salty-crypto 0.3.0 → 0.3.1

package/lib/hmac.js

@@ -0,0 +1,17 @@
+/// SPDX-License-Identifier: MIT
+/// SPDX-FileCopyrightText: Copyright © 2023 Tony Garnock-Jones <tonyg@leastfixedpoint.com>
+import * as Bytes from './bytes';
+export function makeHMAC(hash) {
+    const HMAC_IPAD = new Uint8Array(hash.BLOCKLEN);
+    HMAC_IPAD.fill(0x36);
+    const HMAC_OPAD = new Uint8Array(hash.BLOCKLEN);
+    HMAC_OPAD.fill(0x5c);
+    const hmac = (key0, data) => {
+        const key1 = key0.byteLength > hash.BLOCKLEN ? hash.digest(key0) : key0;
+        const key = Bytes.append(key1, new Uint8Array(hash.BLOCKLEN - key1.byteLength));
+        return hash.digest(Bytes.append(Bytes.xor(key, HMAC_OPAD), hash.digest(Bytes.append(Bytes.xor(key, HMAC_IPAD), data))));
+    };
+    hmac.NAME = 'HMAC-' + hash.NAME;
+    return hmac;
+}
+//# sourceMappingURL=hmac.js.map

package/lib/hmac.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"hmac.js","sourceRoot":"","sources":["../src/hmac.ts"],"names":[],"mappings":"AAAA,gCAAgC;AAChC,2FAA2F;AAG3F,OAAO,KAAK,KAAK,MAAM,SAAS,CAAC;AAOjC,MAAM,UAAU,QAAQ,CAAC,IAAU;IAC/B,MAAM,SAAS,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACtE,MAAM,SAAS,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACtE,MAAM,IAAI,GAAG,CAAC,IAAgB,EAAE,IAAgB,EAAE,EAAE;QAChD,MAAM,IAAI,GAAG,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QACxE,MAAM,GAAG,GAAG,KAAK,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,UAAU,CAAC,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;QAChF,OAAO,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC,EACzB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC,EACzB,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;IACtE,CAAC,CAAC;IACF,IAAI,CAAC,IAAI,GAAG,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC;IAChC,OAAO,IAAI,CAAC;AAChB,CAAC"}

package/lib/index.d.ts

@@ -0,0 +1,45 @@
+export * from './aead';
+export * as Bytes from './bytes';
+export * from './cipher';
+export * from './dh';
+export * from './hash';
+export * from './hkdf';
+export * from './hmac';
+export * as IO from './io';
+export * from './noise';
+export * from './nonce';
+export * from './random';
+import * as chacha20poly1305 from './aead/chacha20poly1305';
+import * as chacha20 from './cipher/chacha20';
+import * as x25519 from './dh/x25519';
+import * as blake2s from './hash/blake2s';
+import * as poly1305 from './hash/poly1305';
+import * as algorithms from './noise/algorithms';
+import * as cipherstate from './noise/cipherstate';
+import * as handshake from './noise/handshake';
+import * as patterns from './noise/patterns';
+import * as profiles from './noise/profiles';
+import * as rekey from './noise/rekey';
+export declare const INTERNALS: {
+    aead: {
+        chacha20poly1305: typeof chacha20poly1305;
+    };
+    cipher: {
+        chacha20: typeof chacha20;
+    };
+    dh: {
+        x25519: typeof x25519;
+    };
+    hash: {
+        blake2s: typeof blake2s;
+        poly1305: typeof poly1305;
+    };
+    noise: {
+        algorithms: typeof algorithms;
+        cipherstate: typeof cipherstate;
+        handshake: typeof handshake;
+        patterns: typeof patterns;
+        profiles: typeof profiles;
+        rekey: typeof rekey;
+    };
+};

package/lib/index.js

@@ -0,0 +1,48 @@
+/// SPDX-License-Identifier: MIT
+/// SPDX-FileCopyrightText: Copyright © 2023 Tony Garnock-Jones <tonyg@leastfixedpoint.com>
+export * from './aead';
+export * as Bytes from './bytes';
+export * from './cipher';
+export * from './dh';
+export * from './hash';
+export * from './hkdf';
+export * from './hmac';
+export * as IO from './io';
+export * from './noise';
+export * from './nonce';
+export * from './random';
+import * as chacha20poly1305 from './aead/chacha20poly1305';
+import * as chacha20 from './cipher/chacha20';
+import * as x25519 from './dh/x25519';
+import * as blake2s from './hash/blake2s';
+import * as poly1305 from './hash/poly1305';
+import * as algorithms from './noise/algorithms';
+import * as cipherstate from './noise/cipherstate';
+import * as handshake from './noise/handshake';
+import * as patterns from './noise/patterns';
+import * as profiles from './noise/profiles';
+import * as rekey from './noise/rekey';
+export const INTERNALS = {
+    aead: {
+        chacha20poly1305,
+    },
+    cipher: {
+        chacha20,
+    },
+    dh: {
+        x25519,
+    },
+    hash: {
+        blake2s,
+        poly1305,
+    },
+    noise: {
+        algorithms,
+        cipherstate,
+        handshake,
+        patterns,
+        profiles,
+        rekey,
+    },
+};
+//# sourceMappingURL=index.js.map

