@agledger/verify-core 0.1.0 → 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +5 -3
- package/dist/audit-export.d.ts +40 -9
- package/dist/audit-export.d.ts.map +1 -1
- package/dist/audit-export.js +63 -15
- package/dist/audit-export.js.map +1 -1
- package/dist/index.d.ts +1 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js.map +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -22,13 +22,15 @@ CBOR decoding.
|
|
|
22
22
|
import { verifyAuditExport } from '@agledger/verify-core';
|
|
23
23
|
|
|
24
24
|
const result = verifyAuditExport(exportDocument, {
|
|
25
|
-
publicKeys,
|
|
25
|
+
publicKeys, // optional out-of-band keys, keyed by kid
|
|
26
|
+
requireOutOfBandKeys: true, // optional: refuse the export's embedded keys
|
|
26
27
|
});
|
|
27
28
|
|
|
28
|
-
if (!result.
|
|
29
|
-
console.error(
|
|
29
|
+
if (!result.valid) {
|
|
30
|
+
console.error(`Broken at position ${result.brokenAt?.position}: ${result.brokenAt?.code}`);
|
|
30
31
|
process.exit(1);
|
|
31
32
|
}
|
|
33
|
+
// { valid: true, verifiedEntries, totalEntries, keyProvenance: { outOfBand, embedded }, ... }
|
|
32
34
|
```
|
|
33
35
|
|
|
34
36
|
## What it verifies
|
package/dist/audit-export.d.ts
CHANGED
|
@@ -3,11 +3,19 @@
|
|
|
3
3
|
*
|
|
4
4
|
* This is the customer/developer path — `client.records.getAuditExport(id)`
|
|
5
5
|
* then `verifyAuditExport(...)`. It maps the export wire shape onto the shared
|
|
6
|
-
* normalized entry and runs `verifyChain`.
|
|
7
|
-
*
|
|
8
|
-
*
|
|
9
|
-
*
|
|
10
|
-
*
|
|
6
|
+
* normalized entry and runs `verifyChain`.
|
|
7
|
+
*
|
|
8
|
+
* Two of the three input-gated checks now run on the export path when the wire
|
|
9
|
+
* carries their inputs (engine ≥ v0.26.x, agledger-api commit a7eec8e4): the
|
|
10
|
+
* `actorOidcSynthesized` flag + `actorOidcIss/Sub` enable the OIDC-actor
|
|
11
|
+
* cross-check, and `exportMetadata.signingKeyWindows` + per-entry `createdAt`
|
|
12
|
+
* enable temporal key-validity. The binding-integrity check stays
|
|
13
|
+
* `skipped_no_input` here by design — the export deliberately re-projects
|
|
14
|
+
* `payload` from the signed bytes (anti-DBA-injection), so comparing signed-vs-
|
|
15
|
+
* row on the export path would compare signed bytes to a derivative of
|
|
16
|
+
* themselves; that check stays dump-only. Older exports without the new fields
|
|
17
|
+
* stay `skipped_no_input` for all three, surfaced in the result so a caller
|
|
18
|
+
* never mistakes "not checked here" for "checked and passed".
