@tidecloak/js 0.11.5 → 0.12.15
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +3 -3
- package/dist/cjs/modules/tide-js/Clients/EnclaveToMobileTunnelClient.js +55 -0
- package/dist/cjs/modules/tide-js/Clients/EnclaveToMobileTunnelClient.js.map +1 -0
- package/dist/cjs/modules/tide-js/Clients/NodeClient.js +72 -31
- package/dist/cjs/modules/tide-js/Clients/NodeClient.js.map +1 -1
- package/dist/cjs/modules/tide-js/Clients/WebSocketClientBase.js +51 -0
- package/dist/cjs/modules/tide-js/Clients/WebSocketClientBase.js.map +1 -0
- package/dist/cjs/modules/tide-js/Cryptide/Components/Schemes/Ed25519/Ed25519Components.js +3 -3
- package/dist/cjs/modules/tide-js/Cryptide/Components/Schemes/Ed25519/Ed25519Components.js.map +1 -1
- package/dist/cjs/modules/tide-js/Cryptide/Components/Schemes/Ed25519/Ed25519Scheme.js +21 -0
- package/dist/cjs/modules/tide-js/Cryptide/Components/Schemes/Ed25519/Ed25519Scheme.js.map +1 -1
- package/dist/cjs/modules/tide-js/Cryptide/Encryption/ElGamal.js +12 -0
- package/dist/cjs/modules/tide-js/Cryptide/Encryption/ElGamal.js.map +1 -1
- package/dist/cjs/modules/tide-js/Cryptide/Serialization.js +2 -0
- package/dist/cjs/modules/tide-js/Cryptide/Serialization.js.map +1 -1
- package/dist/cjs/modules/tide-js/Cryptide/TideKey.js +8 -0
- package/dist/cjs/modules/tide-js/Cryptide/TideKey.js.map +1 -1
- package/dist/cjs/modules/tide-js/Flow/AuthenticationFlows/dCMKPasswordFlow.js +7 -11
- package/dist/cjs/modules/tide-js/Flow/AuthenticationFlows/dCMKPasswordFlow.js.map +1 -1
- package/dist/cjs/modules/tide-js/Flow/AuthenticationFlows/dMobileAuthenticationFlow.js +199 -0
- package/dist/cjs/modules/tide-js/Flow/AuthenticationFlows/dMobileAuthenticationFlow.js.map +1 -0
- package/dist/cjs/modules/tide-js/Flow/SigningFlows/dVVKSigningFlow.js +7 -6
- package/dist/cjs/modules/tide-js/Flow/SigningFlows/dVVKSigningFlow.js.map +1 -1
- package/dist/cjs/modules/tide-js/Flow/SigningFlows/dVVKSigningFlow2Step.js +134 -0
- package/dist/cjs/modules/tide-js/Flow/SigningFlows/dVVKSigningFlow2Step.js.map +1 -0
- package/dist/cjs/modules/tide-js/Flow/dKeyGenerationFlow.js +4 -24
- package/dist/cjs/modules/tide-js/Flow/dKeyGenerationFlow.js.map +1 -1
- package/dist/cjs/modules/tide-js/Math/KeyAuthentication.js +95 -0
- package/dist/cjs/modules/tide-js/Math/KeyAuthentication.js.map +1 -1
- package/dist/cjs/modules/tide-js/Models/BaseTideRequest.js +21 -0
- package/dist/cjs/modules/tide-js/Models/BaseTideRequest.js.map +1 -1
- package/dist/cjs/modules/tide-js/Models/ModelRegistry.js +50 -1
- package/dist/cjs/modules/tide-js/Models/ModelRegistry.js.map +1 -1
- package/dist/cjs/modules/tide-js/Models/Responses/KeyAuth/Convert/DecryptedDeviceConvertResponse.js +45 -0
- package/dist/cjs/modules/tide-js/Models/Responses/KeyAuth/Convert/DecryptedDeviceConvertResponse.js.map +1 -0
- package/dist/cjs/modules/tide-js/Models/Responses/KeyAuth/Convert/DeviceConvertResponse.js +36 -0
- package/dist/cjs/modules/tide-js/Models/Responses/KeyAuth/Convert/DeviceConvertResponse.js.map +1 -0
- package/dist/cjs/modules/tide-js/Tests/KeyAuthentication.js +160 -3
- package/dist/cjs/modules/tide-js/Tests/KeyAuthentication.js.map +1 -1
- package/dist/cjs/modules/tide-js/Tests/KeyGeneration.js +3 -1
- package/dist/cjs/modules/tide-js/Tests/KeyGeneration.js.map +1 -1
- package/dist/cjs/modules/tide-js/Tests/StripeLicensing.js +2 -2
- package/dist/cjs/modules/tide-js/Tests/Tunelling.js +63 -0
- package/dist/cjs/modules/tide-js/Tests/Tunelling.js.map +1 -0
- package/dist/cjs/modules/tide-js/Tests/index.js +8 -1
- package/dist/cjs/modules/tide-js/Tests/index.js.map +1 -1
- package/dist/cjs/modules/tide-js/Tools/Utils.js +3 -1
- package/dist/cjs/modules/tide-js/Tools/Utils.js.map +1 -1
- package/dist/cjs/src/IAMService.js +7 -7
- package/dist/cjs/src/IAMService.js.map +1 -1
- package/dist/esm/modules/tide-js/Clients/EnclaveToMobileTunnelClient.js +49 -0
- package/dist/esm/modules/tide-js/Clients/EnclaveToMobileTunnelClient.js.map +1 -0
- package/dist/esm/modules/tide-js/Clients/NodeClient.js +72 -31
- package/dist/esm/modules/tide-js/Clients/NodeClient.js.map +1 -1
- package/dist/esm/modules/tide-js/Clients/WebSocketClientBase.js +48 -0
- package/dist/esm/modules/tide-js/Clients/WebSocketClientBase.js.map +1 -0
- package/dist/esm/modules/tide-js/Cryptide/Components/Schemes/Ed25519/Ed25519Components.js +3 -3
- package/dist/esm/modules/tide-js/Cryptide/Components/Schemes/Ed25519/Ed25519Components.js.map +1 -1
- package/dist/esm/modules/tide-js/Cryptide/Components/Schemes/Ed25519/Ed25519Scheme.js +21 -0
- package/dist/esm/modules/tide-js/Cryptide/Components/Schemes/Ed25519/Ed25519Scheme.js.map +1 -1
- package/dist/esm/modules/tide-js/Cryptide/Encryption/ElGamal.js +12 -0
- package/dist/esm/modules/tide-js/Cryptide/Encryption/ElGamal.js.map +1 -1
- package/dist/esm/modules/tide-js/Cryptide/Serialization.js +2 -0
- package/dist/esm/modules/tide-js/Cryptide/Serialization.js.map +1 -1
- package/dist/esm/modules/tide-js/Cryptide/TideKey.js +8 -0
- package/dist/esm/modules/tide-js/Cryptide/TideKey.js.map +1 -1
- package/dist/esm/modules/tide-js/Flow/AuthenticationFlows/dCMKPasswordFlow.js +7 -11
- package/dist/esm/modules/tide-js/Flow/AuthenticationFlows/dCMKPasswordFlow.js.map +1 -1
- package/dist/esm/modules/tide-js/Flow/AuthenticationFlows/dMobileAuthenticationFlow.js +193 -0
- package/dist/esm/modules/tide-js/Flow/AuthenticationFlows/dMobileAuthenticationFlow.js.map +1 -0
- package/dist/esm/modules/tide-js/Flow/SigningFlows/dVVKSigningFlow.js +7 -6
- package/dist/esm/modules/tide-js/Flow/SigningFlows/dVVKSigningFlow.js.map +1 -1
- package/dist/esm/modules/tide-js/Flow/SigningFlows/dVVKSigningFlow2Step.js +128 -0
- package/dist/esm/modules/tide-js/Flow/SigningFlows/dVVKSigningFlow2Step.js.map +1 -0
- package/dist/esm/modules/tide-js/Flow/dKeyGenerationFlow.js +4 -24
- package/dist/esm/modules/tide-js/Flow/dKeyGenerationFlow.js.map +1 -1
- package/dist/esm/modules/tide-js/Math/KeyAuthentication.js +93 -1
- package/dist/esm/modules/tide-js/Math/KeyAuthentication.js.map +1 -1
- package/dist/esm/modules/tide-js/Models/BaseTideRequest.js +21 -0
- package/dist/esm/modules/tide-js/Models/BaseTideRequest.js.map +1 -1
- package/dist/esm/modules/tide-js/Models/ModelRegistry.js +51 -2
- package/dist/esm/modules/tide-js/Models/ModelRegistry.js.map +1 -1
- package/dist/esm/modules/tide-js/Models/Responses/KeyAuth/Convert/DecryptedDeviceConvertResponse.js +39 -0
- package/dist/esm/modules/tide-js/Models/Responses/KeyAuth/Convert/DecryptedDeviceConvertResponse.js.map +1 -0
- package/dist/esm/modules/tide-js/Models/Responses/KeyAuth/Convert/DeviceConvertResponse.js +33 -0
- package/dist/esm/modules/tide-js/Models/Responses/KeyAuth/Convert/DeviceConvertResponse.js.map +1 -0
- package/dist/esm/modules/tide-js/Tests/KeyAuthentication.js +158 -5
- package/dist/esm/modules/tide-js/Tests/KeyAuthentication.js.map +1 -1
- package/dist/esm/modules/tide-js/Tests/KeyGeneration.js +4 -2
- package/dist/esm/modules/tide-js/Tests/KeyGeneration.js.map +1 -1
- package/dist/esm/modules/tide-js/Tests/StripeLicensing.js +2 -2
- package/dist/esm/modules/tide-js/Tests/Tunelling.js +56 -0
- package/dist/esm/modules/tide-js/Tests/Tunelling.js.map +1 -0
- package/dist/esm/modules/tide-js/Tests/index.js +9 -2
- package/dist/esm/modules/tide-js/Tests/index.js.map +1 -1
- package/dist/esm/modules/tide-js/Tools/Utils.js +3 -1
- package/dist/esm/modules/tide-js/Tools/Utils.js.map +1 -1
- package/dist/esm/src/IAMService.js +7 -7
- package/dist/esm/src/IAMService.js.map +1 -1
- package/dist/types/modules/tide-js/Clients/EnclaveToMobileTunnelClient.d.ts +19 -0
- package/dist/types/modules/tide-js/Clients/NodeClient.d.ts +36 -12
- package/dist/types/modules/tide-js/Clients/WebSocketClientBase.d.ts +12 -0
- package/dist/types/modules/tide-js/Cryptide/Components/Schemes/Ed25519/Ed25519Components.d.ts +3 -3
- package/dist/types/modules/tide-js/Cryptide/Components/Schemes/Ed25519/Ed25519Scheme.d.ts +2 -0
- package/dist/types/modules/tide-js/Cryptide/Encryption/DH.d.ts +1 -1
- package/dist/types/modules/tide-js/Cryptide/Encryption/ElGamal.d.ts +5 -0
