@kagal/taistamp 0.0.1 → 0.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/README.md +122 -28
  2. package/dist/index.d.mts +113 -54
  3. package/dist/index.d.ts +113 -54
  4. package/dist/index.mjs +113 -39
  5. package/dist/index.mjs.map +1 -1
  6. package/package.json +8 -1
package/README.md CHANGED
@@ -36,11 +36,12 @@ app.get(TAI64N_PATH, (c) => taistamp(c.req.raw));
36
36
  `newTaistampHandler()` returns an
37
37
  `async (request) => Response`. `GET` and `HEAD` succeed
38
38
  with a fresh 25-byte TAI64N label
39
- (`@<sec-hi><sec-lo><nano>`); other methods return `405`
40
- with `Allow: GET, HEAD`. A request that carries more
41
- than one `TAI-Nonce` header is rejected with `400` —
42
- stricter than the spec's "treat as absent" rule, since
43
- a duplicated singleton field is malformed input.
39
+ (`@<sec-hi><sec-lo><nano>`); `OPTIONS` returns `200`
40
+ with `Allow: GET, HEAD, OPTIONS`; other methods return
41
+ `405` with the same `Allow`. A `TAI-Nonce` that is
42
+ missing, empty, duplicated, not a valid sf-binary
43
+ value, or outside the 14–174 octet range is treated as
44
+ absent (no echo, no signature) per spec §5.2.
44
45
 
45
46
  Response headers on success:
46
47
 
@@ -51,12 +52,51 @@ Response headers on success:
51
52
  | `Cache-Control` | `no-store` |
52
53
  | `TAI-Leap-Seconds` | decimal count (e.g. `37`), always present |
53
54
 
54
- A request `TAI-Nonce` is echoed verbatim in the
55
- response. `HEAD` responses carry the same headers as
56
- the corresponding `GET` but never include
57
- `TAI-Key-Selector` or `TAI-Signature` — the signed
58
- payload covers the response body, so a `HEAD` cannot
59
- be verified.
55
+ A request `TAI-Nonce` on `GET` is echoed verbatim in
56
+ the response. `HEAD` responses carry the same headers
57
+ as the corresponding `GET` but never include
58
+ `TAI-Nonce`, `TAI-Key-Selector`, or `TAI-Signature` —
59
+ the signed payload covers the response body, so a
60
+ `HEAD` cannot be verified, and the spec forbids the
61
+ nonce echo on `HEAD` for the same reason.
62
+
63
+ ## CORS
64
+
65
+ The handler is cross-origin permissive by default.
66
+ Pass a specific origin to scope the policy, or
67
+ `false` to disable the CORS-specific headers
68
+ entirely.
69
+
70
+ ```typescript
71
+ newTaistampHandler(); // cors: '*' (default)
72
+ newTaistampHandler({ cors: 'https://example.com' }); // scoped origin
73
+ newTaistampHandler({ cors: false }); // CORS-specific headers off
74
+ ```
75
+
76
+ When CORS is enabled, responses carry:
77
+
78
+ | Response | CORS headers added | `Vary: Origin` (scoped origin only) |
79
+ |----------|--------------------|------|
80
+ | `OPTIONS` 200 | `Access-Control-Allow-Origin`, `Access-Control-Allow-Methods: GET, HEAD`, `Access-Control-Allow-Headers: TAI-Nonce`, `Access-Control-Expose-Headers: TAI-Leap-Seconds, TAI-Nonce, TAI-Key-Selector, TAI-Signature`, `Access-Control-Max-Age: 600` | yes |
81
+ | `GET` / `HEAD` 200 | `Access-Control-Allow-Origin`, `Access-Control-Expose-Headers` (so browser JS can read the `TAI-*` headers) | yes |
82
+ | `405` | `Access-Control-Allow-Origin` | yes |
83
+
84
+ `Vary: Origin` lands on every response when the
85
+ configured origin is anything other than `'*'`, so
86
+ caches can keep per-origin variants distinct. The
87
+ `Allow: GET, HEAD, OPTIONS` and `Access-Control-Allow-Methods:
88
+ GET, HEAD` lists are intentionally different — the
89
+ former is RFC 9110 §9.3.7 method discovery (includes
90
+ `OPTIONS` itself), the latter is the Fetch CORS list
91
+ of methods JS would ever preflight (so `OPTIONS` is
92
+ omitted).
93
+
94
+ With `cors: false` none of the `Access-Control-*` or
95
+ `Vary` headers are emitted, but `OPTIONS` is still
96
+ answered with `200` and
97
+ `Allow: GET, HEAD, OPTIONS` — method discovery
98
+ (RFC 9110 §9.3.7) is independent of cross-origin
99
+ policy.
60
100
 
61
101
  ## Signing
62
102
 
@@ -72,6 +112,13 @@ const taistamp = newTaistampHandler({
72
112
  });
73
113
  ```
74
114
 
115
+ The `Signer` interface and the `newEd25519Signer`
116
+ factory are re-exported from
117
+ [`@kagal/ed25519-secret`](../@kagal-ed25519-secret/README.md)
118
+ — callers of `@kagal/taistamp` get them through this
119
+ package and don't need to depend on the underlying
120
+ package directly.
121
+
75
122
  `signer` and `selector` are co-required: pass both to
76
123
  sign, neither for an unsigned handler. Construction
77
124
  throws if only one is supplied, or if `selector` does
@@ -79,16 +126,17 @@ not match `[A-Za-z][A-Za-z0-9_-]{0,62}` (a single
79
126
  DNS-safe label that starts with a letter and is also a
80
127
  valid Structured Field token).
81
128
 
82
- When the request is a `GET` carrying a `TAI-Nonce` of
83
- 14–174 octets *and* a signer is configured, the
84
- response gains:
129
+ When the request is a `GET` carrying a valid
130
+ `TAI-Nonce` (see Handler section for the
131
+ "treat as absent" rules) *and* a signer is configured,
132
+ the response gains:
85
133
 
86
134
  - `TAI-Key-Selector: <selector>`
87
- - `TAI-Signature: :<base64>:` (sf-binary, RFC 8941)
135
+ - `TAI-Signature: :<base64>:` (sf-binary, RFC 9651)
88
136
  over the framed payload.
89
137
 
90
- `HEAD`, `405`, nonce-less, and out-of-range-nonce
91
- responses are never signed.
138
+ `HEAD`, `405`, and nonce-less responses are never
139
+ signed.
92
140
 
93
141
  The framed payload is:
94
142
 
@@ -153,27 +201,60 @@ signatures stay verifiable until their TXT is removed.
153
201
 
154
202
  ## Verifying
155
203
 
204
+ Spec §7 requires verifiers to use the RFC 8032
205
+ §5.1.7 strict verification procedure (cofactor
206
+ handling, signature-malleability resistance).
207
+ WebCrypto's `Ed25519 verify` is specified to apply
208
+ strict verification; confirm your runtime conforms,
209
+ or fall back to a strict-verify library such as
210
+ `@noble/ed25519`.
211
+
156
212
  ```typescript
157
- import { taistampSignedPayload } from '@kagal/taistamp';
213
+ import {
214
+ asNonce,
215
+ extractLeapSeconds,
216
+ composeSignaturePayload,
217
+ } from '@kagal/taistamp';
158
218
 
159
219
  const response = await fetch(taistampURL, {
160
220
  headers: { 'TAI-Nonce': clientNonce },
161
221
  });
162
222
  const label = await response.text();
163
- const leap = Number(response.headers.get('TAI-Leap-Seconds'));
164
223
  const selector = response.headers.get('TAI-Key-Selector')!;
165
224
  const sigSf = response.headers.get('TAI-Signature')!;
166
225
 
226
+ // Spec §5.1: a `TAI-Leap-Seconds` value outside the
227
+ // signed-payload u32 range MUST be treated as unsigned.
228
+ // `extractLeapSeconds` returns `undefined` whenever
229
+ // the field is missing, empty, non-numeric, non-integer,
230
+ // negative, or out-of-range; the branded `LeapSeconds`
231
+ // it yields is the only type `composeSignaturePayload`
232
+ // accepts.
233
+ const leap = extractLeapSeconds(response.headers);
234
+ if (leap === undefined) {
235
+ throw new Error('TAI-Leap-Seconds out of range; treat as unsigned');
236
+ }
237
+
238
+ // Brand the recorded nonce so it can flow into the
239
+ // signing path. `asNonce` returns `undefined` for any
240
+ // value that fails sf-binary syntax or the 14..174
241
+ // octet range — the same "treat as absent" verdict
242
+ // the server applied.
243
+ const nonce = asNonce(clientNonce);
244
+ if (nonce === undefined) {
245
+ throw new Error('client nonce is not a valid sf-binary item');
246
+ }
247
+
167
248
  // Look up the public key in DNS at
168
249
  // `${selector}._taistamp.${host}` and parse the
169
250
  // `p=` tag from the TXT record.
170
251
  const publicKey = await loadPublicKey(host, selector);
171
252
 
172
- const payload = taistampSignedPayload(
253
+ const payload = composeSignaturePayload(
173
254
  label,
174
255
  leap,
175
256
  selector,
176
- clientNonce,
257
+ nonce,
177
258
  );
178
259
  const valid = await crypto.subtle.verify(
179
260
  'Ed25519',
@@ -183,10 +264,21 @@ const valid = await crypto.subtle.verify(
183
264
  );
184
265
  ```
185
266
 
186
- `taistampSignedPayload(label, leapSeconds, selector,
267
+ `composeSignaturePayload(label, leapSeconds, selector,
187
268
  nonce)` reconstructs the exact byte sequence the
188
269
  server signed; the verifier supplies only the public
189
- key and an sf-binary decoder. Comparing the verifier's
270
+ key and an sf-binary decoder. `leapSeconds` must be a
271
+ branded `LeapSeconds` — obtain one from
272
+ `extractLeapSeconds(headers)` (the verifier path) or
273
+ `asLeapSeconds(number)` (when you already have the
274
+ value). Both return `undefined` for out-of-range
275
+ input, collapsing every "treat as unsigned" case in
276
+ spec §5.1 into one verdict. `nonce` must be a branded
277
+ `Nonce` — wrap the recorded client nonce with
278
+ `asNonce(value)`, which returns `undefined` for any
279
+ value that would have been treated as absent on the
280
+ server (missing, empty, malformed sf-binary, or
281
+ outside 14..174 octets). Comparing the verifier's
190
282
  recorded nonce against the response's `TAI-Nonce`
191
283
  defends against replay.
192
284
 
@@ -203,10 +295,11 @@ construction:
203
295
  | `tai64nLabel(t?)` | 25-byte label string for a timestamp (or `now()`) |
204
296
  | `tai64nLabelFromUTC(utc)` | Shortcut for `tai64nLabel(fromUTC(utc))` |
205
297
 
206
- `fromUTC` applies the constant `TAI_OFFSET` (currently
207
- 37 seconds). Historic UTC timestamps spanning a
208
- leap-second boundary need caller-side adjustment —
209
- the constant tracks the present, not history.
298
+ `fromUTC` applies the constant `TAI_LEAP_SECONDS`
299
+ (currently 37 seconds). Historic UTC timestamps
300
+ spanning a leap-second boundary need caller-side
301
+ adjustment — the constant tracks the present, not
302
+ history.
210
303
 
211
304
  ## Constants
212
305
 
@@ -219,7 +312,8 @@ the constant tracks the present, not history.
219
312
  | `TAI64N_HEADER_LEAP_SECONDS` | `TAI-Leap-Seconds` |
220
313
  | `TAI64N_HEADER_NONCE` | `TAI-Nonce` |
221
314
  | `TAI64N_HEADER_SIGNATURE` | `TAI-Signature` |
222
- | `TAI_OFFSET` | `37` |
315
+ | `TAI_LEAP_SECONDS` | `37` (current TAI − UTC offset) |
316
+ | `TAI_LEAP_SECONDS_MAX` | `0xFFFFFFFF` (signed-payload u32 cap) |
223
317
  | `TAI64_EPOCH_HI` | `0x40000000` |
224
318
 
225
319
  ## Licence
package/dist/index.d.mts CHANGED
@@ -1,4 +1,6 @@
1
- declare const TAI_OFFSET: number;
1
+ import { Signer } from '@kagal/ed25519-secret';
2
+ export { Signer, newSigner as newEd25519Signer } from '@kagal/ed25519-secret';
3
+
2
4
  declare const TAI64N_PATH = "/.well-known/taistamp";
3
5
  declare const TAI64N_CONTENT_TYPE = "application/tai64n";
4
6
  declare const TAI64N_CONTENT_LENGTH: number;
@@ -9,46 +11,77 @@ declare const TAI64N_HEADER_SIGNATURE = "TAI-Signature";
9
11
  declare const TAI64_EPOCH_HI = 1073741824;
10
12
 
11
13
  /**
12
- * Generic signer abstraction over a private key.
14
+ * Upper bound for `leapSeconds` in the taistamp signed
15
+ * payload. The framing encodes the value as a 4-byte
16
+ * big-endian unsigned integer, so any input outside
17
+ * `[0, 2^32-1]` cannot be represented. Verifiers MUST
18
+ * treat an out-of-range `TAI-Leap-Seconds` response
19
+ * header as unsigned, per spec §5.1.
20
+ */
21
+ declare const TAI_LEAP_SECONDS_MAX = 4294967295;
22
+ declare const LeapSecondsBrand: unique symbol;
23
+ /**
24
+ * `number` that has been confirmed to fit the
25
+ * `[0, TAI_LEAP_SECONDS_MAX]` u32be range required by
26
+ * the taistamp signed-payload framing. Construct only
27
+ * via {@link extractLeapSeconds} or {@link asLeapSeconds};
28
+ * the brand prevents an arbitrary number from reaching
29
+ * the signing path.
30
+ */
31
+ type LeapSeconds = number & {
32
+ readonly [LeapSecondsBrand]: never;
33
+ };
34
+ /**
35
+ * Coerce a `number` to a {@link LeapSeconds}. Returns
36
+ * `undefined` when `value` is non-integer, negative,
37
+ * or exceeds {@link TAI_LEAP_SECONDS_MAX}.
38
+ */
39
+ declare const asLeapSeconds: (value: number) => LeapSeconds | undefined;
40
+ /**
41
+ * Current TAI − UTC offset in whole seconds, used by
42
+ * `fromUTC()` and emitted in the `TAI-Leap-Seconds`
43
+ * response header. The value 37 has been in force
44
+ * since 2017-01-01; update on the next IERS leap-second
45
+ * announcement.
