@reallyme/crypto 0.1.4 → 0.1.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/aead.d.ts CHANGED
@@ -1,5 +1,8 @@
1
1
  import type { ReallyMeAeadAlgorithm } from "./algorithms.js";
2
2
  export declare const AEAD_KEY_LENGTH = 32;
3
+ export declare const AES_128_GCM_KEY_LENGTH = 16;
4
+ export declare const AES_192_GCM_KEY_LENGTH = 24;
5
+ export declare const AES_256_GCM_KEY_LENGTH = 32;
3
6
  export declare const AEAD_NONCE_LENGTH = 12;
4
7
  export declare const XCHACHA20_POLY1305_NONCE_LENGTH = 24;
5
8
  export declare const AEAD_TAG_LENGTH = 16;
package/dist/aead.js CHANGED
@@ -5,32 +5,53 @@ import { ReallyMeCryptoError } from "./errors.js";
5
5
  import { ensureBytes } from "./validateBytes.js";
6
6
  import { requireReallyMeWasmProvider } from "./wasmProvider.js";
7
7
  export const AEAD_KEY_LENGTH = 32;
8
+ export const AES_128_GCM_KEY_LENGTH = 16;
9
+ export const AES_192_GCM_KEY_LENGTH = 24;
10
+ export const AES_256_GCM_KEY_LENGTH = 32;
8
11
  export const AEAD_NONCE_LENGTH = 12;
9
12
  export const XCHACHA20_POLY1305_NONCE_LENGTH = 24;
10
13
  export const AEAD_TAG_LENGTH = 16;
11
14
  const aeadSuite = (algorithm) => {
12
15
  const provider = requireReallyMeWasmProvider();
13
16
  switch (algorithm) {
17
+ case "AES-128-GCM":
18
+ return {
19
+ keyLength: AES_128_GCM_KEY_LENGTH,
20
+ nonceLength: AEAD_NONCE_LENGTH,
21
+ seal: provider.aes128GcmSeal,
22
+ open: provider.aes128GcmOpen,
23
+ };
24
+ case "AES-192-GCM":
25
+ return {
26
+ keyLength: AES_192_GCM_KEY_LENGTH,
27
+ nonceLength: AEAD_NONCE_LENGTH,
28
+ seal: provider.aes192GcmSeal,
29
+ open: provider.aes192GcmOpen,
30
+ };
14
31
  case "AES-256-GCM":
15
32
  return {
33
+ keyLength: AES_256_GCM_KEY_LENGTH,
16
34
  nonceLength: AEAD_NONCE_LENGTH,
17
35
  seal: provider.aes256GcmSeal,
18
36
  open: provider.aes256GcmOpen,
19
37
  };
20
38
  case "AES-256-GCM-SIV":
21
39
  return {
40
+ keyLength: AES_256_GCM_KEY_LENGTH,
22
41
  nonceLength: AEAD_NONCE_LENGTH,
23
42
  seal: provider.aes256GcmSivSeal,
24
43
  open: provider.aes256GcmSivOpen,
25
44
  };
26
45
  case "ChaCha20-Poly1305":
27
46
  return {
47
+ keyLength: AES_256_GCM_KEY_LENGTH,
28
48
  nonceLength: AEAD_NONCE_LENGTH,
29
49
  seal: provider.chacha20Poly1305Seal,
30
50
  open: provider.chacha20Poly1305Open,
31
51
  };
32
52
  case "XChaCha20-Poly1305":
33
53
  return {
54
+ keyLength: AES_256_GCM_KEY_LENGTH,
34
55
  nonceLength: XCHACHA20_POLY1305_NONCE_LENGTH,
35
56
  seal: provider.xchacha20Poly1305Seal,
36
57
  open: provider.xchacha20Poly1305Open,
@@ -46,13 +67,13 @@ const requireBytesOutput = (value) => {
46
67
  export const ReallyMeAead = {
47
68
  seal(algorithm, key, nonce, aad, plaintext) {
48
69
  const suite = aeadSuite(algorithm);
49
- ensureBytes(key, AEAD_KEY_LENGTH);
70
+ ensureBytes(key, suite.keyLength);
50
71
  ensureBytes(nonce, suite.nonceLength);
51
72
  return requireBytesOutput(suite.seal(key, nonce, aad, plaintext));
52
73
  },
53
74
  open(algorithm, key, nonce, aad, ciphertextWithTag) {
54
75
  const suite = aeadSuite(algorithm);
55
- ensureBytes(key, AEAD_KEY_LENGTH);
76
+ ensureBytes(key, suite.keyLength);
56
77
  ensureBytes(nonce, suite.nonceLength);
57
78
  if (ciphertextWithTag.length < AEAD_TAG_LENGTH) {
58
79
  throw new ReallyMeCryptoError("invalid-input");
@@ -2,15 +2,15 @@ export declare const REALLYME_SIGNATURE_ALGORITHMS: readonly ["Ed25519", "ECDSA-
2
2
  export type ReallyMeSignatureAlgorithm = (typeof REALLYME_SIGNATURE_ALGORITHMS)[number];
3
3
  export declare const REALLYME_HASH_ALGORITHMS: readonly ["SHA2-256", "SHA2-384", "SHA2-512", "SHA3-224", "SHA3-256", "SHA3-384", "SHA3-512"];
4
4
  export type ReallyMeHashAlgorithm = (typeof REALLYME_HASH_ALGORITHMS)[number];
5
- export declare const REALLYME_AEAD_ALGORITHMS: readonly ["AES-256-GCM", "AES-256-GCM-SIV", "ChaCha20-Poly1305", "XChaCha20-Poly1305"];
5
+ export declare const REALLYME_AEAD_ALGORITHMS: readonly ["AES-128-GCM", "AES-192-GCM", "AES-256-GCM", "AES-256-GCM-SIV", "ChaCha20-Poly1305", "XChaCha20-Poly1305"];
6
6
  export type ReallyMeAeadAlgorithm = (typeof REALLYME_AEAD_ALGORITHMS)[number];
7
7
  export declare const REALLYME_KEM_ALGORITHMS: readonly ["ML-KEM-512", "ML-KEM-768", "ML-KEM-1024", "X-Wing-768", "X-Wing-1024"];
8
8
  export type ReallyMeKemAlgorithm = (typeof REALLYME_KEM_ALGORITHMS)[number];
9
- export declare const REALLYME_KEY_AGREEMENT_ALGORITHMS: readonly ["X25519", "P-256-ECDH"];
9
+ export declare const REALLYME_KEY_AGREEMENT_ALGORITHMS: readonly ["X25519", "P-256-ECDH", "P-384-ECDH", "P-521-ECDH"];
10
10
  export type ReallyMeKeyAgreementAlgorithm = (typeof REALLYME_KEY_AGREEMENT_ALGORITHMS)[number];
11
11
  export declare const REALLYME_MAC_ALGORITHMS: readonly ["HMAC-SHA-256", "HMAC-SHA-512"];
12
12
  export type ReallyMeMacAlgorithm = (typeof REALLYME_MAC_ALGORITHMS)[number];
13
- export declare const REALLYME_KDF_ALGORITHMS: readonly ["HKDF-SHA256", "Argon2id", "PBKDF2-HMAC-SHA-256", "PBKDF2-HMAC-SHA-512"];
13
+ export declare const REALLYME_KDF_ALGORITHMS: readonly ["HKDF-SHA256", "Argon2id", "PBKDF2-HMAC-SHA-256", "PBKDF2-HMAC-SHA-512", "JWA-CONCAT-KDF-SHA256"];
14
14
  export type ReallyMeKdfAlgorithm = (typeof REALLYME_KDF_ALGORITHMS)[number];
15
15
  export declare const REALLYME_KEY_WRAP_ALGORITHMS: readonly ["AES-256-KW"];
16
16
  export type ReallyMeKeyWrapAlgorithm = (typeof REALLYME_KEY_WRAP_ALGORITHMS)[number];
@@ -31,6 +31,8 @@ export const REALLYME_HASH_ALGORITHMS = [
31
31
  "SHA3-512",
32
32
  ];
33
33
  export const REALLYME_AEAD_ALGORITHMS = [
34
+ "AES-128-GCM",
35
+ "AES-192-GCM",
34
36
  "AES-256-GCM",
35
37
  "AES-256-GCM-SIV",
36
38
  "ChaCha20-Poly1305",
@@ -46,6 +48,8 @@ export const REALLYME_KEM_ALGORITHMS = [
46
48
  export const REALLYME_KEY_AGREEMENT_ALGORITHMS = [
47
49
  "X25519",
48
50
  "P-256-ECDH",
51
+ "P-384-ECDH",
52
+ "P-521-ECDH",
49
53
  ];
50
54
  export const REALLYME_MAC_ALGORITHMS = [
51
55
  "HMAC-SHA-256",
@@ -56,6 +60,7 @@ export const REALLYME_KDF_ALGORITHMS = [
56
60
  "Argon2id",
57
61
  "PBKDF2-HMAC-SHA-256",
58
62
  "PBKDF2-HMAC-SHA-512",
63
+ "JWA-CONCAT-KDF-SHA256",
59
64
  ];
60
65
  export const REALLYME_KEY_WRAP_ALGORITHMS = ["AES-256-KW"];
61
66
  export const REALLYME_HPKE_SUITES = [
@@ -33,6 +33,7 @@ export declare const ReallyMeCrypto: {
33
33
  readonly verifyMac: (algorithm: ReallyMeMacAlgorithm, tag: Uint8Array, key: Uint8Array, message: Uint8Array) => boolean;
34
34
  readonly deriveKey: (algorithm: ReallyMeKdfAlgorithm, password: Uint8Array, salt: Uint8Array, iterations: number, outputLength: number) => Uint8Array;
35
35
  readonly deriveHkdf: (algorithm: ReallyMeKdfAlgorithm, inputKeyMaterial: Uint8Array, salt: Uint8Array, info: Uint8Array, outputLength: number) => Uint8Array;
36
+ readonly deriveJwaConcatKdfSha256: (algorithm: ReallyMeKdfAlgorithm, sharedSecret: Uint8Array, algorithmId: Uint8Array, partyUInfo: Uint8Array, partyVInfo: Uint8Array, outputLength: number) => Uint8Array;
36
37
  readonly wrapKey: (algorithm: ReallyMeKeyWrapAlgorithm, wrappingKey: Uint8Array, keyToWrap: Uint8Array) => Uint8Array;
37
38
  readonly unwrapKey: (algorithm: ReallyMeKeyWrapAlgorithm, wrappingKey: Uint8Array, wrappedKey: Uint8Array) => Uint8Array;
38
39
  readonly generateKeyPair: (algorithm: ReallyMeSignatureAlgorithm) => ReallyMeSignatureKeyPair;
@@ -11,12 +11,15 @@ import { ReallyMeCryptoError } from "./errors.js";
11
