npm - @digitaldefiance/ecies-lib - Versions diffs - 4.4.25 → 4.5.1 - Mend

@digitaldefiance/ecies-lib 4.4.25 → 4.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (25) hide show

package/package.json +9 -1
package/src/index.d.ts +2 -0
package/src/index.d.ts.map +1 -1
package/src/index.js +1 -0
package/src/index.js.map +1 -1
package/src/interfaces/member.d.ts +7 -0
package/src/interfaces/member.d.ts.map +1 -1
package/src/member.d.ts +11 -0
package/src/member.d.ts.map +1 -1
package/src/member.js +29 -0
package/src/member.js.map +1 -1
package/src/services/aes-gcm.js +3 -3
package/src/services/aes-gcm.js.map +1 -1
package/src/services/index.d.ts +1 -0
package/src/services/index.d.ts.map +1 -1
package/src/services/index.js +3 -0
package/src/services/index.js.map +1 -1
package/src/services/voting.service.d.ts +196 -0
package/src/services/voting.service.d.ts.map +1 -0
package/src/services/voting.service.js +537 -0
package/src/services/voting.service.js.map +1 -0
package/src/voting-utils.d.ts +86 -0
package/src/voting-utils.d.ts.map +1 -0
package/src/voting-utils.js +148 -0
package/src/voting-utils.js.map +1 -0

package/src/services/voting.service.js ADDED Viewed

@@ -0,0 +1,537 @@
+"use strict";
+/**
+ * Voting Service for browser/web environments
+ * Provides ECIES-to-Paillier key bridge for homomorphic encryption voting systems.
+ * Uses @noble/secp256k1 for ECDH (matching Node.js implementation).
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.VotingService = exports.SecureDeterministicDRBG = exports.lcm = exports.gcd = exports.modInverse = exports.modPow = exports.millerRabinTest = void 0;
+exports.hkdf = hkdf;
+exports.generateDeterministicPrime = generateDeterministicPrime;
+exports.generateDeterministicKeyPair = generateDeterministicKeyPair;
+exports.deriveVotingKeysFromECDH = deriveVotingKeysFromECDH;
+const secp256k1_js_1 = require("@noble/curves/secp256k1.js");
+const voting_utils_1 = require("../voting-utils");
+Object.defineProperty(exports, "millerRabinTest", { enumerable: true, get: function () { return voting_utils_1.millerRabinTest; } });
+Object.defineProperty(exports, "modPow", { enumerable: true, get: function () { return voting_utils_1.modPow; } });
+Object.defineProperty(exports, "modInverse", { enumerable: true, get: function () { return voting_utils_1.modInverse; } });
+Object.defineProperty(exports, "gcd", { enumerable: true, get: function () { return voting_utils_1.gcd; } });
+Object.defineProperty(exports, "lcm", { enumerable: true, get: function () { return voting_utils_1.lcm; } });
+/**
+ * Decompress a secp256k1 compressed public key
+ * @param compressedKey - 33 bytes (1 byte prefix + 32 bytes x-coordinate)
+ * @returns 65 bytes uncompressed key (0x04 + x + y)
+ */
+function decompressSecp256k1PublicKey(compressedKey) {
+    if (compressedKey.length !== 33) {
+        throw new Error(`Invalid compressed key length: expected 33 bytes, got ${compressedKey.length}`);
+    }
+    const prefix = compressedKey[0];
+    if (prefix !== 0x02 && prefix !== 0x03) {
+        throw new Error(`Invalid compressed key prefix: expected 0x02 or 0x03, got 0x${prefix.toString(16)}`);
+    }
+    // secp256k1 parameters
+    const p = 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2fn;
+    const b = 7n;
+    // Extract x coordinate
+    const xBytes = compressedKey.slice(1);
+    let x = 0n;
+    for (let i = 0; i < xBytes.length; i++) {
+        x = (x << 8n) | BigInt(xBytes[i]);
+    }
+    // Calculate y² = x³ + 7 (mod p)
+    const ySquared = ((0, voting_utils_1.modPow)(x, 3n, p) + b) % p;
+    // Calculate y using Tonelli-Shanks algorithm (for p ≡ 3 mod 4, it's simpler)
+    // For secp256k1, p ≡ 3 mod 4, so y = ySquared^((p+1)/4) mod p
+    const y = (0, voting_utils_1.modPow)(ySquared, (p + 1n) / 4n, p);
+    // Choose the correct y based on prefix (even/odd)
+    const yIsEven = (y & 1n) === 0n;
+    const prefixIndicatesEven = prefix === 0x02;
+    const finalY = yIsEven === prefixIndicatesEven ? y : p - y;
+    // Construct uncompressed key: 0x04 + x + y
+    const uncompressed = new Uint8Array(65);
+    uncompressed[0] = 0x04;
+    // Write x coordinate
+    for (let i = 0; i < 32; i++) {
+        uncompressed[1 + i] = Number((x >> BigInt(8 * (31 - i))) & 0xffn);
+    }
+    // Write y coordinate
+    for (let i = 0; i < 32; i++) {
+        uncompressed[33 + i] = Number((finalY >> BigInt(8 * (31 - i))) & 0xffn);
+    }
+    return uncompressed;
+}
+/**
+ * HKDF implementation using Web Crypto API
+ *
+ * SECURITY: This is a cryptographically secure key derivation function.
