@syncular/client-plugin-encryption 0.0.1-73 → 0.0.1-89

package/src/crypto-utils.ts

@@ -0,0 +1,125 @@
+const BASE64_CHARS =
+  'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
+const BASE64_LOOKUP = new Uint8Array(256);
+
+for (let i = 0; i < BASE64_CHARS.length; i++) {
+  BASE64_LOOKUP[BASE64_CHARS.charCodeAt(i)] = i;
+}
+
+const BASE64_PATTERN =
+  /^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$/;
+const BASE64_URL_PATTERN = /^[A-Za-z0-9_-]*$/;
+
+export function randomBytes(length: number): Uint8Array {
+  const cryptoObj = globalThis.crypto;
+  if (!cryptoObj?.getRandomValues) {
+    throw new Error(
+      'Secure random generator is not available (crypto.getRandomValues). ' +
+        'Ensure you are running in a secure context or polyfill crypto.'
+    );
+  }
+  const out = new Uint8Array(length);
+  cryptoObj.getRandomValues(out);
+  return out;
+}
+
+export function bytesToBase64(bytes: Uint8Array): string {
+  if (typeof Buffer !== 'undefined') {
+    return Buffer.from(bytes).toString('base64');
+  }
+
+  let result = '';
+  const len = bytes.length;
+  const remainder = len % 3;
+
+  for (let i = 0; i < len - remainder; i += 3) {
+    const a = bytes[i]!;
+    const b = bytes[i + 1]!;
+    const c = bytes[i + 2]!;
+    result +=
+      BASE64_CHARS.charAt((a >> 2) & 0x3f) +
+      BASE64_CHARS.charAt(((a << 4) | (b >> 4)) & 0x3f) +
+      BASE64_CHARS.charAt(((b << 2) | (c >> 6)) & 0x3f) +
+      BASE64_CHARS.charAt(c & 0x3f);
+  }
+
+  if (remainder === 1) {
+    const a = bytes[len - 1]!;
+    result +=
+      BASE64_CHARS.charAt((a >> 2) & 0x3f) +
+      BASE64_CHARS.charAt((a << 4) & 0x3f) +
+      '==';
+  } else if (remainder === 2) {
+    const a = bytes[len - 2]!;
+    const b = bytes[len - 1]!;
+    result +=
+      BASE64_CHARS.charAt((a >> 2) & 0x3f) +
+      BASE64_CHARS.charAt(((a << 4) | (b >> 4)) & 0x3f) +
+      BASE64_CHARS.charAt((b << 2) & 0x3f) +
+      '=';
+  }
+
+  return result;
+}
+
+export function base64ToBytes(base64: string): Uint8Array {
+  if (!BASE64_PATTERN.test(base64)) {
+    throw new Error('Invalid base64 string');
+  }
+
+  if (typeof Buffer !== 'undefined') {
+    return new Uint8Array(Buffer.from(base64, 'base64'));
+  }
+
+  const len = base64.length;
+  let padding = 0;
+  if (base64[len - 1] === '=') padding++;
+  if (base64[len - 2] === '=') padding++;
+
+  const outputLen = (len * 3) / 4 - padding;
+  const out = new Uint8Array(outputLen);
+
+  let outIdx = 0;
+  for (let i = 0; i < len; i += 4) {
+    const a = BASE64_LOOKUP[base64.charCodeAt(i)]!;
+    const b = BASE64_LOOKUP[base64.charCodeAt(i + 1)]!;
+    const c = BASE64_LOOKUP[base64.charCodeAt(i + 2)]!;
+    const d = BASE64_LOOKUP[base64.charCodeAt(i + 3)]!;
+
+    out[outIdx++] = (a << 2) | (b >> 4);
+    if (outIdx < outputLen) out[outIdx++] = ((b << 4) | (c >> 2)) & 0xff;
+    if (outIdx < outputLen) out[outIdx++] = ((c << 6) | d) & 0xff;
+  }
+
+  return out;
+}
+
+export function bytesToBase64Url(bytes: Uint8Array): string {
+  return bytesToBase64(bytes)
+    .replace(/\+/g, '-')
+    .replace(/\//g, '_')
+    .replace(/=+$/g, '');
+}
+
+export function base64UrlToBytes(base64url: string): Uint8Array {
+  if (!BASE64_URL_PATTERN.test(base64url)) {
+    throw new Error('Invalid base64url string');
+  }
+  const base64 = base64url.replace(/-/g, '+').replace(/_/g, '/');
+  const padded = base64 + '==='.slice((base64.length + 3) % 4);
+  return base64ToBytes(padded);
+}
+
+export function hexToBytes(hex: string): Uint8Array {
+  const normalized = hex.trim().toLowerCase();
+  if (normalized.length % 2 !== 0) {
+    throw new Error('Invalid hex string (length must be even)');
+  }
+  const out = new Uint8Array(normalized.length / 2);
+  for (let i = 0; i < out.length; i++) {
+    const byte = Number.parseInt(normalized.slice(i * 2, i * 2 + 2), 16);
+    if (!Number.isFinite(byte)) throw new Error('Invalid hex string');
+    out[i] = byte;
+  }
+  return out;
+}

