@matter/protocol 0.14.1-alpha.0-20250605-9fc134af0 → 0.14.1-alpha.0-20250606-a9bcd03f9

package/dist/esm/session/NodeSession.js

@@ -0,0 +1,298 @@
+/**
+ * @license
+ * Copyright 2022-2025 Matter.js Authors
+ * SPDX-License-Identifier: Apache-2.0
+ */
+import { Subject } from "#action/server/Subject.js";
+import { MessageCodec, SessionType } from "#codec/MessageCodec.js";
+import { BasicSet, Bytes, CRYPTO_SYMMETRIC_KEY_LENGTH, Crypto, Diagnostic, Logger, MatterFlowError } from "#general";
+import { PeerAddress } from "#peer/PeerAddress.js";
+import { NoChannelError } from "#protocol/ChannelManager.js";
+import { MessageCounter } from "#protocol/MessageCounter.js";
+import { MessageReceptionStateEncryptedWithoutRollover } from "#protocol/MessageReceptionState.js";
+import { FabricIndex, NodeId, StatusCode, StatusResponseError } from "#types";
+import { SecureSession } from "./SecureSession.js";
+import { Session } from "./Session.js";
+const logger = Logger.get("SecureSession");
+const SESSION_KEYS_INFO = Bytes.fromString("SessionKeys");
+const SESSION_RESUMPTION_KEYS_INFO = Bytes.fromString("SessionResumptionKeys");
+class NoAssociatedFabricError extends StatusResponseError {
+  constructor(message) {
+    super(message, StatusCode.UnsupportedAccess);
+  }
+}
+class NodeSession extends SecureSession {
+  #subscriptions = new BasicSet();
+  #closingAfterExchangeFinished = false;
+  #sendCloseMessageWhenClosing = true;
+  #id;
+  #isInitiator;
+  #fabric;
+  #peerNodeId;
+  #peerSessionId;
+  #decryptKey;
+  #encryptKey;
+  #attestationKey;
+  #caseAuthenticatedTags;
+  #isClosing = false;
+  supportsMRP = true;
+  type = SessionType.Unicast;
+  static async create(args) {
+    const {
+      manager,
+      id,
+      fabric,
+      peerNodeId,
+      peerSessionId,
+      sharedSecret,
+      salt,
+      isInitiator,
+      isResumption,
+      peerSessionParameters,
+      caseAuthenticatedTags
+    } = args;
+    const keys = await Crypto.hkdf(
+      sharedSecret,
+      salt,
+      isResumption ? SESSION_RESUMPTION_KEYS_INFO : SESSION_KEYS_INFO,
+      CRYPTO_SYMMETRIC_KEY_LENGTH * 3
+    );
+    const decryptKey = isInitiator ? keys.slice(16, 32) : keys.slice(0, 16);
+    const encryptKey = isInitiator ? keys.slice(0, 16) : keys.slice(16, 32);
+    const attestationKey = keys.slice(32, 48);
+    return new NodeSession({
+      manager,
+      id,
+      fabric,
+      peerNodeId,
+      peerSessionId,
+      decryptKey,
+      encryptKey,
+      attestationKey,
+      sessionParameters: peerSessionParameters,
+      isInitiator,
+      caseAuthenticatedTags
+    });
+  }
+  constructor(args) {
+    super({
+      ...args,
+      setActiveTimestamp: true,
+      // We always set the active timestamp for Secure sessions
+      // Can be changed to a PersistedMessageCounter if we implement session storage
+      messageCounter: new MessageCounter(() => {
