@enbox/crypto 0.0.3 → 0.0.4

package/dist/types/algorithms/ecdsa.d.ts

@@ -1,7 +1,8 @@
 import type { AsymmetricKeyGenerator } from '../types/key-generator.js';
 import type { Jwk } from '../jose/jwk.js';
 import type { Signer } from '../types/signer.js';
-import type { ComputePublicKeyParams, GenerateKeyParams, GetPublicKeyParams, SignParams, VerifyParams } from '../types/params-direct.js';
+import type { AsymmetricKeyConverter, KeyConverter } from '../types/key-converter.js';
+import type { BytesToPrivateKeyParams, BytesToPublicKeyParams, ComputePublicKeyParams, GenerateKeyParams, GetPublicKeyParams, PrivateKeyToBytesParams, PublicKeyToBytesParams, SignParams, VerifyParams } from '../types/params-direct.js';
 import { CryptoAlgorithm } from './crypto-algorithm.js';
 /**
  * The `EcdsaGenerateKeyParams` interface defines the algorithm-specific parameters that should be
@@ -25,9 +26,35 @@ export interface EcdsaGenerateKeyParams extends GenerateKeyParams {
  * of signatures.
  *
  * This class is typically accessed through implementations that extend the
- * {@link CryptoApi | `CryptoApi`} interface.
+ * {@link DsaApi | `DsaApi`} interface.
  */
-export declare class EcdsaAlgorithm extends CryptoAlgorithm implements AsymmetricKeyGenerator<EcdsaGenerateKeyParams, Jwk, GetPublicKeyParams>, Signer<SignParams, VerifyParams> {
+export declare class EcdsaAlgorithm extends CryptoAlgorithm implements AsymmetricKeyGenerator<EcdsaGenerateKeyParams, Jwk, GetPublicKeyParams>, KeyConverter, AsymmetricKeyConverter, Signer<SignParams, VerifyParams> {
+    /**
+     * Converts a private key from a byte array to JWK format, setting the `alg` property based on
+     * the algorithm.
+     *
+     * @param params - The parameters for the private key conversion.
+     * @param params.algorithm - The ECDSA algorithm identifier.
+     * @param params.privateKeyBytes - The raw private key as a Uint8Array.
+     *
+     * @returns A Promise that resolves to the private key in JWK format.
+     */
+    bytesToPrivateKey({ algorithm, privateKeyBytes }: BytesToPrivateKeyParams & {
+        algorithm: 'ES256' | 'ES256K' | 'secp256k1' | 'secp256r1';
+    }): Promise<Jwk>;
+    /**
+     * Converts a public key from a byte array to JWK format, setting the `alg` property based on
+     * the algorithm.
+     *
+     * @param params - The parameters for the public key conversion.
+     * @param params.algorithm - The ECDSA algorithm identifier.
+     * @param params.publicKeyBytes - The raw public key as a Uint8Array.
+     *
+     * @returns A Promise that resolves to the public key in JWK format.
+     */
+    bytesToPublicKey({ algorithm, publicKeyBytes }: BytesToPublicKeyParams & {
+        algorithm: 'ES256' | 'ES256K' | 'secp256k1' | 'secp256r1';
+    }): Promise<Jwk>;
     /**
      * Derives the public key in JWK format from a given private key.
      *
@@ -150,5 +177,23 @@ export declare class EcdsaAlgorithm extends CryptoAlgorithm implements Asymmetri
      * @returns A Promise resolving to a boolean indicating whether the signature is valid.
      */
     verify({ key, signature, data }: VerifyParams): Promise<boolean>;
+    /**
+     * Converts a private key from JWK format to a byte array.
+     *
+     * @param params - The parameters for the private key conversion.
+     * @param params.privateKey - The private key in JWK format.
+     *
+     * @returns A Promise that resolves to the private key as a Uint8Array.
+     */
+    privateKeyToBytes({ privateKey }: PrivateKeyToBytesParams): Promise<Uint8Array>;
+    /**
+     * Converts a public key from JWK format to a byte array.
+     *
+     * @param params - The parameters for the public key conversion.
+     * @param params.publicKey - The public key in JWK format.
+     *
+     * @returns A Promise that resolves to the public key as a Uint8Array.
+     */
+    publicKeyToBytes({ publicKey }: PublicKeyToBytesParams): Promise<Uint8Array>;
 }
 //# sourceMappingURL=ecdsa.d.ts.map

package/dist/types/algorithms/ecdsa.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"ecdsa.d.ts","sourceRoot":"","sources":["../../../src/algorithms/ecdsa.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,2BAA2B,CAAC;AACxE,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,gBAAgB,CAAC;AAC1C,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,KAAK,EACV,sBAAsB,EACtB,iBAAiB,EACjB,kBAAkB,EAClB,UAAU,EACV,YAAY,EACb,MAAM,2BAA2B,CAAC;AAEnC,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAKxD;;;GAGG;AACH,MAAM,WAAW,sBAAuB,SAAQ,iBAAiB;IAC/D;;;;;;OAMG;IACH,SAAS,EAAE,OAAO,GAAG,QAAQ,GAAG,WAAW,GAAG,WAAW,CAAC;CAC3D;AAED;;;;;;;;;GASG;AACH,qBAAa,cAAe,SAAQ,eAClC,YAAW,sBAAsB,CAAC,sBAAsB,EAAE,GAAG,EAAE,kBAAkB,CAAC,EACvE,MAAM,CAAC,UAAU,EAAE,YAAY,CAAC;IAE3C;;;;;;;;;;;;;;;;;;;OAmBG;IACU,gBAAgB,CAAC,EAAE,GAAG,EAAE,EACnC,sBAAsB,GACrB,OAAO,CAAC,GAAG,CAAC;IAuBf;;;;;;;;;;;;;OAaG;IACU,WAAW,CAAC,EAAE,SAAS,EAAE,EACpC,sBAAsB,GACrB,OAAO,CAAC,GAAG,CAAC;IAmBf;;;;;;;;;;;;;;;;;;;;;;;;;OAyBG;IACU,YAAY,CAAC,EAAE,GAAG,EAAE,EAC/B,kBAAkB,GACjB,OAAO,CAAC,GAAG,CAAC;IAuBf;;;;;;;;;;;;;;;;;;;;;;;;;;;OA2BG;IACU,IAAI,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,EAC7B,UAAU,GACT,OAAO,CAAC,UAAU,CAAC;IAmBtB;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA4BG;IACU,MAAM,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE,IAAI,EAAE,EAC1C,YAAY,GACX,OAAO,CAAC,OAAO,CAAC;CAkBpB"}
+{"version":3,"file":"ecdsa.d.ts","sourceRoot":"","sources":["../../../src/algorithms/ecdsa.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,2BAA2B,CAAC;AACxE,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,gBAAgB,CAAC;AAC1C,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,KAAK,EAAE,sBAAsB,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAC;AACtF,OAAO,KAAK,EACV,uBAAuB,EACvB,sBAAsB,EACtB,sBAAsB,EACtB,iBAAiB,EACjB,kBAAkB,EAClB,uBAAuB,EACvB,sBAAsB,EACtB,UAAU,EACV,YAAY,EACb,MAAM,2BAA2B,CAAC;AAEnC,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAMxD;;;GAGG;AACH,MAAM,WAAW,sBAAuB,SAAQ,iBAAiB;IAC/D;;;;;;OAMG;IACH,SAAS,EAAE,OAAO,GAAG,QAAQ,GAAG,WAAW,GAAG,WAAW,CAAC;CAC3D;AAED;;;;;;;;;GASG;AACH,qBAAa,cAAe,SAAQ,eAClC,YAAW,sBAAsB,CAAC,sBAAsB,EAAE,GAAG,EAAE,kBAAkB,CAAC,EACvE,YAAY,EAAE,sBAAsB,EACpC,MAAM,CAAC,UAAU,EAAE,YAAY,CAAC;IAE3C;;;;;;;;;OASG;IACU,iBAAiB,CAAC,EAAE,SAAS,EAAE,eAAe,EAAE,EAC3D,uBAAuB,GAAG;QAAE,SAAS,EAAE,OAAO,GAAG,QAAQ,GAAG,WAAW,GAAG,WAAW,CAAA;KAAE,GACtF,OAAO,CAAC,GAAG,CAAC;IAuBf;;;;;;;;;OASG;IACU,gBAAgB,CAAC,EAAE,SAAS,EAAE,cAAc,EAAE,EACzD,sBAAsB,GAAG;QAAE,SAAS,EAAE,OAAO,GAAG,QAAQ,GAAG,WAAW,GAAG,WAAW,CAAA;KAAE,GACrF,OAAO,CAAC,GAAG,CAAC;IAuBf;;;;;;;;;;;;;;;;;;;OAmBG;IACU,gBAAgB,CAAC,EAAE,GAAG,EAAE,EACnC,sBAAsB,GACrB,OAAO,CAAC,GAAG,CAAC;IAuBf;;;;;;;;;;;;;OAaG;IACU,WAAW,CAAC,EAAE,SAAS,EAAE,EACpC,sBAAsB,GACrB,OAAO,CAAC,GAAG,CAAC;IAmBf;;;;;;;;;;;;;;;;;;;;;;;;;OAyBG;IACU,YAAY,CAAC,EAAE,GAAG,EAAE,EAC/B,kBAAkB,GACjB,OAAO,CAAC,GAAG,CAAC;IAuBf;;;;;;;;;;;;;;;;;;;;;;;;;;;OA2BG;IACU,IAAI,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,EAC7B,UAAU,GACT,OAAO,CAAC,UAAU,CAAC;IAmBtB;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA4BG;IACU,MAAM,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE,IAAI,EAAE,EAC1C,YAAY,GACX,OAAO,CAAC,OAAO,CAAC;IAmBnB;;;;;;;OAOG;IACU,iBAAiB,CAAC,EAAE,UAAU,EAAE,EAC3C,uBAAuB,GACtB,OAAO,CAAC,UAAU,CAAC;IAiBtB;;;;;;;OAOG;IACU,gBAAgB,CAAC,EAAE,SAAS,EAAE,EACzC,sBAAsB,GACrB,OAAO,CAAC,UAAU,CAAC;CAgBvB"}

