@peac/kernel 0.11.3 → 0.12.0-preview.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/constants.cjs +33 -0
- package/dist/constants.cjs.map +1 -1
- package/dist/constants.d.ts +89 -8
- package/dist/constants.d.ts.map +1 -1
- package/dist/constants.mjs +24 -1
- package/dist/constants.mjs.map +1 -1
- package/dist/error-categories.generated.d.ts +2 -2
- package/dist/error-categories.generated.d.ts.map +1 -1
- package/dist/errors.cjs +202 -0
- package/dist/errors.cjs.map +1 -1
- package/dist/errors.generated.d.ts +21 -1
- package/dist/errors.generated.d.ts.map +1 -1
- package/dist/errors.mjs +202 -0
- package/dist/errors.mjs.map +1 -1
- package/dist/index.cjs +236 -0
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.ts +4 -2
- package/dist/index.d.ts.map +1 -1
- package/dist/index.mjs +227 -1
- package/dist/index.mjs.map +1 -1
- package/dist/types.cjs +1 -0
- package/dist/types.cjs.map +1 -1
- package/dist/types.d.ts +10 -0
- package/dist/types.d.ts.map +1 -1
- package/dist/types.mjs +1 -0
- package/dist/types.mjs.map +1 -1
- package/dist/wire-02-types.d.ts +60 -0
- package/dist/wire-02-types.d.ts.map +1 -0
- package/package.json +1 -1
package/dist/errors.mjs
CHANGED
|
@@ -34,6 +34,12 @@ var ERROR_CODES = {
|
|
|
34
34
|
// Control error codes
|
|
35
35
|
E_CONTROL_DENIED: "E_CONTROL_DENIED",
|
|
36
36
|
E_CONTROL_REVIEW_REQUIRED: "E_CONTROL_REVIEW_REQUIRED",
|
|
37
|
+
// Cryptography error codes
|
|
38
|
+
E_JWS_B64_REJECTED: "E_JWS_B64_REJECTED",
|
|
39
|
+
E_JWS_CRIT_REJECTED: "E_JWS_CRIT_REJECTED",
|
|
40
|
+
E_JWS_EMBEDDED_KEY: "E_JWS_EMBEDDED_KEY",
|
|
41
|
+
E_JWS_MISSING_KID: "E_JWS_MISSING_KID",
|
|
42
|
+
E_JWS_ZIP_REJECTED: "E_JWS_ZIP_REJECTED",
|
|
37
43
|
// Dispute error codes
|
|
38
44
|
E_DISPUTE_DUPLICATE: "E_DISPUTE_DUPLICATE",
|
|
39
45
|
E_DISPUTE_EXPIRED: "E_DISPUTE_EXPIRED",
|
|
@@ -107,6 +113,10 @@ var ERROR_CODES = {
|
|
|
107
113
|
E_UCP_VERIFICATION_FAILED: "E_UCP_VERIFICATION_FAILED",
|
|
108
114
|
// Validation error codes
|
|
109
115
|
E_CONSTRAINT_VIOLATION: "E_CONSTRAINT_VIOLATION",
|
|
116
|
+
E_EAT_INVALID_CBOR: "E_EAT_INVALID_CBOR",
|
|
117
|
+
E_EAT_INVALID_COSE: "E_EAT_INVALID_COSE",
|
|
118
|
+
E_EAT_SIZE_EXCEEDED: "E_EAT_SIZE_EXCEEDED",
|
|
119
|
+
E_EAT_UNSUPPORTED_ALG: "E_EAT_UNSUPPORTED_ALG",
|
|
110
120
|
E_EVIDENCE_NOT_JSON: "E_EVIDENCE_NOT_JSON",
|
|
111
121
|
E_EXPIRED: "E_EXPIRED",
|
|
112
122
|
E_INVALID_AMOUNT: "E_INVALID_AMOUNT",
|
|
@@ -114,16 +124,27 @@ var ERROR_CODES = {
|
|
|
114
124
|
E_INVALID_CURRENCY: "E_INVALID_CURRENCY",
|
|
115
125
|
E_INVALID_FORMAT: "E_INVALID_FORMAT",
|
|
116
126
|
E_INVALID_ISSUER: "E_INVALID_ISSUER",
|
|
127
|
+
E_INVALID_KIND: "E_INVALID_KIND",
|
|
128
|
+
E_INVALID_PILLAR_VALUE: "E_INVALID_PILLAR_VALUE",
