@reclaimprotocol/attestor-core 5.0.1-beta.13 → 5.0.1-beta.16

package/lib/utils/generics.js

@@ -1,268 +0,0 @@
-import {
-  areUint8ArraysEqual,
-  CONTENT_TYPE_MAP,
-  crypto,
-  decryptWrappedRecord,
-  PACKET_TYPE,
-  SUPPORTED_CIPHER_SUITE_MAP,
-  uint8ArrayToBinaryStr,
-  uint8ArrayToDataView
-} from "@reclaimprotocol/tls";
-import { REDACTION_CHAR_CODE } from "@reclaimprotocol/zk-symmetric-crypto";
-import { RPCMessage, RPCMessages } from "#src/proto/api.js";
-const DEFAULT_REDACTION_DATA = new Uint8Array(4).fill(REDACTION_CHAR_CODE);
-function uint8ArrayToStr(arr) {
-  return new TextDecoder().decode(arr);
-}
-function strToUint8Array(str) {
-  return new TextEncoder().encode(str);
-}
-function getTranscriptString(receipt) {
-  const applMsgs = extractApplicationDataFromTranscript(receipt);
-  const strList = [];
-  for (const { message, sender } of applMsgs) {
-    const content = uint8ArrayToStr(message);
-    if (strList[strList.length - 1]?.startsWith(sender)) {
-      strList[strList.length - 1] += content;
-    } else {
-      strList.push(`${sender}: ${content}`);
-    }
-  }
-  return strList.join("\n");
-}
-const unixTimestampSeconds = () => Math.floor(Date.now() / 1e3);
-function findIndexInUint8Array(haystack, needle) {
-  for (let i = 0; i < haystack.length; i++) {
-    if (areUint8ArraysEqual(haystack.slice(i, i + needle.length), needle)) {
-      return i;
-    }
-  }
-  return -1;
-}
-function getZkAlgorithmForCipherSuite(cipherSuite) {
-  if (cipherSuite.includes("CHACHA20")) {
-    return "chacha20";
-  }
-  if (cipherSuite.includes("AES_256_GCM")) {
-    return "aes-256-ctr";
-  }
-  if (cipherSuite.includes("AES_128_GCM")) {
-    return "aes-128-ctr";
-  }
-  throw new Error(`${cipherSuite} not supported for ZK ops`);
-}
-function getPureCiphertext(content, cipherSuite) {
-  getZkAlgorithmForCipherSuite(cipherSuite);
-  content = content.slice(0, -16);
-  const {
-    ivLength: fixedIvLength
-  } = SUPPORTED_CIPHER_SUITE_MAP[cipherSuite];
-  const recordIvLength = 12 - fixedIvLength;
-  content = content.slice(recordIvLength);
-  return content;
-}
-function getRecordIV(content, cipherSuite) {
-  getZkAlgorithmForCipherSuite(cipherSuite);
-  const {
-    ivLength: fixedIvLength
-  } = SUPPORTED_CIPHER_SUITE_MAP[cipherSuite];
-  const recordIvLength = 12 - fixedIvLength;
-  return content.slice(0, recordIvLength);
-}
-function getProviderValue(params, fn, secretParams) {
-  return typeof fn === "function" ? fn(params, secretParams) : fn;
-}
-function generateRpcMessageId() {
-  return uint8ArrayToDataView(crypto.randomBytes(4)).getUint32(0);
-}
-function generateSessionId() {
-  return generateRpcMessageId();
-}
-function generateTunnelId() {
-  return generateRpcMessageId();
-}
-function makeRpcEvent(type, data) {
-  const ev = new Event(type);
-  ev.data = data;
-  return ev;
-}
-function getRpcTypeFromKey(key) {
-  if (key.endsWith("Request")) {
-    return {
-      type: key.slice(0, -7),
-      direction: "request"
-    };
-  }
-  if (key.endsWith("Response")) {
-    return {
-      type: key.slice(0, -8),
-      direction: "response"
-    };
-  }
-}
-function getRpcResponseType(type) {
-  return `${type}Response`;
-}
-function getRpcRequestType(type) {
-  return `${type}Request`;
-}
-function isApplicationData(packet, tlsVersion) {
-  return packet.type === "ciphertext" && (packet.contentType === "APPLICATION_DATA" || packet.data[0] === PACKET_TYPE.WRAPPED_RECORD && tlsVersion === "TLS1_2");
-}
-async function extractArrayBufferFromWsData(data) {
-  if (data instanceof ArrayBuffer) {
-    return new Uint8Array(data);
-  }
-  if (data instanceof Uint8Array || typeof data === "object" && data && "buffer" in data) {
-    return data;
-  }
-  if (typeof data === "string") {
-    return strToUint8Array(data);
-  }
-  if (typeof Blob !== "undefined" && data instanceof Blob) {
-    return new Uint8Array(await data.arrayBuffer());
-  }