package/dist/types/algorithms/eddsa.d.ts

@@ -1,7 +1,8 @@
 import type { AsymmetricKeyGenerator } from '../types/key-generator.js';
 import type { Jwk } from '../jose/jwk.js';
 import type { Signer } from '../types/signer.js';
-import type { ComputePublicKeyParams, GenerateKeyParams, GetPublicKeyParams, SignParams, VerifyParams } from '../types/params-direct.js';
+import type { AsymmetricKeyConverter, KeyConverter } from '../types/key-converter.js';
+import type { BytesToPrivateKeyParams, BytesToPublicKeyParams, ComputePublicKeyParams, GenerateKeyParams, GetPublicKeyParams, PrivateKeyToBytesParams, PublicKeyToBytesParams, SignParams, VerifyParams } from '../types/params-direct.js';
 import { CryptoAlgorithm } from './crypto-algorithm.js';
 /**
  * The `EdDsaGenerateKeyParams` interface defines the algorithm-specific parameters that should be
@@ -22,9 +23,35 @@ export interface EdDsaGenerateKeyParams extends GenerateKeyParams {
  * of signatures.
  *
  * This class is typically accessed through implementations that extend the
- * {@link CryptoApi | `CryptoApi`} interface.
+ * {@link DsaApi | `DsaApi`} interface.
  */
-export declare class EdDsaAlgorithm extends CryptoAlgorithm implements AsymmetricKeyGenerator<EdDsaGenerateKeyParams, Jwk, GetPublicKeyParams>, Signer<SignParams, VerifyParams> {
+export declare class EdDsaAlgorithm extends CryptoAlgorithm implements AsymmetricKeyGenerator<EdDsaGenerateKeyParams, Jwk, GetPublicKeyParams>, KeyConverter, AsymmetricKeyConverter, Signer<SignParams, VerifyParams> {
+    /**
+     * Converts a private key from a byte array to JWK format, setting the `alg` property to
+     * `'EdDSA'`.
+     *
+     * @param params - The parameters for the private key conversion.
+     * @param params.algorithm - The EdDSA algorithm identifier (`'Ed25519'`).
+     * @param params.privateKeyBytes - The raw private key as a Uint8Array.
+     *
+     * @returns A Promise that resolves to the private key in JWK format.
+     */
+    bytesToPrivateKey({ algorithm, privateKeyBytes }: BytesToPrivateKeyParams & {
+        algorithm: 'Ed25519';
+    }): Promise<Jwk>;
+    /**
+     * Converts a public key from a byte array to JWK format, setting the `alg` property to
+     * `'EdDSA'`.
+     *
+     * @param params - The parameters for the public key conversion.
+     * @param params.algorithm - The EdDSA algorithm identifier (`'Ed25519'`).
+     * @param params.publicKeyBytes - The raw public key as a Uint8Array.
+     *
+     * @returns A Promise that resolves to the public key in JWK format.
+     */
+    bytesToPublicKey({ algorithm, publicKeyBytes }: BytesToPublicKeyParams & {
+        algorithm: 'Ed25519';
+    }): Promise<Jwk>;
     /**
      * Derives the public key in JWK format from a given private key.
      *
@@ -147,5 +174,23 @@ export declare class EdDsaAlgorithm extends CryptoAlgorithm implements Asymmetri
      * @returns A Promise resolving to a boolean indicating whether the signature is valid.
      */
     verify({ key, signature, data }: VerifyParams): Promise<boolean>;
+    /**
+     * Converts a private key from JWK format to a byte array.
+     *
+     * @param params - The parameters for the private key conversion.
+     * @param params.privateKey - The private key in JWK format.
+     *
+     * @returns A Promise that resolves to the private key as a Uint8Array.
+     */
+    privateKeyToBytes({ privateKey }: PrivateKeyToBytesParams): Promise<Uint8Array>;
+    /**
+     * Converts a public key from JWK format to a byte array.
+     *
+     * @param params - The parameters for the public key conversion.
+     * @param params.publicKey - The public key in JWK format.
+     *
+     * @returns A Promise that resolves to the public key as a Uint8Array.
+     */
+    publicKeyToBytes({ publicKey }: PublicKeyToBytesParams): Promise<Uint8Array>;
 }
 //# sourceMappingURL=eddsa.d.ts.map

package/dist/types/algorithms/eddsa.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"eddsa.d.ts","sourceRoot":"","sources":["../../../src/algorithms/eddsa.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,2BAA2B,CAAC;AACxE,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,gBAAgB,CAAC;AAC1C,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,KAAK,EACV,sBAAsB,EACtB,iBAAiB,EACjB,kBAAkB,EAClB,UAAU,EACV,YAAY,EACb,MAAM,2BAA2B,CAAC;AAEnC,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAIxD;;;GAGG;AACH,MAAM,WAAW,sBAAuB,SAAQ,iBAAiB;IAC/D;;;OAGG;IACH,SAAS,EAAE,SAAS,CAAC;CACtB;AAED;;;;;;;;;GASG;AACH,qBAAa,cAAe,SAAQ,eAClC,YAAW,sBAAsB,CAAC,sBAAsB,EAAE,GAAG,EAAE,kBAAkB,CAAC,EACvE,MAAM,CAAC,UAAU,EAAE,YAAY,CAAC;IAE3C;;;;;;;;;;;;;;;;;;;OAmBG;IACU,gBAAgB,CAAC,EAAE,GAAG,EAAE,EACnC,sBAAsB,GACrB,OAAO,CAAC,GAAG,CAAC;IAiBf;;;;;;;;;;;;;OAaG;IACG,WAAW,CAAC,EAAE,SAAS,EAAE,EAC7B,sBAAsB,GACrB,OAAO,CAAC,GAAG,CAAC;IAWf;;;;;;;;;;;;;;;;;;;;;;;;;OAyBG;IACU,YAAY,CAAC,EAAE,GAAG,EAAE,EAC/B,kBAAkB,GACjB,OAAO,CAAC,GAAG,CAAC;IAiBf;;;;;;;;;;;;;;;;;;;;;;;;;;;OA2BG;IACU,IAAI,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,EAC7B,UAAU,GACT,OAAO,CAAC,UAAU,CAAC;IAetB;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA4BG;IACU,MAAM,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE,IAAI,EAAE,EAC1C,YAAY,GACX,OAAO,CAAC,OAAO,CAAC;CAcpB"}
+{"version":3,"file":"eddsa.d.ts","sourceRoot":"","sources":["../../../src/algorithms/eddsa.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,2BAA2B,CAAC;AACxE,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,gBAAgB,CAAC;AAC1C,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,KAAK,EAAE,sBAAsB,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAC;AACtF,OAAO,KAAK,EACV,uBAAuB,EACvB,sBAAsB,EACtB,sBAAsB,EACtB,iBAAiB,EACjB,kBAAkB,EAClB,uBAAuB,EACvB,sBAAsB,EACtB,UAAU,EACV,YAAY,EACb,MAAM,2BAA2B,CAAC;AAEnC,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAKxD;;;GAGG;AACH,MAAM,WAAW,sBAAuB,SAAQ,iBAAiB;IAC/D;;;OAGG;IACH,SAAS,EAAE,SAAS,CAAC;CACtB;AAED;;;;;;;;;GASG;AACH,qBAAa,cAAe,SAAQ,eAClC,YAAW,sBAAsB,CAAC,sBAAsB,EAAE,GAAG,EAAE,kBAAkB,CAAC,EACvE,YAAY,EAAE,sBAAsB,EACpC,MAAM,CAAC,UAAU,EAAE,YAAY,CAAC;IAE3C;;;;;;;;;OASG;IACU,iBAAiB,CAAC,EAAE,SAAS,EAAE,eAAe,EAAE,EAC3D,uBAAuB,GAAG;QAAE,SAAS,EAAE,SAAS,CAAA;KAAE,GACjD,OAAO,CAAC,GAAG,CAAC;IAef;;;;;;;;;OASG;IACU,gBAAgB,CAAC,EAAE,SAAS,EAAE,cAAc,EAAE,EACzD,sBAAsB,GAAG;QAAE,SAAS,EAAE,SAAS,CAAA;KAAE,GAChD,OAAO,CAAC,GAAG,CAAC;IAef;;;;;;;;;;;;;;;;;;;OAmBG;IACU,gBAAgB,CAAC,EAAE,GAAG,EAAE,EACnC,sBAAsB,GACrB,OAAO,CAAC,GAAG,CAAC;IAiBf;;;;;;;;;;;;;OAaG;IACG,WAAW,CAAC,EAAE,SAAS,EAAE,EAC7B,sBAAsB,GACrB,OAAO,CAAC,GAAG,CAAC;IAWf;;;;;;;;;;;;;;;;;;;;;;;;;OAyBG;IACU,YAAY,CAAC,EAAE,GAAG,EAAE,EAC/B,kBAAkB,GACjB,OAAO,CAAC,GAAG,CAAC;IAiBf;;;;;;;;;;;;;;;;;;;;;;;;;;;OA2BG;IACU,IAAI,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,EAC7B,UAAU,GACT,OAAO,CAAC,UAAU,CAAC;IAetB;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA4BG;IACU,MAAM,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE,IAAI,EAAE,EAC1C,YAAY,GACX,OAAO,CAAC,OAAO,CAAC;IAenB;;;;;;;OAOG;IACU,iBAAiB,CAAC,EAAE,UAAU,EAAE,EAC3C,uBAAuB,GACtB,OAAO,CAAC,UAAU,CAAC;IAatB;;;;;;;OAOG;IACU,gBAAgB,CAAC,EAAE,SAAS,EAAE,EACzC,sBAAsB,GACrB,OAAO,CAAC,UAAU,CAAC;CAYvB"}

