@naylence/advanced-security 0.3.5-test.102 → 0.3.5-test.104
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/browser/index.js +4679 -504
- package/dist/browser/index.js.map +1 -1
- package/dist/cjs/naylence/fame/factory-manifest.js +4 -0
- package/dist/cjs/naylence/fame/factory-manifest.js.map +1 -1
- package/dist/cjs/naylence/fame/security/cert/ca-server-cli.js +30 -0
- package/dist/cjs/naylence/fame/security/cert/ca-server-cli.js.map +1 -0
- package/dist/cjs/naylence/fame/security/cert/ca-server.js +171 -0
- package/dist/cjs/naylence/fame/security/cert/ca-server.js.map +1 -0
- package/dist/cjs/naylence/fame/security/cert/default-certificate-manager.js +11 -29
- package/dist/cjs/naylence/fame/security/cert/default-certificate-manager.js.map +1 -1
- package/dist/cjs/naylence/fame/security/cert/index.js +3 -0
- package/dist/cjs/naylence/fame/security/cert/index.js.map +1 -1
- package/dist/cjs/naylence/fame/security/cert/trust-store/browser-trust-store-provider-factory.js +82 -0
- package/dist/cjs/naylence/fame/security/cert/trust-store/browser-trust-store-provider-factory.js.map +1 -0
- package/dist/cjs/naylence/fame/security/cert/trust-store/env-provider.js +46 -1
- package/dist/cjs/naylence/fame/security/cert/trust-store/env-provider.js.map +1 -1
- package/dist/cjs/naylence/fame/security/cert/trust-store/fame-ca-certs-parser.js +51 -14
- package/dist/cjs/naylence/fame/security/cert/trust-store/fame-ca-certs-parser.js.map +1 -1
- package/dist/cjs/naylence/fame/security/cert/trust-store/http-bundle-provider.js +88 -2
- package/dist/cjs/naylence/fame/security/cert/trust-store/http-bundle-provider.js.map +1 -1
- package/dist/cjs/naylence/fame/security/cert/trust-store/node-trust-store-provider-factory.js +61 -0
- package/dist/cjs/naylence/fame/security/cert/trust-store/node-trust-store-provider-factory.js.map +1 -0
- package/dist/cjs/naylence/fame/security/cert/trust-store/static-bundle-provider.js +8 -1
- package/dist/cjs/naylence/fame/security/cert/trust-store/static-bundle-provider.js.map +1 -1
- package/dist/cjs/naylence/fame/security/cert/trust-store/trust-store-provider-factory.js +40 -0
- package/dist/cjs/naylence/fame/security/cert/trust-store/trust-store-provider-factory.js.map +1 -0
- package/dist/cjs/naylence/fame/security/register-advanced-security-factories.js +113 -23
- package/dist/cjs/naylence/fame/security/register-advanced-security-factories.js.map +1 -1
- package/dist/cjs/naylence/fame/security/signing/eddsa-envelope-verifier-factory.js +6 -0
- package/dist/cjs/naylence/fame/security/signing/eddsa-envelope-verifier-factory.js.map +1 -1
- package/dist/cjs/naylence/fame/security/signing/eddsa-envelope-verifier.js +43 -59
- package/dist/cjs/naylence/fame/security/signing/eddsa-envelope-verifier.js.map +1 -1
- package/dist/cjs/version.js +2 -2
- package/dist/esm/naylence/fame/factory-manifest.js +4 -0
- package/dist/esm/naylence/fame/factory-manifest.js.map +1 -1
- package/dist/esm/naylence/fame/security/cert/ca-server-cli.js +30 -0
- package/dist/esm/naylence/fame/security/cert/ca-server-cli.js.map +1 -0
- package/dist/esm/naylence/fame/security/cert/ca-server.js +1 -18
- package/dist/esm/naylence/fame/security/cert/ca-server.js.map +1 -1
- package/dist/esm/naylence/fame/security/cert/default-certificate-manager.js +11 -29
- package/dist/esm/naylence/fame/security/cert/default-certificate-manager.js.map +1 -1
- package/dist/esm/naylence/fame/security/cert/index.js +3 -0
- package/dist/esm/naylence/fame/security/cert/index.js.map +1 -1
- package/dist/esm/naylence/fame/security/cert/trust-store/browser-trust-store-provider-factory.js +82 -0
- package/dist/esm/naylence/fame/security/cert/trust-store/browser-trust-store-provider-factory.js.map +1 -0
- package/dist/esm/naylence/fame/security/cert/trust-store/env-provider.js +46 -1
- package/dist/esm/naylence/fame/security/cert/trust-store/env-provider.js.map +1 -1
- package/dist/esm/naylence/fame/security/cert/trust-store/fame-ca-certs-parser.js +51 -14
- package/dist/esm/naylence/fame/security/cert/trust-store/fame-ca-certs-parser.js.map +1 -1
- package/dist/esm/naylence/fame/security/cert/trust-store/http-bundle-provider.js +88 -2
- package/dist/esm/naylence/fame/security/cert/trust-store/http-bundle-provider.js.map +1 -1
- package/dist/esm/naylence/fame/security/cert/trust-store/node-trust-store-provider-factory.js +61 -0
- package/dist/esm/naylence/fame/security/cert/trust-store/node-trust-store-provider-factory.js.map +1 -0
- package/dist/esm/naylence/fame/security/cert/trust-store/static-bundle-provider.js +8 -1
- package/dist/esm/naylence/fame/security/cert/trust-store/static-bundle-provider.js.map +1 -1
- package/dist/esm/naylence/fame/security/cert/trust-store/trust-store-provider-factory.js +40 -0
- package/dist/esm/naylence/fame/security/cert/trust-store/trust-store-provider-factory.js.map +1 -0
- package/dist/esm/naylence/fame/security/register-advanced-security-factories.js +113 -23
- package/dist/esm/naylence/fame/security/register-advanced-security-factories.js.map +1 -1
- package/dist/esm/naylence/fame/security/signing/eddsa-envelope-verifier-factory.js +6 -0
- package/dist/esm/naylence/fame/security/signing/eddsa-envelope-verifier-factory.js.map +1 -1
- package/dist/esm/naylence/fame/security/signing/eddsa-envelope-verifier.js +43 -59
- package/dist/esm/naylence/fame/security/signing/eddsa-envelope-verifier.js.map +1 -1
- package/dist/esm/version.js +2 -2
- package/dist/types/naylence/fame/factory-manifest.d.ts +1 -1
- package/dist/types/naylence/fame/factory-manifest.d.ts.map +1 -1
- package/dist/types/naylence/fame/security/cert/ca-server-cli.d.ts +3 -0
- package/dist/types/naylence/fame/security/cert/ca-server-cli.d.ts.map +1 -0
- package/dist/types/naylence/fame/security/cert/ca-server.d.ts +2 -2
- package/dist/types/naylence/fame/security/cert/ca-server.d.ts.map +1 -1
- package/dist/types/naylence/fame/security/cert/default-certificate-manager.d.ts.map +1 -1
- package/dist/types/naylence/fame/security/cert/index.d.ts +4 -0
- package/dist/types/naylence/fame/security/cert/index.d.ts.map +1 -1
- package/dist/types/naylence/fame/security/cert/trust-store/browser-trust-store-provider-factory.d.ts +29 -0
- package/dist/types/naylence/fame/security/cert/trust-store/browser-trust-store-provider-factory.d.ts.map +1 -0
- package/dist/types/naylence/fame/security/cert/trust-store/env-provider.d.ts.map +1 -1
- package/dist/types/naylence/fame/security/cert/trust-store/fame-ca-certs-parser.d.ts.map +1 -1
- package/dist/types/naylence/fame/security/cert/trust-store/http-bundle-provider.d.ts +5 -1
- package/dist/types/naylence/fame/security/cert/trust-store/http-bundle-provider.d.ts.map +1 -1
- package/dist/types/naylence/fame/security/cert/trust-store/node-trust-store-provider-factory.d.ts +23 -0
- package/dist/types/naylence/fame/security/cert/trust-store/node-trust-store-provider-factory.d.ts.map +1 -0
- package/dist/types/naylence/fame/security/cert/trust-store/static-bundle-provider.d.ts +2 -0
- package/dist/types/naylence/fame/security/cert/trust-store/static-bundle-provider.d.ts.map +1 -1
- package/dist/types/naylence/fame/security/cert/trust-store/trust-store-provider-factory.d.ts +28 -0
- package/dist/types/naylence/fame/security/cert/trust-store/trust-store-provider-factory.d.ts.map +1 -0
- package/dist/types/naylence/fame/security/cert/trust-store/trust-store-provider.d.ts +6 -0
- package/dist/types/naylence/fame/security/cert/trust-store/trust-store-provider.d.ts.map +1 -1
