Qortal/qortal-ui
1
0
Fork 0
mirror of https://github.com/Qortal/qortal-ui.git synced 2025-03-27 15:55:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

only one nonce

Browse Source
This commit is contained in:
Phillip 2023-05-13 01:47:40 +03:00
parent 53a3e0e183
commit 52d2f67e21
2 changed files with 50 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
plugins/plugins/core/components/qdn-action-encryption.js
View File

@ -127,6 +127,10 @@ export const encryptDataGroup = ({ data64, publicKeys }) => {
// Encrypt the data with the symmetric key. // Encrypt the data with the symmetric key.
const encryptedData = nacl.secretbox(Uint8ArrayData, nonce, messageKey); const encryptedData = nacl.secretbox(Uint8ArrayData, nonce, messageKey);
// Generate a keyNonce outside of the loop.
const keyNonce = new Uint8Array(24);
window.crypto.getRandomValues(keyNonce);
// Encrypt the symmetric key for each recipient. // Encrypt the symmetric key for each recipient.
let encryptedKeys = []; let encryptedKeys = [];
publicKeysDuplicateFree.forEach((recipientPublicKey) => { publicKeysDuplicateFree.forEach((recipientPublicKey) => {
@ -136,20 +140,15 @@ export const encryptDataGroup = ({ data64, publicKeys }) => {
const convertedPublicKey = ed2curve.convertPublicKey(publicKeyUnit8Array) const convertedPublicKey = ed2curve.convertPublicKey(publicKeyUnit8Array)
const sharedSecret = new Uint8Array(32) const sharedSecret = new Uint8Array(32)
// the length of the sharedSecret will be 32 + 16
// When you're encrypting data using nacl.secretbox, it's adding an authentication tag to the result, which is 16 bytes long. This tag is used for verifying the integrity and authenticity of the data when it is decrypted
nacl.lowlevel.crypto_scalarmult(sharedSecret, convertedPrivateKey, convertedPublicKey) nacl.lowlevel.crypto_scalarmult(sharedSecret, convertedPrivateKey, convertedPublicKey)
const keyNonce = new Uint8Array(24);
window.crypto.getRandomValues(keyNonce);
// Encrypt the symmetric key with the shared secret. // Encrypt the symmetric key with the shared secret.
const encryptedKey = nacl.secretbox(messageKey, keyNonce, sharedSecret); const encryptedKey = nacl.secretbox(messageKey, keyNonce, sharedSecret);
encryptedKeys.push({ encryptedKeys.push(encryptedKey);
recipientPublicKey,
keyNonce,
encryptedKey
});
}); });
const str = "qortalEncryptedData"; const str = "qortalEncryptedData";
@ -158,11 +157,11 @@ export const encryptDataGroup = ({ data64, publicKeys }) => {
// Combine all data into a single Uint8Array. // Combine all data into a single Uint8Array.
// Calculate size of combinedData // Calculate size of combinedData
let combinedDataSize = strUint8Array.length + nonce.length + encryptedData.length + 4; let combinedDataSize = strUint8Array.length + nonce.length + keyNonce.length + encryptedData.length + 4;
let encryptedKeysSize = 0; let encryptedKeysSize = 0;
encryptedKeys.forEach((key) => { encryptedKeys.forEach((key) => {
encryptedKeysSize += key.keyNonce.length + key.encryptedKey.length; encryptedKeysSize += key.length;
}); });
combinedDataSize += encryptedKeysSize; combinedDataSize += encryptedKeysSize;
@ -171,24 +170,43 @@ export const encryptDataGroup = ({ data64, publicKeys }) => {
combinedData.set(strUint8Array); combinedData.set(strUint8Array);
combinedData.set(nonce, strUint8Array.length); combinedData.set(nonce, strUint8Array.length);
combinedData.set(encryptedData, strUint8Array.length + nonce.length); combinedData.set(keyNonce, strUint8Array.length + nonce.length);
combinedData.set(encryptedData, strUint8Array.length + nonce.length + keyNonce.length);
// Initialize offset for encryptedKeys // Initialize offset for encryptedKeys
let encryptedKeysOffset = strUint8Array.length + nonce.length + encryptedData.length; let encryptedKeysOffset = strUint8Array.length + nonce.length + encryptedData.length + keyNonce.length;
encryptedKeys.forEach((key) => { encryptedKeys.forEach((key) => {
combinedData.set(key.keyNonce, encryptedKeysOffset); combinedData.set(key, encryptedKeysOffset);
encryptedKeysOffset += key.keyNonce.length; encryptedKeysOffset += key.length;
combinedData.set(key.encryptedKey, encryptedKeysOffset);
encryptedKeysOffset += key.encryptedKey.length;
}); });
const countArray = new Uint8Array(new Uint32Array([publicKeysDuplicateFree.length]).buffer); const countArray = new Uint8Array(new Uint32Array([publicKeysDuplicateFree.length]).buffer);
combinedData.set(countArray, combinedData.length - 4); combinedData.set(countArray, combinedData.length - 4);
const uint8arrayToData64 = uint8ArrayToBase64(combinedData) const uint8arrayToData64 = uint8ArrayToBase64(combinedData)
return uint8arrayToData64; return uint8arrayToData64;
} catch (error) { } catch (error) {
throw new Error("Error in encrypting data") throw new Error("Error in encrypting data")
} }
} }
export function uint8ArrayStartsWith(uint8Array, string) {
const stringEncoder = new TextEncoder();
const stringUint8Array = stringEncoder.encode(string);
if (uint8Array.length < stringUint8Array.length) {
return false;
}
for (let i = 0; i < stringUint8Array.length; i++) {
if (uint8Array[i] !== stringUint8Array[i]) {
return false;
}
}
return true;
}
export function decryptDeprecatedSingle() {
}

