@reallyme/crypto 0.1.8 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (48) hide show
  1. package/LICENSE +201 -0
  2. package/README.md +43 -3
  3. package/dist/aead.d.ts +4 -0
  4. package/dist/aead.js +32 -15
  5. package/dist/aesKw.d.ts +3 -0
  6. package/dist/aesKw.js +10 -0
  7. package/dist/argon2id.d.ts +2 -0
  8. package/dist/argon2id.js +6 -0
  9. package/dist/cryptoFacade.d.ts +36 -0
  10. package/dist/cryptoFacade.js +71 -23
  11. package/dist/errors.d.ts +1 -1
  12. package/dist/hpke.d.ts +4 -0
  13. package/dist/hpke.js +20 -0
  14. package/dist/index.d.ts +5 -6
  15. package/dist/index.js +4 -4
  16. package/dist/jwaConcatKdf.js +8 -4
  17. package/dist/jwk.js +67 -72
  18. package/dist/memory.d.ts +8 -0
  19. package/dist/memory.js +13 -0
  20. package/dist/mlDsa.d.ts +5 -0
  21. package/dist/mlDsa.js +23 -0
  22. package/dist/mlKem.d.ts +6 -0
  23. package/dist/mlKem.js +29 -0
  24. package/dist/p256Ecdh.js +5 -1
  25. package/dist/p384Ecdh.js +5 -1
  26. package/dist/p521Ecdh.js +5 -1
  27. package/dist/proto/generated/reallyme/crypto/v1/crypto_pb.d.ts +1392 -72
  28. package/dist/proto/generated/reallyme/crypto/v1/crypto_pb.js +490 -17
  29. package/dist/proto.d.ts +113 -5
  30. package/dist/proto.js +706 -3
  31. package/dist/rsa.d.ts +2 -0
  32. package/dist/rsa.js +18 -15
  33. package/dist/slhDsa.d.ts +5 -0
  34. package/dist/slhDsa.js +21 -0
  35. package/dist/validateBytes.d.ts +1 -0
  36. package/dist/validateBytes.js +6 -0
  37. package/dist/wasm/reallyme_crypto_wasm.js +1 -246
  38. package/dist/wasm/reallyme_crypto_wasm_bg.wasm +0 -0
  39. package/dist/wasmModuleTypes.d.ts +2 -11
  40. package/dist/wasmProvider.d.ts +1 -16
  41. package/dist/wasmProvider.js +10 -25
  42. package/dist/xWing.d.ts +6 -0
  43. package/dist/xWing.js +34 -2
  44. package/package.json +7 -2
  45. package/dist/codecs.d.ts +0 -35
  46. package/dist/codecs.js +0 -216
  47. package/dist/proto/generated/reallyme/codec/v1/codec_pb.d.ts +0 -253
  48. package/dist/proto/generated/reallyme/codec/v1/codec_pb.js +0 -160
@@ -1,4 +1,4 @@
1
- import type { GenEnum, GenFile, GenMessage } from "@bufbuild/protobuf/codegenv2";
1
+ import type { GenEnum, GenFile, GenMessage, GenService } from "@bufbuild/protobuf/codegenv2";
2
2
  import type { Message } from "@bufbuild/protobuf";
3
3
  /**
4
4
  * Describes the file reallyme/crypto/v1/crypto.proto.
@@ -102,86 +102,1154 @@ export type CryptoBackendError = Message<"reallyme.crypto.v1.CryptoBackendError"
102
102
  * Use `create(CryptoBackendErrorSchema)` to create a new message.
103
103
  */
104
104
  export declare const CryptoBackendErrorSchema: GenMessage<CryptoBackendError>;
105
+ /**
106
+ * CryptoProtoResultEnvelope is the transport-neutral wrapper for protobuf
107
+ * result lanes that need a single bytes object across FFI, RPC, storage, or
108
+ * SDK boundaries. `payload` contains either a successful result message or a
109
+ * CryptoError message according to `status`.
110
+ *
111
+ * @generated from message reallyme.crypto.v1.CryptoProtoResultEnvelope
112
+ */
113
+ export type CryptoProtoResultEnvelope = Message<"reallyme.crypto.v1.CryptoProtoResultEnvelope"> & {
114
+ /**
115
+ * @generated from field: reallyme.crypto.v1.CryptoProtoResultStatus status = 1;
116
+ */
117
+ status: CryptoProtoResultStatus;
118
+ /**
119
+ * @generated from field: bytes payload = 2;
120
+ */
121
+ payload: Uint8Array;
122
+ };
123
+ /**
124
+ * Describes the message reallyme.crypto.v1.CryptoProtoResultEnvelope.
125
+ * Use `create(CryptoProtoResultEnvelopeSchema)` to create a new message.
126
+ */
127
+ export declare const CryptoProtoResultEnvelopeSchema: GenMessage<CryptoProtoResultEnvelope>;
128
+ /**
129
+ * CryptoServiceProcessRequest carries one operation-specific protobuf request. The
130
+ * selected operation determines the concrete message type in request_payload.
131
+ *
132
+ * @generated from message reallyme.crypto.v1.CryptoServiceProcessRequest
133
+ */
134
+ export type CryptoServiceProcessRequest = Message<"reallyme.crypto.v1.CryptoServiceProcessRequest"> & {
135
+ /**
136
+ * @generated from field: reallyme.crypto.v1.CryptoOperation operation = 1;
137
+ */
138
+ operation: CryptoOperation;
139
+ /**
140
+ * @generated from field: bytes request_payload = 2;
141
+ */
142
+ requestPayload: Uint8Array;
143
+ };
144
+ /**
145
+ * Describes the message reallyme.crypto.v1.CryptoServiceProcessRequest.
146
+ * Use `create(CryptoServiceProcessRequestSchema)` to create a new message.
147
+ */
148
+ export declare const CryptoServiceProcessRequestSchema: GenMessage<CryptoServiceProcessRequest>;
149
+ /**
150
+ * CryptoServiceProcessResponse retains the result/error envelope verbatim so Connect
151
+ * transports do not reinterpret crypto failures as backend exception text.
152
+ *
153
+ * @generated from message reallyme.crypto.v1.CryptoServiceProcessResponse
154
+ */
155
+ export type CryptoServiceProcessResponse = Message<"reallyme.crypto.v1.CryptoServiceProcessResponse"> & {
156
+ /**
157
+ * @generated from field: reallyme.crypto.v1.CryptoProtoResultEnvelope result = 1;
158
+ */
159
+ result?: CryptoProtoResultEnvelope | undefined;
160
+ };
161
+ /**
162
+ * Describes the message reallyme.crypto.v1.CryptoServiceProcessResponse.
163
+ * Use `create(CryptoServiceProcessResponseSchema)` to create a new message.
164
+ */
165
+ export declare const CryptoServiceProcessResponseSchema: GenMessage<CryptoServiceProcessResponse>;
105
166
  /**
106
167
  * CryptoAlgorithmIdentifier is a oneof wrapper for protocol messages that need
107
168
  * to carry a typed algorithm choice without using free-form strings.
108
169
  *
109
- * @generated from message reallyme.crypto.v1.CryptoAlgorithmIdentifier
170
+ * @generated from message reallyme.crypto.v1.CryptoAlgorithmIdentifier
171
+ */
172
+ export type CryptoAlgorithmIdentifier = Message<"reallyme.crypto.v1.CryptoAlgorithmIdentifier"> & {
173
+ /**
174
+ * @generated from oneof reallyme.crypto.v1.CryptoAlgorithmIdentifier.algorithm
175
+ */
176
+ algorithm: {
177
+ /**
178
+ * @generated from field: reallyme.crypto.v1.SignatureAlgorithm signature = 1;
179
+ */
180
+ value: SignatureAlgorithm;
181
+ case: "signature";
182
+ } | {
183
+ /**
184
+ * @generated from field: reallyme.crypto.v1.KeyAgreementAlgorithm key_agreement = 2;
185
+ */
186
+ value: KeyAgreementAlgorithm;
187
+ case: "keyAgreement";
188
+ } | {
189
+ /**
190
+ * @generated from field: reallyme.crypto.v1.KemAlgorithm kem = 3;
191
+ */
192
+ value: KemAlgorithm;
193
+ case: "kem";
194
+ } | {
195
+ /**
196
+ * @generated from field: reallyme.crypto.v1.HpkeSuite hpke = 4;
197
+ */
198
+ value: HpkeSuite;
199
+ case: "hpke";
200
+ } | {
201
+ /**
202
+ * @generated from field: reallyme.crypto.v1.AeadAlgorithm aead = 5;
203
+ */
204
+ value: AeadAlgorithm;
205
+ case: "aead";
206
+ } | {
207
+ /**
208
+ * @generated from field: reallyme.crypto.v1.HashAlgorithm hash = 6;
209
+ */
210
+ value: HashAlgorithm;
211
+ case: "hash";
212
+ } | {
213
+ /**
214
+ * @generated from field: reallyme.crypto.v1.MacAlgorithm mac = 7;
215
+ */
216
+ value: MacAlgorithm;
217
+ case: "mac";
218
+ } | {
219
+ /**
220
+ * @generated from field: reallyme.crypto.v1.KdfAlgorithm kdf = 8;
221
+ */
222
+ value: KdfAlgorithm;
223
+ case: "kdf";
224
+ } | {
225
+ /**
226
+ * @generated from field: reallyme.crypto.v1.KeyWrapAlgorithm key_wrap = 9;
227
+ */
228
+ value: KeyWrapAlgorithm;
229
+ case: "keyWrap";
230
+ } | {
231
+ /**
232
+ * @generated from field: reallyme.crypto.v1.MulticodecKeyAlgorithm multicodec_key = 10;
233
+ */
234
+ value: MulticodecKeyAlgorithm;
235
+ case: "multicodecKey";
236
+ } | {
237
+ case: undefined;
238
+ value?: undefined;
239
+ };
240
+ };
241
+ /**
242
+ * Describes the message reallyme.crypto.v1.CryptoAlgorithmIdentifier.
