npm - @bcts/components - Versions diffs - 1.0.0-alpha.9 → 1.0.0-beta.0 - Mend

@bcts/components 1.0.0-alpha.9 → 1.0.0-beta.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (24) hide show

package/LICENSE +3 -2
package/README.md +24 -1
package/dist/digest-B1bpgcdz.mjs +943 -0
package/dist/digest-B1bpgcdz.mjs.map +1 -0
package/dist/digest-DL5sTq8T.cjs +996 -0
package/dist/digest-DL5sTq8T.cjs.map +1 -0
package/dist/digest-DRakTOWS.cjs +2 -0
package/dist/index.cjs +9892 -5140
package/dist/index.cjs.map +1 -1
package/dist/index.d.cts +5783 -3068
package/dist/index.d.cts.map +1 -1
package/dist/index.d.mts +5783 -3068
package/dist/index.d.mts.map +1 -1
package/dist/index.iife.js +10566 -5364
package/dist/index.iife.js.map +1 -1
package/dist/index.mjs +9566 -4845
package/dist/index.mjs.map +1 -1
package/package.json +25 -23
package/dist/digest--g2P5w95.mjs +0 -459
package/dist/digest--g2P5w95.mjs.map +0 -1
package/dist/digest-BquQoTdd.cjs +0 -507
package/dist/digest-BquQoTdd.cjs.map +0 -1
package/dist/digest-D5KUIzcO.mjs +0 -3
package/dist/digest-Wqhb0Fzf.cjs +0 -3

package/LICENSE CHANGED Viewed

@@ -1,5 +1,6 @@
-Copyright © 2023 Blockchain Commons, LLC
-Copyright © 2025 Leonardo Amoroso Custodio
+Copyright © 2023-2026 Blockchain Commons, LLC
+Copyright © 2025-2026 Parity Technologies
 Redistribution and use in source and binary forms, with or without modification,
 are permitted provided that the following conditions are met:

package/README.md CHANGED Viewed

@@ -10,5 +10,28 @@ Also includes a library of CBOR tags and UR types for use with these types.
 ## Rust Reference Implementation
-This TypeScript implementation is based on [bc-components-rust](https://github.com/BlockchainCommons/bc-components-rust) **v0.30.0** ([commit](https://github.com/BlockchainCommons/bc-components-rust/tree/f3d0081db048da942f316aa4cb5128af8921edd8)).
+This TypeScript implementation is based on [bc-components-rust](https://github.com/BlockchainCommons/bc-components-rust) **v0.31.1** ([commit](https://github.com/BlockchainCommons/bc-components-rust/tree/cc4d40218810319e286dc2d4e588731a3a70d0f5)).
+### SSH Support
+OpenSSH text-format keys, signatures, and certificates round-trip byte-identically with Rust's `bc-components-rust`. They can be parsed, re-serialized, signed with, and verified directly via the `SSHPrivateKey`, `SSHPublicKey`, `SSHSignature`, and `SSHCertificate` classes, and they format correctly through the envelope summarizers (`tag(40800..40803)`).
+Algorithms supported for direct sign/verify and round-trip:
+- Ed25519 (`ssh-ed25519`)
+- ECDSA P-256 (`ecdsa-sha2-nistp256`, SHA-256)
+- ECDSA P-384 (`ecdsa-sha2-nistp384`, SHA-384)
+- DSA (`ssh-dss`, 1024-bit p / 160-bit q / SHA-1) — RFC 6979 deterministic `k`, byte-identical to Rust's `dsa` crate. Cryptographically deprecated; supported only for legacy interop.
+#### Deferred SSH features
+The following are deferred and will throw a clear error when attempted:
+- **SSH agent integration** — `SignatureScheme::SshEd25519` / `SshDsa` / `SshEcdsaP256` / `SshEcdsaP384` dispatch through `SigningPrivateKey.signWithOptions`, plus `SSHAgent` key-derivation. These require a platform-specific agent transport that is not yet wired up. Use the SSH classes directly, or use `Ed25519` / `Schnorr` / `Ecdsa` / `Sr25519` / `MLDSA*` schemes; for key derivation use `HKDF`, `PBKDF2`, `Scrypt`, or `Argon2id`.
+- **Encrypted private keys** — `OPENSSH PRIVATE KEY` blocks with `ciphername != "none"` (bcrypt-pbkdf + AES-256-CTR) are rejected.
+- **RSA-2048** (`ssh-rsa`) — pending Noble RSA primitives.
+- **ECDSA P-521** (`ecdsa-sha2-nistp521`) — pending upstream fix in `ssh-key` ([RustCrypto/SSH#232](https://github.com/RustCrypto/SSH/issues/232)).
+- **`cert-v01@openssh.com` validation** — `SSHCertificate` round-trips the OpenSSH text verbatim and uses the fixed summarizer string, matching Rust's placeholder-only state.
+See `SSH_PLAN.md` at the repo root for the detailed parity history.