package/dist/types/algorithms/hkdf.d.ts

@@ -0,0 +1,35 @@
+import type { DeriveKeyBytesParams } from '../types/params-direct.js';
+import type { HkdfParams } from '../primitives/hkdf.js';
+import type { KeyBytesDeriver } from '../types/key-deriver.js';
+import { CryptoAlgorithm } from './crypto-algorithm.js';
+/**
+ * The `HkdfDeriveKeyBytesParams` interface defines the algorithm-specific parameters that should be
+ * passed into the `deriveKeyBytes()` method when using the HKDF algorithm.
+ */
+export interface HkdfDeriveKeyBytesParams extends DeriveKeyBytesParams {
+    /** Specifies the algorithm variant for HKDF key derivation.
+     * The value determines the hash function that will be used and must be one of the following:
+     * - `"HKDF-256"`: HKDF with SHA-256.
+     * - `"HKDF-384"`: HKDF with SHA-384.
+     * - `"HKDF-512"`: HKDF with SHA-512.
+     */
+    algorithm: 'HKDF-256' | 'HKDF-384' | 'HKDF-512';
+}
+/**
+ * The `HkdfAlgorithm` class provides a concrete implementation for HKDF key derivation. It wraps
+ * the {@link Hkdf} primitive and maps JOSE algorithm names to hash functions.
+ */
+export declare class HkdfAlgorithm extends CryptoAlgorithm implements KeyBytesDeriver<HkdfDeriveKeyBytesParams, Uint8Array> {
+    /**
+     * Derives a cryptographic byte array using HKDF.
+     *
+     * @param params - The parameters for the key derivation operation.
+     * @param params.algorithm - The HKDF algorithm variant (e.g., `'HKDF-256'`).
+     * @param params.baseKeyBytes - The input key material.
+     * @param params.length - The desired length of the output in bits.
+     *
+     * @returns A Promise that resolves to the derived key bytes.
+     */
+    deriveKeyBytes({ algorithm, ...params }: HkdfDeriveKeyBytesParams & Omit<HkdfParams, 'hash'>): Promise<Uint8Array>;
+}
+//# sourceMappingURL=hkdf.d.ts.map

package/dist/types/algorithms/hkdf.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"hkdf.d.ts","sourceRoot":"","sources":["../../../src/algorithms/hkdf.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,2BAA2B,CAAC;AACtE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACxD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAC;AAE/D,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAGxD;;;GAGG;AACH,MAAM,WAAW,wBAAyB,SAAQ,oBAAoB;IACpE;;;;;OAKG;IACH,SAAS,EAAE,UAAU,GAAG,UAAU,GAAG,UAAU,CAAC;CACjD;AAED;;;GAGG;AACH,qBAAa,aAAc,SAAQ,eACjC,YAAW,eAAe,CAAC,wBAAwB,EAAE,UAAU,CAAC;IAEhE;;;;;;;;;OASG;IACU,cAAc,CAAC,EAAE,SAAS,EAAE,GAAG,MAAM,EAAE,EAClD,wBAAwB,GAAG,IAAI,CAAC,UAAU,EAAE,MAAM,CAAC,GAClD,OAAO,CAAC,UAAU,CAAC;CAavB"}

package/dist/types/algorithms/pbkdf2.d.ts

@@ -0,0 +1,35 @@
+import type { DeriveKeyBytesParams } from '../types/params-direct.js';
+import type { KeyBytesDeriver } from '../types/key-deriver.js';
+import type { Pbkdf2Params } from '../primitives/pbkdf2.js';
+import { CryptoAlgorithm } from './crypto-algorithm.js';
+/**
+ * The `Pbkdf2DeriveKeyBytesParams` interface defines the algorithm-specific parameters that
+ * should be passed into the `deriveKeyBytes()` method when using the PBKDF2 algorithm.
+ */
+export interface Pbkdf2DeriveKeyBytesParams extends DeriveKeyBytesParams {
+    /** Specifies the algorithm variant for PBKDF2 key derivation.
+     * The value determines the hash function that will be used and must be one of the following:
+     * - `"PBES2-HS256+A128KW"`: PBKDF2 with HMAC SHA-256 and A128KW key wrapping.
+     * - `"PBES2-HS384+A192KW"`: PBKDF2 with HMAC SHA-384 and A192KW key wrapping.
+     * - `"PBES2-HS512+A256KW"`: PBKDF2 with HMAC SHA-512 and A256KW key wrapping.
+     */
+    algorithm: 'PBES2-HS256+A128KW' | 'PBES2-HS384+A192KW' | 'PBES2-HS512+A256KW';
+}
+/**
+ * The `Pbkdf2Algorithm` class provides a concrete implementation for PBKDF2 key derivation. It
+ * wraps the {@link Pbkdf2} primitive and maps PBES2 JOSE algorithm names to hash functions.
+ */
+export declare class Pbkdf2Algorithm extends CryptoAlgorithm implements KeyBytesDeriver<Pbkdf2DeriveKeyBytesParams, Uint8Array> {
+    /**
+     * Derives a cryptographic byte array using PBKDF2.
+     *
+     * @param params - The parameters for the key derivation operation.
+     * @param params.algorithm - The PBES2 algorithm variant (e.g., `'PBES2-HS512+A256KW'`).
+     * @param params.baseKeyBytes - The password or passphrase as bytes.
+     * @param params.length - The desired length of the output in bits.
+     *
+     * @returns A Promise that resolves to the derived key bytes.
+     */
+    deriveKeyBytes({ algorithm, ...params }: Pbkdf2DeriveKeyBytesParams & Omit<Pbkdf2Params, 'hash'>): Promise<Uint8Array>;
+}
+//# sourceMappingURL=pbkdf2.d.ts.map

package/dist/types/algorithms/pbkdf2.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"pbkdf2.d.ts","sourceRoot":"","sources":["../../../src/algorithms/pbkdf2.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,2BAA2B,CAAC;AACtE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAC;AAC/D,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AAE5D,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAGxD;;;GAGG;AACH,MAAM,WAAW,0BAA2B,SAAQ,oBAAoB;IACtE;;;;;OAKG;IACH,SAAS,EAAE,oBAAoB,GAAG,oBAAoB,GAAG,oBAAoB,CAAC;CAC/E;AAED;;;GAGG;AACH,qBAAa,eAAgB,SAAQ,eACnC,YAAW,eAAe,CAAC,0BAA0B,EAAE,UAAU,CAAC;IAElE;;;;;;;;;OASG;IACU,cAAc,CAAC,EAAE,SAAS,EAAE,GAAG,MAAM,EAAE,EAClD,0BAA0B,GAAG,IAAI,CAAC,YAAY,EAAE,MAAM,CAAC,GACtD,OAAO,CAAC,UAAU,CAAC;CAgBvB"}

package/dist/types/algorithms/sha-2.d.ts

@@ -18,7 +18,7 @@ export interface Sha2DigestParams extends DigestParams {
  * of the hash function and arbitrary data as input and returns the hash digest of the data.
  *
  * This class is typically accessed through implementations that extend the
- * {@link CryptoApi | `CryptoApi`} interface.
+ * {@link DsaApi | `DsaApi`} interface.
  */
 export declare class Sha2Algorithm extends CryptoAlgorithm implements Hasher<Sha2DigestParams> {
     /**