- package/dist/types/naylence/fame/security/register-advanced-security-factories.d.ts.map +1 -1
- package/dist/types/naylence/fame/security/signing/eddsa-envelope-verifier-factory.d.ts.map +1 -1
- package/dist/types/naylence/fame/security/signing/eddsa-envelope-verifier.d.ts +5 -0
- package/dist/types/naylence/fame/security/signing/eddsa-envelope-verifier.d.ts.map +1 -1
- package/dist/types/version.d.ts +1 -1
- package/package.json +3 -3
|
@@ -1,12 +1,66 @@
|
|
|
1
1
|
import { Registry } from "@naylence/factory";
|
|
2
|
-
import { MODULES } from "../factory-manifest.js";
|
|
2
|
+
import { MODULES, MODULE_LOADERS, } from "../factory-manifest.js";
|
|
3
3
|
import { getEncryptionManagerFactoryRegistry } from "./encryption/encryption-manager-registry.js";
|
|
4
4
|
const SECURITY_PREFIX = "./security/";
|
|
5
5
|
const SECURITY_MODULES = MODULES.filter((spec) => spec.startsWith(SECURITY_PREFIX));
|
|
6
6
|
const EXTRA_MODULES = MODULES.filter((spec) => !spec.startsWith(SECURITY_PREFIX));
|
|
7
7
|
const NODE_ONLY_MODULES = new Set([
|
|
8
8
|
"./security/cert/default-ca-service-factory.js",
|
|
9
|
-
"./security/cert/
|
|
9
|
+
"./security/cert/trust-store/node-trust-store-provider-factory.js",
|
|
10
|
+
]);
|
|
11
|
+
const MODULE_SPECIFIER_OVERRIDES = new Map([
|
|
12
|
+
[
|
|
13
|
+
"../security/cert/default-certificate-manager-factory.ts",
|
|
14
|
+
"@naylence/advanced-security/dist/esm/naylence/fame/security/cert/default-certificate-manager-factory.js",
|
|
15
|
+
],
|
|
16
|
+
[
|
|
17
|
+
"../security/cert/trust-store/browser-trust-store-provider-factory.ts",
|
|
18
|
+
"@naylence/advanced-security/dist/esm/naylence/fame/security/cert/trust-store/browser-trust-store-provider-factory.js",
|
|
19
|
+
],
|
|
20
|
+
[
|
|
21
|
+
"../security/cert/trust-store/node-trust-store-provider-factory.ts",
|
|
22
|
+
"@naylence/advanced-security/dist/esm/naylence/fame/security/cert/trust-store/node-trust-store-provider-factory.js",
|
|
23
|
+
],
|
|
24
|
+
[
|
|
25
|
+
"../security/encryption/channel/channel-encryption-manager-factory.ts",
|
|
26
|
+
"@naylence/advanced-security/dist/esm/naylence/fame/security/encryption/channel/channel-encryption-manager-factory.js",
|
|
27
|
+
],
|
|
28
|
+
[
|
|
29
|
+
"../security/encryption/composite-encryption-manager-factory.ts",
|
|
30
|
+
"@naylence/advanced-security/dist/esm/naylence/fame/security/encryption/composite-encryption-manager-factory.js",
|
|
31
|
+
],
|
|
32
|
+
[
|
|
33
|
+
"../security/encryption/default-secure-channel-manager-factory.ts",
|
|
34
|
+
"@naylence/advanced-security/dist/esm/naylence/fame/security/encryption/default-secure-channel-manager-factory.js",
|
|
35
|
+
],
|
|
36
|
+
[
|
|
37
|
+
"../security/encryption/sealed/x25519-encryption-manager-factory.ts",
|
|
38
|
+
"@naylence/advanced-security/dist/esm/naylence/fame/security/encryption/sealed/x25519-encryption-manager-factory.js",
|
|
39
|
+
],
|
|
40
|
+
[
|
|
41
|
+
"../security/keys/x5c-key-manager-factory.ts",
|
|
42
|
+
"@naylence/advanced-security/dist/esm/naylence/fame/security/keys/x5c-key-manager-factory.js",
|
|
43
|
+
],
|
|
44
|
+
[
|
|
45
|
+
"../security/signing/eddsa-envelope-signer-factory.ts",
|
|
46
|
+
"@naylence/advanced-security/dist/esm/naylence/fame/security/signing/eddsa-envelope-signer-factory.js",
|
|
47
|
+
],
|
|
48
|
+
[
|
|
49
|
+
"../security/signing/eddsa-envelope-verifier-factory.ts",
|
|
50
|
+
"@naylence/advanced-security/dist/esm/naylence/fame/security/signing/eddsa-envelope-verifier-factory.js",
|
|
51
|
+
],
|
|
52
|
+
[
|
|
53
|
+
"../stickiness/aft-load-balancer-stickiness-manager-factory.ts",
|
|
54
|
+
"@naylence/advanced-security/dist/esm/naylence/fame/stickiness/aft-load-balancer-stickiness-manager-factory.js",
|
|
55
|
+
],
|
|
56
|
+
[
|
|
57
|
+
"../stickiness/aft-replica-stickiness-manager-factory.ts",
|
|
58
|
+
"@naylence/advanced-security/dist/esm/naylence/fame/stickiness/aft-replica-stickiness-manager-factory.js",
|
|
59
|
+
],
|
|
60
|
+
[
|
|
61
|
+
"../welcome/advanced-welcome-service-factory.ts",
|
|
62
|
+
"@naylence/advanced-security/dist/esm/naylence/fame/welcome/advanced-welcome-service-factory.js",
|
|
63
|
+
],
|
|
10
64
|
]);
|
|
11
65
|
const registeredModules = new Set();
|
|
12
66
|
const inflightModules = new Map();
|
|
@@ -24,7 +78,10 @@ function shouldSkipModule(spec) {
|
|
|
24
78
|
return false;
|
|
25
79
|
}
|
|
26
80
|
if (!browserSkippedModules.has(spec)) {
|
|
27
|
-
console.warn(
|
|
81
|
+
// console.warn(
|
|
82
|
+
// "[advanced-security:factory-manifest] skipped browser-incompatible module",
|
|
83
|
+
// spec,
|
|
84
|
+
// );
|
|
28
85
|
browserSkippedModules.add(spec);
|
|
29
86
|
}
|
|
30
87
|
return true;
|
|
@@ -32,38 +89,71 @@ function shouldSkipModule(spec) {
|
|
|
32
89
|
function resolveModuleCandidates(spec) {
|
|
33
90
|
const base = spec.startsWith("./") ? `../${spec.slice(2)}` : spec;
|
|
34
91
|
if (base.endsWith(".js")) {
|
|
35
|
-
|
|
92
|
+
const tsCandidate = base.replace(/\.js$/u, ".ts");
|
|
93
|
+
const override = MODULE_SPECIFIER_OVERRIDES.get(tsCandidate);
|
|
94
|
+
if (override) {
|
|
95
|
+
return [override, base];
|
|
96
|
+
}
|
|
97
|
+
return [tsCandidate, base];
|
|
36
98
|
}
|
|
37
99
|
return [base];
|
|
38
100
|
}
|
|
101
|
+
function getDynamicImporter() {
|
|
102
|
+
if (typeof globalThis === "undefined") {
|
|
103
|
+
return null;
|
|
104
|
+
}
|
|
105
|
+
const candidate = globalThis.__naylenceFactoryDynamicImporter;
|
|
106
|
+
if (typeof candidate === "function") {
|
|
107
|
+
return candidate;
|
|
108
|
+
}
|
|
109
|
+
return null;
|
|
110
|
+
}
|
|
39
111
|
async function registerModule(spec, registrar) {
|
|
40
112
|
const candidates = resolveModuleCandidates(spec);
|
|
113
|
+
const dynamicImporter = getDynamicImporter();
|
|
114
|
+
const loader = dynamicImporter
|
|
115
|
+
? (specifier) => dynamicImporter(specifier)
|
|
116
|
+
: (specifier) => import(/* @vite-ignore */ specifier);
|
|
117
|
+
const attempts = [];
|
|
118
|
+
const staticLoader = MODULE_LOADERS?.[spec];
|
|
119
|
+
if (staticLoader) {
|
|
120
|
+
attempts.push({ load: () => staticLoader(), candidate: spec });
|
|
121
|
+
}
|
|
41
122
|
for (const candidate of candidates) {
|
|
123
|
+
attempts.push({ load: () => loader(candidate), candidate });
|
|
124
|
+
}
|
|
125
|
+
const registerFromModule = (mod) => {
|
|
126
|
+
const meta = mod.FACTORY_META;
|
|
127
|
+
const Ctor = mod.default;
|
|
128
|
+
if (!meta?.base || !meta?.key || typeof Ctor !== "function") {
|
|
129
|
+
console.warn("[debug] invalid factory module", spec, {
|
|
130
|
+
meta,
|
|
131
|
+
hasCtor: typeof Ctor === "function",
|
|
132
|
+
});
|
|
133
|
+
console.warn("[advanced-security:factory-manifest] skipped", spec, "— missing FACTORY_META or default export ctor");
|
|
134
|
+
return false;
|
|
135
|
+
}
|
|
136
|
+
const { base, key, ...metadata } = meta;
|
|
137
|
+
const extraMetadata = Object.keys(metadata).length > 0 ? metadata : undefined;
|
|
138
|
+
//console.log("[debug] registering module", { spec, base, key, metadata: extraMetadata });
|
|
139
|
+
registrar.registerFactory(base, key, Ctor, extraMetadata);
|
|
140
|
+
return true;
|
|
141
|
+
};
|
|
142
|
+
for (const [index, { candidate, load }] of attempts.entries()) {
|
|
42
143
|
try {
|
|
43
|
-
const mod = await
|
|
44
|
-
|
|
45
|
-
const Ctor = mod.default;
|
|
46
|
-
if (!meta?.base || !meta?.key || typeof Ctor !== "function") {
|
|
47
|
-
console.warn("[debug] invalid factory module", spec, {
