ehbp 0.0.3 → 0.0.4

package/dist/cjs/protocol.js

@@ -0,0 +1,22 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.HPKE_CONFIG = exports.PROTOCOL = void 0;
+/**
+ * Protocol constants for EHBP (Encrypted HTTP Body Protocol)
+ */
+exports.PROTOCOL = {
+    ENCAPSULATED_KEY_HEADER: 'Ehbp-Encapsulated-Key',
+    CLIENT_PUBLIC_KEY_HEADER: 'Ehbp-Client-Public-Key',
+    KEYS_MEDIA_TYPE: 'application/ohttp-keys',
+    KEYS_PATH: '/.well-known/hpke-keys',
+    FALLBACK_HEADER: 'Ehbp-Fallback'
+};
+/**
+ * HPKE suite configuration matching the Go implementation
+ */
+exports.HPKE_CONFIG = {
+    KEM: 0x0020, // X25519 HKDF SHA256
+    KDF: 0x0001, // HKDF SHA256
+    AEAD: 0x0002 // AES-256-GCM
+};
+//# sourceMappingURL=protocol.js.map

package/dist/cjs/protocol.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"protocol.js","sourceRoot":"","sources":["../../src/protocol.ts"],"names":[],"mappings":";;;AAAA;;GAEG;AACU,QAAA,QAAQ,GAAG;IACtB,uBAAuB,EAAE,uBAAuB;IAChD,wBAAwB,EAAE,wBAAwB;IAClD,eAAe,EAAE,wBAAwB;IACzC,SAAS,EAAE,wBAAwB;IACnC,eAAe,EAAE,eAAe;CACxB,CAAC;AAEX;;GAEG;AACU,QAAA,WAAW,GAAG;IACzB,GAAG,EAAE,MAAM,EAAE,qBAAqB;IAClC,GAAG,EAAE,MAAM,EAAE,cAAc;IAC3B,IAAI,EAAE,MAAM,CAAC,cAAc;CACnB,CAAC"}

package/dist/esm/client.d.ts

@@ -0,0 +1,51 @@
+import { Identity } from './identity.js';
+/**
+ * HTTP transport for EHBP
+ */
+export declare class Transport {
+    private clientIdentity;
+    private serverHost;
+    private serverPublicKey;
+    constructor(clientIdentity: Identity, serverHost: string, serverPublicKey: CryptoKey);
+    /**
+     * Create a new transport by fetching server public key
+     */
+    static create(serverURL: string, clientIdentity: Identity): Promise<Transport>;
+    /**
+     * Get the server public key
+     */
+    getServerPublicKey(): CryptoKey;
+    /**
+     * Get the server public key as hex string
+     */
+    getServerPublicKeyHex(): Promise<string>;
+    /**
+     * Get the client public key
+     */
+    getClientPublicKey(): CryptoKey;
+    /**
+     * Make an encrypted HTTP request
+     */
+    request(input: RequestInfo | URL, init?: RequestInit): Promise<Response>;
+    /**
+     * Convenience method for GET requests
+     */
+    get(url: string | URL, init?: RequestInit): Promise<Response>;
+    /**
+     * Convenience method for POST requests
+     */
+    post(url: string | URL, body?: BodyInit, init?: RequestInit): Promise<Response>;
+    /**
+     * Convenience method for PUT requests
+     */
+    put(url: string | URL, body?: BodyInit, init?: RequestInit): Promise<Response>;
+    /**
+     * Convenience method for DELETE requests
+     */
+    delete(url: string | URL, init?: RequestInit): Promise<Response>;
+}
+/**
+ * Create a new transport instance
+ */
+export declare function createTransport(serverURL: string, clientIdentity: Identity): Promise<Transport>;
+//# sourceMappingURL=client.d.ts.map

