npm - ehbp - Versions diffs - 0.0.7 → 0.1.0 - Mend

ehbp 0.0.7 → 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (62) hide show

package/README.md +84 -138
package/dist/cjs/client.d.ts +13 -13
package/dist/cjs/client.d.ts.map +1 -1
package/dist/cjs/client.js +32 -52
package/dist/cjs/client.js.map +1 -1
package/dist/cjs/derive.d.ts +63 -0
package/dist/cjs/derive.d.ts.map +1 -0
package/dist/cjs/derive.js +136 -0
package/dist/cjs/derive.js.map +1 -0
package/dist/cjs/identity.d.ts +37 -10
package/dist/cjs/identity.d.ts.map +1 -1
package/dist/cjs/identity.js +152 -146
package/dist/cjs/identity.js.map +1 -1
package/dist/cjs/index.d.ts +4 -1
package/dist/cjs/index.d.ts.map +1 -1
package/dist/cjs/index.js +15 -1
package/dist/cjs/index.js.map +1 -1
package/dist/cjs/protocol.d.ts +1 -1
package/dist/cjs/protocol.js +2 -2
package/dist/cjs/protocol.js.map +1 -1
package/dist/esm/client.d.ts +13 -13
package/dist/esm/client.d.ts.map +1 -1
package/dist/esm/client.js +32 -52
package/dist/esm/client.js.map +1 -1
package/dist/esm/derive.d.ts +63 -0
package/dist/esm/derive.d.ts.map +1 -0
package/dist/esm/derive.js +127 -0
package/dist/esm/derive.js.map +1 -0
package/dist/esm/identity.d.ts +37 -10
package/dist/esm/identity.d.ts.map +1 -1
package/dist/esm/identity.js +152 -146
package/dist/esm/identity.js.map +1 -1
package/dist/esm/index.d.ts +4 -1
package/dist/esm/index.d.ts.map +1 -1
package/dist/esm/index.js +2 -0
package/dist/esm/index.js.map +1 -1
package/dist/esm/protocol.d.ts +1 -1
package/dist/esm/protocol.js +2 -2
package/dist/esm/protocol.js.map +1 -1
package/dist/esm/test/client.test.js +15 -16
package/dist/esm/test/client.test.js.map +1 -1
package/dist/esm/test/derive.test.d.ts +2 -0
package/dist/esm/test/derive.test.d.ts.map +1 -0
package/dist/esm/test/derive.test.js +164 -0
package/dist/esm/test/derive.test.js.map +1 -0
package/dist/esm/test/security.test.d.ts +10 -0
package/dist/esm/test/security.test.d.ts.map +1 -0
package/dist/esm/test/security.test.js +153 -0
package/dist/esm/test/security.test.js.map +1 -0
package/dist/esm/test/streaming.integration.d.ts +9 -0
package/dist/esm/test/streaming.integration.d.ts.map +1 -0
package/dist/esm/test/streaming.integration.js +190 -0
package/dist/esm/test/streaming.integration.js.map +1 -0
package/package.json +6 -7
package/dist/esm/example.d.ts +0 -6
package/dist/esm/example.d.ts.map +0 -1
package/dist/esm/example.js +0 -115
package/dist/esm/example.js.map +0 -1
package/dist/esm/streaming-test.d.ts +0 -3
package/dist/esm/streaming-test.d.ts.map +0 -1
package/dist/esm/streaming-test.js +0 -102
package/dist/esm/streaming-test.js.map +0 -1

package/dist/esm/identity.d.ts CHANGED Viewed

@@ -1,4 +1,12 @@
-import { CipherSuite } from '@hpke/core';
+import { CipherSuite, type SenderContext, type Key } from 'hpke';
+/**
+ * Request context for response decryption.
+ * Holds the HPKE sender context needed to derive response keys.
+ */
+export interface RequestContext {
+    senderContext: SenderContext;
+    requestEnc: Uint8Array;
+}
 /**
  * Identity class for managing HPKE key pairs and encryption/decryption
  */
@@ -6,7 +14,7 @@ export declare class Identity {
     private suite;
     private publicKey;
     private privateKey;
-    constructor(suite: CipherSuite, publicKey: CryptoKey, privateKey: CryptoKey);
+    constructor(suite: CipherSuite, publicKey: Key, privateKey: Key);
     /**
      * Generate a new identity with X25519 key pair
      */
@@ -20,17 +28,17 @@ export declare class Identity {
      */
     toJSON(): Promise<string>;
     /**
-     * Get public key as CryptoKey
+     * Get public key
      */
-    getPublicKey(): CryptoKey;
+    getPublicKey(): Key;
     /**
      * Get public key as hex string
      */
     getPublicKeyHex(): Promise<string>;
     /**
-     * Get private key as CryptoKey
+     * Get private key
      */
-    getPrivateKey(): CryptoKey;
+    getPrivateKey(): Key;
     /**
      * Marshal public key configuration for server key distribution
      * Implements RFC 9458 format
@@ -41,12 +49,31 @@ export declare class Identity {
      */
     static unmarshalPublicConfig(data: Uint8Array): Promise<Identity>;
     /**
-     * Encrypt request body and set appropriate headers
+     * Encrypt request body and return context for response decryption.
+     *
+     * This method is called on the SERVER's identity (public key only).
+     * It:
+     * 1. Creates an HPKE sender context to this identity's public key
+     * 2. Encrypts the request body
+     * 3. Returns a RequestContext that must be used to decrypt the response
+     */
+    encryptRequestWithContext(request: Request): Promise<{
+        request: Request;
+        context: RequestContext | null;
+    }>;
+    /**
+     * Decrypt response using keys derived from request context.
+     *
+     * This method:
+     * 1. Reads the response nonce from Ehbp-Response-Nonce header
+     * 2. Exports a secret from the HPKE sender context
+     * 3. Derives response keys using HKDF
+     * 4. Decrypts the response body
      */
-    encryptRequest(request: Request, serverPublicKey: CryptoKey): Promise<Request>;
+    decryptResponseWithContext(response: Response, context: RequestContext): Promise<Response>;
     /**
-     * Decrypt response body
+     * Creates a ReadableStream that decrypts response chunks.
      */
-    decryptResponse(response: Response, serverEncapKey: Uint8Array): Promise<Response>;
+    private createDecryptStream;
 }
 //# sourceMappingURL=identity.d.ts.map

package/dist/esm/identity.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"identity.d.ts","sourceRoot":"","sources":["../../src/identity.ts"],"names":[],"mappings":"AAAA,OAAO,~~EAAE~~,WAAW,~~EAAgD~~,MAAM,~~YAAY~~,CAAC;~~AAGvF~~;;GAEG;AACH,qBAAa,QAAQ;IACnB,OAAO,CAAC,KAAK,CAAc;IAC3B,OAAO,CAAC,SAAS,~~CAAY~~;~~IAC7B~~,OAAO,CAAC,UAAU,~~CAAY~~;~~gBAElB~~,KAAK,EAAE,WAAW,EAAE,SAAS,EAAE,~~SAAS~~,EAAE,UAAU,EAAE,~~SAAS~~;~~IAM3E~~;;OAEG;WACU,QAAQ,IAAI,OAAO,CAAC,QAAQ,CAAC;~~IAsB1C~~;;OAEG;WACU,QAAQ,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC;~~IAwBtD~~;;OAEG;IACG,MAAM,IAAI,OAAO,CAAC,MAAM,CAAC;~~IAY~~/B;;OAEG;IACH,YAAY,IAAI,~~SAAS~~;~~IAIzB~~;;OAEG;IACG,eAAe,IAAI,OAAO,CAAC,MAAM,CAAC;~~IAOxC~~;;OAEG;IACH,aAAa,IAAI,~~SAAS~~;~~IAI1B~~;;;OAGG;IACG,aAAa,IAAI,OAAO,CAAC,UAAU,CAAC;IA0C1C;;OAEG;WACU,qBAAqB,CAAC,IAAI,EAAE,UAAU,GAAG,OAAO,CAAC,QAAQ,CAAC;~~IAuDvE;;OAEG~~;IACG,~~cAAc~~,~~CAAC~~,OAAO,EAAE,OAAO,~~EAAE~~,~~eAAe~~,~~EAAE~~,~~SAAS~~,~~GAAG~~,OAAO,CAAC,OAAO,CAAC;~~IAgDpF;;OAEG~~;IACG,~~eAAe~~,~~CAAC~~,QAAQ,EAAE,QAAQ,~~EAAE~~,~~cAAc~~,EAAE,~~UAAU~~,~~GAAG~~,OAAO,CAAC,QAAQ,CAAC;~~CAwFzF~~"}
1	+ {"version":3,"file":"identity.d.ts","sourceRoot":"","sources":["../../src/identity.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,WAAW,EAIX,KAAK,aAAa,EAClB,KAAK,GAAG,EACT,MAAM,MAAM,CAAC;AAcd;;;GAGG;AACH,MAAM,WAAW,cAAc;IAC7B,aAAa,EAAE,aAAa,CAAC;IAC7B,UAAU,EAAE,UAAU,CAAC;CACxB;AAaD;;GAEG;AACH,qBAAa,QAAQ;IACnB,OAAO,CAAC,KAAK,CAAc;IAC3B,OAAO,CAAC,SAAS,CAAM;IACvB,OAAO,CAAC,UAAU,CAAM;gBAEZ,KAAK,EAAE,WAAW,EAAE,SAAS,EAAE,GAAG,EAAE,UAAU,EAAE,GAAG;IAM/D;;OAEG;WACU,QAAQ,IAAI,OAAO,CAAC,QAAQ,CAAC;IAO1C;;OAEG;WACU,QAAQ,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC;IAWtD;;OAEG;IACG,MAAM,IAAI,OAAO,CAAC,MAAM,CAAC;IAU/B;;OAEG;IACH,YAAY,IAAI,GAAG;IAInB;;OAEG;IACG,eAAe,IAAI,OAAO,CAAC,MAAM,CAAC;IAKxC;;OAEG;IACH,aAAa,IAAI,GAAG;IAIpB;;;OAGG;IACG,aAAa,IAAI,OAAO,CAAC,UAAU,CAAC;IA0C1C;;OAEG;WACU,qBAAqB,CAAC,IAAI,EAAE,UAAU,GAAG,OAAO,CAAC,QAAQ,CAAC;IAqDvE;;;;;;;;OAQG;IACG,yBAAyB,CAC7B,OAAO,EAAE,OAAO,GACf,OAAO,CAAC;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,OAAO,EAAE,cAAc,GAAG,IAAI,CAAA;KAAE,CAAC;IAwDhE;;;;;;;;OAQG;IACG,0BAA0B,CAC9B,QAAQ,EAAE,QAAQ,EAClB,OAAO,EAAE,cAAc,GACtB,OAAO,CAAC,QAAQ,CAAC;IAmCpB;;OAEG;IACH,OAAO,CAAC,mBAAmB;CAyD5B"}

