@matter/protocol 0.14.1-alpha.0-20250606-a9bcd03f9 → 0.15.0-alpha.0-20250612-ddd428561
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/certificate/AttestationCertificateManager.js +2 -2
- package/dist/cjs/certificate/AttestationCertificateManager.js.map +1 -1
- package/dist/cjs/certificate/CertificateAuthority.d.ts +2 -2
- package/dist/cjs/certificate/CertificateAuthority.d.ts.map +1 -1
- package/dist/cjs/certificate/CertificateAuthority.js +5 -5
- package/dist/cjs/certificate/CertificateAuthority.js.map +1 -1
- package/dist/cjs/certificate/CertificateManager.d.ts +1 -1
- package/dist/cjs/certificate/CertificateManager.d.ts.map +1 -1
- package/dist/cjs/certificate/CertificateManager.js +21 -10
- package/dist/cjs/certificate/CertificateManager.js.map +1 -1
- package/dist/cjs/certificate/CertificationDeclarationManager.d.ts +1 -1
- package/dist/cjs/certificate/DeviceCertification.d.ts +1 -1
- package/dist/cjs/certificate/DeviceCertification.d.ts.map +1 -1
- package/dist/cjs/certificate/DeviceCertification.js +5 -3
- package/dist/cjs/certificate/DeviceCertification.js.map +1 -1
- package/dist/cjs/cluster/client/ClusterClient.d.ts.map +1 -1
- package/dist/cjs/cluster/client/ClusterClient.js +6 -0
- package/dist/cjs/cluster/client/ClusterClient.js.map +1 -1
- package/dist/cjs/cluster/client/ClusterClientTypes.d.ts +4 -1
- package/dist/cjs/cluster/client/ClusterClientTypes.d.ts.map +1 -1
- package/dist/cjs/codec/BtpCodec.d.ts +1 -1
- package/dist/cjs/codec/MessageCodec.d.ts +1 -1
- package/dist/cjs/fabric/Fabric.d.ts +8 -6
- package/dist/cjs/fabric/Fabric.d.ts.map +1 -1
- package/dist/cjs/fabric/Fabric.js +22 -15
- package/dist/cjs/fabric/Fabric.js.map +1 -1
- package/dist/cjs/fabric/FabricAuthority.d.ts +4 -0
- package/dist/cjs/fabric/FabricAuthority.d.ts.map +1 -1
- package/dist/cjs/fabric/FabricAuthority.js +6 -0
- package/dist/cjs/fabric/FabricAuthority.js.map +1 -1
- package/dist/cjs/fabric/FabricManager.d.ts.map +1 -1
- package/dist/cjs/fabric/FabricManager.js +9 -2
- package/dist/cjs/fabric/FabricManager.js.map +1 -1
- package/dist/cjs/fabric/TestFabric.d.ts +30 -0
- package/dist/cjs/fabric/TestFabric.d.ts.map +1 -0
- package/dist/cjs/fabric/TestFabric.js +70 -0
- package/dist/cjs/fabric/TestFabric.js.map +6 -0
- package/dist/cjs/fabric/index.d.ts +1 -0
- package/dist/cjs/fabric/index.d.ts.map +1 -1
- package/dist/cjs/fabric/index.js +1 -0
- package/dist/cjs/fabric/index.js.map +1 -1
- package/dist/cjs/groups/{FabricGroupsManager.d.ts → FabricGroups.d.ts} +2 -2
- package/dist/cjs/groups/FabricGroups.d.ts.map +1 -0
- package/dist/cjs/groups/{FabricGroupsManager.js → FabricGroups.js} +9 -9
- package/dist/cjs/groups/FabricGroups.js.map +6 -0
- package/dist/cjs/groups/KeySets.js +1 -1
- package/dist/cjs/groups/KeySets.js.map +1 -1
- package/dist/cjs/groups/index.d.ts +1 -1
- package/dist/cjs/groups/index.d.ts.map +1 -1
- package/dist/cjs/groups/index.js +1 -1
- package/dist/cjs/groups/index.js.map +1 -1
- package/dist/cjs/interaction/{AccessControlManager.d.ts → FabricAccessControl.d.ts} +12 -7
- package/dist/cjs/interaction/FabricAccessControl.d.ts.map +1 -0
- package/dist/cjs/interaction/{AccessControlManager.js → FabricAccessControl.js} +46 -21
- package/dist/cjs/interaction/FabricAccessControl.js.map +6 -0
- package/dist/cjs/interaction/index.d.ts +1 -1
- package/dist/cjs/interaction/index.d.ts.map +1 -1
- package/dist/cjs/interaction/index.js +1 -1
- package/dist/cjs/interaction/index.js.map +1 -1
- package/dist/cjs/peer/ControllerCommissioningFlow.d.ts.map +1 -1
- package/dist/cjs/peer/ControllerCommissioningFlow.js +2 -4
- package/dist/cjs/peer/ControllerCommissioningFlow.js.map +1 -1
- package/dist/cjs/protocol/DeviceCommissioner.js +1 -1
- package/dist/cjs/protocol/DeviceCommissioner.js.map +1 -1
- package/dist/cjs/protocol/MessageExchange.d.ts +6 -0
- package/dist/cjs/protocol/MessageExchange.d.ts.map +1 -1
- package/dist/cjs/protocol/MessageExchange.js +13 -0
- package/dist/cjs/protocol/MessageExchange.js.map +1 -1
- package/dist/cjs/securechannel/SecureChannelStatusMessageSchema.d.ts +1 -1
- package/dist/cjs/session/NodeSession.js +1 -1
- package/dist/cjs/session/Session.d.ts +1 -1
- package/dist/cjs/session/SessionManager.d.ts.map +1 -1
- package/dist/cjs/session/SessionManager.js +1 -0
- package/dist/cjs/session/SessionManager.js.map +1 -1
- package/dist/cjs/session/case/CaseClient.d.ts.map +1 -1
- package/dist/cjs/session/case/CaseClient.js +34 -30
- package/dist/cjs/session/case/CaseClient.js.map +1 -1
- package/dist/cjs/session/case/CaseMessages.d.ts +8 -8
- package/dist/cjs/session/case/CaseMessages.js +8 -8
- package/dist/cjs/session/case/CaseMessages.js.map +1 -1
- package/dist/cjs/session/case/CaseServer.d.ts.map +1 -1
- package/dist/cjs/session/case/CaseServer.js +26 -23
- package/dist/cjs/session/case/CaseServer.js.map +1 -1
- package/dist/cjs/session/pase/PaseClient.d.ts.map +1 -1
- package/dist/cjs/session/pase/PaseClient.js +4 -1
- package/dist/cjs/session/pase/PaseClient.js.map +1 -1
- package/dist/cjs/session/pase/PaseServer.d.ts.map +1 -1
- package/dist/cjs/session/pase/PaseServer.js +4 -1
- package/dist/cjs/session/pase/PaseServer.js.map +1 -1
- package/dist/esm/certificate/AttestationCertificateManager.js +2 -2
- package/dist/esm/certificate/AttestationCertificateManager.js.map +1 -1
- package/dist/esm/certificate/CertificateAuthority.d.ts +2 -2
- package/dist/esm/certificate/CertificateAuthority.d.ts.map +1 -1
- package/dist/esm/certificate/CertificateAuthority.js +5 -5
- package/dist/esm/certificate/CertificateAuthority.js.map +1 -1
- package/dist/esm/certificate/CertificateManager.d.ts +1 -1
- package/dist/esm/certificate/CertificateManager.d.ts.map +1 -1
- package/dist/esm/certificate/CertificateManager.js +22 -11
- package/dist/esm/certificate/CertificateManager.js.map +1 -1
- package/dist/esm/certificate/CertificationDeclarationManager.d.ts +1 -1
- package/dist/esm/certificate/DeviceCertification.d.ts +1 -1
- package/dist/esm/certificate/DeviceCertification.d.ts.map +1 -1
- package/dist/esm/certificate/DeviceCertification.js +5 -3
- package/dist/esm/certificate/DeviceCertification.js.map +1 -1
- package/dist/esm/cluster/client/ClusterClient.d.ts.map +1 -1
- package/dist/esm/cluster/client/ClusterClient.js +6 -0
- package/dist/esm/cluster/client/ClusterClient.js.map +1 -1
- package/dist/esm/cluster/client/ClusterClientTypes.d.ts +4 -1
- package/dist/esm/cluster/client/ClusterClientTypes.d.ts.map +1 -1
- package/dist/esm/codec/BtpCodec.d.ts +1 -1
- package/dist/esm/codec/MessageCodec.d.ts +1 -1
- package/dist/esm/fabric/Fabric.d.ts +8 -6
- package/dist/esm/fabric/Fabric.d.ts.map +1 -1
- package/dist/esm/fabric/Fabric.js +22 -14
- package/dist/esm/fabric/Fabric.js.map +1 -1
- package/dist/esm/fabric/FabricAuthority.d.ts +4 -0
- package/dist/esm/fabric/FabricAuthority.d.ts.map +1 -1
- package/dist/esm/fabric/FabricAuthority.js +6 -0
- package/dist/esm/fabric/FabricAuthority.js.map +1 -1
- package/dist/esm/fabric/FabricManager.d.ts.map +1 -1
- package/dist/esm/fabric/FabricManager.js +9 -2
- package/dist/esm/fabric/FabricManager.js.map +1 -1
- package/dist/esm/fabric/TestFabric.d.ts +30 -0
- package/dist/esm/fabric/TestFabric.d.ts.map +1 -0
- package/dist/esm/fabric/TestFabric.js +50 -0
- package/dist/esm/fabric/TestFabric.js.map +6 -0
- package/dist/esm/fabric/index.d.ts +1 -0
- package/dist/esm/fabric/index.d.ts.map +1 -1
- package/dist/esm/fabric/index.js +1 -0
- package/dist/esm/fabric/index.js.map +1 -1
- package/dist/esm/groups/{FabricGroupsManager.d.ts → FabricGroups.d.ts} +2 -2
- package/dist/esm/groups/FabricGroups.d.ts.map +1 -0
- package/dist/esm/groups/{FabricGroupsManager.js → FabricGroups.js} +6 -6
- package/dist/esm/groups/FabricGroups.js.map +6 -0
- package/dist/esm/groups/KeySets.js +1 -1
- package/dist/esm/groups/KeySets.js.map +1 -1
- package/dist/esm/groups/index.d.ts +1 -1
- package/dist/esm/groups/index.d.ts.map +1 -1
- package/dist/esm/groups/index.js +1 -1
- package/dist/esm/interaction/{AccessControlManager.d.ts → FabricAccessControl.d.ts} +12 -7
- package/dist/esm/interaction/FabricAccessControl.d.ts.map +1 -0
- package/dist/esm/interaction/{AccessControlManager.js → FabricAccessControl.js} +44 -19
- package/dist/esm/interaction/FabricAccessControl.js.map +6 -0
- package/dist/esm/interaction/index.d.ts +1 -1
- package/dist/esm/interaction/index.d.ts.map +1 -1
- package/dist/esm/interaction/index.js +1 -1
- package/dist/esm/peer/ControllerCommissioningFlow.d.ts.map +1 -1
- package/dist/esm/peer/ControllerCommissioningFlow.js +2 -4
- package/dist/esm/peer/ControllerCommissioningFlow.js.map +1 -1
- package/dist/esm/protocol/DeviceCommissioner.js +1 -1
- package/dist/esm/protocol/DeviceCommissioner.js.map +1 -1
- package/dist/esm/protocol/MessageExchange.d.ts +6 -0
- package/dist/esm/protocol/MessageExchange.d.ts.map +1 -1
- package/dist/esm/protocol/MessageExchange.js +13 -0
- package/dist/esm/protocol/MessageExchange.js.map +1 -1
- package/dist/esm/securechannel/SecureChannelStatusMessageSchema.d.ts +1 -1
- package/dist/esm/session/NodeSession.js +1 -1
- package/dist/esm/session/Session.d.ts +1 -1
- package/dist/esm/session/SessionManager.d.ts.map +1 -1
- package/dist/esm/session/SessionManager.js +1 -0
- package/dist/esm/session/SessionManager.js.map +1 -1
- package/dist/esm/session/case/CaseClient.d.ts.map +1 -1
- package/dist/esm/session/case/CaseClient.js +34 -30
- package/dist/esm/session/case/CaseClient.js.map +1 -1
- package/dist/esm/session/case/CaseMessages.d.ts +8 -8
- package/dist/esm/session/case/CaseMessages.js +8 -8
- package/dist/esm/session/case/CaseMessages.js.map +1 -1
- package/dist/esm/session/case/CaseServer.d.ts.map +1 -1
- package/dist/esm/session/case/CaseServer.js +26 -23
- package/dist/esm/session/case/CaseServer.js.map +1 -1
- package/dist/esm/session/pase/PaseClient.d.ts.map +1 -1
- package/dist/esm/session/pase/PaseClient.js +4 -1
- package/dist/esm/session/pase/PaseClient.js.map +1 -1
- package/dist/esm/session/pase/PaseServer.d.ts.map +1 -1
- package/dist/esm/session/pase/PaseServer.js +4 -1
- package/dist/esm/session/pase/PaseServer.js.map +1 -1
- package/package.json +6 -6
- package/src/certificate/AttestationCertificateManager.ts +2 -2
- package/src/certificate/CertificateAuthority.ts +7 -7
- package/src/certificate/CertificateManager.ts +22 -11
- package/src/certificate/DeviceCertification.ts +5 -3
- package/src/cluster/client/ClusterClient.ts +7 -0
- package/src/cluster/client/ClusterClientTypes.ts +7 -0
- package/src/fabric/Fabric.ts +24 -15
- package/src/fabric/FabricAuthority.ts +7 -0
- package/src/fabric/FabricManager.ts +9 -2
- package/src/fabric/TestFabric.ts +73 -0
- package/src/fabric/index.ts +1 -0
- package/src/groups/{FabricGroupsManager.ts → FabricGroups.ts} +4 -4
- package/src/groups/KeySets.ts +1 -1
- package/src/groups/index.ts +1 -1
- package/src/interaction/{AccessControlManager.ts → FabricAccessControl.ts} +61 -25
- package/src/interaction/index.ts +1 -1
- package/src/peer/ControllerCommissioningFlow.ts +2 -4
- package/src/protocol/DeviceCommissioner.ts +1 -1
- package/src/protocol/MessageExchange.ts +14 -0
- package/src/session/NodeSession.ts +1 -1
- package/src/session/SessionManager.ts +1 -0
- package/src/session/case/CaseClient.ts +34 -30
- package/src/session/case/CaseMessages.ts +8 -8
- package/src/session/case/CaseServer.ts +27 -23
- package/src/session/pase/PaseClient.ts +4 -1
- package/src/session/pase/PaseServer.ts +4 -1
- package/dist/cjs/groups/FabricGroupsManager.d.ts.map +0 -1
- package/dist/cjs/groups/FabricGroupsManager.js.map +0 -6
- package/dist/cjs/interaction/AccessControlManager.d.ts.map +0 -1
- package/dist/cjs/interaction/AccessControlManager.js.map +0 -6
- package/dist/esm/groups/FabricGroupsManager.d.ts.map +0 -1
- package/dist/esm/groups/FabricGroupsManager.js.map +0 -6
- package/dist/esm/interaction/AccessControlManager.d.ts.map +0 -1
- package/dist/esm/interaction/AccessControlManager.js.map +0 -6
|
@@ -41,14 +41,14 @@ class CaseClient {
|
|
|
41
41
|
async #doPair(messenger, exchange, fabric, peerNodeId) {
|
|
42
42
|
const initiatorRandom = Crypto.getRandom();
|
|
43
43
|
const initiatorSessionId = await this.#sessions.getNextAvailableSessionId();
|
|
44
|
-
const { operationalIdentityProtectionKey, operationalCert:
|
|
45
|
-
const
|
|
44
|
+
const { operationalIdentityProtectionKey, operationalCert: localNoc, intermediateCACert: localIcac } = fabric;
|
|
45
|
+
const localKey = await Crypto.createKeyPair();
|
|
46
46
|
let sigma1Bytes;
|
|
47
47
|
let resumed = false;
|
|
48
48
|
let resumptionRecord = this.#sessions.findResumptionRecordByAddress(fabric.addressOf(peerNodeId));
|
|
49
49
|
if (resumptionRecord !== void 0) {
|
|
50
50
|
const { sharedSecret, resumptionId } = resumptionRecord;
|
|
51
|
-
const resumeKey = await Crypto.
