@freesignal/protocol 0.2.2 → 0.2.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/api.d.ts +6 -3
- package/api.js +59 -20
- package/double-ratchet.d.ts +2 -2
- package/double-ratchet.js +11 -11
- package/index.d.ts +21 -12
- package/index.js +22 -15
- package/package.json +2 -2
- package/test.js +4 -5
- package/types.d.ts +55 -43
- package/types.js +145 -128
- package/x3dh.d.ts +3 -1
- package/x3dh.js +39 -29
package/api.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { Crypto, LocalStorage } from "@freesignal/interfaces";
|
|
1
|
+
import { Crypto, KeyExchangeData, KeyExchangeDataBundle, KeyExchangeSynMessage, LocalStorage } from "@freesignal/interfaces";
|
|
2
2
|
import { KeySession } from "./double-ratchet";
|
|
3
3
|
import { KeyExchange } from "./x3dh";
|
|
4
4
|
import { Datagram, IdentityKeys, EncryptedData, UserId } from "./types";
|
|
@@ -10,6 +10,7 @@ export declare class FreeSignalAPI {
|
|
|
10
10
|
protected readonly sessions: LocalStorage<UserId, KeySession>;
|
|
11
11
|
protected readonly keyExchange: KeyExchange;
|
|
12
12
|
protected readonly users: LocalStorage<UserId, IdentityKeys>;
|
|
13
|
+
readonly userId: UserId;
|
|
13
14
|
constructor(opts: {
|
|
14
15
|
secretSignKey: Uint8Array;
|
|
15
16
|
secretBoxKey: Uint8Array;
|
|
@@ -17,10 +18,13 @@ export declare class FreeSignalAPI {
|
|
|
17
18
|
keyExchange: LocalStorage<string, Crypto.KeyPair>;
|
|
18
19
|
users: LocalStorage<UserId, IdentityKeys>;
|
|
19
20
|
});
|
|
20
|
-
get userId(): Uint8Array;
|
|
21
21
|
get identityKeys(): IdentityKeys;
|
|
22
22
|
encryptData(data: Uint8Array, userId: string): Promise<EncryptedData>;
|
|
23
23
|
decryptData(data: Uint8Array, userId: string): Promise<Uint8Array>;
|
|
24
|
+
getHandshake(url: string, userId?: UserId): Promise<KeyExchangeData>;
|
|
25
|
+
postHandshake(url: string, message: KeyExchangeSynMessage): Promise<boolean>;
|
|
26
|
+
putHandshake(url: string, publicKey: string | Uint8Array, bundle: KeyExchangeDataBundle): Promise<boolean>;
|
|
27
|
+
deleteHandshake(url: string, publicKey: string | Uint8Array): Promise<boolean>;
|
|
24
28
|
getDatagrams(publicKey: string | Uint8Array, url: string): Promise<Datagram[]>;
|
|
25
29
|
postDatagrams(datagrams: Datagram[], publicKey: string | Uint8Array, url: string): Promise<number>;
|
|
26
30
|
deleteDatagrams(datagramIds: DatagramId[], publicKey: string | Uint8Array, url: string): Promise<number>;
|
|
@@ -33,6 +37,5 @@ export declare class FreeSignalAPI {
|
|
|
33
37
|
protected unpackIdList(data: Uint8Array): DatagramId[];
|
|
34
38
|
protected packDatagrams(messages: Datagram[]): Uint8Array;
|
|
35
39
|
protected unpackDatagrams(data: Uint8Array): Datagram[];
|
|
36
|
-
static getUserId(publicKey: string | Uint8Array): string;
|
|
37
40
|
}
|
|
38
41
|
export {};
|
package/api.js
CHANGED
|
@@ -27,14 +27,12 @@ class FreeSignalAPI {
|
|
|
27
27
|
this.sessions = sessions;
|
|
28
28
|
this.keyExchange = new x3dh_1.KeyExchange(secretSignKey, secretBoxKey, keyExchange);
|
|
29
29
|
this.users = users;
|
|
30
|
-
|
|
31
|
-
get userId() {
|
|
32
|
-
return crypto_1.default.hash(this.signKey.publicKey);
|
|
30
|
+
this.userId = types_1.UserId.getUserId(this.signKey.publicKey).toString();
|
|
33
31
|
}
|
|
34
32
|
get identityKeys() {
|
|
35
33
|
return {
|
|
36
|
-
publicKey: (0, utils_1.
|
|
37
|
-
identityKey: (0, utils_1.
|
|
34
|
+
publicKey: (0, utils_1.decodeBase64)(this.signKey.publicKey),
|
|
35
|
+
identityKey: (0, utils_1.decodeBase64)(this.boxKey.publicKey)
|
|
38
36
|
};
|
|
39
37
|
}
|
|
40
38
|
encryptData(data, userId) {
|
|
@@ -59,58 +57,102 @@ class FreeSignalAPI {
|
|
|
59
57
|
return decrypted;
|
|
60
58
|
});
|
|
61
59
|
}
|
|
60
|
+
getHandshake(url, userId) {
|
|
61
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
62
|
+
const res = yield fetch(`${url}/${userId !== null && userId !== void 0 ? userId : ''}`, {
|
|
63
|
+
method: 'GET'
|
|
64
|
+
});
|
|
65
|
+
return (0, utils_1.decodeJSON)(new Uint8Array(yield res.arrayBuffer()));
|
|
66
|
+
});
|
|
67
|
+
}
|
|
68
|
+
postHandshake(url, message) {
|
|
69
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
70
|
+
const res = yield fetch(url, {
|
|
71
|
+
method: 'POST',
|
|
72
|
+
headers: {
|
|
73
|
+
'Content-Type': exports.FREESIGNAL_MIME
|
|
74
|
+
},
|
|
75
|
+
body: (0, utils_1.encodeJSON)(message)
|
|
76
|
+
});
|
|
77
|
+
return res.status === 200;
|
|
78
|
+
});
|
|
79
|
+
}
|
|
80
|
+
putHandshake(url, publicKey, bundle) {
|
|
81
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
82
|
+
const res = yield fetch(url, {
|
|
83
|
+
method: 'PUT',
|
|
84
|
+
headers: {
|
|
85
|
+
'Content-Type': exports.FREESIGNAL_MIME,
|
|
86
|
+
authorization: this.createToken(publicKey instanceof Uint8Array ? publicKey : (0, utils_1.encodeBase64)(publicKey))
|
|
87
|
+
},
|
|
88
|
+
body: (0, utils_1.encodeJSON)(bundle)
|
|
89
|
+
});
|
|
90
|
+
return res.status === 201;
|
|
91
|
+
});
|
|
92
|
+
}
|
|
93
|
+
deleteHandshake(url, publicKey) {
|
|
94
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
95
|
+
const res = yield fetch(url, {
|
|
96
|
+
method: 'DELETE',
|
|
97
|
+
headers: {
|
|
98
|
+
authorization: this.createToken(publicKey instanceof Uint8Array ? publicKey : (0, utils_1.encodeBase64)(publicKey))
|
|
99
|
+
}
|
|
100
|
+
});
|
|
101
|
+
return res.status === 200;
|
|
102
|
+
});
|
|
103
|
+
}
|
|
62
104
|
getDatagrams(publicKey, url) {
|
|
63
105
|
return __awaiter(this, void 0, void 0, function* () {
|
|
64
106
|
const res = yield fetch(url, {
|
|
65
107
|
method: 'GET',
|
|
66
108
|
headers: {
|
|
67
|
-
authorization: this.createToken(publicKey instanceof Uint8Array ? publicKey : (0, utils_1.
|
|
109
|
+
authorization: this.createToken(publicKey instanceof Uint8Array ? publicKey : (0, utils_1.encodeBase64)(publicKey))
|
|
68
110
|
}
|
|
69
111
|
});
|
|
70
|
-
return this.unpackDatagrams(yield this.decryptData(new Uint8Array(yield res.arrayBuffer()),
|
|
112
|
+
return this.unpackDatagrams(yield this.decryptData(new Uint8Array(yield res.arrayBuffer()), types_1.UserId.getUserId(publicKey).toString()));
|
|
71
113
|
});
|
|
72
114
|
}
|
|
73
115
|
postDatagrams(datagrams, publicKey, url) {
|
|
74
116
|
return __awaiter(this, void 0, void 0, function* () {
|
|
75
|
-
const data = yield this.encryptData(this.packDatagrams(datagrams),
|
|
117
|
+
const data = yield this.encryptData(this.packDatagrams(datagrams), types_1.UserId.getUserId(publicKey).toString());
|
|
76
118
|
const res = yield fetch(url, {
|
|
77
119
|
method: 'POST',
|
|
78
120
|
headers: {
|
|
79
121
|
'Content-Type': exports.FREESIGNAL_MIME,
|
|
80
|
-
authorization: this.createToken(publicKey instanceof Uint8Array ? publicKey : (0, utils_1.
