@astrasyncai/verification-gateway 2.4.12 → 2.4.14

package/dist/transport/index.mjs

@@ -410,12 +410,45 @@ function bufferToBase64(bytes) {
 
 // src/transport/rfc9421-verify.ts
 import { httpbis } from "http-message-signatures";
+
+// src/transport/nonce-store.ts
+var InMemoryNonceStore = class {
+  constructor(capacity = 1e4) {
+    this.entries = /* @__PURE__ */ new Map();
+    this.lastSweepMs = 0;
+    this.capacity = capacity;
+  }
+  seen(key, expiresAtMs) {
+    const nowMs = Date.now();
+    if (nowMs - this.lastSweepMs > 1e3) {
+      for (const [k, exp] of this.entries) {
+        if (exp <= nowMs) this.entries.delete(k);
+      }
+      this.lastSweepMs = nowMs;
+    }
+    const existing = this.entries.get(key);
+    if (existing !== void 0 && existing > nowMs) {
+      return true;
+    }
+    if (this.entries.size >= this.capacity) {
+      const oldest = this.entries.keys().next().value;
+      if (oldest !== void 0) this.entries.delete(oldest);
+    }
+    this.entries.set(key, expiresAtMs);
+    return false;
+  }
+};
+var defaultNonceStore = new InMemoryNonceStore();
+
+// src/transport/rfc9421-verify.ts
 async function verifyRFC9421(request, options) {
   const { resolver } = options;
-  const tolerance = options.clockSkewSec ?? 300;
+  const tolerance = options.clockSkewSec ?? 60;
   const nowSec = options.now ? options.now() : Math.floor(Date.now() / 1e3);
+  const nonceStore = options.nonceStore ?? defaultNonceStore;
   let resolvedKid;
   let resolvedAlg;
+  let replayDetected = false;
   const keyLookup = async (parameters) => {
     const kid = typeof parameters.keyid === "string" ? parameters.keyid : void 0;
     if (!kid) return null;
@@ -429,6 +462,14 @@ async function verifyRFC9421(request, options) {
     const expires = toUnixSeconds(parameters.expires);
     if (created !== void 0 && Math.abs(nowSec - created) > tolerance) return null;
     if (expires !== void 0 && nowSec > expires + tolerance) return null;
+    const nonce = typeof parameters.nonce === "string" ? parameters.nonce : void 0;
+    if (nonce) {
+      const expiresAtMs = (expires !== void 0 ? expires + tolerance : nowSec + tolerance) * 1e3;
+      if (nonceStore.seen(`rfc9421:${kid}:${nonce}`, expiresAtMs)) {
+        replayDetected = true;
+        return null;
+      }
+    }
     return jwkToVerifyingKey(kid, jwk, alg);
   };
   try {
@@ -451,7 +492,7 @@ async function verifyRFC9421(request, options) {
       kid: resolvedKid,
       registry: resolver.name,
       algorithm: resolvedAlg,
-      error: result === false ? "signature invalid" : "no signature found"
+      error: replayDetected ? "RFC9421 signature replay \u2014 already seen within tolerance window" : result === false ? "signature invalid" : "no signature found"
     };
   } catch (err) {
     return {
@@ -1276,14 +1317,26 @@ function sha256Sync2(data) {
 function verifyAP2Chain(input) {
   const { triple } = input;
   const errors = [];
+  const toleranceSec = input.clockSkewSec ?? 60;
+  const nonceStore = input.nonceStore ?? defaultNonceStore;
   const intentPresent = triple.intent !== void 0;
   const cartRefOk = checkCartRef(triple, errors);
   const paymentRefOk = checkPaymentRef(triple, errors);
   const { ok: agentIdContinuity, agentId } = checkAgentContinuity(triple, errors);
   const paymentMethodAllowed = checkPaymentMethod(triple, errors);
   const totalsConsistent = checkTotals(triple, errors);
-  const expiryOk = checkExpiries(triple, input.clockSkewSec ?? 300, input.now, errors);
-  const ok = cartRefOk && paymentRefOk && agentIdContinuity && paymentMethodAllowed && totalsConsistent && expiryOk;
+  const expiryOk = checkExpiries(triple, toleranceSec, input.now, errors);
+  let replayOk = true;
+  const replayId = triple.payment?.raw?.id ?? triple.cart?.raw?.id;
+  if (typeof replayId === "string" && replayId.length > 0) {
+    const now = input.now ? input.now() : Math.floor(Date.now() / 1e3);
+    const expiresAt = (now + toleranceSec) * 1e3;
+    if (nonceStore.seen(`ap2:${replayId}`, expiresAt)) {
+      errors.push(`AP2 chain replay \u2014 mandate ${replayId} already seen within tolerance window`);
+      replayOk = false;
+    }
+  }
