@bananalink-sdk/protocol 1.2.8 → 1.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{chunk-32OWUOZ3.js → chunk-KJ7QIHAY.js} +11 -7
- package/dist/chunk-KJ7QIHAY.js.map +1 -0
- package/dist/{chunk-VXLUSU5B.cjs → chunk-MUYKP6UQ.cjs} +63 -8
- package/dist/chunk-MUYKP6UQ.cjs.map +1 -0
- package/dist/{chunk-MCZG7QEM.cjs → chunk-NGPP7HUR.cjs} +11 -7
- package/dist/chunk-NGPP7HUR.cjs.map +1 -0
- package/dist/{chunk-LELPCIE7.js → chunk-OBJR2TL4.js} +54 -4
- package/dist/chunk-OBJR2TL4.js.map +1 -0
- package/dist/{chunk-KNGZKGRS.cjs → chunk-RZPN2GDJ.cjs} +13 -4
- package/dist/chunk-RZPN2GDJ.cjs.map +1 -0
- package/dist/{chunk-7KYDLL3B.js → chunk-XCMAKN3P.js} +13 -5
- package/dist/chunk-XCMAKN3P.js.map +1 -0
- package/dist/{client-session-claim-C4lUik3b.d.cts → client-session-claim-CkRKTG50.d.cts} +12 -2
- package/dist/{client-session-claim-3QF3noOr.d.ts → client-session-claim-CrIDASkZ.d.ts} +12 -2
- package/dist/crypto/providers/noble-provider.cjs +2 -3
- package/dist/crypto/providers/noble-provider.d.cts +0 -7
- package/dist/crypto/providers/noble-provider.d.ts +0 -7
- package/dist/crypto/providers/noble-provider.js +1 -2
- package/dist/crypto/providers/node-provider.cjs +7 -29
- package/dist/crypto/providers/node-provider.cjs.map +1 -1
- package/dist/crypto/providers/node-provider.d.cts +0 -7
- package/dist/crypto/providers/node-provider.d.ts +0 -7
- package/dist/crypto/providers/node-provider.js +7 -29
- package/dist/crypto/providers/node-provider.js.map +1 -1
- package/dist/crypto/providers/quickcrypto-provider.cjs +8 -46
- package/dist/crypto/providers/quickcrypto-provider.cjs.map +1 -1
- package/dist/crypto/providers/quickcrypto-provider.d.cts +0 -9
- package/dist/crypto/providers/quickcrypto-provider.d.ts +0 -9
- package/dist/crypto/providers/quickcrypto-provider.js +7 -45
- package/dist/crypto/providers/quickcrypto-provider.js.map +1 -1
- package/dist/crypto/providers/webcrypto-provider.cjs +0 -2
- package/dist/crypto/providers/webcrypto-provider.cjs.map +1 -1
- package/dist/crypto/providers/webcrypto-provider.d.cts +0 -7
- package/dist/crypto/providers/webcrypto-provider.d.ts +0 -7
- package/dist/crypto/providers/webcrypto-provider.js +0 -2
- package/dist/crypto/providers/webcrypto-provider.js.map +1 -1
- package/dist/{crypto-BUS06Qz-.d.cts → crypto-BK0Ile6V.d.cts} +1 -1
- package/dist/{crypto-BUS06Qz-.d.ts → crypto-BK0Ile6V.d.ts} +1 -1
- package/dist/crypto-export.cjs +50 -51
- package/dist/crypto-export.cjs.map +1 -1
- package/dist/crypto-export.d.cts +1 -1
- package/dist/crypto-export.d.ts +1 -1
- package/dist/crypto-export.js +2 -4
- package/dist/crypto-export.js.map +1 -1
- package/dist/index.cjs +8 -4
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +31 -4
- package/dist/index.d.ts +31 -4
- package/dist/index.js +7 -4
- package/dist/index.js.map +1 -1
- package/dist/schemas-export.cjs +76 -72
- package/dist/schemas-export.d.cts +116 -1
- package/dist/schemas-export.d.ts +116 -1
- package/dist/schemas-export.js +1 -1
- package/dist/testing.d.cts +2 -2
- package/dist/testing.d.ts +2 -2
- package/dist/validation-export.cjs +76 -72
- package/dist/validation-export.d.cts +1 -1
- package/dist/validation-export.d.ts +1 -1
- package/dist/validation-export.js +1 -1
- package/package.json +1 -1
- package/src/crypto/providers/noble-provider.ts +44 -49
- package/src/crypto/providers/node-provider.ts +18 -59
- package/src/crypto/providers/quickcrypto-provider.ts +25 -84
- package/src/crypto/providers/registry.ts +14 -9
- package/src/crypto/providers/webcrypto-provider.ts +28 -43
- package/src/index.ts +1 -0
- package/src/schemas/client-messages.ts +14 -0
- package/src/schemas/wallet-messages.ts +4 -0
- package/src/types/client-messages.ts +26 -1
- package/src/types/index.ts +9 -0
- package/src/types/persistence.ts +32 -0
- package/src/types/wallet-messages.ts +6 -2
- package/dist/chunk-32OWUOZ3.js.map +0 -1
- package/dist/chunk-7KYDLL3B.js.map +0 -1
- package/dist/chunk-A6FLEJ7R.cjs +0 -62
- package/dist/chunk-A6FLEJ7R.cjs.map +0 -1
- package/dist/chunk-KNGZKGRS.cjs.map +0 -1
- package/dist/chunk-LELPCIE7.js.map +0 -1
- package/dist/chunk-MCZG7QEM.cjs.map +0 -1
- package/dist/chunk-TCVKC227.js +0 -56
- package/dist/chunk-TCVKC227.js.map +0 -1
- package/dist/chunk-VXLUSU5B.cjs.map +0 -1
|
@@ -1,3 +1,3 @@
|
|
|
1
|
-
