mirror of
https://github.com/nbd-wtf/nostr-tools.git
synced 2026-01-31 06:28:50 +00:00
b40f59af74
This commit upgrades the noble cryptography dependencies to v2.0.1, which includes: Breaking changes addressed: - Updated all @noble imports to include .js extensions (required by v2 ESM-only API) - Changed @noble/hashes/sha256 to @noble/hashes/sha2.js across 8 files - Fixed secp256k1 API changes: methods now require Uint8Array instead of hex strings - Updated schnorr.utils.randomPrivateKey() to schnorr.utils.randomSecretKey() Files modified (27 total): - package.json: Bump dependency versions - Source files (12): pure.ts, nip04.ts, nip06.ts, nip13.ts, nip19.ts, nip44.ts, nip49.ts, nip77.ts, nip98.ts, nipb7.ts, utils.ts, wasm.ts - Test files (14): All corresponding test files updated Benefits: - Latest security updates from audited noble libraries - Smaller bundle sizes from v2 optimizations - Future-proof ESM-only compatibility - All tests passing Co-authored-by: OpenCode <opencode@anomalyco.com>
51 lines
1.6 KiB
TypeScript
51 lines
1.6 KiB
TypeScript
import { scrypt } from '@noble/hashes/scrypt.js'
|
|
import { xchacha20poly1305 } from '@noble/ciphers/chacha'
|
|
import { concatBytes, randomBytes } from '@noble/hashes/utils.js'
|
|
import { Bech32MaxSize, Ncryptsec, encodeBytes } from './nip19.ts'
|
|
import { bech32 } from '@scure/base'
|
|
|
|
export function encrypt(
|
|
sec: Uint8Array,
|
|
password: string,
|
|
logn: number = 16,
|
|
ksb: 0x00 | 0x01 | 0x02 = 0x02,
|
|
): Ncryptsec {
|
|
let salt = randomBytes(16)
|
|
let n = 2 ** logn
|
|
let key = scrypt(password.normalize('NFKC'), salt, { N: n, r: 8, p: 1, dkLen: 32 })
|
|
let nonce = randomBytes(24)
|
|
let aad = Uint8Array.from([ksb])
|
|
let xc2p1 = xchacha20poly1305(key, nonce, aad)
|
|
let ciphertext = xc2p1.encrypt(sec)
|
|
let b = concatBytes(Uint8Array.from([0x02]), Uint8Array.from([logn]), salt, nonce, aad, ciphertext)
|
|
return encodeBytes('ncryptsec', b)
|
|
}
|
|
|
|
export function decrypt(ncryptsec: string, password: string): Uint8Array {
|
|
let { prefix, words } = bech32.decode(ncryptsec, Bech32MaxSize)
|
|
if (prefix !== 'ncryptsec') {
|
|
throw new Error(`invalid prefix ${prefix}, expected 'ncryptsec'`)
|
|
}
|
|
let b = new Uint8Array(bech32.fromWords(words))
|
|
|
|
let version = b[0]
|
|
if (version !== 0x02) {
|
|
throw new Error(`invalid version ${version}, expected 0x02`)
|
|
}
|
|
|
|
let logn = b[1]
|
|
let n = 2 ** logn
|
|
|
|
let salt = b.slice(2, 2 + 16)
|
|
let nonce = b.slice(2 + 16, 2 + 16 + 24)
|
|
let ksb = b[2 + 16 + 24]
|
|
let aad = Uint8Array.from([ksb])
|
|
let ciphertext = b.slice(2 + 16 + 24 + 1)
|
|
|
|
let key = scrypt(password.normalize('NFKC'), salt, { N: n, r: 8, p: 1, dkLen: 32 })
|
|
let xc2p1 = xchacha20poly1305(key, nonce, aad)
|
|
let sec = xc2p1.decrypt(ciphertext)
|
|
|
|
return sec
|
|
}
|