ts-mls 1.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +21 -0
- package/README.md +196 -0
- package/dist/src/IncomingMessageAction.d.ts +10 -0
- package/dist/src/IncomingMessageAction.js +2 -0
- package/dist/src/IncomingMessageAction.js.map +1 -0
- package/dist/src/authenticatedContent.d.ts +32 -0
- package/dist/src/authenticatedContent.js +26 -0
- package/dist/src/authenticatedContent.js.map +1 -0
- package/dist/src/authenticationService.d.ts +7 -0
- package/dist/src/authenticationService.js +6 -0
- package/dist/src/authenticationService.js.map +1 -0
- package/dist/src/capabilities.d.ts +14 -0
- package/dist/src/capabilities.js +28 -0
- package/dist/src/capabilities.js.map +1 -0
- package/dist/src/clientConfig.d.ts +21 -0
- package/dist/src/clientConfig.js +13 -0
- package/dist/src/clientConfig.js.map +1 -0
- package/dist/src/clientState.d.ts +122 -0
- package/dist/src/clientState.js +547 -0
- package/dist/src/clientState.js.map +1 -0
- package/dist/src/codec/number.d.ts +10 -0
- package/dist/src/codec/number.js +56 -0
- package/dist/src/codec/number.js.map +1 -0
- package/dist/src/codec/optional.d.ts +4 -0
- package/dist/src/codec/optional.js +20 -0
- package/dist/src/codec/optional.js.map +1 -0
- package/dist/src/codec/tlsDecoder.d.ts +14 -0
- package/dist/src/codec/tlsDecoder.js +78 -0
- package/dist/src/codec/tlsDecoder.js.map +1 -0
- package/dist/src/codec/tlsEncoder.d.ts +9 -0
- package/dist/src/codec/tlsEncoder.js +23 -0
- package/dist/src/codec/tlsEncoder.js.map +1 -0
- package/dist/src/codec/variableLength.d.ts +11 -0
- package/dist/src/codec/variableLength.js +95 -0
- package/dist/src/codec/variableLength.js.map +1 -0
- package/dist/src/commit.d.ts +10 -0
- package/dist/src/commit.js +9 -0
- package/dist/src/commit.js.map +1 -0
- package/dist/src/contentType.d.ts +12 -0
- package/dist/src/contentType.js +12 -0
- package/dist/src/contentType.js.map +1 -0
- package/dist/src/createCommit.d.ts +32 -0
- package/dist/src/createCommit.js +250 -0
- package/dist/src/createCommit.js.map +1 -0
- package/dist/src/createMessage.d.ts +24 -0
- package/dist/src/createMessage.js +32 -0
- package/dist/src/createMessage.js.map +1 -0
- package/dist/src/credential.d.ts +21 -0
- package/dist/src/credential.js +31 -0
- package/dist/src/credential.js.map +1 -0
- package/dist/src/credentialType.d.ts +11 -0
- package/dist/src/credentialType.js +11 -0
- package/dist/src/credentialType.js.map +1 -0
- package/dist/src/crypto/aead.d.ts +8 -0
- package/dist/src/crypto/aead.js +69 -0
- package/dist/src/crypto/aead.js.map +1 -0
- package/dist/src/crypto/ciphersuite.d.ts +51 -0
- package/dist/src/crypto/ciphersuite.js +245 -0
- package/dist/src/crypto/ciphersuite.js.map +1 -0
- package/dist/src/crypto/hash.d.ts +8 -0
- package/dist/src/crypto/hash.js +32 -0
- package/dist/src/crypto/hash.js.map +1 -0
- package/dist/src/crypto/hpke.d.ts +51 -0
- package/dist/src/crypto/hpke.js +109 -0
- package/dist/src/crypto/hpke.js.map +1 -0
- package/dist/src/crypto/kdf.d.ts +12 -0
- package/dist/src/crypto/kdf.js +42 -0
- package/dist/src/crypto/kdf.js.map +1 -0
- package/dist/src/crypto/kem.d.ts +3 -0
- package/dist/src/crypto/kem.js +49 -0
- package/dist/src/crypto/kem.js.map +1 -0
- package/dist/src/crypto/rng.d.ts +4 -0
- package/dist/src/crypto/rng.js +6 -0
- package/dist/src/crypto/rng.js.map +1 -0
- package/dist/src/crypto/signature.d.ts +12 -0
- package/dist/src/crypto/signature.js +127 -0
- package/dist/src/crypto/signature.js.map +1 -0
- package/dist/src/customCredential.d.ts +2 -0
- package/dist/src/customCredential.js +11 -0
- package/dist/src/customCredential.js.map +1 -0
- package/dist/src/defaultCapabilities.d.ts +2 -0
- package/dist/src/defaultCapabilities.js +12 -0
- package/dist/src/defaultCapabilities.js.map +1 -0
- package/dist/src/defaultExtensionType.d.ts +13 -0
- package/dist/src/defaultExtensionType.js +14 -0
- package/dist/src/defaultExtensionType.js.map +1 -0
- package/dist/src/defaultProposalType.d.ts +15 -0
- package/dist/src/defaultProposalType.js +16 -0
- package/dist/src/defaultProposalType.js.map +1 -0
- package/dist/src/extension.d.ts +18 -0
- package/dist/src/extension.js +30 -0
- package/dist/src/extension.js.map +1 -0
- package/dist/src/externalProposal.d.ts +7 -0
- package/dist/src/externalProposal.js +40 -0
- package/dist/src/externalProposal.js.map +1 -0
- package/dist/src/externalSender.d.ts +9 -0
- package/dist/src/externalSender.js +7 -0
- package/dist/src/externalSender.js.map +1 -0
- package/dist/src/framedContent.d.ts +113 -0
- package/dist/src/framedContent.js +131 -0
- package/dist/src/framedContent.js.map +1 -0
- package/dist/src/grease.d.ts +16 -0
- package/dist/src/grease.js +29 -0
- package/dist/src/grease.js.map +1 -0
- package/dist/src/groupContext.d.ts +19 -0
- package/dist/src/groupContext.js +44 -0
- package/dist/src/groupContext.js.map +1 -0
- package/dist/src/groupInfo.d.ts +26 -0
- package/dist/src/groupInfo.js +47 -0
- package/dist/src/groupInfo.js.map +1 -0
- package/dist/src/groupSecrets.d.ts +10 -0
- package/dist/src/groupSecrets.js +8 -0
- package/dist/src/groupSecrets.js.map +1 -0
- package/dist/src/hpkeCiphertext.d.ts +8 -0
- package/dist/src/hpkeCiphertext.js +6 -0
- package/dist/src/hpkeCiphertext.js.map +1 -0
- package/dist/src/index.d.ts +32 -0
- package/dist/src/index.js +24 -0
- package/dist/src/index.js.map +1 -0
- package/dist/src/keyPackage.d.ts +38 -0
- package/dist/src/keyPackage.js +72 -0
- package/dist/src/keyPackage.js.map +1 -0
- package/dist/src/keyPackageEqualityConfig.d.ts +7 -0
- package/dist/src/keyPackageEqualityConfig.js +10 -0
- package/dist/src/keyPackageEqualityConfig.js.map +1 -0
- package/dist/src/keyRetentionConfig.d.ts +6 -0
- package/dist/src/keyRetentionConfig.js +6 -0
- package/dist/src/keyRetentionConfig.js.map +1 -0
- package/dist/src/keySchedule.d.ts +24 -0
- package/dist/src/keySchedule.js +43 -0
- package/dist/src/keySchedule.js.map +1 -0
- package/dist/src/leafNode.d.ts +78 -0
- package/dist/src/leafNode.js +87 -0
- package/dist/src/leafNode.js.map +1 -0
- package/dist/src/leafNodeSource.d.ts +12 -0
- package/dist/src/leafNodeSource.js +12 -0
- package/dist/src/leafNodeSource.js.map +1 -0
- package/dist/src/lifetime.d.ts +9 -0
- package/dist/src/lifetime.js +13 -0
- package/dist/src/lifetime.js.map +1 -0
- package/dist/src/lifetimeConfig.d.ts +5 -0
- package/dist/src/lifetimeConfig.js +5 -0
- package/dist/src/lifetimeConfig.js.map +1 -0
- package/dist/src/message.d.ts +42 -0
- package/dist/src/message.js +45 -0
- package/dist/src/message.js.map +1 -0
- package/dist/src/messageProtection.d.ts +36 -0
- package/dist/src/messageProtection.js +128 -0
- package/dist/src/messageProtection.js.map +1 -0
- package/dist/src/messageProtectionPublic.d.ts +17 -0
- package/dist/src/messageProtectionPublic.js +99 -0
- package/dist/src/messageProtectionPublic.js.map +1 -0
- package/dist/src/mlsError.d.ts +24 -0
- package/dist/src/mlsError.js +49 -0
- package/dist/src/mlsError.js.map +1 -0
- package/dist/src/nodeType.d.ts +11 -0
- package/dist/src/nodeType.js +11 -0
- package/dist/src/nodeType.js.map +1 -0
- package/dist/src/paddingConfig.d.ts +9 -0
- package/dist/src/paddingConfig.js +8 -0
- package/dist/src/paddingConfig.js.map +1 -0
- package/dist/src/parentHash.d.ts +16 -0
- package/dist/src/parentHash.js +103 -0
- package/dist/src/parentHash.js.map +1 -0
- package/dist/src/parentNode.d.ts +9 -0
- package/dist/src/parentNode.js +11 -0
- package/dist/src/parentNode.js.map +1 -0
- package/dist/src/pathSecrets.d.ts +10 -0
- package/dist/src/pathSecrets.js +31 -0
- package/dist/src/pathSecrets.js.map +1 -0
- package/dist/src/presharedkey.d.ts +51 -0
- package/dist/src/presharedkey.js +59 -0
- package/dist/src/presharedkey.js.map +1 -0
- package/dist/src/privateKeyPath.d.ts +12 -0
- package/dist/src/privateKeyPath.js +21 -0
- package/dist/src/privateKeyPath.js.map +1 -0
- package/dist/src/privateMessage.d.ts +41 -0
- package/dist/src/privateMessage.js +114 -0
- package/dist/src/privateMessage.js.map +1 -0
- package/dist/src/processMessages.d.ts +26 -0
- package/dist/src/processMessages.js +196 -0
- package/dist/src/processMessages.js.map +1 -0
- package/dist/src/proposal.d.ts +97 -0
- package/dist/src/proposal.js +91 -0
- package/dist/src/proposal.js.map +1 -0
- package/dist/src/proposalOrRefType.d.ts +25 -0
- package/dist/src/proposalOrRefType.js +31 -0
- package/dist/src/proposalOrRefType.js.map +1 -0
- package/dist/src/protocolVersion.d.ts +9 -0
- package/dist/src/protocolVersion.js +10 -0
- package/dist/src/protocolVersion.js.map +1 -0
- package/dist/src/pskIndex.d.ts +7 -0
- package/dist/src/pskIndex.js +18 -0
- package/dist/src/pskIndex.js.map +1 -0
- package/dist/src/publicMessage.d.ts +29 -0
- package/dist/src/publicMessage.js +71 -0
- package/dist/src/publicMessage.js.map +1 -0
- package/dist/src/ratchetTree.d.ts +46 -0
- package/dist/src/ratchetTree.js +254 -0
- package/dist/src/ratchetTree.js.map +1 -0
- package/dist/src/requiredCapabilities.d.ts +10 -0
- package/dist/src/requiredCapabilities.js +8 -0
- package/dist/src/requiredCapabilities.js.map +1 -0
- package/dist/src/resumption.d.ts +18 -0
- package/dist/src/resumption.js +74 -0
- package/dist/src/resumption.js.map +1 -0
- package/dist/src/secretTree.d.ts +29 -0
- package/dist/src/secretTree.js +137 -0
- package/dist/src/secretTree.js.map +1 -0
- package/dist/src/sender.d.ts +56 -0
- package/dist/src/sender.js +81 -0
- package/dist/src/sender.js.map +1 -0
- package/dist/src/transcriptHash.d.ts +14 -0
- package/dist/src/transcriptHash.js +23 -0
- package/dist/src/transcriptHash.js.map +1 -0
- package/dist/src/treeHash.d.ts +27 -0
- package/dist/src/treeHash.js +70 -0
- package/dist/src/treeHash.js.map +1 -0
- package/dist/src/treemath.d.ts +14 -0
- package/dist/src/treemath.js +87 -0
- package/dist/src/treemath.js.map +1 -0
- package/dist/src/unappliedProposals.d.ts +7 -0
- package/dist/src/unappliedProposals.js +9 -0
- package/dist/src/unappliedProposals.js.map +1 -0
- package/dist/src/updatePath.d.ts +34 -0
