npm - @oxyhq/services - Versions diffs - 5.16.33 → 5.16.35 - Mend

@oxyhq/services 5.16.33 → 5.16.35

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (240) hide show

package/lib/commonjs/models/interfaces.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"names":["SECURITY_EVENT_SEVERITY_MAP","exports"],"sourceRoot":"../../../src","sources":["models/interfaces.ts"],"mappings":";;;;;;~~AAuBA~~;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA~~;AACA;AACA;AACA;AACA;AACA~~;;~~AAmMA~~;AACA;AACA;;AAmDA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA;;~~AAuGA~~;AACA;AACA;;AAqBA;AACA;AACA;;AAcA;AACA;AACA;;AAGA;AACA;AACA;AACA;AACO,MAAMA,2BAA6E,GAAAC,OAAA,CAAAD,2BAAA,GAAG;EAC3F,SAAS,EAAE,KAAK;EAChB,UAAU,EAAE,KAAK;EACjB,iBAAiB,EAAE,KAAK;EACxB,eAAe,EAAE,QAAQ;EACzB,cAAc,EAAE,QAAQ;EACxB,gBAAgB,EAAE,QAAQ;EAC1B,2BAA2B,EAAE,QAAQ;EACrC,kBAAkB,EAAE,MAAM;EAC1B,sBAAsB,EAAE,MAAM;EAC9B,gBAAgB,EAAE,MAAM;EACxB,qBAAqB,EAAE;AACzB,CAAC;;AAED;AACA;AACA;;AAeA;AACA;AACA;;AAkBA","ignoreList":[]}
1	+ {"version":3,"names":["SECURITY_EVENT_SEVERITY_MAP","exports"],"sourceRoot":"../../../src","sources":["models/interfaces.ts"],"mappings":";;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAyBA;AACA;;AAyEA;AACA;;AAmEA;AACA;AACA;;AAmDA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA;;AAqGA;AACA;AACA;;AAqBA;AACA;AACA;;AAcA;AACA;AACA;;AAGA;AACA;AACA;AACA;AACO,MAAMA,2BAA6E,GAAAC,OAAA,CAAAD,2BAAA,GAAG;EAC3F,SAAS,EAAE,KAAK;EAChB,UAAU,EAAE,KAAK;EACjB,iBAAiB,EAAE,KAAK;EACxB,eAAe,EAAE,QAAQ;EACzB,cAAc,EAAE,QAAQ;EACxB,gBAAgB,EAAE,QAAQ;EAC1B,2BAA2B,EAAE,QAAQ;EACrC,kBAAkB,EAAE,MAAM;EAC1B,sBAAsB,EAAE,MAAM;EAC9B,gBAAgB,EAAE,MAAM;EACxB,qBAAqB,EAAE;AACzB,CAAC;;AAED;AACA;AACA;;AAeA;AACA;AACA;;AAkBA;AACA","ignoreList":[]}

package/lib/commonjs/shared/crypto/messageBuilders.js ADDED Viewed

@@ -0,0 +1,79 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.buildAuthChallengeResponse = buildAuthChallengeResponse;
+exports.buildAuthMessage = buildAuthMessage;
+exports.buildRegistrationMessage = buildRegistrationMessage;
+exports.buildRequestMessage = buildRequestMessage;
+exports.canonicalizeData = canonicalizeData;
+exports.isTimestampFresh = isTimestampFresh;
+/**
+ * Canonical Message Builders
+ *
+ * Creates standardized, canonical message formats for signing.
+ * These formats are used consistently across Accounts, Services SDK, and API.
+ */
+/**
+ * Build authentication message for challenge-response
+ * Format: auth:{publicKey}:{challenge}:{timestamp}
+ */
+function buildAuthMessage(publicKey, challenge, timestamp) {
+  return `auth:${publicKey}:${challenge}:${timestamp}`;
+}
+/**
+ * Build registration message
+ * Format: oxy:register:{publicKey}:{timestamp}
+ */
+function buildRegistrationMessage(publicKey, timestamp) {
+  return `oxy:register:${publicKey}:${timestamp}`;
+}
+/**
+ * Build request signing message
+ * Format: request:{publicKey}:{timestamp}:{canonicalData}
+ */
+function buildRequestMessage(publicKey, timestamp, data) {
+  // Create canonical string representation
+  const sortedKeys = Object.keys(data).sort();
+  const canonicalParts = sortedKeys.map(key => `${key}:${JSON.stringify(data[key])}`);
+  const canonicalString = canonicalParts.join('|');
+  return `request:${publicKey}:${timestamp}:${canonicalString}`;
+}
+/**
+ * Create canonical data representation for signing
+ * Sorts keys and creates a consistent string representation
+ */
+function canonicalizeData(data) {
+  const sortedKeys = Object.keys(data).sort();
+  const canonicalParts = sortedKeys.map(key => `${key}:${JSON.stringify(data[key])}`);
+  return canonicalParts.join('|');
+}
+/**
+ * Build auth challenge response payload
+ * Helper to construct the signed challenge response
+ */
+function buildAuthChallengeResponse(publicKey, challenge, signature, timestamp) {
+  return {
+    challenge,
+    publicKey,
+    signature,
+    timestamp
+  };
+}
+/**
+ * Validate timestamp freshness
+ * Ensures signed messages are not too old
+ */
+function isTimestampFresh(timestamp, maxAgeMs = 5 * 60 * 1000 // 5 minutes default
+) {
+  const now = Date.now();
+  return now - timestamp <= maxAgeMs && timestamp <= now;
+}
+//# sourceMappingURL=messageBuilders.js.map

