@freesignal/protocol 0.1.7 → 0.1.8

package/crypto.js

@@ -68,9 +68,6 @@ class CryptoConstructor {
     hkdf(key, salt, info, length = 32) {
         return new Uint8Array(js_sha3_1.kmac256.digest(key, salt, length * 8, info !== null && info !== void 0 ? info : new Uint8Array()));
     }
-    scalarMult(n, p) {
-        return tweetnacl_1.default.scalarMult(n, p);
-    }
 }
 (function (CryptoConstructor) {
     class box {
@@ -98,7 +95,10 @@ class CryptoConstructor {
             return tweetnacl_1.default.box.keyPair();
         }
         sharedKey(publicKey, secretKey) {
-            return tweetnacl_1.default.scalarMult(publicKey, secretKey);
+            return tweetnacl_1.default.box.before(publicKey, secretKey);
+        }
+        scalarMult(n, p) {
+            return tweetnacl_1.default.scalarMult(n, p);
         }
     }
     CryptoConstructor.ECDH = ECDH;

package/data.d.ts

@@ -16,26 +16,12 @@
  * You should have received a copy of the GNU General Public License
  * along with this program.  If not, see <https://www.gnu.org/licenses/>
  */
-import { Encodable } from "./types";
-export declare enum Protocols {
-    NULL = "",
-    MESSAGE = "/freesignal/message/1.0.0",
-    RELAY = "/freesignal/relay/1.0.0"
-}
-export declare namespace Protocols {
-    function isProtocol(protocol: any): boolean;
-    function fromCode(code: number): Protocols;
-    function toCode(protocol: Protocols): number;
-    function encode(protocol: Protocols, length?: number): Uint8Array;
-    function decode(array: Uint8Array): Protocols;
-}
+import { Encodable, Protocols } from "./types";
 export interface Datagram {
     readonly id: string;
     readonly version: number;
-    readonly senderKey: string;
-    readonly senderRelay?: string;
-    readonly receiverKey: string;
-    readonly receiverRelay?: string;
+    readonly sender: string;
+    readonly receiver: string;
     readonly protocol: Protocols;
     readonly createdAt: number;
     payload?: Uint8Array;
@@ -49,10 +35,8 @@ export declare namespace Datagram {
 declare class DatagramConstructor implements Encodable, Datagram {
     readonly id: string;
     readonly version: number;
-    readonly senderKey: string;
-    readonly senderRelay?: string;
-    readonly receiverKey: string;
-    readonly receiverRelay?: string;
+    readonly sender: string;
+    readonly receiver: string;
     readonly protocol: Protocols;
     readonly createdAt: number;
     payload?: Uint8Array;

