"use strict";
/** @module client/rpc */
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
}) : (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
o[k2] = m[k];
}));
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
Object.defineProperty(o, "default", { enumerable: true, value: v });
}) : function(o, v) {
o["default"] = v;
});
var __importStar = (this && this.__importStar) || function (mod) {
if (mod && mod.__esModule) return mod;
var result = {};
if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
__setModuleDefault(result, mod);
return result;
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.SecretStoreRpcApiClient = void 0;
const ethers = __importStar(require("ethers"));
const utils = __importStar(require("../utils"));
/**
* @description Client for OpenEthereum's [secretstore]{@link https://openethereum.github.io/wiki/JSONRPC-secretstore-module} RPC API module.
* Should be used to communicate with a local node. Uses [ethers.js]{@link https://github.com/ethers-io/ethers.js/} providers.
*
* @memberof module:client/rpc
* @class
*/
class SecretStoreRpcApiClient {
/**
* @param {String | ethers.providers.JsonRpcProvider} ssLocalAPIEndpoint The RPC endpoint of an OpenEthereum client.
* This should be a local node for trust reasons.
*/
constructor(ssLocalAPIEndpoint) {
if (!ssLocalAPIEndpoint) {
throw new Error(`Secret Store RPC module endpoint URL was not given`);
}
if (typeof ssLocalAPIEndpoint === 'string' || ssLocalAPIEndpoint instanceof String) {
this.provider = new ethers.providers.JsonRpcProvider(ssLocalAPIEndpoint);
return;
}
this.provider = ssLocalAPIEndpoint;
}
async _send(method, ...params) {
const res = await this.provider.send(method, params);
if (res.error) {
throw new Error(res.error);
}
return res;
}
/**
* @description Computes recoverable ECDSA signatures.
*
* Typically used for signatures of server key ID and signatures of nodes-set hash in the Secret Store.
*
* @param {string} account The address of a SecretStore user.
* @param {string} pwd The password of the SecretStore user for the account given.
* @param {string} rawhash A 256-bit hash to be signed as a hex string (with or without 0x prefix), e.g.: server key id or nodes-set hash.
* @returns {Promise<string>} The signed hash.
*/
async signRawHash(account, pwd, rawhash) {
return this._send('secretstore_signRawHash', account, pwd, utils.ensure0x(rawhash));
}
/**
* @description Securely generates a document key locally in a way that it remains unknown to all key servers.
*
* @param {string} account The address of a SecretStore user.
* @param {string} pwd The password of the SecretStore user for the account given.
* @param {string} serverKey The server key, returned by a [server key generating session]{@link https://openethereum.github.io/wiki/Secret-Store#server-key-generation-session}.
* @returns {Promise<ExternallyEncryptedDocumentKey>} The generated document key encrypted with the server key.
*/
async generateDocumentKey(account, pwd, serverKey) {
return this._send('secretstore_generateDocumentKey', account, pwd, utils.ensure0x(serverKey));
}
/**
* @description You can use it to encrypt a small document.
*
* An encryption key is needed, typically obtained from the store by running
* a [document key retrieval session]{@link https://openethereum.github.io/wiki/Secret-Store#document-key-retrieval-session} or
* a [server- and document key generation session]{@link https://openethereum.github.io/wiki/Secret-Store#server-and-document-key-generation-session}.
*
* @param {string} account The address of a SecretStore user.
* @param {string} pwd The password of the SecretStore user for the account given.
* @param {string} hexDocument Hex encoded document data.
* @param {string} encryptedDocumentKey Document key encrypted with requester's public key, as a hex string.
* @returns {Promise<string>} The encrypted secret document as a hex encoded string.
*/
async encrypt(account, pwd, hexDocument, encryptedDocumentKey) {
return this._send('secretstore_encrypt', account, pwd, utils.ensure0x(encryptedDocumentKey), utils.ensure0x(hexDocument));
}
/**
* @description This method can be used to decrypt a document, encrypted by
* the [encrypt()]{@link SecretStoreRpcApiClient#encrypt} method before.
*
* @param {string} account The address of a SecretStore user.
* @param {string} pwd The password of the SecretStore user for the account given.
* @param {string} encryptedDocument The encrypted document data, returned by "encrypt" as hex string.
* @param {string} encryptedDocumentKey The document key encrypted with requester’s public key, as hex string.
* @returns {Promise<string>} The decrypted secret document.
*/
async decrypt(account, pwd, encryptedDocument, encryptedDocumentKey) {
return this._send('secretstore_decrypt', account, pwd, utils.ensure0x(encryptedDocumentKey), utils.ensure0x(encryptedDocument));
}
/**
* @description This method can be used to decrypt a document, encrypted by
* the [encrypt()]{@link SecretStoreRpcApiClient#encrypt} method before.
*
* Document key can be obtained by
* a [document key shadow retrieval session]{@link https://openethereum.github.io/wiki/Secret-Store#document-key-shadow-retrieval-session}.
*
* @param {string} account The address of a SecretStore user.
* @param {string} pwd The password of the SecretStore user for the account given.
* @param {string} encryptedDocument Encrypted document data, hex encoded, returned by [encrypt()]{@link SecretStoreRpcApiClient#encrypt}.
* @param {string | DocumentKeyPortions} decryptedSecretOrDocumentKeyPortions The hex-encoded decrypted secret string
* or document portions object of an encrypted document key.
* @param {string} commonPoint The hex-encoded common point portion of an encrypted document key.
* @param {string[]} decryptShadows The hex-encoded encrypted point portions of an encrypted document key.
* @returns {Promise<string>} The decrypted secret document.
*/
async shadowDecrypt(account, pwd, encryptedDocument, decryptedSecretOrDocumentKeyPortions, commonPoint, decryptShadows) {
if (!decryptedSecretOrDocumentKeyPortions) {
throw new Error('Document key portions were not supplied');
}
if (typeof decryptedSecretOrDocumentKeyPortions === 'string' ||
decryptedSecretOrDocumentKeyPortions instanceof String) {
if (!commonPoint || !decryptShadows || decryptShadows.length === 0) {
throw new Error(`Not enough document key portions were supplied (${decryptedSecretOrDocumentKeyPortions},${commonPoint},${decryptShadows})`);
}
return this._send('secretstore_shadowDecrypt', account, pwd, utils.ensure0x(decryptedSecretOrDocumentKeyPortions), utils.ensure0x(commonPoint), decryptShadows, utils.ensure0x(encryptedDocument));
}
return this._send('secretstore_shadowDecrypt', account, pwd, utils.ensure0x(decryptedSecretOrDocumentKeyPortions.decrypted_secret), utils.ensure0x(decryptedSecretOrDocumentKeyPortions.common_point), decryptedSecretOrDocumentKeyPortions.decrypt_shadows, utils.ensure0x(encryptedDocument));
}
/**
* @description Computes the hash of node ids, required to compute a node-set signature for manual
* [nodes set change session]{@link https://openethereum.github.io/wiki/Secret-Store-Configuration#changing-the-configuration-of-a-set-of-servers}.
*
* @param {string[]} nodeIDs List of hex-encoded node ID’s (public keys, enode addresses).
* @returns {Promise<string>} The hash as a hex string.
*/
async serversSetHash(nodeIDs) {
return this._send('secretstore_serversSetHash', nodeIDs);
}
}
exports.SecretStoreRpcApiClient = SecretStoreRpcApiClient;
//# sourceMappingURL=rpc.js.map