@unknownncat/curve25519-node 2.0.0 → 2.1.1

package/dist/cjs/wasm.js

@@ -0,0 +1,249 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ed25519 = exports.x25519 = void 0;
+exports.isAllZero32 = isAllZero32;
+exports.x25519CreatePrivateKeyObject = x25519CreatePrivateKeyObject;
+exports.x25519CreatePublicKeyObject = x25519CreatePublicKeyObject;
+exports.x25519PublicKeyFromPrivateKeyObject = x25519PublicKeyFromPrivateKeyObject;
+exports.x25519PublicKey = x25519PublicKey;
+exports.x25519SharedKeyFromKeyObjects = x25519SharedKeyFromKeyObjects;
+exports.x25519SharedKey = x25519SharedKey;
+exports.x25519SharedKeyStrictFromKeyObjects = x25519SharedKeyStrictFromKeyObjects;
+exports.x25519SharedKeyStrict = x25519SharedKeyStrict;
+exports.x25519GenerateKeyPair = x25519GenerateKeyPair;
+exports.ed25519CreatePrivateKeyObject = ed25519CreatePrivateKeyObject;
+exports.ed25519CreatePublicKeyObject = ed25519CreatePublicKeyObject;
+exports.ed25519PublicKeyFromPrivateKeyObject = ed25519PublicKeyFromPrivateKeyObject;
+exports.ed25519PublicKey = ed25519PublicKey;
+exports.ed25519GenerateKeyPair = ed25519GenerateKeyPair;
+exports.ed25519SignWithPrivateKey = ed25519SignWithPrivateKey;
+exports.ed25519Sign = ed25519Sign;
+exports.ed25519VerifyWithPublicKey = ed25519VerifyWithPublicKey;
+exports.ed25519Verify = ed25519Verify;
+exports.ed25519SignMessage = ed25519SignMessage;
+exports.ed25519OpenMessage = ed25519OpenMessage;
+const node_fs_1 = require("node:fs");
+const node_path_1 = require("node:path");
+const node_module_1 = require("node:module");
+const assert_js_1 = require("./internal/assert.js");
+const SELF_PACKAGE_NAME = "@unknownncat/curve25519-node";
+const requireBase = typeof __filename === "string"
+    ? __filename
+    : typeof process.argv[1] === "string" && (0, node_path_1.isAbsolute)(process.argv[1])
+        ? process.argv[1]
+        : (0, node_path_1.join)(process.cwd(), "package.json");
+const nodeRequire = (0, node_module_1.createRequire)(requireBase);
+let wasmModulePath;
+let wasmBindings;
+function resolveWasmModulePath() {
+    const candidates = [];
+    try {
+        const packageJsonPath = nodeRequire.resolve(`${SELF_PACKAGE_NAME}/package.json`);
+        candidates.push((0, node_path_1.join)((0, node_path_1.dirname)(packageJsonPath), "dist", "internal", "curve25519-wasm", "curve25519_wasm.js"));
+    }
+    catch {
+        // Fall back to local development paths below.
+    }
+    if (typeof __dirname === "string") {
+        candidates.push((0, node_path_1.join)(__dirname, "internal", "curve25519-wasm", "curve25519_wasm.js"));
+    }
+    candidates.push((0, node_path_1.join)(process.cwd(), "dist", "internal", "curve25519-wasm", "curve25519_wasm.js"));
+    candidates.push((0, node_path_1.join)(process.cwd(), "src", "internal", "curve25519-wasm", "curve25519_wasm.js"));
+    for (const candidate of candidates) {
+        if ((0, node_fs_1.existsSync)(candidate)) {
+            return candidate;
+        }
+    }
+    throw new Error("Unable to locate modern curve25519 WASM module. Run `npm run build` before using wasm API in local dev.");
+}
+function getWasmBindings() {
+    if (wasmBindings !== undefined) {
+        return wasmBindings;
+    }
+    if (wasmModulePath === undefined) {
+        wasmModulePath = resolveWasmModulePath();
+    }
+    // Lazy-load WASM bindings so node:crypto users avoid startup overhead.
+    wasmBindings = nodeRequire(wasmModulePath);
+    return wasmBindings;
+}
+function copyBytes32(bytes32, label) {
+    const out = new Uint8Array(32);
+    out.set(bytes32);
+    return (0, assert_js_1.asBytes32)(out, label);
+}
+function clampScalar(seed32) {
+    const out = new Uint8Array(32);
+    out.set(seed32);
+    out[0] = (out[0] ?? 0) & 248;
+    const last = out[31] ?? 0;
+    out[31] = (last & 127) | 64;
+    return (0, assert_js_1.asBytes32)(out, "clamped scalar");
+}
+function isRecord(value) {
+    return typeof value === "object" && value !== null;
+}
+function assertWasmKeyObject(value, expectedType, label) {
+    if (!isRecord(value) || value.type !== expectedType || !(value.bytes instanceof Uint8Array)) {
+        throw new TypeError(`${label} must be a ${expectedType} key object`);
+    }
+    (0, assert_js_1.assertBytes32)(value.bytes, `${label}.bytes`);
+}
+function isAllZero32(bytes32) {
+    (0, assert_js_1.assertBytes32)(bytes32, "bytes32");
+    let acc = 0;
+    for (let i = 0; i < 32; i += 1) {
+        acc |= bytes32[i] ?? 0;
+    }
+    return acc === 0;
+}
+function x25519CreatePrivateKeyObject(secretKey32) {
+    (0, assert_js_1.assertBytes32)(secretKey32, "secretKey32");
+    return Object.freeze({
+        type: "x25519-private",
+        bytes: copyBytes32(secretKey32, "x25519 private key object bytes"),
+    });
+}
+function x25519CreatePublicKeyObject(publicKey32) {
+    (0, assert_js_1.assertBytes32)(publicKey32, "publicKey32");
+    return Object.freeze({
+        type: "x25519-public",
+        bytes: copyBytes32(publicKey32, "x25519 public key object bytes"),
+    });
+}
+function x25519PublicKeyFromPrivateKeyObject(privateKey) {
+    assertWasmKeyObject(privateKey, "x25519-private", "privateKey");
+    return (0, assert_js_1.asBytes32)(getWasmBindings().x25519PublicKey(privateKey.bytes), "x25519 public key");
+}
