@sudoplatform/sudo-common 7.0.2 → 8.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (404) hide show
  1. package/cjs/configurationManager/defaultConfigurationManager.d.ts +123 -0
  2. package/cjs/configurationManager/defaultConfigurationManager.js +122 -0
  3. package/cjs/configurationManager/defaultConfigurationManager.js.map +1 -0
  4. package/cjs/errors/error.d.ts +263 -0
  5. package/cjs/errors/error.js +442 -0
  6. package/cjs/errors/error.js.map +1 -0
  7. package/cjs/index.d.ts +9 -0
  8. package/cjs/index.js +13 -0
  9. package/cjs/index.js.map +1 -0
  10. package/cjs/logging/bunyanLogger.d.ts +8 -0
  11. package/cjs/logging/bunyanLogger.js +36 -0
  12. package/cjs/logging/bunyanLogger.js.map +1 -0
  13. package/cjs/logging/logger.d.ts +87 -0
  14. package/cjs/logging/logger.js +77 -0
  15. package/cjs/logging/logger.js.map +1 -0
  16. package/cjs/sudoKeyArchive/index.d.ts +4 -0
  17. package/cjs/sudoKeyArchive/index.js +8 -0
  18. package/cjs/sudoKeyArchive/index.js.map +1 -0
  19. package/cjs/sudoKeyArchive/keyArchive.d.ts +137 -0
  20. package/cjs/sudoKeyArchive/keyArchive.js +84 -0
  21. package/cjs/sudoKeyArchive/keyArchive.js.map +1 -0
  22. package/cjs/sudoKeyArchive/keyInfo.d.ts +41 -0
  23. package/cjs/sudoKeyArchive/keyInfo.js +17 -0
  24. package/cjs/sudoKeyArchive/keyInfo.js.map +1 -0
  25. package/cjs/sudoKeyArchive/keyType.d.ts +13 -0
  26. package/cjs/sudoKeyArchive/keyType.js +39 -0
  27. package/cjs/sudoKeyArchive/keyType.js.map +1 -0
  28. package/cjs/sudoKeyArchive/sudoKeyArchive.d.ts +190 -0
  29. package/cjs/sudoKeyArchive/sudoKeyArchive.js +373 -0
  30. package/cjs/sudoKeyArchive/sudoKeyArchive.js.map +1 -0
  31. package/cjs/sudoKeyManager/index.d.ts +4 -0
  32. package/cjs/sudoKeyManager/index.js +8 -0
  33. package/cjs/sudoKeyManager/index.js.map +1 -0
  34. package/cjs/sudoKeyManager/keyData.d.ts +56 -0
  35. package/cjs/sudoKeyManager/keyData.js +46 -0
  36. package/cjs/sudoKeyManager/keyData.js.map +1 -0
  37. package/cjs/sudoKeyManager/publicKey.d.ts +8 -0
  38. package/cjs/sudoKeyManager/publicKey.js +9 -0
  39. package/cjs/sudoKeyManager/publicKey.js.map +1 -0
  40. package/cjs/sudoKeyManager/sudoCryptoProvider.d.ts +324 -0
  41. package/cjs/sudoKeyManager/sudoCryptoProvider.js +12 -0
  42. package/cjs/sudoKeyManager/sudoCryptoProvider.js.map +1 -0
  43. package/cjs/sudoKeyManager/sudoKeyManager.d.ts +344 -0
  44. package/cjs/sudoKeyManager/sudoKeyManager.js +140 -0
  45. package/cjs/sudoKeyManager/sudoKeyManager.js.map +1 -0
  46. package/cjs/types/types.d.ts +115 -0
  47. package/cjs/types/types.js +45 -0
  48. package/cjs/types/types.js.map +1 -0
  49. package/cjs/utils/base64.d.ts +44 -0
  50. package/cjs/utils/base64.js +71 -0
  51. package/cjs/utils/base64.js.map +1 -0
  52. package/cjs/utils/buffer.d.ts +13 -0
  53. package/cjs/utils/buffer.js +37 -0
  54. package/cjs/utils/buffer.js.map +1 -0
  55. package/cjs/utils/stream.d.ts +6 -0
  56. package/cjs/utils/stream.js +70 -0
  57. package/cjs/utils/stream.js.map +1 -0
  58. package/lib/configurationManager/defaultConfigurationManager.js +106 -158
  59. package/lib/configurationManager/defaultConfigurationManager.js.map +1 -0
  60. package/lib/errors/error.js +226 -438
  61. package/lib/errors/error.js.map +1 -0
  62. package/lib/index.d.ts +1 -0
  63. package/lib/index.js +10 -109
  64. package/lib/index.js.map +1 -0
  65. package/lib/logging/bunyanLogger.js +29 -41
  66. package/lib/logging/bunyanLogger.js.map +1 -0
  67. package/lib/logging/logger.js +66 -92
  68. package/lib/logging/logger.js.map +1 -0
  69. package/lib/sudoKeyArchive/index.js +5 -57
  70. package/lib/sudoKeyArchive/index.js.map +1 -0
  71. package/lib/sudoKeyArchive/keyArchive.d.ts +8 -8
  72. package/lib/sudoKeyArchive/keyArchive.js +69 -96
  73. package/lib/sudoKeyArchive/keyArchive.js.map +1 -0
  74. package/lib/sudoKeyArchive/keyInfo.js +11 -49
  75. package/lib/sudoKeyArchive/keyInfo.js.map +1 -0
  76. package/lib/sudoKeyArchive/keyType.js +27 -37
  77. package/lib/sudoKeyArchive/keyType.js.map +1 -0
  78. package/lib/sudoKeyArchive/sudoKeyArchive.js +351 -444
  79. package/lib/sudoKeyArchive/sudoKeyArchive.js.map +1 -0
  80. package/lib/sudoKeyManager/index.js +5 -57
  81. package/lib/sudoKeyManager/index.js.map +1 -0
  82. package/lib/sudoKeyManager/keyData.js +38 -33
  83. package/lib/sudoKeyManager/keyData.js.map +1 -0
  84. package/lib/sudoKeyManager/publicKey.js +5 -12
  85. package/lib/sudoKeyManager/publicKey.js.map +1 -0
  86. package/lib/sudoKeyManager/sudoCryptoProvider.js +8 -26
  87. package/lib/sudoKeyManager/sudoCryptoProvider.js.map +1 -0
  88. package/lib/sudoKeyManager/sudoKeyManager.js +135 -173
  89. package/lib/sudoKeyManager/sudoKeyManager.js.map +1 -0
  90. package/lib/types/types.js +27 -33
  91. package/lib/types/types.js.map +1 -0
  92. package/lib/utils/base64.d.ts +35 -0
  93. package/lib/utils/base64.js +63 -28
  94. package/lib/utils/base64.js.map +1 -0
  95. package/lib/utils/buffer.js +28 -46
  96. package/lib/utils/buffer.js.map +1 -0
  97. package/lib/utils/stream.d.ts +6 -0
  98. package/lib/utils/stream.js +63 -0
  99. package/lib/utils/stream.js.map +1 -0
  100. package/package.json +36 -29
  101. package/.babelrc +0 -10
  102. package/.eslintrc.js +0 -91
  103. package/.gitignore +0 -14
  104. package/.gitlab-ci.yml +0 -101
  105. package/.npmignore +0 -1
  106. package/.prettierignore +0 -3
  107. package/.prettierrc.js +0 -7
  108. package/.publisher.json +0 -7
  109. package/.vscode/settings.json +0 -5
  110. package/.yarn/releases/yarn-1.22.19.cjs +0 -147529
  111. package/.yarnrc +0 -5
  112. package/dependencies-report.json +0 -640
  113. package/docs/.nojekyll +0 -1
  114. package/docs/assets/highlight.css +0 -57
  115. package/docs/assets/main.js +0 -54
  116. package/docs/assets/search.js +0 -1
  117. package/docs/assets/style.css +0 -1224
  118. package/docs/assets/widgets.png +0 -0
  119. package/docs/assets/widgets@2x.png +0 -0
  120. package/docs/classes/AccountLockedError.html +0 -163
  121. package/docs/classes/AuthenticationError.html +0 -169
  122. package/docs/classes/Base64.html +0 -134
  123. package/docs/classes/Buffer.html +0 -158
  124. package/docs/classes/ConfigurationNotSetError.html +0 -164
  125. package/docs/classes/ConfigurationSetNotFoundError.html +0 -168
  126. package/docs/classes/DecodeError.html +0 -168
  127. package/docs/classes/DefaultConfigurationManager.html +0 -213
  128. package/docs/classes/DefaultLogger.html +0 -291
  129. package/docs/classes/DefaultSudoKeyArchive.html +0 -363
