@adcp/sdk 7.5.0 → 7.7.0

package/dist/lib/signing/server.js

@@ -1,6 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.readIdentityPosture = exports.readBrandJsonUrl = exports.ATTACKER_INFLUENCED = exports.attackerInfluencedFields = exports.AgentResolverError = exports.createAgentJwksSet = exports.getAgentJwks = exports.resolveAgent = exports.createExpressVerifier = exports.WEBHOOK_SIGNING_TAG = exports.WEBHOOK_MANDATORY_COMPONENTS = exports.verifyWebhookSignature = exports.createWebhookVerifier = exports.verifyRequestSignature = exports.REQUEST_SIGNING_TAG = exports.MAX_SIGNATURE_WINDOW_SECONDS = exports.MANDATORY_COMPONENTS = exports.CLOCK_SKEW_TOLERANCE_SECONDS = exports.ALLOWED_ALGS = exports.HttpsRevocationStore = exports.InMemoryRevocationStore = exports.sweepExpiredReplays = exports.getReplayStoreMigration = exports.REPLAY_CACHE_MIGRATION = exports.PostgresReplayStore = exports.InMemoryReplayStore = exports.parseSignatureInput = exports.parseSignature = exports.BrandJsonResolverError = exports.BrandJsonJwksResolver = exports.HttpsJwksResolver = exports.StaticJwksResolver = exports.WebhookSignatureError = exports.RequestSignatureError = exports.verifySignature = exports.jwkToPublicKey = exports.parseContentDigest = exports.contentDigestMatches = exports.computeContentDigest = exports.getHeaderValue = exports.formatSignatureParams = exports.canonicalTargetUri = exports.canonicalMethod = exports.canonicalAuthority = exports.buildSignatureBase = void 0;
+exports.AgentResolverError = exports.createAgentJwksSet = exports.getAgentJwks = exports.resolveAgent = exports.createExpressVerifier = exports.WEBHOOK_SIGNING_TAG = exports.WEBHOOK_MANDATORY_COMPONENTS = exports.verifyWebhookSignature = exports.createWebhookVerifier = exports.verifyResponseSignature = exports.createResponseVerifier = exports.verifyRequestSignature = exports.RESPONSE_SIGNING_TAG = exports.RESPONSE_MANDATORY_COMPONENTS = exports.REQUEST_SIGNING_TAG = exports.MAX_SIGNATURE_WINDOW_SECONDS = exports.MANDATORY_COMPONENTS = exports.CLOCK_SKEW_TOLERANCE_SECONDS = exports.ALLOWED_ALGS = exports.HttpsRevocationStore = exports.InMemoryRevocationStore = exports.sweepExpiredReplays = exports.getReplayStoreMigration = exports.REPLAY_CACHE_MIGRATION = exports.PostgresReplayStore = exports.InMemoryReplayStore = exports.parseSignatureInput = exports.parseSignature = exports.BrandJsonResolverError = exports.BrandJsonJwksResolver = exports.HttpsJwksResolver = exports.StaticJwksResolver = exports.WebhookSignatureError = exports.ResponseSignatureError = exports.RequestSignatureError = exports.verifySignature = exports.jwkToPublicKey = exports.requestContextFromLambda = exports.requestContextFromFetch = exports.requestContextFromExpress = exports.parseContentDigest = exports.contentDigestMatches = exports.computeContentDigest = exports.getHeaderValue = exports.formatSignatureParams = exports.canonicalTargetUri = exports.canonicalMethod = exports.canonicalAuthority = exports.buildSignatureBase = exports.buildResponseSignatureBase = void 0;
+exports.readIdentityPosture = exports.readBrandJsonUrl = exports.ATTACKER_INFLUENCED = exports.attackerInfluencedFields = void 0;
 /**
  * Server-side signing surface: what a seller running an AdCP agent needs to
  * verify inbound RFC 9421 signatures — verifier pipeline, Express-shaped
@@ -12,6 +13,7 @@ exports.readIdentityPosture = exports.readBrandJsonUrl = exports.ATTACKER_INFLUE
  * both for back-compat.
  */
 var canonicalize_1 = require("./canonicalize");
+Object.defineProperty(exports, "buildResponseSignatureBase", { enumerable: true, get: function () { return canonicalize_1.buildResponseSignatureBase; } });
 Object.defineProperty(exports, "buildSignatureBase", { enumerable: true, get: function () { return canonicalize_1.buildSignatureBase; } });
 Object.defineProperty(exports, "canonicalAuthority", { enumerable: true, get: function () { return canonicalize_1.canonicalAuthority; } });
 Object.defineProperty(exports, "canonicalMethod", { enumerable: true, get: function () { return canonicalize_1.canonicalMethod; } });
@@ -22,11 +24,16 @@ var content_digest_1 = require("./content-digest");
 Object.defineProperty(exports, "computeContentDigest", { enumerable: true, get: function () { return content_digest_1.computeContentDigest; } });
 Object.defineProperty(exports, "contentDigestMatches", { enumerable: true, get: function () { return content_digest_1.contentDigestMatches; } });
 Object.defineProperty(exports, "parseContentDigest", { enumerable: true, get: function () { return content_digest_1.parseContentDigest; } });
+var request_context_1 = require("./request-context");
+Object.defineProperty(exports, "requestContextFromExpress", { enumerable: true, get: function () { return request_context_1.requestContextFromExpress; } });
+Object.defineProperty(exports, "requestContextFromFetch", { enumerable: true, get: function () { return request_context_1.requestContextFromFetch; } });
+Object.defineProperty(exports, "requestContextFromLambda", { enumerable: true, get: function () { return request_context_1.requestContextFromLambda; } });
 var crypto_1 = require("./crypto");
 Object.defineProperty(exports, "jwkToPublicKey", { enumerable: true, get: function () { return crypto_1.jwkToPublicKey; } });
 Object.defineProperty(exports, "verifySignature", { enumerable: true, get: function () { return crypto_1.verifySignature; } });
 var errors_1 = require("./errors");
 Object.defineProperty(exports, "RequestSignatureError", { enumerable: true, get: function () { return errors_1.RequestSignatureError; } });
+Object.defineProperty(exports, "ResponseSignatureError", { enumerable: true, get: function () { return errors_1.ResponseSignatureError; } });
 Object.defineProperty(exports, "WebhookSignatureError", { enumerable: true, get: function () { return errors_1.WebhookSignatureError; } });
 var jwks_1 = require("./jwks");
 Object.defineProperty(exports, "StaticJwksResolver", { enumerable: true, get: function () { return jwks_1.StaticJwksResolver; } });
@@ -55,8 +62,13 @@ Object.defineProperty(exports, "CLOCK_SKEW_TOLERANCE_SECONDS", { enumerable: tru
 Object.defineProperty(exports, "MANDATORY_COMPONENTS", { enumerable: true, get: function () { return types_1.MANDATORY_COMPONENTS; } });
 Object.defineProperty(exports, "MAX_SIGNATURE_WINDOW_SECONDS", { enumerable: true, get: function () { return types_1.MAX_SIGNATURE_WINDOW_SECONDS; } });
 Object.defineProperty(exports, "REQUEST_SIGNING_TAG", { enumerable: true, get: function () { return types_1.REQUEST_SIGNING_TAG; } });
+Object.defineProperty(exports, "RESPONSE_MANDATORY_COMPONENTS", { enumerable: true, get: function () { return types_1.RESPONSE_MANDATORY_COMPONENTS; } });
+Object.defineProperty(exports, "RESPONSE_SIGNING_TAG", { enumerable: true, get: function () { return types_1.RESPONSE_SIGNING_TAG; } });
 var verifier_1 = require("./verifier");
 Object.defineProperty(exports, "verifyRequestSignature", { enumerable: true, get: function () { return verifier_1.verifyRequestSignature; } });
+var response_verifier_1 = require("./response-verifier");
+Object.defineProperty(exports, "createResponseVerifier", { enumerable: true, get: function () { return response_verifier_1.createResponseVerifier; } });
+Object.defineProperty(exports, "verifyResponseSignature", { enumerable: true, get: function () { return response_verifier_1.verifyResponseSignature; } });
 var webhook_verifier_1 = require("./webhook-verifier");
 Object.defineProperty(exports, "createWebhookVerifier", { enumerable: true, get: function () { return webhook_verifier_1.createWebhookVerifier; } });
 Object.defineProperty(exports, "verifyWebhookSignature", { enumerable: true, get: function () { return webhook_verifier_1.verifyWebhookSignature; } });

