@digitaldefiance/node-ecies-lib 4.5.19 → 4.6.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +5 -5
- package/src/builders/ecies-builder.d.ts +11 -0
- package/src/builders/ecies-builder.d.ts.map +1 -0
- package/src/builders/ecies-builder.js +26 -0
- package/src/builders/ecies-builder.js.map +1 -0
- package/src/builders/index.d.ts +3 -0
- package/src/builders/index.d.ts.map +1 -0
- package/src/builders/index.js +6 -0
- package/src/builders/index.js.map +1 -0
- package/src/builders/member-builder.d.ts +47 -0
- package/src/builders/member-builder.d.ts.map +1 -0
- package/src/builders/member-builder.js +99 -0
- package/src/builders/member-builder.js.map +1 -0
- package/src/constants.d.ts +38 -0
- package/src/constants.d.ts.map +1 -0
- package/src/constants.js +196 -0
- package/src/constants.js.map +1 -0
- package/src/core/errors/crypto-error.d.ts +6 -0
- package/src/core/errors/crypto-error.d.ts.map +1 -0
- package/src/core/errors/crypto-error.js +15 -0
- package/src/core/errors/crypto-error.js.map +1 -0
- package/src/core/index.d.ts +3 -0
- package/src/core/index.d.ts.map +1 -0
- package/src/core/index.js +6 -0
- package/src/core/index.js.map +1 -0
- package/src/core/types/result.d.ts +8 -0
- package/src/core/types/result.d.ts.map +1 -0
- package/src/core/types/result.js +3 -0
- package/src/core/types/result.js.map +1 -0
- package/src/enumerations/index.d.ts +3 -0
- package/src/enumerations/index.d.ts.map +1 -0
- package/src/enumerations/index.js +6 -0
- package/src/enumerations/index.js.map +1 -0
- package/src/enumerations/pbkdf2-profile.d.ts +9 -0
- package/src/enumerations/pbkdf2-profile.d.ts.map +1 -0
- package/src/enumerations/pbkdf2-profile.js +13 -0
- package/src/enumerations/pbkdf2-profile.js.map +1 -0
- package/src/enumerations/voting-error-type.d.ts +37 -0
- package/src/enumerations/voting-error-type.d.ts.map +1 -0
- package/src/enumerations/voting-error-type.js +48 -0
- package/src/enumerations/voting-error-type.js.map +1 -0
- package/src/errors/index.d.ts +2 -0
- package/src/errors/index.d.ts.map +1 -0
- package/src/errors/index.js +5 -0
- package/src/errors/index.js.map +1 -0
- package/src/errors/voting.d.ts +16 -0
- package/src/errors/voting.d.ts.map +1 -0
- package/src/errors/voting.js +27 -0
- package/src/errors/voting.js.map +1 -0
- package/src/i18n/ecies-i18n-factory.d.ts +28 -0
- package/src/i18n/ecies-i18n-factory.d.ts.map +1 -0
- package/src/i18n/ecies-i18n-factory.js +90 -0
- package/src/i18n/ecies-i18n-factory.js.map +1 -0
- package/src/i18n/index.d.ts +3 -0
- package/src/i18n/index.d.ts.map +1 -0
- package/src/i18n/index.js +8 -0
- package/src/i18n/index.js.map +1 -0
- package/src/i18n/node-ecies-i18n-setup.d.ts +5 -0
- package/src/i18n/node-ecies-i18n-setup.d.ts.map +1 -0
- package/src/i18n/node-ecies-i18n-setup.js +48 -0
- package/src/i18n/node-ecies-i18n-setup.js.map +1 -0
- package/src/i18n/node-keys.d.ts +57 -0
- package/src/i18n/node-keys.d.ts.map +1 -0
- package/src/i18n/node-keys.js +67 -0
- package/src/i18n/node-keys.js.map +1 -0
- package/src/i18n/translations/de.d.ts +3 -0
- package/src/i18n/translations/de.d.ts.map +1 -0
- package/src/i18n/translations/de.js +57 -0
- package/src/i18n/translations/de.js.map +1 -0
- package/src/i18n/translations/en-GB.d.ts +3 -0
- package/src/i18n/translations/en-GB.d.ts.map +1 -0
- package/src/i18n/translations/en-GB.js +61 -0
- package/src/i18n/translations/en-GB.js.map +1 -0
- package/src/i18n/translations/en-US.d.ts +6 -0
- package/src/i18n/translations/en-US.d.ts.map +1 -0
- package/src/i18n/translations/en-US.js +65 -0
- package/src/i18n/translations/en-US.js.map +1 -0
- package/src/i18n/translations/es.d.ts +3 -0
- package/src/i18n/translations/es.d.ts.map +1 -0
- package/src/i18n/translations/es.js +57 -0
- package/src/i18n/translations/es.js.map +1 -0
- package/src/i18n/translations/fr.d.ts +3 -0
- package/src/i18n/translations/fr.d.ts.map +1 -0
- package/src/i18n/translations/fr.js +57 -0
- package/src/i18n/translations/fr.js.map +1 -0
- package/src/i18n/translations/index.d.ts +9 -0
- package/src/i18n/translations/index.d.ts.map +1 -0
- package/src/i18n/translations/index.js +20 -0
- package/src/i18n/translations/index.js.map +1 -0
- package/src/i18n/translations/ja.d.ts +3 -0
- package/src/i18n/translations/ja.d.ts.map +1 -0
- package/src/i18n/translations/ja.js +57 -0
- package/src/i18n/translations/ja.js.map +1 -0
- package/src/i18n/translations/uk.d.ts +3 -0
- package/src/i18n/translations/uk.d.ts.map +1 -0
- package/src/i18n/translations/uk.js +57 -0
- package/src/i18n/translations/uk.js.map +1 -0
- package/src/i18n/translations/zh-cn.d.ts +3 -0
- package/src/i18n/translations/zh-cn.d.ts.map +1 -0
- package/src/i18n/translations/zh-cn.js +57 -0
- package/src/i18n/translations/zh-cn.js.map +1 -0
- package/src/i18n-setup.d.ts +26 -0
- package/src/i18n-setup.d.ts.map +1 -0
- package/src/i18n-setup.js +111 -0
- package/src/i18n-setup.js.map +1 -0
- package/src/index.d.ts +21 -0
- package/src/index.d.ts.map +1 -0
- package/src/index.js +36 -0
- package/src/index.js.map +1 -0
- package/src/interfaces/authenticated-cipher.d.ts +12 -0
- package/src/interfaces/authenticated-cipher.d.ts.map +1 -0
- package/src/interfaces/authenticated-cipher.js +3 -0
- package/src/interfaces/authenticated-cipher.js.map +1 -0
- package/src/interfaces/authenticated-decipher.d.ts +11 -0
- package/src/interfaces/authenticated-decipher.d.ts.map +1 -0
- package/src/interfaces/authenticated-decipher.js +3 -0
- package/src/interfaces/authenticated-decipher.js.map +1 -0
- package/src/interfaces/backend-member-operational.d.ts +48 -0
- package/src/interfaces/backend-member-operational.d.ts.map +1 -0
- package/src/interfaces/backend-member-operational.js +3 -0
- package/src/interfaces/backend-member-operational.js.map +1 -0
- package/src/interfaces/checksum-config.d.ts +5 -0
- package/src/interfaces/checksum-config.d.ts.map +1 -0
- package/src/interfaces/checksum-config.js +3 -0
- package/src/interfaces/checksum-config.js.map +1 -0
- package/src/interfaces/checksum-consts.d.ts +11 -0
- package/src/interfaces/checksum-consts.d.ts.map +1 -0
- package/src/interfaces/checksum-consts.js +3 -0
- package/src/interfaces/checksum-consts.js.map +1 -0
- package/src/interfaces/constants.d.ts +52 -0
- package/src/interfaces/constants.d.ts.map +1 -0
- package/src/interfaces/constants.js +3 -0
- package/src/interfaces/constants.js.map +1 -0
- package/src/interfaces/ecies-consts.d.ts +88 -0
- package/src/interfaces/ecies-consts.d.ts.map +1 -0
- package/src/interfaces/ecies-consts.js +3 -0
- package/src/interfaces/ecies-consts.js.map +1 -0
- package/src/interfaces/encrypted-chunk.d.ts +12 -0
- package/src/interfaces/encrypted-chunk.d.ts.map +1 -0
- package/src/interfaces/encrypted-chunk.js +3 -0
- package/src/interfaces/encrypted-chunk.js.map +1 -0
- package/src/interfaces/encryption-consts.d.ts +11 -0
- package/src/interfaces/encryption-consts.d.ts.map +1 -0
- package/src/interfaces/encryption-consts.js +3 -0
- package/src/interfaces/encryption-consts.js.map +1 -0
- package/src/interfaces/index.d.ts +31 -0
- package/src/interfaces/index.d.ts.map +1 -0
- package/src/interfaces/index.js +33 -0
- package/src/interfaces/index.js.map +1 -0
- package/src/interfaces/keypair-buffer-with-un-encrypted-private-key.d.ts +6 -0
- package/src/interfaces/keypair-buffer-with-un-encrypted-private-key.d.ts.map +1 -0
- package/src/interfaces/keypair-buffer-with-un-encrypted-private-key.js +3 -0
- package/src/interfaces/keypair-buffer-with-un-encrypted-private-key.js.map +1 -0
- package/src/interfaces/keyring-consts.d.ts +6 -0
- package/src/interfaces/keyring-consts.d.ts.map +1 -0
- package/src/interfaces/keyring-consts.js +3 -0
- package/src/interfaces/keyring-consts.js.map +1 -0
- package/src/interfaces/member-with-mnemonic.d.ts +7 -0
- package/src/interfaces/member-with-mnemonic.d.ts.map +1 -0
- package/src/interfaces/member-with-mnemonic.js +3 -0
- package/src/interfaces/member-with-mnemonic.js.map +1 -0
- package/src/interfaces/member.d.ts +47 -0
- package/src/interfaces/member.d.ts.map +1 -0
- package/src/interfaces/member.js +3 -0
- package/src/interfaces/member.js.map +1 -0
- package/src/interfaces/multi-encrypted-message.d.ts +8 -0
- package/src/interfaces/multi-encrypted-message.d.ts.map +1 -0
- package/src/interfaces/multi-encrypted-message.js +3 -0
- package/src/interfaces/multi-encrypted-message.js.map +1 -0
- package/src/interfaces/multi-encrypted-parsed-header.d.ts +27 -0
- package/src/interfaces/multi-encrypted-parsed-header.d.ts.map +1 -0
- package/src/interfaces/multi-encrypted-parsed-header.js +3 -0
- package/src/interfaces/multi-encrypted-parsed-header.js.map +1 -0
- package/src/interfaces/multi-recipient-chunk.d.ts +26 -0
- package/src/interfaces/multi-recipient-chunk.d.ts.map +1 -0
- package/src/interfaces/multi-recipient-chunk.js +15 -0
- package/src/interfaces/multi-recipient-chunk.js.map +1 -0
- package/src/interfaces/pbkdf-profiles.d.ts +6 -0
- package/src/interfaces/pbkdf-profiles.d.ts.map +1 -0
- package/src/interfaces/pbkdf-profiles.js +3 -0
- package/src/interfaces/pbkdf-profiles.js.map +1 -0
