@kya-os/mcp-i 0.1.0-alpha.1.0 → 0.1.0-alpha.2.0

package/README.md

@@ -1,72 +1,153 @@
 # @kya-os/mcp-i
 
-Ultra-light MCP Identity auto-registration - Get agent identity with just 2 lines of code!
+Ultra-light MCP Identity auto-registration with cryptographic challenge-response authentication.
 
-## 🚀 Installation
+Enable any MCP server to get a verifiable identity with just 2 lines of code!
+
+## Features
+
+- 🚀 **2-line integration** - Zero configuration required
+- 🔐 **Ed25519 cryptographic signing** - Secure challenge-response authentication
+- 🌐 **Auto-registration** - Automatic DID creation via knowthat.ai
+- 🔏 **MCP-I Handshake support** - Full challenge-response protocol implementation
+- 🛡️ **Replay protection** - Nonce tracking and timestamp validation
+- 📦 **Ultra-lightweight** - Minimal dependencies
+- ⚡ **Level 2 MCP-I conformance** - Production-ready security
+
+## Installation
 
 ```bash
 npm install @kya-os/mcp-i
 ```
 
-## 💡 Usage
+## Quick Start
 
 ```typescript
 import { MCPIdentity } from "@kya-os/mcp-i";
 
-// That's it! Your MCP server now has identity
+// That's it! Your MCP server now has a verifiable identity
 const identity = await MCPIdentity.init();
+```
+
+## Challenge-Response Authentication
+
+The package now includes full MCP-I Handshake support with cryptographic challenge-response:
+
+```typescript
+// Respond to authentication challenges
+const challenge = {
+  nonce: "a1b2c3d4e5f6...",
+  timestamp: Date.now(),
+  verifier_did: "did:web:verifier.example.com"
+};
+
+const response = await identity.respondToChallenge(challenge);
+// Returns signed response with agent's DID and signature
+```
+
+## Core Features
+
+### Auto-Registration
+
+On first run, the SDK automatically:
+1. Registers your agent with knowthat.ai
+2. Generates cryptographic keys (Ed25519)
+3. Saves identity for future use
+4. Returns a DID like `did:web:knowthat.ai:agents:your-agent-name`
+
+### Cryptographic Signing
+
+All signatures use Ed25519 for security:
+
+```typescript
+// Sign any message
+const signature = await identity.sign("Hello, World!");
 
-console.log("My DID:", identity.did);
-// Output: did:web:knowthat.ai:agents:your-server-name
+// Verify signatures
+const isValid = await identity.verify(message, signature, publicKey);
 ```
 
-## 🎯 What It Does
+### MCP Response Signing
+
+Automatically sign MCP responses with identity metadata:
+
+```typescript
+const response = {
+  content: [{ type: 'text', text: 'Task completed!' }]
+};
+
+const signedResponse = await identity.signResponse(response);
+// Includes _mcp_identity with DID, signature, and timestamp
+```
 
-1. **First Run**: Automatically registers your MCP server with knowthat.ai
-2. **Gets DID**: Receives a decentralized identifier for your agent
-3. **Saves Identity**: Stores credentials in `.env.local` and `.mcp-identity.json`
-4. **Future Runs**: Loads existing identity (no re-registration)
+### Capability Advertisement
 
-## ✨ Features
+Advertise your MCP-I capabilities:
 
-- **Zero Configuration**: Works out of the box
-- **Ultra-Light**: Only depends on `axios`
-- **No Other Dependencies**: Completely standalone package
-- **Persistent Identity**: Same DID across restarts
-- **Verification Badges**: Get verified status in MCP directories
+```typescript
+const capabilities = identity.getCapabilities();
+// {
+//   version: '1.0',
+//   did: 'did:web:knowthat.ai:agents:...',
+//   conformanceLevel: 2,
+//   handshakeSupported: true,
+//   handshakeEndpoint: '/_mcp-i/handshake'
+// }
+```
 
