laantungir/nostr-tools
1
0
Fork 0
mirror of https://github.com/nbd-wtf/nostr-tools.git synced 2025-12-09 00:28:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix nip44 vectors (#308)

Browse Source 
* Fix nip44 vectors

* Update vectors

* Update vectors
This commit is contained in:
Paul Miller
2023-09-30 23:46:45 +02:00
committed by GitHub
parent eb0a9093f2
commit 5e85bbc2ed
3 changed files with 35 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
nip44.ts
View File

@@ -39,7 +39,7 @@ export const utils = {
pad(unpadded: string): Uint8Array {
const unpaddedB = utf8Encoder.encode(unpadded)
const len = unpaddedB.length
if (len < 1 || len >= utils.v2.maxPlaintextSize) throw new Error('plaintext should be between 1b and 64KB')
if (len < 1 || len >= utils.v2.maxPlaintextSize) throw new Error('invalid plaintext length: must be between 1b and 64KB')
const paddedLen = utils.v2.calcPadding(len)
const zeros = new Uint8Array(paddedLen - len)
const lenBuf = new Uint8Array(2)
@@ -68,38 +68,40 @@ export function encrypt(
): string {
const version = options.version ?? 2
if (version !== 2) throw new Error('unknown encryption version ' + version)
const salt = options.salt ?? randomBytes(32)
ensureBytes(salt, 32)
const keys = utils.v2.getMessageKeys(key, salt)
const padded = utils.v2.pad(plaintext)
const ciphertext = chacha20(keys.encryption, keys.nonce, padded)
const mac = hmac(sha256, keys.auth, ciphertext)
return base64.encode(concatBytes(new Uint8Array([version]), salt, ciphertext, mac))
}
export function decrypt(key: Uint8Array, ciphertext: string): string {
const u = utils.v2
ensureBytes(key, 32)
const clen = ciphertext.length
if (clen < u.minCiphertextSize || clen >= u.maxCiphertextSize) throw new Error('invalid ciphertext length: ' + clen)
if (clen < utils.v2.minCiphertextSize || clen >= utils.v2.maxCiphertextSize)
throw new Error('ciphertext length is invalid')
const v = ciphertext[0]
if (v === '#') throw new Error('unknown encryption version')
const data = base64.decode(ciphertext)
const version = data.subarray(0, 1)[0]
if (version !== 2) throw new Error('unknown encryption version ' + version)
if (ciphertext[0] === '#') throw new Error('unknown encryption version')
let data: Uint8Array
try {
data = base64.decode(ciphertext)
} catch (error) {
throw new Error('invalid base64: ' + (error as any).message)
}
const vers = data.subarray(0, 1)[0]
if (vers !== 2) throw new Error('unknown encryption version ' + vers)
const salt = data.subarray(1, 33)
const ciphertext_ = data.subarray(33, -32)
const mac = data.subarray(-32)
const keys = utils.v2.getMessageKeys(key, salt)
const keys = u.getMessageKeys(key, salt)
const calculatedMac = hmac(sha256, keys.auth, ciphertext_)
if (!equalBytes(calculatedMac, mac)) throw new Error('encryption MAC does not match')
if (!equalBytes(calculatedMac, mac)) throw new Error('invalid MAC')
const plaintext = chacha20(keys.encryption, keys.nonce, ciphertext_)
return utils.v2.unpad(plaintext)
const padded = chacha20(keys.encryption, keys.nonce, ciphertext_)
return u.unpad(padded)
}