@lindorm/aes 0.2.0 → 0.3.1

package/dist/utils/private/key-types/get-okp-keys.js

@@ -1,28 +1,43 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports._getOkpDecryptionKey = exports._getOkpEncryptionKey = void 0;
+exports.getOkpDecryptionKey = exports.getOkpEncryptionKey = void 0;
 const errors_1 = require("../../../errors");
 const diffie_hellman_1 = require("../diffie-hellman/diffie-hellman");
-const _getOkpEncryptionKey = (options) => {
+const diffie_hellman_key_wrap_1 = require("../diffie-hellman/diffie-hellman-key-wrap");
+const getOkpEncryptionKey = (options) => {
     switch (options.kryptos.algorithm) {
         case "ECDH-ES":
-            return (0, diffie_hellman_1._getDiffieHellmanEncryptionKey)(options);
+            return (0, diffie_hellman_1.getDiffieHellmanEncryptionKey)(options);
+        case "ECDH-ES+A128KW":
+        case "ECDH-ES+A192KW":
+        case "ECDH-ES+A256KW":
+        case "ECDH-ES+A128GCMKW":
+        case "ECDH-ES+A192GCMKW":
+        case "ECDH-ES+A256GCMKW":
+            return (0, diffie_hellman_key_wrap_1.getDiffieHellmanKeyWrapEncryptionKey)(options);
         default:
             throw new errors_1.AesError("Unexpected Kryptos", {
                 debug: { kryptos: options.kryptos.toJSON() },
             });
     }
 };
-exports._getOkpEncryptionKey = _getOkpEncryptionKey;
-const _getOkpDecryptionKey = (options) => {
+exports.getOkpEncryptionKey = getOkpEncryptionKey;
+const getOkpDecryptionKey = (options) => {
     switch (options.kryptos.algorithm) {
         case "ECDH-ES":
-            return (0, diffie_hellman_1._getDiffieHellmanDecryptionKey)(options);
+            return (0, diffie_hellman_1.getDiffieHellmanDecryptionKey)(options);
+        case "ECDH-ES+A128KW":
+        case "ECDH-ES+A192KW":
+        case "ECDH-ES+A256KW":
+        case "ECDH-ES+A128GCMKW":
+        case "ECDH-ES+A192GCMKW":
+        case "ECDH-ES+A256GCMKW":
+            return (0, diffie_hellman_key_wrap_1.getDiffieHellmanKeyWrapDecryptionKey)(options);
         default:
             throw new errors_1.AesError("Unexpected Kryptos", {
                 debug: { kryptos: options.kryptos.toJSON() },
             });
     }
 };
-exports._getOkpDecryptionKey = _getOkpDecryptionKey;
+exports.getOkpDecryptionKey = getOkpDecryptionKey;
 //# sourceMappingURL=get-okp-keys.js.map

package/dist/utils/private/key-types/get-okp-keys.js.map

@@ -1 +1 @@
-{"version":3,"file":"get-okp-keys.js","sourceRoot":"","sources":["../../../../src/utils/private/key-types/get-okp-keys.ts"],"names":[],"mappings":";;;AAAA,4CAA2C;AAO3C,qEAG0C;AAEnC,MAAM,oBAAoB,GAAG,CAAC,OAAyB,EAAmB,EAAE;IACjF,QAAQ,OAAO,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;QAClC,KAAK,SAAS;YACZ,OAAO,IAAA,+CAA8B,EAAC,OAAO,CAAC,CAAC;QAEjD;YACE,MAAM,IAAI,iBAAQ,CAAC,oBAAoB,EAAE;gBACvC,KAAK,EAAE,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE;aAC7C,CAAC,CAAC;IACP,CAAC;AACH,CAAC,CAAC;AAVW,QAAA,oBAAoB,wBAU/B;AAEK,MAAM,oBAAoB,GAAG,CAAC,OAA0B,EAAoB,EAAE;IACnF,QAAQ,OAAO,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;QAClC,KAAK,SAAS;YACZ,OAAO,IAAA,+CAA8B,EAAC,OAAO,CAAC,CAAC;QAEjD;YACE,MAAM,IAAI,iBAAQ,CAAC,oBAAoB,EAAE;gBACvC,KAAK,EAAE,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE;aAC7C,CAAC,CAAC;IACP,CAAC;AACH,CAAC,CAAC;AAVW,QAAA,oBAAoB,wBAU/B"}
+{"version":3,"file":"get-okp-keys.js","sourceRoot":"","sources":["../../../../src/utils/private/key-types/get-okp-keys.ts"],"names":[],"mappings":";;;AAAA,4CAA2C;AAO3C,qEAG0C;AAC1C,uFAGmD;AAE5C,MAAM,mBAAmB,GAAG,CAAC,OAAyB,EAAmB,EAAE;IAChF,QAAQ,OAAO,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;QAClC,KAAK,SAAS;YACZ,OAAO,IAAA,8CAA6B,EAAC,OAAO,CAAC,CAAC;QAEhD,KAAK,gBAAgB,CAAC;QACtB,KAAK,gBAAgB,CAAC;QACtB,KAAK,gBAAgB,CAAC;QACtB,KAAK,mBAAmB,CAAC;QACzB,KAAK,mBAAmB,CAAC;QACzB,KAAK,mBAAmB;YACtB,OAAO,IAAA,8DAAoC,EAAC,OAAO,CAAC,CAAC;QAEvD;YACE,MAAM,IAAI,iBAAQ,CAAC,oBAAoB,EAAE;gBACvC,KAAK,EAAE,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE;aAC7C,CAAC,CAAC;IACP,CAAC;AACH,CAAC,CAAC;AAlBW,QAAA,mBAAmB,uBAkB9B;AAEK,MAAM,mBAAmB,GAAG,CAAC,OAA0B,EAAoB,EAAE;IAClF,QAAQ,OAAO,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;QAClC,KAAK,SAAS;YACZ,OAAO,IAAA,8CAA6B,EAAC,OAAO,CAAC,CAAC;QAEhD,KAAK,gBAAgB,CAAC;QACtB,KAAK,gBAAgB,CAAC;QACtB,KAAK,gBAAgB,CAAC;QACtB,KAAK,mBAAmB,CAAC;QACzB,KAAK,mBAAmB,CAAC;QACzB,KAAK,mBAAmB;YACtB,OAAO,IAAA,8DAAoC,EAAC,OAAO,CAAC,CAAC;QAEvD;YACE,MAAM,IAAI,iBAAQ,CAAC,oBAAoB,EAAE;gBACvC,KAAK,EAAE,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE;aAC7C,CAAC,CAAC;IACP,CAAC;AACH,CAAC,CAAC;AAlBW,QAAA,mBAAmB,uBAkB9B"}

package/dist/utils/private/key-types/get-rsa-keys.d.ts

@@ -1,4 +1,4 @@
 import { CreateCekOptions, CreateCekResult, DecryptCekOptions, DecryptCekResult } from "../../../types/private";
-export declare const _getRsaEncryptionKey: ({ encryption, kryptos, }: CreateCekOptions) => CreateCekResult;
-export declare const _getRsaDecryptionKey: ({ kryptos, publicEncryptionKey, }: DecryptCekOptions) => DecryptCekResult;
+export declare const getRsaEncryptionKey: ({ encryption, kryptos, }: CreateCekOptions) => CreateCekResult;
+export declare const getRsaDecryptionKey: ({ kryptos, publicEncryptionKey, }: DecryptCekOptions) => DecryptCekResult;
 //# sourceMappingURL=get-rsa-keys.d.ts.map

package/dist/utils/private/key-types/get-rsa-keys.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"get-rsa-keys.d.ts","sourceRoot":"","sources":["../../../../src/utils/private/key-types/get-rsa-keys.ts"],"names":[],"mappings":"AAIA,OAAO,EACL,gBAAgB,EAChB,eAAe,EACf,iBAAiB,EACjB,gBAAgB,EACjB,MAAM,wBAAwB,CAAC;AAIhC,eAAO,MAAM,oBAAoB,6BAG9B,gBAAgB,KAAG,eA6BrB,CAAC;AAEF,eAAO,MAAM,oBAAoB,sCAG9B,iBAAiB,KAAG,gBAmCtB,CAAC"}
+{"version":3,"file":"get-rsa-keys.d.ts","sourceRoot":"","sources":["../../../../src/utils/private/key-types/get-rsa-keys.ts"],"names":[],"mappings":"AAIA,OAAO,EACL,gBAAgB,EAChB,eAAe,EACf,iBAAiB,EACjB,gBAAgB,EACjB,MAAM,wBAAwB,CAAC;AAIhC,eAAO,MAAM,mBAAmB,6BAG7B,gBAAgB,KAAG,eA6BrB,CAAC;AAEF,eAAO,MAAM,mBAAmB,sCAG7B,iBAAiB,KAAG,gBAmCtB,CAAC"}