package/src/index.ts

@@ -11,7 +11,15 @@ import type {
   SyncPushRequest,
   SyncPushResponse,
 } from '@syncular/core';
+import { isRecord } from '@syncular/core';
 import { type Kysely, sql } from 'kysely';
+import {
+  base64ToBytes,
+  base64UrlToBytes,
+  bytesToBase64Url,
+  hexToBytes,
+  randomBytes,
+} from './crypto-utils';
 
 // Re-export key sharing utilities
 export * from './key-sharing';
@@ -119,140 +127,6 @@ const DEFAULT_PREFIX = 'dgsync:e2ee:1:';
 const encoder = new TextEncoder();
 const decoder = new TextDecoder();
 
-// Base64 lookup tables for universal encoding/decoding (works in all runtimes)
-const BASE64_CHARS =
-  'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
-const BASE64_LOOKUP = new Uint8Array(256);
-for (let i = 0; i < BASE64_CHARS.length; i++) {
-  BASE64_LOOKUP[BASE64_CHARS.charCodeAt(i)] = i;
-}
-
-function isRecord(value: unknown): value is Record<string, unknown> {
-  return typeof value === 'object' && value !== null && !Array.isArray(value);
-}
-
-function randomBytes(length: number): Uint8Array {
-  const cryptoObj = globalThis.crypto;
-  if (!cryptoObj?.getRandomValues) {
-    throw new Error(
-      'Secure random generator is not available (crypto.getRandomValues). ' +
-        'Ensure you are running in a secure context or polyfill crypto.'
-    );
-  }
-  const out = new Uint8Array(length);
-  cryptoObj.getRandomValues(out);
-  return out;
-}
-
-/**
- * Universal base64 encoding that works in all JavaScript runtimes.
- * Uses Buffer for Node/Bun (fast), lookup table for others (RN-compatible).
- */
-function bytesToBase64(bytes: Uint8Array): string {
-  // Node/Bun fast path
-  if (typeof Buffer !== 'undefined') {
-    return Buffer.from(bytes).toString('base64');
-  }
-
-  // Universal fallback using lookup table (works in RN, browsers, etc.)
-  let result = '';
-  const len = bytes.length;
-  const remainder = len % 3;
-
-  // Process 3 bytes at a time
-  for (let i = 0; i < len - remainder; i += 3) {
-    const a = bytes[i]!;
-    const b = bytes[i + 1]!;
-    const c = bytes[i + 2]!;
-    result +=
-      BASE64_CHARS.charAt((a >> 2) & 0x3f) +
-      BASE64_CHARS.charAt(((a << 4) | (b >> 4)) & 0x3f) +
-      BASE64_CHARS.charAt(((b << 2) | (c >> 6)) & 0x3f) +
-      BASE64_CHARS.charAt(c & 0x3f);
-  }
-
-  // Handle remaining bytes
-  if (remainder === 1) {
-    const a = bytes[len - 1]!;
-    result +=
-      BASE64_CHARS.charAt((a >> 2) & 0x3f) +
-      BASE64_CHARS.charAt((a << 4) & 0x3f) +
-      '==';
-  } else if (remainder === 2) {
-    const a = bytes[len - 2]!;
-    const b = bytes[len - 1]!;
-    result +=
-      BASE64_CHARS.charAt((a >> 2) & 0x3f) +
-      BASE64_CHARS.charAt(((a << 4) | (b >> 4)) & 0x3f) +
-      BASE64_CHARS.charAt((b << 2) & 0x3f) +
-      '=';
-  }
-
-  return result;
-}
-
-/**
- * Universal base64 decoding that works in all JavaScript runtimes.
- * Uses Buffer for Node/Bun (fast), lookup table for others (RN-compatible).
- */
-function base64ToBytes(base64: string): Uint8Array {
-  // Node/Bun fast path
-  if (typeof Buffer !== 'undefined') {
-    return new Uint8Array(Buffer.from(base64, 'base64'));
-  }
-
-  // Universal fallback using lookup table (works in RN, browsers, etc.)
