git ssb - expose nacl and eccjs together · Dominic/ssb-keys@4a7f18b9

Commit 4a7f18b92164ae999f72c2edcdebf98a06b763c8

expose nacl and eccjs together

Dominic Tarr committed on 5/28/2015, 8:05:46 PM
Parent: 282cefe13443ab844ba055dac8ac8678bcb1f65d

Files changed

changed

index.jsView
		@@ -1,15 +1,19 @@
1	1	var fs = require('fs')
2	2	var crypto = require('crypto')
3	3	var ecc = require('eccjs')
4		-var k256 = ecc.curves.k256
	4	+
5	5	var Blake2s = require('blake2s')
6	6	var mkdirp = require('mkdirp')
7	7	var path = require('path')
8		-var curve = ecc.curves.k256
	8	+var nacl = require('ecma-nacl')
	9	+
9	10	var createHmac = require('hmac')
10	11	var deepEqual = require('deep-equal')
11	12
	13	+var k256 = curve = ecc.curves.k256
	14	+
	15	+
12	16	function clone (obj) {
13	17	var _obj = {}
14	18	for(var k in obj) {
15	19	if(Object.hasOwnProperty.call(obj, k))
		@@ -21,9 +25,8 @@
21	25	function hash (data, enc) {
22	26	return new Blake2s().update(data, enc).digest('base64') + '.blake2s'
23	27	}
24	28
25		-
26	29	function isHash (data) {
27	30	return isString(data) && /^[A-Za-z0-9\/+]{43}=\.blake2s$/.test(data)
28	31	}
29	32
		@@ -40,39 +43,47 @@
40	43
41	44	function empty(v) { return !!v }
42	45
43	46	function constructKeys() {
44		- var privateKey = crypto.randomBytes(32)
45		- var k = keysToBase64(ecc.restore(k256, privateKey))
46		- k.keyfile = [
	47	+ var keys = exports.generate()
	48	+ //var privateKey = crypto.randomBytes(32)
	49	+ //var k = keysToBase64(ecc.restore(k256, privateKey))
	50	+ keys.keyfile = [
47	51	'# this is your SECRET name.',
48	52	'# this name gives you magical powers.',
49	53	'# with it you can mark your messages so that your friends can verify',
50	54	'# that they really did come from you.',
51	55	'#',
52	56	'# if any one learns this name, they can use it to destroy your identity',
53	57	'# NEVER show this to anyone!!!',
54	58	'',
55		- k.private.toString('hex'),
	59	+ keys.private,
56	60	'',
57	61	'# WARNING! It\'s vital that you DO NOT edit OR share your secret name',
58	62	'# instead, share your public name',
59		- '# your public name: ' + k.id.toString('hex')
	63	+ '# your public name: ' + keys.id
60	64	].join('\n')
61		- return k
	65	+ return keys
62	66	}
63	67
64	68
65	69	function toBuffer(buf) {
66	70	if(buf == null) return buf
67	71	return new Buffer(buf.substring(0, buf.indexOf('.')), 'base64')
68	72	}
69	73
	74	+function toUint8(buf) {
	75	+ return new Uint8Array(toBuffer(buf))
	76	+}
	77	+
70	78	function keysToBase64 (keys) {
71		- var pub = tag(keys.public, 'k256')
	79	+
	80	+ var pub = tag(new Buffer(keys.public), keys.curve)
72	81	return {
	82	+ curve: keys.curve,
	83	+ type: keys.type,
73	84	public: pub,
74		- private: tag(keys.private, 'k256'),
	85	+ private: tag(keys.private, keys.curve),
75	86	id: hash(pub)
76	87	}
77	88	}
78	89
		@@ -87,23 +98,46 @@
87	98	private: toBuffer(key.private)
88	99	}
89	100	}
90	101
91		-function reconstructKeys(privateKeyStr) {
92		- privateKeyStr = privateKeyStr
	102	+function reconstructKeys(keyfile) {
	103	+ var private = keyfile
93	104	.replace(/\s\#[^\n]/g, '')
94	105	.split('\n').filter(empty).join('')
95	106
96		- var privateKey = (
97		- !/\./.test(privateKeyStr)
98		- ? new Buffer(privateKeyStr, 'hex')
99		- : toBuffer(privateKeyStr)
100		- )
	107	+ var i = private.indexOf('.')
101	108
102		- return keysToBase64(ecc.restore(k256, privateKey))
	109	+ var curve = private.substring(i+1)
	110	+// private = private.substring(0, i)
	111	+
	112	+
	113	+// var privateKey = (
	114	+// !/\./.test(privateKeyStr)
	115	+// ? new Buffer(privateKeyStr, 'hex')
	116	+// : toBuffer(privateKeyStr)
	117	+// )
	118	+
	119	+
	120	+ if(curve === 'ed25519') {
	121	+ var pub = tag(