+  const ok = cartRefOk && paymentRefOk && agentIdContinuity && paymentMethodAllowed && totalsConsistent && expiryOk && replayOk;
   return {
     ok,
     checks: {
@@ -1329,7 +1382,10 @@ function checkAgentContinuity(triple, errors) {
   const ids = [triple.intent?.agent_id, triple.cart?.agent_id, triple.payment?.agent_id].filter(
     (id) => typeof id === "string" && id.length > 0
   );
-  if (ids.length === 0) return { ok: true };
+  if (ids.length === 0) {
+    errors.push("agent_id missing across all three mandates (intent/cart/payment)");
+    return { ok: false };
+  }
   const unique = new Set(ids);
   if (unique.size > 1) {
     errors.push(`agent_id mismatch across mandates: ${Array.from(unique).join(", ")}`);
@@ -1338,9 +1394,16 @@ function checkAgentContinuity(triple, errors) {
   return { ok: true, agentId: ids[0] };
 }
 function checkPaymentMethod(triple, errors) {
-  const paymentMethod = triple.payment?.payment_method;
   const allowed = triple.intent?.paymentMethods;
-  if (!paymentMethod || !allowed || allowed.length === 0) return true;
+  if (!allowed || allowed.length === 0) return true;
+  if (!triple.payment) return true;
+  const paymentMethod = triple.payment.payment_method;
+  if (!paymentMethod) {
+    errors.push(
+      `payment.payment_method missing but intent declares allowlist [${allowed.join(", ")}]`
+    );
+    return false;
+  }
   if (!allowed.includes(paymentMethod)) {
     errors.push(
       `payment_method "${paymentMethod}" not in intent.paymentMethods [${allowed.join(", ")}]`
@@ -1374,19 +1437,24 @@ function checkTotals(triple, errors) {
 function checkExpiries(triple, toleranceSec, nowFn, errors) {
   const now = nowFn ? nowFn() : Math.floor(Date.now() / 1e3);
   let ok = true;
-  for (const [name, mandate] of [
-    ["intent", triple.intent],
-    ["cart", triple.cart]
-  ]) {
-    if (!mandate?.expires) continue;
-    const parsed = parseExpiry(mandate.expires);
+  const layers = [
+    ["intent", triple.intent?.expires],
+    ["cart", triple.cart?.expires],
+    [
+      "payment",
+      typeof triple.payment?.raw?.expires === "string" ? triple.payment.raw.expires : typeof triple.payment?.raw?.exp === "string" ? triple.payment.raw.exp : void 0
+    ]
+  ];
+  for (const [name, expires] of layers) {
+    if (!expires) continue;
+    const parsed = parseExpiry(expires);
     if (parsed === null) {
       errors.push(`${name}.expires unparseable`);
       ok = false;
       continue;
     }
     if (now > parsed + toleranceSec) {
-      errors.push(`${name} mandate expired at ${mandate.expires}`);
+      errors.push(`${name} mandate expired at ${expires}`);
       ok = false;
     }
   }
@@ -1413,10 +1481,21 @@ async function verifyACPSignature(input) {
   if (!input.signatureHeader) {
     return { ok: false, error: "missing Signature header" };
   }
-  const freshness = checkTimestamp(input.timestampHeader, input.clockSkewSec ?? 300, input.now);
+  const tolerance = input.clockSkewSec ?? 60;
+  const nonceStore = input.nonceStore ?? defaultNonceStore;
+  const freshness = checkTimestamp(input.timestampHeader, tolerance, input.now);
   if (!freshness.ok) {
     return { ok: false, error: freshness.error, timestampStale: true };
   }
+  const nowSec = input.now ? input.now() : Math.floor(Date.now() / 1e3);
+  const expiresAtMs = (nowSec + tolerance) * 1e3;
+  const replayKey = `acp:${input.signatureHeader}:${input.timestampHeader ?? ""}`;
+  if (nonceStore.seen(replayKey, expiresAtMs)) {
+    return {
+      ok: false,
+      error: "ACP signature replay \u2014 already seen within tolerance window"
+    };
+  }
   const signatureBytes = decodeBase64(input.signatureHeader);
   if (!signatureBytes) {
     return { ok: false, error: "signature header is not valid base64" };
@@ -1634,8 +1713,9 @@ function coerceString6(v) {
 import { BodyDigest } from "mppx";
 function verifyMPP(input) {
   const { context } = input;
-  const tolerance = input.clockSkewSec ?? 300;
+  const tolerance = input.clockSkewSec ?? 60;
   const nowSec = input.now ? input.now() : Math.floor(Date.now() / 1e3);
+  const nonceStore = input.nonceStore ?? defaultNonceStore;
