npm - @sempdev/semp - Versions diffs - 0.4.3 - Mend

@sempdev/semp 0.4.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (559) hide show

package/LICENSE +21 -0
package/README.md +59 -0
package/dist/brief/address.d.ts +77 -0
package/dist/brief/address.d.ts.map +1 -0
package/dist/brief/address.js +217 -0
package/dist/brief/address.js.map +1 -0
package/dist/brief/brief.d.ts +75 -0
package/dist/brief/brief.d.ts.map +1 -0
package/dist/brief/brief.js +56 -0
package/dist/brief/brief.js.map +1 -0
package/dist/brief/index.d.ts +11 -0
package/dist/brief/index.d.ts.map +1 -0
package/dist/brief/index.js +11 -0
package/dist/brief/index.js.map +1 -0
package/dist/canonical/index.d.ts +8 -0
package/dist/canonical/index.d.ts.map +1 -0
package/dist/canonical/index.js +8 -0
package/dist/canonical/index.js.map +1 -0
package/dist/canonical/marshal.d.ts +35 -0
package/dist/canonical/marshal.d.ts.map +1 -0
package/dist/canonical/marshal.js +107 -0
package/dist/canonical/marshal.js.map +1 -0
package/dist/clockskew/index.d.ts +52 -0
package/dist/clockskew/index.d.ts.map +1 -0
package/dist/clockskew/index.js +62 -0
package/dist/clockskew/index.js.map +1 -0
package/dist/closure/closure.d.ts +106 -0
package/dist/closure/closure.d.ts.map +1 -0
package/dist/closure/closure.js +152 -0
package/dist/closure/closure.js.map +1 -0
package/dist/closure/driver.d.ts +103 -0
package/dist/closure/driver.d.ts.map +1 -0
package/dist/closure/driver.js +126 -0
package/dist/closure/driver.js.map +1 -0
package/dist/closure/index.d.ts +13 -0
package/dist/closure/index.d.ts.map +1 -0
package/dist/closure/index.js +13 -0
package/dist/closure/index.js.map +1 -0
package/dist/closure/store.d.ts +80 -0
package/dist/closure/store.d.ts.map +1 -0
package/dist/closure/store.js +89 -0
package/dist/closure/store.js.map +1 -0
package/dist/crypto/aead.d.ts +29 -0
package/dist/crypto/aead.d.ts.map +1 -0
package/dist/crypto/aead.js +48 -0
package/dist/crypto/aead.js.map +1 -0
package/dist/crypto/argon2.d.ts +20 -0
package/dist/crypto/argon2.d.ts.map +1 -0
package/dist/crypto/argon2.js +28 -0
package/dist/crypto/argon2.js.map +1 -0
package/dist/crypto/index.d.ts +14 -0
package/dist/crypto/index.d.ts.map +1 -0
package/dist/crypto/index.js +14 -0
package/dist/crypto/index.js.map +1 -0
package/dist/crypto/kdf.d.ts +96 -0
package/dist/crypto/kdf.d.ts.map +1 -0
package/dist/crypto/kdf.js +122 -0
package/dist/crypto/kdf.js.map +1 -0
package/dist/crypto/kem.d.ts +85 -0
package/dist/crypto/kem.d.ts.map +1 -0
package/dist/crypto/kem.js +130 -0
package/dist/crypto/kem.js.map +1 -0
package/dist/crypto/mac.d.ts +19 -0
package/dist/crypto/mac.d.ts.map +1 -0
package/dist/crypto/mac.js +32 -0
package/dist/crypto/mac.js.map +1 -0
package/dist/delivery/ack.d.ts +125 -0
package/dist/delivery/ack.d.ts.map +1 -0
package/dist/delivery/ack.js +141 -0
package/dist/delivery/ack.js.map +1 -0
package/dist/delivery/blocklist.d.ts +87 -0
package/dist/delivery/blocklist.d.ts.map +1 -0
package/dist/delivery/blocklist.js +107 -0
package/dist/delivery/blocklist.js.map +1 -0
package/dist/delivery/cancel.d.ts +60 -0
package/dist/delivery/cancel.d.ts.map +1 -0
package/dist/delivery/cancel.js +43 -0
package/dist/delivery/cancel.js.map +1 -0
package/dist/delivery/disposition.d.ts +106 -0
package/dist/delivery/disposition.d.ts.map +1 -0
package/dist/delivery/disposition.js +105 -0
package/dist/delivery/disposition.js.map +1 -0
package/dist/delivery/fetch.d.ts +59 -0
package/dist/delivery/fetch.d.ts.map +1 -0
package/dist/delivery/fetch.js +47 -0
package/dist/delivery/fetch.js.map +1 -0
package/dist/delivery/forwarder.d.ts +106 -0
package/dist/delivery/forwarder.d.ts.map +1 -0
package/dist/delivery/forwarder.js +251 -0
package/dist/delivery/forwarder.js.map +1 -0
package/dist/delivery/inbox.d.ts +42 -0
package/dist/delivery/inbox.d.ts.map +1 -0
package/dist/delivery/inbox.js +68 -0
package/dist/delivery/inbox.js.map +1 -0
package/dist/delivery/index.d.ts +31 -0
package/dist/delivery/index.d.ts.map +1 -0
package/dist/delivery/index.js +31 -0
package/dist/delivery/index.js.map +1 -0
package/dist/delivery/internalroute.d.ts +50 -0
package/dist/delivery/internalroute.d.ts.map +1 -0
package/dist/delivery/internalroute.js +23 -0
package/dist/delivery/internalroute.js.map +1 -0
package/dist/delivery/pipeline.d.ts +153 -0
package/dist/delivery/pipeline.d.ts.map +1 -0
package/dist/delivery/pipeline.js +356 -0
package/dist/delivery/pipeline.js.map +1 -0
package/dist/delivery/policy_state.d.ts +105 -0
package/dist/delivery/policy_state.d.ts.map +1 -0
package/dist/delivery/policy_state.js +293 -0
package/dist/delivery/policy_state.js.map +1 -0
package/dist/delivery/queue.d.ts +47 -0
package/dist/delivery/queue.d.ts.map +1 -0
package/dist/delivery/queue.js +33 -0
package/dist/delivery/queue.js.map +1 -0
package/dist/delivery/receipt.d.ts +137 -0
package/dist/delivery/receipt.d.ts.map +1 -0
package/dist/delivery/receipt.js +181 -0
package/dist/delivery/receipt.js.map +1 -0
package/dist/delivery/receipt_store.d.ts +81 -0
package/dist/delivery/receipt_store.d.ts.map +1 -0
package/dist/delivery/receipt_store.js +74 -0
package/dist/delivery/receipt_store.js.map +1 -0
package/dist/delivery/retry.d.ts +78 -0
package/dist/delivery/retry.d.ts.map +1 -0
package/dist/delivery/retry.js +132 -0
package/dist/delivery/retry.js.map +1 -0
package/dist/delivery/scheduler.d.ts +156 -0
package/dist/delivery/scheduler.d.ts.map +1 -0
package/dist/delivery/scheduler.js +349 -0
package/dist/delivery/scheduler.js.map +1 -0
package/dist/delivery/stage_partition.d.ts +87 -0
package/dist/delivery/stage_partition.d.ts.map +1 -0
package/dist/delivery/stage_partition.js +122 -0
package/dist/delivery/stage_partition.js.map +1 -0
package/dist/delivery/staged_runner.d.ts +100 -0
package/dist/delivery/staged_runner.d.ts.map +1 -0
package/dist/delivery/staged_runner.js +277 -0
package/dist/delivery/staged_runner.js.map +1 -0
package/dist/delivery/submission.d.ts +72 -0
package/dist/delivery/submission.d.ts.map +1 -0
package/dist/delivery/submission.js +58 -0
package/dist/delivery/submission.js.map +1 -0
package/dist/delivery/sync.d.ts +68 -0
package/dist/delivery/sync.d.ts.map +1 -0
package/dist/delivery/sync.js +99 -0
package/dist/delivery/sync.js.map +1 -0