- package/dist/types/modules/tide-js/Cryptide/Serialization.d.ts +3 -3
- package/dist/types/modules/tide-js/Cryptide/Signing/TideSignature.d.ts +1 -1
- package/dist/types/modules/tide-js/Cryptide/TideKey.d.ts +2 -0
- package/dist/types/modules/tide-js/Flow/AuthenticationFlows/dCMKPasswordFlow.d.ts +3 -4
- package/dist/types/modules/tide-js/Flow/AuthenticationFlows/dMobileAuthenticationFlow.d.ts +39 -0
- package/dist/types/modules/tide-js/Flow/SigningFlows/dTestVVkSigningFlow.d.ts +2 -2
- package/dist/types/modules/tide-js/Flow/SigningFlows/dVVKSigningFlow2Step.d.ts +69 -0
- package/dist/types/modules/tide-js/Flow/dKeyGenerationFlow.d.ts +3 -19
- package/dist/types/modules/tide-js/Math/KeyAuthentication.d.ts +49 -0
- package/dist/types/modules/tide-js/Math/KeySigning.d.ts +1 -1
- package/dist/types/modules/tide-js/Models/AdminAuthorization.d.ts +1 -1
- package/dist/types/modules/tide-js/Models/AuthRequest.d.ts +1 -1
- package/dist/types/modules/tide-js/Models/BaseTideRequest.d.ts +10 -1
- package/dist/types/modules/tide-js/Models/Responses/KeyAuth/Convert/DecryptedDeviceConvertResponse.d.ts +15 -0
- package/dist/types/modules/tide-js/Models/Responses/KeyAuth/Convert/DeviceConvertResponse.d.ts +11 -0
- package/dist/types/modules/tide-js/Tests/KeyAuthentication.d.ts +4 -0
- package/dist/types/modules/tide-js/Tests/Tunelling.d.ts +2 -0
- package/dist/types/modules/tide-js/Tests/index.d.ts +12 -0
- package/dist/types/src/IAMService.d.ts +4 -4
- package/package.json +2 -2
|
@@ -0,0 +1,193 @@
|
|
|
1
|
+
import { dKeyGenerationFlow, NodeClient, SimClient } from "../../index.js";
|
|
2
|
+
import WebSocketClientBase from "../../Clients/WebSocketClientBase.js";
|
|
3
|
+
import { DH } from "../../Cryptide/index.js";
|
|
4
|
+
import { Ed25519PrivateComponent, Ed25519PublicComponent } from "../../Cryptide/Components/Schemes/Ed25519/Ed25519Components.js";
|
|
5
|
+
import Ed25519Scheme from "../../Cryptide/Components/Schemes/Ed25519/Ed25519Scheme.js";
|
|
6
|
+
import HashToPoint from "../../Cryptide/Hashing/H2P.js";
|
|
7
|
+
import { base64ToBase64Url, base64ToBytes, BigIntFromByteArray, BigIntToByteArray, bytesToBase64, CreateTideMemoryFromArray, GetUID, GetValue, StringFromUint8Array, StringToUint8Array } from "../../Cryptide/Serialization.js";
|
|
8
|
+
import TideKey from "../../Cryptide/TideKey.js";
|
|
9
|
+
import { AuthenticateBasicReply, AuthenticateDeviceReply, CmkConvertReply, DeviceConvertReply, DevicePrismConvertReply, PrismConvertReply } from "../../Math/KeyAuthentication.js";
|
|
10
|
+
import BaseTideRequest from "../../Models/BaseTideRequest.js";
|
|
11
|
+
import KeyInfo from "../../Models/Infos/KeyInfo.js";
|
|
12
|
+
import PrismConvertResponse from "../../Models/Responses/KeyAuth/Convert/PrismConvertResponse.js";
|
|
13
|
+
import dVVKSigningFlow2Step from "../SigningFlows/dVVKSigningFlow2Step.js";
|
|
14
|
+
import { Max, sortORKs } from "../../Tools/Utils.js";
|
|
15
|
+
export default class dMobileAuthenticationFlow {
|
|
16
|
+
constructor(scannedQrCodeAddress) {
|
|
17
|
+
this.webSocketClient = new WebSocketClientBase(scannedQrCodeAddress);
|
|
18
|
+
this.requestInfo = this.webSocketClient.waitForMessage("requested info");
|
|
19
|
+
this.webSocketClient.sendMessage({
|
|
20
|
+
type: "ready",
|
|
21
|
+
message: ":)"
|
|
22
|
+
}); // no need to await this since we're only curious about awaiting requestInfo
|
|
23
|
+
}
|
|
24
|
+
async configureFlowSettings() {
|
|
25
|
+
let request = await this.requestInfo;
|
|
26
|
+
const requiredProperties = ['appReq', 'appReqSignature', 'sessionKeySignature', 'voucherURL', 'browserPublicKey', 'vendorPublicKey'];
|
|
27
|
+
for (const property of requiredProperties) {
|
|
28
|
+
if (!request[property]) {
|
|
29
|
+
throw new Error(`dMobileAuthenicationFlow: The configuration object is missing the required '${property}' property.`);
|
|
30
|
+
}
|
|
31
|
+
}
|
|
32
|
+
const socketUrl = this.webSocketClient.getSocketUrl(); // or `.socketUrl` if you added a getter
|
|
33
|
+
const u = new URL(socketUrl);
|
|
34
|
+
if (u.protocol === 'wss:')
|
|
35
|
+
u.protocol = 'https:';
|
|
36
|
+
else if (u.protocol === 'ws:')
|
|
37
|
+
u.protocol = 'http:';
|
|
38
|
+
else
|
|
39
|
+
throw new Error('Expected ws:// or wss:// URL');
|
|
40
|
+
this.homeOrkOrigin = u.origin;
|
|
41
|
+
this.appReq = request.appReq;
|
|
42
|
+
this.sigAppReq = request.appReqSignature;
|
|
43
|
+
this.sessKeyProof = request.sessionKeySignature;
|
|
44
|
+
this.browserPublicKey = TideKey.FromSerializedComponent(request.browserPublicKey);
|
|
45
|
+
this.vendorPublicKey = TideKey.FromSerializedComponent(request.vendorPublicKey);
|
|
46
|
+
this.voucherURL = request.voucherURL;
|
|
47
|
+
}
|
|
48
|
+
/**
|
|
49
|
+
* @param {string} username
|
|
50
|
+
*/
|
|
51
|
+
async ensureReady(username) {
|
|
52
|
+
await this.configureFlowSettings();
|
|
53
|
+
// Verify details
|
|
54
|
+
// otherwise, abort
|
|
55
|
+
await this.browserPublicKey.verify(StringToUint8Array(this.appReq), base64ToBytes(this.sigAppReq));
|
|
56
|
+
const appReqParsed = JSON.parse(this.appReq);
|
|
57
|
+
this.enclaveVendorSessionKeyPublic = TideKey.FromSerializedComponent(appReqParsed["vendorSessKeyPub"]);
|
|
58
|
+
this.enclaveNetworkSessionKeyPublic = TideKey.FromSerializedComponent(appReqParsed["networkSessKeyPub"]);
|
|
59
|
+
await this.enclaveVendorSessionKeyPublic.verify(this.browserPublicKey.get_public_component().Serialize().ToBytes(), base64ToBytes(this.sessKeyProof));
|
|
60
|
+
this.sessionId = appReqParsed["sessionId"];
|
|
61
|
+
this.rememberMe = appReqParsed["rememberMe"];
|
|
62
|
+
// BIG NOTE
|
|
63
|
+
// enclaveVendorSessionKey public is the key used to identifiy this enclave to the vendor, and will be used alongside the DOKEN
|
|
64
|
+
// enclaveNetworkSessionKey is the key used to identify this enclave to the Tide Network for quick sign in functionality
|
|
65
|
+
// They should NEVER be the same as to ensure the Tide Network can't correlate CMKs to VVKs
|
|
66
|
+
// Checks if gBRK is familiar (expected to do that (outside this flow) in mobile app)
|
|
67
|
+
// ...
|
|
68
|
+
// Short printable source URL
|
|
69
|
+
this.userId = await GetUID(username);
|
|
70
|
+
this.username = username;
|
|
71
|
+
return {
|
|
72
|
+
browserKeyIdentifier: this.browserPublicKey.get_public_component().Serialize().ToString(),
|
|
73
|
+
vendorReturnURL: appReqParsed['returnURL'],
|
|
74
|
+
userID: this.userId
|
|
75
|
+
};
|
|
76
|
+
}
|
|
77
|
+
/**
|
|
78
|
+
*
|
|
79
|
+
* @param {string} devicePrivateKey
|
|
80
|
+
*/
|
|
81
|
+
async authenticate(devicePrivateKey, testSessionKey = null, testUserInfo = null) {
|
|
82
|
+
if (!this.userId)
|
|
83
|
+
throw 'Make sure you run ensureReady first';
|
|
84
|
+
const deviceSessionKey = testSessionKey ? testSessionKey : TideKey.NewKey(Ed25519Scheme);
|
|
85
|
+
const simClient = new SimClient(this.homeOrkOrigin);
|
|
86
|
+
const userInfo = testUserInfo ? testUserInfo : await simClient.GetKeyInfo(this.userId);
|
|
87
|
+
const userInfoRef = new KeyInfo(userInfo.UserId, userInfo.UserPublic, userInfo.UserM, userInfo.OrkInfo.slice()); // we need the full ork list later for the enclave encrypted data
|
|
88
|
+
const signingFlow = new dVVKSigningFlow2Step(this.userId, userInfo.UserPublic, userInfo.OrkInfo, deviceSessionKey, null, this.voucherURL);
|
|
89
|
+
signingFlow.overrideVoucherAction("signin");
|
|
90
|
+
const draft = CreateTideMemoryFromArray([this.enclaveNetworkSessionKeyPublic.get_public_component().Serialize().ToBytes(), new Uint8Array([this.rememberMe ? 1 : 0])]);
|
|
91
|
+
const request = new BaseTideRequest((testSessionKey ? "Test" : "") + "DeviceAuthentication", "1", "", draft);
|
|
92
|
+
signingFlow.setRequest(request);
|
|
93
|
+
const pre_encRequesti = signingFlow.preSign();
|
|
94
|
+
// Compute appAuthi will awaiting request
|
|
95
|
+
const dvk = TideKey.FromSerializedComponent(devicePrivateKey);
|
|
96
|
+
const encRequesti = await pre_encRequesti;
|
|
97
|
+
const appAuthi = await DH.generateECDHi(sortORKs(userInfo.OrkInfo).map(o => o.orkPublic), dvk.get_private_component().priv); // must be sorted!
