agent-passport-system 2.1.0 → 2.2.0

package/dist/src/v2/mutual-auth/certificate.js

@@ -0,0 +1,89 @@
+// Copyright 2024-2026 Tymofii Pidlisnyi. Apache-2.0 license. See LICENSE.
+// ══════════════════════════════════════════════════════════════════
+// Mutual Authentication v1 — certificate build, sign, verify
+// ══════════════════════════════════════════════════════════════════
+import { createHash } from 'node:crypto';
+import { canonicalizeJCS } from '../../core/canonical-jcs.js';
+import { sign as edSignHex, verify as edVerifyHex } from '../../crypto/keys.js';
+const SPEC_VERSION = '1.0';
+/** Build an unsigned certificate. Call signCertificate next. */
+export function buildCertificate(input, issuer_pubkey_hex) {
+    return {
+        spec_version: SPEC_VERSION,
+        role: input.role,
+        subject_id: input.subject_id,
+        issuer_id: input.issuer_id,
+        issuer_role: input.issuer_role,
+        issuer_pubkey_hex,
+        subject_pubkey_hex: input.subject_pubkey_hex,
+        not_before: input.not_before,
+        not_after: input.not_after,
+        binding: input.binding,
+        attestation_grade: input.attestation_grade,
+        supported_versions: input.supported_versions,
+        capabilities: input.capabilities,
+    };
+}
+/** Sign an unsigned certificate with the issuer's private key (hex). */
+export function signCertificate(unsigned, issuer_sk_hex) {
+    const canonical = canonicalizeJCS(unsigned);
+    const sig_hex = edSignHex(canonical, issuer_sk_hex);
+    const sig_b64 = Buffer.from(sig_hex, 'hex').toString('base64');
+    return { ...unsigned, signature_b64: sig_b64 };
+}
+/** Stable content-hash identifier for a certificate (for session_id
+ *  derivation, audit references, etc.). Does not include the signature
+ *  so equivalent unsigned certificates produce the same id. */
+export function certificateId(cert) {
+    const { signature_b64: _sig, ...rest } = cert;
+    const canonical = canonicalizeJCS(rest);
+    return 'sha256:' + createHash('sha256').update(canonical).digest('hex');
+}
+export function verifyCertificateSignature(cert) {
+    if (!cert.supported_versions || cert.supported_versions.length === 0) {
+        return { ok: false, reason: 'version_empty' };
+    }
+    const { signature_b64, ...rest } = cert;
+    const canonical = canonicalizeJCS(rest);
+    const sig_hex = Buffer.from(signature_b64, 'base64').toString('hex');
+    const ok = edVerifyHex(canonical, sig_hex, cert.issuer_pubkey_hex);
+    if (!ok)
+        return { ok: false, reason: 'signature_invalid' };
+    return { ok: true };
+}
+/** Check validity window using a supplied now() (unix ms). */
+export function isCertificateTemporallyValid(cert, now_ms, max_clock_skew_ms = 0) {
+    if (now_ms + max_clock_skew_ms < cert.not_before) {
+        return { ok: false, reason: 'not_yet_valid' };
+    }
+    if (now_ms - max_clock_skew_ms > cert.not_after) {
+        return { ok: false, reason: 'expired' };
+    }
+    return { ok: true };
+}
+/** Given a certificate and a local trust-anchor list, determine if
+ *  the certificate was issued by a trusted anchor and whether the
+ *  anchor's binding constraints (if any) permit this cert's binding. */
+export function checkAnchor(cert, anchors, revoked_anchor_ids = []) {
+    const anchor = anchors.find((a) => a.pubkey_hex === cert.issuer_pubkey_hex);
+    if (!anchor)
+        return { ok: false, reason: 'unknown_issuer' };
+    if (revoked_anchor_ids.includes(anchor.anchor_id)) {
+        return { ok: false, anchor, reason: 'revoked_anchor' };
+    }
+    if (anchor.binding_constraints && anchor.binding_constraints.length > 0) {
+        const matched = anchor.binding_constraints.some((pat) => matchBinding(pat, cert.binding));
+        if (!matched)
+            return { ok: false, anchor, reason: 'binding_mismatch' };
+    }
+    return { ok: true, anchor };
+}
+function matchBinding(pattern, binding) {
+    if (pattern === binding)
+        return true;
+    if (pattern.endsWith('*')) {
+        return binding.startsWith(pattern.slice(0, -1));
+    }
+    return false;
+}
+//# sourceMappingURL=certificate.js.map

package/dist/src/v2/mutual-auth/certificate.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"certificate.js","sourceRoot":"","sources":["../../../../src/v2/mutual-auth/certificate.ts"],"names":[],"mappings":"AAAA,0EAA0E;AAC1E,qEAAqE;AACrE,6DAA6D;AAC7D,qEAAqE;AAErE,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AACxC,OAAO,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAA;AAC7D,OAAO,EAAE,IAAI,IAAI,SAAS,EAAE,MAAM,IAAI,WAAW,EAAE,MAAM,sBAAsB,CAAA;AAO/E,MAAM,YAAY,GAAG,KAAc,CAAA;AAkBnC,gEAAgE;AAChE,MAAM,UAAU,gBAAgB,CAC9B,KAA4B,EAC5B,iBAAyB;IAEzB,OAAO;QACL,YAAY,EAAE,YAAY;QAC1B,IAAI,EAAE,KAAK,CAAC,IAAI;QAChB,UAAU,EAAE,KAAK,CAAC,UAAU;QAC5B,SAAS,EAAE,KAAK,CAAC,SAAS;QAC1B,WAAW,EAAE,KAAK,CAAC,WAAW;QAC9B,iBAAiB;QACjB,kBAAkB,EAAE,KAAK,CAAC,kBAAkB;QAC5C,UAAU,EAAE,KAAK,CAAC,UAAU;QAC5B,SAAS,EAAE,KAAK,CAAC,SAAS;QAC1B,OAAO,EAAE,KAAK,CAAC,OAAO;QACtB,iBAAiB,EAAE,KAAK,CAAC,iBAAiB;QAC1C,kBAAkB,EAAE,KAAK,CAAC,kBAAkB;QAC5C,YAAY,EAAE,KAAK,CAAC,YAAY;KACjC,CAAA;AACH,CAAC;AAED,wEAAwE;AACxE,MAAM,UAAU,eAAe,CAC7B,QAAsD,EACtD,aAAqB;IAErB,MAAM,SAAS,GAAG,eAAe,CAAC,QAAQ,CAAC,CAAA;IAC3C,MAAM,OAAO,GAAG,SAAS,CAAC,SAAS,EAAE,aAAa,CAAC,CAAA;IACnD,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;IAC9D,OAAO,EAAE,GAAG,QAAQ,EAAE,aAAa,EAAE,OAAO,EAAE,CAAA;AAChD,CAAC;AAED;;+DAE+D;AAC/D,MAAM,UAAU,aAAa,CAAC,IAA2B;IACvD,MAAM,EAAE,aAAa,EAAE,IAAI,EAAE,GAAG,IAAI,EAAE,GAAG,IAAI,CAAA;IAC7C,MAAM,SAAS,GAAG,eAAe,CAAC,IAAI,CAAC,CAAA;IACvC,OAAO,SAAS,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;AACzE,CAAC;AASD,MAAM,UAAU,0BAA0B,CACxC,IAA2B;IAE3B,IAAI,CAAC,IAAI,CAAC,kBAAkB,IAAI,IAAI,CAAC,kBAAkB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACrE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,eAAe,EAAE,CAAA;IAC/C,CAAC;IACD,MAAM,EAAE,aAAa,EAAE,GAAG,IAAI,EAAE,GAAG,IAAI,CAAA;IACvC,MAAM,SAAS,GAAG,eAAe,CAAC,IAAI,CAAC,CAAA;IACvC,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;IACpE,MAAM,EAAE,GAAG,WAAW,CAAC,SAAS,EAAE,OAAO,EAAE,IAAI,CAAC,iBAAiB,CAAC,CAAA;IAClE,IAAI,CAAC,EAAE;QAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,mBAAmB,EAAE,CAAA;IAC1D,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,CAAA;AACrB,CAAC;AAED,8DAA8D;AAC9D,MAAM,UAAU,4BAA4B,CAC1C,IAA2B,EAC3B,MAAc,EACd,iBAAiB,GAAG,CAAC;IAErB,IAAI,MAAM,GAAG,iBAAiB,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QACjD,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,eAAe,EAAE,CAAA;IAC/C,CAAC;IACD,IAAI,MAAM,GAAG,iBAAiB,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC;QAChD,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,CAAA;IACzC,CAAC;IACD,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,CAAA;AACrB,CAAC;AAUD;;wEAEwE;AACxE,MAAM,UAAU,WAAW,CACzB,IAA2B,EAC3B,OAAsB,EACtB,qBAA+B,EAAE;IAEjC,MAAM,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,KAAK,IAAI,CAAC,iBAAiB,CAAC,CAAA;IAC3E,IAAI,CAAC,MAAM;QAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAA;IAC3D,IAAI,kBAAkB,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC;QAClD,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAA;IACxD,CAAC;IACD,IAAI,MAAM,CAAC,mBAAmB,IAAI,MAAM,CAAC,mBAAmB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxE,MAAM,OAAO,GAAG,MAAM,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CACtD,YAAY,CAAC,GAAG,EAAE,IAAI,CAAC,OAAO,CAAC,CAChC,CAAA;QACD,IAAI,CAAC,OAAO;YAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,kBAAkB,EAAE,CAAA;IACxE,CAAC;IACD,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,CAAA;AAC7B,CAAC;AAED,SAAS,YAAY,CAAC,OAAe,EAAE,OAAe;IACpD,IAAI,OAAO,KAAK,OAAO;QAAE,OAAO,IAAI,CAAA;IACpC,IAAI,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAC1B,OAAO,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAA;IACjD,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC"}

