@lindorm/aes 0.1.0

package/dist/src/types/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/src/types/index.ts"],"names":[],"mappings":"AAAA,cAAc,cAAc,CAAC;AAC7B,cAAc,oBAAoB,CAAC;AACnC,cAAc,YAAY,CAAC;AAC3B,cAAc,uBAAuB,CAAC;AACtC,cAAc,SAAS,CAAC"}

package/dist/src/types/index.js

@@ -0,0 +1,22 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./aes-cipher"), exports);
+__exportStar(require("./aes-cipher-class"), exports);
+__exportStar(require("./aes-data"), exports);
+__exportStar(require("./aes-encryption-data"), exports);
+__exportStar(require("./types"), exports);
+//# sourceMappingURL=index.js.map

package/dist/src/types/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/src/types/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,+CAA6B;AAC7B,qDAAmC;AACnC,6CAA2B;AAC3B,wDAAsC;AACtC,0CAAwB"}

package/dist/src/types/types.d.ts

@@ -0,0 +1,10 @@
+/// <reference types="node" />
+import { EcKeyJwk } from "@lindorm/kryptos";
+export type BufferFormat = "base64" | "base64url" | "hex";
+export type Encryption = "aes-128-cbc" | "aes-192-cbc" | "aes-256-cbc" | "aes-128-gcm" | "aes-192-gcm" | "aes-256-gcm";
+export type EncryptionKeyAlgorithm = "ECDH-ES" | "RSA-OAEP" | "RSA-OAEP-256" | "RSA-OAEP-384" | "RSA-OAEP-512" | "RSA-PRIVATE-KEY";
+export type IntegrityHash = "sha256" | "sha384" | "sha512";
+export type PublicEncryptionJwk = Pick<EcKeyJwk, "crv" | "kty" | "x" | "y">;
+export type Secret = Buffer | string;
+export type ShaHash = "sha1" | "sha256" | "sha384" | "sha512";
+//# sourceMappingURL=types.d.ts.map

package/dist/src/types/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/src/types/types.ts"],"names":[],"mappings":";AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAE5C,MAAM,MAAM,YAAY,GAAG,QAAQ,GAAG,WAAW,GAAG,KAAK,CAAC;AAE1D,MAAM,MAAM,UAAU,GAClB,aAAa,GACb,aAAa,GACb,aAAa,GACb,aAAa,GACb,aAAa,GACb,aAAa,CAAC;AAElB,MAAM,MAAM,sBAAsB,GAC9B,SAAS,GACT,UAAU,GACV,cAAc,GACd,cAAc,GACd,cAAc,GACd,iBAAiB,CAAC;AAEtB,MAAM,MAAM,aAAa,GAAG,QAAQ,GAAG,QAAQ,GAAG,QAAQ,CAAC;AAE3D,MAAM,MAAM,mBAAmB,GAAG,IAAI,CAAC,QAAQ,EAAE,KAAK,GAAG,KAAK,GAAG,GAAG,GAAG,GAAG,CAAC,CAAC;AAE5E,MAAM,MAAM,MAAM,GAAG,MAAM,GAAG,MAAM,CAAC;AAErC,MAAM,MAAM,OAAO,GAAG,MAAM,GAAG,QAAQ,GAAG,QAAQ,GAAG,QAAQ,CAAC"}

package/dist/src/types/types.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=types.js.map

package/dist/src/types/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../../src/src/types/types.ts"],"names":[],"mappings":""}

package/dist/src/utils/aes-cipher.d.ts

@@ -0,0 +1,6 @@
+import { DecryptAesCipherOptions, EncryptAesCipherOptions, VerifyAesCipherOptions } from "../types";
+export declare const encryptAesCipher: (options: EncryptAesCipherOptions) => string;
+export declare const decryptAesCipher: ({ cipher, kryptos }: DecryptAesCipherOptions) => string;
+export declare const verifyAesCipher: ({ cipher, data, kryptos }: VerifyAesCipherOptions) => boolean;
+export declare const assertAesCipher: ({ cipher, data, kryptos }: VerifyAesCipherOptions) => void;
+//# sourceMappingURL=aes-cipher.d.ts.map

package/dist/src/utils/aes-cipher.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"aes-cipher.d.ts","sourceRoot":"","sources":["../../../src/src/utils/aes-cipher.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,uBAAuB,EAAE,uBAAuB,EAAE,sBAAsB,EAAE,MAAM,UAAU,CAAC;AAKpG,eAAO,MAAM,gBAAgB,YAAa,uBAAuB,KAAG,MACzB,CAAC;AAE5C,eAAO,MAAM,gBAAgB,wBAAyB,uBAAuB,KAAG,MACtB,CAAC;AAE3D,eAAO,MAAM,eAAe,8BAA+B,sBAAsB,KAAG,OACpC,CAAC;AAEjD,eAAO,MAAM,eAAe,8BAA+B,sBAAsB,KAAG,IAGnF,CAAC"}

package/dist/src/utils/aes-cipher.js

@@ -0,0 +1,20 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.assertAesCipher = exports.verifyAesCipher = exports.decryptAesCipher = exports.encryptAesCipher = void 0;
+const errors_1 = require("../errors");
+const aes_data_1 = require("./aes-data");
+const decode_aes_string_1 = require("./private/decode-aes-string");
+const encode_aes_string_1 = require("./private/encode-aes-string");
+const encryptAesCipher = (options) => (0, encode_aes_string_1._encodeAesString)((0, aes_data_1.encryptAesData)(options));
+exports.encryptAesCipher = encryptAesCipher;
+const decryptAesCipher = ({ cipher, kryptos }) => (0, aes_data_1.decryptAesData)({ ...(0, decode_aes_string_1._decodeAesString)(cipher), kryptos });
+exports.decryptAesCipher = decryptAesCipher;
+const verifyAesCipher = ({ cipher, data, kryptos }) => (0, exports.decryptAesCipher)({ cipher, kryptos }) === data;
+exports.verifyAesCipher = verifyAesCipher;
+const assertAesCipher = ({ cipher, data, kryptos }) => {
+    if ((0, exports.verifyAesCipher)({ cipher, data, kryptos }))
+        return;
+    throw new errors_1.AesError("Invalid AES cipher");
+};
+exports.assertAesCipher = assertAesCipher;
+//# sourceMappingURL=aes-cipher.js.map

