ehbp 0.1.5 → 0.1.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +5 -7
- package/dist/cjs/client.d.ts +2 -0
- package/dist/cjs/client.d.ts.map +1 -1
- package/dist/cjs/client.js +28 -5
- package/dist/cjs/client.js.map +1 -1
- package/dist/cjs/derive.d.ts.map +1 -1
- package/dist/cjs/derive.js +3 -3
- package/dist/cjs/derive.js.map +1 -1
- package/dist/cjs/errors.d.ts +32 -0
- package/dist/cjs/errors.d.ts.map +1 -0
- package/dist/cjs/errors.js +48 -0
- package/dist/cjs/errors.js.map +1 -0
- package/dist/cjs/identity.d.ts +9 -0
- package/dist/cjs/identity.d.ts.map +1 -1
- package/dist/cjs/identity.js +23 -21
- package/dist/cjs/identity.js.map +1 -1
- package/dist/cjs/index.d.ts +1 -0
- package/dist/cjs/index.d.ts.map +1 -1
- package/dist/cjs/index.js +6 -1
- package/dist/cjs/index.js.map +1 -1
- package/dist/cjs/protocol.d.ts +2 -0
- package/dist/cjs/protocol.d.ts.map +1 -1
- package/dist/cjs/protocol.js +2 -0
- package/dist/cjs/protocol.js.map +1 -1
- package/dist/esm/client.d.ts +2 -0
- package/dist/esm/client.d.ts.map +1 -1
- package/dist/esm/client.js +28 -5
- package/dist/esm/client.js.map +1 -1
- package/dist/esm/derive.d.ts.map +1 -1
- package/dist/esm/derive.js +1 -1
- package/dist/esm/derive.js.map +1 -1
- package/dist/esm/errors.d.ts +32 -0
- package/dist/esm/errors.d.ts.map +1 -0
- package/dist/esm/errors.js +41 -0
- package/dist/esm/errors.js.map +1 -0
- package/dist/esm/identity.d.ts +9 -0
- package/dist/esm/identity.d.ts.map +1 -1
- package/dist/esm/identity.js +23 -21
- package/dist/esm/identity.js.map +1 -1
- package/dist/esm/index.d.ts +1 -0
- package/dist/esm/index.d.ts.map +1 -1
- package/dist/esm/index.js +1 -0
- package/dist/esm/index.js.map +1 -1
- package/dist/esm/protocol.d.ts +2 -0
- package/dist/esm/protocol.d.ts.map +1 -1
- package/dist/esm/protocol.js +2 -0
- package/dist/esm/protocol.js.map +1 -1
- package/dist/esm/test/client.test.js +124 -1
- package/dist/esm/test/client.test.js.map +1 -1
- package/dist/esm/test/identity.test.js +4 -4
- package/dist/esm/test/identity.test.js.map +1 -1
- package/dist/esm/test/security.test.js +2 -1
- package/dist/esm/test/security.test.js.map +1 -1
- package/package.json +2 -1
package/dist/esm/client.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"client.js","sourceRoot":"","sources":["../../src/client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AACzC,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;
|
|
1
|
+
{"version":3,"file":"client.js","sourceRoot":"","sources":["../../src/client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AACzC,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AACzC,OAAO,EAAE,sBAAsB,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAQpE;;GAEG;AACH,MAAM,OAAO,SAAS;IACZ,cAAc,CAAW;IACzB,UAAU,CAAS;IAE3B,YAAY,cAAwB,EAAE,UAAkB;QACtD,IAAI,CAAC,cAAc,GAAG,cAAc,CAAC;QACrC,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;IAC/B,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,SAAiB;QACnC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,CAAC;QAC/B,MAAM,UAAU,GAAG,GAAG,CAAC,IAAI,CAAC;QAE5B,0BAA0B;QAC1B,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;QACvD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC;QAEjD,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,oCAAoC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;QACzE,CAAC;QAED,MAAM,WAAW,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QACzD,IAAI,WAAW,KAAK,QAAQ,CAAC,eAAe,EAAE,CAAC;YAC7C,MAAM,IAAI,KAAK,CAAC,yBAAyB,WAAW,EAAE,CAAC,CAAC;QAC1D,CAAC;QAED,MAAM,QAAQ,GAAG,IAAI,UAAU,CAAC,MAAM,QAAQ,CAAC,WAAW,EAAE,CAAC,CAAC;QAC9D,MAAM,cAAc,GAAG,MAAM,QAAQ,CAAC,qBAAqB,CAAC,QAAQ,CAAC,CAAC;QAEtE,OAAO,IAAI,SAAS,CAAC,cAAc,EAAE,UAAU,CAAC,CAAC;IACnD,CAAC;IAEO,MAAM,CAAC,wBAAwB,CAAC,WAA0B;QAChE,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,OAAO,KAAK,CAAC;QACf,CAAC;QACD,MAAM,SAAS,GAAG,WAAW,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,WAAW,EAAE,IAAI,EAAE,CAAC;QAC3E,OAAO,SAAS,KAAK,QAAQ,CAAC,uBAAuB,CAAC;IACxD,CAAC;IAEO,MAAM,CAAC,KAAK,CAAC,sBAAsB,CAAC,QAAkB;QAC5D,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG;YAAE,OAAO;QACpC,IAAI,CAAC,SAAS,CAAC,wBAAwB,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;YAAE,OAAO;QAEtF,IAAI,OAAmC,CAAC;QACxC,IAAI,CAAC;YACH,OAAO,GAAG,CAAC,MAAM,QAAQ,CAAC,KAAK,EAAE,CAAC,IAAI,EAAE,CAAmB,CAAC;QAC9D,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,CAAC,6CAA6C;QACvD,CAAC;QACD,IAAI,OAAO,EAAE,IAAI,KAAK,QAAQ,CAAC,uBAAuB,EAAE,CAAC;YACvD,MAAM,IAAI,sBAAsB,CAC9B,OAAO,OAAO,CAAC,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAC9D,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;OAEG;IACH,iBAAiB;QACf,OAAO,IAAI,CAAC,cAAc,CAAC;IAC7B,CAAC;IAED;;OAEG;IACH,kBAAkB;QAChB,OAAO,IAAI,CAAC,cAAc,CAAC,YAAY,EAAE,CAAC;IAC5C,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,qBAAqB;QACzB,OAAO,IAAI,CAAC,cAAc,CAAC,eAAe,EAAE,CAAC;IAC/C,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,OAAO,CAAC,KAAwB,EAAE,IAAkB;QACxD,gDAAgD;QAChD,MAAM,QAAQ,GAAG,KAAK,YAAY,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACtE,IAAI,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;YACjE,OAAO,KAAK,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;QAC5B,CAAC;QAED,4EAA4E;QAC5E,IAAI,WAAW,GAAoB,IAAI,CAAC;QAExC,IAAI,KAAK,YAAY,OAAO,EAAE,CAAC;YAC7B,0CAA0C;YAC1C,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC;gBACf,WAAW,GAAG,MAAM,KAAK,CAAC,WAAW,EAAE,CAAC;YAC1C,CAAC;QACH,CAAC;aAAM,CAAC;YACN,6CAA6C;YAC7C,WAAW,GAAG,IAAI,EAAE,IAAI,IAAI,IAAI,CAAC;QACnC,CAAC;QAED,mCAAmC;QACnC,IAAI,GAAQ,CAAC;QACb,IAAI,MAAc,CAAC;QACnB,IAAI,OAAoB,CAAC;QAEzB,IAAI,KAAK,YAAY,OAAO,EAAE,CAAC;YAC7B,GAAG,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACzB,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC;YACtB,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC;QAC1B,CAAC;aAAM,CAAC;YACN,GAAG,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC;YACrB,MAAM,GAAG,IAAI,EAAE,MAAM,IAAI,KAAK,CAAC;YAC/B,OAAO,GAAG,IAAI,EAAE,OAAO,IAAI,EAAE,CAAC;QAChC,CAAC;QAED,GAAG,CAAC,IAAI,GAAG,IAAI,CAAC,UAAU,CAAC;QAE3B,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC1C,MAAM;YACN,OAAO;YACP,IAAI,EAAE,WAAW;YACjB,MAAM,EAAE,MAAM;SACA,CAAC,CAAC;QAElB,4DAA4D;QAC5D,oFAAoF;QACpF,MAAM,EAAE,OAAO,EAAE,gBAAgB,EAAE,OAAO,EAAE,GAC1C,MAAM,IAAI,CAAC,cAAc,CAAC,yBAAyB,CAAC,OAAO,CAAC,CAAC;QAE/D,mBAAmB;QACnB,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,gBAAgB,CAAC,CAAC;QAE/C,4DAA4D;QAC5D,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;YACrB,OAAO,QAAQ,CAAC;QAClB,CAAC;QAED,2EAA2E;QAC3E,MAAM,SAAS,CAAC,sBAAsB,CAAC,QAAQ,CAAC,CAAC;QAEjD,qEAAqE;QACrE,MAAM,mBAAmB,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,qBAAqB,CAAC,CAAC;QACjF,IAAI,CAAC,mBAAmB,EAAE,CAAC;YACzB,MAAM,IAAI,aAAa,CAAC,WAAW,QAAQ,CAAC,qBAAqB,SAAS,CAAC,CAAC;QAC9E,CAAC;QAED,mBAAmB;QACnB,OAAO,MAAM,IAAI,CAAC,cAAc,CAAC,0BAA0B,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IACjF,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,GAAG,CAAC,GAAiB,EAAE,IAAkB;QAC7C,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,GAAG,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;IACvD,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,IAAI,CAAC,GAAiB,EAAE,IAAe,EAAE,IAAkB;QAC/D,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,GAAG,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;IAC9D,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,GAAG,CAAC,GAAiB,EAAE,IAAe,EAAE,IAAkB;QAC9D,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,GAAG,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;IAC7D,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM,CAAC,GAAiB,EAAE,IAAkB;QAChD,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,GAAG,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,CAAC;IAC1D,CAAC;CACF;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,SAAiB;IACrD,OAAO,SAAS,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;AACrC,CAAC"}
|
package/dist/esm/derive.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"derive.d.ts","sourceRoot":"","sources":["../../src/derive.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;
|
|
1
|
+
