@kynesyslabs/demosdk 2.1.15 → 2.2.1

package/build/encryption/PQC/enigma.d.ts

@@ -0,0 +1,83 @@
+export declare class Enigma {
+    ml_dsa_signing_keypair: {
+        publicKey: Uint8Array;
+        privateKey: Uint8Array;
+    };
+    falcon_signing_keypair: {
+        genKey: Uint8Array;
+        publicKey: Uint8Array;
+        privateKey: Uint8Array;
+    };
+    ml_kem_encryption_keypair: {
+        publicKey: Uint8Array;
+        privateKey: Uint8Array;
+    };
+    ml_kem_aes_parameters: string;
+    constructor();
+    /**
+     * Hashes data using SHA-3-256
+     * @param data The data to hash
+     * @returns The hash of the data
+     */
+    static hash(data: string, algorithm?: string): Promise<Uint8Array>;
+    /**
+     * Verifies a signature using ml-dsa
+     * @param signature The signature to verify
+     * @param message The message to verify the signature against
+     * @param publicKey The public key to verify the signature against
+     * @returns True if the signature is valid, false otherwise
+     */
+    static verify_ml_dsa(signature: Uint8Array, message: Uint8Array, publicKey: Uint8Array): Promise<boolean>;
+    /**
+     * Verifies a signature using falcon
+     * @param signature The signature to verify
+     * @param message The message to verify the signature against
+     * @param publicKey The public key to verify the signature against
+     * @returns True if the signature is valid, false otherwise
+     */
+    static verify_falcon(signature: Uint8Array, message: string, publicKey: Uint8Array): Promise<boolean>;
+    /** Sign data using ml_dsa
+     * @param message The message to sign
+     * @returns The signature of the message
+     */
+    sign_ml_dsa(message: Uint8Array): Promise<Uint8Array>;
+    /** Sign data using falcon
+     * @param message The message to sign
+     * @returns The signature of the message
+     */
+    sign_falcon(message: string): Promise<Uint8Array>;
+    encapsulate_ml_kem(peerPublicKey: Uint8Array): Promise<{
+        cipherText: Uint8Array;
+        sharedSecret: Uint8Array;
+    }>;
+    decapsulate_ml_kem(cipherText: Uint8Array): Promise<Uint8Array>;
+    /** Encrypt data using ml_kem + aes
+     * @param message The message to encrypt
+     * @returns The encrypted message
+     */
+    encrypt_ml_kem_aes(message: Uint8Array, peerPublicKey: Uint8Array): Promise<{
+        cipherText: Uint8Array;
+        encryptedMessage: Uint8Array;
+    }>;
+    /** Decrypt data using ml_kem + aes
+     * @param encryptedMessage The encrypted message to decrypt
+     * @param cipherText The cipher text containing the encapsulated shared secret
+     * @returns The decrypted message
+     */
+    decrypt_ml_kem_aes(encryptedMessage: Uint8Array, cipherText: Uint8Array): Promise<Uint8Array>;
+    /**
+     * Generates a ml_dsa signing keypair given a seed or creating one
+     * @param seed (optional) the seed used to generate the keypair
+     */
+    generate_ml_dsa_signing_keypair(seed?: Uint8Array): Promise<void>;
+    /**
+     * Generates a falcon signing keypair given a seed or creating one
+     * @param seed (optional) the seed used to generate the keypair
+     */
+    generate_falcon_signing_keypair(seed?: Uint8Array): Promise<void>;
+    /**
+     * Generates a ml_kem encryption keypair given a seed or creating one
+     * @param seed (optional) the seed used to generate the keypair
+     */
+    generate_ml_kem_encryption_keypair(seed?: Uint8Array): Promise<void>;
+}

