Update types (#319)

.eslintrc.json

@@ -1,13 +1,11 @@
 {
   "env": {
+    "browser": false,
     "node": true,
     "mocha": true,
-    "es6": false
+    "es2020": true
   },
   "root": true,
-  "parserOptions": {
-    "ecmaVersion": 2020
-  },
   "extends": ["eslint:recommended", "prettier"],
   "rules": {
     "no-console": "error",

README.md

@@ -43,11 +43,7 @@ HMAC-SHA1 is also available but it is disabled by default
 
 - HMAC-SHA1 http://www.w3.org/2000/09/xmldsig#hmac-sha1
 
-to enable HMAC-SHA1, do:
-
-```javascript
-require("xml-crypto").SignedXml.enableHMAC();
-```
+to enable HMAC-SHA1, call `enableHMAC()` on your instance of `SignedXml`.
 
 This will enable HMAC and disable digital signature algorithms. Due to key
 confusion issues, it is risky to have both HMAC-based and public key digital

index.d.ts

@@ -43,6 +43,13 @@ type SignedXmlOptions = {
   signatureAlgorithm?: SignatureAlgorithmType;
 };
 
+type CanonicalizationOrTransformationAlgorithmProcessOptions = {
+  defaultNs?: string;
+  defaultForPrefix?: {};
+  ancestorNamespaces?: [];
+  signatureNode: Node;
+};
+
 /**
  * Options for the computeSignature method.
  */
@@ -87,6 +94,13 @@ export interface Reference {
   isEmptyUri?: boolean;
 }
 
+/** Implement this to create a new CanonicalizationAlgorithm */
+export class CanonicalizationOrTransformationAlgorithm {
+  process(node: Node, options: CanonicalizationOrTransformationAlgorithmProcessOptions): string;
+
+  getAlgorithmName(): CanonicalizationAlgorithmType;
+}
+
 /** Implement this to create a new HashAlgorithm */
 export class HashAlgorithm {
   getAlgorithmName(): HashAlgorithmType;
@@ -96,15 +110,18 @@ export class HashAlgorithm {
 
 /** Implement this to create a new SignatureAlgorithm */
 export class SignatureAlgorithm {
-  getAlgorithmName(): SignatureAlgorithmType;
-
+  /**
+   * Sign the given string using the given key
+   */
   getSignature(
     signedInfo: crypto.BinaryLike,
     privateKey: crypto.KeyLike,
     callback?: (err: Error, signedInfo: string) => never
   ): string;
 
   /**
+   * Verify the given signature of the given string using key
+   *
    * @param key a public cert, public key, or private key can be passed here
    */
   verifySignature(
@@ -113,6 +130,8 @@ export class SignatureAlgorithm {
     signatureValue: string,
     callback?: (err: Error, verified: boolean) => never
   ): boolean;
+
+  getAlgorithmName(): SignatureAlgorithmType;
 }
 
 /** Implement this to create a new TransformAlgorithm */
@@ -174,9 +193,10 @@ export class SignedXml {
   // One of the supported signature algorithms. See {@link SignatureAlgorithmType}
   signatureAlgorithm: SignatureAlgorithmType;
   // A {@link Buffer} or pem encoded {@link String} containing your private key
-  privateKey: Buffer | string;
+  privateKey: crypto.KeyLike;
   // Contains validation errors (if any) after {@link checkSignature} method is called
   validationErrors: string[];
+  publicCert: crypto.KeyLike;
 
   /**
    * The SignedXml constructor provides an abstraction for sign and verify xml documents. The object is constructed using
@@ -324,7 +344,7 @@ export class SignedXml {
   getCertFromKeyInfo(keyInfo: string): string | null;
 }
 
-export interface Utils {
+export class Utils {
   /**
    * @param pem The PEM-encoded base64 certificate to strip headers from
    */

lib/c14n-canonicalization.js

@@ -1,6 +1,8 @@
-/* jshint laxcomma: true */
 const utils = require("./utils");
 
+/**
+ * @type { import("../index.d.ts").CanonicalizationOrTransformationAlgorithm}
+ */
 class C14nCanonicalization {
   constructor() {
     this.includeComments = false;
@@ -276,7 +278,11 @@ class C14nCanonicalization {
   }
 }
 
-// Add c14n#WithComments here (very simple subclass)
+/**
+ * Add c14n#WithComments here (very simple subclass)
+ *
+ * @type { import("../index.d.ts").CanonicalizationOrTransformationAlgorithm}
+ */
 class C14nCanonicalizationWithComments extends C14nCanonicalization {
   constructor() {
     super();

lib/enveloped-signature.js

@@ -1,6 +1,9 @@
 const xpath = require("xpath");
 const utils = require("./utils");
 
+/**
+ * @type { import("../index.d.ts").CanonicalizationOrTransformationAlgorithm}
+ */
 class EnvelopedSignature {
   process(node, options) {
     if (null == options.signatureNode) {

lib/exclusive-canonicalization.js

@@ -1,4 +1,3 @@
-/* jshint laxcomma: true */
 const utils = require("./utils");
 
 function isPrefixInScope(prefixesInScope, prefix, namespaceURI) {
@@ -12,6 +11,9 @@ function isPrefixInScope(prefixesInScope, prefix, namespaceURI) {
   return ret;
 }
 
+/**
+ * @type { import("../index.d.ts").CanonicalizationOrTransformationAlgorithm}
+ */
 class ExclusiveCanonicalization {
   constructor() {
     this.includeComments = false;
@@ -329,8 +331,10 @@ class ExclusiveCanonicalization {
   }
 }
 
-// Add c14n#WithComments here (very simple subclass)
-
+/**
+ * Add c14n#WithComments here (very simple subclass)
+ * @type { import("../index.d.ts").CanonicalizationOrTransformationAlgorithm}
+ */
 class ExclusiveCanonicalizationWithComments extends ExclusiveCanonicalization {
   constructor() {
     super();

lib/signed-xml.js

@@ -8,9 +8,7 @@ const hashAlgorithms = require("./hash-algorithms");
 const signatureAlgorithms = require("./signature-algorithms");
 
 /**
-
-/**
- * @typedef { import("../index.d.ts").SignedXml}
+ * @type {import ("../index.d.ts").SignedXml}
  */
 class SignedXml {
   constructor(idMode, options = {}) {