UNPKG

@sebastianp265/safe-server-side-storage-client

Version:

Library for Confidential Server-Side Message Storage Using the Labyrinth Protocol

35 lines (34 loc) 2.09 kB
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.openFirstEpoch = openFirstEpoch; const VirtualDeviceEncryptedRecoverySecrets_1 = require("../device/virtual-device/VirtualDeviceEncryptedRecoverySecrets"); const utils_1 = require("../crypto/utils"); const authenticate_device_to_epoch_1 = require("./authenticate-device-to-epoch"); const BytesSerializer_1 = require("../BytesSerializer"); async function openFirstEpoch(devicePublicKeyBundle, virtualDeviceDecryptionKey, virtualDevice, serverClient) { const firstEpochWithoutId = { sequenceId: "0", rootKey: (0, utils_1.random)(32), }; const epochVirtualDeviceMac = (0, authenticate_device_to_epoch_1.generateEpochDeviceMac)(firstEpochWithoutId, virtualDevice.keyBundle.pub.deviceKeyPub); const epochThisDeviceMac = (0, authenticate_device_to_epoch_1.generateEpochDeviceMac)(firstEpochWithoutId, devicePublicKeyBundle.deviceKeyPub); const virtualDeviceEncryptedRecoverySecrets = (0, VirtualDeviceEncryptedRecoverySecrets_1.encryptVirtualDeviceRecoverySecrets)(virtualDeviceDecryptionKey, firstEpochWithoutId, virtualDevice.keyBundle.priv); const openFirstEpochResponse = await serverClient.openFirstEpoch({ virtualDeviceId: BytesSerializer_1.bytesSerializerProvider.bytesSerializer.serialize(virtualDevice.id), firstEpochMembershipProof: { epochDeviceMac: BytesSerializer_1.bytesSerializerProvider.bytesSerializer.serialize(epochThisDeviceMac), epochVirtualDeviceMac: BytesSerializer_1.bytesSerializerProvider.bytesSerializer.serialize(epochVirtualDeviceMac), }, devicePublicKeyBundle: devicePublicKeyBundle.serialize(), virtualDevicePublicKeyBundle: virtualDevice.keyBundle.pub.serialize(), virtualDeviceEncryptedRecoverySecrets: virtualDeviceEncryptedRecoverySecrets.serialize(), }); const firstEpoch = { id: openFirstEpochResponse.epochId, ...firstEpochWithoutId, }; return { deviceId: openFirstEpochResponse.deviceId, firstEpoch, }; }