@twin.org/crypto 0.0.1-next.9 → 0.0.2-next.10

package/dist/cjs/index.cjs

@@ -2,21 +2,20 @@
 
 var base = require('@scure/base');
 var core = require('@twin.org/core');
-var ed25519 = require('@noble/curves/ed25519');
-var secp256k1 = require('@noble/curves/secp256k1');
-var blake2b = require('@noble/hashes/blake2b');
+var ed25519_js = require('@noble/curves/ed25519.js');
+var secp256k1_js = require('@noble/curves/secp256k1.js');
+var blake2_js = require('@noble/hashes/blake2.js');
 var bip32 = require('@scure/bip32');
 var slip10_js = require('micro-key-producer/slip10.js');
-var chacha = require('@noble/ciphers/chacha');
-var blake3 = require('@noble/hashes/blake3');
-var hmac = require('@noble/hashes/hmac');
-var sha1 = require('@noble/hashes/sha1');
-var sha256 = require('@noble/hashes/sha256');
-var sha512 = require('@noble/hashes/sha512');
-var pbkdf2 = require('@noble/hashes/pbkdf2');
-var sha3 = require('@noble/hashes/sha3');
+var chacha_js = require('@noble/ciphers/chacha.js');
+var blake3_js = require('@noble/hashes/blake3.js');
+var hmac_js = require('@noble/hashes/hmac.js');
+var legacy_js = require('@noble/hashes/legacy.js');
+var sha2_js = require('@noble/hashes/sha2.js');
+var pbkdf2_js = require('@noble/hashes/pbkdf2.js');
+var sha3_js = require('@noble/hashes/sha3.js');
 var bip39 = require('@scure/bip39');
-var english = require('@scure/bip39/wordlists/english');
+var english_js = require('@scure/bip39/wordlists/english.js');
 var otp = require('micro-key-producer/otp.js');
 
 function _interopNamespaceDefault(e) {
@@ -143,7 +142,7 @@ class Ed25519 {
                 actualSize: privateKey.length
             });
         }
-        return ed25519.ed25519.getPublicKey(privateKey);
+        return ed25519_js.ed25519.getPublicKey(privateKey);
     }
     /**
      * Sign the block with privateKey and returns a signature.
@@ -161,7 +160,7 @@ class Ed25519 {
                 actualSize: privateKey ? privateKey.length : 0
             });
         }
-        return ed25519.ed25519.sign(block, privateKey);
+        return ed25519_js.ed25519.sign(block, privateKey);
     }
     /**
      * Verify reports whether sig is a valid signature of block by publicKey.
@@ -182,12 +181,45 @@ class Ed25519 {
             });
         }
         try {
-            return ed25519.ed25519.verify(signature, block, publicKey);
+            return ed25519_js.ed25519.verify(signature, block, publicKey);
         }
         catch {
             return false;
         }
     }
+    /**
+     * Convert a private key in PKCS8 format.
+     * @param privateKey The private key to convert.
+     * @returns The private key in PKCS8 format.
+     */
+    static async privateKeyToPkcs8(privateKey) {
+        core.Guards.uint8Array(Ed25519._CLASS_NAME, "privateKey", privateKey);
+        if (privateKey.length !== Ed25519.PRIVATE_KEY_SIZE) {
+            throw new core.GeneralError(Ed25519._CLASS_NAME, "privateKeyLength", {
+                requiredSize: Ed25519.PRIVATE_KEY_SIZE,
+                actualSize: privateKey.length
+            });
+        }
+        // crypto.subtle.importKey does not support Ed25519 keys in raw format.
+        // We need to convert the key to PKCS8 format before importing.
+        // The PKCS8 format is the raw key prefixed with the ASN.1 sequence for an Ed25519 private key.
+        // The ASN.1 sequence is 48 46 02 01 00 30 05 06 03 2b 65 70 04 20 04 20 (0x302e020100300506032b657004220420)
+        const pkcs8Prefix = new Uint8Array([48, 46, 2, 1, 0, 48, 5, 6, 3, 43, 101, 112, 4, 34, 4, 32]);
+        const fullKey = core.Uint8ArrayHelper.concat([pkcs8Prefix, privateKey]);
+        return crypto.subtle.importKey("pkcs8", new Uint8Array(fullKey), "Ed25519", true, ["sign"]);
+    }
+    /**
+     * Convert a crypto key to raw private key.
+     * @param cryptoKey The crypto key to convert.
+     * @returns The raw private key.
+     */
+    static async pkcs8ToPrivateKey(cryptoKey) {
+        core.Guards.defined(Ed25519._CLASS_NAME, "cryptoKey", cryptoKey);
+        // crypto.subtle.exportKey does not support Ed25519 keys in raw format.
+        // so we export as PKCS8 and remove the ASN.1 sequence prefix.
+        const pkcs8Bytes = await crypto.subtle.exportKey("pkcs8", cryptoKey);
+        return new Uint8Array(pkcs8Bytes.slice(16));
+    }
 }
 