13
46
  *
14
47
  * @remarks
15
- * The handler doesn't care which algorithm or key
16
- * store produced the signature, only that signing
17
- * succeeded. Pluggable so consumers can wire in
18
- * HSM-backed, KMS-backed, or in-process WebCrypto
19
- * signers without touching the handler. Verifiers
20
- * must agree on the algorithm and the public key
21
- * out-of-band — typically by pinning the public key
22
- * to a DNS TXT record.
48
+ * Stays a single `LeapSeconds` until a leap-seconds
49
+ * table is added so the offset can be computed for any
50
+ * TAI second; this constant becomes redundant then.
23
51
  */
24
- interface Signer {
25
- /**
26
- * Produce a signature over `message`.
27
- *
28
- * @param message - bytes to sign; the caller is
29
- * responsible for any framing or domain separation.
30
- * Typed as {@link BufferSource} to match WebCrypto's
31
- * own input shape — any `ArrayBuffer` or typed-array
32
- * view is accepted.
33
- * @returns the raw signature bytes (algorithm-defined
34
- * length and encoding) as an `ArrayBuffer`, matching
35
- * WebCrypto's native output shape
36
- */
37
- sign: (message: BufferSource) => Promise<ArrayBuffer>;
38
- }
52
+ declare const TAI_LEAP_SECONDS: LeapSeconds;
39
53
  /**
40
- * Build a {@link Signer} backed by a WebCrypto Ed25519
41
- * private `CryptoKey`.
42
- *
43
- * @param key - Ed25519 private key with `'sign'` in
44
- * `key.usages`. The algorithm `name` must be
45
- * `'Ed25519'`.
46
- * @returns a {@link Signer} producing 64-byte raw
47
- * Ed25519 signatures (R s, RFC 8032)
48
- *
49
- * @see {@link https://datatracker.ietf.org/doc/html/rfc8032}
54
+ * Extract a usable leap-seconds count from response
55
+ * headers. Returns `undefined` when the
56
+ * `TAI-Leap-Seconds` field is missing, empty,
57
+ * non-numeric, non-integer, negative, or out-of-range
58
+ * every "treat as unsigned" case in spec §5.1
59
+ * collapsed into one verdict.
60
+ */
61
+ declare const extractLeapSeconds: (headers: Headers) => LeapSeconds | undefined;
62
+
63
+ declare const NonceBrand: unique symbol;
64
+ /**
65
+ * `string` that has been confirmed to satisfy the
66
+ * sf-binary syntax of RFC 9651 §3.3.5 and the
67
+ * `[NONCE_MIN_OCTETS, NONCE_MAX_OCTETS]` length range
68
+ * required by spec §5.2. Construct only via
69
+ * {@link asNonce} or {@link extractNonce}; the brand
70
+ * prevents arbitrary strings from reaching the
71
+ * signing path.
72
+ */
73
+ type Nonce = string & {
74
+ readonly [NonceBrand]: never;
75
+ };
76
+ /**
77
+ * Brand `value` as a {@link Nonce} when it satisfies
78
+ * sf-binary syntax (RFC 9651 §3.3.5) and falls inside
79
+ * `[NONCE_MIN_OCTETS, NONCE_MAX_OCTETS]`. Returns
80
+ * `undefined` for anything else — every "treat as
81
+ * absent" case in spec §5.2 collapsed into one
82
+ * verdict.
50
83
  */
51
- declare const newEd25519Signer: (key: CryptoKey) => Signer;
84
+ declare const asNonce: (value: string) => Nonce | undefined;
52
85
 
53
86
  /**
54
87
  * Compose the byte sequence covered by a TAI-Signature.
@@ -62,7 +95,8 @@ declare const newEd25519Signer: (key: CryptoKey) => Signer;
62
95
  * this to look up the public key in DNS at
63
96
  * `<selector>._taistamp.<host>`
64
97
  * @param nonce - the client-supplied nonce, echoed
65
- * verbatim in `TAI-Nonce`
98
+ * verbatim in `TAI-Nonce`; brand a verifier-side
99
+ * string with {@link asNonce} before passing it in
66
100
  * @returns the byte sequence verifiers reconstruct
67
101
  * from the response and pass to their public-key
68
102
  * verify routine. The framing is the
@@ -82,7 +116,7 @@ declare const newEd25519Signer: (key: CryptoKey) => Signer;
82
116
  * a single byte (selectors are ≤ 63 chars per
83
117
  * {@link newTaistampHandler}'s validation).
84
118
  */
85
- declare const taistampSignedPayload: (label: string, leapSeconds: number, selector: string, nonce: string) => ArrayBuffer;
119
+ declare const composeSignaturePayload: (label: string, leapSeconds: LeapSeconds, selector: string, nonce: Nonce) => ArrayBuffer;
86
120
  /**
87
121
  * Configuration for {@link newTaistampHandler}.
88
122
  *
@@ -110,11 +144,31 @@ interface TaistampHandlerConfig {
110
144
  selector?: string;
111
145
  /**
112
146
  * {@link Signer} that produces `TAI-Signature` over
113
- * the framed payload from {@link taistampSignedPayload}.
147
+ * the framed payload from {@link composeSignaturePayload}.
114
148
  * Without a signer the nonce is still echoed but the
115
149
  * response is unsigned.
116
150
  */
117
151
  signer?: Signer;
152
+ /**
153
+ * CORS origin policy. Defaults to `'*'`; pass `false`
154
+ * to disable CORS entirely, or a specific origin
155
+ * (e.g. `'https://example.com'`) to scope the policy.
156
+ *
157
+ * Every response (`GET` / `HEAD` / `OPTIONS` / `405`)
158
+ * gains `Access-Control-Allow-Origin`; pre-flight
159
+ * `OPTIONS` also carries `-Allow-Methods`,
160
+ * `-Allow-Headers`, `-Expose-Headers`, and
161
+ * `-Max-Age: 600` per spec §4.2; success
162
+ * `GET` / `HEAD` carry `-Expose-Headers` so browser
163
+ * JS can read the `TAI-*` response headers. A
164
+ * non-`'*'` value adds `Vary: Origin` so caches can
165
+ * keep per-origin variants distinct.
166
+ *
167
+ * Disabling CORS does not affect method discovery:
168
+ * `OPTIONS` is still answered with `200` and
169
+ * `Allow: GET, HEAD, OPTIONS` per RFC 9110 §9.3.7.
170
+ */
171
+ cors?: false | string;
118
172
  }
119
173
  /**
120
174
  * Build a handler for `/.well-known/taistamp`.
@@ -136,25 +190,30 @@ interface TaistampHandlerConfig {
136
190
  * Content-Type `application/tai64n`, Content-Length
137
191
  * `25`, Cache-Control `no-store`, plus
138
192
  * `TAI-Leap-Seconds` carrying the current count.
193
+ * - `OPTIONS` — `200` with `Allow: GET, HEAD, OPTIONS`.
194
+ * When CORS is enabled (the default) the response
195
+ * also carries `Access-Control-Allow-*` and
196
+ * `-Expose-Headers` per
197
+ * {@link TaistampHandlerConfig.cors}. `OPTIONS` is
198
+ * never signed.
139
199
  * - Any other method — `405 Method Not Allowed` with
140
- * `Allow: GET, HEAD`.
141
- * - Request with more than one `TAI-Nonce` header
142
- * `400 Bad Request`. Stricter than the spec's
143
- * "treat as absent" rule: a duplicated singleton
144
- * field is malformed input, so we refuse rather
145
- * than silently down-ranking it to unsigned.
146
- * - Request `TAI-Nonce` the value is echoed verbatim
147
- * in the response.
200
+ * `Allow: GET, HEAD, OPTIONS`.
201
+ * - Request `TAI-Nonce` on `GET`, the value is echoed
202
+ * verbatim in the response. A missing, empty,
203
+ * duplicated, structurally malformed, or out-of-range
204
+ * (14..174 octets) field is treated as absent (no
205
+ * echo, no signature) per spec §5.2 — see
206
+ * {@link extractNonce}. `HEAD`, `OPTIONS`, and `405`
207
+ * responses never carry `TAI-Nonce` per spec §4.1.
148
208
  * - Request `TAI-Nonce` *and* `signer` configured *and*
149
- * the request method is `GET` *and* the nonce field
150
- * value is between 14 and 174 octets — adds
209
+ * the request method is `GET` adds
151
210
  * `TAI-Key-Selector` and `TAI-Signature` (sf-binary)
152
211
  * over the bytes produced by
153
- * {@link taistampSignedPayload}. The
212
+ * {@link composeSignaturePayload}. The
154
213
  * domain-separation tag means the same key cannot
155
214
  * be tricked into producing valid signatures for
156
- * other protocols. `HEAD` and `405` responses are
157
- * never signed.
215
+ * other protocols. `HEAD`, `OPTIONS`, and `405`
216
+ * responses are never signed.
158
217
  *
159
218
  * The corresponding public key is expected to be
160
219
  * published out-of-band as a DNS TXT record at
@@ -181,5 +240,5 @@ declare const tai64nLabelFromUTC: (utc: number) => string;
181
240
  /** Package version from package.json. */
182
241
  declare const VERSION: string;
183
242
 
184
- export { TAI64N_CONTENT_LENGTH, TAI64N_CONTENT_TYPE, TAI64N_HEADER_KEY_SELECTOR, TAI64N_HEADER_LEAP_SECONDS, TAI64N_HEADER_NONCE, TAI64N_HEADER_SIGNATURE, TAI64N_PATH, TAI64_EPOCH_HI, TAI_OFFSET, VERSION, fromUTC, newEd25519Signer, newTaistampHandler, now, tai64nLabel, tai64nLabelFromUTC, taistampSignedPayload };
185
- export type { Signer, TaistampHandlerConfig };
243
+ export { TAI64N_CONTENT_LENGTH, TAI64N_CONTENT_TYPE, TAI64N_HEADER_KEY_SELECTOR, TAI64N_HEADER_LEAP_SECONDS, TAI64N_HEADER_NONCE, TAI64N_HEADER_SIGNATURE, TAI64N_PATH, TAI64_EPOCH_HI, TAI_LEAP_SECONDS, TAI_LEAP_SECONDS_MAX, VERSION, asLeapSeconds, asNonce, composeSignaturePayload, extractLeapSeconds, fromUTC, newTaistampHandler, now, tai64nLabel, tai64nLabelFromUTC };
244
+ export type { LeapSeconds, Nonce, TaistampHandlerConfig };
package/dist/index.d.ts CHANGED
@@ -1,4 +1,6 @@
1
- declare const TAI_OFFSET: number;
1
+ import { Signer } from '@kagal/ed25519-secret';
2
+ export { Signer, newSigner as newEd25519Signer } from '@kagal/ed25519-secret';
3
+
2
4
  declare const TAI64N_PATH = "/.well-known/taistamp";
3
5
  declare const TAI64N_CONTENT_TYPE = "application/tai64n";
4
6
  declare const TAI64N_CONTENT_LENGTH: number;
@@ -9,46 +11,77 @@ declare const TAI64N_HEADER_SIGNATURE = "TAI-Signature";
9
11
  declare const TAI64_EPOCH_HI = 1073741824;
10
12
 
11
13
  /**
12
- * Generic signer abstraction over a private key.
14
+ * Upper bound for `leapSeconds` in the taistamp signed
15
+ * payload. The framing encodes the value as a 4-byte
16
+ * big-endian unsigned integer, so any input outside
17
+ * `[0, 2^32-1]` cannot be represented. Verifiers MUST
18
+ * treat an out-of-range `TAI-Leap-Seconds` response
19
+ * header as unsigned, per spec §5.1.
20
+ */
21
+ declare const TAI_LEAP_SECONDS_MAX = 4294967295;
22
+ declare const LeapSecondsBrand: unique symbol;
23
+ /**
24
+ * `number` that has been confirmed to fit the
25
+ * `[0, TAI_LEAP_SECONDS_MAX]` u32be range required by
26
+ * the taistamp signed-payload framing. Construct only
27
+ * via {@link extractLeapSeconds} or {@link asLeapSeconds};
28
+ * the brand prevents an arbitrary number from reaching
29
+ * the signing path.
30
+ */
31
+ type LeapSeconds = number & {
32
+ readonly [LeapSecondsBrand]: never;
33
+ };
34
+ /**
35
+ * Coerce a `number` to a {@link LeapSeconds}. Returns
36
+ * `undefined` when `value` is non-integer, negative,
37
+ * or exceeds {@link TAI_LEAP_SECONDS_MAX}.
38
+ */
39
+ declare const asLeapSeconds: (value: number) => LeapSeconds | undefined;
40
+ /**
41
+ * Current TAI − UTC offset in whole seconds, used by
42
+ * `fromUTC()` and emitted in the `TAI-Leap-Seconds`
43
+ * response header. The value 37 has been in force
44
+ * since 2017-01-01; update on the next IERS leap-second
45
+ * announcement.
13
46
  *
14
47
  * @remarks
15
- * The handler doesn't care which algorithm or key
16
- * store produced the signature, only that signing
17
- * succeeded. Pluggable so consumers can wire in
18
- * HSM-backed, KMS-backed, or in-process WebCrypto
19
- * signers without touching the handler. Verifiers
20
- * must agree on the algorithm and the public key
21
- * out-of-band — typically by pinning the public key
22
- * to a DNS TXT record.
48
+ * Stays a single `LeapSeconds` until a leap-seconds
49
+ * table is added so the offset can be computed for any
50
+ * TAI second; this constant becomes redundant then.
23
51
  */
24
- interface Signer {
25
- /**
26
- * Produce a signature over `message`.
27
- *
28
- * @param message - bytes to sign; the caller is
29
- * responsible for any framing or domain separation.
30
- * Typed as {@link BufferSource} to match WebCrypto's
31
- * own input shape — any `ArrayBuffer` or typed-array
32
- * view is accepted.
33
- * @returns the raw signature bytes (algorithm-defined
34
- * length and encoding) as an `ArrayBuffer`, matching
35
- * WebCrypto's native output shape
36
- */
37
- sign: (message: BufferSource) => Promise<ArrayBuffer>;
38
- }
52
+ declare const TAI_LEAP_SECONDS: LeapSeconds;
39
53
  /**
40
- * Build a {@link Signer} backed by a WebCrypto Ed25519
41
- * private `CryptoKey`.
42
- *
43
- * @param key - Ed25519 private key with `'sign'` in
44
- * `key.usages`. The algorithm `name` must be
45
- * `'Ed25519'`.
46
- * @returns a {@link Signer} producing 64-byte raw
47
- * Ed25519 signatures (R s, RFC 8032)
48
- *
49
- * @see {@link https://datatracker.ietf.org/doc/html/rfc8032}
54
+ * Extract a usable leap-seconds count from response
55
+ * headers. Returns `undefined` when the
56
+ * `TAI-Leap-Seconds` field is missing, empty,
57
+ * non-numeric, non-integer, negative, or out-of-range
58
+ * every "treat as unsigned" case in spec §5.1
59
+ * collapsed into one verdict.
