@bcts/xid 1.0.0-alpha.16 → 1.0.0-alpha.18
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/dist/index.cjs +387 -103
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +150 -14
- package/dist/index.d.cts.map +1 -1
- package/dist/index.d.mts +150 -14
- package/dist/index.d.mts.map +1 -1
- package/dist/index.iife.js +389 -104
- package/dist/index.iife.js.map +1 -1
- package/dist/index.mjs +379 -107
- package/dist/index.mjs.map +1 -1
- package/package.json +12 -12
- package/src/index.ts +3 -0
- package/src/key.ts +81 -15
- package/src/provenance.ts +75 -19
- package/src/service.ts +17 -1
- package/src/xid-document.ts +334 -29
package/dist/index.iife.js
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
var bctsXid = (function(exports, _bcts_components, _bcts_known_values, _bcts_envelope, _bcts_provenance_mark
|
|
1
|
+
var bctsXid = (function(exports, _bcts_components, _bcts_known_values, _bcts_envelope, _bcts_provenance_mark) {
|
|
2
2
|
|
|
3
3
|
|
|
4
4
|
//#region src/error.ts
|
|
@@ -8,37 +8,37 @@ var bctsXid = (function(exports, _bcts_components, _bcts_known_values, _bcts_env
|
|
|
8
8
|
* Error types returned when operating on XID Documents.
|
|
9
9
|
* Ported from bc-xid-rust/src/error.rs
|
|
10
10
|
*/
|
|
11
|
-
let XIDErrorCode = /* @__PURE__ */ function(XIDErrorCode
|
|
12
|
-
XIDErrorCode
|
|
13
|
-
XIDErrorCode
|
|
14
|
-
XIDErrorCode
|
|
15
|
-
XIDErrorCode
|
|
16
|
-
XIDErrorCode
|
|
17
|
-
XIDErrorCode
|
|
18
|
-
XIDErrorCode
|
|
19
|
-
XIDErrorCode
|
|
20
|
-
XIDErrorCode
|
|
21
|
-
XIDErrorCode
|
|
22
|
-
XIDErrorCode
|
|
23
|
-
XIDErrorCode
|
|
24
|
-
XIDErrorCode
|
|
25
|
-
XIDErrorCode
|
|
26
|
-
XIDErrorCode
|
|
27
|
-
XIDErrorCode
|
|
28
|
-
XIDErrorCode
|
|
29
|
-
XIDErrorCode
|
|
30
|
-
XIDErrorCode
|
|
31
|
-
XIDErrorCode
|
|
32
|
-
XIDErrorCode
|
|
33
|
-
XIDErrorCode
|
|
34
|
-
XIDErrorCode
|
|
35
|
-
XIDErrorCode
|
|
36
|
-
XIDErrorCode
|
|
37
|
-
XIDErrorCode
|
|
38
|
-
XIDErrorCode
|
|
39
|
-
XIDErrorCode
|
|
40
|
-
XIDErrorCode
|
|
41
|
-
return XIDErrorCode
|
|
11
|
+
let XIDErrorCode = /* @__PURE__ */ function(XIDErrorCode) {
|
|
12
|
+
XIDErrorCode["DUPLICATE"] = "DUPLICATE";
|
|
13
|
+
XIDErrorCode["NOT_FOUND"] = "NOT_FOUND";
|
|
14
|
+
XIDErrorCode["STILL_REFERENCED"] = "STILL_REFERENCED";
|
|
15
|
+
XIDErrorCode["EMPTY_VALUE"] = "EMPTY_VALUE";
|
|
16
|
+
XIDErrorCode["UNKNOWN_PRIVILEGE"] = "UNKNOWN_PRIVILEGE";
|
|
17
|
+
XIDErrorCode["INVALID_XID"] = "INVALID_XID";
|
|
18
|
+
XIDErrorCode["MISSING_INCEPTION_KEY"] = "MISSING_INCEPTION_KEY";
|
|
19
|
+
XIDErrorCode["INVALID_RESOLUTION_METHOD"] = "INVALID_RESOLUTION_METHOD";
|
|
20
|
+
XIDErrorCode["MULTIPLE_PROVENANCE_MARKS"] = "MULTIPLE_PROVENANCE_MARKS";
|
|
21
|
+
XIDErrorCode["UNEXPECTED_PREDICATE"] = "UNEXPECTED_PREDICATE";
|
|
22
|
+
XIDErrorCode["UNEXPECTED_NESTED_ASSERTIONS"] = "UNEXPECTED_NESTED_ASSERTIONS";
|
|
23
|
+
XIDErrorCode["NO_PERMISSIONS"] = "NO_PERMISSIONS";
|
|
24
|
+
XIDErrorCode["NO_REFERENCES"] = "NO_REFERENCES";
|
|
25
|
+
XIDErrorCode["UNKNOWN_KEY_REFERENCE"] = "UNKNOWN_KEY_REFERENCE";
|
|
26
|
+
XIDErrorCode["UNKNOWN_DELEGATE_REFERENCE"] = "UNKNOWN_DELEGATE_REFERENCE";
|
|
27
|
+
XIDErrorCode["KEY_NOT_FOUND_IN_DOCUMENT"] = "KEY_NOT_FOUND_IN_DOCUMENT";
|
|
28
|
+
XIDErrorCode["DELEGATE_NOT_FOUND_IN_DOCUMENT"] = "DELEGATE_NOT_FOUND_IN_DOCUMENT";
|
|
29
|
+
XIDErrorCode["INVALID_PASSWORD"] = "INVALID_PASSWORD";
|
|
30
|
+
XIDErrorCode["ENVELOPE_NOT_SIGNED"] = "ENVELOPE_NOT_SIGNED";
|
|
31
|
+
XIDErrorCode["SIGNATURE_VERIFICATION_FAILED"] = "SIGNATURE_VERIFICATION_FAILED";
|
|
32
|
+
XIDErrorCode["NO_PROVENANCE_MARK"] = "NO_PROVENANCE_MARK";
|
|
33
|
+
XIDErrorCode["GENERATOR_CONFLICT"] = "GENERATOR_CONFLICT";
|
|
34
|
+
XIDErrorCode["NO_GENERATOR"] = "NO_GENERATOR";
|
|
35
|
+
XIDErrorCode["CHAIN_ID_MISMATCH"] = "CHAIN_ID_MISMATCH";
|
|
36
|
+
XIDErrorCode["SEQUENCE_MISMATCH"] = "SEQUENCE_MISMATCH";
|
|
37
|
+
XIDErrorCode["ENVELOPE_PARSING"] = "ENVELOPE_PARSING";
|
|
38
|
+
XIDErrorCode["COMPONENT"] = "COMPONENT";
|
|
39
|
+
XIDErrorCode["CBOR"] = "CBOR";
|
|
40
|
+
XIDErrorCode["PROVENANCE_MARK"] = "PROVENANCE_MARK";
|
|
41
|
+
return XIDErrorCode;
|
|
42
42
|
}({});
|
|
43
43
|
var XIDError = class XIDError extends Error {
|
|
44
44
|
code;
|
|
@@ -240,36 +240,36 @@ var bctsXid = (function(exports, _bcts_components, _bcts_known_values, _bcts_env
|
|
|
240
240
|
/**
|
|
241
241
|
* Enum representing XID privileges.
