@matter/protocol 0.13.1-alpha.0-20250506-f9ad9c3d8 → 0.13.1-alpha.0-20250508-047aa0277

package/dist/cjs/certificate/AttestationCertificateManager.d.ts

@@ -6,23 +6,17 @@
 import { PrivateKey } from "#general";
 import { VendorId } from "#types";
 export declare class AttestationCertificateManager {
-    private readonly vendorId;
+    #private;
     private paaCertId;
-    private readonly paaKeyPair;
-    private readonly paaKeyIdentifier;
-    private readonly paiCertId;
-    private readonly paiKeyPair;
-    private readonly paiKeyIdentifier;
-    private readonly paiCertBytes;
-    private nextCertificateId;
-    constructor(vendorId: VendorId);
-    getPAICert(): Uint8Array<ArrayBufferLike>;
-    getDACert(productId: number): {
+    constructor(vendorId: VendorId, paiKeyPair: PrivateKey, paiKeyIdentifier: Uint8Array);
+    static create(vendorId: VendorId): Promise<AttestationCertificateManager>;
+    getPAICert(): Promise<Uint8Array<ArrayBufferLike>>;
+    getDACert(productId: number): Promise<{
         keyPair: PrivateKey;
         dac: Uint8Array<ArrayBufferLike>;
-    };
+    }>;
     private generatePAACert;
     private generatePAICert;
-    generateDaCert(publicKey: Uint8Array, vendorId: VendorId, productId: number): Uint8Array<ArrayBufferLike>;
+    generateDaCert(publicKey: Uint8Array, vendorId: VendorId, productId: number): Promise<Uint8Array<ArrayBufferLike>>;
 }
 //# sourceMappingURL=AttestationCertificateManager.d.ts.map

package/dist/cjs/certificate/AttestationCertificateManager.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"AttestationCertificateManager.d.ts","sourceRoot":"","sources":["../../../src/certificate/AttestationCertificateManager.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAiB,UAAU,EAAe,MAAM,UAAU,CAAC;AAClE,OAAO,EAAE,QAAQ,EAAE,MAAM,QAAQ,CAAC;AAuBlC,qBAAa,6BAA6B;IAe1B,OAAO,CAAC,QAAQ,CAAC,QAAQ;IAdrC,OAAO,CAAC,SAAS,CAAa;IAI9B,OAAO,CAAC,QAAQ,CAAC,UAAU,CAExB;IACH,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAA2B;IAC5D,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAa;IACvC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAA0B;IACrD,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAuD;IACxF,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC;IAC9B,OAAO,CAAC,iBAAiB,CAAK;gBAED,QAAQ,EAAE,QAAQ;IAI/C,UAAU;IAIV,SAAS,CAAC,SAAS,EAAE,MAAM;;;;IAW3B,OAAO,CAAC,eAAe;IAkCvB,OAAO,CAAC,eAAe;IAkCvB,cAAc,CAAC,SAAS,EAAE,UAAU,EAAE,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM;CAiC9E"}
+{"version":3,"file":"AttestationCertificateManager.d.ts","sourceRoot":"","sources":["../../../src/certificate/AttestationCertificateManager.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAiB,UAAU,EAAe,MAAM,UAAU,CAAC;AAClE,OAAO,EAAE,QAAQ,EAAE,MAAM,QAAQ,CAAC;AAuBlC,qBAAa,6BAA6B;;IACtC,OAAO,CAAC,SAAS,CAAa;gBAelB,QAAQ,EAAE,QAAQ,EAAE,UAAU,EAAE,UAAU,EAAE,gBAAgB,EAAE,UAAU;WAOvE,MAAM,CAAC,QAAQ,EAAE,QAAQ;IAMtC,UAAU;IAIJ,SAAS,CAAC,SAAS,EAAE,MAAM;;;;IAWjC,OAAO,CAAC,eAAe;IAkCvB,OAAO,CAAC,eAAe;IAkCjB,cAAc,CAAC,SAAS,EAAE,UAAU,EAAE,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM;CAiCpF"}

package/dist/cjs/certificate/AttestationCertificateManager.js

@@ -39,30 +39,38 @@ function getPaaCommonName() {
   return "Matter Test PAA";
 }
 class AttestationCertificateManager {
-  constructor(vendorId) {
-    this.vendorId = vendorId;
-    this.paiCertBytes = this.generatePAICert(vendorId);
-  }
   paaCertId = BigInt(0);
   // We use the official PAA cert for now because else pairing with Chip tool do not work because
   // only this one is the Certificate store
-  paaKeyPair = (0, import_general.PrivateKey)(import_ChipPAAuthorities.TestCert_PAA_NoVID_PrivateKey, {
+  #paaKeyPair = (0, import_general.PrivateKey)(import_ChipPAAuthorities.TestCert_PAA_NoVID_PrivateKey, {
     publicKey: import_ChipPAAuthorities.TestCert_PAA_NoVID_PublicKey
   });
-  paaKeyIdentifier = import_ChipPAAuthorities.TestCert_PAA_NoVID_SKID;
-  paiCertId = BigInt(1);
-  paiKeyPair = import_general.Crypto.createKeyPair();
-  paiKeyIdentifier = import_general.Crypto.hash(this.paiKeyPair.publicKey).slice(0, 20);
-  paiCertBytes;
-  nextCertificateId = 2;
+  #vendorId;
+  #paiKeyPair;
+  #paiKeyIdentifier;
+  #paaKeyIdentifier = import_ChipPAAuthorities.TestCert_PAA_NoVID_SKID;
+  #paiCertId = BigInt(1);
+  #paiCertBytes;
+  #nextCertificateId = 2;
+  constructor(vendorId, paiKeyPair, paiKeyIdentifier) {
+    this.#vendorId = vendorId;
+    this.#paiKeyPair = paiKeyPair;
+    this.#paiKeyIdentifier = paiKeyIdentifier;
+    this.#paiCertBytes = this.generatePAICert(vendorId);
+  }
+  static async create(vendorId) {
+    const key = await import_general.Crypto.createKeyPair();
+    const identifier = await import_general.Crypto.hash(key.publicKey);
+    return new AttestationCertificateManager(vendorId, key, identifier.slice(0, 20));
+  }
   getPAICert() {
-    return this.paiCertBytes;
+    return this.#paiCertBytes;
   }
-  getDACert(productId) {
-    const dacKeyPair = import_general.Crypto.createKeyPair();
+  async getDACert(productId) {
+    const dacKeyPair = await import_general.Crypto.createKeyPair();
     return {
       keyPair: dacKeyPair,
-      dac: this.generateDaCert(dacKeyPair.publicKey, this.vendorId, productId)
+      dac: await this.generateDaCert(dacKeyPair.publicKey, this.#vendorId, productId)
     };
   }
   // Method unused for now because we use the official Matter Test PAA, but is functional
@@ -85,7 +93,7 @@ class AttestationCertificateManager {
         commonName: getPaaCommonName(),
         vendorId
       },
-      ellipticCurvePublicKey: this.paaKeyPair.publicKey,
+      ellipticCurvePublicKey: this.#paaKeyPair.publicKey,
       extensions: {
         basicConstraints: {
           isCa: true,
@@ -95,16 +103,16 @@ class AttestationCertificateManager {
           keyCertSign: true,
           cRLSign: true
         },
-        subjectKeyIdentifier: this.paaKeyIdentifier,
-        authorityKeyIdentifier: this.paaKeyIdentifier
+        subjectKeyIdentifier: this.#paaKeyIdentifier,
+        authorityKeyIdentifier: this.#paaKeyIdentifier
       }
     };
-    return import_CertificateManager.CertificateManager.productAttestationAuthorityCertToAsn1(unsignedCertificate, this.paaKeyPair);
+    return import_CertificateManager.CertificateManager.productAttestationAuthorityCertToAsn1(unsignedCertificate, this.#paaKeyPair);
   }
   generatePAICert(vendorId, productId) {
     const now = import_general.Time.get().now();
     const unsignedCertificate = {
-      serialNumber: import_general.Bytes.fromHex((0, import_general.toHex)(this.paiCertId)),
+      serialNumber: import_general.Bytes.fromHex((0, import_general.toHex)(this.#paiCertId)),
       signatureAlgorithm: 1,
       publicKeyAlgorithm: 1,
       ellipticCurveIdentifier: 1,
@@ -118,7 +126,7 @@ class AttestationCertificateManager {
         vendorId,
         productId
       },
-      ellipticCurvePublicKey: this.paiKeyPair.publicKey,
+      ellipticCurvePublicKey: this.#paiKeyPair.publicKey,
       extensions: {
         basicConstraints: {
           isCa: true,
@@ -128,15 +136,15 @@ class AttestationCertificateManager {
           keyCertSign: true,
           cRLSign: true
         },
-        subjectKeyIdentifier: this.paiKeyIdentifier,
-        authorityKeyIdentifier: this.paaKeyIdentifier
+        subjectKeyIdentifier: this.#paiKeyIdentifier,
+        authorityKeyIdentifier: this.#paaKeyIdentifier
       }
     };
-    return import_CertificateManager.CertificateManager.productAttestationIntermediateCertToAsn1(unsignedCertificate, this.paaKeyPair);
+    return import_CertificateManager.CertificateManager.productAttestationIntermediateCertToAsn1(unsignedCertificate, this.#paaKeyPair);
   }
-  generateDaCert(publicKey, vendorId, productId) {
+  async generateDaCert(publicKey, vendorId, productId) {
     const now = import_general.Time.get().now();
-    const certId = this.nextCertificateId++;
+    const certId = this.#nextCertificateId++;
     const unsignedCertificate = {
       serialNumber: import_general.Bytes.fromHex((0, import_general.toHex)(certId)),
       signatureAlgorithm: 1,
@@ -161,11 +169,11 @@ class AttestationCertificateManager {
         keyUsage: {
           digitalSignature: true
         },
-        subjectKeyIdentifier: import_general.Crypto.hash(publicKey).slice(0, 20),
-        authorityKeyIdentifier: this.paiKeyIdentifier
+        subjectKeyIdentifier: (await import_general.Crypto.hash(publicKey)).slice(0, 20),
+        authorityKeyIdentifier: this.#paiKeyIdentifier
       }
     };
-    return import_CertificateManager.CertificateManager.deviceAttestationCertToAsn1(unsignedCertificate, this.paiKeyPair);
+    return import_CertificateManager.CertificateManager.deviceAttestationCertToAsn1(unsignedCertificate, this.#paiKeyPair);
   }
 }
 //# sourceMappingURL=AttestationCertificateManager.js.map

