[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-wallet-core] branch master updated (3557e307a -> 8a98a5f88)
|
From: |
gnunet |
|
Subject: |
[taler-wallet-core] branch master updated (3557e307a -> 8a98a5f88) |
|
Date: |
Wed, 21 Dec 2022 18:50:18 +0100 |
This is an automated email from the git hooks/post-receive script.
dold pushed a change to branch master
in repository wallet-core.
from 3557e307a fix: install doesn't work if there is directory inside
new 0b6002bbb crypto rename
new 8a98a5f88 wallet: use taler runtime (tart) if available
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
packages/taler-util/src/kdf.ts | 5 +
packages/taler-util/src/taler-crypto.test.ts | 18 ++--
packages/taler-util/src/taler-crypto.ts | 104 +++++++++++++++------
.../src/crypto/cryptoImplementation.ts | 8 +-
packages/taler-wallet-embedded/package.json | 3 +-
packages/taler-wallet-embedded/src/wallet-qjs.ts | 2 +-
6 files changed, 94 insertions(+), 46 deletions(-)
diff --git a/packages/taler-util/src/kdf.ts b/packages/taler-util/src/kdf.ts
index 5fcaa1b4c..dd8a2a459 100644
--- a/packages/taler-util/src/kdf.ts
+++ b/packages/taler-util/src/kdf.ts
@@ -16,6 +16,7 @@
import * as nacl from "./nacl-fast.js";
import { sha256 } from "./sha256.js";
+import { useNative } from "./taler-crypto.js";
export function sha512(data: Uint8Array): Uint8Array {
return nacl.hash(data);
@@ -65,6 +66,10 @@ export function kdf(
salt?: Uint8Array,
info?: Uint8Array,
): Uint8Array {
+ if (useNative && "_kdf" in globalThis) {
+ // @ts-ignore
+ return globalThis._kdf(outputLength, ikm, salt, info);
+ }
salt = salt ?? new Uint8Array(64);
// extract
const prk = hmacSha512(salt, ikm);
diff --git a/packages/taler-util/src/taler-crypto.test.ts
b/packages/taler-util/src/taler-crypto.test.ts
index 913bf4348..f154cb258 100644
--- a/packages/taler-util/src/taler-crypto.test.ts
+++ b/packages/taler-util/src/taler-crypto.test.ts
@@ -21,10 +21,10 @@ import test from "ava";
import {
encodeCrock,
decodeCrock,
- ecdheGetPublic,
+ ecdhGetPublic,
eddsaGetPublic,
- keyExchangeEddsaEcdhe,
- keyExchangeEcdheEddsa,
+ keyExchangeEddsaEcdh,
+ keyExchangeEcdhEddsa,
stringToBytes,
bytesToString,
deriveBSeed,
@@ -127,19 +127,19 @@ test("taler-exchange-tvg eddsa_ecdh", (t) => {
const key_material =
"PKZ42Z56SVK2796HG1QYBRJ6ZQM2T9QGA3JA4AAZ8G7CWK9FPX175Q9JE5P0ZAX3HWWPHAQV4DPCK10R9X3SAXHRV0WF06BHEC2ZTKR";
- const myEcdhePub = ecdheGetPublic(decodeCrock(priv_ecdhe));
+ const myEcdhePub = ecdhGetPublic(decodeCrock(priv_ecdhe));
t.deepEqual(encodeCrock(myEcdhePub), pub_ecdhe);
const myEddsaPub = eddsaGetPublic(decodeCrock(priv_eddsa));
t.deepEqual(encodeCrock(myEddsaPub), pub_eddsa);
- const myKm1 = keyExchangeEddsaEcdhe(
+ const myKm1 = keyExchangeEddsaEcdh(
decodeCrock(priv_eddsa),
decodeCrock(pub_ecdhe),
);
t.deepEqual(encodeCrock(myKm1), key_material);
- const myKm2 = keyExchangeEcdheEddsa(
+ const myKm2 = keyExchangeEcdhEddsa(
decodeCrock(priv_ecdhe),
decodeCrock(pub_eddsa),
);
@@ -193,19 +193,19 @@ test("taler-exchange-tvg eddsa_ecdh #2", (t) => {
const key_material =
"G6RA58N61K7MT3WA13Q7VRTE1FQS6H43RX9HK8Z5TGAB61601GEGX51JRHHQMNKNM2R9AVC1STSGQDRHGKWVYP584YGBCTVMMJYQF30";
- const myEcdhePub = ecdheGetPublic(decodeCrock(priv_ecdhe));
+ const myEcdhePub = ecdhGetPublic(decodeCrock(priv_ecdhe));
t.deepEqual(encodeCrock(myEcdhePub), pub_ecdhe);
const myEddsaPub = eddsaGetPublic(decodeCrock(priv_eddsa));
t.deepEqual(encodeCrock(myEddsaPub), pub_eddsa);
- const myKm1 = keyExchangeEddsaEcdhe(
+ const myKm1 = keyExchangeEddsaEcdh(
decodeCrock(priv_eddsa),
decodeCrock(pub_ecdhe),
);
t.deepEqual(encodeCrock(myKm1), key_material);
- const myKm2 = keyExchangeEcdheEddsa(
+ const myKm2 = keyExchangeEcdhEddsa(
decodeCrock(priv_ecdhe),
decodeCrock(pub_eddsa),
);
diff --git a/packages/taler-util/src/taler-crypto.ts
b/packages/taler-util/src/taler-crypto.ts
index 113e4194b..0f8d2d950 100644
--- a/packages/taler-util/src/taler-crypto.ts
+++ b/packages/taler-util/src/taler-crypto.ts
@@ -55,7 +55,37 @@ export function getRandomBytesF<T extends number, N extends
string>(
return nacl.randomBytes(n);
}
-const useNative = true;
+export const useNative = true;
+
+/**
+ * Interface of the native Taler runtime library.
