@lindorm/okp 0.2.4 → 0.2.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/CHANGELOG.md +10 -0
  2. package/README.md +40 -57
  3. package/dist/classes/OkpKit.d.ts.map +1 -1
  4. package/dist/classes/OkpKit.js +3 -0
  5. package/dist/classes/OkpKit.js.map +1 -1
  6. package/package.json +11 -14
package/CHANGELOG.md CHANGED
@@ -3,6 +3,16 @@
3
3
  All notable changes to this project will be documented in this file.
4
4
  See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
5
5
 
6
+ ## [0.2.6](https://github.com/lindorm-io/monorepo/compare/@lindorm/okp@0.2.5...@lindorm/okp@0.2.6) (2026-02-17)
7
+
8
+ ### Bug Fixes
9
+
10
+ - **ec,oct,okp,rsa:** harden signing kits with validation and security fixes ([910f016](https://github.com/lindorm-io/monorepo/commit/910f01669aefcb4e6eb69c0297291fe2404232f8))
11
+
12
+ ## [0.2.5](https://github.com/lindorm-io/monorepo/compare/@lindorm/okp@0.2.4...@lindorm/okp@0.2.5) (2025-09-18)
13
+
14
+ **Note:** Version bump only for package @lindorm/okp
15
+
6
16
  ## [0.2.4](https://github.com/lindorm-io/monorepo/compare/@lindorm/okp@0.2.3...@lindorm/okp@0.2.4) (2025-07-19)
7
17
 
8
18
  **Note:** Version bump only for package @lindorm/okp
package/README.md CHANGED
@@ -1,94 +1,77 @@
1
1
  # @lindorm/okp
2
2
 
3
- Simple **EdDSA / OKP (Octet-Key Pair) signing kit** built on top of Nodes `crypto` module and the
4
- [`@lindorm/kryptos`](../kryptos) key utilities. The kit exposes a small `OkpKit` class which
5
- implements the generic `IKeyKit` contract used throughout the Lindorm cryptography packages.
6
-
7
- ---
3
+ EdDSA signature kit built on Node's `crypto` module and [`@lindorm/kryptos`](../kryptos). Provides an `OkpKit` class that implements the `IKeyKit` contract used across the Lindorm cryptography packages.
8
4
 
9
5
  ## Installation
10
6
 
11
7
  ```bash
12
8
  npm install @lindorm/okp
13
- # or
14
- yarn add @lindorm/okp
15
9
  ```
16
10
 
17
- You will also need a compatible key instance:
18
-
19
- ```ts
20
- import { KryptosKit } from '@lindorm/kryptos';
21
-
22
- const ED25519 = KryptosKit.generate.okp({ alg: 'Ed25519', use: 'sig' });
23
- ```
24
-
25
- ---
26
-
27
- ## Example
28
-
29
- ```ts
30
- import { OkpKit } from '@lindorm/okp';
31
- import { randomBytes } from 'node:crypto';
11
+ ## Quick Start
32
12
 
33
- const kit = new OkpKit({ kryptos: ED25519, encoding: 'base64url' });
13
+ ```typescript
14
+ import { OkpKit } from "@lindorm/okp";
15
+ import { KryptosKit } from "@lindorm/kryptos";
34
16
 
35
- const data = randomBytes(32);
17
+ const kryptos = KryptosKit.generate.sig.okp({ algorithm: "EdDSA", curve: "Ed25519" });
18
+ const kit = new OkpKit({ kryptos });
36
19
 
37
- // Sign → Buffer
38
- const signature = kit.sign(data);
20
+ // Sign
21
+ const signature = kit.sign("hello world");
39
22
 
40
23
  // Verify
41
- if (kit.verify(data, signature)) {
42
- console.log('✔️ valid');
43
- }
24
+ kit.verify("hello world", signature); // true
44
25
 
45
- // Throw when invalid
46
- kit.assert(data, signature);
26
+ // Assert (throws OkpError if invalid)
27
+ kit.assert("hello world", signature);
47
28
 
