@nextera.one/tps-standard 0.4.3 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. package/README.md +268 -49
  2. package/dist/index.d.ts +366 -2
  3. package/dist/index.js +724 -1
  4. package/dist/src/index.js +693 -0
  5. package/dist/test/src/index.js +960 -0
  6. package/dist/test/test/persian-calendar.test.js +488 -0
  7. package/dist/test/test/tps-uid.test.js +295 -0
  8. package/dist/test/tps-uid.test.js +240 -0
  9. package/package.json +3 -2
  10. package/src/index.ts +1031 -2
package/dist/test/src/index.js ADDED
@@ -0,0 +1,960 @@
1
+ /**
2
+ * TPS: Temporal Positioning System
3
+ * The Universal Protocol for Space-Time Coordinates.
4
+ * @packageDocumentation
5
+ * @version 0.4.2
6
+ * @license MIT
7
+ * @copyright 2026 TPS Standards Working Group
8
+ */
9
+ export class TPS {
10
+ /**
11
+ * Registers a calendar driver plugin.
12
+ * @param driver - The driver instance to register.
13
+ */
14
+ static registerDriver(driver) {
15
+ this.drivers.set(driver.code, driver);
16
+ }
17
+ /**
18
+ * Gets a registered calendar driver.
19
+ * @param code - The calendar code.
20
+ * @returns The driver or undefined.
21
+ */
22
+ static getDriver(code) {
23
+ return this.drivers.get(code);
24
+ }
25
+ // --- CORE METHODS ---
26
+ static validate(input) {
27
+ if (input.startsWith('tps://'))
28
+ return this.REGEX_URI.test(input);
29
+ return this.REGEX_TIME.test(input);
30
+ }
31
+ static parse(input) {
32
+ if (input.startsWith('tps://')) {
33
+ const match = this.REGEX_URI.exec(input);
34
+ if (!match || !match.groups)
35
+ return null;
36
+ return this._mapGroupsToComponents(match.groups);
37
+ }
38
+ const match = this.REGEX_TIME.exec(input);
39
+ if (!match || !match.groups)
40
+ return null;
41
+ return this._mapGroupsToComponents(match.groups);
42
+ }
43
+ /**
44
+ * SERIALIZER: Converts a components object into a full TPS URI.
45
+ * @param comp - The TPS components.
46
+ * @returns Full URI string (e.g. "tps://...").
47
+ */
48
+ static toURI(comp) {
49
+ // 1. Build Space Part
50
+ let spacePart = 'unknown'; // Default safe fallback
51
+ if (comp.isHiddenLocation) {
52
+ spacePart = 'hidden';
53
+ }
54
+ else if (comp.isRedactedLocation) {
55
+ spacePart = 'redacted';
56
+ }
57
+ else if (comp.isUnknownLocation) {
58
+ spacePart = 'unknown';
59
+ }
60
+ else if (comp.latitude !== undefined && comp.longitude !== undefined) {
61
+ spacePart = `${comp.latitude},${comp.longitude}`;
62
+ if (comp.altitude !== undefined) {
63
+ spacePart += `,${comp.altitude}m`;
64
+ }
65
+ }
66
+ // 2. Build Time Part
67
+ let timePart = `T:${comp.calendar}`;
68
+ if (comp.calendar === 'unix' && comp.unixSeconds !== undefined) {
69
+ timePart += `.s${comp.unixSeconds}`;
70
+ }
71
+ else {
72
+ if (comp.millennium !== undefined)
73
+ timePart += `.m${comp.millennium}`;
74
+ if (comp.century !== undefined)
75
+ timePart += `.c${comp.century}`;
76
+ if (comp.year !== undefined)
77
+ timePart += `.y${comp.year}`;
78
+ if (comp.month !== undefined)
79
+ timePart += `.M${this.pad(comp.month)}`;
80
+ if (comp.day !== undefined)
81
+ timePart += `.d${this.pad(comp.day)}`;
82
+ if (comp.hour !== undefined)
83
+ timePart += `.h${this.pad(comp.hour)}`;
84
+ if (comp.minute !== undefined)
85
+ timePart += `.n${this.pad(comp.minute)}`;
86
+ if (comp.second !== undefined)
87
+ timePart += `.s${this.pad(comp.second)}`;
88
+ }
89
+ // 3. Build Extensions
90
+ let extPart = '';
91
+ if (comp.extensions && Object.keys(comp.extensions).length > 0) {
92
+ const extStrings = Object.entries(comp.extensions).map(([k, v]) => `${k}${v}`);
93
+ extPart = `;${extStrings.join('.')}`;
94
+ }
95
+ return `tps://${spacePart}@${timePart}${extPart}`;
96
+ }
97
+ /**
98
+ * CONVERTER: Creates a TPS Time Object string from a JavaScript Date.
99
+ * Supports plugin drivers for non-Gregorian calendars.
100
+ * @param date - The JS Date object (defaults to Now).
101
+ * @param calendar - The target calendar driver (default 'greg').
102
+ * @returns Canonical string (e.g., "T:greg.m3.c1.y26...").
103
+ */
104
+ static fromDate(date = new Date(), calendar = 'greg') {
105
+ // Check for registered driver first
106
+ const driver = this.drivers.get(calendar);
107
+ if (driver) {
108
+ return driver.fromDate(date);
109
+ }
110
+ // Built-in handlers
111
+ if (calendar === 'unix') {
112
+ const s = (date.getTime() / 1000).toFixed(3);
113
+ return `T:unix.s${s}`;
114
+ }
115
+ if (calendar === 'greg') {
116
+ const fullYear = date.getUTCFullYear();
117
+ const m = Math.floor(fullYear / 1000) + 1;
118
+ const c = Math.floor((fullYear % 1000) / 100) + 1;
119
+ const y = fullYear % 100;
120
+ const M = date.getUTCMonth() + 1;
121
+ const d = date.getUTCDate();
122
+ const h = date.getUTCHours();
123
+ const n = date.getUTCMinutes();
124
+ const s = date.getUTCSeconds();
125
+ return `T:greg.m${m}.c${c}.y${y}.M${this.pad(M)}.d${this.pad(d)}.h${this.pad(h)}.n${this.pad(n)}.s${this.pad(s)}`;
126
+ }
127
+ throw new Error(`Calendar driver '${calendar}' not implemented. Register a driver.`);
128
+ }
129
+ /**
130
+ * CONVERTER: Converts a TPS string to a Date in a target calendar format.