package/dist/esm/client.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../src/client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AAGzC;;GAEG;AACH,qBAAa,SAAS;IACpB,OAAO,CAAC,cAAc,CAAW;IACjC,OAAO,CAAC,UAAU,CAAS;IAC3B,OAAO,CAAC,eAAe,CAAY;gBAEvB,cAAc,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,eAAe,EAAE,SAAS;IAMpF;;OAEG;WACU,MAAM,CAAC,SAAS,EAAE,MAAM,EAAE,cAAc,EAAE,QAAQ,GAAG,OAAO,CAAC,SAAS,CAAC;IAwBpF;;OAEG;IACH,kBAAkB,IAAI,SAAS;IAI/B;;OAEG;IACG,qBAAqB,IAAI,OAAO,CAAC,MAAM,CAAC;IAQ9C;;OAEG;IACH,kBAAkB,IAAI,SAAS;IAI/B;;OAEG;IACG,OAAO,CAAC,KAAK,EAAE,WAAW,GAAG,GAAG,EAAE,IAAI,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,QAAQ,CAAC;IA0E9E;;OAEG;IACG,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,EAAE,IAAI,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,QAAQ,CAAC;IAInE;;OAEG;IACG,IAAI,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,EAAE,IAAI,CAAC,EAAE,QAAQ,EAAE,IAAI,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,QAAQ,CAAC;IAIrF;;OAEG;IACG,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,EAAE,IAAI,CAAC,EAAE,QAAQ,EAAE,IAAI,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,QAAQ,CAAC;IAIpF;;OAEG;IACG,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,EAAE,IAAI,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,QAAQ,CAAC;CAGvE;AAED;;GAEG;AACH,wBAAsB,eAAe,CAAC,SAAS,EAAE,MAAM,EAAE,cAAc,EAAE,QAAQ,GAAG,OAAO,CAAC,SAAS,CAAC,CAErG"}