package/lib/commonjs/shared/crypto/messageBuilders.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"names":["buildAuthMessage","publicKey","challenge","timestamp","buildRegistrationMessage","buildRequestMessage","data","sortedKeys","Object","keys","sort","canonicalParts","map","key","JSON","stringify","canonicalString","join","canonicalizeData","buildAuthChallengeResponse","signature","isTimestampFresh","maxAgeMs","now","Date"],"sourceRoot":"../../../../src","sources":["shared/crypto/messageBuilders.ts"],"mappings":";;;;;;;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;;AAIA;AACA;AACA;AACA;AACO,SAASA,gBAAgBA,CAC9BC,SAAiB,EACjBC,SAAiB,EACjBC,SAAiB,EACT;EACR,OAAO,QAAQF,SAAS,IAAIC,SAAS,IAAIC,SAAS,EAAE;AACtD;;AAEA;AACA;AACA;AACA;AACO,SAASC,wBAAwBA,CACtCH,SAAiB,EACjBE,SAAiB,EACT;EACR,OAAO,gBAAgBF,SAAS,IAAIE,SAAS,EAAE;AACjD;;AAEA;AACA;AACA;AACA;AACO,SAASE,mBAAmBA,CACjCJ,SAAiB,EACjBE,SAAiB,EACjBG,IAA6B,EACrB;EACR;EACA,MAAMC,UAAU,GAAGC,MAAM,CAACC,IAAI,CAACH,IAAI,CAAC,CAACI,IAAI,CAAC,CAAC;EAC3C,MAAMC,cAAc,GAAGJ,UAAU,CAACK,GAAG,CAACC,GAAG,IAAI,GAAGA,GAAG,IAAIC,IAAI,CAACC,SAAS,CAACT,IAAI,CAACO,GAAG,CAAC,CAAC,EAAE,CAAC;EACnF,MAAMG,eAAe,GAAGL,cAAc,CAACM,IAAI,CAAC,GAAG,CAAC;EAEhD,OAAO,WAAWhB,SAAS,IAAIE,SAAS,IAAIa,eAAe,EAAE;AAC/D;;AAEA;AACA;AACA;AACA;AACO,SAASE,gBAAgBA,CAACZ,IAA6B,EAAU;EACtE,MAAMC,UAAU,GAAGC,MAAM,CAACC,IAAI,CAACH,IAAI,CAAC,CAACI,IAAI,CAAC,CAAC;EAC3C,MAAMC,cAAc,GAAGJ,UAAU,CAACK,GAAG,CAACC,GAAG,IAAI,GAAGA,GAAG,IAAIC,IAAI,CAACC,SAAS,CAACT,IAAI,CAACO,GAAG,CAAC,CAAC,EAAE,CAAC;EACnF,OAAOF,cAAc,CAACM,IAAI,CAAC,GAAG,CAAC;AACjC;;AAEA;AACA;AACA;AACA;AACO,SAASE,0BAA0BA,CACxClB,SAAiB,EACjBC,SAAiB,EACjBkB,SAAiB,EACjBjB,SAAiB,EACM;EACvB,OAAO;IACLD,SAAS;IACTD,SAAS;IACTmB,SAAS;IACTjB;EACF,CAAC;AACH;;AAEA;AACA;AACA;AACA;AACO,SAASkB,gBAAgBA,CAC9BlB,SAAiB,EACjBmB,QAAgB,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;AAAA,EACxB;EACT,MAAMC,GAAG,GAAGC,IAAI,CAACD,GAAG,CAAC,CAAC;EACtB,OAAQA,GAAG,GAAGpB,SAAS,IAAKmB,QAAQ,IAAInB,SAAS,IAAIoB,GAAG;AAC1D","ignoreList":[]}

