npm - @digitaldefiance/ecies-lib - Versions diffs - 4.4.2 → 4.4.3 - Mend

@digitaldefiance/ecies-lib 4.4.2 → 4.4.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (589) hide show

package/LICENSE +21 -0
package/package.json +9 -6
package/src/builders/ecies-builder.ts +39 -0
package/src/builders/{index.js → index.ts} +1 -1
package/src/builders/member-builder.ts +155 -0
package/src/constants.ts +609 -0
package/src/core/errors/crypto-error.ts +78 -0
package/src/core/{index.js → index.ts} +1 -1
package/src/core/types/result.ts +19 -0
package/src/email-string.ts +82 -0
package/src/enumerations/disposed-error-type.ts +11 -0
package/src/enumerations/ecies-cipher-suite.ts +4 -0
package/src/enumerations/ecies-encryption-type.ts +41 -0
package/src/enumerations/ecies-error-type.ts +43 -0
package/src/enumerations/ecies-string-key.ts +205 -0
package/src/enumerations/ecies-version.ts +3 -0
package/src/enumerations/guid-brand-type.ts +26 -0
package/src/enumerations/guid-error-type.ts +6 -0
package/src/enumerations/id-provider-error-type.ts +50 -0
package/src/enumerations/{index.js → index.ts} +0 -1
package/src/enumerations/invalid-email-type.ts +5 -0
package/src/enumerations/length-encoding-type.ts +6 -0
package/src/enumerations/length-error-type.ts +5 -0
package/src/enumerations/member-error-type.ts +106 -0
package/src/enumerations/{member-type.d.ts → member-type.ts} +7 -6
package/src/enumerations/password-login-error-type.ts +4 -0
package/src/enumerations/pbkdf2-error-type.ts +5 -0
package/src/enumerations/pbkdf2-profile.ts +5 -0
package/src/enumerations/secure-storage-error-type.ts +5 -0
package/src/errors/disposed.ts +36 -0
package/src/errors/ecies.ts +153 -0
package/src/errors/guid.ts +130 -0
package/src/errors/id-provider.ts +40 -0
package/src/errors/{index.d.ts → index.ts} +0 -1
package/src/errors/invalid-email.ts +23 -0
package/src/errors/length.ts +19 -0
package/src/errors/member.ts +20 -0
package/src/errors/pbkdf2.ts +20 -0
package/src/errors/secure-storage.ts +17 -0
package/src/errors/simple-ecies.ts +21 -0
package/src/errors/simple-test-error.ts +6 -0
package/src/i18n-setup.ts +130 -0
package/src/{index.js → index.ts} +64 -7
package/src/interfaces/checksum-config.ts +4 -0
package/src/interfaces/checksum-consts.ts +13 -0
package/src/interfaces/configuration-provenance.ts +54 -0
package/src/interfaces/constants.ts +75 -0
package/src/interfaces/ecies-config.ts +8 -0
package/src/interfaces/ecies-consts.ts +74 -0
package/src/interfaces/ecies-file-service.ts +6 -0
package/src/interfaces/encrypted-chunk.ts +64 -0
package/src/interfaces/encryption-state.ts +19 -0
package/src/interfaces/frontend-member-operational.ts +77 -0
package/src/interfaces/guid.ts +86 -0
package/src/interfaces/id-provider.ts +152 -0
package/src/interfaces/{index.d.ts → index.ts} +0 -1
package/src/interfaces/invariant.ts +60 -0
package/src/interfaces/library-error.ts +23 -0
package/src/interfaces/{member-storage.d.ts → member-storage.ts} +11 -10
package/src/interfaces/{member-with-mnemonic.d.ts → member-with-mnemonic.ts} +3 -3
package/src/interfaces/member.ts +84 -0
package/src/interfaces/multi-recipient-chunk.ts +61 -0
package/src/interfaces/pbkdf2-config.ts +6 -0
package/src/interfaces/pbkdf2-consts.ts +10 -0
package/src/interfaces/pbkdf2-result.ts +5 -0
package/src/interfaces/stream-config.ts +17 -0
package/src/interfaces/stream-header.ts +34 -0
package/src/interfaces/stream-progress.ts +31 -0
package/src/lib/configuration-provenance-utils.ts +26 -0
package/src/lib/crypto-container.ts +64 -0
package/src/lib/guid.ts +1097 -0
package/src/lib/id-providers/custom-provider.ts +109 -0
package/src/lib/id-providers/guidv4-provider.ts +141 -0
package/src/lib/id-providers/{index.d.ts → index.ts} +6 -5
package/src/lib/id-providers/objectid-provider.ts +125 -0
package/src/lib/id-providers/uuid-provider.ts +133 -0
package/src/lib/{index.js → index.ts} +2 -2
package/src/lib/invariant-validator.ts +133 -0
package/src/lib/invariants/encryption-algorithm-consistency.ts +73 -0
package/src/lib/invariants/{index.js → index.ts} +0 -1
package/src/lib/invariants/pbkdf2-profiles-validity.ts +78 -0
package/src/lib/invariants/recipient-id-consistency.ts +46 -0
package/src/lib/multi-recipient-chunk-utils.ts +63 -0
package/src/member.ts +495 -0
package/src/{pbkdf2-profiles.d.ts → pbkdf2-profiles.ts} +2 -2
package/src/phone-number.ts +18 -0
package/src/regexes.ts +10 -0
package/src/secure-buffer.ts +226 -0
package/src/secure-string.ts +244 -0
package/src/services/aes-gcm.ts +220 -0
package/src/services/chunk-processor.ts +188 -0
package/src/services/ecies/README.md +147 -0
package/src/services/ecies/crypto-core.ts +292 -0
package/src/services/ecies/example.ts +185 -0
package/src/services/ecies/file.ts +167 -0
package/src/services/ecies/{index.js → index.ts} +2 -1
package/src/services/ecies/integration.ts +241 -0
package/src/services/ecies/interfaces.ts +62 -0
package/src/services/ecies/manual-test.ts +219 -0
package/src/services/ecies/multi-recipient.ts +545 -0
package/src/services/ecies/service.ts +370 -0
package/src/services/ecies/signature.ts +93 -0
package/src/services/ecies/single-recipient.ts +476 -0
package/src/services/encryption-stream.ts +435 -0
package/src/services/{index.js → index.ts} +0 -1
package/src/services/multi-recipient-processor.ts +377 -0
package/src/services/password-login.ts +226 -0
package/src/services/pbkdf2.ts +169 -0
package/src/services/progress-tracker.ts +128 -0
package/src/services/resumable-encryption.ts +135 -0
package/src/services/xor.ts +65 -0
package/src/test-mocks/index.ts +1 -0
package/src/test-mocks/mock-frontend-member.ts +276 -0
package/src/{testing.js → testing.ts} +0 -1
package/src/translations/{de.js → de.ts} +112 -56
package/src/translations/{en-US.js → en-US.ts} +116 -58
package/src/translations/{es.js → es.ts} +134 -67
package/src/translations/{fr.js → fr.ts} +129 -64
package/src/translations/{ja.js → ja.ts} +111 -55
