@reallyme/crypto 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +140 -0
- package/dist/aead.d.ts +9 -0
- package/dist/aead.js +62 -0
- package/dist/aesKw.d.ts +10 -0
- package/dist/aesKw.js +45 -0
- package/dist/algorithms.d.ts +18 -0
- package/dist/algorithms.js +64 -0
- package/dist/argon2id.d.ts +8 -0
- package/dist/argon2id.js +40 -0
- package/dist/bip340Schnorr.d.ts +26 -0
- package/dist/bip340Schnorr.js +72 -0
- package/dist/codecs.d.ts +35 -0
- package/dist/codecs.js +216 -0
- package/dist/cryptoFacade.d.ts +51 -0
- package/dist/cryptoFacade.js +329 -0
- package/dist/digest.d.ts +14 -0
- package/dist/digest.js +33 -0
- package/dist/ed25519.d.ts +34 -0
- package/dist/ed25519.js +78 -0
- package/dist/encodeEcdsaDer.d.ts +2 -0
- package/dist/encodeEcdsaDer.js +141 -0
- package/dist/errors.d.ts +10 -0
- package/dist/errors.js +11 -0
- package/dist/hkdf.d.ts +7 -0
- package/dist/hkdf.js +27 -0
- package/dist/hmac.d.ts +9 -0
- package/dist/hmac.js +50 -0
- package/dist/hpke.d.ts +15 -0
- package/dist/hpke.js +59 -0
- package/dist/index.d.ts +41 -0
- package/dist/index.js +31 -0
- package/dist/jwk.d.ts +42 -0
- package/dist/jwk.js +289 -0
- package/dist/mlDsa.d.ts +18 -0
- package/dist/mlDsa.js +85 -0
- package/dist/mlKem.d.ts +25 -0
- package/dist/mlKem.js +95 -0
- package/dist/p256Ecdh.d.ts +22 -0
- package/dist/p256Ecdh.js +53 -0
- package/dist/p256Ecdsa.d.ts +25 -0
- package/dist/p256Ecdsa.js +85 -0
- package/dist/p384Ecdsa.d.ts +23 -0
- package/dist/p384Ecdsa.js +83 -0
- package/dist/p521Ecdsa.d.ts +23 -0
- package/dist/p521Ecdsa.js +83 -0
- package/dist/pbkdf2.d.ts +28 -0
- package/dist/pbkdf2.js +57 -0
- package/dist/proto/generated/reallyme/crypto/v1/crypto_pb.d.ts +618 -0
- package/dist/proto/generated/reallyme/crypto/v1/crypto_pb.js +523 -0
- package/dist/proto.d.ts +25 -0
- package/dist/proto.js +342 -0
- package/dist/providerCatalog.d.ts +9 -0
- package/dist/providerCatalog.js +15 -0
- package/dist/rsa.d.ts +13 -0
- package/dist/rsa.js +102 -0
- package/dist/secp256k1.d.ts +47 -0
- package/dist/secp256k1.js +106 -0
- package/dist/slhDsa.d.ts +15 -0
- package/dist/slhDsa.js +54 -0
- package/dist/validateBytes.d.ts +2 -0
- package/dist/validateBytes.js +20 -0
- package/dist/verifySignature.d.ts +1 -0
- package/dist/verifySignature.js +9 -0
- package/dist/wasm/LICENSE +201 -0
- package/dist/wasm/reallyme_crypto_wasm.js +1319 -0
- package/dist/wasm/reallyme_crypto_wasm_bg.wasm +0 -0
- package/dist/wasmModuleTypes.d.ts +72 -0
- package/dist/wasmModuleTypes.js +4 -0
- package/dist/wasmProvider.d.ts +94 -0
- package/dist/wasmProvider.js +173 -0
- package/dist/x25519.d.ts +28 -0
- package/dist/x25519.js +66 -0
- package/dist/xWing.d.ts +23 -0
- package/dist/xWing.js +86 -0
- package/package.json +48 -0
|
Binary file
|
|
@@ -0,0 +1,72 @@
|
|
|
1
|
+
export type ReallyMeWasmInitOutput = Readonly<{
|
|
2
|
+
memory: unknown;
|
|
3
|
+
}>;
|
|
4
|
+
export declare function initSync(module: {
|
|
5
|
+
module: Uint8Array;
|
|
6
|
+
}): ReallyMeWasmInitOutput;
|
|
7
|
+
export declare function aes256GcmOpen(key: Uint8Array, nonce: Uint8Array, aad: Uint8Array, ciphertextWithTag: Uint8Array): Uint8Array;
|
|
8
|
+
export declare function aes256GcmSeal(key: Uint8Array, nonce: Uint8Array, aad: Uint8Array, plaintext: Uint8Array): Uint8Array;
|
|
9
|
+
export declare function aes256GcmSivOpen(key: Uint8Array, nonce: Uint8Array, aad: Uint8Array, ciphertextWithTag: Uint8Array): Uint8Array;
|
|
10
|
+
export declare function aes256GcmSivSeal(key: Uint8Array, nonce: Uint8Array, aad: Uint8Array, plaintext: Uint8Array): Uint8Array;
|
|
11
|
+
export declare function aes256KwUnwrapKey(wrappingKey: Uint8Array, wrappedKey: Uint8Array): Uint8Array;
|
|
12
|
+
export declare function aes256KwWrapKey(wrappingKey: Uint8Array, keyToWrap: Uint8Array): Uint8Array;
|
|
13
|
+
export declare function argon2idDeriveKey(kdfVersion: number, secret: Uint8Array, salt: Uint8Array): Uint8Array;
|
|
14
|
+
export declare function base64urlDecode(encoded: string): Uint8Array;
|
|
15
|
+
export declare function base64urlEncode(bytes: Uint8Array): string;
|
|
16
|
+
export declare function dagCborComputeCid(bytes: Uint8Array): string;
|
|
17
|
+
export declare function dagCborVerifyCid(cid: string, bytes: Uint8Array): unknown;
|
|
18
|
+
export declare function multibaseBase58btcEncode(bytes: Uint8Array): string;
|
|
19
|
+
export declare function multibaseBase64urlEncode(bytes: Uint8Array): string;
|
|
20
|
+
export declare function multibaseDecode(encoded: string): Uint8Array;
|
|
21
|
+
export declare function multicodecLookupPrefix(bytes: Uint8Array): unknown;
|
|
22
|
+
export declare function multicodecPrefixForName(codecName: string): unknown;
|
|
23
|
+
export declare function multikeyEncode(codecName: string, publicKey: Uint8Array): string;
|
|
24
|
+
