@bcts/xid 1.0.0-alpha.22 → 1.0.0-alpha.23
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +123 -113
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts.map +1 -1
- package/dist/index.d.mts.map +1 -1
- package/dist/index.iife.js +179 -170
- package/dist/index.iife.js.map +1 -1
- package/dist/index.mjs +107 -97
- package/dist/index.mjs.map +1 -1
- package/package.json +14 -14
- package/src/key.ts +1 -1
- package/src/provenance.ts +2 -5
- package/src/service.ts +1 -1
- package/src/xid-document.ts +1 -1
package/dist/index.mjs
CHANGED
|
@@ -2,7 +2,6 @@ import { PrivateKeyBase, PrivateKeys, PublicKeys, Reference, Salt, XID, XID as X
|
|
|
2
2
|
import { ALLOW, ATTACHMENT_RAW, CAPABILITY, DELEGATE, DENY, DEREFERENCE_VIA, EDGE_RAW, ENDPOINT, KEY, NAME, NICKNAME, PRIVATE_KEY, PRIVILEGE_ACCESS, PRIVILEGE_ALL, PRIVILEGE_AUTH, PRIVILEGE_BURN, PRIVILEGE_DELEGATE, PRIVILEGE_ELECT, PRIVILEGE_ELIDE, PRIVILEGE_ENCRYPT, PRIVILEGE_ISSUE, PRIVILEGE_REVOKE, PRIVILEGE_SIGN, PRIVILEGE_TRANSFER, PRIVILEGE_UPDATE, PRIVILEGE_VERIFY, PROVENANCE, PROVENANCE_GENERATOR, SALT, SERVICE } from "@bcts/known-values";
|
|
3
3
|
import { Attachments, Attachments as Attachments$1, Edges, Edges as Edges$1, Envelope } from "@bcts/envelope";
|
|
4
4
|
import { ProvenanceMark, ProvenanceMarkGenerator, ProvenanceMarkResolution } from "@bcts/provenance-mark";
|
|
5
|
-
|
|
6
5
|
//#region src/error.ts
|
|
7
6
|
/**
|
|
8
7
|
* Copyright © 2023-2026 Blockchain Commons, LLC
|
|
@@ -59,180 +58,177 @@ var XIDError = class XIDError extends Error {
|
|
|
59
58
|
* Returned when attempting to add a duplicate item.
|
|
60
59
|
*/
|
|
61
60
|
static duplicate(item) {
|
|
62
|
-
return new XIDError(
|
|
61
|
+
return new XIDError("DUPLICATE", `duplicate item: ${item}`);
|
|
63
62
|
}
|
|
64
63
|
/**
|
|
65
64
|
* Returned when an item is not found.
|
|
66
65
|
*/
|
|
67
66
|
static notFound(item) {
|
|
68
|
-
return new XIDError(
|
|
67
|
+
return new XIDError("NOT_FOUND", `item not found: ${item}`);
|
|
69
68
|
}
|
|
70
69
|
/**
|
|
71
70
|
* Returned when an item is still referenced by other items.
|
|
72
71
|
*/
|
|
73
72
|
static stillReferenced(item) {
|
|
74
|
-
return new XIDError(
|
|
73
|
+
return new XIDError("STILL_REFERENCED", `item is still referenced: ${item}`);
|
|
75
74
|
}
|
|
76
75
|
/**
|
|
77
76
|
* Returned when a value is invalid or empty.
|
|
78
77
|
*/
|
|
79
78
|
static emptyValue(field) {
|
|
80
|
-
return new XIDError(
|
|
79
|
+
return new XIDError("EMPTY_VALUE", `invalid or empty value: ${field}`);
|
|
81
80
|
}
|
|
82
81
|
/**
|
|
83
82
|
* Returned when an unknown privilege is encountered.
|
|
84
83
|
*/
|
|
85
84
|
static unknownPrivilege() {
|
|
86
|
-
return new XIDError(
|
|
85
|
+
return new XIDError("UNKNOWN_PRIVILEGE", "unknown privilege");
|
|
87
86
|
}
|
|
88
87
|
/**
|
|
89
88
|
* Returned when the XID is invalid.
|
|
90
89
|
*/
|
|
91
90
|
static invalidXid() {
|
|
92
|
-
return new XIDError(
|
|
91
|
+
return new XIDError("INVALID_XID", "invalid XID");
|
|
93
92
|
}
|
|
94
93
|
/**
|
|
95
94
|
* Returned when the inception key is missing.
|
|
96
95
|
*/
|
|
97
96
|
static missingInceptionKey() {
|
|
98
|
-
return new XIDError(
|
|
97
|
+
return new XIDError("MISSING_INCEPTION_KEY", "missing inception key");
|
|
99
98
|
}
|
|
100
99
|
/**
|
|
101
100
|
* Returned when the resolution method is invalid.