131
+ * Uses plugin drivers for cross-calendar conversion.
132
+ * @param tpsString - The source TPS string (any calendar).
133
+ * @param targetCalendar - The target calendar code (e.g., 'hij').
134
+ * @returns A TPS string in the target calendar, or null if invalid.
135
+ */
136
+ static to(targetCalendar, tpsString) {
137
+ // 1. Parse to components and convert to Gregorian Date
138
+ const gregDate = this.toDate(tpsString);
139
+ if (!gregDate)
140
+ return null;
141
+ // 2. Convert Gregorian to target calendar using driver
142
+ return this.fromDate(gregDate, targetCalendar);
143
+ }
144
+ /**
145
+ * CONVERTER: Reconstructs a JavaScript Date object from a TPS string.
146
+ * Supports plugin drivers for non-Gregorian calendars.
147
+ * @param tpsString - The TPS string.
148
+ * @returns JS Date object or `null` if invalid.
149
+ */
150
+ static toDate(tpsString) {
151
+ const p = this.parse(tpsString);
152
+ if (!p)
153
+ return null;
154
+ // Check for registered driver first
155
+ const driver = this.drivers.get(p.calendar);
156
+ if (driver) {
157
+ return driver.toGregorian(p);
158
+ }
159
+ // Built-in handlers
160
+ if (p.calendar === 'unix' && p.unixSeconds !== undefined) {
161
+ return new Date(p.unixSeconds * 1000);
162
+ }
163
+ if (p.calendar === 'greg') {
164
+ const m = p.millennium || 0;
165
+ const c = p.century || 1;
166
+ const y = p.year || 0;
167
+ const fullYear = (m - 1) * 1000 + (c - 1) * 100 + y;
168
+ return new Date(Date.UTC(fullYear, (p.month || 1) - 1, p.day || 1, p.hour || 0, p.minute || 0, Math.floor(p.second || 0)));
169
+ }
170
+ return null;
171
+ }
172
+ // --- DRIVER CONVENIENCE METHODS ---
173
+ /**
174
+ * Parse a calendar-specific date string into TPS components.
175
+ * Requires the driver to implement the optional `parseDate` method.
176
+ *
177
+ * @param calendar - The calendar code (e.g., 'hij')
178
+ * @param dateString - Date string in calendar-native format (e.g., '1447-07-21')
179
+ * @param format - Optional format string (driver-specific)
180
+ * @returns TPS components or null if parsing fails
181
+ *
182
+ * @example
183
+ * ```ts
184
+ * const components = TPS.parseCalendarDate('hij', '1447-07-21');
185
+ * // { calendar: 'hij', year: 1447, month: 7, day: 21 }
186
+ *
187
+ * const uri = TPS.toURI({ ...components, latitude: 31.95, longitude: 35.91 });
188
+ * // "tps://31.95,35.91@T:hij.y1447.M07.d21"
189
+ * ```
190
+ */
191
+ static parseCalendarDate(calendar, dateString, format) {
192
+ const driver = this.drivers.get(calendar);
193
+ if (!driver) {
194
+ throw new Error(`Calendar driver '${calendar}' not found. Register a driver first.`);
195
+ }
196
+ if (!driver.parseDate) {
197
+ throw new Error(`Driver '${calendar}' does not implement parseDate(). Use fromGregorian() instead.`);
198
+ }
199
+ return driver.parseDate(dateString, format);
200
+ }
201
+ /**
202
+ * Convert a calendar-specific date string directly to a TPS URI.
203
+ * This is a convenience method that combines parseDate + toURI.
204
+ *
205
+ * @param calendar - The calendar code (e.g., 'hij')
206
+ * @param dateString - Date string in calendar-native format
207
+ * @param location - Optional location (lat/lon/alt or privacy flag)
208
+ * @returns Full TPS URI string
209
+ *
210
+ * @example
211
+ * ```ts
212
+ * // With coordinates
213
+ * TPS.fromCalendarDate('hij', '1447-07-21', { latitude: 31.95, longitude: 35.91 });
214
+ * // "tps://31.95,35.91@T:hij.y1447.M07.d21"
215
+ *
216
+ * // With privacy flag
217
+ * TPS.fromCalendarDate('hij', '1447-07-21', { isHiddenLocation: true });
218
+ * // "tps://hidden@T:hij.y1447.M07.d21"
219
+ *
220
+ * // Without location
221
+ * TPS.fromCalendarDate('hij', '1447-07-21');
222
+ * // "tps://unknown@T:hij.y1447.M07.d21"
223
+ * ```
224
+ */
225
+ static fromCalendarDate(calendar, dateString, location) {
226
+ const components = this.parseCalendarDate(calendar, dateString);
227
+ if (!components) {
228
+ throw new Error(`Failed to parse date string: ${dateString}`);
229
+ }
230
+ // Merge with location
231
+ const fullComponents = {
232
+ calendar,
233
+ ...components,
234
+ ...location,
235
+ };
236
+ return this.toURI(fullComponents);
237
+ }
238
+ /**
239
+ * Format TPS components to a calendar-specific date string.
240
+ * Requires the driver to implement the optional `format` method.