|
|
51
|
+
const resumeKey = await Crypto.createHkdfKey(
|
|
52
52
|
sharedSecret,
|
|
53
53
|
Bytes.concat(initiatorRandom, resumptionId),
|
|
54
54
|
KDFSR1_KEY_INFO
|
|
@@ -57,7 +57,7 @@ class CaseClient {
|
|
|
57
57
|
sigma1Bytes = await messenger.sendSigma1({
|
|
58
58
|
initiatorSessionId,
|
|
59
59
|
destinationId: await fabric.currentDestinationIdFor(peerNodeId, initiatorRandom),
|
|
60
|
-
initiatorEcdhPublicKey,
|
|
60
|
+
initiatorEcdhPublicKey: localKey.publicBits,
|
|
61
61
|
initiatorRandom,
|
|
62
62
|
resumptionId,
|
|
63
63
|
initiatorResumeMic,
|
|
@@ -67,7 +67,7 @@ class CaseClient {
|
|
|
67
67
|
sigma1Bytes = await messenger.sendSigma1({
|
|
68
68
|
initiatorSessionId,
|
|
69
69
|
destinationId: await fabric.currentDestinationIdFor(peerNodeId, initiatorRandom),
|
|
70
|
-
initiatorEcdhPublicKey,
|
|
70
|
+
initiatorEcdhPublicKey: localKey.publicBits,
|
|
71
71
|
initiatorRandom,
|
|
72
72
|
initiatorSessionParams: this.#sessions.sessionParameters
|
|
73
73
|
});
|
|
@@ -88,7 +88,7 @@ class CaseClient {
|
|
|
88
88
|
...resumptionSessionParams ?? {}
|
|
89
89
|
};
|
|
90
90
|
const resumeSalt = Bytes.concat(initiatorRandom, resumptionId);
|
|
91
|
-
const resumeKey = await Crypto.
|
|
91
|
+
const resumeKey = await Crypto.createHkdfKey(sharedSecret, resumeSalt, KDFSR2_KEY_INFO);
|
|
92
92
|
Crypto.decrypt(resumeKey, resumeMic, RESUME2_MIC_NONCE);
|
|
93
93
|
const secureSessionSalt = Bytes.concat(initiatorRandom, resumptionRecord.resumptionId);
|
|
94
94
|
secureSession = await this.#sessions.createSecureSession({
|
|
@@ -113,7 +113,7 @@ class CaseClient {
|
|
|
113
113
|
resumed = true;
|
|
114
114
|
} else {
|
|
115
115
|
const {
|
|
116
|
-
responderEcdhPublicKey:
|
|
116
|
+
responderEcdhPublicKey: peerKey,
|
|
117
117
|
encrypted: peerEncrypted,
|
|
118
118
|
responderRandom,
|
|
119
119
|
responderSessionId: peerSessionId,
|
|
@@ -123,32 +123,32 @@ class CaseClient {
|
|
|
123
123
|
...exchange.session.parameters,
|
|
124
124
|
...responderSessionParams ?? {}
|
|
125
125
|
};
|
|
126
|
-
const sharedSecret = await Crypto.
|
|
126
|
+
const sharedSecret = await Crypto.generateDhSecret(localKey, PublicKey(peerKey));
|
|
127
127
|
const sigma2Salt = Bytes.concat(
|
|
128
128
|
operationalIdentityProtectionKey,
|
|
129
129
|
responderRandom,
|
|
130
|
-
|
|
131
|
-
await Crypto.
|
|
130
|
+
peerKey,
|
|
131
|
+
await Crypto.computeSha256(sigma1Bytes)
|
|
132
132
|
);
|
|
133
|
-
const sigma2Key = await Crypto.
|
|
133
|
+
const sigma2Key = await Crypto.createHkdfKey(sharedSecret, sigma2Salt, KDFSR2_INFO);
|
|
134
134
|
const peerEncryptedData = Crypto.decrypt(sigma2Key, peerEncrypted, TBE_DATA2_NONCE);
|
|
135
135
|
const {
|
|
136
|
-
|
|
137
|
-
|
|
136
|
+
responderNoc: peerNoc,
|
|
137
|
+
responderIcac: peerIcac,
|
|
138
138
|
signature: peerSignature,
|
|
139
139
|
resumptionId: peerResumptionId
|
|
140
140
|
} = TlvEncryptedDataSigma2.decode(peerEncryptedData);
|
|
141
141
|
const peerSignatureData = TlvSignedData.encode({
|
|
142
|
-
|
|
143
|
-
|
|
144
|
-
|
|
145
|
-
|
|
142
|
+
responderNoc: peerNoc,
|
|
143
|
+
responderIcac: peerIcac,
|
|
144
|
+
responderPublicKey: peerKey,
|
|
145
|
+
initiatorPublicKey: localKey.publicBits
|
|
146
146
|
});
|
|
147
147
|
const {
|
|
148
148
|
ellipticCurvePublicKey: peerPublicKey,
|
|
149
149
|
subject: { fabricId: peerFabricIdNOCert, nodeId: peerNodeIdNOCert }
|
|
150
|
-
} = TlvOperationalCertificate.decode(
|
|
151
|
-
await Crypto.
|
|
150
|
+
} = TlvOperationalCertificate.decode(peerNoc);
|
|
151
|
+
await Crypto.verifyEcdsa(PublicKey(peerPublicKey), peerSignatureData, peerSignature);
|
|
152
152
|
if (peerNodeIdNOCert !== peerNodeId) {
|
|
153
153
|
throw new UnexpectedDataError(
|
|
154
154
|
`The node ID in the peer certificate ${peerNodeIdNOCert} doesn't match the expected peer node ID ${peerNodeId}`
|
|
@@ -159,37 +159,41 @@ class CaseClient {
|
|
|
159
159
|
`The fabric ID in the peer certificate ${peerFabricIdNOCert} doesn't match the expected fabric ID ${fabric.fabricId}`
|
|
160
160
|
);
|
|
161
161
|
}
|
|
162
|
-
if (
|
|
162
|
+
if (peerIcac !== void 0) {
|
|
163
163
|
const {
|
|
164
164
|
subject: { fabricId: peerFabricIdIcaCert }
|
|
165
|
-
} = TlvIntermediateCertificate.decode(
|
|
165
|
+
} = TlvIntermediateCertificate.decode(peerIcac);
|
|
166
166
|
if (peerFabricIdIcaCert !== void 0 && peerFabricIdIcaCert !== fabric.fabricId) {
|
|
167
167
|
throw new UnexpectedDataError(
|
|
168
168
|
`The fabric ID in the peer intermediate CA certificate ${peerFabricIdIcaCert} doesn't match the expected fabric ID ${fabric.fabricId}`
|
|
169
169
|
);
|
|
170
170
|
}
|
|
171
171
|
}
|
|
172
|
-
await fabric.verifyCredentials(
|
|
172
|
+
await fabric.verifyCredentials(peerNoc, peerIcac);
|
|
173
173
|
const sigma3Salt = Bytes.concat(
|
|
174
174
|
operationalIdentityProtectionKey,
|
|
175
|
-
await Crypto.
|
|
175
|
+
await Crypto.computeSha256([sigma1Bytes, sigma2Bytes])
|
|
176
176
|
);
|
|
177
|
-
const sigma3Key = await Crypto.
|
|
177
|
+
const sigma3Key = await Crypto.createHkdfKey(sharedSecret, sigma3Salt, KDFSR3_INFO);
|
|
178
178
|
const signatureData = TlvSignedData.encode({
|
|
179
|
-
|
|
180
|
-
|
|
181
|
-
|
|
182
|
-
|
|
179
|
+
responderNoc: localNoc,
|
|
180
|
+
responderIcac: localIcac,
|
|
181
|
+
responderPublicKey: localKey.publicBits,
|
|
182
|
+
initiatorPublicKey: peerKey
|
|
183
183
|
});
|
|
184
184
|
const signature = await fabric.sign(signatureData);
|
|
185
|
-
const encryptedData = TlvEncryptedDataSigma3.encode({
|
|
185
|
+
const encryptedData = TlvEncryptedDataSigma3.encode({
|
|
186
|
+
responderNoc: localNoc,
|
|
187
|
+
responderIcac: localIcac,
|
|
188
|
+
signature
|
|
189
|
+
});
|
|
186
190
|
const encrypted = Crypto.encrypt(sigma3Key, encryptedData, TBE_DATA3_NONCE);
|
|
187
191
|
const sigma3Bytes = await messenger.sendSigma3({ encrypted });
|
|
188
192
|
await messenger.waitForSuccess("Sigma3-Success");
|
|
189
193
|
const { caseAuthenticatedTags } = resumptionRecord ?? {};
|
|
190
194
|
const secureSessionSalt = Bytes.concat(
|
|
191
195
|
operationalIdentityProtectionKey,
|
|
192
|
-
await Crypto.
