@keetanetwork/anchor 0.0.25 → 0.0.27
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/certificates.d.ts +26 -6
- package/lib/certificates.d.ts.map +1 -1
- package/lib/certificates.generated.js +16 -1
- package/lib/certificates.generated.js.map +1 -1
- package/lib/certificates.js +274 -26
- package/lib/certificates.js.map +1 -1
- package/lib/resolver.js +40 -40
- package/lib/utils/asn1.d.ts +0 -13
- package/lib/utils/asn1.d.ts.map +1 -1
- package/lib/utils/asn1.js +0 -1973
- package/lib/utils/asn1.js.map +1 -1
- package/lib/utils/external.d.ts.map +1 -1
- package/lib/utils/external.js +9 -2
- package/lib/utils/external.js.map +1 -1
- package/npm-shrinkwrap.json +2 -2
- package/package.json +1 -1
- package/services/asset-movement/common.d.ts +70 -46
- package/services/asset-movement/common.d.ts.map +1 -1
- package/services/asset-movement/common.js +1442 -708
- package/services/asset-movement/common.js.map +1 -1
- package/services/asset-movement/lib/location.d.ts +64 -0
- package/services/asset-movement/lib/location.d.ts.map +1 -0
- package/services/asset-movement/lib/location.generated.d.ts +4 -0
- package/services/asset-movement/lib/location.generated.d.ts.map +1 -0
- package/services/asset-movement/lib/location.generated.js +16 -0
- package/services/asset-movement/lib/location.generated.js.map +1 -0
- package/services/asset-movement/lib/location.js +155 -0
- package/services/asset-movement/lib/location.js.map +1 -0
- package/services/kyc/iso20022.generated.js +54 -54
- package/services/kyc/iso20022.generated.js.map +1 -1
- package/services/kyc/utils/generate-kyc-schema.js +34 -6
- package/services/kyc/utils/generate-kyc-schema.js.map +1 -1
package/lib/certificates.d.ts
CHANGED
|
@@ -2,12 +2,21 @@ import * as KeetaNetClient from '@keetanetwork/keetanet-client';
|
|
|
2
2
|
import { Buffer } from './utils/buffer.js';
|
|
3
3
|
import type { CertificateAttributeValue } from '../services/kyc/iso20022.generated.js';
|
|
4
4
|
import { CertificateAttributeOIDDB } from '../services/kyc/iso20022.generated.js';
|
|
5
|
+
/**
|
|
6
|
+
* Short alias for the KeetaNetAccount type
|
|
7
|
+
*/
|
|
8
|
+
declare const KeetaNetAccount: typeof KeetaNetClient.lib.Account;
|
|
5
9
|
type AccountKeyAlgorithm = InstanceType<typeof KeetaNetClient.lib.Account>['keyType'];
|
|
6
10
|
/**
|
|
7
11
|
* An alias for the KeetaNetAccount type
|
|
8
12
|
*/
|
|
9
13
|
type KeetaNetAccount = ReturnType<typeof KeetaNetClient.lib.Account.fromSeed<AccountKeyAlgorithm>>;
|
|
10
|
-
|
|
14
|
+
type BaseCertificateClass = typeof KeetaNetClient.lib.Utils.Certificate.Certificate;
|
|
15
|
+
type BaseCertificate = InstanceType<BaseCertificateClass>;
|
|
16
|
+
declare const BaseCertificate: BaseCertificateClass;
|
|
17
|
+
type BaseCertificateBuilderClass = typeof KeetaNetClient.lib.Utils.Certificate.CertificateBuilder;
|
|
18
|
+
type BaseCertificateBuilder = InstanceType<BaseCertificateBuilderClass>;
|
|
19
|
+
declare const BaseCertificateBuilder: BaseCertificateBuilderClass;
|
|
11
20
|
declare function assertCertificateAttributeNames(name: string): asserts name is CertificateAttributeNames;
|
|
12
21
|
declare class SensitiveAttribute<T = ArrayBuffer> {
|
|
13
22
|
#private;
|
|
@@ -45,7 +54,7 @@ declare class SensitiveAttribute<T = ArrayBuffer> {
|
|
|
45
54
|
* Type for certificate attribute names (derived from generated OID database)
|
|
46
55
|
*/
|
|
47
56
|
type CertificateAttributeNames = keyof typeof CertificateAttributeOIDDB;
|
|
48
|
-
type BaseCertificateBuilderParams = NonNullable<ConstructorParameters<
|
|
57
|
+
type BaseCertificateBuilderParams = NonNullable<ConstructorParameters<BaseCertificateBuilderClass>[0]>;
|
|
49
58
|
type CertificateBuilderParams = Required<Pick<BaseCertificateBuilderParams, 'issuer' | 'validFrom' | 'validTo' | 'serial' | 'hashLib' | 'issuerDN' | 'subjectDN' | 'isCA'> & {
|
|
50
59
|
/**
|
|
51
60
|
* The key of the subject -- used for Sensitive Attributes as well
|
|
@@ -54,7 +63,7 @@ type CertificateBuilderParams = Required<Pick<BaseCertificateBuilderParams, 'iss
|
|
|
54
63
|
subject: BaseCertificateBuilderParams['subjectPublicKey'];
|
|
55
64
|
}>;
|
|
56
65
|
type CertificateAttributeInput<NAME extends CertificateAttributeNames> = CertificateAttributeValue<NAME>;
|
|
57
|
-
export declare class CertificateBuilder extends
|
|
66
|
+
export declare class CertificateBuilder extends BaseCertificateBuilder {
|
|
58
67
|
#private;
|
|
59
68
|
/**
|
|
60
69
|
* Map the parameters from the public interface to the internal
|
|
@@ -71,7 +80,7 @@ export declare class CertificateBuilder extends KeetaNetClient.lib.Utils.Certifi
|
|
|
71
80
|
* value can be proven later without revealing it.
