@matter/protocol 0.15.0-alpha.0-20250616-4b3754906 → 0.15.0-alpha.0-20250619-df2264f15

package/dist/esm/certificate/kinds/X509Base.js

@@ -0,0 +1,347 @@
+/**
+ * @license
+ * Copyright 2022-2025 Matter.js Authors
+ * SPDX-License-Identifier: Apache-2.0
+ */
+import {
+  Bytes,
+  ContextTagged,
+  DatatypeOverride,
+  DerBitString,
+  DerCodec,
+  DerKey,
+  DerType,
+  PublicKey,
+  RawBytes,
+  X509,
+  X520,
+  X962
+} from "#general";
+import { CaseAuthenticatedTag } from "#types";
+import { assertCertificateDerSize, CertificateError } from "./common.js";
+import {
+  FabricId_Matter,
+  FirmwareSigningId_Matter,
+  IcacId_Matter,
+  matterToJsDate,
+  NocCat_Matter,
+  NodeId_Matter,
+  ProductId_Matter,
+  RcacId_Matter,
+  VendorId_Matter
+} from "./definitions/asn.js";
+import { ExtensionKeyUsageSchema } from "./definitions/base.js";
+class X509Base {
+  #signature;
+  #cert;
+  constructor(cert) {
+    this.#cert = cert;
+    if ("signature" in cert) {
+      this.#signature = cert.signature;
+    }
+  }
+  get cert() {
+    return this.#cert;
+  }
+  get isSigned() {
+    return this.#signature !== void 0;
+  }
+  /**
+   * Get the signature of the certificate.
+   * If the certificate is not signed, it throws a CertificateError.
+   */
+  get signature() {
+    if (this.#signature === void 0) {
+      throw new CertificateError("Certificate is not signed");
+    }
+    return this.#signature;
+  }
+  /**
+   * Set the signature of the certificate.
+   * If the certificate is already signed, it throws a CertificateError.
+   */
+  set signature(signature) {
+    if (this.isSigned) {
+      throw new CertificateError("Certificate is already signed");
+    }
+    this.#signature = signature;
+  }
+  /**
+   * Sign the certificate using the provided crypto and key.
+   * It throws a CertificateError if the certificate is already signed.
+   */
+  async sign(crypto, key) {
+    this.signature = await crypto.signEcdsa(key, this.asUnsignedAsn1());
+  }
+  /**
+   * Convert the certificate to ASN.1 DER format without signature.
+   */
+  asUnsignedAsn1() {
+    const certBytes = DerCodec.encode(this.genericBuildAsn1Structure(this.cert));
+    assertCertificateDerSize(certBytes);
+    return certBytes;
+  }
+  /**
+   * Convert the subject or issuer field of the certificate to ASN.1 DER format.
+   * Preserve order of keys from original subject and also copy potential custom elements
+   */
+  #subjectOrIssuerToAsn1(data) {
+    const asn = {};
+    Object.entries(data).forEach(([key, value]) => {
+      if (value === void 0) {
+        return;
+      }
+      switch (key) {
+        case "commonName":
+          asn.commonName = X520.CommonName(value);
+          break;
+        case "sureName":
+          asn.sureName = X520.SurName(value);
+          break;
+        case "serialNum":
+          asn.serialNum = X520.SerialNumber(value);
+          break;
+        case "countryName":
+          asn.countryName = X520.CountryName(value);
+          break;
+        case "localityName":
+          asn.localityName = X520.LocalityName(value);
+          break;
+        case "stateOrProvinceName":
+          asn.stateOrProvinceName = X520.StateOrProvinceName(value);
+          break;
+        case "orgName":
+          asn.orgName = X520.OrganisationName(value);
+          break;
+        case "orgUnitName":
+          asn.orgUnitName = X520.OrganizationalUnitName(value);
+          break;
+        case "title":
+          asn.title = X520.Title(value);
+          break;
+        case "name":
+          asn.name = X520.Name(value);
+          break;
+        case "givenName":
+          asn.givenName = X520.GivenName(value);
+          break;
+        case "initials":
+          asn.initials = X520.Initials(value);
+          break;
+        case "genQualifier":
+          asn.genQualifier = X520.GenerationQualifier(value);
+          break;
+        case "dnQualifier":
+          asn.dnQualifier = X520.DnQualifier(value);
+          break;
+        case "pseudonym":
+          asn.pseudonym = X520.Pseudonym(value);
+          break;
+        case "domainComponent":
+          asn.domainComponent = X520.DomainComponent(value);
+          break;
+        case "nodeId":
+          asn.nodeId = NodeId_Matter(value);
+          break;
+        case "firmwareSigningId":
+          asn.firmwareSigningId = FirmwareSigningId_Matter(value);
+          break;
+        case "icacId":
+          asn.icacId = IcacId_Matter(value);
+          break;
+        case "rcacId":
+          asn.rcacId = RcacId_Matter(value);
+          break;
+        case "fabricId":
+          asn.fabricId = FabricId_Matter(value);
+          break;
+        case "caseAuthenticatedTags":
+          const caseAuthenticatedTags = value;
+          CaseAuthenticatedTag.validateNocTagList(caseAuthenticatedTags);
+          const cat0 = caseAuthenticatedTags[0];
+          const cat1 = caseAuthenticatedTags[1];
+          const cat2 = caseAuthenticatedTags[2];
+          if (cat0 !== void 0) {
+            asn.caseAuthenticatedTag0 = NocCat_Matter(cat0);
+          }
+          if (cat1 !== void 0) {
+            asn.caseAuthenticatedTag1 = NocCat_Matter(cat1);
+          }
+          if (cat2 !== void 0) {
+            asn.caseAuthenticatedTag2 = NocCat_Matter(cat2);
+          }
+          break;
+        case "vendorId":
+          asn.vendorId = VendorId_Matter(value);
+          break;
+        case "productId":
+          asn.productId = ProductId_Matter(value);
+          break;
+        case "commonNamePs":
+          asn.commonNamePs = X520.CommonName(value, true);
+          break;
+        case "sureNamePs":
+          asn.sureNamePs = X520.SurName(value, true);
+          break;
