Reganerated the distribution

README.md

@@ -45,3 +45,36 @@ For more details, see:
 - [A small RDF graph](https://github.com/iherman/rdfjs-di/blob/main/examples/small.ttl) and its ["verifiable" version with embedded proof graphs](https://github.com/iherman/rdfjs-di/blob/main/examples/small_with_proofs.ttl) 
 
 (Note that the API works on an RDF Data model level, and does not include a Turtle/TriG parser or serializer; that should be done separately.)
+
+## Examples
+
+```typescript
+import * as rdf from '@rdfjs/types';
+import { KeyData, generateProofGraph, VerificationResult } from 'rdfjs-di';
+
+const dataset: rdf.DatasetCore = generateYourDataset();
+const keyPair: KeyData = generateYourWebCryptoKeyPair();
+
+// 'proof' is a separate RDF graph with the keys, metadata, and the signature
+const proof: rdf.DatasetCore = await generateProofGraph(dataset, keyPair)
+
+// You can verify the information
+const result: VerificationResult = await verifyProofGraph(dataset, proof);
+
+// If everything is fine, this should be true
+console.log(result.verified);
+
+// The proof can also be embedded into the result
+const embeddedProof: rdf.DatasetCore = await embedProofGraph(dataset, keyPair, anchorResource);
+
+// This can be verified as before
+const embeddedResult: VerificationResult = await verifyEmbeddedProofGraph(proof, anchor);
+
+// There may be several keys, in which case an array of proofs are created:
+const keypairs: KeyData[] = generateYourWebCryptoKeyPairs();
+
+// The function interfaces are all overloaded, so the call format does not really change:
+const proofs: rdf.DatasetCore[] = await generateProofGraph(dataset, keyPairs);
+
+// etc.
+```

dist/index.d.ts

@@ -12,11 +12,11 @@ export { Cryptosuites } from './lib/types';
 export { generateKey } from './lib/crypto_utils';
 /**
  * Generate a (separate) proof graph (or graphs), per the DI spec. The signature is stored in
- * multibase format, using base64url encoding. Keys are accepted, and stored in JWK format.
+ * multibase format, using base64url encoding. Keys are accepted in JWK format (and stored in JWK or in Multikey, depending on the crypto key).
  *
  * @param dataset
  * @param keyData
- * @throws - an error if there was a key issue while signing.
+ * @throws - Error if there was an issue while signing.
  * @returns
  */
 export declare function generateProofGraph(dataset: rdf.DatasetCore, keyData: Iterable<KeyData>): Promise<rdf.DatasetCore[]>;
@@ -29,7 +29,7 @@ export declare function generateProofGraph(dataset: rdf.DatasetCore, keyData: Ke
  * The following checks are made:
  *
  * 1. There should be exactly one [proof value](https://www.w3.org/TR/vc-data-integrity/#dfn-proofvalue)
- * 2. There should be exactly one [verification method](https://www.w3.org/TR/vc-data-integrity/#dfn-verificationmethod), which should be a separate resource containing the key (in JWK)
+ * 2. There should be exactly one [verification method](https://www.w3.org/TR/vc-data-integrity/#dfn-verificationmethod), which should be a separate resource containing the key (either in JWK or in Multikey)
  * 3. The key's (optional) [expiration](https://www.w3.org/TR/vc-data-integrity/#defn-proof-expires) and
  * [revocation](https://www.w3.org/TR/vc-data-integrity/#dfn-revoked) dates are checked and compared to the current time which should be "before"
  * 4. The proof's [creation date](https://www.w3.org/TR/vc-data-integrity/#dfn-created) must be before the current time
@@ -70,7 +70,7 @@ export declare function embedProofGraph(dataset: rdf.DatasetCore, keyData: KeyDa
  * The following checks are also made.
  *
  * 1. There should be exactly one [proof value](https://www.w3.org/TR/vc-data-integrity/#dfn-proofvalue)
- * 2. There should be exactly one [verification method](https://www.w3.org/TR/vc-data-integrity/#dfn-verificationmethod), which should be a separate resource containing the key (in JWK)
+ * 2. There should be exactly one [verification method](https://www.w3.org/TR/vc-data-integrity/#dfn-verificationmethod), which should be a separate resource containing the key (either in JWK or in Multikey)
  * 3. The key's (optional) [expiration](https://www.w3.org/TR/vc-data-integrity/#defn-proof-expires) and
  * [revocation](https://www.w3.org/TR/vc-data-integrity/#dfn-revoked) dates are checked and compared to the current time which should be "before"
  * 4. The proof's [creation date](https://www.w3.org/TR/vc-data-integrity/#dfn-created) must be before the current time