  130. package/docs/classes/DefaultSudoKeyManager.html +0 -814
  131. package/docs/classes/FatalError.html +0 -169
  132. package/docs/classes/IllegalArgumentError.html +0 -168
  133. package/docs/classes/IllegalStateError.html +0 -169
  134. package/docs/classes/InsufficientEntitlementsError.html +0 -164
  135. package/docs/classes/InvalidOwnershipProofError.html +0 -163
  136. package/docs/classes/InvalidTokenError.html +0 -163
  137. package/docs/classes/KeyArchiveDecodingError.html +0 -168
  138. package/docs/classes/KeyArchiveIncorrectPasswordError.html +0 -168
  139. package/docs/classes/KeyArchiveMissingError.html +0 -168
  140. package/docs/classes/KeyArchiveNoPasswordRequiredError.html +0 -168
  141. package/docs/classes/KeyArchivePasswordRequiredError.html +0 -168
  142. package/docs/classes/KeyArchiveTypeError.html +0 -168
  143. package/docs/classes/KeyArchiveUnknownKeyTypeError.html +0 -168
  144. package/docs/classes/KeyArchiveVersionError.html +0 -168
  145. package/docs/classes/KeyNotFoundError.html +0 -168
  146. package/docs/classes/KeyStoreNotExportableError.html +0 -168
  147. package/docs/classes/LimitExceededError.html +0 -164
  148. package/docs/classes/NoEntitlementsError.html +0 -163
  149. package/docs/classes/NotAuthorizedError.html +0 -169
  150. package/docs/classes/NotRegisteredError.html +0 -168
  151. package/docs/classes/NotSignedInError.html +0 -164
  152. package/docs/classes/OperationNotImplementedError.html +0 -168
  153. package/docs/classes/RegisterError.html +0 -169
  154. package/docs/classes/RequestFailedError.html +0 -189
  155. package/docs/classes/ServiceError.html +0 -170
  156. package/docs/classes/SignOutError.html +0 -168
  157. package/docs/classes/SudoCryptoProviderDefaults.html +0 -106
  158. package/docs/classes/UnknownGraphQLError.html +0 -169
  159. package/docs/classes/UnrecognizedAlgorithmError.html +0 -168
  160. package/docs/classes/UserNotConfirmedError.html +0 -164
  161. package/docs/classes/VersionMismatchError.html +0 -166
  162. package/docs/enums/CachePolicy.html +0 -72
  163. package/docs/enums/EncryptionAlgorithm.html +0 -80
  164. package/docs/enums/KeyArchiveKeyType.html +0 -86
  165. package/docs/enums/KeyDataKeyFormat.html +0 -92
  166. package/docs/enums/KeyDataKeyType.html +0 -85
  167. package/docs/enums/ListOperationResultStatus.html +0 -85
  168. package/docs/enums/PublicKeyFormat.html +0 -68
  169. package/docs/functions/isAppSyncNetworkError.html +0 -147
  170. package/docs/functions/isInsecureKeyArchive.html +0 -147
  171. package/docs/functions/isSecureKeyArchive.html +0 -147
  172. package/docs/functions/isUnrecognizedKeyArchive.html +0 -147
  173. package/docs/functions/keyArchiveInfoFromKeyData.html +0 -147
  174. package/docs/functions/keyArchiveKeyTypeFromKeyDataKeyType.html +0 -147
  175. package/docs/functions/mapGraphQLToClientError.html +0 -154
  176. package/docs/functions/mapNetworkErrorToClientError.html +0 -154
  177. package/docs/index.html +0 -146
  178. package/docs/interfaces/AsymmetricEncryptionOptions.html +0 -68
  179. package/docs/interfaces/BooleanFilter.html +0 -75
  180. package/docs/interfaces/ConfigurationManager.html +0 -200
  181. package/docs/interfaces/KeyData.html +0 -106
  182. package/docs/interfaces/ListOperationFailureResult.html +0 -76
  183. package/docs/interfaces/ListOperationPartialResult.html +0 -102
  184. package/docs/interfaces/ListOperationSuccessResult.html +0 -90
  185. package/docs/interfaces/ListOutput.html +0 -80
  186. package/docs/interfaces/Logger.html +0 -251
  187. package/docs/interfaces/Owner.html +0 -72
  188. package/docs/interfaces/PublicKey.html +0 -72
  189. package/docs/interfaces/ServiceCompatibilityInfo.html +0 -110
  190. package/docs/interfaces/StringFilter.html +0 -82
  191. package/docs/interfaces/SudoCryptoProvider.html +0 -865
  192. package/docs/interfaces/SudoKeyArchive.html +0 -257
  193. package/docs/interfaces/SudoKeyManager.html +0 -848
  194. package/docs/interfaces/SymmetricEncryptionOptions.html +0 -75
  195. package/docs/interfaces/ValidationResult.html +0 -83
  196. package/docs/modules.html +0 -248
  197. package/docs/types/AppSyncError.html +0 -138
  198. package/docs/types/AppSyncNetworkError.html +0 -138
  199. package/docs/types/InsecureKeyArchive.html +0 -138
  200. package/docs/types/KeyArchive.html +0 -138
  201. package/docs/types/KeyArchiveKeyInfo.html +0 -154
  202. package/docs/types/KeyArchiveKeyInfoDecoded.html +0 -138
  203. package/docs/types/ListOperationResult.html +0 -148
  204. package/docs/types/SecureKeyArchive.html +0 -138
  205. package/docs/types/Subset.html +0 -144
  206. package/docs/types/UnrecognizedKeyArchive.html +0 -138
  207. package/docs/variables/CURRENT_ARCHIVE_VERSION.html +0 -138
  208. package/docs/variables/InsecureKeyArchiveCodec.html +0 -138
  209. package/docs/variables/InsecureKeyArchiveType.html +0 -138
  210. package/docs/variables/KeyArchiveCodec.html +0 -138
  211. package/docs/variables/KeyArchiveKeyInfoArrayCodec.html +0 -138
  212. package/docs/variables/KeyArchiveKeyInfoCodec.html +0 -138
  213. package/docs/variables/KeyArchiveKeyTypeCodec.html +0 -138
  214. package/docs/variables/SecureKeyArchiveCodec.html +0 -138
  215. package/docs/variables/SecureKeyArchiveType.html +0 -138
  216. package/docs/variables/UnrecognizedKeyArchiveCodec.html +0 -138
  217. package/github/.babelrc +0 -10
  218. package/github/.eslintrc.js +0 -91
  219. package/github/.gitignore +0 -14
  220. package/github/.gitlab-ci.yml +0 -101
  221. package/github/.npmignore +0 -1
  222. package/github/.prettierignore +0 -3
  223. package/github/.prettierrc.js +0 -7
  224. package/github/.publisher.json +0 -7
  225. package/github/.vscode/settings.json +0 -5
  226. package/github/.yarn/releases/yarn-1.22.19.cjs +0 -147529
  227. package/github/.yarnrc +0 -5
  228. package/github/CHANGELOG.md +0 -51
  229. package/github/README.md +0 -8
  230. package/github/bin/outdated-with-suppression.sh +0 -203
  231. package/github/bin/suppress-audit.sh +0 -15
  232. package/github/bin/suppress-outdated.sh +0 -60
  233. package/github/bin/yarn-audit-with-suppression.sh +0 -19
  234. package/github/docs/.nojekyll +0 -1
  235. package/github/docs/assets/highlight.css +0 -57
  236. package/github/docs/assets/main.js +0 -54
  237. package/github/docs/assets/search.js +0 -1
  238. package/github/docs/assets/style.css +0 -1224
  239. package/github/docs/assets/widgets.png +0 -0
  240. package/github/docs/assets/widgets@2x.png +0 -0
