ehbp 0.0.7 → 0.1.1

package/README.md

@@ -2,7 +2,7 @@
 
 JavaScript/TypeScript client for [Encrypted HTTP Body Protocol (EHBP)](https://github.com/tinfoilsh/encrypted-http-body-protocol).
 
-EHBP encrypts HTTP message bodies end-to-end using HPKE (RFC 9180) while leaving headers in cleartext for routing.
+EHBP encrypts HTTP request and response bodies end-to-end using HPKE ([RFC 9180](https://datatracker.ietf.org/doc/rfc9180/)) while leaving headers in cleartext for routing.
 
 ## Installation
 
@@ -15,198 +15,144 @@ npm install ehbp
 - Node.js 20+
 - Works in both Node.js and modern browsers
 
+
 ## Quick Start
 
 ```javascript
-import { Identity, createTransport } from 'ehbp';
-
-async function main() {
-  // Create client identity
-  const clientIdentity = await Identity.generate();
+import { createTransport } from 'ehbp';
 
-  // Create transport (fetches server public key automatically)
-  const transport = await createTransport('http://localhost:8080', clientIdentity);
+// Create transport (fetches server public key automatically)
+const transport = await createTransport('https://example.com');
 
-  // Make encrypted requests
-  const response = await transport.post('/secure', 'Hello, World!');
-  const data = await response.text();
-  console.log('Response:', data);
-}
+// Make encrypted requests - works like fetch()
+const response = await transport.post('/api/data', JSON.stringify({ message: 'hello' }), {
+  headers: { 'Content-Type': 'application/json' }
+});
 
-main();
+const data = await response.json();
 ```
 
-## API Reference
-
-### `Identity`
+## API
 
-Manages HPKE key pairs for encryption/decryption.
+### `createTransport(serverURL: string): Promise<Transport>`
 
-#### `Identity.generate(): Promise<Identity>`
-
-Generates a new identity with X25519 key pair.
+Creates a transport that automatically encrypts requests and decrypts responses.
 
 ```javascript
-const identity = await Identity.generate();
+const transport = await createTransport('https://example.com');
 ```
 
-#### `identity.toJSON(): Promise<string>`
+### `transport.request(input, init?): Promise<Response>`
 
-Serializes the identity to JSON for storage.
+General-purpose method supporting all fetch options.
 
 ```javascript
-const identityJSON = await identity.toJSON();
-await writeFile('identity.json', identityJSON);
+const response = await transport.request('/api/data', {
+  method: 'POST',
+  headers: { 'Content-Type': 'application/json' },
+  body: JSON.stringify({ key: 'value' })
+});
 ```
 
-#### `Identity.fromJSON(json: string): Promise<Identity>`
-
-Loads an identity from JSON.
+### Convenience Methods
 
 ```javascript
-const json = await readFile('identity.json', 'utf-8');
-const identity = await Identity.fromJSON(json);
+await transport.get('/users');
+await transport.post('/users', body, options);
+await transport.put('/users/123', body, options);
+await transport.delete('/users/123');
 ```
 
-#### `identity.getPublicKeyHex(): Promise<string>`
+## Browser Usage
 
-Returns the public key as a hex string.
+```html
+<script type="module">
+  import { createTransport } from './dist/browser.js';
 
-```javascript
-const pubKeyHex = await identity.getPublicKeyHex();
-console.log('Public key:', pubKeyHex);
+  const transport = await createTransport('https://example.com');
+  const response = await transport.post('/api', 'Hello!');
+  console.log(await response.text());
+</script>
 ```
 
-### `Transport`
-
-HTTP transport that encrypts requests and decrypts responses.
-
-#### `createTransport(serverURL: string, clientIdentity: Identity): Promise<Transport>`
-
-Creates a new transport instance.
-
-```javascript
-const transport = await createTransport('http://localhost:8080', clientIdentity);
-```
+## Requirements
 
-#### `transport.request(input: RequestInfo | URL, init?: RequestInit): Promise<Response>`
+- Node.js 20+ or modern browsers with Web Crypto API
 
-Makes an encrypted HTTP request. Supports all standard fetch options.
+## Development
 
-```javascript
-const response = await transport.request('/api/data', {
-  method: 'POST',
-  headers: { 'Content-Type': 'application/json' },
-  body: JSON.stringify({ message: 'hello' })
-});
+```sh
+npm install
+npm run build
+npm test
+npm run build:browser  # Browser bundle
 ```
 
-#### Convenience Methods
+### Running Examples (Node.js)
 
-- `transport.get(url: string | URL, init?: RequestInit): Promise<Response>`
-- `transport.post(url: string | URL, body?: BodyInit, init?: RequestInit): Promise<Response>`
-- `transport.put(url: string | URL, body?: BodyInit, init?: RequestInit): Promise<Response>`
-- `transport.delete(url: string | URL, init?: RequestInit): Promise<Response>`
+The Node.js example requires a build and an EHBP server running at `http://localhost:8080`:
 
