@hg-ts/rsa 0.7.26 → 0.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +91 -0
- package/dist/X25519/key-pair.d.ts +4 -4
- package/dist/X25519/key-pair.d.ts.map +1 -1
- package/dist/X25519/key-pair.js +3 -5
- package/dist/X25519/key-pair.js.map +1 -1
- package/dist/X25519/private-key.d.ts +5 -4
- package/dist/X25519/private-key.d.ts.map +1 -1
- package/dist/X25519/private-key.js +8 -21
- package/dist/X25519/private-key.js.map +1 -1
- package/dist/X25519/public-key.d.ts +4 -6
- package/dist/X25519/public-key.d.ts.map +1 -1
- package/dist/X25519/public-key.js +8 -19
- package/dist/X25519/public-key.js.map +1 -1
- package/dist/X25519/x25519.test.d.ts +7 -6
- package/dist/X25519/x25519.test.d.ts.map +1 -1
- package/dist/X25519/x25519.test.js +70 -58
- package/dist/X25519/x25519.test.js.map +1 -1
- package/dist/aead/index.d.ts +2 -0
- package/dist/aead/index.d.ts.map +1 -0
- package/dist/aead/index.js +2 -0
- package/dist/aead/index.js.map +1 -0
- package/dist/aead/xchacha20-poly1305.d.ts +10 -0
- package/dist/aead/xchacha20-poly1305.d.ts.map +1 -0
- package/dist/aead/xchacha20-poly1305.js +48 -0
- package/dist/aead/xchacha20-poly1305.js.map +1 -0
- package/dist/aead/xchacha20-poly1305.test.d.ts +14 -0
- package/dist/aead/xchacha20-poly1305.test.d.ts.map +1 -0
- package/dist/aead/xchacha20-poly1305.test.js +140 -0
- package/dist/aead/xchacha20-poly1305.test.js.map +1 -0
- package/dist/base/index.d.ts +1 -0
- package/dist/base/index.d.ts.map +1 -1
- package/dist/base/index.js +1 -0
- package/dist/base/index.js.map +1 -1
- package/dist/base/key-capabilities.d.ts +36 -0
- package/dist/base/key-capabilities.d.ts.map +1 -0
- package/dist/base/key-capabilities.js +2 -0
- package/dist/base/key-capabilities.js.map +1 -0
- package/dist/base/key-pair.d.ts +3 -7
- package/dist/base/key-pair.d.ts.map +1 -1
- package/dist/base/key-pair.js.map +1 -1
- package/dist/base/key.d.ts +2 -1
- package/dist/base/key.d.ts.map +1 -1
- package/dist/base/key.js.map +1 -1
- package/dist/base/private-key.d.ts +2 -3
- package/dist/base/private-key.d.ts.map +1 -1
- package/dist/base/private-key.js.map +1 -1
- package/dist/base/public-key.d.ts +2 -3
- package/dist/base/public-key.d.ts.map +1 -1
- package/dist/base/public-key.js.map +1 -1
- package/dist/exceptions/hkdf-output-length.exception.d.ts +5 -0
- package/dist/exceptions/hkdf-output-length.exception.d.ts.map +1 -0
- package/dist/exceptions/hkdf-output-length.exception.js +7 -0
- package/dist/exceptions/hkdf-output-length.exception.js.map +1 -0
- package/dist/exceptions/index.d.ts +4 -0
- package/dist/exceptions/index.d.ts.map +1 -1
- package/dist/exceptions/index.js +4 -0
- package/dist/exceptions/index.js.map +1 -1
- package/dist/exceptions/invalid-encryption-key.exception.d.ts +5 -0
- package/dist/exceptions/invalid-encryption-key.exception.d.ts.map +1 -0
- package/dist/exceptions/invalid-encryption-key.exception.js +7 -0
- package/dist/exceptions/invalid-encryption-key.exception.js.map +1 -0
- package/dist/exceptions/invalid-pq-kem-key-length.exception.d.ts +5 -0
- package/dist/exceptions/invalid-pq-kem-key-length.exception.d.ts.map +1 -0
- package/dist/exceptions/invalid-pq-kem-key-length.exception.js +7 -0
- package/dist/exceptions/invalid-pq-kem-key-length.exception.js.map +1 -0
- package/dist/exceptions/invalid-pq-kem-message-length.exception.d.ts +5 -0
- package/dist/exceptions/invalid-pq-kem-message-length.exception.d.ts.map +1 -0
- package/dist/exceptions/invalid-pq-kem-message-length.exception.js +7 -0
- package/dist/exceptions/invalid-pq-kem-message-length.exception.js.map +1 -0
- package/dist/index.d.ts +3 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +3 -0
- package/dist/index.js.map +1 -1
- package/dist/pq-kem/algorithm.d.ts +16 -0
- package/dist/pq-kem/algorithm.d.ts.map +1 -0
- package/dist/pq-kem/algorithm.js +25 -0
- package/dist/pq-kem/algorithm.js.map +1 -0
- package/dist/pq-kem/index.d.ts +5 -0
- package/dist/pq-kem/index.d.ts.map +1 -0
- package/dist/pq-kem/index.js +5 -0
- package/dist/pq-kem/index.js.map +1 -0
- package/dist/pq-kem/key-pair.d.ts +15 -0
- package/dist/pq-kem/key-pair.d.ts.map +1 -0
- package/dist/pq-kem/key-pair.js +44 -0
- package/dist/pq-kem/key-pair.js.map +1 -0
- package/dist/pq-kem/pq-kem.test.d.ts +18 -0
- package/dist/pq-kem/pq-kem.test.d.ts.map +1 -0
- package/dist/pq-kem/pq-kem.test.js +173 -0
- package/dist/pq-kem/pq-kem.test.js.map +1 -0
- package/dist/pq-kem/private-key.d.ts +16 -0
- package/dist/pq-kem/private-key.d.ts.map +1 -0
- package/dist/pq-kem/private-key.js +43 -0
- package/dist/pq-kem/private-key.js.map +1 -0
- package/dist/pq-kem/public-key.d.ts +18 -0
- package/dist/pq-kem/public-key.d.ts.map +1 -0
- package/dist/pq-kem/public-key.js +70 -0
- package/dist/pq-kem/public-key.js.map +1 -0
- package/dist/rsa/key-pair.d.ts +2 -2
- package/dist/rsa/key-pair.d.ts.map +1 -1
- package/dist/rsa/key-pair.js.map +1 -1
- package/dist/rsa/private-key.d.ts +3 -2
- package/dist/rsa/private-key.d.ts.map +1 -1
- package/dist/rsa/private-key.js +2 -1
- package/dist/rsa/private-key.js.map +1 -1
- package/dist/rsa/public-key.d.ts +3 -2
- package/dist/rsa/public-key.d.ts.map +1 -1
- package/dist/rsa/public-key.js +2 -1
- package/dist/rsa/public-key.js.map +1 -1
- package/dist/rsa/rsa.test.d.ts.map +1 -1
- package/dist/rsa/rsa.test.js +1 -0
- package/dist/rsa/rsa.test.js.map +1 -1
- package/dist/utils/hkdf.d.ts +26 -0
- package/dist/utils/hkdf.d.ts.map +1 -0
- package/dist/utils/hkdf.js +43 -0
- package/dist/utils/hkdf.js.map +1 -0
- package/dist/utils/hkdf.test.d.ts +7 -0
- package/dist/utils/hkdf.test.d.ts.map +1 -0
- package/dist/utils/hkdf.test.js +79 -0
- package/dist/utils/hkdf.test.js.map +1 -0
- package/dist/utils/hmac.d.ts +5 -0
- package/dist/utils/hmac.d.ts.map +1 -0
- package/dist/utils/hmac.js +16 -0
