@sphereon/ssi-sdk.mdl-mdoc 0.33.1-feature.vcdm2.tsup.31 → 0.33.1-next.2

package/dist/functions/index.js

@@ -0,0 +1,260 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.X509CallbackService = exports.CoseCryptoService = void 0;
+const kmp_mdoc_core_1 = require("@sphereon/kmp-mdoc-core");
+const ssi_sdk_ext_key_utils_1 = require("@sphereon/ssi-sdk-ext.key-utils");
+const ssi_sdk_ext_x509_utils_1 = require("@sphereon/ssi-sdk-ext.x509-utils");
+const crypto = __importStar(require("crypto"));
+const pkijs_1 = require("pkijs");
+const u8a = __importStar(require("uint8arrays"));
+var CoseKeyCbor = kmp_mdoc_core_1.com.sphereon.crypto.cose.CoseKeyCbor;
+var CoseJoseKeyMappingService = kmp_mdoc_core_1.com.sphereon.crypto.CoseJoseKeyMappingService;
+var DefaultCallbacks = kmp_mdoc_core_1.com.sphereon.crypto.DefaultCallbacks;
+var SignatureAlgorithm = kmp_mdoc_core_1.com.sphereon.crypto.generic.SignatureAlgorithm;
+var KeyInfo = kmp_mdoc_core_1.com.sphereon.crypto.KeyInfo;
+var ResolvedKeyInfo = kmp_mdoc_core_1.com.sphereon.crypto.ResolvedKeyInfo;
+var DateTimeUtils = kmp_mdoc_core_1.com.sphereon.kmp.DateTimeUtils;
+var decodeFrom = kmp_mdoc_core_1.com.sphereon.kmp.decodeFrom;
+var encodeTo = kmp_mdoc_core_1.com.sphereon.kmp.encodeTo;
+var Encoding = kmp_mdoc_core_1.com.sphereon.kmp.Encoding;
+class CoseCryptoService {
+    constructor(context) {
+        this.context = context;
+    }
+    setContext(context) {
+        this.context = context;
+    }
+    signAsync(input, requireX5Chain) {
+        return __awaiter(this, void 0, void 0, function* () {
+            var _a, _b, _c;
+            if (!this.context) {
+                throw Error('No context provided. Please provide a context with the setContext method or constructor');
+            }
+            const { keyInfo, alg, value } = input;
+            let kmsKeyRef = (_a = keyInfo.kmsKeyRef) !== null && _a !== void 0 ? _a : undefined;
+            if (!kmsKeyRef) {
+                const key = keyInfo.key;
+                if (key == null) {
+                    return Promise.reject(Error('No key present in keyInfo. This implementation cannot sign without a key!'));
+                }
+                const resolvedKeyInfo = ResolvedKeyInfo.Static.fromKeyInfo(keyInfo, key);
+                const jwkKeyInfo = CoseJoseKeyMappingService.toResolvedJwkKeyInfo(resolvedKeyInfo);
+                const kid = (_c = (_b = jwkKeyInfo.kid) !== null && _b !== void 0 ? _b : (0, ssi_sdk_ext_key_utils_1.calculateJwkThumbprint)({ jwk: jwkKeyInfo.key.toJsonDTO() })) !== null && _c !== void 0 ? _c : jwkKeyInfo.key.getKidAsString(true);
+                if (!kid) {
+                    return Promise.reject(Error('No kid present and not kmsKeyRef provided'));
+                }
+                kmsKeyRef = kid;
+            }
+            const result = yield this.context.agent.keyManagerSign({
+                algorithm: alg.jose.value,
+                data: encodeTo(value, Encoding.UTF8),
+                encoding: 'utf-8',
+                keyRef: kmsKeyRef,
+            });
+            return decodeFrom(result, Encoding.UTF8);
+        });
+    }
+    verify1Async(input, keyInfo, requireX5Chain) {
+        return __awaiter(this, void 0, void 0, function* () {
+            var _a, _b, _c, _d, _e, _f, _g, _h, _j, _k, _l, _m, _o;
+            const getCertAndKey = (x5c) => __awaiter(this, void 0, void 0, function* () {
+                if (requireX5Chain && (!x5c || x5c.length === 0)) {
+                    // We should not be able to get here anyway, as the MLD-mdoc library already validated at this point. But let's make sure
+                    return Promise.reject(new Error(`No x5chain was present in the CoseSign headers!`));
+                }
+                // TODO: According to the IETF spec there should be a x5t in case the x5chain is in the protected headers. In the Funke this does not seem to be done/used!