|
|
72
81
|
*/
|
|
73
82
|
setAttribute<NAME extends CertificateAttributeNames>(name: NAME, sensitive: boolean, value: CertificateAttributeInput<NAME>): void;
|
|
74
|
-
protected addExtensions(...args: Parameters<
|
|
83
|
+
protected addExtensions(...args: Parameters<BaseCertificateBuilder['addExtensions']>): ReturnType<BaseCertificateBuilder['addExtensions']>;
|
|
75
84
|
/**
|
|
76
85
|
* Create a Certificate object from the builder
|
|
77
86
|
*
|
|
@@ -80,7 +89,7 @@ export declare class CertificateBuilder extends KeetaNetClient.lib.Utils.Certifi
|
|
|
80
89
|
*/
|
|
81
90
|
build(params?: Partial<CertificateBuilderParams>): Promise<Certificate>;
|
|
82
91
|
}
|
|
83
|
-
export declare class Certificate extends
|
|
92
|
+
export declare class Certificate extends BaseCertificate {
|
|
84
93
|
private readonly subjectKey;
|
|
85
94
|
static readonly Builder: typeof CertificateBuilder;
|
|
86
95
|
static readonly SharableAttributes: typeof SharableCertificateAttributes;
|
|
@@ -96,7 +105,7 @@ export declare class Certificate extends KeetaNetClient.lib.Utils.Certificate.Ce
|
|
|
96
105
|
value: ArrayBuffer;
|
|
97
106
|
};
|
|
98
107
|
};
|
|
99
|
-
constructor(input: ConstructorParameters<
|
|
108
|
+
constructor(input: ConstructorParameters<BaseCertificateClass>[0], options?: ConstructorParameters<BaseCertificateClass>[1] & {
|
|
100
109
|
subjectKey?: KeetaNetAccount;
|
|
101
110
|
});
|
|
102
111
|
protected finalizeConstruction(): void;
|
|
@@ -129,6 +138,7 @@ export declare namespace SharableCertificateAttributesTypes {
|
|
|
129
138
|
};
|
|
130
139
|
type ContentsSchema = {
|
|
131
140
|
certificate: string;
|
|
141
|
+
intermediates?: string[] | undefined;
|
|
132
142
|
attributes: {
|
|
133
143
|
[name: string]: {
|
|
134
144
|
sensitive: true;
|
|
@@ -159,11 +169,21 @@ export declare class SharableCertificateAttributes {
|
|
|
159
169
|
* and a list of attribute names to include -- if no list is
|
|
160
170
|
* provided, all attributes are included.
|
|
161
171
|
*/
|
|
172
|
+
static fromCertificate(certificate: Certificate, intermediates?: Set<BaseCertificate>, attributeNames?: CertificateAttributeNames[]): Promise<SharableCertificateAttributes>;
|
|
173
|
+
/** @deprecated Use the overload with three parameters instead */
|
|
162
174
|
static fromCertificate(certificate: Certificate, attributeNames?: CertificateAttributeNames[]): Promise<SharableCertificateAttributes>;
|
|
163
175
|
grantAccess(principal: KeetaNetAccount): Promise<this>;
|
|
164
176
|
revokeAccess(principal: KeetaNetAccount): Promise<this>;
|
|
165
177
|
get principals(): KeetaNetAccount[];
|
|
166
178
|
getCertificate(): Promise<Certificate>;
|
|
179
|
+
/**
|
|
180
|
+
* Get the intermediate certificates included in this sharable
|
|
181
|
+
* certificate container
|
|
182
|
+
*
|
|
183
|
+
* @return A set of BaseCertificate objects representing the
|
|
184
|
+
* intermediate certificates attached to this container
|
|
185
|
+
*/
|
|
186
|
+
getIntermediates(): Promise<Set<BaseCertificate>>;
|
|
167
187
|
getAttributeBuffer(name: string): Promise<ArrayBuffer | undefined>;
|
|
168
188
|
getAttribute<NAME extends CertificateAttributeNames>(name: NAME): Promise<CertificateAttributeValue<NAME> | undefined>;
|
|
169
189
|
getAttributeNames(includeUnknown: true): Promise<string[]>;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"certificates.d.ts","sourceRoot":"","sources":["../../src/lib/certificates.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,cAAc,MAAM,+BAA+B,CAAC;
|
|
1
|
+
{"version":3,"file":"certificates.d.ts","sourceRoot":"","sources":["../../src/lib/certificates.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,cAAc,MAAM,+BAA+B,CAAC;AAGhE,OAAO,EAAgD,MAAM,EAAuB,MAAM,mBAAmB,CAAC;AAG9G,OAAO,KAAK,EAA0B,yBAAyB,EAAE,MAAM,uCAAuC,CAAC;AAC/G,OAAO,EAAE,yBAAyB,EAA8B,MAAM,uCAAuC,CAAC;AAY9G;;GAEG;AACH,QAAA,MAAM,eAAe,EAAE,OAAO,cAAc,CAAC,GAAG,CAAC,OAAoC,CAAC;AAGtF,KAAK,mBAAmB,GAAG,YAAY,CAAC,OAAO,cAAc,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,CAAC;AAEtF;;GAEG;AACH,KAAK,eAAe,GAAG,UAAU,CAAC,OAAO,cAAc,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,mBAAmB,CAAC,CAAC,CAAC;AAKnG,KAAK,oBAAoB,GAAG,OAAO,cAAc,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,WAAW,CAAC;AACpF,KAAK,eAAe,GAAG,YAAY,CAAC,oBAAoB