- package/src/interfaces/pbkdf2-result.d.ts +6 -0
- package/src/interfaces/pbkdf2-result.d.ts.map +1 -0
- package/src/interfaces/pbkdf2-result.js +3 -0
- package/src/interfaces/pbkdf2-result.js.map +1 -0
- package/src/interfaces/signing-key-private-key-info.d.ts +11 -0
- package/src/interfaces/signing-key-private-key-info.d.ts.map +1 -0
- package/src/interfaces/signing-key-private-key-info.js +3 -0
- package/src/interfaces/signing-key-private-key-info.js.map +1 -0
- package/src/interfaces/simple-keypair-buffer.d.ts +6 -0
- package/src/interfaces/simple-keypair-buffer.d.ts.map +1 -0
- package/src/interfaces/simple-keypair-buffer.js +3 -0
- package/src/interfaces/simple-keypair-buffer.js.map +1 -0
- package/src/interfaces/simple-keypair.d.ts +6 -0
- package/src/interfaces/simple-keypair.d.ts.map +1 -0
- package/src/interfaces/simple-keypair.js +3 -0
- package/src/interfaces/simple-keypair.js.map +1 -0
- package/src/interfaces/simple-public-key-only-buffer.d.ts +4 -0
- package/src/interfaces/simple-public-key-only-buffer.d.ts.map +1 -0
- package/src/interfaces/simple-public-key-only-buffer.js +3 -0
- package/src/interfaces/simple-public-key-only-buffer.js.map +1 -0
- package/src/interfaces/simple-public-key-only.d.ts +4 -0
- package/src/interfaces/simple-public-key-only.d.ts.map +1 -0
- package/src/interfaces/simple-public-key-only.js +3 -0
- package/src/interfaces/simple-public-key-only.js.map +1 -0
- package/src/interfaces/single-encrypted-parsed-header.d.ts +35 -0
- package/src/interfaces/single-encrypted-parsed-header.d.ts.map +1 -0
- package/src/interfaces/single-encrypted-parsed-header.js +3 -0
- package/src/interfaces/single-encrypted-parsed-header.js.map +1 -0
- package/src/interfaces/stream-config.d.ts +6 -0
- package/src/interfaces/stream-config.d.ts.map +1 -0
- package/src/interfaces/stream-config.js +8 -0
- package/src/interfaces/stream-config.js.map +1 -0
- package/src/interfaces/stream-progress.d.ts +22 -0
- package/src/interfaces/stream-progress.d.ts.map +1 -0
- package/src/interfaces/stream-progress.js +3 -0
- package/src/interfaces/stream-progress.js.map +1 -0
- package/src/interfaces/voting-consts.d.ts +86 -0
- package/src/interfaces/voting-consts.d.ts.map +1 -0
- package/src/interfaces/voting-consts.js +27 -0
- package/src/interfaces/voting-consts.js.map +1 -0
- package/src/interfaces/wallet-seed.d.ts +7 -0
- package/src/interfaces/wallet-seed.d.ts.map +1 -0
- package/src/interfaces/wallet-seed.js +3 -0
- package/src/interfaces/wallet-seed.js.map +1 -0
- package/src/interfaces/wrapped-key-consts.d.ts +7 -0
- package/src/interfaces/wrapped-key-consts.d.ts.map +1 -0
- package/src/interfaces/wrapped-key-consts.js +3 -0
- package/src/interfaces/wrapped-key-consts.js.map +1 -0
- package/src/isolated-private.d.ts +62 -0
- package/src/isolated-private.d.ts.map +1 -0
- package/src/isolated-private.js +139 -0
- package/src/isolated-private.js.map +1 -0
- package/src/isolated-public.d.ts +118 -0
- package/src/isolated-public.d.ts.map +1 -0
- package/src/isolated-public.js +317 -0
- package/src/isolated-public.js.map +1 -0
- package/src/lib/crypto-container.d.ts +13 -0
- package/src/lib/crypto-container.d.ts.map +1 -0
- package/src/lib/crypto-container.js +32 -0
- package/src/lib/crypto-container.js.map +1 -0
- package/src/lib/index.d.ts +4 -0
- package/src/lib/index.d.ts.map +1 -0
- package/src/lib/index.js +7 -0
- package/src/lib/index.js.map +1 -0
- package/src/lib/invariant-validator.d.ts +69 -0
- package/src/lib/invariant-validator.d.ts.map +1 -0
- package/src/lib/invariant-validator.js +98 -0
- package/src/lib/invariant-validator.js.map +1 -0
- package/src/lib/invariants/index.d.ts +8 -0
- package/src/lib/invariants/index.d.ts.map +1 -0
- package/src/lib/invariants/index.js +12 -0
- package/src/lib/invariants/index.js.map +1 -0
- package/src/lib/invariants/recipient-id-consistency.d.ts +41 -0
- package/src/lib/invariants/recipient-id-consistency.d.ts.map +1 -0
- package/src/lib/invariants/recipient-id-consistency.js +75 -0
- package/src/lib/invariants/recipient-id-consistency.js.map +1 -0
- package/src/member.d.ts +100 -0
- package/src/member.d.ts.map +1 -0
- package/src/member.js +345 -0
- package/src/member.js.map +1 -0
- package/src/services/aes-gcm.d.ts +66 -0
- package/src/services/aes-gcm.d.ts.map +1 -0
- package/src/services/aes-gcm.js +161 -0
- package/src/services/aes-gcm.js.map +1 -0
- package/src/services/chunk-processor.d.ts +15 -0
- package/src/services/chunk-processor.d.ts.map +1 -0
- package/src/services/chunk-processor.js +36 -0
- package/src/services/chunk-processor.js.map +1 -0
- package/src/services/ecies/crypto-core.d.ts +104 -0
- package/src/services/ecies/crypto-core.d.ts.map +1 -0
- package/src/services/ecies/crypto-core.js +234 -0
- package/src/services/ecies/crypto-core.js.map +1 -0
- package/src/services/ecies/file.d.ts +30 -0
- package/src/services/ecies/file.d.ts.map +1 -0
- package/src/services/ecies/file.js +112 -0
- package/src/services/ecies/file.js.map +1 -0
- package/src/services/ecies/index.d.ts +8 -0
- package/src/services/ecies/index.d.ts.map +1 -0
- package/src/services/ecies/index.js +11 -0
- package/src/services/ecies/index.js.map +1 -0
- package/src/services/ecies/multi-recipient.d.ts +84 -0
- package/src/services/ecies/multi-recipient.d.ts.map +1 -0
- package/src/services/ecies/multi-recipient.js +502 -0
- package/src/services/ecies/multi-recipient.js.map +1 -0
- package/src/services/ecies/service.d.ts +75 -0
- package/src/services/ecies/service.d.ts.map +1 -0
- package/src/services/ecies/service.js +152 -0
- package/src/services/ecies/service.js.map +1 -0
- package/src/services/ecies/signature.d.ts +38 -0
- package/src/services/ecies/signature.d.ts.map +1 -0
- package/src/services/ecies/signature.js +70 -0
- package/src/services/ecies/signature.js.map +1 -0
- package/src/services/ecies/single-recipient.d.ts +83 -0
- package/src/services/ecies/single-recipient.d.ts.map +1 -0
- package/src/services/ecies/single-recipient.js +452 -0
- package/src/services/ecies/single-recipient.js.map +1 -0
- package/src/services/ecies/utilities.d.ts +33 -0
- package/src/services/ecies/utilities.d.ts.map +1 -0
- package/src/services/ecies/utilities.js +91 -0
- package/src/services/ecies/utilities.js.map +1 -0
- package/src/services/encryption-stream.d.ts +33 -0
- package/src/services/encryption-stream.d.ts.map +1 -0
- package/src/services/encryption-stream.js +211 -0
- package/src/services/encryption-stream.js.map +1 -0
- package/src/services/index.d.ts +9 -0
- package/src/services/index.d.ts.map +1 -0
- package/src/services/index.js +14 -0
- package/src/services/index.js.map +1 -0
- package/src/services/multi-recipient-processor.d.ts +72 -0
- package/src/services/multi-recipient-processor.d.ts.map +1 -0
- package/src/services/multi-recipient-processor.js +325 -0
- package/src/services/multi-recipient-processor.js.map +1 -0
- package/src/services/pbkdf2.d.ts +105 -0
- package/src/services/pbkdf2.d.ts.map +1 -0
- package/src/services/pbkdf2.js +191 -0
- package/src/services/pbkdf2.js.map +1 -0
- package/src/services/progress-tracker.d.ts +14 -0
- package/src/services/progress-tracker.d.ts.map +1 -0
- package/src/services/progress-tracker.js +94 -0
- package/src/services/progress-tracker.js.map +1 -0
- package/src/services/voting.service.d.ts +262 -0
- package/src/services/voting.service.d.ts.map +1 -0
- package/src/services/voting.service.js +791 -0
- package/src/services/voting.service.js.map +1 -0
- package/src/test-mocks/index.d.ts +2 -0
- package/src/test-mocks/index.d.ts.map +1 -0
- package/src/test-mocks/index.js +5 -0
- package/src/test-mocks/index.js.map +1 -0
- package/src/test-mocks/mock-backend-member.d.ts +76 -0
- package/src/test-mocks/mock-backend-member.d.ts.map +1 -0
- package/src/test-mocks/mock-backend-member.js +139 -0
- package/src/test-mocks/mock-backend-member.js.map +1 -0
- package/src/testing.d.ts +2 -0
- package/src/testing.d.ts.map +1 -0
- package/src/testing.js +6 -0
- package/src/testing.js.map +1 -0
- package/src/types/id-guards.d.ts +39 -0
- package/src/types/id-guards.d.ts.map +1 -0
- package/src/types/id-guards.js +91 -0
- package/src/types/id-guards.js.map +1 -0
- package/src/types/index.d.ts +2 -0
- package/src/types/index.d.ts.map +1 -0
- package/src/types/index.js +5 -0
- package/src/types/index.js.map +1 -0
- package/src/types.d.ts +26 -0
- package/src/types.d.ts.map +1 -0
- package/src/types.js +6 -0
- package/src/types.js.map +1 -0
- package/src/utils.d.ts +11 -0
- package/src/utils.d.ts.map +1 -0
- package/src/utils.js +82 -0
- package/src/utils.js.map +1 -0
|
@@ -0,0 +1,317 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.IsolatedPublicKey = void 0;
|
|
4
|
+
const crypto_1 = require("crypto");
|
|
5
|
+
const paillier_bigint_1 = require("paillier-bigint");
|
|
6
|
+
const voting_error_type_1 = require("./enumerations/voting-error-type");
|
|
7
|
+
const voting_1 = require("./errors/voting");
|
|
8
|
+
const voting_consts_1 = require("./interfaces/voting-consts");
|
|
9
|
+
/**
|
|
10
|
+
* IsolatedPublicKey extends Paillier PublicKey with instance isolation capabilities.