package/data.js

@@ -21,43 +21,11 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.Datagram = exports.Protocols = void 0;
+exports.Datagram = void 0;
 const utils_1 = require("./utils");
 const crypto_1 = __importDefault(require("./crypto"));
 const fflate_1 = __importDefault(require("fflate"));
-var Protocols;
-(function (Protocols) {
-    Protocols["NULL"] = "";
-    Protocols["MESSAGE"] = "/freesignal/message/1.0.0";
-    Protocols["RELAY"] = "/freesignal/relay/1.0.0";
-})(Protocols || (exports.Protocols = Protocols = {}));
-(function (Protocols) {
-    function isProtocol(protocol) {
-        return Object.values(Protocols).includes(protocol);
-    }
-    Protocols.isProtocol = isProtocol;
-    function fromCode(code) {
-        return Object.values(Protocols)[code];
-    }
-    Protocols.fromCode = fromCode;
-    function toCode(protocol) {
-        return Object.values(Protocols).indexOf(protocol);
-    }
-    Protocols.toCode = toCode;
-    function encode(protocol, length) {
-        /*const raw = numberToUint8Array(Protocols.toCode(protocol), length).reverse();
-        raw[0] |= (raw.length - 1) << 6;
-        return raw;*/
-        return (0, utils_1.numberToUint8Array)(Protocols.toCode(protocol), length !== null && length !== void 0 ? length : 4, 'big');
-    }
-    Protocols.encode = encode;
-    function decode(array) {
-        array[0] &= 63;
-        array = array.reverse();
-        return Protocols.fromCode((0, utils_1.numberFromUint8Array)(array));
-    }
-    Protocols.decode = decode;
-})(Protocols || (exports.Protocols = Protocols = {}));
+const types_1 = require("./types");
 var Datagram;
 (function (Datagram) {
     Datagram.version = 1;
@@ -84,35 +52,29 @@ class DatagramConstructor {
         if (!receiver && !protocol && !payload) {
             if (data instanceof Uint8Array) {
                 this.version = data[0] & 63;
-                this.protocol = Protocols.decode(data.subarray(1, 4));
-                this.id = crypto_1.default.UUID.stringify(data.subarray(4, 20));
-                this.createdAt = (0, utils_1.numberFromUint8Array)(data.subarray(20, 28));
-                this.senderKey = (0, utils_1.encodeBase64)(data.subarray(28, 28 + crypto_1.default.EdDSA.publicKeyLength));
-                this.receiverKey = (0, utils_1.encodeBase64)(data.subarray(28 + crypto_1.default.EdDSA.publicKeyLength, DatagramConstructor.headerOffset));
-                const senderRelayOffset = data.indexOf(255, DatagramConstructor.headerOffset);
-                const receiverRelayOffset = data.indexOf(255, senderRelayOffset + 1);
-                this.senderRelay = (0, utils_1.encodeUTF8)(data.subarray(DatagramConstructor.headerOffset, senderRelayOffset)) ? "" : undefined;
-                this.receiverRelay = (0, utils_1.encodeUTF8)(data.subarray(senderRelayOffset + 1, receiverRelayOffset)) ? "" : undefined;
+                this.protocol = types_1.Protocols.decode(data.subarray(1, 2));
+                this.id = crypto_1.default.UUID.stringify(data.subarray(2, 18));
+                this.createdAt = (0, utils_1.numberFromUint8Array)(data.subarray(18, 26));
+                this.sender = (0, utils_1.encodeBase64)(data.subarray(26, 26 + crypto_1.default.EdDSA.publicKeyLength));
+                this.receiver = (0, utils_1.encodeBase64)(data.subarray(26 + crypto_1.default.EdDSA.publicKeyLength, DatagramConstructor.headerOffset));
                 if (data[0] & 128) {
                     const signature = data.subarray(data.length - crypto_1.default.EdDSA.signatureLength);
-                    if (!crypto_1.default.EdDSA.verify(data.subarray(0, data.length - crypto_1.default.EdDSA.signatureLength), signature, data.subarray(28, 28 + crypto_1.default.EdDSA.publicKeyLength)))
+                    if (!crypto_1.default.EdDSA.verify(data.subarray(0, data.length - crypto_1.default.EdDSA.signatureLength), signature, data.subarray(26, 26 + crypto_1.default.EdDSA.publicKeyLength)))
                         throw new Error('Invalid signature for Datagram');
                 }
