@nextera.one/axis-server-sdk 1.8.0 → 1.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.d.mts +36 -3
- package/dist/index.d.ts +36 -3
- package/dist/index.js +5563 -4760
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +5591 -4522
- package/dist/index.mjs.map +1 -1
- package/package.json +2 -1
package/dist/index.d.mts
CHANGED
|
@@ -139,6 +139,7 @@ interface CceCapsuleClaims {
|
|
|
139
139
|
tps_to: number;
|
|
140
140
|
capsule_nonce: string;
|
|
141
141
|
challenge_id: string;
|
|
142
|
+
proof_hash?: string;
|
|
142
143
|
policy_hash?: string;
|
|
143
144
|
iat: number;
|
|
144
145
|
exp: number;
|
|
@@ -195,6 +196,7 @@ interface CceResponseEnvelope {
|
|
|
195
196
|
response_id: string;
|
|
196
197
|
request_id: string;
|
|
197
198
|
correlation_id: string;
|
|
199
|
+
capsule_id: string;
|
|
198
200
|
encrypted_key: CceEncryptedKey;
|
|
199
201
|
encrypted_payload: CceEncryptedPayload;
|
|
200
202
|
response_nonce: string;
|
|
@@ -669,6 +671,21 @@ interface CceHandlerResult {
|
|
|
669
671
|
body: Uint8Array;
|
|
670
672
|
effect?: string;
|
|
671
673
|
}
|
|
674
|
+
interface CcePolicyContext {
|
|
675
|
+
envelope: CceRequestEnvelope;
|
|
676
|
+
capsule: CceCapsuleClaims;
|
|
677
|
+
executionContext: CceExecutionContext;
|
|
678
|
+
decryptedPayload: Uint8Array;
|
|
679
|
+
clientPublicKeyHex: string;
|
|
680
|
+
}
|
|
681
|
+
interface CcePolicyDecision {
|
|
682
|
+
allow: boolean;
|
|
683
|
+
code?: string;
|
|
684
|
+
message?: string;
|
|
685
|
+
}
|
|
686
|
+
interface CcePolicyEvaluator {
|
|
687
|
+
evaluate(context: CcePolicyContext): Promise<CcePolicyDecision>;
|
|
688
|
+
}
|
|
672
689
|
interface CcePipelineConfig {
|
|
673
690
|
axisLocalSecret: string;
|
|
674
691
|
axisAudience: string;
|
|
@@ -677,6 +694,7 @@ interface CcePipelineConfig {
|
|
|
677
694
|
witnessStore: CceWitnessStore;
|
|
678
695
|
clientKeyEncryptor: CceClientKeyEncryptor;
|
|
679
696
|
axisSigner: CceAxisSigner;
|
|
697
|
+
policyEvaluator?: CcePolicyEvaluator;
|
|
680
698
|
}
|
|
681
699
|
type CcePipelineResult = {
|
|
682
700
|
ok: true;
|
|
@@ -2142,14 +2160,24 @@ interface CceAxisKeyProvider {
|
|
|
2142
2160
|
interface CceAesGcmProvider {
|
|
2143
2161
|
decrypt(key: Uint8Array, iv: Uint8Array, ciphertext: Uint8Array, tag: Uint8Array, aad?: Uint8Array): Promise<Uint8Array | null>;
|
|
2144
2162
|
}
|
|
2163
|
+
interface CcePayloadValidatorResult {
|
|
2164
|
+
ok: boolean;
|
|
2165
|
+
intent?: string;
|
|
2166
|
+
code?: string;
|
|
2167
|
+
reason?: string;
|
|
2168
|
+
}
|
|
2169
|
+
interface CcePayloadValidator {
|
|
2170
|
+
validate(plaintext: Uint8Array, envelope: CceRequestEnvelope): Promise<CcePayloadValidatorResult>;
|
|
2171
|
+
}
|
|
2145
2172
|
declare class CcePayloadDecryptionSensor implements AxisSensor {
|
|
2146
2173
|
private readonly keyProvider;
|
|
2147
2174
|
private readonly aesProvider;
|
|
2148
2175
|
private readonly maxPayloadBytes;
|
|
2176
|
+
private readonly payloadValidator?;
|
|
2149
2177
|
readonly name = "cce.payload.decryption";
|
|
2150
2178
|
readonly order = 145;
|
|
2151
2179
|
readonly phase: "POST_DECODE";
|
|
2152
|
-
constructor(keyProvider: CceAxisKeyProvider, aesProvider: CceAesGcmProvider, maxPayloadBytes?: number);
|
|
2180
|
+
constructor(keyProvider: CceAxisKeyProvider, aesProvider: CceAesGcmProvider, maxPayloadBytes?: number, payloadValidator?: CcePayloadValidator | undefined);
|
|
2153
2181
|
supports(input: SensorInput): boolean;
|
|
2154
2182
|
run(input: SensorInput): Promise<SensorDecision>;
|
|
2155
2183
|
}
|
|
@@ -2309,8 +2337,13 @@ type index$9_CceKdfAlgorithm = CceKdfAlgorithm;
|
|
|
2309
2337
|
type index$9_CceKemAlgorithm = CceKemAlgorithm;
|
|
2310
2338
|
type index$9_CcePayloadDecryptionSensor = CcePayloadDecryptionSensor;
|
|
2311
2339
|
declare const index$9_CcePayloadDecryptionSensor: typeof CcePayloadDecryptionSensor;
|
|
2340
|
+
type index$9_CcePayloadValidator = CcePayloadValidator;
|
|
2341
|
+
type index$9_CcePayloadValidatorResult = CcePayloadValidatorResult;
|
|
2312
2342
|
type index$9_CcePipelineConfig = CcePipelineConfig;
|
|
2313
2343
|
type index$9_CcePipelineResult = CcePipelineResult;
|
|
2344
|
+
type index$9_CcePolicyContext = CcePolicyContext;
|
|
2345
|
+
type index$9_CcePolicyDecision = CcePolicyDecision;
|
|
2346
|
+
type index$9_CcePolicyEvaluator = CcePolicyEvaluator;
|
|
2314
2347
|
type index$9_CceReplayProtectionSensor = CceReplayProtectionSensor;
|
|
2315
2348
|
declare const index$9_CceReplayProtectionSensor: typeof CceReplayProtectionSensor;
|
|
2316
2349
|
type index$9_CceReplayStore = CceReplayStore;
|
|
@@ -2348,7 +2381,7 @@ declare const index$9_generateIv: typeof generateIv;
|
|
|
2348
2381
|
declare const index$9_hashPayload: typeof hashPayload;
|
|
2349
2382
|
declare const index$9_nodeAesGcmProvider: typeof nodeAesGcmProvider;
|
|
2350
2383
|
declare namespace index$9 {
|
|
2351
|
-