+        this.end(true, true).catch((error) => logger.error(`Error while closing session: ${error}`));
+      }),
+      messageReceptionState: new MessageReceptionStateEncryptedWithoutRollover()
+    });
+    const {
+      manager,
+      id,
+      fabric,
+      peerNodeId,
+      peerSessionId,
+      decryptKey,
+      encryptKey,
+      attestationKey,
+      caseAuthenticatedTags,
+      isInitiator
+    } = args;
+    this.#id = id;
+    this.#fabric = fabric;
+    this.#peerNodeId = peerNodeId;
+    this.#peerSessionId = peerSessionId;
+    this.#decryptKey = decryptKey;
+    this.#encryptKey = encryptKey;
+    this.#attestationKey = attestationKey;
+    this.#caseAuthenticatedTags = caseAuthenticatedTags ?? [];
+    this.#isInitiator = isInitiator;
+    manager?.sessions.add(this);
+    fabric?.addSession(this);
+    logger.debug(
+      `Created secure ${this.isPase ? "PASE" : "CASE"} session for fabric index ${fabric?.fabricIndex}`,
+      this.name,
+      this.parameterDiagnostics()
+    );
+  }
+  parameterDiagnostics() {
+    return Diagnostic.dict(
+      {
+        SII: this.idleIntervalMs,
+        SAI: this.activeIntervalMs,
+        SAT: this.activeThresholdMs,
+        DMRev: this.dataModelRevision,
+        IMRev: this.interactionModelRevision,
+        spec: Diagnostic.hex(this.specificationVersion),
+        maxPaths: this.maxPathsPerInvoke,
+        CATs: this.#caseAuthenticatedTags
+      },
+      true
+    );
+  }
+  get caseAuthenticatedTags() {
+    return this.#caseAuthenticatedTags;
+  }
+  get closingAfterExchangeFinished() {
+    return this.#closingAfterExchangeFinished;
+  }
+  get sendCloseMessageWhenClosing() {
+    return this.#sendCloseMessageWhenClosing;
+  }
+  get isPase() {
+    return this.#peerNodeId === NodeId.UNSPECIFIED_NODE_ID;
+  }
+  get subscriptions() {
+    return this.#subscriptions;
+  }
+  get isInitiator() {
+    return this.#isInitiator;
+  }
+  get isClosing() {
+    return this.#isClosing;
+  }
+  subjectFor(_message) {
+    return Subject.Node({
+      id: this.peerNodeId,
+      catSubjects: this.#caseAuthenticatedTags.map((cat) => NodeId.fromCaseAuthenticatedTag(cat))
+    });
+  }
+  async close(closeAfterExchangeFinished) {
+    if (closeAfterExchangeFinished === void 0) {
+      closeAfterExchangeFinished = this.isPeerActive();
+    }
+    await this.end(true, closeAfterExchangeFinished);
+  }
+  decode({ header, applicationPayload, messageExtension }, aad) {
+    if (header.hasMessageExtensions) {
+      logger.info(
+        `Message extensions are not supported. Ignoring ${messageExtension ? Bytes.toHex(messageExtension) : void 0}`
+      );
+    }
+    const nonce = Session.generateNonce(header.securityFlags, header.messageId, this.#peerNodeId);
+    const message = MessageCodec.decodePayload({
+      header,
+      applicationPayload: Crypto.decrypt(this.#decryptKey, applicationPayload, nonce, aad)
