npm - @sempdev/semp - Versions diffs - 0.4.3 - Mend

@sempdev/semp 0.4.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (559) hide show

package/LICENSE +21 -0
package/README.md +59 -0
package/dist/brief/address.d.ts +77 -0
package/dist/brief/address.d.ts.map +1 -0
package/dist/brief/address.js +217 -0
package/dist/brief/address.js.map +1 -0
package/dist/brief/brief.d.ts +75 -0
package/dist/brief/brief.d.ts.map +1 -0
package/dist/brief/brief.js +56 -0
package/dist/brief/brief.js.map +1 -0
package/dist/brief/index.d.ts +11 -0
package/dist/brief/index.d.ts.map +1 -0
package/dist/brief/index.js +11 -0
package/dist/brief/index.js.map +1 -0
package/dist/canonical/index.d.ts +8 -0
package/dist/canonical/index.d.ts.map +1 -0
package/dist/canonical/index.js +8 -0
package/dist/canonical/index.js.map +1 -0
package/dist/canonical/marshal.d.ts +35 -0
package/dist/canonical/marshal.d.ts.map +1 -0
package/dist/canonical/marshal.js +107 -0
package/dist/canonical/marshal.js.map +1 -0
package/dist/clockskew/index.d.ts +52 -0
package/dist/clockskew/index.d.ts.map +1 -0
package/dist/clockskew/index.js +62 -0
package/dist/clockskew/index.js.map +1 -0
package/dist/closure/closure.d.ts +106 -0
package/dist/closure/closure.d.ts.map +1 -0
package/dist/closure/closure.js +152 -0
package/dist/closure/closure.js.map +1 -0
package/dist/closure/driver.d.ts +103 -0
package/dist/closure/driver.d.ts.map +1 -0
package/dist/closure/driver.js +126 -0
package/dist/closure/driver.js.map +1 -0
package/dist/closure/index.d.ts +13 -0
package/dist/closure/index.d.ts.map +1 -0
package/dist/closure/index.js +13 -0
package/dist/closure/index.js.map +1 -0
package/dist/closure/store.d.ts +80 -0
package/dist/closure/store.d.ts.map +1 -0
package/dist/closure/store.js +89 -0
package/dist/closure/store.js.map +1 -0
package/dist/crypto/aead.d.ts +29 -0
package/dist/crypto/aead.d.ts.map +1 -0
package/dist/crypto/aead.js +48 -0
package/dist/crypto/aead.js.map +1 -0
package/dist/crypto/argon2.d.ts +20 -0
package/dist/crypto/argon2.d.ts.map +1 -0
package/dist/crypto/argon2.js +28 -0
package/dist/crypto/argon2.js.map +1 -0
package/dist/crypto/index.d.ts +14 -0
package/dist/crypto/index.d.ts.map +1 -0
package/dist/crypto/index.js +14 -0
package/dist/crypto/index.js.map +1 -0
package/dist/crypto/kdf.d.ts +96 -0
package/dist/crypto/kdf.d.ts.map +1 -0
package/dist/crypto/kdf.js +122 -0
package/dist/crypto/kdf.js.map +1 -0
package/dist/crypto/kem.d.ts +85 -0
package/dist/crypto/kem.d.ts.map +1 -0
package/dist/crypto/kem.js +130 -0
package/dist/crypto/kem.js.map +1 -0
package/dist/crypto/mac.d.ts +19 -0
package/dist/crypto/mac.d.ts.map +1 -0
package/dist/crypto/mac.js +32 -0
package/dist/crypto/mac.js.map +1 -0
package/dist/delivery/ack.d.ts +125 -0
package/dist/delivery/ack.d.ts.map +1 -0
package/dist/delivery/ack.js +141 -0
package/dist/delivery/ack.js.map +1 -0
package/dist/delivery/blocklist.d.ts +87 -0
package/dist/delivery/blocklist.d.ts.map +1 -0
package/dist/delivery/blocklist.js +107 -0
package/dist/delivery/blocklist.js.map +1 -0
package/dist/delivery/cancel.d.ts +60 -0
package/dist/delivery/cancel.d.ts.map +1 -0
package/dist/delivery/cancel.js +43 -0
package/dist/delivery/cancel.js.map +1 -0
package/dist/delivery/disposition.d.ts +106 -0
package/dist/delivery/disposition.d.ts.map +1 -0
package/dist/delivery/disposition.js +105 -0
package/dist/delivery/disposition.js.map +1 -0
package/dist/delivery/fetch.d.ts +59 -0
package/dist/delivery/fetch.d.ts.map +1 -0
package/dist/delivery/fetch.js +47 -0
package/dist/delivery/fetch.js.map +1 -0
package/dist/delivery/forwarder.d.ts +106 -0
package/dist/delivery/forwarder.d.ts.map +1 -0
package/dist/delivery/forwarder.js +251 -0
package/dist/delivery/forwarder.js.map +1 -0
package/dist/delivery/inbox.d.ts +42 -0
package/dist/delivery/inbox.d.ts.map +1 -0
package/dist/delivery/inbox.js +68 -0
package/dist/delivery/inbox.js.map +1 -0
package/dist/delivery/index.d.ts +31 -0
package/dist/delivery/index.d.ts.map +1 -0
package/dist/delivery/index.js +31 -0
package/dist/delivery/index.js.map +1 -0
package/dist/delivery/internalroute.d.ts +50 -0
package/dist/delivery/internalroute.d.ts.map +1 -0
package/dist/delivery/internalroute.js +23 -0
package/dist/delivery/internalroute.js.map +1 -0
package/dist/delivery/pipeline.d.ts +153 -0
package/dist/delivery/pipeline.d.ts.map +1 -0
package/dist/delivery/pipeline.js +356 -0
package/dist/delivery/pipeline.js.map +1 -0
package/dist/delivery/policy_state.d.ts +105 -0
package/dist/delivery/policy_state.d.ts.map +1 -0
package/dist/delivery/policy_state.js +293 -0
package/dist/delivery/policy_state.js.map +1 -0
package/dist/delivery/queue.d.ts +47 -0
package/dist/delivery/queue.d.ts.map +1 -0
package/dist/delivery/queue.js +33 -0
package/dist/delivery/queue.js.map +1 -0
package/dist/delivery/receipt.d.ts +137 -0
package/dist/delivery/receipt.d.ts.map +1 -0
package/dist/delivery/receipt.js +181 -0
package/dist/delivery/receipt.js.map +1 -0
package/dist/delivery/receipt_store.d.ts +81 -0
package/dist/delivery/receipt_store.d.ts.map +1 -0
package/dist/delivery/receipt_store.js +74 -0
package/dist/delivery/receipt_store.js.map +1 -0
package/dist/delivery/retry.d.ts +78 -0
package/dist/delivery/retry.d.ts.map +1 -0
package/dist/delivery/retry.js +132 -0
package/dist/delivery/retry.js.map +1 -0
package/dist/delivery/scheduler.d.ts +156 -0
package/dist/delivery/scheduler.d.ts.map +1 -0
package/dist/delivery/scheduler.js +349 -0
package/dist/delivery/scheduler.js.map +1 -0
package/dist/delivery/stage_partition.d.ts +87 -0
package/dist/delivery/stage_partition.d.ts.map +1 -0
package/dist/delivery/stage_partition.js +122 -0
package/dist/delivery/stage_partition.js.map +1 -0
package/dist/delivery/staged_runner.d.ts +100 -0
package/dist/delivery/staged_runner.d.ts.map +1 -0
package/dist/delivery/staged_runner.js +277 -0
package/dist/delivery/staged_runner.js.map +1 -0
package/dist/delivery/submission.d.ts +72 -0
package/dist/delivery/submission.d.ts.map +1 -0
package/dist/delivery/submission.js +58 -0
package/dist/delivery/submission.js.map +1 -0
package/dist/delivery/sync.d.ts +68 -0
package/dist/delivery/sync.d.ts.map +1 -0
package/dist/delivery/sync.js +99 -0
package/dist/delivery/sync.js.map +1 -0
package/dist/delivery/user_policy.d.ts +74 -0
package/dist/delivery/user_policy.d.ts.map +1 -0
package/dist/delivery/user_policy.js +140 -0
package/dist/delivery/user_policy.js.map +1 -0
package/dist/discovery/cache.d.ts +37 -0
package/dist/discovery/cache.d.ts.map +1 -0
package/dist/discovery/cache.js +45 -0
package/dist/discovery/cache.js.map +1 -0
package/dist/discovery/configuration.d.ts +97 -0
package/dist/discovery/configuration.d.ts.map +1 -0
package/dist/discovery/configuration.js +146 -0
package/dist/discovery/configuration.js.map +1 -0
package/dist/discovery/dns.d.ts +56 -0
package/dist/discovery/dns.d.ts.map +1 -0
package/dist/discovery/dns.js +120 -0
package/dist/discovery/dns.js.map +1 -0
package/dist/discovery/domain_keys.d.ts +62 -0
package/dist/discovery/domain_keys.d.ts.map +1 -0
package/dist/discovery/domain_keys.js +89 -0
package/dist/discovery/domain_keys.js.map +1 -0
package/dist/discovery/index.d.ts +19 -0
package/dist/discovery/index.d.ts.map +1 -0
package/dist/discovery/index.js +19 -0
package/dist/discovery/index.js.map +1 -0
package/dist/discovery/lookup.d.ts +72 -0
package/dist/discovery/lookup.d.ts.map +1 -0
package/dist/discovery/lookup.js +121 -0
package/dist/discovery/lookup.js.map +1 -0
package/dist/discovery/onion.d.ts +34 -0
package/dist/discovery/onion.d.ts.map +1 -0
package/dist/discovery/onion.js +61 -0
package/dist/discovery/onion.js.map +1 -0
package/dist/discovery/partition.d.ts +96 -0
package/dist/discovery/partition.d.ts.map +1 -0
package/dist/discovery/partition.js +247 -0
package/dist/discovery/partition.js.map +1 -0
package/dist/discovery/resolver.d.ts +113 -0
package/dist/discovery/resolver.d.ts.map +1 -0
package/dist/discovery/resolver.js +176 -0
package/dist/discovery/resolver.js.map +1 -0
package/dist/discovery/txt.d.ts +39 -0
package/dist/discovery/txt.d.ts.map +1 -0
package/dist/discovery/txt.js +71 -0
package/dist/discovery/txt.js.map +1 -0
