{"version":3,"file":"keyDidDocument.mjs","names":[],"sources":["../../../../src/modules/dids/domain/keyDidDocument.ts"],"sourcesContent":["import { CredoError } from '../../../error'\nimport {\n  Ed25519PublicJwk,\n  getJwkHumanDescription,\n  P256PublicJwk,\n  P384PublicJwk,\n  P521PublicJwk,\n  Secp256k1PublicJwk,\n  X25519PublicJwk,\n} from '../../kms'\nimport { PublicJwk } from '../../kms/jwk/PublicJwk'\nimport { SECURITY_JWS_CONTEXT_URL, SECURITY_X25519_CONTEXT_URL } from '../../vc/constants'\nimport { ED25519_SUITE_CONTEXT_URL_2018 } from '../../vc/data-integrity/signature-suites/ed25519/constants'\nimport { DidDocumentBuilder } from './DidDocumentBuilder'\nimport { convertPublicKeyToX25519 } from './key-type/ed25519'\nimport { getEd25519VerificationKey2018, getJsonWebKey2020, getX25519KeyAgreementKey2019 } from './verificationMethod'\nimport type { VerificationMethod } from './verificationMethod/VerificationMethod'\n\nexport function getDidDocumentForPublicJwk(did: string, publicJwk: PublicJwk) {\n  if (publicJwk.is(Ed25519PublicJwk)) {\n    return getEd25519DidDoc(did, publicJwk as PublicJwk<Ed25519PublicJwk>)\n  }\n  if (publicJwk.is(X25519PublicJwk)) {\n    return getX25519DidDoc(did, publicJwk as PublicJwk<X25519PublicJwk>)\n  }\n  if (\n    publicJwk.is(P256PublicJwk) ||\n    publicJwk.is(P384PublicJwk) ||\n    publicJwk.is(P521PublicJwk) ||\n    publicJwk.is(Secp256k1PublicJwk)\n  ) {\n    return getJsonWebKey2020DidDocument(did, publicJwk)\n  }\n\n  throw new CredoError(`Unsupported public key type for did document: ${getJwkHumanDescription(publicJwk.toJson())}`)\n}\n\nexport function getJsonWebKey2020DidDocument(did: string, publicJwk: PublicJwk) {\n  const verificationMethod = getJsonWebKey2020({ did, publicJwk })\n\n  const didDocumentBuilder = new DidDocumentBuilder(did)\n  didDocumentBuilder.addContext(SECURITY_JWS_CONTEXT_URL).addVerificationMethod(verificationMethod)\n\n  if (\n    publicJwk.supportedSignatureAlgorithms.length === 0 &&\n    publicJwk.supportedEncryptionKeyAgreementAlgorithms.length === 0\n  ) {\n    throw new CredoError('Key must support at least signing or encrypting')\n  }\n\n  if (publicJwk.supportedSignatureAlgorithms.length > 0) {\n    didDocumentBuilder\n      .addAuthentication(verificationMethod.id)\n      .addAssertionMethod(verificationMethod.id)\n      .addCapabilityDelegation(verificationMethod.id)\n      .addCapabilityInvocation(verificationMethod.id)\n  }\n\n  if (publicJwk.supportedEncryptionKeyAgreementAlgorithms.length > 0) {\n    didDocumentBuilder.addKeyAgreement(verificationMethod.id)\n  }\n\n  return didDocumentBuilder.build()\n}\n\nfunction getEd25519DidDoc(did: string, publicJwk: PublicJwk<Ed25519PublicJwk>) {\n  const verificationMethod = getEd25519VerificationKey2018({\n    id: `${did}#${publicJwk.fingerprint}`,\n    publicJwk,\n    controller: did,\n  })\n\n  const publicKeyX25519 = convertPublicKeyToX25519(publicJwk.publicKey.publicKey)\n\n  const publicJwkX25519 = PublicJwk.fromPublicKey({\n    kty: 'OKP',\n    