npm - @digitaldefiance/ecies-lib - Versions diffs - 4.4.2 → 4.4.4 - Mend

@digitaldefiance/ecies-lib 4.4.2 → 4.4.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (589) hide show

package/LICENSE +21 -0
package/package.json +9 -6
package/src/builders/ecies-builder.ts +39 -0
package/src/builders/{index.js → index.ts} +1 -1
package/src/builders/member-builder.ts +155 -0
package/src/constants.ts +609 -0
package/src/core/errors/crypto-error.ts +78 -0
package/src/core/{index.js → index.ts} +1 -1
package/src/core/types/result.ts +19 -0
package/src/email-string.ts +82 -0
package/src/enumerations/disposed-error-type.ts +11 -0
package/src/enumerations/ecies-cipher-suite.ts +4 -0
package/src/enumerations/ecies-encryption-type.ts +41 -0
package/src/enumerations/ecies-error-type.ts +43 -0
package/src/enumerations/ecies-string-key.ts +205 -0
package/src/enumerations/ecies-version.ts +3 -0
package/src/enumerations/guid-brand-type.ts +26 -0
package/src/enumerations/guid-error-type.ts +6 -0
package/src/enumerations/id-provider-error-type.ts +50 -0
package/src/enumerations/{index.js → index.ts} +0 -1
package/src/enumerations/invalid-email-type.ts +5 -0
package/src/enumerations/length-encoding-type.ts +6 -0
package/src/enumerations/length-error-type.ts +5 -0
package/src/enumerations/member-error-type.ts +106 -0
package/src/enumerations/{member-type.d.ts → member-type.ts} +7 -6
package/src/enumerations/password-login-error-type.ts +4 -0
package/src/enumerations/pbkdf2-error-type.ts +5 -0
package/src/enumerations/pbkdf2-profile.ts +5 -0
package/src/enumerations/secure-storage-error-type.ts +5 -0
package/src/errors/disposed.ts +36 -0
package/src/errors/ecies.ts +153 -0
package/src/errors/guid.ts +130 -0
package/src/errors/id-provider.ts +40 -0
package/src/errors/{index.d.ts → index.ts} +0 -1
package/src/errors/invalid-email.ts +23 -0
package/src/errors/length.ts +19 -0
package/src/errors/member.ts +20 -0
package/src/errors/pbkdf2.ts +20 -0
package/src/errors/secure-storage.ts +17 -0
package/src/errors/simple-ecies.ts +21 -0
package/src/errors/simple-test-error.ts +6 -0
package/src/i18n-setup.ts +130 -0
package/src/{index.js → index.ts} +64 -7
package/src/interfaces/checksum-config.ts +4 -0
package/src/interfaces/checksum-consts.ts +13 -0
package/src/interfaces/configuration-provenance.ts +54 -0
package/src/interfaces/constants.ts +75 -0
package/src/interfaces/ecies-config.ts +8 -0
package/src/interfaces/ecies-consts.ts +74 -0
package/src/interfaces/ecies-file-service.ts +6 -0
package/src/interfaces/encrypted-chunk.ts +64 -0
package/src/interfaces/encryption-state.ts +19 -0
package/src/interfaces/frontend-member-operational.ts +77 -0
package/src/interfaces/guid.ts +86 -0
package/src/interfaces/id-provider.ts +152 -0
package/src/interfaces/{index.d.ts → index.ts} +0 -1
package/src/interfaces/invariant.ts +60 -0
package/src/interfaces/library-error.ts +23 -0
package/src/interfaces/{member-storage.d.ts → member-storage.ts} +11 -10
package/src/interfaces/{member-with-mnemonic.d.ts → member-with-mnemonic.ts} +3 -3
package/src/interfaces/member.ts +84 -0
package/src/interfaces/multi-recipient-chunk.ts +61 -0
package/src/interfaces/pbkdf2-config.ts +6 -0
package/src/interfaces/pbkdf2-consts.ts +10 -0
package/src/interfaces/pbkdf2-result.ts +5 -0
package/src/interfaces/stream-config.ts +17 -0
package/src/interfaces/stream-header.ts +34 -0
package/src/interfaces/stream-progress.ts +31 -0
package/src/lib/configuration-provenance-utils.ts +26 -0
package/src/lib/crypto-container.ts +64 -0
package/src/lib/guid.ts +1097 -0
package/src/lib/id-providers/custom-provider.ts +109 -0
package/src/lib/id-providers/guidv4-provider.ts +141 -0
package/src/lib/id-providers/{index.d.ts → index.ts} +6 -5
package/src/lib/id-providers/objectid-provider.ts +125 -0
package/src/lib/id-providers/uuid-provider.ts +133 -0
package/src/lib/{index.js → index.ts} +2 -2
package/src/lib/invariant-validator.ts +133 -0
package/src/lib/invariants/encryption-algorithm-consistency.ts +73 -0
package/src/lib/invariants/{index.js → index.ts} +0 -1
package/src/lib/invariants/pbkdf2-profiles-validity.ts +78 -0
package/src/lib/invariants/recipient-id-consistency.ts +46 -0
package/src/lib/multi-recipient-chunk-utils.ts +63 -0
package/src/member.ts +495 -0
package/src/{pbkdf2-profiles.d.ts → pbkdf2-profiles.ts} +2 -2
package/src/phone-number.ts +18 -0
package/src/regexes.ts +10 -0
package/src/secure-buffer.ts +226 -0
package/src/secure-string.ts +244 -0
package/src/services/aes-gcm.ts +220 -0
package/src/services/chunk-processor.ts +188 -0
package/src/services/ecies/README.md +147 -0
package/src/services/ecies/crypto-core.ts +292 -0
package/src/services/ecies/example.ts +185 -0
package/src/services/ecies/file.ts +167 -0
package/src/services/ecies/{index.js → index.ts} +2 -1
package/src/services/ecies/integration.ts +241 -0
package/src/services/ecies/interfaces.ts +62 -0
package/src/services/ecies/manual-test.ts +219 -0
package/src/services/ecies/multi-recipient.ts +545 -0
package/src/services/ecies/service.ts +370 -0
package/src/services/ecies/signature.ts +93 -0
package/src/services/ecies/single-recipient.ts +476 -0
package/src/services/encryption-stream.ts +435 -0
package/src/services/{index.js → index.ts} +0 -1
package/src/services/multi-recipient-processor.ts +377 -0
package/src/services/password-login.ts +226 -0
package/src/services/pbkdf2.ts +169 -0
package/src/services/progress-tracker.ts +128 -0
package/src/services/resumable-encryption.ts +135 -0
package/src/services/xor.ts +65 -0
package/src/test-mocks/index.ts +1 -0
package/src/test-mocks/mock-frontend-member.ts +276 -0