  241. package/github/docs/classes/AccountLockedError.html +0 -163
  242. package/github/docs/classes/AuthenticationError.html +0 -169
  243. package/github/docs/classes/Base64.html +0 -134
  244. package/github/docs/classes/Buffer.html +0 -158
  245. package/github/docs/classes/ConfigurationNotSetError.html +0 -164
  246. package/github/docs/classes/ConfigurationSetNotFoundError.html +0 -168
  247. package/github/docs/classes/DecodeError.html +0 -168
  248. package/github/docs/classes/DefaultConfigurationManager.html +0 -213
  249. package/github/docs/classes/DefaultLogger.html +0 -291
  250. package/github/docs/classes/DefaultSudoKeyArchive.html +0 -363
  251. package/github/docs/classes/DefaultSudoKeyManager.html +0 -814
  252. package/github/docs/classes/FatalError.html +0 -169
  253. package/github/docs/classes/IllegalArgumentError.html +0 -168
  254. package/github/docs/classes/IllegalStateError.html +0 -169
  255. package/github/docs/classes/InsufficientEntitlementsError.html +0 -164
  256. package/github/docs/classes/InvalidOwnershipProofError.html +0 -163
  257. package/github/docs/classes/InvalidTokenError.html +0 -163
  258. package/github/docs/classes/KeyArchiveDecodingError.html +0 -168
  259. package/github/docs/classes/KeyArchiveIncorrectPasswordError.html +0 -168
  260. package/github/docs/classes/KeyArchiveMissingError.html +0 -168
  261. package/github/docs/classes/KeyArchiveNoPasswordRequiredError.html +0 -168
  262. package/github/docs/classes/KeyArchivePasswordRequiredError.html +0 -168
  263. package/github/docs/classes/KeyArchiveTypeError.html +0 -168
  264. package/github/docs/classes/KeyArchiveUnknownKeyTypeError.html +0 -168
  265. package/github/docs/classes/KeyArchiveVersionError.html +0 -168
  266. package/github/docs/classes/KeyNotFoundError.html +0 -168
  267. package/github/docs/classes/KeyStoreNotExportableError.html +0 -168
  268. package/github/docs/classes/LimitExceededError.html +0 -164
  269. package/github/docs/classes/NoEntitlementsError.html +0 -163
  270. package/github/docs/classes/NotAuthorizedError.html +0 -169
  271. package/github/docs/classes/NotRegisteredError.html +0 -168
  272. package/github/docs/classes/NotSignedInError.html +0 -164
  273. package/github/docs/classes/OperationNotImplementedError.html +0 -168
  274. package/github/docs/classes/RegisterError.html +0 -169
  275. package/github/docs/classes/RequestFailedError.html +0 -189
  276. package/github/docs/classes/ServiceError.html +0 -170
  277. package/github/docs/classes/SignOutError.html +0 -168
  278. package/github/docs/classes/SudoCryptoProviderDefaults.html +0 -106
  279. package/github/docs/classes/UnknownGraphQLError.html +0 -169
  280. package/github/docs/classes/UnrecognizedAlgorithmError.html +0 -168
  281. package/github/docs/classes/UserNotConfirmedError.html +0 -164
  282. package/github/docs/classes/VersionMismatchError.html +0 -166
  283. package/github/docs/enums/CachePolicy.html +0 -72
  284. package/github/docs/enums/EncryptionAlgorithm.html +0 -80
  285. package/github/docs/enums/KeyArchiveKeyType.html +0 -86
  286. package/github/docs/enums/KeyDataKeyFormat.html +0 -92
  287. package/github/docs/enums/KeyDataKeyType.html +0 -85
  288. package/github/docs/enums/ListOperationResultStatus.html +0 -85
  289. package/github/docs/enums/PublicKeyFormat.html +0 -68
  290. package/github/docs/functions/isAppSyncNetworkError.html +0 -147
  291. package/github/docs/functions/isInsecureKeyArchive.html +0 -147
  292. package/github/docs/functions/isSecureKeyArchive.html +0 -147
  293. package/github/docs/functions/isUnrecognizedKeyArchive.html +0 -147
  294. package/github/docs/functions/keyArchiveInfoFromKeyData.html +0 -147
  295. package/github/docs/functions/keyArchiveKeyTypeFromKeyDataKeyType.html +0 -147
  296. package/github/docs/functions/mapGraphQLToClientError.html +0 -154
  297. package/github/docs/functions/mapNetworkErrorToClientError.html +0 -154
  298. package/github/docs/index.html +0 -146
  299. package/github/docs/interfaces/AsymmetricEncryptionOptions.html +0 -68
  300. package/github/docs/interfaces/BooleanFilter.html +0 -75
  301. package/github/docs/interfaces/ConfigurationManager.html +0 -200
  302. package/github/docs/interfaces/KeyData.html +0 -106
  303. package/github/docs/interfaces/ListOperationFailureResult.html +0 -76
  304. package/github/docs/interfaces/ListOperationPartialResult.html +0 -102
  305. package/github/docs/interfaces/ListOperationSuccessResult.html +0 -90
  306. package/github/docs/interfaces/ListOutput.html +0 -80
  307. package/github/docs/interfaces/Logger.html +0 -251
  308. package/github/docs/interfaces/Owner.html +0 -72
  309. package/github/docs/interfaces/PublicKey.html +0 -72
  310. package/github/docs/interfaces/ServiceCompatibilityInfo.html +0 -110
  311. package/github/docs/interfaces/StringFilter.html +0 -82
  312. package/github/docs/interfaces/SudoCryptoProvider.html +0 -865
  313. package/github/docs/interfaces/SudoKeyArchive.html +0 -257
  314. package/github/docs/interfaces/SudoKeyManager.html +0 -848
  315. package/github/docs/interfaces/SymmetricEncryptionOptions.html +0 -75
  316. package/github/docs/interfaces/ValidationResult.html +0 -83
  317. package/github/docs/modules.html +0 -248
  318. package/github/docs/types/AppSyncError.html +0 -138
  319. package/github/docs/types/AppSyncNetworkError.html +0 -138
  320. package/github/docs/types/InsecureKeyArchive.html +0 -138
  321. package/github/docs/types/KeyArchive.html +0 -138
  322. package/github/docs/types/KeyArchiveKeyInfo.html +0 -154
  323. package/github/docs/types/KeyArchiveKeyInfoDecoded.html +0 -138
  324. package/github/docs/types/ListOperationResult.html +0 -148
  325. package/github/docs/types/SecureKeyArchive.html +0 -138
  326. package/github/docs/types/Subset.html +0 -144
  327. package/github/docs/types/UnrecognizedKeyArchive.html +0 -138
  328. package/github/docs/variables/CURRENT_ARCHIVE_VERSION.html +0 -138
  329. package/github/docs/variables/InsecureKeyArchiveCodec.html +0 -138
  330. package/github/docs/variables/InsecureKeyArchiveType.html +0 -138
  331. package/github/docs/variables/KeyArchiveCodec.html +0 -138
  332. package/github/docs/variables/KeyArchiveKeyInfoArrayCodec.html +0 -138
  333. package/github/docs/variables/KeyArchiveKeyInfoCodec.html +0 -138
  334. package/github/docs/variables/KeyArchiveKeyTypeCodec.html +0 -138
  335. package/github/docs/variables/SecureKeyArchiveCodec.html +0 -138
  336. package/github/docs/variables/SecureKeyArchiveType.html +0 -138