|
|
98
|
+
const convertinfo = await DeviceConvertReply(encRequesti, appAuthi.filter((_, i) => signingFlow.preSignState.bitwise[i] == true), // only use the appAuthis for the orks that responded (as shown in bitwise)
|
|
99
|
+
signingFlow.orks.map(o => BigInt(o.orkID)), // use signing flow orks reference since these reference the orks that are part of this request
|
|
100
|
+
userInfo.UserPublic, signingFlow.getVouchers().qPub, signingFlow.getVouchers().UDeObf, signingFlow.getVouchers().k, this.enclaveVendorSessionKeyPublic.get_public_component(), "auth", this.sessionId, signingFlow.preSignState.GRj[0]);
|
|
101
|
+
const toSend = convertinfo.decPrismRequesti.map(d => {
|
|
102
|
+
return CreateTideMemoryFromArray([base64ToBytes(d.PRKRequesti), BigIntToByteArray(convertinfo.blurHCMKMul)]);
|
|
103
|
+
});
|
|
104
|
+
const blindSig = (await signingFlow.sign(toSend)).sigs[0];
|
|
105
|
+
const vendorData = await AuthenticateDeviceReply(convertinfo.VUID, blindSig, convertinfo.gCMKAuth, convertinfo.authToken, convertinfo.r4, convertinfo.gRMul, null // - GVRK hereeee
|
|
106
|
+
);
|
|
107
|
+
// Return enclave encrypted data
|
|
108
|
+
this.enclaveEncryptedData = bytesToBase64(await this.browserPublicKey.asymmetricEncrypt(StringToUint8Array(JSON.stringify({
|
|
109
|
+
prkRequesti: convertinfo.decPrismRequesti.map(d => d.PRKRequesti),
|
|
110
|
+
vendorData: vendorData,
|
|
111
|
+
rememberMe: this.rememberMe,
|
|
112
|
+
enclaveEntry: {
|
|
113
|
+
username: this.username,
|
|
114
|
+
//persona, not really supported yet
|
|
115
|
+
expired: convertinfo.expired,
|
|
116
|
+
userInfo: userInfoRef.toNativeTypeObject(),
|
|
117
|
+
orksBitwise: signingFlow.preSignState.bitwise,
|
|
118
|
+
}
|
|
119
|
+
}))));
|
|
120
|
+
}
|
|
121
|
+
async finish() {
|
|
122
|
+
if (!this.enclaveEncryptedData)
|
|
123
|
+
throw 'Call Authenticate() first';
|
|
124
|
+
const success = this.webSocketClient.waitForMessage("login success");
|
|
125
|
+
await this.webSocketClient.sendMessage({
|
|
126
|
+
type: "mobile completed",
|
|
127
|
+
message: this.enclaveEncryptedData
|
|
128
|
+
});
|
|
129
|
+
await success;
|
|
130
|
+
await this.webSocketClient.close();
|
|
131
|
+
}
|
|
132
|
+
async testAuthenticate(devicePrivateKey, sessionKey, userInfo) {
|
|
133
|
+
await this.authenticate(devicePrivateKey, sessionKey, userInfo);
|
|
134
|
+
await this.finish();
|
|
135
|
+
}
|
|
136
|
+
async createNewAccount(devicePrivateKey, deviceName, email) {
|
|
137
|
+
const sessionKey = TideKey.NewKey(Ed25519Scheme);
|
|
138
|
+
const dvk = TideKey.FromSerializedComponent(devicePrivateKey);
|
|
139
|
+
// Reserver UID, get orks to create account
|
|
140
|
+
const { reservationConfirmation, activeOrks } = await dKeyGenerationFlow.ReserveUID(this.userId, this.voucherURL, sessionKey.get_public_component().public, this.homeOrkOrigin);
|
|
141
|
+
// Create a new tide account
|
|
142
|
+
const userOrks = activeOrks.slice(0, Max);
|
|
143
|
+
const keyGen = new dKeyGenerationFlow(this.userId, null, userOrks, sessionKey.get_private_component().rawBytes, sessionKey.get_public_component().public, "NEW", this.voucherURL, [email]);
|
|
144
|
+
const { gMultiplied, gK } = await keyGen.GenShard(1, [null], reservationConfirmation);
|
|
145
|
+
const keyM = (await keyGen.SetShard(dvk.get_public_component().Serialize().ToString(), "CMKDevice")).M;
|
|
146
|
+
// Test account
|
|
147
|
+
await this.testAuthenticate(devicePrivateKey, sessionKey, new KeyInfo(this.userId, gK, keyM, userOrks));
|
|
148
|
+
await keyGen.Commit();
|
|
149
|
+
}
|
|
150
|
+
async pairNewDevice(devicePrivateKey, password, deviceName, sessKey = null) {
|
|
151
|
+
// This is where we submit the new device key to the orks
|
|
152
|
+
// Also we authenticate using the username, password
|
|
153
|
+
// Later - when its a device allowing another device to pair - we'll need to show a qr code
|
|
154
|
+
if (!this.userId)
|
|
155
|
+
throw 'Make sure you run ensureReady first';
|
|
156
|
+
const dvk = TideKey.FromSerializedComponent(devicePrivateKey);
|
|
157
|
+
const sessionKey = sessKey != null ? sessKey : TideKey.NewKey(Ed25519Scheme);
|
|
158
|
+
const simClient = new SimClient(this.homeOrkOrigin);
|
|
159
|
+
const userInfo = await simClient.GetKeyInfo(this.userId);
|
|
160
|
+
const draft = CreateTideMemoryFromArray([
|
|
161
|
+
dvk.get_public_component().Serialize().ToBytes(),
|
|
162
|
+
await dvk.sign(sessionKey.get_public_component().Serialize().ToBytes())
|
|
163
|
+
]);
|
|
164
|
+
const request = new BaseTideRequest("MigratePasswordToMobile", "1", "", draft);
|
|
165
|
+
const signingFlow = new dVVKSigningFlow2Step(this.userId, userInfo.UserPublic, userInfo.OrkInfo, sessionKey, null, this.voucherURL);
|
|
166
|
+
signingFlow.setRequest(request);
|
|
167
|
+
signingFlow.overrideVoucherAction("updateaccount");
|
|
168
|
+
const gPass = new Ed25519PublicComponent(await HashToPoint(password));
|
|
169
|
+
const r1 = Ed25519PrivateComponent.New();
|
|
170
|
+
const gBlurPass = gPass.MultiplyComponent(r1);
|
|
171
|
+
const prismConvertResponses = (await signingFlow.preSign(gBlurPass.Serialize().ToBytes())).map(r => {
|
|
172
|
+
return new PrismConvertResponse(bytesToBase64(GetValue(r, 0)), TideKey.FromSerializedComponent(GetValue(r, 1)).get_public_component().public); // conversion so we can use PrismConvertReply function
|
|
173
|
+
});
|
|
174
|
+
const convertInfo = await DevicePrismConvertReply(prismConvertResponses, signingFlow.orks.map(o => BigInt(o.orkID)), // use signing flow orks reference since these reference the orks that are part of this request
|
|
175
|
+
signingFlow.orks.map(o => o.orkPublic), // use signing flow orks reference since these reference the orks that are part of this request
|
|
176
|
+
r1.priv);
|
|
177
|
+
const dynDatas = convertInfo.prkRequesti.map(p => {
|
|
178
|
+
return CreateTideMemoryFromArray([
|
|
179
|
+
base64ToBytes(p),
|
|
180
|
+
BigIntToByteArray(convertInfo.timestampi),
|
|
181
|
+
StringToUint8Array(deviceName)
|
|
182
|
+
]);
|
|
183
|
+
});
|
|
184
|
+
const M_signature = (await signingFlow.sign(dynDatas)).sigs[0];
|
|
185
|
+
// Now do test sign in
|
|
186
|
+
await this.testAuthenticate(devicePrivateKey, sessionKey);
|
|
187
|
+
// Now we commit
|
|
188
|
+
// We'll need to construct the requests ourselves since this wasn't made as part of the key gen flow
|
|
189
|
+
const preCommit = signingFlow.orks.map(o => new NodeClient(o.orkURL).Commit(this.userId, BigIntFromByteArray(M_signature.slice(-32)), sessionKey.get_public_component().public));
|
|
190
|
+
await Promise.all(preCommit);
|
|
191
|
+
}
|
|
192
|
+
}
|
|
193
|
+
//# sourceMappingURL=dMobileAuthenticationFlow.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"dMobileAuthenticationFlow.js","sourceRoot":"","sources":["../../../../../../modules/tide-js/Flow/AuthenticationFlows/dMobileAuthenticationFlow.js"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAC3E,OAAO,mBAAmB,MAAM,sCAAsC,CAAC;AACvE,OAAO,EAAE,EAAE,EAAE,MAAM,yBAAyB,CAAC;AAC7C,OAAO,EAAE,uBAAuB,EAAE,sBAAsB,EAAE,MAAM,gEAAgE,CAAC;AACjI,OAAO,aAAa,MAAM,4DAA4D,CAAC;AACvF,OAAO,WAAW,MAAM,+BAA+B,CAAC;AACxD,OAAO,EAAE,iBAAiB,EAAE,aAAa,EAAE,mBAAmB,EAAE,iBAAiB,EAAE,aAAa,EAAE,yBAAyB,EAAE,MAAM,EAAE,QAAQ,EAAE,oBAAoB,EAAE,kBAAkB,EAAE,MAAM,iCAAiC,CAAC;AACjO,OAAO,OAAO,MAAM,2BAA2B,CAAC;AAChD,OAAO,EAAE,sBAAsB,EAAE,uBAAuB,EAAE,eAAe,EAAE,kBAAkB,EAAE,uBAAuB,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAC;AACnL,OAAO,eAAe,MAAM,iCAAiC,CAAC;AAC9D,OAAO,OAAO,MAAM,+BAA+B,CAAC;AACpD,OAAO,oBAAoB,MAAM,gEAAgE,CAAC;AAClG,OAAO,oBAAoB,MAAM,yCAAyC,CAAC;AAC3E,OAAO,EAAE,GAAG,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAC;AAErD,MAAM,CAAC,OAAO,OAAO,yBAAyB;IAE1C,YAAY,oBAAoB;QAC5B,IAAI,CAAC,eAAe,GAAG,IAAI,mBAAmB,CAAC,oBAAoB,CAAC,CAAC;QACrE,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,eAAe,CAAC,cAAc,CAAC,gBAAgB,CAAC,CAAC;QACzE,IAAI,CAAC,eAAe,CAAC,WAAW,CAAC;YAC7B,IAAI,EAAE,OAAO;YACb,OAAO,EAAE,IAAI;SAChB,CAAC,CAAC,CAAC,4EAA4E;IACpF,CAAC;IAED,KAAK,CAAC,qBAAqB;QACvB,IAAI,OAAO,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC;QACrC,MAAM,kBAAkB,GAAG,CAAC,QAAQ,EAAE,iBAAiB,EAAE,qBAAqB,EAAE,YAAY,EAAE,kBAAkB,EAAE,iBAAiB,CAAC,CAAC;QAErI,KAAK,MAAM,QAAQ,IAAI,kBAAkB,EAAE,CAAC;YACxC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACrB,MAAM,IAAI,KAAK,CAAC,+EAA+E,QAAQ,aAAa,CAAC,CAAC;YAC1H,CAAC;QACL,CAAC;QAED,MAAM,SAAS,GAAG,IAAI,CAAC,eAAe,CAAC,YAAY,EAAE,CAAC,CAAC,wCAAwC;QAC/F,MAAM,CAAC,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,CAAC;QAE7B,IAAI,CAAC,CAAC,QAAQ,KAAK,MAAM;YAAE,CAAC,CAAC,QAAQ,GAAG,QAAQ,CAAC;aAC5C,IAAI,CAAC,CAAC,QAAQ,KAAK,KAAK;YAAE,CAAC,CAAC,QAAQ,GAAG,OAAO,CAAC;;YAC/C,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAErD,IAAI,CAAC,aAAa,GAAG,CAAC,CAAC,MAAM,CAAC;QAE9B,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,eAAe,CAAC;QACzC,IAAI,CAAC,YAAY,GAAG,OAAO,CAAC,mBAAmB,CAAC;QAChD,IAAI,CAAC,gBAAgB,GAAG,OAAO,CAAC,uBAAuB,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC;QAClF,IAAI,CAAC,eAAe,GAAG,OAAO,CAAC,uBAAuB,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;QAChF,IAAI,CAAC,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC;IACzC,CAAC;IACD;;OAEG;IACH,KAAK,CAAC,WAAW,CAAC,QAAQ;QACtB,MAAM,IAAI,CAAC,qBAAqB,EAAE,CAAC;QAEnC,iBAAiB;QACjB,mBAAmB;QACnB,MAAM,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAC9B,kBAAkB,CAAC,IAAI,CAAC,MAAM,CAAC,EAC/B,aAAa,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;QAEnC,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC7C,IAAI,CAAC,6BAA6B,GAAG,OAAO,CAAC,uBAAuB,CAAC,YAAY,CAAC,kBAAkB,CAAC,CAAC,CAAC;QAEvG,IAAI,CAAC,8BAA8B,GAAG,OAAO,CAAC,uBAAuB,CAAC,YAAY,CAAC,mBAAmB,CAAC,CAAC,CAAC;QACzG,MAAM,IAAI,CAAC,6BAA6B,CAAC,MAAM,CAC3C,IAAI,CAAC,gBAAgB,CAAC,oBAAoB,EAAE,CAAC,SAAS,EAAE,CAAC,OAAO,EAAE,EAClE,aAAa,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC;QAEtC,IAAI,CAAC,SAAS,GAAG,YAAY,CAAC,WAAW,CAAC,CAAC;QAC3C,IAAI,CAAC,UAAU,GAAG,YAAY,CAAC,YAAY,CAAC,CAAC;QAE7C,WAAW;QACX,+HAA+H;QAC/H,wHAAwH;QACxH,2FAA2F;QAE3F,qFAAqF;QACrF,MAAM;QAEN,6BAA6B;QAE7B,IAAI,CAAC,MAAM,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,CAAC;QACrC,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,OAAO;YACH,oBAAoB,EAAE,IAAI,CAAC,gBAAgB,CAAC,oBAAoB,EAAE,CAAC,SAAS,EAAE,CAAC,QAAQ,EAAE;YACzF,eAAe,EAAE,YAAY,CAAC,WAAW,CAAC;YAC1C,MAAM,EAAE,IAAI,CAAC,MAAM;SACtB,CAAA;IACL,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,YAAY,CAAC,gBAAgB,EAAE,cAAc,GAAC,IAAI,EAAE,YAAY,GAAC,IAAI;QACvE,IAAI,CAAC,IAAI,CAAC,MAAM;YAAE,MAAM,qCAAqC,CAAC;QAE9D,MAAM,gBAAgB,GAAG,cAAc,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;QAEzF,MAAM,SAAS,GAAG,IAAI,SAAS,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QACpD,MAAM,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,MAAM,SAAS,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACvF,MAAM,WAAW,GAAG,IAAI,OAAO,CAAC,QAAQ,CAAC,MAAM,EAAE,QAAQ,CAAC,UAAU,EAAE,QAAQ,CAAC,KAAK,EAAE,QAAQ,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,iEAAiE;QAElL,MAAM,WAAW,GAAG,IAAI,oBAAoB,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,CAAC,UAAU,EAAE,QAAQ,CAAC,OAAO,EAAE,gBAAgB,EAAE,IAAI,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;QAC1I,WAAW,CAAC,qBAAqB,CAAC,QAAQ,CAAC,CAAC;QAE5C,MAAM,KAAK,GAAG,yBAAyB,CAAC,CAAC,IAAI,CAAC,8BAA8B,CAAC,oBAAoB,EAAE,CAAC,SAAS,EAAE,CAAC,OAAO,EAAE,EAAE,IAAI,UAAU,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACvK,MAAM,OAAO,GAAG,IAAI,eAAe,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,sBAAsB,EAAE,GAAG,EAAE,EAAE,EAAE,KAAK,CAAC,CAAC;QAC7G,WAAW,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QAChC,MAAM,eAAe,GAAG,WAAW,CAAC,OAAO,EAAE,CAAC;QAE9C,yCAAyC;QACzC,MAAM,GAAG,GAAG,OAAO,CAAC,uBAAuB,CAAC,gBAAgB,CAAC,CAAC;QAC9D,MAAM,WAAW,GAAG,MAAM,eAAe,CAAC;QAC1C,MAAM,QAAQ,GAAG,MAAM,EAAE,CAAC,aAAa,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,EAAE,GAAG,CAAC,qBAAqB,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,mBAAmB;QAEhJ,MAAM,WAAW,GAAG,MAAM,kBAAkB,CACxC,WAAW,EACX,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,EAAE,2EAA2E;QACnJ,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,+FAA+F;QAC3I,QAAQ,CAAC,UAAU,EACnB,WAAW,CAAC,WAAW,EAAE,CAAC,IAAI,EAC9B,WAAW,CAAC,WAAW,EAAE,CAAC,MAAM,EAChC,WAAW,CAAC,WAAW,EAAE,CAAC,CAAC,EAC3B,IAAI,CAAC,6BAA6B,CAAC,oBAAoB,EAAE,EACzD,MAAM,EACN,IAAI,CAAC,SAAS,EACd,WAAW,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,CAClC,CAAC;QAEF,MAAM,MAAM,GAAG,WAAW,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE;YAChD,OAAO,yBAAyB,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,WAAW,CAAC,EAAE,iBAAiB,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC,CAAC,CAAA;QAChH,CAAC,CAAC,CAAC;QACH,MAAM,QAAQ,GAAG,CAAC,MAAM,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAG1D,MAAM,UAAU,GAAG,MAAM,uBAAuB,CAC5C,WAAW,CAAC,IAAI,EAChB,QAAQ,EACR,WAAW,CAAC,QAAQ,EACpB,WAAW,CAAC,SAAS,EACrB,WAAW,CAAC,EAAE,EACd,WAAW,CAAC,KAAK,EACjB,IAAI,CAAC,iBAAiB;SACzB,CAAC;QAEF,gCAAgC;QAChC,IAAI,CAAC,oBAAoB,GAAG,aAAa,CAAC,MAAM,IAAI,CAAC,gBAAgB,CAAC,iBAAiB,CAAC,kBAAkB,CAAC,IAAI,CAAC,SAAS,CACrH;YACI,WAAW,EAAE,WAAW,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC;YACjE,UAAU,EAAE,UAAU;YACtB,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,YAAY,EAAE;gBACV,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,mCAAmC;gBACnC,OAAO,EAAE,WAAW,CAAC,OAAO;gBAC5B,QAAQ,EAAE,WAAW,CAAC,kBAAkB,EAAE;gBAC1C,WAAW,EAAE,WAAW,CAAC,YAAY,CAAC,OAAO;aAChD;SACJ,CACJ,CAAC,CAAC,CAAC,CAAC;IACT,CAAC;IAED,KAAK,CAAC,MAAM;QACR,IAAG,CAAC,IAAI,CAAC,oBAAoB;YAAE,MAAM,2BAA2B,CAAC;QAEjE,MAAM,OAAO,GAAG,IAAI,CAAC,eAAe,CAAC,cAAc,CAAC,eAAe,CAAC,CAAC;QACrE,MAAM,IAAI,CAAC,eAAe,CAAC,WAAW,CAAC;YACnC,IAAI,EAAE,kBAAkB;YACxB,OAAO,EAAE,IAAI,CAAC,oBAAoB;SACrC,CAAC,CAAC;QACH,MAAM,OAAO,CAAC;QACd,MAAM,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,CAAC;IACvC,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,gBAAgB,EAAE,UAAU,EAAE,QAAQ;QACzD,MAAM,IAAI,CAAC,YAAY,CAAC,gBAAgB,EAAE,UAAU,EAAE,QAAQ,CAAC,CAAC;QAChE,MAAM,IAAI,CAAC,MAAM,EAAE,CAAC;IACxB,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,gBAAgB,EAAE,UAAU,EAAE,KAAK;QACtD,MAAM,UAAU,GAAG,OAAO,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;QACjD,MAAM,GAAG,GAAG,OAAO,CAAC,uBAAuB,CAAC,gBAAgB,CAAC,CAAC;QAE9D,2CAA2C;QAC3C,MAAM,EAAE,uBAAuB,EAAE,UAAU,EAAC,GAAG,MAAM,kBAAkB,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,UAAU,EAAE,UAAU,CAAC,oBAAoB,EAAE,CAAC,MAAM,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;QAE/K,4BAA4B;QAC5B,MAAM,QAAQ,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QAC1C,MAAM,MAAM,GAAG,IAAI,kBAAkB,CAAC,IAAI,CAAC,MAAM,EAC7C,IAAI,EACJ,QAAQ,EACR,UAAU,CAAC,qBAAqB,EAAE,CAAC,QAAQ,EAC3C,UAAU,CAAC,oBAAoB,EAAE,CAAC,MAAM,EACxC,KAAK,EACL,IAAI,CAAC,UAAU,EACf,CAAC,KAAK,CAAC,CACV,CAAC;QACF,MAAM,EAAE,WAAW,EAAE,EAAE,EAAE,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,uBAAuB,CAAC,CAAC;QACtF,MAAM,IAAI,GAAG,CAAC,MAAM,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,oBAAoB,EAAE,CAAC,SAAS,EAAE,CAAC,QAAQ,EAAE,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC;QAEvG,eAAe;QACf,MAAM,IAAI,CAAC,gBAAgB,CAAC,gBAAgB,EAAE,UAAU,EAAE,IAAI,OAAO,CAAC,IAAI,CAAC,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAC;QAExG,MAAM,MAAM,CAAC,MAAM,EAAE,CAAC;IAC1B,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,gBAAgB,EAAE,QAAQ,EAAE,UAAU,EAAE,OAAO,GAAC,IAAI;QACpE,0DAA0D;QAE1D,oDAAoD;QAEpD,2FAA2F;QAE3F,IAAI,CAAC,IAAI,CAAC,MAAM;YAAE,MAAM,qCAAqC,CAAC;QAE9D,MAAM,GAAG,GAAG,OAAO,CAAC,uBAAuB,CAAC,gBAAgB,CAAC,CAAC;QAC9D,MAAM,UAAU,GAAG,OAAO,IAAI,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;QAE7E,MAAM,SAAS,GAAG,IAAI,SAAS,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QACpD,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAEzD,MAAM,KAAK,GAAG,yBAAyB,CAAC;YACpC,GAAG,CAAC,oBAAoB,EAAE,CAAC,SAAS,EAAE,CAAC,OAAO,EAAE;YAChD,MAAM,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,oBAAoB,EAAE,CAAC,SAAS,EAAE,CAAC,OAAO,EAAE,CAAC;SAC1E,CAAC,CAAC;QAEH,MAAM,OAAO,GAAG,IAAI,eAAe,CAAC,yBAAyB,EAAE,GAAG,EAAE,EAAE,EAAE,KAAK,CAAC,CAAC;QAE/E,MAAM,WAAW,GAAG,IAAI,oBAAoB,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,CAAC,UAAU,EAAE,QAAQ,CAAC,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;QACpI,WAAW,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QAChC,WAAW,CAAC,qBAAqB,CAAC,eAAe,CAAC,CAAC;QAEnD,MAAM,KAAK,GAAG,IAAI,sBAAsB,CAAC,MAAM,WAAW,CAAC,QAAQ,CAAC,CAAC,CAAC;QACtE,MAAM,EAAE,GAAG,uBAAuB,CAAC,GAAG,EAAE,CAAC;QACzC,MAAM,SAAS,GAAG,KAAK,CAAC,iBAAiB,CAAC,EAAE,CAAC,CAAC;QAE9C,MAAM,qBAAqB,GAAG,CAAC,MAAM,WAAW,CAAC,OAAO,CAAC,SAAS,CAAC,SAAS,EAAE,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE;YAC/F,OAAO,IAAI,oBAAoB,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,OAAO,CAAC,uBAAuB,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,oBAAoB,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,sDAAsD;QACzM,CAAC,CAAC,CAAC;QAEH,MAAM,WAAW,GAAG,MAAM,uBAAuB,CAC7C,qBAAqB,EACrB,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,+FAA+F;QAC3I,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,EAAE,+FAA+F;QACvI,EAAE,CAAC,IAAI,CACV,CAAC;QAEF,MAAM,QAAQ,GAAG,WAAW,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE;YAC7C,OAAO,yBAAyB,CAAC;gBAC7B,aAAa,CAAC,CAAC,CAAC;gBAChB,iBAAiB,CAAC,WAAW,CAAC,UAAU,CAAC;gBACzC,kBAAkB,CAAC,UAAU,CAAC;aACjC,CAAC,CAAC;QACP,CAAC,CAAC,CAAA;QAEF,MAAM,WAAW,GAAG,CAAC,MAAM,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAE/D,sBAAsB;QACtB,MAAM,IAAI,CAAC,gBAAgB,CAAC,gBAAgB,EAAE,UAAU,CAAC,CAAC;QAG1D,gBAAgB;QAChB,oGAAoG;QACpG,MAAM,SAAS,GAAG,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,mBAAmB,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,UAAU,CAAC,oBAAoB,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;QACjL,MAAM,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACjC,CAAC;CACJ"}
|
|
@@ -45,16 +45,17 @@ export default class dVVKSigningFlow {
|
|
|
45
45
|
* @param {bool} waitForAll
|
|
46
46
|
*/
|
|
47
47
|
async start(request, waitForAll = false) {
|
|
48
|
-
const pre_clients = this.orks.map(info => new NodeClient(info.orkURL).AddBearerAuthorization(this.sessKey.get_private_component().rawBytes, this.sessKey.get_public_component().Serialize().ToString(), this.doken).EnableTideDH(info.orkPublic));
|
|
49
48
|
const voucherFlow = new VoucherFlow(this.orks.map(o => o.orkPaymentPublic), this.voucherURL, "vendorsign");
|
|
50
|
-
const
|
|
51
|
-
const
|
|
49
|
+
const pre_vouchers = voucherFlow.GetVouchers(this.getVouchersFunction);
|
|
50
|
+
const pre_clients = this.orks.map(info => new NodeClient(info.orkURL).AddBearerAuthorization(this.sessKey.get_private_component().rawBytes, this.sessKey.get_public_component().Serialize().ToString(), this.doken).EnableTideDH(info.orkPublic));
|
|
51
|
+
const clients = await Promise.all(pre_clients);
|
|
52
|
+