package/dist/utils/private/key-types/get-rsa-keys.js

@@ -1,13 +1,13 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports._getRsaDecryptionKey = exports._getRsaEncryptionKey = void 0;
+exports.getRsaDecryptionKey = exports.getRsaEncryptionKey = void 0;
 const kryptos_1 = require("@lindorm/kryptos");
 const constants_1 = require("constants");
 const crypto_1 = require("crypto");
 const errors_1 = require("../../../errors");
 const calculate_content_encryption_key_size_1 = require("../calculate/calculate-content-encryption-key-size");
 const calculate_rsa_oaep_hash_1 = require("../calculate/calculate-rsa-oaep-hash");
-const _getRsaEncryptionKey = ({ encryption, kryptos, }) => {
+const getRsaEncryptionKey = ({ encryption, kryptos, }) => {
     if (!kryptos_1.Kryptos.isRsa(kryptos)) {
         throw new errors_1.AesError("Invalid Kryptos instance");
     }
@@ -17,18 +17,18 @@ const _getRsaEncryptionKey = ({ encryption, kryptos, }) => {
         kryptos.algorithm !== "RSA-OAEP-512") {
         throw new errors_1.AesError("Invalid encryption key algorithm");
     }
-    const keyLength = (0, calculate_content_encryption_key_size_1._calculateContentEncryptionKeySize)(encryption);
+    const keyLength = (0, calculate_content_encryption_key_size_1.calculateContentEncryptionKeySize)(encryption);
     const contentEncryptionKey = (0, crypto_1.randomBytes)(keyLength);
     const { publicKey } = kryptos.export("pem");
     const publicEncryptionKey = (0, crypto_1.publicEncrypt)({
         key: publicKey,
         padding: constants_1.RSA_PKCS1_OAEP_PADDING,
-        oaepHash: (0, calculate_rsa_oaep_hash_1._calculateRsaOaepHash)(kryptos.algorithm),
+        oaepHash: (0, calculate_rsa_oaep_hash_1.calculateRsaOaepHash)(kryptos.algorithm),
     }, contentEncryptionKey);
     return { contentEncryptionKey, publicEncryptionKey };
 };
-exports._getRsaEncryptionKey = _getRsaEncryptionKey;
-const _getRsaDecryptionKey = ({ kryptos, publicEncryptionKey, }) => {
+exports.getRsaEncryptionKey = getRsaEncryptionKey;
+const getRsaDecryptionKey = ({ kryptos, publicEncryptionKey, }) => {
     if (!kryptos_1.Kryptos.isRsa(kryptos)) {
         throw new errors_1.AesError("Invalid Kryptos instance");
     }
@@ -50,9 +50,9 @@ const _getRsaDecryptionKey = ({ kryptos, publicEncryptionKey, }) => {
     const contentEncryptionKey = (0, crypto_1.privateDecrypt)({
         key: privateKey,
         padding: constants_1.RSA_PKCS1_OAEP_PADDING,
-        oaepHash: (0, calculate_rsa_oaep_hash_1._calculateRsaOaepHash)(kryptos.algorithm),
+        oaepHash: (0, calculate_rsa_oaep_hash_1.calculateRsaOaepHash)(kryptos.algorithm),
     }, publicEncryptionKey);
     return { contentEncryptionKey };
 };
-exports._getRsaDecryptionKey = _getRsaDecryptionKey;
+exports.getRsaDecryptionKey = getRsaDecryptionKey;
 //# sourceMappingURL=get-rsa-keys.js.map

package/dist/utils/private/key-types/get-rsa-keys.js.map

@@ -1 +1 @@
-{"version":3,"file":"get-rsa-keys.js","sourceRoot":"","sources":["../../../../src/utils/private/key-types/get-rsa-keys.ts"],"names":[],"mappings":";;;AAAA,8CAA2C;AAC3C,yCAAmD;AACnD,mCAAoE;AACpE,4CAA2C;AAO3C,8GAAwG;AACxG,kFAA6E;AAEtE,MAAM,oBAAoB,GAAG,CAAC,EACnC,UAAU,EACV,OAAO,GACU,EAAmB,EAAE;IACtC,IAAI,CAAC,iBAAO,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5B,MAAM,IAAI,iBAAQ,CAAC,0BAA0B,CAAC,CAAC;IACjD,CAAC;IAED,IACE,OAAO,CAAC,SAAS,KAAK,UAAU;QAChC,OAAO,CAAC,SAAS,KAAK,cAAc;QACpC,OAAO,CAAC,SAAS,KAAK,cAAc;QACpC,OAAO,CAAC,SAAS,KAAK,cAAc,EACpC,CAAC;QACD,MAAM,IAAI,iBAAQ,CAAC,kCAAkC,CAAC,CAAC;IACzD,CAAC;IAED,MAAM,SAAS,GAAG,IAAA,0EAAkC,EAAC,UAAU,CAAC,CAAC;IACjE,MAAM,oBAAoB,GAAG,IAAA,oBAAW,EAAC,SAAS,CAAC,CAAC;IAEpD,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAE5C,MAAM,mBAAmB,GAAG,IAAA,sBAAa,EACvC;QACE,GAAG,EAAE,SAAS;QACd,OAAO,EAAE,kCAAsB;QAC/B,QAAQ,EAAE,IAAA,+CAAqB,EAAC,OAAO,CAAC,SAAS,CAAC;KACnD,EACD,oBAAoB,CACrB,CAAC;IAEF,OAAO,EAAE,oBAAoB,EAAE,mBAAmB,EAAE,CAAC;AACvD,CAAC,CAAC;AAhCW,QAAA,oBAAoB,wBAgC/B;AAEK,MAAM,oBAAoB,GAAG,CAAC,EACnC,OAAO,EACP,mBAAmB,GACD,EAAoB,EAAE;IACxC,IAAI,CAAC,iBAAO,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5B,MAAM,IAAI,iBAAQ,CAAC,0BAA0B,CAAC,CAAC;IACjD,CAAC;IACD,IAAI,CAAC,mBAAmB,EAAE,CAAC;QACzB,MAAM,IAAI,iBAAQ,CAAC,6BAA6B,CAAC,CAAC;IACpD,CAAC;IAED,IACE,OAAO,CAAC,SAAS,KAAK,UAAU;QAChC,OAAO,CAAC,SAAS,KAAK,cAAc;QACpC,OAAO,CAAC,SAAS,KAAK,cAAc;QACpC,OAAO,CAAC,SAAS,KAAK,cAAc,EACpC,CAAC;QACD,MAAM,IAAI,iBAAQ,CAAC,kCAAkC,EAAE;YACrD,KAAK,EAAE,EAAE,OAAO,EAAE;SACnB,CAAC,CAAC;IACL,CAAC;IAED,MAAM,EAAE,UAAU,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAE7C,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,MAAM,IAAI,iBAAQ,CAAC,2CAA2C,CAAC,CAAC;IAClE,CAAC;IAED,MAAM,oBAAoB,GAAG,IAAA,uBAAc,EACzC;QACE,GAAG,EAAE,UAAU;QACf,OAAO,EAAE,kCAAsB;QAC/B,QAAQ,EAAE,IAAA,+CAAqB,EAAC,OAAO,CAAC,SAAS,CAAC;KACnD,EACD,mBAAmB,CACpB,CAAC;IAEF,OAAO,EAAE,oBAAoB,EAAE,CAAC;AAClC,CAAC,CAAC;AAtCW,QAAA,oBAAoB,wBAsC/B"}
+{"version":3,"file":"get-rsa-keys.js","sourceRoot":"","sources":["../../../../src/utils/private/key-types/get-rsa-keys.ts"],"names":[],"mappings":";;;AAAA,8CAA2C;AAC3C,yCAAmD;AACnD,mCAAoE;AACpE,4CAA2C;AAO3C,8GAAuG;AACvG,kFAA4E;AAErE,MAAM,mBAAmB,GAAG,CAAC,EAClC,UAAU,EACV,OAAO,GACU,EAAmB,EAAE;IACtC,IAAI,CAAC,iBAAO,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5B,MAAM,IAAI,iBAAQ,CAAC,0BAA0B,CAAC,CAAC;IACjD,CAAC;IAED,IACE,OAAO,CAAC,SAAS,KAAK,UAAU;QAChC,OAAO,CAAC,SAAS,KAAK,cAAc;QACpC,OAAO,CAAC,SAAS,KAAK,cAAc;QACpC,OAAO,CAAC,SAAS,KAAK,cAAc,EACpC,CAAC;QACD,MAAM,IAAI,iBAAQ,CAAC,kCAAkC,CAAC,CAAC;IACzD,CAAC;IAED,MAAM,SAAS,GAAG,IAAA,yEAAiC,EAAC,UAAU,CAAC,CAAC;IAChE,MAAM,oBAAoB,GAAG,IAAA,oBAAW,EAAC,SAAS,CAAC,CAAC;IAEpD,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAE5C,MAAM,mBAAmB,GAAG,IAAA,sBAAa,EACvC;QACE,GAAG,EAAE,SAAS;QACd,OAAO,EAAE,kCAAsB;QAC/B,QAAQ,EAAE,IAAA,8CAAoB,EAAC,OAAO,CAAC,SAAS,CAAC;KAClD,EACD,oBAAoB,CACrB,CAAC;IAEF,OAAO,EAAE,oBAAoB,EAAE,mBAAmB,EAAE,CAAC;AACvD,CAAC,CAAC;AAhCW,QAAA,mBAAmB,uBAgC9B;AAEK,MAAM,mBAAmB,GAAG,CAAC,EAClC,OAAO,EACP,mBAAmB,GACD,EAAoB,EAAE;IACxC,IAAI,CAAC,iBAAO,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5B,MAAM,IAAI,iBAAQ,CAAC,0BAA0B,CAAC,CAAC;IACjD,CAAC;IACD,IAAI,CAAC,mBAAmB,EAAE,CAAC;QACzB,MAAM,IAAI,iBAAQ,CAAC,6BAA6B,CAAC,CAAC;IACpD,CAAC;IAED,IACE,OAAO,CAAC,SAAS,KAAK,UAAU;QAChC,OAAO,CAAC,SAAS,KAAK,cAAc;QACpC,OAAO,CAAC,SAAS,KAAK,cAAc;QACpC,OAAO,CAAC,SAAS,KAAK,cAAc,EACpC,CAAC;QACD,MAAM,IAAI,iBAAQ,CAAC,kCAAkC,EAAE;YACrD,KAAK,EAAE,EAAE,OAAO,EAAE;SACnB,CAAC,CAAC;IACL,CAAC;IAED,MAAM,EAAE,UAAU,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAE7C,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,MAAM,IAAI,iBAAQ,CAAC,2CAA2C,CAAC,CAAC;IAClE,CAAC;IAED,MAAM,oBAAoB,GAAG,IAAA,uBAAc,EACzC;QACE,GAAG,EAAE,UAAU;QACf,OAAO,EAAE,kCAAsB;QAC/B,QAAQ,EAAE,IAAA,8CAAoB,EAAC,OAAO,CAAC,SAAS,CAAC;KAClD,EACD,mBAAmB,CACpB,CAAC;IAEF,OAAO,EAAE,oBAAoB,EAAE,CAAC;AAClC,CAAC,CAAC;AAtCW,QAAA,mBAAmB,uBAsC9B"}