|
|
196
|
+
await Crypto.computeSha256([sigma1Bytes, sigma2Bytes, sigma3Bytes])
|
|
193
197
|
);
|
|
194
198
|
secureSession = await this.#sessions.createSecureSession({
|
|
195
199
|
sessionId: initiatorSessionId,
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../../../../src/session/case/CaseClient.ts"],
|
|
4
|
-
"mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;AAMA,SAAS,OAAO,QAAQ,QAAQ,WAAW,2BAA2B;AACtE,SAAS,kCAAkC;AAE3C,SAAS,QAAQ,0BAA0B;AAC3C,SAAS,4BAA4B,iCAAiC;AAGtE;AAAA,EACI;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACG;AACP,SAAS,2BAA2B;AAEpC,MAAM,SAAS,OAAO,IAAI,YAAY;AAE/B,MAAM,WAAW;AAAA,EACpB;AAAA,EAEA,YAAY,UAA0B;AAClC,SAAK,YAAY;AAAA,EACrB;AAAA,EAEA,MAAM,KAAK,UAA2B,QAAgB,YAAoB,0BAAmC;AACzG,UAAM,YAAY,IAAI,oBAAoB,UAAU,wBAAwB;AAE5E,QAAI;AACA,aAAO,MAAM,KAAK,QAAQ,WAAW,UAAU,QAAQ,UAAU;AAAA,IACrE,SAAS,OAAO;AACZ,UAAI,EAAE,iBAAiB,6BAA6B;AAChD,cAAM,UAAU,UAAU,mBAAmB,YAAY;AAAA,MAC7D;AACA,YAAM;AAAA,IACV;AAAA,EACJ;AAAA,EAEA,MAAM,QAAQ,WAAgC,UAA2B,QAAgB,YAAoB;AAEzG,UAAM,kBAAkB,OAAO,UAAU;AACzC,UAAM,qBAAqB,MAAM,KAAK,UAAU,0BAA0B;AAC1E,UAAM,EAAE,kCAAkC,iBAAiB,
|
|
4
|
+
"mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;AAMA,SAAS,OAAO,QAAQ,QAAQ,WAAW,2BAA2B;AACtE,SAAS,kCAAkC;AAE3C,SAAS,QAAQ,0BAA0B;AAC3C,SAAS,4BAA4B,iCAAiC;AAGtE;AAAA,EACI;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACG;AACP,SAAS,2BAA2B;AAEpC,MAAM,SAAS,OAAO,IAAI,YAAY;AAE/B,MAAM,WAAW;AAAA,EACpB;AAAA,EAEA,YAAY,UAA0B;AAClC,SAAK,YAAY;AAAA,EACrB;AAAA,EAEA,MAAM,KAAK,UAA2B,QAAgB,YAAoB,0BAAmC;AACzG,UAAM,YAAY,IAAI,oBAAoB,UAAU,wBAAwB;AAE5E,QAAI;AACA,aAAO,MAAM,KAAK,QAAQ,WAAW,UAAU,QAAQ,UAAU;AAAA,IACrE,SAAS,OAAO;AACZ,UAAI,EAAE,iBAAiB,6BAA6B;AAChD,cAAM,UAAU,UAAU,mBAAmB,YAAY;AAAA,MAC7D;AACA,YAAM;AAAA,IACV;AAAA,EACJ;AAAA,EAEA,MAAM,QAAQ,WAAgC,UAA2B,QAAgB,YAAoB;AAEzG,UAAM,kBAAkB,OAAO,UAAU;AACzC,UAAM,qBAAqB,MAAM,KAAK,UAAU,0BAA0B;AAC1E,UAAM,EAAE,kCAAkC,iBAAiB,UAAU,oBAAoB,UAAU,IAAI;AACvG,UAAM,WAAW,MAAM,OAAO,cAAc;AAG5C,QAAI;AACJ,QAAI,UAAU;AACd,QAAI,mBAAmB,KAAK,UAAU,8BAA8B,OAAO,UAAU,UAAU,CAAC;AAChG,QAAI,qBAAqB,QAAW;AAChC,YAAM,EAAE,cAAc,aAAa,IAAI;AACvC,YAAM,YAAY,MAAM,OAAO;AAAA,QAC3B;AAAA,QACA,MAAM,OAAO,iBAAiB,YAAY;AAAA,QAC1C;AAAA,MACJ;AACA,YAAM,qBAAqB,OAAO,QAAQ,WAAW,IAAI,WAAW,CAAC,GAAG,iBAAiB;AACzF,oBAAc,MAAM,UAAU,WAAW;AAAA,QACrC;AAAA,QACA,eAAe,MAAM,OAAO,wBAAwB,YAAY,eAAe;AAAA,QAC/E,wBAAwB,SAAS;AAAA,QACjC;AAAA,QACA;AAAA,QACA;AAAA,QACA,wBAAwB,KAAK,UAAU;AAAA,MAC3C,CAAC;AAAA,IACL,OAAO;AACH,oBAAc,MAAM,UAAU,WAAW;AAAA,QACrC;AAAA,QACA,eAAe,MAAM,OAAO,wBAAwB,YAAY,eAAe;AAAA,QAC/E,wBAAwB,SAAS;AAAA,QACjC;AAAA,QACA,wBAAwB,KAAK,UAAU;AAAA,MAC3C,CAAC;AAAA,IACL;AAEA,QAAI;AACJ,UAAM,EAAE,aAAa,QAAQ,aAAa,IAAI,MAAM,UAAU,WAAW;AACzE,QAAI,iBAAiB,QAAW;AAE5B,UAAI,qBAAqB,OAAW,OAAM,IAAI,oBAAoB,sCAAsC;AACxG,YAAM;AAAA,QACF;AAAA,QACA,QAAAA;AAAA,QACA,mBAAmB;AAAA,QACnB;AAAA,MACJ,IAAI;AACJ,YAAM,EAAE,oBAAoB,eAAe,cAAc,UAAU,IAAI;AAGvE,YAAM,oBAAoB;AAAA,QACtB,GAAG,SAAS,QAAQ;AAAA,QACpB,GAAI,2BAA2B,CAAC;AAAA,MACpC;AAEA,YAAM,aAAa,MAAM,OAAO,iBAAiB,YAAY;AAC7D,YAAM,YAAY,MAAM,OAAO,cAAc,cAAc,YAAY,eAAe;AACtF,aAAO,QAAQ,WAAW,WAAW,iBAAiB;AAEtD,YAAM,oBAAoB,MAAM,OAAO,iBAAiB,iBAAiB,YAAY;AACrF,sBAAgB,MAAM,KAAK,UAAU,oBAAoB;AAAA,QACrD,WAAW;AAAA,QACX,QAAAA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA,MAAM;AAAA,QACN,aAAa;AAAA,QACb,cAAc;AAAA,QACd,uBAAuB;AAAA,QACvB;AAAA,MACJ,CAAC;AACD,YAAM,UAAU,YAAY;AAC5B,aAAO;AAAA,QACH,wBAAwB,cAAc,EAAE,8BAA8B,UAAU,eAAe,CAAC,eAAe,OAAO,YAAYA,QAAO,MAAM,CAAC,WAAWA,QAAO,WAAW,kBAAkB,OAAO,YAAY,UAAU,CAAC;AAAA,QAC7N,cAAc,qBAAqB;AAAA,MACvC;AAEA,uBAAiB,eAAe;AAChC,uBAAiB,oBAAoB,cAAc;AACnD,gBAAU;AAAA,IACd,OAAO;AAEH,YAAM;AAAA,QACF,wBAAwB;AAAA,QACxB,WAAW;AAAA,QACX;AAAA,QACA,oBAAoB;AAAA,QACpB;AAAA,MACJ,IAAI;AAEJ,YAAM,oBAAoB;AAAA,QACtB,GAAG,SAAS,QAAQ;AAAA,QACpB,GAAI,0BAA0B,CAAC;AAAA,MACnC;AACA,YAAM,eAAe,MAAM,OAAO,iBAAiB,UAAU,UAAU,OAAO,CAAC;AAC/E,YAAM,aAAa,MAAM;AAAA,QACrB;AAAA,QACA;AAAA,QACA;AAAA,QACA,MAAM,OAAO,cAAc,WAAW;AAAA,MAC1C;AACA,YAAM,YAAY,MAAM,OAAO,cAAc,cAAc,YAAY,WAAW;AAClF,YAAM,oBAAoB,OAAO,QAAQ,WAAW,eAAe,eAAe;AAClF,YAAM;AAAA,QACF,cAAc;AAAA,QACd,eAAe;AAAA,QACf,WAAW;AAAA,QACX,cAAc;AAAA,MAClB,IAAI,uBAAuB,OAAO,iBAAiB;AACnD,YAAM,oBAAoB,cAAc,OAAO;AAAA,QAC3C,cAAc;AAAA,QACd,eAAe;AAAA,QACf,oBAAoB;AAAA,QACpB,oBAAoB,SAAS;AAAA,MACjC,CAAC;AACD,YAAM;AAAA,QACF,wBAAwB;AAAA,QACxB,SAAS,EAAE,UAAU,oBAAoB,QAAQ,iBAAiB;AAAA,MACtE,IAAI,0BAA0B,OAAO,OAAO;AAE5C,YAAM,OAAO,YAAY,UAAU,aAAa,GAAG,mBAAmB,aAAa;AAEnF,UAAI,qBAAqB,YAAY;AACjC,cAAM,IAAI;AAAA,UACN,uCAAuC,gBAAgB,4CAA4C,UAAU;AAAA,QACjH;AAAA,MACJ;AACA,UAAI,uBAAuB,OAAO,UAAU;AACxC,cAAM,IAAI;AAAA,UACN,yCAAyC,kBAAkB,yCAAyC,OAAO,QAAQ;AAAA,QACvH;AAAA,MACJ;AACA,UAAI,aAAa,QAAW;AACxB,cAAM;AAAA,UACF,SAAS,EAAE,UAAU,oBAAoB;AAAA,QAC7C,IAAI,2BAA2B,OAAO,QAAQ;AAE9C,YAAI,wBAAwB,UAAa,wBAAwB,OAAO,UAAU;AAC9E,gBAAM,IAAI;AAAA,YACN,yDAAyD,mBAAmB,yCAAyC,OAAO,QAAQ;AAAA,UACxI;AAAA,QACJ;AAAA,MACJ;AACA,YAAM,OAAO,kBAAkB,SAAS,QAAQ;AAGhD,YAAM,aAAa,MAAM;AAAA,QACrB;AAAA,QACA,MAAM,OAAO,cAAc,CAAC,aAAa,WAAW,CAAC;AAAA,MACzD;AACA,YAAM,YAAY,MAAM,OAAO,cAAc,cAAc,YAAY,WAAW;AAClF,YAAM,gBAAgB,cAAc,OAAO;AAAA,QACvC,cAAc;AAAA,QACd,eAAe;AAAA,QACf,oBAAoB,SAAS;AAAA,QAC7B,oBAAoB;AAAA,MACxB,CAAC;AACD,YAAM,YAAY,MAAM,OAAO,KAAK,aAAa;AACjD,YAAM,gBAAgB,uBAAuB,OAAO;AAAA,QAChD,cAAc;AAAA,QACd,eAAe;AAAA,QACf;AAAA,MACJ,CAAC;AACD,YAAM,YAAY,OAAO,QAAQ,WAAW,eAAe,eAAe;AAC1E,YAAM,cAAc,MAAM,UAAU,WAAW,EAAE,UAAU,CAAC;AAC5D,YAAM,UAAU,eAAe,gBAAgB;AAG/C,YAAM,EAAE,sBAAsB,IAAI,oBAAoB,CAAC;AACvD,YAAM,oBAAoB,MAAM;AAAA,QAC5B;AAAA,QACA,MAAM,OAAO,cAAc,CAAC,aAAa,aAAa,WAAW,CAAC;AAAA,MACtE;AACA,sBAAgB,MAAM,KAAK,UAAU,oBAAoB;AAAA,QACrD,WAAW;AAAA,QACX;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA,MAAM;AAAA,QACN,aAAa;AAAA,QACb,cAAc;AAAA,QACd,uBAAuB;AAAA,QACvB;AAAA,MACJ,CAAC;AACD,aAAO;AAAA,QACH,uBAAuB,cAAc,EAAE,kCAAkC,UAAU,eAAe,CAAC,eAAe,OAAO;AAAA,UACrH,OAAO;AAAA,QACX,CAAC,WAAW,OAAO,WAAW,kBAAkB,OAAO,YAAY,UAAU,CAAC;AAAA,QAC9E,cAAc,qBAAqB;AAAA,MACvC;AACA,yBAAmB;AAAA,QACf;AAAA,QACA;AAAA,QACA;AAAA,QACA,cAAc;AAAA,QACd,mBAAmB,cAAc;AAAA,QACjC;AAAA,MACJ;AAAA,IACJ;AAEA,UAAM,UAAU,MAAM;AACtB,UAAM,KAAK,UAAU,qBAAqB,gBAAgB;AAE1D,WAAO,EAAE,SAAS,eAAe,QAAQ;AAAA,EAC7C;AACJ;",
|
|
5
5
|
"names": ["fabric"]
|
|
6
6
|
}
|
|
@@ -76,22 +76,22 @@ export declare const TlvCaseSigma3: import("#types").ObjectSchema<{
|
|
|
76
76
|
}>;
|
|
77
77
|
/** @see {@link MatterSpecification.v10.Core} § 4.13.2.3 */
|
|
78
78
|
export declare const TlvSignedData: import("#types").ObjectSchema<{
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
79
|
+
responderNoc: import("#types").FieldType<Uint8Array<ArrayBufferLike>>;
|
|
80
|
+
responderIcac: import("#types").OptionalFieldType<Uint8Array<ArrayBufferLike>>;
|
|
81
|
+
responderPublicKey: import("#types").FieldType<Uint8Array<ArrayBufferLike>>;
|
|
82
|
+
initiatorPublicKey: import("#types").FieldType<Uint8Array<ArrayBufferLike>>;
|
|
83
83
|
}>;
|
|
84
84
|
/** @see {@link MatterSpecification.v10.Core} § 4.13.2.3 */
|
|
85
85
|
export declare const TlvEncryptedDataSigma2: import("#types").ObjectSchema<{
|
|
86
|
-
|
|
87
|
-
|
|
86
|
+
responderNoc: import("#types").FieldType<Uint8Array<ArrayBufferLike>>;
|
|
87
|
+
responderIcac: import("#types").OptionalFieldType<Uint8Array<ArrayBufferLike>>;
|
|
88
88
|
signature: import("#types").FieldType<Uint8Array<ArrayBufferLike>>;
|
|
89
89
|
resumptionId: import("#types").FieldType<Uint8Array<ArrayBufferLike>>;
|
|
90
90
|
}>;
|
|
91
91
|
/** @see {@link MatterSpecification.v10.Core} § 4.13.2.3 */
|
|
92
92
|
export declare const TlvEncryptedDataSigma3: import("#types").ObjectSchema<{
|
|
93
|
-
|
|
94
|
-
|
|
93
|
+
responderNoc: import("#types").FieldType<Uint8Array<ArrayBufferLike>>;
|
|
94
|
+
responderIcac: import("#types").OptionalFieldType<Uint8Array<ArrayBufferLike>>;
|
|
95
95
|
signature: import("#types").FieldType<Uint8Array<ArrayBufferLike>>;
|
|
96
96
|
}>;
|
|
97
97
|
//# sourceMappingURL=CaseMessages.d.ts.map
|
|
@@ -47,20 +47,20 @@ const TlvCaseSigma3 = TlvObject({
