@pagopa/io-react-native-wallet 1.7.1 → 2.0.0-next.1

package/lib/commonjs/sd-jwt/__test__/index.test.js.map

@@ -1 +1 @@
-{"version":3,"names":["_zod","require","_index","_ioReactNativeJwt","_types","token","unsigned","signature","signed","tokenizedDisclosures","sdJwt","header","kid","typ","alg","payload","sub","vct","expiry_date","iss","_sd","issuing_country","_sd_alg","issuing_authority","cnf","jwk","kty","crv","x","y","exp","iat","verification","evidence","method","trust_framework","assurance_level","status","status_assertion","credential_hash_alg","disclosures","it","expect","JSON","parse","decodeBase64","encodeBase64","stringify","toEqual","join","toBe","describe","result","decode","SdJwt4VC","map","decoded","i","encoded","validDecoder","and","z","object","customField","string","invalidDecoder","error","disclose","expected","paths","claim","path","fn","rejects","any","Error"],"sourceRoot":"../../../../src","sources":["sd-jwt/__test__/index.test.ts"],"mappings":";;AAAA,IAAAA,IAAA,GAAAC,OAAA;AACA,IAAAC,MAAA,GAAAD,OAAA;AAEA,IAAAE,iBAAA,GAAAF,OAAA;AACA,IAAAG,MAAA,GAAAH,OAAA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMI,KAAK,GACT,msEAAmsE;AAErsE,MAAMC,QAAQ,GACZ,glDAAglD;AAEllD,MAAMC,SAAS,GACb,wFAAwF;AAE1F,MAAMC,MAAM,GAAI,GAAEF,QAAS,IAAGC,SAAU,EAAC;AAEzC,MAAME,oBAAoB,GAAG,CAC3B,iEAAiE,EACjE,sEAAsE,EACtE,iEAAiE,EACjE,wEAAwE,EACxE,iEAAiE,EACjE,8DAA8D,EAC9D,yFAAyF,EACzF,4DAA4D,CAC7D;AAED,MAAMC,KAAK,GAAG;EACZC,MAAM,EAAE;IACNC,GAAG,EAAE,6CAA6C;IAClDC,GAAG,EAAE,WAAW;IAChBC,GAAG,EAAE;EACP,CAAC;EACDC,OAAO,EAAE;IACPC,GAAG,EAAE,6CAA6C;IAClDC,GAAG,EAAE,6BAA6B;IAClCC,WAAW,EAAE,YAAY;IACzBC,GAAG,EAAE,iDAAiD;IACtDC,GAAG,EAAE,CACH,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,CAC9C;IACD,eAAe,EACb,kEAAkE;IACpEC,eAAe,EAAE,IAAI;IACrBC,OAAO,EAAE,SAAS;IAClBC,iBAAiB,EAAE,0CAA0C;IAC7DC,GAAG,EAAE;MACHC,GAAG,EAAE;QACHC,GAAG,EAAE,IAAI;QACTC,GAAG,EAAE,OAAO;QACZf,GAAG,EAAE,6CAA6C;QAClDgB,CAAC,EAAE,6CAA6C;QAChDC,CAAC,EAAE;MACL;IACF,CAAC;IACDC,GAAG,EAAE,UAAU;IACfC,GAAG,EAAE,UAAU;IACfC,YAAY,EAAE;MACZC,QAAQ,EAAE;QACRC,MAAM,EAAE;MACV,CAAC;MACDC,eAAe,EAAE,OAAO;MACxBC,eAAe,EAAE;IACnB,CAAC;IACDC,MAAM,EAAE;MACNC,gBAAgB,EAAE;QAChBC,mBAAmB,EAAE;MACvB;IACF;EACF;AACF,CAAC;;AAED;AACA,MAAMC,WAAW,GAAG,CAClB,CAAC,wBAAwB,EAAE,YAAY,EAAE,OAAO,CAAC,EACjD,CAAC,wBAAwB,EAAE,aAAa,EAAE,UAAU,CAAC,EACrD,CAAC,wBAAwB,EAAE,WAAW,EAAE,QAAQ,CAAC,EACjD,CAAC,wBAAwB,EAAE,YAAY,EAAE,YAAY,CAAC,EACtD,CAAC,wBAAwB,EAAE,aAAa,EAAE,MAAM,CAAC,EACjD,CAAC,wBAAwB,EAAE,aAAa,EAAE,IAAI,CAAC,EAC/C,CAAC,wBAAwB,EAAE,aAAa,EAAE,wBAAwB,CAAC,EACnE,CAAC,wBAAwB,EAAE,KAAK,EAAE,UAAU,CAAC,CAC9C;AACDC,EAAE,CAAC,kCAAkC,EAAE,MAAM;EAC3CC,MAAM,CACJC,IAAI,CAACC,KAAK,CAAC,IAAAC,8BAAY,EAAC,IAAAC,8BAAY,EAACH,IAAI,CAACI,SAAS,CAACrC,KAAK,CAACC,MAAM,CAAC,CAAC,CAAC,CACrE,CAAC,CAACqC,OAAO,CAACtC,KAAK,CAACC,MAAM,CAAC;EACvB+B,MAAM,CAAC,CAAClC,MAAM,EAAE,GAAGC,oBAAoB,CAAC,CAACwC,IAAI,CAAC,GAAG,CAAC,CAAC,CAACC,IAAI,CAAC7C,KAAK,CAAC;AACjE,CAAC,CAAC;AAEF8C,QAAQ,CAAC,QAAQ,EAAE,MAAM;EACvBV,EAAE,CAAC,6BAA6B,EAAE,MAAM;IACtC,MAAMW,MAAM,GAAG,IAAAC,aAAM,EAAChD,KAAK,EAAEiD,eAAQ,CAAC;IACtCZ,MAAM,CAACU,MAAM,CAAC,CAACJ,OAAO,CAAC;MACrBtC,KAAK;MACL8B,WAAW,EAAEA,WAAW,CAACe,GAAG,CAAC,CAACC,OAAO,EAAEC,CAAC,MAAM;QAC5CD,OAAO;QACPE,OAAO,EAAEjD,oBAAoB,CAACgD,CAAC;MACjC,CAAC,CAAC;IACJ,CAAC,CAAC;EACJ,CAAC,CAAC;EAEFhB,EAAE,CAAC,oCAAoC,EAAE,MAAM;IAC7C,MAAMW,MAAM,GAAG,IAAAC,aAAM,EAAChD,KAAK,CAAC;IAC5BqC,MAAM,CAACU,MAAM,CAAC,CAACJ,OAAO,CAAC;MACrBtC,KAAK;MACL8B,WAAW,EAAEA,WAAW,CAACe,GAAG,CAAC,CAACC,OAAO,EAAEC,CAAC,MAAM;QAC5CD,OAAO;QACPE,OAAO,EAAEjD,oBAAoB,CAACgD,CAAC;MACjC,CAAC,CAAC;IACJ,CAAC,CAAC;EACJ,CAAC,CAAC;EAEFhB,EAAE,CAAC,kDAAkD,EAAE,MAAM;IAC3D,MAAMkB,YAAY,GAAGL,eAAQ,CAACM,GAAG,CAC/BC,MAAC,CAACC,MAAM,CAAC;MAAE/C,OAAO,EAAE8C,MAAC,CAACC,MAAM,CAAC;QAAEC,WAAW,EAAEF,MAAC,CAACG,MAAM,CAAC;MAAE,CAAC;IAAE,CAAC,CAC7D,CAAC;IACD,MAAMC,cAAc,GAAGJ,MAAC,CAACC,MAAM,CAAC;MAC9B/C,OAAO,EAAE8C,MAAC,CAACC,MAAM,CAAC;QAAEC,WAAW,EAAEF,MAAC,CAACG,MAAM,CAAC;MAAE,CAAC;IAC/C,CAAC,CAAC;IAEF,IAAI;MACF;MACA,IAAAX,aAAM,EAAChD,KAAK,EAAEsD,YAAY,CAAC;MAC3B;MACA,IAAAN,aAAM,EAAChD,KAAK,EAAE4D,cAAc,CAAC;IAC/B,CAAC,CAAC,OAAOC,KAAK,EAAE;MACd;MACA;IAAA;EAEJ,CAAC,CAAC;AACJ,CAAC,CAAC;AAEFf,QAAQ,CAAC,UAAU,EAAE,MAAM;EACzBV,EAAE,CAAC,yCAAyC,EAAE,YAAY;IACxD,MAAMW,MAAM,GAAG,MAAM,IAAAe,eAAQ,EAAC9D,KAAK,EAAE,CAAC,WAAW,CAAC,CAAC;IACnD,MAAM+D,QAAQ,GAAG;MACf/D,KAAK,EAAG,GAAEG,MAAO,kEAAiE;MAClF6D,KAAK,EAAE,CAAC;QAAEC,KAAK,EAAE,WAAW;QAAEC,IAAI,EAAE;MAAgC,CAAC;IACvE,CAAC;IAED7B,MAAM,CAACU,MAAM,CAAC,CAACJ,OAAO,CAACoB,QAAQ,CAAC;EAClC,CAAC,CAAC;EAEF3B,EAAE,CAAC,yCAAyC,EAAE,YAAY;IACxD,MAAMW,MAAM,GAAG,MAAM,IAAAe,eAAQ,EAAC9D,KAAK,EAAE,EAAE,CAAC;IACxC,MAAM+D,QAAQ,GAAG;MAAE/D,KAAK,EAAG,GAAEG,MAAO,EAAC;MAAE6D,KAAK,EAAE;IAAG,CAAC;IAElD3B,MAAM,CAACU,MAAM,CAAC,CAACJ,OAAO,CAACoB,QAAQ,CAAC;EAClC,CAAC,CAAC;EAEF3B,EAAE,CAAC,+CAA+C,EAAE,YAAY;IAC9D,MAAMW,MAAM,GAAG,MAAM,IAAAe,eAAQ,EAAC9D,KAAK,EAAE,CAAC,KAAK,EAAE,aAAa,CAAC,CAAC;IAC5D,MAAM+D,QAAQ,GAAG;MACf/D,KAAK,EAAG,GAAEG,MAAO,kIAAiI;MAClJ6D,KAAK,EAAE,CACL;QACEC,KAAK,EAAE,KAAK;QACZC,IAAI,EAAE;MACR,CAAC,EACD;QACED,KAAK,EAAE,aAAa;QACpBC,IAAI,EAAE;MACR,CAAC;IAEL,CAAC;IAED7B,MAAM,CAACU,MAAM,CAAC,CAACJ,OAAO,CAACoB,QAAQ,CAAC;EAClC,CAAC,CAAC;EAEF3B,EAAE,CAAC,8BAA8B,EAAE,YAAY;IAC7C,MAAM+B,EAAE,GAAG,MAAAA,CAAA,KAAY,IAAAL,eAAQ,EAAC9D,KAAK,EAAE,CAAC,SAAS,CAAC,CAAC;IAEnD,MAAMqC,MAAM,CAAC8B,EAAE,CAAC,CAAC,CAAC,CAACC,OAAO,CAACzB,OAAO,CAACN,MAAM,CAACgC,GAAG,CAACC,KAAK,CAAC,CAAC;EACvD,CAAC,CAAC;AACJ,CAAC,CAAC"}