package/dist/lib/signing/server.js.map

@@ -1 +1 @@
-{"version":3,"file":"server.js","sourceRoot":"","sources":["../../../src/lib/signing/server.ts"],"names":[],"mappings":";;;AAAA;;;;;;;;;GASG;AACH,+CASwB;AARtB,kHAAA,kBAAkB,OAAA;AAClB,kHAAA,kBAAkB,OAAA;AAClB,+GAAA,eAAe,OAAA;AACf,kHAAA,kBAAkB,OAAA;AAClB,qHAAA,qBAAqB,OAAA;AACrB,8GAAA,cAAc,OAAA;AAIhB,mDAAkG;AAAzF,sHAAA,oBAAoB,OAAA;AAAE,sHAAA,oBAAoB,OAAA;AAAE,oHAAA,kBAAkB,OAAA;AACvE,mCAA2D;AAAlD,wGAAA,cAAc,OAAA;AAAE,yGAAA,eAAe,OAAA;AACxC,mCAKkB;AAJhB,+GAAA,qBAAqB,OAAA;AAErB,+GAAA,qBAAqB,OAAA;AAGvB,+BAA+D;AAAtD,0GAAA,kBAAkB,OAAA;AAC3B,2CAAgF;AAAvE,+GAAA,iBAAiB,OAAA;AAC1B,2CAMsB;AALpB,mHAAA,qBAAqB,OAAA;AACrB,oHAAA,sBAAsB,OAAA;AAKxB,mCAAgH;AAAvG,wGAAA,cAAc,OAAA;AAAE,6GAAA,mBAAmB,OAAA;AAC5C,mCAKkB;AAJhB,6GAAA,mBAAmB,OAAA;AAKrB,iEAOiC;AAN/B,4HAAA,mBAAmB,OAAA;AACnB,+HAAA,sBAAsB,OAAA;AACtB,gIAAA,uBAAuB,OAAA;AACvB,4HAAA,mBAAmB,OAAA;AAIrB,2CAA6E;AAApE,qHAAA,uBAAuB,OAAA;AAChC,uDAA4F;AAAnF,wHAAA,oBAAoB,OAAA;AAC7B,iCAYiB;AAXf,qGAAA,YAAY,OAAA;AACZ,qHAAA,4BAA4B,OAAA;AAC5B,6GAAA,oBAAoB,OAAA;AACpB,qHAAA,4BAA4B,OAAA;AAC5B,4GAAA,mBAAmB,OAAA;AAQrB,uCAA+E;AAAtE,kHAAA,sBAAsB,OAAA;AAC/B,uDAQ4B;AAP1B,yHAAA,qBAAqB,OAAA;AACrB,0HAAA,sBAAsB,OAAA;AACtB,gIAAA,4BAA4B,OAAA;AAC5B,uHAAA,mBAAmB,OAAA;AAKrB,2CAAsG;AAA7F,mHAAA,qBAAqB,OAAA;AAC9B,mDAwB0B;AAvBxB,8GAAA,YAAY,OAAA;AACZ,8GAAA,YAAY,OAAA;AACZ,oHAAA,kBAAkB,OAAA;AAClB,oHAAA,kBAAkB,OAAA;AAClB,0HAAA,wBAAwB,OAAA;AACxB,qHAAA,mBAAmB,OAAA;AACnB,kHAAA,gBAAgB,OAAA;AAChB,qHAAA,mBAAmB,OAAA"}
+{"version":3,"file":"server.js","sourceRoot":"","sources":["../../../src/lib/signing/server.ts"],"names":[],"mappings":";;;;AAAA;;;;;;;;;GASG;AACH,+CAWwB;AAVtB,0HAAA,0BAA0B,OAAA;AAC1B,kHAAA,kBAAkB,OAAA;AAClB,kHAAA,kBAAkB,OAAA;AAClB,+GAAA,eAAe,OAAA;AACf,kHAAA,kBAAkB,OAAA;AAClB,qHAAA,qBAAqB,OAAA;AACrB,8GAAA,cAAc,OAAA;AAKhB,mDAAkG;AAAzF,sHAAA,oBAAoB,OAAA;AAAE,sHAAA,oBAAoB,OAAA;AAAE,oHAAA,kBAAkB,OAAA;AACvE,qDAS2B;AARzB,4HAAA,yBAAyB,OAAA;AACzB,0HAAA,uBAAuB,OAAA;AACvB,2HAAA,wBAAwB,OAAA;AAO1B,mCAA2D;AAAlD,wGAAA,cAAc,OAAA;AAAE,yGAAA,eAAe,OAAA;AACxC,mCAOkB;AANhB,+GAAA,qBAAqB,OAAA;AAErB,gHAAA,sBAAsB,OAAA;AAEtB,+GAAA,qBAAqB,OAAA;AAGvB,+BAA+D;AAAtD,0GAAA,kBAAkB,OAAA;AAC3B,2CAAgF;AAAvE,+GAAA,iBAAiB,OAAA;AAC1B,2CAMsB;AALpB,mHAAA,qBAAqB,OAAA;AACrB,oHAAA,sBAAsB,OAAA;AAKxB,mCAAgH;AAAvG,wGAAA,cAAc,OAAA;AAAE,6GAAA,mBAAmB,OAAA;AAC5C,mCAKkB;AAJhB,6GAAA,mBAAmB,OAAA;AAKrB,iEAOiC;AAN/B,4HAAA,mBAAmB,OAAA;AACnB,+HAAA,sBAAsB,OAAA;AACtB,gIAAA,uBAAuB,OAAA;AACvB,4HAAA,mBAAmB,OAAA;AAIrB,2CAA6E;AAApE,qHAAA,uBAAuB,OAAA;AAChC,uDAA4F;AAAnF,wHAAA,oBAAoB,OAAA;AAC7B,iCAciB;AAbf,qGAAA,YAAY,OAAA;AACZ,qHAAA,4BAA4B,OAAA;AAC5B,6GAAA,oBAAoB,OAAA;AACpB,qHAAA,4BAA4B,OAAA;AAC5B,4GAAA,mBAAmB,OAAA;AACnB,sHAAA,6BAA6B,OAAA;AAC7B,6GAAA,oBAAoB,OAAA;AAQtB,uCAA+E;AAAtE,kHAAA,sBAAsB,OAAA;AAC/B,yDAM6B;AAL3B,2HAAA,sBAAsB,OAAA;AACtB,4HAAA,uBAAuB,OAAA;AAKzB,uDAQ4B;AAP1B,yHAAA,qBAAqB,OAAA;AACrB,0HAAA,sBAAsB,OAAA;AACtB,gIAAA,4BAA4B,OAAA;AAC5B,uHAAA,mBAAmB,OAAA;AAKrB,2CAAsG;AAA7F,mHAAA,qBAAqB,OAAA;AAC9B,mDAwB0B;AAvBxB,8GAAA,YAAY,OAAA;AACZ,8GAAA,YAAY,OAAA;AACZ,oHAAA,kBAAkB,OAAA;AAClB,oHAAA,kBAAkB,OAAA;AAClB,0HAAA,wBAAwB,OAAA;AACxB,qHAAA,mBAAmB,OAAA;AACnB,kHAAA,gBAAgB,OAAA;AAChB,qHAAA,mBAAmB,OAAA"}

package/dist/lib/signing/signer-async.d.ts

@@ -1,6 +1,6 @@
-import type { RequestLike } from './canonicalize';
+import type { RequestLike, ResponseLike } from './canonicalize';
 import type { SigningProvider } from './provider';
-import type { SignedRequest, SignRequestOptions, SignWebhookOptions } from './signer';
+import type { SignedRequest, SignedResponse, SignRequestOptions, SignResponseOptions, SignWebhookOptions } from './signer';
 /**
  * Async variant of `signRequest` that delegates the actual signature
  * production to a {@link SigningProvider}. Reuses
@@ -21,4 +21,10 @@ export declare function signRequestAsync(request: RequestLike, provider: Signing
  * `Content-Digest` header stay in lockstep.
  */
 export declare function signWebhookAsync(request: RequestLike, provider: SigningProvider, options?: SignWebhookOptions): Promise<SignedRequest>;
+/**
+ * Async variant of `signResponse`. Reuses {@link prepareResponseSignature}
+ * and {@link finalizeResponseSignature} from the sync path so canonicalization
+ * stays identical — `provider.sign(payload)` is the only difference.
+ */
+export declare function signResponseAsync(response: ResponseLike, provider: SigningProvider, options?: SignResponseOptions): Promise<SignedResponse>;
 //# sourceMappingURL=signer-async.d.ts.map

package/dist/lib/signing/signer-async.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"signer-async.d.ts","sourceRoot":"","sources":["../../../src/lib/signing/signer-async.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAClD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAClD,OAAO,KAAK,EAAE,aAAa,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,MAAM,UAAU,CAAC;AAGtF;;;;;;;;;;;GAWG;AACH,wBAAsB,gBAAgB,CACpC,OAAO,EAAE,WAAW,EACpB,QAAQ,EAAE,eAAe,EACzB,OAAO,GAAE,kBAAuB,GAC/B,OAAO,CAAC,aAAa,CAAC,CAIxB;AAED;;;;;GAKG;AACH,wBAAsB,gBAAgB,CACpC,OAAO,EAAE,WAAW,EACpB,QAAQ,EAAE,eAAe,EACzB,OAAO,GAAE,kBAAuB,GAC/B,OAAO,CAAC,aAAa,CAAC,CAIxB"}
+{"version":3,"file":"signer-async.d.ts","sourceRoot":"","sources":["../../../src/lib/signing/signer-async.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAChE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAClD,OAAO,KAAK,EACV,aAAa,EACb,cAAc,EACd,kBAAkB,EAClB,mBAAmB,EACnB,kBAAkB,EACnB,MAAM,UAAU,CAAC;AAUlB;;;;;;;;;;;GAWG;AACH,wBAAsB,gBAAgB,CACpC,OAAO,EAAE,WAAW,EACpB,QAAQ,EAAE,eAAe,EACzB,OAAO,GAAE,kBAAuB,GAC/B,OAAO,CAAC,aAAa,CAAC,CAKxB;AAED;;;;;GAKG;AACH,wBAAsB,gBAAgB,CACpC,OAAO,EAAE,WAAW,EACpB,QAAQ,EAAE,eAAe,EACzB,OAAO,GAAE,kBAAuB,GAC/B,OAAO,CAAC,aAAa,CAAC,CAKxB;AAED;;;;GAIG;AACH,wBAAsB,iBAAiB,CACrC,QAAQ,EAAE,YAAY,EACtB,QAAQ,EAAE,eAAe,EACzB,OAAO,GAAE,mBAAwB,GAChC,OAAO,CAAC,cAAc,CAAC,CAKzB"}

package/dist/lib/signing/signer-async.js

@@ -2,6 +2,7 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.signRequestAsync = signRequestAsync;
 exports.signWebhookAsync = signWebhookAsync;
+exports.signResponseAsync = signResponseAsync;
 const signer_1 = require("./signer");
 /**
  * Async variant of `signRequest` that delegates the actual signature
@@ -16,6 +17,7 @@ const signer_1 = require("./signer");
  * deployments that store private keys in a managed key store.
  */
 async function signRequestAsync(request, provider, options = {}) {
+    (0, signer_1.assertProviderPurpose)(provider, 'request-signing');
     const prepared = (0, signer_1.prepareRequestSignature)(request, { keyid: provider.keyid, alg: provider.algorithm }, options);
     const signature = await provider.sign(Buffer.from(prepared.base, 'utf8'));
     return (0, signer_1.finalizeRequestSignature)(prepared, signature);
@@ -27,8 +29,20 @@ async function signRequestAsync(request, provider, options = {}) {
  * `Content-Digest` header stay in lockstep.
  */
 async function signWebhookAsync(request, provider, options = {}) {
+    (0, signer_1.assertProviderPurpose)(provider, 'webhook-signing');
     const prepared = (0, signer_1.prepareWebhookSignature)(request, { keyid: provider.keyid, alg: provider.algorithm }, options);
     const signature = await provider.sign(Buffer.from(prepared.base, 'utf8'));
     return (0, signer_1.finalizeRequestSignature)(prepared, signature);
 }
+/**
+ * Async variant of `signResponse`. Reuses {@link prepareResponseSignature}
+ * and {@link finalizeResponseSignature} from the sync path so canonicalization
+ * stays identical — `provider.sign(payload)` is the only difference.
+ */
+async function signResponseAsync(response, provider, options = {}) {
+    (0, signer_1.assertProviderPurpose)(provider, 'response-signing');
+    const prepared = (0, signer_1.prepareResponseSignature)(response, { keyid: provider.keyid, alg: provider.algorithm }, options);
+    const signature = await provider.sign(Buffer.from(prepared.base, 'utf8'));
+    return (0, signer_1.finalizeResponseSignature)(prepared, signature);
+}
 //# sourceMappingURL=signer-async.js.map

