@fedify/fedify 0.10.0-dev.190 → 0.10.0-dev.195

package/esm/nodeinfo/types.js

@@ -1,4 +1,4 @@
-import { format } from "../deps/jsr.io/@std/semver/0.224.2/mod.js";
+import { format } from "../deps/jsr.io/@std/semver/0.224.3/mod.js";
 /**
  * Converts a {@link NodeInfo} object to a JSON value.
  * @param nodeInfo The {@link NodeInfo} object to convert.

package/esm/runtime/key.js

@@ -1,5 +1,12 @@
 import * as dntShim from "../_dnt.shims.js";
+import { createPublicKey } from "node:crypto";
+import { concat } from "../deps/jsr.io/@std/bytes/0.224.0/concat.js";
 import { decodeBase64, encodeBase64 } from "../deps/jsr.io/@std/encoding/0.224.3/base64.js";
+import { decodeBase64Url } from "../deps/jsr.io/@std/encoding/0.224.3/base64url.js";
+import { decodeHex } from "../deps/jsr.io/@std/encoding/0.224.3/hex.js";
+import { Integer, Sequence } from "asn1js";
+import { decode, encode } from "multibase";
+import { addPrefix, getCodeFromData, rmPrefix } from "multicodec";
 import { PublicKeyInfo } from "pkijs";
 import { validateCryptoKey } from "../sig/key.js";
 const algorithms = {
@@ -44,3 +51,78 @@ export async function exportSpki(key) {
     pem = (pem.match(/.{1,64}/g) || []).join("\n");
     return `-----BEGIN PUBLIC KEY-----\n${pem}\n-----END PUBLIC KEY-----\n`;
 }
+/**
+ * Imports a [Multibase]-encoded public key.
+ *
+ * [Multibase]: https://www.w3.org/TR/vc-data-integrity/#multibase-0
+ * @param key The Multibase-encoded public key.
+ * @returns The imported public key.
+ * @throws {TypeError} If the key is invalid or unsupported.
+ * @since 0.10.0
+ */
+export async function importMultibaseKey(key) {
+    const decoded = decode(key);
+    const code = getCodeFromData(decoded);
+    const content = rmPrefix(decoded);
+    if (code === 0x1205) { // rsa-pub
+        const keyObject = createPublicKey({
+            // deno-lint-ignore no-explicit-any
+            key: content,
+            format: "der",
+            type: "pkcs1",
+        });
+        const spki = keyObject.export({ type: "spki", format: "der" }).buffer;
+        return await dntShim.crypto.subtle.importKey("spki", spki, { name: "RSASSA-PKCS1-v1_5", hash: "SHA-256" }, true, ["verify"]);
+    }
+    else if (code === 0xed) { // ed25519-pub
+        return await dntShim.crypto.subtle.importKey("raw", content, "Ed25519", true, ["verify"]);
+    }
+    else {
+        throw new TypeError("Unsupported key type: " + code);
+    }
+}
+/**
+ * Exports a public key in [Multibase] format.
+ *
+ * [Multibase]: https://www.w3.org/TR/vc-data-integrity/#multibase-0
+ * @param key The public key to export.
+ * @returns The exported public key in Multibase format.
+ * @throws {TypeError} If the key is invalid or unsupported.
+ * @since 0.10.0
+ */
+export async function exportMultibaseKey(key) {
+    let content;
+    let code;
+    if (key.algorithm.name === "Ed25519") {
+        content = await dntShim.crypto.subtle.exportKey("raw", key);
+        code = 0xed; // ed25519-pub
+    }
+    else if (key.algorithm.name === "RSASSA-PKCS1-v1_5" &&
+        key.algorithm.hash.name ===
+            "SHA-256") {
+        const jwk = await dntShim.crypto.subtle.exportKey("jwk", key);
+        const n = concat([new Uint8Array([0]), decodeBase64Url(jwk.n)]);
+        const sequence = new Sequence({
+            value: [
+                new Integer({
+                    isHexOnly: true,
+                    valueHex: n,
+                }),
+                new Integer({
+                    isHexOnly: true,
+                    valueHex: decodeBase64Url(jwk.e),
+                }),
+            ],
+        });
+        content = sequence.toBER(false);
+        code = 0x1205; // rsa-pub
+    }
+    else {
+        throw new TypeError("Unsupported key type: " + JSON.stringify(key.algorithm));
+    }
+    const codeHex = code.toString(16);
+    const codeBytes = decodeHex(codeHex.length % 2 < 1 ? codeHex : "0" + codeHex);
+    const prefixed = addPrefix(codeBytes, new Uint8Array(content));
+    const encoded = encode("base58btc", prefixed);
+    return new TextDecoder().decode(encoded);
+}