+ */
+interface NativeTartLib {
+ decodeUtf8(buf: Uint8Array): string;
+ decodeUtf8(str: string): Uint8Array;
+ randomBytes(n: number): Uint8Array;
+ encodeCrock(buf: Uint8Array | ArrayBuffer): string;
+ decodeCrock(str: string): Uint8Array;
+ hash(buf: Uint8Array): Uint8Array;
+ eddsaGetPublic(buf: Uint8Array): Uint8Array;
+ ecdheGetPublic(buf: Uint8Array): Uint8Array;
+ eddsaSign(msg: Uint8Array, priv: Uint8Array): Uint8Array;
+ eddsaVerify(msg: Uint8Array, sig: Uint8Array, pub: Uint8Array): boolean;
+ kdf(outLen: number, ikm: Uint8Array, salt?: Uint8Array, info?: Uint8Array):
Uint8Array;
+ keyExchangeEcdhEddsa(ecdhPriv: Uint8Array, eddsaPub: Uint8Array): Uint8Array;
+ keyExchangeEddsaEcdh(eddsaPriv: Uint8Array, ecdhPub: Uint8Array): Uint8Array;
+ rsaBlind(hmsg: Uint8Array, bks: Uint8Array, rsaPub: Uint8Array): Uint8Array;
+ rsaUnblind(blindSig: Uint8Array, rsaPub: Uint8Array, bks: Uint8Array):
Uint8Array;
+ rsaVerify(hmsg: Uint8Array, rsaSig: Uint8Array, rsaPub: Uint8Array): boolean
+}
+
+// @ts-ignore
+let tart: NativeTartLib | undefined;
+
+if (useNative) {
+ // @ts-ignore
+ tart = globalThis._tart;
+}
const encTable = "0123456789ABCDEFGHJKMNPQRSTVWXYZ";
@@ -101,9 +131,8 @@ function getValue(chr: string): number {
}
export function encodeCrock(data: ArrayBuffer): string {
- if (useNative && "_encodeCrock" in globalThis) {
- // @ts-ignore
- return globalThis._encodeCrock(data);
+ if (tart) {
+ return tart.encodeCrock(data);
}
const dataBytes = new Uint8Array(data);
let sb = "";
@@ -142,9 +171,8 @@ export function kdfKw(args: {
}
export function decodeCrock(encoded: string): Uint8Array {
- if (useNative && "_decodeCrock" in globalThis) {
- // @ts-ignore
- return globalThis._decodeCrock(encoded);
+ if (tart) {
+ return tart.decodeCrock(encoded);
}
const size = encoded.length;
let bitpos = 0;
@@ -174,37 +202,45 @@ export function decodeCrock(encoded: string): Uint8Array {
}
export function eddsaGetPublic(eddsaPriv: Uint8Array): Uint8Array {
- if (useNative && "_eddsaGetPublic" in globalThis) {
- // @ts-ignore
- return globalThis._eddsaGetPublic(eddsaPriv);
+ if (tart) {
+ return tart.eddsaGetPublic(eddsaPriv);
}
const pair = nacl.crypto_sign_keyPair_fromSeed(eddsaPriv);
return pair.publicKey;
}
-export function ecdheGetPublic(ecdhePriv: Uint8Array): Uint8Array {
+export function ecdhGetPublic(ecdhePriv: Uint8Array): Uint8Array {
+ if (tart) {
+ return tart.ecdheGetPublic(ecdhePriv);
+ }
return nacl.scalarMult_base(ecdhePriv);
}
-export function keyExchangeEddsaEcdhe(
+export function keyExchangeEddsaEcdh(
eddsaPriv: Uint8Array,
- ecdhePub: Uint8Array,
+ ecdhPub: Uint8Array,
): Uint8Array {
+ if (tart) {
+ return tart.keyExchangeEddsaEcdh(eddsaPriv, ecdhPub);
+ }
const ph = hash(eddsaPriv);
const a = new Uint8Array(32);
for (let i = 0; i < 32; i++) {
a[i] = ph[i];
}
- const x = nacl.scalarMult(a, ecdhePub);
+ const x = nacl.scalarMult(a, ecdhPub);
return hash(x);
}
-export function keyExchangeEcdheEddsa(
- ecdhePriv: Uint8Array & MaterialEcdhePriv,
+export function keyExchangeEcdhEddsa(
+ ecdhPriv: Uint8Array & MaterialEcdhePriv,
eddsaPub: Uint8Array & MaterialEddsaPub,
): Uint8Array {
+ if (tart) {
