JS ed25519

This commit is contained in:
Matt Corallo 2014-07-20 08:54:00 +00:00
parent b94ba6b726
commit b5c6e3d101
18 changed files with 172 additions and 145 deletions

View file

@ -77,11 +77,11 @@ window.textsecure.crypto = function() {
if (textsecure.nacl.USE_NACL) {
return textsecure.nacl.postNaclMessage({command: "bytesToPriv", priv: privKey}).then(function(message) {
var priv = message.res;
var priv = message.res.slice(0, 32);
if (!isIdentity)
new Uint8Array(priv)[0] |= 0x01;
return textsecure.nacl.postNaclMessage({command: "privToPub", priv: priv}).then(function(message) {
return { pubKey: prependVersion(message.res), privKey: priv };
return { pubKey: prependVersion(message.res.slice(0, 32)), privKey: priv };
});
});
} else {
@ -239,21 +239,25 @@ window.textsecure.crypto = function() {
/*****************************
*** Internal Crypto stuff ***
*****************************/
var validatePubKeyFormat = function(pubKey) {
if (pubKey === undefined || ((pubKey.byteLength != 33 || new Uint8Array(pubKey)[0] != 5) && pubKey.byteLength != 32))
throw new Error("Invalid public key");
if (pubKey.byteLength == 33)
return pubKey.slice(1);
else
console.error("WARNING: Expected pubkey of length 33, please report the ST and client that generated the pubkey");
}
testing_only.ECDHE = function(pubKey, privKey) {
if (privKey === undefined || privKey.byteLength != 32)
throw new Error("Invalid private key");
if (pubKey === undefined || ((pubKey.byteLength != 33 || new Uint8Array(pubKey)[0] != 5) && pubKey.byteLength != 32))
throw new Error("Invalid public key");
if (pubKey.byteLength == 33)
pubKey = pubKey.slice(1);
else
console.error("WARNING: Expected pubkey of length 33, please report the ST and client that generated the pubkey");
pubKey = validatePubKeyFormat(pubKey);
return new Promise(function(resolve) {
if (textsecure.nacl.USE_NACL) {
textsecure.nacl.postNaclMessage({command: "ECDHE", priv: privKey, pub: pubKey}).then(function(message) {
resolve(message.res);
resolve(message.res.slice(0, 32));
});
} else {
resolve(toArrayBuffer(curve25519(new Uint16Array(privKey), new Uint16Array(pubKey))));
@ -262,6 +266,49 @@ window.textsecure.crypto = function() {
}
var ECDHE = function(pubKey, privKey) { return testing_only.ECDHE(pubKey, privKey); }
testing_only.Ed25519Sign = function(privKey, message) {
if (privKey === undefined || privKey.byteLength != 32)
throw new Error("Invalid private key");
if (message === undefined)
throw new Error("Invalid message");
if (textsecure.nacl.USE_NACL) {
return textsecure.nacl.postNaclMessage({command: "Ed25519Sign", priv: privKey, msg: message}).then(function(message) {
return message.res;
});
} else {
throw new Error("Ed25519 in JS not yet supported");
}
}
var Ed25519Sign = function(privKey, pubKeyToSign) {
pubKeyToSign = validatePubKeyFormat(pubKeyToSign);
return testing_only.Ed25519Sign(privKey, pubKeyToSign);
}
testing_only.Ed25519Verify = function(pubKey, msg, sig) {
pubKey = validatePubKeyFormat(pubKey);
if (msg === undefined)
throw new Error("Invalid message");
if (sig === undefined || sig.byteLength != 64)
throw new Error("Invalid signature");
if (textsecure.nacl.USE_NACL) {
return textsecure.nacl.postNaclMessage({command: "Ed25519Verify", pub: pubKey, msg: msg, sig: sig}).then(function(message) {
if (!message.res)
throw new Error("Invalid signature");
});
} else {
throw new Error("Ed25519 in JS not yet supported");
}
}
var Ed25519Verify = function(pubKey, signedPubKey, sig) {
signedPubKey = validatePubKeyFormat(signedPubKey);
return testing_only.Ed25519Verify(pubKey, signedPubKey, sig);
}
testing_only.HKDF = function(input, salt, info) {
// Specific implementation of RFC 5869 that only returns exactly 64 bytes
return HmacSHA256(salt, input).then(function(PRK) {