+function x25519PublicKey(secretKey32) {
+    return x25519PublicKeyFromPrivateKeyObject(x25519CreatePrivateKeyObject(secretKey32));
+}
+function x25519SharedKeyFromKeyObjects(privateKey, publicKey) {
+    assertWasmKeyObject(privateKey, "x25519-private", "privateKey");
+    assertWasmKeyObject(publicKey, "x25519-public", "publicKey");
+    return (0, assert_js_1.asBytes32)(getWasmBindings().x25519SharedKey(privateKey.bytes, publicKey.bytes), "x25519 shared key");
+}
+function x25519SharedKey(secretKey32, publicKey32) {
+    const privateKey = x25519CreatePrivateKeyObject(secretKey32);
+    const publicKey = x25519CreatePublicKeyObject(publicKey32);
+    return x25519SharedKeyFromKeyObjects(privateKey, publicKey);
+}
+function x25519SharedKeyStrictFromKeyObjects(privateKey, publicKey) {
+    const shared = x25519SharedKeyFromKeyObjects(privateKey, publicKey);
+    if (isAllZero32(shared)) {
+        throw new Error("X25519 shared secret is all-zero; reject low-order/invalid peer public key in protocol flow.");
+    }
+    return shared;
+}
+function x25519SharedKeyStrict(secretKey32, publicKey32) {
+    const privateKey = x25519CreatePrivateKeyObject(secretKey32);
+    const publicKey = x25519CreatePublicKeyObject(publicKey32);
+    return x25519SharedKeyStrictFromKeyObjects(privateKey, publicKey);
+}
+function x25519GenerateKeyPair(seed32) {
+    (0, assert_js_1.assertBytes32)(seed32, "seed32");
+    const privateKey = clampScalar(seed32);
+    const publicKey32 = x25519PublicKey(privateKey);
+    return {
+        public: publicKey32,
+        private: privateKey,
+    };
+}
+function ed25519CreatePrivateKeyObject(secretSeed32) {
+    (0, assert_js_1.assertBytes32)(secretSeed32, "secretSeed32");
+    return Object.freeze({
+        type: "ed25519-private",
+        bytes: copyBytes32(secretSeed32, "ed25519 private key object bytes"),
+    });
+}
+function ed25519CreatePublicKeyObject(publicKey32) {
+    (0, assert_js_1.assertBytes32)(publicKey32, "publicKey32");
+    return Object.freeze({
+        type: "ed25519-public",
+        bytes: copyBytes32(publicKey32, "ed25519 public key object bytes"),
+    });
+}
+function ed25519PublicKeyFromPrivateKeyObject(privateKey) {
+    assertWasmKeyObject(privateKey, "ed25519-private", "privateKey");
+    return (0, assert_js_1.asBytes32)(getWasmBindings().ed25519PublicKey(privateKey.bytes), "ed25519 public key");
+}
+function ed25519PublicKey(secretSeed32) {
+    return ed25519PublicKeyFromPrivateKeyObject(ed25519CreatePrivateKeyObject(secretSeed32));
+}
+function ed25519GenerateKeyPair(seed32) {
+    (0, assert_js_1.assertBytes32)(seed32, "seed32");
+    return {
+        public: ed25519PublicKey(seed32),
+        private: seed32,
+    };
+}
+function ed25519SignWithPrivateKey(privateKey, msg) {
+    assertWasmKeyObject(privateKey, "ed25519-private", "privateKey");
+    (0, assert_js_1.assertUint8Array)(msg, "msg");
+    return (0, assert_js_1.asBytes64)(getWasmBindings().ed25519Sign(privateKey.bytes, msg), "ed25519 signature");
+}
+function ed25519Sign(secretSeed32, msg) {
+    return ed25519SignWithPrivateKey(ed25519CreatePrivateKeyObject(secretSeed32), msg);
+}
+function ed25519VerifyWithPublicKey(publicKey, msg, signature64) {
+    assertWasmKeyObject(publicKey, "ed25519-public", "publicKey");
+    (0, assert_js_1.assertUint8Array)(msg, "msg");
+    (0, assert_js_1.assertBytes64)(signature64, "signature64");
+    return getWasmBindings().ed25519Verify(publicKey.bytes, msg, signature64);
+}
+function ed25519Verify(publicKey32, msg, signature64) {
+    return ed25519VerifyWithPublicKey(ed25519CreatePublicKeyObject(publicKey32), msg, signature64);
+}
+function ed25519SignMessage(secretSeed32, msg) {
+    (0, assert_js_1.assertBytes32)(secretSeed32, "secretSeed32");
+    (0, assert_js_1.assertUint8Array)(msg, "msg");
+    const signature64 = ed25519Sign(secretSeed32, msg);
+    const signed = new Uint8Array(64 + msg.byteLength);
+    signed.set(signature64, 0);
+    signed.set(msg, 64);
+    return signed;
+}
+function ed25519OpenMessage(publicKey32, signedMsg) {
+    (0, assert_js_1.assertBytes32)(publicKey32, "publicKey32");
+    (0, assert_js_1.assertUint8Array)(signedMsg, "signedMsg");
+    if (signedMsg.byteLength < 64) {
+        return null;
+    }
+    const signature64 = (0, assert_js_1.asBytes64)(signedMsg.subarray(0, 64), "signedMsg signature");
+    const msg = signedMsg.subarray(64);
+    if (!ed25519Verify(publicKey32, msg, signature64)) {
+        return null;
+    }
+    return new Uint8Array(msg);
+}
+exports.x25519 = {
+    createPrivateKeyObject: x25519CreatePrivateKeyObject,
+    createPublicKeyObject: x25519CreatePublicKeyObject,
+    publicKeyFromPrivateKeyObject: x25519PublicKeyFromPrivateKeyObject,
+    publicKey: x25519PublicKey,
+    sharedKey: x25519SharedKey,
+    sharedKeyFromKeyObjects: x25519SharedKeyFromKeyObjects,
+    sharedKeyStrict: x25519SharedKeyStrict,
+    sharedKeyStrictFromKeyObjects: x25519SharedKeyStrictFromKeyObjects,
+    isAllZero32,
+    generateKeyPair: x25519GenerateKeyPair,
+};
+exports.ed25519 = {
+    createPrivateKeyObject: ed25519CreatePrivateKeyObject,
+    createPublicKeyObject: ed25519CreatePublicKeyObject,
+    publicKeyFromPrivateKeyObject: ed25519PublicKeyFromPrivateKeyObject,