+        case "serialNumPs":
+          asn.serialNumPs = X520.SerialNumber(value, true);
+          break;
+        case "countryNamePs":
+          asn.countryNamePs = X520.CountryName(value, true);
+          break;
+        case "localityNamePs":
+          asn.localityNamePs = X520.LocalityName(value, true);
+          break;
+        case "stateOrProvinceNamePs":
+          asn.stateOrProvinceNamePs = X520.StateOrProvinceName(value, true);
+          break;
+        case "orgNamePs":
+          asn.orgNamePs = X520.OrganisationName(value, true);
+          break;
+        case "orgUnitNamePs":
+          asn.orgUnitNamePs = X520.OrganizationalUnitName(value, true);
+          break;
+        case "titlePs":
+          asn.titlePs = X520.Title(value, true);
+          break;
+        case "namePs":
+          asn.namePs = X520.Name(value, true);
+          break;
+        case "givenNamePs":
+          asn.givenNamePs = X520.GivenName(value, true);
+          break;
+        case "initialsPs":
+          asn.initialsPs = X520.Initials(value, true);
+          break;
+        case "genQualifierPs":
+          asn.genQualifierPs = X520.GenerationQualifier(value, true);
+          break;
+        case "dnQualifierPs":
+          asn.dnQualifierPs = X520.DnQualifier(value, true);
+          break;
+        case "pseudonymPs":
+          asn.pseudonymPs = X520.Pseudonym(value, true);
+          break;
+      }
+    });
+    return asn;
+  }
+  /**
+   * Convert the extensions of the certificate to ASN.1 DER format.
+   */
+  #extensionsToAsn1(extensions) {
+    const asn = {};
+    Object.entries(extensions).forEach(([key, value]) => {
+      if (value === void 0) {
+        return;
+      }
+      switch (key) {
+        case "basicConstraints":
+          asn.basicConstraints = X509.BasicConstraints(value);
+          break;
+        case "keyUsage":
+          asn.keyUsage = X509.KeyUsage(
+            ExtensionKeyUsageSchema.encode(
+              value
+            )
+          );
+          break;
+        case "extendedKeyUsage":
+          asn.extendedKeyUsage = X509.ExtendedKeyUsage(value);
+          break;
+        case "subjectKeyIdentifier":
+          asn.subjectKeyIdentifier = X509.SubjectKeyIdentifier(value);
+          break;
+        case "authorityKeyIdentifier":
+          asn.authorityKeyIdentifier = X509.AuthorityKeyIdentifier(value);
+          break;
+        case "futureExtension":
+          asn.futureExtension = RawBytes(Bytes.concat(...value ?? []));
+          break;
+      }
+    });
+    return asn;
+  }
+  /**
+   * Build the ASN.1 DER structure for the certificate.
+   */
+  genericBuildAsn1Structure({
+    serialNumber,
+    notBefore,
+    notAfter,
+    issuer,
+    subject,
+    ellipticCurvePublicKey,
+    extensions
+  }) {
+    const {
+      basicConstraints: { isCa, pathLen }
+    } = extensions;
+    if (!isCa && pathLen !== void 0) {
+      throw new CertificateError("Path length must be undefined for non-CA certificates.");
+    }
+    return {
+      version: ContextTagged(0, 2),
+      // v3
+      serialNumber: DatatypeOverride(DerType.Integer, serialNumber),
+      signatureAlgorithm: X962.EcdsaWithSHA256,
+      issuer: this.#subjectOrIssuerToAsn1(issuer),
+      validity: {
+        notBefore: matterToJsDate(notBefore),
+        notAfter: matterToJsDate(notAfter)
+      },
+      subject: this.#subjectOrIssuerToAsn1(subject),
+      publicKey: X962.PublicKeyEcPrime256v1(ellipticCurvePublicKey),
+      extensions: ContextTagged(3, this.#extensionsToAsn1(extensions))
+    };
+  }
+  /**
+   * Create a Certificate Signing Request (CSR) in ASN.1 DER format.
+   */
+  static async createCertificateSigningRequest(crypto, key) {
+    const request = {
+      version: 0,
+      subject: { organization: X520.OrganisationName("CSR") },
+      publicKey: X962.PublicKeyEcPrime256v1(key.publicKey),
+      endSignedBytes: ContextTagged(0)
+    };
+    return DerCodec.encode({
+      request,
+      signAlgorithm: X962.EcdsaWithSHA256,
+      signature: DerBitString(await crypto.signEcdsa(key, DerCodec.encode(request), "der"))
+    });
+  }
+  /**
+   * Extract the public key from a Certificate Signing Request (CSR) in ASN.1 DER format.
+   */
+  static async getPublicKeyFromCsr(crypto, csr) {
+    const { [DerKey.Elements]: rootElements } = DerCodec.decode(csr);
+    if (rootElements?.length !== 3) throw new CertificateError("Invalid CSR data");
+    const [requestNode, signAlgorithmNode, signatureNode] = rootElements;
+    const { [DerKey.Elements]: requestElements } = requestNode;
+    if (requestElements?.length !== 4) throw new CertificateError("Invalid CSR data");
+    const [versionNode, _subjectNode, publicKeyNode] = requestElements;
+    const requestVersion = versionNode[DerKey.Bytes][0];
+    if (requestVersion !== 0) throw new CertificateError(`Unsupported request version ${requestVersion}`);
+    const { [DerKey.Elements]: publicKeyElements } = publicKeyNode;
+    if (publicKeyElements?.length !== 2) throw new CertificateError("Invalid CSR data");
+    const [_publicKeyTypeNode, publicKeyBytesNode] = publicKeyElements;
+    const publicKey = publicKeyBytesNode[DerKey.Bytes];
+    if (signAlgorithmNode[DerKey.Elements]?.[0]?.[DerKey.Bytes] === void 0 || !Bytes.areEqual(
+      X962.EcdsaWithSHA256[DerKey.ObjectId][DerKey.Bytes],
+      signAlgorithmNode[DerKey.Elements]?.[0]?.[DerKey.Bytes]
+    ))
+      throw new CertificateError("Unsupported signature type");
+    await crypto.verifyEcdsa(
+      PublicKey(publicKey),
+      DerCodec.encode(requestNode),
+      signatureNode[DerKey.Bytes],
+      "der"
+    );
+    return publicKey;
+  }
+}
+export {
+  X509Base
+};
+//# sourceMappingURL=X509Base.js.map

