ts-mls 1.4.2 → 1.4.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/dist/codec/json.d.ts +4 -0
- package/dist/codec/json.js +190 -0
- package/dist/codec/json.js.map +1 -0
- package/dist/crypto/implementation/noble/makeHashImpl.js +2 -1
- package/dist/crypto/implementation/noble/makeHashImpl.js.map +1 -1
- package/dist/keyPackage.d.ts +1 -1
- package/dist/keyPackage.js +5 -5
- package/dist/parentHash.js +4 -5
- package/dist/parentHash.js.map +1 -1
- package/dist/secretTree.js +7 -6
- package/dist/secretTree.js.map +1 -1
- package/dist/tsconfig.build.tsbuildinfo +1 -1
- package/dist/updatePath.js +16 -18
- package/dist/updatePath.js.map +1 -1
- package/dist/util/array.d.ts +0 -1
- package/dist/util/array.js +0 -3
- package/dist/util/array.js.map +1 -1
- package/dist/util/constantTimeCompare.js.map +1 -1
- package/package.json +9 -9
package/README.md
CHANGED
|
@@ -62,7 +62,7 @@ The following cipher suites are supported:
|
|
|
62
62
|
| X-Wing | AES256GCM | HKDF-SHA512 | SHA-512 | ML-DSA-87 | MLS_256_XWING_AES256GCM_SHA512_MLDSA78 | 87 | @hpke/hybridkem-x-wing, @noble/post-quantum |
|
|
63
63
|
| X-Wing | CHACHA20POLY1305 | HKDF-SHA512 | SHA-512 | ML-DSA-87 | MLS_256_XWING_CHACHA20POLY1305_SHA512_MLDSA78 | 88 | @hpke/hybridkem-x-wing, @hpke/chacha20poly1305, @noble/post-quantum |
|
|
64
64
|
|
|
65
|
-
## Security Disclaimer
|
|
65
|
+
## ⚠️ Security Disclaimer
|
|
66
66
|
|
|
67
67
|
This library has not undergone a formal security audit. While care has been taken to implement the MLS protocol correctly and securely, it may contain undiscovered vulnerabilities. If you plan to use this library in a production or security-critical context, proceed with caution and consider conducting an independent security review.
|
|
68
68
|
|
|
@@ -0,0 +1,4 @@
|
|
|
1
|
+
import { ClientConfig } from "../clientConfig.js";
|
|
2
|
+
import { ClientState } from "../clientState.js";
|
|
3
|
+
export declare function toJsonString(clientState: ClientState): string;
|
|
4
|
+
export declare function fromJsonString(s: string, config: ClientConfig): ClientState | undefined;
|
|
@@ -0,0 +1,190 @@
|
|
|
1
|
+
export function toJsonString(clientState) {
|
|
2
|
+
const { clientConfig, ...state } = clientState;
|
|
3
|
+
const stateWithSerializableMap = {
|
|
4
|
+
...state,
|
|
5
|
+
historicalReceiverData: Array.from(state.historicalReceiverData.entries()).map(([epoch, data]) => [
|
|
6
|
+
{
|
|
7
|
+
epoch: epoch.toString(),
|
|
8
|
+
},
|
|
9
|
+
data,
|
|
10
|
+
]),
|
|
11
|
+
};
|
|
12
|
+
return JSON.stringify(stateWithSerializableMap, (_key, value) => {
|
|
13
|
+
// Mark BigInt values with a special wrapper
|
|
14
|
+
if (typeof value === "bigint") {
|
|
15
|
+
return { "@@bigint": value.toString() };
|
|
16
|
+
}
|
|
17
|
+
// Mark empty Uint8Arrays with a special marker
|
|
18
|
+
if (value instanceof Uint8Array) {
|
|
19
|
+
if (value.length === 0) {
|
|
20
|
+
return { "@@uint8array": true, length: 0, data: [] };
|
|
21
|
+
}
|
|
22
|
+
}
|
|
23
|
+
return value;
|
|
24
|
+
});
|
|
25
|
+
}
|
|
26
|
+
function isValidGroupActiveState(state) {
|
|
27
|
+
if (typeof state !== "object" || state === null)
|
|
28
|
+
return false;
|
|
29
|
+
const s = state;
|
|
30
|
+
if (typeof s.kind !== "string")
|
|
31
|
+
return false;
|
|
32
|
+
if (s.kind === "active")
|
|
33
|
+
return true;
|
|
34
|
+
if (s.kind === "suspendedPendingReinit")
|
|
35
|
+
return "reinit" in s && typeof s.reinit === "object";
|
|
36
|
+
if (s.kind === "removedFromGroup")
|
|
37
|
+
return true;
|
|
38
|
+
return false;
|
|
39
|
+
}
|
|
40
|
+
function isValidRatchetTree(tree) {
|
|
41
|
+
if (!Array.isArray(tree))
|
|
42
|
+
return false;
|
|
43
|
+
return tree.every((node) => node === null || (typeof node === "object" && node !== null));
|
|
44
|
+
}
|
|
45
|
+
function isValidGroupContext(ctx) {
|
|
46
|
+
if (typeof ctx !== "object" || ctx === null)
|
|
47
|
+
return false;
|
|
48
|
+
const c = ctx;
|
|
49
|
+
return ("version" in c &&
|
|
50
|
+
"cipherSuite" in c &&
|
|
51
|
+
"groupId" in c &&
|
|
52
|
+
"epoch" in c &&
|
|
53
|
+
"treeHash" in c &&
|
|
54
|
+
"confirmedTranscriptHash" in c &&
|
|
55
|
+
"extensions" in c);
|
|
56
|
+
}
|
|
57
|
+
function isValidKeySchedule(ks) {
|
|
58
|
+
if (typeof ks !== "object" || ks === null)
|
|
59
|
+
return false;
|
|
60
|
+
const k = ks;
|
|
61
|
+
return "epochAuthenticator" in k && typeof k.epochAuthenticator === "object";
|
|
62
|
+
}
|
|
63
|
+
function isValidPrivateKeyPath(pkp) {
|
|
64
|
+
if (typeof pkp !== "object" || pkp === null)
|
|
65
|
+
return false;
|
|
66
|
+
const p = pkp;
|
|
67
|
+
return "leafIndex" in p && typeof p.leafIndex === "number";
|
|
68
|
+
}
|
|
69
|
+
function isValidUnappliedProposals(uap) {
|
|
70
|
+
return uap !== null && typeof uap === "object";
|
|
71
|
+
}
|
|
72
|
+
function isValidHistoricalReceiverData(hrd) {
|
|
73
|
+
if (!Array.isArray(hrd))
|
|
74
|
+
return false;
|
|
75
|
+