{"version":3,"file":"derive.d.ts","sourceRoot":"","sources":["../../src/derive.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAQH,eAAO,MAAM,iBAAiB,iBAAiB,CAAC;AAChD,eAAO,MAAM,YAAY,kBAAkB,CAAC;AAC5C,eAAO,MAAM,aAAa,KAAK,CAAC;AAChC,eAAO,MAAM,qBAAqB,KAAK,CAAC;AACxC,eAAO,MAAM,iBAAiB,KAAK,CAAC;AACpC,eAAO,MAAM,oBAAoB,KAAK,CAAC;AACvC,eAAO,MAAM,kBAAkB,KAAK,CAAC;AAMrC;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,wCAAwC;IACxC,QAAQ,EAAE,UAAU,CAAC;IACrB,0DAA0D;IAC1D,SAAS,EAAE,UAAU,CAAC;CACvB;AAED;;;;;;;;;;;;GAYG;AACH,wBAAsB,kBAAkB,CACtC,cAAc,EAAE,UAAU,EAC1B,UAAU,EAAE,UAAU,EACtB,aAAa,EAAE,UAAU,GACxB,OAAO,CAAC,mBAAmB,CAAC,CA2B9B;AAED;;;GAGG;AACH,wBAAgB,YAAY,CAAC,SAAS,EAAE,UAAU,EAAE,GAAG,EAAE,MAAM,GAAG,UAAU,CAyB3E;AAED;;GAEG;AACH,wBAAsB,YAAY,CAChC,EAAE,EAAE,mBAAmB,EACvB,GAAG,EAAE,MAAM,EACX,SAAS,EAAE,UAAU,GACpB,OAAO,CAAC,UAAU,CAAC,CAMrB;AAED;;GAEG;AACH,wBAAsB,YAAY,CAChC,EAAE,EAAE,mBAAmB,EACvB,GAAG,EAAE,MAAM,EACX,UAAU,EAAE,UAAU,GACrB,OAAO,CAAC,UAAU,CAAC,CAMrB;AAED;;GAEG;AACH,wBAAgB,UAAU,CAAC,GAAG,EAAE,MAAM,GAAG,UAAU,CAYlD;AAED;;GAEG;AACH,wBAAgB,UAAU,CAAC,KAAK,EAAE,UAAU,GAAG,MAAM,CAIpD"}
|
package/dist/esm/derive.js
CHANGED
|
@@ -9,7 +9,7 @@
|
|
|
9
9
|
* aead_key = Expand(prk, "key", Nk)
|
|
10
10
|
* aead_nonce = Expand(prk, "nonce", Nn)
|
|
11
11
|
*/
|
|
12
|
-
import { KDF_HKDF_SHA256, AEAD_AES_256_GCM } from 'hpke';
|
|
12
|
+
import { KDF_HKDF_SHA256, AEAD_AES_256_GCM } from '@panva/hpke-noble';
|
|
13
13
|
const kdf = KDF_HKDF_SHA256();
|
|
14
14
|
const aead = AEAD_AES_256_GCM();
|
|
15
15
|
export const HPKE_REQUEST_INFO = 'ehbp request';
|
package/dist/esm/derive.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"derive.js","sourceRoot":"","sources":["../../src/derive.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;
|
|
1
|
+
{"version":3,"file":"derive.js","sourceRoot":"","sources":["../../src/derive.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAGH,OAAO,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAEtE,MAAM,GAAG,GAAQ,eAAe,EAAE,CAAC;AACnC,MAAM,IAAI,GAAS,gBAAgB,EAAE,CAAC;AAEtC,MAAM,CAAC,MAAM,iBAAiB,GAAG,cAAc,CAAC;AAChD,MAAM,CAAC,MAAM,YAAY,GAAG,eAAe,CAAC;AAC5C,MAAM,CAAC,MAAM,aAAa,GAAG,EAAE,CAAC;AAChC,MAAM,CAAC,MAAM,qBAAqB,GAAG,EAAE,CAAC,CAAC,iCAAiC;AAC1E,MAAM,CAAC,MAAM,iBAAiB,GAAG,EAAE,CAAC;AACpC,MAAM,CAAC,MAAM,oBAAoB,GAAG,EAAE,CAAC;AACvC,MAAM,CAAC,MAAM,kBAAkB,GAAG,EAAE,CAAC,CAAC,kBAAkB;AAExD,yBAAyB;AACzB,MAAM,kBAAkB,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AAC3D,MAAM,oBAAoB,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;AAY/D;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,cAA0B,EAC1B,UAAsB,EACtB,aAAyB;IAEzB,kBAAkB;IAClB,IAAI,cAAc,CAAC,MAAM,KAAK,aAAa,EAAE,CAAC;QAC5C,MAAM,IAAI,KAAK,CAAC,2BAA2B,aAAa,eAAe,cAAc,CAAC,MAAM,EAAE,CAAC,CAAC;IAClG,CAAC;IACD,IAAI,UAAU,CAAC,MAAM,KAAK,kBAAkB,EAAE,CAAC;QAC7C,MAAM,IAAI,KAAK,CAAC,uBAAuB,kBAAkB,eAAe,UAAU,CAAC,MAAM,EAAE,CAAC,CAAC;IAC/F,CAAC;IACD,IAAI,aAAa,CAAC,MAAM,KAAK,qBAAqB,EAAE,CAAC;QACnD,MAAM,IAAI,KAAK,CAAC,0BAA0B,qBAAqB,eAAe,aAAa,CAAC,MAAM,EAAE,CAAC,CAAC;IACxG,CAAC;IAED,qCAAqC;IACrC,MAAM,IAAI,GAAG,IAAI,UAAU,CAAC,UAAU,CAAC,MAAM,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;IACtE,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC;IACxB,IAAI,CAAC,GAAG,CAAC,aAAa,EAAE,UAAU,CAAC,MAAM,CAAC,CAAC;IAE3C,8BAA8B;IAC9B,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,cAAc,CAAC,CAAC;IAEpD,+BAA+B;IAC/B,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,kBAAkB,EAAE,iBAAiB,CAAC,CAAC;IAE9E,uCAAuC;IACvC,MAAM,SAAS,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,GAAG,EAAE,oBAAoB,EAAE,oBAAoB,CAAC,CAAC;IAEpF,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC;AACjC,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,YAAY,CAAC,SAAqB,EAAE,GAAW;IAC7D,IAAI,SAAS,CAAC,MAAM,KAAK,oBAAoB,EAAE,CAAC;QAC9C,MAAM,IAAI,KAAK,CAAC,sBAAsB,oBAAoB,QAAQ,CAAC,CAAC;IACtE,CAAC;IAED,6DAA6D;IAC7D,+EAA+E;IAC/E,4EAA4E;IAC5E,mGAAmG;IACnG,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC,IAAI,GAAG,IAAI,WAAW,EAAE,CAAC;QAC5D,MAAM,IAAI,KAAK,CAAC,8DAA8D,GAAG,EAAE,CAAC,CAAC;IACvF,CAAC;IAED,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,oBAAoB,CAAC,CAAC;IACnD,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IAErB,4DAA4D;IAC5D,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAC3B,MAAM,KAAK,GAAG,CAAC,GAAG,CAAC,CAAC;QACpB,IAAI,KAAK,GAAG,EAAE,EAAE,CAAC;YACf,KAAK,CAAC,oBAAoB,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,KAAK,KAAK,CAAC,GAAG,IAAI,CAAC;QAChE,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,EAAuB,EACvB,GAAW,EACX,SAAqB;IAErB,MAAM,KAAK,GAAG,YAAY,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC;IAE9C,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,EAAE,KAAK,EAAE,IAAI,UAAU,CAAC,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC;IAErF,OAAO,UAAU,CAAC;AACpB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,EAAuB,EACvB,GAAW,EACX,UAAsB;IAEtB,MAAM,KAAK,GAAG,YAAY,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC;IAE9C,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,EAAE,KAAK,EAAE,IAAI,UAAU,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;IAErF,OAAO,SAAS,CAAC;AACnB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,UAAU,CAAC,GAAW;IACpC,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IACtD,CAAC;IACD,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QAChC,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;IAC3C,CAAC;IACD,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAC7C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,KAAK,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAC3D,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,UAAU,CAAC,KAAiB;IAC1C,OAAO,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC;SACrB,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;SACzC,IAAI,CAAC,EAAE,CAAC,CAAC;AACd,CAAC"}
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* EHBP error hierarchy:
|
|
3
|
+
*
|
|
4
|
+
* EhbpError (base)
|
|
5
|
+
* ├── KeyConfigMismatchError - 422 key-config mismatch (stale key after rotation)
|
|
6
|
+
* ├── ProtocolError - Malformed framing or crypto setup failure
|
|
7
|
+
* └── DecryptionError - AEAD authentication / decryption failure
|
|
8
|
+
*/
|
|
9
|
+
export declare class EhbpError extends Error {
|
|
10
|
+
constructor(message: string, options?: {
|
|
11
|
+
cause?: unknown;
|
|
12
|
+
});
|
|
13
|
+
}
|
|
14
|
+
/**
|
|
15
|
+
* Server returned 422 with problem+json key-config mismatch.
|
|
16
|
+
* The request was never processed — re-sending after re-keying is safe.
|
|
17
|
+
*/
|
|
18
|
+
export declare class KeyConfigMismatchError extends EhbpError {
|
|
19
|
+
readonly title: string;
|
|
20
|
+
constructor(title?: string);
|
|
21
|
+
}
|
|
22
|
+
export declare class ProtocolError extends EhbpError {
|
|
23
|
+
constructor(message: string, options?: {
|
|
24
|
+
cause?: unknown;
|
|
25
|
+
});
|
|
26
|
+
}
|
|
27
|
+
export declare class DecryptionError extends EhbpError {
|
|
28
|
+
constructor(message: string, options?: {
|
|
29
|
+
cause?: unknown;
|
|
30
|
+
});
|
|
31
|
+
}
|
|
32
|
+
//# sourceMappingURL=errors.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../../src/errors.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,qBAAa,SAAU,SAAQ,KAAK;gBACtB,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE;QAAE,KAAK,CAAC,EAAE,OAAO,CAAA;KAAE;CAK3D;AAED;;;GAGG;AACH,qBAAa,sBAAuB,SAAQ,SAAS;IACnD,SAAgB,KAAK,EAAE,MAAM,CAAC;gBAClB,KAAK,CAAC,EAAE,MAAM;CAK3B;AAED,qBAAa,aAAc,SAAQ,SAAS;gBAC9B,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE;QAAE,KAAK,CAAC,EAAE,OAAO,CAAA;KAAE;CAI3D;AAED,qBAAa,eAAgB,SAAQ,SAAS;gBAChC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE;QAAE,KAAK,CAAC,EAAE,OAAO,CAAA;KAAE;CAI3D"}
|
|
@@ -0,0 +1,41 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* EHBP error hierarchy:
|
|
3
|
+
*
|
|
4
|
+
* EhbpError (base)
|
|
5
|
+
* ├── KeyConfigMismatchError - 422 key-config mismatch (stale key after rotation)
|
|
6
|
+
* ├── ProtocolError - Malformed framing or crypto setup failure
|
|
7
|
+
* └── DecryptionError - AEAD authentication / decryption failure
|
|
8
|
+
*/
|
|
9
|
+
export class EhbpError extends Error {
|
|
10
|
+
constructor(message, options) {
|
|
11
|
+
super(message);
|
|
12
|
+
this.name = 'EhbpError';
|
|
13
|
+
if (options?.cause)
|
|
14
|
+
this.cause = options.cause;
|
|
15
|
+
}
|
|
16
|
+
}
|
|
17
|
+
/**
|
|
18
|
+
* Server returned 422 with problem+json key-config mismatch.