package/dist/lib/signing/signer-async.js.map

@@ -1 +1 @@
-{"version":3,"file":"signer-async.js","sourceRoot":"","sources":["../../../src/lib/signing/signer-async.ts"],"names":[],"mappings":";;AAiBA,4CAQC;AAQD,4CAQC;AAtCD,qCAAsG;AAEtG;;;;;;;;;;;GAWG;AACI,KAAK,UAAU,gBAAgB,CACpC,OAAoB,EACpB,QAAyB,EACzB,UAA8B,EAAE;IAEhC,MAAM,QAAQ,GAAG,IAAA,gCAAuB,EAAC,OAAO,EAAE,EAAE,KAAK,EAAE,QAAQ,CAAC,KAAK,EAAE,GAAG,EAAE,QAAQ,CAAC,SAAS,EAAE,EAAE,OAAO,CAAC,CAAC;IAC/G,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC;IAC1E,OAAO,IAAA,iCAAwB,EAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;AACvD,CAAC;AAED;;;;;GAKG;AACI,KAAK,UAAU,gBAAgB,CACpC,OAAoB,EACpB,QAAyB,EACzB,UAA8B,EAAE;IAEhC,MAAM,QAAQ,GAAG,IAAA,gCAAuB,EAAC,OAAO,EAAE,EAAE,KAAK,EAAE,QAAQ,CAAC,KAAK,EAAE,GAAG,EAAE,QAAQ,CAAC,SAAS,EAAE,EAAE,OAAO,CAAC,CAAC;IAC/G,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC;IAC1E,OAAO,IAAA,iCAAwB,EAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;AACvD,CAAC"}
+{"version":3,"file":"signer-async.js","sourceRoot":"","sources":["../../../src/lib/signing/signer-async.ts"],"names":[],"mappings":";;AA8BA,4CASC;AAQD,4CASC;AAOD,8CASC;AA/DD,qCAOkB;AAElB;;;;;;;;;;;GAWG;AACI,KAAK,UAAU,gBAAgB,CACpC,OAAoB,EACpB,QAAyB,EACzB,UAA8B,EAAE;IAEhC,IAAA,8BAAqB,EAAC,QAAQ,EAAE,iBAAiB,CAAC,CAAC;IACnD,MAAM,QAAQ,GAAG,IAAA,gCAAuB,EAAC,OAAO,EAAE,EAAE,KAAK,EAAE,QAAQ,CAAC,KAAK,EAAE,GAAG,EAAE,QAAQ,CAAC,SAAS,EAAE,EAAE,OAAO,CAAC,CAAC;IAC/G,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC;IAC1E,OAAO,IAAA,iCAAwB,EAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;AACvD,CAAC;AAED;;;;;GAKG;AACI,KAAK,UAAU,gBAAgB,CACpC,OAAoB,EACpB,QAAyB,EACzB,UAA8B,EAAE;IAEhC,IAAA,8BAAqB,EAAC,QAAQ,EAAE,iBAAiB,CAAC,CAAC;IACnD,MAAM,QAAQ,GAAG,IAAA,gCAAuB,EAAC,OAAO,EAAE,EAAE,KAAK,EAAE,QAAQ,CAAC,KAAK,EAAE,GAAG,EAAE,QAAQ,CAAC,SAAS,EAAE,EAAE,OAAO,CAAC,CAAC;IAC/G,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC;IAC1E,OAAO,IAAA,iCAAwB,EAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;AACvD,CAAC;AAED;;;;GAIG;AACI,KAAK,UAAU,iBAAiB,CACrC,QAAsB,EACtB,QAAyB,EACzB,UAA+B,EAAE;IAEjC,IAAA,8BAAqB,EAAC,QAAQ,EAAE,kBAAkB,CAAC,CAAC;IACpD,MAAM,QAAQ,GAAG,IAAA,iCAAwB,EAAC,QAAQ,EAAE,EAAE,KAAK,EAAE,QAAQ,CAAC,KAAK,EAAE,GAAG,EAAE,QAAQ,CAAC,SAAS,EAAE,EAAE,OAAO,CAAC,CAAC;IACjH,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC;IAC1E,OAAO,IAAA,kCAAyB,EAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;AACxD,CAAC"}

package/dist/lib/signing/signer.d.ts

@@ -1,10 +1,39 @@
-import { type RequestLike, type SignatureParams } from './canonicalize';
+import { type RequestLike, type ResponseLike, type SignatureParams } from './canonicalize';
+import type { AdcpUse } from './jwks-helpers';
 import { type AdcpJsonWebKey, type AdcpSignAlg } from './types';
 export interface SignerKey {
     keyid: string;
     alg: 'ed25519' | 'ecdsa-p256-sha256';
+    /**
+     * Private JWK. MUST carry `adcp_use` matching the helper being called:
+     * - `signRequest` requires `adcp_use: 'request-signing'`
+     * - `signWebhook` requires `adcp_use: 'webhook-signing'`
+     * - `signResponse` requires `adcp_use: 'response-signing'`
+     *
+     * Mismatched or missing `adcp_use` throws at the signer with the same
+     * error code the verifier raises at step 8 — failure surfaces at
+     * configuration time rather than at the receiver, where the message is
+     * far from its cause. Mint keys with `pemToAdcpJwk({ adcp_use: ... })`
+     * to get the binding right by construction.
+     */
     privateKey: AdcpJsonWebKey;
 }
+/**
+ * Async-path equivalent. Mirrors {@link assertKeyPurpose} but reads
+ * `adcpUse` from a {@link SigningProvider} rather than a `SignerKey`.
+ *
+ * **Optional binding.** When `provider.adcpUse` is `undefined`, the gate
+ * is skipped — preserves backward compat with adapters that pre-date the
+ * `SigningProvider.adcpUse` field. Adapter authors who want signer-side
+ * defense-in-depth set `adcpUse` on their provider; the async helpers
+ * (`signRequestAsync` / `signWebhookAsync` / `signResponseAsync`) then
+ * enforce the binding parallel to the sync path.
+ */
+declare function assertProviderPurpose(provider: {
+    readonly keyid: string;
+    readonly adcpUse?: AdcpUse;
+}, expected: AdcpUse): void;
+export { assertProviderPurpose };
 export interface SignRequestOptions {
     coverContentDigest?: boolean;
     label?: string;
@@ -49,6 +78,15 @@ export interface PreparedRequestSignature {
  * Canonicalize a request for RFC 9421 request-signing. Pure (no I/O); the
  * sync and async paths share this so canonicalization can't drift between
  * them.
+ *
+ * **No purpose-binding gate.** This function takes a `SignatureIdentity`
+ * (just `keyid` + `alg`), not a full `SignerKey`, so it deliberately
+ * cannot enforce `adcp_use`. Callers composing `prepare* + own-signer`
+ * are responsible for purpose binding themselves — the convenience
+ * helper `signRequest` runs `assertKeyPurpose` before calling this and
+ * is what most adopters want. Test-vector authors who need to sign with
+ * wrong-purpose keys (e.g. AdCP negative-vector 009 cross-purpose
+ * rejection) use this prepare/finalize composition deliberately.
  */
 export declare function prepareRequestSignature(request: RequestLike, identity: SignatureIdentity, options?: SignRequestOptions): PreparedRequestSignature;
 /**
@@ -81,6 +119,10 @@ export interface SignWebhookOptions {
  * `signWebhookAsync` paths. Covers the five mandatory components —
  * `@method`, `@target-uri`, `@authority`, `content-type`, `content-digest` —
  * and sets `Content-Digest` on the outgoing headers.
+ *
+ * **No purpose-binding gate** — same caveat as
+ * {@link prepareRequestSignature}. The convenience helper `signWebhook`
+ * runs `assertKeyPurpose` before calling this.
  */
 export declare function prepareWebhookSignature(request: RequestLike, identity: SignatureIdentity, options?: SignWebhookOptions): PreparedRequestSignature;
 /**
@@ -91,4 +133,110 @@ export declare function prepareWebhookSignature(request: RequestLike, identity:
  * conformant webhooks should use this instead of hand-rolling signatures.
  */
 export declare function signWebhook(request: RequestLike, key: SignerKey, options?: SignWebhookOptions): SignedRequest;
+export interface SignResponseOptions {
+    /**
+     * Cover a `Content-Digest` of the response body. Defaults to `true` when
+     * the response has a body.
+     *
+     * **Asymmetric with `signRequest`.** Request signing defaults to opt-in
+     * (`coverContentDigest: true` required to cover); response signing
+     * defaults to opt-out because an unbound body is the most common
+     * cross-purpose footgun for response signing — without a body digest,
+     * an attacker that can swap the payload but preserve headers can pass
+     * the signature check. The asymmetry is deliberate; callers that want
+     * to omit (e.g. when an upstream proxy computes the digest) pass
+     * `false` explicitly.
+     */
+    coverContentDigest?: boolean;
+    /**
+     * Additional derived/header components to cover beyond
+     * {@link RESPONSE_MANDATORY_COMPONENTS}. The defaults already include
+     * `@status`, `@authority`, and `@target-uri`. Use this for `@method`
+     * (uncommon for responses — request method is usually implicit) or for
+     * custom headers (`x-content-type-options`, etc.).
+     */
+    additionalComponents?: ReadonlyArray<string>;
+    label?: string;
+    windowSeconds?: number;
+    now?: () => number;
+    nonce?: string;
+    /**
+     * Override the signature tag. Defaults to `adcp/response-signing/v1`.
+     * Exposed so test suites can pin a wrong tag to exercise receiver
+     * rejection paths without mutating the signed headers post-hoc.
+     */
+    tag?: string;
+}
+export interface SignedResponse {
+    status: number;
+    headers: Record<string, string>;
+    signatureBase: string;
+    params: SignatureParams;
+}
+/**
+ * Result of canonicalizing a response for signing — everything `signResponse`
+ * and `signResponseAsync` produce up to (but not including) the call into
+ * the signer/provider.
+ */
+export interface PreparedResponseSignature {
+    status: number;
+    components: string[];
+    params: SignatureParams;
+    /**
+     * Outbound response headers including `Content-Digest` when covered, but
+     * not yet including `Signature-Input` / `Signature` — those are appended
+     * by {@link finalizeResponseSignature}.
+     */
+    headers: Record<string, string>;
+    /** Canonical signature base bytes (UTF-8). Pass to the signer/provider. */
+    base: string;
+    label: string;
+}
+/**
+ * Canonicalize a response for RFC 9421 response-signing (§2.2.9). Pure
+ * (no I/O); shared between sync `signResponse` and async `signResponseAsync`
+ * so canonicalization can't drift between them. Covers
+ * {@link RESPONSE_MANDATORY_COMPONENTS} by default; adds `content-type` +
+ * `content-digest` automatically when the response carries a body. Callers
+ * can extend the covered set via
+ * {@link SignResponseOptions.additionalComponents}.
+ *
+ * **No purpose-binding gate** — same caveat as
+ * {@link prepareRequestSignature}. The convenience helper `signResponse`
+ * runs `assertKeyPurpose` before calling this.
+ */
+export declare function prepareResponseSignature(response: ResponseLike, identity: SignatureIdentity, options?: SignResponseOptions): PreparedResponseSignature;
+/**
+ * Attach `Signature` / `Signature-Input` headers given the bytes returned
+ * by the signer/provider. Mirrors {@link finalizeRequestSignature} but
+ * returns a {@link SignedResponse} that carries the response status alongside
+ * the stamped headers so the caller can hand the whole object back to its
+ * HTTP layer.
+ */
+export declare function finalizeResponseSignature(prepared: PreparedResponseSignature, signature: Uint8Array): SignedResponse;
+/**
+ * Sign an outbound response under the RFC 9421 response-signing profile
+ * (`tag=adcp/response-signing/v1`). Covers `@status` and `@authority` by
+ * default, plus `content-type` + `content-digest` when a body is present.
+ * Servers emitting signed responses (e.g. seller agents whose clients
+ * verify `get_products` payloads before parsing) should use this instead
+ * of hand-rolling signatures.
+ *
+ * Returns headers as a plain `Record<string, string>` for direct use with
+ * Express (`res.set(signed.headers)`). For Fetch / Node `Response` (where
+ * the headers object is immutable on construction), spread into the
+ * `Headers` constructor or `setHeader` loop:
+ *
+ * ```ts
+ * // Express
+ * res.status(signed.status).set(signed.headers).send(body);
+ *
+ * // Fetch / Workers / Node 20+ Response
+ * return new Response(body, { status: signed.status, headers: signed.headers });
+ *
+ * // Node `http.ServerResponse`
+ * res.writeHead(signed.status, signed.headers).end(body);
+ * ```
+ */
+export declare function signResponse(response: ResponseLike, key: SignerKey, options?: SignResponseOptions): SignedResponse;
 //# sourceMappingURL=signer.d.ts.map