|
|
11
|
+
*
|
|
12
|
+
* This class provides:
|
|
13
|
+
* - keyId: A deterministic SHA-256 hash of the public key 'n' value for verification
|
|
14
|
+
* - instanceId: A unique identifier per key instance to prevent cross-instance operations
|
|
15
|
+
* - HMAC-tagged ciphertexts that bind encrypted values to a specific key instance
|
|
16
|
+
*
|
|
17
|
+
* Instance isolation ensures that ciphertexts encrypted with one instance cannot be
|
|
18
|
+
* used with another instance, even if they share the same underlying key material.
|
|
19
|
+
* This is critical for voting systems where ballot tampering must be prevented.
|
|
20
|
+
*/
|
|
21
|
+
class IsolatedPublicKey extends paillier_bigint_1.PublicKey {
|
|
22
|
+
/**
|
|
23
|
+
* Type guard to check if a PublicKey is an IsolatedPublicKey
|
|
24
|
+
*/
|
|
25
|
+
static isIsolatedPublicKey(key) {
|
|
26
|
+
return key instanceof IsolatedPublicKey;
|
|
27
|
+
}
|
|
28
|
+
/**
|
|
29
|
+
* Deterministic identifier derived from the public key (SHA-256 of 'n')
|
|
30
|
+
*/
|
|
31
|
+
keyId;
|
|
32
|
+
/**
|
|
33
|
+
* Original instance ID generated at construction time
|
|
34
|
+
*/
|
|
35
|
+
_originalInstanceId;
|
|
36
|
+
/**
|
|
37
|
+
* Current instance ID (can be updated via updateInstanceId())
|
|
38
|
+
*/
|
|
39
|
+
_currentInstanceId;
|
|
40
|
+
/**
|
|
41
|
+
* Unique salt used for instance ID generation
|
|
42
|
+
*/
|
|
43
|
+
uniqueInstanceSalt;
|
|
44
|
+
/**
|
|
45
|
+
* Updates the current instance ID to a new random value.
|
|
46
|
+
* This invalidates all previously encrypted ciphertexts.
|
|
47
|
+
*/
|
|
48
|
+
updateInstanceId() {
|
|
49
|
+
const randomSalt = (0, crypto_1.randomBytes)(32);
|
|
50
|
+
this._currentInstanceId = this.generateInstanceId(this.keyId, this.n, randomSalt);
|
|
51
|
+
}
|
|
52
|
+
/**
|
|
53
|
+
* Generates a deterministic instance ID from keyId, n, and a unique salt
|
|
54
|
+
*/
|
|
55
|
+
generateInstanceId(keyId, n, uniqueInstanceSalt) {
|
|
56
|
+
// Convert n to hex string with proper padding
|
|
57
|
+
const nHex = n
|
|
58
|
+
.toString(voting_consts_1.VOTING.KEY_RADIX)
|
|
59
|
+
.padStart(voting_consts_1.VOTING.PUB_KEY_OFFSET, '0');
|
|
60
|
+
const nBytes = this.hexToBuffer(nHex);
|
|
61
|
+
// Concatenate keyId + nBytes + salt
|
|
62
|
+
const combined = Buffer.concat([keyId, nBytes, uniqueInstanceSalt]);
|
|
63
|
+
// Return SHA-256 hash
|
|
64
|
+
return this.sha256(combined);
|
|
65
|
+
}
|
|
66
|
+
/**
|
|
67
|
+
* SHA-256 hash using Node.js crypto
|
|
68
|
+
*/
|
|
69
|
+
sha256(data) {
|
|
70
|
+
return (0, crypto_1.createHash)('sha256').update(data).digest();
|
|
71
|
+
}
|
|
72
|
+
/**
|
|
73
|
+
* Converts hex string to Buffer
|
|
74
|
+
*/
|
|
75
|
+
hexToBuffer(hex) {
|
|
76
|
+
if (hex.length % 2 !== 0) {
|
|
77
|
+
hex = '0' + hex;
|
|
78
|
+
}
|
|
79
|
+
return Buffer.from(hex, 'hex');
|
|
80
|
+
}
|
|
81
|
+
/**
|
|
82
|
+
* Converts Buffer to hex string
|
|
83
|
+
*/
|
|
84
|
+
bufferToHex(bytes) {
|
|
85
|
+
return bytes.toString('hex');
|
|
86
|
+
}
|
|
87
|
+
constructor(n, g, keyId) {
|
|
88
|
+
super(n, g);
|
|
89
|
+
this.keyId = keyId;
|
|
90
|
+
// Generate unique salt for this instance
|
|
91
|
+
const uniqueInstanceSalt = (0, crypto_1.randomBytes)(32);
|
|
92
|
+
this.uniqueInstanceSalt = uniqueInstanceSalt;
|
|
93
|
+
// Generate instance IDs (this is problematic with sync constructor)
|
|
94
|
+
// We'll need to handle this differently
|
|
95
|
+
this._originalInstanceId = Buffer.alloc(32); // Placeholder
|
|
96
|
+
this._currentInstanceId = Buffer.alloc(32); // Placeholder
|
|
97
|
+
// TODO: This needs to be refactored to use async factory method
|
|
98
|
+
}
|
|
99
|
+
/**
|
|
100
|
+
* Static factory method to create IsolatedPublicKey synchronously
|
|
101
|
+
*/
|
|
102
|
+
static create(n, g, keyId) {
|
|
103
|
+
const key = new IsolatedPublicKey(n, g, keyId);
|
|
104
|
+
// Generate unique salt
|
|
105
|
+
const uniqueInstanceSalt = (0, crypto_1.randomBytes)(32);
|
|
106
|
+
// Generate instance ID synchronously
|
|
107
|
+
const nHex = n
|
|
108
|
+
.toString(voting_consts_1.VOTING.KEY_RADIX)
|
|
109
|
+
.padStart(voting_consts_1.VOTING.PUB_KEY_OFFSET, '0');
|
|
110
|
+
const nBytes = key.hexToBuffer(nHex);
|
|
111
|
+
const combined = Buffer.concat([keyId, nBytes, uniqueInstanceSalt]);
|
|
112
|
+
const instanceId = key.sha256(combined);
|
|
113
|
+
// Use Object.defineProperty to set readonly fields
|
|
114
|
+
Object.defineProperty(key, 'uniqueInstanceSalt', {
|
|
115
|
+
value: uniqueInstanceSalt,
|
|
116
|
+
writable: false,
|
|
117
|
+
enumerable: true,
|
|
118
|
+
configurable: false,
|
|
119
|
+
});
|
|
120
|
+
Object.defineProperty(key, '_originalInstanceId', {
|
|
121
|
+
value: instanceId,
|
|
122
|
+
writable: false,
|
|
123
|
+
enumerable: false,
|
|
124
|
+
configurable: false,
|
|
125
|
+
});
|
|
126
|
+
Object.defineProperty(key, '_currentInstanceId', {
|
|
127
|
+
value: Buffer.from(instanceId),
|
|
128
|
+
writable: true,
|
|
129
|
+
enumerable: false,
|
|
130
|
+
configurable: false,
|
|
131
|
+
});
|
|
132
|
+
return key;
|
|
133
|
+
}
|
|
134
|
+
/**
|
|
135
|
+
* Static factory method to create IsolatedPublicKey from deserialized data
|
|
136
|
+
* Used when reconstructing a key from a buffer with a stored instanceId
|
|
137
|
+
*/
|
|
138
|
+
static fromBuffer(n, g, keyId, instanceId) {
|
|
139
|
+
const key = new IsolatedPublicKey(n, g, keyId);
|
|
140
|
+
// For deserialized keys, we don't have the original salt
|
|
141
|
+
// Set uniqueInstanceSalt to empty buffer
|
|
142
|
+
const uniqueInstanceSalt = Buffer.alloc(0);
|
|
143
|
+
// Use Object.defineProperty to set readonly fields
|
|
144
|
+
Object.defineProperty(key, 'uniqueInstanceSalt', {
|
|
145
|
+
value: uniqueInstanceSalt,
|
|
146
|
+
writable: false,
|
|
147
|
+
enumerable: true,
|
|
148
|
+
configurable: false,
|
|
149
|
+
});
|
|
150
|
+
Object.defineProperty(key, '_originalInstanceId', {
|
|
151
|
+
value: instanceId,
|
|
152
|
+
writable: false,
|
|
153
|
+
enumerable: false,
|
|
154
|
+
configurable: false,
|
|
155
|
+
});
|
|
156
|
+
Object.defineProperty(key, '_currentInstanceId', {
|
|
157
|
+
value: Buffer.from(instanceId),
|
|
158
|
+
writable: true,
|
|
159
|
+
enumerable: false,
|
|
160
|
+
configurable: false,
|
|
161
|
+
});
|
|
162
|
+
return key;
|
|
163
|
+
}
|
|
164
|
+
/**
|
|
165
|
+
* Returns a copy of the keyId
|
|
166
|
+
*/
|
|
167
|
+
getKeyId() {
|
|
168
|
+