+                issuerCert = x5c ? (0, ssi_sdk_ext_x509_utils_1.pemOrDerToX509Certificate)(x5c[0]) : undefined;
+                let issuerJwk;
+                if (issuerCert) {
+                    const info = yield (0, ssi_sdk_ext_x509_utils_1.getCertificateInfo)(issuerCert);
+                    issuerJwk = info.publicKeyJWK;
+                }
+                return { issuerCert, issuerJwk };
+            });
+            const coseKeyInfo = CoseJoseKeyMappingService.toCoseKeyInfo(keyInfo);
+            if ((_a = coseKeyInfo === null || coseKeyInfo === void 0 ? void 0 : coseKeyInfo.key) === null || _a === void 0 ? void 0 : _a.d) {
+                throw Error('Do not use private keys to verify!');
+            }
+            else if (!((_b = input.payload) === null || _b === void 0 ? void 0 : _b.value)) {
+                return Promise.reject(Error('Signature validation without payload not supported'));
+            }
+            const sign1Json = input.toJson(); // Let's make it a bit easier on ourselves, instead of working with CBOR
+            const coseAlg = sign1Json.protectedHeader.alg;
+            if (!coseAlg) {
+                return Promise.reject(Error('No alg protected header present'));
+            }
+            let issuerCert;
+            let issuerCoseKey;
+            let kid = (_d = (_c = coseKeyInfo === null || coseKeyInfo === void 0 ? void 0 : coseKeyInfo.kid) !== null && _c !== void 0 ? _c : sign1Json.protectedHeader.kid) !== null && _d !== void 0 ? _d : (_e = sign1Json.unprotectedHeader) === null || _e === void 0 ? void 0 : _e.kid;
+            // Please note this method does not perform chain validation. The MDL-MSO_MDOC library already performed this before this step
+            const x5c = (_j = (_g = (_f = coseKeyInfo === null || coseKeyInfo === void 0 ? void 0 : coseKeyInfo.key) === null || _f === void 0 ? void 0 : _f.getX509CertificateChain()) !== null && _g !== void 0 ? _g : (_h = sign1Json.protectedHeader) === null || _h === void 0 ? void 0 : _h.x5chain) !== null && _j !== void 0 ? _j : (_k = sign1Json.unprotectedHeader) === null || _k === void 0 ? void 0 : _k.x5chain;
+            if (!coseKeyInfo || !(coseKeyInfo === null || coseKeyInfo === void 0 ? void 0 : coseKeyInfo.key) || ((_l = coseKeyInfo === null || coseKeyInfo === void 0 ? void 0 : coseKeyInfo.key) === null || _l === void 0 ? void 0 : _l.x5chain)) {
+                const certAndKey = yield getCertAndKey(x5c);
+                issuerCoseKey = certAndKey.issuerJwk ? CoseJoseKeyMappingService.toCoseKey(certAndKey.issuerJwk) : undefined;
+                issuerCert = certAndKey.issuerCert;
+            }
+            if (!issuerCoseKey) {
+                if (!(coseKeyInfo === null || coseKeyInfo === void 0 ? void 0 : coseKeyInfo.key)) {
+                    return Promise.reject(Error(`Either a x5c needs to be in the headers, or you need to provide a key for verification`));
+                }
+                if (kid === null) {
+                    kid = coseKeyInfo.key.getKidAsString(false);
+                }
+                issuerCoseKey = CoseKeyCbor.Static.fromDTO(coseKeyInfo.key);
+            }
+            const issuerCoseKeyInfo = new KeyInfo(kid, issuerCoseKey, coseKeyInfo.opts, coseKeyInfo.keyVisibility, (_m = issuerCoseKey.getSignatureAlgorithm()) !== null && _m !== void 0 ? _m : coseKeyInfo.signatureAlgorithm, x5c, coseKeyInfo.kmsKeyRef, coseKeyInfo.kms, (_o = coseKeyInfo.keyType) !== null && _o !== void 0 ? _o : issuerCoseKey.getKty());
+            const recalculatedToBeSigned = input.toBeSignedJson(issuerCoseKeyInfo, SignatureAlgorithm.Static.fromCose(coseAlg));
+            const key = CoseJoseKeyMappingService.toJoseJwk(issuerCoseKeyInfo.key).toJsonDTO();
+            const valid = yield (0, ssi_sdk_ext_key_utils_1.verifyRawSignature)({
+                data: u8a.fromString(recalculatedToBeSigned.base64UrlValue, 'base64url'),
+                signature: u8a.fromString(sign1Json.signature, 'base64url'),
+                key,
+            });
+            return {
+                name: 'mdoc',
+                critical: true,
+                error: !valid,
+                message: `Signature of '${issuerCert ? (0, ssi_sdk_ext_x509_utils_1.getSubjectDN)(issuerCert).DN : kid}' was ${valid ? '' : 'in'}valid`,
+                keyInfo: issuerCoseKeyInfo,
+            };
+        });
+    }
+    resolvePublicKeyAsync(keyInfo) {
+        if (keyInfo.key) {
+            return Promise.resolve(CoseJoseKeyMappingService.toResolvedKeyInfo(keyInfo, keyInfo.key));
+        }
+        return Promise.reject(Error('No key present in keyInfo. This implementation cannot resolve public keys on its own currently!'));
+    }
+}
+exports.CoseCryptoService = CoseCryptoService;
+/**
+ * This class can be used for X509 validations.
+ * Either have an instance per trustedCerts and verification invocation or use a single instance and provide the trusted certs in the method argument
+ *
+ * The class is also registered with the low-level mDL/mdoc Kotlin Multiplatform library
+ * Next to the specific function for the library it exports a more powerful version of the same verification method as well
+ */
+class X509CallbackService {
+    constructor(trustedCerts) {
+        this.setTrustedCerts = (trustedCertsInPEM) => {
+            this._trustedCerts = trustedCertsInPEM === null || trustedCertsInPEM === void 0 ? void 0 : trustedCertsInPEM.map((cert) => {
+                if (cert.includes('CERTIFICATE')) {
+                    // PEM
+                    return cert;
+                }
+                return (0, ssi_sdk_ext_x509_utils_1.derToPEM)(cert);
+            });
+        };
+        this.getTrustedCerts = () => this._trustedCerts;
+        this.setTrustedCerts(trustedCerts);
+    }
+    /**
+     * A more powerful version of the method below. Allows to verify at a specific time and returns more information
+     * @param chain
+     * @param trustAnchors
+     * @param verificationTime
+     */
+    verifyCertificateChain(_a) {
+        return __awaiter(this, arguments, void 0, function* ({ chain, trustAnchors = this.getTrustedCerts(), verificationTime, opts, }) {
+            return yield (0, ssi_sdk_ext_x509_utils_1.validateX509CertificateChain)({
+                chain,
+                trustAnchors,
+                verificationTime,
+                opts,
+            });
+        });
+    }
+    /**
+     * This method is the implementation used within the mDL/Mdoc library
+     */
+    verifyCertificateChainJS(chainDER, chainPEM, trustedCerts, verificationProfile, verificationTime) {
+        return __awaiter(this, void 0, void 0, function* () {
+            var _a;
+            const verificationAt = verificationTime !== null && verificationTime !== void 0 ? verificationTime : DateTimeUtils.Static.DEFAULT.dateTimeLocal();
+            let chain = [];
+            if (chainDER && chainDER.length > 0) {
+                chain = chainDER.map((der) => Uint8Array.from(der));
+            }
+            if (chainPEM && chainPEM.length > 0) {
+                chain = (chain !== null && chain !== void 0 ? chain : []).concat(chainPEM);
+            }
+            const result = yield (0, ssi_sdk_ext_x509_utils_1.validateX509CertificateChain)({
+                chain: chain, // The function will handle an empty array
+                trustAnchors: trustedCerts !== null && trustedCerts !== void 0 ? trustedCerts : this.getTrustedCerts(),
+                verificationTime: new Date(verificationAt.toEpochSeconds().toULong() * 1000),
+                opts: { trustRootWhenNoAnchors: true },
+            });
+            const cert = result.certificateChain ? result.certificateChain[result.certificateChain.length - 1] : undefined;
+            return {
+                publicKey: cert === null || cert === void 0 ? void 0 : cert.publicKeyJWK, // fixme
+                publicKeyAlgorithm: (_a = cert === null || cert === void 0 ? void 0 : cert.publicKeyJWK) === null || _a === void 0 ? void 0 : _a.alg,
+                name: 'x.509',
+                critical: result.critical,
+                message: result.message,
+                error: result.error,
+                verificationTime: verificationAt,
+            };
+        });
+    }
+}
+exports.X509CallbackService = X509CallbackService;
+const defaultCryptoEngine = () => {
+    if (typeof self !== 'undefined') {
+        if ('crypto' in self) {
+            let engineName = 'webcrypto';
+            if ('webkitSubtle' in self.crypto) {
+                engineName = 'safari';
+            }
+            // @ts-ignore
+            (0, pkijs_1.setEngine)(engineName, new pkijs_1.CryptoEngine({ name: engineName, crypto: crypto }));
+        }
+    }
+    else if (typeof crypto !== 'undefined' && 'webcrypto' in crypto) {
+        const name = 'NodeJS ^15';
+        const nodeCrypto = crypto.webcrypto;
+        // @ts-ignore
+        (0, pkijs_1.setEngine)(name, new pkijs_1.CryptoEngine({ name, crypto: nodeCrypto }));
+    }
+    else {
+        // @ts-ignore
+        const name = 'crypto';
+        (0, pkijs_1.setEngine)(name, new pkijs_1.CryptoEngine({ name, crypto: (0, ssi_sdk_ext_key_utils_1.globalCrypto)(false) }));
+    }
+};
+defaultCryptoEngine();
+// We register the services with the mDL/mdoc library. Please note that the context is not passed in, meaning we cannot sign by default.