package/lib/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,gCAAgC;AAChC,2FAA2F;AAE3F,cAAc,QAAQ,CAAC;AACvB,OAAO,KAAK,KAAK,MAAM,SAAS,CAAC;AACjC,cAAc,UAAU,CAAC;AACzB,cAAc,MAAM,CAAC;AACrB,cAAc,QAAQ,CAAC;AACvB,cAAc,QAAQ,CAAC;AACvB,cAAc,QAAQ,CAAC;AACvB,OAAO,KAAK,EAAE,MAAM,MAAM,CAAC;AAC3B,cAAc,SAAS,CAAC;AACxB,cAAc,SAAS,CAAC;AACxB,cAAc,UAAU,CAAC;AAEzB,OAAO,KAAK,gBAAgB,MAAM,yBAAyB,CAAC;AAC5D,OAAO,KAAK,QAAQ,MAAM,mBAAmB,CAAC;AAC9C,OAAO,KAAK,MAAM,MAAM,aAAa,CAAC;AACtC,OAAO,KAAK,OAAO,MAAM,gBAAgB,CAAC;AAC1C,OAAO,KAAK,QAAQ,MAAM,iBAAiB,CAAC;AAC5C,OAAO,KAAK,UAAU,MAAM,oBAAoB,CAAC;AACjD,OAAO,KAAK,WAAW,MAAM,qBAAqB,CAAC;AACnD,OAAO,KAAK,SAAS,MAAM,mBAAmB,CAAC;AAC/C,OAAO,KAAK,QAAQ,MAAM,kBAAkB,CAAC;AAC7C,OAAO,KAAK,QAAQ,MAAM,kBAAkB,CAAC;AAC7C,OAAO,KAAK,KAAK,MAAM,eAAe,CAAC;AAEvC,MAAM,CAAC,MAAM,SAAS,GAAG;IACrB,IAAI,EAAE;QACF,gBAAgB;KACnB;IACD,MAAM,EAAE;QACJ,QAAQ;KACX;IACD,EAAE,EAAE;QACA,MAAM;KACT;IACD,IAAI,EAAE;QACF,OAAO;QACP,QAAQ;KACX;IACD,KAAK,EAAE;QACH,UAAU;QACV,WAAW;QACX,SAAS;QACT,QAAQ;QACR,QAAQ;QACR,KAAK;KACR;CACJ,CAAC"}

package/lib/io.d.ts

@@ -0,0 +1,4 @@
+export declare function toHex(bs: Uint8Array): string;
+export declare function fromHex(s: string): Uint8Array;
+export declare function toBase64(bs: Uint8Array, withPadding?: boolean): string;
+export declare function fromBase64(s: string): Uint8Array;

package/lib/io.js

@@ -0,0 +1,35 @@
+export function toHex(bs) {
+    let s = '';
+    bs.forEach(b => {
+        s = s + '0123456789abcdef'[b >> 4];
+        s = s + '0123456789abcdef'[b & 15];
+    });
+    return s;
+}
+export function fromHex(s) {
+    s = s.replace(/[^0-9a-fA-F]/g, '').toLowerCase();
+    if (s.length % 2)
+        throw new Error("Hex input contains an odd number of digits");
+    const len = Math.floor(s.length / 2);
+    const result = new Uint8Array(len);
+    for (let i = 0; i < len; i++) {
+        result[i] = parseInt(s.substring(2 * i, 2 * i + 2), 16);
+    }
+    return result;
+}
+export function toBase64(bs, withPadding = true) {
+    let r = '';
+    bs.forEach(b => r = r + String.fromCharCode(b));
+    let s = btoa(r);
+    if (!withPadding)
+        s = s.replace(/=/g, '');
+    return s;
+}
+export function fromBase64(s) {
+    const r = atob(s);
+    const result = new Uint8Array(r.length);
+    for (let i = 0; i < r.length; i++)
+        result[i] = r.charCodeAt(i);
+    return result;
+}
+//# sourceMappingURL=io.js.map

package/lib/io.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"io.js","sourceRoot":"","sources":["../src/io.ts"],"names":[],"mappings":"AAAA,MAAM,UAAU,KAAK,CAAC,EAAc;IAChC,IAAI,CAAC,GAAG,EAAE,CAAC;IACX,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE;QACX,CAAC,GAAG,CAAC,GAAG,kBAAkB,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;QACnC,CAAC,GAAG,CAAC,GAAG,kBAAkB,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IACvC,CAAC,CAAC,CAAC;IACH,OAAO,CAAC,CAAC;AACb,CAAC;AAED,MAAM,UAAU,OAAO,CAAC,CAAS;IAC7B,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,eAAe,EAAE,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC;IACjD,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;IAChF,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IACrC,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,CAAC;IACnC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE;QAC1B,MAAM,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,GAAC,CAAC,EAAC,CAAC,GAAC,CAAC,GAAC,CAAC,CAAC,EAAC,EAAE,CAAC,CAAC;KACnD;IACD,OAAO,MAAM,CAAC;AAClB,CAAC;AAED,MAAM,UAAU,QAAQ,CAAC,EAAc,EAAE,WAAW,GAAG,IAAI;IACvD,IAAI,CAAC,GAAG,EAAE,CAAC;IACX,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC;IAChD,IAAI,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;IAChB,IAAI,CAAC,WAAW;QAAE,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;IAC1C,OAAO,CAAC,CAAC;AACb,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,CAAS;IAChC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;IACxC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE;QAAE,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;IAC/D,OAAO,MAAM,CAAC;AAClB,CAAC"}

package/lib/noise/algorithms.d.ts

@@ -0,0 +1,15 @@
+import { AEAD } from '../aead';
+import { Hash } from '../hash';
+import { DH } from '../dh';
+import { HMAC } from '../hmac';
+import { HKDF } from '../hkdf';
+import { Rekey } from './rekey';
+export interface Algorithms {
+    dh: DH;
+    aead: AEAD;
+    hash: Hash;
+    hmac?: HMAC;
+    hkdf?: HKDF;
+    rekey?: Rekey;
+}
+export declare function matchPattern(a: Algorithms, protocol_name: string): string | null;

package/lib/noise/algorithms.js

@@ -0,0 +1,10 @@
+/// SPDX-License-Identifier: MIT
+/// SPDX-FileCopyrightText: Copyright © 2023 Tony Garnock-Jones <tonyg@leastfixedpoint.com>
+export function matchPattern(a, protocol_name) {
+    const r = new RegExp(`^Noise_([A-Za-z0-9+]+)_${a.dh.NAME}_${a.aead.NAME}_${a.hash.NAME}$`);
+    const m = r.exec(protocol_name);
+    if (m === null)
+        return null;
+    return m[1];
+}
+//# sourceMappingURL=algorithms.js.map

