shogun-core 6.2.3 → 6.3.0

package/dist/examples/mls-multi-member.js

@@ -1,153 +0,0 @@
-"use strict";
-/**
- * MLS Working Multi-Member Test
- * Usa l'approccio corretto basato sull'implementazione funzionante
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.testMLSWorkingMultiMembers = testMLSWorkingMultiMembers;
-const crypto_1 = require("../crypto");
-async function testMLSWorkingMultiMembers() {
-    console.log("🚀 Starting MLS Working Multi-Member Test");
-    console.log("=".repeat(50));
-    const members = ["alice", "bob", "charlie", "david", "eve"];
-    const managers = new Map();
-    try {
-        // Step 1: Initialize all managers
-        console.log("\n📋 Step 1: Initializing all managers");
-        for (const memberId of members) {
-            const manager = new crypto_1.MLSManager(memberId);
-            await manager.initialize();
-            managers.set(memberId, manager);
-            console.log(`✅ ${memberId} initialized`);
-        }
-        // Step 2: Alice creates group
-        console.log("\n📋 Step 2: Creating group");
-        const groupId = "working-multi-member-group";
-        const alice = managers.get("alice");
-        await alice.createGroup(groupId);
-        console.log("✅ Group created by Alice");
-        // Step 3: Add all members at once (this is the key!)
-        console.log("\n📋 Step 3: Adding all members at once");
-        const otherMembers = members.slice(1); // bob, charlie, david, eve
-        const keyPackages = otherMembers.map((id) => managers.get(id).getKeyPackage());
-        console.log(`➕ Adding ${otherMembers.length} members: ${otherMembers.join(", ")}`);
-        const addResult = await alice.addMembers(groupId, keyPackages);
-        console.log("✅ All members added by Alice");
-        // Step 4: All other members join via welcome
-        console.log("\n📋 Step 4: All members join via welcome");
-        for (const memberId of otherMembers) {
-            const manager = managers.get(memberId);
-            await manager.processWelcome(addResult.welcome, addResult.ratchetTree);
-            console.log(`✅ ${memberId} joined group`);
-        }
-        // Step 5: Verify synchronization
-        console.log("\n📋 Step 5: Verifying synchronization");
-        const epochInfos = new Map();
-        for (const memberId of members) {
-            const info = await managers.get(memberId).getGroupKeyInfo(groupId);
-            epochInfos.set(memberId, info?.epoch);
-        }
-        console.log("📊 Epoch verification:");
-        for (const [memberId, epoch] of epochInfos) {
-            console.log(`  ${memberId}: ${epoch}`);
-        }
-        const epochs = Array.from(epochInfos.values());
-        const allSameEpoch = epochs.every((epoch) => epoch === epochs[0]);
-        if (!allSameEpoch) {
-            console.log(`❌ CRITICAL: Members at different epochs - aborting test`);
-            return;
-        }
-        console.log(`✅ All ${members.length} members synchronized at epoch ${epochs[0]}`);
-        // Step 6: Test message exchange
-        console.log("\n📋 Step 6: Testing message exchange");
-        // Each member sends a message
-        for (const senderId of members) {
-            console.log(`\n💬 ${senderId} sending message...`);
-            const sender = managers.get(senderId);
-            const message = `Hello from ${senderId} to everyone!`;
-            const envelope = await sender.encryptMessage(groupId, message);
-            console.log(`✅ ${senderId} encrypted message`);
-            // All members decrypt the message
-            let successCount = 0;
-            for (const [memberId, manager] of managers) {
-                if (memberId === senderId) {
-                    console.log(`✅ ${memberId} (sender) does not need to decrypt their own message.`);
-                    successCount++;
-                    continue;
-                }
-                try {
-                    const decrypted = await manager.decryptMessage(envelope);
-                    console.log(`✅ ${memberId} decrypted: "${decrypted}"`);
-                    successCount++;
-                }
-                catch (error) {
-                    console.error(`❌ ${memberId} failed to decrypt:`, error);
-                }
-            }
-            if (successCount === members.length) {
-                console.log(`🎉 All ${members.length} members successfully decrypted ${senderId}'s message`);
-            }
-            else {
-                console.log(`⚠️ Only ${successCount}/${members.length} members could decrypt ${senderId}'s message`);
-            }
-        }
-        // Step 7: Test key rotation