241
+ *
242
+ * @param calendar - The calendar code
243
+ * @param components - TPS components to format
244
+ * @param format - Optional format string (driver-specific)
245
+ * @returns Formatted date string in calendar-native format
246
+ *
247
+ * @example
248
+ * ```ts
249
+ * const tps = TPS.parse('tps://unknown@T:hij.y1447.M07.d21');
250
+ * const formatted = TPS.formatCalendarDate('hij', tps);
251
+ * // "1447-07-21"
252
+ * ```
253
+ */
254
+ static formatCalendarDate(calendar, components, format) {
255
+ const driver = this.drivers.get(calendar);
256
+ if (!driver) {
257
+ throw new Error(`Calendar driver '${calendar}' not found.`);
258
+ }
259
+ if (!driver.format) {
260
+ throw new Error(`Driver '${calendar}' does not implement format().`);
261
+ }
262
+ return driver.format(components, format);
263
+ }
264
+ // --- INTERNAL HELPERS ---
265
+ static _mapGroupsToComponents(g) {
266
+ const components = {};
267
+ components.calendar = g.calendar;
268
+ // Time Mapping
269
+ if (components.calendar === 'unix' && g.unix) {
270
+ components.unixSeconds = parseFloat(g.unix.substring(1));
271
+ }
272
+ else {
273
+ if (g.millennium)
274
+ components.millennium = parseInt(g.millennium, 10);
275
+ if (g.century)
276
+ components.century = parseInt(g.century, 10);
277
+ if (g.year)
278
+ components.year = parseInt(g.year, 10);
279
+ if (g.month)
280
+ components.month = parseInt(g.month, 10);
281
+ if (g.day)
282
+ components.day = parseInt(g.day, 10);
283
+ if (g.hour)
284
+ components.hour = parseInt(g.hour, 10);
285
+ if (g.minute)
286
+ components.minute = parseInt(g.minute, 10);
287
+ if (g.second)
288
+ components.second = parseFloat(g.second);
289
+ }
290
+ // Space Mapping
291
+ if (g.space) {
292
+ if (g.space === 'unknown')
293
+ components.isUnknownLocation = true;
294
+ else if (g.space === 'redacted')
295
+ components.isRedactedLocation = true;
296
+ else if (g.space === 'hidden')
297
+ components.isHiddenLocation = true;
298
+ else {
299
+ if (g.lat)
300
+ components.latitude = parseFloat(g.lat);
301
+ if (g.lon)
302
+ components.longitude = parseFloat(g.lon);
303
+ if (g.alt)
304
+ components.altitude = parseFloat(g.alt);
305
+ }
306
+ }
307
+ // Extensions Mapping
308
+ if (g.extensions) {
309
+ const extObj = {};
310
+ const parts = g.extensions.split('.');
311
+ parts.forEach((p) => {
312
+ const key = p.charAt(0);
313
+ const val = p.substring(1);
314
+ if (key && val)
315
+ extObj[key] = val;
316
+ });
317
+ components.extensions = extObj;
318
+ }
319
+ return components;
320
+ }
321
+ static pad(n) {
322
+ const s = n.toString();
323
+ return s.length < 2 ? '0' + s : s;
324
+ }
325
+ }
326
+ // --- PLUGIN REGISTRY ---
327
+ TPS.drivers = new Map();
328
+ // --- REGEX ---
329
+ TPS.REGEX_URI = new RegExp('^tps://(?<space>unknown|redacted|hidden|(?<lat>-?\\d+(?:\\.\\d+)?),(?<lon>-?\\d+(?:\\.\\d+)?)(?:,(?<alt>-?\\d+(?:\\.\\d+)?)m?)?)@T:(?<calendar>[a-z]{3,4})\\.(?:(?<unix>s\\d+(?:\\.\\d+)?)|m(?<millennium>-?\\d+)(?:\\.c(?<century>\\d+)(?:\\.y(?<year>\\d+)(?:\\.M(?<month>\\d{1,2})(?:\\.d(?<day>\\d{1,2})(?:\\.h(?<hour>\\d{1,2})(?:\\.n(?<minute>\\d{1,2})(?:\\.s(?<second>\\d{1,2}(?:\\.\\d+)?))?)?)?)?)?)?)?)?(?:;(?<extensions>[a-z0-9\\.\\-\\_]+))?$');
330
+ TPS.REGEX_TIME = new RegExp('^T:(?<calendar>[a-z]{3,4})\\.(?:(?<unix>s\\d+(?:\\.\\d+)?)|m(?<millennium>-?\\d+)(?:\\.c(?<century>\\d+)(?:\\.y(?<year>\\d+)(?:\\.M(?<month>\\d{1,2})(?:\\.d(?<day>\\d{1,2})(?:\\.h(?<hour>\\d{1,2})(?:\\.n(?<minute>\\d{1,2})(?:\\.s(?<second>\\d{1,2}(?:\\.\\d+)?))?)?)?)?)?)?)?)?$');
331
+ /**
332
+ * TPS-UID v1 — Temporal Positioning System Identifier (Binary Reversible)
333
+ *
334
+ * A time-first, reversible identifier that binds an event to a TPS coordinate.
335
+ * Unlike UUIDs, TPS-UID identifies events in spacetime and allows exact
336
+ * reconstruction of the original TPS string.
