This repository has been archived by the owner on Oct 18, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 17
/
Copy pathcontext.ts
115 lines (97 loc) · 3.4 KB
/
context.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
// src/crypto/blindPoints.ts
import { randomBytes } from '@noble/hashes/utils'
import { invert } from '@noble/curves/abstract/modular'
import { hmac } from '@noble/hashes/hmac'
import { bytesToNumberBE, equalBytes } from '@noble/curves/abstract/utils'
import { Base64Utils, createB64Utils } from './b64'
import { BlindToken, H2Config, Point, PrngFn } from './types'
import { randomScalar } from './randomScalar'
export class CryptoContext {
constructor(public config: H2Config) {
Object.assign(this, createB64Utils(this.config.curve))
}
blindPoint(p: Point): { point: Point; blind: bigint } {
const { scalar: r } = randomScalar(this.config.curve, randomBytes)
const point = p.multiply(r)
return { point, blind: r }
}
unblindPoint(p: Point, blind: bigint): Point {
const rInv = invert(blind, this.config.curve.CURVE.n)
return p.multiply(rInv)
}
signPoint(p: Point, secret: bigint): Point {
return p.multiply(secret)
}
createBlind(): BlindToken {
const { seed, point } = this.randomPoint()
return {
seed,
...this.blindPoint(point)
}
}
randomPoint() {
const seed = randomBytes(this.config.curve.CURVE.nByteLength)
const point = this.config.hash2Curve(seed)
return { seed, point }
}
randomScalar(rand: PrngFn = randomBytes) {
return randomScalar(this.config.curve, rand).scalar
}
randomScalarWithBuf(rand: PrngFn = randomBytes) {
return randomScalar(this.config.curve, rand)
}
decodePoint(data: string | Uint8Array) {
return this.config.curve.ProjectivePoint.fromHex(data)
}
HMAC(key: Point, message: Buffer) {
const keyBuffer = key.toRawBytes(false)
return hmac(this.config.hash, keyBuffer, message)
}
makeHMAC(key: string | Uint8Array): {
// TODO: for some reason typescript complains when try to export
// hmac.create
// Error: packages/niq-privacypass-noble/src/crypto/context.ts(62,3): error TS4094: Property 'destroyed' of exported class expression may not be private or protected.
// Error: packages/niq-privacypass-noble/src/crypto/context.ts(62,3): error TS4094: Property 'finished' of exported class expression may not be private or protected.
update: (bytes: string | Uint8Array) => void
digest: () => Uint8Array
} {
return hmac.create(this.config.hash, key)
}
hashUncompressedPoints(...pts: Point[]) {
const h = this.config.hash.create()
pts.forEach(pt => h.update(pt.toRawBytes(false)))
return h.digest()
}
hashPointsBigInt(...pts: Point[]) {
return bytesToNumberBE(this.hashUncompressedPoints(...pts))
}
deriveKey(N: Point, token: Uint8Array): Uint8Array {
const h = this.makeHMAC('hash_derive_key')
h.update(token)
h.update(N.toRawBytes(false))
return h.digest()
}
createRequestBinding(key: Uint8Array, data: Uint8Array[]): Uint8Array {
const h = this.makeHMAC(key)
h.update('hash_request_binding')
for (const item of data) {
h.update(item as Uint8Array)
}
return h.digest()
}
checkRequestBinding(
key: Uint8Array,
supplied: Uint8Array,
observed: Uint8Array[]
): boolean {
const h = this.makeHMAC(key)
h.update('hash_request_binding')
for (const item of observed) {
h.update(item)
}
const expected = h.digest()
return equalBytes(supplied, expected)
}
}
// eslint-disable-next-line @typescript-eslint/no-empty-interface
export interface CryptoContext extends Base64Utils {}