@opentdf/sdk 0.12.0 → 0.13.0-beta.119

package/dist/cjs/tdf3/src/crypto/core/rsa.js

@@ -0,0 +1,120 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.rsaOaepSha1 = rsaOaepSha1;
+exports.rsaPkcs1Sha256 = rsaPkcs1Sha256;
+exports.generateKeyPair = generateKeyPair;
+exports.generateSigningKeyPair = generateSigningKeyPair;
+exports.encryptWithPublicKey = encryptWithPublicKey;
+exports.decryptWithPrivateKey = decryptWithPrivateKey;
+const binary_js_1 = require("../../binary.js");
+const declarations_js_1 = require("../declarations.js");
+const errors_js_1 = require("../../../../src/errors.js");
+const keys_js_1 = require("./keys.js");
+const ENC_DEC_METHODS = ['encrypt', 'decrypt'];
+const SIGN_VERIFY_METHODS = ['sign', 'verify'];
+/**
+ * Get a DOMString representing the algorithm to use for an
+ * asymmetric key generation.
+ */
+function rsaOaepSha1(modulusLength = declarations_js_1.MIN_ASYMMETRIC_KEY_SIZE_BITS) {
+    if (!modulusLength || modulusLength < declarations_js_1.MIN_ASYMMETRIC_KEY_SIZE_BITS) {
+        throw new errors_js_1.ConfigurationError('Invalid key size requested');
+    }
+    return {
+        name: 'RSA-OAEP',
+        hash: {
+            name: 'SHA-1',
+        },
+        modulusLength,
+        // 24 bit representation of 65537
+        publicExponent: new Uint8Array([0x01, 0x00, 0x01]),
+    };
+}
+function rsaPkcs1Sha256(modulusLength = declarations_js_1.MIN_ASYMMETRIC_KEY_SIZE_BITS) {
+    if (!modulusLength || modulusLength < declarations_js_1.MIN_ASYMMETRIC_KEY_SIZE_BITS) {
+        throw new errors_js_1.ConfigurationError('Invalid key size requested');
+    }
+    return {
+        name: 'RSASSA-PKCS1-v1_5',
+        hash: {
+            name: 'SHA-256',
+        },
+        modulusLength,
+        // 24 bit representation of 65537
+        publicExponent: new Uint8Array([0x01, 0x00, 0x01]),
+    };
+}
+/**
+ * Generate an RSA key pair
+ * @see    {@link https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/generateKey}
+ * @param  size in bits
+ */
+async function generateKeyPair(size) {
+    const keySize = size || declarations_js_1.MIN_ASYMMETRIC_KEY_SIZE_BITS;
+    const algoDomString = rsaOaepSha1(keySize);
+    const keyPair = await crypto.subtle.generateKey(algoDomString, true, ENC_DEC_METHODS);
+    // Map to supported algorithm sizes
+    let algorithm;
+    if (keySize === 2048) {
+        algorithm = 'rsa:2048';
+    }
+    else if (keySize === 4096) {
+        algorithm = 'rsa:4096';
+    }
+    else {
+        throw new errors_js_1.ConfigurationError(`Unsupported RSA key size: ${keySize}. Only 2048 and 4096 are supported.`);
+    }
+    return {
+        publicKey: (0, keys_js_1.wrapPublicKey)(keyPair.publicKey, algorithm),
+        privateKey: (0, keys_js_1.wrapPrivateKey)(keyPair.privateKey, algorithm),
+    };
+}
+/**
+ * Generate an RSA key pair suitable for signatures
+ * @see    {@link https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/generateKey}
+ */
+async function generateSigningKeyPair() {
+    const rsaParams = rsaPkcs1Sha256(2048);
+    const keyPair = await crypto.subtle.generateKey(rsaParams, true, SIGN_VERIFY_METHODS);
+    const algorithm = 'rsa:2048';
+    return {
+        publicKey: (0, keys_js_1.wrapPublicKey)(keyPair.publicKey, algorithm),
+        privateKey: (0, keys_js_1.wrapPrivateKey)(keyPair.privateKey, algorithm),
+    };
+}
+/**
+ * Encrypt using a public key (RSA-OAEP).
+ * Accepts Binary or SymmetricKey for key wrapping.
+ * @param payload Payload to encrypt (Binary) or symmetric key to wrap (SymmetricKey)
+ * @param publicKey Opaque public key
+ * @return Encrypted payload
+ */
+async function encryptWithPublicKey(payload, publicKey) {
+    let payloadBuffer;
+    // Handle SymmetricKey unwrapping
+    if ('_brand' in payload && payload._brand === 'SymmetricKey') {
+        // Pass Uint8Array directly — Web Crypto respects byteOffset/byteLength on typed array views.
+        payloadBuffer = (0, keys_js_1.unwrapSymmetricKey)(payload);
+    }
+    else {
+        // Binary payload
+        payloadBuffer = payload.asArrayBuffer();
+    }
+    const cryptoKey = (0, keys_js_1.unwrapKey)(publicKey);
+    const result = await crypto.subtle.encrypt({ name: 'RSA-OAEP' }, cryptoKey, payloadBuffer);
+    return binary_js_1.Binary.fromArrayBuffer(result);
+}
+/**
+ * Decrypt a public-key encrypted payload with a private key
+ * @param  encryptedPayload  Payload to decrypt
+ * @param  privateKey        Opaque private key
+ * @return Decrypted payload
+ */
+async function decryptWithPrivateKey(encryptedPayload, privateKey) {
+    console.assert(typeof encryptedPayload === 'object', 'encryptedPayload must be object');
+    const cryptoKey = (0, keys_js_1.unwrapKey)(privateKey);
+    const payload = await crypto.subtle.decrypt({ name: 'RSA-OAEP' }, cryptoKey, encryptedPayload.asArrayBuffer());
+    const bufferView = new Uint8Array(payload);
+    return binary_js_1.Binary.fromArrayBuffer(bufferView.buffer);