package/dist/esm/identity.js CHANGED Viewed

@@ -1,5 +1,12 @@
-import { CipherSuite, DhkemX25519HkdfSha256, HkdfSha256, Aes256Gcm } from '@hpke/core';
+import { CipherSuite, KEM_DHKEM_X25519_HKDF_SHA256, KDF_HKDF_SHA256, AEAD_AES_256_GCM, } from 'hpke';
 import { PROTOCOL, HPKE_CONFIG } from './protocol.js';
+import { deriveResponseKeys, decryptChunk, hexToBytes, bytesToHex, HPKE_REQUEST_INFO, EXPORT_LABEL, EXPORT_LENGTH, RESPONSE_NONCE_LENGTH, } from './derive.js';
+/**
+ * Creates a new CipherSuite for X25519/HKDF-SHA256/AES-256-GCM
+ */
+function createSuite() {
+    return new CipherSuite(KEM_DHKEM_X25519_HKDF_SHA256, KDF_HKDF_SHA256, AEAD_AES_256_GCM);
+}
 /**
  * Identity class for managing HPKE key pairs and encryption/decryption
  */
@@ -16,48 +23,34 @@ export class Identity {
      * Generate a new identity with X25519 key pair
      */
     static async generate() {
-        const suite = new CipherSuite({
-            kem: new DhkemX25519HkdfSha256(),
-            kdf: new HkdfSha256(),
-            aead: new Aes256Gcm()
-        });
-        const { publicKey, privateKey } = await suite.kem.generateKeyPair();
-        // Make sure the public key is extractable for serialization
-        const extractablePublicKey = await crypto.subtle.importKey('raw', await crypto.subtle.exportKey('raw', publicKey), { name: 'X25519' }, true, // extractable
-        []);
-        return new Identity(suite, extractablePublicKey, privateKey);
+        const suite = createSuite();
+        const { publicKey, privateKey } = await suite.GenerateKeyPair(true); // extractable
+        return new Identity(suite, publicKey, privateKey);
     }
     /**
      * Create identity from JSON string
      */
     static async fromJSON(json) {
         const data = JSON.parse(json);
-        const suite = new CipherSuite({
-            kem: new DhkemX25519HkdfSha256(),
-            kdf: new HkdfSha256(),
-            aead: new Aes256Gcm()
-        });
-        // Import public key
-        const publicKey = await crypto.subtle.importKey('raw', new Uint8Array(data.publicKey), { name: 'X25519' }, true, // extractable
-        []);
-        // Deserialize private key using HPKE library
-        const privateKey = await suite.kem.deserializePrivateKey(new Uint8Array(data.privateKey).buffer);
+        const suite = createSuite();
+        // Deserialize keys using the suite
+        const publicKey = await suite.DeserializePublicKey(new Uint8Array(data.publicKey));
+        const privateKey = await suite.DeserializePrivateKey(new Uint8Array(data.privateKey), true);
         return new Identity(suite, publicKey, privateKey);
     }
     /**
      * Convert identity to JSON string
      */
     async toJSON() {
-        const publicKeyBytes = new Uint8Array(await crypto.subtle.exportKey('raw', this.publicKey));
-        // For X25519, we need to use the HPKE library's serialization for private keys
-        const privateKeyBytes = await this.suite.kem.serializePrivateKey(this.privateKey);
+        const publicKeyBytes = await this.suite.SerializePublicKey(this.publicKey);
+        const privateKeyBytes = await this.suite.SerializePrivateKey(this.privateKey);
         return JSON.stringify({
             publicKey: Array.from(publicKeyBytes),
-            privateKey: Array.from(new Uint8Array(privateKeyBytes))
+            privateKey: Array.from(privateKeyBytes),
         });
     }
     /**
-     * Get public key as CryptoKey
+     * Get public key
      */
     getPublicKey() {
         return this.publicKey;
@@ -66,13 +59,11 @@ export class Identity {
      * Get public key as hex string
      */
     async getPublicKeyHex() {
-        const exported = await crypto.subtle.exportKey('raw', this.publicKey);
-        return Array.from(new Uint8Array(exported))
-            .map(b => b.toString(16).padStart(2, '0'))
-            .join('');
+        const exported = await this.suite.SerializePublicKey(this.publicKey);
+        return bytesToHex(exported);
     }
     /**
-     * Get private key as CryptoKey
+     * Get private key
      */
     getPrivateKey() {
         return this.privateKey;
@@ -86,7 +77,7 @@ export class Identity {
         const kdfId = HPKE_CONFIG.KDF;
         const aeadId = HPKE_CONFIG.AEAD;
         // Export public key as raw bytes
-        const publicKeyBytes = new Uint8Array(await crypto.subtle.exportKey('raw', this.publicKey));
+        const publicKeyBytes = await this.suite.SerializePublicKey(this.publicKey);
         // Key ID (1 byte) + KEM ID (2 bytes) + Public Key + Cipher Suites
         const keyId = 0;
         const publicKeySize = publicKeyBytes.length;
@@ -96,20 +87,20 @@ export class Identity {
         // Key ID
         buffer[offset++] = keyId;
         // KEM ID
-        buffer[offset++] = (kemId >> 8) & 0xFF;
-        buffer[offset++] = kemId & 0xFF;
+        buffer[offset++] = (kemId >> 8) & 0xff;
+        buffer[offset++] = kemId & 0xff;
         // Public Key
         buffer.set(publicKeyBytes, offset);
         offset += publicKeySize;
         // Cipher Suites Length (2 bytes)
-        buffer[offset++] = (cipherSuitesSize >> 8) & 0xFF;
-        buffer[offset++] = cipherSuitesSize & 0xFF;
+        buffer[offset++] = (cipherSuitesSize >> 8) & 0xff;
+        buffer[offset++] = cipherSuitesSize & 0xff;
         // KDF ID
-        buffer[offset++] = (kdfId >> 8) & 0xFF;
-        buffer[offset++] = kdfId & 0xFF;
+        buffer[offset++] = (kdfId >> 8) & 0xff;
+        buffer[offset++] = kdfId & 0xff;
         // AEAD ID
-        buffer[offset++] = (aeadId >> 8) & 0xFF;
-        buffer[offset++] = aeadId & 0xFF;
+        buffer[offset++] = (aeadId >> 8) & 0xff;
+        buffer[offset++] = aeadId & 0xff;
         return buffer;
     }
     /**
@@ -144,140 +135,155 @@ export class Identity {
         if (firstSuite.kdfId !== HPKE_CONFIG.KDF || firstSuite.aeadId !== HPKE_CONFIG.AEAD) {
             throw new Error(`Unsupported cipher suite: KDF=0x${firstSuite.kdfId.toString(16)}, AEAD=0x${firstSuite.aeadId.toString(16)}`);
         }
-        // Create cipher suite (currently only supports X25519/HKDF-SHA256/AES-256-GCM)
-        const suite = new CipherSuite({
-            kem: new DhkemX25519HkdfSha256(),
-            kdf: new HkdfSha256(),
-            aead: new Aes256Gcm()
-        });
-        // Import public key using HPKE library
-        const publicKey = await suite.kem.deserializePublicKey(publicKeyBytes.buffer);
+        // Create cipher suite
+        const suite = createSuite();
+        // Import public key
+        const publicKey = await suite.DeserializePublicKey(publicKeyBytes);
         // For server config, we only have the public key, no private key
         // We'll create a dummy private key that won't be used
-        const dummyPrivateKey = await suite.kem.deserializePrivateKey(new Uint8Array(32).buffer);
+        const dummyPrivateKey = await suite.DeserializePrivateKey(new Uint8Array(32), false);
         return new Identity(suite, publicKey, dummyPrivateKey);
     }
     /**
-     * Encrypt request body and set appropriate headers
+     * Encrypt request body and return context for response decryption.
+     *
+     * This method is called on the SERVER's identity (public key only).
+     * It:
+     * 1. Creates an HPKE sender context to this identity's public key
+     * 2. Encrypts the request body
+     * 3. Returns a RequestContext that must be used to decrypt the response
      */
-    async encryptRequest(request, serverPublicKey) {
+    async encryptRequestWithContext(request) {
         const body = await request.arrayBuffer();
+        // Bodyless requests pass through unmodified - no HPKE context needed.
+        // See SPEC.md Section 5.1: "When the request has no payload body, an encrypted
+        // response is not possible (since there is no HPKE context to derive response
+        // keys from). Such requests pass through unmodified."
         if (body.byteLength === 0) {
-            // No body to encrypt, just set client public key header
-            const headers = new Headers(request.headers);
-            headers.set(PROTOCOL.CLIENT_PUBLIC_KEY_HEADER, await this.getPublicKeyHex());
-            return new Request(request.url, {
-                method: request.method,
-                headers,
-                body: null
-            });
+            return {
+                request: new Request(request.url, {
+                    method: request.method,
+                    headers: request.headers,
+                    body: null,
+                }),
+                context: null,
+            };
         }
-        // Create sender for encryption
-        const sender = await this.suite.createSenderContext({
-            recipientPublicKey: serverPublicKey
+        // Create sender context for encryption with info parameter for domain separation
+        const infoBytes = new TextEncoder().encode(HPKE_REQUEST_INFO);
+        const { encapsulatedSecret, ctx } = await this.suite.SetupSender(this.publicKey, {
+            info: infoBytes,
         });
+        // Store context for response decryption
+        const context = {
+            senderContext: ctx,
+            requestEnc: encapsulatedSecret,