  337. package/github/docs/variables/UnrecognizedKeyArchiveCodec.html +0 -138
  338. package/github/jest.config.json +0 -14
  339. package/github/package.json +0 -91
  340. package/github/src/configurationManager/defaultConfigurationManager.ts +0 -281
  341. package/github/src/errors/error.ts +0 -469
  342. package/github/src/index.ts +0 -8
  343. package/github/src/logging/bunyanLogger.ts +0 -47
  344. package/github/src/logging/logger.ts +0 -164
  345. package/github/src/sudoKeyArchive/index.ts +0 -4
  346. package/github/src/sudoKeyArchive/keyArchive.ts +0 -120
  347. package/github/src/sudoKeyArchive/keyInfo.ts +0 -47
  348. package/github/src/sudoKeyArchive/keyType.ts +0 -50
  349. package/github/src/sudoKeyArchive/sudoKeyArchive.ts +0 -591
  350. package/github/src/sudoKeyManager/index.ts +0 -4
  351. package/github/src/sudoKeyManager/keyData.ts +0 -60
  352. package/github/src/sudoKeyManager/publicKey.ts +0 -9
  353. package/github/src/sudoKeyManager/sudoCryptoProvider.ts +0 -416
  354. package/github/src/sudoKeyManager/sudoKeyManager.ts +0 -609
  355. package/github/src/types/types.ts +0 -129
  356. package/github/src/utils/base64.ts +0 -21
  357. package/github/src/utils/buffer.ts +0 -39
  358. package/github/test/integration/defaultConfigurationManager.spec.ts +0 -85
  359. package/github/test/matchers.ts +0 -122
  360. package/github/test/unit/configurationManager/defaultConfigurationManager.spec.ts +0 -506
  361. package/github/test/unit/errors/error.spec.ts +0 -115
  362. package/github/test/unit/keyType.spec.ts +0 -54
  363. package/github/test/unit/logging/logger.spec.ts +0 -182
  364. package/github/test/unit/sudoKeyArchive.spec.ts +0 -1609
  365. package/github/test/unit/sudoKeyManager.spec.ts +0 -1045
  366. package/github/test/unit/utils/base64.spec.ts +0 -30
  367. package/github/test/unit/utils/buffer.spec.ts +0 -45
  368. package/github/test/unit/utils/listOperationResult.spec.ts +0 -84
  369. package/github/tsconfig.json +0 -20
  370. package/github/tsconfig.test.json +0 -7
  371. package/github/yarn.lock +0 -5922
  372. package/jest.config.json +0 -14
  373. package/src/configurationManager/defaultConfigurationManager.ts +0 -281
  374. package/src/errors/error.ts +0 -469
  375. package/src/index.ts +0 -8
  376. package/src/logging/bunyanLogger.ts +0 -47
  377. package/src/logging/logger.ts +0 -164
  378. package/src/sudoKeyArchive/index.ts +0 -4
  379. package/src/sudoKeyArchive/keyArchive.ts +0 -120
  380. package/src/sudoKeyArchive/keyInfo.ts +0 -47
  381. package/src/sudoKeyArchive/keyType.ts +0 -50
  382. package/src/sudoKeyArchive/sudoKeyArchive.ts +0 -591
  383. package/src/sudoKeyManager/index.ts +0 -4
  384. package/src/sudoKeyManager/keyData.ts +0 -60
  385. package/src/sudoKeyManager/publicKey.ts +0 -9
  386. package/src/sudoKeyManager/sudoCryptoProvider.ts +0 -416
  387. package/src/sudoKeyManager/sudoKeyManager.ts +0 -609
  388. package/src/types/types.ts +0 -129
  389. package/src/utils/base64.ts +0 -21
  390. package/src/utils/buffer.ts +0 -39
  391. package/test/integration/defaultConfigurationManager.spec.ts +0 -85
  392. package/test/matchers.ts +0 -122
  393. package/test/unit/configurationManager/defaultConfigurationManager.spec.ts +0 -506
  394. package/test/unit/errors/error.spec.ts +0 -115
  395. package/test/unit/keyType.spec.ts +0 -54
  396. package/test/unit/logging/logger.spec.ts +0 -182
  397. package/test/unit/sudoKeyArchive.spec.ts +0 -1609
  398. package/test/unit/sudoKeyManager.spec.ts +0 -1045
  399. package/test/unit/utils/base64.spec.ts +0 -30
  400. package/test/unit/utils/buffer.spec.ts +0 -45
  401. package/test/unit/utils/listOperationResult.spec.ts +0 -84
  402. package/tsconfig.json +0 -20
  403. package/tsconfig.test.json +0 -7
  404. package/yarn.lock +0 -5922
@@ -1,460 +1,367 @@
1
- "use strict";
2
-
3
- Object.defineProperty(exports, "__esModule", {
4
- value: true
5
- });
6
- exports.DefaultSudoKeyArchive = void 0;
7
- exports.keyArchiveInfoFromKeyData = keyArchiveInfoFromKeyData;
8
- exports.keyArchiveKeyTypeFromKeyDataKeyType = keyArchiveKeyTypeFromKeyDataKeyType;
9
-
10
- var _fflate = require("fflate");
11
-
12
- var _Either = require("fp-ts/lib/Either");
13
-
14
- var _error = require("../errors/error");
15
-
16
- var _sudoKeyManager = require("../sudoKeyManager");
17
-
18
- var _sudoCryptoProvider = require("../sudoKeyManager/sudoCryptoProvider");
19
-
20
- var _base = require("../utils/base64");
21
-
22
- var _buffer = require("../utils/buffer");
23
-
24
- var _keyArchive = require("./keyArchive");
25
-
26
- var _keyInfo = require("./keyInfo");
27
-
28
- var _keyType = require("./keyType");
29
-
30
- function _defineProperty(obj, key, value) { if (key in obj) { Object.defineProperty(obj, key, { value: value, enumerable: true, configurable: true, writable: true }); } else { obj[key] = value; } return obj; }
31
-
32
- class DefaultSudoKeyArchive {
33
- /**
34
- * Version 2 format is not gzipped is what's currently generated
35
- * by iOS and Android. We may want to add support for importing
36
- * such archives.
37
- */
38
-
39
- /**
40
- * Version 3 format permits both secure and insecure key archives.
41
- *
42
- * Insecure key archives are used where the archive will be stored
43
- * in an otherwise known secure way e.g. via secure-vault-service
44
- * where the encryption of the archive would then be handled by
45
- * clients of that service.
46
- *
47
- * Secure key archives are password protected (via PBKDF2) a la version
48
- * 2 format.
49
- *
50
- * Insecure format detail is:
51
- *
52
- * gzip(JSON.stringify(InsecureKeyArchive))
53
- *
54
- * Secure format detail is:
55
- *
56
- * gzip(JSON.stringify(SecureKeyArchive))
57
- *
58
- * where Keys property of SecureKeyArchive is:
59
- *
60
- * base64(encrypt(gzip(JSON.stringify(array of keys))))
61
- *
62
- * Where encrypt operation is 256-bit AES CBC-mode with IV SecureKeyArchive.IV
63
- * and key generated by SecureKeyArchive.Rounds of PBKDF2 on the password
64
- * salted with SecureKeyArchive.Salt.
65
- */
66
-
67
- /**
68
- * Construct SudoKeyArchive
69
- *
70
- *
71
- * @param keyManagers
72
- * Key manager or array of key managers to either restore archive in to
73
- * or construct archive from
74
- *
75
- * @param archiveData
76
- * Array buffer of binary archive data to restore.
77
- *
78
- * @param excludedKeys
79
- * Set of key names to exclude from archive or restore operation.
80
- * Default: None
81
- *
82
- * @param excludedKeyTypes
83
- * Set of key types to exclude from archive or restore operation.