+    });
+    if (message.payloadHeader.hasSecuredExtension) {
+      logger.info(
+        `Secured extensions are not supported. Ignoring ${message.securityExtension ? Bytes.toHex(message.securityExtension) : void 0}`
+      );
+    }
+    return message;
+  }
+  encode(message) {
+    message.packetHeader.sessionId = this.#peerSessionId;
+    const { header, applicationPayload } = MessageCodec.encodePayload(message);
+    const headerBytes = MessageCodec.encodePacketHeader(message.packetHeader);
+    const securityFlags = headerBytes[3];
+    const sessionNodeId = this.isPase ? NodeId.UNSPECIFIED_NODE_ID : this.#fabric?.nodeId ?? NodeId.UNSPECIFIED_NODE_ID;
+    const nonce = Session.generateNonce(securityFlags, header.messageId, sessionNodeId);
+    return { header, applicationPayload: Crypto.encrypt(this.#encryptKey, applicationPayload, nonce, headerBytes) };
+  }
+  get attestationChallengeKey() {
+    return this.#attestationKey;
+  }
+  get fabric() {
+    return this.#fabric;
+  }
+  addAssociatedFabric(fabric) {
+    if (this.#fabric !== void 0) {
+      throw new MatterFlowError("Session already has an associated Fabric. Cannot change this.");
+    }
+    this.#fabric = fabric;
+  }
+  get id() {
+    return this.#id;
+  }
+  get name() {
+    return `secure/${this.#id}`;
+  }
+  get peerSessionId() {
+    return this.#peerSessionId;
+  }
+  get nodeId() {
+    return this.#fabric?.nodeId ?? NodeId.UNSPECIFIED_NODE_ID;
+  }
+  get peerNodeId() {
+    return this.#peerNodeId;
+  }
+  get associatedFabric() {
+    if (this.#fabric === void 0) {
+      throw new NoAssociatedFabricError(
+        `${this.isPase ? "PASE " : ""}Session needs to have an associated Fabric for fabric sensitive data handling.`
+      );
+    }
+    return this.#fabric;
+  }
+  async clearSubscriptions(flushSubscriptions = false, cancelledByPeer = false) {
+    const subscriptions = [...this.#subscriptions];
+    for (const subscription of subscriptions) {
+      await subscription.close(flushSubscriptions, cancelledByPeer);
+    }
+    return subscriptions.length;
+  }
+  /** Ends a session. Outstanding subscription data will be flushed before the session is destroyed. */
+  async end(sendClose, closeAfterExchangeFinished = false) {
+    await this.clearSubscriptions(true);
+    await this.destroy(sendClose, closeAfterExchangeFinished);
+  }
+  /** Destroys a session. Outstanding subscription data will be discarded. */
+  async destroy(sendClose = false, closeAfterExchangeFinished = true) {
+    await this.clearSubscriptions(false);
+    this.#fabric?.removeSession(this);
+    if (!sendClose) {
+      this.#sendCloseMessageWhenClosing = false;
+    }
+    if (closeAfterExchangeFinished) {
+      logger.info(`Register Session ${this.name} to close when exchange is ended.`);
+      this.#closingAfterExchangeFinished = true;
+    } else {
+      this.#isClosing = true;
