@bsv/sdk 1.3.31 → 1.3.33
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/package.json +1 -1
- package/dist/cjs/src/auth/certificates/Certificate.js +11 -4
- package/dist/cjs/src/auth/certificates/Certificate.js.map +1 -1
- package/dist/cjs/src/auth/certificates/MasterCertificate.js +25 -15
- package/dist/cjs/src/auth/certificates/MasterCertificate.js.map +1 -1
- package/dist/cjs/src/auth/certificates/VerifiableCertificate.js +6 -2
- package/dist/cjs/src/auth/certificates/VerifiableCertificate.js.map +1 -1
- package/dist/cjs/tsconfig.cjs.tsbuildinfo +1 -1
- package/dist/esm/src/auth/certificates/Certificate.js +11 -4
- package/dist/esm/src/auth/certificates/Certificate.js.map +1 -1
- package/dist/esm/src/auth/certificates/MasterCertificate.js +25 -15
- package/dist/esm/src/auth/certificates/MasterCertificate.js.map +1 -1
- package/dist/esm/src/auth/certificates/VerifiableCertificate.js +6 -2
- package/dist/esm/src/auth/certificates/VerifiableCertificate.js.map +1 -1
- package/dist/esm/tsconfig.esm.tsbuildinfo +1 -1
- package/dist/types/src/auth/certificates/Certificate.d.ts +10 -3
- package/dist/types/src/auth/certificates/Certificate.d.ts.map +1 -1
- package/dist/types/src/auth/certificates/MasterCertificate.d.ts +10 -4
- package/dist/types/src/auth/certificates/MasterCertificate.d.ts.map +1 -1
- package/dist/types/src/auth/certificates/VerifiableCertificate.d.ts +3 -1
- package/dist/types/src/auth/certificates/VerifiableCertificate.d.ts.map +1 -1
- package/dist/types/tsconfig.types.tsbuildinfo +1 -1
- package/dist/umd/bundle.js +1 -1
- package/docs/auth.md +36 -13
- package/package.json +1 -1
- package/src/auth/certificates/Certificate.ts +11 -4
- package/src/auth/certificates/MasterCertificate.ts +37 -13
- package/src/auth/certificates/VerifiableCertificate.ts +8 -2
package/dist/cjs/package.json
CHANGED
|
@@ -166,16 +166,23 @@ class Certificate {
|
|
|
166
166
|
/**
|
|
167
167
|
* Helper function which retrieves the protocol ID and key ID for certificate field encryption.
|
|
168
168
|
*
|
|
169
|
-
*
|
|
169
|
+
* For master certificate creation, no serial number is provided because entropy is required
|
|
170
|
+
* from both the client and the certifier. In this case, the `keyID` is simply the `fieldName`.
|
|
171
|
+
*
|
|
172
|
+
* For VerifiableCertificates verifier keyring creation, both the serial number and field name are available,
|
|
173
|
+
* so the `keyID` is formed by concatenating the `serialNumber` and `fieldName`.
|
|
174
|
+
*
|
|
170
175
|
* @param fieldName - The name of the field within the certificate to be encrypted.
|
|
171
|
-
* @
|
|
176
|
+
* @param serialNumber - (Optional) The serial number of the certificate.
|
|
177
|
+
* @returns An object containing:
|
|
172
178
|
* - `protocolID` (WalletProtocol): The protocol ID for certificate field encryption.
|
|
173
|
-
* - `keyID` (string): A unique key identifier
|
|
179
|
+
* - `keyID` (string): A unique key identifier. It is the `fieldName` if `serialNumber` is undefined,
|
|
180
|
+
* otherwise it is a combination of `serialNumber` and `fieldName`.
|
|
174
181
|
*/
|
|
175
182
|
static getCertificateFieldEncryptionDetails(fieldName, serialNumber) {
|
|
176
183
|
return {
|
|
177
184
|
protocolID: [2, 'certificate field encryption'],
|
|
178
|
-
keyID:
|
|
185
|
+
keyID: serialNumber ? `${serialNumber} ${fieldName}` : fieldName
|
|
179
186
|
};
|
|
180
187
|
}
|
|
181
188
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Certificate.js","sourceRoot":"","sources":["../../../../../src/auth/certificates/Certificate.ts"],"names":[],"mappings":";;AAAA,4CAUwB;AAExB;;;;GAIG;AACH,MAAqB,WAAW;IAoC9B;;;;;;;;;;OAUG;IACH,YACE,IAAkB,EAClB,YAA0B,EAC1B,OAAkB,EAClB,SAAoB,EACpB,kBAAkC,EAClC,MAAwD,EACxD,SAAqB;QAErB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAA;QAChB,IAAI,CAAC,YAAY,GAAG,YAAY,CAAA;QAChC,IAAI,CAAC,OAAO,GAAG,OAAO,CAAA;QACtB,IAAI,CAAC,SAAS,GAAG,SAAS,CAAA;QAC1B,IAAI,CAAC,kBAAkB,GAAG,kBAAkB,CAAA;QAC5C,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;QACpB,IAAI,CAAC,SAAS,GAAG,SAAS,CAAA;IAC5B,CAAC;IAED;;;;;OAKG;IACH,QAAQ,CAAC,mBAA4B,IAAI;;QACvC,MAAM,MAAM,GAAG,IAAI,cAAK,CAAC,MAAM,EAAE,CAAA;QAEjC,sCAAsC;QACtC,MAAM,SAAS,GAAG,cAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAA;QACpD,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;QAEvB,8CAA8C;QAC9C,MAAM,iBAAiB,GAAG,cAAK,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAA;QACpE,MAAM,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAA;QAE/B,gDAAgD;QAChD,MAAM,YAAY,GAAG,cAAK,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,CAAA;QACvD,MAAM,CAAC,KAAK,CAAC,YAAY,CAAC,CAAA;QAE1B,kDAAkD;QAClD,MAAM,cAAc,GAAG,cAAK,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