@fedify/fedify
Version:
An ActivityPub server framework
268 lines (267 loc) • 9.98 kB
TypeScript
import { Temporal } from "@js-temporal/polyfill";
import { URLPattern } from "urlpattern-polyfill";
import { DocumentLoader } from "./docloader-Q42SMRIB.js";
import { CryptographicKey, DataIntegrityProof, Multikey, Object as Object$1 } from "./vocab-CzEfWQk2.js";
import { KeyCache } from "./http-DMTrO3Ye.js";
import { TracerProvider } from "@opentelemetry/api";
//#region sig/ld.d.ts
/**
* A signature of a JSON-LD document.
* @since 1.0.0
*/
interface Signature {
"@context"?: "https://w3id.org/identity/v1";
type: "RsaSignature2017";
id?: string;
creator: string;
created: string;
signatureValue: string;
}
/**
* Attaches a LD signature to the given JSON-LD document.
* @param jsonLd The JSON-LD document to attach the signature to. It is not
* modified.
* @param signature The signature to attach.
* @returns The JSON-LD document with the attached signature.
* @throws {TypeError} If the input document is not a valid JSON-LD document.
* @since 1.0.0
*/
declare function attachSignature(jsonLd: unknown, signature: Signature): {
signature: Signature;
};
/**
* Options for creating Linked Data Signatures.
* @since 1.0.0
*/
interface CreateSignatureOptions {
/**
* The context loader for loading remote JSON-LD contexts.
*/
contextLoader?: DocumentLoader;
/**
* The time when the signature was created. If not specified, the current
* time will be used.
*/
created?: Temporal.Instant;
}
/**
* Creates a LD signature for the given JSON-LD document.
* @param jsonLd The JSON-LD document to sign.
* @param privateKey The private key to sign the document.
* @param keyId The ID of the public key that corresponds to the private key.
* @param options Additional options for creating the signature.
* See also {@link CreateSignatureOptions}.
* @return The created signature.
* @throws {TypeError} If the private key is invalid or unsupported.
* @since 1.0.0
*/
declare function createSignature(jsonLd: unknown, privateKey: CryptoKey, keyId: URL, {
contextLoader,
created
}?: CreateSignatureOptions): Promise<Signature>;
/**
* Options for signing JSON-LD documents.
* @since 1.0.0
*/
interface SignJsonLdOptions extends CreateSignatureOptions {
/**
* The OpenTelemetry tracer provider for tracing the signing process.
* If omitted, the global tracer provider is used.
* @since 1.3.0
*/
tracerProvider?: TracerProvider;
}
/**
* Signs the given JSON-LD document with the private key and returns the signed
* JSON-LD document.
* @param jsonLd The JSON-LD document to sign.
* @param privateKey The private key to sign the document.
* @param keyId The key ID to use in the signature. It will be used by the
* verifier to fetch the corresponding public key.
* @param options Additional options for signing the document.
* See also {@link SignJsonLdOptions}.
* @returns The signed JSON-LD document.
* @throws {TypeError} If the private key is invalid or unsupported.
* @since 1.0.0
*/
declare function signJsonLd(jsonLd: unknown, privateKey: CryptoKey, keyId: URL, options: SignJsonLdOptions): Promise<{
signature: Signature;
}>;
/**
* Detaches Linked Data Signatures from the given JSON-LD document.
* @param jsonLd The JSON-LD document to modify.
* @returns The modified JSON-LD document. If the input document does not
* contain a signature, the original document is returned.
* @since 1.0.0
*/
declare function detachSignature(jsonLd: unknown): unknown;
/**
* Options for verifying Linked Data Signatures.
* @since 1.0.0
*/
interface VerifySignatureOptions {
/**
* The document loader to use for fetching the public key.
*/
documentLoader?: DocumentLoader;
/**
* The context loader to use for JSON-LD context retrieval.
*/
contextLoader?: DocumentLoader;
/**
* The key cache to use for caching public keys.
*/
keyCache?: KeyCache;
/**
* The OpenTelemetry tracer provider for tracing the verification process.
* If omitted, the global tracer provider is used.
* @since 1.3.0
*/
tracerProvider?: TracerProvider;
}
/**
* Verifies Linked Data Signatures of the given JSON-LD document.
* @param jsonLd The JSON-LD document to verify.
* @param options Options for verifying the signature.
* @returns The public key that signed the document or `null` if the signature
* is invalid or the key is not found.
* @since 1.0.0
*/
declare function verifySignature(jsonLd: unknown, options?: VerifySignatureOptions): Promise<CryptographicKey | null>;
/**
* Options for verifying JSON-LD documents.
*/
interface VerifyJsonLdOptions extends VerifySignatureOptions {}
/**
* Verify the authenticity of the given JSON-LD document using Linked Data
* Signatures. If the document is signed, this function verifies the signature
* and checks if the document is attributed to the owner of the public key.