package/lib/noise/algorithms.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"algorithms.js","sourceRoot":"","sources":["../../src/noise/algorithms.ts"],"names":[],"mappings":"AAAA,gCAAgC;AAChC,2FAA2F;AAmB3F,MAAM,UAAU,YAAY,CAAC,CAAa,EAAE,aAAqB;IAC7D,MAAM,CAAC,GAAG,IAAI,MAAM,CAAC,0BAA0B,CAAC,CAAC,EAAE,CAAC,IAAI,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC;IAC3F,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;IAChC,IAAI,CAAC,KAAK,IAAI;QAAE,OAAO,IAAI,CAAC;IAC5B,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC;AAChB,CAAC"}

package/lib/noise/cipherstate.d.ts

@@ -0,0 +1,14 @@
+import { Nonce } from '../nonce';
+import { Algorithms } from './algorithms';
+export declare class CipherState {
+    algorithms: Algorithms;
+    view: DataView | null;
+    nonce: Nonce;
+    readonly maxPayload: number;
+    constructor(algorithms: Algorithms, key?: Uint8Array);
+    encrypt(plaintext: Uint8Array, associated_data?: Uint8Array): Uint8Array;
+    decrypt(ciphertext: Uint8Array, associated_data?: Uint8Array): Uint8Array;
+    rekey(): void;
+    encrypt_large(plaintext: Uint8Array): Uint8Array[];
+    decrypt_large(ciphertexts: Uint8Array[]): Uint8Array;
+}

package/lib/noise/cipherstate.js

@@ -0,0 +1,62 @@
+/// SPDX-License-Identifier: MIT
+/// SPDX-FileCopyrightText: Copyright © 2023 Tony Garnock-Jones <tonyg@leastfixedpoint.com>
+import { Nonce } from '../nonce';
+import { makeRekey } from './rekey';
+export class CipherState {
+    constructor(algorithms, key) {
+        this.algorithms = algorithms;
+        this.view = null;
+        this.nonce = new Nonce();
+        if (key !== void 0)
+            this.view = new DataView(key.buffer);
+        this.maxPayload = 65535 - this.algorithms.aead.TAGBYTES;
+    }
+    encrypt(plaintext, associated_data) {
+        if (this.view === null)
+            return plaintext;
+        const ciphertext = this.algorithms.aead.encrypt(plaintext, this.view, this.nonce, associated_data);
+        this.nonce.increment();
+        return ciphertext;
+    }
+    decrypt(ciphertext, associated_data) {
+        if (this.view === null)
+            return ciphertext;
+        const plaintext = this.algorithms.aead.decrypt(ciphertext, this.view, this.nonce, associated_data);
+        this.nonce.increment();
+        return plaintext;
+    }
+    rekey() {
+        var _a;
+        if (this.view === null)
+            return;
+        this.view = ((_a = this.algorithms.rekey) !== null && _a !== void 0 ? _a : makeRekey(this.algorithms.aead))(this.view);
+    }
+    encrypt_large(plaintext) {
+        if (plaintext.byteLength > this.maxPayload) {
+            const pieces = [];
+            while (plaintext.byteLength > this.maxPayload) {
+                pieces.push(this.encrypt(plaintext.subarray(0, this.maxPayload)));
+                plaintext = plaintext.subarray(this.maxPayload);
+            }
+            if (plaintext.byteLength > 0) {
+                pieces.push(this.encrypt(plaintext));
+            }
+            return pieces;
+        }
+        else {
+            return [this.encrypt(plaintext)];
+        }
+    }
+    decrypt_large(ciphertexts) {
+        const final_len = ciphertexts.reduce((acc, c) => acc + c.byteLength - this.algorithms.aead.TAGBYTES, 0);
+        const final = new Uint8Array(final_len);
+        let offset = 0;
+        ciphertexts.forEach(c => {
+            const p = this.decrypt(c);
+            final.set(p, offset);
+            offset += p.byteLength;
+        });
+        return final;
+    }
+}
+//# sourceMappingURL=cipherstate.js.map

package/lib/noise/cipherstate.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cipherstate.js","sourceRoot":"","sources":["../../src/noise/cipherstate.ts"],"names":[],"mappings":"AAAA,gCAAgC;AAChC,2FAA2F;AAE3F,OAAO,EAAE,KAAK,EAAE,MAAM,UAAU,CAAC;AACjC,OAAO,EAAE,SAAS,EAAE,MAAM,SAAS,CAAC;AAGpC,MAAM,OAAO,WAAW;IAKpB,YAAoB,UAAsB,EAC7B,GAAgB;QADT,eAAU,GAAV,UAAU,CAAY;QAJ1C,SAAI,GAAoB,IAAI,CAAC;QAC7B,UAAK,GAAG,IAAI,KAAK,EAAE,CAAC;QAMhB,IAAI,GAAG,KAAK,KAAK,CAAC;YAAE,IAAI,CAAC,IAAI,GAAG,IAAI,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACzD,IAAI,CAAC,UAAU,GAAG,KAAK,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC;IAC5D,CAAC;IAED,OAAO,CAAC,SAAqB,EAAE,eAA4B;QACvD,IAAI,IAAI,CAAC,IAAI,KAAK,IAAI;YAAE,OAAO,SAAS,CAAC;QACzC,MAAM,UAAU,GACZ,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,KAAK,EAAE,eAAe,CAAC,CAAC;QACpF,IAAI,CAAC,KAAK,CAAC,SAAS,EAAE,CAAC;QACvB,OAAO,UAAU,CAAC;IACtB,CAAC;IAED,OAAO,CAAC,UAAsB,EAAE,eAA4B;QACxD,IAAI,IAAI,CAAC,IAAI,KAAK,IAAI;YAAE,OAAO,UAAU,CAAC;QAC1C,MAAM,SAAS,GACX,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,KAAK,EAAE,eAAe,CAAC,CAAC;QACrF,IAAI,CAAC,KAAK,CAAC,SAAS,EAAE,CAAC;QACvB,OAAO,SAAS,CAAC;IACrB,CAAC;IAED,KAAK;;QACD,IAAI,IAAI,CAAC,IAAI,KAAK,IAAI;YAAE,OAAO;QAC/B,IAAI,CAAC,IAAI,GAAG,CAAC,MAAA,IAAI,CAAC,UAAU,CAAC,KAAK,mCAAI,SAAS,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACtF,CAAC;IAED,aAAa,CAAC,SAAqB;QAC/B,IAAI,SAAS,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,EAAE;YACxC,MAAM,MAAM,GAAG,EAAE,CAAC;YAClB,OAAO,SAAS,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,EAAE;gBAC3C,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;gBAClE,SAAS,GAAG,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;aACnD;YACD,IAAI,SAAS,CAAC,UAAU,GAAG,CAAC,EAAE;gBAC1B,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC;aACxC;YACD,OAAO,MAAM,CAAC;SACjB;aAAM;YACH,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC;SACpC;IACL,CAAC;IAED,aAAa,CAAC,WAAyB;QACnC,MAAM,SAAS,GAAG,WAAW,CAAC,MAAM,CAChC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QACvE,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,SAAS,CAAC,CAAC;QACxC,IAAI,MAAM,GAAG,CAAC,CAAC;QACf,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE;YACpB,MAAM,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;YAC1B,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;YACrB,MAAM,IAAI,CAAC,CAAC,UAAU,CAAC;QAC3B,CAAC,CAAC,CAAC;QACH,OAAO,KAAK,CAAC;IACjB,CAAC;CACJ"}

