@keetanetwork/anchor 0.0.22 → 0.0.24
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/certificates.d.ts +4 -1
- package/lib/certificates.d.ts.map +1 -1
- package/lib/certificates.js +148 -14
- package/lib/certificates.js.map +1 -1
- package/lib/error.d.ts +33 -0
- package/lib/error.d.ts.map +1 -1
- package/lib/error.js +203 -9
- package/lib/error.js.map +1 -1
- package/lib/http-server/common.d.ts +17 -0
- package/lib/http-server/common.d.ts.map +1 -0
- package/lib/http-server/common.js +111 -0
- package/lib/http-server/common.js.map +1 -0
- package/lib/{http-server.d.ts → http-server/index.d.ts} +27 -11
- package/lib/http-server/index.d.ts.map +1 -0
- package/lib/{http-server.js → http-server/index.js} +73 -44
- package/lib/http-server/index.js.map +1 -0
- package/lib/resolver.d.ts +32 -9
- package/lib/resolver.d.ts.map +1 -1
- package/lib/resolver.js +558 -304
- package/lib/resolver.js.map +1 -1
- package/lib/utils/asn1.d.ts +0 -13
- package/lib/utils/asn1.d.ts.map +1 -1
- package/lib/utils/asn1.js +0 -1973
- package/lib/utils/asn1.js.map +1 -1
- package/lib/utils/external.d.ts.map +1 -1
- package/lib/utils/external.js +9 -2
- package/lib/utils/external.js.map +1 -1
- package/npm-shrinkwrap.json +2 -2
- package/package.json +1 -1
- package/services/asset-movement/client.d.ts +22 -11
- package/services/asset-movement/client.d.ts.map +1 -1
- package/services/asset-movement/client.js +406 -95
- package/services/asset-movement/client.js.map +1 -1
- package/services/asset-movement/common.d.ts +410 -35
- package/services/asset-movement/common.d.ts.map +1 -1
- package/services/asset-movement/common.js +10176 -1492
- package/services/asset-movement/common.js.map +1 -1
- package/services/asset-movement/server.d.ts +26 -15
- package/services/asset-movement/server.d.ts.map +1 -1
- package/services/asset-movement/server.js +248 -76
- package/services/asset-movement/server.js.map +1 -1
- package/services/fx/common.d.ts +2 -5
- package/services/fx/common.d.ts.map +1 -1
- package/services/fx/common.js +3 -3
- package/services/fx/common.js.map +1 -1
- package/services/fx/server.d.ts +2 -2
- package/services/fx/server.d.ts.map +1 -1
- package/services/fx/server.js +2 -2
- package/services/fx/server.js.map +1 -1
- package/services/kyc/common.d.ts +2 -5
- package/services/kyc/common.d.ts.map +1 -1
- package/services/kyc/common.generated.js +4 -4
- package/services/kyc/common.js.map +1 -1
- package/services/kyc/iso20022.generated.js +54 -54
- package/services/kyc/iso20022.generated.js.map +1 -1
- package/services/kyc/server.d.ts +2 -2
- package/services/kyc/server.d.ts.map +1 -1
- package/services/kyc/server.js +2 -2
- package/services/kyc/server.js.map +1 -1
- package/services/kyc/utils/generate-kyc-schema.js +34 -6
- package/services/kyc/utils/generate-kyc-schema.js.map +1 -1
- package/lib/http-server.d.ts.map +0 -1
- package/lib/http-server.js.map +0 -1