-## Examples
-
-### Saving and Loading Identities
-
-```javascript
-import { Identity } from 'ehbp';
-import { writeFile, readFile } from 'fs/promises';
+```sh
+# Build first
+npm run build
 
-// Generate and save
-const identity = await Identity.generate();
-const identityJSON = await identity.toJSON();
-await writeFile('client_identity.json', identityJSON);
+# Start the Go server (from parent directory)
+go run pkg/server/main.go
 
-// Load from file
-const loadedJSON = await readFile('client_identity.json', 'utf-8');
-const loadedIdentity = await Identity.fromJSON(loadedJSON);
+# Run the example (in another terminal)
+npm run example
 ```
 
-### Making Different Request Types
+### Running Examples (Browser)
 
-```javascript
-// GET request
-const getResponse = await transport.get('/api/users');
-const users = await getResponse.json();
-
-// POST with JSON
-const postResponse = await transport.post(
-  '/api/users',
-  JSON.stringify({ name: 'Alice' }),
-  { headers: { 'Content-Type': 'application/json' } }
-);
-
-// PUT request
-const putResponse = await transport.put(
-  '/api/users/123',
-  JSON.stringify({ name: 'Bob' }),
-  { headers: { 'Content-Type': 'application/json' } }
-);
-
-// DELETE request
-const deleteResponse = await transport.delete('/api/users/123');
-```
+Browser examples are located in `examples/` and require the browser bundle:
+
+```sh
+# Build the browser bundle
+npm run build:browser
 
-### Error Handling
+# Start the local dev server
+npm run serve
 
-```javascript
-try {
-  const response = await transport.post('/secure', 'data');
-  if (!response.ok) {
-    console.error('Request failed:', response.status, response.statusText);
-  }
-  const data = await response.text();
-  console.log('Success:', data);
-} catch (error) {
-  console.error('Transport error:', error.message);
-}
+# Start the Go EHBP server (from parent directory, in another terminal)
+go run pkg/server/main.go
 ```
 
-### Browser Usage
+Then open in your browser:
 
-```html
-<script type="module">
-  import { Identity, createTransport } from './dist/browser/ehbp.js';
+| Example | URL | Description |
+|---------|-----|-------------|
+| `test.html` | http://localhost:3000/examples/test.html | POST and streaming tests (server: `localhost:8080`) |
+| `chat.html` | http://localhost:3000/examples/chat.html | Chat interface demo (server: `localhost:8443`) |
 
-  const identity = await Identity.generate();
-  const transport = await createTransport('http://localhost:8080', identity);
+**Note:** `chat.html` connects to port 8443 and expects an OpenAI-compatible chat completions API.
 
-  const response = await transport.post('/secure', 'Hello from browser!');
-  const data = await response.text();
-  console.log(data);
-</script>
-```
+### Running Integration Tests
 
-## Development
+Integration tests verify streaming functionality against a live server:
 
 ```sh
-# Install dependencies
-npm install
+# Start the Go server (from parent directory)
+go run pkg/server/main.go
 
-# Build
+# Run integration tests (in another terminal)
 npm run build
-
-# Run tests
-npm test
-
-# Build browser bundle
-npm run build:browser
+npm run test:integration
 ```
 
-## Protocol Details
-
-For the complete protocol specification, see [SPEC.md](../SPEC.md) in the root of the repository.
+### Commands
 
-## Reporting Vulnerabilities
+| Command | Description |
+|---------|-------------|
+| `npm test` | Run unit tests (no server required) |
+| `npm run test:integration` | Run streaming integration tests (requires server) |
+| `npm run example` | Run Node.js API demo (requires server) |
+| `npm run serve` | Start local server for browser examples |
 
-Please report security vulnerabilities by either:
+## Protocol
 
-- Emailing [security@tinfoil.sh](mailto:security@tinfoil.sh)
+See [SPEC.md](../SPEC.md) for the complete protocol specification.
 
-- Opening an issue on GitHub on this repository
+## Security
 
-We aim to respond to (legitimate) security reports within 24 hours.
+Report vulnerabilities to [security@tinfoil.sh](mailto:security@tinfoil.sh) or open a GitHub issue.

