ts-mls 1.0.2

package/dist/test/test-vectors/messageProtection.test.js

@@ -0,0 +1,215 @@
+import json from "../../test_vectors/message-protection.json";
+import { hexToBytes } from "@noble/ciphers/utils";
+import { getCiphersuiteFromId, getCiphersuiteImpl, getCiphersuiteNameFromId, } from "../../src/crypto/ciphersuite";
+import { decodeMlsMessage } from "../../src/message";
+import { protect, unprotectPrivateMessage } from "../../src/messageProtection";
+import { createContentCommitSignature } from "../../src/framedContent";
+import { decodeProposal, encodeProposal } from "../../src/proposal";
+import { decodeCommit, encodeCommit } from "../../src/commit";
+import { createSecretTree } from "../../src/secretTree";
+import { protectApplicationData, protectProposal } from "../../src/messageProtection";
+import { protectProposalPublic, protectPublicMessage, unprotectPublicMessage } from "../../src/messageProtectionPublic";
+import { defaultKeyRetentionConfig } from "../../src/keyRetentionConfig";
+import { defaultCapabilities } from "../../src/defaultCapabilities";
+import { UsageError } from "../../src/mlsError";
+import { defaultPaddingConfig } from "../../src/paddingConfig";
+for (const [index, x] of json.entries()) {
+    test(`message-protection test vectors ${index}`, async () => {
+        const impl = await getCiphersuiteImpl(getCiphersuiteFromId(x.cipher_suite));
+        await testMessageProtection(x, impl);
+    });
+}
+async function testMessageProtection(data, impl) {
+    const gc = {
+        version: "mls10",
+        cipherSuite: getCiphersuiteNameFromId(data.cipher_suite),
+        groupId: hexToBytes(data.group_id),
+        epoch: BigInt(data.epoch),
+        treeHash: hexToBytes(data.tree_hash),
+        confirmedTranscriptHash: hexToBytes(data.confirmed_transcript_hash),
+        extensions: [],
+    };
+    await publicProposal(data, gc, impl);
+    await protectThenUnprotectProposalPublic(data, gc, impl);
+    await publicCommit(data, gc, impl);
+    await protectThenUnprotectCommitPublic(data, gc, impl);
+    await proposal(data, gc, impl);
+    await protectThenUnprotectProposal(data, gc, impl);
+    await application(data, gc, impl);
+    await protectThenUnprotectApplication(data, gc, impl);
+    await commit(data, gc, impl);
+    await protectThenUnprotectCommit(data, gc, impl);
+    await publicApplicationFails(data, gc, impl);
+}
+// need to provide a ratchet tree with non blank leaf node so senderData validation doesn't fail
+const treeForLeafIndex1 = [
+    undefined,
+    undefined,
+    {
+        nodeType: "leaf",
+        leaf: {
+            leafNodeSource: "commit",
+            hpkePublicKey: new Uint8Array(),
+            signaturePublicKey: new Uint8Array(),
+            capabilities: defaultCapabilities(),
+            parentHash: new Uint8Array(),
+            extensions: [],
+            signature: new Uint8Array(),
+            credential: { credentialType: "basic", identity: new Uint8Array() },
+        },
+    },
+];
+async function protectThenUnprotectProposalPublic(data, gc, impl) {
+    const p = decodeProposal(hexToBytes(data.proposal), 0);
+    if (p === undefined)
+        throw new Error("could not decode proposal");
+    const prot = await protectProposalPublic(hexToBytes(data.signature_priv), hexToBytes(data.membership_key), gc, new Uint8Array(), p[0], 1, impl);
+    const unprotected = await unprotectPublicMessage(hexToBytes(data.membership_key), gc, [], prot.publicMessage, impl, hexToBytes(data.signature_pub));
+    if (unprotected === undefined || unprotected.content.contentType !== "proposal")
+        throw new Error("could not unprotect mls public message");
+    expect(encodeProposal(unprotected.content.proposal)).toStrictEqual(hexToBytes(data.proposal));
+}
+async function protectThenUnprotectCommitPublic(data, gc, impl) {
+    const c = decodeCommit(hexToBytes(data.commit), 0);
+    if (c === undefined)
+        throw new Error("could not decode commit");
+    const confirmationTag = crypto.getRandomValues(new Uint8Array(impl.hpke.keyLength)); // should I be getting this elsewhere?
+    const { framedContent, signature } = await createContentCommitSignature(gc, "mls_public_message", c[0], { leafIndex: 1, senderType: "member" }, new Uint8Array(), hexToBytes(data.signature_priv), impl.signature);
+    const authenticatedContent = {
+        wireformat: "mls_public_message",
+        content: framedContent,
+        auth: { contentType: "commit", signature: signature, confirmationTag },
+    };
+    const prot = await protectPublicMessage(hexToBytes(data.membership_key), gc, authenticatedContent, impl);
+    const unprotected = await unprotectPublicMessage(hexToBytes(data.membership_key), gc, [], prot, impl, hexToBytes(data.signature_pub));
+    if (unprotected === undefined || unprotected.content.contentType !== "commit")
+        throw new Error("could not unprotect mls public message");
+    expect(encodeCommit(unprotected.content.commit)).toStrictEqual(hexToBytes(data.commit));
+}
+async function publicProposal(data, gc, impl) {
+    const prop = decodeMlsMessage(hexToBytes(data.proposal_pub), 0);
+    if (prop === undefined || prop[0].wireformat !== "mls_public_message")
+        throw new Error("could not decode mls public message");
+    const unprotected = await unprotectPublicMessage(hexToBytes(data.membership_key), gc, [], prop[0].publicMessage, impl, hexToBytes(data.signature_pub));
+    if (unprotected.content.contentType !== "proposal")
+        throw new Error("Could not decode as proposal");
+    expect(encodeProposal(unprotected.content.proposal)).toStrictEqual(hexToBytes(data.proposal));
+}
+async function publicCommit(data, gc, impl) {
+    const c = decodeMlsMessage(hexToBytes(data.commit_pub), 0);
+    if (c === undefined || c[0].wireformat !== "mls_public_message")
+        throw new Error("could not decode mls public message");
+    const unprotected = await unprotectPublicMessage(hexToBytes(data.membership_key), gc, [], c[0].publicMessage, impl, hexToBytes(data.signature_pub));
+    if (unprotected.content.contentType !== "commit")
+        throw new Error("Could not decode as commit");
+    expect(encodeCommit(unprotected.content.commit)).toStrictEqual(hexToBytes(data.commit));
+}
+async function publicApplicationFails(data, gc, impl) {
+    const privateApplication = decodeMlsMessage(hexToBytes(data.application_priv), 0);
+    if (privateApplication === undefined || privateApplication[0].wireformat !== "mls_private_message")
+        throw new Error("could not decode mls private message");
+    const secretTree = await createSecretTree(2, hexToBytes(data.encryption_secret), impl.kdf);
+    const unprotected = await unprotectPrivateMessage(hexToBytes(data.sender_data_secret), privateApplication[0].privateMessage, secretTree, treeForLeafIndex1, gc, defaultKeyRetentionConfig, impl, hexToBytes(data.signature_pub));
+    if (unprotected === undefined || unprotected.content.content.contentType !== "application")
+        throw new Error("could not unprotect mls private message");
+    const content = {
+        content: {
+            ...unprotected.content.content,
+            contentType: "application",
+            groupId: gc.groupId,
+            sender: { leafIndex: 0, senderType: "member" },
+            epoch: gc.epoch,
+            authenticatedData: new Uint8Array(),
+        },
+        auth: unprotected.content.auth,
+        wireformat: "mls_public_message",
+    };
+    await expect(protectPublicMessage(hexToBytes(data.membership_key), gc, content, impl)).rejects.toThrow(UsageError);
+}
+async function commit(data, gc, impl) {
+    const privateCommit = decodeMlsMessage(hexToBytes(data.commit_priv), 0);
+    if (privateCommit === undefined || privateCommit[0].wireformat !== "mls_private_message")
+        throw new Error("could not decode mls private message");
+    const secretTree = await createSecretTree(2, hexToBytes(data.encryption_secret), impl.kdf);
+    const unprotected = await unprotectPrivateMessage(hexToBytes(data.sender_data_secret), privateCommit[0].privateMessage, secretTree, treeForLeafIndex1, gc, defaultKeyRetentionConfig, impl, hexToBytes(data.signature_pub));
+    if (unprotected === undefined || unprotected.content.content.contentType !== "commit")
+        throw new Error("could not unprotect mls private message");
+    expect(encodeCommit(unprotected.content.content.commit)).toStrictEqual(hexToBytes(data.commit));
+}
+async function application(data, gc, impl) {
+    const privateApplication = decodeMlsMessage(hexToBytes(data.application_priv), 0);
+    if (privateApplication === undefined || privateApplication[0].wireformat !== "mls_private_message")
+        throw new Error("could not decode mls private message");
+    const secretTree = await createSecretTree(2, hexToBytes(data.encryption_secret), impl.kdf);
+    const unprotected = await unprotectPrivateMessage(hexToBytes(data.sender_data_secret), privateApplication[0].privateMessage, secretTree, treeForLeafIndex1, gc, defaultKeyRetentionConfig, impl, hexToBytes(data.signature_pub));
+    if (unprotected === undefined || unprotected.content.content.contentType !== "application")
+        throw new Error("could not unprotect mls private message");
+    expect(unprotected.content.content.applicationData).toStrictEqual(hexToBytes(data.application));
+}
+async function protectThenUnprotectProposal(data, gc, impl) {
+    const p = decodeProposal(hexToBytes(data.proposal), 0);
+    if (p === undefined)
+        throw new Error("could not decode proposal");
+    const secretTree = await createSecretTree(2, hexToBytes(data.encryption_secret), impl.kdf);
+    const pro = await protectProposal(hexToBytes(data.signature_priv), hexToBytes(data.sender_data_secret), p[0], new Uint8Array(), gc, secretTree, 1, defaultPaddingConfig, impl);
+    const unprotected = await unprotectPrivateMessage(hexToBytes(data.sender_data_secret), pro.privateMessage, secretTree, treeForLeafIndex1, gc, defaultKeyRetentionConfig, impl, hexToBytes(data.signature_pub));
+    if (unprotected === undefined || unprotected.content.content.contentType !== "proposal")
+        throw new Error("could not unprotect mls private message");
+    expect(encodeProposal(unprotected.content.content.proposal)).toStrictEqual(hexToBytes(data.proposal));
+}
+async function protectThenUnprotectApplication(data, gc, impl) {
+    const secretTree = await createSecretTree(2, hexToBytes(data.encryption_secret), impl.kdf);
+    const pro = await protectApplicationData(hexToBytes(data.signature_priv), hexToBytes(data.sender_data_secret), hexToBytes(data.application), new Uint8Array(), gc, secretTree, 1, defaultPaddingConfig, impl);
+    const unprotected = await unprotectPrivateMessage(hexToBytes(data.sender_data_secret), pro.privateMessage, secretTree, treeForLeafIndex1, gc, defaultKeyRetentionConfig, impl, hexToBytes(data.signature_pub));
+    if (unprotected === undefined || unprotected.content.content.contentType !== "application")
+        throw new Error("could not unprotect mls private message");
+    expect(unprotected.content.content.applicationData).toStrictEqual(hexToBytes(data.application));
+}
+async function protectThenUnprotectCommit(data, gc, impl) {
+    const c = decodeCommit(hexToBytes(data.commit), 0);
+    if (c === undefined)
+        throw new Error("could not decode commit");
+    const secretTree = await createSecretTree(2, hexToBytes(data.encryption_secret), impl.kdf);
+    const confirmationTag = crypto.getRandomValues(new Uint8Array(impl.hpke.keyLength)); // should I be getting this elsewhere?
+    const { framedContent, signature } = await createContentCommitSignature(gc, "mls_private_message", c[0], { leafIndex: 1, senderType: "member" }, new Uint8Array(), hexToBytes(data.signature_priv), impl.signature);
+    const content = {
+        ...framedContent,
+        auth: {
+            contentType: framedContent.contentType,
+            signature,
+            confirmationTag,
+        },
+    };
+    const pro = await protect(hexToBytes(data.sender_data_secret), new Uint8Array(), gc, secretTree, content, 1, defaultPaddingConfig, impl);
+    const unprotected = await unprotectPrivateMessage(hexToBytes(data.sender_data_secret), pro.privateMessage, secretTree, treeForLeafIndex1, gc, defaultKeyRetentionConfig, impl, hexToBytes(data.signature_pub));
+    if (unprotected === undefined || unprotected.content.content.contentType !== "commit")
+        throw new Error("could not unprotect mls private message");
+    expect(encodeCommit(unprotected.content.content.commit)).toStrictEqual(hexToBytes(data.commit));
+}
+async function proposal(data, gc, impl) {
+    const privateProposal = decodeMlsMessage(hexToBytes(data.proposal_priv), 0);
+    if (privateProposal === undefined || privateProposal[0].wireformat !== "mls_private_message")
+        throw new Error("could not decode mls private message");
+    const secretTree = await createSecretTree(2, hexToBytes(data.encryption_secret), impl.kdf);
+    const unprotected = await unprotectPrivateMessage(hexToBytes(data.sender_data_secret), privateProposal[0].privateMessage, secretTree, [
+        undefined,
+        undefined,
+        {
+            nodeType: "leaf",
+            leaf: {
+                leafNodeSource: "commit",
+                hpkePublicKey: new Uint8Array(),
+                signaturePublicKey: new Uint8Array(),
+                capabilities: defaultCapabilities(),
+                parentHash: new Uint8Array(),
+                extensions: [],
+                signature: new Uint8Array(),
+                credential: { credentialType: "basic", identity: new Uint8Array() },
+            },
+        },
+    ], gc, defaultKeyRetentionConfig, impl, hexToBytes(data.signature_pub));
+    if (unprotected === undefined || unprotected.content.content.contentType !== "proposal")
+        throw new Error("could not unprotect mls private message");
+    expect(encodeProposal(unprotected.content.content.proposal)).toStrictEqual(hexToBytes(data.proposal));
+}
+//# sourceMappingURL=messageProtection.test.js.map

