{
  "version": 3,
  "sources": ["../../src/rsa/webcrypto.ts"],
  "sourcesContent": ["import { webcrypto } from '@bicycle-codes/one-webcrypto'\nimport { fromString, toString } from 'uint8arrays'\nimport * as uint8arrays from 'uint8arrays'\nimport { magicBytes, parseMagicBytes } from '../index.js'\nimport {\n    BASE58_DID_PREFIX,\n    DEFAULT_CHAR_SIZE,\n    DEFAULT_HASH_ALGORITHM,\n    RSA_SALT_LENGTH,\n    RSA_SIGN_ALGORITHM,\n    RSA_ALGORITHM,\n    RSA_HASHING_ALGORITHM,\n    DEFAULT_RSA_SIZE,\n    DEFAULT_STRING_ENCODING\n} from '../constants.js'\nimport { checkValidKeyUse } from '../errors.js'\nimport { importKey as importAesKey } from '../aes/webcrypto.js'\nimport {\n    base64ToArrBuf,\n    normalizeBase64ToBuf,\n    normalizeUnicodeToBuf,\n    isCryptoKey,\n    publicExponent,\n    arrBufToBase64,\n} from '../util.js'\nimport { KeyUse } from '../types.js'\nimport type { RsaSize, Msg, CharSize, HashAlg, DID, PublicKey } from '../types.js'\n\nexport async function verify (\n    msg:Msg,\n    sig:Msg,\n    publicKey:string|CryptoKey,\n    charSize:CharSize = DEFAULT_CHAR_SIZE,\n    hashAlg:HashAlg = DEFAULT_HASH_ALGORITHM\n):Promise<boolean> {\n    return webcrypto.subtle.verify({\n        name: RSA_SIGN_ALGORITHM,\n        saltLength: RSA_SALT_LENGTH\n    }, (typeof publicKey === 'string' ?\n        await importPublicKey(publicKey, hashAlg, KeyUse.Sign) :\n        publicKey),\n    normalizeBase64ToBuf(sig),\n    normalizeUnicodeToBuf(msg, charSize))\n}\n\nexport async function sign (\n    msg:Msg,\n    privateKey:CryptoKey,\n    charSize:CharSize = DEFAULT_CHAR_SIZE\n):Promise<ArrayBuffer> {\n    return webcrypto.subtle.sign(\n        { name: RSA_SIGN_ALGORITHM, saltLength: RSA_SALT_LENGTH },\n        privateKey,\n        normalizeUnicodeToBuf(msg, charSize)\n    )\n}\n\nexport async function encrypt (\n    msg:Msg,\n    publicKey:string|CryptoKey,\n    opts?:{ format:'base64' },\n    charSize?:CharSize,\n    hashAlg?:HashAlg\n):Promise<string>\n\nexport async function encrypt (\n    msg:Msg,\n    publicKey:string|CryptoKey,\n    opts:{ format:'base64'|'raw' } = { format: 'base64' },\n    charSize:CharSize = DEFAULT_CHAR_SIZE,\n    hashAlg:HashAlg = DEFAULT_HASH_ALGORITHM\n):Promise<string|Uint8Array> {\n    const pubKey = typeof publicKey === 'string' ?\n        await importPublicKey(publicKey, hashAlg, KeyUse.Encrypt) :\n        publicKey\n\n    const encrypted = await webcrypto.subtle.encrypt(\n        { name: RSA_ALGORITHM },\n        pubKey,\n        normalizeUnicodeToBuf(msg, charSize)\n    )\n\n    return (opts.format === 'raw' ?\n        new Uint8Array(encrypted) :\n        arrBufToBase64(encrypted))\n}\n\n/**\n * Decrypt the given Uint8Array\n */\nexport async function decrypt (\n    data:Uint8Array|string,\n    privateKey:CryptoKey|Uint8Array\n):Promise<Uint8Array> {\n    const key = isCryptoKey(privateKey) ?