|
|
11
19
|
*/
|
|
12
20
|
import { type CheckApplicability, type OptionalCheck } from './chain.js';
|
|
13
21
|
import type { FailureCode } from './failures.js';
|
|
@@ -17,6 +25,14 @@ export interface AuditExportEntryInput {
|
|
|
17
25
|
chainPosition?: number;
|
|
18
26
|
/** Legacy alias for `chainPosition`. */
|
|
19
27
|
position?: number;
|
|
28
|
+
/** ISO-8601 write time. Engine ≥ v0.26.x — gates the temporal key-validity check. */
|
|
29
|
+
createdAt?: string;
|
|
30
|
+
/** OIDC issuer the actor was synthesized from (engine ≥ v0.26.x). */
|
|
31
|
+
actorOidcIss?: string | null;
|
|
32
|
+
/** OIDC subject the actor was synthesized from (engine ≥ v0.26.x). */
|
|
33
|
+
actorOidcSub?: string | null;
|
|
34
|
+
/** Tri-state from `audit_vault.actor_oidc_synthesized` (engine ≥ v0.26.x). Marker for the OIDC-actor check. */
|
|
35
|
+
actorOidcSynthesized?: boolean | null;
|
|
20
36
|
integrity: {
|
|
21
37
|
payloadHash: string;
|
|
22
38
|
previousHash: string | null;
|
|
@@ -25,6 +41,11 @@ export interface AuditExportEntryInput {
|
|
|
25
41
|
signingKeyId: string | null;
|
|
26
42
|
};
|
|
27
43
|
}
|
|
44
|
+
/** Per-key activation/retirement window — drives temporal key-validity (engine ≥ v0.26.x). */
|
|
45
|
+
export interface SigningKeyWindow {
|
|
46
|
+
activatedAt: string;
|
|
47
|
+
retiredAt: string | null;
|
|
48
|
+
}
|
|
28
49
|
/** A `/audit-export` document (only the fields the verifier reads). */
|
|
29
50
|
export interface RecordAuditExportInput {
|
|
30
51
|
exportMetadata: {
|
|
@@ -32,6 +53,8 @@ export interface RecordAuditExportInput {
|
|
|
32
53
|
exportFormatVersion?: string;
|
|
33
54
|
canonicalization?: string;
|
|
34
55
|
signingPublicKeys?: Record<string, string>;
|
|
56
|
+
/** keyId → activation/retirement window (engine ≥ v0.26.x). */
|
|
57
|
+
signingKeyWindows?: Record<string, SigningKeyWindow>;
|
|
35
58
|
};
|
|
36
59
|
entries: AuditExportEntryInput[];
|
|
37
60
|
}
|
|
@@ -77,10 +100,18 @@ export interface VerifyExportResult {
|
|
|
77
100
|
total: number;
|
|
78
101
|
};
|
|
79
102
|
/**
|
|
80
|
-
* Which input-gated checks ran
|
|
81
|
-
*
|
|
82
|
-
*
|
|
83
|
-
*
|
|
103
|
+
* Which input-gated checks ran on this export.
|
|
104
|
+
*
|
|
105
|
+
* - `oidc_actor` and `key_temporal` flip to `applied` when the export wire
|
|
106
|
+
* carries their inputs (engine ≥ v0.26.x: `actorOidcSynthesized` per
|
|
107
|
+
* entry, `signingKeyWindows` in exportMetadata, `createdAt` per entry).
|
|
108
|
+
* - `payload_binding` stays `skipped_no_input` here by design — the export
|
|
109
|
+
* re-projects payload from the signed bytes, so this check is dump-only
|
|
110
|
+
* (run `@agledger/verify` over a full vault dump to exercise it).
|
|
111
|
+
*
|
|
112
|
+
* Older exports without the new fields stay `skipped_no_input` for all three.
|
|
113
|
+
* The applicability is surfaced so a caller never mistakes "not checked
|
|
114
|
+
* here" for "checked and passed".
|
|
84
115
|
*/
|
|
85
116
|
optionalChecks: Record<OptionalCheck, CheckApplicability>;
|
|
86
117
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"audit-export.d.ts","sourceRoot":"","sources":["../src/audit-export.ts"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"audit-export.d.ts","sourceRoot":"","sources":["../src/audit-export.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AACH,OAAO,EAGL,KAAK,kBAAkB,EAEvB,KAAK,aAAa,EAEnB,MAAM,YAAY,CAAC;AACpB,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAEjD,+CAA+C;AAC/C,MAAM,WAAW,qBAAqB;IACpC,+FAA+F;IAC/F,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,wCAAwC;IACxC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,qFAAqF;IACrF,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,qEAAqE;IACrE,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,sEAAsE;IACtE,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,+GAA+G;IAC/G,oBAAoB,CAAC,EAAE,OAAO,GAAG,IAAI,CAAC;IACtC,SAAS,EAAE;QACT,WAAW,EAAE,MAAM,CAAC;QACpB,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;QAC5B,+DAA+D;QAC/D,SAAS,EAAE,MAAM,CAAC;QAClB,