package/lib/commonjs/shared/crypto/platform.js ADDED Viewed

@@ -0,0 +1,118 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.PlatformDetector = void 0;
+exports.getCryptoAdapter = getCryptoAdapter;
+function _interopRequireWildcard(e, t) { if ("function" == typeof WeakMap) var r = new WeakMap(), n = new WeakMap(); return (_interopRequireWildcard = function (e, t) { if (!t && e && e.__esModule) return e; var o, i, f = { __proto__: null, default: e }; if (null === e || "object" != typeof e && "function" != typeof e) return f; if (o = t ? n : r) { if (o.has(e)) return o.get(e); o.set(e, f); } for (const t in e) "default" !== t && {}.hasOwnProperty.call(e, t) && ((i = (o = Object.defineProperty) && Object.getOwnPropertyDescriptor(e, t)) && (i.get || i.set) ? o(f, t, i) : f[t] = e[t]); return f; })(e, t); }
+/**
+ * Platform Detection and Adapters
+ *
+ * Provides environment detection and platform-specific crypto adapters
+ * to support Node.js, React Native, and Web environments.
+ */
+/**
+ * Platform types
+ */
+/**
+ * Platform detection utilities
+ */
+const PlatformDetector = exports.PlatformDetector = {
+  /**
+   * Detect current platform
+   */
+  detect() {
+    if (typeof window === 'undefined' && typeof process !== 'undefined' && process.versions?.node) {
+      return 'node';
+    }
+    if (typeof navigator !== 'undefined' && navigator.product === 'ReactNative') {
+      return 'react-native';
+    }
+    return 'web';
+  },
+  /**
+   * Check if running in Node.js
+   */
+  isNode() {
+    return this.detect() === 'node';
+  },
+  /**
+   * Check if running in React Native
+   */
+  isReactNative() {
+    return this.detect() === 'react-native';
+  },
+  /**
+   * Check if running in Web browser
+   */
+  isWeb() {
+    return this.detect() === 'web';
+  }
+};
+/**
+ * Crypto adapter interface
+ * Platform-specific implementations must implement this interface
+ */
+/**
+ * Get the appropriate crypto adapter for the current platform
+ */
+async function getCryptoAdapter() {
+  const platform = PlatformDetector.detect();
+  if (platform === 'node') {
+    // eslint-disable-next-line @typescript-eslint/no-implied-eval
+    const getCrypto = new Function('return require("crypto")');
+    const crypto = getCrypto();
+    return {
+      async randomBytes(size) {
+        return new Uint8Array(crypto.randomBytes(size));
+      },
+      async sha256(message) {
+        return crypto.createHash('sha256').update(message).digest('hex');
+      },
+      sha256Sync(message) {
+        return crypto.createHash('sha256').update(message).digest('hex');
+      }
+    };
+  }
+  if (platform === 'react-native') {
+    // Lazy load expo-crypto (peer dependency)
+    try {
+      // @ts-ignore - expo-crypto is an optional peer dependency
+      const ExpoCrypto = await Promise.resolve().then(() => _interopRequireWildcard(require('expo-crypto')));
+      return {
+        async randomBytes(size) {
+          const bytes = await ExpoCrypto.getRandomBytesAsync(size);
+          return new Uint8Array(bytes);
+        },
+        async sha256(message) {
+          return ExpoCrypto.digestStringAsync(ExpoCrypto.CryptoDigestAlgorithm.SHA256, message);
+        }
+      };
+    } catch (error) {
+      throw new Error(`expo-crypto is required in React Native environment: ${error instanceof Error ? error.message : String(error)}`);
+    }
+  }
+  // Web platform - use Web Crypto API
+  if (typeof window !== 'undefined' && window.crypto) {
+    return {
+      async randomBytes(size) {
+        return window.crypto.getRandomValues(new Uint8Array(size));
+      },
+      async sha256(message) {
+        const encoder = new TextEncoder();
+        const data = encoder.encode(message);
+        const hashBuffer = await window.crypto.subtle.digest('SHA-256', data);
+        const hashArray = Array.from(new Uint8Array(hashBuffer));
+        return hashArray.map(b => b.toString(16).padStart(2, '0')).join('');
+      }
+    };
+  }
+  throw new Error('No suitable crypto implementation found for current platform');
+}
+//# sourceMappingURL=platform.js.map

