diff options
Diffstat (limited to 'packages/anastasis-core')
-rw-r--r-- | packages/anastasis-core/README.md | 3 | ||||
-rw-r--r-- | packages/anastasis-core/package.json | 18 | ||||
-rw-r--r-- | packages/anastasis-core/src/anastasis-data.ts | 12 | ||||
-rw-r--r-- | packages/anastasis-core/src/cli-entry.ts | 7 | ||||
-rw-r--r-- | packages/anastasis-core/src/cli.ts | 64 | ||||
-rw-r--r-- | packages/anastasis-core/src/crypto.ts | 38 | ||||
-rw-r--r-- | packages/anastasis-core/src/index.node.ts | 2 | ||||
-rw-r--r-- | packages/anastasis-core/src/index.ts | 19 | ||||
-rw-r--r-- | packages/anastasis-core/src/policy-suggestion.test.ts | 6 | ||||
-rw-r--r-- | packages/anastasis-core/src/reducer-types.ts | 2 | ||||
-rw-r--r-- | packages/anastasis-core/tsconfig.json | 6 |
11 files changed, 51 insertions, 126 deletions
diff --git a/packages/anastasis-core/README.md b/packages/anastasis-core/README.md new file mode 100644 index 000000000..f3696c768 --- /dev/null +++ b/packages/anastasis-core/README.md @@ -0,0 +1,3 @@ +# anastasis-core + +This package implements the core client logic of Anastasis in TypeScript. diff --git a/packages/anastasis-core/package.json b/packages/anastasis-core/package.json index 33d7898eb..576acc988 100644 --- a/packages/anastasis-core/package.json +++ b/packages/anastasis-core/package.json @@ -1,33 +1,29 @@ { "name": "@gnu-taler/anastasis-core", - "version": "0.0.2", + "version": "0.10.7", "description": "", "main": "./lib/index.js", "module": "./lib/index.js", "types": "./lib/index.d.ts", "scripts": { - "prepare": "tsc", "compile": "tsc", "pretty": "prettier --write src", "test": "tsc && ava", "coverage": "tsc && nyc ava", - "clean": "rimraf dist lib tsconfig.tsbuildinfo" + "typedoc": "typedoc --out dist/typedoc ./src/", + "clean": "rm -rf dist lib tsconfig.tsbuildinfo" }, "author": "Florian Dold <dold@taler.net>", "license": "AGPL-3-or-later", "type": "module", "devDependencies": { - "ava": "^4.3.3", - "rimraf": "^3.0.2", - "typescript": "^4.8.4" + "ava": "^6.0.1", + "typescript": "^5.3.3" }, "dependencies": { "@gnu-taler/taler-util": "workspace:*", - "fetch-ponyfill": "^7.1.0", - "fflate": "^0.7.4", - "hash-wasm": "^4.9.0", - "node-fetch": "^3.2.0", - "tslib": "^2.4.0" + "fflate": "^0.8.1", + "tslib": "^2.6.2" }, "ava": { "files": [ diff --git a/packages/anastasis-core/src/anastasis-data.ts b/packages/anastasis-core/src/anastasis-data.ts index d69bb319b..9cbf5f594 100644 --- a/packages/anastasis-core/src/anastasis-data.ts +++ b/packages/anastasis-core/src/anastasis-data.ts @@ -11,14 +11,10 @@ export const anastasisData = { url: "https://v1.anastasis.taler.net/", name: "Bern University of Applied Sciences, Switzerland", }, - { - url: "https://v1.anastasis.codeblau.de/", - name: "Codeblau GmbH, Germany", - }, - // { - // url: "https://v1.anastasis.openw3b.org/", - // name: "Openw3b Foundation, India", - // }, +// { +// url: "https://v1.anastasis.codeblau.de/", +// name: "Codeblau GmbH, Germany", +// }, { url: "https://v1.anastasis.lu/", name: "Anastasis SARL, Luxembourg", diff --git a/packages/anastasis-core/src/cli-entry.ts b/packages/anastasis-core/src/cli-entry.ts deleted file mode 100644 index 8eea42a18..000000000 --- a/packages/anastasis-core/src/cli-entry.ts +++ /dev/null @@ -1,7 +0,0 @@ -import { reducerCliMain } from "./cli.js"; - -async function r() { - reducerCliMain(); -} - -r(); diff --git a/packages/anastasis-core/src/cli.ts b/packages/anastasis-core/src/cli.ts deleted file mode 100644 index 517f2876d..000000000 --- a/packages/anastasis-core/src/cli.ts +++ /dev/null @@ -1,64 +0,0 @@ -import { clk } from "@gnu-taler/taler-util"; -import { - getBackupStartState, - getRecoveryStartState, - reduceAction, -} from "./index.js"; -import fs from "fs"; - -export const reducerCli = clk - .program("reducer", { - help: "Command line interface for Anastasis.", - }) - .flag("initBackup", ["-b", "--backup"]) - .flag("initRecovery", ["-r", "--restore"]) - .maybeOption("argumentsJson", ["-a", "--arguments"], clk.STRING) - .maybeArgument("action", clk.STRING) - .maybeArgument("stateFile", clk.STRING); - -async