+    publicKey: ed25519PublicKey,
+    generateKeyPair: ed25519GenerateKeyPair,
+    sign: ed25519Sign,
+    signWithPrivateKey: ed25519SignWithPrivateKey,
+    verify: ed25519Verify,
+    verifyWithPublicKey: ed25519VerifyWithPublicKey,
+    signMessage: ed25519SignMessage,
+    openMessage: ed25519OpenMessage,
+};
+const api = {
+    x25519: exports.x25519,
+    ed25519: exports.ed25519,
+};
+exports.default = api;
+//# sourceMappingURL=wasm.js.map

package/dist/cjs/wasm.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"wasm.js","sourceRoot":"","sources":["../../src/wasm.ts"],"names":[],"mappings":";;;AAgIA,kCAOC;AAED,oEAMC;AAED,kEAMC;AAED,kFAKC;AAED,0CAEC;AAED,sEAUC;AAED,0CAIC;AAED,kFAWC;AAED,sDAIC;AAED,sDAQC;AAED,sEAMC;AAED,oEAMC;AAED,oFAKC;AAED,4CAEC;AAED,wDAMC;AAED,8DAOC;AAED,kCAEC;AAED,gEASC;AAED,sCAMC;AAED,gDASC;AAED,gDAcC;AA/SD,qCAAqC;AACrC,yCAAsD;AACtD,6CAA4C;AAC5C,oDAM8B;AAG9B,MAAM,iBAAiB,GAAG,8BAA8B,CAAC;AAEzD,MAAM,WAAW,GACf,OAAO,UAAU,KAAK,QAAQ;IAC5B,CAAC,CAAC,UAAU;IACZ,CAAC,CAAC,OAAO,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,QAAQ,IAAI,IAAA,sBAAU,EAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClE,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;QACjB,CAAC,CAAC,IAAA,gBAAI,EAAC,OAAO,CAAC,GAAG,EAAE,EAAE,cAAc,CAAC,CAAC;AAE5C,MAAM,WAAW,GAAG,IAAA,2BAAa,EAAC,WAAW,CAAC,CAAC;AA8B/C,IAAI,cAAkC,CAAC;AACvC,IAAI,YAAsC,CAAC;AAE3C,SAAS,qBAAqB;IAC5B,MAAM,UAAU,GAAa,EAAE,CAAC;IAEhC,IAAI,CAAC;QACH,MAAM,eAAe,GAAG,WAAW,CAAC,OAAO,CAAC,GAAG,iBAAiB,eAAe,CAAC,CAAC;QACjF,UAAU,CAAC,IAAI,CACb,IAAA,gBAAI,EAAC,IAAA,mBAAO,EAAC,eAAe,CAAC,EAAE,MAAM,EAAE,UAAU,EAAE,iBAAiB,EAAE,oBAAoB,CAAC,CAC5F,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,8CAA8C;IAChD,CAAC;IAED,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QAClC,UAAU,CAAC,IAAI,CAAC,IAAA,gBAAI,EAAC,SAAS,EAAE,UAAU,EAAE,iBAAiB,EAAE,oBAAoB,CAAC,CAAC,CAAC;IACxF,CAAC;IAED,UAAU,CAAC,IAAI,CAAC,IAAA,gBAAI,EAAC,OAAO,CAAC,GAAG,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,iBAAiB,EAAE,oBAAoB,CAAC,CAAC,CAAC;IAClG,UAAU,CAAC,IAAI,CAAC,IAAA,gBAAI,EAAC,OAAO,CAAC,GAAG,EAAE,EAAE,KAAK,EAAE,UAAU,EAAE,iBAAiB,EAAE,oBAAoB,CAAC,CAAC,CAAC;IAEjG,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;QACnC,IAAI,IAAA,oBAAU,EAAC,SAAS,CAAC,EAAE,CAAC;YAC1B,OAAO,SAAS,CAAC;QACnB,CAAC;IACH,CAAC;IAED,MAAM,IAAI,KAAK,CACb,yGAAyG,CAC1G,CAAC;AACJ,CAAC;AAED,SAAS,eAAe;IACtB,IAAI,YAAY,KAAK,SAAS,EAAE,CAAC;QAC/B,OAAO,YAAY,CAAC;IACtB,CAAC;IAED,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;QACjC,cAAc,GAAG,qBAAqB,EAAE,CAAC;IAC3C,CAAC;IAED,uEAAuE;IACvE,YAAY,GAAG,WAAW,CAAC,cAAc,CAAiB,CAAC;IAC3D,OAAO,YAAY,CAAC;AACtB,CAAC;AAED,SAAS,WAAW,CAAC,OAAgB,EAAE,KAAa;IAClD,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IAC/B,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IACjB,OAAO,IAAA,qBAAS,EAAC,GAAG,EAAE,KAAK,CAAC,CAAC;AAC/B,CAAC;AAED,SAAS,WAAW,CAAC,MAAe;IAClC,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IAC/B,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAChB,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC;IAC7B,MAAM,IAAI,GAAG,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC;IAC1B,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC,GAAG,EAAE,CAAC;IAC5B,OAAO,IAAA,qBAAS,EAAC,GAAG,EAAE,gBAAgB,CAAC,CAAC;AAC1C,CAAC;AAED,SAAS,QAAQ,CAAC,KAAc;IAC9B,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,CAAC;AACrD,CAAC;AAED,SAAS,mBAAmB,CAC1B,KAAc,EACd,YAAuF,EACvF,KAAa;IAEb,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,IAAI,KAAK,YAAY,IAAI,CAAC,CAAC,KAAK,CAAC,KAAK,YAAY,UAAU,CAAC,EAAE,CAAC;QAC5F,MAAM,IAAI,SAAS,CAAC,GAAG,KAAK,cAAc,YAAY,aAAa,CAAC,CAAC;IACvE,CAAC;IACD,IAAA,yBAAa,EAAC,KAAK,CAAC,KAAK,EAAE,GAAG,KAAK,QAAQ,CAAC,CAAC;AAC/C,CAAC;AAED,SAAgB,WAAW,CAAC,OAAgB;IAC1C,IAAA,yBAAa,EAAC,OAAO,EAAE,SAAS,CAAC,CAAC;IAClC,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QAC/B,GAAG,IAAI,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IACzB,CAAC;IACD,OAAO,GAAG,KAAK,CAAC,CAAC;AACnB,CAAC;AAED,SAAgB,4BAA4B,CAAC,WAAoB;IAC/D,IAAA,yBAAa,EAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,OAAO,MAAM,CAAC,MAAM,CAAC;QACnB,IAAI,EAAE,gBAAgB;QACtB,KAAK,EAAE,WAAW,CAAC,WAAW,EAAE,iCAAiC,CAAC;KACnE,CAAC,CAAC;AACL,CAAC;AAED,SAAgB,2BAA2B,CAAC,WAAoB;IAC9D,IAAA,yBAAa,EAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,OAAO,MAAM,CAAC,MAAM,CAAC;QACnB,IAAI,EAAE,eAAe;QACrB,KAAK,EAAE,WAAW,CAAC,WAAW,EAAE,gCAAgC,CAAC;KAClE,CAAC,CAAC;AACL,CAAC;AAED,SAAgB,mCAAmC,CACjD,UAAsC;IAEtC,mBAAmB,CAAC,UAAU,EAAE,gBAAgB,EAAE,YAAY,CAAC,CAAC;IAChE,OAAO,IAAA,qBAAS,EAAC,eAAe,EAAE,CAAC,eAAe,CAAC,UAAU,CAAC,KAAK,CAAC,EAAE,mBAAmB,CAAC,CAAC;AAC7F,CAAC;AAED,SAAgB,eAAe,CAAC,WAAoB;IAClD,OAAO,mCAAmC,CAAC,4BAA4B,CAAC,WAAW,CAAC,CAAC,CAAC;AACxF,CAAC;AAED,SAAgB,6BAA6B,CAC3C,UAAsC,EACtC,SAAoC;IAEpC,mBAAmB,CAAC,UAAU,EAAE,gBAAgB,EAAE,YAAY,CAAC,CAAC;IAChE,mBAAmB,CAAC,SAAS,EAAE,eAAe,EAAE,WAAW,CAAC,CAAC;IAC7D,OAAO,IAAA,qBAAS,EACd,eAAe,EAAE,CAAC,eAAe,CAAC,UAAU,CAAC,KAAK,EAAE,SAAS,CAAC,KAAK,CAAC,EACpE,mBAAmB,CACpB,CAAC;AACJ,CAAC;AAED,SAAgB,eAAe,CAAC,WAAoB,EAAE,WAAoB;IACxE,MAAM,UAAU,GAAG,4BAA4B,CAAC,WAAW,CAAC,CAAC;IAC7D,MAAM,SAAS,GAAG,2BAA2B,CAAC,WAAW,CAAC,CAAC;IAC3D,OAAO,6BAA6B,CAAC,UAAU,EAAE,SAAS,CAAC,CAAC;AAC9D,CAAC;AAED,SAAgB,mCAAmC,CACjD,UAAsC,EACtC,SAAoC;IAEpC,MAAM,MAAM,GAAG,6BAA6B,CAAC,UAAU,EAAE,SAAS,CAAC,CAAC;IACpE,IAAI,WAAW,CAAC,MAAM,CAAC,EAAE,CAAC;QACxB,MAAM,IAAI,KAAK,CACb,8FAA8F,CAC/F,CAAC;IACJ,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAgB,qBAAqB,CAAC,WAAoB,EAAE,WAAoB;IAC9E,MAAM,UAAU,GAAG,4BAA4B,CAAC,WAAW,CAAC,CAAC;IAC7D,MAAM,SAAS,GAAG,2BAA2B,CAAC,WAAW,CAAC,CAAC;IAC3D,OAAO,mCAAmC,CAAC,UAAU,EAAE,SAAS,CAAC,CAAC;AACpE,CAAC;AAED,SAAgB,qBAAqB,CAAC,MAAe;IACnD,IAAA,yBAAa,EAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAChC,MAAM,UAAU,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;IACvC,MAAM,WAAW,GAAG,eAAe,CAAC,UAAU,CAAC,CAAC;IAChD,OAAO;QACL,MAAM,EAAE,WAAW;QACnB,OAAO,EAAE,UAAU;KACpB,CAAC;AACJ,CAAC;AAED,SAAgB,6BAA6B,CAAC,YAAqB;IACjE,IAAA,yBAAa,EAAC,YAAY,EAAE,cAAc,CAAC,CAAC;IAC5C,OAAO,MAAM,CAAC,MAAM,CAAC;QACnB,IAAI,EAAE,iBAAiB;QACvB,KAAK,EAAE,WAAW,CAAC,YAAY,EAAE,kCAAkC,CAAC;KACrE,CAAC,CAAC;AACL,CAAC;AAED,SAAgB,4BAA4B,CAAC,WAAoB;IAC/D,IAAA,yBAAa,EAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,OAAO,MAAM,CAAC,MAAM,CAAC;QACnB,IAAI,EAAE,gBAAgB;QACtB,KAAK,EAAE,WAAW,CAAC,WAAW,EAAE,iCAAiC,CAAC;KACnE,CAAC,CAAC;AACL,CAAC;AAED,SAAgB,oCAAoC,CAClD,UAAuC;IAEvC,mBAAmB,CAAC,UAAU,EAAE,iBAAiB,EAAE,YAAY,CAAC,CAAC;IACjE,OAAO,IAAA,qBAAS,EAAC,eAAe,EAAE,CAAC,gBAAgB,CAAC,UAAU,CAAC,KAAK,CAAC,EAAE,oBAAoB,CAAC,CAAC;AAC/F,CAAC;AAED,SAAgB,gBAAgB,CAAC,YAAqB;IACpD,OAAO,oCAAoC,CAAC,6BAA6B,CAAC,YAAY,CAAC,CAAC,CAAC;AAC3F,CAAC;AAED,SAAgB,sBAAsB,CAAC,MAAe;IACpD,IAAA,yBAAa,EAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAChC,OAAO;QACL,MAAM,EAAE,gBAAgB,CAAC,MAAM,CAAC;QAChC,OAAO,EAAE,MAAM;KAChB,CAAC;AACJ,CAAC;AAED,SAAgB,yBAAyB,CACvC,UAAuC,EACvC,GAAe;IAEf,mBAAmB,CAAC,UAAU,EAAE,iBAAiB,EAAE,YAAY,CAAC,CAAC;IACjE,IAAA,4BAAgB,EAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAC7B,OAAO,IAAA,qBAAS,EAAC,eAAe,EAAE,CAAC,WAAW,CAAC,UAAU,CAAC,KAAK,EAAE,GAAG,CAAC,EAAE,mBAAmB,CAAC,CAAC;AAC9F,CAAC;AAED,SAAgB,WAAW,CAAC,YAAqB,EAAE,GAAe;IAChE,OAAO,yBAAyB,CAAC,6BAA6B,CAAC,YAAY,CAAC,EAAE,GAAG,CAAC,CAAC;AACrF,CAAC;AAED,SAAgB,0BAA0B,CACxC,SAAqC,EACrC,GAAe,EACf,WAAoB;IAEpB,mBAAmB,CAAC,SAAS,EAAE,gBAAgB,EAAE,WAAW,CAAC,CAAC;IAC9D,IAAA,4BAAgB,EAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAC7B,IAAA,yBAAa,EAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,OAAO,eAAe,EAAE,CAAC,aAAa,CAAC,SAAS,CAAC,KAAK,EAAE,GAAG,EAAE,WAAW,CAAC,CAAC;AAC5E,CAAC;AAED,SAAgB,aAAa,CAC3B,WAAoB,EACpB,GAAe,EACf,WAAoB;IAEpB,OAAO,0BAA0B,CAAC,4BAA4B,CAAC,WAAW,CAAC,EAAE,GAAG,EAAE,WAAW,CAAC,CAAC;AACjG,CAAC;AAED,SAAgB,kBAAkB,CAAC,YAAqB,EAAE,GAAe;IACvE,IAAA,yBAAa,EAAC,YAAY,EAAE,cAAc,CAAC,CAAC;IAC5C,IAAA,4BAAgB,EAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAE7B,MAAM,WAAW,GAAG,WAAW,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC;IACnD,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,EAAE,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC;IACnD,MAAM,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;IAC3B,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;IACpB,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAgB,kBAAkB,CAAC,WAAoB,EAAE,SAAqB;IAC5E,IAAA,yBAAa,EAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,IAAA,4BAAgB,EAAC,SAAS,EAAE,WAAW,CAAC,CAAC;IAEzC,IAAI,SAAS,CAAC,UAAU,GAAG,EAAE,EAAE,CAAC;QAC9B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,WAAW,GAAG,IAAA,qBAAS,EAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,qBAAqB,CAAC,CAAC;IAChF,MAAM,GAAG,GAAG,SAAS,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IACnC,IAAI,CAAC,aAAa,CAAC,WAAW,EAAE,GAAG,EAAE,WAAW,CAAC,EAAE,CAAC;QAClD,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;AAC7B,CAAC;AAEY,QAAA,MAAM,GAAG;IACpB,sBAAsB,EAAE,4BAA4B;IACpD,qBAAqB,EAAE,2BAA2B;IAClD,6BAA6B,EAAE,mCAAmC;IAClE,SAAS,EAAE,eAAe;IAC1B,SAAS,EAAE,eAAe;IAC1B,uBAAuB,EAAE,6BAA6B;IACtD,eAAe,EAAE,qBAAqB;IACtC,6BAA6B,EAAE,mCAAmC;IAClE,WAAW;IACX,eAAe,EAAE,qBAAqB;CAC9B,CAAC;AAEE,QAAA,OAAO,GAAG;IACrB,sBAAsB,EAAE,6BAA6B;IACrD,qBAAqB,EAAE,4BAA4B;IACnD,6BAA6B,EAAE,oCAAoC;IACnE,SAAS,EAAE,gBAAgB;IAC3B,eAAe,EAAE,sBAAsB;IACvC,IAAI,EAAE,WAAW;IACjB,kBAAkB,EAAE,yBAAyB;IAC7C,MAAM,EAAE,aAAa;IACrB,mBAAmB,EAAE,0BAA0B;IAC/C,WAAW,EAAE,kBAAkB;IAC/B,WAAW,EAAE,kBAAkB;CACvB,CAAC;AAEX,MAAM,GAAG,GAAG;IACV,MAAM,EAAN,cAAM;IACN,OAAO,EAAP,eAAO;CACC,CAAC;AAEX,kBAAe,GAAG,CAAC"}

package/dist/cjs/x25519.js

@@ -1,7 +1,14 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.isAllZero32 = isAllZero32;
+exports.createPrivateKeyObject = createPrivateKeyObject;
+exports.createPublicKeyObject = createPublicKeyObject;
+exports.publicKeyFromPrivateKeyObject = publicKeyFromPrivateKeyObject;
 exports.publicKey = publicKey;
+exports.sharedKeyFromKeyObjects = sharedKeyFromKeyObjects;
 exports.sharedKey = sharedKey;
+exports.sharedKeyStrict = sharedKeyStrict;
+exports.sharedKeyStrictFromKeyObjects = sharedKeyStrictFromKeyObjects;
 exports.generateKeyPair = generateKeyPair;
 const node_crypto_1 = require("node:crypto");
 const assert_js_1 = require("./internal/assert.js");
@@ -14,28 +21,82 @@ function clampScalar(seed32) {
     clamped[31] = (last & 127) | 64;
     return (0, assert_js_1.asBytes32)(clamped, "clamped scalar");
 }
+function normalizeSharedSecret(shared) {
+    if (shared.byteLength !== 32) {
+        throw new Error(`X25519 shared secret must be 32 bytes, received ${shared.byteLength}`);
+    }
+    return (0, assert_js_1.asBytes32)(new Uint8Array(shared.buffer, shared.byteOffset, shared.byteLength), "sharedKey");
+}
 /**
- * Derives an X25519 public key from a raw 32-byte secret scalar.