337
+ *
338
+ * Binary Schema (all integers big-endian):
339
+ * ```
340
+ * MAGIC 4 bytes "TPU7"
341
+ * VER 1 byte 0x01
342
+ * FLAGS 1 byte bit0 = compression flag
343
+ * TIME 6 bytes epoch_ms (48-bit unsigned)
344
+ * NONCE 4 bytes 32-bit random
345
+ * LEN varint length of TPS payload
346
+ * TPS bytes UTF-8 TPS string (raw or zlib-compressed)
347
+ * ```
348
+ *
349
+ * @example
350
+ * ```ts
351
+ * const tps = 'tps://31.95,35.91@T:greg.m3.c1.y26.M01.d09';
352
+ *
353
+ * // Encode to binary
354
+ * const bytes = TPSUID7RB.encodeBinary(tps);
355
+ *
356
+ * // Encode to base64url string
357
+ * const id = TPSUID7RB.encodeBinaryB64(tps);
358
+ * // → "tpsuid7rb_AFRQV..."
359
+ *
360
+ * // Decode back to original TPS
361
+ * const decoded = TPSUID7RB.decodeBinaryB64(id);
362
+ * console.log(decoded.tps); // exact original TPS
363
+ * ```
364
+ */
365
+ export class TPSUID7RB {
366
+ // ---------------------------
367
+ // Public API
368
+ // ---------------------------
369
+ /**
370
+ * Encode TPS string to binary bytes (Uint8Array).
371
+ * This is the canonical form for hashing, signing, and storage.
372
+ *
373
+ * @param tps - The TPS string to encode
374
+ * @param opts - Encoding options (compress, epochMs override)
375
+ * @returns Binary TPS-UID as Uint8Array
376
+ */
377
+ static encodeBinary(tps, opts) {
378
+ const compress = opts?.compress ?? false;
379
+ const epochMs = opts?.epochMs ?? this.epochMsFromTPSString(tps);
380
+ if (!Number.isInteger(epochMs) || epochMs < 0) {
381
+ throw new Error('epochMs must be a non-negative integer');
382
+ }
383
+ if (epochMs > 0xffffffffffff) {
384
+ throw new Error('epochMs exceeds 48-bit range');
385
+ }
386
+ const flags = compress ? 0x01 : 0x00;
387
+ // Generate 32-bit nonce
388
+ const nonceBuf = this.randomBytes(4);
389
+ const nonce = ((nonceBuf[0] << 24) >>> 0) +
390
+ ((nonceBuf[1] << 16) >>> 0) +
391
+ ((nonceBuf[2] << 8) >>> 0) +
392
+ nonceBuf[3];
393
+ // Encode TPS to UTF-8
394
+ const tpsUtf8 = new TextEncoder().encode(tps);
395
+ // Optionally compress
396
+ const payload = compress ? this.deflateRaw(tpsUtf8) : tpsUtf8;
397
+ // Encode length as varint
398
+ const lenVar = this.uvarintEncode(payload.length);
399
+ // Construct binary structure
400
+ const out = new Uint8Array(4 + 1 + 1 + 6 + 4 + lenVar.length + payload.length);
401
+ let offset = 0;
402
+ // MAGIC
403
+ out.set(this.MAGIC, offset);
404
+ offset += 4;
405
+ // VER
406
+ out[offset++] = this.VER;
407
+ // FLAGS
408
+ out[offset++] = flags;
409
+ // TIME (48-bit big-endian)
410
+ const timeBytes = this.writeU48(epochMs);
411
+ out.set(timeBytes, offset);
412
+ offset += 6;
413
+ // NONCE (32-bit big-endian)
414
+ out.set(nonceBuf, offset);
415
+ offset += 4;
416
+ // LEN (varint)
417
+ out.set(lenVar, offset);
418
+ offset += lenVar.length;
419
+ // TPS payload
420
+ out.set(payload, offset);
421
+ return out;
422
+ }
423
+ /**
424
+ * Decode binary bytes back to original TPS string.
425
+ *
426
+ * @param bytes - Binary TPS-UID
427
+ * @returns Decoded result with original TPS string
428
+ */
429
+ static decodeBinary(bytes) {
430
+ // Header min size: 4+1+1+6+4 + 1 (at least 1 byte varint) = 17
431
+ if (bytes.length < 17) {
432
+ throw new Error('TPSUID7RB: too short');
433
+ }
434
+ // MAGIC
435
+ if (bytes[0] !== 0x54 ||
436
+ bytes[1] !== 0x50 ||
437
+ bytes[2] !== 0x55 ||
438
+ bytes[3] !== 0x37) {
439
+ throw new Error('TPSUID7RB: bad magic');
440
+ }
441
+ // VERSION
442
+ const ver = bytes[4];
443
+ if (ver !== this.VER) {
444
+ throw new Error(`TPSUID7RB: unsupported version ${ver}`);
445
+ }
446
+ // FLAGS
447
+ const flags = bytes[5];
448
+ const compressed = (flags & 0x01) === 0x01;
449
+ // TIME (48-bit big-endian)
450
+ const epochMs = this.readU48(bytes, 6);
451
+ // NONCE (32-bit big-endian)
452
+ const nonce = ((bytes[12] << 24) >>> 0) +
453
+ ((bytes[13] << 16) >>> 0) +
454
+ ((bytes[14] << 8) >>> 0) +
455
+ bytes[15];
456
+ // LEN (varint at offset 16)
457
+ let offset = 16;
458
+ const { value: tpsLen, bytesRead } = this.uvarintDecode(bytes, offset);
459
+ offset += bytesRead;
460
+ if (offset + tpsLen > bytes.length) {
461
+ throw new Error('TPSUID7RB: length overflow');
462
+ }
463
+ // TPS payload
464
+ const payload = bytes.slice(offset, offset + tpsLen);
465
+ const tpsUtf8 = compressed ? this.inflateRaw(payload) : payload;
466
+ const tps = new TextDecoder().decode(tpsUtf8);
467
+ return { version: 'tpsuid7rb', epochMs, compressed, nonce, tps };
468
+ }
469
+ /**
470
+ * Encode TPS to base64url string with prefix.
471
+ * This is the transport/storage form.
