@freesignal/protocol 0.2.1 → 0.2.4

package/api.d.ts

@@ -2,6 +2,8 @@ import { Crypto, LocalStorage } from "@freesignal/interfaces";
 import { KeySession } from "./double-ratchet";
 import { KeyExchange } from "./x3dh";
 import { Datagram, IdentityKeys, EncryptedData, UserId } from "./types";
+export declare const FREESIGNAL_MIME = "application/x-freesignal";
+type DatagramId = string;
 export declare class FreeSignalAPI {
     protected readonly signKey: Crypto.KeyPair;
     protected readonly boxKey: Crypto.KeyPair;
@@ -16,25 +18,20 @@ export declare class FreeSignalAPI {
         users: LocalStorage<UserId, IdentityKeys>;
     });
     get userId(): Uint8Array;
+    get identityKeys(): IdentityKeys;
     encryptData(data: Uint8Array, userId: string): Promise<EncryptedData>;
     decryptData(data: Uint8Array, userId: string): Promise<Uint8Array>;
+    getDatagrams(publicKey: string | Uint8Array, url: string): Promise<Datagram[]>;
+    postDatagrams(datagrams: Datagram[], publicKey: string | Uint8Array, url: string): Promise<number>;
+    deleteDatagrams(datagramIds: DatagramId[], publicKey: string | Uint8Array, url: string): Promise<number>;
+    createToken(publicKey: Uint8Array): string;
     protected digestToken(auth?: string): Promise<{
         identityKeys: IdentityKeys;
         userId: UserId;
     }>;
-    createToken(publicKey: Uint8Array): string;
+    protected packIdList(datagramIds: DatagramId[]): Uint8Array;
+    protected unpackIdList(data: Uint8Array): DatagramId[];
     protected packDatagrams(messages: Datagram[]): Uint8Array;
     protected unpackDatagrams(data: Uint8Array): Datagram[];
-    get identityKeys(): {
-        readonly publicKey: string;
-        readonly identityKey: string;
-        encode(): Uint8Array;
-        toString(): string;
-        toJSON(): string;
-    };
-    static createSecretIdentityKeys(): {
-        secretSignKey: Uint8Array;
-        secretBoxKey: Uint8Array;
-    };
-    static getUserId(publicKey: string | Uint8Array): string;
 }
+export {};

package/api.js

@@ -12,12 +12,13 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.FreeSignalAPI = void 0;
+exports.FreeSignalAPI = exports.FREESIGNAL_MIME = void 0;
 const crypto_1 = __importDefault(require("@freesignal/crypto"));
 const x3dh_1 = require("./x3dh");
 const utils_1 = require("@freesignal/utils");
 const types_1 = require("./types");
 const fflate_1 = __importDefault(require("fflate"));
+exports.FREESIGNAL_MIME = "application/x-freesignal";
 class FreeSignalAPI {
     constructor(opts) {
         const { secretSignKey, secretBoxKey, sessions, keyExchange, users } = opts;
@@ -30,6 +31,12 @@ class FreeSignalAPI {
     get userId() {
         return crypto_1.default.hash(this.signKey.publicKey);
     }
+    get identityKeys() {
+        return {
+            publicKey: (0, utils_1.decodeBase64)(this.signKey.publicKey),
+            identityKey: (0, utils_1.decodeBase64)(this.boxKey.publicKey)
+        };
+    }
     encryptData(data, userId) {
         return __awaiter(this, void 0, void 0, function* () {
             const session = yield this.sessions.get(userId);
@@ -52,6 +59,50 @@ class FreeSignalAPI {
             return decrypted;
         });
     }
+    getDatagrams(publicKey, url) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const res = yield fetch(url, {
+                method: 'GET',
+                headers: {
+                    authorization: this.createToken(publicKey instanceof Uint8Array ? publicKey : (0, utils_1.encodeBase64)(publicKey))
+                }
+            });
+            return this.unpackDatagrams(yield this.decryptData(new Uint8Array(yield res.arrayBuffer()), types_1.UserId.getUserId(publicKey).toString()));
+        });
+    }
+    postDatagrams(datagrams, publicKey, url) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const data = yield this.encryptData(this.packDatagrams(datagrams), types_1.UserId.getUserId(publicKey).toString());
+            const res = yield fetch(url, {
+                method: 'POST',
+                headers: {
+                    'Content-Type': exports.FREESIGNAL_MIME,
+                    authorization: this.createToken(publicKey instanceof Uint8Array ? publicKey : (0, utils_1.encodeBase64)(publicKey))
+                },
+                body: data.encode()
+            });
+            return (0, utils_1.numberFromUint8Array)(yield this.decryptData(new Uint8Array(yield res.arrayBuffer()), types_1.UserId.getUserId(publicKey).toString()));
+        });
+    }
+    deleteDatagrams(datagramIds, publicKey, url) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const data = yield this.encryptData(this.packIdList(datagramIds), types_1.UserId.getUserId(publicKey).toString());
+            const res = yield fetch(url, {
+                method: 'DELETE',
+                headers: {
+                    'Content-Type': exports.FREESIGNAL_MIME,
+                    authorization: this.createToken(publicKey instanceof Uint8Array ? publicKey : (0, utils_1.encodeBase64)(publicKey))
+                },
+                body: data.encode()
+            });
+            return (0, utils_1.numberFromUint8Array)(yield this.decryptData(new Uint8Array(yield res.arrayBuffer()), types_1.UserId.getUserId(publicKey).toString()));
+        });
+    }
+    createToken(publicKey) {
+        const sharedId = crypto_1.default.hash(crypto_1.default.ECDH.scalarMult(publicKey, this.boxKey.secretKey));
+        return `Bearer ${(0, utils_1.decodeBase64)(this.userId)}:${(0, utils_1.decodeBase64)(sharedId)}`;
+    }
+    ;
     digestToken(auth) {
         return __awaiter(this, void 0, void 0, function* () {
             if (auth && auth.startsWith("Bearer ")) {
@@ -59,7 +110,7 @@ class FreeSignalAPI {
                 const identityKeys = yield this.users.get(userId);
                 if (!identityKeys)
                     throw new Error('User not found or invalid auth token');
-                if ((0, utils_1.verifyUint8Array)(crypto_1.default.hash(crypto_1.default.ECDH.scalarMult((0, utils_1.decodeBase64)(identityKeys.publicKey), this.boxKey.secretKey)), (0, utils_1.decodeBase64)(sharedId)))
+                if ((0, utils_1.verifyUint8Array)(crypto_1.default.hash(crypto_1.default.ECDH.scalarMult((0, utils_1.encodeBase64)(identityKeys.publicKey), this.boxKey.secretKey)), (0, utils_1.encodeBase64)(sharedId)))
                     return { identityKeys, userId: auth };
                 else
                     throw new Error('Authorization token not valid');
@@ -67,11 +118,16 @@ class FreeSignalAPI {
             throw new Error('Authorization header is required');
         });
     }
-    createToken(publicKey) {
-        const sharedId = crypto_1.default.hash(crypto_1.default.ECDH.scalarMult(publicKey, this.boxKey.secretKey));
-        return `Bearer ${(0, utils_1.encodeBase64)(this.userId)}:${(0, utils_1.encodeBase64)(sharedId)}`;
+    packIdList(datagramIds) {
+        return datagramIds.map(datagramId => crypto_1.default.UUID.parse(datagramId)).reduce((prev, curr) => new Uint8Array([...prev, ...curr]), new Uint8Array());
+    }
+    unpackIdList(data) {
+        const ids = [];
+        for (let i = 0; i < data.length; i += 16) {
+            ids.push(crypto_1.default.UUID.stringify(data.subarray(i, i + 16)));
+        }
+        return ids;
     }
-    ;
     packDatagrams(messages) {
         return fflate_1.default.deflateSync((0, utils_1.concatUint8Array)(...messages.flatMap(datagram => {
             const encoded = types_1.Datagram.from(datagram).encode();
@@ -104,20 +160,5 @@ class FreeSignalAPI {
         }
         return messages;
     }
-    get identityKeys() {
-        return types_1.IdentityKeys.from({
-            publicKey: (0, utils_1.encodeBase64)(this.signKey.publicKey),
-            identityKey: (0, utils_1.encodeBase64)(this.boxKey.publicKey)
-        });
-    }
-    static createSecretIdentityKeys() {
-        return {
-            secretSignKey: crypto_1.default.EdDSA.keyPair().secretKey,
-            secretBoxKey: crypto_1.default.ECDH.keyPair().secretKey
-        };
-    }
-    static getUserId(publicKey) {
-        return (0, utils_1.encodeBase64)(crypto_1.default.hash(publicKey instanceof Uint8Array ? publicKey : (0, utils_1.decodeBase64)(publicKey)));
-    }
 }
 exports.FreeSignalAPI = FreeSignalAPI;

