@sudoplatform/sudo-common 8.0.0 → 8.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (39) hide show
  1. package/package.json +17 -8
  2. package/{cjs → types}/configurationManager/defaultConfigurationManager.d.ts +0 -0
  3. package/{cjs → types}/errors/error.d.ts +0 -0
  4. package/{cjs → types}/index.d.ts +0 -0
  5. package/{cjs → types}/logging/bunyanLogger.d.ts +0 -0
  6. package/{cjs → types}/logging/logger.d.ts +0 -0
  7. package/{cjs → types}/sudoKeyArchive/index.d.ts +0 -0
  8. package/{cjs → types}/sudoKeyArchive/keyArchive.d.ts +0 -0
  9. package/{cjs → types}/sudoKeyArchive/keyInfo.d.ts +0 -0
  10. package/{cjs → types}/sudoKeyArchive/keyType.d.ts +0 -0
  11. package/{cjs → types}/sudoKeyArchive/sudoKeyArchive.d.ts +0 -0
  12. package/{cjs → types}/sudoKeyManager/index.d.ts +0 -0
  13. package/{cjs → types}/sudoKeyManager/keyData.d.ts +0 -0
  14. package/{cjs → types}/sudoKeyManager/publicKey.d.ts +0 -0
  15. package/{cjs → types}/sudoKeyManager/sudoCryptoProvider.d.ts +0 -0
  16. package/{cjs → types}/sudoKeyManager/sudoKeyManager.d.ts +0 -0
  17. package/{cjs → types}/types/types.d.ts +0 -0
  18. package/{cjs → types}/utils/base64.d.ts +0 -0
  19. package/{cjs → types}/utils/buffer.d.ts +0 -0
  20. package/{cjs → types}/utils/stream.d.ts +0 -0
  21. package/lib/configurationManager/defaultConfigurationManager.d.ts +0 -123
  22. package/lib/errors/error.d.ts +0 -263
  23. package/lib/index.d.ts +0 -9
  24. package/lib/logging/bunyanLogger.d.ts +0 -8
  25. package/lib/logging/logger.d.ts +0 -87
  26. package/lib/sudoKeyArchive/index.d.ts +0 -4
  27. package/lib/sudoKeyArchive/keyArchive.d.ts +0 -137
  28. package/lib/sudoKeyArchive/keyInfo.d.ts +0 -41
  29. package/lib/sudoKeyArchive/keyType.d.ts +0 -13
  30. package/lib/sudoKeyArchive/sudoKeyArchive.d.ts +0 -190
  31. package/lib/sudoKeyManager/index.d.ts +0 -4
  32. package/lib/sudoKeyManager/keyData.d.ts +0 -56
  33. package/lib/sudoKeyManager/publicKey.d.ts +0 -8
  34. package/lib/sudoKeyManager/sudoCryptoProvider.d.ts +0 -324
  35. package/lib/sudoKeyManager/sudoKeyManager.d.ts +0 -344
  36. package/lib/types/types.d.ts +0 -115
  37. package/lib/utils/base64.d.ts +0 -44
  38. package/lib/utils/buffer.d.ts +0 -13
  39. package/lib/utils/stream.d.ts +0 -6
@@ -1,137 +0,0 @@
1
- import * as t from 'io-ts';
2
- export declare const CURRENT_ARCHIVE_VERSION = 3;
3
- export declare const InsecureKeyArchiveType = "Insecure";
4
- export declare const InsecureKeyArchiveCodec: t.TypeC<{
5
- /**
6
- * Discriminant for InsecureKeyArchive type.
7
- */
8
- Type: t.LiteralC<"Insecure">;
9
- /**
10
- * Array of exported keys in clear text.
11
- */
12
- Keys: t.ArrayC<t.TypeC<{
13
- Name: t.StringC;
14
- Type: t.Type<import("./keyType").KeyArchiveKeyType, string, unknown>;
15
- Data: t.StringC;
16
- Synchronizable: t.BooleanC;
17
- Exportable: t.BooleanC;
18
- NameSpace: t.StringC;
19
- }>>;
20
- /**
21
- * Version this archive format.
22
- */
23
- Version: t.LiteralC<3>;
24
- /**
25
- * Metainfo user is able to associate with the archive.