-  throw new Error("unsupported data: " + String(data));
-}
-function getRpcRequest(msg) {
-  if (msg.requestError) {
-    return {
-      direction: "response",
-      type: "error"
-    };
-  }
-  for (const key in msg) {
-    if (!msg[key]) {
-      continue;
-    }
-    const rpcType = getRpcTypeFromKey(key);
-    if (!rpcType) {
-      continue;
-    }
-    return rpcType;
-  }
-}
-function extractApplicationDataFromTranscript({ transcript, tlsVersion }) {
-  const msgs = [];
-  for (const m of transcript) {
-    let message;
-    if (m.redacted) {
-      if (!m.plaintextLength) {
-        message = DEFAULT_REDACTION_DATA;
-      } else {
-        const len = tlsVersion === "TLS1_3" ? m.plaintextLength - 1 : m.plaintextLength;
-        message = new Uint8Array(len).fill(REDACTION_CHAR_CODE);
-      }
-    } else if (tlsVersion === "TLS1_3") {
-      const contentType = m.message[m.message.length - 1];
-      if (contentType !== CONTENT_TYPE_MAP["APPLICATION_DATA"]) {
-        continue;
-      }
-      message = m.message.slice(0, -1);
-    } else if (m.recordHeader[0] === PACKET_TYPE.WRAPPED_RECORD) {
-      message = m.message;
-    } else {
-      continue;
-    }
-    msgs.push({ message, sender: m.sender });
-  }
-  return msgs;
-}
-function extractHandshakeFromTranscript({ transcript, tlsVersion }) {
-  const msgs = [];
-  for (const [i, m] of transcript.entries()) {
-    if (m.redacted) {
-      break;
-    }
-    let message;
-    if (m.recordHeader[0] === PACKET_TYPE.HELLO) {
-      message = m.message;
-    } else if (m.recordHeader[0] === PACKET_TYPE.WRAPPED_RECORD) {
-      if (tlsVersion === "TLS1_3") {
-        const contentType = m.message[m.message.length - 1];
-        if (contentType !== CONTENT_TYPE_MAP["HANDSHAKE"]) {
-          break;
-        }
-        message = m.message.slice(0, -1);
-      } else {
-        break;
-      }
-    } else {
-      continue;
-    }
-    if (!message.length) {
-      throw new Error("unsupported handshake message");
-    }
-    msgs.push({ message, sender: m.sender, index: i });
-  }
-  return msgs;
-}
-async function decryptDirect(directReveal, cipherSuite, recordHeader, serverTlsVersion, content) {
-  const { key, iv, recordNumber } = directReveal;
-  const { cipher } = SUPPORTED_CIPHER_SUITE_MAP[cipherSuite];
-  const importedKey = await crypto.importKey(cipher, key);
-  return await decryptWrappedRecord(
-    content,
-    {
-      iv,
-      key: importedKey,
-      recordHeader,
-      recordNumber,
-      version: serverTlsVersion,
-      cipherSuite
-    }
-  );
-}
-function packRpcMessages(...msgs) {
-  return RPCMessages.create({
-    messages: msgs.map((msg) => RPCMessage.create({
-      ...msg,
-      id: msg.id || generateRpcMessageId()
-    }))
-  });
-}
-function ethersStructToPlainObject(struct) {
-  if (!Array.isArray(struct)) {
-    return struct;
-  }
-  const namedKeys = Object.keys(struct).filter((key) => isNaN(Number(key)));
-  if (!namedKeys.length) {
-    return struct.map(ethersStructToPlainObject);
-  }
-  const obj = {};
-  for (const key of namedKeys) {
-    obj[key] = ethersStructToPlainObject(struct[key]);
-  }
-  return obj;
-}
-function isTls13Suite(suite) {
-  return suite === "TLS_AES_128_GCM_SHA256" || suite === "TLS_AES_256_GCM_SHA384" || suite === "TLS_CHACHA20_POLY1305_SHA256";
-}
-export {
-  decryptDirect,
-  ethersStructToPlainObject,
-  extractApplicationDataFromTranscript,
-  extractArrayBufferFromWsData,
-  extractHandshakeFromTranscript,
-  findIndexInUint8Array,
-  generateRpcMessageId,
-  generateSessionId,
-  generateTunnelId,
-  getProviderValue,
-  getPureCiphertext,
-  getRecordIV,
-  getRpcRequest,
-  getRpcRequestType,
-  getRpcResponseType,
-  getRpcTypeFromKey,
-  getTranscriptString,
-  getZkAlgorithmForCipherSuite,
-  isApplicationData,
-  isTls13Suite,
-  makeRpcEvent,
-  packRpcMessages,
-  strToUint8Array,
-  uint8ArrayToBinaryStr,
-  uint8ArrayToStr,
-  unixTimestampSeconds
-};