11
  import { ReallyMeHkdf } from "./hkdf.js";
12
12
  import { ReallyMeHmac } from "./hmac.js";
13
13
  import { ReallyMeHpke } from "./hpke.js";
14
+ import { ReallyMeJwaConcatKdf } from "./jwaConcatKdf.js";
14
15
  import { ReallyMeMlDsa } from "./mlDsa.js";
15
16
  import { ReallyMeMlKem } from "./mlKem.js";
16
17
  import { ReallyMeP256Ecdsa } from "./p256Ecdsa.js";
17
18
  import { ReallyMeP256Ecdh } from "./p256Ecdh.js";
18
19
  import { ReallyMeP384Ecdsa } from "./p384Ecdsa.js";
20
+ import { ReallyMeP384Ecdh } from "./p384Ecdh.js";
19
21
  import { ReallyMeP521Ecdsa } from "./p521Ecdsa.js";
22
+ import { ReallyMeP521Ecdh } from "./p521Ecdh.js";
20
23
  import { ReallyMePbkdf2 } from "./pbkdf2.js";
21
24
  import { ReallyMeRsa } from "./rsa.js";
22
25
  import { ReallyMeSecp256k1 } from "./secp256k1.js";
@@ -57,6 +60,8 @@ export const ReallyMeCrypto = {
57
60
  },
58
61
  seal(algorithm, key, nonce, aad, plaintext) {
59
62
  switch (algorithm) {
63
+ case "AES-128-GCM":
64
+ case "AES-192-GCM":
60
65
  case "AES-256-GCM":
61
66
  case "AES-256-GCM-SIV":
62
67
  case "ChaCha20-Poly1305":
@@ -68,6 +73,8 @@ export const ReallyMeCrypto = {
68
73
  },
69
74
  open(algorithm, key, nonce, aad, ciphertextWithTag) {
70
75
  switch (algorithm) {
76
+ case "AES-128-GCM":
77
+ case "AES-192-GCM":
71
78
  case "AES-256-GCM":
72
79
  case "AES-256-GCM-SIV":
73
80
  case "ChaCha20-Poly1305":
@@ -117,6 +124,20 @@ export const ReallyMeCrypto = {
117
124
  return ReallyMeHkdf.deriveSha256(inputKeyMaterial, salt, info, outputLength);
118
125
  case "Argon2id":
119
126
  case "PBKDF2-HMAC-SHA-256":
127
+ case "PBKDF2-HMAC-SHA-512":
128
+ case "JWA-CONCAT-KDF-SHA256":
129
+ throw new ReallyMeCryptoError("unsupported-algorithm");
130
+ default:
131
+ throw new ReallyMeCryptoError("unsupported-algorithm");
132
+ }
133
+ },
134
+ deriveJwaConcatKdfSha256(algorithm, sharedSecret, algorithmId, partyUInfo, partyVInfo, outputLength) {
135
+ switch (algorithm) {
136
+ case "JWA-CONCAT-KDF-SHA256":
137
+ return ReallyMeJwaConcatKdf.deriveSha256(sharedSecret, algorithmId, partyUInfo, partyVInfo, outputLength);
138
+ case "Argon2id":
139
+ case "HKDF-SHA256":
140
+ case "PBKDF2-HMAC-SHA-256":
120
141
  case "PBKDF2-HMAC-SHA-512":
121
142
  throw new ReallyMeCryptoError("unsupported-algorithm");
122
143
  default:
@@ -262,6 +283,10 @@ export const ReallyMeCrypto = {
262
283
  return ReallyMeX25519.deriveSharedSecret(publicKey, secretKey);
263
284
  case "P-256-ECDH":
264
285
  return ReallyMeP256Ecdh.deriveSharedSecret(publicKey, secretKey);
286
+ case "P-384-ECDH":
287
+ return ReallyMeP384Ecdh.deriveSharedSecret(publicKey, secretKey);
288
+ case "P-521-ECDH":
289
+ return ReallyMeP521Ecdh.deriveSharedSecret(publicKey, secretKey);
265
290
  default:
266
291
  throw new ReallyMeCryptoError("unsupported-algorithm");
267
292
  }
@@ -272,6 +297,10 @@ export const ReallyMeCrypto = {
272
297
  return ReallyMeX25519.deriveKeyPair(secretKey);
273
298
  case "P-256-ECDH":
274
299
  return ReallyMeP256Ecdh.deriveKeyPair(secretKey);
300
+ case "P-384-ECDH":
301
+ return ReallyMeP384Ecdh.deriveKeyPair(secretKey);
302
+ case "P-521-ECDH":
303
+ return ReallyMeP521Ecdh.deriveKeyPair(secretKey);
275
304
  default:
276
305
  throw new ReallyMeCryptoError("unsupported-algorithm");
277
306
  }
package/dist/index.d.ts CHANGED
@@ -2,7 +2,7 @@ export { ReallyMeCryptoError } from "./errors.js";
2
2
  export type { ReallyMeCryptoErrorCode } from "./errors.js";
3
3
  export { REALLYME_AEAD_ALGORITHMS, REALLYME_HASH_ALGORITHMS, REALLYME_HPKE_SUITES, REALLYME_KDF_ALGORITHMS, REALLYME_KEM_ALGORITHMS, REALLYME_KEY_AGREEMENT_ALGORITHMS, REALLYME_KEY_WRAP_ALGORITHMS, REALLYME_MAC_ALGORITHMS, REALLYME_SIGNATURE_ALGORITHMS, } from "./algorithms.js";
4
4
  export type { ReallyMeAeadAlgorithm, ReallyMeHashAlgorithm, ReallyMeHpkeSuite, ReallyMeKdfAlgorithm, ReallyMeKemAlgorithm, ReallyMeKeyAgreementAlgorithm, ReallyMeKeyWrapAlgorithm, ReallyMeMacAlgorithm, ReallyMeSignatureAlgorithm, } from "./algorithms.js";
5
- export { AEAD_KEY_LENGTH, AEAD_NONCE_LENGTH, AEAD_TAG_LENGTH, ReallyMeAead, XCHACHA20_POLY1305_NONCE_LENGTH, } from "./aead.js";
5
+ export { AEAD_KEY_LENGTH, AEAD_NONCE_LENGTH, AEAD_TAG_LENGTH, AES_128_GCM_KEY_LENGTH, AES_192_GCM_KEY_LENGTH, AES_256_GCM_KEY_LENGTH, ReallyMeAead, XCHACHA20_POLY1305_NONCE_LENGTH, } from "./aead.js";
6
6
  export { AES_256_KW_KEK_LENGTH, AES_KW_BLOCK_LENGTH, AES_KW_INTEGRITY_CHECK_LENGTH, AES_KW_MAX_KEY_DATA_LENGTH, AES_KW_MIN_KEY_DATA_LENGTH, AES_KW_MIN_WRAPPED_KEY_LENGTH, ReallyMeAesKw, } from "./aesKw.js";
7
7
  export { ARGON2ID_DERIVED_KEY_LENGTH, ARGON2ID_SALT_MAX_LENGTH, ARGON2ID_SALT_MIN_LENGTH, ARGON2ID_V1, ARGON2ID_V2, ReallyMeArgon2id, } from "./argon2id.js";
8
8
  export { BIP340_SCHNORR_AUX_RAND_LENGTH, BIP340_SCHNORR_MESSAGE_LENGTH, BIP340_SCHNORR_PUBLIC_KEY_LENGTH, BIP340_SCHNORR_SECRET_KEY_LENGTH, BIP340_SCHNORR_SIGNATURE_LENGTH, ReallyMeBip340Schnorr, } from "./bip340Schnorr.js";
@@ -25,10 +25,13 @@ export type { ReallyMeHpkeSealedMessage, ReallyMeKeyAgreementKeyPair, ReallyMeKe
25
25
  export { ReallyMeDigest } from "./digest.js";
26
26
  export { ED25519_PUBLIC_KEY_LENGTH, ED25519_SECRET_KEY_LENGTH, ED25519_SIGNATURE_LENGTH, ReallyMeEd25519, } from "./ed25519.js";
27
27
  export { HKDF_MAX_INPUT_LENGTH, HKDF_MAX_OUTPUT_LENGTH, HKDF_MIN_INPUT_KEY_MATERIAL_LENGTH, HKDF_MIN_OUTPUT_LENGTH, ReallyMeHkdf, } from "./hkdf.js";
28
+ export { JWA_CONCAT_KDF_MAX_INFO_LENGTH, JWA_CONCAT_KDF_MAX_OUTPUT_LENGTH, JWA_CONCAT_KDF_MAX_SHARED_SECRET_LENGTH, JWA_CONCAT_KDF_MIN_OUTPUT_LENGTH, JWA_CONCAT_KDF_SHA256_DIGEST_LENGTH, ReallyMeJwaConcatKdf, } from "./jwaConcatKdf.js";
28
29
  export { HMAC_MAX_KEY_LENGTH, HMAC_SHA256_TAG_LENGTH, HMAC_SHA512_TAG_LENGTH, ReallyMeHmac, } from "./hmac.js";
29
30
  export { P256_ECDH_COMPRESSED_PUBLIC_KEY_LENGTH, P256_ECDH_SECRET_KEY_LENGTH, P256_ECDH_SHARED_SECRET_LENGTH, ReallyMeP256Ecdh, } from "./p256Ecdh.js";
30
31
  export { P256_ECDSA_COMPACT_SIGNATURE_LENGTH, P256_ECDSA_COMPRESSED_PUBLIC_KEY_LENGTH, P256_ECDSA_DER_SIGNATURE_MAX_LENGTH, P256_ECDSA_SECRET_KEY_LENGTH, ReallyMeP256Ecdsa, } from "./p256Ecdsa.js";
32
+ export { P384_ECDH_COMPRESSED_PUBLIC_KEY_LENGTH, P384_ECDH_SECRET_KEY_LENGTH, P384_ECDH_SHARED_SECRET_LENGTH, ReallyMeP384Ecdh, } from "./p384Ecdh.js";
31
33
  export { P384_ECDSA_COMPACT_SIGNATURE_LENGTH, P384_ECDSA_COMPRESSED_PUBLIC_KEY_LENGTH, P384_ECDSA_DER_SIGNATURE_MAX_LENGTH, P384_ECDSA_SECRET_KEY_LENGTH, ReallyMeP384Ecdsa, } from "./p384Ecdsa.js";
34
+ export { P521_ECDH_COMPRESSED_PUBLIC_KEY_LENGTH, P521_ECDH_SECRET_KEY_LENGTH, P521_ECDH_SHARED_SECRET_LENGTH, ReallyMeP521Ecdh, } from "./p521Ecdh.js";
32
35
  export { P521_ECDSA_COMPACT_SIGNATURE_LENGTH, P521_ECDSA_COMPRESSED_PUBLIC_KEY_LENGTH, P521_ECDSA_DER_SIGNATURE_MAX_LENGTH, P521_ECDSA_SECRET_KEY_LENGTH, ReallyMeP521Ecdsa, } from "./p521Ecdsa.js";
33
36
  export { PBKDF2_MAX_INPUT_LENGTH, PBKDF2_MAX_OUTPUT_LENGTH, PBKDF2_MIN_INPUT_LENGTH, PBKDF2_MIN_ITERATIONS, PBKDF2_MIN_OUTPUT_LENGTH, PBKDF2_RECOMMENDED_MIN_ITERATIONS_SHA256, PBKDF2_RECOMMENDED_MIN_ITERATIONS_SHA512, ReallyMePbkdf2, } from "./pbkdf2.js";
34
37
  export { ReallyMeSecp256k1, SECP256K1_COMPRESSED_PUBLIC_KEY_LENGTH, SECP256K1_SECRET_KEY_LENGTH, SECP256K1_SIGNATURE_LENGTH, } from "./secp256k1.js";
package/dist/index.js CHANGED
@@ -3,7 +3,7 @@
3
3
  // SPDX-License-Identifier: Apache-2.0
