ts-mls 1.0.2

package/dist/src/crypto/signature.js

@@ -0,0 +1,127 @@
+import { encodeVarLenData } from "../codec/variableLength";
+import { DependencyError } from "../mlsError";
+export async function signWithLabel(signKey, label, content, s) {
+    return s.sign(signKey, new Uint8Array([...encodeVarLenData(new TextEncoder().encode(`MLS 1.0 ${label}`)), ...encodeVarLenData(content)]));
+}
+export async function verifyWithLabel(publicKey, label, content, signature, s) {
+    return s.verify(publicKey, new Uint8Array([...encodeVarLenData(new TextEncoder().encode(`MLS 1.0 ${label}`)), ...encodeVarLenData(content)]), signature);
+}
+export async function makeNobleSignatureImpl(alg) {
+    switch (alg) {
+        case "Ed25519":
+            try {
+                const { ed25519 } = await import("@noble/curves/ed25519");
+                return {
+                    async sign(signKey, message) {
+                        return ed25519.sign(message, signKey);
+                    },
+                    async verify(publicKey, message, signature) {
+                        return ed25519.verify(signature, message, publicKey);
+                    },
+                    async keygen() {
+                        const signKey = ed25519.utils.randomPrivateKey();
+                        return { signKey, publicKey: ed25519.getPublicKey(signKey) };
+                    },
+                };
+            }
+            catch (err) {
+                throw new DependencyError("Optional dependency '@noble/curves' is not installed. Please install it to use this feature.");
+            }
+        case "Ed448":
+            try {
+                const { ed448 } = await import("@noble/curves/ed448");
+                return {
+                    async sign(signKey, message) {
+                        return ed448.sign(message, signKey);
+                    },
+                    async verify(publicKey, message, signature) {
+                        return ed448.verify(signature, message, publicKey);
+                    },
+                    async keygen() {
+                        const signKey = ed448.utils.randomPrivateKey();
+                        return { signKey, publicKey: ed448.getPublicKey(signKey) };
+                    },
+                };
+            }
+            catch (err) {
+                throw new DependencyError("Optional dependency '@noble/curves' is not installed. Please install it to use this feature.");
+            }
+        case "P256":
+            try {
+                const { p256 } = await import("@noble/curves/nist");
+                return {
+                    async sign(signKey, message) {
+                        return p256.sign(message, signKey, { prehash: true }).toCompactRawBytes();
+                    },
+                    async verify(publicKey, message, signature) {
+                        return p256.verify(signature, message, publicKey, { prehash: true });
+                    },
+                    async keygen() {
+                        const signKey = p256.utils.randomPrivateKey();
+                        return { signKey, publicKey: p256.getPublicKey(signKey) };
+                    },
+                };
+            }
+            catch (err) {
+                throw new DependencyError("Optional dependency '@noble/curves' is not installed. Please install it to use this feature.");
+            }
+        case "P384":
+            try {
+                const { p384 } = await import("@noble/curves/nist");
+                return {
+                    async sign(signKey, message) {
+                        return p384.sign(message, signKey, { prehash: true }).toCompactRawBytes();
+                    },
+                    async verify(publicKey, message, signature) {
+                        return p384.verify(signature, message, publicKey, { prehash: true });
+                    },
+                    async keygen() {
+                        const signKey = p384.utils.randomPrivateKey();
+                        return { signKey, publicKey: p384.getPublicKey(signKey) };
+                    },
+                };
+            }
+            catch (err) {
+                throw new DependencyError("Optional dependency '@noble/curves' is not installed. Please install it to use this feature.");
+            }
+        case "P521":
+            try {
+                const { p521 } = await import("@noble/curves/nist");
+                return {
+                    async sign(signKey, message) {
+                        return p521.sign(message, signKey, { prehash: true }).toCompactRawBytes();
+                    },
+                    async verify(publicKey, message, signature) {
+                        return p521.verify(signature, message, publicKey, { prehash: true });
+                    },
+                    async keygen() {
+                        const signKey = p521.utils.randomPrivateKey();
+                        return { signKey, publicKey: p521.getPublicKey(signKey) };
+                    },
+                };
+            }
+            catch (err) {
+                throw new DependencyError("Optional dependency '@noble/curves' is not installed. Please install it to use this feature.");
+            }
+        case "ML-DSA-87":
+            try {
+                const { ml_dsa87 } = await import("@noble/post-quantum/ml-dsa");
+                return {
+                    async sign(signKey, message) {
+                        return ml_dsa87.sign(signKey, message);
+                    },
+                    async verify(publicKey, message, signature) {
+                        return ml_dsa87.verify(publicKey, message, signature);
+                    },
+                    async keygen() {
+                        const keys = ml_dsa87.keygen(crypto.getRandomValues(new Uint8Array(32)));
+                        return { signKey: keys.secretKey, publicKey: keys.publicKey };
+                    },
+                };
+            }
+            catch (err) {
+                throw new DependencyError("Optional dependency '@noble/post-quantum' is not installed. Please install it to use this feature.");
+            }
+    }
+}
+//# sourceMappingURL=signature.js.map