package/src/translations/{uk.js → uk.ts} +132 -67
package/src/translations/{zh-cn.js → zh-cn.ts} +60 -29
package/src/types/deep-partial.ts +11 -0
package/src/{types.d.ts → types.ts} +15 -7
package/src/utils/encryption-type-utils.ts +76 -0
package/src/utils.ts +329 -0
package/src/builders/ecies-builder.d.ts +0 -18
package/src/builders/ecies-builder.d.ts.map +0 -1
package/src/builders/ecies-builder.js +0 -30
package/src/builders/ecies-builder.js.map +0 -1
package/src/builders/index.d.ts +0 -6
package/src/builders/index.d.ts.map +0 -1
package/src/builders/index.js.map +0 -1
package/src/builders/member-builder.d.ts +0 -51
package/src/builders/member-builder.d.ts.map +0 -1
package/src/builders/member-builder.js +0 -97
package/src/builders/member-builder.js.map +0 -1
package/src/constants.d.ts +0 -60
package/src/constants.d.ts.map +0 -1
package/src/constants.js +0 -446
package/src/constants.js.map +0 -1
package/src/core/errors/crypto-error.d.ts +0 -34
package/src/core/errors/crypto-error.d.ts.map +0 -1
package/src/core/errors/crypto-error.js +0 -56
package/src/core/errors/crypto-error.js.map +0 -1
package/src/core/index.d.ts +0 -6
package/src/core/index.d.ts.map +0 -1
package/src/core/index.js.map +0 -1
package/src/core/types/result.d.ts +0 -16
package/src/core/types/result.d.ts.map +0 -1
package/src/core/types/result.js +0 -12
package/src/core/types/result.js.map +0 -1
package/src/email-string.d.ts +0 -42
package/src/email-string.d.ts.map +0 -1
package/src/email-string.js +0 -67
package/src/email-string.js.map +0 -1
package/src/enumerations/disposed-error-type.d.ts +0 -12
package/src/enumerations/disposed-error-type.d.ts.map +0 -1
package/src/enumerations/disposed-error-type.js +0 -13
package/src/enumerations/disposed-error-type.js.map +0 -1
package/src/enumerations/ecies-cipher-suite.d.ts +0 -4
package/src/enumerations/ecies-cipher-suite.d.ts.map +0 -1
package/src/enumerations/ecies-cipher-suite.js +0 -6
package/src/enumerations/ecies-cipher-suite.js.map +0 -1
package/src/enumerations/ecies-encryption-type.d.ts +0 -11
package/src/enumerations/ecies-encryption-type.d.ts.map +0 -1
package/src/enumerations/ecies-encryption-type.js +0 -27
package/src/enumerations/ecies-encryption-type.js.map +0 -1
package/src/enumerations/ecies-error-type.d.ts +0 -44
package/src/enumerations/ecies-error-type.d.ts.map +0 -1
package/src/enumerations/ecies-error-type.js +0 -45
package/src/enumerations/ecies-error-type.js.map +0 -1
package/src/enumerations/ecies-string-key.d.ts +0 -192
package/src/enumerations/ecies-string-key.d.ts.map +0 -1
package/src/enumerations/ecies-string-key.js +0 -199
package/src/enumerations/ecies-string-key.js.map +0 -1
package/src/enumerations/ecies-version.d.ts +0 -4
package/src/enumerations/ecies-version.d.ts.map +0 -1
package/src/enumerations/ecies-version.js +0 -5
package/src/enumerations/ecies-version.js.map +0 -1
package/src/enumerations/guid-brand-type.d.ts +0 -27
package/src/enumerations/guid-brand-type.d.ts.map +0 -1
package/src/enumerations/guid-brand-type.js +0 -28
package/src/enumerations/guid-brand-type.js.map +0 -1
package/src/enumerations/guid-error-type.d.ts +0 -7
package/src/enumerations/guid-error-type.d.ts.map +0 -1
package/src/enumerations/guid-error-type.js +0 -8
package/src/enumerations/guid-error-type.js.map +0 -1
package/src/enumerations/id-provider-error-type.d.ts +0 -43
package/src/enumerations/id-provider-error-type.d.ts.map +0 -1
package/src/enumerations/id-provider-error-type.js +0 -44
package/src/enumerations/id-provider-error-type.js.map +0 -1
package/src/enumerations/index.d.ts +0 -18
package/src/enumerations/index.d.ts.map +0 -1
package/src/enumerations/index.js.map +0 -1
package/src/enumerations/invalid-email-type.d.ts +0 -6
package/src/enumerations/invalid-email-type.d.ts.map +0 -1
package/src/enumerations/invalid-email-type.js +0 -7
package/src/enumerations/invalid-email-type.js.map +0 -1
package/src/enumerations/length-encoding-type.d.ts +0 -7
package/src/enumerations/length-encoding-type.d.ts.map +0 -1
package/src/enumerations/length-encoding-type.js +0 -8
package/src/enumerations/length-encoding-type.js.map +0 -1
package/src/enumerations/length-error-type.d.ts +0 -6
package/src/enumerations/length-error-type.d.ts.map +0 -1
package/src/enumerations/length-error-type.js +0 -7
package/src/enumerations/length-error-type.js.map +0 -1
package/src/enumerations/member-error-type.d.ts +0 -87
package/src/enumerations/member-error-type.d.ts.map +0 -1
package/src/enumerations/member-error-type.js +0 -88
package/src/enumerations/member-error-type.js.map +0 -1
package/src/enumerations/member-type.d.ts.map +0 -1
package/src/enumerations/member-type.js +0 -16
package/src/enumerations/member-type.js.map +0 -1
package/src/enumerations/password-login-error-type.d.ts +0 -5
package/src/enumerations/password-login-error-type.d.ts.map +0 -1
package/src/enumerations/password-login-error-type.js +0 -6
package/src/enumerations/password-login-error-type.js.map +0 -1
package/src/enumerations/pbkdf2-error-type.d.ts +0 -6
package/src/enumerations/pbkdf2-error-type.d.ts.map +0 -1
package/src/enumerations/pbkdf2-error-type.js +0 -7
package/src/enumerations/pbkdf2-error-type.js.map +0 -1
package/src/enumerations/pbkdf2-profile.d.ts +0 -6
package/src/enumerations/pbkdf2-profile.d.ts.map +0 -1
package/src/enumerations/pbkdf2-profile.js +0 -7
package/src/enumerations/pbkdf2-profile.js.map +0 -1
package/src/enumerations/secure-storage-error-type.d.ts +0 -6
package/src/enumerations/secure-storage-error-type.d.ts.map +0 -1
package/src/enumerations/secure-storage-error-type.js +0 -7
package/src/enumerations/secure-storage-error-type.js.map +0 -1
package/src/errors/disposed.d.ts +0 -22
package/src/errors/disposed.d.ts.map +0 -1
package/src/errors/disposed.js +0 -28
package/src/errors/disposed.js.map +0 -1
package/src/errors/ecies.d.ts +0 -52
package/src/errors/ecies.d.ts.map +0 -1