26
- */
27
- MetaInfo: t.RecordC<t.StringC, t.StringC>;
28
- }>;
29
- export declare type InsecureKeyArchive = t.TypeOf<typeof InsecureKeyArchiveCodec>;
30
- export declare const SecureKeyArchiveType = "Secure";
31
- export declare const UnrecognizedKeyArchiveCodec: t.PartialC<{
32
- Version: t.NumberC;
33
- Type: t.StringC;
34
- }>;
35
- export declare type UnrecognizedKeyArchive = t.TypeOf<typeof UnrecognizedKeyArchiveCodec>;
36
- export declare const SecureKeyArchiveCodec: t.TypeC<{
37
- /**
38
- * Discriminant for SecureKeyArchive type.
39
- */
40
- Type: t.LiteralC<"Secure">;
41
- /**
42
- * Format is:
43
- *
44
- * base64(gzip(encrypt(stringify(array of KeyArchiveKeyInfo)))
45
- *
46
- * Encrypt is 256-bit AES-CBC using symmetric key derived from
47
- * password and IV specified by IV property.
48
- */
49
- Keys: t.StringC;
50
- /**
51
- * Rounds of PBKDF2 applied to password to derive symmetric key.
52
- */
53
- Rounds: t.NumberC;
54
- /**
55
- * Salt passed to PBKDF2 to derive symmetric key.
56
- */
57
- Salt: t.StringC;
58
- /**
59
- * IV used for AES encryption of keys.
60
- */
61
- IV: t.StringC;
62
- /**
63
- * Version this archive format.
64
- */
65
- Version: t.LiteralC<3>;
66
- /**
67
- * Metainfo user is able to associate with the archive.
68
- */
69
- MetaInfo: t.RecordC<t.StringC, t.StringC>;
70
- }>;
71
- export declare type SecureKeyArchive = t.TypeOf<typeof SecureKeyArchiveCodec>;
72
- export declare const KeyArchiveCodec: t.UnionC<[t.TypeC<{
73
- /**
74
- * Discriminant for SecureKeyArchive type.
75
- */
76
- Type: t.LiteralC<"Secure">;
77
- /**
78
- * Format is:
79
- *
80
- * base64(gzip(encrypt(stringify(array of KeyArchiveKeyInfo)))
81
- *
82
- * Encrypt is 256-bit AES-CBC using symmetric key derived from
83
- * password and IV specified by IV property.
84
- */
85
- Keys: t.StringC;
86
- /**
87
- * Rounds of PBKDF2 applied to password to derive symmetric key.
88
- */
89
- Rounds: t.NumberC;
90
- /**
91
- * Salt passed to PBKDF2 to derive symmetric key.
92
- */
93
- Salt: t.StringC;
94
- /**
95
- * IV used for AES encryption of keys.
96
- */
97
- IV: t.StringC;
98
- /**
99
- * Version this archive format.
100
- */
101
- Version: t.LiteralC<3>;
102
- /**
103
- * Metainfo user is able to associate with the archive.
104
- */
105
- MetaInfo: t.RecordC<t.StringC, t.StringC>;
106
- }>, t.TypeC<{
107
- /**
108
- * Discriminant for InsecureKeyArchive type.
109
- */
110
- Type: t.LiteralC<"Insecure">;
111
- /**
112
- * Array of exported keys in clear text.
113
- */
114
- Keys: t.ArrayC<t.TypeC<{
115
- Name: t.StringC;
116
- Type: t.Type<import("./keyType").KeyArchiveKeyType, string, unknown>;
117
- Data: t.StringC;
118
- Synchronizable: t.BooleanC;
119
- Exportable: t.BooleanC;
120
- NameSpace: t.StringC;
121
- }>>;
122
- /**
123
- * Version this archive format.
124
- */
125
- Version: t.LiteralC<3>;
126
- /**
127
- * Metainfo user is able to associate with the archive.