package/dist/enclosure/forwarding.d.ts +128 -0
package/dist/enclosure/forwarding.d.ts.map +1 -0
package/dist/enclosure/forwarding.js +119 -0
package/dist/enclosure/forwarding.js.map +1 -0
package/dist/enclosure/index.d.ts +11 -0
package/dist/enclosure/index.d.ts.map +1 -0
package/dist/enclosure/index.js +11 -0
package/dist/enclosure/index.js.map +1 -0
package/dist/envelope/buckets.d.ts +38 -0
package/dist/envelope/buckets.d.ts.map +1 -0
package/dist/envelope/buckets.js +73 -0
package/dist/envelope/buckets.js.map +1 -0
package/dist/envelope/canonical.d.ts +28 -0
package/dist/envelope/canonical.d.ts.map +1 -0
package/dist/envelope/canonical.js +54 -0
package/dist/envelope/canonical.js.map +1 -0
package/dist/envelope/compose.d.ts +171 -0
package/dist/envelope/compose.d.ts.map +1 -0
package/dist/envelope/compose.js +237 -0
package/dist/envelope/compose.js.map +1 -0
package/dist/envelope/encode.d.ts +41 -0
package/dist/envelope/encode.d.ts.map +1 -0
package/dist/envelope/encode.js +69 -0
package/dist/envelope/encode.js.map +1 -0
package/dist/envelope/index.d.ts +20 -0
package/dist/envelope/index.d.ts.map +1 -0
package/dist/envelope/index.js +20 -0
package/dist/envelope/index.js.map +1 -0
package/dist/envelope/open_any.d.ts +48 -0
package/dist/envelope/open_any.d.ts.map +1 -0
package/dist/envelope/open_any.js +81 -0
package/dist/envelope/open_any.js.map +1 -0
package/dist/envelope/open_verified.d.ts +59 -0
package/dist/envelope/open_verified.d.ts.map +1 -0
package/dist/envelope/open_verified.js +67 -0
package/dist/envelope/open_verified.js.map +1 -0
package/dist/envelope/padding.d.ts +55 -0
package/dist/envelope/padding.d.ts.map +1 -0
package/dist/envelope/padding.js +162 -0
package/dist/envelope/padding.js.map +1 -0
package/dist/envelope/rejection.d.ts +22 -0
package/dist/envelope/rejection.d.ts.map +1 -0
package/dist/envelope/rejection.js +30 -0
package/dist/envelope/rejection.js.map +1 -0
package/dist/envelope/sendtime.d.ts +49 -0
package/dist/envelope/sendtime.d.ts.map +1 -0
package/dist/envelope/sendtime.js +87 -0
package/dist/envelope/sendtime.js.map +1 -0
package/dist/envelope/verify.d.ts +29 -0
package/dist/envelope/verify.d.ts.map +1 -0
package/dist/envelope/verify.js +90 -0
package/dist/envelope/verify.js.map +1 -0
package/dist/extensions/index.d.ts +7 -0
package/dist/extensions/index.d.ts.map +1 -0
package/dist/extensions/index.js +7 -0
package/dist/extensions/index.js.map +1 -0
package/dist/extensions/limits.d.ts +101 -0
package/dist/extensions/limits.d.ts.map +1 -0
package/dist/extensions/limits.js +175 -0
package/dist/extensions/limits.js.map +1 -0
package/dist/handshake/abort.d.ts +49 -0
package/dist/handshake/abort.d.ts.map +1 -0
package/dist/handshake/abort.js +82 -0
package/dist/handshake/abort.js.map +1 -0
package/dist/handshake/capabilities.d.ts +46 -0
package/dist/handshake/capabilities.d.ts.map +1 -0
package/dist/handshake/capabilities.js +114 -0
package/dist/handshake/capabilities.js.map +1 -0
package/dist/handshake/client_state.d.ts +186 -0
package/dist/handshake/client_state.d.ts.map +1 -0
package/dist/handshake/client_state.js +520 -0
package/dist/handshake/client_state.js.map +1 -0
package/dist/handshake/confirm.d.ts +21 -0
package/dist/handshake/confirm.d.ts.map +1 -0
package/dist/handshake/confirm.js +27 -0
package/dist/handshake/confirm.js.map +1 -0
package/dist/handshake/driver.d.ts +126 -0
package/dist/handshake/driver.d.ts.map +1 -0
package/dist/handshake/driver.js +251 -0
package/dist/handshake/driver.js.map +1 -0
package/dist/handshake/federation.d.ts +365 -0
package/dist/handshake/federation.d.ts.map +1 -0
package/dist/handshake/federation.js +664 -0
package/dist/handshake/federation.js.map +1 -0
package/dist/handshake/first_contact.d.ts +57 -0
package/dist/handshake/first_contact.d.ts.map +1 -0
package/dist/handshake/first_contact.js +124 -0
package/dist/handshake/first_contact.js.map +1 -0
package/dist/handshake/identity.d.ts +101 -0
package/dist/handshake/identity.d.ts.map +1 -0
package/dist/handshake/identity.js +117 -0
package/dist/handshake/identity.js.map +1 -0
package/dist/handshake/index.d.ts +21 -0
package/dist/handshake/index.d.ts.map +1 -0
package/dist/handshake/index.js +21 -0
package/dist/handshake/index.js.map +1 -0
package/dist/handshake/messages.d.ts +176 -0
package/dist/handshake/messages.d.ts.map +1 -0
package/dist/handshake/messages.js +125 -0
package/dist/handshake/messages.js.map +1 -0
package/dist/handshake/pow.d.ts +53 -0
package/dist/handshake/pow.d.ts.map +1 -0
package/dist/handshake/pow.js +142 -0
package/dist/handshake/pow.js.map +1 -0
package/dist/handshake/resume_driver.d.ts +56 -0
package/dist/handshake/resume_driver.d.ts.map +1 -0
package/dist/handshake/resume_driver.js +75 -0
package/dist/handshake/resume_driver.js.map +1 -0
package/dist/handshake/server.d.ts +112 -0
package/dist/handshake/server.d.ts.map +1 -0
package/dist/handshake/server.js +247 -0
package/dist/handshake/server.js.map +1 -0
package/dist/handshake/server_state.d.ts +102 -0
package/dist/handshake/server_state.d.ts.map +1 -0
package/dist/handshake/server_state.js +278 -0
package/dist/handshake/server_state.js.map +1 -0
package/dist/index.d.ts +33 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +33 -0
package/dist/index.js.map +1 -0
package/dist/keys/compromise.d.ts +118 -0
package/dist/keys/compromise.d.ts.map +1 -0
package/dist/keys/compromise.js +218 -0
package/dist/keys/compromise.js.map +1 -0
package/dist/keys/device_certificate.d.ts +166 -0
package/dist/keys/device_certificate.d.ts.map +1 -0
package/dist/keys/device_certificate.js +328 -0
package/dist/keys/device_certificate.js.map +1 -0
package/dist/keys/device_records.d.ts +175 -0
package/dist/keys/device_records.d.ts.map +1 -0
package/dist/keys/device_records.js +418 -0
package/dist/keys/device_records.js.map +1 -0
package/dist/keys/directory_cache.d.ts +64 -0
package/dist/keys/directory_cache.d.ts.map +1 -0
package/dist/keys/directory_cache.js +98 -0
package/dist/keys/directory_cache.js.map +1 -0
package/dist/keys/directory_state.d.ts +79 -0
package/dist/keys/directory_state.d.ts.map +1 -0
package/dist/keys/directory_state.js +155 -0
package/dist/keys/directory_state.js.map +1 -0
package/dist/keys/index.d.ts +18 -0
package/dist/keys/index.d.ts.map +1 -0
package/dist/keys/index.js +18 -0
package/dist/keys/index.js.map +1 -0
package/dist/keys/key_revocation.d.ts +61 -0
package/dist/keys/key_revocation.d.ts.map +1 -0
package/dist/keys/key_revocation.js +88 -0
package/dist/keys/key_revocation.js.map +1 -0
package/dist/keys/request.d.ts +124 -0
package/dist/keys/request.d.ts.map +1 -0
package/dist/keys/request.js +130 -0
package/dist/keys/request.js.map +1 -0
package/dist/keys/sign.d.ts +49 -0
package/dist/keys/sign.d.ts.map +1 -0
package/dist/keys/sign.js +80 -0
package/dist/keys/sign.js.map +1 -0
package/dist/keys/signed.d.ts +80 -0
package/dist/keys/signed.d.ts.map +1 -0
package/dist/keys/signed.js +138 -0
package/dist/keys/signed.js.map +1 -0
package/dist/keys/store.d.ts +138 -0
package/dist/keys/store.d.ts.map +1 -0
package/dist/keys/store.js +107 -0
package/dist/keys/store.js.map +1 -0
package/dist/largeattachment/crypto.d.ts +47 -0
package/dist/largeattachment/crypto.d.ts.map +1 -0
package/dist/largeattachment/crypto.js +235 -0
package/dist/largeattachment/crypto.js.map +1 -0
package/dist/largeattachment/enclosure.d.ts +48 -0
package/dist/largeattachment/enclosure.d.ts.map +1 -0
package/dist/largeattachment/enclosure.js +102 -0
package/dist/largeattachment/enclosure.js.map +1 -0
package/dist/largeattachment/index.d.ts +15 -0
package/dist/largeattachment/index.d.ts.map +1 -0
package/dist/largeattachment/index.js +15 -0
package/dist/largeattachment/index.js.map +1 -0
package/dist/largeattachment/store.d.ts +36 -0
package/dist/largeattachment/store.d.ts.map +1 -0
package/dist/largeattachment/store.js +37 -0
package/dist/largeattachment/store.js.map +1 -0
package/dist/largeattachment/types.d.ts +56 -0
package/dist/largeattachment/types.d.ts.map +1 -0
package/dist/largeattachment/types.js +31 -0
package/dist/largeattachment/types.js.map +1 -0
package/dist/largeattachment/upload.d.ts +62 -0