package/dist/test/test-vectors/messageProtection.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"messageProtection.test.js","sourceRoot":"","sources":["../../../test/test-vectors/messageProtection.test.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,4CAA4C,CAAA;AAC7D,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAA;AAEjD,OAAO,EAGL,oBAAoB,EACpB,kBAAkB,EAClB,wBAAwB,GACzB,MAAM,8BAA8B,CAAA;AACrC,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAA;AACpD,OAAO,EAAE,OAAO,EAAE,uBAAuB,EAAE,MAAM,6BAA6B,CAAA;AAC9E,OAAO,EAAE,4BAA4B,EAAE,MAAM,yBAAyB,CAAA;AACtE,OAAO,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAA;AACnE,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAA;AAE7D,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAA;AACvD,OAAO,EAAE,sBAAsB,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAA;AACrF,OAAO,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,sBAAsB,EAAE,MAAM,mCAAmC,CAAA;AACvH,OAAO,EAAE,yBAAyB,EAAE,MAAM,8BAA8B,CAAA;AACxE,OAAO,EAAE,mBAAmB,EAAE,MAAM,+BAA+B,CAAA;AAEnE,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAA;AAC/C,OAAO,EAAE,oBAAoB,EAAE,MAAM,yBAAyB,CAAA;AAE9D,KAAK,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,IAAI,IAAI,CAAC,OAAO,EAAE,EAAE,CAAC;IACxC,IAAI,CAAC,mCAAmC,KAAK,EAAE,EAAE,KAAK,IAAI,EAAE;QAC1D,MAAM,IAAI,GAAG,MAAM,kBAAkB,CAAC,oBAAoB,CAAC,CAAC,CAAC,YAA6B,CAAC,CAAC,CAAA;QAC5F,MAAM,qBAAqB,CAAC,CAAC,EAAE,IAAI,CAAC,CAAA;IACtC,CAAC,CAAC,CAAA;AACJ,CAAC;AAuBD,KAAK,UAAU,qBAAqB,CAAC,IAA2B,EAAE,IAAqB;IACrF,MAAM,EAAE,GAAiB;QACvB,OAAO,EAAE,OAAO;QAChB,WAAW,EAAE,wBAAwB,CAAC,IAAI,CAAC,YAA6B,CAAC;QACzE,OAAO,EAAE,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC;QAClC,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC;QACzB,QAAQ,EAAE,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC;QACpC,uBAAuB,EAAE,UAAU,CAAC,IAAI,CAAC,yBAAyB,CAAC;QACnE,UAAU,EAAE,EAAE;KACf,CAAA;IAED,MAAM,cAAc,CAAC,IAAI,EAAE,EAAE,EAAE,IAAI,CAAC,CAAA;IACpC,MAAM,kCAAkC,CAAC,IAAI,EAAE,EAAE,EAAE,IAAI,CAAC,CAAA;IAExD,MAAM,YAAY,CAAC,IAAI,EAAE,EAAE,EAAE,IAAI,CAAC,CAAA;IAClC,MAAM,gCAAgC,CAAC,IAAI,EAAE,EAAE,EAAE,IAAI,CAAC,CAAA;IAEtD,MAAM,QAAQ,CAAC,IAAI,EAAE,EAAE,EAAE,IAAI,CAAC,CAAA;IAC9B,MAAM,4BAA4B,CAAC,IAAI,EAAE,EAAE,EAAE,IAAI,CAAC,CAAA;IAElD,MAAM,WAAW,CAAC,IAAI,EAAE,EAAE,EAAE,IAAI,CAAC,CAAA;IACjC,MAAM,+BAA+B,CAAC,IAAI,EAAE,EAAE,EAAE,IAAI,CAAC,CAAA;IAErD,MAAM,MAAM,CAAC,IAAI,EAAE,EAAE,EAAE,IAAI,CAAC,CAAA;IAC5B,MAAM,0BAA0B,CAAC,IAAI,EAAE,EAAE,EAAE,IAAI,CAAC,CAAA;IAEhD,MAAM,sBAAsB,CAAC,IAAI,EAAE,EAAE,EAAE,IAAI,CAAC,CAAA;AAC9C,CAAC;AAED,gGAAgG;AAChG,MAAM,iBAAiB,GAAgB;IACrC,SAAS;IACT,SAAS;IACT;QACE,QAAQ,EAAE,MAAM;QAChB,IAAI,EAAE;YACJ,cAAc,EAAE,QAAQ;YACxB,aAAa,EAAE,IAAI,UAAU,EAAE;YAC/B,kBAAkB,EAAE,IAAI,UAAU,EAAE;YACpC,YAAY,EAAE,mBAAmB,EAAE;YACnC,UAAU,EAAE,IAAI,UAAU,EAAE;YAC5B,UAAU,EAAE,EAAE;YACd,SAAS,EAAE,IAAI,UAAU,EAAE;YAC3B,UAAU,EAAE,EAAE,cAAc,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,UAAU,EAAE,EAAE;SACpE;KACF;CACF,CAAA;AAED,KAAK,UAAU,kCAAkC,CAC/C,IAA2B,EAC3B,EAAgB,EAChB,IAAqB;IAErB,MAAM,CAAC,GAAG,cAAc,CAAC,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAA;IACtD,IAAI,CAAC,KAAK,SAAS;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAA;IAEjE,MAAM,IAAI,GAAG,MAAM,qBAAqB,CACtC,UAAU,CAAC,IAAI,CAAC,cAAc,CAAC,EAC/B,UAAU,CAAC,IAAI,CAAC,cAAc,CAAC,EAC/B,EAAE,EACF,IAAI,UAAU,EAAE,EAChB,CAAC,CAAC,CAAC,CAAC,EACJ,CAAC,EACD,IAAI,CACL,CAAA;IAED,MAAM,WAAW,GAAG,MAAM,sBAAsB,CAC9C,UAAU,CAAC,IAAI,CAAC,cAAc,CAAC,EAC/B,EAAE,EACF,EAAE,EACF,IAAI,CAAC,aAAa,EAClB,IAAI,EACJ,UAAU,CAAC,IAAI,CAAC,aAAa,CAAC,CAC/B,CAAA;IAED,IAAI,WAAW,KAAK,SAAS,IAAI,WAAW,CAAC,OAAO,CAAC,WAAW,KAAK,UAAU;QAC7E,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAA;IAE3D,MAAM,CAAC,cAAc,CAAC,WAAW,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,aAAa,CAAC,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAA;AAC/F,CAAC;AAED,KAAK,UAAU,gCAAgC,CAAC,IAA2B,EAAE,EAAgB,EAAE,IAAqB;IAClH,MAAM,CAAC,GAAG,YAAY,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAA;IAClD,IAAI,CAAC,KAAK,SAAS;QAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAA;IAE/D,MAAM,eAAe,GAAG,MAAM,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAA,CAAC,sCAAsC;IAE1H,MAAM,EAAE,aAAa,EAAE,SAAS,EAAE,GAAG,MAAM,4BAA4B,CACrE,EAAE,EACF,oBAAoB,EACpB,CAAC,CAAC,CAAC,CAAC,EACJ,EAAE,SAAS,EAAE,CAAC,EAAE,UAAU,EAAE,QAAQ,EAAE,EACtC,IAAI,UAAU,EAAE,EAChB,UAAU,CAAC,IAAI,CAAC,cAAc,CAAC,EAC/B,IAAI,CAAC,SAAS,CACf,CAAA;IAED,MAAM,oBAAoB,GAAyB;QACjD,UAAU,EAAE,oBAAoB;QAChC,OAAO,EAAE,aAAa;QACtB,IAAI,EAAE,EAAE,WAAW,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,eAAe,EAAE;KACvE,CAAA;IAED,MAAM,IAAI,GAAG,MAAM,oBAAoB,CAAC,UAAU,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,EAAE,EAAE,oBAAoB,EAAE,IAAI,CAAC,CAAA;IAExG,MAAM,WAAW,GAAG,MAAM,sBAAsB,CAC9C,UAAU,CAAC,IAAI,CAAC,cAAc,CAAC,EAC/B,EAAE,EACF,EAAE,EACF,IAAI,EACJ,IAAI,EACJ,UAAU,CAAC,IAAI,CAAC,aAAa,CAAC,CAC/B,CAAA;IAED,IAAI,WAAW,KAAK,SAAS,IAAI,WAAW,CAAC,OAAO,CAAC,WAAW,KAAK,QAAQ;QAC3E,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAA;IAE3D,MAAM,CAAC,YAAY,CAAC,WAAW,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,aAAa,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAA;AACzF,CAAC;AAED,KAAK,UAAU,cAAc,CAAC,IAA2B,EAAE,EAAgB,EAAE,IAAqB;IAChG,MAAM,IAAI,GAAG,gBAAgB,CAAC,UAAU,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC,CAAA;IAC/D,IAAI,IAAI,KAAK,SAAS,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,UAAU,KAAK,oBAAoB;QACnE,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAA;IAExD,MAAM,WAAW,GAAG,MAAM,sBAAsB,CAC9C,UAAU,CAAC,IAAI,CAAC,cAAc,CAAC,EAC/B,EAAE,EACF,EAAE,EACF,IAAI,CAAC,CAAC,CAAC,CAAC,aAAa,EACrB,IAAI,EACJ,UAAU,CAAC,IAAI,CAAC,aAAa,CAAC,CAC/B,CAAA;IAED,IAAI,WAAW,CAAC,OAAO,CAAC,WAAW,KAAK,UAAU;QAAE,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAA;IAEnG,MAAM,CAAC,cAAc,CAAC,WAAW,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,aAAa,CAAC,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAA;AAC/F,CAAC;AAED,KAAK,UAAU,YAAY,CAAC,IAA2B,EAAE,EAAgB,EAAE,IAAqB;IAC9F,MAAM,CAAC,GAAG,gBAAgB,CAAC,UAAU,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC,CAAA;IAC1D,IAAI,CAAC,KAAK,SAAS,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,UAAU,KAAK,oBAAoB;QAC7D,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAA;IAExD,MAAM,WAAW,GAAG,MAAM,sBAAsB,CAC9C,UAAU,CAAC,IAAI,CAAC,cAAc,CAAC,EAC/B,EAAE,EACF,EAAE,EACF,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa,EAClB,IAAI,EACJ,UAAU,CAAC,IAAI,CAAC,aAAa,CAAC,CAC/B,CAAA;IAED,IAAI,WAAW,CAAC,OAAO,CAAC,WAAW,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAA;IAE/F,MAAM,CAAC,YAAY,CAAC,WAAW,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,aAAa,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAA;AACzF,CAAC;AAED,KAAK,UAAU,sBAAsB,CAAC,IAA2B,EAAE,EAAgB,EAAE,IAAqB;IACxG,MAAM,kBAAkB,GAAG,gBAAgB,CAAC,UAAU,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,CAAC,CAAC,CAAA;IACjF,IAAI,kBAAkB,KAAK,SAAS,IAAI,kBAAkB,CAAC,CAAC,CAAC,CAAC,UAAU,KAAK,qBAAqB;QAChG,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAA;IAEzD,MAAM,UAAU,GAAG,MAAM,gBAAgB,CAAC,CAAC,EAAE,UAAU,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAA;IAE1F,MAAM,WAAW,GAAG,MAAM,uBAAuB,CAC/C,UAAU,CAAC,IAAI,CAAC,kBAAkB,CAAC,EACnC,kBAAkB,CAAC,CAAC,CAAC,CAAC,cAAc