package/dist/esm/certificate/kinds/X509Base.js.map

@@ -0,0 +1,6 @@
+{
+  "version": 3,
+  "sources": ["../../../../src/certificate/kinds/X509Base.ts"],
+  "mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;AAMA;AAAA,EACI;AAAA,EACA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACG;AACP,SAAS,4BAAkF;AAC3F,SAAS,0BAA0B,wBAAkC;AACrE;AAAA,EACI;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACG;AACP,SAAkC,+BAAgD;AAQ3E,MAAe,SAAqC;AAAA,EACvD;AAAA,EACA;AAAA,EAEA,YAAY,MAAyB;AACjC,SAAK,QAAQ;AACb,QAAI,eAAe,MAAM;AACrB,WAAK,aAAa,KAAK;AAAA,IAC3B;AAAA,EACJ;AAAA,EAEA,IAAI,OAAqB;AACrB,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,WAAW;AACX,WAAO,KAAK,eAAe;AAAA,EAC/B;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,IAAI,YAAY;AACZ,QAAI,KAAK,eAAe,QAAW;AAC/B,YAAM,IAAI,iBAAiB,2BAA2B;AAAA,IAC1D;AACA,WAAO,KAAK;AAAA,EAChB;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,IAAI,UAAU,WAAuB;AACjC,QAAI,KAAK,UAAU;AACf,YAAM,IAAI,iBAAiB,+BAA+B;AAAA,IAC9D;AACA,SAAK,aAAa;AAAA,EACtB;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,KAAK,QAAgB,KAAiB;AACxC,SAAK,YAAY,MAAM,OAAO,UAAU,KAAK,KAAK,eAAe,CAAC;AAAA,EACtE;AAAA;AAAA;AAAA;AAAA,EAKA,iBAA8C;AAC1C,UAAM,YAAY,SAAS,OAAO,KAAK,0BAA0B,KAAK,IAAI,CAAC;AAC3E,6BAAyB,SAAS;AAClC,WAAO;AAAA,EACX;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,uBAAuB,MAAgC;AACnD,UAAM,MAAM,CAAC;AACb,WAAO,QAAQ,IAAI,EAAE,QAAQ,CAAC,CAAC,KAAK,KAAK,MAAM;AAC3C,UAAI,UAAU,QAAW;AACrB;AAAA,MACJ;AACA,cAAQ,KAAK;AAAA,QACT,KAAK;AACD,cAAI,aAAa,KAAK,WAAW,KAAe;AAChD;AAAA,QACJ,KAAK;AACD,cAAI,WAAW,KAAK,QAAQ,KAAe;AAC3C;AAAA,QACJ,KAAK;AACD,cAAI,YAAY,KAAK,aAAa,KAAe;AACjD;AAAA,QACJ,KAAK;AACD,cAAI,cAAc,KAAK,YAAY,KAAe;AAClD;AAAA,QACJ,KAAK;AACD,cAAI,eAAe,KAAK,aAAa,KAAe;AACpD;AAAA,QACJ,KAAK;AACD,cAAI,sBAAsB,KAAK,oBAAoB,KAAe;AAClE;AAAA,QACJ,KAAK;AACD,cAAI,UAAU,KAAK,iBAAiB,KAAe;AACnD;AAAA,QACJ,KAAK;AACD,cAAI,cAAc,KAAK,uBAAuB,KAAe;AAC7D;AAAA,QACJ,KAAK;AACD,cAAI,QAAQ,KAAK,MAAM,KAAe;AACtC;AAAA,QACJ,KAAK;AACD,cAAI,OAAO,KAAK,KAAK,KAAe;AACpC;AAAA,QACJ,KAAK;AACD,cAAI,YAAY,KAAK,UAAU,KAAe;AAC9C;AAAA,QACJ,KAAK;AACD,cAAI,WAAW,KAAK,SAAS,KAAe;AAC5C;AAAA,QACJ,KAAK;AACD,cAAI,eAAe,KAAK,oBAAoB,KAAe;AAC3D;AAAA,QACJ,KAAK;AACD,cAAI,cAAc,KAAK,YAAY,KAAe;AAClD;AAAA,QACJ,KAAK;AACD,cAAI,YAAY,KAAK,UAAU,KAAe;AAC9C;AAAA,QACJ,KAAK;AACD,cAAI,kBAAkB,KAAK,gBAAgB,KAAe;AAC1D;AAAA,QACJ,KAAK;AACD,cAAI,SAAS,cAAc,KAAe;AAC1C;AAAA,QACJ,KAAK;AACD,cAAI,oBAAoB,yBAAyB,KAAe;AAChE;AAAA,QACJ,KAAK;AACD,cAAI,SAAS,cAAc,KAAwB;AACnD;AAAA,QACJ,KAAK;AACD,cAAI,SAAS,cAAc,KAAwB;AACnD;AAAA,QACJ,KAAK;AACD,cAAI,WAAW,gBAAgB,KAAiB;AAChD;AAAA,QACJ,KAAK;AAID,gBAAM,wBAAwB;AAC9B,+BAAqB,mBAAmB,qBAAqB;AAE7D,gBAAM,OAAO,sBAAsB,CAAC;AACpC,gBAAM,OAAO,sBAAsB,CAAC;AACpC,gBAAM,OAAO,sBAAsB,CAAC;AACpC,cAAI,SAAS,QAAW;AACpB,gBAAI,wBAAwB,cAAc,IAAI;AAAA,UAClD;AACA,cAAI,SAAS,QAAW;AACpB,gBAAI,wBAAwB,cAAc,IAAI;AAAA,UAClD;AACA,cAAI,SAAS,QAAW;AACpB,gBAAI,wBAAwB,cAAc,IAAI;AAAA,UAClD;AACA;AAAA,QACJ,KAAK;AACD,cAAI,WAAW,gBAAgB,KAAiB;AAChD;AAAA,QACJ,KAAK;AACD,cAAI,YAAY,iBAAiB,KAAe;AAChD;AAAA,QACJ,KAAK;AACD,cAAI,eAAe,KAAK,WAAW,OAAiB,IAAI;AACxD;AAAA,QACJ,KAAK;AACD,cAAI,aAAa,KAAK,QAAQ,OAAiB,IAAI;AACnD;AAAA,QACJ,KAAK;AACD,cAAI,cAAc,KAAK,aAAa,OAAiB,IAAI;AACzD;AAAA,QACJ,KAAK;AACD,cAAI,gBAAgB,KAAK,YAAY,OAAiB,IAAI;AAC1D;AAAA,QACJ,KAAK;AACD,cAAI,iBAAiB,KAAK