+ * Constant-time style 32-byte zero check for shared-secret hardening.
  */
-function publicKey(secretKey32) {
+function isAllZero32(bytes32) {
+    (0, assert_js_1.assertBytes32)(bytes32, "bytes32");
+    let acc = 0;
+    for (let i = 0; i < 32; i += 1) {
+        acc |= bytes32[i] ?? 0;
+    }
+    return acc === 0;
+}
+/**
+ * Builds a reusable X25519 private KeyObject from a raw 32-byte secret scalar.
+ */
+function createPrivateKeyObject(secretKey32) {
     (0, assert_js_1.assertBytes32)(secretKey32, "secretKey32");
-    const privateKey = (0, der_js_1.keyFromX25519Private)(secretKey32);
+    return (0, der_js_1.keyFromX25519Private)(secretKey32);
+}
+/**
+ * Builds a reusable X25519 public KeyObject from a raw 32-byte public key.
+ */
+function createPublicKeyObject(publicKey32) {
+    (0, assert_js_1.assertBytes32)(publicKey32, "publicKey32");
+    return (0, der_js_1.keyFromX25519Public)(publicKey32);
+}
+/**
+ * Derives raw 32-byte X25519 public key from a private KeyObject.
+ */
+function publicKeyFromPrivateKeyObject(privateKey) {
     return (0, der_js_1.rawPublicFromX25519Spki)((0, node_crypto_1.createPublicKey)(privateKey));
 }
+/**
+ * Derives an X25519 public key from a raw 32-byte secret scalar.
+ */
+function publicKey(secretKey32) {
+    return publicKeyFromPrivateKeyObject(createPrivateKeyObject(secretKey32));
+}
+/**
+ * Computes X25519 ECDH shared secret (raw 32 bytes) from reusable KeyObjects.
+ */
+function sharedKeyFromKeyObjects(privateKey, publicKey) {
+    return normalizeSharedSecret((0, node_crypto_1.diffieHellman)({ privateKey, publicKey }));
+}
 /**
  * Computes X25519 ECDH shared secret (raw 32 bytes).
  */
 function sharedKey(secretKey32, publicKey32) {
-    (0, assert_js_1.assertBytes32)(secretKey32, "secretKey32");
-    (0, assert_js_1.assertBytes32)(publicKey32, "publicKey32");
-    const shared = (0, node_crypto_1.diffieHellman)({
-        privateKey: (0, der_js_1.keyFromX25519Private)(secretKey32),
-        publicKey: (0, der_js_1.keyFromX25519Public)(publicKey32),
-    });
-    if (shared.byteLength !== 32) {
-        throw new Error(`X25519 shared secret must be 32 bytes, received ${shared.byteLength}`);
+    const privateKey = createPrivateKeyObject(secretKey32);
+    const publicKey = createPublicKeyObject(publicKey32);
+    return sharedKeyFromKeyObjects(privateKey, publicKey);
+}
+/**
+ * Strict X25519 ECDH: rejects all-zero shared secret.
+ */
+function sharedKeyStrict(secretKey32, publicKey32) {
+    const shared = sharedKey(secretKey32, publicKey32);
+    if (isAllZero32(shared)) {
+        throw new Error("X25519 shared secret is all-zero; reject low-order/invalid peer public key in protocol flow.");
     }
-    return (0, assert_js_1.asBytes32)(new Uint8Array(shared.buffer, shared.byteOffset, shared.byteLength), "sharedKey");
+    return shared;
+}
+/**
+ * Strict X25519 ECDH from reusable KeyObjects: rejects all-zero shared secret.
+ */
+function sharedKeyStrictFromKeyObjects(privateKey, publicKey) {
+    const shared = sharedKeyFromKeyObjects(privateKey, publicKey);
+    if (isAllZero32(shared)) {
+        throw new Error("X25519 shared secret is all-zero; reject low-order/invalid peer public key in protocol flow.");
+    }
+    return shared;
 }
 /**
  * Deterministically creates an X25519 key pair from a 32-byte seed.

package/dist/cjs/x25519.js.map

@@ -1 +1 @@
-{"version":3,"file":"x25519.js","sourceRoot":"","sources":["../../src/x25519.ts"],"names":[],"mappings":";;AAqBA,8BAIC;AAKD,8BAaC;AAMD,0CAQC;AAzDD,6CAA6D;AAC7D,oDAAgE;AAChE,8CAI2B;AAG3B,SAAS,WAAW,CAAC,MAAe;IAClC,MAAM,OAAO,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IACnC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACpB,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC;IACrC,MAAM,IAAI,GAAG,OAAO,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC;IAC9B,OAAO,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC,GAAG,EAAE,CAAC;IAChC,OAAO,IAAA,qBAAS,EAAC,OAAO,EAAE,gBAAgB,CAAC,CAAC;AAC9C,CAAC;AAED;;GAEG;AACH,SAAgB,SAAS,CAAC,WAAoB;IAC5C,IAAA,yBAAa,EAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,MAAM,UAAU,GAAG,IAAA,6BAAoB,EAAC,WAAW,CAAC,CAAC;IACrD,OAAO,IAAA,gCAAuB,EAAC,IAAA,6BAAe,EAAC,UAAU,CAAC,CAAC,CAAC;AAC9D,CAAC;AAED;;GAEG;AACH,SAAgB,SAAS,CAAC,WAAoB,EAAE,WAAoB;IAClE,IAAA,yBAAa,EAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,IAAA,yBAAa,EAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAE1C,MAAM,MAAM,GAAG,IAAA,2BAAa,EAAC;QAC3B,UAAU,EAAE,IAAA,6BAAoB,EAAC,WAAW,CAAC;QAC7C,SAAS,EAAE,IAAA,4BAAmB,EAAC,WAAW,CAAC;KAC5C,CAAC,CAAC;IAEH,IAAI,MAAM,CAAC,UAAU,KAAK,EAAE,EAAE,CAAC;QAC7B,MAAM,IAAI,KAAK,CAAC,mDAAmD,MAAM,CAAC,UAAU,EAAE,CAAC,CAAC;IAC1F,CAAC;IACD,OAAO,IAAA,qBAAS,EAAC,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,UAAU,CAAC,EAAE,WAAW,CAAC,CAAC;AACrG,CAAC;AAED;;;GAGG;AACH,SAAgB,eAAe,CAAC,MAAe;IAC7C,IAAA,yBAAa,EAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAChC,MAAM,UAAU,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;IACvC,MAAM,WAAW,GAAG,SAAS,CAAC,UAAU,CAAC,CAAC;IAC1C,OAAO;QACL,MAAM,EAAE,WAAW;QACnB,OAAO,EAAE,UAAU;KACpB,CAAC;AACJ,CAAC"}
