@enbox/crypto 0.0.3 → 0.0.5

package/dist/esm/cose/cose-sign1.js

@@ -0,0 +1,283 @@
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+import { Cbor } from './cbor.js';
+import { Ed25519 } from '../primitives/ed25519.js';
+import { Secp256r1 } from '../primitives/secp256r1.js';
+import { CoseAlgorithm, CoseKey } from './cose-key.js';
+import { CryptoError, CryptoErrorCode } from '../crypto-error.js';
+/**
+ * COSE header label constants (RFC 9052, Section 3.1).
+ */
+var CoseHeaderLabel;
+(function (CoseHeaderLabel) {
+    /** Algorithm identifier */
+    CoseHeaderLabel[CoseHeaderLabel["Alg"] = 1] = "Alg";
+    /** Critical headers */
+    CoseHeaderLabel[CoseHeaderLabel["Crit"] = 2] = "Crit";
+    /** Content type */
+    CoseHeaderLabel[CoseHeaderLabel["ContentType"] = 3] = "ContentType";
+    /** Key ID */
+    CoseHeaderLabel[CoseHeaderLabel["Kid"] = 4] = "Kid";
+})(CoseHeaderLabel || (CoseHeaderLabel = {}));
+/**
+ * CBOR tag for COSE_Sign1 (RFC 9052, Section 4.2).
+ */
+// const COSE_SIGN1_TAG = 18;
+/**
+ * COSE_Sign1 implementation per RFC 9052.
+ *
+ * Provides creation, verification, and decoding of COSE_Sign1 (single-signer)
+ * signed messages. This is the CBOR-based counterpart to JOSE/JWS and is used
+ * in TEE attestation (EAT tokens), CWT, and other COSE-based protocols.
+ *
+ * Supported algorithms:
+ * - EdDSA (Ed25519) — CoseAlgorithm.EdDSA (-8)
+ * - ES256 (P-256 / secp256r1 with SHA-256) — CoseAlgorithm.ES256 (-7)
+ *
+ * @see {@link https://www.rfc-editor.org/rfc/rfc9052#section-4.3 | RFC 9052, Section 4.3}
+ */
+export class CoseSign1 {
+    /**
+     * Creates a COSE_Sign1 message.
+     *
+     * Constructs the `Sig_structure1` to-be-signed bytes per RFC 9052 Section 4.4,
+     * signs them with the provided key, and returns the CBOR-encoded COSE_Sign1 array:
+     *
+     * ```
+     * COSE_Sign1 = [
+     *   protected : bstr,       ; CBOR-encoded protected header
+     *   unprotected : map,      ; unprotected header parameters
+     *   payload : bstr / nil,   ; payload (nil if detached)
+     *   signature : bstr        ; signature
+     * ]
+     * ```
+     *
+     * @param params - The parameters for creating the COSE_Sign1 message.
+     * @returns The CBOR-encoded COSE_Sign1 message.
+     * @throws {CryptoError} If the algorithm is not supported or signing fails.
+     *
+     * @see {@link https://www.rfc-editor.org/rfc/rfc9052#section-4.3 | RFC 9052, Section 4.3}
+     * @see {@link https://www.rfc-editor.org/rfc/rfc9052#section-4.4 | RFC 9052, Section 4.4}
+     */
+    static create(params) {
+        return __awaiter(this, void 0, void 0, function* () {
+            var _a, _b, _c;
+            const { key, payload, externalAad = new Uint8Array(0), detachedPayload = false, } = params;
+            // Build the protected header.
+            const alg = (_b = (_a = params.protectedHeader) === null || _a === void 0 ? void 0 : _a.alg) !== null && _b !== void 0 ? _b : CoseKey.algorithmFromJwk(key);
+            const protectedHeaderMap = CoseSign1.buildProtectedHeaderMap((_c = params.protectedHeader) !== null && _c !== void 0 ? _c : { alg });
+            const protectedHeaderBytes = Cbor.encode(protectedHeaderMap);
+            // Build the unprotected header.
+            const unprotectedHeaderMap = params.unprotectedHeader !== undefined
+                ? CoseSign1.buildUnprotectedHeaderMap(params.unprotectedHeader)
+                : new Map();
+            // Construct the Sig_structure1 (to-be-signed bytes).
+            const sigStructure = CoseSign1.buildSigStructure1(protectedHeaderBytes, externalAad, payload);
+            const toBeSigned = Cbor.encode(sigStructure);
+            // Sign the Sig_structure1 bytes.
+            const signature = yield CoseSign1.signBytes(alg, key, toBeSigned);
+            // Assemble the COSE_Sign1 array.
+            const coseSign1Array = [
+                protectedHeaderBytes,
+                unprotectedHeaderMap,
+                detachedPayload ? null : payload,
+                signature,
+            ];
+            return Cbor.encode(coseSign1Array);
+        });
+    }
+    /**
+     * Verifies a COSE_Sign1 message.
+     *
+     * Decodes the CBOR-encoded message, reconstructs the `Sig_structure1`, and verifies
+     * the signature using the provided public key.
+     *
+     * @param params - The parameters for verifying the COSE_Sign1 message.
+     * @returns `true` if the signature is valid, `false` otherwise.
+     * @throws {CryptoError} If the message is malformed or the algorithm is not supported.
+     *
+     * @see {@link https://www.rfc-editor.org/rfc/rfc9052#section-4.4 | RFC 9052, Section 4.4}
+     */
+    static verify(params) {
+        return __awaiter(this, void 0, void 0, function* () {
+            var _a, _b;
+            const { coseSign1, key, externalAad = new Uint8Array(0), } = params;
+            // Decode the COSE_Sign1 message.
+            const decoded = CoseSign1.decode(coseSign1);
+            // Resolve the payload (from message or detached parameter).
+            const payload = (_b = (_a = decoded.payload) !== null && _a !== void 0 ? _a : params.payload) !== null && _b !== void 0 ? _b : null;
+            if (payload === null) {
+                throw new CryptoError(CryptoErrorCode.InvalidCoseSign1, 'CoseSign1: payload is detached but no payload was provided for verification');
+            }
+            // Reconstruct the Sig_structure1.
+            const sigStructure = CoseSign1.buildSigStructure1(decoded.protectedHeaderBytes, externalAad, payload);
+            const toBeSigned = Cbor.encode(sigStructure);
+            // Extract the algorithm from the protected header.
+            const alg = decoded.protectedHeader.alg;
+            // Verify the signature.
+            return CoseSign1.verifyBytes(alg, key, toBeSigned, decoded.signature);
+        });
+    }
+    /**
+     * Decodes a CBOR-encoded COSE_Sign1 message into its constituent parts.
+     *
+     * The COSE_Sign1 structure is a CBOR array of four elements:
+     * ```
+     * [protected, unprotected, payload, signature]
+     * ```
+     *
