@matter/protocol 0.14.1-alpha.0-20250606-a9bcd03f9 → 0.15.0-alpha.0-20250612-ddd428561
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/certificate/AttestationCertificateManager.js +2 -2
- package/dist/cjs/certificate/AttestationCertificateManager.js.map +1 -1
- package/dist/cjs/certificate/CertificateAuthority.d.ts +2 -2
- package/dist/cjs/certificate/CertificateAuthority.d.ts.map +1 -1
- package/dist/cjs/certificate/CertificateAuthority.js +5 -5
- package/dist/cjs/certificate/CertificateAuthority.js.map +1 -1
- package/dist/cjs/certificate/CertificateManager.d.ts +1 -1
- package/dist/cjs/certificate/CertificateManager.d.ts.map +1 -1
- package/dist/cjs/certificate/CertificateManager.js +21 -10
- package/dist/cjs/certificate/CertificateManager.js.map +1 -1
- package/dist/cjs/certificate/CertificationDeclarationManager.d.ts +1 -1
- package/dist/cjs/certificate/DeviceCertification.d.ts +1 -1
- package/dist/cjs/certificate/DeviceCertification.d.ts.map +1 -1
- package/dist/cjs/certificate/DeviceCertification.js +5 -3
- package/dist/cjs/certificate/DeviceCertification.js.map +1 -1
- package/dist/cjs/cluster/client/ClusterClient.d.ts.map +1 -1
- package/dist/cjs/cluster/client/ClusterClient.js +6 -0
- package/dist/cjs/cluster/client/ClusterClient.js.map +1 -1
- package/dist/cjs/cluster/client/ClusterClientTypes.d.ts +4 -1
- package/dist/cjs/cluster/client/ClusterClientTypes.d.ts.map +1 -1
- package/dist/cjs/codec/BtpCodec.d.ts +1 -1
- package/dist/cjs/codec/MessageCodec.d.ts +1 -1
- package/dist/cjs/fabric/Fabric.d.ts +8 -6
- package/dist/cjs/fabric/Fabric.d.ts.map +1 -1
- package/dist/cjs/fabric/Fabric.js +22 -15
- package/dist/cjs/fabric/Fabric.js.map +1 -1
- package/dist/cjs/fabric/FabricAuthority.d.ts +4 -0
- package/dist/cjs/fabric/FabricAuthority.d.ts.map +1 -1
- package/dist/cjs/fabric/FabricAuthority.js +6 -0
- package/dist/cjs/fabric/FabricAuthority.js.map +1 -1
- package/dist/cjs/fabric/FabricManager.d.ts.map +1 -1
- package/dist/cjs/fabric/FabricManager.js +9 -2
- package/dist/cjs/fabric/FabricManager.js.map +1 -1
- package/dist/cjs/fabric/TestFabric.d.ts +30 -0
- package/dist/cjs/fabric/TestFabric.d.ts.map +1 -0
- package/dist/cjs/fabric/TestFabric.js +70 -0
- package/dist/cjs/fabric/TestFabric.js.map +6 -0
- package/dist/cjs/fabric/index.d.ts +1 -0
- package/dist/cjs/fabric/index.d.ts.map +1 -1
- package/dist/cjs/fabric/index.js +1 -0
- package/dist/cjs/fabric/index.js.map +1 -1
- package/dist/cjs/groups/{FabricGroupsManager.d.ts → FabricGroups.d.ts} +2 -2
- package/dist/cjs/groups/FabricGroups.d.ts.map +1 -0
- package/dist/cjs/groups/{FabricGroupsManager.js → FabricGroups.js} +9 -9
- package/dist/cjs/groups/FabricGroups.js.map +6 -0
- package/dist/cjs/groups/KeySets.js +1 -1
- package/dist/cjs/groups/KeySets.js.map +1 -1
- package/dist/cjs/groups/index.d.ts +1 -1
- package/dist/cjs/groups/index.d.ts.map +1 -1
- package/dist/cjs/groups/index.js +1 -1
- package/dist/cjs/groups/index.js.map +1 -1
- package/dist/cjs/interaction/{AccessControlManager.d.ts → FabricAccessControl.d.ts} +12 -7
- package/dist/cjs/interaction/FabricAccessControl.d.ts.map +1 -0
- package/dist/cjs/interaction/{AccessControlManager.js → FabricAccessControl.js} +46 -21
- package/dist/cjs/interaction/FabricAccessControl.js.map +6 -0
- package/dist/cjs/interaction/index.d.ts +1 -1
- package/dist/cjs/interaction/index.d.ts.map +1 -1
- package/dist/cjs/interaction/index.js +1 -1
- package/dist/cjs/interaction/index.js.map +1 -1
- package/dist/cjs/peer/ControllerCommissioningFlow.d.ts.map +1 -1
- package/dist/cjs/peer/ControllerCommissioningFlow.js +2 -4
- package/dist/cjs/peer/ControllerCommissioningFlow.js.map +1 -1
- package/dist/cjs/protocol/DeviceCommissioner.js +1 -1
- package/dist/cjs/protocol/DeviceCommissioner.js.map +1 -1
- package/dist/cjs/protocol/MessageExchange.d.ts +6 -0
- package/dist/cjs/protocol/MessageExchange.d.ts.map +1 -1
- package/dist/cjs/protocol/MessageExchange.js +13 -0
- package/dist/cjs/protocol/MessageExchange.js.map +1 -1
- package/dist/cjs/securechannel/SecureChannelStatusMessageSchema.d.ts +1 -1
- package/dist/cjs/session/NodeSession.js +1 -1
- package/dist/cjs/session/Session.d.ts +1 -1
- package/dist/cjs/session/SessionManager.d.ts.map +1 -1
- package/dist/cjs/session/SessionManager.js +1 -0
- package/dist/cjs/session/SessionManager.js.map +1 -1
- package/dist/cjs/session/case/CaseClient.d.ts.map +1 -1
- package/dist/cjs/session/case/CaseClient.js +34 -30
- package/dist/cjs/session/case/CaseClient.js.map +1 -1
- package/dist/cjs/session/case/CaseMessages.d.ts +8 -8
- package/dist/cjs/session/case/CaseMessages.js +8 -8
- package/dist/cjs/session/case/CaseMessages.js.map +1 -1
- package/dist/cjs/session/case/CaseServer.d.ts.map +1 -1
- package/dist/cjs/session/case/CaseServer.js +26 -23
- package/dist/cjs/session/case/CaseServer.js.map +1 -1
- package/dist/cjs/session/pase/PaseClient.d.ts.map +1 -1
- package/dist/cjs/session/pase/PaseClient.js +4 -1
- package/dist/cjs/session/pase/PaseClient.js.map +1 -1
- package/dist/cjs/session/pase/PaseServer.d.ts.map +1 -1
- package/dist/cjs/session/pase/PaseServer.js +4 -1
- package/dist/cjs/session/pase/PaseServer.js.map +1 -1
- package/dist/esm/certificate/AttestationCertificateManager.js +2 -2
- package/dist/esm/certificate/AttestationCertificateManager.js.map +1 -1
- package/dist/esm/certificate/CertificateAuthority.d.ts +2 -2
- package/dist/esm/certificate/CertificateAuthority.d.ts.map +1 -1
- package/dist/esm/certificate/CertificateAuthority.js +5 -5
- package/dist/esm/certificate/CertificateAuthority.js.map +1 -1
- package/dist/esm/certificate/CertificateManager.d.ts +1 -1
- package/dist/esm/certificate/CertificateManager.d.ts.map +1 -1
- package/dist/esm/certificate/CertificateManager.js +22 -11
- package/dist/esm/certificate/CertificateManager.js.map +1 -1
- package/dist/esm/certificate/CertificationDeclarationManager.d.ts +1 -1
- package/dist/esm/certificate/DeviceCertification.d.ts +1 -1
- package/dist/esm/certificate/DeviceCertification.d.ts.map +1 -1
- package/dist/esm/certificate/DeviceCertification.js +5 -3
- package/dist/esm/certificate/DeviceCertification.js.map +1 -1
- package/dist/esm/cluster/client/ClusterClient.d.ts.map +1 -1
- package/dist/esm/cluster/client/ClusterClient.js +6 -0
- package/dist/esm/cluster/client/ClusterClient.js.map +1 -1
- package/dist/esm/cluster/client/ClusterClientTypes.d.ts +4 -1
- package/dist/esm/cluster/client/ClusterClientTypes.d.ts.map +1 -1
- package/dist/esm/codec/BtpCodec.d.ts +1 -1
- package/dist/esm/codec/MessageCodec.d.ts +1 -1
- package/dist/esm/fabric/Fabric.d.ts +8 -6
- package/dist/esm/fabric/Fabric.d.ts.map +1 -1
- package/dist/esm/fabric/Fabric.js +22 -14
- package/dist/esm/fabric/Fabric.js.map +1 -1
- package/dist/esm/fabric/FabricAuthority.d.ts +4 -0
- package/dist/esm/fabric/FabricAuthority.d.ts.map +1 -1
- package/dist/esm/fabric/FabricAuthority.js +6 -0
- package/dist/esm/fabric/FabricAuthority.js.map +1 -1
- package/dist/esm/fabric/FabricManager.d.ts.map +1 -1
- package/dist/esm/fabric/FabricManager.js +9 -2
- package/dist/esm/fabric/FabricManager.js.map +1 -1
- package/dist/esm/fabric/TestFabric.d.ts +30 -0
- package/dist/esm/fabric/TestFabric.d.ts.map +1 -0
- package/dist/esm/fabric/TestFabric.js +50 -0
- package/dist/esm/fabric/TestFabric.js.map +6 -0
- package/dist/esm/fabric/index.d.ts +1 -0
- package/dist/esm/fabric/index.d.ts.map +1 -1
- package/dist/esm/fabric/index.js +1 -0
- package/dist/esm/fabric/index.js.map +1 -1
- package/dist/esm/groups/{FabricGroupsManager.d.ts → FabricGroups.d.ts} +2 -2
- package/dist/esm/groups/FabricGroups.d.ts.map +1 -0
- package/dist/esm/groups/{FabricGroupsManager.js → FabricGroups.js} +6 -6
- package/dist/esm/groups/FabricGroups.js.map +6 -0
- package/dist/esm/groups/KeySets.js +1 -1
- package/dist/esm/groups/KeySets.js.map +1 -1
- package/dist/esm/groups/index.d.ts +1 -1
- package/dist/esm/groups/index.d.ts.map +1 -1
- package/dist/esm/groups/index.js +1 -1
- package/dist/esm/interaction/{AccessControlManager.d.ts → FabricAccessControl.d.ts} +12 -7
- package/dist/esm/interaction/FabricAccessControl.d.ts.map +1 -0
- package/dist/esm/interaction/{AccessControlManager.js → FabricAccessControl.js} +44 -19
- package/dist/esm/interaction/FabricAccessControl.js.map +6 -0
- package/dist/esm/interaction/index.d.ts +1 -1
- package/dist/esm/interaction/index.d.ts.map +1 -1
- package/dist/esm/interaction/index.js +1 -1
- package/dist/esm/peer/ControllerCommissioningFlow.d.ts.map +1 -1
- package/dist/esm/peer/ControllerCommissioningFlow.js +2 -4
- package/dist/esm/peer/ControllerCommissioningFlow.js.map +1 -1
- package/dist/esm/protocol/DeviceCommissioner.js +1 -1
- package/dist/esm/protocol/DeviceCommissioner.js.map +1 -1
- package/dist/esm/protocol/MessageExchange.d.ts +6 -0
- package/dist/esm/protocol/MessageExchange.d.ts.map +1 -1
- package/dist/esm/protocol/MessageExchange.js +13 -0
- package/dist/esm/protocol/MessageExchange.js.map +1 -1
- package/dist/esm/securechannel/SecureChannelStatusMessageSchema.d.ts +1 -1
- package/dist/esm/session/NodeSession.js +1 -1
- package/dist/esm/session/Session.d.ts +1 -1
- package/dist/esm/session/SessionManager.d.ts.map +1 -1
- package/dist/esm/session/SessionManager.js +1 -0
- package/dist/esm/session/SessionManager.js.map +1 -1
- package/dist/esm/session/case/CaseClient.d.ts.map +1 -1
- package/dist/esm/session/case/CaseClient.js +34 -30
- package/dist/esm/session/case/CaseClient.js.map +1 -1
- package/dist/esm/session/case/CaseMessages.d.ts +8 -8
- package/dist/esm/session/case/CaseMessages.js +8 -8
- package/dist/esm/session/case/CaseMessages.js.map +1 -1
- package/dist/esm/session/case/CaseServer.d.ts.map +1 -1
- package/dist/esm/session/case/CaseServer.js +26 -23
- package/dist/esm/session/case/CaseServer.js.map +1 -1
- package/dist/esm/session/pase/PaseClient.d.ts.map +1 -1
- package/dist/esm/session/pase/PaseClient.js +4 -1
- package/dist/esm/session/pase/PaseClient.js.map +1 -1
- package/dist/esm/session/pase/PaseServer.d.ts.map +1 -1
- package/dist/esm/session/pase/PaseServer.js +4 -1
- package/dist/esm/session/pase/PaseServer.js.map +1 -1
- package/package.json +6 -6
- package/src/certificate/AttestationCertificateManager.ts +2 -2
- package/src/certificate/CertificateAuthority.ts +7 -7
- package/src/certificate/CertificateManager.ts +22 -11
- package/src/certificate/DeviceCertification.ts +5 -3
- package/src/cluster/client/ClusterClient.ts +7 -0
- package/src/cluster/client/ClusterClientTypes.ts +7 -0
- package/src/fabric/Fabric.ts +24 -15
- package/src/fabric/FabricAuthority.ts +7 -0
- package/src/fabric/FabricManager.ts +9 -2
- package/src/fabric/TestFabric.ts +73 -0
- package/src/fabric/index.ts +1 -0
- package/src/groups/{FabricGroupsManager.ts → FabricGroups.ts} +4 -4
- package/src/groups/KeySets.ts +1 -1
- package/src/groups/index.ts +1 -1
- package/src/interaction/{AccessControlManager.ts → FabricAccessControl.ts} +61 -25
- package/src/interaction/index.ts +1 -1
- package/src/peer/ControllerCommissioningFlow.ts +2 -4
- package/src/protocol/DeviceCommissioner.ts +1 -1
- package/src/protocol/MessageExchange.ts +14 -0
- package/src/session/NodeSession.ts +1 -1
- package/src/session/SessionManager.ts +1 -0
- package/src/session/case/CaseClient.ts +34 -30
- package/src/session/case/CaseMessages.ts +8 -8
- package/src/session/case/CaseServer.ts +27 -23
- package/src/session/pase/PaseClient.ts +4 -1
- package/src/session/pase/PaseServer.ts +4 -1
- package/dist/cjs/groups/FabricGroupsManager.d.ts.map +0 -1
- package/dist/cjs/groups/FabricGroupsManager.js.map +0 -6
- package/dist/cjs/interaction/AccessControlManager.d.ts.map +0 -1
- package/dist/cjs/interaction/AccessControlManager.js.map +0 -6
- package/dist/esm/groups/FabricGroupsManager.d.ts.map +0 -1
- package/dist/esm/groups/FabricGroupsManager.js.map +0 -6
- package/dist/esm/interaction/AccessControlManager.d.ts.map +0 -1
- package/dist/esm/interaction/AccessControlManager.js.map +0 -6
|
@@ -52,14 +52,14 @@ class CaseClient {
|
|
|
52
52
|
async #doPair(messenger, exchange, fabric, peerNodeId) {
|
|
53
53
|
const initiatorRandom = import_general.Crypto.getRandom();
|
|
54
54
|
const initiatorSessionId = await this.#sessions.getNextAvailableSessionId();
|
|
55
|
-
const { operationalIdentityProtectionKey, operationalCert:
|
|
56
|
-
const
|
|
55
|
+
const { operationalIdentityProtectionKey, operationalCert: localNoc, intermediateCACert: localIcac } = fabric;
|
|
56
|
+
const localKey = await import_general.Crypto.createKeyPair();
|
|
57
57
|
let sigma1Bytes;
|
|
58
58
|
let resumed = false;
|
|
59
59
|
let resumptionRecord = this.#sessions.findResumptionRecordByAddress(fabric.addressOf(peerNodeId));
|
|
60
60
|
if (resumptionRecord !== void 0) {
|
|
61
61
|
const { sharedSecret, resumptionId } = resumptionRecord;
|
|
62
|
-
const resumeKey = await import_general.Crypto.