-  // Remove padding and calculate output length
-  const len = base64.length;
-  let padding = 0;
-  if (base64[len - 1] === '=') padding++;
-  if (base64[len - 2] === '=') padding++;
-
-  const outputLen = (len * 3) / 4 - padding;
-  const out = new Uint8Array(outputLen);
-
-  let outIdx = 0;
-  for (let i = 0; i < len; i += 4) {
-    const a = BASE64_LOOKUP[base64.charCodeAt(i)]!;
-    const b = BASE64_LOOKUP[base64.charCodeAt(i + 1)]!;
-    const c = BASE64_LOOKUP[base64.charCodeAt(i + 2)]!;
-    const d = BASE64_LOOKUP[base64.charCodeAt(i + 3)]!;
-
-    out[outIdx++] = (a << 2) | (b >> 4);
-    if (outIdx < outputLen) out[outIdx++] = ((b << 4) | (c >> 2)) & 0xff;
-    if (outIdx < outputLen) out[outIdx++] = ((c << 6) | d) & 0xff;
-  }
-
-  return out;
-}
-
-function bytesToBase64Url(bytes: Uint8Array): string {
-  return bytesToBase64(bytes)
-    .replace(/\+/g, '-')
-    .replace(/\//g, '_')
-    .replace(/=+$/g, '');
-}
-
-function base64UrlToBytes(base64url: string): Uint8Array {
-  const base64 = base64url.replace(/-/g, '+').replace(/_/g, '/');
-  const padded = base64 + '==='.slice((base64.length + 3) % 4);
-  return base64ToBytes(padded);
-}
-
-function hexToBytes(hex: string): Uint8Array {
-  const normalized = hex.trim().toLowerCase();
-  if (normalized.length % 2 !== 0) {
-    throw new Error('Invalid hex string (length must be even)');
-  }
-  const out = new Uint8Array(normalized.length / 2);
-  for (let i = 0; i < out.length; i++) {
-    const byte = Number.parseInt(normalized.slice(i * 2, i * 2 + 2), 16);
-    if (!Number.isFinite(byte)) throw new Error('Invalid hex string');
-    out[i] = byte;
-  }
-  return out;
-}
-
 function decodeKeyMaterial(key: Uint8Array | string): Uint8Array {
   if (key instanceof Uint8Array) return key;
   const trimmed = key.trim();
@@ -281,6 +155,11 @@ export function createStaticFieldEncryptionKeys(args: {
       const raw = args.keys[kid];
       if (!raw) throw new Error(`Missing encryption key for kid "${kid}"`);
       const decoded = decodeKeyMaterial(raw);
+      if (decoded.length !== 32) {
+        throw new Error(
+          `Encryption key for kid "${kid}" must be 32 bytes (got ${decoded.length})`
+        );
+      }
       cache.set(kid, decoded);
       return decoded;
     },
@@ -318,11 +197,15 @@ function decodeEnvelope(
   if (parts.length !== 3) return null;
   const [kid, nonceB64, ctB64] = parts;
   if (!kid || !nonceB64 || !ctB64) return null;
-  return {
-    kid,
-    nonce: base64UrlToBytes(nonceB64),
-    ciphertext: base64UrlToBytes(ctB64),
-  };
+  try {
+    return {
+      kid,
+      nonce: base64UrlToBytes(nonceB64),
+      ciphertext: base64UrlToBytes(ctB64),
+    };
+  } catch {
+    return null;
+  }
 }
 
 async function getKeyOrThrow(
@@ -427,9 +310,11 @@ async function decryptValue(args: {
 function buildRuleIndex(rules: FieldEncryptionRule[]): {
   byScopeTable: Map<string, RuleConfig>;
   tablesByScope: Map<string, Set<string>>;
+  scopesByTable: Map<string, Set<string>>;
 } {
   const byScopeTable = new Map<string, RuleConfig>();
   const tablesByScope = new Map<string, Set<string>>();
+  const scopesByTable = new Map<string, Set<string>>();
 
