@enbox/crypto 0.0.1

package/dist/esm/algorithms/ecdsa.js

@@ -0,0 +1,237 @@
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+import { Secp256k1 } from '../primitives/secp256k1.js';
+import { Secp256r1 } from '../primitives/secp256r1.js';
+import { CryptoAlgorithm } from './crypto-algorithm.js';
+import { isEcPrivateJwk, isEcPublicJwk } from '../jose/jwk.js';
+/**
+ * The `EcdsaAlgorithm` class provides a concrete implementation for cryptographic operations using
+ * the Elliptic Curve Digital Signature Algorithm (ECDSA). This class implements both
+ * {@link Signer | `Signer`} and { @link AsymmetricKeyGenerator | `AsymmetricKeyGenerator`}
+ * interfaces, providing private key generation, public key derivation, and creation/verification
+ * of signatures.
+ *
+ * This class is typically accessed through implementations that extend the
+ * {@link CryptoApi | `CryptoApi`} interface.
+ */
+export class EcdsaAlgorithm extends CryptoAlgorithm {
+    /**
+     * Derives the public key in JWK format from a given private key.
+     *
+     * @remarks
+     * This method takes a private key in JWK format and derives its corresponding public key,
+     * also in JWK format. The process ensures that the derived public key correctly corresponds to
+     * the given private key.
+     *
+     * @example
+     * ```ts
+     * const ecdsa = new EcdsaAlgorithm();
+     * const privateKey = { ... }; // A Jwk object representing a private key
+     * const publicKey = await ecdsa.computePublicKey({ key: privateKey });
+     * ```
+     *
+     * @param params - The parameters for the public key derivation.
+     * @param params.key - The private key in JWK format from which to derive the public key.
+     *
+     * @returns A Promise that resolves to the derived public key in JWK format.
+     */
+    computePublicKey(_a) {
+        return __awaiter(this, arguments, void 0, function* ({ key }) {
+            if (!isEcPrivateJwk(key))
+                throw new TypeError('Invalid key provided. Must be an elliptic curve (EC) private key.');
+            switch (key.crv) {
+                case 'secp256k1': {
+                    const publicKey = yield Secp256k1.computePublicKey({ key });
+                    publicKey.alg = 'ES256K';
+                    return publicKey;
+                }
+                case 'P-256': {
+                    const publicKey = yield Secp256r1.computePublicKey({ key });
+                    publicKey.alg = 'ES256';
+                    return publicKey;
+                }
+                default: {
+                    throw new Error(`Unsupported curve: ${key.crv}`);
+                }
+            }
+        });
+    }
+    /**
+     * Generates a new private key with the specified algorithm in JSON Web Key (JWK) format.
+     *
+     * @example
+     * ```ts
+     * const ecdsa = new EcdsaAlgorithm();
+     * const privateKey = await ecdsa.generateKey({ algorithm: 'ES256K' });
+     * ```
+     *
+     * @param params - The parameters for key generation.
+     * @param params.algorithm - The algorithm to use for key generation.
+     *
+     * @returns A Promise that resolves to the generated private key in JWK format.
+     */
+    generateKey(_a) {
+        return __awaiter(this, arguments, void 0, function* ({ algorithm }) {
+            switch (algorithm) {
+                case 'ES256K':
+                case 'secp256k1': {
+                    const privateKey = yield Secp256k1.generateKey();
+                    privateKey.alg = 'ES256K';
+                    return privateKey;
+                }
+                case 'ES256':
+                case 'secp256r1': {
+                    const privateKey = yield Secp256r1.generateKey();
+                    privateKey.alg = 'ES256';
+                    return privateKey;
+                }
+            }
+        });
+    }
+    /**
+     * Retrieves the public key properties from a given private key in JWK format.
+     *
+     * @remarks
+     * This method extracts the public key portion from an ECDSA private key in JWK format. It does
+     * so by removing the private key property 'd' and making a shallow copy, effectively yielding the
+     * public key.
+     *
+     * Note: This method offers a significant performance advantage, being about 200 times faster
+     * than `computePublicKey()`. However, it does not mathematically validate the private key, nor
+     * does it derive the public key from the private key. It simply extracts existing public key
+     * properties from the private key object. This makes it suitable for scenarios where speed is
+     * critical and the private key's integrity is already assured.