package/dist/delivery/user_policy.d.ts +74 -0
package/dist/delivery/user_policy.d.ts.map +1 -0
package/dist/delivery/user_policy.js +140 -0
package/dist/delivery/user_policy.js.map +1 -0
package/dist/discovery/cache.d.ts +37 -0
package/dist/discovery/cache.d.ts.map +1 -0
package/dist/discovery/cache.js +45 -0
package/dist/discovery/cache.js.map +1 -0
package/dist/discovery/configuration.d.ts +97 -0
package/dist/discovery/configuration.d.ts.map +1 -0
package/dist/discovery/configuration.js +146 -0
package/dist/discovery/configuration.js.map +1 -0
package/dist/discovery/dns.d.ts +56 -0
package/dist/discovery/dns.d.ts.map +1 -0
package/dist/discovery/dns.js +120 -0
package/dist/discovery/dns.js.map +1 -0
package/dist/discovery/domain_keys.d.ts +62 -0
package/dist/discovery/domain_keys.d.ts.map +1 -0
package/dist/discovery/domain_keys.js +89 -0
package/dist/discovery/domain_keys.js.map +1 -0
package/dist/discovery/index.d.ts +19 -0
package/dist/discovery/index.d.ts.map +1 -0
package/dist/discovery/index.js +19 -0
package/dist/discovery/index.js.map +1 -0
package/dist/discovery/lookup.d.ts +72 -0
package/dist/discovery/lookup.d.ts.map +1 -0
package/dist/discovery/lookup.js +121 -0
package/dist/discovery/lookup.js.map +1 -0
package/dist/discovery/onion.d.ts +34 -0
package/dist/discovery/onion.d.ts.map +1 -0
package/dist/discovery/onion.js +61 -0
package/dist/discovery/onion.js.map +1 -0
package/dist/discovery/partition.d.ts +96 -0
package/dist/discovery/partition.d.ts.map +1 -0
package/dist/discovery/partition.js +247 -0
package/dist/discovery/partition.js.map +1 -0
package/dist/discovery/resolver.d.ts +113 -0
package/dist/discovery/resolver.d.ts.map +1 -0
package/dist/discovery/resolver.js +176 -0
package/dist/discovery/resolver.js.map +1 -0
package/dist/discovery/txt.d.ts +39 -0
package/dist/discovery/txt.d.ts.map +1 -0
package/dist/discovery/txt.js +71 -0
package/dist/discovery/txt.js.map +1 -0
package/dist/enclosure/forwarding.d.ts +128 -0
package/dist/enclosure/forwarding.d.ts.map +1 -0
package/dist/enclosure/forwarding.js +119 -0
package/dist/enclosure/forwarding.js.map +1 -0
package/dist/enclosure/index.d.ts +11 -0
package/dist/enclosure/index.d.ts.map +1 -0
package/dist/enclosure/index.js +11 -0
package/dist/enclosure/index.js.map +1 -0
package/dist/envelope/buckets.d.ts +38 -0
package/dist/envelope/buckets.d.ts.map +1 -0
package/dist/envelope/buckets.js +73 -0
package/dist/envelope/buckets.js.map +1 -0
package/dist/envelope/canonical.d.ts +28 -0
package/dist/envelope/canonical.d.ts.map +1 -0
package/dist/envelope/canonical.js +54 -0
package/dist/envelope/canonical.js.map +1 -0
package/dist/envelope/compose.d.ts +171 -0
package/dist/envelope/compose.d.ts.map +1 -0
package/dist/envelope/compose.js +237 -0
package/dist/envelope/compose.js.map +1 -0
package/dist/envelope/encode.d.ts +41 -0
package/dist/envelope/encode.d.ts.map +1 -0
package/dist/envelope/encode.js +69 -0
package/dist/envelope/encode.js.map +1 -0
package/dist/envelope/index.d.ts +20 -0
package/dist/envelope/index.d.ts.map +1 -0
package/dist/envelope/index.js +20 -0
package/dist/envelope/index.js.map +1 -0
package/dist/envelope/open_any.d.ts +48 -0
package/dist/envelope/open_any.d.ts.map +1 -0
package/dist/envelope/open_any.js +81 -0
package/dist/envelope/open_any.js.map +1 -0
package/dist/envelope/open_verified.d.ts +59 -0
package/dist/envelope/open_verified.d.ts.map +1 -0
package/dist/envelope/open_verified.js +67 -0
package/dist/envelope/open_verified.js.map +1 -0
package/dist/envelope/padding.d.ts +55 -0
package/dist/envelope/padding.d.ts.map +1 -0
package/dist/envelope/padding.js +162 -0
package/dist/envelope/padding.js.map +1 -0
package/dist/envelope/rejection.d.ts +22 -0
package/dist/envelope/rejection.d.ts.map +1 -0
package/dist/envelope/rejection.js +30 -0
package/dist/envelope/rejection.js.map +1 -0
package/dist/envelope/sendtime.d.ts +49 -0
package/dist/envelope/sendtime.d.ts.map +1 -0
package/dist/envelope/sendtime.js +87 -0
package/dist/envelope/sendtime.js.map +1 -0
package/dist/envelope/verify.d.ts +29 -0
package/dist/envelope/verify.d.ts.map +1 -0
package/dist/envelope/verify.js +90 -0
package/dist/envelope/verify.js.map +1 -0
package/dist/extensions/index.d.ts +7 -0
package/dist/extensions/index.d.ts.map +1 -0
package/dist/extensions/index.js +7 -0
package/dist/extensions/index.js.map +1 -0
package/dist/extensions/limits.d.ts +101 -0
package/dist/extensions/limits.d.ts.map +1 -0
package/dist/extensions/limits.js +175 -0
package/dist/extensions/limits.js.map +1 -0
package/dist/handshake/abort.d.ts +49 -0
package/dist/handshake/abort.d.ts.map +1 -0
package/dist/handshake/abort.js +82 -0
package/dist/handshake/abort.js.map +1 -0
package/dist/handshake/capabilities.d.ts +46 -0
package/dist/handshake/capabilities.d.ts.map +1 -0
package/dist/handshake/capabilities.js +114 -0
package/dist/handshake/capabilities.js.map +1 -0
package/dist/handshake/client_state.d.ts +186 -0
package/dist/handshake/client_state.d.ts.map +1 -0
package/dist/handshake/client_state.js +520 -0
package/dist/handshake/client_state.js.map +1 -0
package/dist/handshake/confirm.d.ts +21 -0
package/dist/handshake/confirm.d.ts.map +1 -0
package/dist/handshake/confirm.js +27 -0
package/dist/handshake/confirm.js.map +1 -0
package/dist/handshake/driver.d.ts +126 -0
package/dist/handshake/driver.d.ts.map +1 -0
package/dist/handshake/driver.js +251 -0
package/dist/handshake/driver.js.map +1 -0
package/dist/handshake/federation.d.ts +365 -0
package/dist/handshake/federation.d.ts.map +1 -0
package/dist/handshake/federation.js +664 -0
package/dist/handshake/federation.js.map +1 -0
package/dist/handshake/first_contact.d.ts +57 -0
package/dist/handshake/first_contact.d.ts.map +1 -0
package/dist/handshake/first_contact.js +124 -0
package/dist/handshake/first_contact.js.map +1 -0
package/dist/handshake/identity.d.ts +101 -0
package/dist/handshake/identity.d.ts.map +1 -0
package/dist/handshake/identity.js +117 -0
package/dist/handshake/identity.js.map +1 -0
package/dist/handshake/index.d.ts +21 -0
package/dist/handshake/index.d.ts.map +1 -0
package/dist/handshake/index.js +21 -0
package/dist/handshake/index.js.map +1 -0
package/dist/handshake/messages.d.ts +176 -0
package/dist/handshake/messages.d.ts.map +1 -0