|
|
102
101
|
*/
|
|
103
102
|
static invalidResolutionMethod() {
|
|
104
|
-
return new XIDError(
|
|
103
|
+
return new XIDError("INVALID_RESOLUTION_METHOD", "invalid resolution method");
|
|
105
104
|
}
|
|
106
105
|
/**
|
|
107
106
|
* Returned when multiple provenance marks are found.
|
|
108
107
|
*/
|
|
109
108
|
static multipleProvenanceMarks() {
|
|
110
|
-
return new XIDError(
|
|
109
|
+
return new XIDError("MULTIPLE_PROVENANCE_MARKS", "multiple provenance marks");
|
|
111
110
|
}
|
|
112
111
|
/**
|
|
113
112
|
* Returned when an unexpected predicate is encountered.
|
|
114
113
|
*/
|
|
115
114
|
static unexpectedPredicate(predicate) {
|
|
116
|
-
return new XIDError(
|
|
115
|
+
return new XIDError("UNEXPECTED_PREDICATE", `unexpected predicate: ${predicate}`);
|
|
117
116
|
}
|
|
118
117
|
/**
|
|
119
118
|
* Returned when unexpected nested assertions are found.
|
|
120
119
|
*/
|
|
121
120
|
static unexpectedNestedAssertions() {
|
|
122
|
-
return new XIDError(
|
|
121
|
+
return new XIDError("UNEXPECTED_NESTED_ASSERTIONS", "unexpected nested assertions");
|
|
123
122
|
}
|
|
124
123
|
/**
|
|
125
124
|
* Returned when a service has no permissions.
|
|
126
125
|
*/
|
|
127
126
|
static noPermissions(uri) {
|
|
128
|
-
return new XIDError(
|
|
127
|
+
return new XIDError("NO_PERMISSIONS", `no permissions in service '${uri}'`);
|
|
129
128
|
}
|
|
130
129
|
/**
|
|
131
130
|
* Returned when a service has no key or delegate references.
|
|
132
131
|
*/
|
|
133
132
|
static noReferences(uri) {
|
|
134
|
-
return new XIDError(
|
|
133
|
+
return new XIDError("NO_REFERENCES", `no key or delegate references in service '${uri}'`);
|
|
135
134
|
}
|
|
136
135
|
/**
|
|
137
136
|
* Returned when an unknown key reference is found in a service.
|
|
138
137
|
*/
|
|
139
138
|
static unknownKeyReference(reference, uri) {
|
|
140
|
-
return new XIDError(
|
|
139
|
+
return new XIDError("UNKNOWN_KEY_REFERENCE", `unknown key reference ${reference} in service '${uri}'`);
|
|
141
140
|
}
|
|
142
141
|
/**
|
|
143
142
|
* Returned when an unknown delegate reference is found in a service.
|
|
144
143
|
*/
|
|
145
144
|
static unknownDelegateReference(reference, uri) {
|
|
146
|
-
return new XIDError(
|
|
145
|
+
return new XIDError("UNKNOWN_DELEGATE_REFERENCE", `unknown delegate reference ${reference} in service '${uri}'`);
|
|
147
146
|
}
|
|
148
147
|
/**
|
|
149
148
|
* Returned when a key is not found in the XID document.
|
|
150
149
|
*/
|
|
151
150
|
static keyNotFoundInDocument(key) {
|
|
152
|
-
return new XIDError(
|
|
151
|
+
return new XIDError("KEY_NOT_FOUND_IN_DOCUMENT", `key not found in XID document: ${key}`);
|
|
153
152
|
}
|
|
154
153
|
/**
|
|
155
154
|
* Returned when a delegate is not found in the XID document.
|
|
156
155
|
*/
|
|
157
156
|
static delegateNotFoundInDocument(delegate) {
|
|
158
|
-
return new XIDError(
|
|
157
|
+
return new XIDError("DELEGATE_NOT_FOUND_IN_DOCUMENT", `delegate not found in XID document: ${delegate}`);
|
|
159
158
|
}
|
|
160
159
|
/**
|
|
161
160
|
* Returned when the password is invalid.
|
|
162
161
|
*/
|
|
163
162
|
static invalidPassword() {
|
|
164
|
-
return new XIDError(
|
|
163
|
+
return new XIDError("INVALID_PASSWORD", "invalid password");
|
|
165
164
|
}
|
|
166
165
|
/**
|
|
167
166
|
* Returned when the envelope is not signed.
|
|
168
167
|
*/
|
|
169
168
|
static envelopeNotSigned() {
|
|
170
|
-
return new XIDError(
|
|
169
|
+
return new XIDError("ENVELOPE_NOT_SIGNED", "envelope is not signed");
|
|
171
170
|
}
|
|
172
171
|
/**
|
|
173
172
|
* Returned when signature verification fails.