- package/dist/utils/hmac.js.map +1 -0
- package/dist/utils/hmac.test.d.ts +6 -0
- package/dist/utils/hmac.test.d.ts.map +1 -0
- package/dist/utils/hmac.test.js +33 -0
- package/dist/utils/hmac.test.js.map +1 -0
- package/dist/utils/index.d.ts +4 -0
- package/dist/utils/index.d.ts.map +1 -0
- package/dist/utils/index.js +4 -0
- package/dist/utils/index.js.map +1 -0
- package/dist/utils/kdf.d.ts +3 -0
- package/dist/utils/kdf.d.ts.map +1 -0
- package/dist/utils/kdf.js +10 -0
- package/dist/utils/kdf.js.map +1 -0
- package/package.json +16 -10
- package/src/X25519/key-pair.ts +9 -9
- package/src/X25519/private-key.ts +15 -30
- package/src/X25519/public-key.ts +15 -31
- package/src/X25519/x25519.test.ts +81 -68
- package/src/aead/index.ts +1 -0
- package/src/aead/xchacha20-poly1305.test.ts +147 -0
- package/src/aead/xchacha20-poly1305.ts +80 -0
- package/src/base/index.ts +1 -0
- package/src/base/key-capabilities.ts +54 -0
- package/src/base/key-pair.ts +6 -11
- package/src/base/key.ts +3 -1
- package/src/base/private-key.ts +2 -5
- package/src/base/public-key.ts +4 -5
- package/src/exceptions/hkdf-output-length.exception.ts +7 -0
- package/src/exceptions/index.ts +4 -0
- package/src/exceptions/invalid-encryption-key.exception.ts +7 -0
- package/src/exceptions/invalid-pq-kem-key-length.exception.ts +7 -0
- package/src/exceptions/invalid-pq-kem-message-length.exception.ts +7 -0
- package/src/index.ts +3 -0
- package/src/pq-kem/algorithm.ts +51 -0
- package/src/pq-kem/index.ts +4 -0
- package/src/pq-kem/key-pair.ts +76 -0
- package/src/pq-kem/pq-kem.test.ts +144 -0
- package/src/pq-kem/private-key.ts +67 -0
- package/src/pq-kem/public-key.ts +99 -0
- package/src/rsa/key-pair.ts +11 -5
- package/src/rsa/private-key.ts +9 -2
- package/src/rsa/public-key.ts +9 -2
- package/src/rsa/rsa.test.ts +1 -0
- package/src/utils/hkdf.test.ts +77 -0
- package/src/utils/hkdf.ts +89 -0
- package/src/utils/hmac.test.ts +43 -0
- package/src/utils/hmac.ts +21 -0
- package/src/utils/index.ts +3 -0
- package/src/utils/kdf.ts +17 -0
- package/tsconfig.json +3 -1
- package/dist/X25519/utils.d.ts +0 -2
- package/dist/X25519/utils.d.ts.map +0 -1
- package/dist/X25519/utils.js +0 -12
- package/dist/X25519/utils.js.map +0 -1
- package/src/X25519/utils.ts +0 -22
package/README.md
CHANGED
|
@@ -7,10 +7,19 @@
|
|
|
7
7
|
- подписи и проверки подписи;
|
|
8
8
|
- восстановления ключей из PEM.
|
|
9
9
|
|
|
10
|
+
Также пакет содержит реализации:
|
|
11
|
+
|
|
12
|
+
- X25519 key agreement;
|
|
13
|
+
- XChaCha20-Poly1305 AEAD;
|
|
14
|
+
- ML-KEM post-quantum KEM.
|
|
15
|
+
|
|
10
16
|
## Экспорт
|
|
11
17
|
|
|
12
18
|
```ts
|
|
13
19
|
import {
|
|
20
|
+
PqKemKeyPair,
|
|
21
|
+
PqKemPrivateKey,
|
|
22
|
+
PqKemPublicKey,
|
|
14
23
|
RsaKeyPair,
|
|
15
24
|
RsaPrivateKey,
|
|
16
25
|
RsaPublicKey,
|
|
@@ -95,6 +104,78 @@ const publicKey = RsaPublicKey.fromString(pem);
|
|
|
95
104
|
|
|
96
105
|
`RsaPublicKey.schema` валидирует PEM публичного ключа и нормализует его через повторную сериализацию.
|
|
97
106
|
|
|
107
|
+
### `PqKemKeyPair`
|
|
108
|
+
|
|
109
|
+
Реализация post-quantum KEM на базе ML-KEM из FIPS 203. По умолчанию используется 768-битный параметр `ML-KEM-768`.
|
|
110
|
+
|
|
111
|
+
```ts
|
|
112
|
+
type PqKemAlgorithm = 512 | 768 | 1024;
|
|
113
|
+
|
|
114
|
+
type PqKemKeyPairOptions = {
|
|
115
|
+
bits?: PqKemAlgorithm;
|
|
116
|
+
seed?: string;
|
|
117
|
+
privateKey?: PqKemPrivateKey | string;
|
|
118
|
+
}
|
|
119
|
+
```
|
|
120
|
+
|
|
121
|
+
Пример:
|
|
122
|
+
|
|
123
|
+
```ts
|
|
124
|
+
const recipient = new PqKemKeyPair({ bits: 768 });
|
|
125
|
+
|
|
126
|
+
const { cipherText, sharedSecret } = recipient.encapsulate();
|
|
127
|
+
const recipientSharedSecret = recipient.decapsulate(cipherText);
|
|
128
|
+
```
|
|
129
|
+
|
|
130
|
+
Методы и свойства:
|
|
131
|
+
|
|
132
|
+
- `encapsulate(message?: string | Buffer): { cipherText: Buffer; sharedSecret: Buffer }`
|
|
133
|
+
- `decapsulate(cipherText: string | Buffer): Buffer`
|
|
134
|
+
- `publicKey: string`
|
|
135
|
+
- `privateKey: string`
|
|
136
|
+
- `bits: PqKemAlgorithm`
|
|
137
|
+
|
|
138
|
+
Особенности:
|
|
139
|
+
|
|
140
|
+
- ключи сериализуются в base64;
|
|
141
|
+
- `PqKemPrivateKey.fromString` и `PqKemPublicKey.fromString` определяют `bits` по длине ключа;
|
|
142
|
+
- имя внутреннего алгоритма выводится из `bits`: `512 -> ML-KEM-512`, `768 -> ML-KEM-768`, `1024 -> ML-KEM-1024`;
|
|
143
|
+
- строковый `cipherText` для `decapsulate` читается как base64;
|
|
144
|
+
- опциональный `message` в `encapsulate` должен быть ровно 32 байта, как требует ML-KEM;
|
|
145
|
+
- при `seed` строка детерминированно приводится к 64-байтному seed через SHA-512 с доменным разделением по `bits`.
|
|
146
|
+
|
|
147
|
+
### `PqKemPrivateKey`
|
|
148
|
+
|
|
149
|
+
Создание из base64:
|
|
150
|
+
|
|
151
|
+
```ts
|
|
152
|
+
const privateKey = PqKemPrivateKey.fromString(value);
|
|
153
|
+
```
|
|
154
|
+
|
|
155
|
+
Методы:
|
|
156
|
+
|
|
157
|
+
- `decapsulate(cipherText: string | Buffer): Buffer`
|
|
158
|
+
- `toPublicKey(): PqKemPublicKey`
|
|
159
|
+
- `toString(): string`
|
|
160
|
+
- `static fromString(value: string): PqKemPrivateKey`
|
|
161
|
+
|
|
162
|
+
### `PqKemPublicKey`
|
|
163
|
+
|
|
164
|
+
Создание из base64:
|
|
165
|
+
|
|
166
|
+
```ts
|
|
167
|
+
const publicKey = PqKemPublicKey.fromString(value);
|
|
168
|
+
```
|
|
169
|
+
|
|
170
|
+
Методы:
|
|
171
|
+
|
|
172
|
+
- `encapsulate(message?: string | Buffer): { cipherText: Buffer; sharedSecret: Buffer }`
|
|
173
|
+
- `toString(): string`
|
|
174
|
+
- `static fromString(value: string): PqKemPublicKey`
|
|
175
|
+
- `static schema`
|
|
176
|
+
|
|
177
|
+
`PqKemPublicKey.schema` валидирует base64-публичный ключ PQKEM.