export { index$9_CCE_AES_KEY_BYTES as CCE_AES_KEY_BYTES, index$9_CCE_DERIVATION as CCE_DERIVATION, index$9_CCE_ERROR as CCE_ERROR, index$9_CCE_IV_BYTES as CCE_IV_BYTES, index$9_CCE_NONCE_BYTES as CCE_NONCE_BYTES, index$9_CCE_PROTOCOL_VERSION as CCE_PROTOCOL_VERSION, index$9_CCE_TAG_BYTES as CCE_TAG_BYTES, type index$9_CceAesGcmProvider as CceAesGcmProvider, type index$9_CceAlgorithm as CceAlgorithm, type index$9_CceAlgorithmDescriptor as CceAlgorithmDescriptor, index$9_CceAudienceIntentBindingSensor as CceAudienceIntentBindingSensor, type index$9_CceAxisKeyProvider as CceAxisKeyProvider, type index$9_CceAxisSigner as CceAxisSigner, type index$9_CceCapsuleClaims as CceCapsuleClaims, type index$9_CceCapsuleSignatureVerifier as CceCapsuleSignatureVerifier, index$9_CceCapsuleVerificationSensor as CceCapsuleVerificationSensor, type index$9_CceClientKeyEncryptor as CceClientKeyEncryptor, type index$9_CceClientKeyResolver as CceClientKeyResolver, index$9_CceClientSignatureSensor as CceClientSignatureSensor, type index$9_CceConstraints as CceConstraints, type index$9_CceDerivationInput as CceDerivationInput, type index$9_CceEncryptedKey as CceEncryptedKey, type index$9_CceEncryptedPayload as CceEncryptedPayload, index$9_CceEnvelopeValidationSensor as CceEnvelopeValidationSensor, index$9_CceError as CceError, type index$9_CceErrorCode as CceErrorCode, type index$9_CceExecutionContext as CceExecutionContext, type index$9_CceHandler as CceHandler, type index$9_CceHandlerContext as CceHandlerContext, type index$9_CceHandlerResult as CceHandlerResult, type index$9_CceIssuerKeyResolver as CceIssuerKeyResolver, type index$9_CceKdfAlgorithm as CceKdfAlgorithm, type index$9_CceKemAlgorithm as CceKemAlgorithm, index$9_CcePayloadDecryptionSensor as CcePayloadDecryptionSensor, type index$9_CcePipelineConfig as CcePipelineConfig, type index$9_CcePipelineResult as CcePipelineResult, index$9_CceReplayProtectionSensor as CceReplayProtectionSensor, type index$9_CceReplayStore as CceReplayStore, type index$9_CceRequestEnvelope as CceRequestEnvelope, type index$9_CceResponseEnvelope as CceResponseEnvelope, type index$9_CceResponseOptions as CceResponseOptions, type index$9_CceResponseStatus as CceResponseStatus, type index$9_CceSignature as CceSignature, type index$9_CceSignatureVerifier as CceSignatureVerifier, index$9_CceTpsWindowSensor as CceTpsWindowSensor, type index$9_CceVerificationState as CceVerificationState, type index$9_CceWitnessRecord as CceWitnessRecord, type index$9_CceWitnessStore as CceWitnessStore, index$9_InMemoryCceReplayStore as InMemoryCceReplayStore, index$9_InMemoryCceWitnessStore as InMemoryCceWitnessStore, index$9_aesGcmDecrypt as aesGcmDecrypt, index$9_aesGcmEncrypt as aesGcmEncrypt, index$9_base64UrlDecode as base64UrlDecode, index$9_base64UrlEncode as base64UrlEncode, index$9_buildCceErrorResponse as buildCceErrorResponse, index$9_buildCceResponse as buildCceResponse, index$9_buildExecutionContext as buildExecutionContext, index$9_buildWitnessRecord as buildWitnessRecord, index$9_deriveRequestExecutionKey as deriveRequestExecutionKey, index$9_deriveResponseExecutionKey as deriveResponseExecutionKey, index$9_deriveWitnessKey as deriveWitnessKey, index$9_executeCcePipeline as executeCcePipeline, index$9_extractVerificationState as extractVerificationState, index$9_generateAesKey as generateAesKey, index$9_generateCceNonce as generateCceNonce, index$9_generateIv as generateIv, index$9_hashPayload as hashPayload, index$9_nodeAesGcmProvider as nodeAesGcmProvider };
|
|
2384
|
+
export { index$9_CCE_AES_KEY_BYTES as CCE_AES_KEY_BYTES, index$9_CCE_DERIVATION as CCE_DERIVATION, index$9_CCE_ERROR as CCE_ERROR, index$9_CCE_IV_BYTES as CCE_IV_BYTES, index$9_CCE_NONCE_BYTES as CCE_NONCE_BYTES, index$9_CCE_PROTOCOL_VERSION as CCE_PROTOCOL_VERSION, index$9_CCE_TAG_BYTES as CCE_TAG_BYTES, type index$9_CceAesGcmProvider as CceAesGcmProvider, type index$9_CceAlgorithm as CceAlgorithm, type index$9_CceAlgorithmDescriptor as CceAlgorithmDescriptor, index$9_CceAudienceIntentBindingSensor as CceAudienceIntentBindingSensor, type index$9_CceAxisKeyProvider as CceAxisKeyProvider, type index$9_CceAxisSigner as CceAxisSigner, type index$9_CceCapsuleClaims as CceCapsuleClaims, type index$9_CceCapsuleSignatureVerifier as CceCapsuleSignatureVerifier, index$9_CceCapsuleVerificationSensor as CceCapsuleVerificationSensor, type index$9_CceClientKeyEncryptor as CceClientKeyEncryptor, type index$9_CceClientKeyResolver as CceClientKeyResolver, index$9_CceClientSignatureSensor as CceClientSignatureSensor, type index$9_CceConstraints as CceConstraints, type index$9_CceDerivationInput as CceDerivationInput, type index$9_CceEncryptedKey as CceEncryptedKey, type index$9_CceEncryptedPayload as CceEncryptedPayload, index$9_CceEnvelopeValidationSensor as CceEnvelopeValidationSensor, index$9_CceError as CceError, type index$9_CceErrorCode as CceErrorCode, type index$9_CceExecutionContext as CceExecutionContext, type index$9_CceHandler as CceHandler, type index$9_CceHandlerContext as CceHandlerContext, type index$9_CceHandlerResult as CceHandlerResult, type index$9_CceIssuerKeyResolver as CceIssuerKeyResolver, type index$9_CceKdfAlgorithm as CceKdfAlgorithm, type index$9_CceKemAlgorithm as CceKemAlgorithm, index$9_CcePayloadDecryptionSensor as CcePayloadDecryptionSensor, type index$9_CcePayloadValidator as CcePayloadValidator, type index$9_CcePayloadValidatorResult as CcePayloadValidatorResult, type index$9_CcePipelineConfig as CcePipelineConfig, type index$9_CcePipelineResult as CcePipelineResult, type index$9_CcePolicyContext as CcePolicyContext, type index$9_CcePolicyDecision as CcePolicyDecision, type index$9_CcePolicyEvaluator as CcePolicyEvaluator, index$9_CceReplayProtectionSensor as CceReplayProtectionSensor, type index$9_CceReplayStore as CceReplayStore, type index$9_CceRequestEnvelope as CceRequestEnvelope, type index$9_CceResponseEnvelope as CceResponseEnvelope, type index$9_CceResponseOptions as CceResponseOptions, type index$9_CceResponseStatus as CceResponseStatus, type index$9_CceSignature as CceSignature, type index$9_CceSignatureVerifier as CceSignatureVerifier, index$9_CceTpsWindowSensor as CceTpsWindowSensor, type index$9_CceVerificationState as CceVerificationState, type index$9_CceWitnessRecord as CceWitnessRecord, type index$9_CceWitnessStore as CceWitnessStore, index$9_InMemoryCceReplayStore as InMemoryCceReplayStore, index$9_InMemoryCceWitnessStore