@sempdev/semp 0.5.0 → 0.5.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/crypto/index.d.ts +1 -1
- package/dist/crypto/index.d.ts.map +1 -1
- package/dist/crypto/index.js +1 -1
- package/dist/crypto/index.js.map +1 -1
- package/dist/crypto/kem.d.ts +29 -0
- package/dist/crypto/kem.d.ts.map +1 -1
- package/dist/crypto/kem.js +63 -0
- package/dist/crypto/kem.js.map +1 -1
- package/dist/delivery/forwarder.d.ts +16 -0
- package/dist/delivery/forwarder.d.ts.map +1 -1
- package/dist/delivery/forwarder.js +47 -0
- package/dist/delivery/forwarder.js.map +1 -1
- package/dist/handshake/client_state.d.ts +2 -1
- package/dist/handshake/client_state.d.ts.map +1 -1
- package/dist/handshake/client_state.js +41 -8
- package/dist/handshake/client_state.js.map +1 -1
- package/dist/handshake/driver.d.ts +16 -5
- package/dist/handshake/driver.d.ts.map +1 -1
- package/dist/handshake/driver.js +61 -12
- package/dist/handshake/driver.js.map +1 -1
- package/dist/handshake/index.d.ts +1 -1
- package/dist/handshake/index.d.ts.map +1 -1
- package/dist/handshake/index.js.map +1 -1
- package/dist/handshake/server.d.ts +26 -1
- package/dist/handshake/server.d.ts.map +1 -1
- package/dist/handshake/server.js +85 -10
- package/dist/handshake/server.js.map +1 -1
- package/dist/handshake/server_state.d.ts +29 -0
- package/dist/handshake/server_state.d.ts.map +1 -1
- package/dist/handshake/server_state.js +112 -7
- package/dist/handshake/server_state.js.map +1 -1
- package/dist/session/dispatcher.d.ts +2 -0
- package/dist/session/dispatcher.d.ts.map +1 -1
- package/dist/session/dispatcher.js +6 -0
- package/dist/session/dispatcher.js.map +1 -1
- package/package.json +1 -1
package/dist/handshake/driver.js
CHANGED
|
@@ -23,16 +23,19 @@
|
|
|
23
23
|
* reason_code as a typed error.
|
|
24
24
|
*
|
|
25
25
|
* The PQ suite path is structurally identical; only the KEM is
|
|
26
|
-
* different.
|
|
27
|
-
*
|
|
28
|
-
*
|
|
26
|
+
* different. Both the baseline X25519 suite and the hybrid
|
|
27
|
+
* Kyber768 + X25519 PQ suite are supported end to end. On the PQ
|
|
28
|
+
* path step 1 generates a hybrid keypair, step 4 decapsulates the
|
|
29
|
+
* server's hybrid KEM ciphertext to recover the same combined
|
|
30
|
+
* shared secret the responder produced.
|
|
29
31
|
*
|
|
30
32
|
* @module
|
|
31
33
|
*/
|
|
32
34
|
import { marshal as canonicalMarshal } from "../canonical/index.js";
|
|
33
|
-
import { deriveSessionKeysWithResumption, newHKDFSHA512, x25519Agree, x25519PublicKey, } from "../crypto/index.js";
|
|
35
|
+
import { HybridPublicKeySize, deriveSessionKeysWithResumption, hybridDecapsulate, hybridGenerateKeyPair, newHKDFSHA512, x25519Agree, x25519PublicKey, } from "../crypto/index.js";
|
|
34
36
|
import { fingerprint, verify as ed25519Verify } from "../keys/index.js";
|
|
35
37
|
import { Session } from "../session/index.js";
|
|
38
|
+
import { sha256 } from "@noble/hashes/sha2.js";
|
|
36
39
|
import { confirmationHash } from "./confirm.js";
|
|
37
40
|
import { composeIdentityProof } from "./identity.js";
|
|
38
41
|
import { HandshakePrefix, buildConfirm, buildInit, } from "./messages.js";
|
|
@@ -59,8 +62,9 @@ export class HandshakeRejectedError extends Error {
|
|
|
59
62
|
* the returned Session — closing the Session closes the transport.
|
|
60
63
|
*/
|
|
61
64
|
export async function runClient(transport, config) {
|
|
62
|
-
if (config.suite !== "x25519-chacha20-poly1305"
|
|
63
|
-
|
|
65
|
+
if (config.suite !== "x25519-chacha20-poly1305" &&
|
|
66
|
+
config.suite !== "pq-kyber768-x25519") {
|
|
67
|
+
throw new Error(`handshake: unsupported suite ${JSON.stringify(config.suite)}`);
|
|
64
68
|
}
|
|
65
69
|
try {
|
|
66
70
|
const result = await runClientInner(transport, config);
|
|
@@ -91,11 +95,29 @@ export async function runClient(transport, config) {
|
|
|
91
95
|
}
|
|
92
96
|
}
|
|
93
97
|
async function runClientInner(transport, config) {
|
|
94
|
-
// Step 1: ephemeral + nonce.
|
|
95
|
-
|
|
96
|
-
|
|
98
|
+
// Step 1: ephemeral + nonce. The wire shape of the ephemeral
|
|
99
|
+
// key depends on the suite: 32-byte X25519 pub for baseline,
|
|
100
|
+
// 1216-byte hybrid (kyberPub || x25519Pub) for PQ.
|
|
101
|
+
const isPQ = config.suite === "pq-kyber768-x25519";
|
|
102
|
+
let ephPriv;
|
|
103
|
+
let ephPub;
|
|
104
|
+
if (isPQ) {
|
|
105
|
+
const kp = hybridGenerateKeyPair();
|
|
106
|
+
ephPriv = kp.secretKey;
|
|
107
|
+
ephPub = kp.publicKey;
|
|
108
|
+
}
|
|
109
|
+
else {
|
|
110
|
+
ephPriv = config.clientEphemeralPriv ?? randomBytes(32);
|
|
111
|
+
ephPub = x25519PublicKey(ephPriv);
|
|
112
|
+
}
|
|
97
113
|
const clientNonce = config.clientNonce ?? randomBytes(32);
|
|
98
|
-
|
|
114
|
+
// The hybrid pub is too large to fingerprint with the 32-byte
|
|
115
|
+
// KEY.md primitive; we use a stable SHA-256 over the wire bytes
|
|
116
|
+
// for the key_id field. For baseline this stays the same as
|
|
117
|
+
// before.
|
|
118
|
+
const ephKeyId = isPQ
|
|
119
|
+
? hexSha256(ephPub)
|
|
120
|
+
: fingerprint(ephPub);
|
|
99
121
|
// Step 2: INIT.
|
|
100
122
|
const init = buildInit({
|
|
101
123
|
nonce: base64Encode(clientNonce),
|
|
@@ -123,8 +145,21 @@ async function runClientInner(transport, config) {
|
|
|
123
145
|
verifyServerSignature(resp, "server_signature", config.serverDomainPub);
|
|
124
146
|
const serverNonce = base64Decode(resp.server_nonce);
|
|
125
147
|
const serverEphPub = base64Decode(resp.server_ephemeral_key.key);
|
|
126
|
-
// Step 4: derive session keys.
|
|
127
|
-
|
|
148
|
+
// Step 4: derive session keys. For the PQ suite the wire
|
|
149
|
+
// server_ephemeral_key is a hybrid KEM ciphertext (kyberCt ||
|
|
150
|
+
// responderX25519Pub) that we decapsulate with the hybrid
|
|
151
|
+
// private key we generated in step 1; for baseline we run the
|
|
152
|
+
// legacy X25519 ECDH.
|
|
153
|
+
let sharedSecret;
|
|
154
|
+
if (isPQ) {
|
|
155
|
+
if (ephPub.length !== HybridPublicKeySize) {
|
|
156
|
+
throw new Error(`handshake: PQ ephemeral pub ${ephPub.length} bytes, want ${HybridPublicKeySize}`);
|
|
157
|
+
}
|
|
158
|
+
sharedSecret = hybridDecapsulate(serverEphPub, ephPriv);
|
|
159
|
+
}
|
|
160
|
+
else {
|
|
161
|
+
sharedSecret = x25519Agree(ephPriv, serverEphPub);
|
|
162
|
+
}
|
|
128
163
|
const kdf = newHKDFSHA512();
|
|
129
164
|
const keys = deriveSessionKeysWithResumption(kdf, sharedSecret, clientNonce, serverNonce);
|
|
130
165
|
// Step 5: confirmation hash.
|
|
@@ -221,6 +256,20 @@ function randomBytes(n) {
|
|
|
221
256
|
globalThis.crypto.getRandomValues(out);
|
|
222
257
|
return out;
|
|
223
258
|
}
|
|
259
|
+
function hexSha256(bytes) {
|
|
260
|
+
// Hybrid ephemeral pubs are larger than 32 bytes, so we cannot
|
|
261
|
+
// route them through `keys.fingerprint` (which enforces a
|
|
262
|
+
// 32-byte input for KEY.md compatibility). The handshake uses
|
|
263
|
+
// ephemeral key_ids as opaque correlation tags only; SHA-256
|
|
264
|
+
// of the wire bytes gives a stable identifier of the right
|
|
265
|
+
// shape (lowercase hex).
