@keetanetwork/anchor 0.0.13 → 0.0.14

package/lib/certificates.js

@@ -1,69 +1,38 @@
+import * as util from 'util';
 import * as KeetaNetClient from '@keetanetwork/keetanet-client';
+import * as oids from '../services/kyc/oids.generated.js';
 import * as ASN1 from './utils/asn1.js';
-import { Buffer } from './utils/buffer.js';
+import { ASN1toJS } from './utils/asn1.js';
+import { arrayBufferLikeToBuffer, arrayBufferToBuffer, Buffer, bufferToArrayBuffer } from './utils/buffer.js';
 import crypto from './utils/crypto.js';
 import { assertNever } from './utils/never.js';
-/* -----MOVE TO NODE AND ASN1NAPIRS----- */
-function getOID(name, oidDB) {
-    if (name in oidDB) {
-        // eslint-disable-next-line @typescript-eslint/consistent-type-assertions
-        const oid = oidDB[name];
-        if (oid === undefined) {
-            throw (new Error('internal error: OID was undefined'));
-        }
-        return (oid);
-    }
-    else {
-        throw (new Error('Unknown algorithm'));
-    }
+import { CertificateAttributeOIDDB, CertificateAttributeSchema, CertificateAttributeFieldNames } from '../services/kyc/iso20022.generated.js';
+import { hasIndexSignature, isErrorLike, hasValueProp, isContextTagged } from './utils/guards.js';
+import { getOID, lookupByOID } from './utils/oid.js';
+import { convertToJSON as convertToJSONUtil } from './utils/json.js';
+import { EncryptedContainer } from './encrypted-container.js';
+import { assertSharableCertificateAttributesContentsSchema } from './certificates.generated.js';
+/**
+ * Short alias for printing a debug representation of an object
+ */
+const DPO = KeetaNetClient.lib.Utils.Helper.debugPrintableObject.bind(KeetaNetClient.lib.Utils.Helper);
+const KeetaNetAccount = KeetaNetClient.lib.Account;
+function toJSON(data) {
+    return (convertToJSONUtil(data));
 }
-function lookupByOID(oid, oidDB) {
-    for (const [key, value] of Object.entries(oidDB)) {
-        if (key === oid) {
-            return (key);
-        }
-        if (value === oid) {
-            return (key);
-        }
-    }
-    throw (new Error(`Unknown OID: ${oid}`));
+// Generic type guard to align decoded values with generated attribute types
+function isAttributeValue(_name, _v) {
+    // Runtime schema validation is already performed by BufferStorageASN1; this guard
+    // serves to inform TypeScript of the precise type tied to the attribute name.
+    return (true);
 }
-/* -----END MOVE TO NODE AND ASN1NAPIRS----- */
-function toJSON(data) {
-    const retval = JSON.parse(JSON.stringify(data, function (key, convertedValue) {
-        // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access
-        const value = this[key];
-        if (typeof value === 'object' && value !== null) {
-            if ('publicKeyString' in value && typeof value.publicKeyString === 'object' && value.publicKeyString !== null) {
-                if ('get' in value.publicKeyString && typeof value.publicKeyString.get === 'function') {
-                    /*
-                     * If the value has a publicKeyString property that is an
-                     * object with a get method, we assume it is a KeetaNetAccount
-                     * or similar object and we return the public key string
-                     */
-                    // eslint-disable-next-line @typescript-eslint/no-unsafe-call
-                    const publicKeyString = value.publicKeyString.get();
-                    if (typeof publicKeyString === 'string') {
-                        return (publicKeyString);
-                    }
-                }
-            }
-        }
-        if (Buffer.isBuffer(value)) {
-            return (value.toString('base64'));
-        }
-        if (typeof value === 'bigint') {
-            return (value.toString());
-        }
-        return (convertedValue);
-    }));
-    return (retval);
+// Helper to apply type guard once and return the properly typed value
+function asAttributeValue(name, v) {
+    if (!isAttributeValue(name, v)) {
+        throw (new Error('internal error: decoded value did not match expected type'));
+    }
+    return (v);
 }
-/*
- * Because our public interfaces are ArrayBuffers we often need to convert
- * Buffers to ArrayBuffers -- an alias to the Node function to do that