package/dist/src/v2/mutual-auth/handshake.d.ts

@@ -0,0 +1,37 @@
+import type { MutualAuthAttest, MutualAuthCertificate, MutualAuthFailureReason, MutualAuthHello, MutualAuthPolicy, MutualAuthResult, MutualAuthRole, MutualAuthSession, TrustAnchor } from './types.js';
+export declare function newNonce(): string;
+export declare function buildHello(role: MutualAuthRole, supported_versions: string[], now_ms: number, nonce_b64?: string): MutualAuthHello;
+/** Choose the highest mutually supported version. Returns null if
+ *  there is no overlap. Both sides MUST run the same algorithm. */
+export declare function chooseVersion(peer_supported: string[], own_accepted: string[]): string | null;
+export interface BuildAttestInput {
+    role: MutualAuthRole;
+    chosen_version: string;
+    own_nonce_b64: string;
+    peer_nonce_b64: string;
+    certificate: MutualAuthCertificate;
+    now_ms: number;
+}
+export declare function buildAttest(input: BuildAttestInput, own_sk_hex: string): MutualAuthAttest;
+export interface VerifyAttestInput {
+    attest: MutualAuthAttest;
+    expected_peer_nonce_b64: string;
+    expected_own_nonce_b64: string;
+    policy: MutualAuthPolicy;
+    trust_anchors: TrustAnchor[];
+    revoked_anchor_ids?: string[];
+    now_ms: number;
+}
+export interface VerifyAttestOutcome {
+    ok: boolean;
+    reason?: MutualAuthFailureReason;
+    detail?: string;
+}
+export declare function verifyAttest(input: VerifyAttestInput): VerifyAttestOutcome;
+/** Derive the shared session record from both sides' Attests. Both
+ *  parties MUST compute identical session_id values given identical
+ *  inputs (canonical JCS + sha256). */
+export declare function deriveSession(agent_attest: MutualAuthAttest, is_attest: MutualAuthAttest, policy: MutualAuthPolicy, now_ms: number): MutualAuthResult;
+/** Check whether a MutualAuthSession is still alive. */
+export declare function isSessionActive(session: MutualAuthSession, now_ms: number): boolean;
+//# sourceMappingURL=handshake.d.ts.map

package/dist/src/v2/mutual-auth/handshake.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"handshake.d.ts","sourceRoot":"","sources":["../../../../src/v2/mutual-auth/handshake.ts"],"names":[],"mappings":"AAqCA,OAAO,KAAK,EACV,gBAAgB,EAChB,qBAAqB,EACrB,uBAAuB,EACvB,eAAe,EACf,gBAAgB,EAChB,gBAAgB,EAChB,cAAc,EACd,iBAAiB,EACjB,WAAW,EACZ,MAAM,YAAY,CAAA;AAMnB,wBAAgB,QAAQ,IAAI,MAAM,CAEjC;AAID,wBAAgB,UAAU,CACxB,IAAI,EAAE,cAAc,EACpB,kBAAkB,EAAE,MAAM,EAAE,EAC5B,MAAM,EAAE,MAAM,EACd,SAAS,SAAa,GACrB,eAAe,CAQjB;AAID;mEACmE;AACnE,wBAAgB,aAAa,CAC3B,cAAc,EAAE,MAAM,EAAE,EACxB,YAAY,EAAE,MAAM,EAAE,GACrB,MAAM,GAAG,IAAI,CAKf;AAID,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EAAE,cAAc,CAAA;IACpB,cAAc,EAAE,MAAM,CAAA;IACtB,aAAa,EAAE,MAAM,CAAA;IACrB,cAAc,EAAE,MAAM,CAAA;IACtB,WAAW,EAAE,qBAAqB,CAAA;IAClC,MAAM,EAAE,MAAM,CAAA;CACf;AAED,wBAAgB,WAAW,CACzB,KAAK,EAAE,gBAAgB,EACvB,UAAU,EAAE,MAAM,GACjB,gBAAgB,CAgBlB;AAID,MAAM,WAAW,iBAAiB;IAChC,MAAM,EAAE,gBAAgB,CAAA;IACxB,uBAAuB,EAAE,MAAM,CAAA;IAC/B,sBAAsB,EAAE,MAAM,CAAA;IAC9B,MAAM,EAAE,gBAAgB,CAAA;IACxB,aAAa,EAAE,WAAW,EAAE,CAAA;IAC5B,kBAAkB,CAAC,EAAE,MAAM,EAAE,CAAA;IAC7B,MAAM,EAAE,MAAM,CAAA;CACf;AAED,MAAM,WAAW,mBAAmB;IAClC,EAAE,EAAE,OAAO,CAAA;IACX,MAAM,CAAC,EAAE,uBAAuB,CAAA;IAChC,MAAM,CAAC,EAAE,MAAM,CAAA;CAChB;AAED,wBAAgB,YAAY,CAAC,KAAK,EAAE,iBAAiB,GAAG,mBAAmB,CA6G1E;AAID;;uCAEuC;AACvC,wBAAgB,aAAa,CAC3B,YAAY,EAAE,gBAAgB,EAC9B,SAAS,EAAE,gBAAgB,EAC3B,MAAM,EAAE,gBAAgB,EACxB,MAAM,EAAE,MAAM,GACb,gBAAgB,CAsDlB;AAED,wDAAwD;AACxD,wBAAgB,eAAe,CAC7B,OAAO,EAAE,iBAAiB,EAC1B,MAAM,EAAE,MAAM,GACb,OAAO,CAOT"}