return hrd.every((item) => Array.isArray(item) && item.length === 2 && typeof item[0] === "object" && "epoch" in item[0]);
|
|
76
|
+
}
|
|
77
|
+
function deepConvertUint8Arrays(obj, depth = 0, maxDepth = 20) {
|
|
78
|
+
if (depth > maxDepth)
|
|
79
|
+
return obj;
|
|
80
|
+
if (obj === null || obj === undefined)
|
|
81
|
+
return obj;
|
|
82
|
+
if (obj instanceof Uint8Array)
|
|
83
|
+
return obj;
|
|
84
|
+
// Check for the special BigInt marker
|
|
85
|
+
if (obj && typeof obj === "object" && "@@bigint" in obj) {
|
|
86
|
+
const objRecord = obj;
|
|
87
|
+
if (typeof objRecord["@@bigint"] === "string") {
|
|
88
|
+
return BigInt(objRecord["@@bigint"]);
|
|
89
|
+
}
|
|
90
|
+
}
|
|
91
|
+
// Check for the special empty Uint8Array marker
|
|
92
|
+
if (obj && typeof obj === "object" && "@@uint8array" in obj) {
|
|
93
|
+
const objRecord = obj;
|
|
94
|
+
if (objRecord["@@uint8array"] === true) {
|
|
95
|
+
return new Uint8Array();
|
|
96
|
+
}
|
|
97
|
+
}
|
|
98
|
+
// Handle non-empty Uint8Array-like objects
|
|
99
|
+
if (obj && typeof obj === "object" && !Array.isArray(obj)) {
|
|
100
|
+
const objRecord = obj;
|
|
101
|
+
const keys = Object.keys(objRecord);
|
|
102
|
+
if (keys.length > 0 && !("@@uint8array" in objRecord) && !("@@bigint" in objRecord)) {
|
|
103
|
+
// Check if all keys are numeric strings and all values are 0-255 numbers
|
|
104
|
+
const allNumericKeys = keys.every((k) => /^\d+$/.test(k));
|
|
105
|
+
if (allNumericKeys) {
|
|
106
|
+
const allValidValues = keys.every((k) => Object.prototype.hasOwnProperty.call(objRecord, k) &&
|
|
107
|
+
typeof objRecord[k] === "number" &&
|
|
108
|
+
objRecord[k] >= 0 &&
|
|
109
|
+
objRecord[k] <= 255);
|
|
110
|
+
if (allValidValues) {
|
|
111
|
+
const numKeys = keys.map((k) => parseInt(k, 10));
|
|
112
|
+
const values = numKeys.sort((a, b) => a - b).map((n) => objRecord[String(n)]);
|
|
113
|
+
return new Uint8Array(values);
|
|
114
|
+
}
|
|
115
|
+
}
|
|
116
|
+
}
|
|
117
|
+
}
|
|
118
|
+
if (Array.isArray(obj)) {
|
|
119
|
+
return obj.map((item) => deepConvertUint8Arrays(item, depth + 1, maxDepth));
|
|
120
|
+
}
|
|
121
|
+
if (typeof obj === "object") {
|
|
122
|
+
const objRecord = obj;
|
|
123
|
+
const result = {};
|
|
124
|
+
for (const key in objRecord) {
|
|
125
|
+
if (Object.prototype.hasOwnProperty.call(objRecord, key)) {
|
|
126
|
+
result[key] = deepConvertUint8Arrays(objRecord[key], depth + 1, maxDepth);
|
|
127
|
+
}
|
|
128
|
+
}
|
|
129
|
+
return result;
|
|
130
|
+
}
|
|
131
|
+
return obj;
|
|
132
|
+
}
|
|
133
|
+
export function fromJsonString(s, config) {
|
|
134
|
+
try {
|
|
135
|
+
const parsed = JSON.parse(s);
|
|
136
|
+
if (typeof parsed !== "object" || parsed === null)
|
|
137
|
+
return undefined;
|
|
138
|
+
const parsedRecord = parsed;
|
|
139
|
+
if (!("groupActiveState" in parsedRecord) ||
|
|
140
|
+
!("privatePath" in parsedRecord) ||
|
|
141
|
+
!("ratchetTree" in parsedRecord) ||
|
|
142
|
+
!("keySchedule" in parsedRecord) ||
|
|
143
|
+
!("groupContext" in parsedRecord) ||
|
|
144
|
+
!("unappliedProposals" in parsedRecord) ||
|
|
145
|
+
!("signaturePrivateKey" in parsedRecord) ||
|
|
146
|
+
!("confirmationTag" in parsedRecord) ||
|
|
147
|
+
!("historicalReceiverData" in parsedRecord) ||
|
|
148
|
+
!("secretTree" in parsedRecord)) {
|
|
149
|
+
return undefined;
|
|
150
|
+
}
|
|
151
|
+
const converted = deepConvertUint8Arrays(parsedRecord);
|
|
152
|
+
if (!isValidGroupActiveState(converted.groupActiveState))
|
|
153
|
+
return undefined;
|
|
154
|
+
if (!isValidPrivateKeyPath(converted.privatePath))
|
|
155
|
+
return undefined;
|
|
156
|
+
if (!isValidRatchetTree(converted.ratchetTree))
|
|
157
|
+
return undefined;
|
|
158
|
+
if (!isValidKeySchedule(converted.keySchedule))
|
|
159
|
+
return undefined;
|
|
160
|
+
if (!isValidGroupContext(converted.groupContext))
|
|
161
|
+
return undefined;
|
|
162
|
+
if (!isValidUnappliedProposals(converted.unappliedProposals))
|
|
163
|
+
return undefined;
|
|
164
|
+
if (!isValidHistoricalReceiverData(converted.historicalReceiverData))
|
|
165
|
+
return undefined;
|
|
166
|
+
if (!(converted.signaturePrivateKey instanceof Uint8Array || typeof converted.signaturePrivateKey === "object")) {
|
|
167
|
+
return undefined;
|
|
168
|
+
}
|
|
169
|
+
if (!(converted.confirmationTag instanceof Uint8Array || typeof converted.confirmationTag === "object")) {
|
|
170
|
+
return undefined;
|
|
171
|
+
}
|
|
172
|
+
// Reconstruct Map<bigint, EpochReceiverData>
|
|
173
|
+
const historicalReceiverData = new Map();
|
|
174
|
+
if (Array.isArray(converted.historicalReceiverData)) {
|
|
175
|
+
for (const [keyObj, data] of converted.historicalReceiverData) {
|
|
176
|
+
if (keyObj && typeof keyObj === "object" && "epoch" in keyObj) {
|
|
177
|
+
const keyObjRecord = keyObj;
|
|
178
|
+
if (typeof keyObjRecord.epoch === "bigint") {
|
|
179
|
+
historicalReceiverData.set(keyObjRecord.epoch, data);
|
|
180
|
+
}
|
|
181
|
+
}
|
|
182
|
+
}
|
|
183
|
+
}
|
|
184
|
+