package/double-ratchet.js

@@ -143,11 +143,11 @@ class KeySession {
      */
     export() {
         return {
-            secretKey: (0, utils_1.encodeBase64)((0, utils_1.concatUint8Array)(this.keyPair.secretKey)),
-            remoteKey: (0, utils_1.encodeBase64)(this._remoteKey),
-            rootKey: (0, utils_1.encodeBase64)(this.rootKey),
-            sendingChain: (0, utils_1.encodeBase64)(this.sendingChain),
-            receivingChain: (0, utils_1.encodeBase64)(this.receivingChain),
+            secretKey: (0, utils_1.decodeBase64)((0, utils_1.concatUint8Array)(this.keyPair.secretKey)),
+            remoteKey: (0, utils_1.decodeBase64)(this._remoteKey),
+            rootKey: (0, utils_1.decodeBase64)(this.rootKey),
+            sendingChain: (0, utils_1.decodeBase64)(this.sendingChain),
+            receivingChain: (0, utils_1.decodeBase64)(this.receivingChain),
             sendingCount: this.sendingCount,
             receivingCount: this.receivingCount,
             previousCount: this.previousCount,
@@ -162,10 +162,10 @@ class KeySession {
      */
     static import(json) {
         const data = JSON.parse(json);
-        const session = new KeySession({ secretKey: (0, utils_1.decodeBase64)(data.secretKey), rootKey: (0, utils_1.decodeBase64)(data.rootKey) });
-        session._remoteKey = (0, utils_1.decodeBase64)(data.remoteKey);
-        session.sendingChain = (0, utils_1.decodeBase64)(data.sendingChain);
-        session.receivingChain = (0, utils_1.decodeBase64)(data.receivingChain);
+        const session = new KeySession({ secretKey: (0, utils_1.encodeBase64)(data.secretKey), rootKey: (0, utils_1.encodeBase64)(data.rootKey) });
+        session._remoteKey = (0, utils_1.encodeBase64)(data.remoteKey);
+        session.sendingChain = (0, utils_1.encodeBase64)(data.sendingChain);
+        session.receivingChain = (0, utils_1.encodeBase64)(data.receivingChain);
         session.sendingCount = data.sendingCount;
         session.receivingCount = data.receivingCount;
         session.previousCount = data.previousCount;