|
|
|
47
47
|
encrypted: TlvField(1, TlvByteString)
|
|
48
48
|
});
|
|
49
49
|
const TlvSignedData = TlvObject({
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
50
|
+
responderNoc: TlvField(1, TlvByteString),
|
|
51
|
+
responderIcac: TlvOptionalField(2, TlvByteString),
|
|
52
|
+
responderPublicKey: TlvField(3, TlvByteString.bound({ length: CRYPTO_PUBLIC_KEY_SIZE_BYTES })),
|
|
53
|
+
initiatorPublicKey: TlvField(4, TlvByteString.bound({ length: CRYPTO_PUBLIC_KEY_SIZE_BYTES }))
|
|
54
54
|
});
|
|
55
55
|
const TlvEncryptedDataSigma2 = TlvObject({
|
|
56
|
-
|
|
57
|
-
|
|
56
|
+
responderNoc: TlvField(1, TlvByteString),
|
|
57
|
+
responderIcac: TlvOptionalField(2, TlvByteString),
|
|
58
58
|
signature: TlvField(3, TlvByteString.bound({ length: CASE_SIGNATURE_LENGTH })),
|
|
59
59
|
resumptionId: TlvField(4, TlvByteString.bound({ length: 16 }))
|
|
60
60
|
});
|
|
61
61
|
const TlvEncryptedDataSigma3 = TlvObject({
|
|
62
|
-
|
|
63
|
-
|
|
62
|
+
responderNoc: TlvField(1, TlvByteString),
|
|
63
|
+
responderIcac: TlvOptionalField(2, TlvByteString),
|
|
64
64
|
signature: TlvField(3, TlvByteString.bound({ length: CASE_SIGNATURE_LENGTH }))
|
|
65
65
|
});
|
|
66
66
|
export {
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../../../../src/session/case/CaseMessages.ts"],
|
|
4
|
-
"mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;AAKA;AAAA,EACI;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACG;AACP,SAAS,eAAe,UAAU,WAAW,kBAAkB,iBAAiB;AAChF,SAAS,4BAA4B;AAErC,MAAM,wBAAwB,0BAA0B;AAEjD,MAAM,kBAAkB,MAAM,WAAW,eAAe;AACxD,MAAM,kBAAkB,MAAM,WAAW,eAAe;AACxD,MAAM,oBAAoB,MAAM,WAAW,eAAe;AAC1D,MAAM,oBAAoB,MAAM,WAAW,eAAe;AAC1D,MAAM,cAAc,MAAM,WAAW,QAAQ;AAC7C,MAAM,cAAc,MAAM,WAAW,QAAQ;AAC7C,MAAM,kBAAkB,MAAM,WAAW,eAAe;AACxD,MAAM,kBAAkB,MAAM,WAAW,eAAe;AAGxD,MAAM,gBAAgB,UAAU;AAAA,EACnC,iBAAiB,SAAS,GAAG,cAAc,MAAM,EAAE,QAAQ,GAAG,CAAC,CAAC;AAAA,EAChE,oBAAoB,SAAS,GAAG,SAAS;AAAA,EACzC,eAAe,SAAS,GAAG,cAAc,MAAM,EAAE,QAAQ,sBAAsB,CAAC,CAAC;AAAA,EACjF,wBAAwB,SAAS,GAAG,cAAc,MAAM,EAAE,QAAQ,6BAA6B,CAAC,CAAC;AAAA,EACjG,wBAAwB,iBAAiB,GAAG,oBAAoB;AAAA,EAChE,cAAc,iBAAiB,GAAG,cAAc,MAAM,EAAE,QAAQ,GAAG,CAAC,CAAC;AAAA,EACrE,oBAAoB,iBAAiB,GAAG,cAAc,MAAM,EAAE,QAAQ,6BAA6B,CAAC,CAAC;AACzG,CAAC;AAGM,MAAM,gBAAgB,UAAU;AAAA,EACnC,iBAAiB,SAAS,GAAG,cAAc,MAAM,EAAE,QAAQ,GAAG,CAAC,CAAC;AAAA,EAChE,oBAAoB,SAAS,GAAG,SAAS;AAAA,EACzC,wBAAwB,SAAS,GAAG,cAAc,MAAM,EAAE,QAAQ,6BAA6B,CAAC,CAAC;AAAA,EACjG,WAAW,SAAS,GAAG,aAAa;AAAA,EACpC,wBAAwB,iBAAiB,GAAG,oBAAoB;AACpE,CAAC;AAGM,MAAM,sBAAsB,UAAU;AAAA,EACzC,cAAc,SAAS,GAAG,cAAc,MAAM,EAAE,QAAQ,GAAG,CAAC,CAAC;AAAA,EAC7D,WAAW,SAAS,GAAG,cAAc,MAAM,EAAE,QAAQ,GAAG,CAAC,CAAC;AAAA,EAC1D,oBAAoB,SAAS,GAAG,SAAS;AAAA,EACzC,wBAAwB,iBAAiB,GAAG,oBAAoB;AACpE,CAAC;AAGM,MAAM,gBAAgB,UAAU;AAAA,EACnC,WAAW,SAAS,GAAG,aAAa;AACxC,CAAC;AAGM,MAAM,gBAAgB,UAAU;AAAA,EACnC,
|
|
4
|
+
"mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;AAKA;AAAA,EACI;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACG;AACP,SAAS,eAAe,UAAU,WAAW,kBAAkB,iBAAiB;AAChF,SAAS,4BAA4B;AAErC,MAAM,wBAAwB,0BAA0B;AAEjD,MAAM,kBAAkB,MAAM,WAAW,eAAe;AACxD,MAAM,kBAAkB,MAAM,WAAW,eAAe;AACxD,MAAM,oBAAoB,MAAM,WAAW,eAAe;AAC1D,MAAM,oBAAoB,MAAM,WAAW,eAAe;AAC1D,MAAM,cAAc,MAAM,WAAW,QAAQ;AAC7C,MAAM,cAAc,MAAM,WAAW,QAAQ;AAC7C,MAAM,kBAAkB,MAAM,WAAW,eAAe;AACxD,MAAM,kBAAkB,MAAM,WAAW,eAAe;AAGxD,MAAM,gBAAgB,UAAU;AAAA,EACnC,iBAAiB,SAAS,GAAG,cAAc,MAAM,EAAE,QAAQ,GAAG,CAAC,CAAC;AAAA,EAChE,oBAAoB,SAAS,GAAG,SAAS;AAAA,EACzC,eAAe,SAAS,GAAG,cAAc,MAAM,EAAE,QAAQ,sBAAsB,CAAC,CAAC;AAAA,EACjF,wBAAwB,SAAS,GAAG,cAAc,MAAM,EAAE,QAAQ,6BAA6B,CAAC,CAAC;AAAA,EACjG,wBAAwB,iBAAiB,GAAG,oBAAoB;AAAA,EAChE,cAAc,iBAAiB,GAAG,cAAc,MAAM,EAAE,QAAQ,GAAG,CAAC,CAAC;AAAA,EACrE,oBAAoB,iBAAiB,GAAG,cAAc,MAAM,EAAE,QAAQ,6BAA6B,CAAC,CAAC;AACzG,CAAC;AAGM,MAAM,gBAAgB,UAAU;AAAA,EACnC,iBAAiB,SAAS,GAAG,cAAc,MAAM,EAAE,QAAQ,GAAG,CAAC,CAAC;AAAA,EAChE,oBAAoB,SAAS,GAAG,SAAS;AAAA,EACzC,wBAAwB,SAAS,GAAG,cAAc,MAAM,EAAE,QAAQ,6BAA6B,CAAC,CAAC;AAAA,EACjG,WAAW,SAAS,GAAG,aAAa;AAAA,EACpC,wBAAwB,iBAAiB,GAAG,oBAAoB;AACpE,CAAC;AAGM,MAAM,sBAAsB,UAAU;AAAA,EACzC,cAAc,SAAS,GAAG,cAAc,MAAM,EAAE,QAAQ,GAAG,CAAC,CAAC;AAAA,EAC7D,WAAW,SAAS,GAAG,cAAc,MAAM,EAAE,QAAQ,GAAG,CAAC,CAAC;AAAA,EAC1D,oBAAoB,SAAS,GAAG,SAAS;AAAA,EACzC,wBAAwB,iBAAiB,GAAG,oBAAoB;AACpE,CAAC;AAGM,MAAM,gBAAgB,UAAU;AAAA,EACnC,WAAW,SAAS,GAAG,aAAa;AACxC,CAAC;AAGM,MAAM,gBAAgB,UAAU;AAAA,EACnC,cAAc,SAAS,GAAG,aAAa;AAAA,EACvC,eAAe,iBAAiB,GAAG,aAAa;AAAA,EAChD,oBAAoB,SAAS,GAAG,cAAc,MAAM,EAAE,QAAQ,6BAA6B,CAAC,CAAC;AAAA,EAC7F,oBAAoB,SAAS,GAAG,cAAc,MAAM,EAAE,QAAQ,6BAA6B,CAAC,CAAC;AACjG,CAAC;AAGM,MAAM,yBAAyB,UAAU;AAAA,EAC5C,cAAc,SAAS,GAAG,aAAa;AAAA,EACvC,eAAe,iBAAiB,GAAG,aAAa;AAAA,EAChD,WAAW,SAAS,GAAG,cAAc,MAAM,EAAE,QAAQ,sBAAsB,CAAC,CAAC;AAAA,EAC7E,cAAc,SAAS,GAAG,cAAc,MAAM,EAAE,QAAQ,GAAG,CAAC,CAAC;AACjE,CAAC;AAGM,MAAM,yBAAyB,UAAU;AAAA,EAC5C,cAAc,SAAS,GAAG,aAAa;AAAA,EACvC,eAAe,iBAAiB,GAAG,aAAa;AAAA,EAChD,WAAW,SAAS,GAAG,cAAc,MAAM,EAAE,QAAQ,sBAAsB,CAAC,CAAC;AACjF,CAAC;",
|
|
5
5
|
"names": []
|
|
6
6
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"CaseServer.d.ts","sourceRoot":"","sources":["../../../../src/session/case/CaseServer.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,OAAO,EAAoB,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAG9E,OAAO,EAAE,aAAa,EAAuB,MAAM,+BAA+B,CAAC;AACnF,OAAO,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AACpE,OAAO,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AAoBpE,qBAAa,UAAW,YAAW,eAAe;;IAC9C,QAAQ,CAAC,EAAE,KAA8B;IACzC,QAAQ,CAAC,qBAAqB,SAAS;gBAK3B,QAAQ,EAAE,cAAc,EAAE,OAAO,EAAE,aAAa;IAKtD,aAAa,CAAC,QAAQ,EAAE,eAAe;
|
|
1
|
+
{"version":3,"file":"CaseServer.d.ts","sourceRoot":"","sources":["../../../../src/session/case/CaseServer.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,OAAO,EAAoB,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAG9E,OAAO,EAAE,aAAa,EAAuB,MAAM,+BAA+B,CAAC;AACnF,OAAO,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AACpE,OAAO,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AAoBpE,qBAAa,UAAW,YAAW,eAAe;;IAC9C,QAAQ,CAAC,EAAE,KAA8B;IACzC,QAAQ,CAAC,qBAAqB,SAAS;gBAK3B,QAAQ,EAAE,cAAc,EAAE,OAAO,EAAE,aAAa;IAKtD,aAAa,CAAC,QAAQ,EAAE,eAAe;IA4PvC,KAAK;CAGd"}
|
|
@@ -70,7 +70,7 @@ class CaseServer {
|
|
|
70
70
|
return false;
|
|
71
71
|
}
|
|
72
72
|
const { sharedSecret, fabric, peerNodeId, caseAuthenticatedTags } = cx.resumptionRecord;
|
|
73
|
-
const peerResumeKey = await Crypto.
|
|
73
|
+
const peerResumeKey = await Crypto.createHkdfKey(
|
|
74
74
|
sharedSecret,
|
|
75
75
|
Bytes.concat(cx.peerRandom, cx.peerResumptionId),
|
|
76
76
|
KDFSR1_KEY_INFO
|
|
@@ -97,7 +97,7 @@ class CaseServer {
|
|
|
97
97
|
caseAuthenticatedTags
|
|
98
98
|
});
|
|
99
99
|
const resumeSalt = Bytes.concat(cx.peerRandom, cx.localResumptionId);
|
|
100
|
-
const resumeKey = await Crypto.
|
|
100
|
+
const resumeKey = await Crypto.createHkdfKey(sharedSecret, resumeSalt, KDFSR2_KEY_INFO);
|
|
101
101
|
const resumeMic = Crypto.encrypt(resumeKey, new Uint8Array(0), RESUME2_MIC_NONCE);
|
|
102
102
|
try {
|
|
103
103
|
await cx.messenger.sendSigma2Resume({
|
|
@@ -135,26 +135,26 @@ class CaseServer {
|
|
|
135
135
|
const responderRandom = Crypto.getRandom();
|
|
136
136
|
const fabric = await this.#fabrics.findFabricFromDestinationId(cx.destinationId, cx.peerRandom);
|
|
137
137
|
const { operationalCert: nodeOpCert, intermediateCACert, operationalIdentityProtectionKey } = fabric;
|
|
138
|
-
const
|
|
139
|
-
|
|
140
|
-
);
|
|
138
|
+
const key = await Crypto.createKeyPair();
|
|
139
|
+
const responderEcdhPublicKey = key.publicBits;
|
|
140
|
+
const sharedSecret = await Crypto.generateDhSecret(key, PublicKey(cx.peerEcdhPublicKey));
|
|
141
141
|
const sigma2Salt = Bytes.concat(
|
|
142
142
|
operationalIdentityProtectionKey,
|
|
143
143
|
responderRandom,
|
|
144
144
|
responderEcdhPublicKey,
|
|
145
|
-
await Crypto.