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicnNhLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vLi4vLi4vdGRmMy9zcmMvY3J5cHRvL2NvcmUvcnNhLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7O0FBbUJBLGtDQWVDO0FBRUQsd0NBZUM7QUFPRCwwQ0FxQkM7QUFNRCx3REFTQztBQVNELG9EQWtCQztBQVFELHNEQWNDO0FBL0lELCtDQUF5QztBQUN6Qyx3REFPNEI7QUFDNUIseURBQStEO0FBQy9ELHVDQUF5RjtBQUV6RixNQUFNLGVBQWUsR0FBZSxDQUFDLFNBQVMsRUFBRSxTQUFTLENBQUMsQ0FBQztBQUMzRCxNQUFNLG1CQUFtQixHQUFlLENBQUMsTUFBTSxFQUFFLFFBQVEsQ0FBQyxDQUFDO0FBRTNEOzs7R0FHRztBQUNILFNBQWdCLFdBQVcsQ0FDekIsZ0JBQXdCLDhDQUE0QjtJQUVwRCxJQUFJLENBQUMsYUFBYSxJQUFJLGFBQWEsR0FBRyw4Q0FBNEIsRUFBRSxDQUFDO1FBQ25FLE1BQU0sSUFBSSw4QkFBa0IsQ0FBQyw0QkFBNEIsQ0FBQyxDQUFDO0lBQzdELENBQUM7SUFDRCxPQUFPO1FBQ0wsSUFBSSxFQUFFLFVBQVU7UUFDaEIsSUFBSSxFQUFFO1lBQ0osSUFBSSxFQUFFLE9BQU87U0FDZDtRQUNELGFBQWE7UUFDYixpQ0FBaUM7UUFDakMsY0FBYyxFQUFFLElBQUksVUFBVSxDQUFDLENBQUMsSUFBSSxFQUFFLElBQUksRUFBRSxJQUFJLENBQUMsQ0FBQztLQUNuRCxDQUFDO0FBQ0osQ0FBQztBQUVELFNBQWdCLGNBQWMsQ0FDNUIsZ0JBQXdCLDhDQUE0QjtJQUVwRCxJQUFJLENBQUMsYUFBYSxJQUFJLGFBQWEsR0FBRyw4Q0FBNEIsRUFBRSxDQUFDO1FBQ25FLE1BQU0sSUFBSSw4QkFBa0IsQ0FBQyw0QkFBNEIsQ0FBQyxDQUFDO0lBQzdELENBQUM7SUFDRCxPQUFPO1FBQ0wsSUFBSSxFQUFFLG1CQUFtQjtRQUN6QixJQUFJLEVBQUU7WUFDSixJQUFJLEVBQUUsU0FBUztTQUNoQjtRQUNELGFBQWE7UUFDYixpQ0FBaUM7UUFDakMsY0FBYyxFQUFFLElBQUksVUFBVSxDQUFDLENBQUMsSUFBSSxFQUFFLElBQUksRUFBRSxJQUFJLENBQUMsQ0FBQztLQUNuRCxDQUFDO0FBQ0osQ0FBQztBQUVEOzs7O0dBSUc7QUFDSSxLQUFLLFVBQVUsZUFBZSxDQUFDLElBQWE7SUFDakQsTUFBTSxPQUFPLEdBQUcsSUFBSSxJQUFJLDhDQUE0QixDQUFDO0lBQ3JELE1BQU0sYUFBYSxHQUFHLFdBQVcsQ0FBQyxPQUFPLENBQUMsQ0FBQztJQUMzQyxNQUFNLE9BQU8sR0FBRyxNQUFNLE1BQU0sQ0FBQyxNQUFNLENBQUMsV0FBVyxDQUFDLGFBQWEsRUFBRSxJQUFJLEVBQUUsZUFBZSxDQUFDLENBQUM7SUFFdEYsbUNBQW1DO0lBQ25DLElBQUksU0FBdUIsQ0FBQztJQUM1QixJQUFJLE9BQU8sS0FBSyxJQUFJLEVBQUUsQ0FBQztRQUNyQixTQUFTLEdBQUcsVUFBVSxDQUFDO0lBQ3pCLENBQUM7U0FBTSxJQUFJLE9BQU8sS0FBSyxJQUFJLEVBQUUsQ0FBQztRQUM1QixTQUFTLEdBQUcsVUFBVSxDQUFDO0lBQ3pCLENBQUM7U0FBTSxDQUFDO1FBQ04sTUFBTSxJQUFJLDhCQUFrQixDQUMxQiw2QkFBNkIsT0FBTyxxQ0FBcUMsQ0FDMUUsQ0FBQztJQUNKLENBQUM7SUFFRCxPQUFPO1FBQ0wsU0FBUyxFQUFFLElBQUEsdUJBQWEsRUFBQyxPQUFPLENBQUMsU0FBUyxFQUFFLFNBQVMsQ0FBQztRQUN0RCxVQUFVLEVBQUUsSUFBQSx3QkFBYyxFQUFDLE9BQU8sQ0FBQyxVQUFVLEVBQUUsU0FBUyxDQUFDO0tBQzFELENBQUM7QUFDSixDQUFDO0FBRUQ7OztHQUdHO0FBQ0ksS0FBSyxVQUFVLHNCQUFzQjtJQUMxQyxNQUFNLFNBQVMsR0FBRyxjQUFjLENBQUMsSUFBSSxDQUFDLENBQUM7SUFDdkMsTUFBTSxPQUFPLEdBQUcsTUFBTSxNQUFNLENBQUMsTUFBTSxDQUFDLFdBQVcsQ0FBQyxTQUFTLEVBQUUsSUFBSSxFQUFFLG1CQUFtQixDQUFDLENBQUM7SUFFdEYsTUFBTSxTQUFTLEdBQWlCLFVBQVUsQ0FBQztJQUMzQyxPQUFPO1FBQ0wsU0FBUyxFQUFFLElBQUEsdUJBQWEsRUFBQyxPQUFPLENBQUMsU0FBUyxFQUFFLFNBQVMsQ0FBQztRQUN0RCxVQUFVLEVBQUUsSUFBQSx3QkFBYyxFQUFDLE9BQU8sQ0FBQyxVQUFVLEVBQUUsU0FBUyxDQUFDO0tBQzFELENBQUM7QUFDSixDQUFDO0FBRUQ7Ozs7OztHQU1HO0FBQ0ksS0FBSyxVQUFVLG9CQUFvQixDQUN4QyxPQUE4QixFQUM5QixTQUFvQjtJQUVwQixJQUFJLGFBQTJCLENBQUM7SUFFaEMsaUNBQWlDO0lBQ2pDLElBQUksUUFBUSxJQUFJLE9BQU8sSUFBSSxPQUFPLENBQUMsTUFBTSxLQUFLLGNBQWMsRUFBRSxDQUFDO1FBQzdELDZGQUE2RjtRQUM3RixhQUFhLEdBQUcsSUFBQSw0QkFBa0IsRUFBQyxPQUFPLENBQUMsQ0FBQztJQUM5QyxDQUFDO1NBQU0sQ0FBQztRQUNOLGlCQUFpQjtRQUNqQixhQUFhLEdBQUksT0FBa0IsQ0FBQyxhQUFhLEVBQUUsQ0FBQztJQUN0RCxDQUFDO0lBRUQsTUFBTSxTQUFTLEdBQUcsSUFBQSxtQkFBUyxFQUFDLFNBQVMsQ0FBQyxDQUFDO0lBQ3ZDLE1BQU0sTUFBTSxHQUFHLE1BQU0sTUFBTSxDQUFDLE1BQU0sQ0FBQyxPQUFPLENBQUMsRUFBRSxJQUFJLEVBQUUsVUFBVSxFQUFFLEVBQUUsU0FBUyxFQUFFLGFBQWEsQ0FBQyxDQUFDO0lBQzNGLE9BQU8sa0JBQU0sQ0FBQyxlQUFlLENBQUMsTUFBTSxDQUFDLENBQUM7QUFDeEMsQ0FBQztBQUVEOzs7OztHQUtHO0FBQ0ksS0FBSyxVQUFVLHFCQUFxQixDQUN6QyxnQkFBd0IsRUFDeEIsVUFBc0I7SUFFdEIsT0FBTyxDQUFDLE1BQU0sQ0FBQyxPQUFPLGdCQUFnQixLQUFLLFFBQVEsRUFBRSxpQ0FBaUMsQ0FBQyxDQUFDO0lBRXhGLE1BQU0sU0FBUyxHQUFHLElBQUEsbUJBQVMsRUFBQyxVQUFVLENBQUMsQ0FBQztJQUN4QyxNQUFNLE9BQU8sR0FBRyxNQUFNLE1BQU0sQ0FBQyxNQUFNLENBQUMsT0FBTyxDQUN6QyxFQUFFLElBQUksRUFBRSxVQUFVLEVBQUUsRUFDcEIsU0FBUyxFQUNULGdCQUFnQixDQUFDLGFBQWEsRUFBRSxDQUNqQyxDQUFDO0lBQ0YsTUFBTSxVQUFVLEdBQUcsSUFBSSxVQUFVLENBQUMsT0FBTyxDQUFDLENBQUM7SUFDM0MsT0FBTyxrQkFBTSxDQUFDLGVBQWUsQ0FBQyxVQUFVLENBQUMsTUFBTSxDQUFDLENBQUM7QUFDbkQsQ0FBQyJ9

package/dist/cjs/tdf3/src/crypto/core/signing.js

@@ -0,0 +1,178 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.sign = sign;
+exports.verify = verify;
+const errors_js_1 = require("../../../../src/errors.js");
+const keys_js_1 = require("./keys.js");
+/**
+ * Get the Web Crypto algorithm parameters for a signing algorithm.
+ */
+function getSigningAlgorithmParams(algorithm) {
+    switch (algorithm) {
+        case 'RS256':
+            return {
+                importParams: { name: 'RSASSA-PKCS1-v1_5', hash: 'SHA-256' },
+                signParams: 'RSASSA-PKCS1-v1_5',
+            };
+        case 'ES256':
+            return {
+                importParams: { name: 'ECDSA', namedCurve: 'P-256' },
+                signParams: { name: 'ECDSA', hash: 'SHA-256' },
+            };
+        case 'ES384':
+            return {
+                importParams: { name: 'ECDSA', namedCurve: 'P-384' },
+                signParams: { name: 'ECDSA', hash: 'SHA-384' },
+            };
+        case 'ES512':
+            return {
+                importParams: { name: 'ECDSA', namedCurve: 'P-521' },
+                signParams: { name: 'ECDSA', hash: 'SHA-512' },
+            };
+        default:
+            throw new errors_js_1.ConfigurationError(`Unsupported signing algorithm: ${algorithm}`);
+    }
+}
+/**
+ * Convert IEEE P1363 signature format (used by WebCrypto ECDSA) to DER format (used by JWT).