24
plugins/plugins/core/qdn/browser/browser.src.js
View File

@ -24,7 +24,7 @@ import { QORT_DECIMALS } from '../../../../../crypto/api/constants';
import nacl from '../../../../../crypto/api/deps/nacl-fast.js' import nacl from '../../../../../crypto/api/deps/nacl-fast.js'
import ed2curve from '../../../../../crypto/api/deps/ed2curve.js' import ed2curve from '../../../../../crypto/api/deps/ed2curve.js'
import { mimeToExtensionMap } from '../../components/qdn-action-constants'; import { mimeToExtensionMap } from '../../components/qdn-action-constants';
import { base64ToUint8Array, encryptData, encryptDataGroup, fileToBase64, uint8ArrayToBase64 } from '../../components/qdn-action-encryption'; import { base64ToUint8Array, encryptData, encryptDataGroup, fileToBase64, uint8ArrayStartsWith, uint8ArrayToBase64 } from '../../components/qdn-action-encryption';
const parentEpml = new Epml({ type: 'WINDOW', source: window.parent }); const parentEpml = new Epml({ type: 'WINDOW', source: window.parent });
class WebBrowser extends LitElement { class WebBrowser extends LitElement {
@ -585,6 +585,8 @@ class WebBrowser extends LitElement {
try { try {
const uint8Array = base64ToUint8Array(encryptedData) const uint8Array = base64ToUint8Array(encryptedData)
const startsWithQortalEncryptedData = uint8ArrayStartsWith(uint8Array, "qortalEncryptedData");
const startsWithQortalGroupEncryptedData = uint8ArrayStartsWith(uint8Array, "qortalGroupEncryptedData");
const combinedData = uint8Array const combinedData = uint8Array
const str = "qortalEncryptedData"; const str = "qortalEncryptedData";
const strEncoder = new TextEncoder(); const strEncoder = new TextEncoder();
@ -642,7 +644,6 @@ class WebBrowser extends LitElement {
response = JSON.stringify(data); response = JSON.stringify(data);
break break
} }
const { encryptedData: data64EncryptedData } = data const { encryptedData: data64EncryptedData } = data
try { try {
const allCombined = base64ToUint8Array(data64EncryptedData); const allCombined = base64ToUint8Array(data64EncryptedData);
@ -655,19 +656,24 @@ class WebBrowser extends LitElement {
const nonceEndPosition = nonceStartPosition + 24; // Nonce is 24 bytes const nonceEndPosition = nonceStartPosition + 24; // Nonce is 24 bytes
const nonce = allCombined.slice(nonceStartPosition, nonceEndPosition); const nonce = allCombined.slice(nonceStartPosition, nonceEndPosition);
// Extract the shared keyNonce
const keyNonceStartPosition = nonceEndPosition;
const keyNonceEndPosition = keyNonceStartPosition + 24; // Nonce is 24 bytes
const keyNonce = allCombined.slice(keyNonceStartPosition, keyNonceEndPosition);
// Calculate count first // Calculate count first
const countStartPosition = allCombined.length - 4; // 4 bytes before the end, since count is stored in Uint32 (4 bytes) const countStartPosition = allCombined.length - 4; // 4 bytes before the end, since count is stored in Uint32 (4 bytes)
const countArray = allCombined.slice(countStartPosition, countStartPosition + 4); const countArray = allCombined.slice(countStartPosition, countStartPosition + 4);
