@omnituum/pqc-shared 0.3.0 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/crypto/index.cjs +29 -71
- package/dist/crypto/index.d.cts +38 -45
- package/dist/crypto/index.d.ts +38 -45
- package/dist/crypto/index.js +28 -72
- package/dist/crypto/safe/index.cjs +556 -0
- package/dist/crypto/safe/index.d.cts +341 -0
- package/dist/crypto/safe/index.d.ts +341 -0
- package/dist/crypto/safe/index.js +524 -0
- package/dist/fs/index.cjs +6 -34
- package/dist/fs/index.js +6 -34
- package/dist/index.cjs +29 -71
- package/dist/index.d.cts +4 -4
- package/dist/index.d.ts +4 -4
- package/dist/index.js +28 -72
- package/dist/{integrity-CCYjrap3.d.ts → integrity-BPvNsC50.d.ts} +1 -1
- package/dist/{integrity-Dx9jukMH.d.cts → integrity-ByMp24VA.d.cts} +1 -1
- package/dist/{types-61c7Q9ri.d.ts → types-Dx_AFqow.d.cts} +54 -2
- package/dist/{types-Ch0y-n7K.d.cts → types-Dx_AFqow.d.ts} +54 -2
- package/dist/utils/index.d.cts +2 -3
- package/dist/utils/index.d.ts +2 -3
- package/dist/vault/index.cjs +13 -41
- package/dist/vault/index.d.cts +2 -3
- package/dist/vault/index.d.ts +2 -3
- package/dist/vault/index.js +13 -41
- package/package.json +27 -13
- package/src/crypto/dilithium.ts +8 -4
- package/src/crypto/hybrid.ts +13 -29
- package/src/crypto/index.ts +3 -0
- package/src/crypto/kyber.ts +63 -121
- package/src/crypto/safe/adapters.ts +306 -0
- package/src/crypto/safe/dilithium.ts +74 -0
- package/src/crypto/safe/index.ts +97 -0
- package/src/crypto/safe/kyber.ts +47 -0
- package/src/crypto/safe/manifests.ts +192 -0
- package/src/crypto/safe/secretbox.ts +24 -0
- package/src/crypto/safe/types.ts +88 -0
- package/src/crypto/safe/x25519.ts +31 -0
- package/src/index.ts +7 -4
- package/src/version.ts +9 -4
- package/dist/version-BygzPVGs.d.cts +0 -55
- package/dist/version-BygzPVGs.d.ts +0 -55
|
@@ -0,0 +1,341 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Branded cryptographic types.
|
|
3
|
+
*
|
|
4
|
+
* Raw Uint8Array must never cross module boundaries without type branding.
|
|
5
|
+
* These types make argument inversion a compile-time error.
|
|
6
|
+
*/
|
|
7
|
+
type DilithiumSecretKey = Uint8Array & {
|
|
8
|
+
readonly __brand: 'DilithiumSecretKey';
|
|
9
|
+
};
|
|
10
|
+
type DilithiumPublicKey = Uint8Array & {
|
|
11
|
+
readonly __brand: 'DilithiumPublicKey';
|
|
12
|
+
};
|
|
13
|
+
type DilithiumSignature = Uint8Array & {
|
|
14
|
+
readonly __brand: 'DilithiumSignature';
|
|
15
|
+
};
|
|
16
|
+
interface DilithiumKeyPair {
|
|
17
|
+
publicKey: DilithiumPublicKey;
|
|
18
|
+
secretKey: DilithiumSecretKey;
|
|
19
|
+
}
|
|
20
|
+
type KyberEncapsulationKey = Uint8Array & {
|
|
21
|
+
readonly __brand: 'KyberEncapsulationKey';
|
|
22
|
+
};
|
|
23
|
+
type KyberDecapsulationKey = Uint8Array & {
|
|
24
|
+
readonly __brand: 'KyberDecapsulationKey';
|
|
25
|
+
};
|
|
26
|
+
type KyberCiphertext = Uint8Array & {
|
|
27
|
+
readonly __brand: 'KyberCiphertext';
|
|
28
|
+
};
|
|
29
|
+
type SharedSecret = Uint8Array & {
|
|
30
|
+
readonly __brand: 'SharedSecret';
|
|
31
|
+
};
|
|
32
|
+
interface KyberKeyPair {
|
|
33
|
+
encapsulationKey: KyberEncapsulationKey;
|
|
34
|
+
decapsulationKey: KyberDecapsulationKey;
|
|
35
|
+
}
|
|
36
|
+
interface KyberEncapsulation {
|
|
37
|
+
ciphertext: KyberCiphertext;
|
|
38
|
+
sharedSecret: SharedSecret;
|
|
39
|
+
}
|
|
40
|
+
type X25519PublicKey = Uint8Array & {
|
|
41
|
+
readonly __brand: 'X25519PublicKey';
|
|
42
|
+
};
|
|
43
|
+
type X25519SecretKey = Uint8Array & {
|
|
44
|
+
readonly __brand: 'X25519SecretKey';
|
|
45
|
+
};
|
|
46
|
+
interface X25519KeyPair {
|
|
47
|
+
publicKey: X25519PublicKey;
|
|
48
|
+
secretKey: X25519SecretKey;
|
|
49
|
+
}
|
|
50
|
+
type SymmetricKey = Uint8Array & {
|
|
51
|
+
readonly __brand: 'SymmetricKey';
|
|
52
|
+
};
|
|
53
|
+
type Nonce = Uint8Array & {
|
|
54
|
+
readonly __brand: 'Nonce';
|
|
55
|
+
};
|
|
56
|
+
type Message = Uint8Array & {
|
|
57
|
+
readonly __brand: 'Message';
|
|
58
|
+
};
|
|
59
|
+
declare function asMessage(data: Uint8Array): Message;
|
|
60
|
+
declare function asDilithiumSecretKey(data: Uint8Array): DilithiumSecretKey;
|
|
61
|
+
declare function asDilithiumPublicKey(data: Uint8Array): DilithiumPublicKey;
|
|
62
|
+
declare function asKyberEncapsulationKey(data: Uint8Array): KyberEncapsulationKey;
|
|
63
|
+
declare function asKyberDecapsulationKey(data: Uint8Array): KyberDecapsulationKey;
|
|
64
|
+
declare function asX25519PublicKey(data: Uint8Array): X25519PublicKey;
|
|
65
|
+
declare function asX25519SecretKey(data: Uint8Array): X25519SecretKey;
|
|
66
|
+
declare function asSymmetricKey(data: Uint8Array): SymmetricKey;
|
|
67
|
+
declare function asNonce(data: Uint8Array): Nonce;
|
|
68
|
+
|
|
69
|
+
/**
|
|
70
|
+
* Safe Dilithium ML-DSA-65 adapter.