|
|
122
|
+
authorization: this.createToken(publicKey instanceof Uint8Array ? publicKey : (0, utils_1.encodeBase64)(publicKey))
|
|
81
123
|
},
|
|
82
124
|
body: data.encode()
|
|
83
125
|
});
|
|
84
|
-
return (0, utils_1.numberFromUint8Array)(yield this.decryptData(new Uint8Array(yield res.arrayBuffer()),
|
|
126
|
+
return (0, utils_1.numberFromUint8Array)(yield this.decryptData(new Uint8Array(yield res.arrayBuffer()), types_1.UserId.getUserId(publicKey).toString()));
|
|
85
127
|
});
|
|
86
128
|
}
|
|
87
129
|
deleteDatagrams(datagramIds, publicKey, url) {
|
|
88
130
|
return __awaiter(this, void 0, void 0, function* () {
|
|
89
|
-
const data = yield this.encryptData(this.packIdList(datagramIds),
|
|
131
|
+
const data = yield this.encryptData(this.packIdList(datagramIds), types_1.UserId.getUserId(publicKey).toString());
|
|
90
132
|
const res = yield fetch(url, {
|
|
91
133
|
method: 'DELETE',
|
|
92
134
|
headers: {
|
|
93
135
|
'Content-Type': exports.FREESIGNAL_MIME,
|
|
94
|
-
authorization: this.createToken(publicKey instanceof Uint8Array ? publicKey : (0, utils_1.
|
|
136
|
+
authorization: this.createToken(publicKey instanceof Uint8Array ? publicKey : (0, utils_1.encodeBase64)(publicKey))
|
|
95
137
|
},
|
|
96
138
|
body: data.encode()
|
|
97
139
|
});
|
|
98
|
-
return (0, utils_1.numberFromUint8Array)(yield this.decryptData(new Uint8Array(yield res.arrayBuffer()),
|
|
140
|
+
return (0, utils_1.numberFromUint8Array)(yield this.decryptData(new Uint8Array(yield res.arrayBuffer()), types_1.UserId.getUserId(publicKey).toString()));
|
|
99
141
|
});
|
|
100
142
|
}
|
|
101
143
|
createToken(publicKey) {
|
|
102
|
-
const
|
|
103
|
-
return `Bearer ${
|
|
144
|
+
const signature = crypto_1.default.EdDSA.sign(crypto_1.default.hash(crypto_1.default.ECDH.scalarMult(publicKey, this.boxKey.secretKey)), this.signKey.secretKey);
|
|
145
|
+
return `Bearer ${this.userId}:${(0, utils_1.decodeBase64)(signature)}`;
|
|
104
146
|
}
|
|
105
147
|
;
|
|
106
148
|
digestToken(auth) {
|
|
107
149
|
return __awaiter(this, void 0, void 0, function* () {
|
|
108
150
|
if (auth && auth.startsWith("Bearer ")) {
|
|
109
|
-
const [userId,
|
|
151
|
+
const [userId, signature] = auth.substring(7).split(":");
|
|
110
152
|
const identityKeys = yield this.users.get(userId);
|
|
111
153
|
if (!identityKeys)
|
|
112
154
|
throw new Error('User not found or invalid auth token');
|
|
113
|
-
if (
|
|
155
|
+
if (crypto_1.default.EdDSA.verify(crypto_1.default.hash(crypto_1.default.ECDH.scalarMult((0, utils_1.encodeBase64)(identityKeys.identityKey), this.boxKey.secretKey)), (0, utils_1.encodeBase64)(signature), (0, utils_1.encodeBase64)(identityKeys.publicKey)))
|
|
114
156
|
return { identityKeys, userId: auth };
|
|
115
157
|
else
|
|
116
158
|
throw new Error('Authorization token not valid');
|
|
@@ -160,8 +202,5 @@ class FreeSignalAPI {
|
|
|
160
202
|
}
|
|
161
203
|
return messages;
|
|
162
204
|
}
|
|
163
|
-
static getUserId(publicKey) {
|
|
164
|
-
return (0, utils_1.encodeBase64)(crypto_1.default.hash(publicKey instanceof Uint8Array ? publicKey : (0, utils_1.decodeBase64)(publicKey)));
|
|
165
|
-
}
|
|
166
205
|
}
|
|
167
206
|
exports.FreeSignalAPI = FreeSignalAPI;
|
package/double-ratchet.d.ts
CHANGED
|
@@ -83,14 +83,14 @@ export declare class KeySession {
|
|
|
83
83
|
/**
|
|
84
84
|
* Export the state of the session;
|
|
85
85
|
*/
|
|
86
|
-
|
|
86
|
+
toJSON(): ExportedKeySession;
|
|
87
87
|
/**
|
|
88
88
|
* Import a state.
|
|
89
89
|
*
|
|
90
90
|
* @param json string returned by `export()` method.
|
|
91
91
|
* @returns session with the state parsed.
|
|
92
92
|
*/
|
|
93
|
-
static
|
|
93
|
+
static parse(json: string): KeySession;
|
|
94
94
|
/**
|
|
95
95
|
* The fixed key length (in bytes) used throughout the Double Ratchet session.
|
|
96
96
|
* Typically 32 bytes (256 bits) for symmetric keys.
|
package/double-ratchet.js
CHANGED
|
@@ -141,13 +141,13 @@ class KeySession {
|
|
|
141
141
|
/**
|
|
142
142
|
* Export the state of the session;
|
|
143
143
|
*/
|
|
144
|
-
|
|
144
|
+
toJSON() {
|
|
145
145
|
return {
|
|
146
|
-
secretKey: (0, utils_1.
|
|
147
|
-
remoteKey: (0, utils_1.
|
|
148
|
-
rootKey: (0, utils_1.
|
|
149
|
-
sendingChain: (0, utils_1.
|
|
150
|
-
receivingChain: (0, utils_1.
|
|
146
|
+
secretKey: (0, utils_1.decodeBase64)((0, utils_1.concatUint8Array)(this.keyPair.secretKey)),
|
|
147
|
+
remoteKey: (0, utils_1.decodeBase64)(this._remoteKey),
|
|
148
|
+
rootKey: (0, utils_1.decodeBase64)(this.rootKey),
|
|
149
|
+
sendingChain: (0, utils_1.decodeBase64)(this.sendingChain),
|
|
150
|
+
receivingChain: (0, utils_1.decodeBase64)(this.receivingChain),
|
|
151
151
|
sendingCount: this.sendingCount,
|
|
152
152
|
receivingCount: this.receivingCount,
|
|
153
153
|
previousCount: this.previousCount,
|
|
@@ -160,12 +160,12 @@ class KeySession {
|
|
|
160
160
|
* @param json string returned by `export()` method.
|
|
161
161
|
* @returns session with the state parsed.
|
|
162
162
|
*/
|
|
163
|
-
static
|
|
163
|
+
static parse(json) {
|
|
164
164
|
const data = JSON.parse(json);
|
|
165
|
-
const session = new KeySession({ secretKey: (0, utils_1.
|
|
166
|
-
session._remoteKey = (0, utils_1.
|
|
167
|
-
session.sendingChain = (0, utils_1.
|
|
168
|
-
session.receivingChain = (0, utils_1.
|
|
165
|
+
const session = new KeySession({ secretKey: (0, utils_1.encodeBase64)(data.secretKey), rootKey: (0, utils_1.encodeBase64)(data.rootKey) });
|
|
166
|
+
session._remoteKey = (0, utils_1.encodeBase64)(data.remoteKey);
|
|
167
|
+
session.sendingChain = (0, utils_1.encodeBase64)(data.sendingChain);
|
|
168
|
+
session.receivingChain = (0, utils_1.encodeBase64)(data.receivingChain);
|
|
169
169
|
session.sendingCount = data.sendingCount;
|
|
170
170
|
session.receivingCount = data.receivingCount;
|
|
171
171
|
session.previousCount = data.previousCount;
|
package/index.d.ts
CHANGED
|
@@ -21,12 +21,13 @@ import { LocalStorage, Crypto } from "@freesignal/interfaces";
|
|
|
21
21
|
import { KeySession } from "./double-ratchet";
|
|
22
22
|
import { KeyExchange } from "./x3dh";
|
|
23
23
|
/**
|
|
24
|
-
* Creates a new Double Ratchet session.