84
- * Default: {@link KeyArchiveKeyType.PublicKey}
85
- *
86
- * @param metaInfo
87
- * Meta information to include with the key archive
88
- *
89
- * @throws {@link IllegalArgumentError}
90
- * If no key managers are provided
91
- *
92
- * @throws {@link IllegalArgumentError}
93
- * If multiple key managers are provided with the same namespace
94
- *
95
- * @throws {@link KeyArchiveDecodingError}
96
- * If archiveData is provided and its binary data cannot be decoded
97
- *
98
- * @throws {@link KeyArchiveTypeError}
99
- * If archiveData is provided and decodes to an unsupported archive
100
- * type.
101
- *
102
- * @throws {@link KeyArchiveVersionError}
103
- * If archiveData is provided and decodes to an unsupported archive
104
- * version.
105
- */
106
- constructor(keyManagers, options) {
107
- var _options$metaInfo;
108
-
109
- _defineProperty(this, "defaultKeyManager", void 0);
110
-
111
- _defineProperty(this, "keyManagers", {});
112
-
113
- _defineProperty(this, "keyArchive", void 0);
114
-
115
- _defineProperty(this, "excludedKeys", new Set());
116
-
117
- _defineProperty(this, "excludedKeyTypes", new Set());
118
-
119
- _defineProperty(this, "metaInfo", new Map());
120
-
121
- _defineProperty(this, "keys", new Map());
122
-
123
- if (Array.isArray(keyManagers)) {
124
- if (keyManagers.length === 0) {
125
- throw new _error.IllegalArgumentError('Must provide at least one key manager');
126
- }
127
-
128
- keyManagers.forEach(keyManager => {
129
- if (this.keyManagers[keyManager.namespace]) {
130
- throw new _error.IllegalArgumentError(`Multiple key managers provided with namespace ${keyManager.namespace}`);
1
+ import { gunzipSync, gzipSync } from 'fflate';
2
+ import { isLeft } from 'fp-ts/lib/Either';
3
+ import { IllegalArgumentError, KeyArchiveDecodingError, KeyArchiveIncorrectPasswordError, KeyArchiveMissingError, KeyArchiveNoPasswordRequiredError, KeyArchivePasswordRequiredError, KeyArchiveTypeError, KeyArchiveUnknownKeyTypeError, KeyArchiveVersionError, KeyNotFoundError, } from '../errors/error';
4
+ import { KeyDataKeyType } from '../sudoKeyManager';
5
+ import { SudoCryptoProviderDefaults } from '../sudoKeyManager/sudoCryptoProvider';
6
+ import { Base64 } from '../utils/base64';
7
+ import { Buffer as BufferUtil } from '../utils/buffer';
8
+ import { CURRENT_ARCHIVE_VERSION, InsecureKeyArchiveType, isSecureKeyArchive, isUnrecognizedKeyArchive, KeyArchiveCodec, SecureKeyArchiveType, } from './keyArchive';
9
+ import { KeyArchiveKeyInfoArrayCodec } from './keyInfo';
10
+ import { KeyArchiveKeyType } from './keyType';
11
+ export class DefaultSudoKeyArchive {
12
+ /**
13
+ * Construct SudoKeyArchive
14
+ *
15
+ *
16
+ * @param keyManagers
17
+ * Key manager or array of key managers to either restore archive in to
18
+ * or construct archive from
19
+ *
20
+ * @param archiveData
21
+ * Array buffer of binary archive data to restore.
22
+ *
23
+ * @param excludedKeys
24
+ * Set of key names to exclude from archive or restore operation.
25
+ * Default: None
26
+ *
27
+ * @param excludedKeyTypes
28
+ * Set of key types to exclude from archive or restore operation.
29
+ * Default: {@link KeyArchiveKeyType.PublicKey}
30
+ *
31
+ * @param metaInfo
32
+ * Meta information to include with the key archive
33
+ *
34
+ * @throws {@link IllegalArgumentError}
35
+ * If no key managers are provided
36
+ *
37
+ * @throws {@link IllegalArgumentError}
38
+ * If multiple key managers are provided with the same namespace
39
+ *
40
+ * @throws {@link KeyArchiveDecodingError}
41
+ * If archiveData is provided and its binary data cannot be decoded
42
+ *
43
+ * @throws {@link KeyArchiveTypeError}
44
+ * If archiveData is provided and decodes to an unsupported archive
45
+ * type.
46
+ *
47
+ * @throws {@link KeyArchiveVersionError}
48
+ * If archiveData is provided and decodes to an unsupported archive
49
+ * version.
50
+ */
51
+ constructor(keyManagers, options) {
52
+ this.keyManagers = {};
53
+ this.excludedKeys = new Set();
54
+ this.excludedKeyTypes = new Set();
55
+ this.metaInfo = new Map();
56
+ this.keys = new Map();
57
+ if (Array.isArray(keyManagers)) {
58
+ if (keyManagers.length === 0) {
59
+ throw new IllegalArgumentError('Must provide at least one key manager');
60
+ }
61
+ keyManagers.forEach((keyManager) => {
62
+ if (this.keyManagers[keyManager.namespace]) {
63
+ throw new IllegalArgumentError(`Multiple key managers provided with namespace ${keyManager.namespace}`);
64
+ }
65
+ this.keyManagers[keyManager.namespace] = keyManager;
66
+ });
67
+ this.defaultKeyManager = keyManagers[0];
68
+ }
69
+ else {
70
+ this.keyManagers[keyManagers.namespace] = keyManagers;
71
+ this.defaultKeyManager = keyManagers;
72
+ }
73
+ if (options?.archiveData) {
74
+ this.keyArchive = this.loadArchive(options.archiveData);
75
+ }
76
+ // We take copies of the input parameters so we own the data
77
+ if (options?.excludedKeys) {
78
+ options?.excludedKeys.forEach((excludedKey) => this.excludedKeys.add(excludedKey));
79
+ }
80
+ if (options?.excludedKeyTypes) {
81
+ options?.excludedKeyTypes.forEach((excludedKeyType) => this.excludedKeyTypes.add(excludedKeyType));
82
+ }
83
+ if (options?.metaInfo?.size) {
84
+ for (const [key, value] of options?.metaInfo?.entries()) {
85
+ this.metaInfo.set(key, value);
86
+ }
131
87
  }
132
-
133
- this.keyManagers[keyManager.namespace] = keyManager;
134
- });
135
- this.defaultKeyManager = keyManagers[0];
136
- } else {
137
- this.keyManagers[keyManagers.namespace] = keyManagers;
138
- this.defaultKeyManager = keyManagers;
139
- }
140
-
141
- if (options !== null && options !== void 0 && options.archiveData) {
142
- this.keyArchive = this.loadArchive(options.archiveData);
143
- } // We take copies of the input parameters so we own the data
144
-
145
-
146
- if (options !== null && options !== void 0 && options.excludedKeys) {
147
- options === null || options === void 0 ? void 0 : options.excludedKeys.forEach(excludedKey => this.excludedKeys.add(excludedKey));
148
- }
149
-
150
- if (options !== null && options !== void 0 && options.excludedKeyTypes) {
151
- options === null || options === void 0 ? void 0 : options.excludedKeyTypes.forEach(excludedKeyType => this.excludedKeyTypes.add(excludedKeyType));
152
- }
153
-
154
- if (options !== null && options !== void 0 && (_options$metaInfo = options.metaInfo) !== null && _options$metaInfo !== void 0 && _options$metaInfo.size) {
155
- for (const [key, value] of options === null || options === void 0 ? void 0 : (_options$metaInfo2 = options.metaInfo) === null || _options$metaInfo2 === void 0 ? void 0 : _options$metaInfo2.entries()) {
156
- var _options$metaInfo2;
157
-
158
- this.metaInfo.set(key, value);
159
- }
160
88
  }
161
- }
162
- /**
163
- * Reads the binary data and converts it to JSON and then deserialises it
164
- * into a KeyArchive
165
- */
166
-
167
-
168
- loadArchive(archiveData) {
169
- let unzipped;
170
-
171
- try {
172
- unzipped = (0, _fflate.gunzipSync)(new Uint8Array(archiveData));
173
- } catch (err) {
174
- throw new _error.KeyArchiveDecodingError();
89
+ /**
90
+ * Reads the binary data and converts it to JSON and then deserialises it
91
+ * into a KeyArchive
92
+ */
93
+ loadArchive(archiveData) {
94
+ let unzipped;
95
+ try {
96
+ unzipped = gunzipSync(new Uint8Array(archiveData));
97
+ }
98
+ catch (err) {
99
+ throw new KeyArchiveDecodingError();
100
+ }
101
+ let keyArchive;
102
+ try {
103
+ const decoded = KeyArchiveCodec.decode(JSON.parse(BufferUtil.toString(unzipped)));
104
+ if (isLeft(decoded)) {
105
+ throw new KeyArchiveDecodingError();
106
+ }
107
+ keyArchive = decoded.right;
108
+ }
109
+ catch (err) {
110
+ throw new KeyArchiveDecodingError();
111
+ }
112
+ if (isUnrecognizedKeyArchive(keyArchive)) {
113
+ if (keyArchive.Type &&
114
+ keyArchive.Type !== SecureKeyArchiveType &&
115
+ keyArchive.Type !== InsecureKeyArchiveType) {
116
+ throw new KeyArchiveTypeError(keyArchive.Type);
117
+ }
118
+ // Only support DefaultSudoKeyArchive.CURRENT_ARCHIVE_VERSION for now.