+ * RS256 signatures don't need conversion.
+ */
+function ieeeP1363ToDer(signature, algorithm) {
+    if (algorithm === 'RS256') {
+        return signature;
+    }
+    // IEEE P1363: r || s where each is padded to key size
+    const halfLen = signature.length / 2;
+    const r = signature.slice(0, halfLen);
+    const s = signature.slice(halfLen);
+    // Remove leading zeros but keep one if the high bit is set
+    const trimLeadingZeros = (arr) => {
+        let i = 0;
+        while (i < arr.length - 1 && arr[i] === 0)
+            i++;
+        return arr.slice(i);
+    };
+    let rTrimmed = trimLeadingZeros(r);
+    let sTrimmed = trimLeadingZeros(s);
+    // Add leading zero if high bit is set (to keep positive in DER)
+    if (rTrimmed[0] & 0x80) {
+        const padded = new Uint8Array(rTrimmed.length + 1);
+        padded.set(rTrimmed, 1);
+        rTrimmed = padded;
+    }
+    if (sTrimmed[0] & 0x80) {
+        const padded = new Uint8Array(sTrimmed.length + 1);
+        padded.set(sTrimmed, 1);
+        sTrimmed = padded;
+    }
+    // DER SEQUENCE: 0x30 [length] [r INTEGER] [s INTEGER]
+    // INTEGER: 0x02 [length] [value]
+    const rDer = new Uint8Array([0x02, rTrimmed.length, ...rTrimmed]);
+    const sDer = new Uint8Array([0x02, sTrimmed.length, ...sTrimmed]);
+    const seqLen = rDer.length + sDer.length;
+    // DER length: short-form for < 128, long-form (0x81 nn) for 128-255.
+    // ECDSA sequences never exceed 255 bytes for any supported curve.
+    const lenBytes = seqLen < 128 ? new Uint8Array([seqLen]) : new Uint8Array([0x81, seqLen]);
+    const result = new Uint8Array(1 + lenBytes.length + seqLen);
+    result[0] = 0x30;
+    result.set(lenBytes, 1);
+    result.set(rDer, 1 + lenBytes.length);
+    result.set(sDer, 1 + lenBytes.length + rDer.length);
+    return result;
+}
+/**
+ * Convert DER signature format (used by JWT) to IEEE P1363 format (used by WebCrypto ECDSA).
+ * RS256 signatures don't need conversion.
+ */
+function derToIeeeP1363(signature, algorithm) {
+    if (algorithm === 'RS256') {
+        return signature;
+    }
+    // Determine the expected component length based on algorithm
+    let componentLen;
+    switch (algorithm) {
+        case 'ES256':
+            componentLen = 32;
+            break;
+        case 'ES384':
+            componentLen = 48;
+            break;
+        case 'ES512':
+            componentLen = 66;
+            break;
+        default:
+            throw new errors_js_1.ConfigurationError(`Unsupported algorithm for DER conversion: ${algorithm}`);
+    }
+    if (signature[0] !== 0x30) {
+        throw new errors_js_1.ConfigurationError('Invalid DER signature: expected SEQUENCE');
+    }
+    // Skip SEQUENCE tag, then parse DER length (short- or long-form).
+    let offset = 1;
+    if (signature[offset] & 0x80) {
+        // Long-form: low 7 bits = number of subsequent length bytes.
+        const lenBytesCount = signature[offset] & 0x7f;
+        if (lenBytesCount === 0 || lenBytesCount > 4) {
+            throw new errors_js_1.ConfigurationError('Invalid DER signature: invalid long-form length');
+        }
+        offset += 1 + lenBytesCount;
+        if (offset > signature.length) {
+            throw new errors_js_1.ConfigurationError('Invalid DER signature: length bytes exceed signature length');
+        }
+    }
+    else {
+        // Short-form: single length byte.
+        offset += 1;
+    }
+    // Parse r INTEGER
+    if (signature[offset] !== 0x02) {
+        throw new errors_js_1.ConfigurationError('Invalid DER signature: expected INTEGER for r');
+    }
+    const rLen = signature[offset + 1];
+    offset += 2;
+    let r = signature.slice(offset, offset + rLen);
+    offset += rLen;
+    // Parse s INTEGER
+    if (signature[offset] !== 0x02) {
+        throw new errors_js_1.ConfigurationError('Invalid DER signature: expected INTEGER for s');
+    }
+    const sLen = signature[offset + 1];
+    offset += 2;
+    let s = signature.slice(offset, offset + sLen);
+    // Remove leading zero padding if present
+    if (r[0] === 0 && r.length > componentLen) {
+        r = r.slice(1);
+    }
+    if (s[0] === 0 && s.length > componentLen) {
+        s = s.slice(1);
+    }
+    // Pad to component length
+    const result = new Uint8Array(componentLen * 2);
+    result.set(r, componentLen - r.length);
+    result.set(s, componentLen * 2 - s.length);
+    return result;
+}
+/**
+ * Sign data with an asymmetric private key.
+ */
+async function sign(data, privateKey, algorithm) {
+    const { signParams } = getSigningAlgorithmParams(algorithm);
+    // Unwrap the internal CryptoKey
+    const key = (0, keys_js_1.unwrapKey)(privateKey);
+    // Sign the data
+    const signature = await crypto.subtle.sign(signParams, key, data);
+    // Convert from IEEE P1363 to DER for EC algorithms
+    return ieeeP1363ToDer(new Uint8Array(signature), algorithm);
+}
+/**
+ * Verify signature with an asymmetric public key.
+ */
+async function verify(data, signature, publicKey, algorithm) {
+    const { signParams } = getSigningAlgorithmParams(algorithm);
+    // Unwrap the internal CryptoKey