|
|
242
242
|
*/
|
|
243
|
-
let Privilege = /* @__PURE__ */ function(Privilege
|
|
243
|
+
let Privilege = /* @__PURE__ */ function(Privilege) {
|
|
244
244
|
/** Allow all applicable XID operations */
|
|
245
|
-
Privilege
|
|
245
|
+
Privilege["All"] = "All";
|
|
246
246
|
/** Authenticate as the subject (e.g., log into services) */
|
|
247
|
-
Privilege
|
|
247
|
+
Privilege["Auth"] = "Auth";
|
|
248
248
|
/** Sign digital communications as the subject */
|
|
249
|
-
Privilege
|
|
249
|
+
Privilege["Sign"] = "Sign";
|
|
250
250
|
/** Encrypt messages from the subject */
|
|
251
|
-
Privilege
|
|
251
|
+
Privilege["Encrypt"] = "Encrypt";
|
|
252
252
|
/** Elide data under the subject's control */
|
|
253
|
-
Privilege
|
|
253
|
+
Privilege["Elide"] = "Elide";
|
|
254
254
|
/** Issue or revoke verifiable credentials on the subject's authority */
|
|
255
|
-
Privilege
|
|
255
|
+
Privilege["Issue"] = "Issue";
|
|
256
256
|
/** Access resources under the subject's control */
|
|
257
|
-
Privilege
|
|
257
|
+
Privilege["Access"] = "Access";
|
|
258
258
|
/** Delegate privileges to third parties */
|
|
259
|
-
Privilege
|
|
259
|
+
Privilege["Delegate"] = "Delegate";
|
|
260
260
|
/** Verify (update) the XID document */
|
|
261
|
-
Privilege
|
|
261
|
+
Privilege["Verify"] = "Verify";
|
|
262
262
|
/** Update service endpoints */
|
|
263
|
-
Privilege
|
|
263
|
+
Privilege["Update"] = "Update";
|
|
264
264
|
/** Remove the inception key from the XID document */
|
|
265
|
-
Privilege
|
|
265
|
+
Privilege["Transfer"] = "Transfer";
|
|
266
266
|
/** Add or remove other verifiers (rotate keys) */
|
|
267
|
-
Privilege
|
|
267
|
+
Privilege["Elect"] = "Elect";
|
|
268
268
|
/** Transition to a new provenance mark chain */
|
|
269
|
-
Privilege
|
|
269
|
+
Privilege["Burn"] = "Burn";
|
|
270
270
|
/** Revoke the XID entirely */
|
|
271
|
-
Privilege
|
|
272
|
-
return Privilege
|
|
271
|
+
Privilege["Revoke"] = "Revoke";
|
|
272
|
+
return Privilege;
|
|
273
273
|
}({});
|
|
274
274
|
/**
|
|
275
275
|
* Convert a Privilege to its corresponding KnownValue.
|
|
@@ -559,16 +559,16 @@ var bctsXid = (function(exports, _bcts_components, _bcts_known_values, _bcts_env
|
|
|
559
559
|
/**
|
|
560
560
|
* Options for handling private keys in envelopes.
|
|
561
561
|
*/
|
|
562
|
-
let XIDPrivateKeyOptions = /* @__PURE__ */ function(XIDPrivateKeyOptions
|
|
562
|
+
let XIDPrivateKeyOptions = /* @__PURE__ */ function(XIDPrivateKeyOptions) {
|
|
563
563
|
/** Omit the private key from the envelope (default). */
|
|
564
|
-
XIDPrivateKeyOptions
|
|
564
|
+
XIDPrivateKeyOptions["Omit"] = "Omit";
|
|
565
565
|
/** Include the private key in plaintext (with salt for decorrelation). */
|
|
566
|
-
XIDPrivateKeyOptions
|
|
566
|
+
XIDPrivateKeyOptions["Include"] = "Include";
|
|
567
567
|
/** Include the private key assertion but elide it (maintains digest tree). */
|
|
568
|
-
XIDPrivateKeyOptions
|
|
568
|
+
XIDPrivateKeyOptions["Elide"] = "Elide";
|
|
569
569
|
/** Include the private key encrypted with a password. */
|
|
570
|
-
XIDPrivateKeyOptions
|
|
571
|
-
return XIDPrivateKeyOptions
|
|
570
|
+
XIDPrivateKeyOptions["Encrypt"] = "Encrypt";
|
|
571
|
+
return XIDPrivateKeyOptions;
|
|
572
572
|
}({});
|
|
573
573
|
/**
|
|
574
574
|
* Represents a key in an XID document.
|
|
@@ -615,8 +615,8 @@ var bctsXid = (function(exports, _bcts_components, _bcts_known_values, _bcts_env
|
|
|
615
615
|
* Create a new Key with private key base (derives keys from it).
|
|
616
616
|
*/
|
|
617
617
|
static newWithPrivateKeyBase(privateKeyBase) {
|
|
618
|
-
const privateKeys = privateKeyBase.
|
|
619
|
-
const publicKeys = privateKeyBase.
|
|
618
|
+
const privateKeys = privateKeyBase.schnorrPrivateKeys();
|
|
619
|
+
const publicKeys = privateKeyBase.schnorrPublicKeys();
|
|
620
620
|
return Key.newWithPrivateKeys(privateKeys, publicKeys);
|
|
621
621
|
}
|
|
622
622
|
/**
|
|
@@ -657,6 +657,18 @@ var bctsXid = (function(exports, _bcts_components, _bcts_known_values, _bcts_env
|
|
|
657
657
|
return this._publicKeys.reference();
|
|
658
658
|
}
|
|
659
659
|
/**
|
|
660
|
+
* Get the signing public key.
|
|
661
|
+
*/
|
|
662
|
+
signingPublicKey() {
|
|
663
|
+
return this._publicKeys.signingPublicKey();
|
|
664
|
+
}
|
|
665
|
+
/**
|
|
666
|
+
* Get the encapsulation public key.
|
|
667
|
+
*/
|
|
668
|
+
encapsulationPublicKey() {
|
|
669
|
+
return this._publicKeys.encapsulationPublicKey();
|
|
670
|
+
}
|
|
671
|
+
/**
|
|
660
672
|
* Verify a signature against a message.