|
|
178
|
+
|
|
98
179
|
## Криптографическое поведение
|
|
99
180
|
|
|
100
181
|
По текущей реализации пакет использует:
|
|
@@ -104,6 +185,16 @@ const publicKey = RsaPublicKey.fromString(pem);
|
|
|
104
185
|
- хеш `SHA-256`;
|
|
105
186
|
- `saltLength: 20` для PSS.
|
|
106
187
|
|
|
188
|
+
ML-KEM реализован через `@noble/post-quantum` и поддерживает параметры `ML-KEM-512`, `ML-KEM-768`, `ML-KEM-1024`.
|
|
189
|
+
|
|
190
|
+
Во внешнем API этот примитив называется PQKEM:
|
|
191
|
+
|
|
192
|
+
- `PqKemKeyPair`
|
|
193
|
+
- `PqKemPrivateKey`
|
|
194
|
+
- `PqKemPublicKey`
|
|
195
|
+
- `PqKemAlgorithm`
|
|
196
|
+
- `PqKemEncapsulation`
|
|
197
|
+
|
|
107
198
|
См. реализацию:
|
|
108
199
|
|
|
109
200
|
- [rsa.public-key.ts](/Users/atsapko/Documents/Hyper%20Graph/social%20network/framework/packages/rsa/src/rsa.public-key.ts:32)
|
|
@@ -1,10 +1,10 @@
|
|
|
1
|
-
import
|
|
1
|
+
import Buffer from '@hg-ts/buffer';
|
|
2
|
+
import { BaseKeyPair, KeyAgreement, KeyPairOptions, KeyPairResult, NewKeyPairOptions, SigningPrivateKey, VerifyingPublicKey } from '../base/index.js';
|
|
2
3
|
import { X25519PrivateKey } from './private-key.js';
|
|
3
4
|
import { X25519PublicKey } from './public-key.js';
|
|
4
|
-
export declare class X25519KeyPair extends BaseKeyPair<X25519PrivateKey, X25519PublicKey> {
|
|
5
|
+
export declare class X25519KeyPair extends BaseKeyPair<X25519PrivateKey, X25519PublicKey> implements KeyAgreement<X25519PublicKey>, SigningPrivateKey, VerifyingPublicKey {
|
|
5
6
|
constructor(options?: KeyPairOptions<X25519PrivateKey>);
|
|
6
|
-
|
|
7
|
-
decrypt(value: string | Buffer, senderPublicKey: X25519PublicKey): string;
|
|
7
|
+
deriveSharedSecret(peerPublicKey: X25519PublicKey): Buffer;
|
|
8
8
|
sign(value: string): Buffer;
|
|
9
9
|
verify(signature: string | Buffer, value: string): boolean;
|
|
10
10
|
protected generateNewKeys(options: NewKeyPairOptions): KeyPairResult<X25519PrivateKey, X25519PublicKey>;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"key-pair.d.ts","sourceRoot":"","sources":["../../src/X25519/key-pair.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"key-pair.d.ts","sourceRoot":"","sources":["../../src/X25519/key-pair.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,eAAe,CAAC;AAEnC,OAAO,EACN,WAAW,EACX,YAAY,EACZ,cAAc,EACd,aAAa,EACb,iBAAiB,EACjB,iBAAiB,EACjB,kBAAkB,EAClB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AACpD,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAElD,qBAAa,aAAc,SAAQ,WAAW,CAC7C,gBAAgB,EAChB,eAAe,CACd,YAAW,YAAY,CAAC,eAAe,CAAC,EAAE,iBAAiB,EAAE,kBAAkB;gBAC7D,OAAO,GAAE,cAAc,CAAC,gBAAgB,CAAM;IAI1D,kBAAkB,CAAC,aAAa,EAAE,eAAe,GAAG,MAAM;IAI1D,IAAI,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAI3B,MAAM,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO;IAIjE,SAAS,CAAC,eAAe,CAAC,OAAO,EAAE,iBAAiB,GAAG,aAAa,CAAC,gBAAgB,EAAE,eAAe,CAAC;IAUvG,OAAO,CAAC,kBAAkB;CAa1B"}
|
package/dist/X25519/key-pair.js
CHANGED
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
import Buffer from '@hg-ts/buffer';
|
|
1
2
|
import sodium from 'libsodium-wrappers';
|
|
2
3
|
import { BaseKeyPair, } from '../base/index.js';
|
|
3
4
|
import { X25519PrivateKey } from './private-key.js';
|
|
@@ -5,11 +6,8 @@ export class X25519KeyPair extends BaseKeyPair {
|
|
|
5
6
|
constructor(options = {}) {
|
|
6
7
|
super(options, X25519PrivateKey);
|
|
7
8
|
}
|
|
8
|
-
|
|
9
|
-
return
|
|
10
|
-
}
|
|
11
|
-
decrypt(value, senderPublicKey) {
|
|
12
|
-
return this.privateKeyInstance.decrypt(value, senderPublicKey);
|
|
9
|
+
deriveSharedSecret(peerPublicKey) {
|
|
10
|
+
return this.privateKeyInstance.deriveSharedSecret(peerPublicKey);
|
|
13
11
|
}
|
|
14
12
|
sign(value) {
|
|
15
13
|
return this.privateKeyInstance.sign(value);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"key-pair.js","sourceRoot":"","sources":["../../src/X25519/key-pair.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,oBAAoB,CAAC;AACxC,OAAO,EACN,WAAW,
|
|
1
|
+
{"version":3,"file":"key-pair.js","sourceRoot":"","sources":["../../src/X25519/key-pair.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,eAAe,CAAC;AACnC,OAAO,MAAM,MAAM,oBAAoB,CAAC;AACxC,OAAO,EACN,WAAW,GAOX,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AAGpD,MAAM,OAAO,aAAc,SAAQ,WAGlC;IACA,YAAmB,UAA4C,EAAE;QAChE,KAAK,CAAC,OAAO,EAAE,gBAAgB,CAAC,CAAC;IAClC,CAAC;IAEM,kBAAkB,CAAC,aAA8B;QACvD,OAAO,IAAI,CAAC,kBAAkB,CAAC,kBAAkB,CAAC,aAAa,CAAC,CAAC;IAClE,CAAC;IAEM,IAAI,CAAC,KAAa;QACxB,OAAO,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC5C,CAAC;IAEM,MAAM,CAAC,SAA0B,EAAE,KAAa;QACtD,OAAO,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;IACxD,CAAC;IAES,eAAe,CAAC,OAA0B;QACnD,MAAM,UAAU,GAAG,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACzD,MAAM,kBAAkB,GAAG,IAAI,gBAAgB,CAAC,UAAU,CAAC,CAAC;QAE5D,OAAO;YACN,UAAU,EAAE,kBAAkB;YAC9B,SAAS,EAAE,kBAAkB,CAAC,WAAW,EAAE;SAC3C,CAAC;IACH,CAAC;IAEO,kBAAkB,CAAC,IAAa;QACvC,IAAI,CAAC,IAAI,EAAE,CAAC;YACX,OAAO,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,MAAM,CAAC,6BAA6B,CAAC,CAAC,CAAC;QAClF,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAExC,IAAI,KAAK,CAAC,MAAM,KAAK,MAAM,CAAC,6BAA6B,EAAE,CAAC;YAC3D,OAAO,KAAK,CAAC;QACd,CAAC;QAED,OAAO,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,MAAM,CAAC,6BAA6B,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC;IAClG,CAAC;CACD"}
|
|
@@ -1,8 +1,9 @@
|
|
|
1
|
-
import
|
|
1
|
+
import Buffer from '@hg-ts/buffer';
|
|
2
|
+
import { BasePrivateKey, KeyAgreementPrivateKey, SigningPrivateKey } from '../base/index.js';
|
|
2
3
|
import { X25519PublicKey } from './public-key.js';
|
|
3
|
-
export declare class X25519PrivateKey extends BasePrivateKey<Buffer, X25519PublicKey> {
|
|
4
|
-
|
|
5
|
-
sign(
|
|
4
|