return { clientConfig: config, ...converted, historicalReceiverData };
|
|
185
|
+
}
|
|
186
|
+
catch {
|
|
187
|
+
return undefined;
|
|
188
|
+
}
|
|
189
|
+
}
|
|
190
|
+
//# sourceMappingURL=json.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"json.js","sourceRoot":"","sources":["../../src/codec/json.ts"],"names":[],"mappings":"AAGA,MAAM,UAAU,YAAY,CAAC,WAAwB;IACnD,MAAM,EAAE,YAAY,EAAE,GAAG,KAAK,EAAE,GAAG,WAAW,CAAA;IAE9C,MAAM,wBAAwB,GAAG;QAC/B,GAAG,KAAK;QACR,sBAAsB,EAAE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,sBAAsB,CAAC,OAAO,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC;YAChG;gBACE,KAAK,EAAE,KAAK,CAAC,QAAQ,EAAE;aACxB;YACD,IAAI;SACL,CAAC;KACH,CAAA;IACD,OAAO,IAAI,CAAC,SAAS,CAAC,wBAAwB,EAAE,CAAC,IAAI,EAAE,KAAc,EAAE,EAAE;QACvE,4CAA4C;QAC5C,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,EAAE,UAAU,EAAE,KAAK,CAAC,QAAQ,EAAE,EAAE,CAAA;QACzC,CAAC;QACD,+CAA+C;QAC/C,IAAI,KAAK,YAAY,UAAU,EAAE,CAAC;YAChC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACvB,OAAO,EAAE,cAAc,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CAAA;YACtD,CAAC;QACH,CAAC;QACD,OAAO,KAAK,CAAA;IACd,CAAC,CAAC,CAAA;AACJ,CAAC;AAED,SAAS,uBAAuB,CAAC,KAAc;IAC7C,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI;QAAE,OAAO,KAAK,CAAA;IAC7D,MAAM,CAAC,GAAG,KAAgC,CAAA;IAC1C,IAAI,OAAO,CAAC,CAAC,IAAI,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAA;IAC5C,IAAI,CAAC,CAAC,IAAI,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAA;IACpC,IAAI,CAAC,CAAC,IAAI,KAAK,wBAAwB;QAAE,OAAO,QAAQ,IAAI,CAAC,IAAI,OAAO,CAAC,CAAC,MAAM,KAAK,QAAQ,CAAA;IAC7F,IAAI,CAAC,CAAC,IAAI,KAAK,kBAAkB;QAAE,OAAO,IAAI,CAAA;IAC9C,OAAO,KAAK,CAAA;AACd,CAAC;AAED,SAAS,kBAAkB,CAAC,IAAa;IACvC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC;QAAE,OAAO,KAAK,CAAA;IACtC,OAAO,IAAI,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,KAAK,IAAI,IAAI,CAAC,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,KAAK,IAAI,CAAC,CAAC,CAAA;AAC3F,CAAC;AAED,SAAS,mBAAmB,CAAC,GAAY;IACvC,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,IAAI;QAAE,OAAO,KAAK,CAAA;IACzD,MAAM,CAAC,GAAG,GAA8B,CAAA;IACxC,OAAO,CACL,SAAS,IAAI,CAAC;QACd,aAAa,IAAI,CAAC;QAClB,SAAS,IAAI,CAAC;QACd,OAAO,IAAI,CAAC;QACZ,UAAU,IAAI,CAAC;QACf,yBAAyB,IAAI,CAAC;QAC9B,YAAY,IAAI,CAAC,CAClB,CAAA;AACH,CAAC;AAED,SAAS,kBAAkB,CAAC,EAAW;IACrC,IAAI,OAAO,EAAE,KAAK,QAAQ,IAAI,EAAE,KAAK,IAAI;QAAE,OAAO,KAAK,CAAA;IACvD,MAAM,CAAC,GAAG,EAA6B,CAAA;IACvC,OAAO,oBAAoB,IAAI,CAAC,IAAI,OAAO,CAAC,CAAC,kBAAkB,KAAK,QAAQ,CAAA;AAC9E,CAAC;AAED,SAAS,qBAAqB,CAAC,GAAY;IACzC,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,IAAI;QAAE,OAAO,KAAK,CAAA;IACzD,MAAM,CAAC,GAAG,GAA8B,CAAA;IACxC,OAAO,WAAW,IAAI,CAAC,IAAI,OAAO,CAAC,CAAC,SAAS,KAAK,QAAQ,CAAA;AAC5D,CAAC;AAED,SAAS,yBAAyB,CAAC,GAAY;IAC7C,OAAO,GAAG,KAAK,IAAI,IAAI,OAAO,GAAG,KAAK,QAAQ,CAAA;AAChD,CAAC;AAED,SAAS,6BAA6B,CAAC,GAAY;IACjD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC;QAAE,OAAO,KAAK,CAAA;IACrC,OAAO,GAAG,CAAC,KAAK,CACd,CAAC,IAAa,EAAE,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,IAAI,OAAO,IAAI,CAAC,CAAC,CAAC,KAAK,QAAQ,IAAI,OAAO,IAAI,IAAI,CAAC,CAAC,CAAC,CACjH,CAAA;AACH,CAAC;AAED,SAAS,sBAAsB,CAAC,GAAY,EAAE,KAAK,GAAG,CAAC,EAAE,QAAQ,GAAG,EAAE;IACpE,IAAI,KAAK,GAAG,QAAQ;QAAE,OAAO,GAAG,CAAA;IAChC,IAAI,GAAG,KAAK,IAAI,IAAI,GAAG,KAAK,SAAS;QAAE,OAAO,GAAG,CAAA;IACjD,IAAI,GAAG,YAAY,UAAU;QAAE,OAAO,GAAG,CAAA;IAEzC,sCAAsC;IACtC,IAAI,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,UAAU,IAAI,GAAG,EAAE,CAAC;QACxD,MAAM,SAAS,GAAG,GAA8B,CAAA;QAChD,IAAI,OAAO,SAAS,CAAC,UAAU,CAAC,KAAK,QAAQ,EAAE,CAAC;YAC9C,OAAO,MAAM,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,CAAA;QACtC,CAAC;IACH,CAAC;IAED,gDAAgD;IAChD,IAAI,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,cAAc,IAAI,GAAG,EAAE,CAAC;QAC5D,MAAM,SAAS,GAAG,GAA8B,CAAA;QAChD,IAAI,SAAS,CAAC,cAAc,CAAC,KAAK,IAAI,EAAE,CAAC;YACvC,OAAO,IAAI,UAAU,EAAE,CAAA;QACzB,CAAC;IACH,CAAC;IAED,2CAA2C;IAC3C,IAAI,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QAC1D,MAAM,SAAS,GAAG,GAA8B,CAAA;QAChD,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;QACnC,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,CAAC,cAAc,IAAI,SAAS,CAAC,IAAI,CAAC,CAAC,UAAU,IAAI,SAAS,CAAC,EAAE,CAAC;YACpF,yEAAyE;YACzE,MAAM,cAAc,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAA;YACzD,IAAI,cAAc,EAAE,CAAC;gBACnB,MAAM,cAAc,GAAG,IAAI,CAAC,KAAK,CAC/B,CAAC,CAAC,EAAE,EAAE,CACJ,MAAM,CAAC,SAAS,CAAC,cAAc,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;oBAClD,OAAO,SAAS,CAAC,CAAC,CAAC,KAAK,QAAQ;oBAChC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC;oBACjB,SAAS,CAAC,CAAC,CAAC,IAAI,GAAG,CACtB,CAAA;gBACD,IAAI,cAAc,EAAE,CAAC;oBACnB,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAA;oBAChD,MAAM,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,CAAW,CAAC,CAAA;oBACvF,OAAO,IAAI,UAAU,CAAC,MAAM,CAAC,CAAA;gBAC/B,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QACvB,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,sBAAsB,CAAC,IAAI,EAAE,KAAK,GAAG,CAAC,EAAE,QAAQ,CAAC,CAAC,CAAA;IAC7E,CAAC;IAED,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QAC5