encoding implementation doesn't require complicate TLV parsing.

This commit is contained in:
fiatjaf 2023-08-15 11:40:54 -03:00
parent a1f8a82e73
commit c78bd4cef1
No known key found for this signature in database
GPG Key ID: BAD43C4BE5C1A3A1

46
44.md
View File

@ -30,7 +30,7 @@ Example:
Encrypting the message `hello` from Alice to Bob results in the base-64 encoded tlv payload: Encrypting the message `hello` from Alice to Bob results in the base-64 encoded tlv payload:
``` ```
AAEBARgeI8gcP/4mnw3mKgtMvD8aGYUnGBlhopoCBd94Ev9i AZKyMIHbfVYFlAAK7Ci5wuM5GFOLaeI7LQKDzWJY
``` ```
# Other Notes # Other Notes
@ -47,7 +47,7 @@ This encryption scheme replaces the one described in NIP-04, which is not secure
import {xchacha20} from "@noble/ciphers/chacha" import {xchacha20} from "@noble/ciphers/chacha"
import {secp256k1} from "@noble/curves/secp256k1" import {secp256k1} from "@noble/curves/secp256k1"
import {sha256} from "@noble/hashes/sha256" import {sha256} from "@noble/hashes/sha256"
import {randomBytes, concatBytes} from "@noble/hashes/utils" import {randomBytes} from "@noble/hashes/utils"
import {base64} from "@scure/base" import {base64} from "@scure/base"
export const utf8Decoder = new TextDecoder() export const utf8Decoder = new TextDecoder()
@ -100,44 +100,24 @@ export function encrypt(privkey: string, pubkey: string, text: string, v = 1) {
const nonce = randomBytes(24) const nonce = randomBytes(24)
const plaintext = utf8Encoder.encode(text) const plaintext = utf8Encoder.encode(text)
const ciphertext = xchacha20(key, nonce, plaintext) const ciphertext = xchacha20(key, nonce, plaintext)
const tlv = encodeTLV({
0: [new Uint8Array([1])],
1: [nonce],
2: [ciphertext]
})
return base64.encode(tlv) const payload = new Uint8Array(1 + 24 + ciphertext.length)
payload.set([version], 0)
payload.set(nonce, 1)
payload.set(ciphertext, 1 + 24)
return base64.encode(payload)
} }
export function decrypt(privkey: string, pubkey: string, payload: string) { export function decrypt(privkey: string, pubkey: string, payload: string) {
let byteArray const payload = base64.decode(blob)
try { if (payload[0] !== 1) {
byteArray = base64.decode(payload) throw new Error('NIP44: unknown encryption version')
} catch (e) {
throw new Error(`NIP44: failed to base64 decode payload: ${e}`)
} }
let tlv const nonce = payload.subarray(1, 25)
try { const ciphertext = payload.subarray(25)
tlv = parseTLV(byteArray)
} catch (e) {
throw new Error(`NIP44: failed to decode tlv: ${e}`)
}
if (tlv[0]?.[0]?.[0] !== 1) {
throw new Error(`NIP44: invalid version: ${tlv[0]?.[0]?.[0]}`)
}
if (tlv[1]?.[0]?.length !== 24) {
throw new Error(`NIP44: invalid nonce: ${tlv[1]?.[0]}`)
}
if (!tlv[2]?.[0]) {
throw new Error(`NIP44: missing ciphertext`)
}
const nonce = tlv[1][0]
const ciphertext = tlv[2][0]
const key = getSharedSecret(privkey, pubkey) const key = getSharedSecret(privkey, pubkey)
const plaintext = xchacha20(key, nonce, ciphertext) const plaintext = xchacha20(key, nonce, ciphertext)