|
|
71
|
+
*
|
|
72
|
+
* Object parameters + branded types + manifest verification.
|
|
73
|
+
* - Argument inversion is a compile-time error.
|
|
74
|
+
* - Primitive identity verified on first use (key/sig sizes match manifest).
|
|
75
|
+
* - Behavioral roundtrip confirmed before any real operation.
|
|
76
|
+
*/
|
|
77
|
+
|
|
78
|
+
declare function keygen$2(): Promise<DilithiumKeyPair>;
|
|
79
|
+
declare function sign(params: {
|
|
80
|
+
message: Message;
|
|
81
|
+
secretKey: DilithiumSecretKey;
|
|
82
|
+
}): Promise<DilithiumSignature>;
|
|
83
|
+
declare function verify(params: {
|
|
84
|
+
signature: DilithiumSignature;
|
|
85
|
+
message: Message;
|
|
86
|
+
publicKey: DilithiumPublicKey;
|
|
87
|
+
}): Promise<boolean>;
|
|
88
|
+
|
|
89
|
+
declare const dilithium_sign: typeof sign;
|
|
90
|
+
declare const dilithium_verify: typeof verify;
|
|
91
|
+
declare namespace dilithium {
|
|
92
|
+
export { keygen$2 as keygen, dilithium_sign as sign, dilithium_verify as verify };
|
|
93
|
+
}
|
|
94
|
+
|
|
95
|
+
/**
|
|
96
|
+
* Safe Kyber ML-KEM-768 adapter.
|
|
97
|
+
*
|
|
98
|
+
* Object parameters + branded types.
|
|
99
|
+
*/
|
|
100
|
+
|
|
101
|
+
declare function keygen$1(): Promise<KyberKeyPair | null>;
|
|
102
|
+
declare function encapsulate(params: {
|
|
103
|
+
encapsulationKey: KyberEncapsulationKey;
|
|
104
|
+
}): Promise<KyberEncapsulation>;
|
|
105
|
+
declare function decapsulate(params: {
|
|
106
|
+
ciphertext: KyberCiphertext;
|
|
107
|
+
decapsulationKey: KyberDecapsulationKey;
|
|
108
|
+
}): Promise<SharedSecret>;
|
|
109
|
+
|
|
110
|
+
declare const kyber_decapsulate: typeof decapsulate;
|
|
111
|
+
declare const kyber_encapsulate: typeof encapsulate;
|
|
112
|
+
declare namespace kyber {
|
|
113
|
+
export { kyber_decapsulate as decapsulate, kyber_encapsulate as encapsulate, keygen$1 as keygen };
|
|
114
|
+
}
|
|
115
|
+
|
|
116
|
+
/**
|
|
117
|
+
* Safe X25519 adapter.
|
|
118
|
+
*
|
|
119
|
+
* Object parameters + branded types.
|
|
120
|
+
*/
|
|
121
|
+
|
|
122
|
+
declare function keygen(): X25519KeyPair;
|
|
123
|
+
declare function sharedSecret(params: {
|
|
124
|
+
ourSecretKey: X25519SecretKey;
|
|
125
|
+
theirPublicKey: X25519PublicKey;
|
|
126
|
+
}): SharedSecret;
|
|
127
|
+
|
|
128
|
+
declare const x25519_keygen: typeof keygen;
|
|
129
|
+
declare const x25519_sharedSecret: typeof sharedSecret;
|
|
130
|
+
declare namespace x25519 {
|
|
131
|
+
export { x25519_keygen as keygen, x25519_sharedSecret as sharedSecret };
|
|
132
|
+
}
|
|
133
|
+
|
|
134
|
+
/**
|
|
135
|
+
* Safe secretbox (xsalsa20-poly1305) adapter.
|
|
136
|
+
*
|
|
137
|
+
* Object parameters + branded types.
|
|
138
|
+
*/
|
|
139
|
+
|
|
140
|
+
declare function seal(params: {
|
|
141
|
+
key: SymmetricKey;
|
|
142
|
+
plaintext: Uint8Array;
|
|
143
|
+
nonce: Nonce;
|
|
144
|
+
}): Uint8Array;
|
|
145
|
+
declare function open(params: {
|
|
146
|
+
key: SymmetricKey;
|
|
147
|
+
ciphertext: Uint8Array;
|
|
148
|
+
nonce: Nonce;
|
|
149
|
+
}): Uint8Array | null;
|
|
150
|
+
|
|
151
|
+
declare const secretbox_open: typeof open;
|
|
152
|
+
declare const secretbox_seal: typeof seal;
|
|
153
|
+
declare namespace secretbox {
|
|
154
|
+
export { secretbox_open as open, secretbox_seal as seal };
|
|
155
|
+
}
|
|
156
|
+
|
|
157
|
+
/**
|
|
158
|
+
* Primitive identity manifests.
|
|
159
|
+
*
|
|
160
|
+
* Each manifest declares the expected algorithm name and byte sizes.
|
|
161
|
+
* Used by assertPrimitiveIdentity() to verify that the underlying library
|
|
162
|
+
* is the exact primitive we intended to wrap — not a swapped, compromised,
|
|
163
|
+
* or silently upgraded implementation.