package/lib/noise/handshake.d.ts

@@ -0,0 +1,52 @@
+import { DHKeyPair } from '../dh';
+import { Algorithms } from './algorithms';
+import { CipherState } from './cipherstate';
+import { HandshakePattern, KeyMixToken, Token } from './patterns';
+import { HKDF } from '../hkdf';
+export type Role = 'initiator' | 'responder';
+export type HandshakeOptions = {
+    prologue?: Uint8Array;
+    staticKeypair?: DHKeyPair;
+    remoteStaticPublicKey?: Uint8Array;
+    pregeneratedEphemeralKeypair?: DHKeyPair;
+    remotePregeneratedEphemeralPublicKey?: Uint8Array;
+    preSharedKeys?: Uint8Array[];
+};
+export type TransportState = {
+    send: CipherState;
+    recv: CipherState;
+};
+export declare class Handshake {
+    algorithms: Algorithms;
+    role: Role;
+    staticKeypair: DHKeyPair;
+    remoteStaticPublicKey: Uint8Array | null;
+    ephemeralKeypair: DHKeyPair;
+    remoteEphemeralPublicKey: Uint8Array | null;
+    preSharedKeys?: Uint8Array[];
+    stepIndex: number;
+    cipherState: CipherState;
+    chainingKey: Uint8Array;
+    handshakeHash: Uint8Array;
+    hkdf: HKDF;
+    pattern: HandshakePattern;
+    constructor(algorithms: Algorithms, pattern: HandshakePattern | string, role: Role, options?: HandshakeOptions);
+    get isInitiator(): boolean;
+    mixHash(data: Uint8Array): void;
+    mixKey(input: Uint8Array): void;
+    mixKeyAndHashNextPSK(): void;
+    encryptAndHash(p: Uint8Array): Uint8Array;
+    decryptAndHash(c: Uint8Array): Uint8Array;
+    _split(): TransportState | null;
+    _nextStep(): Token[];
+    _processKeyMixToken(t: KeyMixToken): void;
+    writeMessage(payload: Uint8Array): {
+        packet: Uint8Array;
+        finished: TransportState | null;
+    };
+    readMessage(packet: Uint8Array): {
+        message: Uint8Array;
+        finished: TransportState | null;
+    };
+    completeHandshake(writePacket: (packet: Uint8Array) => Promise<void>, readPacket: () => Promise<Uint8Array>, handleMessage?: (_m: Uint8Array) => Promise<void>, produceMessage?: () => Promise<Uint8Array>): Promise<TransportState>;
+}