\n        privateKey :\n        await importPublicKey(privateKey, undefined, KeyUse.Encrypt)\n\n    const arrayBuffer = await webcrypto.subtle.decrypt(\n        { name: RSA_ALGORITHM },\n        key,\n        (typeof data === 'string' ? fromString(data, 'base64pad') : data.buffer)\n    )\n\n    const arr = new Uint8Array(arrayBuffer)\n\n    return arr\n}\n\n/* Decrypt the given encrypted (AES) key. Get your keys from indexedDB, or use\n* the use the passed in key to decrypt the given encrypted AES key.\n*\n* @param {string} encryptedKey The encrypted key as string\n* @param {CryptoKeyPair} keypair The keypair to use to decrypt\n* @returns {Promise<CryptoKey>} The symmetric key\n*/\nexport async function decryptKey (\n    encryptedKey:string,\n    keypair:CryptoKeyPair\n):Promise<CryptoKey> {\n    const decrypted = await decrypt(\n        fromString(encryptedKey),\n        keypair.privateKey\n    )\n\n    const key = await importAesKey(decrypted)\n    return key\n}\n\n/**\n * Return a CryptoKey from the given Uint8Array or string.\n */\nexport async function importPublicKey (\n    base64Key:string|Uint8Array,\n    hashAlg:HashAlg = DEFAULT_HASH_ALGORITHM,\n    use:KeyUse = KeyUse.Encrypt\n):Promise<CryptoKey> {\n    checkValidKeyUse(use)\n    const alg = (use === KeyUse.Encrypt ? RSA_ALGORITHM : RSA_SIGN_ALGORITHM)\n    const uses:KeyUsage[] = (use === KeyUse.Encrypt ?\n        ['encrypt'] :\n        ['verify'])\n    const buf = typeof base64Key === 'string' ?\n        base64ToArrBuf(stripKeyHeader(base64Key)) :\n        base64Key\n\n    return webcrypto.subtle.importKey('spki', buf, {\n        name: alg,\n        hash: { name: hashAlg }\n    }, true, uses)\n}\n\nexport async function exportKey (\n    key:PublicKey\n):Promise<Uint8Array>\n\nexport async function exportKey (\n    key:PublicKey,\n    opts:{ format:'string' }\n):Promise<string>\n\n/**\n * Get a public key from the given keypair.\n *\n * @param keys The keypair to extract the public key from\n * @returns The public key\n */\nexport async function exportKey (\n    key:PublicKey,\n    { format }:{ format:'string'|'raw' } = { format: 'raw' }\n):Promise<Uint8Array|string> {\n    const arr = new Uint8Array(await webcrypto.subtle.exportKey(\n        'spki',\n        key\n    ))\n\n    if (format === 'string') {\n        return toString(arr, DEFAULT_STRING_ENCODING)\n    }\n\n    return arr\n}\n\nexport async function create (\n    use:KeyUse,\n    size:RsaSize = DEFAULT_RSA_SIZE,\n    hashAlg:HashAlg = RSA_HASHING_ALGORITHM,\n):Promise<CryptoKeyPair> {\n    if (!(Object.values(KeyUse).includes(use))) {\n        throw new Error('invalid key use')\n    }\n    const alg = use === KeyUse.Encrypt ? RSA_ALGORITHM : RSA_SIGN_ALGORITHM\n    const uses:KeyUsage[] = (use === KeyUse.Encrypt ?