package/lib/commonjs/shared/crypto/platform.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"names":["PlatformDetector","exports","detect","window","process","versions","node","navigator","product","isNode","isReactNative","isWeb","getCryptoAdapter","platform","getCrypto","Function","crypto","randomBytes","size","Uint8Array","sha256","message","createHash","update","digest","sha256Sync","ExpoCrypto","Promise","resolve","then","_interopRequireWildcard","require","bytes","getRandomBytesAsync","digestStringAsync","CryptoDigestAlgorithm","SHA256","error","Error","String","getRandomValues","encoder","TextEncoder","data","encode","hashBuffer","subtle","hashArray","Array","from","map","b","toString","padStart","join"],"sourceRoot":"../../../../src","sources":["shared/crypto/platform.ts"],"mappings":";;;;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;;AAGA;AACA;AACA;AACO,MAAMA,gBAAgB,GAAAC,OAAA,CAAAD,gBAAA,GAAG;EAC9B;AACF;AACA;EACEE,MAAMA,CAAA,EAAa;IACjB,IAAI,OAAOC,MAAM,KAAK,WAAW,IAAI,OAAOC,OAAO,KAAK,WAAW,IAAIA,OAAO,CAACC,QAAQ,EAAEC,IAAI,EAAE;MAC7F,OAAO,MAAM;IACf;IACA,IAAI,OAAOC,SAAS,KAAK,WAAW,IAAIA,SAAS,CAACC,OAAO,KAAK,aAAa,EAAE;MAC3E,OAAO,cAAc;IACvB;IACA,OAAO,KAAK;EACd,CAAC;EAED;AACF;AACA;EACEC,MAAMA,CAAA,EAAY;IAChB,OAAO,IAAI,CAACP,MAAM,CAAC,CAAC,KAAK,MAAM;EACjC,CAAC;EAED;AACF;AACA;EACEQ,aAAaA,CAAA,EAAY;IACvB,OAAO,IAAI,CAACR,MAAM,CAAC,CAAC,KAAK,cAAc;EACzC,CAAC;EAED;AACF;AACA;EACES,KAAKA,CAAA,EAAY;IACf,OAAO,IAAI,CAACT,MAAM,CAAC,CAAC,KAAK,KAAK;EAChC;AACF,CAAC;;AAED;AACA;AACA;AACA;;AAkBA;AACA;AACA;AACO,eAAeU,gBAAgBA,CAAA,EAA2B;EAC/D,MAAMC,QAAQ,GAAGb,gBAAgB,CAACE,MAAM,CAAC,CAAC;EAE1C,IAAIW,QAAQ,KAAK,MAAM,EAAE;IACvB;IACA,MAAMC,SAAS,GAAG,IAAIC,QAAQ,CAAC,0BAA0B,CAAC;IAC1D,MAAMC,MAAM,GAAGF,SAAS,CAAC,CAAC;IAE1B,OAAO;MACL,MAAMG,WAAWA,CAACC,IAAY,EAAuB;QACnD,OAAO,IAAIC,UAAU,CAACH,MAAM,CAACC,WAAW,CAACC,IAAI,CAAC,CAAC;MACjD,CAAC;MACD,MAAME,MAAMA,CAACC,OAAe,EAAmB;QAC7C,OAAOL,MAAM,CAACM,UAAU,CAAC,QAAQ,CAAC,CAACC,MAAM,CAACF,OAAO,CAAC,CAACG,MAAM,CAAC,KAAK,CAAC;MAClE,CAAC;MACDC,UAAUA,CAACJ,OAAe,EAAU;QAClC,OAAOL,MAAM,CAACM,UAAU,CAAC,QAAQ,CAAC,CAACC,MAAM,CAACF,OAAO,CAAC,CAACG,MAAM,CAAC,KAAK,CAAC;MAClE;IACF,CAAC;EACH;EAEA,IAAIX,QAAQ,KAAK,cAAc,EAAE;IAC/B;IACA,IAAI;MACF;MACA,MAAMa,UAAU,GAAG,MAAAC,OAAA,CAAAC,OAAA,GAAAC,IAAA,OAAAC,uBAAA,CAAAC,OAAA,CAAa,aAAa,GAAC;MAE9C,OAAO;QACL,MAAMd,WAAWA,CAACC,IAAY,EAAuB;UACnD,MAAMc,KAAK,GAAG,MAAMN,UAAU,CAACO,mBAAmB,CAACf,IAAI,CAAC;UACxD,OAAO,IAAIC,UAAU,CAACa,KAAK,CAAC;QAC9B,CAAC;QACD,MAAMZ,MAAMA,CAACC,OAAe,EAAmB;UAC7C,OAAOK,UAAU,CAACQ,iBAAiB,CACjCR,UAAU,CAACS,qBAAqB,CAACC,MAAM,EACvCf,OACF,CAAC;QACH;MACF,CAAC;IACH,CAAC,CAAC,OAAOgB,KAAK,EAAE;MACd,MAAM,IAAIC,KAAK,CACb,wDAAwDD,KAAK,YAAYC,KAAK,GAAGD,KAAK,CAAChB,OAAO,GAAGkB,MAAM,CAACF,KAAK,CAAC,EAChH,CAAC;IACH;EACF;;EAEA;EACA,IAAI,OAAOlC,MAAM,KAAK,WAAW,IAAIA,MAAM,CAACa,MAAM,EAAE;IAClD,OAAO;MACL,MAAMC,WAAWA,CAACC,IAAY,EAAuB;QACnD,OAAOf,MAAM,CAACa,MAAM,CAACwB,eAAe,CAAC,IAAIrB,UAAU,CAACD,IAAI,CAAC,CAAC;MAC5D,CAAC;MACD,MAAME,MAAMA,CAACC,OAAe,EAAmB;QAC7C,MAAMoB,OAAO,GAAG,IAAIC,WAAW,CAAC,CAAC;QACjC,MAAMC,IAAI,GAAGF,OAAO,CAACG,MAAM,CAACvB,OAAO,CAAC;QACpC,MAAMwB,UAAU,GAAG,MAAM1C,MAAM,CAACa,MAAM,CAAC8B,MAAM,CAACtB,MAAM,CAAC,SAAS,EAAEmB,IAAI,CAAC;QACrE,MAAMI,SAAS,GAAGC,KAAK,CAACC,IAAI,CAAC,IAAI9B,UAAU,CAAC0B,UAAU,CAAC,CAAC;QACxD,OAAOE,SAAS,CAACG,GAAG,CAACC,CAAC,IAAIA,CAAC,CAACC,QAAQ,CAAC,EAAE,CAAC,CAACC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAACC,IAAI,CAAC,EAAE,CAAC;MACrE;IACF,CAAC;EACH;EAEA,MAAM,IAAIhB,KAAK,CAAC,8DAA8D,CAAC;AACjF","ignoreList":[]}