as InMemoryCceWitnessStore, index$9_aesGcmDecrypt as aesGcmDecrypt, index$9_aesGcmEncrypt as aesGcmEncrypt, index$9_base64UrlDecode as base64UrlDecode, index$9_base64UrlEncode as base64UrlEncode, index$9_buildCceErrorResponse as buildCceErrorResponse, index$9_buildCceResponse as buildCceResponse, index$9_buildExecutionContext as buildExecutionContext, index$9_buildWitnessRecord as buildWitnessRecord, index$9_deriveRequestExecutionKey as deriveRequestExecutionKey, index$9_deriveResponseExecutionKey as deriveResponseExecutionKey, index$9_deriveWitnessKey as deriveWitnessKey, index$9_executeCcePipeline as executeCcePipeline, index$9_extractVerificationState as extractVerificationState, index$9_generateAesKey as generateAesKey, index$9_generateCceNonce as generateCceNonce, index$9_generateIv as generateIv, index$9_hashPayload as hashPayload, index$9_nodeAesGcmProvider as nodeAesGcmProvider };
|
|
2352
2385
|
}
|
|
2353
2386
|
|
|
2354
2387
|
type ProofType = 1 | 2 | 3 | 4;
|
|
@@ -2906,4 +2939,4 @@ declare namespace index {
|
|
|
2906
2939
|
export { index_encodeAxisTlvDto as encodeAxisTlvDto };
|
|
2907
2940
|
}
|
|
2908
2941
|
|
|
2909
|
-
export { ATS1_HDR, ATS1_SCHEMA, AXIS_OPCODES, AXIS_UPLOAD_FILE_STORE, AXIS_UPLOAD_RECEIPT_SIGNER, AXIS_UPLOAD_SESSION_STORE, ats1 as Ats1Codec, type Axis1DecodedFrame, type Axis1FrameToEncode, type AxisAlg$1 as AxisAlg, type AxisPacket as AxisBinaryPacket, type AxisCapsule, type AxisCapsuleConstraints, type AxisCapsulePayload, AxisContext$1 as AxisContext, type AxisCrudHandler, type AxisDecoded, AxisDemoPubkey, type AxisEffect, AxisFilesDownloadHandler, AxisFilesFinalizeHandler, AxisFrame$2 as AxisFrame, type AxisHandler, type AxisHandlerInit, AxisIdDto, AxisIp, type AxisAlg as AxisJsonAlg, type AxisFrame$1 as AxisJsonFrame, type AxisResponse as AxisJsonResponse, type AxisSig as AxisJsonSig, type AxisObservation, type AxisObservedContext, type AxisPacket$1 as AxisPacket, T as AxisPacketTags, AxisPartialType, type AxisPostSensor, type AxisPreSensor, AxisRaw, type AxisRequestContext, type AxisRequestData, AxisResponseDto, type AxisSensor, AxisSensorChainService, type AxisSensorInit, type AxisSig$1 as AxisSig, AxisTlvDto, BAND, CAPABILITIES, CCE_ERROR, CCE_PROTOCOL_VERSION, type Capability, type CapsuleMode, type CceCapsuleClaims as CceCapsuleClaimsType, CceError, type CceExecutionContext as CceExecutionContextType, type CceHandler, type CceHandlerContext, type CceHandlerResult, type CcePipelineConfig, type CcePipelineResult, type CceRequestEnvelope as CceRequestEnvelopeType, type CceResponseEnvelope as CceResponseEnvelopeType, type CceWitnessRecord as CceWitnessRecordType, type ChainResult, ContractViolationError, DEFAULT_CONTRACTS, DEFAULT_TIMEOUT, Decision, DiskUploadFileStore, type DtoSchema, type ExecutionContract, ExecutionMeter, type ExecutionMetrics, FALLBACK_CONTRACT, type Grant, type GrantCapability, type GrantMeta, type GrantStatus, type GrantType, type GrantValidationResult, HANDLER_METADATA_KEY, HANDLER_SENSORS_KEY, Handler, HandlerDiscoveryService, HandlerSensors, INTENT_BODY_KEY, INTENT_METADATA_KEY, INTENT_REQUIREMENTS, INTENT_ROUTES_KEY, INTENT_SENSITIVITY_MAP, INTENT_SENSORS_KEY, INTENT_TIMEOUTS, Intent, IntentBody, type IntentDefinition, type IntentKind, type IntentOptions, type IntentRoute, IntentRouter, IntentSensitivity, IntentSensors, type IntentTlvField, type KeyStatus, type LoomReceipt, type LoomValidationResult, type ObservationQueueConfig, type ObservationQueueMessage, type ObservationSensor, type ObservationStage, type ObservationStreamEntry, type ObservationWitnessSummary, type ObserverVerdict, PRE_DECODE_BOUNDARY, PROOF_CAPABILITIES, type PresenceChallenge, type PresenceDeclaration, type PresenceProof, type PresenceReceipt, type PresenceStatus, type PresenceVerifyResult, RESPONSE_TAG_CREATED_AT, RESPONSE_TAG_CREATED_BY, RESPONSE_TAG_ID, RESPONSE_TAG_UPDATED_AT, RESPONSE_TAG_UPDATED_BY, type ReceiptEffect, type ResponseContract, ResponseObserver, type ResponseObserverContext, type Revocation, type RevocationTargetType, RiskDecision, type RiskEvaluation, type RiskSignal, SENSOR_METADATA_KEY, Schema2002_PasskeyLoginOptionsRes, Schema2011_PasskeyLoginVerifyReq, Schema2012_PasskeyLoginVerifyRes, Schema2021_PasskeyRegisterOptionsReq, Sensor, type SensorBand, type SensorDecision, SensorDecisions, SensorDiscoveryService, type SensorInput, type SensorMinifiedDecision, type SensorOptions, type SensorPhase, type SensorPhaseMetadata, SensorRegistry, TLV_FIELDS_KEY, TLV_VALIDATORS_KEY, type ThreadState, TlvEnum, TlvField, type TlvFieldKind, type TlvFieldMeta, type TlvFieldOptions, TlvMinLen, TlvRange, TlvUtf8Pattern, TlvValidate, type TlvValidatorFn, type TlvValidatorMeta, type UnsignedObservationWitness, type UploadFileStat, type UploadFileStore, type UploadReceiptSigner, type UploadSessionRecord, type UploadSessionStatus, type UploadSessionStore, type Writ, type WritBody, type WritHead, type WritMeta, type WritSignature, type WritValidationResult, axis1SigningBytes, b64urlDecode, b64urlDecodeString, b64urlEncode, b64urlEncodeString, buildAts1Hdr, buildDtoDecoder, buildPacket, buildQueueMessage, buildReceiptHash, buildTLVs, buildUnsignedWitness, bytes, canAccessResource, canonicalJson, canonicalJsonExcluding, canonicalizeGrant, canonicalizeObservation, canonicalizeWrit, index$9 as cce, classifyIntent, createObservation, index$8 as crypto, decodeAxis1Frame, decodeQueueMessage, index$7 as decorators, deriveAnchorReflection, encVarint, encodeAxis1Frame, encodeAxisTlvDto, encodeQueueMessage, endStage, index$5 as engine, executeCcePipeline, extractDtoSchema, finalizeObservation, hasScope, hashObservation, isAdminOpcode, isKnownOpcode, isTimestampValid, index$4 as loom, nonce16, normalizeSensorDecision, packPasskeyLoginOptionsReq, packPasskeyLoginOptionsRes, packPasskeyLoginVerifyReq, packPasskeyLoginVerifyRes, packPasskeyRegisterOptionsReq, parseAutoClaimEntries, parseScope, parseStreamEntries, recordSensor, resolveTimeout, index$3 as schemas, index$2 as security, sensitivityName, index$1 as sensors, stableJsonStringify, startStage, tlv, u64be, unpackPasskeyLoginOptionsReq, unpackPasskeyLoginVerifyReq, unpackPasskeyRegisterOptionsReq, utf8, index as utils, validateFrameShape, varintU, verifyResponse };