package/src/errors/ecies.js +0 -78
package/src/errors/ecies.js.map +0 -1
package/src/errors/guid.d.ts +0 -49
package/src/errors/guid.d.ts.map +0 -1
package/src/errors/guid.js +0 -96
package/src/errors/guid.js.map +0 -1
package/src/errors/id-provider.d.ts +0 -23
package/src/errors/id-provider.d.ts.map +0 -1
package/src/errors/id-provider.js +0 -29
package/src/errors/id-provider.js.map +0 -1
package/src/errors/index.d.ts.map +0 -1
package/src/errors/index.js +0 -10
package/src/errors/index.js.map +0 -1
package/src/errors/invalid-email.d.ts +0 -8
package/src/errors/invalid-email.d.ts.map +0 -1
package/src/errors/invalid-email.js +0 -15
package/src/errors/invalid-email.js.map +0 -1
package/src/errors/length.d.ts +0 -7
package/src/errors/length.d.ts.map +0 -1
package/src/errors/length.js +0 -11
package/src/errors/length.js.map +0 -1
package/src/errors/member.d.ts +0 -7
package/src/errors/member.d.ts.map +0 -1
package/src/errors/member.js +0 -11
package/src/errors/member.js.map +0 -1
package/src/errors/pbkdf2.d.ts +0 -7
package/src/errors/pbkdf2.d.ts.map +0 -1
package/src/errors/pbkdf2.js +0 -11
package/src/errors/pbkdf2.js.map +0 -1
package/src/errors/secure-storage.d.ts +0 -7
package/src/errors/secure-storage.d.ts.map +0 -1
package/src/errors/secure-storage.js +0 -12
package/src/errors/secure-storage.js.map +0 -1
package/src/errors/simple-ecies.d.ts +0 -6
package/src/errors/simple-ecies.d.ts.map +0 -1
package/src/errors/simple-ecies.js +0 -12
package/src/errors/simple-ecies.js.map +0 -1
package/src/errors/simple-test-error.d.ts +0 -4
package/src/errors/simple-test-error.d.ts.map +0 -1
package/src/errors/simple-test-error.js +0 -7
package/src/errors/simple-test-error.js.map +0 -1
package/src/i18n-setup.d.ts +0 -32
package/src/i18n-setup.d.ts.map +0 -1
package/src/i18n-setup.js +0 -101
package/src/i18n-setup.js.map +0 -1
package/src/index.d.ts +0 -80
package/src/index.d.ts.map +0 -1
package/src/index.js.map +0 -1
package/src/interfaces/checksum-config.d.ts +0 -5
package/src/interfaces/checksum-config.d.ts.map +0 -1
package/src/interfaces/checksum-config.js +0 -2
package/src/interfaces/checksum-config.js.map +0 -1
package/src/interfaces/checksum-consts.d.ts +0 -11
package/src/interfaces/checksum-consts.d.ts.map +0 -1
package/src/interfaces/checksum-consts.js +0 -2
package/src/interfaces/checksum-consts.js.map +0 -1
package/src/interfaces/configuration-provenance.d.ts +0 -43
package/src/interfaces/configuration-provenance.d.ts.map +0 -1
package/src/interfaces/configuration-provenance.js +0 -3
package/src/interfaces/configuration-provenance.js.map +0 -1
package/src/interfaces/constants.d.ts +0 -70
package/src/interfaces/constants.d.ts.map +0 -1
package/src/interfaces/constants.js +0 -2
package/src/interfaces/constants.js.map +0 -1
package/src/interfaces/ecies-config.d.ts +0 -9
package/src/interfaces/ecies-config.d.ts.map +0 -1
package/src/interfaces/ecies-config.js +0 -2
package/src/interfaces/ecies-config.js.map +0 -1
package/src/interfaces/ecies-consts.d.ts +0 -61
package/src/interfaces/ecies-consts.d.ts.map +0 -1
package/src/interfaces/ecies-consts.js +0 -2
package/src/interfaces/ecies-consts.js.map +0 -1
package/src/interfaces/ecies-file-service.d.ts +0 -7
package/src/interfaces/ecies-file-service.d.ts.map +0 -1
package/src/interfaces/ecies-file-service.js +0 -2
package/src/interfaces/ecies-file-service.js.map +0 -1
package/src/interfaces/encrypted-chunk.d.ts +0 -55
package/src/interfaces/encrypted-chunk.d.ts.map +0 -1
package/src/interfaces/encrypted-chunk.js +0 -12
package/src/interfaces/encrypted-chunk.js.map +0 -1
package/src/interfaces/encryption-state.d.ts +0 -18
package/src/interfaces/encryption-state.d.ts.map +0 -1
package/src/interfaces/encryption-state.js +0 -2
package/src/interfaces/encryption-state.js.map +0 -1
package/src/interfaces/frontend-member-operational.d.ts +0 -51
package/src/interfaces/frontend-member-operational.d.ts.map +0 -1
package/src/interfaces/frontend-member-operational.js +0 -2
package/src/interfaces/frontend-member-operational.js.map +0 -1
package/src/interfaces/guid.d.ts +0 -78
package/src/interfaces/guid.d.ts.map +0 -1
package/src/interfaces/guid.js +0 -2
package/src/interfaces/guid.js.map +0 -1
package/src/interfaces/id-provider.d.ts +0 -107
package/src/interfaces/id-provider.d.ts.map +0 -1
package/src/interfaces/id-provider.js +0 -52
package/src/interfaces/id-provider.js.map +0 -1
package/src/interfaces/index.d.ts.map +0 -1
package/src/interfaces/index.js +0 -13
package/src/interfaces/index.js.map +0 -1
package/src/interfaces/invariant.d.ts +0 -46
package/src/interfaces/invariant.d.ts.map +0 -1
package/src/interfaces/invariant.js +0 -18
package/src/interfaces/invariant.js.map +0 -1
package/src/interfaces/library-error.d.ts +0 -23
package/src/interfaces/library-error.d.ts.map +0 -1
package/src/interfaces/library-error.js +0 -2
package/src/interfaces/library-error.js.map +0 -1
package/src/interfaces/member-storage.d.ts.map +0 -1
package/src/interfaces/member-storage.js +0 -2
package/src/interfaces/member-storage.js.map +0 -1
package/src/interfaces/member-with-mnemonic.d.ts.map +0 -1
package/src/interfaces/member-with-mnemonic.js +0 -2
package/src/interfaces/member-with-mnemonic.js.map +0 -1
package/src/interfaces/member.d.ts +0 -55
package/src/interfaces/member.d.ts.map +0 -1
package/src/interfaces/member.js +0 -2
package/src/interfaces/member.js.map +0 -1
package/src/interfaces/multi-recipient-chunk.d.ts +0 -54
package/src/interfaces/multi-recipient-chunk.d.ts.map +0 -1
package/src/interfaces/multi-recipient-chunk.js +0 -11
package/src/interfaces/multi-recipient-chunk.js.map +0 -1
package/src/interfaces/pbkdf2-config.d.ts +0 -7
package/src/interfaces/pbkdf2-config.d.ts.map +0 -1
package/src/interfaces/pbkdf2-config.js +0 -2
package/src/interfaces/pbkdf2-config.js.map +0 -1
package/src/interfaces/pbkdf2-consts.d.ts +0 -9
package/src/interfaces/pbkdf2-consts.d.ts.map +0 -1