+        };
+        // Set headers - only encapsulated key for requests with body
+        const headers = new Headers(request.headers);
+        headers.set(PROTOCOL.ENCAPSULATED_KEY_HEADER, bytesToHex(context.requestEnc));
         // Encrypt the body
-        const encrypted = await sender.seal(body);
-        // Get encapsulated key
-        const encapKey = sender.enc;
+        const encrypted = await ctx.Seal(new Uint8Array(body));
         // Create chunked format: 4-byte length header + encrypted data
         const chunkLength = new Uint8Array(4);
-        const view = new DataView(chunkLength.buffer);
-        view.setUint32(0, encrypted.byteLength, false); // Big-endian
+        new DataView(chunkLength.buffer).setUint32(0, encrypted.byteLength, false);
         const chunkedData = new Uint8Array(4 + encrypted.byteLength);
         chunkedData.set(chunkLength, 0);
-        chunkedData.set(new Uint8Array(encrypted), 4);
-        // Create new request with encrypted body and headers
-        const headers = new Headers(request.headers);
-        headers.set(PROTOCOL.CLIENT_PUBLIC_KEY_HEADER, await this.getPublicKeyHex());
-        headers.set(PROTOCOL.ENCAPSULATED_KEY_HEADER, Array.from(new Uint8Array(encapKey))
-            .map(b => b.toString(16).padStart(2, '0'))
-            .join(''));
-        return new Request(request.url, {
-            method: request.method,
-            headers,
-            body: chunkedData,
-            duplex: 'half'
-        });
+        chunkedData.set(encrypted, 4);
+        return {
+            request: new Request(request.url, {
+                method: request.method,
+                headers,
+                body: chunkedData,
+                duplex: 'half',
+            }),
+            context,
+        };
     }
     /**
-     * Decrypt response body
+     * Decrypt response using keys derived from request context.
+     *
+     * This method:
+     * 1. Reads the response nonce from Ehbp-Response-Nonce header
+     * 2. Exports a secret from the HPKE sender context
+     * 3. Derives response keys using HKDF
+     * 4. Decrypts the response body
      */
-    async decryptResponse(response, serverEncapKey) {
+    async decryptResponseWithContext(response, context) {
         if (!response.body) {
             return response;
         }
-        // Create receiver for decryption
-        const receiver = await this.suite.createRecipientContext({
-            recipientKey: this.privateKey,
-            enc: serverEncapKey.buffer
+        // Get response nonce from header
+        const responseNonceHex = response.headers.get(PROTOCOL.RESPONSE_NONCE_HEADER);
+        if (!responseNonceHex) {
+            throw new Error(`Missing ${PROTOCOL.RESPONSE_NONCE_HEADER} header`);
+        }
+        const responseNonce = hexToBytes(responseNonceHex);
+        if (responseNonce.length !== RESPONSE_NONCE_LENGTH) {
+            throw new Error(`Invalid response nonce length: expected ${RESPONSE_NONCE_LENGTH}, got ${responseNonce.length}`);
+        }
+        // Export secret from request context
+        const exportLabelBytes = new TextEncoder().encode(EXPORT_LABEL);
+        const exportedSecret = await context.senderContext.Export(exportLabelBytes, EXPORT_LENGTH);
+        // Derive response keys
+        const km = await deriveResponseKeys(exportedSecret, context.requestEnc, responseNonce);
+        // Create decrypting stream
+        const decryptedStream = this.createDecryptStream(response.body, km);
+        return new Response(decryptedStream, {
+            status: response.status,
+            statusText: response.statusText,
+            headers: response.headers,
         });
-        // Create a readable stream that decrypts chunks as they arrive
-        const decryptedStream = new ReadableStream({
-            start(controller) {
-                const reader = response.body.getReader();
-                let buffer = new Uint8Array(0);
-                let offset = 0;
-                async function pump() {
-                    try {
-                        while (true) {
-                            const { done, value } = await reader.read();
-                            if (done)
-                                break;
-                            // Append new data to buffer
-                            const newBuffer = new Uint8Array(buffer.length + value.length);
-                            newBuffer.set(buffer);
-                            newBuffer.set(value, buffer.length);
-                            buffer = newBuffer;
-                            // Process complete chunks
-                            while (offset + 4 <= buffer.length) {
-                                // Read chunk length (4 bytes big-endian)
-                                const chunkLength = (buffer[offset] << 24) |
-                                    (buffer[offset + 1] << 16) |
-                                    (buffer[offset + 2] << 8) |
-                                    buffer[offset + 3];
-                                offset += 4;
-                                if (chunkLength === 0) {
-                                    continue; // Empty chunk
-                                }
-                                // Check if we have the complete chunk
-                                if (offset + chunkLength > buffer.length) {
-                                    // Not enough data yet, rewind offset and wait for more
-                                    offset -= 4;
-                                    break;
-                                }
-                                // Extract and decrypt the chunk
-                                const encryptedChunk = buffer.slice(offset, offset + chunkLength);
-                                offset += chunkLength;
-                                try {
-                                    const decryptedChunk = await receiver.open(encryptedChunk.buffer);
-                                    controller.enqueue(new Uint8Array(decryptedChunk));
-                                }
-                                catch (error) {
-                                    controller.error(new Error(`Failed to decrypt chunk: ${error}`));
-                                    return;
-                                }
+    }
+    /**
+     * Creates a ReadableStream that decrypts response chunks.
+     */
+    createDecryptStream(body, km) {
+        let buffer = new Uint8Array(0);
+        let seq = 0;
+        const reader = body.getReader();
+        return new ReadableStream({
+            async pull(controller) {
+                while (true) {
+                    // Try to read a complete chunk from buffer
+                    if (buffer.length >= 4) {
+                        const chunkLength = (buffer[0] << 24) | (buffer[1] << 16) | (buffer[2] << 8) | buffer[3];
+                        if (chunkLength === 0) {
+                            // Skip empty chunk
+                            buffer = buffer.slice(4);
+                            continue;
+                        }
+                        if (buffer.length >= 4 + chunkLength) {
+                            const ciphertext = buffer.slice(4, 4 + chunkLength);
+                            buffer = buffer.slice(4 + chunkLength);
+                            try {
+                                const plaintext = await decryptChunk(km, seq++, ciphertext);
+                                controller.enqueue(plaintext);
+                                return;
                             }
-                            // Remove processed data from buffer
-                            if (offset > 0) {
-                                buffer = buffer.slice(offset);
-                                offset = 0;
+                            catch (error) {
+                                controller.error(new Error(`Decryption failed at chunk ${seq - 1}: ${error}`));
+                                return;
                             }
                         }
-                        controller.close();
                     }
-                    catch (error) {
-                        controller.error(error);
+                    // Need more data
+                    const { done, value } = await reader.read();
+                    if (done) {
+                        controller.close();
+                        return;
                     }
+                    // Append to buffer
+                    const newBuffer = new Uint8Array(buffer.length + value.length);
+                    newBuffer.set(buffer);
+                    newBuffer.set(value, buffer.length);
+                    buffer = newBuffer;
                 }
-                pump();
-            }
-        });
-        // Create new response with decrypted stream
-        return new Response(decryptedStream, {
-            status: response.status,
-            statusText: response.statusText,
-            headers: response.headers
+            },
+            cancel(reason) {
+                // Release the underlying reader when the stream is cancelled
+                return reader.cancel(reason);
+            },
         });
     }
 }