243
+ * Use `create(CryptoAlgorithmIdentifierSchema)` to create a new message.
244
+ */
245
+ export declare const CryptoAlgorithmIdentifierSchema: GenMessage<CryptoAlgorithmIdentifier>;
246
+ /**
247
+ * @generated from message reallyme.crypto.v1.CryptoHashRequest
248
+ */
249
+ export type CryptoHashRequest = Message<"reallyme.crypto.v1.CryptoHashRequest"> & {
250
+ /**
251
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
252
+ */
253
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
254
+ /**
255
+ * @generated from field: bytes input = 2;
256
+ */
257
+ input: Uint8Array;
258
+ };
259
+ /**
260
+ * Describes the message reallyme.crypto.v1.CryptoHashRequest.
261
+ * Use `create(CryptoHashRequestSchema)` to create a new message.
262
+ */
263
+ export declare const CryptoHashRequestSchema: GenMessage<CryptoHashRequest>;
264
+ /**
265
+ * @generated from message reallyme.crypto.v1.CryptoHashResult
266
+ */
267
+ export type CryptoHashResult = Message<"reallyme.crypto.v1.CryptoHashResult"> & {
268
+ /**
269
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
270
+ */
271
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
272
+ /**
273
+ * @generated from field: bytes digest = 2;
274
+ */
275
+ digest: Uint8Array;
276
+ };
277
+ /**
278
+ * Describes the message reallyme.crypto.v1.CryptoHashResult.
279
+ * Use `create(CryptoHashResultSchema)` to create a new message.
280
+ */
281
+ export declare const CryptoHashResultSchema: GenMessage<CryptoHashResult>;
282
+ /**
283
+ * @generated from message reallyme.crypto.v1.CryptoAeadSealRequest
284
+ */
285
+ export type CryptoAeadSealRequest = Message<"reallyme.crypto.v1.CryptoAeadSealRequest"> & {
286
+ /**
287
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
288
+ */
289
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
290
+ /**
291
+ * Secret-bearing AEAD key; callers must zeroize copies where platform
292
+ * semantics permit.
293
+ *
294
+ * @generated from field: bytes key = 2;
295
+ */
296
+ key: Uint8Array;
297
+ /**
298
+ * @generated from field: bytes nonce = 3;
299
+ */
300
+ nonce: Uint8Array;
301
+ /**
302
+ * @generated from field: bytes aad = 4;
303
+ */
304
+ aad: Uint8Array;
305
+ /**
306
+ * Plaintext may contain secret or PII-bearing application data.
307
+ *
308
+ * @generated from field: bytes plaintext = 5;
309
+ */
310
+ plaintext: Uint8Array;
311
+ };
312
+ /**
313
+ * Describes the message reallyme.crypto.v1.CryptoAeadSealRequest.
314
+ * Use `create(CryptoAeadSealRequestSchema)` to create a new message.
315
+ */
316
+ export declare const CryptoAeadSealRequestSchema: GenMessage<CryptoAeadSealRequest>;
317
+ /**
318
+ * @generated from message reallyme.crypto.v1.CryptoAeadSealResult
319
+ */
320
+ export type CryptoAeadSealResult = Message<"reallyme.crypto.v1.CryptoAeadSealResult"> & {
321
+ /**
322
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
323
+ */
324
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
325
+ /**
326
+ * @generated from field: bytes ciphertext_with_tag = 2;
327
+ */
328
+ ciphertextWithTag: Uint8Array;
329
+ };
330
+ /**
331
+ * Describes the message reallyme.crypto.v1.CryptoAeadSealResult.
332
+ * Use `create(CryptoAeadSealResultSchema)` to create a new message.
333
+ */
334
+ export declare const CryptoAeadSealResultSchema: GenMessage<CryptoAeadSealResult>;
335
+ /**
336
+ * @generated from message reallyme.crypto.v1.CryptoAeadOpenRequest
337
+ */
338
+ export type CryptoAeadOpenRequest = Message<"reallyme.crypto.v1.CryptoAeadOpenRequest"> & {
339
+ /**
340
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
341
+ */
342
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
343
+ /**
344
+ * Secret-bearing AEAD key; callers must zeroize copies where platform
345
+ * semantics permit.
346
+ *
347
+ * @generated from field: bytes key = 2;
348
+ */
349
+ key: Uint8Array;
350
+ /**
351
+ * @generated from field: bytes nonce = 3;
352
+ */
353
+ nonce: Uint8Array;
354
+ /**
355
+ * @generated from field: bytes aad = 4;
356
+ */
357
+ aad: Uint8Array;
358
+ /**
359
+ * @generated from field: bytes ciphertext_with_tag = 5;
360
+ */
361
+ ciphertextWithTag: Uint8Array;
362
+ };
363
+ /**
364
+ * Describes the message reallyme.crypto.v1.CryptoAeadOpenRequest.
365
+ * Use `create(CryptoAeadOpenRequestSchema)` to create a new message.
366
+ */
367
+ export declare const CryptoAeadOpenRequestSchema: GenMessage<CryptoAeadOpenRequest>;
368
+ /**
369
+ * @generated from message reallyme.crypto.v1.CryptoAeadOpenResult
370
+ */
371
+ export type CryptoAeadOpenResult = Message<"reallyme.crypto.v1.CryptoAeadOpenResult"> & {
372
+ /**
373
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
374
+ */
375
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
376
+ /**
377
+ * Decrypted plaintext may contain secret or PII-bearing application data.
378
+ *
379
+ * @generated from field: bytes plaintext = 2;
380
+ */
381
+ plaintext: Uint8Array;
382
+ };
383
+ /**
384
+ * Describes the message reallyme.crypto.v1.CryptoAeadOpenResult.
385
+ * Use `create(CryptoAeadOpenResultSchema)` to create a new message.
386
+ */
387
+ export declare const CryptoAeadOpenResultSchema: GenMessage<CryptoAeadOpenResult>;
388
+ /**
389
+ * @generated from message reallyme.crypto.v1.CryptoMacAuthenticateRequest
390
+ */
391
+ export type CryptoMacAuthenticateRequest = Message<"reallyme.crypto.v1.CryptoMacAuthenticateRequest"> & {
392
+ /**
393
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
394
+ */
395
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
396
+ /**
397
+ * Secret-bearing MAC key.
398
+ *
399
+ * @generated from field: bytes key = 2;
400
+ */
401
+ key: Uint8Array;
402
+ /**
403
+ * @generated from field: bytes message = 3;
404
+ */
405
+ message: Uint8Array;
406
+ };
407
+ /**
408
+ * Describes the message reallyme.crypto.v1.CryptoMacAuthenticateRequest.
409
+ * Use `create(CryptoMacAuthenticateRequestSchema)` to create a new message.
410
+ */
411
+ export declare const CryptoMacAuthenticateRequestSchema: GenMessage<CryptoMacAuthenticateRequest>;
412
+ /**
413
+ * @generated from message reallyme.crypto.v1.CryptoMacAuthenticateResult
414
+ */
415
+ export type CryptoMacAuthenticateResult = Message<"reallyme.crypto.v1.CryptoMacAuthenticateResult"> & {
416
+ /**
417
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
418
+ */
419
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
420
+ /**
421
+ * @generated from field: bytes tag = 2;
422
+ */
423
+ tag: Uint8Array;
424
+ };
425
+ /**
426
+ * Describes the message reallyme.crypto.v1.CryptoMacAuthenticateResult.
427
+ * Use `create(CryptoMacAuthenticateResultSchema)` to create a new message.
428
+ */
429
+ export declare const CryptoMacAuthenticateResultSchema: GenMessage<CryptoMacAuthenticateResult>;
430
+ /**
431
+ * @generated from message reallyme.crypto.v1.CryptoMacVerifyRequest
432
+ */
433
+ export type CryptoMacVerifyRequest = Message<"reallyme.crypto.v1.CryptoMacVerifyRequest"> & {
434
+ /**
435
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
436
+ */
437
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
438
+ /**
439
+ * @generated from field: bytes tag = 2;
440
+ */
441
+ tag: Uint8Array;
442
+ /**
443
+ * Secret-bearing MAC key.