package/lib/commonjs/shared/crypto/signature.js ADDED Viewed

@@ -0,0 +1,191 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.SignatureService = exports.MAX_SIGNATURE_AGE_MS = exports.CHALLENGE_TTL_MS = void 0;
+var _elliptic = require("elliptic");
+var _platform = require("./platform");
+var _messageBuilders = require("./messageBuilders");
+/**
+ * Signature Verification Service
+ *
+ * Unified signature verification used by both backend (API) and SDK.
+ * Uses platform adapters for crypto operations while keeping message construction shared.
+ */
+const ec = new _elliptic.ec('secp256k1');
+/**
+ * Maximum age for signed messages (5 minutes)
+ */
+const MAX_SIGNATURE_AGE_MS = exports.MAX_SIGNATURE_AGE_MS = 5 * 60 * 1000;
+/**
+ * Challenge TTL (5 minutes)
+ */
+const CHALLENGE_TTL_MS = exports.CHALLENGE_TTL_MS = 5 * 60 * 1000;
+/**
+ * Signature Service
+ * Provides signature verification that works across all platforms
+ */
+class SignatureService {
+  /**
+   * Verify an ECDSA signature
+   *
+   * @param message - The original message that was signed
+   * @param signature - The signature in DER format (hex encoded)
+   * @param publicKey - The public key (hex encoded, uncompressed)
+   * @returns true if the signature is valid
+   */
+  static async verify(message, signature, publicKey) {
+    try {
+      const key = ec.keyFromPublic(publicKey, 'hex');
+      const adapter = await (0, _platform.getCryptoAdapter)();
+      const messageHash = await adapter.sha256(message);
+      return key.verify(messageHash, signature);
+    } catch {
+      return false;
+    }
+  }
+  /**
+   * Synchronous signature verification (Node.js only)
+   * Uses Node.js crypto module directly for hashing
+   */
+  static verifySync(message, signature, publicKey) {
+    if (!_platform.PlatformDetector.isNode()) {
+      throw new Error('verifySync should only be used in Node.js. Use verify() in other environments.');
+    }
+    try {
+      // eslint-disable-next-line @typescript-eslint/no-implied-eval
+      const getCrypto = new Function('return require("crypto")');
+      const crypto = getCrypto();
+      const key = ec.keyFromPublic(publicKey, 'hex');
+      const messageHash = crypto.createHash('sha256').update(message).digest('hex');
+      return key.verify(messageHash, signature);
+    } catch {
+      return false;
+    }
+  }
+  /**
+   * Verify an authentication challenge response
+   *
+   * @param publicKey - The user's public key
+   * @param challenge - The original challenge string
+   * @param signature - The signature of the auth message
+   * @param timestamp - The timestamp when the signature was created
+   * @param maxAgeMs - Maximum age of the signature in milliseconds
+   * @returns true if the challenge response is valid
+   */
+  static async verifyChallengeResponse(publicKey, challenge, signature, timestamp, maxAgeMs = CHALLENGE_TTL_MS) {
+    // Check timestamp freshness
+    if (!(0, _messageBuilders.isTimestampFresh)(timestamp, maxAgeMs)) {
+      return false;
+    }
+    // Build the canonical message
+    const message = (0, _messageBuilders.buildAuthMessage)(publicKey, challenge, timestamp);
+    // Verify the signature
+    return this.verify(message, signature, publicKey);
+  }
+  /**
+   * Synchronous challenge response verification (Node.js only)
+   */
+  static verifyChallengeResponseSync(publicKey, challenge, signature, timestamp, maxAgeMs = CHALLENGE_TTL_MS) {
+    // Check timestamp freshness
+    if (!(0, _messageBuilders.isTimestampFresh)(timestamp, maxAgeMs)) {
+      return false;
+    }
+    // Build the canonical message
+    const message = (0, _messageBuilders.buildAuthMessage)(publicKey, challenge, timestamp);
+    // Verify the signature
+    return this.verifySync(message, signature, publicKey);
+  }
+  /**
+   * Verify a registration signature
+   * Signature format: oxy:register:{publicKey}:{timestamp}
+   */
+  static async verifyRegistrationSignature(publicKey, signature, timestamp, maxAgeMs = MAX_SIGNATURE_AGE_MS) {
+    // Check timestamp freshness
+    if (!(0, _messageBuilders.isTimestampFresh)(timestamp, maxAgeMs)) {
+      return false;
+    }
+    // Build the canonical message
+    const message = (0, _messageBuilders.buildRegistrationMessage)(publicKey, timestamp);
+    // Verify the signature
+    return this.verify(message, signature, publicKey);
+  }
+  /**
+   * Synchronous registration signature verification (Node.js only)
+   */
+  static verifyRegistrationSignatureSync(publicKey, signature, timestamp, maxAgeMs = MAX_SIGNATURE_AGE_MS) {
+    // Check timestamp freshness
+    if (!(0, _messageBuilders.isTimestampFresh)(timestamp, maxAgeMs)) {
+      return false;
+    }
+    // Build the canonical message
+    const message = (0, _messageBuilders.buildRegistrationMessage)(publicKey, timestamp);
+    // Verify the signature
+    return this.verifySync(message, signature, publicKey);
+  }
+  /**
+   * Verify a signed request
+   * Used for authenticated API operations
+   */
+  static async verifyRequestSignature(publicKey, data, signature, timestamp, maxAgeMs = MAX_SIGNATURE_AGE_MS) {
+    // Check timestamp freshness
+    if (!(0, _messageBuilders.isTimestampFresh)(timestamp, maxAgeMs)) {
+      return false;
+    }
+    // Build the canonical message
+    const message = (0, _messageBuilders.buildRequestMessage)(publicKey, timestamp, data);
+    // Verify the signature
+    return this.verify(message, signature, publicKey);
+  }
+  /**
+   * Synchronous request signature verification (Node.js only)
+   */
+  static verifyRequestSignatureSync(publicKey, data, signature, timestamp, maxAgeMs = MAX_SIGNATURE_AGE_MS) {
+    // Check timestamp freshness
+    if (!(0, _messageBuilders.isTimestampFresh)(timestamp, maxAgeMs)) {
+      return false;
+    }
+    // Build the canonical message
+    const message = (0, _messageBuilders.buildRequestMessage)(publicKey, timestamp, data);
+    // Verify the signature
+    return this.verifySync(message, signature, publicKey);
+  }
+  /**
+   * Validate that a string is a valid public key
+   */
+  static isValidPublicKey(publicKey) {
+    try {
+      ec.keyFromPublic(publicKey, 'hex');
+      return true;
+    } catch {
+      return false;
+    }
+  }
+}
+exports.SignatureService = SignatureService;
+//# sourceMappingURL=signature.js.map