|
|
164
|
+
*
|
|
165
|
+
* This catches:
|
|
166
|
+
* - wrong algorithm resolved behind the same import
|
|
167
|
+
* - changed encoding or key format after a dependency update
|
|
168
|
+
* - supply-chain substitution of a different primitive
|
|
169
|
+
* - silent API drift in key/signature sizes
|
|
170
|
+
*/
|
|
171
|
+
interface SignatureManifest {
|
|
172
|
+
readonly algorithm: string;
|
|
173
|
+
readonly publicKeyBytes: number;
|
|
174
|
+
readonly secretKeyBytes: number;
|
|
175
|
+
readonly signatureBytes: number;
|
|
176
|
+
}
|
|
177
|
+
interface KemManifest {
|
|
178
|
+
readonly algorithm: string;
|
|
179
|
+
readonly encapsulationKeyBytes: number;
|
|
180
|
+
readonly decapsulationKeyBytes: number;
|
|
181
|
+
readonly ciphertextBytes: number;
|
|
182
|
+
readonly sharedSecretBytes: number;
|
|
183
|
+
}
|
|
184
|
+
interface DhManifest {
|
|
185
|
+
readonly algorithm: string;
|
|
186
|
+
readonly publicKeyBytes: number;
|
|
187
|
+
readonly secretKeyBytes: number;
|
|
188
|
+
readonly sharedSecretBytes: number;
|
|
189
|
+
}
|
|
190
|
+
interface SecretboxManifest {
|
|
191
|
+
readonly algorithm: string;
|
|
192
|
+
readonly keyBytes: number;
|
|
193
|
+
readonly nonceBytes: number;
|
|
194
|
+
readonly tagBytes: number;
|
|
195
|
+
}
|
|
196
|
+
declare const ML_DSA_65: SignatureManifest;
|
|
197
|
+
declare const ML_KEM_768: KemManifest;
|
|
198
|
+
declare const X25519: DhManifest;
|
|
199
|
+
declare const XSALSA20_POLY1305: SecretboxManifest;
|
|
200
|
+
declare function assertSignaturePrimitive(noble: {
|
|
201
|
+
keygen(seed?: Uint8Array): {
|
|
202
|
+
publicKey: Uint8Array;
|
|
203
|
+
secretKey: Uint8Array;
|
|
204
|
+
};
|
|
205
|
+
sign(message: Uint8Array, secretKey: Uint8Array): Uint8Array;
|
|
206
|
+
verify(signature: Uint8Array, message: Uint8Array, publicKey: Uint8Array): boolean;
|
|
207
|
+
}, manifest: SignatureManifest): void;
|
|
208
|
+
declare function assertKemPrimitive(noble: {
|
|
209
|
+
keygen(): {
|
|
210
|
+
publicKey: Uint8Array;
|
|
211
|
+
secretKey: Uint8Array;
|
|
212
|
+
};
|
|
213
|
+
encapsulate(publicKey: Uint8Array): {
|
|
214
|
+
ciphertext: Uint8Array;
|
|
215
|
+
sharedSecret: Uint8Array;
|
|
216
|
+
};
|
|
217
|
+
decapsulate(ciphertext: Uint8Array, secretKey: Uint8Array): Uint8Array;
|
|
218
|
+
}, manifest: KemManifest): void;
|
|
219
|
+
declare function assertDhPrimitive(noble: {
|
|
220
|
+
getPublicKey(secretKey: Uint8Array): Uint8Array;
|
|
221
|
+
getSharedSecret(secretKey: Uint8Array, publicKey: Uint8Array): Uint8Array;
|
|
222
|
+
utils: {
|
|
223
|
+
randomPrivateKey(): Uint8Array;
|
|
224
|
+
};
|
|
225
|
+
}, manifest: DhManifest): void;
|
|
226
|
+
|
|
227
|
+
/**
|
|
228
|
+
* High-assurance adapter factories.
|
|
229
|
+
*
|
|
230
|
+
* Single-boundary, typed, invariant-checked, manifest-verified.
|
|
231
|
+
*
|
|
232
|
+
* Each factory wraps a low-level positional API into a safe object-parameter API.
|
|
233
|
+
* - Branded types prevent argument confusion at compile time.
|
|
234
|
+
* - Lazy invariant checks catch API drift at runtime.
|
|
235
|
+
* - Manifest checks verify primitive identity (key/signature sizes) to catch
|
|
236
|
+
* supply-chain substitution or silent dependency upgrades.