444
+ *
445
+ * @generated from field: bytes key = 3;
446
+ */
447
+ key: Uint8Array;
448
+ /**
449
+ * @generated from field: bytes message = 4;
450
+ */
451
+ message: Uint8Array;
452
+ };
453
+ /**
454
+ * Describes the message reallyme.crypto.v1.CryptoMacVerifyRequest.
455
+ * Use `create(CryptoMacVerifyRequestSchema)` to create a new message.
456
+ */
457
+ export declare const CryptoMacVerifyRequestSchema: GenMessage<CryptoMacVerifyRequest>;
458
+ /**
459
+ * @generated from message reallyme.crypto.v1.CryptoKdfDeriveKeyRequest
460
+ */
461
+ export type CryptoKdfDeriveKeyRequest = Message<"reallyme.crypto.v1.CryptoKdfDeriveKeyRequest"> & {
462
+ /**
463
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
464
+ */
465
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
466
+ /**
467
+ * Secret-bearing password or input secret for the selected KDF.
468
+ *
469
+ * @generated from field: bytes password = 2;
470
+ */
471
+ password: Uint8Array;
472
+ /**
473
+ * Salt is commonly public but may be privacy-impacting in application
474
+ * contexts; treat it according to the protocol using this message.
475
+ *
476
+ * @generated from field: bytes salt = 3;
477
+ */
478
+ salt: Uint8Array;
479
+ /**
480
+ * @generated from field: uint32 iterations = 4;
481
+ */
482
+ iterations: number;
483
+ /**
484
+ * @generated from field: uint32 output_length = 5;
485
+ */
486
+ outputLength: number;
487
+ };
488
+ /**
489
+ * Describes the message reallyme.crypto.v1.CryptoKdfDeriveKeyRequest.
490
+ * Use `create(CryptoKdfDeriveKeyRequestSchema)` to create a new message.
491
+ */
492
+ export declare const CryptoKdfDeriveKeyRequestSchema: GenMessage<CryptoKdfDeriveKeyRequest>;
493
+ /**
494
+ * @generated from message reallyme.crypto.v1.CryptoKdfDeriveKeyResult
495
+ */
496
+ export type CryptoKdfDeriveKeyResult = Message<"reallyme.crypto.v1.CryptoKdfDeriveKeyResult"> & {
497
+ /**
498
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
499
+ */
500
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
501
+ /**
502
+ * Secret-bearing derived key material.
503
+ *
504
+ * @generated from field: bytes derived_key = 2;
505
+ */
506
+ derivedKey: Uint8Array;
507
+ };
508
+ /**
509
+ * Describes the message reallyme.crypto.v1.CryptoKdfDeriveKeyResult.
510
+ * Use `create(CryptoKdfDeriveKeyResultSchema)` to create a new message.
511
+ */
512
+ export declare const CryptoKdfDeriveKeyResultSchema: GenMessage<CryptoKdfDeriveKeyResult>;
513
+ /**
514
+ * @generated from message reallyme.crypto.v1.CryptoHkdfDeriveRequest
515
+ */
516
+ export type CryptoHkdfDeriveRequest = Message<"reallyme.crypto.v1.CryptoHkdfDeriveRequest"> & {
517
+ /**
518
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
519
+ */
520
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
521
+ /**
522
+ * Secret-bearing input key material.
523
+ *
524
+ * @generated from field: bytes input_key_material = 2;
525
+ */
526
+ inputKeyMaterial: Uint8Array;
527
+ /**
528
+ * Salt is commonly public but can be privacy-impacting in some protocols.
529
+ *
530
+ * @generated from field: bytes salt = 3;
531
+ */
532
+ salt: Uint8Array;
533
+ /**
534
+ * @generated from field: bytes info = 4;
535
+ */
536
+ info: Uint8Array;
537
+ /**
538
+ * @generated from field: uint32 output_length = 5;
539
+ */
540
+ outputLength: number;
541
+ };
542
+ /**
543
+ * Describes the message reallyme.crypto.v1.CryptoHkdfDeriveRequest.
544
+ * Use `create(CryptoHkdfDeriveRequestSchema)` to create a new message.
545
+ */
546
+ export declare const CryptoHkdfDeriveRequestSchema: GenMessage<CryptoHkdfDeriveRequest>;
547
+ /**
548
+ * @generated from message reallyme.crypto.v1.CryptoHkdfDeriveResult
549
+ */
550
+ export type CryptoHkdfDeriveResult = Message<"reallyme.crypto.v1.CryptoHkdfDeriveResult"> & {
551
+ /**
552
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
553
+ */
554
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
555
+ /**
556
+ * Secret-bearing HKDF output key material.
557
+ *
558
+ * @generated from field: bytes output_key_material = 2;
559
+ */
560
+ outputKeyMaterial: Uint8Array;
561
+ };
562
+ /**
563
+ * Describes the message reallyme.crypto.v1.CryptoHkdfDeriveResult.
564
+ * Use `create(CryptoHkdfDeriveResultSchema)` to create a new message.
565
+ */
566
+ export declare const CryptoHkdfDeriveResultSchema: GenMessage<CryptoHkdfDeriveResult>;
567
+ /**
568
+ * @generated from message reallyme.crypto.v1.CryptoJwaConcatKdfSha256DeriveRequest
569
+ */
570
+ export type CryptoJwaConcatKdfSha256DeriveRequest = Message<"reallyme.crypto.v1.CryptoJwaConcatKdfSha256DeriveRequest"> & {
571
+ /**
572
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
573
+ */
574
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
575
+ /**
576
+ * Secret-bearing shared secret input.
577
+ *
578
+ * @generated from field: bytes shared_secret = 2;
579
+ */
580
+ sharedSecret: Uint8Array;
581
+ /**
582
+ * @generated from field: bytes algorithm_id = 3;
583
+ */
584
+ algorithmId: Uint8Array;
585
+ /**
586
+ * @generated from field: bytes party_u_info = 4;
587
+ */
588
+ partyUInfo: Uint8Array;
589
+ /**
590
+ * @generated from field: bytes party_v_info = 5;
591
+ */
592
+ partyVInfo: Uint8Array;
593
+ /**
594
+ * @generated from field: uint32 output_length = 6;
595
+ */
596
+ outputLength: number;
597
+ };
598
+ /**
599
+ * Describes the message reallyme.crypto.v1.CryptoJwaConcatKdfSha256DeriveRequest.
600
+ * Use `create(CryptoJwaConcatKdfSha256DeriveRequestSchema)` to create a new message.
601
+ */
602
+ export declare const CryptoJwaConcatKdfSha256DeriveRequestSchema: GenMessage<CryptoJwaConcatKdfSha256DeriveRequest>;
603
+ /**
604
+ * @generated from message reallyme.crypto.v1.CryptoJwaConcatKdfSha256DeriveResult
605
+ */
606
+ export type CryptoJwaConcatKdfSha256DeriveResult = Message<"reallyme.crypto.v1.CryptoJwaConcatKdfSha256DeriveResult"> & {
607
+ /**
608
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
609
+ */
610
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
611
+ /**
612
+ * Secret-bearing derived key material.
613
+ *
614
+ * @generated from field: bytes derived_key = 2;
615
+ */
616
+ derivedKey: Uint8Array;
617
+ };
618
+ /**
619
+ * Describes the message reallyme.crypto.v1.CryptoJwaConcatKdfSha256DeriveResult.
620
+ * Use `create(CryptoJwaConcatKdfSha256DeriveResultSchema)` to create a new message.
621
+ */
622
+ export declare const CryptoJwaConcatKdfSha256DeriveResultSchema: GenMessage<CryptoJwaConcatKdfSha256DeriveResult>;
623
+ /**
624
+ * @generated from message reallyme.crypto.v1.CryptoKeyWrapRequest
625
+ */
626
+ export type CryptoKeyWrapRequest = Message<"reallyme.crypto.v1.CryptoKeyWrapRequest"> & {
627
+ /**
628
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
629
+ */
630
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
631
+ /**
632
+ * Secret-bearing key-encryption key.
633
+ *
634
+ * @generated from field: bytes wrapping_key = 2;
635
+ */
636
+ wrappingKey: Uint8Array;
637
+ /**
638
+ * Secret-bearing key material to wrap.
639
+ *
640
+ * @generated from field: bytes key_to_wrap = 3;
641
+ */
642
+ keyToWrap: Uint8Array;
643
+ };
644
+ /**
645
+ * Describes the message reallyme.crypto.v1.CryptoKeyWrapRequest.
646
+ * Use `create(CryptoKeyWrapRequestSchema)` to create a new message.