package/dist/cjs/client.d.ts

@@ -1,30 +1,30 @@
 import { Identity } from './identity.js';
+import type { Key } from 'hpke';
 /**
  * HTTP transport for EHBP
  */
 export declare class Transport {
-    private clientIdentity;
+    private serverIdentity;
     private serverHost;
-    private serverPublicKey;
-    constructor(clientIdentity: Identity, serverHost: string, serverPublicKey: CryptoKey);
+    constructor(serverIdentity: Identity, serverHost: string);
     /**
-     * Create a new transport by fetching server public key
+     * Create a new transport by fetching server public key.
      */
-    static create(serverURL: string, clientIdentity: Identity): Promise<Transport>;
+    static create(serverURL: string): Promise<Transport>;
+    /**
+     * Get the server identity
+     */
+    getServerIdentity(): Identity;
     /**
      * Get the server public key
      */
-    getServerPublicKey(): CryptoKey;
+    getServerPublicKey(): Key;
     /**
      * Get the server public key as hex string
      */
     getServerPublicKeyHex(): Promise<string>;
     /**
-     * Get the client public key
-     */
-    getClientPublicKey(): CryptoKey;
-    /**
-     * Make an encrypted HTTP request
+     * Make an encrypted HTTP request.
      */
     request(input: RequestInfo | URL, init?: RequestInit): Promise<Response>;
     /**
@@ -45,7 +45,7 @@ export declare class Transport {
     delete(url: string | URL, init?: RequestInit): Promise<Response>;
 }
 /**
- * Create a new transport instance
+ * Create a new transport instance.
  */
-export declare function createTransport(serverURL: string, clientIdentity: Identity): Promise<Transport>;
+export declare function createTransport(serverURL: string): Promise<Transport>;
 //# sourceMappingURL=client.d.ts.map

package/dist/cjs/client.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../src/client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AAGzC;;GAEG;AACH,qBAAa,SAAS;IACpB,OAAO,CAAC,cAAc,CAAW;IACjC,OAAO,CAAC,UAAU,CAAS;IAC3B,OAAO,CAAC,eAAe,CAAY;gBAEvB,cAAc,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,eAAe,EAAE,SAAS;IAMpF;;OAEG;WACU,MAAM,CAAC,SAAS,EAAE,MAAM,EAAE,cAAc,EAAE,QAAQ,GAAG,OAAO,CAAC,SAAS,CAAC;IAwBpF;;OAEG;IACH,kBAAkB,IAAI,SAAS;IAI/B;;OAEG;IACG,qBAAqB,IAAI,OAAO,CAAC,MAAM,CAAC;IAQ9C;;OAEG;IACH,kBAAkB,IAAI,SAAS;IAI/B;;OAEG;IACG,OAAO,CAAC,KAAK,EAAE,WAAW,GAAG,GAAG,EAAE,IAAI,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,QAAQ,CAAC;IA2F9E;;OAEG;IACG,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,EAAE,IAAI,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,QAAQ,CAAC;IAInE;;OAEG;IACG,IAAI,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,EAAE,IAAI,CAAC,EAAE,QAAQ,EAAE,IAAI,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,QAAQ,CAAC;IAIrF;;OAEG;IACG,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,EAAE,IAAI,CAAC,EAAE,QAAQ,EAAE,IAAI,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,QAAQ,CAAC;IAIpF;;OAEG;IACG,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,EAAE,IAAI,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,QAAQ,CAAC;CAGvE;AAED;;GAEG;AACH,wBAAsB,eAAe,CAAC,SAAS,EAAE,MAAM,EAAE,cAAc,EAAE,QAAQ,GAAG,OAAO,CAAC,SAAS,CAAC,CAErG"}
+{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../src/client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AAEzC,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,MAAM,CAAC;AAEhC;;GAEG;AACH,qBAAa,SAAS;IACpB,OAAO,CAAC,cAAc,CAAW;IACjC,OAAO,CAAC,UAAU,CAAS;gBAEf,cAAc,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM;IAKxD;;OAEG;WACU,MAAM,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC;IAuB1D;;OAEG;IACH,iBAAiB,IAAI,QAAQ;IAI7B;;OAEG;IACH,kBAAkB,IAAI,GAAG;IAIzB;;OAEG;IACG,qBAAqB,IAAI,OAAO,CAAC,MAAM,CAAC;IAI9C;;OAEG;IACG,OAAO,CAAC,KAAK,EAAE,WAAW,GAAG,GAAG,EAAE,IAAI,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,QAAQ,CAAC;IAuE9E;;OAEG;IACG,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,EAAE,IAAI,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,QAAQ,CAAC;IAInE;;OAEG;IACG,IAAI,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,EAAE,IAAI,CAAC,EAAE,QAAQ,EAAE,IAAI,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,QAAQ,CAAC;IAIrF;;OAEG;IACG,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,EAAE,IAAI,CAAC,EAAE,QAAQ,EAAE,IAAI,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,QAAQ,CAAC;IAIpF;;OAEG;IACG,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,EAAE,IAAI,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,QAAQ,CAAC;CAGvE;AAED;;GAEG;AACH,wBAAsB,eAAe,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC,CAE3E"}