+{"version":3,"names":["_zod","require","_index","_ioReactNativeJwt","_types","token","unsigned","signature","signed","tokenizedDisclosures","sdJwt","header","kid","typ","alg","payload","_sd","sub","_sd_alg","vct","iss","cnf","jwk","kty","crv","x","y","exp","status","status_attestation","credential_hash_alg","disclosures","it","expect","JSON","parse","decodeBase64","encodeBase64","stringify","toEqual","join","toBe","describe","result","decode","SdJwt4VC","map","decoded","i","encoded","validDecoder","and","z","object","customField","string","invalidDecoder","error","disclose","expected","paths","claim","path","fn","rejects","any","Error"],"sourceRoot":"../../../../src","sources":["sd-jwt/__test__/index.test.ts"],"mappings":";;AAAA,IAAAA,IAAA,GAAAC,OAAA;AACA,IAAAC,MAAA,GAAAD,OAAA;AAEA,IAAAE,iBAAA,GAAAF,OAAA;AACA,IAAAG,MAAA,GAAAH,OAAA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMI,KAAK,GACT,giDAAgiD;AAEliD,MAAMC,QAAQ,GACZ,whCAAwhC;AAE1hC,MAAMC,SAAS,GACb,wFAAwF;AAE1F,MAAMC,MAAM,GAAI,GAAEF,QAAS,IAAGC,SAAU,EAAC;AAEzC,MAAME,oBAAoB,GAAG,CAC3B,sFAAsF,EACtF,wEAAwE,EACxE,yFAAyF,EACzF,8DAA8D,EAC9D,sEAAsE,EACtE,4DAA4D,CAC7D;AAED,MAAMC,KAAK,GAAG;EACZC,MAAM,EAAE;IACNC,GAAG,EAAE,6CAA6C;IAClDC,GAAG,EAAE,WAAW;IAChBC,GAAG,EAAE;EACP,CAAC;EACDC,OAAO,EAAE;IACPC,GAAG,EAAE,CACH,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,CAC9C;IACDC,GAAG,EAAE,sCAAsC;IAC3CC,OAAO,EAAE,SAAS;IAClBC,GAAG,EAAE,0BAA0B;IAC/BC,GAAG,EAAE,gCAAgC;IACrCC,GAAG,EAAE;MACHC,GAAG,EAAE;QACHC,GAAG,EAAE,IAAI;QACTC,GAAG,EAAE,OAAO;QACZZ,GAAG,EAAE,6CAA6C;QAClDa,CAAC,EAAE,6CAA6C;QAChDC,CAAC,EAAE;MACL;IACF,CAAC;IACDC,GAAG,EAAE,UAAU;IACfC,MAAM,EAAE;MACNC,kBAAkB,EAAE;QAClBC,mBAAmB,EAAE;MACvB;IACF;EACF;AACF,CAAC;;AAED;AACA,MAAMC,WAAW,GAAG,CAClB,CAAC,wBAAwB,EAAE,WAAW,EAAE,wBAAwB,CAAC,EACjE,CAAC,wBAAwB,EAAE,YAAY,EAAE,YAAY,CAAC,EACtD,CAAC,wBAAwB,EAAE,aAAa,EAAE,wBAAwB,CAAC,EACnE,CAAC,wBAAwB,EAAE,YAAY,EAAE,KAAK,CAAC,EAC/C,CAAC,wBAAwB,EAAE,aAAa,EAAE,UAAU,CAAC,EACrD,CAAC,wBAAwB,EAAE,KAAK,EAAE,UAAU,CAAC,CAC9C;AACDC,EAAE,CAAC,kCAAkC,EAAE,MAAM;EAC3CC,MAAM,CACJC,IAAI,CAACC,KAAK,CAAC,IAAAC,8BAAY,EAAC,IAAAC,8BAAY,EAACH,IAAI,CAACI,SAAS,CAAC5B,KAAK,CAACC,MAAM,CAAC,CAAC,CAAC,CACrE,CAAC,CAAC4B,OAAO,CAAC7B,KAAK,CAACC,MAAM,CAAC;EACvBsB,MAAM,CAAC,CAACzB,MAAM,EAAE,GAAGC,oBAAoB,CAAC,CAAC+B,IAAI,CAAC,GAAG,CAAC,CAAC,CAACC,IAAI,CAACpC,KAAK,CAAC;AACjE,CAAC,CAAC;AAEFqC,QAAQ,CAAC,QAAQ,EAAE,MAAM;EACvBV,EAAE,CAAC,6BAA6B,EAAE,MAAM;IACtC,MAAMW,MAAM,GAAG,IAAAC,aAAM,EAACvC,KAAK,EAAEwC,eAAQ,CAAC;IACtCZ,MAAM,CAACU,MAAM,CAAC,CAACJ,OAAO,CAAC;MACrB7B,KAAK;MACLqB,WAAW,EAAEA,WAAW,CAACe,GAAG,CAAC,CAACC,OAAO,EAAEC,CAAC,MAAM;QAC5CD,OAAO;QACPE,OAAO,EAAExC,oBAAoB,CAACuC,CAAC;MACjC,CAAC,CAAC;IACJ,CAAC,CAAC;EACJ,CAAC,CAAC;EAEFhB,EAAE,CAAC,oCAAoC,EAAE,MAAM;IAC7C,MAAMW,MAAM,GAAG,IAAAC,aAAM,EAACvC,KAAK,CAAC;IAC5B4B,MAAM,CAACU,MAAM,CAAC,CAACJ,OAAO,CAAC;MACrB7B,KAAK;MACLqB,WAAW,EAAEA,WAAW,CAACe,GAAG,CAAC,CAACC,OAAO,EAAEC,CAAC,MAAM;QAC5CD,OAAO;QACPE,OAAO,EAAExC,oBAAoB,CAACuC,CAAC;MACjC,CAAC,CAAC;IACJ,CAAC,CAAC;EACJ,CAAC,CAAC;EAEFhB,EAAE,CAAC,kDAAkD,EAAE,MAAM;IAC3D,MAAMkB,YAAY,GAAGL,eAAQ,CAACM,GAAG,CAC/BC,MAAC,CAACC,MAAM,CAAC;MAAEtC,OAAO,EAAEqC,MAAC,CAACC,MAAM,CAAC;QAAEC,WAAW,EAAEF,MAAC,CAACG,MAAM,CAAC;MAAE,CAAC;IAAE,CAAC,CAC7D,CAAC;IACD,MAAMC,cAAc,GAAGJ,MAAC,CAACC,MAAM,CAAC;MAC9BtC,OAAO,EAAEqC,MAAC,CAACC,MAAM,CAAC;QAAEC,WAAW,EAAEF,MAAC,CAACG,MAAM,CAAC;MAAE,CAAC;IAC/C,CAAC,CAAC;IAEF,IAAI;MACF;MACA,IAAAX,aAAM,EAACvC,KAAK,EAAE6C,YAAY,CAAC;MAC3B;MACA,IAAAN,aAAM,EAACvC,KAAK,EAAEmD,cAAc,CAAC;IAC/B,CAAC,CAAC,OAAOC,KAAK,EAAE;MACd;MACA;IAAA;EAEJ,CAAC,CAAC;AACJ,CAAC,CAAC;AAEFf,QAAQ,CAAC,UAAU,EAAE,MAAM;EACzBV,EAAE,CAAC,yCAAyC,EAAE,YAAY;IACxD,MAAMW,MAAM,GAAG,MAAM,IAAAe,eAAQ,EAACrD,KAAK,EAAE,CAAC,YAAY,CAAC,CAAC;IACpD,MAAMsD,QAAQ,GAAG;MACftD,KAAK,EAAG,GAAEG,MAAO,+DAA8D;MAC/EoD,KAAK,EAAE,CAAC;QAAEC,KAAK,EAAE,YAAY;QAAEC,IAAI,EAAE;MAAgC,CAAC;IACxE,CAAC;IAED7B,MAAM,CAACU,MAAM,CAAC,CAACJ,OAAO,CAACoB,QAAQ,CAAC;EAClC,CAAC,CAAC;EAEF3B,EAAE,CAAC,yCAAyC,EAAE,YAAY;IACxD,MAAMW,MAAM,GAAG,MAAM,IAAAe,eAAQ,EAACrD,KAAK,EAAE,EAAE,CAAC;IACxC,MAAMsD,QAAQ,GAAG;MAAEtD,KAAK,EAAG,GAAEG,MAAO,EAAC;MAAEoD,KAAK,EAAE;IAAG,CAAC;IAElD3B,MAAM,CAACU,MAAM,CAAC,CAACJ,OAAO,CAACoB,QAAQ,CAAC;EAClC,CAAC,CAAC;EAEF3B,EAAE,CAAC,+CAA+C,EAAE,YAAY;IAC9D,MAAMW,MAAM,GAAG,MAAM,IAAAe,eAAQ,EAACrD,KAAK,EAAE,CAAC,KAAK,EAAE,aAAa,CAAC,CAAC;IAC5D,MAAMsD,QAAQ,GAAG;MACftD,KAAK,EAAG,GAAEG,MAAO,kIAAiI;MAClJoD,KAAK,EAAE,CACL;QACEC,KAAK,EAAE,KAAK;QACZC,IAAI,EAAE;MACR,CAAC,EACD;QACED,KAAK,EAAE,aAAa;QACpBC,IAAI,EAAE;MACR,CAAC;IAEL,CAAC;IAED7B,MAAM,CAACU,MAAM,CAAC,CAACJ,OAAO,CAACoB,QAAQ,CAAC;EAClC,CAAC,CAAC;EAEF3B,EAAE,CAAC,8BAA8B,EAAE,YAAY;IAC7C,MAAM+B,EAAE,GAAG,MAAAA,CAAA,KAAY,IAAAL,eAAQ,EAACrD,KAAK,EAAE,CAAC,SAAS,CAAC,CAAC;IAEnD,MAAM4B,MAAM,CAAC8B,EAAE,CAAC,CAAC,CAAC,CAACC,OAAO,CAACzB,OAAO,CAACN,MAAM,CAACgC,GAAG,CAACC,KAAK,CAAC,CAAC;EACvD,CAAC,CAAC;AACJ,CAAC,CAAC"}