|
|
237
|
+
*/
|
|
238
|
+
|
|
239
|
+
type Brand<T, B extends string> = T & {
|
|
240
|
+
readonly __brand: B;
|
|
241
|
+
};
|
|
242
|
+
type SigMessage = Brand<Uint8Array, 'SigMessage'>;
|
|
243
|
+
type SigPublicKey<Alg extends string> = Brand<Uint8Array, `${Alg}PublicKey`>;
|
|
244
|
+
type SigSecretKey<Alg extends string> = Brand<Uint8Array, `${Alg}SecretKey`>;
|
|
245
|
+
type SigSignature<Alg extends string> = Brand<Uint8Array, `${Alg}Signature`>;
|
|
246
|
+
type NobleSigLike = {
|
|
247
|
+
keygen(seed?: Uint8Array): {
|
|
248
|
+
publicKey: Uint8Array;
|
|
249
|
+
secretKey: Uint8Array;
|
|
250
|
+
};
|
|
251
|
+
sign(message: Uint8Array, secretKey: Uint8Array): Uint8Array;
|
|
252
|
+
verify(signature: Uint8Array, message: Uint8Array, publicKey: Uint8Array): boolean;
|
|
253
|
+
};
|
|
254
|
+
declare function makeSignatureAdapter<Alg extends string>(noble: NobleSigLike, manifest: SignatureManifest): {
|
|
255
|
+
keygen(): {
|
|
256
|
+
publicKey: SigPublicKey<Alg>;
|
|
257
|
+
secretKey: SigSecretKey<Alg>;
|
|
258
|
+
};
|
|
259
|
+
sign(params: {
|
|
260
|
+
message: SigMessage;
|
|
261
|
+
secretKey: SigSecretKey<Alg>;
|
|
262
|
+
}): SigSignature<Alg>;
|
|
263
|
+
verify(params: {
|
|
264
|
+
signature: SigSignature<Alg>;
|
|
265
|
+
message: SigMessage;
|
|
266
|
+
publicKey: SigPublicKey<Alg>;
|
|
267
|
+
}): boolean;
|
|
268
|
+
};
|
|
269
|
+
declare function asSigMessage(v: Uint8Array): SigMessage;
|
|
270
|
+
type KemEncapsKey<Alg extends string> = Brand<Uint8Array, `${Alg}EncapsKey`>;
|
|
271
|
+
type KemDecapsKey<Alg extends string> = Brand<Uint8Array, `${Alg}DecapsKey`>;
|
|
272
|
+
type KemCiphertext<Alg extends string> = Brand<Uint8Array, `${Alg}Ciphertext`>;
|
|
273
|
+
type KemSharedSecret = Brand<Uint8Array, 'KemSharedSecret'>;
|
|
274
|
+
type NobleKemLike = {
|
|
275
|
+
keygen(): {
|
|
276
|
+
publicKey: Uint8Array;
|
|
277
|
+
secretKey: Uint8Array;
|
|
278
|
+
};
|
|
279
|
+
encapsulate(publicKey: Uint8Array): {
|
|
280
|
+
ciphertext: Uint8Array;
|
|
281
|
+
sharedSecret: Uint8Array;
|
|
282
|
+
};
|
|
283
|
+
decapsulate(ciphertext: Uint8Array, secretKey: Uint8Array): Uint8Array;
|
|
284
|
+
};
|
|
285
|
+
declare function makeKemAdapter<Alg extends string>(noble: NobleKemLike, manifest: KemManifest): {
|
|
286
|
+
keygen(): {
|
|
287
|
+
encapsulationKey: KemEncapsKey<Alg>;
|
|
288
|
+
decapsulationKey: KemDecapsKey<Alg>;
|
|
289
|
+
};
|
|
290
|
+
encapsulate(params: {
|
|
291
|
+
encapsulationKey: KemEncapsKey<Alg>;
|
|
292
|
+
}): {
|
|
293
|
+
ciphertext: KemCiphertext<Alg>;
|
|
294
|
+
sharedSecret: KemSharedSecret;
|
|
295
|
+
};
|
|
296
|
+
decapsulate(params: {
|
|
297
|
+
ciphertext: KemCiphertext<Alg>;
|
|
298
|
+
decapsulationKey: KemDecapsKey<Alg>;
|
|
299
|
+
}): KemSharedSecret;
|
|
300
|
+
};
|
|
301
|
+
type DhPublicKey<Alg extends string> = Brand<Uint8Array, `${Alg}PublicKey`>;
|
|
302
|
+
type DhSecretKey<Alg extends string> = Brand<Uint8Array, `${Alg}SecretKey`>;
|
|
303
|
+
type DhSharedSecret = Brand<Uint8Array, 'DhSharedSecret'>;
|
|
304
|
+
type NobleDhLike = {
|
|
305
|
+
getPublicKey(secretKey: Uint8Array): Uint8Array;
|
|
306
|
+
getSharedSecret(secretKey: Uint8Array, publicKey: Uint8Array): Uint8Array;
|
|
307
|
+
utils: {
|
|
308
|
+
randomPrivateKey(): Uint8Array;
|
|
309
|
+
};
|
|
310
|
+
};
|
|
311
|
+
declare function makeDhAdapter<Alg extends string>(noble: NobleDhLike, manifest: DhManifest): {
|
|
312
|
+
keygen(): {
|
|
313
|
+
publicKey: DhPublicKey<Alg>;
|
|
314
|
+
secretKey: DhSecretKey<Alg>;
|
|
315
|
+
};
|
|
316
|
+
sharedSecret(params: {
|
|
317
|
+
ourSecretKey: DhSecretKey<Alg>;
|
|
318
|
+
theirPublicKey: DhPublicKey<Alg>;
|
|
319
|
+
}): DhSharedSecret;
|
|
320
|
+
};
|
|
321
|
+
type BoxKey = Brand<Uint8Array, 'BoxKey'>;
|
|
322
|
+
type BoxNonce = Brand<Uint8Array, 'BoxNonce'>;
|
|
323
|
+
declare function makeSecretboxAdapter(impl: {
|
|
324
|
+
seal: (key: Uint8Array, plaintext: Uint8Array, nonce: Uint8Array) => Uint8Array;
|
|
325
|
+
open: (key: Uint8Array, ciphertext: Uint8Array, nonce: Uint8Array) => Uint8Array | null;
|
|
326
|
+
}, manifest: SecretboxManifest): {
|
|
327
|
+
seal(params: {
|
|
328
|
+
key: BoxKey;
|
|
329
|
+
plaintext: Uint8Array;
|
|
330
|
+
nonce: BoxNonce;
|
|
331
|
+
}): Uint8Array;
|
|
332
|
+
open(params: {
|
|
333
|
+
key: BoxKey;
|
|
334
|
+
ciphertext: Uint8Array;
|
|
335
|
+
nonce: BoxNonce;
|
|
336
|
+
}): Uint8Array | null;
|
|
337
|
+
};
|
|
338
|
+
declare function asBoxKey(v: Uint8Array): BoxKey;
|
|
339
|
+
declare function asBoxNonce(v: Uint8Array): BoxNonce;
|
|
340
|
+
|
|
341
|
+
export { type BoxKey, type BoxNonce, type DhManifest, type DhPublicKey, type DhSecretKey, type DhSharedSecret, type DilithiumKeyPair, type DilithiumPublicKey, type DilithiumSecretKey, type DilithiumSignature, type KemCiphertext, type KemDecapsKey, type KemEncapsKey, type KemManifest, type KemSharedSecret, type KyberCiphertext, type KyberDecapsulationKey, type KyberEncapsulation, type KyberEncapsulationKey, type KyberKeyPair, ML_DSA_65, ML_KEM_768, type Message, type NobleDhLike, type NobleKemLike, type NobleSigLike, type Nonce, type SecretboxManifest, type SharedSecret, type SigMessage, type SigPublicKey, type SigSecretKey, type SigSignature, type SignatureManifest, type SymmetricKey, X25519, type X25519KeyPair, type X25519PublicKey, type X25519SecretKey, XSALSA20_POLY1305, asBoxKey, asBoxNonce, asDilithiumPublicKey, asDilithiumSecretKey, asKyberDecapsulationKey, asKyberEncapsulationKey, asMessage, asNonce, asSigMessage, asSymmetricKey, asX25519PublicKey, asX25519SecretKey, assertDhPrimitive, assertKemPrimitive, assertSignaturePrimitive, dilithium, kyber, makeDhAdapter, makeKemAdapter, makeSecretboxAdapter, makeSignatureAdapter, secretbox, x25519 };
|
|
@@ -0,0 +1,341 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Branded cryptographic types.