package/index.d.ts

@@ -20,8 +20,6 @@ import crypto from "@freesignal/crypto";
 import { LocalStorage, Crypto } from "@freesignal/interfaces";
 import { KeySession } from "./double-ratchet";
 import { KeyExchange } from "./x3dh";
-import { IdentityKeys, UserId } from "./types";
-import { FreeSignalAPI } from "./api";
 /**
  * Creates a new Double Ratchet session.
  *
@@ -43,11 +41,8 @@ export declare function createKeySession(opts?: {
  * @returns A new X3DH session.
  */
 export declare function createKeyExchange(signSecretKey: Uint8Array, boxSecretKey: Uint8Array, bundleStore?: LocalStorage<string, crypto.KeyPair>): KeyExchange;
-export declare function createAPI(opts: {
-    secretSignKey: Uint8Array;
-    secretBoxKey: Uint8Array;
-    sessions: LocalStorage<UserId, KeySession>;
-    keyExchange: LocalStorage<string, Crypto.KeyPair>;
-    users: LocalStorage<UserId, IdentityKeys>;
-}): FreeSignalAPI;
+export declare function createIdentityKeys(signSecretKey?: Uint8Array, boxSecretKey?: Uint8Array): {
+    sign: Crypto.KeyPair;
+    box: Crypto.KeyPair;
+};
 export { IdentityKeys, Protocols, EncryptedData, Datagram } from "./types";

package/index.js

@@ -17,14 +17,17 @@
  * You should have received a copy of the GNU General Public License
  * along with this program.  If not, see <https://www.gnu.org/licenses/>
  */
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.Datagram = exports.EncryptedData = exports.Protocols = exports.IdentityKeys = void 0;
 exports.createKeySession = createKeySession;
 exports.createKeyExchange = createKeyExchange;
-exports.createAPI = createAPI;
+exports.createIdentityKeys = createIdentityKeys;
+const crypto_1 = __importDefault(require("@freesignal/crypto"));
 const double_ratchet_1 = require("./double-ratchet");
 const x3dh_1 = require("./x3dh");
-const api_1 = require("./api");
 /**
  * Creates a new Double Ratchet session.
  *
@@ -46,9 +49,21 @@ function createKeySession(opts) {
 function createKeyExchange(signSecretKey, boxSecretKey, bundleStore) {
     return new x3dh_1.KeyExchange(signSecretKey, boxSecretKey, bundleStore);
 }
-function createAPI(opts) {
-    return new api_1.FreeSignalAPI(opts);
+function createIdentityKeys(signSecretKey, boxSecretKey) {
+    return {
+        sign: crypto_1.default.EdDSA.keyPair(signSecretKey),
+        box: crypto_1.default.ECDH.keyPair(boxSecretKey)
+    };
 }
+/*export function createAPI(opts: {
+    secretSignKey: Uint8Array;
+    secretBoxKey: Uint8Array;
+    sessions: LocalStorage<UserId, KeySession>;
+    keyExchange: LocalStorage<string, Crypto.KeyPair>;
+    users: LocalStorage<UserId, IdentityKeys>;
+}): FreeSignalAPI {
+    return new FreeSignalAPI(opts);
+}*/
 var types_1 = require("./types");
 Object.defineProperty(exports, "IdentityKeys", { enumerable: true, get: function () { return types_1.IdentityKeys; } });
 Object.defineProperty(exports, "Protocols", { enumerable: true, get: function () { return types_1.Protocols; } });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@freesignal/protocol",
-  "version": "0.2.1",
+  "version": "0.2.4",
   "description": "Signal Protocol implementation in javascript",
   "license": "GPL-3.0-or-later",
   "author": "Christian Braghette",

package/test.js

@@ -10,14 +10,14 @@ const bob = (0, _1.createKeyExchange)(crypto_1.default.EdDSA.keyPair().secretKey
 const alice = (0, _1.createKeyExchange)(crypto_1.default.EdDSA.keyPair().secretKey, crypto_1.default.ECDH.keyPair().secretKey);
 const bobmessage = bob.generateData();
 const { session: alicesession, message: aliceack } = alice.digestData(bobmessage);
-bob.digestMessage(aliceack).then(({ session: bobsession, cleartext }) => {
+bob.digestMessage(aliceack).then(({ session: bobsession, identityKeys }) => {
     var _a;
-    if (bobsession && cleartext) {
+    if (bobsession && identityKeys) {
         console.log("Session established successfully between Alice and Bob.");
-        const datagram = _1.Datagram.create(bob.signatureKey, alice.signatureKey, _1.Protocols.MESSAGE, (_a = bobsession.encrypt((0, utils_1.decodeUTF8)("Hi Alice!"))) === null || _a === void 0 ? void 0 : _a.encode());
+        const datagram = _1.Datagram.create(bob.signatureKey, alice.signatureKey, _1.Protocols.MESSAGE, (_a = bobsession.encrypt((0, utils_1.encodeUTF8)("Hi Alice!"))) === null || _a === void 0 ? void 0 : _a.encode());
         //console.log(datagram.payload);
         const msg = datagram.encode();
-        console.log((0, utils_1.encodeUTF8)(alicesession.decrypt(_1.Datagram.from(msg).payload)));
+        console.log((0, utils_1.decodeUTF8)(alicesession.decrypt(_1.Datagram.from(msg).payload)));
         if (alicesession.handshaked && bobsession.handshaked)
             console.log("Successfully handshaked");
         else