package/lib/certificates.d.ts
CHANGED
|
@@ -2,12 +2,15 @@ import * as KeetaNetClient from '@keetanetwork/keetanet-client';
|
|
|
2
2
|
import { Buffer } from './utils/buffer.js';
|
|
3
3
|
import type { CertificateAttributeValue } from '../services/kyc/iso20022.generated.js';
|
|
4
4
|
import { CertificateAttributeOIDDB } from '../services/kyc/iso20022.generated.js';
|
|
5
|
+
/**
|
|
6
|
+
* Short alias for the KeetaNetAccount type
|
|
7
|
+
*/
|
|
8
|
+
declare const KeetaNetAccount: typeof KeetaNetClient.lib.Account;
|
|
5
9
|
type AccountKeyAlgorithm = InstanceType<typeof KeetaNetClient.lib.Account>['keyType'];
|
|
6
10
|
/**
|
|
7
11
|
* An alias for the KeetaNetAccount type
|
|
8
12
|
*/
|
|
9
13
|
type KeetaNetAccount = ReturnType<typeof KeetaNetClient.lib.Account.fromSeed<AccountKeyAlgorithm>>;
|
|
10
|
-
declare const KeetaNetAccount: typeof KeetaNetClient.lib.Account;
|
|
11
14
|
declare function assertCertificateAttributeNames(name: string): asserts name is CertificateAttributeNames;
|
|
12
15
|
declare class SensitiveAttribute<T = ArrayBuffer> {
|
|
13
16
|
#private;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"certificates.d.ts","sourceRoot":"","sources":["../../src/lib/certificates.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,cAAc,MAAM,+BAA+B,CAAC;
|
|
1
|
+
{"version":3,"file":"certificates.d.ts","sourceRoot":"","sources":["../../src/lib/certificates.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,cAAc,MAAM,+BAA+B,CAAC;AAGhE,OAAO,EAAgD,MAAM,EAAuB,MAAM,mBAAmB,CAAC;AAG9G,OAAO,KAAK,EAA0B,yBAAyB,EAAE,MAAM,uCAAuC,CAAC;AAC/G,OAAO,EAAE,yBAAyB,EAA8B,MAAM,uCAAuC,CAAC;AAY9G;;GAEG;AACH,QAAA,MAAM,eAAe,EAAE,OAAO,cAAc,CAAC,GAAG,CAAC,OAAoC,CAAC;AAGtF,KAAK,mBAAmB,GAAG,YAAY,CAAC,OAAO,cAAc,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,CAAC;AAEtF;;GAEG;AACH,KAAK,eAAe,GAAG,UAAU,CAAC,OAAO,cAAc,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,mBAAmB,CAAC,CAAC,CAAC;AA+RnG,iBAAS,+BAA+B,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,IAAI,yBAAyB,CAIhG;AAiKD,cAAM,kBAAkB,CAAC,CAAC,GAAG,WAAW;;gBAK3B,OAAO,EAAE,eAAe,EAAE,IAAI,EAAE,MAAM,GAAG,WAAW,EAAE,OAAO,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,GAAG,WAAW,KAAK,CAAC;IAQ7G,OAAO,CAAC,MAAM;IAqEd;;;;;;;;OAQG;IACG,GAAG,IAAI,OAAO,CAAC,WAAW,CAAC;IAK3B,QAAQ,IAAI,OAAO,CAAC,CAAC,CAAC;IAiB5B;;;;OAIG;IACG,QAAQ,IAAI,OAAO,CAAC;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE;YAAE,IAAI,EAAE,MAAM,CAAA;SAAE,CAAA;KAAC,CAAC;IAYnE;;OAEG;IACG,aAAa,CAAC,KAAK,EAAE,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,OAAO,CAAC;IAcnF,MAAM,IAAI,OAAO;CAGjB;AAED;;GAEG;AACH,KAAK,yBAAyB,GAAG,MAAM,OAAO,yBAAyB,CAAC;AAExE,KAAK,4BAA4B,GAAG,WAAW,CAAC,qBAAqB,CAAC,OAAO,cAAc,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,kBAAkB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAC1I,KAAK,wBAAwB,GAAG,QAAQ,CAAC,IAAI,CAAC,4BAA4B,EAAE,QAAQ,GAAG,WAAW,GAAG,SAAS,GAAG,QAAQ,GAAG,SAAS,GAAG,UAAU,GAAG,WAAW,GAAG,MAAM,CAAC,GAAG;IAC5K;;;OAGG;IACH,OAAO,EAAE,4BAA4B,CAAC,kBAAkB,CAAC,CAAC;CAC1D,CAAC,CAAC;AAoCH,KAAK,yBAAyB,CAAC,IAAI,SAAS,yBAAyB,IAAI,yBAAyB,CAAC,IAAI,CAAC,CAAC;AAEzG,qBAAa,kBAAmB,SAAQ,cAAc,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,kBAAkB;;IAK9F;;;OAGG;IACH,OAAO,CAAC,MAAM,CAAC,SAAS;gBAcZ,MAAM,CAAC,EAAE,OAAO,CAAC,wBAAwB,CAAC;IAItD;;;;;;;OAOG;IACH,YAAY,CAAC,IAAI,SAAS,yBAAyB,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,KAAK,EAAE,yBAAyB,CAAC,IAAI,CAAC,GAAG,IAAI;cA2BlH,aAAa,CAAC,GAAG,IAAI,EAAE,UAAU,CAAC,YAAY,CAAC,OAAO,cAAc,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,kBAAkB,CAAC,CAAC,eAAe,CAAC,CAAC,GAAG,UAAU,CAAC,YAAY,CAAC,OAAO,cAAc,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,kBAAkB,CAAC,CAAC,eAAe,CAAC,CAAC;IAmD5P;;;;;OAKG;IACG,KAAK,CAAC,MAAM,CAAC,EAAE,OAAO,CAAC,wBAAwB,CAAC,GAAG,OAAO,CAAC,WAAW,CAAC;CAgB7E;AAED,qBAAa,WAAY,SAAQ,cAAc,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,WAAW;IAChF,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAkB;IAC7C,MAAM,CAAC,QAAQ,CAAC,OAAO,EAAE,OAAO,kBAAkB,CAAsB;IACxE,MAAM,CAAC,QAAQ,CAAC,kBAAkB,EAAE,OAAO,6BAA6B,CAAC;IAEzE;;OAEM;IACN,QAAQ,CAAC,UAAU,EAAE;SACnB,IAAI,IAAI,yBAAyB,CAAC,CAAC,EAAE;YACrC,SAAS,EAAE,IAAI,CAAC;YAChB,KAAK,EAAE,kBAAkB,CAAC,yBAAyB,CAAC,IAAI,CAAC,CAAC,CAAC;SAC3D,GAAG;YACH,SAAS,EAAE,KAAK,CAAC;YACjB,KAAK,EAAE,WAAW,CAAC;SACnB;KACD,CAAM;gBAEK,KAAK,EAAE,qBAAqB,CAAC,OAAO,cAAc,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,EAAE,OAAO,CAAC,EAAE,qBAAqB,CAAC,OAAO,cAAc,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,GAAG;QAAE,UAAU,CAAC,EAAE,eAAe,CAAA;KAAE;IAQpO,SAAS,CAAC,oBAAoB,IAAI,IAAI;IAItC,OAAO,CAAC,iBAAiB;IAKzB,OAAO,CAAC,qBAAqB;IAW7B;;;;;OAKG;IACG,iBAAiB,CAAC,IAAI,SAAS,yBAAyB,EAAE,aAAa,EAAE,IAAI,GAAG,OAAO,CAAC,yBAAyB,CAAC,IAAI,CAAC,CAAC;IAmB9H,SAAS,CAAC,gBAAgB,CAAC,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,WAAW,GAAG,OAAO;CAiCnE;AAGD,yBAAiB,kCAAkC,CAAC;IACnD,KAAY,aAAa,GAAG;QAC3B;;;;WAIG;QACH,MAAM,CAAC,EAAE,QAAQ,GAAG,aAAa,CAAC;KAClC,CAAC;IACF,KAAY,aAAa,GAAG;QAC3B;;;WAGG;QACH,UAAU,CAAC,EAAE,GAAG,CAAC,eAAe,CAAC,GAAG,eAAe,EAAE,GAAG,eAAe,GAAG,IAAI,CAAC;KAC/E,CAAC;IACF,KAAY,cAAc,GAAG;QAC5B,WAAW,EAAE,MAAM,CAAC;QACpB,UAAU,EAAE;YACX,CAAC,IAAI,EAAE,MAAM,GAAG;gBACf,SAAS,EAAE,IAAI,CAAC;gBAChB,KAAK,EAAE,OAAO,CAAC,UAAU,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;gBAC3D,UAAU,CAAC,EAAE;oBAAE,CAAC,EAAE,EAAE,MAAM,GAAG,MAAM,CAAA;iBAAE,CAAC;aACtC,GAAG;gBACH,SAAS,EAAE,KAAK,CAAC;gBACjB,KAAK,EAAE,MAAM,CAAC;gBACd,UAAU,CAAC,EAAE;oBAAE,CAAC,EAAE,EAAE,MAAM,GAAG,MAAM,CAAA;iBAAE,CAAC;aACtC,CAAA;SACD,CAAC;KACF,CAAC;CACF;AACD,KAAK,0CAA0C,GAAG,kCAAkC,CAAC,aAAa,CAAC;AACnG,KAAK,0CAA0C,GAAG,kCAAkC,CAAC,aAAa,CAAC;AAGnG,qBAAa,6BAA6B;;IAUzC,OAAO,CAAC,SAAS,CAAqB;IACtC,OAAO,CAAC,iBAAiB,CAAS;IAElC,MAAM,CAAC,8BAA8B,EAAE,OAAO,+BAA+B,CAAmC;gBAEpG,KAAK,EAAE,WAAW,GAAG,MAAM,GAAG,MAAM,EAAE,OAAO,CAAC,EAAE,0CAA0C;IA2DtG;;;;OAIG;WACU,eAAe,CAAC,WAAW,EAAE,WAAW,EAAE,cAAc,CAAC,EAAE,yBAAyB,EAAE,GAAG,OAAO,CAAC,6BAA6B,CAAC;IAyGtI,WAAW,CAAC,SAAS,EAAE,eAAe,GAAG,OAAO,CAAC,IAAI,CAAC;IAKtD,YAAY,CAAC,SAAS,EAAE,eAAe,GAAG,OAAO,CAAC,IAAI,CAAC;IAK7D,IAAI,UAAU,IAAI,eAAe,EAAE,CAElC;IAoFK,cAAc,IAAI,OAAO,CAAC,WAAW,CAAC;IAQtC,kBAAkB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,GAAG,SAAS,CAAC;IAMlE,YAAY,CAAC,IAAI,SAAS,yBAAyB,EAAE,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,yBAAyB,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC;IAkEtH,iBAAiB,CAAC,cAAc,EAAE,IAAI,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAC1D,iBAAiB,CAAC,cAAc,CAAC,EAAE,KAAK,GAAG,OAAO,CAAC,yBAAyB,EAAE,CAAC;IAgBrF,MAAM,CAAC,OAAO,CAAC,EAAE,IAAI,CAAC,0CAA0C,EAAE,QAAQ,CAAC,GAAG;QAAE,MAAM,CAAC,EAAE,KAAK,CAAC;KAAE,GAAG,OAAO,CAAC,WAAW,CAAC;IACxH,MAAM,CAAC,OAAO,EAAE,CAAC,IAAI,CAAC,0CAA0C,EAAE,QAAQ,CAAC,GAAG;QAAE,MAAM,EAAE,aAAa,CAAA;KAAE,CAAC,GAAG,OAAO,CAAC,WAAW,CAAC;IAC/H,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,0CAA0C,EAAE,QAAQ,CAAC,GAAG;QAAE,MAAM,EAAE,QAAQ,CAAA;KAAE,GAAG,OAAO,CAAC,MAAM,CAAC;IACnH,MAAM,CAAC,OAAO,CAAC,EAAE,0CAA0C,GAAG,OAAO,CAAC,WAAW,GAAG,MAAM,CAAC;CA8B3F"}
|
package/lib/certificates.js
CHANGED
|
@@ -1,7 +1,6 @@
|
|
|
1
1
|
import * as KeetaNetClient from '@keetanetwork/keetanet-client';
|
|
2
2
|
import * as oids from '../services/kyc/oids.generated.js';
|
|
3
3
|
import * as ASN1 from './utils/asn1.js';
|
|
4
|
-
import { ASN1toJS, contextualizeStructSchema, encodeValueBySchema, normalizeDecodedASN1 } from './utils/asn1.js';
|
|
5
4
|
import { arrayBufferLikeToBuffer, arrayBufferToBuffer, Buffer, bufferToArrayBuffer } from './utils/buffer.js';
|
|
6
5
|
import crypto from './utils/crypto.js';
|
|
7
6
|
import { assertNever } from './utils/never.js';
|
|
@@ -15,7 +14,127 @@ import { checkHashWithOID } from './utils/external.js';
|
|
|
15
14
|
* Short alias for printing a debug representation of an object
|
|
16
15
|
*/
|
|
17
16
|
const DPO = KeetaNetClient.lib.Utils.Helper.debugPrintableObject.bind(KeetaNetClient.lib.Utils.Helper);
|
|
17
|
+
/**
|
|
18
|
+
* Short alias for the KeetaNetAccount type
|
|
19
|
+
*/
|
|
18
20
|
const KeetaNetAccount = KeetaNetClient.lib.Account;
|
|
21
|
+
function isPlainObject(value) {
|
|
22
|
+
return (typeof value === 'object' && value !== null && !Array.isArray(value));
|
|
23
|
+
}
|
|
24
|
+
/**
|
|
25
|
+
* Recursively normalize object properties
|
|
26
|
+
*/
|
|
27
|
+
function normalizeDecodedASN1Object(obj, principals) {
|
|
28
|
+
const result = {};
|
|
29
|
+
for (const [key, value] of Object.entries(obj)) {
|
|
30
|
+
// eslint-disable-next-line @typescript-eslint/no-use-before-define
|
|
31
|
+
result[key] = normalizeDecodedASN1(value, principals);
|
|
32
|
+
}
|
|
33
|
+
return (result);
|
|
34
|
+
}
|
|
35
|
+
/**
|
|
36
|
+
* Post-process the output from toJavaScriptObject() to:
|
|
37
|
+
* 1. Unwrap any remaining ASN.1-like objects (from IsAnyString/IsAnyDate)
