@dwk/http-signatures 0.1.0-beta.0

package/dist/components.d.ts

@@ -0,0 +1,26 @@
+/**
+ * Covered-component value derivation (RFC 9421 §2.1–2.2), shared by the
+ * signature-base builder and the verifier.
+ *
+ * Supports the derived components needed for request signing — `@method`,
+ * `@target-uri`, `@authority`, `@scheme`, `@request-target`, `@path`,
+ * `@query` — and any HTTP header field (matched case-insensitively, with
+ * multiple field lines folded into one `", "`-joined value per §2.1).
+ * Component parameters (`;sf`, `;key`, `;bs`, `@query-param`, …) are not
+ * supported and are reported by the caller as malformed.
+ */
+import type { HttpMessage } from "./types";
+export interface DerivationContext {
+    message: HttpMessage;
+    url: URL;
+    headers: Map<string, string>;
+}
+/** Parse the message URL once and capture a normalized header view. */
+export declare function derivationContext(message: HttpMessage): DerivationContext | null;
+/**
+ * Derive the value of a single covered component. Returns `null` when the
+ * component is unsupported (a `@`-derived name we do not implement) or absent
+ * (a header the message does not carry).
+ */
+export declare function deriveComponentValue(ctx: DerivationContext, name: string): string | null;
+//# sourceMappingURL=components.d.ts.map

package/dist/components.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"components.d.ts","sourceRoot":"","sources":["../src/components.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAiB3C,MAAM,WAAW,iBAAiB;IAChC,OAAO,EAAE,WAAW,CAAC;IACrB,GAAG,EAAE,GAAG,CAAC;IACT,OAAO,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAC9B;AAED,uEAAuE;AACvE,wBAAgB,iBAAiB,CAC/B,OAAO,EAAE,WAAW,GACnB,iBAAiB,GAAG,IAAI,CAQ1B;AAED;;;;GAIG;AACH,wBAAgB,oBAAoB,CAClC,GAAG,EAAE,iBAAiB,EACtB,IAAI,EAAE,MAAM,GACX,MAAM,GAAG,IAAI,CAsBf"}

package/dist/components.js

@@ -0,0 +1,65 @@
+/**
+ * Covered-component value derivation (RFC 9421 §2.1–2.2), shared by the
+ * signature-base builder and the verifier.
+ *
+ * Supports the derived components needed for request signing — `@method`,
+ * `@target-uri`, `@authority`, `@scheme`, `@request-target`, `@path`,
+ * `@query` — and any HTTP header field (matched case-insensitively, with
+ * multiple field lines folded into one `", "`-joined value per §2.1).
+ * Component parameters (`;sf`, `;key`, `;bs`, `@query-param`, …) are not
+ * supported and are reported by the caller as malformed.
+ */
+/** Build a case-insensitive view of the message's header values, OWS-trimmed. */
+function headerMap(headers) {
+    const map = new Map();
+    for (const [name, value] of Object.entries(headers)) {
+        // RFC 9421 §2.1: strip leading/trailing OWS from each field value and join
+        // multiple values with ", ". Internal whitespace is preserved verbatim —
+        // collapsing it would change the signed value and break verification.
+        const joined = Array.isArray(value)
+            ? value.map((v) => v.trim()).join(", ")
+            : value.trim();
+        map.set(name.toLowerCase(), joined);
+    }
+    return map;
+}
+/** Parse the message URL once and capture a normalized header view. */
+export function derivationContext(message) {
+    let url;
+    try {
+        url = new URL(message.url);
+    }
+    catch {
+        return null;
+    }
+    return { message, url, headers: headerMap(message.headers) };
+}
+/**
+ * Derive the value of a single covered component. Returns `null` when the
+ * component is unsupported (a `@`-derived name we do not implement) or absent
+ * (a header the message does not carry).
+ */
+export function deriveComponentValue(ctx, name) {
+    if (name.startsWith("@")) {
+        switch (name) {
+            case "@method":
+                return ctx.message.method.toUpperCase();
+            case "@target-uri":
+                return ctx.url.href;
+            case "@authority":
+                return ctx.url.host.toLowerCase();
+            case "@scheme":
+                return ctx.url.protocol.replace(/:$/, "").toLowerCase();
+            case "@request-target":
+                return `${ctx.url.pathname}${ctx.url.search}`;
+            case "@path":
+                return ctx.url.pathname;
+            case "@query":
+                return ctx.url.search === "" ? "?" : ctx.url.search;
+            default:
+                return null;
+        }
+    }
+    return ctx.headers.get(name.toLowerCase()) ?? null;
+}
+//# sourceMappingURL=components.js.map

package/dist/components.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"components.js","sourceRoot":"","sources":["../src/components.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAIH,iFAAiF;AACjF,SAAS,SAAS,CAAC,OAA+B;IAChD,MAAM,GAAG,GAAG,IAAI,GAAG,EAAkB,CAAC;IACtC,KAAK,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QACpD,2EAA2E;QAC3E,yEAAyE;QACzE,sEAAsE;QACtE,MAAM,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;YACjC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC;YACvC,CAAC,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;QACjB,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,EAAE,EAAE,MAAM,CAAC,CAAC;IACtC,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAQD,uEAAuE;AACvE,MAAM,UAAU,iBAAiB,CAC/B,OAAoB;IAEpB,IAAI,GAAQ,CAAC;IACb,IAAI,CAAC;QACH,GAAG,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAC7B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,EAAE,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,SAAS,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;AAC/D,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,oBAAoB,CAClC,GAAsB,EACtB,IAAY;IAEZ,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACzB,QAAQ,IAAI,EAAE,CAAC;YACb,KAAK,SAAS;gBACZ,OAAO,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;YAC1C,KAAK,aAAa;gBAChB,OAAO,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC;YACtB,KAAK,YAAY;gBACf,OAAO,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;YACpC,KAAK,SAAS;gBACZ,OAAO,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC;YAC1D,KAAK,iBAAiB;gBACpB,OAAO,GAAG,GAAG,CAAC,GAAG,CAAC,QAAQ,GAAG,GAAG,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC;YAChD,KAAK,OAAO;gBACV,OAAO,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC;YAC1B,KAAK,QAAQ;gBACX,OAAO,GAAG,CAAC,GAAG,CAAC,MAAM,KAAK,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC;YACtD;gBACE,OAAO,IAAI,CAAC;QAChB,CAAC;IACH,CAAC;IACD,OAAO,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,IAAI,IAAI,CAAC;AACrD,CAAC"}