|
|
3
|
+
*
|
|
4
|
+
* Raw Uint8Array must never cross module boundaries without type branding.
|
|
5
|
+
* These types make argument inversion a compile-time error.
|
|
6
|
+
*/
|
|
7
|
+
type DilithiumSecretKey = Uint8Array & {
|
|
8
|
+
readonly __brand: 'DilithiumSecretKey';
|
|
9
|
+
};
|
|
10
|
+
type DilithiumPublicKey = Uint8Array & {
|
|
11
|
+
readonly __brand: 'DilithiumPublicKey';
|
|
12
|
+
};
|
|
13
|
+
type DilithiumSignature = Uint8Array & {
|
|
14
|
+
readonly __brand: 'DilithiumSignature';
|
|
15
|
+
};
|
|
16
|
+
interface DilithiumKeyPair {
|
|
17
|
+
publicKey: DilithiumPublicKey;
|
|
18
|
+
secretKey: DilithiumSecretKey;
|
|
19
|
+
}
|
|
20
|
+
type KyberEncapsulationKey = Uint8Array & {
|
|
21
|
+
readonly __brand: 'KyberEncapsulationKey';
|
|
22
|
+
};
|
|
23
|
+
type KyberDecapsulationKey = Uint8Array & {
|
|
24
|
+
readonly __brand: 'KyberDecapsulationKey';
|
|
25
|
+
};
|
|
26
|
+
type KyberCiphertext = Uint8Array & {
|
|
27
|
+
readonly __brand: 'KyberCiphertext';
|
|
28
|
+
};
|
|
29
|
+
type SharedSecret = Uint8Array & {
|
|
30
|
+
readonly __brand: 'SharedSecret';
|
|
31
|
+
};
|
|
32
|
+
interface KyberKeyPair {
|
|
33
|
+
encapsulationKey: KyberEncapsulationKey;
|
|
34
|
+
decapsulationKey: KyberDecapsulationKey;
|
|
35
|
+
}
|
|
36
|
+
interface KyberEncapsulation {
|
|
37
|
+
ciphertext: KyberCiphertext;
|
|
38
|
+
sharedSecret: SharedSecret;
|
|
39
|
+
}
|
|
40
|
+
type X25519PublicKey = Uint8Array & {
|
|
41
|
+
readonly __brand: 'X25519PublicKey';
|
|
42
|
+
};
|
|
43
|
+
type X25519SecretKey = Uint8Array & {
|
|
44
|
+
readonly __brand: 'X25519SecretKey';
|
|
45
|
+
};
|
|
46
|
+
interface X25519KeyPair {
|
|
47
|
+
publicKey: X25519PublicKey;
|
|
48
|
+
secretKey: X25519SecretKey;
|
|
49
|
+
}
|
|
50
|
+
type SymmetricKey = Uint8Array & {
|
|
51
|
+
readonly __brand: 'SymmetricKey';
|
|
52
|
+
};
|
|
53
|
+
type Nonce = Uint8Array & {
|
|
54
|
+
readonly __brand: 'Nonce';
|
|
55
|
+
};
|
|
56
|
+
type Message = Uint8Array & {
|
|
57
|
+
readonly __brand: 'Message';
|
|
58
|
+
};
|
|
59
|
+
declare function asMessage(data: Uint8Array): Message;
|
|
60
|
+
declare function asDilithiumSecretKey(data: Uint8Array): DilithiumSecretKey;
|
|
61
|
+
declare function asDilithiumPublicKey(data: Uint8Array): DilithiumPublicKey;
|
|
62
|
+
declare function asKyberEncapsulationKey(data: Uint8Array): KyberEncapsulationKey;
|
|
63
|
+
declare function asKyberDecapsulationKey(data: Uint8Array): KyberDecapsulationKey;
|
|
64
|
+
declare function asX25519PublicKey(data: Uint8Array): X25519PublicKey;
|
|
65
|
+
declare function asX25519SecretKey(data: Uint8Array): X25519SecretKey;
|
|
66
|
+
declare function asSymmetricKey(data: Uint8Array): SymmetricKey;
|
|
67
|
+
declare function asNonce(data: Uint8Array): Nonce;
|
|
68
|
+
|
|
69
|
+
/**
|
|
70
|
+
* Safe Dilithium ML-DSA-65 adapter.
|
|
71
|
+
*
|
|
72
|
+
* Object parameters + branded types + manifest verification.
|
|
73
|
+
* - Argument inversion is a compile-time error.
|
|
74
|
+
* - Primitive identity verified on first use (key/sig sizes match manifest).
|
|
75
|
+
* - Behavioral roundtrip confirmed before any real operation.
