core-3nweb-client-lib 0.41.7 → 0.41.10

package/build/api-defs/keys.d.ts

@@ -96,7 +96,7 @@ declare namespace web3n.keys {
 		 */
 		alg: string;
 		/**
-		 * This is an id of a key that did the signature.
+		 * This is an id of a key that created the signature.
 		 */
 		kid: string;
 		/**

package/build/api-defs/mailerid.d.ts

@@ -71,7 +71,7 @@ declare namespace web3n.mailerid {
 		'all-ok'
 		| 'unknown-root-cert'
 		| 'not-current-provider'
-		|'dns-not-set'
+		| 'dns-not-set'
 		| 'offline-no-check'
 		| 'other-fail';
 

package/build/core/index.js

@@ -42,7 +42,7 @@ class Core {
         this.isInitialized = false;
         this.cryptor = makeCryptor(this.logger.logError, this.logger.logWarning);
         this.storages = new storage_1.Storages(this.cryptor.cryptor.sbox, this.appDirs.storagePathFor);
-        this.keyrings = new keyring_1.Keyrings(this.cryptor.cryptor.sbox);
+        this.keyrings = new keyring_1.Keyrings(this.cryptor.cryptor.sbox, this.logger);
         this.asmail = new asmail_1.ASMail(this.cryptor.cryptor.sbox, this.makeNet, this.appDirs.inboxPathFor, this.logger);
         Object.seal(this);
     }

package/build/core/keyring/index.d.ts

@@ -5,6 +5,7 @@ import { ResourcesForSending } from '../asmail/delivery/common';
 import { ResourcesForReceiving } from '../asmail/inbox';
 import { GetSigner } from '../id-manager';
 import { ParamOnServer } from '../../lib-client/asmail/service-config';
+import { Logger } from '../../lib-client/logging/log-to-file';
 export { KEY_USE, MsgKeyRole } from './common';
 export interface MsgKeyInfo {
     correspondent: string;
@@ -37,6 +38,7 @@ export interface KeyPairsStorage {
 }
 export declare class Keyrings {
     private readonly cryptor;
+    private readonly logger;
     /**
      * This is a map from correspondents' canonical addresses to key objects.
      */
@@ -45,7 +47,7 @@ export declare class Keyrings {
     private readonly workLabel;
     private storage;
     private publishedKeys;
-    constructor(cryptor: AsyncSBoxCryptor);
+    constructor(cryptor: AsyncSBoxCryptor, logger: Logger);
     private readonly asKeyPairsStorage;
     private addCorrespondent;
     init(fs: WritableFS, getSigner: GetSigner, pkeyOnServer: ParamOnServer<'init-pub-key'>): Promise<void>;