package/dist/handshake/messages.js +125 -0
package/dist/handshake/messages.js.map +1 -0
package/dist/handshake/pow.d.ts +53 -0
package/dist/handshake/pow.d.ts.map +1 -0
package/dist/handshake/pow.js +142 -0
package/dist/handshake/pow.js.map +1 -0
package/dist/handshake/resume_driver.d.ts +56 -0
package/dist/handshake/resume_driver.d.ts.map +1 -0
package/dist/handshake/resume_driver.js +75 -0
package/dist/handshake/resume_driver.js.map +1 -0
package/dist/handshake/server.d.ts +112 -0
package/dist/handshake/server.d.ts.map +1 -0
package/dist/handshake/server.js +247 -0
package/dist/handshake/server.js.map +1 -0
package/dist/handshake/server_state.d.ts +102 -0
package/dist/handshake/server_state.d.ts.map +1 -0
package/dist/handshake/server_state.js +278 -0
package/dist/handshake/server_state.js.map +1 -0
package/dist/index.d.ts +33 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +33 -0
package/dist/index.js.map +1 -0
package/dist/keys/compromise.d.ts +118 -0
package/dist/keys/compromise.d.ts.map +1 -0
package/dist/keys/compromise.js +218 -0
package/dist/keys/compromise.js.map +1 -0
package/dist/keys/device_certificate.d.ts +166 -0
package/dist/keys/device_certificate.d.ts.map +1 -0
package/dist/keys/device_certificate.js +328 -0
package/dist/keys/device_certificate.js.map +1 -0
package/dist/keys/device_records.d.ts +175 -0
package/dist/keys/device_records.d.ts.map +1 -0
package/dist/keys/device_records.js +418 -0
package/dist/keys/device_records.js.map +1 -0
package/dist/keys/directory_cache.d.ts +64 -0
package/dist/keys/directory_cache.d.ts.map +1 -0
package/dist/keys/directory_cache.js +98 -0
package/dist/keys/directory_cache.js.map +1 -0
package/dist/keys/directory_state.d.ts +79 -0
package/dist/keys/directory_state.d.ts.map +1 -0
package/dist/keys/directory_state.js +155 -0
package/dist/keys/directory_state.js.map +1 -0
package/dist/keys/index.d.ts +18 -0
package/dist/keys/index.d.ts.map +1 -0
package/dist/keys/index.js +18 -0
package/dist/keys/index.js.map +1 -0
package/dist/keys/key_revocation.d.ts +61 -0
package/dist/keys/key_revocation.d.ts.map +1 -0
package/dist/keys/key_revocation.js +88 -0
package/dist/keys/key_revocation.js.map +1 -0
package/dist/keys/request.d.ts +124 -0
package/dist/keys/request.d.ts.map +1 -0
package/dist/keys/request.js +130 -0
package/dist/keys/request.js.map +1 -0
package/dist/keys/sign.d.ts +49 -0
package/dist/keys/sign.d.ts.map +1 -0
package/dist/keys/sign.js +80 -0
package/dist/keys/sign.js.map +1 -0
package/dist/keys/signed.d.ts +80 -0
package/dist/keys/signed.d.ts.map +1 -0
package/dist/keys/signed.js +138 -0
package/dist/keys/signed.js.map +1 -0
package/dist/keys/store.d.ts +138 -0
package/dist/keys/store.d.ts.map +1 -0
package/dist/keys/store.js +107 -0
package/dist/keys/store.js.map +1 -0
package/dist/largeattachment/crypto.d.ts +47 -0
package/dist/largeattachment/crypto.d.ts.map +1 -0
package/dist/largeattachment/crypto.js +235 -0
package/dist/largeattachment/crypto.js.map +1 -0
package/dist/largeattachment/enclosure.d.ts +48 -0
package/dist/largeattachment/enclosure.d.ts.map +1 -0
package/dist/largeattachment/enclosure.js +102 -0
package/dist/largeattachment/enclosure.js.map +1 -0
package/dist/largeattachment/index.d.ts +15 -0
package/dist/largeattachment/index.d.ts.map +1 -0
package/dist/largeattachment/index.js +15 -0
package/dist/largeattachment/index.js.map +1 -0
package/dist/largeattachment/store.d.ts +36 -0
package/dist/largeattachment/store.d.ts.map +1 -0
package/dist/largeattachment/store.js +37 -0
package/dist/largeattachment/store.js.map +1 -0
package/dist/largeattachment/types.d.ts +56 -0
package/dist/largeattachment/types.d.ts.map +1 -0
package/dist/largeattachment/types.js +31 -0
package/dist/largeattachment/types.js.map +1 -0
package/dist/largeattachment/upload.d.ts +62 -0
package/dist/largeattachment/upload.d.ts.map +1 -0
package/dist/largeattachment/upload.js +166 -0
package/dist/largeattachment/upload.js.map +1 -0
package/dist/migration/index.d.ts +17 -0
package/dist/migration/index.d.ts.map +1 -0
package/dist/migration/index.js +17 -0
package/dist/migration/index.js.map +1 -0
package/dist/migration/lockout.d.ts +48 -0
package/dist/migration/lockout.d.ts.map +1 -0
package/dist/migration/lockout.js +57 -0
package/dist/migration/lockout.js.map +1 -0
package/dist/migration/migration.d.ts +48 -0
package/dist/migration/migration.d.ts.map +1 -0
package/dist/migration/migration.js +58 -0
package/dist/migration/migration.js.map +1 -0
package/dist/migration/notice.d.ts +33 -0
package/dist/migration/notice.d.ts.map +1 -0
package/dist/migration/notice.js +85 -0
package/dist/migration/notice.js.map +1 -0
package/dist/migration/orchestrate.d.ts +109 -0
package/dist/migration/orchestrate.d.ts.map +1 -0
package/dist/migration/orchestrate.js +212 -0
package/dist/migration/orchestrate.js.map +1 -0
package/dist/migration/publication_store.d.ts +34 -0
package/dist/migration/publication_store.d.ts.map +1 -0
package/dist/migration/publication_store.js +44 -0
package/dist/migration/publication_store.js.map +1 -0
package/dist/migration/sign.d.ts +65 -0
package/dist/migration/sign.d.ts.map +1 -0
package/dist/migration/sign.js +331 -0
package/dist/migration/sign.js.map +1 -0
package/dist/migration/types.d.ts +92 -0
package/dist/migration/types.d.ts.map +1 -0
package/dist/migration/types.js +26 -0
package/dist/migration/types.js.map +1 -0
package/dist/reasoncodes.d.ts +42 -0
package/dist/reasoncodes.d.ts.map +1 -0
package/dist/reasoncodes.js +80 -0
package/dist/reasoncodes.js.map +1 -0
package/dist/recovery/bundle.d.ts +34 -0
package/dist/recovery/bundle.d.ts.map +1 -0
package/dist/recovery/bundle.js +144 -0
package/dist/recovery/bundle.js.map +1 -0
package/dist/recovery/bundle_crypto.d.ts +60 -0
package/dist/recovery/bundle_crypto.d.ts.map +1 -0
package/dist/recovery/bundle_crypto.js +179 -0
package/dist/recovery/bundle_crypto.js.map +1 -0
package/dist/recovery/bundle_store.d.ts +57 -0
package/dist/recovery/bundle_store.d.ts.map +1 -0
package/dist/recovery/bundle_store.js +104 -0
package/dist/recovery/bundle_store.js.map +1 -0
package/dist/recovery/index.d.ts +19 -0
package/dist/recovery/index.d.ts.map +1 -0
package/dist/recovery/index.js +19 -0
package/dist/recovery/index.js.map +1 -0