- package/dist/src/updatePath.js +163 -0
- package/dist/src/updatePath.js.map +1 -0
- package/dist/src/util/addToMap.d.ts +1 -0
- package/dist/src/util/addToMap.js +6 -0
- package/dist/src/util/addToMap.js.map +1 -0
- package/dist/src/util/array.d.ts +2 -0
- package/dist/src/util/array.js +9 -0
- package/dist/src/util/array.js.map +1 -0
- package/dist/src/util/byteArray.d.ts +3 -0
- package/dist/src/util/byteArray.js +27 -0
- package/dist/src/util/byteArray.js.map +1 -0
- package/dist/src/util/constantTimeCompare.d.ts +1 -0
- package/dist/src/util/constantTimeCompare.js +10 -0
- package/dist/src/util/constantTimeCompare.js.map +1 -0
- package/dist/src/util/enumHelpers.d.ts +4 -0
- package/dist/src/util/enumHelpers.js +28 -0
- package/dist/src/util/enumHelpers.js.map +1 -0
- package/dist/src/util/repeat.d.ts +1 -0
- package/dist/src/util/repeat.js +8 -0
- package/dist/src/util/repeat.js.map +1 -0
- package/dist/src/welcome.d.ts +29 -0
- package/dist/src/welcome.js +46 -0
- package/dist/src/welcome.js.map +1 -0
- package/dist/src/wireformat.d.ts +13 -0
- package/dist/src/wireformat.js +14 -0
- package/dist/src/wireformat.js.map +1 -0
- package/dist/test/base64.test.d.ts +1 -0
- package/dist/test/base64.test.js +87 -0
- package/dist/test/base64.test.js.map +1 -0
- package/dist/test/codec/authenticatedContent.test.d.ts +1 -0
- package/dist/test/codec/authenticatedContent.test.js +38 -0
- package/dist/test/codec/authenticatedContent.test.js.map +1 -0
- package/dist/test/codec/capabilities.test.d.ts +1 -0
- package/dist/test/codec/capabilities.test.js +26 -0
- package/dist/test/codec/capabilities.test.js.map +1 -0
- package/dist/test/codec/commit.test.d.ts +1 -0
- package/dist/test/codec/commit.test.js +15 -0
- package/dist/test/codec/commit.test.js.map +1 -0
- package/dist/test/codec/composite.test.d.ts +1 -0
- package/dist/test/codec/composite.test.js +61 -0
- package/dist/test/codec/composite.test.js.map +1 -0
- package/dist/test/codec/contentType.test.d.ts +1 -0
- package/dist/test/codec/contentType.test.js +12 -0
- package/dist/test/codec/contentType.test.js.map +1 -0
- package/dist/test/codec/credential.test.d.ts +1 -0
- package/dist/test/codec/credential.test.js +17 -0
- package/dist/test/codec/credential.test.js.map +1 -0
- package/dist/test/codec/credentialType.test.d.ts +1 -0
- package/dist/test/codec/credentialType.test.js +12 -0
- package/dist/test/codec/credentialType.test.js.map +1 -0
- package/dist/test/codec/encryptedGroupSecrets.test.d.ts +1 -0
- package/dist/test/codec/encryptedGroupSecrets.test.js +18 -0
- package/dist/test/codec/encryptedGroupSecrets.test.js.map +1 -0
- package/dist/test/codec/extension.test.d.ts +1 -0
- package/dist/test/codec/extension.test.js +20 -0
- package/dist/test/codec/extension.test.js.map +1 -0
- package/dist/test/codec/extensionType.test.d.ts +1 -0
- package/dist/test/codec/extensionType.test.js +12 -0
- package/dist/test/codec/extensionType.test.js.map +1 -0
- package/dist/test/codec/externalSender.test.d.ts +1 -0
- package/dist/test/codec/externalSender.test.js +20 -0
- package/dist/test/codec/externalSender.test.js.map +1 -0
- package/dist/test/codec/framedContent.test.d.ts +1 -0
- package/dist/test/codec/framedContent.test.js +26 -0
- package/dist/test/codec/framedContent.test.js.map +1 -0
- package/dist/test/codec/groupContext.test.d.ts +1 -0
- package/dist/test/codec/groupContext.test.js +30 -0
- package/dist/test/codec/groupContext.test.js.map +1 -0
- package/dist/test/codec/groupInfo.test.d.ts +1 -0
- package/dist/test/codec/groupInfo.test.js +45 -0
- package/dist/test/codec/groupInfo.test.js.map +1 -0
- package/dist/test/codec/groupSecrets.test.d.ts +1 -0
- package/dist/test/codec/groupSecrets.test.js +16 -0
- package/dist/test/codec/groupSecrets.test.js.map +1 -0
- package/dist/test/codec/hpkeCiphertext.test.d.ts +1 -0
- package/dist/test/codec/hpkeCiphertext.test.js +13 -0
- package/dist/test/codec/hpkeCiphertext.test.js.map +1 -0
- package/dist/test/codec/keyPackage.test.d.ts +1 -0
- package/dist/test/codec/keyPackage.test.js +58 -0
- package/dist/test/codec/keyPackage.test.js.map +1 -0
- package/dist/test/codec/keyPackageTBS.test.d.ts +1 -0
- package/dist/test/codec/keyPackageTBS.test.js +59 -0
- package/dist/test/codec/keyPackageTBS.test.js.map +1 -0
- package/dist/test/codec/leafNode.test.d.ts +1 -0
- package/dist/test/codec/leafNode.test.js +43 -0
- package/dist/test/codec/leafNode.test.js.map +1 -0
- package/dist/test/codec/leafNodeData.test.d.ts +1 -0
- package/dist/test/codec/leafNodeData.test.js +36 -0
- package/dist/test/codec/leafNodeData.test.js.map +1 -0
- package/dist/test/codec/leafNodeSource.test.d.ts +1 -0
- package/dist/test/codec/leafNodeSource.test.js +15 -0
- package/dist/test/codec/leafNodeSource.test.js.map +1 -0
- package/dist/test/codec/lifetime.test.d.ts +1 -0
- package/dist/test/codec/lifetime.test.js +12 -0
- package/dist/test/codec/lifetime.test.js.map +1 -0
- package/dist/test/codec/message.test.d.ts +1 -0
- package/dist/test/codec/message.test.js +100 -0
- package/dist/test/codec/message.test.js.map +1 -0
- package/dist/test/codec/nodeType.test.d.ts +1 -0
- package/dist/test/codec/nodeType.test.js +12 -0
- package/dist/test/codec/nodeType.test.js.map +1 -0
- package/dist/test/codec/number.test.d.ts +1 -0
- package/dist/test/codec/number.test.js +74 -0
- package/dist/test/codec/number.test.js.map +1 -0
- package/dist/test/codec/optional.test.d.ts +1 -0
- package/dist/test/codec/optional.test.js +42 -0
- package/dist/test/codec/optional.test.js.map +1 -0
- package/dist/test/codec/padding.test.d.ts +1 -0
- package/dist/test/codec/padding.test.js +40 -0
- package/dist/test/codec/padding.test.js.map +1 -0
- package/dist/test/codec/parentHash.test.d.ts +1 -0
- package/dist/test/codec/parentHash.test.js +13 -0
- package/dist/test/codec/parentHash.test.js.map +1 -0
- package/dist/test/codec/parentNode.test.d.ts +1 -0
- package/dist/test/codec/parentNode.test.js +22 -0
- package/dist/test/codec/parentNode.test.js.map +1 -0
- package/dist/test/codec/presharedkey.test.d.ts +1 -0
- package/dist/test/codec/presharedkey.test.js +35 -0
- package/dist/test/codec/presharedkey.test.js.map +1 -0
- package/dist/test/codec/privateContentAAD.test.d.ts +1 -0
- package/dist/test/codec/privateContentAAD.test.js +30 -0
- package/dist/test/codec/privateContentAAD.test.js.map +1 -0
- package/dist/test/codec/privateMessage.test.d.ts +1 -0
- package/dist/test/codec/privateMessage.test.js +36 -0
- package/dist/test/codec/privateMessage.test.js.map +1 -0
- package/dist/test/codec/proposal.test.d.ts +1 -0
- package/dist/test/codec/proposal.test.js +44 -0
- package/dist/test/codec/proposal.test.js.map +1 -0
- package/dist/test/codec/proposalOrRef.test.d.ts +1 -0
- package/dist/test/codec/proposalOrRef.test.js +12 -0
- package/dist/test/codec/proposalOrRef.test.js.map +1 -0
- package/dist/test/codec/proposalOrRefType.test.d.ts +1 -0
- package/dist/test/codec/proposalOrRefType.test.js +12 -0
- package/dist/test/codec/proposalOrRefType.test.js.map +1 -0
- package/dist/test/codec/proposalType.test.d.ts +1 -0
- package/dist/test/codec/proposalType.test.js +12 -0
- package/dist/test/codec/proposalType.test.js.map +1 -0
- package/dist/test/codec/protocolVersion.test.d.ts +1 -0
- package/dist/test/codec/protocolVersion.test.js +9 -0
- package/dist/test/codec/protocolVersion.test.js.map +1 -0
- package/dist/test/codec/pskId.test.d.ts +1 -0
- package/dist/test/codec/pskId.test.js +18 -0
- package/dist/test/codec/pskId.test.js.map +1 -0
- package/dist/test/codec/pskInfo.test.d.ts +1 -0
- package/dist/test/codec/pskInfo.test.js +12 -0
- package/dist/test/codec/pskInfo.test.js.map +1 -0
- package/dist/test/codec/pskLabel.test.d.ts +1 -0
- package/dist/test/codec/pskLabel.test.js +26 -0
- package/dist/test/codec/pskLabel.test.js.map +1 -0
- package/dist/test/codec/pskType.test.d.ts +1 -0
- package/dist/test/codec/pskType.test.js +12 -0
- package/dist/test/codec/pskType.test.js.map +1 -0
- package/dist/test/codec/publicMessage.test.d.ts +1 -0
- package/dist/test/codec/publicMessage.test.js +39 -0
- package/dist/test/codec/publicMessage.test.js.map +1 -0
- package/dist/test/codec/ratchetTree.test.d.ts +1 -0
- package/dist/test/codec/ratchetTree.test.js +83 -0
- package/dist/test/codec/ratchetTree.test.js.map +1 -0
- package/dist/test/codec/requiredCapabilities.test.d.ts +1 -0
- package/dist/test/codec/requiredCapabilities.test.js +30 -0
- package/dist/test/codec/requiredCapabilities.test.js.map +1 -0
- package/dist/test/codec/resumptionPSKUsage.test.d.ts +1 -0
- package/dist/test/codec/resumptionPSKUsage.test.js +15 -0
- package/dist/test/codec/resumptionPSKUsage.test.js.map +1 -0
- package/dist/test/codec/reuseGuard.test.d.ts +1 -0
- package/dist/test/codec/reuseGuard.test.js +9 -0
- package/dist/test/codec/reuseGuard.test.js.map +1 -0
- package/dist/test/codec/roundtrip.d.ts +3 -0
- package/dist/test/codec/roundtrip.js +8 -0
- package/dist/test/codec/roundtrip.js.map +1 -0
- package/dist/test/codec/sender.test.d.ts +1 -0
- package/dist/test/codec/sender.test.js +18 -0
- package/dist/test/codec/sender.test.js.map +1 -0
- package/dist/test/codec/senderData.test.d.ts +1 -0
- package/dist/test/codec/senderData.test.js +12 -0
- package/dist/test/codec/senderData.test.js.map +1 -0
- package/dist/test/codec/senderDataAAD.test.d.ts +1 -0
- package/dist/test/codec/senderDataAAD.test.js +12 -0
- package/dist/test/codec/senderDataAAD.test.js.map +1 -0
- package/dist/test/codec/senderType.test.d.ts +1 -0
- package/dist/test/codec/senderType.test.js +18 -0
- package/dist/test/codec/senderType.test.js.map +1 -0
- package/dist/test/codec/transcriptHash.test.d.ts +1 -0
- package/dist/test/codec/transcriptHash.test.js +38 -0
- package/dist/test/codec/transcriptHash.test.js.map +1 -0
- package/dist/test/codec/treeHash.test.d.ts +1 -0
- package/dist/test/codec/treeHash.test.js +17 -0
- package/dist/test/codec/treeHash.test.js.map +1 -0
- package/dist/test/codec/updatePath.test.d.ts +1 -0
- package/dist/test/codec/updatePath.test.js +81 -0
