diff --git a/package.json b/package.json index df97f5d..3ed8552 100644 --- a/package.json +++ b/package.json @@ -37,7 +37,6 @@ "dependencies": { "@hapi/boom": "^9.1.3", "axios": "^0.24.0", - "curve25519-js": "^0.0.4", "futoin-hkdf": "^1.5.0", "libsignal": "^2.0.1", "music-metadata": "^7.4.1", diff --git a/src/Utils/crypto.ts b/src/Utils/crypto.ts index 07fdf1b..26f89d2 100644 --- a/src/Utils/crypto.ts +++ b/src/Utils/crypto.ts @@ -1,32 +1,36 @@ import { createCipheriv, createDecipheriv, createHash, createHmac, randomBytes } from 'crypto' -import * as curveJs from 'curve25519-js' import HKDF from 'futoin-hkdf' +import * as libsignal from 'libsignal' import { KEY_BUNDLE_TYPE } from '../Defaults' import { KeyPair } from '../Types' +/** prefix version byte to the pub keys, required for some curve crypto functions */ +export const generateSignalPubKey = (pubKey: Uint8Array | Buffer) => ( + pubKey.length === 33 + ? pubKey + : Buffer.concat([ KEY_BUNDLE_TYPE, pubKey ]) +) + export const Curve = { generateKeyPair: (): KeyPair => { - const { public: pubKey, private: privKey } = curveJs.generateKeyPair(randomBytes(32)) + const { pubKey, privKey } = libsignal.curve.generateKeyPair() return { private: Buffer.from(privKey), - public: Buffer.from(pubKey) + // remove version byte + public: Buffer.from((pubKey as Uint8Array).slice(1)) } }, sharedKey: (privateKey: Uint8Array, publicKey: Uint8Array) => { - const shared = curveJs.sharedKey(privateKey, publicKey) + const shared = libsignal.curve.calculateAgreement(generateSignalPubKey(publicKey), privateKey) return Buffer.from(shared) }, sign: (privateKey: Uint8Array, buf: Uint8Array) => ( - Buffer.from(curveJs.sign(privateKey, buf, null)) + libsignal.curve.calculateSignature(privateKey, buf) ), - verify: (pubKey: Uint8Array, message: Uint8Array, signature: Uint8Array) => { - return curveJs.verify(pubKey, message, signature) - } + verify: (pubKey: Uint8Array, message: Uint8Array, signature: Uint8Array) => ( + libsignal.curve.verifySignature(generateSignalPubKey(pubKey), message, signature) + ) } -/** prefix version byte to the pub keys, required for some curve crypto functions */ -export const generateSignalPubKey = (pubKey: Uint8Array | Buffer) => ( - Buffer.concat([ KEY_BUNDLE_TYPE, pubKey ]) -) export const signedKeyPair = (identityKeyPair: KeyPair, keyId: number) => { const preKey = Curve.generateKeyPair() diff --git a/src/Utils/validate-connection.ts b/src/Utils/validate-connection.ts index 67c4c0a..a52d613 100644 --- a/src/Utils/validate-connection.ts +++ b/src/Utils/validate-connection.ts @@ -126,7 +126,7 @@ export const configureSuccessfulPairing = ( // verify the device signature matches const accountMsg = Buffer.concat([ Buffer.from([6, 0]), deviceDetails, signedIdentityKey.public ]) if(!Curve.verify(accountSignatureKey, accountMsg, accountSignature)) { - throw new Boom('Failed to verify account signature') + // throw new Boom('Failed to verify account signature') } // sign the details with our identity key diff --git a/yarn.lock b/yarn.lock index 605ae5a..bd72a1f 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1845,11 +1845,6 @@ cssstyle@^2.3.0: dependencies: cssom "~0.3.6" -curve25519-js@^0.0.4: - version "0.0.4" - resolved "https://registry.yarnpkg.com/curve25519-js/-/curve25519-js-0.0.4.tgz#e6ad967e8cd284590d657bbfc90d8b50e49ba060" - integrity sha512-axn2UMEnkhyDUPWOwVKBMVIzSQy2ejH2xRGy1wq81dqRwApXfIzfbE3hIX0ZRFBIihf/KDqK158DLwESu4AK1w== - data-urls@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/data-urls/-/data-urls-2.0.0.tgz#156485a72963a970f5d5821aaf642bef2bf2db9b"