@digitaldefiance/ecies-lib 4.4.13 → 4.4.15

package/src/services/aes-gcm.js

@@ -0,0 +1,146 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AESGCMService = void 0;
+const constants_1 = require("../constants");
+const i18n_setup_1 = require("../i18n-setup");
+const enumerations_1 = require("../enumerations");
+class AESGCMService {
+    static ALGORITHM_NAME = 'AES-GCM';
+    /**
+     * Encrypt data using AES-GCM
+     * @param data Data to encrypt
+     * @param key Key to use for encryption (must be 16, 24 or 32 bytes for AES)
+     * @returns Encrypted data
+     */
+    static async encrypt(data, key, authTag = false, eciesParams = constants_1.Constants.ECIES, aad) {
+        // Validate key length (AES supports 16, 24, or 32 bytes)
+        if (!key || (key.length !== 16 && key.length !== 24 && key.length !== 32)) {
+            const engine = (0, i18n_setup_1.getEciesI18nEngine)();
+            throw new Error(engine.translate(i18n_setup_1.EciesComponentId, enumerations_1.EciesStringKey.Error_ECIESError_InvalidAESKeyLength));
+        }
+        // Validate data exists (empty data is allowed for AES-GCM)
+        if (!data) {
+            const engine = (0, i18n_setup_1.getEciesI18nEngine)();
+            throw new Error(engine.translate(i18n_setup_1.EciesComponentId, enumerations_1.EciesStringKey.Error_ECIESError_CannotEncryptEmptyData));
+        }
+        if (data.length > eciesParams.MAX_RAW_DATA_SIZE) {
+            const engine = (0, i18n_setup_1.getEciesI18nEngine)();
+            throw new Error(engine.translate(i18n_setup_1.EciesComponentId, enumerations_1.EciesStringKey.Error_ECIESError_MessageLengthExceedsMaximumAllowedSizeTemplate, { messageLength: data.length }));
+        }
+        const cryptoKey = await crypto.subtle.importKey('raw', new Uint8Array(key), { name: AESGCMService.ALGORITHM_NAME }, false, ['encrypt']);
+        const eciesConsts = eciesParams;
+        const iv = crypto.getRandomValues(new Uint8Array(eciesConsts.IV_SIZE));
+        const encryptedResult = await crypto.subtle.encrypt({
+            name: AESGCMService.ALGORITHM_NAME,
+            iv,
+            additionalData: aad,
+            ...(authTag && { tagLength: eciesConsts.AUTH_TAG_SIZE * 8 }),
+        }, cryptoKey, new Uint8Array(data));
+        const encryptedArray = new Uint8Array(encryptedResult);
+        if (!authTag) {
+            return { encrypted: encryptedArray, iv };
+        }
+        const authTagLengthBytes = eciesConsts.AUTH_TAG_SIZE;
+        const encryptedBytes = encryptedArray.slice(0, -authTagLengthBytes); // Remove auth tag
+        const authTagBytes = encryptedArray.slice(-authTagLengthBytes); // Last 16 bytes are auth tag
+        return { encrypted: encryptedBytes, iv, tag: authTagBytes };
+    }
+    /**
+     * Combine encrypted data and auth tag into a single Uint8Array
+     * @param encryptedData The encrypted data
+     * @param authTag The authentication tag
+     * @returns The combined Uint8Array
+     */
+    static combineEncryptedDataAndTag(encryptedData, authTag) {
+        const combined = new Uint8Array(encryptedData.length + authTag.length);
+        combined.set(encryptedData);
+        combined.set(authTag, encryptedData.length);
+        return combined;
+    }
+    /**
+     * Combine IV and encrypted data (with optional auth tag) into a single Uint8Array
+     * @param iv The initialization vector
+     * @param encryptedDataWithTag The encrypted data with auth tag already appended (if applicable)
+     * @returns The combined Uint8Array
+     */
+    static combineIvAndEncryptedData(iv, encryptedDataWithTag) {
+        const combined = new Uint8Array(iv.length + encryptedDataWithTag.length);
+        combined.set(iv);
+        combined.set(encryptedDataWithTag, iv.length);
+        return combined;
+    }
+    /**
+     * Combine IV, encrypted data and auth tag into a single Uint8Array
+     * @param iv The initialization vector
+     * @param encryptedData The encrypted data
+     * @param authTag The authentication tag
+     * @returns The combined Uint8Array
+     */
+    static combineIvTagAndEncryptedData(iv, encryptedData, authTag) {
+        const encryptedWithTag = AESGCMService.combineEncryptedDataAndTag(encryptedData, authTag);
+        return AESGCMService.combineIvAndEncryptedData(iv, encryptedWithTag);
+    }
+    /**
+     * Split combined encrypted data back into its components
+     * @param combinedData The combined data containing IV, encrypted data, and optionally auth tag
+     * @param hasAuthTag Whether the combined data includes an authentication tag
+     * @returns Object containing the split components
+     */
+    static splitEncryptedData(combinedData, hasAuthTag = true, eciesParams = constants_1.Constants.ECIES) {
+        const eciesConsts = eciesParams;
+        const ivLength = eciesConsts.IV_SIZE;
+        const tagLength = hasAuthTag ? eciesConsts.AUTH_TAG_SIZE : 0;
+        if (combinedData.length < ivLength + tagLength) {
+            const engine = (0, i18n_setup_1.getEciesI18nEngine)();
+            throw new Error(engine.translate(i18n_setup_1.EciesComponentId, enumerations_1.EciesStringKey.Error_ECIESError_CombinedDataTooShortForComponents));
+        }
+        const iv = combinedData.slice(0, ivLength);
+        const encryptedDataWithTag = combinedData.slice(ivLength);
+        return { iv, encryptedDataWithTag };
+    }
+    /**
+     * Decrypt data using AES-GCM
+     * @param iv The initialization vector
+     * @param encryptedData Data to decrypt (with auth tag appended if authTag is true)
+     * @param key Key to use for decryption (must be 16, 24 or 32 bytes for AES)
+     * @param authTag Whether the encrypted data includes an authentication tag
+     * @returns Decrypted data
+     */
+    static async decrypt(iv, encryptedData, key, authTag = false, eciesParams = constants_1.Constants.ECIES, aad) {
+        const eciesConsts = eciesParams;
+        // Validate key length
+        if (!key || (key.length !== 16 && key.length !== 24 && key.length !== 32)) {
+            const engine = (0, i18n_setup_1.getEciesI18nEngine)();
+            throw new Error(engine.translate(i18n_setup_1.EciesComponentId, enumerations_1.EciesStringKey.Error_ECIESError_InvalidAESKeyLength));
+        }
+        // Validate IV
+        if (!iv || iv.length !== eciesConsts.IV_SIZE) {
+            const engine = (0, i18n_setup_1.getEciesI18nEngine)();
+            throw new Error(engine.translate(i18n_setup_1.EciesComponentId, enumerations_1.EciesStringKey.Error_ECIESError_InvalidIV));
+        }
+        // Validate encrypted data exists (empty encrypted data is allowed)
+        if (!encryptedData) {
+            const engine = (0, i18n_setup_1.getEciesI18nEngine)();
+            throw new Error(engine.translate(i18n_setup_1.EciesComponentId, enumerations_1.EciesStringKey.Error_ECIESError_CannotDecryptEmptyData));
+        }
+        const cryptoKey = await crypto.subtle.importKey('raw', new Uint8Array(key), { name: AESGCMService.ALGORITHM_NAME }, false, ['decrypt']);
+        if (!authTag) {
+            const decrypted = await crypto.subtle.decrypt({
+                name: AESGCMService.ALGORITHM_NAME,
+                iv: new Uint8Array(iv),
+                additionalData: aad,
+            }, cryptoKey, new Uint8Array(encryptedData));
+            return new Uint8Array(decrypted);
+        }
+        // Decrypt with auth tag (already appended to encryptedData)
+        const decryptedResult = await crypto.subtle.decrypt({
+            name: AESGCMService.ALGORITHM_NAME,
+            iv: new Uint8Array(iv),
+            tagLength: eciesConsts.AUTH_TAG_SIZE * 8,
+            additionalData: aad,
+        }, cryptoKey, new Uint8Array(encryptedData));
+        return new Uint8Array(decryptedResult);
+    }
+}
+exports.AESGCMService = AESGCMService;
+//# sourceMappingURL=aes-gcm.js.map