+
export declare class X25519PrivateKey extends BasePrivateKey<Buffer, X25519PublicKey> implements KeyAgreementPrivateKey<X25519PublicKey, Buffer>, SigningPrivateKey {
|
|
5
|
+
deriveSharedSecret(peerPublicKey: X25519PublicKey): Buffer;
|
|
6
|
+
sign(value: string): Buffer;
|
|
6
7
|
toPublicKey(): X25519PublicKey;
|
|
7
8
|
toString(): string;
|
|
8
9
|
get nativeKey(): Buffer;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"private-key.d.ts","sourceRoot":"","sources":["../../src/X25519/private-key.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"private-key.d.ts","sourceRoot":"","sources":["../../src/X25519/private-key.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,eAAe,CAAC;AAGnC,OAAO,EACN,cAAc,EACd,sBAAsB,EACtB,iBAAiB,EACjB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAIlD,qBAAa,gBACZ,SAAQ,cAAc,CAAC,MAAM,EAAE,eAAe,CAC9C,YAAW,sBAAsB,CAAC,eAAe,EAAE,MAAM,CAAC,EAAE,iBAAiB;IACtE,kBAAkB,CAAC,aAAa,EAAE,eAAe,GAAG,MAAM;IAI1D,IAAI,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAIlB,WAAW,IAAI,eAAe;IAI9B,QAAQ,IAAI,MAAM;IAIlC,IAAoB,SAAS,IAAI,MAAM,CAEtC;WAEa,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,gBAAgB;CAGzD"}
|
|
@@ -1,28 +1,15 @@
|
|
|
1
|
-
import
|
|
1
|
+
import Buffer from '@hg-ts/buffer';
|
|
2
|
+
import { sign as curve25519Sign } from 'curve25519-js';
|
|
2
3
|
import sodium from 'libsodium-wrappers';
|
|
3
|
-
import { BasePrivateKey } from '../base/index.js';
|
|
4
|
-
import { InvalidDecryptionKeyExpection } from '../exceptions/index.js';
|
|
4
|
+
import { BasePrivateKey, } from '../base/index.js';
|
|
5
5
|
import { X25519PublicKey } from './public-key.js';
|
|
6
|
-
|
|
6
|
+
const sign = curve25519Sign;
|
|
7
7
|
export class X25519PrivateKey extends BasePrivateKey {
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
const senderPublicKey = senderPublicKeyInstance.nativeKey;
|
|
11
|
-
const sharedSecret = Buffer.from(sodium.crypto_scalarmult(this.key, senderPublicKey));
|
|
12
|
-
const publicKey = this.toPublicKey().nativeKey;
|
|
13
|
-
const encryptionKey = deriveEncryptionKey(sharedSecret, senderPublicKey, publicKey);
|
|
14
|
-
try {
|
|
15
|
-
const nonce = payload.subarray(0, 24);
|
|
16
|
-
const ciphertext = payload.subarray(24);
|
|
17
|
-
const decrypted = sodium.crypto_aead_xchacha20poly1305_ietf_decrypt(null, ciphertext, null, nonce, encryptionKey);
|
|
18
|
-
return Buffer.from(decrypted).toString('utf-8');
|
|
19
|
-
}
|
|
20
|
-
catch {
|
|
21
|
-
throw new InvalidDecryptionKeyExpection();
|
|
22
|
-
}
|
|
8
|
+
deriveSharedSecret(peerPublicKey) {
|
|
9
|
+
return Buffer.from(sodium.crypto_scalarmult(this.key, peerPublicKey.nativeKey));
|
|
23
10
|
}
|
|
24
|
-
sign(
|
|
25
|
-
|
|
11
|
+
sign(value) {
|
|
12
|
+
return Buffer.from(sign(this.key, Buffer.from(value, 'utf8')));
|
|
26
13
|
}
|
|
27
14
|
toPublicKey() {
|
|
28
15
|
return new X25519PublicKey(Buffer.from(sodium.crypto_scalarmult_base(this.key)));
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"private-key.js","sourceRoot":"","sources":["../../src/X25519/private-key.ts"],"names":[],"mappings":"AAAA,OAAO,
|
|
1
|
+
{"version":3,"file":"private-key.js","sourceRoot":"","sources":["../../src/X25519/private-key.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,eAAe,CAAC;AACnC,OAAO,EAAE,IAAI,IAAI,cAAc,EAAE,MAAM,eAAe,CAAC;AACvD,OAAO,MAAM,MAAM,oBAAoB,CAAC;AACxC,OAAO,EACN,cAAc,GAGd,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAElD,MAAM,IAAI,GAAG,cAA4E,CAAC;AAE1F,MAAM,OAAO,gBACZ,SAAQ,cAAuC;IAExC,kBAAkB,CAAC,aAA8B;QACvD,OAAO,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,IAAI,CAAC,GAAG,EAAE,aAAa,CAAC,SAAS,CAAC,CAAC,CAAC;IACjF,CAAC;IAEM,IAAI,CAAC,KAAa;QACxB,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC;IAChE,CAAC;IAEe,WAAW;QAC1B,OAAO,IAAI,eAAe,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,sBAAsB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IAClF,CAAC;IAEe,QAAQ;QACvB,OAAO,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACpC,CAAC;IAED,IAAoB,SAAS;QAC5B,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC9B,CAAC;IAEM,MAAM,CAAC,UAAU,CAAC,KAAa;QACrC,OAAO,IAAI,gBAAgB,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC,CAAC;IAC3D,CAAC;CACD"}
|
|
@@ -1,13 +1,11 @@
|
|
|
1
|
+
import Buffer from '@hg-ts/buffer';
|
|
1
2
|
import { z } from '@hg-ts/validation';
|
|
2
|
-
import { BasePublicKey } from '../base/index.js';
|
|
3
|
-
|
|
4
|
-
export declare class X25519PublicKey extends BasePublicKey<Buffer> {
|
|
3
|
+
import { BasePublicKey, KeyAgreementPublicKey, VerifyingPublicKey } from '../base/index.js';
|
|
4
|
+
export declare class X25519PublicKey extends BasePublicKey<Buffer> implements KeyAgreementPublicKey<Buffer>, VerifyingPublicKey {
|
|
5
5
|
static schema: z.ZodPipe<z.ZodPipe<z.ZodString, z.ZodTransform<string, string>>, z.ZodString>;
|
|
6
|
-
|
|
7
|
-
verify(_signature: string | Buffer, _value: string): boolean;
|
|
6
|
+
verify(signature: string | Buffer, value: string): boolean;
|
|
8
7
|
toString(): string;
|
|
9
8
|
get nativeKey(): Buffer;
|
|
10
9
|
static fromString(value: string): X25519PublicKey;
|
|
11
|
-
private formatInput;
|
|
12
10
|
}
|
|
13
11
|
//# sourceMappingURL=public-key.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"public-key.d.ts","sourceRoot":"","sources":["../../src/X25519/public-key.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"public-key.d.ts","sourceRoot":"","sources":["../../src/X25519/public-key.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,eAAe,CAAC;AACnC,OAAO,EAAE,CAAC,EAAE,MAAM,mBAAmB,CAAC;AAGtC,OAAO,EACN,aAAa,EACb,qBAAqB,EACrB,kBAAkB,EAClB,MAAM,kBAAkB,CAAC;AAmB1B,qBAAa,eACZ,SAAQ,aAAa,CAAC,MAAM,CAC5B,YAAW,qBAAqB,CAAC,MAAM,CAAC,EAAE,kBAAkB;IAC5D,OAAc,MAAM,iFAAU;IAEvB,MAAM,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO;IAQjD,QAAQ,IAAI,MAAM;IAIlC,IAAoB,SAAS,IAAI,MAAM,CAEtC;WAEa,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,eAAe;CAGxD"}