package/dist/largeattachment/upload.d.ts.map +1 -0
package/dist/largeattachment/upload.js +166 -0
package/dist/largeattachment/upload.js.map +1 -0
package/dist/migration/index.d.ts +17 -0
package/dist/migration/index.d.ts.map +1 -0
package/dist/migration/index.js +17 -0
package/dist/migration/index.js.map +1 -0
package/dist/migration/lockout.d.ts +48 -0
package/dist/migration/lockout.d.ts.map +1 -0
package/dist/migration/lockout.js +57 -0
package/dist/migration/lockout.js.map +1 -0
package/dist/migration/migration.d.ts +48 -0
package/dist/migration/migration.d.ts.map +1 -0
package/dist/migration/migration.js +58 -0
package/dist/migration/migration.js.map +1 -0
package/dist/migration/notice.d.ts +33 -0
package/dist/migration/notice.d.ts.map +1 -0
package/dist/migration/notice.js +85 -0
package/dist/migration/notice.js.map +1 -0
package/dist/migration/orchestrate.d.ts +109 -0
package/dist/migration/orchestrate.d.ts.map +1 -0
package/dist/migration/orchestrate.js +212 -0
package/dist/migration/orchestrate.js.map +1 -0
package/dist/migration/publication_store.d.ts +34 -0
package/dist/migration/publication_store.d.ts.map +1 -0
package/dist/migration/publication_store.js +44 -0
package/dist/migration/publication_store.js.map +1 -0
package/dist/migration/sign.d.ts +65 -0
package/dist/migration/sign.d.ts.map +1 -0
package/dist/migration/sign.js +331 -0
package/dist/migration/sign.js.map +1 -0
package/dist/migration/types.d.ts +92 -0
package/dist/migration/types.d.ts.map +1 -0
package/dist/migration/types.js +26 -0
package/dist/migration/types.js.map +1 -0
package/dist/reasoncodes.d.ts +42 -0
package/dist/reasoncodes.d.ts.map +1 -0
package/dist/reasoncodes.js +80 -0
package/dist/reasoncodes.js.map +1 -0
package/dist/recovery/bundle.d.ts +34 -0
package/dist/recovery/bundle.d.ts.map +1 -0
package/dist/recovery/bundle.js +144 -0
package/dist/recovery/bundle.js.map +1 -0
package/dist/recovery/bundle_crypto.d.ts +60 -0
package/dist/recovery/bundle_crypto.d.ts.map +1 -0
package/dist/recovery/bundle_crypto.js +179 -0
package/dist/recovery/bundle_crypto.js.map +1 -0
package/dist/recovery/bundle_store.d.ts +57 -0
package/dist/recovery/bundle_store.d.ts.map +1 -0
package/dist/recovery/bundle_store.js +104 -0
package/dist/recovery/bundle_store.js.map +1 -0
package/dist/recovery/index.d.ts +19 -0
package/dist/recovery/index.d.ts.map +1 -0
package/dist/recovery/index.js +19 -0
package/dist/recovery/index.js.map +1 -0
package/dist/recovery/manifest_crosscheck.d.ts +59 -0
package/dist/recovery/manifest_crosscheck.d.ts.map +1 -0
package/dist/recovery/manifest_crosscheck.js +59 -0
package/dist/recovery/manifest_crosscheck.js.map +1 -0
package/dist/recovery/shamir.d.ts +51 -0
package/dist/recovery/shamir.d.ts.map +1 -0
package/dist/recovery/shamir.js +181 -0
package/dist/recovery/shamir.js.map +1 -0
package/dist/recovery/sign.d.ts +61 -0
package/dist/recovery/sign.d.ts.map +1 -0
package/dist/recovery/sign.js +359 -0
package/dist/recovery/sign.js.map +1 -0
package/dist/recovery/types.d.ts +180 -0
package/dist/recovery/types.d.ts.map +1 -0
package/dist/recovery/types.js +31 -0
package/dist/recovery/types.js.map +1 -0
package/dist/reputation/abuse_report.d.ts +62 -0
package/dist/reputation/abuse_report.d.ts.map +1 -0
package/dist/reputation/abuse_report.js +111 -0
package/dist/reputation/abuse_report.js.map +1 -0
package/dist/reputation/bucketize.d.ts +31 -0
package/dist/reputation/bucketize.d.ts.map +1 -0
package/dist/reputation/bucketize.js +77 -0
package/dist/reputation/bucketize.js.map +1 -0
package/dist/reputation/gossip.d.ts +24 -0
package/dist/reputation/gossip.d.ts.map +1 -0
package/dist/reputation/gossip.js +64 -0
package/dist/reputation/gossip.js.map +1 -0
package/dist/reputation/gossip_fetch.d.ts +64 -0
package/dist/reputation/gossip_fetch.d.ts.map +1 -0
package/dist/reputation/gossip_fetch.js +114 -0
package/dist/reputation/gossip_fetch.js.map +1 -0
package/dist/reputation/index.d.ts +20 -0
package/dist/reputation/index.d.ts.map +1 -0
package/dist/reputation/index.js +20 -0
package/dist/reputation/index.js.map +1 -0
package/dist/reputation/observation_store.d.ts +67 -0
package/dist/reputation/observation_store.d.ts.map +1 -0
package/dist/reputation/observation_store.js +171 -0
package/dist/reputation/observation_store.js.map +1 -0
package/dist/reputation/pow.d.ts +91 -0
package/dist/reputation/pow.d.ts.map +1 -0
package/dist/reputation/pow.js +209 -0
package/dist/reputation/pow.js.map +1 -0
package/dist/reputation/sign.d.ts +40 -0
package/dist/reputation/sign.d.ts.map +1 -0
package/dist/reputation/sign.js +202 -0
package/dist/reputation/sign.js.map +1 -0
package/dist/reputation/types.d.ts +133 -0
package/dist/reputation/types.d.ts.map +1 -0
package/dist/reputation/types.js +33 -0
package/dist/reputation/types.js.map +1 -0
package/dist/reputation/whois.d.ts +25 -0
package/dist/reputation/whois.d.ts.map +1 -0
package/dist/reputation/whois.js +20 -0
package/dist/reputation/whois.js.map +1 -0
package/dist/seal/index.d.ts +8 -0
package/dist/seal/index.d.ts.map +1 -0
package/dist/seal/index.js +8 -0
package/dist/seal/index.js.map +1 -0
package/dist/seal/wrap.d.ts +74 -0
package/dist/seal/wrap.d.ts.map +1 -0
package/dist/seal/wrap.js +213 -0
package/dist/seal/wrap.js.map +1 -0
package/dist/session/dispatcher.d.ts +65 -0
package/dist/session/dispatcher.d.ts.map +1 -0
package/dist/session/dispatcher.js +96 -0
package/dist/session/dispatcher.js.map +1 -0
package/dist/session/index.d.ts +15 -0
package/dist/session/index.d.ts.map +1 -0
package/dist/session/index.js +15 -0
package/dist/session/index.js.map +1 -0
package/dist/session/rekey.d.ts +108 -0
package/dist/session/rekey.d.ts.map +1 -0
package/dist/session/rekey.js +207 -0
package/dist/session/rekey.js.map +1 -0
package/dist/session/rekey_seal.d.ts +66 -0
package/dist/session/rekey_seal.d.ts.map +1 -0
package/dist/session/rekey_seal.js +153 -0
package/dist/session/rekey_seal.js.map +1 -0
package/dist/session/resume.d.ts +125 -0
package/dist/session/resume.d.ts.map +1 -0
package/dist/session/resume.js +263 -0
package/dist/session/resume.js.map +1 -0
package/dist/session/session.d.ts +136 -0
package/dist/session/session.d.ts.map +1 -0
package/dist/session/session.js +188 -0
package/dist/session/session.js.map +1 -0
package/dist/transparency/index.d.ts +13 -0
package/dist/transparency/index.d.ts.map +1 -0
package/dist/transparency/index.js +13 -0
package/dist/transparency/index.js.map +1 -0
package/dist/transparency/log.d.ts +61 -0
package/dist/transparency/log.d.ts.map +1 -0
package/dist/transparency/log.js +133 -0
package/dist/transparency/log.js.map +1 -0
package/dist/transparency/merkle.d.ts +59 -0
package/dist/transparency/merkle.d.ts.map +1 -0
package/dist/transparency/merkle.js +314 -0
package/dist/transparency/merkle.js.map +1 -0
package/dist/transparency/sign.d.ts +48 -0
package/dist/transparency/sign.d.ts.map +1 -0
package/dist/transparency/sign.js +140 -0
package/dist/transparency/sign.js.map +1 -0
package/dist/transparency/types.d.ts +97 -0
package/dist/transparency/types.d.ts.map +1 -0
package/dist/transparency/types.js +25 -0
package/dist/transparency/types.js.map +1 -0
package/dist/transport/h2.d.ts +163 -0
package/dist/transport/h2.d.ts.map +1 -0
package/dist/transport/h2.js +397 -0
package/dist/transport/h2.js.map +1 -0
package/dist/transport/index.d.ts +15 -0
package/dist/transport/index.d.ts.map +1 -0
package/dist/transport/index.js +15 -0
package/dist/transport/index.js.map +1 -0
package/dist/transport/memory.d.ts +21 -0
package/dist/transport/memory.d.ts.map +1 -0
package/dist/transport/memory.js +112 -0
package/dist/transport/memory.js.map +1 -0
package/dist/transport/transport.d.ts +54 -0
package/dist/transport/transport.d.ts.map +1 -0
package/dist/transport/transport.js +20 -0
package/dist/transport/transport.js.map +1 -0
package/dist/transport/ws.d.ts +40 -0
package/dist/transport/ws.d.ts.map +1 -0
package/dist/transport/ws.js +204 -0
package/dist/transport/ws.js.map +1 -0
package/package.json +147 -0

package/dist/handshake/client_state.js ADDED Viewed

@@ -0,0 +1,520 @@
+/**
+ * Stateful handshake client per HANDSHAKE.md §2.