- */
-const bufferToArrayBuffer = KeetaNetClient.lib.Utils.Helper.bufferToArrayBuffer.bind(KeetaNetClient.lib.Utils.Helper);
 /**
  * Sensitive Attribute Schema
  *
@@ -107,30 +76,161 @@ const SensitiveAttributeSchemaInternal = [
  * Database of permitted algorithms and their OIDs
  */
 const sensitiveAttributeOIDDB = {
-    'aes-256-gcm': '2.16.840.1.101.3.4.1.46',
-    'aes-256-cbc': '2.16.840.1.101.3.4.1.42',
-    'sha2-256': '2.16.840.1.101.3.4.2.1',
-    'sha3-256': '2.16.840.1.101.3.4.2.8'
+    'aes-256-gcm': oids.AES_256_GCM,
+    'aes-256-cbc': oids.AES_256_CBC,
+    'sha2-256': oids.SHA2_256,
+    'sha3-256': oids.SHA3_256,
+    'sha256': oids.SHA2_256,
+    'aes256-gcm': oids.AES_256_GCM,
+    'aes256-cbc': oids.AES_256_CBC
 };
+function assertCertificateAttributeNames(name) {
+    if (!(name in CertificateAttributeOIDDB)) {
+        throw (new Error(`Unknown attribute name: ${name}`));
+    }
+}
+function asCertificateAttributeNames(name) {
+    assertCertificateAttributeNames(name);
+    return (name);
+}
+function encodeAttribute(name, value) {
+    const schema = CertificateAttributeSchema[name];
+    const fieldNames = CertificateAttributeFieldNames[name];
+    // Date type
+    if (schema === ASN1.ValidateASN1.IsDate) {
+        if (!(util.types.isDate(value))) {
+            throw (new Error('Expected Date value'));
+        }
+        const asn1 = ASN1.JStoASN1(value);
+        const der = asn1.toBER(false);
+        return (der);
+    }
+    const MAX_ASN1_VALUE_DEPTH = 8; // Prevent excessive nesting
+    const toASN1Value = (input, depth = 0) => {
+        // Only allow primitives and raw binary that ASN1.JStoASN1 understands.
+        if (util.types.isDate(input)) {
+            return (input);
+        }
+        if (Buffer.isBuffer(input)) {
+            return (input);
+        }
+        if (input instanceof ArrayBuffer) {
+            return (arrayBufferToBuffer(input));
+        }
+        if (typeof input === 'string') {
+            return ({ type: 'string', kind: 'utf8', value: input });
+        }
+        /* XXX: Why are numbers and booleans encoded as strings? */
+        if (typeof input === 'number' || typeof input === 'bigint' || typeof input === 'boolean') {
+            return ({ type: 'string', kind: 'utf8', value: String(input) });
+        }
+        if (Array.isArray(input)) {
+            if (depth >= MAX_ASN1_VALUE_DEPTH) {
+                throw (new Error('Exceeded maximum ASN.1 value depth'));
+            }
+            return (input.map(item => toASN1Value(item, depth + 1)));
+        }
+        throw (new Error(`Unsupported ASN.1 value type: ${typeof input}`));
+    };
+    // Complex object type
+    if (fieldNames && hasIndexSignature(value) && !Array.isArray(value)) {
+        const mappedFields = fieldNames.map((fieldName, idx) => {
+            const fieldValue = value[fieldName];
+            if (fieldValue === undefined) {
+                return (undefined);
+            }
+            const tag = {
+                type: 'context',
+                kind: 'explicit',
+                value: idx,
+                contains: toASN1Value(fieldValue)
+            };
+            return (tag);
+        }).filter(function (computedValue) {
+            return (computedValue !== undefined);
+        });
+        const asn1 = ASN1.JStoASN1(mappedFields);
+        const der = asn1.toBER(false);
+        return (der);
+    }
+    throw (new Error(`Unsupported attribute value for encoding: ${JSON.stringify(DPO(value))}`));
+}
+// Prepare a value for inclusion in a SensitiveAttribute: pre-encode complex and date types
+function encodeForSensitive(name, value) {
+    if (Buffer.isBuffer(value)) {
+        return (value);
+    }
+    if (value instanceof ArrayBuffer) {
+        return (arrayBufferToBuffer(value));
+    }
+    if (typeof value === 'string') {
+        const asn1 = ASN1.JStoASN1({ type: 'string', kind: 'utf8', value });
+        return (arrayBufferToBuffer(asn1.toBER(false)));
+    }
+    if (value instanceof Date) {
+        const asn1 = ASN1.JStoASN1(value);
+        return (arrayBufferToBuffer(asn1.toBER(false)));
+    }
+    if (typeof value === 'object' && value !== null) {
+        if (!name) {