,EACpC,UAAU,EACV,iBAAiB,EACjB,EAAE,EACF,yBAAyB,EACzB,IAAI,EACJ,UAAU,CAAC,IAAI,CAAC,aAAa,CAAC,CAC/B,CAAA;IAED,IAAI,WAAW,KAAK,SAAS,IAAI,WAAW,CAAC,OAAO,CAAC,OAAO,CAAC,WAAW,KAAK,aAAa;QACxF,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAA;IAE5D,MAAM,OAAO,GAAyB;QACpC,OAAO,EAAE;YACP,GAAG,WAAW,CAAC,OAAO,CAAC,OAAO;YAC9B,WAAW,EAAE,aAAa;YAC1B,OAAO,EAAE,EAAE,CAAC,OAAO;YACnB,MAAM,EAAE,EAAE,SAAS,EAAE,CAAC,EAAE,UAAU,EAAE,QAAQ,EAAE;YAC9C,KAAK,EAAE,EAAE,CAAC,KAAK;YACf,iBAAiB,EAAE,IAAI,UAAU,EAAE;SACpC;QACD,IAAI,EAAE,WAAW,CAAC,OAAO,CAAC,IAAI;QAC9B,UAAU,EAAE,oBAAoB;KACjC,CAAA;IAED,MAAM,MAAM,CAAC,oBAAoB,CAAC,UAAU,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC,CAAA;AACpH,CAAC;AAED,KAAK,UAAU,MAAM,CAAC,IAA2B,EAAE,EAAgB,EAAE,IAAqB;IACxF,MAAM,aAAa,GAAG,gBAAgB,CAAC,UAAU,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAA;IACvE,IAAI,aAAa,KAAK,SAAS,IAAI,aAAa,CAAC,CAAC,CAAC,CAAC,UAAU,KAAK,qBAAqB;QACtF,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAA;IAEzD,MAAM,UAAU,GAAG,MAAM,gBAAgB,CAAC,CAAC,EAAE,UAAU,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAA;IAE1F,MAAM,WAAW,GAAG,MAAM,uBAAuB,CAC/C,UAAU,CAAC,IAAI,CAAC,kBAAkB,CAAC,EACnC,aAAa,CAAC,CAAC,CAAC,CAAC,cAAc,EAC/B,UAAU,EACV,iBAAiB,EACjB,EAAE,EACF,yBAAyB,EACzB,IAAI,EACJ,UAAU,CAAC,IAAI,CAAC,aAAa,CAAC,CAC/B,CAAA;IAED,IAAI,WAAW,KAAK,SAAS,IAAI,WAAW,CAAC,OAAO,CAAC,OAAO,CAAC,WAAW,KAAK,QAAQ;QACnF,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAA;IAE5D,MAAM,CAAC,YAAY,CAAC,WAAW,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,aAAa,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAA;AACjG,CAAC;AAED,KAAK,UAAU,WAAW,CAAC,IAA2B,EAAE,EAAgB,EAAE,IAAqB;IAC7F,MAAM,kBAAkB,GAAG,gBAAgB,CAAC,UAAU,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,CAAC,CAAC,CAAA;IACjF,IAAI,kBAAkB,KAAK,SAAS,IAAI,kBAAkB,CAAC,CAAC,CAAC,CAAC,UAAU,KAAK,qBAAqB;QAChG,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAA;IAEzD,MAAM,UAAU,GAAG,MAAM,gBAAgB,CAAC,CAAC,EAAE,UAAU,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAA;IAE1F,MAAM,WAAW,GAAG,MAAM,uBAAuB,CAC/C,UAAU,CAAC,IAAI,CAAC,kBAAkB,CAAC,EACnC,kBAAkB,CAAC,CAAC,CAAC,CAAC,cAAc,EACpC,UAAU,EACV,iBAAiB,EACjB,EAAE,EACF,yBAAyB,EACzB,IAAI,EACJ,UAAU,CAAC,IAAI,CAAC,aAAa,CAAC,CAC/B,CAAA;IAED,IAAI,WAAW,KAAK,SAAS,IAAI,WAAW,CAAC,OAAO,CAAC,OAAO,CAAC,WAAW,KAAK,aAAa;QACxF,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAA;IAE5D,MAAM,CAAC,WAAW,CAAC,OAAO,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,aAAa,CAAC,UAAU,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAA;AACjG,CAAC;AAED,KAAK,UAAU,4BAA4B,CAAC,IAA2B,EAAE,EAAgB,EAAE,IAAqB;IAC9G,MAAM,CAAC,GAAG,cAAc,CAAC,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAA;IACtD,IAAI,CAAC,KAAK,SAAS;QAAE,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAA;IAEjE,MAAM,UAAU,GAAG,MAAM,gBAAgB,CAAC,CAAC,EAAE,UAAU,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAA;IAE1F,MAAM,GAAG,GAAG,MAAM,eAAe,CAC/B,UAAU,CAAC,IAAI,CAAC,cAAc,CAAC,EAC/B,UAAU,CAAC,IAAI,CAAC,kBAAkB,CAAC,EACnC,CAAC,CAAC,CAAC,CAAC,EACJ,IAAI,UAAU,EAAE,EAChB,EAAE,EACF,UAAU,EACV,CAAC,EACD,oBAAoB,EACpB,IAAI,CACL,CAAA;IAED,MAAM,WAAW,GAAG,MAAM,uBAAuB,CAC/C,UAAU,CAAC,IAAI,CAAC,kBAAkB,CAAC,EACnC,GAAG,CAAC,cAAc,EAClB,UAAU,EACV,iBAAiB,EACjB,EAAE,EACF,yBAAyB,EACzB,IAAI,EACJ,UAAU,CAAC,IAAI,CAAC,aAAa,CAAC,CAC/B,CAAA;IAED,IAAI,WAAW,KAAK,SAAS,IAAI,WAAW,CAAC,OAAO,CAAC,OAAO,CAAC,WAAW,KAAK,UAAU;QACrF,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAA;IAE5D,MAAM,CAAC,cAAc,CAAC,WAAW,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,aAAa,CAAC,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAA;AACvG,CAAC;AAED,KAAK,UAAU,+BAA+B,CAAC,IAA2B,EAAE,EAAgB,EAAE,IAAqB;IACjH,MAAM,UAAU,GAAG,MAAM,gBAAgB,CAAC,CAAC,EAAE,UAAU,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAA;IAE1F,MAAM,GAAG,GAAG,MAAM,sBAAsB,CACtC,UAAU,CAAC,IAAI,CAAC,cAAc,CAAC,EAC/B,UAAU,CAAC,IAAI,CAAC,kBAAkB,CAAC,EACnC,UAAU,CAAC,IAAI,CAAC,WAAW,CAAC,EAC5B,IAAI,UAAU,EAAE,EAChB,EAAE,EACF,UAAU,EACV,CAAC,EACD,oBAAoB,EACpB,IAAI,CACL,CAAA;IAED,MAAM,WAAW,GAAG,MAAM,uBAAuB,CAC/C,UAAU,CAAC,IAAI,CAAC,kBAAkB,CAAC,EACnC,GAAG,CAAC,cAAc,EAClB,UAAU,EACV,iBAAiB,EACjB,EAAE,EACF,yBAAyB,EACzB,IAAI,EACJ,UAAU,CAAC,IAAI,CAAC,aAAa,CAAC,CAC/B,CAAA;IAED,IAAI,WAAW,KAAK,SAAS,IAAI,WAAW,CAAC,OAAO,CAAC,OAAO,CAAC,WAAW,KAAK,aAAa;QACxF,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAA;IAE5D,MAAM,CAAC,WAAW,CAAC,OAAO,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,aAAa,CAAC,UAAU,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAA;AACjG,CAAC;AAED,KAAK,UAAU,0BAA0B,CAAC,IAA2B,EAAE,EAAgB,EAAE,IAAqB;IAC5G,MAAM,CAAC,GAAG,YAAY,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAA;IAClD,IAAI,CAAC,KAAK,SAAS;QAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAA;IAE/D,MAAM,UAAU,GAAG,MAAM,gBAAgB,CAAC,CAAC,EAAE,UAAU,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAA;IAE1F,MAAM,eAAe,GAAG,MAAM,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAA,CAAC,sCAAsC;IAE1H,MAAM,EAAE,aAAa,EAAE,SAAS,EAAE,GAAG,MAAM,4BAA4B,CACrE,EAAE,EACF,qBAAqB,EACrB,CAAC,CAAC,CAAC,CAAC,EACJ,EAAE,SAAS,EAAE,CAAC,EAAE,UAAU,EAAE,QAAQ,EAAE,EACtC,IAAI,UAAU,EAAE,EAChB,UAAU,CAAC,IAAI,CAAC,cAAc,CAAC,EAC/B,IAAI,CAAC,SAAS,CACf,CAAA;IAED,MAAM,OAAO,GAAG;QACd,GAAG,aAAa;QAChB,IAAI,EAAE;YACJ,WAAW,EAAE,aAAa,CAAC,WAAW;YACtC,SAAS;YACT,eAAe;SAChB;KACF,CAAA;IAED,MAAM,GAAG,GAAG,MAAM,OAAO,CACvB,UAAU,CAAC,IAAI,CAAC,kBAAkB,CAAC,EACnC,IAAI,UAAU,EAAE,EAChB,EAAE,EACF,UAAU,EACV,OAAO,EACP,CAAC,EACD,oBAAoB,EACpB,IAAI,CACL,CAAA;IAED,MAAM,WAAW,GAAG,MAAM,uBAAuB,CAC/C,UAAU,CAAC,IAAI,CAAC,kBAAkB,CAAC,EACnC,GAAG,CAAC,cAAc,EAClB,UAAU,EACV,iBAAiB,EACjB,EAAE,EACF,yBAAyB,EACzB,IAAI,EACJ,UAAU,CAAC,IAAI,CAAC,aAAa,CAAC,CAC/B,CAAA;IAED,IAAI,WAAW,KAAK,SAAS,IAAI,WAAW,CAAC,OAAO,CAAC,OAAO,CAAC,WAAW,KAAK,QAAQ;QACnF,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAA;IAE5D,MAAM,CAAC,YAAY,CAAC,WAAW,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,aAAa,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAA;AACjG,CAAC;AAED,KAAK,UAAU,QAAQ,CAAC,IAA2B,EAAE,EAAgB,EAAE,IAAqB;IAC1F,MAAM,eAAe,GAAG,gBAAgB,CAAC,UAAU,CAAC,IAAI,CAAC,aAAa,CAAC,EAAE,CAAC,CAAC,CAAA;IAC3E,IAAI,eAAe,KAAK,SAAS,IAAI,eAAe,CAAC,CAAC,CAAC,CAAC,UAAU,KAAK,qBAAqB;QAC1F,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAA;IAEzD,MAAM,UAAU,GAAG,MAAM,gBAAgB,CAAC,CAAC,EAAE,UAAU,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAA;IAE1F,MAAM,WAAW,GAAG,MAAM,uBAAuB,CAC/C,UAAU,CAAC,IAAI,CAAC,kBAAkB,CAAC,EACnC,eAAe,CAAC,CAAC,CAAC,CAAC,cAAc,EACjC,UAAU,EACV;QACE,SAAS;QACT,SAAS;QACT;YACE,QAAQ,EAAE,MAAM;YAChB,IAAI,EAAE;gBACJ,cAAc,EAAE,QAAQ;gBACxB,aAAa,EAAE,IAAI,UAAU,EAAE;gBAC/B,kBAAkB,EAAE,IAAI,UAAU,EAAE;gBACpC,YAAY,EAAE,mBAAmB,EAAE;gBACnC,UAAU,EAAE,IAAI,UAAU,EAAE;gBAC5B,UAAU,EAAE,EAAE;gBACd,SAAS,EAAE,IAAI,UAAU,EAAE;gBAC3B,UAAU,EAAE,EAAE,cAAc,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,UAAU,EAAE,EAAE;aACpE;SACF;KACF,EACD,EAAE,EACF,yBAAyB,EACzB,IAAI,EACJ,UAAU,CAAC,IAAI,CAAC,aAAa,CAAC,CAC/B,CAAA;IAED,IAAI,WAAW,KAAK,SAAS,IAAI,WAAW,CAAC,OAAO,CAAC,OAAO,CAAC,WAAW,KAAK,UAAU;QACrF,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAA;IAE5D,MAAM,CAAC,cAAc,CAAC,WAAW,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,aAAa,CAAC,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAA;AACvG,CAAC"}