,aAAa,OAAiB,IAAI;AAC5D;AAAA,QACJ,KAAK;AACD,cAAI,wBAAwB,KAAK,oBAAoB,OAAiB,IAAI;AAC1E;AAAA,QACJ,KAAK;AACD,cAAI,YAAY,KAAK,iBAAiB,OAAiB,IAAI;AAC3D;AAAA,QACJ,KAAK;AACD,cAAI,gBAAgB,KAAK,uBAAuB,OAAiB,IAAI;AACrE;AAAA,QACJ,KAAK;AACD,cAAI,UAAU,KAAK,MAAM,OAAiB,IAAI;AAC9C;AAAA,QACJ,KAAK;AACD,cAAI,SAAS,KAAK,KAAK,OAAiB,IAAI;AAC5C;AAAA,QACJ,KAAK;AACD,cAAI,cAAc,KAAK,UAAU,OAAiB,IAAI;AACtD;AAAA,QACJ,KAAK;AACD,cAAI,aAAa,KAAK,SAAS,OAAiB,IAAI;AACpD;AAAA,QACJ,KAAK;AACD,cAAI,iBAAiB,KAAK,oBAAoB,OAAiB,IAAI;AACnE;AAAA,QACJ,KAAK;AACD,cAAI,gBAAgB,KAAK,YAAY,OAAiB,IAAI;AAC1D;AAAA,QACJ,KAAK;AACD,cAAI,cAAc,KAAK,UAAU,OAAiB,IAAI;AACtD;AAAA,MACR;AAAA,IACJ,CAAC;AACD,WAAO;AAAA,EACX;AAAA;AAAA;AAAA;AAAA,EAKA,kBAAkB,YAAkC;AAChD,UAAM,MAAM,CAAC;AACb,WAAO,QAAQ,UAAU,EAAE,QAAQ,CAAC,CAAC,KAAK,KAAK,MAAM;AACjD,UAAI,UAAU,QAAW;AACrB;AAAA,MACJ;AACA,cAAQ,KAAK;AAAA,QACT,KAAK;AACD,cAAI,mBAAmB,KAAK,iBAAiB,KAAK;AAClD;AAAA,QACJ,KAAK;AACD,cAAI,WAAW,KAAK;AAAA,YAChB,wBAAwB;AAAA,cACpB;AAAA,YACJ;AAAA,UACJ;AACA;AAAA,QACJ,KAAK;AACD,cAAI,mBAAmB,KAAK,iBAAiB,KAA6B;AAC1E;AAAA,QACJ,KAAK;AACD,cAAI,uBAAuB,KAAK,qBAAqB,KAAmB;AACxE;AAAA,QACJ,KAAK;AACD,cAAI,yBAAyB,KAAK,uBAAuB,KAAmB;AAC5E;AAAA,QACJ,KAAK;AACD,cAAI,kBAAkB,SAAS,MAAM,OAAO,GAAK,SAAsC,CAAC,CAAE,CAAC;AAC3F;AAAA,MACR;AAAA,IACJ,CAAC;AACD,WAAO;AAAA,EACX;AAAA;AAAA;AAAA;AAAA,EAKU,0BAA0B;AAAA,IAChC;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACJ,GAAiB;AACb,UAAM;AAAA,MACF,kBAAkB,EAAE,MAAM,QAAQ;AAAA,IACtC,IAAI;AACJ,QAAI,CAAC,QAAQ,YAAY,QAAW;AAChC,YAAM,IAAI,iBAAiB,wDAAwD;AAAA,IACvF;AACA,WAAO;AAAA,MACH,SAAS,cAAc,GAAG,CAAC;AAAA;AAAA,MAC3B,cAAc,iBAAiB,QAAQ,SAAS,YAAY;AAAA,MAC5D,oBAAoB,KAAK;AAAA,MACzB,QAAQ,KAAK,uBAAuB,MAAM;AAAA,MAC1C,UAAU;AAAA,QACN,WAAW,eAAe,SAAS;AAAA,QACnC,UAAU,eAAe,QAAQ;AAAA,MACrC;AAAA,MACA,SAAS,KAAK,uBAAuB,OAAO;AAAA,MAC5C,WAAW,KAAK,sBAAsB,sBAAsB;AAAA,MAC5D,YAAY,cAAc,GAAG,KAAK,kBAAkB,UAAU,CAAC;AAAA,IACnE;AAAA,EACJ;AAAA;AAAA;AAAA;AAAA,EAKA,aAAa,gCAAgC,QAAgB,KAAU;AACnE,UAAM,UAAU;AAAA,MACZ,SAAS;AAAA,MACT,SAAS,EAAE,cAAc,KAAK,iBAAiB,KAAK,EAAE;AAAA,MACtD,WAAW,KAAK,sBAAsB,IAAI,SAAS;AAAA,MACnD,gBAAgB,cAAc,CAAC;AAAA,IACnC;AAEA,WAAO,SAAS,OAAO;AAAA,MACnB;AAAA,MACA,eAAe,KAAK;AAAA,MACpB,WAAW,aAAa,MAAM,OAAO,UAAU,KAAK,SAAS,OAAO,OAAO,GAAG,KAAK,CAAC;AAAA,IACxF,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA,EAKA,aAAa,oBAAoB,QAAgB,KAAiB;AAC9D,UAAM,EAAE,CAAC,OAAO,QAAQ,GAAG,aAAa,IAAI,SAAS,OAAO,GAAG;AAC/D,QAAI,cAAc,WAAW,EAAG,OAAM,IAAI,iBAAiB,kBAAkB;AAC7E,UAAM,CAAC,aAAa,mBAAmB,aAAa,IAAI;AAGxD,UAAM,EAAE,CAAC,OAAO,QAAQ,GAAG,gBAAgB,IAAI;AAC/C,QAAI,iBAAiB,WAAW,EAAG,OAAM,IAAI,iBAAiB,kBAAkB;AAChF,UAAM,CAAC,aAAa,cAAc,aAAa,IAAI;AACnD,UAAM,iBAAiB,YAAY,OAAO,KAAK,EAAE,CAAC;AAClD,QAAI,mBAAmB,EAAG,OAAM,IAAI,iBAAiB,+BAA+B,cAAc,EAAE;AAGpG,UAAM,EAAE,CAAC,OAAO,QAAQ,GAAG,kBAAkB,IAAI;AACjD,QAAI,mBAAmB,WAAW,EAAG,OAAM,IAAI,iBAAiB,kBAAkB;AAClF,UAAM,CAAC,oBAAoB,kBAAkB,IAAI;AAEjD,UAAM,YAAY,mBAAmB,OAAO,KAAK;AAGjD,QACI,kBAAkB,OAAO,QAAQ,IAAI,CAAC,IAAI,OAAO,KAAK,MAAM,UAC5D,CAAC,MAAM;AAAA,MACH,KAAK,gBAAgB,OAAO,QAAQ,EAAE,OAAO,KAAK;AAAA,MAClD,kBAAkB,OAAO,QAAQ,IAAI,CAAC,IAAI,OAAO,KAAK;AAAA,IAC1D;AAEA,YAAM,IAAI,iBAAiB,4BAA4B;AAC3D,UAAM,OAAO;AAAA,MACT,UAAU,SAAS;AAAA,MACnB,SAAS,OAAO,WAAW;AAAA,MAC3B,cAAc,OAAO,KAAK;AAAA,MAC1B;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AACJ;",
+  "names": []
+}