60
+ */
61
+ declare const extractLeapSeconds: (headers: Headers) => LeapSeconds | undefined;
62
+
63
+ declare const NonceBrand: unique symbol;
64
+ /**
65
+ * `string` that has been confirmed to satisfy the
66
+ * sf-binary syntax of RFC 9651 §3.3.5 and the
67
+ * `[NONCE_MIN_OCTETS, NONCE_MAX_OCTETS]` length range
68
+ * required by spec §5.2. Construct only via
69
+ * {@link asNonce} or {@link extractNonce}; the brand
70
+ * prevents arbitrary strings from reaching the
71
+ * signing path.
72
+ */
73
+ type Nonce = string & {
74
+ readonly [NonceBrand]: never;
75
+ };
76
+ /**
77
+ * Brand `value` as a {@link Nonce} when it satisfies
78
+ * sf-binary syntax (RFC 9651 §3.3.5) and falls inside
79
+ * `[NONCE_MIN_OCTETS, NONCE_MAX_OCTETS]`. Returns
80
+ * `undefined` for anything else — every "treat as
81
+ * absent" case in spec §5.2 collapsed into one
82
+ * verdict.
50
83
  */
51
- declare const newEd25519Signer: (key: CryptoKey) => Signer;
84
+ declare const asNonce: (value: string) => Nonce | undefined;
52
85
 
53
86
  /**
54
87
  * Compose the byte sequence covered by a TAI-Signature.
@@ -62,7 +95,8 @@ declare const newEd25519Signer: (key: CryptoKey) => Signer;
62
95
  * this to look up the public key in DNS at
63
96
  * `<selector>._taistamp.<host>`
64
97
  * @param nonce - the client-supplied nonce, echoed
65
- * verbatim in `TAI-Nonce`
98
+ * verbatim in `TAI-Nonce`; brand a verifier-side
99
+ * string with {@link asNonce} before passing it in
66
100
  * @returns the byte sequence verifiers reconstruct
67
101
  * from the response and pass to their public-key
68
102
  * verify routine. The framing is the
@@ -82,7 +116,7 @@ declare const newEd25519Signer: (key: CryptoKey) => Signer;
82
116
  * a single byte (selectors are ≤ 63 chars per
83
117
  * {@link newTaistampHandler}'s validation).
84
118
  */
85
- declare const taistampSignedPayload: (label: string, leapSeconds: number, selector: string, nonce: string) => ArrayBuffer;
119
+ declare const composeSignaturePayload: (label: string, leapSeconds: LeapSeconds, selector: string, nonce: Nonce) => ArrayBuffer;
86
120
  /**
87
121
  * Configuration for {@link newTaistampHandler}.
88
122
  *
@@ -110,11 +144,31 @@ interface TaistampHandlerConfig {
110
144
  selector?: string;
111
145
  /**
112
146
  * {@link Signer} that produces `TAI-Signature` over
113
- * the framed payload from {@link taistampSignedPayload}.
147
+ * the framed payload from {@link composeSignaturePayload}.
114
148
  * Without a signer the nonce is still echoed but the
115
149
  * response is unsigned.
116
150
  */
117
151
  signer?: Signer;
152
+ /**
153
+ * CORS origin policy. Defaults to `'*'`; pass `false`
154
+ * to disable CORS entirely, or a specific origin
155
+ * (e.g. `'https://example.com'`) to scope the policy.
156
+ *
157
+ * Every response (`GET` / `HEAD` / `OPTIONS` / `405`)
158
+ * gains `Access-Control-Allow-Origin`; pre-flight
159
+ * `OPTIONS` also carries `-Allow-Methods`,
160
+ * `-Allow-Headers`, `-Expose-Headers`, and
161
+ * `-Max-Age: 600` per spec §4.2; success
162
+ * `GET` / `HEAD` carry `-Expose-Headers` so browser
163
+ * JS can read the `TAI-*` response headers. A
164
+ * non-`'*'` value adds `Vary: Origin` so caches can
165
+ * keep per-origin variants distinct.
166
+ *
167
+ * Disabling CORS does not affect method discovery:
168
+ * `OPTIONS` is still answered with `200` and
169
+ * `Allow: GET, HEAD, OPTIONS` per RFC 9110 §9.3.7.
170
+ */
171
+ cors?: false | string;
118
172
  }
119
173
  /**
120
174
  * Build a handler for `/.well-known/taistamp`.
@@ -136,25 +190,30 @@ interface TaistampHandlerConfig {
136
190
  * Content-Type `application/tai64n`, Content-Length
137
191
  * `25`, Cache-Control `no-store`, plus
138
192
  * `TAI-Leap-Seconds` carrying the current count.
193
+ * - `OPTIONS` — `200` with `Allow: GET, HEAD, OPTIONS`.
194
+ * When CORS is enabled (the default) the response
195
+ * also carries `Access-Control-Allow-*` and
196
+ * `-Expose-Headers` per
197
+ * {@link TaistampHandlerConfig.cors}. `OPTIONS` is
198
+ * never signed.
139
199
  * - Any other method — `405 Method Not Allowed` with
140
- * `Allow: GET, HEAD`.
141
- * - Request with more than one `TAI-Nonce` header
142
- * `400 Bad Request`. Stricter than the spec's
143
- * "treat as absent" rule: a duplicated singleton
144
- * field is malformed input, so we refuse rather
145
- * than silently down-ranking it to unsigned.
146
- * - Request `TAI-Nonce` the value is echoed verbatim
147
- * in the response.
200
+ * `Allow: GET, HEAD, OPTIONS`.
201
+ * - Request `TAI-Nonce` on `GET`, the value is echoed
202
+ * verbatim in the response. A missing, empty,
203
+ * duplicated, structurally malformed, or out-of-range
204
+ * (14..174 octets) field is treated as absent (no
205
+ * echo, no signature) per spec §5.2 — see
206
+ * {@link extractNonce}. `HEAD`, `OPTIONS`, and `405`
207
+ * responses never carry `TAI-Nonce` per spec §4.1.
148
208
  * - Request `TAI-Nonce` *and* `signer` configured *and*
149
- * the request method is `GET` *and* the nonce field
150
- * value is between 14 and 174 octets — adds
209
+ * the request method is `GET` adds
151
210
  * `TAI-Key-Selector` and `TAI-Signature` (sf-binary)
152
211
  * over the bytes produced by
153
- * {@link taistampSignedPayload}. The
212
+ * {@link composeSignaturePayload}. The
154
213
  * domain-separation tag means the same key cannot
155
214
  * be tricked into producing valid signatures for
156
- * other protocols. `HEAD` and `405` responses are
157
- * never signed.
215
+ * other protocols. `HEAD`, `OPTIONS`, and `405`
216
+ * responses are never signed.
158
217
  *
159
218
  * The corresponding public key is expected to be
160
219
  * published out-of-band as a DNS TXT record at
@@ -181,5 +240,5 @@ declare const tai64nLabelFromUTC: (utc: number) => string;
181
240
  /** Package version from package.json. */
182
241
  declare const VERSION: string;
183
242
 
184
- export { TAI64N_CONTENT_LENGTH, TAI64N_CONTENT_TYPE, TAI64N_HEADER_KEY_SELECTOR, TAI64N_HEADER_LEAP_SECONDS, TAI64N_HEADER_NONCE, TAI64N_HEADER_SIGNATURE, TAI64N_PATH, TAI64_EPOCH_HI, TAI_OFFSET, VERSION, fromUTC, newEd25519Signer, newTaistampHandler, now, tai64nLabel, tai64nLabelFromUTC, taistampSignedPayload };
185
- export type { Signer, TaistampHandlerConfig };
243
+ export { TAI64N_CONTENT_LENGTH, TAI64N_CONTENT_TYPE, TAI64N_HEADER_KEY_SELECTOR, TAI64N_HEADER_LEAP_SECONDS, TAI64N_HEADER_NONCE, TAI64N_HEADER_SIGNATURE, TAI64N_PATH, TAI64_EPOCH_HI, TAI_LEAP_SECONDS, TAI_LEAP_SECONDS_MAX, VERSION, asLeapSeconds, asNonce, composeSignaturePayload, extractLeapSeconds, fromUTC, newTaistampHandler, now, tai64nLabel, tai64nLabelFromUTC };
244
+ export type { LeapSeconds, Nonce, TaistampHandlerConfig };
package/dist/index.mjs CHANGED
@@ -1,8 +1,10 @@
1
- const version = "0.0.1";
1
+ import { assertValidSelector } from '@kagal/ed25519-secret';
2
+ export { newSigner as newEd25519Signer } from '@kagal/ed25519-secret';
3
+
4
+ const version = "0.0.4";
2
5
  const pkg = {
3
6
  version: version};
4
7
 
5
- const TAI_OFFSET = 37;
6
8
  const TAI64N_PATH = "/.well-known/taistamp";
7
9
  const TAI64N_CONTENT_TYPE = "application/tai64n";
8
10
  const TAI64N_CONTENT_LENGTH = 1 + 16 + 8;
@@ -12,10 +14,71 @@ const TAI64N_HEADER_NONCE = "TAI-Nonce";
12
14
  const TAI64N_HEADER_SIGNATURE = "TAI-Signature";
13
15
  const TAI64_EPOCH_HI = 1073741824;
14
16
 
17
+ const CORS_ALLOW_METHODS = "GET, HEAD";
18
+ const CORS_ALLOW_HEADERS = TAI64N_HEADER_NONCE;
19
+ const CORS_EXPOSE_HEADERS = [
20
+ TAI64N_HEADER_LEAP_SECONDS,
21
+ TAI64N_HEADER_NONCE,
22
+ TAI64N_HEADER_KEY_SELECTOR,
23
+ TAI64N_HEADER_SIGNATURE
24
+ ].join(", ");
25
+ const CORS_MAX_AGE = "600";
26
+ const buildCORSHeaders = (cors) => {
27
+ if (cors === false) {
28
+ return { error: {}, preflight: {}, response: {} };
29
+ }
30
+ const origin = cors || "*";
31
+ const vary = origin === "*" ? {} : { vary: "Origin" };
32
+ return {
33
+ error: {
34
+ "access-control-allow-origin": origin,
35
+ ...vary
36
+ },
37
+ preflight: {
38
+ "access-control-allow-origin": origin,
39
+ "access-control-allow-methods": CORS_ALLOW_METHODS,
40
+ "access-control-allow-headers": CORS_ALLOW_HEADERS,
41
+ "access-control-expose-headers": CORS_EXPOSE_HEADERS,
42
+ "access-control-max-age": CORS_MAX_AGE,
43
+ ...vary
44
+ },
45
+ response: {
46
+ "access-control-allow-origin": origin,
47
+ "access-control-expose-headers": CORS_EXPOSE_HEADERS,
48
+ ...vary
49
+ }
50
+ };
51
+ };
52
+
53
+ const TAI_LEAP_SECONDS_MAX = 4294967295;
54
+ const asLeapSeconds = (value) => {
55
+ if (!Number.isInteger(value) || value < 0 || value > TAI_LEAP_SECONDS_MAX) return void 0;
56
+ return value;
57
+ };
58
+ const TAI_LEAP_SECONDS = 37;
59
+ const DECIMAL_INTEGER = /^(?:0|[1-9]\d*)$/;
60
+ const extractLeapSeconds = (headers) => {
61
+ const raw = headers.get(TAI64N_HEADER_LEAP_SECONDS);
62
+ if (!raw || !DECIMAL_INTEGER.test(raw)) return void 0;
63
+ return asLeapSeconds(Number(raw));
64
+ };
65
+
66
+ const NONCE_MIN_OCTETS = 14;
67
+ const NONCE_MAX_OCTETS = 174;
68
+ const SF_BINARY_PATTERN = /^:(?:[\d+/A-Za-z]{4})*(?:[\d+/A-Za-z]{4}|[\d+/A-Za-z]{3}=|[\d+/A-Za-z]{2}==):$/;
69
+ const asNonce = (value) => {
70
+ if (!value || value.length < NONCE_MIN_OCTETS || value.length > NONCE_MAX_OCTETS || !SF_BINARY_PATTERN.test(value)) return void 0;
71
+ return value;
72
+ };
73
+ const extractNonce = (headers) => {
74
+ const value = headers.get(TAI64N_HEADER_NONCE);
75
+ return value === null ? void 0 : asNonce(value);
76
+ };
77
+
15
78
  const fromUTC = (utc) => {
16
- const sec = Math.floor(utc / 1e3) + TAI_OFFSET;
79
+ const sec = Math.floor(utc / 1e3) + TAI_LEAP_SECONDS;
17
80
  const nano = utc % 1e3 * 1e6;
18
- return { sec, nano, offset: TAI_OFFSET };
81
+ return { sec, nano, offset: TAI_LEAP_SECONDS };
19
82
  };
20
83
  const now = () => {
21
84
  const utc = Date.now();
@@ -33,9 +96,7 @@ const tai64nLabel = (value) => {
33
96
  const tai64nLabelFromUTC = (utc) => tai64nLabel(fromUTC(utc));
34
97
  const u32Range = 4294967296;
35
98
 
36
- const SELECTOR_PATTERN = /^[A-Za-z][\dA-Za-z_-]{0,62}$/;
37
- const NONCE_MIN_OCTETS = 14;
38
- const NONCE_MAX_OCTETS = 174;
99
+ const ALLOW_HEADER = "GET, HEAD, OPTIONS";
39
100
  const textEncoder = new TextEncoder();
40
101
  const DOMAIN_SEPARATOR = textEncoder.encode("taistamp-v1\0");
41
102
  const asBytes = (source) => {
@@ -56,7 +117,7 @@ const encodeStructuredBinary = (source) => {