const { vouchers } = await pre_vouchers;
|
|
52
53
|
const pre_PreSignResponses = clients.map((client, i) => client.PreSign(i, this.vvkid, request, vouchers.toORK(i)));
|
|
53
54
|
const { fulfilledResponses, bitwise } = await WaitForNumberofORKs(this.orks, pre_PreSignResponses, "VVK", waitForAll ? Max : Threshold, null, clients);
|
|
54
|
-
const GRj = PreSign(fulfilledResponses);
|
|
55
|
-
const pre_SignResponses = clients.map(client => client.Sign(this.vvkid, request, GRj, serializeBitArray(bitwise)));
|
|
55
|
+
const GRj = PreSign(fulfilledResponses.map(f => f.GRis));
|
|
56
|
+
const pre_SignResponses = clients.map((client, i) => client.Sign(this.vvkid, request, GRj, serializeBitArray(bitwise)));
|
|
56
57
|
const SignResponses = await Promise.all(pre_SignResponses);
|
|
57
|
-
const Sj = SumS(SignResponses);
|
|
58
|
+
const Sj = SumS(SignResponses.map(s => s.Sij));
|
|
58
59
|
if (GRj.length != Sj.length)
|
|
59
60
|
throw Error("Weird amount of GRjs and Sjs");
|
|
60
61
|
let sigs = [];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"dVVKSigningFlow.js","sourceRoot":"","sources":["../../../../../../modules/tide-js/Flow/SigningFlows/dVVKSigningFlow.js"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,yBAAyB,CAAC;AAChD,OAAO,eAAe,MAAM,iCAAiC,CAAC;AAC9D,OAAO,EAAE,GAAG,EAAE,SAAS,EAAE,mBAAmB,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAC;AACrF,OAAO,UAAU,MAAM,6BAA6B,CAAC;AACrD,OAAO,OAAO,MAAM,+BAA+B,CAAC;AACpD,OAAO,EAAE,OAAO,EAAE,IAAI,IAAI,IAAI,EAAE,MAAM,0BAA0B,CAAC;AACjE,OAAO,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,aAAa,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAC;AACzH,OAAO,WAAW,MAAM,gCAAgC,CAAC;AACzD,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAC9C,OAAO,EAAE,uBAAuB,EAAE,MAAM,gEAAgE,CAAC;AACzG,OAAO,OAAO,MAAM,2BAA2B,CAAC;AAEhD,MAAM,CAAC,OAAO,OAAO,eAAe;IAChC;;;;;;;OAOG;IACH,YAAY,KAAK,EAAE,SAAS,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU;QAC1D,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAC3B,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,oBAAoB;QAErD,IAAG,KAAK,EAAC,CAAC;YACN,IAAG,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,OAAO,CAAC,oBAAoB,EAAE,CAAC;gBAAE,MAAM,KAAK,CAAC,mEAAmE,CAAC,CAAC;YACtJ,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC,SAAS,EAAE,CAAC;QACnC,CAAC;QACD,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,mBAAmB,GAAG,IAAI,CAAC;QAEhC,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;IAEjC,CAAC;IACD;;;OAGG;IACH,2BAA2B,CAAC,mBAAmB;QAC3C,IAAI,CAAC,mBAAmB,GAAG,mBAAmB,CAAC;QAC/C,OAAO,IAAI,CAAC;IAChB,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,KAAK,CAAC,OAAO,EAAE,UAAU,GAAG,KAAK;QAEnC,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,
|
|
1
|
+
{"version":3,"file":"dVVKSigningFlow.js","sourceRoot":"","sources":["../../../../../../modules/tide-js/Flow/SigningFlows/dVVKSigningFlow.js"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,yBAAyB,CAAC;AAChD,OAAO,eAAe,MAAM,iCAAiC,CAAC;AAC9D,OAAO,EAAE,GAAG,EAAE,SAAS,EAAE,mBAAmB,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAC;AACrF,OAAO,UAAU,MAAM,6BAA6B,CAAC;AACrD,OAAO,OAAO,MAAM,+BAA+B,CAAC;AACpD,OAAO,EAAE,OAAO,EAAE,IAAI,IAAI,IAAI,EAAE,MAAM,0BAA0B,CAAC;AACjE,OAAO,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,aAAa,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAC;AACzH,OAAO,WAAW,MAAM,gCAAgC,CAAC;AACzD,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAC9C,OAAO,EAAE,uBAAuB,EAAE,MAAM,gEAAgE,CAAC;AACzG,OAAO,OAAO,MAAM,2BAA2B,CAAC;AAEhD,MAAM,CAAC,OAAO,OAAO,eAAe;IAChC;;;;;;;OAOG;IACH,YAAY,KAAK,EAAE,SAAS,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU;QAC1D,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAC3B,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,oBAAoB;QAErD,IAAG,KAAK,EAAC,CAAC;YACN,IAAG,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,OAAO,CAAC,oBAAoB,EAAE,CAAC;gBAAE,MAAM,KAAK,CAAC,mEAAmE,CAAC,CAAC;YACtJ,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC,SAAS,EAAE,CAAC;QACnC,CAAC;QACD,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,mBAAmB,GAAG,IAAI,CAAC;QAEhC,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;IAEjC,CAAC;IACD;;;OAGG;IACH,2BAA2B,CAAC,mBAAmB;QAC3C,IAAI,CAAC,mBAAmB,GAAG,mBAAmB,CAAC;QAC/C,OAAO,IAAI,CAAC;IAChB,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,KAAK,CAAC,OAAO,EAAE,UAAU,GAAG,KAAK;QAEnC,MAAM,WAAW,GAAG,IAAI,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,gBAAgB,CAAC,EAAE,IAAI,CAAC,UAAU,EAAE,YAAY,CAAC,CAAC;QAC3G,MAAM,YAAY,GAAG,WAAW,CAAC,WAAW,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;QAEvE,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,sBAAsB,CAAC,IAAI,CAAC,OAAO,CAAC,qBAAqB,EAAE,CAAC,QAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,oBAAoB,EAAE,CAAC,SAAS,EAAE,CAAC,QAAQ,EAAE,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;QAClP,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QAE/C,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,YAAY,CAAC;QAExC,MAAM,oBAAoB,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,EAAE,IAAI,CAAC,KAAK,EAAE,OAAO,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACnH,MAAM,EAAE,kBAAkB,EAAE,OAAO,EAAE,GAAG,MAAM,mBAAmB,CAAC,IAAI,CAAC,IAAI,EAAE,oBAAoB,EAAE,KAAK,EAAE,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;QACvJ,MAAM,GAAG,GAAG,OAAO,CAAC,kBAAkB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;QAEzD,MAAM,iBAAiB,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,OAAO,EAAE,GAAG,EAAE,iBAAiB,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;QACxH,MAAM,aAAa,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;QAC3D,MAAM,EAAE,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAE/C,IAAI,GAAG,CAAC,MAAM,IAAI,EAAE,CAAC,MAAM;YAAE,MAAM,KAAK,CAAC,8BAA8B,CAAC,CAAC;QACzE,IAAI,IAAI,GAAG,EAAE,CAAC;QACd,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAClC,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,UAAU,EAAE,EAAE,iBAAiB,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAClF,CAAC;QAED,OAAO,IAAI,CAAC;IAChB,CAAC;CACJ"}
|
|
@@ -0,0 +1,128 @@
|
|
|
1
|
+
import { EdDSA } from "../../Cryptide/index.js";
|
|
2
|
+
import BaseTideRequest from "../../Models/BaseTideRequest.js";
|
|
3
|
+
import { Max, Threshold, WaitForNumberofORKs, sortORKs } from "../../Tools/Utils.js";
|
|
4
|
+
import NodeClient from "../../Clients/NodeClient.js";
|
|
5
|
+
import OrkInfo from "../../Models/Infos/OrkInfo.js";
|
|
6
|
+
import { PreSign, Sign as SumS } from "../../Math/KeySigning.js";
|
|
7
|
+
import { BigIntToByteArray, ConcatUint8Arrays, GetValue, bytesToBase64, serializeBitArray } from "../../Cryptide/Serialization.js";
|
|
8
|
+
import VoucherFlow from "../VoucherFlows/VoucherFlow.js";
|
|
9
|
+
import { Doken } from "../../Models/Doken.js";
|
|
10
|
+
import TideKey from "../../Cryptide/TideKey.js";
|
|
11
|
+
export default class dVVKSigningFlow2Step {
|
|
12
|
+
/**
|
|
13
|
+
* @param {string} vvkid
|
|
14
|
+
* @param {Point} vvkPublic
|
|
15
|
+
* @param {OrkInfo[]} orks
|
|
16
|
+
* @param {TideKey} sessKey
|
|
17
|
+
* @param {Doken} doken
|
|
18
|
+
* @param {string} voucherURL
|
|
19
|
+
*/
|
|
20
|
+
constructor(vvkid, vvkPublic, orks, sessKey, doken, voucherURL) {
|
|
21
|
+
this.vvkid = vvkid;
|
|
22
|
+
this.vvkPublic = vvkPublic;
|
|
23
|
+
this.orks = orks;
|
|
24
|
+
this.orks = sortORKs(this.orks); // sort for bitwise!
|
|
25
|
+
if (doken) {
|
|
26
|
+
if (!doken.payload.sessionKey.Equals(sessKey.get_public_component()))
|
|
27
|
+
throw Error("Mismatch between session key private and Doken session key public");
|
|
28
|
+
this.doken = doken.serialize();
|
|
29
|
+
}
|
|
30
|
+
this.sessKey = sessKey;
|
|
31
|
+
this.getVouchersFunction = null;
|
|
32
|
+
this.voucherURL = voucherURL;
|
|
33
|
+
this.vendorAction = "vendorsign";
|
|
34
|
+
}
|
|
35
|
+
/**
|
|
36
|
+
* @param {(request: string) => Promise<string> } getVouchersFunction
|
|
37
|
+
* @returns {dVVKSigningFlow}
|
|
38
|
+
*/
|
|
39
|
+
setVoucherRetrievalFunction(getVouchersFunction) {
|
|
40
|
+
this.getVouchersFunction = getVouchersFunction;
|
|
41
|
+
return this;
|
|
42
|
+
}
|
|
43
|
+
async setRequest(request) {
|
|
44
|
+
if (!(request instanceof BaseTideRequest))
|
|
45
|
+
throw 'Request is not a BaseTideRequest';
|
|
46
|
+
if (request.dyanmicData.length != 0)
|
|
47
|
+
throw 'Dyanamic data must be null for signing flow 2 step';
|
|
48
|
+
this.request = request;
|
|
49
|
+
}
|
|
50
|
+
async overrideVoucherAction(action) {
|
|
51
|
+
this.vendorAction = action;
|
|
52
|
+
}
|
|
53
|
+
getVouchers() {
|
|
54
|
+
if (!this.vouchers)
|
|
55
|
+
throw 'Call preSign first';
|
|
56
|
+
return this.vouchers;
|
|
57
|
+
}
|
|
58
|
+
/**
|
|
59
|
+
*
|
|
60
|
+
* @param {Uint8Array | Uint8Array[]} dynamicData
|
|
61
|
+
* @returns {Promise<Uint8Array[]>}
|
|
62
|
+
*/
|
|
63
|
+
async preSign(dynamicData) {
|
|
64
|
+
let dynDataisArray = false;
|
|
65
|
+
if (dynamicData) {
|
|
66
|
+
if (!(dynamicData instanceof Uint8Array) && !(Array.isArray(dynamicData)))
|
|
67
|
+
throw 'Dynamic data must be Uint8Array or Uint8Array[]';
|
|
68
|
+
if (dynamicData instanceof Uint8Array) {
|
|
69
|
+
this.request.dyanmicData = dynamicData;
|
|
70
|
+
}
|
|
71
|
+
else
|
|
72
|
+
dynDataisArray = true;
|
|
73
|
+
}
|
|
74
|
+
const voucherFlow = new VoucherFlow(this.orks.map(o => o.orkPaymentPublic), this.voucherURL, this.vendorAction);
