PoliBa-Software-Architecture/Typescript-MessageUtils
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

V0.7.0 Arroyo Toad

Browse Source 
Fixed a design flaw where we supposed we could find keys before reading part of the message by adding support for a method to grab the key at runtime
This commit is contained in:
Christian Risi 2024-12-14 11:51:28 +00:00
parent e6b1f8d5ea
commit 15bae1af19
12 changed files with 63 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.devcontainer/DOCKERFILE
View File

@ -1,3 +1,3 @@
FROM denoland/deno
RUN apt update
RUN apt install git -y
RUN apt install git npm -y

4
.devcontainer/devcontainer.json
View File

@ -38,7 +38,9 @@
// RunArgs
"runArgs": [
"--name",
"Typescript-MessageUtils"
"Typescript-MessageUtils",
"--env-file",
".environment/.env"
]

1
.environment/env.example Normal file
View File

@ -0,0 +1 @@
FarmToad_NPM=YOUR_APPLICATION_KEY

2
.npmrc Normal file
View File

@ -0,0 +1,2 @@
@farmtoad:registry=https://repositories.communitynotfound.work/api/packages/PoliBa-Software-Architecture/npm/
//repositories.communitynotfound.work/api/packages/PoliBa-Software-Architecture/npm/:_authToken=${FarmToad_NPM}

21
README.md
View File

@ -1,2 +1,23 @@
# Typescript-MessageUtils
## How to install
Before the public relesase of this repository, you
should setup a `.env` file inside the `.environment` directory
with your application key set so that it enables `npm`, *at least*,
to read the `package-registry`.
Follow the pattern in the `env.example` file inside `.environment` directory
If there's not a root level `.npmrc` file, feel free to add one with the
following lines:
```bash
@farmtoad:registry=https://repositories.communitynotfound.work/api/packages/PoliBa-Software-Architecture/npm/
//repositories.communitynotfound.work/api/packages/PoliBa-Software-Architecture/npm/:_authToken=${FarmToad_NPM}
```
If it does not work, be sure that your devcontainer or environment is taking the env variables from
the `.env` file by running `echo ${FarmToad_NPM}` and seeing an actual value.
## **DISCLAIMER**
**"IT IS NOT RECOMMENDED TO REUSE THIS VALUE ACROSS MULTIPLE PROJECT, SO THAT IN CASE OF INVALIDATION (SAY YOU LEAKED THE KEY), YOU DON'T HAVE TO RESET THIS FOR EACH PROJECT"**

9
build.ts
View File

@ -1,7 +1,11 @@
import { copy } from "https://deno.land/std@0.140.0/fs/mod.ts";
import { build, emptyDir } from "https://deno.land/x/dnt@0.37.0/mod.ts";
await emptyDir("./npm");
await copy("testdata", "npm/esm/testdata", { overwrite: true });
await copy("testdata", "npm/script/testdata", { overwrite: true });
await build({
entryPoints: ["./src/mod.ts"],
outDir: "./npm",
@ -9,18 +13,19 @@ await build({
deno: true,
},
package: {
name: "farmtoad-msg-utils",
name: "@farmtoad/farmtoad-msg-utils",
version: Deno.args[0],
description:
"A collection of utils to deserialize valid messages coming from our farmtoad devices",
license: "MIT",
repository: {
type: "git",
url: "https://repositories.communitynotfound.work/PoliBa-Software-Architecture/IoT-Simulator-Core/src/branch/main/Scripts/openssl-ecdsa-certs.sh",
url: "https://repositories.communitynotfound.work/PoliBa-Software-Architecture/Typescript-MessageUtils.git",
},
},
postBuild() {
Deno.copyFileSync("LICENSE", "npm/LICENSE");
Deno.copyFileSync("README.md", "npm/README.md");
Deno.copyFileSync(".npmrc", "npm/.npmrc");
},
});