package/dist/esm/certificate/kinds/common.d.ts

@@ -0,0 +1,18 @@
+/**
+ * @license
+ * Copyright 2022-2025 Matter.js Authors
+ * SPDX-License-Identifier: Apache-2.0
+ */
+import { MatterError } from "#general";
+/**
+ * Matter specific Certificate Sizes
+ * @see {@link MatterSpecification.v13.Core} 6.1.3.
+ */
+export declare const MAX_DER_CERTIFICATE_SIZE = 600;
+export declare class CertificateError extends MatterError {
+}
+export type Unsigned<Type> = {
+    [Property in keyof Type as Exclude<Property, "signature">]: Type[Property];
+};
+export declare function assertCertificateDerSize(certBytes: Uint8Array): void;
+//# sourceMappingURL=common.d.ts.map

package/dist/esm/certificate/kinds/common.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"common.d.ts","sourceRoot":"","sources":["../../../../src/certificate/kinds/common.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,EAAuB,WAAW,EAAE,MAAM,UAAU,CAAC;AAE5D;;;GAGG;AACH,eAAO,MAAM,wBAAwB,MAAM,CAAC;AAE5C,qBAAa,gBAAiB,SAAQ,WAAW;CAAG;AAEpD,MAAM,MAAM,QAAQ,CAAC,IAAI,IAAI;KAAG,QAAQ,IAAI,MAAM,IAAI,IAAI,OAAO,CAAC,QAAQ,EAAE,WAAW,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC;CAAE,CAAC;AAE5G,wBAAgB,wBAAwB,CAAC,SAAS,EAAE,UAAU,QAM7D"}

package/dist/esm/certificate/kinds/common.js

@@ -0,0 +1,22 @@
+/**
+ * @license
+ * Copyright 2022-2025 Matter.js Authors
+ * SPDX-License-Identifier: Apache-2.0
+ */
+import { ImplementationError, MatterError } from "#general";
+const MAX_DER_CERTIFICATE_SIZE = 600;
+class CertificateError extends MatterError {
+}
+function assertCertificateDerSize(certBytes) {
+  if (certBytes.length > MAX_DER_CERTIFICATE_SIZE) {
+    throw new ImplementationError(
+      `Certificate to generate is too big: ${certBytes.length} bytes instead of max ${MAX_DER_CERTIFICATE_SIZE} bytes`
+    );
+  }
+}
+export {
+  CertificateError,
+  MAX_DER_CERTIFICATE_SIZE,
+  assertCertificateDerSize
+};
+//# sourceMappingURL=common.js.map

package/dist/esm/certificate/kinds/common.js.map

@@ -0,0 +1,6 @@
+{
+  "version": 3,
+  "sources": ["../../../../src/certificate/kinds/common.ts"],
+  "mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;AAKA,SAAS,qBAAqB,mBAAmB;AAM1C,MAAM,2BAA2B;AAEjC,MAAM,yBAAyB,YAAY;AAAC;AAI5C,SAAS,yBAAyB,WAAuB;AAC5D,MAAI,UAAU,SAAS,0BAA0B;AAC7C,UAAM,IAAI;AAAA,MACN,uCAAuC,UAAU,MAAM,yBAAyB,wBAAwB;AAAA,IAC5G;AAAA,EACJ;AACJ;",
+  "names": []
+}

package/dist/esm/certificate/kinds/definitions/asn.d.ts

@@ -0,0 +1,25 @@
+/**
+ * @license
+ * Copyright 2022-2025 Matter.js Authors
+ * SPDX-License-Identifier: Apache-2.0
+ */
+import { FabricId, NodeId, VendorId } from "#types";
+export declare function matterToJsDate(date: number): Date;
+export declare function jsToMatterDate(date: Date, addYears?: number): number;
+/** matter-node-id = ASN.1 OID 1.3.6.1.4.1.37244.1.1 */
+export declare const NodeId_Matter: (value: NodeId) => any[];
+/** matter-firmware-signing-id = ASN.1 OID 1.3.6.1.4.1.37244.1.2 */
+export declare const FirmwareSigningId_Matter: (value: number) => any[];
+/** matter-icac-id = ASN.1 OID 1.3.6.1.4.1.37244.1.3 */
+export declare const IcacId_Matter: (value: number | bigint) => any[];
+/** matter-rcac-id = ASN.1 OID 1.3.6.1.4.1.37244.1.4 */
+export declare const RcacId_Matter: (value: number | bigint) => any[];
+/** matter-fabric-id = ASN.1 OID 1.3.6.1.4.1.37244.1.5 */
+export declare const FabricId_Matter: (value: FabricId) => any[];
+/** matter-noc-cat = ASN.1 OID 1.3.6.1.4.1.37244.1.6 */
+export declare const NocCat_Matter: (value: number) => any[];
+/** matter-oid-vid = ASN.1 OID 1.3.6.1.4.1.37244.2.1 */
+export declare const VendorId_Matter: (value: VendorId) => any[];
+/** matter-oid-pid = ASN.1 OID 1.3.6.1.4.1.37244.2.2 */
+export declare const ProductId_Matter: (value: number) => any[];
+//# sourceMappingURL=asn.d.ts.map