package/lib/utils/http-parser.js

@@ -1,201 +0,0 @@
-import { asciiToUint8Array, concatenateUint8Arrays } from "@reclaimprotocol/tls";
-import { findIndexInUint8Array, uint8ArrayToStr } from "#src/utils/generics.js";
-import { REDACTION_CHAR_CODE } from "#src/utils/redactions.js";
-const HTTP_HEADER_LINE_END = asciiToUint8Array("\r\n");
-function makeHttpResponseParser() {
-  const res = {
-    statusCode: 0,
-    statusMessage: "",
-    headers: {},
-    body: new Uint8Array(),
-    complete: false,
-    headersComplete: false,
-    headerIndices: /* @__PURE__ */ new Map(),
-    headerEndIdx: 0
-  };
-  let remainingBodyBytes = 0;
-  let isChunked = false;
-  let remaining = new Uint8Array();
-  let currentByteIdx = 0;
-  return {
-    res,
-    /**
-           * Parse the next chunk of data
-           * @param data the data to parse
-           */
-    onChunk(data) {
-      remaining = concatenateUint8Arrays([remaining, data]);
-      if (!res.headersComplete) {
-        for (let line = getLine(); typeof line !== "undefined"; line = getLine()) {
-          if (!res.statusCode) {
-            const [, statusCode, statusMessage] = line.match(/HTTP\/\d\.\d (\d+) (.*)/) || [];
-            res.statusCode = Number(statusCode);
-            res.statusMessage = statusMessage;
-            res.statusLineEndIndex = currentByteIdx - HTTP_HEADER_LINE_END.length;
-          } else if (line === "") {
-            res.headersComplete = true;
-            res.headerEndIdx = currentByteIdx - 4;
-            if (res.headers["transfer-encoding"]?.includes("chunked")) {
-              isChunked = true;
-              res.chunks = [];
-              break;
-            } else if (res.headers["content-length"]) {
-              remainingBodyBytes = Number(res.headers["content-length"]);
-              break;
-            } else {
-              remainingBodyBytes = -1;
-              break;
-            }
-          } else if (!res.complete) {
-            const [key, value] = line.split(": ");
-            res.headers[key.toLowerCase()] = value;
-            res.headerIndices[key.toLowerCase()] = {
-              fromIndex: currentByteIdx - line.length - HTTP_HEADER_LINE_END.length,
-              toIndex: currentByteIdx - HTTP_HEADER_LINE_END.length
-            };
-          } else {
-            throw new Error("got more data after response was complete");
-          }
-        }
-      }
-      if (res.headersComplete) {
-        if (remainingBodyBytes) {
-          readBody();
-          if (!remainingBodyBytes && !isChunked) {
-            res.complete = true;
-          }
-        }
-        if (res.headers["content-length"] === "0") {
-          res.complete = true;
-        }
-        if (isChunked) {
-          for (let line = getLine(); typeof line !== "undefined"; line = getLine()) {
-            if (line === "") {
-              continue;
-            }
-            const chunkSize = Number.parseInt(line, 16);
-            if (!chunkSize) {
-              res.complete = true;
-              continue;
-            }
-            res.chunks?.push({
-              fromIndex: currentByteIdx,
-              toIndex: currentByteIdx + chunkSize
-            });
-            remainingBodyBytes = chunkSize;
-            readBody();
-            if (remainingBodyBytes) {
-              break;
-            }
-          }
-        }
-      }
-    },
-    /**
