@peac/crypto 0.10.9 → 0.10.11

package/dist/base64url.js

@@ -1,98 +0,0 @@
-"use strict";
-/**
- * Base64url encoding/decoding (RFC 4648 §5)
- *
- * Platform-agnostic implementation that works in Node.js, browser, and edge runtimes.
- * No Buffer dependency - uses pure JavaScript for maximum portability.
- *
- * @packageDocumentation
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.base64urlEncode = base64urlEncode;
-exports.base64urlDecode = base64urlDecode;
-exports.base64urlEncodeString = base64urlEncodeString;
-exports.base64urlDecodeString = base64urlDecodeString;
-// Standard base64 alphabet
-const BASE64_ALPHABET = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
-// Reverse lookup table (lazily initialized)
-let base64Lookup = null;
-function getBase64Lookup() {
-    if (!base64Lookup) {
-        base64Lookup = new Map();
-        for (let i = 0; i < BASE64_ALPHABET.length; i++) {
-            base64Lookup.set(BASE64_ALPHABET[i], i);
-        }
-    }
-    return base64Lookup;
-}
-/**
- * Encode bytes to base64url string (no padding)
- *
- * @param bytes - Byte array to encode
- * @returns Base64url encoded string (no padding)
- */
-function base64urlEncode(bytes) {
-    let result = '';
-    let i = 0;
-    while (i < bytes.length) {
-        const a = bytes[i++];
-        const b = bytes[i++] ?? 0;
-        const c = bytes[i++] ?? 0;
-        const triplet = (a << 16) | (b << 8) | c;
-        result += BASE64_ALPHABET[(triplet >> 18) & 0x3f];
-        result += BASE64_ALPHABET[(triplet >> 12) & 0x3f];
-        result += i - 2 < bytes.length ? BASE64_ALPHABET[(triplet >> 6) & 0x3f] : '';
-        result += i - 1 < bytes.length ? BASE64_ALPHABET[triplet & 0x3f] : '';
-    }
-    // Convert to base64url (no padding)
-    return result.replace(/\+/g, '-').replace(/\//g, '_');
-}
-/**
- * Decode base64url string to bytes
- *
- * @param str - Base64url encoded string
- * @returns Decoded bytes
- */
-function base64urlDecode(str) {
-    // Convert base64url to base64
-    let base64 = str.replace(/-/g, '+').replace(/_/g, '/');
-    // Add padding if needed
-    while (base64.length % 4 !== 0) {
-        base64 += '=';
-    }
-    const lookup = getBase64Lookup();
-    const bytes = [];
-    for (let i = 0; i < base64.length; i += 4) {
-        const a = lookup.get(base64[i]) ?? 0;
-        const b = lookup.get(base64[i + 1]) ?? 0;
-        const c = lookup.get(base64[i + 2]) ?? 0;
-        const d = lookup.get(base64[i + 3]) ?? 0;
-        bytes.push((a << 2) | (b >> 4));
-        if (base64[i + 2] !== '=') {
-            bytes.push(((b & 0x0f) << 4) | (c >> 2));
-        }
-        if (base64[i + 3] !== '=') {
-            bytes.push(((c & 0x03) << 6) | d);
-        }
-    }
-    return new Uint8Array(bytes);
-}
-/**
- * Encode UTF-8 string to base64url
- *
- * @param str - UTF-8 string to encode
- * @returns Base64url encoded string
- */
-function base64urlEncodeString(str) {
-    return base64urlEncode(new TextEncoder().encode(str));
-}
-/**
- * Decode base64url to UTF-8 string
- *
- * @param str - Base64url encoded string
- * @returns Decoded UTF-8 string
- */
-function base64urlDecodeString(str) {
-    return new TextDecoder().decode(base64urlDecode(str));
-}
-//# sourceMappingURL=base64url.js.map