,CAAC,CAAC;AAC1D,QAAA,MAAM,eAAe,EAAE,oBAAuE,CAAC;AAC/F,KAAK,2BAA2B,GAAG,OAAO,cAAc,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,kBAAkB,CAAC;AAClG,KAAK,sBAAsB,GAAG,YAAY,CAAC,2BAA2B,CAAC,CAAC;AACxE,QAAA,MAAM,sBAAsB,EAAE,2BAAqF,CAAC;AA+RpH,iBAAS,+BAA+B,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,IAAI,yBAAyB,CAIhG;AA4ND,cAAM,kBAAkB,CAAC,CAAC,GAAG,WAAW;;gBAK3B,OAAO,EAAE,eAAe,EAAE,IAAI,EAAE,MAAM,GAAG,WAAW,EAAE,OAAO,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,GAAG,WAAW,KAAK,CAAC;IAQ7G,OAAO,CAAC,MAAM;IAqEd;;;;;;;;OAQG;IACG,GAAG,IAAI,OAAO,CAAC,WAAW,CAAC;IAK3B,QAAQ,IAAI,OAAO,CAAC,CAAC,CAAC;IAiB5B;;;;OAIG;IACG,QAAQ,IAAI,OAAO,CAAC;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE;YAAE,IAAI,EAAE,MAAM,CAAA;SAAE,CAAA;KAAC,CAAC;IAYnE;;OAEG;IACG,aAAa,CAAC,KAAK,EAAE,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,OAAO,CAAC;IAcnF,MAAM,IAAI,OAAO;CAGjB;AAED;;GAEG;AACH,KAAK,yBAAyB,GAAG,MAAM,OAAO,yBAAyB,CAAC;AAExE,KAAK,4BAA4B,GAAG,WAAW,CAAC,qBAAqB,CAAC,2BAA2B,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACvG,KAAK,wBAAwB,GAAG,QAAQ,CAAC,IAAI,CAAC,4BAA4B,EAAE,QAAQ,GAAG,WAAW,GAAG,SAAS,GAAG,QAAQ,GAAG,SAAS,GAAG,UAAU,GAAG,WAAW,GAAG,MAAM,CAAC,GAAG;IAC5K;;;OAGG;IACH,OAAO,EAAE,4BAA4B,CAAC,kBAAkB,CAAC,CAAC;CAC1D,CAAC,CAAC;AAoCH,KAAK,yBAAyB,CAAC,IAAI,SAAS,yBAAyB,IAAI,yBAAyB,CAAC,IAAI,CAAC,CAAC;AAEzG,qBAAa,kBAAmB,SAAQ,sBAAsB;;IAK7D;;;OAGG;IACH,OAAO,CAAC,MAAM,CAAC,SAAS;gBAcZ,MAAM,CAAC,EAAE,OAAO,CAAC,wBAAwB,CAAC;IAItD;;;;;;;OAOG;IACH,YAAY,CAAC,IAAI,SAAS,yBAAyB,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,KAAK,EAAE,yBAAyB,CAAC,IAAI,CAAC,GAAG,IAAI;cA2BlH,aAAa,CAAC,GAAG,IAAI,EAAE,UAAU,CAAC,sBAAsB,CAAC,eAAe,CAAC,CAAC,GAAG,UAAU,CAAC,sBAAsB,CAAC,eAAe,CAAC,CAAC;IAmDhJ;;;;;OAKG;IACG,KAAK,CAAC,MAAM,CAAC,EAAE,OAAO,CAAC,wBAAwB,CAAC,GAAG,OAAO,CAAC,WAAW,CAAC;CAgB7E;AAED,qBAAa,WAAY,SAAQ,eAAe;IAC/C,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAkB;IAC7C,MAAM,CAAC,QAAQ,CAAC,OAAO,EAAE,OAAO,kBAAkB,CAAsB;IACxE,MAAM,CAAC,QAAQ,CAAC,kBAAkB,EAAE,OAAO,6BAA6B,CAAC;IAEzE;;OAEM;IACN,QAAQ,CAAC,UAAU,EAAE;SACnB,IAAI,IAAI,yBAAyB,CAAC,CAAC,EAAE;YACrC,SAAS,EAAE,IAAI,CAAC;YAChB,KAAK,EAAE,kBAAkB,CAAC,yBAAyB,CAAC,IAAI,CAAC,CAAC,CAAC;SAC3D,GAAG;YACH,SAAS,EAAE,KAAK,CAAC;YACjB,KAAK,EAAE,WAAW,CAAC;SACnB;KACD,CAAM;gBAEK,KAAK,EAAE,qBAAqB,CAAC,oBAAoB,CAAC,CAAC,CAAC,CAAC,EAAE,OAAO,CAAC,EAAE,qBAAqB,CAAC,oBAAoB,CAAC,CAAC,CAAC,CAAC,GAAG;QAAE,UAAU,CAAC,EAAE,eAAe,CAAA;KAAE;IAQ9J,SAAS,CAAC,oBAAoB,IAAI,IAAI;IAItC,OAAO,CAAC,iBAAiB;IAKzB,OAAO,CAAC,qBAAqB;IAW7B;;;;;OAKG;IACG,iBAAiB,CAAC,IAAI,SAAS,yBAAyB,EAAE,aAAa,EAAE,IAAI,GAAG,OAAO,CAAC,yBAAyB,CAAC,IAAI,CAAC,CAAC;IAmB9H,SAAS,CAAC,gBAAgB,CAAC,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,WAAW,GAAG,OAAO;CAiCnE;AAGD,yBAAiB,kCAAkC,CAAC;IACnD,KAAY,aAAa,GAAG;QAC3B;;;;WAIG;QACH,MAAM,CAAC,EAAE,QAAQ,GAAG,aAAa,CAAC;KAClC,CAAC;IACF,KAAY,aAAa,GAAG;QAC3B;;;WAGG;QACH,UAAU,CAAC,EAAE,GAAG,CAAC,eAAe,CAAC,GAAG,eAAe,EAAE,GAAG,eAAe,GAAG,IAAI,CAAC;KAC/E,CAAC;IACF,KAAY,cAAc,GAAG;QAC5B,WAAW,EAAE,MAAM,CAAC;QACpB,aAAa,CAAC,EAAE,MAAM,EAAE,GAAG,SAAS,CAAC;QACrC,UAAU,EAAE;YACX,CAAC,IAAI,EAAE,MAAM,GAAG;gBACf,SAAS,EAAE,IAAI,CAAC;gBAChB,KAAK,EAAE,OAAO,CAAC,UAAU,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;gBAC3D,UAAU,CAAC,EAAE;oBAAE,CAAC,EAAE,EAAE,MAAM,GAAG,MAAM,CAAA;iBAAE,CAAC;aACtC,GAAG;gBACH,SAAS,EAAE,KAAK,CAAC;gBACjB,KAAK,EAAE,MAAM,CAAC;gBACd,UAAU,CAAC,EAAE;oBAAE,CAAC,EAAE,EAAE,MAAM,GAAG,MAAM,CAAA;iBAAE,CAAC;aACtC,CAAA;SACD,CAAC;KACF,CAAC;CACF;AACD,KAAK,0CAA0C,GAAG,kCAAkC,CAAC,aAAa,CAAC;AACnG,KAAK,0CAA0C,GAAG,kCAAkC,CAAC,aAAa,CAAC;AAGnG,qBAAa,6BAA6B;;IAWzC,OAAO,CAAC,SAAS,CAAqB;IACtC,OAAO,CAAC,iBAAiB,CAAS;IAElC,MAAM,CAAC,8BAA8B,EAAE,OAAO,+BAA+B,CAAmC;gBAEpG,KAAK,EAAE,WAAW,GAAG,MAAM,GAAG,MAAM,EAAE,OAAO,CAAC,EAAE,0CAA0C;IA2DtG;;;;OAIG;WACU,eAAe,CAAC,WAAW,EAAE,WAAW,EAAE,aAAa,CAAC,EAAE,GAAG,CAAC,eAAe,CAAC,EAAE,cAAc,CAAC,EAAE,yBAAyB,EAAE,GAAG,OAAO,CAAC,6BAA6B,CAAC;IAClL,iEAAiE;WACpD,eAAe,CAAC,WAAW,EAAE,WAAW,EAAE,cAAc,CAAC,EAAE,yBAAyB,EAAE,GAAG,OAAO,CAAC,6BAA6B,CAAC;IAoJtI,WAAW,CAAC,SAAS,EAAE,eAAe,GAAG,OAAO,CAAC,IAAI,CAAC;IAKtD,YAAY,CAAC,SAAS,EAAE,eAAe,GAAG,OAAO,CAAC,IAAI,CAAC;IAK7D,IAAI,UAAU,IAAI,eAAe,EAAE,CAElC;IA0FK,cAAc,IAAI,OAAO,CAAC,WAAW,CAAC;IAQ5C;;;;;;OAMG;IACG,gBAAgB,IAAI,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;IAQjD,kBAAkB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,GAAG,SAAS,CAAC;IAMlE,YAAY,CAAC,IAAI,SAAS,yBAAyB,EAAE,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,yBAAyB,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC;IAiEtH,iBAAiB,CAAC,cAAc,EAAE,IAAI,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAC1D,iBAAiB,CAAC,cAAc,CAAC,EAAE,KAAK,GAAG,OAAO,CAAC,yBAAyB,EAAE,CAAC;IAgBrF,MAAM,CAAC,OAAO,CAAC,EAAE,IAAI,CAAC,0CAA0C,EAAE,QAAQ,CAAC,GAAG;QAAE,MAAM,CAAC,EAAE,KAAK,CAAC;KAAE,GAAG,OAAO,CAAC,WAAW,CAAC;IACxH,MAAM,CAAC,OAAO,EAAE,CAAC,IAAI,CAAC,0CAA0C,EAAE,QAAQ,CAAC,GAAG;QAAE,MAAM,EAAE,aAAa,CAAA;KAAE,CAAC,GAAG,OAAO,CAAC,WAAW,CAAC;IAC/H,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,0CAA0C,EAAE,QAAQ,CAAC,GAAG;QAAE,MAAM,EAAE,QAAQ,CAAA;KAAE,GAAG,OAAO,CAAC,MAAM,CAAC;IACnH,MAAM,CAAC,OAAO,CAAC,EAAE,0CAA0C,GAAG,OAAO,CAAC,WAAW,GAAG,MAAM,CAAC;CA8B3F"}
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import * as __typia_transform__assertGuard from "typia/lib/internal/_assertGuard.js";
|
|
2
2
|
import * as __typia_transform__accessExpressionAsString from "typia/lib/internal/_accessExpressionAsString.js";
|
|
3
3
|
import * as typia from 'typia';
|
|
4
|
-
export const assertSharableCertificateAttributesContentsSchema = (() => { const _io0 = input => "string" === typeof input.certificate && ("object" === typeof input.attributes && null !== input.attributes && false === Array.isArray(input.attributes) && _io1(input.attributes)); const _io1 = input => Object.keys(input).every(key => {
|
|
4
|
+
export const assertSharableCertificateAttributesContentsSchema = (() => { const _io0 = input => "string" === typeof input.certificate && (undefined === input.intermediates || Array.isArray(input.intermediates) && input.intermediates.every(elem => "string" === typeof elem)) && ("object" === typeof input.attributes && null !== input.attributes && false === Array.isArray(input.attributes) && _io1(input.attributes)); const _io1 = input => Object.keys(input).every(key => {
|
|
5
5
|
const value = input[key];
|
|
6
6
|
if (undefined === value)
|
|
7
7
|
return true;
|
|
@@ -28,6 +28,21 @@ export const assertSharableCertificateAttributesContentsSchema = (() => { const
|
|
|
28
28
|
path: _path + ".certificate",
|
|
29
29
|
expected: "string",
|
|
30
30
|
value: input.certificate
|
|
31
|
+
}, _errorFactory)) && (undefined === input.intermediates || (Array.isArray(input.intermediates) || __typia_transform__assertGuard._assertGuard(_exceptionable, {
|
|
32
|
+
method: "typia.createAssert",
|
|
33
|
+
path: _path + ".intermediates",
|
|
34
|
+
expected: "(Array<string> | undefined)",
|
|
35
|
+
value: input.intermediates
|
|
36
|
+
}, _errorFactory)) && input.intermediates.every((elem, _index2) => "string" === typeof elem || __typia_transform__assertGuard._assertGuard(_exceptionable, {
|
|
37
|
+
method: "typia.createAssert",
|
|
38
|
+
path: _path + ".intermediates[" + _index2 + "]",
|
|
39
|
+
expected: "string",
|
|
40
|
+
value: elem
|
|
41
|
+
}, _errorFactory)) || __typia_transform__assertGuard._assertGuard(_exceptionable, {
|
|
42
|
+
method: "typia.createAssert",
|
|
43
|
+
path: _path + ".intermediates",
|
|
44
|
+
expected: "(Array<string> | undefined)",
|
|
45
|
+
value: input.intermediates
|
|
31
46
|
}, _errorFactory)) && (("object" === typeof input.attributes && null !== input.attributes && false === Array.isArray(input.attributes) || __typia_transform__assertGuard._assertGuard(_exceptionable, {
|
|
32
47
|
method: "typia.createAssert",
|
|
33
48
|
path: _path + ".attributes",
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"certificates.generated.js","sourceRoot":"","sources":["../../src/lib/certificates.generated.ts"],"names":[],"mappings":";;AAAA,OAAO,KAAK,KAAK,MAAM,OAAO,CAAC;AAG/B,MAAM,CAAC,MAAM,iDAAiD
|
|
1
|
+
{"version":3,"file":"certificates.generated.js","sourceRoot":"","sources":["../../src/lib/certificates.generated.ts"],"names":[],"mappings":";;AAAA,OAAO,KAAK,KAAK,MAAM,OAAO,CAAC;AAG/B,MAAM,CAAC,MAAM,iDAAiD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAAiJ,CAAC","sourcesContent":["import * as typia from 'typia';\nimport type { SharableCertificateAttributesTypes } from './certificates.js';\n\nexport const assertSharableCertificateAttributesContentsSchema: (input: unknown) => SharableCertificateAttributesTypes.ContentsSchema = typia.createAssert<SharableCertificateAttributesTypes.ContentsSchema>();\n"]}
