1id 0.5.0 → 0.8.0

package/dist/index.js

@@ -16,17 +16,28 @@
  * The SDK auto-detects your hardware (TPM, YubiKey, Secure Enclave)
  * and enrolls at the highest available trust tier.
  */
-import { clear_cached_token, get_token, authenticate_with_tpm } from "./auth.js";
-import { credentials_exist, load_credentials, save_credentials } from "./credentials.js";
+import { clear_cached_token, get_token, authenticate_with_tpm, authenticate_with_piv } from "./auth.js";
+import { credentials_exist, load_credentials } from "./credentials.js";
 import { enroll } from "./enroll.js";
 import { sign_challenge_with_private_key } from "./keys.js";
 import { DEFAULT_KEY_ALGORITHM, HSMType, KeyAlgorithm, TrustTier, this_token_has_not_yet_expired, format_authorization_header_value, format_identity_as_display_string, } from "./identity.js";
+import { fetch_world_status_from_server, invalidate_world_cache, } from "./world.js";
+import { listDevices, lockHardware, registerOperatorEmail, } from "./devices.js";
+import { signChallenge, verifyPeerIdentity, PeerVerificationError, CertificateChainValidationError, SignatureVerificationError, MissingIdentityCertificateError, } from "./verify.js";
+import { refresh_trust_roots, get_trust_roots } from "./trustRoots.js";
+import { generateConsentToken, listCredentialPointers, setCredentialPointerVisibility, removeCredentialPointer, } from "./credentialPointers.js";
 // Re-export all exception classes
-export { OneIDError, EnrollmentError, NoHSMError, UACDeniedError, HSMAccessError, TPMSetupRequiredError, AlreadyEnrolledError, HandleTakenError, HandleInvalidError, HandleRetiredError, AuthenticationError, NetworkError, NotEnrolledError, BinaryNotFoundError, RateLimitExceededError, } from "./exceptions.js";
+export { OneIDError, EnrollmentError, NoHSMError, UACDeniedError, HSMAccessError, TPMSetupRequiredError, AlreadyEnrolledError, HandleTakenError, HandleInvalidError, HandleRetiredError, AuthenticationError, HardwareDeviceNotPresentError, NetworkError, NotEnrolledError, BinaryNotFoundError, RateLimitExceededError, } from "./exceptions.js";
 // Re-export types and enums
 export { TrustTier, KeyAlgorithm, HSMType, DEFAULT_KEY_ALGORITHM, this_token_has_not_yet_expired, format_authorization_header_value, format_identity_as_display_string, };
+// Re-export world/status types
+export { invalidate_world_cache, };
+// Re-export peer verification types and functions
+export { signChallenge, verifyPeerIdentity, refresh_trust_roots, get_trust_roots, PeerVerificationError, CertificateChainValidationError, SignatureVerificationError, MissingIdentityCertificateError, };
+// Re-export credential pointer functions and types
+export { generateConsentToken, listCredentialPointers, setCredentialPointerVisibility, removeCredentialPointer, };
 /** SDK version string. */
-export const VERSION = "0.5.0";
+export const VERSION = "0.8.0";
 /**
  * Check the current enrolled identity.
  *
@@ -94,11 +105,24 @@ export function whoami() {
  *
  * If you've already enrolled, returns your existing identity instantly
  * (no network call). If not, enrolls at the best available trust tier.
+ *
+ * Pass get_only: true when you want to recover context without risking
+ * a new enrollment. This is useful for agents resuming after a restart:
+ *   const id = await oneid.getOrCreateIdentity({ get_only: true });
+ *
+ * @throws NotEnrolledError if get_only is true and no credentials exist.
  */
 export async function getOrCreateIdentity(options) {
     if (credentials_exist()) {
         return whoami();
     }
+    if (options?.get_only) {
+        const { NotEnrolledError: NotEnrolled } = await import("./exceptions.js");
+        throw new NotEnrolled("No 1ID identity found on this machine. " +
+            "You passed get_only: true, so no new enrollment was attempted. " +
+            "Call getOrCreateIdentity() without get_only to enroll, " +
+            "or call enroll() directly.");
+    }
     return enroll({
         display_name: options?.display_name ?? null,
         operator_email: options?.operator_email ?? null,
@@ -106,6 +130,23 @@ export async function getOrCreateIdentity(options) {
         api_base_url: options?.api_base_url,
     });
 }
+/**
+ * Get the full picture of your 1ID identity and connected services.