package/types.d.ts

@@ -18,22 +18,34 @@
  */
 import { Encodable } from "@freesignal/interfaces";
 export type UserId = string;
+export declare namespace UserId {
+    class UserIdConstructor {
+        private readonly array;
+        constructor(array: Uint8Array);
+        toString(): string;
+        toUint8Array(): Uint8Array;
+    }
+    export function getUserId(publicKey: string | Uint8Array): UserIdConstructor;
+    export function from(userId: string | Uint8Array): UserIdConstructor;
+    export {};
+}
 export interface IdentityKeys {
     readonly publicKey: string;
     readonly identityKey: string;
 }
 export declare namespace IdentityKeys {
-    const keyLength: number;
-    function isIdentityKeys(obj: any): boolean;
-    function from(identityKeys: IdentityKeys): IdentityKeysConstructor;
-}
-declare class IdentityKeysConstructor implements IdentityKeys, Encodable {
-    readonly publicKey: string;
-    readonly identityKey: string;
-    constructor(identityKeys: IdentityKeys | Uint8Array | string);
-    encode(): Uint8Array;
-    toString(): string;
-    toJSON(): string;
+    export const keyLength: number;
+    class IdentityKeysConstructor implements IdentityKeys, Encodable {
+        readonly publicKey: string;
+        readonly identityKey: string;
+        constructor(identityKeys: IdentityKeys | Uint8Array | string);
+        encode(): Uint8Array;
+        toString(): string;
+        toJSON(): string;
+    }
+    export function isIdentityKeys(obj: any): boolean;
+    export function from(identityKeys: IdentityKeys): IdentityKeysConstructor;
+    export {};
 }
 export declare enum Protocols {
     NULL = "",
@@ -58,26 +70,27 @@ export interface Datagram {
     payload?: Uint8Array;
 }
 export declare namespace Datagram {
-    const version = 1;
-    function create(sender: Uint8Array | string, receiver: Uint8Array | string, protocol: Protocols, payload?: Uint8Array | Encodable): DatagramConstructor;
-    function isDatagram(obj: any): boolean;
-    function from(data: Uint8Array | Datagram | string): DatagramConstructor;
-}
-declare class DatagramConstructor implements Encodable, Datagram {
-    readonly id: string;
-    readonly version: number;
-    readonly sender: string;
-    readonly receiver: string;
-    readonly protocol: Protocols;
-    readonly createdAt: number;
-    payload?: Uint8Array;
-    private static headerOffset;
-    constructor(sender: Uint8Array | string, receiver: Uint8Array | string, protocol: Protocols, payload?: Uint8Array | Encodable);
-    constructor(data: Uint8Array | Datagram);
-    encode(compression?: boolean): Uint8Array;
-    encodeSigned(secretKey: Uint8Array, compression?: boolean): Uint8Array;
-    toString(): string;
-    toJSON(): string;
+    export const version = 1;
+    class DatagramConstructor implements Encodable, Datagram {
+        readonly id: string;
+        readonly version: number;
+        readonly sender: UserId;
+        readonly receiver: UserId;
+        readonly protocol: Protocols;
+        readonly createdAt: number;
+        payload?: Uint8Array;
+        private static headerOffset;
+        constructor(sender: Uint8Array | string, receiver: Uint8Array | string, protocol: Protocols, payload?: Uint8Array | Encodable);
+        constructor(data: Uint8Array | Datagram);
+        encode(compression?: boolean): Uint8Array;
+        encodeSigned(secretKey: Uint8Array, compression?: boolean): Uint8Array;
+        toString(): string;
+        toJSON(): string;
+    }
+    export function create(sender: Uint8Array | string, receiver: Uint8Array | string, protocol: Protocols, payload?: Uint8Array | Encodable): DatagramConstructor;
+    export function isDatagram(obj: any): boolean;
+    export function from(data: Uint8Array | Datagram | string): DatagramConstructor;
+    export {};
 }
 /**
  * Interface representing an encrypted payload.
@@ -163,4 +176,3 @@ export declare class EncryptedDataConstructor implements EncryptedData {
     toString(): string;
     toJSON(): string;
 }
-export {};