package/lib/commonjs/sd-jwt/__test__/types.test.js

@@ -6,40 +6,28 @@ describe("SdJwt4VC", () => {
     // example provided at https://italia.github.io/eidas-it-wallet-docs/en/pid-data-model.html
     const token = {
       header: {
-        kid: "eNN-g5i6CnLKcltQBp6abbioGMbzM6muW3vuxw6uh88",
         typ: "vc+sd-jwt",
-        alg: "RS256"
+        alg: "RS512",
+        kid: "dB67gL7ck3TFiIAf7N6_7SHvqk0MDYMEQcoGGlkUAAw"
       },
       payload: {
-        sub: "sj1OpYiiLTVYANnBGNwSK2krMwqpWaz2iHmN1t0_Esg",
-        _sd: ["1UmtISsdd7udbFaFy-ViZ8dZFherbOGD2N3HlX4PIC8", "Fmjs4qzc5vkeOAY5G20_ZPvU-1q-oXaV7Ax516CCMFk", "Q3bagNzMeQh6EgwPBSHimbgQplmY_6v9SW4go2XAkgA", "QVwkn71B4pWfCOzzlQl9HnxFSVdEHuW35zdTQQdFQGc", "VVdR41A2KOOVzxYagZCGbVang7sSkegCeiuWf3DOtjs", "vO2dvncmzlv37MQkmWudSDIHDE9YHd0EFB8xBTDVjz0"],
-        "vct#integrity": "242302d97d38da2714a257f2a253bf2fa30aae5c109fe9581bfcda3b1d797c97",
+        _sd: ["0q1D5Jmav6pQaEh_J_Fcv_uNNMQIgCyhQOxqlY4l3qU", "KCJ-AVNv88d-xj6sUIAOJxFnbUh3rHXDKkIH1lFqbRs", "M9lo9YxDNIXrAq2qWeiCA40zpJ_zYfFdR_4AEALcRtU", "czgjUk0nqRCswShChCjdS6A1-v47d_qTCSFIvIHhMoI", "nGnQr7clm3tfTp8yjL_uHrDSOtzR2PVb8S7GeLdAqBQ", "xNIVwlpSsaZ8CJSf0gz5x_75VRWWc6V1mlpejdCrqUs"],
+        sub: "216f8946-9ecb-4819-9309-c076f34a7e11",
         _sd_alg: "sha-256",
-        vct: "urn:eu.europa.ec.eudi:pid:1",
-        iss: "https://api.potential-wallet-it-pid-provider.it",
+        vct: "PersonIdentificationData",
+        iss: "https://pidprovider.example.com",
         cnf: {
           jwk: {
             kty: "EC",
             crv: "P-256",
-            kid: "LegnFQ8lvhA6qyPutYv48nWWpSnO5tHigavywyds5S0",
-            x: "czZrN9lcNuc0q69X40n27c5jKpii0A-aYX_Pbo9pqBQ",
-            y: "YGKGaCJNWfTiKiz3JmAG9ky7h4twPuUfzYOgy1bzLv8"
+            kid: "zEv_qGSL5r0_F67j2dwEgUJmBgbMNSEJ5K_iH1PYc7A",
+            x: "0Pj7v_afNp9ETJx11JbYgkI7yQpd0rtiYuo5feuAN2o",
+            y: "XB62Um02vHqedkOzSfJ5hdtjPz-zmV9jmWh4sKgdD9o"
           }
         },
-        exp: 1768490196,
-        iat: 1736954196,
-        expiry_date: "2026-12-05",
-        issuing_country: "IT",
-        issuing_authority: "Istituto Poligrafico e Zecca dello Stato",
-        verification: {
-          evidence: {
-            method: "cie"
-          },
-          trust_framework: "eidas",
-          assurance_level: "high"
-        },
+        exp: 1751107255,
         status: {
-          status_assertion: {
+          status_attestation: {
             credential_hash_alg: "sha-256"
           }
         }

package/lib/commonjs/sd-jwt/__test__/types.test.js.map

@@ -1 +1 @@
-{"version":3,"names":["_types","require","describe","it","token","header","kid","typ","alg","payload","sub","_sd","_sd_alg","vct","iss","cnf","jwk","kty","crv","x","y","exp","iat","expiry_date","issuing_country","issuing_authority","verification","evidence","method","trust_framework","assurance_level","status","status_assertion","credential_hash_alg","success","SdJwt4VC","safeParse","expect","toBe","value","type","record","source","organization_name","organization_id","country_code","Disclosure"],"sourceRoot":"../../../../src","sources":["sd-jwt/__test__/types.test.ts"],"mappings":";;AAAA,IAAAA,MAAA,GAAAC,OAAA;AAEAC,QAAQ,CAAC,UAAU,EAAE,MAAM;EACzBC,EAAE,CAAC,6BAA6B,EAAE,MAAM;IACtC;IACA,MAAMC,KAAK,GAAG;MACZC,MAAM,EAAE;QACNC,GAAG,EAAE,6CAA6C;QAClDC,GAAG,EAAE,WAAW;QAChBC,GAAG,EAAE;MACP,CAAC;MACDC,OAAO,EAAE;QACPC,GAAG,EAAE,6CAA6C;QAClDC,GAAG,EAAE,CACH,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,CAC9C;QACD,eAAe,EACb,kEAAkE;QACpEC,OAAO,EAAE,SAAS;QAClBC,GAAG,EAAE,6BAA6B;QAClCC,GAAG,EAAE,iDAAiD;QACtDC,GAAG,EAAE;UACHC,GAAG,EAAE;YACHC,GAAG,EAAE,IAAI;YACTC,GAAG,EAAE,OAAO;YACZZ,GAAG,EAAE,6CAA6C;YAClDa,CAAC,EAAE,6CAA6C;YAChDC,CAAC,EAAE;UACL;QACF,CAAC;QACDC,GAAG,EAAE,UAAU;QACfC,GAAG,EAAE,UAAU;QACfC,WAAW,EAAE,YAAY;QACzBC,eAAe,EAAE,IAAI;QACrBC,iBAAiB,EAAE,0CAA0C;QAC7DC,YAAY,EAAE;UACZC,QAAQ,EAAE;YACRC,MAAM,EAAE;UACV,CAAC;UACDC,eAAe,EAAE,OAAO;UACxBC,eAAe,EAAE;QACnB,CAAC;QACDC,MAAM,EAAE;UACNC,gBAAgB,EAAE;YAChBC,mBAAmB,EAAE;UACvB;QACF;MACF;IACF,CAAC;IAED,MAAM;MAAEC;IAAQ,CAAC,GAAGC,eAAQ,CAACC,SAAS,CAAChC,KAAK,CAAC;IAE7CiC,MAAM,CAACH,OAAO,CAAC,CAACI,IAAI,CAAC,IAAI,CAAC;EAC5B,CAAC,CAAC;AACJ,CAAC,CAAC;AAEFpC,QAAQ,CAAC,YAAY,EAAE,MAAM;EAC3BC,EAAE,CAAC,kCAAkC,EAAE,MAAM;IAC3C;IACA,MAAMoC,KAAK,GAAG,CACZ,wBAAwB,EACxB,UAAU,EACV,CACE;MACEC,IAAI,EAAE,mBAAmB;MACzBC,MAAM,EAAE;QACND,IAAI,EAAE,cAAc;QACpBE,MAAM,EAAE;UACNC,iBAAiB,EAAE,wBAAwB;UAC3CC,eAAe,EAAE,MAAM;UACvBC,YAAY,EAAE;QAChB;MACF;IACF,CAAC,CACF,CACF;IAED,MAAM;MAAEX;IAAQ,CAAC,GAAGY,iBAAU,CAACV,SAAS,CAACG,KAAK,CAAC;IAC/CF,MAAM,CAACH,OAAO,CAAC,CAACI,IAAI,CAAC,IAAI,CAAC;EAC5B,CAAC,CAAC;AACJ,CAAC,CAAC"}
+{"version":3,"names":["_types","require","describe","it","token","header","typ","alg","kid","payload","_sd","sub","_sd_alg","vct","iss","cnf","jwk","kty","crv","x","y","exp","status","status_attestation","credential_hash_alg","success","SdJwt4VC","safeParse","expect","toBe","value","type","record","source","organization_name","organization_id","country_code","Disclosure"],"sourceRoot":"../../../../src","sources":["sd-jwt/__test__/types.test.ts"],"mappings":";;AAAA,IAAAA,MAAA,GAAAC,OAAA;AAEAC,QAAQ,CAAC,UAAU,EAAE,MAAM;EACzBC,EAAE,CAAC,6BAA6B,EAAE,MAAM;IACtC;IACA,MAAMC,KAAK,GAAG;MACZC,MAAM,EAAE;QACNC,GAAG,EAAE,WAAW;QAChBC,GAAG,EAAE,OAAO;QACZC,GAAG,EAAE;MACP,CAAC;MACDC,OAAO,EAAE;QACPC,GAAG,EAAE,CACH,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,EAC7C,6CAA6C,CAC9C;QACDC,GAAG,EAAE,sCAAsC;QAC3CC,OAAO,EAAE,SAAS;QAClBC,GAAG,EAAE,0BAA0B;QAC/BC,GAAG,EAAE,iCAAiC;QACtCC,GAAG,EAAE;UACHC,GAAG,EAAE;YACHC,GAAG,EAAE,IAAI;YACTC,GAAG,EAAE,OAAO;YACZV,GAAG,EAAE,6CAA6C;YAClDW,CAAC,EAAE,6CAA6C;YAChDC,CAAC,EAAE;UACL;QACF,CAAC;QACDC,GAAG,EAAE,UAAU;QACfC,MAAM,EAAE;UACNC,kBAAkB,EAAE;YAClBC,mBAAmB,EAAE;UACvB;QACF;MACF;IACF,CAAC;IAED,MAAM;MAAEC;IAAQ,CAAC,GAAGC,eAAQ,CAACC,SAAS,CAACvB,KAAK,CAAC;IAE7CwB,MAAM,CAACH,OAAO,CAAC,CAACI,IAAI,CAAC,IAAI,CAAC;EAC5B,CAAC,CAAC;AACJ,CAAC,CAAC;AAEF3B,QAAQ,CAAC,YAAY,EAAE,MAAM;EAC3BC,EAAE,CAAC,kCAAkC,EAAE,MAAM;IAC3C;IACA,MAAM2B,KAAK,GAAG,CACZ,wBAAwB,EACxB,UAAU,EACV,CACE;MACEC,IAAI,EAAE,mBAAmB;MACzBC,MAAM,EAAE;QACND,IAAI,EAAE,cAAc;QACpBE,MAAM,EAAE;UACNC,iBAAiB,EAAE,wBAAwB;UAC3CC,eAAe,EAAE,MAAM;UACvBC,YAAY,EAAE;QAChB;MACF;IACF,CAAC,CACF,CACF;IAED,MAAM;MAAEX;IAAQ,CAAC,GAAGY,iBAAU,CAACV,SAAS,CAACG,KAAK,CAAC;IAC/CF,MAAM,CAACH,OAAO,CAAC,CAACI,IAAI,CAAC,IAAI,CAAC;EAC5B,CAAC,CAAC;AACJ,CAAC,CAAC"}

package/lib/commonjs/sd-jwt/index.js

@@ -185,15 +185,9 @@ exports.verify = verify;
 const prepareVpToken = async (nonce, client_id, _ref2) => {
   let [verifiableCredential, requestedClaims, cryptoContext] = _ref2;
   // Produce a VP token with only requested claims from the verifiable credential
-  const requestedClaimsString = requestedClaims.map(_ref3 => {
-    let {
-      name
-    } = _ref3;
-    return name;
-  });
   const {
     token: vp
-  } = await disclose(verifiableCredential, requestedClaimsString);
+  } = await disclose(verifiableCredential, requestedClaims);
 