|
|
2942
|
+
export { ATS1_HDR, ATS1_SCHEMA, AXIS_OPCODES, AXIS_UPLOAD_FILE_STORE, AXIS_UPLOAD_RECEIPT_SIGNER, AXIS_UPLOAD_SESSION_STORE, ats1 as Ats1Codec, type Axis1DecodedFrame, type Axis1FrameToEncode, type AxisAlg$1 as AxisAlg, type AxisPacket as AxisBinaryPacket, type AxisCapsule, type AxisCapsuleConstraints, type AxisCapsulePayload, AxisContext$1 as AxisContext, type AxisCrudHandler, type AxisDecoded, AxisDemoPubkey, type AxisEffect, AxisFilesDownloadHandler, AxisFilesFinalizeHandler, AxisFrame$2 as AxisFrame, type AxisHandler, type AxisHandlerInit, AxisIdDto, AxisIp, type AxisAlg as AxisJsonAlg, type AxisFrame$1 as AxisJsonFrame, type AxisResponse as AxisJsonResponse, type AxisSig as AxisJsonSig, type AxisObservation, type AxisObservedContext, type AxisPacket$1 as AxisPacket, T as AxisPacketTags, AxisPartialType, type AxisPostSensor, type AxisPreSensor, AxisRaw, type AxisRequestContext, type AxisRequestData, AxisResponseDto, type AxisSensor, AxisSensorChainService, type AxisSensorInit, type AxisSig$1 as AxisSig, AxisTlvDto, BAND, CAPABILITIES, CCE_ERROR, CCE_PROTOCOL_VERSION, type Capability, type CapsuleMode, type CceCapsuleClaims as CceCapsuleClaimsType, CceError, type CceExecutionContext as CceExecutionContextType, type CceHandler, type CceHandlerContext, type CceHandlerResult, type CcePipelineConfig, type CcePipelineResult, type CcePolicyContext, type CcePolicyDecision, type CcePolicyEvaluator, type CceRequestEnvelope as CceRequestEnvelopeType, type CceResponseEnvelope as CceResponseEnvelopeType, type CceWitnessRecord as CceWitnessRecordType, type ChainResult, ContractViolationError, DEFAULT_CONTRACTS, DEFAULT_TIMEOUT, Decision, DiskUploadFileStore, type DtoSchema, type ExecutionContract, ExecutionMeter, type ExecutionMetrics, FALLBACK_CONTRACT, type Grant, type GrantCapability, type GrantMeta, type GrantStatus, type GrantType, type GrantValidationResult, HANDLER_METADATA_KEY, HANDLER_SENSORS_KEY, Handler, HandlerDiscoveryService, HandlerSensors, INTENT_BODY_KEY, INTENT_METADATA_KEY, INTENT_REQUIREMENTS, INTENT_ROUTES_KEY, INTENT_SENSITIVITY_MAP, INTENT_SENSORS_KEY, INTENT_TIMEOUTS, Intent, IntentBody, type IntentDefinition, type IntentKind, type IntentOptions, type IntentRoute, IntentRouter, IntentSensitivity, IntentSensors, type IntentTlvField, type KeyStatus, type LoomReceipt, type LoomValidationResult, type ObservationQueueConfig, type ObservationQueueMessage, type ObservationSensor, type ObservationStage, type ObservationStreamEntry, type ObservationWitnessSummary, type ObserverVerdict, PRE_DECODE_BOUNDARY, PROOF_CAPABILITIES, type PresenceChallenge, type PresenceDeclaration, type PresenceProof, type PresenceReceipt, type PresenceStatus, type PresenceVerifyResult, RESPONSE_TAG_CREATED_AT, RESPONSE_TAG_CREATED_BY, RESPONSE_TAG_ID, RESPONSE_TAG_UPDATED_AT, RESPONSE_TAG_UPDATED_BY, type ReceiptEffect, type ResponseContract, ResponseObserver, type ResponseObserverContext, type Revocation, type RevocationTargetType, RiskDecision, type RiskEvaluation, type RiskSignal, SENSOR_METADATA_KEY, Schema2002_PasskeyLoginOptionsRes, Schema2011_PasskeyLoginVerifyReq, Schema2012_PasskeyLoginVerifyRes, Schema2021_PasskeyRegisterOptionsReq, Sensor, type SensorBand, type SensorDecision, SensorDecisions, SensorDiscoveryService, type SensorInput, type SensorMinifiedDecision, type SensorOptions, type SensorPhase, type SensorPhaseMetadata, SensorRegistry, TLV_FIELDS_KEY, TLV_VALIDATORS_KEY, type ThreadState, TlvEnum, TlvField, type TlvFieldKind, type TlvFieldMeta, type TlvFieldOptions, TlvMinLen, TlvRange, TlvUtf8Pattern, TlvValidate, type TlvValidatorFn, type TlvValidatorMeta, type UnsignedObservationWitness, type UploadFileStat, type UploadFileStore, type UploadReceiptSigner, type UploadSessionRecord, type UploadSessionStatus, type UploadSessionStore, type Writ, type WritBody, type WritHead, type WritMeta, type WritSignature, type WritValidationResult, axis1SigningBytes, b64urlDecode, b64urlDecodeString, b64urlEncode, b64urlEncodeString, buildAts1Hdr, buildDtoDecoder, buildPacket, buildQueueMessage, buildReceiptHash, buildTLVs, buildUnsignedWitness, bytes, canAccessResource, canonicalJson, canonicalJsonExcluding, canonicalizeGrant, canonicalizeObservation, canonicalizeWrit, index$9 as cce, classifyIntent, createObservation, index$8 as crypto, decodeAxis1Frame, decodeQueueMessage, index$7 as decorators, deriveAnchorReflection, encVarint, encodeAxis1Frame, encodeAxisTlvDto, encodeQueueMessage, endStage, index$5 as engine, executeCcePipeline, extractDtoSchema, finalizeObservation, hasScope, hashObservation, isAdminOpcode, isKnownOpcode, isTimestampValid, index$4 as loom, nonce16, normalizeSensorDecision, packPasskeyLoginOptionsReq, packPasskeyLoginOptionsRes, packPasskeyLoginVerifyReq, packPasskeyLoginVerifyRes, packPasskeyRegisterOptionsReq, parseAutoClaimEntries, parseScope, parseStreamEntries, recordSensor, resolveTimeout, index$3 as schemas, index$2 as security, sensitivityName, index$1 as sensors, stableJsonStringify, startStage, tlv, u64be, unpackPasskeyLoginOptionsReq, unpackPasskeyLoginVerifyReq, unpackPasskeyRegisterOptionsReq, utf8, index as utils, validateFrameShape, varintU, verifyResponse };