return Buffer.from(this.keyId);
|
|
169
|
+
}
|
|
170
|
+
/**
|
|
171
|
+
* Returns a copy of the current instance ID
|
|
172
|
+
*/
|
|
173
|
+
getInstanceId() {
|
|
174
|
+
return Buffer.from(this._currentInstanceId);
|
|
175
|
+
}
|
|
176
|
+
/**
|
|
177
|
+
* Tags a ciphertext with an HMAC using keyId + instanceId
|
|
178
|
+
* Returns a new bigint with the HMAC appended
|
|
179
|
+
*/
|
|
180
|
+
tagCiphertext(ciphertext) {
|
|
181
|
+
// Create HMAC key from keyId + instanceId
|
|
182
|
+
const hmacKeyMaterial = Buffer.concat([
|
|
183
|
+
this.keyId,
|
|
184
|
+
this._currentInstanceId,
|
|
185
|
+
]);
|
|
186
|
+
// Create HMAC
|
|
187
|
+
const ciphertextHex = ciphertext.toString(voting_consts_1.VOTING.KEY_RADIX);
|
|
188
|
+
const ciphertextBytes = Buffer.from(ciphertextHex, 'utf8');
|
|
189
|
+
const hmac = (0, crypto_1.createHmac)('sha256', hmacKeyMaterial);
|
|
190
|
+
hmac.update(ciphertextBytes);
|
|
191
|
+
const signature = hmac.digest();
|
|
192
|
+
const signatureHex = this.bufferToHex(signature);
|
|
193
|
+
// Pad ciphertext and append HMAC
|
|
194
|
+
const hmacLength = 64; // 256 bits = 64 hex chars
|
|
195
|
+
const paddedCiphertext = ciphertextHex.padStart(hmacLength * 2, '0');
|
|
196
|
+
const taggedCiphertextString = paddedCiphertext + signatureHex;
|
|
197
|
+
return BigInt(`0x${taggedCiphertextString}`);
|
|
198
|
+
}
|
|
199
|
+
/**
|
|
200
|
+
* Extracts and validates the instance ID from a tagged ciphertext
|
|
201
|
+
* Returns the instance ID if valid, or zero-filled buffer if invalid
|
|
202
|
+
*/
|
|
203
|
+
extractInstanceId(ciphertext) {
|
|
204
|
+
try {
|
|
205
|
+
const hmacLength = 64;
|
|
206
|
+
const ciphertextString = ciphertext.toString(16);
|
|
207
|
+
const receivedHmac = ciphertextString.slice(-hmacLength);
|
|
208
|
+
const calculatedCiphertext = BigInt(`0x${ciphertextString.slice(0, -hmacLength)}`);
|
|
209
|
+
// Create HMAC key from keyId + current instanceId
|
|
210
|
+
const hmacKeyMaterial = Buffer.concat([
|
|
211
|
+
this.keyId,
|
|
212
|
+
this._currentInstanceId,
|
|
213
|
+
]);
|
|
214
|
+
// Calculate expected HMAC
|
|
215
|
+
const ciphertextHex = calculatedCiphertext.toString(voting_consts_1.VOTING.KEY_RADIX);
|
|
216
|
+
const ciphertextBytes = Buffer.from(ciphertextHex, 'utf8');
|
|
217
|
+
const hmac = (0, crypto_1.createHmac)('sha256', hmacKeyMaterial);
|
|
218
|
+
hmac.update(ciphertextBytes);
|
|
219
|
+
const expectedHmac = this.bufferToHex(hmac.digest());
|
|
220
|
+
// If HMAC matches, return current instance ID
|
|
221
|
+
return receivedHmac === expectedHmac
|
|
222
|
+
? Buffer.from(this._currentInstanceId)
|
|
223
|
+
: Buffer.alloc(1, 0);
|
|
224
|
+
// eslint-disable-next-line @typescript-eslint/no-unused-vars
|
|
225
|
+
}
|
|
226
|
+
catch (_error) {
|
|
227
|
+
// If any error occurs, return invalid instance ID
|
|
228
|
+
return Buffer.alloc(1, 0);
|
|
229
|
+
}
|
|
230
|
+
}
|
|
231
|
+
/**
|
|
232
|
+
* Encrypts a message and tags it with instance HMAC
|
|
233
|
+
*/
|
|
234
|
+
encryptIsolated(m) {
|
|
235
|
+
this.verifyKeyId();
|
|
236
|
+
const ciphertext = super.encrypt(m);
|
|
237
|
+
return this.tagCiphertext(ciphertext);
|
|
238
|
+
}
|
|
239
|
+
/**
|
|
240
|
+
* Synchronous encrypt override (throws error - use encryptIsolated instead)
|
|
241
|
+
*/
|
|
242
|
+
// eslint-disable-next-line @typescript-eslint/no-unused-vars
|
|
243
|
+
encrypt(_m) {
|
|
244
|
+
throw new voting_1.VotingError(voting_error_type_1.VotingErrorType.KeyPairValidationFailed);
|
|
245
|
+
}
|
|
246
|
+
/**
|
|
247
|
+
* Multiplies a ciphertext by a constant, preserving instance HMAC
|
|
248
|
+
*/
|
|
249
|
+
multiplyIsolated(ciphertext, constant) {
|
|
250
|
+
this.verifyKeyId();
|
|
251
|
+
const instanceId = this.extractInstanceId(ciphertext);
|
|
252
|
+
// Check if instance IDs match
|
|
253
|
+
if (!this.bufferEquals(instanceId, this._currentInstanceId)) {
|
|
254
|
+
throw new voting_1.VotingError(voting_error_type_1.VotingErrorType.InstanceIdMismatch);
|
|
255
|
+
}
|
|
256
|
+
const hmacLength = 64;
|
|
257
|
+
const ciphertextString = ciphertext.toString(voting_consts_1.VOTING.KEY_RADIX);
|
|
258
|
+
const actualCiphertext = BigInt(`0x${ciphertextString.slice(0, -hmacLength)}`);
|
|
259
|
+
const product = super.multiply(actualCiphertext, constant);
|
|
260
|
+
return this.tagCiphertext(product);
|
|
261
|
+
}
|
|
262
|
+
/**
|
|
263
|
+
* Synchronous multiply override (throws error - use multiplyIsolated instead)
|
|
264
|
+
*/
|
|
265
|
+
// eslint-disable-next-line @typescript-eslint/no-unused-vars
|
|
266
|
+
multiply(_ciphertext, _constant) {
|
|
267
|
+
throw new voting_1.VotingError(voting_error_type_1.VotingErrorType.KeyPairValidationFailed);
|
|
268
|
+
}
|
|
269
|
+
/**
|
|
270
|
+
* Adds two ciphertexts, preserving instance HMAC
|
|
271
|
+
*/
|
|
272
|
+
additionIsolated(a, b) {
|
|
273
|
+
this.verifyKeyId();
|
|
274
|
+
const aInstanceID = this.extractInstanceId(a);
|
|
275
|
+
const bInstanceID = this.extractInstanceId(b);
|
|
276
|
+
if (!this.bufferEquals(aInstanceID, this._currentInstanceId) ||
|
|
277
|
+
!this.bufferEquals(bInstanceID, this._currentInstanceId)) {
|
|
278
|
+
throw new voting_1.VotingError(voting_error_type_1.VotingErrorType.InstanceIdMismatch);
|
|
279
|
+
}
|
|
280
|
+
const hmacLength = 64;
|
|
281
|
+
const aCiphertextString = a.toString(voting_consts_1.VOTING.KEY_RADIX);
|
|
282
|
+
const bCiphertextString = b.toString(voting_consts_1.VOTING.KEY_RADIX);
|
|
283
|
+
const aCiphertext = BigInt(`0x${aCiphertextString.slice(0, -hmacLength)}`);
|
|
284
|
+
const bCiphertext = BigInt(`0x${bCiphertextString.slice(0, -hmacLength)}`);
|
|
285
|
+
const sum = super.addition(aCiphertext, bCiphertext);
|
|
286
|
+
return this.tagCiphertext(sum);
|
|
287
|
+
}
|
|
288
|
+
/**
|
|
289
|
+
* Synchronous addition override (throws error - use additionIsolated instead)
|
|
290
|
+
*/
|
|
291
|
+
// eslint-disable-next-line @typescript-eslint/no-unused-vars
|
|
292
|
+
addition(_a, _b) {
|
|
293
|
+
throw new voting_1.VotingError(voting_error_type_1.VotingErrorType.KeyPairValidationFailed);
|
|
294
|
+
}
|
|
295
|
+
/**
|
|
296
|
+
* Verifies that the keyId matches the SHA-256 hash of the public key 'n'
|
|
297
|
+
*/
|
|
298
|
+
verifyKeyId() {
|
|
299
|
+
const nHex = this.n
|
|
300
|
+
.toString(voting_consts_1.VOTING.KEY_RADIX)
|
|
301
|
+
.padStart(voting_consts_1.VOTING.PUB_KEY_OFFSET, '0');
|
|
302
|
+