119
+ if (keyArchive.Version !== undefined &&
120
+ keyArchive.Version !== DefaultSudoKeyArchive.CURRENT_ARCHIVE_VERSION) {
121
+ throw new KeyArchiveVersionError(keyArchive.Version);
122
+ }
123
+ throw new KeyArchiveDecodingError();
124
+ }
125
+ return keyArchive;
175
126
  }
176
-
177
- let keyArchive;
178
-
179
- try {
180
- const decoded = _keyArchive.KeyArchiveCodec.decode(JSON.parse(_buffer.Buffer.toString(unzipped)));
181
-
182
- if ((0, _Either.isLeft)(decoded)) {
183
- throw new _error.KeyArchiveDecodingError();
184
- }
185
-
186
- keyArchive = decoded.right;
187
- } catch (err) {
188
- throw new _error.KeyArchiveDecodingError();
127
+ async loadKeys() {
128
+ for (const keyManager of Object.values(this.keyManagers)) {
129
+ await keyManager.exportKeys().then((exported) => {
130
+ exported.forEach((data) => {
131
+ const keyArchiveInfoDecoded = keyArchiveInfoFromKeyData(data);
132
+ if (!this.excludedKeyTypes.has(keyArchiveInfoDecoded.Type) &&
133
+ !this.excludedKeys.has(data.name)) {
134
+ this.keys.set(`${keyArchiveInfoDecoded.NameSpace}:${keyArchiveInfoDecoded.Type}:${keyArchiveInfoDecoded.Name}`, keyArchiveInfoDecoded);
135
+ }
136
+ });
137
+ });
138
+ }
189
139
  }
190
-
191
- if ((0, _keyArchive.isUnrecognizedKeyArchive)(keyArchive)) {
192
- if (keyArchive.Type && keyArchive.Type !== _keyArchive.SecureKeyArchiveType && keyArchive.Type !== _keyArchive.InsecureKeyArchiveType) {
193
- throw new _error.KeyArchiveTypeError(keyArchive.Type);
194
- } // Only support DefaultSudoKeyArchive.CURRENT_ARCHIVE_VERSION for now.
195
-
196
-
197
- if (keyArchive.Version !== undefined && keyArchive.Version !== DefaultSudoKeyArchive.CURRENT_ARCHIVE_VERSION) {
198
- throw new _error.KeyArchiveVersionError(keyArchive.Version);
199
- }
200
-
201
- throw new _error.KeyArchiveDecodingError();
140
+ async saveKeys() {
141
+ for (const info of this.keys.values()) {
142
+ const keyManager = this.keyManagers[info.NameSpace];
143
+ if (!keyManager)
144
+ continue;
145
+ if (this.excludedKeyTypes.has(info.Type))
146
+ continue;
147
+ if (this.excludedKeys.has(info.Name))
148
+ continue;
149
+ const keyData = info.Decoded;
150
+ switch (info.Type) {
151
+ case KeyArchiveKeyType.Password:
152
+ await keyManager.addPassword(keyData, info.Name);
153
+ break;
154
+ case KeyArchiveKeyType.PrivateKey:
155
+ await keyManager.addPrivateKey(keyData, info.Name);
156
+ break;
157
+ case KeyArchiveKeyType.PublicKey:
158
+ await keyManager.addPublicKey(keyData, info.Name);
159
+ break;
160
+ case KeyArchiveKeyType.SymmetricKey:
161
+ await keyManager.addSymmetricKey(keyData, info.Name);
162
+ break;
163
+ default:
164
+ throw new KeyArchiveUnknownKeyTypeError(`Key archive key type ${info.Type} is not recognized`);
165
+ }
166
+ }
202
167
  }
203
-
204
- return keyArchive;
205
- }
206
-
207
- async loadKeys() {
208
- for (const keyManager of Object.values(this.keyManagers)) {
209
- await keyManager.exportKeys().then(exported => {
210
- exported.forEach(data => {
211
- const keyArchiveInfoDecoded = keyArchiveInfoFromKeyData(data);
212
-
213
- if (!this.excludedKeyTypes.has(keyArchiveInfoDecoded.Type) && !this.excludedKeys.has(data.name)) {
214
- this.keys.set(`${keyArchiveInfoDecoded.NameSpace}:${keyArchiveInfoDecoded.Type}:${keyArchiveInfoDecoded.Name}`, keyArchiveInfoDecoded);
215
- }
168
+ async archive(password) {
169
+ const keys = [];
170
+ for (const key of this.keys.values()) {
171
+ keys.push({
172
+ NameSpace: key.NameSpace,
173
+ Name: key.Name,
174
+ Data: key.Data,
175
+ Type: key.Type,
176
+ Synchronizable: key.Synchronizable,
177
+ Exportable: key.Exportable,
178
+ });
179
+ }
180
+ let keyArchive;
181
+ if (!password) {
182
+ const insecureKeyArchive = {
183
+ Type: 'Insecure',
184
+ MetaInfo: {},
185
+ Version: DefaultSudoKeyArchive.CURRENT_ARCHIVE_VERSION,
186
+ Keys: keys,
187
+ };
188
+ keyArchive = insecureKeyArchive;
189
+ }
190
+ else {
191
+ const salt = await this.defaultKeyManager.generateRandomData(SudoCryptoProviderDefaults.pbkdfSaltSize);
192
+ const b64Salt = Base64.encode(salt);
193
+ const key = await this.defaultKeyManager.generateSymmetricKeyFromPassword(password, salt, {
194
+ rounds: SudoCryptoProviderDefaults.pbkdfRounds,
195
+ });
196
+ const serializedKeys = JSON.stringify(keys);
197
+ const compressedSerializedKeys = gzipSync(BufferUtil.fromString(serializedKeys), {
198
+ level: 9,
199
+ });
200
+ // Don't strictly need a randomly generated IV here but no harm either
201
+ const iv = await this.defaultKeyManager.generateRandomData(SudoCryptoProviderDefaults.aesIVSize);
202
+ const encryptedKeys = await this.defaultKeyManager.encryptWithSymmetricKey(key, compressedSerializedKeys, { iv });
203
+ const secureKeyArchive = {
204
+ Type: 'Secure',
205
+ Version: DefaultSudoKeyArchive.CURRENT_ARCHIVE_VERSION,
206
+ MetaInfo: {},
207
+ Salt: b64Salt,
208
+ Rounds: SudoCryptoProviderDefaults.pbkdfRounds,
209
+ Keys: Base64.encode(encryptedKeys),
210
+ IV: Base64.encode(iv),
211
+ };
212
+ keyArchive = secureKeyArchive;
213
+ }
214
+ for (const [key, value] of this.metaInfo.entries()) {
215
+ keyArchive.MetaInfo[key] = value;
216
+ }
217
+ const archiveString = JSON.stringify(keyArchive);
218
+ // While this double Gzips the SecureKeyArchive, it allows us to roughly
219
+ // recover the space consumed by Base64 encoding the cipher text. Otherwise
220
+ // we would end up having a fully binary data structure for the archive.
