{"version":3,"file":"KmsVerifyOptions.mjs","names":[],"sources":["../../../../src/modules/kms/options/KmsVerifyOptions.ts"],"sourcesContent":["import { z } from 'zod'\nimport { zAnyUint8Array } from '../../../utils/zod'\nimport { zKnownJwaSignatureAlgorithm } from '../jwk/jwa'\nimport type { KmsJwkPublic } from '../jwk/knownJwk'\nimport { zKmsJwkPublicAsymmetric } from '../jwk/knownJwk'\nimport { zKmsKeyId } from './common'\n\nexport const zKmsVerifyOptions = z.object({\n  /**\n   * The key to verify with. Either a string referring to a keyId, or a `KmsJwkPublicAsymmetric` for verifying with a\n   * public asymmetric JWK.\n   *\n   * It is currently not possible to verify a signature for a symmetric key\n   * that is not already present in the KMS.\n   */\n  key: z.union([\n    z.object({\n      keyId: zKmsKeyId,\n\n      // never helps with type narrowing\n      publicJwk: z.never().optional(),\n    }),\n    z.object({\n      publicJwk: zKmsJwkPublicAsymmetric,\n\n      // never helps with type narrowing\n      keyId: z.never().optional(),\n    }),\n  ]),\n\n  /**\n   * The JWA signature algorithm to use for verification\n   */\n  algorithm: zKnownJwaSignatureAlgorithm.describe('The JWA signature algorithm to use for verification'),\n\n  /**\n   * The data to verify\n   */\n  data: zAnyUint8Array.describe('The data to verify'),\n\n  /**\n   * The signature to verify the data against\n   */\n  signature: zAnyUint8Array.describe('The signature on the data to verify'),\n})\n\nexport type KmsVerifyOptions = z.output<typeof zKmsVerifyOptions>\n\nexport type KmsVerifyReturn =\n  | {\n      verified: true\n      publicJwk: KmsJwkPublic\n    }\n  | { verified: false }\n"],"mappings":";;;;;;;;;AAOA,MAAa,oBAAoB,EAAE,OAAO;CAQxC,KAAK,EAAE,MAAM,CACX,EAAE,OAAO;EACP,OAAO;EAGP,WAAW,EAAE,OAAO,CAAC,UAAU;EAChC,CAAC,EACF,EAAE,OAAO;EACP,WAAW;EAGX,OAAO,EAAE,OAAO,CAAC,UAAU;EAC5B,CAAC,CACH,CAAC;CAKF,WAAW,4BAA4B,SAAS,sDAAsD;CAKtG,MAAM,eAAe,SAAS,qBAAqB;CAKnD,WAAW,eAAe,SAAS,sCAAsC;CAC1E,CAAC"}