4
4
  export { ReallyMeCryptoError } from "./errors.js";
5
5
  export { REALLYME_AEAD_ALGORITHMS, REALLYME_HASH_ALGORITHMS, REALLYME_HPKE_SUITES, REALLYME_KDF_ALGORITHMS, REALLYME_KEM_ALGORITHMS, REALLYME_KEY_AGREEMENT_ALGORITHMS, REALLYME_KEY_WRAP_ALGORITHMS, REALLYME_MAC_ALGORITHMS, REALLYME_SIGNATURE_ALGORITHMS, } from "./algorithms.js";
6
- export { AEAD_KEY_LENGTH, AEAD_NONCE_LENGTH, AEAD_TAG_LENGTH, ReallyMeAead, XCHACHA20_POLY1305_NONCE_LENGTH, } from "./aead.js";
6
+ export { AEAD_KEY_LENGTH, AEAD_NONCE_LENGTH, AEAD_TAG_LENGTH, AES_128_GCM_KEY_LENGTH, AES_192_GCM_KEY_LENGTH, AES_256_GCM_KEY_LENGTH, ReallyMeAead, XCHACHA20_POLY1305_NONCE_LENGTH, } from "./aead.js";
7
7
  export { AES_256_KW_KEK_LENGTH, AES_KW_BLOCK_LENGTH, AES_KW_INTEGRITY_CHECK_LENGTH, AES_KW_MAX_KEY_DATA_LENGTH, AES_KW_MIN_KEY_DATA_LENGTH, AES_KW_MIN_WRAPPED_KEY_LENGTH, ReallyMeAesKw, } from "./aesKw.js";
8
8
  export { ARGON2ID_DERIVED_KEY_LENGTH, ARGON2ID_SALT_MAX_LENGTH, ARGON2ID_SALT_MIN_LENGTH, ARGON2ID_V1, ARGON2ID_V2, ReallyMeArgon2id, } from "./argon2id.js";
9
9
  export { BIP340_SCHNORR_AUX_RAND_LENGTH, BIP340_SCHNORR_MESSAGE_LENGTH, BIP340_SCHNORR_PUBLIC_KEY_LENGTH, BIP340_SCHNORR_SECRET_KEY_LENGTH, BIP340_SCHNORR_SIGNATURE_LENGTH, ReallyMeBip340Schnorr, } from "./bip340Schnorr.js";
@@ -18,10 +18,13 @@ export { ReallyMeCrypto } from "./cryptoFacade.js";
18
18
  export { ReallyMeDigest } from "./digest.js";
19
19
  export { ED25519_PUBLIC_KEY_LENGTH, ED25519_SECRET_KEY_LENGTH, ED25519_SIGNATURE_LENGTH, ReallyMeEd25519, } from "./ed25519.js";
20
20
  export { HKDF_MAX_INPUT_LENGTH, HKDF_MAX_OUTPUT_LENGTH, HKDF_MIN_INPUT_KEY_MATERIAL_LENGTH, HKDF_MIN_OUTPUT_LENGTH, ReallyMeHkdf, } from "./hkdf.js";
21
+ export { JWA_CONCAT_KDF_MAX_INFO_LENGTH, JWA_CONCAT_KDF_MAX_OUTPUT_LENGTH, JWA_CONCAT_KDF_MAX_SHARED_SECRET_LENGTH, JWA_CONCAT_KDF_MIN_OUTPUT_LENGTH, JWA_CONCAT_KDF_SHA256_DIGEST_LENGTH, ReallyMeJwaConcatKdf, } from "./jwaConcatKdf.js";
21
22
  export { HMAC_MAX_KEY_LENGTH, HMAC_SHA256_TAG_LENGTH, HMAC_SHA512_TAG_LENGTH, ReallyMeHmac, } from "./hmac.js";
22
23
  export { P256_ECDH_COMPRESSED_PUBLIC_KEY_LENGTH, P256_ECDH_SECRET_KEY_LENGTH, P256_ECDH_SHARED_SECRET_LENGTH, ReallyMeP256Ecdh, } from "./p256Ecdh.js";
23
24
  export { P256_ECDSA_COMPACT_SIGNATURE_LENGTH, P256_ECDSA_COMPRESSED_PUBLIC_KEY_LENGTH, P256_ECDSA_DER_SIGNATURE_MAX_LENGTH, P256_ECDSA_SECRET_KEY_LENGTH, ReallyMeP256Ecdsa, } from "./p256Ecdsa.js";
25
+ export { P384_ECDH_COMPRESSED_PUBLIC_KEY_LENGTH, P384_ECDH_SECRET_KEY_LENGTH, P384_ECDH_SHARED_SECRET_LENGTH, ReallyMeP384Ecdh, } from "./p384Ecdh.js";
24
26
  export { P384_ECDSA_COMPACT_SIGNATURE_LENGTH, P384_ECDSA_COMPRESSED_PUBLIC_KEY_LENGTH, P384_ECDSA_DER_SIGNATURE_MAX_LENGTH, P384_ECDSA_SECRET_KEY_LENGTH, ReallyMeP384Ecdsa, } from "./p384Ecdsa.js";
27
+ export { P521_ECDH_COMPRESSED_PUBLIC_KEY_LENGTH, P521_ECDH_SECRET_KEY_LENGTH, P521_ECDH_SHARED_SECRET_LENGTH, ReallyMeP521Ecdh, } from "./p521Ecdh.js";
25
28
  export { P521_ECDSA_COMPACT_SIGNATURE_LENGTH, P521_ECDSA_COMPRESSED_PUBLIC_KEY_LENGTH, P521_ECDSA_DER_SIGNATURE_MAX_LENGTH, P521_ECDSA_SECRET_KEY_LENGTH, ReallyMeP521Ecdsa, } from "./p521Ecdsa.js";
26
29
  export { PBKDF2_MAX_INPUT_LENGTH, PBKDF2_MAX_OUTPUT_LENGTH, PBKDF2_MIN_INPUT_LENGTH, PBKDF2_MIN_ITERATIONS, PBKDF2_MIN_OUTPUT_LENGTH, PBKDF2_RECOMMENDED_MIN_ITERATIONS_SHA256, PBKDF2_RECOMMENDED_MIN_ITERATIONS_SHA512, ReallyMePbkdf2, } from "./pbkdf2.js";
27
30
  export { ReallyMeSecp256k1, SECP256K1_COMPRESSED_PUBLIC_KEY_LENGTH, SECP256K1_SECRET_KEY_LENGTH, SECP256K1_SIGNATURE_LENGTH, } from "./secp256k1.js";
@@ -0,0 +1,8 @@
1
+ export declare const JWA_CONCAT_KDF_SHA256_DIGEST_LENGTH = 32;
2
+ export declare const JWA_CONCAT_KDF_MAX_SHARED_SECRET_LENGTH = 4096;
3
+ export declare const JWA_CONCAT_KDF_MAX_INFO_LENGTH = 4096;
4
+ export declare const JWA_CONCAT_KDF_MIN_OUTPUT_LENGTH = 1;
5
+ export declare const JWA_CONCAT_KDF_MAX_OUTPUT_LENGTH = 4096;
6
+ export declare const ReallyMeJwaConcatKdf: {
7
+ deriveSha256(sharedSecret: Uint8Array, algorithmId: Uint8Array, partyUInfo: Uint8Array, partyVInfo: Uint8Array, outputLength: number): Uint8Array;
8
+ };
@@ -0,0 +1,72 @@
1
+ // SPDX-FileCopyrightText: Copyright © 2026 ReallyMe LLC. All rights reserved
2
+ //
3
+ // SPDX-License-Identifier: Apache-2.0
4
+ import { sha256 } from "@noble/hashes/sha2.js";
5
+ import { ReallyMeCryptoError } from "./errors.js";
6
+ export const JWA_CONCAT_KDF_SHA256_DIGEST_LENGTH = 32;
7
+ export const JWA_CONCAT_KDF_MAX_SHARED_SECRET_LENGTH = 4096;
8
+ export const JWA_CONCAT_KDF_MAX_INFO_LENGTH = 4096;
9
+ export const JWA_CONCAT_KDF_MIN_OUTPUT_LENGTH = 1;
10
+ export const JWA_CONCAT_KDF_MAX_OUTPUT_LENGTH = 4096;
11
+ export const ReallyMeJwaConcatKdf = {
12
+ deriveSha256(sharedSecret, algorithmId, partyUInfo, partyVInfo, outputLength) {
13
+ validate(sharedSecret, algorithmId, partyUInfo, partyVInfo, outputLength);
14
+ const outputBits = outputLength * 8;
15
+ const otherInfo = buildOtherInfo(algorithmId, partyUInfo, partyVInfo, outputBits);
16
+ const reps = Math.ceil(outputLength / JWA_CONCAT_KDF_SHA256_DIGEST_LENGTH);
17
+ const derived = new Uint8Array(reps * JWA_CONCAT_KDF_SHA256_DIGEST_LENGTH);
18
+ for (let counter = 1; counter <= reps; counter += 1) {
19
+ const counterBytes = uint32be(counter);
20
+ const digest = sha256(concatBytes(counterBytes, sharedSecret, otherInfo));
21
+ derived.set(digest, (counter - 1) * JWA_CONCAT_KDF_SHA256_DIGEST_LENGTH);
22
+ counterBytes.fill(0);
23
+ }
24
+ const output = derived.slice(0, outputLength);
25
+ derived.fill(0);
26
+ otherInfo.fill(0);
27
+ return output;
28
+ },
29
+ };
30
+ function validate(sharedSecret, algorithmId, partyUInfo, partyVInfo, outputLength) {
31
+ if (sharedSecret.length === 0 ||
32
+ sharedSecret.length > JWA_CONCAT_KDF_MAX_SHARED_SECRET_LENGTH ||
33
+ algorithmId.length === 0 ||
34
+ algorithmId.length > JWA_CONCAT_KDF_MAX_INFO_LENGTH ||
35
+ partyUInfo.length > JWA_CONCAT_KDF_MAX_INFO_LENGTH ||
36
+ partyVInfo.length > JWA_CONCAT_KDF_MAX_INFO_LENGTH ||
37
+ !Number.isInteger(outputLength) ||
38
+ outputLength < JWA_CONCAT_KDF_MIN_OUTPUT_LENGTH ||
39
+ outputLength > JWA_CONCAT_KDF_MAX_OUTPUT_LENGTH) {
40
+ throw new ReallyMeCryptoError("invalid-input");
41
+ }
42
+ }
43
+ function buildOtherInfo(algorithmId, partyUInfo, partyVInfo, outputBits) {
44
+ return concatBytes(lengthPrefixed(algorithmId), lengthPrefixed(partyUInfo), lengthPrefixed(partyVInfo), uint32be(outputBits));
45
+ }
46
+ function lengthPrefixed(bytes) {
47
+ return concatBytes(uint32be(bytes.length), bytes);
48
+ }
49
+ function uint32be(value) {
50
+ if (!Number.isInteger(value) || value < 0 || value > 0xffffffff) {
51
+ throw new ReallyMeCryptoError("invalid-input");
52
+ }
53
+ const output = new Uint8Array(4);
54
+ output[0] = Math.floor(value / 0x1000000);
55
+ output[1] = Math.floor(value / 0x10000) & 0xff;
56
+ output[2] = Math.floor(value / 0x100) & 0xff;
57
+ output[3] = value & 0xff;
58
+ return output;
59
+ }
60
+ function concatBytes(...parts) {
61
+ let length = 0;
62
+ for (const part of parts) {
63
+ length += part.length;
64
+ }
65
+ const output = new Uint8Array(length);
66
+ let offset = 0;
67
+ for (const part of parts) {
68
+ output.set(part, offset);
69
+ offset += part.length;
70
+ }
71
+ return output;
72
+ }
@@ -0,0 +1,22 @@
1
+ /**
2
+ * P-384 ECDH backed by @noble/curves.