package/build/core/keyring/index.js

@@ -34,8 +34,9 @@ Object.defineProperty(exports, "KEY_USE", { enumerable: true, get: function () {
 const FILE_FOR_INTRO_KEY_ON_SERVER = 'introductory-keys/published-on-server.json';
 // XXX Keyring is just a storage and crypto functionality around keys
 class Keyrings {
-    constructor(cryptor) {
+    constructor(cryptor, logger) {
         this.cryptor = cryptor;
+        this.logger = logger;
         /**
          * This is a map from correspondents' canonical addresses to key objects.
          */
@@ -245,20 +246,32 @@ class Keyrings {
     }
     absorbSuggestedNextKeyPair(correspondent, pair) {
         let ck = this.corrKeys.get(correspondent);
-        if (ck) {
-            ck.ratchetUpSendingPair(pair);
+        if (!ck) {
+            ck = this.addCorrespondent(correspondent);
         }
-        else {
-            if (!pair.isSenderIntroKey) {
-                throw new Error(`Expected addition of correspondent to be done, when new `);
-            }
+        if (pair.isSenderIntroKey) {
             const usedIntro = this.publishedKeys.find(pair.senderKid);
             if (!usedIntro) {
                 throw new Error(`Recently used published intro key is not found`);
             }
-            ck = this.addCorrespondent(correspondent);
             ck.ratchetUpSendingPair(pair, usedIntro.pair);
         }
+        else {
+            ck.ratchetUpSendingPair(pair);
+        }
+        // if (ck) {
+        // 	ck.ratchetUpSendingPair(pair);
+        // } else {
+        // 	if (!pair.isSenderIntroKey) {
+        // 		throw new Error(`Expected addition of correspondent to be done, when new `);
+        // 	}
+        // 	const usedIntro = this.publishedKeys.find(pair.senderKid);
+        // 	if (!usedIntro) {
+        // 		throw new Error(`Recently used published intro key is not found`);
+        // 	}
+        // 	ck = this.addCorrespondent(correspondent);
+        // 	ck.ratchetUpSendingPair(pair, usedIntro.pair);
+        // }
         this.saveChanges();
     }
     async decrypt(msgMeta, getMainObjHeader, getOpenedMsg, checkMidKeyCerts) {
@@ -299,15 +312,20 @@ class Keyrings {
         // absorb next crypto
         const pair = openedMsg.nextCrypto;
         if (pair) {
-            if (msgMeta.recipientKid) {
-                if (!pair.isSenderIntroKey) {
-                    throw new Error(`Introductory message is not referencing used intro key in the next crypto`);
-                }
-                if (msgMeta.recipientKid !== pair.senderKid) {
-                    throw new Error(`Introductory message is referencing wrong key in the next crypto`);
+            try {
+                if (msgMeta.recipientKid) {
+                    if (!pair.isSenderIntroKey) {
+                        throw new Error(`Introductory message is not referencing used intro key in the next crypto`);
+                    }
+                    if (msgMeta.recipientKid !== pair.senderKid) {
+                        throw new Error(`Introductory message is referencing wrong key in the next crypto`);
+                    }
                 }
+                this.absorbSuggestedNextKeyPair(decrInfo.correspondent, pair);
+            }
+            catch (err) {
+                this.logger.logError(err, `Fail to absorb next suggested key for messaging`);
             }
-            this.absorbSuggestedNextKeyPair(decrInfo.correspondent, pair);
         }
         return { decrInfo, openedMsg };
     }

package/build/lib-client/cryptor/worker-js.js

@@ -19,16 +19,6 @@ Object.defineProperty(exports, "__esModule", { value: true });
 const worker_threads_1 = require("worker_threads");
 const ecma_nacl_1 = require("ecma-nacl");
 const error_1 = require("../../lib-common/exceptions/error");
-function transfer(...arrs) {
-    const transferLst = [];
-    for (const arr of arrs) {
-        const buffer = arr.buffer;
-        if (!transferLst.includes(buffer)) {
-            transferLst.push(buffer);
-        }
-    }
-    return transferLst;
-}
 if (!worker_threads_1.parentPort) {
     throw new Error(`Missing expected parentPort. Is this called within WebWorker process?`);
 }

package/build/lib-client/mailer-id/provisioner.js

@@ -58,10 +58,10 @@ class MailerIdProvisioner extends user_with_pkl_session_1.ServiceUser {
         Object.seal(this);
     }
     async setUrlAndDomain() {
-        const info = await (0, service_locator_1.mailerIdInfoAt)(this.net, this.entryURI);
+        const { currentCert, provisioning } = await (0, service_locator_1.mailerIdInfoAt)(this.net, this.entryURI);
         this.midDomain = (0, url_1.parse)(this.serviceURI).hostname;
-        this.serviceURI = info.provisioning;
-        this.rootCert = info.currentCert;
+        this.serviceURI = provisioning;
+        this.rootCert = currentCert;
     }
     /**
      * @param pkey is a public key, that needs to be certified.
@@ -73,10 +73,7 @@ class MailerIdProvisioner extends user_with_pkl_session_1.ServiceUser {
      */
     async getCertificates(pkey, duration) {
         (0, assert_1.assert)(!!this.encryptor);
-        const plainReqData = {
-            pkey: pkey,
-            duration: duration
-        };
+        const plainReqData = { pkey, duration };
         const rep = await this.net.doBinaryRequest({
             url: this.serviceURI + api.certify.URL_END,
             method: api.certify.method,
@@ -95,6 +92,17 @@ class MailerIdProvisioner extends user_with_pkl_session_1.ServiceUser {
                 if (!certs.userCert || !certs.provCert) {
                     throw (0, request_utils_1.makeException)(rep, 'Malformed reply: Certificates are missing.');
                 }
+                if (certs.provCert.kid !== this.rootCert.kid) {
+                    const { currentCert, previousCerts } = await (0, service_locator_1.mailerIdInfoAt)(this.net, this.entryURI);
+                    const rootCert = ((currentCert.kid === certs.provCert.kid) ?
+                        currentCert : previousCerts.find(cert => (cert.kid === certs.provCert.kid)));
+                    if (rootCert) {
+                        this.rootCert = rootCert;
+                    }
+                    else {
+                        throw (0, request_utils_1.makeException)(rep, 'Malformed reply: referenced root MailerId certificate id is unknown.');
+                    }
+                }
                 const pkeyAndId = (0, relying_party_1.verifyChainAndGetUserKey)({ user: certs.userCert, prov: certs.provCert, root: this.rootCert }, this.midDomain, (0, jwkeys_1.getKeyCert)(certs.userCert).issuedAt + 1);
                 if (pkeyAndId.address !== (0, canonical_address_1.toCanonicalAddress)(this.userId)) {
                     throw (0, request_utils_1.makeException)(rep, 'Malformed reply: Certificate is for a wrong address.');