|
|
145
|
+
await Crypto.computeSha256(cx.bytes)
|
|
146
146
|
);
|
|
147
|
-
const sigma2Key = await Crypto.
|
|
147
|
+
const sigma2Key = await Crypto.createHkdfKey(sharedSecret, sigma2Salt, KDFSR2_INFO);
|
|
148
148
|
const signatureData = TlvSignedData.encode({
|
|
149
|
-
nodeOpCert,
|
|
150
|
-
intermediateCACert,
|
|
151
|
-
|
|
152
|
-
|
|
149
|
+
responderNoc: nodeOpCert,
|
|
150
|
+
responderIcac: intermediateCACert,
|
|
151
|
+
responderPublicKey: responderEcdhPublicKey,
|
|
152
|
+
initiatorPublicKey: cx.peerEcdhPublicKey
|
|
153
153
|
});
|
|
154
154
|
const signature = await fabric.sign(signatureData);
|
|
155
155
|
const encryptedData = TlvEncryptedDataSigma2.encode({
|
|
156
|
-
nodeOpCert,
|
|
157
|
-
intermediateCACert,
|
|
156
|
+
responderNoc: nodeOpCert,
|
|
157
|
+
responderIcac: intermediateCACert,
|
|
158
158
|
signature,
|
|
159
159
|
resumptionId: cx.localResumptionId
|
|
160
160
|
});
|
|
@@ -172,20 +172,23 @@ class CaseServer {
|
|
|
172
172
|
sigma3Bytes,
|
|
173
173
|
sigma3: { encrypted: peerEncrypted }
|
|
174
174
|
} = await cx.messenger.readSigma3();
|
|
175
|
-
const sigma3Salt = Bytes.concat(
|
|
176
|
-
|
|
175
|
+
const sigma3Salt = Bytes.concat(
|
|
176
|
+
operationalIdentityProtectionKey,
|
|
177
|
+
await Crypto.computeSha256([cx.bytes, sigma2Bytes])
|
|
178
|
+
);
|
|
179
|
+
const sigma3Key = await Crypto.createHkdfKey(sharedSecret, sigma3Salt, KDFSR3_INFO);
|
|
177
180
|
const peerDecryptedData = Crypto.decrypt(sigma3Key, peerEncrypted, TBE_DATA3_NONCE);
|
|
178
181
|
const {
|
|
179
|
-
|
|
180
|
-
|
|
182
|
+
responderNoc: peerNewOpCert,
|
|
183
|
+
responderIcac: peerIntermediateCACert,
|
|
181
184
|
signature: peerSignature
|
|
182
185
|
} = TlvEncryptedDataSigma3.decode(peerDecryptedData);
|
|
183
186
|
await fabric.verifyCredentials(peerNewOpCert, peerIntermediateCACert);
|
|
184
187
|
const peerSignatureData = TlvSignedData.encode({
|
|
185
|
-
|
|
186
|
-
|
|
187
|
-
|
|
188
|
-
|
|
188
|
+
responderNoc: peerNewOpCert,
|
|
189
|
+
responderIcac: peerIntermediateCACert,
|
|
190
|
+
responderPublicKey: cx.peerEcdhPublicKey,
|
|
191
|
+
initiatorPublicKey: responderEcdhPublicKey
|
|
189
192
|
});
|
|
190
193
|
const {
|
|
191
194
|
ellipticCurvePublicKey: peerPublicKey,
|
|
@@ -194,10 +197,10 @@ class CaseServer {
|
|
|
194
197
|
if (fabric.fabricId !== peerFabricId) {
|
|
195
198
|
throw new UnexpectedDataError(`Fabric ID mismatch: ${fabric.fabricId} !== ${peerFabricId}`);
|
|
196
199
|
}
|
|
197
|
-
await Crypto.
|
|
200
|
+
await Crypto.verifyEcdsa(PublicKey(peerPublicKey), peerSignatureData, peerSignature);
|
|
198
201
|
const secureSessionSalt = Bytes.concat(
|
|
199
202
|
operationalIdentityProtectionKey,
|
|
200
|
-
await Crypto.
|
|
203
|
+
await Crypto.computeSha256([cx.bytes, sigma2Bytes, sigma3Bytes])
|
|
201
204
|
);
|
|
202
205
|
const secureSession = await this.#sessions.createSecureSession({
|
|
203
206
|
sessionId: responderSessionId,
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../../../../src/session/case/CaseServer.ts"],
|
|
4
|
-
"mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;AAMA,SAAS,OAAO,QAAQ,oBAAoB,QAAQ,WAAW,2BAA2B;AAG1F,SAAS,QAAQ,oBAAoB,kCAAkD;AACvF,SAAS,iCAAiC;AAC1C,SAAwB,2BAA2B;AAGnD,SAAS,kCAAkC;AAC3C;AAAA,EACI;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA,OACG;AACP,SAAS,2BAA2B;AAEpC,MAAM,SAAS,OAAO,IAAI,YAAY;AAE/B,MAAM,WAAsC;AAAA,EACtC,KAAK;AAAA,EACL,wBAAwB;AAAA,EAEjC;AAAA,EACA;AAAA,EAEA,YAAY,UAA0B,SAAwB;AAC1D,SAAK,YAAY;AACjB,SAAK,WAAW;AAAA,EACpB;AAAA,EAEA,MAAM,cAAc,UAA2B;AAC3C,UAAM,YAAY,IAAI,oBAAoB,QAAQ;AAClD,QAAI;AACA,YAAM,KAAK,cAAc,SAAS;AAAA,IACtC,SAAS,OAAO;AACZ,aAAO,MAAM,8CAA8C,KAAK;AAEhE,UAAI,iBAAiB,qBAAqB;AACtC,cAAM,UAAU,UAAU,mBAAmB,kBAAkB;AAAA,MACnE,WAES,EAAE,iBAAiB,6BAA6B;AACrD,cAAM,UAAU,UAAU,mBAAmB,YAAY;AAAA,MAC7D;AAAA,IACJ,UAAE;AAEE,YAAM,SAAS,QAAQ,QAAQ;AAAA,IACnC;AAAA,EACJ;AAAA,EAEA,MAAM,cAAc,WAAgC;AAChD,WAAO,KAAK,iCAAiC,UAAU,eAAe,CAAC,EAAE;AAGzE,UAAM,EAAE,aAAa,OAAO,IAAI,MAAM,UAAU,WAAW;AAC3D,UAAM,mBACF,OAAO,iBAAiB,UAAa,OAAO,uBAAuB,SAC7D,KAAK,UAAU,yBAAyB,OAAO,YAAY,IAC3D;AAEV,UAAM,UAAU,IAAI,cAAc,WAAW,aAAa,QAAQ,gBAAgB;AAGlF,QAAI,MAAM,KAAK,QAAQ,OAAO,GAAG;AAC7B;AAAA,IACJ;AAGA,QAAI,MAAM,KAAK,gBAAgB,OAAO,GAAG;AACrC;AAAA,IACJ;AAEA,WAAO;AAAA,MACH,qDAAqD,UAAU,eAAe,CAAC;AAAA,MAC/E,QAAQ;AAAA,MACR,QAAQ;AAAA,IACZ;AAEA,UAAM,IAAI,oBAAoB,sCAAsC;AAAA,EACxE;AAAA,EAEA,MAAM,QAAQ,IAAmB;AAC7B,QAAI,GAAG,qBAAqB,UAAa,GAAG,kBAAkB,UAAa,GAAG,qBAAqB,QAAW;AAC1G,aAAO;AAAA,IACX;AAEA,UAAM,EAAE,cAAc,QAAQ,YAAY,sBAAsB,IAAI,GAAG;AACvE,UAAM,gBAAgB,MAAM,OAAO;AAAA,MAC/B;AAAA,MACA,MAAM,OAAO,GAAG,YAAY,GAAG,gBAAgB;AAAA,MAC/C;AAAA,IACJ;AAEA,QAAI;AACA,aAAO,QAAQ,eAAe,GAAG,eAAe,iBAAiB;AAAA,IACrE,SAAS,GAAG;AACR,yBAAmB,OAAO,CAAC;AAG3B,SAAG,mBAAmB,GAAG,gBAAgB;AAEzC,aAAO;AAAA,IACX;AAGA,UAAM,qBAAqB,MAAM,KAAK,UAAU,0BAA0B;AAC1E,UAAM,oBAAoB,MAAM,OAAO,GAAG,YAAY,GAAG,gBAAgB;AACzE,UAAM,gBAAgB,MAAM,KAAK,UAAU,oBAAoB;AAAA,MAC3D,WAAW;AAAA,MACX;AAAA,MACA;AAAA,MACA,eAAe,GAAG;AAAA,MAClB;AAAA,MACA,MAAM;AAAA,MACN,aAAa;AAAA,MACb,cAAc;AAAA,MACd,uBAAuB,GAAG;AAAA,MAC1B;AAAA,IACJ,CAAC;AAGD,UAAM,aAAa,MAAM,OAAO,GAAG,YAAY,GAAG,iBAAiB;AACnE,UAAM,YAAY,MAAM,OAAO,
|
|
4
|
+
"mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;AAMA,SAAS,OAAO,QAAQ,oBAAoB,QAAQ,WAAW,2BAA2B;AAG1F,SAAS,QAAQ,oBAAoB,kCAAkD;AACvF,SAAS,iCAAiC;AAC1C,SAAwB,2BAA2B;AAGnD,SAAS,kCAAkC;AAC3C;AAAA,EACI;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA,OACG;AACP,SAAS,2BAA2B;AAEpC,MAAM,SAAS,OAAO,IAAI,YAAY;AAE/B,MAAM,WAAsC;AAAA,EACtC,KAAK;AAAA,EACL,wBAAwB;AAAA,EAEjC;AAAA,EACA;AAAA,EAEA,YAAY,UAA0B,SAAwB;AAC1D,SAAK,YAAY;AACjB,SAAK,WAAW;AAAA,EACpB;AAAA,EAEA,MAAM,cAAc,UAA2B;AAC3C,UAAM,YAAY,IAAI,oBAAoB,QAAQ;AAClD,QAAI;AACA,YAAM,KAAK,cAAc,SAAS;AAAA,IACtC,SAAS,OAAO;AACZ,aAAO,MAAM,8CAA8C,KAAK;AAEhE,UAAI,iBAAiB,qBAAqB;AACtC,cAAM,UAAU,UAAU,mBAAmB,kBAAkB;AAAA,MACnE,WAES,EAAE,iBAAiB,6BAA6B;AACrD,cAAM,UAAU,UAAU,mBAAmB,YAAY;AAAA,MAC7D;AAAA,IACJ,UAAE;AAEE,YAAM,SAAS,QAAQ,QAAQ;AAAA,IACnC;AAAA,EACJ;AAAA,EAEA,MAAM,cAAc,WAAgC;AAChD,WAAO,KAAK,iCAAiC,UAAU,eAAe,CAAC,EAAE;AAGzE,UAAM,EAAE,aAAa,OAAO,IAAI,MAAM,UAAU,WAAW;AAC3D,UAAM,mBACF,OAAO,iBAAiB,UAAa,OAAO,uBAAuB,SAC7D,KAAK,UAAU,yBAAyB,OAAO,YAAY,IAC3D;AAEV,UAAM,UAAU,IAAI,cAAc,WAAW,aAAa,QAAQ,gBAAgB;AAGlF,QAAI,MAAM,KAAK,QAAQ,OAAO,GAAG;AAC7B;AAAA,IACJ;AAGA,QAAI,MAAM,KAAK,gBAAgB,OAAO,GAAG;AACrC;AAAA,IACJ;AAEA,WAAO;AAAA,MACH,qDAAqD,UAAU,eAAe,CAAC;AAAA,MAC/E,QAAQ;AAAA,MACR,QAAQ;AAAA,IACZ;AAEA,UAAM,IAAI,oBAAoB,sCAAsC;AAAA,EACxE;AAAA,EAEA,MAAM,QAAQ,IAAmB;AAC7B,QAAI,GAAG,qBAAqB,UAAa,GAAG,kBAAkB,UAAa,GAAG,qBAAqB,QAAW;AAC1G,aAAO;AAAA,IACX;AAEA,UAAM,EAAE,cAAc,QAAQ,YAAY,sBAAsB,IAAI,GAAG;AACvE,UAAM,gBAAgB,MAAM,OAAO;AAAA,MAC/B;AAAA,MACA,MAAM,OAAO,GAAG,YAAY,GAAG,gBAAgB;AAAA,MAC/C;AAAA,IACJ;AAEA,QAAI;AACA,aAAO,QAAQ,eAAe,GAAG,eAAe,iBAAiB;AAAA,IACrE,SAAS,GAAG;AACR,yBAAmB,OAAO,CAAC;AAG3B,SAAG,mBAAmB,GAAG,gBAAgB;AAEzC,aAAO;AAAA,IACX;AAGA,UAAM,qBAAqB,MAAM,KAAK,UAAU,0BAA0B;AAC1E,UAAM,oBAAoB,MAAM,OAAO,GAAG,YAAY,GAAG,gBAAgB;AACzE,UAAM,gBAAgB,MAAM,KAAK,UAAU,oBAAoB;AAAA,MAC3D,WAAW;AAAA,MACX;AAAA,MACA;AAAA,MACA,eAAe,GAAG;AAAA,MAClB;AAAA,MACA,MAAM;AAAA,MACN,aAAa;AAAA,MACb,cAAc;AAAA,MACd,uBAAuB,GAAG;AAAA,MAC1B;AAAA,IACJ,CAAC;AAGD,