package/dist/digest.d.ts

@@ -0,0 +1,45 @@
+/**
+ * Body integrity headers.
+ *
+ * - `Content-Digest` (RFC 9530) — a structured-field dictionary whose values
+ *   are byte sequences, e.g. `sha-256=:<base64>:`.
+ * - `Digest` (the legacy RFC 3230 field much of the fediverse still sends),
+ *   e.g. `SHA-256=<base64>`.
+ *
+ * Including a digest in the covered component set is how body tampering is
+ * caught: the signature covers the digest header value, and recomputing the
+ * digest over the received body proves that value still describes the body.
+ */
+/** Hash algorithms supported for digests. */
+export type DigestAlgorithm = "sha-256" | "sha-512";
+/**
+ * Compute the RFC 9530 `Content-Digest` field value for `body`, e.g.
+ * `sha-256=:<base64>:`. The result is meant to be set as the `content-digest`
+ * header and listed among the covered components before signing.
+ */
+export declare function createContentDigest(body: Uint8Array | string, alg?: DigestAlgorithm): Promise<string>;
+/**
+ * Compute the legacy RFC 3230 `Digest` field value for `body`, e.g.
+ * `SHA-256=<base64>` — the spelling fediverse peers expect on the `Digest`
+ * header alongside a `draft-cavage` signature.
+ */
+export declare function createDigest(body: Uint8Array | string, alg?: DigestAlgorithm): Promise<string>;
+/** A reason a digest header failed to verify, or `null` when it matched. */
+export type DigestRejection = "digest_missing" | "digest_unsupported" | "digest_mismatch";
+/**
+ * Verify a received `Content-Digest` field value against `body`. The field is
+ * an RFC 8941 Dictionary of Byte Sequences (RFC 9530 §2), so it is parsed with
+ * the strict structured-fields parser rather than split by hand: a malformed
+ * value — including a lone uppercase algorithm key, which is not a valid sf-key
+ * — fails closed as `digest_mismatch`. Per RFC 9530 §3, entries whose algorithm
+ * the verifier does not support are ignored; every supported entry must match,
+ * and at least one supported entry must be present (otherwise the value is
+ * rejected as `digest_unsupported`).
+ */
+export declare function verifyContentDigest(headerValue: string | null | undefined, body: Uint8Array | string): Promise<DigestRejection | null>;
+/**
+ * Verify a received legacy `Digest` field value (`SHA-256=<base64>`, no colon
+ * wrapping) against `body`.
+ */
+export declare function verifyDigest(headerValue: string | null | undefined, body: Uint8Array | string): Promise<DigestRejection | null>;
+//# sourceMappingURL=digest.d.ts.map

package/dist/digest.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"digest.d.ts","sourceRoot":"","sources":["../src/digest.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAKH,6CAA6C;AAC7C,MAAM,MAAM,eAAe,GAAG,SAAS,GAAG,SAAS,CAAC;AA0BpD;;;;GAIG;AACH,wBAAsB,mBAAmB,CACvC,IAAI,EAAE,UAAU,GAAG,MAAM,EACzB,GAAG,GAAE,eAA2B,GAC/B,OAAO,CAAC,MAAM,CAAC,CAEjB;AAED;;;;GAIG;AACH,wBAAsB,YAAY,CAChC,IAAI,EAAE,UAAU,GAAG,MAAM,EACzB,GAAG,GAAE,eAA2B,GAC/B,OAAO,CAAC,MAAM,CAAC,CAEjB;AAED,4EAA4E;AAC5E,MAAM,MAAM,eAAe,GACvB,gBAAgB,GAChB,oBAAoB,GACpB,iBAAiB,CAAC;AAEtB;;;;;;;;;GASG;AACH,wBAAsB,mBAAmB,CACvC,WAAW,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,EACtC,IAAI,EAAE,UAAU,GAAG,MAAM,GACxB,OAAO,CAAC,eAAe,GAAG,IAAI,CAAC,CAmBjC;AAED;;;GAGG;AACH,wBAAsB,YAAY,CAChC,WAAW,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,EACtC,IAAI,EAAE,UAAU,GAAG,MAAM,GACxB,OAAO,CAAC,eAAe,GAAG,IAAI,CAAC,CAejC"}