// Encode the hex string as UTF-8 bytes (not parse as hex digits)
|
|
303
|
+
const nBytes = Buffer.from(nHex, 'utf8');
|
|
304
|
+
const computedKeyId = this.sha256(nBytes);
|
|
305
|
+
if (!this.bufferEquals(this.keyId, computedKeyId)) {
|
|
306
|
+
throw new voting_1.VotingError(voting_error_type_1.VotingErrorType.InvalidPublicKeyIdMismatch);
|
|
307
|
+
}
|
|
308
|
+
}
|
|
309
|
+
/**
|
|
310
|
+
* Compares two Buffers for equality
|
|
311
|
+
*/
|
|
312
|
+
bufferEquals(a, b) {
|
|
313
|
+
return Buffer.compare(a, b) === 0;
|
|
314
|
+
}
|
|
315
|
+
}
|
|
316
|
+
exports.IsolatedPublicKey = IsolatedPublicKey;
|
|
317
|
+
//# sourceMappingURL=isolated-public.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"isolated-public.js","sourceRoot":"","sources":["../../../../packages/digitaldefiance-node-ecies-lib/src/isolated-public.ts"],"names":[],"mappings":";;;AAAA,mCAA6D;AAG7D,qDAA4C;AAE5C,wEAAmE;AACnE,4CAA8C;AAC9C,8DAAoD;AAEpD;;;;;;;;;;;GAWG;AACH,MAAa,iBACX,SAAQ,2BAAS;IAGjB;;OAEG;IACI,MAAM,CAAC,mBAAmB,CAAC,GAAc;QAC9C,OAAO,GAAG,YAAY,iBAAiB,CAAC;IAC1C,CAAC;IAED;;OAEG;IACa,KAAK,CAAS;IAE9B;;OAEG;IACc,mBAAmB,CAAS;IAE7C;;OAEG;IACK,kBAAkB,CAAS;IAEnC;;OAEG;IACc,kBAAkB,CAAS;IAE5C;;;OAGG;IACI,gBAAgB;QACrB,MAAM,UAAU,GAAG,IAAA,oBAAW,EAAC,EAAE,CAAC,CAAC;QACnC,IAAI,CAAC,kBAAkB,GAAG,IAAI,CAAC,kBAAkB,CAC/C,IAAI,CAAC,KAAK,EACV,IAAI,CAAC,CAAC,EACN,UAAU,CACX,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,kBAAkB,CACxB,KAAa,EACb,CAAS,EACT,kBAA0B;QAE1B,8CAA8C;QAC9C,MAAM,IAAI,GAAG,CAAC;aACX,QAAQ,CAAC,sBAAM,CAAC,SAAS,CAAC;aAC1B,QAAQ,CAAC,sBAAM,CAAC,cAAc,EAAE,GAAG,CAAC,CAAC;QACxC,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;QAEtC,oCAAoC;QACpC,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,MAAM,EAAE,kBAAkB,CAAC,CAAC,CAAC;QAEpE,sBAAsB;QACtB,OAAO,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IAC/B,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,IAAY;QACzB,OAAO,IAAA,mBAAU,EAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,CAAC;IACpD,CAAC;IAED;;OAEG;IACK,WAAW,CAAC,GAAW;QAC7B,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;YACzB,GAAG,GAAG,GAAG,GAAG,GAAG,CAAC;QAClB,CAAC;QACD,OAAO,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IACjC,CAAC;IAED;;OAEG;IACK,WAAW,CAAC,KAAa;QAC/B,OAAO,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAC/B,CAAC;IAED,YAAY,CAAS,EAAE,CAAS,EAAE,KAAa;QAC7C,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACZ,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QAEnB,yCAAyC;QACzC,MAAM,kBAAkB,GAAG,IAAA,oBAAW,EAAC,EAAE,CAAC,CAAC;QAC3C,IAAI,CAAC,kBAAkB,GAAG,kBAAkB,CAAC;QAE7C,oEAAoE;QACpE,wCAAwC;QACxC,IAAI,CAAC,mBAAmB,GAAG,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,cAAc;QAC3D,IAAI,CAAC,kBAAkB,GAAG,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,cAAc;QAE1D,gEAAgE;IAClE,CAAC;IAED;;OAEG;IACI,MAAM,CAAC,MAAM,CAAC,CAAS,EAAE,CAAS,EAAE,KAAa;QACtD,MAAM,GAAG,GAAG,IAAI,iBAAiB,CAAC,CAAC,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;QAE/C,uBAAuB;QACvB,MAAM,kBAAkB,GAAG,IAAA,oBAAW,EAAC,EAAE,CAAC,CAAC;QAE3C,qCAAqC;QACrC,MAAM,IAAI,GAAG,CAAC;aACX,QAAQ,CAAC,sBAAM,CAAC,SAAS,CAAC;aAC1B,QAAQ,CAAC,sBAAM,CAAC,cAAc,EAAE,GAAG,CAAC,CAAC;QACxC,MAAM,MAAM,GAAG,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;QACrC,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,MAAM,EAAE,kBAAkB,CAAC,CAAC,CAAC;QAEpE,MAAM,UAAU,GAAG,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAExC,mDAAmD;QACnD,MAAM,CAAC,cAAc,CAAC,GAAG,EAAE,oBAAoB,EAAE;YAC/C,KAAK,EAAE,kBAAkB;YACzB,QAAQ,EAAE,KAAK;YACf,UAAU,EAAE,IAAI;YAChB,YAAY,EAAE,KAAK;SACpB,CAAC,CAAC;QACH,MAAM,CAAC,cAAc,CAAC,GAAG,EAAE,qBAAqB,EAAE;YAChD,KAAK,EAAE,UAAU;YACjB,QAAQ,EAAE,KAAK;YACf,UAAU,EAAE,KAAK;YACjB,YAAY,EAAE,KAAK;SACpB,CAAC,CAAC;QACH,MAAM,CAAC,cAAc,CAAC,GAAG,EAAE,oBAAoB,EAAE;YAC/C,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC;YAC9B,QAAQ,EAAE,IAAI;YACd,UAAU,EAAE,KAAK;YACjB,YAAY,EAAE,KAAK;SACpB,CAAC,CAAC;QAEH,OAAO,GAAG,CAAC;IACb,CAAC;IAED;;;OAGG;IACI,MAAM,CAAC,UAAU,CACtB,CAAS,EACT,CAAS,EACT,KAAa,EACb,UAAkB;QAElB,MAAM,GAAG,GAAG,IAAI,iBAAiB,CAAC,CAAC,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;QAE/C,yDAAyD;QACzD,yCAAyC;QACzC,MAAM,kBAAkB,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAE3C,mDAAmD;QACnD,MAAM,CAAC,cAAc,CAAC,GAAG,EAAE,oBAAoB,EAAE;YAC/C,KAAK,EAAE,kBAAkB;YACzB,QAAQ,EAAE,KAAK;YACf,UAAU,EAAE,IAAI;YAChB,YAAY,EAAE,KAAK;SACpB,CAAC,CAAC;QACH,MAAM,CAAC,cAAc,CAAC,GAAG,EAAE,qBAAqB,EAAE;YAChD,KAAK,EAAE,UAAU;YACjB,QAAQ,EAAE,KAAK;YACf,UAAU,EAAE,KAAK;YACjB,YAAY,EAAE,KAAK;SACpB,CAAC,CAAC;QACH,MAAM,CAAC,cAAc,CAAC,GAAG,EAAE,oBAAoB,EAAE;YAC/C,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC;YAC9B,QAAQ,EAAE,IAAI;YACd,UAAU,EAAE,KAAK;YACjB,YAAY,EAAE,KAAK;SACpB,CAAC,CAAC;QAEH,OAAO,GAAG,CAAC;IACb,CAAC;IAED;;OAEG;IACI,QAAQ;QACb,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACjC,CAAC;IAED;;OAEG;IACI,aAAa;QAClB,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;IAC9C,CAAC;IAED;;;OAGG;IACK,aAAa,CAAC,UAAkB;QACtC,0CAA0C;QAC1C,MAAM,eAAe,GAAG,MAAM,CAAC,MAAM,CAAC;YACpC,IAAI,CAAC,KAAK;YACV,IAAI,CAAC,kBAAkB;SACxB,CAAC,CAAC;QAEH,cAAc;QACd,MAAM,aAAa,GAAG,UAAU,CAAC,QAAQ,CAAC,sBAAM,CAAC,SAAS,CAAC,CAAC;QAC5D,MAAM,eAAe,GAAG,MAAM,CAAC,IAAI,CAAC,aAAa,EAAE,MAAM,CAAC,CAAC;QAC3D,MAAM,IAAI,GAAG,IAAA,mBAAU,EAAC,QAAQ,EAAE,eAAe,CAAC,CAAC;QACnD,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;QAC7B,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC;QAChC,MAAM,YAAY,GAAG,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;QAEjD,iCAAiC;QACjC,MAAM,UAAU,GAAG,EAAE,CAAC,CAAC,0BAA0B;QACjD,MAAM,gBAAgB,GAAG,aAAa,CAAC,QAAQ,CAAC,UAAU,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC;QACrE,MAAM,sBAAsB,GAAG,gBAAgB,GAAG,YAAY,CAAC;QAE/D,OAAO,MAAM,CAAC,KAAK,sBAAsB,EAAE,CAAC,CAAC;IAC/C,CAAC;IAED;;;OAGG;IACI,iBAAiB,CAAC,UAAkB;QACzC,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,EAAE,CAAC;YACtB,MAAM,gBAAgB,GAAG,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;YACjD,MAAM,YAAY,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC,UAAU,CAAC,CAAC;YACzD,MAAM,oBAAoB,GAAG,MAAM,CACjC,KAAK,gBAAgB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,EAAE,CAC9C,CAAC;YAEF,kDAAkD;YAClD,MAAM,eAAe,GAAG,MAAM,CAAC,MAAM,CAAC;gBACpC,IAAI,CAAC,KAAK;gBACV,IAAI,CAAC,kBAAkB;aACxB,CAAC,CAAC;YAEH,0BAA0B;YAC1B,MAAM,aAAa,GAAG,oBAAoB,CAAC,QAAQ,CAAC,sBAAM,CAAC,SAAS,CAAC,CAAC;YACtE,MAAM,eAAe,GAAG,MAAM,CAAC,IAAI,CAAC,aAAa,EAAE,MAAM,CAAC,CAAC;YAC3D,MAAM,IAAI,GAAG,IAAA,mBAAU,EAAC,QAAQ,EAAE,eAAe,CAAC,CAAC;YACnD,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;YAC7B,MAAM,YAAY,