package/build/encryption/PQC/enigma.js

@@ -0,0 +1,243 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Enigma = void 0;
+/* INFO Enigma - An experimental wrapper for Post Quantum Cryptography in Typescript designed with ease of use in mind
+  Currently suggested and tested schemas for each algorithm are:
+  - Signing: ml-dsa or falcon
+  - Encryption: NTRU
+  - Hashing: SHA-3
+
+  While implemented, the following algorithms are not included in the pqc test suite:
+  - Key Encapsulation: McEliece
+
+  While implemented, the following algorithms are not fully tested:
+  - ChaCha20-Poly1305
+  To properly test the encryption and decryption of data, please see the pqc test suite.
+*/
+const ml_kem_1 = require("@noble/post-quantum/ml-kem");
+const ml_dsa_1 = require("@noble/post-quantum/ml-dsa");
+const sha3_1 = require("@noble/hashes/sha3");
+const crypto = __importStar(require("crypto"));
+const falconts_1 = require("./falconts");
+const crypto_1 = require("crypto");
+class Enigma {
+    constructor() {
+        // ml-dsa signing keypair
+        this.ml_dsa_signing_keypair = null;
+        // falcon signing keypair
+        this.falcon_signing_keypair = null;
+        // ml-kem encryption keypair
+        this.ml_kem_encryption_keypair = null;
+        // ml-kem-aes parameters
+        this.ml_kem_aes_parameters = null;
+    }
+    // Static methods
+    /**
+     * Hashes data using SHA-3-256
+     * @param data The data to hash
+     * @returns The hash of the data
+     */
+    static async hash(data, algorithm = "sha3-256") {
+        // NOTE: algorithm is not used yet, but will be used in the future
+        return sha3_1.sha3_256.create().update(data).digest();
+    }
+    /**
+     * Verifies a signature using ml-dsa
+     * @param signature The signature to verify
+     * @param message The message to verify the signature against
+     * @param publicKey The public key to verify the signature against
+     * @returns True if the signature is valid, false otherwise
+     */
+    static async verify_ml_dsa(signature, message, publicKey) {
+        return ml_dsa_1.ml_dsa65.verify(publicKey, message, signature);
+    }
+    /**
+     * Verifies a signature using falcon
+     * @param signature The signature to verify
+     * @param message The message to verify the signature against
+     * @param publicKey The public key to verify the signature against
+     * @returns True if the signature is valid, false otherwise
+     */
+    static async verify_falcon(signature, message, publicKey) {
+        const falcon = new falconts_1.Falcon(); // Initialize falcon kernel
+        await falcon.init();
+        return falcon.verify(message, signature, publicKey);
+    }
+    // Dynamic methods
+    /** Sign data using ml_dsa
+     * @param message The message to sign
+     * @returns The signature of the message
+     */
+    async sign_ml_dsa(message) {
+        if (!this.ml_dsa_signing_keypair.privateKey) {
+            throw new Error("ml_dsa_signing_keypair.privateKey is not set");
+        }
+        return ml_dsa_1.ml_dsa65.sign(this.ml_dsa_signing_keypair.privateKey, message);
+    }
+    /** Sign data using falcon
+     * @param message The message to sign
+     * @returns The signature of the message
+     */
+    async sign_falcon(message) {
+        if (!this.falcon_signing_keypair.privateKey) {
+            throw new Error("falcon_signing_keypair.privateKey is not set");
+        }
+        const falcon = new falconts_1.Falcon();
+        await falcon.init();
+        await falcon.setKeypair({
+            genkeySeed: this.falcon_signing_keypair.genKey,
+            sk: this.falcon_signing_keypair.privateKey,
+            pk: this.falcon_signing_keypair.publicKey,
+        });
+        return falcon.sign(message);
+    }
+    async encapsulate_ml_kem(peerPublicKey) {
+        if (!this.ml_kem_encryption_keypair.privateKey) {
+            throw new Error("ml_kem_encryption_keypair.privateKey is not set");
+        }
+        return ml_kem_1.ml_kem768.encapsulate(peerPublicKey);
+    }
+    async decapsulate_ml_kem(cipherText) {
+        if (!this.ml_kem_encryption_keypair.privateKey) {
+            throw new Error("ml_kem_encryption_keypair.privateKey is not set");
+        }
+        return ml_kem_1.ml_kem768.decapsulate(cipherText, this.ml_kem_encryption_keypair.privateKey);