package/dist/base64url.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"base64url.js","sourceRoot":"","sources":["../src/base64url.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG;;AAwBH,0CAmBC;AAQD,0CA4BC;AAQD,sDAEC;AAQD,sDAEC;AAjGD,2BAA2B;AAC3B,MAAM,eAAe,GAAG,kEAAkE,CAAC;AAE3F,4CAA4C;AAC5C,IAAI,YAAY,GAA+B,IAAI,CAAC;AAEpD,SAAS,eAAe;IACtB,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,YAAY,GAAG,IAAI,GAAG,EAAE,CAAC;QACzB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,eAAe,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAChD,YAAY,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAC1C,CAAC;IACH,CAAC;IACD,OAAO,YAAY,CAAC;AACtB,CAAC;AAED;;;;;GAKG;AACH,SAAgB,eAAe,CAAC,KAAiB;IAC/C,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,IAAI,CAAC,GAAG,CAAC,CAAC;IAEV,OAAO,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC;QACxB,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;QACrB,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC;QAC1B,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC;QAE1B,MAAM,OAAO,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;QAEzC,MAAM,IAAI,eAAe,CAAC,CAAC,OAAO,IAAI,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC;QAClD,MAAM,IAAI,eAAe,CAAC,CAAC,OAAO,IAAI,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC;QAClD,MAAM,IAAI,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAC7E,MAAM,IAAI,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,eAAe,CAAC,OAAO,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IACxE,CAAC;IAED,oCAAoC;IACpC,OAAO,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;AACxD,CAAC;AAED;;;;;GAKG;AACH,SAAgB,eAAe,CAAC,GAAW;IACzC,8BAA8B;IAC9B,IAAI,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IAEvD,wBAAwB;IACxB,OAAO,MAAM,CAAC,MAAM,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;QAC/B,MAAM,IAAI,GAAG,CAAC;IAChB,CAAC;IAED,MAAM,MAAM,GAAG,eAAe,EAAE,CAAC;IACjC,MAAM,KAAK,GAAa,EAAE,CAAC;IAE3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QAC1C,MAAM,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QACrC,MAAM,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QACzC,MAAM,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QACzC,MAAM,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QAEzC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAChC,IAAI,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC;YAC1B,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAC3C,CAAC;QACD,IAAI,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC;YAC1B,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACpC,CAAC;IACH,CAAC;IAED,OAAO,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC;AAC/B,CAAC;AAED;;;;;GAKG;AACH,SAAgB,qBAAqB,CAAC,GAAW;IAC/C,OAAO,eAAe,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;AACxD,CAAC;AAED;;;;;GAKG;AACH,SAAgB,qBAAqB,CAAC,GAAW;IAC/C,OAAO,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC;AACxD,CAAC"}

package/dist/errors.js

@@ -1,45 +0,0 @@
-"use strict";
-/**
- * Typed errors for @peac/crypto
- *
- * These error codes are INTERNAL to @peac/crypto and should NOT be exposed
- * as protocol-stable API. Higher-level packages (like @peac/protocol) should
- * map these to canonical E_* codes from specs/kernel/errors.json.
- *
- * The CRYPTO_ prefix makes it clear these are package-internal codes.
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.CryptoError = void 0;
-exports.isFormatError = isFormatError;
-/**
- * Typed error for crypto operations
- *
- * Use `err.code` to handle errors programmatically without message parsing.
- * The code is a CRYPTO_* internal code, not a canonical E_* protocol code.
- */
-class CryptoError extends Error {
-    code;
-    constructor(code, message) {
-        super(message);
-        this.name = 'CryptoError';
-        this.code = code;
-        // Maintain proper prototype chain for instanceof checks
-        Object.setPrototypeOf(this, CryptoError.prototype);
-    }
-}
-exports.CryptoError = CryptoError;
-/**
- * Check if a CryptoError code indicates a format/structure issue
- * (as opposed to a cryptographic verification failure)
- *
- * @internal This is an internal helper, not part of the public API.
- * Use structural checks on CryptoError.code instead of relying on this function.
- */
-function isFormatError(code) {
-    return (code === 'CRYPTO_INVALID_JWS_FORMAT' ||
-        code === 'CRYPTO_INVALID_TYP' ||
-        code === 'CRYPTO_INVALID_ALG' ||
-        code === 'CRYPTO_INVALID_KEY_LENGTH' ||
-        code === 'CRYPTO_INVALID_SEED_LENGTH');
-}
-//# sourceMappingURL=errors.js.map