|
|
76
|
+
*/
|
|
77
|
+
|
|
78
|
+
declare function keygen$2(): Promise<DilithiumKeyPair>;
|
|
79
|
+
declare function sign(params: {
|
|
80
|
+
message: Message;
|
|
81
|
+
secretKey: DilithiumSecretKey;
|
|
82
|
+
}): Promise<DilithiumSignature>;
|
|
83
|
+
declare function verify(params: {
|
|
84
|
+
signature: DilithiumSignature;
|
|
85
|
+
message: Message;
|
|
86
|
+
publicKey: DilithiumPublicKey;
|
|
87
|
+
}): Promise<boolean>;
|
|
88
|
+
|
|
89
|
+
declare const dilithium_sign: typeof sign;
|
|
90
|
+
declare const dilithium_verify: typeof verify;
|
|
91
|
+
declare namespace dilithium {
|
|
92
|
+
export { keygen$2 as keygen, dilithium_sign as sign, dilithium_verify as verify };
|
|
93
|
+
}
|
|
94
|
+
|
|
95
|
+
/**
|
|
96
|
+
* Safe Kyber ML-KEM-768 adapter.
|
|
97
|
+
*
|
|
98
|
+
* Object parameters + branded types.
|
|
99
|
+
*/
|
|
100
|
+
|
|
101
|
+
declare function keygen$1(): Promise<KyberKeyPair | null>;
|
|
102
|
+
declare function encapsulate(params: {
|
|
103
|
+
encapsulationKey: KyberEncapsulationKey;
|
|
104
|
+
}): Promise<KyberEncapsulation>;
|
|
105
|
+
declare function decapsulate(params: {
|
|
106
|
+
ciphertext: KyberCiphertext;
|
|
107
|
+
decapsulationKey: KyberDecapsulationKey;
|
|
108
|
+
}): Promise<SharedSecret>;
|
|
109
|
+
|
|
110
|
+
declare const kyber_decapsulate: typeof decapsulate;
|
|
111
|
+
declare const kyber_encapsulate: typeof encapsulate;
|
|
112
|
+
declare namespace kyber {
|
|
113
|
+
export { kyber_decapsulate as decapsulate, kyber_encapsulate as encapsulate, keygen$1 as keygen };
|
|
114
|
+
}
|
|
115
|
+
|
|
116
|
+
/**
|
|
117
|
+
* Safe X25519 adapter.
|
|
118
|
+
*
|
|
119
|
+
* Object parameters + branded types.
|
|
120
|
+
*/
|
|
121
|
+
|
|
122
|
+
declare function keygen(): X25519KeyPair;
|
|
123
|
+
declare function sharedSecret(params: {
|
|
124
|
+
ourSecretKey: X25519SecretKey;
|
|
125
|
+
theirPublicKey: X25519PublicKey;
|
|
126
|
+
}): SharedSecret;
|
|
127
|
+
|
|
128
|
+
declare const x25519_keygen: typeof keygen;
|
|
129
|
+
declare const x25519_sharedSecret: typeof sharedSecret;
|
|
130
|
+
declare namespace x25519 {
|
|
131
|
+
export { x25519_keygen as keygen, x25519_sharedSecret as sharedSecret };
|
|
132
|
+
}
|
|
133
|
+
|
|
134
|
+
/**
|
|
135
|
+
* Safe secretbox (xsalsa20-poly1305) adapter.
|
|
136
|
+
*
|
|
137
|
+
* Object parameters + branded types.
|
|
138
|
+
*/
|
|
139
|
+
|
|
140
|
+
declare function seal(params: {
|
|
141
|
+
key: SymmetricKey;
|
|
142
|
+
plaintext: Uint8Array;
|
|
143
|
+
nonce: Nonce;
|
|
144
|
+
}): Uint8Array;
|
|
145
|
+
declare function open(params: {
|
|
146
|
+
key: SymmetricKey;
|
|
147
|
+
ciphertext: Uint8Array;
|
|
148
|
+
nonce: Nonce;
|
|
149
|
+
}): Uint8Array | null;
|
|
150
|
+
|
|
151
|
+
declare const secretbox_open: typeof open;
|
|
152
|
+
declare const secretbox_seal: typeof seal;
|
|
153
|
+
declare namespace secretbox {
|
|
154
|
+
export { secretbox_open as open, secretbox_seal as seal };
|
|
155
|
+
}
|
|
156
|
+
|
|
157
|
+
/**
|
|
158
|
+
* Primitive identity manifests.
|
|
159
|
+
*
|
|
160
|
+
* Each manifest declares the expected algorithm name and byte sizes.
|
|
161
|
+
* Used by assertPrimitiveIdentity() to verify that the underlying library
|
|
162
|
+
* is the exact primitive we intended to wrap — not a swapped, compromised,
|
|
163
|
+
* or silently upgraded implementation.