|
|
24
|
+
* Creates a new Double Ratchet session for secure message exchange.
|
|
25
25
|
*
|
|
26
|
-
* @param opts
|
|
27
|
-
* @param opts.
|
|
28
|
-
*
|
|
29
|
-
* @
|
|
26
|
+
* @param opts - Optional parameters for session initialization.
|
|
27
|
+
* @param opts.secretKey - The local party's secret key as a Uint8Array.
|
|
28
|
+
* @param opts.remoteKey - The remote party's public key as a Uint8Array.
|
|
29
|
+
* @param opts.rootKey - An optional root key to initialize the session.
|
|
30
|
+
* @returns A new instance of {@link KeySession}.
|
|
30
31
|
*/
|
|
31
32
|
export declare function createKeySession(opts?: {
|
|
32
33
|
secretKey?: Uint8Array;
|
|
@@ -34,15 +35,23 @@ export declare function createKeySession(opts?: {
|
|
|
34
35
|
rootKey?: Uint8Array;
|
|
35
36
|
}): KeySession;
|
|
36
37
|
/**
|
|
37
|
-
* Creates a new X3DH session.
|
|
38
|
+
* Creates a new X3DH (Extended Triple Diffie-Hellman) key exchange session.
|
|
38
39
|
*
|
|
39
|
-
* @param
|
|
40
|
-
* @param
|
|
41
|
-
* @
|
|
40
|
+
* @param signSecretKey - The EdDSA signing secret key as a Uint8Array.
|
|
41
|
+
* @param boxSecretKey - The ECDH box secret key as a Uint8Array.
|
|
42
|
+
* @param bundleStore - Optional local storage for key bundles.
|
|
43
|
+
* @returns A new instance of {@link KeyExchange}.
|
|
42
44
|
*/
|
|
43
45
|
export declare function createKeyExchange(signSecretKey: Uint8Array, boxSecretKey: Uint8Array, bundleStore?: LocalStorage<string, crypto.KeyPair>): KeyExchange;
|
|
46
|
+
/**
|
|
47
|
+
* Generates identity key pairs for signing and encryption.
|
|
48
|
+
*
|
|
49
|
+
* @param signSecretKey - Optional secret key for EdDSA signing.
|
|
50
|
+
* @param boxSecretKey - Optional secret key for ECDH encryption.
|
|
51
|
+
* @returns An object containing readonly signing and box key pairs.
|
|
52
|
+
*/
|
|
44
53
|
export declare function createIdentityKeys(signSecretKey?: Uint8Array, boxSecretKey?: Uint8Array): {
|
|
45
|
-
sign: Crypto.KeyPair;
|
|
46
|
-
box: Crypto.KeyPair;
|
|
54
|
+
readonly sign: Crypto.KeyPair;
|
|
55
|
+
readonly box: Crypto.KeyPair;
|
|
47
56
|
};
|
|
48
|
-
export { IdentityKeys, Protocols,
|
|
57
|
+
export { UserId, IdentityKeys, Protocols, Datagram, EncryptedData } from "./types";
|
package/index.js
CHANGED
|
@@ -21,7 +21,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
21
21
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
22
22
|
};
|
|
23
23
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
24
|
-
exports.
|
|
24
|
+
exports.EncryptedData = exports.Datagram = exports.Protocols = exports.IdentityKeys = exports.UserId = void 0;
|
|
25
25
|
exports.createKeySession = createKeySession;
|
|
26
26
|
exports.createKeyExchange = createKeyExchange;
|
|
27
27
|
exports.createIdentityKeys = createIdentityKeys;
|
|
@@ -29,31 +29,37 @@ const crypto_1 = __importDefault(require("@freesignal/crypto"));
|
|
|
29
29
|
const double_ratchet_1 = require("./double-ratchet");
|
|
30
30
|
const x3dh_1 = require("./x3dh");
|
|
31
31
|
/**
|
|
32
|
-
* Creates a new Double Ratchet session.
|
|
32
|
+
* Creates a new Double Ratchet session for secure message exchange.
|
|
33
33
|
*
|
|
34
|
-
* @param opts
|
|
35
|
-
* @param opts.
|
|
36
|
-
*
|
|
37
|
-
* @
|
|
34
|
+
* @param opts - Optional parameters for session initialization.
|
|
35
|
+
* @param opts.secretKey - The local party's secret key as a Uint8Array.
|
|
36
|
+
* @param opts.remoteKey - The remote party's public key as a Uint8Array.
|
|
37
|
+
* @param opts.rootKey - An optional root key to initialize the session.
|
|
38
|
+
* @returns A new instance of {@link KeySession}.
|
|
38
39
|
*/
|
|
39
40
|
function createKeySession(opts) {
|
|
40
41
|
return new double_ratchet_1.KeySession(opts);
|
|
41
42
|
}
|
|
42
43
|
/**
|
|
43
|
-
* Creates a new X3DH session.
|
|
44
|
+
* Creates a new X3DH (Extended Triple Diffie-Hellman) key exchange session.
|
|
44
45
|
*
|
|
45
|
-
* @param
|
|
46
|
-
* @param
|
|
47
|
-
* @
|
|
46
|
+
* @param signSecretKey - The EdDSA signing secret key as a Uint8Array.
|
|
47
|
+
* @param boxSecretKey - The ECDH box secret key as a Uint8Array.
|
|
48
|
+
* @param bundleStore - Optional local storage for key bundles.
|
|
49
|
+
* @returns A new instance of {@link KeyExchange}.
|
|
48
50
|
*/
|
|
49
51
|
function createKeyExchange(signSecretKey, boxSecretKey, bundleStore) {
|
|
50
52
|
return new x3dh_1.KeyExchange(signSecretKey, boxSecretKey, bundleStore);
|
|
51
53
|
}
|
|
54
|
+
/**
|
|
55
|
+
* Generates identity key pairs for signing and encryption.
|
|
56
|
+
*
|
|
57
|
+
* @param signSecretKey - Optional secret key for EdDSA signing.
|
|
58
|
+
* @param boxSecretKey - Optional secret key for ECDH encryption.
|
|
59
|
+
* @returns An object containing readonly signing and box key pairs.
|
|
60
|
+
*/
|
|
52
61
|
function createIdentityKeys(signSecretKey, boxSecretKey) {
|
|
53
|
-
return {
|
|
54
|
-
sign: crypto_1.default.EdDSA.keyPair(signSecretKey),
|
|
55
|
-
box: crypto_1.default.ECDH.keyPair(boxSecretKey)
|
|
56
|
-
};
|
|
62
|
+
return { sign: crypto_1.default.EdDSA.keyPair(signSecretKey), box: crypto_1.default.ECDH.keyPair(boxSecretKey) };
|
|
57
63
|
}
|
|
58
64
|
/*export function createAPI(opts: {
|
|
59
65
|
secretSignKey: Uint8Array;
|
|
@@ -65,7 +71,8 @@ function createIdentityKeys(signSecretKey, boxSecretKey) {
|
|
|
65
71
|
return new FreeSignalAPI(opts);
|
|
66
72
|
}*/
|
|
67
73
|
var types_1 = require("./types");
|
|
74
|
+
Object.defineProperty(exports, "UserId", { enumerable: true, get: function () { return types_1.UserId; } });
|
|
68
75
|
Object.defineProperty(exports, "IdentityKeys", { enumerable: true, get: function () { return types_1.IdentityKeys; } });
|
|
69
76
|
Object.defineProperty(exports, "Protocols", { enumerable: true, get: function () { return types_1.Protocols; } });
|
|
70
|
-
Object.defineProperty(exports, "EncryptedData", { enumerable: true, get: function () { return types_1.EncryptedData; } });
|
|
71
77
|
Object.defineProperty(exports, "Datagram", { enumerable: true, get: function () { return types_1.Datagram; } });
|
|
78
|
+
Object.defineProperty(exports, "EncryptedData", { enumerable: true, get: function () { return types_1.EncryptedData; } });
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@freesignal/protocol",
|
|
3
|
-
"version": "0.2.