package/dist/cjs/certificate/AttestationCertificateManager.js.map

@@ -1,6 +1,6 @@
 {
   "version": 3,
   "sources": ["../../../src/certificate/AttestationCertificateManager.ts"],
-  "mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAMA,qBAAuD;AAEvD,gCAAmD;AACnD,+BAIO;AAbP;AAAA;AAAA;AAAA;AAAA;AAeA,SAAS,iBAAiB,UAAoB,WAAoB;AAC9D,SAAO,yBAAyB,SAAS,SAAS,EAAE,EAAE,YAAY,CAAC,IAC/D,cAAc,SAAY,WAAW,KAAK,UAAU,SAAS,EAAE,EAAE,YAAY,CAAC,EAClF;AACJ;AAEA,SAAS,iBAAiB,UAAoB,WAAmB;AAC7D,SAAO,yBAAyB,SAAS,SAAS,EAAE,EAAE,YAAY,CAAC,MAAM,UAAU,SAAS,EAAE,EAAE,YAAY,CAAC;AACjH;AAEA,SAAS,mBAAmB;AAExB,SAAO;AACX;AAEO,MAAM,8BAA8B;AAAA,EAevC,YAA6B,UAAoB;AAApB;AACzB,SAAK,eAAe,KAAK,gBAAgB,QAAQ;AAAA,EACrD;AAAA,EAhBQ,YAAY,OAAO,CAAC;AAAA;AAAA;AAAA,EAIX,iBAAa,2BAAW,wDAA+B;AAAA,IACpE,WAAW;AAAA,EACf,CAAC;AAAA,EACgB,mBAAmB;AAAA,EACnB,YAAY,OAAO,CAAC;AAAA,EACpB,aAAa,sBAAO,cAAc;AAAA,EAClC,mBAAmB,sBAAO,KAAK,KAAK,WAAW,SAAS,EAAE,MAAM,GAAG,EAAE;AAAA,EACrE;AAAA,EACT,oBAAoB;AAAA,EAM5B,aAAa;AACT,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,UAAU,WAAmB;AACzB,UAAM,aAAa,sBAAO,cAAc;AACxC,WAAO;AAAA,MACH,SAAS;AAAA,MACT,KAAK,KAAK,eAAe,WAAW,WAAW,KAAK,UAAU,SAAS;AAAA,IAC3E;AAAA,EACJ;AAAA;AAAA;AAAA;AAAA,EAKQ,gBAAgB,UAAqB;AACzC,UAAM,MAAM,oBAAK,IAAI,EAAE,IAAI;AAC3B,UAAM,sBAAsB;AAAA,MACxB,cAAc,qBAAM,YAAQ,sBAAM,KAAK,SAAS,CAAC;AAAA,MACjD,oBAAoB;AAAA,MACpB,oBAAoB;AAAA,MACpB,yBAAyB;AAAA,MACzB,QAAQ;AAAA,QACJ,YAAY,iBAAiB;AAAA,QAC7B;AAAA,MACJ;AAAA,MACA,eAAW,0CAAe,KAAK,EAAE;AAAA,MACjC,cAAU,0CAAe,KAAK,EAAE;AAAA,MAChC,SAAS;AAAA,QACL,YAAY,iBAAiB;AAAA,QAC7B;AAAA,MACJ;AAAA,MACA,wBAAwB,KAAK,WAAW;AAAA,MACxC,YAAY;AAAA,QACR,kBAAkB;AAAA,UACd,MAAM;AAAA,UACN,SAAS;AAAA,QACb;AAAA,QACA,UAAU;AAAA,UACN,aAAa;AAAA,UACb,SAAS;AAAA,QACb;AAAA,QACA,sBAAsB,KAAK;AAAA,QAC3B,wBAAwB,KAAK;AAAA,MACjC;AAAA,IACJ;AACA,WAAO,6CAAmB,sCAAsC,qBAAqB,KAAK,UAAU;AAAA,EACxG;AAAA,EAEQ,gBAAgB,UAAoB,WAAoB;AAC5D,UAAM,MAAM,oBAAK,IAAI,EAAE,IAAI;AAC3B,UAAM,sBAAsB;AAAA,MACxB,cAAc,qBAAM,YAAQ,sBAAM,KAAK,SAAS,CAAC;AAAA,MACjD,oBAAoB;AAAA,MACpB,oBAAoB;AAAA,MACpB,yBAAyB;AAAA,MACzB,QAAQ;AAAA,QACJ,YAAY,iBAAiB;AAAA,MACjC;AAAA,MACA,eAAW,0CAAe,KAAK,EAAE;AAAA,MACjC,cAAU,0CAAe,KAAK,EAAE;AAAA,MAChC,SAAS;AAAA,QACL,YAAY,iBAAiB,UAAU,SAAS;AAAA,QAChD;AAAA,QACA;AAAA,MACJ;AAAA,MACA,wBAAwB,KAAK,WAAW;AAAA,MACxC,YAAY;AAAA,QACR,kBAAkB;AAAA,UACd,MAAM;AAAA,UACN,SAAS;AAAA,QACb;AAAA,QACA,UAAU;AAAA,UACN,aAAa;AAAA,UACb,SAAS;AAAA,QACb;AAAA,QACA,sBAAsB,KAAK;AAAA,QAC3B,wBAAwB,KAAK;AAAA,MACjC;AAAA,IACJ;AACA,WAAO,6CAAmB,yCAAyC,qBAAqB,KAAK,UAAU;AAAA,EAC3G;AAAA,EAEA,eAAe,WAAuB,UAAoB,WAAmB;AACzE,UAAM,MAAM,oBAAK,IAAI,EAAE,IAAI;AAC3B,UAAM,SAAS,KAAK;AACpB,UAAM,sBAAsB;AAAA,MACxB,cAAc,qBAAM,YAAQ,sBAAM,MAAM,CAAC;AAAA,MACzC,oBAAoB;AAAA,MACpB,oBAAoB;AAAA,MACpB,yBAAyB;AAAA,MACzB,eAAW,0CAAe,KAAK,EAAE;AAAA,MACjC,cAAU,0CAAe,KAAK,EAAE;AAAA,MAChC,QAAQ;AAAA,QACJ,YAAY,iBAAiB,QAAQ;AAAA,QACrC;AAAA,MACJ;AAAA,MACA,SAAS;AAAA,QACL,YAAY,iBAAiB,UAAU,SAAS;AAAA,QAChD;AAAA,QACA;AAAA,MACJ;AAAA,MACA,wBAAwB;AAAA,MACxB,YAAY;AAAA,QACR,kBAAkB;AAAA,UACd,MAAM;AAAA,QACV;AAAA,QACA,UAAU;AAAA,UACN,kBAAkB;AAAA,QACtB;AAAA,QACA,sBAAsB,sBAAO,KAAK,SAAS,EAAE,MAAM,GAAG,EAAE;AAAA,QACxD,wBAAwB,KAAK;AAAA,MACjC;AAAA,IACJ;AACA,WAAO,6CAAmB,4BAA4B,qBAAqB,KAAK,UAAU;AAAA,EAC9F;AACJ;",
+  "mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAMA,qBAAuD;AAEvD,gCAAmD;AACnD,+BAIO;AAbP;AAAA;AAAA;AAAA;AAAA;AAeA,SAAS,iBAAiB,UAAoB,WAAoB;AAC9D,SAAO,yBAAyB,SAAS,SAAS,EAAE,EAAE,YAAY,CAAC,IAC/D,cAAc,SAAY,WAAW,KAAK,UAAU,SAAS,EAAE,EAAE,YAAY,CAAC,EAClF;AACJ;AAEA,SAAS,iBAAiB,UAAoB,WAAmB;AAC7D,SAAO,yBAAyB,SAAS,SAAS,EAAE,EAAE,YAAY,CAAC,MAAM,UAAU,SAAS,EAAE,EAAE,YAAY,CAAC;AACjH;AAEA,SAAS,mBAAmB;AAExB,SAAO;AACX;AAEO,MAAM,8BAA8B;AAAA,EAC/B,YAAY,OAAO,CAAC;AAAA;AAAA;AAAA,EAInB,kBAAc,2BAAW,wDAA+B;AAAA,IAC7D,WAAW;AAAA,EACf,CAAC;AAAA,EACQ;AAAA,EACA;AAAA,EACA;AAAA,EACA,oBAAoB;AAAA,EACpB,aAAa,OAAO,CAAC;AAAA,EACrB;AAAA,EACT,qBAAqB;AAAA,EAErB,YAAY,UAAoB,YAAwB,kBAA8B;AAClF,SAAK,YAAY;AACjB,SAAK,cAAc;AACnB,SAAK,oBAAoB;AACzB,SAAK,gBAAgB,KAAK,gBAAgB,QAAQ;AAAA,EACtD;AAAA,EAEA,aAAa,OAAO,UAAoB;AACpC,UAAM,MAAM,MAAM,sBAAO,cAAc;AACvC,UAAM,aAAa,MAAM,sBAAO,KAAK,IAAI,SAAS;AAClD,WAAO,IAAI,8BAA8B,UAAU,KAAK,WAAW,MAAM,GAAG,EAAE,CAAC;AAAA,EACnF;AAAA,EAEA,aAAa;AACT,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,MAAM,UAAU,WAAmB;AAC/B,UAAM,aAAa,MAAM,sBAAO,cAAc;AAC9C,WAAO;AAAA,MACH,SAAS;AAAA,MACT,KAAK,MAAM,KAAK,eAAe,WAAW,WAAW,KAAK,WAAW,SAAS;AAAA,IAClF;AAAA,EACJ;AAAA;AAAA;AAAA;AAAA,EAKQ,gBAAgB,UAAqB;AACzC,UAAM,MAAM,oBAAK,IAAI,EAAE,IAAI;AAC3B,UAAM,sBAAsB;AAAA,MACxB,cAAc,qBAAM,YAAQ,sBAAM,KAAK,SAAS,CAAC;AAAA,MACjD,oBAAoB;AAAA,MACpB,oBAAoB;AAAA,MACpB,yBAAyB;AAAA,MACzB,QAAQ;AAAA,QACJ,YAAY,iBAAiB;AAAA,QAC7B;AAAA,MACJ;AAAA,MACA,eAAW,0CAAe,KAAK,EAAE;AAAA,MACjC,cAAU,0CAAe,KAAK,EAAE;AAAA,MAChC,SAAS;AAAA,QACL,YAAY,iBAAiB;AAAA,QAC7B;AAAA,MACJ;AAAA,MACA,wBAAwB,KAAK,YAAY;AAAA,MACzC,YAAY;AAAA,QACR,kBAAkB;AAAA,UACd,MAAM;AAAA,UACN,SAAS;AAAA,QACb;AAAA,QACA,UAAU;AAAA,UACN,aAAa;AAAA,UACb,SAAS;AAAA,QACb;AAAA,QACA,sBAAsB,KAAK;AAAA,QAC3B,wBAAwB,KAAK;AAAA,MACjC;AAAA,IACJ;AACA,WAAO,6CAAmB,sCAAsC,qBAAqB,KAAK,WAAW;AAAA,EACzG;AAAA,EAEQ,gBAAgB,UAAoB,WAAoB;AAC5D,UAAM,MAAM,oBAAK,IAAI,EAAE,IAAI;AAC3B,UAAM,sBAAsB;AAAA,MACxB,cAAc,qBAAM,YAAQ,sBAAM,KAAK,UAAU,CAAC;AAAA,MAClD,oBAAoB;AAAA,MACpB,oBAAoB;AAAA,MACpB,yBAAyB;AAAA,MACzB,QAAQ;AAAA,QACJ,YAAY,iBAAiB;AAAA,MACjC;AAAA,MACA,eAAW,0CAAe,KAAK,EAAE;AAAA,MACjC,cAAU,0CAAe,KAAK,EAAE;AAAA,MAChC,SAAS;AAAA,QACL,YAAY,iBAAiB,UAAU,SAAS;AAAA,QAChD;AAAA,QACA;AAAA,MACJ;AAAA,MACA,wBAAwB,KAAK,YAAY;AAAA,MACzC,YAAY;AAAA,QACR,kBAAkB;AAAA,UACd,MAAM;AAAA,UACN,SAAS;AAAA,QACb;AAAA,QACA,UAAU;AAAA,UACN,aAAa;AAAA,UACb,SAAS;AAAA,QACb;AAAA,QACA,sBAAsB,KAAK;AAAA,QAC3B,wBAAwB,KAAK;AAAA,MACjC;AAAA,IACJ;AACA,WAAO,6CAAmB,yCAAyC,qBAAqB,KAAK,WAAW;AAAA,EAC5G;AAAA,EAEA,MAAM,eAAe,WAAuB,UAAoB,WAAmB;AAC/E,UAAM,MAAM,oBAAK,IAAI,EAAE,IAAI;AAC3B,UAAM,SAAS,KAAK;AACpB,UAAM,sBAAsB;AAAA,MACxB,cAAc,qBAAM,YAAQ,sBAAM,MAAM,CAAC;AAAA,MACzC,oBAAoB;AAAA,MACpB,oBAAoB;AAAA,MACpB,yBAAyB;AAAA,MACzB,eAAW,0CAAe,KAAK,EAAE;AAAA,MACjC,cAAU,0CAAe,KAAK,EAAE;AAAA,MAChC,QAAQ;AAAA,QACJ,YAAY,iBAAiB,QAAQ;AAAA,QACrC;AAAA,MACJ;AAAA,MACA,SAAS;AAAA,QACL,YAAY,iBAAiB,UAAU,SAAS;AAAA,QAChD;AAAA,QACA;AAAA,MACJ;AAAA,MACA,wBAAwB;AAAA,MACxB,YAAY;AAAA,QACR,kBAAkB;AAAA,UACd,MAAM;AAAA,QACV;AAAA,QACA,UAAU;AAAA,UACN,kBAAkB;AAAA,QACtB;AAAA,QACA,uBAAuB,MAAM,sBAAO,KAAK,SAAS,GAAG,MAAM,GAAG,EAAE;AAAA,QAChE,wBAAwB,KAAK;AAAA,MACjC;AAAA,IACJ;AACA,WAAO,6CAAmB,4BAA4B,qBAAqB,KAAK,WAAW;AAAA,EAC/F;AACJ;",
   "names": []
 }