package/dist/digest.js

@@ -0,0 +1,128 @@
+/**
+ * Body integrity headers.
+ *
+ * - `Content-Digest` (RFC 9530) — a structured-field dictionary whose values
+ *   are byte sequences, e.g. `sha-256=:<base64>:`.
+ * - `Digest` (the legacy RFC 3230 field much of the fediverse still sends),
+ *   e.g. `SHA-256=<base64>`.
+ *
+ * Including a digest in the covered component set is how body tampering is
+ * caught: the signature covers the digest header value, and recomputing the
+ * digest over the received body proves that value still describes the body.
+ */
+import { base64ToBytes, bytesToBase64 } from "./base64";
+import { parseByteSequenceDictionary, SfParseError } from "./sf";
+const SUBTLE_HASH = {
+    "sha-256": "SHA-256",
+    "sha-512": "SHA-512",
+};
+function toBytes(body) {
+    return typeof body === "string" ? new TextEncoder().encode(body) : body;
+}
+async function hashBytes(body, alg) {
+    const digest = await crypto.subtle.digest(SUBTLE_HASH[alg], toBytes(body));
+    return new Uint8Array(digest);
+}
+async function hash(body, alg) {
+    return bytesToBase64(await hashBytes(body, alg));
+}
+/**
+ * Compute the RFC 9530 `Content-Digest` field value for `body`, e.g.
+ * `sha-256=:<base64>:`. The result is meant to be set as the `content-digest`
+ * header and listed among the covered components before signing.
+ */
+export async function createContentDigest(body, alg = "sha-256") {
+    return `${alg}=:${await hash(body, alg)}:`;
+}
+/**
+ * Compute the legacy RFC 3230 `Digest` field value for `body`, e.g.
+ * `SHA-256=<base64>` — the spelling fediverse peers expect on the `Digest`
+ * header alongside a `draft-cavage` signature.
+ */
+export async function createDigest(body, alg = "sha-256") {
+    return `${alg.toUpperCase()}=${await hash(body, alg)}`;
+}
+/**
+ * Verify a received `Content-Digest` field value against `body`. The field is
+ * an RFC 8941 Dictionary of Byte Sequences (RFC 9530 §2), so it is parsed with
+ * the strict structured-fields parser rather than split by hand: a malformed
+ * value — including a lone uppercase algorithm key, which is not a valid sf-key
+ * — fails closed as `digest_mismatch`. Per RFC 9530 §3, entries whose algorithm
+ * the verifier does not support are ignored; every supported entry must match,
+ * and at least one supported entry must be present (otherwise the value is
+ * rejected as `digest_unsupported`).
+ */
+export async function verifyContentDigest(headerValue, body) {
+    if (!headerValue)
+        return "digest_missing";
+    let dict;
+    try {
+        dict = parseByteSequenceDictionary(headerValue);
+    }
+    catch (err) {
+        if (err instanceof SfParseError)
+            return "digest_mismatch";
+        throw err;
+    }
+    let sawSupported = false;
+    for (const [key, received] of dict) {
+        if (!(key in SUBTLE_HASH))
+            continue;
+        const alg = key;
+        if (!constantTimeEqualBytes(received, await hashBytes(body, alg))) {
+            return "digest_mismatch";
+        }
+        sawSupported = true;
+    }
+    return sawSupported ? null : "digest_unsupported";
+}
+/**
+ * Verify a received legacy `Digest` field value (`SHA-256=<base64>`, no colon
+ * wrapping) against `body`.
+ */
+export async function verifyDigest(headerValue, body) {
+    if (!headerValue)
+        return "digest_missing";
+    let sawSupported = false;
+    for (const entry of headerValue.split(",")) {
+        const eq = entry.indexOf("=");
+        if (eq < 0)
+            continue;
+        const alg = entry.slice(0, eq).trim().toLowerCase();
+        if (!(alg in SUBTLE_HASH))
+            continue;
+        const value = entry.slice(eq + 1).trim();
+        if (!constantTimeEqualBase64(value, await hash(body, alg))) {
+            return "digest_mismatch";
+        }
+        sawSupported = true;
+    }
+    return sawSupported ? null : "digest_unsupported";
+}
+/** Compare two byte arrays in length-constant time. */
+function constantTimeEqualBytes(x, y) {
+    if (x.length !== y.length)
+        return false;
+    let diff = 0;
+    for (let i = 0; i < x.length; i++) {
+        diff |= x[i] ^ y[i];
+    }
+    return diff === 0;
+}
+/**
+ * Compare two base64 strings by their decoded bytes in length-constant time.
+ * A malformed encoding compares unequal rather than throwing.
+ */
+function constantTimeEqualBase64(a, b) {
+    let x;
+    let y;
+    try {
+        x = base64ToBytes(a);
+        y = base64ToBytes(b);
+    }
+    catch {
+        return false;
+    }
+    return constantTimeEqualBytes(x, y);
+}
+//# sourceMappingURL=digest.js.map

package/dist/digest.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"digest.js","sourceRoot":"","sources":["../src/digest.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACxD,OAAO,EAAE,2BAA2B,EAAE,YAAY,EAAE,MAAM,MAAM,CAAC;AAKjE,MAAM,WAAW,GAAoC;IACnD,SAAS,EAAE,SAAS;IACpB,SAAS,EAAE,SAAS;CACrB,CAAC;AAEF,SAAS,OAAO,CAAC,IAAyB;IACxC,OAAO,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AAC1E,CAAC;AAED,KAAK,UAAU,SAAS,CACtB,IAAyB,EACzB,GAAoB;IAEpB,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;IAC3E,OAAO,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC;AAChC,CAAC;AAED,KAAK,UAAU,IAAI,CACjB,IAAyB,EACzB,GAAoB;IAEpB,OAAO,aAAa,CAAC,MAAM,SAAS,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC;AACnD,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,IAAyB,EACzB,MAAuB,SAAS;IAEhC,OAAO,GAAG,GAAG,KAAK,MAAM,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,GAAG,CAAC;AAC7C,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,IAAyB,EACzB,MAAuB,SAAS;IAEhC,OAAO,GAAG,GAAG,CAAC,WAAW,EAAE,IAAI,MAAM,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,EAAE,CAAC;AACzD,CAAC;AAQD;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,WAAsC,EACtC,IAAyB;IAEzB,IAAI,CAAC,WAAW;QAAE,OAAO,gBAAgB,CAAC;IAC1C,IAAI,IAA6B,CAAC;IAClC,IAAI,CAAC;QACH,IAAI,GAAG,2BAA2B,CAAC,WAAW,CAAC,CAAC;IAClD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,GAAG,YAAY,YAAY;YAAE,OAAO,iBAAiB,CAAC;QAC1D,MAAM,GAAG,CAAC;IACZ,CAAC;IACD,IAAI,YAAY,GAAG,KAAK,CAAC;IACzB,KAAK,MAAM,CAAC,GAAG,EAAE,QAAQ,CAAC,IAAI,IAAI,EAAE,CAAC;QACnC,IAAI,CAAC,CAAC,GAAG,IAAI,WAAW,CAAC;YAAE,SAAS;QACpC,MAAM,GAAG,GAAG,GAAsB,CAAC;QACnC,IAAI,CAAC,sBAAsB,CAAC,QAAQ,EAAE,MAAM,SAAS,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,EAAE,CAAC;YAClE,OAAO,iBAAiB,CAAC;QAC3B,CAAC;QACD,YAAY,GAAG,IAAI,CAAC;IACtB,CAAC;IACD,OAAO,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,oBAAoB,CAAC;AACpD,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,WAAsC,EACtC,IAAyB;IAEzB,IAAI,CAAC,WAAW;QAAE,OAAO,gBAAgB,CAAC;IAC1C,IAAI,YAAY,GAAG,KAAK,CAAC;IACzB,KAAK,MAAM,KAAK,IAAI,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;QAC3C,MAAM,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QAC9B,IAAI,EAAE,GAAG,CAAC;YAAE,SAAS;QACrB,MAAM,GAAG,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAqB,CAAC;QACvE,IAAI,CAAC,CAAC,GAAG,IAAI,WAAW,CAAC;YAAE,SAAS;QACpC,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACzC,IAAI,CAAC,uBAAuB,CAAC,KAAK,EAAE,MAAM,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,EAAE,CAAC;YAC3D,OAAO,iBAAiB,CAAC;QAC3B,CAAC;QACD,YAAY,GAAG,IAAI,CAAC;IACtB,CAAC;IACD,OAAO,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,oBAAoB,CAAC;AACpD,CAAC;AAED,uDAAuD;AACvD,SAAS,sBAAsB,CAAC,CAAa,EAAE,CAAa;IAC1D,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IACxC,IAAI,IAAI,GAAG,CAAC,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAClC,IAAI,IAAI,CAAC,CAAC,CAAC,CAAE,GAAG,CAAC,CAAC,CAAC,CAAE,CAAC;IACxB,CAAC;IACD,OAAO,IAAI,KAAK,CAAC,CAAC;AACpB,CAAC;AAED;;;GAGG;AACH,SAAS,uBAAuB,CAAC,CAAS,EAAE,CAAS;IACnD,IAAI,CAAa,CAAC;IAClB,IAAI,CAAa,CAAC;IAClB,IAAI,CAAC;QACH,CAAC,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;QACrB,CAAC,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;IACvB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,sBAAsB,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;AACtC,CAAC"}