+    const key = (0, keys_js_1.unwrapKey)(publicKey);
+    // Convert from DER to IEEE P1363 for EC algorithms
+    const ieeeSignature = derToIeeeP1363(signature, algorithm);
+    // Verify the signature
+    return crypto.subtle.verify(signParams, key, ieeeSignature, data);
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2lnbmluZy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uLy4uLy4uL3RkZjMvc3JjL2NyeXB0by9jb3JlL3NpZ25pbmcudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7QUFpTEEsb0JBZUM7QUFLRCx3QkFnQkM7QUFoTkQseURBQStEO0FBQy9ELHVDQUFzQztBQUV0Qzs7R0FFRztBQUNILFNBQVMseUJBQXlCLENBQUMsU0FBcUM7SUFJdEUsUUFBUSxTQUFTLEVBQUUsQ0FBQztRQUNsQixLQUFLLE9BQU87WUFDVixPQUFPO2dCQUNMLFlBQVksRUFBRSxFQUFFLElBQUksRUFBRSxtQkFBbUIsRUFBRSxJQUFJLEVBQUUsU0FBUyxFQUFFO2dCQUM1RCxVQUFVLEVBQUUsbUJBQW1CO2FBQ2hDLENBQUM7UUFDSixLQUFLLE9BQU87WUFDVixPQUFPO2dCQUNMLFlBQVksRUFBRSxFQUFFLElBQUksRUFBRSxPQUFPLEVBQUUsVUFBVSxFQUFFLE9BQU8sRUFBRTtnQkFDcEQsVUFBVSxFQUFFLEVBQUUsSUFBSSxFQUFFLE9BQU8sRUFBRSxJQUFJLEVBQUUsU0FBUyxFQUFpQjthQUM5RCxDQUFDO1FBQ0osS0FBSyxPQUFPO1lBQ1YsT0FBTztnQkFDTCxZQUFZLEVBQUUsRUFBRSxJQUFJLEVBQUUsT0FBTyxFQUFFLFVBQVUsRUFBRSxPQUFPLEVBQUU7Z0JBQ3BELFVBQVUsRUFBRSxFQUFFLElBQUksRUFBRSxPQUFPLEVBQUUsSUFBSSxFQUFFLFNBQVMsRUFBaUI7YUFDOUQsQ0FBQztRQUNKLEtBQUssT0FBTztZQUNWLE9BQU87Z0JBQ0wsWUFBWSxFQUFFLEVBQUUsSUFBSSxFQUFFLE9BQU8sRUFBRSxVQUFVLEVBQUUsT0FBTyxFQUFFO2dCQUNwRCxVQUFVLEVBQUUsRUFBRSxJQUFJLEVBQUUsT0FBTyxFQUFFLElBQUksRUFBRSxTQUFTLEVBQWlCO2FBQzlELENBQUM7UUFDSjtZQUNFLE1BQU0sSUFBSSw4QkFBa0IsQ0FBQyxrQ0FBa0MsU0FBUyxFQUFFLENBQUMsQ0FBQztJQUNoRixDQUFDO0FBQ0gsQ0FBQztBQUVEOzs7R0FHRztBQUNILFNBQVMsY0FBYyxDQUFDLFNBQXFCLEVBQUUsU0FBcUM7SUFDbEYsSUFBSSxTQUFTLEtBQUssT0FBTyxFQUFFLENBQUM7UUFDMUIsT0FBTyxTQUFTLENBQUM7SUFDbkIsQ0FBQztJQUVELHNEQUFzRDtJQUN0RCxNQUFNLE9BQU8sR0FBRyxTQUFTLENBQUMsTUFBTSxHQUFHLENBQUMsQ0FBQztJQUNyQyxNQUFNLENBQUMsR0FBRyxTQUFTLENBQUMsS0FBSyxDQUFDLENBQUMsRUFBRSxPQUFPLENBQUMsQ0FBQztJQUN0QyxNQUFNLENBQUMsR0FBRyxTQUFTLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxDQUFDO0lBRW5DLDJEQUEyRDtJQUMzRCxNQUFNLGdCQUFnQixHQUFHLENBQUMsR0FBZSxFQUFjLEVBQUU7UUFDdkQsSUFBSSxDQUFDLEdBQUcsQ0FBQyxDQUFDO1FBQ1YsT0FBTyxDQUFDLEdBQUcsR0FBRyxDQUFDLE1BQU0sR0FBRyxDQUFDLElBQUksR0FBRyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUM7WUFBRSxDQUFDLEVBQUUsQ0FBQztRQUMvQyxPQUFPLEdBQUcsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUM7SUFDdEIsQ0FBQyxDQUFDO0lBRUYsSUFBSSxRQUFRLEdBQUcsZ0JBQWdCLENBQUMsQ0FBQyxDQUFDLENBQUM7SUFDbkMsSUFBSSxRQUFRLEdBQUcsZ0JBQWdCLENBQUMsQ0FBQyxDQUFDLENBQUM7SUFFbkMsZ0VBQWdFO0lBQ2hFLElBQUksUUFBUSxDQUFDLENBQUMsQ0FBQyxHQUFHLElBQUksRUFBRSxDQUFDO1FBQ3ZCLE1BQU0sTUFBTSxHQUFHLElBQUksVUFBVSxDQUFDLFFBQVEsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxDQUFDLENBQUM7UUFDbkQsTUFBTSxDQUFDLEdBQUcsQ0FBQyxRQUFRLEVBQUUsQ0FBQyxDQUFDLENBQUM7UUFDeEIsUUFBUSxHQUFHLE1BQU0sQ0FBQztJQUNwQixDQUFDO0lBQ0QsSUFBSSxRQUFRLENBQUMsQ0FBQyxDQUFDLEdBQUcsSUFBSSxFQUFFLENBQUM7UUFDdkIsTUFBTSxNQUFNLEdBQUcsSUFBSSxVQUFVLENBQUMsUUFBUSxDQUFDLE1BQU0sR0FBRyxDQUFDLENBQUMsQ0FBQztRQUNuRCxNQUFNLENBQUMsR0FBRyxDQUFDLFFBQVEsRUFBRSxDQUFDLENBQUMsQ0FBQztRQUN4QixRQUFRLEdBQUcsTUFBTSxDQUFDO0lBQ3BCLENBQUM7SUFFRCxzREFBc0Q7SUFDdEQsaUNBQWlDO0lBQ2pDLE1BQU0sSUFBSSxHQUFHLElBQUksVUFBVSxDQUFDLENBQUMsSUFBSSxFQUFFLFFBQVEsQ0FBQyxNQUFNLEVBQUUsR0FBRyxRQUFRLENBQUMsQ0FBQyxDQUFDO0lBQ2xFLE1BQU0sSUFBSSxHQUFHLElBQUksVUFBVSxDQUFDLENBQUMsSUFBSSxFQUFFLFFBQVEsQ0FBQyxNQUFNLEVBQUUsR0FBRyxRQUFRLENBQUMsQ0FBQyxDQUFDO0lBRWxFLE1BQU0sTUFBTSxHQUFHLElBQUksQ0FBQyxNQUFNLEdBQUcsSUFBSSxDQUFDLE1BQU0sQ0FBQztJQUN6QyxxRUFBcUU7SUFDckUsa0VBQWtFO0lBQ2xFLE1BQU0sUUFBUSxHQUFHLE1BQU0sR0FBRyxHQUFHLENBQUMsQ0FBQyxDQUFDLElBQUksVUFBVSxDQUFDLENBQUMsTUFBTSxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsSUFBSSxVQUFVLENBQUMsQ0FBQyxJQUFJLEVBQUUsTUFBTSxDQUFDLENBQUMsQ0FBQztJQUMxRixNQUFNLE1BQU0sR0FBRyxJQUFJLFVBQVUsQ0FBQyxDQUFDLEdBQUcsUUFBUSxDQUFDLE1BQU0sR0FBRyxNQUFNLENBQUMsQ0FBQztJQUM1RCxNQUFNLENBQUMsQ0FBQyxDQUFDLEdBQUcsSUFBSSxDQUFDO0lBQ2pCLE1BQU0sQ0FBQyxHQUFHLENBQUMsUUFBUSxFQUFFLENBQUMsQ0FBQyxDQUFDO0lBQ3hCLE1BQU0sQ0FBQyxHQUFHLENBQUMsSUFBSSxFQUFFLENBQUMsR0FBRyxRQUFRLENBQUMsTUFBTSxDQUFDLENBQUM7SUFDdEMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxJQUFJLEVBQUUsQ0FBQyxHQUFHLFFBQVEsQ0FBQyxNQUFNLEdBQUcsSUFBSSxDQUFDLE1BQU0sQ0FBQyxDQUFDO0lBRXBELE9BQU8sTUFBTSxDQUFDO0FBQ2hCLENBQUM7QUFFRDs7O0dBR0c7QUFDSCxTQUFTLGNBQWMsQ0FBQyxTQUFxQixFQUFFLFNBQXFDO0lBQ2xGLElBQUksU0FBUyxLQUFLLE9BQU8sRUFBRSxDQUFDO1FBQzFCLE9BQU8sU0FBUyxDQUFDO0lBQ25CLENBQUM7SUFFRCw2REFBNkQ7SUFDN0QsSUFBSSxZQUFvQixDQUFDO0lBQ3pCLFFBQVEsU0FBUyxFQUFFLENBQUM7UUFDbEIsS0FBSyxPQUFPO1lBQ1YsWUFBWSxHQUFHLEVBQUUsQ0FBQztZQUNsQixNQUFNO1FBQ1IsS0FBSyxPQUFPO1lBQ1YsWUFBWSxHQUFHLEVBQUUsQ0FBQztZQUNsQixNQUFNO1FBQ1IsS0FBSyxPQUFPO1lBQ1YsWUFBWSxHQUFHLEVBQUUsQ0FBQztZQUNsQixNQUFNO1FBQ1I7WUFDRSxNQUFNLElBQUksOEJBQWtCLENBQUMsNkNBQTZDLFNBQVMsRUFBRSxDQUFDLENBQUM7SUFDM0YsQ0FBQztJQUVELElBQUksU0FBUyxDQUFDLENBQUMsQ0FBQyxLQUFLLElBQUksRUFBRSxDQUFDO1FBQzFCLE1BQU0sSUFBSSw4QkFBa0IsQ0FBQywwQ0FBMEMsQ0FBQyxDQUFDO0lBQzNFLENBQUM7SUFFRCxrRUFBa0U7SUFDbEUsSUFBSSxNQUFNLEdBQUcsQ0FBQyxDQUFDO0lBQ2YsSUFBSSxTQUFTLENBQUMsTUFBTSxDQUFDLEdBQUcsSUFBSSxFQUFFLENBQUM7UUFDN0IsNkRBQTZEO1FBQzdELE1BQU0sYUFBYSxHQUFHLFNBQVMsQ0FBQyxNQUFNLENBQUMsR0FBRyxJQUFJLENBQUM7UUFDL0MsSUFBSSxhQUFhLEtBQUssQ0FBQyxJQUFJLGFBQWEsR0FBRyxDQUFDLEVBQUUsQ0FBQztZQUM3QyxNQUFNLElBQUksOEJBQWtCLENBQUMsaURBQWlELENBQUMsQ0FBQztRQUNsRixDQUFDO1FBQ0QsTUFBTSxJQUFJLENBQUMsR0FBRyxhQUFhLENBQUM7UUFDNUIsSUFBSSxNQUFNLEdBQUcsU0FBUyxDQUFDLE1BQU0sRUFBRSxDQUFDO1lBQzlCLE1BQU0sSUFBSSw4QkFBa0IsQ0FBQyw2REFBNkQsQ0FBQyxDQUFDO1FBQzlGLENBQUM7SUFDSCxDQUFDO1NBQU0sQ0FBQztRQUNOLGtDQUFrQztRQUNsQyxNQUFNLElBQUksQ0FBQyxDQUFDO0lBQ2QsQ0FBQztJQUVELGtCQUFrQjtJQUNsQixJQUFJLFNBQVMsQ0FBQyxNQUFNLENBQUMsS0FBSyxJQUFJLEVBQUUsQ0FBQztRQUMvQixNQUFNLElBQUksOEJBQWtCLENBQUMsK0NBQStDLENBQUMsQ0FBQztJQUNoRixDQUFDO0lBQ0QsTUFBTSxJQUFJLEdBQUcsU0FBUyxDQUFDLE1BQU0sR0FBRyxDQUFDLENBQUMsQ0FBQztJQUNuQyxNQUFNLElBQUksQ0FBQyxDQUFDO0lBQ1osSUFBSSxDQUFDLEdBQUcsU0FBUyxDQUFDLEtBQUssQ0FBQyxNQUFNLEVBQUUsTUFBTSxHQUFHLElBQUksQ0FBQyxDQUFDO0lBQy9DLE1BQU0sSUFBSSxJQUFJLENBQUM7SUFFZixrQkFBa0I7SUFDbEIsSUFBSSxTQUFTLENBQUMsTUFBTSxDQUFDLEtBQUssSUFBSSxFQUFFLENBQUM7UUFDL0IsTUFBTSxJQUFJLDhCQUFrQixDQUFDLCtDQUErQyxDQUFDLENBQUM7SUFDaEYsQ0FBQztJQUNELE1BQU0sSUFBSSxHQUFHLFNBQVMsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxDQUFDLENBQUM7SUFDbkMsTUFBTSxJQUFJLENBQUMsQ0FBQztJQUNaLElBQUksQ0FBQyxHQUFHLFNBQVMsQ0FBQyxLQUFLLENBQUMsTUFBTSxFQUFFLE1BQU0sR0FBRyxJQUFJLENBQUMsQ0FBQztJQUUvQyx5Q0FBeUM7SUFDekMsSUFBSSxDQUFDLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQyxJQUFJLENBQUMsQ0FBQyxNQUFNLEdBQUcsWUFBWSxFQUFFLENBQUM7UUFDMUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUM7SUFDakIsQ0FBQztJQUNELElBQUksQ0FBQyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLENBQUMsTUFBTSxHQUFHLFlBQVksRUFBRSxDQUFDO1FBQzFDLENBQUMsR0FBRyxDQUFDLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxDQUFDO0lBQ2pCLENBQUM7SUFFRCwwQkFBMEI7SUFDMUIsTUFBTSxNQUFNLEdBQUcsSUFBSSxVQUFVLENBQUMsWUFBWSxHQUFHLENBQUMsQ0FBQyxDQUFDO0lBQ2hELE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxFQUFFLFlBQVksR0FBRyxDQUFDLENBQUMsTUFBTSxDQUFDLENBQUM7SUFDdkMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFDLEVBQUUsWUFBWSxHQUFHLENBQUMsR0FBRyxDQUFDLENBQUMsTUFBTSxDQUFDLENBQUM7SUFFM0MsT0FBTyxNQUFNLENBQUM7QUFDaEIsQ0FBQztBQUVEOztHQUVHO0FBQ0ksS0FBSyxVQUFVLElBQUksQ0FDeEIsSUFBZ0IsRUFDaEIsVUFBc0IsRUFDdEIsU0FBcUM7SUFFckMsTUFBTSxFQUFFLFVBQVUsRUFBRSxHQUFHLHlCQUF5QixDQUFDLFNBQVMsQ0FBQyxDQUFDO0lBRTVELGdDQUFnQztJQUNoQyxNQUFNLEdBQUcsR0FBRyxJQUFBLG1CQUFTLEVBQUMsVUFBVSxDQUFDLENBQUM7SUFFbEMsZ0JBQWdCO0lBQ2hCLE1BQU0sU0FBUyxHQUFHLE1BQU0sTUFBTSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsVUFBVSxFQUFFLEdBQUcsRUFBRSxJQUFJLENBQUMsQ0FBQztJQUVsRSxtREFBbUQ7SUFDbkQsT0FBTyxjQUFjLENBQUMsSUFBSSxVQUFVLENBQUMsU0FBUyxDQUFDLEVBQUUsU0FBUyxDQUFDLENBQUM7QUFDOUQsQ0FBQztBQUVEOztHQUVHO0FBQ0ksS0FBSyxVQUFVLE1BQU0sQ0FDMUIsSUFBZ0IsRUFDaEIsU0FBcUIsRUFDckIsU0FBb0IsRUFDcEIsU0FBcUM7SUFFckMsTUFBTSxFQUFFLFVBQVUsRUFBRSxHQUFHLHlCQUF5QixDQUFDLFNBQVMsQ0FBQyxDQUFDO0lBRTVELGdDQUFnQztJQUNoQyxNQUFNLEdBQUcsR0FBRyxJQUFBLG1CQUFTLEVBQUMsU0FBUyxDQUFDLENBQUM7SUFFakMsbURBQW1EO0lBQ25ELE1BQU0sYUFBYSxHQUFHLGNBQWMsQ0FBQyxTQUFTLEVBQUUsU0FBUyxDQUFDLENBQUM7SUFFM0QsdUJBQXVCO0lBQ3ZCLE9BQU8sTUFBTSxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsVUFBVSxFQUFFLEdBQUcsRUFBRSxhQUFhLEVBQUUsSUFBSSxDQUFDLENBQUM7QUFDcEUsQ0FBQyJ9

package/dist/cjs/tdf3/src/crypto/core/symmetric.js

@@ -0,0 +1,205 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.generateKey = generateKey;
+exports.randomBytes = randomBytes;
+exports.randomBytesAsHex = randomBytesAsHex;
+exports.decrypt = decrypt;
+exports.encrypt = encrypt;
+exports.hex2Ab = hex2Ab;
+exports.digest = digest;
+exports.hmac = hmac;
+exports.verifyHmac = verifyHmac;
+exports.importSymmetricKey = importSymmetricKey;
+exports.mergeSymmetricKeys = mergeSymmetricKeys;
+const algorithms_js_1 = require("../../ciphers/algorithms.js");
+const binary_js_1 = require("../../binary.js");
+const errors_js_1 = require("../../../../src/errors.js");
+const hex_js_1 = require("../../../../src/encodings/hex.js");
+const keysplit_js_1 = require("../../utils/keysplit.js");
+const keys_js_1 = require("./keys.js");
+const ENC_DEC_METHODS = ['encrypt', 'decrypt'];
+/**
+ * Generate a random symmetric key (opaque).
+ * @param length - Key length in bytes (default 32 for AES-256)
+ * @return Opaque symmetric key
+ */
+async function generateKey(length) {
+    const keyBytes = await randomBytes(length || 32);
+    return (0, keys_js_1.wrapSymmetricKey)(keyBytes);
+}
+async function randomBytes(byteLength) {
+    const r = new Uint8Array(byteLength);
+    crypto.getRandomValues(r);
+    return r;
+}
+/**
+ * Returns a promise to the encryption key as a binary string.
+ *
+ * Note: This function should almost never fail as it includes a fallback
+ * if for some reason the native generate key fails.
+ *
+ * @param length The key length, defaults to 256
+ *
+ * @returns The hex string.
+ */
+async function randomBytesAsHex(length) {
+    // Create a typed array of the correct length to fill
+    const r = new Uint8Array(length);
+    crypto.getRandomValues(r);
+    return (0, hex_js_1.encodeArrayBuffer)(r.buffer);
+}
+/**
+ * Decrypt content synchronously
+ * @param payload The payload to decrypt
+ * @param key     The symmetric encryption key (opaque)
+ * @param iv      The initialization vector
+ * @param algorithm The algorithm to use for encryption
+ * @param authTag The authentication tag for authenticated crypto.
