Class: Kms ​
Defined in: kms.ts:31
Key Management System for the did:btcr2 DID method.
Implements the KeyManager interface with a pluggable KeyValueStore (defaults to MemoryStore).
Supports both signing (secret key present) and watch-only (public-key-only) key entries, and both Schnorr and ECDSA signature schemes.
Implements ​
Constructors ​
Constructor ​
new Kms(
store?):Kms
Defined in: kms.ts:41
Create a new KMS instance.
Parameters ​
store? ​
KeyValueStore<string, KeyEntry>
Optional key-value store. Defaults to in-memory store if not provided.
Returns ​
Kms
Accessors ​
activeKeyId ​
Get Signature ​
get activeKeyId():
string|undefined
Defined in: kms.ts:50
Get the active key identifier.
Returns ​
string | undefined
The active key identifier, or undefined if none is set.
The ID of the active key.
Implementation of ​
Methods ​
digest() ​
digest(
data):Bytes
Defined in: kms.ts:226
Compute the SHA-256 digest of the given data.
Parameters ​
data ​
Uint8Array
The data to digest.
Returns ​
The SHA-256 hash of the data.
Implementation of ​
exportKey() ​
exportKey(
id):SchnorrKeyPair
Defined in: kms.ts:265
Export the key pair for a stored key.
Only available on the concrete Kms class, not on the KeyManager interface. HSM or hardware-backed implementations may not support key export.
Parameters ​
id ​
string
The key identifier to export.
Returns ​
The reconstructed SchnorrKeyPair.
generateKey() ​
generateKey(
options?):string
Defined in: kms.ts:236
Generate a new secp256k1 key pair and store it in the KMS.
Parameters ​
options? ​
GenerateKeyOptions = {}
Generation options (tags, setActive).
Returns ​
string
The identifier of the generated key.
Implementation of ​
getPublicKey() ​
getPublicKey(
id?):Bytes
Defined in: kms.ts:107
Get the compressed public key bytes for a key.
Parameters ​
id? ​
string
Key identifier. Uses active key if omitted.
Returns ​
Compressed secp256k1 public key bytes.
Throws ​
If key not found or no active key set.
Implementation of ​
importKey() ​
importKey(
keyPair,options?):string
Defined in: kms.ts:154
Import a key pair into the KMS.
Parameters ​
keyPair ​
The key pair to import.
options? ​
ImportKeyOptions = {}
Import options (id, tags, setActive).
Returns ​
string
The identifier of the imported key.
Throws ​
If a key with the same identifier already exists.
Implementation of ​
listKeys() ​
listKeys():
string[]
Defined in: kms.ts:216
List all key identifiers in the KMS.
Returns ​
string[]
Array of key identifiers.
Implementation of ​
removeKey() ​
removeKey(
id,options?):void
Defined in: kms.ts:192
Remove a key from the KMS.
Parameters ​
id ​
string
The key identifier to remove.
options? ​
Removal options.
force? ​
boolean
Force removal of active key.
Returns ​
void
Throws ​
If key not found or attempting to remove active key without force.
Implementation of ​
setActiveKey() ​
setActiveKey(
id):void
Defined in: kms.ts:95
Set the active key.
Parameters ​
id ​
string
The key identifier to set as active.
Returns ​
void
Throws ​
If the key is not found.
Implementation of ​
sign() ​
sign(
data,id?,options?):Bytes
Defined in: kms.ts:120
Sign data using the specified key.
Parameters ​
data ​
The data to sign.
id? ​
string
Key identifier. Uses active key if omitted.
options? ​
SignOptions = {}
Signing options (scheme defaults to 'schnorr').
Returns ​
The signature bytes.
Throws ​
If key not found, no active key, or key cannot sign.
Implementation of ​
verify() ​
verify(
signature,data,id?,options?):boolean
Defined in: kms.ts:140
Verify a signature using the specified key.
Parameters ​
signature ​
The signature bytes to verify.
data ​
The data that was signed.
id? ​
string
Key identifier. Uses active key if omitted.
options? ​
SignOptions = {}
Verification options (scheme defaults to 'schnorr').
Returns ​
boolean
True if the signature is valid, false otherwise.
Throws ​
If key not found or no active key set.