package/src/interfaces/pbkdf2-consts.js +0 -2
package/src/interfaces/pbkdf2-consts.js.map +0 -1
package/src/interfaces/pbkdf2-result.d.ts +0 -6
package/src/interfaces/pbkdf2-result.d.ts.map +0 -1
package/src/interfaces/pbkdf2-result.js +0 -2
package/src/interfaces/pbkdf2-result.js.map +0 -1
package/src/interfaces/stream-config.d.ts +0 -14
package/src/interfaces/stream-config.d.ts.map +0 -1
package/src/interfaces/stream-config.js +0 -8
package/src/interfaces/stream-config.js.map +0 -1
package/src/interfaces/stream-header.d.ts +0 -29
package/src/interfaces/stream-header.d.ts.map +0 -1
package/src/interfaces/stream-header.js +0 -9
package/src/interfaces/stream-header.js.map +0 -1
package/src/interfaces/stream-progress.d.ts +0 -33
package/src/interfaces/stream-progress.d.ts.map +0 -1
package/src/interfaces/stream-progress.js +0 -2
package/src/interfaces/stream-progress.js.map +0 -1
package/src/lib/configuration-provenance-utils.d.ts +0 -11
package/src/lib/configuration-provenance-utils.d.ts.map +0 -1
package/src/lib/configuration-provenance-utils.js +0 -23
package/src/lib/configuration-provenance-utils.js.map +0 -1
package/src/lib/crypto-container.d.ts +0 -25
package/src/lib/crypto-container.d.ts.map +0 -1
package/src/lib/crypto-container.js +0 -46
package/src/lib/crypto-container.js.map +0 -1
package/src/lib/guid.d.ts +0 -344
package/src/lib/guid.d.ts.map +0 -1
package/src/lib/guid.js +0 -914
package/src/lib/guid.js.map +0 -1
package/src/lib/id-providers/custom-provider.d.ts +0 -46
package/src/lib/id-providers/custom-provider.d.ts.map +0 -1
package/src/lib/id-providers/custom-provider.js +0 -85
package/src/lib/id-providers/custom-provider.js.map +0 -1
package/src/lib/id-providers/guidv4-provider.d.ts +0 -56
package/src/lib/id-providers/guidv4-provider.d.ts.map +0 -1
package/src/lib/id-providers/guidv4-provider.js +0 -122
package/src/lib/id-providers/guidv4-provider.js.map +0 -1
package/src/lib/id-providers/index.d.ts.map +0 -1
package/src/lib/id-providers/index.js +0 -29
package/src/lib/id-providers/index.js.map +0 -1
package/src/lib/id-providers/objectid-provider.d.ts +0 -43
package/src/lib/id-providers/objectid-provider.d.ts.map +0 -1
package/src/lib/id-providers/objectid-provider.js +0 -104
package/src/lib/id-providers/objectid-provider.js.map +0 -1
package/src/lib/id-providers/uuid-provider.d.ts +0 -52
package/src/lib/id-providers/uuid-provider.d.ts.map +0 -1
package/src/lib/id-providers/uuid-provider.js +0 -110
package/src/lib/id-providers/uuid-provider.js.map +0 -1
package/src/lib/index.d.ts +0 -6
package/src/lib/index.d.ts.map +0 -1
package/src/lib/index.js.map +0 -1
package/src/lib/invariant-validator.d.ts +0 -59
package/src/lib/invariant-validator.d.ts.map +0 -1
package/src/lib/invariant-validator.js +0 -97
package/src/lib/invariant-validator.js.map +0 -1
package/src/lib/invariants/encryption-algorithm-consistency.d.ts +0 -17
package/src/lib/invariants/encryption-algorithm-consistency.d.ts.map +0 -1
package/src/lib/invariants/encryption-algorithm-consistency.js +0 -49
package/src/lib/invariants/encryption-algorithm-consistency.js.map +0 -1
package/src/lib/invariants/index.d.ts +0 -4
package/src/lib/invariants/index.d.ts.map +0 -1
package/src/lib/invariants/index.js.map +0 -1
package/src/lib/invariants/pbkdf2-profiles-validity.d.ts +0 -16
package/src/lib/invariants/pbkdf2-profiles-validity.d.ts.map +0 -1
package/src/lib/invariants/pbkdf2-profiles-validity.js +0 -58
package/src/lib/invariants/pbkdf2-profiles-validity.js.map +0 -1
package/src/lib/invariants/recipient-id-consistency.d.ts +0 -18
package/src/lib/invariants/recipient-id-consistency.d.ts.map +0 -1
package/src/lib/invariants/recipient-id-consistency.js +0 -31
package/src/lib/invariants/recipient-id-consistency.js.map +0 -1
package/src/lib/multi-recipient-chunk-utils.d.ts +0 -38
package/src/lib/multi-recipient-chunk-utils.d.ts.map +0 -1
package/src/lib/multi-recipient-chunk-utils.js +0 -41
package/src/lib/multi-recipient-chunk-utils.js.map +0 -1
package/src/member.d.ts +0 -92
package/src/member.d.ts.map +0 -1
package/src/member.js +0 -322
package/src/member.js.map +0 -1
package/src/pbkdf2-profiles.d.ts.map +0 -1
package/src/pbkdf2-profiles.js +0 -2
package/src/pbkdf2-profiles.js.map +0 -1
package/src/phone-number.d.ts +0 -6
package/src/phone-number.d.ts.map +0 -1
package/src/phone-number.js +0 -18
package/src/phone-number.js.map +0 -1
package/src/regexes.d.ts +0 -7
package/src/regexes.d.ts.map +0 -1
package/src/regexes.js +0 -7
package/src/regexes.js.map +0 -1
package/src/secure-buffer.d.ts +0 -61
package/src/secure-buffer.d.ts.map +0 -1
package/src/secure-buffer.js +0 -201
package/src/secure-buffer.js.map +0 -1
package/src/secure-string.d.ts +0 -46
package/src/secure-string.d.ts.map +0 -1
package/src/secure-string.js +0 -206
package/src/secure-string.js.map +0 -1
package/src/services/aes-gcm.d.ts +0 -57
package/src/services/aes-gcm.d.ts.map +0 -1
package/src/services/aes-gcm.js +0 -142
package/src/services/aes-gcm.js.map +0 -1
package/src/services/chunk-processor.d.ts +0 -31
package/src/services/chunk-processor.d.ts.map +0 -1
package/src/services/chunk-processor.js +0 -145
package/src/services/chunk-processor.js.map +0 -1
package/src/services/ecies/crypto-core.d.ts +0 -72
package/src/services/ecies/crypto-core.d.ts.map +0 -1
package/src/services/ecies/crypto-core.js +0 -205
package/src/services/ecies/crypto-core.js.map +0 -1
package/src/services/ecies/example.d.ts +0 -25
package/src/services/ecies/example.d.ts.map +0 -1
package/src/services/ecies/example.js +0 -121
package/src/services/ecies/example.js.map +0 -1
package/src/services/ecies/file.d.ts +0 -18
package/src/services/ecies/file.d.ts.map +0 -1
package/src/services/ecies/file.js +0 -106
package/src/services/ecies/file.js.map +0 -1
package/src/services/ecies/index.d.ts +0 -38
package/src/services/ecies/index.d.ts.map +0 -1
package/src/services/ecies/index.js.map +0 -1