+     *
+     * @example
+     * ```ts
+     * const ecdsa = new EcdsaAlgorithm();
+     * const privateKey = { ... }; // A Jwk object representing a private key
+     * const publicKey = await ecdsa.getPublicKey({ key: privateKey });
+     * ```
+     *
+     * @param params - The parameters for retrieving the public key properties.
+     * @param params.key - The private key in JWK format.
+     *
+     * @returns A Promise that resolves to the public key in JWK format.
+     */
+    getPublicKey(_a) {
+        return __awaiter(this, arguments, void 0, function* ({ key }) {
+            if (!isEcPrivateJwk(key))
+                throw new TypeError('Invalid key provided. Must be an elliptic curve (EC) private key.');
+            switch (key.crv) {
+                case 'secp256k1': {
+                    const publicKey = yield Secp256k1.getPublicKey({ key });
+                    publicKey.alg = 'ES256K';
+                    return publicKey;
+                }
+                case 'P-256': {
+                    const publicKey = yield Secp256r1.getPublicKey({ key });
+                    publicKey.alg = 'ES256';
+                    return publicKey;
+                }
+                default: {
+                    throw new Error(`Unsupported curve: ${key.crv}`);
+                }
+            }
+        });
+    }
+    /**
+     * Generates an ECDSA signature of given data using a private key.
+     *
+     * @remarks
+     * This method uses the signature algorithm determined by the given `algorithm` to sign the
+     * provided data.
+     *
+     * The signature can later be verified by parties with access to the corresponding
+     * public key, ensuring that the data has not been tampered with and was indeed signed by the
+     * holder of the private key.
+     *
+     * @example
+     * ```ts
+     * const ecdsa = new EcdsaAlgorithm();
+     * const data = new TextEncoder().encode('Message');
+     * const privateKey = { ... }; // A Jwk object representing a private key
+     * const signature = await ecdsa.sign({
+     *   key: privateKey,
+     *   data
+     * });
+     * ```
+     *
+     * @param params - The parameters for the signing operation.
+     * @param params.key - The private key to use for signing, represented in JWK format.
+     * @param params.data - The data to sign.
+     *
+     * @returns A Promise resolving to the digital signature as a `Uint8Array`.
+     */
+    sign(_a) {
+        return __awaiter(this, arguments, void 0, function* ({ key, data }) {
+            if (!isEcPrivateJwk(key))
+                throw new TypeError('Invalid key provided. Must be an elliptic curve (EC) private key.');
+            switch (key.crv) {
+                case 'secp256k1': {
+                    return yield Secp256k1.sign({ key, data });
+                }
+                case 'P-256': {
+                    return yield Secp256r1.sign({ key, data });
+                }
+                default: {
+                    throw new Error(`Unsupported curve: ${key.crv}`);
+                }
+            }
+        });
+    }
+    /**
+     * Verifies an ECDSA signature associated with the provided data using the provided key.
+     *
+     * @remarks
+     * This method uses the signature algorithm determined by the `crv` property of the provided key
+     * to check the validity of a digital signature against the original data. It confirms whether the
+     * signature was created by the holder of the corresponding private key and that the data has not
+     * been tampered with.
+     *s
+     * @example
+     * ```ts
+     * const ecdsa = new EcdsaAlgorithm();
+     * const publicKey = { ... }; // Public key in JWK format corresponding to the private key that signed the data
+     * const signature = new Uint8Array([...]); // Signature to verify
+     * const data = new TextEncoder().encode('Message');
+     * const isValid = await ecdsa.verify({
+     *   key: publicKey,
+     *   signature,
+     *   data
+     * });
+     * ```
+     *
+     * @param params - The parameters for the verification operation.
+     * @param params.key - The key to use for verification.
+     * @param params.signature - The signature to verify.
+     * @param params.data - The data to verify.
+     *
+     * @returns A Promise resolving to a boolean indicating whether the signature is valid.
+     */
+    verify(_a) {
+        return __awaiter(this, arguments, void 0, function* ({ key, signature, data }) {
+            if (!isEcPublicJwk(key))
+                throw new TypeError('Invalid key provided. Must be an elliptic curve (EC) public key.');
+            switch (key.crv) {
+                case 'secp256k1': {
+                    return yield Secp256k1.verify({ key, signature, data });
+                }
+                case 'P-256': {
+                    return yield Secp256r1.verify({ key, signature, data });
+                }
+                default: {
+                    throw new Error(`Unsupported curve: ${key.crv}`);
+                }
+            }
+        });
+    }
+}
+//# sourceMappingURL=ecdsa.js.map

package/dist/esm/algorithms/ecdsa.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ecdsa.js","sourceRoot":"","sources":["../../../src/algorithms/ecdsa.ts"],"names":[],"mappings":";;;;;;;;;AAKA,OAAO,EAAE,SAAS,EAAE,MAAM,4BAA4B,CAAC;AACvD,OAAO,EAAE,SAAS,EAAE,MAAM,4BAA4B,CAAC;AACvD,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AACxD,OAAO,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAiB/D;;;;;;;;;GASG;AACH,MAAM,OAAO,cAAe,SAAQ,eAAe;IAIjD;;;;;;;;;;;;;;;;;;;OAmBG;IACU,gBAAgB;6DAAC,EAAE,GAAG,EACX;YAEtB,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC;gBAAE,MAAM,IAAI,SAAS,CAAC,mEAAmE,CAAC,CAAC;YAEnH,QAAQ,GAAG,CAAC,GAAG,EAAE,CAAC;gBAEhB,KAAK,WAAW,CAAC,CAAC,CAAC;oBACjB,MAAM,SAAS,GAAG,MAAM,SAAS,CAAC,gBAAgB,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;oBAC5D,SAAS,CAAC,GAAG,GAAG,QAAQ,CAAC;oBACzB,OAAO,SAAS,CAAC;gBACnB,CAAC;gBAED,KAAK,OAAO,CAAC,CAAC,CAAC;oBACb,MAAM,SAAS,GAAG,MAAM,SAAS,CAAC,gBAAgB,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;oBAC5D,SAAS,CAAC,GAAG,GAAG,OAAO,CAAC;oBACxB,OAAO,SAAS,CAAC;gBACnB,CAAC;gBAED,OAAO,CAAC,CAAC,CAAC;oBACR,MAAM,IAAI,KAAK,CAAC,sBAAsB,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC;gBACnD,CAAC;YACH,CAAC;QACH,CAAC;KAAA;IAED;;;;;;;;;;;;;OAaG;IACU,WAAW;6DAAC,EAAE,SAAS,EACZ;YAEtB,QAAQ,SAAS,EAAE,CAAC;gBAElB,KAAK,QAAQ,CAAC;gBACd,KAAK,WAAW,CAAC,CAAC,CAAC;oBACjB,MAAM,UAAU,GAAG,MAAM,SAAS,CAAC,WAAW,EAAE,CAAC;oBACjD,UAAU,CAAC,GAAG,GAAG,QAAQ,CAAC;oBAC1B,OAAO,UAAU,CAAC;gBACpB,CAAC;gBAED,KAAK,OAAO,CAAC;gBACb,KAAK,WAAW,CAAC,CAAC,CAAC;oBACjB,MAAM,UAAU,GAAG,MAAM,SAAS,CAAC,WAAW,EAAE,CAAC;oBACjD,UAAU,CAAC,GAAG,GAAG,OAAO,CAAC;oBACzB,OAAO,UAAU,CAAC;gBACpB,CAAC;YACH,CAAC;QACH,CAAC;KAAA;IAED;;;;;;;;;;;;;;;;;;;;;;;;;OAyBG;IACU,YAAY;6DAAC,EAAE,GAAG,EACX;YAElB,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC;gBAAE,MAAM,IAAI,SAAS,CAAC,mEAAmE,CAAC,CAAC;YAEnH,QAAQ,GAAG,CAAC,GAAG,EAAE,CAAC;gBAEhB,KAAK,WAAW,CAAC,CAAC,CAAC;oBACjB,MAAM,SAAS,GAAG,MAAM,SAAS,CAAC,YAAY,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;oBACxD,SAAS,CAAC,GAAG,GAAG,QAAQ,CAAC;oBACzB,OAAO,SAAS,CAAC;gBACnB,CAAC;gBAED,KAAK,OAAO,CAAC,CAAC,CAAC;oBACb,MAAM,SAAS,GAAG,MAAM,SAAS,CAAC,YAAY,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;oBACxD,SAAS,CAAC,GAAG,GAAG,OAAO,CAAC;oBACxB,OAAO,SAAS,CAAC;gBACnB,CAAC;gBAED,OAAO,CAAC,CAAC,CAAC;oBACR,MAAM,IAAI,KAAK,CAAC,sBAAsB,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC;gBACnD,CAAC;YACH,CAAC;QACH,CAAC;KAAA;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;OA2BG;IACU,IAAI;6DAAC,EAAE,GAAG,EAAE,IAAI,EACjB;YAEV,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC;gBAAE,MAAM,IAAI,SAAS,CAAC,mEAAmE,CAAC,CAAC;YAEnH,QAAQ,GAAG,CAAC,GAAG,EAAE,CAAC;gBAEhB,KAAK,WAAW,CAAC,CAAC,CAAC;oBACjB,OAAO,MAAM,SAAS,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC;gBAC7C,CAAC;gBAED,KAAK,OAAO,CAAC,CAAC,CAAC;oBACb,OAAO,MAAM,SAAS,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC;gBAC7C,CAAC;gBAED,OAAO,CAAC,CAAC,CAAC;oBACR,MAAM,IAAI,KAAK,CAAC,sBAAsB,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC;gBACnD,CAAC;YACH,CAAC;QACH,CAAC;KAAA;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA4BG;IACU,MAAM;6DAAC,EAAE,GAAG,EAAE,SAAS,EAAE,IAAI,EAC5B;YAEZ,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC;gBAAE,MAAM,IAAI,SAAS,CAAC,kEAAkE,CAAC,CAAC;YAEjH,QAAQ,GAAG,CAAC,GAAG,EAAE,CAAC;gBAEhB,KAAK,WAAW,CAAC,CAAC,CAAC;oBACjB,OAAO,MAAM,SAAS,CAAC,MAAM,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;gBAC1D,CAAC;gBAED,KAAK,OAAO,CAAC,CAAC,CAAC;oBACb,OAAO,MAAM,SAAS,CAAC,MAAM,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;gBAC1D,CAAC;gBAED,OAAO,CAAC,CAAC,CAAC;oBACR,MAAM,IAAI,KAAK,CAAC,sBAAsB,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC;gBACnD,CAAC;YACH,CAAC;QACH,CAAC;KAAA;CACF"}

package/dist/esm/algorithms/eddsa.js

@@ -0,0 +1,213 @@
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+import { Ed25519 } from '../primitives/ed25519.js';
+import { CryptoAlgorithm } from './crypto-algorithm.js';
+import { isOkpPrivateJwk, isOkpPublicJwk } from '../jose/jwk.js';
+/**
+ * The `EdDsaAlgorithm` class provides a concrete implementation for cryptographic operations using
+ * the Edwards-curve Digital Signature Algorithm (EdDSA). This class implements both
+ * {@link Signer | `Signer`} and { @link AsymmetricKeyGenerator | `AsymmetricKeyGenerator`}
+ * interfaces, providing private key generation, public key derivation, and creation/verification
+ * of signatures.
+ *
+ * This class is typically accessed through implementations that extend the
+ * {@link CryptoApi | `CryptoApi`} interface.
+ */
+export class EdDsaAlgorithm extends CryptoAlgorithm {
+    /**
+     * Derives the public key in JWK format from a given private key.
+     *
+     * @remarks
+     * This method takes a private key in JWK format and derives its corresponding public key,
+     * also in JWK format. The process ensures that the derived public key correctly corresponds to
+     * the given private key.
+     *
+     * @example
+     * ```ts
+     * const eddsa = new EdDsaAlgorithm();
+     * const privateKey = { ... }; // A Jwk object representing a private key
+     * const publicKey = await eddsa.computePublicKey({ key: privateKey });
+     * ```
+     *
+     * @param params - The parameters for the public key derivation.
