How to use @tanker/crypto - 10 common examples
To help you get started, we’ve selected a few @tanker/crypto examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
TankerHQ / sdk-js / packages / core / src / __tests__ / GroupSerialization.spec.js View on Github 
it('correctly serializes/deserializes a UserGroupCreation test vector', async () => {
const userGroupCreation = {
public_signature_key: makeUint8Array('pub sig key', tcrypto.SIGNATURE_PUBLIC_KEY_SIZE),
public_encryption_key: makeUint8Array('pub enc key', tcrypto.ENCRYPTION_PUBLIC_KEY_SIZE),
encrypted_group_private_signature_key: makeUint8Array('encrypted priv sig key', tcrypto.SEALED_SIGNATURE_PRIVATE_KEY_SIZE),
encrypted_group_private_encryption_keys_for_users: [
{
public_user_encryption_key: makeUint8Array('pub user key', tcrypto.ENCRYPTION_PUBLIC_KEY_SIZE),
encrypted_group_private_encryption_key: makeUint8Array('encrypted group priv key', tcrypto.SEALED_ENCRYPTION_PRIVATE_KEY_SIZE),
},
{
public_user_encryption_key: makeUint8Array('second pub user key', tcrypto.ENCRYPTION_PUBLIC_KEY_SIZE),
encrypted_group_private_encryption_key: makeUint8Array('second encrypted group priv key', tcrypto.SEALED_ENCRYPTION_PRIVATE_KEY_SIZE),
}],
self_signature: makeUint8Array('self signature', tcrypto.SIGNATURE_SIZE),
};
const payload = new Uint8Array([
// public signature key
0x70, 0x75, 0x62, 0x20, 0x73, 0x69, 0x67, 0x20, 0x6b, 0x65, 0x79, 0x00,it('correctly serializes/deserializes a UserGroupCreation test vector', async () => {
const userGroupCreation = {
public_signature_key: makeUint8Array('pub sig key', tcrypto.SIGNATURE_PUBLIC_KEY_SIZE),
public_encryption_key: makeUint8Array('pub enc key', tcrypto.ENCRYPTION_PUBLIC_KEY_SIZE),
encrypted_group_private_signature_key: makeUint8Array('encrypted priv sig key', tcrypto.SEALED_SIGNATURE_PRIVATE_KEY_SIZE),
encrypted_group_private_encryption_keys_for_users: [
{
public_user_encryption_key: makeUint8Array('pub user key', tcrypto.ENCRYPTION_PUBLIC_KEY_SIZE),
encrypted_group_private_encryption_key: makeUint8Array('encrypted group priv key', tcrypto.SEALED_ENCRYPTION_PRIVATE_KEY_SIZE),
},
{
public_user_encryption_key: makeUint8Array('second pub user key', tcrypto.ENCRYPTION_PUBLIC_KEY_SIZE),
encrypted_group_private_encryption_key: makeUint8Array('second encrypted group priv key', tcrypto.SEALED_ENCRYPTION_PRIVATE_KEY_SIZE),
}],
self_signature: makeUint8Array('self signature', tcrypto.SIGNATURE_SIZE),
};
const payload = new Uint8Array([
// public signature keyit('correctly deserializes a ProvisionalIdentityClaim test vector', async () => {
const provisionalIdentityClaim = {
user_id: makeUint8Array('the user id', tcrypto.HASH_SIZE),
app_provisional_identity_signature_public_key: makeUint8Array('the app sig pub key', tcrypto.SIGNATURE_PUBLIC_KEY_SIZE),
tanker_provisional_identity_signature_public_key: makeUint8Array('the tanker sig pub key', tcrypto.SIGNATURE_PUBLIC_KEY_SIZE),
author_signature_by_app_key: makeUint8Array('the author sig by app key', tcrypto.SIGNATURE_SIZE),
author_signature_by_tanker_key: makeUint8Array('the author sig by tanker key', tcrypto.SIGNATURE_SIZE),
recipient_user_public_key: makeUint8Array('user pub key', tcrypto.ENCRYPTION_PUBLIC_KEY_SIZE),
encrypted_provisional_identity_private_keys: makeUint8Array('both encrypted private keys', tcrypto.ENCRYPTION_PRIVATE_KEY_SIZE * 2
+ tcrypto.SEAL_OVERHEAD),
};
const payload = new Uint8Array([
// UserID
0x74, 0x68, 0x65, 0x20, 0x75, 0x73, 0x65, 0x72, 0x20, 0x69, 0x64, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
// AppProvisionalIdentitySignaturePublicKey