                 if (data[0] & 64)
-                    this.payload = fflate_1.default.inflateSync(data.subarray(receiverRelayOffset + 1, data.length));
+                    this.payload = fflate_1.default.inflateSync(data.subarray(DatagramConstructor.headerOffset, data.length));
                 else
-                    this.payload = data.subarray(receiverRelayOffset + 1, data.length);
+                    this.payload = data.subarray(DatagramConstructor.headerOffset, data.length);
             }
             else if (Datagram.isDatagram(data)) {
                 const datagram = data;
                 this.id = datagram.id;
                 this.version = datagram.version;
-                this.senderKey = datagram.senderKey;
-                this.receiverKey = datagram.receiverKey;
+                this.sender = datagram.sender;
+                this.receiver = datagram.receiver;
                 this.protocol = datagram.protocol;
                 this.createdAt = datagram.createdAt;
-                this.senderRelay = datagram.senderRelay;
-                this.receiverRelay = datagram.receiverRelay;
                 this.payload = datagram.payload;
             }
             else
@@ -121,20 +83,8 @@ class DatagramConstructor {
         else if (typeof data === 'string' || data instanceof Uint8Array) {
             this.id = crypto_1.default.UUID.generate().toString();
             this.version = Datagram.version;
-            if (typeof data === 'string') {
-                const address = data.split('@');
-                this.senderKey = address[0];
-                this.senderRelay = address[1];
-            }
-            else
-                this.senderKey = (0, utils_1.encodeBase64)(data);
-            if (typeof receiver === 'string') {
-                const address = receiver.split('@');
-                this.receiverKey = address[0];
-                this.receiverRelay = address[1];
-            }
-            else
-                this.receiverKey = (0, utils_1.encodeBase64)(receiver);
+            this.sender = typeof data === 'string' ? data : (0, utils_1.encodeBase64)(data);
+            this.receiver = typeof receiver === 'string' ? receiver : (0, utils_1.encodeBase64)(receiver);
             this.protocol = protocol;
             this.createdAt = Date.now();
             this.payload = payload instanceof Uint8Array ? payload : payload === null || payload === void 0 ? void 0 : payload.encode();
@@ -146,12 +96,12 @@ class DatagramConstructor {
         var _a;
         compression = compression && this.payload != undefined && this.payload.length > 1024;
         return (0, utils_1.concatUint8Array)(new Uint8Array(1).fill(this.version | (compression ? 64 : 0)), //1
-        Protocols.encode(this.protocol, 3), //3
+        types_1.Protocols.encode(this.protocol), //1
         (_a = crypto_1.default.UUID.parse(this.id)) !== null && _a !== void 0 ? _a : [], //16
         (0, utils_1.numberToUint8Array)(this.createdAt, 8), //8
-        (0, utils_1.decodeBase64)(this.senderKey), //32
-        (0, utils_1.decodeBase64)(this.receiverKey), //32
-        ...(this.senderRelay ? [(0, utils_1.decodeUTF8)(this.senderRelay)] : []), new Uint8Array(1).fill(255), ...(this.receiverRelay ? [(0, utils_1.decodeUTF8)(this.receiverRelay)] : []), new Uint8Array(1).fill(255), ...(this.payload ? [compression ? fflate_1.default.deflateSync(this.payload) : this.payload] : []));
+        (0, utils_1.decodeBase64)(this.sender), //32
+        (0, utils_1.decodeBase64)(this.receiver), //32
+        ...(this.payload ? [compression ? fflate_1.default.deflateSync(this.payload) : this.payload] : []));
     }
     encodeSigned(secretKey, compression) {
         //if (!this.payload) throw new Error('Cannot sign a datagram without payload');
@@ -178,4 +128,4 @@ class DatagramConstructor {
         return this.toString();
     }
 }
-DatagramConstructor.headerOffset = 28 + crypto_1.default.EdDSA.publicKeyLength * 2;
+DatagramConstructor.headerOffset = 26 + crypto_1.default.EdDSA.publicKeyLength * 2;

