@f0rest8/metamorphic-crypto 0.8.1 → 0.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -42,6 +42,58 @@ export function deriveSessionKey(password: string, salt_b64: string): string;
42
42
  */
43
43
  export function deriveSigningPublicKey(secret_key_b64: string): string;
44
44
 
45
+ /**
46
+ * Generate an ECVRF-Edwards25519 keypair. Returns JSON: `{ secretKey, publicKey }`.
47
+ */
48
+ export function ecvrfEd25519GenerateKeyPair(): any;
49
+
50
+ /**
51
+ * Recover the base64 ECVRF-Edwards25519 output from a proof, without verifying.
52
+ */
53
+ export function ecvrfEd25519ProofToHash(proof_b64: string): string;
54
+
55
+ /**
56
+ * Produce an ECVRF-Edwards25519 proof (base64) for base64 `alpha`.
57
+ */
58
+ export function ecvrfEd25519Prove(secret_key_b64: string, alpha_b64: string): string;
59
+
60
+ /**
61
+ * Derive the base64 ECVRF-Edwards25519 public key from a base64 secret key.
62
+ */
63
+ export function ecvrfEd25519PublicKey(secret_key_b64: string): string;
64
+
65
+ /**
66
+ * Verify an ECVRF-Edwards25519 proof. Returns the base64 output on success, or
67
+ * `null` on a cryptographic rejection.
68
+ */
69
+ export function ecvrfEd25519Verify(public_key_b64: string, alpha_b64: string, proof_b64: string): string | undefined;
70
+
71
+ /**
72
+ * Generate an ECVRF-P256 keypair. Returns JSON: `{ secretKey, publicKey }`.
73
+ */
74
+ export function ecvrfP256GenerateKeyPair(): any;
75
+
76
+ /**
77
+ * Recover the base64 ECVRF-P256 output from a proof, without verifying.
78
+ */
79
+ export function ecvrfP256ProofToHash(proof_b64: string): string;
80
+
81
+ /**
82
+ * Produce an ECVRF-P256 proof (base64) for base64 `alpha`.
83
+ */
84
+ export function ecvrfP256Prove(secret_key_b64: string, alpha_b64: string): string;
85
+
86
+ /**
87
+ * Derive the base64 ECVRF-P256 public key from a base64 secret key.
88
+ */
89
+ export function ecvrfP256PublicKey(secret_key_b64: string): string;
90
+
91
+ /**
92
+ * Verify an ECVRF-P256 proof. Returns the base64 output on success, or `null`
93
+ * on a cryptographic rejection.
94
+ */
95
+ export function ecvrfP256Verify(public_key_b64: string, alpha_b64: string, proof_b64: string): string | undefined;
96
+
45
97
  /**
46
98
  * Encrypt a base64 private key with a session key. Returns base64 ciphertext.
47
99
  */
@@ -121,6 +173,12 @@ export function generateSigningKeyPair(level: string): any;
121
173
  */
122
174
  export function generateSigningKeyPairSuite(suite: string, level: string): any;
123
175
 
176
+ /**
177
+ * HMAC-SHA256 of base64 `msg` under base64 `key`. Returns the 32-byte tag as
178
+ * base64. Any key length is accepted (RFC 2104).
179
+ */
180
+ export function hmacSha256(key_b64: string, msg_b64: string): string;
181
+
124
182
  /**
125
183
  * Open a CNSA-2.0 (or legacy) hybrid ciphertext, supplying the context label
126
184
  * used at seal time for the new suites. Returns base64-encoded plaintext.