|
|
3
|
+
"version": "0.2.5",
|
|
4
4
|
"description": "Signal Protocol implementation in javascript",
|
|
5
5
|
"license": "GPL-3.0-or-later",
|
|
6
6
|
"author": "Christian Braghette",
|
|
@@ -13,7 +13,7 @@
|
|
|
13
13
|
"dependencies": {
|
|
14
14
|
"@freesignal/crypto": "^0.3.0",
|
|
15
15
|
"@freesignal/interfaces": "^0.1.1",
|
|
16
|
-
"@freesignal/utils": "^1.0
|
|
16
|
+
"@freesignal/utils": "^1.1.0",
|
|
17
17
|
"base64-js": "^1.5.1",
|
|
18
18
|
"fflate": "^0.8.2",
|
|
19
19
|
"js-sha3": "^0.9.3",
|
package/test.js
CHANGED
|
@@ -10,21 +10,20 @@ const bob = (0, _1.createKeyExchange)(crypto_1.default.EdDSA.keyPair().secretKey
|
|
|
10
10
|
const alice = (0, _1.createKeyExchange)(crypto_1.default.EdDSA.keyPair().secretKey, crypto_1.default.ECDH.keyPair().secretKey);
|
|
11
11
|
const bobmessage = bob.generateData();
|
|
12
12
|
const { session: alicesession, message: aliceack } = alice.digestData(bobmessage);
|
|
13
|
-
bob.digestMessage(aliceack).then(({ session: bobsession,
|
|
13
|
+
bob.digestMessage(aliceack).then(({ session: bobsession, identityKeys }) => {
|
|
14
14
|
var _a;
|
|
15
|
-
if (bobsession &&
|
|
15
|
+
if (bobsession && identityKeys) {
|
|
16
16
|
console.log("Session established successfully between Alice and Bob.");
|
|
17
|
-
const datagram = _1.Datagram.create(bob.signatureKey, alice.signatureKey, _1.Protocols.MESSAGE, (_a = bobsession.encrypt((0, utils_1.
|
|
17
|
+
const datagram = _1.Datagram.create(bob.signatureKey, alice.signatureKey, _1.Protocols.MESSAGE, (_a = bobsession.encrypt((0, utils_1.encodeUTF8)("Hi Alice!"))) === null || _a === void 0 ? void 0 : _a.encode());
|
|
18
18
|
//console.log(datagram.payload);
|
|
19
19
|
const msg = datagram.encode();
|
|
20
|
-
console.log((0, utils_1.
|
|
20
|
+
console.log((0, utils_1.decodeUTF8)(alicesession.decrypt(_1.Datagram.from(msg).payload)));
|
|
21
21
|
if (alicesession.handshaked && bobsession.handshaked)
|
|
22
22
|
console.log("Successfully handshaked");
|
|
23
23
|
else
|
|
24
24
|
console.log("Error during handshake");
|
|
25
25
|
const longmsg = _1.Datagram.create(alice.signatureKey, bob.signatureKey, _1.Protocols.MESSAGE, alicesession.encrypt(new Uint8Array(1000000).fill(33).map(val => val + Math.floor(Math.random() * 93))));
|
|
26
26
|
console.log(longmsg.encode().length);
|
|
27
|
-
console.log(longmsg.encode(false).length);
|
|
28
27
|
}
|
|
29
28
|
else
|
|
30
29
|
console.log("Error");
|
package/types.d.ts
CHANGED
|
@@ -18,28 +18,41 @@
|
|
|
18
18
|
*/
|
|
19
19
|
import { Encodable } from "@freesignal/interfaces";
|
|
20
20
|
export type UserId = string;
|
|
21
|
+
export declare namespace UserId {
|
|
22
|
+
class UserIdConstructor {
|
|
23
|
+
private readonly array;
|
|
24
|
+
constructor(array: Uint8Array);
|
|
25
|
+
toString(): string;
|
|
26
|
+
toJSON(): string;
|
|
27
|
+
toUint8Array(): Uint8Array;
|
|
28
|
+
}
|
|
29
|
+
export function getUserId(publicKey: string | Uint8Array): UserIdConstructor;
|
|
30
|
+
export function from(userId: string | Uint8Array): UserIdConstructor;
|
|
31
|
+
export {};
|
|
32
|
+
}
|
|
21
33
|
export interface IdentityKeys {
|
|
22
34
|
readonly publicKey: string;
|
|
23
35
|
readonly identityKey: string;
|
|
24
36
|
}
|
|
25
37
|
export declare namespace IdentityKeys {
|
|
26
|
-
const keyLength: number;
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
38
|
+
export const keyLength: number;
|
|
39
|
+
class IdentityKeysConstructor implements IdentityKeys, Encodable {
|
|
40
|
+
readonly publicKey: string;
|
|
41
|
+
readonly identityKey: string;
|
|
42
|
+
constructor(identityKeys: IdentityKeys | Uint8Array | string);
|
|
43
|
+
encode(): Uint8Array;
|
|
44
|
+
toString(): string;
|
|
45
|
+
toJSON(): string;
|
|
46
|
+
}
|
|
47
|
+
export function isIdentityKeys(obj: any): boolean;
|
|
48
|
+
export function from(identityKeys: IdentityKeys): IdentityKeysConstructor;
|
|
49
|
+
export {};
|
|
37
50
|
}
|
|
38
51
|
export declare enum Protocols {
|
|
39
52
|
NULL = "",
|
|
40
|
-
MESSAGE = "/freesignal/message
|
|
41
|
-
RELAY = "/freesignal/relay
|
|
42
|
-
HANDSHAKE = "/freesignal/handshake
|
|
53
|
+
MESSAGE = "/freesignal/message",
|
|
54
|
+
RELAY = "/freesignal/relay",
|
|
55
|
+
HANDSHAKE = "/freesignal/handshake"
|
|
43
56
|
}
|
|
44
57
|
export declare namespace Protocols {
|
|
45
58
|
function isProtocol(protocol: any): boolean;
|
|
@@ -56,28 +69,36 @@ export interface Datagram {
|
|
|
56
69
|
readonly protocol: Protocols;
|
|
57
70
|
readonly createdAt: number;
|
|
58
71
|
payload?: Uint8Array;
|
|
72
|
+
readonly signature?: string;
|
|
59
73
|
}
|
|
60
74
|
export declare namespace Datagram {
|
|
61
|
-
const version = 1;
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
75
|
+
export const version = 1;
|
|
76
|
+
class DatagramConstructor implements Encodable, Datagram {
|
|
77
|
+
readonly id: string;
|
|
78
|
+
readonly version: number;
|
|
79
|
+
readonly sender: UserId;
|
|
80
|
+
readonly receiver: UserId;
|
|
81
|
+
readonly protocol: Protocols;
|
|
82
|
+
readonly createdAt: number;
|
|
83
|
+
_payload?: Uint8Array;
|
|
84
|
+
_signature?: Uint8Array;
|
|
85
|
+
private secretKey?;
|
|
86
|
+
private static headerOffset;
|
|
87
|
+
constructor(sender: Uint8Array | string, receiver: Uint8Array | string, protocol: Protocols, payload?: Uint8Array | Encodable);
|
|
88
|
+
constructor(data: Uint8Array | Datagram);
|
|
89
|
+
get signed(): boolean;
|
|
90
|
+
get signature(): string | undefined;
|
|
91
|
+
set payload(data: Uint8Array);
|
|
92
|
+
get payload(): Uint8Array | undefined;
|
|
93
|
+
encode(): Uint8Array;
|
|
94
|
+
sign(secretKey: Uint8Array): this;
|
|
95
|
+
toString(): string;
|
|
96
|
+
toJSON(): string;
|
|
97
|
+
}
|
|
98
|
+
export function create(sender: Uint8Array | string, receiver: Uint8Array | string, protocol: Protocols, payload?: Uint8Array | Encodable): DatagramConstructor;
|
|
99
|
+
export function isDatagram(obj: any): boolean;
|
|
100
|
+
export function from(data: Uint8Array | Datagram | string): DatagramConstructor;
|
|
101
|
+
export {};
|
|
81
102
|
}
|
|
82
103
|
/**
|
|
83
104
|
* Interface representing an encrypted payload.