package/dist/src/utils/aes-cipher.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"aes-cipher.js","sourceRoot":"","sources":["../../../src/src/utils/aes-cipher.ts"],"names":[],"mappings":";;;AAAA,sCAAqC;AAErC,yCAA4D;AAC5D,mEAA+D;AAC/D,mEAA+D;AAExD,MAAM,gBAAgB,GAAG,CAAC,OAAgC,EAAU,EAAE,CAC3E,IAAA,oCAAgB,EAAC,IAAA,yBAAc,EAAC,OAAO,CAAC,CAAC,CAAC;AAD/B,QAAA,gBAAgB,oBACe;AAErC,MAAM,gBAAgB,GAAG,CAAC,EAAE,MAAM,EAAE,OAAO,EAA2B,EAAU,EAAE,CACvF,IAAA,yBAAc,EAAC,EAAE,GAAG,IAAA,oCAAgB,EAAC,MAAM,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC;AAD9C,QAAA,gBAAgB,oBAC8B;AAEpD,MAAM,eAAe,GAAG,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAA0B,EAAW,EAAE,CAC5F,IAAA,wBAAgB,EAAC,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC,KAAK,IAAI,CAAC;AADpC,QAAA,eAAe,mBACqB;AAE1C,MAAM,eAAe,GAAG,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAA0B,EAAQ,EAAE;IACzF,IAAI,IAAA,uBAAe,EAAC,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;QAAE,OAAO;IACvD,MAAM,IAAI,iBAAQ,CAAC,oBAAoB,CAAC,CAAC;AAC3C,CAAC,CAAC;AAHW,QAAA,eAAe,mBAG1B"}

package/dist/src/utils/aes-data.d.ts

@@ -0,0 +1,4 @@
+import { AesEncryptionData, DecryptAesDataOptions, EncryptAesDataOptions } from "../types";
+export declare const encryptAesData: (options: EncryptAesDataOptions) => AesEncryptionData;
+export declare const decryptAesData: (options: DecryptAesDataOptions) => string;
+//# sourceMappingURL=aes-data.d.ts.map

package/dist/src/utils/aes-data.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"aes-data.d.ts","sourceRoot":"","sources":["../../../src/src/utils/aes-data.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,iBAAiB,EAAE,qBAAqB,EAAE,qBAAqB,EAAE,MAAM,UAAU,CAAC;AAM3F,eAAO,MAAM,cAAc,YAAa,qBAAqB,KAAG,iBA4C/D,CAAC;AAEF,eAAO,MAAM,cAAc,YAAa,qBAAqB,KAAG,MAkC/D,CAAC"}

package/dist/src/utils/aes-data.js

@@ -0,0 +1,66 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.decryptAesData = exports.encryptAesData = void 0;
+const crypto_1 = require("crypto");
+const constants_1 = require("../constants");
+const auth_tag_1 = require("./private/auth-tag");
+const get_decryption_key_1 = require("./private/get-decryption-key");
+const get_encryption_keys_1 = require("./private/get-encryption-keys");
+const get_initialisation_vector_1 = require("./private/get-initialisation-vector");
+const encryptAesData = (options) => {
+    const { data, encryption = "aes-256-gcm", encryptionKeyAlgorithm, format = "base64url", integrityHash, kryptos, } = options;
+    const { encryptionKey, publicEncryptionJwk, publicEncryptionKey } = (0, get_encryption_keys_1._getEncryptionKeys)({
+        encryption,
+        kryptos,
+        encryptionKeyAlgorithm,
+    });
+    const initialisationVector = (0, get_initialisation_vector_1._getInitialisationVector)(encryption);
+    const cipher = (0, crypto_1.createCipheriv)(encryption, encryptionKey, initialisationVector);
+    const buffer = Buffer.isBuffer(data) ? data : Buffer.from(data);
+    const content = Buffer.concat([cipher.update(buffer), cipher.final()]);
+    const authTag = (0, auth_tag_1._getAuthTag)({
+        encryption,
+        cipher,
+        content,
+        encryptionKey,
+        initialisationVector,
+        integrityHash,
+    });
+    return {
+        encryption,
+        authTag,
+        content,
+        format,
+        initialisationVector,
+        integrityHash,
+        keyId: kryptos.id ? Buffer.from(kryptos.id, format) : undefined,
+        encryptionKeyAlgorithm: encryptionKeyAlgorithm && publicEncryptionKey ? encryptionKeyAlgorithm : undefined,
+        publicEncryptionJwk,
+        publicEncryptionKey,
+        version: constants_1.LATEST_AES_VERSION,
+    };
+};
+exports.encryptAesData = encryptAesData;
+const decryptAesData = (options) => {
+    const { authTag, content, encryption, encryptionKeyAlgorithm, initialisationVector, integrityHash, kryptos, publicEncryptionJwk, publicEncryptionKey, } = options;
+    const decryptionKey = (0, get_decryption_key_1._getDecryptionKey)({
+        encryption,
+        encryptionKeyAlgorithm,
+        kryptos,
+        publicEncryptionJwk,
+        publicEncryptionKey,
+    });
+    const decipher = (0, crypto_1.createDecipheriv)(encryption, decryptionKey, initialisationVector);
+    (0, auth_tag_1._setAuthTag)({
+        encryption,
+        authTag,
+        content,
+        decipher,
+        decryptionKey,
+        initialisationVector,
+        integrityHash,
+    });
+    return Buffer.concat([decipher.update(content), decipher.final()]).toString("utf-8");
+};
+exports.decryptAesData = decryptAesData;
+//# sourceMappingURL=aes-data.js.map