|
package/lib/certificates.js
CHANGED
|
@@ -1,7 +1,6 @@
|
|
|
1
1
|
import * as KeetaNetClient from '@keetanetwork/keetanet-client';
|
|
2
2
|
import * as oids from '../services/kyc/oids.generated.js';
|
|
3
3
|
import * as ASN1 from './utils/asn1.js';
|
|
4
|
-
import { ASN1toJS, contextualizeStructSchema, encodeValueBySchema, normalizeDecodedASN1 } from './utils/asn1.js';
|
|
5
4
|
import { arrayBufferLikeToBuffer, arrayBufferToBuffer, Buffer, bufferToArrayBuffer } from './utils/buffer.js';
|
|
6
5
|
import crypto from './utils/crypto.js';
|
|
7
6
|
import { assertNever } from './utils/never.js';
|
|
@@ -15,7 +14,129 @@ import { checkHashWithOID } from './utils/external.js';
|
|
|
15
14
|
* Short alias for printing a debug representation of an object
|
|
16
15
|
*/
|
|
17
16
|
const DPO = KeetaNetClient.lib.Utils.Helper.debugPrintableObject.bind(KeetaNetClient.lib.Utils.Helper);
|
|
17
|
+
/**
|
|
18
|
+
* Short alias for the KeetaNetAccount type
|
|
19
|
+
*/
|
|
18
20
|
const KeetaNetAccount = KeetaNetClient.lib.Account;
|
|
21
|
+
const BaseCertificate = KeetaNetClient.lib.Utils.Certificate.Certificate;
|
|
22
|
+
const BaseCertificateBuilder = KeetaNetClient.lib.Utils.Certificate.CertificateBuilder;
|
|
23
|
+
function isPlainObject(value) {
|
|
24
|
+
return (typeof value === 'object' && value !== null && !Array.isArray(value));
|
|
25
|
+
}
|
|
26
|
+
/**
|
|
27
|
+
* Recursively normalize object properties
|
|
28
|
+
*/
|
|
29
|
+
function normalizeDecodedASN1Object(obj, principals) {
|
|
30
|
+
const result = {};
|
|
31
|
+
for (const [key, value] of Object.entries(obj)) {
|
|
32
|
+
// eslint-disable-next-line @typescript-eslint/no-use-before-define
|
|
33
|
+
result[key] = normalizeDecodedASN1(value, principals);
|
|
34
|
+
}
|
|
35
|
+
return (result);
|
|
36
|
+
}
|
|
37
|
+
/**
|
|
38
|
+
* Post-process the output from toJavaScriptObject() to:
|
|
39
|
+
* 1. Unwrap any remaining ASN.1-like objects (from IsAnyString/IsAnyDate)
|
|
40
|
+
* 2. Add domain-specific $blob function to Reference objects
|
|
41
|
+
*/
|
|
42
|
+
function normalizeDecodedASN1(input, principals) {
|
|
43
|
+
// Handle primitives
|
|
44
|
+
if (input === undefined || input === null || typeof input !== 'object') {
|
|
45
|
+
return (input);
|
|
46
|
+
}
|
|
47
|
+
if (input instanceof Date || Buffer.isBuffer(input) || input instanceof ArrayBuffer) {
|
|
48
|
+
return (input);
|
|
49
|
+
}
|
|
50
|
+
// Handle arrays
|
|
51
|
+
if (Array.isArray(input)) {
|
|
52
|
+
return (input.map(item => normalizeDecodedASN1(item, principals)));
|
|
53
|
+
}
|
|
54
|
+
// Unwrap ASN.1-like objects from ambiguous schemas (IsAnyString, IsAnyDate, IsBitString)
|
|
55
|
+
// These are plain objects like { type: 'string', kind: 'utf8', value: 'text' }
|
|
56
|
+
// eslint-disable-next-line @typescript-eslint/consistent-type-assertions
|
|
57
|
+
const obj = input;
|
|
58
|
+
if (obj.type === 'string' && 'value' in obj && typeof obj.value === 'string') {
|
|
59
|
+
return (obj.value);
|
|
60
|
+
}
|
|
61
|
+
if (obj.type === 'date' && 'value' in obj && obj.value instanceof Date) {
|
|
62
|
+
return (obj.value);
|
|
63
|
+
}
|
|
64
|
+
if (obj.type === 'bitstring' && 'value' in obj && Buffer.isBuffer(obj.value)) {
|
|
65
|
+
return (obj.value);
|
|
66
|
+
}
|
|
67
|
+
// Check if this is a Reference object (has external.url and digest fields)
|
|
68
|
+
if ('external' in obj && 'digest' in obj && isPlainObject(obj.external) && isPlainObject(obj.digest)) {
|
|
69
|
+
// eslint-disable-next-line @typescript-eslint/consistent-type-assertions
|
|
70
|
+
const ref = obj;
|
|
71
|
+
const url = ref.external.url;
|
|
72
|
+
const mimeType = ref.external.contentType;
|
|
73
|
+
// After toJavaScriptObject(), OIDs are strings, not {oid: string}
|
|
74
|
+
const encryptionAlgoOID = typeof ref.encryptionAlgorithm === 'string'
|
|
75
|
+
? ref.encryptionAlgorithm
|
|
76
|
+
: ref.encryptionAlgorithm?.oid;
|
|
77
|
+
const digestInfo = ref.digest;
|
|
78
|
+
if (typeof url === 'string' && typeof mimeType === 'string' && digestInfo) {
|
|
79
|
+
let cachedValue = null;
|
|
80
|
+
return ({
|
|
81
|
+
...normalizeDecodedASN1Object(obj, principals),
|
|
82
|
+
$blob: async function (additionalPrincipals) {