+DefaultCallbacks.setCoseCryptoDefault(new CoseCryptoService());
+DefaultCallbacks.setX509Default(new X509CallbackService());
+//# sourceMappingURL=index.js.map

package/dist/functions/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/functions/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,2DAAuD;AACvD,2EAA0G;AAC1G,6EAQyC;AAEzC,+CAAgC;AAChC,iCAA4D;AAC5D,iDAAkC;AAElC,IAAO,WAAW,GAAG,mBAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAA;AAIzD,IAAO,yBAAyB,GAAG,mBAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,yBAAyB,CAAA;AAChF,IAAO,gBAAgB,GAAG,mBAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,gBAAgB,CAAA;AAE9D,IAAO,kBAAkB,GAAG,mBAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,kBAAkB,CAAA;AAO1E,IAAO,OAAO,GAAG,mBAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAA;AAC5C,IAAO,eAAe,GAAG,mBAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,eAAe,CAAA;AAE5D,IAAO,aAAa,GAAG,mBAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,aAAa,CAAA;AACrD,IAAO,UAAU,GAAG,mBAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAA;AAC/C,IAAO,QAAQ,GAAG,mBAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAA;AAC3C,IAAO,QAAQ,GAAG,mBAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAA;AAG3C,MAAa,iBAAiB;IAC5B,YAAoB,OAA0B;QAA1B,YAAO,GAAP,OAAO,CAAmB;IAAG,CAAC;IAElD,UAAU,CAAC,OAAyB;QAClC,IAAI,CAAC,OAAO,GAAG,OAAO,CAAA;IACxB,CAAC;IAEK,SAAS,CAAC,KAAqB,EAAE,cAAiC;;;YACtE,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;gBAClB,MAAM,KAAK,CAAC,yFAAyF,CAAC,CAAA;YACxG,CAAC;YACD,MAAM,EAAE,OAAO,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,KAAK,CAAA;YACrC,IAAI,SAAS,GAAG,MAAA,OAAO,CAAC,SAAS,mCAAI,SAAS,CAAA;YAC9C,IAAI,CAAC,SAAS,EAAE,CAAC;gBACf,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAA;gBACvB,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;oBAChB,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,2EAA2E,CAAC,CAAC,CAAA;gBAC3G,CAAC;gBACD,MAAM,eAAe,GAAG,eAAe,CAAC,MAAM,CAAC,WAAW,CAAC,OAAO,EAAE,GAAG,CAAC,CAAA;gBACxE,MAAM,UAAU,GAAyB,yBAAyB,CAAC,oBAAoB,CAAC,eAAe,CAAC,CAAA;gBAExG,MAAM,GAAG,GAAG,MAAA,MAAA,UAAU,CAAC,GAAG,mCAAI,IAAA,8CAAsB,EAAC,EAAE,GAAG,EAAE,UAAU,CAAC,GAAG,CAAC,SAAS,EAAE,EAAE,CAAC,mCAAI,UAAU,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,CAAC,CAAA;gBAChI,IAAI,CAAC,GAAG,EAAE,CAAC;oBACT,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,2CAA2C,CAAC,CAAC,CAAA;gBAC3E,CAAC;gBACD,SAAS,GAAG,GAAG,CAAA;YACjB,CAAC;YACD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,cAAc,CAAC;gBACrD,SAAS,EAAE,GAAG,CAAC,IAAM,CAAC,KAAK;gBAC3B,IAAI,EAAE,QAAQ,CAAC,KAAK,EAAE,QAAQ,CAAC,IAAI,CAAC;gBACpC,QAAQ,EAAE,OAAO;gBACjB,MAAM,EAAE,SAAW;aACpB,CAAC,CAAA;YACF,OAAO,UAAU,CAAC,MAAM,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAA;QAC1C,CAAC;KAAA;IAEK,YAAY,CAChB,KAA8B,EAC9B,OAA+B,EAC/B,cAAiC;;;YAEjC,MAAM,aAAa,GAAG,CACpB,GAA4B,EAI3B,EAAE;gBACH,IAAI,cAAc,IAAI,CAAC,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,CAAC,EAAE,CAAC;oBACjD,yHAAyH;oBACzH,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC,CAAA;gBACrF,CAAC;gBACD,2JAA2J;gBAC3J,UAAU,GAAG,GAAG,CAAC,CAAC,CAAC,IAAA,kDAAyB,EAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;gBAChE,IAAI,SAA0B,CAAA;gBAC9B,IAAI,UAAU,EAAE,CAAC;oBACf,MAAM,IAAI,GAAG,MAAM,IAAA,2CAAkB,EAAC,UAAU,CAAC,CAAA;oBACjD,SAAS,GAAG,IAAI,CAAC,YAAY,CAAA;gBAC/B,CAAC;gBACD,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,CAAA;YAClC,CAAC,CAAA,CAAA;YAED,MAAM,WAAW,GAAG,yBAAyB,CAAC,aAAa,CAAC,OAAO,CAAC,CAAA;YAEpE,IAAI,MAAA,WAAW,aAAX,WAAW,uBAAX,WAAW,CAAE,GAAG,0CAAE,CAAC,EAAE,CAAC;gBACxB,MAAM,KAAK,CAAC,oCAAoC,CAAC,CAAA;YACnD,CAAC;iBAAM,IAAI,CAAC,CAAA,MAAA,KAAK,CAAC,OAAO,0CAAE,KAAK,CAAA,EAAE,CAAC;gBACjC,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,oDAAoD,CAAC,CAAC,CAAA;YACpF,CAAC;YACD,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,EAAE,CAAA,CAAC,wEAAwE;YACzG,MAAM,OAAO,GAAG,SAAS,CAAC,eAAe,CAAC,GAAG,CAAA;YAC7C,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,iCAAiC,CAAC,CAAC,CAAA;YACjE,CAAC;YAED,IAAI,UAAmC,CAAA;YACvC,IAAI,aAAsC,CAAA;YAC1C,IAAI,GAAG,GAAG,MAAA,MAAA,WAAW,aAAX,WAAW,uBAAX,WAAW,CAAE,GAAG,mCAAI,SAAS,CAAC,eAAe,CAAC,GAAG,mCAAI,MAAA