|
|
75
|
+
const pre_vouchers = voucherFlow.GetVouchers(this.getVouchersFunction);
|
|
76
|
+
const pre_clients = this.orks.map(info => new NodeClient(info.orkURL).AddBearerAuthorization(this.sessKey.get_private_component().rawBytes, this.sessKey.get_public_component().Serialize().ToString(), this.doken).EnableTideDH(info.orkPublic));
|
|
77
|
+
const clients = await Promise.all(pre_clients);
|
|
78
|
+
const { vouchers, k } = await pre_vouchers;
|
|
79
|
+
this.vouchers = {
|
|
80
|
+
k,
|
|
81
|
+
...vouchers
|
|
82
|
+
};
|
|
83
|
+
const pre_PreSignResponses = clients.map((client, i) => client.PreSign(i, this.vvkid, dynDataisArray ? this.request.replicate().setNewDynamicData(dynamicData[i]) : this.request, vouchers.toORK(i)));
|
|
84
|
+
const { fulfilledResponses, bitwise } = await WaitForNumberofORKs(this.orks, pre_PreSignResponses, "VVK", Threshold, null, clients);
|
|
85
|
+
const GRj = PreSign(fulfilledResponses.map(f => f.GRis));
|
|
86
|
+
this.preSignState = {
|
|
87
|
+
clients,
|
|
88
|
+
GRj,
|
|
89
|
+
bitwise
|
|
90
|
+
};
|
|
91
|
+
return fulfilledResponses.map(f => f.AdditionalData);
|
|
92
|
+
}
|
|
93
|
+
/**
|
|
94
|
+
* @param {Uint8Array | Uint8Array[]} dynamicData
|
|
95
|
+
* @returns
|
|
96
|
+
*/
|
|
97
|
+
async sign(dynamicData) {
|
|
98
|
+
let dynDataisArray = false;
|
|
99
|
+
if (dynamicData) {
|
|
100
|
+
if (!(dynamicData instanceof Uint8Array) && !(Array.isArray(dynamicData)))
|
|
101
|
+
throw 'Dynamic data must be Uint8Array or Uint8Array[]';
|
|
102
|
+
if (dynamicData instanceof Uint8Array) {
|
|
103
|
+
this.request.dyanmicData = dynamicData;
|
|
104
|
+
}
|
|
105
|
+
else {
|
|
106
|
+
if (dynamicData.length != this.preSignState.clients.length)
|
|
107
|
+
throw Error("Supplied datas array must equal client amount");
|
|
108
|
+
dynDataisArray = true;
|
|
109
|
+
}
|
|
110
|
+
}
|
|
111
|
+
if (!this.preSignState)
|
|
112
|
+
throw 'Execute preSign first';
|
|
113
|
+
const pre_SignResponses = this.preSignState.clients.map((client, i) => client.Sign(this.vvkid, dynDataisArray ? this.request.replicate().setNewDynamicData(dynamicData[i]) : this.request, this.preSignState.GRj, serializeBitArray(this.preSignState.bitwise)));
|
|
114
|
+
const SignResponses = await Promise.all(pre_SignResponses);
|
|
115
|
+
const Sj = SumS(SignResponses.map(s => s.Sij));
|
|
116
|
+
if (this.preSignState.GRj.length != Sj.length)
|
|
117
|
+
throw Error("Weird amount of GRjs and Sjs");
|
|
118
|
+
let sigs = [];
|
|
119
|
+
for (let i = 0; i < this.preSignState.GRj.length; i++) {
|
|
120
|
+
sigs.push(ConcatUint8Arrays([this.preSignState.GRj[i].toRawBytes(), BigIntToByteArray(Sj[i])]));
|
|
121
|
+
}
|
|
122
|
+
return {
|
|
123
|
+
sigs,
|
|
124
|
+
addionalDatas: SignResponses.map(s => s.AdditionalData)
|
|
125
|
+
};
|
|
126
|
+
}
|
|
127
|
+
}
|
|
128
|
+
//# sourceMappingURL=dVVKSigningFlow2Step.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"dVVKSigningFlow2Step.js","sourceRoot":"","sources":["../../../../../../modules/tide-js/Flow/SigningFlows/dVVKSigningFlow2Step.js"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,yBAAyB,CAAC;AAChD,OAAO,eAAe,MAAM,iCAAiC,CAAC;AAC9D,OAAO,EAAE,GAAG,EAAE,SAAS,EAAE,mBAAmB,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAC;AACrF,OAAO,UAAU,MAAM,6BAA6B,CAAC;AACrD,OAAO,OAAO,MAAM,+BAA+B,CAAC;AACpD,OAAO,EAAE,OAAO,EAAE,IAAI,IAAI,IAAI,EAAE,MAAM,0BAA0B,CAAC;AACjE,OAAO,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,QAAQ,EAAE,aAAa,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAC;AACnI,OAAO,WAAW,MAAM,gCAAgC,CAAC;AACzD,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAC9C,OAAO,OAAO,MAAM,2BAA2B,CAAC;AAEhD,MAAM,CAAC,OAAO,OAAO,oBAAoB;IACrC;;;;;;;OAOG;IACH,YAAY,KAAK,EAAE,SAAS,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU;QAC1D,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAC3B,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,oBAAoB;QAErD,IAAG,KAAK,EAAC,CAAC;YACN,IAAG,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,OAAO,CAAC,oBAAoB,EAAE,CAAC;gBAAE,MAAM,KAAK,CAAC,mEAAmE,CAAC,CAAC;YACtJ,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC,SAAS,EAAE,CAAC;QACnC,CAAC;QACD,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,mBAAmB,GAAG,IAAI,CAAC;QAEhC,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;IAErC,CAAC;IACD;;;OAGG;IACH,2BAA2B,CAAC,mBAAmB;QAC3C,IAAI,CAAC,mBAAmB,GAAG,mBAAmB,CAAC;QAC/C,OAAO,IAAI,CAAC;IAChB,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,OAAO;QACpB,IAAG,CAAC,CAAC,OAAO,YAAY,eAAe,CAAC;YAAE,MAAM,kCAAkC,CAAC;QACnF,IAAG,OAAO,CAAC,WAAW,CAAC,MAAM,IAAI,CAAC;YAAE,MAAM,oDAAoD,CAAC;QAC/F,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IAC3B,CAAC;IAED,KAAK,CAAC,qBAAqB,CAAC,MAAM;QAC9B,IAAI,CAAC,YAAY,GAAG,MAAM,CAAC;IAC/B,CAAC;IAED,WAAW;QACP,IAAG,CAAC,IAAI,CAAC,QAAQ;YAAE,MAAM,oBAAoB,CAAC;QAC9C,OAAO,IAAI,CAAC,QAAQ,CAAC;IACzB,CAAC;IACD;;;;OAIG;IACH,KAAK,CAAC,OAAO,CAAC,WAAW;QACrB,IAAI,cAAc,GAAG,KAAK,CAAC;QAC3B,IAAG,WAAW,EAAC,CAAC;YACZ,IAAG,CAAC,CAAC,WAAW,YAAY,UAAU,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;gBAAE,MAAM,iDAAiD,CAAC;YAClI,IAAG,WAAW,YAAY,UAAU,EAAC,CAAC;gBAClC,IAAI,CAAC,OAAO,CAAC,WAAW,GAAG,WAAW,CAAC;YAC3C,CAAC;;gBAAK,cAAc,GAAG,IAAI,CAAC;QAChC,CAAC;QAED,MAAM,WAAW,GAAG,IAAI,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,gBAAgB,CAAC,EAAE,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC;QAChH,MAAM,YAAY,GAAG,WAAW,CAAC,WAAW,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;QAEvE,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,sBAAsB,CAAC,IAAI,CAAC,OAAO,CAAC,qBAAqB,EAAE,CAAC,QAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,oBAAoB,EAAE,CAAC,SAAS,EAAE,CAAC,QAAQ,EAAE,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;QAClP,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QAE/C,MAAM,EAAE,QAAQ,EAAE,CAAC,EAAE,GAAG,MAAM,YAAY,CAAC;QAC3C,IAAI,CAAC,QAAQ,GAAG;YACZ,CAAC;YACD,GAAG,QAAQ;SACd,CAAA;QAED,MAAM,oBAAoB,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,EAAE,IAAI,CAAC,KAAK,EAAE,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC,iBAAiB,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACtM,MAAM,EAAE,kBAAkB,EAAE,OAAO,EAAE,GAAG,MAAM,mBAAmB,CAAC,IAAI,CAAC,IAAI,EAAE,oBAAoB,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;QACpI,MAAM,GAAG,GAAG,OAAO,CAAC,kBAAkB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;QAEzD,IAAI,CAAC,YAAY,GAAG;YAChB,OAAO;YACP,GAAG;YACH,OAAO;SACV,CAAA;QAED,OAAO,kBAAkB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC;IACzD,CAAC;IACD;;;OAGG;IACH,KAAK,CAAC,IAAI,CAAC,WAAW;QAClB,IAAI,cAAc,GAAG,KAAK,CAAC;QAC3B,IAAG,WAAW,EAAC,CAAC;YACZ,IAAG,CAAC,CAAC,WAAW,YAAY,UAAU,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;gBAAE,MAAM,iDAAiD,CAAC;YAClI,IAAG,WAAW,YAAY,UAAU,EAAC,CAAC;gBAClC,IAAI,CAAC,OAAO,CAAC,WAAW,GAAG,WAAW,CAAC;YAC3C,CAAC;iBAAK,CAAC;gBACH,IAAG,WAAW,CAAC,MAAM,IAAI,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,MAAM;oBAAE,MAAM,KAAK,CAAC,+CAA+C,CAAC,CAAC;gBACxH,cAAc,GAAG,IAAI,CAAC;YAC1B,CAAC;QACL,CAAC;QACD,IAAG,CAAC,IAAI,CAAC,YAAY;YAAE,MAAM,uBAAuB,CAAC;QAErD,MAAM,iBAAiB,GAAG,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC,iBAAiB,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,YAAY,CAAC,GAAG,EAAE,iBAAiB,CAAC,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;QACjQ,MAAM,aAAa,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;QAC3D,MAAM,EAAE,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAE/C,IAAI,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,IAAI,EAAE,CAAC,MAAM;YAAE,MAAM,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAC3F,IAAI,IAAI,GAAG,EAAE,CAAC;QACd,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACpD,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,UAAU,EAAE,EAAE,iBAAiB,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACpG,CAAC;QAED,OAAO;YACH,IAAI;YACJ,aAAa,EAAE,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,cAAc,CAAC;SAC1D,CAAC;IACN,CAAC;CACJ"}
|
|
@@ -28,6 +28,7 @@ import SimulatorFlow from "./SimulatorFlow.js";
|
|
|
28
28
|
import { Ed25519PublicComponent } from "../Cryptide/Components/Schemes/Ed25519/Ed25519Components.js";
|
|
29
29
|
export default class dKeyGenerationFlow {
|
|
30
30
|
/**
|
|
31
|
+
* TODO Remove gVRK from params
|
|
31
32
|
* @param {string} uid
|
|
32
33
|
* @param {string} gVRK
|
|
33
34
|
* @param {OrkInfo[]} orks
|
|
@@ -48,9 +49,8 @@ export default class dKeyGenerationFlow {
|
|
|
48
49
|
if (orks.length < Max)
|
|
49
50
|
throw Error("Not enough orks available to create an account");
|
|
50
51
|
this.uid = uid;
|
|
51
|
-
this.gVRK = Point.fromBase64(gVRK);
|
|
52
52
|
this.bitwise = bitwise == null ? null : bitwise;
|
|
53
|
-
this.orks = sortORKs(orks);
|
|
53
|
+
this.orks = sortORKs(orks).slice(0, Max); // only take max;
|
|
54
54
|
this.selfRequesti = selfRequesti;
|
|
55
55
|
this.userPublic = userPublic;
|
|
56
56
|
this.sessKey = sessKey;
|
|
@@ -62,8 +62,8 @@ export default class dKeyGenerationFlow {
|
|
|
62
62
|
this.savedOrkPublics = this.orks.map(o => o.orkPublic);
|
|
63
63
|
this.orksToWaitFor = purpose == "NEW" ? Max : Threshold;
|
|
64
64
|
}
|
|
65
|
-
static async ReserveUID(uid, voucherURL, gSessKeyPub) {
|
|
66
|
-
const simClient = new NetworkClient();
|
|
65
|
+
static async ReserveUID(uid, voucherURL, gSessKeyPub, homeOrkUrl = null) {
|
|
66
|
+
const simClient = new NetworkClient(homeOrkUrl);