package/dist/recovery/manifest_crosscheck.d.ts +59 -0
package/dist/recovery/manifest_crosscheck.d.ts.map +1 -0
package/dist/recovery/manifest_crosscheck.js +59 -0
package/dist/recovery/manifest_crosscheck.js.map +1 -0
package/dist/recovery/shamir.d.ts +51 -0
package/dist/recovery/shamir.d.ts.map +1 -0
package/dist/recovery/shamir.js +181 -0
package/dist/recovery/shamir.js.map +1 -0
package/dist/recovery/sign.d.ts +61 -0
package/dist/recovery/sign.d.ts.map +1 -0
package/dist/recovery/sign.js +359 -0
package/dist/recovery/sign.js.map +1 -0
package/dist/recovery/types.d.ts +180 -0
package/dist/recovery/types.d.ts.map +1 -0
package/dist/recovery/types.js +31 -0
package/dist/recovery/types.js.map +1 -0
package/dist/reputation/abuse_report.d.ts +62 -0
package/dist/reputation/abuse_report.d.ts.map +1 -0
package/dist/reputation/abuse_report.js +111 -0
package/dist/reputation/abuse_report.js.map +1 -0
package/dist/reputation/bucketize.d.ts +31 -0
package/dist/reputation/bucketize.d.ts.map +1 -0
package/dist/reputation/bucketize.js +77 -0
package/dist/reputation/bucketize.js.map +1 -0
package/dist/reputation/gossip.d.ts +24 -0
package/dist/reputation/gossip.d.ts.map +1 -0
package/dist/reputation/gossip.js +64 -0
package/dist/reputation/gossip.js.map +1 -0
package/dist/reputation/gossip_fetch.d.ts +64 -0
package/dist/reputation/gossip_fetch.d.ts.map +1 -0
package/dist/reputation/gossip_fetch.js +114 -0
package/dist/reputation/gossip_fetch.js.map +1 -0
package/dist/reputation/index.d.ts +20 -0
package/dist/reputation/index.d.ts.map +1 -0
package/dist/reputation/index.js +20 -0
package/dist/reputation/index.js.map +1 -0
package/dist/reputation/observation_store.d.ts +67 -0
package/dist/reputation/observation_store.d.ts.map +1 -0
package/dist/reputation/observation_store.js +171 -0
package/dist/reputation/observation_store.js.map +1 -0
package/dist/reputation/pow.d.ts +91 -0
package/dist/reputation/pow.d.ts.map +1 -0
package/dist/reputation/pow.js +209 -0
package/dist/reputation/pow.js.map +1 -0
package/dist/reputation/sign.d.ts +40 -0
package/dist/reputation/sign.d.ts.map +1 -0
package/dist/reputation/sign.js +202 -0
package/dist/reputation/sign.js.map +1 -0
package/dist/reputation/types.d.ts +133 -0
package/dist/reputation/types.d.ts.map +1 -0
package/dist/reputation/types.js +33 -0
package/dist/reputation/types.js.map +1 -0
package/dist/reputation/whois.d.ts +25 -0
package/dist/reputation/whois.d.ts.map +1 -0
package/dist/reputation/whois.js +20 -0
package/dist/reputation/whois.js.map +1 -0
package/dist/seal/index.d.ts +8 -0
package/dist/seal/index.d.ts.map +1 -0
package/dist/seal/index.js +8 -0
package/dist/seal/index.js.map +1 -0
package/dist/seal/wrap.d.ts +74 -0
package/dist/seal/wrap.d.ts.map +1 -0
package/dist/seal/wrap.js +213 -0
package/dist/seal/wrap.js.map +1 -0
package/dist/session/dispatcher.d.ts +65 -0
package/dist/session/dispatcher.d.ts.map +1 -0
package/dist/session/dispatcher.js +96 -0
package/dist/session/dispatcher.js.map +1 -0
package/dist/session/index.d.ts +15 -0
package/dist/session/index.d.ts.map +1 -0
package/dist/session/index.js +15 -0
package/dist/session/index.js.map +1 -0
package/dist/session/rekey.d.ts +108 -0
package/dist/session/rekey.d.ts.map +1 -0
package/dist/session/rekey.js +207 -0
package/dist/session/rekey.js.map +1 -0
package/dist/session/rekey_seal.d.ts +66 -0
package/dist/session/rekey_seal.d.ts.map +1 -0
package/dist/session/rekey_seal.js +153 -0
package/dist/session/rekey_seal.js.map +1 -0
package/dist/session/resume.d.ts +125 -0
package/dist/session/resume.d.ts.map +1 -0
package/dist/session/resume.js +263 -0
package/dist/session/resume.js.map +1 -0
package/dist/session/session.d.ts +136 -0
package/dist/session/session.d.ts.map +1 -0
package/dist/session/session.js +188 -0
package/dist/session/session.js.map +1 -0
package/dist/transparency/index.d.ts +13 -0
package/dist/transparency/index.d.ts.map +1 -0
package/dist/transparency/index.js +13 -0
package/dist/transparency/index.js.map +1 -0
package/dist/transparency/log.d.ts +61 -0
package/dist/transparency/log.d.ts.map +1 -0
package/dist/transparency/log.js +133 -0
package/dist/transparency/log.js.map +1 -0
package/dist/transparency/merkle.d.ts +59 -0
package/dist/transparency/merkle.d.ts.map +1 -0
package/dist/transparency/merkle.js +314 -0
package/dist/transparency/merkle.js.map +1 -0
package/dist/transparency/sign.d.ts +48 -0
package/dist/transparency/sign.d.ts.map +1 -0
package/dist/transparency/sign.js +140 -0
package/dist/transparency/sign.js.map +1 -0
package/dist/transparency/types.d.ts +97 -0
package/dist/transparency/types.d.ts.map +1 -0
package/dist/transparency/types.js +25 -0
package/dist/transparency/types.js.map +1 -0
package/dist/transport/h2.d.ts +163 -0
package/dist/transport/h2.d.ts.map +1 -0
package/dist/transport/h2.js +397 -0
package/dist/transport/h2.js.map +1 -0
package/dist/transport/index.d.ts +15 -0
package/dist/transport/index.d.ts.map +1 -0
package/dist/transport/index.js +15 -0
package/dist/transport/index.js.map +1 -0
package/dist/transport/memory.d.ts +21 -0
package/dist/transport/memory.d.ts.map +1 -0
package/dist/transport/memory.js +112 -0
package/dist/transport/memory.js.map +1 -0
package/dist/transport/transport.d.ts +54 -0
package/dist/transport/transport.d.ts.map +1 -0
package/dist/transport/transport.js +20 -0
package/dist/transport/transport.js.map +1 -0
package/dist/transport/ws.d.ts +40 -0
package/dist/transport/ws.d.ts.map +1 -0
package/dist/transport/ws.js +204 -0
package/dist/transport/ws.js.map +1 -0
package/package.json +147 -0

package/dist/transparency/sign.js ADDED Viewed

@@ -0,0 +1,140 @@
+/**
+ * STH signing + verification + freshness checks per
+ * TRANSPARENCY.md §2.3.
+ *
+ * @module
+ */
+import { signSignedDoc, verifySignedDoc } from "../keys/index.js";
+import { MaxSTHFreshnessMs, } from "./types.js";
+/** Domain-separation prefix per ENVELOPE.md §4.3. */
+export const TransparencySTHPrefix = "SEMP-TRANSPARENCY-STH:";
+/** Only signature algorithm defined for STH signatures. */
+export const SignatureAlgorithmEd25519 = "ed25519";
+/**
+ * Build and Ed25519-sign an STH per §2.3. Pre-populates
+ * `signature.{algorithm,key_id}` so the canonical bytes cover them
+ * (defense against algorithm/issuer downgrade).
