66use FediE2EE \PKD \Crypto \Exceptions \CryptoException ;
77use FediE2EE \PKD \Crypto \Exceptions \InputException ;
88use FediE2EE \PKD \Crypto \Exceptions \NotImplementedException ;
9+ use FediE2EE \PKD \Crypto \Enums \ProtocolVersion ;
910use FediE2EE \PKD \Crypto \Merkle \Tree ;
1011use FediE2EE \PKD \Crypto \Protocol \Bundle ;
12+ use FediE2EE \PKD \Crypto \Protocol \EncryptedActions \EncryptedBurnDown ;
1113use FediE2EE \PKD \Crypto \Protocol \Parser ;
14+ use FediE2EE \PKD \Crypto \Protocol \SignedMessage ;
1215use FediE2EE \PKD \Crypto \PublicKey ;
1316use FediE2EE \PKD \Crypto \SecretKey ;
1417use FediE2EE \PKD \Exceptions \ClientException ;
1518use FediE2EE \PKD \ReadOnlyClient ;
1619use JsonException ;
1720use ParagonIE \ConstantTime \Base64UrlSafe ;
18- use ParagonIE \HPKE \HPKE ;
21+ use ParagonIE \HPKE \Factory ;
1922use ParagonIE \HPKE \HPKEException ;
20- use ParagonIE \HPKE \KEM \DHKEM \ Curve ;
21- use ParagonIE \HPKE \KEM \DHKEM \DecapsKey ;
22- use ParagonIE \HPKE \KEM \DHKEM \EncapsKey ;
23+ use ParagonIE \HPKE \KEM \PQKEM \ Algorithm ;
24+ use ParagonIE \HPKE \KEM \PQKEM \DecapsKey ;
25+ use ParagonIE \HPKE \KEM \PQKEM \EncapsKey ;
2326use PHPUnit \Framework \Attributes \CoversClass ;
2427use PHPUnit \Framework \Attributes \DataProvider ;
2528use PHPUnit \Framework \Attributes \Group ;
@@ -89,9 +92,9 @@ private static function identityPublicKeys(array $tc): array
8992 $ keys = [];
9093 foreach ($ tc ['identities ' ] as $ actorUrl => $ material ) {
9194 $ pkBytes = Base64UrlSafe::decodeNoPadding (
92- $ material ['ed25519 ' ]['public-key ' ]
95+ $ material ['mldsa44 ' ]['public-key ' ]
9396 );
94- $ keys [$ actorUrl ] = new PublicKey ($ pkBytes , 'ed25519 ' );
97+ $ keys [$ actorUrl ] = new PublicKey ($ pkBytes , 'mldsa44 ' );
9598 }
9699 return $ keys ;
97100 }
@@ -291,7 +294,17 @@ public function testSignedMessageSignatureVerification(
291294 array $ step ,
292295 ): void {
293296 $ bundle = Bundle::fromJson ($ step ['signed-message ' ]);
294- $ signedMsg = $ bundle ->toSignedMessage ();
297+ if ($ bundle ->getAction () === 'BurnDown ' ) {
298+ $ raw = json_decode ($ step ['signed-message ' ], true , 512 , JSON_THROW_ON_ERROR );
299+ $ signedMsg = new SignedMessage (
300+ new EncryptedBurnDown ($ raw ['message ' ]),
301+ $ raw ['recent-merkle-root ' ],
302+ Base64UrlSafe::decodeNoPadding ($ raw ['signature ' ]),
303+ ProtocolVersion::default (),
304+ );
305+ } else {
306+ $ signedMsg = $ bundle ->toSignedMessage ();
307+ }
295308 $ identityKeys = self ::identityPublicKeys ($ tc );
296309
297310 $ serverPkBytes = Base64UrlSafe::decodeNoPadding (
@@ -300,7 +313,7 @@ public function testSignedMessageSignatureVerification(
300313 $ allKeys = $ identityKeys ;
301314 $ allKeys ['__server__ ' ] = new PublicKey (
302315 $ serverPkBytes ,
303- 'ed25519 '
316+ 'mldsa44 '
304317 );
305318
306319 $ verified = false ;
@@ -420,23 +433,15 @@ public function testHpkeWrappedMessageDecryption(
420433 $ tc ['server-keys ' ]['hpke-encaps-key ' ]
421434 );
422435
423- $ factory = \ParagonIE \HPKE \Factory::init (
424- 'DHKEM(X25519, HKDF-SHA256), '
425- . ' HKDF-SHA256, ChaCha20Poly1305 '
426- );
427- $ hpke = new HPKE (
428- $ factory ->kem ,
429- $ factory ->kdf ,
430- $ factory ->aead
431- );
436+ $ hpke = Factory::init ('X-Wing, HKDF-SHA256, ChaCha20Poly1305 ' );
432437
433- $ curve = Curve:: X25519 ;
438+ $ algorithm = Algorithm::XWing ;
434439 $ decapsKey = new DecapsKey (
435- $ curve ,
440+ $ algorithm ,
436441 $ hpkeDecapsKeyBytes
437442 );
438443 $ encapsKey = new EncapsKey (
439- $ curve ,
444+ $ algorithm ,
440445 $ hpkeEncapsKeyBytes
441446 );
442447
0 commit comments