,EAAE,KAAK,CAAC,CAAA;QAC3D,MAAM,CAAC,KAAK,CAAC,cAAc,CAAC,CAAA;QAE5B,gDAAgD;QAChD,MAAM,CAAC,IAAI,EAAE,WAAW,CAAC,GAAG,IAAI,CAAC,kBAAkB,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAC9D,MAAM,SAAS,GAAG,cAAK,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;QAC5C,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;QACvB,MAAM,CAAC,cAAc,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAA;QAE1C,eAAe;QACf,qCAAqC;QACrC,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,CAAA;QAClD,MAAM,CAAC,cAAc,CAAC,UAAU,CAAC,MAAM,CAAC,CAAA;QACxC,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE;YAClC,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAA;YAEzC,aAAa;YACb,MAAM,cAAc,GAAG,cAAK,CAAC,OAAO,CAAC,SAAS,EAAE,MAAM,CAAC,CAAA;YACvD,MAAM,CAAC,cAAc,CAAC,cAAc,CAAC,MAAM,CAAC,CAAA;YAC5C,MAAM,CAAC,KAAK,CAAC,cAAc,CAAC,CAAA;YAE5B,cAAc;YACd,MAAM,eAAe,GAAG,cAAK,CAAC,OAAO,CAAC,UAAU,EAAE,MAAM,CAAC,CAAA;YACzD,MAAM,CAAC,cAAc,CAAC,eAAe,CAAC,MAAM,CAAC,CAAA;YAC7C,MAAM,CAAC,KAAK,CAAC,eAAe,CAAC,CAAA;SAC9B;QAED,8BAA8B;QAC9B,IAAI,gBAAgB,IAAI,CAAC,MAAA,IAAI,CAAC,SAAS,mCAAI,EAAE,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,EAAE,wCAAwC;YACnG,MAAM,cAAc,GAAG,cAAK,CAAC,OAAO,CAAC,IAAI,CAAC,SAAmB,EAAE,KAAK,CAAC,CAAA,CAAC,yCAAyC;YAC/G,MAAM,CAAC,KAAK,CAAC,cAAc,CAAC,CAAA;SAC7B;QAED,OAAO,MAAM,CAAC,OAAO,EAAE,CAAA;IACzB,CAAC;IAED;;;;;OAKG;IACH,MAAM,CAAC,UAAU,CAAC,GAAa;QAC7B,MAAM,MAAM,GAAG,IAAI,cAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA;QAEpC,YAAY;QACZ,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACjC,MAAM,IAAI,GAAG,cAAK,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAA;QAEtC,oBAAoB;QACpB,MAAM,iBAAiB,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACzC,MAAM,YAAY,GAAG,cAAK,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAA;QAEtD,0BAA0B;QAC1B,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACpC,MAAM,OAAO,GAAG,cAAK,CAAC,KAAK,CAAC,YAAY,CAAC,CAAA;QAEzC,4BAA4B;QAC5B,MAAM,cAAc,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACtC,MAAM,SAAS,GAAG,cAAK,CAAC,KAAK,CAAC,cAAc,CAAC,CAAA;QAE7C,0BAA0B;QAC1B,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACjC,MAAM,IAAI,GAAG,cAAK,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;QACnC,MAAM,WAAW,GAAG,MAAM,CAAC,aAAa,EAAE,CAAA;QAC1C,MAAM,kBAAkB,GAAG,GAAG,IAAI,IAAI,WAAW,EAAE,CAAA;QAEnD,cAAc;QACd,MAAM,SAAS,GAAG,MAAM,CAAC,aAAa,EAAE,CAAA;QACxC,MAAM,MAAM,GAAqD,EAAE,CAAA;QACnE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,EAAE,CAAC,EAAE,EAAE;YAClC,aAAa;YACb,MAAM,eAAe,GAAG,MAAM,CAAC,aAAa,EAAE,CAAA;YAC9C,MAAM,cAAc,GAAG,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,CAAA;YACnD,MAAM,SAAS,GAAG,cAAK,CAAC,MAAM,CAAC,cAAc,CAAC,CAAA;YAE9C,cAAc;YACd,MAAM,gBAAgB,GAAG,MAAM,CAAC,aAAa,EAAE,CAAA;YAC/C,MAAM,eAAe,GAAG,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAA;YACrD,MAAM,UAAU,GAAG,cAAK,CAAC,MAAM,CAAC,eAAe,CAAC,CAAA;YAEhD,MAAM,CAAC,SAAS,CAAC,GAAG,UAAU,CAAA;SAC/B;QAED,4BAA4B;QAC5B,IAAI,SAA6B,CAAA;QACjC,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,EAAE;YACjB,MAAM,cAAc,GAAG,MAAM,CAAC,IAAI,EAAE,CAAA;YACpC,MAAM,GAAG,GAAG,kBAAS,CAAC,OAAO,CAAC,cAAc,CAAC,CAAA;YAC7C,SAAS,GAAG,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAW,CAAA;SAC1C;QAED,OAAO,IAAI,WAAW,CACpB,IAAI,EACJ,YAAY,EACZ,OAAO,EACP,SAAS,EACT,kBAAkB,EAClB,MAAM,EACN,SAAS,CACV,CAAA;IACH,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,MAAM;;QACV,+DAA+D;QAC/D,MAAM,QAAQ,GAAG,IAAI,oBAAW,CAAC,QAAQ,CAAC,CAAA;QAC1C,MAAM,gBAAgB,GAAG,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA,CAAC,mDAAmD;QAEjG,MAAM,YAAY,GAAG,MAAA,IAAI,CAAC,SAAS,mCAAI,EAAE,CAAA,CAAC,0CAA0C;QAEpF,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,QAAQ,CAAC,eAAe,CAAC;YAC/C,SAAS,EAAE,cAAK,CAAC,OAAO,CAAC,YAAY,EAAE,KAAK,CAAC;YAC7C,IAAI,EAAE,gBAAgB;YACtB,UAAU,EAAE,CAAC,CAAC,EAAE,uBAAuB,CAAC;YACxC,KAAK,EAAE,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,YAAY,EAAE;YAC1C,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,sDAAsD;SACpF,CAAC,CAAA;QAEF,OAAO,KAAK,CAAA;IACd,CAAC;IAED;;;;;KAKC;IACD,KAAK,CAAC,IAAI,CAAC,eAA4B;QACrC,IAAI,IAAI,CAAC,SAAS,IAAI,IAAI,IAAI,IAAI,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,EAAE,2CAA2C;YACpG,MAAM,IAAI,KAAK,CACb,2DAA2D,IAAI,CAAC,SAAS,EAAE,CAC5E,CAAA;SACF;QAED,4DAA4D;QAC5D,IAAI,CAAC,SAAS,GAAG,CACf,MAAM,eAAe,CAAC,YAAY,CAAC,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAC1D,CAAC,SAAS,CAAA;QAEX,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA,CAAC,qCAAqC;QAC3E,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,eAAe,CAAC,eAAe,CAAC;YAC1D,IAAI,EAAE,QAAQ;YACd,UAAU,EAAE,CAAC,CAAC,EAAE,uBAAuB,CAAC;YACxC,KAAK,EAAE,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,YAAY,EAAE;SAC3C,CAAC,CAAA;QACF,IAAI,CAAC,SAAS,GAAG,cAAK,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;IACzC,CAAC;IAED