package/types.js

@@ -21,14 +21,60 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.EncryptedDataConstructor = exports.EncryptedData = exports.Datagram = exports.Protocols = exports.IdentityKeys = void 0;
+exports.EncryptedDataConstructor = exports.EncryptedData = exports.Datagram = exports.Protocols = exports.IdentityKeys = exports.UserId = void 0;
 const utils_1 = require("@freesignal/utils");
 const crypto_1 = __importDefault(require("@freesignal/crypto"));
 const fflate_1 = __importDefault(require("fflate"));
 const double_ratchet_1 = require("./double-ratchet");
+var UserId;
+(function (UserId) {
+    class UserIdConstructor {
+        constructor(array) {
+            this.array = array;
+        }
+        ;
+        toString() {
+            return (0, utils_1.decodeBase64)(this.array);
+        }
+        toUint8Array() {
+            return this.array;
+        }
+    }
+    function getUserId(publicKey) {
+        return new UserIdConstructor(crypto_1.default.hash(publicKey instanceof Uint8Array ? publicKey : (0, utils_1.encodeBase64)(publicKey)));
+    }
+    UserId.getUserId = getUserId;
+    function from(userId) {
+        return new UserIdConstructor(userId instanceof Uint8Array ? userId : (0, utils_1.encodeBase64)(userId));
+    }
+    UserId.from = from;
+})(UserId || (exports.UserId = UserId = {}));
 var IdentityKeys;
 (function (IdentityKeys) {
     IdentityKeys.keyLength = crypto_1.default.ECDH.publicKeyLength;
+    class IdentityKeysConstructor {
+        constructor(identityKeys) {
+            if (typeof identityKeys === 'string')
+                identityKeys = (0, utils_1.encodeBase64)(identityKeys);
+            if (identityKeys instanceof Uint8Array) {
+                this.publicKey = (0, utils_1.decodeBase64)(identityKeys.subarray(0, IdentityKeys.keyLength));
+                this.identityKey = (0, utils_1.decodeBase64)(identityKeys.subarray(IdentityKeys.keyLength));
+            }
+            else {
+                this.publicKey = identityKeys.publicKey;
+                this.identityKey = identityKeys.identityKey;
+            }
+        }
+        encode() {
+            return (0, utils_1.concatUint8Array)((0, utils_1.encodeBase64)(this.publicKey), (0, utils_1.encodeBase64)(this.identityKey));
+        }
+        toString() {
+            throw (0, utils_1.decodeBase64)(this.encode());
+        }
+        toJSON() {
+            throw this.toString();
+        }
+    }
     function isIdentityKeys(obj) {
         return (typeof obj === 'object' && obj.publicKey && obj.identityKey);
     }
@@ -38,29 +84,6 @@ var IdentityKeys;
     }
     IdentityKeys.from = from;
 })(IdentityKeys || (exports.IdentityKeys = IdentityKeys = {}));
-class IdentityKeysConstructor {
-    constructor(identityKeys) {
-        if (typeof identityKeys === 'string')
-            identityKeys = (0, utils_1.decodeBase64)(identityKeys);
-        if (identityKeys instanceof Uint8Array) {
-            this.publicKey = (0, utils_1.encodeBase64)(identityKeys.subarray(0, IdentityKeys.keyLength));
-            this.identityKey = (0, utils_1.encodeBase64)(identityKeys.subarray(IdentityKeys.keyLength));
-        }
-        else {
-            this.publicKey = identityKeys.publicKey;
-            this.identityKey = identityKeys.identityKey;
-        }
-    }
-    encode() {
-        return (0, utils_1.concatUint8Array)((0, utils_1.decodeBase64)(this.publicKey), (0, utils_1.decodeBase64)(this.identityKey));
-    }
-    toString() {
-        throw (0, utils_1.encodeBase64)(this.encode());
-    }
-    toJSON() {
-        throw this.toString();
-    }
-}
 var Protocols;
 (function (Protocols) {
     Protocols["NULL"] = "";
@@ -98,6 +121,88 @@ var Protocols;
 var Datagram;
 (function (Datagram) {
     Datagram.version = 1;
+    class DatagramConstructor {
+        constructor(data, receiver, protocol, payload) {
+            if (!receiver && !protocol && !payload) {
+                if (data instanceof Uint8Array) {
+                    this.version = data[0] & 63;
+                    this.protocol = Protocols.decode(data.subarray(1, 2));
+                    this.id = crypto_1.default.UUID.stringify(data.subarray(2, 18));
+                    this.createdAt = (0, utils_1.numberFromUint8Array)(data.subarray(18, 26));
+                    this.sender = (0, utils_1.decodeBase64)(data.subarray(26, 26 + crypto_1.default.EdDSA.publicKeyLength));
+                    this.receiver = (0, utils_1.decodeBase64)(data.subarray(26 + crypto_1.default.EdDSA.publicKeyLength, DatagramConstructor.headerOffset));
+                    if (data[0] & 128) {
+                        const signature = data.subarray(data.length - crypto_1.default.EdDSA.signatureLength);
+                        if (!crypto_1.default.EdDSA.verify(data.subarray(0, data.length - crypto_1.default.EdDSA.signatureLength), signature, data.subarray(26, 26 + crypto_1.default.EdDSA.publicKeyLength)))
+                            throw new Error('Invalid signature for Datagram');
+                    }
+                    if (data[0] & 64)
+                        this.payload = fflate_1.default.inflateSync(data.subarray(DatagramConstructor.headerOffset, data.length));
+                    else
+                        this.payload = data.subarray(DatagramConstructor.headerOffset, data.length);
+                }
+                else if (Datagram.isDatagram(data)) {
+                    const datagram = data;
+                    this.id = datagram.id;
+                    this.version = datagram.version;
+                    this.sender = datagram.sender;
+                    this.receiver = datagram.receiver;
+                    this.protocol = datagram.protocol;
+                    this.createdAt = datagram.createdAt;
+                    this.payload = datagram.payload;
+                }
+                else
+                    throw new Error('Invalid constructor arguments for Datagram');
+            }
+            else if (typeof data === 'string' || data instanceof Uint8Array) {
+                this.id = crypto_1.default.UUID.generate().toString();
+                this.version = Datagram.version;
+                this.sender = typeof data === 'string' ? data : (0, utils_1.decodeBase64)(data);
+                this.receiver = typeof receiver === 'string' ? receiver : (0, utils_1.decodeBase64)(receiver);
+                this.protocol = protocol;
+                this.createdAt = Date.now();
+                this.payload = payload instanceof Uint8Array ? payload : payload === null || payload === void 0 ? void 0 : payload.encode();
+            }
+            else
+                throw new Error('Invalid constructor arguments for Datagram');
+        }
+        encode(compression = true) {
+            var _a;
+            compression = compression && this.payload != undefined && this.payload.length > 1024;
+            return (0, utils_1.concatUint8Array)(new Uint8Array(1).fill(this.version | (compression ? 64 : 0)), //1
+            Protocols.encode(this.protocol), //1
+            (_a = crypto_1.default.UUID.parse(this.id)) !== null && _a !== void 0 ? _a : [], //16
+            (0, utils_1.numberToUint8Array)(this.createdAt, 8), //8
+            (0, utils_1.encodeBase64)(this.sender), //32