package/dist/cjs/certificate/CertificateAuthority.d.ts

@@ -11,18 +11,13 @@ import { CaseAuthenticatedTag, FabricId, NodeId } from "#types";
  */
 export declare class CertificateAuthority {
     #private;
-    private rootCertId;
-    private rootKeyPair;
-    private rootKeyIdentifier;
-    private rootCertBytes;
-    private nextCertificateId;
     get construction(): Construction<CertificateAuthority>;
     static create(options: StorageContext | CertificateAuthority.Configuration): Promise<CertificateAuthority>;
     constructor(options: StorageContext | CertificateAuthority.Configuration);
     static [Environmental.create](env: Environment): CertificateAuthority;
     get rootCert(): Uint8Array<ArrayBufferLike>;
     get config(): CertificateAuthority.Configuration;
-    generateNoc(publicKey: Uint8Array, fabricId: FabricId, nodeId: NodeId, caseAuthenticatedTags?: CaseAuthenticatedTag[]): Uint8Array<ArrayBufferLike>;
+    generateNoc(publicKey: Uint8Array, fabricId: FabricId, nodeId: NodeId, caseAuthenticatedTags?: CaseAuthenticatedTag[]): Promise<Uint8Array<ArrayBufferLike>>;
 }
 export declare namespace CertificateAuthority {
     type Configuration = {

package/dist/cjs/certificate/CertificateAuthority.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"CertificateAuthority.d.ts","sourceRoot":"","sources":["../../../src/certificate/CertificateAuthority.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EACH,aAAa,EAEb,YAAY,EAEZ,WAAW,EACX,aAAa,EAGb,cAAc,EAKjB,MAAM,UAAU,CAAC;AAClB,OAAO,EAAE,oBAAoB,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAahE;;;GAGG;AACH,qBAAa,oBAAoB;;IAC7B,OAAO,CAAC,UAAU,CAAa;IAC/B,OAAO,CAAC,WAAW,CAA0B;IAC7C,OAAO,CAAC,iBAAiB,CAAqF;IAC9G,OAAO,CAAC,aAAa,CAAyD;IAC9E,OAAO,CAAC,iBAAiB,CAAa;IAGtC,IAAI,YAAY,uCAEf;WAEY,MAAM,CAAC,OAAO,EAAE,cAAc,GAAG,oBAAoB,CAAC,aAAa;gBAIpE,OAAO,EAAE,cAAc,GAAG,oBAAoB,CAAC,aAAa;IAmCxE,MAAM,CAAC,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,WAAW;IAO9C,IAAI,QAAQ,gCAEX;IAED,IAAI,MAAM,IAAI,oBAAoB,CAAC,aAAa,CAQ/C;IA4BD,WAAW,CACP,SAAS,EAAE,UAAU,EACrB,QAAQ,EAAE,QAAQ,EAClB,MAAM,EAAE,MAAM,EACd,qBAAqB,CAAC,EAAE,oBAAoB,EAAE;CAgCrD;AAED,yBAAiB,oBAAoB,CAAC;IAClC,KAAY,aAAa,GAAG;QACxB,UAAU,EAAE,MAAM,CAAC;QACnB,WAAW,EAAE,aAAa,CAAC;QAC3B,iBAAiB,EAAE,UAAU,CAAC;QAC9B,aAAa,EAAE,UAAU,CAAC;QAC1B,iBAAiB,EAAE,MAAM,CAAC;KAC7B,CAAC;CACL"}
+{"version":3,"file":"CertificateAuthority.d.ts","sourceRoot":"","sources":["../../../src/certificate/CertificateAuthority.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EACH,aAAa,EAEb,YAAY,EAEZ,WAAW,EACX,aAAa,EAIb,cAAc,EAKjB,MAAM,UAAU,CAAC;AAClB,OAAO,EAAE,oBAAoB,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAahE;;;GAGG;AACH,qBAAa,oBAAoB;;IAQ7B,IAAI,YAAY,uCAEf;WAEY,MAAM,CAAC,OAAO,EAAE,cAAc,GAAG,oBAAoB,CAAC,aAAa;gBAIpE,OAAO,EAAE,cAAc,GAAG,oBAAoB,CAAC,aAAa;IAuCxE,MAAM,CAAC,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,WAAW;IAO9C,IAAI,QAAQ,gCAEX;IAED,IAAI,MAAM,IAAI,oBAAoB,CAAC,aAAa,CAQ/C;IA+BK,WAAW,CACb,SAAS,EAAE,UAAU,EACrB,QAAQ,EAAE,QAAQ,EAClB,MAAM,EAAE,MAAM,EACd,qBAAqB,CAAC,EAAE,oBAAoB,EAAE;CA8CrD;AAED,yBAAiB,oBAAoB,CAAC;IAClC,KAAY,aAAa,GAAG;QACxB,UAAU,EAAE,MAAM,CAAC;QACnB,WAAW,EAAE,aAAa,CAAC;QAC3B,iBAAiB,EAAE,UAAU,CAAC;QAC9B,aAAa,EAAE,UAAU,CAAC;QAC1B,iBAAiB,EAAE,MAAM,CAAC;KAC7B,CAAC;CACL"}

