@freesignal/protocol 0.2.9 → 0.3.0

package/double-ratchet.d.ts

@@ -16,70 +16,61 @@
  * You should have received a copy of the GNU General Public License
  * along with this program.  If not, see <https://www.gnu.org/licenses/>
  */
+import { LocalStorage } from "@freesignal/interfaces";
 import { EncryptedData } from "./types";
 export interface ExportedKeySession {
     secretKey: string;
-    remoteKey: string;
-    rootKey: string;
-    sendingChain: string;
-    receivingChain: string;
-    sendingCount: number;
-    receivingCount: number;
-    previousCount: number;
-    previousKeys: [number, Uint8Array][];
+    rootKey?: string;
+    sendingChain?: ExportedKeyChain;
+    receivingChain?: ExportedKeyChain;
+    previousKeys: [string, Uint8Array][];
 }
 /**
  * Represents a secure Double Ratchet session.
  * Used for forward-secure encryption and decryption of messages.
  */
 export declare class KeySession {
-    private static readonly skipLimit;
+    static readonly keyLength = 32;
     static readonly version = 1;
-    static readonly rootKeyLength: number;
+    static readonly info: string;
+    readonly id: string;
+    private readonly mutex;
+    private readonly storage;
     private keyPair;
-    private _remoteKey?;
     private rootKey?;
     private sendingChain?;
-    private sendingCount;
-    private previousCount;
     private receivingChain?;
-    private receivingCount;
     private previousKeys;
-    constructor(opts?: {
+    constructor(storage: LocalStorage<string, ExportedKeySession>, opts?: {
+        id?: string;
         secretKey?: Uint8Array;
         remoteKey?: Uint8Array;
         rootKey?: Uint8Array;
     });
-    /**
-     * Whether both the sending and receiving chains are initialized.
-     */
-    get handshaked(): boolean;
-    /**
-     * The public key of this session.
-     */
-    get publicKey(): Uint8Array;
-    /**
-     * The last known remote public key.
-     */
-    get remoteKey(): Uint8Array | undefined;
-    private setRemoteKey;
-    private ratchetKeys;
-    private getSendingKey;
-    private getReceivingKey;
+    private getChain;
+    private save;
     /**
      * Encrypts a message payload using the current sending chain.
      *
      * @param message - The message as a Uint8Array.
      * @returns An EncryptedPayload or undefined if encryption fails.
      */
-    encrypt(message: Uint8Array): EncryptedData;
+    encrypt(message: Uint8Array): Promise<EncryptedData>;
     /**
      * Decrypts an encrypted message.
      *
      * @param payload - The received encrypted message.
      * @returns The decrypted message as a Uint8Array, or undefined if decryption fails.
      */
-    decrypt(payload: Uint8Array | EncryptedData): Uint8Array | undefined;
+    decrypt(payload: Uint8Array | EncryptedData): Promise<Uint8Array>;
+    /**
+     * Whether both the sending and receiving chains are initialized.
+     */
+    get handshaked(): boolean;
+    /**
+     * The public key of this session.
+     */
+    get publicKey(): Uint8Array;
     /**
      * Export the state of the session;
      */
@@ -90,11 +81,41 @@ export declare class KeySession {
      * @param json string returned by `export()` method.
      * @returns session with the state parsed.
      */
-    static from(data: ExportedKeySession): KeySession;
-    /**
-     * The fixed key length (in bytes) used throughout the Double Ratchet session.
-     * Typically 32 bytes (256 bits) for symmetric keys.