package/dist/lib/signing/signer.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"signer.d.ts","sourceRoot":"","sources":["../../../src/lib/signing/signer.ts"],"names":[],"mappings":"AACA,OAAO,EAA6C,KAAK,WAAW,EAAE,KAAK,eAAe,EAAE,MAAM,gBAAgB,CAAC;AAEnH,OAAO,EAIL,KAAK,cAAc,EACnB,KAAK,WAAW,EACjB,MAAM,SAAS,CAAC;AAGjB,MAAM,WAAW,SAAS;IACxB,KAAK,EAAE,MAAM,CAAC;IACd,GAAG,EAAE,SAAS,GAAG,mBAAmB,CAAC;IACrC,UAAU,EAAE,cAAc,CAAC;CAC5B;AAED,MAAM,WAAW,kBAAkB;IACjC,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,GAAG,CAAC,EAAE,MAAM,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC,aAAa,EAAE,MAAM,CAAC;IACtB,MAAM,EAAE,eAAe,CAAC;CACzB;AAED;;;;;GAKG;AACH,MAAM,WAAW,iBAAiB;IAChC,KAAK,EAAE,MAAM,CAAC;IACd,GAAG,EAAE,WAAW,CAAC;CAClB;AAED;;;;GAIG;AACH,MAAM,WAAW,wBAAwB;IACvC,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,MAAM,EAAE,eAAe,CAAC;IACxB;;;;OAIG;IACH,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC,2EAA2E;IAC3E,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;CACf;AAED;;;;GAIG;AACH,wBAAgB,uBAAuB,CACrC,OAAO,EAAE,WAAW,EACpB,QAAQ,EAAE,iBAAiB,EAC3B,OAAO,GAAE,kBAAuB,GAC/B,wBAAwB,CA8B1B;AAED;;;;;;;;;GASG;AACH,wBAAgB,wBAAwB,CAAC,QAAQ,EAAE,wBAAwB,EAAE,SAAS,EAAE,UAAU,GAAG,aAAa,CAMjH;AAED,wBAAgB,WAAW,CAAC,OAAO,EAAE,WAAW,EAAE,GAAG,EAAE,SAAS,EAAE,OAAO,GAAE,kBAAuB,GAAG,aAAa,CAIjH;AAED,MAAM,WAAW,kBAAkB;IACjC,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,GAAG,CAAC,EAAE,MAAM,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf;;;;OAIG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;CACd;AAED;;;;;;GAMG;AACH,wBAAgB,uBAAuB,CACrC,OAAO,EAAE,WAAW,EACpB,QAAQ,EAAE,iBAAiB,EAC3B,OAAO,GAAE,kBAAuB,GAC/B,wBAAwB,CAuB1B;AAED;;;;;;GAMG;AACH,wBAAgB,WAAW,CAAC,OAAO,EAAE,WAAW,EAAE,GAAG,EAAE,SAAS,EAAE,OAAO,GAAE,kBAAuB,GAAG,aAAa,CAIjH"}
+{"version":3,"file":"signer.d.ts","sourceRoot":"","sources":["../../../src/lib/signing/signer.ts"],"names":[],"mappings":"AACA,OAAO,EAIL,KAAK,WAAW,EAChB,KAAK,YAAY,EACjB,KAAK,eAAe,EACrB,MAAM,gBAAgB,CAAC;AAGxB,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAML,KAAK,cAAc,EACnB,KAAK,WAAW,EACjB,MAAM,SAAS,CAAC;AAGjB,MAAM,WAAW,SAAS;IACxB,KAAK,EAAE,MAAM,CAAC;IACd,GAAG,EAAE,SAAS,GAAG,mBAAmB,CAAC;IACrC;;;;;;;;;;;OAWG;IACH,UAAU,EAAE,cAAc,CAAC;CAC5B;AAkBD;;;;;;;;;;GAUG;AACH,iBAAS,qBAAqB,CAC5B,QAAQ,EAAE;IAAE,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,OAAO,CAAA;CAAE,EAChE,QAAQ,EAAE,OAAO,GAChB,IAAI,CAGN;AAyBD,OAAO,EAAE,qBAAqB,EAAE,CAAC;AAEjC,MAAM,WAAW,kBAAkB;IACjC,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,GAAG,CAAC,EAAE,MAAM,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC,aAAa,EAAE,MAAM,CAAC;IACtB,MAAM,EAAE,eAAe,CAAC;CACzB;AAED;;;;;GAKG;AACH,MAAM,WAAW,iBAAiB;IAChC,KAAK,EAAE,MAAM,CAAC;IACd,GAAG,EAAE,WAAW,CAAC;CAClB;AAED;;;;GAIG;AACH,MAAM,WAAW,wBAAwB;IACvC,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,MAAM,EAAE,eAAe,CAAC;IACxB;;;;OAIG;IACH,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC,2EAA2E;IAC3E,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;CACf;AAED;;;;;;;;;;;;;GAaG;AACH,wBAAgB,uBAAuB,CACrC,OAAO,EAAE,WAAW,EACpB,QAAQ,EAAE,iBAAiB,EAC3B,OAAO,GAAE,kBAAuB,GAC/B,wBAAwB,CA8B1B;AAED;;;;;;;;;GASG;AACH,wBAAgB,wBAAwB,CAAC,QAAQ,EAAE,wBAAwB,EAAE,SAAS,EAAE,UAAU,GAAG,aAAa,CAMjH;AAED,wBAAgB,WAAW,CAAC,OAAO,EAAE,WAAW,EAAE,GAAG,EAAE,SAAS,EAAE,OAAO,GAAE,kBAAuB,GAAG,aAAa,CAKjH;AAED,MAAM,WAAW,kBAAkB;IACjC,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,GAAG,CAAC,EAAE,MAAM,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf;;;;OAIG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;CACd;AAED;;;;;;;;;;GAUG;AACH,wBAAgB,uBAAuB,CACrC,OAAO,EAAE,WAAW,EACpB,QAAQ,EAAE,iBAAiB,EAC3B,OAAO,GAAE,kBAAuB,GAC/B,wBAAwB,CAuB1B;AAED;;;;;;GAMG;AACH,wBAAgB,WAAW,CAAC,OAAO,EAAE,WAAW,EAAE,GAAG,EAAE,SAAS,EAAE,OAAO,GAAE,kBAAuB,GAAG,aAAa,CAKjH;AAED,MAAM,WAAW,mBAAmB;IAClC;;;;;;;;;;;;OAYG;IACH,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B;;;;;;OAMG;IACH,oBAAoB,CAAC,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;IAC7C,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,GAAG,CAAC,EAAE,MAAM,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf;;;;OAIG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,cAAc;IAC7B,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC,aAAa,EAAE,MAAM,CAAC;IACtB,MAAM,EAAE,eAAe,CAAC;CACzB;AAED;;;;GAIG;AACH,MAAM,WAAW,yBAAyB;IACxC,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,MAAM,EAAE,eAAe,CAAC;IACxB;;;;OAIG;IACH,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC,2EAA2E;IAC3E,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;CACf;AAED;;;;;;;;;;;;GAYG;AACH,wBAAgB,wBAAwB,CACtC,QAAQ,EAAE,YAAY,EACtB,QAAQ,EAAE,iBAAiB,EAC3B,OAAO,GAAE,mBAAwB,GAChC,yBAAyB,CAmC3B;AAED;;;;;;GAMG;AACH,wBAAgB,yBAAyB,CAAC,QAAQ,EAAE,yBAAyB,EAAE,SAAS,EAAE,UAAU,GAAG,cAAc,CAMpH;AAED;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,wBAAgB,YAAY,CAC1B,QAAQ,EAAE,YAAY,EACtB,GAAG,EAAE,SAAS,EACd,OAAO,GAAE,mBAAwB,GAChC,cAAc,CAKhB"}