   for (const rule of rules) {
     const scope = rule.scope;
@@ -452,9 +337,13 @@ function buildRuleIndex(rules: FieldEncryptionRule[]): {
     }
 
     if (table !== '*') {
-      const set = tablesByScope.get(scope) ?? new Set<string>();
-      set.add(table);
-      tablesByScope.set(scope, set);
+      const tables = tablesByScope.get(scope) ?? new Set<string>();
+      tables.add(table);
+      tablesByScope.set(scope, tables);
+
+      const scopes = scopesByTable.get(table) ?? new Set<string>();
+      scopes.add(scope);
+      scopesByTable.set(table, scopes);
     }
   }
 
@@ -466,7 +355,7 @@ function buildRuleIndex(rules: FieldEncryptionRule[]): {
     });
   }
 
-  return { byScopeTable, tablesByScope };
+  return { byScopeTable, tablesByScope, scopesByTable };
 }
 
 function getRuleConfig(
@@ -479,6 +368,33 @@ function getRuleConfig(
   return wildcard ?? null;
 }
 
+function resolveScopeAndTable(args: {
+  index: ReturnType<typeof buildRuleIndex>;
+  identifier: string;
+}): { scope: string; table: string } {
+  const direct = getRuleConfig(args.index, {
+    scope: args.identifier,
+    table: args.identifier,
+  });
+  if (direct) {
+    return { scope: args.identifier, table: args.identifier };
+  }
+
+  const tablesForScope = args.index.tablesByScope.get(args.identifier);
+  if (tablesForScope && tablesForScope.size === 1) {
+    const table = Array.from(tablesForScope)[0]!;
+    return { scope: args.identifier, table };
+  }
+
+  const scopesForTable = args.index.scopesByTable.get(args.identifier);
+  if (scopesForTable && scopesForTable.size === 1) {
+    const scope = Array.from(scopesForTable)[0]!;
+    return { scope, table: args.identifier };
+  }
+
+  return { scope: args.identifier, table: args.identifier };
+}
+
 function inferSnapshotTable(args: {
   index: ReturnType<typeof buildRuleIndex>;
   scope: string;
@@ -858,6 +774,10 @@ export function createFieldEncryptionPlugin(
           if (!op.payload) return op;
 
           const payload = op.payload as Record<string, unknown>;
+          const target = resolveScopeAndTable({
+            index,
+            identifier: op.table,
+          });
           const nextPayload = await transformRecordFields({
             ctx,
             index,
@@ -865,8 +785,8 @@ export function createFieldEncryptionPlugin(
             prefix,
             decryptionErrorMode,
             mode: 'encrypt',
-            scope: op.table,
-            table: op.table,
+            scope: target.scope,
+            table: target.table,
             rowId: op.row_id,
             record: payload,
           });
@@ -896,6 +816,10 @@ export function createFieldEncryptionPlugin(
           if (!op) return r;
 
           if (!isRecord(r.server_row)) return r;
+          const target = resolveScopeAndTable({
+            index,
+            identifier: op.table,
+          });
 
           const nextRow = await transformRecordFields({
             ctx,
@@ -904,8 +828,8 @@ export function createFieldEncryptionPlugin(
             prefix,
             decryptionErrorMode,
             mode: 'decrypt',
-            scope: op.table,
-            table: op.table,
+            scope: target.scope,
+            table: target.table,
             rowId: op.row_id,
             record: r.server_row,
           });
@@ -979,6 +903,10 @@ export function createFieldEncryptionPlugin(
                 (commit.changes ?? []).map(async (change) => {
                   if (change.op !== 'upsert') return change;
                   if (!isRecord(change.row_json)) return change;
+                  const target = resolveScopeAndTable({
+                    index,
+                    identifier: change.table,
+                  });
 
                   const nextRow = await transformRecordFields({
                     ctx,
@@ -987,8 +915,8 @@ export function createFieldEncryptionPlugin(
                     prefix,
                     decryptionErrorMode,
                     mode: 'decrypt',
-                    scope: change.table,
-                    table: change.table,
+                    scope: target.scope,
+                    table: target.table,
                     rowId: change.row_id,
                     record: change.row_json,
                   });

package/src/key-sharing.ts

@@ -13,6 +13,12 @@ import { hkdf } from '@noble/hashes/hkdf.js';
 import { sha256 } from '@noble/hashes/sha2.js';
 import { entropyToMnemonic, mnemonicToEntropy } from '@scure/bip39';
 import { wordlist } from '@scure/bip39/wordlists/english.js';
+import { isRecord } from '@syncular/core';
+import {
+  base64UrlToBytes,
+  bytesToBase64Url,
+  randomBytes,
+} from './crypto-utils';
 
 const WORD_SET = new Set(wordlist);
 