export { DAppMetadata, DisplayInfo, EncryptedPayload, QRPayload, RelayMessage, SIWEFields, SecurityPolicy, SessionInfo, authenticateConnectionPayloadSchema, authenticationDataSchema, bananaLinkErrorSchema, base64Schema, claimSessionPayloadSchema, clientMessageEnvelopeSchema, clientMessagePayloadSchema, clientReconnectPayloadSchema, clientSessionClaimSchema, closeSessionPayloadSchema, connectionAuthenticatedMessageSchema, connectionRejectedMessageSchema, connectionRejectedPayloadSchema, coreDAppMetadataSchema, coreSecurityPolicySchema, createSessionRequestSchema, createSessionResponseSchema, dAppMetadataSchema, displayInfoSchema, encryptedPayloadSchema, errorCodeSchema, frutiLinkSchema, originProofSchema, prefetchMetadataPayloadSchema, prefetchMetadataResponseSchema, publicKeySchema, qrPayloadSchema, reconnectedMessageSchema, rejectionDataSchema, relayMessageSchema, relayMessageTypeSchema, relayNotificationMessageSchema, relayToDAppMessageSchema, safeValidateClientMessage, safeValidateClientSessionClaim, safeValidateFrutiLink, safeValidateQRPayload, safeValidateRelayMessage, safeValidateRelayNotificationMessage, safeValidateRelayToDAppMessage, safeValidateSessionInfo, safeValidateWalletMessage, safeValidateWalletSessionClaim, securityPolicySchema, sessionClosedAckSchema, sessionClosedNotificationSchema, sessionConfigSchema, sessionIdSchema, sessionInfoSchema, sessionMetadataSchema, sessionOptionsSchema, sessionStateSchema, siweFieldsSchema, supportedChainIdSchema, validateClientMessage, validateClientSessionClaim, validateFrutiLink, validateQRPayload, validateRelayMessage, validateRelayNotificationMessage, validateRelayToDAppMessage, validateSessionInfo, validateTimestamp, validateWalletMessage, validateWalletSessionClaim, walletHandshakeMessageSchema, walletMessageEnvelopeSchema, walletMessagePayloadSchema, walletMetadataSchema, walletReconnectPayloadSchema, walletSessionClaimSchema } from './schemas-export.cjs';
|
|
1
|
+
export { DAppMetadata, DisplayInfo, EncryptedPayload, QRPayload, RelayMessage, SIWEFields, SecurityPolicy, SessionInfo, authenticateConnectionPayloadSchema, authenticationDataSchema, bananaLinkErrorSchema, base64Schema, claimSessionPayloadSchema, clientHandshakeMessageSchema, clientMessageEnvelopeSchema, clientMessagePayloadSchema, clientReconnectPayloadSchema, clientSessionClaimSchema, closeSessionPayloadSchema, connectionAuthenticatedMessageSchema, connectionRejectedMessageSchema, connectionRejectedPayloadSchema, coreDAppMetadataSchema, coreSecurityPolicySchema, createSessionRequestSchema, createSessionResponseSchema, dAppMetadataSchema, displayInfoSchema, encryptedPayloadSchema, errorCodeSchema, frutiLinkSchema, originProofSchema, prefetchMetadataPayloadSchema, prefetchMetadataResponseSchema, publicKeySchema, qrPayloadSchema, reconnectedMessageSchema, rejectionDataSchema, relayMessageSchema, relayMessageTypeSchema, relayNotificationMessageSchema, relayToDAppMessageSchema, safeValidateClientMessage, safeValidateClientSessionClaim, safeValidateFrutiLink, safeValidateQRPayload, safeValidateRelayMessage, safeValidateRelayNotificationMessage, safeValidateRelayToDAppMessage, safeValidateSessionInfo, safeValidateWalletMessage, safeValidateWalletSessionClaim, securityPolicySchema, sessionClosedAckSchema, sessionClosedNotificationSchema, sessionConfigSchema, sessionIdSchema, sessionInfoSchema, sessionMetadataSchema, sessionOptionsSchema, sessionStateSchema, siweFieldsSchema, supportedChainIdSchema, validateClientMessage, validateClientSessionClaim, validateFrutiLink, validateQRPayload, validateRelayMessage, validateRelayNotificationMessage, validateRelayToDAppMessage, validateSessionInfo, validateTimestamp, validateWalletMessage, validateWalletSessionClaim, walletHandshakeMessageSchema, walletMessageEnvelopeSchema, walletMessagePayloadSchema, walletMetadataSchema, walletReconnectPayloadSchema, walletSessionClaimSchema } from './schemas-export.cjs';
|
|
2
2
|
export { SIWEMessage, ValidationResult, createValidationResult, hasRequiredFields, isValidAddress, isValidBase64, isValidChainId, isValidDomain, isValidEncryptedPayload, isValidEncryptionAlgorithm, isValidHex, isValidMessageType, isValidNonce, isValidPublicKey, isValidSIWEMessage, isValidSessionId, isValidTimestamp, isValidUrl } from './validators-export.cjs';
|
|
3
3
|
import 'zod';
|
|
@@ -1,3 +1,3 @@
|
|
|
1
|
-
export { DAppMetadata, DisplayInfo, EncryptedPayload, QRPayload, RelayMessage, SIWEFields, SecurityPolicy, SessionInfo, authenticateConnectionPayloadSchema, authenticationDataSchema, bananaLinkErrorSchema, base64Schema, claimSessionPayloadSchema, clientMessageEnvelopeSchema, clientMessagePayloadSchema, clientReconnectPayloadSchema, clientSessionClaimSchema, closeSessionPayloadSchema, connectionAuthenticatedMessageSchema, connectionRejectedMessageSchema, connectionRejectedPayloadSchema, coreDAppMetadataSchema, coreSecurityPolicySchema, createSessionRequestSchema, createSessionResponseSchema, dAppMetadataSchema, displayInfoSchema, encryptedPayloadSchema, errorCodeSchema, frutiLinkSchema, originProofSchema, prefetchMetadataPayloadSchema, prefetchMetadataResponseSchema, publicKeySchema, qrPayloadSchema, reconnectedMessageSchema, rejectionDataSchema, relayMessageSchema, relayMessageTypeSchema, relayNotificationMessageSchema, relayToDAppMessageSchema, safeValidateClientMessage, safeValidateClientSessionClaim, safeValidateFrutiLink, safeValidateQRPayload, safeValidateRelayMessage, safeValidateRelayNotificationMessage, safeValidateRelayToDAppMessage, safeValidateSessionInfo, safeValidateWalletMessage, safeValidateWalletSessionClaim, securityPolicySchema, sessionClosedAckSchema, sessionClosedNotificationSchema, sessionConfigSchema, sessionIdSchema, sessionInfoSchema, sessionMetadataSchema, sessionOptionsSchema, sessionStateSchema, siweFieldsSchema, supportedChainIdSchema, validateClientMessage, validateClientSessionClaim, validateFrutiLink, validateQRPayload, validateRelayMessage, validateRelayNotificationMessage, validateRelayToDAppMessage, validateSessionInfo, validateTimestamp, validateWalletMessage, validateWalletSessionClaim, walletHandshakeMessageSchema, walletMessageEnvelopeSchema, walletMessagePayloadSchema, walletMetadataSchema, walletReconnectPayloadSchema, walletSessionClaimSchema } from './schemas-export.js';
|
|
1
|
+
export { DAppMetadata, DisplayInfo, EncryptedPayload, QRPayload, RelayMessage, SIWEFields, SecurityPolicy, SessionInfo, authenticateConnectionPayloadSchema, authenticationDataSchema, bananaLinkErrorSchema, base64Schema, claimSessionPayloadSchema, clientHandshakeMessageSchema, clientMessageEnvelopeSchema, clientMessagePayloadSchema, clientReconnectPayloadSchema, clientSessionClaimSchema, closeSessionPayloadSchema, connectionAuthenticatedMessageSchema, connectionRejectedMessageSchema, connectionRejectedPayloadSchema, coreDAppMetadataSchema, coreSecurityPolicySchema, createSessionRequestSchema, createSessionResponseSchema, dAppMetadataSchema, displayInfoSchema, encryptedPayloadSchema, errorCodeSchema, frutiLinkSchema, originProofSchema, prefetchMetadataPayloadSchema, prefetchMetadataResponseSchema, publicKeySchema, qrPayloadSchema, reconnectedMessageSchema, rejectionDataSchema, relayMessageSchema, relayMessageTypeSchema, relayNotificationMessageSchema, relayToDAppMessageSchema, safeValidateClientMessage, safeValidateClientSessionClaim, safeValidateFrutiLink, safeValidateQRPayload, safeValidateRelayMessage, safeValidateRelayNotificationMessage, safeValidateRelayToDAppMessage, safeValidateSessionInfo, safeValidateWalletMessage, safeValidateWalletSessionClaim, securityPolicySchema, sessionClosedAckSchema, sessionClosedNotificationSchema, sessionConfigSchema, sessionIdSchema, sessionInfoSchema, sessionMetadataSchema, sessionOptionsSchema, sessionStateSchema, siweFieldsSchema, supportedChainIdSchema, validateClientMessage, validateClientSessionClaim, validateFrutiLink, validateQRPayload, validateRelayMessage, validateRelayNotificationMessage, validateRelayToDAppMessage, validateSessionInfo, validateTimestamp, validateWalletMessage, validateWalletSessionClaim, walletHandshakeMessageSchema, walletMessageEnvelopeSchema, walletMessagePayloadSchema, walletMetadataSchema, walletReconnectPayloadSchema, walletSessionClaimSchema } from './schemas-export.js';
|
|
2
2
|
export { SIWEMessage, ValidationResult, createValidationResult, hasRequiredFields, isValidAddress, isValidBase64, isValidChainId, isValidDomain, isValidEncryptedPayload, isValidEncryptionAlgorithm, isValidHex, isValidMessageType, isValidNonce, isValidPublicKey, isValidSIWEMessage, isValidSessionId, isValidTimestamp, isValidUrl } from './validators-export.js';
|
|
3
3
|
import 'zod';
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
export { authenticateConnectionPayloadSchema, authenticationDataSchema, bananaLinkErrorSchema, base64Schema, claimSessionPayloadSchema, clientMessageEnvelopeSchema, clientMessagePayloadSchema, clientReconnectPayloadSchema, clientSessionClaimSchema, closeSessionPayloadSchema, connectionAuthenticatedMessageSchema, connectionRejectedMessageSchema, connectionRejectedPayloadSchema, dAppMetadataSchema as coreDAppMetadataSchema, securityPolicySchema as coreSecurityPolicySchema, createSessionRequestSchema, createSessionResponseSchema, dAppMetadataSchema2 as dAppMetadataSchema, displayInfoSchema, encryptedPayloadSchema, errorCodeSchema, frutiLinkSchema, originProofSchema, prefetchMetadataPayloadSchema, prefetchMetadataResponseSchema, publicKeySchema, qrPayloadSchema, reconnectedMessageSchema, rejectionDataSchema, relayMessageSchema, relayMessageTypeSchema, relayNotificationMessageSchema, relayToDAppMessageSchema, safeValidateClientMessage, safeValidateClientSessionClaim, safeValidateFrutiLink, safeValidateQRPayload, safeValidateRelayMessage, safeValidateRelayNotificationMessage, safeValidateRelayToDAppMessage, safeValidateSessionInfo, safeValidateWalletMessage, safeValidateWalletSessionClaim, securityPolicySchema2 as securityPolicySchema, sessionClosedAckSchema, sessionClosedNotificationSchema, sessionConfigSchema, sessionIdSchema, sessionInfoSchema, sessionMetadataSchema, sessionOptionsSchema, sessionStateSchema, siweFieldsSchema, supportedChainIdSchema, validateClientMessage, validateClientSessionClaim, validateFrutiLink, validateQRPayload, validateRelayMessage, validateRelayNotificationMessage, validateRelayToDAppMessage, validateSessionInfo, validateTimestamp, validateWalletMessage, validateWalletSessionClaim, walletHandshakeMessageSchema, walletMessageEnvelopeSchema, walletMessagePayloadSchema, walletMetadataSchema, walletReconnectPayloadSchema, walletSessionClaimSchema } from './chunk-