-     */
-    static readonly keyLength = 32;
-    private static symmetricRatchet;
+    static from(data: ExportedKeySession, storage: LocalStorage<string, ExportedKeySession>): KeySession;
+}
+interface ExportedKeyChain {
+    publicKey: string;
+    remoteKey: string;
+    chainKey: string;
+    count: number;
+    previousCount: number;
+}
+export declare class EncryptedDataConstructor implements EncryptedData {
+    static readonly secretKeyLength: number;
+    static readonly publicKeyLength: number;
+    static readonly keyLength: number;
+    static readonly nonceLength: number;
+    static readonly maxCount = 65536;
+    static readonly countLength = 2;
+    private raw;
+    constructor(count: number | Uint8Array, previous: number | Uint8Array, publicKey: Uint8Array, nonce: Uint8Array, ciphertext: Uint8Array, version?: number | Uint8Array);
+    constructor(encrypted: Uint8Array | EncryptedData);
+    get length(): number;
+    get version(): number;
+    get count(): number;
+    get previous(): number;
+    get publicKey(): Uint8Array;
+    get nonce(): Uint8Array;
+    get ciphertext(): Uint8Array;
+    toBytes(): Uint8Array;
+    toString(): string;
+    toJSON(): {
+        version: number;
+        count: number;
+        previous: number;
+        publicKey: string;
+        nonce: string;
+        ciphertext: string;
+    };
 }
+export {};

package/double-ratchet.js

@@ -17,81 +17,105 @@
  * You should have received a copy of the GNU General Public License
  * along with this program.  If not, see <https://www.gnu.org/licenses/>
  */
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __addDisposableResource = (this && this.__addDisposableResource) || function (env, value, async) {
+    if (value !== null && value !== void 0) {
+        if (typeof value !== "object" && typeof value !== "function") throw new TypeError("Object expected.");
+        var dispose, inner;
+        if (async) {
+            if (!Symbol.asyncDispose) throw new TypeError("Symbol.asyncDispose is not defined.");
+            dispose = value[Symbol.asyncDispose];
+        }
+        if (dispose === void 0) {
+            if (!Symbol.dispose) throw new TypeError("Symbol.dispose is not defined.");
+            dispose = value[Symbol.dispose];
+            if (async) inner = dispose;
+        }
+        if (typeof dispose !== "function") throw new TypeError("Object not disposable.");
+        if (inner) dispose = function() { try { inner.call(this); } catch (e) { return Promise.reject(e); } };
+        env.stack.push({ value: value, dispose: dispose, async: async });
+    }
+    else if (async) {
+        env.stack.push({ async: true });
+    }
+    return value;
+};
+var __disposeResources = (this && this.__disposeResources) || (function (SuppressedError) {
+    return function (env) {
+        function fail(e) {
+            env.error = env.hasError ? new SuppressedError(e, env.error, "An error was suppressed during disposal.") : e;
+            env.hasError = true;
+        }
+        var r, s = 0;
+        function next() {
+            while (r = env.stack.pop()) {
+                try {
+                    if (!r.async && s === 1) return s = 0, env.stack.push(r), Promise.resolve().then(next);
+                    if (r.dispose) {
+                        var result = r.dispose.call(r.value);
+                        if (r.async) return s |= 2, Promise.resolve(result).then(next, function(e) { fail(e); return next(); });
+                    }
+                    else s |= 1;
+                }
+                catch (e) {
+                    fail(e);
+                }
+            }
+            if (s === 1) return env.hasError ? Promise.reject(env.error) : Promise.resolve();
+            if (env.hasError) throw env.error;
+        }
+        return next();
+    };
+})(typeof SuppressedError === "function" ? SuppressedError : function (error, suppressed, message) {
+    var e = new Error(message);
+    return e.name = "SuppressedError", e.error = error, e.suppressed = suppressed, e;
+});
 var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.KeySession = void 0;
+exports.EncryptedDataConstructor = exports.KeySession = void 0;
 const crypto_1 = __importDefault(require("@freesignal/crypto"));
 const utils_1 = require("@freesignal/utils");
 const types_1 = require("./types");
+const semaphore_ts_1 = require("semaphore.ts");
 /**
  * Represents a secure Double Ratchet session.
  * Used for forward-secure encryption and decryption of messages.