128
- */
129
- MetaInfo: t.RecordC<t.StringC, t.StringC>;
130
- }>, t.PartialC<{
131
- Version: t.NumberC;
132
- Type: t.StringC;
133
- }>]>;
134
- export declare type KeyArchive = t.TypeOf<typeof KeyArchiveCodec>;
135
- export declare function isSecureKeyArchive(keyArchive: KeyArchive): keyArchive is SecureKeyArchive;
136
- export declare function isInsecureKeyArchive(keyArchive: KeyArchive): keyArchive is InsecureKeyArchive;
137
- export declare function isUnrecognizedKeyArchive(keyArchive: KeyArchive): keyArchive is UnrecognizedKeyArchive;
@@ -1,41 +0,0 @@
1
- import * as t from 'io-ts';
2
- export declare const KeyArchiveKeyInfoCodec: t.TypeC<{
3
- Name: t.StringC;
4
- Type: t.Type<import("./keyType").KeyArchiveKeyType, string, unknown>;
5
- Data: t.StringC;
6
- Synchronizable: t.BooleanC;
7
- Exportable: t.BooleanC;
8
- NameSpace: t.StringC;
9
- }>;
10
- export declare const KeyArchiveKeyInfoArrayCodec: t.ArrayC<t.TypeC<{
11
- Name: t.StringC;
12
- Type: t.Type<import("./keyType").KeyArchiveKeyType, string, unknown>;
13
- Data: t.StringC;
14
- Synchronizable: t.BooleanC;
15
- Exportable: t.BooleanC;
16
- NameSpace: t.StringC;
17
- }>>;
18
- /**
19
- * Record of key in a key archive
20
- *
21
- * @property NameSpace
22
- * NameSpace to which the key belongs.
23
- *
24
- * @property Name
25
- * Name of the key within the namespace
26
- *
27
- * @property Type
28
- * Type of the key (also implies key format)
29
- *
30
- * @property Data
31
- * Base64 encoded key data
32
- *
33
- * @property Synchronizable
34
- * Whether key should be synced out of band of archiving.
35
- * For future use - always false for now.
36
- *
37
- * @property Exportable
38
- * Whether restored key should be exportable. Always true on archive.
39
- * For future use on unarchive.
40
- */
41
- export declare type KeyArchiveKeyInfo = t.TypeOf<typeof KeyArchiveKeyInfoCodec>;
@@ -1,13 +0,0 @@
1
- import * as t from 'io-ts';
2
- /**
3
- * Key types supported in key archives
4
- *
5
- * These form part of the interoperable secure key archive format.
6
- */
7
- export declare enum KeyArchiveKeyType {
8
- Password = "password",
9
- PrivateKey = "privateKey",
10
- PublicKey = "publicKey",
11
- SymmetricKey = "symmetricKey"
12
- }
13
- export declare const KeyArchiveKeyTypeCodec: t.Type<KeyArchiveKeyType, string, unknown>;
@@ -1,190 +0,0 @@
1
- import { KeyData, KeyDataKeyType } from '../sudoKeyManager';
2
- import { SudoKeyManager } from '../sudoKeyManager/sudoKeyManager';
3
- import { KeyArchiveKeyInfo } from './keyInfo';
4
- import { KeyArchiveKeyType } from './keyType';
5
- export interface SudoKeyArchive {
6
- /**
7
- * Loads keys from the secure store into the archive.
8
- */
9
- loadKeys(): Promise<void>;
10
- /**
11
- * Saves the keys in this archive to the secure store.
12
- */
13
- saveKeys(): Promise<void>;
14
- /**
15
- * Archives and encrypts the keys loaded into this archive.
16
- *
17
- * @param password
18
- * The password to use to encrypt the archive. Or undefined if no password.
19
- * Choice to have no password must be explicit.
20
- *
21
- * @returns Binary archive data.
22
- */
23
- archive(password: ArrayBuffer | undefined): Promise<ArrayBuffer>;
24
- /**
25
- * Decrypts and unarchives the keys in this archive.
26
- *
27
- * @param password
28
- * The password to use to decrypt the archive if its a secure archive
29
- * otherwise must be undefined.
30
- *
31
- * @throws {@link KeyArchiveDecodingError}
32
- * If the archive is unable to be decoding according to the
33
- * required structure.
34
- *
35
- * @throws {@link KeyArchiveIncorrectPasswordError}
36
- * If the archive is a secure archive and the password is unable to be
37
- * used to decrypt the encrypted keys.
38
- *
39
- * @throws {@link KeyArchivePasswordRequiredError}
40
- * If the archive is a secure archive but no password is provided.
41
- *
42
- * @throws {@link KeyArchiveNoPasswordRequiredError}
43
- * If the archive is an insecure archive but a password is provided.
44
- */
45
- unarchive(password: ArrayBuffer | undefined): Promise<void>;
46
- /**
47
- * Resets the archive by clearing loaded keys and archive data.