647
+ */
648
+ export declare const CryptoKeyWrapRequestSchema: GenMessage<CryptoKeyWrapRequest>;
649
+ /**
650
+ * @generated from message reallyme.crypto.v1.CryptoKeyWrapResult
651
+ */
652
+ export type CryptoKeyWrapResult = Message<"reallyme.crypto.v1.CryptoKeyWrapResult"> & {
653
+ /**
654
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
655
+ */
656
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
657
+ /**
658
+ * @generated from field: bytes wrapped_key = 2;
659
+ */
660
+ wrappedKey: Uint8Array;
661
+ };
662
+ /**
663
+ * Describes the message reallyme.crypto.v1.CryptoKeyWrapResult.
664
+ * Use `create(CryptoKeyWrapResultSchema)` to create a new message.
665
+ */
666
+ export declare const CryptoKeyWrapResultSchema: GenMessage<CryptoKeyWrapResult>;
667
+ /**
668
+ * @generated from message reallyme.crypto.v1.CryptoKeyUnwrapRequest
669
+ */
670
+ export type CryptoKeyUnwrapRequest = Message<"reallyme.crypto.v1.CryptoKeyUnwrapRequest"> & {
671
+ /**
672
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
673
+ */
674
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
675
+ /**
676
+ * Secret-bearing key-encryption key.
677
+ *
678
+ * @generated from field: bytes wrapping_key = 2;
679
+ */
680
+ wrappingKey: Uint8Array;
681
+ /**
682
+ * @generated from field: bytes wrapped_key = 3;
683
+ */
684
+ wrappedKey: Uint8Array;
685
+ };
686
+ /**
687
+ * Describes the message reallyme.crypto.v1.CryptoKeyUnwrapRequest.
688
+ * Use `create(CryptoKeyUnwrapRequestSchema)` to create a new message.
689
+ */
690
+ export declare const CryptoKeyUnwrapRequestSchema: GenMessage<CryptoKeyUnwrapRequest>;
691
+ /**
692
+ * @generated from message reallyme.crypto.v1.CryptoKeyUnwrapResult
693
+ */
694
+ export type CryptoKeyUnwrapResult = Message<"reallyme.crypto.v1.CryptoKeyUnwrapResult"> & {
695
+ /**
696
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
697
+ */
698
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
699
+ /**
700
+ * Secret-bearing unwrapped key material.
701
+ *
702
+ * @generated from field: bytes key = 2;
703
+ */
704
+ key: Uint8Array;
705
+ };
706
+ /**
707
+ * Describes the message reallyme.crypto.v1.CryptoKeyUnwrapResult.
708
+ * Use `create(CryptoKeyUnwrapResultSchema)` to create a new message.
709
+ */
710
+ export declare const CryptoKeyUnwrapResultSchema: GenMessage<CryptoKeyUnwrapResult>;
711
+ /**
712
+ * @generated from message reallyme.crypto.v1.CryptoSignatureGenerateKeyPairRequest
713
+ */
714
+ export type CryptoSignatureGenerateKeyPairRequest = Message<"reallyme.crypto.v1.CryptoSignatureGenerateKeyPairRequest"> & {
715
+ /**
716
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
717
+ */
718
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
719
+ };
720
+ /**
721
+ * Describes the message reallyme.crypto.v1.CryptoSignatureGenerateKeyPairRequest.
722
+ * Use `create(CryptoSignatureGenerateKeyPairRequestSchema)` to create a new message.
723
+ */
724
+ export declare const CryptoSignatureGenerateKeyPairRequestSchema: GenMessage<CryptoSignatureGenerateKeyPairRequest>;
725
+ /**
726
+ * @generated from message reallyme.crypto.v1.CryptoSignatureDeriveKeyPairRequest
727
+ */
728
+ export type CryptoSignatureDeriveKeyPairRequest = Message<"reallyme.crypto.v1.CryptoSignatureDeriveKeyPairRequest"> & {
729
+ /**
730
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
731
+ */
732
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
733
+ /**
734
+ * Secret-bearing seed or private key input, depending on the algorithm.
735
+ *
736
+ * @generated from field: bytes secret_key = 2;
737
+ */
738
+ secretKey: Uint8Array;
739
+ };
740
+ /**
741
+ * Describes the message reallyme.crypto.v1.CryptoSignatureDeriveKeyPairRequest.
742
+ * Use `create(CryptoSignatureDeriveKeyPairRequestSchema)` to create a new message.
743
+ */
744
+ export declare const CryptoSignatureDeriveKeyPairRequestSchema: GenMessage<CryptoSignatureDeriveKeyPairRequest>;
745
+ /**
746
+ * @generated from message reallyme.crypto.v1.CryptoSignatureSignRequest
747
+ */
748
+ export type CryptoSignatureSignRequest = Message<"reallyme.crypto.v1.CryptoSignatureSignRequest"> & {
749
+ /**
750
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
751
+ */
752
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
753
+ /**
754
+ * @generated from field: bytes message = 2;
755
+ */
756
+ message: Uint8Array;
757
+ /**
758
+ * Secret-bearing signing key material.
759
+ *
760
+ * @generated from field: bytes secret_key = 3;
761
+ */
762
+ secretKey: Uint8Array;
763
+ };
764
+ /**
765
+ * Describes the message reallyme.crypto.v1.CryptoSignatureSignRequest.
766
+ * Use `create(CryptoSignatureSignRequestSchema)` to create a new message.
767
+ */
768
+ export declare const CryptoSignatureSignRequestSchema: GenMessage<CryptoSignatureSignRequest>;
769
+ /**
770
+ * @generated from message reallyme.crypto.v1.CryptoSignatureSignResult
771
+ */
772
+ export type CryptoSignatureSignResult = Message<"reallyme.crypto.v1.CryptoSignatureSignResult"> & {
773
+ /**
774
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
775
+ */
776
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
777
+ /**
778
+ * @generated from field: bytes signature = 2;
779
+ */
780
+ signature: Uint8Array;
781
+ };
782
+ /**
783
+ * Describes the message reallyme.crypto.v1.CryptoSignatureSignResult.
784
+ * Use `create(CryptoSignatureSignResultSchema)` to create a new message.
785
+ */
786
+ export declare const CryptoSignatureSignResultSchema: GenMessage<CryptoSignatureSignResult>;
787
+ /**
788
+ * @generated from message reallyme.crypto.v1.CryptoBip340SchnorrSignRequest
789
+ */
790
+ export type CryptoBip340SchnorrSignRequest = Message<"reallyme.crypto.v1.CryptoBip340SchnorrSignRequest"> & {
791
+ /**
792
+ * @generated from field: bytes message32 = 1;
793
+ */
794
+ message32: Uint8Array;
795
+ /**
796
+ * Secret-bearing secp256k1 signing key material.
797
+ *
798
+ * @generated from field: bytes secret_key = 2;
799
+ */
800
+ secretKey: Uint8Array;
801
+ /**
802
+ * Secret-bearing auxiliary randomness used for deterministic nonce hardening.
803
+ *
804
+ * @generated from field: bytes aux_rand32 = 3;
805
+ */
806
+ auxRand32: Uint8Array;
807
+ };
808
+ /**
809
+ * Describes the message reallyme.crypto.v1.CryptoBip340SchnorrSignRequest.
810
+ * Use `create(CryptoBip340SchnorrSignRequestSchema)` to create a new message.
811
+ */
812
+ export declare const CryptoBip340SchnorrSignRequestSchema: GenMessage<CryptoBip340SchnorrSignRequest>;
813
+ /**
814
+ * @generated from message reallyme.crypto.v1.CryptoSignatureVerifyRequest
815
+ */
816
+ export type CryptoSignatureVerifyRequest = Message<"reallyme.crypto.v1.CryptoSignatureVerifyRequest"> & {
817
+ /**
818
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
819
+ */
820
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
821
+ /**
822
+ * @generated from field: bytes signature = 2;
823
+ */
824
+ signature: Uint8Array;
825
+ /**
826
+ * @generated from field: bytes message = 3;
827
+ */
828
+ message: Uint8Array;
829
+ /**
830
+ * @generated from field: bytes public_key = 4;
831
+ */
832
+ publicKey: Uint8Array;
833
+ };
834
+ /**
835
+ * Describes the message reallyme.crypto.v1.CryptoSignatureVerifyRequest.
836
+ * Use `create(CryptoSignatureVerifyRequestSchema)` to create a new message.
837
+ */
838
+ export declare const CryptoSignatureVerifyRequestSchema: GenMessage<CryptoSignatureVerifyRequest>;
839
+ /**
840
+ * @generated from message reallyme.crypto.v1.CryptoRsaVerifyRequest
841
+ */
842
+ export type CryptoRsaVerifyRequest = Message<"reallyme.crypto.v1.CryptoRsaVerifyRequest"> & {
843
+ /**
844
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
845
+ */
846
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
847
+ /**
848
+ * @generated from field: bytes signature = 2;
849
+ */
850
+ signature: Uint8Array;
851
+ /**
852
+ * @generated from field: bytes message = 3;
853
+ */
854
+ message: Uint8Array;
855
+ /**
856
+ * @generated from field: bytes public_key_der = 4;
857
+ */
858
+ publicKeyDer: Uint8Array;
859
+ /**
860
+ * @generated from field: reallyme.crypto.v1.RsaPublicKeyDerEncoding public_key_encoding = 5;
861
+ */
862
+ publicKeyEncoding: RsaPublicKeyDerEncoding;
863
+ };
864
+ /**
865
+ * Describes the message reallyme.crypto.v1.CryptoRsaVerifyRequest.