+      logger.info(`End ${this.isPase ? "PASE" : "CASE"} session ${this.name}`);
+      this.manager?.sessions.delete(this);
+      if (this.closer) {
+        try {
+          await this.closer;
+        } catch (error) {
+          NoChannelError.accept(error);
+        } finally {
+          await this.destroyed.emit();
+        }
+        return;
+      }
+      await this.destroyed.emit();
+    }
+  }
+  /**
+   * The peer node's address.
+   */
+  get peerAddress() {
+    return PeerAddress({
+      fabricIndex: this.#fabric?.fabricIndex ?? FabricIndex.NO_FABRIC,
+      nodeId: this.#peerNodeId
+    });
+  }
+  /**
+   * Indicates whether a peer matches a specific address.
+   */
+  peerIs(address) {
+    return (this.#fabric?.fabricIndex ?? FabricIndex.NO_FABRIC) === address.fabricIndex && this.#peerNodeId === address.nodeId;
+  }
+}
+((NodeSession2) => {
+  function assert(session, errorText) {
+    if (!is(session)) {
+      throw new MatterFlowError(errorText ?? "Insecure session in secure context");
+    }
+  }
+  NodeSession2.assert = assert;
+  function is(session) {
+    return session?.type === SessionType.Unicast;
+  }
+  NodeSession2.is = is;
+})(NodeSession || (NodeSession = {}));
+export {
+  NoAssociatedFabricError,
+  NodeSession
+};
+//# sourceMappingURL=NodeSession.js.map

package/dist/esm/session/NodeSession.js.map

@@ -0,0 +1,6 @@
+{
+  "version": 3,
+  "sources": ["../../../src/session/NodeSession.ts"],
+  "mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;AAMA,SAAS,eAAe;AACxB,SAAiD,cAAsB,mBAAmB;AAE1F,SAAS,UAAU,OAAO,6BAA6B,QAAQ,YAAY,QAAQ,uBAAuB;AAE1G,SAAS,mBAAmB;AAC5B,SAAS,sBAAsB;AAC/B,SAAS,sBAAsB;AAC/B,SAAS,qDAAqD;AAC9D,SAA+B,aAAa,QAAQ,YAAY,2BAA2B;AAC3F,SAAS,qBAAqB;AAC9B,SAAS,eAAwC;AAGjD,MAAM,SAAS,OAAO,IAAI,eAAe;AAEzC,MAAM,oBAAoB,MAAM,WAAW,aAAa;AACxD,MAAM,+BAA+B,MAAM,WAAW,uBAAuB;AAEtE,MAAM,gCAAgC,oBAAoB;AAAA,EAC7D,YAAY,SAAiB;AACzB,UAAM,SAAS,WAAW,iBAAiB;AAAA,EAC/C;AACJ;AAEO,MAAM,oBAAoB,cAAc;AAAA,EAClC,iBAAiB,IAAI,SAAuB;AAAA,EACrD,gCAAgC;AAAA,EAChC,+BAA+B;AAAA,EACtB;AAAA,EACA;AAAA,EACT;AAAA,EACS;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACT;AAAA,EACA,aAAa;AAAA,EACJ,cAAc;AAAA,EACd,OAAO,YAAY;AAAA,EAE5B,aAAa,OAAO,MAYjB;AACC,UAAM;AAAA,MACF;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACJ,IAAI;AACJ,UAAM,OAAO,MAAM,OAAO;AAAA,MACtB;AAAA,MACA;AAAA,MACA,eAAe,+BAA+B;AAAA,MAC9C,8BAA8B;AAAA,IAClC;AACA,UAAM,aAAa,cAAc,KAAK,MAAM,IAAI,EAAE,IAAI,KAAK,MAAM,GAAG,EAAE;AACtE,UAAM,aAAa,cAAc,KAAK,MAAM,GAAG,EAAE,IAAI,KAAK,MAAM,IAAI,EAAE;AACtE,UAAM,iBAAiB,KAAK,MAAM,IAAI,EAAE;AACxC,WAAO,IAAI,YAAY;AAAA,MACnB;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA,mBAAmB;AAAA,MACnB;AAAA,MACA;AAAA,IACJ,CAAC;AAAA,EACL;AAAA,EAEA,YAAY,MAYT;AACC,UAAM;AAAA,MACF,GAAG;AAAA,MACH,oBAAoB;AAAA;AAAA;AAAA,MAEpB,gBAAgB,IAAI,eAAe,MAAM;AAGrC,aAAK,IAAI,MAAM,IAAI,EAAE,MAAM,WAAS,OAAO,MAAM,gCAAgC,KAAK,EAAE,CAAC;AAAA,MAC7F,CAAC;AAAA,MACD,uBAAuB,IAAI,8CAA8C;AAAA,IAC7E,CAAC;AACD,UAAM;AAAA,MACF;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACJ,IAAI;AAEJ,SAAK,MAAM;AACX,SAAK,UAAU;AACf,SAAK,cAAc;AACnB,SAAK,iBAAiB;AACtB,SAAK,cAAc;AACnB,SAAK,cAAc;AACnB,SAAK,kBAAkB;AACvB,SAAK,yBAAyB,yBAAyB,CAAC;AACxD,SAAK,eAAe;AAEpB,aAAS,SAAS,IAAI,IAAI;AAC1B,YAAQ,WAAW,IAAI;AAEvB,WAAO;AAAA,MACH,kBAAkB,KAAK,SAAS,SAAS,MAAM,6BAA6B,QAAQ,WAAW;AAAA,MAC/F,KAAK;AAAA,MACL,KAAK,qBAAqB;AAAA,IAC9B;AAAA,EACJ;AAAA,EAEA,uBAAuB;AACnB,WAAO,WAAW;AAAA,MACd;AAAA,QACI,KAAK,KAAK;AAAA,QACV,KAAK,KAAK;AAAA,QACV,KAAK,KAAK;AAAA,QACV,OAAO,KAAK;AAAA,QACZ,OAAO,KAAK;AAAA,QACZ,MAAM,WAAW,IAAI,KAAK,oBAAoB;AAAA,QAC9C,UAAU,KAAK;AAAA,QACf,MAAM,KAAK;AAAA,MACf;AAAA,MACA;AAAA,IACJ;AAAA,EACJ;AAAA,EAEA,IAAI,wBAAwB;AACxB,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,+BAA+B;AAC/B,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,8BAA8B;AAC9B,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,SAAkB;AAClB,WAAO,KAAK,gBAAgB,OAAO;AAAA,EACvC;AAAA,EAEA,IAAI,gBAAgB;AAChB,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,cAAc;AACd,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,YAAY;AACZ,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,WAAW,UAA6B;AACpC,WAAO,QAAQ,KAAK;AAAA,MAChB,IAAI,KAAK;AAAA,MACT,aAAa,KAAK,uBAAuB,IAAI,SAAO,OAAO,yBAAyB,GAAG,CAAC;AAAA,IAC5F,CAAC;AAAA,EACL;AAAA,EAEA,MAAM,MAAM,4BAAsC;AAC9C,QAAI,+BAA+B,QAAW;AAC1C,mCAA6B,KAAK,aAAa;AAAA,IACnD;AACA,UAAM,KAAK,IAAI,MAAM,0BAA0B;AAAA,EACnD;AAAA,EAEA,OAAO,EAAE,QAAQ,oBAAoB,iBAAiB,GAAkB,KAAiC;AACrG,QAAI,OAAO,sBAAsB;AAC7B,aAAO;AAAA,QACH,kDAAkD,mBAAmB,MAAM,MAAM,gBAAgB,IAAI,MAAS;AAAA,MAClH;AAAA,IACJ;AACA,UAAM,QAAQ,QAAQ,cAAc,OAAO,eAAe,OAAO,WAAW,KAAK,WAAW;AAC5F,UAAM,UAAU,aAAa,cAAc;AAAA,MACvC;AAAA,MACA,oBAAoB,OAAO,QAAQ,KAAK,aAAa,oBAAoB,OAAO,GAAG;AAAA,IACvF,CAAC;AAED,QAAI,QAAQ,cAAc,qBAAqB;AAC3C,aAAO;AAAA,QACH,kDAAkD,QAAQ,oBAAoB,MAAM,MAAM,QAAQ,iBAAiB,IAAI,MAAS;AAAA,MACpI;AAAA,IACJ;AAEA,WAAO;AAAA,EACX;AAAA,EAEA,OAAO,SAA0B;AAC7B,YAAQ,aAAa,YAAY,KAAK;AACtC,UAAM,EAAE,QAAQ,mBAAmB,IAAI,aAAa,cAAc,OAAO;AACzE,UAAM,cAAc,aAAa,mBAAmB,QAAQ,YAAY;AACxE,UAAM,gBAAgB,YAAY,CAAC;AACnC,UAAM,gBAAgB,KAAK,SACrB,OAAO,sBACN,KAAK,SAAS,UAAU,OAAO;AACtC,UAAM,QAAQ,QAAQ,cAAc,eAAe,OAAO,WAAW,aAAa;AAClF,WAAO,EAAE,QAAQ,oBAAoB,OAAO,QAAQ,KAAK,aAAa,oBAAoB,OAAO,WAAW,EAAE;AAAA,EAClH;AAAA,EAEA,IAAI,0BAAsC;AACtC,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,SAAS;AACT,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,oBAAoB,QAAgB;AAChC,QAAI,KAAK,YAAY,QAAW;AAC5B,YAAM,IAAI,gBAAgB,+DAA+D;AAAA,IAC7F;AACA,SAAK,UAAU;AAAA,EACnB;AAAA,EAEA,IAAI,KAAK;AACL,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,OAAO;AACP,WAAO,UAAU,KAAK,GAAG;AAAA,EAC7B;AAAA,EAEA,IAAI,gBAAwB;AACxB,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,SAAS;AACT,WAAO,KAAK,SAAS,UAAU,OAAO;AAAA,EAC1C;AAAA,EAEA,IAAI,aAAa;AACb,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,mBAA2B;AAC3B,QAAI,KAAK,YAAY,QAAW;AAC5B,YAAM,IAAI;AAAA,QACN,GAAG,KAAK,SAAS,UAAU,EAAE;AAAA,MACjC;AAAA,IACJ;AACA,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