|
|
266
|
+
const sum = sha256(bytes);
|
|
267
|
+
let s = "";
|
|
268
|
+
for (let i = 0; i < sum.length; i++) {
|
|
269
|
+
s += (sum[i] ?? 0).toString(16).padStart(2, "0");
|
|
270
|
+
}
|
|
271
|
+
return s;
|
|
272
|
+
}
|
|
224
273
|
function concat(a, b) {
|
|
225
274
|
const out = new Uint8Array(a.length + b.length);
|
|
226
275
|
out.set(a, 0);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"driver.js","sourceRoot":"","sources":["../../src/handshake/driver.ts"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"driver.js","sourceRoot":"","sources":["../../src/handshake/driver.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AAEH,OAAO,EAAE,OAAO,IAAI,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AACpE,OAAO,EAEL,mBAAmB,EACnB,+BAA+B,EAC/B,iBAAiB,EACjB,qBAAqB,EACrB,aAAa,EACb,WAAW,EACX,eAAe,GAChB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAAE,WAAW,EAAE,MAAM,IAAI,aAAa,EAAE,MAAM,kBAAkB,CAAC;AACxE,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAG9C,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAE/C,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,EAAE,oBAAoB,EAAE,MAAM,eAAe,CAAC;AACrD,OAAO,EAOL,eAAe,EACf,YAAY,EACZ,SAAS,GACV,MAAM,eAAe,CAAC;AAqFvB,0DAA0D;AAC1D,MAAM,OAAO,sBAAuB,SAAQ,KAAK;IACtC,SAAS,CAAS;IAClB,UAAU,CAAS;IACnB,MAAM,CAAqB;IACpC,YAAY,SAAiB,EAAE,UAAkB,EAAE,MAA0B;QAC3E,KAAK,CAAC,uBAAuB,UAAU,GAAG,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,KAAK,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACxF,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAC3B,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;CACF;AAED;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS,CAC7B,SAAoB,EACpB,MAAoB;IAEpB,IACE,MAAM,CAAC,KAAK,KAAK,0BAA0B;QAC3C,MAAM,CAAC,KAAK,KAAK,oBAAoB,EACrC,CAAC;QACD,MAAM,IAAI,KAAK,CACb,gCAAgC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAC/D,CAAC;IACJ,CAAC;IACD,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;QACvD,OAAO,IAAI,OAAO,CAAC;YACjB,IAAI,EAAE,QAAQ;YACd,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,UAAU,EAAE,MAAM,CAAC,UAAU;YAC7B,aAAa,EAAE,IAAI,IAAI,EAAE;YACzB,WAAW,EAAE,MAAM,CAAC,WAAW;YAC/B,IAAI,EAAE,MAAM,CAAC,IAAI;YACjB,SAAS;YACT,GAAG,CAAC,MAAM,CAAC,gBAAgB,KAAK,SAAS;gBACvC,CAAC,CAAC,EAAE,gBAAgB,EAAE,MAAM,CAAC,gBAAgB,EAAE;gBAC/C,CAAC,CAAC,EAAE,CAAC;YACP,wBAAwB,EAAE,MAAM,CAAC,wBAAwB;YACzD,4BAA4B,EAAE,MAAM,CAAC,4BAA4B;YACjE,UAAU,EAAE,MAAM,CAAC,UAAU;SAC9B,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,CAAC;YACH,MAAM,SAAS,CAAC,KAAK,EAAE,CAAC;QAC1B,CAAC;QAAC,MAAM,CAAC;YACP,iBAAiB;QACnB,CAAC;QACD,MAAM,GAAG,CAAC;IACZ,CAAC;AACH,CAAC;AAED,KAAK,UAAU,cAAc,CAC3B,SAAoB,EACpB,MAAoB;IAGpB,6DAA6D;IAC7D,6DAA6D;IAC7D,mDAAmD;IACnD,MAAM,IAAI,GAAG,MAAM,CAAC,KAAK,KAAK,oBAAoB,CAAC;IACnD,IAAI,OAAmB,CAAC;IACxB,IAAI,MAAkB,CAAC;IACvB,IAAI,IAAI,EAAE,CAAC;QACT,MAAM,EAAE,GAAG,qBAAqB,EAAE,CAAC;QACnC,OAAO,GAAG,EAAE,CAAC,SAAS,CAAC;QACvB,MAAM,GAAG,EAAE,CAAC,SAAS,CAAC;IACxB,CAAC;SAAM,CAAC;QACN,OAAO,GAAG,MAAM,CAAC,mBAAmB,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;QACxD,MAAM,GAAG,eAAe,CAAC,OAAO,CAAC,CAAC;IACpC,CAAC;IACD,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;IAC1D,8DAA8D;IAC9D,gEAAgE;IAChE,4DAA4D;IAC5D,UAAU;IACV,MAAM,QAAQ,GAAG,IAAI;QACnB,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC;QACnB,CAAC,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;IAExB,gBAAgB;IAChB,MAAM,IAAI,GAAgB,SAAS,CAAC;QAClC,KAAK,EAAE,YAAY,CAAC,WAAW,CAAC;QAChC,SAAS,EAAE,MAAM,CAAC,SAAS;QAC3B,kBAAkB,EAAE;YAClB,SAAS,EAAE,MAAM,CAAC,KAAK;YACvB,GAAG,EAAE,YAAY,CAAC,MAAM,CAAC;YACzB,MAAM,EAAE,QAAQ;SACjB;QACD,YAAY,EAAE,MAAM,CAAC,YAAY;KAClC,CAAC,CAAC;IACH,MAAM,aAAa,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC;IAC7C,MAAM,SAAS,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;IAEpC,oBAAoB;IACpB,MAAM,SAAS,GAAG,MAAM,cAAc,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC;IAC9D,MAAM,OAAO,GAAG,qBAAqB,CAAC,SAAS,CAAC,CAAC;IACjD,IAAI,OAAO,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;QAChC,MAAM,GAAG,GAAG,OAA0B,CAAC;QACvC,MAAM,IAAI,sBAAsB,CAAC,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,WAAW,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;IAChF,CAAC;IACD,IAAI,OAAO,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;QAChC,MAAM,IAAI,KAAK,CAAC,6CAA6C,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC;IAChF,CAAC;IACD,MAAM,IAAI,GAAG,OAA0B,CAAC;IACxC,qBAAqB,CACnB,IAA0C,EAC1C,kBAAkB,EAClB,MAAM,CAAC,eAAe,CACvB,CAAC;IAEF,MAAM,WAAW,GAAG,YAAY,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;IACpD,MAAM,YAAY,GAAG,YAAY,CAAC,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,CAAC;IAEjE,yDAAyD;IACzD,8DAA8D;IAC9D,0DAA0D;IAC1D,8DAA8D;IAC9D,sBAAsB;IACtB,IAAI,YAAwB,CAAC;IAC7B,IAAI,IAAI,EAAE,CAAC;QACT,IAAI,MAAM,CAAC,MAAM,KAAK,mBAAmB,EAAE,CAAC;YAC1C,MAAM,IAAI,KAAK,CACb,+BAA+B,MAAM,CAAC,MAAM,gBAAgB,mBAAmB,EAAE,CAClF,CAAC;QACJ,CAAC;QACD,YAAY,GAAG,iBAAiB,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;IAC1D,CAAC;SAAM,CAAC;QACN,YAAY,GAAG,WAAW,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;IACpD,CAAC;IACD,MAAM,GAAG,GAAG,aAAa,EAAE,CAAC;IAC5B,MAAM,IAAI,GAAG,+BAA+B,CAC1C,GAAG,EACH,YAAY,EACZ,WAAW,EACX,WAAW,CACZ,CAAC;IAEF,6BAA6B;IAC7B,MAAM,aAAa,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC;IAC7C,MAAM,gBAAgB,GAAG,gBAAgB,CAAC,aAAa,EAAE,aAAa,CAAC,CAAC;IAExE,+DAA+D;IAC/D,+DAA+D;IAC/D,6DAA6D;IAC7D,mCAAmC;IACnC,IAAI,gBAAgB,GAAG,EAAE,CAAC;IAC1B,IAAI,MAAM,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;QAClC,gBAAgB,GAAG,oBAAoB,CAAC;YACtC,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,QAAQ;YAClC,cAAc,EAAE,MAAM,CAAC,QAAQ,CAAC,cAAc;YAC9C,kBAAkB,EAAE,MAAM,CAAC,QAAQ,CAAC,YAAY;YAChD,mBAAmB,EAAE,MAAM,CAAC,QAAQ,CAAC,aAAa;YAClD,SAAS,EAAE,IAAI,CAAC,UAAU;YAC1B,gBAAgB,EAAE,gBAAgB;YAClC,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,UAAU,KAAK,SAAS;gBAC1C,CAAC,CAAC,EAAE,UAAU,EAAE,MAAM,CAAC,QAAQ,CAAC,UAAU,EAAE;gBAC5C,CAAC,CAAC,EAAE,CAAC;SACR,CAAC,CAAC,gBAAgB,CAAC;IACtB,CAAC;IACD,MAAM,OAAO,GAAmB,YAAY,CAAC;QAC3C,SAAS,EAAE,IAAI,CAAC,UAAU;QAC1B,mBAAmB,EAAE,YAAY,CAAC,gBAAgB,CAAC;QACnD,gBAAgB;KACjB,CAAC,CAAC;IACH,MAAM,SAAS,CAAC,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC,CAAC;IAEhD,kCAAkC;IAClC,MAAM,aAAa,GAAG,MAAM,cAAc,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC;IAClE,MAAM,WAAW,GAAG,qBAAqB,CAAC,aAAa,CAAC,CAAC;IACzD,IAAI,WAAW,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;QACpC,MAAM,GAAG,GAAG,WAA8B,CAAC;QAC3C,MAAM,IAAI,sBAAsB,CAAC,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,WAAW,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;IAChF,CAAC;IACD,IAAI,WAAW,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;QACpC,MAAM,IAAI,KAAK,CAAC,6CAA6C,WAAW,CAAC,IAAI,GAAG,CAAC,CAAC;IACpF,CAAC;IACD,MAAM,QAAQ,GAAG,WAA8B,CAAC;IAChD,qBAAqB,CACnB,QAA8C,EAC9C,kBAAkB,EAClB,MAAM,CAAC,eAAe,CACvB,CAAC;IAEF,OAAO;QACL,SAAS,EAAE,QAAQ,CAAC,UAAU;QAC9B,UAAU,EAAE,QAAQ,CAAC,WAAW;QAChC,WAAW,EAAE,QAAQ,CAAC,WAAW;QACjC,IAAI;QACJ,wBAAwB,EAAE,IAAI,CAAC,qBAAqB,CAAC,MAAM;QAC3D,4BAA4B,EAAE,IAAI,CAAC,qBAAqB,CAAC,SAAS;QAClE,UAAU,EAAE,QAAQ,CAAC,UAAU;QAC/B,GAAG,CAAC,QAAQ,CAAC,iBAAiB,KAAK,SAAS;YAC1C,CAAC,CAAC,EAAE,gBAAgB,EAAE,QAAQ,CAAC,iBAAiB,EAAE;YAClD,CAAC,CAAC,EAAE,CAAC;KACR,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,YAAY;AAEZ,KAAK,UAAU,cAAc,CAAC,SAAoB,EAAE,QAAgB;IAClE,MAAM,GAAG,GAAG,MAAM,SAAS,CAAC,OAAO,EAAE,CAAC;IACtC,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CAAC,4CAA4C,QAAQ,EAAE,CAAC,CAAC;IAC1E,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,qBAAqB,CAAC,KAAiB;IAC9C,MAAM,IAAI,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC7C,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAqC,CAAC;IACjE,IAAI,GAAG,CAAC,IAAI,KAAK,gBAAgB,EAAE,CAAC;QAClC,MAAM,IAAI,KAAK,CAAC,iDAAiD,GAAG,CAAC,IAAI,IAAI,GAAG,GAAG,CAAC,CAAC;IACvF,CAAC;IACD,IAAI,OAAO,GAAG,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;QACjC,