UAAM,aAAa,MAAM,OAAO,GAAG,YAAY,GAAG,iBAAiB;AACnE,UAAM,YAAY,MAAM,OAAO,cAAc,cAAc,YAAY,eAAe;AACtF,UAAM,YAAY,OAAO,QAAQ,WAAW,IAAI,WAAW,CAAC,GAAG,iBAAiB;AAChF,QAAI;AACA,YAAM,GAAG,UAAU,iBAAiB;AAAA,QAChC,cAAc,GAAG;AAAA,QACjB;AAAA,QACA;AAAA,QACA,wBAAwB,KAAK,UAAU;AAAA;AAAA,MAC3C,CAAC;AAAA,IACL,SAAS,OAAO;AAEZ,YAAM,cAAc,QAAQ,KAAK;AACjC,YAAM;AAAA,IACV;AAEA,WAAO;AAAA,MACH,WAAW,cAAc,EAAE,iBAAiB,GAAG,UAAU,eAAe,CAAC,eAAe,OAAO;AAAA,QAC3F,OAAO;AAAA,MACX,CAAC,WAAW,OAAO,WAAW,kBAAkB,OAAO,YAAY,UAAU,CAAC;AAAA,MAC9E;AAAA,MACA;AAAA,IACJ;AACA,OAAG,iBAAiB,eAAe,GAAG;AAGtC,UAAM,GAAG,UAAU,eAAe,sBAAsB;AAExD,UAAM,GAAG,UAAU,MAAM;AACzB,UAAM,KAAK,UAAU,qBAAqB,GAAG,gBAAgB;AAE7D,WAAO;AAAA,EACX;AAAA,EAEA,MAAM,gBAAgB,IAAmB;AACrC;AAAA;AAAA,MAEI,EAAE,GAAG,qBAAqB,UAAa,GAAG,kBAAkB;AAAA,MAE5D,EAAE,GAAG,qBAAqB,UAAa,GAAG,kBAAkB,UAAa,GAAG,qBAAqB;AAAA,MACnG;AACE,aAAO;AAAA,IACX;AAGA,UAAM,kBAAkB,OAAO,UAAU;AAGzC,UAAM,SAAS,MAAM,KAAK,SAAS,4BAA4B,GAAG,eAAe,GAAG,UAAU;AAC9F,UAAM,EAAE,iBAAiB,YAAY,oBAAoB,iCAAiC,IAAI;AAC9F,UAAM,MAAM,MAAM,OAAO,cAAc;AACvC,UAAM,yBAAyB,IAAI;AACnC,UAAM,eAAe,MAAM,OAAO,iBAAiB,KAAK,UAAU,GAAG,iBAAiB,CAAC;AAEvF,UAAM,aAAa,MAAM;AAAA,MACrB;AAAA,MACA;AAAA,MACA;AAAA,MACA,MAAM,OAAO,cAAc,GAAG,KAAK;AAAA,IACvC;AACA,UAAM,YAAY,MAAM,OAAO,cAAc,cAAc,YAAY,WAAW;AAClF,UAAM,gBAAgB,cAAc,OAAO;AAAA,MACvC,cAAc;AAAA,MACd,eAAe;AAAA,MACf,oBAAoB;AAAA,MACpB,oBAAoB,GAAG;AAAA,IAC3B,CAAC;AACD,UAAM,YAAY,MAAM,OAAO,KAAK,aAAa;AACjD,UAAM,gBAAgB,uBAAuB,OAAO;AAAA,MAChD,cAAc;AAAA,MACd,eAAe;AAAA,MACf;AAAA,MACA,cAAc,GAAG;AAAA,IACrB,CAAC;AACD,UAAM,YAAY,OAAO,QAAQ,WAAW,eAAe,eAAe;AAC1E,UAAM,qBAAqB,MAAM,KAAK,UAAU,0BAA0B;AAC1E,UAAM,cAAc,MAAM,GAAG,UAAU,WAAW;AAAA,MAC9C;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA,wBAAwB,KAAK,UAAU;AAAA;AAAA,IAC3C,CAAC;AAGD,UAAM;AAAA,MACF;AAAA,MACA,QAAQ,EAAE,WAAW,cAAc;AAAA,IACvC,IAAI,MAAM,GAAG,UAAU,WAAW;AAClC,UAAM,aAAa,MAAM;AAAA,MACrB;AAAA,MACA,MAAM,OAAO,cAAc,CAAC,GAAG,OAAO,WAAW,CAAC;AAAA,IACtD;AACA,UAAM,YAAY,MAAM,OAAO,cAAc,cAAc,YAAY,WAAW;AAClF,UAAM,oBAAoB,OAAO,QAAQ,WAAW,eAAe,eAAe;AAClF,UAAM;AAAA,MACF,cAAc;AAAA,MACd,eAAe;AAAA,MACf,WAAW;AAAA,IACf,IAAI,uBAAuB,OAAO,iBAAiB;AAEnD,UAAM,OAAO,kBAAkB,eAAe,sBAAsB;AAEpE,UAAM,oBAAoB,cAAc,OAAO;AAAA,MAC3C,cAAc;AAAA,MACd,eAAe;AAAA,MACf,oBAAoB,GAAG;AAAA,MACvB,oBAAoB;AAAA,IACxB,CAAC;AACD,UAAM;AAAA,MACF,wBAAwB;AAAA,MACxB,SAAS,EAAE,UAAU,cAAc,QAAQ,YAAY,sBAAsB;AAAA,IACjF,IAAI,0BAA0B,OAAO,aAAa;AAElD,QAAI,OAAO,aAAa,cAAc;AAClC,YAAM,IAAI,oBAAoB,uBAAuB,OAAO,QAAQ,QAAQ,YAAY,EAAE;AAAA,IAC9F;AAEA,UAAM,OAAO,YAAY,UAAU,aAAa,GAAG,mBAAmB,aAAa;AAGnF,UAAM,oBAAoB,MAAM;AAAA,MAC5B;AAAA,MACA,MAAM,OAAO,cAAc,CAAC,GAAG,OAAO,aAAa,WAAW,CAAC;AAAA,IACnE;AACA,UAAM,gBAAgB,MAAM,KAAK,UAAU,oBAAoB;AAAA,MAC3D,WAAW;AAAA,MACX;AAAA,MACA;AAAA,MACA,eAAe,GAAG;AAAA,MAClB;AAAA,MACA,MAAM;AAAA,MACN,aAAa;AAAA,MACb,cAAc;AAAA,MACd,uBAAuB,GAAG;AAAA,MAC1B;AAAA,IACJ,CAAC;AACD,WAAO;AAAA,MACH,WAAW,cAAc,EAAE,iBAAiB,GAAG,UAAU,eAAe,CAAC,eAAe,OAAO;AAAA,QAC3F,OAAO;AAAA,MACX,CAAC,WAAW,OAAO,WAAW,kBAAkB,OAAO,YAAY,UAAU,CAAC;AAAA,MAC9E;AAAA,MACA;AAAA,IACJ;AACA,UAAM,GAAG,UAAU,YAAY;AAE/B,UAAM,mBAAmB;AAAA,MACrB;AAAA,MACA;AAAA,MACA;AAAA,MACA,cAAc,GAAG;AAAA,MACjB,mBAAmB,cAAc;AAAA,MACjC;AAAA,IACJ;AAEA,UAAM,GAAG,UAAU,MAAM;AACzB,UAAM,KAAK,UAAU,qBAAqB,gBAAgB;AAE1D,WAAO;AAAA,EACX;AAAA,EAEA,MAAM,QAAQ;AAAA,EAEd;AACJ;AAEA,MAAM,cAAc;AAAA,EAChB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAEA;AAAA,EAEA,YACI,WACA,OACA,QACA,kBACF;AACE,SAAK,YAAY;AACjB,SAAK,QAAQ;AACb,SAAK,gBAAgB,OAAO;AAC5B,SAAK,mBAAmB,OAAO;AAC/B,SAAK,gBAAgB,OAAO;AAC5B,SAAK,gBAAgB,OAAO;AAC5B,SAAK,aAAa,OAAO;AACzB,SAAK,oBAAoB,OAAO;AAChC,SAAK,oBAAoB,OAAO;AAChC,SAAK,mBAAmB;AAAA,EAC5B;AAAA,EAEA,IAAI,oBAAoB;AACpB,WAAQ,KAAK,uBAAuB,OAAO,cAAc,EAAE;AAAA,EAC/D;AACJ;",
|
|
5
5
|
"names": []
|
|
6
6
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"PaseClient.d.ts","sourceRoot":"","sources":["../../../../src/session/pase/PaseClient.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAA6B,eAAe,EAAgC,MAAM,UAAU,CAAC;AACpG,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAE5D,OAAO,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AACpE,OAAO,EAAE,iBAAiB,EAAE,MAAM,eAAe,CAAC;AAOlD,qBAAa,UAAU;;gBAGP,QAAQ,EAAE,cAAc;WAIvB,4BAA4B,CAAC,YAAY,EAAE,MAAM,EAAE,eAAe,EAAE,eAAe;IAKhG,MAAM,CAAC,sBAAsB;IAS7B,MAAM,CAAC,2BAA2B;IAI5B,IAAI,CAAC,iBAAiB,EAAE,iBAAiB,EAAE,QAAQ,EAAE,eAAe,EAAE,QAAQ,EAAE,MAAM;
|
|
1
|
+
{"version":3,"file":"PaseClient.d.ts","sourceRoot":"","sources":["../../../../src/session/pase/PaseClient.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAA6B,eAAe,EAAgC,MAAM,UAAU,CAAC;AACpG,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAE5D,OAAO,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AACpE,OAAO,EAAE,iBAAiB,EAAE,MAAM,eAAe,CAAC;AAOlD,qBAAa,UAAU;;gBAGP,QAAQ,EAAE,cAAc;WAIvB,4BAA4B,CAAC,YAAY,EAAE,MAAM,EAAE,eAAe,EAAE,eAAe;IAKhG,MAAM,CAAC,sBAAsB;IAS7B,MAAM,CAAC,2BAA2B;IAI5B,IAAI,CAAC,iBAAiB,EAAE,iBAAiB,EAAE,QAAQ,EAAE,eAAe,EAAE,QAAQ,EAAE,MAAM;CA6E/F"}
|
|
@@ -58,7 +58,10 @@ class PaseClient {
|
|
|
58
58
|
...responderSessionParams ?? {}
|
|
59
59
|
};
|
|
60
60
|
const { w0, w1 } = await Spake2p.computeW0W1(pbkdfParameters, setupPin);
|
|
61
|
-
const spake2p = Spake2p.create(
|
|
61
|
+
const spake2p = Spake2p.create(
|
|
62
|
+
await Crypto.computeSha256([SPAKE_CONTEXT, requestPayload, responsePayload]),
|
|
63
|
+
w0
|
|
64
|
+
);
|
|
62
65
|
const X = spake2p.computeX();
|
|
63
66
|
await messenger.sendPasePake1({ x: X });
|
|
64
67
|
const { y: Y, verifier } = await messenger.readPasePake2();
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../../../../src/session/pase/PaseClient.ts"],
|
|
4
|
-
"mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;AAMA,SAAS,OAAO,QAAQ,IAAI,QAAyB,SAAS,2BAA2B;AAEzF,SAAS,sBAAsB,QAAQ,0BAA0B;AAGjE,SAAS,qBAAqB,qBAAqB,qBAAqB;AAExE,MAAM,EAAE,gBAAgB,IAAI;AAE5B,MAAM,SAAS,OAAO,IAAI,YAAY;AAE/B,MAAM,WAAW;AAAA,EACpB;AAAA,EAEA,YAAY,UAA0B;AAClC,SAAK,YAAY;AAAA,EACrB;AAAA,EAEA,aAAa,6BAA6B,cAAsB,iBAAkC;AAC9F,UAAM,EAAE,IAAI,EAAE,IAAI,MAAM,QAAQ,WAAW,iBAAiB,YAAY;AACxE,WAAO,MAAM,OAAO,gBAAgB,IAAI,EAAE,GAAG,CAAC;AAAA,EAClD;AAAA,EAEA,OAAO,yBAAyB;AAC5B,QAAI;AACJ,eAAY,OAAO,gBAAgB,IAAI,WAAY;AACnD,QAAI,qBAAqB,oBAAoB,SAAS,QAAQ,GAAG;AAC7D,kBAAY;AAAA,IAChB;AACA,WAAO;AAAA,EACX;AAAA,EAEA,OAAO,8BAA8B;AACjC,WAAO,OAAO,gBAAgB,IAAI;AAAA,EACtC;AAAA,EAEA,MAAM,KAAK,mBAAsC,UAA2B,UAAkB;AAC1F,UAAM,YAAY,IAAI,oBAAoB,QAAQ;AAClD,UAAM,kBAAkB,OAAO,UAAU;AACzC,UAAM,qBAAqB,MAAM,KAAK,UAAU,0BAA0B;AAG1E,UAAM,eACF,kBAAkB,qBAAqB,aACvC,kBAAkB,qBAAqB,aACvC;AACJ,UAAM,iBAAiB,MAAM,UAAU,sBAAsB;AAAA,MACzD;AAAA,MACA;AAAA,MACA,YAAY;AAAA,MACZ,oBAAoB;AAAA,MACpB,wBAAwB;AAAA,QACpB,GAAG;AAAA;AAAA;AAAA,QAGH,mBAAmB,eAAe,kBAAkB,oBAAoB;AAAA,MAC5E;AAAA,IACJ,CAAC;AACD,UAAM;AAAA,MACF;AAAA,MACA,UAAU,EAAE,iBAAiB,oBAAoB,uBAAuB;AAAA,IAC5E,IAAI,MAAM,UAAU,uBAAuB;AAC3C,QAAI,oBAAoB,QAAW;AAG/B,YAAM,UAAU,UAAU,mBAAmB,YAAY;AACzD,YAAM,IAAI,oBAAoB,0EAA0E;AAAA,IAC5G;AAGA,wBAAoB;AAAA,MAChB,GAAG,SAAS,QAAQ;AAAA,MACpB,GAAI,0BAA0B,CAAC;AAAA,IACnC;AAGA,UAAM,EAAE,IAAI,GAAG,IAAI,MAAM,QAAQ,YAAY,iBAAiB,QAAQ;AACtE,UAAM,UAAU,QAAQ,
|
|
4
|
+
"mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;AAMA,SAAS,OAAO,QAAQ,IAAI,QAAyB,SAAS,2BAA2B;AAEzF,SAAS,sBAAsB,QAAQ,0BAA0B;AAGjE,SAAS,qBAAqB,qBAAqB,qBAAqB;AAExE,MAAM,EAAE,gBAAgB,IAAI;AAE5B,MAAM,SAAS,OAAO,IAAI,YAAY;AAE/B,MAAM,WAAW;AAAA,EACpB;AAAA,EAEA,YAAY,UAA0B;AAClC,SAAK,YAAY;AAAA,EACrB;AAAA,EAEA,aAAa,6BAA6B,cAAsB,iBAAkC;AAC9F,UAAM,EAAE,IAAI,EAAE,IAAI,MAAM,QAAQ,WAAW,iBAAiB,YAAY;AACxE,WAAO,MAAM,OAAO,gBAAgB,IAAI,EAAE,GAAG,CAAC;AAAA,EAClD;AAAA,EAEA,OAAO,yBAAyB;AAC5B,QAAI;AACJ,eAAY,OAAO,gBAAgB,IAAI,WAAY;AACnD,QAAI,qBAAqB,oBAAoB,SAAS,QAAQ,GAAG;AAC7D,kBAAY;AAAA,IAChB;AACA,WAAO;AAAA,EACX;AAAA,EAEA,OAAO,8BAA8B;AACjC,WAAO,OAAO,gBAAgB,IAAI;AAAA,EACtC;AAAA,EAEA,MAAM,KAAK,mBAAsC,UAA2B,UAAkB;AAC1F,UAAM,YAAY,IAAI,oBAAoB,QAAQ;AAClD,UAAM,kBAAkB,OAAO,UAAU;AACzC,UAAM,qBAAqB,MAAM,KAAK,UAAU,0BAA0B;AAG1E,UAAM,eACF,kBAAkB,qBAAqB,aACvC,kBAAkB,qBAAqB,aACvC;AACJ,UAAM,iBAAiB,MAAM,UAAU,sBAAsB;AAAA,MACzD;AAAA,MACA;AAAA,MACA,YAAY;AAAA,MACZ,oBAAoB;AAAA,MACpB,wBAAwB;AAAA,QACpB,GAAG;AAAA;AAAA;AAAA,QAGH,mBAAmB,eAAe,kBAAkB,oBAAoB;AAAA,MAC5E;AAAA,IACJ,CAAC;AACD,UAAM;AAAA,MACF;AAAA,MACA,UAAU,EAAE,iBAAiB,oBAAoB,uBAAuB;AAAA,IAC5E,IAAI,MAAM,UAAU,uBAAuB;AAC3C,QAAI,oBAAoB,QAAW;AAG/B,YAAM,UAAU,UAAU,mBAAmB,YAAY;AACzD,YAAM,IAAI,oBAAoB,0EAA0E;AAAA,IAC5G;AAGA,wBAAoB;AAAA,MAChB,GAAG,SAAS,QAAQ;AAAA,MACpB,GAAI,0BAA0B,CAAC;AAAA,IACnC;AAGA,UAAM,EAAE,IAAI,GAAG,IAAI,MAAM,QAAQ,YAAY,iBAAiB,QAAQ;AACtE,UAAM,UAAU,QAAQ;AAAA,MACpB,MAAM,OAAO,cAAc,CAAC,eAAe,gBAAgB,eAAe,CAAC;AAAA,MAC3E;AAAA,IACJ;AACA,UAAM,IAAI,QAAQ,SAAS;AAC3B,UAAM,UAAU,cAAc,EAAE,GAAG,EAAE,CAAC;AAGtC,UAAM,EAAE,GAAG,GAAG,SAAS,IAAI,MAAM,UAAU,cAAc;AACzD,UAAM,EAAE,IAAI,KAAK,IAAI,IAAI,MAAM,QAAQ,+BAA+B,IAAI,GAAG,CAAC;AAC9E,QAAI,CAAC,MAAM,SAAS,UAAU,GAAG,GAAG;AAChC,YAAM,UAAU,UAAU,mBAAmB,YAAY;AACzD,YAAM,IAAI;AAAA,QACN;AAAA,MACJ;AAAA,IACJ;AACA,UAAM,UAAU,cAAc,EAAE,UAAU,IAAI,CAAC;AAG/C,UAAM,UAAU,eAAe,mBAAmB;AAClD,UAAM,gBAAgB,MAAM,KAAK,UAAU,oBAAoB;AAAA,MAC3D,WAAW;AAAA,MACX,QAAQ;AAAA,MACR,YAAY,OAAO;AAAA,MACnB,eAAe;AAAA,MACf,cAAc;AAAA,MACd,MAAM,IAAI,WAAW,CAAC;AAAA,MACtB,aAAa;AAAA,MACb,cAAc;AAAA,MACd,uBAAuB;AAAA,IAC3B,CAAC;AACD,UAAM,UAAU,MAAM;AACtB,WAAO,KAAK,yCAAyC,UAAU,eAAe,CAAC,GAAG;AAElF,WAAO;AAAA,EACX;AACJ;",
|
|
5
5
|
"names": []
|
|
6
6
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"PaseServer.d.ts","sourceRoot":"","sources":["../../../../src/session/pase/PaseServer.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAKH,eAAe,EACf,eAAe,EAKlB,MAAM,UAAU,CAAC;AAClB,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAE5D,OAAO,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AACpE,OAAO,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AAEpE,OAAO,EAAuB,mBAAmB,EAAiB,MAAM,oBAAoB,CAAC;AAS7F,qBAAa,oCAAqC,SAAQ,eAAe;CAAG;AAE5E,qBAAa,UAAW,YAAW,eAAe;;IAuB1C,OAAO,CAAC,QAAQ;IAChB,OAAO,CAAC,QAAQ,CAAC,EAAE;IACnB,OAAO,CAAC,QAAQ,CAAC,CAAC;IAClB,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAC;IAzBrC,QAAQ,CAAC,EAAE,KAA8B;IACzC,QAAQ,CAAC,qBAAqB,SAAS;WAK1B,OAAO,CAAC,QAAQ,EAAE,cAAc,EAAE,YAAY,EAAE,MAAM,EAAE,eAAe,EAAE,eAAe;IAKrG,MAAM,CAAC,qBAAqB,CACxB,QAAQ,EAAE,cAAc,EACxB,iBAAiB,EAAE,UAAU,EAC7B,eAAe,CAAC,EAAE,eAAe;gBAQzB,QAAQ,EAAE,cAAc,EACf,EAAE,EAAE,MAAM,EACV,CAAC,EAAE,UAAU,EACb,eAAe,CAAC,EAAE,eAAe,YAAA;IAGhD,aAAa,CAAC,QAAQ,EAAE,eAAe;YAuC/B,oBAAoB;
|
|
1
|
+
{"version":3,"file":"PaseServer.d.ts","sourceRoot":"","sources":["../../../../src/session/pase/PaseServer.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAKH,eAAe,EACf,eAAe,EAKlB,MAAM,UAAU,CAAC;AAClB,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAE5D,OAAO,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AACpE,OAAO,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AAEpE,OAAO,EAAuB,mBAAmB,EAAiB,MAAM,oBAAoB,CAAC;AAS7F,qBAAa,oCAAqC,SAAQ,eAAe;CAAG;AAE5E,qBAAa,UAAW,YAAW,eAAe;;IAuB1C,OAAO,CAAC,QAAQ;IAChB,OAAO,CAAC,QAAQ,CAAC,EAAE;IACnB,OAAO,CAAC,QAAQ,CAAC,CAAC;IAClB,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAC;IAzBrC,QAAQ,CAAC,EAAE,KAA8B;IACzC,QAAQ,CAAC,qBAAqB,SAAS;WAK1B,OAAO,CAAC,QAAQ,EAAE,cAAc,EAAE,YAAY,EAAE,MAAM,EAAE,eAAe,EAAE,eAAe;IAKrG,MAAM,CAAC,qBAAqB,CACxB,QAAQ,EAAE,cAAc,EACxB,iBAAiB,EAAE,UAAU,EAC7B,eAAe,CAAC,EAAE,eAAe;gBAQzB,QAAQ,EAAE,cAAc,EACf,EAAE,EAAE,MAAM,EACV,CAAC,EAAE,UAAU,EACb,eAAe,CAAC,EAAE,eAAe,YAAA;IAGhD,aAAa,CAAC,QAAQ,EAAE,eAAe;YAuC/B,oBAAoB;IAgF5B,aAAa,CAAC,SAAS,EAAE,mBAAmB,EAAE,SAAS,UAAO;IAU9D,KAAK;CAGd"}
|
|
@@ -107,7 +107,10 @@ class PaseServer {
|
|
|
107
107
|
maxTcpMessageSize: tcpSupported ? responderSessionParams.maxTcpMessageSize : void 0
|
|
108
108
|
}
|
|
109
109
|
});
|
|
110
|
-
const spake2p = Spake2p.create(
|
|
110
|
+
const spake2p = Spake2p.create(
|
|
111
|
+
await Crypto.computeSha256([SPAKE_CONTEXT, requestPayload, responsePayload]),
|
|
112
|
+
this.w0
|
|
113
|
+
);
|
|
111
114
|
const { x: X } = await messenger.readPasePake1();
|
|
112
115
|
const Y = spake2p.computeY();
|
|
113
116
|
const { Ke, hAY, hBX } = await spake2p.computeSecretAndVerifiersFromX(this.L, X, Y);
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"version": 3,
|
|
3
3
|
"sources": ["../../../../src/session/pase/PaseServer.ts"],
|
|
4
|
-
"mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;AAMA;AAAA,EACI;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAEA;AAAA,EACA;AAAA,EAEA;AAAA,OACG;AAEP,SAAS,QAAQ,oBAAoB,kCAAkC;AAGvE,SAAS,kCAAkC;AAC3C,SAAS,qBAAqB,qBAAqB,qBAAqB;AAExE,MAAM,EAAE,gBAAgB,IAAI;AAE5B,MAAM,SAAS,OAAO,IAAI,YAAY;AAEtC,MAAM,0BAA0B;AAChC,MAAM,gCAAgC;AAE/B,MAAM,6CAA6C,gBAAgB;AAAC;AAEpE,MAAM,WAAsC;AAAA,EAsB/C,YACY,UACS,IACA,GACA,iBACnB;AAJU;AACS;AACA;AACA;AAAA,EAClB;AAAA,EA1BM,KAAK;AAAA,EACL,wBAAwB;AAAA,EAEjC;AAAA,EACA,iBAAiB;AAAA,EAEjB,aAAa,QAAQ,UAA0B,cAAsB,iBAAkC;AACnG,UAAM,EAAE,IAAI,EAAE,IAAI,MAAM,QAAQ,WAAW,iBAAiB,YAAY;AACxE,WAAO,IAAI,WAAW,UAAU,IAAI,GAAG,eAAe;AAAA,EAC1D;AAAA,EAEA,OAAO,sBACH,UACA,mBACA,iBACF;AACE,UAAM,KAAK,gBAAgB,kBAAkB,MAAM,GAAG,EAAE,CAAC;AACzD,UAAM,IAAI,kBAAkB,MAAM,IAAI,KAAK,EAAE;AAC7C,WAAO,IAAI,WAAW,UAAU,IAAI,GAAG,eAAe;AAAA,EAC1D;AAAA,EASA,MAAM,cAAc,UAA2B;AAC3C,UAAM,YAAY,IAAI,oBAAoB,QAAQ;AAClD,QAAI;AAKA,UAAI,KAAK,SAAS,eAAe,GAAG;AAChC,eAAO,KAAK,wFAAwF;AAAA,MACxG,WAAW,KAAK,eAAe,WAAW;AACtC,eAAO;AAAA,UACH;AAAA,QACJ;AAAA,MACJ,OAAO;AAEH,cAAM,KAAK,qBAAqB,SAAS;AAAA,MAC7C;AAAA,IACJ,SAAS,OAAO;AACZ,WAAK;AACL,aAAO;AAAA,QACH,oDAAoD,KAAK,cAAc,IAAI,6BAA6B;AAAA,QACxG;AAAA,MACJ;AAGA,YAAM,YAAY,EAAE,iBAAiB;AACrC,YAAM,KAAK,cAAc,WAAW,SAAS;AAE7C,UAAI,KAAK,kBAAkB,+BAA+B;AACtD,cAAM,IAAI;AAAA,UACN;AAAA,QACJ;AAAA,MACJ;AAAA,IACJ,UAAE;AAEE,YAAM,SAAS,QAAQ,QAAQ;AAAA,IACnC;AAAA,EACJ;AAAA,EAEA,MAAc,qBAAqB,WAAgC;AAC/D,WAAO,KAAK,iCAAiC,UAAU,eAAe,CAAC,GAAG;AAE1E,SAAK,gBAAgB,KAAK;AAAA,MAAS;AAAA,MAAwB;AAAA,MAAyB,MAChF,KAAK,cAAc,SAAS;AAAA,IAChC,EAAE,MAAM;AAGR,UAAM;AAAA,MACF;AAAA,MACA,SAAS;AAAA,QACL;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA,oBAAoB;AAAA,MACxB;AAAA,IACJ,IAAI,MAAM,UAAU,sBAAsB;AAC1C,QAAI,eAAe,qBAAqB;AACpC,YAAM,IAAI,oBAAoB,2BAA2B,UAAU,GAAG;AAAA,IAC1E;AAEA,UAAM,qBAAqB,MAAM,KAAK,SAAS,0BAA0B;AACzE,UAAM,kBAAkB,OAAO,UAAU;AAEzC,UAAM,yBAAyB,KAAK,SAAS;AAC7C,UAAM,eACF,uBAAuB,qBAAqB,aAC5C,uBAAuB,qBAAqB,aAC5C;AACJ,UAAM,kBAAkB,MAAM,UAAU,uBAAuB;AAAA,MAC3D;AAAA,MACA;AAAA,MACA;AAAA,MACA,iBAAiB,qBAAqB,SAAY,KAAK;AAAA,MACvD,wBAAwB;AAAA,QACpB,GAAG;AAAA;AAAA;AAAA,QAGH,mBAAmB,eAAe,uBAAuB,oBAAoB;AAAA,MACjF;AAAA,IACJ,CAAC;AAGD,UAAM,UAAU,QAAQ,
|
|
4
|
+