472
+ *
473
+ * @param tps - The TPS string to encode
474
+ * @param opts - Encoding options
475
+ * @returns Base64url encoded TPS-UID with prefix
476
+ */
477
+ static encodeBinaryB64(tps, opts) {
478
+ const bytes = this.encodeBinary(tps, opts);
479
+ return `${this.PREFIX}${this.base64UrlEncode(bytes)}`;
480
+ }
481
+ /**
482
+ * Decode base64url string back to original TPS string.
483
+ *
484
+ * @param id - Base64url encoded TPS-UID with prefix
485
+ * @returns Decoded result with original TPS string
486
+ */
487
+ static decodeBinaryB64(id) {
488
+ const s = id.trim();
489
+ if (!s.startsWith(this.PREFIX)) {
490
+ throw new Error('TPSUID7RB: missing prefix');
491
+ }
492
+ const b64 = s.slice(this.PREFIX.length);
493
+ const bytes = this.base64UrlDecode(b64);
494
+ return this.decodeBinary(bytes);
495
+ }
496
+ /**
497
+ * Validate base64url encoded TPS-UID format.
498
+ * Note: This validates shape only; binary decode is authoritative.
499
+ *
500
+ * @param id - String to validate
501
+ * @returns true if format is valid
502
+ */
503
+ static validateBinaryB64(id) {
504
+ return this.REGEX.test(id.trim());
505
+ }
506
+ /**
507
+ * Generate a TPS-UID from the current time and optional location.
508
+ *
509
+ * @param opts - Generation options
510
+ * @returns Base64url encoded TPS-UID
511
+ */
512
+ static generate(opts) {
513
+ const now = new Date();
514
+ const tps = this.generateTPSString(now, opts);
515
+ return this.encodeBinaryB64(tps, {
516
+ compress: opts?.compress,
517
+ epochMs: now.getTime(),
518
+ });
519
+ }
520
+ // ---------------------------
521
+ // TPS String Helpers
522
+ // ---------------------------
523
+ /**
524
+ * Generate a TPS string from a Date and optional location.
525
+ */
526
+ static generateTPSString(date, opts) {
527
+ const fullYear = date.getUTCFullYear();
528
+ const m = Math.floor(fullYear / 1000) + 1;
529
+ const c = Math.floor((fullYear % 1000) / 100) + 1;
530
+ const y = fullYear % 100;
531
+ const M = date.getUTCMonth() + 1;
532
+ const d = date.getUTCDate();
533
+ const h = date.getUTCHours();
534
+ const n = date.getUTCMinutes();
535
+ const s = date.getUTCSeconds();
536
+ const pad = (num) => num.toString().padStart(2, '0');
537
+ const timePart = `T:greg.m${m}.c${c}.y${y}.M${pad(M)}.d${pad(d)}.h${pad(h)}.n${pad(n)}.s${pad(s)}`;
538
+ let spacePart = 'unknown';
539
+ if (opts?.latitude !== undefined && opts?.longitude !== undefined) {
540
+ spacePart = `${opts.latitude},${opts.longitude}`;
541
+ if (opts.altitude !== undefined) {
542
+ spacePart += `,${opts.altitude}m`;
543
+ }
544
+ }
545
+ return `tps://${spacePart}@${timePart}`;
546
+ }
547
+ /**
548
+ * Parse epoch milliseconds from a TPS string.
549
+ * Supports both URI format (tps://...) and time-only format (T:greg...)
550
+ */
551
+ static epochMsFromTPSString(tps) {
552
+ let time;
553
+ if (tps.includes('@')) {
554
+ // URI format: tps://...@T:greg...
555
+ const at = tps.indexOf('@');
556
+ time = tps.slice(at + 1).trim();
557
+ }
558
+ else if (tps.startsWith('T:')) {
559
+ // Time-only format
560
+ time = tps;
561
+ }
562
+ else {
563
+ throw new Error('TPS: unrecognized format');
564
+ }
565
+ if (!time.startsWith('T:greg.')) {
566
+ throw new Error('TPS: only T:greg.* parsing is supported');
567
+ }
568
+ // Extract m (millennium), c (century), y (year)
569
+ const mMatch = time.match(/\.m(-?\d+)/);
570
+ const cMatch = time.match(/\.c(\d+)/);
571
+ const yMatch = time.match(/\.y(\d{1,4})/);
572
+ const MMatch = time.match(/\.M(\d{1,2})/);
573
+ const dMatch = time.match(/\.d(\d{1,2})/);
574
+ const hMatch = time.match(/\.h(\d{1,2})/);
575
+ const nMatch = time.match(/\.n(\d{1,2})/);
576
+ const sMatch = time.match(/\.s(\d{1,2})/);
577
+ // Calculate full year from millennium, century, year
578
+ let fullYear;
579
+ if (mMatch && cMatch && yMatch) {
580
+ const millennium = parseInt(mMatch[1], 10);
581
+ const century = parseInt(cMatch[1], 10);
582
+ const year = parseInt(yMatch[1], 10);
583
+ fullYear = (millennium - 1) * 1000 + (century - 1) * 100 + year;
584
+ }
585
+ else if (yMatch) {
586
+ // Fallback: interpret y as 2-digit year
587
+ let year = parseInt(yMatch[1], 10);
588
+ if (year < 100) {
589
+ year = year <= 69 ? 2000 + year : 1900 + year;
590
+ }
591
+ fullYear = year;
592
+ }
593
+ else {
594
+ throw new Error('TPS: missing year component');
595
+ }
596
+ const month = MMatch ? parseInt(MMatch[1], 10) : 1;
597
+ const day = dMatch ? parseInt(dMatch[1], 10) : 1;
598
+ const hour = hMatch ? parseInt(hMatch[1], 10) : 0;
599
+ const minute = nMatch ? parseInt(nMatch[1], 10) : 0;
600
+ const second = sMatch ? parseInt(sMatch[1], 10) : 0;
601
+ const epoch = Date.UTC(fullYear, month - 1, day, hour, minute, second);
602
+ if (!Number.isFinite(epoch)) {
603
+ throw new Error('TPS: failed to compute epochMs');
604
+ }
605
