ksef-client-ts 0.7.2-alpha.0 → 0.8.0-alpha.0

package/dist/cli.js

@@ -2453,20 +2453,13 @@ var init_cryptography_service = __esm({
        * Generate a random AES-256 key and IV, then wrap the key with the
        * SymmetricKeyEncryption certificate's RSA public key (RSA-OAEP SHA-256).
        */
-      getEncryptionData() {
+      async getEncryptionData() {
         const key = crypto.randomBytes(32);
         const iv = crypto.randomBytes(16);
         const certPem = this.fetcher.getSymmetricKeyEncryptionPem();
-        const encryptedKey = crypto.publicEncrypt(
-          {
-            key: this.extractSpkiPem(certPem),
-            oaepHash: "sha256",
-            padding: crypto.constants.RSA_PKCS1_OAEP_PADDING
-          },
-          key
-        );
+        const encryptedKey = await this.rsaOaepEncrypt(certPem, new Uint8Array(key));
         const encryptionInfo = {
-          encryptedSymmetricKey: encryptedKey.toString("base64"),
+          encryptedSymmetricKey: Buffer.from(encryptedKey).toString("base64"),
           initializationVector: iv.toString("base64")
         };
         return {
@@ -2491,14 +2484,14 @@ var init_cryptography_service = __esm({
        * The EC variant outputs bytes in the Java-compatible format:
        * `[ephemeralSPKI | nonce(12) | ciphertext+tag]`.
        */
-      encryptKsefToken(token, challengeTimestamp) {
+      async encryptKsefToken(token, challengeTimestamp) {
         const timestampMs = new Date(challengeTimestamp).getTime();
         const plaintext = Buffer.from(`${token}|${timestampMs}`, "utf-8");
         const certPem = this.fetcher.getKsefTokenEncryptionPem();
         const cert = new crypto.X509Certificate(certPem);
         const publicKey = cert.publicKey;
         if (publicKey.asymmetricKeyType === "rsa") {
-          return this.encryptRsaOaep(certPem, plaintext);
+          return this.rsaOaepEncrypt(certPem, plaintext);
         }
         if (publicKey.asymmetricKeyType === "ec") {
           return this.encryptEcdhAesGcm(publicKey, plaintext);
@@ -2590,27 +2583,39 @@ var init_cryptography_service = __esm({
       // Private helpers
       // ---------------------------------------------------------------------------
       /**
-       * Extract a public-key SPKI PEM (`-----BEGIN PUBLIC KEY-----`) from a full
-       * CERTIFICATE PEM. Node's `publicEncrypt` accepts either form, but Deno's
-       * Node compatibility layer only accepts SPKI PEM, so we normalize upfront
-       * to keep the library portable across runtimes.
+       * Extract the public-key SPKI DER bytes from a CERTIFICATE PEM. Web Crypto's
+       * `importKey('spki', ...)` consumes raw DER; we parse the cert via native
+       * `X509Certificate` (available on Node and Deno) and export the key directly.
        */
-      extractSpkiPem(certPem) {
+      spkiDerFromCert(certPem) {
         const publicKey = new crypto.X509Certificate(certPem).publicKey;
-        return publicKey.export({ type: "spki", format: "pem" });
+        return new Uint8Array(publicKey.export({ type: "spki", format: "der" }));
       }
-      /** RSA-OAEP SHA-256 encryption. */
-      encryptRsaOaep(certPem, plaintext) {
-        return new Uint8Array(
-          crypto.publicEncrypt(
-            {
-              key: this.extractSpkiPem(certPem),
-              oaepHash: "sha256",
-              padding: crypto.constants.RSA_PKCS1_OAEP_PADDING
-            },
-            plaintext
-          )
+      /**
+       * RSA-OAEP SHA-256 encryption via Web Crypto.
+       *
+       * Uses `crypto.webcrypto.subtle` instead of `node:crypto.publicEncrypt`
+       * because Deno's Node-compat layer silently ignores the `oaepHash` option
+       * and defaults MGF1+OAEP to SHA-1, producing ciphertext KSeF rejects as
+       * "Invalid token encryption". Web Crypto requires the hash up-front in
+       * `importKey` as part of the key's algorithm identity, so there is no room
+       * for a runtime to swap it — output is identical OAEP-SHA256 on every
+       * Web Crypto implementation (Node 18+, Deno, Bun, browsers, edge runtimes).
+       */
+      async rsaOaepEncrypt(certPem, plaintext) {
+        const key = await crypto.webcrypto.subtle.importKey(
+          "spki",
+          this.spkiDerFromCert(certPem),
+          { name: "RSA-OAEP", hash: "SHA-256" },
+          false,
+          ["encrypt"]
+        );
+        const ciphertext = await crypto.webcrypto.subtle.encrypt(
+          { name: "RSA-OAEP" },
+          key,
+          plaintext
         );
+        return new Uint8Array(ciphertext);
       }
       /**
        * ECDH (P-256) + AES-256-GCM encryption.