dist/index.js

@@ -46,7 +46,7 @@ exports.generateProofGraph = generateProofGraph;
  * The following checks are made:
  *
  * 1. There should be exactly one [proof value](https://www.w3.org/TR/vc-data-integrity/#dfn-proofvalue)
- * 2. There should be exactly one [verification method](https://www.w3.org/TR/vc-data-integrity/#dfn-verificationmethod), which should be a separate resource containing the key (in JWK)
+ * 2. There should be exactly one [verification method](https://www.w3.org/TR/vc-data-integrity/#dfn-verificationmethod), which should be a separate resource containing the key (either in JWK or in Multikey)
  * 3. The key's (optional) [expiration](https://www.w3.org/TR/vc-data-integrity/#defn-proof-expires) and
  * [revocation](https://www.w3.org/TR/vc-data-integrity/#dfn-revoked) dates are checked and compared to the current time which should be "before"
  * 4. The proof's [creation date](https://www.w3.org/TR/vc-data-integrity/#dfn-created) must be before the current time
@@ -140,7 +140,7 @@ exports.embedProofGraph = embedProofGraph;
  * The following checks are also made.
  *
  * 1. There should be exactly one [proof value](https://www.w3.org/TR/vc-data-integrity/#dfn-proofvalue)
- * 2. There should be exactly one [verification method](https://www.w3.org/TR/vc-data-integrity/#dfn-verificationmethod), which should be a separate resource containing the key (in JWK)
+ * 2. There should be exactly one [verification method](https://www.w3.org/TR/vc-data-integrity/#dfn-verificationmethod), which should be a separate resource containing the key (either in JWK or in Multikey)
  * 3. The key's (optional) [expiration](https://www.w3.org/TR/vc-data-integrity/#defn-proof-expires) and
  * [revocation](https://www.w3.org/TR/vc-data-integrity/#dfn-revoked) dates are checked and compared to the current time which should be "before"
  * 4. The proof's [creation date](https://www.w3.org/TR/vc-data-integrity/#dfn-created) must be before the current time

dist/lib/base58/baseN.d.ts

@@ -0,0 +1,21 @@
+/**
+ * BaseN-encodes a Uint8Array using the given alphabet.
+ *
+ * @param {Uint8Array} input - The bytes to encode in a Uint8Array.
+ * @param {string} alphabet - The alphabet to use for encoding.
+ * @param {number} maxline - The maximum number of encoded characters per line
+ *          to use, defaults to none.
+ *
+ * @returns {string} The baseN-encoded output string.
+ */
+export function encode(input: Uint8Array, alphabet: string, maxline: number): string;
+/**
+ * Decodes a baseN-encoded (using the given alphabet) string to a
+ * Uint8Array.
+ *
+ * @param {string} input - The baseN-encoded input string.
+ * @param {string} alphabet - The alphabet to use for decoding.
+ *
+ * @returns {Uint8Array} The decoded bytes in a Uint8Array.
+ */
+export function decode(input: string, alphabet: string): Uint8Array;