|
|
@@ -152,15 +173,6 @@ export declare class EncryptedDataConstructor implements EncryptedData {
|
|
|
152
173
|
get nonce(): Uint8Array;
|
|
153
174
|
get ciphertext(): Uint8Array;
|
|
154
175
|
encode(): Uint8Array;
|
|
155
|
-
decode(): {
|
|
156
|
-
version: number;
|
|
157
|
-
count: number;
|
|
158
|
-
previous: number;
|
|
159
|
-
publicKey: string;
|
|
160
|
-
nonce: string;
|
|
161
|
-
ciphertext: string;
|
|
162
|
-
};
|
|
163
176
|
toString(): string;
|
|
164
177
|
toJSON(): string;
|
|
165
178
|
}
|
|
166
|
-
export {};
|
package/types.js
CHANGED
|
@@ -21,14 +21,62 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
21
21
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
22
22
|
};
|
|
23
23
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
24
|
-
exports.EncryptedDataConstructor = exports.EncryptedData = exports.Datagram = exports.Protocols = exports.IdentityKeys = void 0;
|
|
24
|
+
exports.EncryptedDataConstructor = exports.EncryptedData = exports.Datagram = exports.Protocols = exports.IdentityKeys = exports.UserId = void 0;
|
|
25
25
|
const utils_1 = require("@freesignal/utils");
|
|
26
26
|
const crypto_1 = __importDefault(require("@freesignal/crypto"));
|
|
27
|
-
const fflate_1 = __importDefault(require("fflate"));
|
|
28
27
|
const double_ratchet_1 = require("./double-ratchet");
|
|
28
|
+
var UserId;
|
|
29
|
+
(function (UserId) {
|
|
30
|
+
class UserIdConstructor {
|
|
31
|
+
constructor(array) {
|
|
32
|
+
this.array = array;
|
|
33
|
+
}
|
|
34
|
+
;
|
|
35
|
+
toString() {
|
|
36
|
+
return (0, utils_1.decodeBase64)(this.array);
|
|
37
|
+
}
|
|
38
|
+
toJSON() {
|
|
39
|
+
return JSON.stringify(this.toString());
|
|
40
|
+
}
|
|
41
|
+
toUint8Array() {
|
|
42
|
+
return this.array;
|
|
43
|
+
}
|
|
44
|
+
}
|
|
45
|
+
function getUserId(publicKey) {
|
|
46
|
+
return new UserIdConstructor(crypto_1.default.hash(publicKey instanceof Uint8Array ? publicKey : (0, utils_1.encodeBase64)(publicKey)));
|
|
47
|
+
}
|
|
48
|
+
UserId.getUserId = getUserId;
|
|
49
|
+
function from(userId) {
|
|
50
|
+
return new UserIdConstructor(userId instanceof Uint8Array ? userId : (0, utils_1.encodeBase64)(userId));
|
|
51
|
+
}
|
|
52
|
+
UserId.from = from;
|
|
53
|
+
})(UserId || (exports.UserId = UserId = {}));
|
|
29
54
|
var IdentityKeys;
|
|
30
55
|
(function (IdentityKeys) {
|
|
31
56
|
IdentityKeys.keyLength = crypto_1.default.ECDH.publicKeyLength;
|
|
57
|
+
class IdentityKeysConstructor {
|
|
58
|
+
constructor(identityKeys) {
|
|
59
|
+
if (typeof identityKeys === 'string')
|
|
60
|
+
identityKeys = (0, utils_1.encodeBase64)(identityKeys);
|
|
61
|
+
if (identityKeys instanceof Uint8Array) {
|
|
62
|
+
this.publicKey = (0, utils_1.decodeBase64)(identityKeys.subarray(0, IdentityKeys.keyLength));
|
|
63
|
+
this.identityKey = (0, utils_1.decodeBase64)(identityKeys.subarray(IdentityKeys.keyLength));
|
|
64
|
+
}
|
|
65
|
+
else {
|
|
66
|
+
this.publicKey = identityKeys.publicKey;
|
|
67
|
+
this.identityKey = identityKeys.identityKey;
|
|
68
|
+
}
|
|
69
|
+
}
|
|
70
|
+
encode() {
|
|
71
|
+
return (0, utils_1.concatUint8Array)((0, utils_1.encodeBase64)(this.publicKey), (0, utils_1.encodeBase64)(this.identityKey));
|
|
72
|
+
}
|
|
73
|
+
toString() {
|
|
74
|
+
throw (0, utils_1.decodeBase64)(this.encode());
|
|
75
|
+
}
|
|
76
|
+
toJSON() {
|
|
77
|
+
throw JSON.stringify(this.toString());
|
|
78
|
+
}
|
|
79
|
+
}
|
|
32
80
|
function isIdentityKeys(obj) {
|
|
33
81
|
return (typeof obj === 'object' && obj.publicKey && obj.identityKey);
|
|
34
82
|
}
|
|
@@ -38,35 +86,12 @@ var IdentityKeys;
|
|
|
38
86
|
}
|
|
39
87
|
IdentityKeys.from = from;
|
|
40
88
|
})(IdentityKeys || (exports.IdentityKeys = IdentityKeys = {}));
|
|
41
|
-
class IdentityKeysConstructor {
|
|
42
|
-
constructor(identityKeys) {
|
|
43
|
-
if (typeof identityKeys === 'string')
|
|
44
|
-
identityKeys = (0, utils_1.decodeBase64)(identityKeys);
|
|
45
|
-
if (identityKeys instanceof Uint8Array) {
|
|
46
|
-
this.publicKey = (0, utils_1.encodeBase64)(identityKeys.subarray(0, IdentityKeys.keyLength));
|
|
47
|
-
this.identityKey = (0, utils_1.encodeBase64)(identityKeys.subarray(IdentityKeys.keyLength));
|
|
48
|
-
}
|
|
49
|
-
else {
|
|
50
|
-
this.publicKey = identityKeys.publicKey;
|
|
51
|
-
this.identityKey = identityKeys.identityKey;
|
|
52
|
-
}
|
|
53
|
-
}
|
|
54
|
-
encode() {
|
|
55
|
-
return (0, utils_1.concatUint8Array)((0, utils_1.decodeBase64)(this.publicKey), (0, utils_1.decodeBase64)(this.identityKey));
|
|
56
|
-
}
|
|
57
|
-
toString() {
|
|
58
|
-
throw (0, utils_1.encodeBase64)(this.encode());
|
|
59
|
-
}
|
|
60
|
-
toJSON() {
|
|
61
|
-
throw this.toString();
|
|
62
|
-
}
|
|
63
|
-
}
|
|
64
89
|
var Protocols;
|
|
65
90
|
(function (Protocols) {
|
|
66
91
|
Protocols["NULL"] = "";
|
|
67
|
-
Protocols["MESSAGE"] = "/freesignal/message
|
|
68
|
-
Protocols["RELAY"] = "/freesignal/relay
|
|
69
|
-
Protocols["HANDSHAKE"] = "/freesignal/handshake
|
|
92
|
+
Protocols["MESSAGE"] = "/freesignal/message";
|
|
93
|
+
Protocols["RELAY"] = "/freesignal/relay";
|
|
94
|
+
Protocols["HANDSHAKE"] = "/freesignal/handshake";
|
|
70
95
|
})(Protocols || (exports.Protocols = Protocols = {}));
|
|
71
96
|
(function (Protocols) {
|
|
72
97
|
function isProtocol(protocol) {
|
|
@@ -82,15 +107,10 @@ var Protocols;
|
|
|
82
107
|
}
|
|
83
108
|
Protocols.toCode = toCode;
|
|
84
109
|
function encode(protocol, length) {
|
|
85
|
-
/*const raw = numberToUint8Array(Protocols.toCode(protocol), length).reverse();
|
|
86
|
-
raw[0] |= (raw.length - 1) << 6;
|
|
87
|
-
return raw;*/
|
|
88
110
|
return (0, utils_1.numberToUint8Array)(Protocols.toCode(protocol), length);
|
|
89
111
|
}
|
|
90
112
|
Protocols.encode = encode;
|
|
91
113
|
function decode(array) {
|
|
92
|
-
//array[0] &= 63;
|
|
93
|
-
//array = array.reverse();
|
|
94
114
|
return Protocols.fromCode((0, utils_1.numberFromUint8Array)(array));
|
|
95
115
|
}
|
|
96
116
|
Protocols.decode = decode;
|
|
@@ -98,6 +118,88 @@ var Protocols;
|
|
|
98
118
|
var Datagram;
|
|
99
119
|
(function (Datagram) {
|
|
100
120
|
Datagram.version = 1;
|
|
121
|
+
class DatagramConstructor {
|
|
122
|
+
constructor(data, receiver, protocol, payload) {
|
|
123
|
+
if (!receiver && !protocol && !payload) {
|
|
124
|
+
if (data instanceof Uint8Array) {
|
|
125
|
+