+ *
+ * Calls the server's world endpoint with your Bearer token and returns
+ * everything: identity, devices, connected services, available services,
+ * and operator guidance.
+ *
+ * Results are cached for 5 minutes. Call invalidate_world_cache() to force a fresh fetch.
+ *
+ * @returns WorldStatus with complete identity state.
+ * @throws NotEnrolledError if no credentials exist.
+ * @throws NetworkError if the server cannot be reached.
+ * @throws AuthenticationError if the token is invalid or expired.
+ */
+export async function status() {
+    return fetch_world_status_from_server();
+}
 /**
  * Force-refresh the cached OAuth2 token.
  *
@@ -133,41 +174,35 @@ export async function setup_tbs() {
     const result = await setup_tbs_for_non_admin_tpm_access();
     return result.ok ?? false;
 }
-/**
- * Record the user's privacy consent choice in the credentials file.
- *
- * After the calling application shows a privacy warning and the user
- * consents, call this to persist their preferred attestation mode.
- *
- * @param mode The user's chosen attestation mode: 'sd-jwt' or 'direct'.
- * @throws NotEnrolledError if no credentials file exists yet.
- * @throws Error if mode is not 'sd-jwt' or 'direct'.
- */
-export function record_privacy_consent(mode = "sd-jwt") {
-    if (mode !== "sd-jwt" && mode !== "direct") {
-        throw new Error(`Invalid attestation mode '${mode}'. Must be 'sd-jwt' or 'direct'.`);
-    }
-    const creds = load_credentials();
-    creds.privacy_consent_given_at = new Date().toISOString();
-    creds.default_attestation_mode = mode;
-    save_credentials(creds);
-}
 // Re-export core functions
-export { enroll, get_token as getToken, get_token, clear_cached_token, authenticate_with_tpm, credentials_exist, sign_challenge_with_private_key, };
+export { enroll, get_token as getToken, get_token, clear_cached_token, authenticate_with_tpm, authenticate_with_piv, credentials_exist, sign_challenge_with_private_key, listDevices, lockHardware, registerOperatorEmail, };
 const oneid = {
     enroll,
     getOrCreateIdentity,
+    status,
     getToken: get_token,
     get_token,
     whoami,
     refresh,
     setup_tbs,
-    record_privacy_consent,
     credentials_exist,
     authenticate_with_tpm,
+    authenticate_with_piv,
     sign_challenge_with_private_key,
     clear_cached_token,
     format_identity_as_display_string,