+ return epoch;
606
+ }
607
+ // ---------------------------
608
+ // Binary Helpers
609
+ // ---------------------------
610
+ /** Write 48-bit unsigned integer (big-endian) */
611
+ static writeU48(epochMs) {
612
+ const b = new Uint8Array(6);
613
+ // Use BigInt for proper 48-bit handling
614
+ const v = BigInt(epochMs);
615
+ b[0] = Number((v >> 40n) & 0xffn);
616
+ b[1] = Number((v >> 32n) & 0xffn);
617
+ b[2] = Number((v >> 24n) & 0xffn);
618
+ b[3] = Number((v >> 16n) & 0xffn);
619
+ b[4] = Number((v >> 8n) & 0xffn);
620
+ b[5] = Number(v & 0xffn);
621
+ return b;
622
+ }
623
+ /** Read 48-bit unsigned integer (big-endian) */
624
+ static readU48(bytes, offset) {
625
+ const v = (BigInt(bytes[offset]) << 40n) +
626
+ (BigInt(bytes[offset + 1]) << 32n) +
627
+ (BigInt(bytes[offset + 2]) << 24n) +
628
+ (BigInt(bytes[offset + 3]) << 16n) +
629
+ (BigInt(bytes[offset + 4]) << 8n) +
630
+ BigInt(bytes[offset + 5]);
631
+ const n = Number(v);
632
+ if (!Number.isSafeInteger(n)) {
633
+ throw new Error('TPSUID7RB: u48 not safe integer');
634
+ }
635
+ return n;
636
+ }
637
+ /** Encode unsigned integer as LEB128 varint */
638
+ static uvarintEncode(n) {
639
+ if (!Number.isInteger(n) || n < 0) {
640
+ throw new Error('uvarint must be non-negative int');
641
+ }
642
+ const out = [];
643
+ let x = n >>> 0;
644
+ while (x >= 0x80) {
645
+ out.push((x & 0x7f) | 0x80);
646
+ x >>>= 7;
647
+ }
648
+ out.push(x);
649
+ return new Uint8Array(out);
650
+ }
651
+ /** Decode LEB128 varint */
652
+ static uvarintDecode(bytes, offset) {
653
+ let x = 0;
654
+ let s = 0;
655
+ let i = 0;
656
+ while (true) {
657
+ if (offset + i >= bytes.length) {
658
+ throw new Error('uvarint overflow');
659
+ }
660
+ const b = bytes[offset + i];
661
+ if (b < 0x80) {
662
+ if (i > 9 || (i === 9 && b > 1)) {
663
+ throw new Error('uvarint too large');
664
+ }
665
+ x |= b << s;
666
+ return { value: x >>> 0, bytesRead: i + 1 };
667
+ }
668
+ x |= (b & 0x7f) << s;
669
+ s += 7;
670
+ i++;
671
+ if (i > 10) {
672
+ throw new Error('uvarint too long');
673
+ }
674
+ }
675
+ }
676
+ // ---------------------------
677
+ // Base64url Helpers
678
+ // ---------------------------
679
+ /** Encode bytes to base64url (no padding) */
680
+ static base64UrlEncode(bytes) {
681
+ // Node.js environment
682
+ if (typeof Buffer !== 'undefined') {
683
+ return Buffer.from(bytes)
684
+ .toString('base64')
685
+ .replace(/\+/g, '-')
686
+ .replace(/\//g, '_')
687
+ .replace(/=+$/g, '');
688
+ }
689
+ // Browser environment
690
+ let binary = '';
691
+ for (let i = 0; i < bytes.length; i++) {
692
+ binary += String.fromCharCode(bytes[i]);
693
+ }
694
+ return btoa(binary)
695
+ .replace(/\+/g, '-')
696
+ .replace(/\//g, '_')
697
+ .replace(/=+$/g, '');
698
+ }
699
+ /** Decode base64url to bytes */
700
+ static base64UrlDecode(b64url) {
701
+ // Add padding
702
+ const padLen = (4 - (b64url.length % 4)) % 4;
703
+ const b64 = (b64url + '='.repeat(padLen))
704
+ .replace(/-/g, '+')
705
+ .replace(/_/g, '/');
706
+ // Node.js environment
707
+ if (typeof Buffer !== 'undefined') {
708
+ return new Uint8Array(Buffer.from(b64, 'base64'));
709
+ }
710
+ // Browser environment
711
+ const binary = atob(b64);
712
+ const bytes = new Uint8Array(binary.length);
713
+ for (let i = 0; i < binary.length; i++) {
714
+ bytes[i] = binary.charCodeAt(i);
715
+ }
716
+ return bytes;
717
+ }
718
+ // ---------------------------
719
+ // Compression Helpers
720
+ // ---------------------------
721
+ /** Compress using zlib deflate raw */
722
+ static deflateRaw(data) {
723
+ // Node.js environment
724
+ if (typeof require !== 'undefined') {
725
+ try {
726
+ // eslint-disable-next-line @typescript-eslint/no-require-imports
727
+ const zlib = require('zlib');
728
+ return new Uint8Array(zlib.deflateRawSync(Buffer.from(data)));
729
+ }
730
+ catch {
731
+ throw new Error('TPSUID7RB: compression not available');
732
+ }
733
+ }
734
+ // Browser: would need pako or similar library
735
+ throw new Error('TPSUID7RB: compression not available in browser');
736
+ }
737
+ /** Decompress using zlib inflate raw */
738
+ static inflateRaw(data) {
739
+ // Node.js environment
740
+ if (typeof require !== 'undefined') {
741
+ try {
742
+ // eslint-disable-next-line @typescript-eslint/no-require-imports
743
+ const zlib = require('zlib');
744
+ return new Uint8Array(zlib.inflateRawSync(Buffer.from(data)));
745
+ }
746
+ catch {
747
+ throw new Error('TPSUID7RB: decompression failed');
748
+ }
749
+ }
750
+ // Browser: would need pako or similar library
751
+ throw new Error('TPSUID7RB: decompression not available in browser');
752
+ }
753
+ // ---------------------------
754
+ // Cryptographic Sealing (Ed25519)
755
+ // ---------------------------
756
+ /**
757
+ * Seal (sign) a TPS string to create a cryptographically verifiable TPS-UID.