+     * @param params.key - The private key in JWK format from which to derive the public key.
+     *
+     * @returns A Promise that resolves to the derived public key in JWK format.
+     */
+    computePublicKey(_a) {
+        return __awaiter(this, arguments, void 0, function* ({ key }) {
+            if (!isOkpPrivateJwk(key))
+                throw new TypeError('Invalid key provided. Must be an octet key pair (OKP) private key.');
+            switch (key.crv) {
+                case 'Ed25519': {
+                    const publicKey = yield Ed25519.computePublicKey({ key });
+                    publicKey.alg = 'EdDSA';
+                    return publicKey;
+                }
+                default: {
+                    throw new Error(`Unsupported curve: ${key.crv}`);
+                }
+            }
+        });
+    }
+    /**
+     * Generates a new private key with the specified algorithm in JSON Web Key (JWK) format.
+     *
+     * @example
+     * ```ts
+     * const eddsa = new EdDsaAlgorithm();
+     * const privateKey = await eddsa.generateKey({ algorithm: 'Ed25519' });
+     * ```
+     *
+     * @param params - The parameters for key generation.
+     * @param params.algorithm - The algorithm to use for key generation.
+     *
+     * @returns A Promise that resolves to the generated private key in JWK format.
+     */
+    generateKey(_a) {
+        return __awaiter(this, arguments, void 0, function* ({ algorithm }) {
+            switch (algorithm) {
+                case 'Ed25519': {
+                    const privateKey = yield Ed25519.generateKey();
+                    privateKey.alg = 'EdDSA';
+                    return privateKey;
+                }
+            }
+        });
+    }
+    /**
+     * Retrieves the public key properties from a given private key in JWK format.
+     *
+     * @remarks
+     * This method extracts the public key portion from an EdDSA private key in JWK format. It does
+     * so by removing the private key property 'd' and making a shallow copy, effectively yielding the
+     * public key.
+     *
+     * Note: This method offers a significant performance advantage, being about 100 times faster
+     * than `computePublicKey()`. However, it does not mathematically validate the private key, nor
+     * does it derive the public key from the private key. It simply extracts existing public key
+     * properties from the private key object. This makes it suitable for scenarios where speed is
+     * critical and the private key's integrity is already assured.
+     *
+     * @example
+     * ```ts
+     * const eddsa = new EdDsaAlgorithm();
+     * const privateKey = { ... }; // A Jwk object representing a private key
+     * const publicKey = await eddsa.getPublicKey({ key: privateKey });
+     * ```
+     *
+     * @param params - The parameters for retrieving the public key properties.
+     * @param params.key - The private key in JWK format.
+     *
+     * @returns A Promise that resolves to the public key in JWK format.
+     */
+    getPublicKey(_a) {
+        return __awaiter(this, arguments, void 0, function* ({ key }) {
+            if (!isOkpPrivateJwk(key))
+                throw new TypeError('Invalid key provided. Must be an octet key pair (OKP) private key.');
+            switch (key.crv) {
+                case 'Ed25519': {
+                    const publicKey = yield Ed25519.getPublicKey({ key });
+                    publicKey.alg = 'EdDSA';
+                    return publicKey;
+                }
+                default: {
+                    throw new Error(`Unsupported curve: ${key.crv}`);
+                }
+            }
+        });
+    }
+    /**
+     * Generates an EdDSA signature of given data using a private key.
+     *
+     * @remarks
+     * This method uses the signature algorithm determined by the given `algorithm` to sign the
+     * provided data.
+     *
+     * The signature can later be verified by parties with access to the corresponding
+     * public key, ensuring that the data has not been tampered with and was indeed signed by the
+     * holder of the private key.
+     *
+     * @example
+     * ```ts
+     * const eddsa = new EdDsaAlgorithm();
+     * const data = new TextEncoder().encode('Message');
+     * const privateKey = { ... }; // A Jwk object representing a private key
+     * const signature = await eddsa.sign({
+     *   key: privateKey,
+     *   data
+     * });
+     * ```
+     *
+     * @param params - The parameters for the signing operation.