  */
 class KeySession {
-    constructor(opts = {}) {
-        this.sendingCount = 0;
-        this.previousCount = 0;
-        this.receivingCount = 0;
+    constructor(storage, opts = {}) {
+        var _a;
+        this.mutex = new semaphore_ts_1.AsyncMutex();
         this.previousKeys = new KeyMap();
+        this.id = (_a = opts.id) !== null && _a !== void 0 ? _a : crypto_1.default.UUID.generate().toString();
         this.keyPair = crypto_1.default.ECDH.keyPair(opts.secretKey);
         if (opts.rootKey)
             this.rootKey = opts.rootKey;
         if (opts.remoteKey) {
-            this._remoteKey = opts.remoteKey;
-            this.sendingChain = this.ratchetKeys();
+            this.sendingChain = this.getChain(opts.remoteKey);
         }
+        this.storage = storage;
+        this.save();
     }
-    /**
-     * Whether both the sending and receiving chains are initialized.
-     */
-    get handshaked() { return this.sendingChain && this.receivingChain ? true : false; }
-    /**
-     * The public key of this session.
-     */
-    get publicKey() { return this.keyPair.publicKey; }
-    /**
-     * The last known remote public key.
-     */
-    get remoteKey() { return this._remoteKey; }
-    setRemoteKey(key) {
-        this._remoteKey = key;
-        this.receivingChain = this.ratchetKeys();
-        if (this.receivingCount > (types_1.EncryptedDataConstructor.maxCount - KeySession.skipLimit * 2))
-            this.receivingCount = 0;
-        this.previousCount = this.sendingCount;
-        this.keyPair = crypto_1.default.ECDH.keyPair();
-        this.sendingChain = this.ratchetKeys();
-        if (this.sendingCount > (types_1.EncryptedDataConstructor.maxCount - KeySession.skipLimit * 2))
-            this.sendingCount = 0;
-        return this;
-    }
-    ratchetKeys(info) {
-        if (!this._remoteKey)
-            throw new Error();
-        const sharedKey = crypto_1.default.ECDH.scalarMult(this.keyPair.secretKey, this._remoteKey);
+    getChain(remoteKey, previousCount) {
+        const sharedKey = crypto_1.default.ECDH.scalarMult(this.keyPair.secretKey, remoteKey);
         if (!this.rootKey)
             this.rootKey = crypto_1.default.hash(sharedKey);
-        const hashkey = crypto_1.default.hkdf(sharedKey, this.rootKey, info, KeySession.keyLength * 2);
-        this.rootKey = hashkey.slice(0, KeySession.keyLength);
-        return hashkey.slice(KeySession.keyLength);
-    }
-    getSendingKey() {
-        if (!this.sendingChain)
-            throw new Error;
-        const { chainKey, sharedKey } = KeySession.symmetricRatchet(this.sendingChain);
-        this.sendingChain = chainKey;
-        this.sendingCount++;
-        return sharedKey;
-    }
-    getReceivingKey() {
-        if (!this.receivingChain)
-            throw new Error();
-        const { chainKey, sharedKey } = KeySession.symmetricRatchet(this.receivingChain);
-        this.receivingChain = chainKey;
-        this.receivingCount++;
-        return sharedKey;
+        const hashkey = crypto_1.default.hkdf(sharedKey, this.rootKey, KeySession.info, KeySession.keyLength * 2);
+        this.rootKey = hashkey.subarray(0, KeySession.keyLength);
+        return new KeyChain(this.publicKey, remoteKey, hashkey.subarray(KeySession.keyLength), previousCount);
+    }
+    save() {
+        return this.storage.set(this.id, this.toJSON());
     }
     /**
      * Encrypts a message payload using the current sending chain.
@@ -100,12 +124,26 @@ class KeySession {
      * @returns An EncryptedPayload or undefined if encryption fails.