-        console.log("\n📋 Step 7: Testing key rotation");
-        const initiator = managers.get("alice");
-        console.log("🔄 Alice initiating key rotation...");
-        const updateCommit = await initiator.updateKey(groupId);
-        console.log("✅ Key rotation commit created");
-        // All members process the update commit
-        for (const [memberId, manager] of managers) {
-            if (memberId === initiator.getUserId()) {
-                console.log(`✅ ${memberId} (initiator) already processed key rotation.`);
-                continue;
-            }
-            try {
-                await manager.processCommit(groupId, updateCommit);
-                console.log(`✅ ${memberId} processed key rotation`);
-            }
-            catch (error) {
-                console.error(`❌ ${memberId} failed to process key rotation:`, error);
-            }
-        }
-        // Step 8: Test messages after key rotation
-        console.log("\n📋 Step 8: Testing messages after key rotation");
-        const testMessage = "This message is sent after key rotation!";
-        const aliceEnvelope = await alice.encryptMessage(groupId, testMessage);
-        let postRotationSuccess = 0;
-        for (const [memberId, manager] of managers) {
-            if (memberId === alice.getUserId()) {
-                console.log(`✅ ${memberId} (sender) does not need to decrypt their own message after rotation.`);
-                postRotationSuccess++;
-                continue;
-            }
-            try {
-                const decrypted = await manager.decryptMessage(aliceEnvelope);
-                console.log(`✅ ${memberId} decrypted after rotation: "${decrypted}"`);
-                postRotationSuccess++;
-            }
-            catch (error) {
-                console.error(`❌ ${memberId} failed to decrypt after rotation:`, error);
-            }
-        }
-        console.log("\n🎉 MLS Working Multi-Member Test completed!");
-        console.log(`✅ Group creation with ${members.length} members`);
-        console.log(`✅ Bidirectional encrypted messaging`);
-        console.log(`✅ Key rotation and forward secrecy`);
-        console.log(`✅ All members can send and receive messages`);
-        // Cleanup
-        console.log("\n📋 Cleanup");
-        for (const [memberId, manager] of managers) {
-            await manager.destroy();
-            console.log(`✅ ${memberId} destroyed`);
-        }
-    }
-    catch (error) {
-        console.error("❌ Test failed:", error);
-    }
-}
-// Run the test
-if (require.main === module) {
-    testMLSWorkingMultiMembers().catch(console.error);
-}

package/dist/examples/mls-sframe-test.js

@@ -1,307 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-// MLS and SFrame test - Updated for RFC-compliant implementations
-const crypto_1 = require("../crypto");
-// Test MLS (Message Layer Security) - RFC 9420
-async function testMLS() {
-    try {
-        console.log("🔐 Starting MLS RFC 9420 test...");
-        // Create MLS managers for Alice, Bob, and Charlie
-        const aliceManager = new crypto_1.MLSManager("alice");
-        const bobManager = new crypto_1.MLSManager("bob");
-        const charlieManager = new crypto_1.MLSManager("charlie");
-        // Initialize all managers
-        await aliceManager.initialize();
-        await bobManager.initialize();
-        await charlieManager.initialize();
-        console.log("✅ MLS managers initialized");
-        // Alice creates a group
-        const groupInfo = await aliceManager.createGroup("test-group");
-        console.log("✅ Group created:", groupInfo);
-        // Export key packages
-        const aliceKeyPackage = aliceManager.getKeyPackage();
-        const bobKeyPackage = bobManager.getKeyPackage();
-        const charlieKeyPackage = charlieManager.getKeyPackage();
-        if (!aliceKeyPackage || !bobKeyPackage || !charlieKeyPackage) {
-            throw new Error("Failed to get key packages");
-        }
-        console.log("✅ Key packages exported");
-        // Alice adds Bob and Charlie to the group
-        const addResult = await aliceManager.addMembers("test-group", [
-            bobKeyPackage,
-            charlieKeyPackage,
-        ]);
-        console.log("✅ Members added to group");
-        // Send welcome to Bob
-        const bobWelcome = await bobManager.processWelcome(addResult.welcome, addResult.ratchetTree);
-        console.log("✅ Bob joined group:", bobWelcome);
-        // Send welcome to Charlie
-        const charlieWelcome = await charlieManager.processWelcome(addResult.welcome, addResult.ratchetTree);
-        console.log("✅ Charlie joined group:", charlieWelcome);
-        // Alice processes the commit to update her state