+            (0, utils_1.encodeBase64)(this.receiver), //32
+            ...(this.payload ? [compression ? fflate_1.default.deflateSync(this.payload) : this.payload] : []));
+        }
+        encodeSigned(secretKey, compression) {
+            //if (!this.payload) throw new Error('Cannot sign a datagram without payload');
+            const header = this.encode(compression);
+            header[0] |= 128; // Set the sign bit
+            const signature = crypto_1.default.EdDSA.sign(header, secretKey);
+            return (0, utils_1.concatUint8Array)(header, signature);
+        }
+        toString() {
+            return (0, utils_1.decodeBase64)(this.encode());
+        }
+        toJSON() {
+            /*return JSON.stringify({
+                id: this.id,
+                version: this.version,
+                senderKey: this.senderKey,
+                senderRelay: this.senderRelay,
+                receiverKey: this.receiverKey,
+                receiverRelay: this.receiverRelay,
+                protocol: this.protocol,
+                createdAt: this.createdAt,
+                payload: this.payload ? encodeBase64(this.payload) : undefined
+            });*/
+            return this.toString();
+        }
+    }
+    DatagramConstructor.headerOffset = 26 + crypto_1.default.EdDSA.publicKeyLength * 2;
     function create(sender, receiver, protocol, payload) {
         return new DatagramConstructor(sender, receiver, protocol, payload);
     }
@@ -108,7 +213,7 @@ var Datagram;
     Datagram.isDatagram = isDatagram;
     function from(data) {
         if (typeof data === 'string') {
-            const decoded = (0, utils_1.decodeBase64)(data);
+            const decoded = (0, utils_1.encodeBase64)(data);
             return new DatagramConstructor(decoded);
         }
         else
@@ -116,88 +221,6 @@ var Datagram;
     }
     Datagram.from = from;
 })(Datagram || (exports.Datagram = Datagram = {}));
-class DatagramConstructor {
-    constructor(data, receiver, protocol, payload) {
-        if (!receiver && !protocol && !payload) {
-            if (data instanceof Uint8Array) {
-                this.version = data[0] & 63;
-                this.protocol = Protocols.decode(data.subarray(1, 2));
-                this.id = crypto_1.default.UUID.stringify(data.subarray(2, 18));
-                this.createdAt = (0, utils_1.numberFromUint8Array)(data.subarray(18, 26));
-                this.sender = (0, utils_1.encodeBase64)(data.subarray(26, 26 + crypto_1.default.EdDSA.publicKeyLength));
-                this.receiver = (0, utils_1.encodeBase64)(data.subarray(26 + crypto_1.default.EdDSA.publicKeyLength, DatagramConstructor.headerOffset));
-                if (data[0] & 128) {
-                    const signature = data.subarray(data.length - crypto_1.default.EdDSA.signatureLength);
-                    if (!crypto_1.default.EdDSA.verify(data.subarray(0, data.length - crypto_1.default.EdDSA.signatureLength), signature, data.subarray(26, 26 + crypto_1.default.EdDSA.publicKeyLength)))
-                        throw new Error('Invalid signature for Datagram');
-                }
-                if (data[0] & 64)
-                    this.payload = fflate_1.default.inflateSync(data.subarray(DatagramConstructor.headerOffset, data.length));
-                else
-                    this.payload = data.subarray(DatagramConstructor.headerOffset, data.length);
-            }
-            else if (Datagram.isDatagram(data)) {
-                const datagram = data;
-                this.id = datagram.id;
-                this.version = datagram.version;
-                this.sender = datagram.sender;
-                this.receiver = datagram.receiver;
-                this.protocol = datagram.protocol;
-                this.createdAt = datagram.createdAt;
-                this.payload = datagram.payload;
-            }
-            else
-                throw new Error('Invalid constructor arguments for Datagram');
-        }
-        else if (typeof data === 'string' || data instanceof Uint8Array) {
-            this.id = crypto_1.default.UUID.generate().toString();
-            this.version = Datagram.version;
-            this.sender = typeof data === 'string' ? data : (0, utils_1.encodeBase64)(data);
-            this.receiver = typeof receiver === 'string' ? receiver : (0, utils_1.encodeBase64)(receiver);
-            this.protocol = protocol;
-            this.createdAt = Date.now();
-            this.payload = payload instanceof Uint8Array ? payload : payload === null || payload === void 0 ? void 0 : payload.encode();
-        }
-        else
-            throw new Error('Invalid constructor arguments for Datagram');
-    }
-    encode(compression = true) {
-        var _a;
-        compression = compression && this.payload != undefined && this.payload.length > 1024;
-        return (0, utils_1.concatUint8Array)(new Uint8Array(1).fill(this.version | (compression ? 64 : 0)), //1
-        Protocols.encode(this.protocol), //1
-        (_a = crypto_1.default.UUID.parse(this.id)) !== null && _a !== void 0 ? _a : [], //16
-        (0, utils_1.numberToUint8Array)(this.createdAt, 8), //8
-        (0, utils_1.decodeBase64)(this.sender), //32
-        (0, utils_1.decodeBase64)(this.receiver), //32
-        ...(this.payload ? [compression ? fflate_1.default.deflateSync(this.payload) : this.payload] : []));
-    }
-    encodeSigned(secretKey, compression) {
-        //if (!this.payload) throw new Error('Cannot sign a datagram without payload');
-        const header = this.encode(compression);
-        header[0] |= 128; // Set the sign bit
-        const signature = crypto_1.default.EdDSA.sign(header, secretKey);
-        return (0, utils_1.concatUint8Array)(header, signature);
-    }
-    toString() {
-        return (0, utils_1.encodeBase64)(this.encode());
-    }
-    toJSON() {
-        /*return JSON.stringify({
-            id: this.id,
-            version: this.version,
-            senderKey: this.senderKey,
-            senderRelay: this.senderRelay,
-            receiverKey: this.receiverKey,
-            receiverRelay: this.receiverRelay,
-            protocol: this.protocol,
-            createdAt: this.createdAt,
-            payload: this.payload ? encodeBase64(this.payload) : undefined
-        });*/
-        return this.toString();
-    }
-}
-DatagramConstructor.headerOffset = 26 + crypto_1.default.EdDSA.publicKeyLength * 2;
 class EncryptedData {
     /**
      * Static factory method that constructs an `EncryptedPayload` from a raw Uint8Array.
@@ -245,13 +268,13 @@ class EncryptedDataConstructor {
             version: this.version,
             count: this.count,
             previous: this.previous,
-            publicKey: (0, utils_1.encodeBase64)(this.publicKey),
-            nonce: (0, utils_1.encodeBase64)(this.nonce),
-            ciphertext: (0, utils_1.encodeBase64)(this.ciphertext)
+            publicKey: (0, utils_1.decodeBase64)(this.publicKey),
+            nonce: (0, utils_1.decodeBase64)(this.nonce),
+            ciphertext: (0, utils_1.decodeBase64)(this.ciphertext)
         };
     }
     toString() {
-        return (0, utils_1.encodeBase64)(this.raw);
+        return (0, utils_1.decodeBase64)(this.raw);
     }
     toJSON() {
         return JSON.stringify(this.decode());