@@ -20,122 +26,6 @@ const WORD_SET = new Set(wordlist);
 // Utility Functions
 // ============================================================================
 
-// Base64 lookup tables for universal encoding/decoding (works in all runtimes)
-const BASE64_CHARS =
-  'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
-const BASE64_LOOKUP = new Uint8Array(256);
-for (let i = 0; i < BASE64_CHARS.length; i++) {
-  BASE64_LOOKUP[BASE64_CHARS.charCodeAt(i)] = i;
-}
-
-function randomBytes(length: number): Uint8Array {
-  const cryptoObj = globalThis.crypto;
-  if (!cryptoObj?.getRandomValues) {
-    throw new Error(
-      'Secure random generator is not available (crypto.getRandomValues). ' +
-        'Ensure you are running in a secure context or polyfill crypto.'
-    );
-  }
-  const out = new Uint8Array(length);
-  cryptoObj.getRandomValues(out);
-  return out;
-}
-
-/**
- * Universal base64 encoding that works in all JavaScript runtimes.
- * Uses Buffer for Node/Bun (fast), lookup table for others (RN-compatible).
- */
-function bytesToBase64(bytes: Uint8Array): string {
-  // Node/Bun fast path
-  if (typeof Buffer !== 'undefined') {
-    return Buffer.from(bytes).toString('base64');
-  }
-
-  // Universal fallback using lookup table (works in RN, browsers, etc.)
-  let result = '';
-  const len = bytes.length;
-  const remainder = len % 3;
-
-  // Process 3 bytes at a time
-  for (let i = 0; i < len - remainder; i += 3) {
-    const a = bytes[i]!;
-    const b = bytes[i + 1]!;
-    const c = bytes[i + 2]!;
-    result +=
-      BASE64_CHARS.charAt((a >> 2) & 0x3f) +
-      BASE64_CHARS.charAt(((a << 4) | (b >> 4)) & 0x3f) +
-      BASE64_CHARS.charAt(((b << 2) | (c >> 6)) & 0x3f) +
-      BASE64_CHARS.charAt(c & 0x3f);
-  }
-
-  // Handle remaining bytes
-  if (remainder === 1) {
-    const a = bytes[len - 1]!;
-    result +=
-      BASE64_CHARS.charAt((a >> 2) & 0x3f) +
-      BASE64_CHARS.charAt((a << 4) & 0x3f) +
-      '==';
-  } else if (remainder === 2) {
-    const a = bytes[len - 2]!;
-    const b = bytes[len - 1]!;
-    result +=
-      BASE64_CHARS.charAt((a >> 2) & 0x3f) +
-      BASE64_CHARS.charAt(((a << 4) | (b >> 4)) & 0x3f) +
-      BASE64_CHARS.charAt((b << 2) & 0x3f) +
-      '=';
-  }
-
-  return result;
-}
-
-/**
- * Universal base64 decoding that works in all JavaScript runtimes.
- * Uses Buffer for Node/Bun (fast), lookup table for others (RN-compatible).
- */
-function base64ToBytes(base64: string): Uint8Array {
-  // Node/Bun fast path
-  if (typeof Buffer !== 'undefined') {
-    return new Uint8Array(Buffer.from(base64, 'base64'));
-  }
-
-  // Universal fallback using lookup table (works in RN, browsers, etc.)
-  // Remove padding and calculate output length
-  const len = base64.length;
-  let padding = 0;
-  if (base64[len - 1] === '=') padding++;
-  if (base64[len - 2] === '=') padding++;
-
-  const outputLen = (len * 3) / 4 - padding;
-  const out = new Uint8Array(outputLen);
-
-  let outIdx = 0;
-  for (let i = 0; i < len; i += 4) {
-    const a = BASE64_LOOKUP[base64.charCodeAt(i)]!;
-    const b = BASE64_LOOKUP[base64.charCodeAt(i + 1)]!;
-    const c = BASE64_LOOKUP[base64.charCodeAt(i + 2)]!;
-    const d = BASE64_LOOKUP[base64.charCodeAt(i + 3)]!;
-
-    out[outIdx++] = (a << 2) | (b >> 4);
-    if (outIdx < outputLen) out[outIdx++] = ((b << 4) | (c >> 2)) & 0xff;
-    if (outIdx < outputLen) out[outIdx++] = ((c << 6) | d) & 0xff;
-  }
-
-  return out;
-}
-
-function bytesToBase64Url(bytes: Uint8Array): string {
-  return bytesToBase64(bytes)
-    .replace(/\+/g, '-')
-    .replace(/\//g, '_')
-    .replace(/=+$/g, '');
-}
-
-function base64UrlToBytes(base64url: string): Uint8Array {
-  const base64 = base64url.replace(/-/g, '+').replace(/_/g, '/');
-  const padded = base64 + '==='.slice((base64.length + 3) % 4);
-  return base64ToBytes(padded);
-}
-
 function concatBytes(...arrays: Uint8Array[]): Uint8Array {
   const totalLength = arrays.reduce((sum, arr) => sum + arr.length, 0);
   const result = new Uint8Array(totalLength);
@@ -240,7 +130,11 @@ export function keyToBase64Url(key: Uint8Array): string {
  * Decode URL-safe base64 back to key bytes.
  */
 export function base64UrlToKey(encoded: string): Uint8Array {
-  return base64UrlToBytes(encoded);
+  const key = base64UrlToBytes(encoded);
+  if (key.length !== 32) {
+    throw new Error(`Invalid key length: expected 32 bytes, got ${key.length}`);
+  }
+  return key;
 }
 