package/lib/commonjs/shared/crypto/signature.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"names":["_elliptic","require","_platform","_messageBuilders","ec","EC","MAX_SIGNATURE_AGE_MS","exports","CHALLENGE_TTL_MS","SignatureService","verify","message","signature","publicKey","key","keyFromPublic","adapter","getCryptoAdapter","messageHash","sha256","verifySync","PlatformDetector","isNode","Error","getCrypto","Function","crypto","createHash","update","digest","verifyChallengeResponse","challenge","timestamp","maxAgeMs","isTimestampFresh","buildAuthMessage","verifyChallengeResponseSync","verifyRegistrationSignature","buildRegistrationMessage","verifyRegistrationSignatureSync","verifyRequestSignature","data","buildRequestMessage","verifyRequestSignatureSync","isValidPublicKey"],"sourceRoot":"../../../../src","sources":["shared/crypto/signature.ts"],"mappings":";;;;;;AAOA,IAAAA,SAAA,GAAAC,OAAA;AACA,IAAAC,SAAA,GAAAD,OAAA;AACA,IAAAE,gBAAA,GAAAF,OAAA;AATA;AACA;AACA;AACA;AACA;AACA;;AAWA,MAAMG,EAAE,GAAG,IAAIC,YAAE,CAAC,WAAW,CAAC;;AAE9B;AACA;AACA;AACO,MAAMC,oBAAoB,GAAAC,OAAA,CAAAD,oBAAA,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI;;AAEjD;AACA;AACA;AACO,MAAME,gBAAgB,GAAAD,OAAA,CAAAC,gBAAA,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI;;AAE7C;AACA;AACA;AACA;AACO,MAAMC,gBAAgB,CAAC;EAC5B;AACF;AACA;AACA;AACA;AACA;AACA;AACA;EACE,aAAaC,MAAMA,CACjBC,OAAe,EACfC,SAAiB,EACjBC,SAAiB,EACC;IAClB,IAAI;MACF,MAAMC,GAAG,GAAGV,EAAE,CAACW,aAAa,CAACF,SAAS,EAAE,KAAK,CAAC;MAC9C,MAAMG,OAAO,GAAG,MAAM,IAAAC,0BAAgB,EAAC,CAAC;MACxC,MAAMC,WAAW,GAAG,MAAMF,OAAO,CAACG,MAAM,CAACR,OAAO,CAAC;MACjD,OAAOG,GAAG,CAACJ,MAAM,CAACQ,WAAW,EAAEN,SAAS,CAAC;IAC3C,CAAC,CAAC,MAAM;MACN,OAAO,KAAK;IACd;EACF;;EAEA;AACF;AACA;AACA;EACE,OAAOQ,UAAUA,CACfT,OAAe,EACfC,SAAiB,EACjBC,SAAiB,EACR;IACT,IAAI,CAACQ,0BAAgB,CAACC,MAAM,CAAC,CAAC,EAAE;MAC9B,MAAM,IAAIC,KAAK,CACb,gFACF,CAAC;IACH;IAEA,IAAI;MACF;MACA,MAAMC,SAAS,GAAG,IAAIC,QAAQ,CAAC,0BAA0B,CAAC;MAC1D,MAAMC,MAAM,GAAGF,SAAS,CAAC,CAAC;MAC1B,MAAMV,GAAG,GAAGV,EAAE,CAACW,aAAa,CAACF,SAAS,EAAE,KAAK,CAAC;MAC9C,MAAMK,WAAW,GAAGQ,MAAM,CAACC,UAAU,CAAC,QAAQ,CAAC,CAACC,MAAM,CAACjB,OAAO,CAAC,CAACkB,MAAM,CAAC,KAAK,CAAC;MAC7E,OAAOf,GAAG,CAACJ,MAAM,CAACQ,WAAW,EAAEN,SAAS,CAAC;IAC3C,CAAC,CAAC,MAAM;MACN,OAAO,KAAK;IACd;EACF;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACE,aAAakB,uBAAuBA,CAClCjB,SAAiB,EACjBkB,SAAiB,EACjBnB,SAAiB,EACjBoB,SAAiB,EACjBC,QAAgB,GAAGzB,gBAAgB,EACjB;IAClB;IACA,IAAI,CAAC,IAAA0B,iCAAgB,EAACF,SAAS,EAAEC,QAAQ,CAAC,EAAE;MAC1C,OAAO,KAAK;IACd;;IAEA;IACA,MAAMtB,OAAO,GAAG,IAAAwB,iCAAgB,EAACtB,SAAS,EAAEkB,SAAS,EAAEC,SAAS,CAAC;;IAEjE;IACA,OAAO,IAAI,CAACtB,MAAM,CAACC,OAAO,EAAEC,SAAS,EAAEC,SAAS,CAAC;EACnD;;EAEA;AACF;AACA;EACE,OAAOuB,2BAA2BA,CAChCvB,SAAiB,EACjBkB,SAAiB,EACjBnB,SAAiB,EACjBoB,SAAiB,EACjBC,QAAgB,GAAGzB,gBAAgB,EAC1B;IACT;IACA,IAAI,CAAC,IAAA0B,iCAAgB,EAACF,SAAS,EAAEC,QAAQ,CAAC,EAAE;MAC1C,OAAO,KAAK;IACd;;IAEA;IACA,MAAMtB,OAAO,GAAG,IAAAwB,iCAAgB,EAACtB,SAAS,EAAEkB,SAAS,EAAEC,SAAS,CAAC;;IAEjE;IACA,OAAO,IAAI,CAACZ,UAAU,CAACT,OAAO,EAAEC,SAAS,EAAEC,SAAS,CAAC;EACvD;;EAEA;AACF;AACA;AACA;EACE,aAAawB,2BAA2BA,CACtCxB,SAAiB,EACjBD,SAAiB,EACjBoB,SAAiB,EACjBC,QAAgB,GAAG3B,oBAAoB,EACrB;IAClB;IACA,IAAI,CAAC,IAAA4B,iCAAgB,EAACF,SAAS,EAAEC,QAAQ,CAAC,EAAE;MAC1C,OAAO,KAAK;IACd;;IAEA;IACA,MAAMtB,OAAO,GAAG,IAAA2B,yCAAwB,EAACzB,SAAS,EAAEmB,SAAS,CAAC;;IAE9D;IACA,OAAO,IAAI,CAACtB,MAAM,CAACC,OAAO,EAAEC,SAAS,EAAEC,SAAS,CAAC;EACnD;;EAEA;AACF;AACA;EACE,OAAO0B,+BAA+BA,CACpC1B,SAAiB,EACjBD,SAAiB,EACjBoB,SAAiB,EACjBC,QAAgB,GAAG3B,oBAAoB,EAC9B;IACT;IACA,IAAI,CAAC,IAAA4B,iCAAgB,EAACF,SAAS,EAAEC,QAAQ,CAAC,EAAE;MAC1C,OAAO,KAAK;IACd;;IAEA;IACA,MAAMtB,OAAO,GAAG,IAAA2B,yCAAwB,EAACzB,SAAS,EAAEmB,SAAS,CAAC;;IAE9D;IACA,OAAO,IAAI,CAACZ,UAAU,CAACT,OAAO,EAAEC,SAAS,EAAEC,SAAS,CAAC;EACvD;;EAEA;AACF;AACA;AACA;EACE,aAAa2B,sBAAsBA,CACjC3B,SAAiB,EACjB4B,IAA6B,EAC7B7B,SAAiB,EACjBoB,SAAiB,EACjBC,QAAgB,GAAG3B,oBAAoB,EACrB;IAClB;IACA,IAAI,CAAC,IAAA4B,iCAAgB,EAACF,SAAS,EAAEC,QAAQ,CAAC,EAAE;MAC1C,OAAO,KAAK;IACd;;IAEA;IACA,MAAMtB,OAAO,GAAG,IAAA+B,oCAAmB,EAAC7B,SAAS,EAAEmB,SAAS,EAAES,IAAI,CAAC;;IAE/D;IACA,OAAO,IAAI,CAAC/B,MAAM,CAACC,OAAO,EAAEC,SAAS,EAAEC,SAAS,CAAC;EACnD;;EAEA;AACF;AACA;EACE,OAAO8B,0BAA0BA,CAC/B9B,SAAiB,EACjB4B,IAA6B,EAC7B7B,SAAiB,EACjBoB,SAAiB,EACjBC,QAAgB,GAAG3B,oBAAoB,EAC9B;IACT;IACA,IAAI,CAAC,IAAA4B,iCAAgB,EAACF,SAAS,EAAEC,QAAQ,CAAC,EAAE;MAC1C,OAAO,KAAK;IACd;;IAEA;IACA,MAAMtB,OAAO,GAAG,IAAA+B,oCAAmB,EAAC7B,SAAS,EAAEmB,SAAS,EAAES,IAAI,CAAC;;IAE/D;IACA,OAAO,IAAI,CAACrB,UAAU,CAACT,OAAO,EAAEC,SAAS,EAAEC,SAAS,CAAC;EACvD;;EAEA;AACF;AACA;EACE,OAAO+B,gBAAgBA,CAAC/B,SAAiB,EAAW;IAClD,IAAI;MACFT,EAAE,CAACW,aAAa,CAACF,SAAS,EAAE,KAAK,CAAC;MAClC,OAAO,IAAI;IACb,CAAC,CAAC,MAAM;MACN,OAAO,KAAK;IACd;EACF;AACF;AAACN,OAAA,CAAAE,gBAAA,GAAAA,gBAAA","ignoreList":[]}