|
|
19
|
+
* The request was never processed — re-sending after re-keying is safe.
|
|
20
|
+
*/
|
|
21
|
+
export class KeyConfigMismatchError extends EhbpError {
|
|
22
|
+
title;
|
|
23
|
+
constructor(title) {
|
|
24
|
+
super(title || 'Server key configuration mismatch');
|
|
25
|
+
this.name = 'KeyConfigMismatchError';
|
|
26
|
+
this.title = title || '';
|
|
27
|
+
}
|
|
28
|
+
}
|
|
29
|
+
export class ProtocolError extends EhbpError {
|
|
30
|
+
constructor(message, options) {
|
|
31
|
+
super(message, options);
|
|
32
|
+
this.name = 'ProtocolError';
|
|
33
|
+
}
|
|
34
|
+
}
|
|
35
|
+
export class DecryptionError extends EhbpError {
|
|
36
|
+
constructor(message, options) {
|
|
37
|
+
super(message, options);
|
|
38
|
+
this.name = 'DecryptionError';
|
|
39
|
+
}
|
|
40
|
+
}
|
|
41
|
+
//# sourceMappingURL=errors.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"errors.js","sourceRoot":"","sources":["../../src/errors.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,MAAM,OAAO,SAAU,SAAQ,KAAK;IAClC,YAAY,OAAe,EAAE,OAA6B;QACxD,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,WAAW,CAAC;QACxB,IAAI,OAAO,EAAE,KAAK;YAAE,IAAI,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC;IACjD,CAAC;CACF;AAED;;;GAGG;AACH,MAAM,OAAO,sBAAuB,SAAQ,SAAS;IACnC,KAAK,CAAS;IAC9B,YAAY,KAAc;QACxB,KAAK,CAAC,KAAK,IAAI,mCAAmC,CAAC,CAAC;QACpD,IAAI,CAAC,IAAI,GAAG,wBAAwB,CAAC;QACrC,IAAI,CAAC,KAAK,GAAG,KAAK,IAAI,EAAE,CAAC;IAC3B,CAAC;CACF;AAED,MAAM,OAAO,aAAc,SAAQ,SAAS;IAC1C,YAAY,OAAe,EAAE,OAA6B;QACxD,KAAK,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QACxB,IAAI,CAAC,IAAI,GAAG,eAAe,CAAC;IAC9B,CAAC;CACF;AAED,MAAM,OAAO,eAAgB,SAAQ,SAAS;IAC5C,YAAY,OAAe,EAAE,OAA6B;QACxD,KAAK,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QACxB,IAAI,CAAC,IAAI,GAAG,iBAAiB,CAAC;IAChC,CAAC;CACF"}
|
package/dist/esm/identity.d.ts
CHANGED
|
@@ -56,6 +56,15 @@ export declare class Identity {
|
|
|
56
56
|
* and don't need to fetch it.
|
|
57
57
|
*/
|
|
58
58
|
static fromPublicKeyHex(publicKeyHex: string): Promise<Identity>;
|
|
59
|
+
/**
|
|
60
|
+
* Create an Identity from raw public key bytes.
|
|
61
|
+
* Uses the default cipher suite (X25519/HKDF-SHA256/AES-256-GCM).
|
|
62
|
+
*
|
|
63
|
+
* For public-key-only identities (client-side use), we create a placeholder
|
|
64
|
+
* private key that won't be used. TODO: refactor Identity to not require
|
|
65
|
+
* a private key for client-side use.
|
|
66
|
+
*/
|
|
67
|
+
private static fromPublicKeyBytes;
|
|
59
68
|
/**
|
|
60
69
|
* Encrypt request body and return context for response decryption.
|
|
61
70
|
*
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"identity.d.ts","sourceRoot":"","sources":["../../src/identity.ts"],"names":[],"mappings":"AAAA,OAAO,
|
|
1
|
+
{"version":3,"file":"identity.d.ts","sourceRoot":"","sources":["../../src/identity.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,KAAK,aAAa,EAAE,KAAK,GAAG,EAAE,MAAM,MAAM,CAAC;AAgBjE;;;GAGG;AACH,MAAM,WAAW,cAAc;IAC7B,aAAa,EAAE,aAAa,CAAC;IAC7B,UAAU,EAAE,UAAU,CAAC;CACxB;AAaD;;GAEG;AACH,qBAAa,QAAQ;IACnB,OAAO,CAAC,KAAK,CAAc;IAC3B,OAAO,CAAC,SAAS,CAAM;IACvB,OAAO,CAAC,UAAU,CAAM;gBAEZ,KAAK,EAAE,WAAW,EAAE,SAAS,EAAE,GAAG,EAAE,UAAU,EAAE,GAAG;IAM/D;;OAEG;WACU,QAAQ,IAAI,OAAO,CAAC,QAAQ,CAAC;IAO1C;;OAEG;WACU,QAAQ,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC;IAWtD;;OAEG;IACG,MAAM,IAAI,OAAO,CAAC,MAAM,CAAC;IAU/B;;OAEG;IACH,YAAY,IAAI,GAAG;IAInB;;OAEG;IACG,eAAe,IAAI,OAAO,CAAC,MAAM,CAAC;IAKxC;;OAEG;IACH,aAAa,IAAI,GAAG;IAIpB;;;OAGG;IACG,aAAa,IAAI,OAAO,CAAC,UAAU,CAAC;IA0C1C;;OAEG;WACU,qBAAqB,CAAC,IAAI,EAAE,UAAU,GAAG,OAAO,CAAC,QAAQ,CAAC;IA2CvE;;;;;;OAMG;WACU,gBAAgB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC;IAStE;;;;;;;OAOG;mBACkB,kBAAkB;IAQvC;;;;;;;;OAQG;IACG,yBAAyB,CAC7B,OAAO,EAAE,OAAO,GACf,OAAO,CAAC;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,OAAO,EAAE,cAAc,GAAG,IAAI,CAAA;KAAE,CAAC;IAwDhE;;;;;;;;OAQG;IACG,0BAA0B,CAC9B,QAAQ,EAAE,QAAQ,EAClB,OAAO,EAAE,cAAc,GACtB,OAAO,CAAC,QAAQ,CAAC;IAmCpB;;OAEG;IACH,OAAO,CAAC,mBAAmB;CA4D5B"}
|
package/dist/esm/identity.js
CHANGED
|
@@ -1,6 +1,8 @@
|
|
|
1
|
-
import { CipherSuite
|
|
1
|
+
import { CipherSuite } from 'hpke';
|
|
2
|
+
import { KEM_DHKEM_X25519_HKDF_SHA256, KDF_HKDF_SHA256, AEAD_AES_256_GCM } from '@panva/hpke-noble';
|
|
2
3
|
import { PROTOCOL, HPKE_CONFIG } from './protocol.js';
|
|
3
4
|
import { deriveResponseKeys, decryptChunk, hexToBytes, bytesToHex, HPKE_REQUEST_INFO, EXPORT_LABEL, EXPORT_LENGTH, RESPONSE_NONCE_LENGTH, } from './derive.js';
|
|
5
|
+
import { ProtocolError, DecryptionError } from './errors.js';
|
|
4
6
|
/**
|
|
5
7
|
* Creates a new CipherSuite for X25519/HKDF-SHA256/AES-256-GCM
|
|
6
8
|
*/
|
|
@@ -127,22 +129,15 @@ export class Identity {
|
|
|
127
129
|
suites.push({ kdfId, aeadId });
|
|
128
130
|
}
|
|
129
131
|
if (suites.length === 0) {
|
|
130
|
-
throw new
|
|
132
|
+
throw new ProtocolError('No cipher suites found in config');
|
|
131
133
|
}
|
|
132
134
|
// Use the first cipher suite
|
|
133
135
|
const firstSuite = suites[0];
|
|
134
136
|
// Validate that we support this cipher suite
|
|
135
137
|
if (firstSuite.kdfId !== HPKE_CONFIG.KDF || firstSuite.aeadId !== HPKE_CONFIG.AEAD) {
|
|
136
|
-
throw new
|
|
138
|
+
throw new ProtocolError(`Unsupported cipher suite: KDF=0x${firstSuite.kdfId.toString(16)}, AEAD=0x${firstSuite.aeadId.toString(16)}`);
|
|
137
139
|
}
|
|
138
|
-
|
|
139
|
-
const suite = createSuite();
|
|
140
|
-
// Import public key
|
|
141
|
-
const publicKey = await suite.DeserializePublicKey(publicKeyBytes);
|
|
142
|
-
// For server config, we only have the public key, no private key
|
|
143
|
-
// We'll create a dummy private key that won't be used
|
|
144
|
-
const dummyPrivateKey = await suite.DeserializePrivateKey(new Uint8Array(32), false);
|
|
145
|
-
return new Identity(suite, publicKey, dummyPrivateKey);
|
|
140
|
+
return Identity.fromPublicKeyBytes(publicKeyBytes);
|
|
146
141
|
}
|
|
147
142
|
/**
|
|
148
143
|
* Create an Identity from a raw public key hex string.
|
|
@@ -154,16 +149,23 @@ export class Identity {
|
|
|
154
149
|
static async fromPublicKeyHex(publicKeyHex) {
|
|
155
150
|
const publicKeyBytes = hexToBytes(publicKeyHex);
|
|
156
151
|
if (publicKeyBytes.length !== 32) {
|
|
157
|
-
throw new
|
|
152
|
+
throw new ProtocolError(`Invalid public key length: expected 32, got ${publicKeyBytes.length}`);
|
|
158
153
|
}
|
|
154
|
+
return Identity.fromPublicKeyBytes(publicKeyBytes);
|
|
155
|
+
}
|
|
156
|
+
/**
|
|
157
|
+
* Create an Identity from raw public key bytes.
|
|
158
|
+
* Uses the default cipher suite (X25519/HKDF-SHA256/AES-256-GCM).
|
|
159
|
+
*
|
|
160
|
+
* For public-key-only identities (client-side use), we create a placeholder
|
|
161
|
+
* private key that won't be used. TODO: refactor Identity to not require
|
|
162
|
+
* a private key for client-side use.
|
|
163
|
+
*/
|
|
164
|
+
static async fromPublicKeyBytes(publicKeyBytes) {
|
|
159
165
|
const suite = createSuite();
|
|
160
166
|
const publicKey = await suite.DeserializePublicKey(publicKeyBytes);
|
|
161
|
-
|
|
162
|
-
|
|
163
|
-
// TODO: maybe refactor Identity to not require a private key for
|
|
164
|
-
// client-side use?