package/dist/src/utils/aes-data.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"aes-data.js","sourceRoot":"","sources":["../../../src/src/utils/aes-data.ts"],"names":[],"mappings":";;;AAAA,mCAA0D;AAC1D,4CAAkD;AAElD,iDAA8D;AAC9D,qEAAiE;AACjE,uEAAmE;AACnE,mFAA+E;AAExE,MAAM,cAAc,GAAG,CAAC,OAA8B,EAAqB,EAAE;IAClF,MAAM,EACJ,IAAI,EACJ,UAAU,GAAG,aAAa,EAC1B,sBAAsB,EACtB,MAAM,GAAG,WAAW,EACpB,aAAa,EACb,OAAO,GACR,GAAG,OAAO,CAAC;IAEZ,MAAM,EAAE,aAAa,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,GAAG,IAAA,wCAAkB,EAAC;QACrF,UAAU;QACV,OAAO;QACP,sBAAsB;KACvB,CAAC,CAAC;IAEH,MAAM,oBAAoB,GAAG,IAAA,oDAAwB,EAAC,UAAU,CAAC,CAAC;IAClE,MAAM,MAAM,GAAG,IAAA,uBAAc,EAAC,UAAU,EAAE,aAAa,EAAE,oBAAoB,CAAC,CAAC;IAC/E,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAChE,MAAM,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;IAEvE,MAAM,OAAO,GAAG,IAAA,sBAAW,EAAC;QAC1B,UAAU;QACV,MAAM;QACN,OAAO;QACP,aAAa;QACb,oBAAoB;QACpB,aAAa;KACd,CAAC,CAAC;IAEH,OAAO;QACL,UAAU;QACV,OAAO;QACP,OAAO;QACP,MAAM;QACN,oBAAoB;QACpB,aAAa;QACb,KAAK,EAAE,OAAO,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,SAAS;QAC/D,sBAAsB,EACpB,sBAAsB,IAAI,mBAAmB,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,SAAS;QACpF,mBAAmB;QACnB,mBAAmB;QACnB,OAAO,EAAE,8BAAkB;KAC5B,CAAC;AACJ,CAAC,CAAC;AA5CW,QAAA,cAAc,kBA4CzB;AAEK,MAAM,cAAc,GAAG,CAAC,OAA8B,EAAU,EAAE;IACvE,MAAM,EACJ,OAAO,EACP,OAAO,EACP,UAAU,EACV,sBAAsB,EACtB,oBAAoB,EACpB,aAAa,EACb,OAAO,EACP,mBAAmB,EACnB,mBAAmB,GACpB,GAAG,OAAO,CAAC;IAEZ,MAAM,aAAa,GAAG,IAAA,sCAAiB,EAAC;QACtC,UAAU;QACV,sBAAsB;QACtB,OAAO;QACP,mBAAmB;QACnB,mBAAmB;KACpB,CAAC,CAAC;IAEH,MAAM,QAAQ,GAAG,IAAA,yBAAgB,EAAC,UAAU,EAAE,aAAa,EAAE,oBAAoB,CAAC,CAAC;IAEnF,IAAA,sBAAW,EAAC;QACV,UAAU;QACV,OAAO;QACP,OAAO;QACP,QAAQ;QACR,aAAa;QACb,oBAAoB;QACpB,aAAa;KACd,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,QAAQ,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;AACvF,CAAC,CAAC;AAlCW,QAAA,cAAc,kBAkCzB"}

package/dist/src/utils/index.d.ts

@@ -0,0 +1,3 @@
+export * from "./aes-cipher";
+export * from "./aes-data";
+//# sourceMappingURL=index.d.ts.map

package/dist/src/utils/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/src/utils/index.ts"],"names":[],"mappings":"AAAA,cAAc,cAAc,CAAC;AAC7B,cAAc,YAAY,CAAC"}

package/dist/src/utils/index.js

@@ -0,0 +1,19 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./aes-cipher"), exports);
+__exportStar(require("./aes-data"), exports);
+//# sourceMappingURL=index.js.map

package/dist/src/utils/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/src/utils/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,+CAA6B;AAC7B,6CAA2B"}

package/dist/src/utils/private/auth-tag-hmac.d.ts

@@ -0,0 +1,5 @@
+/// <reference types="node" />
+import { CreateHmacAuthTag, VerifyHmacAuthTag } from "../../types/auth-tag";
+export declare const createHmacAuthTag: ({ content, encryptionKey, initialisationVector, integrityHash, }: CreateHmacAuthTag) => Buffer;
+export declare const verifyHmacAuthTag: ({ authTag, content, encryptionKey, initialisationVector, integrityHash, }: VerifyHmacAuthTag) => void;
+//# sourceMappingURL=auth-tag-hmac.d.ts.map

package/dist/src/utils/private/auth-tag-hmac.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth-tag-hmac.d.ts","sourceRoot":"","sources":["../../../../src/src/utils/private/auth-tag-hmac.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAC;AAE5E,eAAO,MAAM,iBAAiB,qEAK3B,iBAAiB,KAAG,MAOtB,CAAC;AAEF,eAAO,MAAM,iBAAiB,8EAM3B,iBAAiB,KAAG,IAWtB,CAAC"}

package/dist/src/utils/private/auth-tag-hmac.js

@@ -0,0 +1,25 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.verifyHmacAuthTag = exports.createHmacAuthTag = void 0;
+const crypto_1 = require("crypto");
+const errors_1 = require("../../errors");
+const createHmacAuthTag = ({ content, encryptionKey, initialisationVector, integrityHash = "sha256", }) => {
+    const hmac = (0, crypto_1.createHmac)(integrityHash, encryptionKey);
+    hmac.update(initialisationVector);
+    hmac.update(content);
+    return hmac.digest();
+};
+exports.createHmacAuthTag = createHmacAuthTag;
+const verifyHmacAuthTag = ({ authTag, content, encryptionKey, initialisationVector, integrityHash, }) => {
+    const generated = (0, exports.createHmacAuthTag)({
+        content,
+        encryptionKey,
+        initialisationVector,
+        integrityHash,
+    });
+    if (Buffer.compare(generated, authTag) === 0)
+        return;
+    throw new errors_1.AesError("Auth tag verification failed");
+};
+exports.verifyHmacAuthTag = verifyHmacAuthTag;
+//# sourceMappingURL=auth-tag-hmac.js.map

package/dist/src/utils/private/auth-tag-hmac.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth-tag-hmac.js","sourceRoot":"","sources":["../../../../src/src/utils/private/auth-tag-hmac.ts"],"names":[],"mappings":";;;AAAA,mCAAoC;AACpC,yCAAwC;AAGjC,MAAM,iBAAiB,GAAG,CAAC,EAChC,OAAO,EACP,aAAa,EACb,oBAAoB,EACpB,aAAa,GAAG,QAAQ,GACN,EAAU,EAAE;IAC9B,MAAM,IAAI,GAAG,IAAA,mBAAU,EAAC,aAAa,EAAE,aAAa,CAAC,CAAC;IAEtD,IAAI,CAAC,MAAM,CAAC,oBAAoB,CAAC,CAAC;IAClC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAErB,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC;AACvB,CAAC,CAAC;AAZW,QAAA,iBAAiB,qBAY5B;AAEK,MAAM,iBAAiB,GAAG,CAAC,EAChC,OAAO,EACP,OAAO,EACP,aAAa,EACb,oBAAoB,EACpB,aAAa,GACK,EAAQ,EAAE;IAC5B,MAAM,SAAS,GAAG,IAAA,yBAAiB,EAAC;QAClC,OAAO;QACP,aAAa;QACb,oBAAoB;QACpB,aAAa;KACd,CAAC,CAAC;IAEH,IAAI,MAAM,CAAC,OAAO,CAAC,SAAS,EAAE,OAAO,CAAC,KAAK,CAAC;QAAE,OAAO;IAErD,MAAM,IAAI,iBAAQ,CAAC,8BAA8B,CAAC,CAAC;AACrD,CAAC,CAAC;AAjBW,QAAA,iBAAiB,qBAiB5B"}