export declare function multikeyParse(multikey: string): unknown;
|
|
25
|
+
export declare function hpkeOpenBase(suite: number, recipientSecretKey: Uint8Array, encapsulatedKey: Uint8Array, info: Uint8Array, aad: Uint8Array, ciphertext: Uint8Array): Uint8Array;
|
|
26
|
+
export declare function hpkeSealBase(suite: number, recipientPublicKey: Uint8Array, info: Uint8Array, aad: Uint8Array, plaintext: Uint8Array): unknown;
|
|
27
|
+
export declare function hpkeSealBaseDerand(suite: number, recipientPublicKey: Uint8Array, encapsulationRandomness: Uint8Array, info: Uint8Array, aad: Uint8Array, plaintext: Uint8Array): unknown;
|
|
28
|
+
export declare function mlKem512GenerateKeypair(): unknown;
|
|
29
|
+
export declare function mlKem512DeriveKeypair(secretKey: Uint8Array): unknown;
|
|
30
|
+
export declare function mlKem512Encapsulate(publicKey: Uint8Array): unknown;
|
|
31
|
+
export declare function mlKem512EncapsulateDerand(publicKey: Uint8Array, randomness: Uint8Array): unknown;
|
|
32
|
+
export declare function mlKem512Decapsulate(ciphertext: Uint8Array, secretKey: Uint8Array): Uint8Array;
|
|
33
|
+
export declare function mlKem768GenerateKeypair(): unknown;
|
|
34
|
+
export declare function mlKem768DeriveKeypair(secretKey: Uint8Array): unknown;
|
|
35
|
+
export declare function mlKem768Encapsulate(publicKey: Uint8Array): unknown;
|
|
36
|
+
export declare function mlKem768EncapsulateDerand(publicKey: Uint8Array, randomness: Uint8Array): unknown;
|
|
37
|
+
export declare function mlKem768Decapsulate(ciphertext: Uint8Array, secretKey: Uint8Array): Uint8Array;
|
|
38
|
+
export declare function mlKem1024GenerateKeypair(): unknown;
|
|
39
|
+
export declare function mlKem1024DeriveKeypair(secretKey: Uint8Array): unknown;
|
|
40
|
+
export declare function mlKem1024Encapsulate(publicKey: Uint8Array): unknown;
|
|
41
|
+
export declare function mlKem1024EncapsulateDerand(publicKey: Uint8Array, randomness: Uint8Array): unknown;
|
|
42
|
+
export declare function mlKem1024Decapsulate(ciphertext: Uint8Array, secretKey: Uint8Array): Uint8Array;
|
|
43
|
+
export declare function mlDsa44GenerateKeypair(): unknown;
|
|
44
|
+
export declare function mlDsa44DeriveKeypair(secretKey: Uint8Array): unknown;
|
|
45
|
+
export declare function mlDsa44Sign(secretKey: Uint8Array, message: Uint8Array): Uint8Array;
|
|
46
|
+
export declare function mlDsa44Verify(publicKey: Uint8Array, message: Uint8Array, signature: Uint8Array): void;
|
|
47
|
+
export declare function mlDsa65GenerateKeypair(): unknown;
|
|
48
|
+
export declare function mlDsa65DeriveKeypair(secretKey: Uint8Array): unknown;
|
|
49
|
+
export declare function mlDsa65Sign(secretKey: Uint8Array, message: Uint8Array): Uint8Array;
|
|
50
|
+
export declare function mlDsa65Verify(publicKey: Uint8Array, message: Uint8Array, signature: Uint8Array): void;
|
|
51
|
+
export declare function mlDsa87GenerateKeypair(): unknown;
|
|
52
|
+
export declare function mlDsa87DeriveKeypair(secretKey: Uint8Array): unknown;
|
|
53
|
+
export declare function mlDsa87Sign(secretKey: Uint8Array, message: Uint8Array): Uint8Array;
|
|
54
|
+
export declare function mlDsa87Verify(publicKey: Uint8Array, message: Uint8Array, signature: Uint8Array): void;
|
|
55
|
+
export declare function slhDsaSha2128sGenerateKeypair(): unknown;
|
|
56
|
+
export declare function slhDsaSha2128sDeriveKeypair(skSeed: Uint8Array, skPrf: Uint8Array, pkSeed: Uint8Array): unknown;
|
|
57
|
+
export declare function slhDsaSha2128sSign(secretKey: Uint8Array, message: Uint8Array): Uint8Array;
|
|
58
|
+
export declare function slhDsaSha2128sVerify(publicKey: Uint8Array, message: Uint8Array, signature: Uint8Array): void;
|
|
59
|
+
export declare function chacha20Poly1305Open(key: Uint8Array, nonce: Uint8Array, aad: Uint8Array, ciphertextWithTag: Uint8Array): Uint8Array;
|
|
60
|
+
export declare function chacha20Poly1305Seal(key: Uint8Array, nonce: Uint8Array, aad: Uint8Array, plaintext: Uint8Array): Uint8Array;
|
|
61
|
+
export declare function xchacha20Poly1305Open(key: Uint8Array, nonce: Uint8Array, aad: Uint8Array, ciphertextWithTag: Uint8Array): Uint8Array;
|
|
62
|
+
export declare function xchacha20Poly1305Seal(key: Uint8Array, nonce: Uint8Array, aad: Uint8Array, plaintext: Uint8Array): Uint8Array;
|
|
63
|
+
export declare function xWing1024Decapsulate(ciphertext: Uint8Array, secretKey: Uint8Array): Uint8Array;
|
|
64
|
+
export declare function xWing1024DeriveKeypair(secretKey: Uint8Array): unknown;
|
|
65
|
+
export declare function xWing1024Encapsulate(publicKey: Uint8Array): unknown;
|
|
66
|
+
export declare function xWing1024EncapsulateDerand(publicKey: Uint8Array, seed: Uint8Array): unknown;
|
|
67
|
+
export declare function xWing1024GenerateKeypair(): unknown;
|
|
68
|
+
export declare function xWing768Decapsulate(ciphertext: Uint8Array, secretKey: Uint8Array): Uint8Array;
|
|
69
|
+
export declare function xWing768DeriveKeypair(secretKey: Uint8Array): unknown;
|
|
70
|
+
export declare function xWing768Encapsulate(publicKey: Uint8Array): unknown;
|
|
71
|
+
export declare function xWing768EncapsulateDerand(publicKey: Uint8Array, seed: Uint8Array): unknown;
|
|
72
|
+
export declare function xWing768GenerateKeypair(): unknown;
|
|
@@ -0,0 +1,94 @@
|
|
|
1
|
+
type GenerateKeypairFn = () => unknown;
|
|
2
|
+
type GenerateKeypairFromSeedFn = (seed: Uint8Array) => unknown;
|
|
3
|
+
type Argon2idFn = (kdfVersion: number, secret: Uint8Array, salt: Uint8Array) => unknown;
|
|
4
|
+
type AeadFn = (key: Uint8Array, nonce: Uint8Array, aad: Uint8Array, text: Uint8Array) => unknown;
|
|
5
|
+
type KeyWrapFn = (wrappingKey: Uint8Array, keyMaterial: Uint8Array) => unknown;
|
|
6
|
+
type BytesToStringFn = (bytes: Uint8Array) => unknown;
|
|
7
|
+
type BytesToObjectFn = (bytes: Uint8Array) => unknown;
|
|
8
|
+
type StringToBytesFn = (text: string) => unknown;
|
|
9
|
+
type StringToObjectFn = (text: string) => unknown;
|
|
10
|
+
type StringBytesToStringFn = (text: string, bytes: Uint8Array) => unknown;
|
|
11
|
+
type SignatureSignFn = (secretKey: Uint8Array, message: Uint8Array) => unknown;
|
|
12
|
+
type SignatureVerifyFn = (publicKey: Uint8Array, message: Uint8Array, signature: Uint8Array) => unknown;
|
|
13
|
+
type RsaPkcs1v15VerifyFn = (publicKeyDer: Uint8Array, publicKeyEncoding: number, hashSuite: number, message: Uint8Array, signature: Uint8Array) => unknown;
|
|
14
|
+
type RsaPssVerifyFn = (publicKeyDer: Uint8Array, publicKeyEncoding: number, messageHashSuite: number, mgf1HashSuite: number, saltLength: number, message: Uint8Array, signature: Uint8Array) => unknown;
|
|
15
|
+
type HpkeOpenFn = (suite: number, recipientSecretKey: Uint8Array, encapsulatedKey: Uint8Array, info: Uint8Array, aad: Uint8Array, ciphertext: Uint8Array) => unknown;
|
|
16
|
+
type HpkeSealFn = (suite: number, recipientPublicKey: Uint8Array, info: Uint8Array, aad: Uint8Array, plaintext: Uint8Array) => unknown;
|
|
17
|
+
type HpkeSealDerandFn = (suite: number, recipientPublicKey: Uint8Array, encapsulationRandomness: Uint8Array, info: Uint8Array, aad: Uint8Array, plaintext: Uint8Array) => unknown;
|
|
18
|
+
type DeriveKeypairFn = (secretKey: Uint8Array) => unknown;
|
|
19
|
+
type EncapsulateFn = (publicKey: Uint8Array) => unknown;
|
|
20
|
+
type EncapsulateDerandFn = (publicKey: Uint8Array, seed: Uint8Array) => unknown;
|
|
21
|
+
type DecapsulateFn = (ciphertext: Uint8Array, secretKey: Uint8Array) => unknown;
|
|
22
|
+
export type ReallyMeWasmProvider = Readonly<{
|
|
23
|
+
aes256GcmSeal: AeadFn;
|
|
24
|
+
aes256GcmOpen: AeadFn;
|
|
25
|
+
aes256GcmSivSeal: AeadFn;
|
|
26
|
+
aes256GcmSivOpen: AeadFn;
|
|
27
|
+
chacha20Poly1305Seal: AeadFn;
|
|
28
|
+
chacha20Poly1305Open: AeadFn;
|
|
29
|
+
xchacha20Poly1305Seal: AeadFn;
|
|
30
|
+
xchacha20Poly1305Open: AeadFn;
|
|
31
|
+
aes256KwWrapKey: KeyWrapFn;
|
|
32
|
+
aes256KwUnwrapKey: KeyWrapFn;
|
|
33
|
+
argon2idDeriveKey: Argon2idFn;
|
|
34
|
+
base64urlEncode: BytesToStringFn;
|
|
35
|
+
base64urlDecode: StringToBytesFn;
|
|
36
|
+
multibaseBase64urlEncode: BytesToStringFn;
|
|
37
|
+
multibaseBase58btcEncode: BytesToStringFn;
|
|
38
|
+
multibaseDecode: StringToBytesFn;
|
|
39
|
+
multicodecPrefixForName: StringToObjectFn;
|
|
40
|
+
multicodecLookupPrefix: BytesToObjectFn;
|
|
41
|
+
multikeyEncode: StringBytesToStringFn;
|
|
42
|
+
multikeyParse: StringToObjectFn;
|
|
43
|
+
dagCborComputeCid: BytesToStringFn;
|
|
44
|
+
dagCborVerifyCid: StringBytesToStringFn;
|
|
45
|
+
hpkeSealBase: HpkeSealFn;
|
|
46
|
+
hpkeSealBaseDerand: HpkeSealDerandFn;
|
|
47
|
+
hpkeOpenBase: HpkeOpenFn;
|
|
48
|
+
mlDsa44GenerateKeypair: GenerateKeypairFn;
|
|
49
|
+
mlDsa44DeriveKeypair: GenerateKeypairFromSeedFn;
|
|
50
|
+
mlDsa44Sign: SignatureSignFn;
|
|
51
|
+
mlDsa44Verify: SignatureVerifyFn;
|
|
52
|
+
mlDsa65GenerateKeypair: GenerateKeypairFn;
|
|
53
|
+
mlDsa65DeriveKeypair: GenerateKeypairFromSeedFn;
|
|
54
|
+
mlDsa65Sign: SignatureSignFn;
|
|
55
|
+
mlDsa65Verify: SignatureVerifyFn;
|
|
56
|
+
mlDsa87GenerateKeypair: GenerateKeypairFn;
|
|
57
|
+
mlDsa87DeriveKeypair: GenerateKeypairFromSeedFn;
|
|
58
|
+
mlDsa87Sign: SignatureSignFn;
|
|
59
|
+
mlDsa87Verify: SignatureVerifyFn;
|
|
60
|
+
mlKem512GenerateKeypair: GenerateKeypairFn;
|
|
61
|
+
mlKem512DeriveKeypair: GenerateKeypairFromSeedFn;
|
|
62
|
+
mlKem512Encapsulate: EncapsulateFn;
|
|
63
|
+
mlKem512EncapsulateDerand: EncapsulateDerandFn;
|
|
64
|
+
mlKem512Decapsulate: DecapsulateFn;
|
|
65
|
+
mlKem768GenerateKeypair: GenerateKeypairFn;
|
|
66
|
+
mlKem768DeriveKeypair: GenerateKeypairFromSeedFn;
|
|
67
|
+
mlKem768Encapsulate: EncapsulateFn;
|
|
68
|
+
mlKem768EncapsulateDerand: EncapsulateDerandFn;
|
|
69
|
+