package/dist/lib/signing/signer.js

@@ -1,19 +1,86 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.assertProviderPurpose = assertProviderPurpose;
 exports.prepareRequestSignature = prepareRequestSignature;
 exports.finalizeRequestSignature = finalizeRequestSignature;
 exports.signRequest = signRequest;
 exports.prepareWebhookSignature = prepareWebhookSignature;
 exports.signWebhook = signWebhook;
+exports.prepareResponseSignature = prepareResponseSignature;
+exports.finalizeResponseSignature = finalizeResponseSignature;
+exports.signResponse = signResponse;
 const crypto_1 = require("crypto");
 const canonicalize_1 = require("./canonicalize");
 const content_digest_1 = require("./content-digest");
+const errors_1 = require("./errors");
 const types_1 = require("./types");
 const webhook_verifier_1 = require("./webhook-verifier");
+/**
+ * Step-8-equivalent purpose-binding gate on the signer side. The verifier
+ * already enforces `jwk.adcp_use === expected` at step 8 (see verifier.ts
+ * for request signing; webhook-verifier.ts for webhooks). Replicating the
+ * check on the signer side prevents the more common operator footgun:
+ * passing a wrong-purpose key into the helper, producing a wire-conformant
+ * signature that the downstream verifier then rejects, surfacing the
+ * misconfiguration at the wrong end of the connection.
+ *
+ * Errors emit the same code the verifier uses for that direction so log
+ * scrapers across signer / verifier see consistent vocabulary.
+ */
+function assertKeyPurpose(key, expected) {
+    throwIfPurposeMismatch(key.keyid, key.privateKey.adcp_use, expected);
+}
+/**
+ * Async-path equivalent. Mirrors {@link assertKeyPurpose} but reads
+ * `adcpUse` from a {@link SigningProvider} rather than a `SignerKey`.
+ *
+ * **Optional binding.** When `provider.adcpUse` is `undefined`, the gate
+ * is skipped — preserves backward compat with adapters that pre-date the
+ * `SigningProvider.adcpUse` field. Adapter authors who want signer-side
+ * defense-in-depth set `adcpUse` on their provider; the async helpers
+ * (`signRequestAsync` / `signWebhookAsync` / `signResponseAsync`) then
+ * enforce the binding parallel to the sync path.
+ */
+function assertProviderPurpose(provider, expected) {
+    if (provider.adcpUse === undefined)
+        return;
+    throwIfPurposeMismatch(provider.keyid, provider.adcpUse, expected);
+}
+function throwIfPurposeMismatch(keyid, actual, expected) {
+    if (actual === expected)
+        return;
+    const message = `Signing key '${keyid}' has adcp_use=${actual === undefined ? '<missing>' : `'${actual}'`} ` +
+        `but the helper requires '${expected}'. Mint a key scoped for '${expected}' via ` +
+        `pemToAdcpJwk({ adcp_use: '${expected}' }) — sharing keys across purposes is intentionally refused.`;
+    switch (expected) {
+        case 'request-signing':
+            throw new errors_1.RequestSignatureError('request_signature_key_purpose_invalid', 8, message);
+        case 'webhook-signing':
+            throw new errors_1.WebhookSignatureError('webhook_signature_key_purpose_invalid', 8, message);
+        case 'response-signing':
+            throw new errors_1.ResponseSignatureError('response_signature_key_purpose_invalid', 8, message);
+        default: {
+            // Compile-time exhaustiveness: a future `AdcpUse` widening must add
+            // a case arm here. Trips `tsc --noEmit` if the union grows without
+            // an explicit gate decision for the new member.
+            const _exhaustive = expected;
+            throw new Error(`unreachable: unhandled AdcpUse '${_exhaustive}'`);
+        }
+    }
+}
 /**
  * Canonicalize a request for RFC 9421 request-signing. Pure (no I/O); the
  * sync and async paths share this so canonicalization can't drift between
  * them.
+ *
+ * **No purpose-binding gate.** This function takes a `SignatureIdentity`
+ * (just `keyid` + `alg`), not a full `SignerKey`, so it deliberately
+ * cannot enforce `adcp_use`. Callers composing `prepare* + own-signer`
+ * are responsible for purpose binding themselves — the convenience
+ * helper `signRequest` runs `assertKeyPurpose` before calling this and
+ * is what most adopters want. Test-vector authors who need to sign with
+ * wrong-purpose keys (e.g. AdCP negative-vector 009 cross-purpose
+ * rejection) use this prepare/finalize composition deliberately.
  */
 function prepareRequestSignature(request, identity, options = {}) {
     const now = options.now ? options.now() : Math.floor(Date.now() / 1000);
@@ -61,6 +128,7 @@ function finalizeRequestSignature(prepared, signature) {
     return { headers, signatureBase: prepared.base, params: prepared.params };
 }
 function signRequest(request, key, options = {}) {
+    assertKeyPurpose(key, 'request-signing');
     const prepared = prepareRequestSignature(request, { keyid: key.keyid, alg: key.alg }, options);
     const signature = produceSignature(key, Buffer.from(prepared.base, 'utf8'));
     return finalizeRequestSignature(prepared, signature);
@@ -71,6 +139,10 @@ function signRequest(request, key, options = {}) {
  * `signWebhookAsync` paths. Covers the five mandatory components —
  * `@method`, `@target-uri`, `@authority`, `content-type`, `content-digest` —
  * and sets `Content-Digest` on the outgoing headers.
+ *
+ * **No purpose-binding gate** — same caveat as
+ * {@link prepareRequestSignature}. The convenience helper `signWebhook`
+ * runs `assertKeyPurpose` before calling this.
  */
 function prepareWebhookSignature(request, identity, options = {}) {
     const now = options.now ? options.now() : Math.floor(Date.now() / 1000);
@@ -100,10 +172,102 @@ function prepareWebhookSignature(request, identity, options = {}) {
  * conformant webhooks should use this instead of hand-rolling signatures.
  */
 function signWebhook(request, key, options = {}) {
+    assertKeyPurpose(key, 'webhook-signing');
     const prepared = prepareWebhookSignature(request, { keyid: key.keyid, alg: key.alg }, options);
     const signature = produceSignature(key, Buffer.from(prepared.base, 'utf8'));
     return finalizeRequestSignature(prepared, signature);
 }
+/**
+ * Canonicalize a response for RFC 9421 response-signing (§2.2.9). Pure
+ * (no I/O); shared between sync `signResponse` and async `signResponseAsync`
+ * so canonicalization can't drift between them. Covers
+ * {@link RESPONSE_MANDATORY_COMPONENTS} by default; adds `content-type` +
+ * `content-digest` automatically when the response carries a body. Callers
+ * can extend the covered set via
+ * {@link SignResponseOptions.additionalComponents}.
+ *
+ * **No purpose-binding gate** — same caveat as
+ * {@link prepareRequestSignature}. The convenience helper `signResponse`
+ * runs `assertKeyPurpose` before calling this.
+ */
+function prepareResponseSignature(response, identity, options = {}) {
+    const now = options.now ? options.now() : Math.floor(Date.now() / 1000);
+    const windowSeconds = Math.min(options.windowSeconds ?? 300, types_1.MAX_SIGNATURE_WINDOW_SECONDS);
+    const nonce = options.nonce ?? base64UrlRandom(16);
+    const label = options.label ?? 'sig1';
+    const hasBody = (response.body ?? '').length > 0;
+    const coverDigest = (options.coverContentDigest ?? true) && hasBody;
+    const headers = { ...flattenHeaders(response.headers) };
+    if (coverDigest) {
+        headers['Content-Digest'] = (0, content_digest_1.computeContentDigest)(response.body ?? '');
+    }
+    const components = [...types_1.RESPONSE_MANDATORY_COMPONENTS];
+    if (hasBody)
+        components.push('content-type');
+    if (coverDigest)
+        components.push('content-digest');
+    if (options.additionalComponents) {
+        for (const c of options.additionalComponents) {
+            if (!components.includes(c))
+                components.push(c);
+        }
+    }
+    const params = {
+        created: now,
+        expires: now + windowSeconds,
+        nonce,
+        keyid: identity.keyid,
+        alg: identity.alg,
+        tag: options.tag ?? types_1.RESPONSE_SIGNING_TAG,
+    };
+    const normalizedResponse = { ...response, headers };
+    const base = (0, canonicalize_1.buildResponseSignatureBase)(components, normalizedResponse, params);
+    return { status: response.status, components, params, headers, base, label };
+}
+/**
+ * Attach `Signature` / `Signature-Input` headers given the bytes returned
+ * by the signer/provider. Mirrors {@link finalizeRequestSignature} but
+ * returns a {@link SignedResponse} that carries the response status alongside
+ * the stamped headers so the caller can hand the whole object back to its
+ * HTTP layer.
+ */
+function finalizeResponseSignature(prepared, signature) {
+    const headers = { ...prepared.headers };
+    const sigB64 = Buffer.from(signature).toString('base64url');
+    headers['Signature-Input'] = `${prepared.label}=${(0, canonicalize_1.formatSignatureParams)(prepared.components, prepared.params)}`;
+    headers['Signature'] = `${prepared.label}=:${sigB64}:`;
+    return { status: prepared.status, headers, signatureBase: prepared.base, params: prepared.params };
+}
+/**
+ * Sign an outbound response under the RFC 9421 response-signing profile
+ * (`tag=adcp/response-signing/v1`). Covers `@status` and `@authority` by
+ * default, plus `content-type` + `content-digest` when a body is present.
+ * Servers emitting signed responses (e.g. seller agents whose clients
+ * verify `get_products` payloads before parsing) should use this instead
+ * of hand-rolling signatures.
+ *
+ * Returns headers as a plain `Record<string, string>` for direct use with
+ * Express (`res.set(signed.headers)`). For Fetch / Node `Response` (where
+ * the headers object is immutable on construction), spread into the
+ * `Headers` constructor or `setHeader` loop:
+ *
+ * ```ts
+ * // Express
+ * res.status(signed.status).set(signed.headers).send(body);
+ *
+ * // Fetch / Workers / Node 20+ Response
+ * return new Response(body, { status: signed.status, headers: signed.headers });
+ *
+ * // Node `http.ServerResponse`
+ * res.writeHead(signed.status, signed.headers).end(body);
+ * ```
+ */
+function signResponse(response, key, options = {}) {
+    assertKeyPurpose(key, 'response-signing');
+    const prepared = prepareResponseSignature(response, { keyid: key.keyid, alg: key.alg }, options);
+    const signature = produceSignature(key, Buffer.from(prepared.base, 'utf8'));
+    return finalizeResponseSignature(prepared, signature);
+}
 function produceSignature(key, data) {
     const privateKey = (0, crypto_1.createPrivateKey)({
         key: key.privateKey,