package/dist/test/test-vectors/messages.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/test/test-vectors/messages.test.js

@@ -0,0 +1,136 @@
+import json from "../../test_vectors/messages.json";
+import { hexToBytes } from "@noble/ciphers/utils";
+import { decodeMlsMessage, encodeMlsMessage } from "../../src/message";
+import { decodeCommit, encodeCommit } from "../../src/commit";
+import { decodeAdd, decodeExternalInit, decodeGroupContextExtensions, decodePSK, decodeReinit, decodeRemove, decodeUpdate, encodeAdd, encodeExternalInit, encodeGroupContextExtensions, encodePSK, encodeReinit, encodeRemove, encodeUpdate, } from "../../src/proposal";
+import { decodeRatchetTree, encodeRatchetTree } from "../../src/ratchetTree";
+import { decodeGroupSecrets, encodeGroupSecrets } from "../../src/groupSecrets";
+for (const [index, x] of json.entries()) {
+    test(`messages test vectors ${index}`, () => {
+        codecRoundtrip(x);
+    });
+}
+function codecRoundtrip(msgs) {
+    welcome(msgs.mls_welcome);
+    groupInfo(msgs.mls_group_info);
+    keyPackage(msgs.mls_key_package);
+    ratchetTree(msgs.ratchet_tree);
+    groupSecrets(msgs.group_secrets);
+    addProposal(msgs.add_proposal);
+    updateProposal(msgs.update_proposal);
+    removeProposal(msgs.remove_proposal);
+    pskProposal(msgs.pre_shared_key_proposal);
+    reinitProposal(msgs.re_init_proposal);
+    externalInitProposal(msgs.external_init_proposal);
+    groupContextExtension(msgs.group_context_extensions_proposal);
+    commit(msgs.commit);
+    publicMessageApplication(msgs.public_message_application);
+    publicMessageCommit(msgs.public_message_commit);
+    publicMessageProposal(msgs.public_message_proposal);
+    privateMessage(msgs.private_message);
+}
+function welcome(s) {
+    const inputBytes = hexToBytes(s);
+    const mlsWelcome = decodeMlsMessage(inputBytes, 0);
+    if (mlsWelcome === undefined || mlsWelcome[0].wireformat !== "mls_welcome") {
+        throw new Error("could not decode mls welcome");
+    }
+    else {
+        const reEncoded = encodeMlsMessage(mlsWelcome[0]);
+        expect(reEncoded).toStrictEqual(inputBytes);
+    }
+}
+function privateMessage(s) {
+    const inputBytes = hexToBytes(s);
+    const p = decodeMlsMessage(inputBytes, 0);
+    if (p === undefined || p[0].wireformat !== "mls_private_message") {
+        throw new Error("could not decode mls private message");
+    }
+    else {
+        const reEncoded = encodeMlsMessage(p?.[0]);
+        expect(reEncoded).toStrictEqual(inputBytes);
+    }
+}
+function groupInfo(s) {
+    const inputBytes = hexToBytes(s);
+    const gi = decodeMlsMessage(inputBytes, 0);
+    if (gi === undefined || gi[0].wireformat !== "mls_group_info") {
+        throw new Error("could not decode mls_group_info");
+    }
+    else {
+        const reEncoded = encodeMlsMessage(gi[0]);
+        expect(reEncoded).toStrictEqual(inputBytes);
+    }
+}
+function keyPackage(s) {
+    const inputBytes = hexToBytes(s);
+    const kp = decodeMlsMessage(inputBytes, 0);
+    if (kp === undefined || kp[0].wireformat !== "mls_key_package") {
+        throw new Error("could not decode mls_key_package");
+    }
+    else {
+        const reEncoded = encodeMlsMessage(kp[0]);
+        expect(reEncoded).toStrictEqual(inputBytes);
+    }
+}
+function publicMessageApplication(s) {
+    const inputBytes = hexToBytes(s);
+    const p = decodeMlsMessage(inputBytes, 0);
+    if (p === undefined || p[0].wireformat !== "mls_public_message") {
+        throw new Error("could not decode mls_public_message");
+    }
+    else {
+        expect(p[0].publicMessage.content.contentType).toBe("application");
+        const reEncoded = encodeMlsMessage(p[0]);
+        expect(reEncoded).toStrictEqual(inputBytes);
+    }
+}
+function publicMessageProposal(s) {
+    const inputBytes = hexToBytes(s);
+    const p = decodeMlsMessage(inputBytes, 0);
+    if (p === undefined || p[0].wireformat !== "mls_public_message") {
+        throw new Error("could not decode mls_public_message");
+    }
+    else {
+        expect(p[0].publicMessage.content.contentType).toBe("proposal");
+        const reEncoded = encodeMlsMessage(p[0]);
+        expect(reEncoded).toStrictEqual(inputBytes);
+    }
+}
+function publicMessageCommit(s) {
+    const inputBytes = hexToBytes(s);
+    const p = decodeMlsMessage(inputBytes, 0);
+    if (p === undefined || p[0].wireformat !== "mls_public_message") {
+        throw new Error("could not decode mls_public_message");
+    }
+    else {
+        expect(p[0].publicMessage.content.contentType).toBe("commit");
+        const reEncoded = encodeMlsMessage(p[0]);
+        expect(reEncoded).toStrictEqual(inputBytes);
+    }
+}
+//const keyPackage = createTest(encodeKeyPackage, decodeKeyPackage, '')
+const commit = createTest(encodeCommit, decodeCommit, "commit");
+const groupSecrets = createTest(encodeGroupSecrets, decodeGroupSecrets, "group_secrets");
+const ratchetTree = createTest(encodeRatchetTree, decodeRatchetTree, "ratchet_tree");
+const updateProposal = createTest(encodeUpdate, decodeUpdate, "update_proposal");
+const addProposal = createTest(encodeAdd, decodeAdd, "add_proposal");
+const pskProposal = createTest(encodePSK, decodePSK, "pre_shared_key_proposal");
+const removeProposal = createTest(encodeRemove, decodeRemove, "remove_proposal");
+const reinitProposal = createTest(encodeReinit, decodeReinit, "re_init_proposal");
+const externalInitProposal = createTest(encodeExternalInit, decodeExternalInit, "external_init_proposal");
+const groupContextExtension = createTest(encodeGroupContextExtensions, decodeGroupContextExtensions, "group_context_extensions_proposal");
+function createTest(enc, dec, typeName) {
+    return (s) => {
+        const inputBytes = hexToBytes(s);
+        const decoded = dec(inputBytes, 0);
+        if (decoded === undefined) {
+            throw new Error(`could not decode ${typeName}`);
+        }
+        else {
+            const reEncoded = enc(decoded[0]);
+            expect(reEncoded).toStrictEqual(inputBytes);
+        }
+    };
+}
+//# sourceMappingURL=messages.test.js.map