+     * @param params.key - The private key to use for signing, represented in JWK format.
+     * @param params.data - The data to sign.
+     *
+     * @returns A Promise resolving to the digital signature as a `Uint8Array`.
+     */
+    sign(_a) {
+        return __awaiter(this, arguments, void 0, function* ({ key, data }) {
+            if (!isOkpPrivateJwk(key))
+                throw new TypeError('Invalid key provided. Must be an octet key pair (OKP) private key.');
+            switch (key.crv) {
+                case 'Ed25519': {
+                    return yield Ed25519.sign({ key, data });
+                }
+                default: {
+                    throw new Error(`Unsupported curve: ${key.crv}`);
+                }
+            }
+        });
+    }
+    /**
+     * Verifies an EdDSA signature associated with the provided data using the provided key.
+     *
+     * @remarks
+     * This method uses the signature algorithm determined by the `crv` property of the provided key
+     * to check the validity of a digital signature against the original data. It confirms whether the
+     * signature was created by the holder of the corresponding private key and that the data has not
+     * been tampered with.
+     *s
+     * @example
+     * ```ts
+     * const eddsa = new EdDsaAlgorithm();
+     * const publicKey = { ... }; // Public key in JWK format corresponding to the private key that signed the data
+     * const signature = new Uint8Array([...]); // Signature to verify
+     * const data = new TextEncoder().encode('Message');
+     * const isValid = await eddsa.verify({
+     *   key: publicKey,
+     *   signature,
+     *   data
+     * });
+     * ```
+     *
+     * @param params - The parameters for the verification operation.
+     * @param params.key - The key to use for verification.
+     * @param params.signature - The signature to verify.
+     * @param params.data - The data to verify.
+     *
+     * @returns A Promise resolving to a boolean indicating whether the signature is valid.
+     */
+    verify(_a) {
+        return __awaiter(this, arguments, void 0, function* ({ key, signature, data }) {
+            if (!isOkpPublicJwk(key))
+                throw new TypeError('Invalid key provided. Must be an octet key pair (OKP) public key.');
+            switch (key.crv) {
+                case 'Ed25519': {
+                    return yield Ed25519.verify({ key, signature, data });
+                }
+                default: {
+                    throw new Error(`Unsupported curve: ${key.crv}`);
+                }
+            }
+        });
+    }
+}
+//# sourceMappingURL=eddsa.js.map

package/dist/esm/algorithms/eddsa.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"eddsa.js","sourceRoot":"","sources":["../../../src/algorithms/eddsa.ts"],"names":[],"mappings":";;;;;;;;;AAWA,OAAO,EAAE,OAAO,EAAE,MAAM,0BAA0B,CAAC;AACnD,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AACxD,OAAO,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAcjE;;;;;;;;;GASG;AACH,MAAM,OAAO,cAAe,SAAQ,eAAe;IAIjD;;;;;;;;;;;;;;;;;;;OAmBG;IACU,gBAAgB;6DAAC,EAAE,GAAG,EACX;YAEtB,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC;gBAAE,MAAM,IAAI,SAAS,CAAC,oEAAoE,CAAC,CAAC;YAErH,QAAQ,GAAG,CAAC,GAAG,EAAE,CAAC;gBAEhB,KAAK,SAAS,CAAC,CAAC,CAAC;oBACf,MAAM,SAAS,GAAG,MAAM,OAAO,CAAC,gBAAgB,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;oBAC1D,SAAS,CAAC,GAAG,GAAG,OAAO,CAAC;oBACxB,OAAO,SAAS,CAAC;gBACnB,CAAC;gBAED,OAAO,CAAC,CAAC,CAAC;