3
+ *
4
+ * Public keys at the SDK boundary are compressed SEC1. The primitive returns
5
+ * the raw 48-byte ECDH x-coordinate; protocols must apply a labelled KDF that
6
+ * binds algorithm and party context before using it as key material.
7
+ */
8
+ export declare const P384_ECDH_SECRET_KEY_LENGTH = 48;
9
+ export declare const P384_ECDH_COMPRESSED_PUBLIC_KEY_LENGTH = 49;
10
+ export declare const P384_ECDH_SHARED_SECRET_LENGTH = 48;
11
+ export declare const ReallyMeP384Ecdh: {
12
+ readonly generateKeyPair: () => {
13
+ publicKey: Uint8Array;
14
+ secretKey: Uint8Array;
15
+ };
16
+ readonly deriveKeyPair: (secretKey: Uint8Array) => {
17
+ publicKey: Uint8Array;
18
+ secretKey: Uint8Array;
19
+ };
20
+ readonly derivePublicKey: (secretKey: Uint8Array) => Uint8Array;
21
+ readonly deriveSharedSecret: (publicKey: Uint8Array, secretKey: Uint8Array) => Uint8Array;
22
+ };
@@ -0,0 +1,53 @@
1
+ // SPDX-FileCopyrightText: Copyright © 2026 ReallyMe LLC. All rights reserved
2
+ //
3
+ // SPDX-License-Identifier: Apache-2.0
4
+ import { p384 } from "@noble/curves/nist.js";
5
+ import { ReallyMeCryptoError } from "./errors.js";
6
+ /**
7
+ * P-384 ECDH backed by @noble/curves.
8
+ *
9
+ * Public keys at the SDK boundary are compressed SEC1. The primitive returns
10
+ * the raw 48-byte ECDH x-coordinate; protocols must apply a labelled KDF that
11
+ * binds algorithm and party context before using it as key material.
12
+ */
13
+ export const P384_ECDH_SECRET_KEY_LENGTH = 48;
14
+ export const P384_ECDH_COMPRESSED_PUBLIC_KEY_LENGTH = 49;
15
+ export const P384_ECDH_SHARED_SECRET_LENGTH = 48;
16
+ export const ReallyMeP384Ecdh = {
17
+ generateKeyPair() {
18
+ const secretKey = p384.utils.randomSecretKey();
19
+ return {
20
+ publicKey: p384.getPublicKey(secretKey, true),
21
+ secretKey,
22
+ };
23
+ },
24
+ deriveKeyPair(secretKey) {
25
+ return {
26
+ publicKey: this.derivePublicKey(secretKey),
27
+ secretKey: secretKey.slice(),
28
+ };
29
+ },
30
+ derivePublicKey(secretKey) {
31
+ if (secretKey.length !== P384_ECDH_SECRET_KEY_LENGTH) {
32
+ throw new ReallyMeCryptoError("invalid-input");
33
+ }
34
+ try {
35
+ return p384.getPublicKey(secretKey, true);
36
+ }
37
+ catch {
38
+ throw new ReallyMeCryptoError("invalid-input");
39
+ }
40
+ },
41
+ deriveSharedSecret(publicKey, secretKey) {
42
+ if (publicKey.length !== P384_ECDH_COMPRESSED_PUBLIC_KEY_LENGTH ||
43
+ secretKey.length !== P384_ECDH_SECRET_KEY_LENGTH) {
44
+ throw new ReallyMeCryptoError("invalid-input");
45
+ }
46
+ try {
47
+ return p384.getSharedSecret(secretKey, publicKey, false).slice(1, 49);
48
+ }
49
+ catch {
50
+ throw new ReallyMeCryptoError("invalid-input");
51
+ }
52
+ },
53
+ };
@@ -0,0 +1,22 @@
1
+ /**
2
+ * P-521 ECDH backed by @noble/curves.
3
+ *
4
+ * Public keys at the SDK boundary are compressed SEC1. The primitive returns
5
+ * the raw 66-byte ECDH x-coordinate; protocols must apply a labelled KDF that
6
+ * binds algorithm and party context before using it as key material.
7
+ */
8
+ export declare const P521_ECDH_SECRET_KEY_LENGTH = 66;
9
+ export declare const P521_ECDH_COMPRESSED_PUBLIC_KEY_LENGTH = 67;
10
+ export declare const P521_ECDH_SHARED_SECRET_LENGTH = 66;
11
+ export declare const ReallyMeP521Ecdh: {
12
+ readonly generateKeyPair: () => {
13
+ publicKey: Uint8Array;
14
+ secretKey: Uint8Array;
15
+ };
16
+ readonly deriveKeyPair: (secretKey: Uint8Array) => {
17
+ publicKey: Uint8Array;
18
+ secretKey: Uint8Array;
19
+ };
20
+ readonly derivePublicKey: (secretKey: Uint8Array) => Uint8Array;
21
+ readonly deriveSharedSecret: (publicKey: Uint8Array, secretKey: Uint8Array) => Uint8Array;
22
+ };
@@ -0,0 +1,53 @@
1
+ // SPDX-FileCopyrightText: Copyright © 2026 ReallyMe LLC. All rights reserved
2
+ //
3
+ // SPDX-License-Identifier: Apache-2.0
4
+ import { p521 } from "@noble/curves/nist.js";
5
+ import { ReallyMeCryptoError } from "./errors.js";
6
+ /**
7
+ * P-521 ECDH backed by @noble/curves.
8
+ *
9
+ * Public keys at the SDK boundary are compressed SEC1. The primitive returns
10
+ * the raw 66-byte ECDH x-coordinate; protocols must apply a labelled KDF that
11
+ * binds algorithm and party context before using it as key material.
12
+ */
13
+ export const P521_ECDH_SECRET_KEY_LENGTH = 66;
14
+ export const P521_ECDH_COMPRESSED_PUBLIC_KEY_LENGTH = 67;
15
+ export const P521_ECDH_SHARED_SECRET_LENGTH = 66;
16
+ export const ReallyMeP521Ecdh = {
17
+ generateKeyPair() {
18
+ const secretKey = p521.utils.randomSecretKey();
19
+ return {
20
+ publicKey: p521.getPublicKey(secretKey, true),
21
+ secretKey,
22
+ };
23
+ },
24
+ deriveKeyPair(secretKey) {
25
+ return {
26
+ publicKey: this.derivePublicKey(secretKey),
27
+ secretKey: secretKey.slice(),
28
+ };
29
+ },
30
+ derivePublicKey(secretKey) {
31
+ if (secretKey.length !== P521_ECDH_SECRET_KEY_LENGTH) {
32
+ throw new ReallyMeCryptoError("invalid-input");
33
+ }
34
+ try {
35
+ return p521.getPublicKey(secretKey, true);
36
+ }
37
+ catch {
38
+ throw new ReallyMeCryptoError("invalid-input");
39
+ }
40
+ },
41
+ deriveSharedSecret(publicKey, secretKey) {
42
+ if (publicKey.length !== P521_ECDH_COMPRESSED_PUBLIC_KEY_LENGTH ||
43
+ secretKey.length !== P521_ECDH_SECRET_KEY_LENGTH) {
44
+ throw new ReallyMeCryptoError("invalid-input");
45
+ }
46
+ try {
47
+ return p521.getSharedSecret(secretKey, publicKey, false).slice(1, 67);
48
+ }
49
+ catch {
50
+ throw new ReallyMeCryptoError("invalid-input");
51
+ }
52
+ },
53
+ };
@@ -286,7 +286,15 @@ export declare enum KeyAgreementAlgorithm {
286
286
  /**
287
287
  * @generated from enum value: KEY_AGREEMENT_ALGORITHM_P256_ECDH = 2;
288
288
  */
289
- P256_ECDH = 2
289
+ P256_ECDH = 2,
290
+ /**
291
+ * @generated from enum value: KEY_AGREEMENT_ALGORITHM_P384_ECDH = 3;
292
+ */
293
+ P384_ECDH = 3,
294
+ /**
295
+ * @generated from enum value: KEY_AGREEMENT_ALGORITHM_P521_ECDH = 4;
296
+ */
297
+ P521_ECDH = 4
290
298
  }
291
299
  /**
292
300
  * Describes the enum reallyme.crypto.v1.KeyAgreementAlgorithm.
@@ -376,7 +384,15 @@ export declare enum AeadAlgorithm {
376
384
  /**
377
385
  * @generated from enum value: AEAD_ALGORITHM_XCHACHA20_POLY1305 = 4;
378
386
  */
379
- XCHACHA20_POLY1305 = 4
387
+ XCHACHA20_POLY1305 = 4,
388
+ /**
389
+ * @generated from enum value: AEAD_ALGORITHM_AES_128_GCM = 5;
390
+ */
391
+ AES_128_GCM = 5,
392
+ /**
393
+ * @generated from enum value: AEAD_ALGORITHM_AES_192_GCM = 6;
394
+ */
395
+ AES_192_GCM = 6
380
396
  }
381
397
  /**
382
398
  * Describes the enum reallyme.crypto.v1.AeadAlgorithm.
@@ -474,7 +490,11 @@ export declare enum KdfAlgorithm {
474
490
  /**
475
491
  * @generated from enum value: KDF_ALGORITHM_PBKDF2_HMAC_SHA512 = 4;
476
492
  */
477
- PBKDF2_HMAC_SHA512 = 4
493
+ PBKDF2_HMAC_SHA512 = 4,
494
+ /**
495
+ * @generated from enum value: KDF_ALGORITHM_JWA_CONCAT_KDF_SHA256 = 5;
496
+ */
497
+ JWA_CONCAT_KDF_SHA256 = 5
478
498
  }
479
499
  /**
480
500
  * Describes the enum reallyme.crypto.v1.KdfAlgorithm.