|
|
48
|
-
meta,
|
|
49
|
-
hasCtor: typeof Ctor === "function",
|
|
50
|
-
});
|
|
51
|
-
console.warn("[advanced-security:factory-manifest] skipped", spec, "— missing FACTORY_META or default export ctor");
|
|
52
|
-
return false;
|
|
53
|
-
}
|
|
54
|
-
const { base, key, ...metadata } = meta;
|
|
55
|
-
const extraMetadata = Object.keys(metadata).length > 0 ? metadata : undefined;
|
|
56
|
-
//console.log("[debug] registering module", { spec, base, key, metadata: extraMetadata });
|
|
57
|
-
registrar.registerFactory(base, key, Ctor, extraMetadata);
|
|
58
|
-
return true;
|
|
144
|
+
const mod = await load();
|
|
145
|
+
return registerFromModule(mod);
|
|
59
146
|
}
|
|
60
147
|
catch (error) {
|
|
61
148
|
const message = error instanceof Error ? error.message : String(error);
|
|
62
149
|
const moduleNotFound = message.includes("Cannot find module") ||
|
|
63
150
|
message.includes("ERR_MODULE_NOT_FOUND") ||
|
|
64
|
-
message.includes("Unknown file extension")
|
|
65
|
-
|
|
66
|
-
|
|
151
|
+
message.includes("Unknown file extension") ||
|
|
152
|
+
message.includes("Failed to fetch dynamically imported module") ||
|
|
153
|
+
message.includes("Failed to resolve module specifier") ||
|
|
154
|
+
message.includes("Importing a module script failed");
|
|
155
|
+
const isLastAttempt = index === attempts.length - 1;
|
|
156
|
+
if (!moduleNotFound || isLastAttempt) {
|
|
67
157
|
console.warn("[debug] failed to import candidate", {
|
|
68
158
|
spec,
|
|
69
159
|
candidate,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"register-advanced-security-factories.js","sourceRoot":"","sources":["../../../../../src/naylence/fame/security/register-advanced-security-factories.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAC;AAE7C,OAAO,
|
|
1
|
+
{"version":3,"file":"register-advanced-security-factories.js","sourceRoot":"","sources":["../../../../../src/naylence/fame/security/register-advanced-security-factories.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAC;AAE7C,OAAO,EACL,OAAO,EACP,cAAc,GAGf,MAAM,wBAAwB,CAAC;AAChC,OAAO,EAAE,mCAAmC,EAAE,MAAM,6CAA6C,CAAC;AAgBlG,MAAM,eAAe,GAAG,aAAsB,CAAC;AAC/C,MAAM,gBAAgB,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAC/C,IAAI,CAAC,UAAU,CAAC,eAAe,CAAC,CACjC,CAAC;AACF,MAAM,aAAa,GAAG,OAAO,CAAC,MAAM,CAClC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,eAAe,CAAC,CAC5C,CAAC;AAEF,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAoB;IACnD,+CAA+C;IAC/C,kEAAkE;CACnE,CAAC,CAAC;AAEH,MAAM,0BAA0B,GAAG,IAAI,GAAG,CAAiB;IACzD;QACE,yDAAyD;QACzD,yGAAyG;KAC1G;IACD;QACE,sEAAsE;QACtE,sHAAsH;KACvH;IACD;QACE,mEAAmE;QACnE,mHAAmH;KACpH;IACD;QACE,sEAAsE;QACtE,sHAAsH;KACvH;IACD;QACE,gEAAgE;QAChE,gHAAgH;KACjH;IACD;QACE,kEAAkE;QAClE,kHAAkH;KACnH;IACD;QACE,oEAAoE;QACpE,oHAAoH;KACrH;IACD;QACE,6CAA6C;QAC7C,6FAA6F;KAC9F;IACD;QACE,sDAAsD;QACtD,sGAAsG;KACvG;IACD;QACE,wDAAwD;QACxD,wGAAwG;KACzG;IACD;QACE,+DAA+D;QAC/D,+GAA+G;KAChH;IACD;QACE,yDAAyD;QACzD,yGAAyG;KAC1G;IACD;QACE,gDAAgD;QAChD,gGAAgG;KACjG;CACF,CAAC,CAAC;AAEH,MAAM,iBAAiB,GAAG,IAAI,GAAG,EAAqB,CAAC;AACvD,MAAM,eAAe,GAAG,IAAI,GAAG,EAAuC,CAAC;AACvE,MAAM,qBAAqB,GAAG,IAAI,GAAG,EAAqB,CAAC;AAE3D,SAAS,iBAAiB;IACxB,OAAO,CACL,OAAO,OAAO,KAAK,WAAW;QAC9B,OAAO,OAAO,CAAC,OAAO,KAAK,WAAW;QACtC,OAAO,CAAC,OAAO,EAAE,IAAI,KAAK,MAAM,CACjC,CAAC;AACJ,CAAC;AAED,SAAS,gBAAgB,CAAC,IAAuB;IAC/C,IAAI,iBAAiB,EAAE,EAAE,CAAC;QACxB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;QACjC,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;QACrC,gBAAgB;QAChB,gFAAgF;QAChF,UAAU;QACV,KAAK;QACL,qBAAqB,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IAClC,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,uBAAuB,CAAC,IAAuB;IACtD,MAAM,IAAI,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;IAElE,IAAI,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,MAAM,WAAW,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QAClD,MAAM,QAAQ,GAAG,0BAA0B,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QAC7D,IAAI,QAAQ,EAAE,CAAC;YACb,OAAO,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;QAC1B,CAAC;QACD,OAAO,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;IAC7B,CAAC;IAED,OAAO,CAAC,IAAI,CAAC,CAAC;AAChB,CAAC;AAED,SAAS,kBAAkB;IACzB,IAAI,OAAO,UAAU,KAAK,WAAW,EAAE,CAAC;QACtC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,SAAS,GAAI,UAEjB,CAAC,gCAAgC,CAAC;IAEpC,IAAI,OAAO,SAAS,KAAK,UAAU,EAAE,CAAC;QACpC,OAAO,SAA4B,CAAC;IACtC,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,KAAK,UAAU,cAAc,CAC3B,IAAuB,EACvB,SAA2B;IAE3B,MAAM,UAAU,GAAG,uBAAuB,CAAC,IAAI,CAAC,CAAC;IACjD,MAAM,eAAe,GAAG,kBAAkB,EAAE,CAAC;IAC7C,MAAM,MAAM,GAAG,eAAe;QAC5B,CAAC,CAAC,CAAC,SAAiB,EAAE,EAAE,CAAC,eAAe,CAAC,SAAS,CAAC;QACnD,CAAC,CAAC,CAAC,SAAiB,EAAE,EAAE,CAAC,MAAM,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC;IAEhE,MAAM,QAAQ,GAGT,EAAE,CAAC;IAER,MAAM,YAAY,GAAG,cAAc,EAAE,CAAC,IAAI,CAE7B,CAAC;IACd,IAAI,YAAY,EAAE,CAAC;QACjB,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,YAAY,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACjE,CAAC;IAED,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;QACnC,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC;IAC9D,CAAC;IAED,MAAM,kBAAkB,GAAG,CAAC,GAAY,EAAW,EAAE;QACnD,MAAM,IAAI,GAAI,GAA+B,CAAC,YAEjC,CAAC;QACd,MAAM,IAAI,GAAI,GAA+B,CAAC,OAEjC,CAAC;QAEd,IAAI,CAAC,IAAI,EAAE,IAAI,IAAI,CAAC,IAAI,EAAE,GAAG,IAAI,OAAO,IAAI,KAAK,UAAU,EAAE,CAAC;YAC5D,OAAO,CAAC,IAAI,CAAC,gCAAgC,EAAE,IAAI,EAAE;gBACnD,IAAI;gBACJ,OAAO,EAAE,OAAO,IAAI,KAAK,UAAU;aACpC,CAAC,CAAC;YACH,OAAO,CAAC,IAAI,CACV,8CAA8C,EAC9C,IAAI,EACJ,+CAA+C,CAChD,CAAC;YACF,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,QAAQ,EAAE,GAAG,IAAI,CAAC;QACxC,MAAM,aAAa,GACjB,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;QAE1D,0FAA0F;QAC1F,SAAS,CAAC,eAAe,CAAC,IAAI,EAAE,GAAG,EAAE,IAAI,EAAE,aAAa,CAAC,CAAC;QAC1D,OAAO,IAAI,CAAC;IACd,CAAC,CAAC;IAEF,KAAK,MAAM,CAAC,KAAK,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,IAAI,QAAQ,CAAC,OAAO,EAAE,EAAE,CAAC;QAC9D,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,MAAM,IAAI,EAAE,CAAC;YACzB,OAAO,kBAAkB,CAAC,GAAG,CAAC,CAAC;QACjC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,OAAO,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACvE,MAAM,cAAc,GAClB,OAAO,CAAC,QAAQ,CAAC,oBAAoB,CAAC;gBACtC,OAAO,CAAC,QAAQ,CAAC,sBAAsB,CAAC;gBACxC,OAAO,CAAC,QAAQ,CAAC,wBAAwB,CAAC;gBAC1C,OAAO,CAAC,QAAQ,CAAC,6CAA6C,CAAC;gBAC/D,OAAO,CAAC,QAAQ,CAAC,oCAAoC,CAAC;gBACtD,OAAO,CAAC,QAAQ,CAAC,kCAAkC,CAAC,CAAC;YAEvD,MAAM,aAAa,GAAG,KAAK,KAAK,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC;YACpD,IAAI,CAAC,cAAc,IAAI,aAAa,EAAE,CAAC;gBACrC,OAAO,CAAC,IAAI,CAAC,oCAAoC,EAAE;oBACjD,IAAI;oBACJ,SAAS;oBACT,OAAO;iBACR,CAAC,CAAC;gBACH,OAAO,CAAC,IAAI,CACV,8CAA8C,EAC9C,IAAI,EACJ,GAAG,EACH,OAAO,CACR,CAAC;gBACF,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED,KAAK,UAAU,kBAAkB,CAC/B,IAAuB,EACvB,SAA2B;IAE3B,IAAI,iBAAiB,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;QAChC,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,QAAQ,GAAG,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IAC3C,IAAI,QAAQ,EAAE,CAAC;QACb,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,MAAM,YAAY,GAAG,CAAC,KAAK,IAAI,EAAE;QAC/B,MAAM,UAAU,GAAG,MAAM,cAAc,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;QACzD,IAAI,UAAU,EAAE,CAAC;YACf,iBAAiB,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAC9B,CAAC;QACD,OAAO,UAAU,CAAC;IACpB,CAAC,CAAC,EAAE,CAAC;IAEL,eAAe,CAAC,GAAG,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;IAExC,IAAI,CAAC;QACH,OAAO,MAAM,YAAY,CAAC;IAC5B,CAAC;YAAS,CAAC;QACT,eAAe,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAC/B,CAAC;AACH,CAAC;AAED,KAAK,UAAU,eAAe,CAC5B,OAAqC,EACrC,SAA2B;IAE3B,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,CAAC,CAAC;IACX,CAAC;IAED,MAAM,eAAe,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC;IAC1E,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACjC,OAAO,CAAC,CAAC;IACX,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAC/B,eAAe,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,kBAAkB,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC,CACnE,CAAC;IACF,OAAO,OAAO,CAAC,MAAM,CACnB,CAAC,KAAK,EAAE,UAAU,EAAE,EAAE,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,EACvD,CAAC,CACF,CAAC;AACJ,CAAC;AAMD,MAAM,CAAC,KAAK,UAAU,iCAAiC,CACrD,YAA8B,QAAQ,EACtC,OAAkD;IAElD,MAAM,uBAAuB,GAAG,MAAM,eAAe,CACnD,gBAAgB,EAChB,SAAS,CACV,CAAC;IAEF,IAAI,uBAAuB,GAAG,CAAC,EAAE,CAAC;QAChC,mCAAmC,EAAE,CAAC,gBAAgB,EAAE,CAAC;IAC3D,CAAC;IAED,IAAI,OAAO,EAAE,aAAa,KAAK,IAAI,EAAE,CAAC;QACpC,MAAM,eAAe,CAAC,aAAa,EAAE,SAAS,CAAC,CAAC;IAClD,CAAC;AACH,CAAC"}
