internal: incomplete vault systems behind feature flag (#2340)

2023-06-30 09:01:56 -05:00
parent d16e401bb9
commit b032eb9c9b
638 changed files with 20321 additions and 4813 deletions
--- a/packages/sncrypto-web/src/crypto.ts
+++ b/packages/sncrypto-web/src/crypto.ts
@@ -380,13 +380,61 @@ export class SNWebCrypto implements PureCryptoInterface {
    return result
  }

-  public sodiumCryptoBoxGenerateKeypair(): PkcKeyPair {
-    const result = sodium.crypto_box_keypair()
+  sodiumCryptoBoxSeedKeypair(seed: HexString): PkcKeyPair {
+    const result = sodium.crypto_box_seed_keypair(Utils.hexStringToArrayBuffer(seed))

    const publicKey = Utils.arrayBufferToHexString(result.publicKey)
    const privateKey = Utils.arrayBufferToHexString(result.privateKey)

-    return { publicKey, privateKey, keyType: result.keyType }
+    return { publicKey, privateKey }
+  }
+
+  sodiumCryptoSignSeedKeypair(seed: HexString): PkcKeyPair {
+    const result = sodium.crypto_sign_seed_keypair(Utils.hexStringToArrayBuffer(seed))
+
+    const publicKey = Utils.arrayBufferToHexString(result.publicKey)
+    const privateKey = Utils.arrayBufferToHexString(result.privateKey)
+
+    return { publicKey, privateKey }
+  }
+
+  sodiumCryptoSign(message: Utf8String, secretKey: HexString): Base64String {
+    const result = sodium.crypto_sign_detached(message, Utils.hexStringToArrayBuffer(secretKey))
+
+    return Utils.arrayBufferToBase64(result)
+  }
+
+  sodiumCryptoSignVerify(message: Utf8String, signature: Base64String, publicKey: HexString): boolean {
+    return sodium.crypto_sign_verify_detached(
+      Utils.base64ToArrayBuffer(signature),
+      message,
+      Utils.hexStringToArrayBuffer(publicKey),
+    )
+  }
+
+  sodiumCryptoKdfDeriveFromKey(key: HexString, subkeyNumber: number, subkeyLength: number, context: string): HexString {
+    if (context.length !== 8) {
+      throw new Error('Context must be 8 bytes')
+    }
+
+    const result = sodium.crypto_kdf_derive_from_key(
+      subkeyLength,
+      subkeyNumber,
+      context,
+      Utils.hexStringToArrayBuffer(key),
+    )
+
+    return Utils.arrayBufferToHexString(result)
+  }
+
+  sodiumCryptoGenericHash(message: string, key?: HexString): HexString {
+    const result = sodium.crypto_generichash(
+      sodium.crypto_generichash_BYTES,
+      message,
+      key ? Utils.hexStringToArrayBuffer(key) : null,
+    )
+
+    return Utils.arrayBufferToHexString(result)
  }

  /**
--- a/packages/sncrypto-web/src/libsodium.ts
+++ b/packages/sncrypto-web/src/libsodium.ts
@@ -6,12 +6,19 @@ export {
  crypto_box_easy,
  crypto_box_keypair,
  crypto_box_open_easy,
+  crypto_box_seed_keypair,
+  crypto_generichash,
+  crypto_kdf_derive_from_key,
  crypto_pwhash_ALG_DEFAULT,
  crypto_pwhash,
  crypto_secretstream_xchacha20poly1305_init_pull,
  crypto_secretstream_xchacha20poly1305_init_push,
  crypto_secretstream_xchacha20poly1305_pull,
  crypto_secretstream_xchacha20poly1305_push,
+  crypto_sign_detached,
+  crypto_sign_keypair,
+  crypto_sign_seed_keypair,
+  crypto_sign_verify_detached,
  from_base64,
  from_hex,
  from_string,
@@ -19,6 +26,7 @@ export {
  to_base64,
  to_hex,
  to_string,
+  crypto_generichash_BYTES,
 } from 'libsodium-wrappers'

 export type { StateAddress } from 'libsodium-wrappers'
--- a/packages/sncrypto-web/test/crypto.test.js
+++ b/packages/sncrypto-web/test/crypto.test.js
@@ -259,15 +259,17 @@ describe('crypto operations', async function () {
  })

  it('pkc crypto_box_easy keypair generation', async function () {
-    const keypair = await webCrypto.sodiumCryptoBoxGenerateKeypair()
+    const seed = await webCrypto.generateRandomKey(32)
+    const keypair = await webCrypto.sodiumCryptoBoxSeedKeypair(seed)
    expect(keypair.keyType).to.equal('x25519')
    expect(keypair.publicKey.length).to.equal(64)
    expect(keypair.privateKey.length).to.equal(64)
  })

  it('pkc crypto_box_easy encrypt/decrypt', async function () {
-    const senderKeypair = await webCrypto.sodiumCryptoBoxGenerateKeypair()
-    const recipientKeypair = await webCrypto.sodiumCryptoBoxGenerateKeypair()
+    const seed = await webCrypto.generateRandomKey(32)
+    const senderKeyPair = await webCrypto.sodiumCryptoBoxSeedKeypair(seed)
+    const recipientKeyPair = await webCrypto.sodiumCryptoBoxSeedKeypair(seed)

    const nonce = await webCrypto.generateRandomKey(192)
    const plaintext = 'hello world 🌍'
@@ -275,8 +277,8 @@ describe('crypto operations', async function () {
    const ciphertext = await webCrypto.sodiumCryptoBoxEasyEncrypt(
      plaintext,
      nonce,
-      senderKeypair.privateKey,
-      recipientKeypair.publicKey,
+      senderKeyPair.privateKey,
+      recipientKeyPair.publicKey,
    )

    expect(ciphertext.length).to.equal(44)
@@ -284,8 +286,8 @@ describe('crypto operations', async function () {
    const decrypted = await webCrypto.sodiumCryptoBoxEasyDecrypt(
      ciphertext,
      nonce,
-      senderKeypair.publicKey,
-      recipientKeypair.privateKey,
+      senderKeyPair.publicKey,
+      recipientKeyPair.privateKey,
    )

    expect(decrypted).to.equal(plaintext)