|
|
174
173
|
*/
|
|
175
174
|
static signatureVerificationFailed() {
|
|
176
|
-
return new XIDError(
|
|
175
|
+
return new XIDError("SIGNATURE_VERIFICATION_FAILED", "signature verification failed");
|
|
177
176
|
}
|
|
178
177
|
/**
|
|
179
178
|
* Returned when there is no provenance mark to advance.
|
|
180
179
|
*/
|
|
181
180
|
static noProvenanceMark() {
|
|
182
|
-
return new XIDError(
|
|
181
|
+
return new XIDError("NO_PROVENANCE_MARK", "no provenance mark to advance");
|
|
183
182
|
}
|
|
184
183
|
/**
|
|
185
184
|
* Returned when document already has generator but external generator was provided.
|
|
186
185
|
*/
|
|
187
186
|
static generatorConflict() {
|
|
188
|
-
return new XIDError(
|
|
187
|
+
return new XIDError("GENERATOR_CONFLICT", "document already has generator, cannot provide external generator");
|
|
189
188
|
}
|
|
190
189
|
/**
|
|
191
190
|
* Returned when document does not have generator but needs one.
|
|
192
191
|
*/
|
|
193
192
|
static noGenerator() {
|
|
194
|
-
return new XIDError(
|
|
193
|
+
return new XIDError("NO_GENERATOR", "document does not have generator, must provide external generator");
|
|
195
194
|
}
|
|
196
195
|
/**
|
|
197
196
|
* Returned when generator chain ID doesn't match.
|
|
198
197
|
*/
|
|
199
198
|
static chainIdMismatch(expected, actual) {
|
|
200
|
-
|
|
201
|
-
const actualHex = Array.from(actual).map((b) => b.toString(16).padStart(2, "0")).join("");
|
|
202
|
-
return new XIDError(XIDErrorCode.CHAIN_ID_MISMATCH, `generator chain ID mismatch: expected ${expectedHex}, got ${actualHex}`);
|
|
199
|
+
return new XIDError("CHAIN_ID_MISMATCH", `generator chain ID mismatch: expected ${Array.from(expected).map((b) => b.toString(16).padStart(2, "0")).join("")}, got ${Array.from(actual).map((b) => b.toString(16).padStart(2, "0")).join("")}`);
|
|
203
200
|
}
|
|
204
201
|
/**
|
|
205
202
|
* Returned when generator sequence doesn't match.
|
|
206
203
|
*/
|
|
207
204
|
static sequenceMismatch(expected, actual) {
|
|
208
|
-
return new XIDError(
|
|
205
|
+
return new XIDError("SEQUENCE_MISMATCH", `generator sequence mismatch: expected ${expected}, got ${actual}`);
|
|
209
206
|
}
|
|
210
207
|
/**
|
|
211
208
|
* Envelope parsing error wrapper.
|
|
212
209
|
*/
|
|
213
210
|
static envelopeParsing(cause) {
|
|
214
|
-
return new XIDError(
|
|
211
|
+
return new XIDError("ENVELOPE_PARSING", "envelope parsing error", cause);
|
|
215
212
|
}
|
|
216
213
|
/**
|
|
217
214
|
* Component error wrapper.
|
|
218
215
|
*/
|
|
219
216
|
static component(cause) {
|
|
220
|
-
return new XIDError(
|
|
217
|
+
return new XIDError("COMPONENT", "component error", cause);
|
|
221
218
|
}
|
|
222
219
|
/**
|
|
223
220
|
* CBOR error wrapper.
|
|
224
221
|
*/
|
|
225
222
|
static cbor(cause) {
|
|
226
|
-
return new XIDError(
|
|
223
|
+
return new XIDError("CBOR", "CBOR error", cause);
|
|
227
224
|
}
|
|
228
225
|
/**
|
|
229
226
|
* Provenance mark error wrapper.