package/dist/src/utils/private/auth-tag.d.ts

@@ -0,0 +1,5 @@
+/// <reference types="node" />
+import { GetAuthTagOptions, SetAuthTagOptions } from "../../types/auth-tag";
+export declare const _getAuthTag: ({ encryption: algorithm, cipher, content, encryptionKey, initialisationVector, integrityHash, }: GetAuthTagOptions) => Buffer | undefined;
+export declare const _setAuthTag: ({ encryption: algorithm, authTag, content, decipher, decryptionKey, initialisationVector, integrityHash, }: SetAuthTagOptions) => void;
+//# sourceMappingURL=auth-tag.d.ts.map

package/dist/src/utils/private/auth-tag.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth-tag.d.ts","sourceRoot":"","sources":["../../../../src/src/utils/private/auth-tag.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAC;AAG5E,eAAO,MAAM,WAAW,oGAOrB,iBAAiB,KAAG,MAAM,GAAG,SAuB/B,CAAC;AAEF,eAAO,MAAM,WAAW,+GAQrB,iBAAiB,KAAG,IA6BtB,CAAC"}

package/dist/src/utils/private/auth-tag.js

@@ -0,0 +1,58 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports._setAuthTag = exports._getAuthTag = void 0;
+const errors_1 = require("../../errors");
+const auth_tag_hmac_1 = require("./auth-tag-hmac");
+const _getAuthTag = ({ encryption: algorithm, cipher, content, encryptionKey, initialisationVector, integrityHash, }) => {
+    switch (algorithm) {
+        case "aes-128-cbc":
+        case "aes-192-cbc":
+        case "aes-256-cbc":
+            if (!integrityHash) {
+                return;
+            }
+            return (0, auth_tag_hmac_1.createHmacAuthTag)({
+                content,
+                encryptionKey,
+                initialisationVector,
+                integrityHash,
+            });
+        case "aes-128-gcm":
+        case "aes-192-gcm":
+        case "aes-256-gcm":
+            return cipher.getAuthTag();
+        default:
+            throw new errors_1.AesError("Unexpected algorithm");
+    }
+};
+exports._getAuthTag = _getAuthTag;
+const _setAuthTag = ({ encryption: algorithm, authTag, content, decipher, decryptionKey, initialisationVector, integrityHash, }) => {
+    switch (algorithm) {
+        case "aes-128-cbc":
+        case "aes-192-cbc":
+        case "aes-256-cbc":
+            if (!authTag || !integrityHash) {
+                return;
+            }
+            (0, auth_tag_hmac_1.verifyHmacAuthTag)({
+                authTag,
+                content,
+                encryptionKey: decryptionKey,
+                initialisationVector,
+                integrityHash,
+            });
+            return;
+        case "aes-128-gcm":
+        case "aes-192-gcm":
+        case "aes-256-gcm":
+            if (!authTag) {
+                throw new errors_1.AesError("Auth tag is required for GCM decryption");
+            }
+            decipher.setAuthTag(authTag);
+            return;
+        default:
+            throw new errors_1.AesError("Unexpected algorithm");
+    }
+};
+exports._setAuthTag = _setAuthTag;
+//# sourceMappingURL=auth-tag.js.map

package/dist/src/utils/private/auth-tag.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth-tag.js","sourceRoot":"","sources":["../../../../src/src/utils/private/auth-tag.ts"],"names":[],"mappings":";;;AACA,yCAAwC;AAExC,mDAAuE;AAEhE,MAAM,WAAW,GAAG,CAAC,EAC1B,UAAU,EAAE,SAAS,EACrB,MAAM,EACN,OAAO,EACP,aAAa,EACb,oBAAoB,EACpB,aAAa,GACK,EAAsB,EAAE;IAC1C,QAAQ,SAAS,EAAE,CAAC;QAClB,KAAK,aAAa,CAAC;QACnB,KAAK,aAAa,CAAC;QACnB,KAAK,aAAa;YAChB,IAAI,CAAC,aAAa,EAAE,CAAC;gBACnB,OAAO;YACT,CAAC;YACD,OAAO,IAAA,iCAAiB,EAAC;gBACvB,OAAO;gBACP,aAAa;gBACb,oBAAoB;gBACpB,aAAa;aACd,CAAC,CAAC;QAEL,KAAK,aAAa,CAAC;QACnB,KAAK,aAAa,CAAC;QACnB,KAAK,aAAa;YAChB,OAAQ,MAAoB,CAAC,UAAU,EAAE,CAAC;QAE5C;YACE,MAAM,IAAI,iBAAQ,CAAC,sBAAsB,CAAC,CAAC;IAC/C,CAAC;AACH,CAAC,CAAC;AA9BW,QAAA,WAAW,eA8BtB;AAEK,MAAM,WAAW,GAAG,CAAC,EAC1B,UAAU,EAAE,SAAS,EACrB,OAAO,EACP,OAAO,EACP,QAAQ,EACR,aAAa,EACb,oBAAoB,EACpB,aAAa,GACK,EAAQ,EAAE;IAC5B,QAAQ,SAAS,EAAE,CAAC;QAClB,KAAK,aAAa,CAAC;QACnB,KAAK,aAAa,CAAC;QACnB,KAAK,aAAa;YAChB,IAAI,CAAC,OAAO,IAAI,CAAC,aAAa,EAAE,CAAC;gBAC/B,OAAO;YACT,CAAC;YACD,IAAA,iCAAiB,EAAC;gBAChB,OAAO;gBACP,OAAO;gBACP,aAAa,EAAE,aAAa;gBAC5B,oBAAoB;gBACpB,aAAa;aACd,CAAC,CAAC;YACH,OAAO;QAET,KAAK,aAAa,CAAC;QACnB,KAAK,aAAa,CAAC;QACnB,KAAK,aAAa;YAChB,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,MAAM,IAAI,iBAAQ,CAAC,yCAAyC,CAAC,CAAC;YAChE,CAAC;YACA,QAAwB,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;YAC9C,OAAO;QAET;YACE,MAAM,IAAI,iBAAQ,CAAC,sBAAsB,CAAC,CAAC;IAC/C,CAAC;AACH,CAAC,CAAC;AArCW,QAAA,WAAW,eAqCtB"}

