Riskless/static/js/modules/interface/random.js

156 lines
4.7 KiB
JavaScript
Raw Permalink Normal View History

2023-03-05 17:19:37 +00:00
import { socket, game } from "./main.js";
import { Packet } from "./packet.js";
2023-05-02 13:19:15 +00:00
import { cryptoRandom } from "../crypto/random_primes.js";
class RandomSession {
constructor(range) {
this.range = range;
2023-05-02 13:19:15 +00:00
this.hmacs = {};
this.keys = {};
this.noises = {};
this.ourKey = cryptoRandom(1024).toString(16);
this.ourNoise = cryptoRandom(64);
this.finalValue = null;
this.resolvers = [];
}
2023-05-02 13:19:15 +00:00
hmac() {
let hasher = new jsSHA("SHA3-256", "HEX");
hasher.update(this.ourKey);
hasher.update(this.ourNoise.toString(16));
return hasher.getHash("HEX");
}
}
export class Random {
constructor() {
this.sessions = {};
}
async get(n, sessionId) {
if (this.sessions[sessionId] === undefined) {
this.initialiseSession(n, sessionId);
}
let promise;
await navigator.locks.request(`random-${sessionId}`, () => {
if (this.sessions[sessionId].finalValue === null) {
let session = this.sessions[sessionId];
let resolver;
promise = new Promise((resolve) => {
resolver = resolve;
});
session.resolvers.push(resolver);
} else {
promise = new Promise((resolve) => {
resolve(this.sessions[sessionId].finalValue);
});
}
});
return promise;
}
/**
* Start a cooperative random session.
*/
initialiseSession(n, sessionId) {
let session = new RandomSession(n);
if (sessionId === undefined) {
sessionId = window.crypto.randomUUID();
}
this.sessions[sessionId] = session;
2023-03-05 17:19:37 +00:00
socket.emit(
"message",
2023-05-02 13:19:15 +00:00
Packet.createRandomHMAC(sessionId, n, session.hmac(), session.ourKey)
2023-03-05 17:19:37 +00:00
);
return session;
}
/**
* Process cooperative random protocol.
*
* @param data Packet received
*/
async processCooperativeRandom(data) {
// Step 0: extract relevant information from data
let session = this.sessions[data.session];
const stage = data.stage;
if (session === undefined) {
session = this.initialiseSession(data.range, data.session);
}
2023-05-02 13:19:15 +00:00
if (stage === "COMMIT") {
session.hmacs[data.author] = data.hmac;
session.keys[data.author] = data.key;
if (
2023-05-02 13:19:15 +00:00
Object.keys(session.hmacs).length ===
2023-03-04 00:25:54 +00:00
Object.keys(game.players).length - 1
) {
// Step 3: release our key once all players have sent a ciphertext
2023-03-05 17:19:37 +00:00
socket.emit(
"message",
2023-05-02 13:19:15 +00:00
Packet.createRandomNoise(
data.session,
"0x" + session.ourNoise.toString(16)
)
2023-03-05 17:19:37 +00:00
);
}
2023-05-02 13:19:15 +00:00
} else if (stage === "REVEAL") {
// Check HMAC
let noise = BigInt(data.noise) % 2n ** 64n;
let hasher = new jsSHA("SHA3-256", "HEX");
hasher.update(session.keys[data.author]);
hasher.update(noise.toString(16));
let hash = hasher.getHash("HEX");
if (hash === session.hmacs[data.author]) {
session.noises[data.author] = noise;
}
// Step 4: get final random value
if (
2023-05-02 13:19:15 +00:00
Object.keys(session.noises).length ===
2023-03-04 00:25:54 +00:00
Object.keys(game.players).length - 1
) {
// Lock out wait calls as they may resolve to never-ending promises.
await navigator.locks.request(`random-${data.session}`, () => {
2023-05-02 13:19:15 +00:00
let total = session.ourNoise;
2023-05-02 13:19:15 +00:00
for (let noise of Object.values(session.noises)) {
total += noise;
}
2023-05-02 13:19:15 +00:00
// Find first good block of bits
2023-04-21 10:08:49 +00:00
let blockSize = BigInt(Math.ceil(Math.log2(session.range)));
let blockMask = 2n ** blockSize - 1n;
while ((total & blockMask) >= BigInt(session.range)) {
total >>= blockSize;
}
session.finalValue = total & blockMask;
this.resolve(data.session);
});
}
}
}
/**
2023-04-21 10:08:49 +00:00
* Resolve a session by calling any callbacks associated with the session.
*
* @param sessionId
*/
resolve(sessionId) {
const session = this.sessions[sessionId];
for (let resolve of session.resolvers) {
resolve(session.finalValue);
}
}
}