|
|
165
|
-
const dummyPrivateKey = await suite.DeserializePrivateKey(new Uint8Array(32), false);
|
|
166
|
-
return new Identity(suite, publicKey, dummyPrivateKey);
|
|
167
|
+
const placeholderPrivateKey = await suite.DeserializePrivateKey(new Uint8Array(32), false);
|
|
168
|
+
return new Identity(suite, publicKey, placeholderPrivateKey);
|
|
167
169
|
}
|
|
168
170
|
/**
|
|
169
171
|
* Encrypt request body and return context for response decryption.
|
|
@@ -237,11 +239,11 @@ export class Identity {
|
|
|
237
239
|
// Get response nonce from header
|
|
238
240
|
const responseNonceHex = response.headers.get(PROTOCOL.RESPONSE_NONCE_HEADER);
|
|
239
241
|
if (!responseNonceHex) {
|
|
240
|
-
throw new
|
|
242
|
+
throw new ProtocolError(`Missing ${PROTOCOL.RESPONSE_NONCE_HEADER} header`);
|
|
241
243
|
}
|
|
242
244
|
const responseNonce = hexToBytes(responseNonceHex);
|
|
243
245
|
if (responseNonce.length !== RESPONSE_NONCE_LENGTH) {
|
|
244
|
-
throw new
|
|
246
|
+
throw new ProtocolError(`Invalid response nonce length: expected ${RESPONSE_NONCE_LENGTH}, got ${responseNonce.length}`);
|
|
245
247
|
}
|
|
246
248
|
// Export secret from request context
|
|
247
249
|
const exportLabelBytes = new TextEncoder().encode(EXPORT_LABEL);
|
|
@@ -283,7 +285,7 @@ export class Identity {
|
|
|
283
285
|
return;
|
|
284
286
|
}
|
|
285
287
|
catch (error) {
|
|
286
|
-
controller.error(new
|
|
288
|
+
controller.error(new DecryptionError(`Decryption failed at chunk ${seq - 1}`, { cause: error }));
|
|
287
289
|
return;
|
|
288
290
|
}
|
|
289
291
|
}
|
package/dist/esm/identity.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"identity.js","sourceRoot":"","sources":["../../src/identity.ts"],"names":[],"mappings":"AAAA,OAAO,
|
|
1
|
+
{"version":3,"file":"identity.js","sourceRoot":"","sources":["../../src/identity.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAgC,MAAM,MAAM,CAAC;AACjE,OAAO,EAAE,4BAA4B,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AACpG,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AACtD,OAAO,EACL,kBAAkB,EAClB,YAAY,EACZ,UAAU,EACV,UAAU,EACV,iBAAiB,EACjB,YAAY,EACZ,aAAa,EACb,qBAAqB,GAEtB,MAAM,aAAa,CAAC;AACrB,OAAO,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAW7D;;GAEG;AACH,SAAS,WAAW;IAClB,OAAO,IAAI,WAAW,CACpB,4BAA4B,EAC5B,eAAe,EACf,gBAAgB,CACjB,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,OAAO,QAAQ;IACX,KAAK,CAAc;IACnB,SAAS,CAAM;IACf,UAAU,CAAM;IAExB,YAAY,KAAkB,EAAE,SAAc,EAAE,UAAe;QAC7D,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAC3B,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;IAC/B,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,KAAK,CAAC,QAAQ;QACnB,MAAM,KAAK,GAAG,WAAW,EAAE,CAAC;QAC5B,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,MAAM,KAAK,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,cAAc;QAEnF,OAAO,IAAI,QAAQ,CAAC,KAAK,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC;IACpD,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAY;QAChC,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC9B,MAAM,KAAK,GAAG,WAAW,EAAE,CAAC;QAE5B,mCAAmC;QACnC,MAAM,SAAS,GAAG,MAAM,KAAK,CAAC,oBAAoB,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;QACnF,MAAM,UAAU,GAAG,MAAM,KAAK,CAAC,qBAAqB,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,IAAI,CAAC,CAAC;QAE5F,OAAO,IAAI,QAAQ,CAAC,KAAK,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC;IACpD,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM;QACV,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,kBAAkB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAC3E,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,mBAAmB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAE9E,OAAO,IAAI,CAAC,SAAS,CAAC;YACpB,SAAS,EAAE,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC;YACrC,UAAU,EAAE,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC;SACxC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,YAAY;QACV,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,eAAe;QACnB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,kBAAkB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QACrE,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC;IAC9B,CAAC;IAED;;OAEG;IACH,aAAa;QACX,OAAO,IAAI,CAAC,UAAU,CAAC;IACzB,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,aAAa;QACjB,MAAM,KAAK,GAAG,WAAW,CAAC,GAAG,CAAC;QAC9B,MAAM,KAAK,GAAG,WAAW,CAAC,GAAG,CAAC;QAC9B,MAAM,MAAM,GAAG,WAAW,CAAC,IAAI,CAAC;QAEhC,iCAAiC;QACjC,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,kBAAkB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAE3E,kEAAkE;QAClE,MAAM,KAAK,GAAG,CAAC,CAAC;QAChB,MAAM,aAAa,GAAG,cAAc,CAAC,MAAM,CAAC;QAC5C,MAAM,gBAAgB,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,mBAAmB;QAEnD,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,CAAC,GAAG,CAAC,GAAG,aAAa,GAAG,CAAC,GAAG,gBAAgB,CAAC,CAAC;QAC5E,IAAI,MAAM,GAAG,CAAC,CAAC;QAEf,SAAS;QACT,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,KAAK,CAAC;QAEzB,SAAS;QACT,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,KAAK,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC;QACvC,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,KAAK,GAAG,IAAI,CAAC;QAEhC,aAAa;QACb,MAAM,CAAC,GAAG,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC;QACnC,MAAM,IAAI,aAAa,CAAC;QAExB,iCAAiC;QACjC,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,gBAAgB,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC;QAClD,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,gBAAgB,GAAG,IAAI,CAAC;QAE3C,SAAS;QACT,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,KAAK,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC;QACvC,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,KAAK,GAAG,IAAI,CAAC;QAEhC,UAAU;QACV,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,MAAM,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC;QACxC,MAAM,CAAC,MAAM,EAAE,CAAC,GAAG,MAAM,GAAG,IAAI,CAAC;QAEjC,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,KAAK,CAAC,qBAAqB,CAAC,IAAgB;QACjD,IAAI,MAAM,GAAG,CAAC,CAAC;QAEf,cAAc;QACd,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;QAE7B,cAAc;QACd,MAAM,KAAK,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;QAErD,wCAAwC;QACxC,MAAM,aAAa,GAAG,EAAE,CAAC;QACzB,MAAM,cAAc,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,MAAM,GAAG,aAAa,CAAC,CAAC;QAClE,MAAM,IAAI,aAAa,CAAC;QAExB,4BAA4B;QAC5B,MAAM,kBAAkB,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;QAElE,yEAAyE;QACzE,MAAM,MAAM,GAAG,EAAE,CAAC;QAClB,MAAM,eAAe,GAAG,MAAM,GAAG,kBAAkB,CAAC;QACpD,OAAO,MAAM,GAAG,eAAe,EAAE,CAAC;YAChC,MAAM,KAAK,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;YACrD,MAAM,MAAM,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;YACtD,MAAM,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;QACjC,CAAC;QAED,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACxB,MAAM,IAAI,aAAa,CAAC,kCAAkC,CAAC,CAAC;QAC9D,CAAC;QAED,6BAA6B;QAC7B,MAAM,UAAU,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;QAE7B,6CAA6C;QAC7C,IAAI,UAAU,CAAC,KAAK,KAAK,WAAW,CAAC,GAAG,IAAI,UAAU,CAAC,MAAM,KAAK,WAAW,CAAC,IAAI,EAAE,CAAC;YACnF,MAAM,IAAI,aAAa,CACrB,mCAAmC,UAAU,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC,YAAY,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,CAC7G,CAAC;QACJ,CAAC;QAED,OAAO,QAAQ,CAAC,kBAAkB,CAAC,cAAc,CAAC,CAAC;IACrD,CAAC;IAED;;;;;;OAMG;IACH,MAAM,CAAC,KAAK,CAAC,gBAAgB,CAAC,YAAoB;QAChD,MAAM,cAAc,GAAG,UAAU,CAAC,YAAY,CAAC,CAAC;QAChD,IAAI,cAAc,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;YACjC,MAAM,IAAI,aAAa,CAAC,+CAA+C,cAAc,CAAC,MAAM,EAAE,CAAC,CAAC;QAClG,CAAC;QAED,OAAO,QAAQ,CAAC,kBAAkB,CAAC,cAAc,CAAC,CAAC;IACrD,CAAC;IAED;;;;;;;OAOG;IACK,MAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC,cAA0B;QAChE,MAAM,KAAK,GAAG,WAAW,EAAE,CAAC;QAC5B,MAAM,SAAS,GAAG,MAAM,KAAK,CAAC,oBAAoB,CAAC,cAAc,CAAC,CAAC;QACnE,MAAM,qBAAqB,GAAG,MAAM,KAAK,CAAC,qBAAqB,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;QAE3F,OAAO,IAAI,QAAQ,CAAC,KAAK,EAAE,SAAS,EAAE,qBAAqB,CAAC,CAAC;IAC/D,CAAC;IAED;;;;;;;;OAQG;IACH,KAAK,CAAC,yBAAyB,CAC7B,OAAgB;QAEhB,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,WAAW,EAAE,CAAC;QAEzC,sEAAsE;QACtE,+EAA+E;QAC/E,8EAA8E;QAC9E,sDAAsD;QACtD,IAAI,IAAI,CAAC,UAAU,KAAK,CAAC,EAAE,CAAC;YAC1B,OAAO;gBACL,OAAO,EAAE,IAAI,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE;oBAChC,MAAM,EAAE,OAAO,CAAC,MAAM;oBACtB,OAAO,EAAE,OAAO,CAAC,OAAO;oBACxB,IAAI,EAAE,IAAI;iBACX,CAAC;gBACF,OAAO,EAAE,IAAI;aACd,CAAC;QACJ,CAAC;QAED,iFAAiF;QACjF,MAAM,SAAS,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC;QAC9D,MAAM,EAAE,kBAAkB,EAAE,GAAG,EAAE,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,EAAE;YAC/E,IAAI,EAAE,SAAS;SAChB,CAAC,CAAC;QAEH,wCAAwC;QACxC,MAAM,OAAO,GAAmB;YAC9B,aAAa,EAAE,GAAG;YAClB,UAAU,EAAE,kBAAkB;SAC/B,CAAC;QAEF,6DAA6D;QAC7D,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAC7C,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,uBAAuB,EAAE,UAAU,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC;QAE9E,mBAAmB;QACnB,MAAM,SAAS,GAAG,MAAM,GAAG,CAAC,IAAI,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;QAEvD,+DAA+D;QAC/D,MAAM,WAAW,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC;QACtC,IAAI,QAAQ,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,SAAS,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC;QAE3E,MAAM,WAAW,GAAG,IAAI,UAAU,CAAC,CAAC,GAAG,SAAS,CAAC,UAAU,CAAC,CAAC;QAC7D,WAAW,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;QAChC,WAAW,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;QAE9B,OAAO;YACL,OAAO,EAAE,IAAI,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE;gBAChC,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,OAAO;gBACP,IAAI,EAAE,WAAW;gBACjB,MAAM,EAAE,MAAM;aACA,CAAC;YACjB,OAAO;SACR,CAAC;IACJ,CAAC;IAED;;;;;;;;OAQG;IACH,KAAK,CAAC,0BAA0B,CAC9B,QAAkB,EAClB,OAAuB;QAEvB,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnB,OAAO,QAAQ,CAAC;QAClB,CAAC;QAED,iCAAiC;QACjC,MAAM,gBAAgB,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,qBAAqB,CAAC,CAAC;QAC9E,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACtB,MAAM,IAAI,aAAa,CAAC,WAAW,QAAQ,CAAC,qBAAqB,SAAS,CAAC,CAAC;QAC9E,CAAC;QAED,MAAM,aAAa,GAAG,UAAU,CAAC,gBAAgB,CAAC,CAAC;QACnD,IAAI,aAAa,CAAC,MAAM,KAAK,qBAAqB,EAAE,CAAC;YACnD,MAAM,IAAI,aAAa,CACrB,2CAA2C,qBAAqB,SAAS,aAAa,CAAC,MAAM,EAAE,CAChG,CAAC;QACJ,CAAC;QAED,qCAAqC;QACrC,MAAM,gBAAgB,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QAChE,MAAM,cAAc,GAAG,MAAM,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,gBAAgB,EAAE,aAAa,CAAC,CAAC;QAE3F,uBAAuB;QACvB,MAAM,EAAE,GAAG,MAAM,kBAAkB,CAAC,cAAc,EAAE,OAAO,CAAC,UAAU,EAAE,aAAa,CAAC,CAAC;QAEvF,2BAA2B;QAC3B,MAAM,eAAe,GAAG,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;QAEpE,OAAO,IAAI,QAAQ,CAAC,eAAe,EAAE;YACnC,MAAM,EAAE,QAAQ,CAAC,MAAM;YACvB,UAAU,EAAE,QAAQ,CAAC,UAAU;YAC/B,OAAO,EAAE,QAAQ,CAAC,OAAO;SAC1B,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACK,mBAAmB,CACzB,IAAgC,EAChC,EAAuB;QAEvB,IAAI,MAAM,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC;QAC/B,IAAI,GAAG,GAAG,CAAC,CAAC;QACZ,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC;QAEhC,OAAO,IAAI,cAAc,CAAC;YACxB,KAAK,CAAC,IAAI,CAAC,UAAU;gBACnB,OAAO,IAAI,EAAE,CAAC;oBACZ,2CAA2C;oBAC3C,IAAI,MAAM,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;wBACvB,MAAM,WAAW,GACf,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;wBAEvE,IAAI,WAAW,KAAK,CAAC,EAAE,CAAC;4BACtB,mBAAmB;4BACnB,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;4BACzB,SAAS;wBACX,CAAC;wBAED,IAAI,MAAM,CAAC,MAAM,IAAI,CAAC,GAAG,WAAW,EAAE,CAAC;4BACrC,MAAM,UAAU,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,WAAW,CAAC,CAAC;4BACpD,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,GAAG,WAAW,CAAC,CAAC;4BAEvC,IAAI,CAAC;gCACH,MAAM,SAAS,GAAG,MAAM,YAAY,CAAC,EAAE,EAAE,GAAG,EAAE,EAAE,UAAU,CAAC,CAAC;gCAC5D,UAAU,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;gCAC9B,OAAO;4BACT,CAAC;4BAAC,OAAO,KAAK,EAAE,CAAC;gCACf,UAAU,CAAC,KAAK,CAAC,IAAI,eAAe,CAClC,8BAA8B,GAAG,GAAG,CAAC,EAAE,EACvC,EAAE,KAAK,EAAE,KAAK,EAAE,CACjB,CAAC,CAAC;gCACH,OAAO;4BACT,CAAC;wBACH,CAAC;oBACH,CAAC;oBAED,iBAAiB;oBACjB,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,MAAM,MAAM,CAAC,IAAI,EAAE,CAAC;oBAC5C,IAAI,IAAI,EAAE,CAAC;wBACT,UAAU,CAAC,KAAK,EAAE,CAAC;wBACnB,OAAO;oBACT,CAAC;oBAED,mBAAmB;oBACnB,MAAM,SAAS,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC;oBAC/D,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;oBACtB,SAAS,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;oBACpC,MAAM,GAAG,SAAS,CAAC;gBACrB,CAAC;YACH,CAAC;YACD,MAAM,CAAC,MAAM;gBACX,6DAA6D;gBAC7D,OAAO,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;YAC/B,CAAC;SACF,CAAC,CAAC;IACL,CAAC;CACF"}
|
package/dist/esm/index.d.ts
CHANGED
|
@@ -9,6 +9,7 @@ export { Identity } from './identity.js';
|
|
|
9
9
|
export type { RequestContext } from './identity.js';
|
|
10
10
|
export { Transport, createTransport } from './client.js';
|
|
11
11
|
export { PROTOCOL, HPKE_CONFIG } from './protocol.js';
|
|
12
|
+
export { EhbpError, KeyConfigMismatchError, ProtocolError, DecryptionError, } from './errors.js';
|
|
12
13
|
export { deriveResponseKeys, computeNonce, encryptChunk, decryptChunk, hexToBytes, bytesToHex, HPKE_REQUEST_INFO, EXPORT_LABEL, EXPORT_LENGTH, RESPONSE_NONCE_LENGTH, AES256_KEY_LENGTH, AES_GCM_NONCE_LENGTH, } from './derive.js';
|
|
13
14
|
export type { ResponseKeyMaterial } from './derive.js';
|
|
14
15
|
export type { CipherSuite, SenderContext, RecipientContext, Key } from 'hpke';
|
package/dist/esm/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AACzC,YAAY,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AACpD,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AACzD,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AACzC,YAAY,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AACpD,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AACzD,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AACtD,OAAO,EACL,SAAS,EACT,sBAAsB,EACtB,aAAa,EACb,eAAe,GAChB,MAAM,aAAa,CAAC;AAGrB,OAAO,EACL,kBAAkB,EAClB,YAAY,EACZ,YAAY,EACZ,YAAY,EACZ,UAAU,EACV,UAAU,EACV,iBAAiB,EACjB,YAAY,EACZ,aAAa,EACb,qBAAqB,EACrB,iBAAiB,EACjB,oBAAoB,GACrB,MAAM,aAAa,CAAC;AACrB,YAAY,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AAEvD,YAAY,EAAE,WAAW,EAAE,aAAa,EAAE,gBAAgB,EAAE,GAAG,EAAE,MAAM,MAAM,CAAC"}
|
package/dist/esm/index.js
CHANGED
|
@@ -8,6 +8,7 @@
|
|
|
8
8
|
export { Identity } from './identity.js';
|
|
9
9
|
export { Transport, createTransport } from './client.js';
|
|
10
10
|
export { PROTOCOL, HPKE_CONFIG } from './protocol.js';
|
|
11
|
+
export { EhbpError, KeyConfigMismatchError, ProtocolError, DecryptionError, } from './errors.js';
|
|
11
12
|
// Export key derivation utilities for advanced usage
|
|
12
13
|
export { deriveResponseKeys, computeNonce, encryptChunk, decryptChunk, hexToBytes, bytesToHex, HPKE_REQUEST_INFO, EXPORT_LABEL, EXPORT_LENGTH, RESPONSE_NONCE_LENGTH, AES256_KEY_LENGTH, AES_GCM_NONCE_LENGTH, } from './derive.js';
|
|
13
14
|
//# sourceMappingURL=index.js.map
|
package/dist/esm/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AAEzC,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AACzD,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AAEzC,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AACzD,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AACtD,OAAO,EACL,SAAS,EACT,sBAAsB,EACtB,aAAa,EACb,eAAe,GAChB,MAAM,aAAa,CAAC;AAErB,qDAAqD;AACrD,OAAO,EACL,kBAAkB,EAClB,YAAY,EACZ,YAAY,EACZ,YAAY,EACZ,UAAU,EACV,UAAU,EACV,iBAAiB,EACjB,YAAY,EACZ,aAAa,EACb,qBAAqB,EACrB,iBAAiB,EACjB,oBAAoB,GACrB,MAAM,aAAa,CAAC"}
|
package/dist/esm/protocol.d.ts
CHANGED
|
@@ -6,6 +6,8 @@ export declare const PROTOCOL: {
|
|
|
6
6
|
readonly RESPONSE_NONCE_HEADER: "Ehbp-Response-Nonce";
|
|
7
7
|
readonly KEYS_MEDIA_TYPE: "application/ohttp-keys";
|
|
8
8
|
readonly KEYS_PATH: "/.well-known/hpke-keys";
|
|
9
|
+