package/dist/src/utils/private/decode-aes-string.d.ts

@@ -0,0 +1,3 @@
+import { AesEncryptionData } from "../../types";
+export declare const _decodeAesString: (data: string) => AesEncryptionData;
+//# sourceMappingURL=decode-aes-string.d.ts.map

package/dist/src/utils/private/decode-aes-string.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"decode-aes-string.d.ts","sourceRoot":"","sources":["../../../../src/src/utils/private/decode-aes-string.ts"],"names":[],"mappings":"AAEA,OAAO,EACL,iBAAiB,EAKlB,MAAM,aAAa,CAAC;AAIrB,eAAO,MAAM,gBAAgB,SAAU,MAAM,KAAG,iBAqC/C,CAAC"}

package/dist/src/utils/private/decode-aes-string.js

@@ -0,0 +1,39 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports._decodeAesString = void 0;
+const errors_1 = require("../../errors");
+const regex = /(?<key>[a-z]+)=(?<value>.+)/g;
+const _decodeAesString = (data) => {
+    const [_, alg, array, content] = data.split("$");
+    const algorithm = alg;
+    const items = array.split(",");
+    const values = {};
+    for (const item of items) {
+        const match = new RegExp(regex).exec(item);
+        if (!match?.groups?.key || !match?.groups?.value) {
+            throw new errors_1.AesError("Invalid AES cipher string", {
+                debug: { item },
+            });
+        }
+        values[match.groups.key] = match.groups.value;
+    }
+    const { cek, crv: curve, eka, f, ih, iv, kid, tag, v, x, y, kty: keyType } = values;
+    const crv = curve;
+    const format = f;
+    const kty = keyType;
+    return {
+        encryption: algorithm,
+        authTag: tag ? Buffer.from(tag, format) : undefined,
+        content: Buffer.from(content, format),
+        encryptionKeyAlgorithm: eka,
+        format,
+        integrityHash: ih,
+        initialisationVector: Buffer.from(iv, format),
+        keyId: kid ? Buffer.from(kid, format) : undefined,
+        publicEncryptionJwk: crv && x && y && kty ? { crv, x, y, kty } : undefined,
+        publicEncryptionKey: cek ? Buffer.from(cek, format) : undefined,
+        version: parseInt(v, 10),
+    };
+};
+exports._decodeAesString = _decodeAesString;
+//# sourceMappingURL=decode-aes-string.js.map

package/dist/src/utils/private/decode-aes-string.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"decode-aes-string.js","sourceRoot":"","sources":["../../../../src/src/utils/private/decode-aes-string.ts"],"names":[],"mappings":";;;AACA,yCAAwC;AASxC,MAAM,KAAK,GAAG,8BAA8B,CAAC;AAEtC,MAAM,gBAAgB,GAAG,CAAC,IAAY,EAAqB,EAAE;IAClE,MAAM,CAAC,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAEjD,MAAM,SAAS,GAAG,GAAiB,CAAC;IACpC,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC/B,MAAM,MAAM,GAA2B,EAAE,CAAC;IAE1C,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAE3C,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;YACjD,MAAM,IAAI,iBAAQ,CAAC,2BAA2B,EAAE;gBAC9C,KAAK,EAAE,EAAE,IAAI,EAAE;aAChB,CAAC,CAAC;QACL,CAAC;QAED,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC;IAChD,CAAC;IAED,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,MAAM,CAAC;IACpF,MAAM,GAAG,GAAG,KAAqB,CAAC;IAClC,MAAM,MAAM,GAAG,CAAiB,CAAC;IACjC,MAAM,GAAG,GAAG,OAAe,CAAC;IAE5B,OAAO;QACL,UAAU,EAAE,SAAS;QACrB,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,SAAS;QACnD,OAAO,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC;QACrC,sBAAsB,EAAE,GAA6B;QACrD,MAAM;QACN,aAAa,EAAE,EAAmB;QAClC,oBAAoB,EAAE,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,MAAM,CAAC;QAC7C,KAAK,EAAE,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,SAAS;QACjD,mBAAmB,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,SAAS;QAC1E,mBAAmB,EAAE,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,SAAS;QAC/D,OAAO,EAAE,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC;KACzB,CAAC;AACJ,CAAC,CAAC;AArCW,QAAA,gBAAgB,oBAqC3B"}

package/dist/src/utils/private/ec/get-ec-keys.d.ts

@@ -0,0 +1,21 @@
+/// <reference types="node" />
+import { Kryptos } from "@lindorm/kryptos";
+import { Encryption, EncryptionKeyAlgorithm, PublicEncryptionJwk } from "../../../types";
+type EncryptOptions = {
+    encryption: Encryption;
+    encryptionKeyAlgorithm?: EncryptionKeyAlgorithm;
+    kryptos: Kryptos;
+};
+type EncryptResult = {
+    encryptionKey: Buffer;
+    publicEncryptionJwk: PublicEncryptionJwk;
+};
+type DecryptOptions = {
+    encryption: Encryption;
+    kryptos: Kryptos;
+    publicEncryptionJwk: PublicEncryptionJwk;
+};
+export declare const _getEcEncryptionKeys: ({ encryption, encryptionKeyAlgorithm, kryptos, }: EncryptOptions) => EncryptResult;
+export declare const _getEcDecryptionKey: ({ encryption, kryptos, publicEncryptionJwk, }: DecryptOptions) => Buffer;
+export {};
+//# sourceMappingURL=get-ec-keys.d.ts.map