- package/dist/test/codec/updatePath.test.js.map +1 -0
- package/dist/test/codec/updatePathNode.test.d.ts +1 -0
- package/dist/test/codec/updatePathNode.test.js +23 -0
- package/dist/test/codec/updatePathNode.test.js.map +1 -0
- package/dist/test/codec/varLengthEncoding.test.d.ts +1 -0
- package/dist/test/codec/varLengthEncoding.test.js +90 -0
- package/dist/test/codec/varLengthEncoding.test.js.map +1 -0
- package/dist/test/codec/welcome.test.d.ts +1 -0
- package/dist/test/codec/welcome.test.js +25 -0
- package/dist/test/codec/welcome.test.js.map +1 -0
- package/dist/test/codec/wireformat.test.d.ts +1 -0
- package/dist/test/codec/wireformat.test.js +21 -0
- package/dist/test/codec/wireformat.test.js.map +1 -0
- package/dist/test/crypto/aead.test.d.ts +1 -0
- package/dist/test/crypto/aead.test.js +44 -0
- package/dist/test/crypto/aead.test.js.map +1 -0
- package/dist/test/crypto/hpke.test.d.ts +1 -0
- package/dist/test/crypto/hpke.test.js +58 -0
- package/dist/test/crypto/hpke.test.js.map +1 -0
- package/dist/test/crypto/keyMatch.d.ts +7 -0
- package/dist/test/crypto/keyMatch.js +22 -0
- package/dist/test/crypto/keyMatch.js.map +1 -0
- package/dist/test/extensionsEqual.test.d.ts +1 -0
- package/dist/test/extensionsEqual.test.js +51 -0
- package/dist/test/extensionsEqual.test.js.map +1 -0
- package/dist/test/groupinfo.test.d.ts +1 -0
- package/dist/test/groupinfo.test.js +40 -0
- package/dist/test/groupinfo.test.js.map +1 -0
- package/dist/test/scenario/common.d.ts +8 -0
- package/dist/test/scenario/common.js +41 -0
- package/dist/test/scenario/common.js.map +1 -0
- package/dist/test/scenario/customExtensions.test.d.ts +1 -0
- package/dist/test/scenario/customExtensions.test.js +56 -0
- package/dist/test/scenario/customExtensions.test.js.map +1 -0
- package/dist/test/scenario/customProposal.test.d.ts +1 -0
- package/dist/test/scenario/customProposal.test.js +71 -0
- package/dist/test/scenario/customProposal.test.js.map +1 -0
- package/dist/test/scenario/epochOutOfOrder.test.d.ts +1 -0
- package/dist/test/scenario/epochOutOfOrder.test.js +162 -0
- package/dist/test/scenario/epochOutOfOrder.test.js.map +1 -0
- package/dist/test/scenario/externalAddProposal.test.d.ts +1 -0
- package/dist/test/scenario/externalAddProposal.test.js +69 -0
- package/dist/test/scenario/externalAddProposal.test.js.map +1 -0
- package/dist/test/scenario/externalJoin.test.d.ts +1 -0
- package/dist/test/scenario/externalJoin.test.js +51 -0
- package/dist/test/scenario/externalJoin.test.js.map +1 -0
- package/dist/test/scenario/externalJoinResync.test.d.ts +1 -0
- package/dist/test/scenario/externalJoinResync.test.js +59 -0
- package/dist/test/scenario/externalJoinResync.test.js.map +1 -0
- package/dist/test/scenario/externalProposal.test.d.ts +1 -0
- package/dist/test/scenario/externalProposal.test.js +69 -0
- package/dist/test/scenario/externalProposal.test.js.map +1 -0
- package/dist/test/scenario/externalPsk.test.d.ts +1 -0
- package/dist/test/scenario/externalPsk.test.js +73 -0
- package/dist/test/scenario/externalPsk.test.js.map +1 -0
- package/dist/test/scenario/externalPskJoin.test.d.ts +1 -0
- package/dist/test/scenario/externalPskJoin.test.js +51 -0
- package/dist/test/scenario/externalPskJoin.test.js.map +1 -0
- package/dist/test/scenario/generationOutOfOrder.test.d.ts +1 -0
- package/dist/test/scenario/generationOutOfOrder.test.js +111 -0
- package/dist/test/scenario/generationOutOfOrder.test.js.map +1 -0
- package/dist/test/scenario/grease.test.d.ts +1 -0
- package/dist/test/scenario/grease.test.js +44 -0
- package/dist/test/scenario/grease.test.js.map +1 -0
- package/dist/test/scenario/largeGroupFullLifecycle.test.d.ts +1 -0
- package/dist/test/scenario/largeGroupFullLifecycle.test.js +127 -0
- package/dist/test/scenario/largeGroupFullLifecycle.test.js.map +1 -0
- package/dist/test/scenario/leaveProposal.test.d.ts +1 -0
- package/dist/test/scenario/leaveProposal.test.js +77 -0
- package/dist/test/scenario/leaveProposal.test.js.map +1 -0
- package/dist/test/scenario/multipleJoinsAtOnce.test.d.ts +1 -0
- package/dist/test/scenario/multipleJoinsAtOnce.test.js +48 -0
- package/dist/test/scenario/multipleJoinsAtOnce.test.js.map +1 -0
- package/dist/test/scenario/oneToOneJoin.test.d.ts +1 -0
- package/dist/test/scenario/oneToOneJoin.test.js +98 -0
- package/dist/test/scenario/oneToOneJoin.test.js.map +1 -0
- package/dist/test/scenario/ratchetTreeExtension.test.d.ts +1 -0
- package/dist/test/scenario/ratchetTreeExtension.test.js +48 -0
- package/dist/test/scenario/ratchetTreeExtension.test.js.map +1 -0
- package/dist/test/scenario/reinit.test.d.ts +1 -0
- package/dist/test/scenario/reinit.test.js +57 -0
- package/dist/test/scenario/reinit.test.js.map +1 -0
- package/dist/test/scenario/rejectIncomingMessage.test.d.ts +1 -0
- package/dist/test/scenario/rejectIncomingMessage.test.js +67 -0
- package/dist/test/scenario/rejectIncomingMessage.test.js.map +1 -0
- package/dist/test/scenario/remove.test.d.ts +1 -0
- package/dist/test/scenario/remove.test.js +68 -0
- package/dist/test/scenario/remove.test.js.map +1 -0
- package/dist/test/scenario/requiredCapabilites.test.d.ts +1 -0
- package/dist/test/scenario/requiredCapabilites.test.js +65 -0
- package/dist/test/scenario/requiredCapabilites.test.js.map +1 -0
- package/dist/test/scenario/resumption.test.d.ts +1 -0
- package/dist/test/scenario/resumption.test.js +43 -0
- package/dist/test/scenario/resumption.test.js.map +1 -0
- package/dist/test/scenario/threePartyJoin.test.d.ts +1 -0
- package/dist/test/scenario/threePartyJoin.test.js +56 -0
- package/dist/test/scenario/threePartyJoin.test.js.map +1 -0
- package/dist/test/scenario/update.test.d.ts +1 -0
- package/dist/test/scenario/update.test.js +50 -0
- package/dist/test/scenario/update.test.js.map +1 -0
- package/dist/test/test-vectors/cryptoBasics.test.d.ts +1 -0
- package/dist/test/test-vectors/cryptoBasics.test.js +60 -0
- package/dist/test/test-vectors/cryptoBasics.test.js.map +1 -0
- package/dist/test/test-vectors/deserialization.test.d.ts +1 -0
- package/dist/test/test-vectors/deserialization.test.js +13 -0
- package/dist/test/test-vectors/deserialization.test.js.map +1 -0
- package/dist/test/test-vectors/keySchedule.test.d.ts +1 -0
- package/dist/test/test-vectors/keySchedule.test.js +48 -0
- package/dist/test/test-vectors/keySchedule.test.js.map +1 -0
- package/dist/test/test-vectors/messageProtection.test.d.ts +1 -0
- package/dist/test/test-vectors/messageProtection.test.js +215 -0
- package/dist/test/test-vectors/messageProtection.test.js.map +1 -0
- package/dist/test/test-vectors/messages.test.d.ts +1 -0
- package/dist/test/test-vectors/messages.test.js +136 -0
- package/dist/test/test-vectors/messages.test.js.map +1 -0
- package/dist/test/test-vectors/passiveClientScenarios.test.d.ts +1 -0
- package/dist/test/test-vectors/passiveClientScenarios.test.js +86 -0
- package/dist/test/test-vectors/passiveClientScenarios.test.js.map +1 -0
- package/dist/test/test-vectors/pskSecret.test.d.ts +1 -0
- package/dist/test/test-vectors/pskSecret.test.js +18 -0
- package/dist/test/test-vectors/pskSecret.test.js.map +1 -0
- package/dist/test/test-vectors/secretTree.test.d.ts +1 -0
- package/dist/test/test-vectors/secretTree.test.js +48 -0
- package/dist/test/test-vectors/secretTree.test.js.map +1 -0
- package/dist/test/test-vectors/transcriptHashes.test.d.ts +1 -0
- package/dist/test/test-vectors/transcriptHashes.test.js +26 -0
- package/dist/test/test-vectors/transcriptHashes.test.js.map +1 -0
- package/dist/test/test-vectors/treeOperations.test.d.ts +1 -0
- package/dist/test/test-vectors/treeOperations.test.js +45 -0
- package/dist/test/test-vectors/treeOperations.test.js.map +1 -0
- package/dist/test/test-vectors/treeValidation.test.d.ts +1 -0
- package/dist/test/test-vectors/treeValidation.test.js +36 -0
- package/dist/test/test-vectors/treeValidation.test.js.map +1 -0
- package/dist/test/test-vectors/treekem.test.d.ts +1 -0
- package/dist/test/test-vectors/treekem.test.js +100 -0
- package/dist/test/test-vectors/treekem.test.js.map +1 -0
- package/dist/test/test-vectors/treemath.test.d.ts +1 -0
- package/dist/test/test-vectors/treemath.test.js +55 -0
- package/dist/test/test-vectors/treemath.test.js.map +1 -0
- package/dist/test/test-vectors/welcome.test.d.ts +1 -0
- package/dist/test/test-vectors/welcome.test.js +40 -0
- package/dist/test/test-vectors/welcome.test.js.map +1 -0
- package/dist/test/validation/proposalValidation.test.d.ts +1 -0
- package/dist/test/validation/proposalValidation.test.js +231 -0
- package/dist/test/validation/proposalValidation.test.js.map +1 -0
- package/dist/test/validation/ratchetTreeValidation.test.d.ts +1 -0
- package/dist/test/validation/ratchetTreeValidation.test.js +51 -0
- package/dist/test/validation/ratchetTreeValidation.test.js.map +1 -0
- package/dist/test/validation/resumptionValidation.test.d.ts +1 -0
- package/dist/test/validation/resumptionValidation.test.js +79 -0
- package/dist/test/validation/resumptionValidation.test.js.map +1 -0
- package/dist/test_vectors/crypto-basics.json +303 -0
- package/dist/test_vectors/deserialization.json +58 -0
- package/dist/test_vectors/key-schedule.json +926 -0
- package/dist/test_vectors/message-protection.json +142 -0
- package/dist/test_vectors/messages.json +5702 -0
- package/dist/test_vectors/passive-client-handling-commit.json +2683 -0
- package/dist/test_vectors/passive-client-random.json +2657 -0
- package/dist/test_vectors/passive-client-welcome.json +814 -0
- package/dist/test_vectors/psk_secret.json +2382 -0
- package/dist/test_vectors/secret-tree.json +4846 -0
- package/dist/test_vectors/transcript-hashes.json +58 -0
- package/dist/test_vectors/tree-math.json +8156 -0
- package/dist/test_vectors/tree-operations.json +47 -0
- package/dist/test_vectors/tree-validation.json +6204 -0
- package/dist/test_vectors/treekem.json +14859 -0
- package/dist/test_vectors/welcome.json +51 -0
- package/package.json +108 -0
|
@@ -0,0 +1,99 @@
|
|
|
1
|
+
import { createMembershipTag, verifyMembershipTag, } from "./authenticatedContent";