package/lib/noise/handshake.js

@@ -0,0 +1,191 @@
+/// SPDX-License-Identifier: MIT
+/// SPDX-FileCopyrightText: Copyright © 2023 Tony Garnock-Jones <tonyg@leastfixedpoint.com>
+import * as Bytes from '../bytes';
+import { CipherState } from './cipherstate';
+import { lookupPattern } from './patterns';
+import { makeHKDF } from '../hkdf';
+import { makeHMAC } from '../hmac';
+export class Handshake {
+    constructor(algorithms, pattern, role, options = {}) {
+        var _a, _b, _c, _d, _e, _f, _g;
+        this.algorithms = algorithms;
+        this.role = role;
+        this.stepIndex = 0;
+        if (typeof pattern === 'string') {
+            const p = lookupPattern(pattern);
+            if (p === null)
+                throw new Error("Unknown Noise Protocol handshake pattern " + pattern);
+            this.pattern = p;
+        }
+        else {
+            this.pattern = pattern;
+        }
+        this.staticKeypair = (_a = options.staticKeypair) !== null && _a !== void 0 ? _a : this.algorithms.dh.generateKeypair();
+        this.remoteStaticPublicKey = (_b = options.remoteStaticPublicKey) !== null && _b !== void 0 ? _b : null;
+        this.ephemeralKeypair = (_c = options.pregeneratedEphemeralKeypair) !== null && _c !== void 0 ? _c : this.algorithms.dh.generateKeypair();
+        this.remoteEphemeralPublicKey = (_d = options.remotePregeneratedEphemeralPublicKey) !== null && _d !== void 0 ? _d : null;
+        this.preSharedKeys = options.preSharedKeys;
+        if (this.preSharedKeys) {
+            this.preSharedKeys = this.preSharedKeys.slice();
+            if (this.preSharedKeys.length === 0)
+                this.preSharedKeys = void 0;
+        }
+        const protocolName = new TextEncoder().encode('Noise_' + this.pattern.name +
+            '_' + this.algorithms.dh.NAME +
+            '_' + this.algorithms.aead.NAME +
+            '_' + this.algorithms.hash.NAME);
+        this.cipherState = new CipherState(this.algorithms);
+        {
+            const ckLen = this.algorithms.hash.OUTBYTES;
+            const ckSeed = (protocolName.byteLength > ckLen)
+                ? this.algorithms.hash.digest(protocolName)
+                : protocolName;
+            this.chainingKey = Bytes.append(ckSeed, new Uint8Array(ckLen - ckSeed.byteLength));
+        }
+        this.handshakeHash = this.chainingKey;
+        this.mixHash((_e = options.prologue) !== null && _e !== void 0 ? _e : Bytes.EMPTY);
+        this.pattern.initiatorPreMessage.forEach(t => this.mixHash(t === 'e'
+            ? (this.isInitiator ? this.ephemeralKeypair.public : this.remoteEphemeralPublicKey)
+            : (this.isInitiator ? this.staticKeypair.public : this.remoteStaticPublicKey)));
+        this.pattern.responderPreMessage.forEach(t => this.mixHash(t === 'e'
+            ? (!this.isInitiator ? this.ephemeralKeypair.public : this.remoteEphemeralPublicKey)
+            : (!this.isInitiator ? this.staticKeypair.public : this.remoteStaticPublicKey)));
+        this.hkdf = (_f = this.algorithms.hkdf) !== null && _f !== void 0 ? _f : makeHKDF((_g = this.algorithms.hmac) !== null && _g !== void 0 ? _g : makeHMAC(this.algorithms.hash));
+    }
+    get isInitiator() {
+        return this.role === 'initiator';
+    }
+    mixHash(data) {
+        this.handshakeHash = this.algorithms.hash.digest(Bytes.append(this.handshakeHash, data));
+    }
+    mixKey(input) {
+        const [newCk, k] = this.hkdf(this.chainingKey, input, 2);
+        this.chainingKey = newCk;
+        this.cipherState = new CipherState(this.algorithms, k);
+    }
+    mixKeyAndHashNextPSK() {
+        const psk = this.preSharedKeys.shift();
+        const [newCk, tempH, k] = this.hkdf(this.chainingKey, psk, 3);
+        this.chainingKey = newCk;
+        this.mixHash(tempH);
+        this.cipherState = new CipherState(this.algorithms, k);
+    }
+    encryptAndHash(p) {
+        const c = this.cipherState.encrypt(p, this.handshakeHash);
+        this.mixHash(c);
+        return c;
+    }
+    decryptAndHash(c) {
+        const p = this.cipherState.decrypt(c, this.handshakeHash);
+        this.mixHash(c);
+        return p;
+    }
+    _split() {
+        if (this.stepIndex < this.pattern.messages.length) {
+            return null;
+        }
+        else {
+            let [kI, kR] = this.hkdf(this.chainingKey, Bytes.EMPTY, 2)
+                .map(k => new CipherState(this.algorithms, k));
+            return this.isInitiator ? { send: kI, recv: kR } : { send: kR, recv: kI };
+        }
+    }
+    _nextStep() {
+        if (this.stepIndex >= this.pattern.messages.length) {
+            throw new Error("Handshake already complete, cannot continue");
+        }
+        return this.pattern.messages[this.stepIndex++];
+    }
+    _processKeyMixToken(t) {
+        switch (t) {
+            case 'ee':
+                this.mixKey(this.algorithms.dh.dh(this.ephemeralKeypair, this.remoteEphemeralPublicKey));
+                break;
+            case 'es':
+                this.mixKey(this.isInitiator
+                    ? this.algorithms.dh.dh(this.ephemeralKeypair, this.remoteStaticPublicKey)
+                    : this.algorithms.dh.dh(this.staticKeypair, this.remoteEphemeralPublicKey));
+                break;
+            case 'se':
+                this.mixKey(!this.isInitiator
+                    ? this.algorithms.dh.dh(this.ephemeralKeypair, this.remoteStaticPublicKey)
+                    : this.algorithms.dh.dh(this.staticKeypair, this.remoteEphemeralPublicKey));
+                break;
+            case 'ss':
+                this.mixKey(this.algorithms.dh.dh(this.staticKeypair, this.remoteStaticPublicKey));
+                break;
+            case 'psk':
+                this.mixKeyAndHashNextPSK();
+                break;
+        }
+    }
+    writeMessage(payload) {
+        const pieces = [];
+        this._nextStep().forEach(t => {
+            switch (t) {
+                case 'e':
+                    pieces.push(this.ephemeralKeypair.public);
+                    this.mixHash(this.ephemeralKeypair.public);
+                    if (this.preSharedKeys)
+                        this.mixKey(this.ephemeralKeypair.public);
+                    break;
+                case 's':
+                    pieces.push(this.encryptAndHash(this.staticKeypair.public));
+                    break;
+                default:
+                    this._processKeyMixToken(t);
+                    break;
+            }
+        });
+        pieces.push(this.encryptAndHash(payload));
+        let packet;
+        if (pieces.length === 1) {
+            packet = pieces[0];
+        }
+        else {
+            packet = new Uint8Array(pieces.reduce((ac, p) => ac + p.byteLength, 0));
+            let offset = 0;
+            pieces.forEach(p => { packet.set(p, offset); offset += p.byteLength; });
+        }
+        return { packet, finished: this._split() };
+    }
+    readMessage(packet) {
+        const take = (n) => {
+            const bs = packet.slice(0, n);
+            packet = packet.subarray(n);
+            return bs;
+        };
+        this._nextStep().forEach(t => {
+            switch (t) {
+                case 'e':
+                    this.remoteEphemeralPublicKey = take(this.algorithms.dh.DHLEN);
+                    this.mixHash(this.remoteEphemeralPublicKey);
+                    if (this.preSharedKeys)
+                        this.mixKey(this.remoteEphemeralPublicKey);
+                    break;
+                case 's':
+                    this.remoteStaticPublicKey = this.decryptAndHash(take(this.algorithms.dh.DHLEN + (this.cipherState.view ? 16 : 0)));
+                    break;
+                default:
+                    this._processKeyMixToken(t);
+                    break;
+            }
+        });
+        const message = this.decryptAndHash(packet);
+        return { message, finished: this._split() };
+    }
+    async completeHandshake(writePacket, readPacket, handleMessage = async (_m) => { }, produceMessage = async () => new Uint8Array(0)) {
+        const W = async () => {
+            const { packet, finished } = this.writeMessage(await produceMessage());
+            await writePacket(packet);
+            return finished || R();
+        };
+        const R = async () => {
+            const { message, finished } = this.readMessage(await readPacket());
+            await handleMessage(message);
+            return finished || W();
+        };
+        return (this.isInitiator ? W() : R());
+    }
+}
+//# sourceMappingURL=handshake.js.map