package/dist/index.d.ts

@@ -0,0 +1,28 @@
+/**
+ * `@dwk/http-signatures` — HTTP Message Signatures (RFC 9421), with the legacy
+ * `draft-cavage-http-signatures` profile for fediverse interop.
+ *
+ * A pure, runtime-agnostic library: a request reduced to plain data (method,
+ * URL, headers) plus a resolved {@link CryptoKey} goes in, a signing result or a
+ * {@link VerifyResult} comes out. It performs no I/O beyond Web Crypto, holds no
+ * state, and needs no Cloudflare bindings, so it unit-tests without a Workers
+ * runtime.
+ *
+ * It is **protocol-agnostic** — it knows nothing about ActivityPub, IndieWeb, or
+ * Solid. Key resolution (fetching an actor's public key, caching it) is the
+ * caller's responsibility, supplied as a {@link KeyResolver}. Mirroring the
+ * `@dwk/dpop` hardening posture, only asymmetric algorithms from an explicit
+ * allow-list are accepted — never `none` or HMAC — and a resolved key is
+ * validated against the claimed algorithm (RSA modulus floor, EC curve) before
+ * any signature is checked.
+ *
+ * @see spec/packages/http-signatures.md
+ * @packageDocumentation
+ */
+export { signMessage, type SignParams } from "./sign";
+export { verifyMessage, type VerifyParams } from "./verify";
+export type { KeyResolver } from "./rfc9421";
+export { createContentDigest, createDigest, verifyContentDigest, verifyDigest, type DigestAlgorithm, type DigestRejection, } from "./digest";
+export { isSupportedAlgorithm } from "./algorithms";
+export type { HttpMessage, SignatureAlgorithm, SignatureProfile, SignatureFailureReason, VerifyResult, } from "./types";
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAEH,OAAO,EAAE,WAAW,EAAE,KAAK,UAAU,EAAE,MAAM,QAAQ,CAAC;AACtD,OAAO,EAAE,aAAa,EAAE,KAAK,YAAY,EAAE,MAAM,UAAU,CAAC;AAE5D,YAAY,EAAE,WAAW,EAAE,MAAM,WAAW,CAAC;AAE7C,OAAO,EACL,mBAAmB,EACnB,YAAY,EACZ,mBAAmB,EACnB,YAAY,EACZ,KAAK,eAAe,EACpB,KAAK,eAAe,GACrB,MAAM,UAAU,CAAC;AAElB,OAAO,EAAE,oBAAoB,EAAE,MAAM,cAAc,CAAC;AAEpD,YAAY,EACV,WAAW,EACX,kBAAkB,EAClB,gBAAgB,EAChB,sBAAsB,EACtB,YAAY,GACb,MAAM,SAAS,CAAC"}

package/dist/index.js

@@ -0,0 +1,26 @@
+/**
+ * `@dwk/http-signatures` — HTTP Message Signatures (RFC 9421), with the legacy
+ * `draft-cavage-http-signatures` profile for fediverse interop.
+ *
+ * A pure, runtime-agnostic library: a request reduced to plain data (method,
+ * URL, headers) plus a resolved {@link CryptoKey} goes in, a signing result or a
+ * {@link VerifyResult} comes out. It performs no I/O beyond Web Crypto, holds no
+ * state, and needs no Cloudflare bindings, so it unit-tests without a Workers
+ * runtime.
+ *
+ * It is **protocol-agnostic** — it knows nothing about ActivityPub, IndieWeb, or
+ * Solid. Key resolution (fetching an actor's public key, caching it) is the
+ * caller's responsibility, supplied as a {@link KeyResolver}. Mirroring the
+ * `@dwk/dpop` hardening posture, only asymmetric algorithms from an explicit
+ * allow-list are accepted — never `none` or HMAC — and a resolved key is
+ * validated against the claimed algorithm (RSA modulus floor, EC curve) before
+ * any signature is checked.
+ *
+ * @see spec/packages/http-signatures.md
+ * @packageDocumentation
+ */
+export { signMessage } from "./sign";
+export { verifyMessage } from "./verify";
+export { createContentDigest, createDigest, verifyContentDigest, verifyDigest, } from "./digest";
+export { isSupportedAlgorithm } from "./algorithms";
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAEH,OAAO,EAAE,WAAW,EAAmB,MAAM,QAAQ,CAAC;AACtD,OAAO,EAAE,aAAa,EAAqB,MAAM,UAAU,CAAC;AAI5D,OAAO,EACL,mBAAmB,EACnB,YAAY,EACZ,mBAAmB,EACnB,YAAY,GAGb,MAAM,UAAU,CAAC;AAElB,OAAO,EAAE,oBAAoB,EAAE,MAAM,cAAc,CAAC"}