package/dist/errors.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"errors.js","sourceRoot":"","sources":["../src/errors.ts"],"names":[],"mappings":";AAAA;;;;;;;;GAQG;;;AAyCH,sCAQC;AAjCD;;;;;GAKG;AACH,MAAa,WAAY,SAAQ,KAAK;IAC3B,IAAI,CAAkB;IAE/B,YAAY,IAAqB,EAAE,OAAe;QAChD,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,aAAa,CAAC;QAC1B,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,wDAAwD;QACxD,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,WAAW,CAAC,SAAS,CAAC,CAAC;IACrD,CAAC;CACF;AAVD,kCAUC;AAED;;;;;;GAMG;AACH,SAAgB,aAAa,CAAC,IAAqB;IACjD,OAAO,CACL,IAAI,KAAK,2BAA2B;QACpC,IAAI,KAAK,oBAAoB;QAC7B,IAAI,KAAK,oBAAoB;QAC7B,IAAI,KAAK,2BAA2B;QACpC,IAAI,KAAK,4BAA4B,CACtC,CAAC;AACJ,CAAC"}

package/dist/hash.js

@@ -1,171 +0,0 @@
-"use strict";
-/**
- * Cryptographic hash utilities
- *
- * Platform-agnostic SHA-256 implementation that works in Node.js, browser, and edge runtimes.
- * Uses Web Crypto API with Node.js crypto fallback.
- *
- * @packageDocumentation
- */
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || (function () {
-    var ownKeys = function(o) {
-        ownKeys = Object.getOwnPropertyNames || function (o) {
-            var ar = [];
-            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
-            return ar;
-        };
-        return ownKeys(o);
-    };
-    return function (mod) {
-        if (mod && mod.__esModule) return mod;
-        var result = {};
-        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
-        __setModuleDefault(result, mod);
-        return result;
-    };
-})();
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.sha256Hex = sha256Hex;
-exports.sha256Bytes = sha256Bytes;
-exports.hexToBytes = hexToBytes;
-exports.bytesToHex = bytesToHex;
-exports.computeJwkThumbprint = computeJwkThumbprint;
-exports.jwkToPublicKeyBytes = jwkToPublicKeyBytes;
-const base64url_js_1 = require("./base64url.js");
-/**
- * Compute SHA-256 hash of data and return as lowercase hex string
- *
- * Uses Web Crypto API if available, falls back to Node.js crypto.
- *
- * @param data - Data to hash (Uint8Array or string)
- * @returns Lowercase hex string (64 characters)
- */
-async function sha256Hex(data) {
-    const bytes = typeof data === 'string' ? new TextEncoder().encode(data) : data;
-    // Try Web Crypto API first (works in browser, edge, and Node 20+)
-    if (typeof globalThis.crypto?.subtle?.digest === 'function') {
-        const hashBuffer = await globalThis.crypto.subtle.digest('SHA-256', bytes);
-        const hashArray = Array.from(new Uint8Array(hashBuffer));
-        return hashArray.map((b) => b.toString(16).padStart(2, '0')).join('');
-    }
-    // Fallback to Node.js crypto
-    try {
-        const { createHash } = await Promise.resolve().then(() => __importStar(require('crypto')));
-        const hash = createHash('sha256');
-        hash.update(bytes);
-        return hash.digest('hex');
-    }
-    catch {
-        throw new Error('No SHA-256 implementation available. Ensure Web Crypto API or Node.js crypto is available.');
-    }
-}
-/**
- * Compute SHA-256 hash of data and return as Uint8Array (32 bytes)