package/dist/lib/signing/signer.js.map

@@ -1 +1 @@
-{"version":3,"file":"signer.js","sourceRoot":"","sources":["../../../src/lib/signing/signer.ts"],"names":[],"mappings":";;AAmEA,0DAkCC;AAYD,4DAMC;AAED,kCAIC;AAsBD,0DA2BC;AASD,kCAIC;AA3LD,mCAA0F;AAC1F,iDAAmH;AACnH,qDAAwD;AACxD,mCAMiB;AACjB,yDAAuF;AAoDvF;;;;GAIG;AACH,SAAgB,uBAAuB,CACrC,OAAoB,EACpB,QAA2B,EAC3B,UAA8B,EAAE;IAEhC,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IACxE,MAAM,aAAa,GAAG,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,aAAa,IAAI,GAAG,EAAE,oCAA4B,CAAC,CAAC;IAC3F,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,IAAI,eAAe,CAAC,EAAE,CAAC,CAAC;IACnD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,IAAI,MAAM,CAAC;IACtC,MAAM,OAAO,GAAG,CAAC,OAAO,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;IAEhD,MAAM,WAAW,GAAG,OAAO,CAAC,kBAAkB,KAAK,IAAI,IAAI,OAAO,CAAC;IACnE,MAAM,OAAO,GAA2B,EAAE,GAAG,cAAc,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;IAC/E,IAAI,WAAW,EAAE,CAAC;QAChB,OAAO,CAAC,gBAAgB,CAAC,GAAG,IAAA,qCAAoB,EAAC,OAAO,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;IACvE,CAAC;IAED,MAAM,UAAU,GAAG,CAAC,GAAG,4BAAoB,CAAC,CAAC;IAC7C,IAAI,OAAO;QAAE,UAAU,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAC7C,IAAI,WAAW;QAAE,UAAU,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;IAEnD,MAAM,MAAM,GAAoB;QAC9B,OAAO,EAAE,GAAG;QACZ,OAAO,EAAE,GAAG,GAAG,aAAa;QAC5B,KAAK;QACL,KAAK,EAAE,QAAQ,CAAC,KAAK;QACrB,GAAG,EAAE,QAAQ,CAAC,GAAG;QACjB,GAAG,EAAE,2BAAmB;KACzB,CAAC;IAEF,MAAM,iBAAiB,GAAgB,EAAE,GAAG,OAAO,EAAE,OAAO,EAAE,CAAC;IAC/D,MAAM,IAAI,GAAG,IAAA,iCAAkB,EAAC,UAAU,EAAE,iBAAiB,EAAE,MAAM,CAAC,CAAC;IAEvE,OAAO,EAAE,UAAU,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;AACtD,CAAC;AAED;;;;;;;;;GASG;AACH,SAAgB,wBAAwB,CAAC,QAAkC,EAAE,SAAqB;IAChG,MAAM,OAAO,GAAG,EAAE,GAAG,QAAQ,CAAC,OAAO,EAAE,CAAC;IACxC,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;IAC5D,OAAO,CAAC,iBAAiB,CAAC,GAAG,GAAG,QAAQ,CAAC,KAAK,IAAI,IAAA,oCAAqB,EAAC,QAAQ,CAAC,UAAU,EAAE,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;IAChH,OAAO,CAAC,WAAW,CAAC,GAAG,GAAG,QAAQ,CAAC,KAAK,KAAK,MAAM,GAAG,CAAC;IACvD,OAAO,EAAE,OAAO,EAAE,aAAa,EAAE,QAAQ,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,CAAC,MAAM,EAAE,CAAC;AAC5E,CAAC;AAED,SAAgB,WAAW,CAAC,OAAoB,EAAE,GAAc,EAAE,UAA8B,EAAE;IAChG,MAAM,QAAQ,GAAG,uBAAuB,CAAC,OAAO,EAAE,EAAE,KAAK,EAAE,GAAG,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,EAAE,OAAO,CAAC,CAAC;IAC/F,MAAM,SAAS,GAAG,gBAAgB,CAAC,GAAG,EAAE,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC;IAC5E,OAAO,wBAAwB,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;AACvD,CAAC;AAeD;;;;;;GAMG;AACH,SAAgB,uBAAuB,CACrC,OAAoB,EACpB,QAA2B,EAC3B,UAA8B,EAAE;IAEhC,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IACxE,MAAM,aAAa,GAAG,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,aAAa,IAAI,GAAG,EAAE,oCAA4B,CAAC,CAAC;IAC3F,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,IAAI,eAAe,CAAC,EAAE,CAAC,CAAC;IACnD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,IAAI,MAAM,CAAC;IAEtC,MAAM,OAAO,GAA2B,EAAE,GAAG,cAAc,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;IAC/E,OAAO,CAAC,gBAAgB,CAAC,GAAG,IAAA,qCAAoB,EAAC,OAAO,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;IAErE,MAAM,UAAU,GAAG,CAAC,GAAG,+CAA4B,CAAC,CAAC;IACrD,MAAM,MAAM,GAAoB;QAC9B,OAAO,EAAE,GAAG;QACZ,OAAO,EAAE,GAAG,GAAG,aAAa;QAC5B,KAAK;QACL,KAAK,EAAE,QAAQ,CAAC,KAAK;QACrB,GAAG,EAAE,QAAQ,CAAC,GAAG;QACjB,GAAG,EAAE,OAAO,CAAC,GAAG,IAAI,sCAAmB;KACxC,CAAC;IAEF,MAAM,iBAAiB,GAAgB,EAAE,GAAG,OAAO,EAAE,OAAO,EAAE,CAAC;IAC/D,MAAM,IAAI,GAAG,IAAA,iCAAkB,EAAC,UAAU,EAAE,iBAAiB,EAAE,MAAM,CAAC,CAAC;IAEvE,OAAO,EAAE,UAAU,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;AACtD,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,WAAW,CAAC,OAAoB,EAAE,GAAc,EAAE,UAA8B,EAAE;IAChG,MAAM,QAAQ,GAAG,uBAAuB,CAAC,OAAO,EAAE,EAAE,KAAK,EAAE,GAAG,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,EAAE,OAAO,CAAC,CAAC;IAC/F,MAAM,SAAS,GAAG,gBAAgB,CAAC,GAAG,EAAE,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC;IAC5E,OAAO,wBAAwB,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;AACvD,CAAC;AAED,SAAS,gBAAgB,CAAC,GAAc,EAAE,IAAY;IACpD,MAAM,UAAU,GAAG,IAAA,yBAAgB,EAAC;QAClC,GAAG,EAAE,GAAG,CAAC,UAAwB;QACjC,MAAM,EAAE,KAAK;KACd,CAAC,CAAC;IACH,IAAI,GAAG,CAAC,GAAG,KAAK,SAAS,EAAE,CAAC;QAC1B,OAAO,IAAI,UAAU,CAAC,IAAA,aAAQ,EAAC,IAAI,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAC;IAC1D,CAAC;IACD,OAAO,IAAI,UAAU,CAAC,IAAA,aAAQ,EAAC,QAAQ,EAAE,IAAI,EAAE,EAAE,GAAG,EAAE,UAAU,EAAE,WAAW,EAAE,YAAY,EAAE,CAAC,CAAC,CAAC;AAClG,CAAC;AAED,SAAS,cAAc,CAAC,OAAsD;IAC5E,MAAM,GAAG,GAA2B,EAAE,CAAC;IACvC,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QAC7C,IAAI,CAAC,KAAK,SAAS;YAAE,SAAS;QAC9B,wEAAwE;QACxE,4EAA4E;QAC5E,GAAG,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IACjF,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,eAAe,CAAC,UAAkB;IACzC,OAAO,IAAA,oBAAW,EAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;AAChH,CAAC"}
+{"version":3,"file":"signer.js","sourceRoot":"","sources":["../../../src/lib/signing/signer.ts"],"names":[],"mappings":";;AAmGS,sDAAqB;AA4D9B,0DAkCC;AAYD,4DAMC;AAED,kCAKC;AA0BD,0DA2BC;AASD,kCAKC;AA6ED,4DAuCC;AASD,8DAMC;AA0BD,oCASC;AAncD,mCAA0F;AAC1F,iDAOwB;AACxB,qDAAwD;AACxD,qCAAgG;AAEhG,mCAQiB;AACjB,yDAAuF;AAoBvF;;;;;;;;;;;GAWG;AACH,SAAS,gBAAgB,CAAC,GAAc,EAAE,QAAiB;IACzD,sBAAsB,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,CAAC,UAAU,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;AACvE,CAAC;AAED;;;;;;;;;;GAUG;AACH,SAAS,qBAAqB,CAC5B,QAAgE,EAChE,QAAiB;IAEjB,IAAI,QAAQ,CAAC,OAAO,KAAK,SAAS;QAAE,OAAO;IAC3C,sBAAsB,CAAC,QAAQ,CAAC,KAAK,EAAE,QAAQ,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;AACrE,CAAC;AAED,SAAS,sBAAsB,CAAC,KAAa,EAAE,MAA0B,EAAE,QAAiB;IAC1F,IAAI,MAAM,KAAK,QAAQ;QAAE,OAAO;IAChC,MAAM,OAAO,GACX,gBAAgB,KAAK,kBAAkB,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,MAAM,GAAG,GAAG;QAC5F,4BAA4B,QAAQ,6BAA6B,QAAQ,QAAQ;QACjF,6BAA6B,QAAQ,+DAA+D,CAAC;IACvG,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,iBAAiB;YACpB,MAAM,IAAI,8BAAqB,CAAC,uCAAuC,EAAE,CAAC,EAAE,OAAO,CAAC,CAAC;QACvF,KAAK,iBAAiB;YACpB,MAAM,IAAI,8BAAqB,CAAC,uCAAuC,EAAE,CAAC,EAAE,OAAO,CAAC,CAAC;QACvF,KAAK,kBAAkB;YACrB,MAAM,IAAI,+BAAsB,CAAC,wCAAwC,EAAE,CAAC,EAAE,OAAO,CAAC,CAAC;QACzF,OAAO,CAAC,CAAC,CAAC;YACR,oEAAoE;YACpE,mEAAmE;YACnE,gDAAgD;YAChD,MAAM,WAAW,GAAU,QAAQ,CAAC;YACpC,MAAM,IAAI,KAAK,CAAC,mCAAmC,WAAW,GAAG,CAAC,CAAC;QACrE,CAAC;IACH,CAAC;AACH,CAAC;AAgDD;;;;;;;;;;;;;GAaG;AACH,SAAgB,uBAAuB,CACrC,OAAoB,EACpB,QAA2B,EAC3B,UAA8B,EAAE;IAEhC,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IACxE,MAAM,aAAa,GAAG,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,aAAa,IAAI,GAAG,EAAE,oCAA4B,CAAC,CAAC;IAC3F,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,IAAI,eAAe,CAAC,EAAE,CAAC,CAAC;IACnD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,IAAI,MAAM,CAAC;IACtC,MAAM,OAAO,GAAG,CAAC,OAAO,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;IAEhD,MAAM,WAAW,GAAG,OAAO,CAAC,kBAAkB,KAAK,IAAI,IAAI,OAAO,CAAC;IACnE,MAAM,OAAO,GAA2B,EAAE,GAAG,cAAc,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;IAC/E,IAAI,WAAW,EAAE,CAAC;QAChB,OAAO,CAAC,gBAAgB,CAAC,GAAG,IAAA,qCAAoB,EAAC,OAAO,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;IACvE,CAAC;IAED,MAAM,UAAU,GAAG,CAAC,GAAG,4BAAoB,CAAC,CAAC;IAC7C,IAAI,OAAO;QAAE,UAAU,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAC7C,IAAI,WAAW;QAAE,UAAU,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;IAEnD,MAAM,MAAM,GAAoB;QAC9B,OAAO,EAAE,GAAG;QACZ,OAAO,EAAE,GAAG,GAAG,aAAa;QAC5B,KAAK;QACL,KAAK,EAAE,QAAQ,CAAC,KAAK;QACrB,GAAG,EAAE,QAAQ,CAAC,GAAG;QACjB,GAAG,EAAE,2BAAmB;KACzB,CAAC;IAEF,MAAM,iBAAiB,GAAgB,EAAE,GAAG,OAAO,EAAE,OAAO,EAAE,CAAC;IAC/D,MAAM,IAAI,GAAG,IAAA,iCAAkB,EAAC,UAAU,EAAE,iBAAiB,EAAE,MAAM,CAAC,CAAC;IAEvE,OAAO,EAAE,UAAU,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;AACtD,CAAC;AAED;;;;;;;;;GASG;AACH,SAAgB,wBAAwB,CAAC,QAAkC,EAAE,SAAqB;IAChG,MAAM,OAAO,GAAG,EAAE,GAAG,QAAQ,CAAC,OAAO,EAAE,CAAC;IACxC,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;IAC5D,OAAO,CAAC,iBAAiB,CAAC,GAAG,GAAG,QAAQ,CAAC,KAAK,IAAI,IAAA,oCAAqB,EAAC,QAAQ,CAAC,UAAU,EAAE,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;IAChH,OAAO,CAAC,WAAW,CAAC,GAAG,GAAG,QAAQ,CAAC,KAAK,KAAK,MAAM,GAAG,CAAC;IACvD,OAAO,EAAE,OAAO,EAAE,aAAa,EAAE,QAAQ,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,CAAC,MAAM,EAAE,CAAC;AAC5E,CAAC;AAED,SAAgB,WAAW,CAAC,OAAoB,EAAE,GAAc,EAAE,UAA8B,EAAE;IAChG,gBAAgB,CAAC,GAAG,EAAE,iBAAiB,CAAC,CAAC;IACzC,MAAM,QAAQ,GAAG,uBAAuB,CAAC,OAAO,EAAE,EAAE,KAAK,EAAE,GAAG,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,EAAE,OAAO,CAAC,CAAC;IAC/F,MAAM,SAAS,GAAG,gBAAgB,CAAC,GAAG,EAAE,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC;IAC5E,OAAO,wBAAwB,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;AACvD,CAAC;AAeD;;;;;;;;;;GAUG;AACH,SAAgB,uBAAuB,CACrC,OAAoB,EACpB,QAA2B,EAC3B,UAA8B,EAAE;IAEhC,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IACxE,MAAM,aAAa,GAAG,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,aAAa,IAAI,GAAG,EAAE,oCAA4B,CAAC,CAAC;IAC3F,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,IAAI,eAAe,CAAC,EAAE,CAAC,CAAC;IACnD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,IAAI,MAAM,CAAC;IAEtC,MAAM,OAAO,GAA2B,EAAE,GAAG,cAAc,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;IAC/E,OAAO,CAAC,gBAAgB,CAAC,GAAG,IAAA,qCAAoB,EAAC,OAAO,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;IAErE,MAAM,UAAU,GAAG,CAAC,GAAG,+CAA4B,CAAC,CAAC;IACrD,MAAM,MAAM,GAAoB;QAC9B,OAAO,EAAE,GAAG;QACZ,OAAO,EAAE,GAAG,GAAG,aAAa;QAC5B,KAAK;QACL,KAAK,EAAE,QAAQ,CAAC,KAAK;QACrB,GAAG,EAAE,QAAQ,CAAC,GAAG;QACjB,GAAG,EAAE,OAAO,CAAC,GAAG,IAAI,sCAAmB;KACxC,CAAC;IAEF,MAAM,iBAAiB,GAAgB,EAAE,GAAG,OAAO,EAAE,OAAO,EAAE,CAAC;IAC/D,MAAM,IAAI,GAAG,IAAA,iCAAkB,EAAC,UAAU,EAAE,iBAAiB,EAAE,MAAM,CAAC,CAAC;IAEvE,OAAO,EAAE,UAAU,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;AACtD,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,WAAW,CAAC,OAAoB,EAAE,GAAc,EAAE,UAA8B,EAAE;IAChG,gBAAgB,CAAC,GAAG,EAAE,iBAAiB,CAAC,CAAC;IACzC,MAAM,QAAQ,GAAG,uBAAuB,CAAC,OAAO,EAAE,EAAE,KAAK,EAAE,GAAG,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,EAAE,OAAO,CAAC,CAAC;IAC/F,MAAM,SAAS,GAAG,gBAAgB,CAAC,GAAG,EAAE,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC;IAC5E,OAAO,wBAAwB,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;AACvD,CAAC;AAgED;;;;;;;;;;;;GAYG;AACH,SAAgB,wBAAwB,CACtC,QAAsB,EACtB,QAA2B,EAC3B,UAA+B,EAAE;IAEjC,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IACxE,MAAM,aAAa,GAAG,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,aAAa,IAAI,GAAG,EAAE,oCAA4B,CAAC,CAAC;IAC3F,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,IAAI,eAAe,CAAC,EAAE,CAAC,CAAC;IACnD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,IAAI,MAAM,CAAC;IACtC,MAAM,OAAO,GAAG,CAAC,QAAQ,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;IACjD,MAAM,WAAW,GAAG,CAAC,OAAO,CAAC,kBAAkB,IAAI,IAAI,CAAC,IAAI,OAAO,CAAC;IAEpE,MAAM,OAAO,GAA2B,EAAE,GAAG,cAAc,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;IAChF,IAAI,WAAW,EAAE,CAAC;QAChB,OAAO,CAAC,gBAAgB,CAAC,GAAG,IAAA,qCAAoB,EAAC,QAAQ,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;IACxE,CAAC;IAED,MAAM,UAAU,GAAG,CAAC,GAAG,qCAA6B,CAAC,CAAC;IACtD,IAAI,OAAO;QAAE,UAAU,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAC7C,IAAI,WAAW;QAAE,UAAU,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;IACnD,IAAI,OAAO,CAAC,oBAAoB,EAAE,CAAC;QACjC,KAAK,MAAM,CAAC,IAAI,OAAO,CAAC,oBAAoB,EAAE,CAAC;YAC7C,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC;gBAAE,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClD,CAAC;IACH,CAAC;IAED,MAAM,MAAM,GAAoB;QAC9B,OAAO,EAAE,GAAG;QACZ,OAAO,EAAE,GAAG,GAAG,aAAa;QAC5B,KAAK;QACL,KAAK,EAAE,QAAQ,CAAC,KAAK;QACrB,GAAG,EAAE,QAAQ,CAAC,GAAG;QACjB,GAAG,EAAE,OAAO,CAAC,GAAG,IAAI,4BAAoB;KACzC,CAAC;IAEF,MAAM,kBAAkB,GAAiB,EAAE,GAAG,QAAQ,EAAE,OAAO,EAAE,CAAC;IAClE,MAAM,IAAI,GAAG,IAAA,yCAA0B,EAAC,UAAU,EAAE,kBAAkB,EAAE,MAAM,CAAC,CAAC;IAEhF,OAAO,EAAE,MAAM,EAAE,QAAQ,CAAC,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;AAC/E,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,yBAAyB,CAAC,QAAmC,EAAE,SAAqB;IAClG,MAAM,OAAO,GAAG,EAAE,GAAG,QAAQ,CAAC,OAAO,EAAE,CAAC;IACxC,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;IAC5D,OAAO,CAAC,iBAAiB,CAAC,GAAG,GAAG,QAAQ,CAAC,KAAK,IAAI,IAAA,oCAAqB,EAAC,QAAQ,CAAC,UAAU,EAAE,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;IAChH,OAAO,CAAC,WAAW,CAAC,GAAG,GAAG,QAAQ,CAAC,KAAK,KAAK,MAAM,GAAG,CAAC;IACvD,OAAO,EAAE,MAAM,EAAE,QAAQ,CAAC,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,QAAQ,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,CAAC,MAAM,EAAE,CAAC;AACrG,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,SAAgB,YAAY,CAC1B,QAAsB,EACtB,GAAc,EACd,UAA+B,EAAE;IAEjC,gBAAgB,CAAC,GAAG,EAAE,kBAAkB,CAAC,CAAC;IAC1C,MAAM,QAAQ,GAAG,wBAAwB,CAAC,QAAQ,EAAE,EAAE,KAAK,EAAE,GAAG,CAAC,KAAK,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,EAAE,OAAO,CAAC,CAAC;IACjG,MAAM,SAAS,GAAG,gBAAgB,CAAC,GAAG,EAAE,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC;IAC5E,OAAO,yBAAyB,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;AACxD,CAAC;AAED,SAAS,gBAAgB,CAAC,GAAc,EAAE,IAAY;IACpD,MAAM,UAAU,GAAG,IAAA,yBAAgB,EAAC;QAClC,GAAG,EAAE,GAAG,CAAC,UAAwB;QACjC,MAAM,EAAE,KAAK;KACd,CAAC,CAAC;IACH,IAAI,GAAG,CAAC,GAAG,KAAK,SAAS,EAAE,CAAC;QAC1B,OAAO,IAAI,UAAU,CAAC,IAAA,aAAQ,EAAC,IAAI,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAC;IAC1D,CAAC;IACD,OAAO,IAAI,UAAU,CAAC,IAAA,aAAQ,EAAC,QAAQ,EAAE,IAAI,EAAE,EAAE,GAAG,EAAE,UAAU,EAAE,WAAW,EAAE,YAAY,EAAE,CAAC,CAAC,CAAC;AAClG,CAAC;AAED,SAAS,cAAc,CAAC,OAAsD;IAC5E,MAAM,GAAG,GAA2B,EAAE,CAAC;IACvC,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QAC7C,IAAI,CAAC,KAAK,SAAS;YAAE,SAAS;QAC9B,wEAAwE;QACxE,4EAA4E;QAC5E,GAAG,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IACjF,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,eAAe,CAAC,UAAkB;IACzC,OAAO,IAAA,oBAAW,EAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;AAChH,CAAC"}