+ *
+ * Mirror of `semp-go/handshake.Client`: a state machine the caller
+ * drives over a transport. The class never performs network I/O
+ * directly — the caller moves bytes between this object and the
+ * underlying transport.
+ *
+ * Lifecycle:
+ *
+ * ```ts
+ * const c = new HandshakeClient({ ... });
+ * const initBytes = c.init();
+ * await transport.send(initBytes);
+ *
+ * // optional challenge interstitial:
+ * const m = await transport.receive();
+ * if (peekStep(m) === "challenge") {
+ *   const sol = await c.onChallenge(m);
+ *   await transport.send(sol);
+ *   m = await transport.receive();
+ * }
+ *
+ * const confirmBytes = c.onResponse(m);
+ * await transport.send(confirmBytes);
+ *
+ * const accepted = await transport.receive();
+ * c.onAccepted(accepted);
+ * // c.session() now usable
+ * ```
+ *
+ * Resume flow uses {@link HandshakeClient.resume} +
+ * {@link HandshakeClient.onResumeAccepted}; see
+ * {@link "./resume_driver"}.
+ *
+ * The high-level {@link "./driver".runClient} wraps this state
+ * machine with the transport plumbing for callers who don't want
+ * to manage step ordering manually.
+ *
+ * @module
+ */
+import { marshal as canonicalMarshal } from "../canonical/index.js";
+import { deriveSessionKeysWithResumption, newHKDFSHA512, x25519Agree, x25519PublicKey, } from "../crypto/index.js";
+import { fingerprint, verify as ed25519Verify } from "../keys/index.js";
+import { sha256 } from "@noble/hashes/sha2.js";
+import { ChallengeInvalidError } from "./abort.js";
+import { confirmationHash } from "./confirm.js";
+import { HandshakeRejectedError } from "./driver.js";
+import { composeIdentityProof } from "./identity.js";
+import { HandshakePrefix, buildConfirm, buildInit, } from "./messages.js";
+import { MaxPoWDifficulty, leadingZeroBits } from "./pow.js";
+/** Max difficulty before the client aborts with `challenge_invalid`. */
+const POW_HARDCAP = MaxPoWDifficulty;
+// Re-export the canonical rejection error for the stateful path.
+export { HandshakeRejectedError };
+/**
+ * Stateful handshake client. One instance handles exactly one
+ * handshake — discard after success or error. Re-using an instance
+ * is a programming error (the state machine is single-shot).
+ */
+export class HandshakeClient {
+    // Constructor inputs.
+    suite;
+    serverDomainPub;
+    capabilities;
+    transportId;
+    identity;
+    // Init-time state.
+    nonce = null;
+    ephPriv = null;
+    ephPub = null;
+    initCanonical = null;
+    // Response-time state (carried into onAccepted).
+    sessionId = "";
+    sessionKeys = null;
+    serverIdProofKeyId = "";
+    serverIdProofSignature = "";
+    // Resume state (HANDSHAKE.md §2.8).
+    resumptionSecret = null;
+    resumeNonce = null;
+    /** Final session — populated by {@link onAccepted}. */
+    finalSession = null;
+    constructor(cfg) {
+        if (cfg.suite !== "x25519-chacha20-poly1305") {
+            throw new Error(`handshake: client only supports baseline suite, got ${cfg.suite}`);
+        }
+        if (cfg.serverDomainPub.length === 0) {
+            throw new Error("handshake: empty server domain pub");
+        }
+        if (cfg.transport === "") {
+            throw new Error("handshake: empty transport identifier");
+        }
+        this.suite = cfg.suite;
+        this.serverDomainPub = cfg.serverDomainPub;
+        this.capabilities = cfg.capabilities;
+        this.transportId = cfg.transport;
+        this.identity = cfg.identity;
+        if (cfg.clientEphemeralPriv !== undefined) {
+            this.ephPriv = cfg.clientEphemeralPriv;
+        }
+        if (cfg.clientNonce !== undefined) {
+            this.nonce = cfg.clientNonce;
+        }
+    }
+    /**
+     * Build INIT bytes (HANDSHAKE.md §2.2). Generates a fresh nonce
+     * and ephemeral keypair if not pre-pinned. Returns canonical
+     * bytes ready to send.
+     */
+    init() {
+        if (this.initCanonical !== null) {
+            throw new Error("handshake: init already called");
+        }
+        if (this.ephPriv === null) {
+            this.ephPriv = randomBytes(32);
+        }
+        this.ephPub = x25519PublicKey(this.ephPriv);
+        if (this.nonce === null) {
+            this.nonce = randomBytes(32);
+        }
+        const ephKeyId = fingerprint(this.ephPub);
+        const init = buildInit({
+            nonce: base64Encode(this.nonce),
+            transport: this.transportId,
+            clientEphemeralKey: {
+                algorithm: this.suite,
+                key: base64Encode(this.ephPub),
+                key_id: ephKeyId,
+            },
+            capabilities: this.capabilities,
+        });
+        this.initCanonical = canonicalMarshal(init);
+        return this.initCanonical;
+    }
+    /**
+     * Process a `step="challenge"` message and produce
+     * `step="challenge_response"` bytes per HANDSHAKE.md §2.2a.
+     *
+     * Throws {@link ChallengeInvalidError} when the difficulty
+     * exceeds the protocol cap or the challenge has already
+     * expired — the caller follows up with a §2.2a.6 client abort.
+     */
+    async onChallenge(data) {
+        if (this.initCanonical === null) {
+            throw new Error("handshake: onChallenge before init");
+        }
+        const text = new TextDecoder().decode(data);
+        const m = JSON.parse(text);
+        if (m.type !== "SEMP_HANDSHAKE" || m.step !== "challenge") {
+            throw new Error("handshake: challenge type/step mismatch");
+        }
+        if (m.challenge_type !== "proof_of_work") {
+            throw new Error(`handshake: unsupported challenge type ${JSON.stringify(m.challenge_type)}`);
+        }
+        // Verify server signature on the challenge first.
+        if (typeof m.server_signature !== "string" || m.server_signature === "") {
+            throw new Error("handshake: challenge missing server_signature");
+        }
+        const sigB64 = m.server_signature;
+        const stripped = JSON.parse(text);
+        stripped.server_signature = "";
+        const canonical = canonicalMarshal(stripped);
+        const signingInput = concat(new TextEncoder().encode(HandshakePrefix), canonical);
+        if (!ed25519Verify(this.serverDomainPub, base64Decode(sigB64), signingInput)) {
+            throw new Error("handshake: challenge server_signature did not verify");
+        }
+        const params = m.parameters ?? {};
+        if (params.algorithm !== "argon2id-pow") {
+            throw new Error(`handshake: unsupported PoW algorithm ${JSON.stringify(params.algorithm)}`);
+        }
+        const difficulty = params.difficulty ?? 0;
+        if (difficulty > POW_HARDCAP) {
+            throw new ChallengeInvalidError(`difficulty ${difficulty} exceeds protocol cap ${POW_HARDCAP}`);
+        }
+        if (typeof m.expires === "string" && m.expires !== "") {
+            const ms = Date.parse(m.expires);
+            if (!Number.isNaN(ms) && Date.now() >= ms) {
+                throw new ChallengeInvalidError(`challenge already expired: ${m.expires}`);
+            }
+        }
+        const prefix = base64Decode(params.prefix ?? "");
+        const solution = await solvePoW(prefix, m.challenge_id ?? "", difficulty);
+        const out = {
+            type: "SEMP_HANDSHAKE",
+            step: "challenge_response",
+            party: "client",
+            version: "1.0.0",
+            challenge_id: m.challenge_id,
+            challenge_type: "proof_of_work",
+            solution: { nonce: solution.nonceB64, hash: solution.hashHex },
+        };
+        return canonicalMarshal(out);
+    }
+    /**
+     * Process the server's RESPONSE, derive session keys, and produce
+     * CONFIRM bytes per §2.3 — §2.5. The ephemeral private key is
+     * zeroed before return.
+     */
+    onResponse(data) {
+        if (this.initCanonical === null) {
+            throw new Error("handshake: onResponse before init");
+        }
+        if (this.ephPriv === null || this.nonce === null) {
+            throw new Error("handshake: ephemeral state missing");
+        }
+        const text = new TextDecoder().decode(data);
+        const m = JSON.parse(text);
+        if (m["step"] === "rejected") {
+            const rej = m;
+            throw new HandshakeRejectedError(rej.session_id, rej.reason_code, rej.reason);
+        }
+        if (m.type !== "SEMP_HANDSHAKE" || m.step !== "response") {
+            throw new Error(`handshake: response type/step mismatch (${m.type ?? "?"}/${m.step ?? "?"})`);
+        }
+        const resp = m;
+        if (resp.client_nonce !== base64Encode(this.nonce)) {
+            throw new Error("handshake: response client_nonce mismatch");
+        }
+        // Verify server signature.
+        verifyServerSignature(resp, "server_signature", this.serverDomainPub);
+        const serverEphPub = base64Decode(resp.server_ephemeral_key.key);
+        const serverNonce = base64Decode(resp.server_nonce);
+        const shared = x25519Agree(this.ephPriv, serverEphPub);
+        const kdf = newHKDFSHA512();
+        const keys = deriveSessionKeysWithResumption(kdf, shared, this.nonce, serverNonce);
+        // Erase ephemeral private once shared secret is in hand.