 // Copyright 2024 IOTA Stiftung.
@@ -223,7 +255,7 @@ class Secp256k1 {
                 actualSize: privateKey.length
             });
         }
-        return secp256k1.secp256k1.getPublicKey(privateKey);
+        return secp256k1_js.secp256k1.getPublicKey(privateKey);
     }
     /**
      * Sign the block with privateKey and returns a signature.
@@ -238,11 +270,11 @@ class Secp256k1 {
         if (privateKey.length !== Secp256k1.PRIVATE_KEY_SIZE) {
             throw new core.GeneralError(Secp256k1._CLASS_NAME, "privateKeyLength", {
                 requiredSize: Secp256k1.PRIVATE_KEY_SIZE,
-                actualSize: privateKey ? privateKey.length : 0
+                actualSize: privateKey.length
             });
         }
-        const res = secp256k1.secp256k1.sign(block, privateKey);
-        return res.toCompactRawBytes();
+        const res = secp256k1_js.secp256k1.sign(block, privateKey, { prehash: false });
+        return res;
     }
     /**
      * Verify reports whether sig is a valid signature of block by publicKey.
@@ -263,7 +295,7 @@ class Secp256k1 {
             });
         }
         try {
-            return secp256k1.secp256k1.verify(signature, block, publicKey);
+            return secp256k1_js.secp256k1.verify(signature, block, publicKey, { prehash: false });
         }
         catch {
             return false;
@@ -306,7 +338,7 @@ class Blake2b {
      * @param key Optional key for the hash.
      */
     constructor(outputLength, key) {
-        this._instance = blake2b.blake2b.create({
+        this._instance = blake2_js.blake2b.create({
             dkLen: outputLength,
             key
         });
@@ -451,7 +483,6 @@ const KeyType = {
 
 // Copyright 2024 IOTA Stiftung.
 // SPDX-License-Identifier: Apache-2.0.
-/* eslint-disable no-bitwise */
 /**
  * Class to help with slip0010 key derivation
  * https://github.com/satoshilabs/slips/blob/master/slip-0010.md.
@@ -592,6 +623,24 @@ class Bip44 {
     static basePath(coinType) {
         return `m/44'/${coinType}'`;
     }
+    /**
+     * Generate an address from the seed and parts.
+     * @param seed The account seed.
+     * @param keyType The key type.
+     * @param coinType The coin type.
+     * @param accountIndex The account index.
+     * @param isInternal Is this an internal address.
+     * @param addressIndex The address index.
+     * @returns The generated path and the associated keypair.
+     */
+    static address(seed, keyType, coinType, accountIndex, isInternal, addressIndex) {
+        const keyPair = Bip44.keyPair(seed, keyType, coinType, accountIndex, isInternal, addressIndex);
+        const addressData = Blake2b.sum256(keyPair.publicKey);
+        return {
+            address: core.Converter.bytesToHex(addressData, true),
+            ...keyPair
+        };
+    }
     /**
      * Generate a bech32 address from the seed and parts.
      * @param seed The account seed.
@@ -641,7 +690,7 @@ class ChaCha20Poly1305 {
     constructor(key, nonce, aad) {
         core.Guards.uint8Array(ChaCha20Poly1305._CLASS_NAME, "key", key);
         core.Guards.uint8Array(ChaCha20Poly1305._CLASS_NAME, "nonce", nonce);
-        this._instance = chacha.chacha20poly1305(key, nonce, aad);
+        this._instance = chacha_js.chacha20poly1305(key, nonce, aad);
     }
     /**
      * Encrypt the block.
@@ -665,9 +714,6 @@ class ChaCha20Poly1305 {
 