package/src/{testing.js → testing.ts} +0 -1
package/src/translations/{de.js → de.ts} +112 -56
package/src/translations/{en-US.js → en-US.ts} +116 -58
package/src/translations/{es.js → es.ts} +134 -67
package/src/translations/{fr.js → fr.ts} +129 -64
package/src/translations/{ja.js → ja.ts} +111 -55
package/src/translations/{uk.js → uk.ts} +132 -67
package/src/translations/{zh-cn.js → zh-cn.ts} +60 -29
package/src/types/deep-partial.ts +11 -0
package/src/{types.d.ts → types.ts} +15 -7
package/src/utils/encryption-type-utils.ts +76 -0
package/src/utils.ts +329 -0
package/src/builders/ecies-builder.d.ts +0 -18
package/src/builders/ecies-builder.d.ts.map +0 -1
package/src/builders/ecies-builder.js +0 -30
package/src/builders/ecies-builder.js.map +0 -1
package/src/builders/index.d.ts +0 -6
package/src/builders/index.d.ts.map +0 -1
package/src/builders/index.js.map +0 -1
package/src/builders/member-builder.d.ts +0 -51
package/src/builders/member-builder.d.ts.map +0 -1
package/src/builders/member-builder.js +0 -97
package/src/builders/member-builder.js.map +0 -1
package/src/constants.d.ts +0 -60
package/src/constants.d.ts.map +0 -1
package/src/constants.js +0 -446
package/src/constants.js.map +0 -1
package/src/core/errors/crypto-error.d.ts +0 -34
package/src/core/errors/crypto-error.d.ts.map +0 -1
package/src/core/errors/crypto-error.js +0 -56
package/src/core/errors/crypto-error.js.map +0 -1
package/src/core/index.d.ts +0 -6
package/src/core/index.d.ts.map +0 -1
package/src/core/index.js.map +0 -1
package/src/core/types/result.d.ts +0 -16
package/src/core/types/result.d.ts.map +0 -1
package/src/core/types/result.js +0 -12
package/src/core/types/result.js.map +0 -1
package/src/email-string.d.ts +0 -42
package/src/email-string.d.ts.map +0 -1
package/src/email-string.js +0 -67
package/src/email-string.js.map +0 -1
package/src/enumerations/disposed-error-type.d.ts +0 -12
package/src/enumerations/disposed-error-type.d.ts.map +0 -1
package/src/enumerations/disposed-error-type.js +0 -13
package/src/enumerations/disposed-error-type.js.map +0 -1
package/src/enumerations/ecies-cipher-suite.d.ts +0 -4
package/src/enumerations/ecies-cipher-suite.d.ts.map +0 -1
package/src/enumerations/ecies-cipher-suite.js +0 -6
package/src/enumerations/ecies-cipher-suite.js.map +0 -1
package/src/enumerations/ecies-encryption-type.d.ts +0 -11
package/src/enumerations/ecies-encryption-type.d.ts.map +0 -1
package/src/enumerations/ecies-encryption-type.js +0 -27
package/src/enumerations/ecies-encryption-type.js.map +0 -1
package/src/enumerations/ecies-error-type.d.ts +0 -44
package/src/enumerations/ecies-error-type.d.ts.map +0 -1
package/src/enumerations/ecies-error-type.js +0 -45
package/src/enumerations/ecies-error-type.js.map +0 -1
package/src/enumerations/ecies-string-key.d.ts +0 -192
package/src/enumerations/ecies-string-key.d.ts.map +0 -1
package/src/enumerations/ecies-string-key.js +0 -199
package/src/enumerations/ecies-string-key.js.map +0 -1
package/src/enumerations/ecies-version.d.ts +0 -4
package/src/enumerations/ecies-version.d.ts.map +0 -1
package/src/enumerations/ecies-version.js +0 -5
package/src/enumerations/ecies-version.js.map +0 -1
package/src/enumerations/guid-brand-type.d.ts +0 -27
package/src/enumerations/guid-brand-type.d.ts.map +0 -1
package/src/enumerations/guid-brand-type.js +0 -28
package/src/enumerations/guid-brand-type.js.map +0 -1
package/src/enumerations/guid-error-type.d.ts +0 -7
package/src/enumerations/guid-error-type.d.ts.map +0 -1
package/src/enumerations/guid-error-type.js +0 -8
package/src/enumerations/guid-error-type.js.map +0 -1
package/src/enumerations/id-provider-error-type.d.ts +0 -43
package/src/enumerations/id-provider-error-type.d.ts.map +0 -1
package/src/enumerations/id-provider-error-type.js +0 -44
package/src/enumerations/id-provider-error-type.js.map +0 -1
package/src/enumerations/index.d.ts +0 -18
package/src/enumerations/index.d.ts.map +0 -1
package/src/enumerations/index.js.map +0 -1
package/src/enumerations/invalid-email-type.d.ts +0 -6
package/src/enumerations/invalid-email-type.d.ts.map +0 -1
package/src/enumerations/invalid-email-type.js +0 -7
package/src/enumerations/invalid-email-type.js.map +0 -1
package/src/enumerations/length-encoding-type.d.ts +0 -7
package/src/enumerations/length-encoding-type.d.ts.map +0 -1
package/src/enumerations/length-encoding-type.js +0 -8
package/src/enumerations/length-encoding-type.js.map +0 -1
package/src/enumerations/length-error-type.d.ts +0 -6
package/src/enumerations/length-error-type.d.ts.map +0 -1
package/src/enumerations/length-error-type.js +0 -7
package/src/enumerations/length-error-type.js.map +0 -1
package/src/enumerations/member-error-type.d.ts +0 -87
package/src/enumerations/member-error-type.d.ts.map +0 -1
package/src/enumerations/member-error-type.js +0 -88
package/src/enumerations/member-error-type.js.map +0 -1
package/src/enumerations/member-type.d.ts.map +0 -1
package/src/enumerations/member-type.js +0 -16
package/src/enumerations/member-type.js.map +0 -1
package/src/enumerations/password-login-error-type.d.ts +0 -5
package/src/enumerations/password-login-error-type.d.ts.map +0 -1
package/src/enumerations/password-login-error-type.js +0 -6
package/src/enumerations/password-login-error-type.js.map +0 -1
package/src/enumerations/pbkdf2-error-type.d.ts +0 -6
package/src/enumerations/pbkdf2-error-type.d.ts.map +0 -1
package/src/enumerations/pbkdf2-error-type.js +0 -7
package/src/enumerations/pbkdf2-error-type.js.map +0 -1
package/src/enumerations/pbkdf2-profile.d.ts +0 -6
package/src/enumerations/pbkdf2-profile.d.ts.map +0 -1
package/src/enumerations/pbkdf2-profile.js +0 -7