package/dist/src/crypto/signature.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"signature.js","sourceRoot":"","sources":["../../../src/crypto/signature.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAA;AAC1D,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAA;AAU7C,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,OAAmB,EACnB,KAAa,EACb,OAAmB,EACnB,CAAY;IAEZ,OAAO,CAAC,CAAC,IAAI,CACX,OAAO,EACP,IAAI,UAAU,CAAC,CAAC,GAAG,gBAAgB,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,WAAW,KAAK,EAAE,CAAC,CAAC,EAAE,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAC,CAAC,CAClH,CAAA;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,SAAqB,EACrB,KAAa,EACb,OAAmB,EACnB,SAAqB,EACrB,CAAY;IAEZ,OAAO,CAAC,CAAC,MAAM,CACb,SAAS,EACT,IAAI,UAAU,CAAC,CAAC,GAAG,gBAAgB,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,WAAW,KAAK,EAAE,CAAC,CAAC,EAAE,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAC,CAAC,EACjH,SAAS,CACV,CAAA;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAAC,GAAuB;IAClE,QAAQ,GAAG,EAAE,CAAC;QACZ,KAAK,SAAS;YACZ,IAAI,CAAC;gBACH,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,MAAM,CAAC,uBAAuB,CAAC,CAAA;gBACzD,OAAO;oBACL,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO;wBACzB,OAAO,OAAO,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAAA;oBACvC,CAAC;oBACD,KAAK,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,EAAE,SAAS;wBACxC,OAAO,OAAO,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,EAAE,SAAS,CAAC,CAAA;oBACtD,CAAC;oBACD,KAAK,CAAC,MAAM;wBACV,MAAM,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,gBAAgB,EAAE,CAAA;wBAChD,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,OAAO,CAAC,YAAY,CAAC,OAAO,CAAC,EAAE,CAAA;oBAC9D,CAAC;iBACF,CAAA;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,IAAI,eAAe,CACvB,8FAA8F,CAC/F,CAAA;YACH,CAAC;QAEH,KAAK,OAAO;YACV,IAAI,CAAC;gBACH,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,MAAM,CAAC,qBAAqB,CAAC,CAAA;gBACrD,OAAO;oBACL,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO;wBACzB,OAAO,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAAA;oBACrC,CAAC;oBACD,KAAK,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,EAAE,SAAS;wBACxC,OAAO,KAAK,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,EAAE,SAAS,CAAC,CAAA;oBACpD,CAAC;oBACD,KAAK,CAAC,MAAM;wBACV,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,gBAAgB,EAAE,CAAA;wBAC9C,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,KAAK,CAAC,YAAY,CAAC,OAAO,CAAC,EAAE,CAAA;oBAC5D,CAAC;iBACF,CAAA;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,IAAI,eAAe,CACvB,8FAA8F,CAC/F,CAAA;YACH,CAAC;QAEH,KAAK,MAAM;YACT,IAAI,CAAC;gBACH,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,MAAM,CAAC,oBAAoB,CAAC,CAAA;gBACnD,OAAO;oBACL,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO;wBACzB,OAAO,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,iBAAiB,EAAE,CAAA;oBAC3E,CAAC;oBACD,KAAK,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,EAAE,SAAS;wBACxC,OAAO,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,EAAE,SAAS,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAA;oBACtE,CAAC;oBACD,KAAK,CAAC,MAAM;wBACV,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,gBAAgB,EAAE,CAAA;wBAC7C,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,EAAE,CAAA;oBAC3D,CAAC;iBACF,CAAA;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,IAAI,eAAe,CACvB,8FAA8F,CAC/F,CAAA;YACH,CAAC;QACH,KAAK,MAAM;YACT,IAAI,CAAC;gBACH,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,MAAM,CAAC,oBAAoB,CAAC,CAAA;gBACnD,OAAO;oBACL,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO;wBACzB,OAAO,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,iBAAiB,EAAE,CAAA;oBAC3E,CAAC;oBACD,KAAK,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,EAAE,SAAS;wBACxC,OAAO,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,EAAE,SAAS,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAA;oBACtE,CAAC;oBACD,KAAK,CAAC,MAAM;wBACV,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,gBAAgB,EAAE,CAAA;wBAC7C,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,EAAE,CAAA;oBAC3D,CAAC;iBACF,CAAA;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,IAAI,eAAe,CACvB,8FAA8F,CAC/F,CAAA;YACH,CAAC;QACH,KAAK,MAAM;YACT,IAAI,CAAC;gBACH,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,MAAM,CAAC,oBAAoB,CAAC,CAAA;gBACnD,OAAO;oBACL,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO;wBACzB,OAAO,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,iBAAiB,EAAE,CAAA;oBAC3E,CAAC;oBACD,KAAK,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,EAAE,SAAS;wBACxC,OAAO,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,EAAE,SAAS,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAA;oBACtE,CAAC;oBACD,KAAK,CAAC,MAAM;wBACV,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,gBAAgB,EAAE,CAAA;wBAC7C,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,EAAE,CAAA;oBAC3D,CAAC;iBACF,CAAA;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,IAAI,eAAe,CACvB,8FAA8F,CAC/F,CAAA;YACH,CAAC;QACH,KAAK,WAAW;YACd,IAAI,CAAC;gBACH,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,MAAM,CAAC,4BAA4B,CAAC,CAAA;gBAC/D,OAAO;oBACL,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO;wBACzB,OAAO,QAAQ,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAAA;oBACxC,CAAC;oBACD,KAAK,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,EAAE,SAAS;wBACxC,OAAO,QAAQ,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,EAAE,SAAS,CAAC,CAAA;oBACvD,CAAC;oBACD,KAAK,CAAC,MAAM;wBACV,MAAM,IAAI,GAAG,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;wBACxE,OAAO,EAAE,OAAO,EAAE,IAAI,CAAC,SAAS,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,CAAA;oBAC/D,CAAC;iBACF,CAAA;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,IAAI,eAAe,CACvB,oGAAoG,CACrG,CAAA;YACH,CAAC;IACL,CAAC;AACH,CAAC"}

package/dist/src/customCredential.d.ts

@@ -0,0 +1,2 @@
+import { Credential } from "./credential";
+export declare function createCustomCredential(credentialId: number, data: Uint8Array): Credential;

package/dist/src/customCredential.js

@@ -0,0 +1,11 @@
+function createCustomCredentialType(credentialId) {
+    return credentialId.toString();
+}
+export function createCustomCredential(credentialId, data) {
+    const result = {
+        credentialType: createCustomCredentialType(credentialId),
+        data,
+    };
+    return result;
+}
+//# sourceMappingURL=customCredential.js.map