package/dist/src/v2/mutual-auth/handshake.js

@@ -0,0 +1,216 @@
+// Copyright 2024-2026 Tymofii Pidlisnyi. Apache-2.0 license. See LICENSE.
+// ══════════════════════════════════════════════════════════════════
+// Mutual Authentication v1 — handshake primitives
+// ══════════════════════════════════════════════════════════════════
+// Flow:
+//   1. Initiator sends MutualAuthHello (nonce_i, supported_versions)
+//   2. Responder replies with MutualAuthAttest (chosen_version, own
+//      nonce_r, peer nonce_i, own certificate, signed commitment
+//      over all four).
+//   3. Initiator verifies the Attest, then replies with its own
+//      MutualAuthAttest (chosen_version must match, nonces swapped).
+//   4. Responder verifies the initiator's Attest.
+//   5. Both sides derive an identical MutualAuthSession (shared
+//      hash of the two Attests → session_id).
+//
+// Downgrade defence:
+//   The Attest signature commits to the chosen_version alongside
+//   both nonces and both certs. An attacker who can tamper with
+//   supported_versions at the transport layer cannot forge a valid
+//   Attest that advertises a lower version without also breaking
+//   the signature.
+//
+// Replay defence:
+//   The nonces are 128-bit random, the Attest timestamp is bounded
+//   by max_clock_skew_ms, and the session_id derivation includes
+//   both nonces.
+// ══════════════════════════════════════════════════════════════════
+import { createHash, randomBytes } from 'node:crypto';
+import { canonicalizeJCS } from '../../core/canonical-jcs.js';
+import { sign as edSignHex, verify as edVerifyHex } from '../../crypto/keys.js';
+import { certificateId, checkAnchor, isCertificateTemporallyValid, verifyCertificateSignature, } from './certificate.js';
+const SPEC_VERSION = '1.0';
+// ── Nonce generation ──
+export function newNonce() {
+    return randomBytes(16).toString('base64');
+}
+// ── Hello ──
+export function buildHello(role, supported_versions, now_ms, nonce_b64 = newNonce()) {
+    return {
+        spec_version: SPEC_VERSION,
+        role,
+        supported_versions,
+        nonce_b64,
+        timestamp: now_ms,
+    };
+}
+// ── Version negotiation ──
+/** Choose the highest mutually supported version. Returns null if
+ *  there is no overlap. Both sides MUST run the same algorithm. */
+export function chooseVersion(peer_supported, own_accepted) {
+    for (const v of own_accepted) {
+        if (peer_supported.includes(v))
+            return v;
+    }
+    return null;
+}
+export function buildAttest(input, own_sk_hex) {
+    const unsigned = {
+        spec_version: SPEC_VERSION,
+        role: input.role,
+        chosen_version: input.chosen_version,
+        own_nonce_b64: input.own_nonce_b64,
+        peer_nonce_b64: input.peer_nonce_b64,
+        certificate: input.certificate,
+        timestamp: input.now_ms,
+    };
+    const canonical = canonicalizeJCS(unsigned);
+    const sig_hex = edSignHex(canonical, own_sk_hex);
+    return {
+        ...unsigned,
+        signature_b64: Buffer.from(sig_hex, 'hex').toString('base64'),
+    };
+}
+export function verifyAttest(input) {
+    const { attest, policy, trust_anchors, now_ms } = input;
+    const skew = policy.max_clock_skew_ms ?? 0;
+    // 1. Version negotiated must be one we accept
+    if (!policy.accepted_versions.includes(attest.chosen_version)) {
+        return { ok: false, reason: 'version_unsupported' };
+    }
+    // 2. Nonces must match what we expect (replay + mitm defence)
+    if (attest.peer_nonce_b64 !== input.expected_peer_nonce_b64) {
+        return { ok: false, reason: 'nonce_mismatch', detail: 'peer_nonce' };
+    }
+    if (attest.own_nonce_b64 !== input.expected_own_nonce_b64) {
+        return { ok: false, reason: 'nonce_mismatch', detail: 'own_nonce' };
+    }
+    // 3. Timestamp must be within clock skew
+    if (Math.abs(now_ms - attest.timestamp) > Math.max(skew, 60_000)) {
+        return { ok: false, reason: 'replay_detected', detail: 'timestamp_skew' };
+    }
+    // 4. Embedded certificate must be temporally valid
+    const temporal = isCertificateTemporallyValid(attest.certificate, now_ms, skew);
+    if (!temporal.ok) {
+        return {
+            ok: false,
+            reason: temporal.reason === 'expired'
+                ? 'expired_certificate'
+                : temporal.reason === 'not_yet_valid'
+                    ? 'not_yet_valid_certificate'
+                    : 'signature_invalid',
+        };
+    }
+    // 5. Certificate signature must verify
+    const certSig = verifyCertificateSignature(attest.certificate);
+    if (!certSig.ok) {
+        return { ok: false, reason: 'signature_invalid', detail: 'certificate' };
+    }
+    // 6. Certificate must be vouched for by a known trust anchor
+    const anchor = checkAnchor(attest.certificate, trust_anchors, input.revoked_anchor_ids);
+    if (!anchor.ok) {
+        return {
+            ok: false,
+            reason: anchor.reason === 'unknown_issuer'
+                ? 'unknown_issuer'
+                : anchor.reason === 'revoked_anchor'
+                    ? 'revoked_anchor'
+                    : 'binding_mismatch',
+        };
+    }
+    // 7. Downgrade detection: the chosen_version MUST be the highest
+    //    we and the peer both support. If peer's supported_versions in
+    //    the embedded cert offers something higher that we also accept,
+    //    a downgrade was forced.
+    const peerSupported = attest.certificate.supported_versions;
+    const expectedChoice = chooseVersion(peerSupported, policy.accepted_versions);
+    if (expectedChoice !== null && expectedChoice !== attest.chosen_version) {
+        return { ok: false, reason: 'downgrade_detected' };
+    }
+    // 8. Agent grade policy (only applies when peer is an agent)
+    if (attest.certificate.role === 'agent' && policy.min_agent_grade !== undefined) {
+        const grade = attest.certificate.attestation_grade ?? 0;
+        if (grade < policy.min_agent_grade) {
+            return { ok: false, reason: 'grade_insufficient' };
+        }
+    }
+    // 9. Required capabilities (policy check)
+    if (policy.required_capabilities && policy.required_capabilities.length > 0) {
+        const caps = attest.certificate.capabilities ?? [];
+        for (const required of policy.required_capabilities) {
+            if (!caps.includes(required)) {
+                return {
+                    ok: false,
+                    reason: 'binding_mismatch',
+                    detail: `missing_capability:${required}`,
+                };
+            }
+        }
+    }
+    // 10. Verify the attest signature itself (commits to chosen_version
+    //     + both nonces + cert — this is the downgrade defence).
+    const { signature_b64, ...rest } = attest;
+    const canonical = canonicalizeJCS(rest);
+    const sig_hex = Buffer.from(signature_b64, 'base64').toString('hex');
+    const sigOk = edVerifyHex(canonical, sig_hex, attest.certificate.subject_pubkey_hex);
+    if (!sigOk)
+        return { ok: false, reason: 'signature_invalid', detail: 'attest' };
+    return { ok: true };
+}
+// ── Session derivation ──
+/** Derive the shared session record from both sides' Attests. Both
+ *  parties MUST compute identical session_id values given identical
+ *  inputs (canonical JCS + sha256). */
+export function deriveSession(agent_attest, is_attest, policy, now_ms) {
+    if (agent_attest.chosen_version !== is_attest.chosen_version) {
+        return { ok: false, failure: { reason: 'downgrade_detected' } };
+    }
+    if (agent_attest.certificate.role !== 'agent') {
+        return {
+            ok: false,
+            failure: { reason: 'binding_mismatch', detail: 'agent_attest_role' },
+        };
+    }
+    if (is_attest.certificate.role !== 'information_system') {
+        return {
+            ok: false,
+            failure: { reason: 'binding_mismatch', detail: 'is_attest_role' },
+        };
+    }
+    const agent_cert_id = certificateId(agent_attest.certificate);
+    const is_cert_id = certificateId(is_attest.certificate);
+    const sessionMaterial = canonicalizeJCS({
+        spec_version: SPEC_VERSION,
+        chosen_version: agent_attest.chosen_version,
+        agent_cert_id,
+        is_cert_id,
+        agent_nonce_b64: agent_attest.own_nonce_b64,
+        is_nonce_b64: is_attest.own_nonce_b64,
+    });
+    const session_id = 'sha256:' + createHash('sha256').update(sessionMaterial).digest('hex');
+    const max_session = policy.max_session_ms ??
+        Math.min(agent_attest.certificate.not_after, is_attest.certificate.not_after) - now_ms;
+    const session = {
+        spec_version: SPEC_VERSION,
+        session_id,
+        agent_cert: agent_attest.certificate,
+        is_cert: is_attest.certificate,
+        chosen_version: agent_attest.chosen_version,
+        agent_nonce_b64: agent_attest.own_nonce_b64,
+        is_nonce_b64: is_attest.own_nonce_b64,
+        established_at: now_ms,
+        expires_at: now_ms + Math.max(0, max_session),
+    };
+    if (session.expires_at <= session.established_at) {
+        return { ok: false, failure: { reason: 'expired_session' } };
+    }
+    return { ok: true, session };
+}
+/** Check whether a MutualAuthSession is still alive. */
+export function isSessionActive(session, now_ms) {
+    return (now_ms >= session.established_at &&
+        now_ms <= session.expires_at &&
+        now_ms <= session.agent_cert.not_after &&
+        now_ms <= session.is_cert.not_after);
+}
+//# sourceMappingURL=handshake.js.map