package/src/enumerations/pbkdf2-profile.js.map +0 -1
package/src/enumerations/secure-storage-error-type.d.ts +0 -6
package/src/enumerations/secure-storage-error-type.d.ts.map +0 -1
package/src/enumerations/secure-storage-error-type.js +0 -7
package/src/enumerations/secure-storage-error-type.js.map +0 -1
package/src/errors/disposed.d.ts +0 -22
package/src/errors/disposed.d.ts.map +0 -1
package/src/errors/disposed.js +0 -28
package/src/errors/disposed.js.map +0 -1
package/src/errors/ecies.d.ts +0 -52
package/src/errors/ecies.d.ts.map +0 -1
package/src/errors/ecies.js +0 -78
package/src/errors/ecies.js.map +0 -1
package/src/errors/guid.d.ts +0 -49
package/src/errors/guid.d.ts.map +0 -1
package/src/errors/guid.js +0 -96
package/src/errors/guid.js.map +0 -1
package/src/errors/id-provider.d.ts +0 -23
package/src/errors/id-provider.d.ts.map +0 -1
package/src/errors/id-provider.js +0 -29
package/src/errors/id-provider.js.map +0 -1
package/src/errors/index.d.ts.map +0 -1
package/src/errors/index.js +0 -10
package/src/errors/index.js.map +0 -1
package/src/errors/invalid-email.d.ts +0 -8
package/src/errors/invalid-email.d.ts.map +0 -1
package/src/errors/invalid-email.js +0 -15
package/src/errors/invalid-email.js.map +0 -1
package/src/errors/length.d.ts +0 -7
package/src/errors/length.d.ts.map +0 -1
package/src/errors/length.js +0 -11
package/src/errors/length.js.map +0 -1
package/src/errors/member.d.ts +0 -7
package/src/errors/member.d.ts.map +0 -1
package/src/errors/member.js +0 -11
package/src/errors/member.js.map +0 -1
package/src/errors/pbkdf2.d.ts +0 -7
package/src/errors/pbkdf2.d.ts.map +0 -1
package/src/errors/pbkdf2.js +0 -11
package/src/errors/pbkdf2.js.map +0 -1
package/src/errors/secure-storage.d.ts +0 -7
package/src/errors/secure-storage.d.ts.map +0 -1
package/src/errors/secure-storage.js +0 -12
package/src/errors/secure-storage.js.map +0 -1
package/src/errors/simple-ecies.d.ts +0 -6
package/src/errors/simple-ecies.d.ts.map +0 -1
package/src/errors/simple-ecies.js +0 -12
package/src/errors/simple-ecies.js.map +0 -1
package/src/errors/simple-test-error.d.ts +0 -4
package/src/errors/simple-test-error.d.ts.map +0 -1
package/src/errors/simple-test-error.js +0 -7
package/src/errors/simple-test-error.js.map +0 -1
package/src/i18n-setup.d.ts +0 -32
package/src/i18n-setup.d.ts.map +0 -1
package/src/i18n-setup.js +0 -101
package/src/i18n-setup.js.map +0 -1
package/src/index.d.ts +0 -80
package/src/index.d.ts.map +0 -1
package/src/index.js.map +0 -1
package/src/interfaces/checksum-config.d.ts +0 -5
package/src/interfaces/checksum-config.d.ts.map +0 -1
package/src/interfaces/checksum-config.js +0 -2
package/src/interfaces/checksum-config.js.map +0 -1
package/src/interfaces/checksum-consts.d.ts +0 -11
package/src/interfaces/checksum-consts.d.ts.map +0 -1
package/src/interfaces/checksum-consts.js +0 -2
package/src/interfaces/checksum-consts.js.map +0 -1
package/src/interfaces/configuration-provenance.d.ts +0 -43
package/src/interfaces/configuration-provenance.d.ts.map +0 -1
package/src/interfaces/configuration-provenance.js +0 -3
package/src/interfaces/configuration-provenance.js.map +0 -1
package/src/interfaces/constants.d.ts +0 -70
package/src/interfaces/constants.d.ts.map +0 -1
package/src/interfaces/constants.js +0 -2
package/src/interfaces/constants.js.map +0 -1
package/src/interfaces/ecies-config.d.ts +0 -9
package/src/interfaces/ecies-config.d.ts.map +0 -1
package/src/interfaces/ecies-config.js +0 -2
package/src/interfaces/ecies-config.js.map +0 -1
package/src/interfaces/ecies-consts.d.ts +0 -61
package/src/interfaces/ecies-consts.d.ts.map +0 -1
package/src/interfaces/ecies-consts.js +0 -2
package/src/interfaces/ecies-consts.js.map +0 -1
package/src/interfaces/ecies-file-service.d.ts +0 -7
package/src/interfaces/ecies-file-service.d.ts.map +0 -1
package/src/interfaces/ecies-file-service.js +0 -2
package/src/interfaces/ecies-file-service.js.map +0 -1
package/src/interfaces/encrypted-chunk.d.ts +0 -55
package/src/interfaces/encrypted-chunk.d.ts.map +0 -1
package/src/interfaces/encrypted-chunk.js +0 -12
package/src/interfaces/encrypted-chunk.js.map +0 -1
package/src/interfaces/encryption-state.d.ts +0 -18
package/src/interfaces/encryption-state.d.ts.map +0 -1
package/src/interfaces/encryption-state.js +0 -2
package/src/interfaces/encryption-state.js.map +0 -1
package/src/interfaces/frontend-member-operational.d.ts +0 -51
package/src/interfaces/frontend-member-operational.d.ts.map +0 -1
package/src/interfaces/frontend-member-operational.js +0 -2
package/src/interfaces/frontend-member-operational.js.map +0 -1
package/src/interfaces/guid.d.ts +0 -78
package/src/interfaces/guid.d.ts.map +0 -1
package/src/interfaces/guid.js +0 -2
package/src/interfaces/guid.js.map +0 -1
package/src/interfaces/id-provider.d.ts +0 -107
package/src/interfaces/id-provider.d.ts.map +0 -1
package/src/interfaces/id-provider.js +0 -52
package/src/interfaces/id-provider.js.map +0 -1
package/src/interfaces/index.d.ts.map +0 -1
package/src/interfaces/index.js +0 -13
package/src/interfaces/index.js.map +0 -1
package/src/interfaces/invariant.d.ts +0 -46
package/src/interfaces/invariant.d.ts.map +0 -1
package/src/interfaces/invariant.js +0 -18
package/src/interfaces/invariant.js.map +0 -1
package/src/interfaces/library-error.d.ts +0 -23
package/src/interfaces/library-error.d.ts.map +0 -1
package/src/interfaces/library-error.js +0 -2
package/src/interfaces/library-error.js.map +0 -1
package/src/interfaces/member-storage.d.ts.map +0 -1
package/src/interfaces/member-storage.js +0 -2
package/src/interfaces/member-storage.js.map +0 -1
package/src/interfaces/member-with-mnemonic.d.ts.map +0 -1