-## 🔧 Options
+## Advanced Options
 
 ```typescript
 const identity = await MCPIdentity.init({
-  name: "My Awesome MCP Server", // Optional: Server name
-  description: "Does amazing things", // Optional: Description
-  repository: "https://github.com/...", // Optional: GitHub URL
-  apiEndpoint: "https://knowthat.ai", // Optional: Custom endpoint
+  // Custom agent metadata
+  name: 'My Amazing Agent',
+  description: 'Does amazing things',
+  repository: 'https://github.com/user/agent',
+  
+  // Security options
+  timestampTolerance: 30000,     // 30 seconds (default: 60)
+  enableNonceTracking: true,     // Prevent replay attacks (default: true)
+  
+  // Storage options
+  persistencePath: './config/identity.json'
 });
 ```
 
-## 📁 Identity Storage
+## Security Features
 
-The package stores identity in multiple locations (checked in order):
+- **Ed25519 signatures** - Cryptographically secure signing
+- **Replay protection** - Tracks used nonces to prevent replay attacks
+- **Timestamp validation** - Rejects expired challenges
+- **Constant-time comparison** - Prevents timing attacks
+- **Secure key storage** - Private keys never exposed in logs
 
-1. **Environment Variables**
+## Identity Persistence
 
-   - `AGENT_DID`
-   - `AGENT_PUBLIC_KEY`
-   - `AGENT_PRIVATE_KEY`
+Identity is saved in multiple locations for maximum compatibility:
 
-2. **Local Files**
-   - `.env.local` (auto-generated)
-   - `.mcp-identity.json` (auto-generated)
+### Files Created:
+1. **`.env`** - Standard environment file for Node.js
+2. **`.env.local`** - For framework compatibility (Next.js, Vite, etc.)
+3. **`.mcp-identity.json`** - JSON format for programmatic access
 
-## 🔐 Security
+### Loading Priority:
+1. Environment variables (if already loaded)
+2. `.mcp-identity.json` file (most reliable)
 
-- Private keys are stored locally only
-- Never share your `.env.local` or `.mcp-identity.json` files
-- Add them to `.gitignore`
+### Environment Loading:
+- **Plain Node.js**: Add `require('dotenv').config()` to load `.env`
+- **Next.js/Vite**: Automatically loads `.env.local`
+- **MCP Servers**: Typically need to configure environment loading
 