|
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
import
|
|
1
|
+
import Buffer from '@hg-ts/buffer';
|
|
2
2
|
import { z } from '@hg-ts/validation';
|
|
3
|
+
import { verify } from 'curve25519-js';
|
|
3
4
|
import sodium from 'libsodium-wrappers';
|
|
4
|
-
import { BasePublicKey } from '../base/index.js';
|
|
5
|
-
import { deriveEncryptionKey } from './utils.js';
|
|
5
|
+
import { BasePublicKey, } from '../base/index.js';
|
|
6
6
|
const schema = z.string().transform((value, ctx) => {
|
|
7
7
|
const publicKey = Buffer.from(value, 'base64');
|
|
8
8
|
if (publicKey.length !== sodium.crypto_scalarmult_BYTES) {
|
|
@@ -19,17 +19,11 @@ const schema = z.string().transform((value, ctx) => {
|
|
|
19
19
|
}).pipe(z.string());
|
|
20
20
|
export class X25519PublicKey extends BasePublicKey {
|
|
21
21
|
static schema = schema;
|
|
22
|
-
|
|
23
|
-
const
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
const nonce = Buffer.from(sodium.randombytes_buf(sodium.crypto_aead_xchacha20poly1305_ietf_NPUBBYTES));
|
|
28
|
-
const ciphertext = Buffer.from(sodium.crypto_aead_xchacha20poly1305_ietf_encrypt(this.formatInput(value), null, null, nonce, encryptionKey));
|
|
29
|
-
return Buffer.concat([nonce, ciphertext]);
|
|
30
|
-
}
|
|
31
|
-
verify(_signature, _value) {
|
|
32
|
-
throw new NotImplementedException();
|
|
22
|
+
verify(signature, value) {
|
|
23
|
+
const formattedSignature = typeof signature === 'string'
|
|
24
|
+
? Buffer.from(signature, 'base64')
|
|
25
|
+
: signature;
|
|
26
|
+
return verify(this.key, Buffer.from(value, 'utf8'), formattedSignature);
|
|
33
27
|
}
|
|
34
28
|
toString() {
|
|
35
29
|
return this.key.toString('base64');
|
|
@@ -40,10 +34,5 @@ export class X25519PublicKey extends BasePublicKey {
|
|
|
40
34
|
static fromString(value) {
|
|
41
35
|
return new X25519PublicKey(Buffer.from(value, 'base64'));
|
|
42
36
|
}
|
|
43
|
-
formatInput(value) {
|
|
44
|
-
return typeof value === 'string'
|
|
45
|
-
? Buffer.from(value, 'utf8')
|
|
46
|
-
: value;
|
|
47
|
-
}
|
|
48
37
|
}
|
|
49
38
|
//# sourceMappingURL=public-key.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"public-key.js","sourceRoot":"","sources":["../../src/X25519/public-key.ts"],"names":[],"mappings":"AAAA,OAAO,
|
|
1
|
+
{"version":3,"file":"public-key.js","sourceRoot":"","sources":["../../src/X25519/public-key.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,eAAe,CAAC;AACnC,OAAO,EAAE,CAAC,EAAE,MAAM,mBAAmB,CAAC;AACtC,OAAO,EAAE,MAAM,EAAE,MAAM,eAAe,CAAC;AACvC,OAAO,MAAM,MAAM,oBAAoB,CAAC;AACxC,OAAO,EACN,aAAa,GAGb,MAAM,kBAAkB,CAAC;AAE1B,MAAM,MAAM,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,SAAS,CAAC,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;IAClD,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;IAE/C,IAAI,SAAS,CAAC,MAAM,KAAK,MAAM,CAAC,uBAAuB,EAAE,CAAC;QACzD,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC;YACf,OAAO,EAAE,2BAA2B;YACpC,KAAK,EAAE,IAAI;YACX,IAAI,EAAE,gBAAgB;YACtB,KAAK,EAAE,KAAK;YACZ,MAAM,EAAE,mBAAmB;SAC3B,CAAC,CAAC;QACH,OAAO,KAAK,CAAC;IACd,CAAC;IAED,OAAO,KAAK,CAAC;AACd,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;AAEpB,MAAM,OAAO,eACZ,SAAQ,aAAqB;IAEtB,MAAM,CAAC,MAAM,GAAG,MAAM,CAAC;IAEvB,MAAM,CAAC,SAA0B,EAAE,KAAa;QACtD,MAAM,kBAAkB,GAAG,OAAO,SAAS,KAAK,QAAQ;YACvD,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,QAAQ,CAAC;YAClC,CAAC,CAAC,SAAS,CAAC;QAEb,OAAO,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,MAAM,CAAC,EAAE,kBAAkB,CAAC,CAAC;IACzE,CAAC;IAEe,QAAQ;QACvB,OAAO,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACpC,CAAC;IAED,IAAoB,SAAS;QAC5B,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC9B,CAAC;IAEM,MAAM,CAAC,UAAU,CAAC,KAAa;QACrC,OAAO,IAAI,eAAe,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC,CAAC;IAC1D,CAAC"}
|
|
@@ -1,16 +1,17 @@
|
|
|
1
1
|
import { Suite } from '@hg-ts/tests';
|
|
2
2
|
export declare class X25519Test extends Suite {
|
|
3
|
-
encryption(): Promise<void>;
|
|
4
|
-
duplicateEncryptionDifferences(): Promise<void>;
|
|
5
|
-
encryptionFailsForAnotherRecipient(): Promise<void>;
|
|
6
|
-
encryptionBuffer(): Promise<void>;
|
|
7
|
-
signature(): Promise<void>;
|
|
8
|
-
verify(): Promise<void>;
|
|
9
3
|
keyPairFromPrivateKeyString(): Promise<void>;
|
|
10
4
|
seededWithNonScalarBytesLength(): Promise<void>;
|
|
11
5
|
seededWithScalarBytesLength(): Promise<void>;
|
|
12
6
|
privateKeyFromString(): Promise<void>;
|
|
13
7
|
publicKeyFromString(): Promise<void>;
|
|
8
|
+
deriveSharedSecret(): Promise<void>;
|
|
9
|
+
deriveSharedSecretDifferentPairs(): Promise<void>;
|
|
10
|
+
deriveSharedSecretFromRestoredKeys(): Promise<void>;
|
|
11
|
+
signAndVerify(): Promise<void>;
|
|
12
|
+
signAndVerifyFromRestoredKeys(): Promise<void>;
|
|
13
|
+
verifyFailsForAnotherMessage(): Promise<void>;
|
|
14
|
+
verifyFailsForAnotherPublicKey(): Promise<void>;
|
|
14
15
|
publicKeyValidationValid(): Promise<void>;
|
|
15
16
|
publicKeyValidationFails(): Promise<void>;
|
|
16
17
|
setUp(): Promise<void>;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"x25519.test.d.ts","sourceRoot":"","sources":["../../src/X25519/x25519.test.ts"],"names":[],"mappings":"AACA,OAAO,EAIN,KAAK,EAEL,MAAM,cAAc,CAAC;
|
|
1
|
+