package/src/interfaces/member-with-mnemonic.js +0 -2
package/src/interfaces/member-with-mnemonic.js.map +0 -1
package/src/interfaces/member.d.ts +0 -55
package/src/interfaces/member.d.ts.map +0 -1
package/src/interfaces/member.js +0 -2
package/src/interfaces/member.js.map +0 -1
package/src/interfaces/multi-recipient-chunk.d.ts +0 -54
package/src/interfaces/multi-recipient-chunk.d.ts.map +0 -1
package/src/interfaces/multi-recipient-chunk.js +0 -11
package/src/interfaces/multi-recipient-chunk.js.map +0 -1
package/src/interfaces/pbkdf2-config.d.ts +0 -7
package/src/interfaces/pbkdf2-config.d.ts.map +0 -1
package/src/interfaces/pbkdf2-config.js +0 -2
package/src/interfaces/pbkdf2-config.js.map +0 -1
package/src/interfaces/pbkdf2-consts.d.ts +0 -9
package/src/interfaces/pbkdf2-consts.d.ts.map +0 -1
package/src/interfaces/pbkdf2-consts.js +0 -2
package/src/interfaces/pbkdf2-consts.js.map +0 -1
package/src/interfaces/pbkdf2-result.d.ts +0 -6
package/src/interfaces/pbkdf2-result.d.ts.map +0 -1
package/src/interfaces/pbkdf2-result.js +0 -2
package/src/interfaces/pbkdf2-result.js.map +0 -1
package/src/interfaces/stream-config.d.ts +0 -14
package/src/interfaces/stream-config.d.ts.map +0 -1
package/src/interfaces/stream-config.js +0 -8
package/src/interfaces/stream-config.js.map +0 -1
package/src/interfaces/stream-header.d.ts +0 -29
package/src/interfaces/stream-header.d.ts.map +0 -1
package/src/interfaces/stream-header.js +0 -9
package/src/interfaces/stream-header.js.map +0 -1
package/src/interfaces/stream-progress.d.ts +0 -33
package/src/interfaces/stream-progress.d.ts.map +0 -1
package/src/interfaces/stream-progress.js +0 -2
package/src/interfaces/stream-progress.js.map +0 -1
package/src/lib/configuration-provenance-utils.d.ts +0 -11
package/src/lib/configuration-provenance-utils.d.ts.map +0 -1
package/src/lib/configuration-provenance-utils.js +0 -23
package/src/lib/configuration-provenance-utils.js.map +0 -1
package/src/lib/crypto-container.d.ts +0 -25
package/src/lib/crypto-container.d.ts.map +0 -1
package/src/lib/crypto-container.js +0 -46
package/src/lib/crypto-container.js.map +0 -1
package/src/lib/guid.d.ts +0 -344
package/src/lib/guid.d.ts.map +0 -1
package/src/lib/guid.js +0 -914
package/src/lib/guid.js.map +0 -1
package/src/lib/id-providers/custom-provider.d.ts +0 -46
package/src/lib/id-providers/custom-provider.d.ts.map +0 -1
package/src/lib/id-providers/custom-provider.js +0 -85
package/src/lib/id-providers/custom-provider.js.map +0 -1
package/src/lib/id-providers/guidv4-provider.d.ts +0 -56
package/src/lib/id-providers/guidv4-provider.d.ts.map +0 -1
package/src/lib/id-providers/guidv4-provider.js +0 -122
package/src/lib/id-providers/guidv4-provider.js.map +0 -1
package/src/lib/id-providers/index.d.ts.map +0 -1
package/src/lib/id-providers/index.js +0 -29
package/src/lib/id-providers/index.js.map +0 -1
package/src/lib/id-providers/objectid-provider.d.ts +0 -43
package/src/lib/id-providers/objectid-provider.d.ts.map +0 -1
package/src/lib/id-providers/objectid-provider.js +0 -104
package/src/lib/id-providers/objectid-provider.js.map +0 -1
package/src/lib/id-providers/uuid-provider.d.ts +0 -52
package/src/lib/id-providers/uuid-provider.d.ts.map +0 -1
package/src/lib/id-providers/uuid-provider.js +0 -110
package/src/lib/id-providers/uuid-provider.js.map +0 -1
package/src/lib/index.d.ts +0 -6
package/src/lib/index.d.ts.map +0 -1
package/src/lib/index.js.map +0 -1
package/src/lib/invariant-validator.d.ts +0 -59
package/src/lib/invariant-validator.d.ts.map +0 -1
package/src/lib/invariant-validator.js +0 -97
package/src/lib/invariant-validator.js.map +0 -1
package/src/lib/invariants/encryption-algorithm-consistency.d.ts +0 -17
package/src/lib/invariants/encryption-algorithm-consistency.d.ts.map +0 -1
package/src/lib/invariants/encryption-algorithm-consistency.js +0 -49
package/src/lib/invariants/encryption-algorithm-consistency.js.map +0 -1
package/src/lib/invariants/index.d.ts +0 -4
package/src/lib/invariants/index.d.ts.map +0 -1
package/src/lib/invariants/index.js.map +0 -1
package/src/lib/invariants/pbkdf2-profiles-validity.d.ts +0 -16
package/src/lib/invariants/pbkdf2-profiles-validity.d.ts.map +0 -1
package/src/lib/invariants/pbkdf2-profiles-validity.js +0 -58
package/src/lib/invariants/pbkdf2-profiles-validity.js.map +0 -1
package/src/lib/invariants/recipient-id-consistency.d.ts +0 -18
package/src/lib/invariants/recipient-id-consistency.d.ts.map +0 -1
package/src/lib/invariants/recipient-id-consistency.js +0 -31
package/src/lib/invariants/recipient-id-consistency.js.map +0 -1
package/src/lib/multi-recipient-chunk-utils.d.ts +0 -38
package/src/lib/multi-recipient-chunk-utils.d.ts.map +0 -1
package/src/lib/multi-recipient-chunk-utils.js +0 -41
package/src/lib/multi-recipient-chunk-utils.js.map +0 -1
package/src/member.d.ts +0 -92
package/src/member.d.ts.map +0 -1
package/src/member.js +0 -322
package/src/member.js.map +0 -1
package/src/pbkdf2-profiles.d.ts.map +0 -1
package/src/pbkdf2-profiles.js +0 -2
package/src/pbkdf2-profiles.js.map +0 -1
package/src/phone-number.d.ts +0 -6
package/src/phone-number.d.ts.map +0 -1
package/src/phone-number.js +0 -18
package/src/phone-number.js.map +0 -1
package/src/regexes.d.ts +0 -7
package/src/regexes.d.ts.map +0 -1
package/src/regexes.js +0 -7
package/src/regexes.js.map +0 -1
package/src/secure-buffer.d.ts +0 -61
package/src/secure-buffer.d.ts.map +0 -1
package/src/secure-buffer.js +0 -201
package/src/secure-buffer.js.map +0 -1
package/src/secure-string.d.ts +0 -46
package/src/secure-string.d.ts.map +0 -1
package/src/secure-string.js +0 -206
package/src/secure-string.js.map +0 -1
