Switch to HMAC-BLAKE2s
This commit is contained in:
parent
53b84db98e
commit
0c002036a4
|
@ -1,6 +1,6 @@
|
|||
let ?ds = dataspace
|
||||
|
||||
; Connect using <route [<ws "...">] <ref "syndicate" [] #[pkgN9TBmEd3Q04grVG4Zdw]>>
|
||||
; Connect using <route [<ws "...">] <ref "syndicate" [] #[acowDB2/oI+6aSEC3YIxGg]>>
|
||||
<bind "syndicate" #x"" $ds>
|
||||
|
||||
; Connect using <route [<ws "...">] <noise { service: "syndicate", key: #x"21f6cd4e11e7e37711d6b3084ff18cded8fc8abf293aa47d43e8bb86dda65516" }>>
|
||||
|
|
|
@ -114,7 +114,7 @@ function setDataspaceAddress() {
|
|||
// Sturdy.SturdyRef({
|
||||
// "oid": "syndicate",
|
||||
// "caveatChain": [],
|
||||
// "sig": Bytes.fromHex('a6480df5306611ddd0d3882b546e1977'),
|
||||
// "sig": Bytes.fromHex('69ca300c1dbfa08fba692102dd82311a'),
|
||||
// }))],
|
||||
// }));
|
||||
//
|
||||
|
|
|
@ -30,6 +30,7 @@
|
|||
"author": "Tony Garnock-Jones <tonyg@leastfixedpoint.com>",
|
||||
"dependencies": {
|
||||
"@preserves/core": ">=0.20.2",
|
||||
"@preserves/schema": ">=0.21.2"
|
||||
"@preserves/schema": ">=0.21.2",
|
||||
"salty-crypto": "0.3"
|
||||
}
|
||||
}
|
||||
|
|
|
@ -3,6 +3,7 @@
|
|||
|
||||
import { Bytes, underlying } from '@preserves/core';
|
||||
import * as node_crypto from 'crypto';
|
||||
import { makeHMAC, BLAKE2s } from 'salty-crypto';
|
||||
|
||||
export const KEY_LENGTH = 16; // 128 bits
|
||||
|
||||
|
@ -15,28 +16,8 @@ export const newKey: () => Promise<Bytes> =
|
|||
})
|
||||
: (async () => Bytes.from(node_crypto.randomBytes(KEY_LENGTH)));
|
||||
|
||||
export const mac: (secretKey: Bytes, data: Bytes) => Promise<Bytes> =
|
||||
(typeof crypto !== 'undefined' && 'subtle' in crypto)
|
||||
? (async (secretKey, data) => {
|
||||
if (secretKey.length !== KEY_LENGTH) throw new Error("Invalid key length");
|
||||
const k = await window.crypto.subtle.importKey(
|
||||
"raw",
|
||||
underlying(secretKey),
|
||||
{
|
||||
hash: 'SHA-256',
|
||||
name: 'HMAC',
|
||||
},
|
||||
false,
|
||||
['sign']);
|
||||
const bs = await window.crypto.subtle.sign({ name: 'HMAC' }, k, underlying(data));
|
||||
return Bytes.from(new Uint8Array(bs, 0, KEY_LENGTH));
|
||||
})
|
||||
: (typeof node_crypto.createHmac !== 'undefined')
|
||||
? (async (secretKey, data) => {
|
||||
const hmac = node_crypto.createHmac('sha256', underlying(secretKey));
|
||||
hmac.update(underlying(data));
|
||||
return Bytes.from(hmac.digest().subarray(0, KEY_LENGTH));
|
||||
})
|
||||
: (async (_secretKey, _data) => {
|
||||
throw new Error('No HMAC SHA-256 available');
|
||||
});
|
||||
const HMAC_BLAKE2s = makeHMAC(BLAKE2s);
|
||||
|
||||
export async function mac(secretKey: Bytes, data: Bytes): Promise<Bytes> {
|
||||
return Bytes.from(HMAC_BLAKE2s(underlying(secretKey), underlying(data)));
|
||||
}
|
||||
|
|
|
@ -2,4 +2,3 @@
|
|||
/// SPDX-FileCopyrightText: Copyright © 2016-2023 Tony Garnock-Jones <tonyg@leastfixedpoint.com>
|
||||
|
||||
export const randomBytes = void 0;
|
||||
export const createHmac = void 0;
|
||||
|
|
|
@ -29,7 +29,7 @@ function bootApp(ds: Ref) {
|
|||
"transports": [fromJS(Schemas.transportAddress.WebSocket(
|
||||
`ws://${document.location.hostname}:9001/`))],
|
||||
"steps": [wsRelay.Noise.RouteStep.GatekeeperStep(Sturdy.asSturdyRef(
|
||||
new Reader<Ref>('<ref "syndicate" [] #[pkgN9TBmEd3Q04grVG4Zdw==]>').next()))],
|
||||
new Reader<Ref>('<ref "syndicate" [] #[acowDB2/oI+6aSEC3YIxGg==]>').next()))],
|
||||
});
|
||||
|
||||
during wsRelay.Resolved({
|
||||
|
|
Loading…
Reference in New Issue