UNPKG

proteus-hd

Version:

Signal Protocol (with header encryption) implementation for JavaScript. Based on Proteus.js.

github.com/ceoimon/proteus-hd

ceoimon/proteus-hd

110 lines (92 loc) 3.57 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
/* * Wire * Copyright (C) 2016 Wire Swiss GmbH * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see http://www.gnu.org/licenses/. * */ 'use strict'; const ClassUtil = require('../util/ClassUtil'); const DontCallConstructor = require('../errors/DontCallConstructor'); const KeyDerivationUtil = require('../util/KeyDerivationUtil'); const MemoryUtil = require('../util/MemoryUtil'); const CipherKey = require('./CipherKey'); const MacKey = require('./MacKey'); const HeadKey = require('./HeadKey'); /** @module derived */ /** * @class DerivedSecrets * @throws {DontCallConstructor} */ class DerivedSecrets { constructor() { throw new DontCallConstructor(this); } /** * @param {!Array<number>} input * @param {!Uint8Array} salt * @param {!string} info * @returns {DerivedSecrets} - `this` */ static kdf_init(input, salt, info) { const byte_length = 128; const output_key_material = KeyDerivationUtil.hkdf(salt, input, info, byte_length); const cipher_key = new Uint8Array(output_key_material.buffer.slice(0, 32)); const mac_key = new Uint8Array(output_key_material.buffer.slice(32, 64)); const head_key = new Uint8Array(output_key_material.buffer.slice(64, 96)); const next_head_key = new Uint8Array(output_key_material.buffer.slice(96, 128)); MemoryUtil.zeroize(output_key_material.buffer); const ds = ClassUtil.new_instance(DerivedSecrets); /** @type {derived.CipherKey} */ ds.cipher_key = CipherKey.new(cipher_key); /** @type {derived.MacKey} */ ds.mac_key = MacKey.new(mac_key); /** @type {derived.HeadKey} */ ds.head_key_alice = HeadKey.new(head_key); /** @type {derived.HeadKey} */ ds.next_head_key_bob = HeadKey.new(next_head_key); return ds; } /** * @param {!Array<number>} input * @param {!Uint8Array} salt * @param {!string} info * @returns {DerivedSecrets} - `this` */ static kdf(input, salt, info) { const byte_length = 96; const output_key_material = KeyDerivationUtil.hkdf(salt, input, info, byte_length); const cipher_key = new Uint8Array(output_key_material.buffer.slice(0, 32)); const mac_key = new Uint8Array(output_key_material.buffer.slice(32, 64)); const next_head_key = new Uint8Array(output_key_material.buffer.slice(64, 96)); MemoryUtil.zeroize(output_key_material.buffer); const ds = ClassUtil.new_instance(DerivedSecrets); /** @type {derived.CipherKey} */ ds.cipher_key = CipherKey.new(cipher_key); /** @type {derived.MacKey} */ ds.mac_key = MacKey.new(mac_key); /** @type {derived.HeadKey} */ ds.next_head_key = HeadKey.new(next_head_key); return ds; } /** * @param {!Array<number>} input - Initial key material (usually the Master Key) in byte array format * @param {!string} info - Key Derivation Data * @returns {DerivedSecrets} */ static kdf_without_salt(input, info) { return this.kdf_init(input, new Uint8Array(0), info); } } module.exports = DerivedSecrets;