jeffemmett
/
rswag-online
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
rswag-online/frontend/vendor/@encryptid/sdk/client/key-derivation.d.ts

52 lines
2.3 KiB
TypeScript
Raw Permalink Blame History

/**
* EncryptID Key Derivation Module
*
* Derives application-specific cryptographic keys from WebAuthn PRF output
* or passphrase fallback. Layer 2 of the EncryptID architecture.
*/
import type { DerivedKeys, EncryptedData, SignedData } from '../types/index.js';
export type { DerivedKeys, EncryptedData, SignedData };
export declare class EncryptIDKeyManager {
private masterKey;
private derivedKeys;
private fromPRF;
initFromPRF(prfOutput: ArrayBuffer): Promise<void>;
initFromPassphrase(passphrase: string, salt: Uint8Array): Promise<void>;
static generateSalt(): Uint8Array;
isInitialized(): boolean;
getKeys(): Promise<DerivedKeys>;
private deriveEncryptionKey;
private deriveSigningKeyPair;
/**
* Derive deterministic secp256k1 keys from the master key via HKDF.
* This gives every EncryptID identity an Ethereum-compatible wallet address,
* enabling them to act as Gnosis Safe owners for multi-sig approvals.
*/
private deriveEthereumKeys;
private deriveDIDSeed;
private generateDID;
clear(): void;
}
export declare function encryptData(key: CryptoKey, data: ArrayBuffer | Uint8Array | string): Promise<EncryptedData>;
export declare function decryptData(key: CryptoKey, encrypted: EncryptedData): Promise<ArrayBuffer>;
export declare function decryptDataAsString(key: CryptoKey, encrypted: EncryptedData): Promise<string>;
export declare function signData(keyPair: CryptoKeyPair, data: ArrayBuffer | Uint8Array | string): Promise<SignedData>;
export declare function verifySignature(signed: SignedData): Promise<boolean>;
export declare function wrapKeyForRecipient(keyToWrap: CryptoKey, recipientPublicKey: CryptoKey): Promise<ArrayBuffer>;
export declare function unwrapSharedKey(wrappedKey: ArrayBuffer, privateKey: CryptoKey): Promise<CryptoKey>;
/**
* Sign an Ethereum-compatible message hash with a secp256k1 private key.
* Returns { r, s, v } components for Safe transaction signing.
*
* @param hash - 32-byte message hash (e.g. keccak256 of the message)
* @param privateKey - 32-byte secp256k1 private key
*/
export declare function signEthHash(hash: Uint8Array, privateKey: Uint8Array): {
r: string;
s: string;
v: number;
signature: Uint8Array;
};
export declare function getKeyManager(): EncryptIDKeyManager;
export declare function resetKeyManager(): void;
Reference in New Issue View Git Blame Copy Permalink