|
|
1
|
+
export { authenticateConnectionPayloadSchema, authenticationDataSchema, bananaLinkErrorSchema, base64Schema, claimSessionPayloadSchema, clientHandshakeMessageSchema, clientMessageEnvelopeSchema, clientMessagePayloadSchema, clientReconnectPayloadSchema, clientSessionClaimSchema, closeSessionPayloadSchema, connectionAuthenticatedMessageSchema, connectionRejectedMessageSchema, connectionRejectedPayloadSchema, dAppMetadataSchema as coreDAppMetadataSchema, securityPolicySchema as coreSecurityPolicySchema, createSessionRequestSchema, createSessionResponseSchema, dAppMetadataSchema2 as dAppMetadataSchema, displayInfoSchema, encryptedPayloadSchema, errorCodeSchema, frutiLinkSchema, originProofSchema, prefetchMetadataPayloadSchema, prefetchMetadataResponseSchema, publicKeySchema, qrPayloadSchema, reconnectedMessageSchema, rejectionDataSchema, relayMessageSchema, relayMessageTypeSchema, relayNotificationMessageSchema, relayToDAppMessageSchema, safeValidateClientMessage, safeValidateClientSessionClaim, safeValidateFrutiLink, safeValidateQRPayload, safeValidateRelayMessage, safeValidateRelayNotificationMessage, safeValidateRelayToDAppMessage, safeValidateSessionInfo, safeValidateWalletMessage, safeValidateWalletSessionClaim, securityPolicySchema2 as securityPolicySchema, sessionClosedAckSchema, sessionClosedNotificationSchema, sessionConfigSchema, sessionIdSchema, sessionInfoSchema, sessionMetadataSchema, sessionOptionsSchema, sessionStateSchema, siweFieldsSchema, supportedChainIdSchema, validateClientMessage, validateClientSessionClaim, validateFrutiLink, validateQRPayload, validateRelayMessage, validateRelayNotificationMessage, validateRelayToDAppMessage, validateSessionInfo, validateTimestamp, validateWalletMessage, validateWalletSessionClaim, walletHandshakeMessageSchema, walletMessageEnvelopeSchema, walletMessagePayloadSchema, walletMetadataSchema, walletReconnectPayloadSchema, walletSessionClaimSchema } from './chunk-XCMAKN3P.js';
|
|
2
2
|
import './chunk-CUJK7ZTS.js';
|
|
3
3
|
export { createValidationResult, hasRequiredFields, isValidAddress, isValidBase64, isValidChainId, isValidDomain, isValidEncryptedPayload, isValidEncryptionAlgorithm, isValidHex, isValidMessageType, isValidNonce, isValidPublicKey, isValidSIWEMessage, isValidSessionId, isValidTimestamp, isValidUrl } from './chunk-JXHV66Q4.js';
|
|
4
4
|
import './chunk-WCQVDF3K.js';
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@bananalink-sdk/protocol",
|
|
3
|
-
"version": "1.
|
|
3
|
+
"version": "1.4.0",
|
|
4
4
|
"description": "Core protocol definitions for BananaLink. Provides TypeScript types, Zod validation schemas, cryptographic utilities, and shared constants for wallet connections.",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"keywords": [
|
|
@@ -6,7 +6,6 @@ import { hmac } from '@noble/hashes/hmac.js';
|
|
|
6
6
|
import { sha256 } from '@noble/hashes/sha2.js';
|
|
7
7
|
import type { Logger } from '@bananalink-sdk/logger';
|
|
8
8
|
import type { CryptoProvider, CryptoKeyLike, ProviderKeyPair } from '../../types/crypto-provider';
|
|
9
|
-
import { registerCryptoProvider } from './registry';
|
|
10
9
|
|
|
11
10
|
/**
|
|
12
11
|
* Noble library implementation of CryptoKeyLike
|
|
@@ -17,7 +16,7 @@ class NobleKey implements CryptoKeyLike {
|
|
|
17
16
|
public readonly type: 'public' | 'private' | 'secret',
|
|
18
17
|
public readonly algorithm: string,
|
|
19
18
|
public readonly extractable: boolean = true,
|
|
20
|
-
public readonly usages: readonly string[] = []
|
|
19
|
+
public readonly usages: readonly string[] = [],
|
|
21
20
|
) {}
|
|
22
21
|
}
|
|
23
22
|
|
|
@@ -46,7 +45,7 @@ export class NobleCryptoProvider implements CryptoProvider {
|
|
|
46
45
|
const publicKeyUncompressed = p256.getPublicKey(privateKeyBytes, false); // false = uncompressed
|
|
47
46
|
|
|
48
47
|
this.logger?.debug('Key pair generation completed', {
|
|
49
|
-
publicKeyLength: publicKeyUncompressed.length
|
|
48
|
+
publicKeyLength: publicKeyUncompressed.length,
|
|
50
49
|
});
|
|
51
50
|
|
|
52
51
|
return Promise.resolve({
|
|
@@ -57,8 +56,8 @@ export class NobleCryptoProvider implements CryptoProvider {
|
|
|
57
56
|
this.logger?.error('Key pair generation failed', {
|
|
58
57
|
error: {
|
|
59
58
|
message: error instanceof Error ? error.message : String(error),
|
|
60
|
-