const count = new Uint32Array(countArray.buffer)[0]; const count = new Uint32Array(countArray.buffer)[0];
// Then use count to calculate encryptedData // Then use count to calculate encryptedData
const encryptedDataStartPosition = nonceEndPosition; // start position of encryptedData const encryptedDataStartPosition = keyNonceEndPosition; // start position of encryptedData
const encryptedDataEndPosition = allCombined.length - ((count * (24 + 32 + 16)) + 4); const encryptedDataEndPosition = allCombined.length - ((count * (32 + 16)) + 4);
const encryptedData = allCombined.slice(encryptedDataStartPosition, encryptedDataEndPosition); const encryptedData = allCombined.slice(encryptedDataStartPosition, encryptedDataEndPosition);
// Extract the encrypted keys // Extract the encrypted keys
const combinedKeys = allCombined.slice(encryptedDataEndPosition, encryptedDataEndPosition + (count * (24 + 48))); // 32+16 = 48
const combinedKeys = allCombined.slice(encryptedDataEndPosition, encryptedDataEndPosition + (count * 48));
const privateKey = window.parent.reduxStore.getState().app.selectedAddress.keyPair.privateKey const privateKey = window.parent.reduxStore.getState().app.selectedAddress.keyPair.privateKey
const publicKey = window.parent.reduxStore.getState().app.selectedAddress.keyPair.publicKey const publicKey = window.parent.reduxStore.getState().app.selectedAddress.keyPair.publicKey
@ -679,15 +685,12 @@ class WebBrowser extends LitElement {
const convertedPrivateKey = ed2curve.convertSecretKey(privateKey) const convertedPrivateKey = ed2curve.convertSecretKey(privateKey)
const convertedPublicKey = ed2curve.convertPublicKey(publicKey) const convertedPublicKey = ed2curve.convertPublicKey(publicKey)
const sharedSecret = new Uint8Array(32) const sharedSecret = new Uint8Array(32)
nacl.lowlevel.crypto_scalarmult(sharedSecret, convertedPrivateKey, convertedPublicKey) nacl.lowlevel.crypto_scalarmult(sharedSecret, convertedPrivateKey, convertedPublicKey)
for (let i = 0; i < count; i++) { for (let i = 0; i < count; i++) {
const keyNonce = combinedKeys.slice(i * (24 + 48), i * (24 + 48) + 24); const encryptedKey = combinedKeys.slice(i * 48, (i + 1) * 48);
const encryptedKey = combinedKeys.slice(i * (24 + 48) + 24, (i + 1) * (24 + 48));
// Decrypt the symmetric key. // Decrypt the symmetric key.
const decryptedKey = nacl.secretbox.open(encryptedKey, keyNonce, sharedSecret); const decryptedKey = nacl.secretbox.open(encryptedKey, keyNonce, sharedSecret);
// If decryption was successful, decryptedKey will not be null. // If decryption was successful, decryptedKey will not be null.
if (decryptedKey) { if (decryptedKey) {
// Decrypt the data using the symmetric key. // Decrypt the data using the symmetric key.
@ -934,7 +937,6 @@ class WebBrowser extends LitElement {
return; return;
case actions.PUBLISH_QDN_RESOURCE: { case actions.PUBLISH_QDN_RESOURCE: {
console.log({ data })
// optional fields: encrypt:boolean recipientPublicKey:string // optional fields: encrypt:boolean recipientPublicKey:string
const requiredFields = ['service', 'name']; const requiredFields = ['service', 'name'];
const missingFields = []; const missingFields = [];