@@ -265,9 +323,20 @@ export interface InitOutput {
265
323
  readonly deriveSigningPublicKey: (a: number, b: number, c: number) => void;
266
324
  readonly sign: (a: number, b: number, c: number, d: number, e: number, f: number, g: number) => void;
267
325
  readonly verify: (a: number, b: number, c: number, d: number, e: number, f: number, g: number, h: number, i: number) => void;
326
+ readonly hmacSha256: (a: number, b: number, c: number, d: number, e: number) => void;
327
+ readonly ecvrfEd25519GenerateKeyPair: () => number;
328
+ readonly ecvrfEd25519PublicKey: (a: number, b: number, c: number) => void;
329
+ readonly ecvrfEd25519Prove: (a: number, b: number, c: number, d: number, e: number) => void;
330
+ readonly ecvrfEd25519Verify: (a: number, b: number, c: number, d: number, e: number, f: number, g: number) => void;
331
+ readonly ecvrfEd25519ProofToHash: (a: number, b: number, c: number) => void;
332
+ readonly ecvrfP256GenerateKeyPair: () => number;
333
+ readonly ecvrfP256PublicKey: (a: number, b: number, c: number) => void;
334
+ readonly ecvrfP256Prove: (a: number, b: number, c: number, d: number, e: number) => void;
335
+ readonly ecvrfP256Verify: (a: number, b: number, c: number, d: number, e: number, f: number, g: number) => void;
336
+ readonly ecvrfP256ProofToHash: (a: number, b: number, c: number) => void;
337
+ readonly decryptPrivateKeyWithRecovery: (a: number, b: number, c: number, d: number, e: number) => void;
268
338
  readonly decryptSecretboxToString: (a: number, b: number, c: number, d: number, e: number) => void;
269
339
  readonly encryptSecretboxString: (a: number, b: number, c: number, d: number, e: number) => void;
270
- readonly decryptPrivateKeyWithRecovery: (a: number, b: number, c: number, d: number, e: number) => void;
271
340
  readonly encryptPrivateKeyForRecovery: (a: number, b: number, c: number, d: number, e: number) => void;
272
341
  readonly __wbindgen_export: (a: number, b: number) => number;
273
342
  readonly __wbindgen_export2: (a: number, b: number, c: number, d: number) => number;
@@ -281,6 +281,294 @@ export function deriveSigningPublicKey(secret_key_b64) {
281
281
  }
282
282
  }
283
283
 
284
+ /**
285
+ * Generate an ECVRF-Edwards25519 keypair. Returns JSON: `{ secretKey, publicKey }`.
286
+ * @returns {any}
287
+ */
288
+ export function ecvrfEd25519GenerateKeyPair() {
289
+ const ret = wasm.ecvrfEd25519GenerateKeyPair();
290
+ return takeObject(ret);
291
+ }
292
+
293
+ /**
294
+ * Recover the base64 ECVRF-Edwards25519 output from a proof, without verifying.
295
+ * @param {string} proof_b64
296
+ * @returns {string}
297
+ */
298
+ export function ecvrfEd25519ProofToHash(proof_b64) {
299
+ let deferred3_0;
300
+ let deferred3_1;
301
+ try {
302
+ const retptr = wasm.__wbindgen_add_to_stack_pointer(-16);
303
+ const ptr0 = passStringToWasm0(proof_b64, wasm.__wbindgen_export, wasm.__wbindgen_export2);
304
+ const len0 = WASM_VECTOR_LEN;
305
+ wasm.ecvrfEd25519ProofToHash(retptr, ptr0, len0);
306
+ var r0 = getDataViewMemory0().getInt32(retptr + 4 * 0, true);
307
+ var r1 = getDataViewMemory0().getInt32(retptr + 4 * 1, true);
308
+ var r2 = getDataViewMemory0().getInt32(retptr + 4 * 2, true);
309
+ var r3 = getDataViewMemory0().getInt32(retptr + 4 * 3, true);
310
+ var ptr2 = r0;
311
+ var len2 = r1;
312
+ if (r3) {
313
+ ptr2 = 0; len2 = 0;
314
+ throw takeObject(r2);
315
+ }
316
+ deferred3_0 = ptr2;
317
+ deferred3_1 = len2;
318
+ return getStringFromWasm0(ptr2, len2);
319
+ } finally {
320
+ wasm.__wbindgen_add_to_stack_pointer(16);
321
+ wasm.__wbindgen_export4(deferred3_0, deferred3_1, 1);
322
+ }
323
+ }
324
+
325
+ /**
326
+ * Produce an ECVRF-Edwards25519 proof (base64) for base64 `alpha`.