package/src/services/ecies/integration.d.ts +0 -59
package/src/services/ecies/integration.d.ts.map +0 -1
package/src/services/ecies/integration.js +0 -167
package/src/services/ecies/integration.js.map +0 -1
package/src/services/ecies/interfaces.d.ts +0 -54
package/src/services/ecies/interfaces.d.ts.map +0 -1
package/src/services/ecies/interfaces.js +0 -5
package/src/services/ecies/interfaces.js.map +0 -1
package/src/services/ecies/manual-test.d.ts +0 -29
package/src/services/ecies/manual-test.d.ts.map +0 -1
package/src/services/ecies/manual-test.js +0 -163
package/src/services/ecies/manual-test.js.map +0 -1
package/src/services/ecies/multi-recipient.d.ts +0 -56
package/src/services/ecies/multi-recipient.d.ts.map +0 -1
package/src/services/ecies/multi-recipient.js +0 -344
package/src/services/ecies/multi-recipient.js.map +0 -1
package/src/services/ecies/service.d.ts +0 -120
package/src/services/ecies/service.d.ts.map +0 -1
package/src/services/ecies/service.js +0 -210
package/src/services/ecies/service.js.map +0 -1
package/src/services/ecies/signature.d.ts +0 -27
package/src/services/ecies/signature.d.ts.map +0 -1
package/src/services/ecies/signature.js +0 -72
package/src/services/ecies/signature.js.map +0 -1
package/src/services/ecies/single-recipient.d.ts +0 -46
package/src/services/ecies/single-recipient.d.ts.map +0 -1
package/src/services/ecies/single-recipient.js +0 -322
package/src/services/ecies/single-recipient.js.map +0 -1
package/src/services/encryption-stream.d.ts +0 -71
package/src/services/encryption-stream.d.ts.map +0 -1
package/src/services/encryption-stream.js +0 -295
package/src/services/encryption-stream.js.map +0 -1
package/src/services/index.d.ts +0 -11
package/src/services/index.d.ts.map +0 -1
package/src/services/index.js.map +0 -1
package/src/services/multi-recipient-processor.d.ts +0 -35
package/src/services/multi-recipient-processor.d.ts.map +0 -1
package/src/services/multi-recipient-processor.js +0 -289
package/src/services/multi-recipient-processor.js.map +0 -1
package/src/services/password-login.d.ts +0 -47
package/src/services/password-login.d.ts.map +0 -1
package/src/services/password-login.js +0 -115
package/src/services/password-login.js.map +0 -1
package/src/services/pbkdf2.d.ts +0 -54
package/src/services/pbkdf2.d.ts.map +0 -1
package/src/services/pbkdf2.js +0 -108
package/src/services/pbkdf2.js.map +0 -1
package/src/services/progress-tracker.d.ts +0 -23
package/src/services/progress-tracker.d.ts.map +0 -1
package/src/services/progress-tracker.js +0 -103
package/src/services/progress-tracker.js.map +0 -1
package/src/services/resumable-encryption.d.ts +0 -19
package/src/services/resumable-encryption.d.ts.map +0 -1
package/src/services/resumable-encryption.js +0 -105
package/src/services/resumable-encryption.js.map +0 -1
package/src/services/xor.d.ts +0 -37
package/src/services/xor.d.ts.map +0 -1
package/src/services/xor.js +0 -63
package/src/services/xor.js.map +0 -1
package/src/test-mocks/index.d.ts +0 -2
package/src/test-mocks/index.d.ts.map +0 -1
package/src/test-mocks/index.js +0 -2
package/src/test-mocks/index.js.map +0 -1
package/src/test-mocks/mock-frontend-member.d.ts +0 -85
package/src/test-mocks/mock-frontend-member.d.ts.map +0 -1
package/src/test-mocks/mock-frontend-member.js +0 -190
package/src/test-mocks/mock-frontend-member.js.map +0 -1
package/src/testing.d.ts +0 -2
package/src/testing.d.ts.map +0 -1
package/src/testing.js.map +0 -1
package/src/translations/de.d.ts +0 -4
package/src/translations/de.d.ts.map +0 -1
package/src/translations/de.js.map +0 -1
package/src/translations/en-US.d.ts +0 -4
package/src/translations/en-US.d.ts.map +0 -1
package/src/translations/en-US.js.map +0 -1
package/src/translations/es.d.ts +0 -4
package/src/translations/es.d.ts.map +0 -1
package/src/translations/es.js.map +0 -1
package/src/translations/fr.d.ts +0 -4
package/src/translations/fr.d.ts.map +0 -1
package/src/translations/fr.js.map +0 -1
package/src/translations/ja.d.ts +0 -4
package/src/translations/ja.d.ts.map +0 -1
package/src/translations/ja.js.map +0 -1
package/src/translations/uk.d.ts +0 -4
package/src/translations/uk.d.ts.map +0 -1
package/src/translations/uk.js.map +0 -1
package/src/translations/zh-cn.d.ts +0 -4
package/src/translations/zh-cn.d.ts.map +0 -1
package/src/translations/zh-cn.js.map +0 -1
package/src/types/deep-partial.d.ts +0 -4
package/src/types/deep-partial.d.ts.map +0 -1
package/src/types/deep-partial.js +0 -2
package/src/types/deep-partial.js.map +0 -1
package/src/types.d.ts.map +0 -1
package/src/types.js +0 -2
package/src/types.js.map +0 -1
package/src/utils/encryption-type-utils.d.ts +0 -29
package/src/utils/encryption-type-utils.d.ts.map +0 -1
package/src/utils/encryption-type-utils.js +0 -61
package/src/utils/encryption-type-utils.js.map +0 -1
package/src/utils.d.ts +0 -68
package/src/utils.d.ts.map +0 -1
package/src/utils.js +0 -273
package/src/utils.js.map +0 -1

package/src/services/multi-recipient-processor.ts ADDED Viewed

@@ -0,0 +1,377 @@
+import { ECIESService } from './ecies/service';
+import {
+  IMultiRecipientChunk,
+  IMultiRecipientChunkHeader,
+  IRecipientHeader,
+  IMultiRecipientConstants,
+  getMultiRecipientConstants,
+} from '../interfaces/multi-recipient-chunk';
+import { EciesComponentId, getEciesI18nEngine } from '../i18n-setup';
+import { EciesStringKey } from '../enumerations';
+import { Constants } from '../constants';
+import { IConstants } from '../interfaces/constants';
+import { AESGCMService } from './aes-gcm';
+import { concatUint8Arrays } from '../utils';
+/**
+ * Processes multi-recipient chunks using symmetric encryption.
+ * Supports dynamic recipient ID sizes based on the configured ID provider.
+ */
+export class MultiRecipientProcessor {
+  private readonly recipientIdSize: number;
+  private readonly constants: IMultiRecipientConstants;
+  /**
+   * Create a new multi-recipient processor.