+ */
+function decrypt(payload, key, iv, algorithm, authTag) {
+    return _doDecrypt(payload, key, iv, algorithm, authTag);
+}
+/**
+ * Encrypt content synchronously
+ * @param payload   The payload to encrypt
+ * @param key       The encryption key
+ * @param iv        The initialization vector
+ * @param algorithm The algorithm to use for encryption
+ */
+function encrypt(payload, key, iv, algorithm) {
+    return _doEncrypt(payload, key, iv, algorithm);
+}
+async function _doEncrypt(payload, key, iv, algorithm) {
+    console.assert(payload != null);
+    console.assert(key != null);
+    console.assert(iv != null);
+    // Handle both Binary and SymmetricKey payloads
+    let payloadBuffer;
+    if ('_brand' in payload && payload._brand === 'SymmetricKey') {
+        // Pass Uint8Array directly — Web Crypto respects byteOffset/byteLength on typed array views.
+        payloadBuffer = (0, keys_js_1.unwrapSymmetricKey)(payload);
+    }
+    else {
+        // Binary payload
+        payloadBuffer = payload.asArrayBuffer();
+    }
+    const algoDomString = getSymmetricAlgoDomString(iv, algorithm);
+    const keyBytes = (0, keys_js_1.unwrapSymmetricKey)(key);
+    const importedKey = await _importKey(keyBytes, algoDomString);
+    const encrypted = await crypto.subtle.encrypt(algoDomString, importedKey, payloadBuffer);
+    if (algoDomString.name === 'AES-GCM') {
+        return {
+            payload: binary_js_1.Binary.fromArrayBuffer(encrypted.slice(0, -16)),
+            authTag: binary_js_1.Binary.fromArrayBuffer(encrypted.slice(-16)),
+        };
+    }
+    return {
+        payload: binary_js_1.Binary.fromArrayBuffer(encrypted),
+    };
+}
+async function _doDecrypt(payload, key, iv, algorithm, authTag) {
+    console.assert(payload != null);
+    console.assert(key != null);
+    console.assert(iv != null);
+    let payloadBuffer = payload.asArrayBuffer();
+    // Concat the the auth tag to the payload for decryption
+    if (authTag) {
+        const authTagBuffer = authTag.asArrayBuffer();
+        const gcmPayload = new Uint8Array(payloadBuffer.byteLength + authTagBuffer.byteLength);
+        gcmPayload.set(new Uint8Array(payloadBuffer), 0);
+        gcmPayload.set(new Uint8Array(authTagBuffer), payloadBuffer.byteLength);
+        payloadBuffer = gcmPayload.buffer;
+    }
+    const algoDomString = getSymmetricAlgoDomString(iv, algorithm);
+    const keyBytes = (0, keys_js_1.unwrapSymmetricKey)(key);
+    const importedKey = await _importKey(keyBytes, algoDomString);
+    algoDomString.iv = iv.asArrayBuffer();
+    const decrypted = await crypto.subtle
+        .decrypt(algoDomString, importedKey, payloadBuffer)
+        // Catching this error so we can specifically check for OperationError
+        .catch((err) => {
+        if (err.name === 'OperationError') {
+            throw new errors_js_1.DecryptError(err);
+        }
+        throw err;
+    });
+    return { payload: binary_js_1.Binary.fromArrayBuffer(decrypted) };
+}
+function _importKey(keyBytes, algorithm) {
+    return crypto.subtle.importKey('raw', keyBytes, algorithm, true, ENC_DEC_METHODS);
+}
+/**
+ * Get a DOMString representing the algorithm to use for a crypto
+ * operation. Defaults to AES-CBC.
+ * @param  {String|undefined} algorithm
+ * @return {DOMString} Algorithm to use
+ */
+function getSymmetricAlgoDomString(iv, algorithm) {
+    let nativeAlgorithm = 'AES-CBC';
+    if (algorithm === algorithms_js_1.Algorithms.AES_256_GCM) {
+        nativeAlgorithm = 'AES-GCM';
+    }
+    return {
+        name: nativeAlgorithm,
+        iv: iv.asArrayBuffer(),
+    };
+}
+/**
+ * Create an ArrayBuffer from a hex string.
+ * https://developers.google.com/web/updates/2012/06/How-to-convert-ArrayBuffer-to-and-from-String?hl=en
+ * @param  hex - Hex string
+ */
+function hex2Ab(hex) {
+    const buffer = new ArrayBuffer(hex.length / 2);
+    const bufferView = new Uint8Array(buffer);
+    for (let i = 0; i < hex.length; i += 2) {
+        bufferView[i / 2] = parseInt(hex.substr(i, 2), 16);
+    }
+    return buffer;
+}
+/**
+ * Compute hash digest.
+ */
+async function digest(algorithm, data) {
+    const validAlgorithms = ['SHA-256', 'SHA-384', 'SHA-512'];
+    if (!validAlgorithms.includes(algorithm)) {
+        throw new errors_js_1.ConfigurationError(`Unsupported hash algorithm: ${algorithm}`);
+    }
+    const hashBuffer = await crypto.subtle.digest(algorithm, data);
+    return new Uint8Array(hashBuffer);
+}
+/**
+ * Compute HMAC-SHA256 of data with a symmetric key.
+ */
+async function hmac(data, key) {
+    const keyBytes = (0, keys_js_1.unwrapSymmetricKey)(key);
+    const cryptoKey = await crypto.subtle.importKey('raw', keyBytes, { name: 'HMAC', hash: 'SHA-256' }, false, ['sign']);
+    const signature = await crypto.subtle.sign('HMAC', cryptoKey, data);
+    return new Uint8Array(signature);
+}
+/**
+ * Verify HMAC-SHA256.
+ * Standalone utility — not part of CryptoService interface.
+ */
+async function verifyHmac(data, signature, key) {
+    const keyBytes = (0, keys_js_1.unwrapSymmetricKey)(key);
+    const cryptoKey = await crypto.subtle.importKey('raw', keyBytes, { name: 'HMAC', hash: 'SHA-256' }, false, ['verify']);
+    return crypto.subtle.verify('HMAC', cryptoKey, signature, data);
+}
+/**
+ * Import raw key bytes as an opaque symmetric key.
+ * Used for external keys (e.g., unwrapped from KAS).
+ */
+async function importSymmetricKey(keyBytes) {
+    return (0, keys_js_1.wrapSymmetricKey)(keyBytes);
+}
+/**
+ * Merge symmetric key shares back into the original key using XOR.
+ * Key bytes are extracted internally for merging.
