From 6446411d2acdd52b75242e56ab5428f80f8ba261 Mon Sep 17 00:00:00 2001 From: Simonas Karuzas Date: Tue, 18 Feb 2020 11:32:01 +0200 Subject: [PATCH] feat: Adding daf-react-native-libsodium --- packages/daf-react-native-libsodium/LICENSE | 201 ++++ packages/daf-react-native-libsodium/README.md | 1 + .../daf-react-native-libsodium/package.json | 35 + .../daf-react-native-libsodium/src/didcomm.ts | 331 +++++++ .../daf-react-native-libsodium/src/index.ts | 1 + .../src/key-management-system.ts | 101 ++ .../daf-react-native-libsodium/tsconfig.json | 8 + .../types/react-native-sodium/index.d.ts | 934 ++++++++++++++++++ packages/tsconfig.json | 1 + yarn.lock | 5 + 10 files changed, 1618 insertions(+) create mode 100644 packages/daf-react-native-libsodium/LICENSE create mode 100644 packages/daf-react-native-libsodium/README.md create mode 100644 packages/daf-react-native-libsodium/package.json create mode 100644 packages/daf-react-native-libsodium/src/didcomm.ts create mode 100644 packages/daf-react-native-libsodium/src/index.ts create mode 100644 packages/daf-react-native-libsodium/src/key-management-system.ts create mode 100644 packages/daf-react-native-libsodium/tsconfig.json create mode 100644 packages/daf-react-native-libsodium/types/react-native-sodium/index.d.ts diff --git a/packages/daf-react-native-libsodium/LICENSE b/packages/daf-react-native-libsodium/LICENSE new file mode 100644 index 000000000..261eeb9e9 --- /dev/null +++ b/packages/daf-react-native-libsodium/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/packages/daf-react-native-libsodium/README.md b/packages/daf-react-native-libsodium/README.md new file mode 100644 index 000000000..771a86b65 --- /dev/null +++ b/packages/daf-react-native-libsodium/README.md @@ -0,0 +1 @@ +# DAF libsodium modules diff --git a/packages/daf-react-native-libsodium/package.json b/packages/daf-react-native-libsodium/package.json new file mode 100644 index 000000000..a3964c9f4 --- /dev/null +++ b/packages/daf-react-native-libsodium/package.json @@ -0,0 +1,35 @@ +{ + "name": "daf-react-native-libsodium", + "description": "DAF react native libsodium modules", + "version": "2.1.0", + "main": "build/index.js", + "types": "build/index.d.ts", + "scripts": { + "build": "tsc" + }, + "dependencies": { + "base-58": "^0.0.1", + "daf-core": "^2.1.0", + "debug": "^4.1.1", + "did-jwt": "^4.0.0", + "elliptic": "^6.5.2", + "ethjs-signer": "^0.1.1", + "react-native-sodium": "^0.3.6" + }, + "devDependencies": { + "@types/debug": "^4.1.5", + "@types/ethjs-signer": "^0.1.0", + "typescript": "^3.7.5" + }, + "files": [ + "build/**/*", + "src/**/*", + "README.md", + "LICENSE" + ], + "repository": "git@github.com:uport-project/daf.git", + "author": "Simonas Karuzas ", + "license": "Apache-2.0", + "keywords": [], + "gitHead": "ec317e0f10cffe731648a8c2d8f58def3d3c85ff" +} diff --git a/packages/daf-react-native-libsodium/src/didcomm.ts b/packages/daf-react-native-libsodium/src/didcomm.ts new file mode 100644 index 000000000..65732a435 --- /dev/null +++ b/packages/daf-react-native-libsodium/src/didcomm.ts @@ -0,0 +1,331 @@ +const Base58 = require('base-58') +import sodium from 'react-native-sodium' + +interface IUnpackedMsg { + message: string + recipientKey: any + senderKey: string + nonRepudiableVerification: boolean +} + +interface JWSUnpacked { + content: string + verkey: string + verified: boolean +} + +export class DIDComm { + public readonly ready: Promise + private sodium: any + + /** + * Creates a new PackUnpack object. The returned object contains a .Ready property: + * a promise that must be resolved before the object can be used. You can + * simply `await` the resolution of the .Ready property. + * + * Example: + * let packUnpack = new PackUnpack + * (async () => { + * await packUnpack.Ready + * }()) + */ + constructor() { + this.ready = new Promise(async (res, rej) => { + try { + await sodium.ready + this.sodium = sodium + res() + } catch (err) { + rej(err) + } + }) + } + + /** + * Uses libsodium to generate a key pair, you may pass these keys into the pack/unpack functions + * @ + */ + public async generateKeyPair(): Promise { + return this.sodium.crypto_sign_keypair() + } + + /** + * Used to encrypt or encrypt and sign a message for one or many recipients so the recipients can authenticate the + * sender in both repudiable and non repudiable formats. By default messages should use repudiable authentication. + * This should be the most common API used. + * @param msg the message to be encrypted or encrypted and signed + * @param recipientKeys the keys which the message will be encrypted for + * @param senderKeys the keys used to encrypted or encrypt and sign a message + * @param nonRepudiable determines whether a message is encrypted only or signed and encrypted + * @returns if nonRepudiable == true returns the msg encrypted and signed as follows JWE(JWS(msg)) + * if nonRepudiable == false returns the msg encrypted as follows JWE(msg) + */ + public async pack_auth_msg_for_recipients( + msg: string, + recipientKeys: Uint8Array[], + senderKeys: sodium.KeyPair, + nonRepudiable: Boolean = false, + ): Promise { + if (nonRepudiable) { + //return JWE(JWS(msg)) + let signedMsg = await this.signContent(msg, senderKeys) + return this.packMessage(signedMsg, recipientKeys, senderKeys) + } else { + // return (JWE(msg)) + return this.packMessage(msg, recipientKeys, senderKeys) + } + } + + /** + * + * @param msg this is the message which will be anonymously encrypted for one or many recipients + * @param recipientKeys a list of the recipients keys + * @returns a JWE with an ephemeral sender key + */ + public async pack_anon_msg_for_recipients(msg: string, recipientKeys: Uint8Array[]): Promise { + return this.packMessage(msg, recipientKeys, null) + } + + /** + * + * @param msg the message to signed with non-repudiation but not encrypted + * @param senderKeys the key used to sign the + * @returns a compact JWS + */ + public async pack_nonrepudiable_msg_for_anyone(msg: string, senderKeys: sodium.KeyPair): Promise { + return this.signContent(msg, senderKeys) + } + + /** + * Unpacks a message + * @param encMsg message to be decrypted + * @param toKeys key pair of party decrypting the message + */ + public async unpackMessage(packedMsg: string, toKeys: sodium.KeyPair): Promise { + try { + return await this.unpackEncrypted(packedMsg, toKeys) + } catch (err) { + let jwsChecked = this.verifyContent(packedMsg) + return { + message: jwsChecked.content, + recipientKey: null, + senderKey: jwsChecked.verkey, + nonRepudiableVerification: jwsChecked.verified, + } + } + } + + /** + * + * Packs a message. + * @param message string message to be encrypted + * @param toKeys public key of the entity encrypting message for + * @param fromKeys keypair of person encrypting message + */ + private async packMessage( + msg: string, + recipientKeys: Uint8Array[], + fromKeys: sodium.KeyPair | null = null, + ): Promise { + let [recipsJson, cek] = this.prepareRecipientKeys(recipientKeys, fromKeys) + let recipsB64 = this.b64url(recipsJson) + + let [ciphertext, tag, iv] = this.encryptPlaintext(msg, recipsB64, cek) + + return JSON.stringify({ + ciphertext: this.b64url(ciphertext), + iv: this.b64url(iv), + protected: recipsB64, + tag: this.b64url(tag), + }) + } + + private async unpackEncrypted(encMsg: string, toKeys: sodium.KeyPair): Promise { + let wrapper + if (typeof encMsg === 'string') { + wrapper = JSON.parse(encMsg) + } else { + wrapper = encMsg + } + if (typeof toKeys.publicKey === 'string') { + toKeys.publicKey = Base58.decode(toKeys.publicKey) + } + if (typeof toKeys.privateKey === 'string') { + toKeys.privateKey = Base58.decode(toKeys.privateKey) + } + let recipsJson = this.strB64dec(wrapper.protected) + let recipsOuter = JSON.parse(recipsJson) + + let alg = recipsOuter.alg + let isAuthcrypt = alg === 'Authcrypt' + if (!isAuthcrypt && alg !== 'Anoncrypt') { + throw new Error('Unsupported pack algorithm: ' + alg) + } + let [cek, senderVk, recipVk] = this.locateRecKey(recipsOuter.recipients, toKeys) + if (!senderVk && isAuthcrypt) { + throw new Error('Sender public key not provided in Authcrypt message') + } + let ciphertext = this.b64dec(wrapper.ciphertext) + let nonce = this.b64dec(wrapper.iv) + let tag = this.b64dec(wrapper.tag) + + let message = this.decryptPlaintext(ciphertext, tag, wrapper.protected, nonce, cek) + try { + let jwsVerified = this.verifyContent(message) + return { + message: jwsVerified.content, + recipientKey: recipVk, + senderKey: senderVk, + nonRepudiableVerification: senderVk === jwsVerified.verkey ? true : false, + } + } catch (err) { + return { + message, + recipientKey: recipVk, + senderKey: senderVk, + nonRepudiableVerification: false, + } + } + } + + private async signContent(msg: string, signerKeyPair: sodium.KeyPair): Promise { + // get public key base58 encoded + let senderVk = Base58.encode(signerKeyPair.publicKey) + + // generate jose header, b64url encode it, and concat to b64url encoded payload + let joseHeader = { + alg: 'EdDSA', + kid: senderVk, + } + let joseString = JSON.stringify(joseHeader) + let b64JoseStr = this.b64url(joseString) + let b64Payload = this.b64url(msg) + let headerAndPayloadConcat = `${b64JoseStr}.${b64Payload}` + + //sign data and return compact JWS + let signature = this.b64url(sodium.crypto_sign(headerAndPayloadConcat, signerKeyPair.privateKey)) + return `${headerAndPayloadConcat}.${signature}` + } + + private verifyContent(jws: string): JWSUnpacked { + let jwsSplit = jws.split('.') + let joseHeader = JSON.parse(this.strB64dec(jwsSplit[0])) + if (joseHeader.alg != 'EdDSA') { + throw 'Cryptographic algorithm unidentifiable' + } + let sigMsg = sodium.crypto_sign_open(this.b64dec(jwsSplit[2]), Base58.decode(joseHeader.kid)) + + return { + content: this.strB64dec(jwsSplit[1]), + verkey: joseHeader.kid, + verified: sodium.to_string(sigMsg) === `${jwsSplit[0]}.${jwsSplit[1]}` ? true : false, + } + } + + b64url(input: any) { + return this.sodium.to_base64(input, this.sodium.base64_variants.URLSAFE) + } + + b64dec(input: any) { + return this.sodium.from_base64(input, this.sodium.base64_variants.URLSAFE) + } + + private strB64dec(input: any) { + return this.sodium.to_string(this.sodium.from_base64(input, this.sodium.base64_variants.URLSAFE)) + } + + private encryptPlaintext(message: any, addData: any, key: any) { + let iv = this.sodium.randombytes_buf(this.sodium.crypto_aead_chacha20poly1305_ietf_NPUBBYTES) + let out = this.sodium.crypto_aead_chacha20poly1305_ietf_encrypt_detached(message, addData, null, iv, key) + return [out.ciphertext, out.mac, iv] + } + + private decryptPlaintext(ciphertext: any, mac: any, recipsBin: any, nonce: any, key: any) { + return this.sodium.to_string( + this.sodium.crypto_aead_chacha20poly1305_ietf_decrypt_detached( + null, // nsec + ciphertext, + mac, + recipsBin, // ad + nonce, // npub + key, + ), + ) + } + + private prepareRecipientKeys(toKeys: any, fromKeys: any = null) { + let cek = this.sodium.crypto_aead_chacha20poly1305_ietf_keygen() + let recips: any[] = [] + + toKeys.forEach((targetVk: any) => { + let encCek = null + let encSender = null + let nonce = null + + let targetPk = this.sodium.crypto_sign_ed25519_pk_to_curve25519(targetVk) + + if (fromKeys) { + let senderVk = Base58.encode(fromKeys.publicKey) + let senderSk = this.sodium.crypto_sign_ed25519_sk_to_curve25519(fromKeys.privateKey) + encSender = this.sodium.crypto_box_seal(senderVk, targetPk) + + nonce = this.sodium.randombytes_buf(this.sodium.crypto_box_NONCEBYTES) + encCek = this.sodium.crypto_box_easy(cek, nonce, targetPk, senderSk) + } else { + encCek = this.sodium.crypto_box_seal(cek, targetPk) + } + + recips.push({ + encrypted_key: this.b64url(encCek), + header: { + iv: nonce ? this.b64url(nonce) : null, + kid: Base58.encode(targetVk), + sender: encSender ? this.b64url(encSender) : null, + }, + }) + }) + + let data = { + alg: fromKeys ? 