@labacacia/nps-sdk 1.0.0-alpha.3 → 1.0.0-alpha.5

package/dist/nip/acme/client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.js","sourceRoot":"","sources":["../../../src/nip/acme/client.ts"],"names":[],"mappings":"AAAA,oCAAoC;AACpC,sCAAsC;AAEtC;;;;;GAKG;AAEH,OAAO,KAAK,OAAO,MAAM,gBAAgB,CAAC;AAC1C,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,KAAK,IAAI,MAAM,gBAAgB,CAAC;AAEvC,OAAO,KAAK,GAAG,MAAM,UAAU,CAAC;AAKhC,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAElC,OAAO,CAAC,GAAG,CAAC,UAAU,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;AACzE,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;AAa3C,MAAM,OAAO,UAAU;IAKO;IAJpB,SAAS,GAAsB,IAAI,CAAC;IACpC,UAAU,GAAqB,IAAI,CAAC;IACpC,SAAS,GAAsB,IAAI,CAAC;IAE5C,YAA4B,OAA0B;QAA1B,YAAO,GAAP,OAAO,CAAmB;IAAG,CAAC;IAE1D,6EAA6E;IAC7E,KAAK,CAAC,cAAc,CAAC,GAAW;QAC9B,MAAM,IAAI,CAAC,eAAe,EAAE,CAAC;QAC7B,IAAI,IAAI,CAAC,UAAU,KAAK,IAAI;YAAE,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;QACtD,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;QACvC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,CAAC;QAC7D,MAAM,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;QACjC,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QACvD,OAAO,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,WAAY,CAAC,CAAC;IAClD,CAAC;IAED,4EAA4E;IAEpE,KAAK,CAAC,eAAe;QAC3B,IAAI,IAAI,CAAC,SAAS,KAAK,IAAI;YAAE,OAAO;QACpC,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QACpD,aAAa,CAAC,IAAI,CAAC,CAAC;QACpB,IAAI,CAAC,SAAS,GAAG,MAAM,IAAI,CAAC,IAAI,EAAe,CAAC;QAChD,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;IAC5B,CAAC;IAEO,KAAK,CAAC,YAAY;QACxB,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,SAAU,CAAC,QAAQ,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;QACvE,aAAa,CAAC,IAAI,CAAC,CAAC;QACpB,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QAClD,IAAI,IAAI,CAAC,SAAS,KAAK,IAAI,EAAE,CAAC;YAC5B,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;QACjD,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,UAAU;QACtB,MAAM,GAAG,GAAG,GAAG,CAAC,gBAAgB,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QACzD,MAAM,GAAG,GAAG,GAAG,CAAC,IAAI,CAClB,EAAE,GAAG,EAAE,GAAG,CAAC,SAAS,EAAE,KAAK,EAAE,IAAI,CAAC,SAAU,EAAE,GAAG,EAAE,IAAI,CAAC,SAAU,CAAC,UAAU,EAAE,GAAG,EAAE,EACpF,EAAE,oBAAoB,EAAE,IAAI,EAAuB,EACnD,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QAE3B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,SAAU,CAAC,UAAU,EAAE,GAAG,CAAC,CAAC;QAC9D,aAAa,CAAC,IAAI,CAAC,CAAC;QACpB,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QAC/C,IAAI,IAAI,CAAC,UAAU,KAAK,IAAI;YAAE,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;QACjF,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAEO,KAAK,CAAC,QAAQ,CAAC,GAAW;QAChC,MAAM,GAAG,GAAG,GAAG,CAAC,IAAI,CAClB,EAAE,GAAG,EAAE,GAAG,CAAC,SAAS,EAAE,KAAK,EAAE,IAAI,CAAC,SAAU,EAAE,GAAG,EAAE,IAAI,CAAC,SAAU,CAAC,QAAQ,EAAE,GAAG,EAAE,IAAI,CAAC,UAAW,EAAE,EACpG;YACE,WAAW,EAAE,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,mBAAmB,EAAE,KAAK,EAAE,GAAG,EAAgB,CAAC;SACzD,EACpB,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QAE3B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,SAAU,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;QAC5D,aAAa,CAAC,IAAI,CAAC,CAAC;QACpB,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC;QACxB,OAAO,MAAM,IAAI,CAAC,IAAI,EAAW,CAAC;IACpC,CAAC;IAEO,KAAK,CAAC,UAAU,CAAC,GAAW;QAClC,+BAA+B;QAC/B,MAAM,GAAG,GAAG,GAAG,CAAC,IAAI,CAClB,EAAE,GAAG,EAAE,GAAG,CAAC,SAAS,EAAE,KAAK,EAAE,IAAI,CAAC,SAAU,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,UAAW,EAAE,EAC1E,IAAI,EACJ,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QAC3B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QACvC,aAAa,CAAC,IAAI,CAAC,CAAC;QACpB,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC;QACxB,OAAO,MAAM,IAAI,CAAC,IAAI,EAAmB,CAAC;IAC5C,CAAC;IAEO,KAAK,CAAC,cAAc,CAAC,KAAoB;QAC/C,MAAM,SAAS,GAAG,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,IAAI,CAAC,kBAAkB,CAAC,CAAC;QACnF,IAAI,CAAC,SAAS;YAAE,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;QAEnE,6DAA6D;QAC7D,MAAM,UAAU,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;QAC7D,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QAE9D,MAAM,GAAG,GAAG,GAAG,CAAC,IAAI,CAClB,EAAE,GAAG,EAAE,GAAG,CAAC,SAAS,EAAE,KAAK,EAAE,IAAI,CAAC,SAAU,EAAE,GAAG,EAAE,SAAS,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,UAAW,EAAE,EACzF,EAAE,eAAe,EAAE,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,EACxC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QAC3B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QACjD,aAAa,CAAC,IAAI,CAAC,CAAC;QACpB,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAEO,KAAK,CAAC,aAAa,CAAC,KAAY,EAAE,GAAW;QACnD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;QACxC,MAAM,GAAG,GAAG,GAAG,CAAC,IAAI,CAClB,EAAE,GAAG,EAAE,GAAG,CAAC,SAAS,EAAE,KAAK,EAAE,IAAI,CAAC,SAAU,EAAE,GAAG,EAAE,KAAK,CAAC,QAAQ,EAAE,GAAG,EAAE,IAAI,CAAC,UAAW,EAAE,EAC1F,EAAE,GAAG,EAAE,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,EAAqB,EAClD,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QAC3B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;QAClD,aAAa,CAAC,IAAI,CAAC,CAAC;QACpB,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC;QACxB,OAAO,MAAM,IAAI,CAAC,IAAI,EAAW,CAAC;IACpC,CAAC;IAEO,KAAK,CAAC,WAAW,CAAC,OAAe;QACvC,MAAM,GAAG,GAAG,GAAG,CAAC,IAAI,CAClB,EAAE,GAAG,EAAE,GAAG,CAAC,SAAS,EAAE,KAAK,EAAE,IAAI,CAAC,SAAU,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,IAAI,CAAC,UAAW,EAAE,EACnF,IAAI,EACJ,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QAC3B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;QAC3C,aAAa,CAAC,IAAI,CAAC,CAAC;QACpB,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC;QACxB,OAAO,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;IAC3B,CAAC;IAED,4EAA4E;IAEpE,KAAK,CAAC,IAAI,CAAC,GAAW,EAAE,GAAiB;QAC/C,OAAO,MAAM,KAAK,CAAC,GAAG,EAAE;YACtB,MAAM,EAAG,MAAM;YACf,OAAO,EAAE,EAAE,cAAc,EAAE,IAAI,CAAC,sBAAsB,EAAE;YACxD,IAAI,EAAK,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC;SAC7B,CAAC,CAAC;IACL,CAAC;IAEO,YAAY,CAAC,IAAc;QACjC,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QAC/C,IAAI,KAAK,KAAK,IAAI;YAAE,IAAI,CAAC,SAAS,GAAG,KAAK,CAAC;IAC7C,CAAC;IAEO,KAAK,CAAC,QAAQ,CAAC,GAAW;QAChC,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,iCAAiC,CAAC,MAAM,CAAC;YAC9D,IAAI,EAAE,MAAM,GAAG,CAAC,OAAO,CAAC,eAAe,EAAE,MAAM,CAAC,EAAE;YAClD,IAAI,EAAE,IAAI,CAAC,OAAO,CAAC,aAAa;YAChC,gBAAgB,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE;YACrC,UAAU,EAAE;gBACV,IAAI,IAAI,CAAC,+BAA+B,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,EAAE,KAAK,CAAC;aAC/E;SACF,CAAC,CAAC;QACH,OAAO,IAAI,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IACrC,CAAC;CACF;AAED,SAAS,aAAa,CAAC,IAAc;IACnC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,QAAQ,IAAI,CAAC,GAAG,SAAS,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;IAC1D,CAAC;AACH,CAAC"}