package/dist/esm/client.js

@@ -0,0 +1,155 @@
+import { Identity } from './identity.js';
+import { PROTOCOL } from './protocol.js';
+/**
+ * HTTP transport for EHBP
+ */
+export class Transport {
+    clientIdentity;
+    serverHost;
+    serverPublicKey;
+    constructor(clientIdentity, serverHost, serverPublicKey) {
+        this.clientIdentity = clientIdentity;
+        this.serverHost = serverHost;
+        this.serverPublicKey = serverPublicKey;
+    }
+    /**
+     * Create a new transport by fetching server public key
+     */
+    static async create(serverURL, clientIdentity) {
+        const url = new URL(serverURL);
+        const serverHost = url.host;
+        // Fetch server public key
+        const keysURL = new URL(PROTOCOL.KEYS_PATH, serverURL);
+        const response = await fetch(keysURL.toString());
+        if (!response.ok) {
+            throw new Error(`Failed to get server public key: ${response.status}`);
+        }
+        const contentType = response.headers.get('content-type');
+        if (contentType !== PROTOCOL.KEYS_MEDIA_TYPE) {
+            throw new Error(`Invalid content type: ${contentType}`);
+        }
+        const keysData = new Uint8Array(await response.arrayBuffer());
+        const serverIdentity = await Identity.unmarshalPublicConfig(keysData);
+        const serverPublicKey = serverIdentity.getPublicKey();
+        return new Transport(clientIdentity, serverHost, serverPublicKey);
+    }
+    /**
+     * Get the server public key
+     */
+    getServerPublicKey() {
+        return this.serverPublicKey;
+    }
+    /**
+     * Get the server public key as hex string
+     */
+    async getServerPublicKeyHex() {
+        const exported = await crypto.subtle.exportKey('raw', this.serverPublicKey);
+        const keyBytes = new Uint8Array(exported);
+        return Array.from(keyBytes)
+            .map(b => b.toString(16).padStart(2, '0'))
+            .join('');
+    }
+    /**
+     * Get the client public key
+     */
+    getClientPublicKey() {
+        return this.clientIdentity.getPublicKey();
+    }
+    /**
+     * Make an encrypted HTTP request
+     */
+    async request(input, init) {
+        // Extract body from init or original request before creating Request object
+        let requestBody = null;
+        if (input instanceof Request) {
+            // If input is a Request, extract its body
+            if (input.body) {
+                requestBody = await input.arrayBuffer();
+            }
+        }
+        else {
+            // If input is URL/string, get body from init
+            requestBody = init?.body || null;
+        }
+        // Create the URL with correct host
+        let url;
+        let method;
+        let headers;
+        if (input instanceof Request) {
+            url = new URL(input.url);
+            method = input.method;
+            headers = input.headers;
+        }
+        else {
+            url = new URL(input);
+            method = init?.method || 'GET';
+            headers = init?.headers || {};
+        }
+        url.host = this.serverHost;
+        let request = new Request(url.toString(), {
+            method,
+            headers,
+            body: requestBody,
+            duplex: 'half'
+        });
+        // Encrypt request body if present (check the original requestBody, not request.body)
+        if (requestBody !== null && requestBody !== undefined) {
+            request = await this.clientIdentity.encryptRequest(request, this.serverPublicKey);
+        }
+        else {
+            // No body, just set client public key header
+            const headers = new Headers(request.headers);
+            headers.set(PROTOCOL.CLIENT_PUBLIC_KEY_HEADER, await this.clientIdentity.getPublicKeyHex());
+            request = new Request(request.url, {
+                method: request.method,
+                headers,
+                body: null
+            });
+        }
+        // Make the request
+        const response = await fetch(request);
+        if (!response.ok) {
+            console.warn(`Server returned non-OK status: ${response.status}`);
+        }
+        // Check for encapsulated key header
+        const encapKeyHeader = response.headers.get(PROTOCOL.ENCAPSULATED_KEY_HEADER);
+        if (!encapKeyHeader) {
+            throw new Error(`Missing ${PROTOCOL.ENCAPSULATED_KEY_HEADER} encapsulated key header`);
+        }
+        // Decode encapsulated key
+        const serverEncapKey = new Uint8Array(encapKeyHeader.match(/.{2}/g).map(byte => parseInt(byte, 16)));
+        // Decrypt response
+        return await this.clientIdentity.decryptResponse(response, serverEncapKey);
+    }
+    /**
+     * Convenience method for GET requests
+     */
+    async get(url, init) {
+        return this.request(url, { ...init, method: 'GET' });
+    }
+    /**
+     * Convenience method for POST requests
+     */
+    async post(url, body, init) {
+        return this.request(url, { ...init, method: 'POST', body });
+    }
+    /**
+     * Convenience method for PUT requests
+     */
+    async put(url, body, init) {
+        return this.request(url, { ...init, method: 'PUT', body });
+    }
+    /**
+     * Convenience method for DELETE requests
+     */
+    async delete(url, init) {
+        return this.request(url, { ...init, method: 'DELETE' });
+    }
+}
+/**
+ * Create a new transport instance
+ */
+export async function createTransport(serverURL, clientIdentity) {
+    return Transport.create(serverURL, clientIdentity);
+}
+//# sourceMappingURL=client.js.map