'Authcrypt' : 'Anoncrypt', + enc: 'chacha20poly1305_ietf', + recipients: recips, + typ: 'JWM/1.0', + } + return [JSON.stringify(data), cek] + } + + private locateRecKey(recipients: any, keys: any) { + let notFound = [] + /* tslint:disable */ + for (let index in recipients) { + let recip = recipients[index] + if (!('header' in recip) || !('encrypted_key' in recip)) { + throw new Error('Invalid recipient header') + } + + let recipVk = Base58.decode(recip.header.kid) + if (!this.sodium.memcmp(recipVk, keys.publicKey)) { + notFound.push(recip.header.kid) + } + let pk = this.sodium.crypto_sign_ed25519_pk_to_curve25519(keys.publicKey) + let sk = this.sodium.crypto_sign_ed25519_sk_to_curve25519(keys.privateKey) + + let encrytpedKey = this.b64dec(recip.encrypted_key) + let nonce = recip.header.iv ? this.b64dec(recip.header.iv) : null + let encSender = recip.header.sender ? this.b64dec(recip.header.sender) : null + + let senderVk = null + let cek = null + if (nonce && encSender) { + senderVk = this.sodium.to_string(this.sodium.crypto_box_seal_open(encSender, pk, sk)) + let senderPk = this.sodium.crypto_sign_ed25519_pk_to_curve25519(Base58.decode(senderVk)) + cek = this.sodium.crypto_box_open_easy(encrytpedKey, nonce, senderPk, sk) + } else { + cek = this.sodium.crypto_box_seal_open(encrytpedKey, pk, sk) + } + return [cek, senderVk, recip.header.kid] + } + + throw new Error('No corresponding recipient key found in recipients') + } +} diff --git a/packages/daf-react-native-libsodium/src/index.ts b/packages/daf-react-native-libsodium/src/index.ts new file mode 100644 index 000000000..6bc069a2d --- /dev/null +++ b/packages/daf-react-native-libsodium/src/index.ts @@ -0,0 +1 @@ +export { KeyManagementSystem } from './key-management-system' diff --git a/packages/daf-react-native-libsodium/src/key-management-system.ts b/packages/daf-react-native-libsodium/src/key-management-system.ts new file mode 100644 index 000000000..a4b4fb960 --- /dev/null +++ b/packages/daf-react-native-libsodium/src/key-management-system.ts @@ -0,0 +1,101 @@ +import { AbstractKeyManagementSystem, KeyType, AbstractKey, SerializedKey, AbstractKeyStore } from 'daf-core' +import sodium from 'libsodium-wrappers' +import { SimpleSigner } from 'did-jwt' +const EC = require('elliptic').ec +const secp256k1 = new EC('secp256k1') +import { DIDComm } from './didcomm' +const didcomm = new DIDComm() +import { sign } from 'ethjs-signer' +import Debug from 'debug' +const debug = Debug('daf:react-native-libsodium:kms') + +export class Key extends AbstractKey { + constructor(public serialized: SerializedKey) { + super() + } + + async encrypt(to: SerializedKey, data: string) { + await didcomm.ready + return await didcomm.pack_anon_msg_for_recipients(data, [ + Uint8Array.from(Buffer.from(to.publicKeyHex, 'hex')), + ]) + } + + async decrypt(encrypted: string) { + if (!this.serialized.privateKeyHex) throw Error('No private key') + + await didcomm.ready + try { + const unpackMessage = await didcomm.unpackMessage(encrypted, { + keyType: 'ed25519', + publicKey: Uint8Array.from(Buffer.from(this.serialized.publicKeyHex, 'hex')), + privateKey: Uint8Array.from(Buffer.from(this.serialized.privateKeyHex, 'hex')), + }) + + return unpackMessage.message + } catch (e) { + return Promise.reject('Error: ' + e.message) + } + } + + signer() { + if (!this.serialized.privateKeyHex) throw Error('No private key') + return SimpleSigner(this.serialized.privateKeyHex) + } + + signEthTransaction(transaction: object, callback: (error: string | null, signature: string) => void) { + const signature = sign(transaction, '0x' + this.serialized.privateKeyHex) + callback(null, signature) + } +} + +export class KeyManagementSystem extends AbstractKeyManagementSystem { + constructor(private keyStore: AbstractKeyStore) { + super() + } + + async createKey(type: KeyType) { + let serializedKey: SerializedKey + + switch (type) { + case 'Ed25519': + await sodium.ready + const keyPairEd25519 = sodium.crypto_sign_keypair() + serializedKey = { + type, + kid: Buffer.from(keyPairEd25519.publicKey).toString('hex'), + publicKeyHex: Buffer.from(keyPairEd25519.publicKey).toString('hex'), + privateKeyHex: Buffer.from(keyPairEd25519.privateKey).toString('hex'), + } + break + case 'Secp256k1': + const keyPairSecp256k1 = secp256k1.genKeyPair() + serializedKey = { + type, + kid: keyPairSecp256k1.getPublic('hex'), + publicKeyHex: keyPairSecp256k1.getPublic('hex'), + privateKeyHex: keyPairSecp256k1.getPrivate('hex'), + } + break + default: + throw Error('Key type not supported: ' + type) + } + + this.keyStore.set(serializedKey.kid, serializedKey) + + debug('Created key', type, serializedKey.publicKeyHex) + + return new Key(serializedKey) + } + + async getKey(kid: string) { + const serializedKey = await this.keyStore.get(kid) + if (!serializedKey) throw Error('Key not found') + return new Key(serializedKey) + } + + async deleteKey(kid: string) { + debug('Deleting', kid) + return this.keyStore.delete(kid) + } +} diff --git a/packages/daf-react-native-libsodium/tsconfig.json b/packages/daf-react-native-libsodium/tsconfig.json new file mode 100644 index 000000000..166b53ace --- /dev/null +++ b/packages/daf-react-native-libsodium/tsconfig.json @@ -0,0 +1,8 @@ +{ + "extends": "../tsconfig.settings.json", + "compilerOptions": { + "rootDir": "src", + "outDir": "build" + }, + "references": [{ "path": "../daf-core" }] +} diff --git a/packages/daf-react-native-libsodium/types/react-native-sodium/index.d.ts b/packages/daf-react-native-libsodium/types/react-native-sodium/index.d.ts new file mode 100644 index 000000000..f56268437 --- /dev/null +++ b/packages/daf-react-native-libsodium/types/react-native-sodium/index.d.ts @@ -0,0 +1,934 @@ +// Type definitions for libsodium-wrappers 0.7 +// Project: https://github.com/jedisct1/libsodium.js +// Definitions by: Florian Keller +// Definitions: https://github.com/DefinitelyTyped/DefinitelyTyped +// TypeScript Version: 2.1 + +declare module 'react-native-sodium' { + export type Uint8ArrayOutputFormat = 'uint8array' + + export type StringOutputFormat = 'text' | 'hex' | 'base64' + + export type KeyType = 'curve25519' | 'ed25519' | 'x25519' + + export enum base64_variants { + ORIGINAL, + ORIGINAL_NO_PADDING, + URLSAFE, + URLSAFE_NO_PADDING, + } + + export interface CryptoBox { + ciphertext: Uint8Array + mac: Uint8Array + } + + export interface StringCryptoBox { + ciphertext: string + mac: string + } + + export interface CryptoKX { + sharedRx: Uint8Array + sharedTx: Uint8Array + } + + export interface StringCryptoKX { + sharedRx: string + sharedTx: string + } + + export interface KeyPair { + keyType: KeyType + privateKey: Uint8Array + publicKey: Uint8Array + } + + export interface StringKeyPair { + keyType: KeyType + privateKey: string + publicKey: string + } + + export interface SecretBox { + cipher: Uint8Array + mac: Uint8Array + } + + export interface StringSecretBox { + cipher: string + mac: string + } + + export interface StateAddress { + name: string + } + + export interface MessageTag { + message: Uint8Array + tag: number + } + + export interface StringMessageTag { + message: string + tag: number + } + + export const crypto_aead_chacha20poly1305_ABYTES: number + export const crypto_aead_chacha20poly1305_ietf_ABYTES: number + export const crypto_aead_chacha20poly1305_ietf_KEYBYTES: number + export const crypto_aead_chacha20poly1305_ietf_MESSAGEBYTES_MAX: number + export const crypto_aead_chacha20poly1305_ietf_NPUBBYTES: number + export const crypto_aead_chacha20poly1305_ietf_NSECBYTES: number + export const crypto_aead_chacha20poly1305_KEYBYTES: number + export const crypto_aead_chacha20poly1305_MESSAGEBYTES_MAX: number + export const crypto_aead_chacha20poly1305_NPUBBYTES: number + export const crypto_aead_chacha20poly1305_NSECBYTES: number + export const crypto_aead_xchacha20poly1305_ietf_ABYTES: number + export const crypto_aead_xchacha20poly1305_ietf_KEYBYTES: number + export const crypto_aead_xchacha20poly1305_ietf_MESSAGEBYTES_MAX: number + export const crypto_aead_xchacha20poly1305_ietf_NPUBBYTES: number + export const crypto_aead_xchacha20poly1305_ietf_NSECBYTES: number + export const crypto_auth_BYTES: number + export const crypto_auth_KEYBYTES: number + export const crypto_box_BEFORENMBYTES: number + export const crypto_box_MACBYTES: number + export const crypto_box_MESSAGEBYTES_MAX: number + export const crypto_box_NONCEBYTES: number + export const crypto_box_PUBLICKEYBYTES: number + export const crypto_box_SEALBYTES: number + export const crypto_box_SECRETKEYBYTES: number + export const crypto_box_SEEDBYTES: number + export const crypto_generichash_BYTES_MAX: number + export const crypto_generichash_BYTES_MIN: number + export const crypto_generichash_BYTES: number + export const crypto_generichash_KEYBYTES_MAX: number + export const crypto_generichash_KEYBYTES_MIN: number + export const crypto_generichash_KEYBYTES: number + export const crypto_hash_BYTES: number + export const crypto_kdf_BYTES_MAX: number + export const crypto_kdf_BYTES_MIN: number + export const crypto_kdf_CONTEXTBYTES: number + export const crypto_kdf_KEYBYTES: number + export const crypto_kx_PUBLICKEYBYTES: number + export const crypto_kx_SECRETKEYBYTES: number + export const crypto_kx_SEEDBYTES: number + export const crypto_kx_SESSIONKEYBYTES: number + export const crypto_pwhash_ALG_ARGON2I13: number + export const crypto_pwhash_ALG_ARGON2ID13: number + export const crypto_pwhash_ALG_DEFAULT: number + export const crypto_pwhash_BYTES_MAX: number + export const crypto_pwhash_BYTES_MIN: number + export const crypto_pwhash_MEMLIMIT_INTERACTIVE: number + export const crypto_pwhash_MEMLIMIT_MAX: number + export const crypto_pwhash_MEMLIMIT_MIN: number + export const crypto_pwhash_MEMLIMIT_MODERATE: number + export const crypto_pwhash_MEMLIMIT_SENSITIVE: number + export const crypto_pwhash_OPSLIMIT_INTERACTIVE: number + export const crypto_pwhash_OPSLIMIT_MAX: number + export const crypto_pwhash_OPSLIMIT_MIN: number + export const crypto_pwhash_OPSLIMIT_MODERATE: number + export const crypto_pwhash_OPSLIMIT_SENSITIVE: number + export const crypto_pwhash_PASSWD_MAX: number + export const crypto_pwhash_PASSWD_MIN: number + export const crypto_pwhash_SALTBYTES: number + export const crypto_pwhash_STR_VERIFY: number + export const crypto_pwhash_STRBYTES: number + export const crypto_pwhash_STRPREFIX: string + export const crypto_scalarmult_BYTES: number + export const crypto_scalarmult_SCALARBYTES: number + export const crypto_secretbox_KEYBYTES: number + export const crypto_secretbox_MACBYTES: number + export const crypto_secretbox_MESSAGEBYTES_MAX: number + export const crypto_secretbox_NONCEBYTES: number + export const crypto_secretstream_xchacha20poly1305_ABYTES: number + export const crypto_secretstream_xchacha20poly1305_HEADERBYTES: number + export const crypto_secretstream_xchacha20poly1305_KEYBYTES: number + export const crypto_secretstream_xchacha20poly1305_MESSAGEBYTES_MAX: number + export const crypto_secretstream_xchacha20poly1305_TAG_FINAL: number + export const crypto_secretstream_xchacha20poly1305_TAG_MESSAGE: number + export const crypto_secretstream_xchacha20poly1305_TAG_PUSH: number + export const crypto_secretstream_xchacha20poly1305_TAG_REKEY: number + export const crypto_shorthash_BYTES: number + export const crypto_shorthash_KEYBYTES: number + export const crypto_sign_BYTES: number + export const crypto_sign_MESSAGEBYTES_MAX: number + export const crypto_sign_PUBLICKEYBYTES: number + export const crypto_sign_SECRETKEYBYTES: number + export const crypto_sign_SEEDBYTES: number + export const randombytes_SEEDBYTES: number + export const SODIUM_LIBRARY_VERSION_MAJOR: number + export const SODIUM_LIBRARY_VERSION_MINOR: number + export const SODIUM_VERSION_STRING: string + + export const ready: Promise + + export function add(a: Uint8Array, b: Uint8Array): void + + export function compare(b1: Uint8Array, b2: Uint8Array): number + + export function