package/dist/nip/acme/index.d.ts

@@ -0,0 +1,6 @@
+export * from "./client.js";
+export * from "./jws.js";
+export * from "./messages.js";
+export * from "./server.js";
+export * from "./wire.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/nip/acme/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/nip/acme/index.ts"],"names":[],"mappings":"AAGA,cAAc,aAAa,CAAC;AAC5B,cAAc,UAAU,CAAC;AACzB,cAAc,eAAe,CAAC;AAC9B,cAAc,aAAa,CAAC;AAC5B,cAAc,WAAW,CAAC"}

package/dist/nip/acme/index.js

@@ -0,0 +1,8 @@
+// Copyright 2026 INNO LOTUS PTY LTD
+// SPDX-License-Identifier: Apache-2.0
+export * from "./client.js";
+export * from "./jws.js";
+export * from "./messages.js";
+export * from "./server.js";
+export * from "./wire.js";
+//# sourceMappingURL=index.js.map

package/dist/nip/acme/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/nip/acme/index.ts"],"names":[],"mappings":"AAAA,oCAAoC;AACpC,sCAAsC;AAEtC,cAAc,aAAa,CAAC;AAC5B,cAAc,UAAU,CAAC;AACzB,cAAc,eAAe,CAAC;AAC9B,cAAc,aAAa,CAAC;AAC5B,cAAc,WAAW,CAAC"}

package/dist/nip/acme/jws.d.ts

@@ -0,0 +1,31 @@
+export declare const ALG_EDDSA = "EdDSA";
+export declare const KTY_OKP = "OKP";
+export declare const CRV_ED25519 = "Ed25519";
+export interface Jwk {
+    kty: string;
+    crv: string;
+    x: string;
+}
+export interface ProtectedHeader {
+    alg: string;
+    nonce: string;
+    url: string;
+    jwk?: Jwk;
+    kid?: string;
+}
+export interface Envelope {
+    protected: string;
+    payload: string;
+    signature: string;
+}
+export declare function jwkFromPublicKey(rawPubKey: Uint8Array): Jwk;
+export declare function publicKeyFromJwk(jwk: Jwk): Uint8Array;
+/** RFC 7638 §3 thumbprint of an Ed25519 JWK (lex-sorted compact JSON, SHA-256, base64url). */
+export declare function thumbprint(jwk: Jwk): string;
+export declare function sign(header: ProtectedHeader, payload: unknown | null, privKey: Uint8Array): Envelope;
+/** Verify a JWS envelope. Returns the parsed protected header on success, else null. */
+export declare function verify(envelope: Envelope, pubKey: Uint8Array): ProtectedHeader | null;
+export declare function decodePayload<T = unknown>(envelope: Envelope): T | null;
+export declare function b64uEncode(bytes: Uint8Array): string;
+export declare function b64uDecode(s: string): Uint8Array;
+//# sourceMappingURL=jws.d.ts.map

