KSDaemon · KSDaemon · Oct 13, 2022 · Oct 13, 2022 · Oct 14, 2022 · Oct 14, 2022
diff --git a/.gitignore b/.gitignore
@@ -4,3 +4,4 @@
 connectanum-dart.iml
 .packages
 pubspec.lock
+coverage
diff --git a/README.md b/README.md
@@ -40,14 +40,14 @@ eventually fail.
         - ☑ MAC validation
         - ☑ password support
     - ☑ Load open ssh files
-        - ⬜ file validation
+        - ☐ file validation
         - ☑ password support
-    - ⬜ Load pkcs1 files
-        - ⬜ file validation
-        - ⬜ password support
-    - ⬜ Load pkcs8 files
-        - ⬜ file validation
-        - ⬜ password support
+    - ☐ Load pkcs1 files
+        - ☐ file validation
+        - ☐ password support
+    - ☐ Load pkcs8 files
+        - ☐ file validation
+        - ☐ password support
     - ☑ Load base64 encoded ed25519 private key
     - ☑ Load hex encoded ed25519 private key
 - ☑ [WAMP-SCRAM](https://wamp-proto.org/_static/gen/wamp_latest.html#wamp-scram)
@@ -58,39 +58,40 @@ eventually fail.
 
 - ☑ Progressive Call Results
 - ☑ Progressive Calls
-- ⬜ Call Timeouts
+- ☐ Call Timeouts
 - ☑ Call Canceling
 - ☑ Caller Identification
-- ⬜ Call Trust Levels
+- ☐ Call Trust Levels
 - ☑ Shared Registration
-- ⬜ Sharded Registration
+- ☐ Sharded Registration
+- ☑ Payload PassThru Mode
 
 ### Advanced PUB/SUB features
 
 - ☑ Subscriber Black- and Whitelisting
 - ☑ Publisher Exclusion
 - ☑ Publisher Identification
-- ⬜ Publication Trust Levels
+- ☐ Publication Trust Levels
 - ☑ Pattern-based Subscriptions
-- ⬜ Sharded Subscriptions
+- ☐ Sharded Subscriptions
 - ☑ Subscription Revocation
 - ☑ Event Retention
-- ☑ Payload Transparency
+- ☑ Payload PassThru Mode
 
 ### Transport
 
 - ☑ WebSockets
 - ☑ RawSockets
 - ☑ RawSockets with large data support (connectanum router only)
-- ⬜ E2E encryption
+- ☐ E2E encryption
 
 ### Transport Encoding
 
 - ☑ JSON
 - ☑ msgpack
 - ☑ CBOR
-- ⬜ UBJSON
-- ⬜ FlatBuffer
+- ☐ UBJSON
+- ☐ FlatBuffer
 
 ## Stream model
 
@@ -154,4 +155,4 @@ registered.onInvoke((invocation) {
 await for (final result in session.call("my.procedure")) {
   // do something with the result
 }
-```
+```
diff --git a/lib/src/authentication/abstract_authentication.dart b/lib/src/authentication/abstract_authentication.dart
@@ -1,7 +1,6 @@
 import 'package:connectanum/connectanum.dart';
 
 import '../message/authenticate.dart';
-import '../message/challenge.dart';
 
 abstract class AbstractAuthentication {
   /// This method is called by the session to modify the hello [details] for

diff --git a/lib/src/authentication/scram_authentication.dart b/lib/src/authentication/scram_authentication.dart
@@ -3,9 +3,7 @@ import 'dart:convert';
 import 'dart:math';
 import 'dart:typed_data';
 
-import 'package:pointycastle/digests/sha256.dart';
 import 'package:pointycastle/export.dart';
-import 'package:pointycastle/key_derivators/argon2.dart';
 import 'package:saslprep/saslprep.dart';
 
 import '../message/authenticate.dart';

diff --git a/lib/src/message/abstract_ppt_options.dart b/lib/src/message/abstract_ppt_options.dart
@@ -0,0 +1,30 @@
+/// Payload PassThru Options are the same across all wamp messages
+/// this provides a common checks for them
+abstract class PPTOptions {
+
+    // Payload Passthru mode options
+    String? ppt_scheme;
+    String? ppt_serializer;
+    String? ppt_cipher;
+    String? ppt_keyid;
+
+    bool VerifyPPT() {
+        if (ppt_scheme != null &&
+            ppt_scheme != 'wamp' &&
+            ppt_scheme != 'mqtt' &&
+            !ppt_scheme!.startsWith('x_')) {
+            throw ArgumentError.value(ppt_scheme, 'PPTSchemeError', 'ppt scheme provided is invalid');
+        }
+
+        if (ppt_scheme! == 'wamp' &&
+            (ppt_serializer == null || ppt_serializer != 'cbor' )) {
+            // WAMP E2EE works over cbor or flatbuffers, but we support only cbor
+            // So checking only against it
+            throw ArgumentError.value(ppt_serializer, 'PPTSerializerError', 'ppt serializer provided is invalid or not supported');
+        }
+
+        return true;
+    }
+
+    bool Verify();
+}
diff --git a/lib/src/message/call.dart b/lib/src/message/call.dart
@@ -1,5 +1,6 @@
 import 'abstract_message_with_payload.dart';
 import 'message_types.dart';
+import 'abstract_ppt_options.dart';
 