package/dist/src/customCredential.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"customCredential.js","sourceRoot":"","sources":["../../src/customCredential.ts"],"names":[],"mappings":"AAGA,SAAS,0BAA0B,CAAC,YAAoB;IACtD,OAAO,YAAY,CAAC,QAAQ,EAAwB,CAAA;AACtD,CAAC;AAED,MAAM,UAAU,sBAAsB,CAAC,YAAoB,EAAE,IAAgB;IAC3E,MAAM,MAAM,GAAqB;QAC/B,cAAc,EAAE,0BAA0B,CAAC,YAAY,CAAC;QACxD,IAAI;KACL,CAAA;IACD,OAAO,MAA+B,CAAA;AACxC,CAAC"}

package/dist/src/defaultCapabilities.d.ts

@@ -0,0 +1,2 @@
+import { Capabilities } from "./capabilities";
+export declare function defaultCapabilities(): Capabilities;

package/dist/src/defaultCapabilities.js

@@ -0,0 +1,12 @@
+import { ciphersuites } from "./crypto/ciphersuite";
+import { greaseCapabilities, defaultGreaseConfig } from "./grease";
+export function defaultCapabilities() {
+    return greaseCapabilities(defaultGreaseConfig, {
+        versions: ["mls10"],
+        ciphersuites: Object.keys(ciphersuites),
+        extensions: [],
+        proposals: [],
+        credentials: ["basic", "x509"],
+    });
+}
+//# sourceMappingURL=defaultCapabilities.js.map

package/dist/src/defaultCapabilities.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"defaultCapabilities.js","sourceRoot":"","sources":["../../src/defaultCapabilities.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAmB,MAAM,sBAAsB,CAAA;AACpE,OAAO,EAAE,kBAAkB,EAAE,mBAAmB,EAAE,MAAM,UAAU,CAAA;AAElE,MAAM,UAAU,mBAAmB;IACjC,OAAO,kBAAkB,CAAC,mBAAmB,EAAE;QAC7C,QAAQ,EAAE,CAAC,OAAO,CAAC;QACnB,YAAY,EAAE,MAAM,CAAC,IAAI,CAAC,YAAY,CAAsB;QAC5D,UAAU,EAAE,EAAE;QACd,SAAS,EAAE,EAAE;QACb,WAAW,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC;KAC/B,CAAC,CAAA;AACJ,CAAC"}

package/dist/src/defaultExtensionType.d.ts

@@ -0,0 +1,13 @@
+import { Decoder } from "./codec/tlsDecoder";
+import { Encoder } from "./codec/tlsEncoder";
+export declare const defaultExtensionTypes: {
+    readonly application_id: 1;
+    readonly ratchet_tree: 2;
+    readonly required_capabilities: 3;
+    readonly external_pub: 4;
+    readonly external_senders: 5;
+};
+export type DefaultExtensionTypeName = keyof typeof defaultExtensionTypes;
+export type DefaultExtensionTypeValue = (typeof defaultExtensionTypes)[DefaultExtensionTypeName];
+export declare const encodeDefaultExtensionType: Encoder<DefaultExtensionTypeName>;
+export declare const decodeDefaultExtensionType: Decoder<DefaultExtensionTypeName>;

package/dist/src/defaultExtensionType.js

@@ -0,0 +1,14 @@
+import { decodeUint16, encodeUint16 } from "./codec/number";
+import { mapDecoderOption } from "./codec/tlsDecoder";
+import { contramapEncoder } from "./codec/tlsEncoder";
+import { enumNumberToKey } from "./util/enumHelpers";
+export const defaultExtensionTypes = {
+    application_id: 1,
+    ratchet_tree: 2,
+    required_capabilities: 3,
+    external_pub: 4,
+    external_senders: 5,
+};
+export const encodeDefaultExtensionType = contramapEncoder(encodeUint16, (n) => defaultExtensionTypes[n]);
+export const decodeDefaultExtensionType = mapDecoderOption(decodeUint16, enumNumberToKey(defaultExtensionTypes));
+//# sourceMappingURL=defaultExtensionType.js.map

package/dist/src/defaultExtensionType.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"defaultExtensionType.js","sourceRoot":"","sources":["../../src/defaultExtensionType.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAA;AAC3D,OAAO,EAAW,gBAAgB,EAAE,MAAM,oBAAoB,CAAA;AAC9D,OAAO,EAAE,gBAAgB,EAAW,MAAM,oBAAoB,CAAA;AAC9D,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAA;AAEpD,MAAM,CAAC,MAAM,qBAAqB,GAAG;IACnC,cAAc,EAAE,CAAC;IACjB,YAAY,EAAE,CAAC;IACf,qBAAqB,EAAE,CAAC;IACxB,YAAY,EAAE,CAAC;IACf,gBAAgB,EAAE,CAAC;CACX,CAAA;AAKV,MAAM,CAAC,MAAM,0BAA0B,GAAsC,gBAAgB,CAC3F,YAAY,EACZ,CAAC,CAAC,EAAE,EAAE,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAChC,CAAA;AAED,MAAM,CAAC,MAAM,0BAA0B,GAAsC,gBAAgB,CAC3F,YAAY,EACZ,eAAe,CAAC,qBAAqB,CAAC,CACvC,CAAA"}

package/dist/src/defaultProposalType.d.ts

@@ -0,0 +1,15 @@
+import { Decoder } from "./codec/tlsDecoder";
+import { Encoder } from "./codec/tlsEncoder";
+export declare const defaultProposalTypes: {
+    readonly add: 1;
+    readonly update: 2;
+    readonly remove: 3;
+    readonly psk: 4;
+    readonly reinit: 5;
+    readonly external_init: 6;
+    readonly group_context_extensions: 7;
+};
+export type DefaultProposalTypeName = keyof typeof defaultProposalTypes;
+export type DefaultProposalTypeValue = (typeof defaultProposalTypes)[DefaultProposalTypeName];
+export declare const encodeDefaultProposalType: Encoder<DefaultProposalTypeName>;
+export declare const decodeDefaultProposalType: Decoder<DefaultProposalTypeName>;