+{"version":3,"file":"x25519.js","sourceRoot":"","sources":["../../src/x25519.ts"],"names":[],"mappings":";;AA+BA,kCAOC;AAKD,wDAGC;AAKD,sDAGC;AAKD,sEAEC;AAKD,8BAEC;AAKD,0DAEC;AAKD,8BAIC;AAKD,0CAQC;AAKD,sEAWC;AAMD,0CAQC;AA/HD,6CAA6E;AAC7E,oDAAgE;AAChE,8CAI2B;AAG3B,SAAS,WAAW,CAAC,MAAe;IAClC,MAAM,OAAO,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IACnC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACpB,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC;IACrC,MAAM,IAAI,GAAG,OAAO,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC;IAC9B,OAAO,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC,GAAG,EAAE,CAAC;IAChC,OAAO,IAAA,qBAAS,EAAC,OAAO,EAAE,gBAAgB,CAAC,CAAC;AAC9C,CAAC;AAED,SAAS,qBAAqB,CAAC,MAAc;IAC3C,IAAI,MAAM,CAAC,UAAU,KAAK,EAAE,EAAE,CAAC;QAC7B,MAAM,IAAI,KAAK,CAAC,mDAAmD,MAAM,CAAC,UAAU,EAAE,CAAC,CAAC;IAC1F,CAAC;IACD,OAAO,IAAA,qBAAS,EACd,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,UAAU,CAAC,EACnE,WAAW,CACZ,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAgB,WAAW,CAAC,OAAgB;IAC1C,IAAA,yBAAa,EAAC,OAAO,EAAE,SAAS,CAAC,CAAC;IAClC,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QAC/B,GAAG,IAAI,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IACzB,CAAC;IACD,OAAO,GAAG,KAAK,CAAC,CAAC;AACnB,CAAC;AAED;;GAEG;AACH,SAAgB,sBAAsB,CAAC,WAAoB;IACzD,IAAA,yBAAa,EAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,OAAO,IAAA,6BAAoB,EAAC,WAAW,CAAC,CAAC;AAC3C,CAAC;AAED;;GAEG;AACH,SAAgB,qBAAqB,CAAC,WAAoB;IACxD,IAAA,yBAAa,EAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,OAAO,IAAA,4BAAmB,EAAC,WAAW,CAAC,CAAC;AAC1C,CAAC;AAED;;GAEG;AACH,SAAgB,6BAA6B,CAAC,UAAqB;IACjE,OAAO,IAAA,gCAAuB,EAAC,IAAA,6BAAe,EAAC,UAAU,CAAC,CAAC,CAAC;AAC9D,CAAC;AAED;;GAEG;AACH,SAAgB,SAAS,CAAC,WAAoB;IAC5C,OAAO,6BAA6B,CAAC,sBAAsB,CAAC,WAAW,CAAC,CAAC,CAAC;AAC5E,CAAC;AAED;;GAEG;AACH,SAAgB,uBAAuB,CAAC,UAAqB,EAAE,SAAoB;IACjF,OAAO,qBAAqB,CAAC,IAAA,2BAAa,EAAC,EAAE,UAAU,EAAE,SAAS,EAAE,CAAC,CAAC,CAAC;AACzE,CAAC;AAED;;GAEG;AACH,SAAgB,SAAS,CAAC,WAAoB,EAAE,WAAoB;IAClE,MAAM,UAAU,GAAG,sBAAsB,CAAC,WAAW,CAAC,CAAC;IACvD,MAAM,SAAS,GAAG,qBAAqB,CAAC,WAAW,CAAC,CAAC;IACrD,OAAO,uBAAuB,CAAC,UAAU,EAAE,SAAS,CAAC,CAAC;AACxD,CAAC;AAED;;GAEG;AACH,SAAgB,eAAe,CAAC,WAAoB,EAAE,WAAoB;IACxE,MAAM,MAAM,GAAG,SAAS,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;IACnD,IAAI,WAAW,CAAC,MAAM,CAAC,EAAE,CAAC;QACxB,MAAM,IAAI,KAAK,CACb,8FAA8F,CAC/F,CAAC;IACJ,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,SAAgB,6BAA6B,CAC3C,UAAqB,EACrB,SAAoB;IAEpB,MAAM,MAAM,GAAG,uBAAuB,CAAC,UAAU,EAAE,SAAS,CAAC,CAAC;IAC9D,IAAI,WAAW,CAAC,MAAM,CAAC,EAAE,CAAC;QACxB,MAAM,IAAI,KAAK,CACb,8FAA8F,CAC/F,CAAC;IACJ,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;GAGG;AACH,SAAgB,eAAe,CAAC,MAAe;IAC7C,IAAA,yBAAa,EAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAChC,MAAM,UAAU,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;IACvC,MAAM,WAAW,GAAG,SAAS,CAAC,UAAU,CAAC,CAAC;IAC1C,OAAO;QACL,MAAM,EAAE,WAAW;QACnB,OAAO,EAAE,UAAU;KACpB,CAAC;AACJ,CAAC"}

package/dist/ed25519.d.ts

@@ -1,4 +1,17 @@
+import { type KeyObject } from "node:crypto";
 import type { Bytes32, Bytes64, KeyPair32 } from "./types.js";
+/**
+ * Builds a reusable Ed25519 private KeyObject from a raw 32-byte seed.
+ */
+export declare function createPrivateKeyObject(secretSeed32: Bytes32): KeyObject;
+/**
+ * Builds a reusable Ed25519 public KeyObject from a raw 32-byte public key.
+ */
+export declare function createPublicKeyObject(publicKey32: Bytes32): KeyObject;
+/**
+ * Derives raw 32-byte Ed25519 public key from a private KeyObject.
+ */
+export declare function publicKeyFromPrivateKeyObject(privateKey: KeyObject): Bytes32;
 /**
  * Derives an Ed25519 public key from a raw 32-byte seed.
  */
@@ -12,10 +25,18 @@ export declare function generateKeyPair(seed32: Bytes32): KeyPair32;
  * Signs a message with Ed25519 and returns the 64-byte detached signature.
  */
 export declare function sign(secretSeed32: Bytes32, msg: Uint8Array): Bytes64;
+/**
+ * Signs a message with Ed25519 using a reusable private KeyObject.
+ */
+export declare function signWithPrivateKey(privateKey: KeyObject, msg: Uint8Array): Bytes64;
 /**
  * Verifies a detached Ed25519 signature.
  */
 export declare function verify(publicKey32: Bytes32, msg: Uint8Array, signature64: Bytes64): boolean;
+/**
+ * Verifies a detached Ed25519 signature using a reusable public KeyObject.
+ */
+export declare function verifyWithPublicKey(publicKey: KeyObject, msg: Uint8Array, signature64: Bytes64): boolean;
 /**
  * Returns signature || message.