package/dist/test/test-vectors/messages.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"messages.test.js","sourceRoot":"","sources":["../../../test/test-vectors/messages.test.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,kCAAkC,CAAA;AAEnD,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAA;AACjD,OAAO,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAA;AACtE,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAA;AAG7D,OAAO,EACL,SAAS,EACT,kBAAkB,EAClB,4BAA4B,EAC5B,SAAS,EACT,YAAY,EACZ,YAAY,EACZ,YAAY,EACZ,SAAS,EACT,kBAAkB,EAClB,4BAA4B,EAC5B,SAAS,EACT,YAAY,EACZ,YAAY,EACZ,YAAY,GACb,MAAM,oBAAoB,CAAA;AAC3B,OAAO,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAA;AAC5E,OAAO,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,MAAM,wBAAwB,CAAA;AAE/E,KAAK,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,IAAI,IAAI,CAAC,OAAO,EAAE,EAAE,CAAC;IACxC,IAAI,CAAC,yBAAyB,KAAK,EAAE,EAAE,GAAG,EAAE;QAC1C,cAAc,CAAC,CAAC,CAAC,CAAA;IACnB,CAAC,CAAC,CAAA;AACJ,CAAC;AAsBD,SAAS,cAAc,CAAC,IAAc;IACpC,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,CAAA;IACzB,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;IAC9B,UAAU,CAAC,IAAI,CAAC,eAAe,CAAC,CAAA;IAChC,WAAW,CAAC,IAAI,CAAC,YAAY,CAAC,CAAA;IAC9B,YAAY,CAAC,IAAI,CAAC,aAAa,CAAC,CAAA;IAChC,WAAW,CAAC,IAAI,CAAC,YAAY,CAAC,CAAA;IAC9B,cAAc,CAAC,IAAI,CAAC,eAAe,CAAC,CAAA;IACpC,cAAc,CAAC,IAAI,CAAC,eAAe,CAAC,CAAA;IACpC,WAAW,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAA;IACzC,cAAc,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAA;IACrC,oBAAoB,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAA;IACjD,qBAAqB,CAAC,IAAI,CAAC,iCAAiC,CAAC,CAAA;IAC7D,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;IACnB,wBAAwB,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAA;IACzD,mBAAmB,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAA;IAC/C,qBAAqB,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAA;IACnD,cAAc,CAAC,IAAI,CAAC,eAAe,CAAC,CAAA;AACtC,CAAC;AAED,SAAS,OAAO,CAAC,CAAS;IACxB,MAAM,UAAU,GAAG,UAAU,CAAC,CAAC,CAAC,CAAA;IAChC,MAAM,UAAU,GAAG,gBAAgB,CAAC,UAAU,EAAE,CAAC,CAAC,CAAA;IAElD,IAAI,UAAU,KAAK,SAAS,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC,UAAU,KAAK,aAAa,EAAE,CAAC;QAC3E,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAA;IACjD,CAAC;SAAM,CAAC;QACN,MAAM,SAAS,GAAG,gBAAgB,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAA;QACjD,MAAM,CAAC,SAAS,CAAC,CAAC,aAAa,CAAC,UAAU,CAAC,CAAA;IAC7C,CAAC;AACH,CAAC;AAED,SAAS,cAAc,CAAC,CAAS;IAC/B,MAAM,UAAU,GAAG,UAAU,CAAC,CAAC,CAAC,CAAA;IAChC,MAAM,CAAC,GAAG,gBAAgB,CAAC,UAAU,EAAE,CAAC,CAAC,CAAA;IAEzC,IAAI,CAAC,KAAK,SAAS,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,UAAU,KAAK,qBAAqB,EAAE,CAAC;QACjE,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAA;IACzD,CAAC;SAAM,CAAC;QACN,MAAM,SAAS,GAAG,gBAAgB,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAA;QAC1C,MAAM,CAAC,SAAS,CAAC,CAAC,aAAa,CAAC,UAAU,CAAC,CAAA;IAC7C,CAAC;AACH,CAAC;AAED,SAAS,SAAS,CAAC,CAAS;IAC1B,MAAM,UAAU,GAAG,UAAU,CAAC,CAAC,CAAC,CAAA;IAChC,MAAM,EAAE,GAAG,gBAAgB,CAAC,UAAU,EAAE,CAAC,CAAC,CAAA;IAE1C,IAAI,EAAE,KAAK,SAAS,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,KAAK,gBAAgB,EAAE,CAAC;QAC9D,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAA;IACpD,CAAC;SAAM,CAAC;QACN,MAAM,SAAS,GAAG,gBAAgB,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAA;QACzC,MAAM,CAAC,SAAS,CAAC,CAAC,aAAa,CAAC,UAAU,CAAC,CAAA;IAC7C,CAAC;AACH,CAAC;AAED,SAAS,UAAU,CAAC,CAAS;IAC3B,MAAM,UAAU,GAAG,UAAU,CAAC,CAAC,CAAC,CAAA;IAChC,MAAM,EAAE,GAAG,gBAAgB,CAAC,UAAU,EAAE,CAAC,CAAC,CAAA;IAE1C,IAAI,EAAE,KAAK,SAAS,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,KAAK,iBAAiB,EAAE,CAAC;QAC/D,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;IACrD,CAAC;SAAM,CAAC;QACN,MAAM,SAAS,GAAG,gBAAgB,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAA;QACzC,MAAM,CAAC,SAAS,CAAC,CAAC,aAAa,CAAC,UAAU,CAAC,CAAA;IAC7C,CAAC;AACH,CAAC;AAED,SAAS,wBAAwB,CAAC,CAAS;IACzC,MAAM,UAAU,GAAG,UAAU,CAAC,CAAC,CAAC,CAAA;IAChC,MAAM,CAAC,GAAG,gBAAgB,CAAC,UAAU,EAAE,CAAC,CAAC,CAAA;IAEzC,IAAI,CAAC,KAAK,SAAS,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,UAAU,KAAK,oBAAoB,EAAE,CAAC;QAChE,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAA;IACxD,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAA;QAClE,MAAM,SAAS,GAAG,gBAAgB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QACxC,MAAM,CAAC,SAAS,CAAC,CAAC,aAAa,CAAC,UAAU,CAAC,CAAA;IAC7C,CAAC;AACH,CAAC;AAED,SAAS,qBAAqB,CAAC,CAAS;IACtC,MAAM,UAAU,GAAG,UAAU,CAAC,CAAC,CAAC,CAAA;IAChC,MAAM,CAAC,GAAG,gBAAgB,CAAC,UAAU,EAAE,CAAC,CAAC,CAAA;IAEzC,IAAI,CAAC,KAAK,SAAS,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,UAAU,KAAK,oBAAoB,EAAE,CAAC;QAChE,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAA;IACxD,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;QAC/D,MAAM,SAAS,GAAG,gBAAgB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QACxC,MAAM,CAAC,SAAS,CAAC,CAAC,aAAa,CAAC,UAAU,CAAC,CAAA;IAC7C,CAAC;AACH,CAAC;AAED,SAAS,mBAAmB,CAAC,CAAS;IACpC,MAAM,UAAU,GAAG,UAAU,CAAC,CAAC,CAAC,CAAA;IAChC,MAAM,CAAC,GAAG,gBAAgB,CAAC,UAAU,EAAE,CAAC,CAAC,CAAA;IAEzC,IAAI,CAAC,KAAK,SAAS,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,UAAU,KAAK,oBAAoB,EAAE,CAAC;QAChE,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAA;IACxD,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QAC7D,MAAM,SAAS,GAAG,gBAAgB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QACxC,MAAM,CAAC,SAAS,CAAC,CAAC,aAAa,CAAC,UAAU,CAAC,CAAA;IAC7C,CAAC;AACH,CAAC;AAED,uEAAuE;AACvE,MAAM,MAAM,GAAG,UAAU,CAAC,YAAY,EAAE,YAAY,EAAE,QAAQ,CAAC,CAAA;AAC/D,MAAM,YAAY,GAAG,UAAU,CAAC,kBAAkB,EAAE,kBAAkB,EAAE,eAAe,CAAC,CAAA;AACxF,MAAM,WAAW,GAAG,UAAU,CAAC,iBAAiB,EAAE,iBAAiB,EAAE,cAAc,CAAC,CAAA;AACpF,MAAM,cAAc,GAAG,UAAU,CAAC,YAAY,EAAE,YAAY,EAAE,iBAAiB,CAAC,CAAA;AAChF,MAAM,WAAW,GAAG,UAAU,CAAC,SAAS,EAAE,SAAS,EAAE,cAAc,CAAC,CAAA;AACpE,MAAM,WAAW,GAAG,UAAU,CAAC,SAAS,EAAE,SAAS,EAAE,yBAAyB,CAAC,CAAA;AAC/E,MAAM,cAAc,GAAG,UAAU,CAAC,YAAY,EAAE,YAAY,EAAE,iBAAiB,CAAC,CAAA;AAChF,MAAM,cAAc,GAAG,UAAU,CAAC,YAAY,EAAE,YAAY,EAAE,kBAAkB,CAAC,CAAA;AACjF,MAAM,oBAAoB,GAAG,UAAU,CAAC,kBAAkB,EAAE,kBAAkB,EAAE,wBAAwB,CAAC,CAAA;AACzG,MAAM,qBAAqB,GAAG,UAAU,CACtC,4BAA4B,EAC5B,4BAA4B,EAC5B,mCAAmC,CACpC,CAAA;AAED,SAAS,UAAU,CAAI,GAAe,EAAE,GAAe,EAAE,QAAgB;IACvE,OAAO,CAAC,CAAC,EAAE,EAAE;QACX,MAAM,UAAU,GAAG,UAAU,CAAC,CAAC,CAAC,CAAA;QAChC,MAAM,OAAO,GAAG,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC,CAAA;QAElC,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,oBAAoB,QAAQ,EAAE,CAAC,CAAA;QACjD,CAAC;aAAM,CAAC;YACN,MAAM,SAAS,GAAG,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAA;YACjC,MAAM,CAAC,SAAS,CAAC,CAAC,aAAa,CAAC,UAAU,CAAC,CAAA;QAC7C,CAAC;IACH,CAAC,CAAA;AACH,CAAC"}

package/dist/test/test-vectors/passiveClientScenarios.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/test/test-vectors/passiveClientScenarios.test.js

