@storacha/encrypt-upload-client/dist/types.d.ts

Client for upload and download encrypted files

import { Wallet } from 'ethers';
import { UnknownLink } from 'multiformats';
import { Client as StorachaClient } from '@storacha/client';
import { Result, Failure, Block, Proof } from '@ucanto/interface';
import { AccessControlConditions, AuthMethod, AuthSig, SessionSigsMap } from '@lit-protocol/types';
import type { BlobLike, AnyLink, Signer, DID, SigAlg, UploadOptions } from '@storacha/client/types';
export type { IPLDBlock } from '@ucanto/interface';
export type { SpaceDID } from '@storacha/capabilities/types';
export type { UnknownFormat } from '@storacha/capabilities/types';
export type { Result, UnknownLink };
export type { BlobLike, AnyLink };
export type { UploadOptions } from '@storacha/client/types';
import type { SpaceDID } from '@storacha/capabilities/types';
export interface FileMetadata {
    name: string;
    type: string;
    extension: string;
    metadata?: Record<string, unknown>;
}
export interface DecryptionResult {
    stream: ReadableStream;
    fileMetadata?: FileMetadata;
}
export interface EncryptedClient {
    encryptAndUploadFile(file: BlobLike, config: EncryptionConfig, uploadOptions?: UploadOptions): Promise<AnyLink>;
    retrieveAndDecryptFile(cid: AnyLink, decryptionConfig: DecryptionConfig): Promise<DecryptionResult>;
}
export type EncryptedClientOptions = {
    storachaClient: StorachaClient;
    cryptoAdapter: CryptoAdapter;
    gatewayURL?: URL;
};
export interface EncryptOutput {
    key: Uint8Array;
    iv: Uint8Array;
    encryptedStream: ReadableStream;
}
export interface SymmetricCrypto {
    encryptStream(data: BlobLike): Promise<EncryptOutput>;
    decryptStream(encryptedData: ReadableStream, key: Uint8Array, iv: Uint8Array): Promise<ReadableStream>;
    combineKeyAndIV(key: Uint8Array, iv: Uint8Array): Uint8Array;
    splitKeyAndIV(combined: Uint8Array): {
        key: Uint8Array;
        iv: Uint8Array;
    };
}
export interface CryptoAdapter {
    encryptStream(data: BlobLike): Promise<EncryptOutput>;
    decryptStream(encryptedData: ReadableStream, key: Uint8Array, iv: Uint8Array): Promise<ReadableStream>;
    encryptSymmetricKey(key: Uint8Array, iv: Uint8Array, encryptionConfig: EncryptionConfig): Promise<EncryptedKeyResult>;
    decryptSymmetricKey(encryptedKey: string, configs: {
        decryptionConfig: DecryptionConfig;
        metadata: ExtractedMetadata;
        resourceCID: AnyLink;
        issuer: Signer<DID, SigAlg>;
        audience: DID;
    }): Promise<{
        key: Uint8Array;
        iv: Uint8Array;
    }>;
    extractEncryptedMetadata(car: Uint8Array): ExtractedMetadata;
    getEncryptedKey(metadata: ExtractedMetadata): string;
    encodeMetadata(encryptedDataCID: string, encryptedKey: string, metadata: LitKeyMetadata | KMSKeyMetadata): Promise<{
        cid: AnyLink;
        bytes: Uint8Array;
    }>;
}
export interface EncryptionConfig {
    /**
     * The issuer of the encryption request
     */
    issuer: Signer<DID, SigAlg>;
    /**
     * The DID of the space to encrypt the file for
     */
    spaceDID: SpaceDID;
    /**
     * Proofs to access the space
     */
    proofs?: Proof[];
    /**
     * The location of the KMS key to use for encryption
     */
    location?: string;
    /**
     * The keyring of the KMS key to use for encryption
     */
    keyring?: string;
    /**
     * File metadata to embed in encrypted file
     */
    fileMetadata?: FileMetadata;
}
export interface DecryptionConfig {
    decryptDelegation: Proof;
    spaceDID: SpaceDID;
    /**
     * Proofs to access the space
     */
    proofs?: Proof[];
    wallet?: Wallet;
    sessionSigs?: SessionSigsMap;