+ * - Uses Web Crypto API for browser compatibility
+ * - Provides pseudorandomness indistinguishable from random
+ * - One-way: computationally infeasible to recover IKM from OKM
+ * - Domain separation via 'info' parameter
+ *
+ * @param secret - The input key material (IKM)
+ * @param salt - Optional salt value (non-secret random value)
+ * @param info - Context string for domain separation
+ * @param length - Length of output keying material in bytes
+ * @param hmacAlgorithm - HMAC algorithm to use (default: 'SHA-512')
+ * @returns Derived key material (OKM)
+ */
+async function hkdf(secret, salt, info, length, hmacAlgorithm = 'SHA-512') {
+    // Import key material
+    const keyMaterial = await crypto.subtle.importKey('raw', secret, { name: 'HKDF' }, false, ['deriveBits']);
+    // Derive bits using HKDF
+    const derived = await crypto.subtle.deriveBits({
+        name: 'HKDF',
+        hash: hmacAlgorithm,
+        salt: salt || new Uint8Array(0),
+        info: new TextEncoder().encode(info),
+    }, keyMaterial, length * 8);
+    return new Uint8Array(derived);
+}
+/**
+ * Secure Deterministic Random Bit Generator using HMAC-DRBG (SP 800-90A)
+ * Web Crypto API version with proper async initialization
+ *
+ * SECURITY: NIST-approved deterministic random bit generator
+ * - Provides backtracking resistance
+ * - Provides prediction resistance
+ * - Cryptographically secure pseudorandom output
+ * - Uses async factory pattern for proper HMAC initialization
+ */
+class SecureDeterministicDRBG {
+    v;
+    k;
+    hmacAlgorithm;
+    hashLength;
+    constructor(seed, hmacAlgorithm = 'SHA-512') {
+        this.hmacAlgorithm = hmacAlgorithm;
+        // SHA-512 = 64 bytes, SHA-256 = 32 bytes
+        this.hashLength = hmacAlgorithm === 'SHA-512' ? 64 : 32;
+        // Initialize V and K
+        this.v = new Uint8Array(this.hashLength).fill(0x01);
+        this.k = new Uint8Array(this.hashLength).fill(0x00);
+    }
+    /**
+     * Create and initialize a new DRBG instance
+     */
+    static async create(seed, hmacAlgorithm = 'SHA-512') {
+        const drbg = new SecureDeterministicDRBG(seed, hmacAlgorithm);
+        await drbg.update(seed);
+        return drbg;
+    }
+    async hmacAsync(key, data) {
+        const cryptoKey = await crypto.subtle.importKey('raw', key, { name: 'HMAC', hash: this.hmacAlgorithm }, false, ['sign']);
+        const signature = await crypto.subtle.sign('HMAC', cryptoKey, data);
+        return new Uint8Array(signature);
+    }
+    async update(providedData) {
+        // K = HMAC(K, V || 0x00 || provided_data)
+        let data = new Uint8Array(this.v.length + 1 + (providedData?.length || 0));
+        data.set(this.v, 0);
+        data[this.v.length] = 0x00;
+        if (providedData) {
+            data.set(providedData, this.v.length + 1);
+        }
+        this.k = await this.hmacAsync(this.k, data);
+        // V = HMAC(K, V)
+        this.v = await this.hmacAsync(this.k, this.v);
+        if (providedData) {
+            // K = HMAC(K, V || 0x01 || provided_data)
+            data = new Uint8Array(this.v.length + 1 + providedData.length);
+            data.set(this.v, 0);
+            data[this.v.length] = 0x01;
+            data.set(providedData, this.v.length + 1);
+            this.k = await this.hmacAsync(this.k, data);
+            // V = HMAC(K, V)
+            this.v = await this.hmacAsync(this.k, this.v);
+        }
+    }
+    async generate(numBytes) {
+        const result = new Uint8Array(numBytes);
+        let offset = 0;
+        while (offset < numBytes) {
+            this.v = await this.hmacAsync(this.k, this.v);
+            const copyLength = Math.min(this.v.length, numBytes - offset);
+            result.set(this.v.slice(0, copyLength), offset);
+            offset += copyLength;
+        }
+        await this.update();
+        return result;
+    }
+}
+exports.SecureDeterministicDRBG = SecureDeterministicDRBG;
+/**
+ * Small prime sieve for quick composite elimination
+ */
+const SMALL_PRIMES = [
+    2, 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, 59, 61, 67, 71, 73, 79, 83, 89, 97,
+    101, 103, 107, 109, 113, 127, 131, 137, 139, 149, 151, 157, 163, 167, 173, 179, 181, 191, 193,
+    197, 199, 211, 223, 227, 229, 233, 239, 241, 251,
+];
+/**
+ * Generate a deterministic prime number using DRBG (async web version)
+ */
+async function generateDeterministicPrime(drbg, numBits, primeTestIterations = 256, maxAttempts = 10000) {
+    const numBytes = Math.ceil(numBits / 8);
+    const topBitMask = 1 << ((numBits - 1) % 8);
+    // Always perform exactly maxAttempts iterations for timing attack mitigation
+    let foundPrime = null;
+    for (let attempt = 0; attempt < maxAttempts; attempt++) {
+        // Continue checking even after finding prime to maintain constant timing
+        if (foundPrime !== null) {
+            // Perform dummy operations to maintain timing consistency
+            await drbg.generate(numBytes);
+            continue;
+        }
+        // Generate random bytes
+        const bytes = await drbg.generate(numBytes);
+        // Set top bit to ensure exact bit length
+        bytes[0] |= topBitMask;
+        // Set bottom bit to ensure odd number
+        bytes[bytes.length - 1] |= 1;
+        const candidate = BigInt('0x' + Array.from(bytes).map(b => b.toString(16).padStart(2, '0')).join(''));
+        // Quick check against small primes
+        let isComposite = false;
+        for (const smallPrime of SMALL_PRIMES) {
+            if (candidate % BigInt(smallPrime) === 0n && candidate !== BigInt(smallPrime)) {
+                isComposite = true;
+                break;
+            }
+        }
+        if (isComposite)
+            continue;
+        // Miller-Rabin primality test
+        if ((0, voting_utils_1.millerRabinTest)(candidate, primeTestIterations)) {
+            foundPrime = candidate;
+        }
+    }
+    if (foundPrime === null) {
+        throw new Error(`Failed to generate prime after ${maxAttempts} attempts`);
+    }
+    return foundPrime;
+}
+/**
+ * Generate a deterministic Paillier key pair from a seed (async web version)
+ */
+async function generateDeterministicKeyPair(seed, bits = 3072, primeTestIterations = 256) {
+    // Validate inputs
+    if (!seed || seed.length < 32) {
+        throw new Error(`Seed must be at least 32 bytes, got ${seed?.length || 0}`);
+    }
+    if (bits < 2048) {
+        throw new Error(`Key size must be at least 2048 bits, got ${bits}`);
+    }
+    if (bits % 2 !== 0) {
+        throw new Error(`Key size must be even, got ${bits}`);
+    }
+    if (primeTestIterations < 64) {
+        throw new Error(`Must perform at least 64 Miller-Rabin iterations, got ${primeTestIterations}`);
+    }
+    // Load paillier-bigint dynamically (optional peer dependency)
+    let PublicKey;
+    let PrivateKey;
+    try {
+        const paillier = await import('paillier-bigint');
+        PublicKey = paillier.PublicKey;