	122	+ new Buffer(nacl.signing.extract_pkey(toUint8(private))),
	123	+ curve
	124	+ )
	125	+ return {
	126	+ type: curve === 'ed25519' ? 'nacl' : 'eccjs',
	127	+ curve: curve,
	128	+ private: private,
	129	+ public: pub,
	130	+ id: hash(pub)
	131	+ }
	132	+
	133	+ }
	134	+
	135	+ return keysToBase64(ecc.restore(k256, toBuffer(private)))
103	136	}
104	137
105	138	function tag (key, tag) {
	139	+ if(!tag) throw new Error('no tag for:' + key.toString('base64'))
106	140	return key.toString('base64')+'.' + tag.replace(/^\./, '')
107	141	}
108	142
109	143	var toNameFile = exports.toNameFile = function (namefile) {
		@@ -166,26 +200,77 @@
166	200
167	201	//this should return a key pair:
168	202	// {public: Buffer, private: Buffer}
169	203
170		-exports.generate = function () {
171		- return keysToBase64(ecc.restore(curve, crypto.randomBytes(32)))
	204	+exports.generate = function (curve) {
	205	+ var _keys = nacl.signing.generate_keypair(
	206	+ new Uint8Array(crypto.randomBytes(32))
	207	+ )
	208	+
	209	+ if(!curve) curve = 'ed25519'
	210	+
	211	+ if(curve === 'ed25519')
	212	+ return keysToBase64({
	213	+ type: 'nacl',
	214	+ curve: 'ed25519',
	215	+ public: new Buffer(_keys.pkey),
	216	+ private: new Buffer(_keys.skey),
	217	+ })
	218	+
	219	+ else if(curve === 'k256')
	220	+ return keysToBase64(ecc.restore(curve, crypto.randomBytes(32)))
172	221	}
173	222
174	223	//takes a public key and a hash and returns a signature.
175	224	//(a signature must be a node buffer)
176	225	exports.sign = function (keys, hash) {
177	226	var hashTag = hash.substring(hash.indexOf('.'))
178		- return tag(
179		- ecc.sign(curve, keysToBuffer(keys), hashToBuffer(hash)),
180		- hashTag + '.k256'
181		- )
	227	+
	228	+ if(keys.curve === 'ed25519')
	229	+ return tag(new Buffer(nacl.signing.sign(
	230	+ new Uint8Array(hashToBuffer(hash)),
	231	+ new Uint8Array(toBuffer(keys.private))
	232	+ )),
	233	+ hashTag + '.ed25519'
	234	+ )
	235	+
	236	+ else if(keys.curve === 'k256')
	237	+ return tag(
	238	+ ecc.sign(curve, keysToBuffer(keys), hashToBuffer(hash)),
	239	+ hashTag + '.k256'
	240	+ )
	241	+
	242	+ else
	243	+ throw new Error('unknown keys')
182	244	}
183	245
184	246	//takes a public key, signature, and a hash
185	247	//and returns true if the signature was valid.
186		-exports.verify = function (pub, sig, hash) {
187		- return ecc.verify(curve, keysToBuffer(pub), toBuffer(sig), hashToBuffer(hash))
	248	+exports.verify = function (keys, sig, hash) {
	249	+ //types all match.
	250	+ var curve = keys.curve
	251	+ if(!keys.curve && isString(keys.public))
	252	+ keys = keys.public
	253	+
	254	+ if(isString(keys))
	255	+ curve = keys.substring(keys.indexOf('.')+1)
	256	+
	257	+ if(curve === 'ed25519') {
	258	+ return nacl.signing.verify(
	259	+ new Uint8Array(toBuffer(sig)),
	260	+ new Uint8Array(hashToBuffer(hash)),
	261	+ new Uint8Array(toBuffer(keys.public \|\| keys))
	262	+ )
	263	+ }
	264	+ else if(keys.curve === 'k256')
	265	+ return ecc.verify(
	266	+ curve,
	267	+ keysToBuffer(keys),
	268	+ toBuffer(sig),
	269	+ hashToBuffer(hash)
	270	+ )
	271	+ else
	272	+ throw new Error('unknown curve:' + JSON.stringify(keys))
188	273	}
189	274
190	275	function createHash() {
191	276	return new Blake2s()
		@@ -235,16 +320,4 @@
235	320	ts: Date.now(),
236	321	public: keys.public
237	322	})
238	323	}
239		-
240		-exports.codec = {
241		- decode: function (string) {
242		- return JSON.parse(string)
243		- },
244		- encode: function (obj) {
245		- return JSON.stringify(obj, null, 2)
246		- },
247		- buffer: false
248		-}
249		-
250		-exports.keys = exports

Built with git-ssb-web

Dominic / ssb-keys

Commit 4a7f18b92164ae999f72c2edcdebf98a06b763c8

expose nacl and eccjs together

Files changed