|
|
1
|
+
{"version":3,"file":"Certificate.js","sourceRoot":"","sources":["../../../../../src/auth/certificates/Certificate.ts"],"names":[],"mappings":";;AAAA,4CAUwB;AAExB;;;;GAIG;AACH,MAAqB,WAAW;IAoC9B;;;;;;;;;;OAUG;IACH,YACE,IAAkB,EAClB,YAA0B,EAC1B,OAAkB,EAClB,SAAoB,EACpB,kBAAkC,EAClC,MAAwD,EACxD,SAAqB;QAErB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAA;QAChB,IAAI,CAAC,YAAY,GAAG,YAAY,CAAA;QAChC,IAAI,CAAC,OAAO,GAAG,OAAO,CAAA;QACtB,IAAI,CAAC,SAAS,GAAG,SAAS,CAAA;QAC1B,IAAI,CAAC,kBAAkB,GAAG,kBAAkB,CAAA;QAC5C,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;QACpB,IAAI,CAAC,SAAS,GAAG,SAAS,CAAA;IAC5B,CAAC;IAED;;;;;OAKG;IACH,QAAQ,CAAC,mBAA4B,IAAI;;QACvC,MAAM,MAAM,GAAG,IAAI,cAAK,CAAC,MAAM,EAAE,CAAA;QAEjC,sCAAsC;QACtC,MAAM,SAAS,GAAG,cAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAA;QACpD,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;QAEvB,8CAA8C;QAC9C,MAAM,iBAAiB,GAAG,cAAK,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAA;QACpE,MAAM,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAA;QAE/B,gDAAgD;QAChD,MAAM,YAAY,GAAG,cAAK,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,CAAA;QACvD,MAAM,CAAC,KAAK,CAAC,YAAY,CAAC,CAAA;QAE1B,kDAAkD;QAClD,MAAM,cAAc,GAAG,cAAK,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,EAAE,KAAK,CAAC,CAAA;QAC3D,MAAM,CAAC,KAAK,CAAC,cAAc,CAAC,CAAA;QAE5B,gDAAgD;QAChD,MAAM,CAAC,IAAI,EAAE,WAAW,CAAC,GAAG,IAAI,CAAC,kBAAkB,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAC9D,MAAM,SAAS,GAAG,cAAK,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;QAC5C,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;QACvB,MAAM,CAAC,cAAc,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAA;QAE1C,eAAe;QACf,qCAAqC;QACrC,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,CAAA;QAClD,MAAM,CAAC,cAAc,CAAC,UAAU,CAAC,MAAM,CAAC,CAAA;QACxC,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE;YAClC,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAA;YAEzC,aAAa;YACb,MAAM,cAAc,GAAG,cAAK,CAAC,OAAO,CAAC,SAAS,EAAE,MAAM,CAAC,CAAA;YACvD,MAAM,CAAC,cAAc,CAAC,cAAc,CAAC,MAAM,CAAC,CAAA;YAC5C,MAAM,CAAC,KAAK,CAAC,cAAc,CAAC,CAAA;YAE5B,cAAc;YACd,MAAM,eAAe,GAAG,cAAK,CAAC,OAAO,CAAC,UAAU,EAAE,MAAM,CAAC,CAAA;YACzD,MAAM,CAAC,cAAc,CAAC,eAAe,CAAC,MAAM,CAAC,CAAA;YAC7C,MAAM,CAAC,KAAK,CAAC,eAAe,CAAC,CAAA;SAC9B;QAED,8BAA8B;QAC9B,IAAI,gBAAgB,IAAI,CAAC,MAAA,IAAI,CAAC,SAAS,mCAAI,EAAE,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,EAAE,wCAAwC;YACnG,MAAM,cAAc,GAAG,cAAK,CAAC,OAAO,CAAC,IAAI,CAAC,SAAmB,EAAE,KAAK,CAAC,CAAA,CAAC,yCAAyC;YAC/G,MAAM,CAAC,KAAK,CAAC,cAAc,CAAC,CAAA;SAC7B;QAED,OAAO,MAAM,CAAC,OAAO,EAAE,CAAA;IACzB,CAAC;IAED;;;;;OAKG;IACH,MAAM,CAAC,UAAU,CAAC,GAAa;QAC7B,MAAM,MAAM,GAAG,IAAI,cAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA;QAEpC,YAAY;QACZ,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACjC,MAAM,IAAI,GAAG,cAAK,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAA;QAEtC,oBAAoB;QACpB,MAAM,iBAAiB,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACzC,MAAM,YAAY,GAAG,cAAK,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAA;QAEtD,0BAA0B;QAC1B,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACpC,MAAM,OAAO,GAAG,cAAK,CAAC,KAAK,CAAC,YAAY,CAAC,CAAA;QAEzC,4BAA4B;QAC5B,MAAM,cAAc,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACtC,MAAM,SAAS,GAAG,cAAK,CAAC,KAAK,CAAC,cAAc,CAAC,CAAA;QAE7C,0BAA0B;QAC1B,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACjC,MAAM,IAAI,GAAG,cAAK,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;QACnC,MAAM,WAAW,GAAG,MAAM,CAAC,aAAa,EAAE,CAAA;QAC1C,MAAM,kBAAkB,GAAG,GAAG,IAAI,IAAI,WAAW,EAAE,CAAA;QAEnD,cAAc;QACd,MAAM,SAAS,GAAG,MAAM,CAAC,aAAa,EAAE,CAAA;QACxC,MAAM,MAAM,GAAqD,EAAE,CAAA;QACnE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,EAAE,CAAC,EAAE,EAAE;YAClC,aAAa;YACb,MAAM,eAAe,GAAG,MAAM,CAAC,aAAa,EAAE,CAAA;YAC9C,MAAM,cAAc,GAAG,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,CAAA;YACnD,MAAM,SAAS,GAAG,cAAK,CAAC,MAAM,CAAC,cAAc,CAAC,CAAA;YAE9C,cAAc;YACd,MAAM,gBAAgB,GAAG,MAAM,CAAC,aAAa,EAAE,CAAA;YAC/C,MAAM,eAAe,GAAG,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAA;YACrD,MAAM,UAAU,GAAG,cAAK,CAAC,MAAM,CAAC,eAAe,CAAC,CAAA;YAEhD,MAAM,CAAC,SAAS,CAAC,GAAG,UAAU,CAAA;SAC/B;QAED,4BAA4B;QAC5B,IAAI,SAA6B,CAAA;QACjC,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,EAAE;YACjB,MAAM,cAAc,GAAG,MAAM,CAAC,IAAI,EAAE,CAAA;YACpC,MAAM,GAAG,GAAG,kBAAS,CAAC,OAAO,CAAC,cAAc,CAAC,CAAA;YAC7C,SAAS,GAAG,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAW,CAAA;SAC1C;QAED,OAAO,IAAI,WAAW,CACpB,IAAI,EACJ,YAAY,EACZ,OAAO,EACP,SAAS,EACT,kBAAkB,EAClB,MAAM,EACN,SAAS,CACV,CAAA;IACH,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,MAAM;;QACV,+DAA+D;QAC/D,MAAM,QAAQ,GAAG,IAAI