327
+ * @param {string} secret_key_b64
328
+ * @param {string} alpha_b64
329
+ * @returns {string}
330
+ */
331
+ export function ecvrfEd25519Prove(secret_key_b64, alpha_b64) {
332
+ let deferred4_0;
333
+ let deferred4_1;
334
+ try {
335
+ const retptr = wasm.__wbindgen_add_to_stack_pointer(-16);
336
+ const ptr0 = passStringToWasm0(secret_key_b64, wasm.__wbindgen_export, wasm.__wbindgen_export2);
337
+ const len0 = WASM_VECTOR_LEN;
338
+ const ptr1 = passStringToWasm0(alpha_b64, wasm.__wbindgen_export, wasm.__wbindgen_export2);
339
+ const len1 = WASM_VECTOR_LEN;
340
+ wasm.ecvrfEd25519Prove(retptr, ptr0, len0, ptr1, len1);
341
+ var r0 = getDataViewMemory0().getInt32(retptr + 4 * 0, true);
342
+ var r1 = getDataViewMemory0().getInt32(retptr + 4 * 1, true);
343
+ var r2 = getDataViewMemory0().getInt32(retptr + 4 * 2, true);
344
+ var r3 = getDataViewMemory0().getInt32(retptr + 4 * 3, true);
345
+ var ptr3 = r0;
346
+ var len3 = r1;
347
+ if (r3) {
348
+ ptr3 = 0; len3 = 0;
349
+ throw takeObject(r2);
350
+ }
351
+ deferred4_0 = ptr3;
352
+ deferred4_1 = len3;
353
+ return getStringFromWasm0(ptr3, len3);
354
+ } finally {
355
+ wasm.__wbindgen_add_to_stack_pointer(16);
356
+ wasm.__wbindgen_export4(deferred4_0, deferred4_1, 1);
357
+ }
358
+ }
359
+
360
+ /**
361
+ * Derive the base64 ECVRF-Edwards25519 public key from a base64 secret key.
362
+ * @param {string} secret_key_b64
363
+ * @returns {string}
364
+ */
365
+ export function ecvrfEd25519PublicKey(secret_key_b64) {
366
+ let deferred3_0;
367
+ let deferred3_1;
368
+ try {
369
+ const retptr = wasm.__wbindgen_add_to_stack_pointer(-16);
370
+ const ptr0 = passStringToWasm0(secret_key_b64, wasm.__wbindgen_export, wasm.__wbindgen_export2);
371
+ const len0 = WASM_VECTOR_LEN;
372
+ wasm.ecvrfEd25519PublicKey(retptr, ptr0, len0);
373
+ var r0 = getDataViewMemory0().getInt32(retptr + 4 * 0, true);
374
+ var r1 = getDataViewMemory0().getInt32(retptr + 4 * 1, true);
375
+ var r2 = getDataViewMemory0().getInt32(retptr + 4 * 2, true);
376
+ var r3 = getDataViewMemory0().getInt32(retptr + 4 * 3, true);
377
+ var ptr2 = r0;
378
+ var len2 = r1;
379
+ if (r3) {
380
+ ptr2 = 0; len2 = 0;
381
+ throw takeObject(r2);
382
+ }
383
+ deferred3_0 = ptr2;
384
+ deferred3_1 = len2;
385
+ return getStringFromWasm0(ptr2, len2);
386
+ } finally {
387
+ wasm.__wbindgen_add_to_stack_pointer(16);
388
+ wasm.__wbindgen_export4(deferred3_0, deferred3_1, 1);
389
+ }
390
+ }
391
+
392
+ /**
393
+ * Verify an ECVRF-Edwards25519 proof. Returns the base64 output on success, or
394
+ * `null` on a cryptographic rejection.