@@ -3061,7 +3066,7 @@ var init_offline_invoice_workflow = __esm({
         }
         if (pending.length === 0) return result;
         await client.crypto.init();
-        const encData = client.crypto.getEncryptionData();
+        const encData = await client.crypto.getEncryptionData();
         const formCode = options.formCode ?? DEFAULT_FORM_CODE;
         const openResp = await client.onlineSession.openSession(
           { formCode, encryption: encData.encryptionInfo }
@@ -3150,7 +3155,7 @@ var init_offline_invoice_workflow = __esm({
         }
         const originalHash = crypto3.createHash("sha256").update(original.invoiceXml).digest("base64");
         await client.crypto.init();
-        const encData = client.crypto.getEncryptionData();
+        const encData = await client.crypto.getEncryptionData();
         const formCode = options.formCode ?? DEFAULT_FORM_CODE;
         const openResp = await client.onlineSession.openSession(
           { formCode, encryption: encData.encryptionInfo }
@@ -3700,7 +3705,7 @@ var init_client = __esm({
       async loginWithToken(token, nip) {
         const challenge2 = await this.auth.getChallenge();
         await this.crypto.init();
-        const encryptedToken = this.crypto.encryptKsefToken(token, challenge2.timestamp);
+        const encryptedToken = await this.crypto.encryptKsefToken(token, challenge2.timestamp);
         const submitResult = await this.auth.submitKsefTokenAuthRequest({
           challenge: challenge2.challenge,
           contextIdentifier: { type: "Nip", value: nip },
@@ -6689,7 +6694,7 @@ async function uploadBatch(client, zipData, options) {
       }
     }
   }
-  const encData = client.crypto.getEncryptionData();
+  const encData = await client.crypto.getEncryptionData();
   const formCode = options?.formCode ?? DEFAULT_FORM_CODE;
   const encryptFn = (part) => client.crypto.encryptAES256(part, encData.cipherKey, encData.cipherIv);
   const { batchFile, encryptedParts } = BatchFileBuilder.build(zipData, encryptFn, {
@@ -6737,7 +6742,7 @@ async function uploadBatchStream(client, zipStreamFactory, zipSize, options) {
     throw new Error("parallelism must be a positive integer");
   }
   await client.crypto.init();
-  const encData = client.crypto.getEncryptionData();
+  const encData = await client.crypto.getEncryptionData();
   const formCode = options?.formCode ?? DEFAULT_FORM_CODE;
   const encryptStreamFn = (stream) => client.crypto.encryptAES256Stream(stream, encData.cipherKey, encData.cipherIv);
   const hashStreamFn = (stream) => client.crypto.getFileMetadataFromStream(stream);
@@ -7206,7 +7211,7 @@ init_auth_xml_builder();
 async function authenticateWithToken(client, options) {
   const challenge2 = await client.auth.getChallenge();
   await client.crypto.init();
-  const encryptedToken = client.crypto.encryptKsefToken(options.token, challenge2.timestamp);
+  const encryptedToken = await client.crypto.encryptKsefToken(options.token, challenge2.timestamp);
   const submitResult = await client.auth.submitKsefTokenAuthRequest({
     challenge: challenge2.challenge,
     contextIdentifier: { type: "Nip", value: options.nip },
@@ -7790,7 +7795,7 @@ var open = defineCommand3({
         throw new Error("NIP is required. Provide --nip or set it via `ksef config set --nip <nip>`.");
       }
       await client.crypto.init();
-      const encryptionData = client.crypto.getEncryptionData();
+      const encryptionData = await client.crypto.getEncryptionData();
       const formCodeKey = args.formCode;
       let formCode = DEFAULT_FORM_CODE;
       if (formCodeKey) {
@@ -8261,7 +8266,7 @@ function verifyHash(data, expectedHash) {
 // src/workflows/invoice-export-workflow.ts
 async function doExport(client, filters, options) {
   await client.crypto.init();
-  const encData = client.crypto.getEncryptionData();
+  const encData = await client.crypto.getEncryptionData();
   const opResp = await client.invoices.exportInvoices({
     encryption: encData.encryptionInfo,
     filters,
@@ -9257,7 +9262,7 @@ var send = defineCommand6({
         }
         if (!args.json) consola11.start(`Sending ${xmlFiles.length} invoices via batch session...`);
         await client.crypto.init();
-        const encryptionData = client.crypto.getEncryptionData();
+        const encryptionData = await client.crypto.getEncryptionData();
         const parts = fileBuffers.map(({ content }, i) => {
           const metadata = client.crypto.getFileMetadata(new Uint8Array(content));
           return {
@@ -9434,7 +9439,7 @@ var exportCmd = defineCommand6({
       const { client } = await requireSession(globalOpts);
       if (!args.json) consola11.start("Starting invoice export...");
       await client.crypto.init();
-      const encryptionData = client.crypto.getEncryptionData();
+      const encryptionData = await client.crypto.getEncryptionData();
       const filters = buildQueryFilters(args);
       const result = await client.invoices.exportInvoices(
         { encryption: encryptionData.encryptionInfo, filters, onlyMetadata: args.onlyMetadata }