- *
- * @param data - Data to hash (Uint8Array or string)
- * @returns Hash as Uint8Array (32 bytes)
- */
-async function sha256Bytes(data) {
-    const bytes = typeof data === 'string' ? new TextEncoder().encode(data) : data;
-    // Try Web Crypto API first
-    if (typeof globalThis.crypto?.subtle?.digest === 'function') {
-        const hashBuffer = await globalThis.crypto.subtle.digest('SHA-256', bytes);
-        return new Uint8Array(hashBuffer);
-    }
-    // Fallback to Node.js crypto
-    try {
-        const { createHash } = await Promise.resolve().then(() => __importStar(require('crypto')));
-        const hash = createHash('sha256');
-        hash.update(bytes);
-        return new Uint8Array(hash.digest());
-    }
-    catch {
-        throw new Error('No SHA-256 implementation available.');
-    }
-}
-/**
- * Convert hex string to Uint8Array
- *
- * @param hex - Lowercase hex string
- * @returns Uint8Array
- */
-function hexToBytes(hex) {
-    // Validate: must be even length and contain only hex characters
-    if (hex.length % 2 !== 0 || !/^[0-9a-fA-F]*$/.test(hex)) {
-        throw new Error('Invalid hex string');
-    }
-    if (hex.length === 0) {
-        return new Uint8Array([]);
-    }
-    const matches = hex.match(/.{2}/g);
-    if (!matches) {
-        throw new Error('Invalid hex string');
-    }
-    return new Uint8Array(matches.map((byte) => parseInt(byte, 16)));
-}
-/**
- * Convert Uint8Array to lowercase hex string
- *
- * @param bytes - Byte array
- * @returns Lowercase hex string
- */
-function bytesToHex(bytes) {
-    return Array.from(bytes)
-        .map((b) => b.toString(16).padStart(2, '0'))
-        .join('');
-}
-/**
- * Compute RFC 7638 JWK Thumbprint (base64url, SHA-256)
- *
- * For Ed25519 keys, the canonical JSON is: {"crv":"Ed25519","kty":"OKP","x":"<base64url>"}
- * Returns base64url-encoded SHA-256 hash (43 characters).
- *
- * @param jwk - JWK with kty, crv, x fields
- * @returns Base64url-encoded SHA-256 thumbprint (43 characters)
- */
-async function computeJwkThumbprint(jwk) {
-    if (jwk.kty !== 'OKP' || jwk.crv !== 'Ed25519') {
-        throw new Error('Only Ed25519 keys (OKP/Ed25519) are supported for thumbprint computation');
-    }
-    // Canonical JSON per RFC 7638 (alphabetically sorted members, no whitespace)
-    const canonical = JSON.stringify({
-        crv: jwk.crv,
-        kty: jwk.kty,
-        x: jwk.x,
-    });
-    const hashBytes = await sha256Bytes(canonical);
-    return (0, base64url_js_1.base64urlEncode)(hashBytes);
-}
-/**
- * Convert JWK to Ed25519 public key bytes (32 bytes)
- *
- * @param jwk - JWK with kty, crv, x fields
- * @returns Public key as 32-byte Uint8Array
- */
-function jwkToPublicKeyBytes(jwk) {
-    if (jwk.kty !== 'OKP' || jwk.crv !== 'Ed25519') {
-        throw new Error('Only Ed25519 keys (OKP/Ed25519) are supported');
-    }
-    const xBytes = (0, base64url_js_1.base64urlDecode)(jwk.x);
-    if (xBytes.length !== 32) {
-        throw new Error(`Ed25519 public key must be 32 bytes, got ${xBytes.length}`);
-    }
-    return xBytes;
-}
-//# sourceMappingURL=hash.js.map