+ */
+export function signSTH(input) {
+    if (input.domainKeyId === "") {
+        throw new Error("transparency: empty domain key_id");
+    }
+    validateSTH(input.sth);
+    const preSign = {
+        ...input.sth,
+        signature: {
+            algorithm: SignatureAlgorithmEd25519,
+            key_id: input.domainKeyId,
+            value: "",
+        },
+    };
+    const { signedJSON, signatureB64 } = signSignedDoc({
+        preSignJSON: preSign,
+        seed: input.domainSigningSeed,
+        signaturePath: "signature.value",
+        prefix: TransparencySTHPrefix,
+    });
+    return {
+        sth: signedJSON,
+        signatureB64,
+    };
+}
+/**
+ * Ed25519-verify an STH's signature against `domainPub`. Returns
+ * true on success. Does NOT enforce staleness; pair with
+ * {@link checkSTHFresh} for the §2.3 1-hour bound.
+ */
+export function verifySTH(sth, domainPub) {
+    validateSTH(sth);
+    if (sth.signature.value === "") {
+        return false;
+    }
+    const { ok } = verifySignedDoc({
+        signedJSON: sth,
+        publicKey: domainPub,
+        signaturePath: "signature.value",
+        prefix: TransparencySTHPrefix,
+    });
+    return ok;
+}
+/**
+ * Enforce §2.3 freshness: reject STHs whose timestamp is more than
+ * {@link MaxSTHFreshnessMs} old. Returns true when the STH is
+ * fresh under the supplied `now`.
+ */
+export function checkSTHFresh(sth, now) {
+    const ts = Date.parse(sth.timestamp);
+    if (Number.isNaN(ts)) {
+        return false;
+    }
+    return now.getTime() - ts <= MaxSTHFreshnessMs;
+}
+/** Structural validation of `sth` per §2.3. Throws on first violation. */
+export function validateSTH(sth) {
+    if (!Number.isInteger(sth.log_size) || sth.log_size < 0) {
+        throw new Error(`transparency: STH log_size ${sth.log_size} MUST be >= 0`);
+    }
+    if (typeof sth.root_hash !== "string" || sth.root_hash === "") {
+        throw new Error("transparency: STH missing root_hash");
+    }
+    if (typeof sth.timestamp !== "string" || sth.timestamp === "") {
+        throw new Error("transparency: STH missing timestamp");
+    }
+    if (Number.isNaN(Date.parse(sth.timestamp))) {
+        throw new Error("transparency: STH timestamp is not ISO 8601");
+    }
+    if (typeof sth.signature?.algorithm !== "string") {
+        throw new Error("transparency: STH missing signature.algorithm");
+    }
+    if (typeof sth.signature?.key_id !== "string") {
+        throw new Error("transparency: STH missing signature.key_id");
+    }
+    if (typeof sth.signature?.value !== "string") {
+        throw new Error("transparency: STH signature.value must be a string");
+    }
+}
+/** Structural validation of a {@link LogEntry} per §2.2. Throws on first violation. */
+export function validateLogEntry(e) {
+    if (e.event !== "publish" && e.event !== "rotate" && e.event !== "revoke") {
+        throw new Error(`transparency: log entry event ${JSON.stringify(e.event)} is invalid`);
+    }
+    for (const f of ["user_id", "key_id", "algorithm", "public_key"]) {
+        if (typeof e[f] !== "string" || e[f] === "") {
+            throw new Error(`transparency: log entry missing ${f}`);
+        }
+    }
+    if (e.key_type !== "identity" && e.key_type !== "encryption") {
+        throw new Error(`transparency: log entry key_type ${JSON.stringify(e.key_type)} is invalid`);
+    }
+    if (typeof e.created !== "string" || e.created === "" || Number.isNaN(Date.parse(e.created))) {
+        throw new Error("transparency: log entry missing or invalid created");
+    }
+    if (typeof e.log_timestamp !== "string" ||
+        e.log_timestamp === "" ||
+        Number.isNaN(Date.parse(e.log_timestamp))) {
+        throw new Error("transparency: log entry missing or invalid log_timestamp");
+    }
+    switch (e.event) {
+        case "rotate":
+            if (e.supersedes === undefined || e.supersedes === null || e.supersedes === "") {
+                throw new Error("transparency: rotate event MUST set supersedes");
+            }
+            break;
+        case "publish":
+            if (e.supersedes !== undefined && e.supersedes !== null && e.supersedes !== "") {
+                throw new Error("transparency: publish event MUST NOT set supersedes");
+            }
+            break;
+        case "revoke":
+            if (e.revoked_at === undefined || e.revoked_at === null || e.revoked_at === "") {
+                throw new Error("transparency: revoke event MUST set revoked_at");
+            }
+            if (e.revoked_reason === undefined ||
+                e.revoked_reason === null ||
+                e.revoked_reason === "") {
+                throw new Error("transparency: revoke event MUST set revoked_reason");
+            }
+            break;
+    }
+}
+//# sourceMappingURL=sign.js.map

package/dist/transparency/sign.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"sign.js","sourceRoot":"","sources":["../../src/transparency/sign.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAElE,OAAO,EAGL,iBAAiB,GAClB,MAAM,YAAY,CAAC;AAEpB,qDAAqD;AACrD,MAAM,CAAC,MAAM,qBAAqB,GAAG,wBAAwB,CAAC;AAE9D,2DAA2D;AAC3D,MAAM,CAAC,MAAM,yBAAyB,GAAG,SAAS,CAAC;AAkBnD;;;;GAIG;AACH,MAAM,UAAU,OAAO,CAAC,KAAmB;IACzC,IAAI,KAAK,CAAC,WAAW,KAAK,EAAE,EAAE,CAAC;QAC7B,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;IACvD,CAAC;IACD,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAEvB,MAAM,OAAO,GAAmB;QAC9B,GAAG,KAAK,CAAC,GAAG;QACZ,SAAS,EAAE;YACT,SAAS,EAAE,yBAAyB;YACpC,MAAM,EAAE,KAAK,CAAC,WAAW;YACzB,KAAK,EAAE,EAAE;SACV;KACF,CAAC;IACF,MAAM,EAAE,UAAU,EAAE,YAAY,EAAE,GAAG,aAAa,CAAC;QACjD,WAAW,EAAE,OAA6C;QAC1D,IAAI,EAAE,KAAK,CAAC,iBAAiB;QAC7B,aAAa,EAAE,iBAAiB;QAChC,MAAM,EAAE,qBAAqB;KAC9B,CAAC,CAAC;IACH,OAAO;QACL,GAAG,EAAE,UAAuC;QAC5C,YAAY;KACb,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,SAAS,CACvB,GAAmB,EACnB,SAAqB;IAErB,WAAW,CAAC,GAAG,CAAC,CAAC;IACjB,IAAI,GAAG,CAAC,SAAS,CAAC,KAAK,KAAK,EAAE,EAAE,CAAC;QAC/B,OAAO,KAAK,CAAC;IACf,CAAC;IACD,MAAM,EAAE,EAAE,EAAE,GAAG,eAAe,CAAC;QAC7B,UAAU,EAAE,GAAyC;QACrD,SAAS,EAAE,SAAS;QACpB,aAAa,EAAE,iBAAiB;QAChC,MAAM,EAAE,qBAAqB;KAC9B,CAAC,CAAC;IACH,OAAO,EAAE,CAAC;AACZ,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