|
|
230
227
|
*/
|
|
231
228
|
static provenanceMark(cause) {
|
|
232
|
-
return new XIDError(
|
|
229
|
+
return new XIDError("PROVENANCE_MARK", "provenance mark error", cause);
|
|
233
230
|
}
|
|
234
231
|
};
|
|
235
|
-
|
|
236
232
|
//#endregion
|
|
237
233
|
//#region src/privilege.ts
|
|
238
234
|
/**
|
|
@@ -286,20 +282,20 @@ let Privilege = /* @__PURE__ */ function(Privilege) {
|
|
|
286
282
|
*/
|
|
287
283
|
function privilegeToKnownValue(privilege) {
|
|
288
284
|
switch (privilege) {
|
|
289
|
-
case
|
|
290
|
-
case
|
|
291
|
-
case
|
|
292
|
-
case
|
|
293
|
-
case
|
|
294
|
-
case
|
|
295
|
-
case
|
|
296
|
-
case
|
|
297
|
-
case
|
|
298
|
-
case
|
|
299
|
-
case
|
|
300
|
-
case
|
|
301
|
-
case
|
|
302
|
-
case
|
|
285
|
+
case "All": return PRIVILEGE_ALL;
|
|
286
|
+
case "Auth": return PRIVILEGE_AUTH;
|
|
287
|
+
case "Sign": return PRIVILEGE_SIGN;
|
|
288
|
+
case "Encrypt": return PRIVILEGE_ENCRYPT;
|
|
289
|
+
case "Elide": return PRIVILEGE_ELIDE;
|
|
290
|
+
case "Issue": return PRIVILEGE_ISSUE;
|
|
291
|
+
case "Access": return PRIVILEGE_ACCESS;
|
|
292
|
+
case "Delegate": return PRIVILEGE_DELEGATE;
|
|
293
|
+
case "Verify": return PRIVILEGE_VERIFY;
|
|
294
|
+
case "Update": return PRIVILEGE_UPDATE;
|
|
295
|
+
case "Transfer": return PRIVILEGE_TRANSFER;
|
|
296
|
+
case "Elect": return PRIVILEGE_ELECT;
|
|
297
|
+
case "Burn": return PRIVILEGE_BURN;
|
|
298
|
+
case "Revoke": return PRIVILEGE_REVOKE;
|
|
303
299
|
default: throw XIDError.unknownPrivilege();
|
|
304
300
|
}
|
|
305
301
|
}
|
|
@@ -308,20 +304,20 @@ function privilegeToKnownValue(privilege) {
|
|
|
308
304
|
*/
|
|
309
305
|
function privilegeFromKnownValue(knownValue) {
|
|
310
306
|
switch (knownValue.value()) {
|
|
311
|
-
case PRIVILEGE_ALL.value(): return
|
|
312
|
-
case PRIVILEGE_AUTH.value(): return
|
|
313
|
-
case PRIVILEGE_SIGN.value(): return
|
|
314
|
-
case PRIVILEGE_ENCRYPT.value(): return
|
|
315
|
-
case PRIVILEGE_ELIDE.value(): return
|
|
316
|
-
case PRIVILEGE_ISSUE.value(): return
|
|
317
|
-
case PRIVILEGE_ACCESS.value(): return
|
|
318
|
-
case PRIVILEGE_DELEGATE.value(): return
|
|
319
|
-
case PRIVILEGE_VERIFY.value(): return
|
|
320
|
-
case PRIVILEGE_UPDATE.value(): return
|
|
321
|
-
case PRIVILEGE_TRANSFER.value(): return
|
|
322
|
-
case PRIVILEGE_ELECT.value(): return
|
|
323
|
-
case PRIVILEGE_BURN.value(): return
|
|
324
|
-
case PRIVILEGE_REVOKE.value(): return
|
|
307
|
+
case PRIVILEGE_ALL.value(): return "All";
|
|
308
|
+
case PRIVILEGE_AUTH.value(): return "Auth";
|
|
309
|
+
case PRIVILEGE_SIGN.value(): return "Sign";
|
|
310
|
+
case PRIVILEGE_ENCRYPT.value(): return "Encrypt";
|
|
311
|
+
case PRIVILEGE_ELIDE.value(): return "Elide";
|
|
312
|
+
case PRIVILEGE_ISSUE.value(): return "Issue";
|
|
313
|
+
case PRIVILEGE_ACCESS.value(): return "Access";
|
|
314
|
+
case PRIVILEGE_DELEGATE.value(): return "Delegate";
|
|
315
|
+
case PRIVILEGE_VERIFY.value(): return "Verify";
|
|
316
|
+
case PRIVILEGE_UPDATE.value(): return "Update";
|
|
317
|
+
case PRIVILEGE_TRANSFER.value(): return "Transfer";
|
|
318
|
+
case PRIVILEGE_ELECT.value(): return "Elect";
|
|
319
|
+
case PRIVILEGE_BURN.value(): return "Burn";
|
|
320
|
+
case PRIVILEGE_REVOKE.value(): return "Revoke";
|
|
325
321
|
default: throw XIDError.unknownPrivilege();
|
|
326
322
|
}
|
|
327
323
|
}
|
|
@@ -339,7 +335,6 @@ function privilegeFromEnvelope(envelope) {
|
|
|
339
335
|
if (envelopeCase.type !== "knownValue") throw XIDError.unknownPrivilege();
|
|
340
336
|
return privilegeFromKnownValue(envelopeCase.value);
|
|
341
337
|
}
|
|
342
|
-
|
|
343
338
|
//#endregion
|
|
344
339
|
//#region src/permissions.ts
|
|
345
340
|
/**
|
|
@@ -358,24 +353,45 @@ function privilegeFromEnvelope(envelope) {
|
|
|
358
353
|
* Helper methods for HasPermissions implementers.
|
|
359
354
|
*/
|
|
360
355
|
const HasPermissionsMixin = {
|
|
356
|
+
/**
|
|
357
|
+
* Get the set of allowed privileges.