package/dist/types/algorithms/x25519.d.ts

@@ -0,0 +1,76 @@
+import type { AsymmetricKeyGenerator } from '../types/key-generator.js';
+import type { Jwk } from '../jose/jwk.js';
+import type { KeyConverter } from '../types/key-converter.js';
+import type { BytesToPrivateKeyParams, ComputePublicKeyParams, GenerateKeyParams, GetPublicKeyParams, PrivateKeyToBytesParams } from '../types/params-direct.js';
+import { CryptoAlgorithm } from './crypto-algorithm.js';
+/**
+ * The `X25519GenerateKeyParams` interface defines the algorithm-specific parameters that should be
+ * passed into the `generateKey()` method when using the X25519 key agreement algorithm.
+ */
+export interface X25519GenerateKeyParams extends GenerateKeyParams {
+    /**
+     * A string defining the type of key to generate. The value must be:
+     * - `"X25519"`: Elliptic-curve Diffie-Hellman (ECDH) using Curve25519.
+     */
+    algorithm: 'X25519';
+}
+/**
+ * The `X25519Algorithm` class provides a concrete implementation for key generation,
+ * public key derivation, and key conversion using the X25519 elliptic curve. X25519 is a
+ * key agreement curve (not a signature curve) used for ECDH key exchange in JWE encryption.
+ *
+ * This class implements the {@link AsymmetricKeyGenerator | `AsymmetricKeyGenerator`} and
+ * {@link KeyConverter | `KeyConverter`} interfaces, providing private key generation,
+ * public key derivation, and byte/JWK conversion.
+ */
+export declare class X25519Algorithm extends CryptoAlgorithm implements AsymmetricKeyGenerator<X25519GenerateKeyParams, Jwk, GetPublicKeyParams>, KeyConverter {
+    /**
+     * Converts a raw private key in bytes to its corresponding JWK format.
+     *
+     * @param params - The parameters for the private key conversion.
+     * @param params.algorithm - Must be `'X25519'`.
+     * @param params.privateKeyBytes - The raw private key as a Uint8Array.
+     *
+     * @returns A Promise that resolves to the private key in JWK format.
+     */
+    bytesToPrivateKey({ algorithm, privateKeyBytes }: BytesToPrivateKeyParams & {
+        algorithm: 'X25519';
+    }): Promise<Jwk>;
+    /**
+     * Derives the public key in JWK format from a given X25519 private key.
+     *
+     * @param params - The parameters for the public key derivation.
+     * @param params.key - The private key in JWK format from which to derive the public key.
+     *
+     * @returns A Promise that resolves to the derived public key in JWK format.
+     */
+    computePublicKey({ key }: ComputePublicKeyParams): Promise<Jwk>;
+    /**
+     * Generates a new X25519 private key in JWK format.
+     *
+     * @param params - The parameters for key generation.
+     * @param params.algorithm - Must be `'X25519'`.
+     *
+     * @returns A Promise that resolves to the generated private key in JWK format.
+     */
+    generateKey({ algorithm }: X25519GenerateKeyParams): Promise<Jwk>;
+    /**
+     * Retrieves the public key properties from a given X25519 private key in JWK format.
+     *
+     * @param params - The parameters for retrieving the public key properties.
+     * @param params.key - The private key in JWK format.
+     *
+     * @returns A Promise that resolves to the public key in JWK format.
+     */
+    getPublicKey({ key }: GetPublicKeyParams): Promise<Jwk>;
+    /**
+     * Converts a private key from JWK format to a byte array.
+     *
+     * @param params - The parameters for the private key conversion.
+     * @param params.privateKey - The private key in JWK format.
+     *
+     * @returns A Promise that resolves to the private key as a Uint8Array.
+     */
+    privateKeyToBytes({ privateKey }: PrivateKeyToBytesParams): Promise<Uint8Array>;
+}
+//# sourceMappingURL=x25519.d.ts.map

package/dist/types/algorithms/x25519.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"x25519.d.ts","sourceRoot":"","sources":["../../../src/algorithms/x25519.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,2BAA2B,CAAC;AACxE,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,gBAAgB,CAAC;AAC1C,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,KAAK,EACV,uBAAuB,EACvB,sBAAsB,EACtB,iBAAiB,EACjB,kBAAkB,EAClB,uBAAuB,EACxB,MAAM,2BAA2B,CAAC;AAEnC,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAMxD;;;GAGG;AACH,MAAM,WAAW,uBAAwB,SAAQ,iBAAiB;IAChE;;;OAGG;IACH,SAAS,EAAE,QAAQ,CAAC;CACrB;AAED;;;;;;;;GAQG;AACH,qBAAa,eAAgB,SAAQ,eACnC,YAAW,sBAAsB,CAAC,uBAAuB,EAAE,GAAG,EAAE,kBAAkB,CAAC,EACxE,YAAY;IAEvB;;;;;;;;OAQG;IACU,iBAAiB,CAAC,EAAE,SAAS,EAAE,eAAe,EAAE,EAC3D,uBAAuB,GAAG;QAAE,SAAS,EAAE,QAAQ,CAAA;KAAE,GAChD,OAAO,CAAC,GAAG,CAAC;IAaf;;;;;;;OAOG;IACU,gBAAgB,CAAC,EAAE,GAAG,EAAE,EACnC,sBAAsB,GACrB,OAAO,CAAC,GAAG,CAAC;IAef;;;;;;;OAOG;IACG,WAAW,CAAC,EAAE,SAAS,EAAE,EAC7B,uBAAuB,GACtB,OAAO,CAAC,GAAG,CAAC;IAaf;;;;;;;OAOG;IACU,YAAY,CAAC,EAAE,GAAG,EAAE,EAC/B,kBAAkB,GACjB,OAAO,CAAC,GAAG,CAAC;IAef;;;;;;;OAOG;IACU,iBAAiB,CAAC,EAAE,UAAU,EAAE,EAC3C,uBAAuB,GACtB,OAAO,CAAC,UAAU,CAAC;CAGvB"}

package/dist/types/index.d.ts

@@ -3,10 +3,14 @@ export * from './local-key-manager.js';
 export * from './utils.js';
 export * from './algorithms/aes-ctr.js';
 export * from './algorithms/aes-gcm.js';
+export * from './algorithms/aes-kw.js';
 export * from './algorithms/crypto-algorithm.js';
 export * from './algorithms/ecdsa.js';
 export * from './algorithms/eddsa.js';
+export * from './algorithms/hkdf.js';
+export * from './algorithms/pbkdf2.js';
 export * from './algorithms/sha-2.js';
+export * from './algorithms/x25519.js';
 export * from './jose/jwe.js';
 export * from './jose/jwk.js';
 export * from './jose/jws.js';
@@ -16,6 +20,7 @@ export * from './primitives/aes-ctr.js';
 export * from './primitives/aes-gcm.js';
 export * from './primitives/aes-kw.js';
 export * from './primitives/concat-kdf.js';
+export * from './primitives/ecies-secp256k1.js';
 export * from './primitives/ed25519.js';
 export * from './primitives/hkdf.js';
 export * from './primitives/secp256r1.js';

package/dist/types/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,mBAAmB,CAAC;AAClC,cAAc,wBAAwB,CAAC;AACvC,cAAc,YAAY,CAAC;AAE3B,cAAc,yBAAyB,CAAC;AACxC,cAAc,yBAAyB,CAAC;AACxC,cAAc,kCAAkC,CAAC;AACjD,cAAc,uBAAuB,CAAC;AACtC,cAAc,uBAAuB,CAAC;AACtC,cAAc,uBAAuB,CAAC;AAEtC,cAAc,eAAe,CAAC;AAC9B,cAAc,eAAe,CAAC;AAC9B,cAAc,eAAe,CAAC;AAC9B,cAAc,eAAe,CAAC;AAC9B,cAAc,iBAAiB,CAAC;AAEhC,cAAc,yBAAyB,CAAC;AACxC,cAAc,yBAAyB,CAAC;AACxC,cAAc,wBAAwB,CAAC;AACvC,cAAc,4BAA4B,CAAC;AAC3C,cAAc,yBAAyB,CAAC;AACxC,cAAc,sBAAsB,CAAC;AACrC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,wBAAwB,CAAC;AACvC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,wBAAwB,CAAC;AACvC,cAAc,wBAAwB,CAAC;AACvC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,oCAAoC,CAAC;AAEnD,mBAAmB,mBAAmB,CAAC;AACvC,mBAAmB,uBAAuB,CAAC;AAC3C,mBAAmB,mBAAmB,CAAC;AACvC,mBAAmB,uBAAuB,CAAC;AAC3C,mBAAmB,2BAA2B,CAAC;AAC/C,mBAAmB,0BAA0B,CAAC;AAC9C,mBAAmB,wBAAwB,CAAC;AAC5C,mBAAmB,0BAA0B,CAAC;AAC9C,mBAAmB,mBAAmB,CAAC;AACvC,mBAAmB,wBAAwB,CAAC;AAC5C,mBAAmB,0BAA0B,CAAC;AAC9C,mBAAmB,4BAA4B,CAAC;AAChD,mBAAmB,uBAAuB,CAAC;AAC3C,mBAAmB,mBAAmB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,mBAAmB,CAAC;AAClC,cAAc,wBAAwB,CAAC;AACvC,cAAc,YAAY,CAAC;AAE3B,cAAc,yBAAyB,CAAC;AACxC,cAAc,yBAAyB,CAAC;AACxC,cAAc,wBAAwB,CAAC;AACvC,cAAc,kCAAkC,CAAC;AACjD,cAAc,uBAAuB,CAAC;AACtC,cAAc,uBAAuB,CAAC;AACtC,cAAc,sBAAsB,CAAC;AACrC,cAAc,wBAAwB,CAAC;AACvC,cAAc,uBAAuB,CAAC;AACtC,cAAc,wBAAwB,CAAC;AAEvC,cAAc,eAAe,CAAC;AAC9B,cAAc,eAAe,CAAC;AAC9B,cAAc,eAAe,CAAC;AAC9B,cAAc,eAAe,CAAC;AAC9B,cAAc,iBAAiB,CAAC;AAEhC,cAAc,yBAAyB,CAAC;AACxC,cAAc,yBAAyB,CAAC;AACxC,cAAc,wBAAwB,CAAC;AACvC,cAAc,4BAA4B,CAAC;AAC3C,cAAc,iCAAiC,CAAC;AAChD,cAAc,yBAAyB,CAAC;AACxC,cAAc,sBAAsB,CAAC;AACrC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,wBAAwB,CAAC;AACvC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,wBAAwB,CAAC;AACvC,cAAc,wBAAwB,CAAC;AACvC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,oCAAoC,CAAC;AAEnD,mBAAmB,mBAAmB,CAAC;AACvC,mBAAmB,uBAAuB,CAAC;AAC3C,mBAAmB,mBAAmB,CAAC;AACvC,mBAAmB,uBAAuB,CAAC;AAC3C,mBAAmB,2BAA2B,CAAC;AAC/C,mBAAmB,0BAA0B,CAAC;AAC9C,mBAAmB,wBAAwB,CAAC;AAC5C,mBAAmB,0BAA0B,CAAC;AAC9C,mBAAmB,mBAAmB,CAAC;AACvC,mBAAmB,wBAAwB,CAAC;AAC5C,mBAAmB,0BAA0B,CAAC;AAC9C,mBAAmB,4BAA4B,CAAC;AAChD,mBAAmB,uBAAuB,CAAC;AAC3C,mBAAmB,mBAAmB,CAAC"}

