@nucypher/taco
Version:
### [`nucypher/taco-web`](../../README.md)
101 lines • 5.33 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.decrypt = exports.encryptWithPublicKey = exports.encrypt = void 0;
const nucypher_core_1 = require("@nucypher/nucypher-core");
const shared_1 = require("@nucypher/shared");
const utils_1 = require("ethers/lib/utils");
const condition_expr_1 = require("./conditions/condition-expr");
const dkg_1 = require("./dkg");
const tdec_1 = require("./tdec");
/**
* Encrypts a message under given conditions using a public key from an active DKG ritual.
*
* @export
* @param {ethers.providers.Provider} provider - Instance of ethers provider which is used to interact with
* your selected network.
* @param {Domain} domain - Represents the logical network in which the encryption will be performed.
* Must match the `ritualId`.
* @param {Uint8Array | string} message - The message to be encrypted.
* @param {Condition} condition - Condition under which the message will be encrypted. Those conditions must be
* satisfied in order to decrypt the message.
* @param {number} ritualId - The ID of the DKG Ritual to be used for encryption. The message will be encrypted
* under the public key of this ritual.
* @param {ethers.Signer} authSigner - The signer that will be used to sign the encrypter authorization.
*
* @returns {Promise<ThresholdMessageKit>} Returns Promise that resolves with an instance of ThresholdMessageKit.
* It represents the encrypted message.
*
* @throws {Error} If the active DKG Ritual cannot be retrieved an error is thrown.
*/
const encrypt = async (provider, domain, message, condition, ritualId, authSigner) => {
// TODO(#264): Enable ritual initialization
// if (ritualId === undefined) {
// ritualId = await DkgClient.initializeRitual(
// provider,
// this.cohort.ursulaAddresses,
// true
// );
// }
// if (ritualId === undefined) {
// // Given that we just initialized the ritual, this should never happen
// throw new Error('Ritual ID is undefined');
// }
const dkgRitual = await dkg_1.DkgClient.getActiveRitual(provider, domain, ritualId);
return await (0, exports.encryptWithPublicKey)(message, condition, dkgRitual.dkgPublicKey, authSigner);
};
exports.encrypt = encrypt;
/**
* Encrypts a message with the given DKG public key under a specified condition.
*
* @export
* @param {Uint8Array | string} message - The message to be encrypted.
* @param {Condition} condition - Condition under which the message will be encrypted. Those conditions must be
* satisfied in order to decrypt the message.
* @param {DkgPublicKey} dkgPublicKey - The public key of an active DKG Ritual to be used for encryption
* @param {ethers.Signer} authSigner - The signer that will be used to sign the encrypter authorization.
*
* @returns {Promise<ThresholdMessageKit>} Returns Promise that resolves with an instance of ThresholdMessageKit.
* It represents the encrypted message.
*
* @throws {Error} If the encryption process throws an error, an error is thrown.
*/
const encryptWithPublicKey = async (message, condition, dkgPublicKey, authSigner) => {
if (typeof message === 'string') {
message = (0, shared_1.toBytes)(message);
}
const conditionExpr = new condition_expr_1.ConditionExpression(condition);
const [ciphertext, authenticatedData] = (0, nucypher_core_1.encryptForDkg)(message, dkgPublicKey, conditionExpr.toCoreCondition());
const headerHash = (0, utils_1.keccak256)(ciphertext.header.toBytes());
const authorization = await authSigner.signMessage((0, shared_1.fromHexString)(headerHash));
const acp = new nucypher_core_1.AccessControlPolicy(authenticatedData, (0, shared_1.fromHexString)(authorization));
return new nucypher_core_1.ThresholdMessageKit(ciphertext, acp);
};
exports.encryptWithPublicKey = encryptWithPublicKey;
/**
* Decrypts an encrypted message.
*
* @export
* @param {ethers.providers.Provider} provider - Instance of ethers provider which is used to interact with
* your selected network.
* @param {Domain} domain - Represents the logical network in which the decryption will be performed.
* Must match the `ritualId`.
* @param {ThresholdMessageKit} messageKit - The kit containing the message to be decrypted
* @param {ConditionContext} context - Optional context data used for decryption time values for the condition(s) within the `messageKit`.
* @param {string[]} [porterUris] - Optional URI(s) for the Porter service. If not provided, a value will be obtained
* from the Domain
*
* @returns {Promise<Uint8Array>} Returns Promise that resolves with a decrypted message
*
* @throws {Error} If the active DKG Ritual cannot be retrieved or decryption process throws an error,
* an error is thrown.
*/
const decrypt = async (provider, domain, messageKit, context, porterUris) => {
const porterUrisFull = porterUris
? porterUris
: await (0, shared_1.getPorterUris)(domain);
const porter = new shared_1.PorterClient(porterUrisFull);
const ritualId = await shared_1.DkgCoordinatorAgent.getRitualIdFromPublicKey(provider, domain, messageKit.acp.publicKey);
return (0, tdec_1.retrieveAndDecrypt)(provider, domain, porter, messageKit, ritualId, context);
};
exports.decrypt = decrypt;
//# sourceMappingURL=taco.js.map