From 0b6002bbbc7d1d1e70bd798cd809884de6b9a471 Mon Sep 17 00:00:00 2001 From: Florian Dold Date: Wed, 21 Dec 2022 18:31:46 +0100 Subject: [PATCH] crypto rename --- packages/taler-util/src/kdf.ts | 5 ++ packages/taler-util/src/taler-crypto.test.ts | 18 +++---- packages/taler-util/src/taler-crypto.ts | 50 ++++++++++++++----- .../src/crypto/cryptoImplementation.ts | 8 +-- packages/taler-wallet-embedded/package.json | 3 +- 5 files changed, 57 insertions(+), 27 deletions(-) diff --git a/packages/taler-util/src/kdf.ts b/packages/taler-util/src/kdf.ts index 5fcaa1b4c..dd8a2a459 100644 --- a/packages/taler-util/src/kdf.ts +++ b/packages/taler-util/src/kdf.ts @@ -16,6 +16,7 @@ import * as nacl from "./nacl-fast.js"; import { sha256 } from "./sha256.js"; +import { useNative } from "./taler-crypto.js"; export function sha512(data: Uint8Array): Uint8Array { return nacl.hash(data); @@ -65,6 +66,10 @@ export function kdf( salt?: Uint8Array, info?: Uint8Array, ): Uint8Array { + if (useNative && "_kdf" in globalThis) { + // @ts-ignore + return globalThis._kdf(outputLength, ikm, salt, info); + } salt = salt ?? new Uint8Array(64); // extract const prk = hmacSha512(salt, ikm); diff --git a/packages/taler-util/src/taler-crypto.test.ts b/packages/taler-util/src/taler-crypto.test.ts index 913bf4348..f154cb258 100644 --- a/packages/taler-util/src/taler-crypto.test.ts +++ b/packages/taler-util/src/taler-crypto.test.ts @@ -21,10 +21,10 @@ import test from "ava"; import { encodeCrock, decodeCrock, - ecdheGetPublic, + ecdhGetPublic, eddsaGetPublic, - keyExchangeEddsaEcdhe, - keyExchangeEcdheEddsa, + keyExchangeEddsaEcdh, + keyExchangeEcdhEddsa, stringToBytes, bytesToString, deriveBSeed, @@ -127,19 +127,19 @@ test("taler-exchange-tvg eddsa_ecdh", (t) => { const key_material = "PKZ42Z56SVK2796HG1QYBRJ6ZQM2T9QGA3JA4AAZ8G7CWK9FPX175Q9JE5P0ZAX3HWWPHAQV4DPCK10R9X3SAXHRV0WF06BHEC2ZTKR"; - const myEcdhePub = ecdheGetPublic(decodeCrock(priv_ecdhe)); + const myEcdhePub = ecdhGetPublic(decodeCrock(priv_ecdhe)); t.deepEqual(encodeCrock(myEcdhePub), pub_ecdhe); const myEddsaPub = eddsaGetPublic(decodeCrock(priv_eddsa)); t.deepEqual(encodeCrock(myEddsaPub), pub_eddsa); - const myKm1 = keyExchangeEddsaEcdhe( + const myKm1 = keyExchangeEddsaEcdh( decodeCrock(priv_eddsa), decodeCrock(pub_ecdhe), ); t.deepEqual(encodeCrock(myKm1), key_material); - const myKm2 = keyExchangeEcdheEddsa( + const myKm2 = keyExchangeEcdhEddsa( decodeCrock(priv_ecdhe), decodeCrock(pub_eddsa), ); @@ -193,19 +193,19 @@ test("taler-exchange-tvg eddsa_ecdh #2", (t) => { const key_material = "G6RA58N61K7MT3WA13Q7VRTE1FQS6H43RX9HK8Z5TGAB61601GEGX51JRHHQMNKNM2R9AVC1STSGQDRHGKWVYP584YGBCTVMMJYQF30"; - const myEcdhePub = ecdheGetPublic(decodeCrock(priv_ecdhe)); + const myEcdhePub = ecdhGetPublic(decodeCrock(priv_ecdhe)); t.deepEqual(encodeCrock(myEcdhePub), pub_ecdhe); const myEddsaPub = eddsaGetPublic(decodeCrock(priv_eddsa)); t.deepEqual(encodeCrock(myEddsaPub), pub_eddsa); - const myKm1 = keyExchangeEddsaEcdhe( + const myKm1 = keyExchangeEddsaEcdh( decodeCrock(priv_eddsa), decodeCrock(pub_ecdhe), ); t.deepEqual(encodeCrock(myKm1), key_material); - const myKm2 = keyExchangeEcdheEddsa( + const myKm2 = keyExchangeEcdhEddsa( decodeCrock(priv_ecdhe), decodeCrock(pub_eddsa), ); diff --git a/packages/taler-util/src/taler-crypto.ts b/packages/taler-util/src/taler-crypto.ts index 113e4194b..3e55f68f1 100644 --- a/packages/taler-util/src/taler-crypto.ts +++ b/packages/taler-util/src/taler-crypto.ts @@ -55,7 +55,7 @@ export function getRandomBytesF( return nacl.randomBytes(n); } -const useNative = true; +export const useNative = true; const encTable = "0123456789ABCDEFGHJKMNPQRSTVWXYZ"; @@ -182,29 +182,41 @@ export function eddsaGetPublic(eddsaPriv: Uint8Array): Uint8Array { return pair.publicKey; } -export function ecdheGetPublic(ecdhePriv: Uint8Array): Uint8Array { +export function ecdhGetPublic(ecdhePriv: Uint8Array): Uint8Array { + if (useNative && "_ecdheGetPublic" in globalThis) { + // @ts-ignore + return globalThis._ecdheGetPublic(ecdhePriv); + } return nacl.scalarMult_base(ecdhePriv); } -export function keyExchangeEddsaEcdhe( +export function keyExchangeEddsaEcdh( eddsaPriv: Uint8Array, - ecdhePub: Uint8Array, + ecdhPub: Uint8Array, ): Uint8Array { + if (useNative && "_keyExchangeEddsaEcdh" in globalThis) { + // @ts-ignore + return globalThis._keyExchangeEddsaEcdh(eddsaPriv, ecdhPub); + } const ph = hash(eddsaPriv); const a = new Uint8Array(32); for (let i = 0; i < 32; i++) { a[i] = ph[i]; } - const x = nacl.scalarMult(a, ecdhePub); + const x = nacl.scalarMult(a, ecdhPub); return hash(x); } -export function keyExchangeEcdheEddsa( - ecdhePriv: Uint8Array & MaterialEcdhePriv, +export function keyExchangeEcdhEddsa( + ecdhPriv: Uint8Array & MaterialEcdhePriv, eddsaPub: Uint8Array & MaterialEddsaPub, ): Uint8Array { + if (useNative && "_keyExchangeEcdhEddsa" in globalThis) { + // @ts-ignore + return globalThis._keyExchangeEcdhEddsa(ecdhPriv, eddsaPub); + } const curve25519Pub = nacl.sign_ed25519_pk_to_curve25519(eddsaPub); - const x = nacl.scalarMult(ecdhePriv, curve25519Pub); + const x = nacl.scalarMult(ecdhPriv, curve25519Pub); return hash(x); } @@ -365,6 +377,10 @@ export function rsaBlind( bks: Uint8Array, rsaPubEnc: Uint8Array, ): Uint8Array { + if (useNative && "_rsaBlind" in globalThis) { + // @ts-ignore + return globalThis._rsaBlind(hm, bks, rsaPubEnc); + } const rsaPub = rsaPubDecode(rsaPubEnc); const data = rsaFullDomainHash(hm, rsaPub); const r = rsaBlindingKeyDerive(rsaPub, bks); @@ -378,6 +394,10 @@ export function rsaUnblind( rsaPubEnc: Uint8Array, bks: Uint8Array, ): Uint8Array { + if (useNative && "_rsaUnblind" in globalThis) { + // @ts-ignore + return globalThis._rsaUnblind(sig, rsaPubEnc, bks); + } const rsaPub = rsaPubDecode(rsaPubEnc); const blinded_s = loadBigInt(sig); const r = rsaBlindingKeyDerive(rsaPub, bks); @@ -391,6 +411,10 @@ export function rsaVerify( rsaSig: Uint8Array, rsaPubEnc: Uint8Array, ): boolean { + if (useNative && "_rsaVerify" in globalThis) { + // @ts-ignore + return globalThis._rsaVerify(hm, rsaSig, rsaPubEnc); + } const rsaPub = rsaPubDecode(rsaPubEnc); const d = rsaFullDomainHash(hm, rsaPub); const sig = loadBigInt(rsaSig); @@ -629,7 +653,7 @@ export function createEddsaKeyPair(): EddsaKeyPair { export function createEcdheKeyPair(): EcdheKeyPair { const ecdhePriv = nacl.randomBytes(32); - const ecdhePub = ecdheGetPublic(ecdhePriv); + const ecdhePub = ecdhGetPublic(ecdhePriv); return { ecdhePriv, ecdhePub }; } @@ -1353,7 +1377,7 @@ export function encryptContractForMerge( mergePriv, contractTermsCompressed, ]); - const key = keyExchangeEcdheEddsa(contractPriv, pursePub); + const key = keyExchangeEcdhEddsa(contractPriv, pursePub); return encryptWithDerivedKey(getRandomBytesF(24), key, data, mergeSalt); } @@ -1370,7 +1394,7 @@ export function encryptContractForDeposit( bufferForUint32(contractTermsBytes.length), contractTermsCompressed, ]); - const key = keyExchangeEcdheEddsa(contractPriv, pursePub); + const key = keyExchangeEcdhEddsa(contractPriv, pursePub); return encryptWithDerivedKey(getRandomBytesF(24), key, data, depositSalt); } @@ -1388,7 +1412,7 @@ export async function decryptContractForMerge( pursePub: PursePublicKey, contractPriv: ContractPrivateKey, ): Promise { - const key = keyExchangeEcdheEddsa(contractPriv, pursePub); + const key = keyExchangeEcdhEddsa(contractPriv, pursePub); const dec = await decryptWithDerivedKey(enc, key, mergeSalt); const mergePriv = dec.slice(8, 8 + 32); const contractTermsCompressed = dec.slice(8 + 32); @@ -1408,7 +1432,7 @@ export async function decryptContractForDeposit( pursePub: PursePublicKey, contractPriv: ContractPrivateKey, ): Promise { - const key = keyExchangeEcdheEddsa(contractPriv, pursePub); + const key = keyExchangeEcdhEddsa(contractPriv, pursePub); const dec = await decryptWithDerivedKey(enc, key, depositSalt); const contractTermsCompressed = dec.slice(8); const contractTermsBuf = fflate.unzlibSync(contractTermsCompressed); diff --git a/packages/taler-wallet-core/src/crypto/cryptoImplementation.ts b/packages/taler-wallet-core/src/crypto/cryptoImplementation.ts index d239270c8..5d2820fdb 100644 --- a/packages/taler-wallet-core/src/crypto/cryptoImplementation.ts +++ b/packages/taler-wallet-core/src/crypto/cryptoImplementation.ts @@ -42,7 +42,7 @@ import { decryptContractForMerge, DenomKeyType, DepositInfo, - ecdheGetPublic, + ecdhGetPublic, eddsaGetPublic, EddsaPublicKeyString, eddsaSign, @@ -62,7 +62,7 @@ import { hashTruncate32, kdf, kdfKw, - keyExchangeEcdheEddsa, + keyExchangeEcdhEddsa, Logger, MakeSyncSignatureRequest, PlanchetCreationRequest, @@ -1355,7 +1355,7 @@ export const nativeCryptoR: TalerCryptoInterfaceR = { ): Promise { return { h: encodeCrock( - keyExchangeEcdheEddsa( + keyExchangeEcdhEddsa( decodeCrock(req.ecdhePriv), decodeCrock(req.eddsaPub), ), @@ -1367,7 +1367,7 @@ export const nativeCryptoR: TalerCryptoInterfaceR = { req: EcdheGetPublicRequest, ): Promise { return { - pub: encodeCrock(ecdheGetPublic(decodeCrock(req.priv))), + pub: encodeCrock(ecdhGetPublic(decodeCrock(req.priv))), }; }, async setupRefreshTransferPub( diff --git a/packages/taler-wallet-embedded/package.json b/packages/taler-wallet-embedded/package.json index 5d1c501a6..d8cd5db29 100644 --- a/packages/taler-wallet-embedded/package.json +++ b/packages/taler-wallet-embedded/package.json @@ -41,9 +41,10 @@ "typescript": "^4.8.4" }, "dependencies": { - "@gnu-taler/taler-util": "workspace:*", "@gnu-taler/idb-bridge": "workspace:*", + "@gnu-taler/taler-util": "workspace:*", "@gnu-taler/taler-wallet-core": "workspace:*", + "@gnu-taler/taler-wallet-embedded": "link:", "tslib": "^2.4.0" } }