+ */
+async function mergeSymmetricKeys(shares) {
+    const splitBytes = shares.map(keys_js_1.unwrapSymmetricKey);
+    const merged = (0, keysplit_js_1.keyMerge)(splitBytes);
+    return (0, keys_js_1.wrapSymmetricKey)(merged);
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic3ltbWV0cmljLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vLi4vLi4vdGRmMy9zcmMvY3J5cHRvL2NvcmUvc3ltbWV0cmljLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7O0FBb0JBLGtDQUdDO0FBRUQsa0NBSUM7QUFZRCw0Q0FLQztBQVVELDBCQVFDO0FBU0QsMEJBT0M7QUEyR0Qsd0JBU0M7QUFLRCx3QkFRQztBQUtELG9CQVlDO0FBTUQsZ0NBY0M7QUFNRCxnREFFQztBQU1ELGdEQUlDO0FBeFFELCtEQUE0RTtBQUM1RSwrQ0FBeUM7QUFPekMseURBQTZFO0FBQzdFLDZEQUFrRjtBQUNsRix5REFBbUQ7QUFDbkQsdUNBQWlFO0FBRWpFLE1BQU0sZUFBZSxHQUFlLENBQUMsU0FBUyxFQUFFLFNBQVMsQ0FBQyxDQUFDO0FBRTNEOzs7O0dBSUc7QUFDSSxLQUFLLFVBQVUsV0FBVyxDQUFDLE1BQWU7SUFDL0MsTUFBTSxRQUFRLEdBQUcsTUFBTSxXQUFXLENBQUMsTUFBTSxJQUFJLEVBQUUsQ0FBQyxDQUFDO0lBQ2pELE9BQU8sSUFBQSwwQkFBZ0IsRUFBQyxRQUFRLENBQUMsQ0FBQztBQUNwQyxDQUFDO0FBRU0sS0FBSyxVQUFVLFdBQVcsQ0FBQyxVQUFrQjtJQUNsRCxNQUFNLENBQUMsR0FBRyxJQUFJLFVBQVUsQ0FBQyxVQUFVLENBQUMsQ0FBQztJQUNyQyxNQUFNLENBQUMsZUFBZSxDQUFDLENBQUMsQ0FBQyxDQUFDO0lBQzFCLE9BQU8sQ0FBQyxDQUFDO0FBQ1gsQ0FBQztBQUVEOzs7Ozs7Ozs7R0FTRztBQUNJLEtBQUssVUFBVSxnQkFBZ0IsQ0FBQyxNQUFjO0lBQ25ELHFEQUFxRDtJQUNyRCxNQUFNLENBQUMsR0FBRyxJQUFJLFVBQVUsQ0FBQyxNQUFNLENBQUMsQ0FBQztJQUNqQyxNQUFNLENBQUMsZUFBZSxDQUFDLENBQUMsQ0FBQyxDQUFDO0lBQzFCLE9BQU8sSUFBQSwwQkFBUyxFQUFDLENBQUMsQ0FBQyxNQUFNLENBQUMsQ0FBQztBQUM3QixDQUFDO0FBRUQ7Ozs7Ozs7R0FPRztBQUNILFNBQWdCLE9BQU8sQ0FDckIsT0FBZSxFQUNmLEdBQWlCLEVBQ2pCLEVBQVUsRUFDVixTQUF3QixFQUN4QixPQUFnQjtJQUVoQixPQUFPLFVBQVUsQ0FBQyxPQUFPLEVBQUUsR0FBRyxFQUFFLEVBQUUsRUFBRSxTQUFTLEVBQUUsT0FBTyxDQUFDLENBQUM7QUFDMUQsQ0FBQztBQUVEOzs7Ozs7R0FNRztBQUNILFNBQWdCLE9BQU8sQ0FDckIsT0FBOEIsRUFDOUIsR0FBaUIsRUFDakIsRUFBVSxFQUNWLFNBQXdCO0lBRXhCLE9BQU8sVUFBVSxDQUFDLE9BQU8sRUFBRSxHQUFHLEVBQUUsRUFBRSxFQUFFLFNBQVMsQ0FBQyxDQUFDO0FBQ2pELENBQUM7QUFFRCxLQUFLLFVBQVUsVUFBVSxDQUN2QixPQUE4QixFQUM5QixHQUFpQixFQUNqQixFQUFVLEVBQ1YsU0FBd0I7SUFFeEIsT0FBTyxDQUFDLE1BQU0sQ0FBQyxPQUFPLElBQUksSUFBSSxDQUFDLENBQUM7SUFDaEMsT0FBTyxDQUFDLE1BQU0sQ0FBQyxHQUFHLElBQUksSUFBSSxDQUFDLENBQUM7SUFDNUIsT0FBTyxDQUFDLE1BQU0sQ0FBQyxFQUFFLElBQUksSUFBSSxDQUFDLENBQUM7SUFFM0IsK0NBQStDO0lBQy9DLElBQUksYUFBMkIsQ0FBQztJQUNoQyxJQUFJLFFBQVEsSUFBSSxPQUFPLElBQUksT0FBTyxDQUFDLE1BQU0sS0FBSyxjQUFjLEVBQUUsQ0FBQztRQUM3RCw2RkFBNkY7UUFDN0YsYUFBYSxHQUFHLElBQUEsNEJBQWtCLEVBQUMsT0FBTyxDQUFDLENBQUM7SUFDOUMsQ0FBQztTQUFNLENBQUM7UUFDTixpQkFBaUI7UUFDakIsYUFBYSxHQUFJLE9BQWtCLENBQUMsYUFBYSxFQUFFLENBQUM7SUFDdEQsQ0FBQztJQUVELE1BQU0sYUFBYSxHQUFHLHlCQUF5QixDQUFDLEVBQUUsRUFBRSxTQUFTLENBQUMsQ0FBQztJQUMvRCxNQUFNLFFBQVEsR0FBRyxJQUFBLDRCQUFrQixFQUFDLEdBQUcsQ0FBQyxDQUFDO0lBQ3pDLE1BQU0sV0FBVyxHQUFHLE1BQU0sVUFBVSxDQUFDLFFBQVEsRUFBRSxhQUFhLENBQUMsQ0FBQztJQUM5RCxNQUFNLFNBQVMsR0FBRyxNQUFNLE1BQU0sQ0FBQyxNQUFNLENBQUMsT0FBTyxDQUFDLGFBQWEsRUFBRSxXQUFXLEVBQUUsYUFBYSxDQUFDLENBQUM7SUFDekYsSUFBSSxhQUFhLENBQUMsSUFBSSxLQUFLLFNBQVMsRUFBRSxDQUFDO1FBQ3JDLE9BQU87WUFDTCxPQUFPLEVBQUUsa0JBQU0sQ0FBQyxlQUFlLENBQUMsU0FBUyxDQUFDLEtBQUssQ0FBQyxDQUFDLEVBQUUsQ0FBQyxFQUFFLENBQUMsQ0FBQztZQUN4RCxPQUFPLEVBQUUsa0JBQU0sQ0FBQyxlQUFlLENBQUMsU0FBUyxDQUFDLEtBQUssQ0FBQyxDQUFDLEVBQUUsQ0FBQyxDQUFDO1NBQ3RELENBQUM7SUFDSixDQUFDO0lBQ0QsT0FBTztRQUNMLE9BQU8sRUFBRSxrQkFBTSxDQUFDLGVBQWUsQ0FBQyxTQUFTLENBQUM7S0FDM0MsQ0FBQztBQUNKLENBQUM7QUFFRCxLQUFLLFVBQVUsVUFBVSxDQUN2QixPQUFlLEVBQ2YsR0FBaUIsRUFDakIsRUFBVSxFQUNWLFNBQXdCLEVBQ3hCLE9BQWdCO0lBRWhCLE9BQU8sQ0FBQyxNQUFNLENBQUMsT0FBTyxJQUFJLElBQUksQ0FBQyxDQUFDO0lBQ2hDLE9BQU8sQ0FBQyxNQUFNLENBQUMsR0FBRyxJQUFJLElBQUksQ0FBQyxDQUFDO0lBQzVCLE9BQU8sQ0FBQyxNQUFNLENBQUMsRUFBRSxJQUFJLElBQUksQ0FBQyxDQUFDO0lBRTNCLElBQUksYUFBYSxHQUFHLE9BQU8sQ0FBQyxhQUFhLEVBQUUsQ0FBQztJQUU1Qyx3REFBd0Q7SUFDeEQsSUFBSSxPQUFPLEVBQUUsQ0FBQztRQUNaLE1BQU0sYUFBYSxHQUFHLE9BQU8sQ0FBQyxhQUFhLEVBQUUsQ0FBQztRQUM5QyxNQUFNLFVBQVUsR0FBRyxJQUFJLFVBQVUsQ0FBQyxhQUFhLENBQUMsVUFBVSxHQUFHLGFBQWEsQ0FBQyxVQUFVLENBQUMsQ0FBQztRQUN2RixVQUFVLENBQUMsR0FBRyxDQUFDLElBQUksVUFBVSxDQUFDLGFBQWEsQ0FBQyxFQUFFLENBQUMsQ0FBQyxDQUFDO1FBQ2pELFVBQVUsQ0FBQyxHQUFHLENBQUMsSUFBSSxVQUFVLENBQUMsYUFBYSxDQUFDLEVBQUUsYUFBYSxDQUFDLFVBQVUsQ0FBQyxDQUFDO1FBQ3hFLGFBQWEsR0FBRyxVQUFVLENBQUMsTUFBTSxDQUFDO0lBQ3BDLENBQUM7SUFFRCxNQUFNLGFBQWEsR0FBRyx5QkFBeUIsQ0FBQyxFQUFFLEVBQUUsU0FBUyxDQUFDLENBQUM7SUFDL0QsTUFBTSxRQUFRLEdBQUcsSUFBQSw0QkFBa0IsRUFBQyxHQUFHLENBQUMsQ0FBQztJQUN6QyxNQUFNLFdBQVcsR0FBRyxNQUFNLFVBQVUsQ0FBQyxRQUFRLEVBQUUsYUFBYSxDQUFDLENBQUM7SUFDOUQsYUFBYSxDQUFDLEVBQUUsR0FBRyxFQUFFLENBQUMsYUFBYSxFQUFFLENBQUM7SUFFdEMsTUFBTSxTQUFTLEdBQUcsTUFBTSxNQUFNLENBQUMsTUFBTTtTQUNsQyxPQUFPLENBQUMsYUFBYSxFQUFFLFdBQVcsRUFBRSxhQUFhLENBQUM7UUFDbkQsc0VBQXNFO1NBQ3JFLEtBQUssQ0FBQyxDQUFDLEdBQUcsRUFBRSxFQUFFO1FBQ2IsSUFBSSxHQUFHLENBQUMsSUFBSSxLQUFLLGdCQUFnQixFQUFFLENBQUM7WUFDbEMsTUFBTSxJQUFJLHdCQUFZLENBQUMsR0FBRyxDQUFDLENBQUM7UUFDOUIsQ0FBQztRQUVELE1BQU0sR0FBRyxDQUFDO0lBQ1osQ0FBQyxDQUFDLENBQUM7SUFDTCxPQUFPLEVBQUUsT0FBTyxFQUFFLGtCQUFNLENBQUMsZUFBZSxDQUFDLFNBQVMsQ0FBQyxFQUFFLENBQUM7QUFDeEQsQ0FBQztBQUVELFNBQVMsVUFBVSxDQUFDLFFBQW9CLEVBQUUsU0FBc0M7SUFDOUUsT0FBTyxNQUFNLENBQUMsTUFBTSxDQUFDLFNBQVMsQ0FBQyxLQUFLLEVBQUUsUUFBUSxFQUFFLFNBQVMsRUFBRSxJQUFJLEVBQUUsZUFBZSxDQUFDLENBQUM7QUFDcEYsQ0FBQztBQUVEOzs7OztHQUtHO0FBQ0gsU0FBUyx5QkFBeUIsQ0FDaEMsRUFBVSxFQUNWLFNBQXdCO0lBRXhCLElBQUksZUFBZSxHQUFHLFNBQVMsQ0FBQztJQUNoQyxJQUFJLFNBQVMsS0FBSywwQkFBVSxDQUFDLFdBQVcsRUFBRSxDQUFDO1FBQ3pDLGVBQWUsR0FBRyxTQUFTLENBQUM7SUFDOUIsQ0FBQztJQUVELE9BQU87UUFDTCxJQUFJLEVBQUUsZUFBZTtRQUNyQixFQUFFLEVBQUUsRUFBRSxDQUFDLGFBQWEsRUFBRTtLQUN2QixDQUFDO0FBQ0osQ0FBQztBQUVEOzs7O0dBSUc7QUFDSCxTQUFnQixNQUFNLENBQUMsR0FBVztJQUNoQyxNQUFNLE1BQU0sR0FBRyxJQUFJLFdBQVcsQ0FBQyxHQUFHLENBQUMsTUFBTSxHQUFHLENBQUMsQ0FBQyxDQUFDO0lBQy9DLE1BQU0sVUFBVSxHQUFHLElBQUksVUFBVSxDQUFDLE1BQU0sQ0FBQyxDQUFDO0lBRTFDLEtBQUssSUFBSSxDQUFDLEdBQUcsQ0FBQyxFQUFFLENBQUMsR0FBRyxHQUFHLENBQUMsTUFBTSxFQUFFLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQztRQUN2QyxVQUFVLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxHQUFHLFFBQVEsQ0FBQyxHQUFHLENBQUMsTUFBTSxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsRUFBRSxFQUFFLENBQUMsQ0FBQztJQUNyRCxDQUFDO0lBRUQsT0FBTyxNQUFNLENBQUM7QUFDaEIsQ0FBQztBQUVEOztHQUVHO0FBQ0ksS0FBSyxVQUFVLE1BQU0sQ0FBQyxTQUF3QixFQUFFLElBQWdCO0lBQ3JFLE1BQU0sZUFBZSxHQUFvQixDQUFDLFNBQVMsRUFBRSxTQUFTLEVBQUUsU0FBUyxDQUFDLENBQUM7SUFDM0UsSUFBSSxDQUFDLGVBQWUsQ0FBQyxRQUFRLENBQUMsU0FBUyxDQUFDLEVBQUUsQ0FBQztRQUN6QyxNQUFNLElBQUksOEJBQWtCLENBQUMsK0JBQStCLFNBQVMsRUFBRSxDQUFDLENBQUM7SUFDM0UsQ0FBQztJQUVELE1BQU0sVUFBVSxHQUFHLE1BQU0sTUFBTSxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsU0FBUyxFQUFFLElBQUksQ0FBQyxDQUFDO0lBQy9ELE9BQU8sSUFBSSxVQUFVLENBQUMsVUFBVSxDQUFDLENBQUM7QUFDcEMsQ0FBQztBQUVEOztHQUVHO0FBQ0ksS0FBSyxVQUFVLElBQUksQ0FBQyxJQUFnQixFQUFFLEdBQWlCO0lBQzVELE1BQU0sUUFBUSxHQUFHLElBQUEsNEJBQWtCLEVBQUMsR0FBRyxDQUFDLENBQUM7SUFDekMsTUFBTSxTQUFTLEdBQUcsTUFBTSxNQUFNLENBQUMsTUFBTSxDQUFDLFNBQVMsQ0FDN0MsS0FBSyxFQUNMLFFBQVEsRUFDUixFQUFFLElBQUksRUFBRSxNQUFNLEVBQUUsSUFBSSxFQUFFLFNBQVMsRUFBRSxFQUNqQyxLQUFLLEVBQ0wsQ0FBQyxNQUFNLENBQUMsQ0FDVCxDQUFDO0lBRUYsTUFBTSxTQUFTLEdBQUcsTUFBTSxNQUFNLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxNQUFNLEVBQUUsU0FBUyxFQUFFLElBQUksQ0FBQyxDQUFDO0lBQ3BFLE9BQU8sSUFBSSxVQUFVLENBQUMsU0FBUyxDQUFDLENBQUM7QUFDbkMsQ0FBQztBQUVEOzs7R0FHRztBQUNJLEtBQUssVUFBVSxVQUFVLENBQzlCLElBQWdCLEVBQ2hCLFNBQXFCLEVBQ3JCLEdBQWlCO0lBRWpCLE1BQU0sUUFBUSxHQUFHLElBQUEsNEJBQWtCLEVBQUMsR0FBRyxDQUFDLENBQUM7SUFDekMsTUFBTSxTQUFTLEdBQUcsTUFBTSxNQUFNLENBQUMsTUFBTSxDQUFDLFNBQVMsQ0FDN0MsS0FBSyxFQUNMLFFBQVEsRUFDUixFQUFFLElBQUksRUFBRSxNQUFNLEVBQUUsSUFBSSxFQUFFLFNBQVMsRUFBRSxFQUNqQyxLQUFLLEVBQ0wsQ0FBQyxRQUFRLENBQUMsQ0FDWCxDQUFDO0lBQ0YsT0FBTyxNQUFNLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxNQUFNLEVBQUUsU0FBUyxFQUFFLFNBQVMsRUFBRSxJQUFJLENBQUMsQ0FBQztBQUNsRSxDQUFDO0FBRUQ7OztHQUdHO0FBQ0ksS0FBSyxVQUFVLGtCQUFrQixDQUFDLFFBQW9CO0lBQzNELE9BQU8sSUFBQSwwQkFBZ0IsRUFBQyxRQUFRLENBQUMsQ0FBQztBQUNwQyxDQUFDO0FBRUQ7OztHQUdHO0FBQ0ksS0FBSyxVQUFVLGtCQUFrQixDQUFDLE1BQXNCO0lBQzdELE1BQU0sVUFBVSxHQUFHLE1BQU0sQ0FBQyxHQUFHLENBQUMsNEJBQWtCLENBQUMsQ0FBQztJQUNsRCxNQUFNLE1BQU0sR0FBRyxJQUFBLHNCQUFRLEVBQUMsVUFBVSxDQUFDLENBQUM7SUFDcEMsT0FBTyxJQUFBLDBCQUFnQixFQUFDLE1BQU0sQ0FBQyxDQUFDO0FBQ2xDLENBQUMifQ==