import { Temporal } from "@js-temporal/polyfill"; import { URLPattern } from "urlpattern-polyfill"; import { S as KeyCache } from "./http-aQzN9Ayi.js"; import { CryptographicKey, DataIntegrityProof, Multikey, Object as Object$1 } from "@fedify/vocab"; import { TracerProvider } from "@opentelemetry/api"; import { DocumentLoader } from "@fedify/vocab-runtime"; //#region src/sig/ld.d.ts /** * A signature of a JSON-LD document. * @since 1.0.0 */ interface Signature { "@context"?: "https://w3id.org/identity/v1"; type: "RsaSignature2017"; id?: string; creator: string; created: string; signatureValue: string; } /** * Attaches a LD signature to the given JSON-LD document. * @param jsonLd The JSON-LD document to attach the signature to. It is not * modified. * @param signature The signature to attach. * @returns The JSON-LD document with the attached signature. * @throws {TypeError} If the input document is not a valid JSON-LD document. * @since 1.0.0 */ declare function attachSignature(jsonLd: unknown, signature: Signature): { signature: Signature; }; /** * Options for creating Linked Data Signatures. * @since 1.0.0 */ interface CreateSignatureOptions { /** * The context loader for loading remote JSON-LD contexts. */ contextLoader?: DocumentLoader; /** * The time when the signature was created. If not specified, the current * time will be used. */ created?: Temporal.Instant; } /** * Creates a LD signature for the given JSON-LD document. * @param jsonLd The JSON-LD document to sign. * @param privateKey The private key to sign the document. * @param keyId The ID of the public key that corresponds to the private key. * @param options Additional options for creating the signature. * See also {@link CreateSignatureOptions}. * @return The created signature. * @throws {TypeError} If the private key is invalid or unsupported. * @since 1.0.0 */ declare function createSignature(jsonLd: unknown, privateKey: CryptoKey, keyId: URL, { contextLoader, created }?: CreateSignatureOptions): Promise; /** * Options for signing JSON-LD documents. * @since 1.0.0 */ interface SignJsonLdOptions extends CreateSignatureOptions { /** * The OpenTelemetry tracer provider for tracing the signing process. * If omitted, the global tracer provider is used. * @since 1.3.0 */ tracerProvider?: TracerProvider; } /** * Signs the given JSON-LD document with the private key and returns the signed * JSON-LD document. * @param jsonLd The JSON-LD document to sign. * @param privateKey The private key to sign the document. * @param keyId The key ID to use in the signature. It will be used by the * verifier to fetch the corresponding public key. * @param options Additional options for signing the document. * See also {@link SignJsonLdOptions}. * @returns The signed JSON-LD document. * @throws {TypeError} If the private key is invalid or unsupported. * @since 1.0.0 */ declare function signJsonLd(jsonLd: unknown, privateKey: CryptoKey, keyId: URL, options: SignJsonLdOptions): Promise<{ signature: Signature; }>; /** * Checks if the given JSON-LD document has a Linked Data Signature-like * object, without restricting it to a single suite-specific shape. * @param jsonLd The JSON-LD document to check. * @returns `true` if the document has a signature-like object; `false` * otherwise. * @since 2.2.0 */ declare function hasSignatureLike(jsonLd: unknown): boolean; /** * Detaches Linked Data Signatures from the given JSON-LD document. * @param jsonLd The JSON-LD document to modify. * @returns The modified JSON-LD document. If the input document does not * contain a signature, the original document is returned. * @since 1.0.0 */ declare function detachSignature(jsonLd: unknown): unknown; /** * Options for verifying Linked Data Signatures. * @since 1.0.0 */ interface VerifySignatureOptions { /** * The document loader to use for fetching the public key. */ documentLoader?: DocumentLoader; /** * The context loader to use for JSON-LD context retrieval. */ contextLoader?: DocumentLoader; /** * The key cache to use for caching public keys. */ keyCache?: KeyCache; /** * The OpenTelemetry tracer provider for tracing the verification process. * If omitted, the global tracer provider is used. * @since 1.3.0 */ tracerProvider?: TracerProvider; } /** * Verifies Linked Data Signatures of the given JSON-LD document. * @param jsonLd The JSON-LD document to verify. * @param options Options for verifying the signature. * @returns The public key that signed the document or `null` if the signature * is invalid or the key is not found. * @since 1.0.0 */ declare function verifySignature(jsonLd: unknown, options?: VerifySignatureOptions): Promise; /** * Options for verifying JSON-LD documents. */ interface VerifyJsonLdOptions extends VerifySignatureOptions {} /** * Verify the authenticity of the given JSON-LD document using Linked Data * Signatures. If the document is signed, this function verifies the signature * and checks if the document is attributed to the owner of the public key. * If the document is not signed, this function returns `false`. * @param