package/dist/src/defaultProposalType.js

@@ -0,0 +1,16 @@
+import { decodeUint16, encodeUint16 } from "./codec/number";
+import { mapDecoderOption } from "./codec/tlsDecoder";
+import { contramapEncoder } from "./codec/tlsEncoder";
+import { enumNumberToKey } from "./util/enumHelpers";
+export const defaultProposalTypes = {
+    add: 1,
+    update: 2,
+    remove: 3,
+    psk: 4,
+    reinit: 5,
+    external_init: 6,
+    group_context_extensions: 7,
+};
+export const encodeDefaultProposalType = contramapEncoder(encodeUint16, (n) => defaultProposalTypes[n]);
+export const decodeDefaultProposalType = mapDecoderOption(decodeUint16, enumNumberToKey(defaultProposalTypes));
+//# sourceMappingURL=defaultProposalType.js.map

package/dist/src/defaultProposalType.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"defaultProposalType.js","sourceRoot":"","sources":["../../src/defaultProposalType.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAA;AAC3D,OAAO,EAAW,gBAAgB,EAAE,MAAM,oBAAoB,CAAA;AAC9D,OAAO,EAAE,gBAAgB,EAAW,MAAM,oBAAoB,CAAA;AAC9D,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAA;AAEpD,MAAM,CAAC,MAAM,oBAAoB,GAAG;IAClC,GAAG,EAAE,CAAC;IACN,MAAM,EAAE,CAAC;IACT,MAAM,EAAE,CAAC;IACT,GAAG,EAAE,CAAC;IACN,MAAM,EAAE,CAAC;IACT,aAAa,EAAE,CAAC;IAChB,wBAAwB,EAAE,CAAC;CACnB,CAAA;AAKV,MAAM,CAAC,MAAM,yBAAyB,GAAqC,gBAAgB,CACzF,YAAY,EACZ,CAAC,CAAC,EAAE,EAAE,CAAC,oBAAoB,CAAC,CAAC,CAAC,CAC/B,CAAA;AAED,MAAM,CAAC,MAAM,yBAAyB,GAAqC,gBAAgB,CACzF,YAAY,EACZ,eAAe,CAAC,oBAAoB,CAAC,CACtC,CAAA"}

package/dist/src/extension.d.ts

@@ -0,0 +1,18 @@
+import { Decoder } from "./codec/tlsDecoder";
+import { Encoder } from "./codec/tlsEncoder";
+import { DefaultExtensionTypeName } from "./defaultExtensionType";
+export type ExtensionType = DefaultExtensionTypeName | number;
+export declare const encodeExtensionType: Encoder<ExtensionType>;
+export declare const decodeExtensionType: Decoder<ExtensionType>;
+export type Extension = {
+    extensionType: ExtensionType;
+    extensionData: Uint8Array;
+};
+export declare const encodeExtension: Encoder<Extension>;
+export declare const decodeExtension: Decoder<Extension>;
+export declare function extensionEqual(a: Extension, b: Extension): boolean;
+export declare function extensionsEqual(a: Extension[], b: Extension[]): boolean;
+export declare function extensionsSupportedByCapabilities(requiredExtensions: Extension[], capabilities: {
+    extensions: number[];
+}): boolean;
+export declare function extensionTypeToNumber(t: ExtensionType): number;

package/dist/src/extension.js

@@ -0,0 +1,30 @@
+import { decodeUint16, encodeUint16 } from "./codec/number";
+import { mapDecoders, orDecoder } from "./codec/tlsDecoder";
+import { contramapEncoders } from "./codec/tlsEncoder";
+import { decodeVarLenData, encodeVarLenData } from "./codec/variableLength";
+import { decodeDefaultExtensionType, encodeDefaultExtensionType, defaultExtensionTypes, } from "./defaultExtensionType";
+import { constantTimeEqual } from "./util/constantTimeCompare";
+export const encodeExtensionType = (t) => typeof t === "number" ? encodeUint16(t) : encodeDefaultExtensionType(t);
+export const decodeExtensionType = orDecoder(decodeDefaultExtensionType, decodeUint16);
+export const encodeExtension = contramapEncoders([encodeExtensionType, encodeVarLenData], (e) => [e.extensionType, e.extensionData]);
+export const decodeExtension = mapDecoders([decodeExtensionType, decodeVarLenData], (extensionType, extensionData) => ({ extensionType, extensionData }));
+export function extensionEqual(a, b) {
+    return a.extensionType === b.extensionType && constantTimeEqual(a.extensionData, b.extensionData);
+}
+export function extensionsEqual(a, b) {
+    if (a.length !== b.length)
+        return false;
+    return a.every((val, i) => extensionEqual(val, b[i]));
+}
+export function extensionsSupportedByCapabilities(requiredExtensions, capabilities) {
+    return requiredExtensions
+        .filter((ex) => !isDefaultExtension(ex.extensionType))
+        .every((ex) => capabilities.extensions.includes(extensionTypeToNumber(ex.extensionType)));
+}
+function isDefaultExtension(t) {
+    return typeof t !== "number";
+}
+export function extensionTypeToNumber(t) {
+    return typeof t === "number" ? t : defaultExtensionTypes[t];
+}
+//# sourceMappingURL=extension.js.map