758
+ * This appends an Ed25519 signature to the binary form.
759
+ *
760
+ * @param tps - The TPS string to seal
761
+ * @param privateKey - Ed25519 private key (hex or buffer)
762
+ * @param opts - Encoding options
763
+ * @returns Sealed binary TPS-UID
764
+ */
765
+ static seal(tps, privateKey, opts) {
766
+ // 1. Create standard binary (unsealed first)
767
+ // We force the SEAL flag (bit 1) to be 0 initially for the "content to sign"
768
+ // But wait, we want the signature to cover the header too.
769
+ // Strategy: Construct the full binary with SEAL flag OFF, sign it, then set SEAL flag ON and append sig.
770
+ // Actually, the standard way is:
771
+ // Content = MAGIC + VER + FLAGS(with seal bit set) + TIME + NONCE + LEN + PAYLOAD
772
+ // Signature = Sign(Content)
773
+ // Final = Content + SEAL_TYPE + SIGNATURE
774
+ const compress = opts?.compress ?? false;
775
+ const epochMs = opts?.epochMs ?? this.epochMsFromTPSString(tps);
776
+ // Validate epoch
777
+ if (!Number.isInteger(epochMs) || epochMs < 0 || epochMs > 0xffffffffffff) {
778
+ throw new Error('epochMs must be a valid 48-bit non-negative integer');
779
+ }
780
+ // Flags: Bit 0 = compress, Bit 1 = sealed
781
+ const flags = (compress ? 0x01 : 0x00) | 0x02; // Set SEAL bit
782
+ // Generate Nonce
783
+ const nonceBuf = this.randomBytes(4);
784
+ // Encode Payload
785
+ const tpsUtf8 = new TextEncoder().encode(tps);
786
+ const payload = compress ? this.deflateRaw(tpsUtf8) : tpsUtf8;
787
+ const lenVar = this.uvarintEncode(payload.length);
788
+ // Construct Content (Header + Payload)
789
+ const contentLen = 4 + 1 + 1 + 6 + 4 + lenVar.length + payload.length;
790
+ const content = new Uint8Array(contentLen);
791
+ let offset = 0;
792
+ content.set(this.MAGIC, offset);
793
+ offset += 4;
794
+ content[offset++] = this.VER;
795
+ content[offset++] = flags;
796
+ content.set(this.writeU48(epochMs), offset);
797
+ offset += 6;
798
+ content.set(nonceBuf, offset);
799
+ offset += 4;
800
+ content.set(lenVar, offset);
801
+ offset += lenVar.length;
802
+ content.set(payload, offset);
803
+ // Sign the content
804
+ const signature = this.signEd25519(content, privateKey);
805
+ const sealType = 0x01; // Ed25519
806
+ // Final Output: Content + SealType (1) + Signature (64)
807
+ const final = new Uint8Array(contentLen + 1 + signature.length);
808
+ final.set(content, 0);
809
+ final.set([sealType], contentLen);
810
+ final.set(signature, contentLen + 1);
811
+ return final;
812
+ }
813
+ /**
814
+ * Verify a sealed TPS-UID and decode it.
815
+ * Throws if signature is invalid or not sealed.
816
+ *
817
+ * @param sealedBytes - The binary sealed TPS-UID
818
+ * @param publicKey - Ed25519 public key (hex or buffer) to verify against
819
+ * @returns Decoded result
820
+ */
821
+ static verifyAndDecode(sealedBytes, publicKey) {
822
+ if (sealedBytes.length < 18)
823
+ throw new Error('TPSUID7RB: too short');
824
+ // Check Magic
825
+ if (sealedBytes[0] !== 0x54 ||
826
+ sealedBytes[1] !== 0x50 ||
827
+ sealedBytes[2] !== 0x55 ||
828
+ sealedBytes[3] !== 0x37) {
829
+ throw new Error('TPSUID7RB: bad magic');
830
+ }
831
+ // Check Flags for Sealed Bit (bit 1)
832
+ const flags = sealedBytes[5];
833
+ if ((flags & 0x02) === 0) {
834
+ throw new Error('TPSUID7RB: not a sealed UID');
835
+ }
836
+ // 1. Parse the structure to find where content ends
837
+ // We need to parse LEN and Payload to find the split point
838
+ let offset = 16; // Start of LEN
839
+ // Decode LEN
840
+ const { value: tpsLen, bytesRead } = this.uvarintDecode(sealedBytes, offset);
841
+ offset += bytesRead;
842
+ const payloadEnd = offset + tpsLen;
843
+ if (payloadEnd > sealedBytes.length) {
844
+ throw new Error('TPSUID7RB: length overflow (truncated)');
845
+ }
846
+ // The Content to verify matches exactly [0 ... payloadEnd]
847
+ const content = sealedBytes.slice(0, payloadEnd);
848
+ // After content: SealType (1 byte) + Signature
849
+ if (sealedBytes.length <= payloadEnd + 1) {
850
+ throw new Error('TPSUID7RB: missing signature data');
851
+ }
852
+ const sealType = sealedBytes[payloadEnd];
853
+ if (sealType !== 0x01) {
854
+ throw new Error(`TPSUID7RB: unsupported seal type 0x${sealType.toString(16)}`);
855
+ }
856
+ const signature = sealedBytes.slice(payloadEnd + 1);
857
+ if (signature.length !== 64) {
858
+ throw new Error(`TPSUID7RB: invalid Ed25519 signature length ${signature.length}`);
859
+ }
860
+ // Verify
861
+ const isValid = this.verifyEd25519(content, signature, publicKey);
862
+ if (!isValid) {
863
+ throw new Error('TPSUID7RB: signature verification failed');
864
+ }
865
+ // Decode (reuse standard logic, but ignoring the extra bytes at end is fine?)
