@extrimian/kms-suite-didcomm-v2
Advanced tools
Comparing version 1.1.0 to 1.2.0
import { IDidCommKeyPair, IDIDCommV2Suite, DIDCommMessagePacking, IPackedDIDCommMessage } from "@extrimian/kms-core"; | ||
import { JWE } from "did-jwt"; | ||
import { IKeyManagerSignArgs } from "../models/key-manager-sign-args"; | ||
@@ -13,4 +14,7 @@ import { ParsedDID } from "../models/parsed-did"; | ||
pack(params: { | ||
verificationMethodId: string; | ||
toHexKeys: string[]; | ||
senderVerificationMethodId: string; | ||
toKeys: { | ||
verificationMethodId: string; | ||
publicKeyHex: string; | ||
}[]; | ||
message: IDIDCommMessage; | ||
@@ -20,4 +24,7 @@ packing: DIDCommMessagePacking; | ||
packJWS(params: { | ||
verificationMethodId: string; | ||
toHexKeys: string[]; | ||
senderVerificationMethodId: string; | ||
toKeys: { | ||
verificationMethodId: string; | ||
publicKeyHex: string; | ||
}[]; | ||
message: IDIDCommMessage; | ||
@@ -39,2 +46,6 @@ packing: DIDCommMessagePacking; | ||
private getPublicKeyByVerificationMethod; | ||
extractSenderEncryptionKey(jwe: JWE): Promise<{ | ||
publicKeyHex: string; | ||
publicKeyType: string; | ||
}>; | ||
} |
@@ -132,2 +132,5 @@ "use strict"; | ||
return __generator(this, function (_a) { | ||
params.toKeys.forEach(function (toKey) { | ||
toKey.publicKeyHex = toKey.publicKeyHex.replace("0x", ""); | ||
}); | ||
switch (params.packing) { | ||
@@ -164,3 +167,3 @@ case 'authcrypt': // intentionally omitting break | ||
} | ||
headerObj = { alg: alg, kid: params.verificationMethodId, typ: kms_core_1.DIDCommMessageMediaType.SIGNED }; | ||
headerObj = { alg: alg, kid: params.senderVerificationMethodId, typ: kms_core_1.DIDCommMessageMediaType.SIGNED }; | ||
header = this.encodeJoseBlob(headerObj); | ||
@@ -172,3 +175,3 @@ payload = this.encodeJoseBlob(params.message); | ||
encoding: 'utf-8', | ||
keyRef: params.verificationMethodId, | ||
keyRef: params.senderVerificationMethodId, | ||
algorithm: alg, | ||
@@ -191,12 +194,12 @@ })]; | ||
return __awaiter(this, void 0, void 0, function () { | ||
function computeRecipients(toPublicKeyHex) { | ||
function computeRecipients(receiptKeys) { | ||
return __awaiter(this, void 0, void 0, function () { | ||
var tempRecipients; | ||
return __generator(this, function (_a) { | ||
tempRecipients = toPublicKeyHex.map(function (pbk) { return ({ | ||
kid: params.verificationMethodId, | ||
publicKeyBytes: u8a.fromString(pbk, "base16") | ||
tempRecipients = receiptKeys.map(function (pbk) { return ({ | ||
kid: pbk.verificationMethodId, | ||
publicKeyBytes: u8a.fromString(pbk.toPublicKeyHex, "base16") | ||
}); }); | ||
if (tempRecipients.length === 0) { | ||
throw new Error("not_supported: no compatible key agreement keys found for recipient ".concat(toPublicKeyHex)); | ||
throw new Error("not_supported: no compatible key agreement keys found for recipient"); | ||
} | ||
@@ -216,3 +219,3 @@ return [2 /*return*/, tempRecipients]; | ||
}; | ||
protectedHeader = __assign(__assign({}, protectedHeader), { skid: params.verificationMethodId }); | ||
protectedHeader = __assign(__assign({}, protectedHeader), { skid: params.senderVerificationMethodId }); | ||
if (params.packing === 'authcrypt') { | ||
@@ -222,3 +225,3 @@ senderECDH = this.createEcdhWrapper({ | ||
}); | ||
protectedHeader = __assign(__assign({}, protectedHeader), { skid: params.verificationMethodId }); | ||
protectedHeader = __assign(__assign({}, protectedHeader), { skid: params.senderVerificationMethodId }); | ||
} | ||
@@ -232,3 +235,8 @@ recipients = []; | ||
recipients]; | ||
return [4 /*yield*/, computeRecipients(params.toHexKeys)]; | ||
return [4 /*yield*/, computeRecipients(params.toKeys.map(function (x) { | ||
return ({ | ||
toPublicKeyHex: x.publicKeyHex, | ||
verificationMethodId: x.verificationMethodId | ||
}); | ||
}))]; | ||
case 1: | ||
@@ -248,3 +256,3 @@ // add primary recipient | ||
if (encrypters.length === 0) { | ||
throw new Error("not_supported: could not create suitable encryption for recipient ".concat(params.toHexKeys)); | ||