package/double-ratchet.js

@@ -69,7 +69,7 @@ class KeySession {
     ratchetKeys(info) {
         if (!this._remoteKey)
             throw new Error();
-        const sharedKey = crypto_1.default.scalarMult(this.keyPair.secretKey, this._remoteKey);
+        const sharedKey = crypto_1.default.ECDH.scalarMult(this.keyPair.secretKey, this._remoteKey);
         if (!this.rootKey)
             this.rootKey = crypto_1.default.hash(sharedKey);
         const hashkey = crypto_1.default.hkdf(sharedKey, this.rootKey, info, KeySession.keyLength * 2);

package/index.d.ts

@@ -42,5 +42,5 @@ export declare function createKeySession(opts?: {
  */
 export declare function createKeyExchange(signSecretKey: Uint8Array, boxSecretKey: Uint8Array, bundleStore?: LocalStorage<string, crypto.KeyPair>): KeyExchange;
 export * from "./types";
-export { Protocols, Datagram } from "./data";
+export { Datagram } from "./data";
 export { EncryptedData } from "./double-ratchet";

package/index.js

@@ -32,7 +32,7 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
     for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.EncryptedData = exports.Datagram = exports.Protocols = void 0;
+exports.EncryptedData = exports.Datagram = void 0;
 exports.createKeySession = createKeySession;
 exports.createKeyExchange = createKeyExchange;
 const double_ratchet_1 = require("./double-ratchet");
@@ -60,7 +60,6 @@ function createKeyExchange(signSecretKey, boxSecretKey, bundleStore) {
 }
 __exportStar(require("./types"), exports);
 var data_1 = require("./data");
-Object.defineProperty(exports, "Protocols", { enumerable: true, get: function () { return data_1.Protocols; } });
 Object.defineProperty(exports, "Datagram", { enumerable: true, get: function () { return data_1.Datagram; } });
 var double_ratchet_2 = require("./double-ratchet");
 Object.defineProperty(exports, "EncryptedData", { enumerable: true, get: function () { return double_ratchet_2.EncryptedData; } });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@freesignal/protocol",
-  "version": "0.1.7",
+  "version": "0.1.8",
   "description": "Signal Protocol implementation in javascript",
   "license": "GPL-3.0-or-later",
   "author": "Christian Braghette",

package/test.js

@@ -7,6 +7,7 @@ const _1 = require(".");
 const crypto_1 = __importDefault(require("./crypto"));
 const data_1 = require("./data");
 const utils_1 = require("./utils");
+const types_1 = require("./types");
 const bob = (0, _1.createKeyExchange)(crypto_1.default.EdDSA.keyPair().secretKey, crypto_1.default.ECDH.keyPair().secretKey);
 const alice = (0, _1.createKeyExchange)(crypto_1.default.EdDSA.keyPair().secretKey, crypto_1.default.ECDH.keyPair().secretKey);
 const bobmessage = bob.generateData();
@@ -15,7 +16,7 @@ bob.digestMessage(aliceack).then(({ session: bobsession, cleartext }) => {
     var _a;
     if (bobsession && cleartext) {
         console.log("Session established successfully between Alice and Bob.");
-        const datagram = data_1.Datagram.create(bob.signatureKey, alice.signatureKey, data_1.Protocols.MESSAGE, (_a = bobsession.encrypt((0, utils_1.decodeUTF8)("Hi Alice!"))) === null || _a === void 0 ? void 0 : _a.encode());
+        const datagram = data_1.Datagram.create(bob.signatureKey, alice.signatureKey, types_1.Protocols.MESSAGE, (_a = bobsession.encrypt((0, utils_1.decodeUTF8)("Hi Alice!"))) === null || _a === void 0 ? void 0 : _a.encode());
         //console.log(datagram.payload);
         const msg = datagram.encode();
         console.log((0, utils_1.encodeUTF8)(alicesession.decrypt(data_1.Datagram.from(msg).payload)));
@@ -23,7 +24,7 @@ bob.digestMessage(aliceack).then(({ session: bobsession, cleartext }) => {
             console.log("Successfully handshaked");
         else
             console.log("Error during handshake");
-        const longmsg = data_1.Datagram.create(alice.signatureKey, bob.signatureKey, data_1.Protocols.MESSAGE, alicesession.encrypt(new Uint8Array(1000000).fill(33).map(val => val + Math.floor(Math.random() * 93))));
+        const longmsg = data_1.Datagram.create(alice.signatureKey, bob.signatureKey, types_1.Protocols.MESSAGE, alicesession.encrypt(new Uint8Array(1000000).fill(33).map(val => val + Math.floor(Math.random() * 93))));
         console.log(longmsg.encode().length);
         console.log(longmsg.encode(false).length);
     }