   // <Issuer-signed JWT>~<Disclosure 1>~<Disclosure N>~
   const sd_hash = await (0, _ioReactNativeJwt.sha256ToBase64)(`${vp}~`);

package/lib/commonjs/sd-jwt/index.js.map

@@ -1 +1 @@
-{"version":3,"names":["_ioReactNativeJwt","require","_types","_verifier","Errors","_interopRequireWildcard","exports","_jsBase","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","decodeDisclosure","encoded","utf8String","Base64","decode","decoded","Disclosure","parse","JSON","token","customSchema","slice","rawSdJwt","rawDisclosures","split","decodedJwt","decodeJwt","parser","SdJwt4VC","sdJwt","header","protectedHeader","payload","disclosures","map","disclose","claims","paths","Promise","all","claim","disclosure","find","_ref","name","ClaimsNotFoundBetweenDisclosures","hash","sha256ToBase64","_sd","includes","index","indexOf","path","ClaimsNotFoundInToken","filteredDisclosures","filter","d","disclosedToken","join","verify","publicKey","verifyJwt","verifyDisclosure","prepareVpToken","nonce","client_id","_ref2","verifiableCredential","requestedClaims","cryptoContext","requestedClaimsString","_ref3","vp","sd_hash","kbJwt","SignJWT","setProtectedHeader","typ","alg","setPayload","setAudience","setIssuedAt","sign","vp_token"],"sourceRoot":"../../../src","sources":["sd-jwt/index.ts"],"mappings":";;;;;;;;;;;;;AAEA,IAAAA,iBAAA,GAAAC,OAAA;AAGA,IAAAC,MAAA,GAAAD,OAAA;AACA,IAAAE,SAAA,GAAAF,OAAA;AAEA,IAAAG,MAAA,GAAAC,uBAAA,CAAAJ,OAAA;AAAmCK,OAAA,CAAAF,MAAA,GAAAA,MAAA;AACnC,IAAAG,OAAA,GAAAN,OAAA;AAAmC,SAAAO,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAJ,wBAAAQ,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAGnC,MAAMW,gBAAgB,GAAIC,OAAe,IAA4B;EACnE,MAAMC,UAAU,GAAGC,cAAM,CAACC,MAAM,CAACH,OAAO,CAAC,CAAC,CAAC;EAC3C,MAAMI,OAAO,GAAGC,iBAAU,CAACC,KAAK,CAACC,IAAI,CAACD,KAAK,CAACL,UAAU,CAAC,CAAC;EACxD,OAAO;IAAEG,OAAO;IAAEJ;EAAQ,CAAC;AAC7B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMG,MAAM,GAAGA,CACpBK,KAAa,EACbC,YAAgB,KAIb;EACH;EACA,IAAID,KAAK,CAACE,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE;IAC3BF,KAAK,GAAGA,KAAK,CAACE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;EAC5B;EACA,MAAM,CAACC,QAAQ,GAAG,EAAE,EAAE,GAAGC,cAAc,CAAC,GAAGJ,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;;EAE3D;EACA;EACA,MAAMC,UAAU,GAAG,IAAAC,wBAAS,EAACJ,QAAQ,CAAC;;EAEtC;EACA,MAAMK,MAAM,GAAGP,YAAY,IAAIQ,eAAQ;EAEvC,MAAMC,KAAK,GAAGF,MAAM,CAACV,KAAK,CAAC;IACzBa,MAAM,EAAEL,UAAU,CAACM,eAAe;IAClCC,OAAO,EAAEP,UAAU,CAACO;EACtB,CAAC,CAAC;;EAEF;EACA;EACA;EACA,MAAMC,WAAW,GAAGV,cAAc,CAACW,GAAG,CAACxB,gBAAgB,CAAC;EAExD,OAAO;IAAEmB,KAAK;IAAEI;EAAY,CAAC;AAC/B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAZA/C,OAAA,CAAA4B,MAAA,GAAAA,MAAA;AAaO,MAAMqB,QAAQ,GAAG,MAAAA,CACtBhB,KAAa,EACbiB,MAAgB,KACyD;EACzE,MAAM,CAACd,QAAQ,EAAE,GAAGC,cAAc,CAAC,GAAGJ,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;EACtD,MAAM;IAAEK,KAAK;IAAEI;EAAY,CAAC,GAAGnB,MAAM,CAACK,KAAK,EAAES,eAAQ,CAAC;;EAEtD;EACA,MAAMS,KAAK,GAAG,MAAMC,OAAO,CAACC,GAAG,CAC7BH,MAAM,CAACF,GAAG,CAAC,MAAOM,KAAK,IAAK;IAC1B,MAAMC,UAAU,GAAGR,WAAW,CAACS,IAAI,CACjCC,IAAA;MAAA,IAAC;QAAE5B,OAAO,EAAE,GAAG6B,IAAI;MAAE,CAAC,GAAAD,IAAA;MAAA,OAAKC,IAAI,KAAKJ,KAAK;IAAA,CAC3C,CAAC;;IAED;IACA,IAAI,CAACC,UAAU,EAAE;MACf,MAAM,IAAIzD,MAAM,CAAC6D,gCAAgC,CAACL,KAAK,CAAC;IAC1D;IAEA,MAAMM,IAAI,GAAG,MAAM,IAAAC,gCAAc,EAACN,UAAU,CAAC9B,OAAO,CAAC;;IAErD;IACA;IACA,IAAIkB,KAAK,CAACG,OAAO,CAACgB,GAAG,CAACC,QAAQ,CAACH,IAAI,CAAC,EAAE;MACpC,MAAMI,KAAK,GAAGrB,KAAK,CAACG,OAAO,CAACgB,GAAG,CAACG,OAAO,CAACL,IAAI,CAAC;MAC7C,OAAO;QAAEN,KAAK;QAAEY,IAAI,EAAG,8BAA6BF,KAAM;MAAG,CAAC;IAChE;IAEA,MAAM,IAAIlE,MAAM,CAACqE,qBAAqB,CAACb,KAAK,CAAC;EAC/C,CAAC,CACH,CAAC;EAED,MAAMc,mBAAmB,GAAG/B,cAAc,CAACgC,MAAM,CAAEC,CAAC,IAAK;IACvD,MAAM;MACJzC,OAAO,EAAE,GAAG6B,IAAI;IAClB,CAAC,GAAGlC,gBAAgB,CAAC8C,CAAC,CAAC;IACvB,OAAOpB,MAAM,CAACa,QAAQ,CAACL,IAAI,CAAC;EAC9B,CAAC,CAAC;;EAEF;EACA,MAAMa,cAAc,GAAG,CAACnC,QAAQ,EAAE,GAAGgC,mBAAmB,CAAC,CAACI,IAAI,CAAC,GAAG,CAAC;EAEnE,OAAO;IAAEvC,KAAK,EAAEsC,cAAc;IAAEpB;EAAM,CAAC;AACzC,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAfAnD,OAAA,CAAAiD,QAAA,GAAAA,QAAA;AAgBO,MAAMwB,MAAM,GAAG,MAAAA,CACpBxC,KAAa,EACbyC,SAAsB,EACtBxC,YAAgB,KAC8C;EAC9D;EACA,MAAM,CAACE,QAAQ,GAAG,EAAE,CAAC,GAAGH,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;EACxC,MAAMT,OAAO,GAAGD,MAAM,CAACK,KAAK,EAAEC,YAAY,CAAC;;EAE3C;EACA,MAAM,IAAAyC,wBAAS,EAACvC,QAAQ,EAAEsC,SAAS,CAAC;;EAEpC;EACA,MAAMxB,MAAM,GAAG,CAAC,GAAGrB,OAAO,CAACc,KAAK,CAACG,OAAO,CAACgB,GAAG,CAAC;EAE7C,MAAMV,OAAO,CAACC,GAAG,CACfxB,OAAO,CAACkB,WAAW,CAACC,GAAG,CACrB,MAAOO,UAAU,IAAK,MAAM,IAAAqB,0BAAgB,EAACrB,UAAU,EAAEL,MAAM,CACjE,CACF,CAAC;EAED,OAAO;IACLP,KAAK,EAAEd,OAAO,CAACc,KAAK;IACpBI,WAAW,EAAElB,OAAO,CAACkB,WAAW,CAACC,GAAG,CAAEsB,CAAC,IAAKA,CAAC,CAACzC,OAAO;EACvD,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAdA7B,OAAA,CAAAyE,MAAA,GAAAA,MAAA;AAeO,MAAMI,cAAc,GAAG,MAAAA,CAC5BC,KAAa,EACbC,SAAiB,EAAAC,KAAA,KAIb;EAAA,IAHJ,CAACC,oBAAoB,EAAEC,eAAe,EAAEC,aAAa,CAAe,GAAAH,KAAA;EAIpE;EACA,MAAMI,qBAAqB,GAAGF,eAAe,CAAClC,GAAG,CAACqC,KAAA;IAAA,IAAC;MAAE3B;IAAK,CAAC,GAAA2B,KAAA;IAAA,OAAK3B,IAAI;EAAA,EAAC;EACrE,MAAM;IAAEzB,KAAK,EAAEqD;EAAG,CAAC,GAAG,MAAMrC,QAAQ,CAClCgC,oBAAoB,EACpBG,qBACF,CAAC;;EAED;EACA,MAAMG,OAAO,GAAG,MAAM,IAAA1B,gCAAc,EAAE,GAAEyB,EAAG,GAAE,CAAC;EAE9C,MAAME,KAAK,GAAG,MAAM,IAAIC,yBAAO,CAACN,aAAa,CAAC,CAC3CO,kBAAkB,CAAC;IAClBC,GAAG,EAAE,QAAQ;IACbC,GAAG,EAAE;EACP,CAAC,CAAC,CACDC,UAAU,CAAC;IACVN,OAAO;IACPT,KAAK,EAAEA;EACT,CAAC,CAAC,CACDgB,WAAW,CAACf,SAAS,CAAC,CACtBgB,WAAW,CAAC,CAAC,CACbC,IAAI,CAAC,CAAC;;EAET;EACA,MAAMC,QAAQ,GAAG,CAACX,EAAE,EAAEE,KAAK,CAAC,CAAChB,IAAI,CAAC,GAAG,CAAC;EAEtC,OAAO;IAAEyB;EAAS,CAAC;AACrB,CAAC;AAACjG,OAAA,CAAA6E,cAAA,GAAAA,cAAA"}
+{"version":3,"names":["_ioReactNativeJwt","require","_types","_verifier","Errors","_interopRequireWildcard","exports","_jsBase","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","decodeDisclosure","encoded","utf8String","Base64","decode","decoded","Disclosure","parse","JSON","token","customSchema","slice","rawSdJwt","rawDisclosures","split","decodedJwt","decodeJwt","parser","SdJwt4VC","sdJwt","header","protectedHeader","payload","disclosures","map","disclose","claims","paths","Promise","all","claim","disclosure","find","_ref","name","ClaimsNotFoundBetweenDisclosures","hash","sha256ToBase64","_sd","includes","index","indexOf","path","ClaimsNotFoundInToken","filteredDisclosures","filter","d","disclosedToken","join","verify","publicKey","verifyJwt","verifyDisclosure","prepareVpToken","nonce","client_id","_ref2","verifiableCredential","requestedClaims","cryptoContext","vp","sd_hash","kbJwt","SignJWT","setProtectedHeader","typ","alg","setPayload","setAudience","setIssuedAt","sign","vp_token"],"sourceRoot":"../../../src","sources":["sd-jwt/index.ts"],"mappings":";;;;;;;;;;;;;AAEA,IAAAA,iBAAA,GAAAC,OAAA;AAGA,IAAAC,MAAA,GAAAD,OAAA;AACA,IAAAE,SAAA,GAAAF,OAAA;AAEA,IAAAG,MAAA,GAAAC,uBAAA,CAAAJ,OAAA;AAAmCK,OAAA,CAAAF,MAAA,GAAAA,MAAA;AACnC,IAAAG,OAAA,GAAAN,OAAA;AAAmC,SAAAO,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAJ,wBAAAQ,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAGnC,MAAMW,gBAAgB,GAAIC,OAAe,IAA4B;EACnE,MAAMC,UAAU,GAAGC,cAAM,CAACC,MAAM,CAACH,OAAO,CAAC,CAAC,CAAC;EAC3C,MAAMI,OAAO,GAAGC,iBAAU,CAACC,KAAK,CAACC,IAAI,CAACD,KAAK,CAACL,UAAU,CAAC,CAAC;EACxD,OAAO;IAAEG,OAAO;IAAEJ;EAAQ,CAAC;AAC7B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,MAAMG,MAAM,GAAGA,CACpBK,KAAa,EACbC,YAAgB,KAIb;EACH;EACA,IAAID,KAAK,CAACE,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE;IAC3BF,KAAK,GAAGA,KAAK,CAACE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;EAC5B;EACA,MAAM,CAACC,QAAQ,GAAG,EAAE,EAAE,GAAGC,cAAc,CAAC,GAAGJ,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;;EAE3D;EACA;EACA,MAAMC,UAAU,GAAG,IAAAC,wBAAS,EAACJ,QAAQ,CAAC;;EAEtC;EACA,MAAMK,MAAM,GAAGP,YAAY,IAAIQ,eAAQ;EAEvC,MAAMC,KAAK,GAAGF,MAAM,CAACV,KAAK,CAAC;IACzBa,MAAM,EAAEL,UAAU,CAACM,eAAe;IAClCC,OAAO,EAAEP,UAAU,CAACO;EACtB,CAAC,CAAC;;EAEF;EACA;EACA;EACA,MAAMC,WAAW,GAAGV,cAAc,CAACW,GAAG,CAACxB,gBAAgB,CAAC;EAExD,OAAO;IAAEmB,KAAK;IAAEI;EAAY,CAAC;AAC/B,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAZA/C,OAAA,CAAA4B,MAAA,GAAAA,MAAA;AAaO,MAAMqB,QAAQ,GAAG,MAAAA,CACtBhB,KAAa,EACbiB,MAAgB,KACyD;EACzE,MAAM,CAACd,QAAQ,EAAE,GAAGC,cAAc,CAAC,GAAGJ,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;EACtD,MAAM;IAAEK,KAAK;IAAEI;EAAY,CAAC,GAAGnB,MAAM,CAACK,KAAK,EAAES,eAAQ,CAAC;;EAEtD;EACA,MAAMS,KAAK,GAAG,MAAMC,OAAO,CAACC,GAAG,CAC7BH,MAAM,CAACF,GAAG,CAAC,MAAOM,KAAK,IAAK;IAC1B,MAAMC,UAAU,GAAGR,WAAW,CAACS,IAAI,CACjCC,IAAA;MAAA,IAAC;QAAE5B,OAAO,EAAE,GAAG6B,IAAI;MAAE,CAAC,GAAAD,IAAA;MAAA,OAAKC,IAAI,KAAKJ,KAAK;IAAA,CAC3C,CAAC;;IAED;IACA,IAAI,CAACC,UAAU,EAAE;MACf,MAAM,IAAIzD,MAAM,CAAC6D,gCAAgC,CAACL,KAAK,CAAC;IAC1D;IAEA,MAAMM,IAAI,GAAG,MAAM,IAAAC,gCAAc,EAACN,UAAU,CAAC9B,OAAO,CAAC;;IAErD;IACA;IACA,IAAIkB,KAAK,CAACG,OAAO,CAACgB,GAAG,CAACC,QAAQ,CAACH,IAAI,CAAC,EAAE;MACpC,MAAMI,KAAK,GAAGrB,KAAK,CAACG,OAAO,CAACgB,GAAG,CAACG,OAAO,CAACL,IAAI,CAAC;MAC7C,OAAO;QAAEN,KAAK;QAAEY,IAAI,EAAG,8BAA6BF,KAAM;MAAG,CAAC;IAChE;IAEA,MAAM,IAAIlE,MAAM,CAACqE,qBAAqB,CAACb,KAAK,CAAC;EAC/C,CAAC,CACH,CAAC;EAED,MAAMc,mBAAmB,GAAG/B,cAAc,CAACgC,MAAM,CAAEC,CAAC,IAAK;IACvD,MAAM;MACJzC,OAAO,EAAE,GAAG6B,IAAI;IAClB,CAAC,GAAGlC,gBAAgB,CAAC8C,CAAC,CAAC;IACvB,OAAOpB,MAAM,CAACa,QAAQ,CAACL,IAAI,CAAC;EAC9B,CAAC,CAAC;;EAEF;EACA,MAAMa,cAAc,GAAG,CAACnC,QAAQ,EAAE,GAAGgC,mBAAmB,CAAC,CAACI,IAAI,CAAC,GAAG,CAAC;EAEnE,OAAO;IAAEvC,KAAK,EAAEsC,cAAc;IAAEpB;EAAM,CAAC;AACzC,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAfAnD,OAAA,CAAAiD,QAAA,GAAAA,QAAA;AAgBO,MAAMwB,MAAM,GAAG,MAAAA,CACpBxC,KAAa,EACbyC,SAAsB,EACtBxC,YAAgB,KAC8C;EAC9D;EACA,MAAM,CAACE,QAAQ,GAAG,EAAE,CAAC,GAAGH,KAAK,CAACK,KAAK,CAAC,GAAG,CAAC;EACxC,MAAMT,OAAO,GAAGD,MAAM,CAACK,KAAK,EAAEC,YAAY,CAAC;;EAE3C;EACA,MAAM,IAAAyC,wBAAS,EAACvC,QAAQ,EAAEsC,SAAS,CAAC;;EAEpC;EACA,MAAMxB,MAAM,GAAG,CAAC,GAAGrB,OAAO,CAACc,KAAK,CAACG,OAAO,CAACgB,GAAG,CAAC;EAE7C,MAAMV,OAAO,CAACC,GAAG,CACfxB,OAAO,CAACkB,WAAW,CAACC,GAAG,CACrB,MAAOO,UAAU,IAAK,MAAM,IAAAqB,0BAAgB,EAACrB,UAAU,EAAEL,MAAM,CACjE,CACF,CAAC;EAED,OAAO;IACLP,KAAK,EAAEd,OAAO,CAACc,KAAK;IACpBI,WAAW,EAAElB,OAAO,CAACkB,WAAW,CAACC,GAAG,CAAEsB,CAAC,IAAKA,CAAC,CAACzC,OAAO;EACvD,CAAC;AACH,CAAC;;AAED;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAdA7B,OAAA,CAAAyE,MAAA,GAAAA,MAAA;AAeO,MAAMI,cAAc,GAAG,MAAAA,CAC5BC,KAAa,EACbC,SAAiB,EAAAC,KAAA,KAIb;EAAA,IAHJ,CAACC,oBAAoB,EAAEC,eAAe,EAAEC,aAAa,CAAe,GAAAH,KAAA;EAIpE;EACA,MAAM;IAAE/C,KAAK,EAAEmD;EAAG,CAAC,GAAG,MAAMnC,QAAQ,CAACgC,oBAAoB,EAAEC,eAAe,CAAC;;EAE3E;EACA,MAAMG,OAAO,GAAG,MAAM,IAAAxB,gCAAc,EAAE,GAAEuB,EAAG,GAAE,CAAC;EAE9C,MAAME,KAAK,GAAG,MAAM,IAAIC,yBAAO,CAACJ,aAAa,CAAC,CAC3CK,kBAAkB,CAAC;IAClBC,GAAG,EAAE,QAAQ;IACbC,GAAG,EAAE;EACP,CAAC,CAAC,CACDC,UAAU,CAAC;IACVN,OAAO;IACPP,KAAK,EAAEA;EACT,CAAC,CAAC,CACDc,WAAW,CAACb,SAAS,CAAC,CACtBc,WAAW,CAAC,CAAC,CACbC,IAAI,CAAC,CAAC;;EAET;EACA,MAAMC,QAAQ,GAAG,CAACX,EAAE,EAAEE,KAAK,CAAC,CAACd,IAAI,CAAC,GAAG,CAAC;EAEtC,OAAO;IAAEuB;EAAS,CAAC;AACrB,CAAC;AAAC/F,OAAA,CAAA6E,cAAA,GAAAA,cAAA"}