   const challenge = context.credential?.challenge ?? (context.challenges && context.challenges[0]);
   const source = context.credential?.source;
   const method = challenge?.method;
@@ -1658,21 +1738,38 @@ function verifyMPP(input) {
     }
   }
   let bodyDigestOk = null;
-  if (challenge?.digest && input.rawBody !== void 0) {
-    try {
-      if (!/^sha-256=/.test(challenge.digest)) {
+  if (input.rawBody !== void 0) {
+    if (!challenge?.digest) {
+      bodyDigestOk = false;
+    } else {
+      try {
+        if (!/^sha-256=/.test(challenge.digest)) {
+          bodyDigestOk = false;
+        } else {
+          bodyDigestOk = BodyDigest.verify(challenge.digest, input.rawBody);
+        }
+      } catch {
         bodyDigestOk = false;
-      } else {
-        bodyDigestOk = BodyDigest.verify(challenge.digest, input.rawBody);
       }
-    } catch {
-      bodyDigestOk = false;
     }
   }
-  const ok = expiryOk && (bodyDigestOk === null || bodyDigestOk === true);
+  let replayOk = true;
+  if (challenge?.digest && expiryOk) {
+    const replayKey = `mpp:${challenge.digest}:${challenge.nonce ?? ""}`;
+    const expiresAt = (nowSec + tolerance) * 1e3;
+    if (nonceStore.seen(replayKey, expiresAt)) {
+      replayOk = false;
+    }
+  }
+  const ok = expiryOk && (bodyDigestOk === null || bodyDigestOk === true) && replayOk;
   const errors = [];
   if (!expiryOk) errors.push("challenge expired");
-  if (bodyDigestOk === false) errors.push("body digest mismatch");
+  if (bodyDigestOk === false) {
+    errors.push(
+      input.rawBody !== void 0 && !challenge?.digest ? "body digest required when rawBody present" : "body digest mismatch"
+    );
+  }
+  if (!replayOk) errors.push("MPP challenge replay \u2014 already seen within tolerance window");
   return {
     ok,
     expiryOk,
@@ -1836,14 +1933,32 @@ function readHeader4(headers, name) {
 import { createHash as createHash3, webcrypto } from "crypto";
 async function verifyVIChain(input) {
   const errors = [];
-  const tolerance = input.clockSkewSec ?? 300;
+  const tolerance = input.clockSkewSec ?? 60;
   const now = input.now ? input.now() : Math.floor(Date.now() / 1e3);
   const { l1, l2, l3a, l3b } = input.layers;
+  const nonceStore = input.nonceStore ?? defaultNonceStore;
+  if (!l1) {
+    if (!input.allowUnboundChain) {
+      errors.push(
+        "L1 missing \u2014 chain root unbound (set allowUnboundChain + expectedL2Key to override)"
+      );
+    } else if (!input.expectedL2Key) {
+      errors.push("allowUnboundChain set but expectedL2Key missing");
+    }
+  }
   const l1SigOk = l1 ? await input.verifySignature(l1, null) : null;
   if (l1 && !l1SigOk) errors.push("L1 signature invalid");
   const l1Cnf = extractCnfJwk(l1?.payload);
-  const l2SigOk = await input.verifySignature(l2, l1Cnf ?? null);
+  const l2ExpectedKey = l1Cnf ?? input.expectedL2Key ?? null;
+  const l2SigOk = await input.verifySignature(l2, l2ExpectedKey);
   if (!l2SigOk) errors.push("L2 signature invalid");
+  if (l2SigOk) {
+    const replayKey = `vi:l2:${l2.compact}`;
+    const expiresAt = now * 1e3 + tolerance * 1e3;
+    if (nonceStore.seen(replayKey, expiresAt)) {
+      errors.push("L2 signature replay \u2014 already seen within tolerance window");
+    }
+  }
   const l2Cnf = extractCnfJwk(l2.payload);
   const l3aSigOk = l3a ? await input.verifySignature(l3a, l2Cnf ?? null) : null;
   if (l3a && !l3aSigOk) errors.push("L3a signature invalid");
@@ -1887,7 +2002,10 @@ async function verifyVIChain(input) {
     }
   }
   const expiryOk = checkExpiryAcross([l1, l2, l3a, l3b], tolerance, now, errors);
-  const ok = l1SigOk !== false && l2SigOk && l3aSigOk !== false && l3bSigOk !== false && l1BindsL2 && l2BindsL3 && l3aL3bTxnIdMatch !== false && checkoutHashOk !== false && expiryOk;
+  const noUnboundChainOrReplayErrors = !errors.some(
+    (e) => e.startsWith("L1 missing") || e.startsWith("allowUnboundChain set") || e.startsWith("L2 signature replay")
+  );
+  const ok = l1SigOk !== false && l2SigOk && l3aSigOk !== false && l3bSigOk !== false && l1BindsL2 && l2BindsL3 && l3aL3bTxnIdMatch !== false && checkoutHashOk !== false && expiryOk && noUnboundChainOrReplayErrors;
   return {
     ok,
     checks: {