readonly PROBLEM_JSON_MEDIA_TYPE: "application/problem+json";
|
|
10
|
+
readonly KEY_CONFIG_PROBLEM_TYPE: "urn:ietf:params:ehbp:error:key-config";
|
|
9
11
|
};
|
|
10
12
|
/**
|
|
11
13
|
* HPKE suite configuration matching the Go implementation
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"protocol.d.ts","sourceRoot":"","sources":["../../src/protocol.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,eAAO,MAAM,QAAQ
|
|
1
|
+
{"version":3,"file":"protocol.d.ts","sourceRoot":"","sources":["../../src/protocol.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,eAAO,MAAM,QAAQ;;;;;;;CAOX,CAAC;AAEX;;GAEG;AACH,eAAO,MAAM,WAAW;;;;CAId,CAAC"}
|
package/dist/esm/protocol.js
CHANGED
|
@@ -6,6 +6,8 @@ export const PROTOCOL = {
|
|
|
6
6
|
RESPONSE_NONCE_HEADER: 'Ehbp-Response-Nonce',
|
|
7
7
|
KEYS_MEDIA_TYPE: 'application/ohttp-keys',
|
|
8
8
|
KEYS_PATH: '/.well-known/hpke-keys',
|
|
9
|
+
PROBLEM_JSON_MEDIA_TYPE: 'application/problem+json',
|
|
10
|
+
KEY_CONFIG_PROBLEM_TYPE: 'urn:ietf:params:ehbp:error:key-config',
|
|
9
11
|
};
|
|
10
12
|
/**
|
|
11
13
|
* HPKE suite configuration matching the Go implementation
|
package/dist/esm/protocol.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"protocol.js","sourceRoot":"","sources":["../../src/protocol.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,MAAM,CAAC,MAAM,QAAQ,GAAG;IACtB,uBAAuB,EAAE,uBAAuB;IAChD,qBAAqB,EAAE,qBAAqB;IAC5C,eAAe,EAAE,wBAAwB;IACzC,SAAS,EAAE,wBAAwB;
|
|
1
|
+
{"version":3,"file":"protocol.js","sourceRoot":"","sources":["../../src/protocol.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,MAAM,CAAC,MAAM,QAAQ,GAAG;IACtB,uBAAuB,EAAE,uBAAuB;IAChD,qBAAqB,EAAE,qBAAqB;IAC5C,eAAe,EAAE,wBAAwB;IACzC,SAAS,EAAE,wBAAwB;IACnC,uBAAuB,EAAE,0BAA0B;IACnD,uBAAuB,EAAE,uCAAuC;CACxD,CAAC;AAEX;;GAEG;AACH,MAAM,CAAC,MAAM,WAAW,GAAG;IACzB,GAAG,EAAE,MAAM,EAAE,qBAAqB;IAClC,GAAG,EAAE,MAAM,EAAE,cAAc;IAC3B,IAAI,EAAE,MAAM,CAAC,cAAc;CACnB,CAAC"}
|
|
@@ -1,7 +1,53 @@
|
|
|
1
1
|
import { describe, it, before } from 'node:test';
|
|
2
2
|
import assert from 'node:assert';
|
|
3
|
-
import { Identity, Transport, createTransport } from '../index.js';
|
|
3
|
+
import { Identity, Transport, createTransport, KeyConfigMismatchError } from '../index.js';
|
|
4
4
|
import { PROTOCOL } from '../protocol.js';
|
|
5
|
+
import { CipherSuite } from 'hpke';
|
|
6
|
+
import { KEM_DHKEM_X25519_HKDF_SHA256, KDF_HKDF_SHA256, AEAD_AES_256_GCM } from '@panva/hpke-noble';
|
|
7
|
+
import { bytesToHex, deriveResponseKeys, encryptChunk, hexToBytes, EXPORT_LABEL, EXPORT_LENGTH, HPKE_REQUEST_INFO, RESPONSE_NONCE_LENGTH, } from '../derive.js';
|
|
8
|
+
function encodeSingleChunk(payload) {
|
|
9
|
+
const chunkLength = new Uint8Array(4);
|
|
10
|
+
new DataView(chunkLength.buffer).setUint32(0, payload.byteLength, false);
|
|
11
|
+
const body = new Uint8Array(4 + payload.byteLength);
|
|
12
|
+
body.set(chunkLength, 0);
|
|
13
|
+
body.set(payload, 4);
|
|
14
|
+
return body;
|
|
15
|
+
}
|
|
16
|
+
function toArrayBuffer(bytes) {
|
|
17
|
+
const copy = new Uint8Array(bytes.byteLength);
|
|
18
|
+
copy.set(bytes);
|
|
19
|
+
return copy.buffer;
|
|
20
|
+
}
|
|
21
|
+
async function buildEncryptedResponse(request, serverIdentity) {
|
|
22
|
+
const requestEncHex = request.headers.get(PROTOCOL.ENCAPSULATED_KEY_HEADER);
|
|
23
|
+
assert(requestEncHex, `Missing ${PROTOCOL.ENCAPSULATED_KEY_HEADER} header`);
|
|
24
|
+
const requestEnc = hexToBytes(requestEncHex);
|
|
25
|
+
const encryptedRequestBody = new Uint8Array(await request.arrayBuffer());
|
|
26
|
+
assert(encryptedRequestBody.byteLength >= 4, 'Encrypted request body must include chunk length');
|
|
27
|
+
const chunkLength = new DataView(encryptedRequestBody.buffer, encryptedRequestBody.byteOffset, encryptedRequestBody.byteLength).getUint32(0, false);
|
|
28
|
+
assert.strictEqual(encryptedRequestBody.byteLength, 4 + chunkLength, 'Expected exactly one encrypted request chunk');
|
|
29
|
+
const ciphertext = encryptedRequestBody.slice(4);
|
|
30
|
+
const suite = new CipherSuite(KEM_DHKEM_X25519_HKDF_SHA256, KDF_HKDF_SHA256, AEAD_AES_256_GCM);
|
|
31
|
+
const infoBytes = new TextEncoder().encode(HPKE_REQUEST_INFO);
|
|
32
|
+
const recipientContext = await suite.SetupRecipient(serverIdentity.getPrivateKey(), requestEnc, {
|
|
33
|
+
info: infoBytes,
|
|
34
|
+
});
|
|
35
|
+
const decryptedRequest = await recipientContext.Open(ciphertext);
|
|
36
|
+
const decryptedText = new TextDecoder().decode(decryptedRequest);
|
|
37
|
+
const responseText = `processed:${decryptedText}`;
|
|
38
|
+
const responseNonce = new Uint8Array(RESPONSE_NONCE_LENGTH);
|
|
39
|
+
crypto.getRandomValues(responseNonce);
|
|
40
|
+
const exportLabelBytes = new TextEncoder().encode(EXPORT_LABEL);
|
|
41
|
+
const exportedSecret = await recipientContext.Export(exportLabelBytes, EXPORT_LENGTH);
|
|
42
|
+
const keyMaterial = await deriveResponseKeys(exportedSecret, requestEnc, responseNonce);
|
|
43
|
+
const responseCiphertext = await encryptChunk(keyMaterial, 0, new TextEncoder().encode(responseText));
|
|
44
|
+
return new Response(toArrayBuffer(encodeSingleChunk(responseCiphertext)), {
|
|
45
|
+
status: 200,
|
|
46
|
+
headers: {
|
|
47
|
+
[PROTOCOL.RESPONSE_NONCE_HEADER]: bytesToHex(responseNonce),
|
|
48
|
+
},
|
|
49
|
+
});
|
|
50
|
+
}
|
|
5
51
|
describe('Transport', () => {
|
|
6
52
|
let serverIdentity;
|
|
7
53
|
before(async () => {
|
|
@@ -66,5 +112,82 @@ describe('Transport', () => {
|
|
|
66
112
|
assert.strictEqual(responseText, `Hello, ${testName}`, 'Server should respond with Hello, {name}');
|
|
67
113
|
console.log(`✓ Integration test passed: ${responseText}`);
|
|
68
114
|
});
|
|
115
|
+
it('should throw KeyConfigMismatchError on 422 key mismatch response', async () => {
|
|
116
|
+
const serverURL = 'https://server.test';
|
|
117
|
+
const serverIdentity = await Identity.generate();
|
|
118
|
+
const config = await serverIdentity.marshalConfig();
|
|
119
|
+
const originalFetch = globalThis.fetch;
|
|
120
|
+
globalThis.fetch = (async (input) => {
|
|
121
|
+
const request = input instanceof Request ? input : new Request(input);
|
|
122
|
+
const requestURL = new URL(request.url);
|
|
123
|
+
if (requestURL.pathname === PROTOCOL.KEYS_PATH) {
|
|
124
|
+
return new Response(toArrayBuffer(config), {
|
|
125
|
+
status: 200,
|
|
126
|
+
headers: { 'content-type': PROTOCOL.KEYS_MEDIA_TYPE },
|
|
127
|
+
});
|
|
128
|
+
}
|
|
129
|
+
// Server returns 422 key-config mismatch
|
|
130
|
+
return new Response(JSON.stringify({
|
|
131
|
+
type: PROTOCOL.KEY_CONFIG_PROBLEM_TYPE,
|
|
132
|
+
title: 'key configuration mismatch',
|
|
133
|
+
}), {
|
|
134
|
+
status: 422,
|
|
135
|
+
headers: {
|
|
136
|
+
'content-type': `${PROTOCOL.PROBLEM_JSON_MEDIA_TYPE}; charset=utf-8`,
|
|
137
|
+
},
|
|
138
|
+
});
|
|
139
|
+
});
|
|
140
|
+
try {
|
|
141
|
+
const transport = await createTransport(serverURL);
|
|
142
|
+
await assert.rejects(() => transport.post(`${serverURL}/secure`, 'hello'), (err) => {
|
|
143
|
+
assert(err instanceof KeyConfigMismatchError, `Expected KeyConfigMismatchError, got ${err.constructor.name}`);
|
|
144
|
+
assert.strictEqual(err.title, 'key configuration mismatch');
|
|
145
|
+
return true;
|
|
146
|
+
});
|
|
147
|
+
}
|
|
148
|
+
finally {
|
|
149
|
+
globalThis.fetch = originalFetch;
|
|
150
|
+
}
|
|
151
|
+
});
|
|
152
|
+
it('should not throw KeyConfigMismatchError for 422 without problem+json', async () => {
|
|
153
|
+
const serverIdentity = await Identity.generate();
|
|
154
|
+
const transport = new Transport(serverIdentity, 'server.test');
|
|
155
|
+
const originalFetch = globalThis.fetch;
|
|
156
|
+
globalThis.fetch = (async () => {
|
|
157
|
+
// 422 without problem+json content type — not a key mismatch
|
|
158
|
+
return new Response('Unprocessable', {
|
|
159
|
+
status: 422,
|
|
160
|
+