package/dist/src/extension.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"extension.js","sourceRoot":"","sources":["../../src/extension.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAA;AAC3D,OAAO,EAAW,WAAW,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAA;AACpE,OAAO,EAAE,iBAAiB,EAAW,MAAM,oBAAoB,CAAA;AAC/D,OAAO,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAA;AAC3E,OAAO,EACL,0BAA0B,EAC1B,0BAA0B,EAE1B,qBAAqB,GACtB,MAAM,wBAAwB,CAAA;AAC/B,OAAO,EAAE,iBAAiB,EAAE,MAAM,4BAA4B,CAAA;AAI9D,MAAM,CAAC,MAAM,mBAAmB,GAA2B,CAAC,CAAC,EAAE,EAAE,CAC/D,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,0BAA0B,CAAC,CAAC,CAAC,CAAA;AAEzE,MAAM,CAAC,MAAM,mBAAmB,GAA2B,SAAS,CAAC,0BAA0B,EAAE,YAAY,CAAC,CAAA;AAO9G,MAAM,CAAC,MAAM,eAAe,GAAuB,iBAAiB,CAClE,CAAC,mBAAmB,EAAE,gBAAgB,CAAC,EACvC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,aAAa,EAAE,CAAC,CAAC,aAAa,CAAU,CACnD,CAAA;AAED,MAAM,CAAC,MAAM,eAAe,GAAuB,WAAW,CAC5D,CAAC,mBAAmB,EAAE,gBAAgB,CAAC,EACvC,CAAC,aAAa,EAAE,aAAa,EAAE,EAAE,CAAC,CAAC,EAAE,aAAa,EAAE,aAAa,EAAE,CAAC,CACrE,CAAA;AAED,MAAM,UAAU,cAAc,CAAC,CAAY,EAAE,CAAY;IACvD,OAAO,CAAC,CAAC,aAAa,KAAK,CAAC,CAAC,aAAa,IAAI,iBAAiB,CAAC,CAAC,CAAC,aAAa,EAAE,CAAC,CAAC,aAAa,CAAC,CAAA;AACnG,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,CAAc,EAAE,CAAc;IAC5D,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM;QAAE,OAAO,KAAK,CAAA;IACvC,OAAO,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,cAAc,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAE,CAAC,CAAC,CAAA;AACxD,CAAC;AAED,MAAM,UAAU,iCAAiC,CAC/C,kBAA+B,EAC/B,YAAsC;IAEtC,OAAO,kBAAkB;SACtB,MAAM,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,kBAAkB,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC;SACrD,KAAK,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,YAAY,CAAC,UAAU,CAAC,QAAQ,CAAC,qBAAqB,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC,CAAA;AAC7F,CAAC;AAED,SAAS,kBAAkB,CAAC,CAAgB;IAC1C,OAAO,OAAO,CAAC,KAAK,QAAQ,CAAA;AAC9B,CAAC;AAED,MAAM,UAAU,qBAAqB,CAAC,CAAgB;IACpD,OAAO,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAA;AAC7D,CAAC"}

package/dist/src/externalProposal.d.ts

@@ -0,0 +1,7 @@
+import { CiphersuiteImpl } from "./crypto/ciphersuite";
+import { GroupInfo } from "./groupInfo";
+import { KeyPackage, PrivateKeyPackage } from "./keyPackage";
+import { MLSMessage } from "./message";
+import { Proposal } from "./proposal";
+export declare function proposeAddExternal(groupInfo: GroupInfo, keyPackage: KeyPackage, privateKeyPackage: PrivateKeyPackage, cs: CiphersuiteImpl, authenticatedData?: Uint8Array): Promise<MLSMessage>;
+export declare function proposeExternal(groupInfo: GroupInfo, proposal: Proposal, signaturePublicKey: Uint8Array, signaturePrivateKey: Uint8Array, cs: CiphersuiteImpl): Promise<MLSMessage>;

package/dist/src/externalProposal.js

@@ -0,0 +1,40 @@
+import { extensionsSupportedByCapabilities } from "./extension";
+import { decodeExternalSender } from "./externalSender";
+import { protectExternalProposalPublic } from "./messageProtectionPublic";
+import { UsageError, ValidationError } from "./mlsError";
+import { constantTimeEqual } from "./util/constantTimeCompare";
+export async function proposeAddExternal(groupInfo, keyPackage, privateKeyPackage, cs, authenticatedData = new Uint8Array()) {
+    const allExtensionsSupported = extensionsSupportedByCapabilities(groupInfo.groupContext.extensions, keyPackage.leafNode.capabilities);
+    if (!allExtensionsSupported)
+        throw new UsageError("client does not support every extension in the GroupContext");
+    const proposal = {
+        proposalType: "add",
+        add: {
+            keyPackage,
+        },
+    };
+    const result = await protectExternalProposalPublic(privateKeyPackage.signaturePrivateKey, groupInfo.groupContext, authenticatedData, proposal, { senderType: "new_member_proposal" }, cs);
+    return {
+        wireformat: "mls_public_message",
+        version: groupInfo.groupContext.version,
+        publicMessage: result.publicMessage,
+    };
+}
+export async function proposeExternal(groupInfo, proposal, signaturePublicKey, signaturePrivateKey, cs) {
+    const authenticatedData = new Uint8Array();
+    const externalSenderExtensionIndex = groupInfo.extensions.findIndex((ex) => {
+        if (ex.extensionType !== "external_senders")
+            return false;
+        const decoded = decodeExternalSender(ex.extensionData, 0);
+        if (decoded === undefined)
+            throw new ValidationError("Could not decode external_sender extension");
+        return constantTimeEqual(decoded[0].signaturePublicKey, signaturePublicKey);
+    });
+    const result = await protectExternalProposalPublic(signaturePrivateKey, groupInfo.groupContext, authenticatedData, proposal, { senderType: "external", senderIndex: externalSenderExtensionIndex }, cs);
+    return {
+        wireformat: "mls_public_message",
+        version: groupInfo.groupContext.version,
+        publicMessage: result.publicMessage,
+    };
+}
+//# sourceMappingURL=externalProposal.js.map