 /// The WAMP Call massage
 class Call extends AbstractMessageWithPayload {
@@ -21,7 +22,7 @@ class Call extends AbstractMessageWithPayload {
 }
 
 /// Options used influence the call behavior
-class CallOptions {
+class CallOptions extends PPTOptions {
   // progressive_call_results == true
   bool? receive_progress;
 
@@ -31,5 +32,26 @@ class CallOptions {
   // caller_identification == true
   bool? disclose_me;
 
-  CallOptions({this.receive_progress, this.timeout, this.disclose_me});
+  CallOptions(
+      {this.receive_progress,
+      this.timeout,
+      this.disclose_me,
+      String? ppt_scheme,
+      String? ppt_serializer,
+      String? ppt_cipher,
+      String? ppt_keyid}) {
+      this.ppt_scheme = ppt_scheme;
+      this.ppt_serializer = ppt_serializer;
+      this.ppt_cipher = ppt_cipher;
+      this.ppt_keyid = ppt_keyid;
+  }
+
+  @override
+  bool Verify() {
+      if (timeout! < 0) {
+          throw RangeError.value(timeout!, 'timeoutError', 'timeout must be >= 0');
+      }
+
+      return VerifyPPT();
+  }
 }
diff --git a/lib/src/message/details.dart b/lib/src/message/details.dart
@@ -94,7 +94,7 @@ class PublisherFeatures {
   bool publisher_identification = true;
   bool subscriber_blackwhite_listing = true;
   bool publisher_exclusion = true;
-  bool payload_transparency = true;
+  bool payload_passthru_mode = true;
 }
 
 class Broker {
@@ -111,7 +111,7 @@ class BrokerFeatures {
   bool session_meta_api = false;
   bool publisher_exclusion = false;
   bool event_history = false;
-  bool payload_transparency = false;
+  bool payload_passthru_mode = false;
 }
 
 class Subscriber {
@@ -122,7 +122,7 @@ class SubscriberFeatures {
   bool call_timeout = false;
   bool call_canceling = false;
   bool progressive_call_results = false;
-  bool payload_transparency = true;
+  bool payload_passthru_mode = true;
   bool subscription_revocation = true;
 }
 
@@ -141,7 +141,7 @@ class DealerFeatures {
   bool call_timeout = false;
   bool call_canceling = false;
   bool progressive_call_results = false;
-  bool payload_transparency = false;
+  bool payload_passthru_mode = false;
 }
 
 class Callee {
@@ -156,7 +156,7 @@ class CalleeFeatures {
   bool call_timeout = false;
   bool call_canceling = false;
   bool progressive_call_results = true;
-  bool payload_transparency = true;
+  bool payload_passthru_mode = true;
 }
 
 class Caller {
@@ -168,5 +168,5 @@ class CallerFeatures {
   bool call_timeout = false;
   bool call_canceling = false;
   bool progressive_call_results = true;
-  bool payload_transparency = true;
+  bool payload_passthru_mode = true;
 }
diff --git a/lib/src/message/event.dart b/lib/src/message/event.dart
@@ -1,4 +1,5 @@
 import 'abstract_message_with_payload.dart';
+import 'abstract_ppt_options.dart';
 import 'message_types.dart';
 
 class Event extends AbstractMessageWithPayload {
@@ -19,7 +20,7 @@ class Event extends AbstractMessageWithPayload {
 }
 
 /// Options used influence the event behavior
-class EventDetails {
+class EventDetails extends PPTOptions {
   // publisher_identification == true
   int? publisher;
 
@@ -29,5 +30,22 @@ class EventDetails {
   // for pattern-matching
   String? topic;
 