|
|
38
|
+
* 2. Add domain-specific $blob function to Reference objects
|
|
39
|
+
*/
|
|
40
|
+
function normalizeDecodedASN1(input, principals) {
|
|
41
|
+
// Handle primitives
|
|
42
|
+
if (input === undefined || input === null || typeof input !== 'object') {
|
|
43
|
+
return (input);
|
|
44
|
+
}
|
|
45
|
+
if (input instanceof Date || Buffer.isBuffer(input) || input instanceof ArrayBuffer) {
|
|
46
|
+
return (input);
|
|
47
|
+
}
|
|
48
|
+
// Handle arrays
|
|
49
|
+
if (Array.isArray(input)) {
|
|
50
|
+
return (input.map(item => normalizeDecodedASN1(item, principals)));
|
|
51
|
+
}
|
|
52
|
+
// Unwrap ASN.1-like objects from ambiguous schemas (IsAnyString, IsAnyDate, IsBitString)
|
|
53
|
+
// These are plain objects like { type: 'string', kind: 'utf8', value: 'text' }
|
|
54
|
+
// eslint-disable-next-line @typescript-eslint/consistent-type-assertions
|
|
55
|
+
const obj = input;
|
|
56
|
+
if (obj.type === 'string' && 'value' in obj && typeof obj.value === 'string') {
|
|
57
|
+
return (obj.value);
|
|
58
|
+
}
|
|
59
|
+
if (obj.type === 'date' && 'value' in obj && obj.value instanceof Date) {
|
|
60
|
+
return (obj.value);
|
|
61
|
+
}
|
|
62
|
+
if (obj.type === 'bitstring' && 'value' in obj && Buffer.isBuffer(obj.value)) {
|
|
63
|
+
return (obj.value);
|
|
64
|
+
}
|
|
65
|
+
// Check if this is a Reference object (has external.url and digest fields)
|
|
66
|
+
if ('external' in obj && 'digest' in obj && isPlainObject(obj.external) && isPlainObject(obj.digest)) {
|
|
67
|
+
// eslint-disable-next-line @typescript-eslint/consistent-type-assertions
|
|
68
|
+
const ref = obj;
|
|
69
|
+
const url = ref.external.url;
|
|
70
|
+
const mimeType = ref.external.contentType;
|
|
71
|
+
// After toJavaScriptObject(), OIDs are strings, not {oid: string}
|
|
72
|
+
const encryptionAlgoOID = typeof ref.encryptionAlgorithm === 'string'
|
|
73
|
+
? ref.encryptionAlgorithm
|
|
74
|
+
: ref.encryptionAlgorithm?.oid;
|
|
75
|
+
const digestInfo = ref.digest;
|
|
76
|
+
if (typeof url === 'string' && typeof mimeType === 'string' && digestInfo) {
|
|
77
|
+
let cachedValue = null;
|
|
78
|
+
return ({
|
|
79
|
+
...normalizeDecodedASN1Object(obj, principals),
|
|
80
|
+
$blob: async function (additionalPrincipals) {
|
|
81
|
+
if (cachedValue) {
|
|
82
|
+
return (cachedValue);
|
|
83
|
+
}
|
|
84
|
+
const fetchResult = await fetch(url);
|
|
85
|
+
if (!fetchResult.ok) {
|
|
86
|
+
throw (new Error(`Failed to fetch remote data from ${url}: ${fetchResult.status} ${fetchResult.statusText}`));
|
|
87
|
+
}
|
|
88
|
+
const dataBlob = await fetchResult.blob();
|
|
89
|
+
let data = await dataBlob.arrayBuffer();
|
|
90
|
+
// Handle JSON base64 encoding
|
|
91
|
+
if (dataBlob.type === 'application/json') {
|
|
92
|
+
try {
|
|
93
|
+
const asJSON = JSON.parse(Buffer.from(data).toString('utf-8'));
|
|
94
|
+
if (isPlainObject(asJSON) && Object.keys(asJSON).length === 2) {