package/dist/src/externalProposal.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"externalProposal.js","sourceRoot":"","sources":["../../src/externalProposal.ts"],"names":[],"mappings":"AACA,OAAO,EAAa,iCAAiC,EAAE,MAAM,aAAa,CAAA;AAC1E,OAAO,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAA;AAIvD,OAAO,EAAE,6BAA6B,EAAE,MAAM,2BAA2B,CAAA;AACzE,OAAO,EAAE,UAAU,EAAE,eAAe,EAAE,MAAM,YAAY,CAAA;AAExD,OAAO,EAAE,iBAAiB,EAAE,MAAM,4BAA4B,CAAA;AAE9D,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,SAAoB,EACpB,UAAsB,EACtB,iBAAoC,EACpC,EAAmB,EACnB,oBAAgC,IAAI,UAAU,EAAE;IAEhD,MAAM,sBAAsB,GAAG,iCAAiC,CAC9D,SAAS,CAAC,YAAY,CAAC,UAAU,EACjC,UAAU,CAAC,QAAQ,CAAC,YAAY,CACjC,CAAA;IACD,IAAI,CAAC,sBAAsB;QAAE,MAAM,IAAI,UAAU,CAAC,6DAA6D,CAAC,CAAA;IAEhH,MAAM,QAAQ,GAAa;QACzB,YAAY,EAAE,KAAK;QACnB,GAAG,EAAE;YACH,UAAU;SACX;KACF,CAAA;IAED,MAAM,MAAM,GAAG,MAAM,6BAA6B,CAChD,iBAAiB,CAAC,mBAAmB,EACrC,SAAS,CAAC,YAAY,EACtB,iBAAiB,EACjB,QAAQ,EACR,EAAE,UAAU,EAAE,qBAAqB,EAAE,EACrC,EAAE,CACH,CAAA;IAED,OAAO;QACL,UAAU,EAAE,oBAAoB;QAChC,OAAO,EAAE,SAAS,CAAC,YAAY,CAAC,OAAO;QACvC,aAAa,EAAE,MAAM,CAAC,aAAa;KACpC,CAAA;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,SAAoB,EACpB,QAAkB,EAClB,kBAA8B,EAC9B,mBAA+B,EAC/B,EAAmB;IAEnB,MAAM,iBAAiB,GAAe,IAAI,UAAU,EAAE,CAAA;IAEtD,MAAM,4BAA4B,GAAG,SAAS,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,EAAa,EAAW,EAAE;QAC7F,IAAI,EAAE,CAAC,aAAa,KAAK,kBAAkB;YAAE,OAAO,KAAK,CAAA;QACzD,MAAM,OAAO,GAAG,oBAAoB,CAAC,EAAE,CAAC,aAAa,EAAE,CAAC,CAAC,CAAA;QAEzD,IAAI,OAAO,KAAK,SAAS;YAAE,MAAM,IAAI,eAAe,CAAC,4CAA4C,CAAC,CAAA;QAElG,OAAO,iBAAiB,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,kBAAkB,EAAE,kBAAkB,CAAC,CAAA;IAC7E,CAAC,CAAC,CAAA;IAEF,MAAM,MAAM,GAAG,MAAM,6BAA6B,CAChD,mBAAmB,EACnB,SAAS,CAAC,YAAY,EACtB,iBAAiB,EACjB,QAAQ,EACR,EAAE,UAAU,EAAE,UAAU,EAAE,WAAW,EAAE,4BAA4B,EAAE,EACrE,EAAE,CACH,CAAA;IAED,OAAO;QACL,UAAU,EAAE,oBAAoB;QAChC,OAAO,EAAE,SAAS,CAAC,YAAY,CAAC,OAAO;QACvC,aAAa,EAAE,MAAM,CAAC,aAAa;KACpC,CAAA;AACH,CAAC"}

package/dist/src/externalSender.d.ts

@@ -0,0 +1,9 @@
+import { Decoder } from "./codec/tlsDecoder";
+import { Encoder } from "./codec/tlsEncoder";
+import { Credential } from "./credential";
+export type ExternalSender = {
+    signaturePublicKey: Uint8Array;
+    credential: Credential;
+};
+export declare const encodeExternalSender: Encoder<ExternalSender>;
+export declare const decodeExternalSender: Decoder<ExternalSender>;

package/dist/src/externalSender.js

@@ -0,0 +1,7 @@
+import { mapDecoders } from "./codec/tlsDecoder";
+import { contramapEncoders } from "./codec/tlsEncoder";
+import { decodeVarLenData, encodeVarLenData } from "./codec/variableLength";
+import { decodeCredential, encodeCredential } from "./credential";
+export const encodeExternalSender = contramapEncoders([encodeVarLenData, encodeCredential], (e) => [e.signaturePublicKey, e.credential]);
+export const decodeExternalSender = mapDecoders([decodeVarLenData, decodeCredential], (signaturePublicKey, credential) => ({ signaturePublicKey, credential }));
+//# sourceMappingURL=externalSender.js.map

package/dist/src/externalSender.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"externalSender.js","sourceRoot":"","sources":["../../src/externalSender.ts"],"names":[],"mappings":"AAAA,OAAO,EAAW,WAAW,EAAE,MAAM,oBAAoB,CAAA;AACzD,OAAO,EAAE,iBAAiB,EAAW,MAAM,oBAAoB,CAAA;AAC/D,OAAO,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAA;AAC3E,OAAO,EAAc,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAA;AAO7E,MAAM,CAAC,MAAM,oBAAoB,GAA4B,iBAAiB,CAC5E,CAAC,gBAAgB,EAAE,gBAAgB,CAAC,EACpC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,kBAAkB,EAAE,CAAC,CAAC,UAAU,CAAU,CACrD,CAAA;AAED,MAAM,CAAC,MAAM,oBAAoB,GAA4B,WAAW,CACtE,CAAC,gBAAgB,EAAE,gBAAgB,CAAC,EACpC,CAAC,kBAAkB,EAAE,UAAU,EAAE,EAAE,CAAC,CAAC,EAAE,kBAAkB,EAAE,UAAU,EAAE,CAAC,CACzE,CAAA"}