package/src/services/aes-gcm.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"aes-gcm.js","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-ecies-lib/src/services/aes-gcm.ts"],"names":[],"mappings":";;;AACA,4CAAyC;AACzC,8CAAqE;AACrE,kDAAiD;AAEjD,MAAsB,aAAa;IAC1B,MAAM,CAAU,cAAc,GAAG,SAAS,CAAC;IAClD;;;;;OAKG;IACI,MAAM,CAAC,KAAK,CAAC,OAAO,CACzB,IAAgB,EAChB,GAAe,EACf,UAAmB,KAAK,EACxB,cAA+B,qBAAS,CAAC,KAAK,EAC9C,GAAgB;QAEhB,yDAAyD;QACzD,IAAI,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,MAAM,KAAK,EAAE,IAAI,GAAG,CAAC,MAAM,KAAK,EAAE,IAAI,GAAG,CAAC,MAAM,KAAK,EAAE,CAAC,EAAE,CAAC;YAC1E,MAAM,MAAM,GAAG,IAAA,+BAAkB,GAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,6BAAgB,EAAE,6BAAc,CAAC,oCAAoC,CAAC,CAAC,CAAC;QAC3G,CAAC;QAED,2DAA2D;QAC3D,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,MAAM,GAAG,IAAA,+BAAkB,GAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,6BAAgB,EAAE,6BAAc,CAAC,uCAAuC,CAAC,CAAC,CAAC;QAC9G,CAAC;QACD,IAAI,IAAI,CAAC,MAAM,GAAG,WAAW,CAAC,iBAAiB,EAAE,CAAC;YAChD,MAAM,MAAM,GAAG,IAAA,+BAAkB,GAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,6BAAgB,EAAE,6BAAc,CAAC,+DAA+D,EAAE,EAAE,aAAa,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QACtK,CAAC;QAED,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAC7C,KAAK,EACL,IAAI,UAAU,CAAC,GAAG,CAAC,EACnB,EAAE,IAAI,EAAE,aAAa,CAAC,cAAc,EAAE,EACtC,KAAK,EACL,CAAC,SAAS,CAAC,CACZ,CAAC;QAEF,MAAM,WAAW,GAAG,WAAW,CAAC;QAChC,MAAM,EAAE,GAAG,MAAM,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC;QACvE,MAAM,eAAe,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,OAAO,CACjD;YACE,IAAI,EAAE,aAAa,CAAC,cAAc;YAClC,EAAE;YACF,cAAc,EAAE,GAAG;YACnB,GAAG,CAAC,OAAO,IAAI,EAAE,SAAS,EAAE,WAAW,CAAC,aAAa,GAAG,CAAC,EAAE,CAAC;SAC7D,EACD,SAAS,EACT,IAAI,UAAU,CAAC,IAAI,CAAC,CACrB,CAAC;QAEF,MAAM,cAAc,GAAG,IAAI,UAAU,CAAC,eAAe,CAAC,CAAC;QACvD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,EAAE,SAAS,EAAE,cAAc,EAAE,EAAE,EAAE,CAAC;QAC3C,CAAC;QACD,MAAM,kBAAkB,GAAG,WAAW,CAAC,aAAa,CAAC;QACrD,MAAM,cAAc,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,kBAAkB,CAAC,CAAC,CAAC,kBAAkB;QACvF,MAAM,YAAY,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,6BAA6B;QAE7F,OAAO,EAAE,SAAS,EAAE,cAAc,EAAE,EAAE,EAAE,GAAG,EAAE,YAAY,EAAE,CAAC;IAC9D,CAAC;IAED;;;;;OAKG;IACI,MAAM,CAAC,0BAA0B,CACtC,aAAyB,EACzB,OAAmB;QAEnB,MAAM,QAAQ,GAAG,IAAI,UAAU,CAAC,aAAa,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;QACvE,QAAQ,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;QAC5B,QAAQ,CAAC,GAAG,CAAC,OAAO,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;QAC5C,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;;;;OAKG;IACI,MAAM,CAAC,yBAAyB,CACrC,EAAc,EACd,oBAAgC;QAEhC,MAAM,QAAQ,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,MAAM,GAAG,oBAAoB,CAAC,MAAM,CAAC,CAAC;QACzE,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACjB,QAAQ,CAAC,GAAG,CAAC,oBAAoB,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC;QAC9C,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;;;;;OAMG;IACI,MAAM,CAAC,4BAA4B,CACxC,EAAc,EACd,aAAyB,EACzB,OAAmB;QAEnB,MAAM,gBAAgB,GAAG,aAAa,CAAC,0BAA0B,CAC/D,aAAa,EACb,OAAO,CACR,CAAC;QACF,OAAO,aAAa,CAAC,yBAAyB,CAAC,EAAE,EAAE,gBAAgB,CAAC,CAAC;IACvE,CAAC;IAED;;;;;OAKG;IACI,MAAM,CAAC,kBAAkB,CAC9B,YAAwB,EACxB,aAAsB,IAAI,EAC1B,cAA+B,qBAAS,CAAC,KAAK;QAE9C,MAAM,WAAW,GAAG,WAAW,CAAC;QAChC,MAAM,QAAQ,GAAG,WAAW,CAAC,OAAO,CAAC;QACrC,MAAM,SAAS,GAAG,UAAU,CAAC,CAAC,CAAC,WAAW,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC;QAE7D,IAAI,YAAY,CAAC,MAAM,GAAG,QAAQ,GAAG,SAAS,EAAE,CAAC;YAC/C,MAAM,MAAM,GAAG,IAAA,+BAAkB,GAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CACb,MAAM,CAAC,SAAS,CAAC,6BAAgB,EAAE,6BAAc,CAAC,kDAAkD,CAAC,CACtG,CAAC;QACJ,CAAC;QAED,MAAM,EAAE,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC;QAC3C,MAAM,oBAAoB,GAAG,YAAY,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QAE1D,OAAO,EAAE,EAAE,EAAE,oBAAoB,EAAE,CAAC;IACtC,CAAC;IAED;;;;;;;OAOG;IACI,MAAM,CAAC,KAAK,CAAC,OAAO,CACzB,EAAc,EACd,aAAyB,EACzB,GAAe,EACf,UAAmB,KAAK,EACxB,cAA+B,qBAAS,CAAC,KAAK,EAC9C,GAAgB;QAEhB,MAAM,WAAW,GAAG,WAAW,CAAC;QAEhC,sBAAsB;QACtB,IAAI,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,MAAM,KAAK,EAAE,IAAI,GAAG,CAAC,MAAM,KAAK,EAAE,IAAI,GAAG,CAAC,MAAM,KAAK,EAAE,CAAC,EAAE,CAAC;YAC1E,MAAM,MAAM,GAAG,IAAA,+BAAkB,GAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,6BAAgB,EAAE,6BAAc,CAAC,oCAAoC,CAAC,CAAC,CAAC;QAC3G,CAAC;QAED,cAAc;QACd,IAAI,CAAC,EAAE,IAAI,EAAE,CAAC,MAAM,KAAK,WAAW,CAAC,OAAO,EAAE,CAAC;YAC7C,MAAM,MAAM,GAAG,IAAA,+BAAkB,GAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,6BAAgB,EAAE,6BAAc,CAAC,0BAA0B,CAAC,CAAC,CAAC;QACjG,CAAC;QAED,mEAAmE;QACnE,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,MAAM,MAAM,GAAG,IAAA,+BAAkB,GAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,6BAAgB,EAAE,6BAAc,CAAC,uCAAuC,CAAC,CAAC,CAAC;QAC9G,CAAC;QAED,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAC7C,KAAK,EACL,IAAI,UAAU,CAAC,GAAG,CAAC,EACnB,EAAE,IAAI,EAAE,aAAa,CAAC,cAAc,EAAE,EACtC,KAAK,EACL,CAAC,SAAS,CAAC,CACZ,CAAC;QAEF,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,OAAO,CAC3C;gBACE,IAAI,EAAE,aAAa,CAAC,cAAc;gBAClC,EAAE,EAAE,IAAI,UAAU,CAAC,EAAE,CAAC;gBACtB,cAAc,EAAE,GAAG;aACpB,EACD,SAAS,EACT,IAAI,UAAU,CAAC,aAAa,CAAC,CAC9B,CAAC;YAEF,OAAO,IAAI,UAAU,CAAC,SAAS,CAAC,CAAC;QACnC,CAAC;QAED,4DAA4D;QAC5D,MAAM,eAAe,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,OAAO,CACjD;YACE,IAAI,EAAE,aAAa,CAAC,cAAc;YAClC,EAAE,EAAE,IAAI,UAAU,CAAC,EAAE,CAAC;YACtB,SAAS,EAAE,WAAW,CAAC,aAAa,GAAG,CAAC;YACxC,cAAc,EAAE,GAAG;SACpB,EACD,SAAS,EACT,IAAI,UAAU,CAAC,aAAa,CAAC,CAC9B,CAAC;QAEF,OAAO,IAAI,UAAU,CAAC,eAAe,CAAC,CAAC;IACzC,CAAC;;AArNH,sCAsNC"}