package/dist/nip/acme/jws.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"jws.d.ts","sourceRoot":"","sources":["../../../src/nip/acme/jws.ts"],"names":[],"mappings":"AAoBA,eAAO,MAAM,SAAS,UAAY,CAAC;AACnC,eAAO,MAAM,OAAO,QAAY,CAAC;AACjC,eAAO,MAAM,WAAW,YAAY,CAAC;AAErC,MAAM,WAAW,GAAG;IAClB,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,CAAC,EAAI,MAAM,CAAC;CACb;AAED,MAAM,WAAW,eAAe;IAC9B,GAAG,EAAK,MAAM,CAAC;IACf,KAAK,EAAG,MAAM,CAAC;IACf,GAAG,EAAK,MAAM,CAAC;IACf,GAAG,CAAC,EAAI,GAAG,CAAC;IACZ,GAAG,CAAC,EAAI,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,QAAQ;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAI,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,wBAAgB,gBAAgB,CAAC,SAAS,EAAE,UAAU,GAAG,GAAG,CAK3D;AAED,wBAAgB,gBAAgB,CAAC,GAAG,EAAE,GAAG,GAAG,UAAU,CAKrD;AAED,8FAA8F;AAC9F,wBAAgB,UAAU,CAAC,GAAG,EAAE,GAAG,GAAG,MAAM,CAG3C;AAED,wBAAgB,IAAI,CAClB,MAAM,EAAI,eAAe,EACzB,OAAO,EAAG,OAAO,GAAG,IAAI,EACxB,OAAO,EAAG,UAAU,GACnB,QAAQ,CASV;AAED,wFAAwF;AACxF,wBAAgB,MAAM,CAAC,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,GAAG,eAAe,GAAG,IAAI,CAUrF;AAED,wBAAgB,aAAa,CAAC,CAAC,GAAG,OAAO,EAAE,QAAQ,EAAE,QAAQ,GAAG,CAAC,GAAG,IAAI,CAGvE;AAID,wBAAgB,UAAU,CAAC,KAAK,EAAE,UAAU,GAAG,MAAM,CAGpD;AAED,wBAAgB,UAAU,CAAC,CAAC,EAAE,MAAM,GAAG,UAAU,CAIhD"}