package/dist/cjs/certificate/CertificateAuthority.js

@@ -30,11 +30,11 @@ var import_CertificateManager = require("./CertificateManager.js");
  */
 const logger = import_general.Logger.get("CertificateAuthority");
 class CertificateAuthority {
-  rootCertId = BigInt(0);
-  rootKeyPair = import_general.Crypto.createKeyPair();
-  rootKeyIdentifier = import_general.Crypto.hash(this.rootKeyPair.publicKey).slice(0, 20);
-  rootCertBytes = this.#generateRootCert();
-  nextCertificateId = BigInt(1);
+  #rootCertId = BigInt(0);
+  #rootKeyPair;
+  #rootKeyIdentifier;
+  #rootCertBytes;
+  #nextCertificateId = BigInt(1);
   #construction;
   get construction() {
     return this.#construction;
@@ -45,23 +45,26 @@ class CertificateAuthority {
   constructor(options) {
     this.#construction = (0, import_general.Construction)(this, async () => {
       const certValues = options instanceof import_general.StorageContext ? await options.values() : options;
+      this.#rootKeyPair = await import_general.Crypto.createKeyPair();
+      this.#rootKeyIdentifier = (await import_general.Crypto.hash(this.#rootKeyPair.publicKey)).slice(0, 20);
+      this.#rootCertBytes = await this.#generateRootCert();
       if ((typeof certValues.rootCertId === "number" || typeof certValues.rootCertId === "bigint") && (ArrayBuffer.isView(certValues.rootKeyPair) || typeof certValues.rootKeyPair === "object") && ArrayBuffer.isView(certValues.rootKeyIdentifier) && ArrayBuffer.isView(certValues.rootCertBytes) && (typeof certValues.nextCertificateId === "number" || typeof certValues.nextCertificateId === "bigint")) {
-        this.rootCertId = BigInt(certValues.rootCertId);
-        this.rootKeyPair = (0, import_general.PrivateKey)(certValues.rootKeyPair);
-        this.rootKeyIdentifier = certValues.rootKeyIdentifier;
-        this.rootCertBytes = certValues.rootCertBytes;
-        this.nextCertificateId = BigInt(certValues.nextCertificateId);
-        logger.info(`Loaded stored credentials with ID ${this.rootCertId}`);
+        this.#rootCertId = BigInt(certValues.rootCertId);
+        this.#rootKeyPair = (0, import_general.PrivateKey)(certValues.rootKeyPair);
+        this.#rootKeyIdentifier = certValues.rootKeyIdentifier;
+        this.#rootCertBytes = certValues.rootCertBytes;
+        this.#nextCertificateId = BigInt(certValues.nextCertificateId);
+        logger.info(`Loaded stored credentials with ID ${this.#rootCertId}`);
         return;
       }
-      logger.info(`Created new credentials with ID ${this.rootCertId}`);
+      logger.info(`Created new credentials with ID ${this.#rootCertId}`);
       if (options instanceof import_general.StorageContext) {
         await options.set({
-          rootCertId: this.rootCertId,
-          rootKeyPair: this.rootKeyPair.keyPair,
-          rootKeyIdentifier: this.rootKeyIdentifier,
-          rootCertBytes: this.rootCertBytes,
-          nextCertificateId: this.nextCertificateId
+          rootCertId: this.#rootCertId,
+          rootKeyPair: this.#rootKeyPair.keyPair,
+          rootKeyIdentifier: this.#rootKeyIdentifier,
+          rootCertBytes: this.#rootCertBytes,
+          nextCertificateId: this.#nextCertificateId
         });
       }
     });
@@ -73,51 +76,54 @@ class CertificateAuthority {
     return instance;
   }
   get rootCert() {
-    return this.rootCertBytes;
+    return this.#construction.assert("root cert", this.#rootCertBytes);
   }
   get config() {
     return {
-      rootCertId: this.rootCertId,
-      rootKeyPair: this.rootKeyPair.keyPair,
-      rootKeyIdentifier: this.rootKeyIdentifier,
-      rootCertBytes: this.rootCertBytes,
-      nextCertificateId: this.nextCertificateId
+      rootCertId: this.#rootCertId,
+      rootKeyPair: this.construction.assert("root key pair", this.#rootKeyPair).keyPair,
+      rootKeyIdentifier: this.construction.assert("root key identifier", this.#rootKeyIdentifier),
+      rootCertBytes: this.construction.assert("root cert bytes", this.#rootCertBytes),
+      nextCertificateId: this.#nextCertificateId
     };
   }
-  #generateRootCert() {
+  async #generateRootCert() {
     const now = import_general.Time.get().now();
     const unsignedCertificate = {
-      serialNumber: import_general.Bytes.fromHex((0, import_general.toHex)(this.rootCertId)),
+      serialNumber: import_general.Bytes.fromHex((0, import_general.toHex)(this.#rootCertId)),
       signatureAlgorithm: 1,
       publicKeyAlgorithm: 1,
       ellipticCurveIdentifier: 1,
-      issuer: { rcacId: this.rootCertId },
+      issuer: { rcacId: this.#rootCertId },
       notBefore: (0, import_CertificateManager.jsToMatterDate)(now, -1),
       notAfter: (0, import_CertificateManager.jsToMatterDate)(now, 10),
-      subject: { rcacId: this.rootCertId },
-      ellipticCurvePublicKey: this.rootKeyPair.publicKey,
+      subject: { rcacId: this.#rootCertId },
+      ellipticCurvePublicKey: this.#initializedRootKeyPair.publicKey,
       extensions: {
         basicConstraints: { isCa: true },
         keyUsage: {
           keyCertSign: true,
           cRLSign: true
         },
-        subjectKeyIdentifier: this.rootKeyIdentifier,
-        authorityKeyIdentifier: this.rootKeyIdentifier
+        subjectKeyIdentifier: this.#initializedRootKeyIdentifier,
+        authorityKeyIdentifier: this.#initializedRootKeyIdentifier
       }
     };
-    const signature = import_general.Crypto.sign(this.rootKeyPair, import_CertificateManager.CertificateManager.rootCertToAsn1(unsignedCertificate));
+    const signature = await import_general.Crypto.sign(
+      this.#initializedRootKeyPair,
+      import_CertificateManager.CertificateManager.rootCertToAsn1(unsignedCertificate)
+    );
     return import_CertificateManager.TlvRootCertificate.encode({ ...unsignedCertificate, signature });
   }
-  generateNoc(publicKey, fabricId, nodeId, caseAuthenticatedTags) {
+  async generateNoc(publicKey, fabricId, nodeId, caseAuthenticatedTags) {
     const now = import_general.Time.get().now();
-    const certId = this.nextCertificateId++;
+    const certId = this.#nextCertificateId++;
     const unsignedCertificate = {
       serialNumber: import_general.Bytes.fromHex((0, import_general.toHex)(certId)),
       signatureAlgorithm: 1,
       publicKeyAlgorithm: 1,
       ellipticCurveIdentifier: 1,
-      issuer: { rcacId: this.rootCertId },
+      issuer: { rcacId: this.#rootCertId },
       notBefore: (0, import_CertificateManager.jsToMatterDate)(now, -1),
       notAfter: (0, import_CertificateManager.jsToMatterDate)(now, 10),
       subject: { fabricId, nodeId, caseAuthenticatedTags },
@@ -128,15 +134,27 @@ class CertificateAuthority {
           digitalSignature: true
         },
         extendedKeyUsage: [2, 1],
-        subjectKeyIdentifier: import_general.Crypto.hash(publicKey).slice(0, 20),
-        authorityKeyIdentifier: this.rootKeyIdentifier
+        subjectKeyIdentifier: (await import_general.Crypto.hash(publicKey)).slice(0, 20),
+        authorityKeyIdentifier: this.#initializedRootKeyIdentifier
       }
     };
-    const signature = import_general.Crypto.sign(
-      this.rootKeyPair,
+    const signature = await import_general.Crypto.sign(
+      this.#initializedRootKeyPair,
       import_CertificateManager.CertificateManager.nodeOperationalCertToAsn1(unsignedCertificate)
     );
     return import_CertificateManager.TlvOperationalCertificate.encode({ ...unsignedCertificate, signature });
   }
+  get #initializedRootKeyPair() {
+    if (this.#rootKeyPair === void 0) {
+      throw new import_general.InternalError("CA private key is not installed");
+    }
+    return this.#rootKeyPair;
+  }
+  get #initializedRootKeyIdentifier() {
+    if (this.#rootKeyIdentifier === void 0) {
+      throw new import_general.InternalError("CA key identifier is not installed");
+    }
+    return this.#rootKeyIdentifier;
+  }
 }
 //# sourceMappingURL=CertificateAuthority.js.map