+   * @param ecies - ECIES service for key encryption
+   * @param config - Configuration containing ID provider (defaults to global Constants)
+   */
+  constructor(
+    private readonly ecies: ECIESService,
+    private readonly config: IConstants = Constants
+  ) {
+    this.recipientIdSize = config.idProvider.byteLength;
+    this.constants = getMultiRecipientConstants(this.recipientIdSize);
+  }
+  /**
+   * Encrypt chunk for multiple recipients
+   */
+  async encryptChunk(
+    data: Uint8Array,
+    recipients: Array<{ id: Uint8Array; publicKey: Uint8Array }>,
+    chunkIndex: number,
+    isLast: boolean,
+    symmetricKey: Uint8Array,
+    senderPrivateKey?: Uint8Array,
+  ): Promise<IMultiRecipientChunk> {
+    // Validate inputs
+    const engine = getEciesI18nEngine();
+    if (recipients.length === 0 || recipients.length > this.constants.MAX_RECIPIENTS) {
+      throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_MultiRecipient_InvalidRecipientCountTemplate, { count: recipients.length }));
+    }
+    if (symmetricKey.length !== 32) {
+      throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_MultiRecipient_SymmetricKeyMust32Bytes));
+    }
+    if (chunkIndex < 0 || chunkIndex > 0xFFFFFFFF) {
+      throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_MultiRecipient_InvalidChunkIndexTemplate, { index: chunkIndex }));
+    }
+    // Sign-then-Encrypt
+    let dataToEncrypt = data;
+    if (senderPrivateKey) {
+      const signature = this.ecies.core.sign(senderPrivateKey, data);
+      dataToEncrypt = concatUint8Arrays(signature, data);
+    }
+    if (dataToEncrypt.length > 0x7FFFFFFF) {
+      throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_MultiRecipient_DataSizeExceedsMaximumTemplate, { size: dataToEncrypt.length }));
+    }
+    // Check for duplicate recipient IDs
+    const seenIds = new Set<string>();
+    for (const recipient of recipients) {
+      const idStr = Buffer.from(recipient.id).toString('hex');
+      if (seenIds.has(idStr)) {
+        throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_MultiRecipient_DuplicateRecipientId));
+      }
+      seenIds.add(idStr);
+    }
+    // Generate ONE ephemeral key pair for all recipients
+    const ephemeralKeyPair = await this.ecies.core.generateEphemeralKeyPair();
+    // Build recipient headers
+    const recipientHeaders: IRecipientHeader[] = [];
+    for (const recipient of recipients) {
+      if (recipient.id.length !== this.recipientIdSize) {
+        throw new Error(
+          `Recipient ID must be ${this.recipientIdSize} bytes (configured by ID provider), got ${recipient.id.length} bytes`
+        );
+      }
+      // Use Recipient ID as AAD for key encryption
+      const encryptedKey = await this.ecies.encryptKey(
+        recipient.publicKey,
+        symmetricKey,
+        ephemeralKeyPair.privateKey,
+        recipient.id
+      );
+      recipientHeaders.push({
+        id: recipient.id,
+        keySize: encryptedKey.length,
+        encryptedKey,
+      });
+    }
+    // Calculate sizes with overflow check
+    let recipientHeadersSize = 0;
+    for (const h of recipientHeaders) {
+      const headerSize = this.recipientIdSize +
+                        this.constants.KEY_SIZE_BYTES + h.keySize;
+      if (recipientHeadersSize + headerSize < recipientHeadersSize) {
+        throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_MultiRecipient_RecipientHeadersSizeOverflow));
+      }
+      recipientHeadersSize += headerSize;
+    }
+    // Calculate encrypted size (Data + Tag)
+    // AES-GCM tag is 16 bytes
+    const encryptedSize = dataToEncrypt.length + 16;
+    const totalSize = this.constants.HEADER_SIZE +
+                     recipientHeadersSize +
+                     Constants.ECIES.IV_SIZE + // IV
+                     encryptedSize;
+    // Check for integer overflow (max safe: 2^31 - 1 for Uint8Array)
+    if (totalSize > 0x7FFFFFFF || totalSize < 0) {
+      throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_MultiRecipient_ChunkSizeOverflow));
+    }
+    // Build chunk buffer
+    const chunk = new Uint8Array(totalSize);
+    const view = new DataView(chunk.buffer);
+    let offset = 0;
+    // Write header
+    view.setUint32(offset, this.constants.MAGIC, false);
+    offset += 4;
+    view.setUint16(offset, this.constants.VERSION, false);
+    offset += 2;
+    view.setUint16(offset, recipients.length, false);
+    offset += 2;
+    view.setUint32(offset, chunkIndex, false);
+    offset += 4;
+    view.setUint32(offset, dataToEncrypt.length, false); // Original Size (includes signature if present)
+    offset += 4;
+    view.setUint32(offset, encryptedSize, false);
+    offset += 4;
+    view.setUint8(offset, isLast ? this.constants.FLAG_IS_LAST : 0);
+    offset += 1;
+    // Write Ephemeral Public Key (33 bytes)
+    chunk.set(ephemeralKeyPair.publicKey, offset);
+    offset += 33;
+    // Padding to HEADER_SIZE (64 bytes)
+    offset = this.constants.HEADER_SIZE;
+    // Write recipient headers
+    for (const header of recipientHeaders) {
+      chunk.set(header.id, offset);
+      offset += this.recipientIdSize;
+      view.setUint16(offset, header.keySize, false);
+      offset += this.constants.KEY_SIZE_BYTES;
+      chunk.set(header.encryptedKey, offset);
+      offset += header.keySize;
+    }
+    // Extract the full header (including recipient headers) to use as AAD
+    const headerBytes = chunk.slice(0, offset);
+    // Encrypt data with AES-256-GCM using Header as AAD
+    const encryptResult = await AESGCMService.encrypt(
+      dataToEncrypt,
+      symmetricKey,
+      true, // Return tag separately
+      Constants.ECIES,
+      headerBytes // AAD
+    );
+    // Write IV
+    chunk.set(encryptResult.iv, offset);
+    offset += Constants.ECIES.IV_SIZE;
+    // Write encrypted data
+    chunk.set(encryptResult.encrypted, offset);
+    offset += encryptResult.encrypted.length;
+    // Write auth tag
+    if (encryptResult.tag) {
+      chunk.set(encryptResult.tag, offset);
+    }
+    return {
+      index: chunkIndex,
+      data: chunk,
+      isLast,
+      recipientCount: recipients.length,
+    };
+  }
+  /**
+   * Decrypt chunk for specific recipient
+   */
+  async decryptChunk(
+    chunkData: Uint8Array,
+    recipientId: Uint8Array,
+    privateKey: Uint8Array,
+    senderPublicKey?: Uint8Array,
+  ): Promise<{ data: Uint8Array; header: IMultiRecipientChunkHeader }> {
+    const engine = getEciesI18nEngine();
+    if (chunkData.length < this.constants.HEADER_SIZE) {
+      throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_MultiRecipient_ChunkTooSmall));
+    }
+    const view = new DataView(chunkData.buffer, chunkData.byteOffset);
+    let offset = 0;
+    // Parse header
+    const magic = view.getUint32(offset, false);
+    offset += 4;
+    if (magic !== this.constants.MAGIC) {
+      throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_MultiRecipient_InvalidChunkMagic));