package/src/services/aes-gcm.d.ts +0 -57
package/src/services/aes-gcm.d.ts.map +0 -1
package/src/services/aes-gcm.js +0 -142
package/src/services/aes-gcm.js.map +0 -1
package/src/services/chunk-processor.d.ts +0 -31
package/src/services/chunk-processor.d.ts.map +0 -1
package/src/services/chunk-processor.js +0 -145
package/src/services/chunk-processor.js.map +0 -1
package/src/services/ecies/crypto-core.d.ts +0 -72
package/src/services/ecies/crypto-core.d.ts.map +0 -1
package/src/services/ecies/crypto-core.js +0 -205
package/src/services/ecies/crypto-core.js.map +0 -1
package/src/services/ecies/example.d.ts +0 -25
package/src/services/ecies/example.d.ts.map +0 -1
package/src/services/ecies/example.js +0 -121
package/src/services/ecies/example.js.map +0 -1
package/src/services/ecies/file.d.ts +0 -18
package/src/services/ecies/file.d.ts.map +0 -1
package/src/services/ecies/file.js +0 -106
package/src/services/ecies/file.js.map +0 -1
package/src/services/ecies/index.d.ts +0 -38
package/src/services/ecies/index.d.ts.map +0 -1
package/src/services/ecies/index.js.map +0 -1
package/src/services/ecies/integration.d.ts +0 -59
package/src/services/ecies/integration.d.ts.map +0 -1
package/src/services/ecies/integration.js +0 -167
package/src/services/ecies/integration.js.map +0 -1
package/src/services/ecies/interfaces.d.ts +0 -54
package/src/services/ecies/interfaces.d.ts.map +0 -1
package/src/services/ecies/interfaces.js +0 -5
package/src/services/ecies/interfaces.js.map +0 -1
package/src/services/ecies/manual-test.d.ts +0 -29
package/src/services/ecies/manual-test.d.ts.map +0 -1
package/src/services/ecies/manual-test.js +0 -163
package/src/services/ecies/manual-test.js.map +0 -1
package/src/services/ecies/multi-recipient.d.ts +0 -56
package/src/services/ecies/multi-recipient.d.ts.map +0 -1
package/src/services/ecies/multi-recipient.js +0 -344
package/src/services/ecies/multi-recipient.js.map +0 -1
package/src/services/ecies/service.d.ts +0 -120
package/src/services/ecies/service.d.ts.map +0 -1
package/src/services/ecies/service.js +0 -210
package/src/services/ecies/service.js.map +0 -1
package/src/services/ecies/signature.d.ts +0 -27
package/src/services/ecies/signature.d.ts.map +0 -1
package/src/services/ecies/signature.js +0 -72
package/src/services/ecies/signature.js.map +0 -1
package/src/services/ecies/single-recipient.d.ts +0 -46
package/src/services/ecies/single-recipient.d.ts.map +0 -1
package/src/services/ecies/single-recipient.js +0 -322
package/src/services/ecies/single-recipient.js.map +0 -1
package/src/services/encryption-stream.d.ts +0 -71
package/src/services/encryption-stream.d.ts.map +0 -1
package/src/services/encryption-stream.js +0 -295
package/src/services/encryption-stream.js.map +0 -1
package/src/services/index.d.ts +0 -11
package/src/services/index.d.ts.map +0 -1
package/src/services/index.js.map +0 -1
package/src/services/multi-recipient-processor.d.ts +0 -35
package/src/services/multi-recipient-processor.d.ts.map +0 -1
package/src/services/multi-recipient-processor.js +0 -289
package/src/services/multi-recipient-processor.js.map +0 -1
package/src/services/password-login.d.ts +0 -47
package/src/services/password-login.d.ts.map +0 -1
package/src/services/password-login.js +0 -115
package/src/services/password-login.js.map +0 -1
package/src/services/pbkdf2.d.ts +0 -54
package/src/services/pbkdf2.d.ts.map +0 -1
package/src/services/pbkdf2.js +0 -108
package/src/services/pbkdf2.js.map +0 -1
package/src/services/progress-tracker.d.ts +0 -23
package/src/services/progress-tracker.d.ts.map +0 -1
package/src/services/progress-tracker.js +0 -103
package/src/services/progress-tracker.js.map +0 -1
package/src/services/resumable-encryption.d.ts +0 -19
package/src/services/resumable-encryption.d.ts.map +0 -1
package/src/services/resumable-encryption.js +0 -105
package/src/services/resumable-encryption.js.map +0 -1
package/src/services/xor.d.ts +0 -37
package/src/services/xor.d.ts.map +0 -1
package/src/services/xor.js +0 -63
package/src/services/xor.js.map +0 -1
package/src/test-mocks/index.d.ts +0 -2
package/src/test-mocks/index.d.ts.map +0 -1
package/src/test-mocks/index.js +0 -2
package/src/test-mocks/index.js.map +0 -1
package/src/test-mocks/mock-frontend-member.d.ts +0 -85
package/src/test-mocks/mock-frontend-member.d.ts.map +0 -1
package/src/test-mocks/mock-frontend-member.js +0 -190
package/src/test-mocks/mock-frontend-member.js.map +0 -1
package/src/testing.d.ts +0 -2
package/src/testing.d.ts.map +0 -1
package/src/testing.js.map +0 -1
package/src/translations/de.d.ts +0 -4
package/src/translations/de.d.ts.map +0 -1
package/src/translations/de.js.map +0 -1
package/src/translations/en-US.d.ts +0 -4
package/src/translations/en-US.d.ts.map +0 -1
package/src/translations/en-US.js.map +0 -1
package/src/translations/es.d.ts +0 -4
package/src/translations/es.d.ts.map +0 -1
package/src/translations/es.js.map +0 -1
package/src/translations/fr.d.ts +0 -4
package/src/translations/fr.d.ts.map +0 -1
package/src/translations/fr.js.map +0 -1
package/src/translations/ja.d.ts +0 -4
package/src/translations/ja.d.ts.map +0 -1
package/src/translations/ja.js.map +0 -1
package/src/translations/uk.d.ts +0 -4
package/src/translations/uk.d.ts.map +0 -1
package/src/translations/uk.js.map +0 -1
package/src/translations/zh-cn.d.ts +0 -4
package/src/translations/zh-cn.d.ts.map +0 -1
package/src/translations/zh-cn.js.map +0 -1
package/src/types/deep-partial.d.ts +0 -4
package/src/types/deep-partial.d.ts.map +0 -1
package/src/types/deep-partial.js +0 -2
package/src/types/deep-partial.js.map +0 -1
package/src/types.d.ts.map +0 -1
package/src/types.js +0 -2