{"version":3,"file":"x25519.test.d.ts","sourceRoot":"","sources":["../../src/X25519/x25519.test.ts"],"names":[],"mappings":"AACA,OAAO,EAIN,KAAK,EAEL,MAAM,cAAc,CAAC;AAQtB,qBACa,UAAW,SAAQ,KAAK;IAEvB,2BAA2B,IAAI,OAAO,CAAC,IAAI,CAAC;IAU5C,8BAA8B,IAAI,OAAO,CAAC,IAAI,CAAC;IAW/C,2BAA2B,IAAI,OAAO,CAAC,IAAI,CAAC;IAY5C,oBAAoB,IAAI,OAAO,CAAC,IAAI,CAAC;IAQrC,mBAAmB,IAAI,OAAO,CAAC,IAAI,CAAC;IAQpC,kBAAkB,IAAI,OAAO,CAAC,IAAI,CAAC;IAWnC,gCAAgC,IAAI,OAAO,CAAC,IAAI,CAAC;IAYjD,kCAAkC,IAAI,OAAO,CAAC,IAAI,CAAC;IAanD,aAAa,IAAI,OAAO,CAAC,IAAI,CAAC;IAW9B,6BAA6B,IAAI,OAAO,CAAC,IAAI,CAAC;IAY9C,4BAA4B,IAAI,OAAO,CAAC,IAAI,CAAC;IAU7C,8BAA8B,IAAI,OAAO,CAAC,IAAI,CAAC;IAW/C,wBAAwB,IAAI,OAAO,CAAC,IAAI,CAAC;IAQzC,wBAAwB,IAAI,OAAO,CAAC,IAAI,CAAC;IAIhC,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;CAG5C"}
|
|
@@ -1,55 +1,12 @@
|
|
|
1
1
|
import { __decorate, __metadata } from "tslib";
|
|
2
|
-
import
|
|
2
|
+
import Buffer from '@hg-ts/buffer';
|
|
3
3
|
import { Describe, expect, ExpectException, Suite, Test, } from '@hg-ts/tests';
|
|
4
4
|
import { z } from '@hg-ts/validation';
|
|
5
5
|
import sodium from 'libsodium-wrappers';
|
|
6
|
-
import { InvalidDecryptionKeyExpection } from '../exceptions/index.js';
|
|
7
6
|
import { X25519KeyPair } from './key-pair.js';
|
|
8
7
|
import { X25519PrivateKey } from './private-key.js';
|
|
9
8
|
import { X25519PublicKey } from './public-key.js';
|
|
10
9
|
let X25519Test = class X25519Test extends Suite {
|
|
11
|
-
async encryption() {
|
|
12
|
-
const bob = new X25519KeyPair();
|
|
13
|
-
const alice = new X25519KeyPair();
|
|
14
|
-
const value = Math.random().toString();
|
|
15
|
-
const encrypted = alice.encrypt(value, bob.publicKeyInstance);
|
|
16
|
-
expect(bob.decrypt(encrypted.toString('base64'), alice.publicKeyInstance)).toBe(value);
|
|
17
|
-
}
|
|
18
|
-
async duplicateEncryptionDifferences() {
|
|
19
|
-
const alice = new X25519KeyPair();
|
|
20
|
-
const bob = new X25519KeyPair();
|
|
21
|
-
const value = Math.random().toString();
|
|
22
|
-
const encryptedA = alice.publicKeyInstance.encrypt(value, bob.privateKeyInstance);
|
|
23
|
-
const encryptedB = alice.publicKeyInstance.encrypt(value, bob.privateKeyInstance);
|
|
24
|
-
expect(encryptedA).not.toMatchObject(encryptedB);
|
|
25
|
-
expect(alice.decrypt(encryptedA, bob.publicKeyInstance)).toBe(value);
|
|
26
|
-
expect(alice.decrypt(encryptedB, bob.publicKeyInstance)).toBe(value);
|
|
27
|
-
}
|
|
28
|
-
async encryptionFailsForAnotherRecipient() {
|
|
29
|
-
const bob = new X25519KeyPair();
|
|
30
|
-
const alice = new X25519KeyPair();
|
|
31
|
-
const anotherRecipient = new X25519KeyPair();
|
|
32
|
-
const value = Math.random().toString();
|
|
33
|
-
const encrypted = alice.encrypt(value, bob.publicKeyInstance);
|
|
34
|
-
anotherRecipient.decrypt(encrypted, alice.publicKeyInstance);
|
|
35
|
-
}
|
|
36
|
-
async encryptionBuffer() {
|
|
37
|
-
const bob = new X25519KeyPair();
|
|
38
|
-
const alice = new X25519KeyPair();
|
|
39
|
-
const value = Buffer.from(Math.random().toString(), 'utf8');
|
|
40
|
-
const encrypted = alice.encrypt(value, bob.publicKeyInstance);
|
|
41
|
-
expect(Buffer.from(bob.decrypt(encrypted, alice.publicKeyInstance))).toMatchObject(value);
|
|
42
|
-
}
|
|
43
|
-
async signature() {
|
|
44
|
-
const x25519 = new X25519KeyPair();
|
|
45
|
-
const value = Math.random().toString();
|
|
46
|
-
x25519.sign(value);
|
|
47
|
-
}
|
|
48
|
-
async verify() {
|
|
49
|
-
const x25519 = new X25519KeyPair();
|
|
50
|
-
const value = Math.random().toString();
|
|
51
|
-
x25519.verify(Buffer.from(value), value);
|
|
52
|
-
}
|
|
53
10
|
async keyPairFromPrivateKeyString() {
|
|
54
11
|
const x25519 = new X25519KeyPair();
|
|
55
12
|
const keyPairFromKey = new X25519KeyPair({ privateKey: x25519.privateKey });
|
|
@@ -83,6 +40,58 @@ let X25519Test = class X25519Test extends Suite {
|
|
|
83
40
|
const publicKey = X25519PublicKey.fromString(x25519.publicKey);
|
|
84
41
|
expect(publicKey.toString()).toBe(x25519.publicKey);
|
|
85
42
|
}
|
|
43
|
+
async deriveSharedSecret() {
|
|
44
|
+
const alice = new X25519KeyPair();
|
|
45
|
+
const bob = new X25519KeyPair();
|
|
46
|
+
const aliceSecret = alice.deriveSharedSecret(bob.publicKeyInstance);
|
|
47
|
+
const bobSecret = bob.deriveSharedSecret(alice.publicKeyInstance);
|
|
48
|
+
expect(aliceSecret).toMatchObject(bobSecret);
|
|
49
|
+
}
|
|
50
|
+
async deriveSharedSecretDifferentPairs() {
|
|
51
|
+
const alice = new X25519KeyPair();
|
|
52
|
+
const bob = new X25519KeyPair();
|
|
53
|
+
const anotherBob = new X25519KeyPair();
|
|
54
|
+
const bobSecret = alice.deriveSharedSecret(bob.publicKeyInstance);
|
|
55
|
+
const anotherBobSecret = alice.deriveSharedSecret(anotherBob.publicKeyInstance);
|
|
56
|
+
expect(bobSecret).not.toMatchObject(anotherBobSecret);
|
|
57
|
+
}
|
|
58
|
+
async deriveSharedSecretFromRestoredKeys() {
|
|
59
|
+
const alice = new X25519KeyPair();
|
|
60
|
+
const bob = new X25519KeyPair();
|
|
61
|
+
const restoredAlicePrivateKey = X25519PrivateKey.fromString(alice.privateKey);
|
|
62
|
+
const restoredBobPublicKey = X25519PublicKey.fromString(bob.publicKey);
|
|
63
|
+
const originalSecret = alice.deriveSharedSecret(bob.publicKeyInstance);
|
|
64
|
+
const restoredSecret = restoredAlicePrivateKey.deriveSharedSecret(restoredBobPublicKey);
|
|
65
|
+
expect(restoredSecret).toMatchObject(originalSecret);
|
|
66
|
+
}
|
|
67
|
+
async signAndVerify() {
|
|
68
|
+
const x25519 = new X25519KeyPair();
|
|
69
|
+
const value = Math.random().toString();
|
|
70
|
+
const signature = x25519.sign(value);
|
|
71
|
+
expect(x25519.verify(signature, value)).toBeTruthy();
|
|
72
|
+
expect(x25519.publicKeyInstance.verify(signature.toString('base64'), value)).toBeTruthy();
|
|
73
|
+
}
|
|
74
|
+
async signAndVerifyFromRestoredKeys() {
|
|
75
|
+
const x25519 = new X25519KeyPair();
|
|
76
|
+
const privateKey = X25519PrivateKey.fromString(x25519.privateKey);
|
|
77
|
+
const publicKey = X25519PublicKey.fromString(x25519.publicKey);
|
|
78
|
+
const value = Math.random().toString();