56
117
  const standard = btoa(String.fromCodePoint(...bytes));
57
118
  return `:${standard}:`;
58
119
  };
59
- const taistampSignedPayload = (label, leapSeconds, selector, nonce) => {
120
+ const composeSignaturePayload = (label, leapSeconds, selector, nonce) => {
60
121
  const labelBytes = textEncoder.encode(label);
61
122
  const selectorBytes = textEncoder.encode(selector);
62
123
  const nonceBytes = textEncoder.encode(nonce);
@@ -78,53 +139,70 @@ const taistampSignedPayload = (label, leapSeconds, selector, nonce) => {
78
139
  view.set(nonceBytes, offset);
79
140
  return buffer;
80
141
  };
81
- const newTaistampHandler = (config = {}) => {
82
- const { selector, signer } = config;
142
+ const validateHandlerConfig = (config) => {
143
+ const { cors, selector, signer } = config;
83
144
  if (signer === void 0 !== (selector === void 0)) {
84
145
  throw new TypeError(
85
146
  "newTaistampHandler: signer and selector must be set together"
86
147
  );
87
148
  }
88
- if (selector !== void 0 && !SELECTOR_PATTERN.test(selector)) {
149
+ if (cors !== void 0 && cors !== false && typeof cors !== "string") {
89
150
  throw new TypeError(
90
- `newTaistampHandler: selector must match ${SELECTOR_PATTERN.source}`
151
+ "newTaistampHandler: cors must be false or a string origin"
91
152
  );
92
153
  }
154
+ if (selector !== void 0) {
155
+ assertValidSelector(selector, "newTaistampHandler");
156
+ }
157
+ return config;
158
+ };
159
+ const fromHandlerConfig = (config) => {
160
+ const { cors, selector, signer } = validateHandlerConfig(config);
161
+ const corsHeaders = buildCORSHeaders(cors);
162
+ const addSignature = selector !== void 0 && signer !== void 0 ? async (headers, label, nonce) => {
163
+ const payload = composeSignaturePayload(
164
+ label,
165
+ TAI_LEAP_SECONDS,
166
+ selector,
167
+ nonce
168
+ );
169
+ const signature = await signer.sign(payload);
170
+ headers.set(TAI64N_HEADER_KEY_SELECTOR, selector);
171
+ headers.set(
172
+ TAI64N_HEADER_SIGNATURE,
173
+ encodeStructuredBinary(signature)
174
+ );
175
+ } : void 0;
176
+ return { addSignature, corsHeaders };
177
+ };
178
+ const newTaistampHandler = (config = {}) => {
179
+ const { addSignature, corsHeaders } = fromHandlerConfig(config);
93
180
  return async (request) => {
181
+ if (request.method === "OPTIONS") {
182
+ return new Response(void 0, {
183
+ status: 200,
184
+ headers: { allow: ALLOW_HEADER, ...corsHeaders.preflight }
185
+ });
186
+ }
94
187
  if (request.method !== "GET" && request.method !== "HEAD") {
95
188
  return new Response(void 0, {
96
189
  status: 405,
97
- headers: { allow: "GET, HEAD" }
190
+ headers: { allow: ALLOW_HEADER, ...corsHeaders.error }
98
191
  });
99
192
  }
100
- const nonce = request.headers.get(TAI64N_HEADER_NONCE);
101
- if (nonce !== null && nonce.includes(",")) {
102
- return new Response(void 0, { status: 400 });
103
- }
193
+ const nonce = extractNonce(request.headers);
104
194
  const label = tai64nLabel();
105
195
  const headers = new Headers({
106
196
  "cache-control": "no-store",
107
197
  "content-length": String(TAI64N_CONTENT_LENGTH),
108
198
  "content-type": TAI64N_CONTENT_TYPE,
109
- [TAI64N_HEADER_LEAP_SECONDS]: String(TAI_OFFSET)
199
+ [TAI64N_HEADER_LEAP_SECONDS]: String(TAI_LEAP_SECONDS),
200
+ ...corsHeaders.response
110
201
  });
111
- if (nonce !== null) {
202
+ if (nonce && request.method === "GET") {
112
203
  headers.set(TAI64N_HEADER_NONCE, nonce);
113
- const nonceLength = textEncoder.encode(nonce).length;
114
- const inRange = nonceLength >= NONCE_MIN_OCTETS && nonceLength <= NONCE_MAX_OCTETS;
115
- if (request.method === "GET" && signer !== void 0 && selector !== void 0 && inRange) {
116
- const message = taistampSignedPayload(
117
- label,
118
- TAI_OFFSET,
119
- selector,
120
- nonce
121
- );
122
- const signature = await signer.sign(message);
123
- headers.set(TAI64N_HEADER_KEY_SELECTOR, selector);
124
- headers.set(
125
- TAI64N_HEADER_SIGNATURE,
126
- encodeStructuredBinary(signature)
127
- );
204
+ if (addSignature) {
205
+ await addSignature(headers, label, nonce);
128
206
  }
129
207
  }
130
208
  const body = request.method === "HEAD" ? void 0 : label;
@@ -132,11 +210,7 @@ const newTaistampHandler = (config = {}) => {
132
210
  };
133
211
  };
134
212
 
135
- const newEd25519Signer = (key) => ({
136
- sign: async (message) => crypto.subtle.sign("Ed25519", key, message)
137
- });
138
-
139
213
  const VERSION = pkg.version;
140
214
 
141
- export { TAI64N_CONTENT_LENGTH, TAI64N_CONTENT_TYPE, TAI64N_HEADER_KEY_SELECTOR, TAI64N_HEADER_LEAP_SECONDS, TAI64N_HEADER_NONCE, TAI64N_HEADER_SIGNATURE, TAI64N_PATH, TAI64_EPOCH_HI, TAI_OFFSET, VERSION, fromUTC, newEd25519Signer, newTaistampHandler, now, tai64nLabel, tai64nLabelFromUTC, taistampSignedPayload };
215
+ export { TAI64N_CONTENT_LENGTH, TAI64N_CONTENT_TYPE, TAI64N_HEADER_KEY_SELECTOR, TAI64N_HEADER_LEAP_SECONDS, TAI64N_HEADER_NONCE, TAI64N_HEADER_SIGNATURE, TAI64N_PATH, TAI64_EPOCH_HI, TAI_LEAP_SECONDS, TAI_LEAP_SECONDS_MAX, VERSION, asLeapSeconds, asNonce, composeSignaturePayload, extractLeapSeconds, fromUTC, newTaistampHandler, now, tai64nLabel, tai64nLabelFromUTC };
142
216
  //# sourceMappingURL=index.mjs.map
package/dist/index.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.mjs","sources":["../src/const.ts","../src/utils.ts","../src/handler.ts","../src/signer.ts","../src/index.ts"],"sourcesContent":["export const TAI_OFFSET: number = 37;\n\nexport const TAI64N_PATH = '/.well-known/taistamp';\n\nexport const TAI64N_CONTENT_TYPE = 'application/tai64n';\nexport const TAI64N_CONTENT_LENGTH = 1 + 16 + 8; // '@' + sec (16 hex chars) + nano (8 hex chars)\n\nexport const TAI64N_HEADER_KEY_SELECTOR = 'TAI-Key-Selector';\nexport const TAI64N_HEADER_LEAP_SECONDS = 'TAI-Leap-Seconds';\nexport const TAI64N_HEADER_NONCE = 'TAI-Nonce';\nexport const TAI64N_HEADER_SIGNATURE = 'TAI-Signature';\n\nexport const TAI64_EPOCH_HI = 0x40_00_00_00;\n","import { TAI64_EPOCH_HI, TAI_OFFSET } from './const';\n\ntype timestamp = {\n nano: number\n sec: number\n\n offset?: number\n};\n\nexport const fromUTC = (utc: number): timestamp => {\n // TODO: leap seconds table\n const sec = Math.floor(utc / 1000) + TAI_OFFSET;\n const nano = (utc % 1000) * 1e6;\n return { sec, nano, offset: TAI_OFFSET };\n};\n\nexport const now = (): timestamp => {\n const utc = Date.now();\n return fromUTC(utc);\n};\n\nexport const tai64nLabel = (value?: timestamp): string => {\n const { sec, nano } = value ?? now();\n\n const secHi = Math.trunc(sec / u32Range) + TAI64_EPOCH_HI;\n const secLo = sec % u32Range;\n\n const secHiHex = secHi.toString(16).padStart(8, '0');\n const secLoHex = secLo.toString(16).padStart(8, '0');\n const nanoHex = nano.toString(16).padStart(8, '0');\n\n return `@${secHiHex}${secLoHex}${nanoHex}`;\n};\n\nexport const tai64nLabelFromUTC = (utc: number): string => tai64nLabel(fromUTC(utc));\n\nconst u32Range = 0x1_00_00_00_00;\n","import type { Signer } from './signer';\nimport {\n TAI64N_CONTENT_LENGTH,\n TAI64N_CONTENT_TYPE,\n TAI64N_HEADER_KEY_SELECTOR,\n TAI64N_HEADER_LEAP_SECONDS,\n TAI64N_HEADER_NONCE,\n TAI64N_HEADER_SIGNATURE,\n TAI_OFFSET,\n} from './const';\nimport { tai64nLabel } from './utils';\n\nconst SELECTOR_PATTERN = /^[A-Za-z][\\dA-Za-z_-]{0,62}$/;\n\nconst NONCE_MIN_OCTETS = 14;\nconst NONCE_MAX_OCTETS = 174;\n\nconst textEncoder = new TextEncoder();\n\n/**\n * Domain-separation tag prepended to every signed\n * payload. Versioned so a v2 protocol can use the same\n * key without colliding with v1 signatures, and\n * NUL-terminated so the boundary between tag and\n * label is unambiguous.\n */\nconst DOMAIN_SEPARATOR = textEncoder.encode('taistamp-v1\\0');\n\nconst asBytes = (source: BufferSource): Uint8Array => {\n if (source instanceof Uint8Array) {\n return source;\n }\n if (ArrayBuffer.isView(source)) {\n return new Uint8Array(\n source.buffer,\n source.byteOffset,\n source.byteLength,\n );\n }\n return new Uint8Array(source);\n};\n\n/**\n * Encode `source` as a Structured Field Value sf-binary\n * item per [RFC 8941 §3.3.5]: standard base64 with `=`\n * padding, wrapped in a leading and trailing colon.\n *\n * @see {@link https://www.rfc-editor.org/rfc/rfc8941#name-byte-sequences}\n */\nconst encodeStructuredBinary = (source: BufferSource): string => {\n // Spread is safe for the 64-byte signatures handled\n // here; revisit if larger payloads ever land.\n const bytes = asBytes(source);\n const standard = btoa(String.fromCodePoint(...bytes));\n return `:${standard}:`;\n};\n\n/**\n * Compose the byte sequence covered by a TAI-Signature.\n *\n * @param label - the 25-byte TAI64N label string the\n * server is returning\n * @param leapSeconds - the leap-seconds count the server\n * advertises in `TAI-Leap-Seconds`\n * @param selector - the key selector the server\n * advertises in `TAI-Key-Selector`; verifiers use\n * this to look up the public key in DNS at\n * `<selector>._taistamp.<host>`\n * @param nonce - the client-supplied nonce, echoed\n * verbatim in `TAI-Nonce`\n * @returns the byte sequence verifiers reconstruct\n * from the response and pass to their public-key\n * verify routine. The framing is the\n * domain-separation tag (`taistamp-v1` plus a\n * trailing NUL byte), then the label bytes, then\n * the leap-seconds count as a 4-byte big-endian\n * unsigned integer, then a 1-byte selector length,\n * then the selector bytes, then the nonce bytes.\n *\n * @remarks\n * Binding the selector into the signed payload stops a\n * downgrade attacker from rewriting `TAI-Key-Selector`\n * to point at a compromised or weaker key — the\n * signature would no longer verify under that key.\n * `leapSeconds` is encoded as a 4-byte big-endian\n * unsigned integer; the selector is length-prefixed by\n * a single byte (selectors are ≤ 63 chars per\n * {@link newTaistampHandler}'s validation).\n */\nexport const taistampSignedPayload = (\n label: string,\n leapSeconds: number,\n selector: string,\n nonce: string,\n): ArrayBuffer => {\n const labelBytes = textEncoder.encode(label);\n const selectorBytes = textEncoder.encode(selector);\n const nonceBytes = textEncoder.encode(nonce);\n\n const buffer = new ArrayBuffer(\n DOMAIN_SEPARATOR.length +\n labelBytes.length +\n 4 +\n 1 +\n selectorBytes.length +\n nonceBytes.length,\n );\n const view = new Uint8Array(buffer);\n\n let offset = 0;\n view.set(DOMAIN_SEPARATOR, offset);\n offset += DOMAIN_SEPARATOR.length;\n view.set(labelBytes, offset);\n offset += labelBytes.length;\n new DataView(buffer).setUint32(offset, leapSeconds, false);\n offset += 4;\n view[offset] = selectorBytes.length;\n offset += 1;\n view.set(selectorBytes, offset);\n offset += selectorBytes.length;\n view.set(nonceBytes, offset);\n\n return buffer;\n};\n\n/**\n * Configuration for {@link newTaistampHandler}.