+    invalidate_world_cache,
+    listDevices,
+    lockHardware,
+    registerOperatorEmail,
+    signChallenge,
+    verifyPeerIdentity,
+    refresh_trust_roots,
+    get_trust_roots,
+    generateConsentToken,
+    listCredentialPointers,
+    setCredentialPointerVisibility,
+    removeCredentialPointer,
     VERSION,
     TrustTier,
     KeyAlgorithm,

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,EAAE,kBAAkB,EAAE,SAAS,EAAE,qBAAqB,EAAE,MAAM,WAAW,CAAC;AACjF,OAAO,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AACzF,OAAO,EAAE,MAAM,EAAsB,MAAM,aAAa,CAAC;AACzD,OAAO,EAAE,+BAA+B,EAAE,MAAM,WAAW,CAAC;AAC5D,OAAO,EACL,qBAAqB,EACrB,OAAO,EAEP,YAAY,EAEZ,SAAS,EACT,8BAA8B,EAC9B,iCAAiC,EACjC,iCAAiC,GAClC,MAAM,eAAe,CAAC;AAEvB,kCAAkC;AAClC,OAAO,EACL,UAAU,EACV,eAAe,EACf,UAAU,EACV,cAAc,EACd,cAAc,EACd,qBAAqB,EACrB,oBAAoB,EACpB,gBAAgB,EAChB,kBAAkB,EAClB,kBAAkB,EAClB,mBAAmB,EACnB,YAAY,EACZ,gBAAgB,EAChB,mBAAmB,EACnB,sBAAsB,GACvB,MAAM,iBAAiB,CAAC;AAEzB,4BAA4B;AAC5B,OAAO,EACL,SAAS,EACT,YAAY,EACZ,OAAO,EACP,qBAAqB,EAIrB,8BAA8B,EAC9B,iCAAiC,EACjC,iCAAiC,GAClC,CAAC;AAEF,0BAA0B;AAC1B,MAAM,CAAC,MAAM,OAAO,GAAG,OAAO,CAAC;AAE/B;;;;;;;GAOG;AACH,MAAM,UAAU,MAAM;IACpB,MAAM,KAAK,GAAG,gBAAgB,EAAE,CAAC;IAEjC,qBAAqB;IACrB,IAAI,UAAqB,CAAC;IAC1B,MAAM,WAAW,GAAG,MAAM,CAAC,MAAM,CAAC,SAAS,CAAa,CAAC;IACzD,IAAI,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC;QAC3C,UAAU,GAAG,KAAK,CAAC,UAAuB,CAAC;IAC7C,CAAC;SAAM,CAAC;QACN,UAAU,GAAG,SAAS,CAAC,QAAQ,CAAC;IAClC,CAAC;IAED,wBAAwB;IACxB,IAAI,aAA2B,CAAC;IAChC,MAAM,gBAAgB,GAAG,MAAM,CAAC,MAAM,CAAC,YAAY,CAAa,CAAC;IACjE,IAAI,gBAAgB,CAAC,QAAQ,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,CAAC;QACnD,aAAa,GAAG,KAAK,CAAC,aAA6B,CAAC;IACtD,CAAC;SAAM,CAAC;QACN,aAAa,GAAG,qBAAqB,CAAC;IACxC,CAAC;IAED,oBAAoB;IACpB,IAAI,WAAiB,CAAC;IACtB,IAAI,CAAC;QACH,WAAW,GAAG,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC;IAC7E,CAAC;IAAC,MAAM,CAAC;QACP,WAAW,GAAG,IAAI,IAAI,EAAE,CAAC;IAC3B,CAAC;IAED,MAAM,WAAW,GAAG,KAAK,CAAC,SAAS,CAAC;IACpC,MAAM,MAAM,GAAG,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,WAAW,EAAE,CAAC;IAE7E,sCAAsC;IACtC,IAAI,QAAQ,GAAmB,IAAI,CAAC;IACpC,IAAI,KAAK,CAAC,eAAe,IAAI,IAAI,EAAE,CAAC;QAClC,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;IAC9B,CAAC;SAAM,IAAI,KAAK,CAAC,iBAAiB,IAAI,IAAI,EAAE,CAAC;QAC3C,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC;IACzB,CAAC;IAED,OAAO;QACL,WAAW;QACX,MAAM;QACN,UAAU;QACV,QAAQ;QACR