package/lib/noise/handshake.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"handshake.js","sourceRoot":"","sources":["../../src/noise/handshake.ts"],"names":[],"mappings":"AAAA,gCAAgC;AAChC,2FAA2F;AAG3F,OAAO,KAAK,KAAK,MAAM,UAAU,CAAC;AAGlC,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAC5C,OAAO,EAAiC,aAAa,EAAS,MAAM,YAAY,CAAC;AACjF,OAAO,EAAQ,QAAQ,EAAE,MAAM,SAAS,CAAC;AACzC,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAenC,MAAM,OAAO,SAAS;IAalB,YAAoB,UAAsB,EAC7B,OAAkC,EAC3B,IAAU,EACjB,UAA4B,EAAE;;QAHvB,eAAU,GAAV,UAAU,CAAY;QAEtB,SAAI,GAAJ,IAAI,CAAM;QAT9B,cAAS,GAAG,CAAC,CAAC;QAYV,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE;YAC7B,MAAM,CAAC,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC;YACjC,IAAI,CAAC,KAAK,IAAI;gBAAE,MAAM,IAAI,KAAK,CAAC,2CAA2C,GAAG,OAAO,CAAC,CAAC;YACvF,IAAI,CAAC,OAAO,GAAG,CAAC,CAAC;SACpB;aAAM;YACH,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;SAC1B;QAED,IAAI,CAAC,aAAa,GAAG,MAAA,OAAO,CAAC,aAAa,mCAAI,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,eAAe,EAAE,CAAC;QACnF,IAAI,CAAC,qBAAqB,GAAG,MAAA,OAAO,CAAC,qBAAqB,mCAAI,IAAI,CAAC;QACnE,IAAI,CAAC,gBAAgB,GAAG,MAAA,OAAO,CAAC,4BAA4B,mCAAI,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,eAAe,EAAE,CAAC;QACrG,IAAI,CAAC,wBAAwB,GAAG,MAAA,OAAO,CAAC,oCAAoC,mCAAI,IAAI,CAAC;QACrF,IAAI,CAAC,aAAa,GAAG,OAAO,CAAC,aAAa,CAAC;QAC3C,IAAI,IAAI,CAAC,aAAa,EAAE;YACpB,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,CAAC;YAChD,IAAI,IAAI,CAAC,aAAa,CAAC,MAAM,KAAK,CAAC;gBAAE,IAAI,CAAC,aAAa,GAAG,KAAK,CAAC,CAAC;SACpE;QAED,MAAM,YAAY,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CACzC,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI;YACxB,GAAG,GAAG,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,IAAI;YAC7B,GAAG,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI;YAC/B,GAAG,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAEzC,IAAI,CAAC,WAAW,GAAG,IAAI,WAAW,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACpD;YACI,MAAM,KAAK,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC;YAC5C,MAAM,MAAM,GAAG,CAAC,YAAY,CAAC,UAAU,GAAG,KAAK,CAAC;gBAC5C,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC;gBAC3C,CAAC,CAAC,YAAY,CAAC;YACnB,IAAI,CAAC,WAAW,GAAG,KAAK,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,UAAU,CAAC,KAAK,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC;SACtF;QACD,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,WAAW,CAAC;QAEtC,IAAI,CAAC,OAAO,CAAC,MAAA,OAAO,CAAC,QAAQ,mCAAI,KAAK,CAAC,KAAK,CAAC,CAAC;QAC9C,IAAI,CAAC,OAAO,CAAC,mBAAmB,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,GAAG;YAChE,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,wBAAyB,CAAC;YACpF,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,qBAAsB,CAAC,CAAC,CAAC,CAAC;QACrF,IAAI,CAAC,OAAO,CAAC,mBAAmB,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,GAAG;YAChE,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,wBAAyB,CAAC;YACrF,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,qBAAsB,CAAC,CAAC,CAAC,CAAC;QAEtF,IAAI,CAAC,IAAI,GAAG,MAAA,IAAI,CAAC,UAAU,CAAC,IAAI,mCAAI,QAAQ,CACxC,MAAA,IAAI,CAAC,UAAU,CAAC,IAAI,mCAAI,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;IAChE,CAAC;IAED,IAAI,WAAW;QACX,OAAO,IAAI,CAAC,IAAI,KAAK,WAAW,CAAC;IACrC,CAAC;IAED,OAAO,CAAC,IAAgB;QACpB,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,EAAE,IAAI,CAAC,CAAC,CAAC;IAC7F,CAAC;IAED,MAAM,CAAC,KAAiB;QACpB,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;QACzD,IAAI,CAAC,WAAW,GAAG,KAAK,CAAC;QACzB,IAAI,CAAC,WAAW,GAAG,IAAI,WAAW,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC;IAC3D,CAAC;IAED,oBAAoB;QAChB,MAAM,GAAG,GAAG,IAAI,CAAC,aAAc,CAAC,KAAK,EAAG,CAAC;QACzC,MAAM,CAAC,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;QAC9D,IAAI,CAAC,WAAW,GAAG,KAAK,CAAC;QACzB,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QACpB,IAAI,CAAC,WAAW,GAAG,IAAI,WAAW,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC;IAC3D,CAAC;IAED,cAAc,CAAC,CAAa;QACxB,MAAM,CAAC,GAAG,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;QAC1D,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;QAChB,OAAO,CAAC,CAAC;IACb,CAAC;IAED,cAAc,CAAC,CAAa;QACxB,MAAM,CAAC,GAAG,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;QAC1D,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;QAChB,OAAO,CAAC,CAAC;IACb,CAAC;IAED,MAAM;QACF,IAAI,