|
|
83
|
+
if (cachedValue) {
|
|
84
|
+
return (cachedValue);
|
|
85
|
+
}
|
|
86
|
+
const fetchResult = await fetch(url);
|
|
87
|
+
if (!fetchResult.ok) {
|
|
88
|
+
throw (new Error(`Failed to fetch remote data from ${url}: ${fetchResult.status} ${fetchResult.statusText}`));
|
|
89
|
+
}
|
|
90
|
+
const dataBlob = await fetchResult.blob();
|
|
91
|
+
let data = await dataBlob.arrayBuffer();
|
|
92
|
+
// Handle JSON base64 encoding
|
|
93
|
+
if (dataBlob.type === 'application/json') {
|
|
94
|
+
try {
|
|
95
|
+
const asJSON = JSON.parse(Buffer.from(data).toString('utf-8'));
|
|
96
|
+
if (isPlainObject(asJSON) && Object.keys(asJSON).length === 2) {
|
|
97
|
+
if ('data' in asJSON && typeof asJSON.data === 'string' && 'mimeType' in asJSON && typeof asJSON.mimeType === 'string') {
|
|
98
|
+
data = bufferToArrayBuffer(Buffer.from(asJSON.data, 'base64'));
|
|
99
|
+
}
|
|
100
|
+
}
|
|
101
|
+
}
|
|
102
|
+
catch {
|
|
103
|
+
/* Ignored */
|
|
104
|
+
}
|
|
105
|
+
}
|
|
106
|
+
// Decrypt if needed
|
|
107
|
+
if (encryptionAlgoOID) {
|
|
108
|
+
switch (encryptionAlgoOID) {
|
|
109
|
+
case '1.3.6.1.4.1.62675.2':
|
|
110
|
+
case 'KeetaEncryptedContainerV1': {
|
|
111
|
+
const container = EncryptedContainer.fromEncryptedBuffer(data, [
|
|
112
|
+
...principals,
|
|
113
|
+
...(additionalPrincipals ?? [])
|
|
114
|
+
]);
|
|
115
|
+
data = await container.getPlaintext();
|
|
116
|
+
break;
|
|
117
|
+
}
|
|
118
|
+
default:
|
|
119
|
+
throw (new Error(`Unsupported encryption algorithm OID: ${encryptionAlgoOID}`));
|
|
120
|
+
}
|
|
121
|
+
}
|
|
122
|
+
// Verify hash (checkHashWithOID now accepts string OIDs directly)
|
|
123
|
+
if (!Buffer.isBuffer(digestInfo.digest)) {
|
|
124
|
+
throw (new TypeError('Digest value is not a buffer'));
|
|
125
|
+
}
|
|
126
|
+
const validHash = await checkHashWithOID(data, digestInfo);
|
|
127
|
+
if (validHash !== true) {
|
|
128
|
+
throw (validHash);
|
|
129
|
+
}
|
|
130
|
+
const blob = new Blob([data], { type: mimeType });
|
|
131
|
+
cachedValue = blob;
|
|
132
|
+
return (blob);
|
|
133
|
+
}
|
|
134
|
+
});
|
|
135
|
+
}
|
|
136
|
+
}
|
|
137
|
+
// Recursively process plain objects
|
|
138
|
+
return (normalizeDecodedASN1Object(obj, principals));
|
|
139
|
+
}
|
|
19
140
|
function isBlob(input) {
|
|
20
141
|
if (typeof input !== 'object' || input === null) {
|
|
21
142
|
return (false);
|
|
@@ -135,12 +256,16 @@ function asCertificateAttributeNames(name) {
|
|
|
135
256
|
assertCertificateAttributeNames(name);
|
|
136
257
|
return (name);
|
|
137
258
|
}
|
|
138
|
-
function resolveSchema(name, schema) {
|
|
139
|
-
return (contextualizeStructSchema(schema));
|
|
140
|
-
}
|
|
141
259
|
function encodeAttribute(name, value) {
|
|
142
|
-
const schema =
|
|
143
|
-
|
|
260
|
+
const schema = CertificateAttributeSchema[name];
|
|
261
|
+
let encodedJS;
|
|
262
|
+
try {
|
|
263
|
+
encodedJS = new ASN1.ValidateASN1(schema).fromJavaScriptObject(value);
|
|
264
|
+
}
|
|
265
|
+
catch (err) {
|
|
266
|
+
const message = err instanceof Error ? err.message : String(err);
|
|
267
|
+
throw (new Error(`Attribute ${name}: ${message} (value: ${JSON.stringify(DPO(value))})`));
|
|
268
|
+
}
|
|
144
269
|
if (encodedJS === undefined) {
|
|
145
270
|
throw (new Error(`Unsupported attribute value for encoding: ${JSON.stringify(DPO(value))}`));
|
|
146
271
|
}
|
|
@@ -175,12 +300,70 @@ function encodeForSensitive(name, value) {
|
|
|
175
300
|
}
|
|
176
301
|
return (Buffer.from(String(value), 'utf-8'));
|
|
177
302
|
}
|
|
303
|
+
function unwrapSingleLayer(schema) {
|
|
304
|
+
if (typeof schema === 'object' && schema !== null && 'type' in schema && schema.type === 'context') {
|
|
305
|
+
return (schema.contains);
|
|
306
|
+
}
|
|
307
|
+
return (schema);
|
|
308
|
+
}
|
|
309
|
+
function unwrapFieldSchema(fieldSchema) {
|
|
310
|
+
if (typeof fieldSchema === 'object' && fieldSchema !== null && 'optional' in fieldSchema) {
|
|
311
|
+
const unwrapped = unwrapSingleLayer(fieldSchema.optional);
|
|
312
|
+
return ({ optional: unwrapped });
|
|
313
|
+
}
|
|
314
|
+
return (unwrapSingleLayer(fieldSchema));
|
|
315
|
+
}
|
|
316
|
+
/**
|
|
317
|
+
* Create a backwards-compatible version of a schema by removing context tag wrappers from struct fields.