@@ -5,7 +5,7 @@ import { enumDesc, fileDesc, messageDesc } from "@bufbuild/protobuf/codegenv2";
5
5
  /**
6
6
  * Describes the file reallyme/crypto/v1/crypto.proto.
7
7
  */
8
- export const file_reallyme_crypto_v1_crypto = /*@__PURE__*/ fileDesc("Ch9yZWFsbHltZS9jcnlwdG8vdjEvY3J5cHRvLnByb3RvEhJyZWFsbHltZS5jcnlwdG8udjEi0QQKGUNyeXB0b0FsZ29yaXRobUlkZW50aWZpZXISOwoJc2lnbmF0dXJlGAEgASgOMiYucmVhbGx5bWUuY3J5cHRvLnYxLlNpZ25hdHVyZUFsZ29yaXRobUgAEkIKDWtleV9hZ3JlZW1lbnQYAiABKA4yKS5yZWFsbHltZS5jcnlwdG8udjEuS2V5QWdyZWVtZW50QWxnb3JpdGhtSAASLwoDa2VtGAMgASgOMiAucmVhbGx5bWUuY3J5cHRvLnYxLktlbUFsZ29yaXRobUgAEi0KBGhwa2UYBCABKA4yHS5yZWFsbHltZS5jcnlwdG8udjEuSHBrZVN1aXRlSAASMQoEYWVhZBgFIAEoDjIhLnJlYWxseW1lLmNyeXB0by52MS5BZWFkQWxnb3JpdGhtSAASMQoEaGFzaBgGIAEoDjIhLnJlYWxseW1lLmNyeXB0by52MS5IYXNoQWxnb3JpdGhtSAASLwoDbWFjGAcgASgOMiAucmVhbGx5bWUuY3J5cHRvLnYxLk1hY0FsZ29yaXRobUgAEi8KA2tkZhgIIAEoDjIgLnJlYWxseW1lLmNyeXB0by52MS5LZGZBbGdvcml0aG1IABI4CghrZXlfd3JhcBgJIAEoDjIkLnJlYWxseW1lLmNyeXB0by52MS5LZXlXcmFwQWxnb3JpdGhtSAASRAoObXVsdGljb2RlY19rZXkYCiABKA4yKi5yZWFsbHltZS5jcnlwdG8udjEuTXVsdGljb2RlY0tleUFsZ29yaXRobUgAQgsKCWFsZ29yaXRobSJ5CgpKc29uV2ViS2V5EkAKCWFsZ29yaXRobRgBIAEoCzItLnJlYWxseW1lLmNyeXB0by52MS5DcnlwdG9BbGdvcml0aG1JZGVudGlmaWVyEhIKCnB1YmxpY19rZXkYAiABKAwSFQoNY2Fub25pY2FsX2pjcxgDIAEoDCI9Cg1Kc29uV2ViS2V5U2V0EiwKBGtleXMYASADKAsyHi5yZWFsbHltZS5jcnlwdG8udjEuSnNvbldlYktleSqBAwoVQ3J5cHRvQWxnb3JpdGhtRmFtaWx5EicKI0NSWVBUT19BTEdPUklUSE1fRkFNSUxZX1VOU1BFQ0lGSUVEEAASJQohQ1JZUFRPX0FMR09SSVRITV9GQU1JTFlfU0lHTkFUVVJFEAESKQolQ1JZUFRPX0FMR09SSVRITV9GQU1JTFlfS0VZX0FHUkVFTUVOVBACEh8KG0NSWVBUT19BTEdPUklUSE1fRkFNSUxZX0tFTRADEiAKHENSWVBUT19BTEdPUklUSE1fRkFNSUxZX0FFQUQQBBIgChxDUllQVE9fQUxHT1JJVEhNX0ZBTUlMWV9IQVNIEAUSHwobQ1JZUFRPX0FMR09SSVRITV9GQU1JTFlfTUFDEAYSHwobQ1JZUFRPX0FMR09SSVRITV9GQU1JTFlfS0RGEAcSJAogQ1JZUFRPX0FMR09SSVRITV9GQU1JTFlfS0VZX1dSQVAQCBIgChxDUllQVE9fQUxHT1JJVEhNX0ZBTUlMWV9IUEtFEAkq1gYKElNpZ25hdHVyZUFsZ29yaXRobRIjCh9TSUdOQVRVUkVfQUxHT1JJVEhNX1VOU1BFQ0lGSUVEEAASHwobU0lHTkFUVVJFX0FMR09SSVRITV9FRDI1NTE5EAESKQolU0lHTkFUVVJFX0FMR09SSVRITV9FQ0RTQV9QMjU2X1NIQTI1NhACEikKJVNJR05BVFVSRV9BTEdPUklUSE1fRUNEU0FfUDM4NF9TSEEzODQQAxIpCiVTSUdOQVRVUkVfQUxHT1JJVEhNX0VDRFNBX1A1MjFfU0hBNTEyEAQSLgoqU0lHTkFUVVJFX0FMR09SSVRITV9FQ0RTQV9TRUNQMjU2SzFfU0hBMjU2EAUSNwozU0lHTkFUVVJFX0FMR09SSVRITV9CSVAzNDBfU0NITk9SUl9TRUNQMjU2SzFfU0hBMjU2EAYSKQolU0lHTkFUVVJFX0FMR09SSVRITV9SU0FfUEtDUzFWMTVfU0hBMRAHEisKJ1NJR05BVFVSRV9BTEdPUklUSE1fUlNBX1BLQ1MxVjE1X1NIQTI1NhAIEisKJ1NJR05BVFVSRV9BTEdPUklUSE1fUlNBX1BLQ1MxVjE1X1NIQTM4NBAJEisKJ1NJR05BVFVSRV9BTEdPUklUSE1fUlNBX1BLQ1MxVjE1X1NIQTUxMhAKEi4KKlNJR05BVFVSRV9BTEdPUklUSE1fUlNBX1BTU19TSEExX01HRjFfU0hBMRALEjIKLlNJR05BVFVSRV9BTEdPUklUSE1fUlNBX1BTU19TSEEyNTZfTUdGMV9TSEEyNTYQDBIyCi5TSUdOQVRVUkVfQUxHT1JJVEhNX1JTQV9QU1NfU0hBMzg0X01HRjFfU0hBMzg0EA0SMgouU0lHTkFUVVJFX0FMR09SSVRITV9SU0FfUFNTX1NIQTUxMl9NR0YxX1NIQTUxMhAOEiEKHVNJR05BVFVSRV9BTEdPUklUSE1fTUxfRFNBXzQ0EA8SIQodU0lHTkFUVVJFX0FMR09SSVRITV9NTF9EU0FfNjUQEBIhCh1TSUdOQVRVUkVfQUxHT1JJVEhNX01MX0RTQV84NxAREikKJVNJR05BVFVSRV9BTEdPUklUSE1fU0xIX0RTQV9TSEEyXzEyOFMQEiqLAQoVS2V5QWdyZWVtZW50QWxnb3JpdGhtEicKI0tFWV9BR1JFRU1FTlRfQUxHT1JJVEhNX1VOU1BFQ0lGSUVEEAASIgoeS0VZX0FHUkVFTUVOVF9BTEdPUklUSE1fWDI1NTE5EAESJQohS0VZX0FHUkVFTUVOVF9BTEdPUklUSE1fUDI1Nl9FQ0RIEAIqxQEKDEtlbUFsZ29yaXRobRIdChlLRU1fQUxHT1JJVEhNX1VOU1BFQ0lGSUVEEAASHAoYS0VNX0FMR09SSVRITV9NTF9LRU1fNTEyEAESHAoYS0VNX0FMR09SSVRITV9NTF9LRU1fNzY4EAISHQoZS0VNX0FMR09SSVRITV9NTF9LRU1fMTAyNBADEhwKGEtFTV9BTEdPUklUSE1fWF9XSU5HXzc2OBAEEh0KGUtFTV9BTEdPUklUSE1fWF9XSU5HXzEwMjQQBSqtAQoJSHBrZVN1aXRlEhoKFkhQS0VfU1VJVEVfVU5TUEVDSUZJRUQQABI9CjlIUEtFX1NVSVRFX0RIS0VNX1AyNTZfSEtERl9TSEEyNTZfSEtERl9TSEEyNTZfQUVTXzI1Nl9HQ00QARJFCkFIUEtFX1NVSVRFX0RIS0VNX1gyNTUxOV9IS0RGX1NIQTI1Nl9IS0RGX1NIQTI1Nl9DSEFDSEEyMF9QT0xZMTMwNRACKsABCg1BZWFkQWxnb3JpdGhtEh4KGkFFQURfQUxHT1JJVEhNX1VOU1BFQ0lGSUVEEAASHgoaQUVBRF9BTEdPUklUSE1fQUVTXzI1Nl9HQ00QARIiCh5BRUFEX0FMR09SSVRITV9BRVNfMjU2X0dDTV9TSVYQAhIkCiBBRUFEX0FMR09SSVRITV9DSEFDSEEyMF9QT0xZMTMwNRADEiUKIUFFQURfQUxHT1JJVEhNX1hDSEFDSEEyMF9QT0xZMTMwNRAEKvoBCg1IYXNoQWxnb3JpdGhtEh4KGkhBU0hfQUxHT1JJVEhNX1VOU1BFQ0lGSUVEEAASGwoXSEFTSF9BTEdPUklUSE1fU0hBMl8yNTYQARIbChdIQVNIX0FMR09SSVRITV9TSEEyXzM4NBACEhsKF0hBU0hfQUxHT1JJVEhNX1NIQTJfNTEyEAMSGwoXSEFTSF9BTEdPUklUSE1fU0hBM18yMjQQBBIbChdIQVNIX0FMR09SSVRITV9TSEEzXzI1NhAFEhsKF0hBU0hfQUxHT1JJVEhNX1NIQTNfMzg0EAYSGwoXSEFTSF9BTEdPUklUSE1fU0hBM181MTIQByprCgxNYWNBbGdvcml0aG0SHQoZTUFDX0FMR09SSVRITV9VTlNQRUNJRklFRBAAEh0KGU1BQ19BTEdPUklUSE1fSE1BQ19TSEEyNTYQARIdChlNQUNfQUxHT1JJVEhNX0hNQUNfU0hBNTEyEAIqtAEKDEtkZkFsZ29yaXRobRIdChlLREZfQUxHT1JJVEhNX1VOU1BFQ0lGSUVEEAASHQoZS0RGX0FMR09SSVRITV9IS0RGX1NIQTI1NhABEhoKFktERl9BTEdPUklUSE1fQVJHT04ySUQQAhIkCiBLREZfQUxHT1JJVEhNX1BCS0RGMl9ITUFDX1NIQTI1NhADEiQKIEtERl9BTEdPUklUSE1fUEJLREYyX0hNQUNfU0hBNTEyEAQqWQoQS2V5V3JhcEFsZ29yaXRobRIiCh5LRVlfV1JBUF9BTEdPUklUSE1fVU5TUEVDSUZJRUQQABIhCh1LRVlfV1JBUF9BTEdPUklUSE1fQUVTXzI1Nl9