\n *\n * @remarks\n * `signer` and `selector` are co-required: pass both\n * to enable authenticated responses, or neither for\n * an unsigned handler. Passing only one is rejected\n * at construction time — without the selector\n * verifiers cannot find the key in DNS, and a\n * selector without a signer is a misconfiguration.\n */\nexport interface TaistampHandlerConfig {\n /**\n * Key selector advertised in the `TAI-Key-Selector`\n * response header and bound into the signed payload.\n * Verifiers look up the public key at\n * `<selector>._taistamp.<host>` in DNS.\n *\n * Must match `[A-Za-z][A-Za-z0-9_-]{0,62}` (a single\n * DNS label starting with a letter, using\n * DKIM-compatible characters and a valid sf-token);\n * rotate by changing the selector and publishing a\n * new TXT record.\n */\n selector?: string\n\n /**\n * {@link Signer} that produces `TAI-Signature` over\n * the framed payload from {@link taistampSignedPayload}.\n * Without a signer the nonce is still echoed but the\n * response is unsigned.\n */\n signer?: Signer\n}\n\n/**\n * Build a handler for `/.well-known/taistamp`.\n *\n * @param config - optional {@link TaistampHandlerConfig}\n * @returns an `async (request) => Response` callable\n * directly as a Web `fetch` handler or as a Hono\n * route handler.\n *\n * @throws TypeError if `signer` and `selector` are not\n * both set or both unset, or if `selector` does not\n * match `[A-Za-z][A-Za-z0-9_-]{0,62}`.\n *\n * @remarks\n * Behaviour:\n *\n * - `GET` / `HEAD` — body is a fresh 25-byte TAI64N\n * label (`HEAD` omits the body). Response headers:\n * Content-Type `application/tai64n`, Content-Length\n * `25`, Cache-Control `no-store`, plus\n * `TAI-Leap-Seconds` carrying the current count.\n * - Any other method — `405 Method Not Allowed` with\n * `Allow: GET, HEAD`.\n * - Request with more than one `TAI-Nonce` header —\n * `400 Bad Request`. Stricter than the spec's\n * \"treat as absent\" rule: a duplicated singleton\n * field is malformed input, so we refuse rather\n * than silently down-ranking it to unsigned.\n * - Request `TAI-Nonce` — the value is echoed verbatim\n * in the response.\n * - Request `TAI-Nonce` *and* `signer` configured *and*\n * the request method is `GET` *and* the nonce field\n * value is between 14 and 174 octets — adds\n * `TAI-Key-Selector` and `TAI-Signature` (sf-binary)\n * over the bytes produced by\n * {@link taistampSignedPayload}. The\n * domain-separation tag means the same key cannot\n * be tricked into producing valid signatures for\n * other protocols. `HEAD` and `405` responses are\n * never signed.\n *\n * The corresponding public key is expected to be\n * published out-of-band as a DNS TXT record at\n * `<selector>._taistamp.<host>` — verifiers fetch the\n * key by selector so the operator can rotate keys by\n * publishing a new selector while the old one is\n * still cached.\n *\n * @see {@link https://cr.yp.to/libtai/tai64.html} for\n * TAI64N format\n */\nexport const newTaistampHandler = (\n config: TaistampHandlerConfig = {},\n): ((request: Request) => Promise<Response>) => {\n const { selector, signer } = config;\n\n if ((signer === undefined) !== (selector === undefined)) {\n throw new TypeError(\n 'newTaistampHandler: signer and selector must be set together',\n );\n }\n if (selector !== undefined && !SELECTOR_PATTERN.test(selector)) {\n throw new TypeError(\n `newTaistampHandler: selector must match ${SELECTOR_PATTERN.source}`,\n );\n }\n\n return async (request) => {\n if (request.method !== 'GET' && request.method !== 'HEAD') {\n return new Response(undefined, {\n status: 405,\n headers: { allow: 'GET, HEAD' },\n });\n }\n\n const nonce = request.headers.get(TAI64N_HEADER_NONCE);\n\n // `TAI-Nonce` is a singleton sf-binary; a valid value\n // contains no `,` of its own, so a comma in the joined\n // header value means the client sent the field more\n // than once.\n if (nonce !== null && nonce.includes(',')) {\n return new Response(undefined, { status: 400 });\n }\n\n const label = tai64nLabel();\n\n const headers = new Headers({\n 'cache-control': 'no-store',\n 'content-length': String(TAI64N_CONTENT_LENGTH),\n 'content-type': TAI64N_CONTENT_TYPE,\n [TAI64N_HEADER_LEAP_SECONDS]: String(TAI_OFFSET),\n });\n\n if (nonce !== null) {\n headers.set(TAI64N_HEADER_NONCE, nonce);\n\n const nonceLength = textEncoder.encode(nonce).length;\n const inRange =\n nonceLength >= NONCE_MIN_OCTETS && nonceLength <= NONCE_MAX_OCTETS;\n\n if (\n request.method === 'GET' &&\n signer !== undefined &&\n selector !== undefined &&\n inRange\n ) {\n const message = taistampSignedPayload(\n label,\n TAI_OFFSET,\n selector,\n nonce,\n );\n const signature = await signer.sign(message);\n headers.set(TAI64N_HEADER_KEY_SELECTOR, selector);\n headers.set(\n TAI64N_HEADER_SIGNATURE,\n encodeStructuredBinary(signature),\n );\n }\n }\n\n const body = request.method === 'HEAD' ? undefined : label;\n return new Response(body, { status: 200, headers });\n };\n};\n","/**\n * Generic signer abstraction over a private key.\n *\n * @remarks\n * The handler doesn't care which algorithm or key\n * store produced the signature, only that signing\n * succeeded. Pluggable so consumers can wire in\n * HSM-backed, KMS-backed, or in-process WebCrypto\n * signers without touching the handler. Verifiers\n * must agree on the algorithm and the public key\n * out-of-band — typically by pinning the public key\n * to a DNS TXT record.\n */\nexport interface Signer {\n /**\n * Produce a signature over `message`.\n *\n * @param message - bytes to sign; the caller is\n * responsible for any framing or domain separation.\n * Typed as {@link BufferSource} to match WebCrypto's\n * own input shape — any `ArrayBuffer` or typed-array\n * view is accepted.\n * @returns the raw signature bytes (algorithm-defined\n * length and encoding) as an `ArrayBuffer`, matching\n * WebCrypto's native output shape\n */\n sign: (message: BufferSource) => Promise<ArrayBuffer>\n}\n\n/**\n * Build a {@link Signer} backed by a WebCrypto Ed25519\n * private `CryptoKey`.\n *\n * @param key - Ed25519 private key with `'sign'` in\n * `key.usages`. The algorithm `name` must be\n * `'Ed25519'`.\n * @returns a {@link Signer} producing 64-byte raw\n * Ed25519 signatures (R ‖ s, RFC 8032)\n *\n * @see {@link https://datatracker.ietf.org/doc/html/rfc8032}\n */\nexport const newEd25519Signer = (key: CryptoKey): Signer => ({\n sign: async (message) => crypto.subtle.sign('Ed25519', key, message),\n});\n","import pkg from '../package.json' with { type: 'json' };\n\n/** Package version from package.json. */\nexport const VERSION: string = pkg.version;\n\nexport * from './const';\nexport {\n newTaistampHandler,\n type TaistampHandlerConfig,\n taistampSignedPayload,\n} from './handler';\nexport {\n newEd25519Signer,\n type Signer,\n} from './signer';\nexport {\n fromUTC,\n now,\n tai64nLabel,\n tai64nLabelFromUTC,\n} from './utils';\n"],"names":[],"mappings":";;;;AAAO,MAAM,UAAA,GAAqB;AAE3B,MAAM,WAAA,GAAc;AAEpB,MAAM,mBAAA,GAAsB;AAC5B,MAAM,qBAAA,GAAwB,IAAI,EAAA,GAAK;AAEvC,MAAM,0BAAA,GAA6B;AACnC,MAAM,0BAAA,GAA6B;AACnC,MAAM,mBAAA,GAAsB;AAC5B,MAAM,uBAAA,GAA0B;AAEhC,MAAM,cAAA,GAAiB;;ACHvB,MAAM,OAAA,GAAU,CAAC,GAAA,KAA2B;AAEjD,EAAA,MAAM,GAAA,GAAM,IAAA,CAAK,KAAA,CAAM,GAAA,GAAM,GAAI,CAAA,GAAI,UAAA;AACrC,EAAA,MAAM,IAAA,GAAQ,MAAM,GAAA,GAAQ,GAAA;AAC5B,EAAA,OAAO,EAAE,GAAA,EAAK,IAAA,EAAM,MAAA,EAAQ,UAAA,EAAW;AACzC;AAEO,MAAM,MAAM,MAAiB;AAClC,EAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,EAAA,OAAO,QAAQ,GAAG,CAAA;AACpB;AAEO,MAAM,WAAA,GAAc,CAAC,KAAA,KAA8B;AACxD,EAAA,MAAM,EAAE,GAAA,EAAK,IAAA,EAAK,GAAI,SAAS,GAAA,EAAI;AAEnC,EAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,KAAA,CAAM,GAAA,GAAM,QAAQ,CAAA,GAAI,cAAA;AAC3C,EAAA,MAAM,QAAQ,GAAA,GAAM,QAAA;AAEpB,EAAA,MAAM,WAAW,KAAA,CAAM,QAAA,CAAS,EAAE,CAAA,CAAE,QAAA,CAAS,GAAG,GAAG,CAAA;AACnD,EAAA,MAAM,WAAW,KAAA,CAAM,QAAA,CAAS,EAAE,CAAA,CAAE,QAAA,CAAS,GAAG,GAAG,CAAA;AACnD,EAAA,MAAM,UAAU,IAAA,CAAK,QAAA,CAAS,EAAE,CAAA,CAAE,QAAA,CAAS,GAAG,GAAG,CAAA;AAEjD,EAAA,OAAO,CAAA,CAAA,EAAI,QAAQ,CAAA,EAAG,QAAQ,GAAG,OAAO,CAAA,CAAA;AAC1C;AAEO,MAAM,qBAAqB,CAAC,GAAA,KAAwB,WAAA,CAAY,OAAA,CAAQ,GAAG,CAAC;AAEnF,MAAM,QAAA,GAAW,UAAA;;ACxBjB,MAAM,gBAAA,GAAmB,8BAAA;AAEzB,MAAM,gBAAA,GAAmB,EAAA;AACzB,MAAM,gBAAA,GAAmB,GAAA;AAEzB,MAAM,WAAA,GAAc,IAAI,WAAA,EAAY;AASpC,MAAM,gBAAA,GAAmB,WAAA,CAAY,MAAA,CAAO,eAAe,CAAA;AAE3D,MAAM,OAAA,GAAU,CAAC,MAAA,KAAqC;AACpD,EAAA,IAAI,kBAAkB,UAAA,EAAY;AAChC,IAAA,OAAO,MAAA;AAAA,EACT;AACA,EAAA,IAAI,WAAA,CAAY,MAAA,CAAO,MAAM,CAAA,EAAG;AAC9B,IAAA,OAAO,IAAI,UAAA;AAAA,MACT,MAAA,CAAO,MAAA;AAAA,MACP,MAAA,CAAO,UAAA;AAAA,MACP,MAAA,CAAO;AAAA,KACT;AAAA,EACF;AACA,EAAA,OAAO,IAAI,WAAW,MAAM,CAAA;AAC9B,CAAA;AASA,MAAM,sBAAA,GAAyB,CAAC,MAAA,KAAiC;AAG/D,EAAA,MAAM,KAAA,GAAQ,QAAQ,MAAM,CAAA;AAC5B,EAAA,MAAM,WAAW,IAAA,CAAK,MAAA,CAAO,aAAA,CAAc,GAAG,KAAK,CAAC,CAAA;AACpD,EAAA,OAAO,IAAI,QAAQ,CAAA,CAAA,CAAA;AACrB,CAAA;AAkCO,MAAM,qBAAA,GAAwB,CACnC,KAAA,EACA,WAAA,EACA,UACA,KAAA,KACgB;AAChB,EAAA,MAAM,UAAA,GAAa,WAAA,CAAY,MAAA,CAAO,KAAK,CAAA;AAC3C,EAAA,MAAM,aAAA,GAAgB,WAAA,CAAY,MAAA,CAAO,QAAQ,CAAA;AACjD,EAAA,MAAM,UAAA,GAAa,WAAA,CAAY,MAAA,CAAO,KAAK,CAAA;AAE3C,EAAA,MAAM,SAAS,IAAI,WAAA;AAAA,IACjB,gBAAA,CAAiB,SACjB,UAAA,CAAW,MAAA,GACX,IACA,CAAA,GACA,aAAA,CAAc,SACd,UAAA,CAAW;AAAA,GACb;AACA,EAAA,MAAM,IAAA,GAAO,IAAI,UAAA,CAAW,MAAM,CAAA;AAElC,EAAA,IAAI,MAAA,GAAS,CAAA;AACb,EAAA,IAAA,CAAK,GAAA,CAAI,kBAAkB,MAAM,CAAA;AACjC,EAAA,MAAA,IAAU,gBAAA,CAAiB,MAAA;AAC3B,EAAA,IAAA,CAAK,GAAA,CAAI,YAAY,MAAM,CAAA;AAC3B,EAAA,MAAA,IAAU,UAAA,CAAW,MAAA;AACrB,EAAA,IAAI,SAAS,MAAM,CAAA,CAAE,SAAA,CAAU,MAAA,EAAQ,aAAa,KAAK,CAAA;AACzD,EAAA,MAAA,IAAU,CAAA;AACV,EAAA,IAAA,CAAK,MAAM,IAAI,aAAA,CAAc,MAAA;AAC7B,EAAA,MAAA,IAAU,CAAA;AACV,EAAA,IAAA,CAAK,GAAA,CAAI,eAAe,MAAM,CAAA;AAC9B,EAAA,MAAA,IAAU,aAAA,CAAc,MAAA;AACxB,EAAA,IAAA,CAAK,GAAA,CAAI,YAAY,MAAM,CAAA;AAE3B,EAAA,OAAO,MAAA;AACT;AAuFO,MAAM,kBAAA,GAAqB,CAChC,MAAA,GAAgC,EAAC,KACa;AAC9C,EAAA,MAAM,EAAE,QAAA,EAAU,MAAA,EAAO,GAAI,MAAA;AAE7B,EAAA,IAAK,MAAA,KAAW,MAAA,MAAgB,QAAA,KAAa,MAAA,CAAA,EAAY;AACvD,IAAA,MAAM,IAAI,SAAA;AAAA,MACR;AAAA,KACF;AAAA,EACF;AACA,EAAA,IAAI,aAAa,MAAA,IAAa,CAAC,gBAAA,CAAiB,IAAA,CAAK,QAAQ,CAAA,EAAG;AAC9D,IAAA,MAAM,IAAI,SAAA;AAAA,MACR,CAAA,wCAAA,EAA2C,iBAAiB,MAAM,CAAA;AAAA,KACpE;AAAA,EACF;AAEA,EAAA,OAAO,OAAO,OAAA,KAAY;AACxB,IAAA,IAAI,OAAA,CAAQ,MAAA,KAAW,KAAA,IAAS,OAAA,CAAQ,WAAW,MAAA,EAAQ;AACzD,MAAA,OAAO,IAAI,SAAS,MAAA,EAAW;AAAA,QAC7B,MAAA,EAAQ,GAAA;AAAA,QACR,OAAA,EAAS,EAAE,KAAA,EAAO,WAAA;AAAY,OAC/B,CAAA;AAAA,IACH;AAEA,IAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,mBAAmB,CAAA;AAMrD,IAAA,IAAI,KAAA,KAAU,IAAA,IAAQ,KAAA,CAAM,QAAA,CAAS,GAAG,CAAA,EAAG;AACzC,MAAA,OAAO,IAAI,QAAA,CAAS,MAAA,EAAW,EAAE,MAAA,EAAQ,KAAK,CAAA;AAAA,IAChD;AAEA,IAAA,MAAM,QAAQ,WAAA,EAAY;AAE1B,IAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ;AAAA,MAC1B,eAAA,EAAiB,UAAA;AAAA,MACjB,gBAAA,EAAkB,OAAO,qBAAqB,CAAA;AAAA,MAC9C,cAAA,EAAgB,mBAAA;AAAA,MAChB,CAAC,0BAA0B,GAAG,MAAA,CAAO,UAAU;AAAA,KAChD,CAAA;AAED,IAAA,IAAI,UAAU,IAAA,EAAM;AAClB,MAAA,OAAA,CAAQ,GAAA,CAAI,qBAAqB,KAAK,CAAA;AAEtC,MAAA,MAAM,WAAA,GAAc,WAAA,CAAY,MAAA,CAAO,KAAK,CAAA,CAAE,MAAA;AAC9C,MAAA,MAAM,OAAA,GACJ,WAAA,IAAe,gBAAA,IAAoB,WAAA,IAAe,gBAAA;AAEpD,MAAA,IACE,QAAQ,MAAA,KAAW,KAAA,IACnB,WAAW,MAAA,IACX,QAAA,KAAa,UACb,OAAA,EACA;AACA,QAAA,MAAM,OAAA,GAAU,qBAAA;AAAA,UACd,KAAA;AAAA,UACA,UAAA;AAAA,UACA,QAAA;AAAA,UACA;AAAA,SACF;AACA,QAAA,MAAM,SAAA,GAAY,MAAM,MAAA,CAAO,IAAA,CAAK,OAAO,CAAA;AAC3C,QAAA,OAAA,CAAQ,GAAA,CAAI,4BAA4B,QAAQ,CAAA;AAChD,QAAA,OAAA,CAAQ,GAAA;AAAA,UACN,uBAAA;AAAA,UACA,uBAAuB,SAAS;AAAA,SAClC;AAAA,MACF;AAAA,IACF;AAEA,IAAA,MAAM,IAAA,GAAO,OAAA,CAAQ,MAAA,KAAW,MAAA,GAAS,MAAA,GAAY,KAAA;AACrD,IAAA,OAAO,IAAI,QAAA,CAAS,IAAA,EAAM,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,EACpD,CAAA;AACF;;ACnPO,MAAM,gBAAA,GAAmB,CAAC,GAAA,MAA4B;AAAA,EAC3D,IAAA,EAAM,OAAO,OAAA,KAAY,MAAA,CAAO,OAAO,IAAA,CAAK,SAAA,EAAW,KAAK,OAAO;AACrE,CAAA;;ACxCO,MAAM,UAAkB,GAAA,CAAI;;;;"}
1
+ {"version":3,"file":"index.mjs","sources":["../src/const.ts","../src/cors.ts","../src/leap-seconds.ts","../src/nonce.ts","../src/utils.ts","../src/handler.ts","../src/index.ts"],"sourcesContent":["export const TAI64N_PATH = '/.well-known/taistamp';\n\nexport const TAI64N_CONTENT_TYPE = 'application/tai64n';\nexport const TAI64N_CONTENT_LENGTH = 1 + 16 + 8; // '@' + sec (16 hex chars) + nano (8 hex chars)\n\nexport const TAI64N_HEADER_KEY_SELECTOR = 'TAI-Key-Selector';\nexport const TAI64N_HEADER_LEAP_SECONDS = 'TAI-Leap-Seconds';\nexport const TAI64N_HEADER_NONCE = 'TAI-Nonce';\nexport const TAI64N_HEADER_SIGNATURE = 'TAI-Signature';\n\nexport const TAI64_EPOCH_HI = 0x40_00_00_00;\n","import {\n TAI64N_HEADER_KEY_SELECTOR,\n TAI64N_HEADER_LEAP_SECONDS,\n TAI64N_HEADER_NONCE,\n TAI64N_HEADER_SIGNATURE,\n} from './const';\n\n// `Access-Control-Allow-Methods` (Fetch) is the list\n// of methods JS would ever preflight, so `OPTIONS` is\n// omitted. This is intentionally narrower than the\n// `Allow` header (RFC 9110 §9.3.7 method discovery,\n// `GET, HEAD, OPTIONS`) the handler itself emits.\nconst CORS_ALLOW_METHODS = 'GET, HEAD';\nconst CORS_ALLOW_HEADERS = TAI64N_HEADER_NONCE;\nconst CORS_EXPOSE_HEADERS = [\n TAI64N_HEADER_LEAP_SECONDS,\n TAI64N_HEADER_NONCE,\n TAI64N_HEADER_KEY_SELECTOR,\n TAI64N_HEADER_SIGNATURE,\n].join(', ');\n// Spec §4.2 SHOULDs at least 600s; 10 minutes is the\n// floor the spec example uses and keeps high-traffic\n// cross-origin clients off a pre-flight per fetch.\nconst CORS_MAX_AGE = '600';\n\n/**\n * The three CORS header maps the handler splices into\n * responses, keyed by response kind.\n *\n * - `preflight` — added to `OPTIONS 200` replies.\n * - `response` — added to successful `GET` / `HEAD`\n * replies; carries `Access-Control-Expose-Headers`\n * so browser JS can read the `TAI-*` headers.\n * - `error` — added to `405` replies; just the origin\n * header (and `Vary` when scoped).\n */\nexport type CORSHeaderSets = {\n error: Record<string, string>\n preflight: Record<string, string>\n response: Record<string, string>\n};\n\n/**\n * Pre-bake the three CORS header maps the handler\n * splices into responses, keyed by response kind.\n * `cors === false` collapses every map to `{}` so the\n * spread is a no-op; missing or empty input falls back\n * to `'*'`; `cors === '*'` skips `Vary: Origin` (a\n * wildcard does not vary by origin); a scoped origin\n * adds `Vary: Origin` so caches can keep per-origin\n * variants distinct.\n */\nexport const buildCORSHeaders = (\n cors: false | string | undefined,\n): CORSHeaderSets => {\n if (cors === false) {\n return { error: {}, preflight: {}, response: {} };\n }\n const origin = cors || '*';\n const vary: Record<string, string> =\n origin === '*' ? {} : { vary: 'Origin' };\n return {\n error: {\n 'access-control-allow-origin': origin,\n ...vary,\n },\n preflight: {\n 'access-control-allow-origin': origin,\n 'access-control-allow-methods': CORS_ALLOW_METHODS,\n 'access-control-allow-headers': CORS_ALLOW_HEADERS,\n 'access-control-expose-headers': CORS_EXPOSE_HEADERS,\n 'access-control-max-age': CORS_MAX_AGE,\n ...vary,\n },\n response: {\n 'access-control-allow-origin': origin,\n 'access-control-expose-headers': CORS_EXPOSE_HEADERS,\n ...vary,\n },\n };\n};\n","// cspell:words IERS\n\nimport { TAI64N_HEADER_LEAP_SECONDS } from './const';\n\n/**\n * Upper bound for `leapSeconds` in the taistamp signed\n * payload. The framing encodes the value as a 4-byte\n * big-endian unsigned integer, so any input outside\n * `[0, 2^32-1]` cannot be represented. Verifiers MUST\n * treat an out-of-range `TAI-Leap-Seconds` response\n * header as unsigned, per spec §5.1.\n */\nexport const TAI_LEAP_SECONDS_MAX = 0xFF_FF_FF_FF;\n\ndeclare const LeapSecondsBrand: unique symbol;\n\n/**\n * `number` that has been confirmed to fit the\n * `[0, TAI_LEAP_SECONDS_MAX]` u32be range required by\n * the taistamp signed-payload framing. Construct only\n * via {@link extractLeapSeconds} or {@link asLeapSeconds};\n * the brand prevents an arbitrary number from reaching\n * the signing path.\n */\nexport type LeapSeconds = number & { readonly [LeapSecondsBrand]: never };\n\n/**\n * Coerce a `number` to a {@link LeapSeconds}. Returns\n * `undefined` when `value` is non-integer, negative,\n * or exceeds {@link TAI_LEAP_SECONDS_MAX}.\n */\nexport const asLeapSeconds = (\n value: number,\n): LeapSeconds | undefined => {\n if (\n !Number.isInteger(value) ||\n value < 0 ||\n value > TAI_LEAP_SECONDS_MAX\n ) return undefined;\n return value as LeapSeconds;\n};\n\n/**\n * Current TAI − UTC offset in whole seconds, used by\n * `fromUTC()` and emitted in the `TAI-Leap-Seconds`\n * response header. The value 37 has been in force\n * since 2017-01-01; update on the next IERS leap-second\n * announcement.\n *\n * @remarks\n * Stays a single `LeapSeconds` until a leap-seconds\n * table is added so the offset can be computed for any\n * TAI second; this constant becomes redundant then.\n */\nexport const TAI_LEAP_SECONDS: LeapSeconds = 37 as LeapSeconds;\n\n/**\n * Strict decimal integer: a single `0` or a non-zero\n * leading digit followed by digits. Rejects hex\n * (`0x25`), float-style integers (`37.0`), signs,\n * whitespace, exponential notation, and leading zeros\n * — every input `Number()` would silently coerce to\n * an integer despite not being a canonical decimal.\n */\nconst DECIMAL_INTEGER = /^(?:0|[1-9]\\d*)$/;\n\n/**\n * Extract a usable leap-seconds count from response\n * headers. Returns `undefined` when the\n * `TAI-Leap-Seconds` field is missing, empty,\n * non-numeric, non-integer, negative, or out-of-range\n * — every \"treat as unsigned\" case in spec §5.1\n * collapsed into one verdict.\n */\nexport const extractLeapSeconds = (\n headers: Headers,\n): LeapSeconds | undefined => {\n const raw = headers.get(TAI64N_HEADER_LEAP_SECONDS);\n if (!raw || !DECIMAL_INTEGER.test(raw)) return undefined;\n return asLeapSeconds(Number(raw));\n};\n","import { TAI64N_HEADER_NONCE } from './const';\n\n/**\n * Lower bound on `TAI-Nonce` field-value octets. A\n * field shorter than this is treated as absent (spec\n * §5.2). sf-binary is ASCII-only — the string length\n * equals the octet count.\n */\nexport const NONCE_MIN_OCTETS = 14;\n\n/**\n * Upper bound on `TAI-Nonce` field-value octets. A\n * field longer than this is treated as absent (spec\n * §5.2).\n */\nexport const NONCE_MAX_OCTETS = 174;\n\n/**\n * sf-binary item per RFC 9651 §3.3.5: standard base64\n * with `=` padding, wrapped in a leading and trailing\n * colon. The empty payload (`::`) is excluded — a\n * zero-length nonce is treated as absent per spec\n * §5.2. The alphabet contains no `,`, so a duplicated\n * field (joined by the Web `Headers` API with `,`)\n * fails the same check.\n */\nconst SF_BINARY_PATTERN =\n /^:(?:[\\d+/A-Za-z]{4})*(?:[\\d+/A-Za-z]{4}|[\\d+/A-Za-z]{3}=|[\\d+/A-Za-z]{2}==):$/;\n\ndeclare const NonceBrand: unique symbol;\n\n/**\n * `string` that has been confirmed to satisfy the\n * sf-binary syntax of RFC 9651 §3.3.5 and the\n * `[NONCE_MIN_OCTETS, NONCE_MAX_OCTETS]` length range\n * required by spec §5.2. Construct only via\n * {@link asNonce} or {@link extractNonce}; the brand\n * prevents arbitrary strings from reaching the\n * signing path.\n */\nexport type Nonce = string & { readonly [NonceBrand]: never };\n\n/**\n * Brand `value` as a {@link Nonce} when it satisfies\n * sf-binary syntax (RFC 9651 §3.3.5) and falls inside\n * `[NONCE_MIN_OCTETS, NONCE_MAX_OCTETS]`. Returns\n * `undefined` for anything else — every \"treat as\n * absent\" case in spec §5.2 collapsed into one\n * verdict.\n */\nexport const asNonce = (value: string): Nonce | undefined => {\n if (\n !value ||\n value.length < NONCE_MIN_OCTETS ||\n value.length > NONCE_MAX_OCTETS ||\n !SF_BINARY_PATTERN.test(value)\n ) return undefined;\n return value as Nonce;\n};\n\n/**\n * Extract a usable `TAI-Nonce` from request headers.\n * Returns `undefined` when the field is missing or\n * fails {@link asNonce} validation.