-        // Alice doesn't need to process the commit - her state is already updated by addMembers()
-        console.log("✅ Alice already synchronized after adding members (state updated by addMembers)");
-        // Test messaging
-        const message1 = await aliceManager.encryptMessage("test-group", "Hello MLS group!");
-        console.log("✅ Message encrypted");
-        // Alice doesn't need to decrypt her own message, as her state is already updated
-        console.log("✅ Alice (sender) does not need to decrypt her own message.");
-        // Test key rotation
-        const updateCommit = await aliceManager.updateKey("test-group");
-        console.log("✅ Key rotation performed");
-        // Process update commit for all members
-        // Alice doesn't need to process the commit for key rotation - her state is already updated by updateKey()
-        console.log("✅ Alice already synchronized after key rotation (state updated by updateKey)");
-        await bobManager.processCommit("test-group", updateCommit);
-        await charlieManager.processCommit("test-group", updateCommit);
-        console.log("✅ All members processed key rotation");
-        const result = {
-            success: true,
-            groupInfo: await aliceManager.getGroupKeyInfo("test-group"),
-            messagesExchanged: 1,
-            memberCount: 3,
-            currentEpoch: groupInfo.epoch.toString(),
-            demonstration: {
-                groupMessaging: true,
-                forwardSecrecy: true,
-                memberManagement: true,
-                epochUpdates: true,
-                rfc9420Compliant: true,
-            },
-        };
-        console.log("✅ MLS RFC 9420 test completed successfully");
-        return result;
-    }
-    catch (error) {
-        console.error("❌ MLS test error:", error);
-        return {
-            success: false,
-            error: error instanceof Error ? error.message : "Unknown error",
-        };
-    }
-}
-// Test SFrame (Secure Frame) - RFC 9605
-async function testSFrame() {
-    try {
-        console.log("🎥 Starting SFrame RFC 9605 test...");
-        // Create SFrame managers for Alice (sender) and Bob (receiver)
-        const aliceManager = new crypto_1.SFrameManager();
-        const bobManager = new crypto_1.SFrameManager();
-        await aliceManager.initialize();
-        await bobManager.initialize();
-        console.log("✅ SFrame managers initialized");
-        // Alice generates key and shares with Bob
-        const aliceSFrameKey = await aliceManager.generateKey(0);
-        // Bob uses Alice's key
-        await bobManager.setSharedKey(aliceSFrameKey);
-        // Set active key for both
-        aliceManager.setActiveKey(0);
-        bobManager.setActiveKey(0);
-        // Simulate media frames
-        const testFrames = [
-            new TextEncoder().encode("Video Frame 1: Hello World!"),
-            new TextEncoder().encode("Video Frame 2: This is encrypted!"),
-            new TextEncoder().encode("Video Frame 3: SFrame is working!"),
-            new TextEncoder().encode("Audio Frame 1: Sound data"),
-            new TextEncoder().encode("Audio Frame 2: More sound data"),
-        ];
-        const encryptedFrames = [];
-        const decryptedFrames = [];
-        // Encrypt frames with Alice
-        console.log("🔒 Encrypting frames...");
-        for (const frame of testFrames) {
-            const encryptedFrame = await aliceManager.encryptFrame(frame.buffer);
-            encryptedFrames.push(encryptedFrame);
-        }
-        // Decrypt frames with Bob
-        console.log("🔓 Decrypting frames...");
-        for (const encryptedFrame of encryptedFrames) {
-            const decryptedFrame = await bobManager.decryptFrame(encryptedFrame);
-            decryptedFrames.push(decryptedFrame);
-        }
-        // Verify decryption
-        let allFramesMatch = true;
-        for (let i = 0; i < testFrames.length; i++) {
-            const original = new TextDecoder().decode(testFrames[i]);
-            const decrypted = new TextDecoder().decode(decryptedFrames[i]);
-            if (original !== decrypted) {
-                allFramesMatch = false;
-                break;
-            }
-        }
-        // Test key rotation
-        const newKeyId = await aliceManager.rotateKey();
-        console.log("✅ Key rotated to:", newKeyId);
-        // Get statistics
-        const aliceStats = aliceManager.getStats();
-        const bobStats = bobManager.getStats();
-        const result = {
-            success: true,
-            framesProcessed: testFrames.length,
-            allFramesMatch,