package/types.d.ts

@@ -25,6 +25,18 @@ export interface Encodable {
 export declare namespace Encodable {
     function isEncodable(obj: any): boolean;
 }
+export declare enum Protocols {
+    NULL = "",
+    MESSAGE = "/freesignal/message/1.0.0",
+    RELAY = "/freesignal/relay/1.0.0"
+}
+export declare namespace Protocols {
+    function isProtocol(protocol: any): boolean;
+    function fromCode(code: number): Protocols;
+    function toCode(protocol: Protocols): number;
+    function encode(protocol: Protocols, length?: number): Uint8Array;
+    function decode(array: Uint8Array): Protocols;
+}
 type LocalStorageIterator<T> = Iterable<T>;
 export interface LocalStorage<K, T> {
     set(key: K, value: T): Promise<this>;
@@ -73,7 +85,6 @@ export interface Crypto {
     readonly EdDSA: Crypto.EdDSA;
     readonly UUID: Crypto.UUID;
     randomBytes(n: number): Uint8Array;
-    scalarMult(n: Uint8Array, p: Uint8Array): Uint8Array;
 }
 export declare namespace Crypto {
     type HashAlgorithms = 'sha224' | 'sha256' | 'sha384' | 'sha512';
@@ -96,6 +107,7 @@ export declare namespace Crypto {
         readonly secretKeyLength: number;
         keyPair(secretKey?: Uint8Array): KeyPair;
         sharedKey(publicKey: Uint8Array, secretKey: Uint8Array): Uint8Array;
+        scalarMult(n: Uint8Array, p: Uint8Array): Uint8Array;
     }
     interface EdDSA {
         readonly publicKeyLength: number;

package/types.js

@@ -18,7 +18,8 @@
  * along with this program.  If not, see <https://www.gnu.org/licenses/>
  */
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.Crypto = exports.Encodable = void 0;
+exports.Crypto = exports.Protocols = exports.Encodable = void 0;
+const utils_1 = require("./utils");
 var Encodable;
 (function (Encodable) {
     const properties = ['encode', 'toString', 'toJSON'];
@@ -27,6 +28,39 @@ var Encodable;
     }
     Encodable.isEncodable = isEncodable;
 })(Encodable || (exports.Encodable = Encodable = {}));
+var Protocols;
+(function (Protocols) {
+    Protocols["NULL"] = "";
+    Protocols["MESSAGE"] = "/freesignal/message/1.0.0";
+    Protocols["RELAY"] = "/freesignal/relay/1.0.0";
+})(Protocols || (exports.Protocols = Protocols = {}));
+(function (Protocols) {
+    function isProtocol(protocol) {
+        return Object.values(Protocols).includes(protocol);
+    }
+    Protocols.isProtocol = isProtocol;
+    function fromCode(code) {
+        return Object.values(Protocols)[code];
+    }
+    Protocols.fromCode = fromCode;
+    function toCode(protocol) {
+        return Object.values(Protocols).indexOf(protocol);
+    }
+    Protocols.toCode = toCode;
+    function encode(protocol, length) {
+        /*const raw = numberToUint8Array(Protocols.toCode(protocol), length).reverse();
+        raw[0] |= (raw.length - 1) << 6;
+        return raw;*/
+        return (0, utils_1.numberToUint8Array)(Protocols.toCode(protocol), length);
+    }
+    Protocols.encode = encode;
+    function decode(array) {
+        //array[0] &= 63;
+        //array = array.reverse();
+        return Protocols.fromCode((0, utils_1.numberFromUint8Array)(array));
+    }
+    Protocols.decode = decode;
+})(Protocols || (exports.Protocols = Protocols = {}));
 var Crypto;
 (function (Crypto) {
 })(Crypto || (exports.Crypto = Crypto = {}));

