@tidecloak/js
Version:
TideCloak client side JS SDK
172 lines • 8.29 kB
JavaScript
;
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.Get_Auth_By_JWT = Get_Auth_By_JWT;
exports.Encrypt = Encrypt;
exports.Decrypt = Decrypt;
const index_js_1 = require("../index.js");
const Math_js_1 = require("../Cryptide/Math.js");
const Serialization_js_1 = require("../Cryptide/Serialization.js");
const dKeyGenerationFlow_js_1 = __importDefault(require("../Flow/dKeyGenerationFlow.js"));
const NetworkClient_js_1 = __importDefault(require("../Clients/NetworkClient.js"));
const AuthRequest_js_1 = __importDefault(require("../Models/AuthRequest.js"));
const Utils_js_1 = require("../Tools/Utils.js");
const BaseTideRequest_js_1 = __importDefault(require("../Models/BaseTideRequest.js"));
const dVVKSigningFlow_js_1 = __importDefault(require("../Flow/SigningFlows/dVVKSigningFlow.js"));
const Ed25519Components_js_1 = require("../Cryptide/Components/Schemes/Ed25519/Ed25519Components.js");
const TideMemoryObjects_js_1 = require("../Cryptide/TideMemoryObjects.js");
const AuthorizedEncryptionFlow_js_1 = require("../Flow/EncryptionFlows/AuthorizedEncryptionFlow.js");
const Ed25519_js_1 = require("../Cryptide/Ed25519.js");
async function Get_Auth_By_JWT() {
const simClient = new NetworkClient_js_1.default();
const availableOrks = (await simClient.FindReservers("bl2ah"));
const orks = (await index_js_1.SimulatorFlow.FilterInactiveOrks(availableOrks)).slice(0, Utils_js_1.Max);
const v = window.localStorage.getItem("t");
const vals = JSON.parse(v);
const vvkId = vals.id;
const gVVK = Ed25519_js_1.Point.fromBase64(vals.pub);
const vrk = BigInt(vals.vrk);
const vrk_sig = (0, Serialization_js_1.base64ToBytes)(vals.vrk_sig);
const authorizer = (0, Serialization_js_1.Hex2Bytes)(vals.authorizer);
// Generate signed usercontext
const userContext = (0, Serialization_js_1.StringToUint8Array)(JSON.stringify({
"realm_access": {
"roles": [
"_tide_dob.selfdecrypt",
"_tide_dob.selfencrypt",
"_tide_name.selfdecrypt",
"_tide_name.selfencrypt",
"_tide_other.selfencrypt"
]
}
}));
const userContextDraft = Serialization.CreateTideMemory(new Uint8Array([0]), 4 + 1 + 4 + userContext.length);
Serialization.WriteValue(userContextDraft, 1, userContext);
const userContextRequest = new BaseTideRequest_js_1.default("UserContext", "1", "VRK:1", userContextDraft);
userContextRequest.addAuthorizer(authorizer);
userContextRequest.addAuthorizerCertificate(vrk_sig);
userContextRequest.addAuthorization((0, Serialization_js_1.base64ToBytes)(await EdDSA.sign(await userContextRequest.dataToAuthorize(), vrk)));
userContextRequest.addRules(new Uint8Array());
userContextRequest.addRulesCert(new Uint8Array());
const sessKey = (0, Math_js_1.GenSessKey)();
const gSessKey = (0, Math_js_1.GetPublic)(sessKey);
const userContextSignFlow = new dVVKSigningFlow_js_1.default(vvkId, gVVK, orks, sessKey, gSessKey, "http://localhost:3000/voucher/new");
const userContextSig = (await userContextSignFlow.start(userContextRequest))[0];
// Generate signed jwt
let requestsedJwt = "eyJhbGciOiJFZERTQSIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJVbnNrdGp5dlNabnhlbTBpaEYwNTQ2NjlEdHdFMjV0dkJ2Y1lSZVBVNUo0In0." + (0, Serialization_js_1.base64ToBase64Url)((0, Serialization_js_1.bytesToBase64)((0, Serialization_js_1.StringToUint8Array)(JSON.stringify({
"realm_access": {
"roles": [
"_tide_dob.selfdecrypt",
"_tide_dob.selfencrypt",
"_tide_name.selfdecrypt",
"_tide_name.selfencrypt",
"_tide_other.selfencrypt"
]
},
// below is so the orks don't reject the jwt