,gBAAgB,EAAE,IAAI;QACtB,WAAW;QACX,YAAY,EAAE,KAAK,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC7C,aAAa;QACb,kBAAkB,EAAE,KAAK,CAAC,kBAAkB,IAAI,IAAI;QACpD,YAAY,EAAE,KAAK,CAAC,YAAY,IAAI,IAAI;KACzC,CAAC;AACJ,CAAC;AASD;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,OAAoC;IAEpC,IAAI,iBAAiB,EAAE,EAAE,CAAC;QACxB,OAAO,MAAM,EAAE,CAAC;IAClB,CAAC;IACD,OAAO,MAAM,CAAC;QACZ,YAAY,EAAE,OAAO,EAAE,YAAY,IAAI,IAAI;QAC3C,cAAc,EAAE,OAAO,EAAE,cAAc,IAAI,IAAI;QAC/C,gBAAgB,EAAE,OAAO,EAAE,gBAAgB,IAAI,IAAI;QACnD,YAAY,EAAE,OAAO,EAAE,YAAY;KACpC,CAAC,CAAC;AACL,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,OAAO;IACrB,kBAAkB,EAAE,CAAC;AACvB,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS;IAC7B,MAAM,EAAE,kCAAkC,EAAE,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;IAC3E,MAAM,MAAM,GAAG,MAAM,kCAAkC,EAAE,CAAC;IAC1D,OAAQ,MAAM,CAAC,EAAc,IAAI,KAAK,CAAC;AACzC,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,UAAU,sBAAsB,CAAC,OAAe,QAAQ;IAC5D,IAAI,IAAI,KAAK,QAAQ,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC3C,MAAM,IAAI,KAAK,CAAC,6BAA6B,IAAI,kCAAkC,CAAC,CAAC;IACvF,CAAC;IAED,MAAM,KAAK,GAAG,gBAAgB,EAAE,CAAC;IACjC,KAAK,CAAC,wBAAwB,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC1D,KAAK,CAAC,wBAAwB,GAAG,IAAI,CAAC;IACtC,gBAAgB,CAAC,KAAK,CAAC,CAAC;AAC1B,CAAC;AAED,2BAA2B;AAC3B,OAAO,EACL,MAAM,EACN,SAAS,IAAI,QAAQ,EACrB,SAAS,EACT,kBAAkB,EAClB,qBAAqB,EACrB,iBAAiB,EACjB,+BAA+B,GAChC,CAAC;AAEF,MAAM,KAAK,GAAG;IACZ,MAAM;IACN,mBAAmB;IACnB,QAAQ,EAAE,SAAS;IACnB,SAAS;IACT,MAAM;IACN,OAAO;IACP,SAAS;IACT,sBAAsB;IACtB,iBAAiB;IACjB,qBAAqB;IACrB,+BAA+B;IAC/B,kBAAkB;IAClB,iCAAiC;IACjC,OAAO;IACP,SAAS;IACT,YAAY;IACZ,OAAO;IACP,qBAAqB;CACtB,CAAC;AAEF,eAAe,KAAK,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,EAAE,kBAAkB,EAAE,SAAS,EAAE,qBAAqB,EAAE,qBAAqB,EAAE,MAAM,WAAW,CAAC;AACxG,OAAO,EAAE,iBAAiB,EAAE,gBAAgB,EAAoB,MAAM,kBAAkB,CAAC;AACzF,OAAO,EAAE,MAAM,EAAsB,MAAM,aAAa,CAAC;AACzD,OAAO,EAAE,+BAA+B,EAAE,MAAM,WAAW,CAAC;AAC5D,OAAO,EACL,qBAAqB,EACrB,OAAO,EAEP,YAAY,EAEZ,SAAS,EACT,8BAA8B,EAC9B,iCAAiC,EACjC,iCAAiC,GAClC,MAAM,eAAe,CAAC;AACvB,OAAO,EACL,8BAA8B,EAC9B,sBAAsB,GAOvB,MAAM,YAAY,CAAC;AACpB,OAAO,EACL,WAAW,EACX,YAAY,EACZ,qBAAqB,GAItB,MAAM,cAAc,CAAC;AACtB,OAAO,EACL,aAAa,EACb,kBAAkB,EAClB,qBAAqB,EACrB,+BAA+B,EAC/B,0BAA0B,EAC1B,+BAA+B,GAGhC,MAAM,aAAa,CAAC;AACrB,OAAO,EAAE,mBAAmB,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AACvE,OAAO,EACL,oBAAoB,EACpB,sBAAsB,EACtB,8