* If the document is not signed, this function returns `false`.
* @param jsonLd The JSON-LD document to verify.
* @param options Options for verifying the document.
* @returns `true` if the document is authentic; `false` otherwise.
*/
declare function verifyJsonLd(jsonLd: unknown, options?: VerifyJsonLdOptions): Promise<boolean>;
//#endregion
//#region sig/proof.d.ts
/**
* Options for {@link createProof}.
* @since 0.10.0
*/
interface CreateProofOptions {
/**
* The context loader for loading remote JSON-LD contexts.
*/
contextLoader?: DocumentLoader;
/**
* The JSON-LD context to use for serializing the object to sign.
*/
context?: string | Record<string, string> | (string | Record<string, string>)[];
/**
* The time when the proof was created. If not specified, the current time
* will be used.
*/
created?: Temporal.Instant;
}
/**
* Creates a proof for the given object.
* @param object The object to create a proof for.
* @param privateKey The private key to sign the proof with.
* @param keyId The key ID to use in the proof. It will be used by the verifier.
* @param options Additional options. See also {@link CreateProofOptions}.
* @returns The created proof.
* @throws {TypeError} If the private key is invalid or unsupported.
* @since 0.10.0
*/
declare function createProof(object: Object$1, privateKey: CryptoKey, keyId: URL, {
contextLoader,
context,
created
}?: CreateProofOptions): Promise<DataIntegrityProof>;
/**
* Options for {@link signObject}.
* @since 0.10.0
*/
interface SignObjectOptions extends CreateProofOptions {
/**
* The document loader for loading remote JSON-LD documents.
*/
documentLoader?: DocumentLoader;
/**
* The OpenTelemetry tracer provider. If omitted, the global tracer provider
* is used.
* @since 1.3.0
*/
tracerProvider?: TracerProvider;
}
/**
* Signs the given object with the private key and returns the signed object.
* @param object The object to create a proof for.
* @param privateKey The private key to sign the proof with.
* @param keyId The key ID to use in the proof. It will be used by the verifier.
* @param options Additional options. See also {@link SignObjectOptions}.
* @returns The signed object.
* @throws {TypeError} If the private key is invalid or unsupported.
* @since 0.10.0
*/
declare function signObject<T extends Object$1>(object: T, privateKey: CryptoKey, keyId: URL, options?: SignObjectOptions): Promise<T>;
/**
* Options for {@link verifyProof}.
* @since 0.10.0
*/
interface VerifyProofOptions {
/**
* The context loader for loading remote JSON-LD contexts.
*/
contextLoader?: DocumentLoader;
/**
* The document loader for loading remote JSON-LD documents.
*/
documentLoader?: DocumentLoader;
/**
* The key cache to use for caching public keys.
* @since 0.12.0
*/
keyCache?: KeyCache;
/**
* The OpenTelemetry tracer provider. If omitted, the global tracer provider
* is used.
* @since 1.3.0
*/
tracerProvider?: TracerProvider;
}
/**
* Verifies the given proof for the object.
* @param jsonLd The JSON-LD object to verify the proof for. If it contains
* any proofs, they will be ignored.
* @param proof The proof to verify.
* @param options Additional options. See also {@link VerifyProofOptions}.
* @returns The public key that was used to sign the proof, or `null` if the
* proof is invalid.
* @since 0.10.0
*/
declare function verifyProof(jsonLd: unknown, proof: DataIntegrityProof, options?: VerifyProofOptions): Promise<Multikey | null>;
/**
* Options for {@link verifyObject}.
* @since 0.10.0
*/
interface VerifyObjectOptions extends VerifyProofOptions {}
/**
* Verifies the given object. It will verify all the proofs in the object,
* and succeed only if all the proofs are valid and all attributions and
* actors are authenticated by the proofs.
* @typeParam T The type of the object to verify.
* @param cls The class of the object to verify. It must be a subclass of
* the {@link Object}.
* @param jsonLd The JSON-LD object to verify. It's assumed that the object
* is a compacted JSON-LD representation of a `T` with `@context`.
* @param options Additional options. See also {@link VerifyObjectOptions}.
* @returns The object if it's verified, or `null` if it's not.
* @throws {TypeError} If the object is invalid or unsupported.
* @since 0.10.0
*/
declare function verifyObject<T extends Object$1>(cls: (new (...args: any[]) => T) & {
fromJsonLd(jsonLd: unknown, options: VerifyObjectOptions): Promise<T>;
}, jsonLd: unknown, options?: VerifyObjectOptions): Promise<T | null>;
//#endregion
export { CreateProofOptions, type CreateSignatureOptions, type SignJsonLdOptions, SignObjectOptions, type VerifyJsonLdOptions, VerifyObjectOptions, VerifyProofOptions, type VerifySignatureOptions, attachSignature, createProof, createSignature, detachSignature, signJsonLd, signObject, verifyJsonLd, verifyObject, verifyProof, verifySignature };