UNPKG

@fedify/fedify

Version:

An ActivityPub server framework

268 lines (267 loc) • 9.98 kB
import { Temporal } from "@js-temporal/polyfill"; import { URLPattern } from "urlpattern-polyfill"; import { DocumentLoader } from "./docloader-Q42SMRIB.js"; import { CryptographicKey, DataIntegrityProof, Multikey, Object as Object$1 } from "./vocab-CzEfWQk2.js"; import { KeyCache } from "./http-DMTrO3Ye.js"; import { TracerProvider } from "@opentelemetry/api"; //#region sig/ld.d.ts /** * A signature of a JSON-LD document. * @since 1.0.0 */ interface Signature { "@context"?: "https://w3id.org/identity/v1"; type: "RsaSignature2017"; id?: string; creator: string; created: string; signatureValue: string; } /** * Attaches a LD signature to the given JSON-LD document. * @param jsonLd The JSON-LD document to attach the signature to. It is not * modified. * @param signature The signature to attach. * @returns The JSON-LD document with the attached signature. * @throws {TypeError} If the input document is not a valid JSON-LD document. * @since 1.0.0 */ declare function attachSignature(jsonLd: unknown, signature: Signature): { signature: Signature; }; /** * Options for creating Linked Data Signatures. * @since 1.0.0 */ interface CreateSignatureOptions { /** * The context loader for loading remote JSON-LD contexts. */ contextLoader?: DocumentLoader; /** * The time when the signature was created. If not specified, the current * time will be used. */ created?: Temporal.Instant; } /** * Creates a LD signature for the given JSON-LD document. * @param jsonLd The JSON-LD document to sign. * @param privateKey The private key to sign the document. * @param keyId The ID of the public key that corresponds to the private key. * @param options Additional options for creating the signature. * See also {@link CreateSignatureOptions}. * @return The created signature. * @throws {TypeError} If the private key is invalid or unsupported. * @since 1.0.0 */ declare function createSignature(jsonLd: unknown, privateKey: CryptoKey, keyId: URL, { contextLoader, created }?: CreateSignatureOptions): Promise<Signature>; /** * Options for signing JSON-LD documents. * @since 1.0.0 */ interface SignJsonLdOptions extends CreateSignatureOptions { /** * The OpenTelemetry tracer provider for tracing the signing process. * If omitted, the global tracer provider is used. * @since 1.3.0 */ tracerProvider?: TracerProvider; } /** * Signs the given JSON-LD document with the private key and returns the signed * JSON-LD document. * @param jsonLd The JSON-LD document to sign. * @param privateKey The private key to sign the document. * @param keyId The key ID to use in the signature. It will be used by the * verifier to fetch the corresponding public key. * @param options Additional options for signing the document. * See also {@link SignJsonLdOptions}. * @returns The signed JSON-LD document. * @throws {TypeError} If the private key is invalid or unsupported. * @since 1.0.0 */ declare function signJsonLd(jsonLd: unknown, privateKey: CryptoKey, keyId: URL, options: SignJsonLdOptions): Promise<{ signature: Signature; }>; /** * Detaches Linked Data Signatures from the given JSON-LD document. * @param jsonLd The JSON-LD document to modify. * @returns The modified JSON-LD document. If the input document does not * contain a signature, the original document is returned. * @since 1.0.0 */ declare function detachSignature(jsonLd: unknown): unknown; /** * Options for verifying Linked Data Signatures. * @since 1.0.0 */ interface VerifySignatureOptions { /** * The document loader to use for fetching the public key. */ documentLoader?: DocumentLoader; /** * The context loader to use for JSON-LD context retrieval. */ contextLoader?: DocumentLoader; /** * The key cache to use for caching public keys. */ keyCache?: KeyCache; /** * The OpenTelemetry tracer provider for tracing the verification process. * If omitted, the global tracer provider is used. * @since 1.3.0 */ tracerProvider?: TracerProvider; } /** * Verifies Linked Data Signatures of the given JSON-LD document. * @param jsonLd The JSON-LD document to verify. * @param options Options for verifying the signature. * @returns The public key that signed the document or `null` if the signature * is invalid or the key is not found. * @since 1.0.0 */ declare function verifySignature(jsonLd: unknown, options?: VerifySignatureOptions): Promise<CryptographicKey | null>; /** * Options for verifying JSON-LD documents. */ interface VerifyJsonLdOptions extends VerifySignatureOptions {} /** * Verify the authenticity of the given JSON-LD document using Linked Data * Signatures. If the document is signed, this function verifies the signature * and checks if the document is attributed to the owner of the public key. * If the document is not