package/lib/commonjs/shared/index.js ADDED Viewed

@@ -0,0 +1,94 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+var _exportNames = {
+  getCryptoAdapter: true,
+  PlatformDetector: true
+};
+Object.defineProperty(exports, "PlatformDetector", {
+  enumerable: true,
+  get: function () {
+    return _platform.PlatformDetector;
+  }
+});
+Object.defineProperty(exports, "getCryptoAdapter", {
+  enumerable: true,
+  get: function () {
+    return _platform.getCryptoAdapter;
+  }
+});
+var _index = require("./models/index");
+Object.keys(_index).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
+  if (key in exports && exports[key] === _index[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function () {
+      return _index[key];
+    }
+  });
+});
+var _signature = require("./crypto/signature");
+Object.keys(_signature).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
+  if (key in exports && exports[key] === _signature[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function () {
+      return _signature[key];
+    }
+  });
+});
+var _messageBuilders = require("./crypto/messageBuilders");
+Object.keys(_messageBuilders).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
+  if (key in exports && exports[key] === _messageBuilders[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function () {
+      return _messageBuilders[key];
+    }
+  });
+});
+var _platform = require("./crypto/platform");
+Object.keys(_platform).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
+  if (key in exports && exports[key] === _platform[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function () {
+      return _platform[key];
+    }
+  });
+});
+var _index2 = require("./utils/index");
+Object.keys(_index2).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
+  if (key in exports && exports[key] === _index2[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function () {
+      return _index2[key];
+    }
+  });
+});
+var _index3 = require("./transport/index");
+Object.keys(_index3).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
+  if (key in exports && exports[key] === _index3[key]) return;
+  Object.defineProperty(exports, key, {
+    enumerable: true,
+    get: function () {
+      return _index3[key];
+    }
+  });
+});
+//# sourceMappingURL=index.js.map