package/src/types.js.map +0 -1
package/src/utils/encryption-type-utils.d.ts +0 -29
package/src/utils/encryption-type-utils.d.ts.map +0 -1
package/src/utils/encryption-type-utils.js +0 -61
package/src/utils/encryption-type-utils.js.map +0 -1
package/src/utils.d.ts +0 -68
package/src/utils.d.ts.map +0 -1
package/src/utils.js +0 -273
package/src/utils.js.map +0 -1

package/src/services/ecies/single-recipient.ts ADDED Viewed

@@ -0,0 +1,476 @@
+import { IECIESConstants } from '../../interfaces/ecies-consts';
+import { Constants } from '../../constants';
+import {
+  EciesEncryptionType,
+  EciesEncryptionTypeEnum,
+} from '../../enumerations/ecies-encryption-type';
+import { EciesVersionEnum } from '../../enumerations/ecies-version';
+import { EciesCipherSuiteEnum } from '../../enumerations/ecies-cipher-suite';
+import { IECIESConfig } from '../../interfaces/ecies-config';
+import { AESGCMService } from '../aes-gcm';
+import { EciesCryptoCore } from './crypto-core';
+import { IDecryptionResult, ISingleEncryptedParsedHeader } from './interfaces';
+import { EciesComponentId, getEciesI18nEngine } from '../../i18n-setup';
+import { EciesStringKey } from '../../enumerations';
+/**
+ * Browser-compatible single recipient ECIES encryption/decryption
+ */
+export class EciesSingleRecipient {
+  protected readonly cryptoCore: EciesCryptoCore;
+  protected readonly config: IECIESConfig;
+  protected readonly eciesConsts: IECIESConstants;
+  constructor(config: IECIESConfig, eciesParams: IECIESConstants = Constants.ECIES) {
+    this.config = config;
+    this.eciesConsts = eciesParams;
+    this.cryptoCore = new EciesCryptoCore(config, this.eciesConsts);
+  }
+  /**
+   * Encrypt a message for a single recipient
+   */
+  public async encrypt(
+    encryptSimple: boolean,
+    receiverPublicKey: Uint8Array,
+    message: Uint8Array,
+    preamble: Uint8Array = new Uint8Array(0),
+  ): Promise<Uint8Array> {
+    const encryptionType: EciesEncryptionType = encryptSimple
+      ? 'simple'
+      : 'single';
+    const encryptionTypeArray = new Uint8Array([
+      encryptionType === 'simple'
+        ? this.eciesConsts.ENCRYPTION_TYPE.SIMPLE
+        : this.eciesConsts.ENCRYPTION_TYPE.SINGLE,
+    ]);
+    const versionArray = new Uint8Array([EciesVersionEnum.V1]);
+    const cipherSuiteArray = new Uint8Array([EciesCipherSuiteEnum.Secp256k1_Aes256Gcm_Sha256]);
+    if (message.length > this.eciesConsts.MAX_RAW_DATA_SIZE) {
+      const engine = getEciesI18nEngine();
+      throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_ECIESError_MessageLengthExceedsMaximumAllowedSizeTemplate, {messageLength: message.length }));
+    }
+    // Generate ephemeral key pair
+    const ephemeralPrivateKey = this.cryptoCore.generatePrivateKey();
+    const ephemeralPublicKey =
+      this.cryptoCore.getPublicKey(ephemeralPrivateKey);
+    // Compute shared secret
+    const normalizedReceiverPublicKey =
+      this.cryptoCore.normalizePublicKey(receiverPublicKey);
+    const sharedSecret = this.cryptoCore.computeSharedSecret(
+      ephemeralPrivateKey,
+      normalizedReceiverPublicKey,
+    );
+    // Use HKDF to derive the key
+    const symKey = this.cryptoCore.deriveSharedKey(
+      sharedSecret,
+      new Uint8Array(0), // No salt
+      new TextEncoder().encode('ecies-v2-key-derivation'), // Info
+      this.eciesConsts.SYMMETRIC.KEY_SIZE
+    );
+    // Construct AAD
+    const aad = new Uint8Array(
+      preamble.length +
+      versionArray.length +
+      cipherSuiteArray.length +
+      encryptionTypeArray.length +
+      ephemeralPublicKey.length
+    );
+    let aadOffset = 0;
+    aad.set(preamble, aadOffset); aadOffset += preamble.length;
+    aad.set(versionArray, aadOffset); aadOffset += versionArray.length;
+    aad.set(cipherSuiteArray, aadOffset); aadOffset += cipherSuiteArray.length;
+    aad.set(encryptionTypeArray, aadOffset); aadOffset += encryptionTypeArray.length;
+    aad.set(ephemeralPublicKey, aadOffset);
+    // Encrypt using AES-GCM
+    const encryptResult = await AESGCMService.encrypt(message, symKey, true, this.eciesConsts, aad);
+    const { encrypted, iv } = encryptResult;
+    const authTag = encryptResult.tag;
+    if (!authTag) {
+      const engine = getEciesI18nEngine();
+      throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_ECIESError_AuthenticationTagIsRequiredForECIESEncryption));
+    }
+    // Validate encrypted size is reasonable
+    const maxEncryptedSize = message.length + 1024; // Allow overhead for encryption
+    if (encrypted.length > maxEncryptedSize) {
+      const engine = getEciesI18nEngine();
+      throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_ECIESError_EncryptedSizeExceedsExpected));
+    }
+    // Add length prefix for single mode
+    const lengthArray =
+      encryptionType === 'simple' ? new Uint8Array(0) : new Uint8Array(8);
+    if (encryptionType === 'single') {
+      const view = new DataView(lengthArray.buffer);
+      view.setBigUint64(0, BigInt(message.length), false); // big-endian
+    }
+    // Format: [preamble] | version (1) | cipherSuite (1) | type (1) | ephemeralPublicKey (65) | iv (16) | authTag (16) | length (8) | encryptedData
+    const result = new Uint8Array(
+      preamble.length +
+        versionArray.length +
+        cipherSuiteArray.length +
+        encryptionTypeArray.length +
+        ephemeralPublicKey.length +
+        iv.length +
+        authTag.length +
+        lengthArray.length +
+        encrypted.length,
+    );
+    let offset = 0;
+    result.set(preamble, offset);
+    offset += preamble.length;