package/dist/hash.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"hash.js","sourceRoot":"","sources":["../src/hash.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAYH,8BAqBC;AAQD,kCAkBC;AAQD,gCAaC;AAQD,gCAIC;AAuBD,oDAcC;AAQD,kDAWC;AAlJD,iDAAkE;AAElE;;;;;;;GAOG;AACI,KAAK,UAAU,SAAS,CAAC,IAAyB;IACvD,MAAM,KAAK,GAAG,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IAE/E,kEAAkE;IAClE,IAAI,OAAO,UAAU,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,KAAK,UAAU,EAAE,CAAC;QAC5D,MAAM,UAAU,GAAG,MAAM,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;QAC3E,MAAM,SAAS,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,UAAU,CAAC,UAAU,CAAC,CAAC,CAAC;QACzD,OAAO,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACxE,CAAC;IAED,6BAA6B;IAC7B,IAAI,CAAC;QACH,MAAM,EAAE,UAAU,EAAE,GAAG,wDAAa,QAAQ,GAAC,CAAC;QAC9C,MAAM,IAAI,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC;QAClC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACnB,OAAO,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC5B,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,KAAK,CACb,4FAA4F,CAC7F,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACI,KAAK,UAAU,WAAW,CAAC,IAAyB;IACzD,MAAM,KAAK,GAAG,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IAE/E,2BAA2B;IAC3B,IAAI,OAAO,UAAU,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,KAAK,UAAU,EAAE,CAAC;QAC5D,MAAM,UAAU,GAAG,MAAM,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;QAC3E,OAAO,IAAI,UAAU,CAAC,UAAU,CAAC,CAAC;IACpC,CAAC;IAED,6BAA6B;IAC7B,IAAI,CAAC;QACH,MAAM,EAAE,UAAU,EAAE,GAAG,wDAAa,QAAQ,GAAC,CAAC;QAC9C,MAAM,IAAI,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC;QAClC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACnB,OAAO,IAAI,UAAU,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;IACvC,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;IAC1D,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,SAAgB,UAAU,CAAC,GAAW;IACpC,gEAAgE;IAChE,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QACxD,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;IACxC,CAAC;IACD,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACrB,OAAO,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IAC5B,CAAC;IACD,MAAM,OAAO,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IACnC,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;IACxC,CAAC;IACD,OAAO,IAAI,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;AACnE,CAAC;AAED;;;;;GAKG;AACH,SAAgB,UAAU,CAAC,KAAiB;IAC1C,OAAO,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC;SACrB,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;SAC3C,IAAI,CAAC,EAAE,CAAC,CAAC;AACd,CAAC;AAcD;;;;;;;;GAQG;AACI,KAAK,UAAU,oBAAoB,CAAC,GAAuB;IAChE,IAAI,GAAG,CAAC,GAAG,KAAK,KAAK,IAAI,GAAG,CAAC,GAAG,KAAK,SAAS,EAAE,CAAC;QAC/C,MAAM,IAAI,KAAK,CAAC,0EAA0E,CAAC,CAAC;IAC9F,CAAC;IAED,6EAA6E;IAC7E,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAC/B,GAAG,EAAE,GAAG,CAAC,GAAG;QACZ,GAAG,EAAE,GAAG,CAAC,GAAG;QACZ,CAAC,EAAE,GAAG,CAAC,CAAC;KACT,CAAC,CAAC;IAEH,MAAM,SAAS,GAAG,MAAM,WAAW,CAAC,SAAS,CAAC,CAAC;IAC/C,OAAO,IAAA,8BAAe,EAAC,SAAS,CAAC,CAAC;AACpC,CAAC;AAED;;;;;GAKG;AACH,SAAgB,mBAAmB,CAAC,GAAuB;IACzD,IAAI,GAAG,CAAC,GAAG,KAAK,KAAK,IAAI,GAAG,CAAC,GAAG,KAAK,SAAS,EAAE,CAAC;QAC/C,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;IACnE,CAAC;IAED,MAAM,MAAM,GAAG,IAAA,8BAAe,EAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IACtC,IAAI,MAAM,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QACzB,MAAM,IAAI,KAAK,CAAC,4CAA4C,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;IAC/E,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC"}

package/dist/index.js

@@ -1,32 +0,0 @@
-"use strict";
-/**
- * PEAC Protocol Crypto Package
- *
- * Ed25519 JWS signing/verification, JSON Canonicalization (RFC 8785),
- * and platform-agnostic cryptographic utilities.
- *
- * All primitives are runtime-agnostic (Node.js, browser, edge workers).
- *
- * @packageDocumentation
- */
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __exportStar = (this && this.__exportStar) || function(m, exports) {
-    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-__exportStar(require("./base64url"), exports);
-__exportStar(require("./errors"), exports);
-__exportStar(require("./hash"), exports);
-__exportStar(require("./jcs"), exports);
-__exportStar(require("./jws"), exports);
-//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAAA;;;;;;;;;GASG;;;;;;;;;;;;;;;;AAEH,8CAA4B;AAC5B,2CAAyB;AACzB,yCAAuB;AACvB,wCAAsB;AACtB,wCAAsB"}