+    }
+    /** Encrypt data using ml_kem + aes
+     * @param message The message to encrypt
+     * @returns The encrypted message
+     */
+    async encrypt_ml_kem_aes(message, peerPublicKey) {
+        if (!this.ml_kem_encryption_keypair.privateKey) {
+            throw new Error("ml_kem_encryption_keypair.privateKey is not set");
+        }
+        // Generate shared secret and encapsulate it in a cipher text using ml_kem and the peer's public key
+        const encapsulatedSecret = ml_kem_1.ml_kem768.encapsulate(peerPublicKey);
+        // Encrypt the message using AES-256-GCM with the shared secret
+        const iv = crypto.randomBytes(12); // 96-bit IV for GCM mode
+        const cipher = crypto.createCipheriv("aes-256-gcm", encapsulatedSecret.sharedSecret, iv);
+        // Encrypt the message
+        const encryptedMessage = Buffer.concat([
+            cipher.update(message),
+            cipher.final(),
+        ]);
+        // Get the authentication tag
+        const authTag = cipher.getAuthTag();
+        // Combine IV, encrypted message, and auth tag for transmission
+        const combinedEncryptedData = Buffer.concat([
+            iv,
+            encryptedMessage,
+            authTag,
+        ]);
+        return {
+            cipherText: encapsulatedSecret.cipherText,
+            encryptedMessage: combinedEncryptedData,
+        };
+    }
+    /** Decrypt data using ml_kem + aes
+     * @param encryptedMessage The encrypted message to decrypt
+     * @param cipherText The cipher text containing the encapsulated shared secret
+     * @returns The decrypted message
+     */
+    async decrypt_ml_kem_aes(encryptedMessage, cipherText) {
+        if (!this.ml_kem_encryption_keypair.privateKey) {
+            throw new Error("ml_kem_encryption_keypair.privateKey is not set");
+        }
+        // Get the shared secret from the cipher text
+        const sharedSecret = ml_kem_1.ml_kem768.decapsulate(cipherText, this.ml_kem_encryption_keypair.privateKey);
+        // Decrypt the message using AES-256-GCM with the shared secret
+        const iv = encryptedMessage.slice(0, 12);
+        const message = encryptedMessage.slice(12, -16);
+        const authTag = encryptedMessage.slice(-16);
+        // Decrypt the message
+        const decipher = crypto.createDecipheriv("aes-256-gcm", sharedSecret, iv);
+        decipher.setAuthTag(authTag);
+        const decryptedMessage = Buffer.concat([
+            decipher.update(message),
+            decipher.final(),
+        ]);
+        return decryptedMessage;
+    }
+    // Keypair generation methods
+    /**
+     * Generates a ml_dsa signing keypair given a seed or creating one
+     * @param seed (optional) the seed used to generate the keypair
+     */
+    async generate_ml_dsa_signing_keypair(seed = null) {
+        if (!seed) {
+            seed = (0, crypto_1.randomBytes)(32);
+        }
+        const keypair = ml_dsa_1.ml_dsa65.keygen(seed);
+        this.ml_dsa_signing_keypair = {
+            publicKey: keypair.publicKey,
+            privateKey: keypair.secretKey,
+        };
+    }
+    /**
+     * Generates a falcon signing keypair given a seed or creating one
+     * @param seed (optional) the seed used to generate the keypair
+     */
+    async generate_falcon_signing_keypair(seed = null) {
+        if (!seed) {
+            seed = (0, crypto_1.randomBytes)(48);
+        }
+        const falcon = new falconts_1.Falcon();
+        await falcon.init();
+        await falcon.genkey(seed);
+        const falconKeyPair = await falcon.getKeypair();
+        this.falcon_signing_keypair = {
+            genKey: falconKeyPair.genkeySeed,
+            publicKey: falconKeyPair.pk,
+            privateKey: falconKeyPair.sk,
+        };
+    }
+    /**
+     * Generates a ml_kem encryption keypair given a seed or creating one
+     * @param seed (optional) the seed used to generate the keypair
+     */
+    async generate_ml_kem_encryption_keypair(seed = null) {
+        if (!seed) {
+            seed = (0, crypto_1.randomBytes)(64);
+        }
+        let keys = ml_kem_1.ml_kem768.keygen(seed);
+        this.ml_kem_encryption_keypair = {
+            privateKey: keys.secretKey,
+            publicKey: keys.publicKey,
+        };
+    }
+}
+exports.Enigma = Enigma;
+//# sourceMappingURL=enigma.js.map