package/lib/commonjs/sd-jwt/types.js

@@ -3,8 +3,7 @@
 Object.defineProperty(exports, "__esModule", {
   value: true
 });
-exports.Verification = exports.UnixTime = exports.SdJwt4VC = exports.ObfuscatedDisclosures = exports.Disclosure = void 0;
-var _types = require("../entity/openid-connect/issuer/types");
+exports.UnixTime = exports.SdJwt4VC = exports.ObfuscatedDisclosures = exports.Disclosure = void 0;
 var _jwk = require("../utils/jwk");
 var _zod = require("zod");
 const UnixTime = _zod.z.number().min(0).max(2147483647000);
@@ -31,21 +30,11 @@ const Disclosure = _zod.z.tuple([/* salt */_zod.z.string(), /* claim name */_zod
  * @see https://www.ietf.org/archive/id/draft-ietf-oauth-selective-disclosure-jwt-05.html#name-disclosures-for-object-prop
  */
 exports.Disclosure = Disclosure;
-const Verification = _zod.z.object({
-  trust_framework: _zod.z.literal("eidas"),
-  assurance_level: _zod.z.string(),
-  evidence: _zod.z.object({
-    method: _zod.z.string()
-  })
-});
-exports.Verification = Verification;
 const SdJwt4VC = _zod.z.object({
   header: _zod.z.object({
-    typ: _types.CredentialFormat,
+    typ: _zod.z.literal("vc+sd-jwt"),
     alg: _zod.z.string(),
-    kid: _zod.z.string().optional(),
-    x5c: _zod.z.string().optional(),
-    vctm: _zod.z.array(_zod.z.string()).optional()
+    kid: _zod.z.string().optional()
   }),
   payload: _zod.z.intersection(_zod.z.object({
     iss: _zod.z.string(),
@@ -54,19 +43,14 @@ const SdJwt4VC = _zod.z.object({
     exp: UnixTime,
     _sd_alg: _zod.z.literal("sha-256"),
     status: _zod.z.object({
-      status_assertion: _zod.z.object({
+      status_attestation: _zod.z.object({
         credential_hash_alg: _zod.z.literal("sha-256")
       })
     }),
     cnf: _zod.z.object({
       jwk: _jwk.JWK
     }),
-    vct: _zod.z.string(),
-    "vct#integrity": _zod.z.string().optional(),
-    verification: Verification.optional(),
-    expiry_date: _zod.z.string().refine(str => !isNaN(new Date(str).getTime())),
-    issuing_authority: _zod.z.string(),
-    issuing_country: _zod.z.string()
+    vct: _zod.z.string()
   }), ObfuscatedDisclosures)
 });
 exports.SdJwt4VC = SdJwt4VC;

