetadataInput: Types.LitMetadata): Promise<import("@ucanto/interface").Block>;
+export function archive(encryptedMetadata: Types.LitMetadata): Promise<Types.Result<Uint8Array>>;
+export function extract(archive: Uint8Array): Types.Result<Types.LitMetadataView, Types.UnknownFormat>;
 export function view({ root }: {
     root: Types.IPLDBlock;
-}): Types.Result<Types.EncryptedMetadataView, Types.UnknownFormat>;
+}): Types.Result<Types.LitMetadataView, Types.UnknownFormat>;
 import * as Link from 'multiformats/link';
 import { Schema } from '@ucanto/core';
-import * as Types from '../types.js';
-//# sourceMappingURL=encrypted-metadata.d.ts.map
+import * as Types from '../../types.js';
+//# sourceMappingURL=lit-metadata.d.ts.map

package/dist/core/metadata/lit-metadata.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"lit-metadata.d.ts","sourceRoot":"","sources":["../../../src/core/metadata/lit-metadata.js"],"names":[],"mappings":"AAUA,sBAAuB,wBAAwB,CAAA;AAE/C;;;;;;;YAUE;AAEF;;;;;YAQE;AAmEK,+CAHI,KAAK,CAAC,WAAW,GAAC,KAAK,CAAC,gBAAgB,GACtC,KAAK,CAAC,eAAe,CAGgB;AAM3C,0CAHI,KAAK,CAAC,eAAe,GACnB,KAAK,CAAC,gBAAgB,CASjC;AAMK,8CAHI,KAAK,CAAC,gBAAgB,GACpB,KAAK,CAAC,WAAW,CAS5B;AAMK,qDAHI,KAAK,CAAC,WAAW,GACf,OAAO,CAAC,OAAO,mBAAmB,EAAE,KAAK,CAAC,CAOtD;AAMM,2CAHI,KAAK,CAAC,WAAW,GACf,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAK7C;AAMM,iCAHI,UAAU,GACR,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,eAAe,EAAE,KAAK,CAAC,aAAa,CAAC,CAiBpE;AAOM,+BAHJ;IAAgC,IAAI,EAA5B,KAAK,CAAC,SAAS;CACvB,GAAU,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,eAAe,EAAE,KAAK,CAAC,aAAa,CAAC,CAiBpE;sBA3LqB,mBAAmB;uBAEF,cAAc;uBAE9B,gBAAgB"}