stack: error instanceof Error ? error.stack : undefined
|
|
61
|
-
}
|
|
59
|
+
stack: error instanceof Error ? error.stack : undefined,
|
|
60
|
+
},
|
|
62
61
|
});
|
|
63
62
|
throw error;
|
|
64
63
|
}
|
|
@@ -72,7 +71,9 @@ export class NobleCryptoProvider implements CryptoProvider {
|
|
|
72
71
|
if (nobleKey.type !== 'public') {
|
|
73
72
|
throw new Error('Expected public key');
|
|
74
73
|
}
|
|
75
|
-
return Promise.resolve(
|
|
74
|
+
return Promise.resolve(
|
|
75
|
+
nobleKey.data.buffer.slice(nobleKey.data.byteOffset, nobleKey.data.byteOffset + nobleKey.data.byteLength),
|
|
76
|
+
);
|
|
76
77
|
}
|
|
77
78
|
|
|
78
79
|
/**
|
|
@@ -83,7 +84,9 @@ export class NobleCryptoProvider implements CryptoProvider {
|
|
|
83
84
|
if (nobleKey.type !== 'private') {
|
|
84
85
|
throw new Error('Expected private key');
|
|
85
86
|
}
|
|
86
|
-
return Promise.resolve(
|
|
87
|
+
return Promise.resolve(
|
|
88
|
+
nobleKey.data.buffer.slice(nobleKey.data.byteOffset, nobleKey.data.byteOffset + nobleKey.data.byteLength),
|
|
89
|
+
);
|
|
87
90
|
}
|
|
88
91
|
|
|
89
92
|
/**
|
|
@@ -95,8 +98,12 @@ export class NobleCryptoProvider implements CryptoProvider {
|
|
|
95
98
|
// Debug logging
|
|
96
99
|
this.logger?.debug('importPublicKey called', {
|
|
97
100
|
keyLength: keyBytes.length,
|
|
98
|
-
keyBytesFirst20: Array.from(keyBytes.slice(0, 20))
|
|
99
|
-
|
|
101
|
+
keyBytesFirst20: Array.from(keyBytes.slice(0, 20))
|
|
102
|
+
.map((b) => b.toString(16).padStart(2, '0'))
|
|
103
|
+
.join(' '),
|
|
104
|
+
keyBytesHex: Array.from(keyBytes)
|
|
105
|
+
.map((b) => b.toString(16).padStart(2, '0'))
|
|
106
|
+
.join(''),
|
|
100
107
|
});
|
|
101
108
|
|
|
102
109
|
// Validate public key using Noble's validation
|
|
@@ -107,7 +114,7 @@ export class NobleCryptoProvider implements CryptoProvider {
|
|
|
107
114
|
if (keyBytes.length === 65) {
|
|
108
115
|
// Already in uncompressed format (0x04 + 32 + 32)
|
|
109
116
|
this.logger?.debug('Processing 65-byte key', {
|
|
110
|
-
firstByte: `0x${keyBytes[0].toString(16)}
|
|
117
|
+
firstByte: `0x${keyBytes[0].toString(16)}`,
|
|
111
118
|
});
|
|
112
119
|
if (keyBytes[0] !== 0x04) {
|
|
113
120
|
throw new Error(`Expected uncompressed key (0x04 prefix), got 0x${keyBytes[0].toString(16)}`);
|
|
@@ -117,7 +124,7 @@ export class NobleCryptoProvider implements CryptoProvider {
|
|
|
117
124
|
// Raw format (32 + 32) - needs 0x04 prefix for Noble
|
|
118
125
|
// This is the WebCrypto export format
|
|
119
126
|
this.logger?.debug('Processing 64-byte key', {
|
|
120
|
-
action: 'adding 0x04 prefix'
|
|
127
|
+
action: 'adding 0x04 prefix',
|
|
121
128
|
});
|
|
122
129
|
processedKeyBytes = new Uint8Array(65);
|
|
123
130
|
processedKeyBytes[0] = 0x04; // Uncompressed point indicator
|
|
@@ -128,25 +135,27 @@ export class NobleCryptoProvider implements CryptoProvider {
|
|
|
128
135
|
|
|
129
136
|
this.logger?.debug('Key processing completed', {
|
|
130
137
|
processedLength: processedKeyBytes.length,
|
|
131
|
-
processedFirst20: Array.from(processedKeyBytes.slice(0, 20))
|
|
138
|
+
processedFirst20: Array.from(processedKeyBytes.slice(0, 20))
|
|
139
|
+
.map((b) => b.toString(16).padStart(2, '0'))
|
|
140
|
+
.join(' '),
|
|
132
141
|
});
|
|
133
142
|
|
|
134
143
|
// Validate using Noble's validation
|
|
135
144
|
const isValid = p256.utils.isValidPublicKey(processedKeyBytes, false); // false = allow uncompressed
|
|
136
145
|
this.logger?.debug('Noble key validation completed', {
|
|
137
|
-
isValid
|
|
146
|
+
isValid,
|
|
138
147
|
});
|
|
139
148
|
|
|
140
149
|
if (!isValid) {
|
|
141
150
|
// Try additional debugging
|
|
142
151
|
this.logger?.debug('Key validation failed, trying alternative approaches', {
|
|
143
|
-
originalValidation: false
|
|
152
|
+
originalValidation: false,
|
|
144
153
|
});
|
|
145
154
|
|
|
146
155
|
// Try with compressed format check
|
|
147
156
|
const isValidCompressed = p256.utils.isValidPublicKey(processedKeyBytes, true);
|
|
148
157
|
this.logger?.debug('Alternative validation attempted', {
|
|
149
|
-
compressedFormatValid: isValidCompressed
|
|
158
|
+
compressedFormatValid: isValidCompressed,
|
|
150
159
|
});
|
|
151
160
|
|
|
152
161
|
throw new Error('Key failed Noble validation');
|
|
@@ -157,8 +166,8 @@ export class NobleCryptoProvider implements CryptoProvider {
|
|
|
157
166
|
this.logger?.error('Public key import failed', {
|
|
158
167
|
error: {
|
|
159
168
|
message: error instanceof Error ? error.message : String(error),
|
|
160
|
-
stack: error instanceof Error ? error.stack : undefined
|
|
161
|
-
}
|
|
169
|
+
stack: error instanceof Error ? error.stack : undefined,
|
|
170
|
+
},
|
|
162
171
|
});
|
|
163
172
|
throw new Error(`Invalid P-256 public key: ${String(error)}`);
|
|
164
173
|
}
|
|
@@ -194,14 +203,14 @@ export class NobleCryptoProvider implements CryptoProvider {