+ return tart.keyExchangeEcdhEddsa(ecdhPriv, eddsaPub);
+ }
const curve25519Pub = nacl.sign_ed25519_pk_to_curve25519(eddsaPub);
- const x = nacl.scalarMult(ecdhePriv, curve25519Pub);
+ const x = nacl.scalarMult(ecdhPriv, curve25519Pub);
return hash(x);
}
@@ -365,6 +401,9 @@ export function rsaBlind(
bks: Uint8Array,
rsaPubEnc: Uint8Array,
): Uint8Array {
+ if (tart) {
+ return tart.rsaBlind(hm, bks, rsaPubEnc);
+ }
const rsaPub = rsaPubDecode(rsaPubEnc);
const data = rsaFullDomainHash(hm, rsaPub);
const r = rsaBlindingKeyDerive(rsaPub, bks);
@@ -378,6 +417,9 @@ export function rsaUnblind(
rsaPubEnc: Uint8Array,
bks: Uint8Array,
): Uint8Array {
+ if (tart) {
+ return tart.rsaUnblind(sig, rsaPubEnc, bks)
+ }
const rsaPub = rsaPubDecode(rsaPubEnc);
const blinded_s = loadBigInt(sig);
const r = rsaBlindingKeyDerive(rsaPub, bks);
@@ -391,6 +433,9 @@ export function rsaVerify(
rsaSig: Uint8Array,
rsaPubEnc: Uint8Array,
): boolean {
+ if (tart) {
+ return tart.rsaVerify(hm, rsaSig, rsaPubEnc);
+ }
const rsaPub = rsaPubDecode(rsaPubEnc);
const d = rsaFullDomainHash(hm, rsaPub);
const sig = loadBigInt(rsaSig);
@@ -629,14 +674,13 @@ export function createEddsaKeyPair(): EddsaKeyPair {
export function createEcdheKeyPair(): EcdheKeyPair {
const ecdhePriv = nacl.randomBytes(32);
- const ecdhePub = ecdheGetPublic(ecdhePriv);
+ const ecdhePub = ecdhGetPublic(ecdhePriv);
return { ecdhePriv, ecdhePub };
}
export function hash(d: Uint8Array): Uint8Array {
- if (useNative && "_hash" in globalThis) {
- // @ts-ignore
- return globalThis._hash(d);
+ if (tart) {
+ return tart.hash(d);
}
return nacl.hash(d);
}
@@ -723,9 +767,8 @@ export function hashDenomPub(pub: DenominationPubKey):
Uint8Array {
}
export function eddsaSign(msg: Uint8Array, eddsaPriv: Uint8Array): Uint8Array {
- if (useNative && "_eddsaSign" in globalThis) {
- // @ts-ignore
- return globalThis._eddsaSign(msg, eddsaPriv);
+ if (tart) {
+ return tart.eddsaSign(msg, eddsaPriv);
}
const pair = nacl.crypto_sign_keyPair_fromSeed(eddsaPriv);
return nacl.sign_detached(msg, pair.secretKey);
@@ -736,9 +779,8 @@ export function eddsaVerify(
sig: Uint8Array,
eddsaPub: Uint8Array,
): boolean {
- if (useNative && "_eddsaVerify" in globalThis) {
- // @ts-ignore
- return globalThis._eddsaVerify(msg, sig, eddsaPub);
+ if (tart) {
+ return tart.eddsaVerify(msg, sig, eddsaPub);
}
return nacl.sign_detached_verify(msg, sig, eddsaPub);
}
@@ -1353,7 +1395,7 @@ export function encryptContractForMerge(
mergePriv,
contractTermsCompressed,
]);
- const key = keyExchangeEcdheEddsa(contractPriv, pursePub);
+ const key = keyExchangeEcdhEddsa(contractPriv, pursePub);
return encryptWithDerivedKey(getRandomBytesF(24), key, data, mergeSalt);
}
@@ -1370,7 +1412,7 @@ export function encryptContractForDeposit(
bufferForUint32(contractTermsBytes.length),
contractTermsCompressed,
]);
- const key = keyExchangeEcdheEddsa(contractPriv, pursePub);
+ const key = keyExchangeEcdhEddsa(contractPriv, pursePub);
return encryptWithDerivedKey(getRandomBytesF(24), key, data, depositSalt);
}
@@ -1388,7 +1430,7 @@ export async function decryptContractForMerge(
pursePub: PursePublicKey,
contractPriv: ContractPrivateKey,
): Promise<DecryptForMergeResult> {