LVxABKuUIChZNdWx0aWNvZGVjS2V5QWxnb3JpdGhtEigKJE1VTFRJQ09ERUNfS0VZX0FMR09SSVRITV9VTlNQRUNJRklFRBAAEigKJE1VTFRJQ09ERUNfS0VZX0FMR09SSVRITV9FRDI1NTE5X1BVQhABEicKI01VTFRJQ09ERUNfS0VZX0FMR09SSVRITV9YMjU1MTlfUFVCEAISKgomTVVMVElDT0RFQ19LRVlfQUxHT1JJVEhNX1NFQ1AyNTZLMV9QVUIQAxIlCiFNVUxUSUNPREVDX0tFWV9BTEdPUklUSE1fUDI1Nl9QVUIQBBIlCiFNVUxUSUNPREVDX0tFWV9BTEdPUklUSE1fUDM4NF9QVUIQBRIlCiFNVUxUSUNPREVDX0tFWV9BTEdPUklUSE1fUDUyMV9QVUIQBhImCiJNVUxUSUNPREVDX0tFWV9BTEdPUklUSE1fRUQ0NDhfUFVCEAcSJAogTVVMVElDT0RFQ19LRVlfQUxHT1JJVEhNX1JTQV9QVUIQCBIrCidNVUxUSUNPREVDX0tFWV9BTEdPUklUSE1fTUxfS0VNXzUxMl9QVUIQCRIrCidNVUxUSUNPREVDX0tFWV9BTEdPUklUSE1fTUxfS0VNXzc2OF9QVUIQChIsCihNVUxUSUNPREVDX0tFWV9BTEdPUklUSE1fTUxfS0VNXzEwMjRfUFVCEAsSKgomTVVMVElDT0RFQ19LRVlfQUxHT1JJVEhNX01MX0RTQV80NF9QVUIQDBIqCiZNVUxUSUNPREVDX0tFWV9BTEdPUklUSE1fTUxfRFNBXzY1X1BVQhANEioKJk1VTFRJQ09ERUNfS0VZX0FMR09SSVRITV9NTF9EU0FfODdfUFVCEA4SKQolTVVMVElDT0RFQ19LRVlfQUxHT1JJVEhNX0VEMjU1MTlfUFJJVhAPEigKJE1VTFRJQ09ERUNfS0VZX0FMR09SSVRITV9YMjU1MTlfUFJJVhAQEisKJ01VTFRJQ09ERUNfS0VZX0FMR09SSVRITV9TRUNQMjU2SzFfUFJJVhAREiYKIk1VTFRJQ09ERUNfS0VZX0FMR09SSVRITV9QMjU2X1BSSVYQEhImCiJNVUxUSUNPREVDX0tFWV9BTEdPUklUSE1fUDM4NF9QUklWEBMSJgoiTVVMVElDT0RFQ19LRVlfQUxHT1JJVEhNX1A1MjFfUFJJVhAUEicKI01VTFRJQ09ERUNfS0VZX0FMR09SSVRITV9FRDQ0OF9QUklWEBUSJQohTVVMVElDT0RFQ19LRVlfQUxHT1JJVEhNX1JTQV9QUklWEBYSLAooTVVMVElDT0RFQ19LRVlfQUxHT1JJVEhNX01MX0tFTV81MTJfUFJJVhAXEiwKKE1VTFRJQ09ERUNfS0VZX0FMR09SSVRITV9NTF9LRU1fNzY4X1BSSVYQGBItCilNVUxUSUNPREVDX0tFWV9BTEdPUklUSE1fTUxfS0VNXzEwMjRfUFJJVhAZQicKE21lLnJlYWxseS5jcnlwdG8udjFQAboCDVJlYWxseU1lUHJvdG9iBnByb3RvMw");
8
+ export const file_reallyme_crypto_v1_crypto = /*@__PURE__*/ fileDesc("Ch9yZWFsbHltZS9jcnlwdG8vdjEvY3J5cHRvLnByb3RvEhJyZWFsbHltZS5jcnlwdG8udjEi0QQKGUNyeXB0b0FsZ29yaXRobUlkZW50aWZpZXISOwoJc2lnbmF0dXJlGAEgASgOMiYucmVhbGx5bWUuY3J5cHRvLnYxLlNpZ25hdHVyZUFsZ29yaXRobUgAEkIKDWtleV9hZ3JlZW1lbnQYAiABKA4yKS5yZWFsbHltZS5jcnlwdG8udjEuS2V5QWdyZWVtZW50QWxnb3JpdGhtSAASLwoDa2VtGAMgASgOMiAucmVhbGx5bWUuY3J5cHRvLnYxLktlbUFsZ29yaXRobUgAEi0KBGhwa2UYBCABKA4yHS5yZWFsbHltZS5jcnlwdG8udjEuSHBrZVN1aXRlSAASMQoEYWVhZBgFIAEoDjIhLnJlYWxseW1lLmNyeXB0by52MS5BZWFkQWxnb3JpdGhtSAASMQoEaGFzaBgGIAEoDjIhLnJlYWxseW1lLmNyeXB0by52MS5IYXNoQWxnb3JpdGhtSAASLwoDbWFjGAcgASgOMiAucmVhbGx5bWUuY3J5cHRvLnYxLk1hY0FsZ29yaXRobUgAEi8KA2tkZhgIIAEoDjIgLnJlYWxseW1lLmNyeXB0by52MS5LZGZBbGdvcml0aG1IABI4CghrZXlfd3JhcBgJIAEoDjIkLnJlYWxseW1lLmNyeXB0by52MS5LZXlXcmFwQWxnb3JpdGhtSAASRAoObXVsdGljb2RlY19rZXkYCiABKA4yKi5yZWFsbHltZS5jcnlwdG8udjEuTXVsdGljb2RlY0tleUFsZ29yaXRobUgAQgsKCWFsZ29yaXRobSJ5CgpKc29uV2ViS2V5EkAKCWFsZ29yaXRobRgBIAEoCzItLnJlYWxseW1lLmNyeXB0by52MS5DcnlwdG9BbGdvcml0aG1JZGVudGlmaWVyEhIKCnB1YmxpY19rZXkYAiABKAwSFQoNY2Fub25pY2FsX2pjcxgDIAEoDCI9Cg1Kc29uV2ViS2V5U2V0EiwKBGtleXMYASADKAsyHi5yZWFsbHltZS5jcnlwdG8udjEuSnNvbldlYktleSqBAwoVQ3J5cHRvQWxnb3JpdGhtRmFtaWx5EicKI0NSWVBUT19BTEdPUklUSE1fRkFNSUxZX1VOU1BFQ0lGSUVEEAASJQohQ1JZUFRPX0FMR09SSVRITV9GQU1JTFlfU0lHTkFUVVJFEAESKQolQ1JZUFRPX0FMR09SSVRITV9GQU1JTFlfS0VZX0FHUkVFTUVOVBACEh8KG0NSWVBUT19BTEdPUklUSE1fRkFNSUxZX0tFTRADEiAKHENSWVBUT19BTEdPUklUSE1fRkFNSUxZX0FFQUQQBBIgChxDUllQVE9fQUxHT1JJVEhNX0ZBTUlMWV9IQVNIEAUSHwobQ1JZUFRPX0FMR09SSVRITV9GQU1JTFlfTUFDEAYSHwobQ1JZUFRPX0FMR09SSVRITV9GQU1JTFlfS0RGEAcSJAogQ1JZUFRPX0FMR09SSVRITV9GQU1JTFlfS0VZX1dSQVAQCBIgChxDUllQVE9fQUxHT1JJVEhNX0ZBTUlMWV9IUEtFEAkq1gYKElNpZ25hdHVyZUFsZ29yaXRobRIjCh9TSUdOQVRVUkVfQUxHT1JJVEhNX1VOU1BFQ0lGSUVEEAASHwobU0lHTkFUVVJFX0FMR09SSVRITV9FRDI1NTE5EAESKQolU0lHTkFUVVJFX0FMR09SSVRITV9FQ0RTQV9QMjU2X1NIQTI1NhACEikKJVNJR05BVFVSRV9BTEdPUklUSE1fRUNEU0FfUDM4NF9TSEEzODQQAxIpCiVTSUdOQVRVUkVfQUxHT1JJVEhNX0VDRFNBX1A1MjFfU0hBNTEyEAQSLgoqU0lHTkFUVVJFX0FMR09SSVRITV9FQ0RTQV9TRUNQMjU2SzFfU0hBMjU2EAUSNwozU0lHTkFUVVJFX0FMR09SSVRITV9CSVAzNDBfU0NITk9SUl9TRUNQMjU2SzFfU0hBMjU2EAYSKQolU0lHTkFUVVJFX0FMR09SSVRITV9SU0FfUEtDUzFWMTVfU0hBMRAHEisKJ1NJR05BVFVSRV9BTEdPUklUSE1fUlNBX1BLQ1MxVjE1X1NIQTI1NhAIEisKJ1NJR05BVFVSRV9BTEdPUklUSE1fUlNBX1BLQ1MxVjE1X1NIQTM4NBAJEisKJ1NJR05BVFVSRV9BTEdPUklUSE1fUlNBX1BLQ1MxVjE1X1NIQTUxMhAKEi4KKlNJR05BVFVSRV9BTEdPUklUSE1fUlNBX1BTU19TSEExX01HRjFfU0hBMRALEjIKLlNJR05BVFVSRV9BTEdPUklUSE1fUlNBX1BTU19TSEEyNTZfTUdGMV9TSEEyNTYQDBIyCi5TSUdOQVRVUkVfQUxHT1JJVEhNX1JTQV9QU1NfU0hBMzg0X01HRjFfU0hBMzg0EA0SMgouU0lHTkFUVVJFX0FMR09SSVRITV9SU0FfUFNTX1NIQTUxMl9NR0YxX1NIQTUxMhAOEiEKHVNJR05BVFVSRV9BTEdPUklUSE1fTUxfRFNBXzQ0EA8SIQodU0lHTkFUVVJFX0FMR09SSVRITV9NTF9EU0FfNjUQEBIhCh1TSUdOQVRVUkVfQUxHT1JJVEhNX01MX0RTQV84NxAREikKJVNJR05BVFVSRV9BTEdPUklUSE1fU0xIX0RTQV9TSEEyXzEyOFMQEirZAQoVS2V5QWdyZWVtZW50QWxnb3JpdGhtEicKI0tFWV9BR1JFRU1FTlRfQUxHT1JJVEhNX1VOU1BFQ0lGSUVEEAASIgoeS0VZX0FHUkVFTUVOVF9BTEdPUklUSE1fWDI1NTE5EAESJQohS0VZX0FHUkVFTUVOVF9BTEdPUklUSE1fUDI1Nl9FQ0RIEAISJQohS0VZX0FHUkVFTUVOVF9BTEdPUklUSE1fUDM4NF9FQ0RIEAMSJQohS0VZX0FHUkVFTUVOVF9BTEdPUklUSE1fUDUyMV9FQ0RIEAQqxQEKDEtlbUFsZ29yaXRobRIdChlLRU1fQUxHT1JJVEhNX1VOU1BFQ0lGSUVEEAASHAoYS0VNX0FMR09SSVRITV9NTF9LRU1