package/dist/cjs/client.js

@@ -8,18 +8,16 @@ const protocol_js_1 = require("./protocol.js");
  * HTTP transport for EHBP
  */
 class Transport {
-    clientIdentity;
+    serverIdentity;
     serverHost;
-    serverPublicKey;
-    constructor(clientIdentity, serverHost, serverPublicKey) {
-        this.clientIdentity = clientIdentity;
+    constructor(serverIdentity, serverHost) {
+        this.serverIdentity = serverIdentity;
         this.serverHost = serverHost;
-        this.serverPublicKey = serverPublicKey;
     }
     /**
-     * Create a new transport by fetching server public key
+     * Create a new transport by fetching server public key.
      */
-    static async create(serverURL, clientIdentity) {
+    static async create(serverURL) {
         const url = new URL(serverURL);
         const serverHost = url.host;
         // Fetch server public key
@@ -34,33 +32,28 @@ class Transport {
         }
         const keysData = new Uint8Array(await response.arrayBuffer());
         const serverIdentity = await identity_js_1.Identity.unmarshalPublicConfig(keysData);
-        const serverPublicKey = serverIdentity.getPublicKey();
-        return new Transport(clientIdentity, serverHost, serverPublicKey);
+        return new Transport(serverIdentity, serverHost);
+    }
+    /**
+     * Get the server identity
+     */
+    getServerIdentity() {
+        return this.serverIdentity;
     }
     /**
      * Get the server public key
      */
     getServerPublicKey() {
-        return this.serverPublicKey;
+        return this.serverIdentity.getPublicKey();
     }
     /**
      * Get the server public key as hex string
      */
     async getServerPublicKeyHex() {
-        const exported = await crypto.subtle.exportKey('raw', this.serverPublicKey);
-        const keyBytes = new Uint8Array(exported);
-        return Array.from(keyBytes)
-            .map(b => b.toString(16).padStart(2, '0'))
-            .join('');
-    }
-    /**
-     * Get the client public key
-     */
-    getClientPublicKey() {
-        return this.clientIdentity.getPublicKey();
+        return this.serverIdentity.getPublicKeyHex();
     }
     /**
-     * Make an encrypted HTTP request
+     * Make an encrypted HTTP request.
      */
     async request(input, init) {
         // Skip EHBP for non-network URLs (data:, blob:)
@@ -99,45 +92,27 @@ class Transport {
             method,
             headers,
             body: requestBody,
-            duplex: 'half'
+            duplex: 'half',
         });
-        // Encrypt request body if present (check the original requestBody, not request.body)
-        if (requestBody !== null && requestBody !== undefined) {
-            request = await this.clientIdentity.encryptRequest(request, this.serverPublicKey);
-        }
-        else {
-            // No body, just set client public key header
-            const headers = new Headers(request.headers);
-            headers.set(protocol_js_1.PROTOCOL.CLIENT_PUBLIC_KEY_HEADER, await this.clientIdentity.getPublicKeyHex());
-            request = new Request(request.url, {
-                method: request.method,
-                headers,
-                body: null
-            });
-        }
+        // Encrypt request (returns context for response decryption)
+        // For bodyless requests, context will be null and request passes through unmodified
+        const { request: encryptedRequest, context } = await this.serverIdentity.encryptRequestWithContext(request);
         // Make the request
-        const response = await fetch(request);
+        const response = await fetch(encryptedRequest);
         if (!response.ok) {
             console.warn(`Server returned non-OK status: ${response.status}`);
         }
-        // Check for fallback header - if set, server returned unencrypted response
-        const fallbackHeader = response.headers.get(protocol_js_1.PROTOCOL.FALLBACK_HEADER);
-        if (fallbackHeader === '1') {
+        // Bodyless requests: context is null, response is plaintext
+        if (context === null) {
             return response;
         }
-        // Check for encapsulated key header
-        const encapKeyHeader = response.headers.get(protocol_js_1.PROTOCOL.ENCAPSULATED_KEY_HEADER);
-        if (!encapKeyHeader) {
-            throw new Error(`Missing ${protocol_js_1.PROTOCOL.ENCAPSULATED_KEY_HEADER} encapsulated key header`);
-        }
-        // Validate hex encoding
-        if (!/^[0-9a-fA-F]+$/.test(encapKeyHeader) || encapKeyHeader.length % 2 !== 0) {
-            throw new Error(`Invalid ${protocol_js_1.PROTOCOL.ENCAPSULATED_KEY_HEADER} header: must be valid hex string with even length`);
+        // Check for response nonce header (required for response decryption)
+        const responseNonceHeader = response.headers.get(protocol_js_1.PROTOCOL.RESPONSE_NONCE_HEADER);
+        if (!responseNonceHeader) {
+            throw new Error(`Missing ${protocol_js_1.PROTOCOL.RESPONSE_NONCE_HEADER} header`);
         }
-        // Decode encapsulated key
-        const serverEncapKey = new Uint8Array(encapKeyHeader.match(/.{2}/g).map(byte => parseInt(byte, 16)));
         // Decrypt response
-        return await this.clientIdentity.decryptResponse(response, serverEncapKey);
+        return await this.serverIdentity.decryptResponseWithContext(response, context);
     }
     /**
      * Convenience method for GET requests
@@ -166,9 +141,9 @@ class Transport {
 }
 exports.Transport = Transport;
 /**
- * Create a new transport instance
+ * Create a new transport instance.
  */
-async function createTransport(serverURL, clientIdentity) {
-    return Transport.create(serverURL, clientIdentity);
+async function createTransport(serverURL) {
+    return Transport.create(serverURL);
 }
 //# sourceMappingURL=client.js.map