package/dist/src/utils/private/ec/get-ec-keys.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"get-ec-keys.d.ts","sourceRoot":"","sources":["../../../../../src/src/utils/private/ec/get-ec-keys.ts"],"names":[],"mappings":";AAAA,OAAO,EAAY,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAGrD,OAAO,EAAE,UAAU,EAAE,sBAAsB,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AAIzF,KAAK,cAAc,GAAG;IACpB,UAAU,EAAE,UAAU,CAAC;IACvB,sBAAsB,CAAC,EAAE,sBAAsB,CAAC;IAChD,OAAO,EAAE,OAAO,CAAC;CAClB,CAAC;AAEF,KAAK,aAAa,GAAG;IACnB,aAAa,EAAE,MAAM,CAAC;IACtB,mBAAmB,EAAE,mBAAmB,CAAC;CAC1C,CAAC;AAEF,KAAK,cAAc,GAAG;IACpB,UAAU,EAAE,UAAU,CAAC;IACvB,OAAO,EAAE,OAAO,CAAC;IACjB,mBAAmB,EAAE,mBAAmB,CAAC;CAC1C,CAAC;AAEF,eAAO,MAAM,oBAAoB,qDAI9B,cAAc,KAAG,aA+BnB,CAAC;AAEF,eAAO,MAAM,mBAAmB,kDAI7B,cAAc,KAAG,MAuBnB,CAAC"}

package/dist/src/utils/private/ec/get-ec-keys.js

@@ -0,0 +1,55 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports._getEcDecryptionKey = exports._getEcEncryptionKeys = void 0;
+const kryptos_1 = require("@lindorm/kryptos");
+const crypto_1 = require("crypto");
+const errors_1 = require("../../../errors");
+const create_key_derivation_1 = require("../secret/create-key-derivation");
+const get_key_curve_1 = require("./get-key-curve");
+const _getEcEncryptionKeys = ({ encryption, encryptionKeyAlgorithm, kryptos, }) => {
+    if (encryptionKeyAlgorithm !== "ECDH-ES") {
+        throw new errors_1.AesError("Mismatched options values", {
+            debug: { encryptionKeyAlgorithm, kryptos },
+        });
+    }
+    const { curve, publicKey } = kryptos.export("raw");
+    if (!publicKey) {
+        throw new errors_1.AesError("Missing public key");
+    }
+    if (!curve) {
+        throw new errors_1.AesError("Missing curve");
+    }
+    const senderKeyPair = (0, crypto_1.createECDH)((0, get_key_curve_1._getKeyCurve)(curve));
+    const senderPublicKey = senderKeyPair.generateKeys();
+    const sharedSecret = senderKeyPair.computeSecret(publicKey);
+    const encryptionKey = (0, create_key_derivation_1._createKeyDerivation)({ encryption, initialKeyringMaterial: sharedSecret });
+    const publicEncryptionKryptos = kryptos_1.Kryptos.from("raw", {
+        id: kryptos.id,
+        curve: (0, get_key_curve_1._getNistCurve)(curve),
+        publicKey: senderPublicKey,
+        type: "EC",
+    });
+    const { crv, kty, x, y } = publicEncryptionKryptos.export("jwk");
+    return { encryptionKey, publicEncryptionJwk: { crv, kty, x, y } };
+};
+exports._getEcEncryptionKeys = _getEcEncryptionKeys;
+const _getEcDecryptionKey = ({ encryption, kryptos, publicEncryptionJwk, }) => {
+    const { curve, privateKey } = kryptos.export("raw");
+    if (!privateKey) {
+        throw new errors_1.AesError("Missing private key");
+    }
+    if (!curve) {
+        throw new errors_1.AesError("Missing curve");
+    }
+    const receiverKeyPair = (0, crypto_1.createECDH)((0, get_key_curve_1._getKeyCurve)(curve));
+    receiverKeyPair.setPrivateKey(privateKey);
+    const publicEncryptionKryptos = kryptos_1.Kryptos.from("jwk", publicEncryptionJwk);
+    const { publicKey } = publicEncryptionKryptos.export("raw");
+    if (!publicKey) {
+        throw new errors_1.AesError("Missing public key");
+    }
+    const sharedSecret = receiverKeyPair.computeSecret(publicKey);
+    return (0, create_key_derivation_1._createKeyDerivation)({ encryption, initialKeyringMaterial: sharedSecret });
+};
+exports._getEcDecryptionKey = _getEcDecryptionKey;
+//# sourceMappingURL=get-ec-keys.js.map

package/dist/src/utils/private/ec/get-ec-keys.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"get-ec-keys.js","sourceRoot":"","sources":["../../../../../src/src/utils/private/ec/get-ec-keys.ts"],"names":[],"mappings":";;;AAAA,8CAAqD;AACrD,mCAAoC;AACpC,4CAA2C;AAE3C,2EAAuE;AACvE,mDAA8D;AAmBvD,MAAM,oBAAoB,GAAG,CAAC,EACnC,UAAU,EACV,sBAAsB,EACtB,OAAO,GACQ,EAAiB,EAAE;IAClC,IAAI,sBAAsB,KAAK,SAAS,EAAE,CAAC;QACzC,MAAM,IAAI,iBAAQ,CAAC,2BAA2B,EAAE;YAC9C,KAAK,EAAE,EAAE,sBAAsB,EAAE,OAAO,EAAE;SAC3C,CAAC,CAAC;IACL,CAAC;IAED,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAEnD,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,IAAI,iBAAQ,CAAC,oBAAoB,CAAC,CAAC;IAC3C,CAAC;IACD,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,MAAM,IAAI,iBAAQ,CAAC,eAAe,CAAC,CAAC;IACtC,CAAC;IAED,MAAM,aAAa,GAAG,IAAA,mBAAU,EAAC,IAAA,4BAAY,EAAC,KAAK,CAAC,CAAC,CAAC;IACtD,MAAM,eAAe,GAAG,aAAa,CAAC,YAAY,EAAE,CAAC;IACrD,MAAM,YAAY,GAAG,aAAa,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC;IAC5D,MAAM,aAAa,GAAG,IAAA,4CAAoB,EAAC,EAAE,UAAU,EAAE,sBAAsB,EAAE,YAAY,EAAE,CAAC,CAAC;IAEjG,MAAM,uBAAuB,GAAG,iBAAO,CAAC,IAAI,CAAC,KAAK,EAAE;QAClD,EAAE,EAAE,OAAO,CAAC,EAAE;QACd,KAAK,EAAE,IAAA,6BAAa,EAAC,KAAK,CAAC;QAC3B,SAAS,EAAE,eAAe;QAC1B,IAAI,EAAE,IAAI;KACX,CAAC,CAAC;IAEH,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,uBAAuB,CAAC,MAAM,CAAW,KAAK,CAAC,CAAC;IAE3E,OAAO,EAAE,aAAa,EAAE,mBAAmB,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;AACpE,CAAC,CAAC;AAnCW,QAAA,oBAAoB,wBAmC/B;AAEK,MAAM,mBAAmB,GAAG,CAAC,EAClC,UAAU,EACV,OAAO,EACP,mBAAmB,GACJ,EAAU,EAAE;IAC3B,MAAM,EAAE,KAAK,EAAE,UAAU,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAEpD,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,MAAM,IAAI,iBAAQ,CAAC,qBAAqB,CAAC,CAAC;IAC5C,CAAC;IACD,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,MAAM,IAAI,iBAAQ,CAAC,eAAe,CAAC,CAAC;IACtC,CAAC;IAED,MAAM,eAAe,GAAG,IAAA,mBAAU,EAAC,IAAA,4BAAY,EAAC,KAAK,CAAC,CAAC,CAAC;IACxD,eAAe,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC;IAE1C,MAAM,uBAAuB,GAAG,iBAAO,CAAC,IAAI,CAAC,KAAK,EAAE,mBAAmB,CAAC,CAAC;IACzE,MAAM,EAAE,SAAS,EAAE,GAAG,uBAAuB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAE5D,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,IAAI,iBAAQ,CAAC,oBAAoB,CAAC,CAAC;IAC3C,CAAC;IAED,MAAM,YAAY,GAAG,eAAe,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC;IAE9D,OAAO,IAAA,4CAAoB,EAAC,EAAE,UAAU,EAAE,sBAAsB,EAAE,YAAY,EAAE,CAAC,CAAC;AACpF,CAAC,CAAC;AA3BW,QAAA,mBAAmB,uBA2B9B"}