package/build/encryption/PQC/enigma.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"enigma.js","sourceRoot":"","sources":["../../../../src/encryption/PQC/enigma.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;;;;;;;;;;;;EAYE;AACF,uDAAsD;AACtD,uDAAqD;AACrD,6CAA6C;AAC7C,+CAAgC;AAChC,yCAAmC;AACnC,mCAAoC;AAEpC,MAAa,MAAM;IAwBf;QAtBA,yBAAyB;QACzB,2BAAsB,GAGlB,IAAI,CAAA;QAER,yBAAyB;QACzB,2BAAsB,GAIlB,IAAI,CAAA;QAER,4BAA4B;QAC5B,8BAAyB,GAGrB,IAAI,CAAA;QAER,wBAAwB;QACxB,0BAAqB,GAAW,IAAI,CAAA;IAErB,CAAC;IAEhB,iBAAiB;IAEjB;;;;OAIG;IACH,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,IAAY,EAAE,YAAoB,UAAU;QAC1D,kEAAkE;QAClE,OAAO,eAAQ,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,CAAA;IAClD,CAAC;IAED;;;;;;OAMG;IACH,MAAM,CAAC,KAAK,CAAC,aAAa,CACtB,SAAqB,EACrB,OAAmB,EACnB,SAAqB;QAErB,OAAO,iBAAQ,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,EAAE,SAAS,CAAC,CAAA;IACzD,CAAC;IAED;;;;;;OAMG;IACH,MAAM,CAAC,KAAK,CAAC,aAAa,CACtB,SAAqB,EACrB,OAAe,EACf,SAAqB;QAErB,MAAM,MAAM,GAAG,IAAI,iBAAM,EAAE,CAAA,CAAC,2BAA2B;QACvD,MAAM,MAAM,CAAC,IAAI,EAAE,CAAA;QACnB,OAAO,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,SAAS,EAAE,SAAS,CAAC,CAAA;IACvD,CAAC;IAED,kBAAkB;IAElB;;;OAGG;IACH,KAAK,CAAC,WAAW,CAAC,OAAmB;QACjC,IAAI,CAAC,IAAI,CAAC,sBAAsB,CAAC,UAAU,EAAE,CAAC;YAC1C,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAA;QACnE,CAAC;QACD,OAAO,iBAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,sBAAsB,CAAC,UAAU,EAAE,OAAO,CAAC,CAAA;IACzE,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,WAAW,CAAC,OAAe;QAC7B,IAAI,CAAC,IAAI,CAAC,sBAAsB,CAAC,UAAU,EAAE,CAAC;YAC1C,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAA;QACnE,CAAC;QACD,MAAM,MAAM,GAAG,IAAI,iBAAM,EAAE,CAAA;QAC3B,MAAM,MAAM,CAAC,IAAI,EAAE,CAAA;QACnB,MAAM,MAAM,CAAC,UAAU,CAAC;YACpB,UAAU,EAAE,IAAI,CAAC,sBAAsB,CAAC,MAAM;YAC9C,EAAE,EAAE,IAAI,CAAC,sBAAsB,CAAC,UAAU;YAC1C,EAAE,EAAE,IAAI,CAAC,sBAAsB,CAAC,SAAS;SAC5C,CAAC,CAAA;QACF,OAAO,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;IAC/B,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,aAAyB;QAI9C,IAAI,CAAC,IAAI,CAAC,yBAAyB,CAAC,UAAU,EAAE,CAAC;YAC7C,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAA;QACtE,CAAC;QACD,OAAO,kBAAS,CAAC,WAAW,CAAC,aAAa,CAAC,CAAA;IAC/C,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,UAAsB;QAC3C,IAAI,CAAC,IAAI,CAAC,yBAAyB,CAAC,UAAU,EAAE,CAAC;YAC7C,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAA;QACtE,CAAC;QACD,OAAO,kBAAS,CAAC,WAAW,CAAC,UAAU,EAAE,IAAI,CAAC,yBAAyB,CAAC,UAAU,CAAC,CAAA;IACvF,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,kBAAkB,CACpB,OAAmB,EACnB,aAAyB;QAKzB,IAAI,CAAC,IAAI,CAAC,yBAAyB,CAAC,UAAU,EAAE,CAAC;YAC7C,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAA;QACtE,CAAC;QACD,oGAAoG;QACpG,MAAM,kBAAkB,GAAG,kBAAS,CAAC,WAAW,CAAC,aAAa,CAAC,CAAA;QAE/D,+DAA+D;QAC/D,MAAM,EAAE,GAAG,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAA,CAAC,yBAAyB;QAC3D,MAAM,MAAM,GAAG,MAAM,CAAC,cAAc,CAChC,aAAa,EACb,kBAAkB,CAAC,YAAY,EAC/B,EAAE,CACL,CAAA;QAED,sBAAsB;QACtB,MAAM,gBAAgB,GAAG,MAAM,CAAC,MAAM,CAAC;YACnC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC;YACtB,MAAM,CAAC,KAAK,EAAE;SACjB,CAAC,CAAA;QAEF,6BAA6B;QAC7B,MAAM,OAAO,GAAG,MAAM,CAAC,UAAU,EAAE,CAAA;QAEnC,+DAA+D;QAC/D,MAAM,qBAAqB,GAAG,MAAM,CAAC,MAAM,CAAC;YACxC,EAAE;YACF,gBAAgB;YAChB,OAAO;SACV,CAAC,CAAA;QAEF,OAAO;YACH,UAAU,EAAE,kBAAkB,CAAC,UAAU;YACzC,gBAAgB,EAAE,qBAAqB;SAC1C,CAAA;IACL,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,kBAAkB,CACpB,gBAA4B,EAC5B,UAAsB;QAEtB,IAAI,CAAC,IAAI,CAAC,yBAAyB,CAAC,UAAU,EAAE,CAAC;YAC7C,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAA;QACtE,CAAC;QACD,6CAA6C;QAC7C,MAAM,YAAY,GAAG,kBAAS,CAAC,WAAW,CAAC,UAAU,EAAE,IAAI,CAAC,yBAAyB,CAAC,UAAU,CAAC,CAAA;QAEjG,+DAA+D;QAC/D,MAAM,EAAE,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;QACxC,MAAM,OAAO,GAAG,gBAAgB,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,CAAA;QAC/C,MAAM,OAAO,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAA;QAE3C,sBAAsB;QACtB,MAAM,QAAQ,GAAG,MAAM,CAAC,gBAAgB,CACpC,aAAa,EACb,YAAY,EACZ,EAAE,CACL,CAAA;QACD,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,CAAA;QAC5B,MAAM,gBAAgB,GAAG,MAAM,CAAC,MAAM,CAAC;YACnC,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC;YACxB,QAAQ,CAAC,KAAK,EAAE;SACnB,CAAC,CAAA;QACF,OAAO,gBAAgB,CAAA;IAC3B,CAAC;IAED,6BAA6B;IAE7B;;;OAGG;IACH,KAAK,CAAC,+BAA+B,CACjC,OAAmB,IAAI;QAEvB,IAAI,CAAC,IAAI,EAAE,CAAC;YACR,IAAI,GAAG,IAAA,oBAAW,EAAC,EAAE,CAAC,CAAA;QAC1B,CAAC;QACD,MAAM,OAAO,GAAG,iBAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;QACrC,IAAI,CAAC,sBAAsB,GAAG;YAC1B,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,UAAU,EAAE,OAAO,CAAC,SAAS;SAChC,CAAA;IACL,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,+BAA+B,CACjC,OAAmB,IAAI;QAEvB,IAAI,CAAC,IAAI,EAAE,CAAC;YACR,IAAI,GAAG,IAAA,oBAAW,EAAC,EAAE,CAAC,CAAA;QAC1B,CAAC;QACD,MAAM,MAAM,GAAG,IAAI,iBAAM,EAAE,CAAA;QAC3B,MAAM,MAAM,CAAC,IAAI,EAAE,CAAA;QACnB,MAAM,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;QACzB,MAAM,aAAa,GAAG,MAAM,MAAM,CAAC,UAAU,EAAE,CAAA;QAC/C,IAAI,CAAC,sBAAsB,GAAG;YAC1B,MAAM,EAAE,aAAa,CAAC,UAAU;YAChC,SAAS,EAAE,aAAa,CAAC,EAAE;YAC3B,UAAU,EAAE,aAAa,CAAC,EAAE;SAC/B,CAAA;IACL,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,kCAAkC,CACpC,OAAmB,IAAI;QAEvB,IAAI,CAAC,IAAI,EAAE,CAAC;YACR,IAAI,GAAG,IAAA,oBAAW,EAAC,EAAE,CAAC,CAAA;QAC1B,CAAC;QACD,IAAI,IAAI,GAAG,kBAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;QACjC,IAAI,CAAC,yBAAyB,GAAG;YAC7B,UAAU,EAAE,IAAI,CAAC,SAAS;YAC1B,SAAS,EAAE,IAAI,CAAC,SAAS;SAC5B,CAAA;IACL,CAAC;CACJ;AA/PD,wBA+PC"}