mlKem768Decapsulate: DecapsulateFn;
|
|
70
|
+
mlKem1024GenerateKeypair: GenerateKeypairFn;
|
|
71
|
+
mlKem1024DeriveKeypair: GenerateKeypairFromSeedFn;
|
|
72
|
+
mlKem1024Encapsulate: EncapsulateFn;
|
|
73
|
+
mlKem1024EncapsulateDerand: EncapsulateDerandFn;
|
|
74
|
+
mlKem1024Decapsulate: DecapsulateFn;
|
|
75
|
+
slhDsaSha2128sGenerateKeypair: GenerateKeypairFn;
|
|
76
|
+
slhDsaSha2128sDeriveKeypair: SignatureVerifyFn;
|
|
77
|
+
slhDsaSha2128sSign: SignatureSignFn;
|
|
78
|
+
slhDsaSha2128sVerify: SignatureVerifyFn;
|
|
79
|
+
rsaVerifyPkcs1v15: RsaPkcs1v15VerifyFn;
|
|
80
|
+
rsaVerifyPss: RsaPssVerifyFn;
|
|
81
|
+
xWing768GenerateKeypair: GenerateKeypairFn;
|
|
82
|
+
xWing768DeriveKeypair: DeriveKeypairFn;
|
|
83
|
+
xWing768Encapsulate: EncapsulateFn;
|
|
84
|
+
xWing768EncapsulateDerand: EncapsulateDerandFn;
|
|
85
|
+
xWing768Decapsulate: DecapsulateFn;
|
|
86
|
+
xWing1024GenerateKeypair: GenerateKeypairFn;
|
|
87
|
+
xWing1024DeriveKeypair: DeriveKeypairFn;
|
|
88
|
+
xWing1024Encapsulate: EncapsulateFn;
|
|
89
|
+
xWing1024EncapsulateDerand: EncapsulateDerandFn;
|
|
90
|
+
xWing1024Decapsulate: DecapsulateFn;
|
|
91
|
+
}>;
|
|
92
|
+
export declare const installReallyMeWasmProvider: (module: unknown) => void;
|
|
93
|
+
export declare const requireReallyMeWasmProvider: () => ReallyMeWasmProvider;
|
|
94
|
+
export {};
|
|
@@ -0,0 +1,173 @@
|
|
|
1
|
+
// SPDX-FileCopyrightText: Copyright © 2026 ReallyMe LLC. All rights reserved
|
|
2
|
+
//
|
|
3
|
+
// SPDX-License-Identifier: Apache-2.0
|
|
4
|
+
import { ReallyMeCryptoError } from "./errors.js";
|
|
5
|
+
let installedProvider;
|
|
6
|
+
const requireObject = (module) => {
|
|
7
|
+
if (typeof module !== "object" || module === null) {
|
|
8
|
+
throw new ReallyMeCryptoError("provider-failure");
|
|
9
|
+
}
|
|
10
|
+
return module;
|
|
11
|
+
};
|
|
12
|
+
const requireFunction = (module, name) => {
|
|
13
|
+
const candidate = Reflect.get(module, name);
|
|
14
|
+
if (typeof candidate !== "function") {
|
|
15
|
+
throw new ReallyMeCryptoError("provider-failure");
|
|
16
|
+
}
|
|
17
|
+
return (...args) => {
|
|
18
|
+
try {
|
|
19
|
+
return candidate(...args);
|
|
20
|
+
}
|
|
21
|
+
catch (error) {
|
|
22
|
+
throw new ReallyMeCryptoError(wasmErrorCode(error));
|
|
23
|
+
}
|
|
24
|
+
};
|
|
25
|
+
};
|
|
26
|
+
const wasmErrorCode = (error) => {
|
|
27
|
+
switch (error) {
|
|
28
|
+
case "invalid-input":
|
|
29
|
+
return "invalid-input";
|
|
30
|
+
case "invalid-signature":
|
|
31
|
+
return "invalid-signature";
|
|
32
|
+
case "unsupported-algorithm":
|
|
33
|
+
return "unsupported-algorithm";
|
|
34
|
+
case "provider-failure":
|
|
35
|
+
default:
|
|
36
|
+
return "provider-failure";
|
|
37
|
+
}
|
|
38
|
+
};
|
|
39
|
+
const function0 = (module, name) => {
|
|
40
|
+
const callable = requireFunction(module, name);
|
|
41
|
+
return () => callable();
|
|
42
|
+
};
|
|
43
|
+
const function1 = (module, name) => {
|
|
44
|
+
const callable = requireFunction(module, name);
|
|
45
|
+
return (first) => callable(first);
|
|
46
|
+
};
|
|
47
|
+
const function2 = (module, name) => {
|
|
48
|
+
const callable = requireFunction(module, name);
|
|
49
|
+
return (first, second) => callable(first, second);
|
|
50
|
+
};
|
|
51
|
+
const stringFunction1 = (module, name) => {
|
|
52
|
+
const callable = requireFunction(module, name);
|
|
53
|
+
return (text) => callable(text);
|
|
54
|
+
};
|
|
55
|
+
const bytesFunction1 = (module, name) => {
|
|
56
|
+
const callable = requireFunction(module, name);
|
|
57
|
+
return (bytes) => callable(bytes);
|
|
58
|
+
};
|
|
59
|
+
const stringBytesFunction2 = (module, name) => {
|
|
60
|
+
const callable = requireFunction(module, name);
|
|
61
|
+
return (text, bytes) => callable(text, bytes);
|
|
62
|
+
};
|
|
63
|
+
const function3 = (module, name) => {
|
|
64
|
+
const callable = requireFunction(module, name);
|
|
65
|
+
return (first, second, third) => callable(first, second, third);
|
|
66
|
+
};
|
|
67
|
+
const function4 = (module, name) => {
|
|
68
|
+
const callable = requireFunction(module, name);
|
|
69
|
+
return (first, second, third, fourth) => callable(first, second, third, fourth);
|
|
70
|
+
};
|
|
71
|
+
const argon2idFunction = (module, name) => {
|
|
72
|
+
const callable = requireFunction(module, name);
|
|
73
|
+
return (kdfVersion, secret, salt) => callable(kdfVersion, secret, salt);
|
|
74
|
+
};
|
|
75
|
+
const hpkeSealFunction = (module, name) => {
|
|
76
|
+
const callable = requireFunction(module, name);
|
|
77
|
+
return (suite, recipientPublicKey, info, aad, plaintext) => callable(suite, recipientPublicKey, info, aad, plaintext);
|
|
78
|
+
};
|
|
79
|
+
const hpkeSealDerandFunction = (module, name) => {
|
|
80
|
+
const callable = requireFunction(module, name);
|
|
81
|
+