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
import { ENVELOPE_VERIFIER_FACTORY_BASE_TYPE, EnvelopeVerifierFactory, SigningConfigClass, } from "@naylence/runtime";
|
|
2
2
|
import { EdDSAEnvelopeVerifier, } from "./eddsa-envelope-verifier.js";
|
|
3
|
+
import { TrustStoreProviderFactory } from "../cert/trust-store/trust-store-provider-factory.js";
|
|
3
4
|
export const FACTORY_META = {
|
|
4
5
|
base: ENVELOPE_VERIFIER_FACTORY_BASE_TYPE,
|
|
5
6
|
key: "EdDSAEnvelopeVerifier",
|
|
@@ -17,8 +18,13 @@ export class AdvancedEdDSAEnvelopeVerifierFactory extends EnvelopeVerifierFactor
|
|
|
17
18
|
if (!keyProvider) {
|
|
18
19
|
throw new Error("EdDSAEnvelopeVerifierFactory requires a key provider");
|
|
19
20
|
}
|
|
21
|
+
let trustStoreProvider = options.trustStoreProvider ?? null;
|
|
22
|
+
if (!trustStoreProvider) {
|
|
23
|
+
trustStoreProvider = await TrustStoreProviderFactory.createTrustStoreProvider();
|
|
24
|
+
}
|
|
20
25
|
const resolved = {
|
|
21
26
|
signingConfig: options.signingConfig ?? signingConfig ?? new SigningConfigClass(),
|
|
27
|
+
trustStoreProvider,
|
|
22
28
|
};
|
|
23
29
|
return new EdDSAEnvelopeVerifier(keyProvider, resolved);
|
|
24
30
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"eddsa-envelope-verifier-factory.js","sourceRoot":"","sources":["../../../../../../src/naylence/fame/security/signing/eddsa-envelope-verifier-factory.ts"],"names":[],"mappings":"AACA,OAAO,EACL,mCAAmC,EACnC,uBAAuB,EACvB,kBAAkB,GAGnB,MAAM,mBAAmB,CAAC;AAE3B,OAAO,EACL,qBAAqB,GAGtB,MAAM,8BAA8B,CAAC;
|
|
1
|
+
{"version":3,"file":"eddsa-envelope-verifier-factory.js","sourceRoot":"","sources":["../../../../../../src/naylence/fame/security/signing/eddsa-envelope-verifier-factory.ts"],"names":[],"mappings":"AACA,OAAO,EACL,mCAAmC,EACnC,uBAAuB,EACvB,kBAAkB,GAGnB,MAAM,mBAAmB,CAAC;AAE3B,OAAO,EACL,qBAAqB,GAGtB,MAAM,8BAA8B,CAAC;AACtC,OAAO,EAAE,yBAAyB,EAAE,MAAM,qDAAqD,CAAC;AAMhG,MAAM,CAAC,MAAM,YAAY,GAAG;IAC1B,IAAI,EAAE,mCAAmC;IACzC,GAAG,EAAE,uBAAuB;IAC5B,SAAS,EAAE,IAAI;IACf,QAAQ,EAAE,GAAG;CACL,CAAC;AAIX,MAAM,OAAO,oCAAqC,SAAQ,uBAAoD;IAA9G;;QACkB,SAAI,GAAG,uBAAuB,CAAC;QAC/B,cAAS,GAAG,IAAI,CAAC;QACjB,aAAQ,GAAG,GAAG,CAAC;IAyBjC,CAAC;IAvBQ,KAAK,CAAC,MAAM,CACjB,OAAsE,EACtE,WAAgC,EAChC,aAAoC,EACpC,UAAwC,EAAE;QAE1C,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;QAC1E,CAAC;QAED,IAAI,kBAAkB,GAAG,OAAO,CAAC,kBAAkB,IAAI,IAAI,CAAC;QAC5D,IAAI,CAAC,kBAAkB,EAAE,CAAC;YACxB,kBAAkB,GAAG,MAAM,yBAAyB,CAAC,wBAAwB,EAAE,CAAC;QAClF,CAAC;QAED,MAAM,QAAQ,GAAiC;YAC7C,aAAa,EACX,OAAO,CAAC,aAAa,IAAI,aAAa,IAAI,IAAI,kBAAkB,EAAE;YACpE,kBAAkB;SACnB,CAAC;QAEF,OAAO,IAAI,qBAAqB,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;IAC1D,CAAC;CACF;AAED,eAAe,oCAAoC,CAAC"}
|
|
@@ -58,7 +58,7 @@ function normalizeCertificateKey(jwk, signingConfig, trustStorePem) {
|
|
|
58
58
|
throw new Error("Certificate keys are disabled by signing policy");
|
|
59
59
|
}
|
|
60
60
|
if (!trustStorePem) {
|
|
61
|
-
throw new Error("
|
|
61
|
+
throw new Error("Certificate-based verification requires a configured trust store provider (for example, configure FAME_CA_CERTS).");
|
|
62
62
|
}
|
|
63
63
|
const publicKey = publicKeyFromX5c(jwk.x5c, {
|
|
64
64
|
enforceNameConstraints: signingConfig.validateCertNameConstraints,
|
|
@@ -69,59 +69,52 @@ function normalizeCertificateKey(jwk, signingConfig, trustStorePem) {
|
|
|
69
69
|
}
|
|
70
70
|
return encodeBase64Url(publicKey);
|
|
71
71
|
}
|
|
72
|
-
async function loadPublicKey(jwk, signingConfig) {
|
|
73
|
-
const trustStorePem = await resolveTrustStorePem();
|
|
74
|
-
const certificateKey = normalizeCertificateKey(jwk, signingConfig, trustStorePem);
|
|
75
|
-
const candidate = certificateKey ??
|
|
76
|
-
(typeof jwk.x === "string"
|
|
77
|
-
? jwk.x
|
|
78
|
-
: typeof jwk.crv_x === "string"
|
|
79
|
-
? jwk.crv_x
|
|
80
|
-
: jwk.pub);
|
|
81
|
-
if (typeof candidate !== "string") {
|
|
82
|
-
throw new Error("JWK missing public key material");
|
|
83
|
-
}
|
|
84
|
-
return decodeBase64Url(candidate);
|
|
85
|
-
}
|
|
86
|
-
function hasProcessEnv() {
|
|
87
|
-
return typeof process !== "undefined" && typeof process.env !== "undefined";
|
|
88
|
-
}
|
|
89
|
-
function isNodeProcess() {
|
|
90
|
-
return (typeof process !== "undefined" &&
|
|
91
|
-
typeof process.release !== "undefined" &&
|
|
92
|
-
process.release?.name === "node");
|
|
93
|
-
}
|
|
94
|
-
async function resolveTrustStorePem() {
|
|
95
|
-
if (!hasProcessEnv()) {
|
|
96
|
-
return null;
|
|
97
|
-
}
|
|
98
|
-
const rawValue = process.env?.FAME_CA_CERTS ?? null;
|
|
99
|
-
if (!rawValue || rawValue.trim().length === 0) {
|
|
100
|
-
return null;
|
|
101
|
-
}
|
|
102
|
-
const trimmed = rawValue.replace(/\r/gu, "").trim();
|
|
103
|
-
if (trimmed.startsWith("-----BEGIN")) {
|
|
104
|
-
return trimmed;
|
|
105
|
-
}
|
|
106
|
-
if (!isNodeProcess()) {
|
|
107
|
-
throw new Error("FAME_CA_CERTS must contain PEM-encoded certificates when running outside of Node.js");
|
|
108
|
-
}
|
|
109
|
-
try {
|
|
110
|
-
const fs = await import("node:fs/promises");
|
|
111
|
-
const content = await fs.readFile(trimmed, "utf8");
|
|
112
|
-
return content.replace(/\r/gu, "").trim();
|
|
113
|
-
}
|
|
114
|
-
catch (error) {
|
|
115
|
-
const reason = error instanceof Error ? error.message : String(error);
|
|
116
|
-
throw new Error(`Failed to read trust store from ${trimmed}: ${reason}`);
|
|
117
|
-
}
|
|
118
|
-
}
|
|
119
72
|
export class EdDSAEnvelopeVerifier {
|
|
120
73
|
constructor(keyProvider, options = {}) {
|
|
121
74
|
this.keyProvider = keyProvider;
|
|
122
75
|
this.signingConfig = options.signingConfig ?? new SigningConfigClass();
|
|
76
|
+
this.trustStoreProvider = options.trustStoreProvider ?? null;
|
|
123
77
|
ensureNobleSha512Fallback();
|
|
124
78
|
}
|
|
79
|
+
async loadTrustStorePem() {
|
|
80
|
+
if (!this.trustStoreProvider) {
|
|
81
|
+
return null;
|
|
82
|
+
}
|
|
83
|
+
if (typeof this.trustStoreProvider.initialize === "function") {
|
|
84
|
+
await this.trustStoreProvider.initialize();
|
|
85
|
+
}
|
|
86
|
+
const pem = await this.trustStoreProvider.getTrustStorePem();
|
|
87
|
+
const normalized = pem.replace(/\r/gu, "").trim();
|
|
88
|
+
return normalized.length > 0 ? normalized : null;
|
|
89
|
+
}
|
|
90
|
+
async resolveVerificationKey(kid, jwk) {
|
|
91
|
+
const trustStorePem = await this.loadTrustStorePem();
|
|
92
|
+
const certificateKey = normalizeCertificateKey(jwk, this.signingConfig, trustStorePem);
|
|
93
|
+
const candidate = certificateKey ??