package/dist/types/local-key-manager.d.ts

@@ -1,8 +1,8 @@
 import type { KeyValueStore } from '@enbox/common';
-import type { CryptoApi } from './types/crypto-api.js';
 import type { Jwk } from './jose/jwk.js';
 import type { KeyIdentifier } from './types/identifier.js';
 import type { KeyImporterExporter } from './types/key-io.js';
+import type { KeyManager } from './types/crypto-api.js';
 import type { KmsDigestParams, KmsExportKeyParams, KmsGenerateKeyParams, KmsGetKeyUriParams, KmsGetPublicKeyParams, KmsImportKeyParams, KmsSignParams, KmsVerifyParams } from './types/params-kms.js';
 /**
  * The `LocalKeyManagerParams` interface specifies the parameters for initializing an instance of
@@ -42,9 +42,9 @@ export interface LocalKeyManagerGenerateKeyParams extends KmsGenerateKeyParams {
      * - `"Ed25519"`
      * - `"secp256k1"`
      */
-    algorithm: 'Ed25519' | 'secp256k1' | 'secp256r1';
+    algorithm: 'Ed25519' | 'secp256k1' | 'secp256r1' | 'X25519';
 }
-export declare class LocalKeyManager implements CryptoApi, KeyImporterExporter<KmsImportKeyParams, KeyIdentifier, KmsExportKeyParams> {
+export declare class LocalKeyManager implements KeyManager, KeyImporterExporter<KmsImportKeyParams, KeyIdentifier, KmsExportKeyParams> {
     /**
      * A private map that stores instances of cryptographic algorithm implementations. Each key in
      * this map is an `AlgorithmConstructor`, and its corresponding value is an instance of a class
@@ -131,7 +131,7 @@ export declare class LocalKeyManager implements CryptoApi, KeyImporterExporter<K
      * @remarks
      * This method generates a {@link https://datatracker.ietf.org/doc/html/rfc3986 | URI}
      * (Uniform Resource Identifier) for the given JWK, which uniquely identifies the key across all
-     * `CryptoApi` implementations. The key URI is constructed by appending the
+     * `KeyManager` implementations. The key URI is constructed by appending the
      * {@link https://datatracker.ietf.org/doc/html/rfc7638 | JWK thumbprint} to the prefix
      * `urn:jwk:`. The JWK thumbprint is deterministically computed from the JWK and is consistent
      * regardless of property order or optional property inclusion in the JWK. This ensures that the

package/dist/types/local-key-manager.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"local-key-manager.d.ts","sourceRoot":"","sources":["../../src/local-key-manager.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAInD,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAEvD,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,eAAe,CAAC;AACzC,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAC3D,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AAI7D,OAAO,KAAK,EACV,eAAe,EACf,kBAAkB,EAClB,oBAAoB,EACpB,kBAAkB,EAClB,qBAAqB,EACrB,kBAAkB,EAClB,aAAa,EACb,eAAe,EAChB,MAAM,uBAAuB,CAAC;AA6C/B;;;;;;GAMG;AACH,MAAM,MAAM,qBAAqB,GAAG;IAClC;;;;;OAKG;IACH,QAAQ,CAAC,EAAE,aAAa,CAAC,aAAa,EAAE,GAAG,CAAC,CAAC;CAC9C,CAAC;AAEF;;;GAGG;AACH,MAAM,WAAW,2BAA4B,SAAQ,eAAe;IAClE;;;OAGG;IACH,SAAS,EAAE,SAAS,CAAC;CACtB;AAED;;;;GAIG;AACH,MAAM,WAAW,gCAAiC,SAAQ,oBAAoB;IAC5E;;;;OAIG;IACH,SAAS,EAAE,SAAS,GAAG,WAAW,GAAG,WAAW,CAAC;CAClD;AAED,qBAAa,eAAgB,YACzB,SAAS,EACT,mBAAmB,CAAC,kBAAkB,EAAE,aAAa,EAAE,kBAAkB,CAAC;IAE5E;;;;;OAKG;IACH,OAAO,CAAC,mBAAmB,CAA8E;IAEzG;;;;;;;OAOG;IACH,OAAO,CAAC,SAAS,CAAoC;gBAEzC,MAAM,CAAC,EAAE,qBAAqB;IAI1C;;;;;;;;;;;;;;;;;;;;;;;;OAwBG;IACU,MAAM,CAAC,EAAE,SAAS,EAAE,IAAI,EAAE,EACrC,2BAA2B,GAC1B,OAAO,CAAC,UAAU,CAAC;IAUtB;;;;;;;;;;;;;;;;;;OAkBG;IACU,SAAS,CAAC,EAAE,MAAM,EAAE,EAC/B,kBAAkB,GACjB,OAAO,CAAC,GAAG,CAAC;IAOf;;;;;;;;;;;;;;;OAeG;IACU,WAAW,CAAC,EAAE,SAAS,EAAE,EACpC,gCAAgC,GAC/B,OAAO,CAAC,aAAa,CAAC;IAoBzB;;;;;;;;;;;;;;;;;;;;;;;;;;OA0BG;IACU,SAAS,CAAC,EAAE,GAAG,EAAE,EAC5B,kBAAkB,GACjB,OAAO,CAAC,aAAa,CAAC;IAUzB;;;;;;;;;;;;;;;OAeG;IACU,YAAY,CAAC,EAAE,MAAM,EAAE,EAClC,qBAAqB,GACpB,OAAO,CAAC,GAAG,CAAC;IAgBf;;;;;;;;;;;;;;;;;;;;;;;OAuBG;IACU,SAAS,CAAC,EAAE,GAAG,EAAE,EAC5B,kBAAkB,GACjB,OAAO,CAAC,aAAa,CAAC;IAkBzB;;;;;;;;;;;;;;;;;;;;;;OAsBG;IACU,IAAI,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,EAChC,aAAa,GACZ,OAAO,CAAC,UAAU,CAAC;IAgBtB;;;;;;;;;;;;;;;;;;;;;;;;OAwBG;IACU,MAAM,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE,IAAI,EAAE,EAC1C,eAAe,GACd,OAAO,CAAC,OAAO,CAAC;IAanB;;;;;;;;;;;;;;;;;;;OAmBG;IACH,OAAO,CAAC,YAAY;IAmBpB;;;;;;;;;;;;;;;;;;;OAmBG;IACH,OAAO,CAAC,gBAAgB;IAkBxB;;;;;;;;;;;;;;OAcG;YACW,aAAa;CAY5B"}
+{"version":3,"file":"local-key-manager.d.ts","sourceRoot":"","sources":["../../src/local-key-manager.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAKnD,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,eAAe,CAAC;AACzC,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAC3D,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AAC7D,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AAIxD,OAAO,KAAK,EACV,eAAe,EACf,kBAAkB,EAClB,oBAAoB,EACpB,kBAAkB,EAClB,qBAAqB,EACrB,kBAAkB,EAClB,aAAa,EACb,eAAe,EAChB,MAAM,uBAAuB,CAAC;AAkD/B;;;;;;GAMG;AACH,MAAM,MAAM,qBAAqB,GAAG;IAClC;;;;;OAKG;IACH,QAAQ,CAAC,EAAE,aAAa,CAAC,aAAa,EAAE,GAAG,CAAC,CAAC;CAC9C,CAAC;AAEF;;;GAGG;AACH,MAAM,WAAW,2BAA4B,SAAQ,eAAe;IAClE;;;OAGG;IACH,SAAS,EAAE,SAAS,CAAC;CACtB;AAED;;;;GAIG;AACH,MAAM,WAAW,gCAAiC,SAAQ,oBAAoB;IAC5E;;;;OAIG;IACH,SAAS,EAAE,SAAS,GAAG,WAAW,GAAG,WAAW,GAAG,QAAQ,CAAC;CAC7D;AAED,qBAAa,eAAgB,YACzB,UAAU,EACV,mBAAmB,CAAC,kBAAkB,EAAE,aAAa,EAAE,kBAAkB,CAAC;IAE5E;;;;;OAKG;IACH,OAAO,CAAC,mBAAmB,CAA8E;IAEzG;;;;;;;OAOG;IACH,OAAO,CAAC,SAAS,CAAoC;gBAEzC,MAAM,CAAC,EAAE,qBAAqB;IAI1C;;;;;;;;;;;;;;;;;;;;;;;;OAwBG;IACU,MAAM,CAAC,EAAE,SAAS,EAAE,IAAI,EAAE,EACrC,2BAA2B,GAC1B,OAAO,CAAC,UAAU,CAAC;IAUtB;;;;;;;;;;;;;;;;;;OAkBG;IACU,SAAS,CAAC,EAAE,MAAM,EAAE,EAC/B,kBAAkB,GACjB,OAAO,CAAC,GAAG,CAAC;IAOf;;;;;;;;;;;;;;;OAeG;IACU,WAAW,CAAC,EAAE,SAAS,EAAE,EACpC,gCAAgC,GAC/B,OAAO,CAAC,aAAa,CAAC;IAoBzB;;;;;;;;;;;;;;;;;;;;;;;;;;OA0BG;IACU,SAAS,CAAC,EAAE,GAAG,EAAE,EAC5B,kBAAkB,GACjB,OAAO,CAAC,aAAa,CAAC;IAUzB;;;;;;;;;;;;;;;OAeG;IACU,YAAY,CAAC,EAAE,MAAM,EAAE,EAClC,qBAAqB,GACpB,OAAO,CAAC,GAAG,CAAC;IAgBf;;;;;;;;;;;;;;;;;;;;;;;OAuBG;IACU,SAAS,CAAC,EAAE,GAAG,EAAE,EAC5B,kBAAkB,GACjB,OAAO,CAAC,aAAa,CAAC;IAkBzB;;;;;;;;;;;;;;;;;;;;;;OAsBG;IACU,IAAI,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,EAChC,aAAa,GACZ,OAAO,CAAC,UAAU,CAAC;IAgBtB;;;;;;;;;;;;;;;;;;;;;;;;OAwBG;IACU,MAAM,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE,IAAI,EAAE,EAC1C,eAAe,GACd,OAAO,CAAC,OAAO,CAAC;IAanB;;;;;;;;;;;;;;;;;;;OAmBG;IACH,OAAO,CAAC,YAAY;IAmBpB;;;;;;;;;;;;;;;;;;;OAmBG;IACH,OAAO,CAAC,gBAAgB;IAkBxB;;;;;;;;;;;;;;OAcG;YACW,aAAa;CAY5B"}