|
|
358
|
+
*/
|
|
361
359
|
allow(obj) {
|
|
362
360
|
return obj.permissions().allow;
|
|
363
361
|
},
|
|
362
|
+
/**
|
|
363
|
+
* Get the set of denied privileges.
|
|
364
|
+
*/
|
|
364
365
|
deny(obj) {
|
|
365
366
|
return obj.permissions().deny;
|
|
366
367
|
},
|
|
368
|
+
/**
|
|
369
|
+
* Add an allowed privilege.
|
|
370
|
+
*/
|
|
367
371
|
addAllow(obj, privilege) {
|
|
368
372
|
obj.permissionsMut().allow.add(privilege);
|
|
369
373
|
},
|
|
374
|
+
/**
|
|
375
|
+
* Add a denied privilege.
|
|
376
|
+
*/
|
|
370
377
|
addDeny(obj, privilege) {
|
|
371
378
|
obj.permissionsMut().deny.add(privilege);
|
|
372
379
|
},
|
|
380
|
+
/**
|
|
381
|
+
* Remove an allowed privilege.
|
|
382
|
+
*/
|
|
373
383
|
removeAllow(obj, privilege) {
|
|
374
384
|
obj.permissionsMut().allow.delete(privilege);
|
|
375
385
|
},
|
|
386
|
+
/**
|
|
387
|
+
* Remove a denied privilege.
|
|
388
|
+
*/
|
|
376
389
|
removeDeny(obj, privilege) {
|
|
377
390
|
obj.permissionsMut().deny.delete(privilege);
|
|
378
391
|
},
|
|
392
|
+
/**
|
|
393
|
+
* Clear all permissions.
|
|
394
|
+
*/
|
|
379
395
|
clearAllPermissions(obj) {
|
|
380
396
|
obj.permissionsMut().allow.clear();
|
|
381
397
|
obj.permissionsMut().deny.clear();
|
|
@@ -402,7 +418,7 @@ var Permissions = class Permissions {
|
|
|
402
418
|
*/
|
|
403
419
|
static newAllowAll() {
|
|
404
420
|
const allow = /* @__PURE__ */ new Set();
|
|
405
|
-
allow.add(
|
|
421
|
+
allow.add("All");
|
|
406
422
|
return new Permissions(allow);
|
|
407
423
|
}
|
|
408
424
|
/**
|
|
@@ -448,14 +464,14 @@ var Permissions = class Permissions {
|
|
|
448
464
|
* Check if a specific privilege is allowed.
|
|
449
465
|
*/
|
|
450
466
|
isAllowed(privilege) {
|
|
451
|
-
if (this.deny.has(privilege) || this.deny.has(
|
|
452
|
-
return this.allow.has(privilege) || this.allow.has(
|
|
467
|
+
if (this.deny.has(privilege) || this.deny.has("All")) return false;
|
|
468
|
+
return this.allow.has(privilege) || this.allow.has("All");
|
|
453
469
|
}
|
|
454
470
|
/**
|
|
455
471
|
* Check if a specific privilege is denied.
|
|
456
472
|
*/
|
|
457
473
|
isDenied(privilege) {
|
|
458
|
-
return this.deny.has(privilege) || this.deny.has(
|
|
474
|
+
return this.deny.has(privilege) || this.deny.has("All");
|
|
459
475
|
}
|
|
460
476
|
permissions() {
|
|
461
477
|
return this;
|
|
@@ -479,7 +495,6 @@ var Permissions = class Permissions {
|
|
|
479
495
|
return new Permissions(new Set(this.allow), new Set(this.deny));
|
|
480
496
|
}
|
|
481
497
|
};
|
|
482
|
-
|
|
483
498
|
//#endregion
|
|
484
499
|
//#region src/name.ts
|
|
485
500
|
/**
|
|
@@ -496,12 +511,15 @@ var Permissions = class Permissions {
|
|
|
496
511
|
/**
|
|
497
512
|
* Helper methods for HasNickname implementers.
|
|
498
513
|
*/
|
|
499
|
-
const HasNicknameMixin = {
|
|
514
|
+
const HasNicknameMixin = {
|
|
515
|
+
/**
|
|
516
|
+
* Add a nickname, throwing if one already exists or is empty.
|
|
517
|
+
*/
|
|
518
|
+
addNickname(obj, name) {
|
|
500
519
|
if (obj.nickname() !== "") throw XIDError.duplicate("nickname");
|
|
501
520
|
if (name === "") throw XIDError.emptyValue("nickname");
|
|
502
521
|
obj.setNickname(name);
|
|
503
522
|
} };
|
|
504
|
-
|
|
505
523
|
//#endregion
|
|
506
524
|
//#region src/shared.ts
|
|
507
525
|
/**
|
|
@@ -566,7 +584,6 @@ var Shared = class Shared {
|
|
|
566
584
|
return new Shared(this.value);
|
|
567
585
|
}
|
|
568
586
|
};
|
|
569
|
-
|
|
570
587
|
//#endregion
|
|
571
588
|
//#region src/key.ts
|
|
572
589
|
/**
|
|
@@ -739,7 +756,7 @@ var Key = class Key {
|
|
|
739
756
|
/**
|
|
740
757
|
* Convert to envelope with specified options.