"mappings": "AAAA;AAAA;AAAA;AAAA;AAAA;AAMA;AAAA,EACI;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAEA;AAAA,EACA;AAAA,EAEA;AAAA,OACG;AAEP,SAAS,QAAQ,oBAAoB,kCAAkC;AAGvE,SAAS,kCAAkC;AAC3C,SAAS,qBAAqB,qBAAqB,qBAAqB;AAExE,MAAM,EAAE,gBAAgB,IAAI;AAE5B,MAAM,SAAS,OAAO,IAAI,YAAY;AAEtC,MAAM,0BAA0B;AAChC,MAAM,gCAAgC;AAE/B,MAAM,6CAA6C,gBAAgB;AAAC;AAEpE,MAAM,WAAsC;AAAA,EAsB/C,YACY,UACS,IACA,GACA,iBACnB;AAJU;AACS;AACA;AACA;AAAA,EAClB;AAAA,EA1BM,KAAK;AAAA,EACL,wBAAwB;AAAA,EAEjC;AAAA,EACA,iBAAiB;AAAA,EAEjB,aAAa,QAAQ,UAA0B,cAAsB,iBAAkC;AACnG,UAAM,EAAE,IAAI,EAAE,IAAI,MAAM,QAAQ,WAAW,iBAAiB,YAAY;AACxE,WAAO,IAAI,WAAW,UAAU,IAAI,GAAG,eAAe;AAAA,EAC1D;AAAA,EAEA,OAAO,sBACH,UACA,mBACA,iBACF;AACE,UAAM,KAAK,gBAAgB,kBAAkB,MAAM,GAAG,EAAE,CAAC;AACzD,UAAM,IAAI,kBAAkB,MAAM,IAAI,KAAK,EAAE;AAC7C,WAAO,IAAI,WAAW,UAAU,IAAI,GAAG,eAAe;AAAA,EAC1D;AAAA,EASA,MAAM,cAAc,UAA2B;AAC3C,UAAM,YAAY,IAAI,oBAAoB,QAAQ;AAClD,QAAI;AAKA,UAAI,KAAK,SAAS,eAAe,GAAG;AAChC,eAAO,KAAK,wFAAwF;AAAA,MACxG,WAAW,KAAK,eAAe,WAAW;AACtC,eAAO;AAAA,UACH;AAAA,QACJ;AAAA,MACJ,OAAO;AAEH,cAAM,KAAK,qBAAqB,SAAS;AAAA,MAC7C;AAAA,IACJ,SAAS,OAAO;AACZ,WAAK;AACL,aAAO;AAAA,QACH,oDAAoD,KAAK,cAAc,IAAI,6BAA6B;AAAA,QACxG;AAAA,MACJ;AAGA,YAAM,YAAY,EAAE,iBAAiB;AACrC,YAAM,KAAK,cAAc,WAAW,SAAS;AAE7C,UAAI,KAAK,kBAAkB,+BAA+B;AACtD,cAAM,IAAI;AAAA,UACN;AAAA,QACJ;AAAA,MACJ;AAAA,IACJ,UAAE;AAEE,YAAM,SAAS,QAAQ,QAAQ;AAAA,IACnC;AAAA,EACJ;AAAA,EAEA,MAAc,qBAAqB,WAAgC;AAC/D,WAAO,KAAK,iCAAiC,UAAU,eAAe,CAAC,GAAG;AAE1E,SAAK,gBAAgB,KAAK;AAAA,MAAS;AAAA,MAAwB;AAAA,MAAyB,MAChF,KAAK,cAAc,SAAS;AAAA,IAChC,EAAE,MAAM;AAGR,UAAM;AAAA,MACF;AAAA,MACA,SAAS;AAAA,QACL;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA,oBAAoB;AAAA,MACxB;AAAA,IACJ,IAAI,MAAM,UAAU,sBAAsB;AAC1C,QAAI,eAAe,qBAAqB;AACpC,YAAM,IAAI,oBAAoB,2BAA2B,UAAU,GAAG;AAAA,IAC1E;AAEA,UAAM,qBAAqB,MAAM,KAAK,SAAS,0BAA0B;AACzE,UAAM,kBAAkB,OAAO,UAAU;AAEzC,UAAM,yBAAyB,KAAK,SAAS;AAC7C,UAAM,eACF,uBAAuB,qBAAqB,aAC5C,uBAAuB,qBAAqB,aAC5C;AACJ,UAAM,kBAAkB,MAAM,UAAU,uBAAuB;AAAA,MAC3D;AAAA,MACA;AAAA,MACA;AAAA,MACA,iBAAiB,qBAAqB,SAAY,KAAK;AAAA,MACvD,wBAAwB;AAAA,QACpB,GAAG;AAAA;AAAA;AAAA,QAGH,mBAAmB,eAAe,uBAAuB,oBAAoB;AAAA,MACjF;AAAA,IACJ,CAAC;AAGD,UAAM,UAAU,QAAQ;AAAA,MACpB,MAAM,OAAO,cAAc,CAAC,eAAe,gBAAgB,eAAe,CAAC;AAAA,MAC3E,KAAK;AAAA,IACT;AACA,UAAM,EAAE,GAAG,EAAE,IAAI,MAAM,UAAU,cAAc;AAC/C,UAAM,IAAI,QAAQ,SAAS;AAC3B,UAAM,EAAE,IAAI,KAAK,IAAI,IAAI,MAAM,QAAQ,+BAA+B,KAAK,GAAG,GAAG,CAAC;AAClF,UAAM,UAAU,cAAc,EAAE,GAAG,GAAG,UAAU,IAAI,CAAC;AAGrD,UAAM,EAAE,SAAS,IAAI,MAAM,UAAU,cAAc;AACnD,QAAI,CAAC,MAAM,SAAS,UAAU,GAAG,GAAG;AAChC,YAAM,IAAI,oBAAoB,yDAAyD;AAAA,IAC3F;AAGA,UAAM,KAAK,SAAS,oBAAoB;AAAA,MACpC,WAAW;AAAA,MACX,QAAQ;AAAA,MACR,YAAY,OAAO;AAAA,MACnB;AAAA,MACA,cAAc;AAAA,MACd,MAAM,IAAI,WAAW,CAAC;AAAA,MACtB,aAAa;AAAA,MACb,cAAc;AAAA,MACd,uBAAuB;AAAA,IAC3B,CAAC;AACD,WAAO,KAAK,WAAW,kBAAkB,iBAAiB,UAAU,eAAe,CAAC,GAAG;AAEvF,UAAM,UAAU,YAAY;AAC5B,UAAM,UAAU,MAAM;AAEtB,SAAK,eAAe,KAAK;AACzB,SAAK,gBAAgB;AAAA,EACzB;AAAA,EAEA,MAAM,cAAc,WAAgC,YAAY,MAAM;AAClE,SAAK,eAAe,KAAK;AACzB,SAAK,gBAAgB;AAErB,QAAI,WAAW;AACX,YAAM,UAAU,UAAU,mBAAmB,YAAY;AAAA,IAC7D;AACA,UAAM,UAAU,MAAM;AAAA,EAC1B;AAAA,EAEA,MAAM,QAAQ;AAAA,EAEd;AACJ;",
|
|
5
5
|
"names": []
|
|
6
6
|
}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@matter/protocol",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.15.0-alpha.0-20250612-ddd428561",
|
|
4
4
|
"description": "Low-level APIs for Matter interaction",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"iot",
|
|
@@ -40,13 +40,13 @@
|
|
|
40
40
|
"#*": "./src/*"
|
|
41
41
|
},
|
|
42
42
|
"dependencies": {
|
|
43
|
-
"@matter/general": "0.
|
|
44
|
-
"@matter/model": "0.
|
|
45
|
-
"@matter/types": "0.
|
|
43
|
+
"@matter/general": "0.15.0-alpha.0-20250612-ddd428561",
|
|
44
|
+
"@matter/model": "0.15.0-alpha.0-20250612-ddd428561",
|
|
45
|
+
"@matter/types": "0.15.0-alpha.0-20250612-ddd428561"
|
|
46
46
|
},
|
|
47
47
|
"devDependencies": {
|
|
48
|
-
"@matter/tools": "0.
|
|
49
|
-
"@matter/testing": "0.
|
|
48
|
+
"@matter/tools": "0.15.0-alpha.0-20250612-ddd428561",
|
|
49
|
+
"@matter/testing": "0.15.0-alpha.0-20250612-ddd428561"
|
|
50
50
|
},
|
|
51
51
|
"files": [
|
|
52
52
|
"dist/**/*",
|
|
@@ -53,7 +53,7 @@ export class AttestationCertificateManager {
|
|
|
53
53
|
|
|
54
54
|
static async create(vendorId: VendorId) {
|
|
55
55
|
const key = await Crypto.createKeyPair();
|
|
56
|
-
const identifier = await Crypto.
|
|
56
|
+
const identifier = await Crypto.computeSha256(key.publicKey);
|
|
57
57
|
return new AttestationCertificateManager(vendorId, key, identifier.slice(0, 20));
|
|
58
58
|
}
|
|
59
59
|
|
|
@@ -167,7 +167,7 @@ export class AttestationCertificateManager {
|
|
|
167
167
|
keyUsage: {
|
|
168
168
|
digitalSignature: true,
|
|
169
169
|
},
|
|
170
|
-
subjectKeyIdentifier: (await Crypto.
|
|
170
|
+
subjectKeyIdentifier: (await Crypto.computeSha256(publicKey)).slice(0, 20),
|
|
171
171
|
authorityKeyIdentifier: this.#paiKeyIdentifier,
|
|
172
172
|
},
|
|
173
173
|
};
|
|
@@ -49,17 +49,17 @@ export class CertificateAuthority {
|
|
|
49
49
|
return this.#construction;
|
|
50
50
|
}
|
|
51
51
|
|
|
52
|
-
static async create(options
|
|
52
|
+
static async create(options?: StorageContext | CertificateAuthority.Configuration) {
|
|
53
53
|
return asyncNew(CertificateAuthority, options);
|
|
54
54
|
}
|
|
55
55
|
|
|
56
|
-
constructor(options
|
|
56
|
+
constructor(options?: StorageContext | CertificateAuthority.Configuration) {
|
|
57
57
|
this.#construction = Construction(this, async () => {
|
|
58
58
|
// Use provided CA config or read from storage, otherwise initialize and store
|
|
59
|
-
const certValues = options instanceof StorageContext ? await options.values() : options;
|
|
59
|
+
const certValues = options instanceof StorageContext ? await options.values() : (options ?? {});
|
|
60
60
|
|
|
61
61
|
this.#rootKeyPair = await Crypto.createKeyPair();
|
|
62
|
-
this.#rootKeyIdentifier = (await Crypto.
|
|
62
|
+
this.#rootKeyIdentifier = (await Crypto.computeSha256(this.#rootKeyPair.publicKey)).slice(0, 20);
|
|
63
63
|
this.#rootCertBytes = await this.#generateRootCert();
|
|
64
64
|
|
|
65
65
|
if (
|
|
@@ -135,7 +135,7 @@ export class CertificateAuthority {
|
|
|
135
135
|
authorityKeyIdentifier: this.#initializedRootKeyIdentifier,
|
|
136
136
|
},
|
|
137
137
|
};
|
|
138
|
-
const signature = await Crypto.
|
|
138
|
+
const signature = await Crypto.signEcdsa(
|
|
139
139
|
this.#initializedRootKeyPair,
|
|
140
140
|
CertificateManager.rootCertToAsn1(unsignedCertificate),
|
|
141
141
|
);
|
|
@@ -166,12 +166,12 @@ export class CertificateAuthority {
|
|
|
166
166
|
digitalSignature: true,
|
|
167
167
|
},
|
|
168
168
|
extendedKeyUsage: [2, 1],
|
|
169
|
-
subjectKeyIdentifier: (await Crypto.
|
|
169
|
+
subjectKeyIdentifier: (await Crypto.computeSha256(publicKey)).slice(0, 20),
|
|
170
170
|
authorityKeyIdentifier: this.#initializedRootKeyIdentifier,
|
|
171
171
|
},
|
|
172
172
|
};
|
|
173
173
|
|
|
174
|
-
const signature = await Crypto.
|
|
174
|
+
const signature = await Crypto.signEcdsa(
|
|
175
175
|
this.#initializedRootKeyPair,
|
|
176
176
|
CertificateManager.nodeOperationalCertToAsn1(unsignedCertificate),
|
|
177
177
|
);
|