|
|
62
|
+
const resumeKey = await import_general.Crypto.createHkdfKey(
|
|
63
63
|
sharedSecret,
|
|
64
64
|
import_general.Bytes.concat(initiatorRandom, resumptionId),
|
|
65
65
|
import_CaseMessages.KDFSR1_KEY_INFO
|
|
@@ -68,7 +68,7 @@ class CaseClient {
|
|
|
68
68
|
sigma1Bytes = await messenger.sendSigma1({
|
|
69
69
|
initiatorSessionId,
|
|
70
70
|
destinationId: await fabric.currentDestinationIdFor(peerNodeId, initiatorRandom),
|
|
71
|
-
initiatorEcdhPublicKey,
|
|
71
|
+
initiatorEcdhPublicKey: localKey.publicBits,
|
|
72
72
|
initiatorRandom,
|
|
73
73
|
resumptionId,
|
|
74
74
|
initiatorResumeMic,
|
|
@@ -78,7 +78,7 @@ class CaseClient {
|
|
|
78
78
|
sigma1Bytes = await messenger.sendSigma1({
|
|
79
79
|
initiatorSessionId,
|
|
80
80
|
destinationId: await fabric.currentDestinationIdFor(peerNodeId, initiatorRandom),
|
|
81
|
-
initiatorEcdhPublicKey,
|
|
81
|
+
initiatorEcdhPublicKey: localKey.publicBits,
|
|
82
82
|
initiatorRandom,
|
|
83
83
|
initiatorSessionParams: this.#sessions.sessionParameters
|
|
84
84
|
});
|
|
@@ -99,7 +99,7 @@ class CaseClient {
|
|
|
99
99
|
...resumptionSessionParams ?? {}
|
|
100
100
|
};
|
|
101
101
|
const resumeSalt = import_general.Bytes.concat(initiatorRandom, resumptionId);
|
|
102
|
-
const resumeKey = await import_general.Crypto.
|
|
102
|
+
const resumeKey = await import_general.Crypto.createHkdfKey(sharedSecret, resumeSalt, import_CaseMessages.KDFSR2_KEY_INFO);
|
|
103
103
|
import_general.Crypto.decrypt(resumeKey, resumeMic, import_CaseMessages.RESUME2_MIC_NONCE);
|
|
104
104
|
const secureSessionSalt = import_general.Bytes.concat(initiatorRandom, resumptionRecord.resumptionId);
|
|
105
105
|
secureSession = await this.#sessions.createSecureSession({
|
|
@@ -124,7 +124,7 @@ class CaseClient {
|
|
|
124
124
|
resumed = true;
|
|
125
125
|
} else {
|
|
126
126
|
const {
|
|
127
|
-
responderEcdhPublicKey:
|
|
127
|
+
responderEcdhPublicKey: peerKey,
|
|
128
128
|
encrypted: peerEncrypted,
|
|
129
129
|
responderRandom,
|
|
130
130
|
responderSessionId: peerSessionId,
|
|
@@ -134,32 +134,32 @@ class CaseClient {
|
|
|
134
134
|
...exchange.session.parameters,
|
|
135
135
|
...responderSessionParams ?? {}
|
|
136
136
|
};
|
|
137
|
-
const sharedSecret = await import_general.Crypto.
|
|
137
|
+
const sharedSecret = await import_general.Crypto.generateDhSecret(localKey, (0, import_general.PublicKey)(peerKey));
|
|
138
138
|
const sigma2Salt = import_general.Bytes.concat(
|
|
139
139
|
operationalIdentityProtectionKey,
|
|
140
140
|
responderRandom,
|
|
141
|
-
|
|
142
|
-
await import_general.Crypto.
|
|
141
|
+
peerKey,
|
|
142
|
+
await import_general.Crypto.computeSha256(sigma1Bytes)
|
|
143
143
|
);
|
|
144
|
-
const sigma2Key = await import_general.Crypto.
|
|
144
|
+
const sigma2Key = await import_general.Crypto.createHkdfKey(sharedSecret, sigma2Salt, import_CaseMessages.KDFSR2_INFO);
|
|
145
145
|
const peerEncryptedData = import_general.Crypto.decrypt(sigma2Key, peerEncrypted, import_CaseMessages.TBE_DATA2_NONCE);
|
|
146
146
|
const {
|
|
147
|
-
|
|
148
|
-
|
|
147
|
+
responderNoc: peerNoc,
|
|
148
|
+
responderIcac: peerIcac,
|
|
149
149
|
signature: peerSignature,
|
|
150
150
|
resumptionId: peerResumptionId
|
|
151
151
|
} = import_CaseMessages.TlvEncryptedDataSigma2.decode(peerEncryptedData);
|
|
152
152
|
const peerSignatureData = import_CaseMessages.TlvSignedData.encode({
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
|
|
156
|
-
|
|
153
|
+
responderNoc: peerNoc,
|
|
154
|
+
responderIcac: peerIcac,
|
|
155
|
+
responderPublicKey: peerKey,
|
|
156
|
+
initiatorPublicKey: localKey.publicBits
|
|
157
157
|
});
|
|
158
158
|
const {
|
|
159
159
|
ellipticCurvePublicKey: peerPublicKey,
|
|
160
160
|
subject: { fabricId: peerFabricIdNOCert, nodeId: peerNodeIdNOCert }
|
|
161
|
-
} = import_CertificateManager.TlvOperationalCertificate.decode(
|
|
162
|
-
await import_general.Crypto.
|
|
161
|
+
} = import_CertificateManager.TlvOperationalCertificate.decode(peerNoc);
|
|
162
|
+
await import_general.Crypto.verifyEcdsa((0, import_general.PublicKey)(peerPublicKey), peerSignatureData, peerSignature);
|
|
163
163
|
if (peerNodeIdNOCert !== peerNodeId) {
|
|
164
164
|
throw new import_general.UnexpectedDataError(
|
|
165
165
|
`The node ID in the peer certificate ${peerNodeIdNOCert} doesn't match the expected peer node ID ${peerNodeId}`
|
|
@@ -170,37 +170,41 @@ class CaseClient {
|
|
|
170
170
|
`The fabric ID in the peer certificate ${peerFabricIdNOCert} doesn't match the expected fabric ID ${fabric.fabricId}`
|
|
171
171
|
);
|
|
172
172
|
}
|
|
173
|
-
if (
|
|
173
|
+
if (peerIcac !== void 0) {
|
|
174
174
|
const {
|
|
175
175
|
subject: { fabricId: peerFabricIdIcaCert }
|
|
176
|
-
} = import_CertificateManager.TlvIntermediateCertificate.decode(
|
|
176
|
+
} = import_CertificateManager.TlvIntermediateCertificate.decode(peerIcac);
|
|
177
177
|
if (peerFabricIdIcaCert !== void 0 && peerFabricIdIcaCert !== fabric.fabricId) {
|
|
178
178
|
throw new import_general.UnexpectedDataError(
|
|
179
179
|
`The fabric ID in the peer intermediate CA certificate ${peerFabricIdIcaCert} doesn't match the expected fabric ID ${fabric.fabricId}`
|
|
180
180
|
);
|
|
181
181
|
}
|
|
182
182
|
}
|
|
183
|
-
await fabric.verifyCredentials(
|
|
183
|
+
await fabric.verifyCredentials(peerNoc, peerIcac);
|
|
184
184
|
const sigma3Salt = import_general.Bytes.concat(
|
|
185
185
|
operationalIdentityProtectionKey,
|
|
186
|
-
await import_general.Crypto.
|
|
186
|
+
await import_general.Crypto.computeSha256([sigma1Bytes, sigma2Bytes])
|
|
187
187
|
);
|
|
188
|
-
const sigma3Key = await import_general.Crypto.
|
|
188
|
+
const sigma3Key = await import_general.Crypto.createHkdfKey(sharedSecret, sigma3Salt, import_CaseMessages.KDFSR3_INFO);
|
|
189
189
|
const signatureData = import_CaseMessages.TlvSignedData.encode({
|
|
190
|
-
|
|
191
|
-
|
|
192
|
-
|
|
193
|
-
|
|
190
|
+
responderNoc: localNoc,
|
|
191
|
+
responderIcac: localIcac,
|
|
192
|
+
responderPublicKey: localKey.publicBits,
|
|
193
|
+
initiatorPublicKey: peerKey
|
|
194
194
|
});
|
|
195
195
|
const signature = await fabric.sign(signatureData);
|
|
196
|
-
const encryptedData = import_CaseMessages.TlvEncryptedDataSigma3.encode({
|
|
196
|
+
const encryptedData = import_CaseMessages.TlvEncryptedDataSigma3.encode({
|
|
197
|
+
responderNoc: localNoc,
|
|
198
|
+
responderIcac: localIcac,
|
|
199
|
+
signature
|
|
200
|
+
});
|
|
197
201
|
const encrypted = import_general.Crypto.encrypt(sigma3Key, encryptedData, import_CaseMessages.TBE_DATA3_NONCE);
|
|
198
202
|
const sigma3Bytes = await messenger.sendSigma3({ encrypted });
|
|
199
203
|
await messenger.waitForSuccess("Sigma3-Success");
|
|
200
204
|
const { caseAuthenticatedTags } = resumptionRecord ?? {};
|
|
201
205
|
const secureSessionSalt = import_general.Bytes.concat(
|
|
202
206
|
operationalIdentityProtectionKey,
|
|
203
|
-
await import_general.Crypto.
|
|
207
|
+
await import_general.Crypto.computeSha256([sigma1Bytes, sigma2Bytes, sigma3Bytes])
|
|
204
208
|
);
|
|
205
209
|
secureSession = await this.#sessions.createSecureSession({
|
|
206
210
|
sessionId: initiatorSessionId,
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../../../../src/session/case/CaseClient.ts"],
|
|
4
|
-
"mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAMA,qBAAsE;AACtE,2BAA2C;AAE3C,mBAA2C;AAC3C,gCAAsE;AAGtE,0BAYO;AACP,2BAAoC;AA1BpC;AAAA;AAAA;AAAA;AAAA;AA4BA,MAAM,SAAS,sBAAO,IAAI,YAAY;AAE/B,MAAM,WAAW;AAAA,EACpB;AAAA,EAEA,YAAY,UAA0B;AAClC,SAAK,YAAY;AAAA,EACrB;AAAA,EAEA,MAAM,KAAK,UAA2B,QAAgB,YAAoB,0BAAmC;AACzG,UAAM,YAAY,IAAI,yCAAoB,UAAU,wBAAwB;AAE5E,QAAI;AACA,aAAO,MAAM,KAAK,QAAQ,WAAW,UAAU,QAAQ,UAAU;AAAA,IACrE,SAAS,OAAO;AACZ,UAAI,EAAE,iBAAiB,kDAA6B;AAChD,cAAM,UAAU,UAAU,gCAAmB,YAAY;AAAA,MAC7D;AACA,YAAM;AAAA,IACV;AAAA,EACJ;AAAA,EAEA,MAAM,QAAQ,WAAgC,UAA2B,QAAgB,YAAoB;AAEzG,UAAM,kBAAkB,sBAAO,UAAU;AACzC,UAAM,qBAAqB,MAAM,KAAK,UAAU,0BAA0B;AAC1E,UAAM,EAAE,kCAAkC,iBAAiB,
|
|
4
|
+
"mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAMA,qBAAsE;AACtE,2BAA2C;AAE3C,mBAA2C;AAC3C,gCAAsE;AAGtE,0BAYO;AACP,2BAAoC;AA1BpC;AAAA;AAAA;AAAA;AAAA;AA4BA,MAAM,SAAS,sBAAO,IAAI,YAAY;AAE/B,MAAM,WAAW;AAAA,EACpB;AAAA,EAEA,YAAY,UAA0B;AAClC,SAAK,YAAY;AAAA,EACrB;AAAA,EAEA,MAAM,KAAK,UAA2B,QAAgB,YAAoB,0BAAmC;AACzG,UAAM,YAAY,IAAI,yCAAoB,UAAU,wBAAwB;AAE5E,QAAI;AACA,aAAO,MAAM,KAAK,QAAQ,WAAW,UAAU,QAAQ,UAAU;AAAA,IACrE,SAAS,OAAO;AACZ,UAAI,EAAE,iBAAiB,kDAA6B;AAChD,cAAM,UAAU,UAAU,gCAAmB,YAAY;AAAA,MAC7D;AACA,YAAM;AAAA,IACV;AAAA,EACJ;AAAA,EAEA,MAAM,QAAQ,WAAgC,UAA2B,QAAgB,YAAoB;AAEzG,UAAM,kBAAkB,sBAAO,UAAU;AACzC,UAAM,qBAAqB,MAAM,KAAK,UAAU,0BAA0B;AAC1E,UAAM,EAAE,kCAAkC,iBAAiB,UAAU,oBAAoB,UAAU,IAAI;AACvG,UAAM,WAAW,MAAM,sBAAO,cAAc;AAG5C,QAAI;AACJ,QAAI,UAAU;AACd,QAAI,mBAAmB,KAAK,UAAU,8BAA8B,OAAO,UAAU,UAAU,CAAC;AAChG,QAAI,qBAAqB,QAAW;AAChC,YAAM,EAAE,cAAc,aAAa,IAAI;AACvC,YAAM,YAAY,MAAM,sBAAO;AAAA,QAC3B;AAAA,QACA,qBAAM,OAAO,iBAAiB,YAAY;AAAA,QAC1C;AAAA,MACJ;AACA,YAAM,qBAAqB,sBAAO,QAAQ,WAAW,IAAI,WAAW,CAAC,GAAG,qCAAiB;AACzF,oBAAc,MAAM,UAAU,WAAW;AAAA,QACrC;AAAA,QACA,eAAe,MAAM,OAAO,wBAAwB,YAAY,eAAe;AAAA,QAC/E,wBAAwB,SAAS;AAAA,QACjC;AAAA,QACA;AAAA,QACA;AAAA,QACA,wBAAwB,KAAK,UAAU;AAAA,MAC3C,CAAC;AAAA,IACL,OAAO;AACH,oBAAc,MAAM,UAAU,WAAW;AAAA,QACrC;AAAA,QACA,eAAe,MAAM,OAAO,wBAAwB,YAAY,eAAe;AAAA,QAC/E,wBAAwB,SAAS;AAAA,QACjC;AAAA,QACA,wBAAwB,KAAK,UAAU;AAAA,MAC3C,CAAC;AAAA,IACL;AAEA,QAAI;AACJ,UAAM,EAAE,aAAa,QAAQ,aAAa,IAAI,MAAM,UAAU,WAAW;AACzE,QAAI,iBAAiB,QAAW;AAE5B,UAAI,qBAAqB,OAAW,OAAM,IAAI,mCAAoB,sCAAsC;AACxG,YAAM;AAAA,QACF;AAAA,QACA,QAAAA;AAAA,QACA,mBAAmB;AAAA,QACnB;AAAA,MACJ,IAAI;AACJ,YAAM,EAAE,oBAAoB,eAAe,cAAc,UAAU,IAAI;AAGvE,YAAM,oBAAoB;AAAA,QACtB,GAAG,SAAS,QAAQ;AAAA,QACpB,GAAI,2BAA2B,CAAC;AAAA,MACpC;AAEA,YAAM,aAAa,qBAAM,OAAO,iBAAiB,YAAY;AAC7D,YAAM,YAAY,MAAM,sBAAO,cAAc,cAAc,YAAY,mCAAe;AACtF,4BAAO,QAAQ,WAAW,WAAW,qCAAiB;AAEtD,YAAM,oBAAoB,qBAAM,OAAO,iBAAiB,iBAAiB,YAAY;AACrF,sBAAgB,MAAM,KAAK,UAAU,oBAAoB;AAAA,QACrD,WAAW;AAAA,QACX,QAAAA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA,MAAM;AAAA,QACN,aAAa;AAAA,QACb,cAAc;AAAA,QACd,uBAAuB;AAAA,QACvB;AAAA,MACJ,CAAC;AACD,YAAM,UAAU,YAAY;AAC5B,aAAO;AAAA,QACH,wBAAwB,cAAc,EAAE,8BAA8B,UAAU,eAAe,CAAC,eAAe,oBAAO,YAAYA,QAAO,MAAM,CAAC,WAAWA,QAAO,WAAW,kBAAkB,oBAAO,YAAY,UAAU,CAAC;AAAA,QAC7N,cAAc,qBAAqB;AAAA,MACvC;AAEA,uBAAiB,eAAe;AAChC,uBAAiB,oBAAoB,cAAc;AACnD,gBAAU;AAAA,IACd,OAAO;AAEH,YAAM;AAAA,QACF,wBAAwB;AAAA,QACxB,WAAW;AAAA,QACX;AAAA,QACA,oBAAoB;AAAA,QACpB;AAAA,MACJ,IAAI;AAEJ,YAAM,oBAAoB;AAAA,QACtB,GAAG,SAAS,QAAQ;AAAA,QACpB,GAAI,0BAA0B,CAAC;AAAA,MACnC;AACA,YAAM,eAAe,MAAM,sBAAO,iBAAiB,cAAU,0BAAU,OAAO,CAAC;AAC/E,YAAM,aAAa,qBAAM;AAAA,QACrB;AAAA,QACA;AAAA,QACA;AAAA,QACA,MAAM,sBAAO,cAAc,WAAW;AAAA,MAC1C;AACA,YAAM,YAAY,MAAM,sBAAO,cAAc,cAAc,YAAY,+BAAW;AAClF,YAAM,oBAAoB,sBAAO,QAAQ,WAAW,eAAe,mCAAe;AAClF,YAAM;AAAA,QACF,cAAc;AAAA,QACd,eAAe;AAAA,QACf,WAAW;AAAA,QACX,cAAc;AAAA,MAClB,IAAI,2CAAuB,OAAO,iBAAiB;AACnD,YAAM,oBAAoB,kCAAc,OAAO;AAAA,QAC3C,cAAc;AAAA,QACd,eAAe;AAAA,QACf,oBAAoB;AAAA,QACpB,oBAAoB,SAAS;AAAA,MACjC,CAAC;AACD,YAAM;AAAA,QACF,wBAAwB;AAAA,QACxB,SAAS,EAAE,UAAU,oBAAoB,QAAQ,iBAAiB;AAAA,MACtE,IAAI,oDAA0B,OAAO,OAAO;AAE5C,YAAM,sBAAO,gBAAY,0BAAU,aAAa,GAAG,mBAAmB,aAAa;AAEnF,UAAI,qBAAqB,YAAY;AACjC,cAAM,IAAI;AAAA,UACN,uCAAuC,gBAAgB,4CAA4C,UAAU;AAAA,QACjH;AAAA,MACJ;AACA,UAAI,uBAAuB,OAAO,UAAU;AACxC,cAAM,IAAI;AAAA,UACN,yCAAyC,kBAAkB,yCAAyC,OAAO,QAAQ;AAAA,QACvH;AAAA,MACJ;AACA,UAAI,aAAa,QAAW;AACxB,cAAM;AAAA,UACF,SAAS,EAAE,UAAU,oBAAoB;AAAA,QAC7C,IAAI,qDAA2B,OAAO,QAAQ;AAE9C,YAAI,wBAAwB,UAAa,wBAAwB,OAAO,UAAU;AAC9E,gBAAM,IAAI;AAAA,YACN,yDAAyD,mBAAmB,yCAAyC,OAAO,QAAQ;AAAA,UACxI;AAAA,QACJ;AAAA,MACJ;AACA,YAAM,OAAO,kBAAkB,SAAS,QAAQ;AAGhD,YAAM,aAAa,qBAAM;AAAA,QACrB;AAAA,QACA,MAAM,sBAAO,cAAc,CAAC,aAAa,WAAW,CAAC;AAAA,MACzD;AACA,YAAM,YAAY,MAAM,sBAAO,cAAc,cAAc,YAAY,+BAAW;AAClF,YAAM,gBAAgB,kCAAc,OAAO;AAAA,QACvC,cAAc;AAAA,QACd,eAAe;AAAA,QACf,oBAAoB,SAAS;AAAA,QAC7B,oBAAoB;AAAA,MACxB,CAAC;AACD,YAAM,YAAY,MAAM,OAAO,KAAK,aAAa;AACjD,YAAM,gBAAgB,2CAAuB,OAAO;AAAA,QAChD,cAAc;AAAA,QACd,eAAe;AAAA,QACf;AAAA,MACJ,CAAC;AACD,YAAM,YAAY,sBAAO,QAAQ,WAAW,eAAe,mCAAe;AAC1E,YAAM,cAAc,MAAM,UAAU,WAAW,EAAE,UAAU,CAAC;AAC5D,YAAM,UAAU,eAAe,gBAAgB;AAG/C,YAAM,EAAE,sBAAsB,IAAI,oBAAoB,CAAC;AACvD,YAAM,oBAAoB,qBAAM;AAAA,QAC5B;AAAA,QACA,MAAM,sBAAO,cAAc,CAAC,aAAa,aAAa,WAAW,CAAC;AAAA,MACtE;AACA,sBAAgB,MAAM,KAAK,UAAU,oBAAoB;AAAA,QACrD,WAAW;AAAA,QACX;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA,MAAM;AAAA,QACN,aAAa;AAAA,QACb,cAAc;AAAA,QACd,uBAAuB;AAAA,QACvB;AAAA,MACJ,CAAC;AACD,aAAO;AAAA,QACH,uBAAuB,cAAc,EAAE,kCAAkC,UAAU,eAAe,CAAC,eAAe,oBAAO;AAAA,UACrH,OAAO;AAAA,QACX,CAAC,WAAW,OAAO,WAAW,kBAAkB,oBAAO,YAAY,UAAU,CAAC;AAAA,QAC9E,cAAc,qBAAqB;AAAA,MACvC;AACA,yBAAmB;AAAA,QACf;AAAA,QACA;AAAA,QACA;AAAA,QACA,cAAc;AAAA,QACd,mBAAmB,cAAc;AAAA,QACjC;AAAA,MACJ;AAAA,IACJ;AAEA,UAAM,UAAU,MAAM;AACtB,UAAM,KAAK,UAAU,qBAAqB,gBAAgB;AAE1D,WAAO,EAAE,SAAS,eAAe,QAAQ;AAAA,EAC7C;AACJ;",
|
|
5
5
|
"names": ["fabric"]
|
|
6
6
|
}
|
|
@@ -76,22 +76,22 @@ export declare const TlvCaseSigma3: import("#types").ObjectSchema<{
|
|
|
76
76
|
}>;
|
|
77
77
|
/** @see {@link MatterSpecification.v10.Core} § 4.13.2.3 */
|
|
78
78
|
export declare const TlvSignedData: import("#types").ObjectSchema<{
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
79
|
+
responderNoc: import("#types").FieldType<Uint8Array<ArrayBufferLike>>;
|
|
80
|
+
responderIcac: import("#types").OptionalFieldType<Uint8Array<ArrayBufferLike>>;
|
|
81
|
+
responderPublicKey: import("#types").FieldType<Uint8Array<ArrayBufferLike>>;
|
|
82
|
+
initiatorPublicKey: import("#types").FieldType<Uint8Array<ArrayBufferLike>>;
|
|
83
83
|
}>;
|
|
84
84
|
/** @see {@link MatterSpecification.v10.Core} § 4.13.2.3 */
|
|
85
85
|
export declare const TlvEncryptedDataSigma2: import("#types").ObjectSchema<{
|
|
86
|
-
|
|
87
|
-
|
|
86
|
+
responderNoc: import("#types").FieldType<Uint8Array<ArrayBufferLike>>;
|
|
87
|
+
responderIcac: import("#types").OptionalFieldType<Uint8Array<ArrayBufferLike>>;
|
|
88
88
|
signature: import("#types").FieldType<Uint8Array<ArrayBufferLike>>;
|
|
89
89
|
resumptionId: import("#types").FieldType<Uint8Array<ArrayBufferLike>>;
|
|
90
90
|
}>;
|
|
91
91
|
/** @see {@link MatterSpecification.v10.Core} § 4.13.2.3 */
|
|
92
92
|
export declare const TlvEncryptedDataSigma3: import("#types").ObjectSchema<{
|
|
93
|
-
|
|
94
|
-
|
|
93
|
+
responderNoc: import("#types").FieldType<Uint8Array<ArrayBufferLike>>;
|
|
94
|
+
responderIcac: import("#types").OptionalFieldType<Uint8Array<ArrayBufferLike>>;
|
|
95
95
|
signature: import("#types").FieldType<Uint8Array<ArrayBufferLike>>;
|
|
96
96
|
}>;
|
|
97
97
|
//# sourceMappingURL=CaseMessages.d.ts.map
|
|
@@ -78,20 +78,20 @@ const TlvCaseSigma3 = (0, import_types.TlvObject)({
|
|
|
78
78
|
encrypted: (0, import_types.TlvField)(1, import_types.TlvByteString)
|
|
79
79
|
});
|
|
80
80
|
const TlvSignedData = (0, import_types.TlvObject)({
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
81
|
+
responderNoc: (0, import_types.TlvField)(1, import_types.TlvByteString),
|
|
82
|
+
responderIcac: (0, import_types.TlvOptionalField)(2, import_types.TlvByteString),
|
|
83
|
+
responderPublicKey: (0, import_types.TlvField)(3, import_types.TlvByteString.bound({ length: import_general.CRYPTO_PUBLIC_KEY_SIZE_BYTES })),
|
|
84
|
+
initiatorPublicKey: (0, import_types.TlvField)(4, import_types.TlvByteString.bound({ length: import_general.CRYPTO_PUBLIC_KEY_SIZE_BYTES }))
|
|
85
85
|
});
|
|
86
86
|
const TlvEncryptedDataSigma2 = (0, import_types.TlvObject)({
|
|
87
|
-
|
|
88
|
-
|
|
87
|
+
responderNoc: (0, import_types.TlvField)(1, import_types.TlvByteString),
|
|
88
|
+
responderIcac: (0, import_types.TlvOptionalField)(2, import_types.TlvByteString),
|
|
89
89
|
signature: (0, import_types.TlvField)(3, import_types.TlvByteString.bound({ length: CASE_SIGNATURE_LENGTH })),
|
|
90
90
|
resumptionId: (0, import_types.TlvField)(4, import_types.TlvByteString.bound({ length: 16 }))
|
|
91
91
|
});
|
|
92
92
|
const TlvEncryptedDataSigma3 = (0, import_types.TlvObject)({
|
|
93
|
-
|
|
94
|
-
|
|
93
|
+
responderNoc: (0, import_types.TlvField)(1, import_types.TlvByteString),
|
|
94
|
+
responderIcac: (0, import_types.TlvOptionalField)(2, import_types.TlvByteString),
|
|
95
95
|
signature: (0, import_types.TlvField)(3, import_types.TlvByteString.bound({ length: CASE_SIGNATURE_LENGTH }))
|
|
96
96
|
});
|
|
97
97
|
//# sourceMappingURL=CaseMessages.js.map
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../../../../src/session/case/CaseMessages.ts"],
|
|
4
|
-
"mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAKA,qBAMO;AACP,mBAAgF;AAChF,0BAAqC;AAbrC;AAAA;AAAA;AAAA;AAAA;AAeA,MAAM,wBAAwB,yCAA0B;AAEjD,MAAM,kBAAkB,qBAAM,WAAW,eAAe;AACxD,MAAM,kBAAkB,qBAAM,WAAW,eAAe;AACxD,MAAM,oBAAoB,qBAAM,WAAW,eAAe;AAC1D,MAAM,oBAAoB,qBAAM,WAAW,eAAe;AAC1D,MAAM,cAAc,qBAAM,WAAW,QAAQ;AAC7C,MAAM,cAAc,qBAAM,WAAW,QAAQ;AAC7C,MAAM,kBAAkB,qBAAM,WAAW,eAAe;AACxD,MAAM,kBAAkB,qBAAM,WAAW,eAAe;AAGxD,MAAM,oBAAgB,wBAAU;AAAA,EACnC,qBAAiB,uBAAS,GAAG,2BAAc,MAAM,EAAE,QAAQ,GAAG,CAAC,CAAC;AAAA,EAChE,wBAAoB,uBAAS,GAAG,sBAAS;AAAA,EACzC,mBAAe,uBAAS,GAAG,2BAAc,MAAM,EAAE,QAAQ,qCAAsB,CAAC,CAAC;AAAA,EACjF,4BAAwB,uBAAS,GAAG,2BAAc,MAAM,EAAE,QAAQ,4CAA6B,CAAC,CAAC;AAAA,EACjG,4BAAwB,+BAAiB,GAAG,wCAAoB;AAAA,EAChE,kBAAc,+BAAiB,GAAG,2BAAc,MAAM,EAAE,QAAQ,GAAG,CAAC,CAAC;AAAA,EACrE,wBAAoB,+BAAiB,GAAG,2BAAc,MAAM,EAAE,QAAQ,4CAA6B,CAAC,CAAC;AACzG,CAAC;AAGM,MAAM,oBAAgB,wBAAU;AAAA,EACnC,qBAAiB,uBAAS,GAAG,2BAAc,MAAM,EAAE,QAAQ,GAAG,CAAC,CAAC;AAAA,EAChE,wBAAoB,uBAAS,GAAG,sBAAS;AAAA,EACzC,4BAAwB,uBAAS,GAAG,2BAAc,MAAM,EAAE,QAAQ,4CAA6B,CAAC,CAAC;AAAA,EACjG,eAAW,uBAAS,GAAG,0BAAa;AAAA,EACpC,4BAAwB,+BAAiB,GAAG,wCAAoB;AACpE,CAAC;AAGM,MAAM,0BAAsB,wBAAU;AAAA,EACzC,kBAAc,uBAAS,GAAG,2BAAc,MAAM,EAAE,QAAQ,GAAG,CAAC,CAAC;AAAA,EAC7D,eAAW,uBAAS,GAAG,2BAAc,MAAM,EAAE,QAAQ,GAAG,CAAC,CAAC;AAAA,EAC1D,wBAAoB,uBAAS,GAAG,sBAAS;AAAA,EACzC,4BAAwB,+BAAiB,GAAG,wCAAoB;AACpE,CAAC;AAGM,MAAM,oBAAgB,wBAAU;AAAA,EACnC,eAAW,uBAAS,GAAG,0BAAa;AACxC,CAAC;AAGM,MAAM,oBAAgB,wBAAU;AAAA,EACnC,