+    }
+    const version = view.getUint16(offset, false);
+    offset += 2;
+    if (version !== this.constants.VERSION) {
+      throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_MultiRecipient_UnsupportedVersionTemplate, { version }));
+    }
+    const recipientCount = view.getUint16(offset, false);
+    offset += 2;
+    if (recipientCount === 0 || recipientCount > this.constants.MAX_RECIPIENTS) {
+      throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_MultiRecipient_InvalidRecipientCountTemplate, { count: recipientCount }));
+    }
+    const chunkIndex = view.getUint32(offset, false);
+    offset += 4;
+    const originalSize = view.getUint32(offset, false);
+    offset += 4;
+    const encryptedSize = view.getUint32(offset, false);
+    offset += 4;
+    const flags = view.getUint8(offset);
+    offset += 1;
+    // Read Ephemeral Public Key (33 bytes)
+    const ephemeralPublicKey = chunkData.slice(offset, offset + 33);
+    offset += 33;
+    offset = this.constants.HEADER_SIZE;
+    // Validate encryptedSize against chunk size
+    // We know it must be at least HEADER + IV + EncryptedSize (which includes tag)
+    const minChunkSize = this.constants.HEADER_SIZE + Constants.ECIES.IV_SIZE + encryptedSize;
+    if (chunkData.length < minChunkSize) {
+      throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_MultiRecipient_ChunkTooSmallForEncryptedSize));
+    }
+    // Find recipient header and decrypt symmetric key
+    let symmetricKey: Uint8Array | null = null;
+    let tempOffset = offset;
+    for (let i = 0; i < recipientCount; i++) {
+      // Check if we have enough data for recipient ID
+      if (tempOffset + this.recipientIdSize > chunkData.length) {
+        throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_MultiRecipient_ChunkTruncatedRecipientId));
+      }
+      const id = chunkData.slice(tempOffset, tempOffset + this.recipientIdSize);
+      tempOffset += this.recipientIdSize;
+      // Check if we have enough data for keySize field
+      if (tempOffset + this.constants.KEY_SIZE_BYTES > chunkData.length) {
+        throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_MultiRecipient_ChunkTruncatedKeySize));
+      }
+      const keySize = view.getUint16(tempOffset, false);
+      tempOffset += this.constants.KEY_SIZE_BYTES;
+      // Validate keySize (typical ECIES: 100-400 bytes)
+      if (keySize === 0 || keySize > 1000) {
+        throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_MultiRecipient_InvalidKeySizeTemplate, { size: keySize }));
+      }
+      // Check if we have enough data for the encrypted key
+      if (tempOffset + keySize > chunkData.length) {
+        throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_MultiRecipient_ChunkTruncatedEncryptedKey));
+      }
+      const encryptedKey = chunkData.slice(tempOffset, tempOffset + keySize);
+      tempOffset += keySize;
+      // Check if this is our recipient
+      if (this.arraysEqual(id, recipientId)) {
+        // Use Recipient ID as AAD for key decryption
+        symmetricKey = await this.ecies.decryptKey(privateKey, encryptedKey, ephemeralPublicKey, id);
+        // Don't break - need to skip all recipient headers
+      }
+    }
+    if (!symmetricKey) {
+      throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_MultiRecipient_RecipientNotFoundInChunk));
+    }
+    // Update offset to after all recipient headers
+    offset = tempOffset;
+    // Extract header bytes for AAD
+    const headerBytes = chunkData.slice(0, offset);
+    // Read IV
+    if (offset + Constants.ECIES.IV_SIZE > chunkData.length) {
+      throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_MultiRecipient_ChunkTooSmall));
+    }
+    const iv = chunkData.slice(offset, offset + Constants.ECIES.IV_SIZE);
+    offset += Constants.ECIES.IV_SIZE;
+    // Read encrypted data (includes auth tag)
+    if (offset + encryptedSize > chunkData.length) {
+      throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_MultiRecipient_ChunkTooSmall));
+    }
+    const encryptedWithTag = chunkData.slice(offset, offset + encryptedSize);
+    offset += encryptedSize;
+    // Decrypt with AAD
+    const decrypted = await AESGCMService.decrypt(
+      iv,
+      encryptedWithTag,
+      symmetricKey,
+      true,
+      Constants.ECIES,
+      headerBytes
+    );
+    // Verify signature if sender public key provided
+    let finalData = decrypted;
+    if (senderPublicKey) {
+      if (decrypted.length < 64) {
+        throw new Error('Decrypted chunk too short to contain signature');
+      }
+      const signature = decrypted.slice(0, 64);
+      const message = decrypted.slice(64);
+      const isValid = this.ecies.core.verify(senderPublicKey, message, signature);
+      if (!isValid) {
+        throw new Error('Invalid sender signature in chunk');
+      }
+      finalData = message;
+    }
+    return {
+      data: finalData,
+      header: {
+        magic,
+        version,
+        recipientCount,
+        chunkIndex,
+        originalSize,
+        encryptedSize,
+        flags,
+      },
+    };
+  }
+  private arraysEqual(a: Uint8Array, b: Uint8Array): boolean {
+    if (a.length !== b.length) return false;
+    // Constant-time comparison to prevent timing attacks
+    let diff = 0;
+    for (let i = 0; i < a.length; i++) {
+      diff |= a[i] ^ b[i];
+    }
+    return diff === 0;
+  }
+}

package/src/services/password-login.ts ADDED Viewed

@@ -0,0 +1,226 @@
+import { Wallet } from '@ethereumjs/wallet';
+import { EciesEncryptionTypeEnum } from '../enumerations/ecies-encryption-type';
+import { Pbkdf2ProfileEnum } from '../enumerations/pbkdf2-profile';
+import { SecureString } from '../secure-string';
+import { hexToUint8Array, uint8ArrayToHex } from '../utils';
+import { AESGCMService } from './aes-gcm';
+import { ECIESService } from './ecies/service';
+import { Pbkdf2Service } from './pbkdf2';
+import { EciesStringKey, PasswordLoginErrorTypeEnum } from '../enumerations';
+import { buildReasonMap, TranslatableGenericError, TypedHandleableError } from '@digitaldefiance/i18n-lib';
+import { IECIESConstants } from '../interfaces/ecies-consts';
+import { Constants } from '../constants';
+import { EciesComponentId } from '../i18n-setup';
+export class PasswordLoginService {
+  protected readonly eciesService: ECIESService;
+  protected readonly pbkdf2Service: Pbkdf2Service;
+  protected readonly eciesConsts: IECIESConstants;
+  public static readonly privateKeyStorageKey = 'encryptedPrivateKey';
+  public static readonly saltStorageKey = 'passwordLoginSalt';
+  public static readonly encryptedMnemonicStorageKey = 'encryptedMnemonic';
+  public static readonly profileStorageKey = 'pbkdf2Profile';
+  constructor(eciesService: ECIESService, pbkdf2Service: Pbkdf2Service, eciesParams: IECIESConstants = Constants.ECIES) {
+    this.eciesService = eciesService;
+    this.pbkdf2Service = pbkdf2Service;