package/dist/cjs/certificate/CertificateAuthority.js.map

@@ -1,6 +1,6 @@
 {
   "version": 3,
   "sources": ["../../../src/certificate/CertificateAuthority.ts"],
-  "mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAMA,qBAcO;AAEP,gCAQO;AA9BP;AAAA;AAAA;AAAA;AAAA;AAgCA,MAAM,SAAS,sBAAO,IAAI,sBAAsB;AAMzC,MAAM,qBAAqB;AAAA,EACtB,aAAa,OAAO,CAAC;AAAA,EACrB,cAAc,sBAAO,cAAc;AAAA,EACnC,oBAAiD,sBAAO,KAAK,KAAK,YAAY,SAAS,EAAE,MAAM,GAAG,EAAE;AAAA,EACpG,gBAA6C,KAAK,kBAAkB;AAAA,EACpE,oBAAoB,OAAO,CAAC;AAAA,EACpC;AAAA,EAEA,IAAI,eAAe;AACf,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,aAAa,OAAO,SAA8D;AAC9E,eAAO,yBAAS,sBAAsB,OAAO;AAAA,EACjD;AAAA,EAEA,YAAY,SAA8D;AACtE,SAAK,oBAAgB,6BAAa,MAAM,YAAY;AAEhD,YAAM,aAAa,mBAAmB,gCAAiB,MAAM,QAAQ,OAAO,IAAI;AAEhF,WACK,OAAO,WAAW,eAAe,YAAY,OAAO,WAAW,eAAe,cAC9E,YAAY,OAAO,WAAW,WAAW,KAAK,OAAO,WAAW,gBAAgB,aACjF,YAAY,OAAO,WAAW,iBAAiB,KAC/C,YAAY,OAAO,WAAW,aAAa,MAC1C,OAAO,WAAW,sBAAsB,YAAY,OAAO,WAAW,sBAAsB,WAC/F;AACE,aAAK,aAAa,OAAO,WAAW,UAAU;AAC9C,aAAK,kBAAc,2BAAW,WAAW,WAA4B;AACrE,aAAK,oBAAoB,WAAW;AACpC,aAAK,gBAAgB,WAAW;AAChC,aAAK,oBAAoB,OAAO,WAAW,iBAAiB;AAC5D,eAAO,KAAK,qCAAqC,KAAK,UAAU,EAAE;AAClE;AAAA,MACJ;AAEA,aAAO,KAAK,mCAAmC,KAAK,UAAU,EAAE;AAEhE,UAAI,mBAAmB,+BAAgB;AACnC,cAAM,QAAQ,IAAI;AAAA,UACd,YAAY,KAAK;AAAA,UACjB,aAAa,KAAK,YAAY;AAAA,UAC9B,mBAAmB,KAAK;AAAA,UACxB,eAAe,KAAK;AAAA,UACpB,mBAAmB,KAAK;AAAA,QAC5B,CAAC;AAAA,MACL;AAAA,IACJ,CAAC;AAAA,EACL;AAAA,EAEA,QAAQ,6BAAc,MAAM,EAAE,KAAkB;AAC5C,UAAM,UAAU,IAAI,IAAI,6BAAc,EAAE,cAAc,cAAc;AACpE,UAAM,WAAW,IAAI,qBAAqB,OAAO;AACjD,QAAI,IAAI,sBAAsB,QAAQ;AACtC,WAAO;AAAA,EACX;AAAA,EAEA,IAAI,WAAW;AACX,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,SAA6C;AAC7C,WAAO;AAAA,MACH,YAAY,KAAK;AAAA,MACjB,aAAa,KAAK,YAAY;AAAA,MAC9B,mBAAmB,KAAK;AAAA,MACxB,eAAe,KAAK;AAAA,MACpB,mBAAmB,KAAK;AAAA,IAC5B;AAAA,EACJ;AAAA,EAEA,oBAAoB;AAChB,UAAM,MAAM,oBAAK,IAAI,EAAE,IAAI;AAC3B,UAAM,sBAAiD;AAAA,MACnD,cAAc,qBAAM,YAAQ,sBAAM,KAAK,UAAU,CAAC;AAAA,MAClD,oBAAoB;AAAA,MACpB,oBAAoB;AAAA,MACpB,yBAAyB;AAAA,MACzB,QAAQ,EAAE,QAAQ,KAAK,WAAW;AAAA,MAClC,eAAW,0CAAe,KAAK,EAAE;AAAA,MACjC,cAAU,0CAAe,KAAK,EAAE;AAAA,MAChC,SAAS,EAAE,QAAQ,KAAK,WAAW;AAAA,MACnC,wBAAwB,KAAK,YAAY;AAAA,MACzC,YAAY;AAAA,QACR,kBAAkB,EAAE,MAAM,KAAK;AAAA,QAC/B,UAAU;AAAA,UACN,aAAa;AAAA,UACb,SAAS;AAAA,QACb;AAAA,QACA,sBAAsB,KAAK;AAAA,QAC3B,wBAAwB,KAAK;AAAA,MACjC;AAAA,IACJ;AACA,UAAM,YAAY,sBAAO,KAAK,KAAK,aAAa,6CAAmB,eAAe,mBAAmB,CAAC;AACtG,WAAO,6CAAmB,OAAO,EAAE,GAAG,qBAAqB,UAAU,CAAC;AAAA,EAC1E;AAAA,EAEA,YACI,WACA,UACA,QACA,uBACF;AACE,UAAM,MAAM,oBAAK,IAAI,EAAE,IAAI;AAC3B,UAAM,SAAS,KAAK;AACpB,UAAM,sBAAwD;AAAA,MAC1D,cAAc,qBAAM,YAAQ,sBAAM,MAAM,CAAC;AAAA,MACzC,oBAAoB;AAAA,MACpB,oBAAoB;AAAA,MACpB,yBAAyB;AAAA,MACzB,QAAQ,EAAE,QAAQ,KAAK,WAAW;AAAA,MAClC,eAAW,0CAAe,KAAK,EAAE;AAAA,MACjC,cAAU,0CAAe,KAAK,EAAE;AAAA,MAChC,SAAS,EAAE,UAAU,QAAQ,sBAAsB;AAAA,MACnD,wBAAwB;AAAA,MACxB,YAAY;AAAA,QACR,kBAAkB,EAAE,MAAM,MAAM;AAAA,QAChC,UAAU;AAAA,UACN,kBAAkB;AAAA,QACtB;AAAA,QACA,kBAAkB,CAAC,GAAG,CAAC;AAAA,QACvB,sBAAsB,sBAAO,KAAK,SAAS,EAAE,MAAM,GAAG,EAAE;AAAA,QACxD,wBAAwB,KAAK;AAAA,MACjC;AAAA,IACJ;AAEA,UAAM,YAAY,sBAAO;AAAA,MACrB,KAAK;AAAA,MACL,6CAAmB,0BAA0B,mBAAmB;AAAA,IACpE;AAEA,WAAO,oDAA0B,OAAO,EAAE,GAAG,qBAAqB,UAAU,CAAC;AAAA,EACjF;AACJ;",
+  "mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAMA,qBAeO;AAEP,gCAQO;AA/BP;AAAA;AAAA;AAAA;AAAA;AAiCA,MAAM,SAAS,sBAAO,IAAI,sBAAsB;AAMzC,MAAM,qBAAqB;AAAA,EAC9B,cAAc,OAAO,CAAC;AAAA,EACtB;AAAA,EACA;AAAA,EACA;AAAA,EACA,qBAAqB,OAAO,CAAC;AAAA,EAC7B;AAAA,EAEA,IAAI,eAAe;AACf,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,aAAa,OAAO,SAA8D;AAC9E,eAAO,yBAAS,sBAAsB,OAAO;AAAA,EACjD;AAAA,EAEA,YAAY,SAA8D;AACtE,SAAK,oBAAgB,6BAAa,MAAM,YAAY;AAEhD,YAAM,aAAa,mBAAmB,gCAAiB,MAAM,QAAQ,OAAO,IAAI;AAEhF,WAAK,eAAe,MAAM,sBAAO,cAAc;AAC/C,WAAK,sBAAsB,MAAM,sBAAO,KAAK,KAAK,aAAa,SAAS,GAAG,MAAM,GAAG,EAAE;AACtF,WAAK,iBAAiB,MAAM,KAAK,kBAAkB;AAEnD,WACK,OAAO,WAAW,eAAe,YAAY,OAAO,WAAW,eAAe,cAC9E,YAAY,OAAO,WAAW,WAAW,KAAK,OAAO,WAAW,gBAAgB,aACjF,YAAY,OAAO,WAAW,iBAAiB,KAC/C,YAAY,OAAO,WAAW,aAAa,MAC1C,OAAO,WAAW,sBAAsB,YAAY,OAAO,WAAW,sBAAsB,WAC/F;AACE,aAAK,cAAc,OAAO,WAAW,UAAU;AAC/C,aAAK,mBAAe,2BAAW,WAAW,WAA4B;AACtE,aAAK,qBAAqB,WAAW;AACrC,aAAK,iBAAiB,WAAW;AACjC,aAAK,qBAAqB,OAAO,WAAW,iBAAiB;AAC7D,eAAO,KAAK,qCAAqC,KAAK,WAAW,EAAE;AACnE;AAAA,MACJ;AAEA,aAAO,KAAK,mCAAmC,KAAK,WAAW,EAAE;AAEjE,UAAI,mBAAmB,+BAAgB;AACnC,cAAM,QAAQ,IAAI;AAAA,UACd,YAAY,KAAK;AAAA,UACjB,aAAa,KAAK,aAAa;AAAA,UAC/B,mBAAmB,KAAK;AAAA,UACxB,eAAe,KAAK;AAAA,UACpB,mBAAmB,KAAK;AAAA,QAC5B,CAAC;AAAA,MACL;AAAA,IACJ,CAAC;AAAA,EACL;AAAA,EAEA,QAAQ,6BAAc,MAAM,EAAE,KAAkB;AAC5C,UAAM,UAAU,IAAI,IAAI,6BAAc,EAAE,cAAc,cAAc;AACpE,UAAM,WAAW,IAAI,qBAAqB,OAAO;AACjD,QAAI,IAAI,sBAAsB,QAAQ;AACtC,WAAO;AAAA,EACX;AAAA,EAEA,IAAI,WAAW;AACX,WAAO,KAAK,cAAc,OAAO,aAAa,KAAK,cAAc;AAAA,EACrE;AAAA,EAEA,IAAI,SAA6C;AAC7C,WAAO;AAAA,MACH,YAAY,KAAK;AAAA,MACjB,aAAa,KAAK,aAAa,OAAO,iBAAiB,KAAK,YAAY,EAAE;AAAA,MAC1E,mBAAmB,KAAK,aAAa,OAAO,uBAAuB,KAAK,kBAAkB;AAAA,MAC1F,eAAe,KAAK,aAAa,OAAO,mBAAmB,KAAK,cAAc;AAAA,MAC9E,mBAAmB,KAAK;AAAA,IAC5B;AAAA,EACJ;AAAA,EAEA,MAAM,oBAAoB;AACtB,UAAM,MAAM,oBAAK,IAAI,EAAE,IAAI;AAC3B,UAAM,sBAAiD;AAAA,MACnD,cAAc,qBAAM,YAAQ,sBAAM,KAAK,WAAW,CAAC;AAAA,MACnD,oBAAoB;AAAA,MACpB,oBAAoB;AAAA,MACpB,yBAAyB;AAAA,MACzB,QAAQ,EAAE,QAAQ,KAAK,YAAY;AAAA,MACnC,eAAW,0CAAe,KAAK,EAAE;AAAA,MACjC,cAAU,0CAAe,KAAK,EAAE;AAAA,MAChC,SAAS,EAAE,QAAQ,KAAK,YAAY;AAAA,MACpC,wBAAwB,KAAK,wBAAwB;AAAA,MACrD,YAAY;AAAA,QACR,kBAAkB,EAAE,MAAM,KAAK;AAAA,QAC/B,UAAU;AAAA,UACN,aAAa;AAAA,UACb,SAAS;AAAA,QACb;AAAA,QACA,sBAAsB,KAAK;AAAA,QAC3B,wBAAwB,KAAK;AAAA,MACjC;AAAA,IACJ;AACA,UAAM,YAAY,MAAM,sBAAO;AAAA,MAC3B,KAAK;AAAA,MACL,6CAAmB,eAAe,mBAAmB;AAAA,IACzD;AACA,WAAO,6CAAmB,OAAO,EAAE,GAAG,qBAAqB,UAAU,CAAC;AAAA,EAC1E;AAAA,EAEA,MAAM,YACF,WACA,UACA,QACA,uBACF;AACE,UAAM,MAAM,oBAAK,IAAI,EAAE,IAAI;AAC3B,UAAM,SAAS,KAAK;AACpB,UAAM,sBAAwD;AAAA,MAC1D,cAAc,qBAAM,YAAQ,sBAAM,MAAM,CAAC;AAAA,MACzC,oBAAoB;AAAA,MACpB,oBAAoB;AAAA,MACpB,yBAAyB;AAAA,MACzB,QAAQ,EAAE,QAAQ,KAAK,YAAY;AAAA,MACnC,eAAW,0CAAe,KAAK,EAAE;AAAA,MACjC,cAAU,0CAAe,KAAK,EAAE;AAAA,MAChC,SAAS,EAAE,UAAU,QAAQ,sBAAsB;AAAA,MACnD,wBAAwB;AAAA,MACxB,YAAY;AAAA,QACR,kBAAkB,EAAE,MAAM,MAAM;AAAA,QAChC,UAAU;AAAA,UACN,kBAAkB;AAAA,QACtB;AAAA,QACA,kBAAkB,CAAC,GAAG,CAAC;AAAA,QACvB,uBAAuB,MAAM,sBAAO,KAAK,SAAS,GAAG,MAAM,GAAG,EAAE;AAAA,QAChE,wBAAwB,KAAK;AAAA,MACjC;AAAA,IACJ;AAEA,UAAM,YAAY,MAAM,sBAAO;AAAA,MAC3B,KAAK;AAAA,MACL,6CAAmB,0BAA0B,mBAAmB;AAAA,IACpE;AAEA,WAAO,oDAA0B,OAAO,EAAE,GAAG,qBAAqB,UAAU,CAAC;AAAA,EACjF;AAAA,EAEA,IAAI,0BAA0B;AAC1B,QAAI,KAAK,iBAAiB,QAAW;AACjC,YAAM,IAAI,6BAAc,iCAAiC;AAAA,IAC7D;AACA,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,gCAAgC;AAChC,QAAI,KAAK,uBAAuB,QAAW;AACvC,YAAM,IAAI,6BAAc,oCAAoC;AAAA,IAChE;AACA,WAAO,KAAK;AAAA,EAChB;AACJ;",
   "names": []
 }