package/x3dh.d.ts

@@ -18,6 +18,7 @@
  */
 import { KeyExchangeData, KeyExchangeDataBundle, KeyExchangeSynMessage, LocalStorage, Crypto } from "@freesignal/interfaces";
 import { KeySession } from "./double-ratchet";
+import { IdentityKeys } from "./types";
 export declare class KeyExchange {
     static readonly version = 1;
     private static readonly hkdfInfo;
@@ -35,9 +36,10 @@ export declare class KeyExchange {
     digestData(message: KeyExchangeData): {
         session: KeySession;
         message: KeyExchangeSynMessage;
+        identityKeys: IdentityKeys;
     };
     digestMessage(message: KeyExchangeSynMessage): Promise<{
         session: KeySession;
-        cleartext: Uint8Array;
+        identityKeys: IdentityKeys;
     }>;
 }

package/x3dh.js

@@ -45,13 +45,13 @@ class KeyExchange {
     generateSPK() {
         const signedPreKey = crypto_1.default.ECDH.keyPair();
         const signedPreKeyHash = crypto_1.default.hash(signedPreKey.publicKey);
-        this.bundleStore.set((0, utils_1.encodeBase64)(signedPreKeyHash), signedPreKey);
+        this.bundleStore.set((0, utils_1.decodeBase64)(signedPreKeyHash), signedPreKey);
         return { signedPreKey, signedPreKeyHash };
     }
     generateOPK(spkHash) {
         const onetimePreKey = crypto_1.default.ECDH.keyPair();
         const onetimePreKeyHash = crypto_1.default.hash(onetimePreKey.publicKey);
-        this.bundleStore.set((0, utils_1.encodeBase64)(spkHash).concat((0, utils_1.encodeBase64)(onetimePreKeyHash)), onetimePreKey);
+        this.bundleStore.set((0, utils_1.decodeBase64)(spkHash).concat((0, utils_1.decodeBase64)(onetimePreKeyHash)), onetimePreKey);
         return { onetimePreKey, onetimePreKeyHash };
     }
     generateBundle(length) {
@@ -59,11 +59,11 @@ class KeyExchange {
         const onetimePreKey = new Array(length !== null && length !== void 0 ? length : KeyExchange.maxOPK).fill(0).map(() => this.generateOPK(signedPreKeyHash).onetimePreKey);
         return {
             version: KeyExchange.version,
-            publicKey: (0, utils_1.encodeBase64)(this._signatureKey.publicKey),
-            identityKey: (0, utils_1.encodeBase64)(this._identityKey.publicKey),
-            signedPreKey: (0, utils_1.encodeBase64)(signedPreKey.publicKey),
-            signature: (0, utils_1.encodeBase64)(crypto_1.default.EdDSA.sign(signedPreKeyHash, this._signatureKey.secretKey)),
-            onetimePreKey: onetimePreKey.map(opk => (0, utils_1.encodeBase64)(opk.publicKey))
+            publicKey: (0, utils_1.decodeBase64)(this._signatureKey.publicKey),
+            identityKey: (0, utils_1.decodeBase64)(this._identityKey.publicKey),
+            signedPreKey: (0, utils_1.decodeBase64)(signedPreKey.publicKey),
+            signature: (0, utils_1.decodeBase64)(crypto_1.default.EdDSA.sign(signedPreKeyHash, this._signatureKey.secretKey)),
+            onetimePreKey: onetimePreKey.map(opk => (0, utils_1.decodeBase64)(opk.publicKey))
         };
     }
     generateData() {
@@ -71,20 +71,20 @@ class KeyExchange {
         const { onetimePreKey } = this.generateOPK(signedPreKeyHash);
         return {
             version: KeyExchange.version,
-            publicKey: (0, utils_1.encodeBase64)(this._signatureKey.publicKey),
-            identityKey: (0, utils_1.encodeBase64)(this._identityKey.publicKey),
-            signedPreKey: (0, utils_1.encodeBase64)(signedPreKey.publicKey),
-            signature: (0, utils_1.encodeBase64)(crypto_1.default.EdDSA.sign(signedPreKeyHash, this._signatureKey.secretKey)),
-            onetimePreKey: (0, utils_1.encodeBase64)(onetimePreKey.publicKey)
+            publicKey: (0, utils_1.decodeBase64)(this._signatureKey.publicKey),
+            identityKey: (0, utils_1.decodeBase64)(this._identityKey.publicKey),
+            signedPreKey: (0, utils_1.decodeBase64)(signedPreKey.publicKey),
+            signature: (0, utils_1.decodeBase64)(crypto_1.default.EdDSA.sign(signedPreKeyHash, this._signatureKey.secretKey)),
+            onetimePreKey: (0, utils_1.decodeBase64)(onetimePreKey.publicKey)
         };
     }
     digestData(message) {
         const ephemeralKey = crypto_1.default.ECDH.keyPair();
-        const signedPreKey = (0, utils_1.decodeBase64)(message.signedPreKey);
-        if (!crypto_1.default.EdDSA.verify(crypto_1.default.hash(signedPreKey), (0, utils_1.decodeBase64)(message.signature), (0, utils_1.decodeBase64)(message.publicKey)))
+        const signedPreKey = (0, utils_1.encodeBase64)(message.signedPreKey);
+        if (!crypto_1.default.EdDSA.verify(crypto_1.default.hash(signedPreKey), (0, utils_1.encodeBase64)(message.signature), (0, utils_1.encodeBase64)(message.publicKey)))
             throw new Error("Signature verification failed");