|
|
164
|
+
*
|
|
165
|
+
* This catches:
|
|
166
|
+
* - wrong algorithm resolved behind the same import
|
|
167
|
+
* - changed encoding or key format after a dependency update
|
|
168
|
+
* - supply-chain substitution of a different primitive
|
|
169
|
+
* - silent API drift in key/signature sizes
|
|
170
|
+
*/
|
|
171
|
+
interface SignatureManifest {
|
|
172
|
+
readonly algorithm: string;
|
|
173
|
+
readonly publicKeyBytes: number;
|
|
174
|
+
readonly secretKeyBytes: number;
|
|
175
|
+
readonly signatureBytes: number;
|
|
176
|
+
}
|
|
177
|
+
interface KemManifest {
|
|
178
|
+
readonly algorithm: string;
|
|
179
|
+
readonly encapsulationKeyBytes: number;
|
|
180
|
+
readonly decapsulationKeyBytes: number;
|
|
181
|
+
readonly ciphertextBytes: number;
|
|
182
|
+
readonly sharedSecretBytes: number;
|
|
183
|
+
}
|
|
184
|
+
interface DhManifest {
|
|
185
|
+
readonly algorithm: string;
|
|
186
|
+
readonly publicKeyBytes: number;
|
|
187
|
+
readonly secretKeyBytes: number;
|
|
188
|
+
readonly sharedSecretBytes: number;
|
|
189
|
+
}
|
|
190
|
+
interface SecretboxManifest {
|
|
191
|
+
readonly algorithm: string;
|
|
192
|
+
readonly keyBytes: number;
|
|
193
|
+
readonly nonceBytes: number;
|
|
194
|
+
readonly tagBytes: number;
|
|
195
|
+
}
|
|
196
|
+
declare const ML_DSA_65: SignatureManifest;
|
|
197
|
+
declare const ML_KEM_768: KemManifest;
|
|
198
|
+
declare const X25519: DhManifest;
|
|
199
|
+
declare const XSALSA20_POLY1305: SecretboxManifest;
|
|
200
|
+
declare function assertSignaturePrimitive(noble: {
|
|
201
|
+
keygen(seed?: Uint8Array): {
|
|
202
|
+
publicKey: Uint8Array;
|
|
203
|
+
secretKey: Uint8Array;
|
|
204
|
+
};
|
|
205
|
+
sign(message: Uint8Array, secretKey: Uint8Array): Uint8Array;
|
|
206
|
+
verify(signature: Uint8Array, message: Uint8Array, publicKey: Uint8Array): boolean;
|
|
207
|
+
}, manifest: SignatureManifest): void;
|
|
208
|
+
declare function assertKemPrimitive(noble: {
|
|
209
|
+
keygen(): {
|
|
210
|
+
publicKey: Uint8Array;
|
|
211
|
+
secretKey: Uint8Array;
|
|
212
|
+
};
|
|
213
|
+
encapsulate(publicKey: Uint8Array): {
|
|
214
|
+
ciphertext: Uint8Array;
|
|
215
|
+
sharedSecret: Uint8Array;
|
|
216
|
+
};
|
|
217
|
+
decapsulate(ciphertext: Uint8Array, secretKey: Uint8Array): Uint8Array;
|
|
218
|
+
}, manifest: KemManifest): void;
|
|
219
|
+
declare function assertDhPrimitive(noble: {
|
|
220
|
+
getPublicKey(secretKey: Uint8Array): Uint8Array;
|
|
221
|
+
getSharedSecret(secretKey: Uint8Array, publicKey: Uint8Array): Uint8Array;
|
|
222
|
+
utils: {
|
|
223
|
+
randomPrivateKey(): Uint8Array;
|
|
224
|
+
};
|
|
225
|
+
}, manifest: DhManifest): void;
|
|
226
|
+
|
|
227
|
+
/**
|
|
228
|
+
* High-assurance adapter factories.
|
|
229
|
+
*
|
|
230
|
+
* Single-boundary, typed, invariant-checked, manifest-verified.
|
|
231
|
+
*
|
|
232
|
+
* Each factory wraps a low-level positional API into a safe object-parameter API.
|
|
233
|
+
* - Branded types prevent argument confusion at compile time.
|
|
234
|
+
* - Lazy invariant checks catch API drift at runtime.
|
|
235
|
+
* - Manifest checks verify primitive identity (key/signature sizes) to catch
|
|
236
|
+
* supply-chain substitution or silent dependency upgrades.
|
|
237
|
+
*/
|
|
238
|
+
|
|
239
|
+
type Brand<T, B extends string> = T & {
|
|
240
|
+
readonly __brand: B;
|
|
241
|
+
};
|
|
242
|
+
type SigMessage = Brand<Uint8Array, 'SigMessage'>;
|
|
243
|
+
type SigPublicKey<Alg extends string> = Brand<Uint8Array, `${Alg}PublicKey`>;
|
|
244
|
+
type SigSecretKey<Alg extends string> = Brand<Uint8Array, `${Alg}SecretKey`>;
|
|
245
|
+
type SigSignature<Alg extends string> = Brand<Uint8Array, `${Alg}Signature`>;
|
|
246
|
+
type NobleSigLike = {
|
|
247
|
+
keygen(seed?: Uint8Array): {
|
|
248
|
+
publicKey: Uint8Array;
|
|
249
|
+
secretKey: Uint8Array;
|
|
250
|
+
};
|
|
251
|
+
sign(message: Uint8Array, secretKey: Uint8Array): Uint8Array;
|
|
252
|
+
verify(signature: Uint8Array, message: Uint8Array, publicKey: Uint8Array): boolean;
|
|
253
|
+
};
|
|
254
|
+
declare function makeSignatureAdapter<Alg extends string>(noble: NobleSigLike, manifest: SignatureManifest): {
|
|
255
|
+
keygen(): {
|
|
256
|
+
publicKey: SigPublicKey<Alg>;
|
|
257
|
+
secretKey: SigSecretKey<Alg>;
|
|
258
|
+
};
|
|
259
|
+
sign(params: {
|
|
260
|
+
message: SigMessage;
|
|
261
|
+
secretKey: SigSecretKey<Alg>;
|
|
262
|
+
}): SigSignature<Alg>;
|
|
263
|
+
verify(params: {
|
|
264
|
+
signature: SigSignature<Alg>;
|
|