,MAAM,mBAAmB,qBAAqB,OAAO,kBAAkB,OAAO;AAC1E,UAAM,gBAAgB,CAAC,GAAG,KAAK,cAAc;AAC7C,eAAW,gBAAgB,eAAe;AACtC,YAAM,aAAa,MAAM,oBAAoB,eAAe;AAAA,IAChE;AACA,WAAO,cAAc;AAAA,EACzB;AAAA;AAAA,EAGA,MAAM,IAAI,WAAoB,6BAA6B,OAAO;AAC9D,UAAM,KAAK,mBAAmB,IAAI;AAClC,UAAM,KAAK,QAAQ,WAAW,0BAA0B;AAAA,EAC5D;AAAA;AAAA,EAGA,MAAM,QAAQ,YAAY,OAAO,6BAA6B,MAAM;AAChE,UAAM,KAAK,mBAAmB,KAAK;AACnC,SAAK,SAAS,cAAc,IAAI;AAChC,QAAI,CAAC,WAAW;AACZ,WAAK,+BAA+B;AAAA,IACxC;AAEA,QAAI,4BAA4B;AAC5B,aAAO,KAAK,oBAAoB,KAAK,IAAI,mCAAmC;AAC5E,WAAK,gCAAgC;AAAA,IACzC,OAAO;AACH,WAAK,aAAa;AAClB,aAAO,KAAK,OAAO,KAAK,SAAS,SAAS,MAAM,YAAY,KAAK,IAAI,EAAE;AACvE,WAAK,SAAS,SAAS,OAAO,IAAI;AAGlC,UAAI,KAAK,QAAQ;AACb,YAAI;AACA,gBAAM,KAAK;AAAA,QACf,SAAS,OAAO;AACZ,yBAAe,OAAO,KAAK;AAAA,QAC/B,UAAE;AACE,gBAAM,KAAK,UAAU,KAAK;AAAA,QAC9B;AACA;AAAA,MACJ;AACA,YAAM,KAAK,UAAU,KAAK;AAAA,IAC9B;AAAA,EACJ;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,cAAc;AACd,WAAO,YAAY;AAAA,MACf,aAAa,KAAK,SAAS,eAAe,YAAY;AAAA,MACtD,QAAQ,KAAK;AAAA,IACjB,CAAC;AAAA,EACL;AAAA;AAAA;AAAA;AAAA,EAKA,OAAO,SAAsB;AACzB,YACK,KAAK,SAAS,eAAe,YAAY,eAAe,QAAQ,eACjE,KAAK,gBAAgB,QAAQ;AAAA,EAErC;AACJ;AAAA,CAEO,CAAUA,iBAAV;AACI,WAAS,OAAO,SAAmB,WAAoD;AAC1F,QAAI,CAAC,GAAG,OAAO,GAAG;AACd,YAAM,IAAI,gBAAgB,aAAa,oCAAoC;AAAA,IAC/E;AAAA,EACJ;AAJO,EAAAA,aAAS;AAMT,WAAS,GAAG,SAA2C;AAC1D,WAAO,SAAS,SAAS,YAAY;AAAA,EACzC;AAFO,EAAAA,aAAS;AAAA,GAPH;",
+  "names": ["NodeSession"]
+}

package/dist/esm/session/SecureSession.d.ts

@@ -3,81 +3,16 @@
  * Copyright 2022-2025 Matter.js Authors
  * SPDX-License-Identifier: Apache-2.0
  */
-import { BasicSet, Diagnostic } from "#general";
-import { Subscription } from "#interaction/Subscription.js";
-import { PeerAddress } from "#peer/PeerAddress.js";
-import { CaseAuthenticatedTag, NodeId, StatusResponseError } from "#types";
-import { DecodedMessage, DecodedPacket, Message, Packet } from "../codec/MessageCodec.js";
-import { Fabric } from "../fabric/Fabric.js";
-import { Session, SessionParameterOptions } from "./Session.js";
-import { type SessionManager } from "./SessionManager.js";
-export declare class NoAssociatedFabricError extends StatusResponseError {
-    constructor(message: string);
+import { Subject } from "#action/server/Subject.js";
+import { Message } from "#codec/MessageCodec.js";
+import { Fabric } from "#fabric/Fabric.js";
+import { Session } from "./Session.js";
+export declare abstract class SecureSession extends Session {
+    readonly isSecure = true;
+    abstract fabric: Fabric | undefined;
+    abstract subjectFor(message?: Message): Subject;
 }
-export declare class SecureSession extends Session {
-    #private;
-    readonly supportsMRP = true;
-    static create(args: {
-        manager?: SessionManager;
-        id: number;
-        fabric: Fabric | undefined;
-        peerNodeId: NodeId;
-        peerSessionId: number;
-        sharedSecret: Uint8Array;
-        salt: Uint8Array;
-        isInitiator: boolean;
