npm - dacument - Versions diffs - 1.0.1 → 1.2.0 - Mend

dacument 1.0.1 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/dist/Dacument/crypto.d.ts CHANGED Viewed

@@ -23,4 +23,7 @@ export declare function verifyToken(publicJwk: JsonWebKey, token: string, expect
     header: SignedHeader;
     payload: unknown;
 } | false>;
+export declare function validateActorKeyPair(privateJwk: JsonWebKey, publicJwk: JsonWebKey): Promise<void>;
+export declare function signDetached(privateJwk: JsonWebKey, payload: string): Promise<string>;
+export declare function verifyDetached(publicJwk: JsonWebKey, payload: string, signatureB64: string): Promise<boolean>;
 export {};

package/dist/Dacument/crypto.js CHANGED Viewed

@@ -1,5 +1,6 @@
 import { Bytes } from "bytecodec";
 import { SigningAgent, VerificationAgent } from "zeyra";
+const ACTOR_CHALLENGE = Bytes.fromString("dacument-actor-verify");
 function stableStringify(value) {
     if (value === null || typeof value !== "object")
         return JSON.stringify(value);
@@ -16,6 +17,11 @@ function decodePart(part) {
     const json = Bytes.toString(bytes);
     return JSON.parse(json);
 }
+function toArrayBuffer(bytes) {
+    const buffer = new ArrayBuffer(bytes.byteLength);
+    new Uint8Array(buffer).set(bytes);
+    return buffer;
+}
 export async function signToken(privateJwk, header, payload) {
     const headerJson = stableStringify(header);
     const payloadJson = stableStringify(payload);
@@ -59,6 +65,24 @@ export async function verifyToken(publicJwk, token, expectedTyp) {
     const verifier = new VerificationAgent(publicJwk);
     const signingInput = Bytes.fromString(`${headerB64}.${payloadB64}`);
     const signatureBytes = new Uint8Array(signature);
-    const ok = await verifier.verify(signingInput, signatureBytes.buffer);
+    const ok = await verifier.verify(signingInput, toArrayBuffer(signatureBytes));
     return ok ? { header, payload } : false;
 }
+export async function validateActorKeyPair(privateJwk, publicJwk) {
+    const signer = new SigningAgent(privateJwk);
+    const signatureBytes = new Uint8Array(await signer.sign(ACTOR_CHALLENGE));
+    const verifier = new VerificationAgent(publicJwk);
+    const ok = await verifier.verify(ACTOR_CHALLENGE, toArrayBuffer(signatureBytes));
+    if (!ok)
+        throw new Error("Dacument.setActorInfo: publicKeyJwk does not match privateKeyJwk");
+}
+export async function signDetached(privateJwk, payload) {
+    const signer = new SigningAgent(privateJwk);
+    const signature = await signer.sign(Bytes.fromString(payload));
+    return Bytes.toBase64UrlString(signature);
+}
+export async function verifyDetached(publicJwk, payload, signatureB64) {
+    const verifier = new VerificationAgent(publicJwk);
+    const signatureBytes = Bytes.fromBase64UrlString(signatureB64);
+    return verifier.verify(Bytes.fromString(payload), toArrayBuffer(signatureBytes));
+}

package/dist/Dacument/types.d.ts CHANGED Viewed

@@ -27,6 +27,11 @@ export type RolePublicKeys = {
     manager: JsonWebKey;
     editor: JsonWebKey;
 };
+export type ActorInfo = {
+    id: string;
+    privateKeyJwk: JsonWebKey;
+    publicKeyJwk: JsonWebKey;
+};
 export type RegisterSchema<T extends JsTypeName = JsTypeName> = {
     crdt: "register";
     jsType: T;
@@ -64,7 +69,7 @@ export type RecordSchema<T extends JsTypeName = JsTypeName> = {
 export type FieldSchema = RegisterSchema | TextSchema | ArraySchema | SetSchema | MapSchema | RecordSchema;
 export type SchemaDefinition = Record<string, FieldSchema>;
 export type SchemaId = string;
-export type OpKind = "acl.set" | "register.set" | "text.patch" | "array.patch" | "map.patch" | "set.patch" | "record.patch" | "ack";
+export type OpKind = "acl.set" | "register.set" | "text.patch" | "array.patch" | "map.patch" | "set.patch" | "record.patch" | "ack" | "reset";
 export type OpPayload = {
     iss: string;
     sub: string;
@@ -77,6 +82,17 @@ export type OpPayload = {
 };
 export type SignedOp = {
     token: string;
+    actorSig?: string;
+};
+export type ResetPatch = {
+    newDocId: string;
+    reason?: string;
+};
+export type ResetState = {
+    ts: HLCStamp;
+    by: string;
+    newDocId: string;
+    reason?: string;
 };
 export type DacumentChangeEvent = {
     type: "change";
@@ -100,11 +116,20 @@ export type DacumentRevokedEvent = {
     by: string;
     stamp: HLCStamp;
 };
+export type DacumentResetEvent = {
+    type: "reset";
+    oldDocId: string;
+    newDocId: string;
+    ts: HLCStamp;
+    by: string;
+    reason?: string;
+};
 export type DacumentEventMap = {
     change: DacumentChangeEvent;
     merge: DacumentMergeEvent;
     error: DacumentErrorEvent;
     revoked: DacumentRevokedEvent;
+    reset: DacumentResetEvent;
 };
 export type AclAssignment = {
     id: string;
@@ -112,6 +137,23 @@ export type AclAssignment = {
     role: Role;
     stamp: HLCStamp;
     by: string;
+    publicKeyJwk?: JsonWebKey;
+};
+export type VerifyActorIntegrityOptions = {
+    token?: string | SignedOp;
+    ops?: Array<string | SignedOp>;
+    snapshot?: DocSnapshot;
+};
+export type VerificationFailure = {
+    index: number;
+    reason: string;
+};
+export type VerificationResult = {
+    ok: boolean;
+    verified: number;
+    failed: number;
+    missing: number;
+    failures: VerificationFailure[];
 };
 export type DocSnapshot = {
     docId: string;

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "dacument",
-  "version": "1.0.1",
-  "description": "Schema-driven CRDT document with signed ops and role-based ACLs.",
+  "version": "1.2.0",
+  "description": "Schema-driven CRDT document with signed ops, role-based ACLs, and optional per-actor verification.",
   "keywords": [
     "crdt",
     "document",