\n        ['encrypt', 'decrypt'] :\n        ['sign', 'verify'])\n\n    return webcrypto.subtle.generateKey({\n        name: alg,\n        modulusLength: size,\n        publicExponent: publicExponent(),\n        hash: { name: hashAlg }\n    }, false, uses)\n}\n\nfunction stripKeyHeader (base64Key:string):string {\n    return base64Key\n        .replace('-----BEGIN PUBLIC KEY-----\\n', '')\n        .replace('\\n-----END PUBLIC KEY-----', '')\n}\n\nexport async function verifyWithDid (\n    msg:string,\n    sig:string,\n    did:DID\n):Promise<boolean> {\n    const key = await importDid(did)\n    try {\n        const isOk = await verify(msg, sig, key)\n        return isOk\n    } catch (_err) {\n        return false\n    }\n}\n\n/**\n * Convert a public key to a DID format string.\n */\nexport async function publicKeyToDid (\n    publicKey:Uint8Array|PublicKey,\n):Promise<DID> {\n    if (publicKey instanceof CryptoKey) {\n        publicKey = await exportKey(publicKey)\n    }\n\n    const prefix = magicBytes.rsa\n    const prefixedBuf = uint8arrays.concat([prefix, publicKey])\n\n    return (BASE58_DID_PREFIX +\n        uint8arrays.toString(prefixedBuf, 'base58btc')) as DID\n}\n\n/**\n * Convert the given DID string to a public key Uint8Array.\n */\nexport function didToPublicKey (did:DID):({\n    publicKey:Uint8Array,\n    type:'rsa'\n}) {\n    if (!did.startsWith(BASE58_DID_PREFIX)) {\n        throw new Error(\n            'Please use a base58-encoded DID formatted `did:key:z...`')\n    }\n\n    const didWithoutPrefix = ('' + did.substring(BASE58_DID_PREFIX.length))\n    const magicalBuf = uint8arrays.fromString(didWithoutPrefix, 'base58btc')\n    const { keyBuffer } = parseMagicBytes(magicalBuf)\n\n    return {\n        publicKey: new Uint8Array(keyBuffer),\n        type: 'rsa'\n    }\n}\n\n/**\n * Convert the given DID string to a public key.\n */\nexport async function importDid (\n    did:DID,\n    hashAlgorithm:HashAlg = DEFAULT_HASH_ALGORITHM,\n    use:KeyUse = KeyUse.Sign\n):Promise<PublicKey> {\n    const parsed = didToPublicKey(did)\n    const key = await importPublicKey(parsed.publicKey, hashAlgorithm, use)\n    return key\n}\n"],
  "mappings": ";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,2BAA0B;AAC1B,yBAAqC;AACrC,kBAA6B;AAC7B,eAA4C;AAC5C,uBAUO;AACP,oBAAiC;AACjC,uBAA0C;AAC1C,kBAOO;AACP,mBAAuB;AAGvB,eAAsB,OAClB,KACA,KACA,WACA,WAAoB,oCACpB,UAAkB,yCACH;AACf,SAAO,+BAAU,OAAO;AAAA,IAAO;AAAA,MAC3B,MAAM;AAAA,MACN,YAAY;AAAA,IAChB;AAAA,IAAI,OAAO,cAAc,WACrB,MAAM,gBAAgB,WAAW,SAAS,oBAAO,IAAI,IACrD;AAAA,QACJ,kCAAqB,GAAG;AAAA,QACxB,mCAAsB,KAAK,QAAQ;AAAA,EAAC;AACxC;AAfsB;AAiBtB,eAAsB,KAClB,KACA,YACA,WAAoB,oCACD;AACnB,SAAO,+BAAU,OAAO;AAAA,IACpB