|
|
2
|
+
import { signFramedContentApplicationOrProposal, toTbs, verifyFramedContentSignature, } from "./framedContent";
|
|
3
|
+
import { CryptoVerificationError, UsageError } from "./mlsError";
|
|
4
|
+
import { findSignaturePublicKey } from "./publicMessage";
|
|
5
|
+
export async function protectProposalPublic(signKey, membershipKey, groupContext, authenticatedData, proposal, leafIndex, cs) {
|
|
6
|
+
const framedContent = {
|
|
7
|
+
groupId: groupContext.groupId,
|
|
8
|
+
epoch: groupContext.epoch,
|
|
9
|
+
sender: { senderType: "member", leafIndex },
|
|
10
|
+
contentType: "proposal",
|
|
11
|
+
authenticatedData,
|
|
12
|
+
proposal,
|
|
13
|
+
};
|
|
14
|
+
const tbs = {
|
|
15
|
+
protocolVersion: groupContext.version,
|
|
16
|
+
wireformat: "mls_public_message",
|
|
17
|
+
content: framedContent,
|
|
18
|
+
senderType: "member",
|
|
19
|
+
context: groupContext,
|
|
20
|
+
};
|
|
21
|
+
const auth = await signFramedContentApplicationOrProposal(signKey, tbs, cs);
|
|
22
|
+
const authenticatedContent = {
|
|
23
|
+
wireformat: "mls_public_message",
|
|
24
|
+
content: framedContent,
|
|
25
|
+
auth,
|
|
26
|
+
};
|
|
27
|
+
const msg = await protectPublicMessage(membershipKey, groupContext, authenticatedContent, cs);
|
|
28
|
+
return { publicMessage: msg };
|
|
29
|
+
}
|
|
30
|
+
export async function protectExternalProposalPublic(signKey, groupContext, authenticatedData, proposal, sender, cs) {
|
|
31
|
+
const framedContent = {
|
|
32
|
+
groupId: groupContext.groupId,
|
|
33
|
+
epoch: groupContext.epoch,
|
|
34
|
+
sender,
|
|
35
|
+
contentType: "proposal",
|
|
36
|
+
authenticatedData,
|
|
37
|
+
proposal,
|
|
38
|
+
};
|
|
39
|
+
const tbs = {
|
|
40
|
+
protocolVersion: groupContext.version,
|
|
41
|
+
wireformat: "mls_public_message",
|
|
42
|
+
content: framedContent,
|
|
43
|
+
senderType: sender.senderType,
|
|
44
|
+
context: groupContext,
|
|
45
|
+
};
|
|
46
|
+
const auth = await signFramedContentApplicationOrProposal(signKey, tbs, cs);
|
|
47
|
+
const msg = {
|
|
48
|
+
content: framedContent,
|
|
49
|
+
auth,
|
|
50
|
+
senderType: sender.senderType,
|
|
51
|
+
};
|
|
52
|
+
return { publicMessage: msg };
|
|
53
|
+
}
|
|
54
|
+
export async function protectPublicMessage(membershipKey, groupContext, content, cs) {
|
|
55
|
+
if (content.content.contentType === "application")
|
|
56
|
+
throw new UsageError("Can't make an application message public");
|
|
57
|
+
if (content.content.sender.senderType == "member") {
|
|
58
|
+
const authenticatedContent = {
|
|
59
|
+
contentTbs: toTbs(content.content, "mls_public_message", groupContext),
|
|
60
|
+
auth: content.auth,
|
|
61
|
+
};
|
|
62
|
+
const tag = await createMembershipTag(membershipKey, authenticatedContent, cs.hash);
|
|
63
|
+
return {
|
|
64
|
+
content: content.content,
|
|
65
|
+
auth: content.auth,
|
|
66
|
+
senderType: "member",
|
|
67
|
+
membershipTag: tag,
|
|
68
|
+
};
|
|
69
|
+
}
|
|
70
|
+
return {
|
|
71
|
+
content: content.content,
|
|
72
|
+
auth: content.auth,
|
|
73
|
+
senderType: content.content.sender.senderType,
|
|
74
|
+
};
|
|
75
|
+
}
|
|
76
|
+
export async function unprotectPublicMessage(membershipKey, groupContext, ratchetTree, msg, cs, overrideSignatureKey) {
|
|
77
|
+
if (msg.content.contentType === "application")
|
|
78
|
+
throw new UsageError("Can't make an application message public");
|
|
79
|
+
if (msg.senderType === "member") {
|
|
80
|
+
const authenticatedContent = {
|
|
81
|
+
contentTbs: toTbs(msg.content, "mls_public_message", groupContext),
|
|
82
|
+
auth: msg.auth,
|
|
83
|
+
};
|
|
84
|
+
if (!(await verifyMembershipTag(membershipKey, authenticatedContent, msg.membershipTag, cs.hash)))
|
|
85
|
+
throw new CryptoVerificationError("Could not verify membership");
|
|
86
|
+
}
|
|
87
|
+
const signaturePublicKey = overrideSignatureKey !== undefined
|
|
88
|
+
? overrideSignatureKey
|
|
89
|
+
: findSignaturePublicKey(ratchetTree, groupContext, msg.content);
|
|
90
|
+
const signatureValid = await verifyFramedContentSignature(signaturePublicKey, "mls_public_message", msg.content, msg.auth, groupContext, cs.signature);
|
|
91
|
+
if (!signatureValid)
|
|
92
|
+
throw new CryptoVerificationError("Signature invalid");
|
|
93
|
+
return {
|
|
94
|
+
wireformat: "mls_public_message",
|
|
95
|
+
content: msg.content,
|
|
96
|
+
auth: msg.auth,
|
|
97
|
+
};
|
|
98
|
+
}
|
|
99
|
+
//# sourceMappingURL=messageProtectionPublic.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"messageProtectionPublic.js","sourceRoot":"","sources":["../../src/messageProtectionPublic.ts"],"names":[],"mappings":"AAAA,OAAO,EAIL,mBAAmB,EACnB,mBAAmB,GACpB,MAAM,wBAAwB,CAAA;AAE/B,OAAO,EAEL,sCAAsC,EACtC,KAAK,EACL,4BAA4B,GAC7B,MAAM,iBAAiB,CAAA;AAExB,OAAO,EAAE,uBAAuB,EAAE,UAAU,EAAE,MAAM,YAAY,CAAA;AAEhE,OAAO,EAAyB,sBAAsB,EAAiB,MAAM,iBAAiB,CAAA;AAM9F,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,OAAmB,EACnB,aAAyB,EACzB,YAA0B,EAC1B,iBAA6B,EAC7B,QAAkB,EAClB,SAAiB,EACjB,EAAmB;IAEnB,MAAM,aAAa,GAAkB;QACnC,OAAO,EAAE,YAAY,CAAC,OAAO;QAC7B,KAAK,EAAE,YAAY,CAAC,KAAK;QACzB,MAAM,EAAE,EAAE,UAAU,EAAE,QAAQ,EAAE,SAAS,EAAE;QAC3C,WAAW,EAAE,UAAU;QACvB,iBAAiB;QACjB,QAAQ;KACT,CAAA;IAED,MAAM,GAAG,GAAG;QACV,eAAe,EAAE,YAAY,CAAC,OAAO;QACrC,UAAU,EAAE,oBAAoB;QAChC,OAAO,EAAE,aAAa;QACtB,UAAU,EAAE,QAAQ;QACpB,OAAO,EAAE,YAAY;KACb,CAAA;IAEV,MAAM,IAAI,GAAG,MAAM,sCAAsC,CAAC,OAAO,EAAE,GAAG,EAAE,EAAE,CAAC,CAAA;IAE3E,MAAM,oBAAoB,GAAyB;QACjD,UAAU,EAAE,oBAAoB;QAChC,OAAO,EAAE,aAAa;QACtB,IAAI;KACL,CAAA;IAED,MAAM,GAAG,GAAG,MAAM,oBAAoB,CAAC,aAAa,EAAE,YAAY,EAAE,oBAAoB,EAAE,EAAE,CAAC,CAAA;IAE7F,OAAO,EAAE,aAAa,EAAE,GAAG,EAAE,CAAA;AAC/B,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,6BAA6B,CACjD,OAAmB,EACnB,YAA0B,EAC1B,iBAA6B,EAC7B,QAAkB,EAClB,MAAuB,EACvB,EAAmB;IAEnB,MAAM,aAAa,GAAkB;QACnC,OAAO,EAAE,YAAY,CAAC,OAAO;QAC7B,KAAK,EAAE,YAAY,CAAC,KAAK;QACzB,MAAM;QACN,WAAW,EAAE,UAAU;QACvB,iBAAiB;QACjB,QAAQ;KACT,CAAA;IAED,MAAM,GAAG,GAAG;QACV,eAAe,EAAE,YAAY,CAAC,OAAO;QACrC,UAAU,EAAE,oBAAoB;QAChC,OAAO,EAAE,aAAa;QACtB,UAAU,EAAE,MAAM,CAAC,UAAU;QAC7B,OAAO,EAAE,YAAY;KACb,CAAA;IAEV,MAAM,IAAI,GAAG,MAAM,sCAAsC,CAAC,OAAO,EAAE,GAAG,EAAE,EAAE,CAAC,CAAA;IAE3E,MAAM,GAAG,GAA0B;QACjC,OAAO,EAAE,aAAa;QACtB,IAAI;QACJ,UAAU,EAAE,MAAM,CAAC,UAAU;KAC9B,CAAA;IAED,OAAO,EAAE,aAAa,EAAE,GAAG,EAAE,CAAA;AAC/B,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,aAAyB,EACzB,YAA0B,EAC1B,OAA6B,EAC7B,EAAmB;IAEnB,IAAI,OAAO,CAAC,OAAO,CAAC,WAAW,KAAK,aAAa;QAAE,MAAM,IAAI,UAAU,CAAC,0CAA0C,CAAC,CAAA;IAEnH,IAAI,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,IAAI,QAAQ,EAAE,CAAC;QAClD,MAAM,oBAAoB,GAA4B;YACpD,UAAU,EAAE,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE,oBAAoB,EAAE,YAAY,CAAC;YACtE,IAAI,EAAE,OAAO,CAAC,IAAI;SACnB,CAAA;QAED,MAAM,GAAG,GAAG,MAAM,mBAAmB,CAAC,aAAa,EAAE,oBAAoB,EAAE,EAAE,CAAC,IAAI,CAAC,CAAA;QACnF,OAAO;YACL,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,IAAI,EAAE,OAAO,CAAC,IAAI;YAClB,UAAU,EAAE,QAAQ;YACpB,aAAa,EAAE,GAAG;SACnB,CAAA;IACH,CAAC;IAED,OAAO;QACL,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,IAAI,EAAE,OAAO,CAAC,IAAI;QAClB,UAAU,EAAE,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU;KAC9C,CAAA;AACH,CAAC;AAID,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAC1C,aAAyB,EACzB,YAA0B,EAC1B,WAAwB,EACxB,GAAkB,EAClB,EAAmB,EACnB,oBAAiC;IAEjC,IAAI,GAAG,CAAC,OAAO,CAAC,WAAW,KAAK,aAAa;QAAE,MAAM,IAAI,UAAU,CAAC,0CAA0C,CAAC,CAAA;IAE/G,IAAI,GAAG,CAAC,UAAU,KAAK,QAAQ,EAAE,CAAC;QAChC,MAAM,oBAAoB,GAA4B;YACpD,UAAU,EAAE,KAAK,CAAC,GAAG,CAAC,OAAO,EAAE,oBAAoB,EAAE,YAAY,CAAC;YAClE,IAAI,EAAE,GAAG,CAAC,IAAI;SACf,CAAA;QAED,IAAI,CAAC,CAAC,MAAM,mBAAmB,CAAC,aAAa,EAAE,oBAAoB,EAAE,GAAG,CAAC,aAAa,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC;YAC/F,MAAM,IAAI,uBAAuB,CAAC,6BAA6B,CAAC,CAAA;IACpE,CAAC;IAED,MAAM,kBAAkB,GACtB,oBAAoB,KAAK,SAAS;QAChC,CAAC,CAAC,oBAAoB;QACtB,CAAC,CAAC,sBAAsB,CAAC,WAAW,EAAE,YAAY,EAAE,GAAG,CAAC,OAAO,CAAC,CAAA;IAEpE,MAAM,cAAc,GAAG,MAAM,4BAA4B,CACvD,kBAAkB,EAClB,oBAAoB,EACpB,GAAG,CAAC,OAAO,EACX,GAAG,CAAC,IAAI,EACR,YAAY,EACZ,EAAE,CAAC,SAAS,CACb,CAAA;IAED,IAAI,CAAC,cAAc;QAAE,MAAM,IAAI,uBAAuB,CAAC,mBAAmB,CAAC,CAAA;IAE3E,OAAO;QACL,UAAU,EAAE,oBAAoB;QAChC,OAAO,EAAE,GAAG,CAAC,OAAO;QACpB,IAAI,EAAE,GAAG,CAAC,IAAI;KACf,CAAA;AACH,CAAC"}
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
export declare class MlsError extends Error {
|
|
2
|
+
constructor(message: string);
|
|
3
|
+
}
|
|
4
|
+
export declare class ValidationError extends MlsError {
|
|
5
|
+
constructor(message: string);
|
|
6
|
+
}
|
|
7
|
+
export declare class CodecError extends MlsError {
|
|
8
|
+
constructor(message: string);
|
|
9
|
+
}
|
|
10
|
+
export declare class UsageError extends MlsError {
|
|
11
|
+
constructor(message: string);
|
|
12
|
+
}
|
|
13
|
+
export declare class DependencyError extends MlsError {
|
|
14
|
+
constructor(message: string);
|
|
15
|
+
}
|
|
16
|
+
export declare class CryptoVerificationError extends MlsError {
|
|
17
|
+
constructor(message: string);
|
|
18
|
+
}
|
|
19
|
+
export declare class CryptoError extends MlsError {
|
|
20
|
+
constructor(message: string);
|
|
21
|
+
}
|
|
22
|
+
export declare class InternalError extends MlsError {
|
|
23
|
+
constructor(message: string);
|
|
24
|
+
}
|
|
@@ -0,0 +1,49 @@
|
|
|
1
|
+
export class MlsError extends Error {
|
|
2
|
+
constructor(message) {
|
|
3
|
+
super(message);
|
|
4
|
+
this.name = "MlsError";
|
|
5
|
+
}
|
|
6
|
+
}
|
|
7
|
+
export class ValidationError extends MlsError {
|
|
8
|
+
constructor(message) {
|
|
9
|
+
super(message);
|
|
10
|
+
this.name = "ValidationError";
|
|
11
|
+
}
|
|
12
|
+
}
|
|
13
|
+
export class CodecError extends MlsError {
|
|
14
|
+
constructor(message) {
|
|
15
|
+
super(message);
|
|
16
|
+
this.name = "CodecError";
|
|
17
|
+
}
|
|
18
|
+
}
|
|
19
|
+
export class UsageError extends MlsError {
|
|
20
|
+
constructor(message) {
|
|
21
|
+
super(message);
|
|
22
|
+
this.name = "UsageError";
|
|
23
|
+
}
|
|
24
|
+
}
|
|
25
|
+
export class DependencyError extends MlsError {
|
|
26
|
+
constructor(message) {
|
|
27
|
+
super(message);
|
|
28
|
+
this.name = "DependencyError";