@@ -0,0 +1,86 @@
+import { getCiphersuiteFromId, getCiphersuiteImpl } from "../../src/crypto/ciphersuite";
+import { hexToBytes } from "@noble/ciphers/utils";
+import jsonCommit from "../../test_vectors/passive-client-handling-commit.json";
+import jsonRandom from "../../test_vectors/passive-client-random.json";
+import jsonWelcome from "../../test_vectors/passive-client-welcome.json";
+import { hpkeKeysMatch, signatureKeysMatch } from "../crypto/keyMatch";
+import { decodeMlsMessage } from "../../src/message";
+import { decodeRatchetTree } from "../../src/ratchetTree";
+import { joinGroup, makePskIndex } from "../../src/clientState";
+import { processPrivateMessage, processPublicMessage } from "../../src/processMessages";
+import { bytesToBase64 } from "../../src/util/byteArray";
+for (const [index, x] of jsonCommit.entries()) {
+    test(`passive-client-handling-commit test vectors ${index}`, async () => {
+        const impl = await getCiphersuiteImpl(getCiphersuiteFromId(x.cipher_suite));
+        await testPassiveClientScenario(x, impl);
+    });
+}
+for (const [index, x] of jsonRandom.entries()) {
+    test(`passive-client-random test vectors ${index}`, async () => {
+        const impl = await getCiphersuiteImpl(getCiphersuiteFromId(x.cipher_suite));
+        await testPassiveClientScenario(x, impl);
+    }, 40000);
+}
+for (const [index, x] of jsonWelcome.entries()) {
+    test(`passive-client-welcome test vectors ${index}`, async () => {
+        const impl = await getCiphersuiteImpl(getCiphersuiteFromId(x.cipher_suite));
+        await testPassiveClientScenario(x, impl);
+    });
+}
+async function testPassiveClientScenario(data, impl) {
+    const kp = decodeMlsMessage(hexToBytes(data.key_package), 0);
+    if (kp === undefined || kp[0].wireformat !== "mls_key_package")
+        throw new Error("Could not decode KeyPackage");
+    await verifyKeys(data, kp[0].keyPackage, impl);
+    const welcome = decodeMlsMessage(hexToBytes(data.welcome), 0);
+    if (welcome === undefined || welcome[0].wireformat !== "mls_welcome")
+        throw new Error("Could not decode Welcome");
+    const pks = {
+        hpkePrivateKey: hexToBytes(data.encryption_priv),
+        initPrivateKey: hexToBytes(data.init_priv),
+        signaturePrivateKey: hexToBytes(data.signature_priv),
+    };
+    const tree = data.ratchet_tree !== null ? decodeRatchetTree(hexToBytes(data.ratchet_tree), 0)?.[0] : undefined;
+    const psks = data.external_psks.reduce((acc, psk) => ({ ...acc, [bytesToBase64(hexToBytes(psk.psk_id))]: hexToBytes(psk.psk) }), {});
+    let state = await joinGroup(welcome[0].welcome, kp[0].keyPackage, pks, makePskIndex(undefined, psks), impl, tree);
+    expect(state.keySchedule.epochAuthenticator).toStrictEqual(hexToBytes(data.initial_epoch_authenticator));
+    for (const epoch of data.epochs) {
+        for (const proposal of epoch.proposals) {
+            const mlsProposal = decodeMlsMessage(hexToBytes(proposal), 0);
+            if (mlsProposal === undefined ||
+                (mlsProposal[0].wireformat !== "mls_private_message" && mlsProposal[0].wireformat !== "mls_public_message"))
+                throw new Error("Could not decode proposal message");
+            if (mlsProposal[0].wireformat === "mls_private_message") {
+                const res = await processPrivateMessage(state, mlsProposal[0].privateMessage, makePskIndex(state, psks), impl);
+                state = res.newState;
+            }
+            else {
+                const res = await processPublicMessage(state, mlsProposal[0].publicMessage, makePskIndex(state, psks), impl);
+                state = res.newState;
+            }
+        }
+        const mlsCommit = decodeMlsMessage(hexToBytes(epoch.commit), 0);
+        if (mlsCommit === undefined ||
+            (mlsCommit[0].wireformat !== "mls_private_message" && mlsCommit[0].wireformat !== "mls_public_message"))
+            throw new Error("Could not decode commit message");
+        if (mlsCommit[0].wireformat === "mls_private_message") {
+            const res = await processPrivateMessage(state, mlsCommit[0].privateMessage, makePskIndex(state, psks), impl);
+            state = res.newState;
+        }
+        else {
+            const res = await processPublicMessage(state, mlsCommit[0].publicMessage, makePskIndex(state, psks), impl);
+            state = res.newState;
+        }
+        expect(state.keySchedule.epochAuthenticator).toStrictEqual(hexToBytes(epoch.epoch_authenticator));
+    }
+}
+async function verifyKeys(data, kp, impl) {
+    const hpke = await hpkeKeysMatch(kp.leafNode.hpkePublicKey, hexToBytes(data.encryption_priv), impl.hpke);
+    expect(hpke).toBe(true);
+    const hpkeInit = await hpkeKeysMatch(kp.initKey, hexToBytes(data.init_priv), impl.hpke);
+    expect(hpkeInit).toBe(true);
+    const sig = await signatureKeysMatch(kp.leafNode.signaturePublicKey, hexToBytes(data.signature_priv), impl.signature);
+    expect(sig).toBe(true);
+    hexToBytes(data.init_priv);
+}
+//# sourceMappingURL=passiveClientScenarios.test.js.map

package/dist/test/test-vectors/passiveClientScenarios.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"passiveClientScenarios.test.js","sourceRoot":"","sources":["../../../test/test-vectors/passiveClientScenarios.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAkC,oBAAoB,EAAE,kBAAkB,EAAE,MAAM,8BAA8B,CAAA;AAEvH,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAA;AACjD,OAAO,UAAU,MAAM,wDAAwD,CAAA;AAC/E,OAAO,UAAU,MAAM,+CAA+C,CAAA;AACtE,OAAO,WAAW,MAAM,gDAAgD,CAAA;AACxE,OAAO,EAAE,aAAa,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAA;AACtE,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAA;AACpD,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAA;AAEzD,OAAO,EAAE,SAAS,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAA;AAC/D,OAAO,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,MAAM,2BAA2B,CAAA;AACvF,OAAO,EAAE,aAAa,EAAE,MAAM,0BAA0B,CAAA;AAExD,KAAK,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,IAAI,UAAU,CAAC,OAAO,EAAE,EAAE,CAAC;IAC9C,IAAI,CAAC,+CAA+C,KAAK,EAAE,EAAE,KAAK,IAAI,EAAE;QACtE,MAAM,IAAI,GAAG,MAAM,kBAAkB,CAAC,oBAAoB,CAAC,CAAC,CAAC,YAA6B,CAAC,CAAC,CAAA;QAC5F,MAAM,yBAAyB,CAAC,CAAC,EAAE,IAAI,CAAC,CAAA;IAC1C,CAAC,CAAC,CAAA;AACJ,CAAC;AAED,KAAK,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,IAAI,UAAU,CAAC,OAAO,EAAE,EAAE,CAAC;IAC9C,IAAI,CAAC,sCAAsC,KAAK,EAAE,EAAE,KAAK,IAAI,EAAE;QAC7D,MAAM,IAAI,GAAG,MAAM,kBAAkB,CAAC,oBAAoB,CAAC,CAAC,CAAC,YAA6B,CAAC,CAAC,CAAA;QAC5F,MAAM,yBAAyB,CAAC,CAAC,EAAE,IAAI,CAAC,CAAA;IAC1C,CAAC,EAAE,KAAK,CAAC,CAAA;AACX,CAAC;AAED,KAAK,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,IAAI,WAAW,CAAC,OAAO,EAAE,EAAE,CAAC;IAC/C,IAAI,CAAC,uCAAuC,KAAK,EAAE,EAAE,KAAK,IAAI,EAAE;QAC9D,MAAM,IAAI,GAAG,MAAM,kBAAkB,CAAC,oBAAoB,CAAC,CAAC,CAAC,YAA6B,CAAC,CAAC,CAAA;QAC5F,MAAM,yBAAyB,CAAC,CAAC,EAAE,IAAI,CAAC,CAAA;IAC1C,CAAC,CAAC,CAAA;AACJ,CAAC;AAED,KAAK,UAAU,yBAAyB,CAAC,IAAmB,EAAE,IAAqB;IACjF,MAAM,EAAE,GAAG,gBAAgB,CAAC,UAAU,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAA;IAE5D,IAAI,EAAE,KAAK,SAAS,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,KAAK,iBAAiB;QAAE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAA;IAC9G,MAAM,UAAU,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,EAAE,IAAI,CAAC,CAAA;IAE9C,MAAM,OAAO,GAAG,gBAAgB,CAAC,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,CAAA;IAE7D,IAAI,OAAO,KAAK,SAAS,IAAI,OAAO,CAAC,CAAC,CAAC,CAAC,UAAU,KAAK,aAAa;QAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAA;IAEjH,MAAM,GAAG,GAAsB;QAC7B,cAAc,EAAE,UAAU,CAAC,IAAI,CAAC,eAAe,CAAC;QAChD,cAAc,EAAE,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC;QAC1C,mBAAmB,EAAE,UAAU,CAAC,IAAI,CAAC,cAAc,CAAC;KACrD,CAAA;IAED,MAAM,IAAI,GAAG,IAAI,CAAC,YAAY,KAAK,IAAI,CAAC,CAAC,CAAC,iBAAiB,CAAC,UAAU,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;IAE9G,MAAM,IAAI,GAA+B,IAAI,CAAC,aAAa,CAAC,MAAM,CAChE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC,EAAE,GAAG,GAAG,EAAE,CAAC,aAAa,CAAC,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,EACxF,EAAE,CACH,CAAA;IACD,IAAI,KAAK,GAAG,MAAM,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,EAAE,GAAG,EAAE,YAAY,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,CAAA;IAEjH,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,kBAAkB,CAAC,CAAC,aAAa,CAAC,UAAU,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC,CAAA;IAExG,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;QAChC,KAAK,MAAM,QAAQ,IAAI,KAAK,CAAC,SAAS,EAAE,CAAC;YACvC,MAAM,WAAW,GAAG,gBAAgB,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAA;YAC7D,IACE,WAAW,KAAK,SAAS;gBACzB,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,UAAU,KAAK,qBAAqB,IAAI,WAAW,CAAC,CAAC,CAAC,CAAC,UAAU,KAAK,oBAAoB,CAAC;gBAE3G,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAA;YAEtD,IAAI,WAAW,CAAC,CAAC,CAAC,CAAC,UAAU,KAAK,qBAAqB,EAAE,CAAC;gBACxD,MAAM,GAAG,GAAG,MAAM,qBAAqB,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,cAAc,EAAE,YAAY,CAAC,KAAK,EAAE,IAAI,CAAC,EAAE,IAAI,CAAC,CAAA;gBAE9G,KAAK,GAAG,GAAG,CAAC,QAAQ,CAAA;YACtB,CAAC;iBAAM,CAAC;gBACN,MAAM,GAAG,GAAG,MAAM,oBAAoB,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,aAAa,EAAE,YAAY,CAAC,KAAK,EAAE,IAAI,CAAC,EAAE,IAAI,CAAC,CAAA;gBAE5G,KAAK,GAAG,GAAG,CAAC,QAAQ,CAAA;YACtB,CAAC;QACH,CAAC;QAED,MAAM,SAAS,GAAG,gBAAgB,CAAC,UAAU,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAA;QAC/D,IACE,SAAS,KAAK,SAAS;YACvB,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,UAAU,KAAK,qBAAqB,IAAI,SAAS,CAAC,CAAC,CAAC,CAAC,UAAU,KAAK,oBAAoB,CAAC;YAEvG,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAA;QAEpD,IAAI,SAAS,CAAC,CAAC,CAAC,CAAC,UAAU,KAAK,qBAAqB,EAAE,CAAC;YACtD,MAAM,GAAG,GAAG,MAAM,qBAAqB,CAAC,KAAK,EAAE,SAAS,CAAC,CAAC,CAAC,CAAC,cAAc,EAAE,YAAY,CAAC,KAAK,EAAE,IAAI,CAAC,EAAE,IAAI,CAAC,CAAA;YAE5G,KAAK,GAAG,GAAG,CAAC,QAAQ,CAAA;QACtB,CAAC;aAAM,CAAC;YACN,MAAM,GAAG,GAAG,MAAM,oBAAoB,CAAC,KAAK,EAAE,SAAS,CAAC,CAAC,CAAC,CAAC,aAAa,EAAE,YAAY,CAAC,KAAK,EAAE,IAAI,CAAC,EAAE,IAAI,CAAC,CAAA;YAC1G,KAAK,GAAG,GAAG,CAAC,QAAQ,CAAA;QACtB,CAAC;QAED,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,kBAAkB,CAAC,CAAC,aAAa,CAAC,UAAU,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC,CAAA;IACnG,CAAC;AACH,CAAC;AAED,KAAK,UAAU,UAAU,CAAC,IAAmB,EAAE,EAAc,EAAE,IAAqB;IAClF,MAAM,IAAI,GAAG,MAAM,aAAa,CAAC,EAAE,CAAC,QAAQ,CAAC,aAAa,EAAE,UAAU,CAAC,IAAI,CAAC,eAAe,CAAC,EAAE,IAAI,CAAC,IAAI,CAAC,CAAA;IACxG,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IAEvB,MAAM,QAAQ,GAAG,MAAM,aAAa,CAAC,EAAE,CAAC,OAAO,EAAE,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,CAAC,IAAI,CAAC,CAAA;IACvF,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IAE3B,MAAM,GAAG,GAAG,MAAM,kBAAkB,CAAC,EAAE,CAAC,QAAQ,CAAC,kBAAkB,EAAE,UAAU,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,IAAI,CAAC,SAAS,CAAC,CAAA;IACrH,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IACtB,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;AAC5B,CAAC"}