+    this.eciesConsts = eciesParams;
+  }
+  public async createPasswordLoginBundle(
+    mnemonic: SecureString,
+    password: SecureString,
+    profile: Pbkdf2ProfileEnum = Pbkdf2ProfileEnum.BROWSER_PASSWORD,
+  ): Promise<{
+    salt: Uint8Array;
+    encryptedPrivateKey: Uint8Array;
+    encryptedMnemonic: Uint8Array;
+    wallet: Wallet;
+  }> {
+    const { wallet } = this.eciesService.walletAndSeedFromMnemonic(mnemonic);
+    const derivedKey =
+      await this.pbkdf2Service.deriveKeyFromPasswordWithProfileAsync(
+        password.valueAsUint8Array,
+        profile,
+      );
+    // Encrypt private key with derived key
+    const privateKeyBytes = wallet.getPrivateKey();
+    const { encrypted, iv, tag } = await AESGCMService.encrypt(
+      privateKeyBytes,
+      derivedKey.hash,
+      true,
+    );
+    if (!tag) {
+      throw new TranslatableGenericError(EciesComponentId, EciesStringKey.Error_Utils_EncryptionFailedNoAuthTag);
+    }
+    const encryptedPrivateKey = AESGCMService.combineIvTagAndEncryptedData(
+      iv,
+      encrypted,
+      tag,
+    );
+    // now use the public key to encrypt the mnemonic and store it
+    const encryptedMnemonic = await this.eciesService.encrypt(
+      EciesEncryptionTypeEnum.Simple,
+      wallet.getPublicKey(),
+      mnemonic.valueAsUint8Array,
+    );
+    return {
+      salt: derivedKey.salt,
+      encryptedPrivateKey: encryptedPrivateKey,
+      encryptedMnemonic: encryptedMnemonic,
+      wallet,
+    };
+  }
+  /**
+   * Set up password login by deriving a key from the password and using it to encrypt
+   * @param mnemonic The user's mnemonic
+   * @param password The user's password
+   */
+  public async setupPasswordLoginLocalStorageBundle(
+    mnemonic: SecureString,
+    password: SecureString,
+    profile: Pbkdf2ProfileEnum = Pbkdf2ProfileEnum.BROWSER_PASSWORD,
+  ): Promise<Wallet> {
+    const { salt, encryptedPrivateKey, encryptedMnemonic, wallet } =
+      await this.createPasswordLoginBundle(mnemonic, password, profile);
+    // store the salt and encrypted private key in local storage
+    try {
+      localStorage.setItem(
+        PasswordLoginService.saltStorageKey,
+        uint8ArrayToHex(salt),
+      );
+      localStorage.setItem(
+        PasswordLoginService.privateKeyStorageKey,
+        uint8ArrayToHex(encryptedPrivateKey),
+      );
+      localStorage.setItem(
+        PasswordLoginService.encryptedMnemonicStorageKey,
+        uint8ArrayToHex(encryptedMnemonic),
+      );
+      localStorage.setItem(
+        PasswordLoginService.profileStorageKey,
+        profile,
+      );
+    } catch (error) {
+      throw new TypedHandleableError<typeof PasswordLoginErrorTypeEnum, EciesStringKey>(EciesComponentId, PasswordLoginErrorTypeEnum.FailedToStoreLoginData, buildReasonMap<typeof PasswordLoginErrorTypeEnum, EciesStringKey>(PasswordLoginErrorTypeEnum, ['Error', 'PasswordLoginError']), new Error(), { cause: error instanceof Error ? error : undefined });
+    }
+    return wallet;
+  }
+  public async getWalletAndMnemonicFromEncryptedPasswordBundle(
+    salt: Uint8Array,
+    encryptedPrivateKey: Uint8Array,
+    encryptedMnemonic: Uint8Array,
+    password: SecureString,
+    profile: Pbkdf2ProfileEnum = Pbkdf2ProfileEnum.BROWSER_PASSWORD,
+  ): Promise<{ wallet: Wallet; mnemonic: SecureString }> {
+    if (!salt || !encryptedPrivateKey || !encryptedMnemonic) {
+     throw new TypedHandleableError<typeof PasswordLoginErrorTypeEnum, EciesStringKey>(EciesComponentId, PasswordLoginErrorTypeEnum.PasswordLoginNotSetUp, buildReasonMap<typeof PasswordLoginErrorTypeEnum, EciesStringKey>(PasswordLoginErrorTypeEnum, ['Error', 'PasswordLoginError']), new Error());
+    }
+    const derivedKey =
+      await this.pbkdf2Service.deriveKeyFromPasswordWithProfileAsync(
+        password.valueAsUint8Array,
+        profile,
+        salt,
+      );
+    // Decrypt private key with derived key
+    const { iv, encryptedDataWithTag } = AESGCMService.splitEncryptedData(
+      encryptedPrivateKey,
+      true,
+      this.eciesConsts,
+    );
+    const privateKeyBytes = await AESGCMService.decrypt(
+      iv,
+      encryptedDataWithTag,
+      derivedKey.hash,
+      true,
+      this.eciesConsts,
+    );
+    const wallet = Wallet.fromPrivateKey(privateKeyBytes);
+    // now decrypt the mnemonic
+    const decryptedMnemonic =
+      await this.eciesService.decryptSimpleOrSingleWithHeader(
+        true,
+        wallet.getPrivateKey(),
+        encryptedMnemonic,
+      );
+    return { wallet, mnemonic: new SecureString(decryptedMnemonic) };
+  }
+  /**
+   * Recover wallet and mnemonic from password
+   * @param password The user's password
+   * @returns The user's wallet and mnemonic
+   */
+  public async getWalletAndMnemonicFromLocalStorageBundle(
+    password: SecureString,
+  ): Promise<{ wallet: Wallet; mnemonic: SecureString }> {
+    const saltHex = localStorage.getItem(PasswordLoginService.saltStorageKey);
+    const encryptedPrivateKeyHex = localStorage.getItem(
+      PasswordLoginService.privateKeyStorageKey,
+    );
+    const encryptedMnemonicHex = localStorage.getItem(
+      PasswordLoginService.encryptedMnemonicStorageKey,
+    );
+    const profileStr = localStorage.getItem(PasswordLoginService.profileStorageKey);
+    if (
+      !saltHex ||
+      !encryptedPrivateKeyHex ||
+      !encryptedMnemonicHex ||
+      saltHex === '' ||
+      encryptedPrivateKeyHex === '' ||
+      encryptedMnemonicHex === ''
+    ) {
+      throw new TypedHandleableError<typeof PasswordLoginErrorTypeEnum, EciesStringKey>(EciesComponentId, PasswordLoginErrorTypeEnum.PasswordLoginNotSetUp, buildReasonMap<typeof PasswordLoginErrorTypeEnum, EciesStringKey>(PasswordLoginErrorTypeEnum, ['Error', 'PasswordLoginError']), new Error());
+    }
+    const salt = hexToUint8Array(saltHex);
+    const encryptedPrivateKey = hexToUint8Array(encryptedPrivateKeyHex);
+    const encryptedMnemonic = hexToUint8Array(encryptedMnemonicHex);
+    const profile = (profileStr as Pbkdf2ProfileEnum) || Pbkdf2ProfileEnum.BROWSER_PASSWORD;
+    return await this.getWalletAndMnemonicFromEncryptedPasswordBundle(
+      salt,
+      encryptedPrivateKey,
+      encryptedMnemonic,
+      password,
+      profile,
+    );
+  }
+  /**
+   *
+   * @returns True if password login is set up (i.e. salt and encrypted private key are in local storage)
+   */
+  public static isPasswordLoginSetup(): boolean {
+    const saltHex = localStorage.getItem(PasswordLoginService.saltStorageKey);
+    const encryptedPrivateKeyHex = localStorage.getItem(
+      PasswordLoginService.privateKeyStorageKey,
+    );
+    const encryptedMnemonicHex = localStorage.getItem(
+      PasswordLoginService.encryptedMnemonicStorageKey,
+    );
+    return !!(
+      saltHex &&
+      encryptedPrivateKeyHex &&
+      encryptedMnemonicHex &&
+      saltHex !== '' &&
+      encryptedPrivateKeyHex !== '' &&
+      encryptedMnemonicHex !== ''
+    );
+  }
+}