Add JSON marshal/unmarshal

Author: bifurcation

index.html

@@ -37,7 +37,7 @@
   members = [];
   renderers = [];
 
-  let leaf = crypto.getRandomValues(new Uint8Array(32));
+  let leaf = base64.random(32);
   let creator = await StateType.oneMemberGroup(leaf);
   addMember(creator);
 }
@@ -87,7 +87,7 @@
 
 async function userAdd() {
   let last = members[members.length - 1];
-  let leaf = crypto.getRandomValues(new Uint8Array(32));
+  let leaf = base64.random(32);
   let gik = last.groupInitKey
   let ua = await StateType.join(leaf, gik);
 
@@ -103,7 +103,7 @@
 async function groupAdd() {
   let last = members[members.length - 1];
 
-  let initLeaf = crypto.getRandomValues(new Uint8Array(4));
+  let initLeaf = base64.random(32);
   let initKP = await iota(initLeaf);
   let ga = await last.add(initKP.publicKey);
 
@@ -117,7 +117,7 @@
 }
 
 async function update(k) {
-  let leaf = crypto.getRandomValues(new Uint8Array(32));
+  let leaf = base64.random(32);
   let update = await members[k].update(leaf);
 
   for (m2 of members) {

src/art-state.js

@@ -20,6 +20,12 @@ class ARTState {
     return this.art.nodes;
   }
 
+  static fromJSON(obj) {
+    let out = new ARTState();
+    out.art = ART.fromJSON(obj.art);
+    return out;
+  }
+
   static async oneMemberGroup(leaf) {
     let state = new ARTState();
     state.art = await ART.oneMemberGroup(leaf);

src/art.js

@@ -13,9 +13,18 @@ class ART {
    */
   constructor() {
     this.size = 0;
+    this.index = 0;
     this.nodes = [];
   }
 
+  static fromJSON(obj) {
+    let out = new ART();
+    out.size = obj.size;
+    out.index = obj.index;
+    out.nodes = obj.nodes;
+    return out;
+  }
+
   /*
    * Construct an ART representing a group with a single member,
    * with the given leaf secret.

src/base64.js

@@ -1,7 +1,7 @@
 'use strict';
 
 module.exports = {
-  stringify: function (a) {
+  stringify: function(a) {
     if (a instanceof ArrayBuffer) {
       a = new Uint8Array(a);
     }
@@ -12,11 +12,16 @@ module.exports = {
       .replace(/\//g, "_");
   },
 
-  parse: function (s) {
+  parse: function(s) {
     s = s.replace(/-/g, "+")
       .replace(/_/g, "/")
       .replace(/\s/g, '');
     let u = new Uint8Array(Array.prototype.map.call(atob(s), c => c.charCodeAt(0)));
     return u.buffer;
   },
+
+  random: function(n) {
+    const b = crypto.getRandomValues(new Uint8Array(n));
+    return this.stringify(b);
+  },
 };

src/dh.js

@@ -27,9 +27,9 @@ async function _export(pub) {
  *   }
  */
 async function newKeyPair() {
-  const kp = await cs.generateKey(ECDH_GEN, false, ECDH_KEY_USAGES);
+  const kp = await cs.generateKey(ECDH_GEN, true, ECDH_KEY_USAGES);
   return {
-    privateKey: kp.privateKey,
+    privateKey: await _export(kp.privateKey),
     publicKey: await _export(kp.publicKey),
   };
 }
@@ -41,14 +41,17 @@ async function newKeyPair() {
  *
  * Returns: Promise resolving to ArrayBuffer
  */
-async function secret(priv, pubJWK) {
+async function secret(privJWK, pubJWK) {
+  const priv = await _import(privJWK);
   const pub = await _import(pubJWK);
   const alg = { 
     name: "ECDH", 
     namedCurve: "P-256", 
     public: pub,
   };
-  return await cs.deriveBits(alg, priv, SECRET_BITS);
+
+  const ss = await cs.deriveBits(alg, priv, SECRET_BITS);
+  return base64.stringify(ss);
 }
 