  */

package/dist/ed25519.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"ed25519.d.ts","sourceRoot":"","sources":["../src/ed25519.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAE9D;;GAEG;AACH,wBAAgB,SAAS,CAAC,YAAY,EAAE,OAAO,GAAG,OAAO,CAGxD;AAED;;;GAGG;AACH,wBAAgB,eAAe,CAAC,MAAM,EAAE,OAAO,GAAG,SAAS,CAM1D;AAED;;GAEG;AACH,wBAAgB,IAAI,CAAC,YAAY,EAAE,OAAO,EAAE,GAAG,EAAE,UAAU,GAAG,OAAO,CASpE;AAED;;GAEG;AACH,wBAAgB,MAAM,CAAC,WAAW,EAAE,OAAO,EAAE,GAAG,EAAE,UAAU,EAAE,WAAW,EAAE,OAAO,GAAG,OAAO,CAW3F;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,YAAY,EAAE,OAAO,EAAE,GAAG,EAAE,UAAU,GAAG,UAAU,CAS9E;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,WAAW,EAAE,OAAO,EAAE,SAAS,EAAE,UAAU,GAAG,UAAU,GAAG,IAAI,CAgB1F"}
+{"version":3,"file":"ed25519.d.ts","sourceRoot":"","sources":["../src/ed25519.ts"],"names":[],"mappings":"AAAA,OAAO,EAGL,KAAK,SAAS,EAEf,MAAM,aAAa,CAAC;AAarB,OAAO,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAY9D;;GAEG;AACH,wBAAgB,sBAAsB,CAAC,YAAY,EAAE,OAAO,GAAG,SAAS,CAGvE;AAED;;GAEG;AACH,wBAAgB,qBAAqB,CAAC,WAAW,EAAE,OAAO,GAAG,SAAS,CAGrE;AAED;;GAEG;AACH,wBAAgB,6BAA6B,CAAC,UAAU,EAAE,SAAS,GAAG,OAAO,CAE5E;AAED;;GAEG;AACH,wBAAgB,SAAS,CAAC,YAAY,EAAE,OAAO,GAAG,OAAO,CAExD;AAED;;;GAGG;AACH,wBAAgB,eAAe,CAAC,MAAM,EAAE,OAAO,GAAG,SAAS,CAM1D;AAED;;GAEG;AACH,wBAAgB,IAAI,CAAC,YAAY,EAAE,OAAO,EAAE,GAAG,EAAE,UAAU,GAAG,OAAO,CAEpE;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,UAAU,EAAE,SAAS,EAAE,GAAG,EAAE,UAAU,GAAG,OAAO,CAGlF;AAED;;GAEG;AACH,wBAAgB,MAAM,CAAC,WAAW,EAAE,OAAO,EAAE,GAAG,EAAE,UAAU,EAAE,WAAW,EAAE,OAAO,GAAG,OAAO,CAE3F;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CACjC,SAAS,EAAE,SAAS,EACpB,GAAG,EAAE,UAAU,EACf,WAAW,EAAE,OAAO,GACnB,OAAO,CAIT;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,YAAY,EAAE,OAAO,EAAE,GAAG,EAAE,UAAU,GAAG,UAAU,CAS9E;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,WAAW,EAAE,OAAO,EAAE,SAAS,EAAE,UAAU,GAAG,UAAU,GAAG,IAAI,CAgB1F"}

package/dist/ed25519.js

@@ -1,12 +1,37 @@
-import { createPublicKey, sign as cryptoSign, verify as cryptoVerify } from "node:crypto";
-import { asBytes64, assertBytes32, assertBytes64, assertUint8Array, toBufferView } from "./internal/assert.js";
-import { keyFromEd25519Private, keyFromEd25519Public, rawPublicFromEd25519Spki } from "./internal/der.js";
+import { createPublicKey, sign as cryptoSign, verify as cryptoVerify, } from "node:crypto";
+import { asBytes64, assertBytes32, assertBytes64, assertUint8Array, toBufferView, } from "./internal/assert.js";
+import { keyFromEd25519Private, keyFromEd25519Public, rawPublicFromEd25519Spki, } from "./internal/der.js";
+function normalizeSignature(signature) {
+    if (signature.byteLength !== 64) {
+        throw new Error(`Ed25519 signature must be 64 bytes, received ${signature.byteLength}`);
+    }
+    return asBytes64(new Uint8Array(signature.buffer, signature.byteOffset, signature.byteLength), "signature");
+}
+/**
+ * Builds a reusable Ed25519 private KeyObject from a raw 32-byte seed.
+ */
+export function createPrivateKeyObject(secretSeed32) {
+    assertBytes32(secretSeed32, "secretSeed32");
+    return keyFromEd25519Private(secretSeed32);
+}
+/**
+ * Builds a reusable Ed25519 public KeyObject from a raw 32-byte public key.
+ */
+export function createPublicKeyObject(publicKey32) {
+    assertBytes32(publicKey32, "publicKey32");
+    return keyFromEd25519Public(publicKey32);
+}
+/**
+ * Derives raw 32-byte Ed25519 public key from a private KeyObject.
+ */
+export function publicKeyFromPrivateKeyObject(privateKey) {
+    return rawPublicFromEd25519Spki(createPublicKey(privateKey));
+}
 /**
  * Derives an Ed25519 public key from a raw 32-byte seed.
  */
 export function publicKey(secretSeed32) {
-    assertBytes32(secretSeed32, "secretSeed32");
-    return rawPublicFromEd25519Spki(createPublicKey(keyFromEd25519Private(secretSeed32)));
+    return publicKeyFromPrivateKeyObject(createPrivateKeyObject(secretSeed32));
 }
 /**
  * Deterministically creates an Ed25519 key pair from a 32-byte seed.
@@ -23,22 +48,28 @@ export function generateKeyPair(seed32) {
  * Signs a message with Ed25519 and returns the 64-byte detached signature.
  */
 export function sign(secretSeed32, msg) {
-    assertBytes32(secretSeed32, "secretSeed32");
+    return signWithPrivateKey(createPrivateKeyObject(secretSeed32), msg);
+}
+/**
+ * Signs a message with Ed25519 using a reusable private KeyObject.
+ */
+export function signWithPrivateKey(privateKey, msg) {
     assertUint8Array(msg, "msg");
-    const signature = cryptoSign(null, toBufferView(msg), keyFromEd25519Private(secretSeed32));
-    if (signature.byteLength !== 64) {
-        throw new Error(`Ed25519 signature must be 64 bytes, received ${signature.byteLength}`);
-    }
-    return asBytes64(new Uint8Array(signature.buffer, signature.byteOffset, signature.byteLength), "signature");
+    return normalizeSignature(cryptoSign(null, toBufferView(msg), privateKey));
 }
 /**
  * Verifies a detached Ed25519 signature.
  */
 export function verify(publicKey32, msg, signature64) {
-    assertBytes32(publicKey32, "publicKey32");
+    return verifyWithPublicKey(createPublicKeyObject(publicKey32), msg, signature64);
+}
+/**
+ * Verifies a detached Ed25519 signature using a reusable public KeyObject.
+ */
+export function verifyWithPublicKey(publicKey, msg, signature64) {
     assertUint8Array(msg, "msg");
     assertBytes64(signature64, "signature64");
-    return cryptoVerify(null, toBufferView(msg), keyFromEd25519Public(publicKey32), toBufferView(signature64));
+    return cryptoVerify(null, toBufferView(msg), publicKey, toBufferView(signature64));
 }
 /**
  * Returns signature || message.