package/dist/cjs/client.js.map

@@ -1 +1 @@
-{"version":3,"file":"client.js","sourceRoot":"","sources":["../../src/client.ts"],"names":[],"mappings":";;;AAmMA,0CAEC;AArMD,+CAAyC;AACzC,+CAAyC;AAEzC;;GAEG;AACH,MAAa,SAAS;IACZ,cAAc,CAAW;IACzB,UAAU,CAAS;IACnB,eAAe,CAAY;IAEnC,YAAY,cAAwB,EAAE,UAAkB,EAAE,eAA0B;QAClF,IAAI,CAAC,cAAc,GAAG,cAAc,CAAC;QACrC,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,eAAe,GAAG,eAAe,CAAC;IACzC,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,SAAiB,EAAE,cAAwB;QAC7D,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,CAAC;QAC/B,MAAM,UAAU,GAAG,GAAG,CAAC,IAAI,CAAC;QAE5B,0BAA0B;QAC1B,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,sBAAQ,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;QACvD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC;QAEjD,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,oCAAoC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;QACzE,CAAC;QAED,MAAM,WAAW,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QACzD,IAAI,WAAW,KAAK,sBAAQ,CAAC,eAAe,EAAE,CAAC;YAC7C,MAAM,IAAI,KAAK,CAAC,yBAAyB,WAAW,EAAE,CAAC,CAAC;QAC1D,CAAC;QAED,MAAM,QAAQ,GAAG,IAAI,UAAU,CAAC,MAAM,QAAQ,CAAC,WAAW,EAAE,CAAC,CAAC;QAC9D,MAAM,cAAc,GAAG,MAAM,sBAAQ,CAAC,qBAAqB,CAAC,QAAQ,CAAC,CAAC;QACtE,MAAM,eAAe,GAAG,cAAc,CAAC,YAAY,EAAE,CAAC;QAEtD,OAAO,IAAI,SAAS,CAAC,cAAc,EAAE,UAAU,EAAE,eAAe,CAAC,CAAC;IACpE,CAAC;IAED;;OAEG;IACH,kBAAkB;QAChB,OAAO,IAAI,CAAC,eAAe,CAAC;IAC9B,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,qBAAqB;QACzB,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,CAAC,eAAe,CAAC,CAAC;QAC5E,MAAM,QAAQ,GAAG,IAAI,UAAU,CAAC,QAAQ,CAAC,CAAC;QAC1C,OAAO,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC;aACxB,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;aACzC,IAAI,CAAC,EAAE,CAAC,CAAC;IACd,CAAC;IAED;;OAEG;IACH,kBAAkB;QAChB,OAAO,IAAI,CAAC,cAAc,CAAC,YAAY,EAAE,CAAC;IAC5C,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,OAAO,CAAC,KAAwB,EAAE,IAAkB;QACxD,gDAAgD;QAChD,MAAM,QAAQ,GAAG,KAAK,YAAY,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACtE,IAAI,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;YACjE,OAAO,KAAK,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;QAC5B,CAAC;QAED,4EAA4E;QAC5E,IAAI,WAAW,GAAoB,IAAI,CAAC;QAExC,IAAI,KAAK,YAAY,OAAO,EAAE,CAAC;YAC7B,0CAA0C;YAC1C,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC;gBACf,WAAW,GAAG,MAAM,KAAK,CAAC,WAAW,EAAE,CAAC;YAC1C,CAAC;QACH,CAAC;aAAM,CAAC;YACN,6CAA6C;YAC7C,WAAW,GAAG,IAAI,EAAE,IAAI,IAAI,IAAI,CAAC;QACnC,CAAC;QAED,mCAAmC;QACnC,IAAI,GAAQ,CAAC;QACb,IAAI,MAAc,CAAC;QACnB,IAAI,OAAoB,CAAC;QAEzB,IAAI,KAAK,YAAY,OAAO,EAAE,CAAC;YAC7B,GAAG,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACzB,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC;YACtB,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC;QAC1B,CAAC;aAAM,CAAC;YACN,GAAG,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC;YACrB,MAAM,GAAG,IAAI,EAAE,MAAM,IAAI,KAAK,CAAC;YAC/B,OAAO,GAAG,IAAI,EAAE,OAAO,IAAI,EAAE,CAAC;QAChC,CAAC;QAED,GAAG,CAAC,IAAI,GAAG,IAAI,CAAC,UAAU,CAAC;QAE3B,IAAI,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YACxC,MAAM;YACN,OAAO;YACP,IAAI,EAAE,WAAW;YACjB,MAAM,EAAE,MAAM;SACA,CAAC,CAAC;QAElB,qFAAqF;QACrF,IAAI,WAAW,KAAK,IAAI,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;YACtD,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,cAAc,CAAC,OAAO,EAAE,IAAI,CAAC,eAAe,CAAC,CAAC;QACpF,CAAC;aAAM,CAAC;YACN,6CAA6C;YAC7C,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;YAC7C,OAAO,CAAC,