-## 🤝 Integration with MCP Servers
+### Security Note:
+Add these to your `.gitignore`:
+```
+.env
+.env.local
+.mcp-identity.json
+```
+
+## Example: Full MCP Server
 
 ```typescript
 import { Server } from "@modelcontextprotocol/sdk/server/index.js";
@@ -74,48 +155,63 @@ import { MCPIdentity } from "@kya-os/mcp-i";
 
 // Initialize identity
 const identity = await MCPIdentity.init({
-  name: "Calendar Booker",
+  name: "Calendar Assistant",
+  description: "Helps manage your calendar"
 });
 
-// Pass to your MCP server
+// Create MCP server with identity
 const server = new Server({
-  name: "calendar-booker",
-  version: "1.0.0",
-  identity, // Your server now has verifiable identity!
+  name: "calendar-assistant",
+  version: "1.0.0"
 });
-```
 
-## 📊 What Happens After Registration
+// Handle authentication challenges automatically
+server.on("mcp-i:challenge", async (challenge) => {
+  return await identity.respondToChallenge(challenge);
+});
 
-1. **Profile Created**: `https://knowthat.ai/agents/your-server-slug`
-2. **Verification Badge**: Shows "Auto-Registered" status
-3. **DID Resolution**: Your DID becomes resolvable immediately
-4. **Trust Building**: Usage builds reputation over time
+// All responses are automatically signed
+server.setRequestHandler('tools/call', async (request) => {
+  const result = { success: true };
+  return await identity.signResponse(result);
+});
+```
 
-## 🚨 Troubleshooting
+## Conformance Levels
 
-### Rate Limiting
+This package implements **MCP-I Level 2** conformance:
+- ✅ Cryptographic identity (Ed25519)
+- ✅ Challenge-response authentication
+- ✅ Replay protection
+- ✅ Signed responses
+- ✅ Timestamp validation
 
-If you see "Rate limit exceeded", wait a few minutes and try again. The API allows 10 registrations per hour per IP.
+## API Reference
 
-### No Identity Found
+### `MCPIdentity.init(options?)`
+Initialize or load MCP identity. Auto-registers if needed.
 
-Make sure you have write permissions in your project directory for saving the identity files.
+### `identity.respondToChallenge(challenge)`
+Respond to an MCP-I authentication challenge.
 
-### Network Issues
+### `identity.sign(message)`
+Sign a message with Ed25519.
 
-The package needs to reach `https://knowthat.ai` for auto-registration. Check your network connection and proxy settings.
+### `identity.verify(message, signature, publicKey?)`
+Verify an Ed25519 signature.
 
-## 📄 License
+### `identity.signResponse(response)`
+Sign an MCP response with identity metadata.
 
-MIT
+### `identity.getCapabilities()`
+Get MCP-I capability advertisement.
 
-## 🔗 Links
+### `MCPIdentity.generateNonce()`
+Generate a cryptographically secure nonce.
 
-- [KYA-OS Documentation](https://modelcontextprotocol-identity.com)
-- [MCP-I Specification](https://modelcontextprotocol-identity.com)
-- [Report Issues](https://github.com/orgs/know-that-ai)
+### `identity.destroy()`
+Clean up resources (stops nonce cleanup timer).
 
----
+## License
 
-Made with ❤️ by the MCP-I team
+MIT

package/dist/__tests__/challenge-response.test.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Tests for challenge-response authentication
+ */
+export {};
+//# sourceMappingURL=challenge-response.test.d.ts.map

package/dist/__tests__/challenge-response.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"challenge-response.test.d.ts","sourceRoot":"","sources":["../../src/__tests__/challenge-response.test.ts"],"names":[],"mappings":"AAAA;;GAEG"}

package/dist/__tests__/challenge-response.test.js

@@ -0,0 +1,217 @@
+"use strict";
+/**
+ * Tests for challenge-response authentication
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+const vitest_1 = require("vitest");
+const index_1 = require("../index");
+const crypto = __importStar(require("../crypto"));
+// Mock axios for auto-registration
+vitest_1.vi.mock('axios');
+// Mock fs for identity persistence