,SAAS,CAAC,iBAAiB,0CAAE,GAAG,CAAA;YAC/F,8HAA8H;YAC9H,MAAM,GAAG,GAAG,MAAA,MAAA,MAAA,WAAW,aAAX,WAAW,uBAAX,WAAW,CAAE,GAAG,0CAAE,uBAAuB,EAAE,mCAAI,MAAA,SAAS,CAAC,eAAe,0CAAE,OAAO,mCAAI,MAAA,SAAS,CAAC,iBAAiB,0CAAE,OAAO,CAAA;YACrI,IAAI,CAAC,WAAW,IAAI,CAAC,CAAA,WAAW,aAAX,WAAW,uBAAX,WAAW,CAAE,GAAG,CAAA,KAAI,MAAA,WAAW,aAAX,WAAW,uBAAX,WAAW,CAAE,GAAG,0CAAE,OAAO,CAAA,EAAE,CAAC;gBACnE,MAAM,UAAU,GAAG,MAAM,aAAa,CAAC,GAAG,CAAC,CAAA;gBAC3C,aAAa,GAAG,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,yBAAyB,CAAC,SAAS,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;gBAC5G,UAAU,GAAG,UAAU,CAAC,UAAU,CAAA;YACpC,CAAC;YACD,IAAI,CAAC,aAAa,EAAE,CAAC;gBACnB,IAAI,CAAC,CAAA,WAAW,aAAX,WAAW,uBAAX,WAAW,CAAE,GAAG,CAAA,EAAE,CAAC;oBACtB,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,wFAAwF,CAAC,CAAC,CAAA;gBACxH,CAAC;gBACD,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;oBACjB,GAAG,GAAG,WAAW,CAAC,GAAG,CAAC,cAAc,CAAC,KAAK,CAAC,CAAA;gBAC7C,CAAC;gBACD,aAAa,GAAG,WAAW,CAAC,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,GAAG,CAAC,CAAA;YAC7D,CAAC;YAED,MAAM,iBAAiB,GAAG,IAAI,OAAO,CACnC,GAAG,EACH,aAAa,EACb,WAAW,CAAC,IAAI,EAChB,WAAW,CAAC,aAAa,EACzB,MAAA,aAAa,CAAC,qBAAqB,EAAE,mCAAI,WAAW,CAAC,kBAAkB,EACvE,GAAG,EACH,WAAW,CAAC,SAAS,EACrB,WAAW,CAAC,GAAG,EACf,MAAA,WAAW,CAAC,OAAO,mCAAI,aAAa,CAAC,MAAM,EAAE,CAC9C,CAAA;YACD,MAAM,sBAAsB,GAAG,KAAK,CAAC,cAAc,CAAC,iBAAiB,EAAE,kBAAkB,CAAC,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAA;YACnH,MAAM,GAAG,GAAG,yBAAyB,CAAC,SAAS,CAAC,iBAAiB,CAAC,GAAI,CAAC,CAAC,SAAS,EAAO,CAAA;YACxF,MAAM,KAAK,GAAG,MAAM,IAAA,0CAAkB,EAAC;gBACrC,IAAI,EAAE,GAAG,CAAC,UAAU,CAAC,sBAAsB,CAAC,cAAc,EAAE,WAAW,CAAC;gBACxE,SAAS,EAAE,GAAG,CAAC,UAAU,CAAC,SAAS,CAAC,SAAS,EAAE,WAAW,CAAC;gBAC3D,GAAG;aACJ,CAAC,CAAA;YAEF,OAAO;gBACL,IAAI,EAAE,MAAM;gBACZ,QAAQ,EAAE,IAAI;gBACd,KAAK,EAAE,CAAC,KAAK;gBACb,OAAO,EAAE,iBAAiB,UAAU,CAAC,CAAC,CAAC,IAAA,qCAAY,EAAC,UAAU,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,SAAS,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,OAAO;gBACzG,OAAO,EAAE,iBAAiB;aACoB,CAAA;QAClD,CAAC;KAAA;IAED,qBAAqB,CACnB,OAAyC;QAEzC,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;YAChB,OAAO,OAAO,CAAC,OAAO,CAAC,yBAAyB,CAAC,iBAAiB,CAAC,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAA;QAC3F,CAAC;QACD,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,iGAAiG,CAAC,CAAC,CAAA;IACjI,CAAC;CACF;AAlID,8CAkIC;AAED;;;;;;GAMG;AACH,MAAa,mBAAmB;IAG9B,YAAY,YAA4B;QA8DxC,oBAAe,GAAG,CAAC,iBAAiC,EAAE,EAAE;YACtD,IAAI,CAAC,aAAa,GAAG,iBAAiB,aAAjB,iBAAiB,uBAAjB,iBAAiB,CAAE,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;gBACnD,IAAI,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;oBACjC,MAAM;oBACN,OAAO,IAAI,CAAA;gBACb,CAAC;gBACD,OAAO,IAAA,iCAAQ,EAAC,IAAI,CAAC,CAAA;YACvB,CAAC,CAAC,CAAA;QACJ,CAAC,CAAA;QAED,oBAAe,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,aAAa,CAAA;QAvExC,IAAI,CAAC,eAAe,CAAC,YAAY,CAAC,CAAA;IACpC,CAAC;IAED;;;;;OAKG;IACG,sBAAsB;6DAAC,EAC3B,KAAK,EACL,YAAY,GAAG,IAAI,CAAC,eAAe,EAAE,EACrC,gBAAgB,EAChB,IAAI,GACuB;YAC3B,OAAO,MAAM,IAAA,qDAA4B,EAAC;gBACxC,KAAK;gBACL,YAAY;gBACZ,gBAAgB;gBAChB,IAAI;aACL,CAAC,CAAA;QACJ,CAAC;KAAA;IAED;;OAEG;IACG,wBAAwB,CAC5B,QAA+B,EAC/B,QAA4B,EAC5B,YAAgC,EAChC,mBAAyD,EACzD,gBAA6C;;;YAE7C,MAAM,cAAc,GAAG,gBAAgB,aAAhB,gBAAgB,cAAhB,gBAAgB,GAAI,aAAa,CAAC,MAAM,CAAC,OAAO,CAAC,aAAa,EAAE,CAAA;YACvF,IAAI,KAAK,GAA+B,EAAE,CAAA;YAC1C,IAAI,QAAQ,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACpC,KAAK,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAA;YACrD,CAAC;YACD,IAAI,QAAQ,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACpC,KAAK,GAAG,CAAC,KAAK,aAAL,KAAK,cAAL,KAAK,GAAI,EAAE,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAA;YACxC,CAAC;YACD,MAAM,MAAM,GAAG,MAAM,IAAA,qDAA4B,EAAC;gBAChD,KAAK,EAAE,KAAK,EAAE,0CAA0C;gBACxD,YAAY,EAAE,YAAY,aAAZ,YAAY,cAAZ,YAAY,GAAI,IAAI,CAAC,eAAe,EAAE;gBACpD,gBAAgB,EAAE,IAAI,IAAI,CAAC,cAAc,CAAC,cAAc,EAAE,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC;gBAC5E,IAAI,EAAE,EAAE,sBAAsB,EAAE,IAAI,EAAE;aACvC,CAAC,CAAA;YAEF,MAAM,IAAI,GAAgC,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,MAAM,CAAC,gBAAgB,CAAC,MAAM,CAAC,gBAAgB