395
+ * @param {string} public_key_b64
396
+ * @param {string} alpha_b64
397
+ * @param {string} proof_b64
398
+ * @returns {string | undefined}
399
+ */
400
+ export function ecvrfEd25519Verify(public_key_b64, alpha_b64, proof_b64) {
401
+ try {
402
+ const retptr = wasm.__wbindgen_add_to_stack_pointer(-16);
403
+ const ptr0 = passStringToWasm0(public_key_b64, wasm.__wbindgen_export, wasm.__wbindgen_export2);
404
+ const len0 = WASM_VECTOR_LEN;
405
+ const ptr1 = passStringToWasm0(alpha_b64, wasm.__wbindgen_export, wasm.__wbindgen_export2);
406
+ const len1 = WASM_VECTOR_LEN;
407
+ const ptr2 = passStringToWasm0(proof_b64, wasm.__wbindgen_export, wasm.__wbindgen_export2);
408
+ const len2 = WASM_VECTOR_LEN;
409
+ wasm.ecvrfEd25519Verify(retptr, ptr0, len0, ptr1, len1, ptr2, len2);
410
+ var r0 = getDataViewMemory0().getInt32(retptr + 4 * 0, true);
411
+ var r1 = getDataViewMemory0().getInt32(retptr + 4 * 1, true);
412
+ var r2 = getDataViewMemory0().getInt32(retptr + 4 * 2, true);
413
+ var r3 = getDataViewMemory0().getInt32(retptr + 4 * 3, true);
414
+ if (r3) {
415
+ throw takeObject(r2);
416
+ }
417
+ let v4;
418
+ if (r0 !== 0) {
419
+ v4 = getStringFromWasm0(r0, r1).slice();
420
+ wasm.__wbindgen_export4(r0, r1 * 1, 1);
421
+ }
422
+ return v4;
423
+ } finally {
424
+ wasm.__wbindgen_add_to_stack_pointer(16);
425
+ }
426
+ }
427
+
428
+ /**
429
+ * Generate an ECVRF-P256 keypair. Returns JSON: `{ secretKey, publicKey }`.
430
+ * @returns {any}
431
+ */
432
+ export function ecvrfP256GenerateKeyPair() {
433
+ const ret = wasm.ecvrfP256GenerateKeyPair();
434
+ return takeObject(ret);
435
+ }
436
+
437
+ /**
438
+ * Recover the base64 ECVRF-P256 output from a proof, without verifying.
439
+ * @param {string} proof_b64
440
+ * @returns {string}
441
+ */
442
+ export function ecvrfP256ProofToHash(proof_b64) {
443
+ let deferred3_0;
444
+ let deferred3_1;
445
+ try {
446
+ const retptr = wasm.__wbindgen_add_to_stack_pointer(-16);
447
+ const ptr0 = passStringToWasm0(proof_b64, wasm.__wbindgen_export, wasm.__wbindgen_export2);
448
+ const len0 = WASM_VECTOR_LEN;
449
+ wasm.ecvrfP256ProofToHash(retptr, ptr0, len0);
450
+ var r0 = getDataViewMemory0().getInt32(retptr + 4 * 0, true);
451
+ var r1 = getDataViewMemory0().getInt32(retptr + 4 * 1, true);
452
+ var r2 = getDataViewMemory0().getInt32(retptr + 4 * 2, true);
453
+ var r3 = getDataViewMemory0().getInt32(retptr + 4 * 3, true);
454
+ var ptr2 = r0;
455
+ var len2 = r1;
456
+ if (r3) {
457
+ ptr2 = 0; len2 = 0;
458
+ throw takeObject(r2);
459
+ }
460
+ deferred3_0 = ptr2;
461
+ deferred3_1 = len2;
462
+ return getStringFromWasm0(ptr2, len2);
463
+ } finally {
464
+ wasm.__wbindgen_add_to_stack_pointer(16);
465
+ wasm.__wbindgen_export4(deferred3_0, deferred3_1, 1);
466
+ }
467
+ }
468
+
469
+ /**
470
+ * Produce an ECVRF-P256 proof (base64) for base64 `alpha`.