package/dist/utils/private/key-wrap/ecb-key-wrap.d.ts

@@ -0,0 +1,4 @@
+import { KeyUnwrapOptions, KeyUnwrapResult, KeyWrapOptions, KeyWrapResult } from "../../../types/private";
+export declare const ecbKeyWrap: ({ contentEncryptionKey, keyEncryptionKey, kryptos, }: KeyWrapOptions) => KeyWrapResult;
+export declare const ecbKeyUnwrap: ({ keyEncryptionKey, kryptos, publicEncryptionKey, }: KeyUnwrapOptions) => KeyUnwrapResult;
+//# sourceMappingURL=ecb-key-wrap.d.ts.map

package/dist/utils/private/key-wrap/ecb-key-wrap.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ecb-key-wrap.d.ts","sourceRoot":"","sources":["../../../../src/utils/private/key-wrap/ecb-key-wrap.ts"],"names":[],"mappings":"AACA,OAAO,EACL,gBAAgB,EAChB,eAAe,EACf,cAAc,EACd,aAAa,EACd,MAAM,wBAAwB,CAAC;AAMhC,eAAO,MAAM,UAAU,yDAIpB,cAAc,KAAG,aA8BnB,CAAC;AAEF,eAAO,MAAM,YAAY,wDAItB,gBAAgB,KAAG,eAmCrB,CAAC"}

package/dist/utils/private/key-wrap/ecb-key-wrap.js

@@ -0,0 +1,66 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ecbKeyUnwrap = exports.ecbKeyWrap = void 0;
+const crypto_1 = require("crypto");
+const calculate_key_wrap_encryption_1 = require("../calculate/calculate-key-wrap-encryption");
+const AIV = "A6A6A6A6A6A6A6A6";
+const BLOCK_SIZE = 8;
+const ecbKeyWrap = ({ contentEncryptionKey, keyEncryptionKey, kryptos, }) => {
+    const algorithm = (0, calculate_key_wrap_encryption_1.calculateKeyWrapEncryption)(kryptos);
+    const n = contentEncryptionKey.length / BLOCK_SIZE;
+    let a = Buffer.from(AIV, "hex");
+    const r = [];
+    for (let i = 0; i < n; i++) {
+        r[i] = contentEncryptionKey.subarray(i * BLOCK_SIZE, (i + 1) * BLOCK_SIZE);
+    }
+    const cipher = (0, crypto_1.createCipheriv)(algorithm, keyEncryptionKey, null);
+    cipher.setAutoPadding(false);
+    for (let j = 0; j < 6; j++) {
+        for (let i = 0; i < n; i++) {
+            const b = Buffer.concat([a, r[i]]);
+            const encrypted = cipher.update(b);
+            a = encrypted.subarray(0, BLOCK_SIZE);
+            const t = n * j + i + 1;
+            const tBuffer = Buffer.alloc(BLOCK_SIZE);
+            tBuffer.writeUIntBE(t, 4, 4);
+            for (let k = 0; k < BLOCK_SIZE; k++) {
+                a[k] ^= tBuffer[k];
+            }
+            r[i] = encrypted.subarray(BLOCK_SIZE);
+        }
+    }
+    return { publicEncryptionKey: Buffer.concat([a, ...r]) };
+};
+exports.ecbKeyWrap = ecbKeyWrap;
+const ecbKeyUnwrap = ({ keyEncryptionKey, kryptos, publicEncryptionKey, }) => {
+    const encryption = (0, calculate_key_wrap_encryption_1.calculateKeyWrapEncryption)(kryptos);
+    const n = publicEncryptionKey.length / BLOCK_SIZE - 1;
+    let a = publicEncryptionKey.subarray(0, BLOCK_SIZE);
+    const r = [];
+    for (let i = 0; i < n; i++) {
+        r[i] = publicEncryptionKey.subarray((i + 1) * BLOCK_SIZE, (i + 2) * BLOCK_SIZE);
+    }
+    const decipher = (0, crypto_1.createDecipheriv)(encryption, keyEncryptionKey, null);
+    decipher.setAutoPadding(false);
+    for (let j = 5; j >= 0; j--) {
+        for (let i = n - 1; i >= 0; i--) {
+            const t = n * j + i + 1;
+            const tBuffer = Buffer.alloc(BLOCK_SIZE);
+            tBuffer.writeUIntBE(t, 4, 4);
+            const aXorT = Buffer.alloc(BLOCK_SIZE);
+            for (let k = 0; k < BLOCK_SIZE; k++) {
+                aXorT[k] = a[k] ^ tBuffer[k];
+            }
+            const b = Buffer.concat([aXorT, r[i]]);
+            const decrypted = decipher.update(b);
+            a = decrypted.subarray(0, BLOCK_SIZE);
+            r[i] = decrypted.subarray(BLOCK_SIZE);
+        }
+    }
+    if (!a.equals(Buffer.from(AIV, "hex"))) {
+        throw new Error("Integrity check failed");
+    }
+    return { contentEncryptionKey: Buffer.concat(r) };
+};
+exports.ecbKeyUnwrap = ecbKeyUnwrap;
+//# sourceMappingURL=ecb-key-wrap.js.map

package/dist/utils/private/key-wrap/ecb-key-wrap.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ecb-key-wrap.js","sourceRoot":"","sources":["../../../../src/utils/private/key-wrap/ecb-key-wrap.ts"],"names":[],"mappings":";;;AAAA,mCAA0D;AAO1D,8FAAwF;AAExF,MAAM,GAAG,GAAG,kBAA2B,CAAC;AACxC,MAAM,UAAU,GAAG,CAAU,CAAC;AAEvB,MAAM,UAAU,GAAG,CAAC,EACzB,oBAAoB,EACpB,gBAAgB,EAChB,OAAO,GACQ,EAAiB,EAAE;IAClC,MAAM,SAAS,GAAG,IAAA,0DAA0B,EAAC,OAAO,CAAC,CAAC;IAEtD,MAAM,CAAC,GAAG,oBAAoB,CAAC,MAAM,GAAG,UAAU,CAAC;IACnD,IAAI,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAChC,MAAM,CAAC,GAAG,EAAE,CAAC;IAEb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAC3B,CAAC,CAAC,CAAC,CAAC,GAAG,oBAAoB,CAAC,QAAQ,CAAC,CAAC,GAAG,UAAU,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,UAAU,CAAC,CAAC;IAC7E,CAAC;IAED,MAAM,MAAM,GAAG,IAAA,uBAAc,EAAC,SAAS,EAAE,gBAAgB,EAAE,IAAI,CAAC,CAAC;IACjE,MAAM,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;IAE7B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YAC3B,MAAM,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACnC,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;YACnC,CAAC,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;YACtC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YACxB,MAAM,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;YACzC,OAAO,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;YAC7B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,UAAU,EAAE,CAAC,EAAE,EAAE,CAAC;gBACpC,CAAC,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC,CAAC,CAAC,CAAC;YACrB,CAAC;YACD,CAAC,CAAC,CAAC,CAAC,GAAG,SAAS,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;QACxC,CAAC;IACH,CAAC;IAED,OAAO,EAAE,mBAAmB,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;AAC3D,CAAC,CAAC;AAlCW,QAAA,UAAU,cAkCrB;AAEK,MAAM,YAAY,GAAG,CAAC,EAC3B,gBAAgB,EAChB,OAAO,EACP,mBAAmB,GACF,EAAmB,EAAE;IACtC,MAAM,UAAU,GAAG,IAAA,0DAA0B,EAAC,OAAO,CAAC,CAAC;IAEvD,MAAM,CAAC,GAAG,mBAAmB,CAAC,MAAM,GAAG,UAAU,GAAG,CAAC,CAAC;IACtD,IAAI,CAAC,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;IACpD,MAAM,CAAC,GAAG,EAAE,CAAC;IAEb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAC3B,CAAC,CAAC,CAAC,CAAC,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,UAAU,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,UAAU,CAAC,CAAC;IAClF,CAAC;IAED,MAAM,QAAQ,GAAG,IAAA,yBAAgB,EAAC,UAAU,EAAE,gBAAgB,EAAE,IAAI,CAAC,CAAC;IACtE,QAAQ,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;IAE/B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YAChC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YACxB,MAAM,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;YACzC,OAAO,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;YAC7B,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;YACvC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,UAAU,EAAE,CAAC,EAAE,EAAE,CAAC;gBACpC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;YAC/B,CAAC;YACD,MAAM,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACvC,MAAM,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;YACrC,CAAC,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;YACtC,CAAC,CAAC,CAAC,CAAC,GAAG,SAAS,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;QACxC,CAAC;IACH,CAAC;IAED,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;QACvC,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;IAC5C,CAAC;IAED,OAAO,EAAE,oBAAoB,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC;AACpD,CAAC,CAAC;AAvCW,QAAA,YAAY,gBAuCvB"}

