npm - @stvor/sdk - Versions diffs - 2.4.0 → 3.0.0 - Mend

@stvor/sdk 2.4.0 → 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (82) hide show

package/dist/facade/app.cjs +29 -0
package/dist/facade/app.d.ts +83 -76
package/dist/facade/app.js +330 -195
package/dist/facade/crypto-session.cjs +29 -0
package/dist/facade/crypto-session.d.ts +49 -54
package/dist/facade/crypto-session.js +117 -140
package/dist/facade/errors.cjs +29 -0
package/dist/facade/errors.d.ts +29 -12
package/dist/facade/errors.js +49 -8
package/dist/facade/index.cjs +29 -0
package/dist/facade/index.d.ts +27 -8
package/dist/facade/index.js +23 -3
package/dist/facade/local-storage-identity-store.cjs +29 -0
package/dist/facade/local-storage-identity-store.d.ts +50 -0
package/dist/facade/local-storage-identity-store.js +100 -0
package/dist/facade/metrics-attestation.cjs +29 -0
package/dist/facade/metrics-attestation.d.ts +209 -0
package/dist/facade/metrics-attestation.js +333 -0
package/dist/facade/metrics-engine.cjs +29 -0
package/dist/facade/metrics-engine.d.ts +91 -0
package/dist/facade/metrics-engine.js +170 -0
package/dist/facade/redis-replay-cache.cjs +29 -0
package/dist/facade/redis-replay-cache.d.ts +88 -0
package/dist/facade/redis-replay-cache.js +60 -0
package/dist/facade/relay-client.cjs +29 -0
package/dist/facade/relay-client.d.ts +22 -23
package/dist/facade/relay-client.js +107 -128
package/dist/facade/replay-manager.cjs +29 -0
package/dist/facade/replay-manager.d.ts +28 -35
package/dist/facade/replay-manager.js +102 -69
package/dist/facade/sodium-singleton.cjs +29 -0
package/dist/facade/tofu-manager.cjs +29 -0
package/dist/facade/tofu-manager.d.ts +38 -36
package/dist/facade/tofu-manager.js +109 -77
package/dist/facade/types.cjs +29 -0
package/dist/facade/types.d.ts +2 -0
package/dist/index.cjs +29 -0
package/dist/index.d.cts +6 -0
package/dist/index.d.ts +4 -0
package/dist/index.js +7 -0
package/dist/legacy.cjs +29 -0
package/dist/legacy.d.ts +31 -1
package/dist/legacy.js +90 -2
package/dist/ratchet/core-production.cjs +29 -0
package/dist/ratchet/core-production.d.ts +95 -0
package/dist/ratchet/core-production.js +286 -0
package/dist/ratchet/index.cjs +29 -0
package/dist/ratchet/index.d.ts +49 -78
package/dist/ratchet/index.js +313 -288
package/dist/ratchet/key-recovery.cjs +29 -0
package/dist/ratchet/replay-protection.cjs +29 -0
package/dist/ratchet/tofu.cjs +29 -0
package/dist/src/facade/app.cjs +29 -0
package/dist/src/facade/app.d.ts +105 -0
package/dist/src/facade/app.js +245 -0
package/dist/src/facade/crypto.cjs +29 -0
package/dist/src/facade/errors.cjs +29 -0
package/dist/src/facade/errors.d.ts +19 -0
package/dist/src/facade/errors.js +21 -0
package/dist/src/facade/index.cjs +29 -0
package/dist/src/facade/index.d.ts +8 -0
package/dist/src/facade/index.js +5 -0
package/dist/src/facade/relay-client.cjs +29 -0
package/dist/src/facade/relay-client.d.ts +36 -0
package/dist/src/facade/relay-client.js +154 -0
package/dist/src/facade/types.cjs +29 -0
package/dist/src/facade/types.d.ts +50 -0
package/dist/src/facade/types.js +4 -0
package/dist/src/index.cjs +29 -0
package/dist/src/index.d.ts +2 -0
package/dist/src/index.js +2 -0
package/dist/src/legacy.cjs +29 -0
package/dist/src/legacy.d.ts +0 -0
package/dist/src/legacy.js +1 -0
package/dist/src/mock-relay-server.cjs +29 -0
package/dist/src/mock-relay-server.d.ts +30 -0
package/dist/src/mock-relay-server.js +236 -0
package/package.json +37 -11
package/dist/ratchet/tests/ratchet.test.d.ts +0 -1
package/dist/ratchet/tests/ratchet.test.js +0 -160
/package/dist/{facade → src/facade}/crypto.d.ts +0 -0
/package/dist/{facade → src/facade}/crypto.js +0 -0