package/src/services/chunk-processor.d.ts

@@ -0,0 +1,31 @@
+import { IECIESConstants } from '../interfaces/ecies-consts';
+import { IChunkHeader, IEncryptedChunk } from '../interfaces/encrypted-chunk';
+import { ECIESService } from './ecies/service';
+/**
+ * Processes chunks for streaming encryption/decryption
+ */
+export declare class ChunkProcessor {
+    private readonly ecies;
+    private readonly eciesConsts;
+    constructor(ecies: ECIESService, eciesConsts?: IECIESConstants);
+    /**
+     * Build chunk header
+     */
+    buildChunkHeader(header: IChunkHeader): Uint8Array;
+    /**
+     * Parse chunk header
+     */
+    parseChunkHeader(data: Uint8Array): IChunkHeader;
+    /**
+     * Encrypt a single chunk
+     */
+    encryptChunk(data: Uint8Array, publicKey: Uint8Array, index: number, isLast: boolean, includeChecksum: boolean): Promise<IEncryptedChunk>;
+    /**
+     * Decrypt a single chunk
+     */
+    decryptChunk(chunkData: Uint8Array, privateKey: Uint8Array): Promise<{
+        data: Uint8Array;
+        header: IChunkHeader;
+    }>;
+}
+//# sourceMappingURL=chunk-processor.d.ts.map

package/src/services/chunk-processor.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"chunk-processor.d.ts","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-ecies-lib/src/services/chunk-processor.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAC;AAE7D,OAAO,EACL,YAAY,EACZ,eAAe,EAEhB,MAAM,+BAA+B,CAAC;AACvC,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAI/C;;GAEG;AACH,qBAAa,cAAc;IAEvB,OAAO,CAAC,QAAQ,CAAC,KAAK;IACtB,OAAO,CAAC,QAAQ,CAAC,WAAW;gBADX,KAAK,EAAE,YAAY,EACnB,WAAW,GAAE,eAAiC;IAGjE;;OAEG;IACH,gBAAgB,CAAC,MAAM,EAAE,YAAY,GAAG,UAAU;IAelD;;OAEG;IACH,gBAAgB,CAAC,IAAI,EAAE,UAAU,GAAG,YAAY;IA4BhD;;OAEG;IACG,YAAY,CAChB,IAAI,EAAE,UAAU,EAChB,SAAS,EAAE,UAAU,EACrB,KAAK,EAAE,MAAM,EACb,MAAM,EAAE,OAAO,EACf,eAAe,EAAE,OAAO,GACvB,OAAO,CAAC,eAAe,CAAC;IAoD3B;;OAEG;IACG,YAAY,CAChB,SAAS,EAAE,UAAU,EACrB,UAAU,EAAE,UAAU,GACrB,OAAO,CAAC;QAAE,IAAI,EAAE,UAAU,CAAC;QAAC,MAAM,EAAE,YAAY,CAAA;KAAE,CAAC;CAkDvD"}