|
|
318
|
+
*/
|
|
319
|
+
function unwrapContextTagsFromSchema(schema) {
|
|
320
|
+
// If it's a struct, unwrap context tags from its fields
|
|
321
|
+
if (typeof schema === 'object' && schema !== null && 'type' in schema && schema.type === 'struct') {
|
|
322
|
+
const unwrappedContains = {};
|
|
323
|
+
for (const [fieldName, fieldSchema] of Object.entries(schema.contains)) {
|
|
324
|
+
unwrappedContains[fieldName] = unwrapFieldSchema(fieldSchema);
|
|
325
|
+
}
|
|
326
|
+
return ({
|
|
327
|
+
type: 'struct',
|
|
328
|
+
fieldNames: schema.fieldNames,
|
|
329
|
+
contains: unwrappedContains
|
|
330
|
+
});
|
|
331
|
+
}
|
|
332
|
+
return (schema);
|
|
333
|
+
}
|
|
178
334
|
async function decodeAttribute(name, value, principals) {
|
|
179
|
-
const schema =
|
|
180
|
-
|
|
181
|
-
|
|
182
|
-
|
|
183
|
-
|
|
335
|
+
const schema = CertificateAttributeSchema[name];
|
|
336
|
+
let decodedASN1;
|
|
337
|
+
let usedSchema = schema;
|
|
338
|
+
try {
|
|
339
|
+
// Try with current schema (includes context tags for structs with optional fields)
|
|
340
|
+
// @ts-expect-error
|
|
341
|
+
decodedASN1 = new ASN1.BufferStorageASN1(value, schema).getASN1();
|
|
342
|
+
}
|
|
343
|
+
catch (firstError) {
|
|
344
|
+
// Fallback: try with backwards-compatible schema (context tags stripped)
|
|
345
|
+
// This supports old certificates encoded before context tags were added
|
|
346
|
+
try {
|
|
347
|
+
const backwardsCompatSchema = unwrapContextTagsFromSchema(schema);
|
|
348
|
+
// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment
|
|
349
|
+
decodedASN1 = new ASN1.BufferStorageASN1(value, backwardsCompatSchema).getASN1();
|
|
350
|
+
usedSchema = backwardsCompatSchema;
|
|
351
|
+
}
|
|
352
|
+
catch {
|
|
353
|
+
// If both fail, throw the original error
|
|
354
|
+
throw (firstError);
|
|
355
|
+
}
|
|
356
|
+
}
|
|
357
|
+
if (!decodedASN1) {
|
|
358
|
+
throw (new Error('Failed to decode ASN1 data'));
|
|
359
|
+
}
|
|
360
|
+
const validator = new ASN1.ValidateASN1(usedSchema);
|
|
361
|
+
const plainObject = validator.toJavaScriptObject(decodedASN1);
|
|
362
|
+
// Post-process to:
|
|
363
|
+
// 1. Unwrap any remaining ASN.1-like objects
|
|
364
|
+
// 2. Add domain-specific $blob function to Reference objects
|
|
365
|
+
// @ts-expect-error
|
|
366
|
+
const candidate = normalizeDecodedASN1(plainObject, principals);
|
|
184
367
|
return (asAttributeValue(name, candidate));
|
|
185
368
|
}
|
|
186
369
|
class SensitiveAttributeBuilder {
|
|
@@ -281,7 +464,7 @@ class SensitiveAttribute {
|
|
|
281
464
|
decodedAttribute = dataObject.getASN1();
|
|
282
465
|
}
|
|
283
466
|
catch {
|
|
284
|
-
const js = ASN1toJS(data);
|
|
467
|
+
const js = ASN1.ASN1toJS(data);
|
|
285
468
|
throw (new Error(`SensitiveAttribute.decode: unexpected DER shape ${JSON.stringify(DPO(js))}`));
|
|
286
469
|
}
|
|
287
470
|
const decodedVersion = decodedAttribute[0] + 1n;
|
|
@@ -422,7 +605,7 @@ const CertificateKYCAttributeSchemaValidation = {
|
|
|
422
605
|
]
|
|
423
606
|
}]
|
|
424
607
|
};
|
|
425
|
-
export class CertificateBuilder extends
|
|
608
|
+
export class CertificateBuilder extends BaseCertificateBuilder {
|
|
426
609
|
#attributes = {};
|
|
427
610
|
/**
|
|
428
611
|
* Map the parameters from the public interface to the internal
|
|
@@ -521,7 +704,7 @@ export class CertificateBuilder extends KeetaNetClient.lib.Utils.Certificate.Cer
|
|
|
521
704
|
}]);
|
|
522
705
|
}
|
|
523
706
|
if (certAttributes.length > 0) {
|
|
524
|
-
retval.push(
|
|
707
|
+
retval.push(BaseCertificateBuilder.extension(oids.keeta.KYC_ATTRIBUTES, certAttributes));
|
|
525
708
|
}
|
|
526
709
|
return (retval);
|
|
527
710
|
}
|
|
@@ -547,7 +730,7 @@ export class CertificateBuilder extends KeetaNetClient.lib.Utils.Certificate.Cer
|
|
|
547
730
|
return (certificateObject);
|
|
548
731
|
}
|
|
549
732
|
}
|
|
550
|
-
export class Certificate extends
|
|
733
|
+
export class Certificate extends BaseCertificate {
|
|
551
734
|
subjectKey;
|
|
552
735
|
static Builder = CertificateBuilder;
|
|
553
736
|
static SharableAttributes;
|
|
@@ -630,6 +813,7 @@ export class Certificate extends KeetaNetClient.lib.Utils.Certificate.Certificat
|
|
|
630
813
|
;
|
|
631
814
|
export class SharableCertificateAttributes {
|
|
632
815
|
#certificate;
|
|
816
|
+
#intermediates;
|
|
633
817
|
#attributes = {};
|
|
634
818
|
container;
|
|
635
819
|
populatedFromInit = false;
|
|
@@ -691,12 +875,28 @@ export class SharableCertificateAttributes {
|
|
|
691
875
|
}
|
|
692
876
|
this.container = EncryptedContainer.fromEncodedBuffer(containerBuffer, principals);
|
|
693
877
|
}
|
|
694
|
-
|
|
695
|
-
|
|
696
|
-
|
|
697
|
-
|
|
698
|
-
|
|
699
|
-
|
|
878
|
+
static async fromCertificate(certificate, intermediatesOrAttributeNames, definitelyAttributeNames) {
|
|
879
|
+
let intermediates = undefined;
|
|
880
|
+
let attributeNames = undefined;
|
|
881
|
+
if (definitelyAttributeNames === undefined) {
|
|
882
|
+
if (intermediatesOrAttributeNames !== undefined) {
|
|
883
|
+
if (Array.isArray(intermediatesOrAttributeNames)) {
|
|
884
|
+
attributeNames = intermediatesOrAttributeNames;
|
|
885
|
+
}
|
|
886
|
+
else {
|
|
887
|
+
intermediates = intermediatesOrAttributeNames;
|
|
888
|
+
}
|
|
889
|
+
}
|
|
890
|
+
}
|
|
891
|
+
else {
|
|
892
|
+
if (intermediatesOrAttributeNames !== undefined) {
|
|
893
|
+
if (Array.isArray(intermediatesOrAttributeNames)) {
|
|
894
|
+
throw (new TypeError('Expected Set<BaseCertificate> for intermediates'));
|
|
895
|
+
}
|
|
896
|
+
intermediates = intermediatesOrAttributeNames;
|
|
897
|
+
}
|
|
898
|
+
attributeNames = definitelyAttributeNames;
|
|
899
|
+
}
|
|
700
900
|
if (attributeNames === undefined) {
|
|
701
901
|
/*
|
|
702
902
|
* We know the keys are whatever the Certificate says they are, so
|
|
@@ -763,8 +963,15 @@ export class SharableCertificateAttributes {
|
|
|
763
963
|
}
|
|
764
964
|
}));
|
|
765
965
|
};
|
|
766
|
-
|
|
767
|
-
|
|
966
|
+
/*
|
|
967
|
+
* Decode the attribute value to extract $blob references.