,aAAa,CAAC,GAAmB,EAAE,GAAS;IAC1D,MAAM,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACrC,IAAI,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC;QACrB,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,GAAG,CAAC,OAAO,EAAE,GAAG,EAAE,IAAI,iBAAiB,CAAC;AACjD,CAAC;AAED,0EAA0E;AAC1E,MAAM,UAAU,WAAW,CAAC,GAAmB;IAC7C,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,QAAQ,GAAG,CAAC,EAAE,CAAC;QACxD,MAAM,IAAI,KAAK,CAAC,8BAA8B,GAAG,CAAC,QAAQ,eAAe,CAAC,CAAC;IAC7E,CAAC;IACD,IAAI,OAAO,GAAG,CAAC,SAAS,KAAK,QAAQ,IAAI,GAAG,CAAC,SAAS,KAAK,EAAE,EAAE,CAAC;QAC9D,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;IACzD,CAAC;IACD,IAAI,OAAO,GAAG,CAAC,SAAS,KAAK,QAAQ,IAAI,GAAG,CAAC,SAAS,KAAK,EAAE,EAAE,CAAC;QAC9D,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;IACzD,CAAC;IACD,IAAI,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC;QAC5C,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IACjE,CAAC;IACD,IAAI,OAAO,GAAG,CAAC,SAAS,EAAE,SAAS,KAAK,QAAQ,EAAE,CAAC;QACjD,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;IACnE,CAAC;IACD,IAAI,OAAO,GAAG,CAAC,SAAS,EAAE,MAAM,KAAK,QAAQ,EAAE,CAAC;QAC9C,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;IAChE,CAAC;IACD,IAAI,OAAO,GAAG,CAAC,SAAS,EAAE,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC7C,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;IACxE,CAAC;AACH,CAAC;AAED,uFAAuF;AACvF,MAAM,UAAU,gBAAgB,CAAC,CAAW;IAC1C,IAAI,CAAC,CAAC,KAAK,KAAK,SAAS,IAAI,CAAC,CAAC,KAAK,KAAK,QAAQ,IAAI,CAAC,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC1E,MAAM,IAAI,KAAK,CAAC,iCAAiC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;IACzF,CAAC;IACD,KAAK,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,QAAQ,EAAE,WAAW,EAAE,YAAY,CAAU,EAAE,CAAC;QAC1E,IAAI,OAAO,CAAC,CAAC,CAAC,CAAC,KAAK,QAAQ,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC;YAC5C,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,EAAE,CAAC,CAAC;QAC1D,CAAC;IACH,CAAC;IACD,IAAI,CAAC,CAAC,QAAQ,KAAK,UAAU,IAAI,CAAC,CAAC,QAAQ,KAAK,YAAY,EAAE,CAAC;QAC7D,MAAM,IAAI,KAAK,CACb,oCAAoC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,CAC5E,CAAC;IACJ,CAAC;IACD,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,QAAQ,IAAI,CAAC,CAAC,OAAO,KAAK,EAAE,IAAI,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;QAC7F,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;IACxE,CAAC;IACD,IACE,OAAO,CAAC,CAAC,aAAa,KAAK,QAAQ;QACnC,CAAC,CAAC,aAAa,KAAK,EAAE;QACtB,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,EACzC,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAC;IAC9E,CAAC;IACD,QAAQ,CAAC,CAAC,KAAK,EAAE,CAAC;QAChB,KAAK,QAAQ;YACX,IAAI,CAAC,CAAC,UAAU,KAAK,SAAS,IAAI,CAAC,CAAC,UAAU,KAAK,IAAI,IAAI,CAAC,CAAC,UAAU,KAAK,EAAE,EAAE,CAAC;gBAC/E,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;YACpE,CAAC;YACD,MAAM;QACR,KAAK,SAAS;YACZ,IAAI,CAAC,CAAC,UAAU,KAAK,SAAS,IAAI,CAAC,CAAC,UAAU,KAAK,IAAI,IAAI,CAAC,CAAC,UAAU,KAAK,EAAE,EAAE,CAAC;gBAC/E,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;YACzE,CAAC;YACD,MAAM;QACR,KAAK,QAAQ;YACX,IAAI,CAAC,CAAC,UAAU,KAAK,SAAS,IAAI,CAAC,CAAC,UAAU,KAAK,IAAI,IAAI,CAAC,CAAC,UAAU,KAAK,EAAE,EAAE,CAAC;gBAC/E,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;YACpE,CAAC;YACD,IACE,CAAC,CAAC,cAAc,KAAK,SAAS;gBAC9B,CAAC,CAAC,cAAc,KAAK,IAAI;gBACzB,CAAC,CAAC,cAAc,KAAK,EAAE,EACvB,CAAC;gBACD,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;YACxE,CAAC;YACD,MAAM;IACV,CAAC;AACH,CAAC"}

package/dist/transparency/types.d.ts ADDED Viewed

@@ -0,0 +1,97 @@
+/**
+ * Wire-record types for SEMP key transparency per TRANSPARENCY.md.
+ *
+ * A domain supporting key transparency maintains a single
+ * append-only RFC 6962 Merkle tree of key events. Clients fetching
+ * keys augment the response with a Signed Tree Head (STH) and an
+ * inclusion proof so a third party can verify the published key
+ * matches the same key the domain has shown to every other client.
+ *
+ * @module
+ */
+/** Wire format version for log entries. */
+export declare const LogEntryVersion = "1.0.0";
+/** Wire format version for signed tree heads. */
+export declare const SignedTreeHeadVersion = "1.0.0";
+/** RFC 6962 leaf domain-separation byte. */
+export declare const LeafPrefix = 0;
+/** RFC 6962 interior-node domain-separation byte. */
+export declare const InteriorPrefix = 1;
+/**
+ * STH staleness ceiling per §2.3 — verifiers reject STHs whose
+ * timestamp is more than this old.
+ */
+export declare const MaxSTHFreshnessMs: number;
+/** Kind of key event recorded as a leaf, per §2.2. */
+export type LogEntryEvent = "publish" | "rotate" | "revoke";
+/** SEMP key kind being recorded, per §2.2 + KEY.md §1. */
+export type LogKeyType = "identity" | "encryption";
+/**
+ * One leaf of the transparency Merkle tree per §2.2. Insertion
+ * order is the leaf's position; the log MUST NOT remove or
+ * reorder leaves.
+ */
+export interface LogEntry {
+    event: LogEntryEvent;
+    user_id: string;
+    key_id: string;
+    key_type: LogKeyType;
+    algorithm: string;
+    /** Base64-encoded public key. */
+    public_key: string;
+    /** ISO 8601 UTC timestamp. */
+    created: string;
+    /** ISO 8601 UTC; nullable. */
+    expires?: string | null;
+    /** Populated only on `revoke`. */
+    revoked_at?: string | null;
+    /** Populated only on `revoke`. */
+    revoked_reason?: string | null;
+    /** Populated only on `rotate` — names the key being rotated out. */
+    supersedes?: string | null;
+    /** ISO 8601 UTC; the log's timestamp for this insertion. */
+    log_timestamp: string;
+}
+/** Reusable signature block per §2.3. */
+export interface TransparencySignature {
+    algorithm: string;
+    key_id: string;
+    /** Base64 signature. */
+    value: string;
+}
+/**
+ * Periodic published commitment per §2.3. Domains MUST publish a
+ * fresh STH at least every hour; verifiers reject STHs older than
+ * {@link MaxSTHFreshnessMs}.
+ */
+export interface SignedTreeHead {
+    log_size: number;
+    /** Base64 of the 32-byte SHA-256 root. */
+    root_hash: string;
+    /** ISO 8601 UTC timestamp. */
+    timestamp: string;
+    signature: TransparencySignature;
+}
+/**
+ * §3.1 proof that `leaf_hash` sits at `leaf_index` in a tree of
+ * size `log_size` whose root is published by an STH.