+vitest_1.vi.mock('fs', () => ({
+    existsSync: vitest_1.vi.fn(() => false),
+    readFileSync: vitest_1.vi.fn(),
+    writeFileSync: vitest_1.vi.fn()
+}));
+(0, vitest_1.describe)('MCPIdentity Challenge-Response', () => {
+    let identity;
+    let keyPair;
+    (0, vitest_1.beforeEach)(async () => {
+        // Mock environment to have pre-existing identity
+        keyPair = await crypto.generateKeyPair();
+        process.env.AGENT_DID = 'did:web:knowthat.ai:agents:test-agent';
+        process.env.AGENT_PUBLIC_KEY = keyPair.publicKey;
+        process.env.AGENT_PRIVATE_KEY = keyPair.privateKey;
+        process.env.AGENT_ID = 'agent-123';
+        process.env.AGENT_SLUG = 'test-agent';
+        identity = await index_1.MCPIdentity.init();
+    });
+    (0, vitest_1.afterEach)(() => {
+        // Clean up environment
+        delete process.env.AGENT_DID;
+        delete process.env.AGENT_PUBLIC_KEY;
+        delete process.env.AGENT_PRIVATE_KEY;
+        delete process.env.AGENT_ID;
+        delete process.env.AGENT_SLUG;
+    });
+    (0, vitest_1.describe)('respondToChallenge', () => {
+        (0, vitest_1.it)('should successfully respond to a valid challenge', async () => {
+            const challenge = {
+                nonce: crypto.generateNonce(),
+                timestamp: Date.now(),
+                verifier_did: 'did:web:example.com:verifier',
+                scope: ['read', 'write']
+            };
+            const response = await identity.respondToChallenge(challenge);
+            (0, vitest_1.expect)(response).toMatchObject({
+                did: 'did:web:knowthat.ai:agents:test-agent',
+                nonce: challenge.nonce,
+                publicKey: keyPair.publicKey
+            });
+            (0, vitest_1.expect)(response.signature).toBeDefined();
+            (0, vitest_1.expect)(response.timestamp).toBeGreaterThanOrEqual(challenge.timestamp);
+            // Verify the signature
+            const messageComponents = [
+                challenge.nonce,
+                challenge.timestamp.toString(),
+                response.did,
+                challenge.verifier_did || '',
+                (challenge.scope || []).join(',')
+            ];
+            const message = messageComponents.join(':');
+            const isValid = await identity.verify(message, response.signature);
+            (0, vitest_1.expect)(isValid).toBe(true);
+        });
+        (0, vitest_1.it)('should reject expired challenges', async () => {
+            const challenge = {
+                nonce: crypto.generateNonce(),
+                timestamp: Date.now() - 120000, // 2 minutes ago
+            };
+            await (0, vitest_1.expect)(identity.respondToChallenge(challenge))
+                .rejects.toThrow('Challenge expired');
+        });
+        (0, vitest_1.it)('should reject challenges with future timestamps', async () => {
+            const challenge = {
+                nonce: crypto.generateNonce(),
+                timestamp: Date.now() + 60000, // 1 minute in future
+            };
+            await (0, vitest_1.expect)(identity.respondToChallenge(challenge))
+                .rejects.toThrow('Challenge timestamp is in the future');
+        });
+        (0, vitest_1.it)('should reject reused nonces when tracking is enabled', async () => {
+            const challenge = {
+                nonce: crypto.generateNonce(),
+                timestamp: Date.now(),
+            };
+            // First use should succeed
+            await identity.respondToChallenge(challenge);
+            // Second use should fail
+            await (0, vitest_1.expect)(identity.respondToChallenge(challenge))
+                .rejects.toThrow('Nonce already used');
+        });
+        (0, vitest_1.it)('should handle challenges without optional fields', async () => {
+            const challenge = {