+            throw (new Error('attributeName required for complex types'));
+        }
+        const encoded = encodeAttribute(name, value);
+        return (arrayBufferToBuffer(encoded));
+    }
+    return (Buffer.from(String(value), 'utf-8'));
+}
+async function decodeAttribute(name, value) {
+    const schema = CertificateAttributeSchema[name];
+    // XXX:TODO Fix depth issue
+    // @ts-ignore
+    const decodedUnknown = new ASN1.BufferStorageASN1(value, schema).getASN1();
+    const fieldNames = CertificateAttributeFieldNames[name];
+    let candidate;
+    if (fieldNames && Array.isArray(decodedUnknown)) {
+        const arr = decodedUnknown;
+        const result = {};
+        for (let i = 0; i < fieldNames.length; i++) {
+            const fieldName = fieldNames[i];
+            if (!fieldName) {
+                continue;
+            }
+            const fieldValue = arr[i];
+            if (fieldValue === undefined) {
+                continue;
+            }
+            if (isErrorLike(fieldValue)) {
+                throw (new Error(`Field ${fieldName} contains an error: ${fieldValue.message}`));
+            }
+            if (isContextTagged(fieldValue)) {
+                // unwrap context tag; prefer nested .value if present
+                result[fieldName] = hasValueProp(fieldValue.contains) ? fieldValue.contains.value : fieldValue.contains;
+            }
+            else if (hasValueProp(fieldValue)) {
+                result[fieldName] = fieldValue.value;
+            }
+            else {
+                result[fieldName] = fieldValue;
+            }
+        }
+        candidate = result;
+    }
+    else if (hasValueProp(decodedUnknown)) {
+        candidate = decodedUnknown.value;
+    }
+    else {
+        candidate = decodedUnknown;
+    }
+    return (asAttributeValue(name, candidate));
+}
 class SensitiveAttributeBuilder {
     #account;
     #value;
-    constructor(account, value) {
+    constructor(account) {
         this.#account = account;
-        if (value) {
-            this.set(value);
-        }
     }
     set(value) {
-        if (Buffer.isBuffer(value)) {
-            this.#value = value;
-        }
-        else if (typeof value === 'string') {
-            this.#value = Buffer.from(value, 'utf-8');
-        }
-        else {
-            this.#value = Buffer.from(value);
-        }
+        this.#value = Buffer.isBuffer(value) ? value : arrayBufferLikeToBuffer(value);
         return (this);
     }
     async build() {
@@ -143,15 +243,31 @@ class SensitiveAttributeBuilder {
         const cipher = 'aes-256-gcm';
         const key = crypto.randomBytes(32);
         const nonce = crypto.randomBytes(12);
-        const encryptedKey = await this.#account.encrypt(key);
+        const encryptedKey = await this.#account.encrypt(bufferToArrayBuffer(key));
         function encrypt(value) {
             const cipherObject = crypto.createCipheriv(cipher, key, nonce);
             let retval = cipherObject.update(value);
             retval = Buffer.concat([retval, cipherObject.final()]);
+            /*
+             * For AES-GCM, the last 16 bytes are the authentication tag
+             */
+            if (cipher === 'aes-256-gcm') {
+                const getAuthTagFn = Reflect.get(cipherObject, 'getAuthTag');
+                if (typeof getAuthTagFn === 'function') {
+                    const tag = getAuthTagFn.call(cipherObject);
+                    if (!Buffer.isBuffer(tag)) {
+                        throw (new Error('getAuthTag did not return a Buffer'));
+                    }
+                    retval = Buffer.concat([retval, tag]);
+                }
+                else {
+                    throw (new Error('getAuthTag is not available on cipherObject'));
+                }
+            }
             return (retval);
         }
         const encryptedValue = encrypt(this.#value);
-        const encryptedSalt = encrypt(salt);
+        const encryptedSalt = encrypt(arrayBufferLikeToBuffer(salt));
         const saltedValue = Buffer.concat([salt, publicKey, encryptedValue, this.#value]);
         const hashedAndSaltedValue = KeetaNetClient.lib.Utils.Hash.Hash(saltedValue);
         const attributeStructure = [