package/dist/src/v2/mutual-auth/handshake.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"handshake.js","sourceRoot":"","sources":["../../../../src/v2/mutual-auth/handshake.ts"],"names":[],"mappings":"AAAA,0EAA0E;AAC1E,qEAAqE;AACrE,kDAAkD;AAClD,qEAAqE;AACrE,QAAQ;AACR,qEAAqE;AACrE,oEAAoE;AACpE,iEAAiE;AACjE,uBAAuB;AACvB,gEAAgE;AAChE,qEAAqE;AACrE,kDAAkD;AAClD,gEAAgE;AAChE,8CAA8C;AAC9C,EAAE;AACF,qBAAqB;AACrB,iEAAiE;AACjE,gEAAgE;AAChE,mEAAmE;AACnE,iEAAiE;AACjE,mBAAmB;AACnB,EAAE;AACF,kBAAkB;AAClB,mEAAmE;AACnE,iEAAiE;AACjE,iBAAiB;AACjB,qEAAqE;AAErE,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AACrD,OAAO,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAA;AAC7D,OAAO,EAAE,IAAI,IAAI,SAAS,EAAE,MAAM,IAAI,WAAW,EAAE,MAAM,sBAAsB,CAAA;AAC/E,OAAO,EACL,aAAa,EACb,WAAW,EACX,4BAA4B,EAC5B,0BAA0B,GAC3B,MAAM,kBAAkB,CAAA;AAazB,MAAM,YAAY,GAAG,KAAc,CAAA;AAEnC,yBAAyB;AAEzB,MAAM,UAAU,QAAQ;IACtB,OAAO,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;AAC3C,CAAC;AAED,cAAc;AAEd,MAAM,UAAU,UAAU,CACxB,IAAoB,EACpB,kBAA4B,EAC5B,MAAc,EACd,SAAS,GAAG,QAAQ,EAAE;IAEtB,OAAO;QACL,YAAY,EAAE,YAAY;QAC1B,IAAI;QACJ,kBAAkB;QAClB,SAAS;QACT,SAAS,EAAE,MAAM;KAClB,CAAA;AACH,CAAC;AAED,4BAA4B;AAE5B;mEACmE;AACnE,MAAM,UAAU,aAAa,CAC3B,cAAwB,EACxB,YAAsB;IAEtB,KAAK,MAAM,CAAC,IAAI,YAAY,EAAE,CAAC;QAC7B,IAAI,cAAc,CAAC,QAAQ,CAAC,CAAC,CAAC;YAAE,OAAO,CAAC,CAAA;IAC1C,CAAC;IACD,OAAO,IAAI,CAAA;AACb,CAAC;AAaD,MAAM,UAAU,WAAW,CACzB,KAAuB,EACvB,UAAkB;IAElB,MAAM,QAAQ,GAA4C;QACxD,YAAY,EAAE,YAAY;QAC1B,IAAI,EAAE,KAAK,CAAC,IAAI;QAChB,cAAc,EAAE,KAAK,CAAC,cAAc;QACpC,aAAa,EAAE,KAAK,CAAC,aAAa;QAClC,cAAc,EAAE,KAAK,CAAC,cAAc;QACpC,WAAW,EAAE,KAAK,CAAC,WAAW;QAC9B,SAAS,EAAE,KAAK,CAAC,MAAM;KACxB,CAAA;IACD,MAAM,SAAS,GAAG,eAAe,CAAC,QAAQ,CAAC,CAAA;IAC3C,MAAM,OAAO,GAAG,SAAS,CAAC,SAAS,EAAE,UAAU,CAAC,CAAA;IAChD,OAAO;QACL,GAAG,QAAQ;QACX,aAAa,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC;KAC9D,CAAA;AACH,CAAC;AAoBD,MAAM,UAAU,YAAY,CAAC,KAAwB;IACnD,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,EAAE,GAAG,KAAK,CAAA;IACvD,MAAM,IAAI,GAAG,MAAM,CAAC,iBAAiB,IAAI,CAAC,CAAA;IAE1C,8CAA8C;IAC9C,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,QAAQ,CAAC,MAAM,CAAC,cAAc,CAAC,EAAE,CAAC;QAC9D,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,qBAAqB,EAAE,CAAA;IACrD,CAAC;IAED,8DAA8D;IAC9D,IAAI,MAAM,CAAC,cAAc,KAAK,KAAK,CAAC,uBAAuB,EAAE,CAAC;QAC5D,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,gBAAgB,EAAE,MAAM,EAAE,YAAY,EAAE,CAAA;IACtE,CAAC;IACD,IAAI,MAAM,CAAC,aAAa,KAAK,KAAK,CAAC,sBAAsB,EAAE,CAAC;QAC1D,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,gBAAgB,EAAE,MAAM,EAAE,WAAW,EAAE,CAAA;IACrE,CAAC;IAED,yCAAyC;IACzC,IAAI,IAAI,CAAC,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,EAAE,CAAC;QACjE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,iBAAiB,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAA;IAC3E,CAAC;IAED,mDAAmD;IACnD,MAAM,QAAQ,GAAG,4BAA4B,CAC3C,MAAM,CAAC,WAAW,EAClB,MAAM,EACN,IAAI,CACL,CAAA;IACD,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EACJ,QAAQ,CAAC,MAAM,KAAK,SAAS;gBAC3B,CAAC,CAAC,qBAAqB;gBACvB,CAAC,CAAC,QAAQ,CAAC,MAAM,KAAK,eAAe;oBACnC,CAAC,CAAC,2BAA2B;oBAC7B,CAAC,CAAC,mBAAmB;SAC5B,CAAA;IACH,CAAC;IAED,uCAAuC;IACvC,MAAM,OAAO,GAAG,0BAA0B,CAAC,MAAM,CAAC,WAAW,CAAC,CAAA;IAC9D,IAAI,CAAC,OAAO,CAAC,EAAE,EAAE,CAAC;QAChB,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,mBAAmB,EAAE,MAAM,EAAE,aAAa,EAAE,CAAA;IAC1E,CAAC;IAED,6DAA6D;IAC7D,MAAM,MAAM,GAAG,WAAW,CACxB,MAAM,CAAC,WAAW,EAClB,aAAa,EACb,KAAK,CAAC,kBAAkB,CACzB,CAAA;IACD,IAAI,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC;QACf,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EACJ,MAAM,CAAC,MAAM,KAAK,gBAAgB;gBAChC,CAAC,CAAC,gBAAgB;gBAClB,CAAC,CAAC,MAAM,CAAC,MAAM,KAAK,gBAAgB;oBAClC,CAAC,CAAC,gBAAgB;oBAClB,CAAC,CAAC,kBAAkB;SAC3B,CAAA;IACH,CAAC;IAED,iEAAiE;IACjE,mEAAmE;IACnE,oEAAoE;IACpE,6BAA6B;IAC7B,MAAM,aAAa,GAAG,MAAM,CAAC,WAAW,CAAC,kBAAkB,CAAA;IAC3D,MAAM,cAAc,GAAG,aAAa,CAAC,aAAa,EAAE,MAAM,CAAC,iBAAiB,CAAC,CAAA;IAC7E,IAAI,cAAc,KAAK,IAAI,IAAI,cAAc,KAAK,MAAM,CAAC,cAAc,EAAE,CAAC;QACxE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,oBAAoB,EAAE,CAAA;IACpD,CAAC;IAED,6DAA6D;IAC7D,IAAI,MAAM,CAAC,WAAW,CAAC,IAAI,KAAK,OAAO,IAAI,MAAM,CAAC,eAAe,KAAK,SAAS,EAAE,CAAC;QAChF,MAAM,KAAK,GAAG,MAAM,CAAC,WAAW,CAAC,iBAAiB,IAAI,CAAC,CAAA;QACvD,IAAI,KAAK,GAAG,MAAM,CAAC,eAAe,EAAE,CAAC;YACnC,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,oBAAoB,EAAE,CAAA;QACpD,CAAC;IACH,CAAC;IAED,0CAA0C;IAC1C,IAAI,MAAM,CAAC,qBAAqB,IAAI,MAAM,CAAC,qBAAqB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5E,MAAM,IAAI,GAAG,MAAM,CAAC,WAAW,CAAC,YAAY,IAAI,EAAE,CAAA;QAClD,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,qBAAqB,EAAE,CAAC;YACpD,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC7B,OAAO;oBACL,EAAE,EAAE,KAAK;oBACT,MAAM,EAAE,kBAAkB;oBAC1B,MAAM,EAAE,sBAAsB,QAAQ,EAAE;iBACzC,CAAA;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,oEAAoE;IACpE,6DAA6D;IAC7D,MAAM,EAAE,aAAa,EAAE,GAAG,IAAI,EAAE,GAAG,MAAM,CAAA;IACzC,MAAM,SAAS,GAAG,eAAe,CAAC,IAAI,CAAC,CAAA;IACvC,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;IACpE,MAAM,KAAK,GAAG,WAAW,CACvB,SAAS,EACT,OAAO,EACP,MAAM,CAAC,WAAW,CAAC,kBAAkB,CACtC,CAAA;IACD,IAAI,CAAC,KAAK;QAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,mBAAmB,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAA;IAE/E,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,CAAA;AACrB,CAAC;AAED,2BAA2B;AAE3B;;uCAEuC;AACvC,MAAM,UAAU,aAAa,CAC3B,YAA8B,EAC9B,SAA2B,EAC3B,MAAwB,EACxB,MAAc;IAEd,IAAI,YAAY,CAAC,cAAc,KAAK,SAAS,CAAC,cAAc,EAAE,CAAC;QAC7D,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,MAAM,EAAE,oBAAoB,EAAE,EAAE,CAAA;IACjE,CAAC;IACD,IAAI,YAAY,CAAC,WAAW,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;QAC9C,OAAO;YACL,EAAE,EAAE,KAAK;YACT,OAAO,EAAE,EAAE,MAAM,EAAE,kBAAkB,EAAE,MAAM,EAAE,mBAAmB,EAAE;SACrE,CAAA;IACH,CAAC;IACD,IAAI,SAAS,CAAC,WAAW,CAAC,IAAI,KAAK,oBAAoB,EAAE,CAAC;QACxD,OAAO;YACL,EAAE,EAAE,KAAK;YACT,OAAO,EAAE,EAAE,MAAM,EAAE,kBAAkB,EAAE,MAAM,EAAE,gBAAgB,EAAE;SAClE,CAAA;IACH,CAAC;IAED,MAAM,aAAa,GAAG,aAAa,CAAC,YAAY,CAAC,WAAW,CAAC,CAAA;IAC7D,MAAM,UAAU,GAAG,aAAa,CAAC,SAAS,CAAC,WAAW,CAAC,CAAA;IAEvD,MAAM,eAAe,GAAG,eAAe,CAAC;QACtC,YAAY,EAAE,YAAY;QAC1B,cAAc,EAAE,YAAY,CAAC,cAAc;QAC3C,aAAa;QACb,UAAU;QACV,eAAe,EAAE,YAAY,CAAC,aAAa;QAC3C,YAAY,EAAE,SAAS,CAAC,aAAa;KACtC,CAAC,CAAA;IACF,MAAM,UAAU,GAAG,SAAS,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;IAEzF,MAAM,WAAW,GACf,MAAM,CAAC,cAAc;QACrB,IAAI,CAAC,GAAG,CACN,YAAY,CAAC,WAAW,CAAC,SAAS,EAClC,SAAS,CAAC,WAAW,CAAC,SAAS,CAChC,GAAG,MAAM,CAAA;IAEZ,MAAM,OAAO,GAAsB;QACjC,YAAY,EAAE,YAAY;QAC1B,UAAU;QACV,UAAU,EAAE,YAAY,CAAC,WAAW;QACpC,OAAO,EAAE,SAAS,CAAC,WAAW;QAC9B,cAAc,EAAE,YAAY,CAAC,cAAc;QAC3C,eAAe,EAAE,YAAY,CAAC,aAAa;QAC3C,YAAY,EAAE,SAAS,CAAC,aAAa;QACrC,cAAc,EAAE,MAAM;QACtB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,WAAW,CAAC;KAC9C,CAAA;IAED,IAAI,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;QACjD,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,MAAM,EAAE,iBAAiB,EAAE,EAAE,CAAA;IAC9D,CAAC;IAED,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAA;AAC9B,CAAC;AAED,wDAAwD;AACxD,MAAM,UAAU,eAAe,CAC7B,OAA0B,EAC1B,MAAc;IAEd,OAAO,CACL,MAAM,IAAI,OAAO,CAAC,cAAc;QAChC,MAAM,IAAI,OAAO,CAAC,UAAU;QAC5B,MAAM,IAAI,OAAO,CAAC,UAAU,CAAC,SAAS;QACtC,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC,SAAS,CACpC,CAAA;AACH,CAAC"}