headers: { 'content-type': 'text/plain' },
|
|
161
|
+
});
|
|
162
|
+
});
|
|
163
|
+
try {
|
|
164
|
+
// Should not throw KeyConfigMismatchError — but will throw ProtocolError
|
|
165
|
+
// because the response has no Ehbp-Response-Nonce header
|
|
166
|
+
await assert.rejects(() => transport.post('https://server.test/secure', 'hello'), (err) => {
|
|
167
|
+
assert(!(err instanceof KeyConfigMismatchError), 'Should not be KeyConfigMismatchError');
|
|
168
|
+
return true;
|
|
169
|
+
});
|
|
170
|
+
}
|
|
171
|
+
finally {
|
|
172
|
+
globalThis.fetch = originalFetch;
|
|
173
|
+
}
|
|
174
|
+
});
|
|
175
|
+
it('should encrypt, send, and decrypt a full round-trip', async () => {
|
|
176
|
+
const serverIdentity = await Identity.generate();
|
|
177
|
+
const transport = new Transport(serverIdentity, 'server.test');
|
|
178
|
+
const originalFetch = globalThis.fetch;
|
|
179
|
+
globalThis.fetch = (async (input) => {
|
|
180
|
+
const request = input instanceof Request ? input : new Request(input);
|
|
181
|
+
return buildEncryptedResponse(request, serverIdentity);
|
|
182
|
+
});
|
|
183
|
+
try {
|
|
184
|
+
const response = await transport.post('https://server.test/secure', 'hello');
|
|
185
|
+
const responseText = await response.text();
|
|
186
|
+
assert.strictEqual(responseText, 'processed:hello');
|
|
187
|
+
}
|
|
188
|
+
finally {
|
|
189
|
+
globalThis.fetch = originalFetch;
|
|
190
|
+
}
|
|
191
|
+
});
|
|
69
192
|
});
|
|
70
193
|
//# sourceMappingURL=client.test.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"client.test.js","sourceRoot":"","sources":["../../../src/test/client.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,WAAW,CAAC;AACjD,OAAO,MAAM,MAAM,aAAa,CAAC;AACjC,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"client.test.js","sourceRoot":"","sources":["../../../src/test/client.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,WAAW,CAAC;AACjD,OAAO,MAAM,MAAM,aAAa,CAAC;AACjC,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,eAAe,EAAE,sBAAsB,EAAE,MAAM,aAAa,CAAC;AAC3F,OAAO,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC;AAC1C,OAAO,EAAE,WAAW,EAAE,MAAM,MAAM,CAAC;AACnC,OAAO,EAAE,4BAA4B,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AACpG,OAAO,EACL,UAAU,EACV,kBAAkB,EAClB,YAAY,EACZ,UAAU,EACV,YAAY,EACZ,aAAa,EACb,iBAAiB,EACjB,qBAAqB,GACtB,MAAM,cAAc,CAAC;AAEtB,SAAS,iBAAiB,CAAC,OAAmB;IAC5C,MAAM,WAAW,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC;IACtC,IAAI,QAAQ,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,OAAO,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC;IAEzE,MAAM,IAAI,GAAG,IAAI,UAAU,CAAC,CAAC,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;IACpD,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;IACzB,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;IACrB,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,aAAa,CAAC,KAAkC;IACvD,MAAM,IAAI,GAAG,IAAI,UAAU,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;IAC9C,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IAChB,OAAO,IAAI,CAAC,MAAM,CAAC;AACrB,CAAC;AAED,KAAK,UAAU,sBAAsB,CAAC,OAAgB,EAAE,cAAwB;IAC9E,MAAM,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,uBAAuB,CAAC,CAAC;IAC5E,MAAM,CAAC,aAAa,EAAE,WAAW,QAAQ,CAAC,uBAAuB,SAAS,CAAC,CAAC;IAC5E,MAAM,UAAU,GAAG,UAAU,CAAC,aAAa,CAAC,CAAC;IAE7C,MAAM,oBAAoB,GAAG,IAAI,UAAU,CAAC,MAAM,OAAO,CAAC,WAAW,EAAE,CAAC,CAAC;IACzE,MAAM,CAAC,oBAAoB,CAAC,UAAU,IAAI,CAAC,EAAE,kDAAkD,CAAC,CAAC;IAEjG,MAAM,WAAW,GAAG,IAAI,QAAQ,CAC9B,oBAAoB,CAAC,MAAM,EAC3B,oBAAoB,CAAC,UAAU,EAC/B,oBAAoB,CAAC,UAAU,CAChC,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;IACtB,MAAM,CAAC,WAAW,CAChB,oBAAoB,CAAC,UAAU,EAC/B,CAAC,GAAG,WAAW,EACf,8CAA8C,CAC/C,CAAC;IACF,MAAM,UAAU,GAAG,oBAAoB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAEjD,MAAM,KAAK,GAAG,IAAI,WAAW,CAC3B,4BAA4B,EAC5B,eAAe,EACf,gBAAgB,CACjB,CAAC;IACF,MAAM,SAAS,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC;IAC9D,MAAM,gBAAgB,GAAG,MAAM,KAAK,CAAC,cAAc,CAAC,cAAc,CAAC,aAAa,EAAE,EAAE,UAAU,EAAE;QAC9F,IAAI,EAAE,SAAS;KAChB,CAAC,CAAC;IAEH,MAAM,gBAAgB,GAAG,MAAM,gBAAgB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACjE,MAAM,aAAa,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC;IACjE,MAAM,YAAY,GAAG,aAAa,aAAa,EAAE,CAAC;IAElD,MAAM,aAAa,GAAG,IAAI,UAAU,CAAC,qBAAqB,CAAC,CAAC;IAC5D,MAAM,CAAC,eAAe,CAAC,aAAa,CAAC,CAAC;IAEtC,MAAM,gBAAgB,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IAChE,MAAM,cAAc,GAAG,MAAM,gBAAgB,CAAC,MAAM,CAAC,gBAAgB,EAAE,aAAa,CAAC,CAAC;IACtF,MAAM,WAAW,GAAG,MAAM,kBAAkB,CAAC,cAAc,EAAE,UAAU,EAAE,aAAa,CAAC,CAAC;IAExF,MAAM,kBAAkB,GAAG,MAAM,YAAY,CAC3C,WAAW,EACX,CAAC,EACD,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,CACvC,CAAC;IAEF,OAAO,IAAI,QAAQ,CAAC,aAAa,CAAC,iBAAiB,CAAC,kBAAkB,CAAC,CAAC,EAAE;QACxE,MAAM,EAAE,GAAG;QACX,OAAO,EAAE;YACP,CAAC,QAAQ,CAAC,qBAAqB,CAAC,EAAE,UAAU,CAAC,aAAa,CAAC;SAC5D;KACF,CAAC,CAAC;AACL,CAAC;AAED,QAAQ,CAAC,WAAW,EAAE,GAAG,EAAE;IACzB,IAAI,cAAwB,CAAC;IAE7B,MAAM,CAAC,KAAK,IAAI,EAAE;QAChB,cAAc,GAAG,MAAM,QAAQ,CAAC,QAAQ,EAAE,CAAC;IAC7C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,gDAAgD,EAAE,GAAG,EAAE;QACxD,MAAM,SAAS,GAAG,IAAI,SAAS,CAC7B,cAAc,EACd,gBAAgB,CACjB,CAAC;QAEF,MAAM,CAAC,SAAS,YAAY,SAAS,EAAE,kCAAkC,CAAC,CAAC;IAC7E,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,oCAAoC,EAAE,KAAK,IAAI,EAAE;QAClD,MAAM,YAAY,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;QAC/D,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,4BAA4B,EAAE;YACxD,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,YAAY;SACnB,CAAC,CAAC;QAEH,MAAM,EAAE,OAAO,EAAE,gBAAgB,EAAE,OAAO,EAAE,GAAG,MAAM,cAAc,CAAC,yBAAyB,CAAC,OAAO,CAAC,CAAC;QAEvG,MAAM,CAAC,gBAAgB,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,uBAAuB,CAAC,EAAE,uCAAuC,CAAC,CAAC;QAEhH,0DAA0D;QAC1D,MAAM,CAAC,OAAO,EAAE,4BAA4B,CAAC,CAAC;QAC9C,MAAM,CAAC,OAAO,CAAC,aAAa,EAAE,oCAAoC,CAAC,CAAC;QACpE,MAAM,CAAC,OAAO,CAAC,UAAU,EAAE,iCAAiC,CAAC,CAAC;QAE9D,yDAAyD;QACzD,MAAM,aAAa,GAAG,MAAM,gBAAgB,CAAC,WAAW,EAAE,CAAC;QAC3D,MAAM,CAAC,aAAa,CAAC,UAAU,GAAG,CAAC,EAAE,oCAAoC,CAAC,CAAC;QAC3E,MAAM,CAAC,aAAa,CAAC,UAAU,KAAK,YAAY,CAAC,MAAM,EAAE,6CAA6C,CAAC,CAAC;IAC1G,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,oCAAoC,EAAE,KAAK,IAAI,EAAE;QAClD,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,4BAA4B,EAAE;YACxD,MAAM,EAAE,KAAK;SACd,CAAC,CAAC;QAEH,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,OAAO,EAAE,GAAG,MAAM,cAAc,CAAC,yBAAyB,CAAC,OAAO,CAAC,CAAC;QAEpG,kEAAkE;QAClE,0BAA0B;QAC1B,MAAM,CAAC,WAAW,CAChB,aAAa,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,uBAAuB,CAAC,EAC3D,IAAI,EACJ,iEAAiE,CAClE,CAAC;QAEF,uFAAuF;QACvF,MAAM,CAAC,WAAW,CAAC,OAAO,EAAE,IAAI,EAAE,8CAA8C,CAAC,CAAC;IACpF,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,8DAA8D,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC7E,MAAM,SAAS,GAAG,uBAAuB,CAAC;QAE1C,IAAI,CAAC;YACH,MAAM,YAAY,GAAG,MAAM,KAAK,CAAC,GAAG,SAAS,GAAG,QAAQ,CAAC,SAAS,EAAE,CAAC,CAAC;YACtE,IAAI,CAAC,YAAY,CAAC,EAAE,EAAE,CAAC;gBACrB,CAAC,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC;gBAC/C,OAAO;YACT,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,CAAC,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC;YAC/C,OAAO;QACT,CAAC;QAED,MAAM,SAAS,GAAG,MAAM,eAAe,CAAC,SAAS,CAAC,CAAC;QAEnD,MAAM,QAAQ,GAAG,uBAAuB,CAAC;QAEzC,MAAM,eAAe,GAAG,MAAM,SAAS,CAAC,qBAAqB,EAAE,CAAC;QAChE,MAAM,CAAC,WAAW,CAAC,eAAe,CAAC,MAAM,EAAE,EAAE,EAAE,qDAAqD,CAAC,CAAC;QAEtG,+CAA+C;QAC/C,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,GAAG,SAAS,SAAS,EAAE,QAAQ,EAAE;YACrE,OAAO,EAAE,EAAE,cAAc,EAAE,YAAY,EAAE;SAC1C,CAAC,CAAC;QAEH,kBAAkB;QAClB,MAAM,CAAC,QAAQ,CAAC,EAAE,EAAE,sCAAsC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;QAE7E,MAAM,YAAY,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAC3C,MAAM,CAAC,WAAW,CAAC,YAAY,EAAE,UAAU,QAAQ,EAAE,EAAE,0CAA0C,CAAC,CAAC;QAEnG,OAAO,CAAC,GAAG,CAAC,8BAA8B,YAAY,EAAE,CAAC,CAAC;IAC5D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kEAAkE,EAAE,KAAK,IAAI,EAAE;