 /*
@@ -77,8 +80,8 @@ async function test() {
     const kpB = await newKeyPair();
 
     console.log("secret...");
-    const ssAB = base64.stringify(await secret(kpA.privateKey, kpB.publicKey));
-    const ssBA = base64.stringify(await secret(kpB.privateKey, kpA.publicKey));
+    const ssAB = await secret(kpA.privateKey, kpB.publicKey);
+    const ssBA = await secret(kpB.privateKey, kpA.publicKey);
 
     console.log("[DH]", (ssAB == ssBA)? "PASS" : "FAIL");
   } catch (err) {

src/eckem.js

@@ -23,14 +23,16 @@ function AES_GCM_ENC(iv) {
  *     ct: BufferSource
  *   }
  */
-async function encrypt(plaintext, pubA) {
+async function encrypt(pt64, pubA) {
+  const pt = base64.parse(pt64);
   const kpE = await DH.newKeyPair();
-  const ekData = await DH.secret(kpE.privateKey, pubA);
+  const ekData64 = await DH.secret(kpE.privateKey, pubA);
+  const ekData = base64.parse(ekData64);
   const ek = await cs.importKey("raw", ekData, "AES-GCM", false, ['encrypt']);
 
   const iv = window.crypto.getRandomValues(new Uint8Array(12))
   const alg = { name: "AES-GCM", iv: iv };
-  const ct = await cs.encrypt(alg, ek, plaintext);
+  const ct = await cs.encrypt(alg, ek, pt);
 
   return {
     pub: kpE.publicKey,
@@ -51,9 +53,11 @@ async function decrypt(ciphertext, priv) {
   const ct = base64.parse(ciphertext.ct);
   const alg = { name: "AES-GCM", iv: iv };
 
-  const ekData = await DH.secret(priv, ciphertext.pub);
+  const ekData64 = await DH.secret(priv, ciphertext.pub);
+  const ekData = base64.parse(ekData64);
   const ek = await cs.importKey("raw", ekData, "AES-GCM", false, ['decrypt']);
-  return cs.decrypt(alg, ek, ct);
+  const pt = await cs.decrypt(alg, ek, ct);
+  return base64.stringify(pt);
 }
 
 /*

src/iota.js

@@ -3,6 +3,7 @@
 const cs = window.crypto.subtle;
 const EC = require('elliptic').ec;
 const BN = require('bn.js');
+const base64 = require('./base64');
 
 const p256 = new EC('p256');
 
@@ -17,8 +18,9 @@ function bn2b64(n) {
                .replace(/\//g, '_');
 }
 
-async function iota(secret) {
+async function iota(secret64) {
   // Digest the input
+  const secret = base64.parse(secret64);
   const digest = await cs.digest("SHA-256", secret);
 
   // Convert it to an integer and compute the resulting key pair
@@ -40,7 +42,7 @@ async function iota(secret) {
     namedCurve: "P-256",
   }; 
   return {
-    privateKey: await cs.importKey("jwk", privJWK, alg, false, ["deriveKey", "deriveBits"]),
+    privateKey: privJWK,
     publicKey: pubJWK,
   }
 }

src/main.js

@@ -1,3 +1,4 @@
+window.base64 = require('./base64');
 window.DH = require('./dh');
 window.ECKEM = require('./eckem');
 window.iota = require('./iota');

src/state-tester.js

@@ -2,6 +2,7 @@
 
 const iota = require('./iota');
 const DH = require('./dh');
+const base64 = require('./base64');
 
 async function nodeEqual(lhs, rhs) {
   let lfp = await DH.fingerprint(lhs.public);
@@ -52,11 +53,11 @@ async function groupDump(label, group) {
 async function testUserAdd(State) {
   const testGroupSize = 5;
 