package/dist/types/primitives/ecies-secp256k1.d.ts

@@ -0,0 +1,53 @@
+/**
+ * Output of an ECIES-SECP256K1 encryption operation.
+ */
+export type EciesSecp256k1EncryptionOutput = {
+    /** The AES-GCM initialization vector. */
+    initializationVector: Uint8Array;
+    /** The ephemeral secp256k1 public key (compressed, 33 bytes). */
+    ephemeralPublicKey: Uint8Array;
+    /** The encrypted data. */
+    ciphertext: Uint8Array;
+    /** The AES-GCM authentication tag (16 bytes). */
+    messageAuthenticationCode: Uint8Array;
+};
+/**
+ * Input required for ECIES-SECP256K1 decryption.
+ */
+export type EciesSecp256k1EncryptionInput = EciesSecp256k1EncryptionOutput & {
+    /** The recipient's secp256k1 private key (raw 32 bytes). */
+    privateKey: Uint8Array;
+};
+/**
+ * Browser-compatible ECIES (Elliptic Curve Integrated Encryption Scheme) using secp256k1.
+ *
+ * Wire-format compatible with `eciesjs` v0.4.x configured with
+ * `isEphemeralKeyCompressed: true, isHkdfKeyCompressed: false` (the default).
+ *
+ * Protocol:
+ *   1. Generate an ephemeral secp256k1 key pair.
+ *   2. ECDH shared secret (uncompressed point).
+ *   3. HKDF-SHA-256 key derivation: `hkdf(sha256, ephemeralPubUncompressed || sharedPointUncompressed)`.
+ *   4. AES-256-GCM encryption with random 16-byte nonce.
+ *
+ * All underlying primitives (`@noble/ciphers`, `@noble/curves`, `@noble/hashes`)
+ * are pure JavaScript and work in Node, Bun, and browsers.
+ */
+export declare class EciesSecp256k1 {
+    /**
+     * Encrypt plaintext for a given secp256k1 public key.
+     * @param publicKeyBytes - Recipient's public key (compressed 33 bytes or uncompressed 65 bytes).
+     * @param plaintext - The data to encrypt.
+     */
+    static encrypt(publicKeyBytes: Uint8Array, plaintext: Uint8Array): EciesSecp256k1EncryptionOutput;
+    /**
+     * Decrypt ciphertext produced by {@link EciesSecp256k1.encrypt}.
+     * @param input - The encryption output plus the recipient's private key.
+     */
+    static decrypt(input: EciesSecp256k1EncryptionInput): Uint8Array;
+    /**
+     * Whether the ephemeral public key is compressed (always true for this implementation).
+     */
+    static get isEphemeralKeyCompressed(): boolean;
+}
+//# sourceMappingURL=ecies-secp256k1.d.ts.map

package/dist/types/primitives/ecies-secp256k1.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ecies-secp256k1.d.ts","sourceRoot":"","sources":["../../../src/primitives/ecies-secp256k1.ts"],"names":[],"mappings":"AAiBA;;GAEG;AACH,MAAM,MAAM,8BAA8B,GAAG;IAC3C,yCAAyC;IACzC,oBAAoB,EAAE,UAAU,CAAC;IACjC,iEAAiE;IACjE,kBAAkB,EAAE,UAAU,CAAC;IAC/B,0BAA0B;IAC1B,UAAU,EAAE,UAAU,CAAC;IACvB,iDAAiD;IACjD,yBAAyB,EAAE,UAAU,CAAC;CACvC,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,6BAA6B,GAAG,8BAA8B,GAAG;IAC3E,4DAA4D;IAC5D,UAAU,EAAE,UAAU,CAAC;CACxB,CAAC;AAEF;;;;;;;;;;;;;;GAcG;AACH,qBAAa,cAAc;IACzB;;;;OAIG;WACW,OAAO,CAAC,cAAc,EAAE,UAAU,EAAE,SAAS,EAAE,UAAU,GAAG,8BAA8B;IAyBxG;;;OAGG;WACW,OAAO,CAAC,KAAK,EAAE,6BAA6B,GAAG,UAAU;IAiBvE;;OAEG;IACH,WAAkB,wBAAwB,IAAI,OAAO,CAEpD;CACF"}

package/dist/types/primitives/x25519.d.ts

@@ -238,32 +238,25 @@ export declare class X25519 {
         publicKey: Jwk;
     }): Promise<Uint8Array>;
     /**
-     * Computes an RFC6090-compliant Elliptic Curve Diffie-Hellman (ECDH) shared secret
-     * using secp256k1 private and public keys in JSON Web Key (JWK) format.
+     * Computes an X25519 Elliptic Curve Diffie-Hellman (ECDH) shared secret
+     * using X25519 private and public keys in JSON Web Key (JWK) format.
      *
      * @remarks
      * This method facilitates the ECDH key agreement protocol, which is a method of securely
      * deriving a shared secret between two parties based on their private and public keys.
      * It takes the private key of one party (privateKeyA) and the public key of another
-     * party (publicKeyB) to compute a shared secret. The shared secret is derived from the
-     * x-coordinate of the elliptic curve point resulting from the multiplication of the
-     * public key with the private key.
-     *
-     * Note: When performing Elliptic Curve Diffie-Hellman (ECDH) key agreement,
-     * the resulting shared secret is a point on the elliptic curve, which
-     * consists of an x-coordinate and a y-coordinate. With a 256-bit curve like
-     * secp256k1, each of these coordinates is 32 bytes (256 bits) long. However,
-     * in the ECDH process, it's standard practice to use only the x-coordinate
-     * of the shared secret point as the resulting shared key. This is because
-     * the y-coordinate does not add to the entropy of the key, and both parties
-     * can independently compute the x-coordinate.  Consquently, this implementation
-     * omits the y-coordinate for simplicity and standard compliance.
+     * party (publicKeyB) to compute a shared secret. The shared secret is the raw output
+     * of the X25519 function as defined in RFC 7748.
+     *
+     * Note: Unlike Weierstrass curves (e.g., secp256k1), X25519 is a Montgomery curve
+     * where the ECDH output is a single 32-byte scalar value, not an (x, y) point.
+     * The result is used directly as the shared secret.
      *
      * @example
      * ```ts
      * const privateKeyA = { ... }; // A Jwk object for party A
      * const publicKeyB = { ... }; // A PublicKeyJwk object for party B
-     * const sharedSecret = await Secp256k1.sharedSecret({
+     * const sharedSecret = await X25519.sharedSecret({
      *   privateKeyA,
      *   publicKeyB
      * });