|
|
661
673
|
*/
|
|
662
674
|
verify(signature, message) {
|
|
@@ -721,7 +733,9 @@ var bctsXid = (function(exports, _bcts_components, _bcts_known_values, _bcts_env
|
|
|
721
733
|
}
|
|
722
734
|
case XIDPrivateKeyOptions.Encrypt:
|
|
723
735
|
if (typeof privateKeyOptions === "object") {
|
|
724
|
-
const
|
|
736
|
+
const privateKeysEnvelope = _bcts_envelope.Envelope.new(data.privateKeys.taggedCborData());
|
|
737
|
+
const method = privateKeyOptions.method ?? (0, _bcts_components.defaultKeyDerivationMethod)();
|
|
738
|
+
const encrypted = privateKeysEnvelope.lockSubject(method, privateKeyOptions.password);
|
|
725
739
|
envelope = envelope.addAssertion(kv$3(_bcts_known_values.PRIVATE_KEY), encrypted);
|
|
726
740
|
envelope = envelope.addAssertion(kv$3(_bcts_known_values.SALT), salt.toData());
|
|
727
741
|
}
|
|
@@ -743,9 +757,15 @@ var bctsXid = (function(exports, _bcts_components, _bcts_known_values, _bcts_env
|
|
|
743
757
|
*/
|
|
744
758
|
static tryFromEnvelope(envelope, password) {
|
|
745
759
|
const env = envelope;
|
|
746
|
-
const
|
|
747
|
-
|
|
748
|
-
const
|
|
760
|
+
const subject = env.case().type === "node" ? env.subject() : env;
|
|
761
|
+
let publicKeys;
|
|
762
|
+
const publicKeysData = subject.asByteString();
|
|
763
|
+
if (publicKeysData !== void 0) publicKeys = _bcts_components.PublicKeys.fromTaggedCborData(publicKeysData);
|
|
764
|
+
else {
|
|
765
|
+
const leaf = subject.asLeaf?.();
|
|
766
|
+
if (leaf === void 0) throw XIDError.component(/* @__PURE__ */ new Error("Could not extract public keys from envelope"));
|
|
767
|
+
publicKeys = _bcts_components.PublicKeys.fromTaggedCbor(leaf);
|
|
768
|
+
}
|
|
749
769
|
let privateKeyData;
|
|
750
770
|
let salt = _bcts_components.Salt.random(32);
|
|
751
771
|
const saltAssertions = env.assertionsWithPredicate(_bcts_known_values.SALT);
|
|
@@ -761,8 +781,8 @@ var bctsXid = (function(exports, _bcts_components, _bcts_known_values, _bcts_env
|
|
|
761
781
|
const assertionCase = privateKeyAssertions[0].case();
|
|
762
782
|
if (assertionCase.type === "assertion") {
|
|
763
783
|
const privateKeyObject = assertionCase.assertion.object();
|
|
764
|
-
if (privateKeyObject.
|
|
765
|
-
const decryptedData = privateKeyObject.
|
|
784
|
+
if (privateKeyObject.isLockedWithPassword()) if (password !== void 0) try {
|
|
785
|
+
const decryptedData = privateKeyObject.unlockSubject(password).subject().asByteString();
|
|
766
786
|
if (decryptedData !== void 0) privateKeyData = {
|
|
767
787
|
data: {
|
|
768
788
|
type: "decrypted",
|
|
@@ -813,6 +833,27 @@ var bctsXid = (function(exports, _bcts_components, _bcts_known_values, _bcts_env
|
|
|
813
833
|
return new Key(publicKeys, privateKeyData, nickname, endpoints, permissions);
|
|
814
834
|
}
|
|
815
835
|
/**
|
|
836
|
+
* Get the private key envelope, optionally decrypting it.
|
|
837
|
+
*
|
|
838
|
+
* Returns:
|
|
839
|
+
* - undefined if no private keys
|
|
840
|
+
* - The decrypted private key envelope if unencrypted
|
|
841
|
+
* - The decrypted envelope if encrypted + correct password
|
|
842
|
+
* - The encrypted envelope as-is if encrypted + no password
|
|
843
|
+
* - Throws on wrong password
|
|
844
|
+
*/
|
|
845
|
+
privateKeyEnvelope(password) {
|
|
846
|
+
if (this._privateKeyData === void 0) return;
|
|
847
|
+
const { data } = this._privateKeyData;
|
|
848
|
+
if (data.type === "decrypted") return _bcts_envelope.Envelope.new(data.privateKeys.taggedCborData());
|
|
849
|
+
if (password !== void 0) try {
|
|
850
|
+
return data.envelope.unlockSubject(new TextEncoder().encode(password));
|
|
851
|
+
} catch {
|
|
852
|
+
throw XIDError.invalidPassword();
|
|
853
|
+
}
|
|
854
|
+
return data.envelope;
|
|
855
|
+
}
|
|
856
|
+
/**
|
|
816
857
|
* Check equality with another Key.
|
|
817
858
|
*/
|
|
818
859
|
equals(other) {
|
|
@@ -952,6 +993,20 @@ var bctsXid = (function(exports, _bcts_components, _bcts_known_values, _bcts_env
|
|
|
952
993
|
this.addDelegateReferenceHex(delegateReference.toHex());
|
|
953
994
|
}
|
|
954
995
|
/**
|
|
996
|
+
* Add a key by its public keys provider (convenience method).
|
|
997
|
+
* Matches Rust's `add_key(&mut self, key: &dyn PublicKeysProvider)`.
|
|
998
|
+
*/
|
|
999
|
+
addKey(keyProvider) {
|
|
1000
|
+
this.addKeyReference(keyProvider.publicKeys().reference());
|
|
1001
|
+
}
|
|
1002
|
+
/**
|
|
1003
|
+
* Add a delegate by its XID provider (convenience method).
|
|
1004
|
+
* Matches Rust's `add_delegate(&mut self, delegate: &dyn XIDProvider)`.
|
|
1005
|
+
*/
|
|
1006
|
+
addDelegate(xidProvider) {
|
|
1007
|
+
this.addDelegateReference(_bcts_components.Reference.hash(xidProvider.xid().toData()));
|
|
1008
|
+
}
|
|
1009
|
+
/**
|
|
955
1010
|
* Get the name.
|
|
956
1011
|
*/
|
|
957
1012
|
name() {
|
|
@@ -1168,19 +1223,21 @@ var bctsXid = (function(exports, _bcts_components, _bcts_known_values, _bcts_env
|
|
|
1168
1223
|
* Ported from bc-xid-rust/src/provenance.rs
|
|
1169
1224
|
*/
|
|
1170
1225
|
const kv$1 = (v) => v;
|
|
1226
|
+
const encodeGeneratorJSON = (json) => new TextEncoder().encode(JSON.stringify(json));
|
|
1227
|
+
const decodeGeneratorJSON = (data) => JSON.parse(new TextDecoder().decode(data));
|
|
1171
1228
|
/**
|
|
1172
1229
|
* Options for handling generators in envelopes.