return (suite, recipientPublicKey, encapsulationRandomness, info, aad, plaintext) => callable(suite, recipientPublicKey, encapsulationRandomness, info, aad, plaintext);
|
|
82
|
+
};
|
|
83
|
+
const hpkeOpenFunction = (module, name) => {
|
|
84
|
+
const callable = requireFunction(module, name);
|
|
85
|
+
return (suite, recipientSecretKey, encapsulatedKey, info, aad, ciphertext) => callable(suite, recipientSecretKey, encapsulatedKey, info, aad, ciphertext);
|
|
86
|
+
};
|
|
87
|
+
const rsaPkcs1v15VerifyFunction = (module, name) => {
|
|
88
|
+
const callable = requireFunction(module, name);
|
|
89
|
+
return (publicKeyDer, publicKeyEncoding, hashSuite, message, signature) => callable(publicKeyDer, publicKeyEncoding, hashSuite, message, signature);
|
|
90
|
+
};
|
|
91
|
+
const rsaPssVerifyFunction = (module, name) => {
|
|
92
|
+
const callable = requireFunction(module, name);
|
|
93
|
+
return (publicKeyDer, publicKeyEncoding, messageHashSuite, mgf1HashSuite, saltLength, message, signature) => callable(publicKeyDer, publicKeyEncoding, messageHashSuite, mgf1HashSuite, saltLength, message, signature);
|
|
94
|
+
};
|
|
95
|
+
export const installReallyMeWasmProvider = (module) => {
|
|
96
|
+
const providerModule = requireObject(module);
|
|
97
|
+
installedProvider = {
|
|
98
|
+
aes256GcmSeal: function4(providerModule, "aes256GcmSeal"),
|
|
99
|
+
aes256GcmOpen: function4(providerModule, "aes256GcmOpen"),
|
|
100
|
+
aes256GcmSivSeal: function4(providerModule, "aes256GcmSivSeal"),
|
|
101
|
+
aes256GcmSivOpen: function4(providerModule, "aes256GcmSivOpen"),
|
|
102
|
+
chacha20Poly1305Seal: function4(providerModule, "chacha20Poly1305Seal"),
|
|
103
|
+
chacha20Poly1305Open: function4(providerModule, "chacha20Poly1305Open"),
|
|
104
|
+
xchacha20Poly1305Seal: function4(providerModule, "xchacha20Poly1305Seal"),
|
|
105
|
+
xchacha20Poly1305Open: function4(providerModule, "xchacha20Poly1305Open"),
|
|
106
|
+
aes256KwWrapKey: function2(providerModule, "aes256KwWrapKey"),
|
|
107
|
+
aes256KwUnwrapKey: function2(providerModule, "aes256KwUnwrapKey"),
|
|
108
|
+
argon2idDeriveKey: argon2idFunction(providerModule, "argon2idDeriveKey"),
|
|
109
|
+
base64urlEncode: bytesFunction1(providerModule, "base64urlEncode"),
|
|
110
|
+
base64urlDecode: stringFunction1(providerModule, "base64urlDecode"),
|
|
111
|
+
multibaseBase64urlEncode: bytesFunction1(providerModule, "multibaseBase64urlEncode"),
|
|
112
|
+
multibaseBase58btcEncode: bytesFunction1(providerModule, "multibaseBase58btcEncode"),
|
|
113
|
+
multibaseDecode: stringFunction1(providerModule, "multibaseDecode"),
|
|
114
|
+
multicodecPrefixForName: stringFunction1(providerModule, "multicodecPrefixForName"),
|
|
115
|
+
multicodecLookupPrefix: bytesFunction1(providerModule, "multicodecLookupPrefix"),
|
|
116
|
+
multikeyEncode: stringBytesFunction2(providerModule, "multikeyEncode"),
|
|
117
|
+
multikeyParse: stringFunction1(providerModule, "multikeyParse"),
|
|
118
|
+
dagCborComputeCid: bytesFunction1(providerModule, "dagCborComputeCid"),
|
|
119
|
+
dagCborVerifyCid: stringBytesFunction2(providerModule, "dagCborVerifyCid"),
|
|
120
|
+
hpkeSealBase: hpkeSealFunction(providerModule, "hpkeSealBase"),
|
|
121
|
+
hpkeSealBaseDerand: hpkeSealDerandFunction(providerModule, "hpkeSealBaseDerand"),
|
|
122
|
+
hpkeOpenBase: hpkeOpenFunction(providerModule, "hpkeOpenBase"),
|
|
123
|
+
mlDsa44GenerateKeypair: function0(providerModule, "mlDsa44GenerateKeypair"),
|
|
124
|
+
mlDsa44DeriveKeypair: function1(providerModule, "mlDsa44DeriveKeypair"),
|
|
125
|
+
mlDsa44Sign: function2(providerModule, "mlDsa44Sign"),
|
|
126
|
+
mlDsa44Verify: function3(providerModule, "mlDsa44Verify"),
|
|
127
|
+
mlDsa65GenerateKeypair: function0(providerModule, "mlDsa65GenerateKeypair"),
|
|
128
|
+
mlDsa65DeriveKeypair: function1(providerModule, "mlDsa65DeriveKeypair"),
|
|
129
|
+
mlDsa65Sign: function2(providerModule, "mlDsa65Sign"),
|
|
130
|
+
mlDsa65Verify: function3(providerModule, "mlDsa65Verify"),
|
|
131
|
+
mlDsa87GenerateKeypair: function0(providerModule, "mlDsa87GenerateKeypair"),
|
|
132
|
+
mlDsa87DeriveKeypair: function1(providerModule, "mlDsa87DeriveKeypair"),
|
|
133
|
+
mlDsa87Sign: function2(providerModule, "mlDsa87Sign"),
|
|
134
|
+
mlDsa87Verify: function3(providerModule, "mlDsa87Verify"),
|
|
135
|
+
mlKem512GenerateKeypair: function0(providerModule, "mlKem512GenerateKeypair"),
|
|
136
|
+
mlKem512DeriveKeypair: function1(providerModule, "mlKem512DeriveKeypair"),
|
|
137
|
+
mlKem512Encapsulate: function1(providerModule, "mlKem512Encapsulate"),
|
|
138
|
+
mlKem512EncapsulateDerand: function2(providerModule, "mlKem512EncapsulateDerand"),
|
|
139
|
+
mlKem512Decapsulate: function2(providerModule, "mlKem512Decapsulate"),
|
|
140
|
+
mlKem768GenerateKeypair: function0(providerModule, "mlKem768GenerateKeypair"),
|
|
141
|
+