-           * Call to prevent further parsing; indicating the end of the request
-           * Checks that the response is valid & complete, otherwise throws an error
-           */
-    streamEnded() {
-      if (!res.headersComplete) {
-        throw new Error("stream ended before headers were complete");
-      }
-      if (remaining.length) {
-        throw new Error("stream ended before remaining data arrived");
-      }
-      if (remainingBodyBytes > 0) {
-        throw new Error("stream ended before all body bytes were received");
-      }
-      res.complete = true;
-    }
-  };
-  function readBody() {
-    if (res.complete) {
-      throw new Error("got more data after response was complete");
-    }
-    if (!res.bodyStartIndex) {
-      res.bodyStartIndex = currentByteIdx;
-    }
-    let bytesToCopy;
-    if (remainingBodyBytes === -1) {
-      bytesToCopy = remaining.length;
-    } else {
-      bytesToCopy = Math.min(remainingBodyBytes, remaining.length);
-      remainingBodyBytes -= bytesToCopy;
-    }
-    res.body = concatenateUint8Arrays([
-      res.body,
-      remaining.slice(0, bytesToCopy)
-    ]);
-    remaining = remaining.slice(bytesToCopy);
-    currentByteIdx += bytesToCopy;
-  }
-  function getLine() {
-    const idx = findIndexInUint8Array(remaining, HTTP_HEADER_LINE_END);
-    if (idx === -1) {
-      return void 0;
-    }
-    const line = uint8ArrayToStr(remaining.slice(0, idx));
-    remaining = remaining.slice(idx + HTTP_HEADER_LINE_END.length);
-    currentByteIdx += idx + HTTP_HEADER_LINE_END.length;
-    return line;
-  }
-}
-function getHttpRequestDataFromTranscript(receipt) {
-  const clientMsgs = receipt.filter((s) => s.sender === "client");
-  if (clientMsgs[0].message[0] === REDACTION_CHAR_CODE) {
-    throw new Error("First client message request is redacted. Cannot parse");
-  }
-  const request = {
-    method: "",
-    url: "",
-    protocol: "",
-    headers: {}
-  };
-  let requestBuffer = concatenateUint8Arrays(clientMsgs.map((m) => m.message));
-  for (let line = getLine(); typeof line !== "undefined"; line = getLine()) {
-    if (line === "") {
-      break;
-    }
-    if (!request.method) {
-      const [, method, url, protocol] = line.match(/(\w+) (.*) (.*)/) || [];
-      request.method = method.toLowerCase();
-      request.url = url;
-      request.protocol = protocol;
-    } else {
-      let keyIdx = line.indexOf(":");
-      if (keyIdx === -1) {
-        keyIdx = line.length - 1;
-      }
-      const key = line.slice(0, keyIdx).toLowerCase().trim();
-      const value = line.slice(keyIdx + 1).trim();
-      const oldValue = request.headers[key];
-      if (typeof oldValue === "string") {
-        request.headers[key] = [oldValue, value];
-      } else if (Array.isArray(oldValue)) {
-        oldValue.push(value);
-      } else {
-        request.headers[key] = value;
-      }
-    }
-  }
-  if (requestBuffer.length) {
-    request.body = requestBuffer;
-  }
-  if (!request.method) {
-    throw new Error("Client request is incomplete");
-  }
-  return request;
-  function getLine() {
-    const idx = findIndexInUint8Array(requestBuffer, HTTP_HEADER_LINE_END);
-    if (idx === -1) {
-      return void 0;
-    }
-    const line = uint8ArrayToStr(requestBuffer.slice(0, idx));
-    requestBuffer = requestBuffer.slice(idx + HTTP_HEADER_LINE_END.length);
-    return line;
-  }
-}
-export {
-  getHttpRequestDataFromTranscript,
-  makeHttpResponseParser
-};