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;KAC7B,CAAC;CACH;AAED,8FAA8F;AAC9F,MAAM,WAAW,gBAAgB;IAC/B,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;CAC1B;AAED,uEAAuE;AACvE,MAAM,WAAW,sBAAsB;IACrC,cAAc,EAAE;QACd,QAAQ,EAAE,MAAM,CAAC;QACjB,mBAAmB,CAAC,EAAE,MAAM,CAAC;QAC7B,gBAAgB,CAAC,EAAE,MAAM,CAAC;QAC1B,iBAAiB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAC3C,+DAA+D;QAC/D,iBAAiB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,gBAAgB,CAAC,CAAC;KACtD,CAAC;IACF,OAAO,EAAE,qBAAqB,EAAE,CAAC;CAClC;AAED,MAAM,WAAW,mBAAmB;IAClC;;;;;OAKG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACpC,qFAAqF;IACrF,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB;;;;OAIG;IACH,oBAAoB,CAAC,EAAE,OAAO,CAAC;CAChC;AAED,MAAM,WAAW,uBAAuB;IACtC,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,OAAO,CAAC;IACf,IAAI,CAAC,EAAE,WAAW,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,IAAI,GAAG,SAAS,GAAG,UAAU,GAAG,SAAS,GAAG,aAAa,CAAC;CACvE;AAED,MAAM,WAAW,kBAAkB;IACjC,KAAK,EAAE,OAAO,CAAC;IACf,YAAY,EAAE,MAAM,CAAC;IACrB,eAAe,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,EAAE;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,WAAW,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IACpE,OAAO,EAAE,uBAAuB,EAAE,CAAC;IACnC,QAAQ,EAAE,MAAM,CAAC;IACjB,iBAAiB,EAAE;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC;IACxF;;;;;;;;;;;;;OAaG;IACH,cAAc,EAAE,MAAM,CAAC,aAAa,EAAE,kBAAkB,CAAC,CAAC;IAC1D;;;;OAIG;IACH,aAAa,EAAE;QAAE,SAAS,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAC;CACxD;AAKD,wBAAgB,iBAAiB,CAC/B,UAAU,EAAE,sBAAsB,EAClC,OAAO,GAAE,mBAAwB,GAChC,kBAAkB,CAsEpB"}
|
package/dist/audit-export.js
CHANGED
|
@@ -3,11 +3,19 @@
|
|
|
3
3
|
*
|
|
4
4
|
* This is the customer/developer path — `client.records.getAuditExport(id)`
|
|
5
5
|
* then `verifyAuditExport(...)`. It maps the export wire shape onto the shared
|
|
6
|
-
* normalized entry and runs `verifyChain`.
|
|
7
|
-
*
|
|
8
|
-
*
|
|
9
|
-
*
|
|
10
|
-
*
|
|
6
|
+
* normalized entry and runs `verifyChain`.
|
|
7
|
+
*
|
|
8
|
+
* Two of the three input-gated checks now run on the export path when the wire
|
|
9
|
+
* carries their inputs (engine ≥ v0.26.x, agledger-api commit a7eec8e4): the
|
|
10
|
+
* `actorOidcSynthesized` flag + `actorOidcIss/Sub` enable the OIDC-actor
|
|
11
|
+
* cross-check, and `exportMetadata.signingKeyWindows` + per-entry `createdAt`
|
|
12
|
+
* enable temporal key-validity. The binding-integrity check stays
|
|
13
|
+
* `skipped_no_input` here by design — the export deliberately re-projects
|
|
14
|
+
* `payload` from the signed bytes (anti-DBA-injection), so comparing signed-vs-
|
|
15
|
+
* row on the export path would compare signed bytes to a derivative of
|
|
16
|
+
* themselves; that check stays dump-only. Older exports without the new fields
|
|
17
|
+
* stay `skipped_no_input` for all three, surfaced in the result so a caller
|
|
18
|
+
* never mistakes "not checked here" for "checked and passed".
|
|
11
19
|
*/
|
|
12
20
|
import { buildKeyRegistry, verifyChain, } from './chain.js';
|
|
13
21
|
const SUPPORTED_FORMAT_VERSION = '2.0';
|
|
@@ -22,15 +30,32 @@ export function verifyAuditExport(exportData, options = {}) {
|
|
|
22
30
|
return earlyFailure(meta.recordId, entries.length, `Unsupported canonicalization ${meta.canonicalization} (only ${SUPPORTED_CANONICALIZATION} supported).`);
|
|
23
31
|
}
|
|
24
32
|
const keys = buildKeyRegistry(resolveKeys(exportData, options));
|
|
25
|
-
const normalized = entries.map((e) =>
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
33
|
+
const normalized = entries.map((e) => {
|
|
34
|
+
const base = {
|
|
35
|
+
scopeId: meta.recordId,
|
|
36
|
+
chainPosition: e.chainPosition ?? e.position ?? -1,
|
|
37
|
+
payloadHash: e.integrity.payloadHash,
|
|
38
|
+
previousHash: e.integrity.previousHash,
|
|
39
|
+
coseSign1: e.integrity.coseSign1,
|
|
40
|
+
signingKeyId: e.integrity.signingKeyId,
|
|
41
|
+
};
|
|
42
|
+
// Binding-integrity stays dump-only: the export re-projects payload from
|
|
43
|
+
// the signed bytes (anti-DBA-injection), so this check is not run here.