package/lib/commonjs/shared/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"names":["_index","require","Object","keys","forEach","key","prototype","hasOwnProperty","call","_exportNames","exports","defineProperty","enumerable","get","_signature","_messageBuilders","_platform","_index2","_index3"],"sourceRoot":"../../../src","sources":["shared/index.ts"],"mappings":";;;;;;;;;;;;;;;;;;;;;AAcA,IAAAA,MAAA,GAAAC,OAAA;AAAAC,MAAA,CAAAC,IAAA,CAAAH,MAAA,EAAAI,OAAA,WAAAC,GAAA;EAAA,IAAAA,GAAA,kBAAAA,GAAA;EAAA,IAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAC,YAAA,EAAAJ,GAAA;EAAA,IAAAA,GAAA,IAAAK,OAAA,IAAAA,OAAA,CAAAL,GAAA,MAAAL,MAAA,CAAAK,GAAA;EAAAH,MAAA,CAAAS,cAAA,CAAAD,OAAA,EAAAL,GAAA;IAAAO,UAAA;IAAAC,GAAA,WAAAA,CAAA;MAAA,OAAAb,MAAA,CAAAK,GAAA;IAAA;EAAA;AAAA;AAGA,IAAAS,UAAA,GAAAb,OAAA;AAAAC,MAAA,CAAAC,IAAA,CAAAW,UAAA,EAAAV,OAAA,WAAAC,GAAA;EAAA,IAAAA,GAAA,kBAAAA,GAAA;EAAA,IAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAC,YAAA,EAAAJ,GAAA;EAAA,IAAAA,GAAA,IAAAK,OAAA,IAAAA,OAAA,CAAAL,GAAA,MAAAS,UAAA,CAAAT,GAAA;EAAAH,MAAA,CAAAS,cAAA,CAAAD,OAAA,EAAAL,GAAA;IAAAO,UAAA;IAAAC,GAAA,WAAAA,CAAA;MAAA,OAAAC,UAAA,CAAAT,GAAA;IAAA;EAAA;AAAA;AACA,IAAAU,gBAAA,GAAAd,OAAA;AAAAC,MAAA,CAAAC,IAAA,CAAAY,gBAAA,EAAAX,OAAA,WAAAC,GAAA;EAAA,IAAAA,GAAA,kBAAAA,GAAA;EAAA,IAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAC,YAAA,EAAAJ,GAAA;EAAA,IAAAA,GAAA,IAAAK,OAAA,IAAAA,OAAA,CAAAL,GAAA,MAAAU,gBAAA,CAAAV,GAAA;EAAAH,MAAA,CAAAS,cAAA,CAAAD,OAAA,EAAAL,GAAA;IAAAO,UAAA;IAAAC,GAAA,WAAAA,CAAA;MAAA,OAAAE,gBAAA,CAAAV,GAAA;IAAA;EAAA;AAAA;AACA,IAAAW,SAAA,GAAAf,OAAA;AAAAC,MAAA,CAAAC,IAAA,CAAAa,SAAA,EAAAZ,OAAA,WAAAC,GAAA;EAAA,IAAAA,GAAA,kBAAAA,GAAA;EAAA,IAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAC,YAAA,EAAAJ,GAAA;EAAA,IAAAA,GAAA,IAAAK,OAAA,IAAAA,OAAA,CAAAL,GAAA,MAAAW,SAAA,CAAAX,GAAA;EAAAH,MAAA,CAAAS,cAAA,CAAAD,OAAA,EAAAL,GAAA;IAAAO,UAAA;IAAAC,GAAA,WAAAA,CAAA;MAAA,OAAAG,SAAA,CAAAX,GAAA;IAAA;EAAA;AAAA;AAIA,IAAAY,OAAA,GAAAhB,OAAA;AAAAC,MAAA,CAAAC,IAAA,CAAAc,OAAA,EAAAb,OAAA,WAAAC,GAAA;EAAA,IAAAA,GAAA,kBAAAA,GAAA;EAAA,IAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAC,YAAA,EAAAJ,GAAA;EAAA,IAAAA,GAAA,IAAAK,OAAA,IAAAA,OAAA,CAAAL,GAAA,MAAAY,OAAA,CAAAZ,GAAA;EAAAH,MAAA,CAAAS,cAAA,CAAAD,OAAA,EAAAL,GAAA;IAAAO,UAAA;IAAAC,GAAA,WAAAA,CAAA;MAAA,OAAAI,OAAA,CAAAZ,GAAA;IAAA;EAAA;AAAA;AAGA,IAAAa,OAAA,GAAAjB,OAAA;AAAAC,MAAA,CAAAC,IAAA,CAAAe,OAAA,EAAAd,OAAA,WAAAC,GAAA;EAAA,IAAAA,GAAA,kBAAAA,GAAA;EAAA,IAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAC,YAAA,EAAAJ,GAAA;EAAA,IAAAA,GAAA,IAAAK,OAAA,IAAAA,OAAA,CAAAL,GAAA,MAAAa,OAAA,CAAAb,GAAA;EAAAH,MAAA,CAAAS,cAAA,CAAAD,OAAA,EAAAL,GAAA;IAAAO,UAAA;IAAAC,GAAA,WAAAA,CAAA;MAAA,OAAAK,OAAA,CAAAb,GAAA;IAAA;EAAA;AAAA","ignoreList":[]}

package/lib/commonjs/shared/models/index.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";
2	+ //# sourceMappingURL=index.js.map

package/lib/commonjs/shared/models/index.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"names":[],"sourceRoot":"../../../../src","sources":["shared/models/index.ts"],"mappings":"","ignoreList":[]}