|
|
29
|
+
}
|
|
30
|
+
}
|
|
31
|
+
export class CryptoVerificationError extends MlsError {
|
|
32
|
+
constructor(message) {
|
|
33
|
+
super(message);
|
|
34
|
+
this.name = "CryptoVerificationError";
|
|
35
|
+
}
|
|
36
|
+
}
|
|
37
|
+
export class CryptoError extends MlsError {
|
|
38
|
+
constructor(message) {
|
|
39
|
+
super(message);
|
|
40
|
+
this.name = "CryptoError";
|
|
41
|
+
}
|
|
42
|
+
}
|
|
43
|
+
export class InternalError extends MlsError {
|
|
44
|
+
constructor(message) {
|
|
45
|
+
super(`This error should never occur, if you see this please submit a bug report. Message: ${message}`);
|
|
46
|
+
this.name = "InternalError";
|
|
47
|
+
}
|
|
48
|
+
}
|
|
49
|
+
//# sourceMappingURL=mlsError.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"mlsError.js","sourceRoot":"","sources":["../../src/mlsError.ts"],"names":[],"mappings":"AAAA,MAAM,OAAO,QAAS,SAAQ,KAAK;IACjC,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAA;QACd,IAAI,CAAC,IAAI,GAAG,UAAU,CAAA;IACxB,CAAC;CACF;AAED,MAAM,OAAO,eAAgB,SAAQ,QAAQ;IAC3C,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAA;QACd,IAAI,CAAC,IAAI,GAAG,iBAAiB,CAAA;IAC/B,CAAC;CACF;AAED,MAAM,OAAO,UAAW,SAAQ,QAAQ;IACtC,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAA;QACd,IAAI,CAAC,IAAI,GAAG,YAAY,CAAA;IAC1B,CAAC;CACF;AAED,MAAM,OAAO,UAAW,SAAQ,QAAQ;IACtC,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAA;QACd,IAAI,CAAC,IAAI,GAAG,YAAY,CAAA;IAC1B,CAAC;CACF;AAED,MAAM,OAAO,eAAgB,SAAQ,QAAQ;IAC3C,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAA;QACd,IAAI,CAAC,IAAI,GAAG,iBAAiB,CAAA;IAC/B,CAAC;CACF;AAED,MAAM,OAAO,uBAAwB,SAAQ,QAAQ;IACnD,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAA;QACd,IAAI,CAAC,IAAI,GAAG,yBAAyB,CAAA;IACvC,CAAC;CACF;AAED,MAAM,OAAO,WAAY,SAAQ,QAAQ;IACvC,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAA;QACd,IAAI,CAAC,IAAI,GAAG,aAAa,CAAA;IAC3B,CAAC;CACF;AAED,MAAM,OAAO,aAAc,SAAQ,QAAQ;IACzC,YAAY,OAAe;QACzB,KAAK,CAAC,uFAAuF,OAAO,EAAE,CAAC,CAAA;QACvG,IAAI,CAAC,IAAI,GAAG,eAAe,CAAA;IAC7B,CAAC;CACF"}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
import { Decoder } from "./codec/tlsDecoder";
|
|
2
|
+
import { Encoder } from "./codec/tlsEncoder";
|
|
3
|
+
declare const nodeTypes: {
|
|
4
|
+
readonly leaf: 1;
|
|
5
|
+
readonly parent: 2;
|
|
6
|
+
};
|
|
7
|
+
export type NodeTypeName = keyof typeof nodeTypes;
|
|
8
|
+
export type NodeTypeValue = (typeof nodeTypes)[NodeTypeName];
|
|
9
|
+
export declare const encodeNodeType: Encoder<NodeTypeName>;
|
|
10
|
+
export declare const decodeNodeType: Decoder<NodeTypeName>;
|
|
11
|
+
export {};
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
import { decodeUint8, encodeUint8 } from "./codec/number";
|
|
2
|
+
import { mapDecoderOption } from "./codec/tlsDecoder";
|
|
3
|
+
import { contramapEncoder } from "./codec/tlsEncoder";
|
|
4
|
+
import { enumNumberToKey } from "./util/enumHelpers";
|
|
5
|
+
const nodeTypes = {
|
|
6
|
+
leaf: 1,
|
|
7
|
+
parent: 2,
|
|
8
|
+
};
|
|
9
|
+
export const encodeNodeType = contramapEncoder(encodeUint8, (t) => nodeTypes[t]);
|
|
10
|
+
export const decodeNodeType = mapDecoderOption(decodeUint8, enumNumberToKey(nodeTypes));
|
|
11
|
+
//# sourceMappingURL=nodeType.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"nodeType.js","sourceRoot":"","sources":["../../src/nodeType.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAA;AACzD,OAAO,EAAW,gBAAgB,EAAE,MAAM,oBAAoB,CAAA;AAC9D,OAAO,EAAE,gBAAgB,EAAW,MAAM,oBAAoB,CAAA;AAC9D,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAA;AAEpD,MAAM,SAAS,GAAG;IAChB,IAAI,EAAE,CAAC;IACP,MAAM,EAAE,CAAC;CACD,CAAA;AAKV,MAAM,CAAC,MAAM,cAAc,GAA0B,gBAAgB,CAAC,WAAW,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAA;AAEvG,MAAM,CAAC,MAAM,cAAc,GAA0B,gBAAgB,CAAC,WAAW,EAAE,eAAe,CAAC,SAAS,CAAC,CAAC,CAAA"}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
export type PaddingConfig = {
|
|
2
|
+
kind: "padUntilLength";
|
|
3
|
+
padUntilLength: number;
|
|
4
|
+
} | {
|
|
5
|
+
kind: "alwaysPad";
|
|
6
|
+
paddingLength: number;
|
|
7
|
+
};
|
|
8
|
+
export declare const defaultPaddingConfig: PaddingConfig;
|
|
9
|
+
export declare function byteLengthToPad(encodedLength: number, config: PaddingConfig): number;
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
export const defaultPaddingConfig = { kind: "padUntilLength", padUntilLength: 256 };
|
|
2
|
+
export function byteLengthToPad(encodedLength, config) {
|
|
3
|
+
if (config.kind === "alwaysPad")
|
|
4
|
+
return config.paddingLength;
|
|
5
|
+
else
|
|
6
|
+
return encodedLength >= config.padUntilLength ? 0 : config.padUntilLength - encodedLength;
|
|
7
|
+
}
|
|
8
|
+
//# sourceMappingURL=paddingConfig.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"paddingConfig.js","sourceRoot":"","sources":["../../src/paddingConfig.ts"],"names":[],"mappings":"AAIA,MAAM,CAAC,MAAM,oBAAoB,GAAkB,EAAE,IAAI,EAAE,gBAAgB,EAAE,cAAc,EAAE,GAAG,EAAE,CAAA;AAElG,MAAM,UAAU,eAAe,CAAC,aAAqB,EAAE,MAAqB;IAC1E,IAAI,MAAM,CAAC,IAAI,KAAK,WAAW;QAAE,OAAO,MAAM,CAAC,aAAa,CAAA;;QACvD,OAAO,aAAa,IAAI,MAAM,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,cAAc,GAAG,aAAa,CAAA;AAChG,CAAC"}
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
import { Decoder } from "./codec/tlsDecoder";
|
|
2
|
+
import { Encoder } from "./codec/tlsEncoder";
|
|
3
|
+
import { Hash } from "./crypto/hash";
|
|
4
|
+
import { RatchetTree } from "./ratchetTree";
|
|
5
|
+
export type ParentHashInput = {
|
|
6
|
+
encryptionKey: Uint8Array;
|
|
7
|
+
parentHash: Uint8Array;
|
|
8
|
+
originalSiblingTreeHash: Uint8Array;
|
|
9
|
+
};
|
|
10
|
+
export declare const encodeParentHashInput: Encoder<ParentHashInput>;
|
|
11
|
+
export declare const decodeParentHashInput: Decoder<ParentHashInput>;
|
|
12
|
+
export declare function verifyParentHashes(tree: RatchetTree, h: Hash): Promise<boolean>;
|
|
13
|
+
/**
|
|
14
|
+
* Calculcates parent hash for a given node or leaf and returns the node index of the parent or undefined if the given node is the root node.
|
|
15
|
+
*/
|
|
16
|
+
export declare function calculateParentHash(tree: RatchetTree, nodeIndex: number, h: Hash): Promise<[Uint8Array, number | undefined]>;
|
|
@@ -0,0 +1,103 @@
|
|
|
1
|
+
import { mapDecoders } from "./codec/tlsDecoder";
|
|
2
|
+
import { contramapEncoders } from "./codec/tlsEncoder";
|
|
3
|
+
import { decodeVarLenData, encodeVarLenData } from "./codec/variableLength";
|
|
4
|
+
import { InternalError } from "./mlsError";
|
|
5
|
+
import { findFirstNonBlankAncestor, removeLeaves } from "./ratchetTree";
|
|
6
|
+
import { treeHash } from "./treeHash";
|
|
7
|
+
import { isLeaf, leafToNodeIndex, leafWidth, left, right, root } from "./treemath";
|
|
8
|
+
import { constantTimeEqual } from "./util/constantTimeCompare";
|
|
9
|
+
export const encodeParentHashInput = contramapEncoders([encodeVarLenData, encodeVarLenData, encodeVarLenData], (i) => [i.encryptionKey, i.parentHash, i.originalSiblingTreeHash]);
|
|
10
|
+
export const decodeParentHashInput = mapDecoders([decodeVarLenData, decodeVarLenData, decodeVarLenData], (encryptionKey, parentHash, originalSiblingTreeHash) => ({
|
|
11
|
+
encryptionKey,
|
|
12
|
+
parentHash,
|
|
13
|
+
originalSiblingTreeHash,
|
|
14
|
+
}));
|
|
15
|
+
function validateParentHashCoverage(parentIndices, coverage) {
|
|
16
|
+
for (const index of parentIndices) {
|
|
17
|
+
if ((coverage[index] ?? 0) !== 1) {
|
|
18
|
+
return false;
|
|
19
|
+
}
|
|
20
|
+
}
|
|
21
|
+
return true;
|
|
22
|
+
}
|
|
23
|
+
export async function verifyParentHashes(tree, h) {
|
|
24
|
+
const parentNodes = tree.reduce((acc, cur, index) => {
|
|
25
|
+
if (cur !== undefined && cur.nodeType === "parent") {
|
|
26
|
+
return [...acc, index];
|
|
27
|
+
}
|
|
28
|
+
else
|
|
29
|
+
return acc;
|
|
30
|
+
}, []);
|
|
31
|
+
if (parentNodes.length === 0)
|
|
32
|
+
return true;
|
|
33
|
+
const coverage = await parentHashCoverage(tree, h);
|
|
34
|
+
return validateParentHashCoverage(parentNodes, coverage);
|
|
35
|
+
}
|
|
36
|
+
/**
|
|
37
|
+
* Traverse tree from bottom up, verifying that all non-blank parent nodes are covered by exactly one chain
|
|
38
|
+
*/
|
|
39
|
+
function parentHashCoverage(tree, h) {
|
|
40
|
+
const leaves = tree.filter((_v, i) => isLeaf(i));
|
|
41
|
+
return leaves.reduce(async (acc, leafNode, leafIndex) => {
|
|
42
|
+
if (leafNode === undefined)
|
|
43
|
+
return acc;
|
|
44
|
+
let currentIndex = leafToNodeIndex(leafIndex);
|
|
45
|
+
let updated = { ...(await acc) };
|
|
46
|
+
const rootIndex = root(leafWidth(tree.length));
|
|
47
|
+
while (currentIndex !== rootIndex) {
|
|
48
|
+
const currentNode = tree[currentIndex];
|
|
49
|
+
// skip blank nodes
|
|
50
|
+
if (currentNode === undefined) {
|
|
51
|
+
continue;
|
|
52
|
+
}
|
|
53
|
+
// parentHashNodeIndex is the node index where the nearest non blank ancestor was
|
|
54
|
+
const [parentHash, parentHashNodeIndex] = await calculateParentHash(tree, currentIndex, h);
|
|
55
|
+
if (parentHashNodeIndex === undefined) {
|
|
56
|
+
throw new InternalError("Reached root before completing parent hash coeverage");
|
|
57
|
+
}
|
|
58
|
+
const expectedParentHash = getParentHash(currentNode);
|
|
59
|
+
if (expectedParentHash !== undefined && constantTimeEqual(parentHash, expectedParentHash)) {
|
|
60
|
+
const newCount = (updated[parentHashNodeIndex] ?? 0) + 1;
|
|
61
|
+
updated = { ...updated, [parentHashNodeIndex]: newCount };
|
|
62
|
+
}
|
|
63
|
+
else {
|
|
64
|
+
// skip to next leaf
|
|
65
|
+
break;
|
|
66
|
+
}
|
|
67
|
+
currentIndex = parentHashNodeIndex;
|
|
68
|
+
}
|
|
69
|
+
return updated;
|
|
70
|
+
}, Promise.resolve({}));
|
|
71
|
+
}
|
|
72
|
+
function getParentHash(node) {
|
|
73
|
+
if (node.nodeType === "parent")
|
|
74
|
+
return node.parent.parentHash;
|
|
75
|
+
else if (node.leaf.leafNodeSource === "commit")
|
|
76
|
+
return node.leaf.parentHash;
|
|
77
|
+
}
|
|
78
|
+
/**
|
|
79
|
+
* Calculcates parent hash for a given node or leaf and returns the node index of the parent or undefined if the given node is the root node.