866
+ * Use `create(CryptoRsaVerifyRequestSchema)` to create a new message.
867
+ */
868
+ export declare const CryptoRsaVerifyRequestSchema: GenMessage<CryptoRsaVerifyRequest>;
869
+ /**
870
+ * @generated from message reallyme.crypto.v1.CryptoKeyAgreementDeriveSharedSecretRequest
871
+ */
872
+ export type CryptoKeyAgreementDeriveSharedSecretRequest = Message<"reallyme.crypto.v1.CryptoKeyAgreementDeriveSharedSecretRequest"> & {
873
+ /**
874
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
875
+ */
876
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
877
+ /**
878
+ * @generated from field: bytes public_key = 2;
879
+ */
880
+ publicKey: Uint8Array;
881
+ /**
882
+ * Secret-bearing private key material.
883
+ *
884
+ * @generated from field: bytes secret_key = 3;
885
+ */
886
+ secretKey: Uint8Array;
887
+ };
888
+ /**
889
+ * Describes the message reallyme.crypto.v1.CryptoKeyAgreementDeriveSharedSecretRequest.
890
+ * Use `create(CryptoKeyAgreementDeriveSharedSecretRequestSchema)` to create a new message.
891
+ */
892
+ export declare const CryptoKeyAgreementDeriveSharedSecretRequestSchema: GenMessage<CryptoKeyAgreementDeriveSharedSecretRequest>;
893
+ /**
894
+ * @generated from message reallyme.crypto.v1.CryptoKeyAgreementDeriveSharedSecretResult
895
+ */
896
+ export type CryptoKeyAgreementDeriveSharedSecretResult = Message<"reallyme.crypto.v1.CryptoKeyAgreementDeriveSharedSecretResult"> & {
897
+ /**
898
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
899
+ */
900
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
901
+ /**
902
+ * Secret-bearing shared secret; callers must feed it into a protocol KDF.
903
+ *
904
+ * @generated from field: bytes shared_secret = 2;
905
+ */
906
+ sharedSecret: Uint8Array;
907
+ };
908
+ /**
909
+ * Describes the message reallyme.crypto.v1.CryptoKeyAgreementDeriveSharedSecretResult.
910
+ * Use `create(CryptoKeyAgreementDeriveSharedSecretResultSchema)` to create a new message.
911
+ */
912
+ export declare const CryptoKeyAgreementDeriveSharedSecretResultSchema: GenMessage<CryptoKeyAgreementDeriveSharedSecretResult>;
913
+ /**
914
+ * @generated from message reallyme.crypto.v1.CryptoKeyAgreementDeriveKeyPairRequest
915
+ */
916
+ export type CryptoKeyAgreementDeriveKeyPairRequest = Message<"reallyme.crypto.v1.CryptoKeyAgreementDeriveKeyPairRequest"> & {
917
+ /**
918
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
919
+ */
920
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
921
+ /**
922
+ * Secret-bearing seed or private key input, depending on the algorithm.
923
+ *
924
+ * @generated from field: bytes secret_key = 2;
925
+ */
926
+ secretKey: Uint8Array;
927
+ };
928
+ /**
929
+ * Describes the message reallyme.crypto.v1.CryptoKeyAgreementDeriveKeyPairRequest.
930
+ * Use `create(CryptoKeyAgreementDeriveKeyPairRequestSchema)` to create a new message.
931
+ */
932
+ export declare const CryptoKeyAgreementDeriveKeyPairRequestSchema: GenMessage<CryptoKeyAgreementDeriveKeyPairRequest>;
933
+ /**
934
+ * @generated from message reallyme.crypto.v1.CryptoKemGenerateKeyPairRequest
935
+ */
936
+ export type CryptoKemGenerateKeyPairRequest = Message<"reallyme.crypto.v1.CryptoKemGenerateKeyPairRequest"> & {
937
+ /**
938
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
939
+ */
940
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
941
+ };
942
+ /**
943
+ * Describes the message reallyme.crypto.v1.CryptoKemGenerateKeyPairRequest.
944
+ * Use `create(CryptoKemGenerateKeyPairRequestSchema)` to create a new message.
945
+ */
946
+ export declare const CryptoKemGenerateKeyPairRequestSchema: GenMessage<CryptoKemGenerateKeyPairRequest>;
947
+ /**
948
+ * @generated from message reallyme.crypto.v1.CryptoKemEncapsulateRequest
949
+ */
950
+ export type CryptoKemEncapsulateRequest = Message<"reallyme.crypto.v1.CryptoKemEncapsulateRequest"> & {
951
+ /**
952
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
953
+ */
954
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
955
+ /**
956
+ * @generated from field: bytes public_key = 2;
957
+ */
958
+ publicKey: Uint8Array;
959
+ };
960
+ /**
961
+ * Describes the message reallyme.crypto.v1.CryptoKemEncapsulateRequest.
962
+ * Use `create(CryptoKemEncapsulateRequestSchema)` to create a new message.
963
+ */
964
+ export declare const CryptoKemEncapsulateRequestSchema: GenMessage<CryptoKemEncapsulateRequest>;
965
+ /**
966
+ * @generated from message reallyme.crypto.v1.CryptoKemDecapsulateRequest
967
+ */
968
+ export type CryptoKemDecapsulateRequest = Message<"reallyme.crypto.v1.CryptoKemDecapsulateRequest"> & {
969
+ /**
970
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
971
+ */
972
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
973
+ /**
974
+ * @generated from field: bytes ciphertext = 2;
975
+ */
976
+ ciphertext: Uint8Array;
977
+ /**
978
+ * Secret-bearing KEM private key material.
979
+ *
980
+ * @generated from field: bytes secret_key = 3;
981
+ */
982
+ secretKey: Uint8Array;
983
+ };
984
+ /**
985
+ * Describes the message reallyme.crypto.v1.CryptoKemDecapsulateRequest.
986
+ * Use `create(CryptoKemDecapsulateRequestSchema)` to create a new message.
987
+ */
988
+ export declare const CryptoKemDecapsulateRequestSchema: GenMessage<CryptoKemDecapsulateRequest>;
989
+ /**
990
+ * @generated from message reallyme.crypto.v1.CryptoKemDecapsulateResult
991
+ */
992
+ export type CryptoKemDecapsulateResult = Message<"reallyme.crypto.v1.CryptoKemDecapsulateResult"> & {
993
+ /**
994
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
995
+ */
996
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
997
+ /**
998
+ * Secret-bearing KEM shared secret.
999
+ *
1000
+ * @generated from field: bytes shared_secret = 2;
1001
+ */
1002
+ sharedSecret: Uint8Array;
1003
+ };
1004
+ /**
1005
+ * Describes the message reallyme.crypto.v1.CryptoKemDecapsulateResult.
1006
+ * Use `create(CryptoKemDecapsulateResultSchema)` to create a new message.
1007
+ */
1008
+ export declare const CryptoKemDecapsulateResultSchema: GenMessage<CryptoKemDecapsulateResult>;
1009
+ /**
1010
+ * @generated from message reallyme.crypto.v1.CryptoHpkeSealRequest
1011
+ */
1012
+ export type CryptoHpkeSealRequest = Message<"reallyme.crypto.v1.CryptoHpkeSealRequest"> & {
1013
+ /**
1014
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
1015
+ */
1016
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
1017
+ /**
1018
+ * @generated from field: bytes recipient_public_key = 2;
1019
+ */
1020
+ recipientPublicKey: Uint8Array;
1021
+ /**
1022
+ * @generated from field: bytes info = 3;
1023
+ */
1024
+ info: Uint8Array;
1025
+ /**
1026
+ * @generated from field: bytes aad = 4;
1027
+ */
1028
+ aad: Uint8Array;
1029
+ /**
1030
+ * Plaintext may contain secret or PII-bearing application data.
1031
+ *
1032
+ * @generated from field: bytes plaintext = 5;
1033
+ */
1034
+ plaintext: Uint8Array;
1035
+ };
1036
+ /**
1037
+ * Describes the message reallyme.crypto.v1.CryptoHpkeSealRequest.
1038
+ * Use `create(CryptoHpkeSealRequestSchema)` to create a new message.
1039
+ */
1040
+ export declare const CryptoHpkeSealRequestSchema: GenMessage<CryptoHpkeSealRequest>;
1041
+ /**
1042
+ * @generated from message reallyme.crypto.v1.CryptoHpkeOpenRequest
1043
+ */
1044
+ export type CryptoHpkeOpenRequest = Message<"reallyme.crypto.v1.CryptoHpkeOpenRequest"> & {
1045
+ /**
1046
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
1047
+ */
1048
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
1049
+ /**
1050
+ * Secret-bearing HPKE recipient private key material.