|
package/dist/index.d.ts
CHANGED
|
@@ -139,6 +139,7 @@ interface CceCapsuleClaims {
|
|
|
139
139
|
tps_to: number;
|
|
140
140
|
capsule_nonce: string;
|
|
141
141
|
challenge_id: string;
|
|
142
|
+
proof_hash?: string;
|
|
142
143
|
policy_hash?: string;
|
|
143
144
|
iat: number;
|
|
144
145
|
exp: number;
|
|
@@ -195,6 +196,7 @@ interface CceResponseEnvelope {
|
|
|
195
196
|
response_id: string;
|
|
196
197
|
request_id: string;
|
|
197
198
|
correlation_id: string;
|
|
199
|
+
capsule_id: string;
|
|
198
200
|
encrypted_key: CceEncryptedKey;
|
|
199
201
|
encrypted_payload: CceEncryptedPayload;
|
|
200
202
|
response_nonce: string;
|
|
@@ -669,6 +671,21 @@ interface CceHandlerResult {
|
|
|
669
671
|
body: Uint8Array;
|
|
670
672
|
effect?: string;
|
|
671
673
|
}
|
|
674
|
+
interface CcePolicyContext {
|
|
675
|
+
envelope: CceRequestEnvelope;
|
|
676
|
+
capsule: CceCapsuleClaims;
|
|
677
|
+
executionContext: CceExecutionContext;
|
|
678
|
+
decryptedPayload: Uint8Array;
|
|
679
|
+
clientPublicKeyHex: string;
|
|
680
|
+
}
|
|
681
|
+
interface CcePolicyDecision {
|
|
682
|
+
allow: boolean;
|
|
683
|
+
code?: string;
|
|
684
|
+
message?: string;
|
|
685
|
+
}
|
|
686
|
+
interface CcePolicyEvaluator {
|
|
687
|
+
evaluate(context: CcePolicyContext): Promise<CcePolicyDecision>;
|
|
688
|
+
}
|
|
672
689
|
interface CcePipelineConfig {
|
|
673
690
|
axisLocalSecret: string;
|
|
674
691
|
axisAudience: string;
|
|
@@ -677,6 +694,7 @@ interface CcePipelineConfig {
|
|
|
677
694
|
witnessStore: CceWitnessStore;
|
|
678
695
|
clientKeyEncryptor: CceClientKeyEncryptor;
|
|
679
696
|
axisSigner: CceAxisSigner;
|
|
697
|
+
policyEvaluator?: CcePolicyEvaluator;
|
|
680
698
|
}
|
|
681
699
|
type CcePipelineResult = {
|
|
682
700
|
ok: true;
|
|
@@ -2142,14 +2160,24 @@ interface CceAxisKeyProvider {
|
|
|
2142
2160
|
interface CceAesGcmProvider {
|
|
2143
2161
|
decrypt(key: Uint8Array, iv: Uint8Array, ciphertext: Uint8Array, tag: Uint8Array, aad?: Uint8Array): Promise<Uint8Array | null>;
|
|
2144
2162
|
}
|
|
2163
|
+
interface CcePayloadValidatorResult {
|
|
2164
|
+
ok: boolean;
|
|
2165
|
+
intent?: string;
|
|
2166
|
+
code?: string;
|
|
2167
|
+
reason?: string;
|
|
2168
|
+
}
|
|
2169
|
+
interface CcePayloadValidator {
|
|
2170
|
+
validate(plaintext: Uint8Array, envelope: CceRequestEnvelope): Promise<CcePayloadValidatorResult>;
|
|
2171
|
+
}
|
|
2145
2172
|
declare class CcePayloadDecryptionSensor implements AxisSensor {
|
|
2146
2173
|
private readonly keyProvider;
|
|
2147
2174
|
private readonly aesProvider;
|
|
2148
2175
|
private readonly maxPayloadBytes;
|
|
2176
|
+
private readonly payloadValidator?;
|
|
2149
2177
|
readonly name = "cce.payload.decryption";
|
|
2150
2178
|
readonly order = 145;
|
|
2151
2179
|
readonly phase: "POST_DECODE";
|
|
2152
|
-
constructor(keyProvider: CceAxisKeyProvider, aesProvider: CceAesGcmProvider, maxPayloadBytes?: number);
|
|
2180
|
+
constructor(keyProvider: CceAxisKeyProvider, aesProvider: CceAesGcmProvider, maxPayloadBytes?: number, payloadValidator?: CcePayloadValidator | undefined);
|
|
2153
2181
|
supports(input: SensorInput): boolean;
|
|
2154
2182
|
run(input: SensorInput): Promise<SensorDecision>;
|
|
2155
2183
|
}
|
|
@@ -2309,8 +2337,13 @@ type index$9_CceKdfAlgorithm = CceKdfAlgorithm;
|
|
|
2309
2337
|
type index$9_CceKemAlgorithm = CceKemAlgorithm;
|
|
2310
2338
|
type index$9_CcePayloadDecryptionSensor = CcePayloadDecryptionSensor;
|
|
2311
2339
|
declare const index$9_CcePayloadDecryptionSensor: typeof CcePayloadDecryptionSensor;
|
|
2340
|
+
type index$9_CcePayloadValidator = CcePayloadValidator;
|
|
2341
|
+
type index$9_CcePayloadValidatorResult = CcePayloadValidatorResult;
|
|
2312
2342
|
type index$9_CcePipelineConfig = CcePipelineConfig;
|
|
2313
2343
|
type index$9_CcePipelineResult = CcePipelineResult;
|
|
2344
|
+
type index$9_CcePolicyContext = CcePolicyContext;
|
|
2345
|
+
type index$9_CcePolicyDecision = CcePolicyDecision;
|
|
2346
|
+
type index$9_CcePolicyEvaluator = CcePolicyEvaluator;
|
|
2314
2347
|
type index$9_CceReplayProtectionSensor = CceReplayProtectionSensor;
|
|
2315
2348
|
declare const index$9_CceReplayProtectionSensor: typeof CceReplayProtectionSensor;
|
|
2316
2349
|
type index$9_CceReplayStore = CceReplayStore;
|
|
@@ -2348,7 +2381,7 @@ declare const index$9_generateIv: typeof generateIv;
|
|
|
2348
2381
|
declare const index$9_hashPayload: typeof hashPayload;
|
|
2349
2382
|
declare const index$9_nodeAesGcmProvider: typeof nodeAesGcmProvider;
|
|
2350
2383
|
declare namespace index$9 {
|
|
2351
|
-
export { index$9_CCE_AES_KEY_BYTES as CCE_AES_KEY_BYTES, index$9_CCE_DERIVATION as CCE_DERIVATION, index$9_CCE_ERROR as CCE_ERROR, index$9_CCE_IV_BYTES as CCE_IV_BYTES, index$9_CCE_NONCE_BYTES as CCE_NONCE_BYTES, index$9_CCE_PROTOCOL_VERSION as CCE_PROTOCOL_VERSION, index$9_CCE_TAG_BYTES as CCE_TAG_BYTES, type index$9_CceAesGcmProvider as CceAesGcmProvider, type index$9_CceAlgorithm as CceAlgorithm, type index$9_CceAlgorithmDescriptor as CceAlgorithmDescriptor, index$9_CceAudienceIntentBindingSensor as CceAudienceIntentBindingSensor, type index$9_CceAxisKeyProvider as CceAxisKeyProvider, type index$9_CceAxisSigner as CceAxisSigner, type index$9_CceCapsuleClaims as CceCapsuleClaims, type index$9_CceCapsuleSignatureVerifier as CceCapsuleSignatureVerifier, index$9_CceCapsuleVerificationSensor as CceCapsuleVerificationSensor, type index$9_CceClientKeyEncryptor as CceClientKeyEncryptor, type index$9_CceClientKeyResolver