+    result.set(versionArray, offset);
+    offset += versionArray.length;
+    result.set(cipherSuiteArray, offset);
+    offset += cipherSuiteArray.length;
+    result.set(encryptionTypeArray, offset);
+    offset += encryptionTypeArray.length;
+    result.set(ephemeralPublicKey, offset);
+    offset += ephemeralPublicKey.length;
+    result.set(iv, offset);
+    offset += iv.length;
+    result.set(authTag, offset);
+    offset += authTag.length;
+    result.set(lengthArray, offset);
+    offset += lengthArray.length;
+    result.set(encrypted, offset);
+    return result;
+  }
+  /**
+   * Parse encrypted message header
+   */
+  public parseEncryptedMessage(
+    encryptionType: EciesEncryptionTypeEnum | undefined,
+    data: Uint8Array,
+    preambleSize: number = 0,
+    options?: { dataLength?: number },
+  ): {
+    header: ISingleEncryptedParsedHeader;
+    data: Uint8Array;
+    remainder: Uint8Array;
+  } {
+    const engine = getEciesI18nEngine();
+    let offset = preambleSize;
+    const preamble = data.slice(0, preambleSize);
+    // Read Version
+    const version = data[offset];
+    offset += this.eciesConsts.VERSION_SIZE;
+    if (version !== EciesVersionEnum.V1) {
+      throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_ECIESError_InvalidVersionTemplate, { version }));
+    }
+    // Read CipherSuite
+    const cipherSuite = data[offset];
+    offset += this.eciesConsts.CIPHER_SUITE_SIZE;
+    if (cipherSuite !== EciesCipherSuiteEnum.Secp256k1_Aes256Gcm_Sha256) {
+      throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_ECIESError_InvalidCipherSuiteTemplate, { cipherSuite }));
+    }
+    // Read encryption type from first byte after preamble and version/suite
+    const actualEncryptionTypeByte = data[offset];
+    let actualEncryptionType: EciesEncryptionTypeEnum;
+    switch (actualEncryptionTypeByte) {
+      case this.eciesConsts.ENCRYPTION_TYPE.SIMPLE:
+        actualEncryptionType = EciesEncryptionTypeEnum.Simple;
+        break;
+      case this.eciesConsts.ENCRYPTION_TYPE.SINGLE:
+        actualEncryptionType = EciesEncryptionTypeEnum.Single;
+        break;
+      case this.eciesConsts.ENCRYPTION_TYPE.MULTIPLE:
+        throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_ECIESError_MultipleEncryptionTypeNotSupportedInSingleRecipientMode));
+      default:
+        // convert the encryption type byte to hex
+        const encryptionTypeHex = actualEncryptionTypeByte.toString(16).padStart(2, '0');
+        throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_ECIESError_InvalidEncryptionTypeTemplate, { encryptionType: encryptionTypeHex }));
+    }
+    if (
+      encryptionType !== undefined &&
+      actualEncryptionType !== encryptionType
+    ) {
+      throw new Error(
+        engine.translate(EciesComponentId, EciesStringKey.Error_ECIESError_EncryptionTypeMismatchTemplate, { encryptionType, actualEncryptionType }),
+      );
+    }
+    const includeLengthAndCrc =
+      actualEncryptionType === EciesEncryptionTypeEnum.Single;
+    const requiredSize = includeLengthAndCrc
+      ? this.eciesConsts.SINGLE.FIXED_OVERHEAD_SIZE
+      : this.eciesConsts.SIMPLE.FIXED_OVERHEAD_SIZE;
+    if (data.length < requiredSize) {
+      throw new Error(
+        engine.translate(EciesComponentId, EciesStringKey.Error_ECIESError_DataTooShortTemplate, { requiredSize, dataLength: data.length }),
+      );
+    }
+    // Skip encryption type byte
+    offset += 1;
+    // Extract header components
+    const ephemeralPublicKey = data.slice(
+      offset,
+      offset + this.eciesConsts.PUBLIC_KEY_LENGTH,
+    );
+    offset += this.eciesConsts.PUBLIC_KEY_LENGTH;
+    const normalizedKey =
+      this.cryptoCore.normalizePublicKey(ephemeralPublicKey);
+    const iv = data.slice(offset, offset + this.eciesConsts.IV_SIZE);
+    offset += this.eciesConsts.IV_SIZE;
+    const authTag = data.slice(offset, offset + this.eciesConsts.AUTH_TAG_SIZE);
+    offset += this.eciesConsts.AUTH_TAG_SIZE;
+    // Extract length for single mode
+    const dataLengthArray = includeLengthAndCrc
+      ? data.slice(offset, offset + this.eciesConsts.SINGLE.DATA_LENGTH_SIZE)
+      : new Uint8Array(0);
+    if (includeLengthAndCrc) {
+      offset += this.eciesConsts.SINGLE.DATA_LENGTH_SIZE;
+    }
+    const dataLength = includeLengthAndCrc
+      ? Number(
+          new DataView(
+            dataLengthArray.buffer,
+            dataLengthArray.byteOffset,
+            dataLengthArray.byteLength,
+          ).getBigUint64(0, false),
+        )
+      : options?.dataLength ?? -1;
+    // Validate data length is reasonable
+    if (includeLengthAndCrc && (dataLength < 0 || dataLength > this.eciesConsts.MAX_RAW_DATA_SIZE)) {
+      throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_ECIESError_InvalidDataLength));
+    }
+    if (
+      includeLengthAndCrc &&
+      options?.dataLength !== undefined &&
+      dataLength !== options.dataLength
+    ) {
+      throw new Error(
+        engine.translate(EciesComponentId, EciesStringKey.Error_ECIESError_DataLengthMismatchTemplate, { expectedDataLength: dataLength, receivedDataLength: options.dataLength }),
+      );
+    }
+    // No CRC in Single encryption (AES-GCM provides authentication)
+    // For single mode, read all remaining data as encrypted data
+    // The dataLength represents the original message length, not encrypted length
+    const encryptedData = data.slice(offset);
+    const remainder = new Uint8Array(0);
+    // No CRC validation needed (AES-GCM provides authentication)
+    return {
+      header: {
+        preamble,
+        encryptionType: actualEncryptionType,