package/dist/nip/acme/jws.js

@@ -0,0 +1,76 @@
+// Copyright 2026 INNO LOTUS PTY LTD
+// SPDX-License-Identifier: Apache-2.0
+/**
+ * JWS signing helpers for ACME with Ed25519 (`alg: "EdDSA"` per RFC 8037).
+ *
+ * Wire shape (RFC 8555 §6.2 + RFC 7515 flattened JWS JSON serialization):
+ * {
+ *   "protected": base64url(JSON({alg, nonce, url, [jwk|kid]})),
+ *   "payload":   base64url(JSON(payload)),
+ *   "signature": base64url(Ed25519(protected || "." || payload))
+ * }
+ */
+import * as ed25519 from "@noble/ed25519";
+import { sha512 } from "@noble/hashes/sha512";
+import { sha256 } from "@noble/hashes/sha2";
+ed25519.etc.sha512Sync = (...m) => sha512(ed25519.etc.concatBytes(...m));
+export const ALG_EDDSA = "EdDSA"; // RFC 8037 §3.1
+export const KTY_OKP = "OKP"; // RFC 8037 §2
+export const CRV_ED25519 = "Ed25519"; // RFC 8037 §2
+export function jwkFromPublicKey(rawPubKey) {
+    if (rawPubKey.length !== 32) {
+        throw new Error(`Ed25519 public key must be 32 bytes, got ${rawPubKey.length}`);
+    }
+    return { kty: KTY_OKP, crv: CRV_ED25519, x: b64uEncode(rawPubKey) };
+}
+export function publicKeyFromJwk(jwk) {
+    if (jwk.kty !== KTY_OKP || jwk.crv !== CRV_ED25519) {
+        throw new Error(`JWK is not OKP/Ed25519: kty=${jwk.kty} crv=${jwk.crv}`);
+    }
+    return b64uDecode(jwk.x);
+}
+/** RFC 7638 §3 thumbprint of an Ed25519 JWK (lex-sorted compact JSON, SHA-256, base64url). */
+export function thumbprint(jwk) {
+    const canonical = `{"crv":"${jwk.crv}","kty":"${jwk.kty}","x":"${jwk.x}"}`;
+    return b64uEncode(sha256(new TextEncoder().encode(canonical)));
+}
+export function sign(header, payload, privKey) {
+    const headerBytes = new TextEncoder().encode(JSON.stringify(header));
+    const headerB64u = b64uEncode(headerBytes);
+    const payloadB64u = payload === null
+        ? ""
+        : b64uEncode(new TextEncoder().encode(JSON.stringify(payload)));
+    const signingInput = new TextEncoder().encode(`${headerB64u}.${payloadB64u}`);
+    const sig = ed25519.sign(signingInput, privKey);
+    return { protected: headerB64u, payload: payloadB64u, signature: b64uEncode(sig) };
+}
+/** Verify a JWS envelope. Returns the parsed protected header on success, else null. */
+export function verify(envelope, pubKey) {
+    try {
+        const signingInput = new TextEncoder().encode(`${envelope.protected}.${envelope.payload}`);
+        const sigBytes = b64uDecode(envelope.signature);
+        if (!ed25519.verify(sigBytes, signingInput, pubKey))
+            return null;
+        const headerJson = new TextDecoder().decode(b64uDecode(envelope.protected));
+        return JSON.parse(headerJson);
+    }
+    catch {
+        return null;
+    }
+}
+export function decodePayload(envelope) {
+    if (!envelope.payload)
+        return null;
+    return JSON.parse(new TextDecoder().decode(b64uDecode(envelope.payload)));
+}
+// ── helpers ──────────────────────────────────────────────────────────────────
+export function b64uEncode(bytes) {
+    return Buffer.from(bytes).toString("base64").replace(/=+$/, "")
+        .replace(/\+/g, "-").replace(/\//g, "_");
+}
+export function b64uDecode(s) {
+    const padded = s + "=".repeat((4 - (s.length % 4)) % 4);
+    const std = padded.replace(/-/g, "+").replace(/_/g, "/");
+    return new Uint8Array(Buffer.from(std, "base64"));
+}
+//# sourceMappingURL=jws.js.map