48
- */
49
- reset(): void;
50
- /**
51
- * Determines whether or not the archive contains the key with the
52
- * specified name and type. The archive must be unarchived before the
53
- * key can be searched.
54
- *
55
- * @param namespace the namespace of the key
56
- * @param name the key name.
57
- * @param type the key type.
58
- *
59
- * @return true if the specified key exists in the archive.
60
- */
61
- containsKey(namespace: string, name: string, type: KeyArchiveKeyType): boolean;
62
- /**
63
- * Retrieves the specified key data from the archive. The archive must
64
- * be unarchived before the key data can be retrieved.
65
- *
66
- * @param namespace the namespace of the key
67
- * @param name the key name
68
- * @param type the key type
69
- *
70
- * @return a byte array containing the specified key data or null if it was not found.
71
- *
72
- * @throws {@link KeyNotFoundError}
73
- * If key is not present in the archive.
74
- */
75
- getKeyData(namespace: string, name: string, type: KeyArchiveKeyType): ArrayBuffer;
76
- /** @return the key types to exclude from the archive in an unmodifiable set. */
77
- getExcludedKeyTypes(): ReadonlySet<KeyArchiveKeyType>;
78
- /** @return the key names to exclude from the archive in an unmodifiable set. */
79
- getExcludedKeys(): ReadonlySet<string>;
80
- /** @return the meta-information associated with this archive in an unmodifiable map. */
81
- getMetaInfo(): ReadonlyMap<string, string>;
82
- }
83
- export declare type KeyArchiveKeyInfoDecoded = KeyArchiveKeyInfo & {
84
- Decoded: ArrayBuffer;
85
- };
86
- export declare class DefaultSudoKeyArchive implements SudoKeyArchive {
87
- /**
88
- * Version 2 format is not gzipped is what's currently generated
89
- * by iOS and Android. We may want to add support for importing
90
- * such archives.
91
- */
92
- static readonly PREGZIP_ARCHIVE_VERSION = 2;
93
- /**
94
- * Version 3 format permits both secure and insecure key archives.
95
- *
96
- * Insecure key archives are used where the archive will be stored
97
- * in an otherwise known secure way e.g. via secure-vault-service
98
- * where the encryption of the archive would then be handled by
99
- * clients of that service.
100
- *
101
- * Secure key archives are password protected (via PBKDF2) a la version
102
- * 2 format.
103
- *
104
- * Insecure format detail is:
105
- *
106
- * gzip(JSON.stringify(InsecureKeyArchive))
107
- *
108
- * Secure format detail is:
109
- *
110
- * gzip(JSON.stringify(SecureKeyArchive))
111
- *
112
- * where Keys property of SecureKeyArchive is:
113
- *
114
- * base64(encrypt(gzip(JSON.stringify(array of keys))))
115
- *
116
- * Where encrypt operation is 256-bit AES CBC-mode with IV SecureKeyArchive.IV
117
- * and key generated by SecureKeyArchive.Rounds of PBKDF2 on the password
118
- * salted with SecureKeyArchive.Salt.
119
- */
120
- static readonly CURRENT_ARCHIVE_VERSION = 3;
121
- private readonly defaultKeyManager;
122
- private readonly keyManagers;
123
- private keyArchive;
124
- private readonly excludedKeys;
125
- private readonly excludedKeyTypes;
126
- private readonly metaInfo;
127
- private readonly keys;
128
- /**
129
- * Construct SudoKeyArchive
130
- *
131
- *
132
- * @param keyManagers
133
- * Key manager or array of key managers to either restore archive in to
134
- * or construct archive from
135
- *
136
- * @param archiveData
137
- * Array buffer of binary archive data to restore.
138
- *
139
- * @param excludedKeys
140
- * Set of key names to exclude from archive or restore operation.
141
- * Default: None
142
- *
143
- * @param excludedKeyTypes
144
- * Set of key types to exclude from archive or restore operation.
145
- * Default: {@link KeyArchiveKeyType.PublicKey}
146
- *
147
- * @param metaInfo
148
- * Meta information to include with the key archive
149
- *
150
- * @throws {@link IllegalArgumentError}
151
- * If no key managers are provided
152
- *
153
- * @throws {@link IllegalArgumentError}
154
- * If multiple key managers are provided with the same namespace
155
- *
156
- * @throws {@link KeyArchiveDecodingError}
157
- * If archiveData is provided and its binary data cannot be decoded
158
- *
159
- * @throws {@link KeyArchiveTypeError}
160
- * If archiveData is provided and decodes to an unsupported archive
161
- * type.