|
|
1173
1230
|
*/
|
|
1174
|
-
let XIDGeneratorOptions = /* @__PURE__ */ function(XIDGeneratorOptions
|
|
1231
|
+
let XIDGeneratorOptions = /* @__PURE__ */ function(XIDGeneratorOptions) {
|
|
1175
1232
|
/** Omit the generator from the envelope (default). */
|
|
1176
|
-
XIDGeneratorOptions
|
|
1233
|
+
XIDGeneratorOptions["Omit"] = "Omit";
|
|
1177
1234
|
/** Include the generator in plaintext (with salt for decorrelation). */
|
|
1178
|
-
XIDGeneratorOptions
|
|
1235
|
+
XIDGeneratorOptions["Include"] = "Include";
|
|
1179
1236
|
/** Include the generator assertion but elide it (maintains digest tree). */
|
|
1180
|
-
XIDGeneratorOptions
|
|
1237
|
+
XIDGeneratorOptions["Elide"] = "Elide";
|
|
1181
1238
|
/** Include the generator encrypted with a password. */
|
|
1182
|
-
XIDGeneratorOptions
|
|
1183
|
-
return XIDGeneratorOptions
|
|
1239
|
+
XIDGeneratorOptions["Encrypt"] = "Encrypt";
|
|
1240
|
+
return XIDGeneratorOptions;
|
|
1184
1241
|
}({});
|
|
1185
1242
|
/**
|
|
1186
1243
|
* Represents provenance information in an XID document.
|
|
@@ -1278,9 +1335,9 @@ var bctsXid = (function(exports, _bcts_components, _bcts_known_values, _bcts_env
|
|
|
1278
1335
|
if (password !== void 0) {
|
|
1279
1336
|
const encryptedEnvelope = this._generator.data.envelope;
|
|
1280
1337
|
try {
|
|
1281
|
-
const generatorData = encryptedEnvelope.
|
|
1338
|
+
const generatorData = encryptedEnvelope.unlockSubject(password).subject().tryUnwrap().asByteString();
|
|
1282
1339
|
if (generatorData !== void 0) {
|
|
1283
|
-
const json = (
|
|
1340
|
+
const json = decodeGeneratorJSON(generatorData);
|
|
1284
1341
|
const generator = _bcts_provenance_mark.ProvenanceMarkGenerator.fromJSON(json);
|
|
1285
1342
|
this._generator = {
|
|
1286
1343
|
data: {
|
|
@@ -1298,6 +1355,30 @@ var bctsXid = (function(exports, _bcts_components, _bcts_known_values, _bcts_env
|
|
|
1298
1355
|
throw XIDError.invalidPassword();
|
|
1299
1356
|
}
|
|
1300
1357
|
/**
|
|
1358
|
+
* Get the generator envelope, optionally decrypting it.
|
|
1359
|
+
*
|
|
1360
|
+
* Returns:
|
|
1361
|
+
* - undefined if no generator
|
|
1362
|
+
* - An envelope containing the generator if unencrypted
|
|
1363
|
+
* - The decrypted envelope if encrypted + correct password
|
|
1364
|
+
* - The encrypted envelope as-is if encrypted + no password
|
|
1365
|
+
* - Throws on wrong password
|
|
1366
|
+
*/
|
|
1367
|
+
generatorEnvelope(password) {
|
|
1368
|
+
if (this._generator === void 0) return;
|
|
1369
|
+
const { data } = this._generator;
|
|
1370
|
+
if (data.type === "decrypted") {
|
|
1371
|
+
const generatorBytes = encodeGeneratorJSON(data.generator.toJSON());
|
|
1372
|
+
return _bcts_envelope.Envelope.new(generatorBytes);
|
|
1373
|
+
}
|
|
1374
|
+
if (password !== void 0) try {
|
|
1375
|
+
return data.envelope.unlockSubject(new TextEncoder().encode(password)).subject().tryUnwrap();
|
|
1376
|
+
} catch {
|
|
1377
|
+
throw XIDError.invalidPassword();
|
|
1378
|
+
}
|
|
1379
|
+
return data.envelope;
|
|
1380
|
+
}
|
|
1381
|
+
/**
|
|
1301
1382
|
* Convert to envelope with specified options.
|
|
1302
1383
|
*/
|
|
1303
1384
|
intoEnvelopeOpt(generatorOptions = XIDGeneratorOptions.Omit) {
|
|
@@ -1309,13 +1390,13 @@ var bctsXid = (function(exports, _bcts_components, _bcts_known_values, _bcts_env
|
|
|
1309
1390
|
envelope = envelope.addAssertion(kv$1(_bcts_known_values.SALT), salt.toData());
|
|
1310
1391
|
} else if (data.type === "decrypted") switch (typeof generatorOptions === "object" ? generatorOptions.type : generatorOptions) {
|
|
1311
1392
|
case XIDGeneratorOptions.Include: {
|
|
1312
|
-
const generatorBytes = (
|
|
1393
|
+
const generatorBytes = encodeGeneratorJSON(data.generator.toJSON());
|
|
1313
1394
|
envelope = envelope.addAssertion(kv$1(_bcts_known_values.PROVENANCE_GENERATOR), generatorBytes);
|
|
1314
1395
|
envelope = envelope.addAssertion(kv$1(_bcts_known_values.SALT), salt.toData());
|
|
1315
1396
|
break;
|
|
1316
1397
|
}
|
|
1317
1398
|
case XIDGeneratorOptions.Elide: {
|
|
1318
|
-
const generatorBytes2 = (
|
|
1399
|
+
const generatorBytes2 = encodeGeneratorJSON(data.generator.toJSON());
|
|
1319
1400
|
const elidedAssertion = _bcts_envelope.Envelope.newAssertion(kv$1(_bcts_known_values.PROVENANCE_GENERATOR), generatorBytes2).elide();
|
|
1320
1401
|
envelope = envelope.addAssertionEnvelope(elidedAssertion);
|
|
1321
1402
|
envelope = envelope.addAssertion(kv$1(_bcts_known_values.SALT), salt.toData());
|
|
@@ -1323,8 +1404,10 @@ var bctsXid = (function(exports, _bcts_components, _bcts_known_values, _bcts_env
|
|
|
1323
1404
|
}
|
|
1324
1405
|
case XIDGeneratorOptions.Encrypt:
|
|
1325
1406
|
if (typeof generatorOptions === "object") {
|
|
1326
|
-
const generatorBytes3 = (
|
|
1327
|
-
const
|
|
1407
|
+
const generatorBytes3 = encodeGeneratorJSON(data.generator.toJSON());
|
|
1408
|
+
const wrapped = _bcts_envelope.Envelope.new(generatorBytes3).wrap();
|
|
1409
|
+
const method = generatorOptions.method ?? (0, _bcts_components.defaultKeyDerivationMethod)();
|
|
1410
|
+
const encrypted = wrapped.lockSubject(method, generatorOptions.password);
|
|
1328
1411
|
envelope = envelope.addAssertion(kv$1(_bcts_known_values.PROVENANCE_GENERATOR), encrypted);
|
|
1329
1412
|
envelope = envelope.addAssertion(kv$1(_bcts_known_values.SALT), salt.toData());
|
|
1330
1413
|
}
|
|
@@ -1361,10 +1444,10 @@ var bctsXid = (function(exports, _bcts_components, _bcts_known_values, _bcts_env
|
|
|
1361
1444
|
const assertionCase = generatorAssertions[0].case();
|
|
1362
1445
|
if (assertionCase.type === "assertion") {
|
|
1363
1446
|
const generatorObject = assertionCase.assertion.object();
|
|
1364
|
-
if (generatorObject.