package/lib/commonjs/sd-jwt/types.js.map

@@ -1 +1 @@
-{"version":3,"names":["_types","require","_jwk","_zod","UnixTime","z","number","min","max","exports","ObfuscatedDisclosures","object","_sd","array","string","Disclosure","tuple","unknown","Verification","trust_framework","literal","assurance_level","evidence","method","SdJwt4VC","header","typ","CredentialFormat","alg","kid","optional","x5c","vctm","payload","intersection","iss","sub","iat","exp","_sd_alg","status","status_assertion","credential_hash_alg","cnf","jwk","JWK","vct","verification","expiry_date","refine","str","isNaN","Date","getTime","issuing_authority","issuing_country"],"sourceRoot":"../../../src","sources":["sd-jwt/types.ts"],"mappings":";;;;;;AAAA,IAAAA,MAAA,GAAAC,OAAA;AACA,IAAAC,IAAA,GAAAD,OAAA;AACA,IAAAE,IAAA,GAAAF,OAAA;AAEO,MAAMG,QAAQ,GAAGC,MAAC,CAACC,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC,CAACC,GAAG,CAAC,aAAa,CAAC;AAACC,OAAA,CAAAL,QAAA,GAAAA,QAAA;AAItD,MAAMM,qBAAqB,GAAGL,MAAC,CAACM,MAAM,CAAC;EAAEC,GAAG,EAAEP,MAAC,CAACQ,KAAK,CAACR,MAAC,CAACS,MAAM,CAAC,CAAC;AAAE,CAAC,CAAC;;AAE3E;AACA;AACA;AACA;AACA;AACA;AALAL,OAAA,CAAAC,qBAAA,GAAAA,qBAAA;AAOO,MAAMK,UAAU,GAAGV,MAAC,CAACW,KAAK,CAAC,CAChC,UAAWX,MAAC,CAACS,MAAM,CAAC,CAAC,EACrB,gBAAiBT,MAAC,CAACS,MAAM,CAAC,CAAC,EAC3B,iBAAkBT,MAAC,CAACY,OAAO,CAAC,CAAC,CAC9B,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAPAR,OAAA,CAAAM,UAAA,GAAAA,UAAA;AAcO,MAAMG,YAAY,GAAGb,MAAC,CAACM,MAAM,CAAC;EACnCQ,eAAe,EAAEd,MAAC,CAACe,OAAO,CAAC,OAAO,CAAC;EACnCC,eAAe,EAAEhB,MAAC,CAACS,MAAM,CAAC,CAAC;EAC3BQ,QAAQ,EAAEjB,MAAC,CAACM,MAAM,CAAC;IACjBY,MAAM,EAAElB,MAAC,CAACS,MAAM,CAAC;EACnB,CAAC;AACH,CAAC,CAAC;AAACL,OAAA,CAAAS,YAAA,GAAAA,YAAA;AAGI,MAAMM,QAAQ,GAAGnB,MAAC,CAACM,MAAM,CAAC;EAC/Bc,MAAM,EAAEpB,MAAC,CAACM,MAAM,CAAC;IACfe,GAAG,EAAEC,uBAAgB;IACrBC,GAAG,EAAEvB,MAAC,CAACS,MAAM,CAAC,CAAC;IACfe,GAAG,EAAExB,MAAC,CAACS,MAAM,CAAC,CAAC,CAACgB,QAAQ,CAAC,CAAC;IAC1BC,GAAG,EAAE1B,MAAC,CAACS,MAAM,CAAC,CAAC,CAACgB,QAAQ,CAAC,CAAC;IAC1BE,IAAI,EAAE3B,MAAC,CAACQ,KAAK,CAACR,MAAC,CAACS,MAAM,CAAC,CAAC,CAAC,CAACgB,QAAQ,CAAC;EACrC,CAAC,CAAC;EACFG,OAAO,EAAE5B,MAAC,CAAC6B,YAAY,CACrB7B,MAAC,CAACM,MAAM,CAAC;IACPwB,GAAG,EAAE9B,MAAC,CAACS,MAAM,CAAC,CAAC;IACfsB,GAAG,EAAE/B,MAAC,CAACS,MAAM,CAAC,CAAC;IACfuB,GAAG,EAAEjC,QAAQ,CAAC0B,QAAQ,CAAC,CAAC;IACxBQ,GAAG,EAAElC,QAAQ;IACbmC,OAAO,EAAElC,MAAC,CAACe,OAAO,CAAC,SAAS,CAAC;IAC7BoB,MAAM,EAAEnC,MAAC,CAACM,MAAM,CAAC;MACf8B,gBAAgB,EAAEpC,MAAC,CAACM,MAAM,CAAC;QACzB+B,mBAAmB,EAAErC,MAAC,CAACe,OAAO,CAAC,SAAS;MAC1C,CAAC;IACH,CAAC,CAAC;IACFuB,GAAG,EAAEtC,MAAC,CAACM,MAAM,CAAC;MACZiC,GAAG,EAAEC;IACP,CAAC,CAAC;IACFC,GAAG,EAAEzC,MAAC,CAACS,MAAM,CAAC,CAAC;IACf,eAAe,EAAET,MAAC,CAACS,MAAM,CAAC,CAAC,CAACgB,QAAQ,CAAC,CAAC;IACtCiB,YAAY,EAAE7B,YAAY,CAACY,QAAQ,CAAC,CAAC;IACrCkB,WAAW,EAAE3C,MAAC,CAACS,MAAM,CAAC,CAAC,CAACmC,MAAM,CAAEC,GAAG,IAAK,CAACC,KAAK,CAAC,IAAIC,IAAI,CAACF,GAAG,CAAC,CAACG,OAAO,CAAC,CAAC,CAAC,CAAC;IACxEC,iBAAiB,EAAEjD,MAAC,CAACS,MAAM,CAAC,CAAC;IAC7ByC,eAAe,EAAElD,MAAC,CAACS,MAAM,CAAC;EAC5B,CAAC,CAAC,EACFJ,qBACF;AACF,CAAC,CAAC;AAACD,OAAA,CAAAe,QAAA,GAAAA,QAAA"}
+{"version":3,"names":["_jwk","require","_zod","UnixTime","z","number","min","max","exports","ObfuscatedDisclosures","object","_sd","array","string","Disclosure","tuple","unknown","SdJwt4VC","header","typ","literal","alg","kid","optional","payload","intersection","iss","sub","iat","exp","_sd_alg","status","status_attestation","credential_hash_alg","cnf","jwk","JWK","vct"],"sourceRoot":"../../../src","sources":["sd-jwt/types.ts"],"mappings":";;;;;;AAAA,IAAAA,IAAA,GAAAC,OAAA;AACA,IAAAC,IAAA,GAAAD,OAAA;AAEO,MAAME,QAAQ,GAAGC,MAAC,CAACC,MAAM,CAAC,CAAC,CAACC,GAAG,CAAC,CAAC,CAAC,CAACC,GAAG,CAAC,aAAa,CAAC;AAACC,OAAA,CAAAL,QAAA,GAAAA,QAAA;AAItD,MAAMM,qBAAqB,GAAGL,MAAC,CAACM,MAAM,CAAC;EAAEC,GAAG,EAAEP,MAAC,CAACQ,KAAK,CAACR,MAAC,CAACS,MAAM,CAAC,CAAC;AAAE,CAAC,CAAC;;AAE3E;AACA;AACA;AACA;AACA;AACA;AALAL,OAAA,CAAAC,qBAAA,GAAAA,qBAAA;AAOO,MAAMK,UAAU,GAAGV,MAAC,CAACW,KAAK,CAAC,CAChC,UAAWX,MAAC,CAACS,MAAM,CAAC,CAAC,EACrB,gBAAiBT,MAAC,CAACS,MAAM,CAAC,CAAC,EAC3B,iBAAkBT,MAAC,CAACY,OAAO,CAAC,CAAC,CAC9B,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAPAR,OAAA,CAAAM,UAAA,GAAAA,UAAA;AAcO,MAAMG,QAAQ,GAAGb,MAAC,CAACM,MAAM,CAAC;EAC/BQ,MAAM,EAAEd,MAAC,CAACM,MAAM,CAAC;IACfS,GAAG,EAAEf,MAAC,CAACgB,OAAO,CAAC,WAAW,CAAC;IAC3BC,GAAG,EAAEjB,MAAC,CAACS,MAAM,CAAC,CAAC;IACfS,GAAG,EAAElB,MAAC,CAACS,MAAM,CAAC,CAAC,CAACU,QAAQ,CAAC;EAC3B,CAAC,CAAC;EACFC,OAAO,EAAEpB,MAAC,CAACqB,YAAY,CACrBrB,MAAC,CAACM,MAAM,CAAC;IACPgB,GAAG,EAAEtB,MAAC,CAACS,MAAM,CAAC,CAAC;IACfc,GAAG,EAAEvB,MAAC,CAACS,MAAM,CAAC,CAAC;IACfe,GAAG,EAAEzB,QAAQ,CAACoB,QAAQ,CAAC,CAAC;IACxBM,GAAG,EAAE1B,QAAQ;IACb2B,OAAO,EAAE1B,MAAC,CAACgB,OAAO,CAAC,SAAS,CAAC;IAC7BW,MAAM,EAAE3B,MAAC,CAACM,MAAM,CAAC;MACfsB,kBAAkB,EAAE5B,MAAC,CAACM,MAAM,CAAC;QAC3BuB,mBAAmB,EAAE7B,MAAC,CAACgB,OAAO,CAAC,SAAS;MAC1C,CAAC;IACH,CAAC,CAAC;IACFc,GAAG,EAAE9B,MAAC,CAACM,MAAM,CAAC;MACZyB,GAAG,EAAEC;IACP,CAAC,CAAC;IACFC,GAAG,EAAEjC,MAAC,CAACS,MAAM,CAAC;EAChB,CAAC,CAAC,EACFJ,qBACF;AACF,CAAC,CAAC;AAACD,OAAA,CAAAS,QAAA,GAAAA,QAAA"}

package/lib/commonjs/trust/README.md

@@ -0,0 +1,147 @@
+# Trust Chain Validation
+
+This module implements **Trust Chain validation** for Entity Configurations and Entity Statements in line with the [IT Wallet Federation Specifications](https://italia.github.io/eid-wallet-it-docs/). It ensures that an entity's metadata is trusted by validating a chain of signed JWTs up to a known Trust Anchor.
+
+The validation covers:
+
+* JWT signature verification (using the next entity's JWKS)
+* Trust chain ordering (leaf → parent → Trust Anchor)
+* Optional X.509 CRL-based certificate validation
+
+## Sequence Diagram
+
+```mermaid
+sequenceDiagram
+  autonumber
+  participant A as Leaf Entity
+  participant B as Intermediate (Federation Authority)
+  participant C as Trust Anchor
+
+  A->>A: Self-issued Entity Configuration (JWT)
+  B->>A: Signed Entity Statement (JWT)
+  C->>B: Signed Entity Statement (JWT or self-issued EC)
+
+  Note over A,C: Each JWT is validated with the next issuer's public keys
+```
+
+## Errors
+
+| Error                         | Description                                                        |
+| ----------------------------- | ------------------------------------------------------------------ |
+| `TrustChainEmptyError`        | The input chain is empty.                                          |
+| `TrustChainTokenMissingError` | One of the JWTs in the chain is missing.                           |
+| `X509ValidationError`         | X.509 certificate validation failed (e.g. revocation, expiration). |
+| `FederationError`             | Generic federation processing error.                               |
+
+## Usage
+
+### Validate a trust chain
+
+```ts
+import { validateTrustChain } from "./trust";
+import { trustAnchorEntityConfiguration } from "./your-data";
+import { chain } from "./your-data"; // array of JWTs, starting from leaf
+
+const result = await validateTrustChain(trustAnchorEntityConfiguration, chain, {
+    connectTimeout: 3000,
+    readTimeout: 3000,
+    requireCrl: false,
+});
+```
+
+* The `chain` must be an array of signed JWT strings.
+* The first JWT must be a self-issued `EntityConfiguration`.
+* The last JWT must be an `EntityStatement` or a self-issued Trust Anchor `EntityConfiguration`.
+
+### Renew a trust chain
+
+```ts
+import { renewTrustChain } from "./trust";
+
+const newChain = await renewTrustChain(chain);
+```
+
+This will fetch updated JWTs from each authority in the chain.
+
+### Build a trust chain
+
+```ts
+import { buildTrustChain } from "./trust";
+
+const chain = await buildTrustChain({
+  leaf: "https://example-leaf",
+  trustAnchor: trustAnchorEntityConfiguration,
+});
+```
+
+* **leaf**: the entity URL of the subject to be trusted.
+* **trustAnchor**: the known trust anchor configuration.
+* Returns a list of JWT strings ordered from leaf to trust anchor.
+
+
+## Trust Chain Structure
+
+| Position | JWT Type                            | Requirements                  |
+| -------- | ----------------------------------- |-------------------------------|
+| First    | Entity Configuration                | `iss === sub` (self-issued)   |
+| Middle   | Entity Statement                    | `iss ≠ sub`, signed by parent |
+| Last     | Entity Statement or Trust Anchor EC | Trust Anchor must be known    |
+
+### Build and Validate Example
+
+```ts
+import {
+  buildTrustChain,
+  validateTrustChain,
+} from "./trust";
+import { trustAnchorEntityConfiguration } from "./your-data";
+
+const chain = await buildTrustChain({
+  leaf: "https://example-leaf",
+  trustAnchor: trustAnchorEntityConfiguration,
+});
+
+const result = await validateTrustChain(trustAnchorEntityConfiguration, chain, {
+  connectTimeout: 3000,
+  readTimeout: 3000,
+  requireCrl: true,
+});
+```
+
+* This example fetches and builds the full trust chain dynamically, then validates it end-to-end.
+
+## Example Trust Chain
+
+```ts
+[
+    {
+        header: { alg: "ES256", kid: "leaf-kid" },
+        payload: { iss: "https://leaf", sub: "https://leaf", jwks: { keys: [...] } }
+    },
+    {
+        header: { alg: "ES256", kid: "intermediate-kid" },
+        payload: { iss: "https://intermediate", sub: "https://leaf", jwks: { keys: [...] } }
+    },
+    {
+        header: { alg: "ES256", kid: "ta-kid" },
+        payload: { iss: "https://ta", sub: "https://ta", jwks: { keys: [...] } }
+    }
+]
+```
+
+## Mocking in Tests
+
+If you're testing in Node (not in React Native), you need to mock X.509 and crypto-native dependencies:
+
+```ts
+jest.mock("@pagopa/io-react-native-crypto", () => ({
+    verifyCertificateChain: jest.fn().mockResolvedValue({
+        isValid: true,
+        validationStatus: "VALID",
+        errorMessage: undefined,
+    }),
+    generate: jest.fn().mockResolvedValue({ ... }),
+}));
+```
+
+Ensure mocked `JWK`s contain an `x5c` array to trigger certificate validation logic during tests.