-        isResumption: boolean;
-        peerSessionParameters?: SessionParameterOptions;
-        caseAuthenticatedTags?: CaseAuthenticatedTag[];
-    }): Promise<SecureSession>;
-    constructor(args: {
-        manager?: SessionManager;
-        id: number;
-        fabric: Fabric | undefined;
-        peerNodeId: NodeId;
-        peerSessionId: number;
-        decryptKey: Uint8Array;
-        encryptKey: Uint8Array;
-        attestationKey: Uint8Array;
-        sessionParameters?: SessionParameterOptions;
-        caseAuthenticatedTags?: CaseAuthenticatedTag[];
-        isInitiator: boolean;
-    });
-    parameterDiagnostics(): Record<string, unknown> & Diagnostic;
-    get caseAuthenticatedTags(): CaseAuthenticatedTag[];
-    get closingAfterExchangeFinished(): boolean;
-    get sendCloseMessageWhenClosing(): boolean;
-    get isSecure(): boolean;
-    get isPase(): boolean;
-    get subscriptions(): BasicSet<Subscription, Subscription>;
-    get isInitiator(): boolean;
-    get isClosing(): boolean;
-    close(closeAfterExchangeFinished?: boolean): Promise<void>;
-    decode({ header, applicationPayload, messageExtension }: DecodedPacket, aad: Uint8Array): DecodedMessage;
-    encode(message: Message): Packet;
-    get attestationChallengeKey(): Uint8Array;
-    get fabric(): Fabric | undefined;
-    addAssociatedFabric(fabric: Fabric): void;
-    get id(): number;
-    get name(): string;
-    get peerSessionId(): number;
-    get nodeId(): NodeId;
-    get peerNodeId(): NodeId;
-    get associatedFabric(): Fabric;
-    clearSubscriptions(flushSubscriptions?: boolean, cancelledByPeer?: boolean): Promise<number>;
-    /** Ends a session. Outstanding subscription data will be flushed before the session is destroyed. */
-    end(sendClose: boolean, closeAfterExchangeFinished?: boolean): Promise<void>;
-    /** Destroys a session. Outstanding subscription data will be discarded. */
-    destroy(sendClose?: boolean, closeAfterExchangeFinished?: boolean): Promise<void>;
-    /**
-     * The peer node's address.
-     */
-    get peerAddress(): PeerAddress;
-    /**
-     * Indicates whether a peer matches a specific address.
-     */
-    peerIs(address: PeerAddress): boolean;
-    private generateNonce;
+export declare namespace SecureSession {
+    function assert(session?: Session, errorText?: string): asserts session is SecureSession;
 }
-export declare function assertSecureSession(session?: Session, errorText?: string): asserts session is SecureSession;
 //# sourceMappingURL=SecureSession.d.ts.map