package/src/services/chunk-processor.js

@@ -0,0 +1,149 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ChunkProcessor = void 0;
+const sha2_js_1 = require("@noble/hashes/sha2.js");
+const constants_1 = require("../constants");
+const encrypted_chunk_1 = require("../interfaces/encrypted-chunk");
+const i18n_setup_1 = require("../i18n-setup");
+const ecies_string_key_1 = require("../enumerations/ecies-string-key");
+/**
+ * Processes chunks for streaming encryption/decryption
+ */
+class ChunkProcessor {
+    ecies;
+    eciesConsts;
+    constructor(ecies, eciesConsts = constants_1.Constants.ECIES) {
+        this.ecies = ecies;
+        this.eciesConsts = eciesConsts;
+    }
+    /**
+     * Build chunk header
+     */
+    buildChunkHeader(header) {
+        const buffer = new Uint8Array(encrypted_chunk_1.CHUNK_CONSTANTS.HEADER_SIZE);
+        const view = new DataView(buffer.buffer);
+        view.setUint32(0, header.magic, false);
+        view.setUint16(4, header.version, false);
+        view.setUint32(6, header.index, false);
+        view.setUint32(10, header.originalSize, false);
+        view.setUint32(14, header.encryptedSize, false);
+        view.setUint16(18, header.flags, false);
+        // Bytes 20-31: reserved (zeros)
+        return buffer;
+    }
+    /**
+     * Parse chunk header
+     */
+    parseChunkHeader(data) {
+        const engine = (0, i18n_setup_1.getEciesI18nEngine)();
+        if (data.length < encrypted_chunk_1.CHUNK_CONSTANTS.HEADER_SIZE) {
+            throw new Error(engine.translate(i18n_setup_1.EciesComponentId, ecies_string_key_1.EciesStringKey.Error_Chunk_DataTooShortForHeader));
+        }
+        const view = new DataView(data.buffer, data.byteOffset);
+        const magic = view.getUint32(0, false);
+        if (magic !== encrypted_chunk_1.CHUNK_CONSTANTS.MAGIC) {
+            throw new Error(engine.translate(i18n_setup_1.EciesComponentId, ecies_string_key_1.EciesStringKey.Error_Chunk_InvalidMagicBytes));
+        }
+        const version = view.getUint16(4, false);
+        if (version !== encrypted_chunk_1.CHUNK_CONSTANTS.VERSION) {
+            throw new Error(engine.translate(i18n_setup_1.EciesComponentId, ecies_string_key_1.EciesStringKey.Error_Chunk_UnsupportedVersion));
+        }
+        return {
+            magic,
+            version,
+            index: view.getUint32(6, false),
+            originalSize: view.getUint32(10, false),
+            encryptedSize: view.getUint32(14, false),
+            flags: view.getUint16(18, false),
+        };
+    }
+    /**
+     * Encrypt a single chunk
+     */
+    async encryptChunk(data, publicKey, index, isLast, includeChecksum) {
+        // Encrypt data
+        const encrypted = await this.ecies.encryptSimpleOrSingle(false, publicKey, data);
+        // Calculate checksum if requested
+        const checksum = includeChecksum ? (0, sha2_js_1.sha256)(data) : undefined;
+        // Build header
+        let flags = 0;
+        if (isLast)
+            flags |= encrypted_chunk_1.CHUNK_CONSTANTS.FLAG_IS_LAST;
+        if (includeChecksum)
+            flags |= encrypted_chunk_1.CHUNK_CONSTANTS.FLAG_HAS_CHECKSUM;
+        const header = this.buildChunkHeader({
+            magic: encrypted_chunk_1.CHUNK_CONSTANTS.MAGIC,
+            version: encrypted_chunk_1.CHUNK_CONSTANTS.VERSION,
+            index,
+            originalSize: data.length,
+            encryptedSize: encrypted.length,
+            flags,
+        });
+        // Combine: header + encrypted + optional checksum
+        const parts = [header, encrypted];
+        if (checksum) {
+            parts.push(checksum);
+        }
+        const totalLength = parts.reduce((sum, part) => sum + part.length, 0);
+        const result = new Uint8Array(totalLength);
+        let offset = 0;
+        for (const part of parts) {
+            result.set(part, offset);
+            offset += part.length;
+        }
+        return {
+            index,
+            data: result,
+            isLast,
+            metadata: {
+                originalSize: data.length,
+                encryptedSize: encrypted.length,
+                timestamp: Date.now(),
+                checksum,
+            },
+        };
+    }
+    /**
+     * Decrypt a single chunk
+     */
+    async decryptChunk(chunkData, privateKey) {
+        // Parse header
+        const header = this.parseChunkHeader(chunkData);
+        // Extract encrypted data
+        const hasChecksum = (header.flags & encrypted_chunk_1.CHUNK_CONSTANTS.FLAG_HAS_CHECKSUM) !== 0;
+        const encryptedStart = encrypted_chunk_1.CHUNK_CONSTANTS.HEADER_SIZE;
+        const encryptedEnd = hasChecksum
+            ? chunkData.length - encrypted_chunk_1.CHUNK_CONSTANTS.CHECKSUM_SIZE
+            : chunkData.length;
+        const encrypted = chunkData.slice(encryptedStart, encryptedEnd);
+        // Validate encrypted size matches header
+        if (encrypted.length !== header.encryptedSize) {
+            const engine = (0, i18n_setup_1.getEciesI18nEngine)();
+            throw new Error(engine.translate(i18n_setup_1.EciesComponentId, ecies_string_key_1.EciesStringKey.Error_Chunk_EncryptedSizeMismatchTemplate, { expectedSize: header.encryptedSize, actualSize: encrypted.length }));
+        }
+        // Decrypt
+        const decrypted = await this.ecies.decryptSimpleOrSingleWithHeader(false, privateKey, encrypted);
+        // Verify checksum if present
+        if (hasChecksum) {
+            const storedChecksum = chunkData.slice(-encrypted_chunk_1.CHUNK_CONSTANTS.CHECKSUM_SIZE);
+            const computedChecksum = (0, sha2_js_1.sha256)(decrypted);
+            // Constant-time comparison to prevent timing attacks
+            let diff = 0;
+            for (let i = 0; i < encrypted_chunk_1.CHUNK_CONSTANTS.CHECKSUM_SIZE; i++) {
+                diff |= storedChecksum[i] ^ computedChecksum[i];
+            }
+            if (diff !== 0) {
+                const engine = (0, i18n_setup_1.getEciesI18nEngine)();
+                throw new Error(engine.translate(i18n_setup_1.EciesComponentId, ecies_string_key_1.EciesStringKey.Error_Chunk_ChecksumMismatch));
+            }
+        }
+        // Verify size
+        if (decrypted.length !== header.originalSize) {
+            const engine = (0, i18n_setup_1.getEciesI18nEngine)();
+            throw new Error(engine.translate(i18n_setup_1.EciesComponentId, ecies_string_key_1.EciesStringKey.Error_Chunk_DecryptedSizeMismatch));
+        }
+        return { data: decrypted, header };
+    }
+}
+exports.ChunkProcessor = ChunkProcessor;
+//# sourceMappingURL=chunk-processor.js.map