package/dist/utils/private/key-wrap/gcm-key-wrap.d.ts

@@ -0,0 +1,4 @@
+import { KeyUnwrapOptions, KeyUnwrapResult, KeyWrapOptions, KeyWrapResult } from "../../../types/private";
+export declare const gcmKeyWrap: ({ contentEncryptionKey, keyEncryptionKey, kryptos, }: KeyWrapOptions) => KeyWrapResult;
+export declare const gcmKeyUnwrap: ({ keyEncryptionKey, kryptos, publicEncryptionIv, publicEncryptionKey, publicEncryptionTag, }: KeyUnwrapOptions) => KeyUnwrapResult;
+//# sourceMappingURL=gcm-key-wrap.d.ts.map

package/dist/utils/private/key-wrap/gcm-key-wrap.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"gcm-key-wrap.d.ts","sourceRoot":"","sources":["../../../../src/utils/private/key-wrap/gcm-key-wrap.ts"],"names":[],"mappings":"AAQA,OAAO,EACL,gBAAgB,EAChB,eAAe,EACf,cAAc,EACd,aAAa,EACd,MAAM,wBAAwB,CAAC;AAGhC,eAAO,MAAM,UAAU,yDAIpB,cAAc,KAAG,aAkBnB,CAAC;AAEF,eAAO,MAAM,YAAY,iGAMtB,gBAAgB,KAAG,eAwBrB,CAAC"}

package/dist/utils/private/key-wrap/gcm-key-wrap.js

@@ -0,0 +1,36 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.gcmKeyUnwrap = exports.gcmKeyWrap = void 0;
+const crypto_1 = require("crypto");
+const errors_1 = require("../../../errors");
+const calculate_key_wrap_encryption_1 = require("../calculate/calculate-key-wrap-encryption");
+const gcmKeyWrap = ({ contentEncryptionKey, keyEncryptionKey, kryptos, }) => {
+    const algorithm = (0, calculate_key_wrap_encryption_1.calculateKeyWrapEncryption)(kryptos);
+    const publicEncryptionIv = (0, crypto_1.randomBytes)(12);
+    const cipher = (0, crypto_1.createCipheriv)(algorithm, keyEncryptionKey, publicEncryptionIv);
+    const publicEncryptionKey = Buffer.concat([
+        cipher.update(contentEncryptionKey),
+        cipher.final(),
+    ]);
+    const publicEncryptionTag = cipher.getAuthTag();
+    return { publicEncryptionKey, publicEncryptionIv, publicEncryptionTag };
+};
+exports.gcmKeyWrap = gcmKeyWrap;
+const gcmKeyUnwrap = ({ keyEncryptionKey, kryptos, publicEncryptionIv, publicEncryptionKey, publicEncryptionTag, }) => {
+    if (!publicEncryptionIv) {
+        throw new errors_1.AesError("Invalid public encryption iv");
+    }
+    if (!publicEncryptionTag) {
+        throw new errors_1.AesError("Invalid public encryption tag");
+    }
+    const algorithm = (0, calculate_key_wrap_encryption_1.calculateKeyWrapEncryption)(kryptos);
+    const decipher = (0, crypto_1.createDecipheriv)(algorithm, keyEncryptionKey, publicEncryptionIv);
+    decipher.setAuthTag(publicEncryptionTag);
+    const contentEncryptionKey = Buffer.concat([
+        decipher.update(publicEncryptionKey),
+        decipher.final(),
+    ]);
+    return { contentEncryptionKey };
+};
+exports.gcmKeyUnwrap = gcmKeyUnwrap;
+//# sourceMappingURL=gcm-key-wrap.js.map

package/dist/utils/private/key-wrap/gcm-key-wrap.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"gcm-key-wrap.js","sourceRoot":"","sources":["../../../../src/utils/private/key-wrap/gcm-key-wrap.ts"],"names":[],"mappings":";;;AAAA,mCAMgB;AAChB,4CAA2C;AAO3C,8FAAwF;AAEjF,MAAM,UAAU,GAAG,CAAC,EACzB,oBAAoB,EACpB,gBAAgB,EAChB,OAAO,GACQ,EAAiB,EAAE;IAClC,MAAM,SAAS,GAAG,IAAA,0DAA0B,EAAC,OAAO,CAAC,CAAC;IAEtD,MAAM,kBAAkB,GAAG,IAAA,oBAAW,EAAC,EAAE,CAAC,CAAC;IAC3C,MAAM,MAAM,GAAG,IAAA,uBAAc,EAC3B,SAAS,EACT,gBAAgB,EAChB,kBAAkB,CACN,CAAC;IAEf,MAAM,mBAAmB,GAAG,MAAM,CAAC,MAAM,CAAC;QACxC,MAAM,CAAC,MAAM,CAAC,oBAAoB,CAAC;QACnC,MAAM,CAAC,KAAK,EAAE;KACf,CAAC,CAAC;IAEH,MAAM,mBAAmB,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;IAEhD,OAAO,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,mBAAmB,EAAE,CAAC;AAC1E,CAAC,CAAC;AAtBW,QAAA,UAAU,cAsBrB;AAEK,MAAM,YAAY,GAAG,CAAC,EAC3B,gBAAgB,EAChB,OAAO,EACP,kBAAkB,EAClB,mBAAmB,EACnB,mBAAmB,GACF,EAAmB,EAAE;IACtC,IAAI,CAAC,kBAAkB,EAAE,CAAC;QACxB,MAAM,IAAI,iBAAQ,CAAC,8BAA8B,CAAC,CAAC;IACrD,CAAC;IACD,IAAI,CAAC,mBAAmB,EAAE,CAAC;QACzB,MAAM,IAAI,iBAAQ,CAAC,+BAA+B,CAAC,CAAC;IACtD,CAAC;IAED,MAAM,SAAS,GAAG,IAAA,0DAA0B,EAAC,OAAO,CAAC,CAAC;IAEtD,MAAM,QAAQ,GAAG,IAAA,yBAAgB,EAC/B,SAAS,EACT,gBAAgB,EAChB,kBAAkB,CACJ,CAAC;IAEjB,QAAQ,CAAC,UAAU,CAAC,mBAAmB,CAAC,CAAC;IAEzC,MAAM,oBAAoB,GAAG,MAAM,CAAC,MAAM,CAAC;QACzC,QAAQ,CAAC,MAAM,CAAC,mBAAmB,CAAC;QACpC,QAAQ,CAAC,KAAK,EAAE;KACjB,CAAC,CAAC;IAEH,OAAO,EAAE,oBAAoB,EAAE,CAAC;AAClC,CAAC,CAAC;AA9BW,QAAA,YAAY,gBA8BvB"}

package/dist/utils/private/key-wrap/key-wrap.d.ts

@@ -1,16 +1,4 @@
-/// <reference types="node" />
-import { IKryptos } from "@lindorm/kryptos";
-type KeyWrapOptions = {
-    contentEncryptionKey: Buffer;
-    keyEncryptionKey: Buffer;
-    kryptos: IKryptos;
-};
-type KeyUnwrapOptions = {
-    keyEncryptionKey: Buffer;
-    kryptos: IKryptos;
-    wrappedKey: Buffer;
-};
-export declare const _aesKeyWrap: ({ contentEncryptionKey, keyEncryptionKey, kryptos, }: KeyWrapOptions) => Buffer;
-export declare const _aesKeyUnwrap: ({ keyEncryptionKey, kryptos, wrappedKey, }: KeyUnwrapOptions) => Buffer;
-export {};
+import { KeyUnwrapOptions, KeyUnwrapResult, KeyWrapOptions, KeyWrapResult } from "../../../types/private";
+export declare const keyWrap: (options: KeyWrapOptions) => KeyWrapResult;
+export declare const keyUnwrap: (options: KeyUnwrapOptions) => KeyUnwrapResult;
 //# sourceMappingURL=key-wrap.d.ts.map