|
|
741
758
|
*/
|
|
742
|
-
intoEnvelopeOpt(privateKeyOptions =
|
|
759
|
+
intoEnvelopeOpt(privateKeyOptions = "Omit") {
|
|
743
760
|
let envelope = Envelope.new(this._publicKeys.taggedCborData());
|
|
744
761
|
if (this._privateKeyData !== void 0) {
|
|
745
762
|
const { data, salt } = this._privateKeyData;
|
|
@@ -747,17 +764,17 @@ var Key = class Key {
|
|
|
747
764
|
envelope = envelope.addAssertion(kv$3(PRIVATE_KEY), data.envelope);
|
|
748
765
|
envelope = envelope.addAssertion(kv$3(SALT), salt.toData());
|
|
749
766
|
} else if (data.type === "decrypted") switch (typeof privateKeyOptions === "object" ? privateKeyOptions.type : privateKeyOptions) {
|
|
750
|
-
case
|
|
767
|
+
case "Include":
|
|
751
768
|
envelope = envelope.addAssertion(kv$3(PRIVATE_KEY), data.privateKeys.taggedCborData());
|
|
752
769
|
envelope = envelope.addAssertion(kv$3(SALT), salt.toData());
|
|
753
770
|
break;
|
|
754
|
-
case
|
|
771
|
+
case "Elide": {
|
|
755
772
|
const elidedAssertion = Envelope.newAssertion(kv$3(PRIVATE_KEY), data.privateKeys.taggedCborData()).elide();
|
|
756
773
|
envelope = envelope.addAssertionEnvelope(elidedAssertion);
|
|
757
774
|
envelope = envelope.addAssertion(kv$3(SALT), salt.toData());
|
|
758
775
|
break;
|
|
759
776
|
}
|
|
760
|
-
case
|
|
777
|
+
case "Encrypt":
|
|
761
778
|
if (typeof privateKeyOptions === "object") {
|
|
762
779
|
const privateKeysEnvelope = Envelope.new(data.privateKeys.taggedCborData());
|
|
763
780
|
const method = privateKeyOptions.method ?? defaultKeyDerivationMethod();
|
|
@@ -766,7 +783,6 @@ var Key = class Key {
|
|
|
766
783
|
envelope = envelope.addAssertion(kv$3(SALT), salt.toData());
|
|
767
784
|
}
|
|
768
785
|
break;
|
|
769
|
-
case XIDPrivateKeyOptions.Omit:
|
|
770
786
|
default: break;
|
|
771
787
|
}
|
|
772
788
|
}
|
|
@@ -776,7 +792,7 @@ var Key = class Key {
|
|
|
776
792
|
return envelope;
|
|
777
793
|
}
|
|
778
794
|
intoEnvelope() {
|
|
779
|
-
return this.intoEnvelopeOpt(
|
|
795
|
+
return this.intoEnvelopeOpt("Omit");
|
|
780
796
|
}
|
|
781
797
|
/**
|
|
782
798
|
* Try to extract a Key from an envelope, optionally with password for decryption.
|
|
@@ -901,7 +917,6 @@ var Key = class Key {
|
|
|
901
917
|
} : void 0, this._nickname, new Set(this._endpoints), this._permissions.clone());
|
|
902
918
|
}
|
|
903
919
|
};
|
|
904
|
-
|
|
905
920
|
//#endregion
|
|
906
921
|
//#region src/service.ts
|
|
907
922
|
/**
|
|
@@ -1155,7 +1170,6 @@ function hexToBytes(hex) {
|
|
|
1155
1170
|
function bytesToHex(bytes) {
|
|
1156
1171
|
return Array.from(bytes).map((b) => b.toString(16).padStart(2, "0")).join("");
|
|
1157
1172
|
}
|
|
1158
|
-
|
|
1159
1173
|
//#endregion
|
|
1160
1174
|
//#region src/delegate.ts
|
|
1161
1175
|
let XIDDocumentClass = null;
|
|
@@ -1241,7 +1255,6 @@ var Delegate = class Delegate {
|
|
|
1241
1255
|
return new Delegate(Shared.new(this._controller.read().clone()), this._permissions.clone());
|
|
1242
1256
|
}
|
|
1243
1257
|
};
|
|
1244
|
-
|
|
1245
1258
|
//#endregion
|
|
1246
1259
|
//#region src/provenance.ts
|
|
1247
1260
|
/**
|
|
@@ -1415,7 +1428,7 @@ var Provenance = class Provenance {
|
|
|
1415
1428
|
/**
|
|
1416
1429
|
* Convert to envelope with specified options.