as CceClientKeyResolver, index$9_CceClientSignatureSensor as CceClientSignatureSensor, type index$9_CceConstraints as CceConstraints, type index$9_CceDerivationInput as CceDerivationInput, type index$9_CceEncryptedKey as CceEncryptedKey, type index$9_CceEncryptedPayload as CceEncryptedPayload, index$9_CceEnvelopeValidationSensor as CceEnvelopeValidationSensor, index$9_CceError as CceError, type index$9_CceErrorCode as CceErrorCode, type index$9_CceExecutionContext as CceExecutionContext, type index$9_CceHandler as CceHandler, type index$9_CceHandlerContext as CceHandlerContext, type index$9_CceHandlerResult as CceHandlerResult, type index$9_CceIssuerKeyResolver as CceIssuerKeyResolver, type index$9_CceKdfAlgorithm as CceKdfAlgorithm, type index$9_CceKemAlgorithm as CceKemAlgorithm, index$9_CcePayloadDecryptionSensor as CcePayloadDecryptionSensor, type index$9_CcePipelineConfig as CcePipelineConfig, type index$9_CcePipelineResult as CcePipelineResult, index$9_CceReplayProtectionSensor as CceReplayProtectionSensor, type index$9_CceReplayStore as CceReplayStore, type index$9_CceRequestEnvelope as CceRequestEnvelope, type index$9_CceResponseEnvelope as CceResponseEnvelope, type index$9_CceResponseOptions as CceResponseOptions, type index$9_CceResponseStatus as CceResponseStatus, type index$9_CceSignature as CceSignature, type index$9_CceSignatureVerifier as CceSignatureVerifier, index$9_CceTpsWindowSensor as CceTpsWindowSensor, type index$9_CceVerificationState as CceVerificationState, type index$9_CceWitnessRecord as CceWitnessRecord, type index$9_CceWitnessStore as CceWitnessStore, index$9_InMemoryCceReplayStore as InMemoryCceReplayStore, index$9_InMemoryCceWitnessStore as InMemoryCceWitnessStore, index$9_aesGcmDecrypt as aesGcmDecrypt, index$9_aesGcmEncrypt as aesGcmEncrypt, index$9_base64UrlDecode as base64UrlDecode, index$9_base64UrlEncode as base64UrlEncode, index$9_buildCceErrorResponse as buildCceErrorResponse, index$9_buildCceResponse as buildCceResponse, index$9_buildExecutionContext as buildExecutionContext, index$9_buildWitnessRecord as buildWitnessRecord, index$9_deriveRequestExecutionKey as deriveRequestExecutionKey, index$9_deriveResponseExecutionKey as deriveResponseExecutionKey, index$9_deriveWitnessKey as deriveWitnessKey, index$9_executeCcePipeline as executeCcePipeline, index$9_extractVerificationState as extractVerificationState, index$9_generateAesKey as generateAesKey, index$9_generateCceNonce as generateCceNonce, index$9_generateIv as generateIv, index$9_hashPayload as hashPayload, index$9_nodeAesGcmProvider as nodeAesGcmProvider };
|
|
2384
|
+
export { index$9_CCE_AES_KEY_BYTES as CCE_AES_KEY_BYTES, index$9_CCE_DERIVATION as CCE_DERIVATION, index$9_CCE_ERROR as CCE_ERROR, index$9_CCE_IV_BYTES as CCE_IV_BYTES, index$9_CCE_NONCE_BYTES as CCE_NONCE_BYTES, index$9_CCE_PROTOCOL_VERSION as CCE_PROTOCOL_VERSION, index$9_CCE_TAG_BYTES as CCE_TAG_BYTES, type index$9_CceAesGcmProvider as CceAesGcmProvider, type index$9_CceAlgorithm as CceAlgorithm, type index$9_CceAlgorithmDescriptor as CceAlgorithmDescriptor, index$9_CceAudienceIntentBindingSensor as CceAudienceIntentBindingSensor, type index$9_CceAxisKeyProvider as CceAxisKeyProvider, type index$9_CceAxisSigner as CceAxisSigner, type index$9_CceCapsuleClaims as CceCapsuleClaims, type index$9_CceCapsuleSignatureVerifier as CceCapsuleSignatureVerifier, index$9_CceCapsuleVerificationSensor as CceCapsuleVerificationSensor, type index$9_CceClientKeyEncryptor as CceClientKeyEncryptor, type index$9_CceClientKeyResolver as CceClientKeyResolver, index$9_CceClientSignatureSensor as CceClientSignatureSensor, type index$9_CceConstraints as CceConstraints, type index$9_CceDerivationInput as CceDerivationInput, type index$9_CceEncryptedKey as CceEncryptedKey, type index$9_CceEncryptedPayload as CceEncryptedPayload, index$9_CceEnvelopeValidationSensor as CceEnvelopeValidationSensor, index$9_CceError as CceError, type index$9_CceErrorCode as CceErrorCode, type index$9_CceExecutionContext as CceExecutionContext, type index$9_CceHandler as CceHandler, type index$9_CceHandlerContext as CceHandlerContext, type index$9_CceHandlerResult as CceHandlerResult, type index$9_CceIssuerKeyResolver as CceIssuerKeyResolver, type index$9_CceKdfAlgorithm as CceKdfAlgorithm, type index$9_CceKemAlgorithm as CceKemAlgorithm, index$9_CcePayloadDecryptionSensor as CcePayloadDecryptionSensor, type index$9_CcePayloadValidator as CcePayloadValidator, type index$9_CcePayloadValidatorResult as CcePayloadValidatorResult, type index$9_CcePipelineConfig as CcePipelineConfig, type index$9_CcePipelineResult as CcePipelineResult, type index$9_CcePolicyContext as CcePolicyContext, type index$9_CcePolicyDecision as CcePolicyDecision, type index$9_CcePolicyEvaluator as CcePolicyEvaluator, index$9_CceReplayProtectionSensor as CceReplayProtectionSensor, type index$9_CceReplayStore as CceReplayStore, type index$9_CceRequestEnvelope as CceRequestEnvelope, type index$9_CceResponseEnvelope as CceResponseEnvelope, type index$9_CceResponseOptions as CceResponseOptions, type index$9_CceResponseStatus as CceResponseStatus, type index$9_CceSignature as CceSignature, type index$9_CceSignatureVerifier as CceSignatureVerifier, index$9_CceTpsWindowSensor as CceTpsWindowSensor, type index$9_CceVerificationState as CceVerificationState, type index$9_CceWitnessRecord as CceWitnessRecord, type index$9_CceWitnessStore as CceWitnessStore, index$9_InMemoryCceReplayStore as InMemoryCceReplayStore, index$9_InMemoryCceWitnessStore as InMemoryCceWitnessStore, index$9_aesGcmDecrypt as aesGcmDecrypt, index$9_aesGcmEncrypt as aesGcmEncrypt, index$9_base64UrlDecode as base64UrlDecode, index$9_base64UrlEncode as base64UrlEncode, index$9_buildCceErrorResponse as buildCceErrorResponse, index$9_buildCceResponse as buildCceResponse, index$9_buildExecutionContext as buildExecutionContext, index$9_buildWitnessRecord as buildWitnessRecord, index$9_deriveRequestExecutionKey as deriveRequestExecutionKey, index$9_deriveResponseExecutionKey as deriveResponseExecutionKey, index$9_deriveWitnessKey as deriveWitnessKey, index$9_executeCcePipeline as executeCcePipeline, index$9_extractVerificationState as extractVerificationState, index$9_generateAesKey as generateAesKey, index$9_generateCceNonce as generateCceNonce, index$9_generateIv as generateIv, index$9_hashPayload as hashPayload, index$9_nodeAesGcmProvider as nodeAesGcmProvider };