+        this.ephPriv.fill(0);
+        this.ephPriv = null;
+        const respCanonical = canonicalMarshal(resp);
+        const ch = confirmationHash(this.initCanonical, respCanonical);
+        let identityProofB64 = "";
+        if (this.identity !== undefined) {
+            identityProofB64 = composeIdentityProof({
+                clientId: this.identity.clientId,
+                clientIdentity: this.identity.clientIdentity,
+                clientLongTermSeed: this.identity.longTermSeed,
+                clientLongTermKeyId: this.identity.longTermKeyId,
+                sessionId: resp.session_id,
+                confirmationHash: ch,
+                encC2S: keys.encC2S,
+                ...(this.identity.proofNonce !== undefined
+                    ? { proofNonce: this.identity.proofNonce }
+                    : {}),
+            }).identityProofB64;
+        }
+        const confirm = buildConfirm({
+            sessionId: resp.session_id,
+            confirmationHashB64: base64Encode(ch),
+            identityProofB64,
+        });
+        this.sessionId = resp.session_id;
+        this.sessionKeys = keys;
+        this.serverIdProofKeyId = resp.server_identity_proof.key_id;
+        this.serverIdProofSignature = resp.server_identity_proof.signature;
+        return canonicalMarshal(confirm);
+    }
+    /**
+     * Process the server's ACCEPTED and finalize the session record
+     * exposed by {@link session}.
+     *
+     * Throws {@link HandshakeRejectedError} if the server sent
+     * a REJECTED instead.
+     */
+    onAccepted(data) {
+        if (this.sessionKeys === null) {
+            throw new Error("handshake: onAccepted before onResponse");
+        }
+        const text = new TextDecoder().decode(data);
+        const m = JSON.parse(text);
+        if (m["step"] === "rejected") {
+            const rej = m;
+            throw new HandshakeRejectedError(rej.session_id, rej.reason_code, rej.reason);
+        }
+        if (m["type"] !== "SEMP_HANDSHAKE" || m["step"] !== "accepted") {
+            throw new Error(`handshake: accepted type/step mismatch (${String(m["type"] ?? "?")}/${String(m["step"] ?? "?")})`);
+        }
+        const acc = m;
+        if (acc.session_id !== this.sessionId) {
+            throw new Error("handshake: accepted session_id mismatch");
+        }
+        verifyServerSignature(acc, "server_signature", this.serverDomainPub);
+        const ttl = acc.session_ttl > 0 ? acc.session_ttl : 300;
+        this.finalSession = {
+            sessionId: acc.session_id,
+            sessionTTL: ttl,
+            permissions: acc.permissions,
+            keys: this.sessionKeys,
+            serverIdentityProofKeyId: this.serverIdProofKeyId,
+            serverIdentityProofSignature: this.serverIdProofSignature,
+            extensions: acc.extensions,
+            ...(acc.resumption_ticket !== undefined
+                ? { resumptionTicket: acc.resumption_ticket }
+                : {}),
+        };
+    }
+    /**
+     * Decode a `step="rejected"` message into a typed error. Use when
+     * the caller wants to surface a rejection without needing to
+     * dispatch via `onResponse` / `onAccepted` first.
+     */
+    onRejected(data) {
+        const text = new TextDecoder().decode(data);
+        const m = JSON.parse(text);
+        if (m.type !== "SEMP_HANDSHAKE" || m.step !== "rejected") {
+            throw new Error("handshake: rejected type/step mismatch");
+        }
+        const rej = m;
+        return new HandshakeRejectedError(rej.session_id, rej.reason_code, rej.reason);
+    }
+    /**
+     * Build a `step="resume"` message for HANDSHAKE.md §2.8.2 session
+     * resumption.
+     *
+     * `ticket` is the opaque value stored by the caller from a prior
+     * `accepted.resumption_ticket.value`. The returned bytes are sent
+     * on the new transport; the server replies with ACCEPTED (handle
+     * via {@link onResumeAccepted}) or REJECTED.
+     *
+     * The caller MUST also have the prior session's `K_resumption`
+     * loaded via {@link loadResumptionSecret} before this call so the
+     * resumed session keys can be derived.
+     */
+    resume(ticket) {
+        if (this.resumptionSecret === null) {
+            throw new Error("handshake: resume before loadResumptionSecret");
+        }
+        if (ticket === "") {
+            throw new Error("handshake: empty resumption ticket");
+        }
+        if (this.resumeNonce === null) {
+            this.resumeNonce = randomBytes(32);
+        }
+        const out = {
+            type: "SEMP_HANDSHAKE",
+            step: "resume",
+            party: "client",
+            version: "1.0.0",
+            ticket,
+            client_nonce: base64Encode(this.resumeNonce),
+            capabilities: this.capabilities,
+            extensions: {},
+        };
+        return canonicalMarshal(out);
+    }
+    /**
+     * Process a server ACCEPTED in response to {@link resume} and
+     * derive resumed session keys per §2.8.3. Returns the new
+     * resumption ticket the server issued for chaining.
+     */
+    onResumeAccepted(data) {
+        if (this.resumptionSecret === null || this.resumeNonce === null) {
+            throw new Error("handshake: onResumeAccepted before resume");
+        }
+        const text = new TextDecoder().decode(data);
+        const m = JSON.parse(text);
+        if (m["step"] === "rejected") {
+            const rej = m;
+            throw new HandshakeRejectedError(rej.session_id, rej.reason_code, rej.reason);
+        }
+        if (m["type"] !== "SEMP_HANDSHAKE" || m["step"] !== "accepted") {
+            throw new Error("handshake: resume accepted type/step mismatch");
+        }
+        const acc = m;
+        verifyServerSignature(acc, "server_signature", this.serverDomainPub);
+        if (typeof acc.server_nonce !== "string" || acc.server_nonce === "") {
+            throw new Error("handshake: resume accepted missing server_nonce");
+        }
+        const serverNonce = base64Decode(acc.server_nonce);
+        const kdf = newHKDFSHA512();
+        // Derive resumed keys with K_resumption mixed into IKM
+        // per §2.8.3.
+        const ikm = concat(this.resumptionSecret, new Uint8Array());
+        const keys = deriveSessionKeysWithResumption(kdf, ikm, this.resumeNonce, serverNonce);
+        // Zeroize prior resumption secret.
+        this.resumptionSecret.fill(0);
+        this.resumptionSecret = null;
+        const ttl = acc.session_ttl > 0 ? acc.session_ttl : 300;
+        const sess = {
+            sessionId: acc.session_id,
+            sessionTTL: ttl,
+            permissions: acc.permissions,
+            keys,
+            serverIdentityProofKeyId: "",
+            serverIdentityProofSignature: "",
+            extensions: acc.extensions,
+            ...(acc.resumption_ticket !== undefined
+                ? { resumptionTicket: acc.resumption_ticket }
+                : {}),
+        };
+        this.finalSession = sess;
+        return {
+            session: sess,
+            newTicket: acc.resumption_ticket?.value,
+        };
+    }
+    /**
+     * Load the prior session's `K_resumption` before calling
+     * {@link resume}. The key is mixed into the resumed-session HKDF
+     * input keying material per §2.8.3 and zeroized after use.
+     */
+    loadResumptionSecret(secret) {
+        if (secret.length === 0) {
+            throw new Error("handshake: empty resumption secret");
+        }
+        this.resumptionSecret = secret.slice();
+    }
+    /** Final session, populated by {@link onAccepted} or {@link onResumeAccepted}. */
+    session() {
+        if (this.finalSession === null) {
+            throw new Error("handshake: session not yet established (call onAccepted first)");
+        }
+        return this.finalSession;
+    }
+    /**
+     * Wipe in-memory secret state. Idempotent. Call when abandoning a
+     * partial handshake.
+     */
+    erase() {
+        if (this.ephPriv !== null) {
+            this.ephPriv.fill(0);
+            this.ephPriv = null;
+        }
+        if (this.resumptionSecret !== null) {
+            this.resumptionSecret.fill(0);
+            this.resumptionSecret = null;
+        }
+        this.sessionKeys = null;
+    }
+}
+/**
+ * Solve a §2.2a Argon2id-PoW challenge by linear nonce search until
+ * the leading-zero-bit count of `firstContactDigest(prefix, nonce)`
+ * meets `difficulty`.
+ *
+ * Implementation note: the canonical SEMP PoW uses Argon2id over
+ * `prefix || challenge_id || nonce`; for the v1 baseline driver and
+ * tests we use the simpler `firstContactDigest` which returns SHA-256
+ * over the same fields (matches what the verifier checks for the
+ * v1 challenge spec). Production deployments override this in the
+ * caller-supplied solver.
+ */
+async function solvePoW(prefix, challengeId, difficulty) {
+    // Preimage shape per pow.verifyChallengeSolution:
+    //   base64(prefix) || ":" || challenge_id || ":" || base64(nonce)
+    const enc = new TextEncoder();
+    const prefixB64 = base64Encode(prefix);
+    let counter = 0n;
+    while (true) {
+        const nonce = bigUintToBytes(counter, 16);
+        const nonceB64 = base64Encode(nonce);
+        const sum = sha256(enc.encode(`${prefixB64}:${challengeId}:${nonceB64}`));
+        if (leadingZeroBits(sum) >= difficulty) {
+            return { nonceB64, hashHex: bytesToHex(sum) };
+        }
+        counter += 1n;
+        // Yield to the event loop occasionally so this doesn't block.