48
- // Convert Buffer string
49
- const asString = kit.format(signature);
29
+ // Format Buffer to string
30
+ kit.format(signature); // base64 string
50
31
  ```
51
32
 
52
- ### DSA encoding
53
-
54
- `OkpKit` defaults to DER encoding (`dsa: 'der'`) but you can switch to IETF-style `ieee-p1363` if
55
- required:
33
+ ## Constructor Options
56
34
 
57
- ```ts
58
- const kit = new OkpKit({ kryptos: ED25519, dsa: 'ieee-p1363' });
35
+ ```typescript
36
+ new OkpKit({
37
+ kryptos, // IKryptos — must be an OKP key with a signing curve
38
+ dsa: "der", // DsaEncoding — "der" | "ieee-p1363" (default: "der")
39
+ encoding: "base64", // BufferEncoding — output encoding (default: "base64")
40
+ });
59
41
  ```
60
42
 
61
- ---
43
+ The constructor validates that the key is an OKP type with a supported signing curve (Ed25519, Ed448). Encryption curves (X25519, X448) are rejected with an `OkpError`.
62
44
 
63
45
  ## API
64
46
 
65
- ```ts
47
+ ```typescript
66
48
  class OkpKit implements IKeyKit {
67
- constructor(options: {
68
- kryptos: IKryptosOkp;
69
- dsa?: DsaEncoding; // 'der' | 'ieee-p1363' (default 'der')
70
- encoding?: BufferEncoding; // default 'base64'
71
- });
72
-
73
49
  sign(data: KeyData): Buffer;
74
50
  verify(data: KeyData, signature: KeyData): boolean;
75
- assert(data: KeyData, signature: KeyData): void; // throws OkpError on mismatch
76
- format(data: Buffer): string; // encode Buffer → string
51
+ assert(data: KeyData, signature: KeyData): void; // throws OkpError
52
+ format(data: Buffer): string;
77
53
  }
78
54
  ```
79
55
 
80
- `KeyData` can be `Buffer`, `string` or `Uint8Array`.
56
+ `KeyData` is `Buffer | string`.
81
57
 
82
- ---
58
+ ## Supported Curves
83
59
 
84
- ## TypeScript
60
+ | Curve | Algorithm | Use |
61
+ | ------- | --------- | ------- |
62
+ | Ed25519 | EdDSA | Signing |
63
+ | Ed448 | EdDSA | Signing |
85
64
 
86
- The package is written in TypeScript and ships with declaration files. Runtime dependencies are
87
- limited to **Node.js built-ins** and other Lindorm utilities.
65
+ X25519 and X448 are encryption curves and are not supported by `OkpKit`. Use the [`@lindorm/aes`](../aes) package for encryption with OKP keys.
88
66
 
89
- ---
67
+ ## Error Handling
90
68
 
91
- ## License
69
+ All errors are `OkpError` instances:
92
70
 
93
- AGPL-3.0-or-later – see the root [`LICENSE`](../../LICENSE).
71
+ ```typescript
72
+ import { OkpError } from "@lindorm/okp";
73
+ ```
74
+
75
+ ## License
94
76
 
77
+ AGPL-3.0-or-later