|
|
1365
|
-
const generatorData = generatorObject.
|
|
1447
|
+
if (generatorObject.isLockedWithPassword()) if (password !== void 0) try {
|
|
1448
|
+
const generatorData = generatorObject.unlockSubject(password).subject().tryUnwrap().asByteString();
|
|
1366
1449
|
if (generatorData !== void 0) {
|
|
1367
|
-
const json = (
|
|
1450
|
+
const json = decodeGeneratorJSON(generatorData);
|
|
1368
1451
|
generator = {
|
|
1369
1452
|
data: {
|
|
1370
1453
|
type: "decrypted",
|
|
@@ -1392,7 +1475,7 @@ var bctsXid = (function(exports, _bcts_components, _bcts_known_values, _bcts_env
|
|
|
1392
1475
|
else {
|
|
1393
1476
|
const generatorData = generatorObject.asByteString();
|
|
1394
1477
|
if (generatorData !== void 0) {
|
|
1395
|
-
const json2 = (
|
|
1478
|
+
const json2 = decodeGeneratorJSON(generatorData);
|
|
1396
1479
|
generator = {
|
|
1397
1480
|
data: {
|
|
1398
1481
|
type: "decrypted",
|
|
@@ -1439,15 +1522,17 @@ var bctsXid = (function(exports, _bcts_components, _bcts_known_values, _bcts_env
|
|
|
1439
1522
|
const SERVICE_RAW = _bcts_known_values.SERVICE.value();
|
|
1440
1523
|
const PROVENANCE_RAW = _bcts_known_values.PROVENANCE.value();
|
|
1441
1524
|
const DEREFERENCE_VIA_RAW = _bcts_known_values.DEREFERENCE_VIA.value();
|
|
1525
|
+
const ATTACHMENT_RAW_VALUE = Number(_bcts_known_values.ATTACHMENT_RAW);
|
|
1526
|
+
const EDGE_RAW_VALUE = Number(_bcts_known_values.EDGE_RAW);
|
|
1442
1527
|
/**
|
|
1443
1528
|
* Options for verifying the signature on an envelope when loading.
|
|
1444
1529
|
*/
|
|
1445
|
-
let XIDVerifySignature = /* @__PURE__ */ function(XIDVerifySignature
|
|
1530
|
+
let XIDVerifySignature = /* @__PURE__ */ function(XIDVerifySignature) {
|
|
1446
1531
|
/** Do not verify the signature (default). */
|
|
1447
|
-
XIDVerifySignature
|
|
1532
|
+
XIDVerifySignature["None"] = "None";
|
|
1448
1533
|
/** Verify that the envelope is signed with the inception key. */
|
|
1449
|
-
XIDVerifySignature
|
|
1450
|
-
return XIDVerifySignature
|
|
1534
|
+
XIDVerifySignature["Inception"] = "Inception";
|
|
1535
|
+
return XIDVerifySignature;
|
|
1451
1536
|
}({});
|
|
1452
1537
|
/**
|
|
1453
1538
|
* Represents an XID document.
|
|
@@ -1459,13 +1544,17 @@ var bctsXid = (function(exports, _bcts_components, _bcts_known_values, _bcts_env
|
|
|
1459
1544
|
_delegates;
|
|
1460
1545
|
_services;
|
|
1461
1546
|
_provenance;
|
|
1462
|
-
|
|
1547
|
+
_attachments;
|
|
1548
|
+
_edges;
|
|
1549
|
+
constructor(xid, resolutionMethods = /* @__PURE__ */ new Set(), keys = /* @__PURE__ */ new Map(), delegates = /* @__PURE__ */ new Map(), services = /* @__PURE__ */ new Map(), provenance, attachments, edges) {
|
|
1463
1550
|
this._xid = xid;
|
|
1464
1551
|
this._resolutionMethods = resolutionMethods;
|
|
1465
1552
|
this._keys = keys;
|
|
1466
1553
|
this._delegates = delegates;
|
|
1467
1554
|
this._services = services;
|
|
1468
1555
|
this._provenance = provenance;
|
|
1556
|
+
this._attachments = attachments ?? new _bcts_envelope.Attachments();
|
|
1557
|
+
this._edges = edges ?? new _bcts_envelope.Edges();
|
|
1469
1558
|
}
|
|
1470
1559
|
/**
|
|
1471
1560
|
* Create a new XIDDocument with the given options.
|
|
@@ -1473,7 +1562,7 @@ var bctsXid = (function(exports, _bcts_components, _bcts_known_values, _bcts_env
|
|
|
1473
1562
|
static new(keyOptions = { type: "default" }, markOptions = { type: "none" }) {
|
|
1474
1563
|
const inceptionKey = XIDDocument.inceptionKeyForOptions(keyOptions);
|
|
1475
1564
|
const provenance = XIDDocument.genesisMarkWithOptions(markOptions);
|
|
1476
|
-
const doc = new XIDDocument(_bcts_components.XID.
|
|
1565
|
+
const doc = new XIDDocument(_bcts_components.XID.newFromSigningKey(inceptionKey.publicKeys().signingPublicKey()), /* @__PURE__ */ new Set(), /* @__PURE__ */ new Map(), /* @__PURE__ */ new Map(), /* @__PURE__ */ new Map(), provenance);
|
|
1477
1566
|
doc.addKey(inceptionKey);
|
|
1478
1567
|
return doc;
|
|
1479
1568
|
}
|
|
@@ -1582,16 +1671,17 @@ var bctsXid = (function(exports, _bcts_components, _bcts_known_values, _bcts_env
|
|
|
1582
1671
|
if (!this._keys.delete(hashKey)) throw XIDError.notFound("key");
|
|
1583
1672
|
}
|
|
1584
1673
|
/**
|
|
1585
|
-
* Check if the given public
|
|
1674
|
+
* Check if the given signing public key is the inception signing key.
|
|
1675
|
+
* Matches Rust: `is_inception_signing_key(&self, signing_public_key: &SigningPublicKey) -> bool`
|
|
1586
1676
|
*/
|
|
1587
|
-
|
|
1588
|
-
return
|
|
1677
|
+
isInceptionSigningKey(signingPublicKey) {
|
|
1678
|
+
return this._xid.validate(signingPublicKey);
|
|
1589
1679
|
}
|
|
1590
1680
|
/**
|
|
1591
1681
|
* Get the inception key, if it exists in the document.
|
|
1592
1682
|
*/
|
|
1593
1683
|
inceptionKey() {
|
|
1594
|
-
for (const key of this._keys.values()) if (this.
|
|
1684
|
+
for (const key of this._keys.values()) if (this.isInceptionSigningKey(key.publicKeys().signingPublicKey())) return key;
|
|
1595
1685
|
}
|
|
1596
1686
|
/**
|
|
1597
1687
|
* Get the inception private keys, if available.
|
|
@@ -1620,6 +1710,136 @@ var bctsXid = (function(exports, _bcts_components, _bcts_known_values, _bcts_env
|
|
|
1620
1710
|
return inceptionKey;
|
|
1621
1711
|
}
|
|
1622
1712
|
/**
|
|
1713
|
+
* Set the name (nickname) for a key identified by its public keys.