0x74, 0x68, 0x65, 0x20,
0x61, 0x70, 0x70, 0x20, 0x73, 0x69, 0x67, 0x20, 0x70, 0x75, 0x62, 0x20,
0x6b, 0x65, 0x79, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,it('correctly deserializes a ProvisionalIdentityClaim test vector', async () => {
const provisionalIdentityClaim = {
user_id: makeUint8Array('the user id', tcrypto.HASH_SIZE),
app_provisional_identity_signature_public_key: makeUint8Array('the app sig pub key', tcrypto.SIGNATURE_PUBLIC_KEY_SIZE),
tanker_provisional_identity_signature_public_key: makeUint8Array('the tanker sig pub key', tcrypto.SIGNATURE_PUBLIC_KEY_SIZE),
author_signature_by_app_key: makeUint8Array('the author sig by app key', tcrypto.SIGNATURE_SIZE),
author_signature_by_tanker_key: makeUint8Array('the author sig by tanker key', tcrypto.SIGNATURE_SIZE),
recipient_user_public_key: makeUint8Array('user pub key', tcrypto.ENCRYPTION_PUBLIC_KEY_SIZE),
encrypted_provisional_identity_private_keys: makeUint8Array('both encrypted private keys', tcrypto.ENCRYPTION_PRIVATE_KEY_SIZE * 2
+ tcrypto.SEAL_OVERHEAD),
};
const payload = new Uint8Array([
// UserID
0x74, 0x68, 0x65, 0x20, 0x75, 0x73, 0x65, 0x72, 0x20, 0x69, 0x64, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
// AppProvisionalIdentitySignaturePublicKey
0x74, 0x68, 0x65, 0x20,
0x61, 0x70, 0x70, 0x20, 0x73, 0x69, 0x67, 0x20, 0x70, 0x75, 0x62, 0x20,
0x6b, 0x65, 0x79, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00,it('throws when decrypting truncated encrypted resource', async () => {
const encrypted = await bobLaptop.encrypt(clearText);
// shorter than version + resource id: should not even try to decrypt
const invalidEncrypted = encrypted.subarray(0, tcrypto.MAC_SIZE - 4);
await expect(bobLaptop.decrypt(invalidEncrypted)).to.be.rejectedWith(errors.InvalidArgument);
});beforeEach(async () => {
testGenerator.makeTrustchainCreation();
const userId = random(tcrypto.HASH_SIZE);
const userCreation = await testGenerator.makeUserCreation(userId);
user = userCreation.user;
const provisionalIdentity = testGenerator.makeProvisionalUser().publicProvisionalUser;
const userGroupCreation = testGenerator.makeUserGroupCreation(userCreation, [user], [provisionalIdentity]);
group = userGroupCreation.group;
// Second user
const userId2 = random(tcrypto.HASH_SIZE);
const userCreation2 = await testGenerator.makeUserCreation(userId2);
const userGroupAddition = testGenerator.makeUserGroupAddition(userCreation, userGroupCreation.group, [userCreation2.user]);
userGroupEntry = userGroupAddition.userGroupEntry;
});let authorPrivateKey = this.appSignKeys.privateKey;
let author = this.root.entry.hash;
if (args.parentDevice) {
// A parent device exists so we are in the add Device case
authorPrivateKey = args.parentDevice.signKeys.privateKey;
author = args.parentDevice.id;
}
let userKeyPair = null;
if (args.nature === NATURE.device_creation_v3) {
userKeyPair = {
public_encryption_key: args.userKeys.publicKey,
encrypted_private_encryption_key: new Uint8Array(SEALED_KEY_SIZE),
};
}
const payload: DeviceCreationRecord = {
last_reset: new Uint8Array(tcrypto.HASH_SIZE),
ephemeral_public_signature_key: ephemeralKeys.publicKey,
user_id: obfuscatedUserId,
delegation_signature: tcrypto.sign(delegationBuffer, authorPrivateKey),
public_signature_key: signKeys.publicKey,
public_encryption_key: encryptionKeys.publicKey,
is_ghost_device: false,
revoked: Number.MAX_SAFE_INTEGER,
user_key_pair: userKeyPair,
};
this.trustchainIndex += 1;
let serializedPayload = null;
if (args.nature === NATURE.device_creation_v3) {
serializedPayload = serializeUserDeviceV3(payload);
} else {