B,MAAM,SAAS,GAAG,GAA8B,CAAA;QAChD,MAAM,MAAM,GAA4B,EAAE,CAAA;QAC1C,KAAK,MAAM,GAAG,IAAI,SAAS,EAAE,CAAC;YAC5B,IAAI,MAAM,CAAC,SAAS,CAAC,cAAc,CAAC,IAAI,CAAC,SAAS,EAAE,GAAG,CAAC,EAAE,CAAC;gBACzD,MAAM,CAAC,GAAG,CAAC,GAAG,sBAAsB,CAAC,SAAS,CAAC,GAAG,CAAC,EAAE,KAAK,GAAG,CAAC,EAAE,QAAQ,CAAC,CAAA;YAC3E,CAAC;QACH,CAAC;QACD,OAAO,MAAM,CAAA;IACf,CAAC;IAED,OAAO,GAAG,CAAA;AACZ,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,CAAS,EAAE,MAAoB;IAC5D,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAY,CAAA;QAEvC,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,MAAM,KAAK,IAAI;YAAE,OAAO,SAAS,CAAA;QAEnE,MAAM,YAAY,GAAG,MAAiC,CAAA;QACtD,IACE,CAAC,CAAC,kBAAkB,IAAI,YAAY,CAAC;YACrC,CAAC,CAAC,aAAa,IAAI,YAAY,CAAC;YAChC,CAAC,CAAC,aAAa,IAAI,YAAY,CAAC;YAChC,CAAC,CAAC,aAAa,IAAI,YAAY,CAAC;YAChC,CAAC,CAAC,cAAc,IAAI,YAAY,CAAC;YACjC,CAAC,CAAC,oBAAoB,IAAI,YAAY,CAAC;YACvC,CAAC,CAAC,qBAAqB,IAAI,YAAY,CAAC;YACxC,CAAC,CAAC,iBAAiB,IAAI,YAAY,CAAC;YACpC,CAAC,CAAC,wBAAwB,IAAI,YAAY,CAAC;YAC3C,CAAC,CAAC,YAAY,IAAI,YAAY,CAAC,EAC/B,CAAC;YACD,OAAO,SAAS,CAAA;QAClB,CAAC;QAED,MAAM,SAAS,GAAG,sBAAsB,CAAC,YAAY,CAA4B,CAAA;QAEjF,IAAI,CAAC,uBAAuB,CAAC,SAAS,CAAC,gBAAgB,CAAC;YAAE,OAAO,SAAS,CAAA;QAC1E,IAAI,CAAC,qBAAqB,CAAC,SAAS,CAAC,WAAW,CAAC;YAAE,OAAO,SAAS,CAAA;QACnE,IAAI,CAAC,kBAAkB,CAAC,SAAS,CAAC,WAAW,CAAC;YAAE,OAAO,SAAS,CAAA;QAChE,IAAI,CAAC,kBAAkB,CAAC,SAAS,CAAC,WAAW,CAAC;YAAE,OAAO,SAAS,CAAA;QAChE,IAAI,CAAC,mBAAmB,CAAC,SAAS,CAAC,YAAY,CAAC;YAAE,OAAO,SAAS,CAAA;QAClE,IAAI,CAAC,yBAAyB,CAAC,SAAS,CAAC,kBAAkB,CAAC;YAAE,OAAO,SAAS,CAAA;QAC9E,IAAI,CAAC,6BAA6B,CAAC,SAAS,CAAC,sBAAsB,CAAC;YAAE,OAAO,SAAS,CAAA;QAEtF,IAAI,CAAC,CAAC,SAAS,CAAC,mBAAmB,YAAY,UAAU,IAAI,OAAO,SAAS,CAAC,mBAAmB,KAAK,QAAQ,CAAC,EAAE,CAAC;YAChH,OAAO,SAAS,CAAA;QAClB,CAAC;QACD,IAAI,CAAC,CAAC,SAAS,CAAC,eAAe,YAAY,UAAU,IAAI,OAAO,SAAS,CAAC,eAAe,KAAK,QAAQ,CAAC,EAAE,CAAC;YACxG,OAAO,SAAS,CAAA;QAClB,CAAC;QAED,6CAA6C;QAC7C,MAAM,sBAAsB,GAAG,IAAI,GAAG,EAA6B,CAAA;QACnE,IAAI,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,sBAAsB,CAAC,EAAE,CAAC;YACpD,KAAK,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,IAAI,SAAS,CAAC,sBAA8C,EAAE,CAAC;gBACtF,IAAI,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,OAAO,IAAI,MAAM,EAAE,CAAC;oBAC9D,MAAM,YAAY,GAAG,MAAiC,CAAA;oBACtD,IAAI,OAAO,YAAY,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;wBAC3C,sBAAsB,CAAC,GAAG,CAAC,YAAY,CAAC,KAAK,EAAE,IAAyB,CAAC,CAAA;oBAC3E,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,GAAG,SAAS,EAAE,sBAAsB,EAA4B,CAAA;IACjG,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,SAAS,CAAA;IAClB,CAAC;AACH,CAAC"}
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
import { sha256, sha384, sha512 } from "@noble/hashes/sha2.js";
|
|
2
2
|
import { hmac } from "@noble/hashes/hmac.js";
|
|
3
|
+
import { constantTimeEqual } from "../../../util/constantTimeCompare.js";
|
|
3
4
|
export function makeHashImpl(h) {
|
|
4
5
|
return {
|
|
5
6
|
async digest(data) {
|
|
@@ -28,7 +29,7 @@ export function makeHashImpl(h) {
|
|
|
28
29
|
},
|
|
29
30
|
async verifyMac(key, mac, data) {
|
|
30
31
|
const expectedMac = await this.mac(key, data);
|
|
31
|
-
return mac
|
|
32
|
+
return constantTimeEqual(mac, expectedMac);
|
|
32
33
|
},
|
|
33
34
|
};
|
|
34
35
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"makeHashImpl.js","sourceRoot":"","sources":["../../../../src/crypto/implementation/noble/makeHashImpl.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAA;AAC9D,OAAO,EAAE,IAAI,EAAE,MAAM,uBAAuB,CAAA;
|
|
1
|
+
{"version":3,"file":"makeHashImpl.js","sourceRoot":"","sources":["../../../../src/crypto/implementation/noble/makeHashImpl.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAA;AAC9D,OAAO,EAAE,IAAI,EAAE,MAAM,uBAAuB,CAAA;AAC5C,OAAO,EAAE,iBAAiB,EAAE,MAAM,sCAAsC,CAAA;AAExE,MAAM,UAAU,YAAY,CAAC,CAAgB;IAC3C,OAAO;QACL,KAAK,CAAC,MAAM,CAAC,IAAI;YACf,QAAQ,CAAC,EAAE,CAAC;gBACV,KAAK,SAAS;oBACZ,OAAO,MAAM,CAAC,IAAI,CAAC,CAAA;gBACrB,KAAK,SAAS;oBACZ,OAAO,MAAM,CAAC,IAAI,CAAC,CAAA;gBACrB,KAAK,SAAS;oBACZ,OAAO,MAAM,CAAC,IAAI,CAAC,CAAA;gBACrB;oBACE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,EAAE,CAAC,CAAA;YACvD,CAAC;QACH,CAAC;QACD,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI;YACjB,QAAQ,CAAC,EAAE,CAAC;gBACV,KAAK,SAAS;oBACZ,OAAO,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC,CAAA;gBAChC,KAAK,SAAS;oBACZ,OAAO,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC,CAAA;gBAChC,KAAK,SAAS;oBACZ,OAAO,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC,CAAA;gBAChC;oBACE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,EAAE,CAAC,CAAA;YACvD,CAAC;QACH,CAAC;QACD,KAAK,CAAC,SAAS,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI;YAC5B,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAA;YAC7C,OAAO,iBAAiB,CAAC,GAAG,EAAE,WAAW,CAAC,CAAA;QAC5C,CAAC;KACF,CAAA;AACH,CAAC"}
|
package/dist/keyPackage.d.ts
CHANGED
|
@@ -33,7 +33,7 @@ export interface PrivateKeyPackage {
|
|
|
33
33
|
hpkePrivateKey: Uint8Array;
|
|
34
34
|
signaturePrivateKey: Uint8Array;
|
|
35
35
|
}
|
|
36
|
-