package/dist/utils/private/key-wrap/key-wrap.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"key-wrap.d.ts","sourceRoot":"","sources":["../../../../src/utils/private/key-wrap/key-wrap.ts"],"names":[],"mappings":";AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAO5C,KAAK,cAAc,GAAG;IACpB,oBAAoB,EAAE,MAAM,CAAC;IAC7B,gBAAgB,EAAE,MAAM,CAAC;IACzB,OAAO,EAAE,QAAQ,CAAC;CACnB,CAAC;AAEF,KAAK,gBAAgB,GAAG;IACtB,gBAAgB,EAAE,MAAM,CAAC;IACzB,OAAO,EAAE,QAAQ,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,eAAO,MAAM,WAAW,yDAIrB,cAAc,KAAG,MA8BnB,CAAC;AAEF,eAAO,MAAM,aAAa,+CAIvB,gBAAgB,KAAG,MAmCrB,CAAC"}
+{"version":3,"file":"key-wrap.d.ts","sourceRoot":"","sources":["../../../../src/utils/private/key-wrap/key-wrap.ts"],"names":[],"mappings":"AACA,OAAO,EACL,gBAAgB,EAChB,eAAe,EACf,cAAc,EACd,aAAa,EACd,MAAM,wBAAwB,CAAC;AAIhC,eAAO,MAAM,OAAO,YAAa,cAAc,KAAG,aAqBjD,CAAC;AAEF,eAAO,MAAM,SAAS,YAAa,gBAAgB,KAAG,eAqBrD,CAAC"}

package/dist/utils/private/key-wrap/key-wrap.js

@@ -1,66 +1,49 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports._aesKeyUnwrap = exports._aesKeyWrap = void 0;
-const crypto_1 = require("crypto");
-const calculate_key_wrap_encryption_1 = require("../calculate/calculate-key-wrap-encryption");
-const AIV = "A6A6A6A6A6A6A6A6";
-const BLOCK_SIZE = 8;
-const _aesKeyWrap = ({ contentEncryptionKey, keyEncryptionKey, kryptos, }) => {
-    const algorithm = (0, calculate_key_wrap_encryption_1._calculateKeyWrapEncryption)(kryptos);
-    const n = contentEncryptionKey.length / BLOCK_SIZE;
-    let a = Buffer.from(AIV, "hex");
-    const r = [];
-    for (let i = 0; i < n; i++) {
-        r[i] = contentEncryptionKey.subarray(i * BLOCK_SIZE, (i + 1) * BLOCK_SIZE);
+exports.keyUnwrap = exports.keyWrap = void 0;
+const errors_1 = require("../../../errors");
+const ecb_key_wrap_1 = require("./ecb-key-wrap");
+const gcm_key_wrap_1 = require("./gcm-key-wrap");
+const keyWrap = (options) => {
+    switch (options.kryptos.algorithm) {
+        case "A128KW":
+        case "A192KW":
+        case "A256KW":
+        case "ECDH-ES+A128KW":
+        case "ECDH-ES+A192KW":
+        case "ECDH-ES+A256KW":
+            return (0, ecb_key_wrap_1.ecbKeyWrap)(options);
+        case "A128GCMKW":
+        case "A192GCMKW":
+        case "A256GCMKW":
+        case "ECDH-ES+A128GCMKW":
+        case "ECDH-ES+A192GCMKW":
+        case "ECDH-ES+A256GCMKW":
+            return (0, gcm_key_wrap_1.gcmKeyWrap)(options);
+        default:
+            throw new errors_1.AesError("Unsupported key wrap algorithm");
     }
-    const cipher = (0, crypto_1.createCipheriv)(algorithm, keyEncryptionKey, null);
-    cipher.setAutoPadding(false);
-    for (let j = 0; j < 6; j++) {
-        for (let i = 0; i < n; i++) {
-            const b = Buffer.concat([a, r[i]]);
-            const encrypted = cipher.update(b);
-            a = encrypted.subarray(0, BLOCK_SIZE);
-            const t = n * j + i + 1;
-            const tBuffer = Buffer.alloc(BLOCK_SIZE);
-            tBuffer.writeUIntBE(t, 4, 4);
-            for (let k = 0; k < BLOCK_SIZE; k++) {
-                a[k] ^= tBuffer[k];
-            }
-            r[i] = encrypted.subarray(BLOCK_SIZE);
-        }
-    }
-    return Buffer.concat([a, ...r]);
 };
-exports._aesKeyWrap = _aesKeyWrap;
-const _aesKeyUnwrap = ({ keyEncryptionKey, kryptos, wrappedKey, }) => {
-    const encryption = (0, calculate_key_wrap_encryption_1._calculateKeyWrapEncryption)(kryptos);
-    const n = wrappedKey.length / BLOCK_SIZE - 1;
-    let a = wrappedKey.subarray(0, BLOCK_SIZE);
-    const r = [];
-    for (let i = 0; i < n; i++) {
-        r[i] = wrappedKey.subarray((i + 1) * BLOCK_SIZE, (i + 2) * BLOCK_SIZE);
-    }
-    const decipher = (0, crypto_1.createDecipheriv)(encryption, keyEncryptionKey, null);
-    decipher.setAutoPadding(false);
-    for (let j = 5; j >= 0; j--) {
-        for (let i = n - 1; i >= 0; i--) {
-            const t = n * j + i + 1;
-            const tBuffer = Buffer.alloc(BLOCK_SIZE);
-            tBuffer.writeUIntBE(t, 4, 4);
-            const aXorT = Buffer.alloc(BLOCK_SIZE);
-            for (let k = 0; k < BLOCK_SIZE; k++) {
-                aXorT[k] = a[k] ^ tBuffer[k];
-            }
-            const b = Buffer.concat([aXorT, r[i]]);
-            const decrypted = decipher.update(b);
-            a = decrypted.subarray(0, BLOCK_SIZE);
-            r[i] = decrypted.subarray(BLOCK_SIZE);
-        }
-    }
-    if (!a.equals(Buffer.from(AIV, "hex"))) {
-        throw new Error("Integrity check failed");
+exports.keyWrap = keyWrap;
+const keyUnwrap = (options) => {
+    switch (options.kryptos.algorithm) {
+        case "A128KW":
+        case "A192KW":
+        case "A256KW":
+        case "ECDH-ES+A128KW":
+        case "ECDH-ES+A192KW":
+        case "ECDH-ES+A256KW":
+            return (0, ecb_key_wrap_1.ecbKeyUnwrap)(options);
+        case "A128GCMKW":
+        case "A192GCMKW":
+        case "A256GCMKW":
+        case "ECDH-ES+A128GCMKW":
+        case "ECDH-ES+A192GCMKW":
+        case "ECDH-ES+A256GCMKW":
+            return (0, gcm_key_wrap_1.gcmKeyUnwrap)(options);
+        default:
+            throw new errors_1.AesError("Unsupported key wrap algorithm");
     }
-    return Buffer.concat(r);
 };
-exports._aesKeyUnwrap = _aesKeyUnwrap;
+exports.keyUnwrap = keyUnwrap;
 //# sourceMappingURL=key-wrap.js.map