package/dist/lib/signing/testing.d.ts

@@ -16,6 +16,15 @@ export interface InMemorySigningProviderOptions {
     algorithm: AdcpSignAlg;
     /** Private JWK including the `d` scalar. */
     privateKey: AdcpJsonWebKey;
+    /**
+     * Optional purpose binding. When supplied, the async signing helpers
+     * (`signRequestAsync` / `signWebhookAsync` / `signResponseAsync`) refuse
+     * to sign with a mismatched purpose — same defense-in-depth gate the
+     * sync path's `SignerKey.privateKey.adcp_use` provides. Defaults to the
+     * value carried on `privateKey.adcp_use` when present, so adapters
+     * minted via `pemToAdcpJwk({ adcp_use: ... })` get the binding for free.
+     */
+    adcpUse?: AdcpUse;
 }
 /**
  * Reference {@link SigningProvider} that holds the private JWK in process
@@ -32,6 +41,7 @@ export declare class InMemorySigningProvider implements SigningProvider {
     readonly keyid: string;
     readonly algorithm: AdcpSignAlg;
     readonly fingerprint: string;
+    readonly adcpUse?: AdcpUse;
     private readonly privateKey;
     constructor(options: InMemorySigningProviderOptions);
     sign(payload: Uint8Array): Promise<Uint8Array>;

package/dist/lib/signing/testing.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"testing.d.ts","sourceRoot":"","sources":["../../../src/lib/signing/testing.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAClD,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,UAAU,CAAC;AAC1C,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,KAAK,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAE3D;;;;;GAKG;AACH,eAAO,MAAM,0BAA0B,gCAAgC,CAAC;AAExE,MAAM,WAAW,8BAA8B;IAC7C,4CAA4C;IAC5C,KAAK,EAAE,MAAM,CAAC;IACd,sEAAsE;IACtE,SAAS,EAAE,WAAW,CAAC;IACvB,4CAA4C;IAC5C,UAAU,EAAE,cAAc,CAAC;CAC5B;AAED;;;;;;;;;;GAUG;AACH,qBAAa,uBAAwB,YAAW,eAAe;IAC7D,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,SAAS,EAAE,WAAW,CAAC;IAChC,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAiB;gBAEhC,OAAO,EAAE,8BAA8B;IAgC7C,IAAI,CAAC,OAAO,EAAE,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC;CAQrD;AAED;;;;;GAKG;AACH,wBAAgB,mBAAmB,CAAC,GAAG,EAAE,SAAS,GAAG,eAAe,CAMnE;AAED,MAAM,WAAW,mBAAmB;IAClC,uCAAuC;IACvC,GAAG,EAAE,MAAM,CAAC;IACZ;;;;OAIG;IACH,SAAS,EAAE,WAAW,CAAC;IACvB,kFAAkF;IAClF,SAAS,EAAE,cAAc,CAAC;IAC1B;;;;OAIG;IACH,UAAU,EAAE,cAAc,CAAC;CAC5B;AAED,MAAM,WAAW,8BAA8B;IAC7C;;;;;OAKG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;;;;;;;OAOG;IACH,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAED;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,wBAAsB,uBAAuB,CAAC,IAAI,CAAC,EAAE,8BAA8B,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAoCjH"}
+{"version":3,"file":"testing.d.ts","sourceRoot":"","sources":["../../../src/lib/signing/testing.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAClD,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,UAAU,CAAC;AAC1C,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,KAAK,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAE3D;;;;;GAKG;AACH,eAAO,MAAM,0BAA0B,gCAAgC,CAAC;AAOxE,MAAM,WAAW,8BAA8B;IAC7C,4CAA4C;IAC5C,KAAK,EAAE,MAAM,CAAC;IACd,sEAAsE;IACtE,SAAS,EAAE,WAAW,CAAC;IACvB,4CAA4C;IAC5C,UAAU,EAAE,cAAc,CAAC;IAC3B;;;;;;;OAOG;IACH,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAED;;;;;;;;;;GAUG;AACH,qBAAa,uBAAwB,YAAW,eAAe;IAC7D,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,SAAS,EAAE,WAAW,CAAC;IAChC,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,OAAO,CAAC,EAAE,OAAO,CAAC;IAC3B,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAiB;gBAEhC,OAAO,EAAE,8BAA8B;IAoC7C,IAAI,CAAC,OAAO,EAAE,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC;CAQrD;AAED;;;;;GAKG;AACH,wBAAgB,mBAAmB,CAAC,GAAG,EAAE,SAAS,GAAG,eAAe,CAMnE;AAED,MAAM,WAAW,mBAAmB;IAClC,uCAAuC;IACvC,GAAG,EAAE,MAAM,CAAC;IACZ;;;;OAIG;IACH,SAAS,EAAE,WAAW,CAAC;IACvB,kFAAkF;IAClF,SAAS,EAAE,cAAc,CAAC;IAC1B;;;;OAIG;IACH,UAAU,EAAE,cAAc,CAAC;CAC5B;AAED,MAAM,WAAW,8BAA8B;IAC7C;;;;;OAKG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;;;;;;;OAOG;IACH,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAED;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,wBAAsB,uBAAuB,CAAC,IAAI,CAAC,EAAE,8BAA8B,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAoCjH"}

package/dist/lib/signing/testing.js

@@ -44,6 +44,10 @@ const node_crypto_1 = require("node:crypto");
  * production-time guard.
  */
 exports.ALLOW_IN_MEMORY_SIGNER_ENV = 'ADCP_ALLOW_IN_MEMORY_SIGNER';
+const ADCP_USE_VALUES = new Set(['request-signing', 'webhook-signing', 'response-signing']);
+function isAdcpUse(value) {
+    return typeof value === 'string' && ADCP_USE_VALUES.has(value);
+}
 /**
  * Reference {@link SigningProvider} that holds the private JWK in process
  * memory. Useful for unit tests, conformance vectors, and local development.
@@ -59,6 +63,7 @@ class InMemorySigningProvider {
     keyid;
     algorithm;
     fingerprint;
+    adcpUse;
     privateKey;
     constructor(options) {
         // The env is read once at construction. Module-init paths that
@@ -78,6 +83,10 @@ class InMemorySigningProvider {
         this.keyid = options.keyid;
         this.algorithm = options.algorithm;
         this.privateKey = options.privateKey;
+        // Prefer explicit `adcpUse` option; fall back to the JWK's `adcp_use`
+        // metadata so keys minted via `pemToAdcpJwk` get the binding for free.
+        const jwkUse = options.privateKey.adcp_use;
+        this.adcpUse = options.adcpUse ?? (isAdcpUse(jwkUse) ? jwkUse : undefined);
         // Mirrors the historical `privateKeyFingerprint` derivation — same input,
         // same 64-bit cache disambiguator, so behavior carries over for callers
         // who switch from the inline `request_signing` shape to a provider while