265
|
+
message: SigMessage;
|
|
266
|
+
publicKey: SigPublicKey<Alg>;
|
|
267
|
+
}): boolean;
|
|
268
|
+
};
|
|
269
|
+
declare function asSigMessage(v: Uint8Array): SigMessage;
|
|
270
|
+
type KemEncapsKey<Alg extends string> = Brand<Uint8Array, `${Alg}EncapsKey`>;
|
|
271
|
+
type KemDecapsKey<Alg extends string> = Brand<Uint8Array, `${Alg}DecapsKey`>;
|
|
272
|
+
type KemCiphertext<Alg extends string> = Brand<Uint8Array, `${Alg}Ciphertext`>;
|
|
273
|
+
type KemSharedSecret = Brand<Uint8Array, 'KemSharedSecret'>;
|
|
274
|
+
type NobleKemLike = {
|
|
275
|
+
keygen(): {
|
|
276
|
+
publicKey: Uint8Array;
|
|
277
|
+
secretKey: Uint8Array;
|
|
278
|
+
};
|
|
279
|
+
encapsulate(publicKey: Uint8Array): {
|
|
280
|
+
ciphertext: Uint8Array;
|
|
281
|
+
sharedSecret: Uint8Array;
|
|
282
|
+
};
|
|
283
|
+
decapsulate(ciphertext: Uint8Array, secretKey: Uint8Array): Uint8Array;
|
|
284
|
+
};
|
|
285
|
+
declare function makeKemAdapter<Alg extends string>(noble: NobleKemLike, manifest: KemManifest): {
|
|
286
|
+
keygen(): {
|
|
287
|
+
encapsulationKey: KemEncapsKey<Alg>;
|
|
288
|
+
decapsulationKey: KemDecapsKey<Alg>;
|
|
289
|
+
};
|
|
290
|
+
encapsulate(params: {
|
|
291
|
+
encapsulationKey: KemEncapsKey<Alg>;
|
|
292
|
+
}): {
|
|
293
|
+
ciphertext: KemCiphertext<Alg>;
|
|
294
|
+
sharedSecret: KemSharedSecret;
|
|
295
|
+
};
|
|
296
|
+
decapsulate(params: {
|
|
297
|
+
ciphertext: KemCiphertext<Alg>;
|
|
298
|
+
decapsulationKey: KemDecapsKey<Alg>;
|
|
299
|
+
}): KemSharedSecret;
|
|
300
|
+
};
|
|
301
|
+
type DhPublicKey<Alg extends string> = Brand<Uint8Array, `${Alg}PublicKey`>;
|
|
302
|
+
type DhSecretKey<Alg extends string> = Brand<Uint8Array, `${Alg}SecretKey`>;
|
|
303
|
+
type DhSharedSecret = Brand<Uint8Array, 'DhSharedSecret'>;
|
|
304
|
+
type NobleDhLike = {
|
|
305
|
+
getPublicKey(secretKey: Uint8Array): Uint8Array;
|
|
306
|
+
getSharedSecret(secretKey: Uint8Array, publicKey: Uint8Array): Uint8Array;
|
|
307
|
+
utils: {
|
|
308
|
+
randomPrivateKey(): Uint8Array;
|
|
309
|
+
};
|
|
310
|
+
};
|
|
311
|
+
declare function makeDhAdapter<Alg extends string>(noble: NobleDhLike, manifest: DhManifest): {
|
|
312
|
+
keygen(): {
|
|
313
|
+
publicKey: DhPublicKey<Alg>;
|
|
314
|
+
secretKey: DhSecretKey<Alg>;
|
|
315
|
+
};
|
|
316
|
+
sharedSecret(params: {
|
|
317
|
+
ourSecretKey: DhSecretKey<Alg>;
|
|
318
|
+
theirPublicKey: DhPublicKey<Alg>;
|
|
319
|
+
}): DhSharedSecret;
|
|
320
|
+
};
|
|
321
|
+
type BoxKey = Brand<Uint8Array, 'BoxKey'>;
|
|
322
|
+
type BoxNonce = Brand<Uint8Array, 'BoxNonce'>;
|
|
323
|
+
declare function makeSecretboxAdapter(impl: {
|
|
324
|
+
seal: (key: Uint8Array, plaintext: Uint8Array, nonce: Uint8Array) => Uint8Array;
|
|
325
|
+
open: (key: Uint8Array, ciphertext: Uint8Array, nonce: Uint8Array) => Uint8Array | null;
|
|
326
|
+
}, manifest: SecretboxManifest): {
|
|
327
|
+
seal(params: {
|
|
328
|
+
key: BoxKey;
|
|
329
|
+
plaintext: Uint8Array;
|
|
330
|
+
nonce: BoxNonce;
|
|
331
|
+
}): Uint8Array;
|
|
332
|
+
open(params: {
|
|
333
|
+
key: BoxKey;
|
|
334
|
+
ciphertext: Uint8Array;
|
|
335
|
+
nonce: BoxNonce;
|
|
336
|
+
}): Uint8Array | null;
|
|
337
|
+
};
|
|
338
|
+
declare function asBoxKey(v: Uint8Array): BoxKey;
|
|
339
|
+
declare function asBoxNonce(v: Uint8Array): BoxNonce;
|
|
340
|
+
|
|
341
|
+
export { type BoxKey, type BoxNonce, type DhManifest, type DhPublicKey, type DhSecretKey, type DhSharedSecret, type DilithiumKeyPair, type DilithiumPublicKey, type DilithiumSecretKey, type DilithiumSignature, type KemCiphertext, type KemDecapsKey, type KemEncapsKey, type KemManifest, type KemSharedSecret, type KyberCiphertext, type KyberDecapsulationKey, type KyberEncapsulation, type KyberEncapsulationKey, type KyberKeyPair, ML_DSA_65, ML_KEM_768, type Message, type NobleDhLike, type NobleKemLike, type NobleSigLike, type Nonce, type SecretboxManifest, type SharedSecret, type SigMessage, type SigPublicKey, type SigSecretKey, type SigSignature, type SignatureManifest, type SymmetricKey, X25519, type X25519KeyPair, type X25519PublicKey, type X25519SecretKey, XSALSA20_POLY1305, asBoxKey, asBoxNonce, asDilithiumPublicKey, asDilithiumSecretKey, asKyberDecapsulationKey, asKyberEncapsulationKey, asMessage, asNonce, asSigMessage, asSymmetricKey, asX25519PublicKey, asX25519SecretKey, assertDhPrimitive, assertKemPrimitive, assertSignaturePrimitive, dilithium, kyber, makeDhAdapter, makeKemAdapter, makeSecretboxAdapter, makeSignatureAdapter, secretbox, x25519 };
|