package/dist/utils/private/key-wrap/key-wrap.js.map

@@ -1 +1 @@
-{"version":3,"file":"key-wrap.js","sourceRoot":"","sources":["../../../../src/utils/private/key-wrap/key-wrap.ts"],"names":[],"mappings":";;;AACA,mCAA0D;AAC1D,8FAAyF;AAEzF,MAAM,GAAG,GAAG,kBAA2B,CAAC;AACxC,MAAM,UAAU,GAAG,CAAU,CAAC;AAcvB,MAAM,WAAW,GAAG,CAAC,EAC1B,oBAAoB,EACpB,gBAAgB,EAChB,OAAO,GACQ,EAAU,EAAE;IAC3B,MAAM,SAAS,GAAG,IAAA,2DAA2B,EAAC,OAAO,CAAC,CAAC;IAEvD,MAAM,CAAC,GAAG,oBAAoB,CAAC,MAAM,GAAG,UAAU,CAAC;IACnD,IAAI,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAChC,MAAM,CAAC,GAAG,EAAE,CAAC;IAEb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAC3B,CAAC,CAAC,CAAC,CAAC,GAAG,oBAAoB,CAAC,QAAQ,CAAC,CAAC,GAAG,UAAU,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,UAAU,CAAC,CAAC;IAC7E,CAAC;IAED,MAAM,MAAM,GAAG,IAAA,uBAAc,EAAC,SAAS,EAAE,gBAAgB,EAAE,IAAI,CAAC,CAAC;IACjE,MAAM,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;IAE7B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YAC3B,MAAM,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACnC,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;YACnC,CAAC,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;YACtC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YACxB,MAAM,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;YACzC,OAAO,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;YAC7B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,UAAU,EAAE,CAAC,EAAE,EAAE,CAAC;gBACpC,CAAC,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC,CAAC,CAAC,CAAC;YACrB,CAAC;YACD,CAAC,CAAC,CAAC,CAAC,GAAG,SAAS,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;QACxC,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;AAClC,CAAC,CAAC;AAlCW,QAAA,WAAW,eAkCtB;AAEK,MAAM,aAAa,GAAG,CAAC,EAC5B,gBAAgB,EAChB,OAAO,EACP,UAAU,GACO,EAAU,EAAE;IAC7B,MAAM,UAAU,GAAG,IAAA,2DAA2B,EAAC,OAAO,CAAC,CAAC;IAExD,MAAM,CAAC,GAAG,UAAU,CAAC,MAAM,GAAG,UAAU,GAAG,CAAC,CAAC;IAC7C,IAAI,CAAC,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;IAC3C,MAAM,CAAC,GAAG,EAAE,CAAC;IAEb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAC3B,CAAC,CAAC,CAAC,CAAC,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,UAAU,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,UAAU,CAAC,CAAC;IACzE,CAAC;IAED,MAAM,QAAQ,GAAG,IAAA,yBAAgB,EAAC,UAAU,EAAE,gBAAgB,EAAE,IAAI,CAAC,CAAC;IACtE,QAAQ,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;IAE/B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YAChC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YACxB,MAAM,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;YACzC,OAAO,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;YAC7B,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;YACvC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,UAAU,EAAE,CAAC,EAAE,EAAE,CAAC;gBACpC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;YAC/B,CAAC;YACD,MAAM,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACvC,MAAM,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;YACrC,CAAC,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;YACtC,CAAC,CAAC,CAAC,CAAC,GAAG,SAAS,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;QACxC,CAAC;IACH,CAAC;IAED,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;QACvC,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;IAC5C,CAAC;IAED,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;AAC1B,CAAC,CAAC;AAvCW,QAAA,aAAa,iBAuCxB"}
+{"version":3,"file":"key-wrap.js","sourceRoot":"","sources":["../../../../src/utils/private/key-wrap/key-wrap.ts"],"names":[],"mappings":";;;AAAA,4CAA2C;AAO3C,iDAA0D;AAC1D,iDAA0D;AAEnD,MAAM,OAAO,GAAG,CAAC,OAAuB,EAAiB,EAAE;IAChE,QAAQ,OAAO,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;QAClC,KAAK,QAAQ,CAAC;QACd,KAAK,QAAQ,CAAC;QACd,KAAK,QAAQ,CAAC;QACd,KAAK,gBAAgB,CAAC;QACtB,KAAK,gBAAgB,CAAC;QACtB,KAAK,gBAAgB;YACnB,OAAO,IAAA,yBAAU,EAAC,OAAO,CAAC,CAAC;QAE7B,KAAK,WAAW,CAAC;QACjB,KAAK,WAAW,CAAC;QACjB,KAAK,WAAW,CAAC;QACjB,KAAK,mBAAmB,CAAC;QACzB,KAAK,mBAAmB,CAAC;QACzB,KAAK,mBAAmB;YACtB,OAAO,IAAA,yBAAU,EAAC,OAAO,CAAC,CAAC;QAE7B;YACE,MAAM,IAAI,iBAAQ,CAAC,gCAAgC,CAAC,CAAC;IACzD,CAAC;AACH,CAAC,CAAC;AArBW,QAAA,OAAO,WAqBlB;AAEK,MAAM,SAAS,GAAG,CAAC,OAAyB,EAAmB,EAAE;IACtE,QAAQ,OAAO,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;QAClC,KAAK,QAAQ,CAAC;QACd,KAAK,QAAQ,CAAC;QACd,KAAK,QAAQ,CAAC;QACd,KAAK,gBAAgB,CAAC;QACtB,KAAK,gBAAgB,CAAC;QACtB,KAAK,gBAAgB;YACnB,OAAO,IAAA,2BAAY,EAAC,OAAO,CAAC,CAAC;QAE/B,KAAK,WAAW,CAAC;QACjB,KAAK,WAAW,CAAC;QACjB,KAAK,WAAW,CAAC;QACjB,KAAK,mBAAmB,CAAC;QACzB,KAAK,mBAAmB,CAAC;QACzB,KAAK,mBAAmB;YACtB,OAAO,IAAA,2BAAY,EAAC,OAAO,CAAC,CAAC;QAE/B;YACE,MAAM,IAAI,iBAAQ,CAAC,gCAAgC,CAAC,CAAC;IACzD,CAAC;AACH,CAAC,CAAC;AArBW,QAAA,SAAS,aAqBpB"}

package/dist/utils/private/oct/get-oct-dir-keys.d.ts

@@ -1,4 +1,4 @@
 import { CreateCekOptions, CreateCekResult, DecryptCekOptions, DecryptCekResult } from "../../../types/private";
-export declare const _getOctDirEncryptionKey: ({ encryption, kryptos, }: CreateCekOptions) => CreateCekResult;
-export declare const _getOctDirDecryptionKey: ({ encryption, kryptos, }: DecryptCekOptions) => DecryptCekResult;
+export declare const getOctDirEncryptionKey: ({ encryption, kryptos, }: CreateCekOptions) => CreateCekResult;
+export declare const getOctDirDecryptionKey: ({ encryption, kryptos, }: DecryptCekOptions) => DecryptCekResult;
 //# sourceMappingURL=get-oct-dir-keys.d.ts.map

package/dist/utils/private/oct/get-oct-dir-keys.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"get-oct-dir-keys.d.ts","sourceRoot":"","sources":["../../../../src/utils/private/oct/get-oct-dir-keys.ts"],"names":[],"mappings":"AAEA,OAAO,EACL,gBAAgB,EAChB,eAAe,EACf,iBAAiB,EACjB,gBAAgB,EACjB,MAAM,wBAAwB,CAAC;AAGhC,eAAO,MAAM,uBAAuB,6BAGjC,gBAAgB,KAAG,eAerB,CAAC;AAEF,eAAO,MAAM,uBAAuB,6BAGjC,iBAAiB,KAAG,gBAetB,CAAC"}
+{"version":3,"file":"get-oct-dir-keys.d.ts","sourceRoot":"","sources":["../../../../src/utils/private/oct/get-oct-dir-keys.ts"],"names":[],"mappings":"AAEA,OAAO,EACL,gBAAgB,EAChB,eAAe,EACf,iBAAiB,EACjB,gBAAgB,EACjB,MAAM,wBAAwB,CAAC;AAGhC,eAAO,MAAM,sBAAsB,6BAGhC,gBAAgB,KAAG,eAerB,CAAC;AAEF,eAAO,MAAM,sBAAsB,6BAGhC,iBAAiB,KAAG,gBAetB,CAAC"}

package/dist/utils/private/oct/get-oct-dir-keys.js

@@ -1,15 +1,15 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports._getOctDirDecryptionKey = exports._getOctDirEncryptionKey = void 0;
+exports.getOctDirDecryptionKey = exports.getOctDirEncryptionKey = void 0;
 const kryptos_1 = require("@lindorm/kryptos");
 const errors_1 = require("../../../errors");
 const calculate_content_encryption_key_size_1 = require("../calculate/calculate-content-encryption-key-size");
-const _getOctDirEncryptionKey = ({ encryption, kryptos, }) => {
+const getOctDirEncryptionKey = ({ encryption, kryptos, }) => {
     if (!kryptos_1.Kryptos.isOct(kryptos)) {
         throw new errors_1.AesError("Invalid Kryptos", { debug: { kryptos: kryptos.toJSON() } });
     }
     const der = kryptos.export("der");
-    const keyLength = (0, calculate_content_encryption_key_size_1._calculateContentEncryptionKeySize)(encryption);
+    const keyLength = (0, calculate_content_encryption_key_size_1.calculateContentEncryptionKeySize)(encryption);
     if (der.privateKey.length !== keyLength) {
         throw new errors_1.AesError("Invalid key length", {
             debug: { keyLength, privateKeyLength: der.privateKey.length },
@@ -17,13 +17,13 @@ const _getOctDirEncryptionKey = ({ encryption, kryptos, }) => {
     }
     return { contentEncryptionKey: der.privateKey };
 };
-exports._getOctDirEncryptionKey = _getOctDirEncryptionKey;
-const _getOctDirDecryptionKey = ({ encryption, kryptos, }) => {
+exports.getOctDirEncryptionKey = getOctDirEncryptionKey;
+const getOctDirDecryptionKey = ({ encryption, kryptos, }) => {
     if (!kryptos_1.Kryptos.isOct(kryptos)) {
         throw new errors_1.AesError("Invalid Kryptos", { debug: { kryptos: kryptos.toJSON() } });
     }
     const der = kryptos.export("der");
-    const keyLength = (0, calculate_content_encryption_key_size_1._calculateContentEncryptionKeySize)(encryption);
+    const keyLength = (0, calculate_content_encryption_key_size_1.calculateContentEncryptionKeySize)(encryption);
     if (der.privateKey.length !== keyLength) {
         throw new errors_1.AesError("Invalid key length", {
             debug: { keyLength, privateKeyLength: der.privateKey.length },
@@ -31,5 +31,5 @@ const _getOctDirDecryptionKey = ({ encryption, kryptos, }) => {
     }
     return { contentEncryptionKey: der.privateKey };
 };
-exports._getOctDirDecryptionKey = _getOctDirDecryptionKey;
+exports.getOctDirDecryptionKey = getOctDirDecryptionKey;
 //# sourceMappingURL=get-oct-dir-keys.js.map