|
|
2352
2385
|
}
|
|
2353
2386
|
|
|
2354
2387
|
type ProofType = 1 | 2 | 3 | 4;
|
|
@@ -2906,4 +2939,4 @@ declare namespace index {
|
|
|
2906
2939
|
export { index_encodeAxisTlvDto as encodeAxisTlvDto };
|
|
2907
2940
|
}
|
|
2908
2941
|
|
|
2909
|
-
export { ATS1_HDR, ATS1_SCHEMA, AXIS_OPCODES, AXIS_UPLOAD_FILE_STORE, AXIS_UPLOAD_RECEIPT_SIGNER, AXIS_UPLOAD_SESSION_STORE, ats1 as Ats1Codec, type Axis1DecodedFrame, type Axis1FrameToEncode, type AxisAlg$1 as AxisAlg, type AxisPacket as AxisBinaryPacket, type AxisCapsule, type AxisCapsuleConstraints, type AxisCapsulePayload, AxisContext$1 as AxisContext, type AxisCrudHandler, type AxisDecoded, AxisDemoPubkey, type AxisEffect, AxisFilesDownloadHandler, AxisFilesFinalizeHandler, AxisFrame$2 as AxisFrame, type AxisHandler, type AxisHandlerInit, AxisIdDto, AxisIp, type AxisAlg as AxisJsonAlg, type AxisFrame$1 as AxisJsonFrame, type AxisResponse as AxisJsonResponse, type AxisSig as AxisJsonSig, type AxisObservation, type AxisObservedContext, type AxisPacket$1 as AxisPacket, T as AxisPacketTags, AxisPartialType, type AxisPostSensor, type AxisPreSensor, AxisRaw, type AxisRequestContext, type AxisRequestData, AxisResponseDto, type AxisSensor, AxisSensorChainService, type AxisSensorInit, type AxisSig$1 as AxisSig, AxisTlvDto, BAND, CAPABILITIES, CCE_ERROR, CCE_PROTOCOL_VERSION, type Capability, type CapsuleMode, type CceCapsuleClaims as CceCapsuleClaimsType, CceError, type CceExecutionContext as CceExecutionContextType, type CceHandler, type CceHandlerContext, type CceHandlerResult, type CcePipelineConfig, type CcePipelineResult, type CceRequestEnvelope as CceRequestEnvelopeType, type CceResponseEnvelope as CceResponseEnvelopeType, type CceWitnessRecord as CceWitnessRecordType, type ChainResult, ContractViolationError, DEFAULT_CONTRACTS, DEFAULT_TIMEOUT, Decision, DiskUploadFileStore, type DtoSchema, type ExecutionContract, ExecutionMeter, type ExecutionMetrics, FALLBACK_CONTRACT, type Grant, type GrantCapability, type GrantMeta, type GrantStatus, type GrantType, type GrantValidationResult, HANDLER_METADATA_KEY, HANDLER_SENSORS_KEY, Handler, HandlerDiscoveryService, HandlerSensors, INTENT_BODY_KEY, INTENT_METADATA_KEY, INTENT_REQUIREMENTS, INTENT_ROUTES_KEY, INTENT_SENSITIVITY_MAP, INTENT_SENSORS_KEY, INTENT_TIMEOUTS, Intent, IntentBody, type IntentDefinition, type IntentKind, type IntentOptions, type IntentRoute, IntentRouter, IntentSensitivity, IntentSensors, type IntentTlvField, type KeyStatus, type LoomReceipt, type LoomValidationResult, type ObservationQueueConfig, type ObservationQueueMessage, type ObservationSensor, type ObservationStage, type ObservationStreamEntry, type ObservationWitnessSummary, type ObserverVerdict, PRE_DECODE_BOUNDARY, PROOF_CAPABILITIES, type PresenceChallenge, type PresenceDeclaration, type PresenceProof, type PresenceReceipt, type PresenceStatus, type PresenceVerifyResult, RESPONSE_TAG_CREATED_AT, RESPONSE_TAG_CREATED_BY, RESPONSE_TAG_ID, RESPONSE_TAG_UPDATED_AT, RESPONSE_TAG_UPDATED_BY, type ReceiptEffect, type ResponseContract, ResponseObserver, type ResponseObserverContext, type Revocation, type RevocationTargetType, RiskDecision, type RiskEvaluation, type RiskSignal, SENSOR_METADATA_KEY, Schema2002_PasskeyLoginOptionsRes, Schema2011_PasskeyLoginVerifyReq, Schema2012_PasskeyLoginVerifyRes, Schema2021_PasskeyRegisterOptionsReq, Sensor, type SensorBand, type SensorDecision, SensorDecisions, SensorDiscoveryService, type SensorInput, type SensorMinifiedDecision, type SensorOptions, type SensorPhase, type SensorPhaseMetadata, SensorRegistry, TLV_FIELDS_KEY, TLV_VALIDATORS_KEY, type ThreadState, TlvEnum, TlvField, type TlvFieldKind, type TlvFieldMeta, type TlvFieldOptions, TlvMinLen, TlvRange, TlvUtf8Pattern, TlvValidate, type TlvValidatorFn, type TlvValidatorMeta, type UnsignedObservationWitness, type UploadFileStat, type UploadFileStore, type UploadReceiptSigner, type UploadSessionRecord, type UploadSessionStatus, type UploadSessionStore, type Writ, type WritBody, type WritHead, type WritMeta, type WritSignature, type WritValidationResult, axis1SigningBytes, b64urlDecode, b64urlDecodeString, b64urlEncode, b64urlEncodeString, buildAts1Hdr, buildDtoDecoder, buildPacket, buildQueueMessage, buildReceiptHash, buildTLVs, buildUnsignedWitness, bytes, canAccessResource, canonicalJson, canonicalJsonExcluding, canonicalizeGrant, canonicalizeObservation, canonicalizeWrit, index$9 as cce, classifyIntent, createObservation, index$8 as crypto, decodeAxis1Frame, decodeQueueMessage, index$7 as decorators, deriveAnchorReflection, encVarint, encodeAxis1Frame, encodeAxisTlvDto, encodeQueueMessage, endStage, index$5 as engine, executeCcePipeline, extractDtoSchema, finalizeObservation, hasScope, hashObservation, isAdminOpcode, isKnownOpcode, isTimestampValid, index$4 as loom, nonce16, normalizeSensorDecision, packPasskeyLoginOptionsReq, packPasskeyLoginOptionsRes, packPasskeyLoginVerifyReq, packPasskeyLoginVerifyRes, packPasskeyRegisterOptionsReq, parseAutoClaimEntries, parseScope, parseStreamEntries, recordSensor, resolveTimeout, index$3 as schemas, index$2 as security, sensitivityName, index$1 as sensors, stableJsonStringify, startStage, tlv, u64be, unpackPasskeyLoginOptionsReq, unpackPasskeyLoginVerifyReq, unpackPasskeyRegisterOptionsReq, utf8, index as utils, validateFrameShape, varintU, verifyResponse };