package/dist/src/v2/mutual-auth/index.d.ts

@@ -0,0 +1,8 @@
+export type { MutualAuthRole, MutualAuthCertificate, MutualAuthHello, MutualAuthAttest, MutualAuthSession, MutualAuthResult, MutualAuthPolicy, MutualAuthFailureReason, TrustAnchor, TrustAnchorBundle, AgentCertBinding, } from './types.js';
+export { buildCertificate, signCertificate, certificateId, verifyCertificateSignature, isCertificateTemporallyValid, checkAnchor, } from './certificate.js';
+export type { BuildCertificateInput, VerifyCertificateOutcome, AnchorCheckOutcome, } from './certificate.js';
+export { buildBundle, signBundle, verifyBundle, } from './trust-bundle.js';
+export type { BuildBundleInput, BundleVerifyOutcome, BundleVerifyReason, } from './trust-bundle.js';
+export { newNonce, buildHello, chooseVersion, buildAttest, verifyAttest, deriveSession, isSessionActive, } from './handshake.js';
+export type { BuildAttestInput, VerifyAttestInput, VerifyAttestOutcome, } from './handshake.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/src/v2/mutual-auth/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/v2/mutual-auth/index.ts"],"names":[],"mappings":"AAKA,YAAY,EACV,cAAc,EACd,qBAAqB,EACrB,eAAe,EACf,gBAAgB,EAChB,iBAAiB,EACjB,gBAAgB,EAChB,gBAAgB,EAChB,uBAAuB,EACvB,WAAW,EACX,iBAAiB,EACjB,gBAAgB,GACjB,MAAM,YAAY,CAAA;AAEnB,OAAO,EACL,gBAAgB,EAChB,eAAe,EACf,aAAa,EACb,0BAA0B,EAC1B,4BAA4B,EAC5B,WAAW,GACZ,MAAM,kBAAkB,CAAA;AAEzB,YAAY,EACV,qBAAqB,EACrB,wBAAwB,EACxB,kBAAkB,GACnB,MAAM,kBAAkB,CAAA;AAEzB,OAAO,EACL,WAAW,EACX,UAAU,EACV,YAAY,GACb,MAAM,mBAAmB,CAAA;AAE1B,YAAY,EACV,gBAAgB,EAChB,mBAAmB,EACnB,kBAAkB,GACnB,MAAM,mBAAmB,CAAA;AAE1B,OAAO,EACL,QAAQ,EACR,UAAU,EACV,aAAa,EACb,WAAW,EACX,YAAY,EACZ,aAAa,EACb,eAAe,GAChB,MAAM,gBAAgB,CAAA;AAEvB,YAAY,EACV,gBAAgB,EAChB,iBAAiB,EACjB,mBAAmB,GACpB,MAAM,gBAAgB,CAAA"}