jsonLd The JSON-LD document to verify. * @param options Options for verifying the document. * @returns `true` if the document is authentic; `false` otherwise. */ declare function verifyJsonLd(jsonLd: unknown, options?: VerifyJsonLdOptions): Promise; //#endregion //#region src/sig/proof.d.ts /** * Checks if the given JSON-LD document has a DataIntegrityProof-like object, * without fully deserializing it into vocabulary classes. * @param jsonLd The JSON-LD document to check. * @returns `true` if the document has a proof-like object; `false` otherwise. * @since 2.2.0 */ declare function hasProofLike(jsonLd: unknown): boolean; /** * Options for {@link createProof}. * @since 0.10.0 */ interface CreateProofOptions { /** * The context loader for loading remote JSON-LD contexts. */ contextLoader?: DocumentLoader; /** * The JSON-LD context to use for serializing the object to sign. */ context?: string | Record | (string | Record)[]; /** * The time when the proof was created. If not specified, the current time * will be used. */ created?: Temporal.Instant; } /** * Creates a proof for the given object. * @param object The object to create a proof for. * @param privateKey The private key to sign the proof with. * @param keyId The key ID to use in the proof. It will be used by the verifier. * @param options Additional options. See also {@link CreateProofOptions}. * @returns The created proof. * @throws {TypeError} If the private key is invalid or unsupported. * @since 0.10.0 */ declare function createProof(object: Object$1, privateKey: CryptoKey, keyId: URL, { contextLoader, context, created }?: CreateProofOptions): Promise; /** * Options for {@link signObject}. * @since 0.10.0 */ interface SignObjectOptions extends CreateProofOptions { /** * The document loader for loading remote JSON-LD documents. */ documentLoader?: DocumentLoader; /** * The OpenTelemetry tracer provider. If omitted, the global tracer provider * is used. * @since 1.3.0 */ tracerProvider?: TracerProvider; } /** * Signs the given object with the private key and returns the signed object. * @param object The object to create a proof for. * @param privateKey The private key to sign the proof with. * @param keyId The key ID to use in the proof. It will be used by the verifier. * @param options Additional options. See also {@link SignObjectOptions}. * @returns The signed object. * @throws {TypeError} If the private key is invalid or unsupported. * @since 0.10.0 */ declare function signObject(object: T, privateKey: CryptoKey, keyId: URL, options?: SignObjectOptions): Promise; /** * Options for {@link verifyProof}. * @since 0.10.0 */ interface VerifyProofOptions { /** * The context loader for loading remote JSON-LD contexts. */ contextLoader?: DocumentLoader; /** * The document loader for loading remote JSON-LD documents. */ documentLoader?: DocumentLoader; /** * The key cache to use for caching public keys. * @since 0.12.0 */ keyCache?: KeyCache; /** * The OpenTelemetry tracer provider. If omitted, the global tracer provider * is used. * @since 1.3.0 */ tracerProvider?: TracerProvider; } /** * Verifies the given proof for the object. * @param jsonLd The JSON-LD object to verify the proof for. If it contains * any proofs, they will be ignored. * @param proof The proof to verify. * @param options Additional options. See also {@link VerifyProofOptions}. * @returns The public key that was used to sign the proof, or `null` if the * proof is invalid. * @since 0.10.0 */ declare function verifyProof(jsonLd: unknown, proof: DataIntegrityProof, options?: VerifyProofOptions): Promise; /** * Options for {@link verifyObject}. * @since 0.10.0 */ interface VerifyObjectOptions extends VerifyProofOptions {} /** * Verifies the given object. It will verify all the proofs in the object, * and succeed only if all the proofs are valid and all attributions and * actors are authenticated by the proofs. * @template T The type of the object to verify. * @param cls The class of the object to verify. It must be a subclass of * the {@link Object}. * @param jsonLd The JSON-LD object to verify. It's assumed that the object * is a compacted JSON-LD representation of a `T` with `@context`. * @param options Additional options. See also {@link VerifyObjectOptions}. * @returns The object if it's verified, or `null` if it's not. * @throws {TypeError} If the object is invalid or unsupported. * @since 0.10.0 */ declare function verifyObject(cls: (new (...args: any[]) => T) & { fromJsonLd(jsonLd: unknown, options: VerifyObjectOptions): Promise; }, jsonLd: unknown, options?: VerifyObjectOptions): Promise; //#endregion export { hasSignatureLike as _, createProof as a, verifySignature as b, verifyObject as c, SignJsonLdOptions as d, VerifyJsonLdOptions as f, detachSignature as g, createSignature as h, VerifyProofOptions as i, verifyProof as l, attachSignature as m, SignObjectOptions as n, hasProofLike as o, VerifySignatureOptions as p, VerifyObjectOptions as r, signObject as s, CreateProofOptions as t, CreateSignatureOptions as u, signJsonLd as v, verifyJsonLd as y };