mlKem768DeriveKeypair: function1(providerModule, "mlKem768DeriveKeypair"),
|
|
142
|
+
mlKem768Encapsulate: function1(providerModule, "mlKem768Encapsulate"),
|
|
143
|
+
mlKem768EncapsulateDerand: function2(providerModule, "mlKem768EncapsulateDerand"),
|
|
144
|
+
mlKem768Decapsulate: function2(providerModule, "mlKem768Decapsulate"),
|
|
145
|
+
mlKem1024GenerateKeypair: function0(providerModule, "mlKem1024GenerateKeypair"),
|
|
146
|
+
mlKem1024DeriveKeypair: function1(providerModule, "mlKem1024DeriveKeypair"),
|
|
147
|
+
mlKem1024Encapsulate: function1(providerModule, "mlKem1024Encapsulate"),
|
|
148
|
+
mlKem1024EncapsulateDerand: function2(providerModule, "mlKem1024EncapsulateDerand"),
|
|
149
|
+
mlKem1024Decapsulate: function2(providerModule, "mlKem1024Decapsulate"),
|
|
150
|
+
slhDsaSha2128sGenerateKeypair: function0(providerModule, "slhDsaSha2128sGenerateKeypair"),
|
|
151
|
+
slhDsaSha2128sDeriveKeypair: function3(providerModule, "slhDsaSha2128sDeriveKeypair"),
|
|
152
|
+
slhDsaSha2128sSign: function2(providerModule, "slhDsaSha2128sSign"),
|
|
153
|
+
slhDsaSha2128sVerify: function3(providerModule, "slhDsaSha2128sVerify"),
|
|
154
|
+
rsaVerifyPkcs1v15: rsaPkcs1v15VerifyFunction(providerModule, "rsaVerifyPkcs1v15"),
|
|
155
|
+
rsaVerifyPss: rsaPssVerifyFunction(providerModule, "rsaVerifyPss"),
|
|
156
|
+
xWing768GenerateKeypair: function0(providerModule, "xWing768GenerateKeypair"),
|
|
157
|
+
xWing768DeriveKeypair: function1(providerModule, "xWing768DeriveKeypair"),
|
|
158
|
+
xWing768Encapsulate: function1(providerModule, "xWing768Encapsulate"),
|
|
159
|
+
xWing768EncapsulateDerand: function2(providerModule, "xWing768EncapsulateDerand"),
|
|
160
|
+
xWing768Decapsulate: function2(providerModule, "xWing768Decapsulate"),
|
|
161
|
+
xWing1024GenerateKeypair: function0(providerModule, "xWing1024GenerateKeypair"),
|
|
162
|
+
xWing1024DeriveKeypair: function1(providerModule, "xWing1024DeriveKeypair"),
|
|
163
|
+
xWing1024Encapsulate: function1(providerModule, "xWing1024Encapsulate"),
|
|
164
|
+
xWing1024EncapsulateDerand: function2(providerModule, "xWing1024EncapsulateDerand"),
|
|
165
|
+
xWing1024Decapsulate: function2(providerModule, "xWing1024Decapsulate"),
|
|
166
|
+
};
|
|
167
|
+
};
|
|
168
|
+
export const requireReallyMeWasmProvider = () => {
|
|
169
|
+
if (installedProvider === undefined) {
|
|
170
|
+
throw new ReallyMeCryptoError("provider-failure");
|
|
171
|
+
}
|
|
172
|
+
return installedProvider;
|
|
173
|
+
};
|
package/dist/x25519.d.ts
ADDED
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* X25519 key agreement backed by @noble/curves — the same pinned
|
|
3
|
+
* implementation the TypeScript conformance lane proves vectors against.
|
|
4
|
+
*
|
|
5
|
+
* The package returns the raw 32-byte Diffie-Hellman output. Higher-level
|
|
6
|
+
* protocols must bind it through their own KDF transcript; this primitive does
|
|
7
|
+
* not apply HKDF implicitly because HPKE, MLS, and ratchets label transcripts
|
|
8
|
+
* differently.
|
|
9
|
+
*/
|
|
10
|
+
export declare const X25519_SECRET_KEY_LENGTH = 32;
|
|
11
|
+
export declare const X25519_PUBLIC_KEY_LENGTH = 32;
|
|
12
|
+
export declare const X25519_SHARED_SECRET_LENGTH = 32;
|
|
13
|
+
export declare const ReallyMeX25519: {
|
|
14
|
+
/** Generates a random X25519 keypair: 32-byte public key, 32-byte secret. */
|
|
15
|
+
readonly generateKeyPair: () => {
|
|
16
|
+
publicKey: Uint8Array;
|
|
17
|
+
secretKey: Uint8Array;
|
|
18
|
+
};
|
|
19
|
+
/** Derives the X25519 keypair from a 32-byte secret. */
|
|
20
|
+
readonly deriveKeyPair: (secretKey: Uint8Array) => {
|
|
21
|
+
publicKey: Uint8Array;
|
|
22
|
+
secretKey: Uint8Array;
|
|
23
|
+
};
|
|
24
|
+
/** Derives the 32-byte X25519 public key from a 32-byte secret. */
|
|
25
|
+
readonly derivePublicKey: (secretKey: Uint8Array) => Uint8Array;
|
|
26
|
+
/** Derives the raw 32-byte X25519 shared secret. */
|
|
27
|
+
readonly deriveSharedSecret: (publicKey: Uint8Array, secretKey: Uint8Array) => Uint8Array;
|
|
28
|
+
};
|
package/dist/x25519.js
ADDED
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
// SPDX-FileCopyrightText: Copyright © 2026 ReallyMe LLC. All rights reserved
|
|
2
|
+
//
|
|
3
|
+
// SPDX-License-Identifier: Apache-2.0
|
|
4
|
+
import { x25519 } from "@noble/curves/ed25519.js";
|
|
5
|
+
import { ReallyMeCryptoError } from "./errors.js";
|
|
6
|
+
/**
|
|
7
|
+
* X25519 key agreement backed by @noble/curves — the same pinned
|
|
8
|
+
* implementation the TypeScript conformance lane proves vectors against.
|
|
9
|
+
*
|
|
10
|
+
* The package returns the raw 32-byte Diffie-Hellman output. Higher-level
|
|
11
|
+
* protocols must bind it through their own KDF transcript; this primitive does
|
|
12
|
+
* not apply HKDF implicitly because HPKE, MLS, and ratchets label transcripts
|
|
13
|
+
* differently.