-  EventDetails({this.publisher, this.trustlevel, this.topic});
+  EventDetails(
+      {this.publisher,
+      this.trustlevel,
+      this.topic,
+      String? ppt_scheme,
+      String? ppt_serializer,
+      String? ppt_cipher,
+      String? ppt_keyid}) {
+      this.ppt_scheme = ppt_scheme;
+      this.ppt_serializer = ppt_serializer;
+      this.ppt_cipher = ppt_cipher;
+      this.ppt_keyid = ppt_keyid;
+  }
+
+  @override
+  bool Verify() {
+      return VerifyPPT();
+  }
 }
diff --git a/lib/src/message/invocation.dart b/lib/src/message/invocation.dart
@@ -1,7 +1,10 @@
 import 'dart:async';
 import 'dart:collection';
 
+import '../protocol/e2ee_payload.dart';
+import '../protocol/ppt_payload.dart';
 import 'abstract_message_with_payload.dart';
+import 'abstract_ppt_options.dart';
 import 'message_types.dart';
 import 'uri_pattern.dart';
 import 'error.dart';
@@ -18,22 +21,35 @@ class Invocation extends AbstractMessageWithPayload {
       Map<String, dynamic>? argumentsKeywords,
       bool isError = false,
       String? errorUri,
-      bool progressive = false}) {
+      YieldOptions? options}) {
     if (isError) {
-      assert(progressive == false);
+      if (options != null) {
+        assert(options.progress == false);
+      }
       assert(UriPattern.match(errorUri!));
       final error = Error(
           MessageTypes.CODE_INVOCATION, requestId, HashMap(), errorUri,
           arguments: arguments, argumentsKeywords: argumentsKeywords);
       _responseStreamController.add(error);
     } else {
+        var invokeArguments = arguments;
+        var invokeArgumentsKeywords = argumentsKeywords;
+
+        if (options?.ppt_scheme == 'wamp') {    // It's E2EE payload
+            invokeArguments = E2EEPayload.packE2EEPayload(arguments, argumentsKeywords, options!);
+            invokeArgumentsKeywords = null;
+        } else if (options?.ppt_scheme != null) {   // It's some variation of PPT
+            invokeArguments = PPTPayload.packPPTPayload(arguments, argumentsKeywords, options!);
+            invokeArgumentsKeywords = null;
+        }
+
       final yield = Yield(requestId,
-          options: YieldOptions(progressive),
-          arguments: arguments,
-          argumentsKeywords: argumentsKeywords);
+          options: options,
+          arguments: invokeArguments,
+          argumentsKeywords: invokeArgumentsKeywords);
       _responseStreamController.add(yield);
     }
-    if (!progressive) {
+    if (options != null && !options.progress) {
       _responseStreamController.close();
     }
   }
@@ -57,7 +73,7 @@ class Invocation extends AbstractMessageWithPayload {
   }
 }
 
-class InvocationDetails {
+class InvocationDetails extends PPTOptions {
   // caller_identification == true
   int? caller;
 
@@ -67,5 +83,22 @@ class InvocationDetails {
   // pattern_based_registration == true
   bool? receive_progress;
 
-  InvocationDetails(this.caller, this.procedure, this.receive_progress);
+  InvocationDetails(
+      this.caller,
+      this.procedure,
+      this.receive_progress,
+      [String? ppt_scheme,
+      String? ppt_serializer,
+      String? ppt_cipher,
+      String? ppt_keyid]) {
+      this.ppt_scheme = ppt_scheme;
+      this.ppt_serializer = ppt_serializer;
+      this.ppt_cipher = ppt_cipher;
+      this.ppt_keyid = ppt_keyid;
+  }
+
+  @override
+  bool Verify() {
+      return VerifyPPT();
+  }
 }
diff --git a/lib/src/message/publish.dart b/lib/src/message/publish.dart
@@ -1,4 +1,5 @@
 import 'abstract_message_with_payload.dart';
+import 'abstract_ppt_options.dart';
 import 'message_types.dart';
 
 class Publish extends AbstractMessageWithPayload {
@@ -16,7 +17,7 @@ class Publish extends AbstractMessageWithPayload {
   }
 }
 
-class PublishOptions {
+class PublishOptions extends PPTOptions {
   bool? acknowledge;
 
   // subscriber_blackwhite_listing == true
@@ -46,5 +47,19 @@ class PublishOptions {
       this.eligible_authrole,
       this.exclude_me,
       this.disclose_me,
-      this.retain});
+      this.retain,
+      String? ppt_scheme,
+      String? ppt_serializer,
+      String? ppt_cipher,
+      String? ppt_keyid}) {
+      this.ppt_scheme = ppt_scheme;
+      this.ppt_serializer = ppt_serializer;
+      this.ppt_cipher = ppt_cipher;
+      this.ppt_keyid = ppt_keyid;
+  }
+
+  @override
+  bool Verify() {
+      return VerifyPPT();
+  }
 }