|
|
4
|
+
"mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAKA,qBAMO;AACP,mBAAgF;AAChF,0BAAqC;AAbrC;AAAA;AAAA;AAAA;AAAA;AAeA,MAAM,wBAAwB,yCAA0B;AAEjD,MAAM,kBAAkB,qBAAM,WAAW,eAAe;AACxD,MAAM,kBAAkB,qBAAM,WAAW,eAAe;AACxD,MAAM,oBAAoB,qBAAM,WAAW,eAAe;AAC1D,MAAM,oBAAoB,qBAAM,WAAW,eAAe;AAC1D,MAAM,cAAc,qBAAM,WAAW,QAAQ;AAC7C,MAAM,cAAc,qBAAM,WAAW,QAAQ;AAC7C,MAAM,kBAAkB,qBAAM,WAAW,eAAe;AACxD,MAAM,kBAAkB,qBAAM,WAAW,eAAe;AAGxD,MAAM,oBAAgB,wBAAU;AAAA,EACnC,qBAAiB,uBAAS,GAAG,2BAAc,MAAM,EAAE,QAAQ,GAAG,CAAC,CAAC;AAAA,EAChE,wBAAoB,uBAAS,GAAG,sBAAS;AAAA,EACzC,mBAAe,uBAAS,GAAG,2BAAc,MAAM,EAAE,QAAQ,qCAAsB,CAAC,CAAC;AAAA,EACjF,4BAAwB,uBAAS,GAAG,2BAAc,MAAM,EAAE,QAAQ,4CAA6B,CAAC,CAAC;AAAA,EACjG,4BAAwB,+BAAiB,GAAG,wCAAoB;AAAA,EAChE,kBAAc,+BAAiB,GAAG,2BAAc,MAAM,EAAE,QAAQ,GAAG,CAAC,CAAC;AAAA,EACrE,wBAAoB,+BAAiB,GAAG,2BAAc,MAAM,EAAE,QAAQ,4CAA6B,CAAC,CAAC;AACzG,CAAC;AAGM,MAAM,oBAAgB,wBAAU;AAAA,EACnC,qBAAiB,uBAAS,GAAG,2BAAc,MAAM,EAAE,QAAQ,GAAG,CAAC,CAAC;AAAA,EAChE,wBAAoB,uBAAS,GAAG,sBAAS;AAAA,EACzC,4BAAwB,uBAAS,GAAG,2BAAc,MAAM,EAAE,QAAQ,4CAA6B,CAAC,CAAC;AAAA,EACjG,eAAW,uBAAS,GAAG,0BAAa;AAAA,EACpC,4BAAwB,+BAAiB,GAAG,wCAAoB;AACpE,CAAC;AAGM,MAAM,0BAAsB,wBAAU;AAAA,EACzC,kBAAc,uBAAS,GAAG,2BAAc,MAAM,EAAE,QAAQ,GAAG,CAAC,CAAC;AAAA,EAC7D,eAAW,uBAAS,GAAG,2BAAc,MAAM,EAAE,QAAQ,GAAG,CAAC,CAAC;AAAA,EAC1D,wBAAoB,uBAAS,GAAG,sBAAS;AAAA,EACzC,4BAAwB,+BAAiB,GAAG,wCAAoB;AACpE,CAAC;AAGM,MAAM,oBAAgB,wBAAU;AAAA,EACnC,eAAW,uBAAS,GAAG,0BAAa;AACxC,CAAC;AAGM,MAAM,oBAAgB,wBAAU;AAAA,EACnC,kBAAc,uBAAS,GAAG,0BAAa;AAAA,EACvC,mBAAe,+BAAiB,GAAG,0BAAa;AAAA,EAChD,wBAAoB,uBAAS,GAAG,2BAAc,MAAM,EAAE,QAAQ,4CAA6B,CAAC,CAAC;AAAA,EAC7F,wBAAoB,uBAAS,GAAG,2BAAc,MAAM,EAAE,QAAQ,4CAA6B,CAAC,CAAC;AACjG,CAAC;AAGM,MAAM,6BAAyB,wBAAU;AAAA,EAC5C,kBAAc,uBAAS,GAAG,0BAAa;AAAA,EACvC,mBAAe,+BAAiB,GAAG,0BAAa;AAAA,EAChD,eAAW,uBAAS,GAAG,2BAAc,MAAM,EAAE,QAAQ,sBAAsB,CAAC,CAAC;AAAA,EAC7E,kBAAc,uBAAS,GAAG,2BAAc,MAAM,EAAE,QAAQ,GAAG,CAAC,CAAC;AACjE,CAAC;AAGM,MAAM,6BAAyB,wBAAU;AAAA,EAC5C,kBAAc,uBAAS,GAAG,0BAAa;AAAA,EACvC,mBAAe,+BAAiB,GAAG,0BAAa;AAAA,EAChD,eAAW,uBAAS,GAAG,2BAAc,MAAM,EAAE,QAAQ,sBAAsB,CAAC,CAAC;AACjF,CAAC;",
|
|
5
5
|
"names": []
|
|
6
6
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"CaseServer.d.ts","sourceRoot":"","sources":["../../../../src/session/case/CaseServer.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,OAAO,EAAoB,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAG9E,OAAO,EAAE,aAAa,EAAuB,MAAM,+BAA+B,CAAC;AACnF,OAAO,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AACpE,OAAO,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AAoBpE,qBAAa,UAAW,YAAW,eAAe;;IAC9C,QAAQ,CAAC,EAAE,KAA8B;IACzC,QAAQ,CAAC,qBAAqB,SAAS;gBAK3B,QAAQ,EAAE,cAAc,EAAE,OAAO,EAAE,aAAa;IAKtD,aAAa,CAAC,QAAQ,EAAE,eAAe;
|
|
1
|
+
{"version":3,"file":"CaseServer.d.ts","sourceRoot":"","sources":["../../../../src/session/case/CaseServer.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,OAAO,EAAoB,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAG9E,OAAO,EAAE,aAAa,EAAuB,MAAM,+BAA+B,CAAC;AACnF,OAAO,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AACpE,OAAO,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AAoBpE,qBAAa,UAAW,YAAW,eAAe;;IAC9C,QAAQ,CAAC,EAAE,KAA8B;IACzC,QAAQ,CAAC,qBAAqB,SAAS;gBAK3B,QAAQ,EAAE,cAAc,EAAE,OAAO,EAAE,aAAa;IAKtD,aAAa,CAAC,QAAQ,EAAE,eAAe;IA4PvC,KAAK;CAGd"}
|
|
@@ -81,7 +81,7 @@ class CaseServer {
|
|
|
81
81
|
return false;
|
|
82
82
|
}
|
|
83
83
|
const { sharedSecret, fabric, peerNodeId, caseAuthenticatedTags } = cx.resumptionRecord;
|
|
84
|
-
const peerResumeKey = await import_general.Crypto.
|
|
84
|
+
const peerResumeKey = await import_general.Crypto.createHkdfKey(
|
|
85
85
|
sharedSecret,
|
|
86
86
|
import_general.Bytes.concat(cx.peerRandom, cx.peerResumptionId),
|
|
87
87
|
import_CaseMessages.KDFSR1_KEY_INFO
|
|
@@ -108,7 +108,7 @@ class CaseServer {
|
|
|
108
108
|
caseAuthenticatedTags
|
|
109
109
|
});
|
|
110
110
|
const resumeSalt = import_general.Bytes.concat(cx.peerRandom, cx.localResumptionId);
|
|
111
|
-
const resumeKey = await import_general.Crypto.
|
|
111
|
+
const resumeKey = await import_general.Crypto.createHkdfKey(sharedSecret, resumeSalt, import_CaseMessages.KDFSR2_KEY_INFO);
|
|
112
112
|
const resumeMic = import_general.Crypto.encrypt(resumeKey, new Uint8Array(0), import_CaseMessages.RESUME2_MIC_NONCE);
|
|
113
113
|
try {
|
|
114
114
|
await cx.messenger.sendSigma2Resume({
|
|
@@ -146,26 +146,26 @@ class CaseServer {
|
|
|
146
146
|
const responderRandom = import_general.Crypto.getRandom();
|
|
147
147
|
const fabric = await this.#fabrics.findFabricFromDestinationId(cx.destinationId, cx.peerRandom);
|
|
148
148
|
const { operationalCert: nodeOpCert, intermediateCACert, operationalIdentityProtectionKey } = fabric;
|
|
149
|
-
const
|
|
150
|
-
|
|
151
|
-
);
|
|
149
|
+
const key = await import_general.Crypto.createKeyPair();
|
|
150
|
+
const responderEcdhPublicKey = key.publicBits;
|
|
151
|
+
const sharedSecret = await import_general.Crypto.generateDhSecret(key, (0, import_general.PublicKey)(cx.peerEcdhPublicKey));
|
|
152
152
|
const sigma2Salt = import_general.Bytes.concat(
|
|
153
153
|
operationalIdentityProtectionKey,
|
|
154
154
|
responderRandom,
|
|
155
155
|
responderEcdhPublicKey,
|
|
156
|
-
await import_general.Crypto.
|
|
156
|
+
await import_general.Crypto.computeSha256(cx.bytes)
|
|
157
157
|
);
|
|
158
|
-
const sigma2Key = await import_general.Crypto.
|
|
158
|
+
const sigma2Key = await import_general.Crypto.createHkdfKey(sharedSecret, sigma2Salt, import_CaseMessages.KDFSR2_INFO);
|
|
159
159
|
const signatureData = import_CaseMessages.TlvSignedData.encode({
|
|
160
|
-
nodeOpCert,
|
|
161
|
-
intermediateCACert,
|
|
162
|
-
|
|
163
|
-
|
|
160
|
+
responderNoc: nodeOpCert,
|
|
161
|
+
responderIcac: intermediateCACert,
|
|
162
|
+
responderPublicKey: responderEcdhPublicKey,
|
|
163
|
+
initiatorPublicKey: cx.peerEcdhPublicKey
|
|
164
164
|
});
|
|
165
165
|
const signature = await fabric.sign(signatureData);
|
|
166
166
|
const encryptedData = import_CaseMessages.TlvEncryptedDataSigma2.encode({
|
|
167
|
-
nodeOpCert,
|
|
168
|
-
intermediateCACert,
|
|
167
|
+
responderNoc: nodeOpCert,
|
|
168
|
+
responderIcac: intermediateCACert,
|
|
169
169
|
signature,
|
|
170
170
|
resumptionId: cx.localResumptionId
|
|
171
171
|
});
|
|
@@ -183,20 +183,23 @@ class CaseServer {
|
|
|
183
183
|
sigma3Bytes,
|
|
184
184
|
sigma3: { encrypted: peerEncrypted }
|
|
185
185
|
} = await cx.messenger.readSigma3();
|
|
186
|
-
const sigma3Salt = import_general.Bytes.concat(
|
|
187
|
-
|
|
186
|
+
const sigma3Salt = import_general.Bytes.concat(
|
|
187
|
+
operationalIdentityProtectionKey,
|
|
188
|
+
await import_general.Crypto.computeSha256([cx.bytes, sigma2Bytes])
|
|
189
|
+
);
|
|
190
|
+
const sigma3Key = await import_general.Crypto.createHkdfKey(sharedSecret, sigma3Salt, import_CaseMessages.KDFSR3_INFO);
|
|
188
191
|
const peerDecryptedData = import_general.Crypto.decrypt(sigma3Key, peerEncrypted, import_CaseMessages.TBE_DATA3_NONCE);
|
|
189
192
|
const {
|
|
190
|
-
|
|
191
|
-
|
|
193
|
+
responderNoc: peerNewOpCert,
|
|
194
|
+
responderIcac: peerIntermediateCACert,
|
|
192
195
|
signature: peerSignature
|
|
193
196
|
} = import_CaseMessages.TlvEncryptedDataSigma3.decode(peerDecryptedData);
|
|
194
197
|
await fabric.verifyCredentials(peerNewOpCert, peerIntermediateCACert);
|
|
195
198
|
const peerSignatureData = import_CaseMessages.TlvSignedData.encode({
|
|
196
|
-
|
|
197
|
-
|
|
198
|
-
|
|
199
|
-
|
|
199
|
+
responderNoc: peerNewOpCert,
|
|
200
|
+
responderIcac: peerIntermediateCACert,
|
|
201
|
+
responderPublicKey: cx.peerEcdhPublicKey,
|
|
202
|
+
initiatorPublicKey: responderEcdhPublicKey
|
|
200
203
|
});
|
|
201
204
|
const {
|
|
202
205
|
ellipticCurvePublicKey: peerPublicKey,
|
|
@@ -205,10 +208,10 @@ class CaseServer {
|
|
|
205
208
|
if (fabric.fabricId !== peerFabricId) {
|
|
206
209
|
throw new import_general.UnexpectedDataError(`Fabric ID mismatch: ${fabric.fabricId} !== ${peerFabricId}`);
|
|
207
210
|
}
|
|
208
|
-
await import_general.Crypto.
|
|
211
|
+
await import_general.Crypto.verifyEcdsa((0, import_general.PublicKey)(peerPublicKey), peerSignatureData, peerSignature);
|
|
209
212
|
const secureSessionSalt = import_general.Bytes.concat(
|
|
210
213
|
operationalIdentityProtectionKey,
|
|
211
|
-
await import_general.Crypto.