package/dist/nip/acme/jws.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"jws.js","sourceRoot":"","sources":["../../../src/nip/acme/jws.ts"],"names":[],"mappings":"AAAA,oCAAoC;AACpC,sCAAsC;AAEtC;;;;;;;;;GASG;AAEH,OAAO,KAAK,OAAO,MAAM,gBAAgB,CAAC;AAC1C,OAAO,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAC9C,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAE5C,OAAO,CAAC,GAAG,CAAC,UAAU,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;AAEzE,MAAM,CAAC,MAAM,SAAS,GAAK,OAAO,CAAC,CAAG,gBAAgB;AACtD,MAAM,CAAC,MAAM,OAAO,GAAO,KAAK,CAAC,CAAK,cAAc;AACpD,MAAM,CAAC,MAAM,WAAW,GAAG,SAAS,CAAC,CAAC,cAAc;AAsBpD,MAAM,UAAU,gBAAgB,CAAC,SAAqB;IACpD,IAAI,SAAS,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QAC5B,MAAM,IAAI,KAAK,CAAC,4CAA4C,SAAS,CAAC,MAAM,EAAE,CAAC,CAAC;IAClF,CAAC;IACD,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,WAAW,EAAE,CAAC,EAAE,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;AACtE,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,GAAQ;IACvC,IAAI,GAAG,CAAC,GAAG,KAAK,OAAO,IAAI,GAAG,CAAC,GAAG,KAAK,WAAW,EAAE,CAAC;QACnD,MAAM,IAAI,KAAK,CAAC,+BAA+B,GAAG,CAAC,GAAG,QAAQ,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC;IAC3E,CAAC;IACD,OAAO,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;AAC3B,CAAC;AAED,8FAA8F;AAC9F,MAAM,UAAU,UAAU,CAAC,GAAQ;IACjC,MAAM,SAAS,GAAG,WAAW,GAAG,CAAC,GAAG,YAAY,GAAG,CAAC,GAAG,UAAU,GAAG,CAAC,CAAC,IAAI,CAAC;IAC3E,OAAO,UAAU,CAAC,MAAM,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;AACjE,CAAC;AAED,MAAM,UAAU,IAAI,CAClB,MAAyB,EACzB,OAAwB,EACxB,OAAoB;IAEpB,MAAM,WAAW,GAAI,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC;IACtE,MAAM,UAAU,GAAK,UAAU,CAAC,WAAW,CAAC,CAAC;IAC7C,MAAM,WAAW,GAAI,OAAO,KAAK,IAAI;QACnC,CAAC,CAAC,EAAE;QACJ,CAAC,CAAC,UAAU,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;IAClE,MAAM,YAAY,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,UAAU,IAAI,WAAW,EAAE,CAAC,CAAC;IAC9E,MAAM,GAAG,GAAY,OAAO,CAAC,IAAI,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;IACzD,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;AACrF,CAAC;AAED,wFAAwF;AACxF,MAAM,UAAU,MAAM,CAAC,QAAkB,EAAE,MAAkB;IAC3D,IAAI,CAAC;QACH,MAAM,YAAY,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,QAAQ,CAAC,SAAS,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC,CAAC;QAC3F,MAAM,QAAQ,GAAO,UAAU,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;QACpD,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,QAAQ,EAAE,YAAY,EAAE,MAAM,CAAC;YAAE,OAAO,IAAI,CAAC;QACjE,MAAM,UAAU,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC;QAC5E,OAAO,IAAI,CAAC,KAAK,CAAC,UAAU,CAAoB,CAAC;IACnD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,MAAM,UAAU,aAAa,CAAc,QAAkB;IAC3D,IAAI,CAAC,QAAQ,CAAC,OAAO;QAAE,OAAO,IAAI,CAAC;IACnC,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAM,CAAC;AACjF,CAAC;AAED,gFAAgF;AAEhF,MAAM,UAAU,UAAU,CAAC,KAAiB;IAC1C,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC;SAC5D,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;AAC7C,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,CAAS;IAClC,MAAM,MAAM,GAAG,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IACxD,MAAM,GAAG,GAAG,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IACzD,OAAO,IAAI,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC,CAAC;AACpD,CAAC"}

package/dist/nip/acme/messages.d.ts

@@ -0,0 +1,71 @@
+/** ACME wire-level DTOs (RFC 8555 + NPS-RFC-0002 §4.4) — plain interfaces. */
+export interface DirectoryMeta {
+    termsOfService?: string;
+    website?: string;
+    caaIdentities?: readonly string[];
+    externalAccountRequired?: boolean;
+}
+export interface Directory {
+    newNonce: string;
+    newAccount: string;
+    newOrder: string;
+    revokeCert?: string;
+    keyChange?: string;
+    meta?: DirectoryMeta;
+}
+export interface NewAccountPayload {
+    termsOfServiceAgreed?: boolean;
+    contact?: readonly string[];
+    onlyReturnExisting?: boolean;
+}
+export interface Account {
+    status: string;
+    contact?: readonly string[];
+    orders?: string;
+}
+export interface Identifier {
+    type: string;
+    value: string;
+}
+export interface NewOrderPayload {
+    identifiers: readonly Identifier[];
+    notBefore?: string;
+    notAfter?: string;
+}
+export interface ProblemDetail {
+    type: string;
+    detail?: string;
+    status?: number;
+}
+export interface Order {
+    status: string;
+    expires?: string;
+    identifiers: readonly Identifier[];
+    authorizations: readonly string[];
+    finalize: string;
+    certificate?: string;
+    error?: ProblemDetail;
+}
+export interface Challenge {
+    type: string;
+    url: string;
+    status: string;
+    token: string;
+    validated?: string;
+    error?: ProblemDetail;
+}
+export interface Authorization {
+    status: string;
+    expires?: string;
+    identifier: Identifier;
+    challenges: readonly Challenge[];
+}
+export interface ChallengeRespondPayload {
+    /** base64url(Ed25519(token)) per NPS-RFC-0002 §4.4. */
+    agent_signature: string;
+}
+export interface FinalizePayload {
+    /** base64url(CSR DER). */
+    csr: string;
+}
+//# sourceMappingURL=messages.d.ts.map