package/dist/src/utils/private/ec/get-key-curve.d.ts

@@ -0,0 +1,4 @@
+import { KryptosCurve } from "@lindorm/kryptos";
+export declare const _getKeyCurve: (curve: KryptosCurve) => KryptosCurve;
+export declare const _getNistCurve: (curve: KryptosCurve) => KryptosCurve;
+//# sourceMappingURL=get-key-curve.d.ts.map

package/dist/src/utils/private/ec/get-key-curve.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"get-key-curve.d.ts","sourceRoot":"","sources":["../../../../../src/src/utils/private/ec/get-key-curve.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAGhD,eAAO,MAAM,YAAY,UAAW,YAAY,KAAG,YAiBlD,CAAC;AAEF,eAAO,MAAM,aAAa,UAAW,YAAY,KAAG,YAiBnD,CAAC"}

package/dist/src/utils/private/ec/get-key-curve.js

@@ -0,0 +1,37 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports._getNistCurve = exports._getKeyCurve = void 0;
+const errors_1 = require("../../../errors");
+const _getKeyCurve = (curve) => {
+    switch (curve) {
+        case "P-256":
+        case "secp256k1":
+            return "secp256k1";
+        case "P-384":
+        case "secp384r1":
+            return "secp384r1";
+        case "P-521":
+        case "secp521r1":
+            return "secp521r1";
+        default:
+            throw new errors_1.AesError("Unsupported curve");
+    }
+};
+exports._getKeyCurve = _getKeyCurve;
+const _getNistCurve = (curve) => {
+    switch (curve) {
+        case "P-256":
+        case "secp256k1":
+            return "P-256";
+        case "P-384":
+        case "secp384r1":
+            return "P-384";
+        case "P-521":
+        case "secp521r1":
+            return "P-521";
+        default:
+            throw new errors_1.AesError("Unsupported curve");
+    }
+};
+exports._getNistCurve = _getNistCurve;
+//# sourceMappingURL=get-key-curve.js.map

package/dist/src/utils/private/ec/get-key-curve.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"get-key-curve.js","sourceRoot":"","sources":["../../../../../src/src/utils/private/ec/get-key-curve.ts"],"names":[],"mappings":";;;AACA,4CAA2C;AAEpC,MAAM,YAAY,GAAG,CAAC,KAAmB,EAAgB,EAAE;IAChE,QAAQ,KAAK,EAAE,CAAC;QACd,KAAK,OAAO,CAAC;QACb,KAAK,WAAW;YACd,OAAO,WAAW,CAAC;QAErB,KAAK,OAAO,CAAC;QACb,KAAK,WAAW;YACd,OAAO,WAAW,CAAC;QAErB,KAAK,OAAO,CAAC;QACb,KAAK,WAAW;YACd,OAAO,WAAW,CAAC;QAErB;YACE,MAAM,IAAI,iBAAQ,CAAC,mBAAmB,CAAC,CAAC;IAC5C,CAAC;AACH,CAAC,CAAC;AAjBW,QAAA,YAAY,gBAiBvB;AAEK,MAAM,aAAa,GAAG,CAAC,KAAmB,EAAgB,EAAE;IACjE,QAAQ,KAAK,EAAE,CAAC;QACd,KAAK,OAAO,CAAC;QACb,KAAK,WAAW;YACd,OAAO,OAAO,CAAC;QAEjB,KAAK,OAAO,CAAC;QACb,KAAK,WAAW;YACd,OAAO,OAAO,CAAC;QAEjB,KAAK,OAAO,CAAC;QACb,KAAK,WAAW;YACd,OAAO,OAAO,CAAC;QAEjB;YACE,MAAM,IAAI,iBAAQ,CAAC,mBAAmB,CAAC,CAAC;IAC5C,CAAC;AACH,CAAC,CAAC;AAjBW,QAAA,aAAa,iBAiBxB"}

package/dist/src/utils/private/encode-aes-string.d.ts

@@ -0,0 +1,3 @@
+import { AesEncryptionData } from "../../types";
+export declare const _encodeAesString: ({ encryption: algorithm, authTag, content, encryptionKeyAlgorithm, format, initialisationVector, integrityHash, keyId, publicEncryptionJwk, publicEncryptionKey, version, }: AesEncryptionData) => string;
+//# sourceMappingURL=encode-aes-string.d.ts.map

package/dist/src/utils/private/encode-aes-string.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"encode-aes-string.d.ts","sourceRoot":"","sources":["../../../../src/src/utils/private/encode-aes-string.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AAEhD,eAAO,MAAM,gBAAgB,gLAY1B,iBAAiB,KAAG,MAoBtB,CAAC"}