function read(stream: NodeJS.ReadStream): Promise<string> { - const chunks = []; - for await (const chunk of stream) { - chunks.push(chunk); - } - return Buffer.concat(chunks).toString("utf8"); -} - -reducerCli.action(async (x) => { - if (x.reducer.initBackup) { - console.log(JSON.stringify(await getBackupStartState())); - return; - } else if (x.reducer.initRecovery) { - console.log(JSON.stringify(await getRecoveryStartState())); - return; - } - - const action = x.reducer.action; - if (!action) { - console.log("action required"); - return; - } - - let lastState: any; - if (x.reducer.stateFile) { - const s = fs.readFileSync(x.reducer.stateFile, { encoding: "utf-8" }); - lastState = JSON.parse(s); - } else { - const s = await read(process.stdin); - lastState = JSON.parse(s); - } - - let args: any; - if (x.reducer.argumentsJson) { - args = JSON.parse(x.reducer.argumentsJson); - } else { - args = {}; - } - - const nextState = await reduceAction(lastState, action, args); - console.log(JSON.stringify(nextState)); -}); - -export function reducerCliMain() { - reducerCli.run(); -} diff --git a/packages/anastasis-core/src/crypto.ts b/packages/anastasis-core/src/crypto.ts index 5e45f995f..8bc004e95 100644 --- a/packages/anastasis-core/src/crypto.ts +++ b/packages/anastasis-core/src/crypto.ts @@ -26,8 +26,8 @@ import { secretbox_open, hash, bytesToString, + hashArgon2id, } from "@gnu-taler/taler-util"; -import { argon2id } from "hash-wasm"; export type Flavor<T, FlavorT extends string> = T & { _flavor?: `anastasis.${FlavorT}`; @@ -71,15 +71,13 @@ export async function userIdentifierDerive( ): Promise<UserIdentifier> { const canonIdData = canonicalJson(idData); const hashInput = stringToBytes(canonIdData); - const result = await argon2id({ - hashLength: 64, - iterations: 3, - memorySize: 1024 /* kibibytes */, - parallelism: 1, - password: hashInput, - salt: decodeCrock(serverSalt), - outputType: "binary", - }); + const result = await hashArgon2id( + hashInput, // password + decodeCrock(serverSalt), // salt + 3, // iterations + 1024, // memoryLimit (kibibytes) + 64, // hashLength + ); return encodeCrock(result); } @@ -153,7 +151,11 @@ export async function decryptPolicyMetadata( userId: UserIdentifier, metadataEnc: OpaqueData, ): Promise<PolicyMetadata> { + // @ts-ignore + console.log("metadataEnc", metadataEnc); const plain = await anastasisDecrypt(asOpaque(userId), metadataEnc, "rmd"); + // @ts-ignore + console.log("plain:", plain); const metadataBytes = decodeCrock(plain); const policyHash = encodeCrock(metadataBytes.slice(0, 64)); const secretName = bytesToString(metadataBytes.slice(64)); @@ -343,15 +345,13 @@ export async function secureAnswerHash( truthUuid: TruthUuid, questionSalt: TruthSalt, ): Promise<SecureAnswerHash> { - const powResult = await argon2id({ - hashLength: 64, - iterations: 3, - memorySize: 1024 /* kibibytes */, - parallelism: 1, - password: stringToBytes(answer), - salt: decodeCrock(questionSalt), - outputType: "binary", - }); + const powResult = await hashArgon2id( + stringToBytes(answer), // password + decodeCrock(questionSalt), // salt + 3, // iterations + 1024, // memorySize (kibibytes) + 64, // hashLength + ); const kdfResult = kdfKw({ outputLength: 64, salt: decodeCrock(truthUuid), diff --git a/packages/anastasis-core/src/index.node.ts b/packages/anastasis-core/src/index.node.ts deleted file mode 100644 index d08906a22..000000000 --- a/packages/anastasis-core/src/index.node.ts +++ /dev/null @@ -1,2 +0,0 @@ -export * from "./index.js"; -export { reducerCliMain } from "./cli.js"; diff --git a/packages/anastasis-core/src/index.ts b/packages/anastasis-core/src/index.ts index 8cb86cd85..05fa4a49f 100644 --- a/packages/anastasis-core/src/index.ts +++ b/packages/anastasis-core/src/index.ts @@ -43,6 +43,7 @@ import { URL, j2s, } from "@gnu-taler/taler-util"; +import { HttpResponse } from "@gnu-taler/taler-util/http"; import { anastasisData } from "./anastasis-data.js"; import { codecForChallengeInstructionMessage, @@ -96,7 +97,6 @@ import { AggregatedPolicyMetaInfo, AuthenticationProviderStatusMap, } from "./reducer-types.js"; -import fetchPonyfill from "fetch-ponyfill"; import { accountKeypairDerive, asOpaque, @@ -133,8 +133,6 @@ import { ChallengeFeedbackStatus, } from "./challenge-feedback-types.js"; -const { fetch } = fetchPonyfill({}); - export * from "./reducer-types.js"; export * as validators from "./validators.js"; export * from "./challenge-feedback-types.js"; @@ -285,13 +283,18 @@ async function getProviderInfo( try { resp = await fetch(new URL("config", providerBaseUrl).href); } catch (e) { + console.warn( + "Encountered an HTTP error whilst trying to get the provider's config: ", + e, + ); return { status: "error", code: TalerErrorCode.ANASTASIS_REDUCER_NETWORK_FAILED, - hint: "request to provider failed", + hint: "request to anastasis provider failed", }; } - if (resp.status !== 200) { + if (!resp.ok) { + console.warn("Got bad response code whilst getting provider config", resp); return { status: "error", code: TalerErrorCode.ANASTASIS_REDUCER_NETWORK_FAILED, @@ -647,7 +650,7 @@ async function uploadSecret( method: "POST", headers: { "Anastasis-Policy-Signature": encodeCrock(sig), - "If-None-Match": encodeCrock(bodyHash), + "If-None-Match": JSON.stringify(encodeCrock(bodyHash)), [ANASTASIS_HTTP_HEADER_POLICY_META_DATA]: metadataEnc, ...(paySecret ? { @@ -1473,7 +1476,7 @@ async function updateUploadFees( x, ).amount; }; - const expirationTime = AbsoluteTime.fromTimestamp(expiration); + const expirationTime = AbsoluteTime.fromProtocolTimestamp(expiration); const years = Duration.toIntegerYears(Duration.getRemaining(expirationTime)); logger.info(`computing fees for ${years} years`); // For now, we compute fees for *all* available providers. @@ -1655,7 +1658,7 @@ export function mergeDiscoveryAggregate( newPolicies: PolicyMetaInfo[], oldAgg: AggregatedPolicyMetaInfo[], ): AggregatedPolicyMetaInfo[] { - const aggregatedPolicies: AggregatedPolicyMetaInfo[] = [...oldAgg] ?? []; + const aggregatedPolicies: AggregatedPolicyMetaInfo[] = [...oldAgg]; const polHashToIndex: Record<string, number> = {}; for (const pol of newPolicies) { const oldIndex = polHashToIndex[pol.policy_hash]; diff --git a/packages/anastasis-core/src/policy-suggestion.test.ts b/packages/anastasis-core/src/policy-suggestion.test.ts index 6370825da..fd42b708f 100644 --- a/packages/anastasis-core/src/policy-suggestion.test.ts +++ b/packages/anastasis-core/src/policy-suggestion.test.ts @@ -1,4 +1,4 @@ -import { j2s } from "@gnu-taler/taler-util"; +import { AmountString, j2s } from "@gnu-taler/taler-util"; import test from "ava"; import { ProviderInfo, suggestPolicies } from "./policy-suggestion.js"; @@ -23,13 +23,13 @@ test("policy suggestion", async (t) => { const providers: ProviderInfo[] = [ { methodCost: { - sms: "KUDOS:1", + sms: "KUDOS:1" as AmountString, }, url: "prov1", }, { methodCost: { - question: "KUDOS:1", + question: "KUDOS:1" as AmountString, }, url: "prov2", }, diff --git a/packages/anastasis-core/src/reducer-types.ts b/packages/anastasis-core/src/reducer-types.ts index 4b87d3ae6..ad88f40ed 100644 --- a/packages/anastasis-core/src/reducer-types.ts +++ b/packages/anastasis-core/src/reducer-types.ts @@ -295,7 +295,7 @@ export enum RecoveryStates { export interface MethodSpec { type: string; - usage_fee: string; + usage_fee: AmountString; } export type AuthenticationProviderStatusNotContacted = { diff --git a/packages/anastasis-core/tsconfig.json b/packages/anastasis-core/tsconfig.json index 7cab21017..e463201e7 100644 --- a/packages/anastasis-core/tsconfig.json +++ b/packages/anastasis-core/tsconfig.json @@ -2,11 +2,11 @@ "compileOnSave": true, "compilerOptions": { "composite": true, - "target": "ES2018", - "module": "ESNext", + "target": "ES2020", + "module": "Node16", "moduleResolution": "Node16", "sourceMap": true, - "lib": ["es6", "DOM"], + "lib": ["ES2020", "DOM"], "noImplicitReturns": true, "noFallthroughCasesInSwitch": true, "strict": true, |