+     * The message may optionally be wrapped in CBOR tag 18.
+     *
+     * @param coseSign1 - The CBOR-encoded COSE_Sign1 message.
+     * @returns The decoded COSE_Sign1 components.
+     * @throws {CryptoError} If the message does not conform to COSE_Sign1 structure.
+     */
+    static decode(coseSign1) {
+        let decoded;
+        try {
+            decoded = Cbor.decode(coseSign1);
+        }
+        catch (_a) {
+            throw new CryptoError(CryptoErrorCode.InvalidCoseSign1, 'CoseSign1: failed to decode CBOR');
+        }
+        // Handle CBOR Tagged value (tag 18 for COSE_Sign1).
+        // The `cborg` library decodes tagged values as `Tagged` objects with `tag` and `value` properties.
+        if (decoded !== null && typeof decoded === 'object' && 'tag' in decoded) {
+            const tagged = decoded;
+            if (tagged.tag === 18) {
+                decoded = tagged.value;
+            }
+        }
+        // Validate the COSE_Sign1 array structure.
+        if (!Array.isArray(decoded) || decoded.length !== 4) {
+            throw new CryptoError(CryptoErrorCode.InvalidCoseSign1, 'CoseSign1: expected a CBOR array of 4 elements [protected, unprotected, payload, signature]');
+        }
+        const [protectedHeaderBytes, unprotectedHeaderMap, payload, signature] = decoded;
+        // Validate element types.
+        if (!(protectedHeaderBytes instanceof Uint8Array)) {
+            throw new CryptoError(CryptoErrorCode.InvalidCoseSign1, 'CoseSign1: protected header must be a byte string');
+        }
+        if (!(signature instanceof Uint8Array)) {
+            throw new CryptoError(CryptoErrorCode.InvalidCoseSign1, 'CoseSign1: signature must be a byte string');
+        }
+        // Decode the protected header.
+        let protectedHeaderMap;
+        if (protectedHeaderBytes.length === 0) {
+            protectedHeaderMap = new Map();
+        }
+        else {
+            try {
+                protectedHeaderMap = Cbor.decode(protectedHeaderBytes);
+            }
+            catch (_b) {
+                throw new CryptoError(CryptoErrorCode.InvalidCoseSign1, 'CoseSign1: failed to decode protected header CBOR');
+            }
+        }
+        // Extract the algorithm from the protected header.
+        const alg = protectedHeaderMap.get(CoseHeaderLabel.Alg);
+        if (alg === undefined || typeof alg !== 'number') {
+            throw new CryptoError(CryptoErrorCode.InvalidCoseSign1, 'CoseSign1: protected header must contain an algorithm identifier (label 1)');
+        }
+        // Build the typed protected header.
+        const protectedHeader = { alg: alg };
+        const contentType = protectedHeaderMap.get(CoseHeaderLabel.ContentType);
+        if (contentType !== undefined) {
+            protectedHeader.contentType = contentType;
+        }
+        const kid = protectedHeaderMap.get(CoseHeaderLabel.Kid);
+        if (kid !== undefined) {
+            protectedHeader.kid = kid;
+        }
+        return {
+            protectedHeader,
+            protectedHeaderBytes,
+            unprotectedHeader: unprotectedHeaderMap instanceof Map ? unprotectedHeaderMap : new Map(),
+            payload: payload instanceof Uint8Array ? payload : null,
+            signature,
+        };
+    }
+    /**
+     * Builds the Sig_structure1 array for COSE_Sign1 signing and verification.
+     *
+     * ```
+     * Sig_structure1 = [
+     *   context : "Signature1",
+     *   body_protected : bstr,
+     *   external_aad : bstr,
+     *   payload : bstr
+     * ]
+     * ```
+     *
+     * @see {@link https://www.rfc-editor.org/rfc/rfc9052#section-4.4 | RFC 9052, Section 4.4}
+     */
+    static buildSigStructure1(protectedHeaderBytes, externalAad, payload) {
+        return [
+            'Signature1', // context string
+            protectedHeaderBytes, // body_protected
+            externalAad, // external_aad
+            payload, // payload
+        ];
+    }
+    /**
+     * Converts a {@link CoseSign1ProtectedHeader} to a CBOR Map with integer labels.
+     */
+    static buildProtectedHeaderMap(header) {
+        const map = new Map();
+        map.set(CoseHeaderLabel.Alg, header.alg);
+        if (header.contentType !== undefined) {
+            map.set(CoseHeaderLabel.ContentType, header.contentType);
+        }
+        if (header.kid !== undefined) {
+            map.set(CoseHeaderLabel.Kid, header.kid);
+        }
+        return map;
+    }
+    /**
+     * Converts a {@link CoseSign1UnprotectedHeader} to a CBOR Map with integer labels.
+     */
+    static buildUnprotectedHeaderMap(header) {
+        const map = new Map();
+        if (header.kid !== undefined) {
+            map.set(CoseHeaderLabel.Kid, header.kid);
+        }
+        return map;
+    }
+    /**
+     * Signs the to-be-signed bytes with the appropriate algorithm.
+     */
+    static signBytes(alg, key, data) {
+        return __awaiter(this, void 0, void 0, function* () {
+            switch (alg) {
+                case CoseAlgorithm.EdDSA:
+                    return Ed25519.sign({ key, data });
+                case CoseAlgorithm.ES256:
+                    return Secp256r1.sign({ key, data });
+                default:
+                    throw new CryptoError(CryptoErrorCode.AlgorithmNotSupported, `CoseSign1: signing algorithm ${alg} is not supported`);
+            }
+        });
+    }
+    /**
+     * Verifies a signature over the to-be-signed bytes with the appropriate algorithm.
+     */
+    static verifyBytes(alg, key, data, signature) {
+        return __awaiter(this, void 0, void 0, function* () {
+            switch (alg) {
+                case CoseAlgorithm.EdDSA:
+                    return Ed25519.verify({ key, signature, data });
+                case CoseAlgorithm.ES256:
+                    return Secp256r1.verify({ key, signature, data });
+                default:
+                    throw new CryptoError(CryptoErrorCode.AlgorithmNotSupported, `CoseSign1: verification algorithm ${alg} is not supported`);
+            }
+        });
+    }
+}
+//# sourceMappingURL=cose-sign1.js.map