export declare function generateKeyPackageWithKey(credential: Credential, capabilities: Capabilities, lifetime: Lifetime, extensions: Extension[],
|
|
36
|
+
export declare function generateKeyPackageWithKey(credential: Credential, capabilities: Capabilities, lifetime: Lifetime, extensions: Extension[], signatureKeyPair: {
|
|
37
37
|
signKey: Uint8Array;
|
|
38
38
|
publicKey: Uint8Array;
|
|
39
39
|
}, cs: CiphersuiteImpl, leafNodeExtensions?: Extension[]): Promise<{
|
package/dist/keyPackage.js
CHANGED
|
@@ -43,18 +43,18 @@ export async function verifyKeyPackage(kp, s) {
|
|
|
43
43
|
export function makeKeyPackageRef(value, h) {
|
|
44
44
|
return refhash("MLS 1.0 KeyPackage Reference", encode(keyPackageEncoder)(value), h);
|
|
45
45
|
}
|
|
46
|
-
export async function generateKeyPackageWithKey(credential, capabilities, lifetime, extensions,
|
|
46
|
+
export async function generateKeyPackageWithKey(credential, capabilities, lifetime, extensions, signatureKeyPair, cs, leafNodeExtensions) {
|
|
47
47
|
const initKeys = await cs.hpke.generateKeyPair();
|
|
48
48
|
const hpkeKeys = await cs.hpke.generateKeyPair();
|
|
49
49
|
const privatePackage = {
|
|
50
50
|
initPrivateKey: await cs.hpke.exportPrivateKey(initKeys.privateKey),
|
|
51
51
|
hpkePrivateKey: await cs.hpke.exportPrivateKey(hpkeKeys.privateKey),
|
|
52
|
-
signaturePrivateKey:
|
|
52
|
+
signaturePrivateKey: signatureKeyPair.signKey,
|
|
53
53
|
};
|
|
54
54
|
const leafNodeTbs = {
|
|
55
55
|
leafNodeSource: "key_package",
|
|
56
56
|
hpkePublicKey: await cs.hpke.exportPublicKey(hpkeKeys.publicKey),
|
|
57
|
-
signaturePublicKey:
|
|
57
|
+
signaturePublicKey: signatureKeyPair.publicKey,
|
|
58
58
|
info: { leafNodeSource: "key_package" },
|
|
59
59
|
extensions: leafNodeExtensions ?? [],
|
|
60
60
|
credential,
|
|
@@ -65,10 +65,10 @@ export async function generateKeyPackageWithKey(credential, capabilities, lifeti
|
|
|
65
65
|
version: "mls10",
|
|
66
66
|
cipherSuite: cs.name,
|
|
67
67
|
initKey: await cs.hpke.exportPublicKey(initKeys.publicKey),
|
|
68
|
-
leafNode: await signLeafNodeKeyPackage(leafNodeTbs,
|
|
68
|
+
leafNode: await signLeafNodeKeyPackage(leafNodeTbs, signatureKeyPair.signKey, cs.signature),
|
|
69
69
|
extensions,
|
|
70
70
|
};
|
|
71
|
-
return { publicPackage: await signKeyPackage(tbs,
|
|
71
|
+
return { publicPackage: await signKeyPackage(tbs, signatureKeyPair.signKey, cs.signature), privatePackage };
|
|
72
72
|
}
|
|
73
73
|
export async function generateKeyPackage(credential, capabilities, lifetime, extensions, cs, leafNodeExtensions) {
|
|
74
74
|
const sigKeys = await cs.signature.keygen();
|
package/dist/parentHash.js
CHANGED
|
@@ -4,7 +4,7 @@ import { decodeVarLenData, varLenDataEncoder } from "./codec/variableLength.js";
|
|
|
4
4
|
import { InternalError } from "./mlsError.js";
|
|
5
5
|
import { findFirstNonBlankAncestor, removeLeaves } from "./ratchetTree.js";
|
|
6
6
|
import { treeHash } from "./treeHash.js";
|
|
7
|
-
import { isLeaf,
|
|
7
|
+
import { isLeaf, leafWidth, left, right, root, toNodeIndex } from "./treemath.js";
|
|
8
8
|
import { constantTimeEqual } from "./util/constantTimeCompare.js";
|
|
9
9
|
export const parentHashInputEncoder = contramapBufferEncoders([varLenDataEncoder, varLenDataEncoder, varLenDataEncoder], (i) => [i.encryptionKey, i.parentHash, i.originalSiblingTreeHash]);
|
|
10
10
|
export const encodeParentHashInput = encode(parentHashInputEncoder);
|
|
@@ -38,11 +38,10 @@ export async function verifyParentHashes(tree, h) {
|
|
|
38
38
|
* Traverse tree from bottom up, verifying that all non-blank parent nodes are covered by exactly one chain
|
|
39
39
|
*/
|
|
40
40
|
function parentHashCoverage(tree, h) {
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
if (
|
|
41
|
+
return tree.reduce(async (acc, node, nodeIndex) => {
|
|
42
|
+
let currentIndex = toNodeIndex(nodeIndex);
|
|
43
|
+
if (!isLeaf(currentIndex) || node === undefined)
|
|
44
44
|
return acc;
|
|
45
|
-
let currentIndex = leafToNodeIndex(toLeafIndex(leafIndex));
|
|
46
45
|
let updated = { ...(await acc) };
|
|
47
46
|
const rootIndex = root(leafWidth(tree.length));
|
|
48
47
|
while (currentIndex !== rootIndex) {
|
package/dist/parentHash.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"parentHash.js","sourceRoot":"","sources":["../src/parentHash.ts"],"names":[],"mappings":"AAAA,OAAO,EAAW,WAAW,EAAE,MAAM,uBAAuB,CAAA;AAC5D,OAAO,EAAE,uBAAuB,EAAiB,MAAM,EAAW,MAAM,uBAAuB,CAAA;AAC/F,OAAO,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAA;AAE/E,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAA;AAC7C,OAAO,EAAE,yBAAyB,EAAqB,YAAY,EAAE,MAAM,kBAAkB,CAAA;AAC7F,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAA;AACxC,OAAO,
|
|
1
|
+