package/build/lib-client/service-locator.d.ts

@@ -1,39 +1,31 @@
 import { NetClient } from './request-utils';
 import { promises as dnsPromises } from 'dns';
+import { StorageRootRoute } from '../lib-common/service-api/3nstorage/root-route';
+import { ASMailRootRoute } from '../lib-common/service-api/asmail/root-route';
 type SignedLoad = web3n.keys.SignedLoad;
-export interface ASMailRoutes {
-    delivery?: string;
-    retrieval?: string;
-    config?: string;
-}
 /**
- * This returns a promise, resolvable to ASMailRoutes object.
+ * This returns a promise, resolvable to ASMailRootRoute object.
  * @param client
  * @param url
  */
-export declare function asmailInfoAt(client: NetClient, url: string): Promise<ASMailRoutes>;
+export declare function asmailInfoAt(client: NetClient, url: string): Promise<ASMailRootRoute>;
 export interface MailerIdServiceInfo {
     provisioning: string;
     currentCert: SignedLoad;
     previousCerts: SignedLoad[];
 }
 /**
- * This returns a promise, resolvable to MailerIdRoutes object.
+ * This returns a promise, resolvable to MailerIdRootRoute object.
  * @param client
  * @param url
  */
 export declare function mailerIdInfoAt(client: NetClient, url: string): Promise<MailerIdServiceInfo>;
-export interface StorageRoutes {
-    owner?: string;
-    shared?: string;
-    config?: string;
-}
 /**
- * This returns a promise, resolvable to StorageRoutes object.
+ * This returns a promise, resolvable to StorageRootRoute object.
  * @param client
  * @param url
  */
-export declare function storageInfoAt(client: NetClient, url: string): Promise<StorageRoutes>;
+export declare function storageInfoAt(client: NetClient, url: string): Promise<StorageRootRoute>;
 export type ServiceTypeDNSLabel = 'mailerid' | 'asmail' | '3nstorage';
 export type ServiceLocatorMaker = (serviceLabel: ServiceTypeDNSLabel) => ServiceLocator;
 export type ServiceLocator = (address: string) => Promise<string>;