-  let creator = await State.oneMemberGroup(new Uint8Array([0]));
+  let creator = await State.oneMemberGroup(base64.random(32));
   let members = [creator];
 
   for (let i = 1; i < testGroupSize; ++i) {
-    let leaf = window.crypto.getRandomValues(new Uint8Array(32));
+    let leaf = base64.random(32);
     let gik = members[members.length - 1].groupInitKey;
     let uaIn = await State.join(leaf, gik);
 
@@ -85,11 +86,11 @@ async function testUserAdd(State) {
 async function testGroupAdd(State) {
   const testGroupSize = 5;
 
-  let creator = await State.oneMemberGroup(new Uint8Array([0]));
+  let creator = await State.oneMemberGroup(base64.random(32));
   let members = [creator];
 
   for (let i = 1; i < testGroupSize; ++i) {
-    let initLeaf = window.crypto.getRandomValues(new Uint8Array(4));
+    let initLeaf = base64.random(32);
     let initKP = await iota(initLeaf)
     let gaIn = await members[members.length - 1].add(initKP.publicKey)
 
@@ -115,13 +116,15 @@ async function testGroupAdd(State) {
   console.log("[state-group-add] PASS");
 }
 
-async function testUpdate(State) {
+async function testUpdate(State, transcode) {
+  let label = (transcode)? 'state-json' : 'state-update';
+
   // Create a group via GroupAdds
   const testGroupSize = 5;
-  let creator = await State.oneMemberGroup(new Uint8Array([0]));
+  let creator = await State.oneMemberGroup(base64.random(32));
   let members = [creator];
   for (let i = 1; i < testGroupSize; ++i) {
-    let initLeaf = window.crypto.getRandomValues(new Uint8Array(4));
+    let initLeaf = base64.random(32);
     let initKP = await iota(initLeaf);
     let ga = await members[members.length - 1].add(initKP.publicKey)
 
@@ -133,9 +136,22 @@ async function testUpdate(State) {
     members.push(joiner);
   }
 
+  if (transcode) {
+    let encoded = members.map(m => JSON.stringify(m));
+    let decoded = encoded.map(e => JSON.parse(e));
+    let revived = decoded.map(d => State.fromJSON(d));
+
+    let eqp = members.map(async (m, i) => groupEqual(m, revived[i]));
+    let eqr = await Promise.all(eqp);
+    let eq = eqr.reduce((x, y) => x && y);
+    if (!eq) {
+      throw label;
+    }
+  }
+
   // Have each member update and verify that others are consistent
   for (let m1 of members) {
-    let leaf = crypto.getRandomValues(new Uint8Array(32));
+    let leaf = base64.random(32);
     let updateIn = await m1.update(leaf);
 
     let updateEnc = JSON.stringify(updateIn);
@@ -154,18 +170,19 @@ async function testUpdate(State) {
       if (!eq) {
         await groupDump(m1.index, m1);
         await groupDump(m2.index, m2);
-        throw 'state-group-add';
+        throw label;
       }
     }
   }
 
-  console.log("[state-update] PASS");
+  console.log(`[${label}] PASS`);
 }
 
 module.exports = {
   test: async function(State) {
     await testUserAdd(State);
     await testGroupAdd(State);
-    await testUpdate(State);
+    await testUpdate(State, false);
+    await testUpdate(State, true);
   },
 };

src/treekem-state.js

@@ -26,6 +26,12 @@ class TreeKEMState {
   async dump() {
     return this.tkem.dump();
   }
+
+  static fromJSON(obj) {
+    let out = new TreeKEMState();
+    out.tkem = TreeKEM.fromJSON(obj.tkem);
+    return out;
+  }
 
   static async oneMemberGroup(leaf) {
     let state = new TreeKEMState();
@@ -57,7 +63,7 @@ class TreeKEMState {
   }
 
   async add(userInitPub) {
-    let leaf = window.crypto.getRandomValues(new Uint8Array(32));
+    let leaf = base64.random(32);
     let encryptedLeaf = await ECKEM.encrypt(leaf, userInitPub);
 
     let gik = this.groupInitKey;