package/build/encryption/PQC/falconts/falcon.d.ts

@@ -11,7 +11,7 @@ interface FalconKernel {
     signSaltByte: number;
     signNonceByte: number;
 }
-interface FalconKeypair {
+export interface FalconKeypair {
     genkeySeed: Uint8Array;
     sk: Uint8Array;
     pk: Uint8Array;

package/build/encryption/PQC/falconts/index.d.ts

@@ -1,3 +1,4 @@
 export { default as Falcon } from './falcon';
+export type { FalconKeypair } from './falcon';
 export { uint8ArrayToMnemonic, mnemonicToUint8Array, validateMnemonic, generateMnemonic } from './mnemonic';
 export { wordList } from './wordlist';

package/build/encryption/PQC/{ml-dsa/utils.d.ts → utils.d.ts}

@@ -1,8 +1,8 @@
-import { utf8ToBytes } from '@noble/hashes/utils';
+import { utf8ToBytes, randomBytes } from '@noble/hashes/utils';
 /**
  * Converts a Uint8Array to a hex string
  * @param bytes The Uint8Array to convert
  * @returns The hex string representation of the Uint8Array
  */
 declare function bytesToUtf8(bytes: Uint8Array): string;
-export { utf8ToBytes, bytesToUtf8 };
+export { utf8ToBytes, bytesToUtf8, randomBytes };

package/build/encryption/PQC/{ml-dsa/utils.js → utils.js}

@@ -1,9 +1,10 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.utf8ToBytes = void 0;
+exports.randomBytes = exports.utf8ToBytes = void 0;
 exports.bytesToUtf8 = bytesToUtf8;
 const utils_1 = require("@noble/hashes/utils");
 Object.defineProperty(exports, "utf8ToBytes", { enumerable: true, get: function () { return utils_1.utf8ToBytes; } });
+Object.defineProperty(exports, "randomBytes", { enumerable: true, get: function () { return utils_1.randomBytes; } });
 /**
  * Converts a Uint8Array to a hex string
  * @param bytes The Uint8Array to convert

package/build/encryption/PQC/utils.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.js","sourceRoot":"","sources":["../../../../src/encryption/PQC/utils.ts"],"names":[],"mappings":";;;AAUsB,kCAAW;AAVjC,+CAA+D;AAUtD,4FAVA,mBAAW,OAUA;AAAe,4FAVb,mBAAW,OAUa;AAT9C;;;;GAIG;AACH,SAAS,WAAW,CAAC,KAAiB;IAClC,OAAO,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AACzC,CAAC"}

package/build/encryption/index.d.ts

@@ -1,5 +1,6 @@
 export * as FHE from './FHE';
-export * as PQC from './PQC';
+export * as PQC from './PQC/enigma';
 export * as zK from './zK';
 export { Cryptography } from './Cryptography';
 export { Hashing } from './Hashing';
+export { unifiedCrypto as ucrypto } from './unifiedCrypto';