+        PrivateKey = paillier.PrivateKey;
+    }
+    catch (error) {
+        throw new Error('paillier-bigint is required for voting functionality. Install it with: npm install paillier-bigint');
+    }
+    const drbg = await SecureDeterministicDRBG.create(seed);
+    // Generate two primes of half the key size
+    const primeBits = Math.floor(bits / 2);
+    const p = await generateDeterministicPrime(drbg, primeBits, primeTestIterations);
+    const q = await generateDeterministicPrime(drbg, primeBits, primeTestIterations);
+    // Calculate n = p * q
+    const n = p * q;
+    // Calculate lambda = lcm(p-1, q-1)
+    const lambda = (0, voting_utils_1.lcm)(p - 1n, q - 1n);
+    // For Paillier, g = n + 1 (simplest form)
+    const g = n + 1n;
+    // Calculate mu = (L(g^lambda mod n^2))^-1 mod n
+    // where L(x) = (x-1)/n
+    const nSquared = n * n;
+    const gLambda = (0, voting_utils_1.modPow)(g, lambda, nSquared);
+    const l = (gLambda - 1n) / n;
+    const mu = (0, voting_utils_1.modInverse)(l, n);
+    // Create key pair
+    const publicKey = new PublicKey(n, g);
+    const privateKey = new PrivateKey(lambda, mu, publicKey);
+    // Validate with test encryption/decryption
+    const testPlaintext = 42n;
+    const encrypted = publicKey.encrypt(testPlaintext);
+    const decrypted = privateKey.decrypt(encrypted);
+    if (decrypted !== testPlaintext) {
+        throw new Error('Key pair validation failed: test encryption/decryption mismatch');
+    }
+    return { publicKey, privateKey };
+}
+/**
+ * Derive Paillier voting keys from ECDH key pair (async web version)
+ *
+ * SECURITY PROPERTIES:
+ * - One-way: Computationally infeasible to recover ECDH keys from Paillier keys
+ * - Deterministic: Same ECDH keys always produce same Paillier keys
+ * - Collision-resistant: Different ECDH keys produce different Paillier keys
+ * - Domain-separated: Cryptographically bound to voting purpose via HKDF info
+ *
+ * SECURITY LEVEL: ~128 bits (equivalent to 3072-bit RSA)
+ * - ECDH: secp256k1 curve (~128-bit security, matches Node.js)
+ * - HKDF: SHA-512 (512-bit security against preimage)
+ * - Paillier: 3072-bit modulus (NIST recommended for 128-bit security)
+ *
+ * @param ecdhPrivKey - ECDH private key (32 bytes for secp256k1)
+ * @param ecdhPubKey - ECDH public key (33/64/65 bytes, compressed or uncompressed)
+ * @param options - Configuration options
+ * @returns Paillier key pair for voting operations
+ */
+async function deriveVotingKeysFromECDH(ecdhPrivKey, ecdhPubKey, options = {}) {
+    const { curveName = 'secp256k1', // Use secp256k1 to match Node.js implementation
+    publicKeyMagic = 0x04, rawPublicKeyLength = 64, publicKeyLength = 65, hmacAlgorithm = 'SHA-512', hkdfInfo = 'PaillierPrimeGen', hkdfLength = 64, keypairBitLength = 3072, primeTestIterations = 256, } = options;
+    // Validate inputs with strict length checks
+    if (!ecdhPrivKey || ecdhPrivKey.length === 0) {
+        throw new Error('ECDH private key is required');
+    }
+    // Validate private key length (32 bytes for secp256k1)
+    if (ecdhPrivKey.length !== 32) {
+        throw new Error(`Invalid ECDH private key length: expected 32 bytes, got ${ecdhPrivKey.length}`);
+    }
+    if (!ecdhPubKey || ecdhPubKey.length === 0) {
+        throw new Error('ECDH public key is required');
+    }
+    // Handle both compressed (33 bytes) and uncompressed (65 bytes) public keys
+    // @noble/secp256k1 accepts both formats
+    let publicKeyForECDH;
+    if (ecdhPubKey.length === 33) {
+        // Compressed key - @noble/secp256k1 handles this natively
+        publicKeyForECDH = ecdhPubKey;
+    }
+    else if (ecdhPubKey.length === publicKeyLength && ecdhPubKey[0] === publicKeyMagic) {
+        // Already uncompressed with 0x04 prefix - @noble/secp256k1 handles this
+        publicKeyForECDH = ecdhPubKey;
+    }
+    else if (ecdhPubKey.length === rawPublicKeyLength) {
+        // Uncompressed without prefix - add it
+        publicKeyForECDH = new Uint8Array(publicKeyLength);
+        publicKeyForECDH[0] = publicKeyMagic;
+        publicKeyForECDH.set(ecdhPubKey, 1);
+    }
+    else {
+        throw new Error(`Invalid public key length: expected 33 (compressed), 64 (uncompressed raw), or 65 (uncompressed with prefix) bytes, got ${ecdhPubKey.length}`);
+    }
+    // Compute shared secret using @noble/secp256k1 (same as Node.js implementation)
+    const sharedSecret = secp256k1_js_1.secp256k1.getSharedSecret(ecdhPrivKey, publicKeyForECDH, false);
+    // Remove the 0x04 prefix from shared secret (getSharedSecret returns uncompressed point)
+    const sharedSecretBytes = sharedSecret.slice(1);
+    // Derive seed using HKDF
+    const seed = await hkdf(sharedSecret, null, hkdfInfo, hkdfLength, hmacAlgorithm);
+    // Generate deterministic key pair
+    return await generateDeterministicKeyPair(seed, keypairBitLength, primeTestIterations);
+}
+/**
+ * Voting service for deriving and managing Paillier voting keys from ECDH keys.
+ * Web/Browser version using @noble/secp256k1.
+ *
+ * SECURITY ARCHITECTURE:
+ * This service implements a novel but cryptographically sound bridge between
+ * ECDSA/ECDH keys and Paillier homomorphic encryption keys. The construction
+ * uses only proven cryptographic primitives:
+ *
+ * - ECDH (secp256k1): Shared secret computation via @noble/secp256k1
+ * - HKDF (RFC 5869): Cryptographically secure key derivation
+ * - HMAC-DRBG (NIST SP 800-90A): Deterministic random generation
+ * - Miller-Rabin (256 rounds): Primality testing (error < 2^-512)
+ * - Paillier (3072-bit): Homomorphic encryption
+ *
+ * SECURITY GUARANTEES:
+ * - 128-bit security level (equivalent to 3072-bit RSA)
+ * - One-way: Cannot recover ECDH keys from Paillier keys
+ * - Deterministic: Enables key recovery from same ECDH source
+ * - Collision-resistant: Birthday bound ~2^128 operations
+ * - Domain-separated: Cryptographic binding via HKDF info string
+ *
+ * THREAT MODEL:
+ * Protected against: factorization attacks, weak primes, small prime attacks
+ * Timing attacks: Mitigated via constant-time operations where possible
+ * Side-channels: Dependent on @noble/secp256k1 implementation
+ * Quantum: Vulnerable to Shor's algorithm (like all RSA-type systems)
+ *
+ * WEB-SPECIFIC CONSIDERATIONS:
+ * - All cryptographic operations are async
+ * - Uses secp256k1 curve (same as Node.js for cross-platform compatibility)
+ * - Uses @noble/secp256k1 library (already used for ECIES operations)
+ * - DRBG uses proper async factory pattern for HMAC initialization
+ *
+ * For detailed security analysis, see:
+ * docs/SECURITY_ANALYSIS_ECIES_PAILLIER_BRIDGE.md
+ */
+class VotingService {
+    static instance;
+    /**
+     * Get singleton instance of VotingService
+     */
+    static getInstance() {
+        if (!VotingService.instance) {
+            VotingService.instance = new VotingService();
+        }
+        return VotingService.instance;
+    }
+    /**
+     * Derive Paillier voting keys from ECDH key pair.