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM,EAAE;YAC/C,OAAO,IAAI,CAAC;SACf;aAAM;YACH,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,CAAC,KAAK,EAAE,CAAC,CAAC;iBACrD,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,WAAW,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,CAAC;YACnD,OAAO,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC;SAC7E;IACL,CAAC;IAED,SAAS;QACL,IAAI,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM,EAAE;YAChD,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;SAClE;QACD,OAAO,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;IACnD,CAAC;IAED,mBAAmB,CAAC,CAAc;QAC9B,QAAQ,CAAC,EAAE;YACP,KAAK,IAAI;gBACL,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,gBAAgB,EAAE,IAAI,CAAC,wBAAyB,CAAC,CAAC,CAAC;gBAC1F,MAAM;YAEV,KAAK,IAAI;gBACL,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW;oBACxB,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,gBAAgB,EAAE,IAAI,CAAC,qBAAsB,CAAC;oBAC3E,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,aAAa,EAAE,IAAI,CAAC,wBAAyB,CAAC,CAAC,CAAC;gBACjF,MAAM;YAEV,KAAK,IAAI;gBACL,IAAI,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,WAAW;oBACzB,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,gBAAgB,EAAE,IAAI,CAAC,qBAAsB,CAAC;oBAC3E,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,aAAa,EAAE,IAAI,CAAC,wBAAyB,CAAC,CAAC,CAAC;gBACjF,MAAM;YAEV,KAAK,IAAI;gBACL,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,aAAa,EAAE,IAAI,CAAC,qBAAsB,CAAC,CAAC,CAAC;gBACpF,MAAM;YAEV,KAAK,KAAK;gBACN,IAAI,CAAC,oBAAoB,EAAE,CAAC;gBAC5B,MAAM;SACb;IACL,CAAC;IAED,YAAY,CAAC,OAAmB;QAC5B,MAAM,MAAM,GAAG,EAAE,CAAC;QAClB,IAAI,CAAC,SAAS,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE;YACzB,QAAQ,CAAC,EAAE;gBACP,KAAK,GAAG;oBACJ,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;oBAC1C,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;oBAC3C,IAAI,IAAI,CAAC,aAAa;wBAAE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;oBAClE,MAAM;gBAEV,KAAK,GAAG;oBACJ,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC;oBAC5D,MAAM;gBAEV;oBACI,IAAI,CAAC,mBAAmB,CAAC,CAAC,CAAC,CAAC;oBAC5B,MAAM;aACb;QACL,CAAC,CAAC,CAAC;QACH,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC,CAAC;QAE1C,IAAI,MAAkB,CAAC;QACvB,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE;YACrB,MAAM,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;SACtB;aAAM;YACH,MAAM,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,CAAC;YACxE,IAAI,MAAM,GAAG,CAAC,CAAC;YACf,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;SAC3E;QAED,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,CAAC,MAAM,EAAE,EAAE,CAAC;IAC/C,CAAC;IAED,WAAW,CAAC,MAAkB;QAC1B,MAAM,IAAI,GAAG,CAAC,CAAS,EAAc,EAAE;YACnC,MAAM,EAAE,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC9B,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;YAC5B,OAAO,EAAE,CAAC;QACd,CAAC,CAAC;QACF,IAAI,CAAC,SAAS,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE;YACzB,QAAQ,CAAC,EAAE;gBACP,KAAK,GAAG;oBACJ,IAAI,CAAC,wBAAwB,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC;oBAC/D,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;oBAC5C,IAAI,IAAI,CAAC,aAAa;wBAAE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;oBACnE,MAAM;gBAEV,KAAK,GAAG;oBACJ,IAAI,CAAC,qBAAqB,GAAG,IAAI,CAAC,cAAc,CAAC,IAAI,CACjD,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,KAAK,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;oBAClE,MAAM;gBAEV;oBACI,IAAI,CAAC,mBAAmB,CAAC,CAAC,CAAC,CAAC;oBAC5B,MAAM;aACb;QACL,CAAC,CAAC,CAAC;QAEH,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;QAC5C,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,CAAC,MAAM,EAAE,EAAE,CAAC;IAChD,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAC,WAAkD,EAClD,UAAqC,EACrC,gBAAgB,KAAK,EAAE,EAAc,EAAiB,EAAE,GAAE,CAAC,EAC3D,iBAAiB,KAAK,IAAyB,EAAE,CAAC,IAAI,UAAU,CAAC,CAAC,CAAC;QAGvF,MAAM,CAAC,GAAG,KAAK,IAA6B,EAAE;YAC1C,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,cAAc,EAAE,CAAC,CAAC;YACvE,MAAM,WAAW,CAAC,MAAM,CAAC,CAAC;YAC1B,OAAO,QAAQ,IAAI,CAAC,EAAE,CAAC;QAC3B,CAAC,CAAC;QACF,MAAM,CAAC,GAAG,KAAK,IAA6B,EAAE;YAC1C,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC,WAAW,CAAC,MAAM,UAAU,EAAE,CAAC,CAAC;YACnE,MAAM,aAAa,CAAC,OAAO,CAAC,CAAC;YAC7B,OAAO,QAAQ,IAAI,CAAC,EAAE,CAAC;QAC3B,CAAC,CAAC;QACF,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IAC1C,CAAC;CACJ"}