|
|
117
129
|
E_INVALID_RAIL: "E_INVALID_RAIL",
|
|
118
130
|
E_INVALID_RECEIPT_ID: "E_INVALID_RECEIPT_ID",
|
|
119
131
|
E_INVALID_SUBJECT: "E_INVALID_SUBJECT",
|
|
132
|
+
E_INVALID_TYPE: "E_INVALID_TYPE",
|
|
133
|
+
E_ISS_NOT_CANONICAL: "E_ISS_NOT_CANONICAL",
|
|
120
134
|
E_MISSING_EXP: "E_MISSING_EXP",
|
|
121
135
|
E_MISSING_REQUIRED_CLAIM: "E_MISSING_REQUIRED_CLAIM",
|
|
122
136
|
E_NOT_YET_VALID: "E_NOT_YET_VALID",
|
|
137
|
+
E_OCCURRED_AT_FUTURE: "E_OCCURRED_AT_FUTURE",
|
|
138
|
+
E_OCCURRED_AT_ON_CHALLENGE: "E_OCCURRED_AT_ON_CHALLENGE",
|
|
123
139
|
E_PARSE_ATTESTATION_INVALID: "E_PARSE_ATTESTATION_INVALID",
|
|
124
140
|
E_PARSE_COMMERCE_INVALID: "E_PARSE_COMMERCE_INVALID",
|
|
125
141
|
E_PARSE_INVALID_INPUT: "E_PARSE_INVALID_INPUT",
|
|
142
|
+
E_PILLARS_NOT_SORTED: "E_PILLARS_NOT_SORTED",
|
|
143
|
+
E_POLICY_BINDING_FAILED: "E_POLICY_BINDING_FAILED",
|
|
144
|
+
E_UNSUPPORTED_WIRE_VERSION: "E_UNSUPPORTED_WIRE_VERSION",
|
|
145
|
+
E_WIRE_VERSION_MISMATCH: "E_WIRE_VERSION_MISMATCH",
|
|
126
146
|
// Verification error codes
|
|
147
|
+
E_EAT_SIGNATURE_FAILED: "E_EAT_SIGNATURE_FAILED",
|
|
127
148
|
E_INVALID_SIGNATURE: "E_INVALID_SIGNATURE",
|
|
128
149
|
E_KEY_NOT_FOUND: "E_KEY_NOT_FOUND",
|
|
129
150
|
E_KID_REUSE_DETECTED: "E_KID_REUSE_DETECTED",
|
|
@@ -445,6 +466,52 @@ var ERRORS = {
|
|
|
445
466
|
next_action: "contact_issuer",
|
|
446
467
|
category: "control"
|
|
447
468
|
},
|
|
469
|
+
// Cryptography error codes
|
|
470
|
+
E_JWS_B64_REJECTED: {
|
|
471
|
+
code: "E_JWS_B64_REJECTED",
|
|
472
|
+
http_status: 400,
|
|
473
|
+
title: "JWS b64:false Rejected",
|
|
474
|
+
description: "JWS header contains b64:false (RFC 7797 unencoded payload); unencoded payloads are not supported",
|
|
475
|
+
retryable: false,
|
|
476
|
+
next_action: "abort",
|
|
477
|
+
category: "cryptography"
|
|
478
|
+
},
|
|
479
|
+
E_JWS_CRIT_REJECTED: {
|
|
480
|
+
code: "E_JWS_CRIT_REJECTED",
|
|
481
|
+
http_status: 400,
|
|
482
|
+
title: "JWS crit Header Rejected",
|
|
483
|
+
description: "JWS header contains a crit field; critical header extensions are not supported and are rejected",
|
|
484
|
+
retryable: false,
|
|
485
|
+
next_action: "abort",
|
|
486
|
+
category: "cryptography"
|
|
487
|
+
},
|
|
488
|
+
E_JWS_EMBEDDED_KEY: {
|
|
489
|
+
code: "E_JWS_EMBEDDED_KEY",
|
|
490
|
+
http_status: 400,
|
|
491
|
+
title: "JWS Embedded Key Rejected",
|
|
492
|
+
description: "JWS header contains an embedded key (jwk, x5c, x5u, or jku); embedded key material is rejected by the PEAC JOSE hardening rules",
|
|
493
|
+
retryable: false,
|
|
494
|
+
next_action: "abort",
|
|
495
|
+
category: "cryptography"
|
|
496
|
+
},
|
|
497
|
+
E_JWS_MISSING_KID: {
|
|
498
|
+
code: "E_JWS_MISSING_KID",