package/build/encryption/index.js

@@ -33,12 +33,14 @@ var __importStar = (this && this.__importStar) || (function () {
     };
 })();
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.Hashing = exports.Cryptography = exports.zK = exports.PQC = exports.FHE = void 0;
+exports.ucrypto = exports.Hashing = exports.Cryptography = exports.zK = exports.PQC = exports.FHE = void 0;
 exports.FHE = __importStar(require("./FHE"));
-exports.PQC = __importStar(require("./PQC"));
+exports.PQC = __importStar(require("./PQC/enigma"));
 exports.zK = __importStar(require("./zK"));
 var Cryptography_1 = require("./Cryptography");
 Object.defineProperty(exports, "Cryptography", { enumerable: true, get: function () { return Cryptography_1.Cryptography; } });
 var Hashing_1 = require("./Hashing");
 Object.defineProperty(exports, "Hashing", { enumerable: true, get: function () { return Hashing_1.Hashing; } });
+var unifiedCrypto_1 = require("./unifiedCrypto");
+Object.defineProperty(exports, "ucrypto", { enumerable: true, get: function () { return unifiedCrypto_1.unifiedCrypto; } });
 //# sourceMappingURL=index.js.map

package/build/encryption/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/encryption/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,6CAA4B;AAC5B,6CAA4B;AAC5B,2CAA0B;AAE1B,+CAA6C;AAApC,4GAAA,YAAY,OAAA;AACrB,qCAAmC;AAA1B,kGAAA,OAAO,OAAA"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/encryption/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,6CAA4B;AAC5B,oDAAmC;AACnC,2CAA0B;AAE1B,+CAA6C;AAApC,4GAAA,YAAY,OAAA;AACrB,qCAAmC;AAA1B,kGAAA,OAAO,OAAA;AAChB,iDAA0D;AAAjD,wGAAA,aAAa,OAAW"}