|
|
1714
|
+
*/
|
|
1715
|
+
setNameForKey(publicKeys, name) {
|
|
1716
|
+
const key = this.takeKey(publicKeys);
|
|
1717
|
+
if (key === void 0) throw XIDError.notFound("key");
|
|
1718
|
+
key.setNickname(name);
|
|
1719
|
+
this.addKey(key);
|
|
1720
|
+
}
|
|
1721
|
+
/**
|
|
1722
|
+
* Get the inception signing public key, if it exists.
|
|
1723
|
+
*/
|
|
1724
|
+
inceptionSigningKey() {
|
|
1725
|
+
return this.inceptionKey()?.publicKeys().signingPublicKey();
|
|
1726
|
+
}
|
|
1727
|
+
/**
|
|
1728
|
+
* Get the verification (signing) key for this document.
|
|
1729
|
+
* Prefers the inception key. Falls back to the first key.
|
|
1730
|
+
*/
|
|
1731
|
+
verificationKey() {
|
|
1732
|
+
const inceptionKey = this.inceptionKey();
|
|
1733
|
+
if (inceptionKey !== void 0) return inceptionKey.publicKeys().signingPublicKey();
|
|
1734
|
+
return this._keys.values().next().value?.publicKeys().signingPublicKey();
|
|
1735
|
+
}
|
|
1736
|
+
/**
|
|
1737
|
+
* Extract inception private keys from an envelope (convenience static method).
|
|
1738
|
+
*/
|
|
1739
|
+
static extractInceptionPrivateKeysFromEnvelope(envelope, password) {
|
|
1740
|
+
return XIDDocument.fromEnvelope(envelope, password, XIDVerifySignature.None).inceptionPrivateKeys();
|
|
1741
|
+
}
|
|
1742
|
+
/**
|
|
1743
|
+
* Get the private key envelope for a specific key, optionally decrypting it.
|
|
1744
|
+
*/
|
|
1745
|
+
privateKeyEnvelopeForKey(publicKeys, password) {
|
|
1746
|
+
const key = this.findKeyByPublicKeys(publicKeys);
|
|
1747
|
+
if (key === void 0) return;
|
|
1748
|
+
return key.privateKeyEnvelope(password);
|
|
1749
|
+
}
|
|
1750
|
+
/**
|
|
1751
|
+
* Check that the document contains a key with the given public keys.
|
|
1752
|
+
* Throws if not found.
|
|
1753
|
+
*/
|
|
1754
|
+
checkContainsKey(publicKeys) {
|
|
1755
|
+
if (this.findKeyByPublicKeys(publicKeys) === void 0) throw XIDError.keyNotFoundInDocument(publicKeys.toString());
|
|
1756
|
+
}
|
|
1757
|
+
/**
|
|
1758
|
+
* Check that the document contains a delegate with the given XID.
|
|
1759
|
+
* Throws if not found.
|
|
1760
|
+
*/
|
|
1761
|
+
checkContainsDelegate(xid) {
|
|
1762
|
+
if (this.findDelegateByXid(xid) === void 0) throw XIDError.delegateNotFoundInDocument(xid.toString());
|
|
1763
|
+
}
|
|
1764
|
+
/**
|
|
1765
|
+
* Get the attachments container.
|
|
1766
|
+
*/
|
|
1767
|
+
getAttachments() {
|
|
1768
|
+
return this._attachments;
|
|
1769
|
+
}
|
|
1770
|
+
/**
|
|
1771
|
+
* Add an attachment with the specified payload and metadata.
|
|
1772
|
+
*/
|
|
1773
|
+
addAttachment(payload, vendor, conformsTo) {
|
|
1774
|
+
this._attachments.add(payload, vendor, conformsTo);
|
|
1775
|
+
}
|
|
1776
|
+
/**
|
|
1777
|
+
* Check if the document has any attachments.
|
|
1778
|
+
*/
|
|
1779
|
+
hasAttachments() {
|
|
1780
|
+
return !this._attachments.isEmpty();
|
|
1781
|
+
}
|
|
1782
|
+
/**
|
|
1783
|
+
* Remove all attachments.
|
|
1784
|
+
*/
|
|
1785
|
+
clearAttachments() {
|
|
1786
|
+
this._attachments.clear();
|
|
1787
|
+
}
|
|
1788
|
+
/**
|
|
1789
|
+
* Get an attachment by its digest.
|
|
1790
|
+
*/
|
|
1791
|
+
getAttachment(digest) {
|
|
1792
|
+
return this._attachments.get(digest);
|
|
1793
|
+
}
|
|
1794
|
+
/**
|
|
1795
|
+
* Remove an attachment by its digest.
|
|
1796
|
+
*/
|
|
1797
|
+
removeAttachment(digest) {
|
|
1798
|
+
return this._attachments.remove(digest);
|
|
1799
|
+
}
|
|
1800
|
+
/**
|
|
1801
|
+
* Get the edges container (read-only).
|
|
1802
|
+
*/
|
|
1803
|
+
edges() {
|
|
1804
|
+
return this._edges;
|
|
1805
|
+
}
|
|
1806
|
+
/**
|
|
1807
|
+
* Get the edges container (mutable).
|
|
1808
|
+
*/
|
|
1809
|
+
edgesMut() {
|
|
1810
|
+
return this._edges;
|
|
1811
|
+
}
|
|
1812
|
+
/**
|
|
1813
|
+
* Add an edge envelope.
|
|
1814
|
+
*/
|
|
1815
|
+
addEdge(edgeEnvelope) {
|
|
1816
|
+
this._edges.add(edgeEnvelope);
|
|
1817
|
+
}
|
|
1818
|
+
/**
|
|
1819
|
+
* Get an edge by its digest.
|
|
1820
|
+
*/
|
|
1821
|
+
getEdge(digest) {
|
|
1822
|
+
return this._edges.get(digest);
|
|
1823
|
+
}
|
|
1824
|
+
/**
|
|
1825
|
+
* Remove an edge by its digest.
|
|
1826
|
+
*/
|
|
1827
|
+
removeEdge(digest) {
|
|
1828
|
+
return this._edges.remove(digest);
|
|
1829
|
+
}
|
|
1830
|
+
/**
|
|
1831
|
+
* Remove all edges.
|
|
1832
|
+
*/
|
|
1833
|
+
clearEdges() {
|
|
1834
|
+
this._edges.clear();
|
|
1835
|
+
}
|
|
1836
|
+
/**
|
|
1837
|
+
* Check if the document has any edges.
|
|
1838
|
+
*/
|
|
1839
|
+
hasEdges() {
|
|
1840
|
+
return !this._edges.isEmpty();
|
|
1841
|
+
}
|
|
1842
|
+
/**
|
|
1623
1843
|
* Check if the document is empty (no keys, delegates, services, or provenance).