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;YAErD,8CAA8C;YAC9C,OAAO,YAAY,KAAK,YAAY;gBAClC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,kBAAkB,CAAC;gBACtC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACvB,6DAA6D;QAC/D,CAAC;QAAC,OAAO,MAAM,EAAE,CAAC;YAChB,kDAAkD;YAClD,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAC5B,CAAC;IACH,CAAC;IAED;;OAEG;IACI,eAAe,CAAC,CAAS;QAC9B,IAAI,CAAC,WAAW,EAAE,CAAC;QACnB,MAAM,UAAU,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;QACpC,OAAO,IAAI,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC;IACxC,CAAC;IAED;;OAEG;IACH,6DAA6D;IACpD,OAAO,CAAC,EAAU;QACzB,MAAM,IAAI,oBAAW,CAAC,mCAAe,CAAC,uBAAuB,CAAC,CAAC;IACjE,CAAC;IAED;;OAEG;IACI,gBAAgB,CAAC,UAAkB,EAAE,QAAgB;QAC1D,IAAI,CAAC,WAAW,EAAE,CAAC;QACnB,MAAM,UAAU,GAAG,IAAI,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC;QAEtD,8BAA8B;QAC9B,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,UAAU,EAAE,IAAI,CAAC,kBAAkB,CAAC,EAAE,CAAC;YAC5D,MAAM,IAAI,oBAAW,CAAC,mCAAe,CAAC,kBAAkB,CAAC,CAAC;QAC5D,CAAC;QAED,MAAM,UAAU,GAAG,EAAE,CAAC;QACtB,MAAM,gBAAgB,GAAG,UAAU,CAAC,QAAQ,CAAC,sBAAM,CAAC,SAAS,CAAC,CAAC;QAC/D,MAAM,gBAAgB,GAAG,MAAM,CAC7B,KAAK,gBAAgB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,EAAE,CAC9C,CAAC;QAEF,MAAM,OAAO,GAAG,KAAK,CAAC,QAAQ,CAAC,gBAAgB,EAAE,QAAQ,CAAC,CAAC;QAC3D,OAAO,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;IACrC,CAAC;IAED;;OAEG;IACH,6DAA6D;IACpD,QAAQ,CAAC,WAAmB,EAAE,SAAiB;QACtD,MAAM,IAAI,oBAAW,CAAC,mCAAe,CAAC,uBAAuB,CAAC,CAAC;IACjE,CAAC;IAED;;OAEG;IACI,gBAAgB,CAAC,CAAS,EAAE,CAAS;QAC1C,IAAI,CAAC,WAAW,EAAE,CAAC;QACnB,MAAM,WAAW,GAAG,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC;QAC9C,MAAM,WAAW,GAAG,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC;QAE9C,IACE,CAAC,IAAI,CAAC,YAAY,CAAC,WAAW,EAAE,IAAI,CAAC,kBAAkB,CAAC;YACxD,CAAC,IAAI,CAAC,YAAY,CAAC,WAAW,EAAE,IAAI,CAAC,kBAAkB,CAAC,EACxD,CAAC;YACD,MAAM,IAAI,oBAAW,CAAC,mCAAe,CAAC,kBAAkB,CAAC,CAAC;QAC5D,CAAC;QAED,MAAM,UAAU,GAAG,EAAE,CAAC;QACtB,MAAM,iBAAiB,GAAG,CAAC,CAAC,QAAQ,CAAC,sBAAM,CAAC,SAAS,CAAC,CAAC;QACvD,MAAM,iBAAiB,GAAG,CAAC,CAAC,QAAQ,CAAC,sBAAM,CAAC,SAAS,CAAC,CAAC;QAEvD,MAAM,WAAW,GAAG,MAAM,CAAC,KAAK,iBAAiB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;QAC3E,MAAM,WAAW,GAAG,MAAM,CAAC,KAAK,iBAAiB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;QAE3E,MAAM,GAAG,GAAG,KAAK,CAAC,QAAQ,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;QACrD,OAAO,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC;IACjC,CAAC;IAED;;OAEG;IACH,6DAA6D;IACpD,QAAQ,CAAC,EAAU,EAAE,EAAU;QACtC,MAAM,IAAI,oBAAW,CAAC,mCAAe,CAAC,uBAAuB,CAAC,CAAC;IACjE,CAAC;IAED;;OAEG;IACI,WAAW;QAChB,MAAM,IAAI,GAAG,IAAI,CAAC,CAAC;aAChB,QAAQ,CAAC,sBAAM,CAAC,SAAS,CAAC;aAC1B,QAAQ,CAAC,sBAAM,CAAC,cAAc,EAAE,GAAG,CAAC,CAAC;QACxC,iEAAiE;QACjE,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QACzC,MAAM,aAAa,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAE1C,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,KAAK,EAAE,aAAa,CAAC,EAAE,CAAC;YAClD,MAAM,IAAI,oBAAW,CAAC,mCAAe,CAAC,0BAA0B,CAAC,CAAC;QACpE,CAAC;IACH,CAAC;IAED;;OAEG;IACK,YAAY,CAAC,CAAS,EAAE,CAAS;QACvC,OAAO,MAAM,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC;IACpC,CAAC;CACF;AA9WD,8CA8WC"}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
import { IConstants } from '../interfaces/constants';
|
|
2
|
+
export declare enum CryptoServiceKey {
|
|
3
|
+
ECIES = "ecies",
|
|
4
|
+
PBKDF2 = "pbkdf2",
|
|
5
|
+
AES_GCM = "aes-gcm"
|
|
6
|
+
}
|
|
7
|
+
export declare class CryptoContainer {
|
|
8
|
+
private services;
|
|
9
|
+
private constructor();
|
|
10
|
+
static create(config?: IConstants): CryptoContainer;
|
|
11
|
+
get<T>(key: CryptoServiceKey): T;
|
|
12
|
+
}
|
|
13
|
+
//# sourceMappingURL=crypto-container.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"crypto-container.d.ts","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-ecies-lib/src/lib/crypto-container.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AAKrD,oBAAY,gBAAgB;IAC1B,KAAK,UAAU;IACf,MAAM,WAAW;IACjB,OAAO,YAAY;CACpB;AAED,qBAAa,eAAe;IAC1B,OAAO,CAAC,QAAQ,CAAwC;IAExD,OAAO;IAYP,MAAM,CAAC,MAAM,CAAC,MAAM,GAAE,UAAsB,GAAG,eAAe;IAI9D,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,gBAAgB,GAAG,CAAC;CAGjC"}
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.CryptoContainer = exports.CryptoServiceKey = void 0;
|
|
4
|
+
/* eslint-disable @typescript-eslint/no-unsafe-argument */
|
|
5
|
+
/* eslint-disable @typescript-eslint/no-unsafe-member-access */
|
|
6
|
+
/* eslint-disable @typescript-eslint/no-unsafe-assignment */
|
|
7
|
+
const constants_1 = require("../constants");
|
|
8
|
+
const aes_gcm_1 = require("../services/aes-gcm");
|
|
9
|
+
const ecies_1 = require("../services/ecies");
|
|
10
|
+
const pbkdf2_1 = require("../services/pbkdf2");
|
|
11
|
+
var CryptoServiceKey;
|
|
12
|
+
(function (CryptoServiceKey) {
|
|
13
|
+
CryptoServiceKey["ECIES"] = "ecies";
|
|
14
|
+
CryptoServiceKey["PBKDF2"] = "pbkdf2";
|
|
15
|
+
CryptoServiceKey["AES_GCM"] = "aes-gcm";
|
|
16
|
+
})(CryptoServiceKey || (exports.CryptoServiceKey = CryptoServiceKey = {}));
|
|
17
|
+
class CryptoContainer {
|
|
18
|
+
services = new Map();
|
|
19
|
+
constructor(config) {
|
|
20
|
+
this.services.set(CryptoServiceKey.ECIES, new ecies_1.ECIESService(undefined, config.ECIES));
|
|
21
|
+
this.services.set(CryptoServiceKey.PBKDF2, new pbkdf2_1.Pbkdf2Service(config.PBKDF2_PROFILES, config.ECIES, config.PBKDF2));
|
|
22
|
+
this.services.set(CryptoServiceKey.AES_GCM, new aes_gcm_1.AESGCMService(config));
|
|
23
|
+
}
|
|
24
|
+
static create(config = constants_1.Constants) {
|
|
25
|
+
return new CryptoContainer(config);
|
|
26
|
+
}
|
|
27
|
+
get(key) {
|
|
28
|
+
return this.services.get(key);
|
|
29
|
+
}
|
|
30
|
+
}
|
|
31
|
+
exports.CryptoContainer = CryptoContainer;
|
|
32
|
+
//# sourceMappingURL=crypto-container.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"crypto-container.js","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-ecies-lib/src/lib/crypto-container.ts"],"names":[],"mappings":";;;AAAA,0DAA0D;AAC1D,+DAA+D;AAC/D,4DAA4D;AAC5D,4CAAyC;AAEzC,iDAAoD;AACpD,6CAAiD;AACjD,+CAAmD;AAEnD,IAAY,gBAIX;AAJD,WAAY,gBAAgB;IAC1B,mCAAe,CAAA;IACf,qCAAiB,CAAA;IACjB,uCAAmB,CAAA;AACrB,CAAC,EAJW,gBAAgB,gCAAhB,gBAAgB,QAI3B;AAED,MAAa,eAAe;IAClB,QAAQ,GAAG,IAAI,GAAG,EAA6B,CAAC;IAExD,YAAoB,MAAkB;QACpC,IAAI,CAAC,QAAQ,CAAC,GAAG,CACf,gBAAgB,CAAC,KAAK,EACtB,IAAI,oBAAY,CAAC,SAAS,EAAE,MAAM,CAAC,KAAK,CAAC,CAC1C,CAAC;QACF,IAAI,CAAC,QAAQ,CAAC,GAAG,CACf,gBAAgB,CAAC,MAAM,EACvB,IAAI,sBAAa,CAAC,MAAM,CAAC,eAAe,EAAE,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,CAAC,CACvE,CAAC;QACF,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,gBAAgB,CAAC,OAAO,EAAE,IAAI,uBAAa,CAAC,MAAM,CAAC,CAAC,CAAC;IACzE,CAAC;IAED,MAAM,CAAC,MAAM,CAAC,SAAqB,qBAAS;QAC1C,OAAO,IAAI,eAAe,CAAC,MAAM,CAAC,CAAC;IACrC,CAAC;IAED,GAAG,CAAI,GAAqB;QAC1B,OAAO,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAM,CAAC;IACrC,CAAC;CACF;AAtBD,0CAsBC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-ecies-lib/src/lib/index.ts"],"names":[],"mappings":"AAAA,cAAc,oBAAoB,CAAC;AACnC,cAAc,uBAAuB,CAAC;AACtC,cAAc,cAAc,CAAC"}