|
|
94
|
+
(typeof jwk.x === "string"
|
|
95
|
+
? jwk.x
|
|
96
|
+
: typeof jwk.crv_x === "string"
|
|
97
|
+
? jwk.crv_x
|
|
98
|
+
: jwk.pub);
|
|
99
|
+
if (typeof candidate !== "string") {
|
|
100
|
+
throw new Error("JWK missing public key material");
|
|
101
|
+
}
|
|
102
|
+
const normalizedJwk = { ...jwk };
|
|
103
|
+
if (certificateKey || typeof normalizedJwk.x !== "string") {
|
|
104
|
+
normalizedJwk.x = certificateKey ?? candidate;
|
|
105
|
+
}
|
|
106
|
+
try {
|
|
107
|
+
validateSigningKey(normalizedJwk);
|
|
108
|
+
}
|
|
109
|
+
catch (error) {
|
|
110
|
+
if (error instanceof JWKValidationError) {
|
|
111
|
+
throw new Error(`Key ${kid} is not valid for signing: ${error.message}`);
|
|
112
|
+
}
|
|
113
|
+
throw error;
|
|
114
|
+
}
|
|
115
|
+
const publicKey = decodeBase64Url(candidate);
|
|
116
|
+
return { normalizedJwk, publicKey };
|
|
117
|
+
}
|
|
125
118
|
async verifyEnvelope(envelope, options = {}) {
|
|
126
119
|
const signatureHeader = envelope.sec?.sig;
|
|
127
120
|
if (!signatureHeader) {
|
|
@@ -133,15 +126,7 @@ export class EdDSAEnvelopeVerifier {
|
|
|
133
126
|
if (!jwk) {
|
|
134
127
|
throw new Error(`Unknown key id: ${kid}`);
|
|
135
128
|
}
|
|
136
|
-
|
|
137
|
-
validateSigningKey(jwk);
|
|
138
|
-
}
|
|
139
|
-
catch (error) {
|
|
140
|
-
if (error instanceof JWKValidationError) {
|
|
141
|
-
throw new Error(`Key ${kid} is not valid for signing: ${error.message}`);
|
|
142
|
-
}
|
|
143
|
-
throw error;
|
|
144
|
-
}
|
|
129
|
+
const { normalizedJwk, publicKey } = await this.resolveVerificationKey(kid, jwk);
|
|
145
130
|
const checkPayload = options.checkPayload ?? true;
|
|
146
131
|
let trustedDigest;
|
|
147
132
|
if (isDataFrame(envelope.frame)) {
|
|
@@ -167,7 +152,7 @@ export class EdDSAEnvelopeVerifier {
|
|
|
167
152
|
else {
|
|
168
153
|
trustedDigest = frameDigest(envelope.frame);
|
|
169
154
|
}
|
|
170
|
-
const sid = assertString(
|
|
155
|
+
const sid = assertString(normalizedJwk.sid, "Signing key missing sid");
|
|
171
156
|
const immutable = canonicalJson(immutableHeaders(envelope));
|
|
172
157
|
const tbs = new Uint8Array(encodeUtf8(sid).length +
|
|
173
158
|
1 +
|
|
@@ -191,7 +176,6 @@ export class EdDSAEnvelopeVerifier {
|
|
|
191
176
|
if (signatureBytes.length !== 64) {
|
|
192
177
|
throw new Error("Signature must be 64 bytes for Ed25519");
|
|
193
178
|
}
|
|
194
|
-
const publicKey = await loadPublicKey(jwk, this.signingConfig);
|
|
195
179
|
if (publicKey.length !== 32) {
|
|
196
180
|
throw new Error("Ed25519 public key must be 32 bytes");
|
|
197
181
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"eddsa-envelope-verifier.js","sourceRoot":"","sources":["../../../../../../src/naylence/fame/security/signing/eddsa-envelope-verifier.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,IAAI,KAAK,EAAE,MAAM,EAAE,MAAM,gBAAgB,CAAC;AACtD,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAE/C,OAAO,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AACjD,OAAO,EACL,kBAAkB,EAClB,YAAY,GAEb,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EACL,aAAa,EACb,eAAe,EACf,WAAW,EACX,gBAAgB,GACjB,MAAM,2EAA2E,CAAC;AACnF,OAAO,EAAE,UAAU,EAAE,MAAM,iEAAiE,CAAC;AAC7F,OAAO,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,MAAM,mBAAmB,CAAC;AAC3E,OAAO,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;
|
|
1
|
+
{"version":3,"file":"eddsa-envelope-verifier.js","sourceRoot":"","sources":["../../../../../../src/naylence/fame/security/signing/eddsa-envelope-verifier.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,IAAI,KAAK,EAAE,MAAM,EAAE,MAAM,gBAAgB,CAAC;AACtD,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAE/C,OAAO,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AACjD,OAAO,EACL,kBAAkB,EAClB,YAAY,GAEb,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EACL,aAAa,EACb,eAAe,EACf,WAAW,EACX,gBAAgB,GACjB,MAAM,2EAA2E,CAAC;AACnF,OAAO,EAAE,UAAU,EAAE,MAAM,iEAAiE,CAAC;AAC7F,OAAO,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,MAAM,mBAAmB,CAAC;AAC3E,OAAO,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AAcnD,SAAS,YAAY,CAAC,KAAc,EAAE,KAAa;IACjD,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACpD,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,6BAA6B,CAAC,CAAC;IACzD,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,WAAW,CAAC,KAA4B;IAC/C,OAAQ,KAA2B,CAAC,IAAI,KAAK,MAAM,CAAC;AACtD,CAAC;AAED,SAAS,eAAe,CAAC,KAAiB;IACxC,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;QAClC,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC;aACtB,QAAQ,CAAC,QAAQ,CAAC;aAClB,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC;aACpB,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC;aACpB,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IACzB,CAAC;IAED,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,MAAM,IAAI,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC;IACtC,CAAC;IAED,IAAI,OAAO,IAAI,KAAK,UAAU,EAAE,CAAC;QAC/B,OAAO,IAAI,CAAC,MAAM,CAAC;aAChB,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC;aACpB,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC;aACpB,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IACzB,CAAC;IAED,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;AACrE,CAAC;AAED,SAAS,yBAAyB;IAChC,MAAM,QAAQ,GAAG,KAGhB,CAAC;IAEF,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC;QACrB,QAAQ,CAAC,MAAM,GAAG,CAAC,OAAmB,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAC7D,CAAC;IAED,IAAI,CAAC,QAAQ,CAAC,UAAU,EAAE,CAAC;QACzB,QAAQ,CAAC,UAAU,GAAG,CAAC,GAAG,QAAsB,EAAc,EAAE;YAC9D,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC1B,OAAO,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAE,CAAC,CAAC;YAC9B,CAAC;YAED,MAAM,QAAQ,GAAG,KAAK,CAAC,WAAW,CAAC,GAAG,QAAQ,CAAC,CAAC;YAChD,OAAO,MAAM,CAAC,QAAQ,CAAC,CAAC;QAC1B,CAAC,CAAC;IACJ,CAAC;AACH,CAAC;AAED,SAAS,uBAAuB,CAC9B,GAAgB,EAChB,aAA4B,EAC5B,aAA4B;IAE5B,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACpD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,aAAa,CAAC,eAAe,KAAK,eAAe,CAAC,UAAU,EAAE,CAAC;QACjE,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACrE,CAAC;IAED,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CACb,mHAAmH,CACpH,CAAC;IACJ,CAAC;IAED,MAAM,SAAS,GAAG,gBAAgB,CAAC,GAAG,CAAC,GAAe,EAAE;QACtD,sBAAsB,EAAE,aAAa,CAAC,2BAA2B;QACjE,aAAa;KACd,CAAC,CAAC;IAEH,IAAI,SAAS,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QAC5B,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;IACzE,CAAC;IAED,OAAO,eAAe,CAAC,SAAS,CAAC,CAAC;AACpC,CAAC;AAOD,MAAM,OAAO,qBAAqB;IAMhC,YACE,WAAwB,EACxB,UAAwC,EAAE;QAE1C,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;QAC/B,IAAI,CAAC,aAAa,GAAG,OAAO,CAAC,aAAa,IAAI,IAAI,kBAAkB,EAAE,CAAC;QACvE,IAAI,CAAC,kBAAkB,GAAG,OAAO,CAAC,kBAAkB,IAAI,IAAI,CAAC;QAC7D,yBAAyB,EAAE,CAAC;IAC9B,CAAC;IAEO,KAAK,CAAC,iBAAiB;QAC7B,IAAI,CAAC,IAAI,CAAC,kBAAkB,EAAE,CAAC;YAC7B,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,OAAO,IAAI,CAAC,kBAAkB,CAAC,UAAU,KAAK,UAAU,EAAE,CAAC;YAC7D,MAAM,IAAI,CAAC,kBAAkB,CAAC,UAAU,EAAE,CAAC;QAC7C,CAAC;QAED,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,gBAAgB,EAAE,CAAC;QAC7D,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QAClD,OAAO,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC;IACnD,CAAC;IAEO,KAAK,CAAC,sBAAsB,CAClC,GAAW,EACX,GAAgB;QAEhB,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACrD,MAAM,cAAc,GAAG,uBAAuB,CAC5C,GAAG,EACH,IAAI,CAAC,aAAa,EAClB,aAAa,CACd,CAAC;QAEF,MAAM,SAAS,GACb,cAAc;YACd,CAAC,OAAO,GAAG,CAAC,CAAC,KAAK,QAAQ;gBACxB,CAAC,CAAC,GAAG,CAAC,CAAC;gBACP,CAAC,CAAC,OAAO,GAAG,CAAC,KAAK,KAAK,QAAQ;oBAC7B,CAAC,CAAC,GAAG,CAAC,KAAK;oBACX,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAEjB,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;YAClC,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;QACrD,CAAC;QAED,MAAM,aAAa,GAAgB,EAAE,GAAG,GAAG,EAAE,CAAC;QAC9C,IAAI,cAAc,IAAI,OAAO,aAAa,CAAC,CAAC,KAAK,QAAQ,EAAE,CAAC;YAC1D,aAAa,CAAC,CAAC,GAAG,cAAc,IAAI,SAAS,CAAC;QAChD,CAAC;QAED,IAAI,CAAC;YACH,kBAAkB,CAAC,aAAa,CAAC,CAAC;QACpC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,kBAAkB,EAAE,CAAC;gBACxC,MAAM,IAAI,KAAK,CACb,OAAO,GAAG,8BAA8B,KAAK,CAAC,OAAO,EAAE,CACxD,CAAC;YACJ,CAAC;YACD,MAAM,KAAK,CAAC;QACd,CAAC;QAED,MAAM,SAAS,GAAG,eAAe,CAAC,SAAS,CAAC,CAAC;QAC7C,OAAO,EAAE,aAAa,EAAE,SAAS,EAAE,CAAC;IACtC,CAAC;IAEM,KAAK,CAAC,cAAc,CACzB,QAAsB,EACtB,UAAwD,EAAE;QAE1D,MAAM,eAAe,GAAG,QAAQ,CAAC,GAAG,EAAE,GAAG,CAAC;QAC1C,IAAI,CAAC,eAAe,EAAE,CAAC;YACrB,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;QACrD,CAAC;QAED,MAAM,GAAG,GAAG,YAAY,CACtB,eAAe,CAAC,GAAG,EACnB,gCAAgC,CACjC,CAAC;QACF,MAAM,cAAc,GAAG,YAAY,CACjC,eAAe,CAAC,GAAG,EACnB,gCAAgC,CACjC,CAAC;QAEF,MAAM,GAAG,GAAG,CAAC,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,GAAG,CAAC,CAAuB,CAAC;QACvE,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,MAAM,IAAI,KAAK,CAAC,mBAAmB,GAAG,EAAE,CAAC,CAAC;QAC5C,CAAC;QAED,MAAM,EAAE,aAAa,EAAE,SAAS,EAAE,GAAG,MAAM,IAAI,CAAC,sBAAsB,CACpE,GAAG,EACH,GAAG,CACJ,CAAC;QAEF,MAAM,YAAY,GAAG,OAAO,CAAC,YAAY,IAAI,IAAI,CAAC;QAElD,IAAI,aAAqB,CAAC;QAC1B,IAAI,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YAChC,IAAI,YAAY,EAAE,CAAC;gBACjB,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC;oBACvB,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;gBACjE,CAAC;gBACD,MAAM,OAAO,GAAG,QAAQ,CAAC,KAAK,CAAC,OAAO,IAAI,EAAE,CAAC;gBAC7C,MAAM,aAAa,GAAG,OAAO,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;gBACnE,MAAM,YAAY,GAAG,YAAY,CAAC,aAAa,CAAC,CAAC;gBACjD,IAAI,YAAY,KAAK,QAAQ,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC;oBACvC,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;gBAC1D,CAAC;gBACD,aAAa,GAAG,YAAY,CAAC;YAC/B,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC;oBACvB,MAAM,IAAI,KAAK,CACb,2EAA2E,CAC5E,CAAC;gBACJ,CAAC;gBACD,aAAa,GAAG,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YACpC,CAAC;QACH,CAAC;aAAM,CAAC;YACN,aAAa,GAAG,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QAC9C,CAAC;QAEH,MAAM,GAAG,GAAG,YAAY,CAAC,aAAa,CAAC,GAAG,EAAE,yBAAyB,CAAC,CAAC;QACrE,MAAM,SAAS,GAAG,aAAa,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC,CAAC;QAC5D,MAAM,GAAG,GAAG,IAAI,UAAU,CACxB,UAAU,CAAC,GAAG,CAAC,CAAC,MAAM;YACpB,CAAC;YACD,UAAU,CAAC,SAAS,CAAC,CAAC,MAAM;YAC5B,CAAC;YACD,UAAU,CAAC,aAAa,CAAC,CAAC,MAAM,CACnC,CAAC;QAEF,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;QACjC,MAAM,QAAQ,GAAG,UAAU,CAAC,SAAS,CAAC,CAAC;QACvC,MAAM,WAAW,GAAG,UAAU,CAAC,aAAa,CAAC,CAAC;QAC9C,IAAI,MAAM,GAAG,CAAC,CAAC;QAEf,GAAG,CAAC,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QAC1B,MAAM,IAAI,QAAQ,CAAC,MAAM,CAAC;QAC1B,GAAG,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC;QACnB,MAAM,IAAI,CAAC,CAAC;QAEZ,GAAG,CAAC,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QAC1B,MAAM,IAAI,QAAQ,CAAC,MAAM,CAAC;QAC1B,GAAG,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC;QACnB,MAAM,IAAI,CAAC,CAAC;QAEZ,GAAG,CAAC,GAAG,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;QAE7B,MAAM,cAAc,GAAG,eAAe,CAAC,cAAc,CAAC,CAAC;QACvD,IAAI,cAAc,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;YACjC,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;QAC5D,CAAC;QAED,IAAI,SAAS,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;YAC5B,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;QACzD,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,MAAM,CAAC,cAAc,EAAE,GAAG,EAAE,SAAS,CAAC,CAAC;QAC3D,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;QAC5D,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;CACF"}
|
package/dist/cjs/version.js
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
// This file is auto-generated during build - do not edit manually
|
|
2
|
-
// Generated from package.json version: 0.3.5-test.
|
|
2
|
+
// Generated from package.json version: 0.3.5-test.104
|
|
3
3
|
/**
|
|
4
4
|
* The package version, injected at build time.
|
|
5
5
|
* @internal
|
|
6
6
|
*/
|
|
7
|
-
export const VERSION = '0.3.5-test.