package/dist/esm/identity.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"identity.js","sourceRoot":"","sources":["../../src/identity.ts"],"names":[],"mappings":"AAAA,OAAO,~~EAAE~~,WAAW,~~EAAE~~,~~qBAAqB~~,~~EAAE~~,~~UAAU~~,~~EAAE~~,~~SAAS~~,~~EAAE~~,MAAM,~~YAAY~~,CAAC;~~AACvF~~,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;~~AAEtD~~;;GAEG;AACH,MAAM,OAAO,QAAQ;IACX,KAAK,CAAc;IACnB,SAAS,~~CAAY~~;~~IACrB~~,UAAU,~~CAAY~~;~~IAE9B~~,YAAY,KAAkB,EAAE,~~SAAoB~~,EAAE,~~UAAqB~~;~~QACzE~~,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAC3B,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;IAC/B,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,KAAK,CAAC,QAAQ;QACnB,MAAM,KAAK,GAAG,~~IAAI,~~WAAW,~~CAAC;YAC5B,GAAG,~~EAAE,~~IAAI,qBAAqB,EAAE;YAChC,GAAG,EAAE,IAAI,UAAU,EAAE;YACrB,IAAI,EAAE,IAAI,SAAS,EAAE;SACtB,~~CAAC~~,CAAC~~;~~QAEH~~,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,MAAM,KAAK,CAAC,~~GAAG,CAAC,~~eAAe,~~EAAE,~~CAAC~~;QAEpE~~,~~4DAA4D;QAC5D~~,~~MAAM,oBAAoB,GAAG,MAAM,MAAM,~~CAAC,~~MAAM,~~CAAC,~~SAAS,CACxD,KAAK,EACL,MAAM,MAAM,~~CAAC,~~MAAM,CAAC,SAAS,CAAC,KAAK,EAAE,SAAS,CAAC,EAC/C,EAAE,IAAI,EAAE,QAAQ,EAAE,EAClB,IAAI,EAAE,~~cAAc;~~QACpB~~,~~EAAE,CACH,CAAC;QAEF,~~OAAO,IAAI,QAAQ,CAAC,KAAK,EAAE,~~oBAAoB~~,EAAE,UAAU,CAAC,CAAC;~~IAC/D~~,CAAC;~~IAGD~~;;OAEG;IACH,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAY;QAChC,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC9B,MAAM,KAAK,GAAG,~~IAAI,~~WAAW,~~CAAC;YAC5B,GAAG,~~EAAE,~~IAAI,qBAAqB,EAAE;YAChC,GAAG,EAAE,IAAI,UAAU,EAAE;YACrB,IAAI,EAAE,IAAI,SAAS,EAAE;SACtB,~~CAAC~~,CAAC~~;~~QAEH~~,~~oBAAoB~~;~~QACpB~~,MAAM,SAAS,GAAG,MAAM,~~MAAM~~,CAAC,~~MAAM~~,CAAC,~~SAAS,CAC7C,KAAK,EACL,~~IAAI,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,~~EAC9B~~,~~EAAE,IAAI,EAAE,QAAQ,EAAE,EAClB,IAAI,EAAE,cAAc;QACpB,EAAE,CACH,~~CAAC;~~QAEF~~,~~6CAA6C;QAC7C,~~MAAM,UAAU,GAAG,MAAM,KAAK,CAAC,~~GAAG,CAAC,~~qBAAqB,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,UAAU,CAAC,~~CAAC~~,~~MAAM~~,CAAC,CAAC;~~QAEjG~~,OAAO,IAAI,QAAQ,CAAC,KAAK,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC;IACpD,CAAC;~~IAGD~~;;OAEG;IACH,KAAK,CAAC,MAAM;QACV,MAAM,cAAc,GAAG,~~IAAI,UAAU,CAAC,~~MAAM,~~MAAM~~,CAAC,~~MAAM~~,CAAC,~~SAAS~~,CAAC,~~KAAK,EAAE,~~IAAI,CAAC,SAAS,CAAC,CAAC~~,CAAC~~;~~QAE5F,+EAA+E;QAC/E~~,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,~~GAAG,CAAC,~~mBAAmB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;~~QAElF~~,OAAO,IAAI,CAAC,SAAS,CAAC;YACpB,SAAS,EAAE,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC;YACrC,UAAU,EAAE,KAAK,CAAC,IAAI,CAAC,~~IAAI,UAAU,CAAC,~~eAAe,CAAC~~,CAAC~~;~~SACxD~~,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,YAAY;QACV,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,eAAe;QACnB,MAAM,QAAQ,GAAG,MAAM,~~MAAM~~,CAAC,~~MAAM~~,CAAC,~~SAAS~~,CAAC,~~KAAK,EAAE,~~IAAI,CAAC,SAAS,CAAC,CAAC;~~QACtE~~,OAAO,~~KAAK,CAAC,IAAI,CAAC,IAAI,~~UAAU,CAAC,QAAQ,CAAC,CAAC;~~aACxC~~,~~GAAG,~~CAAC~~,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC~~;~~aACzC,IAAI,CAAC,EAAE,CAAC,CAAC;IACd,CAAC;~~IAED;;OAEG;IACH,aAAa;QACX,OAAO,IAAI,CAAC,UAAU,CAAC;IACzB,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,aAAa;QACjB,MAAM,KAAK,GAAG,WAAW,CAAC,GAAG,CAAC;QAC9B,MAAM,KAAK,GAAG,WAAW,CAAC,GAAG,CAAC;QAC9B,MAAM,MAAM,GAAG,WAAW,CAAC,IAAI,CAAC;QAEhC,iCAAiC;QACjC,MAAM,cAAc,GAAG,~~IAAI,UAAU,CAAC,~~MAAM,~~MAAM~~,CAAC,~~MAAM~~,CAAC,~~SAAS~~,CAAC,~~KAAK,EAAE,~~IAAI,CAAC,SAAS,CAAC,CAAC~~,CAAC~~;~~QAE5F~~,kEAAkE;QAClE,MAAM,KAAK,GAAG,CAAC,CAAC;QAChB,MAAM,aAAa,GAAG,cAAc,CAAC,MAAM,CAAC;QAC5C,MAAM,gBAAgB,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,mBAAmB;QAEnD,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,CAAC,GAAG,CAAC,GAAG,aAAa,GAAG,CAAC,GAAG,gBAAgB,CAAC,CAAC;QAC5E,IAAI,MAAM,GAAG,CAAC,CAAC;QAEf,SAAS;QACT,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,KAAK,CAAC;QAEzB,SAAS;QACT,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,KAAK,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC;QACvC,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,KAAK,GAAG,IAAI,CAAC;QAEhC,aAAa;QACb,MAAM,CAAC,GAAG,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC;QACnC,MAAM,IAAI,aAAa,CAAC;QAExB,iCAAiC;QACjC,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,gBAAgB,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC;QAClD,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,gBAAgB,GAAG,IAAI,CAAC;QAE3C,SAAS;QACT,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,KAAK,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC;QACvC,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,KAAK,GAAG,IAAI,CAAC;QAEhC,UAAU;QACV,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,MAAM,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC;QACxC,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,MAAM,GAAG,IAAI,CAAC;QAEjC,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,KAAK,CAAC,qBAAqB,CAAC,IAAgB;QACjD,IAAI,MAAM,GAAG,CAAC,CAAC;QAEf,cAAc;QACd,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;QAE7B,cAAc;QACd,MAAM,KAAK,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;QAErD,wCAAwC;QACxC,MAAM,aAAa,GAAG,EAAE,CAAC;QACzB,MAAM,cAAc,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,MAAM,GAAG,aAAa,CAAC,CAAC;QAClE,MAAM,IAAI,aAAa,CAAC;QAExB,4BAA4B;QAC5B,MAAM,kBAAkB,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;QAElE,yEAAyE;QACzE,MAAM,MAAM,GAAG,EAAE,CAAC;QAClB,MAAM,eAAe,GAAG,MAAM,GAAG,kBAAkB,CAAC;QACpD,OAAO,MAAM,GAAG,eAAe,EAAE,CAAC;YAChC,MAAM,KAAK,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;YACrD,MAAM,MAAM,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;YACtD,MAAM,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;QACjC,CAAC;QAED,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACxB,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;QACtD,CAAC;QAED,6BAA6B;QAC7B,MAAM,UAAU,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;QAE7B,6CAA6C;QAC7C,IAAI,UAAU,CAAC,KAAK,KAAK,WAAW,CAAC,GAAG,IAAI,UAAU,CAAC,MAAM,KAAK,WAAW,CAAC,IAAI,EAAE,CAAC;YACnF,MAAM,IAAI,KAAK,~~CAAC~~,mCAAmC,UAAU,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC,YAAY,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,~~CAAC~~,CAAC;~~QAChI~~,CAAC;QAED~~,+EAA+E~~;~~QAC/E~~,MAAM,KAAK,GAAG,~~IAAI,~~WAAW,~~CAAC;YAC5B,GAAG,~~EAAE,~~IAAI,qBAAqB,EAAE;YAChC,GAAG,EAAE,IAAI,UAAU,EAAE;YACrB,IAAI,EAAE,IAAI,SAAS,EAAE;SACtB,~~CAAC~~,CAAC~~;~~QAEH~~,~~uCAAuC~~;~~QACvC~~,MAAM,SAAS,GAAG,MAAM,KAAK,CAAC,~~GAAG,CAAC,~~oBAAoB,CAAC,cAAc,CAAC,~~MAAM,~~CAAC~~,CAAC~~;~~QAE9E~~,iEAAiE;QACjE,sDAAsD;QACtD,MAAM,eAAe,GAAG,MAAM,KAAK,CAAC,~~GAAG,CAAC,~~qBAAqB,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,~~CAAC~~,~~MAAM~~,CAAC,CAAC;~~QAEzF~~,OAAO,IAAI,QAAQ,CAAC,KAAK,EAAE,SAAS,EAAE,eAAe,CAAC,CAAC;IACzD,CAAC;IAED~~;;OAEG~~;IACH,KAAK,CAAC,~~cAAc~~,~~CAAC~~,OAAgB~~,EAAE,eAA0B~~;~~QAC/D~~,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,WAAW,EAAE,CAAC;~~QACzC~~,IAAI,IAAI,CAAC,UAAU,KAAK,CAAC,EAAE,CAAC;YAC1B,~~wDAAwD~~;~~YACxD~~,~~MAAM,~~OAAO,~~GAAG~~,IAAI,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,~~CAAC~~;~~YAC7C~~,OAAO,~~CAAC~~,~~GAAG~~,CAAC,~~QAAQ~~,CAAC,~~wBAAwB~~,EAAE,MAAM,IAAI,CAAC,~~eAAe~~,~~EAAE~~,CAAC,CAAC;~~YAC7E~~,~~OAAO~~,IAAI,~~OAAO~~,CAAC,~~OAAO~~,CAAC,~~GAAG~~,EAAE;~~gBAC9B~~,~~MAAM~~,EAAE,~~OAAO~~,CAAC,~~MAAM~~;~~gBACtB~~,OAAO;~~gBACP~~,~~IAAI~~,EAAE,~~IAAI~~;~~aACX~~,~~CAAC~~,~~CAAC~~;~~QACL~~,CAAC;~~QAED,+BAA+B~~;~~QAC/B~~,MAAM,~~MAAM~~,GAAG,~~MAAM,~~IAAI,CAAC,~~KAAK~~,CAAC,~~mBAAmB~~,CAAC;~~YAClD~~,~~kBAAkB~~,EAAE,~~eAAe;SACpC~~,CAAC,CAAC;~~QAEH~~,mBAAmB;QACnB,MAAM,SAAS,GAAG,MAAM,~~MAAM~~,CAAC,IAAI,CAAC,IAAI,~~CAAC~~,CAAC~~;QAE1C~~,~~uBAAuB;QACvB~~,~~MAAM~~,~~QAAQ,GAAG,MAAM,~~CAAC,~~GAAG,~~CAAC;~~QAE5B~~,+DAA+D;QAC/D,MAAM,WAAW,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC;QACtC,~~MAAM,~~IAAI,~~GAAG,IAAI,~~QAAQ,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC~~;QAC9C~~,~~IAAI,CAAC,~~SAAS,CAAC,CAAC,EAAE,SAAS,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC~~,CAAC,aAAa~~;~~QAE7D~~,MAAM,WAAW,GAAG,IAAI,UAAU,CAAC,CAAC,GAAG,SAAS,CAAC,UAAU,CAAC,CAAC;QAC7D,WAAW,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;QAChC,WAAW,CAAC,GAAG,CAAC,~~IAAI,UAAU,CAAC,~~SAAS,~~CAAC,~~EAAE,CAAC,CAAC,CAAC;~~QAE9C~~,~~qDAAqD~~;~~QACrD~~,~~MAAM,~~OAAO,~~GAAG~~,IAAI,OAAO,CAAC,OAAO,CAAC,~~OAAO~~,~~CAAC,CAAC~~;~~QAC7C~~,~~OAAO~~,~~CAAC~~,~~GAAG~~,CAAC,~~QAAQ~~,~~CAAC~~,~~wBAAwB~~,EAAE,MAAM,~~IAAI,CAAC,eAAe,~~EAAE,~~CAAC~~,CAAC;~~QAC7E~~,OAAO,CAAC,~~GAAG,~~CAAC,~~QAAQ~~,CAAC,~~uBAAuB~~,~~EAAE~~,~~KAAK~~,~~CAAC~~,~~IAAI~~,~~CAAC,~~IAAI,~~UAAU,~~CAAC,QAAQ,CAAC,CAAC;~~aAC/E~~,~~GAAG~~,~~CAAC~~,CAAC,CAAC,~~EAAE~~,~~CAAC~~,~~CAAC~~,~~CAAC~~,QAAQ,CAAC,~~EAAE~~,CAAC,CAAC,QAAQ,CAAC,~~CAAC~~,~~EAAE,GAAG,~~CAAC,CAAC;~~aACzC~~,IAAI,CAAC,EAAE,CAAC~~,CAAC,CAAC~~;~~QAEb~~,~~OAAO~~,IAAI,~~OAAO~~,CAAC,~~OAAO~~,CAAC,~~GAAG~~,~~EAAE;YAC9B~~,~~MAAM~~,~~EAAE,OAAO,~~CAAC~~,MAAM~~;~~YACtB~~,~~OAAO~~;~~YACP~~,~~IAAI~~,~~EAAE~~,~~WAAW;YACjB~~,~~MAAM~~,~~EAAE~~,~~MAAM;SACA~~,CAAC,CAAC;~~IACpB~~,~~CAAC;IAED;;OAEG;IACH~~,~~KAAK~~,CAAC,~~eAAe~~,~~CAAC~~,~~QAAkB~~,EAAE,~~cAA0B~~;~~QAClE~~,IAAI,~~CAAC~~,~~QAAQ~~,~~CAAC~~,~~IAAI~~,~~EAAE~~,CAAC~~;YACnB~~,~~OAAO~~,~~QAAQ~~,CAAC;~~QAClB~~,CAAC;QAED,~~iCAAiC~~;~~QACjC~~,MAAM,~~QAAQ~~,GAAG,~~MAAM,~~IAAI,~~CAAC~~,~~KAAK~~,CAAC,~~sBAAsB~~,CAAC~~;YACvD~~,YAAY,~~EAAE~~,~~IAAI,~~CAAC~~,UAAU~~;~~YAC7B~~,GAAG,~~EAAE~~,~~cAAc~~,CAAC,~~MAAqB;SAC1C~~,CAAC,~~CAAC;QAEH,+DAA+D;QAC/D,~~MAAM,~~eAAe~~,~~GAAG~~,~~IAAI~~,~~cAAc~~,CAAC~~;YACzC~~,~~KAAK,~~CAAC,~~UAAU~~;~~gBACd~~,MAAM,~~MAAM~~,GAAG,~~QAAQ~~,CAAC,~~IAAK~~,CAAC,~~SAAS~~,EAAE,CAAC;~~gBAC1C~~,~~IAAI~~,MAAM,GAAG,IAAI,~~UAAU,~~CAAC,~~CAAC~~,CAAC,CAAC~~;gBAC/B~~,IAAI,~~MAAM~~,~~GAAG~~,CAAC,CAAC;~~gBAEf~~,~~KAAK~~,~~UAAU,~~IAAI~~;oBACjB~~,~~IAAI~~,CAAC~~;wBACH~~,~~OAAO~~,~~IAAI,~~EAAE~~,CAAC~~;~~4BACZ~~,MAAM,EAAE,~~IAAI~~,~~EAAE~~,~~KAAK~~,EAAE,~~GAAG~~,~~MAAM~~,~~MAAM~~,~~CAAC~~,~~IAAI,~~EAAE,CAAC;~~4BAC5C~~,~~IAAI~~,~~IAAI~~;~~gCAAE~~,~~MAAM~~;~~4BAEhB,4BAA4B~~;~~4BAC5B~~,~~MAAM~~,~~SAAS~~,~~GAAG~~,~~IAAI~~,~~UAAU~~,~~CAAC~~,MAAM,~~CAAC~~,~~MAAM~~,~~GAAG~~,~~KAAK~~,CAAC,~~MAAM,~~CAAC,CAAC;~~4BAC~~/D,~~SAAS~~,~~CAAC~~,GAAG,CAAC,~~MAAM,~~CAAC~~,CAAC~~;~~4BACtB~~,~~SAAS~~,~~CAAC~~,GAAG,CAAC,~~KAAK~~,EAAE,~~MAAM,~~CAAC,~~MAAM~~,~~CAAC~~,CAAC;~~4BACpC~~,~~MAAM~~,~~GAAG~~,~~SAAS~~,CAAC~~;4BAEnB~~,~~0BAA0B~~;~~4BAC1B~~,OAAO,~~MAAM~~,~~GAAG~~,CAAC,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;~~gCACnC~~,~~yCAAyC;gCACzC,~~MAAM,WAAW,~~GAAG~~,CAAC,MAAM,CAAC,~~MAAM~~,CAAC,IAAI,EAAE,CAAC~~;oCACxB~~,CAAC,MAAM,CAAC,~~MAAM,GAAG,~~CAAC,CAAC,IAAI,EAAE,CAAC~~;oCAC1B~~,CAAC,MAAM,CAAC,~~MAAM,GAAG,~~CAAC,CAAC,IAAI,CAAC,CAAC~~;oCACzB~~,~~MAAM~~,~~CAAC,~~MAAM,~~GAAG,~~CAAC,CAAC,CAAC~~;gCACrC~~,~~MAAM,IAAI,~~CAAC~~,CAAC~~;~~gCAEZ~~,IAAI,WAAW,KAAK,CAAC,EAAE,CAAC;~~oCACtB~~,~~SAAS,CAAC,cAAc~~;~~gCAC1B~~,~~CAAC;gCAED,sCAAsC;gCACtC,IAAI,~~MAAM,GAAG,~~WAAW~~,~~GAAG~~,~~MAAM~~,CAAC,~~MAAM~~,~~EAAE~~,CAAC;~~oCACzC~~,~~uDAAuD~~;~~oCACvD~~,~~MAAM~~,IAAI,~~CAAC~~,CAAC~~;oCACZ~~,MAAM~~;gCACR~~,CAAC~~;gCAED~~,~~gCAAgC~~;~~gCAChC~~,MAAM,~~cAAc~~,GAAG,MAAM,CAAC,KAAK,CAAC,~~MAAM~~,EAAE,~~MAAM~~,GAAG,WAAW,CAAC,CAAC;~~gCAClE~~,MAAM,~~IAAI~~,WAAW,CAAC;~~gCAEtB~~,IAAI,CAAC;~~oCACH~~,MAAM,~~cAAc~~,GAAG,MAAM,~~QAAQ~~,CAAC,~~IAAI~~,~~CAAC~~,~~cAAc~~,~~CAAC~~,~~MAAM~~,CAAC,CAAC;~~oCAClE~~,UAAU,CAAC,OAAO,CAAC,~~IAAI~~,~~UAAU,~~CAAC,~~cAAc