+     *
+     * @param ecdhPrivKey - ECDH private key (32 bytes for secp256k1)
+     * @param ecdhPubKey - ECDH public key (33/64/65 bytes, compressed or uncompressed)
+     * @param options - Configuration options
+     * @returns Paillier key pair for voting operations
+     */
+    async deriveVotingKeysFromECDH(ecdhPrivKey, ecdhPubKey, options) {
+        return await deriveVotingKeysFromECDH(ecdhPrivKey, ecdhPubKey, options);
+    }
+    /**
+     * HKDF key derivation function (RFC 5869)
+     */
+    async hkdf(secret, salt, info, length, hmacAlgorithm) {
+        return await hkdf(secret, salt, info, length, hmacAlgorithm);
+    }
+    /**
+     * Miller-Rabin primality test
+     */
+    millerRabinTest(n, k) {
+        return (0, voting_utils_1.millerRabinTest)(n, k);
+    }
+    /**
+     * Modular exponentiation
+     */
+    modPow(base, exp, mod) {
+        return (0, voting_utils_1.modPow)(base, exp, mod);
+    }
+    /**
+     * Modular multiplicative inverse
+     */
+    modInverse(a, m) {
+        return (0, voting_utils_1.modInverse)(a, m);
+    }
+    /**
+     * Greatest common divisor
+     */
+    gcd(a, b) {
+        return (0, voting_utils_1.gcd)(a, b);
+    }
+    /**
+     * Least common multiple
+     */
+    lcm(a, b) {
+        return (0, voting_utils_1.lcm)(a, b);
+    }
+    /**
+     * Generate a deterministic prime using DRBG
+     */
+    async generateDeterministicPrime(drbg, numBits, primeTestIterations, maxAttempts) {
+        return await generateDeterministicPrime(drbg, numBits, primeTestIterations, maxAttempts);
+    }
+    /**
+     * Generate a deterministic Paillier key pair from seed
+     */
+    async generateDeterministicKeyPair(seed, bits, primeTestIterations) {
+        return await generateDeterministicKeyPair(seed, bits, primeTestIterations);
+    }
+    /**
+     * Create a secure deterministic random bit generator
+     */
+    async createDRBG(seed, hmacAlgorithm) {
+        return await SecureDeterministicDRBG.create(seed, hmacAlgorithm);
+    }
+    /**
+     * Serialize a Paillier public key to Uint8Array
+     *
+     * SECURITY: Public keys are safe to share. This serialization
+     * format is deterministic and preserves all key information.
+     */
+    votingPublicKeyToBuffer(publicKey) {
+        // Serialize n value as hex string
+        const nHex = publicKey.n.toString(16);
+        // Store length prefix (4 bytes) + hex string as UTF-8
+        const encoder = new TextEncoder();
+        const hexBytes = encoder.encode(nHex);
+        const result = new Uint8Array(4 + hexBytes.length);
+        const view = new DataView(result.buffer);
+        view.setUint32(0, hexBytes.length);
+        result.set(hexBytes, 4);
+        return result;
+    }
+    /**
+     * Deserialize a Paillier public key from Uint8Array
+     */
+    async bufferToVotingPublicKey(buffer) {
+        // Load PublicKey class
+        const { PublicKey } = await import('paillier-bigint');
+        // Read length prefix
+        const view = new DataView(buffer.buffer, buffer.byteOffset, buffer.byteLength);
+        const length = view.getUint32(0);
+        // Read hex string
+        const decoder = new TextDecoder();
+        const nHex = decoder.decode(buffer.slice(4, 4 + length));
+        const n = BigInt('0x' + nHex);
+        // g = n + 1 for simplified Paillier
+        return new PublicKey(n, n + 1n);
+    }
+    /**
+     * Serialize a Paillier private key to Uint8Array
+     *
+     * SECURITY WARNING: Private keys must be kept secret!
+     * - Only serialize for secure storage or transmission
+     * - Encrypt serialized keys before storing or transmitting
+     * - Consider using browser's IndexedDB with encryption
+     * - Never log or expose private keys in client-side code
+     */
+    votingPrivateKeyToBuffer(privateKey) {
+        // Serialize lambda and mu values
+        const lambdaHex = privateKey.lambda.toString(16);
+        const muHex = privateKey.mu.toString(16);
+        const encoder = new TextEncoder();
+        const lambdaBytes = encoder.encode(lambdaHex);
+        const muBytes = encoder.encode(muHex);
+        const result = new Uint8Array(8 + lambdaBytes.length + muBytes.length);
+        const view = new DataView(result.buffer);
+        view.setUint32(0, lambdaBytes.length);
+        result.set(lambdaBytes, 4);
+        view.setUint32(4 + lambdaBytes.length, muBytes.length);
+        result.set(muBytes, 8 + lambdaBytes.length);
+        return result;
+    }
+    /**
+     * Deserialize a Paillier private key from Uint8Array
+     */
+    async bufferToVotingPrivateKey(buffer, publicKey) {
+        // Load PrivateKey class
+        const { PrivateKey } = await import('paillier-bigint');
+        const view = new DataView(buffer.buffer, buffer.byteOffset, buffer.byteLength);
+        const decoder = new TextDecoder();
+        // Read lambda
+        const lambdaLength = view.getUint32(0);
+        const lambdaHex = decoder.decode(buffer.slice(4, 4 + lambdaLength));
+        const lambda = BigInt('0x' + lambdaHex);
+        // Read mu
+        const muLength = view.getUint32(4 + lambdaLength);
+        const muHex = decoder.decode(buffer.slice(8 + lambdaLength, 8 + lambdaLength + muLength));
+        const mu = BigInt('0x' + muHex);
+        return new PrivateKey(lambda, mu, publicKey);
+    }
+    // Aliases for cross-platform compatibility tests
+    async serializePublicKey(publicKey) {
+        return this.votingPublicKeyToBuffer(publicKey);
+    }
+    async deserializePublicKey(buffer) {
+        return this.bufferToVotingPublicKey(buffer);
+    }
+    async serializePrivateKey(privateKey) {