221
+ // If the time to compute becomes prohibitive we can look at a binary, non-JSON
222
+ // base format for the archive.
223
+ const archiveGzipped = gzipSync(BufferUtil.fromString(archiveString), {
224
+ level: 9,
216
225
  });
217
- });
226
+ return Promise.resolve(archiveGzipped);
218
227
  }
219
- }
220
-
221
- async saveKeys() {
222
- for (const info of this.keys.values()) {
223
- const keyManager = this.keyManagers[info.NameSpace];
224
- if (!keyManager) continue;
225
- if (this.excludedKeyTypes.has(info.Type)) continue;
226
- if (this.excludedKeys.has(info.Name)) continue;
227
- const keyData = info.Decoded;
228
-
229
- switch (info.Type) {
230
- case _keyType.KeyArchiveKeyType.Password:
231
- await keyManager.addPassword(keyData, info.Name);
232
- break;
233
-
234
- case _keyType.KeyArchiveKeyType.PrivateKey:
235
- await keyManager.addPrivateKey(keyData, info.Name);
236
- break;
237
-
238
- case _keyType.KeyArchiveKeyType.PublicKey:
239
- await keyManager.addPublicKey(keyData, info.Name);
240
- break;
241
-
242
- case _keyType.KeyArchiveKeyType.SymmetricKey:
243
- await keyManager.addSymmetricKey(keyData, info.Name);
244
- break;
245
-
246
- default:
247
- throw new _error.KeyArchiveUnknownKeyTypeError(`Key archive key type ${info.Type} is not recognized`);
248
- }
228
+ async unarchive(password) {
229
+ if (!this.keyArchive) {
230
+ throw new KeyArchiveMissingError();
231
+ }
232
+ let keys;
233
+ if (isSecureKeyArchive(this.keyArchive)) {
234
+ if (!password) {
235
+ throw new KeyArchivePasswordRequiredError();
236
+ }
237
+ let iv;
238
+ let encryptedKeys;
239
+ let key;
240
+ try {
241
+ const salt = Base64.decode(this.keyArchive.Salt);
242
+ iv = Base64.decode(this.keyArchive.IV);
243
+ encryptedKeys = Base64.decode(this.keyArchive.Keys);
244
+ key = await this.defaultKeyManager.generateSymmetricKeyFromPassword(password, salt, { rounds: this.keyArchive.Rounds });
245
+ }
246
+ catch (err) {
247
+ throw new KeyArchiveDecodingError();
248
+ }
249
+ let compressedSerializedKeys;
250
+ try {
251
+ compressedSerializedKeys =
252
+ await this.defaultKeyManager.decryptWithSymmetricKey(key, encryptedKeys, { iv });
253
+ }
254
+ catch (err) {
255
+ throw new KeyArchiveIncorrectPasswordError();
256
+ }
257
+ try {
258
+ const serializedKeys = gunzipSync(new Uint8Array(compressedSerializedKeys));
259
+ const decoded = KeyArchiveKeyInfoArrayCodec.decode(JSON.parse(BufferUtil.toString(serializedKeys)));
260
+ if (isLeft(decoded)) {
261
+ throw new KeyArchiveDecodingError();
262
+ }
263
+ keys = decoded.right;
264
+ }
265
+ catch (err) {
266
+ throw new KeyArchiveDecodingError();
267
+ }
268
+ }
269
+ else {
270
+ if (password) {
271
+ throw new KeyArchiveNoPasswordRequiredError();
272
+ }
273
+ keys = this.keyArchive.Keys;
274
+ }
275
+ keys.forEach((key) => {
276
+ const keyKey = `${key.NameSpace}:${key.Type}:${key.Name}`;
277
+ let decoded;
278
+ try {
279
+ decoded = Base64.decode(key.Data);
280
+ }
281
+ catch (err) {
282
+ throw new KeyArchiveDecodingError(`Unable to decode key ${keyKey}`);
283
+ }
284
+ this.keys.set(keyKey, { ...key, Decoded: decoded });
285
+ });
249
286
  }
250
- }
251
-
252
- async archive(password) {
253
- const keys = [];
254
-
255
- for (const key of this.keys.values()) {
256
- keys.push({
257
- NameSpace: key.NameSpace,
258
- Name: key.Name,
259
- Data: key.Data,
260
- Type: key.Type,
261
- Synchronizable: key.Synchronizable,
262
- Exportable: key.Exportable
263
- });
287
+ reset() {
288
+ this.keys.clear();
264
289
  }
265
-
266
- let keyArchive;
267
-
268
- if (!password) {
269
- const insecureKeyArchive = {
270
- Type: 'Insecure',
271
- MetaInfo: {},
272
- Version: DefaultSudoKeyArchive.CURRENT_ARCHIVE_VERSION,
273
- Keys: keys
274
- };
275
- keyArchive = insecureKeyArchive;
276
- } else {
277
- const salt = await this.defaultKeyManager.generateRandomData(_sudoCryptoProvider.SudoCryptoProviderDefaults.pbkdfSaltSize);
278
-
279
- const b64Salt = _base.Base64.encode(salt);
280
-
281
- const key = await this.defaultKeyManager.generateSymmetricKeyFromPassword(password, salt, {
282
- rounds: _sudoCryptoProvider.SudoCryptoProviderDefaults.pbkdfRounds
283
- });
284
- const serializedKeys = JSON.stringify(keys);
285
- const compressedSerializedKeys = (0, _fflate.gzipSync)(_buffer.Buffer.fromString(serializedKeys), {
286
- level: 9
287
- }); // Don't strictly need a randomly generated IV here but no harm either
288
-
289
- const iv = await this.defaultKeyManager.generateRandomData(_sudoCryptoProvider.SudoCryptoProviderDefaults.aesIVSize);
290
- const encryptedKeys = await this.defaultKeyManager.encryptWithSymmetricKey(key, compressedSerializedKeys, {
291
- iv
292
- });
293
- const secureKeyArchive = {
294
- Type: 'Secure',
295
- Version: DefaultSudoKeyArchive.CURRENT_ARCHIVE_VERSION,
296
- MetaInfo: {},
297
- Salt: b64Salt,
298
- Rounds: _sudoCryptoProvider.SudoCryptoProviderDefaults.pbkdfRounds,
299
- Keys: _base.Base64.encode(encryptedKeys),
300
- IV: _base.Base64.encode(iv)
301
- };
302
- keyArchive = secureKeyArchive;
290
+ containsKey(namespace, name, type) {
291
+ return this.keys.has(`${namespace}:${type}:${name}`);
303
292
  }
304
-
305
- for (const [key, value] of this.metaInfo.entries()) {
306
- keyArchive.MetaInfo[key] = value;
293
+ getKeyData(namespace, name, type) {
294
+ const keyInfo = this.keys.get(`${namespace}:${type}:${name}`);
295
+ if (!keyInfo) {
296
+ throw new KeyNotFoundError();
297
+ }
298
+ return keyInfo.Decoded;
307
299
  }
308
-
309
- const archiveString = JSON.stringify(keyArchive); // While this double Gzips the SecureKeyArchive, it allows us to roughly
310
- // recover the space consumed by Base64 encoding the cipher text. Otherwise
311
- // we would end up having a fully binary data structure for the archive.
312
- // If the time to compute becomes prohibitive we can look at a binary, non-JSON
313
- // base format for the archive.