package/lib/utils/index.js

@@ -1,13 +0,0 @@
-export * from "./generics.js";
-export * from "./logger.js";
-export * from "./redactions.js";
-export * from "./http-parser.js";
-export * from "./zk.js";
-export * from "./claims.js";
-export * from "./error.js";
-export * from "./prepare-packets.js";
-export * from "./signatures/index.js";
-export * from "./auth.js";
-export * from "./b64-json.js";
-export * from "./bgp-listener.js";
-export * from "./tls.js";

package/lib/utils/logger.js

@@ -1,82 +0,0 @@
-import { pino, stdTimeFunctions } from "pino";
-import { getEnvVariable } from "#src/utils/env.js";
-const PII_PROPERTIES = ["ownerPrivateKey", "secretParams"];
-const redactedText = "[REDACTED]";
-const envLevel = getEnvVariable("LOG_LEVEL");
-let logger = pino();
-makeLogger(false, envLevel);
-function makeLogger(redactPii, level, onLog) {
-  const opts = {
-    // Log human readable time stamps instead of epoch time
-    timestamp: stdTimeFunctions.isoTime
-  };
-  if (redactPii) {
-    opts.formatters = { log: redact };
-    opts.serializers = { redact };
-    opts.browser = {
-      write: {
-        fatal: (log) => writeLog("fatal", log),
-        error: (log) => writeLog("error", log),
-        warn: (log) => writeLog("warn", log),
-        info: (log) => writeLog("info", log),
-        debug: (log) => writeLog("debug", log),
-        trace: (log) => writeLog("trace", log)
-      }
-    };
-  }
-  const pLogger = pino(opts);
-  pLogger.level = level || "info";
-  logger = pLogger;
-  return pLogger;
-  function writeLog(level2, log) {
-    log = redact(log);
-    const { msg, ...obj } = log;
-    if (console[level2]) {
-      console[level2](obj, msg);
-    } else {
-      console.log(obj, msg);
-    }
-    onLog?.(level2, log);
-  }
-}
-function isObjectProperty(property) {
-  return typeof property === "object" && !Array.isArray(property) && property !== null;
-}
-function getReplacer() {
-  const references = /* @__PURE__ */ new WeakSet();
-  return function(key, value) {
-    const isObject = typeof value === "object" && value !== null;
-    if (isObject) {
-      if (references.has(value)) {
-        return "[CIRCULAR]";
-      }
-      references.add(value);
-    }
-    return value;
-  };
-}
-function redact(json) {
-  const isObject = isObjectProperty(json);
-  if (!isObject && !Array.isArray(json)) {
-    return json;
-  }
-  const redacted = JSON.parse(JSON.stringify(json, getReplacer()));
-  for (const prop in redacted) {
-    if (PII_PROPERTIES.includes(prop)) {
-      redacted[prop] = redactedText;
-    }
-    if (Array.isArray(redacted[prop])) {
-      for (const [index, value] of redacted[prop].entries()) {
-        redacted[prop][index] = redact(value);
-      }
-    } else if (isObjectProperty(redacted[prop])) {
-      redacted[prop] = redact(redacted[prop]);
-    }
-  }
-  return redacted;
-}
-export {
-  logger,
-  makeLogger,
-  redact
-};

package/lib/utils/prepare-packets.js

@@ -1,69 +0,0 @@
-import { concatenateUint8Arrays, crypto } from "@reclaimprotocol/tls";
-import {
-  TranscriptMessageSenderType
-} from "#src/proto/api.js";
-import { makeZkProofGenerator } from "#src/utils/zk.js";
-async function preparePacketsForReveal(tlsTranscript, reveals, { onZkProgress, ...opts }) {
-  const transcript = [];
-  const proofGenerator = await makeZkProofGenerator(opts);
-  let zkPacketsDone = 0;
-  await Promise.all(tlsTranscript.map(async ({ message, sender }, i) => {
-    const msg = {
-      sender: sender === "client" ? TranscriptMessageSenderType.TRANSCRIPT_MESSAGE_SENDER_TYPE_CLIENT : TranscriptMessageSenderType.TRANSCRIPT_MESSAGE_SENDER_TYPE_SERVER,
-      message: message.data,
-      reveal: void 0
-    };
-    transcript.push(msg);
-    const reveal = reveals.get(message);
-    if (!reveal || message.type === "plaintext") {
-      return;
-    }
-    switch (reveal?.type) {
-      case "complete":
-        msg.reveal = {
-          directReveal: {
-            key: await crypto.exportKey(message.encKey),
-            iv: message.fixedIv,
-            recordNumber: message.recordNumber
-          }
-        };
-        break;
-      case "zk": {
-        reveal.redactedPlaintext = concatenateUint8Arrays([
-          reveal.redactedPlaintext,
-          message.plaintext.slice(reveal.redactedPlaintext.length)
-        ]);
-        const oprfRawMarkers = reveal.oprfRawMarkers?.map((m) => ({
-          dataLocation: m.dataLocation
-        })) || [];
-        const overshotOprfRawLength = reveal.overshotOprfRawFromPrevBlock?.length ?? 0;
-        await proofGenerator.addPacketToProve(
-          message,
-          reveal,
-          (proofs, toprfs) => msg.reveal = {
-            zkReveal: { proofs, toprfs, oprfRawMarkers, overshotOprfRawLength }
-          },
-          () => {
-            const next = tlsTranscript.slice(i + 1).find((t) => t.sender === sender);
-            return next?.message;
-          }
-        );
-        break;
-      }
-      default:
-        break;
-    }
-  }));
-  const zkPacketsTotal = proofGenerator.getTotalChunksToProve();
-  onZkProgress?.(zkPacketsDone, zkPacketsTotal);
-  await proofGenerator.generateProofs(
-    () => {
-      zkPacketsDone += 1;
-      onZkProgress?.(zkPacketsDone, zkPacketsTotal);
-    }
-  );
-  return transcript;
-}
-export {
-  preparePacketsForReveal
-};