mirror of
https://github.com/nostr-protocol/nips.git
synced 2025-01-19 04:31:34 +00:00
encoding implementation doesn't require complicate TLV parsing.
This commit is contained in:
parent
a1f8a82e73
commit
c78bd4cef1
46
44.md
46
44.md
@ -30,7 +30,7 @@ Example:
|
|||||||
Encrypting the message `hello` from Alice to Bob results in the base-64 encoded tlv payload:
|
Encrypting the message `hello` from Alice to Bob results in the base-64 encoded tlv payload:
|
||||||
|
|
||||||
```
|
```
|
||||||
AAEBARgeI8gcP/4mnw3mKgtMvD8aGYUnGBlhopoCBd94Ev9i
|
AZKyMIHbfVYFlAAK7Ci5wuM5GFOLaeI7LQKDzWJY
|
||||||
```
|
```
|
||||||
|
|
||||||
# Other Notes
|
# Other Notes
|
||||||
@ -47,7 +47,7 @@ This encryption scheme replaces the one described in NIP-04, which is not secure
|
|||||||
import {xchacha20} from "@noble/ciphers/chacha"
|
import {xchacha20} from "@noble/ciphers/chacha"
|
||||||
import {secp256k1} from "@noble/curves/secp256k1"
|
import {secp256k1} from "@noble/curves/secp256k1"
|
||||||
import {sha256} from "@noble/hashes/sha256"
|
import {sha256} from "@noble/hashes/sha256"
|
||||||
import {randomBytes, concatBytes} from "@noble/hashes/utils"
|
import {randomBytes} from "@noble/hashes/utils"
|
||||||
import {base64} from "@scure/base"
|
import {base64} from "@scure/base"
|
||||||
|
|
||||||
export const utf8Decoder = new TextDecoder()
|
export const utf8Decoder = new TextDecoder()
|
||||||
@ -100,44 +100,24 @@ export function encrypt(privkey: string, pubkey: string, text: string, v = 1) {
|
|||||||
const nonce = randomBytes(24)
|
const nonce = randomBytes(24)
|
||||||
const plaintext = utf8Encoder.encode(text)
|
const plaintext = utf8Encoder.encode(text)
|
||||||
const ciphertext = xchacha20(key, nonce, plaintext)
|
const ciphertext = xchacha20(key, nonce, plaintext)
|
||||||
const tlv = encodeTLV({
|
|
||||||
0: [new Uint8Array([1])],
|
|
||||||
1: [nonce],
|
|
||||||
2: [ciphertext]
|
|
||||||
})
|
|
||||||
|
|
||||||
return base64.encode(tlv)
|
const payload = new Uint8Array(1 + 24 + ciphertext.length)
|
||||||
|
payload.set([version], 0)
|
||||||
|
payload.set(nonce, 1)
|
||||||
|
payload.set(ciphertext, 1 + 24)
|
||||||
|
|
||||||
|
return base64.encode(payload)
|
||||||
}
|
}
|
||||||
|
|
||||||
export function decrypt(privkey: string, pubkey: string, payload: string) {
|
export function decrypt(privkey: string, pubkey: string, payload: string) {
|
||||||
let byteArray
|
const payload = base64.decode(blob)
|
||||||
try {
|
if (payload[0] !== 1) {
|
||||||
byteArray = base64.decode(payload)
|
throw new Error('NIP44: unknown encryption version')
|
||||||
} catch (e) {
|
|
||||||
throw new Error(`NIP44: failed to base64 decode payload: ${e}`)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
let tlv
|
const nonce = payload.subarray(1, 25)
|
||||||
try {
|
const ciphertext = payload.subarray(25)
|
||||||
tlv = parseTLV(byteArray)
|
|
||||||
} catch (e) {
|
|
||||||
throw new Error(`NIP44: failed to decode tlv: ${e}`)
|
|
||||||
}
|
|
||||||
|
|
||||||
if (tlv[0]?.[0]?.[0] !== 1) {
|
|
||||||
throw new Error(`NIP44: invalid version: ${tlv[0]?.[0]?.[0]}`)
|
|
||||||
}
|
|
||||||
|
|
||||||
if (tlv[1]?.[0]?.length !== 24) {
|
|
||||||
throw new Error(`NIP44: invalid nonce: ${tlv[1]?.[0]}`)
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!tlv[2]?.[0]) {
|
|
||||||
throw new Error(`NIP44: missing ciphertext`)
|
|
||||||
}
|
|
||||||
|
|
||||||
const nonce = tlv[1][0]
|
|
||||||
const ciphertext = tlv[2][0]
|
|
||||||
const key = getSharedSecret(privkey, pubkey)
|
const key = getSharedSecret(privkey, pubkey)
|
||||||
const plaintext = xchacha20(key, nonce, ciphertext)
|
const plaintext = xchacha20(key, nonce, ciphertext)
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user