this.version = data[0] & 127;
|
|
126
|
+
this.protocol = Protocols.decode(data.subarray(1, 2));
|
|
127
|
+
this.id = crypto_1.default.UUID.stringify(data.subarray(2, 18));
|
|
128
|
+
this.createdAt = (0, utils_1.numberFromUint8Array)(data.subarray(18, 26));
|
|
129
|
+
this.sender = (0, utils_1.decodeBase64)(data.subarray(26, 26 + crypto_1.default.EdDSA.publicKeyLength));
|
|
130
|
+
this.receiver = (0, utils_1.decodeBase64)(data.subarray(26 + crypto_1.default.EdDSA.publicKeyLength, DatagramConstructor.headerOffset));
|
|
131
|
+
if (data[0] & 128)
|
|
132
|
+
this._signature = data.subarray(data.length - crypto_1.default.EdDSA.signatureLength);
|
|
133
|
+
this._payload = data.subarray(DatagramConstructor.headerOffset, data.length);
|
|
134
|
+
}
|
|
135
|
+
else if (Datagram.isDatagram(data)) {
|
|
136
|
+
const datagram = data;
|
|
137
|
+
this.id = datagram.id;
|
|
138
|
+
this.version = datagram.version;
|
|
139
|
+
this.sender = datagram.sender;
|
|
140
|
+
this.receiver = datagram.receiver;
|
|
141
|
+
this.protocol = datagram.protocol;
|
|
142
|
+
this.createdAt = datagram.createdAt;
|
|
143
|
+
this._payload = datagram.payload;
|
|
144
|
+
this._signature = (0, utils_1.encodeBase64)(datagram.signature);
|
|
145
|
+
}
|
|
146
|
+
else
|
|
147
|
+
throw new Error('Invalid constructor arguments for Datagram');
|
|
148
|
+
}
|
|
149
|
+
else if (typeof data === 'string' || data instanceof Uint8Array) {
|
|
150
|
+
this.id = crypto_1.default.UUID.generate().toString();
|
|
151
|
+
this.version = Datagram.version;
|
|
152
|
+
this.sender = typeof data === 'string' ? data : (0, utils_1.decodeBase64)(data);
|
|
153
|
+
this.receiver = typeof receiver === 'string' ? receiver : (0, utils_1.decodeBase64)(receiver);
|
|
154
|
+
this.protocol = protocol;
|
|
155
|
+
this.createdAt = Date.now();
|
|
156
|
+
this._payload = payload instanceof Uint8Array ? payload : payload === null || payload === void 0 ? void 0 : payload.encode();
|
|
157
|
+
}
|
|
158
|
+
else
|
|
159
|
+
throw new Error('Invalid constructor arguments for Datagram');
|
|
160
|
+
}
|
|
161
|
+
get signed() {
|
|
162
|
+
return !this._signature && !this.secretKey ? false : true;
|
|
163
|
+
}
|
|
164
|
+
get signature() {
|
|
165
|
+
if (this.signed) {
|
|
166
|
+
if (!this._signature)
|
|
167
|
+
this.encode();
|
|
168
|
+
return (0, utils_1.decodeBase64)(this._signature);
|
|
169
|
+
}
|
|
170
|
+
}
|
|
171
|
+
set payload(data) {
|
|
172
|
+
this._signature = undefined;
|
|
173
|
+
this._payload = data;
|
|
174
|
+
}
|
|
175
|
+
get payload() {
|
|
176
|
+
return this._payload;
|
|
177
|
+
}
|
|
178
|
+
encode() {
|
|
179
|
+
var _a, _b, _c;
|
|
180
|
+
const data = (0, utils_1.concatUint8Array)(new Uint8Array(1).fill(this.version | (this.secretKey ? 128 : 0)), //1
|
|
181
|
+
Protocols.encode(this.protocol), //1
|
|
182
|
+
(_a = crypto_1.default.UUID.parse(this.id)) !== null && _a !== void 0 ? _a : [], //16
|
|
183
|
+
(0, utils_1.numberToUint8Array)(this.createdAt, 8), //8
|
|
184
|
+
(0, utils_1.encodeBase64)(this.sender), //32
|
|
185
|
+
(0, utils_1.encodeBase64)(this.receiver), //32
|
|
186
|
+
(_b = this._payload) !== null && _b !== void 0 ? _b : new Uint8Array());
|
|
187
|
+
if (this.secretKey)
|
|
188
|
+
this._signature = crypto_1.default.EdDSA.sign(data, this.secretKey);
|
|
189
|
+
return (0, utils_1.concatUint8Array)(data, (_c = this._signature) !== null && _c !== void 0 ? _c : new Uint8Array());
|
|
190
|
+
}
|
|
191
|
+
sign(secretKey) {
|
|
192
|
+
this.secretKey = secretKey;
|
|
193
|
+
return this;
|
|
194
|
+
}
|
|
195
|
+
toString() {
|
|
196
|
+
return (0, utils_1.decodeBase64)(this.encode());
|
|
197
|
+
}
|
|
198
|
+
toJSON() {
|
|
199
|
+
return JSON.stringify(this.toString());
|
|
200
|
+
}
|
|
201
|
+
}
|
|
202
|
+
DatagramConstructor.headerOffset = 26 + crypto_1.default.EdDSA.publicKeyLength * 2;
|
|
101
203
|
function create(sender, receiver, protocol, payload) {
|
|
102
204
|
return new DatagramConstructor(sender, receiver, protocol, payload);
|
|
103
205
|
}
|
|
@@ -108,7 +210,7 @@ var Datagram;
|
|
|
108
210
|
Datagram.isDatagram = isDatagram;
|
|
109
211
|
function from(data) {
|
|
110
212
|
if (typeof data === 'string') {
|
|
111
|
-
const decoded = (0, utils_1.
|
|
213
|
+
const decoded = (0, utils_1.encodeBase64)(data);
|
|
112
214
|
return new DatagramConstructor(decoded);
|
|
113
215
|
}
|
|
114
216
|
else
|
|
@@ -116,88 +218,6 @@ var Datagram;
|
|
|
116
218
|
}
|
|
117
219
|
Datagram.from = from;
|
|
118
220
|
})(Datagram || (exports.Datagram = Datagram = {}));
|
|
119
|
-
class DatagramConstructor {
|
|
120
|
-
constructor(data, receiver, protocol, payload) {
|
|
121
|
-
if (!receiver && !protocol && !payload) {
|
|
122
|
-
if (data instanceof Uint8Array) {
|
|
123
|
-
this.version = data[0] & 63;
|
|
124
|
-
this.protocol = Protocols.decode(data.subarray(1, 2));
|
|
125
|
-
this.id = crypto_1.default.UUID.stringify(data.subarray(2, 18));
|
|
126
|
-
this.createdAt = (0, utils_1.numberFromUint8Array)(data.subarray(18, 26));
|
|
127
|
-
this.sender = (0, utils_1.encodeBase64)(data.subarray(26, 26 + crypto_1.default.EdDSA.publicKeyLength));
|
|
128
|
-
this.receiver = (0, utils_1.encodeBase64)(data.subarray(26 + crypto_1.default.EdDSA.publicKeyLength, DatagramConstructor.headerOffset));
|
|
129
|
-
if (data[0] & 128) {
|
|
130
|
-
const signature = data.subarray(data.length - crypto_1.default.EdDSA.signatureLength);
|
|
131
|
-
if (!crypto_1.default.EdDSA.verify(data.subarray(0, data.length - crypto_1.default.EdDSA.signatureLength), signature, data.subarray(26, 26 + crypto_1.default.EdDSA.publicKeyLength)))
|
|
132
|
-
throw new Error('Invalid signature for Datagram');
|
|
133
|
-
}
|
|
134
|
-
if (data[0] & 64)
|
|
135
|
-
this.payload = fflate_1.default.inflateSync(data.subarray(DatagramConstructor.headerOffset, data.length));
|
|
136
|
-
else
|
|
137
|
-
this.payload = data.subarray(DatagramConstructor.headerOffset, data.length);
|
|
138
|
-
}
|
|
139
|
-
else if (Datagram.isDatagram(data)) {
|
|
140
|
-
const datagram = data;
|
|
141
|
-
this.id = datagram.id;
|
|
142
|
-
this.version = datagram.version;
|
|
143
|
-
this.sender = datagram.sender;
|
|
144
|
-
this.receiver = datagram.receiver;
|
|
145
|
-
this.protocol = datagram.protocol;
|
|
146
|
-
this.createdAt = datagram.createdAt;
|
|
147
|
-