|
|
214
|
+
await import_general.Crypto.computeSha256([cx.bytes, sigma2Bytes, sigma3Bytes])
|
|
212
215
|
);
|
|
213
216
|
const secureSession = await this.#sessions.createSecureSession({
|
|
214
217
|
sessionId: responderSessionId,
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../../../../src/session/case/CaseServer.ts"],
|
|
4
|
-
"mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAMA,qBAA0F;AAG1F,mBAAuF;AACvF,gCAA0C;AAC1C,2BAAmD;AAGnD,oCAA2C;AAC3C,0BAaO;AACP,2BAAoC;AA7BpC;AAAA;AAAA;AAAA;AAAA;AA+BA,MAAM,SAAS,sBAAO,IAAI,YAAY;AAE/B,MAAM,WAAsC;AAAA,EACtC,KAAK;AAAA,EACL,wBAAwB;AAAA,EAEjC;AAAA,EACA;AAAA,EAEA,YAAY,UAA0B,SAAwB;AAC1D,SAAK,YAAY;AACjB,SAAK,WAAW;AAAA,EACpB;AAAA,EAEA,MAAM,cAAc,UAA2B;AAC3C,UAAM,YAAY,IAAI,yCAAoB,QAAQ;AAClD,QAAI;AACA,YAAM,KAAK,cAAc,SAAS;AAAA,IACtC,SAAS,OAAO;AACZ,aAAO,MAAM,8CAA8C,KAAK;AAEhE,UAAI,iBAAiB,0CAAqB;AACtC,cAAM,UAAU,UAAU,gCAAmB,kBAAkB;AAAA,MACnE,WAES,EAAE,iBAAiB,2DAA6B;AACrD,cAAM,UAAU,UAAU,gCAAmB,YAAY;AAAA,MAC7D;AAAA,IACJ,UAAE;AAEE,YAAM,SAAS,QAAQ,QAAQ;AAAA,IACnC;AAAA,EACJ;AAAA,EAEA,MAAM,cAAc,WAAgC;AAChD,WAAO,KAAK,iCAAiC,UAAU,eAAe,CAAC,EAAE;AAGzE,UAAM,EAAE,aAAa,OAAO,IAAI,MAAM,UAAU,WAAW;AAC3D,UAAM,mBACF,OAAO,iBAAiB,UAAa,OAAO,uBAAuB,SAC7D,KAAK,UAAU,yBAAyB,OAAO,YAAY,IAC3D;AAEV,UAAM,UAAU,IAAI,cAAc,WAAW,aAAa,QAAQ,gBAAgB;AAGlF,QAAI,MAAM,KAAK,QAAQ,OAAO,GAAG;AAC7B;AAAA,IACJ;AAGA,QAAI,MAAM,KAAK,gBAAgB,OAAO,GAAG;AACrC;AAAA,IACJ;AAEA,WAAO;AAAA,MACH,qDAAqD,UAAU,eAAe,CAAC;AAAA,MAC/E,QAAQ;AAAA,MACR,QAAQ;AAAA,IACZ;AAEA,UAAM,IAAI,mCAAoB,sCAAsC;AAAA,EACxE;AAAA,EAEA,MAAM,QAAQ,IAAmB;AAC7B,QAAI,GAAG,qBAAqB,UAAa,GAAG,kBAAkB,UAAa,GAAG,qBAAqB,QAAW;AAC1G,aAAO;AAAA,IACX;AAEA,UAAM,EAAE,cAAc,QAAQ,YAAY,sBAAsB,IAAI,GAAG;AACvE,UAAM,gBAAgB,MAAM,sBAAO;AAAA,MAC/B;AAAA,MACA,qBAAM,OAAO,GAAG,YAAY,GAAG,gBAAgB;AAAA,MAC/C;AAAA,IACJ;AAEA,QAAI;AACA,4BAAO,QAAQ,eAAe,GAAG,eAAe,qCAAiB;AAAA,IACrE,SAAS,GAAG;AACR,wCAAmB,OAAO,CAAC;AAG3B,SAAG,mBAAmB,GAAG,gBAAgB;AAEzC,aAAO;AAAA,IACX;AAGA,UAAM,qBAAqB,MAAM,KAAK,UAAU,0BAA0B;AAC1E,UAAM,oBAAoB,qBAAM,OAAO,GAAG,YAAY,GAAG,gBAAgB;AACzE,UAAM,gBAAgB,MAAM,KAAK,UAAU,oBAAoB;AAAA,MAC3D,WAAW;AAAA,MACX;AAAA,MACA;AAAA,MACA,eAAe,GAAG;AAAA,MAClB;AAAA,MACA,MAAM;AAAA,MACN,aAAa;AAAA,MACb,cAAc;AAAA,MACd,uBAAuB,GAAG;AAAA,MAC1B;AAAA,IACJ,CAAC;AAGD,UAAM,aAAa,qBAAM,OAAO,GAAG,YAAY,GAAG,iBAAiB;AACnE,UAAM,YAAY,MAAM,sBAAO,
|
|
4
|
+
"mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAMA,qBAA0F;AAG1F,mBAAuF;AACvF,gCAA0C;AAC1C,2BAAmD;AAGnD,oCAA2C;AAC3C,0BAaO;AACP,2BAAoC;AA7BpC;AAAA;AAAA;AAAA;AAAA;AA+BA,MAAM,SAAS,sBAAO,IAAI,YAAY;AAE/B,MAAM,WAAsC;AAAA,EACtC,KAAK;AAAA,EACL,wBAAwB;AAAA,EAEjC;AAAA,EACA;AAAA,EAEA,YAAY,UAA0B,SAAwB;AAC1D,SAAK,YAAY;AACjB,SAAK,WAAW;AAAA,EACpB;AAAA,EAEA,MAAM,cAAc,UAA2B;AAC3C,UAAM,YAAY,IAAI,yCAAoB,QAAQ;AAClD,QAAI;AACA,YAAM,KAAK,cAAc,SAAS;AAAA,IACtC,SAAS,OAAO;AACZ,aAAO,MAAM,8CAA8C,KAAK;AAEhE,UAAI,iBAAiB,0CAAqB;AACtC,cAAM,UAAU,UAAU,gCAAmB,kBAAkB;AAAA,MACnE,WAES,EAAE,iBAAiB,2DAA6B;AACrD,cAAM,UAAU,UAAU,gCAAmB,YAAY;AAAA,MAC7D;AAAA,IACJ,UAAE;AAEE,YAAM,SAAS,QAAQ,QAAQ;AAAA,IACnC;AAAA,EACJ;AAAA,EAEA,MAAM,cAAc,WAAgC;AAChD,WAAO,KAAK,iCAAiC,UAAU,eAAe,CAAC,EAAE;AAGzE,UAAM,EAAE,aAAa,OAAO,IAAI,MAAM,UAAU,WAAW;AAC3D,UAAM,mBACF,OAAO,iBAAiB,UAAa,OAAO,uBAAuB,SAC7D,KAAK,UAAU,yBAAyB,OAAO,YAAY,IAC3D;AAEV,UAAM,UAAU,IAAI,cAAc,WAAW,aAAa,QAAQ,gBAAgB;AAGlF,QAAI,MAAM,KAAK,QAAQ,OAAO,GAAG;AAC7B;AAAA,IACJ;AAGA,QAAI,MAAM,KAAK,gBAAgB,OAAO,GAAG;AACrC;AAAA,IACJ;AAEA,WAAO;AAAA,MACH,qDAAqD,UAAU,eAAe,CAAC;AAAA,MAC/E,QAAQ;AAAA,MACR,QAAQ;AAAA,IACZ;AAEA,UAAM,IAAI,mCAAoB,sCAAsC;AAAA,EACxE;AAAA,EAEA,MAAM,QAAQ,IAAmB;AAC7B,QAAI,GAAG,qBAAqB,UAAa,GAAG,kBAAkB,UAAa,GAAG,qBAAqB,QAAW;AAC1G,aAAO;AAAA,IACX;AAEA,UAAM,EAAE,cAAc,QAAQ,YAAY,sBAAsB,IAAI,GAAG;AACvE,UAAM,gBAAgB,MAAM,sBAAO;AAAA,MAC/B;AAAA,MACA,qBAAM,OAAO,GAAG,YAAY,GAAG,gBAAgB;AAAA,MAC/C;AAAA,IACJ;AAEA,QAAI;AACA,4BAAO,QAAQ,eAAe,GAAG,eAAe,qCAAiB;AAAA,IACrE,SAAS,GAAG;AACR,wCAAmB,OAAO,CAAC;AAG3B,SAAG,mBAAmB,GAAG,gBAAgB;AAEzC,aAAO;AAAA,IACX;AAGA,UAAM,qBAAqB,MAAM,KAAK,UAAU,0BAA0B;AAC1E,UAAM,oBAAoB,qBAAM,OAAO,GAAG,YAAY,GAAG,gBAAgB;AACzE,UAAM,gBAAgB,MAAM,KAAK,UAAU,oBAAoB;AAAA,MAC3D,WAAW;AAAA,MACX;AAAA,MACA;AAAA,MACA,eAAe,GAAG;AAAA,MAClB;AAAA,MACA,MAAM;AAAA,MACN,aAAa;AAAA,MACb,cAAc;AAAA,MACd,uBAAuB,GAAG;AAAA,MAC1B;AAAA,IACJ,CAAC;AAGD,UAAM,aAAa,qBAAM,OAAO,GAAG,YAAY,GAAG,iBAAiB;AACnE,UAAM,YAAY,MAAM,sBAAO,cAAc,cAAc,YAAY,mCAAe;AACtF,UAAM,YAAY,sBAAO,QAAQ,WAAW,IAAI,WAAW,CAAC,GAAG,qCAAiB;AAChF,QAAI;AACA,YAAM,GAAG,UAAU,iBAAiB;AAAA,QAChC,cAAc,GAAG;AAAA,QACjB;AAAA,QACA;AAAA,QACA,wBAAwB,KAAK,UAAU;AAAA;AAAA,MAC3C,CAAC;AAAA,IACL,SAAS,OAAO;AAEZ,YAAM,cAAc,QAAQ,KAAK;AACjC,YAAM;AAAA,IACV;AAEA,WAAO;AAAA,MACH,WAAW,cAAc,EAAE,iBAAiB,GAAG,UAAU,eAAe,CAAC,eAAe,oBAAO;AAAA,QAC3F,OAAO;AAAA,MACX,CAAC,WAAW,OAAO,WAAW,kBAAkB,oBAAO,YAAY,UAAU,CAAC;AAAA,MAC9E;AAAA,MACA;AAAA,IACJ;AACA,OAAG,iBAAiB,eAAe,GAAG;AAGtC,UAAM,GAAG,UAAU,eAAe,sBAAsB;AAExD,UAAM,GAAG,UAAU,MAAM;AACzB,UAAM,KAAK,UAAU,qBAAqB,GAAG,gBAAgB;AAE7D,WAAO;AAAA,EACX;AAAA,EAEA,MAAM,gBAAgB,IAAmB;AACrC;AAAA;AAAA,MAEI,EAAE,GAAG,qBAAqB,UAAa,GAAG,kBAAkB;AAAA,MAE5D,EAAE,GAAG,qBAAqB,UAAa,GAAG,kBAAkB,UAAa,GAAG,qBAAqB;AAAA,MACnG;AACE,aAAO;AAAA,IACX;AAGA,UAAM,kBAAkB,sBAAO,UAAU;AAGzC,UAAM,SAAS,MAAM,KAAK,SAAS,4BAA4B,GAAG,eAAe,GAAG,UAAU;AAC9F,UAAM,EAAE,iBAAiB,YAAY,oBAAoB,iCAAiC,IAAI;AAC9F,UAAM,MAAM,MAAM,sBAAO,cAAc;AACvC,UAAM,yBAAyB,IAAI;AACnC,UAAM,eAAe,MAAM,sBAAO,iBAAiB,SAAK,0BAAU,GAAG,iBAAiB,CAAC;AAEvF,UAAM,aAAa,qBAAM;AAAA,MACrB;AAAA,MACA;AAAA,MACA;AAAA,MACA,MAAM,sBAAO,cAAc,GAAG,KAAK;AAAA,IACvC;AACA,UAAM,YAAY,MAAM,sBAAO,cAAc,cAAc,YAAY,+BAAW;AAClF,UAAM,gBAAgB,kCAAc,OAAO;AAAA,MACvC,cAAc;AAAA,MACd,eAAe;AAAA,MACf,oBAAoB;AAAA,MACpB,oBAAoB,GAAG;AAAA,IAC3B,CAAC;AACD,UAAM,YAAY,MAAM,OAAO,KAAK,aAAa;AACjD,UAAM,gBAAgB,2CAAuB,OAAO;AAAA,MAChD,cAAc;AAAA,MACd,eAAe;AAAA,MACf;AAAA,MACA,cAAc,GAAG;AAAA,IACrB,CAAC;AACD,UAAM,YAAY,sBAAO,QAAQ,WAAW,eAAe,mCAAe;AAC1E,UAAM,qBAAqB,MAAM,KAAK,UAAU,0BAA0B;AAC1E,UAAM,cAAc,MAAM,GAAG,UAAU,WAAW;AAAA,MAC9C;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA,wBAAwB,KAAK,UAAU;AAAA;AAAA,IAC3C,CAAC;AAGD,UAAM;AAAA,MACF;AAAA,MACA,QAAQ,EAAE,WAAW,cAAc;AAAA,IACvC,IAAI,MAAM,GAAG,UAAU,WAAW;AAClC,UAAM,aAAa,qBAAM;AAAA,MACrB;AAAA,MACA,MAAM,sBAAO,cAAc,CAAC,GAAG,OAAO,WAAW,CAAC;AAAA,IACtD;AACA,UAAM,YAAY,MAAM,sBAAO,cAAc,cAAc,YAAY,+BAAW;AAClF,UAAM,oBAAoB,sBAAO,QAAQ,WAAW,eAAe,mCAAe;AAClF,UAAM;AAAA,MACF,cAAc;AAAA,MACd,eAAe;AAAA,MACf,WAAW;AAAA,IACf,IAAI,2CAAuB,OAAO,iBAAiB;AAEnD,UAAM,OAAO,kBAAkB,eAAe,sBAAsB;AAEpE,UAAM,oBAAoB,kCAAc,OAAO;AAAA,MAC3C,cAAc;AAAA,MACd,eAAe;AAAA,MACf,oBAAoB,GAAG;AAAA,MACvB,oBAAoB;AAAA,IACxB,CAAC;AACD,UAAM;AAAA,MACF,wBAAwB;AAAA,MACxB,SAAS,EAAE,UAAU,cAAc,QAAQ,YAAY,sBAAsB;AAAA,IACjF,IAAI,oDAA0B,OAAO,aAAa;AAElD,QAAI,OAAO,aAAa,cAAc;AAClC,YAAM,IAAI,mCAAoB,uBAAuB,OAAO,QAAQ,QAAQ,YAAY,EAAE;AAAA,IAC9F;AAEA,UAAM,sBAAO,gBAAY,0BAAU,aAAa,GAAG,mBAAmB,aAAa;AAGnF,UAAM,oBAAoB,qBAAM;AAAA,MAC5B;AAAA,MACA,MAAM,sBAAO,cAAc,CAAC,GAAG,OAAO,aAAa,WAAW,CAAC;AAAA,IACnE;AACA,UAAM,gBAAgB,MAAM,KAAK,UAAU,oBAAoB;AAAA,MAC3D,WAAW;AAAA,MACX;AAAA,MACA;AAAA,MACA,eAAe,GAAG;AAAA,MAClB;AAAA,MACA,MAAM;AAAA,MACN,aAAa;AAAA,MACb,cAAc;AAAA,MACd,uBAAuB,GAAG;AAAA,MAC1B;AAAA,IACJ,CAAC;AACD,WAAO;AAAA,MACH,WAAW,cAAc,EAAE,iBAAiB,GAAG,UAAU,eAAe,CAAC,eAAe,oBAAO;AAAA,QAC3F,OAAO;AAAA,MACX,CAAC,WAAW,OAAO,WAAW,kBAAkB,oBAAO,YAAY,UAAU,CAAC;AAAA,MAC9E;AAAA,MACA;AAAA,IACJ;AACA,UAAM,GAAG,UAAU,YAAY;AAE/B,UAAM,mBAAmB;AAAA,MACrB;AAAA,MACA;AAAA,MACA;AAAA,MACA,cAAc,GAAG;AAAA,MACjB,mBAAmB,cAAc;AAAA,MACjC;AAAA,IACJ;AAEA,UAAM,GAAG,UAAU,MAAM;AACzB,UAAM,KAAK,UAAU,qBAAqB,gBAAgB;AAE1D,WAAO;AAAA,EACX;AAAA,EAEA,MAAM,QAAQ;AAAA,EAEd;AACJ;AAEA,MAAM,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAEA;AAAA,EAEA,YACI,WACA,OACA,QACA,kBACF;AACE,SAAK,YAAY;AACjB,SAAK,QAAQ;AACb,SAAK,gBAAgB,OAAO;AAC5B,SAAK,mBAAmB,OAAO;AAC/B,SAAK,gBAAgB,OAAO;AAC5B,SAAK,gBAAgB,OAAO;AAC5B,SAAK,aAAa,OAAO;AACzB,SAAK,oBAAoB,OAAO;AAChC,SAAK,oBAAoB,OAAO;AAChC,SAAK,mBAAmB;AAAA,EAC5B;AAAA,EAEA,IAAI,oBAAoB;AACpB,WAAQ,KAAK,uBAAuB,sBAAO,cAAc,EAAE;AAAA,EAC/D;AACJ;",
|
|
5
5
|
"names": []
|
|
6
6
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"PaseClient.d.ts","sourceRoot":"","sources":["../../../../src/session/pase/PaseClient.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAA6B,eAAe,EAAgC,MAAM,UAAU,CAAC;AACpG,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAE5D,OAAO,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AACpE,OAAO,EAAE,iBAAiB,EAAE,MAAM,eAAe,CAAC;AAOlD,qBAAa,UAAU;;gBAGP,QAAQ,EAAE,cAAc;WAIvB,4BAA4B,CAAC,YAAY,EAAE,MAAM,EAAE,eAAe,EAAE,eAAe;IAKhG,MAAM,CAAC,sBAAsB;IAS7B,MAAM,CAAC,2BAA2B;IAI5B,IAAI,CAAC,iBAAiB,EAAE,iBAAiB,EAAE,QAAQ,EAAE,eAAe,EAAE,QAAQ,EAAE,MAAM;
|
|
1
|
+