oBACR,MAAM,IAAI,KAAK,CAAC,sBAAsB,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC;gBACnD,CAAC;YACH,CAAC;QACH,CAAC;KAAA;IAED;;;;;;;;;;;;;OAaG;IACG,WAAW;6DAAC,EAAE,SAAS,EACL;YAEtB,QAAQ,SAAS,EAAE,CAAC;gBAElB,KAAK,SAAS,CAAC,CAAC,CAAC;oBACf,MAAM,UAAU,GAAG,MAAM,OAAO,CAAC,WAAW,EAAE,CAAC;oBAC/C,UAAU,CAAC,GAAG,GAAG,OAAO,CAAC;oBACzB,OAAO,UAAU,CAAC;gBACpB,CAAC;YACH,CAAC;QACH,CAAC;KAAA;IAED;;;;;;;;;;;;;;;;;;;;;;;;;OAyBG;IACU,YAAY;6DAAC,EAAE,GAAG,EACX;YAElB,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC;gBAAE,MAAM,IAAI,SAAS,CAAC,oEAAoE,CAAC,CAAC;YAErH,QAAQ,GAAG,CAAC,GAAG,EAAE,CAAC;gBAEhB,KAAK,SAAS,CAAC,CAAC,CAAC;oBACf,MAAM,SAAS,GAAG,MAAM,OAAO,CAAC,YAAY,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;oBACtD,SAAS,CAAC,GAAG,GAAG,OAAO,CAAC;oBACxB,OAAO,SAAS,CAAC;gBACnB,CAAC;gBAED,OAAO,CAAC,CAAC,CAAC;oBACR,MAAM,IAAI,KAAK,CAAC,sBAAsB,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC;gBACnD,CAAC;YACH,CAAC;QACH,CAAC;KAAA;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;OA2BG;IACU,IAAI;6DAAC,EAAE,GAAG,EAAE,IAAI,EACjB;YAEV,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC;gBAAE,MAAM,IAAI,SAAS,CAAC,oEAAoE,CAAC,CAAC;YAErH,QAAQ,GAAG,CAAC,GAAG,EAAE,CAAC;gBAEhB,KAAK,SAAS,CAAC,CAAC,CAAC;oBACf,OAAO,MAAM,OAAO,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC;gBAC3C,CAAC;gBAED,OAAO,CAAC,CAAC,CAAC;oBACR,MAAM,IAAI,KAAK,CAAC,sBAAsB,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC;gBACnD,CAAC;YACH,CAAC;QACH,CAAC;KAAA;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA4BG;IACU,MAAM;6DAAC,EAAE,GAAG,EAAE,SAAS,EAAE,IAAI,EAC5B;YAEZ,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC;gBAAE,MAAM,IAAI,SAAS,CAAC,mEAAmE,CAAC,CAAC;YAEnH,QAAQ,GAAG,CAAC,GAAG,EAAE,CAAC;gBAEhB,KAAK,SAAS,CAAC,CAAC,CAAC;oBACf,OAAO,MAAM,OAAO,CAAC,MAAM,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;gBACxD,CAAC;gBAED,OAAO,CAAC,CAAC,CAAC;oBACR,MAAM,IAAI,KAAK,CAAC,sBAAsB,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC;gBACnD,CAAC;YACH,CAAC;QACH,CAAC;KAAA;CACF"}

package/dist/esm/algorithms/sha-2.js

@@ -0,0 +1,57 @@
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+import { Sha256 } from '../primitives/sha256.js';
+import { CryptoAlgorithm } from './crypto-algorithm.js';
+/**
+ * The `Sha2Algorithm` class is an implementation of the {@link Hasher | `Hasher`} interface for the
+ * SHA-2 family of cryptographic hash functions. The `digest` method takes the algorithm identifier
+ * of the hash function and arbitrary data as input and returns the hash digest of the data.
+ *
+ * This class is typically accessed through implementations that extend the
+ * {@link CryptoApi | `CryptoApi`} interface.
+ */
+export class Sha2Algorithm extends CryptoAlgorithm {
+    /**
+     * Generates a hash digest of the provided data.
+     *
+     * @remarks
+     * A digest is the output of the hash function. It's a fixed-size string of bytes
+     * that uniquely represents the data input into the hash function. The digest is often used for
+     * data integrity checks, as any alteration in the input data results in a significantly
+     * different digest.
+     *
+     * It takes the algorithm identifier of the hash function and data to digest as input and returns
+     * the digest of the data.
+     *
+     * @example
+     * ```ts
+     * const sha2 = new Sha2Algorithm();
+     * const data = new TextEncoder().encode('Messsage');
+     * const digest = await sha2.digest({ data });
+     * ```
+     *
+     * @param params - The parameters for the digest operation.
