
- Complete NestJS TypeScript implementation with WebSocket support - Direct messaging (DM) and group chat functionality - End-to-end encryption with AES encryption and key pairs - Media file support (images, videos, audio, documents) up to 100MB - Push notifications with Firebase Cloud Messaging integration - Mention alerts and real-time typing indicators - User authentication with JWT and Passport - SQLite database with TypeORM entities and relationships - Comprehensive API documentation with Swagger/OpenAPI - File upload handling with secure access control - Online/offline status tracking and presence management - Message editing, deletion, and reply functionality - Notification management with automatic cleanup - Health check endpoint for monitoring - CORS configuration for cross-origin requests - Environment-based configuration management - Structured for Flutter SDK integration Features implemented: ✅ Real-time messaging with Socket.IO ✅ User registration and authentication ✅ Direct messages and group chats ✅ Media file uploads and management ✅ End-to-end encryption ✅ Push notifications ✅ Mention alerts ✅ Typing indicators ✅ Message read receipts ✅ Online status tracking ✅ File access control ✅ Comprehensive API documentation Ready for Flutter SDK development and production deployment.
88 lines
3.7 KiB
JavaScript
88 lines
3.7 KiB
JavaScript
"use strict";
|
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
exports.hkdf = void 0;
|
|
exports.extract = extract;
|
|
exports.expand = expand;
|
|
/**
|
|
* HKDF (RFC 5869): extract + expand in one step.
|
|
* See https://soatok.blog/2021/11/17/understanding-hkdf/.
|
|
* @module
|
|
*/
|
|
const hmac_ts_1 = require("./hmac.js");
|
|
const utils_ts_1 = require("./utils.js");
|
|
/**
|
|
* HKDF-extract from spec. Less important part. `HKDF-Extract(IKM, salt) -> PRK`
|
|
* Arguments position differs from spec (IKM is first one, since it is not optional)
|
|
* @param hash - hash function that would be used (e.g. sha256)
|
|
* @param ikm - input keying material, the initial key
|
|
* @param salt - optional salt value (a non-secret random value)
|
|
*/
|
|
function extract(hash, ikm, salt) {
|
|
(0, utils_ts_1.ahash)(hash);
|
|
// NOTE: some libraries treat zero-length array as 'not provided';
|
|
// we don't, since we have undefined as 'not provided'
|
|
// https://github.com/RustCrypto/KDFs/issues/15
|
|
if (salt === undefined)
|
|
salt = new Uint8Array(hash.outputLen);
|
|
return (0, hmac_ts_1.hmac)(hash, (0, utils_ts_1.toBytes)(salt), (0, utils_ts_1.toBytes)(ikm));
|
|
}
|
|
const HKDF_COUNTER = /* @__PURE__ */ Uint8Array.from([0]);
|
|
const EMPTY_BUFFER = /* @__PURE__ */ Uint8Array.of();
|
|
/**
|
|
* HKDF-expand from the spec. The most important part. `HKDF-Expand(PRK, info, L) -> OKM`
|
|
* @param hash - hash function that would be used (e.g. sha256)
|
|
* @param prk - a pseudorandom key of at least HashLen octets (usually, the output from the extract step)
|
|
* @param info - optional context and application specific information (can be a zero-length string)
|
|
* @param length - length of output keying material in bytes
|
|
*/
|
|
function expand(hash, prk, info, length = 32) {
|
|
(0, utils_ts_1.ahash)(hash);
|
|
(0, utils_ts_1.anumber)(length);
|
|
const olen = hash.outputLen;
|
|
if (length > 255 * olen)
|
|
throw new Error('Length should be <= 255*HashLen');
|
|
const blocks = Math.ceil(length / olen);
|
|
if (info === undefined)
|
|
info = EMPTY_BUFFER;
|
|
// first L(ength) octets of T
|
|
const okm = new Uint8Array(blocks * olen);
|
|
// Re-use HMAC instance between blocks
|
|
const HMAC = hmac_ts_1.hmac.create(hash, prk);
|
|
const HMACTmp = HMAC._cloneInto();
|
|
const T = new Uint8Array(HMAC.outputLen);
|
|
for (let counter = 0; counter < blocks; counter++) {
|
|
HKDF_COUNTER[0] = counter + 1;
|
|
// T(0) = empty string (zero length)
|
|
// T(N) = HMAC-Hash(PRK, T(N-1) | info | N)
|
|
HMACTmp.update(counter === 0 ? EMPTY_BUFFER : T)
|
|
.update(info)
|
|
.update(HKDF_COUNTER)
|
|
.digestInto(T);
|
|
okm.set(T, olen * counter);
|
|
HMAC._cloneInto(HMACTmp);
|
|
}
|
|
HMAC.destroy();
|
|
HMACTmp.destroy();
|
|
(0, utils_ts_1.clean)(T, HKDF_COUNTER);
|
|
return okm.slice(0, length);
|
|
}
|
|
/**
|
|
* HKDF (RFC 5869): derive keys from an initial input.
|
|
* Combines hkdf_extract + hkdf_expand in one step
|
|
* @param hash - hash function that would be used (e.g. sha256)
|
|
* @param ikm - input keying material, the initial key
|
|
* @param salt - optional salt value (a non-secret random value)
|
|
* @param info - optional context and application specific information (can be a zero-length string)
|
|
* @param length - length of output keying material in bytes
|
|
* @example
|
|
* import { hkdf } from '@noble/hashes/hkdf';
|
|
* import { sha256 } from '@noble/hashes/sha2';
|
|
* import { randomBytes } from '@noble/hashes/utils';
|
|
* const inputKey = randomBytes(32);
|
|
* const salt = randomBytes(32);
|
|
* const info = 'application-key';
|
|
* const hk1 = hkdf(sha256, inputKey, salt, info, 32);
|
|
*/
|
|
const hkdf = (hash, ikm, salt, info, length) => expand(hash, extract(hash, ikm, salt), info, length);
|
|
exports.hkdf = hkdf;
|
|
//# sourceMappingURL=hkdf.js.map
|