,oBAAW,CAAC,QAAQ,CAAC,CAAA;QAC1C,MAAM,gBAAgB,GAAG,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA,CAAC,mDAAmD;QAEjG,MAAM,YAAY,GAAG,MAAA,IAAI,CAAC,SAAS,mCAAI,EAAE,CAAA,CAAC,0CAA0C;QAEpF,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,QAAQ,CAAC,eAAe,CAAC;YAC/C,SAAS,EAAE,cAAK,CAAC,OAAO,CAAC,YAAY,EAAE,KAAK,CAAC;YAC7C,IAAI,EAAE,gBAAgB;YACtB,UAAU,EAAE,CAAC,CAAC,EAAE,uBAAuB,CAAC;YACxC,KAAK,EAAE,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,YAAY,EAAE;YAC1C,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,sDAAsD;SACpF,CAAC,CAAA;QAEF,OAAO,KAAK,CAAA;IACd,CAAC;IAED;;;;;KAKC;IACD,KAAK,CAAC,IAAI,CAAC,eAA4B;QACrC,IAAI,IAAI,CAAC,SAAS,IAAI,IAAI,IAAI,IAAI,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,EAAE,2CAA2C;YACpG,MAAM,IAAI,KAAK,CACb,2DAA2D,IAAI,CAAC,SAAS,EAAE,CAC5E,CAAA;SACF;QAED,4DAA4D;QAC5D,IAAI,CAAC,SAAS,GAAG,CACf,MAAM,eAAe,CAAC,YAAY,CAAC,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAC1D,CAAC,SAAS,CAAA;QAEX,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA,CAAC,qCAAqC;QAC3E,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,eAAe,CAAC,eAAe,CAAC;YAC1D,IAAI,EAAE,QAAQ;YACd,UAAU,EAAE,CAAC,CAAC,EAAE,uBAAuB,CAAC;YACxC,KAAK,EAAE,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,YAAY,EAAE;SAC3C,CAAC,CAAA;QACF,IAAI,CAAC,SAAS,GAAG,cAAK,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;IACzC,CAAC;IAED;;;;;;;;;;;;;;;OAeG;IACH,MAAM,CAAC,oCAAoC,CACzC,SAAiB,EACjB,YAAqB;QAErB,OAAO;YACL,UAAU,EAAE,CAAC,CAAC,EAAE,8BAA8B,CAAC;YAC/C,KAAK,EAAE,YAAY,CAAC,CAAC,CAAC,GAAG,YAAY,IAAI,SAAS,EAAE,CAAC,CAAC,CAAC,SAAS;SACjE,CAAA;IACH,CAAC;CACF;AAzQD,8BAyQC"}
|
|
@@ -33,13 +33,15 @@ class MasterCertificate extends Certificate_js_1.default {
|
|
|
33
33
|
* @param {ProtoWallet} creatorWallet - The wallet of the creator responsible for encrypting the fields.
|
|
34
34
|
* @param {WalletCounterparty} certifierOrSubject - The certifier or subject who will validate the certificate fields.
|
|
35
35
|
* @param {Record<CertificateFieldNameUnder50Bytes, string>} fields - A record of certificate field names (under 50 bytes) mapped to their values.
|
|
36
|
+
* @param {BooleanDefaultFalse} [privileged] - Whether this is a privileged request.
|
|
37
|
+
* @param {DescriptionString5to50Bytes} [privilegedReason] - Reason provided for privileged access, required if this is a privileged operation. *
|
|
36
38
|
* @returns {Promise<CreateCertificateFieldsResult>} A promise resolving to an object containing:
|
|
37
39
|
* - `certificateFields` {Record<CertificateFieldNameUnder50Bytes, Base64String>}:
|
|
38
40
|
* The encrypted certificate fields.
|
|
39
41
|
* - `masterKeyring` {Record<CertificateFieldNameUnder50Bytes, Base64String>}:
|
|
40
42
|
* The master keyring containing encrypted revelation keys for each field.
|
|
41
43
|
*/
|
|
42
|
-
static async createCertificateFields(creatorWallet, certifierOrSubject, fields) {
|
|
44
|
+
static async createCertificateFields(creatorWallet, certifierOrSubject, fields, privileged, privilegedReason) {
|
|
43
45
|
const certificateFields = {};
|
|
44
46
|
const masterKeyring = {};
|
|
45
47
|
for (const [fieldName, fieldValue] of Object.entries(fields)) {
|
|
@@ -49,7 +51,9 @@ class MasterCertificate extends Certificate_js_1.default {
|
|
|
49
51
|
const { ciphertext: encryptedFieldRevelationKey } = await creatorWallet.encrypt({
|
|
50
52
|
plaintext: fieldSymmetricKey.toArray(),
|
|
51
53
|
...Certificate_js_1.default.getCertificateFieldEncryptionDetails(fieldName),
|
|
52
|
-
counterparty: certifierOrSubject
|
|
54
|
+
counterparty: certifierOrSubject,
|
|
55
|
+
privileged,
|
|
56
|
+
privilegedReason
|
|
53
57
|
});
|
|
54
58
|
masterKeyring[fieldName] = mod_js_1.Utils.toBase64(encryptedFieldRevelationKey);
|
|
55
59
|
}
|
|
@@ -69,12 +73,14 @@ class MasterCertificate extends Certificate_js_1.default {
|
|
|
69
73
|
* @param {string[]} fieldsToReveal - An array of field names to be revealed to the verifier. Must be a subset of the certificate's fields.
|
|
70
74
|
* @param {string} [originator] - Optional originator identifier, used if additional context is needed for decryption and encryption operations.
|
|
71
75
|
* @returns {Promise<Record<CertificateFieldNameUnder50Bytes, string>>} - A keyring mapping field names to encrypted field revelation keys, allowing the verifier to decrypt specified fields.
|
|
76
|
+
* @param {BooleanDefaultFalse} [privileged] - Whether this is a privileged request.
|
|
77
|
+
* @param {DescriptionString5to50Bytes} [privilegedReason] - Reason provided for privileged access, required if this is a privileged operation. *
|
|
72
78
|
* @throws {Error} Throws an error if:
|
|
73
79
|
* - fieldsToReveal is not an array of strings.
