/** * Signed, content-addressed policy-bundle FORMAT and VERIFIER. * * A policy-bundle is a deterministic tar of policy files plus a JCS-canonical * manifest plus an Ed25519 detached signature over that manifest. The manifest * pins every file by sha256 and pins the whole tar by sha256, so the bundle is * content-addressed: its identity is sha256(canonicalizeJCS(manifest)). * * What this module is: * - a way to BUILD a bundle from in-memory files (createPolicyBundle) * - a way to VERIFY a bundle's integrity, signature, governance class, and * revocation status against an aps.txt fixture (verifyPolicyBundle) * * What this module is NOT (these are gateway product, out of scope here): * - a registry, a resolver protocol, a lockfile service, a transparency log. * It reuses existing protocol primitives and builds no service. * * Reuse map: * - JCS canonical hashing: src/core/canonical-jcs.ts * - Ed25519 sign/verify: src/crypto/keys.ts * - did:aps derivation: src/core/did.ts (createDID) * - changeType vocabulary: src/types/governance.ts (GovernanceChangeType) * - aps.txt revocation: src/core/aps-txt.ts (resolveTermsForPath) * - ScopeOfClaim: src/v2/accountability/types/base.ts * * ───────────────────────────────────────────────────────────────────────── * PROOF BOX * ───────────────────────────────────────────────────────────────────────── * Proves: a valid policy-bundle proves the bundle contents match the signed * manifest hash and that the signer authorized this exact bundle. The tar * bytes hash to manifest.tarSha256, every file inside hashes to its manifest * pin, and the Ed25519 signature over the canonical manifest verifies under * the declared signer key. * Does NOT prove: that the policy inside the bundle is correct, sound, or * safe; that the signer is currently authorized beyond the supplied aps.txt * revocation check; or anything about who wrote the policy versus who signed * it. Tested and validated, not proved-as-truth. * ───────────────────────────────────────────────────────────────────────── */ import type { ApsTxt } from '../../core/aps-txt.js'; import type { ScopeOfClaim } from '../accountability/types/base.js'; import type { PolicyBundleManifest, PolicyBundleEnvelope, PolicyBundleVerification, PolicyBundleGovernance, ManifestHash } from './types.js'; /** A file to place in a bundle. */ export interface PolicyBundleFileInput { /** POSIX path inside the bundle (forward slashes, no leading slash). */ path: string; /** File contents as bytes or UTF-8 string. */ content: Uint8Array | string; } export interface CreatePolicyBundleInput { bundleId: string; files: PolicyBundleFileInput[]; signerPrivateKey: string; signerPublicKey: string; /** Governance classification versus the previous version. Defaults to initial. */ governance?: Partial; /** Honest scope declaration. A sensible default is supplied if omitted. */ scopeOfClaim?: ScopeOfClaim; /** ISO timestamp override (testing/determinism). Defaults to now. */ createdAt?: string; } /** Default ScopeOfClaim for a policy-bundle. Dogfoods the honest-scope shape. */ export declare function defaultPolicyBundleScope(): ScopeOfClaim; /** * Build a signed, content-addressed policy-bundle from in-memory files. * The tar is deterministic, so the same files always yield the same bytes * and the same manifest hash. */ export declare function createPolicyBundle(input: CreatePolicyBundleInput): PolicyBundleEnvelope; /** Content-addressed identity of a manifest: sha256(canonicalizeJCS(manifest)). */ export declare function manifestHash(manifest: PolicyBundleManifest): ManifestHash; export interface VerifyPolicyBundleOptions { /** * Optional aps.txt revocation anchor. When provided, the verifier resolves * terms for `revocationPath` (defaults to `/`) and treats a * fully-prohibited result as a revoked bundle. This reuses the existing * aps.txt path-override mechanism. It builds no registry or resolver service. */ apsTxt?: ApsTxt; /** * Path the bundle is anchored at inside the publisher's aps.txt namespace. * Defaults to `/`. */ revocationPath?: string; /** * Raw tar bytes. If omitted, the verifier decodes envelope.tarHex. * Passing bytes directly avoids a hex round-trip. */ tarBytes?: Uint8Array; } /** * Verify a policy-bundle. * * Required checks (all must pass for valid=true): * - signature over canonicalizeJCS(manifest) verifies under signerPublicKey * - signerDid is consistent with signerPublicKey * - tar bytes hash to manifest.tarSha256 * - every file inside the tar matches its manifest pin (path, size, sha256), * and the tar contains exactly the manifest's file set * - the bundle is not revoked by the supplied aps.txt anchor * * Advisory (does NOT fail the bundle, but is reported): * - weakeningFlagged when governance.changeType is 'weakening' or 'mixed'. * A weakening change is surfaced for caller policy, not silently accepted. */ export declare function verifyPolicyBundle(envelope: PolicyBundleEnvelope, options?: VerifyPolicyBundleOptions): PolicyBundleVerification; /** * Serialize an envelope to a JSON string ready to store next to the tar. * The manifest and signature travel together; the tar travels as hex inside. */ export declare function serializePolicyBundle(envelope: PolicyBundleEnvelope): string; /** Parse a serialized envelope back to an object, or null if malformed. */ export declare function parsePolicyBundle(content: string): PolicyBundleEnvelope | null; /** Decode the raw tar bytes carried by an envelope. */ export declare function bundleTarBytes(envelope: PolicyBundleEnvelope): Uint8Array; //# sourceMappingURL=bundle.d.ts.map