How to use the @tanker/crypto.tcrypto.MAC_SIZE function in @tanker/crypto

it('throws when decrypting truncated encrypted resource', async () => {
        const encrypted = await bobLaptop.encrypt(clearText);
        // shorter than version + resource id: should not even try to decrypt
        const invalidEncrypted = encrypted.subarray(0, tcrypto.MAC_SIZE - 4);
        await expect(bobLaptop.decrypt(invalidEncrypted)).to.be.rejectedWith(errors.InvalidArgument);
      });

async download(resourceId: string, options?: $Shape & ProgressOptions> = {}): Promise {
    this.assert(statuses.READY, 'download a file');

    // Best effort to catch values that can't be a resourceId before reaching the server
    if (typeof resourceId !== 'string' || utils.fromBase64(resourceId).length !== tcrypto.MAC_SIZE)
      throw new InvalidArgument('resourceId', 'string', resourceId);

    if (!isObject(options))
      throw new InvalidArgument('options', '{ type: Class, mime?: string, name?: string, lastModified?: number }', options);

    const outputOptions = extractOutputOptions({ type: defaultDownloadType, ...options });
    const progressOptions = extractProgressOptions(options);

    return this._session.download(resourceId, outputOptions, progressOptions);
  }
}

it('ignores updates to a resource key', async () => {
    const key = random(tcrypto.SYMMETRIC_KEY_SIZE);
    const key2 = random(tcrypto.SYMMETRIC_KEY_SIZE);
    const resourceId = random(tcrypto.MAC_SIZE);

    await sharedKeystore.saveResourceKey(resourceId, key);
    await sharedKeystore.saveResourceKey(resourceId, key2);
    const thekey = await sharedKeystore.findResourceKey(resourceId);
    expect(thekey).to.deep.equal(key);
  });
});

it('saves and finds resources keys', async () => {
    const key1 = random(tcrypto.SYMMETRIC_KEY_SIZE);
    const resourceId = random(tcrypto.MAC_SIZE);
    await sharedKeystore.saveResourceKey(resourceId, key1);
    const key2 = await sharedKeystore.findResourceKey(resourceId);
    expect(key1).to.deep.equal(key2);
  });

it('correctly deserializes a KeyPublishV2 test vector', async () => {
    const keyPublish = {
      recipient: makeUint8Array('recipient user', tcrypto.HASH_SIZE),
      resourceId: makeUint8Array('resource mac', tcrypto.MAC_SIZE),
      key: makeUint8Array('encrypted key...', tcrypto.SEALED_KEY_SIZE),
    };

    const payload = new Uint8Array([
      0x72, 0x65, 0x63, 0x69, 0x70, 0x69, 0x65, 0x6e, 0x74, 0x20, 0x75, 0x73, 0x65, 0x72, 0x00, 0x00,
      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
      0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x20, 0x6d, 0x61, 0x63, 0x00, 0x00, 0x00, 0x00,
      0x65, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x65, 0x64, 0x20, 0x6b, 0x65, 0x79, 0x2e, 0x2e, 0x2e,
      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
    ]);

    expect(unserializeKeyPublish(payload)).to.deep.equal(keyPublish);
    expect(serializeKeyPublish(keyPublish)).to.deep.equal(payload);

makeKeyPublishToGroup = (parentDevice: TestDeviceCreation, recipient: Group): TestKeyPublish => {
    const resourceKey = random(tcrypto.SYMMETRIC_KEY_SIZE);
    const resourceId = random(tcrypto.MAC_SIZE);

    const { payload, nature } = makeKeyPublish(recipient.publicEncryptionKey, resourceKey, resourceId, NATURE_KIND.key_publish_to_user_group);
    const { block } = createBlock(payload, nature, this._trustchainId, parentDevice.testDevice.id, parentDevice.testDevice.signKeys.privateKey);

    const keyPublish = getKeyPublishEntryFromBlock(block);

    return {
      keyPublish,
      block,
      resourceId,
      resourceKey
    };
  }

export function makeResource(): Resource {
  const key = random(tcrypto.SYMMETRIC_KEY_SIZE);
  const resourceId = generichash(key, tcrypto.MAC_SIZE);
  return { key, resourceId };
}

makeStreamResource(): ResourceMeta {
    const key = random(tcrypto.SYMMETRIC_KEY_SIZE);
    const resourceId = generichash(key, tcrypto.MAC_SIZE);

    return { key, resourceId };
  }

const uint32Length = 4;
  const minEncryptedDataLength = versionLength + uint32Length + tcrypto.MAC_SIZE;

  if (encryptedData.length < minEncryptedDataLength)
    throw new InvalidArgument('encryptedData', `Uint8Array(${minEncryptedDataLength}+)`, encryptedData);

  let data;
  let header;
  let pos = versionLength;

  try {
    const encryptedChunkSize = number.fromUint32le(encryptedData.subarray(pos, pos + uint32Length));
    pos += uint32Length;

    const resourceId = encryptedData.subarray(pos, pos + tcrypto.MAC_SIZE);
    pos += tcrypto.MAC_SIZE;

    header = {
      version,
      encryptedChunkSize,
      resourceId,
      byteLength: pos,
    };

    data = encryptedData.subarray(pos);
  } catch (e) {
    throw new InvalidArgument('encryptedData', 'Uint8Array with properly formatted v4 header', encryptedData);
  }

  return { data, header };
};

export function getResourceId(encryptedData: Uint8Array): Uint8Array {
  const { version, versionLength } = getEncryptionFormat(encryptedData);
  const minEncryptedDataLength = versionLength + tcrypto.MAC_SIZE;

  if (encryptedData.length < minEncryptedDataLength)
    throw new InvalidArgument('encryptedData', `Uint8Array(${minEncryptedDataLength}+)`, encryptedData);

  if (isSimpleVersion(version)) {
    return extractResourceId(encryptedData);
  }

  const { header: { resourceId } } = extractHeaderV4(encryptedData);
  return resourceId;
}