package/build/encryption/unifiedCrypto.d.ts

@@ -0,0 +1,125 @@
+import { Enigma } from "./PQC/enigma";
+import * as forge from "node-forge";
+export interface encryptedObject {
+    algorithm: "ml-kem-aes" | "rsa";
+    encryptedData: Uint8Array;
+    cipherText?: Uint8Array;
+}
+export interface SerializedEncryptedObject {
+    algorithm: "ml-kem-aes" | "rsa";
+    serializedEncryptedData: string;
+    serializedCipherText?: string;
+}
+export interface SerializedSignedObject {
+    algorithm: "ml-dsa" | "falcon" | "ed25519";
+    serializedSignedData: string;
+    serializedPublicKey: string;
+    serializedMessage: string;
+}
+interface Ed25519SignedObject {
+    algorithm: "ed25519";
+    signedData: Uint8Array;
+    publicKey: forge.pki.ed25519.NativeBuffer;
+    message: Uint8Array;
+}
+interface PqcSignedObject {
+    algorithm: "ml-dsa" | "falcon";
+    signedData: Uint8Array;
+    publicKey: Uint8Array;
+    message: Uint8Array;
+}
+export type signedObject = Ed25519SignedObject | PqcSignedObject;
+/**
+ * Converts a Uint8Array to a hexadecimal string representation, prefixed with '0x'.
+ *
+ * @param bytes - The Uint8Array to convert.
+ * @returns The hexadecimal string representation (e.g., "0x0a1b2c").
+ */
+export declare function uint8ArrayToHex(bytes: Uint8Array): string;
+/**
+ * Converts a hexadecimal string (with or without '0x' prefix) to a Uint8Array.
+ *
+ * @param hexString - The hexadecimal string to convert (e.g., "0x0a1b2c" or "0a1b2c").
+ * @returns The corresponding Uint8Array.
+ * @throws {Error} If the input string (after removing '0x') has an odd length
+ * or contains non-hexadecimal characters.
+ */
+export declare function hexToUint8Array(hexString: string): Uint8Array;
+/**
+ * UnifiedCrypto is a class that provides a unified interface for the different encryption algorithms
+ * It is used to encrypt and decrypt messages, sign and verify messages, and generate identities for the different algorithms
+ * It uses Enigma for PQC encryption/decryption and Cryptography for RSA encryption/decryption
+ * It uses Enigma for PQC signing and Cryptography for Ed25519 signing
+ * It uses the master seed to derive seeds for the different algorithms using HKDF
+ * Manages encryptedObjects and signedObjects to route data through the supported algorithms
+ * REVIEW: Check race conditions
+ * REVIEW: Check stability of the master seed transformation
+ * TODO: Build a test suite for the UnifiedCrypto class
+ */
+export declare class UnifiedCrypto {
+    private static instances;
+    private static DEFAULT_INSTANCE_ID;
+    enigma: Enigma;
+    ed25519KeyPair: {
+        publicKey: forge.pki.ed25519.NativeBuffer;
+        privateKey: forge.pki.ed25519.NativeBuffer;
+    };
+    rsaKeyPair: forge.pki.rsa.KeyPair;
+    masterSeed: Uint8Array;
+    private instanceId;
+    private constructor();
+    static getInstance(instanceId?: string, masterSeed?: Uint8Array): UnifiedCrypto;
+    getId(): string;
+    static getInstanceIds(): string[];
+    static removeInstance(instanceId: string): boolean;
+    /**
+     * Ensures that the master seed is set and generates a new one if not set
+     * @param masterSeed (optional) The master seed to set, or undefined to generate a new one
+     */
+    ensureSeed(masterSeed?: Uint8Array): Promise<void>;
+    /**
+     * Derives a seed for the given algorithm
+     * @param algorithm The algorithm to derive the seed for
+     * @param seed (optional) The seed to derive the seed from, or undefined to generate a new one or use the master seed if set
+     * @returns The derived seed
+     */
+    deriveSeed(algorithm: "ed25519" | "falcon" | "ml-dsa" | "ml-kem-aes" | "rsa", seed?: Uint8Array): Promise<Uint8Array>;
+    generateAllIdentities(masterSeed?: Uint8Array): Promise<void>;
+    generateIdentity(algorithm: "ed25519" | "falcon" | "ml-dsa" | "ml-kem-aes" | "rsa", masterSeed?: Uint8Array): Promise<void>;
+    getIdentity(algorithm: "ed25519" | "falcon" | "ml-dsa" | "ml-kem-aes" | "rsa"): Promise<{
+        publicKey: Uint8Array | forge.pki.rsa.PublicKey | forge.pki.ed25519.NativeBuffer;
+        privateKey: Uint8Array | forge.pki.rsa.PrivateKey | forge.pki.ed25519.NativeBuffer;
+        genKey?: Uint8Array;
+    }>;
+    /**
+     * Encrypts a message based on the algorithm using the previously generated identity
+     * @param algorithm The algorithm to encrypt the message with
+     * @param data The message to encrypt
+     * @param peerPublicKey The public key of the peer to encrypt the message to
+     * @returns The encrypted object as an encryptedObject
+     */
+    encrypt(algorithm: "ml-kem-aes" | "rsa", data: Uint8Array, peerPublicKey: Uint8Array): Promise<encryptedObject>;
+    /**
+     * Signs a message based on the algorithm using the previously generated identity
+     * @param algorithm The algorithm to sign the message with
+     * @param data The message to sign
+     * @returns The signed object as a signedObject
+     */
+    sign(algorithm: "ml-dsa" | "falcon" | "ed25519", data: Uint8Array): Promise<signedObject>;
+    /**
+     * Decrypts an encrypted object based on the algorithm
+     * @param encryptedObject The encrypted object to decrypt
+     * @returns The decrypted data
+     */
+    decrypt(encryptedObject: encryptedObject): Promise<Uint8Array>;
+    /**
+     * Verifies a signed object based on the algorithm
+     * @param signedObject The signed object to verify
+     * @returns True if the signed object is valid, false otherwise
+     * @throws Error if publicKey is not in the expected format for the algorithm
+     */
+    verify(signedObject: signedObject): Promise<boolean>;
+}
+export declare const unifiedCrypto: UnifiedCrypto & typeof UnifiedCrypto;
+export declare function getUnifiedCryptoInstance(instanceId: string, masterSeed?: Uint8Array): UnifiedCrypto;
+export {};