package/dist/nip/acme/messages.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"messages.d.ts","sourceRoot":"","sources":["../../../src/nip/acme/messages.ts"],"names":[],"mappings":"AAGA,8EAA8E;AAE9E,MAAM,WAAW,aAAa;IAC5B,cAAc,CAAC,EAAW,MAAM,CAAC;IACjC,OAAO,CAAC,EAAkB,MAAM,CAAC;IACjC,aAAa,CAAC,EAAY,SAAS,MAAM,EAAE,CAAC;IAC5C,uBAAuB,CAAC,EAAE,OAAO,CAAC;CACnC;AAED,MAAM,WAAW,SAAS;IACxB,QAAQ,EAAK,MAAM,CAAC;IACpB,UAAU,EAAG,MAAM,CAAC;IACpB,QAAQ,EAAK,MAAM,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAG,MAAM,CAAC;IACpB,IAAI,CAAC,EAAQ,aAAa,CAAC;CAC5B;AAED,MAAM,WAAW,iBAAiB;IAChC,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAC/B,OAAO,CAAC,EAAe,SAAS,MAAM,EAAE,CAAC;IACzC,kBAAkB,CAAC,EAAI,OAAO,CAAC;CAChC;AAED,MAAM,WAAW,OAAO;IACtB,MAAM,EAAK,MAAM,CAAC;IAClB,OAAO,CAAC,EAAG,SAAS,MAAM,EAAE,CAAC;IAC7B,MAAM,CAAC,EAAI,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,UAAU;IACzB,IAAI,EAAG,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,eAAe;IAC9B,WAAW,EAAE,SAAS,UAAU,EAAE,CAAC;IACnC,SAAS,CAAC,EAAG,MAAM,CAAC;IACpB,QAAQ,CAAC,EAAI,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAK,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,KAAK;IACpB,MAAM,EAAU,MAAM,CAAC;IACvB,OAAO,CAAC,EAAQ,MAAM,CAAC;IACvB,WAAW,EAAK,SAAS,UAAU,EAAE,CAAC;IACtC,cAAc,EAAE,SAAS,MAAM,EAAE,CAAC;IAClC,QAAQ,EAAQ,MAAM,CAAC;IACvB,WAAW,CAAC,EAAI,MAAM,CAAC;IACvB,KAAK,CAAC,EAAU,aAAa,CAAC;CAC/B;AAED,MAAM,WAAW,SAAS;IACxB,IAAI,EAAQ,MAAM,CAAC;IACnB,GAAG,EAAS,MAAM,CAAC;IACnB,MAAM,EAAM,MAAM,CAAC;IACnB,KAAK,EAAO,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,KAAK,CAAC,EAAM,aAAa,CAAC;CAC3B;AAED,MAAM,WAAW,aAAa;IAC5B,MAAM,EAAM,MAAM,CAAC;IACnB,OAAO,CAAC,EAAI,MAAM,CAAC;IACnB,UAAU,EAAE,UAAU,CAAC;IACvB,UAAU,EAAE,SAAS,SAAS,EAAE,CAAC;CAClC;AAED,MAAM,WAAW,uBAAuB;IACtC,uDAAuD;IACvD,eAAe,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,eAAe;IAC9B,0BAA0B;IAC1B,GAAG,EAAE,MAAM,CAAC;CACb"}