package/dist/utils/private/oct/get-oct-dir-keys.js.map

@@ -1 +1 @@
-{"version":3,"file":"get-oct-dir-keys.js","sourceRoot":"","sources":["../../../../src/utils/private/oct/get-oct-dir-keys.ts"],"names":[],"mappings":";;;AAAA,8CAA2C;AAC3C,4CAA2C;AAO3C,8GAAwG;AAEjG,MAAM,uBAAuB,GAAG,CAAC,EACtC,UAAU,EACV,OAAO,GACU,EAAmB,EAAE;IACtC,IAAI,CAAC,iBAAO,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5B,MAAM,IAAI,iBAAQ,CAAC,iBAAiB,EAAE,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,OAAO,CAAC,MAAM,EAAE,EAAE,EAAE,CAAC,CAAC;IAClF,CAAC;IAED,MAAM,GAAG,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAClC,MAAM,SAAS,GAAG,IAAA,0EAAkC,EAAC,UAAU,CAAC,CAAC;IAEjE,IAAI,GAAG,CAAC,UAAU,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;QACxC,MAAM,IAAI,iBAAQ,CAAC,oBAAoB,EAAE;YACvC,KAAK,EAAE,EAAE,SAAS,EAAE,gBAAgB,EAAE,GAAG,CAAC,UAAU,CAAC,MAAM,EAAE;SAC9D,CAAC,CAAC;IACL,CAAC;IAED,OAAO,EAAE,oBAAoB,EAAE,GAAG,CAAC,UAAU,EAAE,CAAC;AAClD,CAAC,CAAC;AAlBW,QAAA,uBAAuB,2BAkBlC;AAEK,MAAM,uBAAuB,GAAG,CAAC,EACtC,UAAU,EACV,OAAO,GACW,EAAoB,EAAE;IACxC,IAAI,CAAC,iBAAO,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5B,MAAM,IAAI,iBAAQ,CAAC,iBAAiB,EAAE,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,OAAO,CAAC,MAAM,EAAE,EAAE,EAAE,CAAC,CAAC;IAClF,CAAC;IAED,MAAM,GAAG,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAClC,MAAM,SAAS,GAAG,IAAA,0EAAkC,EAAC,UAAU,CAAC,CAAC;IAEjE,IAAI,GAAG,CAAC,UAAU,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;QACxC,MAAM,IAAI,iBAAQ,CAAC,oBAAoB,EAAE;YACvC,KAAK,EAAE,EAAE,SAAS,EAAE,gBAAgB,EAAE,GAAG,CAAC,UAAU,CAAC,MAAM,EAAE;SAC9D,CAAC,CAAC;IACL,CAAC;IAED,OAAO,EAAE,oBAAoB,EAAE,GAAG,CAAC,UAAU,EAAE,CAAC;AAClD,CAAC,CAAC;AAlBW,QAAA,uBAAuB,2BAkBlC"}
+{"version":3,"file":"get-oct-dir-keys.js","sourceRoot":"","sources":["../../../../src/utils/private/oct/get-oct-dir-keys.ts"],"names":[],"mappings":";;;AAAA,8CAA2C;AAC3C,4CAA2C;AAO3C,8GAAuG;AAEhG,MAAM,sBAAsB,GAAG,CAAC,EACrC,UAAU,EACV,OAAO,GACU,EAAmB,EAAE;IACtC,IAAI,CAAC,iBAAO,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5B,MAAM,IAAI,iBAAQ,CAAC,iBAAiB,EAAE,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,OAAO,CAAC,MAAM,EAAE,EAAE,EAAE,CAAC,CAAC;IAClF,CAAC;IAED,MAAM,GAAG,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAClC,MAAM,SAAS,GAAG,IAAA,yEAAiC,EAAC,UAAU,CAAC,CAAC;IAEhE,IAAI,GAAG,CAAC,UAAU,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;QACxC,MAAM,IAAI,iBAAQ,CAAC,oBAAoB,EAAE;YACvC,KAAK,EAAE,EAAE,SAAS,EAAE,gBAAgB,EAAE,GAAG,CAAC,UAAU,CAAC,MAAM,EAAE;SAC9D,CAAC,CAAC;IACL,CAAC;IAED,OAAO,EAAE,oBAAoB,EAAE,GAAG,CAAC,UAAU,EAAE,CAAC;AAClD,CAAC,CAAC;AAlBW,QAAA,sBAAsB,0BAkBjC;AAEK,MAAM,sBAAsB,GAAG,CAAC,EACrC,UAAU,EACV,OAAO,GACW,EAAoB,EAAE;IACxC,IAAI,CAAC,iBAAO,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5B,MAAM,IAAI,iBAAQ,CAAC,iBAAiB,EAAE,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,OAAO,CAAC,MAAM,EAAE,EAAE,EAAE,CAAC,CAAC;IAClF,CAAC;IAED,MAAM,GAAG,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAClC,MAAM,SAAS,GAAG,IAAA,yEAAiC,EAAC,UAAU,CAAC,CAAC;IAEhE,IAAI,GAAG,CAAC,UAAU,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;QACxC,MAAM,IAAI,iBAAQ,CAAC,oBAAoB,EAAE;YACvC,KAAK,EAAE,EAAE,SAAS,EAAE,gBAAgB,EAAE,GAAG,CAAC,UAAU,CAAC,MAAM,EAAE;SAC9D,CAAC,CAAC;IACL,CAAC;IAED,OAAO,EAAE,oBAAoB,EAAE,GAAG,CAAC,UAAU,EAAE,CAAC;AAClD,CAAC,CAAC;AAlBW,QAAA,sBAAsB,0BAkBjC"}

package/dist/utils/private/oct/get-oct-key-key-wrap.d.ts

@@ -0,0 +1,4 @@
+import { CreateCekOptions, CreateCekResult, DecryptCekOptions, DecryptCekResult } from "../../../types/private";
+export declare const getOctKeyWrapEncryptionKey: ({ encryption, kryptos, }: CreateCekOptions) => CreateCekResult;
+export declare const getOctKeyWrapDecryptionKey: ({ hkdfSalt, kryptos, publicEncryptionIv, publicEncryptionKey, publicEncryptionTag, }: DecryptCekOptions) => DecryptCekResult;
+//# sourceMappingURL=get-oct-key-key-wrap.d.ts.map

package/dist/utils/private/oct/get-oct-key-key-wrap.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"get-oct-key-key-wrap.d.ts","sourceRoot":"","sources":["../../../../src/utils/private/oct/get-oct-key-key-wrap.ts"],"names":[],"mappings":"AAGA,OAAO,EACL,gBAAgB,EAChB,eAAe,EACf,iBAAiB,EACjB,gBAAgB,EACjB,MAAM,wBAAwB,CAAC;AAMhC,eAAO,MAAM,0BAA0B,6BAGpC,gBAAgB,KAAG,eA4BrB,CAAC;AAEF,eAAO,MAAM,0BAA0B,yFAMpC,iBAAiB,KAAG,gBAuBtB,CAAC"}

package/dist/utils/private/oct/{get-oct-key-wrap-keys.js → get-oct-key-key-wrap.js}