|
|
79
|
+
const signature = privateKey.sign(value);
|
|
80
|
+
expect(publicKey.verify(signature, value)).toBeTruthy();
|
|
81
|
+
}
|
|
82
|
+
async verifyFailsForAnotherMessage() {
|
|
83
|
+
const x25519 = new X25519KeyPair();
|
|
84
|
+
const value = Math.random().toString();
|
|
85
|
+
const signature = x25519.sign(value);
|
|
86
|
+
expect(x25519.verify(signature, `${value}-another`)).toBeFalsy();
|
|
87
|
+
}
|
|
88
|
+
async verifyFailsForAnotherPublicKey() {
|
|
89
|
+
const x25519 = new X25519KeyPair();
|
|
90
|
+
const anotherX25519 = new X25519KeyPair();
|
|
91
|
+
const value = Math.random().toString();
|
|
92
|
+
const signature = x25519.sign(value);
|
|
93
|
+
expect(anotherX25519.verify(signature, value)).toBeFalsy();
|
|
94
|
+
}
|
|
86
95
|
async publicKeyValidationValid() {
|
|
87
96
|
const x25519 = new X25519KeyPair();
|
|
88
97
|
X25519PublicKey.schema.parse(x25519.publicKey);
|
|
@@ -99,70 +108,73 @@ __decorate([
|
|
|
99
108
|
__metadata("design:type", Function),
|
|
100
109
|
__metadata("design:paramtypes", []),
|
|
101
110
|
__metadata("design:returntype", Promise)
|
|
102
|
-
], X25519Test.prototype, "
|
|
111
|
+
], X25519Test.prototype, "keyPairFromPrivateKeyString", null);
|
|
103
112
|
__decorate([
|
|
104
113
|
Test(),
|
|
105
114
|
__metadata("design:type", Function),
|
|
106
115
|
__metadata("design:paramtypes", []),
|
|
107
116
|
__metadata("design:returntype", Promise)
|
|
108
|
-
], X25519Test.prototype, "
|
|
117
|
+
], X25519Test.prototype, "seededWithNonScalarBytesLength", null);
|
|
109
118
|
__decorate([
|
|
110
119
|
Test(),
|
|
111
|
-
ExpectException(InvalidDecryptionKeyExpection),
|
|
112
120
|
__metadata("design:type", Function),
|
|
113
121
|
__metadata("design:paramtypes", []),
|
|
114
122
|
__metadata("design:returntype", Promise)
|
|
115
|
-
], X25519Test.prototype, "
|
|
123
|
+
], X25519Test.prototype, "seededWithScalarBytesLength", null);
|
|
116
124
|
__decorate([
|
|
117
125
|
Test(),
|
|
118
126
|
__metadata("design:type", Function),
|
|
119
127
|
__metadata("design:paramtypes", []),
|
|
120
128
|
__metadata("design:returntype", Promise)
|
|
121
|
-
], X25519Test.prototype, "
|
|
129
|
+
], X25519Test.prototype, "privateKeyFromString", null);
|
|
122
130
|
__decorate([
|
|
123
131
|
Test(),
|
|
124
|
-
ExpectException(NotImplementedException),
|
|
125
132
|
__metadata("design:type", Function),
|
|
126
133
|
__metadata("design:paramtypes", []),
|
|
127
134
|
__metadata("design:returntype", Promise)
|
|
128
|
-
], X25519Test.prototype, "
|
|
135
|
+
], X25519Test.prototype, "publicKeyFromString", null);
|
|
129
136
|
__decorate([
|
|
130
137
|
Test(),
|
|
131
|
-
ExpectException(NotImplementedException),
|
|
132
138
|
__metadata("design:type", Function),
|
|
133
139
|
__metadata("design:paramtypes", []),
|
|
134
140
|
__metadata("design:returntype", Promise)
|
|
135
|
-
], X25519Test.prototype, "
|
|
141
|
+
], X25519Test.prototype, "deriveSharedSecret", null);
|
|
136
142
|
__decorate([
|
|
137
143
|
Test(),
|
|
138
144
|
__metadata("design:type", Function),
|
|
139
145
|
__metadata("design:paramtypes", []),
|
|
140
146
|
__metadata("design:returntype", Promise)
|
|
141
|
-
], X25519Test.prototype, "
|
|
147
|
+
], X25519Test.prototype, "deriveSharedSecretDifferentPairs", null);
|
|
142
148
|
__decorate([
|
|
143
149
|
Test(),
|
|
144
150
|
__metadata("design:type", Function),
|
|
145
151
|
__metadata("design:paramtypes", []),
|
|
146
152
|
__metadata("design:returntype", Promise)
|
|
147
|
-
], X25519Test.prototype, "
|
|
153
|
+
], X25519Test.prototype, "deriveSharedSecretFromRestoredKeys", null);
|
|
148
154
|
__decorate([
|
|
149
155
|
Test(),
|
|
150
156
|
__metadata("design:type", Function),
|
|
151
157
|
__metadata("design:paramtypes", []),
|
|
152
158
|
__metadata("design:returntype", Promise)
|
|
153
|
-
], X25519Test.prototype, "
|
|
159
|
+
], X25519Test.prototype, "signAndVerify", null);
|
|
154
160
|
__decorate([
|
|
155
161
|
Test(),
|
|
156
162
|
__metadata("design:type", Function),
|
|
157
163
|
__metadata("design:paramtypes", []),
|
|
158
164
|
__metadata("design:returntype", Promise)
|
|
159
|
-
], X25519Test.prototype, "
|
|
165
|
+
], X25519Test.prototype, "signAndVerifyFromRestoredKeys", null);
|
|
160
166
|
__decorate([
|
|
161
167
|
Test(),
|
|
162
168
|
__metadata("design:type", Function),
|
|
163
169
|
__metadata("design:paramtypes", []),
|
|
164
170
|
__metadata("design:returntype", Promise)
|
|
165
|
-
], X25519Test.prototype, "
|
|
171
|
+
], X25519Test.prototype, "verifyFailsForAnotherMessage", null);
|
|
172
|
+
__decorate([
|
|
173
|
+
Test(),
|
|
174
|
+
__metadata("design:type", Function),
|
|
175
|
+
__metadata("design:paramtypes", []),
|
|
176
|
+
__metadata("design:returntype", Promise)
|
|
177
|
+
], X25519Test.prototype, "verifyFailsForAnotherPublicKey", null);
|
|
166
178
|
__decorate([
|
|
167
179
|
Test(),
|
|
168
180
|
__metadata("design:type", Function),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"x25519.test.js","sourceRoot":"","sources":["../../src/X25519/x25519.test.ts"],"names":[],"mappings":";AAAA,OAAO,
|
|
1
|
+