471
+ * @param {string} secret_key_b64
472
+ * @param {string} alpha_b64
473
+ * @returns {string}
474
+ */
475
+ export function ecvrfP256Prove(secret_key_b64, alpha_b64) {
476
+ let deferred4_0;
477
+ let deferred4_1;
478
+ try {
479
+ const retptr = wasm.__wbindgen_add_to_stack_pointer(-16);
480
+ const ptr0 = passStringToWasm0(secret_key_b64, wasm.__wbindgen_export, wasm.__wbindgen_export2);
481
+ const len0 = WASM_VECTOR_LEN;
482
+ const ptr1 = passStringToWasm0(alpha_b64, wasm.__wbindgen_export, wasm.__wbindgen_export2);
483
+ const len1 = WASM_VECTOR_LEN;
484
+ wasm.ecvrfP256Prove(retptr, ptr0, len0, ptr1, len1);
485
+ var r0 = getDataViewMemory0().getInt32(retptr + 4 * 0, true);
486
+ var r1 = getDataViewMemory0().getInt32(retptr + 4 * 1, true);
487
+ var r2 = getDataViewMemory0().getInt32(retptr + 4 * 2, true);
488
+ var r3 = getDataViewMemory0().getInt32(retptr + 4 * 3, true);
489
+ var ptr3 = r0;
490
+ var len3 = r1;
491
+ if (r3) {
492
+ ptr3 = 0; len3 = 0;
493
+ throw takeObject(r2);
494
+ }
495
+ deferred4_0 = ptr3;
496
+ deferred4_1 = len3;
497
+ return getStringFromWasm0(ptr3, len3);
498
+ } finally {
499
+ wasm.__wbindgen_add_to_stack_pointer(16);
500
+ wasm.__wbindgen_export4(deferred4_0, deferred4_1, 1);
501
+ }
502
+ }
503
+
504
+ /**
505
+ * Derive the base64 ECVRF-P256 public key from a base64 secret key.
506
+ * @param {string} secret_key_b64
507
+ * @returns {string}
508
+ */
509
+ export function ecvrfP256PublicKey(secret_key_b64) {
510
+ let deferred3_0;
511
+ let deferred3_1;
512
+ try {
513
+ const retptr = wasm.__wbindgen_add_to_stack_pointer(-16);
514
+ const ptr0 = passStringToWasm0(secret_key_b64, wasm.__wbindgen_export, wasm.__wbindgen_export2);
515
+ const len0 = WASM_VECTOR_LEN;
516
+ wasm.ecvrfP256PublicKey(retptr, ptr0, len0);
517
+ var r0 = getDataViewMemory0().getInt32(retptr + 4 * 0, true);
518
+ var r1 = getDataViewMemory0().getInt32(retptr + 4 * 1, true);
519
+ var r2 = getDataViewMemory0().getInt32(retptr + 4 * 2, true);
520
+ var r3 = getDataViewMemory0().getInt32(retptr + 4 * 3, true);
521
+ var ptr2 = r0;
522
+ var len2 = r1;
523
+ if (r3) {
524
+ ptr2 = 0; len2 = 0;
525
+ throw takeObject(r2);
526
+ }
527
+ deferred3_0 = ptr2;
528
+ deferred3_1 = len2;
529
+ return getStringFromWasm0(ptr2, len2);
530
+ } finally {
531
+ wasm.__wbindgen_add_to_stack_pointer(16);
532
+ wasm.__wbindgen_export4(deferred3_0, deferred3_1, 1);
533
+ }
534
+ }
535
+
536
+ /**
537
+ * Verify an ECVRF-P256 proof. Returns the base64 output on success, or `null`
538
+ * on a cryptographic rejection.