package/dist/nip/acme/messages.js

@@ -0,0 +1,4 @@
+// Copyright 2026 INNO LOTUS PTY LTD
+// SPDX-License-Identifier: Apache-2.0
+export {};
+//# sourceMappingURL=messages.js.map

package/dist/nip/acme/messages.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"messages.js","sourceRoot":"","sources":["../../../src/nip/acme/messages.ts"],"names":[],"mappings":"AAAA,oCAAoC;AACpC,sCAAsC"}

package/dist/nip/acme/server.d.ts

@@ -0,0 +1,41 @@
+import * as x509 from "@peculiar/x509";
+export interface AcmeServerOptions {
+    caNid: string;
+    caKeys: CryptoKeyPair;
+    caRootCert: x509.X509Certificate;
+    certValidityMs: number;
+}
+export declare class AcmeServer {
+    readonly options: AcmeServerOptions;
+    private readonly server;
+    private readonly nonces;
+    private readonly accountJwks;
+    private readonly orders;
+    private readonly authzs;
+    private readonly challenges;
+    private readonly certs;
+    private boundPort;
+    constructor(options: AcmeServerOptions);
+    start(): Promise<this>;
+    close(): Promise<void>;
+    get baseUrl(): string;
+    get directoryUrl(): string;
+    private dispatch;
+    private handleDirectory;
+    private handleNewNonce;
+    private handleNewAccount;
+    private handleNewOrder;
+    private handleAuthz;
+    private handleChallenge;
+    private handleFinalize;
+    private handleCert;
+    private handleOrder;
+    private mintNonce;
+    private consumeNonce;
+    private verifyAccount;
+    private readEnvelope;
+    private parseHeader;
+    private sendJson;
+    private sendProblem;
+}
+//# sourceMappingURL=server.d.ts.map

package/dist/nip/acme/server.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../../src/nip/acme/server.ts"],"names":[],"mappings":"AAcA,OAAO,KAAK,IAAI,MAAM,gBAAgB,CAAC;AAevC,MAAM,WAAW,iBAAiB;IAChC,KAAK,EAAY,MAAM,CAAC;IACxB,MAAM,EAAW,aAAa,CAAC;IAC/B,UAAU,EAAO,IAAI,CAAC,eAAe,CAAC;IACtC,cAAc,EAAG,MAAM,CAAC;CACzB;AA6BD,qBAAa,UAAU;aAUO,OAAO,EAAE,iBAAiB;IATtD,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAS;IAChC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA2B;IAClD,OAAO,CAAC,QAAQ,CAAC,WAAW,CAA+B;IAC3D,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAuC;IAC9D,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAuC;IAC9D,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAuC;IAClE,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAoC;IAC1D,OAAO,CAAC,SAAS,CAAgB;gBAEL,OAAO,EAAE,iBAAiB;IAIhD,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAS5B,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAItB,IAAI,OAAO,IAAU,MAAM,CAAiD;IAC5E,IAAI,YAAY,IAAK,MAAM,CAAwC;YAIrD,QAAQ;IAsBtB,OAAO,CAAC,eAAe;IASvB,OAAO,CAAC,cAAc;YAOR,gBAAgB;YAgChB,cAAc;YAwDd,WAAW;YA2BX,eAAe;YAyDf,cAAc;YAuEd,UAAU;YAmBV,WAAW;IAuBzB,OAAO,CAAC,SAAS;IAMjB,OAAO,CAAC,YAAY;IAIpB,OAAO,CAAC,aAAa;YAOP,YAAY;IAe1B,OAAO,CAAC,WAAW;IAUnB,OAAO,CAAC,QAAQ;IAMhB,OAAO,CAAC,WAAW;CAKpB"}