package/dist/esm/cose/cose-sign1.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cose-sign1.js","sourceRoot":"","sources":["../../../src/cose/cose-sign1.ts"],"names":[],"mappings":";;;;;;;;;AAEA,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,OAAO,EAAE,MAAM,0BAA0B,CAAC;AACnD,OAAO,EAAE,SAAS,EAAE,MAAM,4BAA4B,CAAC;AACvD,OAAO,EAAE,aAAa,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AACvD,OAAO,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAmHlE;;GAEG;AACH,IAAK,eASJ;AATD,WAAK,eAAe;IAClB,2BAA2B;IAC3B,mDAAO,CAAA;IACP,uBAAuB;IACvB,qDAAQ,CAAA;IACR,mBAAmB;IACnB,mEAAe,CAAA;IACf,aAAa;IACb,mDAAO,CAAA;AACT,CAAC,EATI,eAAe,KAAf,eAAe,QASnB;AAED;;GAEG;AACH,6BAA6B;AAE7B;;;;;;;;;;;;GAYG;AACH,MAAM,OAAO,SAAS;IACpB;;;;;;;;;;;;;;;;;;;;;OAqBG;IACI,MAAM,CAAO,MAAM,CAAC,MAA6B;;;YACtD,MAAM,EACJ,GAAG,EACH,OAAO,EACP,WAAW,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,EAC/B,eAAe,GAAG,KAAK,GACxB,GAAG,MAAM,CAAC;YAEX,8BAA8B;YAC9B,MAAM,GAAG,GAAG,MAAA,MAAA,MAAM,CAAC,eAAe,0CAAE,GAAG,mCAAI,OAAO,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC;YACzE,MAAM,kBAAkB,GAAG,SAAS,CAAC,uBAAuB,CAC1D,MAAA,MAAM,CAAC,eAAe,mCAAI,EAAE,GAAG,EAAE,CAClC,CAAC;YACF,MAAM,oBAAoB,GAAG,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC;YAE7D,gCAAgC;YAChC,MAAM,oBAAoB,GAAG,MAAM,CAAC,iBAAiB,KAAK,SAAS;gBACjE,CAAC,CAAC,SAAS,CAAC,yBAAyB,CAAC,MAAM,CAAC,iBAAiB,CAAC;gBAC/D,CAAC,CAAC,IAAI,GAAG,EAAmB,CAAC;YAE/B,qDAAqD;YACrD,MAAM,YAAY,GAAG,SAAS,CAAC,kBAAkB,CAC/C,oBAAoB,EAAE,WAAW,EAAE,OAAO,CAC3C,CAAC;YACF,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;YAE7C,iCAAiC;YACjC,MAAM,SAAS,GAAG,MAAM,SAAS,CAAC,SAAS,CAAC,GAAG,EAAE,GAAG,EAAE,UAAU,CAAC,CAAC;YAElE,iCAAiC;YACjC,MAAM,cAAc,GAAG;gBACrB,oBAAoB;gBACpB,oBAAoB;gBACpB,eAAe,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO;gBAChC,SAAS;aACV,CAAC;YAEF,OAAO,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC;QACrC,CAAC;KAAA;IAED;;;;;;;;;;;OAWG;IACI,MAAM,CAAO,MAAM,CAAC,MAA6B;;;YACtD,MAAM,EACJ,SAAS,EACT,GAAG,EACH,WAAW,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,GAChC,GAAG,MAAM,CAAC;YAEX,iCAAiC;YACjC,MAAM,OAAO,GAAG,SAAS,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;YAE5C,4DAA4D;YAC5D,MAAM,OAAO,GAAG,MAAA,MAAA,OAAO,CAAC,OAAO,mCAAI,MAAM,CAAC,OAAO,mCAAI,IAAI,CAAC;YAC1D,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;gBACrB,MAAM,IAAI,WAAW,CACnB,eAAe,CAAC,gBAAgB,EAChC,6EAA6E,CAC9E,CAAC;YACJ,CAAC;YAED,kCAAkC;YAClC,MAAM,YAAY,GAAG,SAAS,CAAC,kBAAkB,CAC/C,OAAO,CAAC,oBAAoB,EAAE,WAAW,EAAE,OAAO,CACnD,CAAC;YACF,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;YAE7C,mDAAmD;YACnD,MAAM,GAAG,GAAG,OAAO,CAAC,eAAe,CAAC,GAAG,CAAC;YAExC,wBAAwB;YACxB,OAAO,SAAS,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,UAAU,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;QACxE,CAAC;KAAA;IAED;;;;;;;;;;;;;OAaG;IACI,MAAM,CAAC,MAAM,CAAC,SAAqB;QACxC,IAAI,OAAgB,CAAC;QACrB,IAAI,CAAC;YACH,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QACnC,CAAC;QAAC,WAAM,CAAC;YACP,MAAM,IAAI,WAAW,CACnB,eAAe,CAAC,gBAAgB,EAChC,kCAAkC,CACnC,CAAC;QACJ,CAAC;QAED,oDAAoD;QACpD,mGAAmG;QACnG,IAAI,OAAO,KAAK,IAAI,IAAI,OAAO,OAAO,KAAK,QAAQ,IAAI,KAAK,IAAK,OAAmC,EAAE,CAAC;YACrG,MAAM,MAAM,GAAG,OAA0C,CAAC;YAC1D,IAAI,MAAM,CAAC,GAAG,KAAK,EAAE,EAAE,CAAC;gBACtB,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC;YACzB,CAAC;QACH,CAAC;QAED,2CAA2C;QAC3C,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACpD,MAAM,IAAI,WAAW,CACnB,eAAe,CAAC,gBAAgB,EAChC,6FAA6F,CAC9F,CAAC;QACJ,CAAC;QAED,MAAM,CAAC,oBAAoB,EAAE,oBAAoB,EAAE,OAAO,EAAE,SAAS,CAAC,GAAG,OAExE,CAAC;QAEF,0BAA0B;QAC1B,IAAI,CAAC,CAAC,oBAAoB,YAAY,UAAU,CAAC,EAAE,CAAC;YAClD,MAAM,IAAI,WAAW,CACnB,eAAe,CAAC,gBAAgB,EAChC,mDAAmD,CACpD,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,CAAC,SAAS,YAAY,UAAU,CAAC,EAAE,CAAC;YACvC,MAAM,IAAI,WAAW,CACnB,eAAe,CAAC,gBAAgB,EAChC,4CAA4C,CAC7C,CAAC;QACJ,CAAC;QAED,+BAA+B;QAC/B,IAAI,kBAAwC,CAAC;QAC7C,IAAI,oBAAoB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACtC,kBAAkB,GAAG,IAAI,GAAG,EAAE,CAAC;QACjC,CAAC;aAAM,CAAC;YACN,IAAI,CAAC;gBACH,kBAAkB,GAAG,IAAI,CAAC,MAAM,CAAuB,oBAAoB,CAAC,CAAC;YAC/E,CAAC;YAAC,WAAM,CAAC;gBACP,MAAM,IAAI,WAAW,CACnB,eAAe,CAAC,gBAAgB,EAChC,mDAAmD,CACpD,CAAC;YACJ,CAAC;QACH,CAAC;QAED,mDAAmD;QACnD,MAAM,GAAG,GAAG,kBAAkB,CAAC,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;QACxD,IAAI,GAAG,KAAK,SAAS,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YACjD,MAAM,IAAI,WAAW,CACnB,eAAe,CAAC,gBAAgB,EAChC,4EAA4E,CAC7E,CAAC;QACJ,CAAC;QAED,oCAAoC;QACpC,MAAM,eAAe,GAA6B,EAAE,GAAG,EAAE,GAAoB,EAAE,CAAC;QAEhF,MAAM,WAAW,GAAG,kBAAkB,CAAC,GAAG,CAAC,eAAe,CAAC,WAAW,CAAC,CAAC;QACxE,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;YAC9B,eAAe,CAAC,WAAW,GAAG,WAA8B,CAAC;QAC/D,CAAC;QAED,MAAM,GAAG,GAAG,kBAAkB,CAAC,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;QACxD,IAAI,GAAG,KAAK,SAAS,EAAE,CAAC;YACtB,eAAe,CAAC,GAAG,GAAG,GAAiB,CAAC;QAC1C,CAAC;QAED,OAAO;YACL,eAAe;YACf,oBAAoB;YACpB,iBAAiB,EAAG,oBAAoB,YAAY,GAAG,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC,CAAC,IAAI,GAAG,EAAE;YAC1F,OAAO,EAAa,OAAO,YAAY,UAAU,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI;YAClE,SAAS;SACV,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;;OAaG;IACK,MAAM,CAAC,kBAAkB,CAC/B,oBAAgC,EAChC,WAAuB,EACvB,OAAmB;QAEnB,OAAO;YACL,YAAY,EAAE,iBAAiB;YAC/B,oBAAoB,EAAE,iBAAiB;YACvC,WAAW,EAAE,eAAe;YAC5B,OAAO,EAAE,UAAU;SACpB,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,uBAAuB,CAAC,MAAgC;QACrE,MAAM,GAAG,GAAG,IAAI,GAAG,EAAmB,CAAC;QAEvC,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC;QAEzC,IAAI,MAAM,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;YACrC,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,WAAW,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC;QAC3D,CAAC;QAED,IAAI,MAAM,CAAC,GAAG,KAAK,SAAS,EAAE,CAAC;YAC7B,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC;QAC3C,CAAC;QAED,OAAO,GAAG,CAAC;IACb,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,yBAAyB,CAAC,MAAkC;QACzE,MAAM,GAAG,GAAG,IAAI,GAAG,EAAmB,CAAC;QAEvC,IAAI,MAAM,CAAC,GAAG,KAAK,SAAS,EAAE,CAAC;YAC7B,GAAG,CAAC,GAAG,CAAC,eAAe,CAAC,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC;QAC3C,CAAC;QAED,OAAO,GAAG,CAAC;IACb,CAAC;IAED;;OAEG;IACK,MAAM,CAAO,SAAS,CAC5B,GAAkB,EAClB,GAAQ,EACR,IAAgB;;YAEhB,QAAQ,GAAG,EAAE,CAAC;gBACZ,KAAK,aAAa,CAAC,KAAK;oBACtB,OAAO,OAAO,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC;gBAErC,KAAK,aAAa,CAAC,KAAK;oBACtB,OAAO,SAAS,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC;gBAEvC;oBACE,MAAM,IAAI,WAAW,CACnB,eAAe,CAAC,qBAAqB,EACrC,gCAAgC,GAAG,mBAAmB,CACvD,CAAC;YACN,CAAC;QACH,CAAC;KAAA;IAED;;OAEG;IACK,MAAM,CAAO,WAAW,CAC9B,GAAkB,EAClB,GAAQ,EACR,IAAgB,EAChB,SAAqB;;YAErB,QAAQ,GAAG,EAAE,CAAC;gBACZ,KAAK,aAAa,CAAC,KAAK;oBACtB,OAAO,OAAO,CAAC,MAAM,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;gBAElD,KAAK,aAAa,CAAC,KAAK;oBACtB,OAAO,SAAS,CAAC,MAAM,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;gBAEpD;oBACE,MAAM,IAAI,WAAW,CACnB,eAAe,CAAC,qBAAqB,EACrC,qCAAqC,GAAG,mBAAmB,CAC5D,CAAC;YACN,CAAC;QACH,CAAC;KAAA;CACF"}