|
|
74
80
|
* - A field in `fieldsToReveal` does not exist in the certificate.
|
|
75
81
|
* - The decrypted master field key fails to decrypt the corresponding field (indicating an invalid key).
|
|
76
82
|
*/
|
|
77
|
-
static async createKeyringForVerifier(subjectWallet, certifier, verifier, fields, fieldsToReveal, masterKeyring, serialNumber) {
|
|
83
|
+
static async createKeyringForVerifier(subjectWallet, certifier, verifier, fields, fieldsToReveal, masterKeyring, serialNumber, privileged, privilegedReason) {
|
|
78
84
|
if (!Array.isArray(fieldsToReveal)) {
|
|
79
85
|
throw new Error('fieldsToReveal must be an array of strings');
|
|
80
86
|
}
|
|
@@ -85,12 +91,14 @@ class MasterCertificate extends Certificate_js_1.default {
|
|
|
85
91
|
throw new Error(`Fields to reveal must be a subset of the certificate fields. Missing the "${fieldName}" field.`);
|
|
86
92
|
}
|
|
87
93
|
// Decrypt the master field key and verify that derived key actually decrypts requested field
|
|
88
|
-
const masterFieldKey = (await this.decryptField(subjectWallet, masterKeyring, fieldName, fields[fieldName], certifier)).fieldRevelationKey;
|
|
94
|
+
const masterFieldKey = (await this.decryptField(subjectWallet, masterKeyring, fieldName, fields[fieldName], certifier, privileged, privilegedReason)).fieldRevelationKey;
|
|
89
95
|
// Encrypt derived fieldRevelationKey for verifier
|
|
90
96
|
const { ciphertext: encryptedFieldRevelationKey } = await subjectWallet.encrypt({
|
|
91
97
|
plaintext: masterFieldKey,
|
|
92
98
|
...Certificate_js_1.default.getCertificateFieldEncryptionDetails(fieldName, serialNumber),
|
|
93
|
-
counterparty: verifier
|
|
99
|
+
counterparty: verifier,
|
|
100
|
+
privileged,
|
|
101
|
+
privilegedReason
|
|
94
102
|
});
|
|
95
103
|
// Add encryptedFieldRevelationKey to fieldRevelationKeyring
|
|
96
104
|
fieldRevelationKeyring[fieldName] = mod_js_1.Utils.toBase64(encryptedFieldRevelationKey);
|
|
@@ -120,17 +128,15 @@ class MasterCertificate extends Certificate_js_1.default {
|
|
|
120
128
|
static async issueCertificateForSubject(certifierWallet, subject, fields, certificateType, getRevocationOutpoint = async (_serial) => {
|
|
121
129
|
void _serial; // Explicitly acknowledge unused parameter
|
|
122
130
|
return 'Certificate revocation not tracked.';
|
|
123
|
-
}, serialNumber
|
|
124
|
-
) {
|
|
131
|
+
}, serialNumber) {
|
|
125
132
|
// 1. Generate a random serialNumber if not provided
|
|
126
|
-
const finalSerialNumber = serialNumber !== null && serialNumber !== void 0 ? serialNumber : mod_js_1.Utils.toBase64((0, mod_js_1.Random)(32));
|
|
133
|
+
const finalSerialNumber = serialNumber !== null && serialNumber !== void 0 ? serialNumber : mod_js_1.Utils.toBase64((0, mod_js_1.Random)(32));
|
|
127
134
|
// 2. Create encrypted certificate fields and associated master keyring
|
|
128
135
|
const { certificateFields, masterKeyring } = await this.createCertificateFields(certifierWallet, subject, fields);
|
|
129
136
|
// 3. Obtain a revocation outpoint
|
|
130
|
-
const revocationOutpoint = await getRevocationOutpoint(finalSerialNumber);
|
|
137
|
+
const revocationOutpoint = await getRevocationOutpoint(finalSerialNumber);
|
|
131
138
|
// 4. Create new MasterCertificate instance
|
|
132
|
-
const certificate = new MasterCertificate(certificateType, finalSerialNumber,
|
|
133
|
-
subject, (await certifierWallet.getPublicKey({ identityKey: true })).publicKey, revocationOutpoint, certificateFields, masterKeyring);
|
|
139
|
+
const certificate = new MasterCertificate(certificateType, finalSerialNumber, subject, (await certifierWallet.getPublicKey({ identityKey: true })).publicKey, revocationOutpoint, certificateFields, masterKeyring);
|
|
134
140
|
// 5. Sign and return the new MasterCertificate certifying the subject.
|
|
135
141
|
await certificate.sign(certifierWallet);
|
|
136
142
|
return certificate;
|
|
@@ -148,11 +154,13 @@ class MasterCertificate extends Certificate_js_1.default {
|
|
|
148
154
|
* @param {Record<CertificateFieldNameUnder50Bytes, Base64String>} masterKeyring - A record containing encrypted keys for each field.
|
|
149
155
|
* @param {Record<CertificateFieldNameUnder50Bytes, Base64String>} fields - A record of encrypted field names and their values.
|
|
150
156
|
* @param {WalletCounterparty} counterparty - The counterparty responsible for creating or signing the certificate. For self-signed certificates, use 'self'.
|
|
157
|
+
* @param {BooleanDefaultFalse} [privileged] - Whether this is a privileged request.
|
|
158
|
+
* @param {DescriptionString5to50Bytes} [privilegedReason] - Reason provided for privileged access, required if this is a privileged operation.
|
|
151
159
|
* @returns {Promise<Record<CertificateFieldNameUnder50Bytes, string>>} A promise resolving to a record of field names and their decrypted values in plaintext.
|
|
152
160
|
*
|
|
153
161
|
* @throws {Error} Throws an error if the `masterKeyring` is invalid or if decryption fails for any field.
|
|
154
162
|
*/
|
|
155
|
-
static async decryptFields(subjectOrCertifierWallet, masterKeyring, fields, counterparty) {
|
|
163
|
+
static async decryptFields(subjectOrCertifierWallet, masterKeyring, fields, counterparty, privileged, privilegedReason) {
|
|
156
164
|
if (masterKeyring == null || Object.keys(masterKeyring).length === 0) {
|
|
157
165
|
throw new Error('A MasterCertificate must have a valid masterKeyring!');
|
|
158
166
|
}
|
|
@@ -160,7 +168,7 @@ class MasterCertificate extends Certificate_js_1.default {
|
|
|
160
168
|
const decryptedFields = {};
|
|
161
169
|
// Note: we want to iterate through all fields, not just masterKeyring keys/value pairs.