crypto_aead_chacha20poly1305_decrypt( + secret_nonce: string | Uint8Array | null, + ciphertext: string | Uint8Array, + additional_data: string | Uint8Array | null, + public_nonce: Uint8Array, + key: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_aead_chacha20poly1305_decrypt( + secret_nonce: string | Uint8Array | null, + ciphertext: string | Uint8Array, + additional_data: string | Uint8Array | null, + public_nonce: Uint8Array, + key: Uint8Array, + outputFormat: StringOutputFormat, + ): string + + export function crypto_aead_chacha20poly1305_decrypt_detached( + secret_nonce: string | Uint8Array | null, + ciphertext: string | Uint8Array, + mac: Uint8Array, + additional_data: string | Uint8Array | null, + public_nonce: Uint8Array, + key: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_aead_chacha20poly1305_decrypt_detached( + secret_nonce: string | Uint8Array | null, + ciphertext: string | Uint8Array, + mac: Uint8Array, + additional_data: string | Uint8Array | null, + public_nonce: Uint8Array, + key: Uint8Array, + outputFormat: StringOutputFormat, + ): string + + export function crypto_aead_chacha20poly1305_encrypt( + message: string | Uint8Array, + additional_data: string | Uint8Array | null, + secret_nonce: string | Uint8Array | null, + public_nonce: Uint8Array, + key: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_aead_chacha20poly1305_encrypt( + message: string | Uint8Array, + additional_data: string | Uint8Array | null, + secret_nonce: string | Uint8Array | null, + public_nonce: Uint8Array, + key: Uint8Array, + outputFormat: StringOutputFormat, + ): string + + export function crypto_aead_chacha20poly1305_encrypt_detached( + message: string | Uint8Array, + additional_data: string | Uint8Array | null, + secret_nonce: string | Uint8Array | null, + public_nonce: Uint8Array, + key: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): CryptoBox + export function crypto_aead_chacha20poly1305_encrypt_detached( + message: string | Uint8Array, + additional_data: string | Uint8Array | null, + secret_nonce: string | Uint8Array | null, + public_nonce: Uint8Array, + key: Uint8Array, + outputFormat: StringOutputFormat, + ): StringCryptoBox + + export function crypto_aead_chacha20poly1305_ietf_decrypt( + secret_nonce: string | Uint8Array | null, + ciphertext: string | Uint8Array, + additional_data: string | Uint8Array | null, + public_nonce: Uint8Array, + key: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_aead_chacha20poly1305_ietf_decrypt( + secret_nonce: string | Uint8Array | null, + ciphertext: string | Uint8Array, + additional_data: string | Uint8Array | null, + public_nonce: Uint8Array, + key: Uint8Array, + outputFormat: StringOutputFormat, + ): string + + export function crypto_aead_chacha20poly1305_ietf_decrypt_detached( + secret_nonce: string | Uint8Array | null, + ciphertext: string | Uint8Array, + mac: Uint8Array, + additional_data: string | Uint8Array | null, + public_nonce: Uint8Array, + key: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_aead_chacha20poly1305_ietf_decrypt_detached( + secret_nonce: string | Uint8Array | null, + ciphertext: string | Uint8Array, + mac: Uint8Array, + additional_data: string | Uint8Array | null, + public_nonce: Uint8Array, + key: Uint8Array, + outputFormat: StringOutputFormat, + ): string + + export function crypto_aead_chacha20poly1305_ietf_encrypt( + message: string | Uint8Array, + additional_data: string | Uint8Array | null, + secret_nonce: string | Uint8Array | null, + public_nonce: Uint8Array, + key: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_aead_chacha20poly1305_ietf_encrypt( + message: string | Uint8Array, + additional_data: string | Uint8Array | null, + secret_nonce: string | Uint8Array | null, + public_nonce: Uint8Array, + key: Uint8Array, + outputFormat: StringOutputFormat, + ): string + + export function crypto_aead_chacha20poly1305_ietf_encrypt_detached( + message: string | Uint8Array, + additional_data: string | Uint8Array | null, + secret_nonce: string | Uint8Array | null, + public_nonce: Uint8Array, + key: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): CryptoBox + export function crypto_aead_chacha20poly1305_ietf_encrypt_detached( + message: string | Uint8Array, + additional_data: string | Uint8Array | null, + secret_nonce: string | Uint8Array | null, + public_nonce: Uint8Array, + key: Uint8Array, + outputFormat: StringOutputFormat, + ): StringCryptoBox + + export function crypto_aead_chacha20poly1305_ietf_keygen( + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_aead_chacha20poly1305_ietf_keygen(outputFormat: StringOutputFormat): string + + export function crypto_aead_chacha20poly1305_keygen( + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_aead_chacha20poly1305_keygen(outputFormat: StringOutputFormat): string + + export function crypto_aead_xchacha20poly1305_ietf_decrypt( + secret_nonce: string | Uint8Array | null, + ciphertext: string | Uint8Array, + additional_data: string | Uint8Array | null, + public_nonce: Uint8Array, + key: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_aead_xchacha20poly1305_ietf_decrypt( + secret_nonce: string | Uint8Array | null, + ciphertext: string | Uint8Array, + additional_data: string | Uint8Array | null, + public_nonce: Uint8Array, + key: Uint8Array, + outputFormat: StringOutputFormat, + ): string + + export function crypto_aead_xchacha20poly1305_ietf_decrypt_detached( + secret_nonce: string | Uint8Array | null, + ciphertext: string | Uint8Array, + mac: Uint8Array, + additional_data: string | Uint8Array | null, + public_nonce: Uint8Array, + key: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_aead_xchacha20poly1305_ietf_decrypt_detached( + secret_nonce: string | Uint8Array | null, + ciphertext: string | Uint8Array, + mac: Uint8Array, + additional_data: string | Uint8Array | null, + public_nonce: Uint8Array, + key: Uint8Array, + outputFormat: StringOutputFormat, + ): string + + export function crypto_aead_xchacha20poly1305_ietf_encrypt( + message: string | Uint8Array, + additional_data: string | Uint8Array | null, + secret_nonce: string | Uint8Array | null, + public_nonce: Uint8Array, + key: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_aead_xchacha20poly1305_ietf_encrypt( + message: string | Uint8Array, + additional_data: string | Uint8Array | null, + secret_nonce: string | Uint8Array | null, + public_nonce: Uint8Array, + key: Uint8Array, + outputFormat: StringOutputFormat, + ): string + + export function crypto_aead_xchacha20poly1305_ietf_encrypt_detached( + message: string | Uint8Array, + additional_data: string | Uint8Array | null, + secret_nonce: string | Uint8Array | null, + public_nonce: Uint8Array, + key: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): CryptoBox + export function crypto_aead_xchacha20poly1305_ietf_encrypt_detached( + message: string | Uint8Array, + additional_data: string | Uint8Array | null, + secret_nonce: string | Uint8Array | null, + public_nonce: Uint8Array, + key: Uint8Array, + outputFormat: StringOutputFormat, + ): StringCryptoBox + + export function crypto_aead_xchacha20poly1305_ietf_keygen( + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_aead_xchacha20poly1305_ietf_keygen(outputFormat: StringOutputFormat): string + + export function crypto_auth( + message: string | Uint8Array, + key: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_auth( + message: string | Uint8Array, + key: Uint8Array, + outputFormat: StringOutputFormat, + ): string + + export function crypto_auth_keygen(outputFormat?: Uint8ArrayOutputFormat | null): Uint8Array + export function crypto_auth_keygen(outputFormat: StringOutputFormat): string + + export function crypto_auth_verify(tag: Uint8Array, message: string | Uint8Array, key: Uint8Array): boolean + + export function crypto_box_beforenm( + publicKey: Uint8Array, + privateKey: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_box_beforenm( + publicKey: Uint8Array, + privateKey: Uint8Array, + outputFormat: StringOutputFormat, + ): string + + export function crypto_box_detached( + message: string | Uint8Array, + nonce: Uint8Array, + publicKey: Uint8Array, + privateKey: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): CryptoBox + export function crypto_box_detached( + message: string | Uint8Array, + nonce: Uint8Array, + publicKey: Uint8Array, + privateKey: Uint8Array, + outputFormat: StringOutputFormat, + ): StringCryptoBox + + export function crypto_box_easy( + message: string | Uint8Array, + nonce: Uint8Array, + publicKey: Uint8Array, + privateKey: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_box_easy( + message: string | Uint8Array, + nonce: Uint8Array, + publicKey: Uint8Array, + privateKey: Uint8Array, + outputFormat: StringOutputFormat, + ): string + + export function crypto_box_easy_afternm( + message: string | Uint8Array, + nonce: Uint8Array, + sharedKey: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_box_easy_afternm( + message: string | Uint8Array, + nonce: Uint8Array, + sharedKey: Uint8Array, + outputFormat: StringOutputFormat, + ): string + + export function crypto_box_keypair(outputFormat?: Uint8ArrayOutputFormat | null): KeyPair + export function crypto_box_keypair(outputFormat: StringOutputFormat): StringKeyPair + + export function crypto_box_open_detached( + ciphertext: string | Uint8Array, + mac: Uint8Array, + nonce: Uint8Array, + publicKey: Uint8Array, + privateKey: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_box_open_detached( + ciphertext: string | Uint8Array, + mac: Uint8Array, + nonce: Uint8Array, + publicKey: Uint8Array, + privateKey: Uint8Array, + outputFormat: StringOutputFormat, + ): string + + export function crypto_box_open_easy( + ciphertext: string | Uint8Array, + nonce: Uint8Array, + publicKey: Uint8Array, + privateKey: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_box_open_easy( + ciphertext: string | Uint8Array, + nonce: Uint8Array, + publicKey: Uint8Array, + privateKey: Uint8Array, + outputFormat: StringOutputFormat, + ): string + + export function crypto_box_open_easy_afternm( + ciphertext: string | Uint8Array, + nonce: Uint8Array, + sharedKey: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_box_open_easy_afternm( + ciphertext: string | Uint8Array, + nonce: Uint8Array, + sharedKey: Uint8Array, + outputFormat: StringOutputFormat, + ): string + + export function crypto_box_seal( + message: string | Uint8Array, + publicKey: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_box_seal( + message: string | Uint8Array, + publicKey: Uint8Array, + outputFormat: StringOutputFormat, + ): string + + export function crypto_box_seal_open( + ciphertext: string | Uint8Array, + publicKey: Uint8Array, + privateKey: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_box_seal_open( + ciphertext: string | Uint8Array, + publicKey: Uint8Array, + privateKey: Uint8Array, + outputFormat: StringOutputFormat, + ): string + + export function crypto_box_seed_keypair( + seed: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): KeyPair + export function crypto_box_seed_keypair(seed: Uint8Array, outputFormat: StringOutputFormat): StringKeyPair + + export function crypto_generichash( + hash_length: number, + message: string | Uint8Array, + key?: string | Uint8Array | null, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_generichash( + hash_length: number, + message: string | Uint8Array, + key: string | Uint8Array | null, + outputFormat: StringOutputFormat, + ): string + + export function crypto_generichash_final( + state_address: StateAddress, + hash_length: number, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_generichash_final( + state_address: StateAddress, + hash_length: number, + outputFormat: StringOutputFormat, + ): string + + export function crypto_generichash_init(key: string | Uint8Array | null, hash_length: number): StateAddress + + export function crypto_generichash_keygen(outputFormat?: Uint8ArrayOutputFormat | null): Uint8Array + export