- const key = keyExchangeEcdheEddsa(contractPriv, pursePub);
+ const key = keyExchangeEcdhEddsa(contractPriv, pursePub);
const dec = await decryptWithDerivedKey(enc, key, mergeSalt);
const mergePriv = dec.slice(8, 8 + 32);
const contractTermsCompressed = dec.slice(8 + 32);
@@ -1408,7 +1450,7 @@ export async function decryptContractForDeposit(
pursePub: PursePublicKey,
contractPriv: ContractPrivateKey,
): Promise<DecryptForDepositResult> {
- const key = keyExchangeEcdheEddsa(contractPriv, pursePub);
+ const key = keyExchangeEcdhEddsa(contractPriv, pursePub);
const dec = await decryptWithDerivedKey(enc, key, depositSalt);
const contractTermsCompressed = dec.slice(8);
const contractTermsBuf = fflate.unzlibSync(contractTermsCompressed);
diff --git a/packages/taler-wallet-core/src/crypto/cryptoImplementation.ts
b/packages/taler-wallet-core/src/crypto/cryptoImplementation.ts
index d239270c8..5d2820fdb 100644
--- a/packages/taler-wallet-core/src/crypto/cryptoImplementation.ts
+++ b/packages/taler-wallet-core/src/crypto/cryptoImplementation.ts
@@ -42,7 +42,7 @@ import {
decryptContractForMerge,
DenomKeyType,
DepositInfo,
- ecdheGetPublic,
+ ecdhGetPublic,
eddsaGetPublic,
EddsaPublicKeyString,
eddsaSign,
@@ -62,7 +62,7 @@ import {
hashTruncate32,
kdf,
kdfKw,
- keyExchangeEcdheEddsa,
+ keyExchangeEcdhEddsa,
Logger,
MakeSyncSignatureRequest,
PlanchetCreationRequest,
@@ -1355,7 +1355,7 @@ export const nativeCryptoR: TalerCryptoInterfaceR = {
): Promise<KeyExchangeResult> {
return {
h: encodeCrock(
- keyExchangeEcdheEddsa(
+ keyExchangeEcdhEddsa(
decodeCrock(req.ecdhePriv),
decodeCrock(req.eddsaPub),
),
@@ -1367,7 +1367,7 @@ export const nativeCryptoR: TalerCryptoInterfaceR = {
req: EcdheGetPublicRequest,
): Promise<EcdheGetPublicResponse> {
return {
- pub: encodeCrock(ecdheGetPublic(decodeCrock(req.priv))),
+ pub: encodeCrock(ecdhGetPublic(decodeCrock(req.priv))),
};
},
async setupRefreshTransferPub(
diff --git a/packages/taler-wallet-embedded/package.json
b/packages/taler-wallet-embedded/package.json
index 5d1c501a6..d8cd5db29 100644
--- a/packages/taler-wallet-embedded/package.json
+++ b/packages/taler-wallet-embedded/package.json
@@ -41,9 +41,10 @@
"typescript": "^4.8.4"
},
"dependencies": {
- "@gnu-taler/taler-util": "workspace:*",
"@gnu-taler/idb-bridge": "workspace:*",
+ "@gnu-taler/taler-util": "workspace:*",
"@gnu-taler/taler-wallet-core": "workspace:*",
+ "@gnu-taler/taler-wallet-embedded": "link:",
"tslib": "^2.4.0"
}
}
diff --git a/packages/taler-wallet-embedded/src/wallet-qjs.ts
b/packages/taler-wallet-embedded/src/wallet-qjs.ts
index 889cbd83a..cdd5400cf 100644
--- a/packages/taler-wallet-embedded/src/wallet-qjs.ts
+++ b/packages/taler-wallet-embedded/src/wallet-qjs.ts
@@ -59,7 +59,7 @@ setGlobalLogLevelFromString("trace");
setPRNG(function (x: Uint8Array, n: number) {
// @ts-ignore
- const va = globalThis._randomBytes(n);
+ const va = globalThis._tart.randomBytes(n);
const v = new Uint8Array(va);
for (let i = 0; i < n; i++) x[i] = v[i];
for (let i = 0; i < v.length; i++) v[i] = 0;
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [taler-wallet-core] branch master updated (3557e307a -> 8a98a5f88),
gnunet <=