serializedPayload = serializeUserDeviceV1(payload);createUser(args: { userId: string, parentDevice?: GeneratorDevice, userKeys: tcrypto.SodiumKeyPair, nature: Nature}): CreateUserResult {
const ephemeralKeys = tcrypto.makeSignKeyPair();
const signKeys = tcrypto.makeSignKeyPair();
const encryptionKeys = tcrypto.makeEncryptionKeyPair();
const obfuscatedUserId = obfuscateUserId(this.trustchainId, args.userId);
const delegationBuffer = utils.concatArrays(ephemeralKeys.publicKey, obfuscatedUserId);
let authorPrivateKey = this.appSignKeys.privateKey;
let author = this.root.entry.hash;
if (args.parentDevice) {
// A parent device exists so we are in the add Device case
authorPrivateKey = args.parentDevice.signKeys.privateKey;
author = args.parentDevice.id;
}
let userKeyPair = null;
if (args.nature === NATURE.device_creation_v3) {
userKeyPair = {
public_encryption_key: args.userKeys.publicKey,createUser(args: { userId: string, parentDevice?: GeneratorDevice, userKeys: tcrypto.SodiumKeyPair, nature: Nature}): CreateUserResult {
const ephemeralKeys = tcrypto.makeSignKeyPair();
const signKeys = tcrypto.makeSignKeyPair();
const encryptionKeys = tcrypto.makeEncryptionKeyPair();
const obfuscatedUserId = obfuscateUserId(this.trustchainId, args.userId);
const delegationBuffer = utils.concatArrays(ephemeralKeys.publicKey, obfuscatedUserId);
let authorPrivateKey = this.appSignKeys.privateKey;
let author = this.root.entry.hash;
if (args.parentDevice) {
// A parent device exists so we are in the add Device case
authorPrivateKey = args.parentDevice.signKeys.privateKey;
author = args.parentDevice.id;
}
let userKeyPair = null;
if (args.nature === NATURE.device_creation_v3) {
userKeyPair = {
public_encryption_key: args.userKeys.publicKey,
encrypted_private_encryption_key: new Uint8Array(SEALED_KEY_SIZE),0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
// is_ghost_device
0x01,
]);
const deviceCreation = {
last_reset: new Uint8Array(32),
ephemeral_public_signature_key: makeUint8Array('eph pub key', tcrypto.SIGNATURE_PUBLIC_KEY_SIZE),
user_id: makeUint8Array('user id', tcrypto.HASH_SIZE),
delegation_signature: makeUint8Array('delegation sig', tcrypto.SIGNATURE_SIZE),
public_signature_key: makeUint8Array('public signature key', tcrypto.SIGNATURE_PUBLIC_KEY_SIZE),
public_encryption_key: makeUint8Array('public enc key', tcrypto.ENCRYPTION_PUBLIC_KEY_SIZE),
user_key_pair: {
public_encryption_key: makeUint8Array('user pub enc key', tcrypto.ENCRYPTION_PUBLIC_KEY_SIZE),
encrypted_private_encryption_key: makeUint8Array('user enc key', tcrypto.SEALED_KEY_SIZE),
},
is_ghost_device: true,
revoked: Number.MAX_SAFE_INTEGER,
};
expect(unserializeUserDeviceV3(payload)).to.deep.equal(deviceCreation);
});@tanker/crypto
Tanker SDK (cryptographic primitives)
Package Health Score
65 / 100Popular @tanker/crypto functions
- @tanker/crypto.generichash
- @tanker/crypto.random
- @tanker/crypto.tcrypto.ENCRYPTION_PUBLIC_KEY_SIZE
- @tanker/crypto.tcrypto.getEncryptionKeyPairFromPrivateKey
- @tanker/crypto.tcrypto.HASH_SIZE
- @tanker/crypto.tcrypto.MAC_SIZE
- @tanker/crypto.tcrypto.makeEncryptionKeyPair
- @tanker/crypto.tcrypto.makeSignKeyPair
- @tanker/crypto.tcrypto.sealDecrypt
- @tanker/crypto.tcrypto.sealEncrypt
- @tanker/crypto.tcrypto.sign
- @tanker/crypto.tcrypto.SIGNATURE_PUBLIC_KEY_SIZE
- @tanker/crypto.tcrypto.SIGNATURE_SIZE
- @tanker/crypto.tcrypto.SYMMETRIC_KEY_SIZE
- @tanker/crypto.tcrypto.verifySignature
- @tanker/crypto.utils.concatArrays
- @tanker/crypto.utils.equalArray
- @tanker/crypto.utils.fromBase64
- @tanker/crypto.utils.fromString
- @tanker/crypto.utils.toBase64