4nk/anchorage_layer_simple
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
anchorage_layer_simple/service-login-verify/node_modules/@noble/hashes/hkdf.js
ncantu 6bf37be44e Cron restart services (bitcoind, mempool), service-login-verify, website-skeleton, docs 
**Motivations:**
- Consigner l'état actuel du dépôt (cron, service-login-verify, website-skeleton, userwallet, docs).
- Centraliser les modifications en attente.

**Root causes:**
- N/A (commit groupé).

**Correctifs:**
- N/A.

**Evolutions:**
- Cron quotidien restart services : script local sans SSH, systemd (bitcoin-signet, bitcoin, APIs, dashboard, userwallet, website-skeleton) + Docker (mempool, bitcoin-signet-instance).
- Feature cron-restart-services-local : documentation et règle scripts locaux / pas d'SSH.
- service-login-verify : module vérification login (buildAllowedPubkeys, verifyLoginProof, nonceCache).
- website-skeleton : app iframe UserWallet, config, systemd unit.
- userwallet : collectSignatures, relay.
- docs : DOMAINS_AND_PORTS, README, WEBSITE_SKELETON ; features userwallet-contrat-login, timeouts-backoff, service-login-verify.

**Pages affectées:**
- data/restart-services-cron.sh, data/restart-services.log, data/sync-utxos.log
- features/cron-restart-services-local.md, features/service-login-verify.md, features/userwallet-contrat-login-reste-a-faire.md, features/userwallet-timeouts-backoff.md
- docs/DOMAINS_AND_PORTS.md, docs/README.md, docs/WEBSITE_SKELETON.md
- configure-nginx-proxy.sh
- service-login-verify/ (src, dist, node_modules)
- userwallet/src/utils/collectSignatures.ts, userwallet/src/utils/relay.ts
- website-skeleton/
2026-01-28 00:48:37 +01:00

88 lines
3.7 KiB
JavaScript
Raw Blame History

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.hkdf = void 0;
exports.extract = extract;
exports.expand = expand;
/**
* HKDF (RFC 5869): extract + expand in one step.
* See https://soatok.blog/2021/11/17/understanding-hkdf/.
* @module
*/
const hmac_ts_1 = require("./hmac.js");
const utils_ts_1 = require("./utils.js");
/**
* HKDF-extract from spec. Less important part. `HKDF-Extract(IKM, salt) -> PRK`
* Arguments position differs from spec (IKM is first one, since it is not optional)
* @param hash - hash function that would be used (e.g. sha256)
* @param ikm - input keying material, the initial key
* @param salt - optional salt value (a non-secret random value)
*/
function extract(hash, ikm, salt) {
(0, utils_ts_1.ahash)(hash);
// NOTE: some libraries treat zero-length array as 'not provided';
// we don't, since we have undefined as 'not provided'
// https://github.com/RustCrypto/KDFs/issues/15
if (salt === undefined)
salt = new Uint8Array(hash.outputLen);
return (0, hmac_ts_1.hmac)(hash, (0, utils_ts_1.toBytes)(salt), (0, utils_ts_1.toBytes)(ikm));
}
const HKDF_COUNTER = /* @__PURE__ */ Uint8Array.from([0]);
const EMPTY_BUFFER = /* @__PURE__ */ Uint8Array.of();
/**
* HKDF-expand from the spec. The most important part. `HKDF-Expand(PRK, info, L) -> OKM`
* @param hash - hash function that would be used (e.g. sha256)
* @param prk - a pseudorandom key of at least HashLen octets (usually, the output from the extract step)
* @param info - optional context and application specific information (can be a zero-length string)
* @param length - length of output keying material in bytes
*/
function expand(hash, prk, info, length = 32) {
(0, utils_ts_1.ahash)(hash);
(0, utils_ts_1.anumber)(length);
const olen = hash.outputLen;
if (length > 255 * olen)
throw new Error('Length should be <= 255*HashLen');
const blocks = Math.ceil(length / olen);
if (info === undefined)
info = EMPTY_BUFFER;
// first L(ength) octets of T
const okm = new Uint8Array(blocks * olen);
// Re-use HMAC instance between blocks
const HMAC = hmac_ts_1.hmac.create(hash, prk);
const HMACTmp = HMAC._cloneInto();
const T = new Uint8Array(HMAC.outputLen);
for (let counter = 0; counter < blocks; counter++) {
HKDF_COUNTER[0] = counter + 1;
// T(0) = empty string (zero length)
// T(N) = HMAC-Hash(PRK, T(N-1) | info | N)
HMACTmp.update(counter === 0 ? EMPTY_BUFFER : T)
.update(info)
.update(HKDF_COUNTER)
.digestInto(T);
okm.set(T, olen * counter);
HMAC._cloneInto(HMACTmp);
}
HMAC.destroy();
HMACTmp.destroy();
(0, utils_ts_1.clean)(T, HKDF_COUNTER);
return okm.slice(0, length);
}
/**
* HKDF (RFC 5869): derive keys from an initial input.
* Combines hkdf_extract + hkdf_expand in one step
* @param hash - hash function that would be used (e.g. sha256)
* @param ikm - input keying material, the initial key
* @param salt - optional salt value (a non-secret random value)
* @param info - optional context and application specific information (can be a zero-length string)
* @param length - length of output keying material in bytes
* @example
* import { hkdf } from '@noble/hashes/hkdf';
* import { sha256 } from '@noble/hashes/sha2';
* import { randomBytes } from '@noble/hashes/utils';
* const inputKey = randomBytes(32);
* const salt = randomBytes(32);
* const info = 'application-key';
* const hk1 = hkdf(sha256, inputKey, salt, info, 32);
*/
const hkdf = (hash, ikm, salt, info, length) => expand(hash, extract(hash, ikm, salt), info, length);
exports.hkdf = hkdf;
//# sourceMappingURL=hkdf.js.map
Reference in New Issue View Git Blame Copy Permalink