crv: 'X25519',\n    publicKey: publicKeyX25519,\n  })\n\n  const x25519VerificationMethod = getX25519KeyAgreementKey2019({\n    id: `${did}#${publicJwkX25519.fingerprint}`,\n    publicJwk: publicJwkX25519,\n    controller: did,\n  })\n\n  const didDocBuilder = getSignatureKeyBase({ did, publicJwk, verificationMethod })\n\n  didDocBuilder\n    .addContext(ED25519_SUITE_CONTEXT_URL_2018)\n    .addContext(SECURITY_X25519_CONTEXT_URL)\n    .addKeyAgreement(x25519VerificationMethod)\n\n  return didDocBuilder.build()\n}\n\nfunction getX25519DidDoc(did: string, publicJwk: PublicJwk<X25519PublicJwk>) {\n  const verificationMethod = getX25519KeyAgreementKey2019({\n    id: `${did}#${publicJwk.fingerprint}`,\n    publicJwk,\n    controller: did,\n  })\n\n  const document = new DidDocumentBuilder(did)\n    .addKeyAgreement(verificationMethod)\n    .addContext(SECURITY_X25519_CONTEXT_URL)\n    .build()\n\n  return document\n}\n\nfunction getSignatureKeyBase({\n  did,\n  publicJwk,\n  verificationMethod,\n}: {\n  did: string\n  publicJwk: PublicJwk\n  verificationMethod: VerificationMethod\n}) {\n  const keyId = `${did}#${publicJwk.fingerprint}`\n\n  return new DidDocumentBuilder(did)\n    .addVerificationMethod(verificationMethod)\n    .addAuthentication(keyId)\n    .addAssertionMethod(keyId)\n    .addCapabilityDelegation(keyId)\n    .addCapabilityInvocation(keyId)\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;AAkBA,SAAgB,2BAA2B,KAAa,WAAsB;AAC5E,KAAI,UAAU,GAAG,iBAAiB,CAChC,QAAO,iBAAiB,KAAK,UAAyC;AAExE,KAAI,UAAU,GAAG,gBAAgB,CAC/B,QAAO,gBAAgB,KAAK,UAAwC;AAEtE,KACE,UAAU,GAAG,cAAc,IAC3B,UAAU,GAAG,cAAc,IAC3B,UAAU,GAAG,cAAc,IAC3B,UAAU,GAAG,mBAAmB,CAEhC,QAAO,6BAA6B,KAAK,UAAU;AAGrD,OAAM,IAAI,WAAW,iDAAiD,uBAAuB,UAAU,QAAQ,CAAC,GAAG;;AAGrH,SAAgB,6BAA6B,KAAa,WAAsB;CAC9E,MAAM,qBAAqB,kBAAkB;EAAE;EAAK;EAAW,CAAC;CAEhE,MAAM,qBAAqB,IAAI,mBAAmB,IAAI;AACtD,oBAAmB,WAAW,yBAAyB,CAAC,sBAAsB,mBAAmB;AAEjG,KACE,UAAU,6BAA6B,WAAW,KAClD,UAAU,0CAA0C,WAAW,EAE/D,OAAM,IAAI,WAAW,kDAAkD;AAGzE,KAAI,UAAU,6BAA6B,SAAS,EAClD,oBACG,kBAAkB,mBAAmB,GAAG,CACxC,mBAAmB,mBAAmB,GAAG,CACzC,wBAAwB,mBAAmB,GAAG,CAC9C,wBAAwB,mBAAmB,GAAG;AAGnD,KAAI,UAAU,0CAA0C,SAAS,EAC/D,oBAAmB,gBAAgB,mBAAmB,GAAG;AAG3D,QAAO,mBAAmB,OAAO;;AAGnC,SAAS,iBAAiB,KAAa,WAAwC;CAC7E,MAAM,qBAAqB,8BAA8B;EACvD,IAAI,GAAG,IAAI,GAAG,UAAU;EACxB;EACA,YAAY;EACb,CAAC;CAEF,MAAM,kBAAkB,yBAAyB,UAAU,UAAU,UAAU;CAE/E,MAAM,kBAAkB,UAAU,cAAc;EAC9C,KAAK;EACL,KAAK;EACL,WAAW;EACZ,CAAC;CAEF,MAAM,2BAA2B,6BAA6B;EAC5D,IAAI,GAAG,IAAI,GAAG,gBAAgB;EAC9B,WAAW;EACX,YAAY;EACb,CAAC;CAEF,MAAM,gBAAgB,oBAAoB;EAAE;EAAK;EAAW;EAAoB,CAAC;AAEjF,eACG,WAAW,+BAA+B,CAC1C,WAAW,4BAA4B,CACvC,gBAAgB,yBAAyB;AAE5C,QAAO,cAAc,OAAO;;AAG9B,SAAS,gBAAgB,KAAa,WAAuC;CAC3E,MAAM,qBAAqB,6BAA6B;EACtD,IAAI,GAAG,IAAI,GAAG,UAAU;EACxB;EACA,YAAY;EACb,CAAC;AAOF,QALiB,IAAI,mBAAmB,IAAI,CACzC,gBAAgB,mBAAmB,CACnC,WAAW,4BAA4B,CACvC,OAAO;;AAKZ,SAAS,oBAAoB,EAC3B,KACA,WACA,sBAKC;CACD,MAAM,QAAQ,GAAG,IAAI,GAAG,UAAU;AAElC,QAAO,IAAI,mBAAmB,IAAI,CAC/B,sBAAsB,mBAAmB,CACzC,kBAAkB,MAAM,CACxB,mBAAmB,MAAM,CACzB,wBAAwB,MAAM,CAC9B,wBAAwB,MAAM"}