|
|
1417
1430
|
*/
|
|
1418
|
-
intoEnvelopeOpt(generatorOptions =
|
|
1431
|
+
intoEnvelopeOpt(generatorOptions = "Omit") {
|
|
1419
1432
|
let envelope = Envelope.new(this._mark.toCborData());
|
|
1420
1433
|
if (this._generator !== void 0) {
|
|
1421
1434
|
const { data, salt } = this._generator;
|
|
@@ -1423,20 +1436,20 @@ var Provenance = class Provenance {
|
|
|
1423
1436
|
envelope = envelope.addAssertion(kv$1(PROVENANCE_GENERATOR), data.envelope);
|
|
1424
1437
|
envelope = envelope.addAssertion(kv$1(SALT), salt.toData());
|
|
1425
1438
|
} else if (data.type === "decrypted") switch (typeof generatorOptions === "object" ? generatorOptions.type : generatorOptions) {
|
|
1426
|
-
case
|
|
1439
|
+
case "Include": {
|
|
1427
1440
|
const generatorBytes = encodeGeneratorJSON(data.generator.toJSON());
|
|
1428
1441
|
envelope = envelope.addAssertion(kv$1(PROVENANCE_GENERATOR), generatorBytes);
|
|
1429
1442
|
envelope = envelope.addAssertion(kv$1(SALT), salt.toData());
|
|
1430
1443
|
break;
|
|
1431
1444
|
}
|
|
1432
|
-
case
|
|
1445
|
+
case "Elide": {
|
|
1433
1446
|
const generatorBytes2 = encodeGeneratorJSON(data.generator.toJSON());
|
|
1434
1447
|
const elidedAssertion = Envelope.newAssertion(kv$1(PROVENANCE_GENERATOR), generatorBytes2).elide();
|
|
1435
1448
|
envelope = envelope.addAssertionEnvelope(elidedAssertion);
|
|
1436
1449
|
envelope = envelope.addAssertion(kv$1(SALT), salt.toData());
|
|
1437
1450
|
break;
|
|
1438
1451
|
}
|
|
1439
|
-
case
|
|
1452
|
+
case "Encrypt":
|
|
1440
1453
|
if (typeof generatorOptions === "object") {
|
|
1441
1454
|
const generatorBytes3 = encodeGeneratorJSON(data.generator.toJSON());
|
|
1442
1455
|
const wrapped = Envelope.new(generatorBytes3).wrap();
|
|
@@ -1446,14 +1459,13 @@ var Provenance = class Provenance {
|
|
|
1446
1459
|
envelope = envelope.addAssertion(kv$1(SALT), salt.toData());
|
|
1447
1460
|
}
|
|
1448
1461
|
break;
|
|
1449
|
-
case XIDGeneratorOptions.Omit:
|
|
1450
1462
|
default: break;
|
|
1451
1463
|
}
|
|
1452
1464
|
}
|
|
1453
1465
|
return envelope;
|
|
1454
1466
|
}
|
|
1455
1467
|
intoEnvelope() {
|
|
1456
|
-
return this.intoEnvelopeOpt(
|
|
1468
|
+
return this.intoEnvelopeOpt("Omit");
|
|
1457
1469
|
}
|
|
1458
1470
|
/**
|
|
1459
1471
|
* Try to extract a Provenance from an envelope, optionally with password for decryption.
|
|
@@ -1540,7 +1552,6 @@ var Provenance = class Provenance {
|
|
|
1540
1552
|
} : void 0);
|
|
1541
1553
|
}
|
|
1542
1554
|
};
|
|
1543
|
-
|
|
1544
1555
|
//#endregion
|
|
1545
1556
|
//#region src/xid-document.ts
|
|
1546
1557
|
/**
|
|
@@ -1775,7 +1786,7 @@ var XIDDocument = class XIDDocument {
|
|
|
1775
1786
|
* Extract inception private keys from an envelope (convenience static method).
|
|
1776
1787
|
*/
|
|
1777
1788
|
static extractInceptionPrivateKeysFromEnvelope(envelope, password) {
|
|
1778
|
-
return XIDDocument.fromEnvelope(envelope, password,
|
|
1789
|
+
return XIDDocument.fromEnvelope(envelope, password, "None").inceptionPrivateKeys();
|
|
1779
1790
|
}
|
|
1780
1791
|
/**
|
|
1781
1792
|
* Get the private key envelope for a specific key, optionally decrypting it.
|
|
@@ -2053,7 +2064,7 @@ var XIDDocument = class XIDDocument {
|
|
|
2053
2064
|
/**
|
|
2054
2065
|
* Convert to envelope with options.