package/dist/src/framedContent.d.ts

@@ -0,0 +1,113 @@
+import { Decoder } from "./codec/tlsDecoder";
+import { Encoder } from "./codec/tlsEncoder";
+import { Commit } from "./commit";
+import { ContentTypeName } from "./contentType";
+import { CiphersuiteImpl } from "./crypto/ciphersuite";
+import { Hash } from "./crypto/hash";
+import { Signature } from "./crypto/signature";
+import { GroupContext } from "./groupContext";
+import { WireformatName } from "./wireformat";
+import { Proposal } from "./proposal";
+import { ProtocolVersionName } from "./protocolVersion";
+import { Sender, SenderExternal, SenderMember, SenderNewMemberCommit, SenderNewMemberProposal } from "./sender";
+export type FramedContentInfo = FramedContentApplicationData | FramedContentProposalData | FramedContentCommitData;
+export type FramedContentApplicationData = {
+    contentType: "application";
+    applicationData: Uint8Array;
+};
+export type FramedContentProposalData = {
+    contentType: "proposal";
+    proposal: Proposal;
+};
+export type FramedContentCommitData = {
+    contentType: "commit";
+    commit: Commit;
+};
+export declare const encodeFramedContentApplicationData: Encoder<FramedContentApplicationData>;
+export declare const encodeFramedContentProposalData: Encoder<FramedContentProposalData>;
+export declare const encodeFramedContentCommitData: Encoder<FramedContentCommitData>;
+export declare const encodeFramedContentInfo: Encoder<FramedContentInfo>;
+export declare const decodeFramedContentApplicationData: Decoder<FramedContentApplicationData>;
+export declare const decodeFramedContentProposalData: Decoder<FramedContentProposalData>;
+export declare const decodeFramedContentCommitData: Decoder<FramedContentCommitData>;
+export declare const decodeFramedContentInfo: Decoder<FramedContentInfo>;
+export declare function toTbs(content: FramedContent, wireformat: WireformatName, context: GroupContext): FramedContentTBS;
+export type FramedContent = FramedContentData & FramedContentInfo;
+export type FramedContentData = {
+    groupId: Uint8Array;
+    epoch: bigint;
+    sender: Sender;
+    authenticatedData: Uint8Array;
+};
+export type FramedContentMember = FramedContent & {
+    sender: SenderMember;
+};
+export type FramedContentNewMemberCommit = FramedContent & {
+    sender: SenderNewMemberCommit;
+};
+export type FramedContentExternal = FramedContent & {
+    sender: SenderExternal;
+};
+export type FramedContentNewMemberProposal = FramedContent & {
+    sender: SenderNewMemberProposal;
+};
+export type FramedContentCommit = FramedContentData & FramedContentCommitData;
+export type FramedContentApplicationOrProposal = FramedContentData & (FramedContentApplicationData | FramedContentProposalData);
+export declare const encodeFramedContent: Encoder<FramedContent>;
+export declare const decodeFramedContent: Decoder<FramedContent>;
+type SenderInfo = SenderInfoMember | SenderInfoNewMemberCommit | SenderInfoExternal | SenderInfoNewMemberProposal;
+type SenderInfoMember = {
+    senderType: "member";
+    context: GroupContext;
+};
+type SenderInfoNewMemberCommit = {
+    senderType: "new_member_commit";
+    context: GroupContext;
+};
+type SenderInfoExternal = {
+    senderType: "external";
+};
+type SenderInfoNewMemberProposal = {
+    senderType: "new_member_proposal";
+};
+export declare const encodeSenderInfo: Encoder<SenderInfo>;
+export type FramedContentTBS = {
+    protocolVersion: ProtocolVersionName;
+    wireformat: WireformatName;
+    content: FramedContent;
+} & SenderInfo;
+export type FramedContentTBSCommit = FramedContentTBS & {
+    content: FramedContentCommit;
+};
+export type FramedContentTBSApplicationOrProposal = FramedContentTBS & {
+    content: FramedContentApplicationOrProposal;
+};
+export type FramedContentTBSExternal = FramedContentTBS & (SenderInfoExternal | SenderInfoNewMemberCommit | SenderInfoNewMemberProposal);
+export declare const encodeFramedContentTBS: Encoder<FramedContentTBS>;
+export type FramedContentAuthData = FramedContentAuthDataCommit | FramedContentAuthDataApplicationOrProposal;
+export type FramedContentAuthDataCommit = {
+    signature: Uint8Array;
+} & FramedContentAuthDataContentCommit;
+export type FramedContentAuthDataApplicationOrProposal = {
+    signature: Uint8Array;
+} & FramedContentAuthDataContentApplicationOrProposal;
+type FramedContentAuthDataContentCommit = {
+    contentType: "commit";
+    confirmationTag: Uint8Array;
+};
+type FramedContentAuthDataContentApplicationOrProposal = {
+    contentType: Exclude<ContentTypeName, "commit">;
+};
+export declare const encodeFramedContentAuthData: Encoder<FramedContentAuthData>;
+export declare const decodeFramedContentAuthDataCommit: Decoder<FramedContentAuthDataContentCommit>;
+export declare function decodeFramedContentAuthData(contentType: ContentTypeName): Decoder<FramedContentAuthData>;
+export declare function verifyFramedContentSignature(signKey: Uint8Array, wireformat: WireformatName, content: FramedContent, auth: FramedContentAuthData, context: GroupContext, s: Signature): Promise<boolean>;
+export declare function signFramedContentTBS(signKey: Uint8Array, tbs: FramedContentTBS, s: Signature): Promise<Uint8Array>;
+export declare function signFramedContentApplicationOrProposal(signKey: Uint8Array, tbs: FramedContentTBSApplicationOrProposal, cs: CiphersuiteImpl): Promise<FramedContentAuthDataApplicationOrProposal>;
+export declare function createConfirmationTag(confirmationKey: Uint8Array, confirmedTranscriptHash: Uint8Array, h: Hash): Promise<Uint8Array>;
+export declare function verifyConfirmationTag(confirmationKey: Uint8Array, tag: Uint8Array, confirmedTranscriptHash: Uint8Array, h: Hash): Promise<boolean>;
+export declare function createContentCommitSignature(groupContext: GroupContext, wireformat: WireformatName, c: Commit, sender: Sender, authenticatedData: Uint8Array, signKey: Uint8Array, s: Signature): Promise<{
+    framedContent: FramedContentCommit;
+    signature: Uint8Array;
+}>;
+export {};