|
|
7
|
+
export const VERSION = '0.3.5-test.104';
|
|
8
8
|
//# sourceMappingURL=version.js.map
|
|
@@ -7,6 +7,8 @@
|
|
|
7
7
|
export const MODULES = [
|
|
8
8
|
"./security/cert/default-ca-service-factory.js",
|
|
9
9
|
"./security/cert/default-certificate-manager-factory.js",
|
|
10
|
+
"./security/cert/trust-store/browser-trust-store-provider-factory.js",
|
|
11
|
+
"./security/cert/trust-store/node-trust-store-provider-factory.js",
|
|
10
12
|
"./security/encryption/channel/channel-encryption-manager-factory.js",
|
|
11
13
|
"./security/encryption/composite-encryption-manager-factory.js",
|
|
12
14
|
"./security/encryption/default-secure-channel-manager-factory.js",
|
|
@@ -21,6 +23,8 @@ export const MODULES = [
|
|
|
21
23
|
export const MODULE_LOADERS = {
|
|
22
24
|
"./security/cert/default-ca-service-factory.js": () => import("./security/cert/default-ca-service-factory.js"),
|
|
23
25
|
"./security/cert/default-certificate-manager-factory.js": () => import("./security/cert/default-certificate-manager-factory.js"),
|
|
26
|
+
"./security/cert/trust-store/browser-trust-store-provider-factory.js": () => import("./security/cert/trust-store/browser-trust-store-provider-factory.js"),
|
|
27
|
+
"./security/cert/trust-store/node-trust-store-provider-factory.js": () => import("./security/cert/trust-store/node-trust-store-provider-factory.js"),
|
|
24
28
|
"./security/encryption/channel/channel-encryption-manager-factory.js": () => import("./security/encryption/channel/channel-encryption-manager-factory.js"),
|
|
25
29
|
"./security/encryption/composite-encryption-manager-factory.js": () => import("./security/encryption/composite-encryption-manager-factory.js"),
|
|
26
30
|
"./security/encryption/default-secure-channel-manager-factory.js": () => import("./security/encryption/default-secure-channel-manager-factory.js"),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"factory-manifest.js","sourceRoot":"","sources":["../../../../src/naylence/fame/factory-manifest.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,MAAM,CAAC,MAAM,OAAO,GAAG;IACrB,+CAA+C;IAC/C,wDAAwD;IACxD,qEAAqE;IACrE,+DAA+D;IAC/D,iEAAiE;IACjE,mEAAmE;IACnE,4CAA4C;IAC5C,qDAAqD;IACrD,uDAAuD;IACvD,8DAA8D;IAC9D,wDAAwD;IACxD,+CAA+C;CACvC,CAAC;AAKX,MAAM,CAAC,MAAM,cAAc,GAAmD;IAC5E,+CAA+C,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,+CAA+C,CAAC;IAC9G,wDAAwD,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,wDAAwD,CAAC;IAChI,qEAAqE,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,qEAAqE,CAAC;IAC1J,+DAA+D,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,+DAA+D,CAAC;IAC9I,iEAAiE,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,iEAAiE,CAAC;IAClJ,mEAAmE,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,mEAAmE,CAAC;IACtJ,4CAA4C,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,4CAA4C,CAAC;IACxG,qDAAqD,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,qDAAqD,CAAC;IAC1H,uDAAuD,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,uDAAuD,CAAC;IAC9H,8DAA8D,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,8DAA8D,CAAC;IAC5I,wDAAwD,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,wDAAwD,CAAC;IAChI,+CAA+C,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,+CAA+C,CAAC;CAC/G,CAAC"}
|
|
1
|
+
{"version":3,"file":"factory-manifest.js","sourceRoot":"","sources":["../../../../src/naylence/fame/factory-manifest.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,MAAM,CAAC,MAAM,OAAO,GAAG;IACrB,+CAA+C;IAC/C,wDAAwD;IACxD,qEAAqE;IACrE,kEAAkE;IAClE,qEAAqE;IACrE,+DAA+D;IAC/D,iEAAiE;IACjE,mEAAmE;IACnE,4CAA4C;IAC5C,qDAAqD;IACrD,uDAAuD;IACvD,8DAA8D;IAC9D,wDAAwD;IACxD,+CAA+C;CACvC,CAAC;AAKX,MAAM,CAAC,MAAM,cAAc,GAAmD;IAC5E,+CAA+C,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,+CAA+C,CAAC;IAC9G,wDAAwD,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,wDAAwD,CAAC;IAChI,qEAAqE,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,qEAAqE,CAAC;IAC1J,kEAAkE,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,kEAAkE,CAAC;IACpJ,qEAAqE,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,qEAAqE,CAAC;IAC1J,+DAA+D,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,+DAA+D,CAAC;IAC9I,iEAAiE,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,iEAAiE,CAAC;IAClJ,mEAAmE,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,mEAAmE,CAAC;IACtJ,4CAA4C,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,4CAA4C,CAAC;IACxG,qDAAqD,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,qDAAqD,CAAC;IAC1H,uDAAuD,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,uDAAuD,CAAC;IAC9H,8DAA8D,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,8DAA8D,CAAC;IAC5I,wDAAwD,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,wDAAwD,CAAC;IAChI,+CAA+C,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,+CAA+C,CAAC;CAC/G,CAAC"}
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
import { pathToFileURL } from "node:url";
|
|
3
|
+
import { main } from "./ca-server.js";
|
|
4
|
+
function isDirectExecution() {
|
|
5
|
+
if (typeof process === "undefined") {
|
|
6
|
+
return false;
|
|
7
|
+
}
|
|
8
|
+
const entry = process.argv?.[1];
|
|
9
|
+
if (typeof entry !== "string" || entry.length === 0) {
|
|
10
|
+
return false;
|
|
11
|
+
}
|
|
12
|
+
const entryUrl = pathToFileURL(entry).href;
|
|
13
|
+
return import.meta.url === entryUrl;
|
|
14
|
+
}
|
|
15
|
+
function registerSignalHandlers() {
|
|
16
|
+
const handleShutdown = (signal) => {
|
|
17
|
+
console.log("[INFO] ca_server_shutting_down", { signal });
|
|
18
|
+
process.exit(0);
|
|
19
|
+
};
|
|
20
|
+
process.on("SIGTERM", () => handleShutdown("SIGTERM"));
|
|
21
|
+
process.on("SIGINT", () => handleShutdown("SIGINT"));
|
|
22
|
+
}
|
|
23
|
+
if (isDirectExecution()) {
|
|
24
|
+
registerSignalHandlers();
|
|
25
|
+
main().catch((error) => {
|
|
26
|
+
console.error("Fatal error:", error);
|
|
27
|
+
process.exit(1);
|
|
28
|
+
});
|
|
29
|
+
}
|
|
30
|
+
//# sourceMappingURL=ca-server-cli.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"ca-server-cli.js","sourceRoot":"","sources":["../../../../../../src/naylence/fame/security/cert/ca-server-cli.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAEzC,OAAO,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;AAEtC,SAAS,iBAAiB;IACxB,IAAI,OAAO,OAAO,KAAK,WAAW,EAAE,CAAC;QACnC,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,KAAK,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAChC,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACpD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,QAAQ,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC;IAC3C,OAAO,MAAM,CAAC,IAAI,CAAC,GAAG,KAAK,QAAQ,CAAC;AACtC,CAAC;AAED,SAAS,sBAAsB;IAC7B,MAAM,cAAc,GAAG,CAAC,MAAsB,EAAE,EAAE;QAChD,OAAO,CAAC,GAAG,CAAC,gCAAgC,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC;QAC1D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC;IAEF,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC,CAAC;IACvD,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,GAAG,EAAE,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC,CAAC;AACvD,CAAC;AAED,IAAI,iBAAiB,EAAE,EAAE,CAAC;IACxB,sBAAsB,EAAE,CAAC;IAEzB,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;QACrB,OAAO,CAAC,KAAK,CAAC,cAAc,EAAE,KAAK,CAAC,CAAC;QACrC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC,CAAC;AACL,CAAC"}
|
|
@@ -1,4 +1,3 @@
|
|
|
1
|
-
#!/usr/bin/env node
|
|
2
1
|
/**
|
|
3
2
|
* CA Server - Certificate Authority HTTP endpoint
|
|
4
3
|
*
|
|
@@ -158,23 +157,7 @@ async function main() {
|
|
|
158
157
|
process.exit(1);
|
|
159
158
|
}
|
|
160
159
|
}
|
|
161
|
-
|
|
162
|
-
process.on("SIGTERM", () => {
|
|
163
|
-
logger.info("ca_server_shutting_down", { signal: "SIGTERM" });
|
|
164
|
-
process.exit(0);
|
|
165
|
-
});
|
|
166
|
-
process.on("SIGINT", () => {
|
|
167
|
-
logger.info("ca_server_shutting_down", { signal: "SIGINT" });
|
|
168
|
-
process.exit(0);
|
|
169
|
-
});
|
|
170
|
-
// Run if executed directly
|
|
171
|
-
if (import.meta.url === `file://${process.argv[1]}`) {
|
|
172
|
-
main().catch((error) => {
|
|
173
|
-
console.error("Fatal error:", error);
|
|
174
|
-
process.exit(1);
|
|
175
|
-
});
|
|
176
|
-
}
|
|
177
|
-
export { createApp };
|
|
160
|
+
export { createApp, main };
|
|
178
161
|
function computeEtag(payload) {
|
|
179
162
|
const encoder = new TextEncoder();
|
|
180
163
|
const digest = sha256(encoder.encode(payload));
