Add debug logging to see received auth data

2025-08-18 12:38:15 -04:00
parent 0d0a08ad49
commit 4f1d771659
1999 changed files with 261047 additions and 9 deletions
--- a/node_modules/@noble/hashes/hkdf.js
+++ b/node_modules/@noble/hashes/hkdf.js
@@ -0,0 +1,78 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.hkdf = exports.expand = exports.extract = void 0;
+const _assert_js_1 = require("./_assert.js");
+const utils_js_1 = require("./utils.js");
+const hmac_js_1 = require("./hmac.js");
+// HKDF (RFC 5869)
+// https://soatok.blog/2021/11/17/understanding-hkdf/
+/**
+ * HKDF-Extract(IKM, salt) -> PRK
+ * Arguments position differs from spec (IKM is first one, since it is not optional)
+ * @param hash
+ * @param ikm
+ * @param salt
+ * @returns
+ */
+function extract(hash, ikm, salt) {
+    _assert_js_1.default.hash(hash);
+    // NOTE: some libraries treat zero-length array as 'not provided';
+    // we don't, since we have undefined as 'not provided'
+    // https://github.com/RustCrypto/KDFs/issues/15
+    if (salt === undefined)
+        salt = new Uint8Array(hash.outputLen); // if not provided, it is set to a string of HashLen zeros
+    return (0, hmac_js_1.hmac)(hash, (0, utils_js_1.toBytes)(salt), (0, utils_js_1.toBytes)(ikm));
+}
+exports.extract = extract;
+// HKDF-Expand(PRK, info, L) -> OKM
+const HKDF_COUNTER = new Uint8Array([0]);
+const EMPTY_BUFFER = new Uint8Array();
+/**
+ * HKDF-expand from the spec.
+ * @param prk - a pseudorandom key of at least HashLen octets (usually, the output from the extract step)
+ * @param info - optional context and application specific information (can be a zero-length string)
+ * @param length - length of output keying material in octets
+ */
+function expand(hash, prk, info, length = 32) {
+    _assert_js_1.default.hash(hash);
+    _assert_js_1.default.number(length);
+    if (length > 255 * hash.outputLen)
+        throw new Error('Length should be <= 255*HashLen');
+    const blocks = Math.ceil(length / hash.outputLen);
+    if (info === undefined)
+        info = EMPTY_BUFFER;
+    // first L(ength) octets of T
+    const okm = new Uint8Array(blocks * hash.outputLen);
+    // Re-use HMAC instance between blocks
+    const HMAC = hmac_js_1.hmac.create(hash, prk);
+    const HMACTmp = HMAC._cloneInto();
+    const T = new Uint8Array(HMAC.outputLen);
+    for (let counter = 0; counter < blocks; counter++) {
+        HKDF_COUNTER[0] = counter + 1;
+        // T(0) = empty string (zero length)
+        // T(N) = HMAC-Hash(PRK, T(N-1) | info | N)
+        HMACTmp.update(counter === 0 ? EMPTY_BUFFER : T)
+            .update(info)
+            .update(HKDF_COUNTER)
+            .digestInto(T);
+        okm.set(T, hash.outputLen * counter);
+        HMAC._cloneInto(HMACTmp);
+    }
+    HMAC.destroy();
+    HMACTmp.destroy();
+    T.fill(0);
+    HKDF_COUNTER.fill(0);
+    return okm.slice(0, length);
+}
+exports.expand = expand;
+/**
+ * HKDF (RFC 5869): extract + expand in one step.
+ * @param hash - hash function that would be used (e.g. sha256)
+ * @param ikm - input keying material, the initial key
+ * @param salt - optional salt value (a non-secret random value)
+ * @param info - optional context and application specific information
+ * @param length - length of output keying material in octets
+ */
+const hkdf = (hash, ikm, salt, info, length) => expand(hash, extract(hash, ikm, salt), info, length);
+exports.hkdf = hkdf;
+//# sourceMappingURL=hkdf.js.map