package/dist/esm/client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.js","sourceRoot":"","sources":["../../src/client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AACzC,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AAEzC;;GAEG;AACH,MAAM,OAAO,SAAS;IACZ,cAAc,CAAW;IACzB,UAAU,CAAS;IACnB,eAAe,CAAY;IAEnC,YAAY,cAAwB,EAAE,UAAkB,EAAE,eAA0B;QAClF,IAAI,CAAC,cAAc,GAAG,cAAc,CAAC;QACrC,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,eAAe,GAAG,eAAe,CAAC;IACzC,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,SAAiB,EAAE,cAAwB;QAC7D,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,CAAC;QAC/B,MAAM,UAAU,GAAG,GAAG,CAAC,IAAI,CAAC;QAE5B,0BAA0B;QAC1B,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;QACvD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC;QAEjD,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,oCAAoC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;QACzE,CAAC;QAED,MAAM,WAAW,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QACzD,IAAI,WAAW,KAAK,QAAQ,CAAC,eAAe,EAAE,CAAC;YAC7C,MAAM,IAAI,KAAK,CAAC,yBAAyB,WAAW,EAAE,CAAC,CAAC;QAC1D,CAAC;QAED,MAAM,QAAQ,GAAG,IAAI,UAAU,CAAC,MAAM,QAAQ,CAAC,WAAW,EAAE,CAAC,CAAC;QAC9D,MAAM,cAAc,GAAG,MAAM,QAAQ,CAAC,qBAAqB,CAAC,QAAQ,CAAC,CAAC;QACtE,MAAM,eAAe,GAAG,cAAc,CAAC,YAAY,EAAE,CAAC;QAEtD,OAAO,IAAI,SAAS,CAAC,cAAc,EAAE,UAAU,EAAE,eAAe,CAAC,CAAC;IACpE,CAAC;IAED;;OAEG;IACH,kBAAkB;QAChB,OAAO,IAAI,CAAC,eAAe,CAAC;IAC9B,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,qBAAqB;QACzB,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,CAAC,eAAe,CAAC,CAAC;QAC5E,MAAM,QAAQ,GAAG,IAAI,UAAU,CAAC,QAAQ,CAAC,CAAC;QAC1C,OAAO,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC;aACxB,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;aACzC,IAAI,CAAC,EAAE,CAAC,CAAC;IACd,CAAC;IAED;;OAEG;IACH,kBAAkB;QAChB,OAAO,IAAI,CAAC,cAAc,CAAC,YAAY,EAAE,CAAC;IAC5C,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,OAAO,CAAC,KAAwB,EAAE,IAAkB;QACxD,4EAA4E;QAC5E,IAAI,WAAW,GAAoB,IAAI,CAAC;QAExC,IAAI,KAAK,YAAY,OAAO,EAAE,CAAC;YAC7B,0CAA0C;YAC1C,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC;gBACf,WAAW,GAAG,MAAM,KAAK,CAAC,WAAW,EAAE,CAAC;YAC1C,CAAC;QACH,CAAC;aAAM,CAAC;YACN,6CAA6C;YAC7C,WAAW,GAAG,IAAI,EAAE,IAAI,IAAI,IAAI,CAAC;QACnC,CAAC;QAED,mCAAmC;QACnC,IAAI,GAAQ,CAAC;QACb,IAAI,MAAc,CAAC;QACnB,IAAI,OAAoB,CAAC;QAEzB,IAAI,KAAK,YAAY,OAAO,EAAE,CAAC;YAC7B,GAAG,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACzB,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC;YACtB,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC;QAC1B,CAAC;aAAM,CAAC;YACN,GAAG,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC;YACrB,MAAM,GAAG,IAAI,EAAE,MAAM,IAAI,KAAK,CAAC;YAC/B,OAAO,GAAG,IAAI,EAAE,OAAO,IAAI,EAAE,CAAC;QAChC,CAAC;QAED,GAAG,CAAC,IAAI,GAAG,IAAI,CAAC,UAAU,CAAC;QAE3B,IAAI,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YACxC,MAAM;YACN,OAAO;YACP,IAAI,EAAE,WAAW;YACjB,MAAM,EAAE,MAAM;SACA,CAAC,CAAC;QAElB,qFAAqF;QACrF,IAAI,WAAW,KAAK,IAAI,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;YACtD,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,cAAc,CAAC,OAAO,EAAE,IAAI,CAAC,eAAe,CAAC,CAAC;QACpF,CAAC;aAAM,CAAC;YACN,6CAA6C;YAC7C,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;YAC7C,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,wBAAwB,EAAE,MAAM,IAAI,CAAC,cAAc,CAAC,eAAe,EAAE,CAAC,CAAC;YAC5F,OAAO,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE;gBACjC,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,OAAO;gBACP,IAAI,EAAE,IAAI;aACX,CAAC,CAAC;QACL,CAAC;QAED,mBAAmB;QACnB,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,CAAC;QAEtC,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,OAAO,CAAC,IAAI,CAAC,kCAAkC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;QACpE,CAAC;QAED,oCAAoC;QACpC,MAAM,cAAc,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,uBAAuB,CAAC,CAAC;QAC9E,IAAI,CAAC,cAAc,EAAE,CAAC;YACpB,MAAM,IAAI,KAAK,CAAC,WAAW,QAAQ,CAAC,uBAAuB,0BAA0B,CAAC,CAAC;QACzF,CAAC;QAED,0BAA0B;QAC1B,MAAM,cAAc,GAAG,IAAI,UAAU,CACnC,cAAc,CAAC,KAAK,CAAC,OAAO,CAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAC/D,CAAC;QAEF,mBAAmB;QACnB,OAAO,MAAM,IAAI,CAAC,cAAc,CAAC,eAAe,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;IAC7E,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,GAAG,CAAC,GAAiB,EAAE,IAAkB;QAC7C,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,GAAG,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;IACvD,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,IAAI,CAAC,GAAiB,EAAE,IAAe,EAAE,IAAkB;QAC/D,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,GAAG,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;IAC9D,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,GAAG,CAAC,GAAiB,EAAE,IAAe,EAAE,IAAkB;QAC9D,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,GAAG,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;IAC7D,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM,CAAC,GAAiB,EAAE,IAAkB;QAChD,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,GAAG,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,CAAC;IAC1D,CAAC;CACF;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,SAAiB,EAAE,cAAwB;IAC/E,OAAO,SAAS,CAAC,MAAM,CAAC,SAAS,EAAE,cAAc,CAAC,CAAC;AACrD,CAAC"}