package/src/services/chunk-processor.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"chunk-processor.js","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-ecies-lib/src/services/chunk-processor.ts"],"names":[],"mappings":";;;AAAA,mDAA+C;AAE/C,4CAAyC;AACzC,mEAIuC;AAEvC,8CAAqE;AACrE,uEAAkE;AAElE;;GAEG;AACH,MAAa,cAAc;IAEN;IACA;IAFnB,YACmB,KAAmB,EACnB,cAA+B,qBAAS,CAAC,KAAK;QAD9C,UAAK,GAAL,KAAK,CAAc;QACnB,gBAAW,GAAX,WAAW,CAAmC;IAC9D,CAAC;IAEJ;;OAEG;IACH,gBAAgB,CAAC,MAAoB;QACnC,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,iCAAe,CAAC,WAAW,CAAC,CAAC;QAC3D,MAAM,IAAI,GAAG,IAAI,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAEzC,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;QACvC,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,MAAM,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QACzC,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;QACvC,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,MAAM,CAAC,YAAY,EAAE,KAAK,CAAC,CAAC;QAC/C,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,MAAM,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;QAChD,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;QACxC,gCAAgC;QAEhC,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;OAEG;IACH,gBAAgB,CAAC,IAAgB;QAC/B,MAAM,MAAM,GAAG,IAAA,+BAAkB,GAAE,CAAC;QACpC,IAAI,IAAI,CAAC,MAAM,GAAG,iCAAe,CAAC,WAAW,EAAE,CAAC;YAC9C,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,6BAAgB,EAAE,iCAAc,CAAC,iCAAiC,CAAC,CAAC,CAAC;QACxG,CAAC;QAED,MAAM,IAAI,GAAG,IAAI,QAAQ,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;QAExD,MAAM,KAAK,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;QACvC,IAAI,KAAK,KAAK,iCAAe,CAAC,KAAK,EAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,6BAAgB,EAAE,iCAAc,CAAC,6BAA6B,CAAC,CAAC,CAAC;QACpG,CAAC;QAED,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;QACzC,IAAI,OAAO,KAAK,iCAAe,CAAC,OAAO,EAAE,CAAC;YACxC,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,6BAAgB,EAAE,iCAAc,CAAC,8BAA8B,CAAC,CAAC,CAAC;QACrG,CAAC;QAED,OAAO;YACL,KAAK;YACL,OAAO;YACP,KAAK,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC;YAC/B,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,KAAK,CAAC;YACvC,aAAa,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,KAAK,CAAC;YACxC,KAAK,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,KAAK,CAAC;SACjC,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY,CAChB,IAAgB,EAChB,SAAqB,EACrB,KAAa,EACb,MAAe,EACf,eAAwB;QAExB,eAAe;QACf,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,qBAAqB,CACtD,KAAK,EACL,SAAS,EACT,IAAI,CACL,CAAC;QAEF,kCAAkC;QAClC,MAAM,QAAQ,GAAG,eAAe,CAAC,CAAC,CAAC,IAAA,gBAAM,EAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAE5D,eAAe;QACf,IAAI,KAAK,GAAG,CAAC,CAAC;QACd,IAAI,MAAM;YAAE,KAAK,IAAI,iCAAe,CAAC,YAAY,CAAC;QAClD,IAAI,eAAe;YAAE,KAAK,IAAI,iCAAe,CAAC,iBAAiB,CAAC;QAEhE,MAAM,MAAM,GAAG,IAAI,CAAC,gBAAgB,CAAC;YACnC,KAAK,EAAE,iCAAe,CAAC,KAAK;YAC5B,OAAO,EAAE,iCAAe,CAAC,OAAO;YAChC,KAAK;YACL,YAAY,EAAE,IAAI,CAAC,MAAM;YACzB,aAAa,EAAE,SAAS,CAAC,MAAM;YAC/B,KAAK;SACN,CAAC,CAAC;QAEH,kDAAkD;QAClD,MAAM,KAAK,GAAG,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;QAClC,IAAI,QAAQ,EAAE,CAAC;YACb,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACvB,CAAC;QAED,MAAM,WAAW,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE,CAAC,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QACtE,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,WAAW,CAAC,CAAC;QAC3C,IAAI,MAAM,GAAG,CAAC,CAAC;QACf,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;YACzB,MAAM,IAAI,IAAI,CAAC,MAAM,CAAC;QACxB,CAAC;QAED,OAAO;YACL,KAAK;YACL,IAAI,EAAE,MAAM;YACZ,MAAM;YACN,QAAQ,EAAE;gBACR,YAAY,EAAE,IAAI,CAAC,MAAM;gBACzB,aAAa,EAAE,SAAS,CAAC,MAAM;gBAC/B,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;gBACrB,QAAQ;aACT;SACF,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY,CAChB,SAAqB,EACrB,UAAsB;QAEtB,eAAe;QACf,MAAM,MAAM,GAAG,IAAI,CAAC,gBAAgB,CAAC,SAAS,CAAC,CAAC;QAEhD,yBAAyB;QACzB,MAAM,WAAW,GAAG,CAAC,MAAM,CAAC,KAAK,GAAG,iCAAe,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC;QAC7E,MAAM,cAAc,GAAG,iCAAe,CAAC,WAAW,CAAC;QACnD,MAAM,YAAY,GAAG,WAAW;YAC9B,CAAC,CAAC,SAAS,CAAC,MAAM,GAAG,iCAAe,CAAC,aAAa;YAClD,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC;QAErB,MAAM,SAAS,GAAG,SAAS,CAAC,KAAK,CAAC,cAAc,EAAE,YAAY,CAAC,CAAC;QAEhE,yCAAyC;QACzC,IAAI,SAAS,CAAC,MAAM,KAAK,MAAM,CAAC,aAAa,EAAE,CAAC;YAC9C,MAAM,MAAM,GAAG,IAAA,+BAAkB,GAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,6BAAgB,EAAE,iCAAc,CAAC,yCAAyC,EAAE,EAAE,YAAY,EAAE,MAAM,CAAC,aAAa,EAAE,UAAU,EAAE,SAAS,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QACtL,CAAC;QAED,UAAU;QACV,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,+BAA+B,CAChE,KAAK,EACL,UAAU,EACV,SAAS,CACV,CAAC;QAEF,6BAA6B;QAC7B,IAAI,WAAW,EAAE,CAAC;YAChB,MAAM,cAAc,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC,iCAAe,CAAC,aAAa,CAAC,CAAC;YACvE,MAAM,gBAAgB,GAAG,IAAA,gBAAM,EAAC,SAAS,CAAC,CAAC;YAE3C,qDAAqD;YACrD,IAAI,IAAI,GAAG,CAAC,CAAC;YACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,iCAAe,CAAC,aAAa,EAAE,CAAC,EAAE,EAAE,CAAC;gBACvD,IAAI,IAAI,cAAc,CAAC,CAAC,CAAC,GAAG,gBAAgB,CAAC,CAAC,CAAC,CAAC;YAClD,CAAC;YACD,IAAI,IAAI,KAAK,CAAC,EAAE,CAAC;gBACf,MAAM,MAAM,GAAG,IAAA,+BAAkB,GAAE,CAAC;gBACpC,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,6BAAgB,EAAE,iCAAc,CAAC,4BAA4B,CAAC,CAAC,CAAC;YACnG,CAAC;QACH,CAAC;QAED,cAAc;QACd,IAAI,SAAS,CAAC,MAAM,KAAK,MAAM,CAAC,YAAY,EAAE,CAAC;YAC7C,MAAM,MAAM,GAAG,IAAA,+BAAkB,GAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,6BAAgB,EAAE,iCAAc,CAAC,iCAAiC,CAAC,CAAC,CAAC;QACxG,CAAC;QAED,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC;IACrC,CAAC;CACF;AA5KD,wCA4KC"}

package/src/services/ecies/crypto-core.d.ts

@@ -0,0 +1,72 @@
+import { IECIESConfig } from '../../interfaces/ecies-config';
+import { SecureString } from '../../secure-string';
+import { ISimpleKeyPair, IWalletSeed } from './interfaces';
+import { IECIESConstants } from '../../interfaces/ecies-consts';
+/**
+ * Browser-compatible crypto core for ECIES operations
+ * Uses @scure libraries for browser compatibility
+ */
+export declare class EciesCryptoCore {
+    protected readonly _config: IECIESConfig;
+    protected readonly _eciesConsts: IECIESConstants;
+    constructor(config: IECIESConfig, eciesParams?: IECIESConstants);
+    get config(): IECIESConfig;
+    /**
+     * Validates and normalizes a public key for ECIES operations
+     */
+    normalizePublicKey(publicKey: Uint8Array): Uint8Array;
+    /**
+     * Generate a new mnemonic
+     */
+    generateNewMnemonic(): SecureString;
+    /**
+     * Generate wallet and seed from mnemonic
+     */
+    walletAndSeedFromMnemonic(mnemonic: SecureString): IWalletSeed;
+    /**
+     * Create a simple key pair from a seed
+     */
+    seedToSimpleKeyPair(seed: Uint8Array): ISimpleKeyPair;
+    /**
+     * Create a simple key pair from a mnemonic
+     */
+    mnemonicToSimpleKeyPair(mnemonic: SecureString): ISimpleKeyPair;
+    /**
+     * Generate a random private key
+     */
+    generatePrivateKey(): Uint8Array;
+    /**
+     * Get public key from private key
+     */
+    getPublicKey(privateKey: Uint8Array): Uint8Array;
+    /**
+     * Generate ephemeral key pair for ECIES
+     */
+    generateEphemeralKeyPair(): Promise<ISimpleKeyPair>;
+    /**
+     * Compute ECDH shared secret
+     */
+    computeSharedSecret(privateKey: Uint8Array, publicKey: Uint8Array): Uint8Array;
+    /**
+     * Derive a symmetric key from a shared secret using HKDF
+     * @param sharedSecret The shared secret (ECDH output)
+     * @param salt Optional salt
+     * @param info Optional context info
+     * @param length Length of the output key (default 32 for AES-256)
+     */
+    deriveSharedKey(sharedSecret: Uint8Array, salt?: Uint8Array, info?: Uint8Array, length?: number): Uint8Array;
+    /**
+     * Sign a message using ECDSA
+     * @param privateKey The private key to sign with
+     * @param message The message to sign
+     */
+    sign(privateKey: Uint8Array, message: Uint8Array): Uint8Array;
+    /**
+     * Verify a signature using ECDSA
+     * @param publicKey The public key to verify with
+     * @param message The message that was signed
+     * @param signature The signature to verify
+     */
+    verify(publicKey: Uint8Array, message: Uint8Array, signature: Uint8Array): boolean;
+}
+//# sourceMappingURL=crypto-core.d.ts.map