package/esm/testing/fixtures/w3id.org/security/multikey/v1

@@ -0,0 +1,35 @@
+{
+  "@context": {
+    "id": "@id",
+    "type": "@type",
+    "@protected": true,
+    "Multikey": {
+      "@id": "https://w3id.org/security#Multikey",
+      "@context": {
+        "@protected": true,
+        "id": "@id",
+        "type": "@type",
+        "controller": {
+          "@id": "https://w3id.org/security#controller",
+          "@type": "@id"
+        },
+        "revoked": {
+          "@id": "https://w3id.org/security#revoked",
+          "@type": "http://www.w3.org/2001/XMLSchema#dateTime"
+        },
+        "expires": {
+          "@id": "https://w3id.org/security#expiration",
+          "@type": "http://www.w3.org/2001/XMLSchema#dateTime"
+        },
+        "publicKeyMultibase": {
+          "@id": "https://w3id.org/security#publicKeyMultibase",
+          "@type": "https://w3id.org/security#multibase"
+        },
+        "secretKeyMultibase": {
+          "@id": "https://w3id.org/security#secretKeyMultibase",
+          "@type": "https://w3id.org/security#multibase"
+        }
+      }
+    }
+  }
+}

package/esm/testing/fixtures/www.w3.org/ns/did/v1

@@ -0,0 +1,58 @@
+{
+  "@context": {
+    "@protected": true,
+    "id": "@id",
+    "type": "@type",
+
+    "alsoKnownAs": {
+      "@id": "https://www.w3.org/ns/activitystreams#alsoKnownAs",
+      "@type": "@id"
+    },
+    "assertionMethod": {
+      "@id": "https://w3id.org/security#assertionMethod",
+      "@type": "@id",
+      "@container": "@set"
+    },
+    "authentication": {
+      "@id": "https://w3id.org/security#authenticationMethod",
+      "@type": "@id",
+      "@container": "@set"
+    },
+    "capabilityDelegation": {
+      "@id": "https://w3id.org/security#capabilityDelegationMethod",
+      "@type": "@id",
+      "@container": "@set"
+    },
+    "capabilityInvocation": {
+      "@id": "https://w3id.org/security#capabilityInvocationMethod",
+      "@type": "@id",
+      "@container": "@set"
+    },
+    "controller": {
+      "@id": "https://w3id.org/security#controller",
+      "@type": "@id"
+    },
+    "keyAgreement": {
+      "@id": "https://w3id.org/security#keyAgreementMethod",
+      "@type": "@id",
+      "@container": "@set"
+    },
+    "service": {
+      "@id": "https://www.w3.org/ns/did#service",
+      "@type": "@id",
+      "@context": {
+        "@protected": true,
+        "id": "@id",
+        "type": "@type",
+        "serviceEndpoint": {
+          "@id": "https://www.w3.org/ns/did#serviceEndpoint",
+          "@type": "@id"
+        }
+      }
+    },
+    "verificationMethod": {
+      "@id": "https://w3id.org/security#verificationMethod",
+      "@type": "@id"
+    }
+  }
+}

package/esm/vocab/application.yaml

@@ -7,6 +7,8 @@ description: Describes a software application.
 defaultContext:
 - "https://www.w3.org/ns/activitystreams"
 - "https://w3id.org/security/v1"
+- "https://www.w3.org/ns/did/v1"
+- "https://w3id.org/security/multikey/v1"
 - manuallyApprovesFollowers: "as:manuallyApprovesFollowers"
   toot: "http://joinmastodon.org/ns#"
   discoverable: "toot:discoverable"
@@ -38,6 +40,18 @@ properties:
   range:
   - "https://w3id.org/security#Key"
 