{"version":3,"file":"PaseClient.d.ts","sourceRoot":"","sources":["../../../../src/session/pase/PaseClient.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAA6B,eAAe,EAAgC,MAAM,UAAU,CAAC;AACpG,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAE5D,OAAO,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AACpE,OAAO,EAAE,iBAAiB,EAAE,MAAM,eAAe,CAAC;AAOlD,qBAAa,UAAU;;gBAGP,QAAQ,EAAE,cAAc;WAIvB,4BAA4B,CAAC,YAAY,EAAE,MAAM,EAAE,eAAe,EAAE,eAAe;IAKhG,MAAM,CAAC,sBAAsB;IAS7B,MAAM,CAAC,2BAA2B;IAI5B,IAAI,CAAC,iBAAiB,EAAE,iBAAiB,EAAE,QAAQ,EAAE,eAAe,EAAE,QAAQ,EAAE,MAAM;CA6E/F"}
|
|
@@ -81,7 +81,10 @@ class PaseClient {
|
|
|
81
81
|
...responderSessionParams ?? {}
|
|
82
82
|
};
|
|
83
83
|
const { w0, w1 } = await import_general.Spake2p.computeW0W1(pbkdfParameters, setupPin);
|
|
84
|
-
const spake2p = import_general.Spake2p.create(
|
|
84
|
+
const spake2p = import_general.Spake2p.create(
|
|
85
|
+
await import_general.Crypto.computeSha256([import_PaseMessenger.SPAKE_CONTEXT, requestPayload, responsePayload]),
|
|
86
|
+
w0
|
|
87
|
+
);
|
|
85
88
|
const X = spake2p.computeX();
|
|
86
89
|
await messenger.sendPasePake1({ x: X });
|
|
87
90
|
const { y: Y, verifier } = await messenger.readPasePake2();
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../../../../src/session/pase/PaseClient.ts"],
|
|
4
|
-
"mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAMA,qBAAyF;AAEzF,mBAAiE;AAGjE,2BAAwE;AAXxE;AAAA;AAAA;AAAA;AAAA;AAaA,MAAM,EAAE,gBAAgB,IAAI;AAE5B,MAAM,SAAS,sBAAO,IAAI,YAAY;AAE/B,MAAM,WAAW;AAAA,EACpB;AAAA,EAEA,YAAY,UAA0B;AAClC,SAAK,YAAY;AAAA,EACrB;AAAA,EAEA,aAAa,6BAA6B,cAAsB,iBAAkC;AAC9F,UAAM,EAAE,IAAI,EAAE,IAAI,MAAM,uBAAQ,WAAW,iBAAiB,YAAY;AACxE,WAAO,qBAAM,OAAO,gBAAgB,IAAI,EAAE,GAAG,CAAC;AAAA,EAClD;AAAA,EAEA,OAAO,yBAAyB;AAC5B,QAAI;AACJ,eAAY,sBAAO,gBAAgB,IAAI,WAAY;AACnD,QAAI,kCAAqB,oBAAoB,SAAS,QAAQ,GAAG;AAC7D,kBAAY;AAAA,IAChB;AACA,WAAO;AAAA,EACX;AAAA,EAEA,OAAO,8BAA8B;AACjC,WAAO,sBAAO,gBAAgB,IAAI;AAAA,EACtC;AAAA,EAEA,MAAM,KAAK,mBAAsC,UAA2B,UAAkB;AAC1F,UAAM,YAAY,IAAI,yCAAoB,QAAQ;AAClD,UAAM,kBAAkB,sBAAO,UAAU;AACzC,UAAM,qBAAqB,MAAM,KAAK,UAAU,0BAA0B;AAG1E,UAAM,eACF,kBAAkB,qBAAqB,aACvC,kBAAkB,qBAAqB,aACvC;AACJ,UAAM,iBAAiB,MAAM,UAAU,sBAAsB;AAAA,MACzD;AAAA,MACA;AAAA,MACA,YAAY;AAAA,MACZ,oBAAoB;AAAA,MACpB,wBAAwB;AAAA,QACpB,GAAG;AAAA;AAAA;AAAA,QAGH,mBAAmB,eAAe,kBAAkB,oBAAoB;AAAA,MAC5E;AAAA,IACJ,CAAC;AACD,UAAM;AAAA,MACF;AAAA,MACA,UAAU,EAAE,iBAAiB,oBAAoB,uBAAuB;AAAA,IAC5E,IAAI,MAAM,UAAU,uBAAuB;AAC3C,QAAI,oBAAoB,QAAW;AAG/B,YAAM,UAAU,UAAU,gCAAmB,YAAY;AACzD,YAAM,IAAI,mCAAoB,0EAA0E;AAAA,IAC5G;AAGA,wBAAoB;AAAA,MAChB,GAAG,SAAS,QAAQ;AAAA,MACpB,GAAI,0BAA0B,CAAC;AAAA,IACnC;AAGA,UAAM,EAAE,IAAI,GAAG,IAAI,MAAM,uBAAQ,YAAY,iBAAiB,QAAQ;AACtE,UAAM,UAAU,uBAAQ,
|
|
4
|
+
"mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAMA,qBAAyF;AAEzF,mBAAiE;AAGjE,2BAAwE;AAXxE;AAAA;AAAA;AAAA;AAAA;AAaA,MAAM,EAAE,gBAAgB,IAAI;AAE5B,MAAM,SAAS,sBAAO,IAAI,YAAY;AAE/B,MAAM,WAAW;AAAA,EACpB;AAAA,EAEA,YAAY,UAA0B;AAClC,SAAK,YAAY;AAAA,EACrB;AAAA,EAEA,aAAa,6BAA6B,cAAsB,iBAAkC;AAC9F,UAAM,EAAE,IAAI,EAAE,IAAI,MAAM,uBAAQ,WAAW,iBAAiB,YAAY;AACxE,WAAO,qBAAM,OAAO,gBAAgB,IAAI,EAAE,GAAG,CAAC;AAAA,EAClD;AAAA,EAEA,OAAO,yBAAyB;AAC5B,QAAI;AACJ,eAAY,sBAAO,gBAAgB,IAAI,WAAY;AACnD,QAAI,kCAAqB,oBAAoB,SAAS,QAAQ,GAAG;AAC7D,kBAAY;AAAA,IAChB;AACA,WAAO;AAAA,EACX;AAAA,EAEA,OAAO,8BAA8B;AACjC,WAAO,sBAAO,gBAAgB,IAAI;AAAA,EACtC;AAAA,EAEA,MAAM,KAAK,mBAAsC,UAA2B,UAAkB;AAC1F,UAAM,YAAY,IAAI,yCAAoB,QAAQ;AAClD,UAAM,kBAAkB,sBAAO,UAAU;AACzC,UAAM,qBAAqB,MAAM,KAAK,UAAU,0BAA0B;AAG1E,UAAM,eACF,kBAAkB,qBAAqB,aACvC,kBAAkB,qBAAqB,aACvC;AACJ,UAAM,iBAAiB,MAAM,UAAU,sBAAsB;AAAA,MACzD;AAAA,MACA;AAAA,MACA,YAAY;AAAA,MACZ,oBAAoB;AAAA,MACpB,wBAAwB;AAAA,QACpB,GAAG;AAAA;AAAA;AAAA,QAGH,mBAAmB,eAAe,kBAAkB,oBAAoB;AAAA,MAC5E;AAAA,IACJ,CAAC;AACD,UAAM;AAAA,MACF;AAAA,MACA,UAAU,EAAE,iBAAiB,oBAAoB,uBAAuB;AAAA,IAC5E,IAAI,MAAM,UAAU,uBAAuB;AAC3C,QAAI,oBAAoB,QAAW;AAG/B,YAAM,UAAU,UAAU,gCAAmB,YAAY;AACzD,YAAM,IAAI,mCAAoB,0EAA0E;AAAA,IAC5G;AAGA,wBAAoB;AAAA,MAChB,GAAG,SAAS,QAAQ;AAAA,MACpB,GAAI,0BAA0B,CAAC;AAAA,IACnC;AAGA,UAAM,EAAE,IAAI,GAAG,IAAI,MAAM,uBAAQ,YAAY,iBAAiB,QAAQ;AACtE,UAAM,UAAU,uBAAQ;AAAA,MACpB,MAAM,sBAAO,cAAc,CAAC,oCAAe,gBAAgB,eAAe,CAAC;AAAA,MAC3E;AAAA,IACJ;AACA,UAAM,IAAI,QAAQ,SAAS;AAC3B,UAAM,UAAU,cAAc,EAAE,GAAG,EAAE,CAAC;AAGtC,UAAM,EAAE,GAAG,GAAG,SAAS,IAAI,MAAM,UAAU,cAAc;AACzD,UAAM,EAAE,IAAI,KAAK,IAAI,IAAI,MAAM,QAAQ,+BAA+B,IAAI,GAAG,CAAC;AAC9E,QAAI,CAAC,qBAAM,SAAS,UAAU,GAAG,GAAG;AAChC,YAAM,UAAU,UAAU,gCAAmB,YAAY;AACzD,YAAM,IAAI;AAAA,QACN;AAAA,MACJ;AAAA,IACJ;AACA,UAAM,UAAU,cAAc,EAAE,UAAU,IAAI,CAAC;AAG/C,UAAM,UAAU,eAAe,mBAAmB;AAClD,UAAM,gBAAgB,MAAM,KAAK,UAAU,oBAAoB;AAAA,MAC3D,WAAW;AAAA,MACX,QAAQ;AAAA,MACR,YAAY,oBAAO;AAAA,MACnB,eAAe;AAAA,MACf,cAAc;AAAA,MACd,MAAM,IAAI,WAAW,CAAC;AAAA,MACtB,aAAa;AAAA,MACb,cAAc;AAAA,MACd,uBAAuB;AAAA,IAC3B,CAAC;AACD,UAAM,UAAU,MAAM;AACtB,WAAO,KAAK,yCAAyC,UAAU,eAAe,CAAC,GAAG;AAElF,WAAO;AAAA,EACX;AACJ;",
|
|
5
5
|
"names": []
|
|
6
6
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"PaseServer.d.ts","sourceRoot":"","sources":["../../../../src/session/pase/PaseServer.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAKH,eAAe,EACf,eAAe,EAKlB,MAAM,UAAU,CAAC;AAClB,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAE5D,OAAO,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AACpE,OAAO,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AAEpE,OAAO,EAAuB,mBAAmB,EAAiB,MAAM,oBAAoB,CAAC;AAS7F,qBAAa,oCAAqC,SAAQ,eAAe;CAAG;AAE5E,qBAAa,UAAW,YAAW,eAAe;;IAuB1C,OAAO,CAAC,QAAQ;IAChB,OAAO,CAAC,QAAQ,CAAC,EAAE;IACnB,OAAO,CAAC,QAAQ,CAAC,CAAC;IAClB,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAC;IAzBrC,QAAQ,CAAC,EAAE,KAA8B;IACzC,QAAQ,CAAC,qBAAqB,SAAS;WAK1B,OAAO,CAAC,QAAQ,EAAE,cAAc,EAAE,YAAY,EAAE,MAAM,EAAE,eAAe,EAAE,eAAe;IAKrG,MAAM,CAAC,qBAAqB,CACxB,QAAQ,EAAE,cAAc,EACxB,iBAAiB,EAAE,UAAU,EAC7B,eAAe,CAAC,EAAE,eAAe;gBAQzB,QAAQ,EAAE,cAAc,EACf,EAAE,EAAE,MAAM,EACV,CAAC,EAAE,UAAU,EACb,eAAe,CAAC,EAAE,eAAe,YAAA;IAGhD,aAAa,CAAC,QAAQ,EAAE,eAAe;YAuC/B,oBAAoB;
|
|
1
|
+
{"version":3,"file":"PaseServer.d.ts","sourceRoot":"","sources":["../../../../src/session/pase/PaseServer.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAKH,eAAe,EACf,eAAe,EAKlB,MAAM,UAAU,CAAC;AAClB,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAE5D,OAAO,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AACpE,OAAO,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AAEpE,OAAO,EAAuB,mBAAmB,EAAiB,MAAM,oBAAoB,CAAC;AAS7F,qBAAa,oCAAqC,SAAQ,eAAe;CAAG;AAE5E,qBAAa,UAAW,YAAW,eAAe;;IAuB1C,OAAO,CAAC,QAAQ;IAChB,OAAO,CAAC,QAAQ,CAAC,EAAE;IACnB,OAAO,CAAC,QAAQ,CAAC,CAAC;IAClB,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAC;IAzBrC,QAAQ,CAAC,EAAE,KAA8B;IACzC,QAAQ,CAAC,qBAAqB,SAAS;WAK1B,OAAO,CAAC,QAAQ,EAAE,cAAc,EAAE,YAAY,EAAE,MAAM,EAAE,eAAe,EAAE,eAAe;IAKrG,MAAM,CAAC,qBAAqB,CACxB,QAAQ,EAAE,cAAc,EACxB,iBAAiB,EAAE,UAAU,EAC7B,eAAe,CAAC,EAAE,eAAe;gBAQzB,QAAQ,EAAE,cAAc,EACf,EAAE,EAAE,MAAM,EACV,CAAC,EAAE,UAAU,EACb,eAAe,CAAC,EAAE,eAAe,YAAA;IAGhD,aAAa,CAAC,QAAQ,EAAE,eAAe;YAuC/B,oBAAoB;IAgF5B,aAAa,CAAC,SAAS,EAAE,mBAAmB,EAAE,SAAS,UAAO;IAU9D,KAAK;CAGd"}
|
|
@@ -122,7 +122,10 @@ class PaseServer {
|
|
|
122
122
|
maxTcpMessageSize: tcpSupported ? responderSessionParams.maxTcpMessageSize : void 0
|
|
123
123
|
}
|
|
124
124
|
});
|
|
125
|
-
const spake2p = import_general.Spake2p.create(
|
|
125
|
+
const spake2p = import_general.Spake2p.create(
|
|
126
|
+
await import_general.Crypto.computeSha256([import_PaseMessenger.SPAKE_CONTEXT, requestPayload, responsePayload]),
|
|
127
|
+
this.w0
|
|
128
|
+
);
|
|
126
129
|
const { x: X } = await messenger.readPasePake1();
|
|
127
130
|
const Y = spake2p.computeY();
|
|
128
131
|
const { Ke, hAY, hBX } = await spake2p.computeSecretAndVerifiersFromX(this.L, X, Y);
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../../../../src/session/pase/PaseServer.ts"],
|
|
4
|
-
"mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAMA,qBAWO;AAEP,mBAAuE;AAGvE,oCAA2C;AAC3C,2BAAwE;AAvBxE;AAAA;AAAA;AAAA;AAAA;AAyBA,MAAM,EAAE,gBAAgB,IAAI;AAE5B,MAAM,SAAS,sBAAO,IAAI,YAAY;AAEtC,MAAM,0BAA0B;AAChC,MAAM,gCAAgC;AAE/B,MAAM,6CAA6C,+BAAgB;AAAC;AAEpE,MAAM,WAAsC;AAAA,EAsB/C,YACY,UACS,IACA,GACA,iBACnB;AAJU;AACS;AACA;AACA;AAAA,EAClB;AAAA,EA1BM,KAAK;AAAA,EACL,wBAAwB;AAAA,EAEjC;AAAA,EACA,iBAAiB;AAAA,EAEjB,aAAa,QAAQ,UAA0B,cAAsB,iBAAkC;AACnG,UAAM,EAAE,IAAI,EAAE,IAAI,MAAM,uBAAQ,WAAW,iBAAiB,YAAY;AACxE,WAAO,IAAI,WAAW,UAAU,IAAI,GAAG,eAAe;AAAA,EAC1D;AAAA,EAEA,OAAO,sBACH,UACA,mBACA,iBACF;AACE,UAAM,KAAK,gBAAgB,kBAAkB,MAAM,GAAG,EAAE,CAAC;AACzD,UAAM,IAAI,kBAAkB,MAAM,IAAI,KAAK,EAAE;AAC7C,WAAO,IAAI,WAAW,UAAU,IAAI,GAAG,eAAe;AAAA,EAC1D;AAAA,EASA,MAAM,cAAc,UAA2B;AAC3C,UAAM,YAAY,IAAI,yCAAoB,QAAQ;AAClD,QAAI;AAKA,UAAI,KAAK,SAAS,eAAe,GAAG;AAChC,eAAO,KAAK,wFAAwF;AAAA,MACxG,WAAW,KAAK,eAAe,WAAW;AACtC,eAAO;AAAA,UACH;AAAA,QACJ;AAAA,MACJ,OAAO;AAEH,cAAM,KAAK,qBAAqB,SAAS;AAAA,MAC7C;AAAA,IACJ,SAAS,OAAO;AACZ,WAAK;AACL,aAAO;AAAA,QACH,oDAAoD,KAAK,cAAc,IAAI,6BAA6B;AAAA,QACxG;AAAA,MACJ;AAGA,YAAM,YAAY,EAAE,iBAAiB;AACrC,YAAM,KAAK,cAAc,WAAW,SAAS;AAE7C,UAAI,KAAK,kBAAkB,+BAA+B;AACtD,cAAM,IAAI;AAAA,UACN;AAAA,QACJ;AAAA,MACJ;AAAA,IACJ,UAAE;AAEE,YAAM,SAAS,QAAQ,QAAQ;AAAA,IACnC;AAAA,EACJ;AAAA,EAEA,MAAc,qBAAqB,WAAgC;AAC/D,WAAO,KAAK,iCAAiC,UAAU,eAAe,CAAC,GAAG;AAE1E,SAAK,gBAAgB,oBAAK;AAAA,MAAS;AAAA,MAAwB;AAAA,MAAyB,MAChF,KAAK,cAAc,SAAS;AAAA,IAChC,EAAE,MAAM;AAGR,UAAM;AAAA,MACF;AAAA,MACA,SAAS;AAAA,QACL;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA,oBAAoB;AAAA,MACxB;AAAA,IACJ,IAAI,MAAM,UAAU,sBAAsB;AAC1C,QAAI,eAAe,0CAAqB;AACpC,YAAM,IAAI,mCAAoB,2BAA2B,UAAU,GAAG;AAAA,IAC1E;AAEA,UAAM,qBAAqB,MAAM,KAAK,SAAS,0BAA0B;AACzE,UAAM,kBAAkB,sBAAO,UAAU;AAEzC,UAAM,yBAAyB,KAAK,SAAS;AAC7C,UAAM,eACF,uBAAuB,qBAAqB,aAC5C,uBAAuB,qBAAqB,aAC5C;AACJ,UAAM,kBAAkB,MAAM,UAAU,uBAAuB;AAAA,MAC3D;AAAA,MACA;AAAA,MACA;AAAA,MACA,iBAAiB,qBAAqB,SAAY,KAAK;AAAA,MACvD,wBAAwB;AAAA,QACpB,GAAG;AAAA;AAAA;AAAA,QAGH,mBAAmB,eAAe,uBAAuB,oBAAoB;AAAA,MACjF;AAAA,IACJ,CAAC;AAGD,UAAM,UAAU,uBAAQ,
