@tidecloak/js/dist/cjs/modules/tide-js/Flow/AuthenticationFlows/dCMKPasswordlessFlow.js

TideCloak client side JS SDK

"use strict";
// 
// Tide Protocol - Infrastructure for a TRUE Zero-Trust paradigm
// Copyright (C) 2022 Tide Foundation Ltd
// 
// This program is free software and is subject to the terms of 
// the Tide Community Open Code License as published by the 
// Tide Foundation Limited. You may modify it and redistribute 
// it in accordance with and subject to the terms of that License.
// This program is distributed WITHOUT WARRANTY of any kind, 
// including without any implied warranty of MERCHANTABILITY or 
// FITNESS FOR A PARTICULAR PURPOSE.
// See the Tide Community Open Code License for more details.
// You should have received a copy of the Tide Community Open 
// Code License along with this program.
// If not, see https://tide.org/licenses_tcoc2-0-0-en
//
var __importDefault = (this && this.__importDefault) || function (mod) {
    return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
const NodeClient_js_1 = __importDefault(require("../../Clients/NodeClient.js"));
const index_js_1 = require("../../Cryptide/index.js");
const KeyAuthentication_js_1 = require("../../Math/KeyAuthentication.js");
const Utils_js_1 = require("../../Tools/Utils.js");
const EnclaveEntry_js_1 = __importDefault(require("../../Models/EnclaveEntry.js"));
const Serialization_js_1 = require("../../Cryptide/Serialization.js");
const Math_js_1 = require("../../Cryptide/Math.js");
const VoucherFlow_js_1 = __importDefault(require("../VoucherFlows/VoucherFlow.js"));
const Ed25519_js_1 = require("../../Cryptide/Ed25519.js");
const TideKey_js_1 = __importDefault(require("../../Cryptide/TideKey.js"));
class dCMKPasswordlessFlow {
    /**
     * @param {string} sessID
     * @param {EnclaveEntry} flowInitData
     * @param {string} voucherURL
     */
    constructor(sessID, flowInitData, voucherURL) {
        this.sessID = sessID;
        if (flowInitData.expired < BigInt((0, Utils_js_1.CurrentTime)()))
            throw Error("Please log in again.");
        this.uid = flowInitData.userInfo.UserId;
        this.selfRequesti = flowInitData.selfRequesti;
        this.bitwise = flowInitData.orksBitwise;
        this.orks = (0, Utils_js_1.sortORKs)(flowInitData.userInfo.OrkInfo).filter((_, i) => this.bitwise[i] == 1);
        this.userPublic = flowInitData.userInfo.UserPublic;
        this.sessKey = TideKey_js_1.default.FromSerializedComponent(flowInitData.sessKey);
        this.voucherURL = voucherURL;
        this.cState = undefined;
        this.aState = undefined;
    }
    async ConvertRemembered() {
        const clients = this.orks.map(ork => new NodeClient_js_1.default(ork.orkURL)); // create node clients
        const voucherFlow = new VoucherFlow_js_1.default(this.orks.map(o => o.orkPaymentPublic), this.voucherURL, "signin");
        const { vouchers, k } = await voucherFlow.GetVouchers();
        const pre_ConvertAuthnResponses = clients.map((client, i) => client.ConvertRemembered(i, this.uid, this.selfRequesti[i], vouchers.toORK(i)));
        // To save time
        const prkECDHi = await index_js_1.DH.generateECDHi(this.orks.map(o => o.orkPublic), this.sessKey.get_private_component().rawBytes);
        const { fulfilledResponses, bitwise } = await (0, Utils_js_1.WaitForNumberofORKs)(this.orks, pre_ConvertAuthnResponses, "CMK", Utils_js_1.Threshold, this.bitwise, prkECDHi);
        this.cState = {
            bitwise,
            ...await (0, KeyAuthentication_js_1.ConvertRememberedReply)(fulfilledResponses, this.orks.map(o => BigInt(o.orkID)), this.userPublic, this.sessID, prkECDHi, Ed25519_js_1.Point.fromBytes((0, Serialization_js_1.Hex2Bytes)(vouchers.qPub).slice(-32)), // to translate between tide component and native object
            (0, Serialization_js_1.BigIntFromByteArray)((0, Serialization_js_1.base64ToBytes)(vouchers.UDeObf).slice(-32)), // to translate between tide component and native object
            k.get_private_component().priv, this.sessKey.get_public_component())
        };
        return {
            VUID: this.cState.VUID
        };
    }
    /**
     * @param {Point} gVRK If a null value is provided, no encryption is applied.
     */
    async AuthenticateRemembered(gVRK) {
        if (this.cState == undefined)
            throw Error("Convert State is undefined");
        const cmkClients = this.orks.map(ork => new NodeClient_js_1.default(ork.orkURL));
        const pre_encSig = cmkClients.map((client, i) => client.AuthenticateRemembered(this.uid, this.cState.blurHCMKMul, (0, Serialization_js_1.serializeBitArray)(this.cState.bitwise)));
        const encSig = await Promise.all(pre_encSig);
        return await (0, KeyAuthentication_js_1.AuthenticateBasicReply)(this.cState.VUID, this.cState.prkECDHi, encSig, this.cState.gCMKAuth, this.cState.authToken, this.cState.r4, this.cState.gRMul, gVRK);
    }
}
exports.default = dCMKPasswordlessFlow;
//# sourceMappingURL=dCMKPasswordlessFlow.js.map