@@ -179,23 +295,35 @@ class SensitiveAttributeBuilder {
             encryptedValue
         ];
         const encodedAttributeObject = ASN1.JStoASN1(attributeStructure);
-        const retval = encodedAttributeObject.toBER();
+        // Produce canonical DER as ArrayBuffer
+        const retval = encodedAttributeObject.toBER(false);
         return (retval);
     }
 }
 class SensitiveAttribute {
     #account;
     #info;
-    constructor(account, data) {
+    #decoder;
+    constructor(account, data, decoder) {
         this.#account = account;
         this.#info = this.decode(data);
+        if (decoder) {
+            this.#decoder = decoder;
+        }
     }
     decode(data) {
         if (Buffer.isBuffer(data)) {
             data = bufferToArrayBuffer(data);
         }
-        const dataObject = new ASN1.BufferStorageASN1(data, SensitiveAttributeSchemaInternal);
-        const decodedAttribute = dataObject.getASN1();
+        let decodedAttribute;
+        try {
+            const dataObject = new ASN1.BufferStorageASN1(data, SensitiveAttributeSchemaInternal);
+            decodedAttribute = dataObject.getASN1();
+        }
+        catch {
+            const js = ASN1toJS(data);
+            throw (new Error(`SensitiveAttribute.decode: unexpected DER shape ${JSON.stringify(DPO(js))}`));
+        }
         const decodedVersion = decodedAttribute[0] + 1n;
         if (decodedVersion !== 1n) {
             throw (new Error(`Unsupported Sensitive Attribute version (${decodedVersion})`));
@@ -217,11 +345,31 @@ class SensitiveAttribute {
         });
     }
     async #decryptValue(value) {
-        const decryptedKey = await this.#account.decrypt(this.#info.cipher.key);
+        const decryptedKey = await this.#account.decrypt(bufferToArrayBuffer(this.#info.cipher.key));
         const algorithm = this.#info.cipher.algorithm;
         const iv = this.#info.cipher.iv;
         const cipher = crypto.createDecipheriv(algorithm, Buffer.from(decryptedKey), iv);
+        // For AES-GCM, the last 16 bytes are the authentication tag
+        if (algorithm === 'aes-256-gcm') {
+            const authTag = value.subarray(value.length - 16);
+            const ciphertext = value.subarray(0, value.length - 16);
+            // XXX:TODO Fix typescript unsafe calls
+            // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment
+            const setAuthTagFn = Reflect.get(cipher, 'setAuthTag');
+            if (typeof setAuthTagFn === 'function') {
+                // eslint-disable-next-line @typescript-eslint/no-unsafe-call, @typescript-eslint/no-unsafe-member-access
+                setAuthTagFn.call(cipher, authTag);
+            }
+            else {
+                throw (new Error('setAuthTag is not available on cipher'));
+            }
+            const decrypted = cipher.update(ciphertext);
+            cipher.final(); // Verify auth tag
+            return (decrypted);
+        }
+        // For other algorithms (like CBC), just decrypt normally
         const decryptedValue = cipher.update(value);
+        cipher.final();
         return (decryptedValue);
     }
     /**
@@ -234,25 +382,33 @@ class SensitiveAttribute {
      * ArrayBuffer
      */
     async get() {
-        const decryptedValue = await this.#decryptValue(this.#info.encryptedValue);
+        const decryptedValue = await this.#decryptValue(arrayBufferLikeToBuffer(this.#info.encryptedValue));
         return (bufferToArrayBuffer(decryptedValue));
     }
-    /**
-     * Get the value of the sensitive attribute as a string after being
-     * interpreted as UTF-8 ( @see SensitiveAttribute.get for more information)
-     */
-    async getString() {
+    async getValue() {
         const value = await this.get();
-        return (Buffer.from(value).toString('utf-8'));
+        if (!this.#decoder) {
+            /**
+             * TypeScript complains that T may not be the correct
+             * type here, but gives us no tools to enforce that it
+             * is -- it should always be ArrayBuffer if no decoder
+             * is provided, but someone could always specify a
+             * type parameter in that case and we cannot check
+             * that at runtime since T is only a compile-time type.
+             */
+            // eslint-disable-next-line @typescript-eslint/consistent-type-assertions
+            return value;
+        }
+        return (this.#decoder(value));
     }
     /**
      * Generate a proof that a sensitive attribute is a given value,
      * which can be validated by a third party using the certificate
      * and the `validateProof` method
      */
-    async proove() {
+    async getProof() {
         const value = await this.get();
-        const salt = await this.#decryptValue(this.#info.hashedValue.encryptedSalt);
+        const salt = await this.#decryptValue(arrayBufferLikeToBuffer(this.#info.hashedValue.encryptedSalt));
         return ({
             value: Buffer.from(value).toString('base64'),
             hash: {
@@ -268,7 +424,8 @@ class SensitiveAttribute {
         const proofSaltBuffer = Buffer.from(proof.hash.salt, 'base64');
         const publicKeyBuffer = Buffer.from(this.#account.publicKey.get());
         const encryptedValue = this.#info.encryptedValue;
-        const hashedAndSaltedValue = KeetaNetClient.lib.Utils.Hash.Hash(Buffer.concat([proofSaltBuffer, publicKeyBuffer, encryptedValue, plaintextValue]));
+        const hashInput = Buffer.concat([proofSaltBuffer, publicKeyBuffer, encryptedValue, plaintextValue]);
+        const hashedAndSaltedValue = KeetaNetClient.lib.Utils.Hash.Hash(hashInput);
         const hashedAndSaltedValueBuffer = Buffer.from(hashedAndSaltedValue);
         return (this.#info.hashedValue.value.equals(hashedAndSaltedValueBuffer));
     }
@@ -276,16 +433,6 @@ class SensitiveAttribute {
         return (toJSON(this.#info));
     }
 }
-/**
- * Database of attributes
- */
-const CertificateAttributeOIDDB = {
-    'fullName': '1.3.6.1.4.1.62675.1.0',
-    'dateOfBirth': '1.3.6.1.4.1.62675.1.1',
-    'address': '1.3.6.1.4.1.62675.1.2',
-    'email': '1.3.6.1.4.1.62675.1.3',
-    'phoneNumber': '1.3.6.1.4.1.62675.1.4'
-};
 /**
  * ASN.1 Schema for Certificate KYC Attributes Extension
  *
@@ -338,10 +485,40 @@ export class CertificateBuilder extends KeetaNetClient.lib.Utils.Certificate.Cer
         super(CertificateBuilder.mapParams(params));
     }
     /**
-     * Set a KYC Attribute to a given value
+     * Set a KYC Attribute to a given value.
+     * The sensitive flag is required.
+     *
+     * If an attribute is marked sensitive, the value is encoded
+     * into the certificate using a commitment scheme so that the
+     * value can be proven later without revealing it.
      */
     setAttribute(name, sensitive, value) {
-        this.#attributes[name] = { sensitive, value };
+        // Non-sensitive path: only primitive schema (string/date) allowed
+        const schemaValidator = CertificateAttributeSchema[name];
+        let encoded;
+        if (value instanceof ArrayBuffer) {
+            encoded = value;
+        }
+        else if (name in CertificateAttributeSchema) {
+            /* XXX: Why do we have two encoding methods ? */
+            encoded = bufferToArrayBuffer(encodeForSensitive(name, value));
+        }
+        else if (schemaValidator === ASN1.ValidateASN1.IsDate) {
+            if (!(value instanceof Date)) {
+                throw (new Error('Expected Date value'));
+            }
+            encoded = encodeAttribute(name, value);
+        }
+        else if (schemaValidator === ASN1.ValidateASN1.IsString && typeof value === 'string') {
+            encoded = encodeAttribute(name, value);
+        }
+        else {
+            throw (new Error('Unsupported non-sensitive value type'));
+        }
+        this.#attributes[name] = {
+            sensitive: sensitive,
+            value: encoded
+        };
     }
     async addExtensions(...args) {
         const retval = await super.addExtensions(...args);
@@ -357,19 +534,20 @@ export class CertificateBuilder extends KeetaNetClient.lib.Utils.Certificate.Cer
              * can assume that the attribute is always present in
              * the object
              */
-            // eslint-disable-next-line @typescript-eslint/consistent-type-assertions
+            assertCertificateAttributeNames(name);
             const nameOID = CertificateAttributeOIDDB[name];
             let value;
             if (attribute.sensitive) {
-                const sensitiveAttribute = new SensitiveAttributeBuilder(subject, attribute.value);
-                value = Buffer.from(await sensitiveAttribute.build());
+                const builder = new SensitiveAttributeBuilder(subject);
+                builder.set(attribute.value);
+                value = arrayBufferToBuffer(await builder.build());
             }
             else {
                 if (typeof attribute.value === 'string') {
                     value = Buffer.from(attribute.value, 'utf-8');
                 }
                 else {
-                    value = Buffer.from(attribute.value);
+                    value = arrayBufferToBuffer(attribute.value);
                 }
             }