 // Copyright 2024 IOTA Stiftung.
 // SPDX-License-Identifier: Apache-2.0.
-/**
- * This is a TypeScript port of https://github.com/katzenpost/core/blob/master/crypto/extra25519/extra25519.go.
- */
 /**
  * Implementation of X25519.
  */
@@ -684,7 +730,7 @@ class X25519 {
      */
     static convertPrivateKeyToX25519(ed25519PrivateKey) {
         core.Guards.uint8Array(X25519._CLASS_NAME, "ed25519PrivateKey", ed25519PrivateKey);
-        return ed25519.edwardsToMontgomeryPriv(ed25519PrivateKey);
+        return ed25519_js.ed25519.utils.toMontgomerySecret(ed25519PrivateKey.slice(0, Ed25519.PRIVATE_KEY_SIZE));
     }
     /**
      * Convert Ed25519 public key to X25519 public key.
@@ -694,7 +740,7 @@ class X25519 {
      */
     static convertPublicKeyToX25519(ed25519PublicKey) {
         core.Guards.uint8Array(X25519._CLASS_NAME, "ed25519PublicKey", ed25519PublicKey);
-        return ed25519.edwardsToMontgomeryPub(ed25519PublicKey);
+        return ed25519_js.ed25519.utils.toMontgomery(ed25519PublicKey);
     }
 }
 
@@ -725,7 +771,7 @@ class Zip215 {
         if (publicKey.length !== Ed25519.PUBLIC_KEY_SIZE) {
             return false;
         }
-        return ed25519.ed25519.verify(sig, block, publicKey, { zip215: true });
+        return ed25519_js.ed25519.verify(sig, block, publicKey, { zip215: true });
     }
 }
 
@@ -760,7 +806,7 @@ class Blake3 {
      * @param key Optional key for the hash.
      */
     constructor(outputLength, key) {
-        this._instance = blake3.blake3.create({
+        this._instance = blake3_js.blake3.create({
             dkLen: outputLength,
             key
         });
@@ -826,7 +872,7 @@ class HmacSha1 {
      * @param key The key for the hmac.
      */
     constructor(key) {
-        this._instance = hmac.hmac.create(sha1.sha1, key);
+        this._instance = hmac_js.hmac.create(legacy_js.sha1, key);
     }
     /**
      * Perform Sum on the block.
@@ -892,7 +938,7 @@ class HmacSha256 {
         if (bits !== HmacSha256.SIZE_224 && bits !== HmacSha256.SIZE_256) {
             throw new core.GeneralError(HmacSha256._CLASS_NAME, "bitSize", { bitSize: bits });
         }
-        this._instance = hmac.hmac.create(bits === HmacSha256.SIZE_256 ? sha256.sha256 : sha256.sha224, key);
+        this._instance = hmac_js.hmac.create(bits === HmacSha256.SIZE_256 ? sha2_js.sha256 : sha2_js.sha224, key);
     }
     /**
      * Perform Sum 224 on the block.
@@ -986,16 +1032,16 @@ class HmacSha512 {
             throw new core.GeneralError(HmacSha512._CLASS_NAME, "bitSize", { bitSize: bits });
         }
         if (bits === HmacSha512.SIZE_224) {
-            this._instance = hmac.hmac.create(sha512.sha512_224, key);
+            this._instance = hmac_js.hmac.create(sha2_js.sha512_224, key);
         }
         else if (bits === HmacSha512.SIZE_256) {
-            this._instance = hmac.hmac.create(sha512.sha512_256, key);
+            this._instance = hmac_js.hmac.create(sha2_js.sha512_256, key);
         }
         else if (bits === HmacSha512.SIZE_384) {
-            this._instance = hmac.hmac.create(sha512.sha384, key);
+            this._instance = hmac_js.hmac.create(sha2_js.sha384, key);
         }
         else {
-            this._instance = hmac.hmac.create(sha512.sha512, key);
+            this._instance = hmac_js.hmac.create(sha2_js.sha512, key);
         }
     }
     /**
@@ -1093,7 +1139,7 @@ class Pbkdf2 {
         core.Guards.uint8Array(Pbkdf2._CLASS_NAME, "salt", salt);
         core.Guards.number(Pbkdf2._CLASS_NAME, "iterations", iterations);
         core.Guards.number(Pbkdf2._CLASS_NAME, "keyLength", keyLength);
-        return pbkdf2.pbkdf2(sha256.sha256, password, salt, { c: iterations, dkLen: keyLength });
+        return pbkdf2_js.pbkdf2(sha2_js.sha256, password, salt, { c: iterations, dkLen: keyLength });
     }
     /**
      * Derive a key from the parameters using Sha512.
@@ -1108,7 +1154,7 @@ class Pbkdf2 {
         core.Guards.uint8Array(Pbkdf2._CLASS_NAME, "salt", salt);
         core.Guards.number(Pbkdf2._CLASS_NAME, "iterations", iterations);
         core.Guards.number(Pbkdf2._CLASS_NAME, "keyLength", keyLength);
-        return pbkdf2.pbkdf2(sha512.sha512, password, salt, { c: iterations, dkLen: keyLength });
+        return pbkdf2_js.pbkdf2(sha2_js.sha512, password, salt, { c: iterations, dkLen: keyLength });
     }
 }
 