{"version":3,"file":"parentHash.js","sourceRoot":"","sources":["../src/parentHash.ts"],"names":[],"mappings":"AAAA,OAAO,EAAW,WAAW,EAAE,MAAM,uBAAuB,CAAA;AAC5D,OAAO,EAAE,uBAAuB,EAAiB,MAAM,EAAW,MAAM,uBAAuB,CAAA;AAC/F,OAAO,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAA;AAE/E,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAA;AAC7C,OAAO,EAAE,yBAAyB,EAAqB,YAAY,EAAE,MAAM,kBAAkB,CAAA;AAC7F,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAA;AACxC,OAAO,EAAE,MAAM,EAAa,SAAS,EAAE,IAAI,EAAa,KAAK,EAAE,IAAI,EAAE,WAAW,EAAE,MAAM,eAAe,CAAA;AAEvG,OAAO,EAAE,iBAAiB,EAAE,MAAM,+BAA+B,CAAA;AAQjE,MAAM,CAAC,MAAM,sBAAsB,GAAmC,uBAAuB,CAC3F,CAAC,iBAAiB,EAAE,iBAAiB,EAAE,iBAAiB,CAAC,EACzD,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,aAAa,EAAE,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,uBAAuB,CAAU,CAC3E,CAAA;AAED,MAAM,CAAC,MAAM,qBAAqB,GAA6B,MAAM,CAAC,sBAAsB,CAAC,CAAA;AAE7F,MAAM,CAAC,MAAM,qBAAqB,GAA6B,WAAW,CACxE,CAAC,gBAAgB,EAAE,gBAAgB,EAAE,gBAAgB,CAAC,EACtD,CAAC,aAAa,EAAE,UAAU,EAAE,uBAAuB,EAAE,EAAE,CAAC,CAAC;IACvD,aAAa;IACb,UAAU;IACV,uBAAuB;CACxB,CAAC,CACH,CAAA;AAED,SAAS,0BAA0B,CAAC,aAAuB,EAAE,QAAgC;IAC3F,KAAK,MAAM,KAAK,IAAI,aAAa,EAAE,CAAC;QAClC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC;YACjC,OAAO,KAAK,CAAA;QACd,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAA;AACb,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,IAAiB,EAAE,CAAO;IACjE,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,EAAE;QAClD,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;YACnD,OAAO,CAAC,GAAG,GAAG,EAAE,KAAK,CAAC,CAAA;QACxB,CAAC;;YAAM,OAAO,GAAG,CAAA;IACnB,CAAC,EAAE,EAAc,CAAC,CAAA;IAElB,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAA;IAEzC,MAAM,QAAQ,GAAG,MAAM,kBAAkB,CAAC,IAAI,EAAE,CAAC,CAAC,CAAA;IAElD,OAAO,0BAA0B,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAA;AAC1D,CAAC;AAED;;GAEG;AACH,SAAS,kBAAkB,CAAC,IAAiB,EAAE,CAAO;IACpD,OAAO,IAAI,CAAC,MAAM,CAChB,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,SAAS,EAAE,EAAE;QAC7B,IAAI,YAAY,GAAG,WAAW,CAAC,SAAS,CAAC,CAAA;QACzC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,IAAI,IAAI,KAAK,SAAS;YAAE,OAAO,GAAG,CAAA;QAE3D,IAAI,OAAO,GAAG,EAAE,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE,CAAA;QAEhC,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAA;QAE9C,OAAO,YAAY,KAAK,SAAS,EAAE,CAAC;YAClC,MAAM,WAAW,GAAG,IAAI,CAAC,YAAY,CAAC,CAAA;YAEtC,mBAAmB;YACnB,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;gBAC9B,SAAQ;YACV,CAAC;YAED,iFAAiF;YACjF,MAAM,CAAC,UAAU,EAAE,mBAAmB,CAAC,GAAG,MAAM,mBAAmB,CAAC,IAAI,EAAE,YAAY,EAAE,CAAC,CAAC,CAAA;YAE1F,IAAI,mBAAmB,KAAK,SAAS,EAAE,CAAC;gBACtC,MAAM,IAAI,aAAa,CAAC,sDAAsD,CAAC,CAAA;YACjF,CAAC;YAED,MAAM,kBAAkB,GAAG,aAAa,CAAC,WAAW,CAAC,CAAA;YAErD,IAAI,kBAAkB,KAAK,SAAS,IAAI,iBAAiB,CAAC,UAAU,EAAE,kBAAkB,CAAC,EAAE,CAAC;gBAC1F,MAAM,QAAQ,GAAG,CAAC,OAAO,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAA;gBACxD,OAAO,GAAG,EAAE,GAAG,OAAO,EAAE,CAAC,mBAAmB,CAAC,EAAE,QAAQ,EAAE,CAAA;YAC3D,CAAC;iBAAM,CAAC;gBACN,oBAAoB;gBACpB,MAAK;YACP,CAAC;YAED,YAAY,GAAG,mBAAmB,CAAA;QACpC,CAAC;QAED,OAAO,OAAO,CAAA;IAChB,CAAC,EACD,OAAO,CAAC,OAAO,CAAC,EAA4B,CAAC,CAC9C,CAAA;AACH,CAAC;AAED,SAAS,aAAa,CAAC,IAAU;IAC/B,IAAI,IAAI,CAAC,QAAQ,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC,MAAM,CAAC,UAAU,CAAA;SACxD,IAAI,IAAI,CAAC,IAAI,CAAC,cAAc,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC,IAAI,CAAC,UAAU,CAAA;AAC7E,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,IAAiB,EACjB,SAAoB,EACpB,CAAO;IAEP,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAA;IAC9C,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;QAC5B,OAAO,CAAC,IAAI,UAAU,EAAE,EAAE,SAAS,CAAC,CAAA;IACtC,CAAC;IAED,MAAM,eAAe,GAAG,yBAAyB,CAAC,IAAI,EAAE,SAAS,CAAC,CAAA;IAElE,MAAM,UAAU,GAAG,IAAI,CAAC,eAAe,CAAC,CAAA;IAExC,IAAI,eAAe,KAAK,SAAS,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;QAC9D,OAAO,CAAC,IAAI,UAAU,EAAE,EAAE,eAAe,CAAC,CAAA;IAC5C,CAAC;IAED,MAAM,YAAY,GAAG,SAAS,GAAG,eAAe,CAAC,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAA;IAEjG,IAAI,UAAU,KAAK,SAAS,IAAI,UAAU,CAAC,QAAQ,KAAK,MAAM;QAC5D,MAAM,IAAI,aAAa,CAAC,gCAAgC,CAAC,CAAA;IAE3D,MAAM,eAAe,GAAG,YAAY,CAAC,IAAI,EAAE,UAAU,CAAC,MAAM,CAAC,cAA6B,CAAC,CAAA;IAE3F,MAAM,uBAAuB,GAAG,MAAM,QAAQ,CAAC,eAAe,EAAE,YAAY,EAAE,CAAC,CAAC,CAAA;IAEhF,MAAM,KAAK,GAAG;QACZ,aAAa,EAAE,UAAU,CAAC,MAAM,CAAC,aAAa;QAC9C,UAAU,EAAE,UAAU,CAAC,MAAM,CAAC,UAAU;QACxC,uBAAuB;KACxB,CAAA;IAED,OAAO,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,sBAAsB,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,eAAe,CAAC,CAAA;AACjF,CAAC"}
|
package/dist/secretTree.js
CHANGED
|
@@ -1,13 +1,12 @@
|
|
|
1
1
|
import { expandWithLabel, deriveTreeSecret } from "./crypto/kdf.js";
|
|
2
2
|
import { InternalError, ValidationError } from "./mlsError.js";
|
|
3
3
|
import { nodeWidth, root, right, isLeaf, left, leafToNodeIndex, toLeafIndex } from "./treemath.js";
|
|
4
|
-
import { updateArray } from "./util/array.js";
|
|
5
4
|
import { repeatAsync } from "./util/repeat.js";
|
|
6
5
|
function scaffoldSecretTree(leafWidth, encryptionSecret, kdf) {
|
|
7
6
|
const tree = new Array(nodeWidth(leafWidth));
|
|
8
7
|
const rootIndex = root(leafWidth);
|
|
9
|
-
|
|
10
|
-
return deriveChildren(
|
|
8
|
+
tree[rootIndex] = encryptionSecret;
|
|
9
|
+
return deriveChildren(tree, rootIndex, kdf);
|
|
11
10