package/dist/classes/OkpKit.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"OkpKit.d.ts","sourceRoot":"","sources":["../../src/classes/OkpKit.ts"],"names":[],"mappings":"AACA,OAAO,EAAe,OAAO,EAAE,OAAO,EAAE,MAAM,gBAAgB,CAAC;AAE/D,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAOzC,qBAAa,MAAO,YAAW,OAAO;IACpC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAc;IAClC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAiB;IAC1C,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAc;gBAEnB,OAAO,EAAE,aAAa;IAWlC,IAAI,CAAC,IAAI,EAAE,OAAO,GAAG,MAAM;IAQ3B,MAAM,CAAC,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,OAAO,GAAG,OAAO;IAUlD,MAAM,CAAC,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,OAAO,GAAG,IAAI;IAU/C,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM;CAGpC"}
1
+ {"version":3,"file":"OkpKit.d.ts","sourceRoot":"","sources":["../../src/classes/OkpKit.ts"],"names":[],"mappings":"AACA,OAAO,EAAe,OAAO,EAAE,OAAO,EAAE,MAAM,gBAAgB,CAAC;AAE/D,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAOzC,qBAAa,MAAO,YAAW,OAAO;IACpC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAc;IAClC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAiB;IAC1C,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAc;gBAEnB,OAAO,EAAE,aAAa;IAelC,IAAI,CAAC,IAAI,EAAE,OAAO,GAAG,MAAM;IAQ3B,MAAM,CAAC,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,OAAO,GAAG,OAAO;IAUlD,MAAM,CAAC,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,OAAO,GAAG,IAAI;IAU/C,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM;CAGpC"}
package/dist/classes/OkpKit.js CHANGED
@@ -14,6 +14,9 @@ class OkpKit {
14
14
  if (!kryptos_1.KryptosKit.isOkp(options.kryptos)) {
15
15
  throw new errors_1.OkpError("Invalid Kryptos instance");
16
16
  }
17
+ if (!kryptos_1.OKP_SIG_CURVES.includes(options.kryptos.curve)) {
18
+ throw new errors_1.OkpError("OkpKit only supports signing curves (Ed25519, Ed448)");
19
+ }
17
20
  this.kryptos = options.kryptos;
18
21
  }
19
22
  sign(data) {
package/dist/classes/OkpKit.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"OkpKit.js","sourceRoot":"","sources":["../../src/classes/OkpKit.ts"],"names":[],"mappings":";;;AAAA,8CAA2D;AAE3D,sCAAqC;AAErC,8CAI0B;AAE1B,MAAa,MAAM;IACA,GAAG,CAAc;IACjB,QAAQ,CAAiB;IACzB,OAAO,CAAc;IAEtC,YAAmB,OAAsB;QACvC,IAAI,CAAC,GAAG,GAAG,OAAO,CAAC,GAAG,IAAI,KAAK,CAAC;QAChC,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,QAAQ,CAAC;QAE7C,IAAI,CAAC,oBAAU,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;YACvC,MAAM,IAAI,iBAAQ,CAAC,0BAA0B,CAAC,CAAC;QACjD,CAAC;QAED,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC;IACjC,CAAC;IAEM,IAAI,CAAC,IAAa;QACvB,OAAO,IAAA,4BAAkB,EAAC;YACxB,IAAI;YACJ,WAAW,EAAE,IAAI,CAAC,GAAG;YACrB,OAAO,EAAE,IAAI,CAAC,OAAO;SACtB,CAAC,CAAC;IACL,CAAC;IAEM,MAAM,CAAC,IAAa,EAAE,SAAkB;QAC7C,OAAO,IAAA,4BAAkB,EAAC;YACxB,IAAI;YACJ,WAAW,EAAE,IAAI,CAAC,GAAG;YACrB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,SAAS;SACV,CAAC,CAAC;IACL,CAAC;IAEM,MAAM,CAAC,IAAa,EAAE,SAAkB;QAC7C,OAAO,IAAA,4BAAkB,EAAC;YACxB,IAAI;YACJ,WAAW,EAAE,IAAI,CAAC,GAAG;YACrB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,SAAS;SACV,CAAC,CAAC;IACL,CAAC;IAEM,MAAM,CAAC,IAAY;QACxB,OAAO,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACtC,CAAC;CACF;AA/CD,wBA+CC"}
1