|
|
67
67
|
const availableOrks = (await simClient.FindReservers(uid));
|
|
68
68
|
const pre_activeOrks = SimulatorFlow.FilterInactiveOrks(availableOrks);
|
|
69
69
|
const reservers = availableOrks.slice(0, 5); // super unlikely all 5 orks are down
|
|
@@ -151,26 +151,6 @@ export default class dKeyGenerationFlow {
|
|
|
151
151
|
});
|
|
152
152
|
return { gMultiplied: UnblurredGMultipled, gK: this.gState.gK };
|
|
153
153
|
}
|
|
154
|
-
/**
|
|
155
|
-
* @param {string} auth
|
|
156
|
-
* @param {string} authSig
|
|
157
|
-
*/
|
|
158
|
-
async GenVVKShard(auth, authSig) {
|
|
159
|
-
const clients = this.orks.map(ork => new NodeClient(ork.orkURL)); // create node clients
|
|
160
|
-
const { vouchers } = await (new VoucherFlow(this.orks.map(o => o.orkPaymentPublic), this.voucherURL, "vendorcreation").GetVouchers(this.getVouchersFunction));
|
|
161
|
-
const ids = this.orks.map(ork => ork.orkID);
|
|
162
|
-
const pre_GenShardResponses = clients.map((client, i) => client.GenVVKShard(this.uid, this.gVRK, auth, authSig, ids, vouchers.toORK(i)));
|
|
163
|
-
// create prkECDHi here to save time
|
|
164
|
-
const prkECHi = await DH.generateECDHi(this.orks.map(o => o.orkPublic), this.sessKey);
|
|
165
|
-
const fulfilledResponses = await Promise.all(pre_GenShardResponses);
|
|
166
|
-
const bitwise = new Array(Max).fill(1); // all must respond
|
|
167
|
-
this.gState = {
|
|
168
|
-
bitwise: bitwise,
|
|
169
|
-
prkECHi,
|
|
170
|
-
...await ProcessShards(fulfilledResponses, bitwise, this.sessKey, true)
|
|
171
|
-
};
|
|
172
|
-
return { gK: this.gState.gK };
|
|
173
|
-
}
|
|
174
154
|
/**
|
|
175
155
|
* @param {string} authorizer
|
|
176
156
|
* @param {string} keyType
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"dKeyGenerationFlow.js","sourceRoot":"","sources":["../../../../../modules/tide-js/Flow/dKeyGenerationFlow.js"],"names":[],"mappings":"AAAA,GAAG;AACH,gEAAgE;AAChE,yCAAyC;AACzC,GAAG;AACH,gEAAgE;AAChE,4DAA4D;AAC5D,+DAA+D;AAC/D,kEAAkE;AAClE,6DAA6D;AAC7D,gEAAgE;AAChE,oCAAoC;AACpC,6DAA6D;AAC7D,8DAA8D;AAC9D,wCAAwC;AACxC,qDAAqD;AACrD,EAAE;AAEF,OAAO,UAAU,MAAM,0BAA0B,CAAC;AAClD,OAAO,OAAO,MAAM,4BAA4B,CAAC;AAEjD,OAAO,EAAE,eAAe,EAAE,aAAa,EAAE,MAAM,0BAA0B,CAAC;AAC1E,OAAO,EAAE,WAAW,EAAE,GAAG,EAAE,SAAS,EAAE,mBAAmB,EAAE,eAAe,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAC;AAChH,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,KAAK,EAAE,MAAM,wBAAwB,CAAC;AAC/C,OAAO,EAAE,WAAW,EAAE,oBAAoB,EAAE,aAAa,EAAE,mBAAmB,EAAE,iBAAiB,EAAE,oBAAoB,EAAE,MAAM,8BAA8B,CAAC;AAC9J,OAAO,EAAE,GAAG,EAAE,EAAE,EAAE,MAAM,sBAAsB,CAAC;AAC/C,OAAO,WAAW,MAAM,+BAA+B,CAAC;AACxD,OAAO,aAAa,MAAM,6BAA6B,CAAC;AACxD,OAAO,aAAa,MAAM,oBAAoB,CAAC;AAC/C,OAAO,EAAE,sBAAsB,EAAE,MAAM,6DAA6D,CAAC;AAErG,MAAM,CAAC,OAAO,OAAO,kBAAkB;IACnC
|
|
1
|
+
{"version":3,"file":"dKeyGenerationFlow.js","sourceRoot":"","sources":["../../../../../modules/tide-js/Flow/dKeyGenerationFlow.js"],"names":[],"mappings":"AAAA,GAAG;AACH,gEAAgE;AAChE,yCAAyC;AACzC,GAAG;AACH,gEAAgE;AAChE,4DAA4D;AAC5D,+DAA+D;AAC/D,kEAAkE;AAClE,6DAA6D;AAC7D,gEAAgE;AAChE,oCAAoC;AACpC,6DAA6D;AAC7D,8DAA8D;AAC9D,wCAAwC;AACxC,qDAAqD;AACrD,EAAE;AAEF,OAAO,UAAU,MAAM,0BAA0B,CAAC;AAClD,OAAO,OAAO,MAAM,4BAA4B,CAAC;AAEjD,OAAO,EAAE,eAAe,EAAE,aAAa,EAAE,MAAM,0BAA0B,CAAC;AAC1E,OAAO,EAAE,WAAW,EAAE,GAAG,EAAE,SAAS,EAAE,mBAAmB,EAAE,eAAe,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAC;AAChH,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,KAAK,EAAE,MAAM,wBAAwB,CAAC;AAC/C,OAAO,EAAE,WAAW,EAAE,oBAAoB,EAAE,aAAa,EAAE,mBAAmB,EAAE,iBAAiB,EAAE,oBAAoB,EAAE,MAAM,8BAA8B,CAAC;AAC9J,OAAO,EAAE,GAAG,EAAE,EAAE,EAAE,MAAM,sBAAsB,CAAC;AAC/C,OAAO,WAAW,MAAM,+BAA+B,CAAC;AACxD,OAAO,aAAa,MAAM,6BAA6B,CAAC;AACxD,OAAO,aAAa,MAAM,oBAAoB,CAAC;AAC/C,OAAO,EAAE,sBAAsB,EAAE,MAAM,6DAA6D,CAAC;AAErG,MAAM,CAAC,OAAO,OAAO,kBAAkB;IACnC;;;;;;;;;;;;;;OAcG;IACH,YAAY,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,GAAC,IAAI,EAAE,OAAO,GAAC,IAAI,EAAE,YAAY,GAAC,EAAE,EAAE,UAAU,GAAC,IAAI,EAAE,OAAO,GAAC,IAAI;QAC7I,IAAG,OAAO,IAAI,IAAI;YAAE,IAAG,OAAO,GAAG,WAAW,EAAE;gBAAE,MAAM,KAAK,CAAC,6BAA6B,CAAC,CAAC;QAC3F,IAAG,IAAI,CAAC,MAAM,GAAG,GAAG;YAAE,MAAM,KAAK,CAAC,gDAAgD,CAAC,CAAC;QACpF,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;QACf,IAAI,CAAC,OAAO,GAAG,OAAO,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC;QAChD,IAAI,CAAC,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,iBAAiB;QAC3D,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;QACjC,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;QAC/B,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,mBAAmB,GAAG,IAAI,CAAC;QAEhC,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;QACvD,IAAI,CAAC,aAAa,GAAG,OAAO,IAAI,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC;IAC5D,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,GAAG,EAAE,UAAU,EAAE,WAAW,EAAE,UAAU,GAAG,IAAI;QACnE,MAAM,SAAS,GAAG,IAAI,aAAa,CAAC,UAAU,CAAC,CAAC;QAChD,MAAM,aAAa,GAAG,CAAC,MAAM,SAAS,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC;QAC3D,MAAM,cAAc,GAAG,aAAa,CAAC,kBAAkB,CAAC,aAAa,CAAC,CAAC;QACvE,MAAM,SAAS,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,qCAAqC;QAClF,MAAM,WAAW,GAAG,IAAI,WAAW,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,gBAAgB,CAAC,EAAE,UAAU,EAAE,SAAS,CAAC,CAAC;QACnG,MAAM,QAAQ,GAAG,CAAC,MAAM,WAAW,CAAC,WAAW,EAAE,CAAC,CAAC,QAAQ,CAAC;QAE5D,MAAM,cAAc,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC;QAEpE,MAAM,oBAAoB,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,EAAE,GAAG,EAAE,WAAW,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC,CAAA;QACtI,MAAM,EAAC,kBAAkB,EAAC,GAAG,MAAM,mBAAmB,CAAC,SAAS,EAAE,oBAAoB,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;QAClG,MAAM,sBAAsB,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,wBAAwB;QAEnJ,OAAO;YACH,uBAAuB,EAAE,sBAAsB,CAAC,QAAQ,EAAE;YAC1D,UAAU,EAAE,CAAC,MAAM,cAAc,CAAC;SACrC,CAAA;IACL,CAAC;IAED;;;OAGG;IACH,2BAA2B,CAAC,mBAAmB;QAC3C,IAAI,CAAC,mBAAmB,GAAG,mBAAmB,CAAC;QAC/C,OAAO,IAAI,CAAC;IAChB,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,QAAQ,CAAC,OAAO,EAAE,YAAY,EAAE,eAAe,GAAC,IAAI;QACtD,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAA,CAAC,sBAAsB;QAEvF,IAAI,QAAQ,CAAC;QACb,IAAG,IAAI,CAAC,OAAO,IAAI,KAAK,EAAC,CAAC;YACtB,IAAG,eAAe,IAAI,IAAI;gBAAE,MAAM,KAAK,CAAC,+CAA+C,CAAC,CAAC;YACzF,MAAM,WAAW,GAAG,IAAI,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,gBAAgB,CAAC,EAAE,IAAI,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;YACvG,QAAQ,GAAG,CAAC,MAAM,WAAW,CAAC,WAAW,EAAE,CAAC,CAAC,QAAQ,CAAC;QAC1D,CAAC;QAED,IAAI,KAAK,GAAG,EAAE,CAAC;QACf,MAAM,kBAAkB,GAAG,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE;YAC/C,IAAG,IAAI,IAAI,IAAI,EAAC,CAAC;gBACb,MAAM,CAAC,GAAG,YAAY,EAAE,CAAC;gBACzB,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBACd,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YACvB,CAAC;iBAAI,CAAC;gBACF,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACjB,OAAO,IAAI,CAAC;YAChB,CAAC;QACL,CAAC,CAAC,CAAA;QAEF,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QAC5C,IAAI,KAAK,GAAG,CAAC,CAAC;QACd,MAAM,qBAAqB,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;YACpD,IAAI,IAAI,GAAG,EAAE,CAAC;YACd,IAAG,IAAI,CAAC,OAAO,IAAI,IAAI,EAAC,CAAC;gBACrB,IAAG,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,IAAI,EAAC,CAAC;oBACxB,IAAI,GAAG,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC;oBAChC,KAAK,EAAE,CAAC;gBACZ,CAAC;YACL,CAAC;YACD,IAAG,IAAI,CAAC,OAAO,IAAI,KAAK;gBAAE,OAAO,MAAM,CAAC,QAAQ,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,eAAe,EAAE,IAAI,CAAC,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,kBAAkB,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;;gBAC/J,OAAO,MAAM,CAAC,WAAW,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,OAAO,EAAE,kBAAkB,EAAE,IAAI,EAAE,IAAI,CAAC,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,CAAC;QACtH,CAAC,CAAC,CAAC;QAEH,oCAAoC;QACpC,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;QAEtF,MAAM,EAAC,kBAAkB,EAAE,OAAO,EAAC,GAAG,MAAM,mBAAmB,CAC3D,IAAI,CAAC,IAAI,EACT,qBAAqB,EACrB,IAAI,CAAC,OAAO,EACZ,IAAI,CAAC,aAAa,EAClB,IAAI,EACJ,OAAO,EACP,IAAI,EACJ,IAAI,CAAC,OAAO,IAAI,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE;YACtC,IAAG,MAAM,CAAC,GAAG,IAAI,IAAI;gBAAE,OAAO,KAAK,CAAC,CAAC,6DAA6D;;gBAC7F,OAAO,IAAI,CAAC,CAAC,aAAa;QACnC,CAAC,CAAC,CAAC;QAEP,IAAI,CAAC,MAAM,GAAG;YACV,OAAO,EAAE,OAAO;YAChB,MAAM,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,0BAA0B;YAC5C,OAAO;YACP,GAAI,MAAM,aAAa,CAAC,kBAAkB,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC;SACrE,CAAC;QAEF,MAAM,mBAAmB,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC,EAAE,EAAE;YACvE,IAAG,WAAW,IAAI,IAAI,EAAC,CAAC;gBACpB,OAAO,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;YAC/C,CAAC;iBAAI,CAAC;gBACF,OAAO,IAAI,CAAC;YAChB,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,OAAO,EAAC,WAAW,EAAE,mBAAmB,EAAE,EAAE,EAAE,IAAI,CAAC,MAAM,CAAC,EAAE,EAAC,CAAA;IACjE,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,QAAQ,CAAC,UAAU,EAAE,OAAO;QAC9B,IAAG,IAAI,CAAC,MAAM,IAAI,SAAS;YAAE,MAAM,KAAK,CAAC,uBAAuB,CAAC,CAAC;QAElE,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAA,CAAC,sBAAsB;QACvF,MAAM,gBAAgB,GAAG,eAAe,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAEtD,oCAAoC;QACpC,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,MAAM,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,SAAS,CAAC;YAC/F,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,QAAQ,EAAE;YAC/B,MAAM,EAAE,UAAU;YAClB,OAAO,EAAE,gBAAgB,CAAC,CAAC,CAAC;YAC5B,aAAa,EAAE,OAAO,IAAI,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE;SACrF,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;QACT,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QAEjD,MAAM,sBAAsB,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC,CAAA;QACzJ,MAAM,kBAAkB,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;QAErE,IAAI,CAAC,MAAM,GAAG,MAAM,eAAe,CAC/B,IAAI,CAAC,GAAG,EACR,kBAAkB,EAClB,IAAI,CAAC,eAAe,EACpB,IAAI,CAAC,MAAM,CAAC,SAAS,EACrB,IAAI,CAAC,MAAM,CAAC,EAAE,EACd,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,EAC1D,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,EAAE,gIAAgI;QAC7N,IAAI,CAAC,OAAO,EACZ,IAAI,CAAC,OAAO,EACZ,IAAI,CAAC,WAAW,EAChB,OAAO,IAAI,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,EAC5C,OAAO,IAAI,KAAK,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CACnC,CAAC;QACN,IAAI,CAAC,MAAM,GAAG,SAAS,CAAC;QACxB,MAAM,IAAI,GAAG;YACT,wBAAwB,EAAE,IAAI,CAAC,MAAM,CAAC,mBAAmB;YACzD,GAAG,EAAE,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;YACjC,aAAa,EAAE,IAAI,CAAC,MAAM,CAAC,UAAU;SACxC,CAAA;QACD,OAAO,IAAI,CAAC;IAChB,CAAC;IAED;OACG;IACH,KAAK,CAAC,MAAM;QACR,IAAG,IAAI,CAAC,MAAM,IAAI,SAAS;YAAE,MAAM,KAAK,CAAC,qBAAqB,CAAC,CAAC;QAEhE,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAA,CAAC,sBAAsB;QAEvF,MAAM,mBAAmB,GAAG,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC;QACnH,MAAM,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;IAE3C,CAAC;CACJ"}
|
|
@@ -16,7 +16,7 @@
|
|
|
16
16
|
//
|
|
17
17
|
import { HMAC_forHashing, SHA256_Digest, SHA512_Digest } from "../Cryptide/Hashing/Hash.js";
|
|
18
18
|
import { CurrentTime, randBetween } from "../Tools/Utils.js";
|
|
19
|
-
import { ConcatUint8Arrays, Bytes2Hex, bytesToBase64, BigIntFromByteArray, StringToUint8Array } from "../Cryptide/Serialization.js";
|
|
19
|
+
import { ConcatUint8Arrays, Bytes2Hex, bytesToBase64, BigIntFromByteArray, StringToUint8Array, StringFromUint8Array } from "../Cryptide/Serialization.js";
|
|
20
20
|
import { Min, median, mod, mod_inv } from "../Cryptide/Math.js";
|
|
21
21
|
import PrismConvertResponse from "../Models/Responses/KeyAuth/Convert/PrismConvertResponse.js";
|
|
22
22
|
import { AES, DH, EdDSA, ElGamal, Hash, Interpolation, Math } from "../Cryptide/index.js";
|
|
@@ -31,6 +31,10 @@ import ConvertRememberedResponse from "../Models/Responses/KeyAuth/Convert/Conve
|
|
|
31
31
|
import VendorData from "../Models/VendorData.js";
|
|
32
32
|
import { Point } from "../Cryptide/Ed25519.js";
|
|
33
33
|
import { Ed25519PublicComponent } from "../Cryptide/Components/Schemes/Ed25519/Ed25519Components.js";
|
|
34
|
+
import DeviceConvertResponse from "../Models/Responses/KeyAuth/Convert/DeviceConvertResponse.js";
|
|
35
|
+
import DecryptedDeviceConvertResponse from "../Models/Responses/KeyAuth/Convert/DecryptedDeviceConvertResponse.js";
|
|
36
|
+
import TideKey from "../Cryptide/TideKey.js";
|
|
37
|
+
import { BaseComponent } from "../Cryptide/Components/BaseComponent.js";
|
|
34
38
|
/**
|
|
35
39
|
* For use in change password flow
|
|
36
40
|
* @param {PrismConvertResponse[]} convertResponses
|
|
@@ -81,6 +85,30 @@ export async function PrismConvertReply(convertResponses, ids, mgORKi, r1, prkEC
|
|
|
81
85
|
const expired = CurrentTime() + Min(decPrismRequesti.map(d => d.Exti));
|
|
82
86
|
return { prismAuthis, timestampi, selfRequesti, expired };
|
|
83
87
|
}
|
|
88
|
+
/**
|
|
89
|
+
* @param {PrismConvertResponse[]} convertResponses
|
|
90
|
+
* @param {bigint[]} ids
|
|
91
|
+
* @param {Point[]} mgORKi
|
|
92
|
+
* @param {bigint} r1
|
|
93
|
+
*/
|
|
94
|
+
export async function DevicePrismConvertReply(convertResponses, ids, mgORKi, r1) {
|
|
95
|
+
// ∑ gPass ⋅ r1 ⋅ PRISMi ⋅ li / r1
|
|
96
|
+
const gPassPRISM = Interpolation.AggregatePointsWithIds(convertResponses.map(resp => resp.GBlurPassPrismi), ids).divide(r1);
|
|
97
|
+
const gPassPRISM_hashed = await gPassPRISM.hash();
|
|
98
|
+
const prismAuthis = await DH.generateECDHi(mgORKi, gPassPRISM_hashed);
|
|
99
|
+
let decPrismRequesti;
|
|
100
|
+
try {
|
|
101
|
+
const pre_decPrismRequesti = convertResponses.map(async (chall, i) => DecryptedPrismConvertResponse.from(await AES.decryptData(chall.EncRequesti, prismAuthis[i])));
|
|
102
|
+
decPrismRequesti = await Promise.all(pre_decPrismRequesti);
|
|
103
|
+
}
|
|
104
|
+
catch {
|
|
105
|
+
throw Error("enclave.invalidAccount");
|
|
106
|
+
}
|
|
107
|
+
const timestampi = median(decPrismRequesti.map(resp => resp.Timestampi));
|
|
108
|
+
// Calculate when the stored token expires
|
|
109
|
+
const expired = CurrentTime() + Min(decPrismRequesti.map(d => d.Exti));
|
|
110
|
+
return { prismAuthis, timestampi, prkRequesti: decPrismRequesti.map(d => d.PRKRequesti), expired };
|
|
111
|
+
}
|
|
84
112
|
/**
|
|
85
113
|
* @param {CMKConvertResponse[]} convertResponses
|
|
86
114
|
* @param {bigint[]} ids
|
|
@@ -115,6 +143,44 @@ export async function CmkConvertReply(convertResponses, ids, prismAuthis, gCMK,
|
|
|
115
143
|
const { blurHCMKMul, blur, gRMul } = await genBlindMessage(gCMKR, gCMKAuth, authToken.toUint8Array(), CMKMul);
|
|
116
144
|
return { VUID: VUID, blurHCMKMul, r4: blur, gCMKAuth, authToken, gRMul };
|
|
117
145
|
}
|
|
146
|
+
/**
|
|
147
|
+
* @param {Uint8Array[]} encRequesti
|
|
148
|
+
* @param {Uint8Array[]} appAuthi
|
|
149
|
+
* @param {bigint[]} ids
|
|
150
|
+
* @param {Point} gCMK
|
|
151
|
+
* @param {string} qPub
|
|
152
|
+
* @param {string} uDeObf
|
|
153
|
+
* @param {TideKey} blurerKPriv
|
|
154
|
+
* @param {Ed25519PublicComponent} gSessKeyPub
|
|
155
|
+
* @param {string} purpose
|
|
156
|
+
* @param {string} sessionId
|
|
157
|
+
* @param {Point} gCMKR
|
|
158
|
+
*/
|
|
159
|
+
export async function DeviceConvertReply(encRequesti, appAuthi, ids, gCMK, qPub, uDeObf, blurerKPriv, gSessKeyPub, purpose, sessionId, gCMKR) {
|
|
160
|
+
let decPrismRequesti;
|
|
161
|
+
try {
|
|
162
|
+
const pre_decPrismRequesti = encRequesti.map(async (chall, i) => DecryptedDeviceConvertResponse.from(StringFromUint8Array(await AES.decryptDataRawOutput(chall, appAuthi[i]))));
|
|
163
|
+
decPrismRequesti = await Promise.all(pre_decPrismRequesti);
|
|
164
|
+
}
|
|
165
|
+
catch (ex) {
|
|
166
|
+
console.log(ex);
|
|
167
|
+
throw Error("enclave.invalidAccount");
|
|
168
|
+
}
|
|
169
|
+
const timestampi = median(decPrismRequesti.map(resp => resp.Timestampi));
|
|
170
|
+
// Calculate when the stored token expires
|
|
171
|
+
const expired = CurrentTime() + Min(decPrismRequesti.map(d => d.Exti));
|
|
172
|
+
// CMK part
|
|
173
|
+
const userPRISM = Interpolation.AggregatePointsWithIds(decPrismRequesti.map(d => d.UserPRISMi), ids);
|
|
174
|
+
const userPRISMdec = userPRISM.mul(mod(BigIntFromByteArray(await DH.computeSharedKey(TideKey.FromSerializedComponent(qPub).get_public_component().public, blurerKPriv.get_private_component().priv))));
|
|
175
|
+
const gUserCMK = userPRISMdec.divide(TideKey.FromSerializedComponent(uDeObf).get_private_component().priv);
|
|
176
|
+
const gUserCMK_Hash = await Hash.SHA512_Digest(gUserCMK.toRawBytes());
|
|
177
|
+
const CMKMul = mod(BigIntFromByteArray(gUserCMK_Hash.slice(0, 32)));
|
|
178
|
+
const VUID = Bytes2Hex(gUserCMK_Hash.slice(-32));
|
|
179
|
+
const gCMKAuth = gCMK.mul(CMKMul);
|
|
180
|
+
const authToken = AuthRequest.new(VUID, purpose, gSessKeyPub.Serialize().ToString(), timestampi + randBetween(30, 90), sessionId);
|
|
181
|
+
const { blurHCMKMul, blur, gRMul } = await genBlindMessage(gCMKR, gCMKAuth, authToken.toUint8Array(), CMKMul);
|
|
182
|
+
return { VUID, gCMKAuth, authToken, r4: blur, decPrismRequesti, timestampi, expired, blurHCMKMul, gRMul };
|
|
183
|
+
}
|
|
118
184
|
/**
|
|
119
185
|
* @param {ConvertRememberedResponse[]} responses
|
|
120
186
|
* @param {bigint[]} mIdORKi
|
|
@@ -179,6 +245,32 @@ export async function AuthenticateBasicReply(vuid, prkECDHi, encSigi, gCMKAuth,
|
|
|
179
245
|
return VendorEncryptedData;
|
|
180
246
|
}
|
|
181
247
|
}
|
|
248
|
+
/**
|
|
249
|
+
*
|
|
250
|
+
* @param {string} vuid
|
|
251
|
+
* @param {Uint8Array} sig
|
|
252
|
+
* @param {Point} gCMKAuth
|
|
253
|
+
* @param {AuthRequest} authToken
|
|
254
|
+
* @param {bigint} r4
|
|
255
|
+
* @param {Point} gRMul
|
|
256
|
+
* @param {Point} gVRK
|
|
257
|
+
*/
|
|
258
|
+
export async function AuthenticateDeviceReply(vuid, sig, gCMKAuth, authToken, r4, gRMul, gVRK) {
|
|
259
|
+
const blindS = BigIntFromByteArray(sig.slice(-32));
|
|
260
|
+
const usig = await unblindSignature(blindS, r4);
|
|
261
|
+
const blindSigValid = await verifyBlindSignature(usig, gRMul, gCMKAuth, authToken.toUint8Array());
|
|
262
|
+
if (!blindSigValid)
|
|
263
|
+
throw Error("Blind Signature Failed");
|
|
264
|
+
const blindSig = bytesToBase64(serializeBlindSig(usig, gRMul));
|
|
265
|
+
if (gVRK == null) {
|
|
266
|
+
const vendorData = new VendorData(vuid, gCMKAuth, blindSig, authToken).toString();
|
|
267
|
+
return vendorData;
|
|
268
|
+
}
|
|
269
|
+
else {
|
|
270
|
+
const VendorEncryptedData = await ElGamal.encryptData(StringToUint8Array(new VendorData(vuid, gCMKAuth, blindSig, authToken).toString()), gVRK);
|
|
271
|
+
return VendorEncryptedData;
|
|
272
|
+
}
|
|
273
|
+
}
|
|
182
274
|
/**
|
|
183
275
|
*
|
|
184
276
|
* @param {string} vuid
|