|
|
44
|
+
if (e.createdAt)
|
|
45
|
+
base.createdAt = e.createdAt;
|
|
46
|
+
// The synthesized flag is the marker that the export carries the OIDC
|
|
47
|
+
// wire shape at all. Older exports omit it entirely; new exports always
|
|
48
|
+
// include it (false/null/true). Setting `oidcActor` flips `oidc_actor`
|
|
49
|
+
// to `applied` in the chain result — never `applied` for old exports.
|
|
50
|
+
if (e.actorOidcSynthesized !== undefined) {
|
|
51
|
+
base.oidcActor = {
|
|
52
|
+
iss: e.actorOidcIss ?? null,
|
|
53
|
+
sub: e.actorOidcSub ?? null,
|
|
54
|
+
synthesized: e.actorOidcSynthesized ?? undefined,
|
|
55
|
+
};
|
|
56
|
+
}
|
|
57
|
+
return base;
|
|
58
|
+
});
|
|
34
59
|
const chain = verifyChain(normalized, keys, {
|
|
35
60
|
requireKeyId: options.requireKeyId,
|
|
36
61
|
requireOutOfBandKeys: options.requireOutOfBandKeys,
|
|
@@ -83,7 +108,30 @@ function resolveKeys(exportData, options) {
|
|
|
83
108
|
// Out-of-band keys override embedded keys of the same id.
|
|
84
109
|
if (options.publicKeys) {
|
|
85
110
|
for (const [keyId, spkiBase64] of Object.entries(options.publicKeys)) {
|
|
86
|
-
byId.
|
|
111
|
+
const existing = byId.get(keyId);
|
|
112
|
+
byId.set(keyId, {
|
|
113
|
+
keyId,
|
|
114
|
+
spkiBase64,
|
|
115
|
+
source: 'out-of-band',
|
|
116
|
+
...(existing?.activatedAt !== undefined ? { activatedAt: existing.activatedAt } : {}),
|
|
117
|
+
...(existing?.retiredAt !== undefined ? { retiredAt: existing.retiredAt } : {}),
|
|
118
|
+
});
|
|
119
|
+
}
|
|
120
|
+
}
|
|
121
|
+
// Attach activation/retirement windows from exportMetadata (engine ≥ v0.26.x).
|
|
122
|
+
// Older exports omit signingKeyWindows; keys stay without a window and
|
|
123
|
+
// verifyChain reports `key_temporal` as `skipped_no_input`.
|
|
124
|
+
const windows = meta.signingKeyWindows;
|
|
125
|
+
if (windows) {
|
|
126
|
+
for (const [keyId, window] of Object.entries(windows)) {
|
|
127
|
+
const existing = byId.get(keyId);
|
|
128
|
+
if (!existing)
|
|
129
|
+
continue;
|
|
130
|
+
byId.set(keyId, {
|
|
131
|
+
...existing,
|
|
132
|
+
activatedAt: window.activatedAt,
|
|
133
|
+
retiredAt: window.retiredAt,
|
|
134
|
+
});
|
|
87
135
|
}
|
|
88
136
|
}
|
|
89
137
|
return [...byId.values()];
|
package/dist/audit-export.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"audit-export.js","sourceRoot":"","sources":["../src/audit-export.ts"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"audit-export.js","sourceRoot":"","sources":["../src/audit-export.