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;YAE3I,OAAO;gBACL,SAAS,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,YAAuB,EAAE,QAAQ;gBAClD,kBAAkB,EAAE,MAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,YAAY,0CAAE,GAAG;gBAC3C,IAAI,EAAE,OAAO;gBACb,QAAQ,EAAE,MAAM,CAAC,QAAQ;gBACzB,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,KAAK,EAAE,MAAM,CAAC,KAAK;gBACnB,gBAAgB,EAAE,cAAc;aACU,CAAA;QAC9C,CAAC;KAAA;CAaF;AA5ED,kDA4EC;AAED,MAAM,mBAAmB,GAAG,GAAG,EAAE;IAC/B,IAAI,OAAO,IAAI,KAAK,WAAW,EAAE,CAAC;QAChC,IAAI,QAAQ,IAAI,IAAI,EAAE,CAAC;YACrB,IAAI,UAAU,GAAG,WAAW,CAAA;YAC5B,IAAI,cAAc,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;gBAClC,UAAU,GAAG,QAAQ,CAAA;YACvB,CAAC;YACD,aAAa;YACb,IAAA,iBAAS,EAAC,UAAU,EAAE,IAAI,oBAAY,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC,CAAA;QAC/E,CAAC;IACH,CAAC;SAAM,IAAI,OAAO,MAAM,KAAK,WAAW,IAAI,WAAW,IAAI,MAAM,EAAE,CAAC;QAClE,MAAM,IAAI,GAAG,YAAY,CAAA;QACzB,MAAM,UAAU,GAAG,MAAM,CAAC,SAAS,CAAA;QACnC,aAAa;QACb,IAAA,iBAAS,EAAC,IAAI,EAAE,IAAI,oBAAY,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC,CAAC,CAAA;IACjE,CAAC;SAAM,CAAC;QACN,aAAa;QACb,MAAM,IAAI,GAAG,QAAQ,CAAA;QACrB,IAAA,iBAAS,EAAC,IAAI,EAAE,IAAI,oBAAY,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAA,oCAAY,EAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAA;IAC1E,CAAC;AACH,CAAC,CAAA;AAED,mBAAmB,EAAE,CAAA;AAErB,wIAAwI;AACxI,gBAAgB,CAAC,oBAAoB,CAAC,IAAI,iBAAiB,EAAE,CAAC,CAAA;AAC9D,gBAAgB,CAAC,cAAc,CAAC,IAAI,mBAAmB,EAAE,CAAC,CAAA"}

package/dist/index.d.ts

@@ -1,223 +1,7 @@
-import * as _sphereon_ssi_types from '@sphereon/ssi-types';
-import { IPluginMethodMap, IAgentContext, IDIDManager, IResolver, IAgentPlugin } from '@veramo/core';
-import * as _sphereon_kmp_mdoc_core from '@sphereon/kmp-mdoc-core';
-import { com, Nullable } from '@sphereon/kmp-mdoc-core';
-import { PresentationDefinitionV2, PresentationSubmission } from '@sphereon/pex-models';
-import { ISphereonKeyManager } from '@sphereon/ssi-sdk-ext.key-manager';
-import { X509ValidationResult, SubjectAlternativeGeneralName, CertificateInfo } from '@sphereon/ssi-sdk-ext.x509-utils';
-
-type IKey$1 = com.sphereon.crypto.IKey;
-type CoseSign1Json = com.sphereon.crypto.cose.CoseSign1Json;
-type CoseSign1Cbor<Any> = com.sphereon.crypto.cose.CoseSign1Cbor<Any>;
-type ICoseKeyCbor$1 = com.sphereon.crypto.cose.ICoseKeyCbor;
-type ICoseKeyJson = com.sphereon.crypto.cose.ICoseKeyJson;
-type IKeyInfo<KT extends IKey$1 = IKey$1> = com.sphereon.crypto.IKeyInfo<KT>;
-type IVerifyResults<KT extends IKey$1> = com.sphereon.crypto.generic.IVerifyResults<KT>;
-type IVerifySignatureResult<KT extends IKey$1> = com.sphereon.crypto.generic.IVerifySignatureResult<KT>;
-type DocumentJson = com.sphereon.mdoc.data.device.DocumentJson;
-type DocumentCbor = com.sphereon.mdoc.data.device.DocumentCbor;
-declare const CborByteString: typeof com.sphereon.cbor.CborByteString;
-declare const CoseKeyCbor: typeof com.sphereon.crypto.cose.CoseKeyCbor;
-declare const CoseCryptoServiceJS: typeof com.sphereon.crypto.CoseCryptoServiceJS;
-declare const CoseJoseKeyMappingService: {
-    toJoseJwk(key: com.sphereon.crypto.IKey): com.sphereon.crypto.jose.Jwk;
-    toCoseKey(key: com.sphereon.crypto.IKey): com.sphereon.crypto.cose.CoseKeyCbor;
-    getJoseX5c(key: com.sphereon.crypto.IKey): _sphereon_kmp_mdoc_core.Nullable<Array<string>>;
-    toJoseX5c(x5c: _sphereon_kmp_mdoc_core.Nullable<Array<any>>): _sphereon_kmp_mdoc_core.Nullable<Array<string>>;
-    toJwkKeyInfo(keyInfo: com.sphereon.crypto.IKeyInfo<any>): com.sphereon.crypto.KeyInfo<com.sphereon.crypto.jose.Jwk>;
-    toResolvedJwkKeyInfo(resolvedKeyInfo: com.sphereon.crypto.IResolvedKeyInfo<any>): com.sphereon.crypto.ResolvedKeyInfo<com.sphereon.crypto.jose.Jwk>;
-    toCoseKeyInfo(keyInfo: com.sphereon.crypto.IKeyInfo<any>): com.sphereon.crypto.KeyInfo<com.sphereon.crypto.cose.CoseKeyCbor>;
-    toResolvedCoseKeyInfo(resolvedKeyInfo: com.sphereon.crypto.IResolvedKeyInfo<any>): com.sphereon.crypto.ResolvedKeyInfo<com.sphereon.crypto.cose.CoseKeyCbor>;
-    isResolvedKeyInfo(keyInfo: com.sphereon.crypto.IKeyInfo<any>): boolean;