package/dist/rfc9421.d.ts

@@ -0,0 +1,49 @@
+/**
+ * The RFC 9421 wire profile: the `Signature-Input` / `Signature`
+ * structured-field pair, the signature base of §2.5, and the `@signature-params`
+ * line.
+ */
+import type { HttpMessage, SignatureAlgorithm, VerifyResult } from "./types";
+/** Resolved signing inputs for the RFC 9421 profile. */
+export interface Rfc9421SignParams {
+    key: CryptoKey;
+    keyId: string;
+    alg: SignatureAlgorithm;
+    components: string[];
+    created: number;
+    expires?: number;
+    nonce?: string;
+    tag?: string;
+    label: string;
+}
+/**
+ * Sign `message` under the RFC 9421 profile. Returns the `Signature-Input` and
+ * `Signature` headers to merge into the request. Throws if a covered component
+ * is absent from the message or the URL cannot be parsed — both signer bugs.
+ */
+export declare function signRfc9421(message: HttpMessage, params: Rfc9421SignParams): Promise<Record<string, string>>;
+/** Resolves a public key (and optionally the algorithm it dictates) for verification. */
+export type KeyResolver = (params: {
+    keyId: string | null;
+    alg: SignatureAlgorithm | null;
+}) => Promise<CryptoKey | null> | (CryptoKey | null);
+/** Parameters for verifying an RFC 9421 signature. */
+export interface Rfc9421VerifyParams {
+    resolveKey: KeyResolver;
+    /** Which labelled signature to verify; required when the message carries more than one. */
+    label?: string;
+    /** Component identifiers that MUST be covered (e.g. `@method`, `date`). */
+    requiredComponents?: string[];
+    /** Require a `created` parameter to be present. */
+    requireCreated?: boolean;
+    /** Current time, epoch seconds. Defaults to `Date.now()`. */
+    now?: number;
+    /** Allowed clock skew, in seconds, for `created`/`expires`. Defaults to 300. */
+    toleranceSeconds?: number;
+}
+/**
+ * Verify an RFC 9421 signature on `message`. Never throws — every failure is a
+ * `{ valid: false, reason }` with a stable {@link SignatureFailureReason}.
+ */
+export declare function verifyRfc9421(message: HttpMessage, params: Rfc9421VerifyParams): Promise<VerifyResult>;
+//# sourceMappingURL=rfc9421.d.ts.map

package/dist/rfc9421.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"rfc9421.d.ts","sourceRoot":"","sources":["../src/rfc9421.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAiBH,OAAO,KAAK,EACV,WAAW,EACX,kBAAkB,EAElB,YAAY,EACb,MAAM,SAAS,CAAC;AAEjB,wDAAwD;AACxD,MAAM,WAAW,iBAAiB;IAChC,GAAG,EAAE,SAAS,CAAC;IACf,KAAK,EAAE,MAAM,CAAC;IACd,GAAG,EAAE,kBAAkB,CAAC;IACxB,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;CACf;AAoBD;;;;GAIG;AACH,wBAAsB,WAAW,CAC/B,OAAO,EAAE,WAAW,EACpB,MAAM,EAAE,iBAAiB,GACxB,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAkCjC;AAED,yFAAyF;AACzF,MAAM,MAAM,WAAW,GAAG,CAAC,MAAM,EAAE;IACjC,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,GAAG,EAAE,kBAAkB,GAAG,IAAI,CAAC;CAChC,KAAK,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC;AAErD,sDAAsD;AACtD,MAAM,WAAW,mBAAmB;IAClC,UAAU,EAAE,WAAW,CAAC;IACxB,2FAA2F;IAC3F,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,2EAA2E;IAC3E,kBAAkB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC9B,mDAAmD;IACnD,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,6DAA6D;IAC7D,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,gFAAgF;IAChF,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B;AAwBD;;;GAGG;AACH,wBAAsB,aAAa,CACjC,OAAO,EAAE,WAAW,EACpB,MAAM,EAAE,mBAAmB,GAC1B,OAAO,CAAC,YAAY,CAAC,CA8HvB"}