+                nonce: crypto.generateNonce(),
+                timestamp: Date.now(),
+            };
+            const response = await identity.respondToChallenge(challenge);
+            (0, vitest_1.expect)(response).toMatchObject({
+                did: 'did:web:knowthat.ai:agents:test-agent',
+                nonce: challenge.nonce,
+            });
+            // Verify signature with empty optional fields
+            const messageComponents = [
+                challenge.nonce,
+                challenge.timestamp.toString(),
+                response.did,
+                '', // No verifier_did
+                '' // No scope
+            ];
+            const message = messageComponents.join(':');
+            const isValid = await identity.verify(message, response.signature);
+            (0, vitest_1.expect)(isValid).toBe(true);
+        });
+    });
+    (0, vitest_1.describe)('timestamp tolerance', () => {
+        (0, vitest_1.it)('should accept challenges within tolerance window', async () => {
+            // Create identity with 5 second tolerance
+            const strictIdentity = await index_1.MCPIdentity.init({
+                timestampTolerance: 5000
+            });
+            const challenge = {
+                nonce: crypto.generateNonce(),
+                timestamp: Date.now() - 4000, // 4 seconds ago
+            };
+            // Should succeed
+            const response = await strictIdentity.respondToChallenge(challenge);
+            (0, vitest_1.expect)(response).toBeDefined();
+        });
+        (0, vitest_1.it)('should reject challenges outside tolerance window', async () => {
+            // Create identity with 5 second tolerance
+            const strictIdentity = await index_1.MCPIdentity.init({
+                timestampTolerance: 5000
+            });
+            const challenge = {
+                nonce: crypto.generateNonce(),
+                timestamp: Date.now() - 6000, // 6 seconds ago
+            };
+            // Should fail
+            await (0, vitest_1.expect)(strictIdentity.respondToChallenge(challenge))
+                .rejects.toThrow('Challenge expired');
+        });
+    });
+    (0, vitest_1.describe)('nonce tracking', () => {
+        (0, vitest_1.it)('should allow disabling nonce tracking', async () => {
+            const identityNoTracking = await index_1.MCPIdentity.init({
+                enableNonceTracking: false
+            });
+            const challenge = {
+                nonce: crypto.generateNonce(),
+                timestamp: Date.now(),
+            };
+            // Should succeed multiple times
+            await identityNoTracking.respondToChallenge(challenge);
+            await identityNoTracking.respondToChallenge(challenge);
+            // No error thrown
+            (0, vitest_1.expect)(true).toBe(true);
+        });
+    });
+    (0, vitest_1.describe)('getCapabilities', () => {
+        (0, vitest_1.it)('should advertise MCP-I capabilities', () => {
+            const capabilities = identity.getCapabilities();
+            (0, vitest_1.expect)(capabilities).toEqual({
+                version: '1.0',
+                did: 'did:web:knowthat.ai:agents:test-agent',
+                publicKey: keyPair.publicKey,
+                conformanceLevel: 2,
+                handshakeSupported: true,
+                handshakeEndpoint: '/_mcp-i/handshake',
+                verificationEndpoint: 'https://knowthat.ai/api/agents/did:web:knowthat.ai:agents:test-agent/verify'
+            });
+        });
+    });
+    (0, vitest_1.describe)('static methods', () => {
+        (0, vitest_1.it)('should generate nonces', () => {
+            const nonce1 = index_1.MCPIdentity.generateNonce();
+            const nonce2 = index_1.MCPIdentity.generateNonce();
+            (0, vitest_1.expect)(nonce1).toHaveLength(64);