QAChF,MAAM,SAAS,GAAG,qBAAqB,CAAC;QACxC,MAAM,cAAc,GAAG,MAAM,QAAQ,CAAC,QAAQ,EAAE,CAAC;QACjD,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,aAAa,EAAE,CAAC;QAEpD,MAAM,aAAa,GAAG,UAAU,CAAC,KAAK,CAAC;QAEvC,UAAU,CAAC,KAAK,GAAG,CAAC,KAAK,EAAE,KAAwB,EAAqB,EAAE;YACxE,MAAM,OAAO,GAAG,KAAK,YAAY,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC,KAAK,CAAC,CAAC;YACtE,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YAExC,IAAI,UAAU,CAAC,QAAQ,KAAK,QAAQ,CAAC,SAAS,EAAE,CAAC;gBAC/C,OAAO,IAAI,QAAQ,CAAC,aAAa,CAAC,MAAM,CAAC,EAAE;oBACzC,MAAM,EAAE,GAAG;oBACX,OAAO,EAAE,EAAE,cAAc,EAAE,QAAQ,CAAC,eAAe,EAAE;iBACtD,CAAC,CAAC;YACL,CAAC;YAED,yCAAyC;YACzC,OAAO,IAAI,QAAQ,CACjB,IAAI,CAAC,SAAS,CAAC;gBACb,IAAI,EAAE,QAAQ,CAAC,uBAAuB;gBACtC,KAAK,EAAE,4BAA4B;aACpC,CAAC,EACF;gBACE,MAAM,EAAE,GAAG;gBACX,OAAO,EAAE;oBACP,cAAc,EAAE,GAAG,QAAQ,CAAC,uBAAuB,iBAAiB;iBACrE;aACF,CACF,CAAC;QACJ,CAAC,CAAiB,CAAC;QAEnB,IAAI,CAAC;YACH,MAAM,SAAS,GAAG,MAAM,eAAe,CAAC,SAAS,CAAC,CAAC;YACnD,MAAM,MAAM,CAAC,OAAO,CAClB,GAAG,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,SAAS,SAAS,EAAE,OAAO,CAAC,EACpD,CAAC,GAAY,EAAE,EAAE;gBACf,MAAM,CAAC,GAAG,YAAY,sBAAsB,EAAE,wCAAyC,GAAa,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC,CAAC;gBACzH,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,KAAK,EAAE,4BAA4B,CAAC,CAAC;gBAC5D,OAAO,IAAI,CAAC;YACd,CAAC,CACF,CAAC;QACJ,CAAC;gBAAS,CAAC;YACT,UAAU,CAAC,KAAK,GAAG,aAAa,CAAC;QACnC,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sEAAsE,EAAE,KAAK,IAAI,EAAE;QACpF,MAAM,cAAc,GAAG,MAAM,QAAQ,CAAC,QAAQ,EAAE,CAAC;QACjD,MAAM,SAAS,GAAG,IAAI,SAAS,CAAC,cAAc,EAAE,aAAa,CAAC,CAAC;QAE/D,MAAM,aAAa,GAAG,UAAU,CAAC,KAAK,CAAC;QAEvC,UAAU,CAAC,KAAK,GAAG,CAAC,KAAK,IAAuB,EAAE;YAChD,6DAA6D;YAC7D,OAAO,IAAI,QAAQ,CAAC,eAAe,EAAE;gBACnC,MAAM,EAAE,GAAG;gBACX,OAAO,EAAE,EAAE,cAAc,EAAE,YAAY,EAAE;aAC1C,CAAC,CAAC;QACL,CAAC,CAAiB,CAAC;QAEnB,IAAI,CAAC;YACH,yEAAyE;YACzE,yDAAyD;YACzD,MAAM,MAAM,CAAC,OAAO,CAClB,GAAG,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,4BAA4B,EAAE,OAAO,CAAC,EAC3D,CAAC,GAAY,EAAE,EAAE;gBACf,MAAM,CAAC,CAAC,CAAC,GAAG,YAAY,sBAAsB,CAAC,EAAE,sCAAsC,CAAC,CAAC;gBACzF,OAAO,IAAI,CAAC;YACd,CAAC,CACF,CAAC;QACJ,CAAC;gBAAS,CAAC;YACT,UAAU,CAAC,KAAK,GAAG,aAAa,CAAC;QACnC,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,qDAAqD,EAAE,KAAK,IAAI,EAAE;QACnE,MAAM,cAAc,GAAG,MAAM,QAAQ,CAAC,QAAQ,EAAE,CAAC;QACjD,MAAM,SAAS,GAAG,IAAI,SAAS,CAAC,cAAc,EAAE,aAAa,CAAC,CAAC;QAE/D,MAAM,aAAa,GAAG,UAAU,CAAC,KAAK,CAAC;QAEvC,UAAU,CAAC,KAAK,GAAG,CAAC,KAAK,EAAE,KAAwB,EAAqB,EAAE;YACxE,MAAM,OAAO,GAAG,KAAK,YAAY,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC,KAAK,CAAC,CAAC;YACtE,OAAO,sBAAsB,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;QACzD,CAAC,CAAiB,CAAC;QAEnB,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,4BAA4B,EAAE,OAAO,CAAC,CAAC;YAC7E,MAAM,YAAY,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YAC3C,MAAM,CAAC,WAAW,CAAC,YAAY,EAAE,iBAAiB,CAAC,CAAC;QACtD,CAAC;gBAAS,CAAC;YACT,UAAU,CAAC,KAAK,GAAG,aAAa,CAAC;QACnC,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
@@ -4,8 +4,8 @@ import { Identity } from '../identity.js';
|
|
|
4
4
|
describe('Identity', () => {
|
|
5
5
|
it('should generate a new identity', async () => {
|
|
6
6
|
const identity = await Identity.generate();
|
|
7
|
-
assert(identity.getPublicKey()
|
|
8
|
-
assert(identity.getPrivateKey()
|
|
7
|
+
assert(identity.getPublicKey().type === 'public', 'Public key should have type "public"');
|
|
8
|
+
assert(identity.getPrivateKey().type === 'private', 'Private key should have type "private"');
|
|
9
9
|
const publicKeyHex = await identity.getPublicKeyHex();
|
|
10
10
|
assert(publicKeyHex.length > 0, 'Public key hex should not be empty');
|
|
11
11
|
});
|
|
@@ -16,8 +16,8 @@ describe('Identity', () => {
|
|
|
16
16
|
const originalHex = await original.getPublicKeyHex();
|
|
17
17
|
const restoredHex = await restored.getPublicKeyHex();
|
|
18
18
|
assert(originalHex === restoredHex, 'Public keys should match');
|
|
19
|
-
assert(original.getPrivateKey()
|
|
20
|
-
assert(restored.getPrivateKey()
|
|
19
|
+
assert(original.getPrivateKey().type === 'private', 'Private key should have type "private"');
|
|
20
|
+
assert(restored.getPrivateKey().type === 'private', 'Private key should have type "private"');
|
|
21
21
|
});
|
|
22
22
|
it('should marshal configuration', async () => {
|
|
23
23
|
const identity = await Identity.generate();
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"identity.test.js","sourceRoot":"","sources":["../../../src/test/identity.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,WAAW,CAAC;AACzC,OAAO,MAAM,MAAM,aAAa,CAAC;AACjC,OAAO,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC;AAE1C,QAAQ,CAAC,UAAU,EAAE,GAAG,EAAE;IACxB,EAAE,CAAC,gCAAgC,EAAE,KAAK,IAAI,EAAE;QAC9C,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,QAAQ,EAAE,CAAC;QAE3C,MAAM,CAAC,QAAQ,CAAC,YAAY,EAAE,
|
|
1
|
+
{"version":3,"file":"identity.test.js","sourceRoot":"","sources":["../../../src/test/identity.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,WAAW,CAAC;AACzC,OAAO,MAAM,MAAM,aAAa,CAAC;AACjC,OAAO,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC;AAE1C,QAAQ,CAAC,UAAU,EAAE,GAAG,EAAE;IACxB,EAAE,CAAC,gCAAgC,EAAE,KAAK,IAAI,EAAE;QAC9C,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,QAAQ,EAAE,CAAC;QAE3C,MAAM,CAAC,QAAQ,CAAC,YAAY,EAAE,CAAC,IAAI,KAAK,QAAQ,EAAE,sCAAsC,CAAC,CAAC;QAC1F,MAAM,CAAC,QAAQ,CAAC,aAAa,EAAE,CAAC,IAAI,KAAK,SAAS,EAAE,wCAAwC,CAAC,CAAC;QAC9F,MAAM,YAAY,GAAG,MAAM,QAAQ,CAAC,eAAe,EAAE,CAAC;QACtD,MAAM,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,oCAAoC,CAAC,CAAC;IACxE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2CAA2C,EAAE,KAAK,IAAI,EAAE;QACzD,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,QAAQ,EAAE,CAAC;QAC3C,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,MAAM,EAAE,CAAC;QACrC,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAE/C,MAAM,WAAW,GAAG,MAAM,QAAQ,CAAC,eAAe,EAAE,CAAC;QACrD,MAAM,WAAW,GAAG,MAAM,QAAQ,CAAC,eAAe,EAAE,CAAC;QACrD,MAAM,CAAC,WAAW,KAAK,WAAW,EAAE,0BAA0B,CAAC,CAAC;QAChE,MAAM,CAAC,QAAQ,CAAC,aAAa,EAAE,CAAC,IAAI,KAAK,SAAS,EAAE,wCAAwC,CAAC,CAAC;QAC9F,MAAM,CAAC,QAAQ,CAAC,aAAa,EAAE,CAAC,IAAI,KAAK,SAAS,EAAE,wCAAwC,CAAC,CAAC;IAChG,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,8BAA8B,EAAE,KAAK,IAAI,EAAE;QAC5C,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,QAAQ,EAAE,CAAC;QAC3C,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,aAAa,EAAE,CAAC;QAE9C,MAAM,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,4BAA4B,CAAC,CAAC;QACxD,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,EAAE,oBAAoB,CAAC,CAAC;QAC9C,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE,iCAAiC,CAAC,CAAC;QAC9D,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE,gCAAgC,CAAC,CAAC;IAC/D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,uCAAuC,EAAE,KAAK,IAAI,EAAE;QACrD,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,QAAQ,EAAE,CAAC;QAC3C,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,aAAa,EAAE,CAAC;QAC9C,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,qBAAqB,CAAC,MAAM,CAAC,CAAC;QAE9D,MAAM,WAAW,GAAG,MAAM,QAAQ,CAAC,eAAe,EAAE,CAAC;QACrD,MAAM,WAAW,GAAG,MAAM,QAAQ,CAAC,eAAe,EAAE,CAAC;QACrD,MAAM,CAAC,WAAW,KAAK,WAAW,EAAE,0BAA0B,CAAC,CAAC;IAClE,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
@@ -8,7 +8,8 @@
|
|
|
8
8
|
*/
|
|
9
9
|
import { describe, it } from 'node:test';
|
|
10
10
|
import assert from 'node:assert';
|
|
11
|
-
import { CipherSuite
|
|
11
|
+
import { CipherSuite } from 'hpke';
|
|
12
|
+
import { KEM_DHKEM_X25519_HKDF_SHA256, KDF_HKDF_SHA256, AEAD_AES_256_GCM } from '@panva/hpke-noble';
|
|
12
13
|
import { deriveResponseKeys, encryptChunk, decryptChunk, HPKE_REQUEST_INFO, EXPORT_LABEL, EXPORT_LENGTH, } from '../derive.js';
|
|
13
14
|
describe('Security Tests', () => {
|
|
14
15
|
const suite = new CipherSuite(KEM_DHKEM_X25519_HKDF_SHA256, KDF_HKDF_SHA256, AEAD_AES_256_GCM);
|