this.payload = datagram.payload;
|
|
148
|
-
}
|
|
149
|
-
else
|
|
150
|
-
throw new Error('Invalid constructor arguments for Datagram');
|
|
151
|
-
}
|
|
152
|
-
else if (typeof data === 'string' || data instanceof Uint8Array) {
|
|
153
|
-
this.id = crypto_1.default.UUID.generate().toString();
|
|
154
|
-
this.version = Datagram.version;
|
|
155
|
-
this.sender = typeof data === 'string' ? data : (0, utils_1.encodeBase64)(data);
|
|
156
|
-
this.receiver = typeof receiver === 'string' ? receiver : (0, utils_1.encodeBase64)(receiver);
|
|
157
|
-
this.protocol = protocol;
|
|
158
|
-
this.createdAt = Date.now();
|
|
159
|
-
this.payload = payload instanceof Uint8Array ? payload : payload === null || payload === void 0 ? void 0 : payload.encode();
|
|
160
|
-
}
|
|
161
|
-
else
|
|
162
|
-
throw new Error('Invalid constructor arguments for Datagram');
|
|
163
|
-
}
|
|
164
|
-
encode(compression = true) {
|
|
165
|
-
var _a;
|
|
166
|
-
compression = compression && this.payload != undefined && this.payload.length > 1024;
|
|
167
|
-
return (0, utils_1.concatUint8Array)(new Uint8Array(1).fill(this.version | (compression ? 64 : 0)), //1
|
|
168
|
-
Protocols.encode(this.protocol), //1
|
|
169
|
-
(_a = crypto_1.default.UUID.parse(this.id)) !== null && _a !== void 0 ? _a : [], //16
|
|
170
|
-
(0, utils_1.numberToUint8Array)(this.createdAt, 8), //8
|
|
171
|
-
(0, utils_1.decodeBase64)(this.sender), //32
|
|
172
|
-
(0, utils_1.decodeBase64)(this.receiver), //32
|
|
173
|
-
...(this.payload ? [compression ? fflate_1.default.deflateSync(this.payload) : this.payload] : []));
|
|
174
|
-
}
|
|
175
|
-
encodeSigned(secretKey, compression) {
|
|
176
|
-
//if (!this.payload) throw new Error('Cannot sign a datagram without payload');
|
|
177
|
-
const header = this.encode(compression);
|
|
178
|
-
header[0] |= 128; // Set the sign bit
|
|
179
|
-
const signature = crypto_1.default.EdDSA.sign(header, secretKey);
|
|
180
|
-
return (0, utils_1.concatUint8Array)(header, signature);
|
|
181
|
-
}
|
|
182
|
-
toString() {
|
|
183
|
-
return (0, utils_1.encodeBase64)(this.encode());
|
|
184
|
-
}
|
|
185
|
-
toJSON() {
|
|
186
|
-
/*return JSON.stringify({
|
|
187
|
-
id: this.id,
|
|
188
|
-
version: this.version,
|
|
189
|
-
senderKey: this.senderKey,
|
|
190
|
-
senderRelay: this.senderRelay,
|
|
191
|
-
receiverKey: this.receiverKey,
|
|
192
|
-
receiverRelay: this.receiverRelay,
|
|
193
|
-
protocol: this.protocol,
|
|
194
|
-
createdAt: this.createdAt,
|
|
195
|
-
payload: this.payload ? encodeBase64(this.payload) : undefined
|
|
196
|
-
});*/
|
|
197
|
-
return this.toString();
|
|
198
|
-
}
|
|
199
|
-
}
|
|
200
|
-
DatagramConstructor.headerOffset = 26 + crypto_1.default.EdDSA.publicKeyLength * 2;
|
|
201
221
|
class EncryptedData {
|
|
202
222
|
/**
|
|
203
223
|
* Static factory method that constructs an `EncryptedPayload` from a raw Uint8Array.
|
|
@@ -240,21 +260,18 @@ class EncryptedDataConstructor {
|
|
|
240
260
|
encode() {
|
|
241
261
|
return this.raw;
|
|
242
262
|
}
|
|
243
|
-
decode() {
|
|
244
|
-
return {
|
|
245
|
-
version: this.version,
|
|
246
|
-
count: this.count,
|
|
247
|
-
previous: this.previous,
|
|
248
|
-
publicKey: (0, utils_1.encodeBase64)(this.publicKey),
|
|
249
|
-
nonce: (0, utils_1.encodeBase64)(this.nonce),
|
|
250
|
-
ciphertext: (0, utils_1.encodeBase64)(this.ciphertext)
|
|
251
|
-
};
|
|
252
|
-
}
|
|
253
263
|
toString() {
|
|
254
|
-
return (0, utils_1.
|
|
264
|
+
return (0, utils_1.decodeBase64)(this.raw);
|
|
255
265
|
}
|
|
256
266
|
toJSON() {
|
|
257
|
-
return JSON.stringify(
|
|
267
|
+
return JSON.stringify({
|
|
268
|
+
version: this.version,
|
|
269
|
+
count: this.count,
|
|
270
|
+
previous: this.previous,
|
|
271
|
+
publicKey: (0, utils_1.decodeBase64)(this.publicKey),
|
|
272
|
+
nonce: (0, utils_1.decodeBase64)(this.nonce),
|
|
273
|
+
ciphertext: (0, utils_1.decodeBase64)(this.ciphertext)
|
|
274
|
+
});
|
|
258
275
|
}
|
|
259
276
|
}
|
|
260
277
|
exports.EncryptedDataConstructor = EncryptedDataConstructor;
|
package/x3dh.d.ts
CHANGED
|
@@ -18,6 +18,7 @@
|
|
|
18
18
|
*/
|
|
19
19
|
import { KeyExchangeData, KeyExchangeDataBundle, KeyExchangeSynMessage, LocalStorage, Crypto } from "@freesignal/interfaces";
|
|
20
20
|
import { KeySession } from "./double-ratchet";
|
|
21
|
+
import { IdentityKeys } from "./types";
|
|
21
22
|
export declare class KeyExchange {
|
|
22
23
|
static readonly version = 1;
|
|
23
24
|
private static readonly hkdfInfo;
|
|
@@ -35,9 +36,10 @@ export declare class KeyExchange {
|
|
|
35
36
|
digestData(message: KeyExchangeData): {
|
|
36
37
|
session: KeySession;
|
|
37
38
|
message: KeyExchangeSynMessage;
|
|
39
|
+
identityKeys: IdentityKeys;
|
|
38
40
|
};
|
|
39
41
|
digestMessage(message: KeyExchangeSynMessage): Promise<{
|
|
40
42
|
session: KeySession;
|
|
41
|
-
|
|
43
|
+
identityKeys: IdentityKeys;
|
|
42
44
|
}>;
|
|
43
45
|
}
|
package/x3dh.js
CHANGED
|
@@ -45,13 +45,13 @@ class KeyExchange {
|
|
|
45
45
|
generateSPK() {
|
|
46
46
|
const signedPreKey = crypto_1.default.ECDH.keyPair();
|
|
47
47
|
const signedPreKeyHash = crypto_1.default.hash(signedPreKey.publicKey);
|
|
48
|
-
this.bundleStore.set((0, utils_1.
|
|
48
|
+
this.bundleStore.set((0, utils_1.decodeBase64)(signedPreKeyHash), signedPreKey);
|
|
49
49
|
return { signedPreKey, signedPreKeyHash };
|
|
50
50
|
}
|
|
51
51
|
generateOPK(spkHash) {
|
|
52
52
|
const onetimePreKey = crypto_1.default.ECDH.keyPair();
|
|
53
53
|
const onetimePreKeyHash = crypto_1.default.hash(onetimePreKey.publicKey);
|
|
54
|
-
this.bundleStore.set((0, utils_1.
|
|
54
|
+
this.bundleStore.set((0, utils_1.decodeBase64)(spkHash).concat((0, utils_1.decodeBase64)(onetimePreKeyHash)), onetimePreKey);
|
|
55
55
|
return { onetimePreKey, onetimePreKeyHash };
|
|
56
56
|
}
|
|
57
57
|
generateBundle(length) {
|
|
@@ -59,11 +59,11 @@ class KeyExchange {
|
|
|
59
59
|
const onetimePreKey = new Array(length !== null && length !== void 0 ? length : KeyExchange.maxOPK).fill(0).map(() => this.generateOPK(signedPreKeyHash).onetimePreKey);
|
|
60
60
|
return {
|
|
61
61
|
version: KeyExchange.version,
|
|
62
|
-
publicKey: (0, utils_1.
|
|
63
|
-
identityKey: (0, utils_1.
|
|
64
|
-
signedPreKey: (0, utils_1.
|
|
65
|
-
signature: (0, utils_1.
|
|
66
|
-
onetimePreKey: onetimePreKey.map(opk => (0, utils_1.