-    toResolvedKeyInfo<KeyType extends com.sphereon.crypto.IKey>(keyInfo: com.sphereon.crypto.IKeyInfo<any>, key?: _sphereon_kmp_mdoc_core.Nullable<KeyType>): com.sphereon.crypto.ResolvedKeyInfo<KeyType>;
-    toResolvedKeyInfoWithResolver<KeyType extends com.sphereon.crypto.IKey>(keyInfo: com.sphereon.crypto.IKeyInfo<KeyType>, resolveCallback: _sphereon_kmp_mdoc_core.Nullable<(p0: com.sphereon.crypto.IKeyInfo<KeyType>) => com.sphereon.crypto.ResolvedKeyInfo<KeyType>>): com.sphereon.crypto.ResolvedKeyInfo<KeyType>;
-    getCoseX5chain(key: com.sphereon.crypto.IKey): _sphereon_kmp_mdoc_core.Nullable<com.sphereon.cbor.CborArray<com.sphereon.cbor.CborByteString>>;
-    toCoseX5chain(x5c: _sphereon_kmp_mdoc_core.Nullable<Array<any>>): _sphereon_kmp_mdoc_core.Nullable<com.sphereon.cbor.CborArray<com.sphereon.cbor.CborByteString>>;
-};
-declare const KeyInfo: typeof com.sphereon.crypto.KeyInfo;
-declare const DateTimeUtils: typeof com.sphereon.kmp.DateTimeUtils;
-declare const decodeFrom: typeof com.sphereon.kmp.decodeFrom;
-declare const encodeTo: typeof com.sphereon.kmp.encodeTo;
-declare const Encoding: typeof com.sphereon.kmp.Encoding;
-declare const MdocValidations: {
-    fromDocumentAsync(document: com.sphereon.mdoc.data.device.DocumentCbor, keyInfo?: _sphereon_kmp_mdoc_core.Nullable<com.sphereon.crypto.IKeyInfo<com.sphereon.crypto.cose.ICoseKeyCbor>>, trustedCerts?: _sphereon_kmp_mdoc_core.Nullable<Array<string>>, verificationTime?: _sphereon_kmp_mdoc_core.Nullable<com.sphereon.kmp.LocalDateTimeKMP>, allowExpiredDocuments?: _sphereon_kmp_mdoc_core.Nullable<boolean>, dateTimeUtils?: com.sphereon.kmp.DateTimeUtils, timeZoneId?: _sphereon_kmp_mdoc_core.Nullable<string>, clockSkewAllowedInSec?: number): Promise<com.sphereon.crypto.generic.IVerifyResults<com.sphereon.crypto.cose.ICoseKeyCbor>>;
-    fromIssuerAuthAsync(issuerAuth: com.sphereon.crypto.cose.CoseSign1Cbor<com.sphereon.mdoc.data.mso.MobileSecurityObjectCbor>, keyInfo?: _sphereon_kmp_mdoc_core.Nullable<com.sphereon.crypto.IKeyInfo<com.sphereon.crypto.cose.ICoseKeyCbor>>, trustedCerts?: _sphereon_kmp_mdoc_core.Nullable<Array<string>>, verificationTime?: _sphereon_kmp_mdoc_core.Nullable<com.sphereon.kmp.LocalDateTimeKMP>, allowExpiredDocuments?: _sphereon_kmp_mdoc_core.Nullable<boolean>, dateTimeUtils?: com.sphereon.kmp.DateTimeUtils, timeZoneId?: _sphereon_kmp_mdoc_core.Nullable<string>, clockSkewAllowedInSec?: number): Promise<com.sphereon.crypto.generic.IVerifyResults<com.sphereon.crypto.cose.ICoseKeyCbor>>;
-    withParamsAsync(issuerAuth?: _sphereon_kmp_mdoc_core.Nullable<com.sphereon.crypto.cose.CoseSign1Cbor<com.sphereon.mdoc.data.mso.MobileSecurityObjectCbor>>, document?: _sphereon_kmp_mdoc_core.Nullable<com.sphereon.mdoc.data.device.DocumentCbor>, mdocVerificationTypes?: _sphereon_kmp_mdoc_core.kotlin.collections.KtSet<com.sphereon.mdoc.data.MdocVerification>, keyInfo?: _sphereon_kmp_mdoc_core.Nullable<com.sphereon.crypto.IKeyInfo<com.sphereon.crypto.cose.ICoseKeyCbor>>, trustedCerts?: _sphereon_kmp_mdoc_core.Nullable<Array<string>>, verificationTime?: _sphereon_kmp_mdoc_core.Nullable<com.sphereon.kmp.LocalDateTimeKMP>, allowExpiredDocuments?: _sphereon_kmp_mdoc_core.Nullable<boolean>, dateTimeUtils?: com.sphereon.kmp.DateTimeUtils, timeZoneId?: _sphereon_kmp_mdoc_core.Nullable<string>, clockSkewAllowedInSec?: number): Promise<com.sphereon.crypto.generic.IVerifyResults<com.sphereon.crypto.cose.ICoseKeyCbor>>;
-};
-declare const MdocOid4vpService: typeof com.sphereon.mdoc.oid4vp.MdocOid4vpServiceJs;
-declare const Jwk: typeof com.sphereon.crypto.jose.Jwk;
-type DocumentDescriptorMatchResult = com.sphereon.mdoc.oid4vp.DocumentDescriptorMatchResult;
-type IOid4VPPresentationDefinition = com.sphereon.mdoc.oid4vp.IOid4VPPresentationDefinition;
-declare const Oid4VPPresentationSubmission: typeof com.sphereon.mdoc.oid4vp.Oid4VPPresentationSubmission;
-interface ImDLMdoc extends IPluginMethodMap {
-    x509VerifyCertificateChain(args: VerifyCertificateChainArgs, context: IRequiredContext): Promise<X509ValidationResult>;
