UNPKG

ts-mls

Version:

[![CI](https://github.com/LukaJCB/ts-mls/actions/workflows/ci.yml/badge.svg)](https://github.com/LukaJCB/ts-mls/actions/workflows/ci.yml) [![npm version](https://badge.fury.io/js/ts-mls.svg)](https://badge.fury.io/js/ts-mls) [![Coverage Status](https://co

github.com/LukaJCB/ts-mls

LukaJCB/ts-mls

72 lines 3.32 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
import { mapDecoders } from "./codec/tlsDecoder.js"; import { contramapEncoders } from "./codec/tlsEncoder.js"; import { decodeVarLenData, decodeVarLenType, encodeVarLenData, encodeVarLenType } from "./codec/variableLength.js"; import { decodeCiphersuite, encodeCiphersuite } from "./crypto/ciphersuite.js"; import { refhash } from "./crypto/hash.js"; import { signWithLabel, verifyWithLabel } from "./crypto/signature.js"; import { decodeExtension, encodeExtension } from "./extension.js"; import { decodeProtocolVersion, encodeProtocolVersion } from "./protocolVersion.js"; import { decodeLeafNodeKeyPackage, encodeLeafNode, signLeafNodeKeyPackage, } from "./leafNode.js"; export const encodeKeyPackageTBS = contramapEncoders([encodeProtocolVersion, encodeCiphersuite, encodeVarLenData, encodeLeafNode, encodeVarLenType(encodeExtension)], (keyPackageTBS) => [ keyPackageTBS.version, keyPackageTBS.cipherSuite, keyPackageTBS.initKey, keyPackageTBS.leafNode, keyPackageTBS.extensions, ]); export const decodeKeyPackageTBS = mapDecoders([ decodeProtocolVersion, decodeCiphersuite, decodeVarLenData, decodeLeafNodeKeyPackage, decodeVarLenType(decodeExtension), ], (version, cipherSuite, initKey, leafNode, extensions) => ({ version, cipherSuite, initKey, leafNode, extensions, })); export const encodeKeyPackage = contramapEncoders([encodeKeyPackageTBS, encodeVarLenData], (keyPackage) => [keyPackage, keyPackage.signature]); export const decodeKeyPackage = mapDecoders([decodeKeyPackageTBS, decodeVarLenData], (keyPackageTBS, signature) => ({ ...keyPackageTBS, signature, })); export async function signKeyPackage(tbs, signKey, s) { return { ...tbs, signature: await signWithLabel(signKey, "KeyPackageTBS", encodeKeyPackageTBS(tbs), s) }; } export async function verifyKeyPackage(kp, s) { return verifyWithLabel(kp.leafNode.signaturePublicKey, "KeyPackageTBS", encodeKeyPackageTBS(kp), kp.signature, s); } export function makeKeyPackageRef(value, h) { return refhash("MLS 1.0 KeyPackage Reference", encodeKeyPackage(value), h); } export async function generateKeyPackage(credential, capabilities, lifetime, extensions, cs) { const sigKeys = await cs.signature.keygen(); const initKeys = await cs.hpke.generateKeyPair(); const hpkeKeys = await cs.hpke.generateKeyPair(); const privatePackage = { initPrivateKey: await cs.hpke.exportPrivateKey(initKeys.privateKey), hpkePrivateKey: await cs.hpke.exportPrivateKey(hpkeKeys.privateKey), signaturePrivateKey: sigKeys.signKey, }; const leafNodeTbs = { leafNodeSource: "key_package", hpkePublicKey: await cs.hpke.exportPublicKey(hpkeKeys.publicKey), signaturePublicKey: sigKeys.publicKey, info: { leafNodeSource: "key_package" }, extensions, credential, capabilities, lifetime, }; const tbs = { version: "mls10", cipherSuite: cs.name, initKey: await cs.hpke.exportPublicKey(initKeys.publicKey), leafNode: await signLeafNodeKeyPackage(leafNodeTbs, sigKeys.signKey, cs.signature), extensions, }; return { publicPackage: await signKeyPackage(tbs, sigKeys.signKey, cs.signature), privatePackage }; } //# sourceMappingURL=keyPackage.js.map