162
- *
163
- * @throws {@link KeyArchiveVersionError}
164
- * If archiveData is provided and decodes to an unsupported archive
165
- * version.
166
- */
167
- constructor(keyManagers: SudoKeyManager | SudoKeyManager[], options?: {
168
- archiveData?: ArrayBuffer;
169
- excludedKeys?: ReadonlySet<string>;
170
- excludedKeyTypes?: ReadonlySet<KeyArchiveKeyType>;
171
- metaInfo?: ReadonlyMap<string, string>;
172
- });
173
- /**
174
- * Reads the binary data and converts it to JSON and then deserialises it
175
- * into a KeyArchive
176
- */
177
- private loadArchive;
178
- loadKeys(): Promise<void>;
179
- saveKeys(): Promise<void>;
180
- archive(password: ArrayBuffer | undefined): Promise<ArrayBuffer>;
181
- unarchive(password: ArrayBuffer | undefined): Promise<void>;
182
- reset(): void;
183
- containsKey(namespace: string, name: string, type: KeyArchiveKeyType): boolean;
184
- getKeyData(namespace: string, name: string, type: KeyArchiveKeyType): ArrayBuffer;
185
- getExcludedKeys(): ReadonlySet<string>;
186
- getExcludedKeyTypes(): ReadonlySet<KeyArchiveKeyType>;
187
- getMetaInfo(): ReadonlyMap<string, string>;
188
- }
189
- export declare function keyArchiveInfoFromKeyData(keyData: KeyData): KeyArchiveKeyInfoDecoded;
190
- export declare function keyArchiveKeyTypeFromKeyDataKeyType(keyDataKeyType: KeyDataKeyType): KeyArchiveKeyType;
@@ -1,4 +0,0 @@
1
- export * from './keyData';
2
- export * from './publicKey';
3
- export * from './sudoCryptoProvider';
4
- export * from './sudoKeyManager';
@@ -1,56 +0,0 @@
1
- /**
2
- * Type of key
3
- */
4
- export declare enum KeyDataKeyType {
5
- SymmetricKey = "SymmetricKey",
6
- RSAPublicKey = "RSAPublicKey",
7
- RSAPrivateKey = "RSAPrivateKey",
8
- Password = "Password"
9
- }
10
- export declare enum KeyDataKeyFormat {
11
- /**
12
- * Raw key format.
13
- *
14
- * For SymmetricKey and Password types this means the raw bytes
15
- * of the key/password.
16
- *
17
- * For RSAPublicKey this means RSAPublicKey binary format.
18
- * For RSAPrivateKey this means RSAPrivateKey binary format.
19
- * "RSA PUBLIC KEY" or "RSA PRIVATE KEY" in PEM speak
20
- */
21
- Raw = "Raw",
22
- /**
23
- * SPKI public key format.
24
- *
25
- * Applies to public keys (currently only RSAPublicKey)
26
- * and means they are formated using SPKI.
27
- *
28
- * "PUBLIC KEY" in PEM speak
29
- */
30
- SPKI = "SPKI",
31
- /**
32
- * PKCS8 private key format.
33
- *
34
- * Applies to private keys (currently only RSAPrivateKey)
35
- * and means they are formated using unencrypted PKCS8.
36
- *
37
- * "PRIVATE KEY" in PEM speak
38
- */
39
- PKCS8 = "PKCS8"
40
- }
41
- /**
42
- * Record of key in a key archive
43
- *
44
- * @property name name of the key within the namespace
45
- * @property namespace namespace of the key manager for this key
46
- * @property data raw binary data of the key
47
- * @property type type of the key
48
- * @property format format of the raw binary data
49
- */
50
- export interface KeyData {
51
- name: string;
52
- namespace: string;
53
- data: ArrayBuffer;
54
- type: KeyDataKeyType;
55
- format: KeyDataKeyFormat;
56
- }
@@ -1,8 +0,0 @@
1
- export declare enum PublicKeyFormat {
2
- RSAPublicKey = 0,
3
- SPKI = 1
4
- }
5
- export interface PublicKey {
6
- readonly keyData: ArrayBuffer;
7
- readonly keyFormat: PublicKeyFormat;
8
- }