-    x509GetCertificateInfo(args: GetX509CertificateInfoArgs, context: IRequiredContext): Promise<CertificateInfo[]>;
-    mdocVerifyIssuerSigned(args: MdocVerifyIssuerSignedArgs, context: IRequiredContext): Promise<IVerifySignatureResult<KeyType>>;
-    mdocOid4vpHolderPresent(args: MdocOid4vpPresentArgs, context: IRequiredContext): Promise<MdocOid4VPPresentationAuth>;
-    mdocOid4vpRPVerify(args: MdocOid4vpRPVerifyArgs, _context: IRequiredContext): Promise<MdocOid4vpRPVerifyResult>;
-}
-type IRequiredContext = IAgentContext<ISphereonKeyManager & IDIDManager & IResolver>;
-type VerifyCertificateChainArgs = {
-    chain: Array<string | Uint8Array>;
-    trustAnchors?: string[];
-    verificationTime?: Date;
-    opts?: {
-        allowNoTrustAnchorsFound?: boolean;
-        trustRootWhenNoAnchors?: boolean;
-        allowSingleNoCAChainElement?: boolean;
-        blindlyTrustedAnchors?: string[];
-    };
-};
-type GetX509CertificateInfoArgs = {
-    certificates: (string | Uint8Array)[];
-    sanTypeFilter?: SubjectAlternativeGeneralName | SubjectAlternativeGeneralName[];
-};
-type KeyType = ICoseKeyJson;
-type MdocVerifyIssuerSignedArgs = {
-    input: CoseSign1Json;
-    keyInfo?: IKeyInfo<KeyType>;
-    requireX5Chain?: boolean;
-};
-interface MdocOid4VPPresentationAuth {
-    vp_token: string;
-    presentation_submission: PresentationSubmission;
-}
-interface MdocOid4vpPresentArgs {
-    mdocs: DocumentCbor[];
-    mdocHolderNonce?: string;
-    presentationDefinition: PresentationDefinitionV2;
-    trustAnchors?: string[];
-    verifications?: VerificationOptions;
-    clientId: string;
-    responseUri: string;
-    authorizationRequestNonce: string;
-}
-type VerificationOptions = {
-    allowExpiredDocuments?: boolean;
-    verificationTime?: Date;
-};
-type DocumentVerifyResult = {
-    document: DocumentJson;
-    validations: IVerifyResults<ICoseKeyCbor$1>;
-};
-type MdocOid4vpRPVerifyResult = {
-    error: boolean;
-    documents: Array<DocumentVerifyResult>;
-    presentation_submission: PresentationSubmission;
-};
-interface MdocOid4vpRPVerifyArgs {
-    vp_token: string;
-    presentation_submission: PresentationSubmission;
-    trustAnchors?: string[];
-}
-
-declare const mdocSupportMethods: Array<string>;
-/**
- * The MDLMdoc class implements the IAgentPlugin interface, providing methods for
- * verification and information retrieval related to X.509 certificates and mDL (mobile
- * driver's license) documents.
- */
-declare class MDLMdoc implements IAgentPlugin {
-    readonly schema: any;
-    readonly methods: ImDLMdoc;
-    private readonly trustAnchors;
-    private opts;
-    constructor(args?: {
-        trustAnchors?: string[];
-        opts?: {
-            trustRootWhenNoAnchors?: boolean;
-            allowSingleNoCAChainElement?: boolean;
-            blindlyTrustedAnchors?: string[];
-        };
-    });
-    /**
-     * Processes and verifies the provided mdoc, generates device response and presentation submission tokens.
-     *
-     * @param {MdocOid4vpPresentArgs} args - An object containing arguments for mdoc oid4vp holder presentation.
-     * @param {IRequiredContext} _context - Required context for the operation.
-     * @return {Promise<MdocOid4VPPresentationAuth>} A promise that resolves to an object containing vp_token and presentation_submission.
-     */
-    private mdocOid4vpHolderPresent;
-    /**
-     * Verifies on the Relying Party (RP) side for mdoc (mobile document) OIDC4VP (OpenID Connect for Verifiable Presentations).
-     *
-     * @param {MdocOid4vpRPVerifyArgs} args - The arguments required for verification, including the vp_token, presentation_submission, and trustAnchors.
-     * @param {IRequiredContext} _context - The required context for this method.
-     * @return {Promise<MdocOid4vpRPVerifyResult>} - A promise that resolves to an object containing error status,
-     * validated documents, and the original presentation submission.
-     */
-    private mdocOid4vpRPVerify;
-    /**
-     * Verifies the issuer-signed Mobile Document (mDoc) using the provided arguments and context.