+        return this.votingPrivateKeyToBuffer(privateKey);
+    }
+    async deserializePrivateKey(buffer, publicKey) {
+        return this.bufferToVotingPrivateKey(buffer, publicKey);
+    }
+}
+exports.VotingService = VotingService;
+//# sourceMappingURL=voting.service.js.map

package/src/services/voting.service.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"voting.service.js","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-ecies-lib/src/services/voting.service.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;AA8FH,oBA6BC;AAyGD,gEAqDC;AAKD,oEAsEC;AAqBD,4DAwEC;AA/bD,6DAAuD;AAEvD,kDAOyB;AAIvB,gGAVA,8BAAe,OAUA;AACf,uFAVA,qBAAM,OAUA;AACN,2FAVA,yBAAU,OAUA;AACV,oFAVA,kBAAG,OAUA;AACH,oFAVA,kBAAG,OAUA;AAIL;;;;GAIG;AACH,SAAS,4BAA4B,CAAC,aAAyB;IAC7D,IAAI,aAAa,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QAChC,MAAM,IAAI,KAAK,CAAC,yDAAyD,aAAa,CAAC,MAAM,EAAE,CAAC,CAAC;IACnG,CAAC;IAED,MAAM,MAAM,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;IAChC,IAAI,MAAM,KAAK,IAAI,IAAI,MAAM,KAAK,IAAI,EAAE,CAAC;QACvC,MAAM,IAAI,KAAK,CAAC,+DAA+D,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;IACxG,CAAC;IAED,uBAAuB;IACvB,MAAM,CAAC,GAAG,mEAAmE,CAAC;IAC9E,MAAM,CAAC,GAAG,EAAE,CAAC;IAEb,uBAAuB;IACvB,MAAM,MAAM,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IACtC,IAAI,CAAC,GAAG,EAAE,CAAC;IACX,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACvC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;IACpC,CAAC;IAED,gCAAgC;IAChC,MAAM,QAAQ,GAAG,CAAC,IAAA,qBAAM,EAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IAE5C,6EAA6E;IAC7E,8DAA8D;IAC9D,MAAM,CAAC,GAAG,IAAA,qBAAM,EAAC,QAAQ,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC;IAE7C,kDAAkD;IAClD,MAAM,OAAO,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,KAAK,EAAE,CAAC;IAChC,MAAM,mBAAmB,GAAG,MAAM,KAAK,IAAI,CAAC;IAC5C,MAAM,MAAM,GAAG,OAAO,KAAK,mBAAmB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IAE3D,2CAA2C;IAC3C,MAAM,YAAY,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IACxC,YAAY,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;IAEvB,qBAAqB;IACrB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5B,YAAY,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC;IACpE,CAAC;IAED,qBAAqB;IACrB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5B,YAAY,CAAC,EAAE,GAAG,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,MAAM,IAAI,MAAM,CAAC,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC;IAC1E,CAAC;IAED,OAAO,YAAY,CAAC;AACtB,CAAC;AAED;;;;;;;;;;;;;;;GAeG;AACI,KAAK,UAAU,IAAI,CACxB,MAAkB,EAClB,IAAuB,EACvB,IAAY,EACZ,MAAc,EACd,gBAAwB,SAAS;IAEjC,sBAAsB;IACtB,MAAM,WAAW,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAC/C,KAAK,EACL,MAAM,EACN,EAAE,IAAI,EAAE,MAAM,EAAE,EAChB,KAAK,EACL,CAAC,YAAY,CAAC,CACf,CAAC;IAEF,yBAAyB;IACzB,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,UAAU,CAC5C;QACE,IAAI,EAAE,MAAM;QACZ,IAAI,EAAE,aAAa;QACnB,IAAI,EAAE,IAAI,IAAI,IAAI,UAAU,CAAC,CAAC,CAAC;QAC/B,IAAI,EAAE,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC;KACrC,EACD,WAAW,EACX,MAAM,GAAG,CAAC,CACX,CAAC;IAEF,OAAO,IAAI,UAAU,CAAC,OAAO,CAAC,CAAC;AACjC,CAAC;AAED;;;;;;;;;GASG;AACH,MAAa,uBAAuB;IAC1B,CAAC,CAAa;IACd,CAAC,CAAa;IACL,aAAa,CAAS;IACtB,UAAU,CAAS;IAEpC,YAAoB,IAAgB,EAAE,gBAAwB,SAAS;QACrE,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;QACnC,yCAAyC;QACzC,IAAI,CAAC,UAAU,GAAG,aAAa,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAExD,qBAAqB;QACrB,IAAI,CAAC,CAAC,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACpD,IAAI,CAAC,CAAC,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACtD,CAAC;IAED;;OAEG;IACI,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,IAAgB,EAAE,gBAAwB,SAAS;QAC5E,MAAM,IAAI,GAAG,IAAI,uBAAuB,CAAC,IAAI,EAAE,aAAa,CAAC,CAAC;QAC9D,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACxB,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,KAAK,CAAC,SAAS,CAAC,GAAe,EAAE,IAAgB;QACvD,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAC7C,KAAK,EACL,GAAG,EACH,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,aAAa,EAAE,EAC1C,KAAK,EACL,CAAC,MAAM,CAAC,CACT,CAAC;QACF,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC;QACpE,OAAO,IAAI,UAAU,CAAC,SAAS,CAAC,CAAC;IACnC,CAAC;IAIO,KAAK,CAAC,MAAM,CAAC,YAAyB;QAC5C,0CAA0C;QAC1C,IAAI,IAAI,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,GAAG,CAAC,YAAY,EAAE,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC;QAC3E,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACpB,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC;QAC3B,IAAI,YAAY,EAAE,CAAC;YACjB,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,IAAI,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QAC5C,CAAC;QACD,IAAI,CAAC,CAAC,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;QAE5C,iBAAiB;QACjB,IAAI,CAAC,CAAC,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;QAE9C,IAAI,YAAY,EAAE,CAAC;YACjB,0CAA0C;YAC1C,IAAI,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;YAC/D,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACpB,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC;YAC3B,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,IAAI,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;YAC1C,IAAI,CAAC,CAAC,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;YAE5C,iBAAiB;YACjB,IAAI,CAAC,CAAC,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;QAChD,CAAC;IACH,CAAC;IAEM,KAAK,CAAC,QAAQ,CAAC,QAAgB;QACpC,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,QAAQ,CAAC,CAAC;QACxC,IAAI,MAAM,GAAG,CAAC,CAAC;QAEf,OAAO,MAAM,GAAG,QAAQ,EAAE,CAAC;YACzB,IAAI,CAAC,CAAC,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;YAC9C,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,EAAE,QAAQ,GAAG,MAAM,CAAC,CAAC;YAC9D,