Class SignatureBundle

constructor

• new SignatureBundle(
      dnssecChain: VeraidDnssecChain,
      orgCertificate: Certificate,
      signature: ContentInfo,
  ): SignatureBundle

  Parameters

  • dnssecChain: VeraidDnssecChain
  • orgCertificate: Certificate
  • signature: ContentInfo

  Returns SignatureBundle

ReadonlydnssecChain

ReadonlyorgCertificate

Readonlysignature

serialise

• serialise(): ArrayBuffer

  Serialise this signature bundle to its binary representation

  Returns ArrayBuffer

  The serialised signature bundle

verify

• verify(
      plaintext: undefined | ArrayBuffer,
      serviceOid: string,
      dateOrPeriod?: IDatePeriod | Date,
      trustAnchors?: readonly TrustAnchor[],
  ): Promise<SignatureBundleVerification>

  Verify the signature against the specified plaintext

  Parameters

  • plaintext: undefined | ArrayBuffer

    The plaintext to verify (can be undefined if the plaintext is encapsulated in the signature)
  • serviceOid: string

    The OID of the service for which the signature should be valid
  • dateOrPeriod: IDatePeriod | Date = ...

    The date or period for which the signature should be valid (defaults to now)
  • OptionaltrustAnchors: readonly TrustAnchor[]

    The DNSSEC trust anchors to use for verification

  Returns Promise<SignatureBundleVerification>

  The verification result containing the plaintext and member information

  Throws

  If the signature is invalid

Staticdeserialise

• deserialise(serialisation: ArrayBuffer): SignatureBundle

  Deserialise a binary representation into a SignatureBundle instance

  Parameters

  • serialisation: ArrayBuffer

    The serialised signature bundle

  Returns SignatureBundle

  A new SignatureBundle instance

  Throws

  If the version is not 0

Staticsign

• sign(
      plaintext: ArrayBuffer,
      serviceOid: string,
      signer: MemberIdBundle | OrganisationSigner,
      signingKey: CryptoKey,
      expiryDate: Date,
      options?: Partial<SignatureOptions>,
  ): Promise<SignatureBundle>

  Create a signature for the specified plaintext

  Parameters

  • plaintext: ArrayBuffer

    The data to sign
  • serviceOid: string

    The OID of the service for which the signature is created
  • signer: MemberIdBundle | OrganisationSigner

    The member id bundle or organisation signer to use for signing
  • signingKey: CryptoKey

    The private key corresponding to the signer certificate
  • expiryDate: Date

    The date when the signature expires
  • options: Partial<SignatureOptions> = {}

    Additional options for signature creation

    • startDate

      The date when the signature becomes valid (defaults to now)

    • shouldEncapsulatePlaintext

      Whether to include the plaintext in the signature (defaults to false)

  Returns Promise<SignatureBundle>

  A new SignatureBundle instance