package/dist/esm/certificate/kinds/definitions/asn.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"asn.d.ts","sourceRoot":"","sources":["../../../../../src/certificate/kinds/definitions/asn.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,QAAQ,CAAC;AAOpD,wBAAgB,cAAc,CAAC,IAAI,EAAE,MAAM,QAE1C;AAED,wBAAgB,cAAc,CAAC,IAAI,EAAE,IAAI,EAAE,QAAQ,SAAI,UAItD;AAoDD,uDAAuD;AACvD,eAAO,MAAM,aAAa,0BAAuC,CAAC;AAElE,mEAAmE;AACnE,eAAO,MAAM,wBAAwB,0BAAuC,CAAC;AAE7E,uDAAuD;AACvD,eAAO,MAAM,aAAa,mCAAgD,CAAC;AAE3E,uDAAuD;AACvD,eAAO,MAAM,aAAa,mCAAgD,CAAC;AAE3E,yDAAyD;AACzD,eAAO,MAAM,eAAe,4BAAyC,CAAC;AAEtE,uDAAuD;AACvD,eAAO,MAAM,aAAa,0BAAuD,CAAC;AAElF,uDAAuD;AACvD,eAAO,MAAM,eAAe,4BAA0D,CAAC;AAEvF,uDAAuD;AACvD,eAAO,MAAM,gBAAgB,0BAAwD,CAAC"}

package/dist/esm/certificate/kinds/definitions/asn.js

@@ -0,0 +1,63 @@
+/**
+ * @license
+ * Copyright 2022-2025 Matter.js Authors
+ * SPDX-License-Identifier: Apache-2.0
+ */
+import { Bytes, DerObject, X520 } from "#general";
+const YEAR_S = 365 * 24 * 60 * 60;
+const EPOCH_OFFSET_S = 10957 * 24 * 60 * 60;
+function matterToJsDate(date) {
+  return date === 0 ? X520.NON_WELL_DEFINED_DATE : new Date((date + EPOCH_OFFSET_S) * 1e3);
+}
+function jsToMatterDate(date, addYears = 0) {
+  return date.getTime() === X520.NON_WELL_DEFINED_DATE.getTime() ? 0 : Math.floor(date.getTime() / 1e3) - EPOCH_OFFSET_S + addYears * YEAR_S;
+}
+function intTo16Chars(value) {
+  const byteArray = new Uint8Array(8);
+  const dataView = Bytes.dataViewOf(byteArray);
+  dataView.setBigUint64(0, typeof value === "bigint" ? value : BigInt(value));
+  return Bytes.toHex(byteArray).toUpperCase();
+}
+function uInt16To8Chars(value) {
+  const byteArray = new Uint8Array(4);
+  const dataView = Bytes.dataViewOf(byteArray);
+  dataView.setUint32(0, value);
+  return Bytes.toHex(byteArray).toUpperCase();
+}
+function uInt16To4Chars(value) {
+  const byteArray = new Uint8Array(2);
+  const dataView = Bytes.dataViewOf(byteArray);
+  dataView.setUint16(0, value);
+  return Bytes.toHex(byteArray).toUpperCase();
+}
+const GenericMatterOpCertObject = (id, valueConverter) => (value) => [
+  DerObject(`2b0601040182a27c01${id.toString(16).padStart(2, "0")}`, {
+    value: (valueConverter ?? intTo16Chars)(value)
+  })
+];
+const GenericMatterAttCertObject = (id, valueConverter) => (value) => [
+  DerObject(`2b0601040182a27c02${id.toString(16).padStart(2, "0")}`, {
+    value: (valueConverter ?? intTo16Chars)(value)
+  })
+];
+const NodeId_Matter = GenericMatterOpCertObject(1);
+const FirmwareSigningId_Matter = GenericMatterOpCertObject(2);
+const IcacId_Matter = GenericMatterOpCertObject(3);
+const RcacId_Matter = GenericMatterOpCertObject(4);
+const FabricId_Matter = GenericMatterOpCertObject(5);
+const NocCat_Matter = GenericMatterOpCertObject(6, uInt16To8Chars);
+const VendorId_Matter = GenericMatterAttCertObject(1, uInt16To4Chars);
+const ProductId_Matter = GenericMatterAttCertObject(2, uInt16To4Chars);
+export {
+  FabricId_Matter,
+  FirmwareSigningId_Matter,
+  IcacId_Matter,
+  NocCat_Matter,
+  NodeId_Matter,
+  ProductId_Matter,
+  RcacId_Matter,
+  VendorId_Matter,
+  jsToMatterDate,
+  matterToJsDate
+};
+//# sourceMappingURL=asn.js.map