package/dist/jcs.js

@@ -1,125 +0,0 @@
-"use strict";
-/**
- * JSON Canonicalization Scheme (RFC 8785)
- * Deterministic JSON serialization for cryptographic hashing
- *
- * PROTOCOL DECISION: JavaScript `undefined` Handling
- * ===================================================
- *
- * RFC 8785 canonicalizes JSON values, and `undefined` is NOT a JSON value.
- * This implementation adopts "JS-ergonomic" semantics that match JSON.stringify:
- *
- * 1. **Object properties with undefined values are OMITTED**
- *    - `canonicalize({a: 1, b: undefined})` -> `{"a":1}`
- *    - Matches: `JSON.stringify({a: 1, b: undefined})` -> `{"a":1}`
- *
- * 2. **Array elements that are undefined become null**
- *    - `canonicalize([1, undefined, 3])` -> `[1,null,3]`
- *    - Matches: `JSON.stringify([1, undefined, 3])` -> `[1,null,3]`
- *
- * 3. **Top-level undefined THROWS**
- *    - `canonicalize(undefined)` -> throws Error
- *    - Rationale: No valid JSON representation exists
- *
- * CROSS-LANGUAGE INTEROPERABILITY WARNING:
- * =========================================
- * Cross-language producers MUST NOT rely on "undefined" semantics. To achieve
- * identical hashes across implementations, explicitly encode `null` in arrays
- * and omit keys in objects. Other language implementations (Go, Rust, Python)
- * will never produce `undefined` since it's JavaScript-specific.
- *
- * Guidelines:
- * - Producers MUST emit explicit `null` or omit keys; do NOT rely on coercion
- * - Verifiers SHOULD sanitize inputs before hashing (remove undefined properties)
- * - The canonical output is identical whether you pass `{a: undefined}` or `{}`
- *
- * This behavior is NORMATIVE for PEAC hashing and MUST NOT change without
- * a wire format version bump.
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.canonicalize = canonicalize;
-exports.canonicalizeBytes = canonicalizeBytes;
-exports.jcsHash = jcsHash;
-/**
- * Canonicalize a JSON value according to RFC 8785.
- *
- * @param obj - The value to canonicalize. Must be a valid JSON type (null, boolean,
- *              number, string, array, object). Functions and Symbols throw.
- * @returns Canonical JSON string with sorted keys and no whitespace.
- * @throws Error if the value cannot be canonicalized (undefined at top level,
- *         non-finite numbers, functions, symbols).
- *
- * @example
- * ```ts
- * canonicalize({ b: 2, a: 1 })  // '{"a":1,"b":2}'
- * canonicalize([1, null, "x"])   // '[1,null,"x"]'
- * ```
- */
-function canonicalize(obj) {
-    if (obj === null) {
-        return 'null';
-    }
-    if (typeof obj === 'boolean') {
-        return obj ? 'true' : 'false';
-    }
-    if (typeof obj === 'number') {
-        // RFC 8785 number serialization (no trailing zeros, no exponential for small numbers)
-        if (!Number.isFinite(obj)) {
-            throw new Error('Cannot canonicalize non-finite number');
-        }
-        if (Object.is(obj, -0)) {
-            return '0';
-        }
-        // Use JSON.stringify for proper number formatting per RFC 8785
-        const str = JSON.stringify(obj);
-        // Ensure no exponential notation for integers
-        if (Number.isInteger(obj) && str.includes('e')) {
-            return obj.toString();
-        }
-        return str;
-    }
-    if (typeof obj === 'string') {
-        return JSON.stringify(obj);
-    }
-    if (Array.isArray(obj)) {
-        // PROTOCOL DECISION: undefined in arrays becomes null (matches JSON.stringify)
-        // See module-level documentation for cross-language interoperability notes.
-        const elements = obj.map((el) => (el === undefined ? 'null' : canonicalize(el)));
-        return `[${elements.join(',')}]`;
-    }
-    if (typeof obj === 'object') {
-        // Sort keys lexicographically by UTF-16 code unit (RFC 8785 requirement)
-        const keys = Object.keys(obj).sort();
-        const pairs = [];
-        for (const key of keys) {
-            const value = obj[key];
-            // PROTOCOL DECISION: Skip undefined values (matches JSON.stringify)
-            // See module-level documentation for cross-language interoperability notes.
-            if (value === undefined) {
-                continue;
-            }
-            pairs.push(`${JSON.stringify(key)}:${canonicalize(value)}`);
-        }
-        return `{${pairs.join(',')}}`;
-    }
-    throw new Error(`Cannot canonicalize type: ${typeof obj}`);
-}
-/**
- * Canonicalize and encode as UTF-8 bytes
- */
-function canonicalizeBytes(obj) {
-    const canonical = canonicalize(obj);
-    return new TextEncoder().encode(canonical);
-}
-/**
- * Compute JCS+SHA-256 hash of an object
- */
-async function jcsHash(obj) {
-    const bytes = canonicalizeBytes(obj);
-    const hashBuffer = await crypto.subtle.digest('SHA-256', bytes);
-    const hashArray = new Uint8Array(hashBuffer);
-    return Array.from(hashArray)
-        .map((b) => b.toString(16).padStart(2, '0'))
-        .join('');
-}
-//# sourceMappingURL=jcs.js.map