+ {"version":3,"file":"OkpKit.js","sourceRoot":"","sources":["../../src/classes/OkpKit.ts"],"names":[],"mappings":";;;AAAA,8CAAwF;AAExF,sCAAqC;AAErC,8CAI0B;AAE1B,MAAa,MAAM;IACA,GAAG,CAAc;IACjB,QAAQ,CAAiB;IACzB,OAAO,CAAc;IAEtC,YAAmB,OAAsB;QACvC,IAAI,CAAC,GAAG,GAAG,OAAO,CAAC,GAAG,IAAI,KAAK,CAAC;QAChC,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,QAAQ,CAAC;QAE7C,IAAI,CAAC,oBAAU,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;YACvC,MAAM,IAAI,iBAAQ,CAAC,0BAA0B,CAAC,CAAC;QACjD,CAAC;QAED,IAAI,CAAC,wBAAc,CAAC,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,KAAoB,CAAC,EAAE,CAAC;YACnE,MAAM,IAAI,iBAAQ,CAAC,sDAAsD,CAAC,CAAC;QAC7E,CAAC;QAED,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC;IACjC,CAAC;IAEM,IAAI,CAAC,IAAa;QACvB,OAAO,IAAA,4BAAkB,EAAC;YACxB,IAAI;YACJ,WAAW,EAAE,IAAI,CAAC,GAAG;YACrB,OAAO,EAAE,IAAI,CAAC,OAAO;SACtB,CAAC,CAAC;IACL,CAAC;IAEM,MAAM,CAAC,IAAa,EAAE,SAAkB;QAC7C,OAAO,IAAA,4BAAkB,EAAC;YACxB,IAAI;YACJ,WAAW,EAAE,IAAI,CAAC,GAAG;YACrB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,SAAS;SACV,CAAC,CAAC;IACL,CAAC;IAEM,MAAM,CAAC,IAAa,EAAE,SAAkB;QAC7C,OAAO,IAAA,4BAAkB,EAAC;YACxB,IAAI;YACJ,WAAW,EAAE,IAAI,CAAC,GAAG;YACrB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,SAAS;SACV,CAAC,CAAC;IACL,CAAC;IAEM,MAAM,CAAC,IAAY;QACxB,OAAO,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACtC,CAAC;CACF;AAnDD,wBAmDC"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@lindorm/okp",
3
- "version": "0.2.4",
3
+ "version": "0.2.6",
4
4
  "license": "AGPL-3.0-or-later",
5
5
  "author": "Jonn Nilsson",
6
6
  "repository": {
@@ -16,25 +16,22 @@
16
16
  "scripts": {
17
17
  "build": "rimraf dist && tsc -b ./tsconfig.build.json",
18
18
  "example": "ts-node example",
19
- "integration": "compd --file docker-compose.yml jest --config jest.config.integration.js --watch",
20
- "integration:focus": "compd --file docker-compose.yml jest --config jest.config.integration.js --watch $1",
21
19
  "prettier": "prettier --write ./src/*",
22
- "test": "jest --watch --",
23
- "test:ci": "npm run test:unit",
24
- "test:integration": "jest --config jest.config.integration.js --",
25
- "test:unit": "jest --config jest.config.js --",
26
- "typecheck": "tsc --watch",
27
- "typecheck:ci": "tsc",
20
+ "test": "jest --",
21
+ "test:ci": "jest",
22
+ "test:watch": "jest --watch --",
23
+ "typecheck": "tsc",
24
+ "typecheck:watch": "tsc --watch --",
28
25
  "update": "ncu -i",
29
26
  "update:auto": "ncu -u"
30
27
  },
31
28
  "dependencies": {
32
- "@lindorm/errors": "^0.1.11",
33
- "@lindorm/is": "^0.1.10",
34
- "@lindorm/kryptos": "^0.4.4"
29
+ "@lindorm/errors": "^0.1.13",
30
+ "@lindorm/is": "^0.1.12",
31
+ "@lindorm/kryptos": "^0.5.0"
35
32
  },
36
33
  "devDependencies": {
37
- "@lindorm/types": "^0.3.2"
34
+ "@lindorm/types": "^0.3.4"
38
35
  },
39
- "gitHead": "b4d4cb9d15779ec6703c758e90ceba48f74d64d9"
36
+ "gitHead": "4b8579886ad8a24c22a8bf260dd0bb5dc45afc08"
40
37
  }