fNTEyEAESHAoYS0VNX0FMR09SSVRITV9NTF9LRU1fNzY4EAISHQoZS0VNX0FMR09SSVRITV9NTF9LRU1fMTAyNBADEhwKGEtFTV9BTEdPUklUSE1fWF9XSU5HXzc2OBAEEh0KGUtFTV9BTEdPUklUSE1fWF9XSU5HXzEwMjQQBSqtAQoJSHBrZVN1aXRlEhoKFkhQS0VfU1VJVEVfVU5TUEVDSUZJRUQQABI9CjlIUEtFX1NVSVRFX0RIS0VNX1AyNTZfSEtERl9TSEEyNTZfSEtERl9TSEEyNTZfQUVTXzI1Nl9HQ00QARJFCkFIUEtFX1NVSVRFX0RIS0VNX1gyNTUxOV9IS0RGX1NIQTI1Nl9IS0RGX1NIQTI1Nl9DSEFDSEEyMF9QT0xZMTMwNRACKoACCg1BZWFkQWxnb3JpdGhtEh4KGkFFQURfQUxHT1JJVEhNX1VOU1BFQ0lGSUVEEAASHgoaQUVBRF9BTEdPUklUSE1fQUVTXzI1Nl9HQ00QARIiCh5BRUFEX0FMR09SSVRITV9BRVNfMjU2X0dDTV9TSVYQAhIkCiBBRUFEX0FMR09SSVRITV9DSEFDSEEyMF9QT0xZMTMwNRADEiUKIUFFQURfQUxHT1JJVEhNX1hDSEFDSEEyMF9QT0xZMTMwNRAEEh4KGkFFQURfQUxHT1JJVEhNX0FFU18xMjhfR0NNEAUSHgoaQUVBRF9BTEdPUklUSE1fQUVTXzE5Ml9HQ00QBir6AQoNSGFzaEFsZ29yaXRobRIeChpIQVNIX0FMR09SSVRITV9VTlNQRUNJRklFRBAAEhsKF0hBU0hfQUxHT1JJVEhNX1NIQTJfMjU2EAESGwoXSEFTSF9BTEdPUklUSE1fU0hBMl8zODQQAhIbChdIQVNIX0FMR09SSVRITV9TSEEyXzUxMhADEhsKF0hBU0hfQUxHT1JJVEhNX1NIQTNfMjI0EAQSGwoXSEFTSF9BTEdPUklUSE1fU0hBM18yNTYQBRIbChdIQVNIX0FMR09SSVRITV9TSEEzXzM4NBAGEhsKF0hBU0hfQUxHT1JJVEhNX1NIQTNfNTEyEAcqawoMTWFjQWxnb3JpdGhtEh0KGU1BQ19BTEdPUklUSE1fVU5TUEVDSUZJRUQQABIdChlNQUNfQUxHT1JJVEhNX0hNQUNfU0hBMjU2EAESHQoZTUFDX0FMR09SSVRITV9ITUFDX1NIQTUxMhACKt0BCgxLZGZBbGdvcml0aG0SHQoZS0RGX0FMR09SSVRITV9VTlNQRUNJRklFRBAAEh0KGUtERl9BTEdPUklUSE1fSEtERl9TSEEyNTYQARIaChZLREZfQUxHT1JJVEhNX0FSR09OMklEEAISJAogS0RGX0FMR09SSVRITV9QQktERjJfSE1BQ19TSEEyNTYQAxIkCiBLREZfQUxHT1JJVEhNX1BCS0RGMl9ITUFDX1NIQTUxMhAEEicKI0tERl9BTEdPUklUSE1fSldBX0NPTkNBVF9LREZfU0hBMjU2EAUqWQoQS2V5V3JhcEFsZ29yaXRobRIiCh5LRVlfV1JBUF9BTEdPUklUSE1fVU5TUEVDSUZJRUQQABIhCh1LRVlfV1JBUF9BTEdPUklUSE1fQUVTXzI1Nl9LVxABKuUIChZNdWx0aWNvZGVjS2V5QWxnb3JpdGhtEigKJE1VTFRJQ09ERUNfS0VZX0FMR09SSVRITV9VTlNQRUNJRklFRBAAEigKJE1VTFRJQ09ERUNfS0VZX0FMR09SSVRITV9FRDI1NTE5X1BVQhABEicKI01VTFRJQ09ERUNfS0VZX0FMR09SSVRITV9YMjU1MTlfUFVCEAISKgomTVVMVElDT0RFQ19LRVlfQUxHT1JJVEhNX1NFQ1AyNTZLMV9QVUIQAxIlCiFNVUxUSUNPREVDX0tFWV9BTEdPUklUSE1fUDI1Nl9QVUIQBBIlCiFNVUxUSUNPREVDX0tFWV9BTEdPUklUSE1fUDM4NF9QVUIQBRIlCiFNVUxUSUNPREVDX0tFWV9BTEdPUklUSE1fUDUyMV9QVUIQBhImCiJNVUxUSUNPREVDX0tFWV9BTEdPUklUSE1fRUQ0NDhfUFVCEAcSJAogTVVMVElDT0RFQ19LRVlfQUxHT1JJVEhNX1JTQV9QVUIQCBIrCidNVUxUSUNPREVDX0tFWV9BTEdPUklUSE1fTUxfS0VNXzUxMl9QVUIQCRIrCidNVUxUSUNPREVDX0tFWV9BTEdPUklUSE1fTUxfS0VNXzc2OF9QVUIQChIsCihNVUxUSUNPREVDX0tFWV9BTEdPUklUSE1fTUxfS0VNXzEwMjRfUFVCEAsSKgomTVVMVElDT0RFQ19LRVlfQUxHT1JJVEhNX01MX0RTQV80NF9QVUIQDBIqCiZNVUxUSUNPREVDX0tFWV9BTEdPUklUSE1fTUxfRFNBXzY1X1BVQhANEioKJk1VTFRJQ09ERUNfS0VZX0FMR09SSVRITV9NTF9EU0FfODdfUFVCEA4SKQolTVVMVElDT0RFQ19LRVlfQUxHT1JJVEhNX0VEMjU1MTlfUFJJVhAPEigKJE1VTFRJQ09ERUNfS0VZX0FMR09SSVRITV9YMjU1MTlfUFJJVhAQEisKJ01VTFRJQ09ERUNfS0VZX0FMR09SSVRITV9TRUNQMjU2SzFfUFJJVhAREiYKIk1VTFRJQ09ERUNfS0VZX0FMR09SSVRITV9QMjU2X1BSSVYQEhImCiJNVUxUSUNPREVDX0tFWV9BTEdPUklUSE1fUDM4NF9QUklWEBMSJgoiTVVMVElDT0RFQ19LRVlfQUxHT1JJVEhNX1A1MjFfUFJJVhAUEicKI01VTFRJQ09ERUNfS0VZX0FMR09SSVRITV9FRDQ0OF9QUklWEBUSJQohTVVMVElDT0RFQ19LRVlfQUxHT1JJVEhNX1JTQV9QUklWEBYSLAooTVVMVElDT0RFQ19LRVlfQUxHT1JJVEhNX01MX0tFTV81MTJfUFJJVhAXEiwKKE1VTFRJQ09ERUNfS0VZX0FMR09SSVRITV9NTF9LRU1fNzY4X1BSSVYQGBItCilNVUxUSUNPREVDX0tFWV9BTEdPUklUSE1fTUxfS0VNXzEwMjRfUFJJVhAZQicKE21lLnJlYWxseS5jcnlwdG8udjFQAboCDVJlYWxseU1lUHJvdG9iBnByb3RvMw");
9
9
  /**
10
10
  * Describes the message reallyme.crypto.v1.CryptoAlgorithmIdentifier.
11
11
  * Use `create(CryptoAlgorithmIdentifierSchema)` to create a new message.
@@ -184,6 +184,14 @@ export var KeyAgreementAlgorithm;
184
184
  * @generated from enum value: KEY_AGREEMENT_ALGORITHM_P256_ECDH = 2;
185
185
  */
186
186
  KeyAgreementAlgorithm[KeyAgreementAlgorithm["P256_ECDH"] = 2] = "P256_ECDH";
187
+ /**
188
+ * @generated from enum value: KEY_AGREEMENT_ALGORITHM_P384_ECDH = 3;
189
+ */
190
+ KeyAgreementAlgorithm[KeyAgreementAlgorithm["P384_ECDH"] = 3] = "P384_ECDH";
191
+ /**
192
+ * @generated from enum value: KEY_AGREEMENT_ALGORITHM_P521_ECDH = 4;
193
+ */
194
+ KeyAgreementAlgorithm[KeyAgreementAlgorithm["P521_ECDH"] = 4] = "P521_ECDH";
187
195
  })(KeyAgreementAlgorithm || (KeyAgreementAlgorithm = {}));
188
196
  /**
189
197
  * Describes the enum reallyme.crypto.v1.KeyAgreementAlgorithm.
@@ -277,6 +285,14 @@ export var AeadAlgorithm;
277
285
  * @generated from enum value: AEAD_ALGORITHM_XCHACHA20_POLY1305 = 4;
278
286
  */
279
287
  AeadAlgorithm[AeadAlgorithm["XCHACHA20_POLY1305"] = 4] = "XCHACHA20_POLY1305";
288
+ /**
289
+ * @generated from enum value: AEAD_ALGORITHM_AES_128_GCM = 5;
290
+ */
291
+ AeadAlgorithm[AeadAlgorithm["AES_128_GCM"] = 5] = "AES_128_GCM";
292
+ /**
293
+ * @generated from enum value: AEAD_ALGORITHM_AES_192_GCM = 6;
294
+ */
295
+ AeadAlgorithm[AeadAlgorithm["AES_192_GCM"] = 6] = "AES_192_GCM";
280
296
  })(AeadAlgorithm || (AeadAlgorithm = {}));
281
297
  /**
282
298
  * Describes the enum reallyme.crypto.v1.AeadAlgorithm.