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;IACnD,CAAC;IACD,OAAO,GAAuB,CAAC;AACjC,CAAC;AAED,SAAS,qBAAqB,CAC5B,OAAgC,EAChC,cAAsB,EACtB,eAA2B;IAE3B,MAAM,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;IACvC,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,MAAM,KAAK,EAAE,EAAE,CAAC;QAChD,MAAM,IAAI,KAAK,CAAC,cAAc,cAAc,mBAAmB,CAAC,CAAC;IACnE,CAAC;IACD,0DAA0D;IAC1D,kCAAkC;IAClC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAA4B,CAAC;IAC7E,KAAK,CAAC,cAAc,CAAC,GAAG,EAAE,CAAC;IAC3B,MAAM,SAAS,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC;IAC1C,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,eAAe,CAAC,EAAE,SAAS,CAAC,CAAC;IAClF,MAAM,GAAG,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;IACjC,IAAI,CAAC,aAAa,CAAC,eAAe,EAAE,GAAG,EAAE,YAAY,CAAC,EAAE,CAAC;QACvD,MAAM,IAAI,KAAK,CAAC,cAAc,cAAc,yCAAyC,CAAC,CAAC;IACzF,CAAC;AACH,CAAC;AAED,SAAS,WAAW,CAAC,CAAS;IAC5B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC;IAC9B,UAAU,CAAC,MAAM,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;IACvC,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,SAAS,CAAC,KAAiB;IAClC,+DAA+D;IAC/D,0DAA0D;IAC1D,8DAA8D;IAC9D,6DAA6D;IAC7D,2DAA2D;IAC3D,yBAAyB;IACzB,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;IAC1B,IAAI,CAAC,GAAG,EAAE,CAAC;IACX,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACpC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IACnD,CAAC;IACD,OAAO,CAAC,CAAC;AACX,CAAC;AAED,SAAS,MAAM,CAAC,CAAa,EAAE,CAAa;IAC1C,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC;IAChD,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACd,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC;IACrB,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,YAAY,CAAC,CAAa;IACjC,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;QAClC,OAAO,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAC3C,CAAC;IACD,IAAI,GAAG,GAAG,EAAE,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAClC,GAAG,IAAI,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IACxC,CAAC;IACD,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC;AACnB,CAAC;AAED,SAAS,YAAY,CAAC,CAAS;IAC7B,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;QAClC,OAAO,IAAI,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,CAAC;IAClD,CAAC;IACD,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;IACpB,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACvC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACpC,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;IAC7B,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC"}
|
|
@@ -10,7 +10,7 @@ export { verifyChallengeSolution, firstContactDigest, leadingZeroBits, MaxPoWDif
|
|
|
10
10
|
export { FirstContactBindingHashSize, FirstContactBindingTag, FirstContactFieldSep, FirstContactPrefixRandBytes, computeFirstContactPrefix, decodeFirstContactPrefix, verifyFirstContactBinding, } from "./first_contact.js";
|
|
11
11
|
export { ImplementedSuites, SuitePreferenceOrder, defaultClientCapabilities, defaultServerCapabilities, negotiateCapabilities, } from "./capabilities.js";
|
|
12
12
|
export { ChallengeInvalidError, buildClientRejection, isChallengeInvalid, isResumptionFailed, } from "./abort.js";
|
|
13
|
-
export { type ClientConfig, type ClientSession, HandshakeRejectedError, runClient, } from "./driver.js";
|
|
13
|
+
export { type ClientConfig, type ClientSession, type HandshakeSuite, HandshakeRejectedError, runClient, } from "./driver.js";
|
|
14
14
|
export { type HandshakeClientConfig, type HandshakeClientSession, HandshakeClient, } from "./client_state.js";
|
|
15
15
|
export { type HandshakeServerConfig, type HandshakeServerSession, HandshakeServer, HandshakeServerRejectionError, } from "./server_state.js";
|
|
16
16
|
export { runClientResume, runClientResumeOrFull, } from "./resume_driver.js";
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/handshake/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,EACL,uBAAuB,EACvB,kBAAkB,EAClB,eAAe,EACf,gBAAgB,GACjB,MAAM,UAAU,CAAC;AAClB,OAAO,EACL,2BAA2B,EAC3B,sBAAsB,EACtB,oBAAoB,EACpB,2BAA2B,EAC3B,yBAAyB,EACzB,wBAAwB,EACxB,yBAAyB,GAC1B,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EACL,iBAAiB,EACjB,oBAAoB,EACpB,yBAAyB,EACzB,yBAAyB,EACzB,qBAAqB,GACtB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EACL,qBAAqB,EACrB,oBAAoB,EACpB,kBAAkB,EAClB,kBAAkB,GACnB,MAAM,YAAY,CAAC;AACpB,OAAO,EACL,KAAK,YAAY,EACjB,KAAK,aAAa,EAClB,sBAAsB,EACtB,SAAS,GACV,MAAM,aAAa,CAAC;AACrB,OAAO,EACL,KAAK,qBAAqB,EAC1B,KAAK,sBAAsB,EAC3B,eAAe,GAChB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EACL,KAAK,qBAAqB,EAC1B,KAAK,sBAAsB,EAC3B,eAAe,EACf,6BAA6B,GAC9B,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EACL,eAAe,EACf,qBAAqB,GACtB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EACL,KAAK,WAAW,EAChB,KAAK,iBAAiB,EACtB,KAAK,wBAAwB,EAC7B,KAAK,cAAc,EACnB,KAAK,oBAAoB,EACzB,KAAK,kBAAkB,EACvB,KAAK,iBAAiB,EACtB,KAAK,sBAAsB,EAC3B,KAAK,yBAAyB,EAC9B,KAAK,0BAA0B,EAC/B,KAAK,gBAAgB,EACrB,KAAK,eAAe,EACpB,KAAK,yBAAyB,EAC9B,KAAK,0BAA0B,EAC/B,KAAK,kBAAkB,EACvB,KAAK,gBAAgB,EACrB,KAAK,cAAc,EACnB,KAAK,UAAU,EACf,mBAAmB,EACnB,qBAAqB,EACrB,mBAAmB,EACnB,sBAAsB,EACtB,iBAAiB,EACjB,gBAAgB,GACjB,MAAM,iBAAiB,CAAC;AACzB,OAAO,EACL,KAAK,oBAAoB,EACzB,KAAK,YAAY,EACjB,SAAS,GACV,MAAM,aAAa,CAAC;AACrB,OAAO,EACL,KAAK,yBAAyB,EAC9B,KAAK,kBAAkB,EACvB,KAAK,sBAAsB,EAC3B,cAAc,EACd,oBAAoB,EACpB,iBAAiB,GAClB,MAAM,eAAe,CAAC;AACvB,OAAO,EACL,KAAK,eAAe,EACpB,KAAK,kBAAkB,EACvB,KAAK,iBAAiB,EACtB,KAAK,cAAc,EACnB,KAAK,kBAAkB,EACvB,KAAK,kBAAkB,EACvB,KAAK,YAAY,EACjB,KAAK,cAAc,EACnB,KAAK,WAAW,EAChB,KAAK,MAAM,EACX,KAAK,UAAU,EACf,KAAK,eAAe,EACpB,KAAK,eAAe,EACpB,KAAK,gBAAgB,EACrB,KAAK,mBAAmB,EACxB,eAAe,EACf,gBAAgB,EAChB,aAAa,EACb,YAAY,EACZ,SAAS,EACT,aAAa,EACb,aAAa,GACd,MAAM,eAAe,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/handshake/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,EACL,uBAAuB,EACvB,kBAAkB,EAClB,eAAe,EACf,gBAAgB,GACjB,MAAM,UAAU,CAAC;AAClB,OAAO,EACL,2BAA2B,EAC3B,sBAAsB,EACtB,oBAAoB,EACpB,2BAA2B,EAC3B,yBAAyB,EACzB,wBAAwB,EACxB,yBAAyB,GAC1B,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EACL,iBAAiB,EACjB,oBAAoB,EACpB,yBAAyB,EACzB,yBAAyB,EACzB,qBAAqB,GACtB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EACL,qBAAqB,EACrB,oBAAoB,EACpB,kBAAkB,EAClB,kBAAkB,GACnB,MAAM,YAAY,CAAC;AACpB,OAAO,EACL,KAAK,YAAY,EACjB,KAAK,aAAa,EAClB,KAAK,cAAc,EACnB,sBAAsB,EACtB,SAAS,GACV,MAAM,aAAa,CAAC;AACrB,OAAO,EACL,KAAK,qBAAqB,EAC1B,KAAK,sBAAsB,EAC3B,eAAe,GAChB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EACL,KAAK,qBAAqB,EAC1B,KAAK,sBAAsB,EAC3B,eAAe,EACf,6BAA6B,GAC9B,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EACL,eAAe,EACf,qBAAqB,GACtB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EACL,KAAK,WAAW,EAChB,KAAK,iBAAiB,EACtB,KAAK,wBAAwB,EAC7B,KAAK,cAAc,EACnB,KAAK,oBAAoB,EACzB,KAAK,kBAAkB,EACvB,KAAK,iBAAiB,EACtB,KAAK,sBAAsB,EAC3B,KAAK,yBAAyB,EAC9B,KAAK,0BAA0B,EAC/B,KAAK,gBAAgB,EACrB,KAAK,eAAe,EACpB,KAAK,yBAAyB,EAC9B,KAAK,0BAA0B,EAC/B,KAAK,kBAAkB,EACvB,KAAK,gBAAgB,EACrB,KAAK,cAAc,EACnB,KAAK,UAAU,EACf,mBAAmB,EACnB,qBAAqB,EACrB,mBAAmB,EACnB,sBAAsB,EACtB,iBAAiB,EACjB,gBAAgB,GACjB,MAAM,iBAAiB,CAAC;AACzB,OAAO,EACL,KAAK,oBAAoB,EACzB,KAAK,YAAY,EACjB,SAAS,GACV,MAAM,aAAa,CAAC;AACrB,OAAO,EACL,KAAK,yBAAyB,EAC9B,KAAK,kBAAkB,EACvB,KAAK,sBAAsB,EAC3B,cAAc,EACd,oBAAoB,EACpB,iBAAiB,GAClB,MAAM,eAAe,CAAC;AACvB,OAAO,EACL,KAAK,eAAe,EACpB,KAAK,kBAAkB,EACvB,KAAK,iBAAiB,EACtB,KAAK,cAAc,EACnB,KAAK,kBAAkB,EACvB,KAAK,kBAAkB,EACvB,KAAK,YAAY,EACjB,KAAK,cAAc,EACnB,KAAK,WAAW,EAChB,KAAK,MAAM,EACX,KAAK,UAAU,EACf,KAAK,eAAe,EACpB,KAAK,eAAe,EACpB,KAAK,gBAAgB,EACrB,KAAK,mBAAmB,EACxB,eAAe,EACf,gBAAgB,EAChB,aAAa,EACb,YAAY,EACZ,SAAS,EACT,aAAa,EACb,aAAa,GACd,MAAM,eAAe,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/handshake/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,EACL,uBAAuB,EACvB,kBAAkB,EAClB,eAAe,EACf,gBAAgB,GACjB,MAAM,UAAU,CAAC