+ */
+export interface InclusionProof {
+    log_size: number;
+    /** Base64 of 32-byte SHA-256 leaf hash. */
+    leaf_hash: string;
+    leaf_index: number;
+    /** Base64 sibling hashes, root-ward order. */
+    path: string[];
+}
+/**
+ * §3.2 proof that the tree of size `from_size` is a prefix of the
+ * tree of size `to_size`.
+ */
+export interface ConsistencyProof {
+    from_size: number;
+    to_size: number;
+    /** Base64 hashes per RFC 6962 §2.1.2. */
+    path: string[];
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/transparency/types.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/transparency/types.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,2CAA2C;AAC3C,eAAO,MAAM,eAAe,UAAU,CAAC;AAEvC,iDAAiD;AACjD,eAAO,MAAM,qBAAqB,UAAU,CAAC;AAE7C,4CAA4C;AAC5C,eAAO,MAAM,UAAU,IAAO,CAAC;AAE/B,qDAAqD;AACrD,eAAO,MAAM,cAAc,IAAO,CAAC;AAEnC;;;GAGG;AACH,eAAO,MAAM,iBAAiB,QAAiB,CAAC;AAEhD,sDAAsD;AACtD,MAAM,MAAM,aAAa,GAAG,SAAS,GAAG,QAAQ,GAAG,QAAQ,CAAC;AAE5D,0DAA0D;AAC1D,MAAM,MAAM,UAAU,GAAG,UAAU,GAAG,YAAY,CAAC;AAEnD;;;;GAIG;AACH,MAAM,WAAW,QAAQ;IACvB,KAAK,EAAE,aAAa,CAAC;IACrB,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,UAAU,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;IAClB,iCAAiC;IACjC,UAAU,EAAE,MAAM,CAAC;IACnB,8BAA8B;IAC9B,OAAO,EAAE,MAAM,CAAC;IAChB,8BAA8B;IAC9B,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,kCAAkC;IAClC,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,kCAAkC;IAClC,cAAc,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC/B,oEAAoE;IACpE,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,4DAA4D;IAC5D,aAAa,EAAE,MAAM,CAAC;CACvB;AAED,yCAAyC;AACzC,MAAM,WAAW,qBAAqB;IACpC,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,wBAAwB;IACxB,KAAK,EAAE,MAAM,CAAC;CACf;AAED;;;;GAIG;AACH,MAAM,WAAW,cAAc;IAC7B,QAAQ,EAAE,MAAM,CAAC;IACjB,0CAA0C;IAC1C,SAAS,EAAE,MAAM,CAAC;IAClB,8BAA8B;IAC9B,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,qBAAqB,CAAC;CAClC;AAED;;;GAGG;AACH,MAAM,WAAW,cAAc;IAC7B,QAAQ,EAAE,MAAM,CAAC;IACjB,2CAA2C;IAC3C,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,8CAA8C;IAC9C,IAAI,EAAE,MAAM,EAAE,CAAC;CAChB;AAED;;;GAGG;AACH,MAAM,WAAW,gBAAgB;IAC/B,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,yCAAyC;IACzC,IAAI,EAAE,MAAM,EAAE,CAAC;CAChB"}

package/dist/transparency/types.js ADDED Viewed

@@ -0,0 +1,25 @@
+/**
+ * Wire-record types for SEMP key transparency per TRANSPARENCY.md.
+ *
+ * A domain supporting key transparency maintains a single
+ * append-only RFC 6962 Merkle tree of key events. Clients fetching
+ * keys augment the response with a Signed Tree Head (STH) and an
+ * inclusion proof so a third party can verify the published key
+ * matches the same key the domain has shown to every other client.
+ *
+ * @module
+ */
+/** Wire format version for log entries. */
+export const LogEntryVersion = "1.0.0";
+/** Wire format version for signed tree heads. */
+export const SignedTreeHeadVersion = "1.0.0";
+/** RFC 6962 leaf domain-separation byte. */
+export const LeafPrefix = 0x00;
+/** RFC 6962 interior-node domain-separation byte. */
+export const InteriorPrefix = 0x01;
+/**
+ * STH staleness ceiling per §2.3 — verifiers reject STHs whose
+ * timestamp is more than this old.
+ */
+export const MaxSTHFreshnessMs = 60 * 60 * 1000;
+//# sourceMappingURL=types.js.map

package/dist/transparency/types.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/transparency/types.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,2CAA2C;AAC3C,MAAM,CAAC,MAAM,eAAe,GAAG,OAAO,CAAC;AAEvC,iDAAiD;AACjD,MAAM,CAAC,MAAM,qBAAqB,GAAG,OAAO,CAAC;AAE7C,4CAA4C;AAC5C,MAAM,CAAC,MAAM,UAAU,GAAG,IAAI,CAAC;AAE/B,qDAAqD;AACrD,MAAM,CAAC,MAAM,cAAc,GAAG,IAAI,CAAC;AAEnC;;;GAGG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC"}

package/dist/transport/h2.d.ts ADDED Viewed

@@ -0,0 +1,163 @@
+/**
+ * HTTP/2 transport binding per TRANSPORT.md §4.2.
+ *
+ * Unlike WebSocket — which gives us a single bidirectional pipe —
+ * the SEMP HTTP/2 binding is a collection of HTTP endpoints with
+ * path-based routing:
+ *
+ *  - `POST /v1/discovery`     — discovery lookup
+ *  - `POST /v1/keys`          — key request
+ *  - `POST /v1/handshake`     — handshake step
+ *  - `POST /v1/envelope`      — envelope submit
+ *  - `POST /v1/session/{id}`  — long-lived bidirectional session
+ *                                stream (server pushes via SSE,
+ *                                client posts additional messages
+ *                                to the same URL)
+ *
+ * This module exposes:
+ *
+ *  - {@link h2Post}: a typed JSON POST helper for the four
+ *    request/response endpoints. Surfaces the `Semp-Session-Id`
+ *    response header to the caller.
+ *  - {@link dialH2Session}: opens a long-lived POST to
+ *    `/v1/session/{id}` and returns a {@link Transport} whose
+ *    `receive()` reads SSE events from the open stream and `send()`
+ *    POSTs additional messages to the same URL.
+ *  - {@link encodeSSE} / {@link decodeSSE}: encode/decode helpers
+ *    for callers that want to roll their own.
+ *
+ * @module
+ */
+import type { DialOptions, Transport } from "./transport.js";
+/** Header name the server sets on its response to handshake init. */
+export declare const SempSessionIdHeader = "Semp-Session-Id";
+/**
+ * Minimal subset of the WHATWG fetch surface this module depends on.
+ * Both Node 22+ and browsers ship `fetch` matching this shape. Tests
+ * pass a fake to drive deterministic responses.
+ */
+export type H2FetchLike = (url: string, init: {
+    method: string;
+    headers: Record<string, string>;
+    body?: Uint8Array | string;
+    signal?: AbortSignal;
+}) => Promise<H2Response>;
+/** Minimal Response surface this module consumes. */
+export interface H2Response {
+    ok: boolean;
+    status: number;
+    headers: {
+        get(name: string): string | null;
+    };
+    /** Returns the full body as bytes. Used for one-shot request/response calls. */
+    arrayBuffer(): Promise<ArrayBuffer>;
+    /**
+     * Async byte stream. Used for long-lived SSE session streams. May be
+     * undefined for stub responses; in production it is the
+     * `Response.body` `ReadableStream<Uint8Array>` (Node 22+ + browsers
+     * support `for await` on this directly).