-            aliceStats,
-            bobStats,
-            demonstration: {
-                mediaEncryption: true,
-                lowOverhead: true,
-                realTimeCapable: true,
-                keyRotation: true,
-                statistics: true,
-                rfc9605Compliant: true,
-            },
-        };
-        console.log("✅ SFrame RFC 9605 test completed successfully");
-        return result;
-    }
-    catch (error) {
-        console.error("❌ SFrame test error:", error);
-        return {
-            success: false,
-            error: error instanceof Error ? error.message : "Unknown error",
-        };
-    }
-}
-// Test MLS-SFrame integration
-async function testMLSSFrameIntegration() {
-    try {
-        console.log("🔗 Starting MLS-SFrame integration test...");
-        // Create MLS group
-        const aliceMLS = new crypto_1.MLSManager("alice");
-        const bobMLS = new crypto_1.MLSManager("bob");
-        await aliceMLS.initialize();
-        await bobMLS.initialize();
-        const groupInfo = await aliceMLS.createGroup("media-group");
-        const bobKeyPackage = bobMLS.getKeyPackage();
-        if (!bobKeyPackage) {
-            throw new Error("Failed to get Bob's key package");
-        }
-        const addResult = await aliceMLS.addMembers("media-group", [bobKeyPackage]);
-        await bobMLS.processWelcome(addResult.welcome, addResult.ratchetTree);
-        // Alice doesn't need to process the commit - her state is already updated by addMembers()
-        console.log("✅ Alice already synchronized after adding members (state updated by addMembers)");
-        console.log("✅ MLS group established");
-        // Create SFrame managers
-        const aliceSFrame = new crypto_1.SFrameManager();
-        const bobSFrame = new crypto_1.SFrameManager();
-        await aliceSFrame.initialize();
-        await bobSFrame.initialize();
-        // Derive SFrame keys from MLS group secret
-        // Note: In real implementation, you'd get the actual MLS group secret
-        const mockMLSSecret = new TextEncoder().encode("mls-group-secret").buffer;
-        await aliceSFrame.deriveKeyFromMLSSecret(mockMLSSecret, 0);
-        await bobSFrame.deriveKeyFromMLSSecret(mockMLSSecret, 0);
-        console.log("✅ SFrame keys derived from MLS");
-        // Test media encryption with MLS-derived keys
-        const mediaFrame = new TextEncoder().encode("Secure media frame from MLS group");
-        const encryptedFrame = await aliceSFrame.encryptFrame(mediaFrame.buffer);
-        const decryptedFrame = await bobSFrame.decryptFrame(encryptedFrame);
-        const dataMatches = new TextDecoder().decode(mediaFrame) ===
-            new TextDecoder().decode(decryptedFrame);
-        const result = {
-            success: true,
-            mlsGroupEstablished: true,
-            sframeKeysDerived: true,
-            mediaEncryptionWorking: dataMatches,
-            integration: {
-                mlsGroupMessaging: true,
-                sframeMediaEncryption: true,
-                keyDerivationFromMLS: true,
-                endToEndSecurity: true,
-            },
-        };
-        console.log("✅ MLS-SFrame integration test completed successfully");
-        return result;
-    }
-    catch (error) {
-        console.error("❌ MLS-SFrame integration test error:", error);
-        return {
-            success: false,
-            error: error instanceof Error ? error.message : "Unknown error",
-        };
-    }
-}
-// Test codec functionality
-async function testCodec() {
-    try {
-        console.log("📦 Starting MLS codec test...");
-        // Create a manager and get key package
-        const manager = new crypto_1.MLSManager("test-user");
-        await manager.initialize();
-        const keyPackage = manager.getKeyPackage();
-        if (!keyPackage) {
-            throw new Error("Failed to get key package");
-        }
-        // Test encoding/decoding
-        const encoded = (0, crypto_1.encodeKeyPackage)(keyPackage.publicPackage);
-        const decoded = (0, crypto_1.decodeKeyPackage)(encoded);
-        console.log("✅ Key package encoding/decoding successful");
-        // Test group creation and encoding
-        const groupInfo = await manager.createGroup("codec-test");
-        const encodedGroup = (0, crypto_1.encodeRatchetTree)([]);
-        const decodedGroup = (0, crypto_1.decodeRatchetTree)(encodedGroup);
-        console.log("✅ Ratchet tree encoding/decoding successful");
-        const result = {
-            success: true,
-            keyPackageCodec: true,
-            ratchetTreeCodec: true,
-            serialization: true,
-        };