@@ -1133,7 +1179,7 @@ class Sha1 {
      * Create a new instance of Sha1.
      */
     constructor() {
-        this._instance = sha1.sha1.create();
+        this._instance = legacy_js.sha1.create();
     }
     /**
      * Perform Sum on the block.
@@ -1196,7 +1242,7 @@ class Sha256 {
         if (bits !== Sha256.SIZE_224 && bits !== Sha256.SIZE_256) {
             throw new core.GeneralError(Sha256._CLASS_NAME, "bitSize", { bitSize: bits });
         }
-        this._instance = bits === Sha256.SIZE_256 ? sha256.sha256.create() : sha256.sha224.create();
+        this._instance = bits === Sha256.SIZE_256 ? sha2_js.sha256.create() : sha2_js.sha224.create();
     }
     /**
      * Perform Sum 256 on the block.
@@ -1284,19 +1330,19 @@ class Sha3 {
         }
         if (bits === Sha3.SIZE_224) {
             // eslint-disable-next-line camelcase
-            this._instance = sha3.sha3_224.create();
+            this._instance = sha3_js.sha3_224.create();
         }
         else if (bits === Sha3.SIZE_256) {
             // eslint-disable-next-line camelcase
-            this._instance = sha3.sha3_256.create();
+            this._instance = sha3_js.sha3_256.create();
         }
         else if (bits === Sha3.SIZE_384) {
             // eslint-disable-next-line camelcase
-            this._instance = sha3.sha3_384.create();
+            this._instance = sha3_js.sha3_384.create();
         }
         else {
             // eslint-disable-next-line camelcase
-            this._instance = sha3.sha3_512.create();
+            this._instance = sha3_js.sha3_512.create();
         }
     }
     /**
@@ -1404,16 +1450,16 @@ class Sha512 {
             throw new core.GeneralError(Sha512._CLASS_NAME, "bitSize", { bitSize: bits });
         }
         if (bits === Sha512.SIZE_224) {
-            this._instance = sha512.sha512_224.create();
+            this._instance = sha2_js.sha512_224.create();
         }
         else if (bits === Sha512.SIZE_256) {
-            this._instance = sha512.sha512_256.create();
+            this._instance = sha2_js.sha512_256.create();
         }
         else if (bits === Sha512.SIZE_384) {
-            this._instance = sha512.sha384.create();
+            this._instance = sha2_js.sha384.create();
         }
         else {
-            this._instance = sha512.sha512.create();
+            this._instance = sha2_js.sha512.create();
         }
     }
     /**
@@ -1475,6 +1521,48 @@ class Sha512 {
     }
 }
 