throw new Error("not_supported: could not create suitable encryption for recipients"); | ||
} | ||
@@ -289,3 +297,3 @@ messageBytes = u8a.fromString(JSON.stringify(params.message), 'utf-8'); | ||
packing = ""; | ||
return [4 /*yield*/, this.getPublicKeyByVerificationMethod(jwe.recipients[0].header.kid)]; | ||
return [4 /*yield*/, this.extractSenderEncryptionKey(jwe)]; | ||
case 1: | ||
@@ -517,3 +525,3 @@ senderPbk = _a.sent(); | ||
publicKeyHex: kms_core_1.BaseConverter.convert(vm.publicKeyJwk, kms_core_1.Base.JWK, kms_core_1.Base.Hex), | ||
publicKeyType: "Ed25519" | ||
publicKeyType: vm.publicKeyJwk.crv | ||
}]; | ||
@@ -526,2 +534,29 @@ } | ||
}; | ||
DIDCommSuite.prototype.extractSenderEncryptionKey = function (jwe) { | ||
return __awaiter(this, void 0, void 0, function () { | ||
var protectedHeader, senderDoc; | ||
return __generator(this, function (_a) { | ||
switch (_a.label) { | ||
case 0: | ||
protectedHeader = this.decodeJoseBlob(jwe.protected); | ||
if (!(typeof protectedHeader.skid === 'string')) return [3 /*break*/, 2]; | ||
return [4 /*yield*/, this.getPublicKeyByVerificationMethod(protectedHeader.skid)]; | ||
case 1: | ||
senderDoc = _a.sent(); | ||
// const sKey = (await context.agent.getDIDComponentById({ | ||
// didDocument: senderDoc, | ||
// didUrl: protectedHeader.skid, | ||
// section: 'keyAgreement', | ||
// })) as _ExtendedVerificationMethod | ||
// if (!['Ed25519VerificationKey2018', 'X25519KeyAgreementKey2019'].includes(sKey.type)) { | ||
// throw new Error(`not_supported: sender key of type ${sKey.type} is not supported`) | ||
// } | ||
// let publicKeyHex = this.et(sKey, true) | ||
// senderKey = u8a.fromString(senderDoc.publicKeyHex, 'base16'); | ||
return [2 /*return*/, senderDoc]; | ||
case 2: return [2 /*return*/, null]; | ||
} | ||
}); | ||
}); | ||
}; | ||
DIDCommSuite = __decorate([ | ||
@@ -528,0 +563,0 @@ (0, kms_core_1.suiteDecorator)(kms_core_1.Suite.DIDCommV2), |
{ | ||
"name": "@extrimian/kms-suite-didcomm-v2", | ||
"version": "1.1.0", | ||
"version": "1.2.0", | ||
"description": "", | ||
@@ -26,3 +26,3 @@ "private": false, | ||
"@extrimian/did-core": "1.0.7", | ||
"@extrimian/kms-core": "^1.1.0", | ||
"@extrimian/kms-core": "1.2.0", | ||
"@hearro/didcomm": "^0.6.0", | ||
@@ -29,0 +29,0 @@ "@stablelib/ed25519": "^1.0.3", |
@@ -94,7 +94,14 @@ import { arrayify, hexlify } from "@ethersproject/bytes"; | ||
async pack(params: { | ||
verificationMethodId: string, | ||
toHexKeys: string[], | ||
message: IDIDCommMessage, | ||
packing: DIDCommMessagePacking | ||
senderVerificationMethodId: string, | ||
toKeys: { | ||
verificationMethodId: string; | ||
publicKeyHex: string; | ||
}[], | ||
message: IDIDCommMessage; | ||
packing: DIDCommMessagePacking; | ||
}): Promise<IPackedDIDCommMessage> { | ||
params.toKeys.forEach(toKey => { | ||
toKey.publicKeyHex = toKey.publicKeyHex.replace("0x", ""); | ||
}); | ||
switch (params.packing) { | ||
@@ -118,6 +125,9 @@ case 'authcrypt': // intentionally omitting break | ||
async packJWS(params: { | ||
verificationMethodId: string, | ||
toHexKeys: string[], | ||
message: IDIDCommMessage, | ||
packing: DIDCommMessagePacking | ||
senderVerificationMethodId: string, | ||
toKeys: { | ||
verificationMethodId: string; | ||
publicKeyHex: string; | ||
}[], | ||
message: IDIDCommMessage; | ||
packing: DIDCommMessagePacking; | ||
}): Promise<IPackedDIDCommMessage> { | ||
@@ -138,3 +148,3 @@ | ||
// construct the protected header with alg, typ and kid | ||
const headerObj = { alg, kid: params.verificationMethodId, typ: DIDCommMessageMediaType.SIGNED }; | ||
const headerObj = { alg, kid: params.senderVerificationMethodId, typ: DIDCommMessageMediaType.SIGNED }; | ||
const header = this.encodeJoseBlob(headerObj); | ||
@@ -148,3 +158,3 @@ const payload = this.encodeJoseBlob(params.message); | ||
encoding: 'utf-8', | ||
keyRef: params.verificationMethodId, | ||
keyRef: params.senderVerificationMethodId, | ||
algorithm: alg, | ||