,~~CAAC,~~CAAC,CAAC~~;~~gCACrD~~,CAAC;~~gCAAC~~,OAAO,KAAK,EAAE,CAAC;~~oCACf~~,UAAU,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,~~4BAA4B~~,KAAK,EAAE,CAAC,CAAC,CAAC;~~oCACjE~~,OAAO;~~gCACT~~,CAAC;~~4BACH~~,CAAC;~~4BAED~~,~~oCAAoC~~;~~4BACpC~~,~~IAAI~~,MAAM,~~GAAG~~,~~CAAC~~,EAAE,~~CAAC;gCACf~~,~~MAAM~~,GAAG,MAAM,~~CAAC~~,~~KAAK,~~CAAC,~~MAAM~~,~~CAAC~~,CAAC;~~gCAC9B~~,~~MAAM~~,~~GAAG~~,~~CAAC~~,CAAC;~~4BACb~~,~~CAAC;wBACH,CAAC;wBAED,~~UAAU,CAAC,KAAK,EAAE,CAAC;~~oBACrB~~,CAAC;~~oBAAC~~,~~OAAO~~,~~KAAK~~,~~EAAE~~,~~CAAC;wBACf~~,UAAU,CAAC,~~KAAK~~,CAAC,KAAK,CAAC,CAAC~~;oBAC1B~~,CAAC;~~gBACH~~,CAAC~~;gBAED~~,~~IAAI~~,~~EAAE~~,CAAC~~;YACT~~,CAAC;~~SACF~~,CAAC,CAAC~~;QAEH~~,~~4CAA4C;QAC5C~~,~~OAAO~~,~~IAAI~~,~~QAAQ~~,CAAC,~~eAAe,EAAE~~;~~YACnC~~,MAAM,~~EAAE~~,~~QAAQ~~,CAAC,~~MAAM~~;~~YACvB~~,~~UAAU~~,~~EAAE~~,~~QAAQ,~~CAAC,~~UAAU~~;~~YAC/B~~,OAAO,~~EAAE~~,~~QAAQ~~,CAAC,~~OAAO~~;~~SAC1B~~,CAAC,CAAC;IACL,CAAC;~~CAEF~~"}
1	+ {"version":3,"file":"identity.js","sourceRoot":"","sources":["../../src/identity.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,WAAW,EACX,4BAA4B,EAC5B,eAAe,EACf,gBAAgB,GAGjB,MAAM,MAAM,CAAC;AACd,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AACtD,OAAO,EACL,kBAAkB,EAClB,YAAY,EACZ,UAAU,EACV,UAAU,EACV,iBAAiB,EACjB,YAAY,EACZ,aAAa,EACb,qBAAqB,GAEtB,MAAM,aAAa,CAAC;AAWrB;;GAEG;AACH,SAAS,WAAW;IAClB,OAAO,IAAI,WAAW,CACpB,4BAA4B,EAC5B,eAAe,EACf,gBAAgB,CACjB,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,OAAO,QAAQ;IACX,KAAK,CAAc;IACnB,SAAS,CAAM;IACf,UAAU,CAAM;IAExB,YAAY,KAAkB,EAAE,SAAc,EAAE,UAAe;QAC7D,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAC3B,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;IAC/B,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,KAAK,CAAC,QAAQ;QACnB,MAAM,KAAK,GAAG,WAAW,EAAE,CAAC;QAC5B,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,MAAM,KAAK,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,cAAc;QAEnF,OAAO,IAAI,QAAQ,CAAC,KAAK,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC;IACpD,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAY;QAChC,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC9B,MAAM,KAAK,GAAG,WAAW,EAAE,CAAC;QAE5B,mCAAmC;QACnC,MAAM,SAAS,GAAG,MAAM,KAAK,CAAC,oBAAoB,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;QACnF,MAAM,UAAU,GAAG,MAAM,KAAK,CAAC,qBAAqB,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,IAAI,CAAC,CAAC;QAE5F,OAAO,IAAI,QAAQ,CAAC,KAAK,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC;IACpD,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM;QACV,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,kBAAkB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAC3E,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,mBAAmB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAE9E,OAAO,IAAI,CAAC,SAAS,CAAC;YACpB,SAAS,EAAE,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC;YACrC,UAAU,EAAE,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC;SACxC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,YAAY;QACV,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,eAAe;QACnB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,kBAAkB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QACrE,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC;IAC9B,CAAC;IAED;;OAEG;IACH,aAAa;QACX,OAAO,IAAI,CAAC,UAAU,CAAC;IACzB,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,aAAa;QACjB,MAAM,KAAK,GAAG,WAAW,CAAC,GAAG,CAAC;QAC9B,MAAM,KAAK,GAAG,WAAW,CAAC,GAAG,CAAC;QAC9B,MAAM,MAAM,GAAG,WAAW,CAAC,IAAI,CAAC;QAEhC,iCAAiC;QACjC,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,kBAAkB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAE3E,kEAAkE;QAClE,MAAM,KAAK,GAAG,CAAC,CAAC;QAChB,MAAM,aAAa,GAAG,cAAc,CAAC,MAAM,CAAC;QAC5C,MAAM,gBAAgB,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,mBAAmB;QAEnD,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,CAAC,GAAG,CAAC,GAAG,aAAa,GAAG,CAAC,GAAG,gBAAgB,CAAC,CAAC;QAC5E,IAAI,MAAM,GAAG,CAAC,CAAC;QAEf,SAAS;QACT,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,KAAK,CAAC;QAEzB,SAAS;QACT,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,KAAK,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC;QACvC,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,KAAK,GAAG,IAAI,CAAC;QAEhC,aAAa;QACb,MAAM,CAAC,GAAG,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC;QACnC,MAAM,IAAI,aAAa,CAAC;QAExB,iCAAiC;QACjC,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,gBAAgB,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC;QAClD,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,gBAAgB,GAAG,IAAI,CAAC;QAE3C,SAAS;QACT,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,KAAK,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC;QACvC,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,KAAK,GAAG,IAAI,CAAC;QAEhC,UAAU;QACV,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,MAAM,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC;QACxC,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,MAAM,GAAG,IAAI,CAAC;QAEjC,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,KAAK,CAAC,qBAAqB,CAAC,IAAgB;QACjD,IAAI,MAAM,GAAG,CAAC,CAAC;QAEf,cAAc;QACd,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;QAE7B,cAAc;QACd,MAAM,KAAK,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;QAErD,wCAAwC;QACxC,MAAM,aAAa,GAAG,EAAE,CAAC;QACzB,MAAM,cAAc,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,MAAM,GAAG,aAAa,CAAC,CAAC;QAClE,MAAM,IAAI,aAAa,CAAC;QAExB,4BAA4B;QAC5B,MAAM,kBAAkB,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;QAElE,yEAAyE;QACzE,MAAM,MAAM,GAAG,EAAE,CAAC;QAClB,MAAM,eAAe,GAAG,MAAM,GAAG,kBAAkB,CAAC;QACpD,OAAO,MAAM,GAAG,eAAe,EAAE,CAAC;YAChC,MAAM,