             certAttributes.push([{
@@ -383,7 +561,7 @@ export class CertificateBuilder extends KeetaNetClient.lib.Utils.Certificate.Cer
                 }]);
         }
         if (certAttributes.length > 0) {
-            retval.push(KeetaNetClient.lib.Utils.Certificate.CertificateBuilder.extension('1.3.6.1.4.1.62675.0.0', certAttributes));
+            retval.push(KeetaNetClient.lib.Utils.Certificate.CertificateBuilder.extension(oids.keeta.KYC_ATTRIBUTES, certAttributes));
         }
         return (retval);
     }
@@ -412,6 +590,7 @@ export class CertificateBuilder extends KeetaNetClient.lib.Utils.Certificate.Cer
 export class Certificate extends KeetaNetClient.lib.Utils.Certificate.Certificate {
     subjectKey;
     static Builder = CertificateBuilder;
+    static SharableAttributes;
     /**
      * User KYC Attributes
      */
@@ -424,27 +603,56 @@ export class Certificate extends KeetaNetClient.lib.Utils.Certificate.Certificat
     finalizeConstruction() {
         /* Do nothing, we call the super method in the constructor */
     }
+    setPlainAttribute(name, value) {
+        // @ts-ignore
+        this.attributes[name] = { sensitive: false, value };
+    }
+    setSensitiveAttribute(name, value) {
+        this.attributes[name] = {
+            sensitive: true,
+            value: new SensitiveAttribute(this.subjectKey, value, decodeAttribute.bind(null, name))
+        };
+    }
+    /**
+     * Get the underlying value for an attribute.
+     *
+     * If the attribute is sensitive, this will decrypt it using the
+     * subject's private key, otherwise it will return the value.
+     */
+    async getAttributeValue(attributeName) {
+        const attr = this.attributes[attributeName]?.value;
+        if (!attr) {
+            throw (new Error(`Attribute ${attributeName} is not available`));
+        }
+        if (attr instanceof SensitiveAttribute) {
+            const raw = await attr.get();
+            return (await decodeAttribute(attributeName, raw));
+        }
+        // Non-sensitive: ArrayBuffer or Buffer
+        if (attr instanceof ArrayBuffer || Buffer.isBuffer(attr)) {
+            return (await decodeAttribute(attributeName, attr));
+        }
+        throw (new Error(`Attribute ${attributeName} is not a supported type`));
+    }
     processExtension(id, value) {
         if (super.processExtension(id, value)) {
             return (true);
         }
-        if (id === '1.3.6.1.4.1.62675.0.0') {
+        if (id === oids.keeta.KYC_ATTRIBUTES) {
             const attributesRaw = new ASN1.BufferStorageASN1(value, CertificateKYCAttributeSchemaValidation).getASN1();
             for (const attribute of attributesRaw) {
-                const name = lookupByOID(attribute[0].oid, CertificateAttributeOIDDB);
+                const nameString = lookupByOID(attribute[0].oid, CertificateAttributeOIDDB);
+                const name = asCertificateAttributeNames(nameString);
                 const valueKind = attribute[1].value;
                 const value = bufferToArrayBuffer(attribute[1].contains);
                 switch (valueKind) {
                     case 0:
                         /* Plain Value */
-                        this.attributes[name] = { sensitive: false, value: value };
+                        this.setPlainAttribute(name, value);
                         break;
                     case 1:
                         /* Sensitive Value */
-                        this.attributes[name] = {
-                            sensitive: true,
-                            value: new SensitiveAttribute(this.subjectKey, value)
-                        };
+                        this.setSensitiveAttribute(name, value);
                         break;
                     default:
                         assertNever(valueKind);
@@ -455,6 +663,260 @@ export class Certificate extends KeetaNetClient.lib.Utils.Certificate.Certificat
         return (false);
     }
 }
+;
+export class SharableCertificateAttributes {
+    #certificate;
+    #attributes = {};
+    container;
+    populatedFromInit = false;
+    static assertCertificateAttributeName = assertCertificateAttributeNames;
+    constructor(input, options) {
+        let containerBuffer;
+        if (typeof input === 'string') {
+            /*
+             * Attempt to decode as PEM, but also if not PEM, then return
+             * the lines as-is (base64) after removing whitespace
+             */
+            const inputLines = input.split(/\r?\n/);
+            let base64Lines;
+            for (let beginOffset = 0; beginOffset < inputLines.length; beginOffset++) {
+                const line = inputLines[beginOffset]?.trim();
+                if (line?.startsWith('-----BEGIN ')) {
+                    let endIndex = -1;
+                    const matchingEndLine = line.replace('BEGIN', 'END');
+                    for (let endOffset = beginOffset + 1; endOffset < inputLines.length; endOffset++) {