package/dist/esm/certificate/kinds/definitions/asn.js.map

@@ -0,0 +1,6 @@
+{
+  "version": 3,
+  "sources": ["../../../../../src/certificate/kinds/definitions/asn.ts"],
+  "mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;AAMA,SAAS,OAAO,WAAW,YAAY;AAGvC,MAAM,SAAS,MAAM,KAAK,KAAK;AAC/B,MAAM,iBAAiB,QAAQ,KAAK,KAAK;AAIlC,SAAS,eAAe,MAAc;AACzC,SAAO,SAAS,IAAI,KAAK,wBAAwB,IAAI,MAAM,OAAO,kBAAkB,GAAI;AAC5F;AAEO,SAAS,eAAe,MAAY,WAAW,GAAG;AACrD,SAAO,KAAK,QAAQ,MAAM,KAAK,sBAAsB,QAAQ,IACvD,IACA,KAAK,MAAM,KAAK,QAAQ,IAAI,GAAI,IAAI,iBAAiB,WAAW;AAC1E;AAEA,SAAS,aAAa,OAAwB;AAC1C,QAAM,YAAY,IAAI,WAAW,CAAC;AAClC,QAAM,WAAW,MAAM,WAAW,SAAS;AAC3C,WAAS,aAAa,GAAG,OAAO,UAAU,WAAW,QAAQ,OAAO,KAAK,CAAC;AAC1E,SAAO,MAAM,MAAM,SAAS,EAAE,YAAY;AAC9C;AAEA,SAAS,eAAe,OAAe;AACnC,QAAM,YAAY,IAAI,WAAW,CAAC;AAClC,QAAM,WAAW,MAAM,WAAW,SAAS;AAC3C,WAAS,UAAU,GAAG,KAAK;AAC3B,SAAO,MAAM,MAAM,SAAS,EAAE,YAAY;AAC9C;AAEA,SAAS,eAAe,OAAe;AACnC,QAAM,YAAY,IAAI,WAAW,CAAC;AAClC,QAAM,WAAW,MAAM,WAAW,SAAS;AAC3C,WAAS,UAAU,GAAG,KAAK;AAC3B,SAAO,MAAM,MAAM,SAAS,EAAE,YAAY;AAC9C;AAWA,MAAM,4BACF,CAAI,IAAY,mBAChB,CAAC,UAAa;AAAA,EACV,UAAU,qBAAqB,GAAG,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG,CAAC,IAAI;AAAA,IAC/D,QAAQ,kBAAkB,cAAc,KAAY;AAAA,EACxD,CAAC;AACL;AAMJ,MAAM,6BACF,CAAI,IAAY,mBAChB,CAAC,UAAa;AAAA,EACV,UAAU,qBAAqB,GAAG,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG,CAAC,IAAI;AAAA,IAC/D,QAAQ,kBAAkB,cAAc,KAAY;AAAA,EACxD,CAAC;AACL;AAGG,MAAM,gBAAgB,0BAAkC,CAAC;AAGzD,MAAM,2BAA2B,0BAAkC,CAAC;AAGpE,MAAM,gBAAgB,0BAA2C,CAAC;AAGlE,MAAM,gBAAgB,0BAA2C,CAAC;AAGlE,MAAM,kBAAkB,0BAAoC,CAAC;AAG7D,MAAM,gBAAgB,0BAAkC,GAAG,cAAc;AAGzE,MAAM,kBAAkB,2BAAqC,GAAG,cAAc;AAG9E,MAAM,mBAAmB,2BAAmC,GAAG,cAAc;",
+  "names": []
+}

package/dist/esm/certificate/kinds/definitions/attestation.d.ts

@@ -0,0 +1,44 @@
+/**
+ * @license
+ * Copyright 2022-2025 Matter.js Authors
+ * SPDX-License-Identifier: Apache-2.0
+ */
+import { VendorId } from "#types";
+import { X509Certificate } from "./base.js";
+/** Definitions for Matter Attestation certificates (PAA, PAI, DAC) */
+export declare namespace AttestationCertificate {
+    interface Dac extends X509Certificate {
+        issuer: {
+            commonName: string;
+            productId?: number;
+            vendorId: VendorId;
+        };
+        subject: {
+            commonName: string;
+            productId: number;
+            vendorId: VendorId;
+        };
+    }
+    interface Pai extends X509Certificate {
+        issuer: {
+            commonName: string;
+            vendorId?: VendorId;
+        };
+        subject: {
+            commonName: string;
+            productId?: number;
+            vendorId: VendorId;
+        };
+    }
+    interface Paa extends X509Certificate {
+        issuer: {
+            commonName: string;
+            vendorId?: VendorId;
+        };
+        subject: {
+            commonName: string;
+            vendorId?: VendorId;
+        };
+    }
+}
+//# sourceMappingURL=attestation.d.ts.map

package/dist/esm/certificate/kinds/definitions/attestation.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"attestation.d.ts","sourceRoot":"","sources":["../../../../../src/certificate/kinds/definitions/attestation.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,EAAE,QAAQ,EAAE,MAAM,QAAQ,CAAC;AAClC,OAAO,EAAE,eAAe,EAAE,MAAM,WAAW,CAAC;AAE5C,sEAAsE;AACtE,yBAAiB,sBAAsB,CAAC;IACpC,UAAiB,GAAI,SAAQ,eAAe;QACxC,MAAM,EAAE;YACJ,UAAU,EAAE,MAAM,CAAC;YACnB,SAAS,CAAC,EAAE,MAAM,CAAC;YACnB,QAAQ,EAAE,QAAQ,CAAC;SACtB,CAAC;QACF,OAAO,EAAE;YACL,UAAU,EAAE,MAAM,CAAC;YACnB,SAAS,EAAE,MAAM,CAAC;YAClB,QAAQ,EAAE,QAAQ,CAAC;SACtB,CAAC;KACL;IAED,UAAiB,GAAI,SAAQ,eAAe;QACxC,MAAM,EAAE;YACJ,UAAU,EAAE,MAAM,CAAC;YACnB,QAAQ,CAAC,EAAE,QAAQ,CAAC;SACvB,CAAC;QACF,OAAO,EAAE;YACL,UAAU,EAAE,MAAM,CAAC;YACnB,SAAS,CAAC,EAAE,MAAM,CAAC;YACnB,QAAQ,EAAE,QAAQ,CAAC;SACtB,CAAC;KACL;IAED,UAAiB,GAAI,SAAQ,eAAe;QACxC,MAAM,EAAE;YACJ,UAAU,EAAE,MAAM,CAAC;YACnB,QAAQ,CAAC,EAAE,QAAQ,CAAC;SACvB,CAAC;QACF,OAAO,EAAE;YACL,UAAU,EAAE,MAAM,CAAC;YACnB,QAAQ,CAAC,EAAE,QAAQ,CAAC;SACvB,CAAC;KACL;CACJ"}

package/dist/esm/certificate/kinds/definitions/attestation.js

@@ -0,0 +1,6 @@
+/**
+ * @license
+ * Copyright 2022-2025 Matter.js Authors
+ * SPDX-License-Identifier: Apache-2.0
+ */
+//# sourceMappingURL=attestation.js.map