+        if (counter % 1000n === 0n) {
+            await new Promise((r) => setTimeout(r, 0));
+        }
+    }
+}
+function bigUintToBytes(n, size) {
+    const out = new Uint8Array(size);
+    let v = n;
+    for (let i = size - 1; i >= 0; i--) {
+        out[i] = Number(v & 0xffn);
+        v >>= 8n;
+    }
+    return out;
+}
+function bytesToHex(b) {
+    return Array.from(b, (x) => x.toString(16).padStart(2, "0")).join("");
+}
+function verifyServerSignature(message, signatureField, serverDomainPub) {
+    const sigB64 = message[signatureField];
+    if (typeof sigB64 !== "string" || sigB64 === "") {
+        throw new Error(`handshake: ${signatureField} missing or empty`);
+    }
+    const clone = JSON.parse(JSON.stringify(message));
+    clone[signatureField] = "";
+    const canonical = canonicalMarshal(clone);
+    const signingInput = concat(new TextEncoder().encode(HandshakePrefix), canonical);
+    const sig = base64Decode(sigB64);
+    if (!ed25519Verify(serverDomainPub, sig, signingInput)) {
+        throw new Error(`handshake: ${signatureField} did not verify under server domain key`);
+    }
+}
+function randomBytes(n) {
+    const out = new Uint8Array(n);
+    globalThis.crypto.getRandomValues(out);
+    return out;
+}
+function concat(a, b) {
+    const out = new Uint8Array(a.length + b.length);
+    out.set(a, 0);
+    out.set(b, a.length);
+    return out;
+}
+function base64Encode(b) {
+    if (typeof Buffer !== "undefined") {
+        return Buffer.from(b).toString("base64");
+    }
+    let bin = "";
+    for (let i = 0; i < b.length; i++) {
+        bin += String.fromCharCode(b[i] ?? 0);
+    }
+    return btoa(bin);
+}
+function base64Decode(s) {
+    if (typeof Buffer !== "undefined") {
+        return new Uint8Array(Buffer.from(s, "base64"));
+    }
+    const bin = atob(s);
+    const out = new Uint8Array(bin.length);
+    for (let i = 0; i < bin.length; i++) {
+        out[i] = bin.charCodeAt(i);
+    }
+    return out;
+}
+//# sourceMappingURL=client_state.js.map

package/dist/handshake/client_state.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"client_state.js","sourceRoot":"","sources":["../../src/handshake/client_state.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAwCG;AAEH,OAAO,EAAE,OAAO,IAAI,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AACpE,OAAO,EAEL,+BAA+B,EAC/B,aAAa,EACb,WAAW,EACX,eAAe,GAChB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAAE,WAAW,EAAE,MAAM,IAAI,aAAa,EAAE,MAAM,kBAAkB,CAAC;AAExE,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAE/C,OAAO,EAAE,qBAAqB,EAAE,MAAM,YAAY,CAAC;AACnD,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,EAAE,sBAAsB,EAAE,MAAM,aAAa,CAAC;AACrD,OAAO,EAAE,oBAAoB,EAAE,MAAM,eAAe,CAAC;AACrD,OAAO,EAOL,eAAe,EACf,YAAY,EACZ,SAAS,GACV,MAAM,eAAe,CAAC;AACvB,OAAO,EAAE,gBAAgB,EAAE,eAAe,EAAE,MAAM,UAAU,CAAC;AAE7D,wEAAwE;AACxE,MAAM,WAAW,GAAG,gBAAgB,CAAC;AA6CrC,iEAAiE;AACjE,OAAO,EAAE,sBAAsB,EAAE,CAAC;AAElC;;;;GAIG;AACH,MAAM,OAAO,eAAe;IAC1B,sBAAsB;IACL,KAAK,CAA6B;IAClC,eAAe,CAAa;IAC5B,YAAY,CAAe;IAC3B,WAAW,CAAS;IACpB,QAAQ,CAAoC;IAE7D,mBAAmB;IACX,KAAK,GAAsB,IAAI,CAAC;IAChC,OAAO,GAAsB,IAAI,CAAC;IAClC,MAAM,GAAsB,IAAI,CAAC;IACjC,aAAa,GAAsB,IAAI,CAAC;IAEhD,iDAAiD;IACzC,SAAS,GAAG,EAAE,CAAC;IACf,WAAW,GAAuB,IAAI,CAAC;IACvC,kBAAkB,GAAG,EAAE,CAAC;IACxB,sBAAsB,GAAG,EAAE,CAAC;IAEpC,oCAAoC;IAC5B,gBAAgB,GAAsB,IAAI,CAAC;IAC3C,WAAW,GAAsB,IAAI,CAAC;IAE9C,uDAAuD;IAC/C,YAAY,GAAkC,IAAI,CAAC;IAE3D,YAAY,GAA0B;QACpC,IAAI,GAAG,CAAC,KAAK,KAAK,0BAA0B,EAAE,CAAC;YAC7C,MAAM,IAAI,KAAK,CACb,uDAAuD,GAAG,CAAC,KAAK,EAAE,CACnE,CAAC;QACJ,CAAC;QACD,IAAI,GAAG,CAAC,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACrC,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;QACxD,CAAC;QACD,IAAI,GAAG,CAAC,SAAS,KAAK,EAAE,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;QAC3D,CAAC;QACD,IAAI,CAAC,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC;QACvB,IAAI,CAAC,eAAe,GAAG,GAAG,CAAC,eAAe,CAAC;QAC3C,IAAI,CAAC,YAAY,GAAG,GAAG,CAAC,YAAY,CAAC;QACrC,IAAI,CAAC,WAAW,GAAG,GAAG,CAAC,SAAS,CAAC;QACjC,IAAI,CAAC,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC;QAC7B,IAAI,GAAG,CAAC,mBAAmB,KAAK,SAAS,EAAE,CAAC;YAC1C,IAAI,CAAC,OAAO,GAAG,GAAG,CAAC,mBAAmB,CAAC;QACzC,CAAC;QACD,IAAI,GAAG,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;YAClC,IAAI,CAAC,KAAK,GAAG,GAAG,CAAC,WAAW,CAAC;QAC/B,CAAC;IACH,CAAC;IAED;;;;OAIG;IACH,IAAI;QACF,IAAI,IAAI,CAAC,aAAa,KAAK,IAAI,EAAE,CAAC;YAChC,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;QACpD,CAAC;QACD,IAAI,IAAI,CAAC,OAAO,KAAK,IAAI,EAAE,CAAC;YAC1B,IAAI,CAAC,OAAO,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC;QACjC,CAAC;QACD,IAAI,CAAC,MAAM,GAAG,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC5C,IAAI,IAAI,CAAC,KAAK,KAAK,IAAI,EAAE,CAAC;YACxB,IAAI,CAAC,KAAK,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC;QAC/B,CAAC;QACD,MAAM,QAAQ,GAAG,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC1C,MAAM,IAAI,GAAgB,SAAS,CAAC;YAClC,KAAK,EAAE,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC;YAC/B,SAAS,EAAE,IAAI,CAAC,WAAW;YAC3B,kBAAkB,EAAE;gBAClB,SAAS,EAAE,IAAI,CAAC,KAAK;gBACrB,GAAG,EAAE,YAAY,CAAC,IAAI,CAAC,MAAM,CAAC;gBAC9B,MAAM,EAAE,QAAQ;aACjB;YACD,YAAY,EAAE,IAAI,CAAC,YAAY;SAChC,CAAC,CAAC;QACH,IAAI,CAAC,aAAa,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC;QAC5C,OAAO,IAAI,CAAC,aAAa,CAAC;IAC5B,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,WAAW,CAAC,IAAgB;QAChC,IAAI,IAAI,CAAC,aAAa,KAAK,IAAI,EAAE,CAAC;YAChC,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;QACxD,CAAC;QAYD,MAAM,IAAI,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAC5C,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAiB,CAAC;QAC3C,IAAI,CAAC,CAAC,IAAI,KAAK,gBAAgB,IAAI,CAAC,CAAC,IAAI,KAAK,WAAW,EAAE,CAAC;YAC1D,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;QAC7D,CAAC;QACD,IAAI,CAAC,CAAC,cAAc,KAAK,eAAe,EAAE,CAAC;YACzC,MAAM,IAAI,KAAK,CACb,yCAAyC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,cAAc,CAAC,EAAE,CAC5E,CAAC;QACJ,CAAC;QACD,kDAAkD;QAClD,IAAI,OAAO,CAAC,CAAC,gBAAgB,KAAK,QAAQ,IAAI,CAAC,CAAC,gBAAgB,KAAK,EAAE,EAAE,CAAC;YACxE,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;QACnE,CAAC;QACD,MAAM,MAAM,GAAG,CAAC,CAAC,gBAAgB,CAAC;QAClC,MAAM,QAAQ,GAA4B,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC3D,QAAQ,CAAC,gBAAgB,GAAG,EAAE,CAAC;QAC/B,MAAM,SAAS,GAAG,gBAAgB,CAAC,QAAQ,CAAC,CAAC;QAC7C,MAAM,YAAY,GAAG,MAAM,CACzB,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,eAAe,CAAC,EACzC,SAAS,CACV,CAAC;QACF,IACE,CAAC,aAAa,CAAC,IAAI,CAAC,eAAe,EAAE,YAAY,CAAC,MAAM,CAAC,EAAE,YAAY,CAAC,EACxE,CAAC;YACD,MAAM,IAAI,KAAK,CACb,sDAAsD,CACvD,CAAC;QACJ,CAAC;QACD,MAAM,MAAM,GAAG,CAAC,CAAC,UAAU,IAAI,EAAE,CAAC;QAClC,IAAI,MAAM,CAAC,SAAS,KAAK,cAAc,EAAE,CAAC;YACxC,MAAM,IAAI,KAAK,CACb,wCAAwC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,CAC3E,CAAC;QACJ,CAAC;QACD,MAAM,UAAU,GAAG,MAAM,CAAC,UAAU,IAAI,CAAC,CAAC;QAC1C,IAAI,UAAU,GAAG,WAAW,EAAE,CAAC;YAC7B,MAAM,IAAI,qBAAqB,CAC7B,cAAc,UAAU,yBAAyB,WAAW,EAAE,CAC/D,CAAC;QACJ,CAAC;QACD,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,QAAQ,IAAI,CAAC,CAAC,OAAO,KAAK,EAAE,EAAE,CAAC;YACtD,MAAM,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;YACjC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,IAAI,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE,CAAC;gBAC1C,MAAM,IAAI,qBAAqB,CAC7B,8BAA8B,CAAC,CAAC,OAAO,EAAE,CAC1C,CAAC;YACJ,CAAC;QACH,CAAC;QACD,MAAM,MAAM,GAAG,YAAY,CAAC,MAAM,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC;QACjD,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC,YAAY,IAAI,EAAE,EAAE,UAAU,CAAC,CAAC;QAC1E,MAAM,GAAG,GAAG;YACV,IAAI,EAAE,gBAAgB;YACtB,IAAI,EAAE,oBAAoB;YAC1B,KAAK,EAAE,QAAQ;YACf,OAAO,EAAE,OAAO;YAChB,YAAY,EAAE,CAAC,CAAC,YAAY;YAC5B,cAAc,EAAE,eAAe;YAC/B,QAAQ,EAAE,EAAE,KAAK,EAAE,QAAQ,CAAC,QAAQ,EAAE,IAAI,EAAE,QAAQ,CAAC,OAAO,EAAE;SAC/D,CAAC;QACF,OAAO,gBAAgB,CAAC,GAAyC,CAAC,CAAC;IACrE,CAAC;IAED;;;;OAIG;IACH,UAAU,CAAC,IAAgB;QACzB,IAAI,IAAI,CAAC,aAAa,KAAK,IAAI,EAAE,CAAC;YAChC,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;QACvD,CAAC;QACD,IAAI,IAAI,CAAC,OAAO,KAAK,IAAI,IAAI,IAAI,CAAC,KAAK,KAAK,IAAI,EAAE,CAAC;YACjD,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;QACxD,CAAC;QACD,MAAM,IAAI,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAC5C,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAA4B,CAAC;QACtD,IAAI,CAAC,CAAC,MAAM,CAAC,KAAK,UAAU,EAAE,CAAC;YAC7B,MAAM,GAAG,GAAG,CAA+B,CAAC;YAC5C,MAAM,IAAI,sBAAsB,CAC9B,GAAG,CAAC,UAAU,EACd,GAAG,CAAC,WAAW,EACf,GAAG,CAAC,MAAM,CACX,CAAC;QACJ,CAAC;QACD,IAAI,CAAC,CAAC,IAAI,KAAK,gBAAgB,IAAI,CAAC,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;YACzD,MAAM,IAAI,KAAK,CACb,2CAA2C,CAAC,CAAC,IAAI,IAAI,GAAG,IAAI,CAAC,CAAC,IAAI,IAAI,GAAG,GAAG,CAC7E,CAAC;QACJ,CAAC;QACD,MAAM,IAAI,GAAG,CAA+B,CAAC;QAC7C,IAAI,IAAI,CAAC,YAAY,KAAK,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;YACnD,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;QAC/D,CAAC;QACD,2BAA2B;QAC3B,qBAAqB,CACnB,IAA0C,EAC1C,kBAAkB,EAClB,IAAI,CAAC,eAAe,CACrB,CAAC;QACF,MAAM,YAAY,GAAG,YAAY,CAAC,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,CAAC;QACjE,MAAM,WAAW,GAAG,YAAY,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QACpD,MAAM,MAAM,GAAG,WAAW,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QACvD,MAAM,GAAG,GAAG,aAAa,EAAE,CAAC;QAC5B,MAAM,IAAI,GAAG,+BAA+B,CAC1C,GAAG,EACH,MAAM,EACN,IAAI,CAAC,KAAK,EACV,WAAW,CACZ,CAAC;QACF,yDAAyD;QACzD,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACrB,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC;QAEpB,MAAM,aAAa,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC;QAC7C,MAAM,EAAE,GAAG,gBAAgB,CAAC,IAAI,CAAC,aAAa,EAAE,aAAa,CAAC,CAAC;QAE/D,IAAI,gBAAgB,GAAG,EAAE,CAAC;QAC1B,IAAI,IAAI,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;YAChC,gBAAgB,GAAG,oBAAoB,CAAC;gBACtC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,QAAQ;gBAChC,cAAc,EAAE,IAAI,CAAC,QAAQ,CAAC,cAAc;gBAC5C,kBAAkB,EAAE,IAAI,CAAC,QAAQ,CAAC,YAAY;gBAC9C,mBAAmB,EAAE,IAAI,CAAC,QAAQ,CAAC,aAAa;gBAChD,SAAS,EAAE,IAAI,CAAC,UAAU;gBAC1B,gBAAgB,EAAE,EAAE;gBACpB,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,UAAU,KAAK,SAAS;oBACxC,CAAC,CAAC,EAAE,UAAU,EAAE,IAAI,CAAC,QAAQ,CAAC,UAAU,EAAE;oBAC1C,CAAC,CAAC,EAAE,CAAC;aACR,CAAC,CAAC,gBAAgB,CAAC;QACtB,CAAC;QACD,MAAM,OAAO,GAAmB,YAAY,CAAC;YAC3C,SAAS,EAAE,IAAI,CAAC,UAAU;YAC1B,mBAAmB,EAAE,YAAY,CAAC,EAAE,CAAC;YACrC,gBAAgB;SACjB,CAAC,CAAC;QAEH,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC;QACjC,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;QACxB,IAAI,CAAC,kBAAkB,GAAG,IAAI,CAAC,qBAAqB,CAAC,MAAM,CAAC;QAC5D,IAAI,CAAC,sBAAsB,GAAG,IAAI,CAAC,qBAAqB,CAAC,SAAS,CAAC;QAEnE,OAAO,gBAAgB,CAAC,OAAO,CAAC,CAAC;IACnC,CAAC;IAED;;;;;;OAMG;IACH,UAAU,CAAC,IAAgB;QACzB,IAAI,IAAI,CAAC,WAAW,KAAK,IAAI,EAAE,CAAC;YAC9B,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;QAC7D,CAAC;QACD,MAAM,IAAI,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAC5C,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAA4B,CAAC;QACtD,IAAI,CAAC,CAAC,MAAM,CAAC,KAAK,UAAU,EAAE,CAAC;YAC7B,MAAM,GAAG,GAAG,CAA+B,CAAC;YAC5C,MAAM,IAAI,sBAAsB,CAC9B,GAAG,CAAC,UAAU,EACd,GAAG,CAAC,WAAW,EACf,GAAG,CAAC,MAAM,CACX,CAAC;QACJ,CAAC;QACD,IAAI,CAAC,CAAC,MAAM,CAAC,KAAK,gBAAgB,IAAI,CAAC,CAAC,MAAM,CAAC,KAAK,UAAU,EAAE,CAAC;YAC/D,MAAM,IAAI,KAAK,CACb,2CAA2C,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,GAAG,CAAC,IAAI,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,GAAG,CAAC,GAAG,CACnG,CAAC;QACJ,CAAC;QACD,MAAM,GAAG,GAAG,CAA+B,CAAC;QAC5C,IAAI,GAAG,CAAC,UAAU,KAAK,IAAI,CAAC,SAAS,EAAE,CAAC;YACtC,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;QAC7D,CAAC;QACD,qBAAqB,CACnB,GAAyC,EACzC,kBAAkB,EAClB,IAAI,CAAC,eAAe,CACrB,CAAC;QACF,MAAM,GAAG,GAAG,GAAG,CAAC,WAAW,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC;QACxD,IAAI,CAAC,YAAY,GAAG;YAClB,SAAS,EAAE,GAAG,CAAC,UAAU;YACzB,UAAU,EAAE,GAAG;YACf,WAAW,EAAE,GAAG,CAAC,WAAW;YAC5B,IAAI,EAAE,IAAI,CAAC,WAAW;YACtB,wBAAwB,EAAE,IAAI,CAAC,kBAAkB;YACjD,4BAA4B,EAAE,IAAI,CAAC,sBAAsB;YACzD,UAAU,EAAE,GAAG,CAAC,UAAU;YAC1B,GAAG,CAAC,GAAG,CAAC,iBAAiB,KAAK,SAAS;gBACrC,CAAC,CAAC,EAAE,gBAAgB,EAAE,GAAG,CAAC,iBAAiB,EAAE;gBAC7C,CAAC,CAAC,EAAE,CAAC;SACR,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACH,UAAU,CAAC,IAAgB;QACzB,MAAM,IAAI,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAC5C,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAGxB,CAAC;QACF,IAAI,CAAC,CAAC,IAAI,KAAK,gBAAgB,IAAI,CAAC,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;YACzD,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;QAC5D,CAAC;QACD,MAAM,GAAG,GAAG,CAAoB,CAAC;QACjC,OAAO,IAAI,sBAAsB,CAC/B,GAAG,CAAC,UAAU,EACd,GAAG,CAAC,WAAW,EACf,GAAG,CAAC,MAAM,CACX,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;OAYG;IACH,MAAM,CAAC,MAAc;QACnB,IAAI,IAAI,CAAC,gBAAgB,KAAK,IAAI,EAAE,CAAC;YACnC,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;QACnE,CAAC;QACD,IAAI,MAAM,KAAK,EAAE,EAAE,CAAC;YAClB,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;QACxD,CAAC;QACD,IAAI,IAAI,CAAC,WAAW,KAAK,IAAI,EAAE,CAAC;YAC9B,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC;QACrC,CAAC;QACD,MAAM,GAAG,GAAG;YACV,IAAI,EAAE,gBAAgB;YACtB,IAAI,EAAE,QAAQ;YACd,KAAK,EAAE,QAAQ;YACf,OAAO,EAAE,OAAO;YAChB,MAAM;YACN,YAAY,EAAE,YAAY,CAAC,IAAI,CAAC,WAAW,CAAC;YAC5C,YAAY,EAAE,IAAI,CAAC,YAAY;YAC/B,UAAU,EAAE,EAAE;SACf,CAAC;QACF,OAAO,gBAAgB,CAAC,GAAyC,CAAC,CAAC;IACrE,CAAC;IAED;;;;OAIG;IACH,gBAAgB,CAAC,IAAgB;QAI/B,IAAI,IAAI,CAAC,gBAAgB,KAAK,IAAI,IAAI,IAAI,CAAC,WAAW,KAAK,IAAI,EAAE,CAAC;YAChE,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;QAC/D,CAAC;QACD,MAAM,IAAI,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAC5C,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAA4B,CAAC;QACtD,IAAI,CAAC,CAAC,MAAM,CAAC,KAAK,UAAU,EAAE,CAAC;YAC7B,MAAM,GAAG,GAAG,CAA+B,CAAC;YAC5C,MAAM,IAAI,sBAAsB,CAC9B,GAAG,CAAC,UAAU,EACd,GAAG,CAAC,WAAW,EACf,GAAG,CAAC,MAAM,CACX,CAAC;QACJ,CAAC;QACD,IAAI,CAAC,CAAC,MAAM,CAAC,KAAK,gBAAgB,IAAI,CAAC,CAAC,MAAM,CAAC,KAAK,UAAU,EAAE,CAAC;YAC/D,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;QACnE,CAAC;QACD,MAAM,GAAG,GAAG,CAA2D,CAAC;QACxE,qBAAqB,CACnB,GAAyC,EACzC,kBAAkB,EAClB,IAAI,CAAC,eAAe,CACrB,CAAC;QACF,IAAI,OAAO,GAAG,CAAC,YAAY,KAAK,QAAQ,IAAI,GAAG,CAAC,YAAY,KAAK,EAAE,EAAE,CAAC;YACpE,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;QACrE,CAAC;QACD,MAAM,WAAW,GAAG,YAAY,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QACnD,MAAM,GAAG,GAAG,aAAa,EAAE,CAAC;QAC5B,uDAAuD;QACvD,cAAc;QACd,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,gBAAgB,EAAE,IAAI,UAAU,EAAE,CAAC,CAAC;QAC5D,MAAM,IAAI,GAAG,+BAA+B,CAC1C,GAAG,EACH,GAAG,EACH,IAAI,CAAC,WAAW,EAChB,WAAW,CACZ,CAAC;QACF,mCAAmC;QACnC,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAC9B,IAAI,CAAC,gBAAgB,GAAG,IAAI,CAAC;QAC7B,MAAM,GAAG,GAAG,GAAG,CAAC,WAAW,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC;QACxD,MAAM,IAAI,GAA2B;YACnC,SAAS,EAAE,GAAG,CAAC,UAAU;YACzB,UAAU,EAAE,GAAG;YACf,WAAW,EAAE,GAAG,CAAC,WAAW;YAC5B,IAAI;YACJ,wBAAwB,EAAE,EAAE;YAC5B,4BAA4B,EAAE,EAAE;YAChC,