package/lib/noise/patterns.d.ts

@@ -0,0 +1,16 @@
+export type KeyTransferToken = 'e' | 's';
+export type KeyMixToken = 'ee' | 'es' | 'se' | 'ss' | 'psk';
+export type Token = KeyTransferToken | KeyMixToken;
+export type PreMessage = ['e'] | ['s'] | ['e', 's'] | [];
+export interface HandshakePattern {
+    name: string;
+    baseName: string;
+    messages: Token[][];
+    initiatorPreMessage: PreMessage;
+    responderPreMessage: PreMessage;
+}
+export declare const PATTERNS: {
+    [key: string]: HandshakePattern;
+};
+export declare function isOneWay(pat: HandshakePattern): boolean;
+export declare function lookupPattern(name: string): HandshakePattern | null;

package/lib/noise/patterns.js

@@ -0,0 +1,73 @@
+/// SPDX-License-Identifier: MIT
+/// SPDX-FileCopyrightText: Copyright © 2023 Tony Garnock-Jones <tonyg@leastfixedpoint.com>
+export const PATTERNS = {};
+function _p(name, messages, initiatorPreMessage, responderPreMessage) {
+    const pat = { name, baseName: name, messages, initiatorPreMessage, responderPreMessage };
+    PATTERNS[pat.name] = pat;
+}
+_p("I1K1", [["e", "s"], ["e", "ee", "es"], ["se"]], [], ["s"]);
+_p("I1K", [["e", "es", "s"], ["e", "ee"], ["se"]], [], ["s"]);
+_p("I1N", [["e", "s"], ["e", "ee"], ["se"]], [], []);
+_p("I1X1", [["e", "s"], ["e", "ee", "s"], ["se", "es"]], [], []);
+_p("I1X", [["e", "s"], ["e", "ee", "s", "es"], ["se"]], [], []);
+_p("IK1", [["e", "s"], ["e", "ee", "se", "es"]], [], ["s"]);
+_p("IK", [["e", "es", "s", "ss"], ["e", "ee", "se"]], [], ["s"]);
+_p("IN", [["e", "s"], ["e", "ee", "se"]], [], []);
+_p("IX1", [["e", "s"], ["e", "ee", "se", "s"], ["es"]], [], []);
+_p("IX", [["e", "s"], ["e", "ee", "se", "s", "es"]], [], []);
+_p("K1K1", [["e"], ["e", "ee", "es"], ["se"]], ["s"], ["s"]);
+_p("K1K", [["e", "es"], ["e", "ee"], ["se"]], ["s"], ["s"]);
+_p("K1N", [["e"], ["e", "ee"], ["se"]], ["s"], []);
+_p("K1X1", [["e"], ["e", "ee", "s"], ["se", "es"]], ["s"], []);
+_p("K1X", [["e"], ["e", "ee", "s", "es"], ["se"]], ["s"], []);
+_p("K", [["e", "es", "ss"]], ["s"], ["s"]);
+_p("KK1", [["e"], ["e", "ee", "se", "es"]], ["s"], ["s"]);
+_p("KK", [["e", "es", "ss"], ["e", "ee", "se"]], ["s"], ["s"]);
+_p("KN", [["e"], ["e", "ee", "se"]], ["s"], []);
+_p("KX1", [["e"], ["e", "ee", "se", "s"], ["es"]], ["s"], []);
+_p("KX", [["e"], ["e", "ee", "se", "s", "es"]], ["s"], []);
+_p("N", [["e", "es"]], [], ["s"]);
+_p("NK1", [["e"], ["e", "ee", "es"]], [], ["s"]);
+_p("NK", [["e", "es"], ["e", "ee"]], [], ["s"]);
+_p("NN", [["e"], ["e", "ee"]], [], []);
+_p("NX1", [["e"], ["e", "ee", "s"], ["es"]], [], []);
+_p("NX", [["e"], ["e", "ee", "s", "es"]], [], []);
+_p("X1K1", [["e"], ["e", "ee", "es"], ["s"], ["se"]], [], ["s"]);
+_p("X1K", [["e", "es"], ["e", "ee"], ["s"], ["se"]], [], ["s"]);
+_p("X1N", [["e"], ["e", "ee"], ["s"], ["se"]], [], []);
+_p("X1X1", [["e"], ["e", "ee", "s"], ["es", "s"], ["se"]], [], []);
+_p("X1X", [["e"], ["e", "ee", "s", "es"], ["s"], ["se"]], [], []);
+_p("X", [["e", "es", "s", "ss"]], [], ["s"]);
+_p("XK1", [["e"], ["e", "ee", "es"], ["s", "se"]], [], ["s"]);
+_p("XK", [["e", "es"], ["e", "ee"], ["s", "se"]], [], ["s"]);
+_p("XN", [["e"], ["e", "ee"], ["s", "se"]], [], []);
+_p("XX1", [["e"], ["e", "ee", "s"], ["es", "s", "se"]], [], []);
+_p("XX", [["e"], ["e", "ee", "s", "es"], ["s", "se"]], [], []);
+export function isOneWay(pat) {
+    return pat.baseName.length === 1;
+}
+const NAME_RE = /^([NKX]|[NKXI]1?[NKX]1?)([a-z][a-z0-9]*(\+[a-z][a-z0-9]*)*)?$/;
+const PSK_RE = /^psk([0-9]+)$/;
+export function lookupPattern(name) {
+    var _a, _b, _c;
+    const m = NAME_RE.exec(name);
+    if (m === null)
+        return null;
+    const modifiers = (_b = (_a = m[2]) === null || _a === void 0 ? void 0 : _a.split('+')) !== null && _b !== void 0 ? _b : [];
+    let pat = (_c = PATTERNS[m[1]]) !== null && _c !== void 0 ? _c : null;
+    if (!pat)
+        return null;
+    modifiers.forEach(m => pat = pat && applyModifier(pat, m));
+    return pat && Object.assign(Object.assign({}, pat), { name });
+}
+function applyModifier(pat, mod) {
+    const m = PSK_RE.exec(mod);
+    if (m === null)
+        return null;
+    const n = parseInt(m[1], 10);
+    const messages = pat.messages;
+    return Object.assign(Object.assign({}, pat), { messages: (n === 0
+            ? [["psk", ...messages[0]], ...messages.slice(1)]
+            : [...messages.slice(0, n - 1), [...messages[n - 1], "psk"], ...messages.slice(n)]) });
+}
+//# sourceMappingURL=patterns.js.map