|
|
4
|
+
"mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAMA,qBAWO;AAEP,mBAAuE;AAGvE,oCAA2C;AAC3C,2BAAwE;AAvBxE;AAAA;AAAA;AAAA;AAAA;AAyBA,MAAM,EAAE,gBAAgB,IAAI;AAE5B,MAAM,SAAS,sBAAO,IAAI,YAAY;AAEtC,MAAM,0BAA0B;AAChC,MAAM,gCAAgC;AAE/B,MAAM,6CAA6C,+BAAgB;AAAC;AAEpE,MAAM,WAAsC;AAAA,EAsB/C,YACY,UACS,IACA,GACA,iBACnB;AAJU;AACS;AACA;AACA;AAAA,EAClB;AAAA,EA1BM,KAAK;AAAA,EACL,wBAAwB;AAAA,EAEjC;AAAA,EACA,iBAAiB;AAAA,EAEjB,aAAa,QAAQ,UAA0B,cAAsB,iBAAkC;AACnG,UAAM,EAAE,IAAI,EAAE,IAAI,MAAM,uBAAQ,WAAW,iBAAiB,YAAY;AACxE,WAAO,IAAI,WAAW,UAAU,IAAI,GAAG,eAAe;AAAA,EAC1D;AAAA,EAEA,OAAO,sBACH,UACA,mBACA,iBACF;AACE,UAAM,KAAK,gBAAgB,kBAAkB,MAAM,GAAG,EAAE,CAAC;AACzD,UAAM,IAAI,kBAAkB,MAAM,IAAI,KAAK,EAAE;AAC7C,WAAO,IAAI,WAAW,UAAU,IAAI,GAAG,eAAe;AAAA,EAC1D;AAAA,EASA,MAAM,cAAc,UAA2B;AAC3C,UAAM,YAAY,IAAI,yCAAoB,QAAQ;AAClD,QAAI;AAKA,UAAI,KAAK,SAAS,eAAe,GAAG;AAChC,eAAO,KAAK,wFAAwF;AAAA,MACxG,WAAW,KAAK,eAAe,WAAW;AACtC,eAAO;AAAA,UACH;AAAA,QACJ;AAAA,MACJ,OAAO;AAEH,cAAM,KAAK,qBAAqB,SAAS;AAAA,MAC7C;AAAA,IACJ,SAAS,OAAO;AACZ,WAAK;AACL,aAAO;AAAA,QACH,oDAAoD,KAAK,cAAc,IAAI,6BAA6B;AAAA,QACxG;AAAA,MACJ;AAGA,YAAM,YAAY,EAAE,iBAAiB;AACrC,YAAM,KAAK,cAAc,WAAW,SAAS;AAE7C,UAAI,KAAK,kBAAkB,+BAA+B;AACtD,cAAM,IAAI;AAAA,UACN;AAAA,QACJ;AAAA,MACJ;AAAA,IACJ,UAAE;AAEE,YAAM,SAAS,QAAQ,QAAQ;AAAA,IACnC;AAAA,EACJ;AAAA,EAEA,MAAc,qBAAqB,WAAgC;AAC/D,WAAO,KAAK,iCAAiC,UAAU,eAAe,CAAC,GAAG;AAE1E,SAAK,gBAAgB,oBAAK;AAAA,MAAS;AAAA,MAAwB;AAAA,MAAyB,MAChF,KAAK,cAAc,SAAS;AAAA,IAChC,EAAE,MAAM;AAGR,UAAM;AAAA,MACF;AAAA,MACA,SAAS;AAAA,QACL;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA,oBAAoB;AAAA,MACxB;AAAA,IACJ,IAAI,MAAM,UAAU,sBAAsB;AAC1C,QAAI,eAAe,0CAAqB;AACpC,YAAM,IAAI,mCAAoB,2BAA2B,UAAU,GAAG;AAAA,IAC1E;AAEA,UAAM,qBAAqB,MAAM,KAAK,SAAS,0BAA0B;AACzE,UAAM,kBAAkB,sBAAO,UAAU;AAEzC,UAAM,yBAAyB,KAAK,SAAS;AAC7C,UAAM,eACF,uBAAuB,qBAAqB,aAC5C,uBAAuB,qBAAqB,aAC5C;AACJ,UAAM,kBAAkB,MAAM,UAAU,uBAAuB;AAAA,MAC3D;AAAA,MACA;AAAA,MACA;AAAA,MACA,iBAAiB,qBAAqB,SAAY,KAAK;AAAA,MACvD,wBAAwB;AAAA,QACpB,GAAG;AAAA;AAAA;AAAA,QAGH,mBAAmB,eAAe,uBAAuB,oBAAoB;AAAA,MACjF;AAAA,IACJ,CAAC;AAGD,UAAM,UAAU,uBAAQ;AAAA,MACpB,MAAM,sBAAO,cAAc,CAAC,oCAAe,gBAAgB,eAAe,CAAC;AAAA,MAC3E,KAAK;AAAA,IACT;AACA,UAAM,EAAE,GAAG,EAAE,IAAI,MAAM,UAAU,cAAc;AAC/C,UAAM,IAAI,QAAQ,SAAS;AAC3B,UAAM,EAAE,IAAI,KAAK,IAAI,IAAI,MAAM,QAAQ,+BAA+B,KAAK,GAAG,GAAG,CAAC;AAClF,UAAM,UAAU,cAAc,EAAE,GAAG,GAAG,UAAU,IAAI,CAAC;AAGrD,UAAM,EAAE,SAAS,IAAI,MAAM,UAAU,cAAc;AACnD,QAAI,CAAC,qBAAM,SAAS,UAAU,GAAG,GAAG;AAChC,YAAM,IAAI,mCAAoB,yDAAyD;AAAA,IAC3F;AAGA,UAAM,KAAK,SAAS,oBAAoB;AAAA,MACpC,WAAW;AAAA,MACX,QAAQ;AAAA,MACR,YAAY,oBAAO;AAAA,MACnB;AAAA,MACA,cAAc;AAAA,MACd,MAAM,IAAI,WAAW,CAAC;AAAA,MACtB,aAAa;AAAA,MACb,cAAc;AAAA,MACd,uBAAuB;AAAA,IAC3B,CAAC;AACD,WAAO,KAAK,WAAW,kBAAkB,iBAAiB,UAAU,eAAe,CAAC,GAAG;AAEvF,UAAM,UAAU,YAAY;AAC5B,UAAM,UAAU,MAAM;AAEtB,SAAK,eAAe,KAAK;AACzB,SAAK,gBAAgB;AAAA,EACzB;AAAA,EAEA,MAAM,cAAc,WAAgC,YAAY,MAAM;AAClE,SAAK,eAAe,KAAK;AACzB,SAAK,gBAAgB;AAErB,QAAI,WAAW;AACX,YAAM,UAAU,UAAU,gCAAmB,YAAY;AAAA,IAC7D;AACA,UAAM,UAAU,MAAM;AAAA,EAC1B;AAAA,EAEA,MAAM,QAAQ;AAAA,EAEd;AACJ;",
|
|
5
5
|
"names": []
|
|
6
6
|
}
|
|
@@ -41,7 +41,7 @@ class AttestationCertificateManager {
|
|
|
41
41
|
}
|
|
42
42
|
static async create(vendorId) {
|
|
43
43
|
const key = await Crypto.createKeyPair();
|
|
44
|
-
const identifier = await Crypto.
|
|
44
|
+
const identifier = await Crypto.computeSha256(key.publicKey);
|
|
45
45
|
return new AttestationCertificateManager(vendorId, key, identifier.slice(0, 20));
|
|
46
46
|
}
|
|
47
47
|
getPAICert() {
|
|
@@ -150,7 +150,7 @@ class AttestationCertificateManager {
|
|
|
150
150
|
keyUsage: {
|
|
151
151
|
digitalSignature: true
|
|
152
152
|
},
|
|
153
|
-
subjectKeyIdentifier: (await Crypto.
|
|
153
|
+
subjectKeyIdentifier: (await Crypto.computeSha256(publicKey)).slice(0, 20),
|
|
154
154
|
authorityKeyIdentifier: this.#paiKeyIdentifier
|
|
155
155
|
}
|
|
156
156
|
};
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../../../src/certificate/AttestationCertificateManager.ts"],
|
|
4
|
-
"mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;AAMA,SAAS,OAAO,QAAQ,YAAY,MAAM,aAAa;AAEvD,SAAS,oBAAoB,sBAAsB;AACnD;AAAA,EACI;AAAA,EACA;AAAA,EACA;AAAA,OACG;AAEP,SAAS,iBAAiB,UAAoB,WAAoB;AAC9D,SAAO,yBAAyB,SAAS,SAAS,EAAE,EAAE,YAAY,CAAC,IAC/D,cAAc,SAAY,WAAW,KAAK,UAAU,SAAS,EAAE,EAAE,YAAY,CAAC,EAClF;AACJ;AAEA,SAAS,iBAAiB,UAAoB,WAAmB;AAC7D,SAAO,yBAAyB,SAAS,SAAS,EAAE,EAAE,YAAY,CAAC,MAAM,UAAU,SAAS,EAAE,EAAE,YAAY,CAAC;AACjH;AAEA,SAAS,mBAAmB;AAExB,SAAO;AACX;AAEO,MAAM,8BAA8B;AAAA,EAC/B,YAAY,OAAO,CAAC;AAAA;AAAA;AAAA,EAInB,cAAc,WAAW,+BAA+B;AAAA,IAC7D,WAAW;AAAA,EACf,CAAC;AAAA,EACQ;AAAA,EACA;AAAA,EACA;AAAA,EACA,oBAAoB;AAAA,EACpB,aAAa,OAAO,CAAC;AAAA,EACrB;AAAA,EACT,qBAAqB;AAAA,EAErB,YAAY,UAAoB,YAAwB,kBAA8B;AAClF,SAAK,YAAY;AACjB,SAAK,cAAc;AACnB,SAAK,oBAAoB;AACzB,SAAK,gBAAgB,KAAK,gBAAgB,QAAQ;AAAA,EACtD;AAAA,EAEA,aAAa,OAAO,UAAoB;AACpC,UAAM,MAAM,MAAM,OAAO,cAAc;AACvC,UAAM,aAAa,MAAM,OAAO,
|
|
4
|
+
"mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;AAMA,SAAS,OAAO,QAAQ,YAAY,MAAM,aAAa;AAEvD,SAAS,oBAAoB,sBAAsB;AACnD;AAAA,EACI;AAAA,EACA;AAAA,EACA;AAAA,OACG;AAEP,SAAS,iBAAiB,UAAoB,WAAoB;AAC9D,SAAO,yBAAyB,SAAS,SAAS,EAAE,EAAE,YAAY,CAAC,IAC/D,cAAc,SAAY,WAAW,KAAK,UAAU,SAAS,EAAE,EAAE,YAAY,CAAC,EAClF;AACJ;AAEA,SAAS,iBAAiB,UAAoB,WAAmB;AAC7D,SAAO,yBAAyB,SAAS,SAAS,EAAE,EAAE,YAAY,CAAC,MAAM,UAAU,SAAS,EAAE,EAAE,YAAY,CAAC;AACjH;AAEA,SAAS,mBAAmB;AAExB,SAAO;AACX;AAEO,MAAM,8BAA8B;AAAA,EAC/B,YAAY,OAAO,CAAC;AAAA;AAAA;AAAA,EAInB,cAAc,WAAW,+BAA+B;AAAA,IAC7D,WAAW;AAAA,EACf,CAAC;AAAA,EACQ;AAAA,EACA;AAAA,EACA;AAAA,EACA,oBAAoB;AAAA,EACpB,aAAa,OAAO,CAAC;AAAA,EACrB;AAAA,EACT,qBAAqB;AAAA,EAErB,YAAY,UAAoB,YAAwB,kBAA8B;AAClF,SAAK,YAAY;AACjB,SAAK,cAAc;AACnB,SAAK,oBAAoB;AACzB,SAAK,gBAAgB,KAAK,gBAAgB,QAAQ;AAAA,EACtD;AAAA,EAEA,aAAa,OAAO,UAAoB;AACpC,UAAM,MAAM,MAAM,OAAO,cAAc;AACvC,UAAM,aAAa,MAAM,OAAO,cAAc,IAAI,SAAS;AAC3D,WAAO,IAAI,8BAA8B,UAAU,KAAK,WAAW,MAAM,GAAG,EAAE,CAAC;AAAA,EACnF;AAAA,EAEA,aAAa;AACT,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,MAAM,UAAU,WAAmB;AAC/B,UAAM,aAAa,MAAM,OAAO,cAAc;AAC9C,WAAO;AAAA,MACH,SAAS;AAAA,MACT,KAAK,MAAM,KAAK,eAAe,WAAW,WAAW,KAAK,WAAW,SAAS;AAAA,IAClF;AAAA,EACJ;AAAA;AAAA;AAAA;AAAA,EAKQ,gBAAgB,UAAqB;AACzC,UAAM,MAAM,KAAK,IAAI,EAAE,IAAI;AAC3B,UAAM,sBAAsB;AAAA,MACxB,cAAc,MAAM,QAAQ,MAAM,KAAK,SAAS,CAAC;AAAA,MACjD,oBAAoB;AAAA,MACpB,oBAAoB;AAAA,MACpB,yBAAyB;AAAA,MACzB,QAAQ;AAAA,QACJ,YAAY,iBAAiB;AAAA,QAC7B;AAAA,MACJ;AAAA,MACA,WAAW,eAAe,KAAK,EAAE;AAAA,MACjC,UAAU,eAAe,KAAK,EAAE;AAAA,MAChC,SAAS;AAAA,QACL,YAAY,iBAAiB;AAAA,QAC7B;AAAA,MACJ;AAAA,MACA,wBAAwB,KAAK,YAAY;AAAA,MACzC,YAAY;AAAA,QACR,kBAAkB;AAAA,UACd,MAAM;AAAA,UACN,SAAS;AAAA,QACb;AAAA,QACA,UAAU;AAAA,UACN,aAAa;AAAA,UACb,SAAS;AAAA,QACb;AAAA,QACA,sBAAsB,KAAK;AAAA,QAC3B,wBAAwB,KAAK;AAAA,MACjC;AAAA,IACJ;AACA,WAAO,mBAAmB,sCAAsC,qBAAqB,KAAK,WAAW;AAAA,EACzG;AAAA,EAEQ,gBAAgB,UAAoB,WAAoB;AAC5D,UAAM,MAAM,KAAK,IAAI,EAAE,IAAI;AAC3B,UAAM,sBAAsB;AAAA,MACxB,cAAc,MAAM,QAAQ,MAAM,KAAK,UAAU,CAAC;AAAA,MAClD,oBAAoB;AAAA,MACpB,oBAAoB;AAAA,MACpB,yBAAyB;AAAA,MACzB,QAAQ;AAAA,QACJ,YAAY,iBAAiB;AAAA,MACjC;AAAA,MACA,WAAW,eAAe,KAAK,EAAE;AAAA,MACjC,UAAU,eAAe,KAAK,EAAE;AAAA,MAChC,SAAS;AAAA,QACL,YAAY,iBAAiB,UAAU,SAAS;AAAA,QAChD;AAAA,QACA;AAAA,MACJ;AAAA,MACA,wBAAwB,KAAK,YAAY;AAAA,MACzC,YAAY;AAAA,QACR,kBAAkB;AAAA,UACd,MAAM;AAAA,UACN,SAAS;AAAA,QACb;AAAA,QACA,UAAU;AAAA,UACN,aAAa;AAAA,UACb,SAAS;AAAA,QACb;AAAA,QACA,sBAAsB,KAAK;AAAA,QAC3B,wBAAwB,KAAK;AAAA,MACjC;AAAA,IACJ;AACA,WAAO,mBAAmB,yCAAyC,qBAAqB,KAAK,WAAW;AAAA,EAC5G;AAAA,EAEA,MAAM,eAAe,WAAuB,UAAoB,WAAmB;AAC/E,UAAM,MAAM,KAAK,IAAI,EAAE,IAAI;AAC3B,UAAM,SAAS,KAAK;AACpB,UAAM,sBAAsB;AAAA,MACxB,cAAc,MAAM,QAAQ,MAAM,MAAM,CAAC;AAAA,MACzC,oBAAoB;AAAA,MACpB,oBAAoB;AAAA,MACpB,yBAAyB;AAAA,MACzB,WAAW,eAAe,KAAK,EAAE;AAAA,MACjC,UAAU,eAAe,KAAK,EAAE;AAAA,MAChC,QAAQ;AAAA,QACJ,YAAY,iBAAiB,QAAQ;AAAA,QACrC;AAAA,MACJ;AAAA,MACA,SAAS;AAAA,QACL,YAAY,iBAAiB,UAAU,SAAS;AAAA,QAChD;AAAA,QACA;AAAA,MACJ;AAAA,MACA,wBAAwB;AAAA,MACxB,YAAY;AAAA,QACR,kBAAkB;AAAA,UACd,MAAM;AAAA,QACV;AAAA,QACA,UAAU;AAAA,UACN,kBAAkB;AAAA,QACtB;AAAA,QACA,uBAAuB,MAAM,OAAO,cAAc,SAAS,GAAG,MAAM,GAAG,EAAE;AAAA,QACzE,wBAAwB,KAAK;AAAA,MACjC;AAAA,IACJ;AACA,WAAO,mBAAmB,4BAA4B,qBAAqB,KAAK,WAAW;AAAA,EAC/F;AACJ;",