package/dist/rfc9421.js

@@ -0,0 +1,216 @@
+/**
+ * The RFC 9421 wire profile: the `Signature-Input` / `Signature`
+ * structured-field pair, the signature base of §2.5, and the `@signature-params`
+ * line.
+ */
+import { deriveAlgFromKey, isSupportedAlgorithm, signBytes, validateKey, verifyBytes, } from "./algorithms";
+import { bytesToBase64, utf8 } from "./base64";
+import { deriveComponentValue, derivationContext } from "./components";
+import { parseSignatureHeader, parseSignatureInput, serializeString, } from "./sf";
+/** Build the `@signature-params` value (inner list plus its parameters). */
+function signatureParamsValue(params) {
+    const items = params.components.map(serializeString).join(" ");
+    let out = `(${items});created=${params.created}`;
+    if (params.expires !== undefined)
+        out += `;expires=${params.expires}`;
+    out += `;keyid=${serializeString(params.keyId)}`;
+    out += `;alg=${serializeString(params.alg)}`;
+    if (params.nonce !== undefined)
+        out += `;nonce=${serializeString(params.nonce)}`;
+    if (params.tag !== undefined)
+        out += `;tag=${serializeString(params.tag)}`;
+    return out;
+}
+/** Build the signature base over `lines` and the `@signature-params` value. */
+function signatureBase(lines, sigParams) {
+    return [...lines, `"@signature-params": ${sigParams}`].join("\n");
+}
+/**
+ * Sign `message` under the RFC 9421 profile. Returns the `Signature-Input` and
+ * `Signature` headers to merge into the request. Throws if a covered component
+ * is absent from the message or the URL cannot be parsed — both signer bugs.
+ */
+export async function signRfc9421(message, params) {
+    const ctx = derivationContext(message);
+    if (ctx === null)
+        throw new Error("http-signatures: message.url is not a valid URL");
+    const sigParams = signatureParamsValue(params);
+    const lines = [];
+    // RFC 9421 §2: each component identifier MUST occur only once in the covered
+    // component list. A repeated identifier is a signer bug — reject it loudly.
+    const seen = new Set();
+    for (const name of params.components) {
+        const id = name.toLowerCase();
+        if (seen.has(id)) {
+            throw new Error(`http-signatures: duplicate covered component "${name}" (RFC 9421 §2)`);
+        }
+        seen.add(id);
+        const value = deriveComponentValue(ctx, name);
+        if (value === null) {
+            throw new Error(`http-signatures: covered component "${name}" is missing from the message`);
+        }
+        lines.push(`${serializeString(name)}: ${value}`);
+    }
+    const signature = await signBytes(params.key, params.alg, utf8(signatureBase(lines, sigParams)));
+    return {
+        "Signature-Input": `${params.label}=${sigParams}`,
+        Signature: `${params.label}=:${bytesToBase64(new Uint8Array(signature))}:`,
+    };
+}
+function paramMap(params) {
+    const map = new Map();
+    for (const [k, v] of params)
+        map.set(k, v);
+    return map;
+}
+function getHeader(message, name) {
+    const lower = name.toLowerCase();
+    for (const [k, v] of Object.entries(message.headers)) {
+        if (k.toLowerCase() === lower)
+            return Array.isArray(v) ? v.join(", ") : v;
+    }
+    return null;
+}
+function fail(reason) {
+    return { valid: false, profile: "rfc9421", reason };
+}
+const DEFAULT_TOLERANCE_SECONDS = 300;
+/**
+ * Verify an RFC 9421 signature on `message`. Never throws — every failure is a
+ * `{ valid: false, reason }` with a stable {@link SignatureFailureReason}.
+ */
+export async function verifyRfc9421(message, params) {
+    const inputHeader = getHeader(message, "signature-input");
+    const sigHeader = getHeader(message, "signature");
+    if (inputHeader === null || sigHeader === null)
+        return fail("signature_missing");
+    let inputs;
+    let signatures;
+    try {
+        inputs = parseSignatureInput(inputHeader);
+    }
+    catch {
+        return fail("signature_input_malformed");
+    }
+    try {
+        signatures = parseSignatureHeader(sigHeader);
+    }
+    catch {
+        return fail("signature_malformed");
+    }
+    // Choose the label to verify.
+    let label = params.label;
+    if (label === undefined) {
+        if (inputs.size === 0)
+            return fail("label_missing");
+        if (inputs.size > 1)
+            return fail("label_ambiguous");
+        label = [...inputs.keys()][0];
+    }
+    const input = inputs.get(label);
+    if (input === undefined)
+        return fail("label_missing");
+    const signature = signatures.get(label);
+    if (signature === undefined)
+        return fail("signature_missing");
+    const sigParams = paramMap(input.params);
+    // RFC 9421 §2.3: `alg` is OPTIONAL. When present it must be allow-listed;
+    // when absent the algorithm is derived from the resolved key below.
+    const algRaw = sigParams.get("alg");
+    let alg = null;
+    if (algRaw !== undefined) {
+        if (typeof algRaw !== "string" || !isSupportedAlgorithm(algRaw)) {
+            return fail("alg_unsupported");
+        }
+        alg = algRaw;
+    }
+    const keyIdRaw = sigParams.get("keyid");
+    const keyId = typeof keyIdRaw === "string" ? keyIdRaw : null;
+    if (keyId === null)
+        return fail("keyid_missing");
+    // created / expires window.
+    const now = params.now ?? Math.floor(Date.now() / 1000);
+    const tolerance = params.toleranceSeconds ?? DEFAULT_TOLERANCE_SECONDS;
+    let created;
+    if (sigParams.has("created")) {
+        const c = sigParams.get("created");
+        if (typeof c !== "number" || !Number.isInteger(c))
+            return fail("created_invalid");
+        created = c;
+        if (c > now + tolerance)
+            return fail("signature_future");
+    }
+    else if (params.requireCreated) {
+        return fail("created_required");
+    }
+    let expires;
+    if (sigParams.has("expires")) {
+        const e = sigParams.get("expires");
+        if (typeof e !== "number" || !Number.isInteger(e))
+            return fail("expires_invalid");
+        expires = e;
+        if (now > e + tolerance)
+            return fail("signature_expired");
+    }
+    // RFC 9421 §2.3: `expires` MUST NOT precede `created`.
+    if (created !== undefined && expires !== undefined && expires < created) {
+        return fail("expires_invalid");
+    }
+    const coveredComponents = input.items.map((item) => String(item.value));
+    // Required-component policy.
+    if (params.requiredComponents) {
+        const covered = new Set(coveredComponents.map((c) => c.toLowerCase()));
+        for (const required of params.requiredComponents) {
+            if (!covered.has(required.toLowerCase()))
+                return fail("required_component_missing");
+        }
+    }
+    // Rebuild the signature base from the named components.
+    const ctx = derivationContext(message);
+    if (ctx === null)
+        return fail("covered_component_missing");
+    const lines = [];
+    // RFC 9421 §2 / §2.5: each component identifier (name plus its serialized
+    // parameters) MUST occur only once; a repeated identifier is malformed.
+    const seen = new Set();
+    for (const item of input.items) {
+        if (item.params.length > 0 || typeof item.value !== "string") {
+            return fail("components_malformed");
+        }
+        const id = item.value.toLowerCase();
+        if (seen.has(id))
+            return fail("components_malformed");
+        seen.add(id);
+        const value = deriveComponentValue(ctx, item.value);
+        if (value === null)
+            return fail("covered_component_missing");
+        lines.push(`${item.raw}: ${value}`);
+    }
+    const base = [...lines, `"@signature-params": ${input.raw}`].join("\n");
+    // Resolve and validate the key, then verify. When `alg` was omitted, derive
+    // it from the resolved key's type (RFC 9421 §2.3).
+    const key = await params.resolveKey({ keyId, alg });
+    if (key === null)
+        return fail("key_unresolved");
+    if (alg === null) {
+        alg = deriveAlgFromKey(key);
+        if (alg === null)
+            return fail("alg_unsupported");
+    }
+    const rejection = validateKey(key, alg);
+    if (rejection !== null)
+        return fail(rejection);
+    const ok = await verifyBytes(key, alg, signature, utf8(base));
+    if (!ok)
+        return fail("signature_invalid");
+    return {
+        valid: true,
+        profile: "rfc9421",
+        label,
+        keyId,
+        coveredComponents,
+        created,
+        expires,
+    };
+}
+//# sourceMappingURL=rfc9421.js.map