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports._getOctKeyWrapDecryptionKey = exports._getOctKeyWrapEncryptionKey = void 0;
+exports.getOctKeyWrapDecryptionKey = exports.getOctKeyWrapEncryptionKey = void 0;
 const kryptos_1 = require("@lindorm/kryptos");
 const crypto_1 = require("crypto");
 const errors_1 = require("../../../errors");
@@ -8,18 +8,18 @@ const calculate_content_encryption_key_size_1 = require("../calculate/calculate-
 const calculate_key_wrap_size_1 = require("../calculate/calculate-key-wrap-size");
 const hkdf_1 = require("../key-derivation/hkdf");
 const key_wrap_1 = require("../key-wrap/key-wrap");
-const _getOctKeyWrapEncryptionKey = ({ encryption, kryptos, }) => {
+const getOctKeyWrapEncryptionKey = ({ encryption, kryptos, }) => {
     if (!kryptos_1.Kryptos.isOct(kryptos)) {
         throw new errors_1.AesError("Invalid Kryptos", { debug: { kryptos: kryptos.toJSON() } });
     }
     const der = kryptos.export("der");
-    const cekSize = (0, calculate_content_encryption_key_size_1._calculateContentEncryptionKeySize)(encryption);
+    const cekSize = (0, calculate_content_encryption_key_size_1.calculateContentEncryptionKeySize)(encryption);
     const contentEncryptionKey = (0, crypto_1.randomBytes)(cekSize);
-    const { derivedKey, hkdfSalt } = (0, hkdf_1._hkdf)({
+    const { derivedKey, hkdfSalt } = (0, hkdf_1.hkdf)({
         derivationKey: der.privateKey,
-        keyLength: (0, calculate_key_wrap_size_1._calculateKeyWrapSize)(kryptos.algorithm),
+        keyLength: (0, calculate_key_wrap_size_1.calculateKeyWrapSize)(kryptos.algorithm),
     });
-    const publicEncryptionKey = (0, key_wrap_1._aesKeyWrap)({
+    const { publicEncryptionKey, publicEncryptionIv, publicEncryptionTag } = (0, key_wrap_1.keyWrap)({
         contentEncryptionKey,
         kryptos,
         keyEncryptionKey: derivedKey,
@@ -28,10 +28,12 @@ const _getOctKeyWrapEncryptionKey = ({ encryption, kryptos, }) => {
         contentEncryptionKey,
         hkdfSalt,
         publicEncryptionKey,
+        publicEncryptionIv,
+        publicEncryptionTag,
     };
 };
-exports._getOctKeyWrapEncryptionKey = _getOctKeyWrapEncryptionKey;
-const _getOctKeyWrapDecryptionKey = ({ hkdfSalt, kryptos, publicEncryptionKey, }) => {
+exports.getOctKeyWrapEncryptionKey = getOctKeyWrapEncryptionKey;
+const getOctKeyWrapDecryptionKey = ({ hkdfSalt, kryptos, publicEncryptionIv, publicEncryptionKey, publicEncryptionTag, }) => {
     if (!kryptos_1.Kryptos.isOct(kryptos)) {
         throw new errors_1.AesError("Invalid Kryptos", { debug: { kryptos: kryptos.toJSON() } });
     }
@@ -39,17 +41,18 @@ const _getOctKeyWrapDecryptionKey = ({ hkdfSalt, kryptos, publicEncryptionKey, }
         throw new errors_1.AesError("Missing publicEncryptionKey");
     }
     const der = kryptos.export("der");
-    const { derivedKey } = (0, hkdf_1._hkdf)({
+    const { derivedKey } = (0, hkdf_1.hkdf)({
         derivationKey: der.privateKey,
         hkdfSalt,
-        keyLength: (0, calculate_key_wrap_size_1._calculateKeyWrapSize)(kryptos.algorithm),
+        keyLength: (0, calculate_key_wrap_size_1.calculateKeyWrapSize)(kryptos.algorithm),
     });
-    const unwrappedKey = (0, key_wrap_1._aesKeyUnwrap)({
+    return (0, key_wrap_1.keyUnwrap)({
         keyEncryptionKey: derivedKey,
         kryptos,
-        wrappedKey: publicEncryptionKey,
+        publicEncryptionIv,
+        publicEncryptionKey,
+        publicEncryptionTag,
     });
-    return { contentEncryptionKey: unwrappedKey };
 };
-exports._getOctKeyWrapDecryptionKey = _getOctKeyWrapDecryptionKey;
-//# sourceMappingURL=get-oct-key-wrap-keys.js.map
+exports.getOctKeyWrapDecryptionKey = getOctKeyWrapDecryptionKey;
+//# sourceMappingURL=get-oct-key-key-wrap.js.map

package/dist/utils/private/oct/get-oct-key-key-wrap.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"get-oct-key-key-wrap.js","sourceRoot":"","sources":["../../../../src/utils/private/oct/get-oct-key-key-wrap.ts"],"names":[],"mappings":";;;AAAA,8CAA2C;AAC3C,mCAAqC;AACrC,4CAA2C;AAO3C,8GAAuG;AACvG,kFAA4E;AAC5E,iDAA8C;AAC9C,mDAA0D;AAEnD,MAAM,0BAA0B,GAAG,CAAC,EACzC,UAAU,EACV,OAAO,GACU,EAAmB,EAAE;IACtC,IAAI,CAAC,iBAAO,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5B,MAAM,IAAI,iBAAQ,CAAC,iBAAiB,EAAE,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,OAAO,CAAC,MAAM,EAAE,EAAE,EAAE,CAAC,CAAC;IAClF,CAAC;IAED,MAAM,GAAG,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAElC,MAAM,OAAO,GAAG,IAAA,yEAAiC,EAAC,UAAU,CAAC,CAAC;IAC9D,MAAM,oBAAoB,GAAG,IAAA,oBAAW,EAAC,OAAO,CAAC,CAAC;IAElD,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAE,GAAG,IAAA,WAAI,EAAC;QACpC,aAAa,EAAE,GAAG,CAAC,UAAU;QAC7B,SAAS,EAAE,IAAA,8CAAoB,EAAC,OAAO,CAAC,SAAS,CAAC;KACnD,CAAC,CAAC;IAEH,MAAM,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,mBAAmB,EAAE,GAAG,IAAA,kBAAO,EAAC;QAC/E,oBAAoB;QACpB,OAAO;QACP,gBAAgB,EAAE,UAAU;KAC7B,CAAC,CAAC;IAEH,OAAO;QACL,oBAAoB;QACpB,QAAQ;QACR,mBAAmB;QACnB,kBAAkB;QAClB,mBAAmB;KACpB,CAAC;AACJ,CAAC,CAAC;AA/BW,QAAA,0BAA0B,8BA+BrC;AAEK,MAAM,0BAA0B,GAAG,CAAC,EACzC,QAAQ,EACR,OAAO,EACP,kBAAkB,EAClB,mBAAmB,EACnB,mBAAmB,GACD,EAAoB,EAAE;IACxC,IAAI,CAAC,iBAAO,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5B,MAAM,IAAI,iBAAQ,CAAC,iBAAiB,EAAE,EAAE,KAAK,EAAE,EAAE,OAAO,EAAE,OAAO,CAAC,MAAM,EAAE,EAAE,EAAE,CAAC,CAAC;IAClF,CAAC;IACD,IAAI,CAAC,mBAAmB,EAAE,CAAC;QACzB,MAAM,IAAI,iBAAQ,CAAC,6BAA6B,CAAC,CAAC;IACpD,CAAC;IAED,MAAM,GAAG,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAElC,MAAM,EAAE,UAAU,EAAE,GAAG,IAAA,WAAI,EAAC;QAC1B,aAAa,EAAE,GAAG,CAAC,UAAU;QAC7B,QAAQ;QACR,SAAS,EAAE,IAAA,8CAAoB,EAAC,OAAO,CAAC,SAAS,CAAC;KACnD,CAAC,CAAC;IAEH,OAAO,IAAA,oBAAS,EAAC;QACf,gBAAgB,EAAE,UAAU;QAC5B,OAAO;QACP,kBAAkB;QAClB,mBAAmB;QACnB,mBAAmB;KACpB,CAAC,CAAC;AACL,CAAC,CAAC;AA7BW,QAAA,0BAA0B,8BA6BrC"}

package/dist/utils/private/oct/get-oct-pbkdf-key-wrap-keys.d.ts

@@ -1,4 +1,4 @@
 import { CreateCekOptions, CreateCekResult, DecryptCekOptions, DecryptCekResult } from "../../../types/private";
-export declare const _getOctPbkdfKeyWrapEncryptionKey: ({ encryption, kryptos, }: CreateCekOptions) => CreateCekResult;
-export declare const _getOctPbkdfKeyWrapDecryptionKey: ({ kryptos, pbkdfIterations, pbkdfSalt, publicEncryptionKey, }: DecryptCekOptions) => DecryptCekResult;
+export declare const getOctPbkdfKeyWrapEncryptionKey: ({ encryption, kryptos, }: CreateCekOptions) => CreateCekResult;
+export declare const getOctPbkdfKeyWrapDecryptionKey: ({ kryptos, pbkdfIterations, pbkdfSalt, publicEncryptionKey, }: DecryptCekOptions) => DecryptCekResult;
 //# sourceMappingURL=get-oct-pbkdf-key-wrap-keys.d.ts.map

package/dist/utils/private/oct/get-oct-pbkdf-key-wrap-keys.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"get-oct-pbkdf-key-wrap-keys.d.ts","sourceRoot":"","sources":["../../../../src/utils/private/oct/get-oct-pbkdf-key-wrap-keys.ts"],"names":[],"mappings":"AAGA,OAAO,EACL,gBAAgB,EAChB,eAAe,EACf,iBAAiB,EACjB,gBAAgB,EACjB,MAAM,wBAAwB,CAAC;AAOhC,eAAO,MAAM,gCAAgC,6BAG1C,gBAAgB,KAAG,eA4BrB,CAAC;AAEF,eAAO,MAAM,gCAAgC,kEAK1C,iBAAiB,KAAG,gBAyBtB,CAAC"}
+{"version":3,"file":"get-oct-pbkdf-key-wrap-keys.d.ts","sourceRoot":"","sources":["../../../../src/utils/private/oct/get-oct-pbkdf-key-wrap-keys.ts"],"names":[],"mappings":"AAGA,OAAO,EACL,gBAAgB,EAChB,eAAe,EACf,iBAAiB,EACjB,gBAAgB,EACjB,MAAM,wBAAwB,CAAC;AAOhC,eAAO,MAAM,+BAA+B,6BAGzC,gBAAgB,KAAG,eA4BrB,CAAC;AAEF,eAAO,MAAM,+BAA+B,kEAKzC,iBAAiB,KAAG,gBAuBtB,CAAC"}