package/dist/jcs.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"jcs.js","sourceRoot":"","sources":["../src/jcs.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG;;AAiBH,oCAsDC;AAKD,8CAGC;AAKD,0BAOC;AAzFD;;;;;;;;;;;;;;GAcG;AACH,SAAgB,YAAY,CAAC,GAAY;IACvC,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;QACjB,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,IAAI,OAAO,GAAG,KAAK,SAAS,EAAE,CAAC;QAC7B,OAAO,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC;IAChC,CAAC;IAED,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QAC5B,sFAAsF;QACtF,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;QAC3D,CAAC;QACD,IAAI,MAAM,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACvB,OAAO,GAAG,CAAC;QACb,CAAC;QACD,+DAA+D;QAC/D,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QAChC,8CAA8C;QAC9C,IAAI,MAAM,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YAC/C,OAAO,GAAG,CAAC,QAAQ,EAAE,CAAC;QACxB,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC;IAED,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QAC5B,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;IAC7B,CAAC;IAED,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QACvB,+EAA+E;QAC/E,4EAA4E;QAC5E,MAAM,QAAQ,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,KAAK,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QACjF,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;IACnC,CAAC;IAED,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QAC5B,yEAAyE;QACzE,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;QACrC,MAAM,KAAK,GAAa,EAAE,CAAC;QAC3B,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;YACvB,MAAM,KAAK,GAAI,GAA+B,CAAC,GAAG,CAAC,CAAC;YACpD,oEAAoE;YACpE,4EAA4E;YAC5E,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;gBACxB,SAAS;YACX,CAAC;YACD,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAC9D,CAAC;QACD,OAAO,IAAI,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;IAChC,CAAC;IAED,MAAM,IAAI,KAAK,CAAC,6BAA6B,OAAO,GAAG,EAAE,CAAC,CAAC;AAC7D,CAAC;AAED;;GAEG;AACH,SAAgB,iBAAiB,CAAC,GAAY;IAC5C,MAAM,SAAS,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC;IACpC,OAAO,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;AAC7C,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,OAAO,CAAC,GAAY;IACxC,MAAM,KAAK,GAAG,iBAAiB,CAAC,GAAG,CAAC,CAAC;IACrC,MAAM,UAAU,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;IAChE,MAAM,SAAS,GAAG,IAAI,UAAU,CAAC,UAAU,CAAC,CAAC;IAC7C,OAAO,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC;SACzB,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;SAC3C,IAAI,CAAC,EAAE,CAAC,CAAC;AACd,CAAC"}