+// Copyright 2024 IOTA Stiftung.
+// SPDX-License-Identifier: Apache-2.0.
+/**
+ * Helper class for working with PEM (Privacy-Enhanced Mail) formatted data.
+ */
+class PemHelper {
+    /**
+     * Runtime name for the class.
+     * @internal
+     */
+    static _CLASS_NAME = "PemHelper";
+    /**
+     * Strip the PEM content of its headers, footers, and newlines.
+     * @param pemContent The PEM content to strip.
+     * @returns The stripped PEM content in bas64 format.
+     */
+    static stripPemMarkers(pemContent) {
+        core.Guards.string(PemHelper._CLASS_NAME, "pemContent", pemContent);
+        return pemContent
+            .replace(/-----BEGIN.*-----/, "")
+            .replace(/-----END.*-----/, "")
+            .replace(/\n/g, "")
+            .trim();
+    }
+    /**
+     * Format the PEM content to have a specific line length.
+     * @param marker The marker for the PEM content, e.g. RSA PRIVATE KEY
+     * @param base64Content The base64 content to format.
+     * @param lineLength The length of each line in the PEM content, default is 64 characters.
+     * @returns The formatted PEM content.
+     */
+    static formatPem(marker, base64Content, lineLength = 64) {
+        core.Guards.stringValue(PemHelper._CLASS_NAME, "marker", marker);
+        core.Guards.stringBase64(PemHelper._CLASS_NAME, "base64Content", base64Content);
+        const lines = [];
+        for (let i = 0; i < base64Content.length; i += lineLength) {
+            lines.push(base64Content.slice(i, i + lineLength));
+        }
+        return [`-----BEGIN ${marker}-----`, ...lines, `-----END ${marker}-----`].join("\n");
+    }
+}
+
 // Copyright 2024 IOTA Stiftung.
 // SPDX-License-Identifier: Apache-2.0.
 /**
@@ -1493,7 +1581,7 @@ class Bip39 {
      * @returns The random mnemonic.
      * @throws Error if the length is not a multiple of 32.
      */
-    static randomMnemonic(strength = 256, words = english.wordlist) {
+    static randomMnemonic(strength = 256, words = english_js.wordlist) {
         core.Guards.number(Bip39._CLASS_NAME, "strength", strength);
         core.Guards.arrayValue(Bip39._CLASS_NAME, "words", words);
         if (strength % 32 !== 0) {
@@ -1508,7 +1596,7 @@ class Bip39 {
      * @returns The mnemonic.
      * @throws Error if the length of the entropy is not a multiple of 4, or is less than 16 or greater than 32.
      */
-    static entropyToMnemonic(entropy, words = english.wordlist) {
+    static entropyToMnemonic(entropy, words = english_js.wordlist) {
         core.Guards.uint8Array(Bip39._CLASS_NAME, "entropy", entropy);
         core.Guards.arrayValue(Bip39._CLASS_NAME, "words", words);
         if (entropy.length % 4 !== 0 || entropy.length < 16 || entropy.length > 32) {
@@ -1533,16 +1621,31 @@ class Bip39 {
      * @returns The entropy.
      * @throws Error if the number of words is not a multiple of 3.
      */
-    static mnemonicToEntropy(mnemonic, words = english.wordlist) {
+    static mnemonicToEntropy(mnemonic, words = english_js.wordlist) {
         core.Guards.stringValue(Bip39._CLASS_NAME, "mnemonic", mnemonic);
         core.Guards.arrayValue(Bip39._CLASS_NAME, "words", words);
         return bip39__namespace.mnemonicToEntropy(mnemonic, words);
     }
+    /**
+     * Validate the mnemonic.
+     * @param mnemonic The mnemonic to validate.
+     * @param wordCount The expected number of words in the mnemonic, defaults to 24.
+     * @param words The wordlist to use, defaults to the English wordlist.
+     * @returns True if the mnemonic is valid.
+     */
+    static validateMnemonic(mnemonic, wordCount = 24, words = english_js.wordlist) {
+        core.Guards.string(Bip39._CLASS_NAME, "mnemonic", mnemonic);
+        core.Guards.integer(Bip39._CLASS_NAME, "wordCount", wordCount);
+        const mnemonicSplit = mnemonic.split(/\s+/);
+        if (mnemonicSplit.length !== wordCount) {
+            return false;
+        }
+        return bip39__namespace.validateMnemonic(mnemonic, words);
+    }
 }
 
 // Copyright 2024 IOTA Stiftung.
 // SPDX-License-Identifier: Apache-2.0.
-/* eslint-disable no-bitwise */
 /**
  * Perform HOTP.
  * Implementation of https://datatracker.ietf.org/doc/html/rfc4226 .
@@ -1761,6 +1864,7 @@ exports.KeyType = KeyType;
 exports.PasswordGenerator = PasswordGenerator;
 exports.PasswordValidator = PasswordValidator;
 exports.Pbkdf2 = Pbkdf2;
+exports.PemHelper = PemHelper;
 exports.Secp256k1 = Secp256k1;
 exports.Sha1 = Sha1;
 exports.Sha256 = Sha256;