|
|
14
|
+
*/
|
|
15
|
+
export const X25519_SECRET_KEY_LENGTH = 32;
|
|
16
|
+
export const X25519_PUBLIC_KEY_LENGTH = 32;
|
|
17
|
+
export const X25519_SHARED_SECRET_LENGTH = 32;
|
|
18
|
+
export const ReallyMeX25519 = {
|
|
19
|
+
/** Generates a random X25519 keypair: 32-byte public key, 32-byte secret. */
|
|
20
|
+
generateKeyPair() {
|
|
21
|
+
const secretKey = x25519.utils.randomSecretKey();
|
|
22
|
+
return {
|
|
23
|
+
publicKey: x25519.getPublicKey(secretKey),
|
|
24
|
+
secretKey,
|
|
25
|
+
};
|
|
26
|
+
},
|
|
27
|
+
/** Derives the X25519 keypair from a 32-byte secret. */
|
|
28
|
+
deriveKeyPair(secretKey) {
|
|
29
|
+
return {
|
|
30
|
+
publicKey: this.derivePublicKey(secretKey),
|
|
31
|
+
secretKey: secretKey.slice(),
|
|
32
|
+
};
|
|
33
|
+
},
|
|
34
|
+
/** Derives the 32-byte X25519 public key from a 32-byte secret. */
|
|
35
|
+
derivePublicKey(secretKey) {
|
|
36
|
+
if (secretKey.length !== X25519_SECRET_KEY_LENGTH) {
|
|
37
|
+
throw new ReallyMeCryptoError("invalid-input");
|
|
38
|
+
}
|
|
39
|
+
try {
|
|
40
|
+
return x25519.getPublicKey(secretKey);
|
|
41
|
+
}
|
|
42
|
+
catch {
|
|
43
|
+
throw new ReallyMeCryptoError("invalid-input");
|
|
44
|
+
}
|
|
45
|
+
},
|
|
46
|
+
/** Derives the raw 32-byte X25519 shared secret. */
|
|
47
|
+
deriveSharedSecret(publicKey, secretKey) {
|
|
48
|
+
if (publicKey.length !== X25519_PUBLIC_KEY_LENGTH ||
|
|
49
|
+
secretKey.length !== X25519_SECRET_KEY_LENGTH) {
|
|
50
|
+
throw new ReallyMeCryptoError("invalid-input");
|
|
51
|
+
}
|
|
52
|
+
try {
|
|
53
|
+
const sharedSecret = x25519.getSharedSecret(secretKey, publicKey);
|
|
54
|
+
if (!sharedSecret.some((byte) => byte !== 0)) {
|
|
55
|
+
throw new ReallyMeCryptoError("invalid-input");
|
|
56
|
+
}
|
|
57
|
+
return sharedSecret;
|
|
58
|
+
}
|
|
59
|
+
catch (error) {
|
|
60
|
+
if (error instanceof ReallyMeCryptoError) {
|
|
61
|
+
throw error;
|
|
62
|
+
}
|
|
63
|
+
throw new ReallyMeCryptoError("invalid-input");
|
|
64
|
+
}
|
|
65
|
+
},
|
|
66
|
+
};
|
package/dist/xWing.d.ts
ADDED
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
import type { ReallyMeKemAlgorithm } from "./algorithms.js";
|
|
2
|
+
export declare const X_WING_SECRET_KEY_LENGTH = 32;
|
|
3
|
+
export declare const X_WING_ENCAPSULATION_SEED_LENGTH = 64;
|
|
4
|
+
export declare const X_WING_SHARED_SECRET_LENGTH = 32;
|
|
5
|
+
export declare const X_WING_768_PUBLIC_KEY_LENGTH = 1216;
|
|
6
|
+
export declare const X_WING_768_CIPHERTEXT_LENGTH = 1120;
|
|
7
|
+
export declare const X_WING_1024_PUBLIC_KEY_LENGTH = 1600;
|
|
8
|
+
export declare const X_WING_1024_CIPHERTEXT_LENGTH = 1600;
|
|
9
|
+
export type ReallyMeXWingKeyPair = Readonly<{
|
|
10
|
+
publicKey: Uint8Array;
|
|
11
|
+
secretKey: Uint8Array;
|
|
12
|
+
}>;
|
|
13
|
+
export type ReallyMeXWingEncapsulation = Readonly<{
|
|
14
|
+
sharedSecret: Uint8Array;
|
|
15
|
+
ciphertext: Uint8Array;
|
|
16
|
+
}>;
|
|
17
|
+
export declare const ReallyMeXWing: {
|
|
18
|
+
readonly generateKeyPair: (algorithm: ReallyMeKemAlgorithm) => ReallyMeXWingKeyPair;
|
|
19
|
+
readonly deriveKeyPair: (algorithm: ReallyMeKemAlgorithm, secretKey: Uint8Array) => ReallyMeXWingKeyPair;
|
|
20
|
+
readonly encapsulate: (algorithm: ReallyMeKemAlgorithm, publicKey: Uint8Array) => ReallyMeXWingEncapsulation;
|
|
21
|
+
readonly decapsulate: (algorithm: ReallyMeKemAlgorithm, ciphertext: Uint8Array, secretKey: Uint8Array) => Uint8Array;
|
|
22
|
+
};
|
|
23
|
+
export declare const encapsulateXWingDeterministicallyForTest: (algorithm: ReallyMeKemAlgorithm, publicKey: Uint8Array, seed: Uint8Array) => ReallyMeXWingEncapsulation;
|
package/dist/xWing.js
ADDED
|
@@ -0,0 +1,86 @@
|
|
|
1
|
+
// SPDX-FileCopyrightText: Copyright © 2026 ReallyMe LLC. All rights reserved
|
|
2
|
+
//
|
|
3
|
+
// SPDX-License-Identifier: Apache-2.0
|
|
4
|
+
import { ReallyMeCryptoError } from "./errors.js";
|
|
5
|
+
import { ensureBytes, readByteArrayProperty } from "./validateBytes.js";
|
|
6
|
+
import { requireReallyMeWasmProvider } from "./wasmProvider.js";
|
|
7
|
+
export const X_WING_SECRET_KEY_LENGTH = 32;
|
|
8
|
+
export const X_WING_ENCAPSULATION_SEED_LENGTH = 64;
|
|
9
|
+
export const X_WING_SHARED_SECRET_LENGTH = 32;
|
|
10
|
+
export const X_WING_768_PUBLIC_KEY_LENGTH = 1_216;
|
|
11
|
+
export const X_WING_768_CIPHERTEXT_LENGTH = 1_120;
|
|
12
|
+
export const X_WING_1024_PUBLIC_KEY_LENGTH = 1_600;
|
|
13
|
+
export const X_WING_1024_CIPHERTEXT_LENGTH = 1_600;
|
|
14
|
+
const xWingSuite = (algorithm) => {
|
|
15
|
+
switch (algorithm) {
|
|
16
|
+
case "ML-KEM-512":
|
|
17
|
+
case "ML-KEM-768":
|
|
18
|
+
case "ML-KEM-1024":
|
|
19
|
+
throw new ReallyMeCryptoError("unsupported-algorithm");
|
|
20
|
+
case "X-Wing-768": {
|
|
21
|
+
const provider = requireReallyMeWasmProvider();
|
|
22
|