package/src/services/ecies/crypto-core.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"crypto-core.d.ts","sourceRoot":"","sources":["../../../../../../packages/digitaldefiance-ecies-lib/src/services/ecies/crypto-core.ts"],"names":[],"mappings":"AASA,OAAO,EAAE,YAAY,EAAE,MAAM,+BAA+B,CAAC;AAC7D,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAO3D,OAAO,EAAE,eAAe,EAAE,MAAM,+BAA+B,CAAC;AAEhE;;;GAGG;AACH,qBAAa,eAAe;IAC1B,SAAS,CAAC,QAAQ,CAAC,OAAO,EAAE,YAAY,CAAC;IACzC,SAAS,CAAC,QAAQ,CAAC,YAAY,EAAE,eAAe,CAAC;gBAG/C,MAAM,EAAE,YAAY,EACpB,WAAW,GAAE,eAAiC;IAMhD,IAAW,MAAM,IAAI,YAAY,CAEhC;IAED;;OAEG;IACI,kBAAkB,CAAC,SAAS,EAAE,UAAU,GAAG,UAAU;IA8D5D;;OAEG;IACI,mBAAmB,IAAI,YAAY;IAM1C;;OAEG;IACI,yBAAyB,CAAC,QAAQ,EAAE,YAAY,GAAG,WAAW;IAmCrE;;OAEG;IACI,mBAAmB,CAAC,IAAI,EAAE,UAAU,GAAG,cAAc;IAuB5D;;OAEG;IACI,uBAAuB,CAAC,QAAQ,EAAE,YAAY,GAAG,cAAc;IAKtE;;OAEG;IACI,kBAAkB,IAAI,UAAU;IAIvC;;OAEG;IACI,YAAY,CAAC,UAAU,EAAE,UAAU,GAAG,UAAU;IAKvD;;OAEG;IACU,wBAAwB,IAAI,OAAO,CAAC,cAAc,CAAC;IAMhE;;OAEG;IACI,mBAAmB,CACxB,UAAU,EAAE,UAAU,EACtB,SAAS,EAAE,UAAU,GACpB,UAAU;IAeb;;;;;;OAMG;IACI,eAAe,CACpB,YAAY,EAAE,UAAU,EACxB,IAAI,GAAE,UAA8B,EACpC,IAAI,GAAE,UAA8B,EACpC,MAAM,GAAE,MAAW,GAClB,UAAU;IAIb;;;;OAIG;IACI,IAAI,CAAC,UAAU,EAAE,UAAU,EAAE,OAAO,EAAE,UAAU,GAAG,UAAU;IAqBpE;;;;;OAKG;IACI,MAAM,CACX,SAAS,EAAE,UAAU,EACrB,OAAO,EAAE,UAAU,EACnB,SAAS,EAAE,UAAU,GACpB,OAAO;CAQX"}