package/dist/cjs/certificate/CertificateManager.d.ts

@@ -544,9 +544,9 @@ export declare namespace CertificateManager {
     function rootCertToAsn1(cert: Unsigned<RootCertificate>): Uint8Array<ArrayBufferLike>;
     function intermediateCaCertToAsn1(cert: Unsigned<IntermediateCertificate>): Uint8Array<ArrayBufferLike>;
     function nodeOperationalCertToAsn1(cert: Unsigned<OperationalCertificate>): Uint8Array<ArrayBufferLike>;
-    function deviceAttestationCertToAsn1(cert: Unsigned<DeviceAttestationCertificate>, key: Key): Uint8Array<ArrayBufferLike>;
-    function productAttestationIntermediateCertToAsn1(cert: Unsigned<ProductAttestationIntermediateCertificate>, key: Key): Uint8Array<ArrayBufferLike>;
-    function productAttestationAuthorityCertToAsn1(cert: Unsigned<ProductAttestationAuthorityCertificate>, key: Key): Uint8Array<ArrayBufferLike>;
+    function deviceAttestationCertToAsn1(cert: Unsigned<DeviceAttestationCertificate>, key: Key): Promise<Uint8Array<ArrayBufferLike>>;
+    function productAttestationIntermediateCertToAsn1(cert: Unsigned<ProductAttestationIntermediateCertificate>, key: Key): Promise<Uint8Array<ArrayBufferLike>>;
+    function productAttestationAuthorityCertToAsn1(cert: Unsigned<ProductAttestationAuthorityCertificate>, key: Key): Promise<Uint8Array<ArrayBufferLike>>;
     function certificationDeclarationToAsn1(eContent: Uint8Array, subjectKeyIdentifier: Uint8Array, privateKey: JsonWebKey): Uint8Array<ArrayBufferLike>;
     /**
      * Validate general requirements a Matter certificate fields must fulfill.
@@ -557,19 +557,19 @@ export declare namespace CertificateManager {
      * Verify requirements a Matter Root certificate must fulfill.
      * Rules for this are listed in @see {@link MatterSpecification.v12.Core} §6.5.x
      */
-    function verifyRootCertificate(rootCert: RootCertificate): void;
+    function verifyRootCertificate(rootCert: RootCertificate): Promise<void>;
     /**
      * Verify requirements a Matter Node Operational certificate must fulfill.
      * Rules for this are listed in @see {@link MatterSpecification.v12.Core} §6.5.x
      */
-    function verifyNodeOperationalCertificate(nocCert: OperationalCertificate, rootCert: RootCertificate, icaCert?: IntermediateCertificate): void;
+    function verifyNodeOperationalCertificate(nocCert: OperationalCertificate, rootCert: RootCertificate, icaCert?: IntermediateCertificate): Promise<void>;
     /**
      * Verify requirements a Matter Intermediate CA certificate must fulfill.
      * Rules for this are listed in @see {@link MatterSpecification.v12.Core} §6.5.x
      */
-    function verifyIntermediateCaCertificate(rootCert: RootCertificate, icaCert: IntermediateCertificate): void;
-    function createCertificateSigningRequest(key: Key): Uint8Array<ArrayBufferLike>;
-    function getPublicKeyFromCsr(csr: Uint8Array): Uint8Array<ArrayBufferLike>;
+    function verifyIntermediateCaCertificate(rootCert: RootCertificate, icaCert: IntermediateCertificate): Promise<void>;
+    function createCertificateSigningRequest(key: Key): Promise<Uint8Array<ArrayBufferLike>>;
+    function getPublicKeyFromCsr(csr: Uint8Array): Promise<Uint8Array<ArrayBufferLike>>;
 }
 export {};
 //# sourceMappingURL=CertificateManager.d.ts.map