"exp": (0, Utils_js_1.CurrentTime)() + 10000,
"sid": "testtttt",
"iat": (0, Utils_js_1.CurrentTime)()
}))));
const requestsedJwt_b = (0, Serialization_js_1.StringToUint8Array)(requestsedJwt);
const jwtRequestDraft = Serialization.CreateTideMemory(userContext, 4 + userContext.length + 4 + userContextSig.length + 4 + requestsedJwt_b.length);
Serialization.WriteValue(jwtRequestDraft, 1, userContextSig);
Serialization.WriteValue(jwtRequestDraft, 2, requestsedJwt_b);
const jwtRequest = new BaseTideRequest_js_1.default("AccessToken", "1", "VRK:1", jwtRequestDraft, Serialization.CreateTideMemory(new Uint8Array(), 4)); // set dynamic data to 0 indicating no previous token auth
jwtRequest.addAuthorizer(authorizer);
jwtRequest.addAuthorizerCertificate(vrk_sig);
jwtRequest.addAuthorization((0, Serialization_js_1.base64ToBytes)(await EdDSA.sign(await jwtRequest.dataToAuthorize(), vrk)));
const jwtSigningFlow = new dVVKSigningFlow_js_1.default(vvkId, gVVK, orks, sessKey, gSessKey, "http://localhost:3000/voucher/new");
requestsedJwt = requestsedJwt + "." + (0, Serialization_js_1.base64ToBase64Url)((0, Serialization_js_1.bytesToBase64)((await jwtSigningFlow.start(jwtRequest))[0]));
// store here for encrypt/decrypt
window.localStorage.setItem("e", JSON.stringify({
id: vvkId,
token: requestsedJwt
}));
console.log('SUCCESS. Feel free to test encryption and decryption');
}
async function Encrypt() {
const e = JSON.parse(window.localStorage.getItem("e"));
const vvkId = e.id;
const token = e.token;
// Test encryption
console.time('Execution Time');
const encryptionFlow = new AuthorizedEncryptionFlow_js_1.AuthorizedEncryptionFlow({
vendorId: vvkId,
token: token,
voucherURL: "http://localhost:3000/voucher/new"
});
const encrypted = await encryptionFlow.encrypt([
{
"data": (0, Serialization_js_1.StringToUint8Array)("0"),
"tags": ["dob", "other"]
},
{
"data": (0, Serialization_js_1.StringToUint8Array)("00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"),
"tags": ["dob"]
},
{
"data": (0, Serialization_js_1.StringToUint8Array)("0"),
"tags": ["dob", "name"]
},
{
"data": (0, Serialization_js_1.StringToUint8Array)("0"),
"tags": ["name"]
}
]);
console.timeEnd('Execution Time');
console.log(encrypted);
console.log("Encrypt TEST SUCCESSFUL");
}
async function Decrypt() {
const e = JSON.parse(window.localStorage.getItem("e"));
const vvkId = e.id;
const token = e.token;
// encrypt first
const encryptionFlow = new AuthorizedEncryptionFlow_js_1.AuthorizedEncryptionFlow({
vendorId: vvkId,
token: token,
voucherURL: "http://localhost:3000/voucher/new"
});
const encrypted = await encryptionFlow.encrypt([
{
"data": (0, Serialization_js_1.StringToUint8Array)("a"),
"tags": ["dob"]
},
{
"data": (0, Serialization_js_1.StringToUint8Array)("00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"),
"tags": ["dob"]
},
{
"data": (0, Serialization_js_1.StringToUint8Array)("ab"),
"tags": ["dob", "name"]
},
{
"data": (0, Serialization_js_1.StringToUint8Array)("abc"),
"tags": ["name"]
}
]);
// now decrypt
console.time('Execution Time');
const decrpytionFlow = new AuthorizedEncryptionFlow_js_1.AuthorizedEncryptionFlow({
vendorId: vvkId,
token: token,
voucherURL: "http://localhost:3000/voucher/new"
});
const decrypted = await decrpytionFlow.decrypt([
{
"encrypted": encrypted[1],
"tags": ["dob"]
},
{
"encrypted": encrypted[3],
"tags": ["name"]
}
]);
console.timeEnd('Execution Time');
console.log(decrypted.map(d => (0, Serialization_js_1.StringFromUint8Array)(d)));
console.log("Decryption SUCCESSFUL");
}
//# sourceMappingURL=Encryption.js.map