|
|
80
|
+
*/
|
|
81
|
+
export async function calculateParentHash(tree, nodeIndex, h) {
|
|
82
|
+
const rootIndex = root(leafWidth(tree.length));
|
|
83
|
+
if (nodeIndex === rootIndex) {
|
|
84
|
+
return [new Uint8Array(), undefined];
|
|
85
|
+
}
|
|
86
|
+
const parentNodeIndex = findFirstNonBlankAncestor(tree, nodeIndex);
|
|
87
|
+
const parentNode = tree[parentNodeIndex];
|
|
88
|
+
if (parentNodeIndex === rootIndex && parentNode === undefined) {
|
|
89
|
+
return [new Uint8Array(), parentNodeIndex];
|
|
90
|
+
}
|
|
91
|
+
const siblingIndex = nodeIndex < parentNodeIndex ? right(parentNodeIndex) : left(parentNodeIndex);
|
|
92
|
+
if (parentNode === undefined || parentNode.nodeType === "leaf")
|
|
93
|
+
throw new InternalError("Expected non-blank parent Node");
|
|
94
|
+
const removedUnmerged = removeLeaves(tree, parentNode.parent.unmergedLeaves);
|
|
95
|
+
const originalSiblingTreeHash = await treeHash(removedUnmerged, siblingIndex, h);
|
|
96
|
+
const input = {
|
|
97
|
+
encryptionKey: parentNode.parent.hpkePublicKey,
|
|
98
|
+
parentHash: parentNode.parent.parentHash,
|
|
99
|
+
originalSiblingTreeHash,
|
|
100
|
+
};
|
|
101
|
+
return [await h.digest(encodeParentHashInput(input)), parentNodeIndex];
|
|
102
|
+
}
|
|
103
|
+
//# sourceMappingURL=parentHash.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"parentHash.js","sourceRoot":"","sources":["../../src/parentHash.ts"],"names":[],"mappings":"AAAA,OAAO,EAAW,WAAW,EAAE,MAAM,oBAAoB,CAAA;AACzD,OAAO,EAAE,iBAAiB,EAAW,MAAM,oBAAoB,CAAA;AAC/D,OAAO,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAA;AAE3E,OAAO,EAAE,aAAa,EAAE,MAAM,YAAY,CAAA;AAC1C,OAAO,EAAE,yBAAyB,EAAqB,YAAY,EAAE,MAAM,eAAe,CAAA;AAC1F,OAAO,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAA;AACrC,OAAO,EAAE,MAAM,EAAE,eAAe,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,YAAY,CAAA;AAElF,OAAO,EAAE,iBAAiB,EAAE,MAAM,4BAA4B,CAAA;AAQ9D,MAAM,CAAC,MAAM,qBAAqB,GAA6B,iBAAiB,CAC9E,CAAC,gBAAgB,EAAE,gBAAgB,EAAE,gBAAgB,CAAC,EACtD,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,aAAa,EAAE,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,uBAAuB,CAAU,CAC3E,CAAA;AAED,MAAM,CAAC,MAAM,qBAAqB,GAA6B,WAAW,CACxE,CAAC,gBAAgB,EAAE,gBAAgB,EAAE,gBAAgB,CAAC,EACtD,CAAC,aAAa,EAAE,UAAU,EAAE,uBAAuB,EAAE,EAAE,CAAC,CAAC;IACvD,aAAa;IACb,UAAU;IACV,uBAAuB;CACxB,CAAC,CACH,CAAA;AAED,SAAS,0BAA0B,CAAC,aAAuB,EAAE,QAAgC;IAC3F,KAAK,MAAM,KAAK,IAAI,aAAa,EAAE,CAAC;QAClC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC;YACjC,OAAO,KAAK,CAAA;QACd,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAA;AACb,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,IAAiB,EAAE,CAAO;IACjE,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,EAAE;QAClD,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;YACnD,OAAO,CAAC,GAAG,GAAG,EAAE,KAAK,CAAC,CAAA;QACxB,CAAC;;YAAM,OAAO,GAAG,CAAA;IACnB,CAAC,EAAE,EAAc,CAAC,CAAA;IAElB,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAA;IAEzC,MAAM,QAAQ,GAAG,MAAM,kBAAkB,CAAC,IAAI,EAAE,CAAC,CAAC,CAAA;IAElD,OAAO,0BAA0B,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAA;AAC1D,CAAC;AAED;;GAEG;AACH,SAAS,kBAAkB,CAAC,IAAiB,EAAE,CAAO;IACpD,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAA;IAChD,OAAO,MAAM,CAAC,MAAM,CAClB,KAAK,EAAE,GAAG,EAAE,QAAQ,EAAE,SAAS,EAAE,EAAE;QACjC,IAAI,QAAQ,KAAK,SAAS;YAAE,OAAO,GAAG,CAAA;QAEtC,IAAI,YAAY,GAAG,eAAe,CAAC,SAAS,CAAC,CAAA;QAC7C,IAAI,OAAO,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE,CAAA;QAEhC,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAA;QAE9C,OAAO,YAAY,KAAK,SAAS,EAAE,CAAC;YAClC,MAAM,WAAW,GAAG,IAAI,CAAC,YAAY,CAAC,CAAA;YAEtC,mBAAmB;YACnB,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;gBAC9B,SAAQ;YACV,CAAC;YAED,iFAAiF;YACjF,MAAM,CAAC,UAAU,EAAE,mBAAmB,CAAC,GAAG,MAAM,mBAAmB,CAAC,IAAI,EAAE,YAAY,EAAE,CAAC,CAAC,CAAA;YAE1F,IAAI,mBAAmB,KAAK,SAAS,EAAE,CAAC;gBACtC,MAAM,IAAI,aAAa,CAAC,sDAAsD,CAAC,CAAA;YACjF,CAAC;YAED,MAAM,kBAAkB,GAAG,aAAa,CAAC,WAAW,CAAC,CAAA;YAErD,IAAI,kBAAkB,KAAK,SAAS,IAAI,iBAAiB,CAAC,UAAU,EAAE,kBAAkB,CAAC,EAAE,CAAC;gBAC1F,MAAM,QAAQ,GAAG,CAAC,OAAO,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAA;gBACxD,OAAO,GAAG,EAAE,GAAG,OAAO,EAAE,CAAC,mBAAmB,CAAC,EAAE,QAAQ,EAAE,CAAA;YAC3D,CAAC;iBAAM,CAAC;gBACN,oBAAoB;gBACpB,MAAK;YACP,CAAC;YAED,YAAY,GAAG,mBAAmB,CAAA;QACpC,CAAC;QAED,OAAO,OAAO,CAAA;IAChB,CAAC,EACD,OAAO,CAAC,OAAO,CAAC,EAA4B,CAAC,CAC9C,CAAA;AACH,CAAC;AAED,SAAS,aAAa,CAAC,IAAU;IAC/B,IAAI,IAAI,CAAC,QAAQ,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC,MAAM,CAAC,UAAU,CAAA;SACxD,IAAI,IAAI,CAAC,IAAI,CAAC,cAAc,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC,IAAI,CAAC,UAAU,CAAA;AAC7E,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,IAAiB,EACjB,SAAiB,EACjB,CAAO;IAEP,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAA;IAC9C,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;QAC5B,OAAO,CAAC,IAAI,UAAU,EAAE,EAAE,SAAS,CAAC,CAAA;IACtC,CAAC;IAED,MAAM,eAAe,GAAG,yBAAyB,CAAC,IAAI,EAAE,SAAS,CAAC,CAAA;IAElE,MAAM,UAAU,GAAG,IAAI,CAAC,eAAe,CAAC,CAAA;IAExC,IAAI,eAAe,KAAK,SAAS,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;QAC9D,OAAO,CAAC,IAAI,UAAU,EAAE,EAAE,eAAe,CAAC,CAAA;IAC5C,CAAC;IAED,MAAM,YAAY,GAAG,SAAS,GAAG,eAAe,CAAC,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAA;IAEjG,IAAI,UAAU,KAAK,SAAS,IAAI,UAAU,CAAC,QAAQ,KAAK,MAAM;QAC5D,MAAM,IAAI,aAAa,CAAC,gCAAgC,CAAC,CAAA;IAE3D,MAAM,eAAe,GAAG,YAAY,CAAC,IAAI,EAAE,UAAU,CAAC,MAAM,CAAC,cAAc,CAAC,CAAA;IAE5E,MAAM,uBAAuB,GAAG,MAAM,QAAQ,CAAC,eAAe,EAAE,YAAY,EAAE,CAAC,CAAC,CAAA;IAEhF,MAAM,KAAK,GAAG;QACZ,aAAa,EAAE,UAAU,CAAC,MAAM,CAAC,aAAa;QAC9C,UAAU,EAAE,UAAU,CAAC,MAAM,CAAC,UAAU;QACxC,uBAAuB;KACxB,CAAA;IAED,OAAO,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC,EAAE,eAAe,CAAC,CAAA;AACxE,CAAC"}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
import { Decoder } from "./codec/tlsDecoder";
|
|
2
|
+
import { Encoder } from "./codec/tlsEncoder";
|
|
3
|
+
export type ParentNode = {
|
|
4
|
+
hpkePublicKey: Uint8Array;
|
|
5
|
+
parentHash: Uint8Array;
|
|
6
|
+
unmergedLeaves: number[];
|
|
7
|
+
};
|
|
8
|
+
export declare const encodeParentNode: Encoder<ParentNode>;
|
|
9
|
+
export declare const decodeParentNode: Decoder<ParentNode>;
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
import { encodeUint32, decodeUint32 } from "./codec/number";
|
|
2
|
+
import { mapDecoders } from "./codec/tlsDecoder";
|
|
3
|
+
import { contramapEncoders } from "./codec/tlsEncoder";
|
|
4
|
+
import { encodeVarLenData, encodeVarLenType, decodeVarLenData, decodeVarLenType } from "./codec/variableLength";
|
|
5
|
+
export const encodeParentNode = contramapEncoders([encodeVarLenData, encodeVarLenData, encodeVarLenType(encodeUint32)], (node) => [node.hpkePublicKey, node.parentHash, node.unmergedLeaves]);
|
|
6
|
+
export const decodeParentNode = mapDecoders([decodeVarLenData, decodeVarLenData, decodeVarLenType(decodeUint32)], (hpkePublicKey, parentHash, unmergedLeaves) => ({
|
|
7
|
+
hpkePublicKey,
|
|
8
|
+
parentHash,
|
|
9
|
+
unmergedLeaves,
|
|
10
|
+
}));
|
|
11
|
+
//# sourceMappingURL=parentNode.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"parentNode.js","sourceRoot":"","sources":["../../src/parentNode.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAA;AAC3D,OAAO,EAAW,WAAW,EAAE,MAAM,oBAAoB,CAAA;AACzD,OAAO,EAAW,iBAAiB,EAAE,MAAM,oBAAoB,CAAA;AAC/D,OAAO,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAA;AAI/G,MAAM,CAAC,MAAM,gBAAgB,GAAwB,iBAAiB,CACpE,CAAC,gBAAgB,EAAE,gBAAgB,EAAE,gBAAgB,CAAC,YAAY,CAAC,CAAC,EACpE,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,EAAE,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,cAAc,CAAU,CAC9E,CAAA;AAED,MAAM,CAAC,MAAM,gBAAgB,GAAwB,WAAW,CAC9D,CAAC,gBAAgB,EAAE,gBAAgB,EAAE,gBAAgB,CAAC,YAAY,CAAC,CAAC,EACpE,CAAC,aAAa,EAAE,UAAU,EAAE,cAAc,EAAE,EAAE,CAAC,CAAC;IAC9C,aAAa;IACb,UAAU;IACV,cAAc;CACf,CAAC,CACH,CAAA"}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import { Kdf } from "./crypto/kdf";
|
|
2
|
+
import { RatchetTree } from "./ratchetTree";
|
|
3
|
+
import { PathSecret } from "./updatePath";
|
|
4
|
+
/**
|
|
5
|
+
* PathSecrets is a record with nodeIndex as keys and the path secret as values
|
|
6
|
+
*/
|
|
7
|
+
export type PathSecrets = Record<number, Uint8Array>;
|
|
8
|
+
export declare function pathToPathSecrets(pathSecrets: PathSecret[]): PathSecrets;
|
|
9
|
+
export declare function getCommitSecret(tree: RatchetTree, nodeIndex: number, pathSecret: Uint8Array, kdf: Kdf): Promise<Uint8Array>;
|
|
10
|
+