|
|
|
194
203
|
if (privKey.type !== 'private') {
|
|
195
204
|
const error = new Error('Expected private key');
|
|
196
205
|
this.logger?.error('Shared secret derivation failed - invalid private key type', {
|
|
197
|
-
actualType: privKey.type
|
|
206
|
+
actualType: privKey.type,
|
|
198
207
|
});
|
|
199
208
|
throw error;
|
|
200
209
|
}
|
|
201
210
|
if (pubKey.type !== 'public') {
|
|
202
211
|
const error = new Error('Expected public key');
|
|
203
212
|
this.logger?.error('Shared secret derivation failed - invalid public key type', {
|
|
204
|
-
actualType: pubKey.type
|
|
213
|
+
actualType: pubKey.type,
|
|
205
214
|
});
|
|
206
215
|
throw error;
|
|
207
216
|
}
|
|
@@ -213,7 +222,7 @@ export class NobleCryptoProvider implements CryptoProvider {
|
|
|
213
222
|
const xCoordinate = sharedSecret.slice(1, 33); // Skip 0x04 prefix, take next 32 bytes
|
|
214
223
|
|
|
215
224
|
this.logger?.debug('Shared secret derivation completed', {
|
|
216
|
-
sharedSecretLength: xCoordinate.length
|
|
225
|
+
sharedSecretLength: xCoordinate.length,
|
|
217
226
|
});
|
|
218
227
|
|
|
219
228
|
return Promise.resolve(new NobleKey(xCoordinate, 'secret', 'AES-GCM', true, ['encrypt', 'decrypt']));
|
|
@@ -221,8 +230,8 @@ export class NobleCryptoProvider implements CryptoProvider {
|
|
|
221
230
|
this.logger?.error('Shared secret derivation failed', {
|
|
222
231
|
error: {
|
|
223
232
|
message: error instanceof Error ? error.message : String(error),
|
|
224
|
-
stack: error instanceof Error ? error.stack : undefined
|
|
225
|
-
}
|
|
233
|
+
stack: error instanceof Error ? error.stack : undefined,
|
|
234
|
+
},
|
|
226
235
|
});
|
|
227
236
|
throw error;
|
|
228
237
|
}
|
|
@@ -258,7 +267,7 @@ export class NobleCryptoProvider implements CryptoProvider {
|
|
|
258
267
|
encrypt(key: CryptoKeyLike, data: ArrayBuffer, iv: ArrayBuffer): Promise<ArrayBuffer> {
|
|
259
268
|
this.logger?.debug('Encrypting data with AES-GCM using Noble', {
|
|
260
269
|
dataSize: data.byteLength,
|
|
261
|
-
ivSize: iv.byteLength
|
|
270
|
+
ivSize: iv.byteLength,
|
|
262
271
|
});
|
|
263
272
|
|
|
264
273
|
const secretKey = key as NobleKey;
|
|
@@ -266,7 +275,7 @@ export class NobleCryptoProvider implements CryptoProvider {
|
|
|
266
275
|
if (secretKey.type !== 'secret') {
|
|
267
276
|
const error = new Error('Expected secret key');
|
|
268
277
|
this.logger?.error('Encryption failed - invalid key type', {
|
|
269
|
-
actualType: secretKey.type
|
|
278
|
+
actualType: secretKey.type,
|
|
270
279
|
});
|
|
271
280
|
throw error;
|
|
272
281
|
}
|
|
@@ -276,16 +285,18 @@ export class NobleCryptoProvider implements CryptoProvider {
|
|
|
276
285
|
const ciphertext = aesGcm.encrypt(new Uint8Array(data));
|
|
277
286
|
|
|
278
287
|
this.logger?.debug('Encryption completed', {
|
|
279
|
-
ciphertextSize: ciphertext.byteLength
|
|
288
|
+
ciphertextSize: ciphertext.byteLength,
|
|
280
289
|
});
|
|
281
290
|
|
|
282
|
-
return Promise.resolve(
|
|
291
|
+
return Promise.resolve(
|
|
292
|
+
ciphertext.buffer.slice(ciphertext.byteOffset, ciphertext.byteOffset + ciphertext.byteLength),
|
|
293
|
+
);
|
|
283
294
|
} catch (error) {
|
|
284
295
|
this.logger?.error('Encryption failed', {
|
|
285
296
|
error: {
|
|
286
297
|
message: error instanceof Error ? error.message : String(error),
|
|
287
|
-
stack: error instanceof Error ? error.stack : undefined
|
|
288
|
-
}
|
|
298
|
+
stack: error instanceof Error ? error.stack : undefined,
|
|
299
|
+
},
|
|
289
300
|
});
|
|
290
301
|
throw error;
|
|
291
302
|
}
|
|
@@ -297,7 +308,7 @@ export class NobleCryptoProvider implements CryptoProvider {
|
|
|
297
308
|
decrypt(key: CryptoKeyLike, data: ArrayBuffer, iv: ArrayBuffer): Promise<ArrayBuffer> {
|
|
298
309
|
this.logger?.debug('Decrypting data with AES-GCM using Noble', {
|
|
299
310
|
dataSize: data.byteLength,
|
|
300
|
-
ivSize: iv.byteLength
|
|
311
|
+
ivSize: iv.byteLength,
|
|
301
312
|
});
|
|
302
313
|
|
|
303
314
|
const secretKey = key as NobleKey;
|
|
@@ -305,7 +316,7 @@ export class NobleCryptoProvider implements CryptoProvider {
|
|
|
305
316
|
if (secretKey.type !== 'secret') {
|
|
306
317
|
const error = new Error('Expected secret key');
|
|
307
318
|
this.logger?.error('Decryption failed - invalid key type', {
|
|
308
|
-
actualType: secretKey.type
|
|
319
|
+
actualType: secretKey.type,
|
|
309
320
|
});
|
|
310
321
|
throw error;
|
|
311
322
|
}
|
|
@@ -315,7 +326,7 @@ export class NobleCryptoProvider implements CryptoProvider {
|
|
|
315
326
|
const plaintext = aesGcm.decrypt(new Uint8Array(data));
|
|
316
327
|
|
|
317
328
|
this.logger?.debug('Decryption completed', {
|
|
318
|
-
plaintextSize: plaintext.byteLength
|
|
329
|
+
plaintextSize: plaintext.byteLength,
|
|
319
330
|
});
|
|
320
331
|
|
|
321
332
|