package/dist/rfc9421.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"rfc9421.js","sourceRoot":"","sources":["../src/rfc9421.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EACL,gBAAgB,EAChB,oBAAoB,EACpB,SAAS,EACT,WAAW,EACX,WAAW,GACZ,MAAM,cAAc,CAAC;AACtB,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,MAAM,UAAU,CAAC;AAC/C,OAAO,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,MAAM,cAAc,CAAC;AACvE,OAAO,EACL,oBAAoB,EACpB,mBAAmB,EACnB,eAAe,GAEhB,MAAM,MAAM,CAAC;AAqBd,4EAA4E;AAC5E,SAAS,oBAAoB,CAAC,MAAyB;IACrD,MAAM,KAAK,GAAG,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC/D,IAAI,GAAG,GAAG,IAAI,KAAK,aAAa,MAAM,CAAC,OAAO,EAAE,CAAC;IACjD,IAAI,MAAM,CAAC,OAAO,KAAK,SAAS;QAAE,GAAG,IAAI,YAAY,MAAM,CAAC,OAAO,EAAE,CAAC;IACtE,GAAG,IAAI,UAAU,eAAe,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;IACjD,GAAG,IAAI,QAAQ,eAAe,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;IAC7C,IAAI,MAAM,CAAC,KAAK,KAAK,SAAS;QAC5B,GAAG,IAAI,UAAU,eAAe,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;IACnD,IAAI,MAAM,CAAC,GAAG,KAAK,SAAS;QAAE,GAAG,IAAI,QAAQ,eAAe,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;IAC3E,OAAO,GAAG,CAAC;AACb,CAAC;AAED,+EAA+E;AAC/E,SAAS,aAAa,CAAC,KAAe,EAAE,SAAiB;IACvD,OAAO,CAAC,GAAG,KAAK,EAAE,wBAAwB,SAAS,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACpE,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,OAAoB,EACpB,MAAyB;IAEzB,MAAM,GAAG,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;IACvC,IAAI,GAAG,KAAK,IAAI;QACd,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACrE,MAAM,SAAS,GAAG,oBAAoB,CAAC,MAAM,CAAC,CAAC;IAC/C,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,6EAA6E;IAC7E,4EAA4E;IAC5E,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;QACrC,MAAM,EAAE,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;QAC9B,IAAI,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CACb,iDAAiD,IAAI,iBAAiB,CACvE,CAAC;QACJ,CAAC;QACD,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACb,MAAM,KAAK,GAAG,oBAAoB,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAC9C,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;YACnB,MAAM,IAAI,KAAK,CACb,uCAAuC,IAAI,+BAA+B,CAC3E,CAAC;QACJ,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,GAAG,eAAe,CAAC,IAAI,CAAC,KAAK,KAAK,EAAE,CAAC,CAAC;IACnD,CAAC;IACD,MAAM,SAAS,GAAG,MAAM,SAAS,CAC/B,MAAM,CAAC,GAAG,EACV,MAAM,CAAC,GAAG,EACV,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,SAAS,CAAC,CAAC,CACtC,CAAC;IACF,OAAO;QACL,iBAAiB,EAAE,GAAG,MAAM,CAAC,KAAK,IAAI,SAAS,EAAE;QACjD,SAAS,EAAE,GAAG,MAAM,CAAC,KAAK,KAAK,aAAa,CAAC,IAAI,UAAU,CAAC,SAAS,CAAC,CAAC,GAAG;KAC3E,CAAC;AACJ,CAAC;AAuBD,SAAS,QAAQ,CACf,MAAmC;IAEnC,MAAM,GAAG,GAAG,IAAI,GAAG,EAAsB,CAAC;IAC1C,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM;QAAE,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IAC3C,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,SAAS,CAAC,OAAoB,EAAE,IAAY;IACnD,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;IACjC,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QACrD,IAAI,CAAC,CAAC,WAAW,EAAE,KAAK,KAAK;YAAE,OAAO,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC5E,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,IAAI,CAAC,MAA8B;IAC1C,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC;AACtD,CAAC;AAED,MAAM,yBAAyB,GAAG,GAAG,CAAC;AAEtC;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,OAAoB,EACpB,MAA2B;IAE3B,MAAM,WAAW,GAAG,SAAS,CAAC,OAAO,EAAE,iBAAiB,CAAC,CAAC;IAC1D,MAAM,SAAS,GAAG,SAAS,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;IAClD,IAAI,WAAW,KAAK,IAAI,IAAI,SAAS,KAAK,IAAI;QAC5C,OAAO,IAAI,CAAC,mBAAmB,CAAC,CAAC;IAEnC,IAAI,MAA8C,CAAC;IACnD,IAAI,UAAmD,CAAC;IACxD,IAAI,CAAC;QACH,MAAM,GAAG,mBAAmB,CAAC,WAAW,CAAC,CAAC;IAC5C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC,2BAA2B,CAAC,CAAC;IAC3C,CAAC;IACD,IAAI,CAAC;QACH,UAAU,GAAG,oBAAoB,CAAC,SAAS,CAAC,CAAC;IAC/C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC,qBAAqB,CAAC,CAAC;IACrC,CAAC;IAED,8BAA8B;IAC9B,IAAI,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC;IACzB,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;QACxB,IAAI,MAAM,CAAC,IAAI,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC,eAAe,CAAC,CAAC;QACpD,IAAI,MAAM,CAAC,IAAI,GAAG,CAAC;YAAE,OAAO,IAAI,CAAC,iBAAiB,CAAC,CAAC;QACpD,KAAK,GAAG,CAAC,GAAG,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAE,CAAC;IACjC,CAAC;IACD,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IAChC,IAAI,KAAK,KAAK,SAAS;QAAE,OAAO,IAAI,CAAC,eAAe,CAAC,CAAC;IACtD,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IACxC,IAAI,SAAS,KAAK,SAAS;QAAE,OAAO,IAAI,CAAC,mBAAmB,CAAC,CAAC;IAE9D,MAAM,SAAS,GAAG,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACzC,0EAA0E;IAC1E,oEAAoE;IACpE,MAAM,MAAM,GAAG,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IACpC,IAAI,GAAG,GAA8B,IAAI,CAAC;IAC1C,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;QACzB,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,CAAC,oBAAoB,CAAC,MAAM,CAAC,EAAE,CAAC;YAChE,OAAO,IAAI,CAAC,iBAAiB,CAAC,CAAC;QACjC,CAAC;QACD,GAAG,GAAG,MAAM,CAAC;IACf,CAAC;IACD,MAAM,QAAQ,GAAG,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IACxC,MAAM,KAAK,GAAG,OAAO,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC;IAC7D,IAAI,KAAK,KAAK,IAAI;QAAE,OAAO,IAAI,CAAC,eAAe,CAAC,CAAC;IAEjD,4BAA4B;IAC5B,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IACxD,MAAM,SAAS,GAAG,MAAM,CAAC,gBAAgB,IAAI,yBAAyB,CAAC;IACvE,IAAI,OAA2B,CAAC;IAChC,IAAI,SAAS,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC;QAC7B,MAAM,CAAC,GAAG,SAAS,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QACnC,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC;YAC/C,OAAO,IAAI,CAAC,iBAAiB,CAAC,CAAC;QACjC,OAAO,GAAG,CAAC,CAAC;QACZ,IAAI,CAAC,GAAG,GAAG,GAAG,SAAS;YAAE,OAAO,IAAI,CAAC,kBAAkB,CAAC,CAAC;IAC3D,CAAC;SAAM,IAAI,MAAM,CAAC,cAAc,EAAE,CAAC;QACjC,OAAO,IAAI,CAAC,kBAAkB,CAAC,CAAC;IAClC,CAAC;IACD,IAAI,OAA2B,CAAC;IAChC,IAAI,SAAS,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC;QAC7B,MAAM,CAAC,GAAG,SAAS,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QACnC,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC;YAC/C,OAAO,IAAI,CAAC,iBAAiB,CAAC,CAAC;QACjC,OAAO,GAAG,CAAC,CAAC;QACZ,IAAI,GAAG,GAAG,CAAC,GAAG,SAAS;YAAE,OAAO,IAAI,CAAC,mBAAmB,CAAC,CAAC;IAC5D,CAAC;IACD,uDAAuD;IACvD,IAAI,OAAO,KAAK,SAAS,IAAI,OAAO,KAAK,SAAS,IAAI,OAAO,GAAG,OAAO,EAAE,CAAC;QACxE,OAAO,IAAI,CAAC,iBAAiB,CAAC,CAAC;IACjC,CAAC;IAED,MAAM,iBAAiB,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;IAExE,6BAA6B;IAC7B,IAAI,MAAM,CAAC,kBAAkB,EAAE,CAAC;QAC9B,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;QACvE,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,kBAAkB,EAAE,CAAC;YACjD,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;gBACtC,OAAO,IAAI,CAAC,4BAA4B,CAAC,CAAC;QAC9C,CAAC;IACH,CAAC;IAED,wDAAwD;IACxD,MAAM,GAAG,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;IACvC,IAAI,GAAG,KAAK,IAAI;QAAE,OAAO,IAAI,CAAC,2BAA2B,CAAC,CAAC;IAC3D,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,0EAA0E;IAC1E,wEAAwE;IACxE,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,KAAK,EAAE,CAAC;QAC/B,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,IAAI,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC7D,OAAO,IAAI,CAAC,sBAAsB,CAAC,CAAC;QACtC,CAAC;QACD,MAAM,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;QACpC,IAAI,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;YAAE,OAAO,IAAI,CAAC,sBAAsB,CAAC,CAAC;QACtD,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACb,MAAM,KAAK,GAAG,oBAAoB,CAAC,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC;QACpD,IAAI,KAAK,KAAK,IAAI;YAAE,OAAO,IAAI,CAAC,2BAA2B,CAAC,CAAC;QAC7D,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,GAAG,KAAK,KAAK,EAAE,CAAC,CAAC;IACtC,CAAC;IACD,MAAM,IAAI,GAAG,CAAC,GAAG,KAAK,EAAE,wBAAwB,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAExE,4EAA4E;IAC5E,mDAAmD;IACnD,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,UAAU,CAAC,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAC;IACpD,IAAI,GAAG,KAAK,IAAI;QAAE,OAAO,IAAI,CAAC,gBAAgB,CAAC,CAAC;IAChD,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;QACjB,GAAG,GAAG,gBAAgB,CAAC,GAAG,CAAC,CAAC;QAC5B,IAAI,GAAG,KAAK,IAAI;YAAE,OAAO,IAAI,CAAC,iBAAiB,CAAC,CAAC;IACnD,CAAC;IACD,MAAM,SAAS,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IACxC,IAAI,SAAS,KAAK,IAAI;QAAE,OAAO,IAAI,CAAC,SAAS,CAAC,CAAC;IAE/C,MAAM,EAAE,GAAG,MAAM,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,SAAS,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;IAC9D,IAAI,CAAC,EAAE;QAAE,OAAO,IAAI,CAAC,mBAAmB,CAAC,CAAC;IAE1C,OAAO;QACL,KAAK,EAAE,IAAI;QACX,OAAO,EAAE,SAAS;QAClB,KAAK;QACL,KAAK;QACL,iBAAiB;QACjB,OAAO;QACP,OAAO;KACR,CAAC;AACJ,CAAC"}