dist/lib/base58/baseN.js

@@ -0,0 +1,145 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.decode = exports.encode = void 0;
+/**
+ * Base-N/Base-X encoding/decoding functions.
+ *
+ * Original implementation from base-x:
+ * https://github.com/cryptocoinjs/base-x
+ *
+ * Which is MIT licensed:
+ *
+ * The MIT License (MIT)
+ *
+ * Copyright base-x contributors (c) 2016
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+ * DEALINGS IN THE SOFTWARE.
+ */
+// baseN alphabet indexes
+const _reverseAlphabets = {};
+/**
+ * BaseN-encodes a Uint8Array using the given alphabet.
+ *
+ * @param {Uint8Array} input - The bytes to encode in a Uint8Array.
+ * @param {string} alphabet - The alphabet to use for encoding.
+ * @param {number} maxline - The maximum number of encoded characters per line
+ *          to use, defaults to none.
+ *
+ * @returns {string} The baseN-encoded output string.
+ */
+function encode(input, alphabet, maxline) {
+    if (!(input instanceof Uint8Array)) {
+        throw new TypeError('"input" must be a Uint8Array.');
+    }
+    if (typeof alphabet !== 'string') {
+        throw new TypeError('"alphabet" must be a string.');
+    }
+    if (maxline !== undefined && typeof maxline !== 'number') {
+        throw new TypeError('"maxline" must be a number.');
+    }
+    if (input.length === 0) {
+        return '';
+    }
+    let output = '';
+    let i = 0;
+    const base = alphabet.length;
+    const first = alphabet.charAt(0);
+    const digits = [0];
+    for (i = 0; i < input.length; ++i) {
+        let carry = input[i];
+        for (let j = 0; j < digits.length; ++j) {
+            carry += digits[j] << 8;
+            digits[j] = carry % base;
+            carry = (carry / base) | 0;
+        }
+        while (carry > 0) {
+            digits.push(carry % base);
+            carry = (carry / base) | 0;
+        }
+    }
+    // deal with leading zeros
+    for (i = 0; input[i] === 0 && i < input.length - 1; ++i) {
+        output += first;
+    }
+    // convert digits to a string
+    for (i = digits.length - 1; i >= 0; --i) {
+        output += alphabet[digits[i]];
+    }
+    if (maxline) {
+        const regex = new RegExp('.{1,' + maxline + '}', 'g');
+        output = output.match(regex).join('\r\n');
+    }
+    return output;
+}
+exports.encode = encode;
+/**
+ * Decodes a baseN-encoded (using the given alphabet) string to a
+ * Uint8Array.
+ *
+ * @param {string} input - The baseN-encoded input string.
+ * @param {string} alphabet - The alphabet to use for decoding.
+ *
+ * @returns {Uint8Array} The decoded bytes in a Uint8Array.
+ */
+function decode(input, alphabet) {
+    if (typeof input !== 'string') {
+        throw new TypeError('"input" must be a string.');
+    }
+    if (typeof alphabet !== 'string') {
+        throw new TypeError('"alphabet" must be a string.');
+    }
+    if (input.length === 0) {
+        return new Uint8Array();
+    }
+    let table = _reverseAlphabets[alphabet];
+    if (!table) {
+        // compute reverse alphabet
+        table = _reverseAlphabets[alphabet] = [];
+        for (let i = 0; i < alphabet.length; ++i) {
+            table[alphabet.charCodeAt(i)] = i;
+        }
+    }
+    // remove whitespace characters
+    input = input.replace(/\s/g, '');
+    const base = alphabet.length;
+    const first = alphabet.charAt(0);
+    const bytes = [0];
+    for (let i = 0; i < input.length; i++) {
+        const value = table[input.charCodeAt(i)];
+        if (value === undefined) {
+            return;
+        }
+        let carry = value;
+        for (let j = 0; j < bytes.length; ++j) {
+            carry += bytes[j] * base;
+            bytes[j] = carry & 0xff;
+            carry >>= 8;
+        }
+        while (carry > 0) {
+            bytes.push(carry & 0xff);
+            carry >>= 8;
+        }
+    }
+    // deal with leading zeros
+    for (let k = 0; input[k] === first && k < input.length - 1; ++k) {
+        bytes.push(0);
+    }
+    return new Uint8Array(bytes.reverse());
+}
+exports.decode = decode;

dist/lib/base58/index.d.ts

@@ -0,0 +1,2 @@
+export function encode(input: any, maxline: any): string;
+export function decode(input: any): Uint8Array;

dist/lib/base58/index.js

@@ -0,0 +1,17 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.decode = exports.encode = void 0;
+/*!
+ * Copyright (c) 2019-2022 Digital Bazaar, Inc. All rights reserved.
+ */
+const baseN_js_1 = require("./baseN.js");
+// base58 characters (Bitcoin alphabet)
+const alphabet = '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz';
+function encode(input, maxline) {
+    return (0, baseN_js_1.encode)(input, alphabet, maxline);
+}
+exports.encode = encode;
+function decode(input) {
+    return (0, baseN_js_1.decode)(input, alphabet);
+}
+exports.decode = decode;