package/dist/src/v2/mutual-auth/index.js

@@ -0,0 +1,8 @@
+// Copyright 2024-2026 Tymofii Pidlisnyi. Apache-2.0 license. See LICENSE.
+// ══════════════════════════════════════════════════════════════════
+// Mutual Authentication v1 — module surface
+// ══════════════════════════════════════════════════════════════════
+export { buildCertificate, signCertificate, certificateId, verifyCertificateSignature, isCertificateTemporallyValid, checkAnchor, } from './certificate.js';
+export { buildBundle, signBundle, verifyBundle, } from './trust-bundle.js';
+export { newNonce, buildHello, chooseVersion, buildAttest, verifyAttest, deriveSession, isSessionActive, } from './handshake.js';
+//# sourceMappingURL=index.js.map

package/dist/src/v2/mutual-auth/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/v2/mutual-auth/index.ts"],"names":[],"mappings":"AAAA,0EAA0E;AAC1E,qEAAqE;AACrE,4CAA4C;AAC5C,qEAAqE;AAgBrE,OAAO,EACL,gBAAgB,EAChB,eAAe,EACf,aAAa,EACb,0BAA0B,EAC1B,4BAA4B,EAC5B,WAAW,GACZ,MAAM,kBAAkB,CAAA;AAQzB,OAAO,EACL,WAAW,EACX,UAAU,EACV,YAAY,GACb,MAAM,mBAAmB,CAAA;AAQ1B,OAAO,EACL,QAAQ,EACR,UAAU,EACV,aAAa,EACb,WAAW,EACX,YAAY,EACZ,aAAa,EACb,eAAe,GAChB,MAAM,gBAAgB,CAAA"}

package/dist/src/v2/mutual-auth/trust-bundle.d.ts

@@ -0,0 +1,20 @@
+import type { TrustAnchorBundle, TrustAnchor } from './types.js';
+export interface BuildBundleInput {
+    bundle_id: string;
+    anchors: TrustAnchor[];
+    issued_at: number;
+    refresh_after: number;
+    revoked_anchors?: string[];
+}
+export declare function buildBundle(input: BuildBundleInput, publisher_pubkey_hex: string): Omit<TrustAnchorBundle, 'signature_b64'>;
+export declare function signBundle(unsigned: Omit<TrustAnchorBundle, 'signature_b64'>, publisher_sk_hex: string): TrustAnchorBundle;
+export type BundleVerifyReason = 'signature_invalid' | 'untrusted_publisher' | 'bundle_expired' | 'not_yet_valid';
+export interface BundleVerifyOutcome {
+    ok: boolean;
+    reason?: BundleVerifyReason;
+}
+/** Verify a bundle's signature and freshness. The verifier supplies
+ *  a root-trusted publisher key list; the bundle MUST be signed by
+ *  one of them, not merely self-signed. */
+export declare function verifyBundle(bundle: TrustAnchorBundle, trusted_publisher_pubkeys_hex: string[], now_ms: number): BundleVerifyOutcome;
+//# sourceMappingURL=trust-bundle.d.ts.map

package/dist/src/v2/mutual-auth/trust-bundle.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"trust-bundle.d.ts","sourceRoot":"","sources":["../../../../src/v2/mutual-auth/trust-bundle.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAAE,iBAAiB,EAAE,WAAW,EAAE,MAAM,YAAY,CAAA;AAMhE,MAAM,WAAW,gBAAgB;IAC/B,SAAS,EAAE,MAAM,CAAA;IACjB,OAAO,EAAE,WAAW,EAAE,CAAA;IACtB,SAAS,EAAE,MAAM,CAAA;IACjB,aAAa,EAAE,MAAM,CAAA;IACrB,eAAe,CAAC,EAAE,MAAM,EAAE,CAAA;CAC3B;AAED,wBAAgB,WAAW,CACzB,KAAK,EAAE,gBAAgB,EACvB,oBAAoB,EAAE,MAAM,GAC3B,IAAI,CAAC,iBAAiB,EAAE,eAAe,CAAC,CAU1C;AAED,wBAAgB,UAAU,CACxB,QAAQ,EAAE,IAAI,CAAC,iBAAiB,EAAE,eAAe,CAAC,EAClD,gBAAgB,EAAE,MAAM,GACvB,iBAAiB,CAKnB;AAID,MAAM,MAAM,kBAAkB,GAC1B,mBAAmB,GACnB,qBAAqB,GACrB,gBAAgB,GAChB,eAAe,CAAA;AAEnB,MAAM,WAAW,mBAAmB;IAClC,EAAE,EAAE,OAAO,CAAA;IACX,MAAM,CAAC,EAAE,kBAAkB,CAAA;CAC5B;AAED;;2CAE2C;AAC3C,wBAAgB,YAAY,CAC1B,MAAM,EAAE,iBAAiB,EACzB,6BAA6B,EAAE,MAAM,EAAE,EACvC,MAAM,EAAE,MAAM,GACb,mBAAmB,CAcrB"}

package/dist/src/v2/mutual-auth/trust-bundle.js

@@ -0,0 +1,45 @@
+// Copyright 2024-2026 Tymofii Pidlisnyi. Apache-2.0 license. See LICENSE.
+// ══════════════════════════════════════════════════════════════════
+// Mutual Authentication v1 — trust anchor bundle build, sign, verify
+// ══════════════════════════════════════════════════════════════════
+import { canonicalizeJCS } from '../../core/canonical-jcs.js';
+import { sign as edSignHex, verify as edVerifyHex } from '../../crypto/keys.js';
+const SPEC_VERSION = '1.0';
+export function buildBundle(input, publisher_pubkey_hex) {
+    return {
+        spec_version: SPEC_VERSION,
+        bundle_id: input.bundle_id,
+        issued_at: input.issued_at,
+        anchors: input.anchors,
+        refresh_after: input.refresh_after,
+        revoked_anchors: input.revoked_anchors,
+        publisher_pubkey_hex,
+    };
+}
+export function signBundle(unsigned, publisher_sk_hex) {
+    const canonical = canonicalizeJCS(unsigned);
+    const sig_hex = edSignHex(canonical, publisher_sk_hex);
+    const sig_b64 = Buffer.from(sig_hex, 'hex').toString('base64');
+    return { ...unsigned, signature_b64: sig_b64 };
+}
+/** Verify a bundle's signature and freshness. The verifier supplies
+ *  a root-trusted publisher key list; the bundle MUST be signed by
+ *  one of them, not merely self-signed. */
+export function verifyBundle(bundle, trusted_publisher_pubkeys_hex, now_ms) {
+    if (!trusted_publisher_pubkeys_hex.includes(bundle.publisher_pubkey_hex)) {
+        return { ok: false, reason: 'untrusted_publisher' };
+    }
+    const { signature_b64, ...rest } = bundle;
+    const canonical = canonicalizeJCS(rest);
+    const sig_hex = Buffer.from(signature_b64, 'base64').toString('hex');
+    const ok = edVerifyHex(canonical, sig_hex, bundle.publisher_pubkey_hex);
+    if (!ok)
+        return { ok: false, reason: 'signature_invalid' };
+    if (now_ms < bundle.issued_at)
+        return { ok: false, reason: 'not_yet_valid' };
+    if (now_ms > bundle.refresh_after) {
+        return { ok: false, reason: 'bundle_expired' };
+    }
+    return { ok: true };
+}
+//# sourceMappingURL=trust-bundle.js.map