package/src/services/ecies/crypto-core.js

@@ -0,0 +1,209 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.EciesCryptoCore = void 0;
+const wallet_1 = require("@ethereumjs/wallet");
+const bip32_1 = require("@scure/bip32");
+const bip39_1 = require("@scure/bip39");
+const english_1 = require("@scure/bip39/wordlists/english");
+const constants_1 = require("../../constants");
+const secure_string_1 = require("../../secure-string");
+const secp256k1_js_1 = require("@noble/curves/secp256k1.js");
+const hkdf_js_1 = require("@noble/hashes/hkdf.js");
+const sha2_js_1 = require("@noble/hashes/sha2.js");
+const enumerations_1 = require("../../enumerations");
+const i18n_setup_1 = require("../../i18n-setup");
+/**
+ * Browser-compatible crypto core for ECIES operations
+ * Uses @scure libraries for browser compatibility
+ */
+class EciesCryptoCore {
+    _config;
+    _eciesConsts;
+    constructor(config, eciesParams = constants_1.Constants.ECIES) {
+        this._config = config;
+        this._eciesConsts = eciesParams;
+    }
+    get config() {
+        return this._config;
+    }
+    /**
+     * Validates and normalizes a public key for ECIES operations
+     */
+    normalizePublicKey(publicKey) {
+        if (!publicKey) {
+            const engine = (0, i18n_setup_1.getEciesI18nEngine)();
+            throw new Error(engine.translate(i18n_setup_1.EciesComponentId, enumerations_1.EciesStringKey.Error_ECIESError_ReceivedNullOrUndefinedPublicKey));
+        }
+        const keyLength = publicKey.length;
+        let normalizedKey;
+        // Compressed key (33 bytes) - 0x02 or 0x03 prefix
+        if (keyLength === 33 && (publicKey[0] === 0x02 || publicKey[0] === 0x03)) {
+            normalizedKey = publicKey;
+        }
+        // Uncompressed key (65 bytes) - 0x04 prefix
+        // We accept this for backward compatibility with existing keys
+        else if (keyLength === 65 && publicKey[0] === 0x04) {
+            normalizedKey = publicKey;
+        }
+        // Raw key without prefix (64 bytes) - add the 0x04 prefix
+        // Legacy support
+        else if (keyLength === 64) {
+            normalizedKey = new Uint8Array(65);
+            normalizedKey[0] = 0x04;
+            normalizedKey.set(publicKey, 1);
+        }
+        else {
+            const engine = (0, i18n_setup_1.getEciesI18nEngine)();
+            throw new Error(engine.translate(i18n_setup_1.EciesComponentId, enumerations_1.EciesStringKey.Error_ECIESError_InvalidPublicKeyFormatOrLengthTemplate, { keyLength }));
+        }
+        // Basic validation: check it's not all zeros
+        let allZeros = true;
+        for (let i = 1; i < normalizedKey.length; i++) {
+            // Skip first byte (prefix)
+            if (normalizedKey[i] !== 0) {
+                allZeros = false;
+                break;
+            }
+        }
+        if (allZeros) {
+            const engine = (0, i18n_setup_1.getEciesI18nEngine)();
+            throw new Error(engine.translate(i18n_setup_1.EciesComponentId, enumerations_1.EciesStringKey.Error_ECIESError_InvalidPublicKeyNotOnCurve));
+        }
+        return normalizedKey;
+    }
+    /**
+     * Generate a new mnemonic
+     */
+    generateNewMnemonic() {
+        return new secure_string_1.SecureString((0, bip39_1.generateMnemonic)(english_1.wordlist, this._config.mnemonicStrength));
+    }
+    /**
+     * Generate wallet and seed from mnemonic
+     */
+    walletAndSeedFromMnemonic(mnemonic) {
+        if (!mnemonic || !(0, bip39_1.validateMnemonic)(mnemonic.value ?? '', english_1.wordlist)) {
+            const engine = (0, i18n_setup_1.getEciesI18nEngine)();
+            throw new Error(engine.translate(i18n_setup_1.EciesComponentId, enumerations_1.EciesStringKey.Error_ECIESError_InvalidMnemonic));
+        }
+        const seed = (0, bip39_1.mnemonicToSeedSync)(mnemonic.value ?? '');
+        const hdKey = bip32_1.HDKey.fromMasterSeed(seed);
+        const derivedKey = hdKey.derive(this._config.primaryKeyDerivationPath);
+        if (!derivedKey.privateKey) {
+            const engine = (0, i18n_setup_1.getEciesI18nEngine)();
+            throw new Error(engine.translate(i18n_setup_1.EciesComponentId, enumerations_1.EciesStringKey.Error_ECIESError_FailedToDervivePrivateKey));
+        }
+        const privateKey = derivedKey.privateKey;
+        const wallet = new wallet_1.Wallet(privateKey);
+        return {
+            wallet,
+            seed,
+        };
+    }
+    /**
+     * Create a simple key pair from a seed
+     */
+    seedToSimpleKeyPair(seed) {
+        const hdKey = bip32_1.HDKey.fromMasterSeed(seed);
+        const derivedKey = hdKey.derive(this._config.primaryKeyDerivationPath);
+        if (!derivedKey.privateKey) {
+            const engine = (0, i18n_setup_1.getEciesI18nEngine)();
+            throw new Error(engine.translate(i18n_setup_1.EciesComponentId, enumerations_1.EciesStringKey.Error_ECIESError_FailedToDervivePrivateKey));
+        }
+        const privateKey = derivedKey.privateKey;
+        const publicKey = secp256k1_js_1.secp256k1.getPublicKey(privateKey, true); // compressed
+        return {
+            privateKey,
+            publicKey,
+        };
+    }
+    /**
+     * Create a simple key pair from a mnemonic
+     */
+    mnemonicToSimpleKeyPair(mnemonic) {
+        const { seed } = this.walletAndSeedFromMnemonic(mnemonic);
+        return this.seedToSimpleKeyPair(seed);
+    }
+    /**
+     * Generate a random private key
+     */
+    generatePrivateKey() {
+        return secp256k1_js_1.secp256k1.utils.randomSecretKey();
+    }
+    /**
+     * Get public key from private key
+     */
+    getPublicKey(privateKey) {
+        const publicKeyPoint = secp256k1_js_1.secp256k1.getPublicKey(privateKey, true); // compressed
+        return publicKeyPoint;
+    }
+    /**
+     * Generate ephemeral key pair for ECIES
+     */
+    async generateEphemeralKeyPair() {
+        const privateKey = this.generatePrivateKey();
+        const publicKey = this.getPublicKey(privateKey);
+        return { privateKey, publicKey };
+    }
+    /**
+     * Compute ECDH shared secret
+     */
+    computeSharedSecret(privateKey, publicKey) {
+        // Normalize the public key to ensure it has the correct format
+        const normalizedPublicKey = this.normalizePublicKey(publicKey);
+        // Use uncompressed shared secret to match Node.js ECDH behavior
+        // Node.js ECDH.computeSecret() returns the x-coordinate of the shared point
+        const sharedSecret = secp256k1_js_1.secp256k1.getSharedSecret(privateKey, normalizedPublicKey, false);
+        // Return only the x-coordinate (first 32 bytes after the 0x04 prefix)
+        return sharedSecret.slice(1, 33);
+    }
+    /**
+     * Derive a symmetric key from a shared secret using HKDF
+     * @param sharedSecret The shared secret (ECDH output)
+     * @param salt Optional salt
+     * @param info Optional context info
+     * @param length Length of the output key (default 32 for AES-256)
+     */
+    deriveSharedKey(sharedSecret, salt = new Uint8Array(0), info = new Uint8Array(0), length = 32) {
+        return (0, hkdf_js_1.hkdf)(sha2_js_1.sha256, sharedSecret, salt, info, length);
+    }
+    /**
+     * Sign a message using ECDSA
+     * @param privateKey The private key to sign with
+     * @param message The message to sign
+     */
+    sign(privateKey, message) {
+        const hash = (0, sha2_js_1.sha256)(message);
+        const signature = secp256k1_js_1.secp256k1.sign(hash, privateKey);
+        if (signature instanceof Uint8Array) {
+            return signature;
+        }
+        // Check if signature has toCompactRawBytes method
+        if (signature &&
+            typeof signature === 'object' &&
+            'toCompactRawBytes' in signature) {
+            const sig = signature;
+            if (typeof sig.toCompactRawBytes === 'function') {
+                return sig.toCompactRawBytes();
+            }
+        }
+        // Fallback or error
+        throw new Error('Unknown signature format');
+    }
+    /**
+     * Verify a signature using ECDSA
+     * @param publicKey The public key to verify with
+     * @param message The message that was signed
+     * @param signature The signature to verify
+     */
+    verify(publicKey, message, signature) {
+        const hash = (0, sha2_js_1.sha256)(message);
+        try {
+            return secp256k1_js_1.secp256k1.verify(signature, hash, publicKey);
+        }
+        catch (e) {
+            return false;
+        }
+    }
+}
+exports.EciesCryptoCore = EciesCryptoCore;
+//# sourceMappingURL=crypto-core.js.map