package/dist/cjs/certificate/CertificateManager.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"CertificateManager.d.ts","sourceRoot":"","sources":["../../../src/certificate/CertificateManager.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAaH,GAAG,EAEH,WAAW,EASd,MAAM,UAAU,CAAC;AAClB,OAAO,EACH,OAAO,EAEP,oBAAoB,EACpB,QAAQ,EACR,MAAM,EAoBN,wBAAwB,EACxB,cAAc,EACd,QAAQ,EACX,MAAM,QAAQ,CAAC;AAIhB,qBAAa,gBAAiB,SAAQ,WAAW;CAAG;AAcpD,wBAAgB,cAAc,CAAC,IAAI,EAAE,MAAM,QAE1C;AAED,wBAAgB,cAAc,CAAC,IAAI,EAAE,IAAI,EAAE,QAAQ,SAAI,UAItD;AAoDD,uDAAuD;AACvD,eAAO,MAAM,aAAa,0BAAuC,CAAC;AAElE,mEAAmE;AACnE,eAAO,MAAM,wBAAwB,0BAAuC,CAAC;AAE7E,uDAAuD;AACvD,eAAO,MAAM,aAAa,mCAAgD,CAAC;AAE3E,uDAAuD;AACvD,eAAO,MAAM,aAAa,mCAAgD,CAAC;AAE3E,yDAAyD;AACzD,eAAO,MAAM,eAAe,4BAAyC,CAAC;AAEtE,uDAAuD;AACvD,eAAO,MAAM,aAAa,0BAAuD,CAAC;AAElF,uDAAuD;AACvD,eAAO,MAAM,eAAe,4BAA0D,CAAC;AAEvF,uDAAuD;AACvD,eAAO,MAAM,gBAAgB,0BAAwD,CAAC;AA2DtF,QAAA,MAAM,uBAAuB;;;;;;;;;;CAU5B,CAAC;AA2DF,eAAO,MAAM,kBAAkB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAM7B,CAAC;AAEH,eAAO,MAAM,yBAAyB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAOpC,CAAC;AAEH,eAAO,MAAM,0BAA0B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAMrC,CAAC;AAEH,QAAA,MAAM,kBAAkB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAA0B,CAAC;AAEnD,UAAU,0BAA0B;IAChC,YAAY,EAAE,UAAU,CAAC;IACzB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,MAAM,EAAE,EAAE,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,EAAE,CAAC;IACZ,kBAAkB,EAAE,MAAM,CAAC;IAC3B,uBAAuB,EAAE,MAAM,CAAC;IAChC,sBAAsB,EAAE,UAAU,CAAC;IACnC,UAAU,EAAE;QACR,gBAAgB,EAAE;YACd,IAAI,EAAE,OAAO,CAAC;YACd,OAAO,CAAC,EAAE,MAAM,CAAC;SACpB,CAAC;QACF,QAAQ,EAAE,wBAAwB,CAAC,OAAO,uBAAuB,CAAC,CAAC;QACnE,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;QAC5B,oBAAoB,EAAE,UAAU,CAAC;QACjC,sBAAsB,EAAE,UAAU,CAAC;QACnC,eAAe,CAAC,EAAE,UAAU,EAAE,CAAC;KAClC,CAAC;IACF,SAAS,EAAE,UAAU,CAAC;CACzB;AAED,MAAM,WAAW,4BAA6B,SAAQ,0BAA0B;IAC5E,MAAM,EAAE;QACJ,UAAU,EAAE,MAAM,CAAC;QACnB,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,QAAQ,EAAE,QAAQ,CAAC;KACtB,CAAC;IACF,OAAO,EAAE;QACL,UAAU,EAAE,MAAM,CAAC;QACnB,SAAS,EAAE,MAAM,CAAC;QAClB,QAAQ,EAAE,QAAQ,CAAC;KACtB,CAAC;CACL;AAED,MAAM,WAAW,yCAA0C,SAAQ,0BAA0B;IACzF,MAAM,EAAE;QACJ,UAAU,EAAE,MAAM,CAAC;QACnB,QAAQ,CAAC,EAAE,QAAQ,CAAC;KACvB,CAAC;IACF,OAAO,EAAE;QACL,UAAU,EAAE,MAAM,CAAC;QACnB,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,QAAQ,EAAE,QAAQ,CAAC;KACtB,CAAC;CACL;AAED,MAAM,WAAW,sCAAuC,SAAQ,0BAA0B;IACtF,MAAM,EAAE;QACJ,UAAU,EAAE,MAAM,CAAC;QACnB,QAAQ,CAAC,EAAE,QAAQ,CAAC;KACvB,CAAC;IACF,OAAO,EAAE;QACL,UAAU,EAAE,MAAM,CAAC;QACnB,QAAQ,CAAC,EAAE,QAAQ,CAAC;KACvB,CAAC;CACL;AAED,eAAO,MAAM,2BAA2B;;;;;;;;;;;;;EAgBtC,CAAC;AAEH,MAAM,MAAM,eAAe,GAAG,cAAc,CAAC,OAAO,kBAAkB,CAAC,CAAC;AACxE,MAAM,MAAM,eAAe,GAAG,cAAc,CAAC,OAAO,kBAAkB,CAAC,CAAC;AACxE,MAAM,MAAM,uBAAuB,GAAG,cAAc,CAAC,OAAO,0BAA0B,CAAC,CAAC;AACxF,MAAM,MAAM,sBAAsB,GAAG,cAAc,CAAC,OAAO,yBAAyB,CAAC,CAAC;AACtF,MAAM,MAAM,QAAQ,CAAC,IAAI,IAAI;KAAG,QAAQ,IAAI,MAAM,IAAI,IAAI,OAAO,CAAC,QAAQ,EAAE,WAAW,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC;CAAE,CAAC;AAwL5G,yBAAiB,kBAAkB,CAAC;IA6ChC,SAAgB,cAAc,CAAC,IAAI,EAAE,QAAQ,CAAC,eAAe,CAAC,+BAU7D;IAED,SAAgB,wBAAwB,CAAC,IAAI,EAAE,QAAQ,CAAC,uBAAuB,CAAC,+BAU/E;IAED,SAAgB,yBAAyB,CAAC,IAAI,EAAE,QAAQ,CAAC,sBAAsB,CAAC,+BAe/E;IAED,SAAgB,2BAA2B,CAAC,IAAI,EAAE,QAAQ,CAAC,4BAA4B,CAAC,EAAE,GAAG,EAAE,GAAG,+BASjG;IAED,SAAgB,wCAAwC,CACpD,IAAI,EAAE,QAAQ,CAAC,yCAAyC,CAAC,EACzD,GAAG,EAAE,GAAG,+BAUX;IAED,SAAgB,qCAAqC,CACjD,IAAI,EAAE,QAAQ,CAAC,sCAAsC,CAAC,EACtD,GAAG,EAAE,GAAG,+BAUX;IAED,SAAgB,8BAA8B,CAC1C,QAAQ,EAAE,UAAU,EACpB,oBAAoB,EAAE,UAAU,EAChC,UAAU,EAAE,UAAU,+BAoBzB;IAED;;;OAGG;IACH,SAAgB,gCAAgC,CAC5C,IAAI,EAAE,eAAe,GAAG,sBAAsB,GAAG,uBAAuB,QAsC3E;IAED;;;OAGG;IACH,SAAgB,qBAAqB,CAAC,QAAQ,EAAE,eAAe,QAqF9D;IAED;;;OAGG;IACH,SAAgB,gCAAgC,CAC5C,OAAO,EAAE,sBAAsB,EAC/B,QAAQ,EAAE,eAAe,EACzB,OAAO,CAAC,EAAE,uBAAuB,QAuHpC;IAED;;;OAGG;IACH,SAAgB,+BAA+B,CAAC,QAAQ,EAAE,eAAe,EAAE,OAAO,EAAE,uBAAuB,QA4G1G;IAED,SAAgB,+BAA+B,CAAC,GAAG,EAAE,GAAG,+BAavD;IAED,SAAgB,mBAAmB,CAAC,GAAG,EAAE,UAAU,+BA+BlD;CACJ"}
+{"version":3,"file":"CertificateManager.d.ts","sourceRoot":"","sources":["../../../src/certificate/CertificateManager.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAaH,GAAG,EAEH,WAAW,EASd,MAAM,UAAU,CAAC;AAClB,OAAO,EACH,OAAO,EAEP,oBAAoB,EACpB,QAAQ,EACR,MAAM,EAoBN,wBAAwB,EACxB,cAAc,EACd,QAAQ,EACX,MAAM,QAAQ,CAAC;AAIhB,qBAAa,gBAAiB,SAAQ,WAAW;CAAG;AAcpD,wBAAgB,cAAc,CAAC,IAAI,EAAE,MAAM,QAE1C;AAED,wBAAgB,cAAc,CAAC,IAAI,EAAE,IAAI,EAAE,QAAQ,SAAI,UAItD;AAoDD,uDAAuD;AACvD,eAAO,MAAM,aAAa,0BAAuC,CAAC;AAElE,mEAAmE;AACnE,eAAO,MAAM,wBAAwB,0BAAuC,CAAC;AAE7E,uDAAuD;AACvD,eAAO,MAAM,aAAa,mCAAgD,CAAC;AAE3E,uDAAuD;AACvD,eAAO,MAAM,aAAa,mCAAgD,CAAC;AAE3E,yDAAyD;AACzD,eAAO,MAAM,eAAe,4BAAyC,CAAC;AAEtE,uDAAuD;AACvD,eAAO,MAAM,aAAa,0BAAuD,CAAC;AAElF,uDAAuD;AACvD,eAAO,MAAM,eAAe,4BAA0D,CAAC;AAEvF,uDAAuD;AACvD,eAAO,MAAM,gBAAgB,0BAAwD,CAAC;AA2DtF,QAAA,MAAM,uBAAuB;;;;;;;;;;CAU5B,CAAC;AA2DF,eAAO,MAAM,kBAAkB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAM7B,CAAC;AAEH,eAAO,MAAM,yBAAyB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAOpC,CAAC;AAEH,eAAO,MAAM,0BAA0B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAMrC,CAAC;AAEH,QAAA,MAAM,kBAAkB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAA0B,CAAC;AAEnD,UAAU,0BAA0B;IAChC,YAAY,EAAE,UAAU,CAAC;IACzB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,MAAM,EAAE,EAAE,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,EAAE,CAAC;IACZ,kBAAkB,EAAE,MAAM,CAAC;IAC3B,uBAAuB,EAAE,MAAM,CAAC;IAChC,sBAAsB,EAAE,UAAU,CAAC;IACnC,UAAU,EAAE;QACR,gBAAgB,EAAE;YACd,IAAI,EAAE,OAAO,CAAC;YACd,OAAO,CAAC,EAAE,MAAM,CAAC;SACpB,CAAC;QACF,QAAQ,EAAE,wBAAwB,CAAC,OAAO,uBAAuB,CAAC,CAAC;QACnE,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;QAC5B,oBAAoB,EAAE,UAAU,CAAC;QACjC,sBAAsB,EAAE,UAAU,CAAC;QACnC,eAAe,CAAC,EAAE,UAAU,EAAE,CAAC;KAClC,CAAC;IACF,SAAS,EAAE,UAAU,CAAC;CACzB;AAED,MAAM,WAAW,4BAA6B,SAAQ,0BAA0B;IAC5E,MAAM,EAAE;QACJ,UAAU,EAAE,MAAM,CAAC;QACnB,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,QAAQ,EAAE,QAAQ,CAAC;KACtB,CAAC;IACF,OAAO,EAAE;QACL,UAAU,EAAE,MAAM,CAAC;QACnB,SAAS,EAAE,MAAM,CAAC;QAClB,QAAQ,EAAE,QAAQ,CAAC;KACtB,CAAC;CACL;AAED,MAAM,WAAW,yCAA0C,SAAQ,0BAA0B;IACzF,MAAM,EAAE;QACJ,UAAU,EAAE,MAAM,CAAC;QACnB,QAAQ,CAAC,EAAE,QAAQ,CAAC;KACvB,CAAC;IACF,OAAO,EAAE;QACL,UAAU,EAAE,MAAM,CAAC;QACnB,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,QAAQ,EAAE,QAAQ,CAAC;KACtB,CAAC;CACL;AAED,MAAM,WAAW,sCAAuC,SAAQ,0BAA0B;IACtF,MAAM,EAAE;QACJ,UAAU,EAAE,MAAM,CAAC;QACnB,QAAQ,CAAC,EAAE,QAAQ,CAAC;KACvB,CAAC;IACF,OAAO,EAAE;QACL,UAAU,EAAE,MAAM,CAAC;QACnB,QAAQ,CAAC,EAAE,QAAQ,CAAC;KACvB,CAAC;CACL;AAED,eAAO,MAAM,2BAA2B;;;;;;;;;;;;;EAgBtC,CAAC;AAEH,MAAM,MAAM,eAAe,GAAG,cAAc,CAAC,OAAO,kBAAkB,CAAC,CAAC;AACxE,MAAM,MAAM,eAAe,GAAG,cAAc,CAAC,OAAO,kBAAkB,CAAC,CAAC;AACxE,MAAM,MAAM,uBAAuB,GAAG,cAAc,CAAC,OAAO,0BAA0B,CAAC,CAAC;AACxF,MAAM,MAAM,sBAAsB,GAAG,cAAc,CAAC,OAAO,yBAAyB,CAAC,CAAC;AACtF,MAAM,MAAM,QAAQ,CAAC,IAAI,IAAI;KAAG,QAAQ,IAAI,MAAM,IAAI,IAAI,OAAO,CAAC,QAAQ,EAAE,WAAW,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC;CAAE,CAAC;AAwL5G,yBAAiB,kBAAkB,CAAC;IA6ChC,SAAgB,cAAc,CAAC,IAAI,EAAE,QAAQ,CAAC,eAAe,CAAC,+BAU7D;IAED,SAAgB,wBAAwB,CAAC,IAAI,EAAE,QAAQ,CAAC,uBAAuB,CAAC,+BAU/E;IAED,SAAgB,yBAAyB,CAAC,IAAI,EAAE,QAAQ,CAAC,sBAAsB,CAAC,+BAe/E;IAED,SAAsB,2BAA2B,CAAC,IAAI,EAAE,QAAQ,CAAC,4BAA4B,CAAC,EAAE,GAAG,EAAE,GAAG,wCASvG;IAED,SAAsB,wCAAwC,CAC1D,IAAI,EAAE,QAAQ,CAAC,yCAAyC,CAAC,EACzD,GAAG,EAAE,GAAG,wCAUX;IAED,SAAsB,qCAAqC,CACvD,IAAI,EAAE,QAAQ,CAAC,sCAAsC,CAAC,EACtD,GAAG,EAAE,GAAG,wCAUX;IAED,SAAgB,8BAA8B,CAC1C,QAAQ,EAAE,UAAU,EACpB,oBAAoB,EAAE,UAAU,EAChC,UAAU,EAAE,UAAU,+BAoBzB;IAED;;;OAGG;IACH,SAAgB,gCAAgC,CAC5C,IAAI,EAAE,eAAe,GAAG,sBAAsB,GAAG,uBAAuB,QAsC3E;IAED;;;OAGG;IACH,SAAsB,qBAAqB,CAAC,QAAQ,EAAE,eAAe,iBAqFpE;IAED;;;OAGG;IACH,SAAsB,gCAAgC,CAClD,OAAO,EAAE,sBAAsB,EAC/B,QAAQ,EAAE,eAAe,EACzB,OAAO,CAAC,EAAE,uBAAuB,iBAuHpC;IAED;;;OAGG;IACH,SAAsB,+BAA+B,CAAC,QAAQ,EAAE,eAAe,EAAE,OAAO,EAAE,uBAAuB,iBAgHhH;IAED,SAAsB,+BAA+B,CAAC,GAAG,EAAE,GAAG,wCAa7D;IAED,SAAsB,mBAAmB,CAAC,GAAG,EAAE,UAAU,wCA+BxD;CACJ"}