package/dist/src/utils/private/encode-aes-string.js

@@ -0,0 +1,25 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports._encodeAesString = void 0;
+const utils_1 = require("@lindorm/utils");
+const _encodeAesString = ({ encryption: algorithm, authTag, content, encryptionKeyAlgorithm, format, initialisationVector, integrityHash, keyId, publicEncryptionJwk, publicEncryptionKey, version, }) => {
+    const values = (0, utils_1.removeEmpty)({
+        v: version,
+        f: format,
+        cek: publicEncryptionKey?.toString(format),
+        crv: publicEncryptionJwk?.crv,
+        eka: encryptionKeyAlgorithm,
+        ih: integrityHash,
+        iv: initialisationVector.toString(format),
+        kid: publicEncryptionKey && keyId ? keyId.toString(format) : undefined,
+        tag: authTag?.toString(format),
+        x: publicEncryptionJwk?.x,
+        y: publicEncryptionJwk?.y,
+    });
+    const array = Object.entries(values).map(([key, value]) => `${key}=${value}`);
+    const str = array.join(",");
+    const cnt = content.toString(format);
+    return `$${algorithm}$${str}$${cnt}$`;
+};
+exports._encodeAesString = _encodeAesString;
+//# sourceMappingURL=encode-aes-string.js.map

package/dist/src/utils/private/encode-aes-string.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"encode-aes-string.js","sourceRoot":"","sources":["../../../../src/src/utils/private/encode-aes-string.ts"],"names":[],"mappings":";;;AAAA,0CAA6C;AAGtC,MAAM,gBAAgB,GAAG,CAAC,EAC/B,UAAU,EAAE,SAAS,EACrB,OAAO,EACP,OAAO,EACP,sBAAsB,EACtB,MAAM,EACN,oBAAoB,EACpB,aAAa,EACb,KAAK,EACL,mBAAmB,EACnB,mBAAmB,EACnB,OAAO,GACW,EAAU,EAAE;IAC9B,MAAM,MAAM,GAAG,IAAA,mBAAW,EAAC;QACzB,CAAC,EAAE,OAAO;QACV,CAAC,EAAE,MAAM;QACT,GAAG,EAAE,mBAAmB,EAAE,QAAQ,CAAC,MAAM,CAAC;QAC1C,GAAG,EAAE,mBAAmB,EAAE,GAAG;QAC7B,GAAG,EAAE,sBAAsB;QAC3B,EAAE,EAAE,aAAa;QACjB,EAAE,EAAE,oBAAoB,CAAC,QAAQ,CAAC,MAAM,CAAC;QACzC,GAAG,EAAE,mBAAmB,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,SAAS;QACtE,GAAG,EAAE,OAAO,EAAE,QAAQ,CAAC,MAAM,CAAC;QAC9B,CAAC,EAAE,mBAAmB,EAAE,CAAC;QACzB,CAAC,EAAE,mBAAmB,EAAE,CAAC;KAC1B,CAAC,CAAC;IACH,MAAM,KAAK,GAAG,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,IAAI,KAAK,EAAE,CAAC,CAAC;IAE9E,MAAM,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC5B,MAAM,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IAErC,OAAO,IAAI,SAAS,IAAI,GAAG,IAAI,GAAG,GAAG,CAAC;AACxC,CAAC,CAAC;AAhCW,QAAA,gBAAgB,oBAgC3B"}

package/dist/src/utils/private/get-decryption-key.d.ts

@@ -0,0 +1,13 @@
+/// <reference types="node" />
+import { Kryptos } from "@lindorm/kryptos";
+import { Encryption, EncryptionKeyAlgorithm, PublicEncryptionJwk } from "../../types";
+type Options = {
+    encryption: Encryption;
+    encryptionKeyAlgorithm?: EncryptionKeyAlgorithm;
+    kryptos: Kryptos;
+    publicEncryptionJwk?: PublicEncryptionJwk;
+    publicEncryptionKey?: Buffer;
+};
+export declare const _getDecryptionKey: ({ encryption, encryptionKeyAlgorithm, kryptos, publicEncryptionJwk, publicEncryptionKey, }: Options) => Buffer;
+export {};
+//# sourceMappingURL=get-decryption-key.d.ts.map

package/dist/src/utils/private/get-decryption-key.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"get-decryption-key.d.ts","sourceRoot":"","sources":["../../../../src/src/utils/private/get-decryption-key.ts"],"names":[],"mappings":";AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAE3C,OAAO,EAAE,UAAU,EAAE,sBAAsB,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AAKtF,KAAK,OAAO,GAAG;IACb,UAAU,EAAE,UAAU,CAAC;IACvB,sBAAsB,CAAC,EAAE,sBAAsB,CAAC;IAChD,OAAO,EAAE,OAAO,CAAC;IACjB,mBAAmB,CAAC,EAAE,mBAAmB,CAAC;IAC1C,mBAAmB,CAAC,EAAE,MAAM,CAAC;CAC9B,CAAC;AAEF,eAAO,MAAM,iBAAiB,+FAM3B,OAAO,KAAG,MA0BZ,CAAC"}

package/dist/src/utils/private/get-decryption-key.js

@@ -0,0 +1,33 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports._getDecryptionKey = void 0;
+const errors_1 = require("../../errors");
+const get_ec_keys_1 = require("./ec/get-ec-keys");
+const get_oct_keys_1 = require("./oct/get-oct-keys");
+const get_rsa_keys_1 = require("./rsa/get-rsa-keys");
+const _getDecryptionKey = ({ encryption, encryptionKeyAlgorithm, kryptos, publicEncryptionJwk, publicEncryptionKey, }) => {
+    switch (kryptos.type) {
+        case "EC":
+            if (!publicEncryptionJwk) {
+                throw new errors_1.AesError("Unable to decrypt AES cipher without public encryption JWK", {
+                    debug: { publicEncryptionJwk },
+                });
+            }
+            return (0, get_ec_keys_1._getEcDecryptionKey)({ encryption, kryptos, publicEncryptionJwk });
+        case "RSA":
+            if (!publicEncryptionKey) {
+                throw new errors_1.AesError("Unable to decrypt AES cipher without public encryption key", {
+                    debug: { publicEncryptionKey },
+                });
+            }
+            return (0, get_rsa_keys_1._getRsaDecryptionKey)({ encryptionKeyAlgorithm, kryptos, publicEncryptionKey });
+        case "oct":
+            return (0, get_oct_keys_1._getOctDecryptionKey)({ encryption, kryptos });
+        default:
+            throw new errors_1.AesError("Unexpected encryption key type", {
+                debug: { kryptos },
+            });
+    }
+};
+exports._getDecryptionKey = _getDecryptionKey;
+//# sourceMappingURL=get-decryption-key.js.map