|
|
5
5
|
"names": []
|
|
6
6
|
}
|
|
@@ -12,8 +12,8 @@ import { CaseAuthenticatedTag, FabricId, NodeId } from "#types";
|
|
|
12
12
|
export declare class CertificateAuthority {
|
|
13
13
|
#private;
|
|
14
14
|
get construction(): Construction<CertificateAuthority>;
|
|
15
|
-
static create(options
|
|
16
|
-
constructor(options
|
|
15
|
+
static create(options?: StorageContext | CertificateAuthority.Configuration): Promise<CertificateAuthority>;
|
|
16
|
+
constructor(options?: StorageContext | CertificateAuthority.Configuration);
|
|
17
17
|
static [Environmental.create](env: Environment): CertificateAuthority;
|
|
18
18
|
get rootCert(): Uint8Array<ArrayBufferLike>;
|
|
19
19
|
get config(): CertificateAuthority.Configuration;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"CertificateAuthority.d.ts","sourceRoot":"","sources":["../../../src/certificate/CertificateAuthority.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EACH,aAAa,EAEb,YAAY,EAEZ,WAAW,EACX,aAAa,EAIb,cAAc,EAKjB,MAAM,UAAU,CAAC;AAClB,OAAO,EAAE,oBAAoB,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAahE;;;GAGG;AACH,qBAAa,oBAAoB;;IAQ7B,IAAI,YAAY,uCAEf;WAEY,MAAM,CAAC,OAAO,EAAE,cAAc,GAAG,oBAAoB,CAAC,aAAa;
|
|
1
|
+
{"version":3,"file":"CertificateAuthority.d.ts","sourceRoot":"","sources":["../../../src/certificate/CertificateAuthority.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EACH,aAAa,EAEb,YAAY,EAEZ,WAAW,EACX,aAAa,EAIb,cAAc,EAKjB,MAAM,UAAU,CAAC;AAClB,OAAO,EAAE,oBAAoB,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAahE;;;GAGG;AACH,qBAAa,oBAAoB;;IAQ7B,IAAI,YAAY,uCAEf;WAEY,MAAM,CAAC,OAAO,CAAC,EAAE,cAAc,GAAG,oBAAoB,CAAC,aAAa;gBAIrE,OAAO,CAAC,EAAE,cAAc,GAAG,oBAAoB,CAAC,aAAa;IAuCzE,MAAM,CAAC,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,WAAW;IAO9C,IAAI,QAAQ,gCAEX;IAED,IAAI,MAAM,IAAI,oBAAoB,CAAC,aAAa,CAQ/C;IA+BK,WAAW,CACb,SAAS,EAAE,UAAU,EACrB,QAAQ,EAAE,QAAQ,EAClB,MAAM,EAAE,MAAM,EACd,qBAAqB,CAAC,EAAE,oBAAoB,EAAE;CA8CrD;AAED,yBAAiB,oBAAoB,CAAC;IAClC,KAAY,aAAa,GAAG;QACxB,UAAU,EAAE,MAAM,CAAC;QACnB,WAAW,EAAE,aAAa,CAAC;QAC3B,iBAAiB,EAAE,UAAU,CAAC;QAC9B,aAAa,EAAE,UAAU,CAAC;QAC1B,iBAAiB,EAAE,MAAM,CAAC;KAC7B,CAAC;CACL"}
|
|
@@ -39,9 +39,9 @@ class CertificateAuthority {
|
|
|
39
39
|
}
|
|
40
40
|
constructor(options) {
|
|
41
41
|
this.#construction = Construction(this, async () => {
|
|
42
|
-
const certValues = options instanceof StorageContext ? await options.values() : options;
|
|
42
|
+
const certValues = options instanceof StorageContext ? await options.values() : options ?? {};
|
|
43
43
|
this.#rootKeyPair = await Crypto.createKeyPair();
|
|
44
|
-
this.#rootKeyIdentifier = (await Crypto.
|
|
44
|
+
this.#rootKeyIdentifier = (await Crypto.computeSha256(this.#rootKeyPair.publicKey)).slice(0, 20);
|
|
45
45
|
this.#rootCertBytes = await this.#generateRootCert();
|
|
46
46
|
if ((typeof certValues.rootCertId === "number" || typeof certValues.rootCertId === "bigint") && (ArrayBuffer.isView(certValues.rootKeyPair) || typeof certValues.rootKeyPair === "object") && ArrayBuffer.isView(certValues.rootKeyIdentifier) && ArrayBuffer.isView(certValues.rootCertBytes) && (typeof certValues.nextCertificateId === "number" || typeof certValues.nextCertificateId === "bigint")) {
|
|
47
47
|
this.#rootCertId = BigInt(certValues.rootCertId);
|
|
@@ -104,7 +104,7 @@ class CertificateAuthority {
|
|
|
104
104
|
authorityKeyIdentifier: this.#initializedRootKeyIdentifier
|
|
105
105
|
}
|
|
106
106
|
};
|
|
107
|
-
const signature = await Crypto.
|
|
107
|
+
const signature = await Crypto.signEcdsa(
|
|
108
108
|
this.#initializedRootKeyPair,
|
|
109
109
|
CertificateManager.rootCertToAsn1(unsignedCertificate)
|
|
110
110
|
);
|
|
@@ -129,11 +129,11 @@ class CertificateAuthority {
|
|
|
129
129
|
digitalSignature: true
|
|
130
130
|
},
|
|
131
131
|
extendedKeyUsage: [2, 1],
|
|
132
|
-
subjectKeyIdentifier: (await Crypto.
|
|
132
|
+
subjectKeyIdentifier: (await Crypto.computeSha256(publicKey)).slice(0, 20),
|
|
133
133
|
authorityKeyIdentifier: this.#initializedRootKeyIdentifier
|
|
134
134
|
}
|
|
135
135
|
};
|
|
136
|
-
const signature = await Crypto.
|
|
136
|
+
const signature = await Crypto.signEcdsa(
|
|
137
137
|
this.#initializedRootKeyPair,
|
|
138
138
|
CertificateManager.nodeOperationalCertToAsn1(unsignedCertificate)
|
|
139
139
|
);
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../../../src/certificate/CertificateAuthority.ts"],
|
|
4
|
-
"mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;AAMA;AAAA,EAEI;AAAA,EACA;AAAA,EACA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACG;AAEP;AAAA,EACI;AAAA,EAGA;AAAA,EACA;AAAA,EAEA;AAAA,OACG;AAEP,MAAM,SAAS,OAAO,IAAI,sBAAsB;AAMzC,MAAM,qBAAqB;AAAA,EAC9B,cAAc,OAAO,CAAC;AAAA,EACtB;AAAA,EACA;AAAA,EACA;AAAA,EACA,qBAAqB,OAAO,CAAC;AAAA,EAC7B;AAAA,EAEA,IAAI,eAAe;AACf,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,aAAa,OAAO,
|
|
4
|
+
"mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;AAMA;AAAA,EAEI;AAAA,EACA;AAAA,EACA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACG;AAEP;AAAA,EACI;AAAA,EAGA;AAAA,EACA;AAAA,EAEA;AAAA,OACG;AAEP,MAAM,SAAS,OAAO,IAAI,sBAAsB;AAMzC,MAAM,qBAAqB;AAAA,EAC9B,cAAc,OAAO,CAAC;AAAA,EACtB;AAAA,EACA;AAAA,EACA;AAAA,EACA,qBAAqB,OAAO,CAAC;AAAA,EAC7B;AAAA,EAEA,IAAI,eAAe;AACf,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,aAAa,OAAO,SAA+D;AAC/E,WAAO,SAAS,sBAAsB,OAAO;AAAA,EACjD;AAAA,EAEA,YAAY,SAA+D;AACvE,SAAK,gBAAgB,aAAa,MAAM,YAAY;AAEhD,YAAM,aAAa,mBAAmB,iBAAiB,MAAM,QAAQ,OAAO,IAAK,WAAW,CAAC;AAE7F,WAAK,eAAe,MAAM,OAAO,cAAc;AAC/C,WAAK,sBAAsB,MAAM,OAAO,cAAc,KAAK,aAAa,SAAS,GAAG,MAAM,GAAG,EAAE;AAC/F,WAAK,iBAAiB,MAAM,KAAK,kBAAkB;AAEnD,WACK,OAAO,WAAW,eAAe,YAAY,OAAO,WAAW,eAAe,cAC9E,YAAY,OAAO,WAAW,WAAW,KAAK,OAAO,WAAW,gBAAgB,aACjF,YAAY,OAAO,WAAW,iBAAiB,KAC/C,YAAY,OAAO,WAAW,aAAa,MAC1C,OAAO,WAAW,sBAAsB,YAAY,OAAO,WAAW,sBAAsB,WAC/F;AACE,aAAK,cAAc,OAAO,WAAW,UAAU;AAC/C,aAAK,eAAe,WAAW,WAAW,WAA4B;AACtE,aAAK,qBAAqB,WAAW;AACrC,aAAK,iBAAiB,WAAW;AACjC,aAAK,qBAAqB,OAAO,WAAW,iBAAiB;AAC7D,eAAO,KAAK,qCAAqC,KAAK,WAAW,EAAE;AACnE;AAAA,MACJ;AAEA,aAAO,KAAK,mCAAmC,KAAK,WAAW,EAAE;AAEjE,UAAI,mBAAmB,gBAAgB;AACnC,cAAM,QAAQ,IAAI;AAAA,UACd,YAAY,KAAK;AAAA,UACjB,aAAa,KAAK,aAAa;AAAA,UAC/B,mBAAmB,KAAK;AAAA,UACxB,eAAe,KAAK;AAAA,UACpB,mBAAmB,KAAK;AAAA,QAC5B,CAAC;AAAA,MACL;AAAA,IACJ,CAAC;AAAA,EACL;AAAA,EAEA,QAAQ,cAAc,MAAM,EAAE,KAAkB;AAC5C,UAAM,UAAU,IAAI,IAAI,cAAc,EAAE,cAAc,cAAc;AACpE,UAAM,WAAW,IAAI,qBAAqB,OAAO;AACjD,QAAI,IAAI,sBAAsB,QAAQ;AACtC,WAAO;AAAA,EACX;AAAA,EAEA,IAAI,WAAW;AACX,WAAO,KAAK,cAAc,OAAO,aAAa,KAAK,cAAc;AAAA,EACrE;AAAA,EAEA,IAAI,SAA6C;AAC7C,WAAO;AAAA,MACH,YAAY,KAAK;AAAA,MACjB,aAAa,KAAK,aAAa,OAAO,iBAAiB,KAAK,YAAY,EAAE;AAAA,MAC1E,mBAAmB,KAAK,aAAa,OAAO,uBAAuB,KAAK,kBAAkB;AAAA,MAC1F,eAAe,KAAK,aAAa,OAAO,mBAAmB,KAAK,cAAc;AAAA,MAC9E,mBAAmB,KAAK;AAAA,IAC5B;AAAA,EACJ;AAAA,EAEA,MAAM,oBAAoB;AACtB,UAAM,MAAM,KAAK,IAAI,EAAE,IAAI;AAC3B,UAAM,sBAAiD;AAAA,MACnD,cAAc,MAAM,QAAQ,MAAM,KAAK,WAAW,CAAC;AAAA,MACnD,oBAAoB;AAAA,MACpB,oBAAoB;AAAA,MACpB,yBAAyB;AAAA,MACzB,QAAQ,EAAE,QAAQ,KAAK,YAAY;AAAA,MACnC,WAAW,eAAe,KAAK,EAAE;AAAA,MACjC,UAAU,eAAe,KAAK,EAAE;AAAA,MAChC,SAAS,EAAE,QAAQ,KAAK,YAAY;AAAA,MACpC,wBAAwB,KAAK,wBAAwB;AAAA,MACrD,YAAY;AAAA,QACR,kBAAkB,EAAE,MAAM,KAAK;AAAA,QAC/B,UAAU;AAAA,UACN,aAAa;AAAA,UACb,SAAS;AAAA,QACb;AAAA,QACA,sBAAsB,KAAK;AAAA,QAC3B,wBAAwB,KAAK;AAAA,MACjC;AAAA,IACJ;AACA,UAAM,YAAY,MAAM,OAAO;AAAA,MAC3B,KAAK;AAAA,MACL,mBAAmB,eAAe,mBAAmB;AAAA,IACzD;AACA,WAAO,mBAAmB,OAAO,EAAE,GAAG,qBAAqB,UAAU,CAAC;AAAA,EAC1E;AAAA,EAEA,MAAM,YACF,WACA,UACA,QACA,uBACF;AACE,UAAM,MAAM,KAAK,IAAI,EAAE,IAAI;AAC3B,UAAM,SAAS,KAAK;AACpB,UAAM,sBAAwD;AAAA,MAC1D,cAAc,MAAM,QAAQ,MAAM,MAAM,CAAC;AAAA,MACzC,oBAAoB;AAAA,MACpB,oBAAoB;AAAA,MACpB,yBAAyB;AAAA,MACzB,QAAQ,EAAE,QAAQ,KAAK,YAAY;AAAA,MACnC,WAAW,eAAe,KAAK,EAAE;AAAA,MACjC,UAAU,eAAe,KAAK,EAAE;AAAA,MAChC,SAAS,EAAE,UAAU,QAAQ,sBAAsB;AAAA,MACnD,wBAAwB;AAAA,MACxB,YAAY;AAAA,QACR,kBAAkB,EAAE,MAAM,MAAM;AAAA,QAChC,UAAU;AAAA,UACN,kBAAkB;AAAA,QACtB;AAAA,QACA,kBAAkB,CAAC,GAAG,CAAC;AAAA,QACvB,uBAAuB,MAAM,OAAO,cAAc,SAAS,GAAG,MAAM,GAAG,EAAE;AAAA,QACzE,wBAAwB,KAAK;AAAA,MACjC;AAAA,IACJ;AAEA,UAAM,YAAY,MAAM,OAAO;AAAA,MAC3B,KAAK;AAAA,MACL,mBAAmB,0BAA0B,mBAAmB;AAAA,IACpE;AAEA,WAAO,0BAA0B,OAAO,EAAE,GAAG,qBAAqB,UAAU,CAAC;AAAA,EACjF;AAAA,EAEA,IAAI,0BAA0B;AAC1B,QAAI,KAAK,iBAAiB,QAAW;AACjC,YAAM,IAAI,cAAc,iCAAiC;AAAA,IAC7D;AACA,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,IAAI,gCAAgC;AAChC,QAAI,KAAK,uBAAuB,QAAW;AACvC,YAAM,IAAI,cAAc,oCAAoC;AAAA,IAChE;AACA,WAAO,KAAK;AAAA,EAChB;AACJ;",
|
|
5
5
|
"names": []
|
|
6
6
|
}
|