314
-
315
- const archiveGzipped = (0, _fflate.gzipSync)(_buffer.Buffer.fromString(archiveString), {
316
- level: 9
317
- });
318
- return Promise.resolve(archiveGzipped);
319
- }
320
-
321
- async unarchive(password) {
322
- if (!this.keyArchive) {
323
- throw new _error.KeyArchiveMissingError();
300
+ getExcludedKeys() {
301
+ return this.excludedKeys;
324
302
  }
325
-
326
- let keys;
327
-
328
- if ((0, _keyArchive.isSecureKeyArchive)(this.keyArchive)) {
329
- if (!password) {
330
- throw new _error.KeyArchivePasswordRequiredError();
331
- }
332
-
333
- let iv;
334
- let encryptedKeys;
335
- let key;
336
-
337
- try {
338
- const salt = _base.Base64.decode(this.keyArchive.Salt);
339
-
340
- iv = _base.Base64.decode(this.keyArchive.IV);
341
- encryptedKeys = _base.Base64.decode(this.keyArchive.Keys);
342
- key = await this.defaultKeyManager.generateSymmetricKeyFromPassword(password, salt, {
343
- rounds: this.keyArchive.Rounds
344
- });
345
- } catch (err) {
346
- throw new _error.KeyArchiveDecodingError();
347
- }
348
-
349
- let compressedSerializedKeys;
350
-
351
- try {
352
- compressedSerializedKeys = await this.defaultKeyManager.decryptWithSymmetricKey(key, encryptedKeys, {
353
- iv
354
- });
355
- } catch (err) {
356
- throw new _error.KeyArchiveIncorrectPasswordError();
357
- }
358
-
359
- try {
360
- const serializedKeys = (0, _fflate.gunzipSync)(new Uint8Array(compressedSerializedKeys));
361
-
362
- const decoded = _keyInfo.KeyArchiveKeyInfoArrayCodec.decode(JSON.parse(_buffer.Buffer.toString(serializedKeys)));
363
-
364
- if ((0, _Either.isLeft)(decoded)) {
365
- throw new _error.KeyArchiveDecodingError();
366
- }
367
-
368
- keys = decoded.right;
369
- } catch (err) {
370
- throw new _error.KeyArchiveDecodingError();
371
- }
372
- } else {
373
- if (password) {
374
- throw new _error.KeyArchiveNoPasswordRequiredError();
375
- }
376
-
377
- keys = this.keyArchive.Keys;
303
+ getExcludedKeyTypes() {
304
+ return this.excludedKeyTypes;
378
305
  }
379
-
380
- keys.forEach(key => {
381
- const keyKey = `${key.NameSpace}:${key.Type}:${key.Name}`;
382
- let decoded;
383
-
384
- try {
385
- decoded = _base.Base64.decode(key.Data);
386
- } catch (err) {
387
- throw new _error.KeyArchiveDecodingError(`Unable to decode key ${keyKey}`);
388
- }
389
-
390
- this.keys.set(keyKey, { ...key,
391
- Decoded: decoded
392
- });
393
- });
394
- }
395
-
396
- reset() {
397
- this.keys.clear();
398
- }
399
-
400
- containsKey(namespace, name, type) {
401
- return this.keys.has(`${namespace}:${type}:${name}`);
402
- }
403
-
404
- getKeyData(namespace, name, type) {
405
- const keyInfo = this.keys.get(`${namespace}:${type}:${name}`);
406
-
407
- if (!keyInfo) {
408
- throw new _error.KeyNotFoundError();
306
+ getMetaInfo() {
307
+ return this.metaInfo;
409
308
  }
410
-
411
- return keyInfo.Decoded;
412
- }
413
-
414
- getExcludedKeys() {
415
- return this.excludedKeys;
416
- }
417
-
418
- getExcludedKeyTypes() {
419
- return this.excludedKeyTypes;
420
- }
421
-
422
- getMetaInfo() {
423
- return this.metaInfo;
424
- }
425
-
426
309
  }
427
-
428
- exports.DefaultSudoKeyArchive = DefaultSudoKeyArchive;
429
-
430
- _defineProperty(DefaultSudoKeyArchive, "PREGZIP_ARCHIVE_VERSION", 2);
431
-
432
- _defineProperty(DefaultSudoKeyArchive, "CURRENT_ARCHIVE_VERSION", _keyArchive.CURRENT_ARCHIVE_VERSION);
433
-
434
- function keyArchiveInfoFromKeyData(keyData) {
435
- return {
436
- NameSpace: keyData.namespace,
437
- Name: keyData.name,
438
- Type: keyArchiveKeyTypeFromKeyDataKeyType(keyData.type),
439
- Data: _base.Base64.encode(keyData.data),
440
- Decoded: keyData.data,
441
- Synchronizable: false,
442
- Exportable: true
443
- };
310
+ /**
311
+ * Version 2 format is not gzipped is what's currently generated
312
+ * by iOS and Android. We may want to add support for importing
313
+ * such archives.
314
+ */
315
+ DefaultSudoKeyArchive.PREGZIP_ARCHIVE_VERSION = 2;
316
+ /**
317
+ * Version 3 format permits both secure and insecure key archives.
318
+ *
319
+ * Insecure key archives are used where the archive will be stored
320
+ * in an otherwise known secure way e.g. via secure-vault-service
321
+ * where the encryption of the archive would then be handled by
322
+ * clients of that service.
323
+ *
324
+ * Secure key archives are password protected (via PBKDF2) a la version
325
+ * 2 format.
326
+ *
327
+ * Insecure format detail is:
328
+ *
329
+ * gzip(JSON.stringify(InsecureKeyArchive))
330
+ *
331
+ * Secure format detail is:
332
+ *
333
+ * gzip(JSON.stringify(SecureKeyArchive))
334
+ *
335
+ * where Keys property of SecureKeyArchive is:
336
+ *
337
+ * base64(encrypt(gzip(JSON.stringify(array of keys))))
338
+ *
339
+ * Where encrypt operation is 256-bit AES CBC-mode with IV SecureKeyArchive.IV
340
+ * and key generated by SecureKeyArchive.Rounds of PBKDF2 on the password
341
+ * salted with SecureKeyArchive.Salt.
342
+ */
343
+ DefaultSudoKeyArchive.CURRENT_ARCHIVE_VERSION = CURRENT_ARCHIVE_VERSION;
344
+ export function keyArchiveInfoFromKeyData(keyData) {
345
+ return {
346
+ NameSpace: keyData.namespace,
347
+ Name: keyData.name,
348
+ Type: keyArchiveKeyTypeFromKeyDataKeyType(keyData.type),
349
+ Data: Base64.encode(keyData.data),
350
+ Decoded: keyData.data,
351
+ Synchronizable: false,
352
+ Exportable: true,
353
+ };
354
+ }
355
+ export function keyArchiveKeyTypeFromKeyDataKeyType(keyDataKeyType) {
356
+ switch (keyDataKeyType) {
357
+ case KeyDataKeyType.Password:
358
+ return KeyArchiveKeyType.Password;
359
+ case KeyDataKeyType.RSAPrivateKey:
360
+ return KeyArchiveKeyType.PrivateKey;
361
+ case KeyDataKeyType.RSAPublicKey:
362
+ return KeyArchiveKeyType.PublicKey;
363
+ case KeyDataKeyType.SymmetricKey:
364
+ return KeyArchiveKeyType.SymmetricKey;
365
+ }
444
366
  }
445
-
446
- function keyArchiveKeyTypeFromKeyDataKeyType(keyDataKeyType) {
447
- switch (keyDataKeyType) {
448
- case _sudoKeyManager.KeyDataKeyType.Password:
449
- return _keyType.KeyArchiveKeyType.Password;
450
-
451
- case _sudoKeyManager.KeyDataKeyType.RSAPrivateKey:
452
- return _keyType.KeyArchiveKeyType.PrivateKey;
453
-
454
- case _sudoKeyManager.KeyDataKeyType.RSAPublicKey:
455
- return _keyType.KeyArchiveKeyType.PublicKey;
456
-
457
- case _sudoKeyManager.KeyDataKeyType.SymmetricKey:
458
- return _keyType.KeyArchiveKeyType.SymmetricKey;
459
- }
460
- }
367
+ //# sourceMappingURL=sudoKeyArchive.js.map