|
|
2055
2066
|
*/
|
|
2056
|
-
toEnvelope(privateKeyOptions =
|
|
2067
|
+
toEnvelope(privateKeyOptions = "Omit", generatorOptions = "Omit", signingOptions = { type: "none" }) {
|
|
2057
2068
|
let envelope = Envelope.newLeaf(this._xid.taggedCbor());
|
|
2058
2069
|
for (const method of this._resolutionMethods) envelope = envelope.addAssertion(kv(DEREFERENCE_VIA), method);
|
|
2059
2070
|
for (const key of this._keys.values()) envelope = envelope.addAssertion(kv(KEY), key.intoEnvelopeOpt(privateKeyOptions));
|
|
@@ -2088,10 +2099,10 @@ var XIDDocument = class XIDDocument {
|
|
|
2088
2099
|
/**
|
|
2089
2100
|
* Extract an XIDDocument from an envelope.
|
|
2090
2101
|
*/
|
|
2091
|
-
static fromEnvelope(envelope, password, verifySignature =
|
|
2102
|
+
static fromEnvelope(envelope, password, verifySignature = "None") {
|
|
2092
2103
|
const envelopeExt = envelope;
|
|
2093
2104
|
switch (verifySignature) {
|
|
2094
|
-
case
|
|
2105
|
+
case "None": {
|
|
2095
2106
|
const subject = envelopeExt.subject();
|
|
2096
2107
|
const envelopeToParse = subject.isWrapped() ? subject.tryUnwrap() : envelope;
|
|
2097
2108
|
const attachments = Attachments$1.fromEnvelope(envelopeToParse);
|
|
@@ -2101,7 +2112,7 @@ var XIDDocument = class XIDDocument {
|
|
|
2101
2112
|
doc._edges = edges;
|
|
2102
2113
|
return doc;
|
|
2103
2114
|
}
|
|
2104
|
-
case
|
|
2115
|
+
case "Inception": {
|
|
2105
2116
|
if (!envelopeExt.subject().isWrapped()) throw XIDError.envelopeNotSigned();
|
|
2106
2117
|
const unwrapped = envelopeExt.tryUnwrap();
|
|
2107
2118
|
const attachments = Attachments$1.fromEnvelope(unwrapped);
|
|
@@ -2176,13 +2187,13 @@ var XIDDocument = class XIDDocument {
|
|
|
2176
2187
|
* Create a signed envelope.
|
|
2177
2188
|
*/
|
|
2178
2189
|
toSignedEnvelope(signingKey) {
|
|
2179
|
-
return this.toSignedEnvelopeOpt(signingKey,
|
|
2190
|
+
return this.toSignedEnvelopeOpt(signingKey, "Omit");
|
|
2180
2191
|
}
|
|
2181
2192
|
/**
|
|
2182
2193
|
* Create a signed envelope with private key options.
|
|
2183
2194
|
*/
|
|
2184
|
-
toSignedEnvelopeOpt(signingKey, privateKeyOptions =
|
|
2185
|
-
return this.toEnvelope(privateKeyOptions,
|
|
2195
|
+
toSignedEnvelopeOpt(signingKey, privateKeyOptions = "Omit") {
|
|
2196
|
+
return this.toEnvelope(privateKeyOptions, "Omit", { type: "none" }).sign(signingKey);
|
|
2186
2197
|
}
|
|
2187
2198
|
/**
|
|
2188
2199
|
* Get the reference for this document.
|
|
@@ -2234,7 +2245,7 @@ var XIDDocument = class XIDDocument {
|
|
|
2234
2245
|
* Try to extract from envelope (alias for fromEnvelope with default options).
|
|
2235
2246
|
*/
|
|
2236
2247
|
static tryFromEnvelope(envelope) {
|
|
2237
|
-
return XIDDocument.fromEnvelope(envelope, void 0,
|
|
2248
|
+
return XIDDocument.fromEnvelope(envelope, void 0, "None");
|
|
2238
2249
|
}
|
|
2239
2250
|
};
|
|
2240
2251
|
registerXIDDocumentClass(XIDDocument);
|
|
@@ -2243,11 +2254,10 @@ function bytesEqual(a, b) {
|
|
|
2243
2254
|
for (let i = 0; i < a.length; i++) if (a[i] !== b[i]) return false;
|
|
2244
2255
|
return true;
|
|
2245
2256
|
}
|
|
2246
|
-
|
|
2247
2257
|
//#endregion
|
|
2248
2258
|
//#region src/index.ts
|
|
2249
2259
|
const VERSION = "1.0.0-alpha.3";
|
|
2250
|
-
|
|
2251
2260
|
//#endregion
|
|
2252
2261
|
export { Attachments, Delegate, Edges, HasNicknameMixin, HasPermissionsMixin, Key, Permissions, Privilege, Provenance, Service, Shared, VERSION, XID, XIDDocument, XIDError, XIDErrorCode, XIDGeneratorOptions, XIDPrivateKeyOptions, XIDVerifySignature, privilegeFromEnvelope, privilegeFromKnownValue, privilegeToEnvelope, privilegeToKnownValue, registerXIDDocumentClass };
|
|
2262
|
+
|
|
2253
2263
|
//# sourceMappingURL=index.mjs.map
|