handle rewrap response

Author: elizabethhealy

.github/workflows/format.yaml

@@ -1,6 +1,6 @@
 name: '🤖 🎨'
-on:
-  pull_request:
+# on:
+  # pull_request:
 jobs:
   format:
     runs-on: ubuntu-latest

lib/src/nanotdf/Client.ts

@@ -300,8 +300,24 @@ export default class Client {
       this.fulfillableObligationFQNs
     );
 
+    // Assume only one response and one result for now (V1 style)
+    const result = rewrapResp.responses[0].results[0];
+    let entityWrappedKey: Uint8Array<ArrayBufferLike>;
+    switch (result.result.case) {
+      case 'kasWrappedKey': {
+        entityWrappedKey = result.result.value;
+        break;
+      }
+      case 'error': {
+          const errorMessage = result.result.value;
+        throw new DecryptError(`KAS rewrap failed: ${errorMessage}`);
+      }
+      default: {
+        throw new DecryptError('KAS rewrap response missing wrapped key');
+      } 
+    }
+
     // Extract the iv and ciphertext
-    const entityWrappedKey = rewrapResp.entityWrappedKey;
     const ivLength =
       clientVersion == Client.SDK_INITIAL_RELEASE ? Client.INITIAL_RELEASE_IV_SIZE : Client.IV_SIZE;
     const iv = entityWrappedKey.subarray(0, ivLength);

lib/tdf3/src/tdf.ts

@@ -197,11 +197,6 @@ export type RewrapRequest = {
 
 export type KasPublicKeyFormat = 'pkcs8' | 'jwks';
 
-export type RewrapResponse = {
-  entityWrappedKey: string;
-  sessionPublicKey: string;
-};
-
 /**
  * If we have KAS url but not public key we can fetch it from KAS, fetching
  * the value from `${kas}/kas_public_key`.
@@ -791,19 +786,7 @@ async function unwrapKey({
 
     const clientPublicKey = ephemeralEncryptionKeys.publicKey;
 
-    // TODO: how to handle defaults here?
     // Convert keySplitInfo to protobuf KeyAccess
-    // const keyAccessProto = create(KeyAccessSchema, {
-    //   keyType: keySplitInfo.type || '',
-    //   kasUrl: keySplitInfo.url || '',
-    //   protocol: keySplitInfo.protocol || '',
-    //   wrappedKey: keySplitInfo.wrappedKey ? new Uint8Array(base64.decodeArrayBuffer(keySplitInfo.wrappedKey)) : new Uint8Array(),
-    //   policyBinding: keySplitInfo.policyBinding,
-    //   kid: keySplitInfo.kid || '',
-    //   splitId: keySplitInfo.sid || '',
-    //   encryptedMetadata: keySplitInfo.encryptedMetadata || '',
-    // });
-
     const keyAccessProto = create(KeyAccessSchema, {
       ...(keySplitInfo.type && { keyType: keySplitInfo.type }),
       ...(keySplitInfo.url && { kasUrl: keySplitInfo.url }),
@@ -847,39 +830,57 @@ async function unwrapKey({
       authProvider,
       fulfillableObligations
     );
-    const { entityWrappedKey, metadata, sessionPublicKey } = rewrapResp;
+    const { sessionPublicKey } = rewrapResp;
     const requiredObligations = getRequiredObligationFQNs(rewrapResp);
+    // Assume only one response and one result for now (V1 style)
+    const result = rewrapResp.responses[0].results[0];
+    const metadata = result.metadata;
+    // Handle the different cases of result.result
+    switch (result.result.case) {
+      case "kasWrappedKey": {
+        const entityWrappedKey = result.result.value;
+        
+        if (wrappingKeyAlgorithm === 'ec:secp256r1') {
+          const serverEphemeralKey: CryptoKey = await pemPublicToCrypto(sessionPublicKey);
+          const ekr = ephemeralEncryptionKeysRaw as CryptoKeyPair;
+          const kek = await keyAgreement(ekr.privateKey, serverEphemeralKey, {
+            hkdfSalt: await ztdfSalt,
+            hkdfHash: 'SHA-256',
+          });
+          const wrappedKeyAndNonce = entityWrappedKey;
+          const iv = wrappedKeyAndNonce.slice(0, 12);
+          const wrappedKey = wrappedKeyAndNonce.slice(12);
 
-    if (wrappingKeyAlgorithm === 'ec:secp256r1') {
-      const serverEphemeralKey: CryptoKey = await pemPublicToCrypto(sessionPublicKey);
-      const ekr = ephemeralEncryptionKeysRaw as CryptoKeyPair;
-      const kek = await keyAgreement(ekr.privateKey, serverEphemeralKey, {
-        hkdfSalt: await ztdfSalt,
-        hkdfHash: 'SHA-256',
-      });
-      const wrappedKeyAndNonce = entityWrappedKey;
-      const iv = wrappedKeyAndNonce.slice(0, 12);
-      const wrappedKey = wrappedKeyAndNonce.slice(12);
-
-      const dek = await crypto.subtle.decrypt({ name: 'AES-GCM', iv }, kek, wrappedKey);
-
-      return {
-        key: new Uint8Array(dek),
-        metadata,
-        requiredObligations,
-      };
-    }
-    const key = Binary.fromArrayBuffer(entityWrappedKey);
-    const decryptedKeyBinary = await cryptoService.decryptWithPrivateKey(
-      key,
-      ephemeralEncryptionKeys.privateKey
-    );
+          const dek = await crypto.subtle.decrypt({ name: 'AES-GCM', iv }, kek, wrappedKey);
 
-    return {
-      key: new Uint8Array(decryptedKeyBinary.asByteArray()),
-      metadata,
-      requiredObligations,
-    };
+          return {
+            key: new Uint8Array(dek),
+            metadata,
+            requiredObligations,
+          };
+        }
+          const key = Binary.fromArrayBuffer(entityWrappedKey);
+          const decryptedKeyBinary = await cryptoService.decryptWithPrivateKey(
+            key,
+            ephemeralEncryptionKeys.privateKey
+          );
+
+          return {
+            key: new Uint8Array(decryptedKeyBinary.asByteArray()),
+            metadata,
+            requiredObligations,
+          };
+      }
+      
+      case "error": {
+        const errorMessage = result.result.value;
+        throw new DecryptError(`KAS rewrap failed: ${errorMessage}`);
+      }
+      
+      default: {
+        throw new DecryptError('KAS rewrap response missing wrapped key');
+      }
+    }
   }
 
   let poolSize = 1;