package/dist/esm/cose/eat.js

@@ -0,0 +1,254 @@
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+import { Cbor } from './cbor.js';
+import { CoseSign1 } from './cose-sign1.js';
+import { CryptoError, CryptoErrorCode } from '../crypto-error.js';
+/**
+ * EAT (Entity Attestation Token) claim key constants.
+ *
+ * EAT reuses CWT registered claim keys and adds attestation-specific claims.
+ *
+ * @see {@link https://www.rfc-editor.org/rfc/rfc9711 | RFC 9711 — Entity Attestation Token (EAT)}
+ * @see {@link https://www.rfc-editor.org/rfc/rfc8392 | RFC 8392 — CWT (CBOR Web Token)}
+ */
+export var EatClaimKey;
+(function (EatClaimKey) {
+    /** Issuer (iss) — RFC 8392 */
+    EatClaimKey[EatClaimKey["Iss"] = 1] = "Iss";
+    /** Subject (sub) — RFC 8392 */
+    EatClaimKey[EatClaimKey["Sub"] = 2] = "Sub";
+    /** Audience (aud) — RFC 8392 */
+    EatClaimKey[EatClaimKey["Aud"] = 3] = "Aud";
+    /** Expiration Time (exp) — RFC 8392 */
+    EatClaimKey[EatClaimKey["Exp"] = 4] = "Exp";
+    /** Not Before (nbf) — RFC 8392 */
+    EatClaimKey[EatClaimKey["Nbf"] = 5] = "Nbf";
+    /** Issued At (iat) — RFC 8392 */
+    EatClaimKey[EatClaimKey["Iat"] = 6] = "Iat";
+    /** CWT ID (cti) — RFC 8392 */
+    EatClaimKey[EatClaimKey["Cti"] = 7] = "Cti";
+    /** Nonce (eat_nonce) — RFC 9711, Section 4.1 */
+    EatClaimKey[EatClaimKey["Nonce"] = 10] = "Nonce";
+    /** UEID (Universal Entity ID) — RFC 9711, Section 4.2.1 */
+    EatClaimKey[EatClaimKey["Ueid"] = 256] = "Ueid";
+    /** SUEIDs (Semi-permanent UEIDs) — RFC 9711, Section 4.2.2 */
+    EatClaimKey[EatClaimKey["Sueids"] = 257] = "Sueids";
+    /** OEM ID (Hardware OEM Identification) — RFC 9711, Section 4.2.3 */
+    EatClaimKey[EatClaimKey["Oemid"] = 258] = "Oemid";
+    /** Hardware Model — RFC 9711, Section 4.2.4 */
+    EatClaimKey[EatClaimKey["Hwmodel"] = 259] = "Hwmodel";
+    /** Hardware Version — RFC 9711, Section 4.2.5 */
+    EatClaimKey[EatClaimKey["Hwversion"] = 260] = "Hwversion";
+    /** Secure Boot — RFC 9711, Section 4.2.7 */
+    EatClaimKey[EatClaimKey["Secboot"] = 262] = "Secboot";
+    /** Debug Status — RFC 9711, Section 4.2.8 */
+    EatClaimKey[EatClaimKey["Dbgstat"] = 263] = "Dbgstat";
+    /** Location — RFC 9711, Section 4.2.9 */
+    EatClaimKey[EatClaimKey["Location"] = 264] = "Location";
+    /** Profile — RFC 9711, Section 4.2.10 */
+    EatClaimKey[EatClaimKey["Profile"] = 265] = "Profile";
+    /** Submods (Submodules) — RFC 9711, Section 4.2.18 */
+    EatClaimKey[EatClaimKey["Submods"] = 266] = "Submods";
+    /** Measurement Results — RFC 9711, Section 4.2.15 */
+    EatClaimKey[EatClaimKey["Measres"] = 272] = "Measres";
+    /** Intended Use — RFC 9711, Section 4.2.14 */
+    EatClaimKey[EatClaimKey["Intuse"] = 268] = "Intuse";
+})(EatClaimKey || (EatClaimKey = {}));
+/**
+ * Debug status values for the `dbgstat` claim.
+ *
+ * @see {@link https://www.rfc-editor.org/rfc/rfc9711#section-4.2.8 | RFC 9711, Section 4.2.8}
+ */
+export var EatDebugStatus;
+(function (EatDebugStatus) {
+    /** Debug is enabled */
+    EatDebugStatus[EatDebugStatus["Enabled"] = 0] = "Enabled";
+    /** Debug is disabled */
+    EatDebugStatus[EatDebugStatus["Disabled"] = 1] = "Disabled";
+    /** Debug is disabled since manufacture */
+    EatDebugStatus[EatDebugStatus["DisabledSinceBoot"] = 2] = "DisabledSinceBoot";
+    /** Debug is disabled permanently */
+    EatDebugStatus[EatDebugStatus["DisabledPermanently"] = 3] = "DisabledPermanently";
+    /** Debug is disabled fully and permanently */
+    EatDebugStatus[EatDebugStatus["DisabledFullyAndPermanently"] = 4] = "DisabledFullyAndPermanently";
+})(EatDebugStatus || (EatDebugStatus = {}));
+/**
+ * Security level for the `seclevel` claim.
+ *
+ * @see {@link https://www.rfc-editor.org/rfc/rfc9711#section-4.2.6 | RFC 9711, Section 4.2.6}
+ */
+export var EatSecurityLevel;
+(function (EatSecurityLevel) {
+    /** Unrestricted — no security guarantees */
+    EatSecurityLevel[EatSecurityLevel["Unrestricted"] = 1] = "Unrestricted";
+    /** Restricted — some restrictions on environment */
+    EatSecurityLevel[EatSecurityLevel["Restricted"] = 2] = "Restricted";
+    /** Secure Restricted — hardware-enforced restrictions */
+    EatSecurityLevel[EatSecurityLevel["SecureRestricted"] = 3] = "SecureRestricted";
+    /** Hardware — hardware-isolated execution environment */
+    EatSecurityLevel[EatSecurityLevel["Hardware"] = 4] = "Hardware";
+})(EatSecurityLevel || (EatSecurityLevel = {}));
+/**
+ * Entity Attestation Token (EAT) implementation per RFC 9711.
+ *
+ * EATs are CBOR-based attestation tokens carried in COSE_Sign1 envelopes.
+ * They are used by TEE platforms (ARM CCA, Intel TDX, AMD SEV-SNP, Nitro Enclaves)
+ * to provide hardware-rooted attestation evidence.
+ *
+ * This implementation focuses on decoding and verification of EAT tokens — the
+ * primary use case for a DWN node that needs to verify TEE attestation from
+ * compute modules.
+ *
+ * @see {@link https://www.rfc-editor.org/rfc/rfc9711 | RFC 9711 — Entity Attestation Token (EAT)}
+ */
+export class Eat {
+    /**
+     * Decodes an EAT token without verifying its signature.
+     *
+     * Use this method only when signature verification is performed separately
+     * (e.g., by a TEE attestation service) or for debugging/inspection.