package/dist/test/test-vectors/pskSecret.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/test/test-vectors/pskSecret.test.js

@@ -0,0 +1,18 @@
+import json from "../../test_vectors/psk_secret.json";
+import { getCiphersuiteFromId, getCiphersuiteImpl } from "../../src/crypto/ciphersuite";
+import { computePskSecret } from "../../src/presharedkey";
+import { bytesToHex, hexToBytes } from "@noble/ciphers/utils";
+for (const [index, x] of json.entries()) {
+    test(`psk_secret test vectors ${index}`, async () => {
+        const impl = await getCiphersuiteImpl(getCiphersuiteFromId(x.cipher_suite));
+        await testPskSecret(x.psk_secret, x.psks, impl);
+    });
+}
+function toExternalPsk(p) {
+    return [{ psktype: "external", pskId: hexToBytes(p.psk_id), pskNonce: hexToBytes(p.psk_nonce) }, hexToBytes(p.psk)];
+}
+async function testPskSecret(secret, psks, impl) {
+    const computedSecret = await computePskSecret(psks.map(toExternalPsk), impl);
+    expect(bytesToHex(computedSecret)).toBe(secret);
+}
+//# sourceMappingURL=pskSecret.test.js.map

package/dist/test/test-vectors/pskSecret.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"pskSecret.test.js","sourceRoot":"","sources":["../../../test/test-vectors/pskSecret.test.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,oCAAoC,CAAA;AACrD,OAAO,EAAkC,oBAAoB,EAAE,kBAAkB,EAAE,MAAM,8BAA8B,CAAA;AACvH,OAAO,EAAE,gBAAgB,EAA0B,MAAM,wBAAwB,CAAA;AACjF,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAA;AAE7D,KAAK,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,IAAI,IAAI,CAAC,OAAO,EAAE,EAAE,CAAC;IACxC,IAAI,CAAC,2BAA2B,KAAK,EAAE,EAAE,KAAK,IAAI,EAAE;QAClD,MAAM,IAAI,GAAG,MAAM,kBAAkB,CAAC,oBAAoB,CAAC,CAAC,CAAC,YAA6B,CAAC,CAAC,CAAA;QAC5F,MAAM,aAAa,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,IAAI,EAAE,IAAI,CAAC,CAAA;IACjD,CAAC,CAAC,CAAA;AACJ,CAAC;AAQD,SAAS,aAAa,CAAC,CAAM;IAC3B,OAAO,CAAC,EAAE,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,EAAE,QAAQ,EAAE,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC,EAAE,EAAE,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAA;AACrH,CAAC;AAED,KAAK,UAAU,aAAa,CAAC,MAAc,EAAE,IAAW,EAAE,IAAqB;IAC7E,MAAM,cAAc,GAAG,MAAM,gBAAgB,CAAC,IAAI,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,IAAI,CAAC,CAAA;IAC5E,MAAM,CAAC,UAAU,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;AACjD,CAAC"}

package/dist/test/test-vectors/secretTree.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/test/test-vectors/secretTree.test.js

@@ -0,0 +1,48 @@
+import { getCiphersuiteFromId, getCiphersuiteImpl } from "../../src/crypto/ciphersuite";
+import { hexToBytes } from "@noble/ciphers/utils";
+import json from "../../test_vectors/secret-tree.json";
+import { expandSenderDataKey, expandSenderDataNonce } from "../../src/sender";
+import { createSecretTree, deriveKey, deriveNonce, ratchetUntil } from "../../src/secretTree";
+import { leafToNodeIndex } from "../../src/treemath";
+import { defaultKeyRetentionConfig } from "../../src/keyRetentionConfig";
+for (const [index, x] of json.entries()) {
+    test(`secret-tree test vectors ${index}`, async () => {
+        const impl = await getCiphersuiteImpl(getCiphersuiteFromId(x.cipher_suite));
+        await testSecretTree(x.sender_data.sender_data_secret, x.sender_data.ciphertext, x.sender_data.key, x.sender_data.nonce, x.encryption_secret, x.leaves, impl);
+    });
+}
+async function testSecretTree(senderSecret, ciphertext, key, nonce, encryptionSecret, leaves, impl) {
+    // key == sender_data_key(sender_data_secret, ciphertext)
+    const derivedKey = await expandSenderDataKey(impl, hexToBytes(senderSecret), hexToBytes(ciphertext));
+    expect(derivedKey).toStrictEqual(hexToBytes(key));
+    //nonce == sender_data_nonce(sender_data_secret, ciphertext)
+    const derivedNonce = await expandSenderDataNonce(impl, hexToBytes(senderSecret), hexToBytes(ciphertext));
+    expect(derivedNonce).toStrictEqual(hexToBytes(nonce));
+    const tree = await createSecretTree(leaves.length, hexToBytes(encryptionSecret), impl.kdf);
+    for (const [index, leaf] of leaves.entries()) {
+        const nodeIndex = leafToNodeIndex(index);
+        const handshakeSecret = tree[nodeIndex].handshake;
+        for (const gen of leaf) {
+            const ratcheted = await ratchetUntil(handshakeSecret, gen.generation, defaultKeyRetentionConfig, impl.kdf);
+            expect(ratcheted.generation).toBe(gen.generation);
+            //handshake_key = handshake_ratchet_key_[i]_[generation]
+            const handshakeKey = await deriveKey(ratcheted.secret, ratcheted.generation, impl);
+            expect(handshakeKey).toStrictEqual(hexToBytes(gen.handshake_key));
+            // handshake_nonce = handshake_ratchet_nonce_[i]_[generation]
+            const handshakeNonce = await deriveNonce(ratcheted.secret, ratcheted.generation, impl);
+            expect(handshakeNonce).toStrictEqual(hexToBytes(gen.handshake_nonce));
+        }
+        const applicationSecret = tree[nodeIndex].application;
+        for (const gen of leaf) {
+            const ratcheted = await ratchetUntil(applicationSecret, gen.generation, defaultKeyRetentionConfig, impl.kdf);
+            expect(ratcheted.generation).toBe(gen.generation);
+            // application_key = application_ratchet_key_[i]_[generation]
+            const applicationKey = await deriveKey(ratcheted.secret, ratcheted.generation, impl);
+            expect(applicationKey).toStrictEqual(hexToBytes(gen.application_key));
+            // application_nonce = application_ratchet_nonce_[i]_[generation]
+            const applicationNonce = await deriveNonce(ratcheted.secret, ratcheted.generation, impl);
+            expect(applicationNonce).toStrictEqual(hexToBytes(gen.application_nonce));
+        }
+    }
+}
+//# sourceMappingURL=secretTree.test.js.map