package/x3dh.d.ts

@@ -16,8 +16,7 @@
  * You should have received a copy of the GNU General Public License
  * along with this program.  If not, see <https://www.gnu.org/licenses/>
  */
-import crypto from "./crypto";
-import { KeyExchangeData, KeyExchangeDataBundle, KeyExchangeSynMessage, LocalStorage } from "./types";
+import { KeyExchangeData, KeyExchangeDataBundle, KeyExchangeSynMessage, LocalStorage, Crypto } from "./types";
 import { KeySession } from "./double-ratchet";
 export declare class KeyExchange {
     static readonly version = 1;
@@ -26,7 +25,7 @@ export declare class KeyExchange {
     private readonly _signatureKey;
     private readonly _identityKey;
     private readonly bundleStore;
-    constructor(signSecretKey: Uint8Array, boxSecretKey: Uint8Array, bundleStore?: LocalStorage<string, crypto.KeyPair>);
+    constructor(signSecretKey: Uint8Array, boxSecretKey: Uint8Array, bundleStore?: LocalStorage<string, Crypto.KeyPair>);
     get signatureKey(): Uint8Array;
     get identityKey(): Uint8Array;
     private generateSPK;

package/x3dh.js

@@ -88,10 +88,10 @@ class KeyExchange {
         const signedPreKeyHash = crypto_1.default.hash(signedPreKey);
         const onetimePreKeyHash = onetimePreKey ? crypto_1.default.hash(onetimePreKey) : new Uint8Array();
         const rootKey = crypto_1.default.hkdf(new Uint8Array([
-            ...crypto_1.default.scalarMult(this._identityKey.secretKey, signedPreKey),
-            ...crypto_1.default.scalarMult(ephemeralKey.secretKey, identityKey),
-            ...crypto_1.default.scalarMult(ephemeralKey.secretKey, signedPreKey),
-            ...onetimePreKey ? crypto_1.default.scalarMult(ephemeralKey.secretKey, onetimePreKey) : new Uint8Array()
+            ...crypto_1.default.ECDH.scalarMult(this._identityKey.secretKey, signedPreKey),
+            ...crypto_1.default.ECDH.scalarMult(ephemeralKey.secretKey, identityKey),
+            ...crypto_1.default.ECDH.scalarMult(ephemeralKey.secretKey, signedPreKey),
+            ...onetimePreKey ? crypto_1.default.ECDH.scalarMult(ephemeralKey.secretKey, onetimePreKey) : new Uint8Array()
         ]), new Uint8Array(double_ratchet_1.KeySession.rootKeyLength).fill(0), KeyExchange.hkdfInfo, double_ratchet_1.KeySession.rootKeyLength);
         const session = new double_ratchet_1.KeySession({ remoteKey: identityKey, rootKey });
         const cyphertext = session.encrypt((0, utils_1.concatUint8Array)(crypto_1.default.hash(this._identityKey.publicKey), crypto_1.default.hash(identityKey)));
@@ -122,10 +122,10 @@ class KeyExchange {
             const identityKey = (0, utils_1.decodeBase64)(message.identityKey);
             const ephemeralKey = (0, utils_1.decodeBase64)(message.ephemeralKey);
             const rootKey = crypto_1.default.hkdf(new Uint8Array([
-                ...crypto_1.default.scalarMult(signedPreKey.secretKey, identityKey),
-                ...crypto_1.default.scalarMult(this._identityKey.secretKey, ephemeralKey),
-                ...crypto_1.default.scalarMult(signedPreKey.secretKey, ephemeralKey),
-                ...onetimePreKey ? crypto_1.default.scalarMult(onetimePreKey.secretKey, ephemeralKey) : new Uint8Array()
+                ...crypto_1.default.ECDH.scalarMult(signedPreKey.secretKey, identityKey),
+                ...crypto_1.default.ECDH.scalarMult(this._identityKey.secretKey, ephemeralKey),
+                ...crypto_1.default.ECDH.scalarMult(signedPreKey.secretKey, ephemeralKey),
+                ...onetimePreKey ? crypto_1.default.ECDH.scalarMult(onetimePreKey.secretKey, ephemeralKey) : new Uint8Array()
             ]), new Uint8Array(double_ratchet_1.KeySession.rootKeyLength).fill(0), KeyExchange.hkdfInfo, double_ratchet_1.KeySession.rootKeyLength);
             const session = new double_ratchet_1.KeySession({ secretKey: this._identityKey.secretKey, rootKey });
             const cleartext = session.decrypt((0, utils_1.decodeBase64)(message.associatedData));