+     *
+     * @param params - The parameters for decoding.
+     * @returns The decoded protected header and claims.
+     * @throws {CryptoError} If the token is not valid COSE_Sign1 or the payload is not valid CBOR.
+     */
+    static decode({ token }) {
+        // Decode the COSE_Sign1 envelope.
+        const coseSign1 = CoseSign1.decode(token);
+        if (coseSign1.payload === null) {
+            throw new CryptoError(CryptoErrorCode.InvalidEat, 'Eat: token has detached payload; use verifyAndDecode with the payload provided separately');
+        }
+        // Decode the CBOR payload into claims.
+        const claims = Eat.parseClaims(coseSign1.payload);
+        return {
+            protectedHeader: coseSign1.protectedHeader,
+            claims,
+        };
+    }
+    /**
+     * Verifies the signature of an EAT token and decodes its claims.
+     *
+     * This is the primary method for processing EAT tokens from TEE attestation.
+     * It verifies the COSE_Sign1 signature using the provided public key, then
+     * parses the EAT claims from the payload.
+     *
+     * @param params - The parameters for verification and decoding.
+     * @returns The decoded protected header and claims if verification succeeds.
+     * @throws {CryptoError} If verification fails or the token is malformed.
+     */
+    static verifyAndDecode(params) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const { token, key, externalAad } = params;
+            // Verify the COSE_Sign1 signature.
+            const isValid = yield CoseSign1.verify({
+                coseSign1: token,
+                key,
+                externalAad,
+            });
+            if (!isValid) {
+                throw new CryptoError(CryptoErrorCode.InvalidEat, 'Eat: signature verification failed');
+            }
+            // Decode and return claims (signature is already verified).
+            return Eat.decode({ token });
+        });
+    }
+    /**
+     * Parses CBOR-encoded EAT claims into a typed {@link EatClaims} object.
+     *
+     * Handles both integer-keyed (CBOR standard) and string-keyed claims.
+     *
+     * @param payload - The CBOR-encoded claims byte string.
+     * @returns The parsed EAT claims.
+     * @throws {CryptoError} If the payload is not valid CBOR or not a map.
+     */
+    static parseClaims(payload) {
+        let rawClaims;
+        try {
+            const decoded = Cbor.decode(payload);
+            if (decoded instanceof Map) {
+                rawClaims = decoded;
+            }
+            else if (typeof decoded === 'object' && decoded !== null) {
+                // Some encoders produce plain objects instead of Maps for maps with string keys.
+                rawClaims = new Map(Object.entries(decoded));
+            }
+            else {
+                throw new Error('not a map');
+            }
+        }
+        catch (error) {
+            if (error instanceof CryptoError) {
+                throw error;
+            }
+            throw new CryptoError(CryptoErrorCode.InvalidEat, 'Eat: payload is not a valid CBOR map');
+        }
+        const claims = { rawClaims };
+        // Extract standard CWT claims.
+        const iss = rawClaims.get(EatClaimKey.Iss);
+        if (iss !== undefined) {
+            claims.iss = iss;
+        }
+        const sub = rawClaims.get(EatClaimKey.Sub);
+        if (sub !== undefined) {
+            claims.sub = sub;
+        }
+        const aud = rawClaims.get(EatClaimKey.Aud);
+        if (aud !== undefined) {
+            claims.aud = aud;
+        }
+        const exp = rawClaims.get(EatClaimKey.Exp);
+        if (exp !== undefined) {
+            claims.exp = exp;
+        }
+        const nbf = rawClaims.get(EatClaimKey.Nbf);
+        if (nbf !== undefined) {
+            claims.nbf = nbf;
+        }
+        const iat = rawClaims.get(EatClaimKey.Iat);
+        if (iat !== undefined) {
+            claims.iat = iat;
+        }
+        const cti = rawClaims.get(EatClaimKey.Cti);
+        if (cti !== undefined) {
+            claims.cti = cti;
+        }
+        // Extract EAT-specific claims.
+        const nonce = rawClaims.get(EatClaimKey.Nonce);
+        if (nonce !== undefined) {
+            claims.nonce = nonce;
+        }
+        const ueid = rawClaims.get(EatClaimKey.Ueid);
+        if (ueid !== undefined) {
+            claims.ueid = ueid;
+        }
+        const hwmodel = rawClaims.get(EatClaimKey.Hwmodel);
+        if (hwmodel !== undefined) {
+            claims.hwmodel = hwmodel;
+        }
+        const hwversion = rawClaims.get(EatClaimKey.Hwversion);
+        if (hwversion !== undefined) {
+            claims.hwversion = hwversion;
+        }
+        const dbgstat = rawClaims.get(EatClaimKey.Dbgstat);
+        if (dbgstat !== undefined) {
+            claims.dbgstat = dbgstat;
+        }
+        const measres = rawClaims.get(EatClaimKey.Measres);
+        if (measres !== undefined) {
+            claims.measres = measres;
+        }
+        const submods = rawClaims.get(EatClaimKey.Submods);
+        if (submods !== undefined) {
+            claims.submods = submods;
+        }
+        return claims;
+    }
+}
+//# sourceMappingURL=eat.js.map