|
|
499
|
+
http_status: 400,
|
|
500
|
+
title: "JWS kid Missing or Invalid",
|
|
501
|
+
description: "JWS header kid field is absent, empty, or exceeds the maximum allowed length (256 characters)",
|
|
502
|
+
retryable: false,
|
|
503
|
+
next_action: "abort",
|
|
504
|
+
category: "cryptography"
|
|
505
|
+
},
|
|
506
|
+
E_JWS_ZIP_REJECTED: {
|
|
507
|
+
code: "E_JWS_ZIP_REJECTED",
|
|
508
|
+
http_status: 400,
|
|
509
|
+
title: "JWS zip Header Rejected",
|
|
510
|
+
description: "JWS header contains a zip compression field; payload compression is not supported",
|
|
511
|
+
retryable: false,
|
|
512
|
+
next_action: "abort",
|
|
513
|
+
category: "cryptography"
|
|
514
|
+
},
|
|
448
515
|
// Dispute error codes
|
|
449
516
|
E_DISPUTE_DUPLICATE: {
|
|
450
517
|
code: "E_DISPUTE_DUPLICATE",
|
|
@@ -1054,6 +1121,42 @@ var ERRORS = {
|
|
|
1054
1121
|
next_action: "retry_with_different_input",
|
|
1055
1122
|
category: "validation"
|
|
1056
1123
|
},
|
|
1124
|
+
E_EAT_INVALID_CBOR: {
|
|
1125
|
+
code: "E_EAT_INVALID_CBOR",
|
|
1126
|
+
http_status: 400,
|
|
1127
|
+
title: "EAT Invalid CBOR",
|
|
1128
|
+
description: "EAT token is not valid CBOR or the payload is not a CBOR map",
|
|
1129
|
+
retryable: false,
|
|
1130
|
+
next_action: "abort",
|
|
1131
|
+
category: "validation"
|
|
1132
|
+
},
|
|
1133
|
+
E_EAT_INVALID_COSE: {
|
|
1134
|
+
code: "E_EAT_INVALID_COSE",
|
|
1135
|
+
http_status: 400,
|
|
1136
|
+
title: "EAT Invalid COSE",
|
|
1137
|
+
description: "EAT token is not a valid COSE_Sign1 structure per RFC 9052 Section 4.2",
|
|
1138
|
+
retryable: false,
|
|
1139
|
+
next_action: "abort",
|
|
1140
|
+
category: "validation"
|
|
1141
|
+
},
|
|
1142
|
+
E_EAT_SIZE_EXCEEDED: {
|
|
1143
|
+
code: "E_EAT_SIZE_EXCEEDED",
|
|
1144
|
+
http_status: 400,
|
|
1145
|
+
title: "EAT Size Exceeded",
|
|
1146
|
+
description: "EAT token exceeds the 64 KB size limit enforced before CBOR decode",
|
|
1147
|
+
retryable: false,
|
|
1148
|
+
next_action: "abort",
|
|
1149
|
+
category: "validation"
|
|
1150
|
+
},
|
|
1151
|
+
E_EAT_UNSUPPORTED_ALG: {
|
|
1152
|
+
code: "E_EAT_UNSUPPORTED_ALG",
|
|
1153
|
+
http_status: 400,
|
|
1154
|
+
title: "EAT Unsupported Algorithm",
|
|
1155
|
+
description: "COSE_Sign1 uses an unsupported algorithm; only EdDSA (alg: -8) is supported",
|
|
1156
|
+
retryable: false,
|
|
1157
|
+
next_action: "abort",
|
|
1158
|
+
category: "validation"
|
|
1159
|
+
},
|
|
1057
1160
|
E_EVIDENCE_NOT_JSON: {
|
|
1058
1161
|
code: "E_EVIDENCE_NOT_JSON",
|
|
1059
1162
|
http_status: 400,
|
|
@@ -1117,6 +1220,24 @@ var ERRORS = {
|
|
|
1117
1220
|
next_action: "retry_with_different_input",
|
|
1118
1221
|
category: "validation"
|
|
1119
1222
|
},
|
|
1223
|
+
