@cardanowall/crypto-core 0.0.0 → 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +19 -23
- package/package.json +2 -2
package/README.md
CHANGED
|
@@ -20,7 +20,7 @@ the SDKs (`@cardanowall/sdk-ts`, `@cardanowall/sdk-py`) are built on top of thes
|
|
|
20
20
|
|
|
21
21
|
Hybrid post-quantum is first-class: the X-Wing KEM (`mlkem768x25519`, ML-KEM-768 + X25519 per
|
|
22
22
|
draft-connolly-cfrg-xwing-kem) is a supported sealed-PoE branch alongside classical X25519, and
|
|
23
|
-
every seed-derived identity carries an X-Wing keypair so it can always
|
|
23
|
+
every seed-derived identity carries an X-Wing keypair so it can always _receive_ hybrid records.
|
|
24
24
|
|
|
25
25
|
## Install
|
|
26
26
|
|
|
@@ -66,11 +66,7 @@ const { sha256, blake2b256 } = await dualHashStream(fileChunkAsyncIterable);
|
|
|
66
66
|
### Derive an identity and sign
|
|
67
67
|
|
|
68
68
|
```ts
|
|
69
|
-
import {
|
|
70
|
-
deriveEd25519KeypairFromSeed,
|
|
71
|
-
signEd25519,
|
|
72
|
-
verifyEd25519,
|
|
73
|
-
} from '@cardanowall/crypto-core';
|
|
69
|
+
import { deriveEd25519KeypairFromSeed, signEd25519, verifyEd25519 } from '@cardanowall/crypto-core';
|
|
74
70
|
|
|
75
71
|
const seed = crypto.getRandomValues(new Uint8Array(32)); // 32-byte identity seed
|
|
76
72
|
const { secretKey, publicKey } = deriveEd25519KeypairFromSeed(seed);
|
|
@@ -116,7 +112,7 @@ if (result.matched) {
|
|
|
116
112
|
|
|
117
113
|
Recipients holding a rotated identity (current key plus archived keys, across both KEMs) pass the
|
|
118
114
|
whole `recipientKeyBundle` instead of a single key; the trial-decrypt loop is constant-time over the
|
|
119
|
-
slot count by default. `eciesSealedPoeTrialDecrypt` recovers the content key and slot index
|
|
115
|
+
slot count by default. `eciesSealedPoeTrialDecrypt` recovers the content key and slot index _without_
|
|
120
116
|
the off-chain ciphertext — the operation an inbox scanner runs to discover readable records before
|
|
121
117
|
fetching their blobs.
|
|
122
118
|
|
|
@@ -130,7 +126,7 @@ import {
|
|
|
130
126
|
} from '@cardanowall/crypto-core';
|
|
131
127
|
|
|
132
128
|
const classical = encodeAgeX25519Recipient(recipient.publicKey); // "age1…"
|
|
133
|
-
const hybrid = encodeAgeXWingRecipient(xwingPublicKey);
|
|
129
|
+
const hybrid = encodeAgeXWingRecipient(xwingPublicKey); // "age1pqc…"
|
|
134
130
|
|
|
135
131
|
const parsed = parseAgeRecipient(classical);
|
|
136
132
|
// { kem: 'x25519' | 'mlkem768x25519', publicKey: Uint8Array } — routed on the bech32 prefix
|
|
@@ -140,21 +136,21 @@ const parsed = parseAgeRecipient(classical);
|
|
|
140
136
|
|
|
141
137
|
Each group is also a subpath export. Names below are the actual exported symbols.