package/dist/esm/cose/eat.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"eat.js","sourceRoot":"","sources":["../../../src/cose/eat.ts"],"names":[],"mappings":";;;;;;;;;AAGA,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAElE;;;;;;;GAOG;AACH,MAAM,CAAN,IAAY,WAyCX;AAzCD,WAAY,WAAW;IACrB,8BAA8B;IAC9B,2CAAO,CAAA;IACP,+BAA+B;IAC/B,2CAAO,CAAA;IACP,gCAAgC;IAChC,2CAAO,CAAA;IACP,uCAAuC;IACvC,2CAAO,CAAA;IACP,kCAAkC;IAClC,2CAAO,CAAA;IACP,iCAAiC;IACjC,2CAAO,CAAA;IACP,8BAA8B;IAC9B,2CAAO,CAAA;IACP,gDAAgD;IAChD,gDAAU,CAAA;IACV,2DAA2D;IAC3D,+CAAU,CAAA;IACV,8DAA8D;IAC9D,mDAAY,CAAA;IACZ,qEAAqE;IACrE,iDAAW,CAAA;IACX,+CAA+C;IAC/C,qDAAa,CAAA;IACb,iDAAiD;IACjD,yDAAe,CAAA;IACf,4CAA4C;IAC5C,qDAAa,CAAA;IACb,6CAA6C;IAC7C,qDAAa,CAAA;IACb,yCAAyC;IACzC,uDAAc,CAAA;IACd,yCAAyC;IACzC,qDAAa,CAAA;IACb,sDAAsD;IACtD,qDAAa,CAAA;IACb,qDAAqD;IACrD,qDAAa,CAAA;IACb,8CAA8C;IAC9C,mDAAY,CAAA;AACd,CAAC,EAzCW,WAAW,KAAX,WAAW,QAyCtB;AAED;;;;GAIG;AACH,MAAM,CAAN,IAAY,cAWX;AAXD,WAAY,cAAc;IACxB,uBAAuB;IACvB,yDAAW,CAAA;IACX,wBAAwB;IACxB,2DAAY,CAAA;IACZ,0CAA0C;IAC1C,6EAAqB,CAAA;IACrB,oCAAoC;IACpC,iFAAuB,CAAA;IACvB,8CAA8C;IAC9C,iGAA+B,CAAA;AACjC,CAAC,EAXW,cAAc,KAAd,cAAc,QAWzB;AAED;;;;GAIG;AACH,MAAM,CAAN,IAAY,gBASX;AATD,WAAY,gBAAgB;IAC1B,4CAA4C;IAC5C,uEAAgB,CAAA;IAChB,oDAAoD;IACpD,mEAAc,CAAA;IACd,yDAAyD;IACzD,+EAAoB,CAAA;IACpB,yDAAyD;IACzD,+DAAY,CAAA;AACd,CAAC,EATW,gBAAgB,KAAhB,gBAAgB,QAS3B;AA6FD;;;;;;;;;;;;GAYG;AACH,MAAM,OAAO,GAAG;IACd;;;;;;;;;OASG;IACI,MAAM,CAAC,MAAM,CAAC,EAAE,KAAK,EAAmB;QAC7C,kCAAkC;QAClC,MAAM,SAAS,GAAG,SAAS,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAE1C,IAAI,SAAS,CAAC,OAAO,KAAK,IAAI,EAAE,CAAC;YAC/B,MAAM,IAAI,WAAW,CACnB,eAAe,CAAC,UAAU,EAC1B,2FAA2F,CAC5F,CAAC;QACJ,CAAC;QAED,uCAAuC;QACvC,MAAM,MAAM,GAAG,GAAG,CAAC,WAAW,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QAElD,OAAO;YACL,eAAe,EAAE,SAAS,CAAC,eAAe;YAC1C,MAAM;SACP,CAAC;IACJ,CAAC;IAED;;;;;;;;;;OAUG;IACI,MAAM,CAAO,eAAe,CAAC,MAAuB;;YACzD,MAAM,EAAE,KAAK,EAAE,GAAG,EAAE,WAAW,EAAE,GAAG,MAAM,CAAC;YAE3C,mCAAmC;YACnC,MAAM,OAAO,GAAG,MAAM,SAAS,CAAC,MAAM,CAAC;gBACrC,SAAS,EAAE,KAAK;gBAChB,GAAG;gBACH,WAAW;aACZ,CAAC,CAAC;YAEH,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,MAAM,IAAI,WAAW,CACnB,eAAe,CAAC,UAAU,EAC1B,oCAAoC,CACrC,CAAC;YACJ,CAAC;YAED,4DAA4D;YAC5D,OAAO,GAAG,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;QAC/B,CAAC;KAAA;IAED;;;;;;;;OAQG;IACK,MAAM,CAAC,WAAW,CAAC,OAAmB;QAC5C,IAAI,SAAwC,CAAC;QAE7C,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAU,OAAO,CAAC,CAAC;YAC9C,IAAI,OAAO,YAAY,GAAG,EAAE,CAAC;gBAC3B,SAAS,GAAG,OAAwC,CAAC;YACvD,CAAC;iBAAM,IAAI,OAAO,OAAO,KAAK,QAAQ,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;gBAC3D,iFAAiF;gBACjF,SAAS,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC;YAC/C,CAAC;iBAAM,CAAC;gBACN,MAAM,IAAI,KAAK,CAAC,WAAW,CAAC,CAAC;YAC/B,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,WAAW,EAAE,CAAC;gBACjC,MAAM,KAAK,CAAC;YACd,CAAC;YACD,MAAM,IAAI,WAAW,CACnB,eAAe,CAAC,UAAU,EAC1B,sCAAsC,CACvC,CAAC;QACJ,CAAC;QAED,MAAM,MAAM,GAAc,EAAE,SAAS,EAAE,CAAC;QAExC,+BAA+B;QAC/B,MAAM,GAAG,GAAG,SAAS,CAAC,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;QAC3C,IAAI,GAAG,KAAK,SAAS,EAAE,CAAC;YACtB,MAAM,CAAC,GAAG,GAAG,GAAa,CAAC;QAC7B,CAAC;QAED,MAAM,GAAG,GAAG,SAAS,CAAC,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;QAC3C,IAAI,GAAG,KAAK,SAAS,EAAE,CAAC;YACtB,MAAM,CAAC,GAAG,GAAG,GAAa,CAAC;QAC7B,CAAC;QAED,MAAM,GAAG,GAAG,SAAS,CAAC,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;QAC3C,IAAI,GAAG,KAAK,SAAS,EAAE,CAAC;YACtB,MAAM,CAAC,GAAG,GAAG,GAAa,CAAC;QAC7B,CAAC;QAED,MAAM,GAAG,GAAG,SAAS,CAAC,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;QAC3C,IAAI,GAAG,KAAK,SAAS,EAAE,CAAC;YACtB,MAAM,CAAC,GAAG,GAAG,GAAa,CAAC;QAC7B,CAAC;QAED,MAAM,GAAG,GAAG,SAAS,CAAC,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;QAC3C,IAAI,GAAG,KAAK,SAAS,EAAE,CAAC;YACtB,MAAM,CAAC,GAAG,GAAG,GAAa,CAAC;QAC7B,CAAC;QAED,MAAM,GAAG,GAAG,SAAS,CAAC,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;QAC3C,IAAI,GAAG,KAAK,SAAS,EAAE,CAAC;YACtB,MAAM,CAAC,GAAG,GAAG,GAAa,CAAC;QAC7B,CAAC;QAED,MAAM,GAAG,GAAG,SAAS,CAAC,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;QAC3C,IAAI,GAAG,KAAK,SAAS,EAAE,CAAC;YACtB,MAAM,CAAC,GAAG,GAAG,GAAiB,CAAC;QACjC,CAAC;QAED,+BAA+B;QAC/B,MAAM,KAAK,GAAG,SAAS,CAAC,GAAG,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;QAC/C,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;YACxB,MAAM,CAAC,KAAK,GAAG,KAAkC,CAAC;QACpD,CAAC;QAED,MAAM,IAAI,GAAG,SAAS,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;QAC7C,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;YACvB,MAAM,CAAC,IAAI,GAAG,IAAkB,CAAC;QACnC,CAAC;QAED,MAAM,OAAO,GAAG,SAAS,CAAC,GAAG,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;QACnD,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;YAC1B,MAAM,CAAC,OAAO,GAAG,OAAqB,CAAC;QACzC,CAAC;QAED,MAAM,SAAS,GAAG,SAAS,CAAC,GAAG,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;QACvD,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;YAC5B,MAAM,CAAC,SAAS,GAAG,SAAS,CAAC;QAC/B,CAAC;QAED,MAAM,OAAO,GAAG,SAAS,CAAC,GAAG,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;QACnD,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;YAC1B,MAAM,CAAC,OAAO,GAAG,OAAyB,CAAC;QAC7C,CAAC;QAED,MAAM,OAAO,GAAG,SAAS,CAAC,GAAG,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;QACnD,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;YAC1B,MAAM,CAAC,OAAO,GAAG,OAAO,CAAC;QAC3B,CAAC;QAED,MAAM,OAAO,GAAG,SAAS,CAAC,GAAG,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;QACnD,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;YAC1B,MAAM,CAAC,OAAO,GAAG,OAA+B,CAAC;QACnD,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;CACF"}