package/dist/test/test-vectors/secretTree.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"secretTree.test.js","sourceRoot":"","sources":["../../../test/test-vectors/secretTree.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAkC,oBAAoB,EAAE,kBAAkB,EAAE,MAAM,8BAA8B,CAAA;AACvH,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAA;AACjD,OAAO,IAAI,MAAM,qCAAqC,CAAA;AACtD,OAAO,EAAE,mBAAmB,EAAE,qBAAqB,EAAE,MAAM,kBAAkB,CAAA;AAC7E,OAAO,EAAE,gBAAgB,EAAE,SAAS,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAA;AAC7F,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAA;AACpD,OAAO,EAAE,yBAAyB,EAAE,MAAM,8BAA8B,CAAA;AAExE,KAAK,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,IAAI,IAAI,CAAC,OAAO,EAAE,EAAE,CAAC;IACxC,IAAI,CAAC,4BAA4B,KAAK,EAAE,EAAE,KAAK,IAAI,EAAE;QACnD,MAAM,IAAI,GAAG,MAAM,kBAAkB,CAAC,oBAAoB,CAAC,CAAC,CAAC,YAA6B,CAAC,CAAC,CAAA;QAC5F,MAAM,cAAc,CAClB,CAAC,CAAC,WAAW,CAAC,kBAAkB,EAChC,CAAC,CAAC,WAAW,CAAC,UAAU,EACxB,CAAC,CAAC,WAAW,CAAC,GAAG,EACjB,CAAC,CAAC,WAAW,CAAC,KAAK,EACnB,CAAC,CAAC,iBAAiB,EACnB,CAAC,CAAC,MAAM,EACR,IAAI,CACL,CAAA;IACH,CAAC,CAAC,CAAA;AACJ,CAAC;AAUD,KAAK,UAAU,cAAc,CAC3B,YAAoB,EACpB,UAAkB,EAClB,GAAW,EACX,KAAa,EACb,gBAAwB,EACxB,MAAgB,EAChB,IAAqB;IAErB,yDAAyD;IACzD,MAAM,UAAU,GAAG,MAAM,mBAAmB,CAAC,IAAI,EAAE,UAAU,CAAC,YAAY,CAAC,EAAE,UAAU,CAAC,UAAU,CAAC,CAAC,CAAA;IACpG,MAAM,CAAC,UAAU,CAAC,CAAC,aAAa,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAA;IAEjD,4DAA4D;IAC5D,MAAM,YAAY,GAAG,MAAM,qBAAqB,CAAC,IAAI,EAAE,UAAU,CAAC,YAAY,CAAC,EAAE,UAAU,CAAC,UAAU,CAAC,CAAC,CAAA;IACxG,MAAM,CAAC,YAAY,CAAC,CAAC,aAAa,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAA;IAErD,MAAM,IAAI,GAAG,MAAM,gBAAgB,CAAC,MAAM,CAAC,MAAM,EAAE,UAAU,CAAC,gBAAgB,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAA;IAC1F,KAAK,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,EAAE,EAAE,CAAC;QAC7C,MAAM,SAAS,GAAG,eAAe,CAAC,KAAK,CAAC,CAAA;QACxC,MAAM,eAAe,GAAG,IAAI,CAAC,SAAS,CAAE,CAAC,SAAS,CAAA;QAClD,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;YACvB,MAAM,SAAS,GAAG,MAAM,YAAY,CAAC,eAAe,EAAE,GAAG,CAAC,UAAU,EAAE,yBAAyB,EAAE,IAAI,CAAC,GAAG,CAAC,CAAA;YAC1G,MAAM,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;YAEjD,wDAAwD;YACxD,MAAM,YAAY,GAAG,MAAM,SAAS,CAAC,SAAS,CAAC,MAAM,EAAE,SAAS,CAAC,UAAU,EAAE,IAAI,CAAC,CAAA;YAClF,MAAM,CAAC,YAAY,CAAC,CAAC,aAAa,CAAC,UAAU,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC,CAAA;YAEjE,6DAA6D;YAC7D,MAAM,cAAc,GAAG,MAAM,WAAW,CAAC,SAAS,CAAC,MAAM,EAAE,SAAS,CAAC,UAAU,EAAE,IAAI,CAAC,CAAA;YACtF,MAAM,CAAC,cAAc,CAAC,CAAC,aAAa,CAAC,UAAU,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC,CAAA;QACvE,CAAC;QAED,MAAM,iBAAiB,GAAG,IAAI,CAAC,SAAS,CAAE,CAAC,WAAW,CAAA;QACtD,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;YACvB,MAAM,SAAS,GAAG,MAAM,YAAY,CAAC,iBAAiB,EAAE,GAAG,CAAC,UAAU,EAAE,yBAAyB,EAAE,IAAI,CAAC,GAAG,CAAC,CAAA;YAC5G,MAAM,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;YAEjD,6DAA6D;YAC7D,MAAM,cAAc,GAAG,MAAM,SAAS,CAAC,SAAS,CAAC,MAAM,EAAE,SAAS,CAAC,UAAU,EAAE,IAAI,CAAC,CAAA;YACpF,MAAM,CAAC,cAAc,CAAC,CAAC,aAAa,CAAC,UAAU,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC,CAAA;YAErE,iEAAiE;YACjE,MAAM,gBAAgB,GAAG,MAAM,WAAW,CAAC,SAAS,CAAC,MAAM,EAAE,SAAS,CAAC,UAAU,EAAE,IAAI,CAAC,CAAA;YACxF,MAAM,CAAC,gBAAgB,CAAC,CAAC,aAAa,CAAC,UAAU,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,CAAA;QAC3E,CAAC;IACH,CAAC;AACH,CAAC"}

package/dist/test/test-vectors/transcriptHashes.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/test/test-vectors/transcriptHashes.test.js

@@ -0,0 +1,26 @@
+import { getCiphersuiteFromId, getCiphersuiteImpl } from "../../src/crypto/ciphersuite";
+import { hexToBytes } from "@noble/ciphers/utils";
+import json from "../../test_vectors/transcript-hashes.json";
+import { decodeAuthenticatedContent } from "../../src/authenticatedContent";
+import { createConfirmedHash, createInterimHash } from "../../src/transcriptHash";
+for (const [index, x] of json.entries()) {
+    test(`transcript-hashes test vectors ${index}`, async () => {
+        const impl = await getCiphersuiteImpl(getCiphersuiteFromId(x.cipher_suite));
+        await testTranscriptHash(x.authenticated_content, x.confirmation_key, x.confirmed_transcript_hash_after, x.interim_transcript_hash_after, x.interim_transcript_hash_before, impl);
+    });
+}
+async function testTranscriptHash(authenticatedContent, confirmationKey, confirmedHashAfter, interimHashAfter, interimHashBefore, impl) {
+    const auth = decodeAuthenticatedContent(hexToBytes(authenticatedContent), 0);
+    if (auth === undefined || auth[0].content.contentType !== "commit" || auth[0].auth.contentType !== "commit") {
+        throw new Error("Could not decode authenticated content");
+    }
+    const confirmationTag = auth[0].auth.confirmationTag;
+    const verified = await impl.hash.verifyMac(hexToBytes(confirmationKey), confirmationTag, hexToBytes(confirmedHashAfter));
+    expect(verified).toBe(true);
+    const input = { wireformat: auth[0].wireformat, content: auth[0].content, signature: auth[0].auth.signature };
+    const computedConfirmedHash = await createConfirmedHash(hexToBytes(interimHashBefore), input, impl.hash);
+    expect(computedConfirmedHash).toStrictEqual(hexToBytes(confirmedHashAfter));
+    const computedInterimHash = await createInterimHash(hexToBytes(confirmedHashAfter), confirmationTag, impl.hash);
+    expect(computedInterimHash).toStrictEqual(hexToBytes(interimHashAfter));
+}
+//# sourceMappingURL=transcriptHashes.test.js.map

package/dist/test/test-vectors/transcriptHashes.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"transcriptHashes.test.js","sourceRoot":"","sources":["../../../test/test-vectors/transcriptHashes.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAkC,oBAAoB,EAAE,kBAAkB,EAAE,MAAM,8BAA8B,CAAA;AACvH,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAA;AACjD,OAAO,IAAI,MAAM,2CAA2C,CAAA;AAC5D,OAAO,EAAE,0BAA0B,EAAE,MAAM,gCAAgC,CAAA;AAC3E,OAAO,EAAE,mBAAmB,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAA;AAEjF,KAAK,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,IAAI,IAAI,CAAC,OAAO,EAAE,EAAE,CAAC;IACxC,IAAI,CAAC,kCAAkC,KAAK,EAAE,EAAE,KAAK,IAAI,EAAE;QACzD,MAAM,IAAI,GAAG,MAAM,kBAAkB,CAAC,oBAAoB,CAAC,CAAC,CAAC,YAA6B,CAAC,CAAC,CAAA;QAC5F,MAAM,kBAAkB,CACtB,CAAC,CAAC,qBAAqB,EACvB,CAAC,CAAC,gBAAgB,EAClB,CAAC,CAAC,+BAA+B,EACjC,CAAC,CAAC,6BAA6B,EAC/B,CAAC,CAAC,8BAA8B,EAChC,IAAI,CACL,CAAA;IACH,CAAC,CAAC,CAAA;AACJ,CAAC;AAED,KAAK,UAAU,kBAAkB,CAC/B,oBAA4B,EAC5B,eAAuB,EACvB,kBAA0B,EAC1B,gBAAwB,EACxB,iBAAyB,EACzB,IAAqB;IAErB,MAAM,IAAI,GAAG,0BAA0B,CAAC,UAAU,CAAC,oBAAoB,CAAC,EAAE,CAAC,CAAC,CAAA;IAC5E,IAAI,IAAI,KAAK,SAAS,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,WAAW,KAAK,QAAQ,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,KAAK,QAAQ,EAAE,CAAC;QAC5G,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAA;IAC3D,CAAC;IAED,MAAM,eAAe,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAA;IAEpD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,SAAS,CACxC,UAAU,CAAC,eAAe,CAAC,EAC3B,eAAe,EACf,UAAU,CAAC,kBAAkB,CAAC,CAC/B,CAAA;IACD,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IAE3B,MAAM,KAAK,GAAG,EAAE,UAAU,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,UAAU,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,EAAE,CAAA;IAE7G,MAAM,qBAAqB,GAAG,MAAM,mBAAmB,CAAC,UAAU,CAAC,iBAAiB,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,IAAI,CAAC,CAAA;IAExG,MAAM,CAAC,qBAAqB,CAAC,CAAC,aAAa,CAAC,UAAU,CAAC,kBAAkB,CAAC,CAAC,CAAA;IAE3E,MAAM,mBAAmB,GAAG,MAAM,iBAAiB,CAAC,UAAU,CAAC,kBAAkB,CAAC,EAAE,eAAe,EAAE,IAAI,CAAC,IAAI,CAAC,CAAA;IAC/G,MAAM,CAAC,mBAAmB,CAAC,CAAC,aAAa,CAAC,UAAU,CAAC,gBAAgB,CAAC,CAAC,CAAA;AACzE,CAAC"}

package/dist/test/test-vectors/treeOperations.test.d.ts

@@ -0,0 +1 @@
+export {};