+     * @param params.algorithm - The name of hash function to use.
+     * @param params.data - The data to digest.
+     *
+     * @returns A Promise which will be fulfilled with the hash digest.
+     */
+    digest(_a) {
+        return __awaiter(this, arguments, void 0, function* ({ algorithm, data }) {
+            switch (algorithm) {
+                case 'SHA-256': {
+                    const hash = yield Sha256.digest({ data });
+                    return hash;
+                }
+            }
+        });
+    }
+}
+//# sourceMappingURL=sha-2.js.map

package/dist/esm/algorithms/sha-2.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sha-2.js","sourceRoot":"","sources":["../../../src/algorithms/sha-2.ts"],"names":[],"mappings":";;;;;;;;;AAGA,OAAO,EAAE,MAAM,EAAE,MAAM,yBAAyB,CAAC;AACjD,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAcxD;;;;;;;GAOG;AACH,MAAM,OAAO,aAAc,SAAQ,eAAe;IAGhD;;;;;;;;;;;;;;;;;;;;;;;;OAwBG;IACU,MAAM;6DAAC,EAAE,SAAS,EAAE,IAAI,EAAoB;YACvD,QAAQ,SAAS,EAAE,CAAC;gBAElB,KAAK,SAAS,CAAC,CAAC,CAAC;oBACf,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;oBAC3C,OAAO,IAAI,CAAC;gBACd,CAAC;YACH,CAAC;QAEH,CAAC;KAAA;CACF"}

package/dist/esm/index.js

@@ -0,0 +1,25 @@
+export * from './local-key-manager.js';
+export * from './utils.js';
+export * from './algorithms/aes-ctr.js';
+export * from './algorithms/aes-gcm.js';
+export * from './algorithms/crypto-algorithm.js';
+export * from './algorithms/ecdsa.js';
+export * from './algorithms/eddsa.js';
+export * from './algorithms/sha-2.js';
+export * from './jose/jwe.js';
+export * from './jose/jwk.js';
+export * from './jose/jws.js';
+export * from './jose/jwt.js';
+export * from './jose/utils.js';
+export * from './primitives/aes-ctr.js';
+export * from './primitives/aes-gcm.js';
+export * from './primitives/concat-kdf.js';
+export * from './primitives/ed25519.js';
+export * from './primitives/secp256r1.js';
+export * from './primitives/pbkdf2.js';
+export * from './primitives/secp256k1.js';
+export * from './primitives/sha256.js';
+export * from './primitives/x25519.js';
+export * from './primitives/xchacha20.js';
+export * from './primitives/xchacha20-poly1305.js';
+//# sourceMappingURL=index.js.map

package/dist/esm/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,wBAAwB,CAAC;AACvC,cAAc,YAAY,CAAC;AAE3B,cAAc,yBAAyB,CAAC;AACxC,cAAc,yBAAyB,CAAC;AACxC,cAAc,kCAAkC,CAAC;AACjD,cAAc,uBAAuB,CAAC;AACtC,cAAc,uBAAuB,CAAC;AACtC,cAAc,uBAAuB,CAAC;AAEtC,cAAc,eAAe,CAAC;AAC9B,cAAc,eAAe,CAAC;AAC9B,cAAc,eAAe,CAAC;AAC9B,cAAc,eAAe,CAAC;AAC9B,cAAc,iBAAiB,CAAC;AAEhC,cAAc,yBAAyB,CAAC;AACxC,cAAc,yBAAyB,CAAC;AACxC,cAAc,4BAA4B,CAAC;AAC3C,cAAc,yBAAyB,CAAC;AACxC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,wBAAwB,CAAC;AACvC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,wBAAwB,CAAC;AACvC,cAAc,wBAAwB,CAAC;AACvC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,oCAAoC,CAAC"}

package/dist/esm/jose/jwe.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=jwe.js.map

package/dist/esm/jose/jwe.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"jwe.js","sourceRoot":"","sources":["../../../src/jose/jwe.ts"],"names":[],"mappings":""}