1051
+ *
1052
+ * @generated from field: bytes recipient_secret_key = 2;
1053
+ */
1054
+ recipientSecretKey: Uint8Array;
1055
+ /**
1056
+ * @generated from field: bytes encapsulated_key = 3;
1057
+ */
1058
+ encapsulatedKey: Uint8Array;
1059
+ /**
1060
+ * @generated from field: bytes info = 4;
1061
+ */
1062
+ info: Uint8Array;
1063
+ /**
1064
+ * @generated from field: bytes aad = 5;
1065
+ */
1066
+ aad: Uint8Array;
1067
+ /**
1068
+ * @generated from field: bytes ciphertext = 6;
1069
+ */
1070
+ ciphertext: Uint8Array;
1071
+ };
1072
+ /**
1073
+ * Describes the message reallyme.crypto.v1.CryptoHpkeOpenRequest.
1074
+ * Use `create(CryptoHpkeOpenRequestSchema)` to create a new message.
1075
+ */
1076
+ export declare const CryptoHpkeOpenRequestSchema: GenMessage<CryptoHpkeOpenRequest>;
1077
+ /**
1078
+ * @generated from message reallyme.crypto.v1.CryptoHpkeOpenResult
1079
+ */
1080
+ export type CryptoHpkeOpenResult = Message<"reallyme.crypto.v1.CryptoHpkeOpenResult"> & {
1081
+ /**
1082
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
1083
+ */
1084
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
1085
+ /**
1086
+ * Decrypted plaintext may contain secret or PII-bearing application data.
1087
+ *
1088
+ * @generated from field: bytes plaintext = 2;
1089
+ */
1090
+ plaintext: Uint8Array;
1091
+ };
1092
+ /**
1093
+ * Describes the message reallyme.crypto.v1.CryptoHpkeOpenResult.
1094
+ * Use `create(CryptoHpkeOpenResultSchema)` to create a new message.
1095
+ */
1096
+ export declare const CryptoHpkeOpenResultSchema: GenMessage<CryptoHpkeOpenResult>;
1097
+ /**
1098
+ * CryptoKeyPair is the protobuf boundary envelope for generated or derived
1099
+ * keypairs. Secret-key bytes are included only for APIs whose public facade
1100
+ * already returns exportable secret-key material; non-exportable platform keys
1101
+ * must use a separate handle-specific protocol.
1102
+ *
1103
+ * @generated from message reallyme.crypto.v1.CryptoKeyPair
1104
+ */
1105
+ export type CryptoKeyPair = Message<"reallyme.crypto.v1.CryptoKeyPair"> & {
1106
+ /**
1107
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
1108
+ */
1109
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
1110
+ /**
1111
+ * @generated from field: bytes public_key = 2;
1112
+ */
1113
+ publicKey: Uint8Array;
1114
+ /**
1115
+ * Secret-bearing exportable private key material.
1116
+ *
1117
+ * @generated from field: bytes secret_key = 3;
1118
+ */
1119
+ secretKey: Uint8Array;
1120
+ };
1121
+ /**
1122
+ * Describes the message reallyme.crypto.v1.CryptoKeyPair.
1123
+ * Use `create(CryptoKeyPairSchema)` to create a new message.
1124
+ */
1125
+ export declare const CryptoKeyPairSchema: GenMessage<CryptoKeyPair>;
1126
+ /**
1127
+ * CryptoKemEncapsulation is the protobuf boundary envelope for KEM
1128
+ * encapsulation results. `shared_secret` is secret-bearing material; callers
1129
+ * must keep it in binary/protobuf channels and zeroize it when possible.
1130
+ *
1131
+ * @generated from message reallyme.crypto.v1.CryptoKemEncapsulation
110
1132
  */
111
- export type CryptoAlgorithmIdentifier = Message<"reallyme.crypto.v1.CryptoAlgorithmIdentifier"> & {
1133
+ export type CryptoKemEncapsulation = Message<"reallyme.crypto.v1.CryptoKemEncapsulation"> & {
112
1134
  /**
113
- * @generated from oneof reallyme.crypto.v1.CryptoAlgorithmIdentifier.algorithm
1135
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
114
1136
  */
115
- algorithm: {
116
- /**
117
- * @generated from field: reallyme.crypto.v1.SignatureAlgorithm signature = 1;
118
- */
119
- value: SignatureAlgorithm;
120
- case: "signature";
121
- } | {
122
- /**
123
- * @generated from field: reallyme.crypto.v1.KeyAgreementAlgorithm key_agreement = 2;
124
- */
125
- value: KeyAgreementAlgorithm;
126
- case: "keyAgreement";
127
- } | {
128
- /**
129
- * @generated from field: reallyme.crypto.v1.KemAlgorithm kem = 3;
130
- */
131
- value: KemAlgorithm;
132
- case: "kem";
133
- } | {
134
- /**
135
- * @generated from field: reallyme.crypto.v1.HpkeSuite hpke = 4;
136
- */
137
- value: HpkeSuite;
138
- case: "hpke";
139
- } | {
140
- /**
141
- * @generated from field: reallyme.crypto.v1.AeadAlgorithm aead = 5;
142
- */
143
- value: AeadAlgorithm;
144
- case: "aead";
145
- } | {
146
- /**
147
- * @generated from field: reallyme.crypto.v1.HashAlgorithm hash = 6;
148
- */
149
- value: HashAlgorithm;
150
- case: "hash";
151
- } | {
152
- /**
153
- * @generated from field: reallyme.crypto.v1.MacAlgorithm mac = 7;
154
- */
155
- value: MacAlgorithm;
156
- case: "mac";
157
- } | {
158
- /**
159
- * @generated from field: reallyme.crypto.v1.KdfAlgorithm kdf = 8;
160
- */
161
- value: KdfAlgorithm;
162
- case: "kdf";
163
- } | {
164
- /**
165
- * @generated from field: reallyme.crypto.v1.KeyWrapAlgorithm key_wrap = 9;
166
- */
167
- value: KeyWrapAlgorithm;
168
- case: "keyWrap";
169
- } | {
170
- /**
171
- * @generated from field: reallyme.crypto.v1.MulticodecKeyAlgorithm multicodec_key = 10;
172
- */
173
- value: MulticodecKeyAlgorithm;
174
- case: "multicodecKey";
175
- } | {
176
- case: undefined;
177
- value?: undefined;
178
- };
1137
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
1138
+ /**
1139
+ * @generated from field: bytes ciphertext = 2;
1140
+ */
1141
+ ciphertext: Uint8Array;
1142
+ /**
1143
+ * Secret-bearing KEM shared secret.
1144
+ *
1145
+ * @generated from field: bytes shared_secret = 3;
1146
+ */
1147
+ sharedSecret: Uint8Array;
179
1148
  };
180
1149
  /**
181
- * Describes the message reallyme.crypto.v1.CryptoAlgorithmIdentifier.
182
- * Use `create(CryptoAlgorithmIdentifierSchema)` to create a new message.
1150
+ * Describes the message reallyme.crypto.v1.CryptoKemEncapsulation.
1151
+ * Use `create(CryptoKemEncapsulationSchema)` to create a new message.
183
1152
  */
184
- export declare const CryptoAlgorithmIdentifierSchema: GenMessage<CryptoAlgorithmIdentifier>;
1153
+ export declare const CryptoKemEncapsulationSchema: GenMessage<CryptoKemEncapsulation>;
1154
+ /**
1155
+ * CryptoHpkeSealedMessage is the protobuf boundary envelope for HPKE Base-mode
1156
+ * sender output.
1157
+ *
1158
+ * @generated from message reallyme.crypto.v1.CryptoHpkeSealedMessage
1159
+ */
1160
+ export type CryptoHpkeSealedMessage = Message<"reallyme.crypto.v1.CryptoHpkeSealedMessage"> & {
1161
+ /**
1162
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
1163
+ */
1164
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
1165
+ /**
1166
+ * @generated from field: bytes encapsulated_key = 2;
1167
+ */
1168
+ encapsulatedKey: Uint8Array;
1169
+ /**
1170
+ * @generated from field: bytes ciphertext = 3;
1171
+ */
1172
+ ciphertext: Uint8Array;
1173
+ };
1174
+ /**
1175
+ * Describes the message reallyme.crypto.v1.CryptoHpkeSealedMessage.
1176
+ * Use `create(CryptoHpkeSealedMessageSchema)` to create a new message.
1177
+ */
1178
+ export declare const CryptoHpkeSealedMessageSchema: GenMessage<CryptoHpkeSealedMessage>;
1179
+ /**
1180
+ * CryptoVerificationResult is for protocol layers that need a stable,
1181
+ * serializable verification status. Ordinary facade calls should continue to
1182
+ * fail closed with typed errors.