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,EAAE,MAAM,CAAC,CAAC;YAChD,MAAM,IAAI,UAAU,CAAC;QACvB,CAAC;QAED,MAAM,IAAI,CAAC,MAAM,EAAE,CAAC;QACpB,OAAO,MAAM,CAAC;IAChB,CAAC;CACF;AA/ED,0DA+EC;AAED;;GAEG;AACH,MAAM,YAAY,GAAG;IACnB,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE,EAAE;IAC9F,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG;IAC7F,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG;CACjD,CAAC;AAEF;;GAEG;AACI,KAAK,UAAU,0BAA0B,CAC9C,IAA6B,EAC7B,OAAe,EACf,sBAA8B,GAAG,EACjC,cAAsB,KAAK;IAE3B,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,GAAG,CAAC,CAAC,CAAC;IACxC,MAAM,UAAU,GAAG,CAAC,IAAI,CAAC,CAAC,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IAE5C,6EAA6E;IAC7E,IAAI,UAAU,GAAkB,IAAI,CAAC;IAErC,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,WAAW,EAAE,OAAO,EAAE,EAAE,CAAC;QACvD,yEAAyE;QACzE,IAAI,UAAU,KAAK,IAAI,EAAE,CAAC;YACxB,0DAA0D;YAC1D,MAAM,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;YAC9B,SAAS;QACX,CAAC;QAED,wBAAwB;QACxB,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAE5C,yCAAyC;QACzC,KAAK,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC;QAEvB,sCAAsC;QACtC,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC;QAE7B,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;QAEtG,mCAAmC;QACnC,IAAI,WAAW,GAAG,KAAK,CAAC;QACxB,KAAK,MAAM,UAAU,IAAI,YAAY,EAAE,CAAC;YACtC,IAAI,SAAS,GAAG,MAAM,CAAC,UAAU,CAAC,KAAK,EAAE,IAAI,SAAS,KAAK,MAAM,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC9E,WAAW,GAAG,IAAI,CAAC;gBACnB,MAAM;YACR,CAAC;QACH,CAAC;QAED,IAAI,WAAW;YAAE,SAAS;QAE1B,8BAA8B;QAC9B,IAAI,IAAA,8BAAe,EAAC,SAAS,EAAE,mBAAmB,CAAC,EAAE,CAAC;YACpD,UAAU,GAAG,SAAS,CAAC;QACzB,CAAC;IACH,CAAC;IAED,IAAI,UAAU,KAAK,IAAI,EAAE,CAAC;QACxB,MAAM,IAAI,KAAK,CAAC,kCAAkC,WAAW,WAAW,CAAC,CAAC;IAC5E,CAAC;IAED,OAAO,UAAU,CAAC;AACpB,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,4BAA4B,CAChD,IAAgB,EAChB,OAAe,IAAI,EACnB,sBAA8B,GAAG;IAEjC,kBAAkB;IAClB,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CAAC,uCAAuC,IAAI,EAAE,MAAM,IAAI,CAAC,EAAE,CAAC,CAAC;IAC9E,CAAC;IACD,IAAI,IAAI,GAAG,IAAI,EAAE,CAAC;QAChB,MAAM,IAAI,KAAK,CAAC,4CAA4C,IAAI,EAAE,CAAC,CAAC;IACtE,CAAC;IACD,IAAI,IAAI,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CAAC,8BAA8B,IAAI,EAAE,CAAC,CAAC;IACxD,CAAC;IACD,IAAI,mBAAmB,GAAG,EAAE,EAAE,CAAC;QAC7B,MAAM,IAAI,KAAK,CAAC,yDAAyD,mBAAmB,EAAE,CAAC,CAAC;IAClG,CAAC;IAED,8DAA8D;IAC9D,IAAI,SAAqD,CAAC;IAC1D,IAAI,UAAuD,CAAC;IAE5D,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,iBAAiB,CAAC,CAAC;QACjD,SAAS,GAAG,QAAQ,CAAC,SAAS,CAAC;QAC/B,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC;IACnC,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CACb,oGAAoG,CACrG,CAAC;IACJ,CAAC;IAED,MAAM,IAAI,GAAG,MAAM,uBAAuB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAExD,2CAA2C;IAC3C,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC;IACvC,MAAM,CAAC,GAAG,MAAM,0BAA0B,CAAC,IAAI,EAAE,SAAS,EAAE,mBAAmB,CAAC,CAAC;IACjF,MAAM,CAAC,GAAG,MAAM,0BAA0B,CAAC,IAAI,EAAE,SAAS,EAAE,mBAAmB,CAAC,CAAC;IAEjF,sBAAsB;IACtB,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAEhB,mCAAmC;IACnC,MAAM,MAAM,GAAG,IAAA,kBAAG,EAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;IAEnC,0CAA0C;IAC1C,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC;IAEjB,gDAAgD;IAChD,uBAAuB;IACvB,MAAM,QAAQ,GAAG,CAAC,GAAG,CAAC,CAAC;IACvB,MAAM,OAAO,GAAG,IAAA,qBAAM,EAAC,CAAC,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;IAC5C,MAAM,CAAC,GAAG,CAAC,OAAO,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IAC7B,MAAM,EAAE,GAAG,IAAA,yBAAU,EAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IAE5B,kBAAkB;IAClB,MAAM,SAAS,GAAG,IAAI,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACtC,MAAM,UAAU,GAAG,IAAI,UAAU,CAAC,MAAM,EAAE,EAAE,EAAE,SAAS,CAAC,CAAC;IAEzD,2CAA2C;IAC3C,MAAM,aAAa,GAAG,GAAG,CAAC;IAC1B,MAAM,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;IACnD,MAAM,SAAS,GAAG,UAAU,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAEhD,IAAI,SAAS,KAAK,aAAa,EAAE,CAAC;QAChC,MAAM,IAAI,KAAK,CAAC,iEAAiE,CAAC,CAAC;IACrF,CAAC;IAED,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,CAAC;AACnC,CAAC;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACI,KAAK,UAAU,wBAAwB,CAC5C,WAAuB,EACvB,UAAsB,EACtB,UAAmC,EAAE;IAErC,MAAM,EACJ,SAAS,GAAG,WAAW,EAAE,gDAAgD;IACzE,cAAc,GAAG,IAAI,EACrB,kBAAkB,GAAG,EAAE,EACvB,eAAe,GAAG,EAAE,EACpB,aAAa,GAAG,SAAS,EACzB,QAAQ,GAAG,kBAAkB,EAC7B,UAAU,GAAG,EAAE,EACf,gBAAgB,GAAG,IAAI,EACvB,mBAAmB,GAAG,GAAG,GAC1B,GAAG,OAAO,CAAC;IAEZ,4CAA4C;IAC5C,IAAI,CAAC,WAAW,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC7C,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;IAClD,CAAC;IAED,uDAAuD;IACvD,IAAI,WAAW,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CAAC,2DAA2D,WAAW,CAAC,MAAM,EAAE,CAAC,CAAC;IACnG,CAAC;IAED,IAAI,CAAC,UAAU,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC3C,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;IACjD,CAAC;IAED,4EAA4E;IAC5E,wCAAwC;IACxC,IAAI,gBAA4B,CAAC;IAEjC,IAAI,UAAU,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QAC7B,0DAA0D;QAC1D,gBAAgB,GAAG,UAAU,CAAC;IAEhC,CAAC;SAAM,IAAI,UAAU,CAAC,MAAM,KAAK,eAAe,IAAI,UAAU,CAAC,CAAC,CAAC,KAAK,cAAc,EAAE,CAAC;QACrF,wEAAwE;QACxE,gBAAgB,GAAG,UAAU,CAAC;IAEhC,CAAC;SAAM,IAAI,UAAU,CAAC,MAAM,KAAK,kBAAkB,EAAE,CAAC;QACpD,uCAAuC;QACvC,gBAAgB,GAAG,IAAI,UAAU,CAAC,eAAe,CAAC,CAAC;QACnD,gBAAgB,CAAC,CAAC,CAAC,GAAG,cAAc,CAAC;QACrC,gBAAgB,CAAC,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC;IAEtC,CAAC;SAAM,CAAC;QACN,MAAM,IAAI,KAAK,CACb,2HAA2H,UAAU,CAAC,MAAM,EAAE,CAC/I,CAAC;IACJ,CAAC;IAED,gFAAgF;IAChF,MAAM,YAAY,GAAG,wBAAS,CAAC,eAAe,CAAC,WAAW,EAAE,gBAAgB,EAAE,KAAK,CAAC,CAAC;IAErF,yFAAyF;IACzF,MAAM,iBAAiB,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAEhD,yBAAyB;IACzB,MAAM,IAAI,GAAG,MAAM,IAAI,CACrB,YAAY,EACZ,IAAI,EACJ,QAAQ,EACR,UAAU,EACV,aAAa,CACd,CAAC;IAEF,kCAAkC;IAClC,OAAO,MAAM,4BAA4B,CAAC,IAAI,EAAE,gBAAgB,EAAE,mBAAmB,CAAC,CAAC;AACzF,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG;AACH,MAAa,aAAa;IAChB,MAAM,CAAC,QAAQ,CAAiB;IAExC;;OAEG;IACI,MAAM,CAAC,WAAW;QACvB,IAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,CAAC;YAC5B,aAAa,CAAC,QAAQ,GAAG,IAAI,aAAa,EAAE,CAAC;QAC/C,CAAC;QACD,OAAO,aAAa,CAAC,QAAQ,CAAC;IAChC,CAAC;IAED;;;;;;;OAOG;IACI,KAAK,CAAC,wBAAwB,CACnC,WAAuB,EACvB,UAAsB,EACtB,OAAiC;QAEjC,OAAO,MAAM,wBAAwB,CAAC,WAAW,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;IAC1E,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,IAAI,CACf,MAAkB,EAClB,IAAuB,EACvB,IAAY,EACZ,MAAc,EACd,aAAsB;QAEtB,OAAO,MAAM,IAAI,CAAC,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,aAAa,CAAC,CAAC;IAC/D,CAAC;IAED;;OAEG;IACI,eAAe,CAAC,CAAS,EAAE,CAAS;QACzC,OAAO,IAAA,8BAAe,EAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IAC/B,CAAC;IAED;;OAEG;IACI,MAAM,CAAC,IAAY,EAAE,GAAW,EAAE,GAAW;QAClD,OAAO,IAAA,qBAAM,EAAC,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IAChC,CAAC;IAED;;OAEG;IACI,UAAU,CAAC,CAAS,EAAE,CAAS;QACpC,OAAO,IAAA,yBAAU,EAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IAC1B,CAAC;IAED;;OAEG;IACI,GAAG,CAAC,CAAS,EAAE,CAAS;QAC7B,OAAO,IAAA,kBAAG,EAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACnB,CAAC;IAED;;OAEG;IACI,GAAG,CAAC,CAAS,EAAE,CAAS;QAC7B,OAAO,IAAA,kBAAG,EAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACnB,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,0BAA0B,CACrC,IAA6B,EAC7B,OAAe,EACf,mBAA4B,EAC5B,WAAoB;QAEpB,OAAO,MAAM,0BAA0B,CAAC,IAAI,EAAE,OAAO,EAAE,mBAAmB,EAAE,WAAW,CAAC,CAAC;IAC3F,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,4BAA4B,CACvC,IAAgB,EAChB,IAAa,EACb,mBAA4B;QAE5B,OAAO,MAAM,4BAA4B,CAAC,IAAI,EAAE,IAAI,EAAE,mBAAmB,CAAC,CAAC;IAC7E,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,UAAU,CAAC,IAAgB,EAAE,aAAsB;QAC9D,OAAO,MAAM,uBAAuB,CAAC,MAAM,CAAC,IAAI,EAAE,aAAa,CAAC,CAAC;IACnE,CAAC;IAED;;;;;OAKG;IACI,uBAAuB,CAAC,SAAoB;QACjD,kCAAkC;QAClC,MAAM,IAAI,GAAG,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QACtC,sDAAsD;QACtD,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;QAClC,MAAM,QAAQ,GAAG,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACtC,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,CAAC,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC;QACnD,MAAM,IAAI,GAAG,IAAI,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QACzC,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC;QACnC,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QACxB,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,uBAAuB,CAAC,MAAkB;QACrD,uBAAuB;QACvB,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,MAAM,CAAC,iBAAiB,CAAC,CAAC;QAEtD,qBAAqB;QACrB,MAAM,IAAI,GAAG,IAAI,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,UAAU,CAAC,CAAC;QAC/E,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;QACjC,kBAAkB;QAClB,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;QAClC,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC;QACzD,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC;QAE9B,oCAAoC;QACpC,OAAO,IAAI,SAAS,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;IAClC,CAAC;IAED;;;;;;;;OAQG;IACI,wBAAwB,CAAC,UAAsB;QACpD,iCAAiC;QACjC,MAAM,SAAS,GAAG,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QACjD,MAAM,KAAK,GAAG,UAAU,CAAC,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QAEzC,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;QAClC,MAAM,WAAW,GAAG,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAC9C,MAAM,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAEtC,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,CAAC,GAAG,WAAW,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;QACvE,MAAM,IAAI,GAAG,IAAI,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAEzC,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC;QACtC,MAAM,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;QAC3B,IAAI,CAAC,SAAS,CAAC,CAAC,GAAG,WAAW,CAAC,MAAM,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;QACvD,MAAM,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;QAE5C,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,wBAAwB,CAAC,MAAkB,EAAE,SAAoB;QAC5E,wBAAwB;QACxB,MAAM,EAAE,UAAU,EAAE,GAAG,MAAM,MAAM,CAAC,iBAAiB,CAAC,CAAC;QAEvD,MAAM,IAAI,GAAG,IAAI,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,UAAU,CAAC,CAAC;QAC/E,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;QAElC,cAAc;QACd,MAAM,YAAY,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;QACvC,MAAM,SAAS,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,YAAY,CAAC,CAAC,CAAC;QACpE,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,GAAG,SAAS,CAAC,CAAC;QAExC,UAAU;QACV,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,GAAG,YAAY,CAAC,CAAC;QAClD,MAAM,KAAK,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,GAAG,YAAY,EAAE,CAAC,GAAG,YAAY,GAAG,QAAQ,CAAC,CAAC,CAAC;QAC1F,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,GAAG,KAAK,CAAC,CAAC;QAEhC,OAAO,IAAI,UAAU,CAAC,MAAM,EAAE,EAAE,EAAE,SAAS,CAAC,CAAC;IAC/C,CAAC;IAED,iDAAiD;IAC1C,KAAK,CAAC,kBAAkB,CAAC,SAAoB;QAClD,OAAO,IAAI,CAAC,uBAAuB,CAAC,SAAS,CAAC,CAAC;IACjD,CAAC;IAEM,KAAK,CAAC,oBAAoB,CAAC,MAAkB;QAClD,OAAO,IAAI,CAAC,uBAAuB,CAAC,MAAM,CAAC,CAAC;IAC9C,CAAC;IAEM,KAAK,CAAC,mBAAmB,CAAC,UAAsB;QACrD,OAAO,IAAI,CAAC,wBAAwB,CAAC,UAAU,CAAC,CAAC;IACnD,CAAC;IAEM,KAAK,CAAC,qBAAqB,CAAC,MAAkB,EAAE,SAAoB;QACzE,OAAO,IAAI,CAAC,wBAAwB,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IAC1D,CAAC;CACF;AArND,sCAqNC"}

package/src/voting-utils.d.ts ADDED Viewed

@@ -0,0 +1,86 @@
+/**
+ * Voting utilities for deriving Paillier keys from ECDH keys.