539
+ * @param {string} public_key_b64
540
+ * @param {string} alpha_b64
541
+ * @param {string} proof_b64
542
+ * @returns {string | undefined}
543
+ */
544
+ export function ecvrfP256Verify(public_key_b64, alpha_b64, proof_b64) {
545
+ try {
546
+ const retptr = wasm.__wbindgen_add_to_stack_pointer(-16);
547
+ const ptr0 = passStringToWasm0(public_key_b64, wasm.__wbindgen_export, wasm.__wbindgen_export2);
548
+ const len0 = WASM_VECTOR_LEN;
549
+ const ptr1 = passStringToWasm0(alpha_b64, wasm.__wbindgen_export, wasm.__wbindgen_export2);
550
+ const len1 = WASM_VECTOR_LEN;
551
+ const ptr2 = passStringToWasm0(proof_b64, wasm.__wbindgen_export, wasm.__wbindgen_export2);
552
+ const len2 = WASM_VECTOR_LEN;
553
+ wasm.ecvrfP256Verify(retptr, ptr0, len0, ptr1, len1, ptr2, len2);
554
+ var r0 = getDataViewMemory0().getInt32(retptr + 4 * 0, true);
555
+ var r1 = getDataViewMemory0().getInt32(retptr + 4 * 1, true);
556
+ var r2 = getDataViewMemory0().getInt32(retptr + 4 * 2, true);
557
+ var r3 = getDataViewMemory0().getInt32(retptr + 4 * 3, true);
558
+ if (r3) {
559
+ throw takeObject(r2);
560
+ }
561
+ let v4;
562
+ if (r0 !== 0) {
563
+ v4 = getStringFromWasm0(r0, r1).slice();
564
+ wasm.__wbindgen_export4(r0, r1 * 1, 1);
565
+ }
566
+ return v4;
567
+ } finally {
568
+ wasm.__wbindgen_add_to_stack_pointer(16);
569
+ }
570
+ }
571
+
284
572
  /**
285
573
  * Encrypt a base64 private key with a session key. Returns base64 ciphertext.
286
574
  * @param {string} private_key_b64
@@ -603,6 +891,42 @@ export function generateSigningKeyPairSuite(suite, level) {
603
891
  }
604
892
  }
605
893
 
894
+ /**
895
+ * HMAC-SHA256 of base64 `msg` under base64 `key`. Returns the 32-byte tag as
896
+ * base64. Any key length is accepted (RFC 2104).
897
+ * @param {string} key_b64
898
+ * @param {string} msg_b64
899
+ * @returns {string}
900
+ */
901
+ export function hmacSha256(key_b64, msg_b64) {
902
+ let deferred4_0;
903
+ let deferred4_1;
904
+ try {
905
+ const retptr = wasm.__wbindgen_add_to_stack_pointer(-16);
906
+ const ptr0 = passStringToWasm0(key_b64, wasm.__wbindgen_export, wasm.__wbindgen_export2);
907
+ const len0 = WASM_VECTOR_LEN;
908
+ const ptr1 = passStringToWasm0(msg_b64, wasm.__wbindgen_export, wasm.__wbindgen_export2);
909
+ const len1 = WASM_VECTOR_LEN;
910
+ wasm.hmacSha256(retptr, ptr0, len0, ptr1, len1);
911
+ var r0 = getDataViewMemory0().getInt32(retptr + 4 * 0, true);
912
+ var r1 = getDataViewMemory0().getInt32(retptr + 4 * 1, true);
913
+ var r2 = getDataViewMemory0().getInt32(retptr + 4 * 2, true);
914
+ var r3 = getDataViewMemory0().getInt32(retptr + 4 * 3, true);
915
+ var ptr3 = r0;
916
+ var len3 = r1;
917
+ if (r3) {
918
+ ptr3 = 0; len3 = 0;
919
+ throw takeObject(r2);
920
+ }
921
+ deferred4_0 = ptr3;
922
+ deferred4_1 = len3;
923
+ return getStringFromWasm0(ptr3, len3);
924
+ } finally {
925
+ wasm.__wbindgen_add_to_stack_pointer(16);
926
+ wasm.__wbindgen_export4(deferred4_0, deferred4_1, 1);
927
+ }
928
+ }
929
+
606
930
  /**
607
931
  * Open a CNSA-2.0 (or legacy) hybrid ciphertext, supplying the context label
608
932
  * used at seal time for the new suites. Returns base64-encoded plaintext.
Binary file
package/package.json CHANGED
@@ -2,7 +2,7 @@
2
2
  "name": "@f0rest8/metamorphic-crypto",
3
3
  "type": "module",
4
4
  "description": "Zero-knowledge end-to-end encryption with post-quantum hybrid KEM (ML-KEM + X25519) and an opt-in CNSA 2.0 suite axis (matched-strength hybrid + pure ML-KEM-1024 / ML-DSA-87 / AES-256-GCM)",
5
- "version": "0.8.1",
5
+ "version": "0.9.0",
6
6
  "license": "MIT OR Apache-2.0",
7
7
  "repository": {
8
8
  "type": "git",