|
|
1624
1844
|
*/
|
|
1625
1845
|
isEmpty() {
|
|
@@ -1796,12 +2016,14 @@ var bctsXid = (function(exports, _bcts_components, _bcts_known_values, _bcts_env
|
|
|
1796
2016
|
* Convert to envelope with options.
|
|
1797
2017
|
*/
|
|
1798
2018
|
toEnvelope(privateKeyOptions = XIDPrivateKeyOptions.Omit, generatorOptions = XIDGeneratorOptions.Omit, signingOptions = { type: "none" }) {
|
|
1799
|
-
let envelope = _bcts_envelope.Envelope.
|
|
2019
|
+
let envelope = _bcts_envelope.Envelope.newLeaf(this._xid.taggedCbor());
|
|
1800
2020
|
for (const method of this._resolutionMethods) envelope = envelope.addAssertion(kv(_bcts_known_values.DEREFERENCE_VIA), method);
|
|
1801
2021
|
for (const key of this._keys.values()) envelope = envelope.addAssertion(kv(_bcts_known_values.KEY), key.intoEnvelopeOpt(privateKeyOptions));
|
|
1802
2022
|
for (const delegate of this._delegates.values()) envelope = envelope.addAssertion(kv(_bcts_known_values.DELEGATE), delegate.intoEnvelope());
|
|
1803
2023
|
for (const service of this._services.values()) envelope = envelope.addAssertion(kv(_bcts_known_values.SERVICE), service.intoEnvelope());
|
|
1804
2024
|
if (this._provenance !== void 0) envelope = envelope.addAssertion(kv(_bcts_known_values.PROVENANCE), this._provenance.intoEnvelopeOpt(generatorOptions));
|
|
2025
|
+
envelope = this._attachments.addToEnvelope(envelope);
|
|
2026
|
+
envelope = this._edges.addToEnvelope(envelope);
|
|
1805
2027
|
switch (signingOptions.type) {
|
|
1806
2028
|
case "inception": {
|
|
1807
2029
|
const inceptionKey = this.inceptionKey();
|
|
@@ -1811,20 +2033,18 @@ var bctsXid = (function(exports, _bcts_components, _bcts_known_values, _bcts_env
|
|
|
1811
2033
|
envelope = envelope.sign(privateKeys);
|
|
1812
2034
|
break;
|
|
1813
2035
|
}
|
|
1814
|
-
case "privateKeyBase": {
|
|
1815
|
-
const privateKeys = signingOptions.privateKeyBase.ed25519PrivateKeys();
|
|
1816
|
-
envelope = envelope.sign(privateKeys);
|
|
1817
|
-
break;
|
|
1818
|
-
}
|
|
1819
2036
|
case "privateKeys":
|
|
1820
2037
|
envelope = envelope.sign(signingOptions.privateKeys);
|
|
1821
2038
|
break;
|
|
1822
|
-
case "
|
|
2039
|
+
case "signingPrivateKey":
|
|
2040
|
+
envelope = envelope.sign(signingOptions.signingPrivateKey);
|
|
2041
|
+
break;
|
|
1823
2042
|
default: break;
|
|
1824
2043
|
}
|
|
1825
2044
|
return envelope;
|
|
1826
2045
|
}
|
|
1827
2046
|
intoEnvelope() {
|
|
2047
|
+
if (this.isEmpty()) return _bcts_envelope.Envelope.new(this._xid.toData());
|
|
1828
2048
|
return this.toEnvelope();
|
|
1829
2049
|
}
|
|
1830
2050
|
/**
|
|
@@ -1836,25 +2056,42 @@ var bctsXid = (function(exports, _bcts_components, _bcts_known_values, _bcts_env
|
|
|
1836
2056
|
case XIDVerifySignature.None: {
|
|
1837
2057
|
const subject = envelopeExt.subject();
|
|
1838
2058
|
const envelopeToParse = subject.isWrapped() ? subject.tryUnwrap() : envelope;
|
|
1839
|
-
|
|
2059
|
+
const attachments = _bcts_envelope.Attachments.fromEnvelope(envelopeToParse);
|
|
2060
|
+
const edges = _bcts_envelope.Edges.fromEnvelope(envelopeToParse);
|
|
2061
|
+
const doc = XIDDocument.fromEnvelopeInner(envelopeToParse, password);
|
|
2062
|
+
doc._attachments = attachments;
|
|
2063
|
+
doc._edges = edges;
|
|
2064
|
+
return doc;
|
|
1840
2065
|
}
|
|
1841
2066
|
case XIDVerifySignature.Inception: {
|
|
1842
2067
|
if (!envelopeExt.subject().isWrapped()) throw XIDError.envelopeNotSigned();
|
|
1843
2068
|
const unwrapped = envelopeExt.tryUnwrap();
|
|
2069
|
+
const attachments = _bcts_envelope.Attachments.fromEnvelope(unwrapped);
|
|
2070
|
+
const edges = _bcts_envelope.Edges.fromEnvelope(unwrapped);
|
|
1844
2071
|
const doc = XIDDocument.fromEnvelopeInner(unwrapped, password);
|
|
1845
2072
|
const inceptionKey = doc.inceptionKey();
|
|
1846
2073
|
if (inceptionKey === void 0) throw XIDError.missingInceptionKey();
|
|
1847
2074
|
if (!envelopeExt.hasSignatureFrom(inceptionKey.publicKeys())) throw XIDError.signatureVerificationFailed();
|
|
1848
|
-
if (!doc.
|
|
2075
|
+
if (!doc.isInceptionSigningKey(inceptionKey.publicKeys().signingPublicKey())) throw XIDError.invalidXid();
|
|
2076
|
+
doc._attachments = attachments;
|
|
2077
|
+
doc._edges = edges;
|
|
1849
2078
|
return doc;
|
|
1850
2079
|
}
|
|
1851
2080
|
}
|
|
1852
2081
|
}
|
|
1853
2082
|
static fromEnvelopeInner(envelope, password) {
|
|
1854
2083
|
const envelopeExt = envelope;
|
|
1855
|
-
const
|
|
1856
|
-
|
|
1857
|
-
|
|
2084
|
+
const subject = envelope.case().type === "node" ? envelopeExt.subject() : envelope;
|
|
2085
|
+
const leaf = subject.asLeaf?.();
|
|
2086
|
+
if (leaf === void 0) throw XIDError.invalidXid();
|
|
2087
|
+
let xid;
|
|
2088
|
+
try {
|
|
2089
|
+
xid = _bcts_components.XID.fromTaggedCbor(leaf);
|
|
2090
|
+
} catch {
|
|
2091
|
+
const xidData = subject.asByteString();
|
|
2092
|
+
if (xidData === void 0) throw XIDError.invalidXid();
|
|
2093
|
+
xid = _bcts_components.XID.from(xidData);
|
|
2094
|
+
}
|
|
1858
2095
|
const doc = XIDDocument.fromXid(xid);
|
|
1859
2096
|
for (const assertion of envelopeExt.assertions()) {
|
|
1860
2097
|
const assertionCase = assertion.case();
|
|
@@ -1889,6 +2126,8 @@ var bctsXid = (function(exports, _bcts_components, _bcts_known_values, _bcts_env
|
|
|
1889
2126
|
if (doc._provenance !== void 0) throw XIDError.multipleProvenanceMarks();
|
|
1890
2127
|
doc._provenance = Provenance.tryFromEnvelope(object, password);
|
|
1891
2128
|
break;
|
|
2129
|
+
case ATTACHMENT_RAW_VALUE: break;
|
|
2130
|
+
case EDGE_RAW_VALUE: break;
|
|
1892
2131
|
default: throw XIDError.unexpectedPredicate(String(predicate));
|
|
1893
2132
|
}
|
|
1894
2133
|
}
|
|
@@ -1899,7 +2138,13 @@ var bctsXid = (function(exports, _bcts_components, _bcts_known_values, _bcts_env
|
|
|
1899
2138
|
* Create a signed envelope.