package/lib/commonjs/trust/chain.js

@@ -0,0 +1,153 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.renewTrustChain = renewTrustChain;
+exports.validateTrustChain = validateTrustChain;
+var _types = require("./types");
+var z = _interopRequireWildcard(require("zod"));
+var _ = require(".");
+var _utils = require("./utils");
+var _errors = require("./errors");
+var _ioReactNativeCrypto = require("@pagopa/io-react-native-crypto");
+function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
+function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
+// The first element of the chain is supposed to be the Entity Configuration for the document issuer
+const FirstElementShape = _types.EntityConfiguration;
+// Each element but the first is supposed to be an Entity Statement
+const MiddleElementShape = _types.EntityStatement;
+// The last element of the chain can either be an Entity Statement
+//  or the Entity Configuration for the known Trust Anchor
+const LastElementShape = z.union([_types.EntityStatement, _types.TrustAnchorEntityConfiguration]);
+
+/**
+ * Validates a provided trust chain against a known trust anchor, including X.509 certificate checks.
+ *
+ * @param trustAnchorEntity The entity configuration of the known trust anchor (for JWT validation).
+ * @param chain The chain of statements to be validated.
+ * @param x509Options Options for X.509 certificate validation.
+ * @returns The list of parsed tokens representing the chain.
+ * @throws {FederationError} If the chain is not valid (JWT or X.509). Specific errors like TrustChainEmptyError, X509ValidationError may be thrown.
+ */
+async function validateTrustChain(trustAnchorEntity, chain, x509Options) {
+  // If the chain is empty, fail
+  if (chain.length === 0) {
+    throw new _errors.TrustChainEmptyError("Cannot verify empty trust chain.");
+  }
+
+  // Select the expected token shape
+  const selectTokenShape = elementIndex => elementIndex === 0 ? FirstElementShape : elementIndex === chain.length - 1 ? LastElementShape : MiddleElementShape;
+
+  // Select the kid from the current index
+  const selectKid = currentIndex => {
+    const token = chain[currentIndex];
+    if (!token) {
+      throw new _errors.TrustChainTokenMissingError(`Token missing at index ${currentIndex} in trust chain.`, {
+        index: currentIndex
+      });
+    }
+    const shape = selectTokenShape(currentIndex);
+    return shape.parse((0, _utils.decode)(token)).header.kid;
+  };
+
+  // Select keys from the next token
+  // If the current token is the last, keys from trust anchor will be used
+  const selectKeys = currentIndex => {
+    if (currentIndex === chain.length - 1) {
+      return trustAnchorEntity.payload.jwks.keys;
+    }
+    const nextIndex = currentIndex + 1;
+    const nextToken = chain[nextIndex];
+    if (!nextToken) {
+      throw new _errors.TrustChainTokenMissingError(`Next token missing at index ${nextIndex} (needed for keys for token at ${currentIndex}).`, {
+        index: nextIndex
+      });
+    }
+    const shape = selectTokenShape(nextIndex);
+    return shape.parse((0, _utils.decode)(nextToken)).payload.jwks.keys;
+  };
+  const x509TrustAnchorCertBase64 = (0, _utils.getTrustAnchorX509Certificate)(trustAnchorEntity);
+
+  // Iterate the chain and validate each element's signature against the public keys of its next
+  // If there is no next, hence it's the end of the chain, and it must be verified by the Trust Anchor
+  const validationPromises = chain.map(async (tokenString, i) => {
+    const kidFromTokenHeader = selectKid(i);
+    const signerJwks = selectKeys(i);
+
+    // Step 1: Verify JWT signature
+    const parsedToken = await (0, _utils.verify)(tokenString, kidFromTokenHeader, signerJwks);
+
+    // Step 2: X.509 Certificate Chain Validation
+    const jwkUsedForVerification = signerJwks.find(k => k.kid === kidFromTokenHeader);
+    if (!jwkUsedForVerification) {
+      throw new _errors.FederationError(`JWK with kid '${kidFromTokenHeader}' was not found in signer's JWKS for token at index ${i}, though JWT verification passed.`, {
+        tokenIndex: i,
+        kid: kidFromTokenHeader
+      });
+    }
+    if (!jwkUsedForVerification.x5c || jwkUsedForVerification.x5c.length === 0) {
+      throw new _errors.MissingX509CertsError(`JWK with kid '${kidFromTokenHeader}' does not contain an X.509 certificate chain (x5c) for token at index ${i}.`);
+    }
+
+    // If the chain has more than one certificate AND
+    // the last certificate in the x5c chain is the same as the trust anchor,
+    // remove the anchor from the chain being passed, as it's supplied separately.
+    const certChainBase64 = jwkUsedForVerification.x5c.length > 1 && jwkUsedForVerification.x5c.at(-1) === x509TrustAnchorCertBase64 ? jwkUsedForVerification.x5c.slice(0, -1) : jwkUsedForVerification.x5c;
+    const x509ValidationResult = await (0, _ioReactNativeCrypto.verifyCertificateChain)(certChainBase64, x509TrustAnchorCertBase64, x509Options);
+    if (!x509ValidationResult.isValid) {
+      throw new _errors.X509ValidationError(`X.509 certificate chain validation failed for token at index ${i} (kid: ${kidFromTokenHeader}). Status: ${x509ValidationResult.validationStatus}. Error: ${x509ValidationResult.errorMessage}`, {
+        tokenIndex: i,
+        kid: kidFromTokenHeader,
+        x509ValidationStatus: x509ValidationResult.validationStatus,
+        x509ErrorMessage: x509ValidationResult.errorMessage
+      });
+    }
+    return parsedToken;
+  });
+  return Promise.all(validationPromises);
+}
+
+/**
+ * Given a trust chain, obtain a new trust chain by fetching each element's fresh version
+ *
+ * @param chain The original chain
+ * @param appFetch (optional) fetch api implementation
+ * @returns A list of signed token that represent the trust chain, in the same order of the provided chain
+ * @throws {FederationError} If the chain is not valid
+ */
+async function renewTrustChain(chain) {
+  let appFetch = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : fetch;
+  return Promise.all(chain.map(async (token, index) => {
+    const decoded = (0, _utils.decode)(token);
+    const entityStatementResult = _types.EntityStatement.safeParse(decoded);
+    const entityConfigurationResult = _types.EntityConfiguration.safeParse(decoded);
+    if (entityConfigurationResult.success) {
+      return (0, _.getSignedEntityConfiguration)(entityConfigurationResult.data.payload.iss, {
+        appFetch
+      });
+    }
+    if (entityStatementResult.success) {
+      const entityStatement = entityStatementResult.data;
+      const parentBaseUrl = entityStatement.payload.iss;
+      const parentECJwt = await (0, _.getSignedEntityConfiguration)(parentBaseUrl, {
+        appFetch
+      });
+      const parentEC = _types.EntityConfiguration.parse((0, _utils.decode)(parentECJwt));
+      const federationFetchEndpoint = parentEC.payload.metadata.federation_entity.federation_fetch_endpoint;
+      if (!federationFetchEndpoint) {
+        throw new _errors.MissingFederationFetchEndpointError(`Parent EC at ${parentBaseUrl} is missing federation_fetch_endpoint, cannot renew ES for ${entityStatement.payload.sub}.`, {
+          entityBaseUrl: entityStatement.payload.sub,
+          missingInEntityUrl: parentBaseUrl
+        });
+      }
+      return (0, _.getSignedEntityStatement)(federationFetchEndpoint, entityStatement.payload.sub, {
+        appFetch
+      });
+    }
+    throw new _errors.TrustChainRenewalError(`Failed to renew trust chain. Reason: element #${index} failed to parse.`, {
+      originalChain: chain
+    });
+  }));
+}
+//# sourceMappingURL=chain.js.map