+            (0, vitest_1.expect)(nonce2).toHaveLength(64);
+            (0, vitest_1.expect)(nonce1).not.toEqual(nonce2);
+        });
+    });
+});
+//# sourceMappingURL=challenge-response.test.js.map

package/dist/__tests__/challenge-response.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"challenge-response.test.js","sourceRoot":"","sources":["../../src/__tests__/challenge-response.test.ts"],"names":[],"mappings":";AAAA;;GAEG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,mCAAwE;AACxE,oCAAsC;AACtC,kDAAmC;AAEnC,mCAAmC;AACnC,WAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;AAEhB,mCAAmC;AACnC,WAAE,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC;IACnB,UAAU,EAAE,WAAE,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC;IAC9B,YAAY,EAAE,WAAE,CAAC,EAAE,EAAE;IACrB,aAAa,EAAE,WAAE,CAAC,EAAE,EAAE;CACvB,CAAC,CAAC,CAAA;AAEH,IAAA,iBAAQ,EAAC,gCAAgC,EAAE,GAAG,EAAE;IAC9C,IAAI,QAAqB,CAAC;IAC1B,IAAI,OAAkD,CAAC;IAEvD,IAAA,mBAAU,EAAC,KAAK,IAAI,EAAE;QACpB,iDAAiD;QACjD,OAAO,GAAG,MAAM,MAAM,CAAC,eAAe,EAAE,CAAC;QACzC,OAAO,CAAC,GAAG,CAAC,SAAS,GAAG,uCAAuC,CAAC;QAChE,OAAO,CAAC,GAAG,CAAC,gBAAgB,GAAG,OAAO,CAAC,SAAS,CAAC;QACjD,OAAO,CAAC,GAAG,CAAC,iBAAiB,GAAG,OAAO,CAAC,UAAU,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC,QAAQ,GAAG,WAAW,CAAC;QACnC,OAAO,CAAC,GAAG,CAAC,UAAU,GAAG,YAAY,CAAC;QAEtC,QAAQ,GAAG,MAAM,mBAAW,CAAC,IAAI,EAAE,CAAC;IACtC,CAAC,CAAC,CAAC;IAEH,IAAA,kBAAS,EAAC,GAAG,EAAE;QACb,uBAAuB;QACvB,OAAO,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC;QAC7B,OAAO,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC;QACpC,OAAO,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC;QACrC,OAAO,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC;QAC5B,OAAO,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC;IAChC,CAAC,CAAC,CAAC;IAEH,IAAA,iBAAQ,EAAC,oBAAoB,EAAE,GAAG,EAAE;QAClC,IAAA,WAAE,EAAC,kDAAkD,EAAE,KAAK,IAAI,EAAE;YAChE,MAAM,SAAS,GAAG;gBAChB,KAAK,EAAE,MAAM,CAAC,aAAa,EAAE;gBAC7B,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;gBACrB,YAAY,EAAE,8BAA8B;gBAC5C,KAAK,EAAE,CAAC,MAAM,EAAE,OAAO,CAAC;aACzB,CAAC;YAEF,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC;YAE9D,IAAA,eAAM,EAAC,QAAQ,CAAC,CAAC,aAAa,CAAC;gBAC7B,GAAG,EAAE,uCAAuC;gBAC5C,KAAK,EAAE,SAAS,CAAC,KAAK;gBACtB,SAAS,EAAE,OAAO,CAAC,SAAS;aAC7B,CAAC,CAAC;YACH,IAAA,eAAM,EAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE,CAAC;YACzC,IAAA,eAAM,EAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,sBAAsB,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;YAEvE,uBAAuB;YACvB,MAAM,iBAAiB,GAAG;gBACxB,SAAS,CAAC,KAAK;gBACf,SAAS,CAAC,SAAS,CAAC,QAAQ,EAAE;gBAC9B,QAAQ,CAAC,GAAG;gBACZ,SAAS,CAAC,YAAY,IAAI,EAAE;gBAC5B,CAAC,SAAS,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC;aAClC,CAAC;YACF,MAAM,OAAO,GAAG,iBAAiB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YAE5C,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,OAAO,EAAE,QAAQ,CAAC,SAAS,CAAC,CAAC;YACnE,IAAA,eAAM,EAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC7B,CAAC,CAAC,CAAC;QAEH,IAAA,WAAE,EAAC,kCAAkC,EAAE,KAAK,IAAI,EAAE;YAChD,MAAM,SAAS,GAAG;gBAChB,KAAK,EAAE,MAAM,CAAC,aAAa,EAAE;gBAC7B,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,EAAE,gBAAgB;aACjD,CAAC;YAEF,MAAM,IAAA,eAAM,EAAC,QAAQ,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC;iBACjD,OAAO,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC;QAC1C,CAAC,CAAC,CAAC;QAEH,IAAA,WAAE,EAAC,iDAAiD,EAAE,KAAK,IAAI,EAAE;YAC/D,MAAM,SAAS,GAAG;gBAChB,KAAK,EAAE,MAAM,CAAC,aAAa,EAAE;gBAC7B,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,EAAE,qBAAqB;aACrD,CAAC;YAEF,MAAM,IAAA,eAAM,EAAC,QAAQ,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC;iBACjD,OAAO,CAAC,OAAO,CAAC,sCAAsC,CAAC,CAAC;QAC7D,CAAC,CAAC,CAAC;QAEH,IAAA,WAAE,EAAC,sDAAsD,EAAE,KAAK,IAAI,EAAE;YACpE,MAAM,SAAS,GAAG;gBAChB,KAAK,EAAE,MAAM,CAAC,aAAa,EAAE;gBAC7B,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;aACtB,CAAC;YAEF,2BAA2B;YAC3B,MAAM,QAAQ,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC;YAE7C,yBAAyB;YACzB,MAAM,IAAA,eAAM,EAAC,QAAQ,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC;iBACjD,OAAO,CAAC,OAAO,CAAC,oBAAoB,CAAC,CAAC;QAC3C,CAAC,CAAC,CAAC;QAEH,IAAA,WAAE,EAAC,kDAAkD,EAAE,KAAK,IAAI,EAAE;YAChE,MAAM,SAAS,GAAG;gBAChB,KAAK,EAAE,MAAM,CAAC,aAAa,EAAE;gBAC7B,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;aACtB,CAAC;YAEF,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC;YAE9D,IAAA,eAAM,EAAC,QAAQ,CAAC,CAAC,aAAa,CAAC;gBAC7B,GAAG,EAAE,uCAAuC;gBAC5C,KAAK,EAAE,SAAS,CAAC,KAAK;aACvB,CAAC,CAAC;YAEH,8CAA8C;YAC9C,MAAM,iBAAiB,GAAG;gBACxB,SAAS,CAAC,KAAK;gBACf,SAAS,CAAC,SAAS,CAAC,QAAQ,EAAE;gBAC9B,QAAQ,CAAC,GAAG;gBACZ,EAAE,EAAG,kBAAkB;gBACvB,EAAE,CAAG,WAAW;aACjB,CAAC;YACF,MAAM,OAAO,GAAG,iBAAiB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YAE5C,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,OAAO,EAAE,QAAQ,CAAC,SAAS,CAAC,CAAC;YACnE,IAAA,eAAM,EAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC7B,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,IAAA,iBAAQ,EAAC,qBAAqB,EAAE,GAAG,EAAE;QACnC,IAAA,WAAE,EAAC,kDAAkD,EAAE,KAAK,IAAI,EAAE;YAChE,0CAA0C;YAC1C,MAAM,cAAc,GAAG,MAAM,mBAAW,CAAC,IAAI,CAAC;gBAC5C,kBAAkB,EAAE,IAAI;aACzB,CAAC,CAAC;YAEH,MAAM,SAAS,GAAG;gBAChB,KAAK,EAAE,MAAM,CAAC,aAAa,EAAE;gBAC7B,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,EAAE,gBAAgB;aAC/C,CAAC;YAEF,iBAAiB;YACjB,MAAM,QAAQ,GAAG,MAAM,cAAc,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC;YACpE,IAAA,eAAM,EAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAC;QACjC,CAAC,CAAC,CAAC;QAEH,IAAA,WAAE,EAAC,mDAAmD,EAAE,KAAK,IAAI,EAAE;YACjE,0CAA0C;YAC1C,MAAM,cAAc,GAAG,MAAM,mBAAW,CAAC,IAAI,CAAC;gBAC5C,kBAAkB,EAAE,IAAI;aACzB,CAAC,CAAC;YAEH,MAAM,SAAS,GAAG;gBAChB,KAAK,EAAE,MAAM,CAAC,aAAa,EAAE;gBAC7B,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,EAAE,gBAAgB;aAC/C,CAAC;YAEF,cAAc;YACd,MAAM,IAAA,eAAM,EAAC,cAAc,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC;iBACvD,OAAO,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC;QAC1C,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,IAAA,iBAAQ,EAAC,gBAAgB,EAAE,GAAG,EAAE;QAC9B,IAAA,WAAE,EAAC,uCAAuC,EAAE,KAAK,IAAI,EAAE;YACrD,MAAM,kBAAkB,GAAG,MAAM,mBAAW,CAAC,IAAI,CAAC;gBAChD,mBAAmB,EAAE,KAAK;aAC3B,CAAC,CAAC;YAEH,MAAM,SAAS,GAAG;gBAChB,KAAK,EAAE,MAAM,CAAC,aAAa,EAAE;gBAC7B,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;aACtB,CAAC;YAEF,gCAAgC;YAChC,MAAM,kBAAkB,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC;YACvD,MAAM,kBAAkB,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC;YAEvD,kBAAkB;YAClB,IAAA,eAAM,EAAC,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC1B,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,IAAA,iBAAQ,EAAC,iBAAiB,EAAE,GAAG,EAAE;QAC/B,IAAA,WAAE,EAAC,qCAAqC,EAAE,GAAG,EAAE;YAC7C,MAAM,YAAY,GAAG,QAAQ,CAAC,eAAe,EAAE,CAAC;YAEhD,IAAA,eAAM,EAAC,YAAY,CAAC,CAAC,OAAO,CAAC;gBAC3B,OAAO,EAAE,KAAK;gBACd,GAAG,EAAE,uCAAuC;gBAC5C,SAAS,EAAE,OAAO,CAAC,SAAS;gBAC5B,gBAAgB,EAAE,CAAC;gBACnB,kBAAkB,EAAE,IAAI;gBACxB,iBAAiB,EAAE,mBAAmB;gBACtC,oBAAoB,EAAE,6EAA6E;aACpG,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,IAAA,iBAAQ,EAAC,gBAAgB,EAAE,GAAG,EAAE;QAC9B,IAAA,WAAE,EAAC,wBAAwB,EAAE,GAAG,EAAE;YAChC,MAAM,MAAM,GAAG,mBAAW,CAAC,aAAa,EAAE,CAAC;YAC3C,MAAM,MAAM,GAAG,mBAAW,CAAC,aAAa,EAAE,CAAC;YAE3C,IAAA,eAAM,EAAC,MAAM,CAAC,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC;YAChC,IAAA,eAAM,EAAC,MAAM,CAAC,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC;YAChC,IAAA,eAAM,EAAC,MAAM,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACrC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/__tests__/crypto.test.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Tests for cryptographic utilities
+ */
+export {};
+//# sourceMappingURL=crypto.test.d.ts.map

package/dist/__tests__/crypto.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"crypto.test.d.ts","sourceRoot":"","sources":["../../src/__tests__/crypto.test.ts"],"names":[],"mappings":"AAAA;;GAEG"}