|
|
968
|
+
* Skip for entityType which has schema compatibility issues
|
|
969
|
+
* with old certificates and has no external references anyway.
|
|
970
|
+
*/
|
|
971
|
+
if (name !== 'entityType') {
|
|
972
|
+
const attrValue = await certificate.getAttributeValue(name);
|
|
973
|
+
await walkResultAndReplaceReferences(attrValue);
|
|
974
|
+
}
|
|
768
975
|
if (attr.sensitive) {
|
|
769
976
|
attributes[name] = {
|
|
770
977
|
sensitive: true,
|
|
@@ -780,15 +987,28 @@ export class SharableCertificateAttributes {
|
|
|
780
987
|
};
|
|
781
988
|
}
|
|
782
989
|
}
|
|
990
|
+
let intermediatesJSON;
|
|
991
|
+
intermediates ??= new Set();
|
|
992
|
+
if (intermediates.size === 0) {
|
|
993
|
+
intermediatesJSON = undefined;
|
|
994
|
+
}
|
|
995
|
+
else {
|
|
996
|
+
intermediatesJSON = Array.from(intermediates).map(function (intermediateCertificate) {
|
|
997
|
+
return (intermediateCertificate.toPEM());
|
|
998
|
+
});
|
|
999
|
+
}
|
|
783
1000
|
const contentsString = JSON.stringify({
|
|
784
1001
|
certificate: certificate.toPEM(),
|
|
1002
|
+
intermediates: intermediatesJSON,
|
|
785
1003
|
attributes: attributes
|
|
786
1004
|
});
|
|
787
1005
|
const temporaryUser = KeetaNetAccount.fromSeed(KeetaNetAccount.generateRandomSeed(), 0);
|
|
788
1006
|
const contentsBuffer = Buffer.from(contentsString, 'utf-8');
|
|
789
1007
|
const container = EncryptedContainer.fromPlaintext(bufferToArrayBuffer(contentsBuffer), [temporaryUser], true);
|
|
790
1008
|
const containerBuffer = await container.getEncodedBuffer();
|
|
791
|
-
const retval = new SharableCertificateAttributes(containerBuffer, {
|
|
1009
|
+
const retval = new SharableCertificateAttributes(containerBuffer, {
|
|
1010
|
+
principals: temporaryUser
|
|
1011
|
+
});
|
|
792
1012
|
await retval.revokeAccess(temporaryUser);
|
|
793
1013
|
return (retval);
|
|
794
1014
|
}
|
|
@@ -824,6 +1044,11 @@ export class SharableCertificateAttributes {
|
|
|
824
1044
|
const contentsString = Buffer.from(contentsBufferDecompressed).toString('utf-8');
|
|
825
1045
|
const contentsJSON = JSON.parse(contentsString);
|
|
826
1046
|
const contents = assertSharableCertificateAttributesContentsSchema(contentsJSON);
|
|
1047
|
+
this.#intermediates = new Set();
|
|
1048
|
+
for (const intermediatePEM of contents.intermediates ?? []) {
|
|
1049
|
+
const intermediateCert = new BaseCertificate(intermediatePEM);
|
|
1050
|
+
this.#intermediates.add(intermediateCert);
|
|
1051
|
+
}
|
|
827
1052
|
this.#certificate = new Certificate(contents.certificate);
|
|
828
1053
|
const attributePromises = Object.entries(contents.attributes).map(async ([name, attr]) => {
|
|
829
1054
|
/*
|
|
@@ -879,6 +1104,20 @@ export class SharableCertificateAttributes {
|
|
|
879
1104
|
}
|
|
880
1105
|
return (this.#certificate);
|
|
881
1106
|
}
|
|
1107
|
+
/**
|
|
1108
|
+
* Get the intermediate certificates included in this sharable
|
|
1109
|
+
* certificate container
|
|
1110
|
+
*
|
|
1111
|
+
* @return A set of BaseCertificate objects representing the
|
|
1112
|
+
* intermediate certificates attached to this container
|
|
1113
|
+
*/
|
|
1114
|
+
async getIntermediates() {
|
|
1115
|
+
await this.#populate();
|
|
1116
|
+
if (this.#intermediates && this.#intermediates.size > 0) {
|
|
1117
|
+
return (new Set(this.#intermediates));
|
|
1118
|
+
}
|
|
1119
|
+
return (new Set());
|
|
1120
|
+
}
|
|
882
1121
|
async getAttributeBuffer(name) {
|
|
883
1122
|
await this.#populate();
|
|
884
1123
|
const attr = this.#attributes[name];
|
|
@@ -923,7 +1162,7 @@ export class SharableCertificateAttributes {
|
|
|
923
1162
|
throw (new Error(`Missing reference value for ID ${referenceID}`));
|
|
924
1163
|
}
|
|
925
1164
|
const referenceData = Buffer.from(referenceValue, 'base64');
|
|
926
|
-
const referenceDataAB =
|
|
1165
|
+
const referenceDataAB = bufferToArrayBuffer(referenceData);
|
|
927
1166
|
/* Verify the hash matches what was certified */
|
|
928
1167
|
const checkHash = await checkHashWithOID(referenceData, parent.digest);
|
|
929
1168
|
if (checkHash !== true) {
|
|
@@ -987,6 +1226,15 @@ Certificate.SharableAttributes = SharableCertificateAttributes;
|
|
|
987
1226
|
/** @internal */
|
|
988
1227
|
export const _Testing = {
|
|
989
1228
|
SensitiveAttributeBuilder,
|
|
990
|
-
SensitiveAttribute
|
|
1229
|
+
SensitiveAttribute,
|
|
1230
|
+
ValidateASN1: ASN1.ValidateASN1,
|
|
1231
|
+
BufferStorageASN1: ASN1.BufferStorageASN1,
|
|
1232
|
+
JStoASN1: ASN1.JStoASN1,
|
|
1233
|
+
normalizeDecodedASN1,
|
|
1234
|
+
decodeAttribute,
|
|
1235
|
+
unwrapSingleLayer,
|
|
1236
|
+
unwrapFieldSchema,
|
|
1237
|
+
unwrapContextTagsFromSchema,
|
|
1238
|
+
CertificateAttributeSchema
|
|
991
1239
|
};
|
|
992
1240
|
//# sourceMappingURL=certificates.js.map
|