package/src/services/ecies/crypto-core.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"crypto-core.js","sourceRoot":"","sources":["../../../../../../packages/digitaldefiance-ecies-lib/src/services/ecies/crypto-core.ts"],"names":[],"mappings":";;;AAAA,+CAA4C;AAC5C,wCAAqC;AACrC,wCAIsB;AACtB,4DAA0D;AAC1D,+CAA4C;AAE5C,uDAAmD;AAGnD,6DAAuD;AACvD,mDAA6C;AAC7C,mDAA+C;AAC/C,qDAAoD;AACpD,iDAAwE;AAGxE;;;GAGG;AACH,MAAa,eAAe;IACP,OAAO,CAAe;IACtB,YAAY,CAAkB;IAEjD,YACE,MAAoB,EACpB,cAA+B,qBAAS,CAAC,KAAK;QAE9C,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC;QACtB,IAAI,CAAC,YAAY,GAAG,WAAW,CAAC;IAClC,CAAC;IAED,IAAW,MAAM;QACf,OAAO,IAAI,CAAC,OAAO,CAAC;IACtB,CAAC;IAED;;OAEG;IACI,kBAAkB,CAAC,SAAqB;QAC7C,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,MAAM,GAAG,IAAA,+BAAkB,GAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CACb,MAAM,CAAC,SAAS,CACd,6BAAgB,EAChB,6BAAc,CAAC,iDAAiD,CACjE,CACF,CAAC;QACJ,CAAC;QAED,MAAM,SAAS,GAAG,SAAS,CAAC,MAAM,CAAC;QACnC,IAAI,aAAyB,CAAC;QAE9B,kDAAkD;QAClD,IAAI,SAAS,KAAK,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,KAAK,IAAI,IAAI,SAAS,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,EAAE,CAAC;YACzE,aAAa,GAAG,SAAS,CAAC;QAC5B,CAAC;QACD,4CAA4C;QAC5C,+DAA+D;aAC1D,IAAI,SAAS,KAAK,EAAE,IAAI,SAAS,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YACnD,aAAa,GAAG,SAAS,CAAC;QAC5B,CAAC;QACD,0DAA0D;QAC1D,iBAAiB;aACZ,IAAI,SAAS,KAAK,EAAE,EAAE,CAAC;YAC1B,aAAa,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;YACnC,aAAa,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;YACxB,aAAa,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;QAClC,CAAC;aAAM,CAAC;YACN,MAAM,MAAM,GAAG,IAAA,+BAAkB,GAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CACb,MAAM,CAAC,SAAS,CACd,6BAAgB,EAChB,6BAAc,CAAC,uDAAuD,EACtE,EAAE,SAAS,EAAE,CACd,CACF,CAAC;QACJ,CAAC;QAED,6CAA6C;QAC7C,IAAI,QAAQ,GAAG,IAAI,CAAC;QACpB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,aAAa,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAC9C,2BAA2B;YAC3B,IAAI,aAAa,CAAC,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC3B,QAAQ,GAAG,KAAK,CAAC;gBACjB,MAAM;YACR,CAAC;QACH,CAAC;QACD,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,MAAM,GAAG,IAAA,+BAAkB,GAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CACb,MAAM,CAAC,SAAS,CACd,6BAAgB,EAChB,6BAAc,CAAC,2CAA2C,CAC3D,CACF,CAAC;QACJ,CAAC;QAED,OAAO,aAAa,CAAC;IACvB,CAAC;IAED;;OAEG;IACI,mBAAmB;QACxB,OAAO,IAAI,4BAAY,CACrB,IAAA,wBAAgB,EAAC,kBAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAC1D,CAAC;IACJ,CAAC;IAED;;OAEG;IACI,yBAAyB,CAAC,QAAsB;QACrD,IAAI,CAAC,QAAQ,IAAI,CAAC,IAAA,wBAAgB,EAAC,QAAQ,CAAC,KAAK,IAAI,EAAE,EAAE,kBAAQ,CAAC,EAAE,CAAC;YACnE,MAAM,MAAM,GAAG,IAAA,+BAAkB,GAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CACb,MAAM,CAAC,SAAS,CACd,6BAAgB,EAChB,6BAAc,CAAC,gCAAgC,CAChD,CACF,CAAC;QACJ,CAAC;QAED,MAAM,IAAI,GAAG,IAAA,0BAAkB,EAAC,QAAQ,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC;QACtD,MAAM,KAAK,GAAG,aAAK,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;QACzC,MAAM,UAAU,GAAG,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,wBAAwB,CAAC,CAAC;QAEvE,IAAI,CAAC,UAAU,CAAC,UAAU,EAAE,CAAC;YAC3B,MAAM,MAAM,GAAG,IAAA,+BAAkB,GAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CACb,MAAM,CAAC,SAAS,CACd,6BAAgB,EAChB,6BAAc,CAAC,0CAA0C,CAC1D,CACF,CAAC;QACJ,CAAC;QAED,MAAM,UAAU,GAAG,UAAU,CAAC,UAAU,CAAC;QAEzC,MAAM,MAAM,GAAG,IAAI,eAAM,CAAC,UAAU,CAAC,CAAC;QAEtC,OAAO;YACL,MAAM;YACN,IAAI;SACL,CAAC;IACJ,CAAC;IAED;;OAEG;IACI,mBAAmB,CAAC,IAAgB;QACzC,MAAM,KAAK,GAAG,aAAK,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;QACzC,MAAM,UAAU,GAAG,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,wBAAwB,CAAC,CAAC;QAEvE,IAAI,CAAC,UAAU,CAAC,UAAU,EAAE,CAAC;YAC3B,MAAM,MAAM,GAAG,IAAA,+BAAkB,GAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CACb,MAAM,CAAC,SAAS,CACd,6BAAgB,EAChB,6BAAc,CAAC,0CAA0C,CAC1D,CACF,CAAC;QACJ,CAAC;QAED,MAAM,UAAU,GAAG,UAAU,CAAC,UAAU,CAAC;QACzC,MAAM,SAAS,GAAG,wBAAS,CAAC,YAAY,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC,CAAC,aAAa;QAEzE,OAAO;YACL,UAAU;YACV,SAAS;SACV,CAAC;IACJ,CAAC;IAED;;OAEG;IACI,uBAAuB,CAAC,QAAsB;QACnD,MAAM,EAAE,IAAI,EAAE,GAAG,IAAI,CAAC,yBAAyB,CAAC,QAAQ,CAAC,CAAC;QAC1D,OAAO,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC;IACxC,CAAC;IAED;;OAEG;IACI,kBAAkB;QACvB,OAAO,wBAAS,CAAC,KAAK,CAAC,eAAe,EAAE,CAAC;IAC3C,CAAC;IAED;;OAEG;IACI,YAAY,CAAC,UAAsB;QACxC,MAAM,cAAc,GAAG,wBAAS,CAAC,YAAY,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC,CAAC,aAAa;QAC9E,OAAO,cAAc,CAAC;IACxB,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,wBAAwB;QACnC,MAAM,UAAU,GAAG,IAAI,CAAC,kBAAkB,EAAE,CAAC;QAC7C,MAAM,SAAS,GAAG,IAAI,CAAC,YAAY,CAAC,UAAU,CAAC,CAAC;QAChD,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,CAAC;IACnC,CAAC;IAED;;OAEG;IACI,mBAAmB,CACxB,UAAsB,EACtB,SAAqB;QAErB,+DAA+D;QAC/D,MAAM,mBAAmB,GAAG,IAAI,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC;QAE/D,gEAAgE;QAChE,4EAA4E;QAC5E,MAAM,YAAY,GAAG,wBAAS,CAAC,eAAe,CAC5C,UAAU,EACV,mBAAmB,EACnB,KAAK,CACN,CAAC;QACF,sEAAsE;QACtE,OAAO,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACnC,CAAC;IAED;;;;;;OAMG;IACI,eAAe,CACpB,YAAwB,EACxB,OAAmB,IAAI,UAAU,CAAC,CAAC,CAAC,EACpC,OAAmB,IAAI,UAAU,CAAC,CAAC,CAAC,EACpC,SAAiB,EAAE;QAEnB,OAAO,IAAA,cAAI,EAAC,gBAAM,EAAE,YAAY,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;IACxD,CAAC;IAED;;;;OAIG;IACI,IAAI,CAAC,UAAsB,EAAE,OAAmB;QACrD,MAAM,IAAI,GAAG,IAAA,gBAAM,EAAC,OAAO,CAAC,CAAC;QAC7B,MAAM,SAAS,GAAG,wBAAS,CAAC,IAAI,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QACnD,IAAI,SAAS,YAAY,UAAU,EAAE,CAAC;YACpC,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,kDAAkD;QAClD,IACE,SAAS;YACT,OAAO,SAAS,KAAK,QAAQ;YAC7B,mBAAmB,IAAI,SAAS,EAChC,CAAC;YACD,MAAM,GAAG,GAAG,SAAoD,CAAC;YACjE,IAAI,OAAO,GAAG,CAAC,iBAAiB,KAAK,UAAU,EAAE,CAAC;gBAChD,OAAO,GAAG,CAAC,iBAAiB,EAAE,CAAC;YACjC,CAAC;QACH,CAAC;QACD,oBAAoB;QACpB,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;IAC9C,CAAC;IAED;;;;;OAKG;IACI,MAAM,CACX,SAAqB,EACrB,OAAmB,EACnB,SAAqB;QAErB,MAAM,IAAI,GAAG,IAAA,gBAAM,EAAC,OAAO,CAAC,CAAC;QAC7B,IAAI,CAAC;YACH,OAAO,wBAAS,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC;QACtD,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;CACF;AA3QD,0CA2QC"}