|
package/src/lib/index.js
ADDED
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
const tslib_1 = require("tslib");
|
|
4
|
+
tslib_1.__exportStar(require("./crypto-container"), exports);
|
|
5
|
+
tslib_1.__exportStar(require("./invariant-validator"), exports);
|
|
6
|
+
tslib_1.__exportStar(require("./invariants"), exports);
|
|
7
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-ecies-lib/src/lib/index.ts"],"names":[],"mappings":";;;AAAA,6DAAmC;AACnC,gEAAsC;AACtC,uDAA6B"}
|
|
@@ -0,0 +1,69 @@
|
|
|
1
|
+
import { IConstants } from '../interfaces/constants';
|
|
2
|
+
/**
|
|
3
|
+
* Base interface for invariants
|
|
4
|
+
*/
|
|
5
|
+
interface IInvariant {
|
|
6
|
+
name: string;
|
|
7
|
+
description: string;
|
|
8
|
+
check(config: IConstants): boolean;
|
|
9
|
+
errorMessage(config: IConstants): string;
|
|
10
|
+
}
|
|
11
|
+
/**
|
|
12
|
+
* Node.js-specific invariant validator.
|
|
13
|
+
*
|
|
14
|
+
* Extends the base ecies-lib validator with Node.js-specific invariants.
|
|
15
|
+
* Validates configuration consistency to prevent bugs like the 12 vs 32-byte
|
|
16
|
+
* recipient ID discrepancy.
|
|
17
|
+
*
|
|
18
|
+
* @example
|
|
19
|
+
* ```typescript
|
|
20
|
+
* import { InvariantValidator } from '@digitaldefiance/node-ecies-lib';
|
|
21
|
+
* import { MyCustomInvariant } from './my-invariants';
|
|
22
|
+
*
|
|
23
|
+
* // Register a custom invariant
|
|
24
|
+
* InvariantValidator.registerInvariant(new MyCustomInvariant());
|
|
25
|
+
*
|
|
26
|
+
* // Validate configuration
|
|
27
|
+
* InvariantValidator.validateAll(config); // throws if any invariant fails
|
|
28
|
+
* ```
|
|
29
|
+
*/
|
|
30
|
+
export declare class InvariantValidator {
|
|
31
|
+
/**
|
|
32
|
+
* Node-specific invariants registered by default.
|
|
33
|
+
*/
|
|
34
|
+
private static readonly NODE_DEFAULT_INVARIANTS;
|
|
35
|
+
private static customInvariants;
|
|
36
|
+
/**
|
|
37
|
+
* Register a custom invariant to be checked during validation.
|
|
38
|
+
*
|
|
39
|
+
* @param invariant - The invariant to register
|
|
40
|
+
*/
|
|
41
|
+
static registerInvariant(invariant: IInvariant): void;
|
|
42
|
+
/**
|
|
43
|
+
* Unregister a custom invariant by name.
|
|
44
|
+
*
|
|
45
|
+
* @param name - The name of the invariant to unregister
|
|
46
|
+
* @returns true if the invariant was found and removed, false otherwise
|
|
47
|
+
*/
|
|
48
|
+
static unregisterInvariant(name: string): boolean;
|
|
49
|
+
/**
|
|
50
|
+
* Get all registered invariants (default + custom).
|
|
51
|
+
*/
|
|
52
|
+
static getAllInvariants(): readonly IInvariant[];
|
|
53
|
+
/**
|
|
54
|
+
* Validate all registered invariants against a configuration.
|
|
55
|
+
*
|
|
56
|
+
* This checks Node-specific invariants.
|
|
57
|
+
*
|
|
58
|
+
* @param config - The configuration to validate
|
|
59
|
+
* @throws Error if any invariant check fails
|
|
60
|
+
*/
|
|
61
|
+
static validateAll(config: IConstants): void;
|
|
62
|
+
/**
|
|
63
|
+
* Clear all custom invariants.
|
|
64
|
+
* Default invariants are not affected.
|
|
65
|
+
*/
|
|
66
|
+
static clearCustomInvariants(): void;
|
|
67
|
+
}
|
|
68
|
+
export {};
|
|
69
|
+
//# sourceMappingURL=invariant-validator.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"invariant-validator.d.ts","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-ecies-lib/src/lib/invariant-validator.ts"],"names":[],"mappings":"AASA,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AAIrD;;GAEG;AACH,UAAU,UAAU;IAClB,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,MAAM,EAAE,UAAU,GAAG,OAAO,CAAC;IACnC,YAAY,CAAC,MAAM,EAAE,UAAU,GAAG,MAAM,CAAC;CAC1C;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,qBAAa,kBAAkB;IAC7B;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,uBAAuB,CAE7C;IAEF,OAAO,CAAC,MAAM,CAAC,gBAAgB,CAAoB;IAEnD;;;;OAIG;IACH,MAAM,CAAC,iBAAiB,CAAC,SAAS,EAAE,UAAU,GAAG,IAAI;IAIrD;;;;;OAKG;IACH,MAAM,CAAC,mBAAmB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO;IASjD;;OAEG;IACH,MAAM,CAAC,gBAAgB,IAAI,SAAS,UAAU,EAAE;IAIhD;;;;;;;OAOG;IACH,MAAM,CAAC,WAAW,CAAC,MAAM,EAAE,UAAU,GAAG,IAAI;IAuB5C;;;OAGG;IACH,MAAM,CAAC,qBAAqB,IAAI,IAAI;CAGrC"}
|
|
@@ -0,0 +1,98 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.InvariantValidator = void 0;
|
|
4
|
+
/* eslint-disable @typescript-eslint/no-unsafe-call */
|
|
5
|
+
/* eslint-disable @typescript-eslint/no-unsafe-member-access */
|
|
6
|
+
/* eslint-disable @typescript-eslint/no-unsafe-assignment */
|
|
7
|
+
/* eslint-disable @typescript-eslint/no-unsafe-argument */
|
|
8
|
+
/* eslint-disable @typescript-eslint/no-unsafe-return */
|
|
9
|
+
const i18n_lib_1 = require("@digitaldefiance/i18n-lib");
|
|
10
|
+
const node_ecies_i18n_setup_1 = require("../i18n/node-ecies-i18n-setup");
|
|
11
|
+
const node_keys_1 = require("../i18n/node-keys");
|
|
12
|
+
const recipient_id_consistency_1 = require("./invariants/recipient-id-consistency");
|
|
13
|
+
/**
|
|
14
|
+
* Node.js-specific invariant validator.
|
|
15
|
+
*
|
|
16
|
+
* Extends the base ecies-lib validator with Node.js-specific invariants.
|
|
17
|
+
* Validates configuration consistency to prevent bugs like the 12 vs 32-byte
|
|
18
|
+
* recipient ID discrepancy.
|
|
19
|
+
*
|
|
20
|
+
* @example
|
|
21
|
+
* ```typescript
|
|
22
|
+
* import { InvariantValidator } from '@digitaldefiance/node-ecies-lib';
|
|
23
|
+
* import { MyCustomInvariant } from './my-invariants';
|
|
24
|
+
*
|
|
25
|
+
* // Register a custom invariant
|
|
26
|
+
* InvariantValidator.registerInvariant(new MyCustomInvariant());
|
|
27
|
+
*
|
|
28
|
+
* // Validate configuration
|
|
29
|
+
* InvariantValidator.validateAll(config); // throws if any invariant fails
|
|
30
|
+
* ```
|
|
31
|
+
*/
|
|
32
|
+
class InvariantValidator {
|
|
33
|
+
/**
|
|
34
|
+
* Node-specific invariants registered by default.