UAAU,EAAE,GAAG,CAAC,UAAU;YAC1B,GAAG,CAAC,GAAG,CAAC,iBAAiB,KAAK,SAAS;gBACrC,CAAC,CAAC,EAAE,gBAAgB,EAAE,GAAG,CAAC,iBAAiB,EAAE;gBAC7C,CAAC,CAAC,EAAE,CAAC;SACR,CAAC;QACF,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC;QACzB,OAAO;YACL,OAAO,EAAE,IAAI;YACb,SAAS,EAAE,GAAG,CAAC,iBAAiB,EAAE,KAAK;SACxC,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACH,oBAAoB,CAAC,MAAkB;QACrC,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACxB,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;QACxD,CAAC;QACD,IAAI,CAAC,gBAAgB,GAAG,MAAM,CAAC,KAAK,EAAE,CAAC;IACzC,CAAC;IAED,kFAAkF;IAClF,OAAO;QACL,IAAI,IAAI,CAAC,YAAY,KAAK,IAAI,EAAE,CAAC;YAC/B,MAAM,IAAI,KAAK,CACb,gEAAgE,CACjE,CAAC;QACJ,CAAC;QACD,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;IAED;;;OAGG;IACH,KAAK;QACH,IAAI,IAAI,CAAC,OAAO,KAAK,IAAI,EAAE,CAAC;YAC1B,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACrB,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC;QACtB,CAAC;QACD,IAAI,IAAI,CAAC,gBAAgB,KAAK,IAAI,EAAE,CAAC;YACnC,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAC9B,IAAI,CAAC,gBAAgB,GAAG,IAAI,CAAC;QAC/B,CAAC;QACD,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;IAC1B,CAAC;CACF;AAED;;;;;;;;;;;GAWG;AACH,KAAK,UAAU,QAAQ,CACrB,MAAkB,EAClB,WAAmB,EACnB,UAAkB;IAElB,kDAAkD;IAClD,kEAAkE;IAClE,MAAM,GAAG,GAAG,IAAI,WAAW,EAAE,CAAC;IAC9B,MAAM,SAAS,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;IACvC,IAAI,OAAO,GAAG,EAAE,CAAC;IACjB,OAAO,IAAI,EAAE,CAAC;QACZ,MAAM,KAAK,GAAG,cAAc,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QAC1C,MAAM,QAAQ,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;QACrC,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,SAAS,IAAI,WAAW,IAAI,QAAQ,EAAE,CAAC,CAAC,CAAC;QAC1E,IAAI,eAAe,CAAC,GAAG,CAAC,IAAI,UAAU,EAAE,CAAC;YACvC,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QAChD,CAAC;QACD,OAAO,IAAI,EAAE,CAAC;QACd,8DAA8D;QAC9D,IAAI,OAAO,GAAG,KAAK,KAAK,EAAE,EAAE,CAAC;YAC3B,MAAM,IAAI,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QAC7C,CAAC;IACH,CAAC;AACH,CAAC;AAED,SAAS,cAAc,CAAC,CAAS,EAAE,IAAY;IAC7C,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC;IACjC,IAAI,CAAC,GAAG,CAAC,CAAC;IACV,KAAK,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QACnC,GAAG,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC;QAC3B,CAAC,KAAK,EAAE,CAAC;IACX,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,UAAU,CAAC,CAAa;IAC/B,OAAO,KAAK,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AACxE,CAAC;AAED,SAAS,qBAAqB,CAC5B,OAAgC,EAChC,cAAsB,EACtB,eAA2B;IAE3B,MAAM,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;IACvC,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,MAAM,KAAK,EAAE,EAAE,CAAC;QAChD,MAAM,IAAI,KAAK,CAAC,cAAc,cAAc,mBAAmB,CAAC,CAAC;IACnE,CAAC;IACD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAA4B,CAAC;IAC7E,KAAK,CAAC,cAAc,CAAC,GAAG,EAAE,CAAC;IAC3B,MAAM,SAAS,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC;IAC1C,MAAM,YAAY,GAAG,MAAM,CACzB,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,eAAe,CAAC,EACzC,SAAS,CACV,CAAC;IACF,MAAM,GAAG,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;IACjC,IAAI,CAAC,aAAa,CAAC,eAAe,EAAE,GAAG,EAAE,YAAY,CAAC,EAAE,CAAC;QACvD,MAAM,IAAI,KAAK,CACb,cAAc,cAAc,yCAAyC,CACtE,CAAC;IACJ,CAAC;AACH,CAAC;AAED,SAAS,WAAW,CAAC,CAAS;IAC5B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC;IAC9B,UAAU,CAAC,MAAM,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;IACvC,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,MAAM,CAAC,CAAa,EAAE,CAAa;IAC1C,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC;IAChD,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACd,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC;IACrB,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,YAAY,CAAC,CAAa;IACjC,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;QAClC,OAAO,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAC3C,CAAC;IACD,IAAI,GAAG,GAAG,EAAE,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAClC,GAAG,IAAI,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IACxC,CAAC;IACD,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC;AACnB,CAAC;AAED,SAAS,YAAY,CAAC,CAAS;IAC7B,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;QAClC,OAAO,IAAI,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,CAAC;IAClD,CAAC;IACD,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;IACpB,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACvC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACpC,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;IAC7B,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC"}

package/dist/handshake/confirm.d.ts ADDED Viewed

@@ -0,0 +1,21 @@
+/**
+ * Confirmation hash per HANDSHAKE.md §2.5.3.
+ *
+ * The hash binds the client's identity proof to the specific
+ * handshake exchange it was issued in. Both parties compute the same
+ * hash from the canonical bytes of message_1 (init) and message_2
+ * (response).
+ *
+ * @module
+ */
+/**
+ * Compute SHA-256 over the concatenation of canonical(message_1)
+ * and canonical(message_2). The caller MUST pass the canonical
+ * bytes — sorted keys, no insignificant whitespace, as defined in
+ * ENVELOPE.md §4.3 — not the wire-format bytes.
+ *
+ * The output is the 32-byte digest the client signs as part of its
+ * identity proof.
+ */
+export declare function confirmationHash(message1Canonical: Uint8Array, message2Canonical: Uint8Array): Uint8Array;
+//# sourceMappingURL=confirm.d.ts.map

package/dist/handshake/confirm.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"confirm.d.ts","sourceRoot":"","sources":["../../src/handshake/confirm.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAIH;;;;;;;;GAQG;AACH,wBAAgB,gBAAgB,CAC9B,iBAAiB,EAAE,UAAU,EAC7B,iBAAiB,EAAE,UAAU,GAC5B,UAAU,CAKZ"}

package/dist/handshake/confirm.js ADDED Viewed

@@ -0,0 +1,27 @@
+/**
+ * Confirmation hash per HANDSHAKE.md §2.5.3.
+ *
+ * The hash binds the client's identity proof to the specific
+ * handshake exchange it was issued in. Both parties compute the same
+ * hash from the canonical bytes of message_1 (init) and message_2
+ * (response).
+ *
+ * @module
+ */
+import { sha256 } from "@noble/hashes/sha2.js";
+/**
+ * Compute SHA-256 over the concatenation of canonical(message_1)
+ * and canonical(message_2). The caller MUST pass the canonical
+ * bytes — sorted keys, no insignificant whitespace, as defined in
+ * ENVELOPE.md §4.3 — not the wire-format bytes.
+ *
+ * The output is the 32-byte digest the client signs as part of its
+ * identity proof.
+ */
+export function confirmationHash(message1Canonical, message2Canonical) {
+    const buf = new Uint8Array(message1Canonical.length + message2Canonical.length);
+    buf.set(message1Canonical, 0);
+    buf.set(message2Canonical, message1Canonical.length);
+    return sha256(buf);
+}
+//# sourceMappingURL=confirm.js.map

package/dist/handshake/confirm.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"confirm.js","sourceRoot":"","sources":["../../src/handshake/confirm.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAE/C;;;;;;;;GAQG;AACH,MAAM,UAAU,gBAAgB,CAC9B,iBAA6B,EAC7B,iBAA6B;IAE7B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,iBAAiB,CAAC,MAAM,GAAG,iBAAiB,CAAC,MAAM,CAAC,CAAC;IAChF,GAAG,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,CAAC,CAAC;IAC9B,GAAG,CAAC,GAAG,CAAC,iBAAiB,EAAE,iBAAiB,CAAC,MAAM,CAAC,CAAC;IACrD,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC;AACrB,CAAC"}