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ca-server.js","sourceRoot":"","sources":["../../../../../../src/naylence/fame/security/cert/ca-server.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"ca-server.js","sourceRoot":"","sources":["../../../../../../src/naylence/fame/security/cert/ca-server.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,MAAM,EAAE,MAAM,yBAAyB,CAAC;AACjD,OAAO,OAAO,MAAM,SAAS,CAAC;AAE9B,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAG3D,sCAAsC;AACtC,MAAM,MAAM,GAAG;IACb,IAAI,EAAE,CAAC,KAAa,EAAE,IAA8B,EAAE,EAAE;QACtD,OAAO,CAAC,GAAG,CAAC,UAAU,KAAK,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,CAAC;IAC7C,CAAC;IACD,OAAO,EAAE,CAAC,KAAa,EAAE,IAA8B,EAAE,EAAE;QACzD,OAAO,CAAC,IAAI,CAAC,aAAa,KAAK,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,CAAC;IACjD,CAAC;IACD,KAAK,EAAE,CAAC,KAAa,EAAE,IAA8B,EAAE,EAAE;QACvD,OAAO,CAAC,KAAK,CAAC,WAAW,KAAK,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,CAAC;IAChD,CAAC;IACD,KAAK,EAAE,CAAC,KAAa,EAAE,IAA8B,EAAE,EAAE;QACvD,MAAM,QAAQ,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,IAAI,MAAM,CAAC,CAAC,WAAW,EAAE,CAAC;QACtE,IAAI,QAAQ,KAAK,OAAO,IAAI,QAAQ,KAAK,OAAO,EAAE,CAAC;YACjD,OAAO,CAAC,GAAG,CAAC,WAAW,KAAK,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,CAAC;QAC9C,CAAC;IACH,CAAC;CACF,CAAC;AAEF,MAAM,qBAAqB,GAAG,eAAe,CAAC;AAC9C,MAAM,qBAAqB,GAAG,eAAe,CAAC;AAe9C;;;GAGG;AACH,SAAS,cAAc,CACrB,OAAwB,EACxB,SAAoB,EACpB,SAAiB,aAAa;IAE9B,+BAA+B;IAC/B,OAAO,CAAC,IAAI,CACV,GAAG,MAAM,OAAO,EAChB;QACE,MAAM,EAAE;YACN,IAAI,EAAE;gBACJ,IAAI,EAAE,QAAQ;gBACd,QAAQ,EAAE,CAAC,SAAS,EAAE,cAAc,CAAC;gBACrC,UAAU,EAAE;oBACV,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;oBAC3B,YAAY,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;oBAChC,aAAa,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;oBACjC,QAAQ,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE;iBACvD;aACF;SACF;KACF,EACD,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE;QACvB,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC;YAEhC,IAAI,CAAC,UAAU,IAAI,CAAC,UAAU,CAAC,YAAY,EAAE,CAAC;gBAC5C,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBAC5B,KAAK,EAAE,iBAAiB;oBACxB,OAAO,EAAE,+BAA+B;iBACzC,CAAC,CAAC;YACL,CAAC;YAED,MAAM,CAAC,KAAK,CAAC,0BAA0B,EAAE;gBACvC,YAAY,EAAE,UAAU,CAAC,YAAY;gBACrC,aAAa,EAAE,UAAU,CAAC,aAAa;gBACvC,QAAQ,EAAE,UAAU,CAAC,QAAQ;aAC9B,CAAC,CAAC;YAEH,2CAA2C;YAC3C,IAAI,SAAS,CAAC,UAAU,EAAE,CAAC;gBACzB,sEAAsE;gBACtE,MAAM,CAAC,OAAO,CAAC,oCAAoC,EAAE;oBACnD,qBAAqB,EAAE,IAAI;iBAC5B,CAAC,CAAC;YACL,CAAC;YAED,mEAAmE;YACnE,MAAM,aAAa,GAAG;gBACpB,MAAM,EAAE,UAAU,CAAC,OAAO;gBAC1B,WAAW,EAAE,UAAU,CAAC,YAAY;gBACpC,YAAY,EAAE,UAAU,CAAC,aAAa;gBACtC,QAAQ,EAAE,UAAU,CAAC,QAAQ;aAC9B,CAAC;YAEF,oBAAoB;YACpB,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,gBAAgB,CAAC,aAAa,CAAC,CAAC;YAE/D,MAAM,QAAQ,GAAgC;gBAC5C,eAAe,EAAE,MAAM,CAAC,cAAc;gBACtC,qBAAqB,EAAE,MAAM,CAAC,mBAAmB;gBACjD,UAAU,EAAE,MAAM,CAAC,SAAS;aAC7B,CAAC;YAEF,OAAO,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC9B,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,KAAK,CAAC,yBAAyB,EAAE;gBACtC,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;aAC9D,CAAC,CAAC;YAEH,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBAC5B,KAAK,EAAE,iBAAiB;gBACxB,OAAO,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe;aAClE,CAAC,CAAC;QACL,CAAC;IACH,CAAC,CACF,CAAC;IAEF,eAAe;IACf,OAAO,CAAC,GAAG,CAAC,SAAS,EAAE,KAAK,IAAI,EAAE;QAChC,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,WAAW,EAAE,CAAC;IACrD,CAAC,CAAC,CAAC;IAEH,MAAM,eAAe,GAAG,yCAAyC,CAAC;IAElE,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE;QACpD,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,cAAc,EAAE,CAAC;QAChD,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBAC5B,KAAK,EAAE,0BAA0B;aAClC,CAAC,CAAC;QACL,CAAC;QAED,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QACvC,MAAM,IAAI,GAAG,IAAI,WAAW,CAAC,OAAO,CAAC,GAAG,CAAC;QACzC,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;QAErD,IAAI,OAAO,WAAW,KAAK,QAAQ,IAAI,WAAW,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,KAAK,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,EAAE,CAAC;YACpG,OAAO,KAAK;iBACT,MAAM,CAAC,GAAG,CAAC;iBACX,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC;iBACpB,MAAM,CAAC,eAAe,EAAE,uBAAuB,EAAE,CAAC;iBAClD,IAAI,EAAE,CAAC;QACZ,CAAC;QAED,OAAO,KAAK;aACT,MAAM,CAAC,cAAc,EAAE,kBAAkB,CAAC;aAC1C,MAAM,CAAC,eAAe,EAAE,uBAAuB,EAAE,CAAC;aAClD,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC;aACpB,IAAI,CAAC,MAAoC,CAAC,CAAC;IAChD,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,SAAS;IAItB,qEAAqE;IACrE,MAAM,OAAO,GAAG,OAAO,CAAC;QACtB,MAAM,EAAE,KAAK;KACd,CAAC,CAAC;IAEH,sEAAsE;IACtE,MAAM,EAAE,uCAAuC,EAAE,GAAG,MAAM,MAAM,CAC9D,uBAAuB,CACxB,CAAC;IACF,MAAM,uCAAuC,EAAE,CAAC;IAEhD,wDAAwD;IACxD,MAAM,SAAS,GAAG,MAAM,gBAAgB,CAAC,eAAe,EAAE,CAAC;IAE3D,qBAAqB;IACrB,cAAc,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;IAEnC,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,SAAS,EAAE,CAAC;AACrC,CAAC;AAED,KAAK,UAAU,IAAI;IACjB,IAAI,CAAC;QACH,MAAM,EAAE,GAAG,EAAE,GAAG,MAAM,SAAS,EAAE,CAAC;QAElC,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,IAAI,SAAS,CAAC;QAC7D,MAAM,IAAI,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,IAAI,MAAM,EAAE,EAAE,CAAC,CAAC;QAExE,MAAM,GAAG,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;QAEjC,MAAM,CAAC,IAAI,CAAC,mBAAmB,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;QACjD,OAAO,CAAC,GAAG,CAAC,sCAAsC,IAAI,IAAI,IAAI,EAAE,CAAC,CAAC;QAClE,OAAO,CAAC,GAAG,CACT,mCAAmC,IAAI,IAAI,IAAI,oBAAoB,CACpE,CAAC;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CAAC,0BAA0B,EAAE;YACvC,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;SAC9D,CAAC,CAAC;QACH,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC;AAE3B,SAAS,WAAW,CAAC,OAAe;IAClC,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;IAClC,MAAM,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC;IAC/C,OAAO,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC;SACtB,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;SACjD,IAAI,CAAC,EAAE,CAAC,CAAC;AACd,CAAC;AAED,SAAS,uBAAuB;IAC9B,OAAO,oDAAoD,CAAC;AAC9D,CAAC"}
|
|
@@ -5,8 +5,8 @@ import { CertificateRequestError } from "./ca-types.js";
|
|
|
5
5
|
import { GRANT_PURPOSE_CA_SIGN } from "./grants.js";
|
|
6
6
|
import { validateJwkX5cCertificate } from "./util.js";
|
|
7
7
|
import { createEd25519CsrFromPem } from "./node-ed25519-csr.js";
|
|
8
|
+
import { TrustStoreProviderFactory } from "./trust-store/trust-store-provider-factory.js";
|
|
8
9
|
const logger = getLogger("naylence.fame.security.cert.default_certificate_manager");
|
|
9
|
-
const ENV_VAR_FAME_CA_CERTS = "FAME_CA_CERTS";
|
|
10
10
|
const CONNECTION_GRANTS_CAMEL = "connectionGrants";
|
|
11
11
|
const CONNECTION_GRANTS_SNAKE = "connection_grants";
|
|
12
12
|
export class DefaultCertificateManager {
|
|
@@ -514,7 +514,7 @@ export class DefaultCertificateManager {
|
|
|
514
514
|
const envPem = await resolveTrustStorePemFromEnvironment();
|
|
515
515
|
return {
|
|
516
516
|
pem: envPem,
|
|
517
|
-
reason: envPem ? undefined :
|
|
517
|
+
reason: envPem ? undefined : "trust_store_provider_unconfigured",
|
|
518
518
|
};
|
|
519
519
|
}
|
|
520
520
|
async resolveTrustStorePemFromProvider(provider, nodeId) {
|
|
@@ -795,36 +795,18 @@ function normalizeAuthConfig(candidate) {
|
|
|
795
795
|
return normalized;
|
|
796
796
|
}
|
|
797
797
|
async function resolveTrustStorePemFromEnvironment() {
|
|
798
|
-
if (!hasProcessEnv()) {
|
|
799
|
-
return null;
|
|
800
|
-
}
|
|
801
|
-
const rawValue = process.env?.[ENV_VAR_FAME_CA_CERTS];
|
|
802
|
-
if (!rawValue || rawValue.trim().length === 0) {
|
|
803
|
-
return null;
|
|
804
|
-
}
|
|
805
|
-
const trimmed = rawValue.trim();
|
|
806
|
-
if (trimmed.startsWith("-----BEGIN")) {
|
|
807
|
-
return normalizePem(trimmed);
|
|
808
|
-
}
|
|
809
|
-
if (!isNodeProcess()) {
|
|
810
|
-
logger.debug("trust_store_file_unavailable_in_browser", {
|
|
811
|
-
env_var: ENV_VAR_FAME_CA_CERTS,
|
|
812
|
-
});
|
|
813
|
-
return null;
|
|
814
|
-
}
|
|
815
|
-
const filePath = trimmed;
|
|
816
|
-
if (!filePath) {
|
|
817
|
-
return null;
|
|
818
|
-
}
|
|
819
798
|
try {
|
|
820
|
-
const
|
|
821
|
-
|
|
822
|
-
|
|
799
|
+
const provider = await TrustStoreProviderFactory.createTrustStoreProvider();
|
|
800
|
+
if (typeof provider.initialize === "function") {
|
|
801
|
+
await provider.initialize();
|
|
802
|
+
}
|
|
803
|
+
const pem = await provider.getTrustStorePem();
|
|
804
|
+
return normalizePemOrNull(pem);
|
|
823
805
|
}
|
|
824
806
|
catch (error) {
|
|
825
|
-
|
|
826
|
-
|
|
827
|
-
error:
|
|
807
|
+
const message = error instanceof Error ? error.message : String(error);
|
|
808
|
+
logger.debug("trust_store_provider_resolution_failed", {
|
|
809
|
+
error: message,
|
|
828
810
|
});
|
|
829
811
|
return null;
|
|
830
812
|
}
|