|
|
1900
2139
|
*/
|
|
1901
2140
|
toSignedEnvelope(signingKey) {
|
|
1902
|
-
return this.
|
|
2141
|
+
return this.toSignedEnvelopeOpt(signingKey, XIDPrivateKeyOptions.Omit);
|
|
2142
|
+
}
|
|
2143
|
+
/**
|
|
2144
|
+
* Create a signed envelope with private key options.
|
|
2145
|
+
*/
|
|
2146
|
+
toSignedEnvelopeOpt(signingKey, privateKeyOptions = XIDPrivateKeyOptions.Omit) {
|
|
2147
|
+
return this.toEnvelope(privateKeyOptions, XIDGeneratorOptions.Omit, { type: "none" }).sign(signingKey);
|
|
1903
2148
|
}
|
|
1904
2149
|
/**
|
|
1905
2150
|
* Get the reference for this document.
|
|
@@ -1911,13 +2156,41 @@ var bctsXid = (function(exports, _bcts_components, _bcts_known_values, _bcts_env
|
|
|
1911
2156
|
* Check equality with another XIDDocument.
|
|
1912
2157
|
*/
|
|
1913
2158
|
equals(other) {
|
|
1914
|
-
|
|
2159
|
+
if (!this._xid.equals(other._xid)) return false;
|
|
2160
|
+
if (this._resolutionMethods.size !== other._resolutionMethods.size) return false;
|
|
2161
|
+
for (const m of this._resolutionMethods) if (!other._resolutionMethods.has(m)) return false;
|
|
2162
|
+
if (this._keys.size !== other._keys.size) return false;
|
|
2163
|
+
for (const [hash, key] of this._keys) {
|
|
2164
|
+
const otherKey = other._keys.get(hash);
|
|
2165
|
+
if (otherKey === void 0 || !key.equals(otherKey)) return false;
|
|
2166
|
+
}
|
|
2167
|
+
if (this._delegates.size !== other._delegates.size) return false;
|
|
2168
|
+
for (const [hash, delegate] of this._delegates) {
|
|
2169
|
+
const otherDelegate = other._delegates.get(hash);
|
|
2170
|
+
if (otherDelegate === void 0 || !delegate.equals(otherDelegate)) return false;
|
|
2171
|
+
}
|
|
2172
|
+
if (this._services.size !== other._services.size) return false;
|
|
2173
|
+
for (const [uri, service] of this._services) {
|
|
2174
|
+
const otherService = other._services.get(uri);
|
|
2175
|
+
if (otherService === void 0 || !service.equals(otherService)) return false;
|
|
2176
|
+
}
|
|
2177
|
+
if (this._provenance === void 0 && other._provenance !== void 0) return false;
|
|
2178
|
+
if (this._provenance !== void 0 && other._provenance === void 0) return false;
|
|
2179
|
+
if (this._provenance !== void 0 && other._provenance !== void 0) {
|
|
2180
|
+
if (!this._provenance.equals(other._provenance)) return false;
|
|
2181
|
+
}
|
|
2182
|
+
if (!this._attachments.equals(other._attachments)) return false;
|
|
2183
|
+
if (!this._edges.equals(other._edges)) return false;
|
|
2184
|
+
return true;
|
|
1915
2185
|
}
|
|
1916
2186
|
/**
|
|
1917
2187
|
* Clone this XIDDocument.
|
|
1918
2188
|
*/
|
|
1919
2189
|
clone() {
|
|
1920
|
-
|
|
2190
|
+
const doc = new XIDDocument(this._xid, new Set(this._resolutionMethods), new Map(Array.from(this._keys.entries()).map(([k, v]) => [k, v.clone()])), new Map(Array.from(this._delegates.entries()).map(([k, v]) => [k, v.clone()])), new Map(Array.from(this._services.entries()).map(([k, v]) => [k, v.clone()])), this._provenance?.clone());
|
|
2191
|
+
for (const [, env] of this._attachments.iter()) doc._attachments.addEnvelope(env);
|
|
2192
|
+
for (const [, env] of this._edges.iter()) doc._edges.add(env);
|
|
2193
|
+
return doc;
|
|
1921
2194
|
}
|
|
1922
2195
|
/**
|
|
1923
2196
|
* Try to extract from envelope (alias for fromEnvelope with default options).
|
|
@@ -1938,7 +2211,19 @@ var bctsXid = (function(exports, _bcts_components, _bcts_known_values, _bcts_env
|
|
|
1938
2211
|
const VERSION = "1.0.0-alpha.3";
|
|
1939
2212
|
|
|
1940
2213
|
//#endregion
|
|
2214
|
+
Object.defineProperty(exports, 'Attachments', {
|
|
2215
|
+
enumerable: true,
|
|
2216
|
+
get: function () {
|
|
2217
|
+
return _bcts_envelope.Attachments;
|
|
2218
|
+
}
|
|
2219
|
+
});
|
|
1941
2220
|
exports.Delegate = Delegate;
|
|
2221
|
+
Object.defineProperty(exports, 'Edges', {
|
|
2222
|
+
enumerable: true,
|
|
2223
|
+
get: function () {
|
|
2224
|
+
return _bcts_envelope.Edges;
|
|
2225
|
+
}
|
|
2226
|
+
});
|
|
1942
2227
|
exports.HasNicknameMixin = HasNicknameMixin;
|
|
1943
2228
|
exports.HasPermissionsMixin = HasPermissionsMixin;
|
|
1944
2229
|
exports.Key = Key;
|
|
@@ -1966,5 +2251,5 @@ exports.privilegeToEnvelope = privilegeToEnvelope;
|
|
|
1966
2251
|
exports.privilegeToKnownValue = privilegeToKnownValue;
|
|
1967
2252
|
exports.registerXIDDocumentClass = registerXIDDocumentClass;
|
|
1968
2253
|
return exports;
|
|
1969
|
-
})({}, bctsComponents, bctsKnownValues, bctsEnvelope, bctsProvenanceMark
|
|
2254
|
+
})({}, bctsComponents, bctsKnownValues, bctsEnvelope, bctsProvenanceMark);
|
|
1970
2255
|
//# sourceMappingURL=index.iife.js.map
|