@@ -378,6 +394,10 @@ export var KdfAlgorithm;
378
394
  * @generated from enum value: KDF_ALGORITHM_PBKDF2_HMAC_SHA512 = 4;
379
395
  */
380
396
  KdfAlgorithm[KdfAlgorithm["PBKDF2_HMAC_SHA512"] = 4] = "PBKDF2_HMAC_SHA512";
397
+ /**
398
+ * @generated from enum value: KDF_ALGORITHM_JWA_CONCAT_KDF_SHA256 = 5;
399
+ */
400
+ KdfAlgorithm[KdfAlgorithm["JWA_CONCAT_KDF_SHA256"] = 5] = "JWA_CONCAT_KDF_SHA256";
381
401
  })(KdfAlgorithm || (KdfAlgorithm = {}));
382
402
  /**
383
403
  * Describes the enum reallyme.crypto.v1.KdfAlgorithm.
package/dist/proto.js CHANGED
@@ -126,6 +126,10 @@ export const hashAlgorithmToProto = (value) => {
126
126
  };
127
127
  export const aeadAlgorithmFromProto = (value) => {
128
128
  switch (value) {
129
+ case AeadAlgorithm.AES_128_GCM:
130
+ return "AES-128-GCM";
131
+ case AeadAlgorithm.AES_192_GCM:
132
+ return "AES-192-GCM";
129
133
  case AeadAlgorithm.AES_256_GCM:
130
134
  return "AES-256-GCM";
131
135
  case AeadAlgorithm.AES_256_GCM_SIV:
@@ -140,6 +144,10 @@ export const aeadAlgorithmFromProto = (value) => {
140
144
  };
141
145
  export const aeadAlgorithmToProto = (value) => {
142
146
  switch (value) {
147
+ case "AES-128-GCM":
148
+ return AeadAlgorithm.AES_128_GCM;
149
+ case "AES-192-GCM":
150
+ return AeadAlgorithm.AES_192_GCM;
143
151
  case "AES-256-GCM":
144
152
  return AeadAlgorithm.AES_256_GCM;
145
153
  case "AES-256-GCM-SIV":
@@ -186,6 +194,10 @@ export const keyAgreementAlgorithmFromProto = (value) => {
186
194
  return "X25519";
187
195
  case KeyAgreementAlgorithm.P256_ECDH:
188
196
  return "P-256-ECDH";
197
+ case KeyAgreementAlgorithm.P384_ECDH:
198
+ return "P-384-ECDH";
199
+ case KeyAgreementAlgorithm.P521_ECDH:
200
+ return "P-521-ECDH";
189
201
  default:
190
202
  throw new ReallyMeCryptoError("unsupported-algorithm");
191
203
  }
@@ -196,6 +208,10 @@ export const keyAgreementAlgorithmToProto = (value) => {
196
208
  return KeyAgreementAlgorithm.X25519;
197
209
  case "P-256-ECDH":
198
210
  return KeyAgreementAlgorithm.P256_ECDH;
211
+ case "P-384-ECDH":
212
+ return KeyAgreementAlgorithm.P384_ECDH;
213
+ case "P-521-ECDH":
214
+ return KeyAgreementAlgorithm.P521_ECDH;
199
215
  }
200
216
  };
201
217
  export const macAlgorithmFromProto = (value) => {
@@ -226,6 +242,8 @@ export const kdfAlgorithmFromProto = (value) => {
226
242
  return "PBKDF2-HMAC-SHA-256";
227
243
  case KdfAlgorithm.PBKDF2_HMAC_SHA512:
228
244
  return "PBKDF2-HMAC-SHA-512";
245
+ case KdfAlgorithm.JWA_CONCAT_KDF_SHA256:
246
+ return "JWA-CONCAT-KDF-SHA256";
229
247
  default:
230
248
  throw new ReallyMeCryptoError("unsupported-algorithm");
231
249
  }
@@ -240,6 +258,8 @@ export const kdfAlgorithmToProto = (value) => {
240
258
  return KdfAlgorithm.PBKDF2_HMAC_SHA256;
241
259
  case "PBKDF2-HMAC-SHA-512":
242
260
  return KdfAlgorithm.PBKDF2_HMAC_SHA512;
261
+ case "JWA-CONCAT-KDF-SHA256":
262
+ return KdfAlgorithm.JWA_CONCAT_KDF_SHA256;
243
263
  }
244
264
  };
245
265
  export const keyWrapAlgorithmFromProto = (value) => {
@@ -1,5 +1,69 @@
1
1
  /* @ts-self-types="./reallyme_crypto_wasm.d.ts" */
2
2
 
3
+ /**
4
+ * Open and authenticate an AES-128-GCM `ciphertext || tag`.
5
+ * @param {Uint8Array} key
6
+ * @param {Uint8Array} nonce
7
+ * @param {Uint8Array} aad
8
+ * @param {Uint8Array} ciphertext
9
+ * @returns {Uint8Array}
10
+ */
11
+ export function aes128GcmOpen(key, nonce, aad, ciphertext) {
12
+ const ret = wasm.aes128GcmOpen(key, nonce, aad, ciphertext);
13
+ if (ret[2]) {
14
+ throw takeFromExternrefTable0(ret[1]);
15
+ }
16
+ return takeFromExternrefTable0(ret[0]);
17
+ }
18
+
19
+ /**
20
+ * Seal plaintext with AES-128-GCM and return `ciphertext || tag`.
21
+ * @param {Uint8Array} key
22
+ * @param {Uint8Array} nonce
23
+ * @param {Uint8Array} aad
24
+ * @param {Uint8Array} plaintext
25
+ * @returns {Uint8Array}
26
+ */
27
+ export function aes128GcmSeal(key, nonce, aad, plaintext) {
28
+ const ret = wasm.aes128GcmSeal(key, nonce, aad, plaintext);
29
+ if (ret[2]) {
30
+ throw takeFromExternrefTable0(ret[1]);
31
+ }
32
+ return takeFromExternrefTable0(ret[0]);
33
+ }
34
+
35
+ /**
36
+ * Open and authenticate an AES-192-GCM `ciphertext || tag`.
37
+ * @param {Uint8Array} key
38
+ * @param {Uint8Array} nonce
39
+ * @param {Uint8Array} aad
40
+ * @param {Uint8Array} ciphertext
41
+ * @returns {Uint8Array}
42
+ */
43
+ export function aes192GcmOpen(key, nonce, aad, ciphertext) {
44
+ const ret = wasm.aes192GcmOpen(key, nonce, aad, ciphertext);
45
+ if (ret[2]) {
46
+ throw takeFromExternrefTable0(ret[1]);
47
+ }
48
+ return takeFromExternrefTable0(ret[0]);
49
+ }
50
+
51
+ /**
52
+ * Seal plaintext with AES-192-GCM and return `ciphertext || tag`.
53
+ * @param {Uint8Array} key
54
+ * @param {Uint8Array} nonce
55
+ * @param {Uint8Array} aad
56
+ * @param {Uint8Array} plaintext
57
+ * @returns {Uint8Array}
58
+ */
59
+ export function aes192GcmSeal(key, nonce, aad, plaintext) {
60
+ const ret = wasm.aes192GcmSeal(key, nonce, aad, plaintext);
61
+ if (ret[2]) {
62
+ throw takeFromExternrefTable0(ret[1]);
63
+ }
64
+ return takeFromExternrefTable0(ret[0]);
65
+ }
66
+
3
67
  /**
4
68
  * Open and authenticate an AES-256-GCM `ciphertext || tag`.
5
69
  * @param {Uint8Array} key
@@ -4,6 +4,10 @@ export type ReallyMeWasmInitOutput = Readonly<{
4
4
  export declare function initSync(module: {
5
5
  module: Uint8Array;
6
6
  }): ReallyMeWasmInitOutput;
7
+ export declare function aes128GcmOpen(key: Uint8Array, nonce: Uint8Array, aad: Uint8Array, ciphertextWithTag: Uint8Array): Uint8Array;
8
+ export declare function aes128GcmSeal(key: Uint8Array, nonce: Uint8Array, aad: Uint8Array, plaintext: Uint8Array): Uint8Array;
9
+ export declare function aes192GcmOpen(key: Uint8Array, nonce: Uint8Array, aad: Uint8Array, ciphertextWithTag: Uint8Array): Uint8Array;
10
+ export declare function aes192GcmSeal(key: Uint8Array, nonce: Uint8Array, aad: Uint8Array, plaintext: Uint8Array): Uint8Array;
7
11
  export declare function aes256GcmOpen(key: Uint8Array, nonce: Uint8Array, aad: Uint8Array, ciphertextWithTag: Uint8Array): Uint8Array;
8
12
  export declare function aes256GcmSeal(key: Uint8Array, nonce: Uint8Array, aad: Uint8Array, plaintext: Uint8Array): Uint8Array;
9
13
  export declare function aes256GcmSivOpen(key: Uint8Array, nonce: Uint8Array, aad: Uint8Array, ciphertextWithTag: Uint8Array): Uint8Array;
@@ -21,6 +21,10 @@ type EncapsulateFn = (publicKey: Uint8Array) => unknown;
21
21
  type EncapsulateDerandFn = (publicKey: Uint8Array, seed: Uint8Array) => unknown;
22
22
  type DecapsulateFn = (ciphertext: Uint8Array, secretKey: Uint8Array) => unknown;
23
23
  export type ReallyMeWasmProvider = Readonly<{
24
+ aes128GcmSeal: AeadFn;
25
+ aes128GcmOpen: AeadFn;
26
+ aes192GcmSeal: AeadFn;
27
+ aes192GcmOpen: AeadFn;
24
28
  aes256GcmSeal: AeadFn;
25
29
  aes256GcmOpen: AeadFn;
26
30
  aes256GcmSivSeal: AeadFn;
@@ -99,6 +99,10 @@ const rsaPssVerifyFunction = (module, name) => {
99
99
  export const installReallyMeWasmProvider = (module) => {
100
100
  const providerModule = requireObject(module);
101
101
  installedProvider = {
102
+ aes128GcmSeal: function4(providerModule, "aes128GcmSeal"),
103
+ aes128GcmOpen: function4(providerModule, "aes128GcmOpen"),
104
+ aes192GcmSeal: function4(providerModule, "aes192GcmSeal"),
105
+ aes192GcmOpen: function4(providerModule, "aes192GcmOpen"),
102
106
  aes256GcmSeal: function4(providerModule, "aes256GcmSeal"),
103
107
  aes256GcmOpen: function4(providerModule, "aes256GcmOpen"),
104
108
  aes256GcmSivSeal: function4(providerModule, "aes256GcmSivSeal"),
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@reallyme/crypto",
3
- "version": "0.1.4",
3
+ "version": "0.1.5",
4
4
  "description": "ReallyMe crypto SDK for TypeScript/JavaScript with an explicit, pinned provider set.",
5
5
  "license": "Apache-2.0",
6
6
  "type": "module",
@@ -28,7 +28,7 @@
28
28
  "README.md"
29
29
  ],
30
30
  "scripts": {
31
- "build": "npm run build:wasm && tsc",
31
+ "build": "node scripts/clean-dist.mjs && npm run build:wasm && tsc",
32
32
  "build:ts": "tsc",
33
33
  "build:wasm": "node scripts/build-wasm.mjs",
34
34
  "typecheck": "tsc --noEmit",
@@ -1 +0,0 @@
1
- export declare const verifySignatureResult: (valid: boolean) => void;
@@ -1,9 +0,0 @@
1
- // SPDX-FileCopyrightText: Copyright © 2026 ReallyMe LLC. All rights reserved
2
- //
3
- // SPDX-License-Identifier: Apache-2.0
4
- import { ReallyMeCryptoError } from "./errors.js";
5
- export const verifySignatureResult = (valid) => {
6
- if (!valid) {
7
- throw new ReallyMeCryptoError("invalid-signature");
8
- }
9
- };