|
|
95
|
+
if ('data' in asJSON && typeof asJSON.data === 'string' && 'mimeType' in asJSON && typeof asJSON.mimeType === 'string') {
|
|
96
|
+
data = bufferToArrayBuffer(Buffer.from(asJSON.data, 'base64'));
|
|
97
|
+
}
|
|
98
|
+
}
|
|
99
|
+
}
|
|
100
|
+
catch {
|
|
101
|
+
/* Ignored */
|
|
102
|
+
}
|
|
103
|
+
}
|
|
104
|
+
// Decrypt if needed
|
|
105
|
+
if (encryptionAlgoOID) {
|
|
106
|
+
switch (encryptionAlgoOID) {
|
|
107
|
+
case '1.3.6.1.4.1.62675.2':
|
|
108
|
+
case 'KeetaEncryptedContainerV1': {
|
|
109
|
+
const container = EncryptedContainer.fromEncryptedBuffer(data, [
|
|
110
|
+
...principals,
|
|
111
|
+
...(additionalPrincipals ?? [])
|
|
112
|
+
]);
|
|
113
|
+
data = await container.getPlaintext();
|
|
114
|
+
break;
|
|
115
|
+
}
|
|
116
|
+
default:
|
|
117
|
+
throw (new Error(`Unsupported encryption algorithm OID: ${encryptionAlgoOID}`));
|
|
118
|
+
}
|
|
119
|
+
}
|
|
120
|
+
// Verify hash (checkHashWithOID now accepts string OIDs directly)
|
|
121
|
+
if (!Buffer.isBuffer(digestInfo.digest)) {
|
|
122
|
+
throw (new TypeError('Digest value is not a buffer'));
|
|
123
|
+
}
|
|
124
|
+
const validHash = await checkHashWithOID(data, digestInfo);
|
|
125
|
+
if (validHash !== true) {
|
|
126
|
+
throw (validHash);
|
|
127
|
+
}
|
|
128
|
+
const blob = new Blob([data], { type: mimeType });
|
|
129
|
+
cachedValue = blob;
|
|
130
|
+
return (blob);
|
|
131
|
+
}
|
|
132
|
+
});
|
|
133
|
+
}
|
|
134
|
+
}
|
|
135
|
+
// Recursively process plain objects
|
|
136
|
+
return (normalizeDecodedASN1Object(obj, principals));
|
|
137
|
+
}
|
|
19
138
|
function isBlob(input) {
|
|
20
139
|
if (typeof input !== 'object' || input === null) {
|
|
21
140
|
return (false);
|
|
@@ -135,12 +254,16 @@ function asCertificateAttributeNames(name) {
|
|
|
135
254
|
assertCertificateAttributeNames(name);
|
|
136
255
|
return (name);
|
|
137
256
|
}
|
|
138
|
-
function resolveSchema(name, schema) {
|
|
139
|
-
return (contextualizeStructSchema(schema));
|
|
140
|
-
}
|
|
141
257
|
function encodeAttribute(name, value) {
|
|
142
|
-
const schema =
|
|
143
|
-
|
|
258
|
+
const schema = CertificateAttributeSchema[name];
|
|
259
|
+
let encodedJS;
|
|
260
|
+
try {
|
|
261
|
+
encodedJS = new ASN1.ValidateASN1(schema).fromJavaScriptObject(value);
|
|
262
|
+
}
|
|
263
|
+
catch (err) {
|
|
264
|
+
const message = err instanceof Error ? err.message : String(err);
|
|
265
|
+
throw (new Error(`Attribute ${name}: ${message} (value: ${JSON.stringify(DPO(value))})`));
|
|
266
|
+
}
|
|
144
267
|
if (encodedJS === undefined) {
|
|
145
268
|
throw (new Error(`Unsupported attribute value for encoding: ${JSON.stringify(DPO(value))}`));
|
|
146
269
|
}
|
|
@@ -176,11 +299,18 @@ function encodeForSensitive(name, value) {
|
|
|
176
299
|
return (Buffer.from(String(value), 'utf-8'));
|
|
177
300
|
}
|
|
178
301
|