+
return {
|
|
23
|
+
publicKeyLength: X_WING_768_PUBLIC_KEY_LENGTH,
|
|
24
|
+
ciphertextLength: X_WING_768_CIPHERTEXT_LENGTH,
|
|
25
|
+
generateKeypair: provider.xWing768GenerateKeypair,
|
|
26
|
+
deriveKeypair: provider.xWing768DeriveKeypair,
|
|
27
|
+
encapsulate: provider.xWing768Encapsulate,
|
|
28
|
+
encapsulateDerand: provider.xWing768EncapsulateDerand,
|
|
29
|
+
decapsulate: provider.xWing768Decapsulate,
|
|
30
|
+
};
|
|
31
|
+
}
|
|
32
|
+
case "X-Wing-1024": {
|
|
33
|
+
const provider = requireReallyMeWasmProvider();
|
|
34
|
+
return {
|
|
35
|
+
publicKeyLength: X_WING_1024_PUBLIC_KEY_LENGTH,
|
|
36
|
+
ciphertextLength: X_WING_1024_CIPHERTEXT_LENGTH,
|
|
37
|
+
generateKeypair: provider.xWing1024GenerateKeypair,
|
|
38
|
+
deriveKeypair: provider.xWing1024DeriveKeypair,
|
|
39
|
+
encapsulate: provider.xWing1024Encapsulate,
|
|
40
|
+
encapsulateDerand: provider.xWing1024EncapsulateDerand,
|
|
41
|
+
decapsulate: provider.xWing1024Decapsulate,
|
|
42
|
+
};
|
|
43
|
+
}
|
|
44
|
+
}
|
|
45
|
+
};
|
|
46
|
+
const readKeyPair = (value, suite) => ({
|
|
47
|
+
publicKey: readByteArrayProperty(value, "publicKey", suite.publicKeyLength),
|
|
48
|
+
secretKey: readByteArrayProperty(value, "secretKey", X_WING_SECRET_KEY_LENGTH),
|
|
49
|
+
});
|
|
50
|
+
const readEncapsulation = (value, suite) => ({
|
|
51
|
+
ciphertext: readByteArrayProperty(value, "ciphertext", suite.ciphertextLength),
|
|
52
|
+
sharedSecret: readByteArrayProperty(value, "sharedSecret", X_WING_SHARED_SECRET_LENGTH),
|
|
53
|
+
});
|
|
54
|
+
export const ReallyMeXWing = {
|
|
55
|
+
generateKeyPair(algorithm) {
|
|
56
|
+
const suite = xWingSuite(algorithm);
|
|
57
|
+
return readKeyPair(suite.generateKeypair(), suite);
|
|
58
|
+
},
|
|
59
|
+
deriveKeyPair(algorithm, secretKey) {
|
|
60
|
+
ensureBytes(secretKey, X_WING_SECRET_KEY_LENGTH);
|
|
61
|
+
const suite = xWingSuite(algorithm);
|
|
62
|
+
return readKeyPair(suite.deriveKeypair(secretKey), suite);
|
|
63
|
+
},
|
|
64
|
+
encapsulate(algorithm, publicKey) {
|
|
65
|
+
const suite = xWingSuite(algorithm);
|
|
66
|
+
ensureBytes(publicKey, suite.publicKeyLength);
|
|
67
|
+
return readEncapsulation(suite.encapsulate(publicKey), suite);
|
|
68
|
+
},
|
|
69
|
+
decapsulate(algorithm, ciphertext, secretKey) {
|
|
70
|
+
const suite = xWingSuite(algorithm);
|
|
71
|
+
ensureBytes(ciphertext, suite.ciphertextLength);
|
|
72
|
+
ensureBytes(secretKey, X_WING_SECRET_KEY_LENGTH);
|
|
73
|
+
const sharedSecret = suite.decapsulate(ciphertext, secretKey);
|
|
74
|
+
if (!(sharedSecret instanceof Uint8Array)) {
|
|
75
|
+
throw new ReallyMeCryptoError("provider-failure");
|
|
76
|
+
}
|
|
77
|
+
ensureBytes(sharedSecret, X_WING_SHARED_SECRET_LENGTH);
|
|
78
|
+
return sharedSecret;
|
|
79
|
+
},
|
|
80
|
+
};
|
|
81
|
+
export const encapsulateXWingDeterministicallyForTest = (algorithm, publicKey, seed) => {
|
|
82
|
+
const suite = xWingSuite(algorithm);
|
|
83
|
+
ensureBytes(publicKey, suite.publicKeyLength);
|
|
84
|
+
ensureBytes(seed, X_WING_ENCAPSULATION_SEED_LENGTH);
|
|
85
|
+
return readEncapsulation(suite.encapsulateDerand(publicKey, seed), suite);
|
|
86
|
+
};
|
package/package.json
ADDED
|
@@ -0,0 +1,48 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "@reallyme/crypto",
|
|
3
|
+
"version": "0.1.0",
|
|
4
|
+
"description": "ReallyMe crypto SDK for TypeScript/JavaScript with an explicit, pinned provider set.",
|
|
5
|
+
"license": "Apache-2.0",
|
|
6
|
+
"type": "module",
|
|
7
|
+
"main": "./dist/index.js",
|
|
8
|
+
"types": "./dist/index.d.ts",
|
|
9
|
+
"exports": {
|
|
10
|
+
".": {
|
|
11
|
+
"types": "./dist/index.d.ts",
|
|
12
|
+
"default": "./dist/index.js"
|
|
13
|
+
},
|
|
14
|
+
"./proto": {
|
|
15
|
+
"types": "./dist/proto.d.ts",
|
|
16
|
+
"default": "./dist/proto.js"
|
|
17
|
+
},
|
|
18
|
+
"./wasm/reallyme_crypto_wasm.js": {
|
|
19
|
+
"types": "./dist/wasmModuleTypes.d.ts",
|
|
20
|
+
"default": "./dist/wasm/reallyme_crypto_wasm.js"
|
|
21
|
+
},
|
|
22
|
+
"./wasm/reallyme_crypto_wasm_bg.wasm": {
|
|
23
|
+
"default": "./dist/wasm/reallyme_crypto_wasm_bg.wasm"
|
|
24
|
+
}
|
|
25
|
+
},
|
|
26
|
+
"files": [
|
|
27
|
+
"dist",
|
|
28
|
+
"README.md"
|
|
29
|
+
],
|
|
30
|
+
"scripts": {
|
|
31
|
+
"build": "npm run build:wasm && tsc",
|
|
32
|
+
"build:ts": "tsc",
|
|
33
|
+
"build:wasm": "node scripts/build-wasm.mjs",
|
|
34
|
+
"typecheck": "tsc --noEmit",
|
|
35
|
+
"test": "npm run build && node --test \"test/*.test.mjs\""
|
|
36
|
+
},
|
|
37
|
+
"dependencies": {
|
|
38
|
+
"@bufbuild/protobuf": "2.12.1",
|
|
39
|
+
"@noble/curves": "2.2.0",
|
|
40
|
+
"@noble/hashes": "2.2.0"
|
|
41
|
+
},
|
|
42
|
+
"devDependencies": {
|
|
43
|
+
"typescript": "5.8.3"
|
|
44
|
+
},
|
|
45
|
+
"engines": {
|
|
46
|
+
"node": ">=20.19.0"
|
|
47
|
+
}
|
|
48
|
+
}
|