E_INVALID_KIND: {
|
|
1224
|
+
code: "E_INVALID_KIND",
|
|
1225
|
+
http_status: 400,
|
|
1226
|
+
title: "Invalid Kind",
|
|
1227
|
+
description: "Wire 0.2 receipt kind field is missing or not one of the accepted structural kinds (evidence, challenge)",
|
|
1228
|
+
retryable: false,
|
|
1229
|
+
next_action: "abort",
|
|
1230
|
+
category: "validation"
|
|
1231
|
+
},
|
|
1232
|
+
E_INVALID_PILLAR_VALUE: {
|
|
1233
|
+
code: "E_INVALID_PILLAR_VALUE",
|
|
1234
|
+
http_status: 400,
|
|
1235
|
+
title: "Invalid Pillar Value",
|
|
1236
|
+
description: "Wire 0.2 pillars array contains an unrecognized pillar value outside the closed 10-value taxonomy",
|
|
1237
|
+
retryable: false,
|
|
1238
|
+
next_action: "abort",
|
|
1239
|
+
category: "validation"
|
|
1240
|
+
},
|
|
1120
1241
|
E_INVALID_RAIL: {
|
|
1121
1242
|
code: "E_INVALID_RAIL",
|
|
1122
1243
|
http_status: 400,
|
|
@@ -1144,6 +1265,24 @@ var ERRORS = {
|
|
|
1144
1265
|
next_action: "retry_with_different_input",
|
|
1145
1266
|
category: "validation"
|
|
1146
1267
|
},
|
|
1268
|
+
E_INVALID_TYPE: {
|
|
1269
|
+
code: "E_INVALID_TYPE",
|
|
1270
|
+
http_status: 400,
|
|
1271
|
+
title: "Invalid Type",
|
|
1272
|
+
description: "Wire 0.2 receipt type field is missing or does not conform to the required grammar (reverse-DNS or absolute URI)",
|
|
1273
|
+
retryable: false,
|
|
1274
|
+
next_action: "abort",
|
|
1275
|
+
category: "validation"
|
|
1276
|
+
},
|
|
1277
|
+
E_ISS_NOT_CANONICAL: {
|
|
1278
|
+
code: "E_ISS_NOT_CANONICAL",
|
|
1279
|
+
http_status: 400,
|
|
1280
|
+
title: "Issuer Not Canonical",
|
|
1281
|
+
description: "Wire 0.2 iss claim does not conform to canonical form: must be an https:// ASCII origin (no default port, no path) or a did: identifier",
|
|
1282
|
+
retryable: false,
|
|
1283
|
+
next_action: "abort",
|
|
1284
|
+
category: "validation"
|
|
1285
|
+
},
|
|
1147
1286
|
E_MISSING_EXP: {
|
|
1148
1287
|
code: "E_MISSING_EXP",
|
|
1149
1288
|
http_status: 400,
|
|
@@ -1171,6 +1310,24 @@ var ERRORS = {
|
|
|
1171
1310
|
next_action: "retry_after_delay",
|
|
1172
1311
|
category: "validation"
|
|
1173
1312
|
},
|
|
1313
|
+
E_OCCURRED_AT_FUTURE: {
|
|
1314
|
+
code: "E_OCCURRED_AT_FUTURE",
|
|
1315
|
+
http_status: 400,
|
|
1316
|
+
title: "occurred_at in Future",
|
|
1317
|
+
description: "Wire 0.2 occurred_at is more than the tolerance window ahead of the current time; the timestamp appears to be in the future",
|
|
1318
|
+
retryable: false,
|
|
1319
|
+
next_action: "retry_after_delay",
|
|
1320
|
+
category: "validation"
|
|
1321
|
+
},
|
|
1322
|
+
E_OCCURRED_AT_ON_CHALLENGE: {
|
|
1323
|
+
code: "E_OCCURRED_AT_ON_CHALLENGE",
|
|
1324
|
+
http_status: 400,
|
|
1325
|
+
title: "occurred_at on Challenge",
|
|