;AAClB,OAAO,EACL,2BAA2B,EAC3B,sBAAsB,EACtB,oBAAoB,EACpB,2BAA2B,EAC3B,yBAAyB,EACzB,wBAAwB,EACxB,yBAAyB,GAC1B,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EACL,iBAAiB,EACjB,oBAAoB,EACpB,yBAAyB,EACzB,yBAAyB,EACzB,qBAAqB,GACtB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EACL,qBAAqB,EACrB,oBAAoB,EACpB,kBAAkB,EAClB,kBAAkB,GACnB,MAAM,YAAY,CAAC;AACpB,OAAO,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/handshake/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,EACL,uBAAuB,EACvB,kBAAkB,EAClB,eAAe,EACf,gBAAgB,GACjB,MAAM,UAAU,CAAC;AAClB,OAAO,EACL,2BAA2B,EAC3B,sBAAsB,EACtB,oBAAoB,EACpB,2BAA2B,EAC3B,yBAAyB,EACzB,wBAAwB,EACxB,yBAAyB,GAC1B,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EACL,iBAAiB,EACjB,oBAAoB,EACpB,yBAAyB,EACzB,yBAAyB,EACzB,qBAAqB,GACtB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EACL,qBAAqB,EACrB,oBAAoB,EACpB,kBAAkB,EAClB,kBAAkB,GACnB,MAAM,YAAY,CAAC;AACpB,OAAO,EAIL,sBAAsB,EACtB,SAAS,GACV,MAAM,aAAa,CAAC;AACrB,OAAO,EAGL,eAAe,GAChB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EAGL,eAAe,EACf,6BAA6B,GAC9B,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EACL,eAAe,EACf,qBAAqB,GACtB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAmBL,mBAAmB,EACnB,qBAAqB,EACrB,mBAAmB,EACnB,sBAAsB,EACtB,iBAAiB,EACjB,gBAAgB,GACjB,MAAM,iBAAiB,CAAC;AACzB,OAAO,EAGL,SAAS,GACV,MAAM,aAAa,CAAC;AACrB,OAAO,EAIL,cAAc,EACd,oBAAoB,EACpB,iBAAiB,GAClB,MAAM,eAAe,CAAC;AACvB,OAAO,EAgBL,eAAe,EACf,gBAAgB,EAChB,aAAa,EACb,YAAY,EACZ,SAAS,EACT,aAAa,EACb,aAAa,GACd,MAAM,eAAe,CAAC"}
|
|
@@ -33,6 +33,7 @@
|
|
|
33
33
|
import { type SessionKeys } from "../crypto/index.js";
|
|
34
34
|
import { Session } from "../session/index.js";
|
|
35
35
|
import type { Transport } from "../transport/index.js";
|
|
36
|
+
import type { HandshakeSuite } from "./driver.js";
|
|
36
37
|
import { type ResumptionTicket } from "./messages.js";
|
|
37
38
|
/** Result the identity-proof hook returns. */
|
|
38
39
|
export interface IdentityProofVerdict {
|
|
@@ -56,7 +57,7 @@ export interface ServerConfig {
|
|
|
56
57
|
* Suites this server accepts, in preference order. The server
|
|
57
58
|
* picks the first one that's also in the client's offered set.
|
|
58
59
|
*/
|
|
59
|
-
supportedSuites: ReadonlyArray<
|
|
60
|
+
supportedSuites: ReadonlyArray<HandshakeSuite>;
|
|
60
61
|
/**
|
|
61
62
|
* Per-session identity-proof signature. The driver embeds this
|
|
62
63
|
* into RESPONSE.server_identity_proof. Production servers compute
|
|
@@ -78,11 +79,35 @@ export interface ServerConfig {
|
|
|
78
79
|
* CONFIRM. If omitted, the v1 driver accepts any non-empty
|
|
79
80
|
* proof (and an empty proof, since the v1 client driver leaves
|
|
80
81
|
* it empty).
|
|
82
|
+
*
|
|
83
|
+
* The `block` field is the AEAD-decrypted identity-proof block
|
|
84
|
+
* when the proof bytes successfully unwrapped under K_enc_c2s.
|
|
85
|
+
* It is undefined when the wrapped proof is empty or when AEAD
|
|
86
|
+
* open failed (in which case the driver has already rejected
|
|
87
|
+
* with `auth_failed` before invoking this callback). Consumers
|
|
88
|
+
* that already needed to decrypt the proof can read `block`
|
|
89
|
+
* instead of re-running {@link openIdentityProof}.
|
|
81
90
|
*/
|
|
82
91
|
verifyIdentityProof?: (input: {
|
|
83
92
|
identityProofB64: string;
|
|
84
93
|
sessionKeys: SessionKeys;
|
|
94
|
+
block?: import("./identity.js").IdentityProofBlock;
|
|
85
95
|
}) => IdentityProofVerdict;
|
|
96
|
+
/**
|
|
97
|
+
* Optional lookup of the public key for a client's long-term
|
|
98
|
+
* identity key. When supplied, the driver verifies the
|
|
99
|
+
* inner identity_signature inside the decrypted identity-proof
|
|
100
|
+
* block over `SEMP-IDENTITY: || session_id || confirmation_hash`
|
|
101
|
+
* and rejects with `auth_failed` on signature failure.
|
|
102
|
+
*
|
|
103
|
+
* When omitted, the inner signature is not checked. Callers
|
|
104
|
+
* that want to enforce identity binding without supplying this
|
|
105
|
+
* lookup can do so themselves inside
|
|
106
|
+
* {@link verifyIdentityProof}.
|
|
107
|
+
*
|
|
108
|
+
* Throw to reject the handshake with the `auth_failed` reason.
|
|
109
|
+
*/
|
|
110
|
+
lookupClientIdentityKey?: (clientIdentity: string, clientLongTermKeyId: string) => Uint8Array;
|
|
86
111
|
/**
|
|
87
112
|
* Permissions to grant on ACCEPTED. v1 driver does no
|
|
88
113
|
* authorization; the caller decides.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../src/handshake/server.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AAGH,OAAO,EACL,KAAK,WAAW,
|
|
1
|
+
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../src/handshake/server.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AAGH,OAAO,EACL,KAAK,WAAW,EAMjB,MAAM,oBAAoB,CAAC;AAI5B,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAC9C,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAGvD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAMlD,OAAO,EAKL,KAAK,gBAAgB,EAKtB,MAAM,eAAe,CAAC;AAEvB,8CAA8C;AAC9C,MAAM,WAAW,oBAAoB;IACnC,uCAAuC;IACvC,EAAE,EAAE,OAAO,CAAC;IACZ;;;OAGG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,yDAAyD;IACzD,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,wDAAwD;AACxD,MAAM,WAAW,YAAY;IAC3B,uEAAuE;IACvE,uBAAuB,EAAE,UAAU,CAAC;IACpC,uEAAuE;IACvE,MAAM,EAAE,MAAM,CAAC;IACf;;;OAGG;IACH,eAAe,EAAE,aAAa,CAAC,cAAc,CAAC,CAAC;IAC/C;;;;;;OAMG;IACH,sBAAsB,EAAE,CAAC,KAAK,EAAE;QAC9B,kBAAkB,EAAE;YAAE,SAAS,EAAE,MAAM,CAAC;YAAC,GAAG,EAAE,MAAM,CAAC;YAAC,MAAM,EAAE,MAAM,CAAA;SAAE,CAAC;QACvE,WAAW,EAAE,MAAM,CAAC;QACpB,WAAW,EAAE,MAAM,CAAC;KACrB,KAAK,MAAM,CAAC;IACb;;;;;;;;;;;;;OAaG;IACH,mBAAmB,CAAC,EAAE,CAAC,KAAK,EAAE;QAC5B,gBAAgB,EAAE,MAAM,CAAC;QACzB,WAAW,EAAE,WAAW,CAAC;QACzB,KAAK,CAAC,EAAE,OAAO,eAAe,EAAE,kBAAkB,CAAC;KACpD,KAAK,oBAAoB,CAAC;IAC3B;;;;;;;;;;;;;OAaG;IACH,uBAAuB,CAAC,EAAE,CACxB,cAAc,EAAE,MAAM,EACtB,mBAAmB,EAAE,MAAM,KACxB,UAAU,CAAC;IAChB;;;OAGG;IACH,WAAW,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;IACnC,8BAA8B;IAC9B,UAAU,EAAE,MAAM,CAAC;IACnB,qEAAqE;IACrE,gBAAgB,CAAC,EAAE,CAAC,WAAW,EAAE,WAAW,KAAK,gBAAgB,CAAC;IAClE,+DAA+D;IAC/D,iBAAiB,EAAE,MAAM,MAAM,CAAC;IAChC,mEAAmE;IACnE,mBAAmB,CAAC,EAAE,UAAU,CAAC;IACjC,6CAA6C;IAC7C,WAAW,CAAC,EAAE,UAAU,CAAC;IACzB,mDAAmD;IACnD,kBAAkB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CAC9C;AAED;;;;;;GAMG;AACH,wBAAsB,SAAS,CAC7B,SAAS,EAAE,SAAS,EACpB,MAAM,EAAE,YAAY,GACnB,OAAO,CAAC,OAAO,CAAC,CAWlB"}
|
package/dist/handshake/server.js
CHANGED
|
@@ -31,10 +31,12 @@
|
|
|
31
31
|
* @module
|
|
32
32
|
*/
|
|
33
33
|
import { marshal as canonicalMarshal } from "../canonical/index.js";
|
|
34
|
-
import { deriveSessionKeysWithResumption, newHKDFSHA512, x25519Agree, x25519PublicKey, } from "../crypto/index.js";
|
|
35
|
-
import { fingerprint, publicKeyFromSeed } from "../keys/index.js";
|
|
34
|
+
import { deriveSessionKeysWithResumption, hybridEncapsulate, newHKDFSHA512, x25519Agree, x25519PublicKey, } from "../crypto/index.js";
|
|
35
|
+
import { fingerprint, publicKeyFromSeed, verify as ed25519Verify } from "../keys/index.js";
|
|
36
|
+
import { sha256 } from "@noble/hashes/sha2.js";
|
|
36
37
|
import { Session } from "../session/index.js";
|
|
37
38
|
import { confirmationHash } from "./confirm.js";
|
|
39
|
+
import { IdentityPrefix, openIdentityProof, } from "./identity.js";
|
|
38
40
|
import { buildAccepted, buildRejected, buildResponse, } from "./messages.js";
|
|
39
41
|
/**
|
|
40
42
|
* Drive a handshake from the server side over `transport`. Resolves
|
|
@@ -72,15 +74,33 @@ async function runServerInner(transport, config) {
|
|
|
72
74
|
await sendRejected(transport, sessionId, "version_unsupported", config.serverDomainSigningSeed);
|
|
73
75
|
throw new Error("handshake: no mutually supported suite");
|
|
74
76
|
}
|
|
75
|
-
// Step 3: ephemeral + nonce + session_id.