|
|
162
170
|
for (const fieldName of Object.keys(fields)) {
|
|
163
|
-
decryptedFields[fieldName] = (await this.decryptField(subjectOrCertifierWallet, masterKeyring, fieldName, fields[fieldName], counterparty)).decryptedFieldValue;
|
|
171
|
+
decryptedFields[fieldName] = (await this.decryptField(subjectOrCertifierWallet, masterKeyring, fieldName, fields[fieldName], counterparty, privileged, privilegedReason)).decryptedFieldValue;
|
|
164
172
|
}
|
|
165
173
|
return decryptedFields;
|
|
166
174
|
}
|
|
@@ -168,7 +176,7 @@ class MasterCertificate extends Certificate_js_1.default {
|
|
|
168
176
|
throw new Error('Failed to decrypt all master certificate fields.');
|
|
169
177
|
}
|
|
170
178
|
}
|
|
171
|
-
static async decryptField(subjectOrCertifierWallet, masterKeyring, fieldName, fieldValue, counterparty) {
|
|
179
|
+
static async decryptField(subjectOrCertifierWallet, masterKeyring, fieldName, fieldValue, counterparty, privileged, privilegedReason) {
|
|
172
180
|
if (masterKeyring == null || Object.keys(masterKeyring).length === 0) {
|
|
173
181
|
throw new Error('A MasterCertificate must have a valid masterKeyring!');
|
|
174
182
|
}
|
|
@@ -176,7 +184,9 @@ class MasterCertificate extends Certificate_js_1.default {
|
|
|
176
184
|
const { plaintext: fieldRevelationKey } = await subjectOrCertifierWallet.decrypt({
|
|
177
185
|
ciphertext: mod_js_1.Utils.toArray(masterKeyring[fieldName], 'base64'),
|
|
178
186
|
...Certificate_js_1.default.getCertificateFieldEncryptionDetails(fieldName),
|
|
179
|
-
counterparty
|
|
187
|
+
counterparty,
|
|
188
|
+
privileged,
|
|
189
|
+
privilegedReason
|
|
180
190
|
});
|
|
181
191
|
const decryptedFieldValue = new mod_js_1.SymmetricKey(fieldRevelationKey).decrypt(mod_js_1.Utils.toArray(fieldValue, 'base64'));
|
|
182
192
|
return {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"MasterCertificate.js","sourceRoot":"","sources":["../../../../../src/auth/certificates/MasterCertificate.ts"],"names":[],"mappings":";;;;;;AAAA,4CAWwB;AACxB,sEAA0C;AAO1C;;;;;;;GAOG;AACH,MAAa,iBAAkB,SAAQ,wBAAW;IAWhD,YACE,IAAkB,EAClB,YAA0B,EAC1B,OAAkB,EAClB,SAAoB,EACpB,kBAAkC,EAClC,MAA8D,EAC9D,aAAqE,EACrE,SAAqB;QAErB,KAAK,CACH,IAAI,EACJ,YAAY,EACZ,OAAO,EACP,SAAS,EACT,kBAAkB,EAClB,MAAM,EACN,SAAS,CACV,CAAA;QAED,4FAA4F;QAC5F,KAAK,MAAM,SAAS,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;YAC3C,IAAI,aAAa,CAAC,SAAS,CAAC,KAAK,SAAS,IAAI,aAAa,CAAC,SAAS,CAAC,KAAK,EAAE,EAAE;gBAC7E,MAAM,IAAI,KAAK,CACb,yFAAyF,SAAS,IAAI,CACvG,CAAA;aACF;SACF;QAED,IAAI,CAAC,aAAa,GAAG,aAAa,CAAA;IACpC,CAAC;IAED
|
|
1
|
+
{"version":3,"file":"MasterCertificate.js","sourceRoot":"","sources":["../../../../../src/auth/certificates/MasterCertificate.ts"],"names":[],"mappings":";;;;;;AAAA,4CAWwB;AACxB,sEAA0C;AAO1C;;;;;;;GAOG;AACH,MAAa,iBAAkB,SAAQ,wBAAW;IAWhD,YACE,IAAkB,EAClB,YAA0B,EAC1B,OAAkB,EAClB,SAAoB,EACpB,kBAAkC,EAClC,MAA8D,EAC9D,aAAqE,EACrE,SAAqB;QAErB,KAAK,CACH,IAAI,EACJ,YAAY,EACZ,OAAO,EACP,SAAS,EACT,kBAAkB,EAClB,MAAM,EACN,SAAS,CACV,CAAA;QAED,4FAA4F;QAC5F,KAAK,MAAM,SAAS,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;YAC3C,IAAI,aAAa,CAAC,SAAS,CAAC,KAAK,SAAS,IAAI,aAAa,CAAC,SAAS,CAAC,KAAK,EAAE,EAAE;gBAC7E,MAAM,IAAI,KAAK,CACb,yFAAyF,SAAS,IAAI,CACvG,CAAA;aACF;SACF;QAED,IAAI,CAAC,aAAa,GAAG,aAAa,CAAA;IACpC,CAAC;IAED;;;;;;;;;;;;;;;OAeG;IACH,MAAM,CAAC,KAAK,CAAC,uBAAuB,CAClC,aAA0B,EAC1B,kBAAsC,EACtC,MAAwD,EACxD,UAAoB,EACpB,gBAAyB;QAEzB,MAAM,iBAAiB,GAGnB,EAAE,CAAA;QACN,MAAM,aAAa,GAGf,EAAE,CAAA;QACN,KAAK,MAAM,CAAC,SAAS,EAAE,UAAU,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE;YAC5D,MAAM,iBAAiB,GAAG,qBAAY,CAAC,UAAU,EAAE,CAAA;YACnD,MAAM,mBAAmB,GAAG,iBAAiB,CAAC,OAAO,CACnD,cAAK,CAAC,OAAO,CAAC,UAAU,EAAE,MAAM,CAAC,CAClC,CAAA;YACD,iBAAiB,CAAC,SAAS,CAAC,GAAG,cAAK,CAAC,QAAQ,CAC3C,mBAA+B,CAChC,CAAA;YAED,MAAM,EAAE,UAAU,EAAE,2BAA2B,EAAE,GAC/C,MAAM,aAAa,CAAC,OAAO,CACzB;gBACE,SAAS,EAAE,iBAAiB,CAAC,OAAO,EAAE;gBACtC,GAAG,wBAAW,CAAC,oCAAoC,CAAC,SAAS,CAAC;gBAC9D,YAAY,EAAE,kBAAkB;gBAChC,UAAU;gBACV,gBAAgB;aACjB