      */
     encrypt(message) {
-        const key = this.getSendingKey();
-        if (this.sendingCount >= types_1.EncryptedDataConstructor.maxCount || this.previousCount >= types_1.EncryptedDataConstructor.maxCount)
-            throw new Error();
-        const nonce = crypto_1.default.randomBytes(types_1.EncryptedDataConstructor.nonceLength);
-        const ciphertext = crypto_1.default.box.encrypt(message, nonce, key);
-        return new types_1.EncryptedDataConstructor(this.sendingCount, this.previousCount, this.keyPair.publicKey, nonce, ciphertext);
+        return __awaiter(this, void 0, void 0, function* () {
+            const env_1 = { stack: [], error: void 0, hasError: false };
+            try {
+                const lock = __addDisposableResource(env_1, yield this.mutex.acquire(), false);
+                if (!this.sendingChain)
+                    throw new Error("SendingChain not initialized");
+                const key = this.sendingChain.getKey();
+                const nonce = crypto_1.default.randomBytes(EncryptedDataConstructor.nonceLength);
+                const ciphertext = crypto_1.default.box.encrypt(message, nonce, key);
+                yield this.save();
+                return new EncryptedDataConstructor(this.sendingChain.count, this.sendingChain.previousCount, this.keyPair.publicKey, nonce, ciphertext);
+            }
+            catch (e_1) {
+                env_1.error = e_1;
+                env_1.hasError = true;
+            }
+            finally {
+                __disposeResources(env_1);
+            }
+        });
     }
     /**
      * Decrypts an encrypted message.
@@ -114,45 +152,63 @@ class KeySession {
      * @returns The decrypted message as a Uint8Array, or undefined if decryption fails.
      */
     decrypt(payload) {
-        var _a;
-        const encrypted = types_1.EncryptedData.from(payload);
-        const publicKey = encrypted.publicKey;
-        if (!this._remoteKey)
-            throw new Error("Missing remoteKey");
-        if (!(0, utils_1.verifyArrays)(publicKey, this._remoteKey)) {
-            while (this.receivingCount < encrypted.previous)
-                this.previousKeys.set(this.receivingCount, this.getReceivingKey());
-            this.setRemoteKey(publicKey);
-        }
-        let key;
-        const count = encrypted.count;
-        if (this.receivingCount < count) {
-            let i = 0;
-            while (this.receivingCount < count - 1 && i < KeySession.skipLimit) {
-                this.previousKeys.set(this.receivingCount, this.getReceivingKey());
+        return __awaiter(this, void 0, void 0, function* () {
+            var _a, _b, _c;
+            const env_2 = { stack: [], error: void 0, hasError: false };
+            try {
+                const lock = __addDisposableResource(env_2, yield this.mutex.acquire(), false);
+                const encrypted = types_1.EncryptedData.from(payload);
+                if (!(0, utils_1.verifyArrays)(encrypted.publicKey, (_b = (_a = this.receivingChain) === null || _a === void 0 ? void 0 : _a.remoteKey) !== null && _b !== void 0 ? _b : new Uint8Array())) {
+                    while (this.receivingChain && this.receivingChain.count < encrypted.previous) {
+                        const key = this.receivingChain.getKey();
+                        this.previousKeys.set((0, utils_1.decodeBase64)(this.receivingChain.remoteKey) + this.receivingChain.count.toString(), key);
+                    }
+                    this.receivingChain = this.getChain(encrypted.publicKey);
+                    this.keyPair = crypto_1.default.ECDH.keyPair();
+                    this.sendingChain = this.getChain(encrypted.publicKey, (_c = this.sendingChain) === null || _c === void 0 ? void 0 : _c.count);
+                }
+                if (!this.receivingChain)
+                    throw new Error("Error initializing receivingChain");
+                while (this.receivingChain.count < encrypted.count) {
+                    const key = this.receivingChain.getKey();
+                    this.previousKeys.set((0, utils_1.decodeBase64)(this.receivingChain.remoteKey) + this.receivingChain.count.toString(), key);
+                }
+                const key = this.previousKeys.get((0, utils_1.decodeBase64)(encrypted.publicKey) + encrypted.count.toString());
+                if (!key)
+                    throw new Error("Error calculating key");
+                yield this.save();
+                const cleartext = crypto_1.default.box.decrypt(encrypted.ciphertext, encrypted.nonce, key);
+                if (!cleartext)
+                    throw new Error("Error decrypting ciphertext");
+                return cleartext;
             }
-            key = this.getReceivingKey();
-        }
-        else {
-            key = this.previousKeys.get(count);
-        }
-        if (!key)
-            return undefined;
-        return (_a = crypto_1.default.box.decrypt(encrypted.ciphertext, encrypted.nonce, key)) !== null && _a !== void 0 ? _a : undefined;
+            catch (e_2) {
+                env_2.error = e_2;
+                env_2.hasError = true;
+            }
+            finally {
+                __disposeResources(env_2);
+            }
+        });
     }
+    /**
+     * Whether both the sending and receiving chains are initialized.