async function decodeAttribute(name, value, principals) {
|
|
179
|
-
const schema =
|
|
302
|
+
const schema = CertificateAttributeSchema[name];
|
|
303
|
+
const decodedASN1 = new ASN1.BufferStorageASN1(value, schema).getASN1();
|
|
304
|
+
const validator = new ASN1.ValidateASN1(schema);
|
|
305
|
+
// XXX:TODO Fix depth issue
|
|
306
|
+
// @ts-expect-error
|
|
307
|
+
const plainObject = validator.toJavaScriptObject(decodedASN1);
|
|
308
|
+
// Post-process to:
|
|
309
|
+
// 1. Unwrap any remaining ASN.1-like objects
|
|
310
|
+
// 2. Add domain-specific $blob function to Reference objects
|
|
180
311
|
// XXX:TODO Fix depth issue
|
|
181
|
-
// @ts-
|
|
182
|
-
const
|
|
183
|
-
const candidate = normalizeDecodedASN1(decodedUnknown, principals);
|
|
312
|
+
// @ts-expect-error
|
|
313
|
+
const candidate = normalizeDecodedASN1(plainObject, principals);
|
|
184
314
|
return (asAttributeValue(name, candidate));
|
|
185
315
|
}
|
|
186
316
|
class SensitiveAttributeBuilder {
|
|
@@ -281,7 +411,7 @@ class SensitiveAttribute {
|
|
|
281
411
|
decodedAttribute = dataObject.getASN1();
|
|
282
412
|
}
|
|
283
413
|
catch {
|
|
284
|
-
const js = ASN1toJS(data);
|
|
414
|
+
const js = ASN1.ASN1toJS(data);
|
|
285
415
|
throw (new Error(`SensitiveAttribute.decode: unexpected DER shape ${JSON.stringify(DPO(js))}`));
|
|
286
416
|
}
|
|
287
417
|
const decodedVersion = decodedAttribute[0] + 1n;
|
|
@@ -564,7 +694,7 @@ export class Certificate extends KeetaNetClient.lib.Utils.Certificate.Certificat
|
|
|
564
694
|
/* Do nothing, we call the super method in the constructor */
|
|
565
695
|
}
|
|
566
696
|
setPlainAttribute(name, value) {
|
|
567
|
-
// @ts-
|
|
697
|
+
// @ts-expect-error
|
|
568
698
|
this.attributes[name] = { sensitive: false, value };
|
|
569
699
|
}
|
|
570
700
|
setSensitiveAttribute(name, value) {
|
|
@@ -923,7 +1053,7 @@ export class SharableCertificateAttributes {
|
|
|
923
1053
|
throw (new Error(`Missing reference value for ID ${referenceID}`));
|
|
924
1054
|
}
|
|
925
1055
|
const referenceData = Buffer.from(referenceValue, 'base64');
|
|
926
|
-
const referenceDataAB =
|
|
1056
|
+
const referenceDataAB = bufferToArrayBuffer(referenceData);
|
|
927
1057
|
/* Verify the hash matches what was certified */
|
|
928
1058
|
const checkHash = await checkHashWithOID(referenceData, parent.digest);
|
|
929
1059
|
if (checkHash !== true) {
|
|
@@ -987,6 +1117,10 @@ Certificate.SharableAttributes = SharableCertificateAttributes;
|
|
|
987
1117
|
/** @internal */
|
|
988
1118
|
export const _Testing = {
|
|
989
1119
|
SensitiveAttributeBuilder,
|
|
990
|
-
SensitiveAttribute
|
|
1120
|
+
SensitiveAttribute,
|
|
1121
|
+
ValidateASN1: ASN1.ValidateASN1,
|
|
1122
|
+
BufferStorageASN1: ASN1.BufferStorageASN1,
|
|
1123
|
+
JStoASN1: ASN1.JStoASN1,
|
|
1124
|
+
normalizeDecodedASN1
|
|
991
1125
|
};
|
|
992
1126
|
//# sourceMappingURL=certificates.js.map
|