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
//
|
|
77
|
+
// Step 3: ephemeral + nonce + session_id. The wire form of
|
|
78
|
+
// server_ephemeral_key depends on the suite: a 32-byte X25519
|
|
79
|
+
// pub for baseline, a 1120-byte hybrid KEM ciphertext
|
|
80
|
+
// (kyberCt || responderX25519Pub) for PQ. The server holds no
|
|
81
|
+
// ephemeral private key on the PQ path because Encapsulate
|
|
82
|
+
// produces the shared secret directly.
|
|
83
|
+
const isPQ = negotiated === "pq-kyber768-x25519";
|
|
81
84
|
const clientEphPub = base64Decode(init.client_ephemeral_key.key);
|
|
82
85
|
const clientNonce = base64Decode(init.nonce);
|
|
83
|
-
const
|
|
86
|
+
const serverNonce = config.serverNonce ?? randomBytes(32);
|
|
87
|
+
let serverEphPub;
|
|
88
|
+
let sharedSecret;
|
|
89
|
+
if (isPQ) {
|
|
90
|
+
const enc = hybridEncapsulate(clientEphPub);
|
|
91
|
+
serverEphPub = enc.ciphertext;
|
|
92
|
+
sharedSecret = enc.sharedSecret;
|
|
93
|
+
}
|
|
94
|
+
else {
|
|
95
|
+
const serverEphPriv = config.serverEphemeralPriv ?? randomBytes(32);
|
|
96
|
+
serverEphPub = x25519PublicKey(serverEphPriv);
|
|
97
|
+
sharedSecret = x25519Agree(serverEphPriv, clientEphPub);
|
|
98
|
+
serverEphPriv.fill(0);
|
|
99
|
+
}
|
|
100
|
+
const serverEphKeyId = isPQ
|
|
101
|
+
? hexSha256(serverEphPub)
|
|
102
|
+
: fingerprint(serverEphPub);
|
|
103
|
+
// Step 4: derive session keys.
|
|
84
104
|
const kdf = newHKDFSHA512();
|
|
85
105
|
const keys = deriveSessionKeysWithResumption(kdf, sharedSecret, clientNonce, serverNonce);
|
|
86
106
|
// Step 5: signed RESPONSE.
|
|
@@ -128,11 +148,47 @@ async function runServerInner(transport, config) {
|
|
|
128
148
|
await sendRejected(transport, sessionId, "handshake_invalid", config.serverDomainSigningSeed);
|
|
129
149
|
throw new Error("handshake: confirmation hash mismatch");
|
|
130
150
|
}
|
|
131
|
-
// Step 7:
|
|
151
|
+
// Step 7: identity proof. Decrypt the AEAD-protected block when it
|
|
152
|
+
// is non-empty and surface it to the verifier; verify the inner
|
|
153
|
+
// identity_signature against `lookupClientIdentityKey` when
|
|
154
|
+
// supplied. The driver rejects with `auth_failed` on AEAD open
|
|
155
|
+
// failure, on a missing identity key, or on signature failure.
|
|
156
|
+
let identityBlock;
|
|
157
|
+
if (confirm.identity_proof !== "") {
|
|
158
|
+
try {
|
|
159
|
+
identityBlock = openIdentityProof({
|
|
160
|
+
identityProofB64: confirm.identity_proof,
|
|
161
|
+
encC2S: keys.encC2S,
|
|
162
|
+
sessionId,
|
|
163
|
+
});
|
|
164
|
+
}
|
|
165
|
+
catch (err) {
|
|
166
|
+
await sendRejected(transport, sessionId, "auth_failed", config.serverDomainSigningSeed, err instanceof Error ? err.message : String(err));
|
|
167
|
+
throw new Error(`handshake: identity_proof open failed (${err instanceof Error ? err.message : String(err)})`);
|
|
168
|
+
}
|
|
169
|
+
if (config.lookupClientIdentityKey !== undefined) {
|
|
170
|
+
let clientPub;
|
|
171
|
+
try {
|
|
172
|
+
clientPub = config.lookupClientIdentityKey(identityBlock.client_identity, identityBlock.client_long_term_key_id);
|
|
173
|
+
}
|
|
174
|
+
catch (err) {
|
|
175
|
+
await sendRejected(transport, sessionId, "auth_failed", config.serverDomainSigningSeed, err instanceof Error ? err.message : String(err));
|
|
176
|
+
throw new Error(`handshake: identity key lookup failed (${err instanceof Error ? err.message : String(err)})`);
|
|
177
|
+
}
|
|
178
|
+
const sessionIdBytes = new TextEncoder().encode(sessionId);
|
|
179
|
+
const signed = concat(new TextEncoder().encode(IdentityPrefix), concat(sessionIdBytes, wantHash));
|
|
180
|
+
const sig = base64Decode(identityBlock.identity_signature);
|
|
181
|
+
if (!ed25519Verify(clientPub, sig, signed)) {
|
|
182
|
+
await sendRejected(transport, sessionId, "auth_failed", config.serverDomainSigningSeed, "identity_signature did not verify");
|
|
183
|
+
throw new Error("handshake: identity_signature did not verify");
|
|
184
|
+
}
|
|
185
|
+
}
|
|
186
|
+
}
|
|
132
187
|
if (config.verifyIdentityProof !== undefined) {
|
|
133
188
|
const verdict = config.verifyIdentityProof({
|
|
134
189
|
identityProofB64: confirm.identity_proof,
|
|
135
190
|
sessionKeys: keys,
|
|
191
|
+
...(identityBlock !== undefined ? { block: identityBlock } : {}),
|
|
136
192
|
});
|
|
137
193
|
if (!verdict.ok) {
|
|
138
194
|
await sendRejected(transport, sessionId, verdict.reasonCode ?? "auth_failed", config.serverDomainSigningSeed, verdict.reason);
|
|
@@ -223,6 +279,25 @@ function randomBytes(n) {
|
|
|
223
279
|
globalThis.crypto.getRandomValues(out);
|
|
224
280
|
return out;
|
|
225
281
|
}
|
|
282
|
+
function concat(a, b) {
|
|
283
|
+
const out = new Uint8Array(a.length + b.length);
|
|
284
|
+
out.set(a, 0);
|
|
285
|
+
out.set(b, a.length);
|
|
286
|
+
return out;
|
|
287
|
+
}
|
|
288
|
+
function hexSha256(bytes) {
|
|
289
|
+
// Hybrid ephemeral pubs / KEM ciphertexts are larger than the
|
|
290
|
+
// 32-byte input `keys.fingerprint` accepts, so this opaque
|
|
291
|
+
// SHA-256-of-the-wire-bytes is what we surface as the
|
|
292
|
+
// ephemeral key_id field for the PQ suite. The handshake uses
|
|
293
|
+
// ephemeral key_ids as opaque correlation tags only.