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AACH,OAAO,EACL,gBAAgB,EAChB,WAAW,GAKZ,MAAM,YAAY,CAAC;AAsGpB,MAAM,wBAAwB,GAAG,KAAK,CAAC;AACvC,MAAM,0BAA0B,GAAG,aAAa,CAAC;AAEjD,MAAM,UAAU,iBAAiB,CAC/B,UAAkC,EAClC,UAA+B,EAAE;IAEjC,MAAM,IAAI,GAAG,UAAU,CAAC,cAAc,CAAC;IACvC,MAAM,OAAO,GAAG,UAAU,CAAC,OAAO,IAAI,EAAE,CAAC;IAEzC,IAAI,IAAI,CAAC,mBAAmB,IAAI,IAAI,CAAC,mBAAmB,KAAK,wBAAwB,EAAE,CAAC;QACtF,OAAO,YAAY,CACjB,IAAI,CAAC,QAAQ,EACb,OAAO,CAAC,MAAM,EACd,mCAAmC,IAAI,CAAC,mBAAmB,yBAAyB,wBAAwB,IAAI,CACjH,CAAC;IACJ,CAAC;IACD,IAAI,IAAI,CAAC,gBAAgB,IAAI,IAAI,CAAC,gBAAgB,KAAK,0BAA0B,EAAE,CAAC;QAClF,OAAO,YAAY,CACjB,IAAI,CAAC,QAAQ,EACb,OAAO,CAAC,MAAM,EACd,gCAAgC,IAAI,CAAC,gBAAgB,UAAU,0BAA0B,cAAc,CACxG,CAAC;IACJ,CAAC;IAED,MAAM,IAAI,GAAG,gBAAgB,CAAC,WAAW,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;IAChE,MAAM,UAAU,GAAsB,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;QACtD,MAAM,IAAI,GAAoB;YAC5B,OAAO,EAAE,IAAI,CAAC,QAAQ;YACtB,aAAa,EAAE,CAAC,CAAC,aAAa,IAAI,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC;YAClD,WAAW,EAAE,CAAC,CAAC,SAAS,CAAC,WAAW;YACpC,YAAY,EAAE,CAAC,CAAC,SAAS,CAAC,YAAY;YACtC,SAAS,EAAE,CAAC,CAAC,SAAS,CAAC,SAAS;YAChC,YAAY,EAAE,CAAC,CAAC,SAAS,CAAC,YAAY;SACvC,CAAC;QACF,yEAAyE;QACzE,wEAAwE;QACxE,IAAI,CAAC,CAAC,SAAS;YAAE,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,SAAS,CAAC;QAC9C,sEAAsE;QACtE,wEAAwE;QACxE,uEAAuE;QACvE,sEAAsE;QACtE,IAAI,CAAC,CAAC,oBAAoB,KAAK,SAAS,EAAE,CAAC;YACzC,IAAI,CAAC,SAAS,GAAG;gBACf,GAAG,EAAE,CAAC,CAAC,YAAY,IAAI,IAAI;gBAC3B,GAAG,EAAE,CAAC,CAAC,YAAY,IAAI,IAAI;gBAC3B,WAAW,EAAE,CAAC,CAAC,oBAAoB,IAAI,SAAS;aACjD,CAAC;QACJ,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC,CAAC,CAAC;IAEH,MAAM,KAAK,GAAG,WAAW,CAAC,UAAU,EAAE,IAAI,EAAE;QAC1C,YAAY,EAAE,OAAO,CAAC,YAAY;QAClC,oBAAoB,EAAE,OAAO,CAAC,oBAAoB;KACnD,CAAC,CAAC;IAEH,OAAO;QACL,KAAK,EAAE,KAAK,CAAC,KAAK;QAClB,YAAY,EAAE,KAAK,CAAC,YAAY;QAChC,eAAe,EAAE,KAAK,CAAC,eAAe;QACtC,QAAQ,EAAE,KAAK,CAAC,QAAQ;YACtB,CAAC,CAAC,EAAE,QAAQ,EAAE,KAAK,CAAC,QAAQ,CAAC,QAAQ,EAAE,IAAI,EAAE,KAAK,CAAC,QAAQ,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,CAAC,QAAQ,CAAC,MAAM,EAAE;YACjG,CAAC,CAAC,SAAS;QACb,OAAO,EAAE,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACjC,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,KAAK,EAAE,CAAC,CAAC,KAAK;YACd,IAAI,EAAE,CAAC,CAAC,OAAO,EAAE,IAAI;YACrB,MAAM,EAAE,CAAC,CAAC,OAAO,EAAE,MAAM;YACzB,SAAS,EAAE,CAAC,CAAC,SAAS;SACvB,CAAC,CAAC;QACH,QAAQ,EAAE,IAAI,CAAC,QAAQ;QACvB,iBAAiB,EAAE,KAAK,CAAC,iBAAiB;QAC1C,cAAc,EAAE,KAAK,CAAC,cAAc;QACpC,aAAa,EAAE,KAAK,CAAC,aAAa;KACnC,CAAC;AACJ,CAAC;AAED,SAAS,YAAY,CAAC,QAAgB,EAAE,YAAoB,EAAE,MAAc;IAC1E,OAAO;QACL,KAAK,EAAE,KAAK;QACZ,YAAY;QACZ,eAAe,EAAE,CAAC;QAClB,QAAQ,EAAE,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,oBAAoB,EAAE,MAAM,EAAE;QAC7D,OAAO,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,oBAAoB,EAAE,MAAM,EAAE,CAAC;QAC5E,QAAQ;QACR,iBAAiB,EAAE,EAAE,MAAM,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE,KAAK,EAAE,YAAY,EAAE;QAC9E,cAAc,EAAE;YACd,eAAe,EAAE,kBAAkB;YACnC,UAAU,EAAE,kBAAkB;YAC9B,YAAY,EAAE,kBAAkB;SACjC;QACD,aAAa,EAAE,EAAE,SAAS,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,EAAE;KAC7C,CAAC;AACJ,CAAC;AAED,SAAS,WAAW,CAClB,UAAkC,EAClC,OAA4B;IAE5B,MAAM,IAAI,GAAG,IAAI,GAAG,EAA2B,CAAC;IAChD,MAAM,IAAI,GAAG,UAAU,CAAC,cAAc,CAAC;IACvC,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAC3B,KAAK,MAAM,CAAC,KAAK,EAAE,UAAU,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,CAAC;YACzE,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,EAAE,KAAK,EAAE,UAAU,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC,CAAC;QAC7D,CAAC;IACH,CAAC;IACD,0DAA0D;IAC1D,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;QACvB,KAAK,MAAM,CAAC,KAAK,EAAE,UAAU,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC;YACrE,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;YACjC,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE;gBACd,KAAK;gBACL,UAAU;gBACV,MAAM,EAAE,aAAa;gBACrB,GAAG,CAAC,QAAQ,EAAE,WAAW,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,QAAQ,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBACrF,GAAG,CAAC,QAAQ,EAAE,SAAS,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,QAAQ,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;aAChF,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IACD,+EAA+E;IAC/E,uEAAuE;IACvE,4DAA4D;IAC5D,MAAM,OAAO,GAAG,IAAI,CAAC,iBAAiB,CAAC;IACvC,IAAI,OAAO,EAAE,CAAC;QACZ,KAAK,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;YACtD,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;YACjC,IAAI,CAAC,QAAQ;gBAAE,SAAS;YACxB,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE;gBACd,GAAG,QAAQ;gBACX,WAAW,EAAE,MAAM,CAAC,WAAW;gBAC/B,SAAS,EAAE,MAAM,CAAC,SAAS;aAC5B,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IACD,OAAO,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;AAC5B,CAAC"}
|
package/dist/index.d.ts
CHANGED
|
@@ -8,7 +8,7 @@ export type { FailureCode } from './failures.js';
|
|
|
8
8
|
export { buildKeyRegistry, verifyChain, } from './chain.js';
|
|
9
9
|
export type { KeySource, VerificationKey, KeyRegistry, NormalizedEntry, OptionalCheck, CheckApplicability, SignatureOutcome, ChainEntryResult, ChainResult, VerifyChainOptions, } from './chain.js';
|
|
10
10
|
export { verifyAuditExport } from './audit-export.js';
|
|
11
|
-
export type { AuditExportEntryInput, RecordAuditExportInput, VerifyExportOptions, EntryVerificationResult, VerifyExportResult, } from './audit-export.js';
|
|
11
|
+
export type { AuditExportEntryInput, RecordAuditExportInput, SigningKeyWindow, VerifyExportOptions, EntryVerificationResult, VerifyExportResult, } from './audit-export.js';
|
|
12
12
|
export { sha256Hex, sha256HexString, verifyEd25519Bytes, decodeCoseSign1, verifyCoseSign1, extractChainClaim, extractOnBehalfOfClaim, extractTraceparentClaim, decodePredicate, buildPredicateForRow, stripEnvelopeExtensions, deepEqual, merkleRoot, verifyInclusion, rfc9162LeafHash, rfc9162NodeHash, verifyRfc9162Inclusion, extractReceiptInclusionProof, verifyReceipt, } from './primitives.js';