package/dist/src/v2/mutual-auth/trust-bundle.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"trust-bundle.js","sourceRoot":"","sources":["../../../../src/v2/mutual-auth/trust-bundle.ts"],"names":[],"mappings":"AAAA,0EAA0E;AAC1E,qEAAqE;AACrE,qEAAqE;AACrE,qEAAqE;AAErE,OAAO,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAA;AAC7D,OAAO,EAAE,IAAI,IAAI,SAAS,EAAE,MAAM,IAAI,WAAW,EAAE,MAAM,sBAAsB,CAAA;AAG/E,MAAM,YAAY,GAAG,KAAc,CAAA;AAYnC,MAAM,UAAU,WAAW,CACzB,KAAuB,EACvB,oBAA4B;IAE5B,OAAO;QACL,YAAY,EAAE,YAAY;QAC1B,SAAS,EAAE,KAAK,CAAC,SAAS;QAC1B,SAAS,EAAE,KAAK,CAAC,SAAS;QAC1B,OAAO,EAAE,KAAK,CAAC,OAAO;QACtB,aAAa,EAAE,KAAK,CAAC,aAAa;QAClC,eAAe,EAAE,KAAK,CAAC,eAAe;QACtC,oBAAoB;KACrB,CAAA;AACH,CAAC;AAED,MAAM,UAAU,UAAU,CACxB,QAAkD,EAClD,gBAAwB;IAExB,MAAM,SAAS,GAAG,eAAe,CAAC,QAAQ,CAAC,CAAA;IAC3C,MAAM,OAAO,GAAG,SAAS,CAAC,SAAS,EAAE,gBAAgB,CAAC,CAAA;IACtD,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;IAC9D,OAAO,EAAE,GAAG,QAAQ,EAAE,aAAa,EAAE,OAAO,EAAE,CAAA;AAChD,CAAC;AAeD;;2CAE2C;AAC3C,MAAM,UAAU,YAAY,CAC1B,MAAyB,EACzB,6BAAuC,EACvC,MAAc;IAEd,IAAI,CAAC,6BAA6B,CAAC,QAAQ,CAAC,MAAM,CAAC,oBAAoB,CAAC,EAAE,CAAC;QACzE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,qBAAqB,EAAE,CAAA;IACrD,CAAC;IACD,MAAM,EAAE,aAAa,EAAE,GAAG,IAAI,EAAE,GAAG,MAAM,CAAA;IACzC,MAAM,SAAS,GAAG,eAAe,CAAC,IAAI,CAAC,CAAA;IACvC,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;IACpE,MAAM,EAAE,GAAG,WAAW,CAAC,SAAS,EAAE,OAAO,EAAE,MAAM,CAAC,oBAAoB,CAAC,CAAA;IACvE,IAAI,CAAC,EAAE;QAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,mBAAmB,EAAE,CAAA;IAC1D,IAAI,MAAM,GAAG,MAAM,CAAC,SAAS;QAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,eAAe,EAAE,CAAA;IAC5E,IAAI,MAAM,GAAG,MAAM,CAAC,aAAa,EAAE,CAAC;QAClC,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAA;IAChD,CAAC;IACD,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,CAAA;AACrB,CAAC"}