|
|
35
|
+
*/
|
|
36
|
+
static NODE_DEFAULT_INVARIANTS = [
|
|
37
|
+
new recipient_id_consistency_1.RecipientIdConsistencyInvariant(),
|
|
38
|
+
];
|
|
39
|
+
static customInvariants = [];
|
|
40
|
+
/**
|
|
41
|
+
* Register a custom invariant to be checked during validation.
|
|
42
|
+
*
|
|
43
|
+
* @param invariant - The invariant to register
|
|
44
|
+
*/
|
|
45
|
+
static registerInvariant(invariant) {
|
|
46
|
+
this.customInvariants.push(invariant);
|
|
47
|
+
}
|
|
48
|
+
/**
|
|
49
|
+
* Unregister a custom invariant by name.
|
|
50
|
+
*
|
|
51
|
+
* @param name - The name of the invariant to unregister
|
|
52
|
+
* @returns true if the invariant was found and removed, false otherwise
|
|
53
|
+
*/
|
|
54
|
+
static unregisterInvariant(name) {
|
|
55
|
+
const index = this.customInvariants.findIndex((inv) => inv.name === name);
|
|
56
|
+
if (index === -1) {
|
|
57
|
+
return false;
|
|
58
|
+
}
|
|
59
|
+
this.customInvariants.splice(index, 1);
|
|
60
|
+
return true;
|
|
61
|
+
}
|
|
62
|
+
/**
|
|
63
|
+
* Get all registered invariants (default + custom).
|
|
64
|
+
*/
|
|
65
|
+
static getAllInvariants() {
|
|
66
|
+
return [...this.NODE_DEFAULT_INVARIANTS, ...this.customInvariants];
|
|
67
|
+
}
|
|
68
|
+
/**
|
|
69
|
+
* Validate all registered invariants against a configuration.
|
|
70
|
+
*
|
|
71
|
+
* This checks Node-specific invariants.
|
|
72
|
+
*
|
|
73
|
+
* @param config - The configuration to validate
|
|
74
|
+
* @throws Error if any invariant check fails
|
|
75
|
+
*/
|
|
76
|
+
static validateAll(config) {
|
|
77
|
+
const failures = [];
|
|
78
|
+
// Validate Node-specific invariants
|
|
79
|
+
for (const invariant of this.getAllInvariants()) {
|
|
80
|
+
if (!invariant.check(config)) {
|
|
81
|
+
failures.push(invariant.errorMessage(config));
|
|
82
|
+
}
|
|
83
|
+
}
|
|
84
|
+
if (failures.length > 0) {
|
|
85
|
+
const engine = (0, node_ecies_i18n_setup_1.getNodeEciesI18nEngine)();
|
|
86
|
+
throw i18n_lib_1.TranslatableGenericError.withEngine(engine, node_keys_1.NodeEciesComponentId, node_keys_1.NodeEciesStringKey.Error_Invariant_ConfigurationValidationFailedTemplate, { failures: failures.join('\n\n') }, undefined, { invariantCount: failures.length });
|
|
87
|
+
}
|
|
88
|
+
}
|
|
89
|
+
/**
|
|
90
|
+
* Clear all custom invariants.
|
|
91
|
+
* Default invariants are not affected.
|
|
92
|
+
*/
|
|
93
|
+
static clearCustomInvariants() {
|
|
94
|
+
this.customInvariants = [];
|
|
95
|
+
}
|
|
96
|
+
}
|
|
97
|
+
exports.InvariantValidator = InvariantValidator;
|
|
98
|
+
//# sourceMappingURL=invariant-validator.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"invariant-validator.js","sourceRoot":"","sources":["../../../../../packages/digitaldefiance-node-ecies-lib/src/lib/invariant-validator.ts"],"names":[],"mappings":";;;AAAA,sDAAsD;AACtD,+DAA+D;AAC/D,4DAA4D;AAC5D,0DAA0D;AAC1D,wDAAwD;AACxD,wDAAqE;AAErE,yEAAuE;AACvE,iDAA6E;AAG7E,oFAAwF;AAYxF;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAa,kBAAkB;IAC7B;;OAEG;IACK,MAAM,CAAU,uBAAuB,GAAiB;QAC9D,IAAI,0DAA+B,EAAE;KACtC,CAAC;IAEM,MAAM,CAAC,gBAAgB,GAAiB,EAAE,CAAC;IAEnD;;;;OAIG;IACH,MAAM,CAAC,iBAAiB,CAAC,SAAqB;QAC5C,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IACxC,CAAC;IAED;;;;;OAKG;IACH,MAAM,CAAC,mBAAmB,CAAC,IAAY;QACrC,MAAM,KAAK,GAAG,IAAI,CAAC,gBAAgB,CAAC,SAAS,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,KAAK,IAAI,CAAC,CAAC;QAC1E,IAAI,KAAK,KAAK,CAAC,CAAC,EAAE,CAAC;YACjB,OAAO,KAAK,CAAC;QACf,CAAC;QACD,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QACvC,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,gBAAgB;QACrB,OAAO,CAAC,GAAG,IAAI,CAAC,uBAAuB,EAAE,GAAG,IAAI,CAAC,gBAAgB,CAAC,CAAC;IACrE,CAAC;IAED;;;;;;;OAOG;IACH,MAAM,CAAC,WAAW,CAAC,MAAkB;QACnC,MAAM,QAAQ,GAAa,EAAE,CAAC;QAE9B,oCAAoC;QACpC,KAAK,MAAM,SAAS,IAAI,IAAI,CAAC,gBAAgB,EAAE,EAAE,CAAC;YAChD,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC7B,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC;YAChD,CAAC;QACH,CAAC;QAED,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxB,MAAM,MAAM,GAAG,IAAA,8CAAsB,GAAE,CAAC;YACxC,MAAM,mCAAwB,CAAC,UAAU,CACvC,MAAM,EACN,gCAAoB,EACpB,8BAAkB,CAAC,qDAAqD,EACxE,EAAE,QAAQ,EAAE,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,EACnC,SAAS,EACT,EAAE,cAAc,EAAE,QAAQ,CAAC,MAAM,EAAE,CACpC,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,MAAM,CAAC,qBAAqB;QAC1B,IAAI,CAAC,gBAAgB,GAAG,EAAE,CAAC;IAC7B,CAAC;;AA9EH,gDA+EC"}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Node.js-specific invariants for configuration validation.
|
|
3
|
+
*
|
|
4
|
+
* These invariants extend and complement the base ecies-lib invariants
|
|
5
|
+
* with Node.js-specific validation rules.
|
|
6
|
+
*/
|
|
7
|
+
export { RecipientIdConsistencyInvariant } from './recipient-id-consistency';
|
|
8
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../../packages/digitaldefiance-node-ecies-lib/src/lib/invariants/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,+BAA+B,EAAE,MAAM,4BAA4B,CAAC"}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Node.js-specific invariants for configuration validation.
|
|
4
|
+
*
|
|
5
|
+
* These invariants extend and complement the base ecies-lib invariants
|
|
6
|
+
* with Node.js-specific validation rules.
|
|
7
|
+
*/
|
|
8
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
9
|
+
exports.RecipientIdConsistencyInvariant = void 0;
|
|
10
|
+
var recipient_id_consistency_1 = require("./recipient-id-consistency");
|
|
11
|
+
Object.defineProperty(exports, "RecipientIdConsistencyInvariant", { enumerable: true, get: function () { return recipient_id_consistency_1.RecipientIdConsistencyInvariant; } });
|
|
12
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../packages/digitaldefiance-node-ecies-lib/src/lib/invariants/index.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;AAEH,uEAA6E;AAApE,2IAAA,+BAA+B,OAAA"}
|
|
@@ -0,0 +1,41 @@
|
|
|
1
|
+
import { IConstants } from '../../interfaces/constants';
|
|
2
|
+
/**
|
|
3
|
+
* Base interface for invariants
|
|
4
|
+
*/
|
|
5
|
+
interface IInvariant {
|
|
6
|
+
name: string;
|
|
7
|
+
description: string;
|
|
8
|
+
check(config: IConstants): boolean;
|
|
9
|
+
errorMessage(config: IConstants): string;
|
|
10
|
+
}
|
|
11
|
+
/**
|
|
12
|
+
* Base class for invariants
|
|
13
|
+
*/
|
|
14
|
+
declare abstract class BaseInvariant implements IInvariant {
|
|
15
|
+
readonly name: string;
|
|
16
|
+
readonly description: string;
|
|
17
|
+
constructor(name: string, description: string);
|
|
18
|
+
abstract check(config: IConstants): boolean;
|
|
19
|
+
abstract errorMessage(config: IConstants): string;
|
|
20
|
+
}
|
|
21
|
+
/**
|
|
22
|
+
* Node.js-specific recipient ID consistency invariant.
|
|
23
|
+
*
|
|
24
|
+
* Extends the base ecies-lib invariant to also validate node-specific
|
|
25
|
+
* ENCRYPTION.RECIPIENT_ID_SIZE constant.
|
|
26
|
+
*
|
|
27
|
+
* This invariant would have caught the 12 vs 32 byte discrepancy.
|
|
28
|
+
*
|
|
29
|
+
* Checks:
|
|
30
|
+
* - MEMBER_ID_LENGTH === idProvider.byteLength
|
|
31
|
+
* - ECIES.MULTIPLE.RECIPIENT_ID_SIZE === idProvider.byteLength
|
|
32
|
+
* - ENCRYPTION.RECIPIENT_ID_SIZE === idProvider.byteLength (Node-specific)
|
|
33
|
+
* - All values must be in sync
|
|
34
|
+
*/
|
|
35
|
+
export declare class RecipientIdConsistencyInvariant extends BaseInvariant {
|
|
36
|
+
constructor();
|
|
37
|
+
check(config: IConstants): boolean;
|
|
38
|
+
errorMessage(config: IConstants): string;
|
|
39
|
+
}
|
|
40
|
+
export {};
|
|
41
|
+
//# sourceMappingURL=recipient-id-consistency.d.ts.map
|