,CACF,CAAA;YACH,aAAa,CAAC,SAAS,CAAC,GAAG,cAAK,CAAC,QAAQ,CAAC,2BAA2B,CAAC,CAAA;SACvE;QAED,OAAO;YACL,iBAAiB;YACjB,aAAa;SACd,CAAA;IACH,CAAC;IAED;;;;;;;;;;;;;;;;;OAiBG;IACH,MAAM,CAAC,KAAK,CAAC,wBAAwB,CACnC,aAA0B,EAC1B,SAA6B,EAC7B,QAA4B,EAC5B,MAA8D,EAC9D,cAAwB,EACxB,aAAqE,EACrE,YAA0B,EAC1B,UAAoB,EACpB,gBAAyB;QAEzB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE;YAClC,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAA;SAC9D;QACD,MAAM,sBAAsB,GAAG,EAAE,CAAA;QACjC,KAAK,MAAM,SAAS,IAAI,cAAc,EAAE;YACtC,wEAAwE;YACxE,IAAI,MAAM,CAAC,SAAS,CAAC,KAAK,SAAS,IAAI,MAAM,CAAC,SAAS,CAAC,KAAK,IAAI,IAAI,MAAM,CAAC,SAAS,CAAC,KAAK,EAAE,EAAE;gBAC7F,MAAM,IAAI,KAAK,CACb,6EAA6E,SAAS,UAAU,CACjG,CAAA;aACF;YAED,6FAA6F;YAC7F,MAAM,cAAc,GAAG,CACrB,MAAM,IAAI,CAAC,YAAY,CACrB,aAAa,EACb,aAAa,EACb,SAAS,EACT,MAAM,CAAC,SAAS,CAAC,EACjB,SAAS,EACT,UAAU,EACV,gBAAgB,CACjB,CACF,CAAC,kBAAkB,CAAA;YAEpB,kDAAkD;YAClD,MAAM,EAAE,UAAU,EAAE,2BAA2B,EAAE,GAC/C,MAAM,aAAa,CAAC,OAAO,CACzB;gBACE,SAAS,EAAE,cAAc;gBACzB,GAAG,wBAAW,CAAC,oCAAoC,CACjD,SAAS,EACT,YAAY,CACb;gBACD,YAAY,EAAE,QAAQ;gBACtB,UAAU;gBACV,gBAAgB;aACjB,CACF,CAAA;YAEH,4DAA4D;YAC5D,sBAAsB,CAAC,SAAS,CAAC,GAAG,cAAK,CAAC,QAAQ,CAChD,2BAA2B,CAC5B,CAAA;SACF;QAED,2GAA2G;QAC3G,OAAO,sBAAsB,CAAA;IAC/B,CAAC;IAED;;;;;;;;;;;;;;;;;;OAkBG;IACH,MAAM,CAAC,KAAK,CAAC,0BAA0B,CACrC,eAA4B,EAC5B,OAA2B,EAC3B,MAAwD,EACxD,eAAuB,EACvB,wBAAwB,KAAK,EAAE,OAAe,EAAmB,EAAE;QACjE,KAAK,OAAO,CAAA,CAAC,0CAA0C;QACvD,OAAO,qCAAqC,CAAA;IAC9C,CAAC,EACD,YAAqB;QAErB,oDAAoD;QACpD,MAAM,iBAAiB,GAAG,YAAY,aAAZ,YAAY,cAAZ,YAAY,GAAI,cAAK,CAAC,QAAQ,CAAC,IAAA,eAAM,EAAC,EAAE,CAAC,CAAC,CAAA;QAEpE,uEAAuE;QACvE,MAAM,EAAE,iBAAiB,EAAE,aAAa,EAAE,GACxC,MAAM,IAAI,CAAC,uBAAuB,CAAC,eAAe,EAAE,OAAO,EAAE,MAAM,CAAC,CAAA;QAEtE,kCAAkC;QAClC,MAAM,kBAAkB,GAAG,MAAM,qBAAqB,CAAC,iBAAiB,CAAC,CAAA;QAEzE,2CAA2C;QAC3C,MAAM,WAAW,GAAG,IAAI,iBAAiB,CACvC,eAAe,EACf,iBAAiB,EACjB,OAAO,EACP,CAAC,MAAM,eAAe,CAAC,YAAY,CAAC,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,EACrE,kBAAkB,EAClB,iBAAiB,EACjB,aAAa,CACd,CAAA;QAED,uEAAuE;QACvE,MAAM,WAAW,CAAC,IAAI,CAAC,eAAe,CAAC,CAAA;QACvC,OAAO,WAAW,CAAA;IACpB,CAAC;IAED;;;;;;;;;;;;;;;;;;OAkBG;IACH,MAAM,CAAC,KAAK,CAAC,aAAa,CACxB,wBAAqC,EACrC,aAAqE,EACrE,MAA8D,EAC9D,YAAgC,EAChC,UAAoB,EACpB,gBAAyB;QAEzB,IAAI,aAAa,IAAI,IAAI,IAAI,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE;YACpE,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAA;SACxE;QACD,IAAI;YACF,MAAM,eAAe,GACnB,EAAE,CAAA;YACJ,wFAAwF;YACxF,KAAK,MAAM,SAAS,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;gBAC3C,eAAe,CAAC,SAAS,CAAC,GAAG,CAC3B,MAAM,IAAI,CAAC,YAAY,CACrB,wBAAwB,EACxB,aAAa,EACb,SAAS,EACT,MAAM,CAAC,SAAS,CAAC,EACjB,YAAY,EACZ,UAAU,EACV,gBAAgB,CACjB,CACF,CAAC,mBAAmB,CAAA;aACtB;YACD,OAAO,eAAe,CAAA;SACvB;QAAC,MAAM;YACN,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAA;SACpE;IACH,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,YAAY,CACvB,wBAAqC,EACrC,aAAqE,EACrE,SAAuB,EACvB,UAAwB,EACxB,YAAgC,EAChC,UAAoB,EACpB,gBAAyB;QAEzB,IAAI,aAAa,IAAI,IAAI,IAAI,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE;YACpE,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAA;SACxE;QACD,IAAI;YACF,MAAM,EAAE,SAAS,EAAE,kBAAkB,EAAE,GACrC,MAAM,wBAAwB,CAAC,OAAO,CACpC;gBACE,UAAU,EAAE,cAAK,CAAC,OAAO,CAAC,aAAa,CAAC,SAAS,CAAC,EAAE,QAAQ,CAAC;gBAC7D,GAAG,wBAAW,CAAC,oCAAoC,CAAC,SAAS,CAAC;gBAC9D,YAAY;gBACZ,UAAU;gBACV,gBAAgB;aACjB,CACF,CAAA;YAEH,MAAM,mBAAmB,GAAG,IAAI,qBAAY,CAAC,kBAAkB,CAAC,CAAC,OAAO,CACtE,cAAK,CAAC,OAAO,CAAC,UAAU,EAAE,QAAQ,CAAC,CACpC,CAAA;YACD,OAAO;gBACL,kBAAkB;gBAClB,mBAAmB,EAAE,cAAK,CAAC,MAAM,CAAC,mBAA+B,CAAC;aACnE,CAAA;SACF;QAAC,MAAM;YACN,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAA;SACxD;IACH,CAAC;CACF;AArUD,8CAqUC"}
|
|
@@ -20,9 +20,11 @@ class VerifiableCertificate extends Certificate_js_1.default {
|
|
|
20
20
|
* Decrypts selectively revealed certificate fields using the provided keyring and verifier wallet
|
|
21
21
|
* @param {ProtoWallet} verifierWallet - The wallet instance of the certificate's verifier, used to decrypt field keys.