+- pluralName: assertionMethods
+  singularName: assertionMethod
+  singularAccessor: true
+  uri: "https://w3id.org/security#assertionMethod"
+  description: |
+    Represents this actor's public keys.  It serves as equivalent to
+    the `publicKeys` property, but is used for [FEP-521a] compliance.
+
+    [FEP-521a]: https://codeberg.org/fediverse/fep/src/branch/main/fep/521a/fep-521a.md
+  range:
+  - "https://w3id.org/security#Multikey"
+
 - singularName: manuallyApprovesFollowers
   functional: true
   uri: "https://www.w3.org/ns/activitystreams#manuallyApprovesFollowers"
@@ -67,7 +81,7 @@ properties:
     followers, and a specific actor who also follows the recipient actor,
     and the server has failed to de-duplicate the recipients list.
     Such deduplication MUST be performed by comparing the `id` of the activities
-    and dropping any activities already seen. 
+    and dropping any activities already seen.
   range:
   - "https://www.w3.org/ns/activitystreams#OrderedCollection"
 

package/esm/vocab/group.yaml

@@ -7,6 +7,8 @@ description: Represents a formal or informal collective of Actors.
 defaultContext:
 - "https://www.w3.org/ns/activitystreams"
 - "https://w3id.org/security/v1"
+- "https://www.w3.org/ns/did/v1"
+- "https://w3id.org/security/multikey/v1"
 - manuallyApprovesFollowers: "as:manuallyApprovesFollowers"
   toot: "http://joinmastodon.org/ns#"
   discoverable: "toot:discoverable"
@@ -38,6 +40,18 @@ properties:
   range:
   - "https://w3id.org/security#Key"
 
+- pluralName: assertionMethods
+  singularName: assertionMethod
+  singularAccessor: true
+  uri: "https://w3id.org/security#assertionMethod"
+  description: |
+    Represents this actor's public keys.  It serves as equivalent to
+    the `publicKeys` property, but is used for [FEP-521a] compliance.
+
+    [FEP-521a]: https://codeberg.org/fediverse/fep/src/branch/main/fep/521a/fep-521a.md
+  range:
+  - "https://w3id.org/security#Multikey"
+
 - singularName: manuallyApprovesFollowers
   functional: true
   uri: "https://www.w3.org/ns/activitystreams#manuallyApprovesFollowers"
@@ -67,7 +81,7 @@ properties:
     followers, and a specific actor who also follows the recipient actor,
     and the server has failed to de-duplicate the recipients list.
     Such deduplication MUST be performed by comparing the `id` of the activities
-    and dropping any activities already seen. 
+    and dropping any activities already seen.
   range:
   - "https://www.w3.org/ns/activitystreams#OrderedCollection"
 

package/esm/vocab/multikey.yaml

@@ -0,0 +1,33 @@
+$schema: ../codegen/schema.yaml
+name: Multikey
+uri: "https://w3id.org/security#Multikey"
+entity: true
+description: |
+  Represents a key owned by an actor according to [FEP-521a: Representing
+  actor's public keys.][1]
+
+  [1]: https://codeberg.org/fediverse/fep/src/branch/main/fep/521a/fep-521a.md
+defaultContext: "https://w3id.org/security/multikey/v1"
+
+properties:
+- singularName: controller
+  functional: true
+  uri: "https://w3id.org/security#controller"
+  description: An actor who owns this key.
+  range:
+  - "https://www.w3.org/ns/activitystreams#Application"
+  - "https://www.w3.org/ns/activitystreams#Group"
+  - "https://www.w3.org/ns/activitystreams#Organization"
+  - "https://www.w3.org/ns/activitystreams#Person"
+  - "https://www.w3.org/ns/activitystreams#Service"
+
+- singularName: publicKey
+  functional: true
+  uri: "https://w3id.org/security#publicKeyMultibase"
+  description: |
+    A [Multibase]-encoded value of a [Multicodec] prefix and the key.
+
+    [Multibase]: https://www.w3.org/TR/vc-data-integrity/#multibase-0
+    [Multicodec]: https://github.com/multiformats/multicodec/
+  range:
+  - "fedify:multibaseKey"

package/esm/vocab/organization.yaml

@@ -7,6 +7,8 @@ description: Represents an organization.
 defaultContext:
 - "https://www.w3.org/ns/activitystreams"
 - "https://w3id.org/security/v1"
+- "https://www.w3.org/ns/did/v1"
+- "https://w3id.org/security/multikey/v1"
 - manuallyApprovesFollowers: "as:manuallyApprovesFollowers"
   toot: "http://joinmastodon.org/ns#"
   discoverable: "toot:discoverable"
@@ -38,6 +40,18 @@ properties:
   range:
   - "https://w3id.org/security#Key"
 