GAAG,CAAC,sBAAQ,CAAC,wBAAwB,EAAE,MAAM,IAAI,CAAC,cAAc,CAAC,eAAe,EAAE,CAAC,CAAC;YAC5F,OAAO,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE;gBACjC,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,OAAO;gBACP,IAAI,EAAE,IAAI;aACX,CAAC,CAAC;QACL,CAAC;QAED,mBAAmB;QACnB,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,CAAC;QAEtC,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,OAAO,CAAC,IAAI,CAAC,kCAAkC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;QACpE,CAAC;QAED,2EAA2E;QAC3E,MAAM,cAAc,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,sBAAQ,CAAC,eAAe,CAAC,CAAC;QACtE,IAAI,cAAc,KAAK,GAAG,EAAE,CAAC;YAC3B,OAAO,QAAQ,CAAC;QAClB,CAAC;QAED,oCAAoC;QACpC,MAAM,cAAc,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,sBAAQ,CAAC,uBAAuB,CAAC,CAAC;QAC9E,IAAI,CAAC,cAAc,EAAE,CAAC;YACpB,MAAM,IAAI,KAAK,CAAC,WAAW,sBAAQ,CAAC,uBAAuB,0BAA0B,CAAC,CAAC;QACzF,CAAC;QAED,wBAAwB;QACxB,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,cAAc,CAAC,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;YAC9E,MAAM,IAAI,KAAK,CAAC,WAAW,sBAAQ,CAAC,uBAAuB,oDAAoD,CAAC,CAAC;QACnH,CAAC;QAED,0BAA0B;QAC1B,MAAM,cAAc,GAAG,IAAI,UAAU,CACnC,cAAc,CAAC,KAAK,CAAC,OAAO,CAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAC/D,CAAC;QAEF,mBAAmB;QACnB,OAAO,MAAM,IAAI,CAAC,cAAc,CAAC,eAAe,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;IAC7E,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,GAAG,CAAC,GAAiB,EAAE,IAAkB;QAC7C,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,GAAG,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;IACvD,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,IAAI,CAAC,GAAiB,EAAE,IAAe,EAAE,IAAkB;QAC/D,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,GAAG,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;IAC9D,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,GAAG,CAAC,GAAiB,EAAE,IAAe,EAAE,IAAkB;QAC9D,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,GAAG,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;IAC7D,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM,CAAC,GAAiB,EAAE,IAAkB;QAChD,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,GAAG,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,CAAC;IAC1D,CAAC;CACF;AAxLD,8BAwLC;AAED;;GAEG;AACI,KAAK,UAAU,eAAe,CAAC,SAAiB,EAAE,cAAwB;IAC/E,OAAO,SAAS,CAAC,MAAM,CAAC,SAAS,EAAE,cAAc,CAAC,CAAC;AACrD,CAAC"}
+{"version":3,"file":"client.js","sourceRoot":"","sources":["../../src/client.ts"],"names":[],"mappings":";;;AAyKA,0CAEC;AA3KD,+CAAyC;AACzC,+CAAyC;AAGzC;;GAEG;AACH,MAAa,SAAS;IACZ,cAAc,CAAW;IACzB,UAAU,CAAS;IAE3B,YAAY,cAAwB,EAAE,UAAkB;QACtD,IAAI,CAAC,cAAc,GAAG,cAAc,CAAC;QACrC,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;IAC/B,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,SAAiB;QACnC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,CAAC;QAC/B,MAAM,UAAU,GAAG,GAAG,CAAC,IAAI,CAAC;QAE5B,0BAA0B;QAC1B,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,sBAAQ,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;QACvD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC;QAEjD,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,oCAAoC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;QACzE,CAAC;QAED,MAAM,WAAW,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QACzD,IAAI,WAAW,KAAK,sBAAQ,CAAC,eAAe,EAAE,CAAC;YAC7C,MAAM,IAAI,KAAK,CAAC,yBAAyB,WAAW,EAAE,CAAC,CAAC;QAC1D,CAAC;QAED,MAAM,QAAQ,GAAG,IAAI,UAAU,CAAC,MAAM,QAAQ,CAAC,WAAW,EAAE,CAAC,CAAC;QAC9D,MAAM,cAAc,GAAG,MAAM,sBAAQ,CAAC,qBAAqB,CAAC,QAAQ,CAAC,CAAC;QAEtE,OAAO,IAAI,SAAS,CAAC,cAAc,EAAE,UAAU,CAAC,CAAC;IACnD,CAAC;IAED;;OAEG;IACH,iBAAiB;QACf,OAAO,IAAI,CAAC,cAAc,CAAC;IAC7B,CAAC;IAED;;OAEG;IACH,kBAAkB;QAChB,OAAO,IAAI,CAAC,cAAc,CAAC,YAAY,EAAE,CAAC;IAC5C,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,qBAAqB;QACzB,OAAO,IAAI,CAAC,cAAc,CAAC,eAAe,EAAE,CAAC;IAC/C,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,OAAO,CAAC,KAAwB,EAAE,IAAkB;QACxD,gDAAgD;QAChD,MAAM,QAAQ,GAAG,KAAK,YAAY,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACtE,IAAI,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;YACjE,OAAO,KAAK,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;QAC5B,CAAC;QAED,4EAA4E;QAC5E,IAAI,WAAW,GAAoB,IAAI,CAAC;QAExC,IAAI,KAAK,YAAY,OAAO,EAAE,CAAC;YAC7B,0CAA0C;YAC1C,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC;gBACf,WAAW,GAAG,MAAM,KAAK,CAAC,WAAW,EAAE,CAAC;YAC1C,CAAC;QACH,CAAC;aAAM,CAAC;YACN,6CAA6C;YAC7C,WAAW,GAAG,IAAI,EAAE,IAAI,IAAI,IAAI,CAAC;QACnC,CAAC;QAED,mCAAmC;QACnC,IAAI,GAAQ,CAAC;QACb,IAAI,MAAc,CAAC;QACnB,IAAI,OAAoB,CAAC;QAEzB,IAAI,KAAK,YAAY,OAAO,EAAE,CAAC;YAC7B,GAAG,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACzB,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC;YACtB,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC;QAC1B,CAAC;aAAM,CAAC;YACN,GAAG,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC;YACrB,MAAM,GAAG,IAAI,EAAE,MAAM,IAAI,KAAK,CAAC;YAC/B,OAAO,GAAG,IAAI,EAAE,OAAO,IAAI,EAAE,CAAC;QAChC,CAAC;QAED,GAAG,CAAC,IAAI,GAAG,IAAI,CAAC,UAAU,CAAC;QAE3B,IAAI,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YACxC,MAAM;YACN,OAAO;YACP,IAAI,EAAE,WAAW;YACjB,MAAM,EAAE,MAAM;SACA,CAAC,CAAC;QAElB,4DAA4D;QAC5D,oFAAoF;QACpF,MAAM,EAAE,OAAO,EAAE,gBAAgB,EAAE,OAAO,EAAE,GAC1C,MAAM,IAAI,CAAC,cAAc,CAAC,yBAAyB,CAAC,OAAO,CAAC,CAAC;QAE/D,mBAAmB;QACnB,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,gBAAgB,CAAC,CAAC;QAE/C,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,OAAO,CAAC,IAAI,CAAC,kCAAkC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;QACpE,CAAC;QAED,4DAA4D;QAC5D,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;YACrB,OAAO,QAAQ,CAAC;QAClB,CAAC;QAED,qEAAqE;QACrE,MAAM,mBAAmB,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,sBAAQ,CAAC,qBAAqB,CAAC,CAAC;QACjF,IAAI,CAAC,mBAAmB,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CAAC,WAAW,sBAAQ,CAAC,qBAAqB,SAAS,CAAC,CAAC;QACtE,CAAC;QAED,mBAAmB;QACnB,OAAO,MAAM,IAAI,CAAC,cAAc,CAAC,0BAA0B,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IACjF,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,GAAG,CAAC,GAAiB,EAAE,IAAkB;QAC7C,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,GAAG,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;IACvD,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,IAAI,CAAC,GAAiB,EAAE,IAAe,EAAE,IAAkB;QAC/D,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,GAAG,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;IAC9D,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,GAAG,CAAC,GAAiB,EAAE,IAAe,EAAE,IAAkB;QAC9D,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,GAAG,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;IAC7D,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM,CAAC,GAAiB,EAAE,IAAkB;QAChD,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,GAAG,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,CAAC;IAC1D,CAAC;CACF;AA7JD,8BA6JC;AAED;;GAEG;AACI,KAAK,UAAU,eAAe,CAAC,SAAiB;IACrD,OAAO,SAAS,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;AACrC,CAAC"}