package/dist/ratchet/index.d.ts CHANGED Viewed

@@ -1,88 +1,59 @@
 /**
  * X3DH + Double Ratchet Implementation
- * This module handles session establishment and message encryption/decryption.
+ * Uses ONLY Node.js built-in crypto module — zero external dependencies
+ *
+ * Implements the Signal Protocol Double Ratchet with deferred initialization:
+ *   - First send  → "initiator" DH ratchet (DH with peer's SPK)
+ *   - First receive → "responder" DH ratchet (use own SPK, then fresh key)
+ * This allows either side to send first after symmetric X3DH key agreement.
+ *
+ * Provides:
+ *   - X3DH key agreement (symmetric variant, both sides derive same SK)
+ *   - Double Ratchet with DH ratchet + symmetric-key ratchet
+ *   - AES-256-GCM AEAD encryption with header as AAD
+ *   - ECDSA P-256 signing / verification
+ *   - HKDF-SHA256 key derivation
+ *   - HMAC-based chain-key ratchet (Signal-style)
  */
+export interface KeyPair {
+    publicKey: Buffer;
+    privateKey: Buffer;
+}
 export interface SessionState {
+    myIdentityPublicKey: Buffer;
+    peerIdentityPublicKey: Buffer;
+    rootKey: Buffer;
+    sendingChainKey: Buffer;
+    receivingChainKey: Buffer;
+    myRatchetKeyPair: KeyPair;
+    theirRatchetPublicKey: Buffer | null;
+    sendCount: number;
+    recvCount: number;
+    prevSendCount: number;
+    skippedKeys: Map<string, Buffer>;
+    isPostCompromise: boolean;
+    peerSPK: Buffer | null;
+    mySPKPair: KeyPair | null;
     identityKey: Uint8Array;
     signedPreKey: Uint8Array;
     oneTimePreKey: Uint8Array;
-    rootKey: Uint8Array;
-    sendingChainKey: Uint8Array;
-    receivingChainKey: Uint8Array;
-    skippedMessageKeys: Map<string, Uint8Array>;
-    isPostCompromise: boolean;
+    sendingChainMessageNumber: number;
+    receivingChainMessageNumber: number;
+    previousSendingChainLength: number;
 }
 export declare function initializeCrypto(): Promise<void>;
-/**
- * X3DH Session Establishment
- * @param identityKeyPair - The user's identity key pair
- * @param signedPreKeyPair - The user's signed pre-key pair
- * @param oneTimePreKey - A one-time pre-key
- * @param recipientIdentityKey - The recipient's identity key
- * @param recipientSignedPreKey - The recipient's signed pre-key
- * @param recipientOneTimePreKey - The recipient's one-time pre-key
- * @param recipientSPKSignature - Signature of SPK by recipient's identity key
- * @param protocolVersion - The protocol version
- * @param cipherSuite - The cipher suite
- * @returns SessionState
- */
-export declare function establishSession(identityKeyPair: {
-    publicKey: Uint8Array;
-    privateKey: Uint8Array;
-}, signedPreKeyPair: {
-    publicKey: Uint8Array;
-    privateKey: Uint8Array;
-}, oneTimePreKey: Uint8Array, recipientIdentityKey: Uint8Array, recipientSignedPreKey: Uint8Array, recipientOneTimePreKey: Uint8Array, recipientSPKSignature: Uint8Array, protocolVersion: string, cipherSuite: string): SessionState;
-/**
- * Double Ratchet Encryption
- * @param plaintext - The message to encrypt
- * @param session - The current session state
- * @returns { ciphertext: Uint8Array; header: { publicKey: Uint8Array; nonce: Uint8Array } }
- */
-export declare function encryptMessage(plaintext: string, session: SessionState): {
-    ciphertext: any;
-    header: {
-        publicKey: any;
-        nonce: any;
-    };
+export declare function generateKeyPair(): KeyPair;
+/** ECDSA-P256-SHA256 sign */
+export declare function ecSign(data: Buffer, kp: KeyPair): Buffer;
+/** ECDSA-P256-SHA256 verify */
+export declare function ecVerify(data: Buffer, sig: Buffer, pub: Buffer): boolean;
+export declare function x3dhSymmetric(myIK: KeyPair, mySPK: KeyPair, peerIK: Buffer, peerSPK: Buffer): Buffer;
+export declare function establishSession(myIK: KeyPair, mySPK: KeyPair, peerIK: Buffer, peerSPK: Buffer): SessionState;
+export declare function encryptMessage(session: SessionState, plaintext: Buffer): {
+    ciphertext: Buffer;
+    header: Buffer;
 };
-/**
- * Double Ratchet Decryption
- * @param ciphertext - The encrypted message
- * @param header - The message header containing the sender's public key and nonce
- * @param session - The current session state
- * @returns The decrypted plaintext
- */
-export declare function decryptMessage(ciphertext: Uint8Array, header: {
-    publicKey: Uint8Array;
-    nonce: Uint8Array;
-}, session: SessionState): string;
-export declare function addSkippedKey(session: SessionState, header: {
-    publicKey: Uint8Array;
-    nonce: Uint8Array;
-}, messageKey: Uint8Array): void;
-export declare function removeSkippedKey(session: SessionState, header: {
-    publicKey: Uint8Array;
-    nonce: Uint8Array;
-}): void;
-export declare function processSkippedKeys(session: SessionState): void;
-export declare function handleSimultaneousSend(session: SessionState, isInitiator: boolean): void;
-export declare function generateOPKPool(): void;
-export declare function consumeOPKAtomically(userId: string): Uint8Array;
-export declare function enforceDHRatchetPolicy(session: SessionState, remotePublicKey: Uint8Array, suspectedCompromise?: boolean): void;
-/**
- * Increment message counter and enforce policy.
- */
-export declare function incrementMessageCounter(session: SessionState, remotePublicKey: Uint8Array): void;
-/**
- * Force a DH ratchet step to enable PCS.
- * @param session - The current session state.
- * @param remotePublicKey - The remote party's ephemeral public key.
- */
-export declare function forceDHRatchet(session: SessionState, remotePublicKey: Uint8Array): void;
-/**
- * Trigger PCS recovery only after receiving a new DH public key.
- * @param session - The current session state.
- * @param remotePublicKey - The new DH public key from the remote party.
- */
-export declare function receiveNewDHPublicKey(session: SessionState, remotePublicKey: Uint8Array): void;
+export declare function decryptMessage(session: SessionState, ciphertext: Buffer, header: Buffer): Buffer;
+export declare function forceRatchet(session: SessionState): void;
+export declare function serializeSession(s: SessionState): Buffer;
+export declare function deserializeSession(data: Buffer): SessionState;