|
|
2942
|
+
export { ATS1_HDR, ATS1_SCHEMA, AXIS_OPCODES, AXIS_UPLOAD_FILE_STORE, AXIS_UPLOAD_RECEIPT_SIGNER, AXIS_UPLOAD_SESSION_STORE, ats1 as Ats1Codec, type Axis1DecodedFrame, type Axis1FrameToEncode, type AxisAlg$1 as AxisAlg, type AxisPacket as AxisBinaryPacket, type AxisCapsule, type AxisCapsuleConstraints, type AxisCapsulePayload, AxisContext$1 as AxisContext, type AxisCrudHandler, type AxisDecoded, AxisDemoPubkey, type AxisEffect, AxisFilesDownloadHandler, AxisFilesFinalizeHandler, AxisFrame$2 as AxisFrame, type AxisHandler, type AxisHandlerInit, AxisIdDto, AxisIp, type AxisAlg as AxisJsonAlg, type AxisFrame$1 as AxisJsonFrame, type AxisResponse as AxisJsonResponse, type AxisSig as AxisJsonSig, type AxisObservation, type AxisObservedContext, type AxisPacket$1 as AxisPacket, T as AxisPacketTags, AxisPartialType, type AxisPostSensor, type AxisPreSensor, AxisRaw, type AxisRequestContext, type AxisRequestData, AxisResponseDto, type AxisSensor, AxisSensorChainService, type AxisSensorInit, type AxisSig$1 as AxisSig, AxisTlvDto, BAND, CAPABILITIES, CCE_ERROR, CCE_PROTOCOL_VERSION, type Capability, type CapsuleMode, type CceCapsuleClaims as CceCapsuleClaimsType, CceError, type CceExecutionContext as CceExecutionContextType, type CceHandler, type CceHandlerContext, type CceHandlerResult, type CcePipelineConfig, type CcePipelineResult, type CcePolicyContext, type CcePolicyDecision, type CcePolicyEvaluator, type CceRequestEnvelope as CceRequestEnvelopeType, type CceResponseEnvelope as CceResponseEnvelopeType, type CceWitnessRecord as CceWitnessRecordType, type ChainResult, ContractViolationError, DEFAULT_CONTRACTS, DEFAULT_TIMEOUT, Decision, DiskUploadFileStore, type DtoSchema, type ExecutionContract, ExecutionMeter, type ExecutionMetrics, FALLBACK_CONTRACT, type Grant, type GrantCapability, type GrantMeta, type GrantStatus, type GrantType, type GrantValidationResult, HANDLER_METADATA_KEY, HANDLER_SENSORS_KEY, Handler, HandlerDiscoveryService, HandlerSensors, INTENT_BODY_KEY, INTENT_METADATA_KEY, INTENT_REQUIREMENTS, INTENT_ROUTES_KEY, INTENT_SENSITIVITY_MAP, INTENT_SENSORS_KEY, INTENT_TIMEOUTS, Intent, IntentBody, type IntentDefinition, type IntentKind, type IntentOptions, type IntentRoute, IntentRouter, IntentSensitivity, IntentSensors, type IntentTlvField, type KeyStatus, type LoomReceipt, type LoomValidationResult, type ObservationQueueConfig, type ObservationQueueMessage, type ObservationSensor, type ObservationStage, type ObservationStreamEntry, type ObservationWitnessSummary, type ObserverVerdict, PRE_DECODE_BOUNDARY, PROOF_CAPABILITIES, type PresenceChallenge, type PresenceDeclaration, type PresenceProof, type PresenceReceipt, type PresenceStatus, type PresenceVerifyResult, RESPONSE_TAG_CREATED_AT, RESPONSE_TAG_CREATED_BY, RESPONSE_TAG_ID, RESPONSE_TAG_UPDATED_AT, RESPONSE_TAG_UPDATED_BY, type ReceiptEffect, type ResponseContract, ResponseObserver, type ResponseObserverContext, type Revocation, type RevocationTargetType, RiskDecision, type RiskEvaluation, type RiskSignal, SENSOR_METADATA_KEY, Schema2002_PasskeyLoginOptionsRes, Schema2011_PasskeyLoginVerifyReq, Schema2012_PasskeyLoginVerifyRes, Schema2021_PasskeyRegisterOptionsReq, Sensor, type SensorBand, type SensorDecision, SensorDecisions, SensorDiscoveryService, type SensorInput, type SensorMinifiedDecision, type SensorOptions, type SensorPhase, type SensorPhaseMetadata, SensorRegistry, TLV_FIELDS_KEY, TLV_VALIDATORS_KEY, type ThreadState, TlvEnum, TlvField, type TlvFieldKind, type TlvFieldMeta, type TlvFieldOptions, TlvMinLen, TlvRange, TlvUtf8Pattern, TlvValidate, type TlvValidatorFn, type TlvValidatorMeta, type UnsignedObservationWitness, type UploadFileStat, type UploadFileStore, type UploadReceiptSigner, type UploadSessionRecord, type UploadSessionStatus, type UploadSessionStore, type Writ, type WritBody, type WritHead, type WritMeta, type WritSignature, type WritValidationResult, axis1SigningBytes, b64urlDecode, b64urlDecodeString, b64urlEncode, b64urlEncodeString, buildAts1Hdr, buildDtoDecoder, buildPacket, buildQueueMessage, buildReceiptHash, buildTLVs, buildUnsignedWitness, bytes, canAccessResource, canonicalJson, canonicalJsonExcluding, canonicalizeGrant, canonicalizeObservation, canonicalizeWrit, index$9 as cce, classifyIntent, createObservation, index$8 as crypto, decodeAxis1Frame, decodeQueueMessage, index$7 as decorators, deriveAnchorReflection, encVarint, encodeAxis1Frame, encodeAxisTlvDto, encodeQueueMessage, endStage, index$5 as engine, executeCcePipeline, extractDtoSchema, finalizeObservation, hasScope, hashObservation, isAdminOpcode, isKnownOpcode, isTimestampValid, index$4 as loom, nonce16, normalizeSensorDecision, packPasskeyLoginOptionsReq, packPasskeyLoginOptionsRes, packPasskeyLoginVerifyReq, packPasskeyLoginVerifyRes, packPasskeyRegisterOptionsReq, parseAutoClaimEntries, parseScope, parseStreamEntries, recordSensor, resolveTimeout, index$3 as schemas, index$2 as security, sensitivityName, index$1 as sensors, stableJsonStringify, startStage, tlv, u64be, unpackPasskeyLoginOptionsReq, unpackPasskeyLoginVerifyReq, unpackPasskeyRegisterOptionsReq, utf8, index as utils, validateFrameShape, varintU, verifyResponse };
|