package/dist/cjs/derive.d.ts

@@ -0,0 +1,63 @@
+/**
+ * Response key derivation for EHBP
+ *
+ * This module implements the key derivation matching the Go implementation.
+ *
+ * The derivation follows OHTTP (RFC 9458):
+ *   salt = concat(enc, response_nonce)
+ *   prk = Extract(salt, secret)
+ *   aead_key = Expand(prk, "key", Nk)
+ *   aead_nonce = Expand(prk, "nonce", Nn)
+ */
+export declare const HPKE_REQUEST_INFO = "ehbp request";
+export declare const EXPORT_LABEL = "ehbp response";
+export declare const EXPORT_LENGTH = 32;
+export declare const RESPONSE_NONCE_LENGTH = 32;
+export declare const AES256_KEY_LENGTH = 32;
+export declare const AES_GCM_NONCE_LENGTH = 12;
+export declare const REQUEST_ENC_LENGTH = 32;
+/**
+ * Response key material for encryption/decryption
+ */
+export interface ResponseKeyMaterial {
+    /** Raw key bytes for AEAD operations */
+    keyBytes: Uint8Array;
+    /** 12 bytes, XORed with sequence number for each chunk */
+    nonceBase: Uint8Array;
+}
+/**
+ * Derives response encryption keys from the HPKE exported secret.
+ *
+ *   salt = concat(enc, response_nonce)
+ *   prk = Extract(salt, secret)
+ *   key = Expand(prk, "key", 32)
+ *   nonceBase = Expand(prk, "nonce", 12)
+ *
+ * @param exportedSecret - 32 bytes exported from HPKE context
+ * @param requestEnc - 32 bytes encapsulated key from request
+ * @param responseNonce - 32 bytes random nonce from response
+ * @returns Key material for response encryption/decryption
+ */
+export declare function deriveResponseKeys(exportedSecret: Uint8Array, requestEnc: Uint8Array, responseNonce: Uint8Array): Promise<ResponseKeyMaterial>;
+/**
+ * Computes the nonce for a specific sequence number.
+ * nonce = nonceBase XOR sequence_number (big-endian in last 8 bytes)
+ */
+export declare function computeNonce(nonceBase: Uint8Array, seq: number): Uint8Array;
+/**
+ * Encrypts a chunk using the response key material
+ */
+export declare function encryptChunk(km: ResponseKeyMaterial, seq: number, plaintext: Uint8Array): Promise<Uint8Array>;
+/**
+ * Decrypts a chunk using the response key material
+ */
+export declare function decryptChunk(km: ResponseKeyMaterial, seq: number, ciphertext: Uint8Array): Promise<Uint8Array>;
+/**
+ * Utility: Convert hex string to Uint8Array
+ */
+export declare function hexToBytes(hex: string): Uint8Array;
+/**
+ * Utility: Convert Uint8Array to hex string
+ */
+export declare function bytesToHex(bytes: Uint8Array): string;
+//# sourceMappingURL=derive.d.ts.map

package/dist/cjs/derive.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"derive.d.ts","sourceRoot":"","sources":["../../src/derive.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAOH,eAAO,MAAM,iBAAiB,iBAAiB,CAAC;AAChD,eAAO,MAAM,YAAY,kBAAkB,CAAC;AAC5C,eAAO,MAAM,aAAa,KAAK,CAAC;AAChC,eAAO,MAAM,qBAAqB,KAAK,CAAC;AACxC,eAAO,MAAM,iBAAiB,KAAK,CAAC;AACpC,eAAO,MAAM,oBAAoB,KAAK,CAAC;AACvC,eAAO,MAAM,kBAAkB,KAAK,CAAC;AAMrC;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,wCAAwC;IACxC,QAAQ,EAAE,UAAU,CAAC;IACrB,0DAA0D;IAC1D,SAAS,EAAE,UAAU,CAAC;CACvB;AAED;;;;;;;;;;;;GAYG;AACH,wBAAsB,kBAAkB,CACtC,cAAc,EAAE,UAAU,EAC1B,UAAU,EAAE,UAAU,EACtB,aAAa,EAAE,UAAU,GACxB,OAAO,CAAC,mBAAmB,CAAC,CA2B9B;AAED;;;GAGG;AACH,wBAAgB,YAAY,CAAC,SAAS,EAAE,UAAU,EAAE,GAAG,EAAE,MAAM,GAAG,UAAU,CAyB3E;AAED;;GAEG;AACH,wBAAsB,YAAY,CAChC,EAAE,EAAE,mBAAmB,EACvB,GAAG,EAAE,MAAM,EACX,SAAS,EAAE,UAAU,GACpB,OAAO,CAAC,UAAU,CAAC,CAMrB;AAED;;GAEG;AACH,wBAAsB,YAAY,CAChC,EAAE,EAAE,mBAAmB,EACvB,GAAG,EAAE,MAAM,EACX,UAAU,EAAE,UAAU,GACrB,OAAO,CAAC,UAAU,CAAC,CAMrB;AAED;;GAEG;AACH,wBAAgB,UAAU,CAAC,GAAG,EAAE,MAAM,GAAG,UAAU,CAYlD;AAED;;GAEG;AACH,wBAAgB,UAAU,CAAC,KAAK,EAAE,UAAU,GAAG,MAAM,CAIpD"}