 // ============================================================================
@@ -478,13 +372,13 @@ export function parseShareUrl(url: string): ParsedShare {
   }
 
   if (type === 'k') {
-    const key = base64UrlToBytes(encoded);
+    const key = base64UrlToKey(encoded);
     const kid = kidEncoded ? decodeURIComponent(kidEncoded) : undefined;
     return { type: 'symmetric', key, kid };
   }
 
   if (type === 'pk') {
-    const publicKey = base64UrlToBytes(encoded);
+    const publicKey = base64UrlToKey(encoded);
     return { type: 'publicKey', publicKey };
   }
 
@@ -506,8 +400,6 @@ interface PublicKeyJson {
   pk: string;
 }
 
-type KeyShareJson = SymmetricKeyJson | PublicKeyJson;
-
 /**
  * Encode a symmetric key as JSON.
  */
@@ -533,23 +425,45 @@ export function publicKeyToJson(publicKey: Uint8Array): PublicKeyJson {
  * Parse a JSON key share string.
  */
 export function parseKeyShareJson(json: string): ParsedShare {
-  const parsed = JSON.parse(json) as KeyShareJson;
-  const parsedType = parsed.type;
+  let parsedValue: unknown;
+  try {
+    parsedValue = JSON.parse(json);
+  } catch {
+    throw new Error('Invalid key share JSON');
+  }
+
+  if (!isRecord(parsedValue)) {
+    throw new Error('Invalid key share JSON');
+  }
+
+  const parsedType = parsedValue.type;
 
   if (parsedType === 'symmetric') {
+    const keyMaterial = parsedValue.k;
+    if (typeof keyMaterial !== 'string') {
+      throw new Error('Invalid symmetric key share JSON');
+    }
+    const kidValue = parsedValue.kid;
+    if (kidValue !== undefined && typeof kidValue !== 'string') {
+      throw new Error('Invalid symmetric key share JSON');
+    }
     return {
       type: 'symmetric',
-      key: base64UrlToBytes(parsed.k),
-      kid: parsed.kid,
+      key: base64UrlToKey(keyMaterial),
+      kid: kidValue,
     };
   }
 
   if (parsedType === 'publicKey') {
+    const publicKeyMaterial = parsedValue.pk;
+    if (typeof publicKeyMaterial !== 'string') {
+      throw new Error('Invalid public key share JSON');
+    }
     return {
       type: 'publicKey',
-      publicKey: base64UrlToBytes(parsed.pk),
+      publicKey: base64UrlToKey(publicKeyMaterial),
     };
   }
 
-  throw new Error(`Unknown key share type: ${parsedType}`);
+  throw new Error(`Unknown key share type: ${String(parsedType)}`);
 }