\n */\nexport const extractNonce = (headers: Headers): Nonce | undefined => {\n const value = headers.get(TAI64N_HEADER_NONCE);\n return value === null ? undefined : asNonce(value);\n};\n","import { TAI64_EPOCH_HI } from './const';\nimport { TAI_LEAP_SECONDS } from './leap-seconds';\n\ntype timestamp = {\n nano: number\n sec: number\n\n offset?: number\n};\n\nexport const fromUTC = (utc: number): timestamp => {\n // TODO: leap seconds table\n const sec = Math.floor(utc / 1000) + TAI_LEAP_SECONDS;\n const nano = (utc % 1000) * 1e6;\n return { sec, nano, offset: TAI_LEAP_SECONDS };\n};\n\nexport const now = (): timestamp => {\n const utc = Date.now();\n return fromUTC(utc);\n};\n\nexport const tai64nLabel = (value?: timestamp): string => {\n const { sec, nano } = value ?? now();\n\n const secHi = Math.trunc(sec / u32Range) + TAI64_EPOCH_HI;\n const secLo = sec % u32Range;\n\n const secHiHex = secHi.toString(16).padStart(8, '0');\n const secLoHex = secLo.toString(16).padStart(8, '0');\n const nanoHex = nano.toString(16).padStart(8, '0');\n\n return `@${secHiHex}${secLoHex}${nanoHex}`;\n};\n\nexport const tai64nLabelFromUTC = (utc: number): string => tai64nLabel(fromUTC(utc));\n\nconst u32Range = 0x1_00_00_00_00;\n","import { assertValidSelector, type Signer } from '@kagal/ed25519-secret';\n\nimport {\n TAI64N_CONTENT_LENGTH,\n TAI64N_CONTENT_TYPE,\n TAI64N_HEADER_KEY_SELECTOR,\n TAI64N_HEADER_LEAP_SECONDS,\n TAI64N_HEADER_NONCE,\n TAI64N_HEADER_SIGNATURE,\n} from './const';\nimport { buildCORSHeaders } from './cors';\nimport { type LeapSeconds, TAI_LEAP_SECONDS } from './leap-seconds';\nimport { extractNonce, type Nonce } from './nonce';\nimport { tai64nLabel } from './utils';\n\nconst ALLOW_HEADER = 'GET, HEAD, OPTIONS';\n\nconst textEncoder = new TextEncoder();\n\n/**\n * Domain-separation tag prepended to every signed\n * payload. Versioned so a v2 protocol can use the same\n * key without colliding with v1 signatures, and\n * NUL-terminated so the boundary between tag and\n * label is unambiguous.\n */\nconst DOMAIN_SEPARATOR = textEncoder.encode('taistamp-v1\\0');\n\nconst asBytes = (source: BufferSource): Uint8Array => {\n if (source instanceof Uint8Array) {\n return source;\n }\n if (ArrayBuffer.isView(source)) {\n return new Uint8Array(\n source.buffer,\n source.byteOffset,\n source.byteLength,\n );\n }\n return new Uint8Array(source);\n};\n\n/**\n * Encode `source` as a Structured Field Value sf-binary\n * item per [RFC 9651 §3.3.5]: standard base64 with `=`\n * padding, wrapped in a leading and trailing colon.\n *\n * @see {@link https://www.rfc-editor.org/rfc/rfc9651#name-byte-sequences}\n */\nconst encodeStructuredBinary = (source: BufferSource): string => {\n // Spread is safe for the 64-byte signatures handled\n // here; revisit if larger payloads ever land.\n const bytes = asBytes(source);\n const standard = btoa(String.fromCodePoint(...bytes));\n return `:${standard}:`;\n};\n\n/**\n * Compose the byte sequence covered by a TAI-Signature.\n *\n * @param label - the 25-byte TAI64N label string the\n * server is returning\n * @param leapSeconds - the leap-seconds count the server\n * advertises in `TAI-Leap-Seconds`\n * @param selector - the key selector the server\n * advertises in `TAI-Key-Selector`; verifiers use\n * this to look up the public key in DNS at\n * `<selector>._taistamp.<host>`\n * @param nonce - the client-supplied nonce, echoed\n * verbatim in `TAI-Nonce`; brand a verifier-side\n * string with {@link asNonce} before passing it in\n * @returns the byte sequence verifiers reconstruct\n * from the response and pass to their public-key\n * verify routine. The framing is the\n * domain-separation tag (`taistamp-v1` plus a\n * trailing NUL byte), then the label bytes, then\n * the leap-seconds count as a 4-byte big-endian\n * unsigned integer, then a 1-byte selector length,\n * then the selector bytes, then the nonce bytes.\n *\n * @remarks\n * Binding the selector into the signed payload stops a\n * downgrade attacker from rewriting `TAI-Key-Selector`\n * to point at a compromised or weaker key — the\n * signature would no longer verify under that key.\n * `leapSeconds` is encoded as a 4-byte big-endian\n * unsigned integer; the selector is length-prefixed by\n * a single byte (selectors are ≤ 63 chars per\n * {@link newTaistampHandler}'s validation).\n */\nexport const composeSignaturePayload = (\n label: string,\n leapSeconds: LeapSeconds,\n selector: string,\n nonce: Nonce,\n): ArrayBuffer => {\n const labelBytes = textEncoder.encode(label);\n const selectorBytes = textEncoder.encode(selector);\n const nonceBytes = textEncoder.encode(nonce);\n\n const buffer = new ArrayBuffer(\n DOMAIN_SEPARATOR.length +\n labelBytes.length +\n 4 +\n 1 +\n selectorBytes.length +\n nonceBytes.length,\n );\n const view = new Uint8Array(buffer);\n\n let offset = 0;\n view.set(DOMAIN_SEPARATOR, offset);\n offset += DOMAIN_SEPARATOR.length;\n view.set(labelBytes, offset);\n offset += labelBytes.length;\n new DataView(buffer).setUint32(offset, leapSeconds, false);\n offset += 4;\n view[offset] = selectorBytes.length;\n offset += 1;\n view.set(selectorBytes, offset);\n offset += selectorBytes.length;\n view.set(nonceBytes, offset);\n\n return buffer;\n};\n\n/**\n * Configuration for {@link newTaistampHandler}.\n *\n * @remarks\n * `signer` and `selector` are co-required: pass both\n * to enable authenticated responses, or neither for\n * an unsigned handler. Passing only one is rejected\n * at construction time — without the selector\n * verifiers cannot find the key in DNS, and a\n * selector without a signer is a misconfiguration.\n */\nexport interface TaistampHandlerConfig {\n /**\n * Key selector advertised in the `TAI-Key-Selector`\n * response header and bound into the signed payload.\n * Verifiers look up the public key at\n * `<selector>._taistamp.<host>` in DNS.\n *\n * Must match `[A-Za-z][A-Za-z0-9_-]{0,62}` (a single\n * DNS label starting with a letter, using\n * DKIM-compatible characters and a valid sf-token);\n * rotate by changing the selector and publishing a\n * new TXT record.\n */\n selector?: string\n\n /**\n * {@link Signer} that produces `TAI-Signature` over\n * the framed payload from {@link composeSignaturePayload}.\n * Without a signer the nonce is still echoed but the\n * response is unsigned.\n */\n signer?: Signer\n\n /**\n * CORS origin policy. Defaults to `'*'`; pass `false`\n * to disable CORS entirely, or a specific origin\n * (e.g. `'https://example.com'`) to scope the policy.\n *\n * Every response (`GET` / `HEAD` / `OPTIONS` / `405`)\n * gains `Access-Control-Allow-Origin`; pre-flight\n * `OPTIONS` also carries `-Allow-Methods`,\n * `-Allow-Headers`, `-Expose-Headers`, and\n * `-Max-Age: 600` per spec §4.2; success\n * `GET` / `HEAD` carry `-Expose-Headers` so browser\n * JS can read the `TAI-*` response headers. A\n * non-`'*'` value adds `Vary: Origin` so caches can\n * keep per-origin variants distinct.\n *\n * Disabling CORS does not affect method discovery:\n * `OPTIONS` is still answered with `200` and\n * `Allow: GET, HEAD, OPTIONS` per RFC 9110 §9.3.7.\n */\n cors?: false | string\n}\n\n/**\n * Validate a {@link TaistampHandlerConfig} and return\n * it unchanged when every field is well-formed.\n * Throws `TypeError` otherwise so misconfiguration\n * surfaces at handler construction rather than on the\n * first request.\n *\n * @throws TypeError if `signer` and `selector` are not\n * both set or both unset, or if `selector` does not\n * match `[A-Za-z][A-Za-z0-9_-]{0,62}`.\n */\nconst validateHandlerConfig = (\n config: TaistampHandlerConfig,\n): TaistampHandlerConfig => {\n const { cors, selector, signer } = config;\n\n if ((signer === undefined) !== (selector === undefined)) {\n throw new TypeError(\n 'newTaistampHandler: signer and selector must be set together',\n );\n }\n if (cors !== undefined && cors !== false && typeof cors !== 'string') {\n throw new TypeError(\n 'newTaistampHandler: cors must be false or a string origin',\n );\n }\n if (selector !== undefined) {\n assertValidSelector(selector, 'newTaistampHandler');\n }\n\n return config;\n};\n\n/**\n * Validate a {@link TaistampHandlerConfig} and derive\n * the construction-time state the handler closure\n * captures: the pre-baked CORS header maps and an\n * `addSignature` helper that mutates a response\n * `Headers` to carry `TAI-Key-Selector` and\n * `TAI-Signature` over the framed payload, present\n * only when both `signer` and `selector` are\n * configured. Validation is delegated to\n * {@link validateHandlerConfig}.\n *\n * @throws TypeError per {@link validateHandlerConfig}.\n */\nconst fromHandlerConfig = (config: TaistampHandlerConfig) => {\n const { cors, selector, signer } = validateHandlerConfig(config);\n\n const corsHeaders = buildCORSHeaders(cors);\n\n const addSignature = selector !== undefined && signer !== undefined ?\n async (\n headers: Headers,\n label: string,\n nonce: Nonce,\n ): Promise<void> => {\n const payload = composeSignaturePayload(\n label, TAI_LEAP_SECONDS, selector, nonce,\n );\n const signature = await signer.sign(payload);\n headers.set(TAI64N_HEADER_KEY_SELECTOR, selector);\n headers.set(\n TAI64N_HEADER_SIGNATURE,\n encodeStructuredBinary(signature),\n );\n } :\n undefined;\n\n return { addSignature, corsHeaders };\n};\n\n/**\n * Build a handler for `/.well-known/taistamp`.\n *\n * @param config - optional {@link TaistampHandlerConfig}\n * @returns an `async (request) => Response` callable\n * directly as a Web `fetch` handler or as a Hono\n * route handler.\n *\n * @throws TypeError if `signer` and `selector` are not\n * both set or both unset, or if `selector` does not\n * match `[A-Za-z][A-Za-z0-9_-]{0,62}`.\n *\n * @remarks\n * Behaviour:\n *\n * - `GET` / `HEAD` — body is a fresh 25-byte TAI64N\n * label (`HEAD` omits the body). Response headers:\n * Content-Type `application/tai64n`, Content-Length\n * `25`, Cache-Control `no-store`, plus\n * `TAI-Leap-Seconds` carrying the current count.\n * - `OPTIONS` — `200` with `Allow: GET, HEAD, OPTIONS`.\n * When CORS is enabled (the default) the response\n * also carries `Access-Control-Allow-*` and\n * `-Expose-Headers` per\n * {@link TaistampHandlerConfig.cors}. `OPTIONS` is\n * never signed.\n * - Any other method — `405 Method Not Allowed` with\n * `Allow: GET, HEAD, OPTIONS`.\n * - Request `TAI-Nonce` — on `GET`, the value is echoed\n * verbatim in the response. A missing, empty,\n * duplicated, structurally malformed, or out-of-range\n * (14..174 octets) field is treated as absent (no\n * echo, no signature) per spec §5.2 — see\n * {@link extractNonce}. `HEAD`, `OPTIONS`, and `405`\n * responses never carry `TAI-Nonce` per spec §4.1.\n * - Request `TAI-Nonce` *and* `signer` configured *and*\n * the request method is `GET` — adds\n * `TAI-Key-Selector` and `TAI-Signature` (sf-binary)\n * over the bytes produced by\n * {@link composeSignaturePayload}. The\n * domain-separation tag means the same key cannot\n * be tricked into producing valid signatures for\n * other protocols. `HEAD`, `OPTIONS`, and `405`\n * responses are never signed.