866
+ // Actually standard logic doesn't expect trailing bytes unless we tell it to.
867
+ // But since we verified, we can just slice the content and decode that as a strict binary
868
+ // EXCEPT standard decodeBinary checks strict length.
869
+ // So we manually decode the components here to be safe and efficient.
870
+ return this.decodeBinary(content); // Reuse strict decoder on the content part
871
+ }
872
+ // --- Crypto Implementation (Ed25519) ---
873
+ static signEd25519(data, privateKey) {
874
+ if (typeof require !== 'undefined') {
875
+ try {
876
+ // eslint-disable-next-line @typescript-eslint/no-require-imports
877
+ const crypto = require('crypto');
878
+ // Node's crypto.sign uses PEM or KeyObject, but for raw Ed25519 keys we might need 'crypto.sign(null, data, key)'
879
+ // or ensure key is properly formatted.
880
+ // For simplicity in Node 20+, crypto.sign(null, data, privateKey) works if key is KeyObject.
881
+ // If raw bytes: establish KeyObject.
882
+ let keyObj;
883
+ if (Buffer.isBuffer(privateKey) || privateKey instanceof Uint8Array) {
884
+ // Assuming raw 64-byte private key (or 32-byte seed properly expanded by crypto)
885
+ // Node < 16 is tricky with raw keys.
886
+ // Let's assume standard Ed25519 standard implementation pattern logic:
887
+ keyObj = crypto.createPrivateKey({
888
+ key: Buffer.from(privateKey),
889
+ format: 'der', // or 'pem' - strict.
890
+ type: 'pkcs8'
891
+ });
892
+ // Actually, simpler: construct key object from raw bytes if possible?
893
+ // Node's crypto is strict. Let's try the simplest:
894
+ // If hex string provided, convert to buffer.
895
+ }
896
+ // Simpler fallback: If user passed a PEM string, great.
897
+ // If they passed raw bytes, we might need 'ed25519' key type.
898
+ // For this implementation, let's target Node's high-level sign/verify
899
+ // and assume the user provides a VALID key object or compatible format (PEM/DER).
900
+ // Handling RAW Ed25519 keys in Node requires specific 'crypto.createPrivateKey' with 'raw' format (Node 11.6+).
901
+ const key = typeof privateKey === 'string' && !privateKey.includes('PRIVATE KEY')
902
+ ? crypto.createPrivateKey({ key: Buffer.from(privateKey, 'hex'), format: 'pem', type: 'pkcs8' }) // Fallback guess
903
+ : privateKey;
904
+ // Note: Raw Ed25519 key support in Node.js 'crypto' acts via 'generateKeyPair' or KeyObject.
905
+ // Direct raw signing is via crypto.sign(null, data, key).
906
+ return new Uint8Array(crypto.sign(null, data, key));
907
+ }
908
+ catch (e) {
909
+ // If standard crypto fails (e.g. key format issue), throw
910
+ throw new Error('TPSUID7RB: signing failed (check key format)');
911
+ }
912
+ }
913
+ throw new Error('TPSUID7RB: signing not available in browser');
914
+ }
915
+ static verifyEd25519(data, signature, publicKey) {
916
+ if (typeof require !== 'undefined') {
917
+ try {
918
+ // eslint-disable-next-line @typescript-eslint/no-require-imports
919
+ const crypto = require('crypto');
920
+ return crypto.verify(null, data, publicKey, signature);
921
+ }
922
+ catch {
923
+ return false;
924
+ }
925
+ }
926
+ throw new Error('TPSUID7RB: verification not available in browser');
927
+ }
928
+ // ---------------------------
929
+ // Random Bytes
930
+ // ---------------------------
931
+ /** Generate cryptographically secure random bytes */
932
+ static randomBytes(length) {
933
+ // Node.js environment
934
+ if (typeof require !== 'undefined') {
935
+ try {
936
+ // eslint-disable-next-line @typescript-eslint/no-require-imports
937
+ const crypto = require('crypto');
938
+ return new Uint8Array(crypto.randomBytes(length));
939
+ }
940
+ catch {
941
+ // Fallback to crypto.getRandomValues
942
+ }
943
+ }
944
+ // Browser or fallback
945
+ if (typeof crypto !== 'undefined' && crypto.getRandomValues) {
946
+ const bytes = new Uint8Array(length);
947
+ crypto.getRandomValues(bytes);
948
+ return bytes;
949
+ }
950
+ throw new Error('TPSUID7RB: no crypto available');
951
+ }
952
+ }
953
+ /** Magic bytes: "TPU7" */
954
+ TPSUID7RB.MAGIC = new Uint8Array([0x54, 0x50, 0x55, 0x37]);
955
+ /** Version 1 */
956
+ TPSUID7RB.VER = 0x01;
957
+ /** String prefix for base64url encoded form */
958
+ TPSUID7RB.PREFIX = 'tpsuid7rb_';
959
+ /** Regex for validating base64url encoded form */
960
+ TPSUID7RB.REGEX = /^tpsuid7rb_[A-Za-z0-9_-]+$/;