1183
+ *
1184
+ * @generated from message reallyme.crypto.v1.CryptoVerificationResult
1185
+ */
1186
+ export type CryptoVerificationResult = Message<"reallyme.crypto.v1.CryptoVerificationResult"> & {
1187
+ /**
1188
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
1189
+ */
1190
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
1191
+ /**
1192
+ * @generated from field: reallyme.crypto.v1.CryptoVerificationStatus status = 2;
1193
+ */
1194
+ status: CryptoVerificationStatus;
1195
+ /**
1196
+ * @generated from field: reallyme.crypto.v1.CryptoError error = 3;
1197
+ */
1198
+ error?: CryptoError | undefined;
1199
+ };
1200
+ /**
1201
+ * Describes the message reallyme.crypto.v1.CryptoVerificationResult.
1202
+ * Use `create(CryptoVerificationResultSchema)` to create a new message.
1203
+ */
1204
+ export declare const CryptoVerificationResultSchema: GenMessage<CryptoVerificationResult>;
1205
+ /**
1206
+ * CryptoProviderCapability describes the package/provider posture for one
1207
+ * algorithm in one published lane. Provider names are non-secret identifiers
1208
+ * such as "CryptoKit", "BouncyCastle", or "ReallyMe Rust WASM".
1209
+ *
1210
+ * @generated from message reallyme.crypto.v1.CryptoProviderCapability
1211
+ */
1212
+ export type CryptoProviderCapability = Message<"reallyme.crypto.v1.CryptoProviderCapability"> & {
1213
+ /**
1214
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmIdentifier algorithm = 1;
1215
+ */
1216
+ algorithm?: CryptoAlgorithmIdentifier | undefined;
1217
+ /**
1218
+ * @generated from field: reallyme.crypto.v1.CryptoAlgorithmFamily family = 2;
1219
+ */
1220
+ family: CryptoAlgorithmFamily;
1221
+ /**
1222
+ * @generated from field: reallyme.crypto.v1.CryptoProviderSupportStatus status = 3;
1223
+ */
1224
+ status: CryptoProviderSupportStatus;
1225
+ /**
1226
+ * @generated from field: repeated string provider_names = 4;
1227
+ */
1228
+ providerNames: string[];
1229
+ /**
1230
+ * @generated from field: bool uses_rust = 5;
1231
+ */
1232
+ usesRust: boolean;
1233
+ };
1234
+ /**
1235
+ * Describes the message reallyme.crypto.v1.CryptoProviderCapability.
1236
+ * Use `create(CryptoProviderCapabilitySchema)` to create a new message.
1237
+ */
1238
+ export declare const CryptoProviderCapabilitySchema: GenMessage<CryptoProviderCapability>;
1239
+ /**
1240
+ * @generated from message reallyme.crypto.v1.CryptoProviderCapabilitySet
1241
+ */
1242
+ export type CryptoProviderCapabilitySet = Message<"reallyme.crypto.v1.CryptoProviderCapabilitySet"> & {
1243
+ /**
1244
+ * @generated from field: repeated reallyme.crypto.v1.CryptoProviderCapability capabilities = 1;
1245
+ */
1246
+ capabilities: CryptoProviderCapability[];
1247
+ };
1248
+ /**
1249
+ * Describes the message reallyme.crypto.v1.CryptoProviderCapabilitySet.
1250
+ * Use `create(CryptoProviderCapabilitySetSchema)` to create a new message.
1251
+ */
1252
+ export declare const CryptoProviderCapabilitySetSchema: GenMessage<CryptoProviderCapabilitySet>;
185
1253
  /**
186
1254
  * JsonWebKey carries a public JWK document at API/storage boundaries. The JSON
187
1255
  * member is the canonical JCS form used by the package vectors; private key
@@ -225,6 +1293,139 @@ export type JsonWebKeySet = Message<"reallyme.crypto.v1.JsonWebKeySet"> & {
225
1293
  * Use `create(JsonWebKeySetSchema)` to create a new message.
226
1294
  */
227
1295
  export declare const JsonWebKeySetSchema: GenMessage<JsonWebKeySet>;
1296
+ /**
1297
+ * CryptoProtoResultStatus marks whether a result-envelope payload contains an
1298
+ * operation-specific result protobuf or a structured CryptoError protobuf.
1299
+ *
1300
+ * @generated from enum reallyme.crypto.v1.CryptoProtoResultStatus
1301
+ */
1302
+ export declare enum CryptoProtoResultStatus {
1303
+ /**
1304
+ * @generated from enum value: CRYPTO_PROTO_RESULT_STATUS_UNSPECIFIED = 0;
1305
+ */
1306
+ UNSPECIFIED = 0,
1307
+ /**
1308
+ * @generated from enum value: CRYPTO_PROTO_RESULT_STATUS_RESULT = 1;
1309
+ */
1310
+ RESULT = 1,
1311
+ /**
1312
+ * @generated from enum value: CRYPTO_PROTO_RESULT_STATUS_CRYPTO_ERROR = 2;
1313
+ */
1314
+ CRYPTO_ERROR = 2
1315
+ }
1316
+ /**
1317
+ * Describes the enum reallyme.crypto.v1.CryptoProtoResultStatus.
1318
+ */
1319
+ export declare const CryptoProtoResultStatusSchema: GenEnum<CryptoProtoResultStatus>;
1320
+ /**
1321
+ * CryptoOperation is the stable dispatch identifier used by protobuf, Connect,
1322
+ * FFI, and package adapters. Values are append-only and intentionally grouped
1323
+ * by primitive family so a numeric id has one meaning across every lane.
1324
+ *
1325
+ * @generated from enum reallyme.crypto.v1.CryptoOperation
1326
+ */
1327
+ export declare enum CryptoOperation {
1328
+ /**
1329
+ * @generated from enum value: CRYPTO_OPERATION_UNSPECIFIED = 0;
1330
+ */
1331
+ UNSPECIFIED = 0,
1332
+ /**
1333
+ * @generated from enum value: CRYPTO_OPERATION_HASH = 1;
1334
+ */
1335
+ HASH = 1,
1336
+ /**
1337
+ * @generated from enum value: CRYPTO_OPERATION_AEAD_SEAL = 2;
1338
+ */
1339
+ AEAD_SEAL = 2,
1340
+ /**
1341
+ * @generated from enum value: CRYPTO_OPERATION_AEAD_OPEN = 3;
1342
+ */
1343
+ AEAD_OPEN = 3,
1344
+ /**
1345
+ * @generated from enum value: CRYPTO_OPERATION_MAC_AUTHENTICATE = 4;
1346
+ */
1347
+ MAC_AUTHENTICATE = 4,
1348
+ /**
1349
+ * @generated from enum value: CRYPTO_OPERATION_MAC_VERIFY = 5;
1350
+ */
1351
+ MAC_VERIFY = 5,
1352
+ /**
1353
+ * @generated from enum value: CRYPTO_OPERATION_SIGNATURE_GENERATE_KEY_PAIR = 10;
1354
+ */
1355
+ SIGNATURE_GENERATE_KEY_PAIR = 10,
1356
+ /**
1357
+ * @generated from enum value: CRYPTO_OPERATION_SIGNATURE_DERIVE_KEY_PAIR = 11;
1358
+ */
1359
+ SIGNATURE_DERIVE_KEY_PAIR = 11,
1360
+ /**
1361
+ * @generated from enum value: CRYPTO_OPERATION_SIGNATURE_SIGN = 12;
1362
+ */
1363
+ SIGNATURE_SIGN = 12,
1364
+ /**
1365
+ * @generated from enum value: CRYPTO_OPERATION_SIGNATURE_VERIFY = 13;
1366
+ */
1367
+ SIGNATURE_VERIFY = 13,
1368
+ /**
1369
+ * @generated from enum value: CRYPTO_OPERATION_BIP340_SCHNORR_SIGN = 14;
1370
+ */
1371
+ BIP340_SCHNORR_SIGN = 14,
1372
+ /**
1373
+ * @generated from enum value: CRYPTO_OPERATION_RSA_VERIFY = 15;
1374
+ */
1375
+ RSA_VERIFY = 15,
1376
+ /**
1377
+ * @generated from enum value: CRYPTO_OPERATION_KEY_AGREEMENT_DERIVE_SHARED_SECRET = 20;
1378
+ */
1379
+ KEY_AGREEMENT_DERIVE_SHARED_SECRET = 20,
1380
+ /**
1381
+ * @generated from enum value: CRYPTO_OPERATION_KEY_AGREEMENT_DERIVE_KEY_PAIR = 21;
1382
+ */
1383
+ KEY_AGREEMENT_DERIVE_KEY_PAIR = 21,
1384
+ /**
1385
+ * @generated from enum value: CRYPTO_OPERATION_KEM_GENERATE_KEY_PAIR = 30;
1386
+ */
1387
+ KEM_GENERATE_KEY_PAIR = 30,
1388
+ /**
1389
+ * @generated from enum value: CRYPTO_OPERATION_KEM_ENCAPSULATE = 31;
1390
+ */
1391
+ KEM_ENCAPSULATE = 31,
1392
+ /**
1393
+ * @generated from enum value: CRYPTO_OPERATION_KEM_DECAPSULATE = 32;
1394
+ */
1395
+ KEM_DECAPSULATE = 32,
1396
+ /**
1397
+ * @generated from enum value: CRYPTO_OPERATION_HKDF_DERIVE = 40;
1398
+ */
1399
+ HKDF_DERIVE = 40,
1400
+ /**
1401
+ * @generated from enum value: CRYPTO_OPERATION_KDF_DERIVE_KEY = 41;
1402
+ */
1403
+ KDF_DERIVE_KEY = 41,
1404
+ /**
1405
+ * @generated from enum value: CRYPTO_OPERATION_JWA_CONCAT_KDF_SHA256_DERIVE = 42;
1406
+ */
1407
+ JWA_CONCAT_KDF_SHA256_DERIVE = 42,
1408
+ /**
1409
+ * @generated from enum value: CRYPTO_OPERATION_KEY_WRAP = 50;
1410
+ */
1411
+ KEY_WRAP = 50,
1412
+ /**
1413
+ * @generated from enum value: CRYPTO_OPERATION_KEY_UNWRAP = 51;
1414
+ */
1415
+ KEY_UNWRAP = 51,
1416
+ /**
1417
+ * @generated from enum value: CRYPTO_OPERATION_HPKE_SEAL = 60;
1418
+ */
1419
+ HPKE_SEAL = 60,
1420
+ /**
1421
+ * @generated from enum value: CRYPTO_OPERATION_HPKE_OPEN = 61;
1422
+ */
1423
+ HPKE_OPEN = 61
1424
+ }
1425
+ /**
1426
+ * Describes the enum reallyme.crypto.v1.CryptoOperation.