+ * This module provides cryptographic bridge functions to derive
+ * homomorphic encryption keys from ECDSA/ECDH key pairs.
+ *
+ * Note: Requires paillier-bigint as an optional peer dependency.
+ */
+import type { KeyPair } from 'paillier-bigint';
+/**
+ * HKDF implementation following RFC 5869
+ *
+ * SECURITY: This is a cryptographically secure key derivation function.
+ * - Platform-specific implementations (Web Crypto API for browser, Node crypto for server)
+ * - Provides pseudorandomness indistinguishable from random
+ * - One-way: computationally infeasible to recover IKM from OKM
+ * - Domain separation via 'info' parameter
+ *
+ * @param secret - The input key material
+ * @param salt - Optional salt value (non-secret random value)
+ * @param info - Optional context and application specific information
+ * @param length - Length of output keying material in bytes
+ * @param hmacAlgorithm - HMAC algorithm to use (default: 'sha512')
+ * @returns Derived key material
+ */
+export declare function hkdf(secret: Uint8Array, salt: Uint8Array | null, info: string, length: number, hmacAlgorithm?: string): Uint8Array;
+/**
+ * Miller-Rabin primality test with deterministic witnesses
+ *
+ * SECURITY: With k=256 rounds, probability of false positive is < 2^-512
+ * (more likely: cosmic ray bit flip or hardware failure)
+ *
+ * @param n - Number to test for primality
+ * @param k - Number of rounds (witnesses to test)
+ * @returns true if n is probably prime, false if definitely composite
+ */
+export declare function millerRabinTest(n: bigint, k: number): boolean;
+/**
+ * Modular exponentiation: (base^exp) mod mod
+ */
+export declare function modPow(base: bigint, exp: bigint, mod: bigint): bigint;
+/**
+ * Extended Euclidean algorithm to find modular multiplicative inverse
+ */
+export declare function modInverse(a: bigint, m: bigint): bigint;
+/**
+ * Greatest common divisor using Euclidean algorithm
+ */
+export declare function gcd(a: bigint, b: bigint): bigint;
+/**
+ * Least common multiple
+ */
+export declare function lcm(a: bigint, b: bigint): bigint;
+/**
+ * Derive Paillier voting keys from ECDH key pair.
+ * This is the core bridge function that connects ECDSA/ECDH keys
+ * to homomorphic encryption keys for secure voting systems.
+ *
+ * @param ecdhPrivKey - ECDH private key
+ * @param ecdhPubKey - ECDH public key (with or without 0x04 prefix)
+ * @param options - Configuration options
+ * @returns Paillier key pair for voting operations
+ */
+export interface DeriveVotingKeysOptions {
+    /** Curve name (default: 'secp256k1') */
+    curveName?: string;
+    /** ECIES public key magic byte (default: 0x04) */
+    publicKeyMagic?: number;
+    /** Raw public key length without prefix (default: 64) */
+    rawPublicKeyLength?: number;
+    /** Public key length with prefix (default: 65) */
+    publicKeyLength?: number;
+    /** HMAC algorithm for HKDF (default: 'sha512') */
+    hmacAlgorithm?: string;
+    /** HKDF info string (default: 'PaillierPrimeGen') */
+    hkdfInfo?: string;
+    /** HKDF output length (default: 64) */
+    hkdfLength?: number;
+    /** Key pair bit length (default: 3072) */
+    keypairBitLength?: number;
+    /** Prime test iterations (default: 256) */
+    primeTestIterations?: number;
+    /** Max attempts to generate prime (default: 20000) */
+    maxPrimeAttempts?: number;
+}
+export declare function deriveVotingKeysFromECDH(ecdhPrivKey: Uint8Array, ecdhPubKey: Uint8Array, options?: DeriveVotingKeysOptions): KeyPair;
+//# sourceMappingURL=voting-utils.d.ts.map

package/src/voting-utils.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"voting-utils.d.ts","sourceRoot":"","sources":["../../../../packages/digitaldefiance-ecies-lib/src/voting-utils.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAyB,MAAM,iBAAiB,CAAC;AAEtE;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,IAAI,CAClB,MAAM,EAAE,UAAU,EAClB,IAAI,EAAE,UAAU,GAAG,IAAI,EACvB,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,MAAM,EACd,aAAa,GAAE,MAAiB,GAC/B,UAAU,CAIZ;AAED;;;;;;;;;GASG;AACH,wBAAgB,eAAe,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,GAAG,OAAO,CAoC7D;AAED;;GAEG;AACH,wBAAgB,MAAM,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,MAAM,CAYrE;AAED;;GAEG;AACH,wBAAgB,UAAU,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,GAAG,MAAM,CAoBvD;AAED;;GAEG;AACH,wBAAgB,GAAG,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,GAAG,MAAM,CAUhD;AAED;;GAEG;AACH,wBAAgB,GAAG,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,GAAG,MAAM,CAEhD;AAED;;;;;;;;;GASG;AACH,MAAM,WAAW,uBAAuB;IACtC,wCAAwC;IACxC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,kDAAkD;IAClD,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,yDAAyD;IACzD,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,kDAAkD;IAClD,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,kDAAkD;IAClD,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,qDAAqD;IACrD,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,uCAAuC;IACvC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,0CAA0C;IAC1C,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,2CAA2C;IAC3C,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,sDAAsD;IACtD,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B;AAED,wBAAgB,wBAAwB,CACtC,WAAW,EAAE,UAAU,EACvB,UAAU,EAAE,UAAU,EACtB,OAAO,GAAE,uBAA4B,GACpC,OAAO,CAIT"}