+        ephemeralPublicKey: normalizedKey,
+        iv,
+        authTag,
+        dataLength,
+        headerSize: includeLengthAndCrc
+          ? this.eciesConsts.SINGLE.FIXED_OVERHEAD_SIZE
+          : this.eciesConsts.SIMPLE.FIXED_OVERHEAD_SIZE,
+      },
+      data: encryptedData,
+      remainder,
+    };
+  }
+  /**
+   * Decrypt with header
+   */
+  public async decryptWithHeader(
+    encryptionType: EciesEncryptionTypeEnum | undefined,
+    privateKey: Uint8Array,
+    encryptedData: Uint8Array,
+    preambleSize: number = 0,
+    options?: { dataLength?: number },
+  ): Promise<Uint8Array> {
+    const result = await this.decryptWithHeaderEx(
+      encryptionType,
+      privateKey,
+      encryptedData,
+      preambleSize,
+      options,
+    );
+    return result.decrypted;
+  }
+  /**
+   * Extended decrypt with header that returns additional info
+   */
+  public async decryptWithHeaderEx(
+    encryptionType: EciesEncryptionTypeEnum | undefined,
+    privateKey: Uint8Array,
+    encryptedData: Uint8Array,
+    preambleSize: number = 0,
+    options?: { dataLength?: number },
+  ): Promise<IDecryptionResult> {
+    const { data, header } = this.parseEncryptedMessage(
+      encryptionType,
+      encryptedData,
+      preambleSize,
+      options,
+    );
+    // Construct AAD
+    const versionArray = new Uint8Array([EciesVersionEnum.V1]);
+    const cipherSuiteArray = new Uint8Array([EciesCipherSuiteEnum.Secp256k1_Aes256Gcm_Sha256]);
+    const encryptionTypeArray = new Uint8Array([
+      header.encryptionType === EciesEncryptionTypeEnum.Simple
+        ? this.eciesConsts.ENCRYPTION_TYPE.SIMPLE
+        : this.eciesConsts.ENCRYPTION_TYPE.SINGLE,
+    ]);
+    const preamble = header.preamble ?? new Uint8Array(preambleSize);
+    const aad = new Uint8Array(
+      preamble.length +
+      versionArray.length +
+      cipherSuiteArray.length +
+      encryptionTypeArray.length +
+      header.ephemeralPublicKey.length
+    );
+    let offset = 0;
+    aad.set(preamble, offset); offset += preamble.length;
+    aad.set(versionArray, offset); offset += versionArray.length;
+    aad.set(cipherSuiteArray, offset); offset += cipherSuiteArray.length;
+    aad.set(encryptionTypeArray, offset); offset += encryptionTypeArray.length;
+    aad.set(header.ephemeralPublicKey, offset);
+    const decrypted = await this.decryptWithComponents(
+      privateKey,
+      header.ephemeralPublicKey,
+      header.iv,
+      header.authTag,
+      data,
+      aad
+    );
+    return {
+      decrypted,
+      consumedBytes: preambleSize + header.headerSize + data.length,
+    };
+  }
+  /**
+   * Decrypt with individual components
+   */
+  public async decryptWithComponents(
+    privateKey: Uint8Array,
+    ephemeralPublicKey: Uint8Array,
+    iv: Uint8Array,
+    authTag: Uint8Array,
+    encrypted: Uint8Array,
+    aad?: Uint8Array,
+  ): Promise<Uint8Array> {
+    // Validate private key
+    if (!privateKey || privateKey.length !== 32) {
+      const engine = getEciesI18nEngine();
+      throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_ECIESError_InvalidPrivateKey));
+    }
+    // Check for all-zero private key
+    let allZeros = true;
+    for (let i = 0; i < privateKey.length; i++) {
+      if (privateKey[i] !== 0) {
+        allZeros = false;
+        break;
+      }
+    }
+    if (allZeros) {
+      const engine = getEciesI18nEngine();
+      throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_ECIESError_InvalidPrivateKey));
+    }
+    // Validate IV
+    if (!iv || iv.length !== this.eciesConsts.IV_SIZE) {
+      const engine = getEciesI18nEngine();
+      throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_ECIESError_InvalidIV));
+    }
+    // Validate auth tag
+    if (!authTag || authTag.length !== this.eciesConsts.AUTH_TAG_SIZE) {
+      const engine = getEciesI18nEngine();
+      throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_ECIESError_InvalidAuthTag));
+    }
+    // Normalize ephemeral public key (this validates it's a valid key)
+    const normalizedEphemeralKey =
+      this.cryptoCore.normalizePublicKey(ephemeralPublicKey);
+    // Compute shared secret
+    const sharedSecret = this.cryptoCore.computeSharedSecret(
+      privateKey,
+      normalizedEphemeralKey,
+    );
+    // Validate shared secret is not all zeros
+    let sharedSecretAllZeros = true;
+    for (let i = 0; i < sharedSecret.length; i++) {
+      if (sharedSecret[i] !== 0) {
+        sharedSecretAllZeros = false;
+        break;
+      }
+    }
+    if (sharedSecretAllZeros) {
+      const engine = getEciesI18nEngine();
+      throw new Error(engine.translate(EciesComponentId, EciesStringKey.Error_ECIESError_InvalidSharedSecret));
+    }
+    // Use HKDF to derive the key
+    const symKey = this.cryptoCore.deriveSharedKey(
+      sharedSecret,
+      new Uint8Array(0), // No salt
+      new TextEncoder().encode('ecies-v2-key-derivation'), // Info
+      this.eciesConsts.SYMMETRIC.KEY_SIZE
+    );
+    // Combine encrypted data with auth tag for AES-GCM
+    const encryptedWithTag = AESGCMService.combineEncryptedDataAndTag(
+      encrypted,
+      authTag,
+    );
+    // Decrypt
+    return await AESGCMService.decrypt(iv, encryptedWithTag, symKey, true, this.eciesConsts, aad);
+  }
+  private arraysEqual(a: Uint8Array, b: Uint8Array): boolean {
+    if (a.length !== b.length) return false;
+    // Constant-time comparison to prevent timing attacks
+    let diff = 0;
+    for (let i = 0; i < a.length; i++) {
+      diff |= a[i] ^ b[i];
+    }
+    return diff === 0;
+  }
+}