+     */
+    get handshaked() { return this.sendingChain && this.receivingChain ? true : false; }
+    /**
+     * The public key of this session.
+     */
+    get publicKey() { return this.keyPair.publicKey; }
     /**
      * Export the state of the session;
      */
     toJSON() {
+        var _a, _b;
         return {
-            secretKey: (0, utils_1.decodeBase64)((0, utils_1.concatArrays)(this.keyPair.secretKey)),
-            remoteKey: (0, utils_1.decodeBase64)(this._remoteKey),
-            rootKey: (0, utils_1.decodeBase64)(this.rootKey),
-            sendingChain: (0, utils_1.decodeBase64)(this.sendingChain),
-            receivingChain: (0, utils_1.decodeBase64)(this.receivingChain),
-            sendingCount: this.sendingCount,
-            receivingCount: this.receivingCount,
-            previousCount: this.previousCount,
+            secretKey: (0, utils_1.decodeBase64)(this.keyPair.secretKey),
+            rootKey: this.rootKey ? (0, utils_1.decodeBase64)(this.rootKey) : undefined,
+            sendingChain: (_a = this.sendingChain) === null || _a === void 0 ? void 0 : _a.toJSON(),
+            receivingChain: (_b = this.receivingChain) === null || _b === void 0 ? void 0 : _b.toJSON(),
             previousKeys: Array.from(this.previousKeys.entries())
         };
     }
@@ -162,34 +218,130 @@ class KeySession {
      * @param json string returned by `export()` method.
      * @returns session with the state parsed.
      */
-    static from(data) {
-        const session = new KeySession({ secretKey: (0, utils_1.encodeBase64)(data.secretKey), rootKey: (0, utils_1.encodeBase64)(data.rootKey) });
-        session._remoteKey = (0, utils_1.encodeBase64)(data.remoteKey);
-        session.sendingChain = (0, utils_1.encodeBase64)(data.sendingChain);
-        session.receivingChain = (0, utils_1.encodeBase64)(data.receivingChain);
-        session.sendingCount = data.sendingCount;
-        session.receivingCount = data.receivingCount;
-        session.previousCount = data.previousCount;
+    static from(data, storage) {
+        const session = new KeySession(storage, { secretKey: (0, utils_1.encodeBase64)(data.secretKey), rootKey: data.rootKey ? (0, utils_1.encodeBase64)(data.rootKey) : undefined });
+        //session._remoteKey = data.remoteKey ? encodeBase64(data.remoteKey) : undefined;
+        session.sendingChain = data.sendingChain ? KeyChain.from(data.sendingChain) : undefined;
+        session.receivingChain = data.receivingChain ? KeyChain.from(data.receivingChain) : undefined;
         session.previousKeys = new KeyMap(data.previousKeys);
+        session.save();
         return session;
     }
-    static symmetricRatchet(chain, salt, info) {
-        const hash = crypto_1.default.hkdf(chain, salt !== null && salt !== void 0 ? salt : new Uint8Array(), info, KeySession.keyLength * 2);
+}
+exports.KeySession = KeySession;
+KeySession.keyLength = 32;
+KeySession.version = 1;
+KeySession.info = "/freesignal/double-ratchet/v0." + KeySession.version;
+class KeyChain {
+    constructor(publicKey, remoteKey, chainKey, previousCount = 0) {
+        this.publicKey = publicKey;
+        this.remoteKey = remoteKey;
+        this.chainKey = chainKey;
+        this.previousCount = previousCount;
+        this._count = 0;
+    }
+    getKey() {
+        if (++this._count >= EncryptedDataConstructor.maxCount)
+            throw new Error("SendingChain count too big");
+        const hash = crypto_1.default.hkdf(this.chainKey, new Uint8Array(KeySession.keyLength).fill(0), KeySession.info, KeySession.keyLength * 2);
+        this.chainKey = hash.subarray(0, KeySession.keyLength);
+        return hash.subarray(KeySession.keyLength);