package/dist/esm/example.d.ts

@@ -0,0 +1,6 @@
+#!/usr/bin/env node
+/**
+ * Example usage of the EHBP JavaScript client
+ */
+export {};
+//# sourceMappingURL=example.d.ts.map

package/dist/esm/example.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"example.d.ts","sourceRoot":"","sources":["../../src/example.ts"],"names":[],"mappings":";AAEA;;GAEG"}

package/dist/esm/example.js

@@ -0,0 +1,115 @@
+#!/usr/bin/env node
+/**
+ * Example usage of the EHBP JavaScript client
+ */
+import { Identity, createTransport } from './index.js';
+async function main() {
+    console.log('EHBP JavaScript Client Example');
+    console.log('==============================');
+    try {
+        // Create client identity
+        console.log('Creating client identity...');
+        const clientIdentity = await Identity.generate();
+        console.log('Client public key:', await clientIdentity.getPublicKeyHex());
+        // Create transport (this will fetch server public key)
+        console.log('Creating transport...');
+        const serverURL = 'http://localhost:8080'; // Adjust as needed
+        const transport = await createTransport(serverURL, clientIdentity);
+        console.log('Transport created successfully');
+        // Example 1: GET request to secure endpoint
+        console.log('\n--- GET Request ---');
+        try {
+            const getResponse = await transport.get(`${serverURL}/secure`);
+            console.log('GET Response status:', getResponse.status);
+            if (getResponse.ok) {
+                const getData = await getResponse.text();
+                console.log('GET Response:', getData);
+            }
+            else {
+                console.log('GET Request failed with status:', getResponse.status);
+            }
+        }
+        catch (error) {
+            console.log('GET Request failed:', error instanceof Error ? error.message : String(error));
+        }
+        // Example 2: POST request with JSON data
+        console.log('\n--- POST Request ---');
+        try {
+            const postData = { message: 'Hello from JavaScript client!', timestamp: new Date().toISOString() };
+            const postResponse = await transport.post(`${serverURL}/secure`, JSON.stringify(postData), { headers: { 'Content-Type': 'application/json' } });
+            console.log('POST Response status:', postResponse.status);
+            if (postResponse.ok) {
+                const responseData = await postResponse.text();
+                console.log('POST Response:', responseData);
+            }
+            else {
+                console.log('POST Request failed with status:', postResponse.status);
+            }
+        }
+        catch (error) {
+            console.log('POST Request failed:', error instanceof Error ? error.message : String(error));
+        }
+        // Example 3: PUT request
+        console.log('\n--- PUT Request ---');
+        try {
+            const putData = { id: 1, name: 'Updated Item' };
+            const putResponse = await transport.put(`${serverURL}/secure`, JSON.stringify(putData), { headers: { 'Content-Type': 'application/json' } });
+            console.log('PUT Response status:', putResponse.status);
+            if (putResponse.ok) {
+                const putResponseData = await putResponse.text();
+                console.log('PUT Response:', putResponseData);
+            }
+            else {
+                console.log('PUT Request failed with status:', putResponse.status);
+            }
+        }
+        catch (error) {
+            console.log('PUT Request failed:', error instanceof Error ? error.message : String(error));
+        }
+        // Example 4: Streaming request
+        console.log('\n--- Streaming Request ---');
+        try {
+            const streamResponse = await transport.get(`${serverURL}/stream`);
+            console.log('Stream Response status:', streamResponse.status);
+            if (streamResponse.ok) {
+                console.log('Streaming response (should show numbers 1-20):');
+                const reader = streamResponse.body?.getReader();
+                if (reader) {
+                    const decoder = new TextDecoder();
+                    let chunkCount = 0;
+                    while (true) {
+                        const { done, value } = await reader.read();
+                        if (done)
+                            break;
+                        const text = decoder.decode(value, { stream: true });
+                        process.stdout.write(text);
+                        chunkCount++;
+                    }
+                    console.log(`\nStream completed with ${chunkCount} chunks`);
+                }
+                else {
+                    console.log('No readable stream available');
+                }
+            }
+            else {
+                console.log('Stream Request failed with status:', streamResponse.status);
+            }
+        }
+        catch (error) {
+            console.log('Stream Request failed:', error instanceof Error ? error.message : String(error));
+        }
+        console.log('\nExample completed successfully!');
+        console.log('\nTo test with a real server:');
+        console.log('1. Start the Go server: go run pkg/server/main.go');
+        console.log('2. Run this example: npm run example');
+    }
+    catch (error) {
+        console.error('Error:', error);
+        process.exit(1);
+    }
+}
+// Run the example
+if (import.meta.url === `file://${process.argv[1]}`) {
+    main().catch(console.error);
+}
+//# sourceMappingURL=example.js.map