1326
|
+
description: "Wire 0.2 occurred_at field is present on a challenge-kind receipt; occurred_at is only permitted on evidence-kind receipts",
|
|
1327
|
+
retryable: false,
|
|
1328
|
+
next_action: "abort",
|
|
1329
|
+
category: "validation"
|
|
1330
|
+
},
|
|
1174
1331
|
E_PARSE_ATTESTATION_INVALID: {
|
|
1175
1332
|
code: "E_PARSE_ATTESTATION_INVALID",
|
|
1176
1333
|
http_status: 400,
|
|
@@ -1198,7 +1355,52 @@ var ERRORS = {
|
|
|
1198
1355
|
next_action: "retry_with_different_input",
|
|
1199
1356
|
category: "validation"
|
|
1200
1357
|
},
|
|
1358
|
+
E_PILLARS_NOT_SORTED: {
|
|
1359
|
+
code: "E_PILLARS_NOT_SORTED",
|
|
1360
|
+
http_status: 400,
|
|
1361
|
+
title: "Pillars Not Sorted",
|
|
1362
|
+
description: "Wire 0.2 pillars array is not in ascending lexicographic order or contains duplicates",
|
|
1363
|
+
retryable: false,
|
|
1364
|
+
next_action: "abort",
|
|
1365
|
+
category: "validation"
|
|
1366
|
+
},
|
|
1367
|
+
E_POLICY_BINDING_FAILED: {
|
|
1368
|
+
code: "E_POLICY_BINDING_FAILED",
|
|
1369
|
+
http_status: 400,
|
|
1370
|
+
title: "Policy Binding Failed",
|
|
1371
|
+
description: "Wire 0.2 policy.digest does not match the computed digest of the provided policy document",
|
|
1372
|
+
retryable: false,
|
|
1373
|
+
next_action: "none",
|
|
1374
|
+
category: "validation"
|
|
1375
|
+
},
|
|
1376
|
+
E_UNSUPPORTED_WIRE_VERSION: {
|
|
1377
|
+
code: "E_UNSUPPORTED_WIRE_VERSION",
|
|
1378
|
+
http_status: 400,
|
|
1379
|
+
title: "Unsupported Wire Version",
|
|
1380
|
+
description: "Receipt peac_version field specifies a wire version that is not supported by this implementation",
|
|
1381
|
+
retryable: false,
|
|
1382
|
+
next_action: "abort",
|
|
1383
|
+
category: "validation"
|
|
1384
|
+
},
|
|
1385
|
+
E_WIRE_VERSION_MISMATCH: {
|
|
1386
|
+
code: "E_WIRE_VERSION_MISMATCH",
|
|
1387
|
+
http_status: 400,
|
|
1388
|
+
title: "Wire Version Mismatch",
|
|
1389
|
+
description: "JWS header typ value and peac_version payload claim indicate different wire versions; the receipt is incoherent",
|
|
1390
|
+
retryable: false,
|
|
1391
|
+
next_action: "abort",
|
|
1392
|
+
category: "validation"
|
|
1393
|
+
},
|
|
1201
1394
|
// Verification error codes
|
|
1395
|
+
E_EAT_SIGNATURE_FAILED: {
|
|
1396
|
+
code: "E_EAT_SIGNATURE_FAILED",
|
|
1397
|
+
http_status: 400,
|
|
1398
|
+
title: "EAT Signature Failed",
|
|
1399
|
+
description: "COSE_Sign1 Ed25519 signature verification failed over the Sig_structure",
|
|
1400
|
+
retryable: false,
|
|
1401
|
+
next_action: "retry_with_different_key",
|
|
1402
|
+
category: "verification"
|
|
1403
|
+
},
|
|
1202
1404
|
E_INVALID_SIGNATURE: {
|
|
1203
1405
|
code: "E_INVALID_SIGNATURE",
|
|
1204
1406
|
http_status: 400,
|