+    }
+    toString() {
+        return "[object KeyChain]";
+    }
+    get count() {
+        return this._count;
+    }
+    toJSON() {
         return {
-            chainKey: new Uint8Array(hash.buffer, 0, KeySession.keyLength),
-            sharedKey: new Uint8Array(hash.buffer, KeySession.keyLength)
+            publicKey: (0, utils_1.decodeBase64)(this.publicKey),
+            remoteKey: (0, utils_1.decodeBase64)(this.remoteKey),
+            chainKey: (0, utils_1.decodeBase64)(this.chainKey),
+            count: this.count,
+            previousCount: this.previousCount
         };
     }
+    static from(obj) {
+        const chain = new KeyChain((0, utils_1.encodeBase64)(obj.publicKey), (0, utils_1.encodeBase64)(obj.remoteKey), (0, utils_1.encodeBase64)(obj.chainKey), obj.previousCount);
+        chain._count = obj.count;
+        return chain;
+    }
 }
-exports.KeySession = KeySession;
-KeySession.skipLimit = 1000;
-KeySession.version = 1;
-KeySession.rootKeyLength = crypto_1.default.box.keyLength;
-/**
- * The fixed key length (in bytes) used throughout the Double Ratchet session.
- * Typically 32 bytes (256 bits) for symmetric keys.
- */
-KeySession.keyLength = 32;
+class EncryptedDataConstructor {
+    constructor(...arrays) {
+        arrays = arrays.filter(value => value !== undefined);
+        if (arrays[0] instanceof EncryptedDataConstructor) {
+            this.raw = arrays[0].raw;
+            return this;
+        }
+        if (typeof arrays[0] === 'number')
+            arrays[0] = (0, utils_1.numberToArray)(arrays[0], EncryptedDataConstructor.countLength);
+        if (typeof arrays[1] === 'number')
+            arrays[1] = (0, utils_1.numberToArray)(arrays[1], EncryptedDataConstructor.countLength);
+        if (arrays.length === 6) {
+            arrays.unshift(typeof arrays[5] === 'number' ? (0, utils_1.numberToArray)(arrays[5]) : arrays[5]);
+            arrays.pop();
+        }
+        else if (arrays.length > 1) {
+            arrays.unshift((0, utils_1.numberToArray)(KeySession.version));
+        }
+        this.raw = (0, utils_1.concatArrays)(...arrays);
+    }
+    get length() { return this.raw.length; }
+    get version() { return (0, utils_1.numberFromArray)(new Uint8Array(this.raw.buffer, ...Offsets.version.get)); }
+    get count() { return (0, utils_1.numberFromArray)(new Uint8Array(this.raw.buffer, ...Offsets.count.get)); }
+    get previous() { return (0, utils_1.numberFromArray)(new Uint8Array(this.raw.buffer, ...Offsets.previous.get)); }
+    get publicKey() { return new Uint8Array(this.raw.buffer, ...Offsets.publicKey.get); }
+    get nonce() { return new Uint8Array(this.raw.buffer, ...Offsets.nonce.get); }
+    get ciphertext() { return new Uint8Array(this.raw.buffer, Offsets.ciphertext.start); }
+    toBytes() {
+        return this.raw;
+    }
+    toString() {
+        return (0, utils_1.decodeBase64)(this.raw);
+    }
+    toJSON() {
+        return {
+            version: this.version,
+            count: this.count,
+            previous: this.previous,
+            publicKey: (0, utils_1.decodeBase64)(this.publicKey),
+            nonce: (0, utils_1.decodeBase64)(this.nonce),
+            ciphertext: (0, utils_1.decodeBase64)(this.ciphertext)
+        };
+    }
+}
+exports.EncryptedDataConstructor = EncryptedDataConstructor;
+EncryptedDataConstructor.secretKeyLength = crypto_1.default.ECDH.secretKeyLength;
+EncryptedDataConstructor.publicKeyLength = crypto_1.default.ECDH.publicKeyLength;
+EncryptedDataConstructor.keyLength = crypto_1.default.box.keyLength;
+EncryptedDataConstructor.nonceLength = crypto_1.default.box.nonceLength;
+EncryptedDataConstructor.maxCount = 65536; //32768;