|
}
|
|
12
11
|
export async function createSecretTree(leafWidth, encryptionSecret, kdf) {
|
|
13
12
|
const tree = await scaffoldSecretTree(leafWidth, encryptionSecret, kdf);
|
|
@@ -27,8 +26,9 @@ async function deriveChildren(tree, nodeIndex, kdf) {
|
|
|
27
26
|
throw new InternalError("Bad node index for secret tree");
|
|
28
27
|
const leftSecret = await expandWithLabel(parentSecret, "tree", new TextEncoder().encode("left"), kdf.size, kdf);
|
|
29
28
|
const rightSecret = await expandWithLabel(parentSecret, "tree", new TextEncoder().encode("right"), kdf.size, kdf);
|
|
30
|
-
|
|
31
|
-
|
|
29
|
+
tree[l] = leftSecret;
|
|
30
|
+
tree[r] = rightSecret;
|
|
31
|
+
return deriveChildren(await deriveChildren(tree, l, kdf), r, kdf);
|
|
32
32
|
}
|
|
33
33
|
export async function deriveNonce(secret, generation, cs) {
|
|
34
34
|
return await deriveTreeSecret(secret, "nonce", generation, cs.hpke.nonceLength, cs.kdf);
|
|
@@ -106,7 +106,8 @@ async function createRatchetResult(node, index, currentSecret, reuseGuard, tree,
|
|
|
106
106
|
async function createRatchetResultWithSecret(node, index, secret, generation, reuseGuard, tree, contentType, cs, ratchetState) {
|
|
107
107
|
const { nonce, key } = await createKeyAndNonce(secret, generation, reuseGuard, cs);
|
|
108
108
|
const newNode = contentType === "application" ? { ...node, application: ratchetState } : { ...node, handshake: ratchetState };
|
|
109
|
-
const newTree =
|
|
109
|
+
const newTree = tree.slice();
|
|
110
|
+
newTree[index] = newNode;
|
|
110
111
|
return {
|
|
111
112
|
generation: generation,
|
|
112
113
|
reuseGuard,
|
package/dist/secretTree.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"secretTree.js","sourceRoot":"","sources":["../src/secretTree.ts"],"names":[],"mappings":"AAEA,OAAO,EAAO,eAAe,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AAExE,OAAO,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,eAAe,CAAA;AAE9D,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,eAAe,EAAa,WAAW,EAAE,MAAM,eAAe,CAAA;AAC7G,OAAO,EAAE,WAAW,EAAE,MAAM,
|
|
1
|
+
{"version":3,"file":"secretTree.js","sourceRoot":"","sources":["../src/secretTree.ts"],"names":[],"mappings":"AAEA,OAAO,EAAO,eAAe,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AAExE,OAAO,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,eAAe,CAAA;AAE9D,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,eAAe,EAAa,WAAW,EAAE,MAAM,eAAe,CAAA;AAC7G,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAA;AAuB9C,SAAS,kBAAkB,CAAC,SAAiB,EAAE,gBAA4B,EAAE,GAAQ;IACnF,MAAM,IAAI,GAAG,IAAI,KAAK,CAAa,SAAS,CAAC,SAAS,CAAC,CAAC,CAAA;IACxD,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,CAAA;IAEjC,IAAI,CAAC,SAAS,CAAC,GAAG,gBAAgB,CAAA;IAClC,OAAO,cAAc,CAAC,IAAI,EAAE,SAAS,EAAE,GAAG,CAAC,CAAA;AAC7C,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,SAAiB,EAAE,gBAA4B,EAAE,GAAQ;IAC9F,MAAM,IAAI,GAAG,MAAM,kBAAkB,CAAC,SAAS,EAAE,gBAAgB,EAAE,GAAG,CAAC,CAAA;IAEvE,OAAO,MAAM,OAAO,CAAC,GAAG,CACtB,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE;QACxB,MAAM,WAAW,GAAG,MAAM,iBAAiB,CAAC,MAAM,EAAE,aAAa,EAAE,GAAG,CAAC,CAAA;QACvE,MAAM,SAAS,GAAG,MAAM,iBAAiB,CAAC,MAAM,EAAE,WAAW,EAAE,GAAG,CAAC,CAAA;QAEnE,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,CAAA;IACnC,CAAC,CAAC,CACH,CAAA;AACH,CAAC;AAED,KAAK,UAAU,cAAc,CAAC,IAAkB,EAAE,SAAoB,EAAE,GAAQ;IAC9E,IAAI,MAAM,CAAC,SAAS,CAAC;QAAE,OAAO,IAAI,CAAA;IAClC,MAAM,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,CAAA;IAEzB,MAAM,CAAC,GAAG,KAAK,CAAC,SAAS,CAAC,CAAA;IAE1B,MAAM,YAAY,GAAG,IAAI,CAAC,SAAS,CAAC,CAAA;IACpC,IAAI,YAAY,KAAK,SAAS;QAAE,MAAM,IAAI,aAAa,CAAC,gCAAgC,CAAC,CAAA;IACzF,MAAM,UAAU,GAAG,MAAM,eAAe,CAAC,YAAY,EAAE,MAAM,EAAE,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,CAAA;IAE/G,MAAM,WAAW,GAAG,MAAM,eAAe,CAAC,YAAY,EAAE,MAAM,EAAE,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,CAAA;IAEjH,IAAI,CAAC,CAAC,CAAC,GAAG,UAAU,CAAA;IACpB,IAAI,CAAC,CAAC,CAAC,GAAG,WAAW,CAAA;IAErB,OAAO,cAAc,CAAC,MAAM,cAAc,CAAC,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,CAAA;AACnE,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,MAAkB,EAAE,UAAkB,EAAE,EAAmB;IAC3F,OAAO,MAAM,gBAAgB,CAAC,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,EAAE,CAAC,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC,GAAG,CAAC,CAAA;AACzF,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,MAAkB,EAAE,UAAkB,EAAE,EAAmB;IACzF,OAAO,MAAM,gBAAgB,CAAC,MAAM,EAAE,KAAK,EAAE,UAAU,EAAE,EAAE,CAAC,IAAI,CAAC,SAAS,EAAE,EAAE,CAAC,GAAG,CAAC,CAAA;AACrF,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,OAAyB,EACzB,UAAkB,EAClB,MAA0B,EAC1B,GAAQ;IAER,MAAM,oBAAoB,GAAG,UAAU,GAAG,OAAO,CAAC,UAAU,CAAA;IAE5D,IAAI,oBAAoB,GAAG,MAAM,CAAC,0BAA0B;QAC1D,MAAM,IAAI,eAAe,CAAC,0CAA0C,CAAC,CAAA;IAEvE,OAAO,MAAM,WAAW,CACtB,KAAK,EAAE,CAAC,EAAE,EAAE;QACV,MAAM,UAAU,GAAG,MAAM,gBAAgB,CAAC,CAAC,CAAC,MAAM,EAAE,QAAQ,EAAE,CAAC,CAAC,UAAU,EAAE,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,CAAA;QAC1F,OAAO;YACL,MAAM,EAAE,UAAU;YAClB,UAAU,EAAE,CAAC,CAAC,UAAU,GAAG,CAAC;YAC5B,iBAAiB