BAA8B,EAC9B,uBAAuB,GAIxB,MAAM,yBAAyB,CAAC;AAEjC,kCAAkC;AAClC,OAAO,EACL,UAAU,EACV,eAAe,EACf,UAAU,EACV,cAAc,EACd,cAAc,EACd,qBAAqB,EACrB,oBAAoB,EACpB,gBAAgB,EAChB,kBAAkB,EAClB,kBAAkB,EAClB,mBAAmB,EACnB,6BAA6B,EAC7B,YAAY,EACZ,gBAAgB,EAChB,mBAAmB,EACnB,sBAAsB,GACvB,MAAM,iBAAiB,CAAC;AAEzB,4BAA4B;AAC5B,OAAO,EACL,SAAS,EACT,YAAY,EACZ,OAAO,EACP,qBAAqB,EAIrB,8BAA8B,EAC9B,iCAAiC,EACjC,iCAAiC,GAClC,CAAC;AAEF,+BAA+B;AAC/B,OAAO,EAOL,sBAAsB,GACvB,CAAC;AASF,kDAAkD;AAClD,OAAO,EACL,aAAa,EACb,kBAAkB,EAClB,mBAAmB,EACnB,eAAe,EACf,qBAAqB,EACrB,+BAA+B,EAC/B,0BAA0B,EAC1B,+BAA+B,GAGhC,CAAC;AAEF,mDAAmD;AACnD,OAAO,EACL,oBAAoB,EACpB,sBAAsB,EACtB,8BAA8B,EAC9B,uBAAuB,GAIxB,CAAC;AAEF,0BAA0B;AAC1B,MAAM,CAAC,MAAM,OAAO,GAAG,OAAO,CAAC;AAE/B;;;;;;;GAOG;AACH,MAAM,UAAU,MAAM;IACpB,MAAM,KAAK,GAAG,gBAAgB,EAAE,CAAC;IAEjC,qBAAqB;IACrB,IAAI,UAAqB,CAAC;IAC1B,MAAM,WAAW,GAAG,MAAM,CAAC,MAAM,CAAC,SAAS,CAAa,CAAC;IACzD,IAAI,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC;QAC3C,UAAU,GAAG,KAAK,CAAC,UAAuB,CAAC;IAC7C,CAAC;SAAM,CAAC;QACN,UAAU,GAAG,SAAS,CAAC,QAAQ,CAAC;IAClC,CAAC;IAED,wBAAwB;IACxB,IAAI,aAA2B,CAAC;IAChC,MAAM,gBAAgB,GAAG,MAAM,CAAC,MAAM,CAAC,YAAY,CAAa,CAAC;IACjE,IAAI,gBAAgB,CAAC,QAAQ,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,CAAC;QACnD,aAAa,GAAG,KAAK,CAAC,aAA6B,CAAC;IACtD,CAAC;SAAM,CAAC;QACN,aAAa,GAAG,qBAAqB,CAAC;IACxC,CAAC;IAED,oBAAoB;IACpB,IAAI,WAAiB,CAAC;IACtB,IAAI,CAAC;QACH,WAAW,GAAG,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC;IAC7E,CAAC;IAAC,MAAM,CAAC;QACP,WAAW,GAAG,IAAI,IAAI,EAAE,CAAC;IAC3B,CAAC;IAED,MAAM,WAAW,GAAG,KAAK,CAAC,SAAS,CAAC;IACpC,MAAM,MAAM,GAAG,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,WAAW,EAAE,CAAC;IAE7E,sCAAsC;IACtC,IAAI,QAAQ,GAAmB,IAAI,CAAC;IACpC,IAAI,KAAK,CAAC,eAAe,IAAI,IAAI,EAAE,CAAC;QAClC,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;IAC9B,CAAC;SAAM,IAAI,KAAK,CAAC,iBAAiB,IAAI,IAAI,EAAE,CAAC;QAC3C,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC;IACzB,CAAC;IAED,OAAO;QACL,WAAW;QACX,MAAM;QACN,UAAU;QACV,QAAQ;QACR,gBAAgB,EAAE,IAAI;QACtB,WAAW;QACX,YAAY,EAAE,KAAK,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC7C,aAAa;QACb,kBAAkB,EAAE,KAAK,CAAC,kBAAkB,IAAI,IAAI;QACpD,YAAY,EAAE,KAAK,CAAC,YAAY,IAAI,IAAI;KACzC,CAAC;AACJ,CAAC;AAUD;;;;;;;;;;;;;;GAcG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,OAAoC;IAEpC,IAAI,iBAAiB,EAAE,EAAE,CAAC;QACxB,OAAO,MAAM,EAAE,CAAC;IAClB,CAAC;IAED,IAAI,OAAO,EAAE,QAAQ,EAAE,CAAC;QACtB,MAAM