package/dist/src/framedContent.js

@@ -0,0 +1,131 @@
+import { decodeUint64, encodeUint64 } from "./codec/number";
+import { flatMapDecoder, mapDecoder, mapDecoders } from "./codec/tlsDecoder";
+import { contramapEncoder, contramapEncoders } from "./codec/tlsEncoder";
+import { decodeVarLenData, encodeVarLenData } from "./codec/variableLength";
+import { decodeCommit, encodeCommit } from "./commit";
+import { decodeContentType, encodeContentType } from "./contentType";
+import { signWithLabel, verifyWithLabel } from "./crypto/signature";
+import { encodeGroupContext } from "./groupContext";
+import { encodeWireformat } from "./wireformat";
+import { decodeProposal, encodeProposal } from "./proposal";
+import { encodeProtocolVersion } from "./protocolVersion";
+import { decodeSender, encodeSender, } from "./sender";
+export const encodeFramedContentApplicationData = contramapEncoders([encodeContentType, encodeVarLenData], (f) => [f.contentType, f.applicationData]);
+export const encodeFramedContentProposalData = contramapEncoders([encodeContentType, encodeProposal], (f) => [f.contentType, f.proposal]);
+export const encodeFramedContentCommitData = contramapEncoders([encodeContentType, encodeCommit], (f) => [f.contentType, f.commit]);
+export const encodeFramedContentInfo = (fc) => {
+    switch (fc.contentType) {
+        case "application":
+            return encodeFramedContentApplicationData(fc);
+        case "proposal":
+            return encodeFramedContentProposalData(fc);
+        case "commit":
+            return encodeFramedContentCommitData(fc);
+    }
+};
+export const decodeFramedContentApplicationData = mapDecoder(decodeVarLenData, (applicationData) => ({ contentType: "application", applicationData }));
+export const decodeFramedContentProposalData = mapDecoder(decodeProposal, (proposal) => ({ contentType: "proposal", proposal }));
+export const decodeFramedContentCommitData = mapDecoder(decodeCommit, (commit) => ({
+    contentType: "commit",
+    commit,
+}));
+export const decodeFramedContentInfo = flatMapDecoder(decodeContentType, (contentType) => {
+    switch (contentType) {
+        case "application":
+            return decodeFramedContentApplicationData;
+        case "proposal":
+            return decodeFramedContentProposalData;
+        case "commit":
+            return decodeFramedContentCommitData;
+    }
+});
+export function toTbs(content, wireformat, context) {
+    return { protocolVersion: context.version, wireformat, content, senderType: content.sender.senderType, context };
+}
+export const encodeFramedContent = contramapEncoders([encodeVarLenData, encodeUint64, encodeSender, encodeVarLenData, encodeFramedContentInfo], (fc) => [fc.groupId, fc.epoch, fc.sender, fc.authenticatedData, fc]);
+export const decodeFramedContent = mapDecoders([decodeVarLenData, decodeUint64, decodeSender, decodeVarLenData, decodeFramedContentInfo], (groupId, epoch, sender, authenticatedData, info) => ({
+    groupId,
+    epoch,
+    sender,
+    authenticatedData,
+    ...info,
+}));
+export const encodeSenderInfo = (info) => {
+    switch (info.senderType) {
+        case "member":
+        case "new_member_commit":
+            return encodeGroupContext(info.context);
+        case "external":
+        case "new_member_proposal":
+            return new Uint8Array();
+    }
+};
+export const encodeFramedContentTBS = contramapEncoders([encodeProtocolVersion, encodeWireformat, encodeFramedContent, encodeSenderInfo], (f) => [f.protocolVersion, f.wireformat, f.content, f]);
+const encodeFramedContentAuthDataContent = (authData) => {
+    switch (authData.contentType) {
+        case "commit":
+            return encodeFramedContentAuthDataCommit(authData);
+        case "application":
+        case "proposal":
+            return new Uint8Array();
+    }
+};
+const encodeFramedContentAuthDataCommit = contramapEncoder(encodeVarLenData, (data) => data.confirmationTag);
+export const encodeFramedContentAuthData = contramapEncoders([encodeVarLenData, encodeFramedContentAuthDataContent], (d) => [d.signature, d]);
+export const decodeFramedContentAuthDataCommit = mapDecoder(decodeVarLenData, (confirmationTag) => ({
+    contentType: "commit",
+    confirmationTag,
+}));
+export function decodeFramedContentAuthData(contentType) {
+    switch (contentType) {
+        case "commit":
+            return mapDecoders([decodeVarLenData, decodeFramedContentAuthDataCommit], (signature, commitData) => ({
+                signature,
+                ...commitData,
+            }));
+        case "application":
+        case "proposal":
+            return mapDecoder(decodeVarLenData, (signature) => ({
+                signature,
+                contentType,
+            }));
+    }
+}
+export async function verifyFramedContentSignature(signKey, wireformat, content, auth, context, s) {
+    return verifyWithLabel(signKey, "FramedContentTBS", encodeFramedContentTBS(toTbs(content, wireformat, context)), auth.signature, s);
+}
+export function signFramedContentTBS(signKey, tbs, s) {
+    return signWithLabel(signKey, "FramedContentTBS", encodeFramedContentTBS(tbs), s);
+}
+export async function signFramedContentApplicationOrProposal(signKey, tbs, cs) {
+    const signature = await signFramedContentTBS(signKey, tbs, cs.signature);
+    return {
+        contentType: tbs.content.contentType,
+        signature,
+    };
+}
+export function createConfirmationTag(confirmationKey, confirmedTranscriptHash, h) {
+    return h.mac(confirmationKey, confirmedTranscriptHash);
+}
+export function verifyConfirmationTag(confirmationKey, tag, confirmedTranscriptHash, h) {
+    return h.verifyMac(confirmationKey, tag, confirmedTranscriptHash);
+}
+export async function createContentCommitSignature(groupContext, wireformat, c, sender, authenticatedData, signKey, s) {
+    const tbs = {
+        protocolVersion: groupContext.version,
+        wireformat,
+        content: {
+            contentType: "commit",
+            commit: c,
+            groupId: groupContext.groupId,
+            epoch: groupContext.epoch,
+            sender,
+            authenticatedData,
+        },
+        senderType: "member",
+        context: groupContext,
+    };
+    const signature = await signFramedContentTBS(signKey, tbs, s);
+    return { framedContent: tbs.content, signature };
+}
+//# sourceMappingURL=framedContent.js.map