+     */
+    body?: AsyncIterable<Uint8Array> | {
+        getReader(): {
+            read(): Promise<{
+                done: boolean;
+                value?: Uint8Array;
+            }>;
+        };
+    } | null;
+}
+/** Inputs to {@link h2Post}. */
+export interface H2PostOptions extends DialOptions {
+    /** Override the fetch implementation. Defaults to `globalThis.fetch`. */
+    fetchImpl?: H2FetchLike;
+    /**
+     * `Semp-Session-Id` header to include on the request. Set on
+     * subsequent handshake steps so the server can correlate them with
+     * the session it minted in step 1.
+     */
+    sessionId?: string;
+    /** Additional headers to merge in. */
+    headers?: Record<string, string>;
+}
+/** Result of a successful {@link h2Post}. */
+export interface H2PostResult {
+    /** Decoded response body. */
+    body: Uint8Array;
+    /** HTTP status (always 2xx for `h2Post` resolutions). */
+    status: number;
+    /** `Semp-Session-Id` response header, if any. */
+    sessionId: string | null;
+}
+/**
+ * POST a SEMP message to one of the request/response endpoints
+ * (`/v1/handshake`, `/v1/keys`, `/v1/envelope`, `/v1/discovery`).
+ * Resolves with the response body and the `Semp-Session-Id` header.
+ *
+ * Translates HTTP status codes per §4.2.2:
+ *  - 2xx: resolves successfully.
+ *  - 400, 413, 429, 503: rejects with a structured error.
+ *  - other non-2xx: rejects with the status as the message.
+ */
+export declare function h2Post(url: string, message: Uint8Array, opts?: H2PostOptions): Promise<H2PostResult>;
+/** Inputs to {@link dialH2Session}. */
+export interface DialH2SessionOptions extends DialOptions {
+    /** Override the fetch implementation. Defaults to `globalThis.fetch`. */
+    fetchImpl?: H2FetchLike;
+    /**
+     * URL of the session endpoint, including the session id segment —
+     * for example `https://semp.example.com/v1/session/01J...`. The
+     * caller composes this from the configuration's
+     * `endpoints.client.h2` base + the session id.
+     */
+    sessionUrl: string;
+    /**
+     * Optional initial body for the long-lived POST. Per §4.2.4 the
+     * client opens a POST to `/v1/session/{id}`; the body is empty by
+     * default but the caller MAY pass a stream of pre-buffered messages.
+     */
+    initialBody?: Uint8Array;
+}
+/**
+ * Open a long-lived POST to the session URL and return a
+ * {@link Transport} whose `receive()` reads SSE events from that
+ * response and `send()` POSTs additional messages to the same URL.
+ *
+ * Per TRANSPORT.md §4.2.4: each `data:` line in the response carries
+ * a complete SEMP JSON message; blank lines delimit events.
+ */
+export declare function dialH2Session(opts: DialH2SessionOptions): Promise<Transport>;
+/**
+ * Encode a single SEMP message as an SSE event. Each line in the
+ * message body produces a `data:` line; the event is terminated with
+ * a single blank line.
+ *
+ * The encoder normalizes CR / CRLF line terminators to LF before
+ * emitting each `data:` line. SEMP payloads are JSON documents whose
+ * control bytes are escaped (`\r`, `\n`), so the wire form never
+ * actually carries a literal CR or LF — but be defensive.
+ */
+export declare function encodeSSE(message: string): string;
+/**
+ * Decode SSE events from a string buffer. Each call returns the next
+ * complete event's `data` payload (or `null` if no complete event is
+ * buffered yet). Stateful — the buffer accumulates partial input.
+ */
+export declare class SSEDecoder {
+    private buffer;
+    private dataLines;
+    /** Append more bytes to the buffer. */
+    push(chunk: string): void;
+    /**
+     * Return the data payload of the next complete event, or `null` if
+     * none is buffered. Repeatedly call until `null` to drain.
+     */
+    next(): string | null;
+    /**
+     * Flush any pending data lines as a final event. Called on EOF when
+     * the underlying stream ends without a trailing blank line.
+     */
+    flush(): string | null;
+}
+/** Decode all events present in a complete (already-buffered) SSE blob. */
+export declare function decodeSSE(blob: string): string[];
+//# sourceMappingURL=h2.d.ts.map

package/dist/transport/h2.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"h2.d.ts","sourceRoot":"","sources":["../../src/transport/h2.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAE7D,qEAAqE;AACrE,eAAO,MAAM,mBAAmB,oBAAoB,CAAC;AAErD;;;;GAIG;AACH,MAAM,MAAM,WAAW,GAAG,CACxB,GAAG,EAAE,MAAM,EACX,IAAI,EAAE;IACJ,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC,IAAI,CAAC,EAAE,UAAU,GAAG,MAAM,CAAC;IAC3B,MAAM,CAAC,EAAE,WAAW,CAAC;CACtB,KACE,OAAO,CAAC,UAAU,CAAC,CAAC;AAEzB,qDAAqD;AACrD,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,OAAO,CAAC;IACZ,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE;QAAE,GAAG,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAAA;KAAE,CAAC;IAC9C,gFAAgF;IAChF,WAAW,IAAI,OAAO,CAAC,WAAW,CAAC,CAAC;IACpC;;;;;OAKG;IACH,IAAI,CAAC,EACD,aAAa,CAAC,UAAU,CAAC,GACzB;QAAE,SAAS,IAAI;YAAE,IAAI,IAAI,OAAO,CAAC;gBAAE,IAAI,EAAE,OAAO,CAAC;gBAAC,KAAK,CAAC,EAAE,UAAU,CAAA;aAAE,CAAC,CAAA;SAAE,CAAA;KAAE,GAC3E,IAAI,CAAC;CACV;AAKD,gCAAgC;AAChC,MAAM,WAAW,aAAc,SAAQ,WAAW;IAChD,yEAAyE;IACzE,SAAS,CAAC,EAAE,WAAW,CAAC;IACxB;;;;OAIG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,sCAAsC;IACtC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAClC;AAED,6CAA6C;AAC7C,MAAM,WAAW,YAAY;IAC3B,6BAA6B;IAC7B,IAAI,EAAE,UAAU,CAAC;IACjB,yDAAyD;IACzD,MAAM,EAAE,MAAM,CAAC;IACf,iDAAiD;IACjD,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;CAC1B;AAED;;;;;;;;;GASG;AACH,wBAAsB,MAAM,CAC1B,GAAG,EAAE,MAAM,EACX,OAAO,EAAE,UAAU,EACnB,IAAI,GAAE,aAAkB,GACvB,OAAO,CAAC,YAAY,CAAC,CAsCvB;AAoBD,uCAAuC;AACvC,MAAM,WAAW,oBAAqB,SAAQ,WAAW;IACvD,yEAAyE;IACzE,SAAS,CAAC,EAAE,WAAW,CAAC;IACxB;;;;;OAKG;IACH,UAAU,EAAE,MAAM,CAAC;IACnB;;;;OAIG;IACH,WAAW,CAAC,EAAE,UAAU,CAAC;CAC1B;AAED;;;;;;;GAOG;AACH,wBAAsB,aAAa,CACjC,IAAI,EAAE,oBAAoB,GACzB,OAAO,CAAC,SAAS,CAAC,CAmFpB;AAKD;;;;;;;;;GASG;AACH,wBAAgB,SAAS,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAQjD;AA0BD;;;;GAIG;AACH,qBAAa,UAAU;IACrB,OAAO,CAAC,MAAM,CAAM;IACpB,OAAO,CAAC,SAAS,CAAgB;IAEjC,uCAAuC;IACvC,IAAI,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI;IAIzB;;;OAGG;IACH,IAAI,IAAI,MAAM,GAAG,IAAI;IA6CrB;;;OAGG;IACH,KAAK,IAAI,MAAM,GAAG,IAAI;CAQvB;AAED,2EAA2E;AAC3E,wBAAgB,SAAS,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,EAAE,CAgBhD"}