KAAK,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;YACrD,MAAM,MAAM,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;YACtD,MAAM,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;QACjC,CAAC;QAED,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACxB,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;QACtD,CAAC;QAED,6BAA6B;QAC7B,MAAM,UAAU,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;QAE7B,6CAA6C;QAC7C,IAAI,UAAU,CAAC,KAAK,KAAK,WAAW,CAAC,GAAG,IAAI,UAAU,CAAC,MAAM,KAAK,WAAW,CAAC,IAAI,EAAE,CAAC;YACnF,MAAM,IAAI,KAAK,CACb,mCAAmC,UAAU,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC,YAAY,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,CAC7G,CAAC;QACJ,CAAC;QAED,sBAAsB;QACtB,MAAM,KAAK,GAAG,WAAW,EAAE,CAAC;QAE5B,oBAAoB;QACpB,MAAM,SAAS,GAAG,MAAM,KAAK,CAAC,oBAAoB,CAAC,cAAc,CAAC,CAAC;QAEnE,iEAAiE;QACjE,sDAAsD;QACtD,MAAM,eAAe,GAAG,MAAM,KAAK,CAAC,qBAAqB,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;QAErF,OAAO,IAAI,QAAQ,CAAC,KAAK,EAAE,SAAS,EAAE,eAAe,CAAC,CAAC;IACzD,CAAC;IAED;;;;;;;;OAQG;IACH,KAAK,CAAC,yBAAyB,CAC7B,OAAgB;QAEhB,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,WAAW,EAAE,CAAC;QAEzC,sEAAsE;QACtE,+EAA+E;QAC/E,8EAA8E;QAC9E,sDAAsD;QACtD,IAAI,IAAI,CAAC,UAAU,KAAK,CAAC,EAAE,CAAC;YAC1B,OAAO;gBACL,OAAO,EAAE,IAAI,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE;oBAChC,MAAM,EAAE,OAAO,CAAC,MAAM;oBACtB,OAAO,EAAE,OAAO,CAAC,OAAO;oBACxB,IAAI,EAAE,IAAI;iBACX,CAAC;gBACF,OAAO,EAAE,IAAI;aACd,CAAC;QACJ,CAAC;QAED,iFAAiF;QACjF,MAAM,SAAS,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC;QAC9D,MAAM,EAAE,kBAAkB,EAAE,GAAG,EAAE,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,EAAE;YAC/E,IAAI,EAAE,SAAS;SAChB,CAAC,CAAC;QAEH,wCAAwC;QACxC,MAAM,OAAO,GAAmB;YAC9B,aAAa,EAAE,GAAG;YAClB,UAAU,EAAE,kBAAkB;SAC/B,CAAC;QAEF,6DAA6D;QAC7D,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC7C,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,uBAAuB,EAAE,UAAU,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC;QAE9E,mBAAmB;QACnB,MAAM,SAAS,GAAG,MAAM,GAAG,CAAC,IAAI,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;QAEvD,+DAA+D;QAC/D,MAAM,WAAW,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC;QACtC,IAAI,QAAQ,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,SAAS,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC;QAE3E,MAAM,WAAW,GAAG,IAAI,UAAU,CAAC,CAAC,GAAG,SAAS,CAAC,UAAU,CAAC,CAAC;QAC7D,WAAW,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;QAChC,WAAW,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;QAE9B,OAAO;YACL,OAAO,EAAE,IAAI,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE;gBAChC,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,OAAO;gBACP,IAAI,EAAE,WAAW;gBACjB,MAAM,EAAE,MAAM;aACA,CAAC;YACjB,OAAO;SACR,CAAC;IACJ,CAAC;IAED;;;;;;;;OAQG;IACH,KAAK,CAAC,0BAA0B,CAC9B,QAAkB,EAClB,OAAuB;QAEvB,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnB,OAAO,QAAQ,CAAC;QAClB,CAAC;QAED,iCAAiC;QACjC,MAAM,gBAAgB,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,qBAAqB,CAAC,CAAC;QAC9E,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACtB,MAAM,IAAI,KAAK,CAAC,WAAW,QAAQ,CAAC,qBAAqB,SAAS,CAAC,CAAC;QACtE,CAAC;QAED,MAAM,aAAa,GAAG,UAAU,CAAC,gBAAgB,CAAC,CAAC;QACnD,IAAI,aAAa,CAAC,MAAM,KAAK,qBAAqB,EAAE,CAAC;YACnD,MAAM,IAAI,KAAK,CACb,2CAA2C,qBAAqB,SAAS,aAAa,CAAC,MAAM,EAAE,CAChG,CAAC;QACJ,CAAC;QAED,qCAAqC;QACrC,MAAM,gBAAgB,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QAChE,MAAM,cAAc,GAAG,MAAM,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,gBAAgB,EAAE,aAAa,CAAC,CAAC;QAE3F,uBAAuB;QACvB,MAAM,EAAE,GAAG,MAAM,kBAAkB,CAAC,cAAc,EAAE,OAAO,CAAC,UAAU,EAAE,aAAa,CAAC,CAAC;QAEvF,2BAA2B;QAC3B,MAAM,eAAe,GAAG,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;QAEpE,OAAO,IAAI,QAAQ,CAAC,eAAe,EAAE;YACnC,MAAM,EAAE,QAAQ,CAAC,MAAM;YACvB,UAAU,EAAE,QAAQ,CAAC,UAAU;YAC/B,OAAO,EAAE,QAAQ,CAAC,OAAO;SAC1B,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACK,mBAAmB,CACzB,IAAgC,EAChC,EAAuB;QAEvB,IAAI,MAAM,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC;QAC/B,IAAI,GAAG,GAAG,CAAC,CAAC;QACZ,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC;QAEhC,OAAO,IAAI,cAAc,CAAC;YACxB,KAAK,CAAC,IAAI,CAAC,UAAU;gBACnB,OAAO,IAAI,EAAE,CAAC;oBACZ,2CAA2C;oBAC3C,IAAI,MAAM,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;wBACvB,MAAM,WAAW,GACf,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;wBAEvE,IAAI,WAAW,KAAK,CAAC,EAAE,CAAC;4BACtB,mBAAmB;4BACnB,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;4BACzB,SAAS;wBACX,CAAC;wBAED,IAAI,MAAM,CAAC,MAAM,IAAI,CAAC,GAAG,WAAW,EAAE,CAAC;4BACrC,MAAM,UAAU,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,WAAW,CAAC,CAAC;4BACpD,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,GAAG,WAAW,CAAC,CAAC;4BAEvC,IAAI,CAAC;gCACH,MAAM,SAAS,GAAG,MAAM,YAAY,CAAC,EAAE,EAAE,GAAG,EAAE,EAAE,UAAU,CAAC,CAAC;gCAC5D,UAAU,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;gCAC9B,OAAO;4BACT,CAAC;4BAAC,OAAO,KAAK,EAAE,CAAC;gCACf,UAAU,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,8BAA8B,GAAG,GAAG,CAAC,KAAK,KAAK,EAAE,CAAC,CAAC,CAAC;gCAC/E,OAAO;4BACT,CAAC;wBACH,CAAC;oBACH,CAAC;oBAED,iBAAiB;oBACjB,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,MAAM,MAAM,CAAC,IAAI,EAAE,CAAC;oBAC5C,IAAI,IAAI,EAAE,CAAC;wBACT,UAAU,CAAC,KAAK,EAAE,CAAC;wBACnB,OAAO;oBACT,CAAC;oBAED,mBAAmB;oBACnB,MAAM,SAAS,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC;oBAC/D,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;oBACtB,SAAS,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;oBACpC,MAAM,GAAG,SAAS,CAAC;gBACrB,CAAC;YACH,CAAC;YACD,MAAM,CAAC,MAAM;gBACX,6DAA6D;gBAC7D,OAAO,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;YAC/B,CAAC;SACF,CAAC,CAAC;IACL,CAAC;CACF"}