+                        const checkEndLine = inputLines[endOffset]?.trim();
+                        if (checkEndLine === matchingEndLine) {
+                            endIndex = endOffset;
+                            break;
+                        }
+                    }
+                    if (endIndex === -1) {
+                        throw (new Error('Invalid PEM format: missing END line'));
+                    }
+                    base64Lines = inputLines.slice(beginOffset + 1, endIndex);
+                    break;
+                }
+            }
+            if (base64Lines === undefined) {
+                base64Lines = inputLines;
+            }
+            base64Lines = base64Lines.map(function (line) {
+                return (line.trim());
+            }).filter(function (line) {
+                return (line.length > 0);
+            });
+            const base64Content = base64Lines.join('');
+            containerBuffer = Buffer.from(base64Content, 'base64');
+        }
+        else {
+            containerBuffer = arrayBufferToBuffer(input);
+        }
+        let principals = options?.principals;
+        if (KeetaNetAccount.isInstance(principals)) {
+            principals = [principals];
+        }
+        else if (principals instanceof Set) {
+            principals = Array.from(principals);
+        }
+        else if (principals === undefined) {
+            principals = null;
+        }
+        this.container = EncryptedContainer.fromEncodedBuffer(containerBuffer, principals);
+    }
+    /**
+     * Create a SharableCertificateAttributes from a Certificate
+     * and a list of attribute names to include -- if no list is
+     * provided, all attributes are included.
+     */
+    static async fromCertificate(certificate, attributeNames) {
+        if (attributeNames === undefined) {
+            /*
+             * We know the keys are whatever the Certificate says they are, so
+             * we can cast here safely
+             */
+            // eslint-disable-next-line @typescript-eslint/consistent-type-assertions
+            attributeNames = Object.keys(certificate.attributes);
+        }
+        const attributes = {};
+        for (const name of attributeNames) {
+            const attr = certificate.attributes[name];
+            /**
+             * Skip missing attributes
+             */
+            if (!attr) {
+                continue;
+            }
+            if (attr.sensitive) {
+                attributes[name] = {
+                    sensitive: true,
+                    value: await attr.value.getProof()
+                };
+            }
+            else {
+                attributes[name] = {
+                    sensitive: false,
+                    value: arrayBufferToBuffer(attr.value).toString('base64')
+                };
+            }
+        }
+        const contentsString = JSON.stringify({
+            certificate: certificate.toPEM(),
+            attributes: attributes
+        });
+        const temporaryUser = KeetaNetAccount.fromSeed(KeetaNetAccount.generateRandomSeed(), 0);
+        const contentsBuffer = Buffer.from(contentsString, 'utf-8');
+        const contentsBufferCompressed = await KeetaNetClient.lib.Utils.Buffer.ZlibDeflateAsync(bufferToArrayBuffer(contentsBuffer));
+        const container = EncryptedContainer.fromPlaintext(arrayBufferToBuffer(contentsBufferCompressed), [temporaryUser], true);
+        const containerBuffer = await container.getEncodedBuffer();
+        const retval = new SharableCertificateAttributes(bufferToArrayBuffer(containerBuffer), { principals: temporaryUser });
+        await retval.revokeAccess(temporaryUser);
+        return (retval);
+    }
+    async grantAccess(principal) {
+        await this.container.grantAccess(principal);
+        return (this);
+    }
+    async revokeAccess(principal) {
+        await this.container.revokeAccess(principal);
+        return (this);
+    }
+    get principals() {
+        return (this.container.principals);
+    }
+    async #populate() {
+        if (this.populatedFromInit) {
+            return;
+        }
+        this.populatedFromInit = true;
+        const contentsBuffer = await this.container.getPlaintext();
+        const contentsBufferDecompressed = await KeetaNetClient.lib.Utils.Buffer.ZlibInflateAsync(bufferToArrayBuffer(contentsBuffer));
+        const contentsString = Buffer.from(contentsBufferDecompressed).toString('utf-8');
+        const contentsJSON = JSON.parse(contentsString);
+        const contents = assertSharableCertificateAttributesContentsSchema(contentsJSON);
+        this.#certificate = new Certificate(contents.certificate);
+        const attributePromises = Object.entries(contents.attributes).map(async ([name, attr]) => {
+            /*
+             * Get the corresponding attribute from the certificate
+             *
+             * We actually do not care if `name` is a known attribute