package/dist/src/v2/mutual-auth/types.d.ts

@@ -0,0 +1,145 @@
+import type { SignedPassport, Delegation } from '../../types/passport.js';
+/** Role of the party this certificate identifies. */
+export type MutualAuthRole = 'agent' | 'information_system';
+/** Minimal certificate carried by a party for mutual-auth handshake.
+ *
+ *  For an agent, the certificate is a thin wrapper over the existing
+ *  APS passport plus active delegation context. For an IS, it is a
+ *  first-class shape this module defines: a signed statement that
+ *  this endpoint is authorized to serve the named resource domain.
+ */
+export interface MutualAuthCertificate {
+    spec_version: '1.0';
+    role: MutualAuthRole;
+    subject_id: string;
+    issuer_id: string;
+    issuer_role: MutualAuthRole | 'trust_anchor';
+    issuer_pubkey_hex: string;
+    subject_pubkey_hex: string;
+    /** Earliest time this cert is valid (unix ms). */
+    not_before: number;
+    /** Latest time this cert is valid (unix ms). */
+    not_after: number;
+    /** For agents: APS passport agent_id they are acting under.
+     *  For IS: resource domain they are authorized to serve
+     *  (e.g. "api.bank.example.com"). */
+    binding: string;
+    /** Optional APS attestation grade for an agent cert (0..3). */
+    attestation_grade?: 0 | 1 | 2 | 3;
+    /** Protocol versions the subject supports, highest first. Used for
+     *  downgrade-attack detection during handshake. */
+    supported_versions: string[];
+    /** Optional list of session-level capabilities this cert grants.
+     *  Treated as a set; absence means no capabilities. */
+    capabilities?: string[];
+    /** Ed25519 signature over the canonical form of this object with
+     *  `signature_b64` omitted. */
+    signature_b64: string;
+}
+/** Self-contained trust anchor entry carried locally by a party.
+ *  Local verification matches a certificate's `issuer_pubkey_hex`
+ *  against this list. No network call is performed. */
+export interface TrustAnchor {
+    anchor_id: string;
+    display_name: string;
+    role: MutualAuthRole | 'trust_anchor';
+    pubkey_hex: string;
+    not_before: number;
+    not_after: number;
+    /** Optional: constrain this anchor to vouch only for certs whose
+     *  `binding` matches one of these patterns (glob, prefix, or
+     *  exact). Empty/omitted means unconstrained. */
+    binding_constraints?: string[];
+}
+export interface TrustAnchorBundle {
+    spec_version: '1.0';
+    bundle_id: string;
+    issued_at: number;
+    anchors: TrustAnchor[];
+    /** Parties carrying this bundle refresh it at or before this time. */
+    refresh_after: number;
+    /** Optional: short-form revocation of specific anchor_ids that were
+     *  valid in a prior bundle snapshot. */
+    revoked_anchors?: string[];
+    /** Signature over the canonical form with `signature_b64` omitted,
+     *  by the bundle publisher's Ed25519 key. Verifiers MAY additionally
+     *  require the bundle to be signed by a configured root key. */
+    signature_b64: string;
+    /** Publisher pubkey (hex). Must itself be trusted by root
+     *  configuration, not by the bundle alone. */
+    publisher_pubkey_hex: string;
+}
+/** One nonce round of the two-way handshake. */
+export interface MutualAuthHello {
+    spec_version: '1.0';
+    role: MutualAuthRole;
+    supported_versions: string[];
+    nonce_b64: string;
+    /** Timestamp (unix ms) the initiator produced the hello. */
+    timestamp: number;
+}
+/** Response a party returns after validating the counterparty's
+ *  certificate. The signature commits the party to
+ *    (chosen_version || peer_nonce_b64 || own_nonce_b64 || own_cert_id)
+ *  which is the downgrade-attack defence. */
+export interface MutualAuthAttest {
+    spec_version: '1.0';
+    role: MutualAuthRole;
+    chosen_version: string;
+    own_nonce_b64: string;
+    peer_nonce_b64: string;
+    certificate: MutualAuthCertificate;
+    /** Signature over the canonical form with `signature_b64` omitted.
+     *  The canonical form MUST include chosen_version, both nonces,
+     *  and the embedded certificate. */
+    signature_b64: string;
+    /** Timestamp (unix ms). */
+    timestamp: number;
+}
+export interface MutualAuthSession {
+    spec_version: '1.0';
+    /** Stable content-hash identifier for this session. */
+    session_id: string;
+    agent_cert: MutualAuthCertificate;
+    is_cert: MutualAuthCertificate;
+    chosen_version: string;
+    agent_nonce_b64: string;
+    is_nonce_b64: string;
+    established_at: number;
+    /** Session ends at or before this time; both sides enforce. */
+    expires_at: number;
+}
+export type MutualAuthFailureReason = 'expired_certificate' | 'not_yet_valid_certificate' | 'unknown_issuer' | 'revoked_anchor' | 'signature_invalid' | 'binding_mismatch' | 'downgrade_detected' | 'nonce_mismatch' | 'version_unsupported' | 'expired_session' | 'replay_detected' | 'grade_insufficient';
+export interface MutualAuthResult {
+    ok: boolean;
+    session?: MutualAuthSession;
+    failure?: {
+        reason: MutualAuthFailureReason;
+        detail?: string;
+    };
+}
+/** Local trust policy a party applies when accepting a peer cert. */
+export interface MutualAuthPolicy {
+    /** Minimum agent attestation grade (0..3). Only applies when the
+     *  peer is an agent. */
+    min_agent_grade?: 0 | 1 | 2 | 3;
+    /** Protocol versions this party accepts, highest preference first. */
+    accepted_versions: string[];
+    /** Required capabilities the peer cert must carry. */
+    required_capabilities?: string[];
+    /** Maximum allowed clock skew (milliseconds) when comparing
+     *  timestamps. */
+    max_clock_skew_ms?: number;
+    /** Maximum session lifetime accepted (milliseconds). */
+    max_session_ms?: number;
+}
+/** Signed envelope binding an APS passport + active delegation into
+ *  a MutualAuthCertificate. This is how an agent carries its APS
+ *  identity into the mutual-auth layer without changing the passport
+ *  spec itself. */
+export interface AgentCertBinding {
+    passport: SignedPassport;
+    delegation: Delegation;
+    certificate: MutualAuthCertificate;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/src/v2/mutual-auth/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../../src/v2/mutual-auth/types.ts"],"names":[],"mappings":"AAkBA,OAAO,KAAK,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAA;AAIzE,qDAAqD;AACrD,MAAM,MAAM,cAAc,GAAG,OAAO,GAAG,oBAAoB,CAAA;AAE3D;;;;;;GAMG;AACH,MAAM,WAAW,qBAAqB;IACpC,YAAY,EAAE,KAAK,CAAA;IACnB,IAAI,EAAE,cAAc,CAAA;IACpB,UAAU,EAAE,MAAM,CAAA;IAClB,SAAS,EAAE,MAAM,CAAA;IACjB,WAAW,EAAE,cAAc,GAAG,cAAc,CAAA;IAC5C,iBAAiB,EAAE,MAAM,CAAA;IACzB,kBAAkB,EAAE,MAAM,CAAA;IAC1B,kDAAkD;IAClD,UAAU,EAAE,MAAM,CAAA;IAClB,gDAAgD;IAChD,SAAS,EAAE,MAAM,CAAA;IACjB;;yCAEqC;IACrC,OAAO,EAAE,MAAM,CAAA;IACf,+DAA+D;IAC/D,iBAAiB,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;IACjC;uDACmD;IACnD,kBAAkB,EAAE,MAAM,EAAE,CAAA;IAC5B;2DACuD;IACvD,YAAY,CAAC,EAAE,MAAM,EAAE,CAAA;IACvB;mCAC+B;IAC/B,aAAa,EAAE,MAAM,CAAA;CACtB;AAID;;uDAEuD;AACvD,MAAM,WAAW,WAAW;IAC1B,SAAS,EAAE,MAAM,CAAA;IACjB,YAAY,EAAE,MAAM,CAAA;IACpB,IAAI,EAAE,cAAc,GAAG,cAAc,CAAA;IACrC,UAAU,EAAE,MAAM,CAAA;IAClB,UAAU,EAAE,MAAM,CAAA;IAClB,SAAS,EAAE,MAAM,CAAA;IACjB;;qDAEiD;IACjD,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAA;CAC/B;AAED,MAAM,WAAW,iBAAiB;IAChC,YAAY,EAAE,KAAK,CAAA;IACnB,SAAS,EAAE,MAAM,CAAA;IACjB,SAAS,EAAE,MAAM,CAAA;IACjB,OAAO,EAAE,WAAW,EAAE,CAAA;IACtB,sEAAsE;IACtE,aAAa,EAAE,MAAM,CAAA;IACrB;4CACwC;IACxC,eAAe,CAAC,EAAE,MAAM,EAAE,CAAA;IAC1B;;oEAEgE;IAChE,aAAa,EAAE,MAAM,CAAA;IACrB;kDAC8C;IAC9C,oBAAoB,EAAE,MAAM,CAAA;CAC7B;AAID,gDAAgD;AAChD,MAAM,WAAW,eAAe;IAC9B,YAAY,EAAE,KAAK,CAAA;IACnB,IAAI,EAAE,cAAc,CAAA;IACpB,kBAAkB,EAAE,MAAM,EAAE,CAAA;IAC5B,SAAS,EAAE,MAAM,CAAA;IACjB,4DAA4D;IAC5D,SAAS,EAAE,MAAM,CAAA;CAClB;AAED;;;6CAG6C;AAC7C,MAAM,WAAW,gBAAgB;IAC/B,YAAY,EAAE,KAAK,CAAA;IACnB,IAAI,EAAE,cAAc,CAAA;IACpB,cAAc,EAAE,MAAM,CAAA;IACtB,aAAa,EAAE,MAAM,CAAA;IACrB,cAAc,EAAE,MAAM,CAAA;IACtB,WAAW,EAAE,qBAAqB,CAAA;IAClC;;wCAEoC;IACpC,aAAa,EAAE,MAAM,CAAA;IACrB,2BAA2B;IAC3B,SAAS,EAAE,MAAM,CAAA;CAClB;AAED,MAAM,WAAW,iBAAiB;IAChC,YAAY,EAAE,KAAK,CAAA;IACnB,uDAAuD;IACvD,UAAU,EAAE,MAAM,CAAA;IAClB,UAAU,EAAE,qBAAqB,CAAA;IACjC,OAAO,EAAE,qBAAqB,CAAA;IAC9B,cAAc,EAAE,MAAM,CAAA;IACtB,eAAe,EAAE,MAAM,CAAA;IACvB,YAAY,EAAE,MAAM,CAAA;IACpB,cAAc,EAAE,MAAM,CAAA;IACtB,+DAA+D;IAC/D,UAAU,EAAE,MAAM,CAAA;CACnB;AAID,MAAM,MAAM,uBAAuB,GAC/B,qBAAqB,GACrB,2BAA2B,GAC3B,gBAAgB,GAChB,gBAAgB,GAChB,mBAAmB,GACnB,kBAAkB,GAClB,oBAAoB,GACpB,gBAAgB,GAChB,qBAAqB,GACrB,iBAAiB,GACjB,iBAAiB,GACjB,oBAAoB,CAAA;AAExB,MAAM,WAAW,gBAAgB;IAC/B,EAAE,EAAE,OAAO,CAAA;IACX,OAAO,CAAC,EAAE,iBAAiB,CAAA;IAC3B,OAAO,CAAC,EAAE;QACR,MAAM,EAAE,uBAAuB,CAAA;QAC/B,MAAM,CAAC,EAAE,MAAM,CAAA;KAChB,CAAA;CACF;AAID,qEAAqE;AACrE,MAAM,WAAW,gBAAgB;IAC/B;4BACwB;IACxB,eAAe,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;IAC/B,sEAAsE;IACtE,iBAAiB,EAAE,MAAM,EAAE,CAAA;IAC3B,sDAAsD;IACtD,qBAAqB,CAAC,EAAE,MAAM,EAAE,CAAA;IAChC;sBACkB;IAClB,iBAAiB,CAAC,EAAE,MAAM,CAAA;IAC1B,wDAAwD;IACxD,cAAc,CAAC,EAAE,MAAM,CAAA;CACxB;AAID;;;mBAGmB;AACnB,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,EAAE,cAAc,CAAA;IACxB,UAAU,EAAE,UAAU,CAAA;IACtB,WAAW,EAAE,qBAAqB,CAAA;CACnC"}