|
|
142
138
|
|
|
143
|
-
| Group | Catalogue
|
|
144
|
-
| ------------- |
|
|
145
|
-
| `hash` | `sha256` (FIPS 180-4), `blake2b256` / `blake2b224` (RFC 7693, CIP-19), `dualHash` / `dualHashStream`, `merkleSha2256Root` and inclusion-proof helpers (RFC 9162)
|
|
146
|
-
| `kdf` | `hkdfSha256` (RFC 5869), `argon2idV13` (RFC 9106), `pbkdf2Sha256` (RFC 8018)
|
|
147
|
-
| `sig` | `signEd25519` / `verifyEd25519` / `getPublicKeyEd25519` (RFC 8032, strict non-cofactored verification), identity-link challenge builder
|
|
148
|
-
| `kem` | `x25519Keygen` / `x25519PublicKey` / `x25519Ecdh` (RFC 7748, low-order-point rejection); `mlkem768x25519Keygen` / `…Encapsulate` / `…Decapsulate` (X-Wing hybrid PQ KEM)
|
|
149
|
-
| `aead` | `chacha20Poly1305*` (RFC 8439), `xchacha20Poly1305*`, `aes256Gcm*`
|
|
150
|
-
| `cbor` | `encodeCanonicalCbor` / `decodeCanonicalCbor` (RFC 8949 §4.2.1) plus a permissive outer-wire decoder
|
|
151
|
-
| `cose` | `coseSign1Cip309Build` / `coseSign1Cip309Verify`, `encodeCoseSign1` / `decodeCoseSign1`, `buildCip309SigStructure` (COSE_Sign1, RFC 9052)
|
|
152
|
-
| `seed-derive` | `deriveEd25519KeypairFromSeed`, `deriveX25519KeypairFromSeed`, `deriveMlKem768X25519KeypairFromSeed` — deterministic long-term identity keys from one 32-byte seed
|
|
153
|
-
| `discovery` | `derivePassphraseDiscoveryTag` (Argon2id → HMAC), `deriveWebauthnDiscoveryTagFromPrf` — envelope-discovery tags
|
|
154
|
-
| `sealed-poe` | `eciesSealedPoeWrap` / `eciesSealedPoeUnwrap` / `eciesSealedPoeTrialDecrypt`, the slots codec, and `RecipientKeyBundle` (age-style ECIES with AEAD-bound slots)
|
|
155
|
-
| `merkle` | `encodeLeavesList` / `decodeLeavesList` — canonical-CBOR codec for the off-chain Merkle leaves-list artefact
|
|
156
|
-
| `recipient` | `encodeAgeX25519Recipient` / `encodeAgeXWingRecipient` / `parseAgeRecipient`, bech32 codec
|
|
157
|
-
| `util` | `compareCt` (constant-time comparison), `hexToBytes`
|
|
139
|
+
| Group | Catalogue |
|
|
140
|
+
| ------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
|
|
141
|
+
| `hash` | `sha256` (FIPS 180-4), `blake2b256` / `blake2b224` (RFC 7693, CIP-19), `dualHash` / `dualHashStream`, `merkleSha2256Root` and inclusion-proof helpers (RFC 9162) |
|
|
142
|
+
| `kdf` | `hkdfSha256` (RFC 5869), `argon2idV13` (RFC 9106), `pbkdf2Sha256` (RFC 8018) |
|
|
143
|
+
| `sig` | `signEd25519` / `verifyEd25519` / `getPublicKeyEd25519` (RFC 8032, strict non-cofactored verification), identity-link challenge builder |
|
|
144
|
+
| `kem` | `x25519Keygen` / `x25519PublicKey` / `x25519Ecdh` (RFC 7748, low-order-point rejection); `mlkem768x25519Keygen` / `…Encapsulate` / `…Decapsulate` (X-Wing hybrid PQ KEM) |
|
|
145
|
+
| `aead` | `chacha20Poly1305*` (RFC 8439), `xchacha20Poly1305*`, `aes256Gcm*` |
|
|
146
|
+
| `cbor` | `encodeCanonicalCbor` / `decodeCanonicalCbor` (RFC 8949 §4.2.1) plus a permissive outer-wire decoder |
|
|
147
|
+
| `cose` | `coseSign1Cip309Build` / `coseSign1Cip309Verify`, `encodeCoseSign1` / `decodeCoseSign1`, `buildCip309SigStructure` (COSE_Sign1, RFC 9052) |
|
|
148
|
+
| `seed-derive` | `deriveEd25519KeypairFromSeed`, `deriveX25519KeypairFromSeed`, `deriveMlKem768X25519KeypairFromSeed` — deterministic long-term identity keys from one 32-byte seed |
|
|
149
|
+
| `discovery` | `derivePassphraseDiscoveryTag` (Argon2id → HMAC), `deriveWebauthnDiscoveryTagFromPrf` — envelope-discovery tags |
|
|
150
|
+
| `sealed-poe` | `eciesSealedPoeWrap` / `eciesSealedPoeUnwrap` / `eciesSealedPoeTrialDecrypt`, the slots codec, and `RecipientKeyBundle` (age-style ECIES with AEAD-bound slots) |
|
|
151
|
+
| `merkle` | `encodeLeavesList` / `decodeLeavesList` — canonical-CBOR codec for the off-chain Merkle leaves-list artefact |
|
|
152
|
+
| `recipient` | `encodeAgeX25519Recipient` / `encodeAgeXWingRecipient` / `parseAgeRecipient`, bech32 codec |
|
|
153
|
+
| `util` | `compareCt` (constant-time comparison), `hexToBytes` |
|
|
158
154
|
|
|
159
155
|
See `src/index.ts` and each submodule's `index.ts` for the exhaustive surface.
|
|
160
156
|
|
package/package.json
CHANGED
|
@@ -1,10 +1,10 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@cardanowall/crypto-core",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.1.0",
|
|
4
4
|
"type": "module",
|
|
5
5
|
"description": "Closed-catalogue cryptographic primitives for CIP-309 Proof-of-Existence (TypeScript reference implementation; byte-identical Python parity twin).",
|
|
6
6
|
"license": "Apache-2.0",
|
|
7
|
-
"author": "
|
|
7
|
+
"author": "CardanoWall <hello@cardanowall.com>",
|
|
8
8
|
"repository": {
|
|
9
9
|
"type": "git",
|
|
10
10
|
"url": "git+https://github.com/cardanowall/cip309-ts.git",
|