    pkpPublicKey?: string;
    authMethod?: AuthMethod;
}
export interface EncryptedKeyResult {
    strategy: EncryptionStrategy;
    encryptedKey: string;
    metadata: LitKeyMetadata | KMSKeyMetadata;
}
export type EncryptionStrategy = 'lit' | 'kms';
export interface LitKeyMetadata {
    plaintextKeyHash: string;
    accessControlConditions: AccessControlConditions;
}
export interface KMSKeyMetadata {
    space: SpaceDID;
    kms: {
        provider: string;
        keyId: string;
        algorithm: string;
    };
}
export type EncryptionPayload = {
    strategy: EncryptionStrategy;
    encryptedKey: string;
    metadata: LitKeyMetadata | KMSKeyMetadata;
    encryptedBlobLike: BlobLike;
};
export type GenericAccessControlCondition = [Record<string, any>];
export interface LitMetadataInput {
    encryptedDataCID: string;
    identityBoundCiphertext: string;
    plaintextKeyHash: string;
    accessControlConditions: AccessControlConditions;
}
export interface LitMetadata {
    encryptedDataCID: UnknownLink;
    identityBoundCiphertext: Uint8Array;
    plaintextKeyHash: Uint8Array;
    accessControlConditions: AccessControlConditions;
}
export interface LitMetadataView extends LitMetadata {
    /** Encode it to a CAR file. */
    archiveBlock(): Promise<Block>;
    toJSON(): LitMetadataInput;
}
export interface KMSMetadata {
    encryptedDataCID: UnknownLink;
    encryptedSymmetricKey: string;
    space: SpaceDID;
    kms: {
        provider: string;
        keyId: string;
        algorithm: string;
    };
}
export interface KMSMetadataInput {
    encryptedDataCID: string;
    encryptedSymmetricKey: string;
    space: string;
    kms: {
        provider: string;
        keyId: string;
        algorithm: string;
    };
}
export interface KMSMetadataView extends KMSMetadata {
    /** Encode it to a CAR file. */
    archiveBlock(): Promise<Block>;
    toJSON(): KMSMetadataInput;
}
export interface DecodeFailure extends Failure {
    name: 'DecodeFailure';
}
export interface SessionSignatureOptions {
    wallet: Wallet;
    accessControlConditions: AccessControlConditions;
    dataToEncryptHash: string;
    expiration?: string;
    capabilityAuthSigs?: AuthSig[];
}
export interface PkpSessionSignatureOptions {
    pkpPublicKey: string;
    authMethod: AuthMethod;
    accessControlConditions: AccessControlConditions;
    dataToEncryptHash: string;
    expiration?: string;
    capabilityAuthSigs?: AuthSig[];
}
export interface LitPkpSigner {
    pkpPublicKey: string;
    authMethod: AuthMethod;
}
export interface LitWalletSigner {
    wallet: Wallet;
}
export interface CreateDecryptWrappedInvocationOptions {
    decryptDelegation: Proof;
    issuer: Signer<DID, SigAlg>;
    audience: `did:${string}:${string}`;
    spaceDID: `did:key:${string}`;
    resourceCID: AnyLink;
    expiration: number;
}
export interface ExecuteUcanValidationOptions {
    sessionSigs: SessionSigsMap;
    spaceDID: `did:key:${string}`;
    identityBoundCiphertext: string;
    plaintextKeyHash: string;
    accessControlConditions: AccessControlConditions;
    wrappedInvocationJSON: string;
}
export type ExtractedMetadata = LitExtractedMetadata | KMSExtractedMetadata;
export interface LitExtractedMetadata {
    strategy: 'lit';
    encryptedDataCID: string;
    identityBoundCiphertext: string;
    plaintextKeyHash: string;
    accessControlConditions: AccessControlConditions;
}
export interface KMSExtractedMetadata {
    strategy: 'kms';
    encryptedDataCID: string;
    encryptedSymmetricKey: string;
    space: SpaceDID;
    kms: {
        provider: string;
        keyId: string;
        algorithm: string;
    };
}
//# sourceMappingURL=types.d.ts.map