package/dist/esm/index.d.ts CHANGED Viewed

@@ -6,7 +6,10 @@
  * bodies while preserving HTTP headers for routing.
  */
 export { Identity } from './identity.js';
+export type { RequestContext } from './identity.js';
 export { Transport, createTransport } from './client.js';
 export { PROTOCOL, HPKE_CONFIG } from './protocol.js';
-export type { CipherSuite } from '@hpke/core';
+export { deriveResponseKeys, computeNonce, encryptChunk, decryptChunk, hexToBytes, bytesToHex, HPKE_REQUEST_INFO, EXPORT_LABEL, EXPORT_LENGTH, RESPONSE_NONCE_LENGTH, AES256_KEY_LENGTH, AES_GCM_NONCE_LENGTH, } from './derive.js';
+export type { ResponseKeyMaterial } from './derive.js';
+export type { CipherSuite, SenderContext, RecipientContext, Key } from 'hpke';
 //# sourceMappingURL=index.d.ts.map

package/dist/esm/index.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AACzC,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AACzD,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAGtD,YAAY,EAAE,~~WAAW~~,EAAE,MAAM,YAAY,CAAC"}
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AACzC,YAAY,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AACpD,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AACzD,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAGtD,OAAO,EACL,kBAAkB,EAClB,YAAY,EACZ,YAAY,EACZ,YAAY,EACZ,UAAU,EACV,UAAU,EACV,iBAAiB,EACjB,YAAY,EACZ,aAAa,EACb,qBAAqB,EACrB,iBAAiB,EACjB,oBAAoB,GACrB,MAAM,aAAa,CAAC;AACrB,YAAY,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AAEvD,YAAY,EAAE,WAAW,EAAE,aAAa,EAAE,gBAAgB,EAAE,GAAG,EAAE,MAAM,MAAM,CAAC"}

package/dist/esm/index.js CHANGED Viewed

@@ -8,4 +8,6 @@
 export { Identity } from './identity.js';
 export { Transport, createTransport } from './client.js';
 export { PROTOCOL, HPKE_CONFIG } from './protocol.js';
+// Export key derivation utilities for advanced usage
+export { deriveResponseKeys, computeNonce, encryptChunk, decryptChunk, hexToBytes, bytesToHex, HPKE_REQUEST_INFO, EXPORT_LABEL, EXPORT_LENGTH, RESPONSE_NONCE_LENGTH, AES256_KEY_LENGTH, AES_GCM_NONCE_LENGTH, } from './derive.js';
 //# sourceMappingURL=index.js.map

package/dist/esm/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;~~AACzC~~,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AACzD,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC"}
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AAEzC,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AACzD,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAEtD,qDAAqD;AACrD,OAAO,EACL,kBAAkB,EAClB,YAAY,EACZ,YAAY,EACZ,YAAY,EACZ,UAAU,EACV,UAAU,EACV,iBAAiB,EACjB,YAAY,EACZ,aAAa,EACb,qBAAqB,EACrB,iBAAiB,EACjB,oBAAoB,GACrB,MAAM,aAAa,CAAC"}

package/dist/esm/protocol.d.ts CHANGED Viewed

@@ -3,7 +3,7 @@
  */
 export declare const PROTOCOL: {
     readonly ENCAPSULATED_KEY_HEADER: "Ehbp-Encapsulated-Key";
-    readonly CLIENT_PUBLIC_KEY_HEADER: "Ehbp-Client-Public-Key";
+    readonly RESPONSE_NONCE_HEADER: "Ehbp-Response-Nonce";
     readonly KEYS_MEDIA_TYPE: "application/ohttp-keys";
     readonly KEYS_PATH: "/.well-known/hpke-keys";
     readonly FALLBACK_HEADER: "Ehbp-Fallback";

package/dist/esm/protocol.js CHANGED Viewed

@@ -3,10 +3,10 @@
  */
 export const PROTOCOL = {
     ENCAPSULATED_KEY_HEADER: 'Ehbp-Encapsulated-Key',
-    CLIENT_PUBLIC_KEY_HEADER: 'Ehbp-Client-Public-Key',
+    RESPONSE_NONCE_HEADER: 'Ehbp-Response-Nonce',
     KEYS_MEDIA_TYPE: 'application/ohttp-keys',
     KEYS_PATH: '/.well-known/hpke-keys',
-    FALLBACK_HEADER: 'Ehbp-Fallback'
+    FALLBACK_HEADER: 'Ehbp-Fallback',
 };
 /**
  * HPKE suite configuration matching the Go implementation

package/dist/esm/protocol.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"protocol.js","sourceRoot":"","sources":["../../src/protocol.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,MAAM,CAAC,MAAM,QAAQ,GAAG;IACtB,uBAAuB,EAAE,uBAAuB;IAChD,~~wBAAwB~~,EAAE,~~wBAAwB~~;~~IAClD~~,eAAe,EAAE,wBAAwB;IACzC,SAAS,EAAE,wBAAwB;IACnC,eAAe,EAAE,eAAe;CACxB,CAAC;AAEX;;GAEG;AACH,MAAM,CAAC,MAAM,WAAW,GAAG;IACzB,GAAG,EAAE,MAAM,EAAE,qBAAqB;IAClC,GAAG,EAAE,MAAM,EAAE,cAAc;IAC3B,IAAI,EAAE,MAAM,CAAC,cAAc;CACnB,CAAC"}
1	+ {"version":3,"file":"protocol.js","sourceRoot":"","sources":["../../src/protocol.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,MAAM,CAAC,MAAM,QAAQ,GAAG;IACtB,uBAAuB,EAAE,uBAAuB;IAChD,qBAAqB,EAAE,qBAAqB;IAC5C,eAAe,EAAE,wBAAwB;IACzC,SAAS,EAAE,wBAAwB;IACnC,eAAe,EAAE,eAAe;CACxB,CAAC;AAEX;;GAEG;AACH,MAAM,CAAC,MAAM,WAAW,GAAG;IACzB,GAAG,EAAE,MAAM,EAAE,qBAAqB;IAClC,GAAG,EAAE,MAAM,EAAE,cAAc;IAC3B,IAAI,EAAE,MAAM,CAAC,cAAc;CACnB,CAAC"}