|
|
13
13
|
export type { CoseSign1Parts, CoseVerifyOutcome, ChainClaim, ReceiptInclusionProof, ReceiptVerifyOutcome, } from './primitives.js';
|
|
14
14
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAC3C,YAAY,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAEjD,OAAO,EACL,gBAAgB,EAChB,WAAW,GACZ,MAAM,YAAY,CAAC;AACpB,YAAY,EACV,SAAS,EACT,eAAe,EACf,WAAW,EACX,eAAe,EACf,aAAa,EACb,kBAAkB,EAClB,gBAAgB,EAChB,gBAAgB,EAChB,WAAW,EACX,kBAAkB,GACnB,MAAM,YAAY,CAAC;AAEpB,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AACtD,YAAY,EACV,qBAAqB,EACrB,sBAAsB,EACtB,mBAAmB,EACnB,uBAAuB,EACvB,kBAAkB,GACnB,MAAM,mBAAmB,CAAC;AAE3B,OAAO,EACL,SAAS,EACT,eAAe,EACf,kBAAkB,EAClB,eAAe,EACf,eAAe,EACf,iBAAiB,EACjB,sBAAsB,EACtB,uBAAuB,EACvB,eAAe,EACf,oBAAoB,EACpB,uBAAuB,EACvB,SAAS,EACT,UAAU,EACV,eAAe,EACf,eAAe,EACf,eAAe,EACf,sBAAsB,EACtB,4BAA4B,EAC5B,aAAa,GACd,MAAM,iBAAiB,CAAC;AACzB,YAAY,EACV,cAAc,EACd,iBAAiB,EACjB,UAAU,EACV,qBAAqB,EACrB,oBAAoB,GACrB,MAAM,iBAAiB,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAC3C,YAAY,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAEjD,OAAO,EACL,gBAAgB,EAChB,WAAW,GACZ,MAAM,YAAY,CAAC;AACpB,YAAY,EACV,SAAS,EACT,eAAe,EACf,WAAW,EACX,eAAe,EACf,aAAa,EACb,kBAAkB,EAClB,gBAAgB,EAChB,gBAAgB,EAChB,WAAW,EACX,kBAAkB,GACnB,MAAM,YAAY,CAAC;AAEpB,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AACtD,YAAY,EACV,qBAAqB,EACrB,sBAAsB,EACtB,gBAAgB,EAChB,mBAAmB,EACnB,uBAAuB,EACvB,kBAAkB,GACnB,MAAM,mBAAmB,CAAC;AAE3B,OAAO,EACL,SAAS,EACT,eAAe,EACf,kBAAkB,EAClB,eAAe,EACf,eAAe,EACf,iBAAiB,EACjB,sBAAsB,EACtB,uBAAuB,EACvB,eAAe,EACf,oBAAoB,EACpB,uBAAuB,EACvB,SAAS,EACT,UAAU,EACV,eAAe,EACf,eAAe,EACf,eAAe,EACf,sBAAsB,EACtB,4BAA4B,EAC5B,aAAa,GACd,MAAM,iBAAiB,CAAC;AACzB,YAAY,EACV,cAAc,EACd,iBAAiB,EACjB,UAAU,EACV,qBAAqB,EACrB,oBAAoB,GACrB,MAAM,iBAAiB,CAAC"}
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAG3C,OAAO,EACL,gBAAgB,EAChB,WAAW,GACZ,MAAM,YAAY,CAAC;AAcpB,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAG3C,OAAO,EACL,gBAAgB,EAChB,WAAW,GACZ,MAAM,YAAY,CAAC;AAcpB,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAUtD,OAAO,EACL,SAAS,EACT,eAAe,EACf,kBAAkB,EAClB,eAAe,EACf,eAAe,EACf,iBAAiB,EACjB,sBAAsB,EACtB,uBAAuB,EACvB,eAAe,EACf,oBAAoB,EACpB,uBAAuB,EACvB,SAAS,EACT,UAAU,EACV,eAAe,EACf,eAAe,EACf,eAAe,EACf,sBAAsB,EACtB,4BAA4B,EAC5B,aAAa,GACd,MAAM,iBAAiB,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@agledger/verify-core",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.1",
|
|
4
4
|
"description": "Shared offline verification core for AGLedger audit chains — COSE_Sign1 (RFC 9052) decode/verify, Ed25519, hash-chain walk, Merkle proofs, and the canonical failure taxonomy. One dependency (cborg); no network. The single source of truth the SDK, CLI, MCP server, and @agledger/verify all build on.",
|
|
5
5
|
"license": "SEE LICENSE IN LICENSE",
|
|
6
6
|
"type": "module",
|