export declare function pathToRoot(tree: RatchetTree, nodeIndex: number, pathSecret: Uint8Array, kdf: Kdf): Promise<PathSecrets>;
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
import { deriveSecret } from "./crypto/kdf";
|
|
2
|
+
import { InternalError } from "./mlsError";
|
|
3
|
+
import { findFirstNonBlankAncestor } from "./ratchetTree";
|
|
4
|
+
import { root, leafWidth } from "./treemath";
|
|
5
|
+
export function pathToPathSecrets(pathSecrets) {
|
|
6
|
+
return pathSecrets.reduce((acc, cur) => ({
|
|
7
|
+
...acc,
|
|
8
|
+
[cur.nodeIndex]: cur.secret,
|
|
9
|
+
}), {});
|
|
10
|
+
}
|
|
11
|
+
export async function getCommitSecret(tree, nodeIndex, pathSecret, kdf) {
|
|
12
|
+
const rootIndex = root(leafWidth(tree.length));
|
|
13
|
+
const path = await pathToRoot(tree, nodeIndex, pathSecret, kdf);
|
|
14
|
+
const rootSecret = path[rootIndex];
|
|
15
|
+
if (rootSecret === undefined)
|
|
16
|
+
throw new InternalError("Could not find secret for root");
|
|
17
|
+
return deriveSecret(rootSecret, "path", kdf);
|
|
18
|
+
}
|
|
19
|
+
export async function pathToRoot(tree, nodeIndex, pathSecret, kdf) {
|
|
20
|
+
const rootIndex = root(leafWidth(tree.length));
|
|
21
|
+
let currentIndex = nodeIndex;
|
|
22
|
+
let pathSecrets = { [nodeIndex]: pathSecret };
|
|
23
|
+
while (currentIndex != rootIndex) {
|
|
24
|
+
const nextIndex = findFirstNonBlankAncestor(tree, currentIndex);
|
|
25
|
+
const nextSecret = await deriveSecret(pathSecrets[currentIndex], "path", kdf);
|
|
26
|
+
pathSecrets[nextIndex] = nextSecret;
|
|
27
|
+
currentIndex = nextIndex;
|
|
28
|
+
}
|
|
29
|
+
return pathSecrets;
|
|
30
|
+
}
|
|
31
|
+
//# sourceMappingURL=pathSecrets.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"pathSecrets.js","sourceRoot":"","sources":["../../src/pathSecrets.ts"],"names":[],"mappings":"AAAA,OAAO,EAAO,YAAY,EAAE,MAAM,cAAc,CAAA;AAChD,OAAO,EAAE,aAAa,EAAE,MAAM,YAAY,CAAA;AAC1C,OAAO,EAAe,yBAAyB,EAAE,MAAM,eAAe,CAAA;AACtE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,YAAY,CAAA;AAQ5C,MAAM,UAAU,iBAAiB,CAAC,WAAyB;IACzD,OAAO,WAAW,CAAC,MAAM,CACvB,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;QACb,GAAG,GAAG;QACN,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,GAAG,CAAC,MAAM;KAC5B,CAAC,EACF,EAAE,CACH,CAAA;AACH,CAAC;AACD,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,IAAiB,EACjB,SAAiB,EACjB,UAAsB,EACtB,GAAQ;IAER,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAA;IAC9C,MAAM,IAAI,GAAG,MAAM,UAAU,CAAC,IAAI,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,CAAC,CAAA;IAC/D,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,CAAA;IAElC,IAAI,UAAU,KAAK,SAAS;QAAE,MAAM,IAAI,aAAa,CAAC,gCAAgC,CAAC,CAAA;IACvF,OAAO,YAAY,CAAC,UAAU,EAAE,MAAM,EAAE,GAAG,CAAC,CAAA;AAC9C,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,UAAU,CAC9B,IAAiB,EACjB,SAAiB,EACjB,UAAsB,EACtB,GAAQ;IAER,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAA;IAC9C,IAAI,YAAY,GAAG,SAAS,CAAA;IAC5B,IAAI,WAAW,GAAG,EAAE,CAAC,SAAS,CAAC,EAAE,UAAU,EAAE,CAAA;IAC7C,OAAO,YAAY,IAAI,SAAS,EAAE,CAAC;QACjC,MAAM,SAAS,GAAG,yBAAyB,CAAC,IAAI,EAAE,YAAY,CAAC,CAAA;QAC/D,MAAM,UAAU,GAAG,MAAM,YAAY,CAAC,WAAW,CAAC,YAAY,CAAE,EAAE,MAAM,EAAE,GAAG,CAAC,CAAA;QAE9E,WAAW,CAAC,SAAS,CAAC,GAAG,UAAU,CAAA;QACnC,YAAY,GAAG,SAAS,CAAA;IAC1B,CAAC;IAED,OAAO,WAAW,CAAA;AACpB,CAAC"}
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
import { Decoder } from "./codec/tlsDecoder";
|
|
2
|
+
import { Encoder } from "./codec/tlsEncoder";
|
|
3
|
+
import { CiphersuiteImpl } from "./crypto/ciphersuite";
|
|
4
|
+
export declare const pskTypes: {
|
|
5
|
+
readonly external: 1;
|
|
6
|
+
readonly resumption: 2;
|
|
7
|
+
};
|
|
8
|
+
export type PSKTypeName = keyof typeof pskTypes;
|
|
9
|
+
export type PSKType = (typeof pskTypes)[PSKTypeName];
|
|
10
|
+
export declare const encodePskType: Encoder<PSKTypeName>;
|
|
11
|
+
export declare const decodePskType: Decoder<PSKTypeName>;
|
|
12
|
+
declare const resumptionPSKUsages: {
|
|
13
|
+
readonly application: 1;
|
|
14
|
+
readonly reinit: 2;
|
|
15
|
+
readonly branch: 3;
|
|
16
|
+
};
|
|
17
|
+
export type ResumptionPSKUsageName = keyof typeof resumptionPSKUsages;
|
|
18
|
+
export type ResumptionPSKUsage = (typeof resumptionPSKUsages)[ResumptionPSKUsageName];
|
|
19
|
+
export declare const encodeResumptionPSKUsage: Encoder<ResumptionPSKUsageName>;
|
|
20
|
+
export declare const decodeResumptionPSKUsage: Decoder<ResumptionPSKUsageName>;
|
|
21
|
+
export type PSKInfoExternal = {
|
|
22
|
+
psktype: "external";
|
|
23
|
+
pskId: Uint8Array;
|
|
24
|
+
};
|
|
25
|
+
export type PSKInfoResumption = {
|
|
26
|
+
psktype: "resumption";
|
|
27
|
+
usage: ResumptionPSKUsageName;
|
|
28
|
+
pskGroupId: Uint8Array;
|
|
29
|
+
pskEpoch: bigint;
|
|
30
|
+
};
|
|
31
|
+
export type PSKInfo = PSKInfoExternal | PSKInfoResumption;
|
|
32
|
+
export declare const encodePskInfo: Encoder<PSKInfo>;
|
|
33
|
+
export declare const decodePskInfo: Decoder<PSKInfo>;
|
|
34
|
+
type PSKNonce = {
|
|
35
|
+
pskNonce: Uint8Array;
|
|
36
|
+
};
|
|
37
|
+
export type PreSharedKeyID = PSKInfo & PSKNonce;
|
|
38
|
+
export declare const encodePskId: Encoder<PreSharedKeyID>;
|
|
39
|
+
export declare const decodePskId: Decoder<PreSharedKeyID>;
|
|
40
|
+
type PSKLabel = {
|
|
41
|
+
id: PreSharedKeyID;
|
|
42
|
+
index: number;
|
|
43
|
+
count: number;
|
|
44
|
+
};
|
|
45
|
+
export declare const encodePskLabel: Encoder<PSKLabel>;
|
|
46
|
+
export declare const decodePskLabel: Decoder<PSKLabel>;
|
|
47
|
+
export type PreSharedKeyIdExternal = PSKInfoExternal & PSKNonce;
|
|
48
|
+
export type PreSharedKeyIdResumption = PSKInfoResumption & PSKNonce;
|
|
49
|
+
export declare function computePskSecret(psks: [PreSharedKeyID, Uint8Array][], impl: CiphersuiteImpl): Promise<Uint8Array<ArrayBufferLike>>;
|
|
50
|
+
export declare function updatePskSecret(secret: Uint8Array, pskId: PreSharedKeyID, psk: Uint8Array, index: number, count: number, impl: CiphersuiteImpl): Promise<Uint8Array<ArrayBufferLike>>;
|
|
51
|
+
export {};
|
|
@@ -0,0 +1,59 @@
|
|
|
1
|
+
import { decodeUint16, decodeUint64, decodeUint8, encodeUint16, encodeUint64, encodeUint8 } from "./codec/number";
|
|
2
|
+
import { flatMapDecoder, mapDecoder, mapDecoderOption, mapDecoders } from "./codec/tlsDecoder";
|
|
3
|
+
import { contramapEncoder, contramapEncoders } from "./codec/tlsEncoder";
|
|
4
|
+
import { decodeVarLenData, encodeVarLenData } from "./codec/variableLength";
|
|
5
|
+
import { expandWithLabel } from "./crypto/kdf";
|
|
6
|
+
import { enumNumberToKey } from "./util/enumHelpers";
|
|
7
|
+
export const pskTypes = {
|
|
8
|
+
external: 1,
|
|
9
|
+
resumption: 2,
|
|
10
|
+
};
|
|
11
|
+
export const encodePskType = contramapEncoder(encodeUint8, (t) => pskTypes[t]);
|
|
12
|
+
export const decodePskType = mapDecoderOption(decodeUint8, enumNumberToKey(pskTypes));
|
|
13
|
+
const resumptionPSKUsages = {
|
|
14
|
+
application: 1,
|
|
15
|
+
reinit: 2,
|
|
16
|
+
branch: 3,
|
|
17
|
+
};
|
|
18
|
+
export const encodeResumptionPSKUsage = contramapEncoder(encodeUint8, (u) => resumptionPSKUsages[u]);
|
|
19
|
+
export const decodeResumptionPSKUsage = mapDecoderOption(decodeUint8, enumNumberToKey(resumptionPSKUsages));
|
|
20
|
+
const encodePskInfoExternal = contramapEncoders([encodePskType, encodeVarLenData], (i) => [i.psktype, i.pskId]);
|
|
21
|
+
const encodePskInfoResumption = contramapEncoders([encodePskType, encodeResumptionPSKUsage, encodeVarLenData, encodeUint64], (info) => [info.psktype, info.usage, info.pskGroupId, info.pskEpoch]);
|
|
22
|
+
const decodePskInfoResumption = mapDecoders([decodeResumptionPSKUsage, decodeVarLenData, decodeUint64], (usage, pskGroupId, pskEpoch) => {
|
|
23
|
+
return { usage, pskGroupId, pskEpoch };
|
|
24
|
+
});
|
|
25
|
+
export const encodePskInfo = (info) => {
|
|
26
|
+
switch (info.psktype) {
|
|
27
|
+
case "external":
|
|
28
|
+
return encodePskInfoExternal(info);
|
|
29
|
+
case "resumption":
|
|
30
|
+
return encodePskInfoResumption(info);
|
|
31
|
+
}
|
|
32
|
+
};
|
|
33
|
+
export const decodePskInfo = flatMapDecoder(decodePskType, (psktype) => {
|
|
34
|
+
switch (psktype) {
|
|
35
|
+
case "external":
|
|
36
|
+
return mapDecoder(decodeVarLenData, (pskId) => ({
|
|
37
|
+
psktype,
|
|
38
|
+
pskId,
|
|
39
|
+
}));
|
|
40
|
+
case "resumption":
|
|
41
|
+
return mapDecoder(decodePskInfoResumption, (resumption) => ({
|
|
42
|
+
psktype,
|
|
43
|
+
...resumption,
|
|
44
|
+
}));
|
|
45
|
+
}
|
|
46
|
+
});
|
|