function crypto_generichash_keygen(outputFormat: StringOutputFormat): string + + export function crypto_generichash_update( + state_address: StateAddress, + message_chunk: string | Uint8Array, + ): void + + export function crypto_hash( + message: string | Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_hash(message: string | Uint8Array, outputFormat: StringOutputFormat): string + + export function crypto_kdf_derive_from_key( + subkey_len: number, + subkey_id: number, + ctx: string, + key: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_kdf_derive_from_key( + subkey_len: number, + subkey_id: number, + ctx: string, + key: Uint8Array, + outputFormat: StringOutputFormat, + ): string + + export function crypto_kdf_keygen(outputFormat?: Uint8ArrayOutputFormat | null): Uint8Array + export function crypto_kdf_keygen(outputFormat: StringOutputFormat): string + + export function crypto_kx_client_session_keys( + clientPublicKey: Uint8Array, + clientSecretKey: Uint8Array, + serverPublicKey: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): CryptoKX + export function crypto_kx_client_session_keys( + clientPublicKey: Uint8Array, + clientSecretKey: Uint8Array, + serverPublicKey: Uint8Array, + outputFormat: StringOutputFormat, + ): StringCryptoKX + + export function crypto_kx_keypair(outputFormat?: Uint8ArrayOutputFormat | null): KeyPair + export function crypto_kx_keypair(outputFormat: StringOutputFormat): StringKeyPair + + export function crypto_kx_seed_keypair( + seed: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): KeyPair + export function crypto_kx_seed_keypair(seed: Uint8Array, outputFormat: StringOutputFormat): StringKeyPair + + export function crypto_kx_server_session_keys( + serverPublicKey: Uint8Array, + serverSecretKey: Uint8Array, + clientPublicKey: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): CryptoKX + export function crypto_kx_server_session_keys( + serverPublicKey: Uint8Array, + serverSecretKey: Uint8Array, + clientPublicKey: Uint8Array, + outputFormat: StringOutputFormat, + ): StringCryptoKX + + export function crypto_pwhash( + keyLength: number, + password: string | Uint8Array, + salt: Uint8Array, + opsLimit: number, + memLimit: number, + algorithm: number, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_pwhash( + keyLength: number, + password: string | Uint8Array, + salt: Uint8Array, + opsLimit: number, + memLimit: number, + algorithm: number, + outputFormat: StringOutputFormat, + ): string + + export function crypto_pwhash_str(password: string | Uint8Array, opsLimit: number, memLimit: number): string + + export function crypto_pwhash_str_verify(hashed_password: string, password: string | Uint8Array): boolean + + export function crypto_scalarmult( + privateKey: Uint8Array, + publicKey: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_scalarmult( + privateKey: Uint8Array, + publicKey: Uint8Array, + outputFormat: StringOutputFormat, + ): string + + export function crypto_scalarmult_base( + privateKey: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_scalarmult_base(privateKey: Uint8Array, outputFormat: StringOutputFormat): string + + export function crypto_secretbox_detached( + message: string | Uint8Array, + nonce: Uint8Array, + key: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): SecretBox + export function crypto_secretbox_detached( + message: string | Uint8Array, + nonce: Uint8Array, + key: Uint8Array, + outputFormat: StringOutputFormat, + ): StringSecretBox + + export function crypto_secretbox_easy( + message: string | Uint8Array, + nonce: Uint8Array, + key: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_secretbox_easy( + message: string | Uint8Array, + nonce: Uint8Array, + key: Uint8Array, + outputFormat: StringOutputFormat, + ): string + + export function crypto_secretbox_keygen(outputFormat?: Uint8ArrayOutputFormat | null): Uint8Array + export function crypto_secretbox_keygen(outputFormat: StringOutputFormat): string + + export function crypto_secretbox_open_detached( + ciphertext: string | Uint8Array, + mac: Uint8Array, + nonce: Uint8Array, + key: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_secretbox_open_detached( + ciphertext: string | Uint8Array, + mac: Uint8Array, + nonce: Uint8Array, + key: Uint8Array, + outputFormat: StringOutputFormat, + ): string + + export function crypto_secretbox_open_easy( + ciphertext: string | Uint8Array, + nonce: Uint8Array, + key: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_secretbox_open_easy( + ciphertext: string | Uint8Array, + nonce: Uint8Array, + key: Uint8Array, + outputFormat: StringOutputFormat, + ): string + + export function crypto_secretstream_xchacha20poly1305_init_pull( + header: Uint8Array, + key: Uint8Array, + ): StateAddress + + export function crypto_secretstream_xchacha20poly1305_init_push( + key: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): { state: StateAddress; header: Uint8Array } + export function crypto_secretstream_xchacha20poly1305_init_push( + key: Uint8Array, + outputFormat: StringOutputFormat, + ): { state: StateAddress; header: string } + + export function crypto_secretstream_xchacha20poly1305_keygen( + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_secretstream_xchacha20poly1305_keygen(outputFormat: StringOutputFormat): string + + export function crypto_secretstream_xchacha20poly1305_pull( + state_address: StateAddress, + cipher: string | Uint8Array, + ad?: string | Uint8Array | null, + outputFormat?: Uint8ArrayOutputFormat | null, + ): MessageTag + export function crypto_secretstream_xchacha20poly1305_pull( + state_address: StateAddress, + cipher: string | Uint8Array, + ad: string | Uint8Array | null, + outputFormat: StringOutputFormat, + ): StringMessageTag + + export function crypto_secretstream_xchacha20poly1305_push( + state_address: StateAddress, + message_chunk: string | Uint8Array, + ad: string | Uint8Array | null, + tag: number, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_secretstream_xchacha20poly1305_push( + state_address: StateAddress, + message_chunk: string | Uint8Array, + ad: string | Uint8Array | null, + tag: number, + outputFormat: StringOutputFormat, + ): string + + export function crypto_secretstream_xchacha20poly1305_rekey(state_address: StateAddress): true + + export function crypto_shorthash( + message: string | Uint8Array, + key: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_shorthash( + message: string | Uint8Array, + key: Uint8Array, + outputFormat: StringOutputFormat, + ): string + + export function crypto_shorthash_keygen(outputFormat?: Uint8ArrayOutputFormat | null): Uint8Array + export function crypto_shorthash_keygen(outputFormat: StringOutputFormat): string + + export function crypto_sign( + message: string | Uint8Array, + privateKey: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_sign( + message: string | Uint8Array, + privateKey: Uint8Array, + outputFormat: StringOutputFormat, + ): string + + export function crypto_sign_detached( + message: string | Uint8Array, + privateKey: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_sign_detached( + message: string | Uint8Array, + privateKey: Uint8Array, + outputFormat: StringOutputFormat, + ): string + + export function crypto_sign_ed25519_pk_to_curve25519( + edPk: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_sign_ed25519_pk_to_curve25519( + edPk: Uint8Array, + outputFormat: StringOutputFormat, + ): string + + export function crypto_sign_ed25519_sk_to_curve25519( + edSk: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_sign_ed25519_sk_to_curve25519( + edSk: Uint8Array, + outputFormat: StringOutputFormat, + ): string + + export function crypto_sign_final_create( + state_address: StateAddress, + privateKey: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_sign_final_create( + state_address: StateAddress, + privateKey: Uint8Array, + outputFormat: StringOutputFormat, + ): string + + export function crypto_sign_final_verify( + state_address: StateAddress, + signature: Uint8Array, + publicKey: Uint8Array, + ): boolean + + export function crypto_sign_init(): StateAddress + + export function crypto_sign_keypair(outputFormat?: Uint8ArrayOutputFormat | null): KeyPair + export function crypto_sign_keypair(outputFormat: StringOutputFormat): StringKeyPair + + export function crypto_sign_open( + signedMessage: string | Uint8Array, + publicKey: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function crypto_sign_open( + signedMessage: string | Uint8Array, + publicKey: Uint8Array, + outputFormat: StringOutputFormat, + ): string + + export function crypto_sign_seed_keypair( + seed: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): KeyPair + export function crypto_sign_seed_keypair(seed: Uint8Array, outputFormat: StringOutputFormat): StringKeyPair + + export function crypto_sign_update(state_address: StateAddress, message_chunk: string | Uint8Array): void + + export function crypto_sign_verify_detached( + signature: Uint8Array, + message: string | Uint8Array, + publicKey: Uint8Array, + ): boolean + + export function from_base64(input: string, variant?: base64_variants): Uint8Array + + export function from_hex(input: string): Uint8Array + + export function from_string(str: string): Uint8Array + + export function increment(bytes: Uint8Array): void + + export function is_zero(bytes: Uint8Array): boolean + + export function memcmp(b1: Uint8Array, b2: Uint8Array): boolean + + export function memzero(bytes: Uint8Array): void + + export function output_formats(): Array + + export function pad(buf: Uint8Array, blocksize: number): Uint8Array + + export function randombytes_buf(length: number, outputFormat?: Uint8ArrayOutputFormat | null): Uint8Array + export function randombytes_buf(length: number, outputFormat: StringOutputFormat): string + + export function randombytes_buf_deterministic( + length: number, + seed: Uint8Array, + outputFormat?: Uint8ArrayOutputFormat | null, + ): Uint8Array + export function randombytes_buf_deterministic( + length: number, + seed: Uint8Array, + outputFormat: StringOutputFormat, + ): string + + export function randombytes_close(): void + + export function randombytes_random(): number + + export function randombytes_stir(): void + + export function randombytes_uniform(upper_bound: number): number + + export function sodium_version_string(): string + + export function symbols(): string[] + + export function to_base64(input: string | Uint8Array, variant?: base64_variants): string + + export function to_hex(input: string | Uint8Array): string + + export function to_string(bytes: Uint8Array): string + + export function unpad(buf: Uint8Array, blocksize: number): Uint8Array +} diff --git a/packages/tsconfig.json b/packages/tsconfig.json index faeb30ff8..dfac9e4af 100644 --- a/packages/tsconfig.json +++ b/packages/tsconfig.json @@ -14,6 +14,7 @@ { "path": "daf-node-sqlite3" }, { "path": "daf-random" }, { "path": "daf-react-native-async-storage" }, + { "path": "daf-react-native-libsodium" }, { "path": "daf-resolver" }, { "path": "daf-resolver-universal" }, { "path": "daf-selective-disclosure" }, diff --git a/yarn.lock b/yarn.lock index f1d28e443..dd7456956 100644 --- a/yarn.lock +++ b/yarn.lock @@ -8511,6 +8511,11 @@ react-is@^16.8.4: resolved "https://registry.yarnpkg.com/react-is/-/react-is-16.12.0.tgz#2cc0fe0fba742d97fd527c42a13bec4eeb06241c" integrity sha512-rPCkf/mWBtKc97aLL9/txD8DZdemK0vkA3JMLShjlJB3Pj3s+lpf1KaBzMfQrAmhMQB0n1cU/SUGgKKBCe837Q== +react-native-sodium@^0.3.6: + version "0.3.6" + resolved "https://registry.yarnpkg.com/react-native-sodium/-/react-native-sodium-0.3.6.tgz#c1c0058becc866ae0d60257aa53cb81a9fd4a8fc" + integrity sha512-1lZBpIF9mvYlgGH1tlHCNBnhMeNwFmWkok55p5Lu1Td5bYya2iUbLyfQyDcMk8RXnab2V6c/o76hmxt0tqmuWg== + react-native-sqlite-storage@^4.1.0: version "4.1.0" resolved "https://registry.yarnpkg.com/react-native-sqlite-storage/-/react-native-sqlite-storage-4.1.0.tgz#641780eef06bc90b853d3dcd628c0fe54b656d7b"