1427
+ */
1428
+ export declare const CryptoOperationSchema: GenEnum<CryptoOperation>;
228
1429
  /**
229
1430
  * CryptoErrorReason is the component-owned reason-code enum for reallyme/crypto.
230
1431
  * Values are stable public boundary codes; internal Rust, Swift, Kotlin, and
@@ -333,7 +1534,19 @@ export declare enum CryptoErrorReason {
333
1534
  /**
334
1535
  * @generated from enum value: CRYPTO_ERROR_REASON_BACKEND_INTERNAL = 301;
335
1536
  */
336
- BACKEND_INTERNAL = 301
1537
+ BACKEND_INTERNAL = 301,
1538
+ /**
1539
+ * @generated from enum value: CRYPTO_ERROR_REASON_BACKEND_MALFORMED_PROTOBUF = 302;
1540
+ */
1541
+ BACKEND_MALFORMED_PROTOBUF = 302,
1542
+ /**
1543
+ * @generated from enum value: CRYPTO_ERROR_REASON_BACKEND_MALFORMED_JSON = 303;
1544
+ */
1545
+ BACKEND_MALFORMED_JSON = 303,
1546
+ /**
1547
+ * @generated from enum value: CRYPTO_ERROR_REASON_BACKEND_RESOURCE_LIMIT_EXCEEDED = 304;
1548
+ */
1549
+ BACKEND_RESOURCE_LIMIT_EXCEEDED = 304
337
1550
  }
338
1551
  /**
339
1552
  * Describes the enum reallyme.crypto.v1.CryptoErrorReason.
@@ -848,3 +2061,110 @@ export declare enum MulticodecKeyAlgorithm {
848
2061
  * Describes the enum reallyme.crypto.v1.MulticodecKeyAlgorithm.
849
2062
  */
850
2063
  export declare const MulticodecKeyAlgorithmSchema: GenEnum<MulticodecKeyAlgorithm>;
2064
+ /**
2065
+ * RsaPublicKeyDerEncoding identifies the accepted DER wrapper for RSA public
2066
+ * keys at verification boundaries.
2067
+ *
2068
+ * @generated from enum reallyme.crypto.v1.RsaPublicKeyDerEncoding
2069
+ */
2070
+ export declare enum RsaPublicKeyDerEncoding {
2071
+ /**
2072
+ * @generated from enum value: RSA_PUBLIC_KEY_DER_ENCODING_UNSPECIFIED = 0;
2073
+ */
2074
+ UNSPECIFIED = 0,
2075
+ /**
2076
+ * @generated from enum value: RSA_PUBLIC_KEY_DER_ENCODING_PKCS1 = 1;
2077
+ */
2078
+ PKCS1 = 1,
2079
+ /**
2080
+ * @generated from enum value: RSA_PUBLIC_KEY_DER_ENCODING_SPKI = 2;
2081
+ */
2082
+ SPKI = 2
2083
+ }
2084
+ /**
2085
+ * Describes the enum reallyme.crypto.v1.RsaPublicKeyDerEncoding.
2086
+ */
2087
+ export declare const RsaPublicKeyDerEncodingSchema: GenEnum<RsaPublicKeyDerEncoding>;
2088
+ /**
2089
+ * CryptoVerificationStatus avoids using a bare bool in protocol results where
2090
+ * "unset" and "false" need to remain distinguishable.
2091
+ *
2092
+ * @generated from enum reallyme.crypto.v1.CryptoVerificationStatus
2093
+ */
2094
+ export declare enum CryptoVerificationStatus {
2095
+ /**
2096
+ * @generated from enum value: CRYPTO_VERIFICATION_STATUS_UNSPECIFIED = 0;
2097
+ */
2098
+ UNSPECIFIED = 0,
2099
+ /**
2100
+ * @generated from enum value: CRYPTO_VERIFICATION_STATUS_VALID = 1;
2101
+ */
2102
+ VALID = 1,
2103
+ /**
2104
+ * Well-formed verification input was processed, but the MAC, signature,
2105
+ * proof, or comparison did not verify. Malformed input, unsupported
2106
+ * algorithms, provider failures, and backend failures use ERROR plus the
2107
+ * structured CryptoError field instead.
2108
+ *
2109
+ * @generated from enum value: CRYPTO_VERIFICATION_STATUS_INVALID = 2;
2110
+ */
2111
+ INVALID = 2,
2112
+ /**
2113
+ * @generated from enum value: CRYPTO_VERIFICATION_STATUS_ERROR = 3;
2114
+ */
2115
+ ERROR = 3
2116
+ }
2117
+ /**
2118
+ * Describes the enum reallyme.crypto.v1.CryptoVerificationStatus.
2119
+ */
2120
+ export declare const CryptoVerificationStatusSchema: GenEnum<CryptoVerificationStatus>;
2121
+ /**
2122
+ * CryptoProviderSupportStatus mirrors the release provider matrix at a stable
2123
+ * wire boundary without exposing backend exception text or dynamic logs.
2124
+ *
2125
+ * @generated from enum reallyme.crypto.v1.CryptoProviderSupportStatus
2126
+ */
2127
+ export declare enum CryptoProviderSupportStatus {
2128
+ /**
2129
+ * @generated from enum value: CRYPTO_PROVIDER_SUPPORT_STATUS_UNSPECIFIED = 0;
2130
+ */
2131
+ UNSPECIFIED = 0,
2132
+ /**
2133
+ * @generated from enum value: CRYPTO_PROVIDER_SUPPORT_STATUS_SUPPORTED = 1;
2134
+ */
2135
+ SUPPORTED = 1,
2136
+ /**
2137
+ * @generated from enum value: CRYPTO_PROVIDER_SUPPORT_STATUS_PROVIDER_AWARE = 2;
2138
+ */
2139
+ PROVIDER_AWARE = 2,
2140
+ /**
2141
+ * @generated from enum value: CRYPTO_PROVIDER_SUPPORT_STATUS_PARTIAL = 3;
2142
+ */
2143
+ PARTIAL = 3,
2144
+ /**
2145
+ * @generated from enum value: CRYPTO_PROVIDER_SUPPORT_STATUS_UNSUPPORTED = 4;
2146
+ */
2147
+ UNSUPPORTED = 4
2148
+ }
2149
+ /**
2150
+ * Describes the enum reallyme.crypto.v1.CryptoProviderSupportStatus.
2151
+ */
2152
+ export declare const CryptoProviderSupportStatusSchema: GenEnum<CryptoProviderSupportStatus>;
2153
+ /**
2154
+ * CryptoService is the transport schema for Connect-compatible adapters.
2155
+ * Implementations must apply the same provider policy and size limits as the
2156
+ * local process-proto and FFI lanes; the service definition does not authorize
2157
+ * fallback to a different provider.
2158
+ *
2159
+ * @generated from service reallyme.crypto.v1.CryptoService
2160
+ */
2161
+ export declare const CryptoService: GenService<{
2162
+ /**
2163
+ * @generated from rpc reallyme.crypto.v1.CryptoService.Process
2164
+ */
2165
+ process: {
2166
+ methodKind: "unary";
2167
+ input: typeof CryptoServiceProcessRequestSchema;
2168
+ output: typeof CryptoServiceProcessResponseSchema;
2169
+ };
2170
+ }>;