package/dist/esm/crypto-error.js

@@ -31,6 +31,10 @@ export var CryptoErrorCode;
     CryptoErrorCode["AlgorithmNotSupported"] = "algorithmNotSupported";
     /** The encoding operation (either encoding or decoding) failed. */
     CryptoErrorCode["EncodingError"] = "encodingError";
+    /** The COSE_Sign1 message does not conform to valid structure. */
+    CryptoErrorCode["InvalidCoseSign1"] = "invalidCoseSign1";
+    /** The EAT (Entity Attestation Token) is malformed or failed verification. */
+    CryptoErrorCode["InvalidEat"] = "invalidEat";
     /** The JWE supplied does not conform to valid syntax. */
     CryptoErrorCode["InvalidJwe"] = "invalidJwe";
     /** The JWK supplied does not conform to valid syntax. */

package/dist/esm/crypto-error.js.map

@@ -1 +1 @@
-{"version":3,"file":"crypto-error.js","sourceRoot":"","sources":["../../src/crypto-error.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,MAAM,OAAO,WAAY,SAAQ,KAAK;IACpC;;;;;OAKG;IACH,YAAmB,IAAqB,EAAE,OAAe;QACvD,KAAK,CAAC,OAAO,CAAC,CAAC;QADE,SAAI,GAAJ,IAAI,CAAiB;QAEtC,IAAI,CAAC,IAAI,GAAG,aAAa,CAAC;QAE1B,8FAA8F;QAC9F,4FAA4F;QAC5F,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAElD,2EAA2E;QAC3E,kEAAkE;QAClE,IAAI,KAAK,CAAC,iBAAiB,EAAE,CAAC;YAC5B,KAAK,CAAC,iBAAiB,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;QAC7C,CAAC;IACH,CAAC;CACF;AAED;;GAEG;AACH,MAAM,CAAN,IAAY,eAeX;AAfD,WAAY,eAAe;IACzB,gFAAgF;IAChF,kEAA+C,CAAA;IAE/C,mEAAmE;IACnE,kDAA+B,CAAA;IAE/B,yDAAyD;IACzD,4CAAyB,CAAA;IAEzB,yDAAyD;IACzD,4CAAyB,CAAA;IAEzB,sEAAsE;IACtE,kEAA+C,CAAA;AACjD,CAAC,EAfW,eAAe,KAAf,eAAe,QAe1B"}
+{"version":3,"file":"crypto-error.js","sourceRoot":"","sources":["../../src/crypto-error.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,MAAM,OAAO,WAAY,SAAQ,KAAK;IACpC;;;;;OAKG;IACH,YAAmB,IAAqB,EAAE,OAAe;QACvD,KAAK,CAAC,OAAO,CAAC,CAAC;QADE,SAAI,GAAJ,IAAI,CAAiB;QAEtC,IAAI,CAAC,IAAI,GAAG,aAAa,CAAC;QAE1B,8FAA8F;QAC9F,4FAA4F;QAC5F,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAElD,2EAA2E;QAC3E,kEAAkE;QAClE,IAAI,KAAK,CAAC,iBAAiB,EAAE,CAAC;YAC5B,KAAK,CAAC,iBAAiB,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;QAC7C,CAAC;IACH,CAAC;CACF;AAED;;GAEG;AACH,MAAM,CAAN,IAAY,eAqBX;AArBD,WAAY,eAAe;IACzB,gFAAgF;IAChF,kEAA+C,CAAA;IAE/C,mEAAmE;IACnE,kDAA+B,CAAA;IAE/B,kEAAkE;IAClE,wDAAqC,CAAA;IAErC,8EAA8E;IAC9E,4CAAyB,CAAA;IAEzB,yDAAyD;IACzD,4CAAyB,CAAA;IAEzB,yDAAyD;IACzD,4CAAyB,CAAA;IAEzB,sEAAsE;IACtE,kEAA+C,CAAA;AACjD,CAAC,EArBW,eAAe,KAAf,eAAe,QAqB1B"}