,EAAE,uBAAuB,CAAC,CAAC,EAAE,MAAM,CAAC,wBAAwB,CAAC;SAC/E,CAAA;IACH,CAAC,EACD,OAAO,EACP,oBAAoB,CACrB,CAAA;AACH,CAAC;AAED,SAAS,uBAAuB,CAAC,CAAmB,EAAE,oBAA4B;IAChF,MAAM,OAAO,GAAG,EAAE,GAAG,CAAC,CAAC,iBAAiB,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC,MAAM,EAAE,CAAA;IAEpE,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;IAExC,MAAM,MAAM,GACV,WAAW,CAAC,MAAM,IAAI,oBAAoB,CAAC,CAAC,CAAC,oBAAoB,CAAC,OAAO,EAAE,oBAAoB,CAAC,CAAC,CAAC,CAAC,OAAO,CAAA;IAE5G,OAAO,MAAM,CAAA;AACf,CAAC;AAED,SAAS,oBAAoB,CAC3B,sBAAkD,EAClD,GAAW;IAEX,MAAM,iBAAiB,GAAG,MAAM,CAAC,IAAI,CAAC,sBAAsB,CAAC;SAC1D,GAAG,CAAC,MAAM,CAAC;SACX,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;IAEnC,OAAO,MAAM,CAAC,WAAW,CACvB,iBAAiB,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC,UAAU,EAAE,sBAAsB,CAAC,UAAU,CAAE,CAAC,CAAC,CACrG,CAAA;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,yBAAyB,CAC7C,MAAkB,EAClB,UAAkB,EAClB,UAAsB,EACtB,EAAmB;IAEnB,MAAM,KAAK,GAAG,MAAM,WAAW,CAAC,MAAM,EAAE,UAAU,EAAE,EAAE,CAAC,CAAA;IAEvD,IAAI,KAAK,CAAC,MAAM,IAAI,CAAC,IAAI,UAAU,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;QAChD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YAC3B,KAAK,CAAC,CAAC,CAAE,IAAI,UAAU,CAAC,CAAC,CAAE,CAAA;QAC7B,CAAC;IACH,CAAC;;QAAM,MAAM,IAAI,eAAe,CAAC,uCAAuC,CAAC,CAAA;IAEzE,OAAO,KAAK,CAAA;AACd,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,IAAgB,EAChB,UAAsB,EACtB,WAA4B,EAC5B,MAA0B,EAC1B,EAAmB;IAEnB,MAAM,KAAK,GAAG,eAAe,CAAC,WAAW,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAA;IAChE,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAA;IACxB,IAAI,IAAI,KAAK,SAAS;QAAE,MAAM,IAAI,aAAa,CAAC,gCAAgC,CAAC,CAAA;IAEjF,MAAM,OAAO,GAAG,qBAAqB,CAAC,IAAI,EAAE,WAAW,CAAC,CAAA;IAExD,IAAI,OAAO,CAAC,UAAU,GAAG,UAAU,CAAC,UAAU,EAAE,CAAC;QAC/C,MAAM,OAAO,GAAG,OAAO,CAAC,iBAAiB,CAAC,UAAU,CAAC,UAAU,CAAC,CAAA;QAEhE,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;YAC1B,MAAM,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC,EAAE,GAAG,iBAAiB,EAAE,GAAG,OAAO,CAAC,iBAAiB,CAAA;YACtF,MAAM,YAAY,GAAG,EAAE,GAAG,OAAO,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,CAAA;YAEzE,OAAO,MAAM,6BAA6B,CACxC,IAAI,EACJ,KAAK,EACL,OAAO,EACP,UAAU,CAAC,UAAU,EACrB,UAAU,CAAC,UAAU,EACrB,IAAI,EACJ,WAAW,EACX,EAAE,EACF,YAAY,CACb,CAAA;QACH,CAAC;QACD,MAAM,IAAI,eAAe,CAAC,yBAAyB,CAAC,CAAA;IACtD,CAAC;IAED,MAAM,aAAa,GAAG,MAAM,YAAY,CACtC,qBAAqB,CAAC,IAAI,EAAE,WAAW,CAAC,EACxC,UAAU,CAAC,UAAU,EACrB,MAAM,EACN,EAAE,CAAC,GAAG,CACP,CAAA;IAED,OAAO,mBAAmB,CAAC,IAAI,EAAE,KAAK,EAAE,aAAa,EAAE,UAAU,CAAC,UAAU,EAAE,IAAI,EAAE,WAAW,EAAE,EAAE,CAAC,CAAA;AACtG,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,IAAgB,EAChB,KAAa,EACb,WAA4B,EAC5B,EAAmB;IAEnB,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAA;IACxB,IAAI,IAAI,KAAK,SAAS;QAAE,MAAM,IAAI,aAAa,CAAC,gCAAgC,CAAC,CAAA;IAEjF,MAAM,aAAa,GAAG,qBAAqB,CAAC,IAAI,EAAE,WAAW,CAAC,CAAA;IAC9D,MAAM,UAAU,GAAG,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAe,CAAA;IAEtD,OAAO,mBAAmB,CAAC,IAAI,EAAE,KAAK,EAAE,aAAa,EAAE,UAAU,EAAE,IAAI,EAAE,WAAW,EAAE,EAAE,CAAC,CAAA;AAC3F,CAAC;AAED,KAAK,UAAU,mBAAmB,CAChC,IAAoB,EACpB,KAAa,EACb,aAA+B,EAC/B,UAAsB,EACtB,IAAgB,EAChB,WAA4B,EAC5B,EAAmB;IAEnB,MAAM,UAAU,GAAG,MAAM,gBAAgB,CACvC,aAAa,CAAC,MAAM,EACpB,QAAQ,EACR,aAAa,CAAC,UAAU,EACxB,EAAE,CAAC,GAAG,CAAC,IAAI,EACX,EAAE,CAAC,GAAG,CACP,CAAA;IAED,MAAM,YAAY,GAAG,EAAE,GAAG,aAAa,EAAE,MAAM,EAAE,UAAU,EAAE,UAAU,EAAE,aAAa,CAAC,UAAU,GAAG,CAAC,EAAE,CAAA;IAEvG,OAAO,MAAM,6BAA6B,CACxC,IAAI,EACJ,KAAK,EACL,aAAa,CAAC,MAAM,EACpB,aAAa,CAAC,UAAU,EACxB,UAAU,EACV,IAAI,EACJ,WAAW,EACX,EAAE,EACF,YAAY,CACb,CAAA;AACH,CAAC;AAED,KAAK,UAAU,6BAA6B,CAC1C,IAAoB,EACpB,KAAa,EACb,MAAkB,EAClB,UAAkB,EAClB,UAAsB,EACtB,IAAgB,EAChB,WAA4B,EAC5B,EAAmB,EACnB,YAA8B;IAE9B,MAAM,EAAE,KAAK,EAAE,GAAG,EAAE,GAAG,MAAM,iBAAiB,CAAC,MAAM,EAAE,UAAU,EAAE,UAAU,EAAE,EAAE,CAAC,CAAA;IAElF,MAAM,OAAO,GACX,WAAW,KAAK,aAAa,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,EAAE,WAAW,EAAE,YAAY,EAAE,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,EAAE,SAAS,EAAE,YAAY,EAAE,CAAA;IAE/G,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,EAAE,CAAA;IAC5B,OAAO,CAAC,KAAK,CAAC,GAAG,OAAO,CAAA;IAExB,OAAO;QACL,UAAU,EAAE,UAAU;QACtB,UAAU;QACV,KAAK;QACL,GAAG;QACH,OAAO;KACR,CAAA;AACH,CAAC;AAED,KAAK,UAAU,iBAAiB,CAAC,MAAkB,EAAE,UAAkB,EAAE,UAAsB,EAAE,EAAmB;IAClH,MAAM,GAAG,GAAG,MAAM,SAAS,CAAC,MAAM,EAAE,UAAU,EAAE,EAAE,CAAC,CAAA;IACnD,MAAM,KAAK,GAAG,MAAM,yBAAyB,CAAC,MAAM,EAAE,UAAU,EAAE,UAAU,EAAE,EAAE,CAAC,CAAA;IACjF,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,CAAA;AACvB,CAAC;AAED,SAAS,qBAAqB,CAAC,IAAoB,EAAE,WAA4B;IAC/E,QAAQ,WAAW,EAAE,CAAC;QACpB,KAAK,aAAa;YAChB,OAAO,IAAI,CAAC,WAAW,CAAA;QACzB,KAAK,UAAU;YACb,OAAO,IAAI,CAAC,SAAS,CAAA;QACvB,KAAK,QAAQ;YACX,OAAO,IAAI,CAAC,SAAS,CAAA;IACzB,CAAC;AACH,CAAC;AAED,KAAK,UAAU,iBAAiB,CAAC,IAAgB,EAAE,KAAa,EAAE,GAAQ;IACxE,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,IAAI,EAAE,KAAK,EAAE,IAAI,UAAU,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,CAAA;IAClF,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC,EAAE,iBAAiB,EAAE,EAAE,EAAE,CAAA;AACjE,CAAC"}
|