Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
epolite - npm Package Compare versions
Comparing version 0.0.4 to 0.0.5
@@ -12,6 +12,7 @@ { | ||
| "dependencies": { | ||
| "@dashlane/pqc-sign-falcon-512-browser": "^1.0.0", | ||
| "@dashlane/pqc-sign-falcon-512-node": "^1.0.0", | ||
| "@noble/post-quantum": "^0.2.0" | ||
| }, | ||
| "version": "0.0.4", | ||
| "version": "0.0.5", | ||
| "description": "A public-private key library for post-quantum cryptography (early stage, use with caution)", | ||
@@ -18,0 +19,0 @@ "bugs": { |
@@ -12,3 +12,3 @@ # EPOLITE Privacy Guard | ||
| Kyber 1024 *was* used; however, it was changed to 512 do to the unreasonable size of messages, upwards of 200 KB for a single byte message, scaling at O(n). | ||
| Kyber 1024 *was* used; however, it was changed to 512 due to the unreasonable size of messages, upwards of 200 KB for a single byte message, scaling at O(n). | ||
@@ -20,3 +20,3 @@ In the future, this may be updated to include other PQ encryption standards; however, these are the ones I chose for now. | ||
| 2. The returned encrypted messages are **_MASSIVE_**. You can expect a 4 KB encrypted message from a 10 byte input, and at least 5x when the input is signed. | ||
| 3. I cannot guarantee any encryption libraries used in this library to be vulnerability or exploit free. While they are approved by the NIST, I personally do not fully endorse them due to how new these standards are. | ||
| 3. I cannot guarantee any encryption standards used in this library to be vulnerability or exploit free. While they are approved by the NIST, I personally do not fully endorse them due to how new these standards are. | ||
| 4. This library uses crypto subtle, and was designed specifically for browser use. | ||
@@ -90,2 +90,2 @@ | ||
| ## Contributing | ||
| Since this is for my own project, I likely not be merging or reviewing pull requests. | ||
| Since this is for my own project, I probably will not merge or review pull requests. |
@@ -6,4 +6,24 @@ /* | ||
| import { ml_kem512 } from '@noble/post-quantum/ml-kem'; | ||
| import signBuilder from '@dashlane/pqc-sign-falcon-512-node'; | ||
| interface SIGN { | ||
| publicKeyBytes: Promise<number>; | ||
| privateKeyBytes: Promise<number>; | ||
| signatureBytes: Promise<number>; | ||
| keypair: () => Promise<{ | ||
| publicKey: Uint8Array; | ||
| privateKey: Uint8Array; | ||
| }>; | ||
| sign: (message: Uint8Array, privateKey: Uint8Array) => Promise<{ | ||
| signature: Uint8Array; | ||
| }>; | ||
| verify: (signature: Uint8Array, message: Uint8Array, publicKey: Uint8Array) => Promise<boolean>; | ||
| } | ||
| let signBuilder: (useFallback?: boolean, wasmFilePath?: string | undefined) => Promise<SIGN>; | ||
| if(typeof document !== "undefined") | ||
| signBuilder = (await import('@dashlane/pqc-sign-falcon-512-browser') as any).default; | ||
| else | ||
| signBuilder = (await import('@dashlane/pqc-sign-falcon-512-node') as any).default; | ||
| const EPOLITE_PUBLIC_KEY_LABEL = '----------BEGIN EPOLITE PUBLIC KEY----------'; | ||
@@ -10,0 +30,0 @@ const EPOLITE_PRIVATE_KEY_LABEL = '----------BEGIN EPOLITE PRIVATE KEY----------'; |
Sorry, the diff of this file is not supported yet
New alerts
Native code
Supply chain riskContains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by6.55%
19610
- Lines of code
- increased by6.37%
284
Worsened metrics
- Dependency count
- increased by33.33%
4
- Number of medium supply chain risk alerts
- increased byInfinity%
1
Dependency changes
+ Added@dashlane/pqc-sign-falcon-512-browser@1.0.0(transitive)