dist/lib/crypto_utils.d.ts

@@ -19,13 +19,31 @@ export type Crv = "P-256" | "P-384" | "P-521";
 /** JWK values for the hash methods that are relevant for this package */
 export type Hsh = "SHA-256" | "SHA-384" | "SHA-512";
 /** JWK values for the key types that are relevant for this package */
-export type Kty = "EC" | "RSA";
+export type Kty = "EC" | "RSA" | "OKP";
+/**
+ * Interface to the Web Crypto information that has to be provided for the
+ * creation of some RSA encryption keys.
+ */
+interface WebCryptoAPIData {
+    name: string;
+    hash?: Hsh;
+    saltLength?: number;
+    namedCurve?: Crv;
+}
 /** Information that may be used when generating new keys */
 export interface KeyDetails {
     namedCurve?: Crv;
     hash?: Hsh;
     modulusLength?: number;
 }
+/**
+ * Mapping of the JWK instance and the corresponding terms for the WebCrypto API.
+ *
+ * @param report
+ * @param key
+ * @returns
+ */
+export declare function algorithmData(report: Errors, key: JsonWebKey): WebCryptoAPIData | null;
 /***********************************************************************************
  *
  * The externally visible API entries
@@ -73,3 +91,4 @@ export declare function cryptosuiteId(report: Errors, keyPair: KeyPair): Cryptos
  * @returns
  */
 export declare function generateKey(suite: Cryptosuites, metadata?: KeyMetadata, keyData?: KeyDetails): Promise<KeyData>;
+export {};

dist/lib/crypto_utils.js

@@ -13,7 +13,7 @@
  * @packageDocumentation
  */
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.generateKey = exports.cryptosuiteId = exports.verify = exports.sign = void 0;
+exports.generateKey = exports.cryptosuiteId = exports.verify = exports.sign = exports.algorithmData = void 0;
 const types = require("./types");
 const types_1 = require("./types");
 /***********************************************************************************
@@ -39,7 +39,7 @@ const RsaAlgs = {
     "RS512": { name: 'RSASSA-PKCS1-v1_5', hash: 'SHA-512' },
 };
 /**
- * Mapping of the JWK instance and the corresponding terms for the WebCrypto API
+ * Mapping of the JWK instance and the corresponding terms for the WebCrypto API.
  *
  * @param report
  * @param key
@@ -56,16 +56,22 @@ function algorithmData(report, key) {
                 return null;
             }
         }
-        case "EC":
-        default: {
+        case "EC": {
             return {
                 name: "ECDSA",
                 namedCurve: key.crv,
-                hash: DEFAULT_HASH
+                hash: key.crv === "P-256" ? "SHA-256" : "SHA-384",
+            };
+        }
+        case "OKP":
+        default: {
+            return {
+                name: "Ed25519"
             };
         }
     }
 }
+exports.algorithmData = algorithmData;
 /**
  * Export a WebCrypto crypto key pair into their JWK equivalent.
  *
@@ -228,6 +234,7 @@ function cryptosuiteId(report, keyPair) {
     else {
         switch (alg.name) {
             case "ECDSA": return types_1.Cryptosuites.ecdsa;
+            case "Ed25519": return types_1.Cryptosuites.eddsa;
             case "RSA-PSS": return types_1.Cryptosuites.rsa_pss;
             case "RSASSA-PKCS1-v1_5": return types_1.Cryptosuites.rsa_ssa;
             default: {
@@ -255,6 +262,9 @@ async function generateKey(suite, metadata, keyData) {
                 name: "ECDSA",
                 namedCurve: keyData?.namedCurve || DEFAULT_CURVE,
             };
+            case types_1.Cryptosuites.eddsa: return {
+                name: "Ed25519"
+            };
             case types_1.Cryptosuites.rsa_pss: return {
                 name: "RSA-PSS",
                 modulusLength: keyData?.modulusLength || DEFAULT_MODUS_LENGTH,