signed, this function returns `false`. * @param jsonLd The JSON-LD document to verify. * @param options Options for verifying the document. * @returns `true` if the document is authentic; `false` otherwise. */ declare function verifyJsonLd(jsonLd: unknown, options?: VerifyJsonLdOptions): Promise<boolean>; //#endregion //#region sig/proof.d.ts /** * Options for {@link createProof}. * @since 0.10.0 */ interface CreateProofOptions { /** * The context loader for loading remote JSON-LD contexts. */ contextLoader?: DocumentLoader; /** * The JSON-LD context to use for serializing the object to sign. */ context?: string | Record<string, string> | (string | Record<string, string>)[]; /** * The time when the proof was created. If not specified, the current time * will be used. */ created?: Temporal.Instant; } /** * Creates a proof for the given object. * @param object The object to create a proof for. * @param privateKey The private key to sign the proof with. * @param keyId The key ID to use in the proof. It will be used by the verifier. * @param options Additional options. See also {@link CreateProofOptions}. * @returns The created proof. * @throws {TypeError} If the private key is invalid or unsupported. * @since 0.10.0 */ declare function createProof(object: Object$1, privateKey: CryptoKey, keyId: URL, { contextLoader, context, created }?: CreateProofOptions): Promise<DataIntegrityProof>; /** * Options for {@link signObject}. * @since 0.10.0 */ interface SignObjectOptions extends CreateProofOptions { /** * The document loader for loading remote JSON-LD documents. */ documentLoader?: DocumentLoader; /** * The OpenTelemetry tracer provider. If omitted, the global tracer provider * is used. * @since 1.3.0 */ tracerProvider?: TracerProvider; } /** * Signs the given object with the private key and returns the signed object. * @param object The object to create a proof for. * @param privateKey The private key to sign the proof with. * @param keyId The key ID to use in the proof. It will be used by the verifier. * @param options Additional options. See also {@link SignObjectOptions}. * @returns The signed object. * @throws {TypeError} If the private key is invalid or unsupported. * @since 0.10.0 */ declare function signObject<T extends Object$1>(object: T, privateKey: CryptoKey, keyId: URL, options?: SignObjectOptions): Promise<T>; /** * Options for {@link verifyProof}. * @since 0.10.0 */ interface VerifyProofOptions { /** * The context loader for loading remote JSON-LD contexts. */ contextLoader?: DocumentLoader; /** * The document loader for loading remote JSON-LD documents. */ documentLoader?: DocumentLoader; /** * The key cache to use for caching public keys. * @since 0.12.0 */ keyCache?: KeyCache; /** * The OpenTelemetry tracer provider. If omitted, the global tracer provider * is used. * @since 1.3.0 */ tracerProvider?: TracerProvider; } /** * Verifies the given proof for the object. * @param jsonLd The JSON-LD object to verify the proof for. If it contains * any proofs, they will be ignored. * @param proof The proof to verify. * @param options Additional options. See also {@link VerifyProofOptions}. * @returns The public key that was used to sign the proof, or `null` if the * proof is invalid. * @since 0.10.0 */ declare function verifyProof(jsonLd: unknown, proof: DataIntegrityProof, options?: VerifyProofOptions): Promise<Multikey | null>; /** * Options for {@link verifyObject}. * @since 0.10.0 */ interface VerifyObjectOptions extends VerifyProofOptions {} /** * Verifies the given object. It will verify all the proofs in the object, * and succeed only if all the proofs are valid and all attributions and * actors are authenticated by the proofs. * @typeParam T The type of the object to verify. * @param cls The class of the object to verify. It must be a subclass of * the {@link Object}. * @param jsonLd The JSON-LD object to verify. It's assumed that the object * is a compacted JSON-LD representation of a `T` with `@context`. * @param options Additional options. See also {@link VerifyObjectOptions}. * @returns The object if it's verified, or `null` if it's not. * @throws {TypeError} If the object is invalid or unsupported. * @since 0.10.0 */ declare function verifyObject<T extends Object$1>(cls: (new (...args: any[]) => T) & { fromJsonLd(jsonLd: unknown, options: VerifyObjectOptions): Promise<T>; }, jsonLd: unknown, options?: VerifyObjectOptions): Promise<T | null>; //#endregion export { CreateProofOptions, type CreateSignatureOptions, type SignJsonLdOptions, SignObjectOptions, type VerifyJsonLdOptions, VerifyObjectOptions, VerifyProofOptions, type VerifySignatureOptions, attachSignature, createProof, createSignature, detachSignature, signJsonLd, signObject, verifyJsonLd, verifyObject, verifyProof, verifySignature };