+- pluralName: assertionMethods
+  singularName: assertionMethod
+  singularAccessor: true
+  uri: "https://w3id.org/security#assertionMethod"
+  description: |
+    Represents this actor's public keys.  It serves as equivalent to
+    the `publicKeys` property, but is used for [FEP-521a] compliance.
+
+    [FEP-521a]: https://codeberg.org/fediverse/fep/src/branch/main/fep/521a/fep-521a.md
+  range:
+  - "https://w3id.org/security#Multikey"
+
 - singularName: manuallyApprovesFollowers
   functional: true
   uri: "https://www.w3.org/ns/activitystreams#manuallyApprovesFollowers"
@@ -67,7 +81,7 @@ properties:
     followers, and a specific actor who also follows the recipient actor,
     and the server has failed to de-duplicate the recipients list.
     Such deduplication MUST be performed by comparing the `id` of the activities
-    and dropping any activities already seen. 
+    and dropping any activities already seen.
   range:
   - "https://www.w3.org/ns/activitystreams#OrderedCollection"
 

package/esm/vocab/person.yaml

@@ -7,6 +7,8 @@ description: Represents an individual person.
 defaultContext:
 - "https://www.w3.org/ns/activitystreams"
 - "https://w3id.org/security/v1"
+- "https://www.w3.org/ns/did/v1"
+- "https://w3id.org/security/multikey/v1"
 - manuallyApprovesFollowers: "as:manuallyApprovesFollowers"
   toot: "http://joinmastodon.org/ns#"
   discoverable: "toot:discoverable"
@@ -38,6 +40,18 @@ properties:
   range:
   - "https://w3id.org/security#Key"
 
+- pluralName: assertionMethods
+  singularName: assertionMethod
+  singularAccessor: true
+  uri: "https://w3id.org/security#assertionMethod"
+  description: |
+    Represents this actor's public keys.  It serves as equivalent to
+    the `publicKeys` property, but is used for [FEP-521a] compliance.
+
+    [FEP-521a]: https://codeberg.org/fediverse/fep/src/branch/main/fep/521a/fep-521a.md
+  range:
+  - "https://w3id.org/security#Multikey"
+
 - singularName: manuallyApprovesFollowers
   functional: true
   uri: "https://www.w3.org/ns/activitystreams#manuallyApprovesFollowers"
@@ -67,7 +81,7 @@ properties:
     followers, and a specific actor who also follows the recipient actor,
     and the server has failed to de-duplicate the recipients list.
     Such deduplication MUST be performed by comparing the `id` of the activities
-    and dropping any activities already seen. 
+    and dropping any activities already seen.
   range:
   - "https://www.w3.org/ns/activitystreams#OrderedCollection"
 

package/esm/vocab/service.yaml

@@ -7,6 +7,8 @@ description: Represents a service of any kind.
 defaultContext:
 - "https://www.w3.org/ns/activitystreams"
 - "https://w3id.org/security/v1"
+- "https://www.w3.org/ns/did/v1"
+- "https://w3id.org/security/multikey/v1"
 - manuallyApprovesFollowers: "as:manuallyApprovesFollowers"
   toot: "http://joinmastodon.org/ns#"
   discoverable: "toot:discoverable"
@@ -38,6 +40,18 @@ properties:
   range:
   - "https://w3id.org/security#Key"
 
+- pluralName: assertionMethods
+  singularName: assertionMethod
+  singularAccessor: true
+  uri: "https://w3id.org/security#assertionMethod"
+  description: |
+    Represents this actor's public keys.  It serves as equivalent to
+    the `publicKeys` property, but is used for [FEP-521a] compliance.
+
+    [FEP-521a]: https://codeberg.org/fediverse/fep/src/branch/main/fep/521a/fep-521a.md
+  range:
+  - "https://w3id.org/security#Multikey"
+
 - singularName: manuallyApprovesFollowers
   functional: true
   uri: "https://www.w3.org/ns/activitystreams#manuallyApprovesFollowers"
@@ -67,7 +81,7 @@ properties:
     followers, and a specific actor who also follows the recipient actor,
     and the server has failed to de-duplicate the recipients list.
     Such deduplication MUST be performed by comparing the `id` of the activities
-    and dropping any activities already seen. 
+    and dropping any activities already seen.
   range:
   - "https://www.w3.org/ns/activitystreams#OrderedCollection"