+             * because we are not decoding it here, we are just
+             * verifying it matches the certificate
+             */
+            // eslint-disable-next-line @typescript-eslint/consistent-type-assertions
+            const certAttribute = this.#certificate?.attributes[name];
+            if (!certAttribute) {
+                throw (new Error(`Attribute ${name} not found in certificate`));
+            }
+            if (certAttribute.sensitive !== attr.sensitive) {
+                throw (new Error(`Attribute ${name} sensitivity mismatch with certificate`));
+            }
+            if (!attr.sensitive) {
+                if (certAttribute.sensitive) {
+                    throw (new Error(`Attribute ${name} sensitivity mismatch with certificate`));
+                }
+                const certValue = certAttribute.value;
+                const sharedValue = bufferToArrayBuffer(Buffer.from(attr.value, 'base64'));
+                if (sharedValue.byteLength !== certValue.byteLength || !Buffer.from(sharedValue).equals(Buffer.from(certValue))) {
+                    throw (new Error(`Attribute ${name} value mismatch with certificate`));
+                }
+                return ([name, {
+                        sensitive: false,
+                        value: sharedValue
+                    }]);
+            }
+            if (!certAttribute.sensitive) {
+                throw (new Error(`Attribute ${name} sensitivity mismatch with certificate`));
+            }
+            if (!(await certAttribute.value.validateProof(attr.value))) {
+                throw (new Error(`Attribute ${name} proof validation failed`));
+            }
+            const attrValue = bufferToArrayBuffer(Buffer.from(attr.value.value, 'base64'));
+            return ([name, {
+                    sensitive: true,
+                    value: attrValue
+                }]);
+        });
+        const resolvedAttributes = await Promise.all(attributePromises);
+        this.#attributes = Object.fromEntries(resolvedAttributes);
+    }
+    async getCertificate() {
+        await this.#populate();
+        if (!this.#certificate) {
+            throw (new Error('internal error: certificate not populated'));
+        }
+        return (this.#certificate);
+    }
+    async getAttributeBuffer(name) {
+        await this.#populate();
+        const attr = this.#attributes[name];
+        return (attr?.value);
+    }
+    async getAttribute(name) {
+        const buffer = await this.getAttributeBuffer(name);
+        if (buffer === undefined) {
+            return (undefined);
+        }
+        const retval = await decodeAttribute(name, buffer);
+        /* XXX:TODO: Here is where we would look at a reference value
+         * (e.g., URL+hash) and fetch it, and verify it the hash matches
+         * the fetched value
+         *
+         * The schema for references is not yet defined, so this is
+         * left as a TODO for now.
+         *
+         * The return type would also need to be updated to reflect
+         * that we would map referenced types to something like
+         * { data: ArrayBuffer, contentType: string, source: <url>,
+         * hash: <hash> } (where source and hash should be named
+         * after whatever the actual schema is)
+         */
+        return (retval);
+    }
+    async getAttributeNames(includeUnknown) {
+        await this.#populate();
+        const names = Object.keys(this.#attributes);
+        if (includeUnknown) {
+            return (names);
+        }
+        const knownNames = names.filter(function (name) {
+            return (name in CertificateAttributeOIDDB);
+        });
+        return (knownNames);
+    }
+    async export(options) {
+        options = {
+            format: 'arraybuffer',
+            ...options
+        };
+        let principals;
+        try {
+            principals = this.container.principals;
+        }
+        catch {
+            principals = [];
+        }
+        if (principals.length === 0) {
+            throw (new Error('This container has no authorized users (principals); cannot export'));
+        }
+        const retvalBuffer = await this.container.getEncodedBuffer();
+        if (options.format === 'string') {
+            const retvalBase64 = retvalBuffer.toString('base64');
+            const retvalLines = ['-----BEGIN KYC CERTIFICATE PROOF-----'];
+            retvalLines.push(...retvalBase64.match(/.{1,64}/g) ?? []);
+            retvalLines.push('-----END KYC CERTIFICATE PROOF-----');
+            return (retvalLines.join('\n'));
+        }
+        else if (options.format === 'arraybuffer') {
+            return (bufferToArrayBuffer(retvalBuffer));
+        }
+        else {
+            throw (new Error(`Unsupported export format: ${String(options.format)}`));
+        }
+    }
+}
+// @ts-ignore
+Certificate.SharableAttributes = SharableCertificateAttributes;
 /** @internal */
 export const _Testing = {
     SensitiveAttributeBuilder,