-        const identityKey = (0, utils_1.decodeBase64)(message.identityKey);
-        const onetimePreKey = message.onetimePreKey ? (0, utils_1.decodeBase64)(message.onetimePreKey) : undefined;
+        const identityKey = (0, utils_1.encodeBase64)(message.identityKey);
+        const onetimePreKey = message.onetimePreKey ? (0, utils_1.encodeBase64)(message.onetimePreKey) : undefined;
         const signedPreKeyHash = crypto_1.default.hash(signedPreKey);
         const onetimePreKeyHash = onetimePreKey ? crypto_1.default.hash(onetimePreKey) : new Uint8Array();
         const rootKey = crypto_1.default.hkdf(new Uint8Array([
@@ -96,18 +96,22 @@ class KeyExchange {
         const session = new double_ratchet_1.KeySession({ remoteKey: identityKey, rootKey });
         const cyphertext = session.encrypt((0, utils_1.concatUint8Array)(crypto_1.default.hash(this._identityKey.publicKey), crypto_1.default.hash(identityKey)));
         if (!cyphertext)
-            throw new Error();
+            throw new Error("Decryption error");
         return {
             session,
             message: {
                 version: KeyExchange.version,
-                publicKey: (0, utils_1.encodeBase64)(this._signatureKey.publicKey),
-                identityKey: (0, utils_1.encodeBase64)(this._identityKey.publicKey),
-                ephemeralKey: (0, utils_1.encodeBase64)(ephemeralKey.publicKey),
-                signedPreKeyHash: (0, utils_1.encodeBase64)(signedPreKeyHash),
-                onetimePreKeyHash: (0, utils_1.encodeBase64)(onetimePreKeyHash),
-                associatedData: (0, utils_1.encodeBase64)(cyphertext.encode())
-            }
+                publicKey: (0, utils_1.decodeBase64)(this._signatureKey.publicKey),
+                identityKey: (0, utils_1.decodeBase64)(this._identityKey.publicKey),
+                ephemeralKey: (0, utils_1.decodeBase64)(ephemeralKey.publicKey),
+                signedPreKeyHash: (0, utils_1.decodeBase64)(signedPreKeyHash),
+                onetimePreKeyHash: (0, utils_1.decodeBase64)(onetimePreKeyHash),
+                associatedData: (0, utils_1.decodeBase64)(cyphertext.encode())
+            },
+            identityKeys: {
+                publicKey: message.publicKey,
+                identityKey: message.identityKey
+            },
         };
     }
     digestMessage(message) {
@@ -119,8 +123,8 @@ class KeyExchange {
                 throw new Error("ACK message malformed");
             if (!this.bundleStore.delete(hash))
                 throw new Error("Bundle store deleting error");
-            const identityKey = (0, utils_1.decodeBase64)(message.identityKey);
-            const ephemeralKey = (0, utils_1.decodeBase64)(message.ephemeralKey);
+            const identityKey = (0, utils_1.encodeBase64)(message.identityKey);
+            const ephemeralKey = (0, utils_1.encodeBase64)(message.ephemeralKey);
             const rootKey = crypto_1.default.hkdf(new Uint8Array([
                 ...crypto_1.default.ECDH.scalarMult(signedPreKey.secretKey, identityKey),
                 ...crypto_1.default.ECDH.scalarMult(this._identityKey.secretKey, ephemeralKey),
@@ -128,18 +132,24 @@ class KeyExchange {
                 ...onetimePreKey ? crypto_1.default.ECDH.scalarMult(onetimePreKey.secretKey, ephemeralKey) : new Uint8Array()
             ]), new Uint8Array(double_ratchet_1.KeySession.rootKeyLength).fill(0), KeyExchange.hkdfInfo, double_ratchet_1.KeySession.rootKeyLength);
             const session = new double_ratchet_1.KeySession({ secretKey: this._identityKey.secretKey, rootKey });
-            const cleartext = session.decrypt((0, utils_1.decodeBase64)(message.associatedData));
+            const cleartext = session.decrypt((0, utils_1.encodeBase64)(message.associatedData));
             if (!cleartext)
                 throw new Error("Error decrypting ACK message");
             if (!(0, utils_1.verifyUint8Array)(cleartext, (0, utils_1.concatUint8Array)(crypto_1.default.hash(identityKey), crypto_1.default.hash(this._identityKey.publicKey))))
                 throw new Error("Error verifing Associated Data");
-            return { session, cleartext };
+            return {
+                session,
+                identityKeys: {
+                    publicKey: message.publicKey,
+                    identityKey: message.identityKey
+                }
+            };
         });
     }
 }
 exports.KeyExchange = KeyExchange;
 KeyExchange.version = 1;
-KeyExchange.hkdfInfo = (0, utils_1.decodeUTF8)("freesignal/x3dh/" + KeyExchange.version);
+KeyExchange.hkdfInfo = (0, utils_1.encodeUTF8)("freesignal/x3dh/" + KeyExchange.version);
 KeyExchange.maxOPK = 10;
 class AsyncMap {
     constructor() {