package/dist/esm/index.js

@@ -1,12 +1,20 @@
 export * from './crypto-error.js';
 export * from './local-key-manager.js';
 export * from './utils.js';
+export * from './cose/cbor.js';
+export * from './cose/cose-key.js';
+export * from './cose/cose-sign1.js';
+export * from './cose/eat.js';
 export * from './algorithms/aes-ctr.js';
 export * from './algorithms/aes-gcm.js';
+export * from './algorithms/aes-kw.js';
 export * from './algorithms/crypto-algorithm.js';
 export * from './algorithms/ecdsa.js';
 export * from './algorithms/eddsa.js';
+export * from './algorithms/hkdf.js';
+export * from './algorithms/pbkdf2.js';
 export * from './algorithms/sha-2.js';
+export * from './algorithms/x25519.js';
 export * from './jose/jwe.js';
 export * from './jose/jwk.js';
 export * from './jose/jws.js';
@@ -16,6 +24,7 @@ export * from './primitives/aes-ctr.js';
 export * from './primitives/aes-gcm.js';
 export * from './primitives/aes-kw.js';
 export * from './primitives/concat-kdf.js';
+export * from './primitives/ecies-secp256k1.js';
 export * from './primitives/ed25519.js';
 export * from './primitives/hkdf.js';
 export * from './primitives/secp256r1.js';

package/dist/esm/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,mBAAmB,CAAC;AAClC,cAAc,wBAAwB,CAAC;AACvC,cAAc,YAAY,CAAC;AAE3B,cAAc,yBAAyB,CAAC;AACxC,cAAc,yBAAyB,CAAC;AACxC,cAAc,kCAAkC,CAAC;AACjD,cAAc,uBAAuB,CAAC;AACtC,cAAc,uBAAuB,CAAC;AACtC,cAAc,uBAAuB,CAAC;AAEtC,cAAc,eAAe,CAAC;AAC9B,cAAc,eAAe,CAAC;AAC9B,cAAc,eAAe,CAAC;AAC9B,cAAc,eAAe,CAAC;AAC9B,cAAc,iBAAiB,CAAC;AAEhC,cAAc,yBAAyB,CAAC;AACxC,cAAc,yBAAyB,CAAC;AACxC,cAAc,wBAAwB,CAAC;AACvC,cAAc,4BAA4B,CAAC;AAC3C,cAAc,yBAAyB,CAAC;AACxC,cAAc,sBAAsB,CAAC;AACrC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,wBAAwB,CAAC;AACvC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,wBAAwB,CAAC;AACvC,cAAc,wBAAwB,CAAC;AACvC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,oCAAoC,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,mBAAmB,CAAC;AAClC,cAAc,wBAAwB,CAAC;AACvC,cAAc,YAAY,CAAC;AAE3B,cAAc,gBAAgB,CAAC;AAC/B,cAAc,oBAAoB,CAAC;AACnC,cAAc,sBAAsB,CAAC;AACrC,cAAc,eAAe,CAAC;AAE9B,cAAc,yBAAyB,CAAC;AACxC,cAAc,yBAAyB,CAAC;AACxC,cAAc,wBAAwB,CAAC;AACvC,cAAc,kCAAkC,CAAC;AACjD,cAAc,uBAAuB,CAAC;AACtC,cAAc,uBAAuB,CAAC;AACtC,cAAc,sBAAsB,CAAC;AACrC,cAAc,wBAAwB,CAAC;AACvC,cAAc,uBAAuB,CAAC;AACtC,cAAc,wBAAwB,CAAC;AAEvC,cAAc,eAAe,CAAC;AAC9B,cAAc,eAAe,CAAC;AAC9B,cAAc,eAAe,CAAC;AAC9B,cAAc,eAAe,CAAC;AAC9B,cAAc,iBAAiB,CAAC;AAEhC,cAAc,yBAAyB,CAAC;AACxC,cAAc,yBAAyB,CAAC;AACxC,cAAc,wBAAwB,CAAC;AACvC,cAAc,4BAA4B,CAAC;AAC3C,cAAc,iCAAiC,CAAC;AAChD,cAAc,yBAAyB,CAAC;AACxC,cAAc,sBAAsB,CAAC;AACrC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,wBAAwB,CAAC;AACvC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,wBAAwB,CAAC;AACvC,cAAc,wBAAwB,CAAC;AACvC,cAAc,2BAA2B,CAAC;AAC1C,cAAc,oCAAoC,CAAC"}

package/dist/esm/local-key-manager.js

@@ -11,6 +11,7 @@ import { MemoryStore } from '@enbox/common';
 import { EcdsaAlgorithm } from './algorithms/ecdsa.js';
 import { EdDsaAlgorithm } from './algorithms/eddsa.js';
 import { Sha2Algorithm } from './algorithms/sha-2.js';
+import { X25519Algorithm } from './algorithms/x25519.js';
 import { computeJwkThumbprint, isPrivateJwk, KEY_URI_PREFIX_JWK } from './jose/jwk.js';
 /**
  * `supportedAlgorithms` is an object mapping algorithm names to their respective implementations
@@ -36,6 +37,10 @@ const supportedAlgorithms = {
     'SHA-256': {
         implementation: Sha2Algorithm,
         names: ['SHA-256']
+    },
+    'X25519': {
+        implementation: X25519Algorithm,
+        names: ['X25519']
     }
 };
 export class LocalKeyManager {
@@ -148,7 +153,7 @@ export class LocalKeyManager {
      * @remarks
      * This method generates a {@link https://datatracker.ietf.org/doc/html/rfc3986 | URI}
      * (Uniform Resource Identifier) for the given JWK, which uniquely identifies the key across all
-     * `CryptoApi` implementations. The key URI is constructed by appending the
+     * `KeyManager` implementations. The key URI is constructed by appending the
      * {@link https://datatracker.ietf.org/doc/html/rfc7638 | JWK thumbprint} to the prefix
      * `urn:jwk:`. The JWK thumbprint is deterministically computed from the JWK and is consistent
      * regardless of property order or optional property inclusion in the JWK. This ensures that the