{"version":3,"file":"x25519.test.js","sourceRoot":"","sources":["../../src/X25519/x25519.test.ts"],"names":[],"mappings":";AAAA,OAAO,MAAM,MAAM,eAAe,CAAC;AACnC,OAAO,EACN,QAAQ,EACR,MAAM,EACN,eAAe,EACf,KAAK,EACL,IAAI,GACJ,MAAM,cAAc,CAAC;AACtB,OAAO,EAAE,CAAC,EAAE,MAAM,mBAAmB,CAAC;AACtC,OAAO,MAAM,MAAM,oBAAoB,CAAC;AAExC,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAC9C,OAAO,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AACpD,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAG3C,IAAM,UAAU,GAAhB,MAAM,UAAW,SAAQ,KAAK;IAEvB,AAAN,KAAK,CAAC,2BAA2B;QACvC,MAAM,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;QAEnC,MAAM,cAAc,GAAG,IAAI,aAAa,CAAC,EAAE,UAAU,EAAE,MAAM,CAAC,UAAU,EAAE,CAAC,CAAC;QAE5E,MAAM,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;QAC1D,MAAM,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACzD,CAAC;IAGY,AAAN,KAAK,CAAC,8BAA8B;QAC1C,MAAM,IAAI,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC;QACtC,MAAM,OAAO,GAAG,IAAI,aAAa,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;QAC5C,MAAM,OAAO,GAAG,IAAI,aAAa,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;QAE5C,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,6BAA6B,CAAC,CAAC,UAAU,EAAE,CAAC;QAC/F,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QACpD,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IACnD,CAAC;IAGY,AAAN,KAAK,CAAC,2BAA2B;QACvC,MAAM,IAAI,GAAG,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,6BAA6B,CAAC,CAAC;QAC9D,MAAM,OAAO,GAAG,IAAI,aAAa,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;QAC5C,MAAM,OAAO,GAAG,IAAI,aAAa,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;QAE5C,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,6BAA6B,CAAC,CAAC;QACpF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC;QAC9E,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QACpD,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IACnD,CAAC;IAGY,AAAN,KAAK,CAAC,oBAAoB;QAChC,MAAM,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;QACnC,MAAM,UAAU,GAAG,gBAAgB,CAAC,UAAU,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;QAElE,MAAM,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;IACvD,CAAC;IAGY,AAAN,KAAK,CAAC,mBAAmB;QAC/B,MAAM,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;QACnC,MAAM,SAAS,GAAG,eAAe,CAAC,UAAU,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAE/D,MAAM,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACrD,CAAC;IAGY,AAAN,KAAK,CAAC,kBAAkB;QAC9B,MAAM,KAAK,GAAG,IAAI,aAAa,EAAE,CAAC;QAClC,MAAM,GAAG,GAAG,IAAI,aAAa,EAAE,CAAC;QAEhC,MAAM,WAAW,GAAG,KAAK,CAAC,kBAAkB,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;QACpE,MAAM,SAAS,GAAG,GAAG,CAAC,kBAAkB,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC;QAElE,MAAM,CAAC,WAAW,CAAC,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC;IAC9C,CAAC;IAGY,AAAN,KAAK,CAAC,gCAAgC;QAC5C,MAAM,KAAK,GAAG,IAAI,aAAa,EAAE,CAAC;QAClC,MAAM,GAAG,GAAG,IAAI,aAAa,EAAE,CAAC;QAChC,MAAM,UAAU,GAAG,IAAI,aAAa,EAAE,CAAC;QAEvC,MAAM,SAAS,GAAG,KAAK,CAAC,kBAAkB,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;QAClE,MAAM,gBAAgB,GAAG,KAAK,CAAC,kBAAkB,CAAC,UAAU,CAAC,iBAAiB,CAAC,CAAC;QAEhF,MAAM,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,aAAa,CAAC,gBAAgB,CAAC,CAAC;IACvD,CAAC;IAGY,AAAN,KAAK,CAAC,kCAAkC;QAC9C,MAAM,KAAK,GAAG,IAAI,aAAa,EAAE,CAAC;QAClC,MAAM,GAAG,GAAG,IAAI,aAAa,EAAE,CAAC;QAChC,MAAM,uBAAuB,GAAG,gBAAgB,CAAC,UAAU,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QAC9E,MAAM,oBAAoB,GAAG,eAAe,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAEvE,MAAM,cAAc,GAAG,KAAK,CAAC,kBAAkB,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;QACvE,MAAM,cAAc,GAAG,uBAAuB,CAAC,kBAAkB,CAAC,oBAAoB,CAAC,CAAC;QAExF,MAAM,CAAC,cAAc,CAAC,CAAC,aAAa,CAAC,cAAc,CAAC,CAAC;IACtD,CAAC;IAGY,AAAN,KAAK,CAAC,aAAa;QACzB,MAAM,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;QACnC,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC;QAEvC,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAErC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC;QACrD,MAAM,CAAC,MAAM,CAAC,iBAAiB,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC;IAC3F,CAAC;IAGY,AAAN,KAAK,CAAC,6BAA6B;QACzC,MAAM,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;QACnC,MAAM,UAAU,GAAG,gBAAgB,CAAC,UAAU,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;QAClE,MAAM,SAAS,GAAG,eAAe,CAAC,UAAU,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAC/D,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC;QAEvC,MAAM,SAAS,GAAG,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAEzC,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC;IACzD,CAAC;IAGY,AAAN,KAAK,CAAC,4BAA4B;QACxC,MAAM,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;QACnC,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC;QAEvC,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAErC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,GAAG,KAAK,UAAU,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC;IAClE,CAAC;IAGY,AAAN,KAAK,CAAC,8BAA8B;QAC1C,MAAM,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;QACnC,MAAM,aAAa,GAAG,IAAI,aAAa,EAAE,CAAC;QAC1C,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC;QAEvC,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAErC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC;IAC5D,CAAC;IAGY,AAAN,KAAK,CAAC,wBAAwB;QACpC,MAAM,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;QAEnC,eAAe,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAChD,CAAC;IAIY,AAAN,KAAK,CAAC,wBAAwB;QACpC,eAAe,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACpC,CAAC;IAEe,KAAK,CAAC,KAAK;QAC1B,MAAM,MAAM,CAAC,KAAK,CAAC;IACpB,CAAC;CACD,CAAA;AAhJa;IADZ,IAAI,EAAE;;;;6DAQN;AAGY;IADZ,IAAI,EAAE;;;;gEASN;AAGY;IADZ,IAAI,EAAE;;;;6DAUN;AAGY;IADZ,IAAI,EAAE;;;;sDAMN;AAGY;IADZ,IAAI,EAAE;;;;qDAMN;AAGY;IADZ,IAAI,EAAE;;;;oDASN;AAGY;IADZ,IAAI,EAAE;;;;kEAUN;AAGY;IADZ,IAAI,EAAE;;;;oEAWN;AAGY;IADZ,IAAI,EAAE;;;;+CASN;AAGY;IADZ,IAAI,EAAE;;;;+DAUN;AAGY;IADZ,IAAI,EAAE;;;;8DAQN;AAGY;IADZ,IAAI,EAAE;;;;gEASN;AAGY;IADZ,IAAI,EAAE;;;;0DAKN;AAIY;IAFZ,IAAI,EAAE;IACN,eAAe,CAAC,CAAC,CAAC,QAAQ,CAAC;;;;0DAG3B;AA7IW,UAAU;IADtB,QAAQ,EAAE;GACE,UAAU,CAkJtB"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/aead/index.ts"],"names":[],"mappings":"AAAA,cAAc,yBAAyB,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/aead/index.ts"],"names":[],"mappings":"AAAA,cAAc,yBAAyB,CAAC"}
|