|
|
294
|
+
const sum = sha256(bytes);
|
|
295
|
+
let s = "";
|
|
296
|
+
for (let i = 0; i < sum.length; i++) {
|
|
297
|
+
s += (sum[i] ?? 0).toString(16).padStart(2, "0");
|
|
298
|
+
}
|
|
299
|
+
return s;
|
|
300
|
+
}
|
|
226
301
|
function base64Encode(b) {
|
|
227
302
|
if (typeof Buffer !== "undefined") {
|
|
228
303
|
return Buffer.from(b).toString("base64");
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"server.js","sourceRoot":"","sources":["../../src/handshake/server.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AAEH,OAAO,EAAE,OAAO,IAAI,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AACpE,OAAO,EAEL,+BAA+B,EAC/B,aAAa,EACb,WAAW,EACX,eAAe,GAChB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAAE,WAAW,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAClE,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAG9C,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,EAOL,aAAa,EACb,aAAa,EACb,aAAa,GACd,MAAM,eAAe,CAAC;AAmEvB;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS,CAC7B,SAAoB,EACpB,MAAoB;IAEpB,IAAI,CAAC;QACH,OAAO,MAAM,cAAc,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;IACjD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,CAAC;YACH,MAAM,SAAS,CAAC,KAAK,EAAE,CAAC;QAC1B,CAAC;QAAC,MAAM,CAAC;YACP,iBAAiB;QACnB,CAAC;QACD,MAAM,GAAG,CAAC;IACZ,CAAC;AACH,CAAC;AAED,KAAK,UAAU,cAAc,CAC3B,SAAoB,EACpB,MAAoB;IAEpB,wBAAwB;IACxB,MAAM,SAAS,GAAG,MAAM,cAAc,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;IAC1D,MAAM,OAAO,GAAG,qBAAqB,CAAC,SAAS,CAAC,CAAC;IACjD,IAAI,OAAO,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;QAC5B,MAAM,IAAI,KAAK,CAAC,yCAAyC,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC;IAC5E,CAAC;IACD,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAgB,CAAC;IAE5E,qBAAqB;IACrB,MAAM,UAAU,GAAG,SAAS,CAAC,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,MAAM,CAAC,eAAe,CAAC,CAAC;IAC9F,MAAM,SAAS,GAAG,MAAM,CAAC,iBAAiB,EAAE,CAAC;IAC7C,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;QAC7B,MAAM,YAAY,CAAC,SAAS,EAAE,SAAS,EAAE,qBAAqB,EAAE,MAAM,CAAC,uBAAuB,CAAC,CAAC;QAChG,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;IAC5D,CAAC;IAED,0CAA0C;IAC1C,MAAM,aAAa,GAAG,MAAM,CAAC,mBAAmB,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;IACpE,MAAM,YAAY,GAAG,eAAe,CAAC,aAAa,CAAC,CAAC;IACpD,MAAM,cAAc,GAAG,WAAW,CAAC,YAAY,CAAC,CAAC;IACjD,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;IAE1D,+BAA+B;IAC/B,MAAM,YAAY,GAAG,YAAY,CAAC,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,CAAC;IACjE,MAAM,WAAW,GAAG,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC7C,MAAM,YAAY,GAAG,WAAW,CAAC,aAAa,EAAE,YAAY,CAAC,CAAC;IAC9D,MAAM,GAAG,GAAG,aAAa,EAAE,CAAC;IAC5B,MAAM,IAAI,GAAG,+BAA+B,CAC1C,GAAG,EACH,YAAY,EACZ,WAAW,EACX,WAAW,CACZ,CAAC;IAEF,2BAA2B;IAC3B,MAAM,mBAAmB,GAAwB;QAC/C,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,MAAM,EAAE,WAAW,CAAC,iBAAiB,CAAC,MAAM,CAAC,uBAAuB,CAAC,CAAC;QACtE,SAAS,EAAE,MAAM,CAAC,sBAAsB,CAAC;YACvC,kBAAkB,EAAE;gBAClB,SAAS,EAAE,UAAU;gBACrB,GAAG,EAAE,YAAY,CAAC,YAAY,CAAC;gBAC/B,MAAM,EAAE,cAAc;aACvB;YACD,WAAW,EAAE,IAAI,CAAC,KAAK;YACvB,WAAW,EAAE,YAAY,CAAC,WAAW,CAAC;SACvC,CAAC;KACH,CAAC;IACF,MAAM,IAAI,GAAoB,aAAa,CAAC;QAC1C,SAAS;QACT,WAAW,EAAE,IAAI,CAAC,KAAK;QACvB,WAAW,EAAE,YAAY,CAAC,WAAW,CAAC;QACtC,kBAAkB,EAAE;YAClB,SAAS,EAAE,UAAU;YACrB,GAAG,EAAE,YAAY,CAAC,YAAY,CAAC;YAC/B,MAAM,EAAE,cAAc;SACvB;QACD,mBAAmB;QACnB,UAAU,EAAE;YACV,oBAAoB,EAAE,UAAU;YAChC,UAAU,EAAE,EAAE;SACf;QACD,uBAAuB,EAAE,MAAM,CAAC,uBAAuB;KACxD,CAAC,CAAC;IACH,MAAM,SAAS,CAAC,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC;IAE7C,mBAAmB;IACnB,MAAM,YAAY,GAAG,MAAM,cAAc,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;IAChE,MAAM,UAAU,GAAG,qBAAqB,CAAC,YAAY,CAAC,CAAC;IACvD,IAAI,UAAU,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;QAClC,MAAM,IAAI,KAAK,CAAC,4CAA4C,UAAU,CAAC,IAAI,GAAG,CAAC,CAAC;IAClF,CAAC;IACD,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,CAAmB,CAAC;IAErF,4BAA4B;IAC5B,MAAM,QAAQ,GAAG,gBAAgB,CAAC,SAAS,EAAE,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC;IACrE,MAAM,OAAO,GAAG,YAAY,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC;IACxD,IAAI,CAAC,iBAAiB,CAAC,OAAO,EAAE,QAAQ,CAAC,EAAE,CAAC;QAC1C,MAAM,YAAY,CAAC,SAAS,EAAE,SAAS,EAAE,mBAAmB,EAAE,MAAM,CAAC,uBAAuB,CAAC,CAAC;QAC9F,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;IAC3D,CAAC;IAED,gDAAgD;IAChD,IAAI,MAAM,CAAC,mBAAmB,KAAK,SAAS,EAAE,CAAC;QAC7C,MAAM,OAAO,GAAG,MAAM,CAAC,mBAAmB,CAAC;YACzC,gBAAgB,EAAE,OAAO,CAAC,cAAc;YACxC,WAAW,EAAE,IAAI;SAClB,CAAC,CAAC;QACH,IAAI,CAAC,OAAO,CAAC,EAAE,EAAE,CAAC;YAChB,MAAM,YAAY,CAChB,SAAS,EACT,SAAS,EACT,OAAO,CAAC,UAAU,IAAI,aAAa,EACnC,MAAM,CAAC,uBAAuB,EAC9B,OAAO,CAAC,MAAM,CACf,CAAC;YACF,MAAM,IAAI,KAAK,CACb,uCAAuC,OAAO,CAAC,UAAU,IAAI,aAAa,GAAG,CAC9E,CAAC;QACJ,CAAC;IACH,CAAC;IAED,2BAA2B;IAC3B,MAAM,MAAM,GAAG,MAAM,CAAC,gBAAgB,EAAE,CAAC,IAAI,CAAC,CAAC;IAC/C,MAAM,QAAQ,GAAoB,aAAa,CAAC;QAC9C,SAAS;QACT,UAAU,EAAE,MAAM,CAAC,UAAU;QAC7B,WAAW,EAAE,CAAC,GAAG,MAAM,CAAC,WAAW,CAAC;QACpC,uBAAuB,EAAE,MAAM,CAAC,uBAAuB;QACvD,GAAG,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,gBAAgB,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC7D,GAAG,CAAC,MAAM,CAAC,kBAAkB,KAAK,SAAS;YACzC,CAAC,CAAC,EAAE,UAAU,EAAE,MAAM,CAAC,kBAAkB,EAAE;YAC3C,CAAC,CAAC,EAAE,CAAC;KACR,CAAC,CAAC;IACH,MAAM,SAAS,CAAC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC,CAAC;IAEjD,OAAO,IAAI,OAAO,CAAC;QACjB,IAAI,EAAE,QAAQ;QACd,SAAS;QACT,UAAU,EAAE,MAAM,CAAC,UAAU;QAC7B,aAAa,EAAE,IAAI,IAAI,EAAE;QACzB,WAAW,EAAE,CAAC,GAAG,MAAM,CAAC,WAAW,CAAC;QACpC,IAAI;QACJ,SAAS;QACT,GAAG,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,gBAAgB,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC7D,wBAAwB,EAAE,mBAAmB,CAAC,MAAM;QACpD,4BAA4B,EAAE,mBAAmB,CAAC,SAAS;QAC3D,UAAU,EAAE,MAAM,CAAC,kBAAkB,IAAI,EAAE;KAC5C,CAAC,CAAC;AACL,CAAC;AAED,8EAA8E;AAC9E,YAAY;AAEZ,SAAS,SAAS,CAChB,YAAsB,EACtB,cAAyD;IAEzD,KAAK,MAAM,CAAC,IAAI,cAAc,EAAE,CAAC;QAC/B,IAAI,YAAY,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC;YAC7B,OAAO,CAAC,CAAC;QACX,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,KAAK,UAAU,YAAY,CACzB,SAAoB,EACpB,SAAiB,EACjB,UAAkB,EAClB,uBAAmC,EACnC,MAAe;IAEf,MAAM,CAAC,GAAG,aAAa,CAAC;QACtB,SAAS;QACT,UAAU;QACV,uBAAuB;QACvB,GAAG,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAC5C,CAAC,CAAC;IACH,IAAI,CAAC;QACH,MAAM,SAAS,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,CAAC;IAC5C,CAAC;IAAC,MAAM,CAAC;QACP,8CAA8C;IAChD,CAAC;AACH,CAAC;AAED,KAAK,UAAU,cAAc,CAAC,SAAoB,EAAE,QAAgB;IAClE,MAAM,GAAG,GAAG,MAAM,SAAS,CAAC,OAAO,EAAE,CAAC;IACtC,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CAAC,4CAA4C,QAAQ,EAAE,CAAC,CAAC;IAC1E,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,qBAAqB,CAAC,KAAiB;IAC9C,MAAM,IAAI,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC7C,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAqC,CAAC;IACjE,IAAI,GAAG,CAAC,IAAI,KAAK,gBAAgB,EAAE,CAAC;QAClC,MAAM,IAAI,KAAK,CAAC,iDAAiD,GAAG,CAAC,IAAI,IAAI,GAAG,GAAG,CAAC,CAAC;IACvF,CAAC;IACD,IAAI,OAAO,GAAG,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;QACjC,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;IACnD,CAAC;IACD,OAAO,GAAuB,CAAC;AACjC,CAAC;AAED,SAAS,iBAAiB,CAAC,CAAa,EAAE,CAAa;IACrD,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM,EAAE,CAAC;QAC1B,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,IAAI,GAAG,CAAC,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAClC,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IACpC,CAAC;IACD,OAAO,IAAI,KAAK,CAAC,CAAC;AACpB,CAAC;AAED,SAAS,WAAW,CAAC,CAAS;IAC5B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC;IAC9B,UAAU,CAAC,MAAM,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;IACvC,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,YAAY,CAAC,CAAa;IACjC,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;QAClC,OAAO,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAC3C,CAAC;IACD,IAAI,GAAG,GAAG,EAAE,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAClC,GAAG,IAAI,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IACxC,CAAC;IACD,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC;AACnB,CAAC;AAED,SAAS,YAAY,CAAC,CAAS;IAC7B,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;QAClC,OAAO,IAAI,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,CAAC;IAClD,CAAC;IACD,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;IACpB,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACvC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACpC,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;IAC7B,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC"}