-     *
-     * @param {MdocVerifyIssuerSignedArgs} args - The arguments required for verification, including input and key information.
-     * @param {IRequiredContext} context - The context encompassing necessary dependencies and configurations.
-     * @return {Promise<IVerifySignatureResult<KeyType>>} A promise that resolves to the result of the signature verification, including key information if available.
-     */
-    private mdocVerifyIssuerSigned;
-    /**
-     * Verifies an X.509 certificate chain against a set of trust anchors.
-     *
-     * @param {VerifyCertificateChainArgs} args - The arguments required for verifying the certificate chain.
-     * This includes the certificate chain to be verified and any additional trust anchors to be used.
-     * @param {IRequiredContext} _context - The context required for verification, including necessary dependencies and settings.
-     * @return {Promise<X509ValidationResult>} A promise that resolves to the result of the validation process, indicating the success or failure of the certificate chain verification.
-     */
-    private x509VerifyCertificateChain;
-    /**
-     * Extracts information from a list of X509 certificates.
-     *
-     * @param {GetX509CertificateInfoArgs} args - Arguments required to retrieve certificate information,
-     * including the certificates and optional Subject Alternative Name (SAN) type filter.
-     * @param {IRequiredContext} context - The context required for the operation, which may include
-     * logging, configuration, and other operational details.
-     * @return {Promise<CertificateInfo[]>} A promise that resolves with an array of certificate
-     * information objects, each containing details extracted from individual certificates.
-     */
-    private x509GetCertificateInfo;
-}
-
-type ICoseKeyCbor = com.sphereon.crypto.cose.ICoseKeyCbor;
-type ToBeSignedCbor = com.sphereon.crypto.cose.ToBeSignedCbor;
-type ICoseCryptoCallbackJS = com.sphereon.crypto.ICoseCryptoCallbackJS;
-type IKey = com.sphereon.crypto.IKey;
-type IX509ServiceJS = com.sphereon.crypto.IX509ServiceJS;
-type X509VerificationProfile = com.sphereon.crypto.X509VerificationProfile;
-type LocalDateTimeKMP = com.sphereon.kmp.LocalDateTimeKMP;
-declare class CoseCryptoService implements ICoseCryptoCallbackJS {
-    private context?;
-    constructor(context?: IRequiredContext | undefined);
-    setContext(context: IRequiredContext): void;
-    signAsync(input: ToBeSignedCbor, requireX5Chain: Nullable<boolean>): Promise<Int8Array>;
-    verify1Async<CborType>(input: com.sphereon.crypto.cose.CoseSign1Cbor<CborType>, keyInfo: com.sphereon.crypto.IKeyInfo<ICoseKeyCbor>, requireX5Chain: Nullable<boolean>): Promise<com.sphereon.crypto.generic.IVerifySignatureResult<ICoseKeyCbor>>;
-    resolvePublicKeyAsync<KT extends com.sphereon.crypto.IKey>(keyInfo: com.sphereon.crypto.IKeyInfo<KT>): Promise<com.sphereon.crypto.IResolvedKeyInfo<KT>>;
-}
-/**
- * This class can be used for X509 validations.
- * Either have an instance per trustedCerts and verification invocation or use a single instance and provide the trusted certs in the method argument
- *
- * The class is also registered with the low-level mDL/mdoc Kotlin Multiplatform library
- * Next to the specific function for the library it exports a more powerful version of the same verification method as well
- */
-declare class X509CallbackService implements IX509ServiceJS {
-    private _trustedCerts?;
-    constructor(trustedCerts?: Array<string>);
-    /**
-     * A more powerful version of the method below. Allows to verify at a specific time and returns more information
-     * @param chain
-     * @param trustAnchors
-     * @param verificationTime
-     */
-    verifyCertificateChain({ chain, trustAnchors, verificationTime, opts, }: VerifyCertificateChainArgs): Promise<X509ValidationResult>;
-    /**
-     * This method is the implementation used within the mDL/Mdoc library
-     */
-    verifyCertificateChainJS<KeyType extends IKey>(chainDER: Nullable<Int8Array[]>, chainPEM: Nullable<string[]>, trustedCerts: Nullable<string[]>, verificationProfile?: X509VerificationProfile | undefined, verificationTime?: Nullable<LocalDateTimeKMP>): Promise<com.sphereon.crypto.IX509VerificationResult<KeyType>>;
-    setTrustedCerts: (trustedCertsInPEM?: Array<string>) => void;
-    getTrustedCerts: () => string[] | undefined;
-}
-
-declare const logger: _sphereon_ssi_types.ISimpleLogger<unknown>;
+export declare const logger: import("@sphereon/ssi-types").ISimpleLogger<unknown>;
 declare const schema: any;
-
-export { CborByteString, CoseCryptoService, CoseCryptoServiceJS, CoseJoseKeyMappingService, CoseKeyCbor, type CoseSign1Cbor, type CoseSign1Json, DateTimeUtils, type DocumentCbor, type DocumentDescriptorMatchResult, type DocumentJson, type DocumentVerifyResult, Encoding, type GetX509CertificateInfoArgs, type ICoseKeyCbor$1 as ICoseKeyCbor, type ICoseKeyJson, type IKey$1 as IKey, type IKeyInfo, type IOid4VPPresentationDefinition, type IRequiredContext, type IVerifyResults, type IVerifySignatureResult, type ImDLMdoc, Jwk, KeyInfo, type KeyType, MDLMdoc, type MdocOid4VPPresentationAuth, type MdocOid4vpPresentArgs, type MdocOid4vpRPVerifyArgs, type MdocOid4vpRPVerifyResult, MdocOid4vpService, MdocValidations, type MdocVerifyIssuerSignedArgs, Oid4VPPresentationSubmission, type VerificationOptions, type VerifyCertificateChainArgs, X509CallbackService, decodeFrom, encodeTo, logger, mdocSupportMethods, schema };
+export { schema };
+export { MDLMdoc, mdocSupportMethods } from './agent/mDLMdoc';
+export * from './types/ImDLMdoc';
+export * from './functions';
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,MAAM,sDAAuC,CAAA;AAC1D,QAAA,MAAM,MAAM,KAAmC,CAAA;AAC/C,OAAO,EAAE,MAAM,EAAE,CAAA;AACjB,OAAO,EAAE,OAAO,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAA;AAC7D,cAAc,kBAAkB,CAAA;AAChC,cAAc,aAAa,CAAA"}