@@ -164,6 +174,9 @@ }); | ||
private async packJWE(params: { | ||
verificationMethodId: string, | ||
toHexKeys: string[], | ||
message: IDIDCommMessage, | ||
packing: DIDCommMessagePacking | ||
senderVerificationMethodId: string, | ||
toKeys: { | ||
verificationMethodId: string; | ||
publicKeyHex: string; | ||
}[], | ||
message: IDIDCommMessage; | ||
packing: DIDCommMessagePacking; | ||
}): Promise<IPackedDIDCommMessage> { | ||
@@ -178,3 +191,3 @@ let senderECDH: ECDH | null = null | ||
protectedHeader = { ...protectedHeader, skid: params.verificationMethodId } | ||
protectedHeader = { ...protectedHeader, skid: params.senderVerificationMethodId } | ||
@@ -185,3 +198,3 @@ if (params.packing === 'authcrypt') { | ||
}); | ||
protectedHeader = { ...protectedHeader, skid: params.verificationMethodId } | ||
protectedHeader = { ...protectedHeader, skid: params.senderVerificationMethodId } | ||
} | ||
@@ -197,10 +210,13 @@ | ||
async function computeRecipients(toPublicKeyHex: string[]): Promise<IRecipient[]> { | ||
const tempRecipients = toPublicKeyHex.map((pbk) => ({ | ||
kid: params.verificationMethodId, | ||
publicKeyBytes: u8a.fromString(pbk, "base16") | ||
async function computeRecipients(receiptKeys: { | ||
verificationMethodId: string, | ||
toPublicKeyHex: string | ||
}[]): Promise<IRecipient[]> { | ||
const tempRecipients = receiptKeys.map((pbk) => ({ | ||
kid: pbk.verificationMethodId, | ||
publicKeyBytes: u8a.fromString(pbk.toPublicKeyHex, "base16") | ||
})); | ||
if (tempRecipients.length === 0) { | ||
throw new Error(`not_supported: no compatible key agreement keys found for recipient ${toPublicKeyHex}`) | ||
throw new Error(`not_supported: no compatible key agreement keys found for recipient`) | ||
} | ||
@@ -212,3 +228,7 @@ | ||
// add primary recipient | ||
recipients.push(...(await computeRecipients(params.toHexKeys))); | ||
recipients.push(...(await computeRecipients(params.toKeys.map(x => | ||
({ | ||
toPublicKeyHex: x.publicKeyHex, | ||
verificationMethodId: x.verificationMethodId | ||
}))))); | ||
@@ -234,3 +254,3 @@ // add bcc recipients (optional) | ||
throw new Error( | ||
`not_supported: could not create suitable encryption for recipient ${params.toHexKeys}`, | ||
`not_supported: could not create suitable encryption for recipients`, | ||
) | ||
@@ -269,3 +289,3 @@ } | ||
const senderPbk = await this.getPublicKeyByVerificationMethod(jwe.recipients[0].header.kid); | ||
const senderPbk = await this.extractSenderEncryptionKey(jwe); | ||
@@ -484,6 +504,30 @@ if (senderPbk && jwe.recipients[0].header.alg.includes('ECDH-1PU')) { | ||
publicKeyHex: BaseConverter.convert((<VerificationMethodJwk>vm).publicKeyJwk, Base.JWK, Base.Hex), | ||
publicKeyType: "Ed25519" | ||
publicKeyType: (<VerificationMethodJwk>vm).publicKeyJwk.crv | ||
} | ||
} | ||
} | ||
async extractSenderEncryptionKey( | ||
jwe: JWE, | ||
// context: IAgentContext<IResolver>, | ||
): Promise<{ publicKeyHex: string, publicKeyType: string }> { | ||
// let senderKey: Uint8Array | null = null | ||
const protectedHeader = this.decodeJoseBlob(jwe.protected) | ||
if (typeof protectedHeader.skid === 'string') { | ||
const senderDoc = await this.getPublicKeyByVerificationMethod(protectedHeader.skid); | ||
// const sKey = (await context.agent.getDIDComponentById({ | ||
// didDocument: senderDoc, | ||
// didUrl: protectedHeader.skid, | ||
// section: 'keyAgreement', | ||
// })) as _ExtendedVerificationMethod | ||
// if (!['Ed25519VerificationKey2018', 'X25519KeyAgreementKey2019'].includes(sKey.type)) { | ||
// throw new Error(`not_supported: sender key of type ${sKey.type} is not supported`) | ||
// } | ||
// let publicKeyHex = this.et(sKey, true) | ||
// senderKey = u8a.fromString(senderDoc.publicKeyHex, 'base16'); | ||
return senderDoc; | ||
} | ||
return null; | ||
} | ||
} |
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
78918
1446
+ Added@extrimian/kms-core@1.2.0(transitive)
- Removed@extrimian/kms-core@1.3.0(transitive)
Updated@extrimian/kms-core@1.2.0