12
deno.lock generated
View File

@ -28,6 +28,7 @@
}
},
"remote": {
"https://deno.land/std@0.140.0/_deno_unstable.ts": "be3276fd42cffb49f51b705c4b0aa8656aaf2a34be22d769455c8e50ea38e51a",
"https://deno.land/std@0.140.0/_util/assert.ts": "e94f2eb37cebd7f199952e242c77654e43333c1ac4c5c700e929ea3aa5489f74",
"https://deno.land/std@0.140.0/_util/os.ts": "3b4c6e27febd119d36a416d7a97bd3b0251b77c88942c8f16ee5953ea13e2e49",
"https://deno.land/std@0.140.0/bytes/bytes_list.ts": "67eb118e0b7891d2f389dad4add35856f4ad5faab46318ff99653456c23b025d",
@ -35,7 +36,18 @@
"https://deno.land/std@0.140.0/bytes/mod.ts": "763f97d33051cc3f28af1a688dfe2830841192a9fea0cbaa55f927b49d49d0bf",
"https://deno.land/std@0.140.0/fmt/colors.ts": "30455035d6d728394781c10755351742dd731e3db6771b1843f9b9e490104d37",
"https://deno.land/std@0.140.0/fs/_util.ts": "0fb24eb4bfebc2c194fb1afdb42b9c3dda12e368f43e8f2321f84fc77d42cb0f",
"https://deno.land/std@0.140.0/fs/copy.ts": "9248d1492599957af8c693ceb10a432b09f0b0b61c60a4d6aff29b0c7d3a17b3",
"https://deno.land/std@0.140.0/fs/empty_dir.ts": "7274d87160de34cbed0531e284df383045cf43543bbeadeb97feac598bd8f3c5",
"https://deno.land/std@0.140.0/fs/ensure_dir.ts": "9dc109c27df4098b9fc12d949612ae5c9c7169507660dcf9ad90631833209d9d",
"https://deno.land/std@0.140.0/fs/ensure_file.ts": "7d353e64fee3d4d1e7c6b6726a2a5e987ba402c15fb49566309042887349c545",
"https://deno.land/std@0.140.0/fs/ensure_link.ts": "489e23df9fe3e6636048b5830ddf0f111eb29621eb85719255ad9bd645f3471b",
"https://deno.land/std@0.140.0/fs/ensure_symlink.ts": "88dc83de1bc90ed883dd458c2d2eae3d5834a4617d12925734836e1f0803b274",
"https://deno.land/std@0.140.0/fs/eol.ts": "b92f0b88036de507e7e6fbedbe8f666835ea9dcbf5ac85917fa1fadc919f83a5",
"https://deno.land/std@0.140.0/fs/exists.ts": "cb734d872f8554ea40b8bff77ad33d4143c1187eac621a55bf37781a43c56f6d",
"https://deno.land/std@0.140.0/fs/expand_glob.ts": "0c10130d67c9b02164b03df8e43c6d6defbf8e395cb69d09e84a8586e6d72ac3",
"https://deno.land/std@0.140.0/fs/mod.ts": "4dc052c461c171abb5c25f6e0f218ab838a716230930b534ba351745864b7d6d",
"https://deno.land/std@0.140.0/fs/move.ts": "0573cedcf583f09a9494f2dfccbf67de68a93629942d6b5e6e74a9e45d4e8a2e",
"https://deno.land/std@0.140.0/fs/walk.ts": "117403ccd21fd322febe56ba06053b1ad5064c802170f19b1ea43214088fe95f",
"https://deno.land/std@0.140.0/hash/sha256.ts": "803846c7a5a8a5a97f31defeb37d72f519086c880837129934f5d6f72102a8e8",
"https://deno.land/std@0.140.0/io/buffer.ts": "bd0c4bf53db4b4be916ca5963e454bddfd3fcd45039041ea161dbf826817822b",
"https://deno.land/std@0.140.0/path/_constants.ts": "df1db3ffa6dd6d1252cc9617e5d72165cd2483df90e93833e13580687b6083c3",

9
src/utils/deserializer.ts
View File

@ -7,7 +7,9 @@ import { DeviceLocation } from "../classes/DeviceLocation.ts";
import { signatureVerifierV1 } from "./signatureVerifier.ts";
import * as mod from "node:crypto";
export async function deserializerV1(buffer: ArrayBuffer, key: mod.webcrypto.CryptoKey) {
export async function deserializerV1(buffer: ArrayBuffer, retrieveKey: (deviceType: DeviceType, deviceID: bigint) => Promise<mod.webcrypto.CryptoKey> | mod.webcrypto.CryptoKey) {
const version: number = new Uint8Array(buffer.slice(0, 1))[0];
// UGLY Force typecasting
@ -33,6 +35,7 @@ export async function deserializerV1(buffer: ArrayBuffer, key: mod.webcrypto.Cry
] as keyof typeof SignatureType
];
const timestamp: number = new Float64Array(buffer.slice(8, 16))[0];
// UGLY: sum the 2 bigints to a sing bigint
@ -78,6 +81,10 @@ export async function deserializerV1(buffer: ArrayBuffer, key: mod.webcrypto.Cry
const msgBuffer = buffer.slice(0, signatureStart)
const signature = new Uint8Array(buffer.slice(index))
const key = await retrieveKey(deviceType, deviceID)
const result = await signatureVerifierV1(msgBuffer, signature, key)
if (!result) {

0
Private/Message.bin → testdata/Message.bin vendored
View File

0
Private/cert.pem → testdata/cert.pem vendored
View File

0
Private/public-key.pem → testdata/public-key.pem vendored
View File

11
tests/main_test.ts
View File

@ -1,11 +1,16 @@
import { deserializerV1, pem2_P256key } from "../src/mod.ts";
const testAssetFolder = "./testdata"
Deno.test(async function testV1() {
let msg = (await Deno.readFile("./Private/Message.bin")).buffer
let key = await pem2_P256key("./Private/public-key.pem")
let mgs = await deserializerV1(msg, key)
const _msg = (await Deno.readFile(`${testAssetFolder}/Message.bin`)).buffer
const mgs = await deserializerV1(_msg, async () => {
return await pem2_P256key(`${testAssetFolder}/public-key.pem`)
})
console.log(mgs.toString())
})