,EAAE,MAAM,qCAAoB,YAAY,iCAAgB;AAAA,IACxD;AAAA,QACA,mCAAsB,KAAK,QAAQ;AAAA,EACvC;AACJ;AAVsB;AAoBtB,eAAsB,QAClB,KACA,WACA,OAAiC,EAAE,QAAQ,SAAS,GACpD,WAAoB,oCACpB,UAAkB,yCACO;AACzB,QAAM,SAAS,OAAO,cAAc,WAChC,MAAM,gBAAgB,WAAW,SAAS,oBAAO,OAAO,IACxD;AAEJ,QAAM,YAAY,MAAM,+BAAU,OAAO;AAAA,IACrC,EAAE,MAAM,+BAAc;AAAA,IACtB;AAAA,QACA,mCAAsB,KAAK,QAAQ;AAAA,EACvC;AAEA,SAAQ,KAAK,WAAW,QACpB,IAAI,WAAW,SAAS,QACxB,4BAAe,SAAS;AAChC;AApBsB;AAyBtB,eAAsB,QAClB,MACA,YACkB;AAClB,QAAM,UAAM,yBAAY,UAAU,IAC9B,aACA,MAAM,gBAAgB,YAAY,QAAW,oBAAO,OAAO;AAE/D,QAAM,cAAc,MAAM,+BAAU,OAAO;AAAA,IACvC,EAAE,MAAM,+BAAc;AAAA,IACtB;AAAA,IACC,OAAO,SAAS,eAAW,+BAAW,MAAM,WAAW,IAAI,KAAK;AAAA,EACrE;AAEA,QAAM,MAAM,IAAI,WAAW,WAAW;AAEtC,SAAO;AACX;AAjBsB;AA0BtB,eAAsB,WAClB,cACA,SACiB;AACjB,QAAM,YAAY,MAAM;AAAA,QACpB,+BAAW,YAAY;AAAA,IACvB,QAAQ;AAAA,EACZ;AAEA,QAAM,MAAM,UAAM,iBAAAA,WAAa,SAAS;AACxC,SAAO;AACX;AAXsB;AAgBtB,eAAsB,gBAClB,WACA,UAAkB,yCAClB,MAAa,oBAAO,SACH;AACjB,sCAAiB,GAAG;AACpB,QAAM,MAAO,QAAQ,oBAAO,UAAU,iCAAgB;AACtD,QAAM,OAAmB,QAAQ,oBAAO,UACpC,CAAC,SAAS,IACV,CAAC,QAAQ;AACb,QAAM,MAAM,OAAO,cAAc,eAC7B,4BAAe,eAAe,SAAS,CAAC,IACxC;AAEJ,SAAO,+BAAU,OAAO,UAAU,QAAQ,KAAK;AAAA,IAC3C,MAAM;AAAA,IACN,MAAM,EAAE,MAAM,QAAQ;AAAA,EAC1B,GAAG,MAAM,IAAI;AACjB;AAlBsB;AAmCtB,eAAsB,UAClB,KACA,EAAE,OAAO,IAA8B,EAAE,QAAQ,MAAM,GAC9B;AACzB,QAAM,MAAM,IAAI,WAAW,MAAM,+BAAU,OAAO;AAAA,IAC9C;AAAA,IACA;AAAA,EACJ,CAAC;AAED,MAAI,WAAW,UAAU;AACrB,eAAO,6BAAS,KAAK,wCAAuB;AAAA,EAChD;AAEA,SAAO;AACX;AAdsB;AAgBtB,eAAsB,OAClB,KACA,OAAe,mCACf,UAAkB,wCACG;AACrB,MAAI,CAAE,OAAO,OAAO,mBAAM,EAAE,SAAS,GAAG,GAAI;AACxC,UAAM,IAAI,MAAM,iBAAiB;AAAA,EACrC;AACA,QAAM,MAAM,QAAQ,oBAAO,UAAU,iCAAgB;AACrD,QAAM,OAAmB,QAAQ,oBAAO,UACpC,CAAC,WAAW,SAAS,IACrB,CAAC,QAAQ,QAAQ;AAErB,SAAO,+BAAU,OAAO,YAAY;AAAA,IAChC,MAAM;AAAA,IACN,eAAe;AAAA,IACf,oBAAgB,4BAAe;AAAA,IAC/B,MAAM,EAAE,MAAM,QAAQ;AAAA,EAC1B,GAAG,OAAO,IAAI;AAClB;AAnBsB;AAqBtB,SAAS,eAAgB,WAAyB;AAC9C,SAAO,UACF,QAAQ,gCAAgC,EAAE,EAC1C,QAAQ,8BAA8B,EAAE;AACjD;AAJS;AAMT,eAAsB,cAClB,KACA,KACA,KACe;AACf,QAAM,MAAM,MAAM,UAAU,GAAG;AAC/B,MAAI;AACA,UAAM,OAAO,MAAM,OAAO,KAAK,KAAK,GAAG;AACvC,WAAO;AAAA,EACX,SAAS,MAAM;AACX,WAAO;AAAA,EACX;AACJ;AAZsB;AAiBtB,eAAsB,eAClB,WACW;AACX,MAAI,qBAAqB,WAAW;AAChC,gBAAY,MAAM,UAAU,SAAS;AAAA,EACzC;AAEA,QAAM,SAAS,oBAAW;AAC1B,QAAM,cAAc,YAAY,OAAO,CAAC,QAAQ,SAAS,CAAC;AAE1D,SAAQ,qCACJ,YAAY,SAAS,aAAa,WAAW;AACrD;AAZsB;AAiBf,SAAS,eAAgB,KAG7B;AACC,MAAI,CAAC,IAAI,WAAW,kCAAiB,GAAG;AACpC,UAAM,IAAI;AAAA,MACN;AAAA,IAA0D;AAAA,EAClE;AAEA,QAAM,mBAAoB,KAAK,IAAI,UAAU,mCAAkB,MAAM;AACrE,QAAM,aAAa,YAAY,WAAW,kBAAkB,WAAW;AACvE,QAAM,EAAE,UAAU,QAAI,0BAAgB,UAAU;AAEhD,SAAO;AAAA,IACH,WAAW,IAAI,WAAW,SAAS;AAAA,IACnC,MAAM;AAAA,EACV;AACJ;AAjBgB;AAsBhB,eAAsB,UAClB,KACA,gBAAwB,yCACxB,MAAa,oBAAO,MACH;AACjB,QAAM,SAAS,eAAe,GAAG;AACjC,QAAM,MAAM,MAAM,gBAAgB,OAAO,WAAW,eAAe,GAAG;AACtE,SAAO;AACX;AARsB;",
  "names": ["importAesKey"]
}