+EncryptedDataConstructor.countLength = 2;
+class Offsets {
+    static set(start, length) {
+        class Offset {
+            constructor(start, length) {
+                this.start = start;
+                this.length = length;
+                if (typeof length === 'number')
+                    this.end = start + length;
+            }
+            get get() {
+                return [this.start, this.length];
+            }
+        }
+        return new Offset(start, length);
+    }
+}
+Offsets.checksum = Offsets.set(0, 0);
+Offsets.version = Offsets.set(Offsets.checksum.end, 1);
+Offsets.count = Offsets.set(Offsets.version.end, EncryptedDataConstructor.countLength);
+Offsets.previous = Offsets.set(Offsets.count.end, EncryptedDataConstructor.countLength);
+Offsets.publicKey = Offsets.set(Offsets.previous.end, EncryptedDataConstructor.publicKeyLength);
+Offsets.nonce = Offsets.set(Offsets.publicKey.end, EncryptedDataConstructor.nonceLength);
+Offsets.ciphertext = Offsets.set(Offsets.nonce.end, undefined);
 class KeyMap extends Map {
     get(key) {
         const out = super.get(key);

package/index.d.ts

@@ -16,10 +16,10 @@
  * You should have received a copy of the GNU General Public License
  * along with this program.  If not, see <https://www.gnu.org/licenses/>
  */
-import crypto from "@freesignal/crypto";
-import { LocalStorage, Crypto } from "@freesignal/interfaces";
-import { KeySession } from "./double-ratchet";
-import { KeyExchange } from "./x3dh";
+import { LocalStorage, Crypto, Database } from "@freesignal/interfaces";
+import { ExportedKeySession } from "./double-ratchet";
+import { IdentityKey, PrivateIdentityKey } from "./types";
+import { FreeSignalNode } from "./node";
 /**
  * Creates a new Double Ratchet session for secure message exchange.
  *
@@ -29,29 +29,23 @@ import { KeyExchange } from "./x3dh";
  * @param opts.rootKey - An optional root key to initialize the session.
  * @returns A new instance of {@link KeySession}.
  */
-export declare function createKeySession(opts?: {
-    secretKey?: Uint8Array;
-    remoteKey?: Uint8Array;
-    rootKey?: Uint8Array;
-}): KeySession;
 /**
  * Creates a new X3DH (Extended Triple Diffie-Hellman) key exchange session.
  *
- * @param signSecretKey - The EdDSA signing secret key as a Uint8Array.
- * @param boxSecretKey - The ECDH box secret key as a Uint8Array.
- * @param bundleStore - Optional local storage for key bundles.
+ * @param storage - Local storage for keys.
  * @returns A new instance of {@link KeyExchange}.
  */
-export declare function createKeyExchange(signSecretKey: Uint8Array, boxSecretKey: Uint8Array, bundleStore?: LocalStorage<string, crypto.KeyPair>): KeyExchange;
 /**
- * Generates identity key pairs for signing and encryption.
+ * Generates identity key
  *
- * @param signSecretKey - Optional secret key for EdDSA signing.
- * @param boxSecretKey - Optional secret key for ECDH encryption.
+ * @param seed - Seed to generate the key.
  * @returns An object containing readonly signing and box key pairs.
  */
-export declare function createIdentityKeys(signSecretKey?: Uint8Array, boxSecretKey?: Uint8Array): {
-    readonly sign: Crypto.KeyPair;
-    readonly box: Crypto.KeyPair;
-};
-export { UserId, IdentityKeys, Protocols, Datagram, EncryptedData } from "./types";
+export declare function createIdentity(seed?: Uint8Array): PrivateIdentityKey;
+/** */
+export declare function createNode(storage: Database<{
+    sessions: LocalStorage<string, ExportedKeySession>;
+    keyExchange: LocalStorage<string, Crypto.KeyPair>;
+    users: LocalStorage<string, IdentityKey>;
+}>, privateIdentityKey?: PrivateIdentityKey): FreeSignalNode;
+export * from "./types";