package/dist/types/primitives/x25519.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"x25519.d.ts","sourceRoot":"","sources":["../../../src/primitives/x25519.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,gBAAgB,CAAC;AAC1C,OAAO,KAAK,EAAE,sBAAsB,EAAE,kBAAkB,EAAE,MAAM,2BAA2B,CAAC;AAI5F;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAsCG;AACH,qBAAa,MAAM;IACjB;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA4BG;WACiB,iBAAiB,CAAC,EAAE,eAAe,EAAE,EAAE;QACzD,eAAe,EAAE,UAAU,CAAC;KAC7B,GAAG,OAAO,CAAC,GAAG,CAAC;IAkBhB;;;;;;;;;;;;;;;;;;;;;;;;;;;OA2BG;WACiB,gBAAgB,CAAC,EAAE,cAAc,EAAE,EAAE;QACvD,cAAc,EAAE,UAAU,CAAC;KAC5B,GAAG,OAAO,CAAC,GAAG,CAAC;IAchB;;;;;;;;;;;;;;;;;;;;;;;;OAwBG;WACiB,gBAAgB,CAAC,EAAE,GAAG,EAAE,EAC1C,sBAAsB,GACrB,OAAO,CAAC,GAAG,CAAC;IAoBf;;;;;;;;;;;;;;;;;;;;;;;;OAwBG;WACiB,WAAW,IAAI,OAAO,CAAC,GAAG,CAAC;IAa/C;;;;;;;;;;;;;;;;;;;;;;;;;;OA0BG;WACiB,YAAY,CAAC,EAAE,GAAG,EAAE,EACtC,kBAAkB,GACjB,OAAO,CAAC,GAAG,CAAC;IAef;;;;;;;;;;;;;;;;;;;;;;;;OAwBG;WACiB,iBAAiB,CAAC,EAAE,UAAU,EAAE,EAAE;QACpD,UAAU,EAAE,GAAG,CAAC;KACjB,GAAG,OAAO,CAAC,UAAU,CAAC;IAYvB;;;;;;;;;;;;;;;;;;;;;;OAsBG;WACiB,gBAAgB,CAAC,EAAE,SAAS,EAAE,EAAE;QAClD,SAAS,EAAE,GAAG,CAAC;KAChB,GAAG,OAAO,CAAC,UAAU,CAAC;IAYvB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAqCG;WACiB,YAAY,CAAC,EAAE,WAAW,EAAE,UAAU,EAAE,EAAE;QAC5D,WAAW,EAAE,GAAG,CAAC;QACjB,UAAU,EAAE,GAAG,CAAC;KACjB,GAAG,OAAO,CAAC,UAAU,CAAC;CAexB"}
+{"version":3,"file":"x25519.d.ts","sourceRoot":"","sources":["../../../src/primitives/x25519.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,gBAAgB,CAAC;AAC1C,OAAO,KAAK,EAAE,sBAAsB,EAAE,kBAAkB,EAAE,MAAM,2BAA2B,CAAC;AAI5F;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAsCG;AACH,qBAAa,MAAM;IACjB;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA4BG;WACiB,iBAAiB,CAAC,EAAE,eAAe,EAAE,EAAE;QACzD,eAAe,EAAE,UAAU,CAAC;KAC7B,GAAG,OAAO,CAAC,GAAG,CAAC;IAkBhB;;;;;;;;;;;;;;;;;;;;;;;;;;;OA2BG;WACiB,gBAAgB,CAAC,EAAE,cAAc,EAAE,EAAE;QACvD,cAAc,EAAE,UAAU,CAAC;KAC5B,GAAG,OAAO,CAAC,GAAG,CAAC;IAchB;;;;;;;;;;;;;;;;;;;;;;;;OAwBG;WACiB,gBAAgB,CAAC,EAAE,GAAG,EAAE,EAC1C,sBAAsB,GACrB,OAAO,CAAC,GAAG,CAAC;IAoBf;;;;;;;;;;;;;;;;;;;;;;;;OAwBG;WACiB,WAAW,IAAI,OAAO,CAAC,GAAG,CAAC;IAa/C;;;;;;;;;;;;;;;;;;;;;;;;;;OA0BG;WACiB,YAAY,CAAC,EAAE,GAAG,EAAE,EACtC,kBAAkB,GACjB,OAAO,CAAC,GAAG,CAAC;IAef;;;;;;;;;;;;;;;;;;;;;;;;OAwBG;WACiB,iBAAiB,CAAC,EAAE,UAAU,EAAE,EAAE;QACpD,UAAU,EAAE,GAAG,CAAC;KACjB,GAAG,OAAO,CAAC,UAAU,CAAC;IAYvB;;;;;;;;;;;;;;;;;;;;;;OAsBG;WACiB,gBAAgB,CAAC,EAAE,SAAS,EAAE,EAAE;QAClD,SAAS,EAAE,GAAG,CAAC;KAChB,GAAG,OAAO,CAAC,UAAU,CAAC;IAYvB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA8BG;WACiB,YAAY,CAAC,EAAE,WAAW,EAAE,UAAU,EAAE,EAAE;QAC5D,WAAW,EAAE,GAAG,CAAC;QACjB,UAAU,EAAE,GAAG,CAAC;KACjB,GAAG,OAAO,CAAC,UAAU,CAAC;CAexB"}

package/dist/types/types/crypto-api.d.ts

@@ -1,10 +1,16 @@
+import type { AsymmetricKeyConverter } from './key-converter.js';
 import type { AsymmetricKeyGenerator } from './key-generator.js';
+import type { Cipher } from './cipher.js';
 import type { Hasher } from './hasher.js';
+import type { Jwk } from '../jose/jwk.js';
 import type { KeyIdentifier } from './identifier.js';
+import type { KeyWrapper } from './key-wrapper.js';
 import type { Signer } from './signer.js';
-import type { KmsDigestParams, KmsGenerateKeyParams, KmsGetKeyUriParams, KmsGetPublicKeyParams, KmsSignParams, KmsVerifyParams } from './params-kms.js';
+import type { BytesToPrivateKeyParams, BytesToPublicKeyParams, CipherParams, DeriveKeyBytesParams, DeriveKeyFromBytesParams, DigestParams, GenerateKeyParams, GetPublicKeyParams, PrivateKeyToBytesParams, PublicKeyToBytesParams, SignParams, UnwrapKeyParams, VerifyParams, WrapKeyParams } from './params-direct.js';
+import type { KeyBytesDeriver, SimpleKeyDeriver } from './key-deriver.js';
+import type { KmsCipherParams, KmsDigestParams, KmsGenerateKeyParams, KmsGetKeyUriParams, KmsGetPublicKeyParams, KmsSignParams, KmsVerifyParams } from './params-kms.js';
 /**
- * The `CryptoApi` interface integrates key generation, hashing, and signing functionalities,
+ * The `DsaApi` interface integrates key generation, hashing, and signing functionalities,
  * designed for use with a Key Management System (KMS). It extends `AsymmetricKeyGenerator` for
  * generating asymmetric keys, `Hasher` for hash digest computations, and `Signer` for signing and
  * verifying operations.
@@ -24,12 +30,54 @@ import type { KmsDigestParams, KmsGenerateKeyParams, KmsGetKeyUriParams, KmsGetP
  *   identifier (e.g. JWK thumbprint, UUID generated by hosted KMS, etc.).
  * - Must support key generation, hashing, signing, and verifying operations.
  * - May be extended to support other cryptographic operations.
- * - Implementations of the `CryptoApi` interface can be passed as an argument to the public API
+ * - Implementations of the `DsaApi` interface can be passed as an argument to the public API
  *   methods of Web5 libraries that involve key material (e.g., DID creation, VC signing, arbitrary
  *   data signing/verification, etc.).
  */
-export interface CryptoApi<GenerateKeyInput = KmsGenerateKeyParams, GenerateKeyOutput = KeyIdentifier, GetPublicKeyInput = KmsGetPublicKeyParams, DigestInput = KmsDigestParams, SignInput = KmsSignParams, VerifyInput = KmsVerifyParams> extends AsymmetricKeyGenerator<GenerateKeyInput, GenerateKeyOutput, GetPublicKeyInput>, Hasher<DigestInput>, Signer<SignInput, VerifyInput> {
+export interface DsaApi<GenerateKeyInput = KmsGenerateKeyParams, GenerateKeyOutput = KeyIdentifier, GetPublicKeyInput = KmsGetPublicKeyParams, DigestInput = KmsDigestParams, SignInput = KmsSignParams, VerifyInput = KmsVerifyParams> extends AsymmetricKeyGenerator<GenerateKeyInput, GenerateKeyOutput, GetPublicKeyInput>, Hasher<DigestInput>, Signer<SignInput, VerifyInput> {
+}
+/**
+ * The `CryptoApi` interface extends {@link DsaApi} with encryption, key conversion,
+ * key derivation, and key wrapping capabilities.
+ *
+ * This is the full-featured cryptographic API used by agent-level code that needs direct-key
+ * cipher, key conversion, and key derivation operations beyond what the base `DsaApi` provides.
+ */
+export interface CryptoApi<GenerateKeyInput = GenerateKeyParams, GenerateKeyOutput = Jwk, GetPublicKeyInput = GetPublicKeyParams, DigestInput = DigestParams, SignInput = SignParams, VerifyInput = VerifyParams, EncryptInput = CipherParams, DecryptInput = CipherParams, BytesToPublicKeyInput = BytesToPublicKeyParams, PublicKeyToBytesInput = PublicKeyToBytesParams, BytesToPrivateKeyInput = BytesToPrivateKeyParams, PrivateKeyToBytesInput = PrivateKeyToBytesParams, DeriveKeyInput = DeriveKeyFromBytesParams, DeriveKeyOutput = Jwk, DeriveKeyBytesInput = DeriveKeyBytesParams, DeriveKeyBytesOutput = Uint8Array, WrapKeyInput = WrapKeyParams, UnwrapKeyInput = UnwrapKeyParams> extends DsaApi<GenerateKeyInput, GenerateKeyOutput, GetPublicKeyInput, DigestInput, SignInput, VerifyInput>, Cipher<EncryptInput, DecryptInput>, AsymmetricKeyConverter<BytesToPublicKeyInput, PublicKeyToBytesInput, BytesToPrivateKeyInput, PrivateKeyToBytesInput>, SimpleKeyDeriver<DeriveKeyInput, DeriveKeyOutput>, KeyBytesDeriver<DeriveKeyBytesInput, DeriveKeyBytesOutput>, KeyWrapper<WrapKeyInput, UnwrapKeyInput> {
+}
+/** @deprecated Use {@link CryptoApi} instead. */
+export type ExtendedCryptoApi<GenerateKeyInput = GenerateKeyParams, GenerateKeyOutput = Jwk, GetPublicKeyInput = GetPublicKeyParams, DigestInput = DigestParams, SignInput = SignParams, VerifyInput = VerifyParams, EncryptInput = CipherParams, DecryptInput = CipherParams, BytesToPublicKeyInput = BytesToPublicKeyParams, PublicKeyToBytesInput = PublicKeyToBytesParams, BytesToPrivateKeyInput = BytesToPrivateKeyParams, PrivateKeyToBytesInput = PrivateKeyToBytesParams, DeriveKeyInput = DeriveKeyFromBytesParams, DeriveKeyOutput = Jwk, DeriveKeyBytesInput = DeriveKeyBytesParams, DeriveKeyBytesOutput = Uint8Array, WrapKeyInput = WrapKeyParams, UnwrapKeyInput = UnwrapKeyParams> = CryptoApi<GenerateKeyInput, GenerateKeyOutput, GetPublicKeyInput, DigestInput, SignInput, VerifyInput, EncryptInput, DecryptInput, BytesToPublicKeyInput, PublicKeyToBytesInput, BytesToPrivateKeyInput, PrivateKeyToBytesInput, DeriveKeyInput, DeriveKeyOutput, DeriveKeyBytesInput, DeriveKeyBytesOutput, WrapKeyInput, UnwrapKeyInput>;
+/**
+ * Parameters for configuring a {@link KeyManager} implementation.
+ */
+export interface KeyManagerParams {
+    CipherInput?: unknown;
+    GenerateKeyInput?: unknown;
+    GenerateKeyOutput?: unknown;
+    GetPublicKeyInput?: unknown;
+    SignInput?: unknown;
+    VerifyInput?: unknown;
+}
+/**
+ * Default parameter types for {@link KeyManager}, using KMS-oriented types.
+ */
+export interface DefaultKeyManagerParams {
+    CipherInput: KmsCipherParams;
+    GenerateKeyInput: KmsGenerateKeyParams;
+    GenerateKeyOutput: KeyIdentifier;
+    GetPublicKeyInput: KmsGetPublicKeyParams;
+    SignInput: KmsSignParams;
+    VerifyInput: KmsVerifyParams;
+}
+/**
+ * The `KeyManager` interface integrates key generation and signing capabilities.
+ *
+ * Concrete implementations of this interface are intended to be used as a Key Management System
+ * (KMS), which is responsible for generating and storing cryptographic keys.
+ */
+export interface KeyManager<T extends KeyManagerParams = DefaultKeyManagerParams> extends DsaApi<T['GenerateKeyInput'], T['GenerateKeyOutput'], T['GetPublicKeyInput'], KmsDigestParams, T['SignInput'], T['VerifyInput']> {
     /**
+     * Returns the Key URI for a given JWK.
      *
      * @param params - The parameters for getting the key URI.
      * @param params.key - The key to get the URI for.