,EAAE,gBAAgB,EAAE,WAAW,EAAE,GAAG,MAAM,MAAM,CAAC,iBAAiB,CAAC,CAAC;QAC1E,MAAM,IAAI,WAAW,CACnB,yCAAyC;YACzC,iEAAiE;YACjE,yDAAyD;YACzD,4BAA4B,CAC7B,CAAC;IACJ,CAAC;IAED,OAAO,MAAM,CAAC;QACZ,YAAY,EAAE,OAAO,EAAE,YAAY,IAAI,IAAI;QAC3C,cAAc,EAAE,OAAO,EAAE,cAAc,IAAI,IAAI;QAC/C,gBAAgB,EAAE,OAAO,EAAE,gBAAgB,IAAI,IAAI;QACnD,YAAY,EAAE,OAAO,EAAE,YAAY;KACpC,CAAC,CAAC;AACL,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,CAAC,KAAK,UAAU,MAAM;IAC1B,OAAO,8BAA8B,EAAE,CAAC;AAC1C,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,OAAO;IACrB,kBAAkB,EAAE,CAAC;AACvB,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS;IAC7B,MAAM,EAAE,kCAAkC,EAAE,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;IAC3E,MAAM,MAAM,GAAG,MAAM,kCAAkC,EAAE,CAAC;IAC1D,OAAQ,MAAM,CAAC,EAAc,IAAI,KAAK,CAAC;AACzC,CAAC;AAED,2BAA2B;AAC3B,OAAO,EACL,MAAM,EACN,SAAS,IAAI,QAAQ,EACrB,SAAS,EACT,kBAAkB,EAClB,qBAAqB,EACrB,qBAAqB,EACrB,iBAAiB,EACjB,+BAA+B,EAC/B,WAAW,EACX,YAAY,EACZ,qBAAqB,GACtB,CAAC;AAEF,MAAM,KAAK,GAAG;IACZ,MAAM;IACN,mBAAmB;IACnB,MAAM;IACN,QAAQ,EAAE,SAAS;IACnB,SAAS;IACT,MAAM;IACN,OAAO;IACP,SAAS;IACT,iBAAiB;IACjB,qBAAqB;IACrB,qBAAqB;IACrB,+BAA+B;IAC/B,kBAAkB;IAClB,iCAAiC;IACjC,sBAAsB;IACtB,WAAW;IACX,YAAY;IACZ,qBAAqB;IACrB,aAAa;IACb,kBAAkB;IAClB,mBAAmB;IACnB,eAAe;IACf,oBAAoB;IACpB,sBAAsB;IACtB,8BAA8B;IAC9B,uBAAuB;IACvB,OAAO;IACP,SAAS;IACT,YAAY;IACZ,OAAO;IACP,qBAAqB;CACtB,CAAC;AAEF,eAAe,KAAK,CAAC"}

package/dist/test/test_peer_verification.d.ts

@@ -0,0 +1,15 @@
+/**
+ * Tests 42-48: Peer Identity Verification (Milestone 9)
+ *
+ * 42. Proof bundle (sovereign) -- requires TPM hardware, marked TODO
+ * 43. Proof bundle (portable) -- requires YubiKey hardware, marked TODO
+ * 44. Proof bundle (declared) -- software key, fully testable offline
+ * 45. Trust root caching -- GET /api/v1/trust/roots + local cache
+ * 46. Replay resistance -- reused nonce with different verifier context
+ * 47. Tamper detection -- modified proof bundle fails validation
+ * 48. Certificate issuance during enrollment -- requires live server
+ *
+ * Run with: node --test dist/test/test_peer_verification.js
+ */
+export {};
+//# sourceMappingURL=test_peer_verification.d.ts.map

package/dist/test/test_peer_verification.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"test_peer_verification.d.ts","sourceRoot":"","sources":["../../src/test/test_peer_verification.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG"}