return Promise.resolve(plaintext.buffer.slice(plaintext.byteOffset, plaintext.byteOffset + plaintext.byteLength));
|
|
@@ -323,8 +334,8 @@ export class NobleCryptoProvider implements CryptoProvider {
|
|
|
323
334
|
this.logger?.error('Decryption failed', {
|
|
324
335
|
error: {
|
|
325
336
|
message: error instanceof Error ? error.message : String(error),
|
|
326
|
-
stack: error instanceof Error ? error.stack : undefined
|
|
327
|
-
}
|
|
337
|
+
stack: error instanceof Error ? error.stack : undefined,
|
|
338
|
+
},
|
|
328
339
|
});
|
|
329
340
|
throw error;
|
|
330
341
|
}
|
|
@@ -374,19 +385,3 @@ export class NobleCryptoProvider implements CryptoProvider {
|
|
|
374
385
|
}
|
|
375
386
|
}
|
|
376
387
|
}
|
|
377
|
-
|
|
378
|
-
/**
|
|
379
|
-
* Self-register Noble provider on import
|
|
380
|
-
* This allows the provider to be available when explicitly imported
|
|
381
|
-
*/
|
|
382
|
-
registerCryptoProvider('noble', (logger) => new NobleCryptoProvider(logger));
|
|
383
|
-
|
|
384
|
-
// TypeScript module augmentation to track this provider is available
|
|
385
|
-
declare global {
|
|
386
|
-
// eslint-disable-next-line @typescript-eslint/no-namespace
|
|
387
|
-
namespace BananaLink {
|
|
388
|
-
interface RegisteredCryptoProviders {
|
|
389
|
-
noble: true;
|
|
390
|
-
}
|
|
391
|
-
}
|
|
392
|
-
}
|
|
@@ -1,6 +1,5 @@
|
|
|
1
1
|
import type { Logger } from '@bananalink-sdk/logger';
|
|
2
2
|
import type { CryptoProvider, CryptoKeyLike, ProviderKeyPair } from '../../types/crypto-provider';
|
|
3
|
-
import { registerCryptoProvider } from './registry';
|
|
4
3
|
|
|
5
4
|
/**
|
|
6
5
|
* Type definition for Node.js crypto module (loaded dynamically to prevent Metro bundling)
|
|
@@ -14,7 +13,7 @@ type NodeCrypto = typeof import('crypto');
|
|
|
14
13
|
class NodeCryptoKeyWrapper implements CryptoKeyLike {
|
|
15
14
|
constructor(
|
|
16
15
|
private readonly keyObject: unknown, // crypto.KeyObject | Buffer at runtime
|
|
17
|
-
private readonly keyType: 'public' | 'private' | 'secret'
|
|
16
|
+
private readonly keyType: 'public' | 'private' | 'secret',
|
|
18
17
|
) {}
|
|
19
18
|
|
|
20
19
|
get type(): 'public' | 'private' | 'secret' {
|
|
@@ -101,10 +100,7 @@ export class NodeCryptoProvider implements CryptoProvider {
|
|
|
101
100
|
// Dynamic import prevents static analysis by bundlers
|
|
102
101
|
this.cryptoModule = await import('crypto');
|
|
103
102
|
} catch {
|
|
104
|
-
throw new Error(
|
|
105
|
-
'Failed to load Node.js crypto module. ' +
|
|
106
|
-
'This provider requires a Node.js environment.'
|
|
107
|
-
);
|
|
103
|
+
throw new Error('Failed to load Node.js crypto module. ' + 'This provider requires a Node.js environment.');
|
|
108
104
|
}
|
|
109
105
|
}
|
|
110
106
|
return this.cryptoModule;
|
|
@@ -138,7 +134,7 @@ export class NodeCryptoProvider implements CryptoProvider {
|
|
|
138
134
|
publicKey: new NodeCryptoKeyWrapper(publicKey, 'public'),
|
|
139
135
|
privateKey: new NodeCryptoKeyWrapper(privateKey, 'private'),
|
|
140
136
|
});
|
|
141
|
-
}
|
|
137
|
+
},
|
|
142
138
|
);
|
|
143
139
|
});
|
|
144
140
|
}
|
|
@@ -152,9 +148,10 @@ export class NodeCryptoProvider implements CryptoProvider {
|
|
|
152
148
|
const keyObject = unwrapKeyObject(publicKey);
|
|
153
149
|
|
|
154
150
|
// If it's a Buffer (DER format from generateKeyPair), convert to KeyObject first
|
|
155
|
-
const keyObj =
|
|
156
|
-
|
|
157
|
-
|
|
151
|
+
const keyObj =
|
|
152
|
+
keyObject instanceof Buffer
|
|
153
|
+
? cryptoModule.createPublicKey({ key: keyObject, format: 'der', type: 'spki' })
|
|
154
|
+
: keyObject;
|
|
158
155
|
|
|
159
156
|
// Export as JWK to get X/Y coordinates
|
|
160
157
|
// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-call, @typescript-eslint/no-unsafe-member-access, @typescript-eslint/no-explicit-any
|
|
@@ -168,10 +165,7 @@ export class NodeCryptoProvider implements CryptoProvider {
|
|
|
168
165
|
const uncompressed = Buffer.concat([Buffer.from([0x04]), x, y]);
|
|
169
166
|
|
|
170
167
|
return await Promise.resolve(
|
|
171
|
-
uncompressed.buffer.slice(
|
|
172
|
-
uncompressed.byteOffset,
|
|
173
|
-
uncompressed.byteOffset + uncompressed.byteLength
|
|
174
|
-
)
|
|
168
|
+
uncompressed.buffer.slice(uncompressed.byteOffset, uncompressed.byteOffset + uncompressed.byteLength),
|
|
175
169
|
);
|
|
176
170
|
}
|
|
177
171
|
|
|
@@ -195,9 +189,7 @@ export class NodeCryptoProvider implements CryptoProvider {
|
|
|
195
189
|
const jwk = keyObj.export({ format: 'jwk' });
|
|
196
190
|
const dValue = Buffer.from(jwk.d as string, 'base64url');
|
|
197
191
|
|
|
198
|
-
return await Promise.resolve(
|
|
199
|
-
dValue.buffer.slice(dValue.byteOffset, dValue.byteOffset + dValue.byteLength)
|
|
200
|
-
);
|
|
192
|
+
return await Promise.resolve(dValue.buffer.slice(dValue.byteOffset, dValue.byteOffset + dValue.byteLength));