package/dist/esm/certificate/kinds/definitions/attestation.js.map

@@ -0,0 +1,6 @@
+{
+  "version": 3,
+  "sources": ["../../../../../src/certificate/kinds/definitions/attestation.ts"],
+  "mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;",
+  "names": []
+}

package/dist/esm/certificate/kinds/definitions/base.d.ts

@@ -0,0 +1,52 @@
+/**
+ * @license
+ * Copyright 2022-2025 Matter.js Authors
+ * SPDX-License-Identifier: Apache-2.0
+ */
+import { BitFlag, TypeFromPartialBitSchema } from "#types";
+export declare const ExtensionKeyUsageBitmap: {
+    digitalSignature: BitFlag;
+    nonRepudiation: BitFlag;
+    keyEncipherment: BitFlag;
+    dataEncipherment: BitFlag;
+    keyAgreement: BitFlag;
+    keyCertSign: BitFlag;
+    cRLSign: BitFlag;
+    encipherOnly: BitFlag;
+    decipherOnly: BitFlag;
+};
+export declare const ExtensionKeyUsageSchema: import("#types").BitmapSchemaInternal<{
+    digitalSignature: BitFlag;
+    nonRepudiation: BitFlag;
+    keyEncipherment: BitFlag;
+    dataEncipherment: BitFlag;
+    keyAgreement: BitFlag;
+    keyCertSign: BitFlag;
+    cRLSign: BitFlag;
+    encipherOnly: BitFlag;
+    decipherOnly: BitFlag;
+}>;
+export interface X509Certificate {
+    serialNumber: Uint8Array;
+    signatureAlgorithm: number;
+    issuer: {};
+    notBefore: number;
+    notAfter: number;
+    subject: {};
+    publicKeyAlgorithm: number;
+    ellipticCurveIdentifier: number;
+    ellipticCurvePublicKey: Uint8Array;
+    extensions: {
+        basicConstraints: {
+            isCa: boolean;
+            pathLen?: number;
+        };
+        keyUsage: TypeFromPartialBitSchema<typeof ExtensionKeyUsageBitmap>;
+        extendedKeyUsage?: number[];
+        subjectKeyIdentifier: Uint8Array;
+        authorityKeyIdentifier: Uint8Array;
+        futureExtension?: Uint8Array[];
+    };
+    signature: Uint8Array;
+}
+//# sourceMappingURL=base.d.ts.map

package/dist/esm/certificate/kinds/definitions/base.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"base.d.ts","sourceRoot":"","sources":["../../../../../src/certificate/kinds/definitions/base.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,EAAE,OAAO,EAAgB,wBAAwB,EAAE,MAAM,QAAQ,CAAC;AAEzE,eAAO,MAAM,uBAAuB;;;;;;;;;;CAUnC,CAAC;AACF,eAAO,MAAM,uBAAuB;;;;;;;;;;EAAwC,CAAC;AAE7E,MAAM,WAAW,eAAe;IAC5B,YAAY,EAAE,UAAU,CAAC;IACzB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,MAAM,EAAE,EAAE,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,EAAE,CAAC;IACZ,kBAAkB,EAAE,MAAM,CAAC;IAC3B,uBAAuB,EAAE,MAAM,CAAC;IAChC,sBAAsB,EAAE,UAAU,CAAC;IACnC,UAAU,EAAE;QACR,gBAAgB,EAAE;YACd,IAAI,EAAE,OAAO,CAAC;YACd,OAAO,CAAC,EAAE,MAAM,CAAC;SACpB,CAAC;QACF,QAAQ,EAAE,wBAAwB,CAAC,OAAO,uBAAuB,CAAC,CAAC;QACnE,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;QAC5B,oBAAoB,EAAE,UAAU,CAAC;QACjC,sBAAsB,EAAE,UAAU,CAAC;QACnC,eAAe,CAAC,EAAE,UAAU,EAAE,CAAC;KAClC,CAAC;IACF,SAAS,EAAE,UAAU,CAAC;CACzB"}

package/dist/esm/certificate/kinds/definitions/base.js

@@ -0,0 +1,23 @@
+/**
+ * @license
+ * Copyright 2022-2025 Matter.js Authors
+ * SPDX-License-Identifier: Apache-2.0
+ */
+import { BitFlag, BitmapSchema } from "#types";
+const ExtensionKeyUsageBitmap = {
+  digitalSignature: BitFlag(0),
+  nonRepudiation: BitFlag(1),
+  keyEncipherment: BitFlag(2),
+  dataEncipherment: BitFlag(3),
+  keyAgreement: BitFlag(4),
+  keyCertSign: BitFlag(5),
+  cRLSign: BitFlag(6),
+  encipherOnly: BitFlag(7),
+  decipherOnly: BitFlag(8)
+};
+const ExtensionKeyUsageSchema = BitmapSchema(ExtensionKeyUsageBitmap);
+export {
+  ExtensionKeyUsageBitmap,
+  ExtensionKeyUsageSchema
+};
+//# sourceMappingURL=base.js.map

package/dist/esm/certificate/kinds/definitions/base.js.map

@@ -0,0 +1,6 @@
+{
+  "version": 3,
+  "sources": ["../../../../../src/certificate/kinds/definitions/base.ts"],
+  "mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;AAKA,SAAS,SAAS,oBAA8C;AAEzD,MAAM,0BAA0B;AAAA,EACnC,kBAAkB,QAAQ,CAAC;AAAA,EAC3B,gBAAgB,QAAQ,CAAC;AAAA,EACzB,iBAAiB,QAAQ,CAAC;AAAA,EAC1B,kBAAkB,QAAQ,CAAC;AAAA,EAC3B,cAAc,QAAQ,CAAC;AAAA,EACvB,aAAa,QAAQ,CAAC;AAAA,EACtB,SAAS,QAAQ,CAAC;AAAA,EAClB,cAAc,QAAQ,CAAC;AAAA,EACvB,cAAc,QAAQ,CAAC;AAC3B;AACO,MAAM,0BAA0B,aAAa,uBAAuB;",
+  "names": []
+}