package/dist/esm/example.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"example.js","sourceRoot":"","sources":["../../src/example.ts"],"names":[],"mappings":";AAEA;;GAEG;AAEH,OAAO,EAAE,QAAQ,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAEvD,KAAK,UAAU,IAAI;IACjB,OAAO,CAAC,GAAG,CAAC,gCAAgC,CAAC,CAAC;IAC9C,OAAO,CAAC,GAAG,CAAC,gCAAgC,CAAC,CAAC;IAE9C,IAAI,CAAC;QACH,yBAAyB;QACzB,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC,CAAC;QAC3C,MAAM,cAAc,GAAG,MAAM,QAAQ,CAAC,QAAQ,EAAE,CAAC;QACjD,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,MAAM,cAAc,CAAC,eAAe,EAAE,CAAC,CAAC;QAE1E,uDAAuD;QACvD,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;QACrC,MAAM,SAAS,GAAG,uBAAuB,CAAC,CAAC,mBAAmB;QAC9D,MAAM,SAAS,GAAG,MAAM,eAAe,CAAC,SAAS,EAAE,cAAc,CAAC,CAAC;QACnE,OAAO,CAAC,GAAG,CAAC,gCAAgC,CAAC,CAAC;QAE9C,4CAA4C;QAC5C,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;QACrC,IAAI,CAAC;YACH,MAAM,WAAW,GAAG,MAAM,SAAS,CAAC,GAAG,CAAC,GAAG,SAAS,SAAS,CAAC,CAAC;YAC/D,OAAO,CAAC,GAAG,CAAC,sBAAsB,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC;YACxD,IAAI,WAAW,CAAC,EAAE,EAAE,CAAC;gBACnB,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,IAAI,EAAE,CAAC;gBACzC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;YACxC,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,GAAG,CAAC,iCAAiC,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC;YACrE,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,GAAG,CAAC,qBAAqB,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;QAC7F,CAAC;QAED,yCAAyC;QACzC,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC;QACtC,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,EAAE,OAAO,EAAE,+BAA+B,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC;YACnG,MAAM,YAAY,GAAG,MAAM,SAAS,CAAC,IAAI,CACvC,GAAG,SAAS,SAAS,EACrB,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,EACxB,EAAE,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,EAAE,CACpD,CAAC;YACF,OAAO,CAAC,GAAG,CAAC,uBAAuB,EAAE,YAAY,CAAC,MAAM,CAAC,CAAC;YAC1D,IAAI,YAAY,CAAC,EAAE,EAAE,CAAC;gBACpB,MAAM,YAAY,GAAG,MAAM,YAAY,CAAC,IAAI,EAAE,CAAC;gBAC/C,OAAO,CAAC,GAAG,CAAC,gBAAgB,EAAE,YAAY,CAAC,CAAC;YAC9C,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,GAAG,CAAC,kCAAkC,EAAE,YAAY,CAAC,MAAM,CAAC,CAAC;YACvE,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,GAAG,CAAC,sBAAsB,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;QAC9F,CAAC;QAED,yBAAyB;QACzB,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;QACrC,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,EAAE,EAAE,EAAE,CAAC,EAAE,IAAI,EAAE,cAAc,EAAE,CAAC;YAChD,MAAM,WAAW,GAAG,MAAM,SAAS,CAAC,GAAG,CACrC,GAAG,SAAS,SAAS,EACrB,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,EACvB,EAAE,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,EAAE,CACpD,CAAC;YACF,OAAO,CAAC,GAAG,CAAC,sBAAsB,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC;YACxD,IAAI,WAAW,CAAC,EAAE,EAAE,CAAC;gBACnB,MAAM,eAAe,GAAG,MAAM,WAAW,CAAC,IAAI,EAAE,CAAC;gBACjD,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,eAAe,CAAC,CAAC;YAChD,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,GAAG,CAAC,iCAAiC,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC;YACrE,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,GAAG,CAAC,qBAAqB,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;QAC7F,CAAC;QAED,+BAA+B;QAC/B,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC,CAAC;QAC3C,IAAI,CAAC;YACH,MAAM,cAAc,GAAG,MAAM,SAAS,CAAC,GAAG,CAAC,GAAG,SAAS,SAAS,CAAC,CAAC;YAClE,OAAO,CAAC,GAAG,CAAC,yBAAyB,EAAE,cAAc,CAAC,MAAM,CAAC,CAAC;YAC9D,IAAI,cAAc,CAAC,EAAE,EAAE,CAAC;gBACtB,OAAO,CAAC,GAAG,CAAC,gDAAgD,CAAC,CAAC;gBAC9D,MAAM,MAAM,GAAG,cAAc,CAAC,IAAI,EAAE,SAAS,EAAE,CAAC;gBAChD,IAAI,MAAM,EAAE,CAAC;oBACX,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;oBAClC,IAAI,UAAU,GAAG,CAAC,CAAC;oBAEnB,OAAO,IAAI,EAAE,CAAC;wBACZ,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,MAAM,MAAM,CAAC,IAAI,EAAE,CAAC;wBAC5C,IAAI,IAAI;4BAAE,MAAM;wBAEhB,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;wBACrD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;wBAC3B,UAAU,EAAE,CAAC;oBACf,CAAC;oBAED,OAAO,CAAC,GAAG,CAAC,2BAA2B,UAAU,SAAS,CAAC,CAAC;gBAC9D,CAAC;qBAAM,CAAC;oBACN,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC;gBAC9C,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,GAAG,CAAC,oCAAoC,EAAE,cAAc,CAAC,MAAM,CAAC,CAAC;YAC3E,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,GAAG,CAAC,wBAAwB,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;QAChG,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,mCAAmC,CAAC,CAAC;QACjD,OAAO,CAAC,GAAG,CAAC,+BAA+B,CAAC,CAAC;QAC7C,OAAO,CAAC,GAAG,CAAC,mDAAmD,CAAC,CAAC;QACjE,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;IAEtD,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QAC/B,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,kBAAkB;AAClB,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,KAAK,UAAU,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;IACpD,IAAI,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;AAC9B,CAAC"}