package/dist/types/types/crypto-api.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"crypto-api.d.ts","sourceRoot":"","sources":["../../../src/types/crypto-api.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,oBAAoB,CAAC;AACjE,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAC1C,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AACrD,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAC1C,OAAO,KAAK,EACV,eAAe,EACf,oBAAoB,EACpB,kBAAkB,EAClB,qBAAqB,EACrB,aAAa,EACb,eAAe,EAChB,MAAM,iBAAiB,CAAC;AAEzB;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,MAAM,WAAW,SAAS,CACxB,gBAAgB,GAAG,oBAAoB,EACvC,iBAAiB,GAAG,aAAa,EACjC,iBAAiB,GAAG,qBAAqB,EACzC,WAAW,GAAG,eAAe,EAC7B,SAAS,GAAG,aAAa,EACzB,WAAW,GAAG,eAAe,CAC7B,SAAQ,sBAAsB,CAAC,gBAAgB,EAAE,iBAAiB,EAAE,iBAAiB,CAAC,EAC9E,MAAM,CAAC,WAAW,CAAC,EACnB,MAAM,CAAC,SAAS,EAAE,WAAW,CAAC;IACtC;;;;;OAKG;IACH,SAAS,CAAC,MAAM,EAAE,kBAAkB,GAAG,OAAO,CAAC,aAAa,CAAC,CAAC;CAC/D"}
+{"version":3,"file":"crypto-api.d.ts","sourceRoot":"","sources":["../../../src/types/crypto-api.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,oBAAoB,CAAC;AACjE,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,oBAAoB,CAAC;AACjE,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAC1C,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAC1C,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,gBAAgB,CAAC;AAC1C,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AACrD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AACnD,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAC1C,OAAO,KAAK,EACV,uBAAuB,EACvB,sBAAsB,EACtB,YAAY,EACZ,oBAAoB,EACpB,wBAAwB,EACxB,YAAY,EACZ,iBAAiB,EACjB,kBAAkB,EAClB,uBAAuB,EACvB,sBAAsB,EACtB,UAAU,EACV,eAAe,EACf,YAAY,EACZ,aAAa,EACd,MAAM,oBAAoB,CAAC;AAC5B,OAAO,KAAK,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AAC1E,OAAO,KAAK,EACV,eAAe,EACf,eAAe,EACf,oBAAoB,EACpB,kBAAkB,EAClB,qBAAqB,EACrB,aAAa,EACb,eAAe,EAChB,MAAM,iBAAiB,CAAC;AAEzB;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,MAAM,WAAW,MAAM,CACrB,gBAAgB,GAAG,oBAAoB,EACvC,iBAAiB,GAAG,aAAa,EACjC,iBAAiB,GAAG,qBAAqB,EACzC,WAAW,GAAG,eAAe,EAC7B,SAAS,GAAG,aAAa,EACzB,WAAW,GAAG,eAAe,CAC5B,SAAQ,sBAAsB,CAAC,gBAAgB,EAAE,iBAAiB,EAAE,iBAAiB,CAAC,EAC/E,MAAM,CAAC,WAAW,CAAC,EACnB,MAAM,CAAC,SAAS,EAAE,WAAW,CAAC;CAAG;AAE3C;;;;;;GAMG;AACH,MAAM,WAAW,SAAS,CACxB,gBAAgB,GAAG,iBAAiB,EACpC,iBAAiB,GAAG,GAAG,EACvB,iBAAiB,GAAG,kBAAkB,EACtC,WAAW,GAAG,YAAY,EAC1B,SAAS,GAAG,UAAU,EACtB,WAAW,GAAG,YAAY,EAC1B,YAAY,GAAG,YAAY,EAC3B,YAAY,GAAG,YAAY,EAC3B,qBAAqB,GAAG,sBAAsB,EAC9C,qBAAqB,GAAG,sBAAsB,EAC9C,sBAAsB,GAAG,uBAAuB,EAChD,sBAAsB,GAAG,uBAAuB,EAChD,cAAc,GAAG,wBAAwB,EACzC,eAAe,GAAG,GAAG,EACrB,mBAAmB,GAAG,oBAAoB,EAC1C,oBAAoB,GAAG,UAAU,EACjC,YAAY,GAAG,aAAa,EAC5B,cAAc,GAAG,eAAe,CAChC,SACA,MAAM,CAAC,gBAAgB,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,WAAW,EAAE,SAAS,EAAE,WAAW,CAAC,EACnG,MAAM,CAAC,YAAY,EAAE,YAAY,CAAC,EAClC,sBAAsB,CAAC,qBAAqB,EAAE,qBAAqB,EAAE,sBAAsB,EAAE,sBAAsB,CAAC,EACpH,gBAAgB,CAAC,cAAc,EAAE,eAAe,CAAC,EACjD,eAAe,CAAC,mBAAmB,EAAE,oBAAoB,CAAC,EAC1D,UAAU,CAAC,YAAY,EAAE,cAAc,CAAC;CAAG;AAE7C,iDAAiD;AACjD,MAAM,MAAM,iBAAiB,CAC3B,gBAAgB,GAAG,iBAAiB,EACpC,iBAAiB,GAAG,GAAG,EACvB,iBAAiB,GAAG,kBAAkB,EACtC,WAAW,GAAG,YAAY,EAC1B,SAAS,GAAG,UAAU,EACtB,WAAW,GAAG,YAAY,EAC1B,YAAY,GAAG,YAAY,EAC3B,YAAY,GAAG,YAAY,EAC3B,qBAAqB,GAAG,sBAAsB,EAC9C,qBAAqB,GAAG,sBAAsB,EAC9C,sBAAsB,GAAG,uBAAuB,EAChD,sBAAsB,GAAG,uBAAuB,EAChD,cAAc,GAAG,wBAAwB,EACzC,eAAe,GAAG,GAAG,EACrB,mBAAmB,GAAG,oBAAoB,EAC1C,oBAAoB,GAAG,UAAU,EACjC,YAAY,GAAG,aAAa,EAC5B,cAAc,GAAG,eAAe,IAC9B,SAAS,CACX,gBAAgB,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,WAAW,EAAE,SAAS,EAAE,WAAW,EAC3F,YAAY,EAAE,YAAY,EAAE,qBAAqB,EAAE,qBAAqB,EACxE,sBAAsB,EAAE,sBAAsB,EAAE,cAAc,EAAE,eAAe,EAC/E,mBAAmB,EAAE,oBAAoB,EAAE,YAAY,EAAE,cAAc,CACxE,CAAC;AAEF;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAC5B,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAC5B,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,WAAW,CAAC,EAAE,OAAO,CAAC;CACvB;AAED;;GAEG;AACH,MAAM,WAAW,uBAAuB;IACtC,WAAW,EAAE,eAAe,CAAC;IAC7B,gBAAgB,EAAE,oBAAoB,CAAC;IACvC,iBAAiB,EAAE,aAAa,CAAC;IACjC,iBAAiB,EAAE,qBAAqB,CAAC;IACzC,SAAS,EAAE,aAAa,CAAC;IACzB,WAAW,EAAE,eAAe,CAAC;CAC9B;AAED;;;;;GAKG;AACH,MAAM,WAAW,UAAU,CAAC,CAAC,SAAS,gBAAgB,GAAG,uBAAuB,CAC9E,SAAQ,MAAM,CAAC,CAAC,CAAC,kBAAkB,CAAC,EAAE,CAAC,CAAC,mBAAmB,CAAC,EAAE,CAAC,CAAC,mBAAmB,CAAC,EAAE,eAAe,EAAE,CAAC,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,aAAa,CAAC,CAAC;IAExI;;;;;;OAMG;IACH,SAAS,CAAC,MAAM,EAAE,kBAAkB,GAAG,OAAO,CAAC,aAAa,CAAC,CAAC;CAC/D"}