package/dist/esm/session/SecureSession.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"SecureSession.d.ts","sourceRoot":"","sources":["../../../src/session/SecureSession.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EACH,QAAQ,EAKR,UAAU,EAIb,MAAM,UAAU,CAAC;AAClB,OAAO,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AAC5D,OAAO,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AACnD,OAAO,EAAE,oBAAoB,EAAe,MAAM,EAAc,mBAAmB,EAAE,MAAM,QAAQ,CAAC;AACpG,OAAO,EAAE,cAAc,EAAE,aAAa,EAAE,OAAO,EAAgB,MAAM,EAAE,MAAM,0BAA0B,CAAC;AACxG,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AAI7C,OAAO,EAAE,OAAO,EAAE,uBAAuB,EAAE,MAAM,cAAc,CAAC;AAChE,OAAO,EAAE,KAAK,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAO1D,qBAAa,uBAAwB,SAAQ,mBAAmB;gBAChD,OAAO,EAAE,MAAM;CAG9B;AAED,qBAAa,aAAc,SAAQ,OAAO;;IActC,QAAQ,CAAC,WAAW,QAAQ;WAEf,MAAM,CAAC,IAAI,EAAE;QACtB,OAAO,CAAC,EAAE,cAAc,CAAC;QACzB,EAAE,EAAE,MAAM,CAAC;QACX,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC;QAC3B,UAAU,EAAE,MAAM,CAAC;QACnB,aAAa,EAAE,MAAM,CAAC;QACtB,YAAY,EAAE,UAAU,CAAC;QACzB,IAAI,EAAE,UAAU,CAAC;QACjB,WAAW,EAAE,OAAO,CAAC;QACrB,YAAY,EAAE,OAAO,CAAC;QACtB,qBAAqB,CAAC,EAAE,uBAAuB,CAAC;QAChD,qBAAqB,CAAC,EAAE,oBAAoB,EAAE,CAAC;KAClD;gBAsCW,IAAI,EAAE;QACd,OAAO,CAAC,EAAE,cAAc,CAAC;QACzB,EAAE,EAAE,MAAM,CAAC;QACX,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC;QAC3B,UAAU,EAAE,MAAM,CAAC;QACnB,aAAa,EAAE,MAAM,CAAC;QACtB,UAAU,EAAE,UAAU,CAAC;QACvB,UAAU,EAAE,UAAU,CAAC;QACvB,cAAc,EAAE,UAAU,CAAC;QAC3B,iBAAiB,CAAC,EAAE,uBAAuB,CAAC;QAC5C,qBAAqB,CAAC,EAAE,oBAAoB,EAAE,CAAC;QAC/C,WAAW,EAAE,OAAO,CAAC;KACxB;IA6CD,oBAAoB;IAgBpB,IAAI,qBAAqB,2BAExB;IAED,IAAI,4BAA4B,YAE/B;IAED,IAAI,2BAA2B,YAE9B;IAED,IAAI,QAAQ,IAAI,OAAO,CAEtB;IAED,IAAI,MAAM,IAAI,OAAO,CAEpB;IAED,IAAI,aAAa,yCAEhB;IAED,IAAI,WAAW,YAEd;IAED,IAAI,SAAS,YAEZ;IAEK,KAAK,CAAC,0BAA0B,CAAC,EAAE,OAAO;IAOhD,MAAM,CAAC,EAAE,MAAM,EAAE,kBAAkB,EAAE,gBAAgB,EAAE,EAAE,aAAa,EAAE,GAAG,EAAE,UAAU,GAAG,cAAc;IAqBxG,MAAM,CAAC,OAAO,EAAE,OAAO,GAAG,MAAM;IAYhC,IAAI,uBAAuB,IAAI,UAAU,CAExC;IAED,IAAI,MAAM,uBAET;IAED,mBAAmB,CAAC,MAAM,EAAE,MAAM;IAOlC,IAAI,EAAE,WAEL;IAED,IAAI,IAAI,WAEP;IAED,IAAI,aAAa,IAAI,MAAM,CAE1B;IAED,IAAI,MAAM,WAET;IAED,IAAI,UAAU,WAEb;IAED,IAAI,gBAAgB,IAAI,MAAM,CAO7B;IAEK,kBAAkB,CAAC,kBAAkB,UAAQ,EAAE,eAAe,UAAQ;IAQ5E,qGAAqG;IAC/F,GAAG,CAAC,SAAS,EAAE,OAAO,EAAE,0BAA0B,UAAQ;IAKhE,2EAA2E;IACrE,OAAO,CAAC,SAAS,UAAQ,EAAE,0BAA0B,UAAO;IA8BlE;;OAEG;IACH,IAAI,WAAW,gBAKd;IAED;;OAEG;IACH,MAAM,CAAC,OAAO,EAAE,WAAW;IAO3B,OAAO,CAAC,aAAa;CAOxB;AAED,wBAAgB,mBAAmB,CAAC,OAAO,CAAC,EAAE,OAAO,EAAE,SAAS,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,IAAI,aAAa,CAI3G"}
+{"version":3,"file":"SecureSession.d.ts","sourceRoot":"","sources":["../../../src/session/SecureSession.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,EAAE,OAAO,EAAE,MAAM,2BAA2B,CAAC;AACpD,OAAO,EAAE,OAAO,EAAE,MAAM,wBAAwB,CAAC;AACjD,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAE3C,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAEvC,8BAAsB,aAAc,SAAQ,OAAO;IAC/C,QAAQ,CAAC,QAAQ,QAAQ;IACzB,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC;IACpC,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,OAAO,GAAG,OAAO;CAClD;AAED,yBAAiB,aAAa,CAAC;IAC3B,SAAgB,MAAM,CAAC,OAAO,CAAC,EAAE,OAAO,EAAE,SAAS,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,IAAI,aAAa,CAI9F;CACJ"}