package/dist/esm/identity.d.ts

@@ -0,0 +1,52 @@
+import { CipherSuite } from '@hpke/core';
+/**
+ * Identity class for managing HPKE key pairs and encryption/decryption
+ */
+export declare class Identity {
+    private suite;
+    private publicKey;
+    private privateKey;
+    constructor(suite: CipherSuite, publicKey: CryptoKey, privateKey: CryptoKey);
+    /**
+     * Generate a new identity with X25519 key pair
+     */
+    static generate(): Promise<Identity>;
+    /**
+     * Create identity from JSON string
+     */
+    static fromJSON(json: string): Promise<Identity>;
+    /**
+     * Convert identity to JSON string
+     */
+    toJSON(): Promise<string>;
+    /**
+     * Get public key as CryptoKey
+     */
+    getPublicKey(): CryptoKey;
+    /**
+     * Get public key as hex string
+     */
+    getPublicKeyHex(): Promise<string>;
+    /**
+     * Get private key as CryptoKey
+     */
+    getPrivateKey(): CryptoKey;
+    /**
+     * Marshal public key configuration for server key distribution
+     * Implements RFC 9458 format
+     */
+    marshalConfig(): Promise<Uint8Array>;
+    /**
+     * Unmarshal public configuration from server
+     */
+    static unmarshalPublicConfig(data: Uint8Array): Promise<Identity>;
+    /**
+     * Encrypt request body and set appropriate headers
+     */
+    encryptRequest(request: Request, serverPublicKey: CryptoKey): Promise<Request>;
+    /**
+     * Decrypt response body
+     */
+    decryptResponse(response: Response, serverEncapKey: Uint8Array): Promise<Response>;
+}
+//# sourceMappingURL=identity.d.ts.map

package/dist/esm/identity.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"identity.d.ts","sourceRoot":"","sources":["../../src/identity.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAgD,MAAM,YAAY,CAAC;AAGvF;;GAEG;AACH,qBAAa,QAAQ;IACnB,OAAO,CAAC,KAAK,CAAc;IAC3B,OAAO,CAAC,SAAS,CAAY;IAC7B,OAAO,CAAC,UAAU,CAAY;gBAElB,KAAK,EAAE,WAAW,EAAE,SAAS,EAAE,SAAS,EAAE,UAAU,EAAE,SAAS;IAM3E;;OAEG;WACU,QAAQ,IAAI,OAAO,CAAC,QAAQ,CAAC;IAsB1C;;OAEG;WACU,QAAQ,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC;IAwBtD;;OAEG;IACG,MAAM,IAAI,OAAO,CAAC,MAAM,CAAC;IAY/B;;OAEG;IACH,YAAY,IAAI,SAAS;IAIzB;;OAEG;IACG,eAAe,IAAI,OAAO,CAAC,MAAM,CAAC;IAOxC;;OAEG;IACH,aAAa,IAAI,SAAS;IAI1B;;;OAGG;IACG,aAAa,IAAI,OAAO,CAAC,UAAU,CAAC;IA0C1C;;OAEG;WACU,qBAAqB,CAAC,IAAI,EAAE,UAAU,GAAG,OAAO,CAAC,QAAQ,CAAC;IAwCvE;;OAEG;IACG,cAAc,CAAC,OAAO,EAAE,OAAO,EAAE,eAAe,EAAE,SAAS,GAAG,OAAO,CAAC,OAAO,CAAC;IAgDpF;;OAEG;IACG,eAAe,CAAC,QAAQ,EAAE,QAAQ,EAAE,cAAc,EAAE,UAAU,GAAG,OAAO,CAAC,QAAQ,CAAC;CAuFzF"}