package/dist/cjs/certificate/CertificateManager.js

@@ -492,34 +492,34 @@ var CertificateManager;
     return genericCertToAsn1(cert);
   }
   CertificateManager2.nodeOperationalCertToAsn1 = nodeOperationalCertToAsn1;
-  function deviceAttestationCertToAsn1(cert, key) {
+  async function deviceAttestationCertToAsn1(cert, key) {
     const certificate = genericBuildAsn1Structure(cert);
     const certBytes = import_general.DerCodec.encode({
       certificate,
       signAlgorithm: import_general.X962.EcdsaWithSHA256,
-      signature: (0, import_general.BitByteArray)(import_general.Crypto.sign(key, import_general.DerCodec.encode(certificate), "der"))
+      signature: (0, import_general.BitByteArray)(await import_general.Crypto.sign(key, import_general.DerCodec.encode(certificate), "der"))
     });
     assertCertificateDerSize(certBytes);
     return certBytes;
   }
   CertificateManager2.deviceAttestationCertToAsn1 = deviceAttestationCertToAsn1;
-  function productAttestationIntermediateCertToAsn1(cert, key) {
+  async function productAttestationIntermediateCertToAsn1(cert, key) {
     const certificate = genericBuildAsn1Structure(cert);
     const certBytes = import_general.DerCodec.encode({
       certificate,
       signAlgorithm: import_general.X962.EcdsaWithSHA256,
-      signature: (0, import_general.BitByteArray)(import_general.Crypto.sign(key, import_general.DerCodec.encode(certificate), "der"))
+      signature: (0, import_general.BitByteArray)(await import_general.Crypto.sign(key, import_general.DerCodec.encode(certificate), "der"))
     });
     assertCertificateDerSize(certBytes);
     return certBytes;
   }
   CertificateManager2.productAttestationIntermediateCertToAsn1 = productAttestationIntermediateCertToAsn1;
-  function productAttestationAuthorityCertToAsn1(cert, key) {
+  async function productAttestationAuthorityCertToAsn1(cert, key) {
     const certificate = genericBuildAsn1Structure(cert);
     const certBytes = import_general.DerCodec.encode({
       certificate,
       signAlgorithm: import_general.X962.EcdsaWithSHA256,
-      signature: (0, import_general.BitByteArray)(import_general.Crypto.sign(key, import_general.DerCodec.encode(certificate), "der"))
+      signature: (0, import_general.BitByteArray)(await import_general.Crypto.sign(key, import_general.DerCodec.encode(certificate), "der"))
     });
     assertCertificateDerSize(certBytes);
     return certBytes;
@@ -570,7 +570,7 @@ var CertificateManager;
     }
   }
   CertificateManager2.validateGeneralCertificateFields = validateGeneralCertificateFields;
-  function verifyRootCertificate(rootCert) {
+  async function verifyRootCertificate(rootCert) {
     CertificateManager2.validateGeneralCertificateFields(rootCert);
     if ("nodeId" in rootCert.subject) {
       throw new CertificateError(`Root certificate must not contain a nodeId.`);
@@ -626,10 +626,10 @@ var CertificateManager;
         `Root certificate authorityKeyIdentifier must be equal to subjectKeyIdentifier.`
       );
     }
-    import_general.Crypto.verify((0, import_general.PublicKey)(rootCert.ellipticCurvePublicKey), rootCertToAsn1(rootCert), rootCert.signature);
+    await import_general.Crypto.verify((0, import_general.PublicKey)(rootCert.ellipticCurvePublicKey), rootCertToAsn1(rootCert), rootCert.signature);
   }
   CertificateManager2.verifyRootCertificate = verifyRootCertificate;
-  function verifyNodeOperationalCertificate(nocCert, rootCert, icaCert) {
+  async function verifyNodeOperationalCertificate(nocCert, rootCert, icaCert) {
     CertificateManager2.validateGeneralCertificateFields(nocCert);
     if (nocCert.subject.nodeId === void 0 || Array.isArray(nocCert.subject.nodeId)) {
       throw new CertificateError(`Invalid nodeId in NoC certificate: ${import_general.Diagnostic.json(nocCert.subject.nodeId)}`);
@@ -701,14 +701,14 @@ var CertificateManager;
         `Noc certificate authorityKeyIdentifier must be equal to Root/Ica subjectKeyIdentifier.`
       );
     }
-    import_general.Crypto.verify(
+    await import_general.Crypto.verify(
       (0, import_general.PublicKey)((icaCert ?? rootCert).ellipticCurvePublicKey),
       nodeOperationalCertToAsn1(nocCert),
       nocCert.signature
     );
   }
   CertificateManager2.verifyNodeOperationalCertificate = verifyNodeOperationalCertificate;
-  function verifyIntermediateCaCertificate(rootCert, icaCert) {
+  async function verifyIntermediateCaCertificate(rootCert, icaCert) {
     CertificateManager2.validateGeneralCertificateFields(icaCert);
     if ("nodeId" in icaCert.subject) {
       throw new CertificateError(`Ica certificate must not contain a nodeId.`);
@@ -776,10 +776,14 @@ var CertificateManager;
         `Ica certificate authorityKeyIdentifier must be equal to root cert subjectKeyIdentifier.`
       );
     }
-    import_general.Crypto.verify((0, import_general.PublicKey)(rootCert.ellipticCurvePublicKey), intermediateCaCertToAsn1(icaCert), icaCert.signature);
+    await import_general.Crypto.verify(
+      (0, import_general.PublicKey)(rootCert.ellipticCurvePublicKey),
+      intermediateCaCertToAsn1(icaCert),
+      icaCert.signature
+    );
   }
   CertificateManager2.verifyIntermediateCaCertificate = verifyIntermediateCaCertificate;
-  function createCertificateSigningRequest(key) {
+  async function createCertificateSigningRequest(key) {
     const request = {
       version: 0,
       subject: { organization: import_general.X520.OrganisationName("CSR") },
@@ -789,11 +793,11 @@ var CertificateManager;
     return import_general.DerCodec.encode({
       request,
       signAlgorithm: import_general.X962.EcdsaWithSHA256,
-      signature: (0, import_general.BitByteArray)(import_general.Crypto.sign(key, import_general.DerCodec.encode(request), "der"))
+      signature: (0, import_general.BitByteArray)(await import_general.Crypto.sign(key, import_general.DerCodec.encode(request), "der"))
     });
   }
   CertificateManager2.createCertificateSigningRequest = createCertificateSigningRequest;
-  function getPublicKeyFromCsr(csr) {
+  async function getPublicKeyFromCsr(csr) {
     const { [import_general.DerKey.Elements]: rootElements } = import_general.DerCodec.decode(csr);
     if (rootElements?.length !== 3) throw new CertificateError("Invalid CSR data");
     const [requestNode, signAlgorithmNode, signatureNode] = rootElements;
@@ -811,7 +815,7 @@ var CertificateManager;
       signAlgorithmNode[import_general.DerKey.Elements]?.[0]?.[import_general.DerKey.Bytes]
     ))
       throw new CertificateError("Unsupported signature type");
-    import_general.Crypto.verify((0, import_general.PublicKey)(publicKey), import_general.DerCodec.encode(requestNode), signatureNode[import_general.DerKey.Bytes], "der");
+    await import_general.Crypto.verify((0, import_general.PublicKey)(publicKey), import_general.DerCodec.encode(requestNode), signatureNode[import_general.DerKey.Bytes], "der");
     return publicKey;
   }
   CertificateManager2.getPublicKeyFromCsr = getPublicKeyFromCsr;