package/build/lib-client/service-locator.js

@@ -59,7 +59,7 @@ function transformPathToCompleteUri(url, path, rep) {
     }
 }
 /**
- * This returns a promise, resolvable to ASMailRoutes object.
+ * This returns a promise, resolvable to ASMailRootRoute object.
  * @param client
  * @param url
  */
@@ -80,7 +80,7 @@ async function asmailInfoAt(client, url) {
     return transform;
 }
 /**
- * This returns a promise, resolvable to MailerIdRoutes object.
+ * This returns a promise, resolvable to MailerIdRootRoute object.
  * @param client
  * @param url
  */
@@ -94,10 +94,10 @@ async function mailerIdInfoAt(client, url) {
     else {
         throw (0, request_utils_1.makeException)(rep, 'Malformed reply');
     }
-    if (('object' === typeof json["current-cert"]) &&
-        (0, jwkeys_1.isLikeSignedKeyCert)(json["current-cert"])) {
+    if ((0, jwkeys_1.isLikeSignedKeyCert)(json["current-cert"])) {
         transform.currentCert = json["current-cert"];
-        transform.previousCerts = json["previous-certs"];
+        transform.previousCerts = (Array.isArray(json["previous-certs"]) ?
+            json["previous-certs"].filter(jwkeys_1.isLikeSignedKeyCert) : []);
     }
     else {
         throw (0, request_utils_1.makeException)(rep, 'Malformed reply');
@@ -106,7 +106,7 @@ async function mailerIdInfoAt(client, url) {
     return transform;
 }
 /**
- * This returns a promise, resolvable to StorageRoutes object.
+ * This returns a promise, resolvable to StorageRootRoute object.
  * @param client
  * @param url
  */

package/build/lib-common/buffer-utils.d.ts

@@ -1,4 +1,4 @@
-export declare const EMPTY_BUFFER: Buffer;
+export declare const EMPTY_BUFFER: Buffer<ArrayBuffer>;
 /**
  * Buffer and Uint8Array are intimately linked in Node, starting with some
  * version. As a result, Uint8Array can be efficiently turned into Buffer,

package/build/lib-common/objs-on-disk/v1-obj-file-format.d.ts

@@ -1,5 +1,5 @@
 import { HeaderChunkInfo, SegsChunk } from "./file-layout";
-export declare const V1_FILE_START: Buffer;
+export declare const V1_FILE_START: Buffer<ArrayBuffer>;
 export declare namespace layoutV1 {
     interface Attrs {
         fileComplete: boolean;

package/build/lib-common/service-api/3nstorage/root-route.d.ts

@@ -0,0 +1,5 @@
+export interface StorageRootRoute {
+    owner?: string;
+    shared?: string;
+    config?: string;
+}

package/build/lib-common/service-api/3nstorage/root-route.js

@@ -0,0 +1,18 @@
+"use strict";
+/*
+ Copyright (C) 2025 3NSoft Inc.
+ 
+ This program is free software: you can redistribute it and/or modify it under
+ the terms of the GNU General Public License as published by the Free Software
+ Foundation, either version 3 of the License, or (at your option) any later
+ version.
+ 
+ This program is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ See the GNU General Public License for more details.
+ 
+ You should have received a copy of the GNU General Public License along with
+ this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+Object.defineProperty(exports, "__esModule", { value: true });

package/build/lib-common/service-api/asmail/root-route.d.ts

@@ -0,0 +1,5 @@
+export interface ASMailRootRoute {
+    delivery?: string;
+    retrieval?: string;
+    config?: string;
+}

package/build/lib-common/service-api/asmail/root-route.js

@@ -0,0 +1,18 @@
+"use strict";
+/*
+ Copyright (C) 2025 3NSoft Inc.
+ 
+ This program is free software: you can redistribute it and/or modify it under
+ the terms of the GNU General Public License as published by the Free Software
+ Foundation, either version 3 of the License, or (at your option) any later
+ version.
+ 
+ This program is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ See the GNU General Public License for more details.
+ 
+ You should have received a copy of the GNU General Public License along with
+ this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+Object.defineProperty(exports, "__esModule", { value: true });

package/build/lib-common/service-api/mailer-id/root-route.d.ts

@@ -0,0 +1,7 @@
+type SignedLoad = web3n.keys.SignedLoad;
+export interface MailerIdRootRoute {
+    "current-cert": SignedLoad;
+    "previous-certs": SignedLoad[];
+    provisioning: string;
+}
+export {};

package/build/lib-common/service-api/mailer-id/root-route.js

@@ -0,0 +1,18 @@
+"use strict";
+/*
+ Copyright (C) 2025 3NSoft Inc.
+ 
+ This program is free software: you can redistribute it and/or modify it under
+ the terms of the GNU General Public License as published by the Free Software
+ Foundation, either version 3 of the License, or (at your option) any later
+ version.
+ 
+ This program is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ See the GNU General Public License for more details.
+ 
+ You should have received a copy of the GNU General Public License along with
+ this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+Object.defineProperty(exports, "__esModule", { value: true });