|
|
1
|
+
{"version":3,"file":"server.js","sourceRoot":"","sources":["../../src/handshake/server.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AAEH,OAAO,EAAE,OAAO,IAAI,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AACpE,OAAO,EAEL,+BAA+B,EAC/B,iBAAiB,EACjB,aAAa,EACb,WAAW,EACX,eAAe,GAChB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAAE,WAAW,EAAE,iBAAiB,EAAE,MAAM,IAAI,aAAa,EAAE,MAAM,kBAAkB,CAAC;AAE3F,OAAO,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAC;AAC/C,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAG9C,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAEhD,OAAO,EAEL,cAAc,EACd,iBAAiB,GAClB,MAAM,eAAe,CAAC;AACvB,OAAO,EAOL,aAAa,EACb,aAAa,EACb,aAAa,GACd,MAAM,eAAe,CAAC;AA8FvB;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS,CAC7B,SAAoB,EACpB,MAAoB;IAEpB,IAAI,CAAC;QACH,OAAO,MAAM,cAAc,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;IACjD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,CAAC;YACH,MAAM,SAAS,CAAC,KAAK,EAAE,CAAC;QAC1B,CAAC;QAAC,MAAM,CAAC;YACP,iBAAiB;QACnB,CAAC;QACD,MAAM,GAAG,CAAC;IACZ,CAAC;AACH,CAAC;AAED,KAAK,UAAU,cAAc,CAC3B,SAAoB,EACpB,MAAoB;IAEpB,wBAAwB;IACxB,MAAM,SAAS,GAAG,MAAM,cAAc,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;IAC1D,MAAM,OAAO,GAAG,qBAAqB,CAAC,SAAS,CAAC,CAAC;IACjD,IAAI,OAAO,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;QAC5B,MAAM,IAAI,KAAK,CAAC,yCAAyC,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC;IAC5E,CAAC;IACD,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAgB,CAAC;IAE5E,qBAAqB;IACrB,MAAM,UAAU,GAAG,SAAS,CAAC,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,MAAM,CAAC,eAAe,CAAC,CAAC;IAC9F,MAAM,SAAS,GAAG,MAAM,CAAC,iBAAiB,EAAE,CAAC;IAC7C,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;QAC7B,MAAM,YAAY,CAAC,SAAS,EAAE,SAAS,EAAE,qBAAqB,EAAE,MAAM,CAAC,uBAAuB,CAAC,CAAC;QAChG,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;IAC5D,CAAC;IAED,2DAA2D;IAC3D,8DAA8D;IAC9D,sDAAsD;IACtD,8DAA8D;IAC9D,2DAA2D;IAC3D,uCAAuC;IACvC,MAAM,IAAI,GAAG,UAAU,KAAK,oBAAoB,CAAC;IACjD,MAAM,YAAY,GAAG,YAAY,CAAC,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,CAAC;IACjE,MAAM,WAAW,GAAG,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC7C,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;IAC1D,IAAI,YAAwB,CAAC;IAC7B,IAAI,YAAwB,CAAC;IAC7B,IAAI,IAAI,EAAE,CAAC;QACT,MAAM,GAAG,GAAG,iBAAiB,CAAC,YAAY,CAAC,CAAC;QAC5C,YAAY,GAAG,GAAG,CAAC,UAAU,CAAC;QAC9B,YAAY,GAAG,GAAG,CAAC,YAAY,CAAC;IAClC,CAAC;SAAM,CAAC;QACN,MAAM,aAAa,GAAG,MAAM,CAAC,mBAAmB,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;QACpE,YAAY,GAAG,eAAe,CAAC,aAAa,CAAC,CAAC;QAC9C,YAAY,GAAG,WAAW,CAAC,aAAa,EAAE,YAAY,CAAC,CAAC;QACxD,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACxB,CAAC;IACD,MAAM,cAAc,GAAG,IAAI;QACzB,CAAC,CAAC,SAAS,CAAC,YAAY,CAAC;QACzB,CAAC,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;IAE9B,+BAA+B;IAC/B,MAAM,GAAG,GAAG,aAAa,EAAE,CAAC;IAC5B,MAAM,IAAI,GAAG,+BAA+B,CAC1C,GAAG,EACH,YAAY,EACZ,WAAW,EACX,WAAW,CACZ,CAAC;IAEF,2BAA2B;IAC3B,MAAM,mBAAmB,GAAwB;QAC/C,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,MAAM,EAAE,WAAW,CAAC,iBAAiB,CAAC,MAAM,CAAC,uBAAuB,CAAC,CAAC;QACtE,SAAS,EAAE,MAAM,CAAC,sBAAsB,CAAC;YACvC,kBAAkB,EAAE;gBAClB,SAAS,EAAE,UAAU;gBACrB,GAAG,EAAE,YAAY,CAAC,YAAY,CAAC;gBAC/B,MAAM,EAAE,cAAc;aACvB;YACD,WAAW,EAAE,IAAI,CAAC,KAAK;YACvB,WAAW,EAAE,YAAY,CAAC,WAAW,CAAC;SACvC,CAAC;KACH,CAAC;IACF,MAAM,IAAI,GAAoB,aAAa,CAAC;QAC1C,SAAS;QACT,WAAW,EAAE,IAAI,CAAC,KAAK;QACvB,WAAW,EAAE,YAAY,CAAC,WAAW,CAAC;QACtC,kBAAkB,EAAE;YAClB,SAAS,EAAE,UAAU;YACrB,GAAG,EAAE,YAAY,CAAC,YAAY,CAAC;YAC/B,MAAM,EAAE,cAAc;SACvB;QACD,mBAAmB;QACnB,UAAU,EAAE;YACV,oBAAoB,EAAE,UAAU;YAChC,UAAU,EAAE,EAAE;SACf;QACD,uBAAuB,EAAE,MAAM,CAAC,uBAAuB;KACxD,CAAC,CAAC;IACH,MAAM,SAAS,CAAC,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC;IAE7C,mBAAmB;IACnB,MAAM,YAAY,GAAG,MAAM,cAAc,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;IAChE,MAAM,UAAU,GAAG,qBAAqB,CAAC,YAAY,CAAC,CAAC;IACvD,IAAI,UAAU,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;QAClC,MAAM,IAAI,KAAK,CAAC,4CAA4C,UAAU,CAAC,IAAI,GAAG,CAAC,CAAC;IAClF,CAAC;IACD,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,CAAmB,CAAC;IAErF,4BAA4B;IAC5B,MAAM,QAAQ,GAAG,gBAAgB,CAAC,SAAS,EAAE,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC;IACrE,MAAM,OAAO,GAAG,YAAY,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC;IACxD,IAAI,CAAC,iBAAiB,CAAC,OAAO,EAAE,QAAQ,CAAC,EAAE,CAAC;QAC1C,MAAM,YAAY,CAAC,SAAS,EAAE,SAAS,EAAE,mBAAmB,EAAE,MAAM,CAAC,uBAAuB,CAAC,CAAC;QAC9F,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;IAC3D,CAAC;IAED,mEAAmE;IACnE,gEAAgE;IAChE,4DAA4D;IAC5D,+DAA+D;IAC/D,+DAA+D;IAC/D,IAAI,aAA6C,CAAC;IAClD,IAAI,OAAO,CAAC,cAAc,KAAK,EAAE,EAAE,CAAC;QAClC,IAAI,CAAC;YACH,aAAa,GAAG,iBAAiB,CAAC;gBAChC,gBAAgB,EAAE,OAAO,CAAC,cAAc;gBACxC,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,SAAS;aACV,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,YAAY,CAChB,SAAS,EACT,SAAS,EACT,aAAa,EACb,MAAM,CAAC,uBAAuB,EAC9B,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CACjD,CAAC;YACF,MAAM,IAAI,KAAK,CACb,0CAA0C,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAC9F,CAAC;QACJ,CAAC;QACD,IAAI,MAAM,CAAC,uBAAuB,KAAK,SAAS,EAAE,CAAC;YACjD,IAAI,SAAqB,CAAC;YAC1B,IAAI,CAAC;gBACH,SAAS,GAAG,MAAM,CAAC,uBAAuB,CACxC,aAAa,CAAC,eAAe,EAC7B,aAAa,CAAC,uBAAuB,CACtC,CAAC;YACJ,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,YAAY,CAChB,SAAS,EACT,SAAS,EACT,aAAa,EACb,MAAM,CAAC,uBAAuB,EAC9B,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CACjD,CAAC;gBACF,MAAM,IAAI,KAAK,CACb,0CAA0C,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAC9F,CAAC;YACJ,CAAC;YACD,MAAM,cAAc,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;YAC3D,MAAM,MAAM,GAAG,MAAM,CACnB,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,cAAc,CAAC,EACxC,MAAM,CAAC,cAAc,EAAE,QAAQ,CAAC,CACjC,CAAC;YACF,MAAM,GAAG,GAAG,YAAY,CAAC,aAAa,CAAC,kBAAkB,CAAC,CAAC;YAC3D,IAAI,CAAC,aAAa,CAAC,SAAS,EAAE,GAAG,EAAE,MAAM,CAAC,EAAE,CAAC;gBAC3C,MAAM,YAAY,CAChB,SAAS,EACT,SAAS,EACT,aAAa,EACb,MAAM,CAAC,uBAAuB,EAC9B,mCAAmC,CACpC,CAAC;gBACF,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;YAClE,CAAC;QACH,CAAC;IACH,CAAC;IACD,IAAI,MAAM,CAAC,mBAAmB,KAAK,SAAS,EAAE,CAAC;QAC7C,MAAM,OAAO,GAAG,MAAM,CAAC,mBAAmB,CAAC;YACzC,gBAAgB,EAAE,OAAO,CAAC,cAAc;YACxC,WAAW,EAAE,IAAI;YACjB,GAAG,CAAC,aAAa,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,aAAa,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACjE,CAAC,CAAC;QACH,IAAI,CAAC,OAAO,CAAC,EAAE,EAAE,CAAC;YAChB,MAAM,YAAY,CAChB,SAAS,EACT,SAAS,EACT,OAAO,CAAC,UAAU,IAAI,aAAa,EACnC,MAAM,CAAC,uBAAuB,EAC9B,OAAO,CAAC,MAAM,CACf,CAAC;YACF,MAAM,IAAI,KAAK,CACb,uCAAuC,OAAO,CAAC,UAAU,IAAI,aAAa,GAAG,CAC9E,CAAC;QACJ,CAAC;IACH,CAAC;IAED,2BAA2B;IAC3B,MAAM,MAAM,GAAG,MAAM,CAAC,gBAAgB,EAAE,CAAC,IAAI,CAAC,CAAC;IAC/C,MAAM,QAAQ,GAAoB,aAAa,CAAC;QAC9C,SAAS;QACT,UAAU,EAAE,MAAM,CAAC,UAAU;QAC7B,WAAW,EAAE,CAAC,GAAG,MAAM,CAAC,WAAW,CAAC;QACpC,uBAAuB,EAAE,MAAM,CAAC,uBAAuB;QACvD,GAAG,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,gBAAgB,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC7D,GAAG,CAAC,MAAM,CAAC,kBAAkB,KAAK,SAAS;YACzC,CAAC,CAAC,EAAE,UAAU,EAAE,MAAM,CAAC,kBAAkB,EAAE;YAC3C,CAAC,CAAC,EAAE,CAAC;KACR,CAAC,CAAC;IACH,MAAM,SAAS,CAAC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC,CAAC;IAEjD,OAAO,IAAI,OAAO,CAAC;QACjB,IAAI,EAAE,QAAQ;QACd,SAAS;QACT,UAAU,EAAE,MAAM,CAAC,UAAU;QAC7B,aAAa,EAAE,IAAI,IAAI,EAAE;QACzB,WAAW,EAAE,CAAC,GAAG,MAAM,CAAC,WAAW,CAAC;QACpC,IAAI;QACJ,SAAS;QACT,GAAG,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,gBAAgB,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC7D,wBAAwB,EAAE,mBAAmB,CAAC,MAAM;QACpD,4BAA4B,EAAE,mBAAmB,CAAC,SAAS;QAC3D,UAAU,EAAE,MAAM,CAAC,kBAAkB,IAAI,EAAE;KAC5C,CAAC,CAAC;AACL,CAAC;AAED,8EAA8E;AAC9E,YAAY;AAEZ,SAAS,SAAS,CAChB,YAAsB,EACtB,cAA6C;IAE7C,KAAK,MAAM,CAAC,IAAI,cAAc,EAAE,CAAC;QAC/B,IAAI,YAAY,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC;YAC7B,OAAO,CAAC,CAAC;QACX,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,KAAK,UAAU,YAAY,CACzB,SAAoB,EACpB,SAAiB,EACjB,UAAkB,EAClB,uBAAmC,EACnC,MAAe;IAEf,MAAM,CAAC,GAAG,aAAa,CAAC;QACtB,SAAS;QACT,UAAU;QACV,uBAAuB;QACvB,GAAG,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAC5C,CAAC,CAAC;IACH,IAAI,CAAC;QACH,MAAM,SAAS,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,CAAC;IAC5C,CAAC;IAAC,MAAM,CAAC;QACP,8CAA8C;IAChD,CAAC;AACH,CAAC;AAED,KAAK,UAAU,cAAc,CAAC,SAAoB,EAAE,QAAgB;IAClE,MAAM,GAAG,GAAG,MAAM,SAAS,CAAC,OAAO,EAAE,CAAC;IACtC,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CAAC,4CAA4C,QAAQ,EAAE,CAAC,CAAC;IAC1E,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,qBAAqB,CAAC,KAAiB;IAC9C,MAAM,IAAI,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC7C,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAqC,CAAC;IACjE,IAAI,GAAG,CAAC,IAAI,KAAK,gBAAgB,EAAE,CAAC;QAClC,MAAM,IAAI,KAAK,CAAC,iDAAiD,GAAG,CAAC,IAAI,IAAI,GAAG,GAAG,CAAC,CAAC;IACvF,CAAC;IACD,IAAI,OAAO,GAAG,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;QACjC,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;IACnD,CAAC;IACD,OAAO,GAAuB,CAAC;AACjC,CAAC;AAED,SAAS,iBAAiB,CAAC,CAAa,EAAE,CAAa;IACrD,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM,EAAE,CAAC;QAC1B,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,IAAI,GAAG,CAAC,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAClC,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IACpC,CAAC;IACD,OAAO,IAAI,KAAK,CAAC,CAAC;AACpB,CAAC;AAED,SAAS,WAAW,CAAC,CAAS;IAC5B,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC;IAC9B,UAAU,CAAC,MAAM,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;IACvC,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,MAAM,CAAC,CAAa,EAAE,CAAa;IAC1C,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC;IAChD,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACd,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC;IACrB,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,SAAS,CAAC,KAAiB;IAClC,8DAA8D;IAC9D,2DAA2D;IAC3D,sDAAsD;IACtD,8DAA8D;IAC9D,qDAAqD;IACrD,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;IAC1B,IAAI,CAAC,GAAG,EAAE,CAAC;IACX,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACpC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IACnD,CAAC;IACD,OAAO,CAAC,CAAC;AACX,CAAC;AAED,SAAS,YAAY,CAAC,CAAa;IACjC,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;QAClC,OAAO,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAC3C,CAAC;IACD,IAAI,GAAG,GAAG,EAAE,CAAC;IACb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAClC,GAAG,IAAI,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IACxC,CAAC;IACD,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC;AACnB,CAAC;AAED,SAAS,YAAY,CAAC,CAAS;IAC7B,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;QAClC,OAAO,IAAI,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,CAAC;IAClD,CAAC;IACD,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;IACpB,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACvC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACpC,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;IAC7B,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC"}
|
|
@@ -47,6 +47,19 @@ export interface HandshakeServerSession {
|
|
|
47
47
|
serverIdentityProofSignature: string;
|
|
48
48
|
extensions: Record<string, unknown>;
|
|
49
49
|
resumptionTicket?: ResumptionTicket;
|
|
50
|
+
/**
|
|
51
|
+
* Authenticated client identity (`user@domain`) extracted from
|
|
52
|
+
* the decrypted identity_proof block. Empty string when the
|
|
53
|
+
* client sent an empty identity_proof (compatible with v1
|
|
54
|
+
* tests that skip identity binding).
|
|
55
|
+
*/
|
|
56
|
+
clientIdentity: string;
|
|
57
|
+
/**
|
|
58
|
+
* Fingerprint of the client's long-term identity key as
|
|
59
|
+
* declared in the decrypted identity_proof block. Empty
|
|
60
|
+
* string when the proof was empty.
|
|
61
|
+
*/
|
|
62
|
+
clientLongTermKeyId: string;
|
|
50
63
|
}
|
|
51
64
|
/**
|
|
52
65
|
* Error thrown when a built-in policy check rejects the peer
|
|
@@ -77,6 +90,8 @@ export declare class HandshakeServer {
|
|
|
77
90
|
private sessionKeys;
|
|
78
91
|
private serverIdProof;
|
|
79
92
|
private finalSession;
|
|
93
|
+
private clientIdentityValue;
|
|
94
|
+
private clientLongTermKeyIdValue;
|
|
80
95
|
constructor(cfg: HandshakeServerConfig);
|
|
81
96
|
/**
|
|
82
97
|
* Process the client's INIT and produce signed RESPONSE bytes per
|
|
@@ -95,6 +110,20 @@ export declare class HandshakeServer {
|
|
|
95
110
|
onConfirm(data: Uint8Array): Uint8Array;
|
|
96
111
|
/** Final session, populated by {@link onConfirm}. */
|
|
97
112
|
session(): HandshakeServerSession;
|
|
113
|
+
/**
|
|
114
|
+
* Authenticated client identity (e.g. `"alice@example.com"`)
|
|
115
|
+
* extracted from the decrypted identity_proof block. Returns
|
|
116
|
+
* the empty string before {@link onConfirm} completes
|
|
117
|
+
* successfully or when the client sent an empty identity_proof.
|
|
118
|
+
*/
|
|
119
|
+
clientIdentity(): string;
|
|
120
|
+
/**
|
|
121
|
+
* Fingerprint of the client's long-term identity key as
|
|
122
|
+
* declared in the decrypted identity_proof block. Returns the
|
|
123
|
+
* empty string before {@link onConfirm} completes successfully
|
|
124
|
+
* or when the client sent an empty identity_proof.
|
|
125
|
+
*/
|
|
126
|
+
clientLongTermKeyId(): string;
|
|
98
127
|
/** Wipe in-memory secret state. Idempotent. */
|
|
99
128
|
erase(): void;
|
|
100
129
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"server_state.d.ts","sourceRoot":"","sources":["../../src/handshake/server_state.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AAGH,OAAO,EACL,KAAK,WAAW,
|
|
1
|
+
{"version":3,"file":"server_state.d.ts","sourceRoot":"","sources":["../../src/handshake/server_state.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AAGH,OAAO,EACL,KAAK,WAAW,EAMjB,MAAM,oBAAoB,CAAC;AAY5B,OAAO,EAKL,KAAK,gBAAgB,EAKtB,MAAM,eAAe,CAAC;AACvB,OAAO,KAAK,EAAE,oBAAoB,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAEtE;;;;;GAKG;AACH,MAAM,MAAM,qBAAqB,GAAG,YAAY,CAAC;AAEjD,qDAAqD;AACrD,MAAM,WAAW,sBAAsB;IACrC,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,IAAI,EAAE,WAAW,CAAC;IAClB,wBAAwB,EAAE,MAAM,CAAC;IACjC,4BAA4B,EAAE,MAAM,CAAC;IACrC,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACpC,gBAAgB,CAAC,EAAE,gBAAgB,CAAC;IACpC;;;;;OAKG;IACH,cAAc,EAAE,MAAM,CAAC;IACvB;;;;OAIG;IACH,mBAAmB,EAAE,MAAM,CAAC;CAC7B;AAED;;;;;;GAMG;AACH,qBAAa,6BAA8B,SAAQ,KAAK;aAGpC,UAAU,EAAE,MAAM;aAClB,MAAM,EAAE,MAAM,GAAG,SAAS;aAC1B,aAAa,EAAE,UAAU;IAJ3C,SAAkB,IAAI,mCAAmC;gBAEvC,UAAU,EAAE,MAAM,EAClB,MAAM,EAAE,MAAM,GAAG,SAAS,EAC1B,aAAa,EAAE,UAAU;CAM5C;AAED;;;;GAIG;AACH,qBAAa,eAAe;IAC1B,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAwB;IAE5C,OAAO,CAAC,SAAS,CAAM;IACvB,OAAO,CAAC,aAAa,CAA2B;IAChD,OAAO,CAAC,WAAW,CAA2B;IAC9C,OAAO,CAAC,aAAa,CAA2B;IAChD,OAAO,CAAC,aAAa,CAA2B;IAChD,OAAO,CAAC,WAAW,CAA4B;IAC/C,OAAO,CAAC,aAAa,CAAoC;IACzD,OAAO,CAAC,YAAY,CAAuC;IAK3D,OAAO,CAAC,mBAAmB,CAAuB;IAClD,OAAO,CAAC,wBAAwB,CAAuB;gBAE3C,GAAG,EAAE,qBAAqB;IAatC;;;;;;OAMG;IACH,MAAM,CAAC,IAAI,EAAE,UAAU,GAAG,UAAU;IAmGpC;;;;;OAKG;IACH,SAAS,CAAC,IAAI,EAAE,UAAU,GAAG,UAAU;IAgJvC,qDAAqD;IACrD,OAAO,IAAI,sBAAsB;IASjC;;;;;OAKG;IACH,cAAc,IAAI,MAAM;IAIxB;;;;;OAKG;IACH,mBAAmB,IAAI,MAAM;IAI7B,+CAA+C;IAC/C,KAAK,IAAI,IAAI;CAOd;AA0FD,YAAY,EAAE,oBAAoB,EAAE,CAAC"}
|