|
|
22
22
|
* @returns {Promise<Record<CertificateFieldNameUnder50Bytes, string>>} - A promise that resolves to an object where each key is a field name and each value is the decrypted field value as a string.
|
|
23
|
+
* @param {BooleanDefaultFalse} [privileged] - Whether this is a privileged request.
|
|
24
|
+
* @param {DescriptionString5to50Bytes} [privilegedReason] - Reason provided for privileged access, required if this is a privileged operation.
|
|
23
25
|
* @throws {Error} Throws an error if any of the decryption operations fail, with a message indicating the failure context.
|
|
24
26
|
*/
|
|
25
|
-
async decryptFields(verifierWallet) {
|
|
27
|
+
async decryptFields(verifierWallet, privileged, privilegedReason) {
|
|
26
28
|
if (this.keyring == null || Object.keys(this.keyring).length === 0) { // ✅ Explicitly check null and empty object
|
|
27
29
|
throw new Error('A keyring is required to decrypt certificate fields for the verifier.');
|
|
28
30
|
}
|
|
@@ -32,7 +34,9 @@ class VerifiableCertificate extends Certificate_js_1.default {
|
|
|
32
34
|
const { plaintext: fieldRevelationKey } = await verifierWallet.decrypt({
|
|
33
35
|
ciphertext: mod_js_1.Utils.toArray(this.keyring[fieldName], 'base64'),
|
|
34
36
|
...Certificate_js_1.default.getCertificateFieldEncryptionDetails(fieldName, this.serialNumber),
|
|
35
|
-
counterparty: this.subject
|
|
37
|
+
counterparty: this.subject,
|
|
38
|
+
privileged,
|
|
39
|
+
privilegedReason
|
|
36
40
|
});
|
|
37
41
|
const fieldValue = new mod_js_1.SymmetricKey(fieldRevelationKey).decrypt(mod_js_1.Utils.toArray(this.fields[fieldName], 'base64'));
|
|
38
42
|
decryptedFields[fieldName] = mod_js_1.Utils.toUTF8(fieldValue);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"VerifiableCertificate.js","sourceRoot":"","sources":["../../../../../src/auth/certificates/VerifiableCertificate.ts"],"names":[],"mappings":";;;;;;AAAA,4CASwB;AACxB,sEAA0C;AAE1C;;;GAGG;AACH,MAAa,qBAAsB,SAAQ,wBAAW;IAYpD,YACE,IAAkB,EAClB,YAA0B,EAC1B,OAAkB,EAClB,SAAoB,EACpB,kBAAkC,EAClC,MAAwD,EACxD,OAAyD,EACzD,SAAqB,EACrB,eAAwE;QAExE,KAAK,CACH,IAAI,EACJ,YAAY,EACZ,OAAO,EACP,SAAS,EACT,kBAAkB,EAClB,MAAM,EACN,SAAS,CACV,CAAA;QACD,IAAI,CAAC,OAAO,GAAG,OAAO,CAAA;QACtB,IAAI,CAAC,eAAe,GAAG,eAAe,CAAA;IACxC,CAAC;IAED
|
|
1
|
+
{"version":3,"file":"VerifiableCertificate.js","sourceRoot":"","sources":["../../../../../src/auth/certificates/VerifiableCertificate.ts"],"names":[],"mappings":";;;;;;AAAA,4CASwB;AACxB,sEAA0C;AAE1C;;;GAGG;AACH,MAAa,qBAAsB,SAAQ,wBAAW;IAYpD,YACE,IAAkB,EAClB,YAA0B,EAC1B,OAAkB,EAClB,SAAoB,EACpB,kBAAkC,EAClC,MAAwD,EACxD,OAAyD,EACzD,SAAqB,EACrB,eAAwE;QAExE,KAAK,CACH,IAAI,EACJ,YAAY,EACZ,OAAO,EACP,SAAS,EACT,kBAAkB,EAClB,MAAM,EACN,SAAS,CACV,CAAA;QACD,IAAI,CAAC,OAAO,GAAG,OAAO,CAAA;QACtB,IAAI,CAAC,eAAe,GAAG,eAAe,CAAA;IACxC,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,aAAa,CACjB,cAA2B,EAC3B,UAAoB,EACpB,gBAAyB;QAEzB,IAAI,IAAI,CAAC,OAAO,IAAI,IAAI,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,EAAE,2CAA2C;YAC/G,MAAM,IAAI,KAAK,CACb,uEAAuE,CACxE,CAAA;SACF;QAED,IAAI;YACF,MAAM,eAAe,GACnB,EAAE,CAAA;YACJ,KAAK,MAAM,SAAS,IAAI,IAAI,CAAC,OAAO,EAAE;gBACpC,MAAM,EAAE,SAAS,EAAE,kBAAkB,EAAE,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC;oBACrE,UAAU,EAAE,cAAK,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,QAAQ,CAAC;oBAC5D,GAAG,wBAAW,CAAC,oCAAoC,CACjD,SAAS,EACT,IAAI,CAAC,YAAY,CAClB;oBACD,YAAY,EAAE,IAAI,CAAC,OAAO;oBAC1B,UAAU;oBACV,gBAAgB;iBACjB,CAAC,CAAA;gBAEF,MAAM,UAAU,GAAG,IAAI,qBAAY,CAAC,kBAAkB,CAAC,CAAC,OAAO,CAC7D,cAAK,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,QAAQ,CAAC,CAChD,CAAA;gBACD,eAAe,CAAC,SAAS,CAAC,GAAG,cAAK,CAAC,MAAM,CAAC,UAAsB,CAAC,CAAA;aAClE;YACD,OAAO,eAAe,CAAA;SACvB;QAAC,OAAO,KAAK,EAAE;YACd,MAAM,IAAI,KAAK,CACb,4EAA4E,MAAM,CAAC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,EAAE,CAErI,CAAA;SACF;IACH,CAAC;CACF;AAnFD,sDAmFC"}
|