47
|
+
export const encodePskId = contramapEncoders([encodePskInfo, encodeVarLenData], (pskid) => [pskid, pskid.pskNonce]);
|
|
48
|
+
export const decodePskId = mapDecoders([decodePskInfo, decodeVarLenData], (info, pskNonce) => ({ ...info, pskNonce }));
|
|
49
|
+
export const encodePskLabel = contramapEncoders([encodePskId, encodeUint16, encodeUint16], (label) => [label.id, label.index, label.count]);
|
|
50
|
+
export const decodePskLabel = mapDecoders([decodePskId, decodeUint16, decodeUint16], (id, index, count) => ({ id, index, count }));
|
|
51
|
+
export async function computePskSecret(psks, impl) {
|
|
52
|
+
const zeroes = new Uint8Array(impl.kdf.size);
|
|
53
|
+
return psks.reduce(async (acc, [curId, curPsk], index) => updatePskSecret(await acc, curId, curPsk, index, psks.length, impl), Promise.resolve(zeroes));
|
|
54
|
+
}
|
|
55
|
+
export async function updatePskSecret(secret, pskId, psk, index, count, impl) {
|
|
56
|
+
const zeroes = new Uint8Array(impl.kdf.size);
|
|
57
|
+
return impl.kdf.extract(await expandWithLabel(await impl.kdf.extract(zeroes, psk), "derived psk", encodePskLabel({ id: pskId, index, count }), impl.kdf.size, impl.kdf), secret);
|
|
58
|
+
}
|
|
59
|
+
//# sourceMappingURL=presharedkey.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"presharedkey.js","sourceRoot":"","sources":["../../src/presharedkey.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,WAAW,EAAE,YAAY,EAAE,YAAY,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAA;AACjH,OAAO,EAAW,cAAc,EAAE,UAAU,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAA;AACvG,OAAO,EAAE,gBAAgB,EAAE,iBAAiB,EAAW,MAAM,oBAAoB,CAAA;AACjF,OAAO,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAA;AAE3E,OAAO,EAAE,eAAe,EAAE,MAAM,cAAc,CAAA;AAE9C,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAA;AAEpD,MAAM,CAAC,MAAM,QAAQ,GAAG;IACtB,QAAQ,EAAE,CAAC;IACX,UAAU,EAAE,CAAC;CACL,CAAA;AAKV,MAAM,CAAC,MAAM,aAAa,GAAyB,gBAAgB,CAAC,WAAW,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAA;AACpG,MAAM,CAAC,MAAM,aAAa,GAAyB,gBAAgB,CAAC,WAAW,EAAE,eAAe,CAAC,QAAQ,CAAC,CAAC,CAAA;AAE3G,MAAM,mBAAmB,GAAG;IAC1B,WAAW,EAAE,CAAC;IACd,MAAM,EAAE,CAAC;IACT,MAAM,EAAE,CAAC;CACD,CAAA;AAKV,MAAM,CAAC,MAAM,wBAAwB,GAAoC,gBAAgB,CACvF,WAAW,EACX,CAAC,CAAC,EAAE,EAAE,CAAC,mBAAmB,CAAC,CAAC,CAAC,CAC9B,CAAA;AAED,MAAM,CAAC,MAAM,wBAAwB,GAAoC,gBAAgB,CACvF,WAAW,EACX,eAAe,CAAC,mBAAmB,CAAC,CACrC,CAAA;AAWD,MAAM,qBAAqB,GAA6B,iBAAiB,CACvE,CAAC,aAAa,EAAE,gBAAgB,CAAC,EACjC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,KAAK,CAAU,CACrC,CAAA;AAED,MAAM,uBAAuB,GAA+B,iBAAiB,CAC3E,CAAC,aAAa,EAAE,wBAAwB,EAAE,gBAAgB,EAAE,YAAY,CAAC,EACzE,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,QAAQ,CAAU,CAC9E,CAAA;AAED,MAAM,uBAAuB,GAAG,WAAW,CACzC,CAAC,wBAAwB,EAAE,gBAAgB,EAAE,YAAY,CAAC,EAC1D,CAAC,KAAK,EAAE,UAAU,EAAE,QAAQ,EAAE,EAAE;IAC9B,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE,QAAQ,EAAE,CAAA;AACxC,CAAC,CACF,CAAA;AAED,MAAM,CAAC,MAAM,aAAa,GAAqB,CAAC,IAAI,EAAE,EAAE;IACtD,QAAQ,IAAI,CAAC,OAAO,EAAE,CAAC;QACrB,KAAK,UAAU;YACb,OAAO,qBAAqB,CAAC,IAAI,CAAC,CAAA;QACpC,KAAK,YAAY;YACf,OAAO,uBAAuB,CAAC,IAAI,CAAC,CAAA;IACxC,CAAC;AACH,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,aAAa,GAAqB,cAAc,CAAC,aAAa,EAAE,CAAC,OAAO,EAAoB,EAAE;IACzG,QAAQ,OAAO,EAAE,CAAC;QAChB,KAAK,UAAU;YACb,OAAO,UAAU,CAAC,gBAAgB,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;gBAC9C,OAAO;gBACP,KAAK;aACN,CAAC,CAAC,CAAA;QACL,KAAK,YAAY;YACf,OAAO,UAAU,CAAC,uBAAuB,EAAE,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;gBAC1D,OAAO;gBACP,GAAG,UAAU;aACd,CAAC,CAAC,CAAA;IACP,CAAC;AACH,CAAC,CAAC,CAAA;AAMF,MAAM,CAAC,MAAM,WAAW,GAA4B,iBAAiB,CACnE,CAAC,aAAa,EAAE,gBAAgB,CAAC,EACjC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,KAAK,EAAE,KAAK,CAAC,QAAQ,CAAU,CAC5C,CAAA;AAED,MAAM,CAAC,MAAM,WAAW,GAA4B,WAAW,CAC7D,CAAC,aAAa,EAAE,gBAAgB,CAAC,EACjC,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,CAAC,EAAE,GAAG,IAAI,EAAE,QAAQ,EAAE,CAAC,CAC5C,CAAA;AAQD,MAAM,CAAC,MAAM,cAAc,GAAsB,iBAAiB,CAChE,CAAC,WAAW,EAAE,YAAY,EAAE,YAAY,CAAC,EACzC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,EAAE,EAAE,KAAK,CAAC,KAAK,EAAE,KAAK,CAAC,KAAK,CAAU,CACzD,CAAA;AAED,MAAM,CAAC,MAAM,cAAc,GAAsB,WAAW,CAC1D,CAAC,WAAW,EAAE,YAAY,EAAE,YAAY,CAAC,EACzC,CAAC,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAC7C,CAAA;AAKD,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,IAAoC,EAAE,IAAqB;IAChG,MAAM,MAAM,GAAe,IAAI,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;IAExD,OAAO,IAAI,CAAC,MAAM,CAChB,KAAK,EAAE,GAAG,EAAE,CAAC,KAAK,EAAE,MAAM,CAAC,EAAE,KAAK,EAAE,EAAE,CAAC,eAAe,CAAC,MAAM,GAAG,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,EAC1G,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CACxB,CAAA;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,MAAkB,EAClB,KAAqB,EACrB,GAAe,EACf,KAAa,EACb,KAAa,EACb,IAAqB;IAErB,MAAM,MAAM,GAAe,IAAI,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;IACxD,OAAO,IAAI,CAAC,GAAG,CAAC,OAAO,CACrB,MAAM,eAAe,CACnB,MAAM,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,EACnC,aAAa,EACb,cAAc,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,EAC3C,IAAI,CAAC,GAAG,CAAC,IAAI,EACb,IAAI,CAAC,GAAG,CACT,EACD,MAAM,CACP,CAAA;AACH,CAAC"}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import { CiphersuiteImpl } from "./crypto/ciphersuite";
|
|
2
|
+
import { PathSecrets } from "./pathSecrets";
|
|
3
|
+
export type PrivateKeyPath = {
|
|
4
|
+
leafIndex: number;
|
|
5
|
+
privateKeys: Record<number, Uint8Array>;
|
|
6
|
+
};
|
|
7
|
+
/**
|
|
8
|
+
* Merges PrivateKeyPaths, BEWARE, if there is a conflict, this function will prioritize the second `b` parameter
|
|
9
|
+
*/
|
|
10
|
+
export declare function mergePrivateKeyPaths(a: PrivateKeyPath, b: PrivateKeyPath): PrivateKeyPath;
|
|
11
|
+
export declare function updateLeafKey(path: PrivateKeyPath, newKey: Uint8Array): PrivateKeyPath;
|
|
12
|
+
export declare function toPrivateKeyPath(pathSecrets: PathSecrets, leafIndex: number, cs: CiphersuiteImpl): Promise<PrivateKeyPath>;
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
import { deriveSecret } from "./crypto/kdf";
|
|
2
|
+
import { leafToNodeIndex } from "./treemath";
|
|
3
|
+
/**
|
|
4
|
+
* Merges PrivateKeyPaths, BEWARE, if there is a conflict, this function will prioritize the second `b` parameter
|
|
5
|
+
*/
|
|
6
|
+
export function mergePrivateKeyPaths(a, b) {
|
|
7
|
+
return { ...a, privateKeys: { ...a.privateKeys, ...b.privateKeys } };
|
|
8
|
+
}
|
|
9
|
+
export function updateLeafKey(path, newKey) {
|
|
10
|
+
return { ...path, privateKeys: { ...path.privateKeys, [leafToNodeIndex(path.leafIndex)]: newKey } };
|
|
11
|
+
}
|
|
12
|
+
export async function toPrivateKeyPath(pathSecrets, leafIndex, cs) {
|
|
13
|
+
const asArray = await Promise.all(Object.entries(pathSecrets).map(async ([nodeIndex, pathSecret]) => {
|
|
14
|
+
const nodeSecret = await deriveSecret(pathSecret, "node", cs.kdf);
|
|
15
|
+
const { privateKey } = await cs.hpke.deriveKeyPair(nodeSecret);
|
|
16
|
+
return [Number(nodeIndex), await cs.hpke.exportPrivateKey(privateKey)];
|
|
17
|
+
}));
|
|
18
|
+
const privateKeys = Object.fromEntries(asArray);
|
|
19
|
+
return { leafIndex, privateKeys };
|
|
20
|
+
}
|
|
21
|
+
//# sourceMappingURL=privateKeyPath.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"privateKeyPath.js","sourceRoot":"","sources":["../../src/privateKeyPath.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,MAAM,cAAc,CAAA;AAE3C,OAAO,EAAE,eAAe,EAAE,MAAM,YAAY,CAAA;AAM5C;;GAEG;AACH,MAAM,UAAU,oBAAoB,CAAC,CAAiB,EAAE,CAAiB;IACvE,OAAO,EAAE,GAAG,CAAC,EAAE,WAAW,EAAE,EAAE,GAAG,CAAC,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC,WAAW,EAAE,EAAE,CAAA;AACtE,CAAC;AACD,MAAM,UAAU,aAAa,CAAC,IAAoB,EAAE,MAAkB;IACpE,OAAO,EAAE,GAAG,IAAI,EAAE,WAAW,EAAE,EAAE,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,MAAM,EAAE,EAAE,CAAA;AACrG,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,WAAwB,EACxB,SAAiB,EACjB,EAAmB;IAEnB,MAAM,OAAO,GAA2B,MAAM,OAAO,CAAC,GAAG,CACvD,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,SAAS,EAAE,UAAU,CAAC,EAAE,EAAE;QAChE,MAAM,UAAU,GAAG,MAAM,YAAY,CAAC,UAAU,EAAE,MAAM,EAAE,EAAE,CAAC,GAAG,CAAC,CAAA;QACjE,MAAM,EAAE,UAAU,EAAE,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,aAAa,CAAC,UAAU,CAAC,CAAA;QAE9D,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAU,CAAA;IACjF,CAAC,CAAC,CACH,CAAA;IAED,MAAM,WAAW,GAA+B,MAAM,CAAC,WAAW,CAAC,OAAO,CAAC,CAAA;IAE3E,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,CAAA;AACnC,CAAC"}
|