-        console.log("✅ MLS codec test completed successfully");
-        return result;
-    }
-    catch (error) {
-        console.error("❌ Codec test error:", error);
-        return {
-            success: false,
-            error: error instanceof Error ? error.message : "Unknown error",
-        };
-    }
-}
-// Run all tests
-async function runAllTests() {
-    console.log("🚀 Running all MLS and SFrame RFC-compliant tests...\n");
-    // Test 1: MLS RFC 9420 demonstration
-    console.log("=== Test 1: MLS RFC 9420 Demonstration ===");
-    const mlsResult = await testMLS();
-    console.log("\n=== Test 2: SFrame RFC 9605 Demonstration ===");
-    const sframeResult = await testSFrame();
-    console.log("\n=== Test 3: MLS-SFrame Integration ===");
-    const integrationResult = await testMLSSFrameIntegration();
-    console.log("\n=== Test 4: MLS Codec Testing ===");
-    const codecResult = await testCodec();
-    console.log("\n📊 Final Results:");
-    console.log("MLS RFC 9420:", mlsResult.success ? "✅ PASSED" : "❌ FAILED");
-    console.log("SFrame RFC 9605:", sframeResult.success ? "✅ PASSED" : "❌ FAILED");
-    console.log("MLS-SFrame Integration:", integrationResult.success ? "✅ PASSED" : "❌ FAILED");
-    console.log("MLS Codec:", codecResult.success ? "✅ PASSED" : "❌ FAILED");
-    const allPassed = mlsResult.success &&
-        sframeResult.success &&
-        integrationResult.success &&
-        codecResult.success;
-    if (allPassed) {
-        console.log("\n🎉 All MLS and SFrame RFC-compliant tests completed successfully!");
-        console.log("🔒 RFC 9420 MLS: End-to-end encrypted group messaging with forward secrecy");
-        console.log("🎥 RFC 9605 SFrame: Real-time media encryption with low overhead");
-        console.log("🔗 Integration: MLS-derived keys for SFrame media encryption");
-        console.log("📦 Codec: Serialization support for MLS messages");
-    }
-    else {
-        console.log("\n❌ Some tests failed");
-    }
-    return {
-        mls: mlsResult,
-        sframe: sframeResult,
-        integration: integrationResult,
-        codec: codecResult,
-        allPassed,
-    };
-}
-// Run the tests
-runAllTests()
-    .then((result) => {
-    console.log("\n📊 Final Test Summary:");
-    console.log(JSON.stringify(result, (key, value) => (typeof value === "bigint" ? value.toString() : value), 2));
-})
-    .catch((error) => {
-    console.error("💥 Test execution failed:", error);
-});

package/dist/examples/mls-simple-test.js

@@ -1,58 +0,0 @@
-"use strict";
-/**
- * Simple MLS Test
- * Minimal test to verify MLS functionality
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.testMLS = testMLS;
-const crypto_1 = require("../crypto");
-async function testMLS() {
-    console.log("🚀 Starting Simple MLS Test");
-    console.log("=".repeat(50));
-    try {
-        // Create managers
-        const alice = new crypto_1.MLSManager("alice");
-        const bob = new crypto_1.MLSManager("bob");
-        // Initialize
-        await alice.initialize();
-        await bob.initialize();
-        console.log("✅ Managers initialized");
-        // Alice creates group
-        const groupId = "test-group";
-        await alice.createGroup(groupId);
-        console.log("✅ Group created");
-        // Add Bob
-        const bobKeyPackage = bob.getKeyPackage();
-        const addResult = await alice.addMembers(groupId, [bobKeyPackage]);
-        console.log("✅ Members added");
-        // Bob joins via welcome
-        await bob.processWelcome(addResult.welcome, addResult.ratchetTree);
-        console.log("✅ Bob joined group");
-        // Test message exchange
-        console.log("\n📋 Testing message exchange");
-        // Alice sends message
-        const envelope1 = await alice.encryptMessage(groupId, "Hello from Alice!");
-        console.log("✅ Alice encrypted message");
-        // Bob decrypts
-        const decrypted1 = await bob.decryptMessage(envelope1);
-        console.log(`✅ Bob decrypted: "${decrypted1}"`);
-        // Bob sends message
-        const envelope2 = await bob.encryptMessage(groupId, "Hello from Bob!");
-        console.log("✅ Bob encrypted message");
-        // Alice decrypts
-        const decrypted2 = await alice.decryptMessage(envelope2);
-        console.log(`✅ Alice decrypted: "${decrypted2}"`);
-        console.log("\n🎉 Simple MLS Test completed successfully!");
-        // Cleanup
-        await alice.destroy();
-        await bob.destroy();
-        console.log("✅ Cleanup completed");
-    }
-    catch (error) {
-        console.error("❌ Test failed:", error);
-    }
-}
-// Run the test
-if (require.main === module) {
-    testMLS().catch(console.error);
-}