\n *\n * The corresponding public key is expected to be\n * published out-of-band as a DNS TXT record at\n * `<selector>._taistamp.<host>` — verifiers fetch the\n * key by selector so the operator can rotate keys by\n * publishing a new selector while the old one is\n * still cached.\n *\n * @see {@link https://cr.yp.to/libtai/tai64.html} for\n * TAI64N format\n */\nexport const newTaistampHandler = (\n config: TaistampHandlerConfig = {},\n): ((request: Request) => Promise<Response>) => {\n const { addSignature, corsHeaders } = fromHandlerConfig(config);\n\n return async (request) => {\n if (request.method === 'OPTIONS') {\n return new Response(undefined, {\n status: 200,\n headers: { allow: ALLOW_HEADER, ...corsHeaders.preflight },\n });\n }\n\n if (request.method !== 'GET' && request.method !== 'HEAD') {\n return new Response(undefined, {\n status: 405,\n headers: { allow: ALLOW_HEADER, ...corsHeaders.error },\n });\n }\n\n const nonce = extractNonce(request.headers);\n const label = tai64nLabel();\n\n const headers = new Headers({\n 'cache-control': 'no-store',\n 'content-length': String(TAI64N_CONTENT_LENGTH),\n 'content-type': TAI64N_CONTENT_TYPE,\n [TAI64N_HEADER_LEAP_SECONDS]: String(TAI_LEAP_SECONDS),\n ...corsHeaders.response,\n });\n\n if (nonce && request.method === 'GET') {\n headers.set(TAI64N_HEADER_NONCE, nonce);\n if (addSignature) {\n await addSignature(headers, label, nonce);\n }\n }\n\n const body = request.method === 'HEAD' ? undefined : label;\n return new Response(body, { status: 200, headers });\n };\n};\n","import pkg from '../package.json' with { type: 'json' };\n\n/** Package version from package.json. */\nexport const VERSION: string = pkg.version;\n\nexport {\n newSigner as newEd25519Signer,\n type Signer,\n} from '@kagal/ed25519-secret';\n\nexport * from './const';\nexport {\n composeSignaturePayload,\n newTaistampHandler,\n type TaistampHandlerConfig,\n} from './handler';\nexport {\n asLeapSeconds,\n extractLeapSeconds,\n type LeapSeconds,\n TAI_LEAP_SECONDS,\n TAI_LEAP_SECONDS_MAX,\n} from './leap-seconds';\nexport {\n asNonce,\n type Nonce,\n} from './nonce';\nexport {\n fromUTC,\n now,\n tai64nLabel,\n tai64nLabelFromUTC,\n} from './utils';\n"],"names":[],"mappings":";;;;;;;AAAO,MAAM,WAAA,GAAc;AAEpB,MAAM,mBAAA,GAAsB;AAC5B,MAAM,qBAAA,GAAwB,IAAI,EAAA,GAAK;AAEvC,MAAM,0BAAA,GAA6B;AACnC,MAAM,0BAAA,GAA6B;AACnC,MAAM,mBAAA,GAAsB;AAC5B,MAAM,uBAAA,GAA0B;AAEhC,MAAM,cAAA,GAAiB;;ACE9B,MAAM,kBAAA,GAAqB,WAAA;AAC3B,MAAM,kBAAA,GAAqB,mBAAA;AAC3B,MAAM,mBAAA,GAAsB;AAAA,EAC1B,0BAAA;AAAA,EACA,mBAAA;AAAA,EACA,0BAAA;AAAA,EACA;AACF,CAAA,CAAE,KAAK,IAAI,CAAA;AAIX,MAAM,YAAA,GAAe,KAAA;AA6Bd,MAAM,gBAAA,GAAmB,CAC9B,IAAA,KACmB;AACnB,EAAA,IAAI,SAAS,KAAA,EAAO;AAClB,IAAA,OAAO,EAAE,OAAO,EAAC,EAAG,WAAW,EAAC,EAAG,QAAA,EAAU,EAAC,EAAE;AAAA,EAClD;AACA,EAAA,MAAM,SAAS,IAAA,IAAQ,GAAA;AACvB,EAAA,MAAM,OACJ,MAAA,KAAW,GAAA,GAAM,EAAC,GAAI,EAAE,MAAM,QAAA,EAAS;AACzC,EAAA,OAAO;AAAA,IACL,KAAA,EAAO;AAAA,MACL,6BAAA,EAA+B,MAAA;AAAA,MAC/B,GAAG;AAAA,KACL;AAAA,IACA,SAAA,EAAW;AAAA,MACT,6BAAA,EAA+B,MAAA;AAAA,MAC/B,8BAAA,EAAgC,kBAAA;AAAA,MAChC,8BAAA,EAAgC,kBAAA;AAAA,MAChC,+BAAA,EAAiC,mBAAA;AAAA,MACjC,wBAAA,EAA0B,YAAA;AAAA,MAC1B,GAAG;AAAA,KACL;AAAA,IACA,QAAA,EAAU;AAAA,MACR,6BAAA,EAA+B,MAAA;AAAA,MAC/B,+BAAA,EAAiC,mBAAA;AAAA,MACjC,GAAG;AAAA;AACL,GACF;AACF,CAAA;;ACpEO,MAAM,oBAAA,GAAuB;AAmB7B,MAAM,aAAA,GAAgB,CAC3B,KAAA,KAC4B;AAC5B,EAAA,IACE,CAAC,OAAO,SAAA,CAAU,KAAK,KACvB,KAAA,GAAQ,CAAA,IACR,KAAA,GAAQ,oBAAA,EACR,OAAO,MAAA;AACT,EAAA,OAAO,KAAA;AACT;AAcO,MAAM,gBAAA,GAAgC;AAU7C,MAAM,eAAA,GAAkB,kBAAA;AAUjB,MAAM,kBAAA,GAAqB,CAChC,OAAA,KAC4B;AAC5B,EAAA,MAAM,GAAA,GAAM,OAAA,CAAQ,GAAA,CAAI,0BAA0B,CAAA;AAClD,EAAA,IAAI,CAAC,GAAA,IAAO,CAAC,gBAAgB,IAAA,CAAK,GAAG,GAAG,OAAO,MAAA;AAC/C,EAAA,OAAO,aAAA,CAAc,MAAA,CAAO,GAAG,CAAC,CAAA;AAClC;;ACxEO,MAAM,gBAAA,GAAmB,EAAA;AAOzB,MAAM,gBAAA,GAAmB,GAAA;AAWhC,MAAM,iBAAA,GACJ,gFAAA;AAuBK,MAAM,OAAA,GAAU,CAAC,KAAA,KAAqC;AAC3D,EAAA,IACE,CAAC,KAAA,IACD,KAAA,CAAM,MAAA,GAAS,gBAAA,IACf,KAAA,CAAM,MAAA,GAAS,gBAAA,IACf,CAAC,iBAAA,CAAkB,IAAA,CAAK,KAAK,GAC7B,OAAO,MAAA;AACT,EAAA,OAAO,KAAA;AACT;AAOO,MAAM,YAAA,GAAe,CAAC,OAAA,KAAwC;AACnE,EAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,GAAA,CAAI,mBAAmB,CAAA;AAC7C,EAAA,OAAO,KAAA,KAAU,IAAA,GAAO,MAAA,GAAY,OAAA,CAAQ,KAAK,CAAA;AACnD,CAAA;;AC1DO,MAAM,OAAA,GAAU,CAAC,GAAA,KAA2B;AAEjD,EAAA,MAAM,GAAA,GAAM,IAAA,CAAK,KAAA,CAAM,GAAA,GAAM,GAAI,CAAA,GAAI,gBAAA;AACrC,EAAA,MAAM,IAAA,GAAQ,MAAM,GAAA,GAAQ,GAAA;AAC5B,EAAA,OAAO,EAAE,GAAA,EAAK,IAAA,EAAM,MAAA,EAAQ,gBAAA,EAAiB;AAC/C;AAEO,MAAM,MAAM,MAAiB;AAClC,EAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,EAAA,OAAO,QAAQ,GAAG,CAAA;AACpB;AAEO,MAAM,WAAA,GAAc,CAAC,KAAA,KAA8B;AACxD,EAAA,MAAM,EAAE,GAAA,EAAK,IAAA,EAAK,GAAI,SAAS,GAAA,EAAI;AAEnC,EAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,KAAA,CAAM,GAAA,GAAM,QAAQ,CAAA,GAAI,cAAA;AAC3C,EAAA,MAAM,QAAQ,GAAA,GAAM,QAAA;AAEpB,EAAA,MAAM,WAAW,KAAA,CAAM,QAAA,CAAS,EAAE,CAAA,CAAE,QAAA,CAAS,GAAG,GAAG,CAAA;AACnD,EAAA,MAAM,WAAW,KAAA,CAAM,QAAA,CAAS,EAAE,CAAA,CAAE,QAAA,CAAS,GAAG,GAAG,CAAA;AACnD,EAAA,MAAM,UAAU,IAAA,CAAK,QAAA,CAAS,EAAE,CAAA,CAAE,QAAA,CAAS,GAAG,GAAG,CAAA;AAEjD,EAAA,OAAO,CAAA,CAAA,EAAI,QAAQ,CAAA,EAAG,QAAQ,GAAG,OAAO,CAAA,CAAA;AAC1C;AAEO,MAAM,qBAAqB,CAAC,GAAA,KAAwB,WAAA,CAAY,OAAA,CAAQ,GAAG,CAAC;AAEnF,MAAM,QAAA,GAAW,UAAA;;ACtBjB,MAAM,YAAA,GAAe,oBAAA;AAErB,MAAM,WAAA,GAAc,IAAI,WAAA,EAAY;AASpC,MAAM,gBAAA,GAAmB,WAAA,CAAY,MAAA,CAAO,eAAe,CAAA;AAE3D,MAAM,OAAA,GAAU,CAAC,MAAA,KAAqC;AACpD,EAAA,IAAI,kBAAkB,UAAA,EAAY;AAChC,IAAA,OAAO,MAAA;AAAA,EACT;AACA,EAAA,IAAI,WAAA,CAAY,MAAA,CAAO,MAAM,CAAA,EAAG;AAC9B,IAAA,OAAO,IAAI,UAAA;AAAA,MACT,MAAA,CAAO,MAAA;AAAA,MACP,MAAA,CAAO,UAAA;AAAA,MACP,MAAA,CAAO;AAAA,KACT;AAAA,EACF;AACA,EAAA,OAAO,IAAI,WAAW,MAAM,CAAA;AAC9B,CAAA;AASA,MAAM,sBAAA,GAAyB,CAAC,MAAA,KAAiC;AAG/D,EAAA,MAAM,KAAA,GAAQ,QAAQ,MAAM,CAAA;AAC5B,EAAA,MAAM,WAAW,IAAA,CAAK,MAAA,CAAO,aAAA,CAAc,GAAG,KAAK,CAAC,CAAA;AACpD,EAAA,OAAO,IAAI,QAAQ,CAAA,CAAA,CAAA;AACrB,CAAA;AAmCO,MAAM,uBAAA,GAA0B,CACrC,KAAA,EACA,WAAA,EACA,UACA,KAAA,KACgB;AAChB,EAAA,MAAM,UAAA,GAAa,WAAA,CAAY,MAAA,CAAO,KAAK,CAAA;AAC3C,EAAA,MAAM,aAAA,GAAgB,WAAA,CAAY,MAAA,CAAO,QAAQ,CAAA;AACjD,EAAA,MAAM,UAAA,GAAa,WAAA,CAAY,MAAA,CAAO,KAAK,CAAA;AAE3C,EAAA,MAAM,SAAS,IAAI,WAAA;AAAA,IACjB,gBAAA,CAAiB,SACjB,UAAA,CAAW,MAAA,GACX,IACA,CAAA,GACA,aAAA,CAAc,SACd,UAAA,CAAW;AAAA,GACb;AACA,EAAA,MAAM,IAAA,GAAO,IAAI,UAAA,CAAW,MAAM,CAAA;AAElC,EAAA,IAAI,MAAA,GAAS,CAAA;AACb,EAAA,IAAA,CAAK,GAAA,CAAI,kBAAkB,MAAM,CAAA;AACjC,EAAA,MAAA,IAAU,gBAAA,CAAiB,MAAA;AAC3B,EAAA,IAAA,CAAK,GAAA,CAAI,YAAY,MAAM,CAAA;AAC3B,EAAA,MAAA,IAAU,UAAA,CAAW,MAAA;AACrB,EAAA,IAAI,SAAS,MAAM,CAAA,CAAE,SAAA,CAAU,MAAA,EAAQ,aAAa,KAAK,CAAA;AACzD,EAAA,MAAA,IAAU,CAAA;AACV,EAAA,IAAA,CAAK,MAAM,IAAI,aAAA,CAAc,MAAA;AAC7B,EAAA,MAAA,IAAU,CAAA;AACV,EAAA,IAAA,CAAK,GAAA,CAAI,eAAe,MAAM,CAAA;AAC9B,EAAA,MAAA,IAAU,aAAA,CAAc,MAAA;AACxB,EAAA,IAAA,CAAK,GAAA,CAAI,YAAY,MAAM,CAAA;AAE3B,EAAA,OAAO,MAAA;AACT;AAqEA,MAAM,qBAAA,GAAwB,CAC5B,MAAA,KAC0B;AAC1B,EAAA,MAAM,EAAE,IAAA,EAAM,QAAA,EAAU,MAAA,EAAO,GAAI,MAAA;AAEnC,EAAA,IAAK,MAAA,KAAW,MAAA,MAAgB,QAAA,KAAa,MAAA,CAAA,EAAY;AACvD,IAAA,MAAM,IAAI,SAAA;AAAA,MACR;AAAA,KACF;AAAA,EACF;AACA,EAAA,IAAI,SAAS,MAAA,IAAa,IAAA,KAAS,KAAA,IAAS,OAAO,SAAS,QAAA,EAAU;AACpE,IAAA,MAAM,IAAI,SAAA;AAAA,MACR;AAAA,KACF;AAAA,EACF;AACA,EAAA,IAAI,aAAa,MAAA,EAAW;AAC1B,IAAA,mBAAA,CAAoB,UAAU,oBAAoB,CAAA;AAAA,EACpD;AAEA,EAAA,OAAO,MAAA;AACT,CAAA;AAeA,MAAM,iBAAA,GAAoB,CAAC,MAAA,KAAkC;AAC3D,EAAA,MAAM,EAAE,IAAA,EAAM,QAAA,EAAU,MAAA,EAAO,GAAI,sBAAsB,MAAM,CAAA;AAE/D,EAAA,MAAM,WAAA,GAAc,iBAAiB,IAAI,CAAA;AAEzC,EAAA,MAAM,YAAA,GAAe,aAAa,MAAA,IAAa,MAAA,KAAW,SACxD,OACE,OAAA,EACA,OACA,KAAA,KACkB;AAClB,IAAA,MAAM,OAAA,GAAU,uBAAA;AAAA,MACd,KAAA;AAAA,MAAO,gBAAA;AAAA,MAAkB,QAAA;AAAA,MAAU;AAAA,KACrC;AACA,IAAA,MAAM,SAAA,GAAY,MAAM,MAAA,CAAO,IAAA,CAAK,OAAO,CAAA;AAC3C,IAAA,OAAA,CAAQ,GAAA,CAAI,4BAA4B,QAAQ,CAAA;AAChD,IAAA,OAAA,CAAQ,GAAA;AAAA,MACN,uBAAA;AAAA,MACA,uBAAuB,SAAS;AAAA,KAClC;AAAA,EACF,CAAA,GACA,MAAA;AAEF,EAAA,OAAO,EAAE,cAAc,WAAA,EAAY;AACrC,CAAA;AAyDO,MAAM,kBAAA,GAAqB,CAChC,MAAA,GAAgC,EAAC,KACa;AAC9C,EAAA,MAAM,EAAE,YAAA,EAAc,WAAA,EAAY,GAAI,kBAAkB,MAAM,CAAA;AAE9D,EAAA,OAAO,OAAO,OAAA,KAAY;AACxB,IAAA,IAAI,OAAA,CAAQ,WAAW,SAAA,EAAW;AAChC,MAAA,OAAO,IAAI,SAAS,MAAA,EAAW;AAAA,QAC7B,MAAA,EAAQ,GAAA;AAAA,QACR,SAAS,EAAE,KAAA,EAAO,YAAA,EAAc,GAAG,YAAY,SAAA;AAAU,OAC1D,CAAA;AAAA,IACH;AAEA,IAAA,IAAI,OAAA,CAAQ,MAAA,KAAW,KAAA,IAAS,OAAA,CAAQ,WAAW,MAAA,EAAQ;AACzD,MAAA,OAAO,IAAI,SAAS,MAAA,EAAW;AAAA,QAC7B,MAAA,EAAQ,GAAA;AAAA,QACR,SAAS,EAAE,KAAA,EAAO,YAAA,EAAc,GAAG,YAAY,KAAA;AAAM,OACtD,CAAA;AAAA,IACH;AAEA,IAAA,MAAM,KAAA,GAAQ,YAAA,CAAa,OAAA,CAAQ,OAAO,CAAA;AAC1C,IAAA,MAAM,QAAQ,WAAA,EAAY;AAE1B,IAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ;AAAA,MAC1B,eAAA,EAAiB,UAAA;AAAA,MACjB,gBAAA,EAAkB,OAAO,qBAAqB,CAAA;AAAA,MAC9C,cAAA,EAAgB,mBAAA;AAAA,MAChB,CAAC,0BAA0B,GAAG,MAAA,CAAO,gBAAgB,CAAA;AAAA,MACrD,GAAG,WAAA,CAAY;AAAA,KAChB,CAAA;AAED,IAAA,IAAI,KAAA,IAAS,OAAA,CAAQ,MAAA,KAAW,KAAA,EAAO;AACrC,MAAA,OAAA,CAAQ,GAAA,CAAI,qBAAqB,KAAK,CAAA;AACtC,MAAA,IAAI,YAAA,EAAc;AAChB,QAAA,MAAM,YAAA,CAAa,OAAA,EAAS,KAAA,EAAO,KAAK,CAAA;AAAA,MAC1C;AAAA,IACF;AAEA,IAAA,MAAM,IAAA,GAAO,OAAA,CAAQ,MAAA,KAAW,MAAA,GAAS,MAAA,GAAY,KAAA;AACrD,IAAA,OAAO,IAAI,QAAA,CAAS,IAAA,EAAM,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,EACpD,CAAA;AACF;;AC3VO,MAAM,UAAkB,GAAA,CAAI;;;;"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@kagal/taistamp",
3
- "version": "0.0.1",
3
+ "version": "0.0.4",
4
4
  "type": "module",
5
5
  "description": "Signed TAI64N timestamps over HTTP",
6
6
  "author": "Apptly Software Ltd <oss@apptly.co>",
@@ -30,9 +30,15 @@
30
30
  "files": [
31
31
  "dist"
32
32
  ],
33
+ "dependencies": {
34
+ "@kagal/ed25519-secret": "^0.1.1"
35
+ },
33
36
  "devDependencies": {
37
+ "@cloudflare/vitest-pool-workers": "^0.13.1",
38
+ "@cloudflare/workers-types": "^4.20260317.1",
34
39
  "@kagal/build-tsdoc": "~0.1.0",
35
40
  "@kagal/cross-test": "~0.1.3",
41
+ "@noble/ed25519": "^3.1.0",
36
42
  "@poupe/eslint-config": "~0.9.1",
37
43
  "@types/node": "^20.19.39",
38
44
  "@vitest/coverage-istanbul": "^4.1.5",
@@ -63,6 +69,7 @@
63
69
  "publint": "publint",
64
70
  "publish:maybe": "npm view ${npm_package_name}@${npm_package_version} version 2>/dev/null && echo \"${npm_package_name}@${npm_package_version} already published\" || pnpm publish",
65
71
  "test": "vitest run",
72
+ "test:compat": "node src/__tests__/compat.mjs",
66
73
  "test:coverage": "vitest run --coverage",
67
74
  "test:watch": "vitest",
68
75
  "type-check": "run-s type-check:main type-check:tools type-check:tests",