package/dist/ed25519.js.map

@@ -1 +1 @@
-{"version":3,"file":"ed25519.js","sourceRoot":"","sources":["../src/ed25519.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,IAAI,IAAI,UAAU,EAAE,MAAM,IAAI,YAAY,EAAE,MAAM,aAAa,CAAC;AAC1F,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,aAAa,EAAE,gBAAgB,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AAC/G,OAAO,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,wBAAwB,EAAE,MAAM,mBAAmB,CAAC;AAG1G;;GAEG;AACH,MAAM,UAAU,SAAS,CAAC,YAAqB;IAC7C,aAAa,CAAC,YAAY,EAAE,cAAc,CAAC,CAAC;IAC5C,OAAO,wBAAwB,CAAC,eAAe,CAAC,qBAAqB,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;AACxF,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,eAAe,CAAC,MAAe;IAC7C,aAAa,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAChC,OAAO;QACL,MAAM,EAAE,SAAS,CAAC,MAAM,CAAC;QACzB,OAAO,EAAE,MAAM;KAChB,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,IAAI,CAAC,YAAqB,EAAE,GAAe;IACzD,aAAa,CAAC,YAAY,EAAE,cAAc,CAAC,CAAC;IAC5C,gBAAgB,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAE7B,MAAM,SAAS,GAAG,UAAU,CAAC,IAAI,EAAE,YAAY,CAAC,GAAG,CAAC,EAAE,qBAAqB,CAAC,YAAY,CAAC,CAAC,CAAC;IAC3F,IAAI,SAAS,CAAC,UAAU,KAAK,EAAE,EAAE,CAAC;QAChC,MAAM,IAAI,KAAK,CAAC,gDAAgD,SAAS,CAAC,UAAU,EAAE,CAAC,CAAC;IAC1F,CAAC;IACD,OAAO,SAAS,CAAC,IAAI,UAAU,CAAC,SAAS,CAAC,MAAM,EAAE,SAAS,CAAC,UAAU,EAAE,SAAS,CAAC,UAAU,CAAC,EAAE,WAAW,CAAC,CAAC;AAC9G,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,MAAM,CAAC,WAAoB,EAAE,GAAe,EAAE,WAAoB;IAChF,aAAa,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,gBAAgB,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAC7B,aAAa,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAE1C,OAAO,YAAY,CACjB,IAAI,EACJ,YAAY,CAAC,GAAG,CAAC,EACjB,oBAAoB,CAAC,WAAW,CAAC,EACjC,YAAY,CAAC,WAAW,CAAC,CAC1B,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,YAAqB,EAAE,GAAe;IAChE,aAAa,CAAC,YAAY,EAAE,cAAc,CAAC,CAAC;IAC5C,gBAAgB,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAE7B,MAAM,SAAS,GAAG,IAAI,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC;IAC1C,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,EAAE,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC;IACnD,MAAM,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;IACzB,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;IACpB,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,WAAoB,EAAE,SAAqB;IACrE,aAAa,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,gBAAgB,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;IAEzC,IAAI,SAAS,CAAC,UAAU,GAAG,EAAE,EAAE,CAAC;QAC9B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,WAAW,GAAG,SAAS,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,qBAAqB,CAAC,CAAC;IAChF,MAAM,GAAG,GAAG,SAAS,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IACnC,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,GAAG,EAAE,WAAW,CAAC,EAAE,CAAC;QAC3C,OAAO,IAAI,CAAC;IACd,CAAC;IAED,8EAA8E;IAC9E,OAAO,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;AAC7B,CAAC"}
+{"version":3,"file":"ed25519.js","sourceRoot":"","sources":["../src/ed25519.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,eAAe,EACf,IAAI,IAAI,UAAU,EAElB,MAAM,IAAI,YAAY,GACvB,MAAM,aAAa,CAAC;AACrB,OAAO,EACL,SAAS,EACT,aAAa,EACb,aAAa,EACb,gBAAgB,EAChB,YAAY,GACb,MAAM,sBAAsB,CAAC;AAC9B,OAAO,EACL,qBAAqB,EACrB,oBAAoB,EACpB,wBAAwB,GACzB,MAAM,mBAAmB,CAAC;AAG3B,SAAS,kBAAkB,CAAC,SAAiB;IAC3C,IAAI,SAAS,CAAC,UAAU,KAAK,EAAE,EAAE,CAAC;QAChC,MAAM,IAAI,KAAK,CAAC,gDAAgD,SAAS,CAAC,UAAU,EAAE,CAAC,CAAC;IAC1F,CAAC;IACD,OAAO,SAAS,CACd,IAAI,UAAU,CAAC,SAAS,CAAC,MAAM,EAAE,SAAS,CAAC,UAAU,EAAE,SAAS,CAAC,UAAU,CAAC,EAC5E,WAAW,CACZ,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,sBAAsB,CAAC,YAAqB;IAC1D,aAAa,CAAC,YAAY,EAAE,cAAc,CAAC,CAAC;IAC5C,OAAO,qBAAqB,CAAC,YAAY,CAAC,CAAC;AAC7C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,qBAAqB,CAAC,WAAoB;IACxD,aAAa,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,OAAO,oBAAoB,CAAC,WAAW,CAAC,CAAC;AAC3C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,6BAA6B,CAAC,UAAqB;IACjE,OAAO,wBAAwB,CAAC,eAAe,CAAC,UAAU,CAAC,CAAC,CAAC;AAC/D,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,SAAS,CAAC,YAAqB;IAC7C,OAAO,6BAA6B,CAAC,sBAAsB,CAAC,YAAY,CAAC,CAAC,CAAC;AAC7E,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,eAAe,CAAC,MAAe;IAC7C,aAAa,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAChC,OAAO;QACL,MAAM,EAAE,SAAS,CAAC,MAAM,CAAC;QACzB,OAAO,EAAE,MAAM;KAChB,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,IAAI,CAAC,YAAqB,EAAE,GAAe;IACzD,OAAO,kBAAkB,CAAC,sBAAsB,CAAC,YAAY,CAAC,EAAE,GAAG,CAAC,CAAC;AACvE,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,kBAAkB,CAAC,UAAqB,EAAE,GAAe;IACvE,gBAAgB,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAC7B,OAAO,kBAAkB,CAAC,UAAU,CAAC,IAAI,EAAE,YAAY,CAAC,GAAG,CAAC,EAAE,UAAU,CAAC,CAAC,CAAC;AAC7E,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,MAAM,CAAC,WAAoB,EAAE,GAAe,EAAE,WAAoB;IAChF,OAAO,mBAAmB,CAAC,qBAAqB,CAAC,WAAW,CAAC,EAAE,GAAG,EAAE,WAAW,CAAC,CAAC;AACnF,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,mBAAmB,CACjC,SAAoB,EACpB,GAAe,EACf,WAAoB;IAEpB,gBAAgB,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAC7B,aAAa,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,OAAO,YAAY,CAAC,IAAI,EAAE,YAAY,CAAC,GAAG,CAAC,EAAE,SAAS,EAAE,YAAY,CAAC,WAAW,CAAC,CAAC,CAAC;AACrF,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,YAAqB,EAAE,GAAe;IAChE,aAAa,CAAC,YAAY,EAAE,cAAc,CAAC,CAAC;IAC5C,gBAAgB,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAE7B,MAAM,SAAS,GAAG,IAAI,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC;IAC1C,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,EAAE,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC;IACnD,MAAM,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;IACzB,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;IACpB,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,WAAoB,EAAE,SAAqB;IACrE,aAAa,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAC1C,gBAAgB,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;IAEzC,IAAI,SAAS,CAAC,UAAU,GAAG,EAAE,EAAE,CAAC;QAC9B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,WAAW,GAAG,SAAS,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,qBAAqB,CAAC,CAAC;IAChF,MAAM,GAAG,GAAG,SAAS,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IACnC,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,GAAG,EAAE,WAAW,CAAC,EAAE,CAAC;QAC3C,OAAO,IAAI,CAAC;IACd,CAAC;IAED,8EAA8E;IAC9E,OAAO,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;AAC7B,CAAC"}