package/lib/commonjs/trust/chain.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["_types","require","z","_interopRequireWildcard","_","_utils","_errors","_ioReactNativeCrypto","_getRequireWildcardCache","nodeInterop","WeakMap","cacheBabelInterop","cacheNodeInterop","obj","__esModule","default","cache","has","get","newObj","hasPropertyDescriptor","Object","defineProperty","getOwnPropertyDescriptor","key","prototype","hasOwnProperty","call","desc","set","FirstElementShape","EntityConfiguration","MiddleElementShape","EntityStatement","LastElementShape","union","TrustAnchorEntityConfiguration","validateTrustChain","trustAnchorEntity","chain","x509Options","length","TrustChainEmptyError","selectTokenShape","elementIndex","selectKid","currentIndex","token","TrustChainTokenMissingError","index","shape","parse","decode","header","kid","selectKeys","payload","jwks","keys","nextIndex","nextToken","x509TrustAnchorCertBase64","getTrustAnchorX509Certificate","validationPromises","map","tokenString","i","kidFromTokenHeader","signerJwks","parsedToken","verify","jwkUsedForVerification","find","k","FederationError","tokenIndex","x5c","MissingX509CertsError","certChainBase64","at","slice","x509ValidationResult","verifyCertificateChain","isValid","X509ValidationError","validationStatus","errorMessage","x509ValidationStatus","x509ErrorMessage","Promise","all","renewTrustChain","appFetch","arguments","undefined","fetch","decoded","entityStatementResult","safeParse","entityConfigurationResult","success","getSignedEntityConfiguration","data","iss","entityStatement","parentBaseUrl","parentECJwt","parentEC","federationFetchEndpoint","metadata","federation_entity","federation_fetch_endpoint","MissingFederationFetchEndpointError","sub","entityBaseUrl","missingInEntityUrl","getSignedEntityStatement","TrustChainRenewalError","originalChain"],"sourceRoot":"../../../src","sources":["trust/chain.ts"],"mappings":";;;;;;;AAAA,IAAAA,MAAA,GAAAC,OAAA;AAMA,IAAAC,CAAA,GAAAC,uBAAA,CAAAF,OAAA;AACA,IAAAG,CAAA,GAAAH,OAAA;AACA,IAAAI,MAAA,GAAAJ,OAAA;AAMA,IAAAK,OAAA,GAAAL,OAAA;AASA,IAAAM,oBAAA,GAAAN,OAAA;AAIwC,SAAAO,yBAAAC,WAAA,eAAAC,OAAA,kCAAAC,iBAAA,OAAAD,OAAA,QAAAE,gBAAA,OAAAF,OAAA,YAAAF,wBAAA,YAAAA,CAAAC,WAAA,WAAAA,WAAA,GAAAG,gBAAA,GAAAD,iBAAA,KAAAF,WAAA;AAAA,SAAAN,wBAAAU,GAAA,EAAAJ,WAAA,SAAAA,WAAA,IAAAI,GAAA,IAAAA,GAAA,CAAAC,UAAA,WAAAD,GAAA,QAAAA,GAAA,oBAAAA,GAAA,wBAAAA,GAAA,4BAAAE,OAAA,EAAAF,GAAA,UAAAG,KAAA,GAAAR,wBAAA,CAAAC,WAAA,OAAAO,KAAA,IAAAA,KAAA,CAAAC,GAAA,CAAAJ,GAAA,YAAAG,KAAA,CAAAE,GAAA,CAAAL,GAAA,SAAAM,MAAA,WAAAC,qBAAA,GAAAC,MAAA,CAAAC,cAAA,IAAAD,MAAA,CAAAE,wBAAA,WAAAC,GAAA,IAAAX,GAAA,QAAAW,GAAA,kBAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAd,GAAA,EAAAW,GAAA,SAAAI,IAAA,GAAAR,qBAAA,GAAAC,MAAA,CAAAE,wBAAA,CAAAV,GAAA,EAAAW,GAAA,cAAAI,IAAA,KAAAA,IAAA,CAAAV,GAAA,IAAAU,IAAA,CAAAC,GAAA,KAAAR,MAAA,CAAAC,cAAA,CAAAH,MAAA,EAAAK,GAAA,EAAAI,IAAA,YAAAT,MAAA,CAAAK,GAAA,IAAAX,GAAA,CAAAW,GAAA,SAAAL,MAAA,CAAAJ,OAAA,GAAAF,GAAA,MAAAG,KAAA,IAAAA,KAAA,CAAAa,GAAA,CAAAhB,GAAA,EAAAM,MAAA,YAAAA,MAAA;AAExC;AACA,MAAMW,iBAAiB,GAAGC,0BAAmB;AAC7C;AACA,MAAMC,kBAAkB,GAAGC,sBAAe;AAC1C;AACA;AACA,MAAMC,gBAAgB,GAAGhC,CAAC,CAACiC,KAAK,CAAC,CAC/BF,sBAAe,EACfG,qCAA8B,CAC/B,CAAC;;AAEF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,eAAeC,kBAAkBA,CACtCC,iBAAiD,EACjDC,KAAe,EACfC,WAAmC,EACX;EACxB;EACA,IAAID,KAAK,CAACE,MAAM,KAAK,CAAC,EAAE;IACtB,MAAM,IAAIC,4BAAoB,CAAC,kCAAkC,CAAC;EACpE;;EAEA;EACA,MAAMC,gBAAgB,GAAIC,YAAoB,IAC5CA,YAAY,KAAK,CAAC,GACdd,iBAAiB,GACjBc,YAAY,KAAKL,KAAK,CAACE,MAAM,GAAG,CAAC,GAC/BP,gBAAgB,GAChBF,kBAAkB;;EAE1B;EACA,MAAMa,SAAS,GAAIC,YAAoB,IAAa;IAClD,MAAMC,KAAK,GAAGR,KAAK,CAACO,YAAY,CAAC;IACjC,IAAI,CAACC,KAAK,EAAE;MACV,MAAM,IAAIC,mCAA2B,CAClC,0BAAyBF,YAAa,kBAAiB,EACxD;QAAEG,KAAK,EAAEH;MAAa,CACxB,CAAC;IACH;IACA,MAAMI,KAAK,GAAGP,gBAAgB,CAACG,YAAY,CAAC;IAC5C,OAAOI,KAAK,CAACC,KAAK,CAAC,IAAAC,aAAM,EAACL,KAAK,CAAC,CAAC,CAACM,MAAM,CAACC,GAAG;EAC9C,CAAC;;EAED;EACA;EACA,MAAMC,UAAU,GAAIT,YAAoB,IAAY;IAClD,IAAIA,YAAY,KAAKP,KAAK,CAACE,MAAM,GAAG,CAAC,EAAE;MACrC,OAAOH,iBAAiB,CAACkB,OAAO,CAACC,IAAI,CAACC,IAAI;IAC5C;IAEA,MAAMC,SAAS,GAAGb,YAAY,GAAG,CAAC;IAClC,MAAMc,SAAS,GAAGrB,KAAK,CAACoB,SAAS,CAAC;IAClC,IAAI,CAACC,SAAS,EAAE;MACd,MAAM,IAAIZ,mCAA2B,CAClC,+BAA8BW,SAAU,kCAAiCb,YAAa,IAAG,EAC1F;QAAEG,KAAK,EAAEU;MAAU,CACrB,CAAC;IACH;IACA,MAAMT,KAAK,GAAGP,gBAAgB,CAACgB,SAAS,CAAC;IACzC,OAAOT,KAAK,CAACC,KAAK,CAAC,IAAAC,aAAM,EAACQ,SAAS,CAAC,CAAC,CAACJ,OAAO,CAACC,IAAI,CAACC,IAAI;EACzD,CAAC;EAED,MAAMG,yBAAyB,GAC7B,IAAAC,oCAA6B,EAACxB,iBAAiB,CAAC;;EAElD;EACA;EACA,MAAMyB,kBAAkB,GAAGxB,KAAK,CAACyB,GAAG,CAAC,OAAOC,WAAW,EAAEC,CAAC,KAAK;IAC7D,MAAMC,kBAAkB,GAAGtB,SAAS,CAACqB,CAAC,CAAC;IACvC,MAAME,UAAU,GAAGb,UAAU,CAACW,CAAC,CAAC;;IAEhC;IACA,MAAMG,WAAW,GAAG,MAAM,IAAAC,aAAM,EAC9BL,WAAW,EACXE,kBAAkB,EAClBC,UACF,CAAC;;IAED;IACA,MAAMG,sBAAsB,GAAGH,UAAU,CAACI,IAAI,CAC3CC,CAAC,IAAKA,CAAC,CAACnB,GAAG,KAAKa,kBACnB,CAAC;IAED,IAAI,CAACI,sBAAsB,EAAE;MAC3B,MAAM,IAAIG,uBAAe,CACtB,iBAAgBP,kBAAmB,uDAAsDD,CAAE,mCAAkC,EAC9H;QAAES,UAAU,EAAET,CAAC;QAAEZ,GAAG,EAAEa;MAAmB,CAC3C,CAAC;IACH;IAEA,IACE,CAACI,sBAAsB,CAACK,GAAG,IAC3BL,sBAAsB,CAACK,GAAG,CAACnC,MAAM,KAAK,CAAC,EACvC;MACA,MAAM,IAAIoC,6BAAqB,CAC5B,iBAAgBV,kBAAmB,0EAAyED,CAAE,GACjH,CAAC;IACH;;IAEA;IACA;IACA;IACA,MAAMY,eAAe,GACnBP,sBAAsB,CAACK,GAAG,CAACnC,MAAM,GAAG,CAAC,IACrC8B,sBAAsB,CAACK,GAAG,CAACG,EAAE,CAAC,CAAC,CAAC,CAAC,KAAKlB,yBAAyB,GAC3DU,sBAAsB,CAACK,GAAG,CAACI,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GACvCT,sBAAsB,CAACK,GAAG;IAEhC,MAAMK,oBAAiD,GACrD,MAAM,IAAAC,2CAAsB,EAC1BJ,eAAe,EACfjB,yBAAyB,EACzBrB,WACF,CAAC;IAEH,IAAI,CAACyC,oBAAoB,CAACE,OAAO,EAAE;MACjC,MAAM,IAAIC,2BAAmB,CAC1B,gEAA+DlB,CAAE,UAASC,kBAAmB,cAAac,oBAAoB,CAACI,gBAAiB,YAAWJ,oBAAoB,CAACK,YAAa,EAAC,EAC/L;QACEX,UAAU,EAAET,CAAC;QACbZ,GAAG,EAAEa,kBAAkB;QACvBoB,oBAAoB,EAAEN,oBAAoB,CAACI,gBAAgB;QAC3DG,gBAAgB,EAAEP,oBAAoB,CAACK;MACzC,CACF,CAAC;IACH;IACA,OAAOjB,WAAW;EACpB,CAAC,CAAC;EAEF,OAAOoB,OAAO,CAACC,GAAG,CAAC3B,kBAAkB,CAAC;AACxC;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,eAAe4B,eAAeA,CACnCpD,KAAe,EAEI;EAAA,IADnBqD,QAA8B,GAAAC,SAAA,CAAApD,MAAA,QAAAoD,SAAA,QAAAC,SAAA,GAAAD,SAAA,MAAGE,KAAK;EAEtC,OAAON,OAAO,CAACC,GAAG,CAChBnD,KAAK,CAACyB,GAAG,CAAC,OAAOjB,KAAK,EAAEE,KAAK,KAAK;IAChC,MAAM+C,OAAO,GAAG,IAAA5C,aAAM,EAACL,KAAK,CAAC;IAE7B,MAAMkD,qBAAqB,GAAGhE,sBAAe,CAACiE,SAAS,CAACF,OAAO,CAAC;IAChE,MAAMG,yBAAyB,GAAGpE,0BAAmB,CAACmE,SAAS,CAACF,OAAO,CAAC;IAExE,IAAIG,yBAAyB,CAACC,OAAO,EAAE;MACrC,OAAO,IAAAC,8BAA4B,EACjCF,yBAAyB,CAACG,IAAI,CAAC9C,OAAO,CAAC+C,GAAG,EAC1C;QAAEX;MAAS,CACb,CAAC;IACH;IACA,IAAIK,qBAAqB,CAACG,OAAO,EAAE;MACjC,MAAMI,eAAe,GAAGP,qBAAqB,CAACK,IAAI;MAElD,MAAMG,aAAa,GAAGD,eAAe,CAAChD,OAAO,CAAC+C,GAAG;MACjD,MAAMG,WAAW,GAAG,MAAM,IAAAL,8BAA4B,EAACI,aAAa,EAAE;QACpEb;MACF,CAAC,CAAC;MACF,MAAMe,QAAQ,GAAG5E,0BAAmB,CAACoB,KAAK,CAAC,IAAAC,aAAM,EAACsD,WAAW,CAAC,CAAC;MAE/D,MAAME,uBAAuB,GAC3BD,QAAQ,CAACnD,OAAO,CAACqD,QAAQ,CAACC,iBAAiB,CAACC,yBAAyB;MACvE,IAAI,CAACH,uBAAuB,EAAE;QAC5B,MAAM,IAAII,2CAAmC,CAC1C,gBAAeP,aAAc,8DAA6DD,eAAe,CAAChD,OAAO,CAACyD,GAAI,GAAE,EACzH;UACEC,aAAa,EAAEV,eAAe,CAAChD,OAAO,CAACyD,GAAG;UAC1CE,kBAAkB,EAAEV;QACtB,CACF,CAAC;MACH;MACA,OAAO,IAAAW,0BAAwB,EAC7BR,uBAAuB,EACvBJ,eAAe,CAAChD,OAAO,CAACyD,GAAG,EAC3B;QAAErB;MAAS,CACb,CAAC;IACH;IACA,MAAM,IAAIyB,8BAAsB,CAC7B,iDAAgDpE,KAAM,mBAAkB,EACzE;MAAEqE,aAAa,EAAE/E;IAAM,CACzB,CAAC;EACH,CAAC,CACH,CAAC;AACH"}