|
|
201
193
|
}
|
|
202
194
|
|
|
203
195
|
/**
|
|
@@ -279,11 +271,7 @@ export class NodeCryptoProvider implements CryptoProvider {
|
|
|
279
271
|
/**
|
|
280
272
|
* Derive AES-GCM encryption key using HKDF-SHA256
|
|
281
273
|
*/
|
|
282
|
-
async deriveEncryptionKey(
|
|
283
|
-
sharedSecret: CryptoKeyLike,
|
|
284
|
-
salt: ArrayBuffer,
|
|
285
|
-
info: ArrayBuffer
|
|
286
|
-
): Promise<CryptoKeyLike> {
|
|
274
|
+
async deriveEncryptionKey(sharedSecret: CryptoKeyLike, salt: ArrayBuffer, info: ArrayBuffer): Promise<CryptoKeyLike> {
|
|
287
275
|
this.logger?.debug('Deriving AES-GCM encryption key');
|
|
288
276
|
const cryptoModule = await this.getCrypto();
|
|
289
277
|
|
|
@@ -298,7 +286,7 @@ export class NodeCryptoProvider implements CryptoProvider {
|
|
|
298
286
|
Buffer.isBuffer(sharedSecretRaw) ? sharedSecretRaw : Buffer.from(sharedSecretRaw),
|
|
299
287
|
Buffer.from(salt),
|
|
300
288
|
Buffer.from(info),
|
|
301
|
-
32 // 256 bits
|
|
289
|
+
32, // 256 bits
|
|
302
290
|
) as Buffer;
|
|
303
291
|
|
|
304
292
|
// Create secret key object
|
|
@@ -318,20 +306,13 @@ export class NodeCryptoProvider implements CryptoProvider {
|
|
|
318
306
|
'aes-256-gcm',
|
|
319
307
|
// eslint-disable-next-line @typescript-eslint/no-unsafe-argument, @typescript-eslint/no-unsafe-call, @typescript-eslint/no-unsafe-member-access, @typescript-eslint/no-explicit-any
|
|
320
308
|
(keyObject as any).export(),
|
|
321
|
-
Buffer.from(iv)
|
|
309
|
+
Buffer.from(iv),
|
|
322
310
|
);
|
|
323
311
|
|
|
324
|
-
const encrypted = Buffer.concat([
|
|
325
|
-
cipher.update(Buffer.from(data)),
|
|
326
|
-
cipher.final(),
|
|
327
|
-
cipher.getAuthTag(),
|
|
328
|
-
]);
|
|
312
|
+
const encrypted = Buffer.concat([cipher.update(Buffer.from(data)), cipher.final(), cipher.getAuthTag()]);
|
|
329
313
|
|
|
330
314
|
return await Promise.resolve(
|
|
331
|
-
encrypted.buffer.slice(
|
|
332
|
-
encrypted.byteOffset,
|
|
333
|
-
encrypted.byteOffset + encrypted.byteLength
|
|
334
|
-
)
|
|
315
|
+
encrypted.buffer.slice(encrypted.byteOffset, encrypted.byteOffset + encrypted.byteLength),
|
|
335
316
|
);
|
|
336
317
|
}
|
|
337
318
|
|
|
@@ -352,17 +333,14 @@ export class NodeCryptoProvider implements CryptoProvider {
|
|
|
352
333
|
'aes-256-gcm',
|
|
353
334
|
// eslint-disable-next-line @typescript-eslint/no-unsafe-argument, @typescript-eslint/no-unsafe-call, @typescript-eslint/no-unsafe-member-access, @typescript-eslint/no-explicit-any
|
|
354
335
|
(keyObject as any).export(),
|
|
355
|
-
Buffer.from(iv)
|
|
336
|
+
Buffer.from(iv),
|
|
356
337
|
);
|
|
357
338
|
decipher.setAuthTag(authTag);
|
|
358
339
|
|
|
359
340
|
const decrypted = Buffer.concat([decipher.update(ciphertext), decipher.final()]);
|
|
360
341
|
|
|
361
342
|
return await Promise.resolve(
|
|
362
|
-
decrypted.buffer.slice(
|
|
363
|
-
decrypted.byteOffset,
|
|
364
|
-
decrypted.byteOffset + decrypted.byteLength
|
|
365
|
-
)
|
|
343
|
+
decrypted.buffer.slice(decrypted.byteOffset, decrypted.byteOffset + decrypted.byteLength),
|
|
366
344
|
);
|
|
367
345
|
}
|
|
368
346
|
|
|
@@ -397,10 +375,7 @@ export class NodeCryptoProvider implements CryptoProvider {
|
|
|
397
375
|
}
|
|
398
376
|
|
|
399
377
|
// Constant-time comparison
|
|
400
|
-
return cryptoModule.timingSafeEqual(
|
|
401
|
-
Buffer.from(expected),
|
|
402
|
-
Buffer.from(actual)
|
|
403
|
-
);
|
|
378
|
+
return cryptoModule.timingSafeEqual(Buffer.from(expected), Buffer.from(actual));
|
|
404
379
|
}
|
|
405
380
|
|
|
406
381
|
/**
|
|
@@ -410,24 +385,8 @@ export class NodeCryptoProvider implements CryptoProvider {
|
|
|
410
385
|
randomBytes(length: number): ArrayBuffer {
|
|
411
386
|
// Use cached module if available, otherwise use synchronous require
|
|
412
387
|
// eslint-disable-next-line @typescript-eslint/no-require-imports
|
|
413
|
-
const cryptoModule = this.cryptoModule ?? require('crypto') as NodeCrypto;
|
|
388
|
+
const cryptoModule = this.cryptoModule ?? (require('crypto') as NodeCrypto);
|
|
414
389
|
const buffer = cryptoModule.randomBytes(length);
|
|
415
390
|
return buffer.buffer.slice(buffer.byteOffset, buffer.byteOffset + buffer.byteLength);
|
|
416
391
|
}
|
|
417
392
|
}
|
|
418
|
-
|
|
419
|
-
/**
|
|
420
|
-
* Self-register Node provider on import
|
|
421
|
-
* This allows the provider to be available when explicitly imported
|
|
422
|
-
*/
|
|
423
|
-
registerCryptoProvider('node', (logger) => new NodeCryptoProvider(logger));
|
|
424
|
-
|
|
425
|
-
// TypeScript module augmentation to track this provider is available
|
|
426
|
-
declare global {
|
|
427
|
-
// eslint-disable-next-line @typescript-eslint/no-namespace
|
|
428
|
-
namespace BananaLink {
|
|
429
|
-
interface RegisteredCryptoProviders {
|
|
430
|
-
node: true;
|
|
431
|
-
}
|
|
432
|
-
}
|
|
433
|
-
}
|