|
|
62
|
+
publicKey: (0, utils_1.decodeBase64)(this._signatureKey.publicKey),
|
|
63
|
+
identityKey: (0, utils_1.decodeBase64)(this._identityKey.publicKey),
|
|
64
|
+
signedPreKey: (0, utils_1.decodeBase64)(signedPreKey.publicKey),
|
|
65
|
+
signature: (0, utils_1.decodeBase64)(crypto_1.default.EdDSA.sign(signedPreKeyHash, this._signatureKey.secretKey)),
|
|
66
|
+
onetimePreKey: onetimePreKey.map(opk => (0, utils_1.decodeBase64)(opk.publicKey))
|
|
67
67
|
};
|
|
68
68
|
}
|
|
69
69
|
generateData() {
|
|
@@ -71,20 +71,20 @@ class KeyExchange {
|
|
|
71
71
|
const { onetimePreKey } = this.generateOPK(signedPreKeyHash);
|
|
72
72
|
return {
|
|
73
73
|
version: KeyExchange.version,
|
|
74
|
-
publicKey: (0, utils_1.
|
|
75
|
-
identityKey: (0, utils_1.
|
|
76
|
-
signedPreKey: (0, utils_1.
|
|
77
|
-
signature: (0, utils_1.
|
|
78
|
-
onetimePreKey: (0, utils_1.
|
|
74
|
+
publicKey: (0, utils_1.decodeBase64)(this._signatureKey.publicKey),
|
|
75
|
+
identityKey: (0, utils_1.decodeBase64)(this._identityKey.publicKey),
|
|
76
|
+
signedPreKey: (0, utils_1.decodeBase64)(signedPreKey.publicKey),
|
|
77
|
+
signature: (0, utils_1.decodeBase64)(crypto_1.default.EdDSA.sign(signedPreKeyHash, this._signatureKey.secretKey)),
|
|
78
|
+
onetimePreKey: (0, utils_1.decodeBase64)(onetimePreKey.publicKey)
|
|
79
79
|
};
|
|
80
80
|
}
|
|
81
81
|
digestData(message) {
|
|
82
82
|
const ephemeralKey = crypto_1.default.ECDH.keyPair();
|
|
83
|
-
const signedPreKey = (0, utils_1.
|
|
84
|
-
if (!crypto_1.default.EdDSA.verify(crypto_1.default.hash(signedPreKey), (0, utils_1.
|
|
83
|
+
const signedPreKey = (0, utils_1.encodeBase64)(message.signedPreKey);
|
|
84
|
+
if (!crypto_1.default.EdDSA.verify(crypto_1.default.hash(signedPreKey), (0, utils_1.encodeBase64)(message.signature), (0, utils_1.encodeBase64)(message.publicKey)))
|
|
85
85
|
throw new Error("Signature verification failed");
|
|
86
|
-
const identityKey = (0, utils_1.
|
|
87
|
-
const onetimePreKey = message.onetimePreKey ? (0, utils_1.
|
|
86
|
+
const identityKey = (0, utils_1.encodeBase64)(message.identityKey);
|
|
87
|
+
const onetimePreKey = message.onetimePreKey ? (0, utils_1.encodeBase64)(message.onetimePreKey) : undefined;
|
|
88
88
|
const signedPreKeyHash = crypto_1.default.hash(signedPreKey);
|
|
89
89
|
const onetimePreKeyHash = onetimePreKey ? crypto_1.default.hash(onetimePreKey) : new Uint8Array();
|
|
90
90
|
const rootKey = crypto_1.default.hkdf(new Uint8Array([
|
|
@@ -96,18 +96,22 @@ class KeyExchange {
|
|
|
96
96
|
const session = new double_ratchet_1.KeySession({ remoteKey: identityKey, rootKey });
|
|
97
97
|
const cyphertext = session.encrypt((0, utils_1.concatUint8Array)(crypto_1.default.hash(this._identityKey.publicKey), crypto_1.default.hash(identityKey)));
|
|
98
98
|
if (!cyphertext)
|
|
99
|
-
throw new Error();
|
|
99
|
+
throw new Error("Decryption error");
|
|
100
100
|
return {
|
|
101
101
|
session,
|
|
102
102
|
message: {
|
|
103
103
|
version: KeyExchange.version,
|
|
104
|
-
publicKey: (0, utils_1.
|
|
105
|
-
identityKey: (0, utils_1.
|
|
106
|
-
ephemeralKey: (0, utils_1.
|
|
107
|
-
signedPreKeyHash: (0, utils_1.
|
|
108
|
-
onetimePreKeyHash: (0, utils_1.
|
|
109
|
-
associatedData: (0, utils_1.
|
|
110
|
-
}
|
|
104
|
+
publicKey: (0, utils_1.decodeBase64)(this._signatureKey.publicKey),
|
|
105
|
+
identityKey: (0, utils_1.decodeBase64)(this._identityKey.publicKey),
|
|
106
|
+
ephemeralKey: (0, utils_1.decodeBase64)(ephemeralKey.publicKey),
|
|
107
|
+
signedPreKeyHash: (0, utils_1.decodeBase64)(signedPreKeyHash),
|
|
108
|
+
onetimePreKeyHash: (0, utils_1.decodeBase64)(onetimePreKeyHash),
|
|
109
|
+
associatedData: (0, utils_1.decodeBase64)(cyphertext.encode())
|
|
110
|
+
},
|
|
111
|
+
identityKeys: {
|
|
112
|
+
publicKey: message.publicKey,
|
|
113
|
+
identityKey: message.identityKey
|
|
114
|
+
},
|
|
111
115
|
};
|
|
112
116
|
}
|
|
113
117
|
digestMessage(message) {
|
|
@@ -119,8 +123,8 @@ class KeyExchange {
|
|
|
119
123
|
throw new Error("ACK message malformed");
|
|
120
124
|
if (!this.bundleStore.delete(hash))
|
|
121
125
|
throw new Error("Bundle store deleting error");
|
|
122
|
-
const identityKey = (0, utils_1.
|
|
123
|
-
const ephemeralKey = (0, utils_1.
|
|
126
|
+
const identityKey = (0, utils_1.encodeBase64)(message.identityKey);
|
|
127
|
+
const ephemeralKey = (0, utils_1.encodeBase64)(message.ephemeralKey);
|
|
124
128
|
const rootKey = crypto_1.default.hkdf(new Uint8Array([
|
|
125
129
|
...crypto_1.default.ECDH.scalarMult(signedPreKey.secretKey, identityKey),
|
|
126
130
|
...crypto_1.default.ECDH.scalarMult(this._identityKey.secretKey, ephemeralKey),
|
|
@@ -128,18 +132,24 @@ class KeyExchange {
|
|
|
128
132
|
...onetimePreKey ? crypto_1.default.ECDH.scalarMult(onetimePreKey.secretKey, ephemeralKey) : new Uint8Array()
|
|
129
133
|
]), new Uint8Array(double_ratchet_1.KeySession.rootKeyLength).fill(0), KeyExchange.hkdfInfo, double_ratchet_1.KeySession.rootKeyLength);
|
|
130
134
|
const session = new double_ratchet_1.KeySession({ secretKey: this._identityKey.secretKey, rootKey });
|
|
131
|
-
const cleartext = session.decrypt((0, utils_1.
|
|
135
|
+
const cleartext = session.decrypt((0, utils_1.encodeBase64)(message.associatedData));
|
|
132
136
|
if (!cleartext)
|
|
133
137
|
throw new Error("Error decrypting ACK message");
|
|
134
138
|
if (!(0, utils_1.verifyUint8Array)(cleartext, (0, utils_1.concatUint8Array)(crypto_1.default.hash(identityKey), crypto_1.default.hash(this._identityKey.publicKey))))
|
|
135
139
|
throw new Error("Error verifing Associated Data");
|
|
136
|
-
return {
|
|
140
|
+
return {
|
|
141
|
+
session,
|
|
142
|
+
identityKeys: {
|
|
143
|
+
publicKey: message.publicKey,
|
|
144
|
+
identityKey: message.identityKey
|
|
145
|
+
}
|
|
146
|
+
};
|
|
137
147
|
});
|
|
138
148
|
}
|
|
139
149
|
}
|
|
140
150
|
exports.KeyExchange = KeyExchange;
|
|
141
151
|
KeyExchange.version = 1;
|
|
142
|
-
KeyExchange.hkdfInfo = (0, utils_1.
|
|
152
|
+
KeyExchange.hkdfInfo = (0, utils_1.encodeUTF8)("freesignal/x3dh/" + KeyExchange.version);
|
|
143
153
|
KeyExchange.maxOPK = 10;
|
|
144
154
|
class AsyncMap {
|
|
145
155
|
constructor() {
|