aicq-chat-plugin 3.9.0 → 3.9.1

package/lib/crypto.js

@@ -1,168 +1,168 @@
-/**
- * AICQ Crypto Utilities
- * NaCl-based E2EE: Ed25519 signing, X25519 key exchange, symmetric encryption
- */
-const nacl = require('tweetnacl');
-const naclUtil = require('tweetnacl-util');
-
-// ─── Key Generation ────────────────────────────────────────────────────
-
-function generateSigningKeypair() {
-  const keyPair = nacl.sign.keyPair();
-  return {
-    publicKey: Buffer.from(keyPair.publicKey).toString('hex'),
-    secretKey: Buffer.from(keyPair.secretKey).toString('hex'),
-    publicKeyB64: Buffer.from(keyPair.publicKey).toString('base64'),
-    secretKeyB64: Buffer.from(keyPair.secretKey).toString('base64'),
-  };
-}
-
-function generateExchangeKeypair() {
-  const keyPair = nacl.box.keyPair();
-  return {
-    publicKey: Buffer.from(keyPair.publicKey).toString('hex'),
-    secretKey: Buffer.from(keyPair.secretKey).toString('hex'),
-    publicKeyB64: Buffer.from(keyPair.publicKey).toString('base64'),
-    secretKeyB64: Buffer.from(keyPair.secretKey).toString('base64'),
-  };
-}
-
-// ─── Signing ───────────────────────────────────────────────────────────
-
-function signMessage(message, secretKeyHex) {
-  const secretKey = Buffer.from(secretKeyHex, 'hex');
-  // If message looks like hex (64 chars), treat as raw bytes to match server's bytes.fromhex()
-  let messageBytes;
-  if (/^[0-9a-fA-F]{64}$/.test(message)) {
-    messageBytes = Buffer.from(message, 'hex');
-  } else {
-    messageBytes = naclUtil.decodeUTF8(message);
-  }
-  const signature = nacl.sign.detached(messageBytes, secretKey);
-  return Buffer.from(signature).toString('hex');
-}
-
-function verifySignature(message, signatureHex, publicKeyHex) {
-  try {
-    const publicKey = Buffer.from(publicKeyHex, 'hex');
-    // If message looks like hex (64 chars), treat as raw bytes to match server
-    let messageBytes;
-    if (/^[0-9a-fA-F]{64}$/.test(message)) {
-      messageBytes = Buffer.from(message, 'hex');
-    } else {
-      messageBytes = naclUtil.decodeUTF8(message);
-    }
-    const signature = Buffer.from(signatureHex, 'hex');
-    return nacl.sign.detached.verify(messageBytes, signature, publicKey);
-  } catch (e) {
-    return false;
-  }
-}
-
-// ─── Key Exchange & Session Key Derivation ─────────────────────────────
-
-function deriveSessionKey(ourSecretKeyHex, theirPublicKeyHex) {
-  const ourSecret = Buffer.from(ourSecretKeyHex, 'hex');
-  const theirPublic = Buffer.from(theirPublicKeyHex, 'hex');
-  const shared = nacl.box.before(theirPublic, ourSecret);
-  const hash = nacl.hash(shared);
-  return Buffer.from(hash).toString('hex');
-}
-
-// ─── Symmetric Encryption (NaCl SecretBox) ─────────────────────────────
-
-function encryptMessage(plaintext, sessionKeyB64) {
-  const key = Buffer.from(sessionKeyB64, 'base64');
-  const nonce = nacl.randomBytes(nacl.secretbox.nonceLength);
-  const messageBytes = naclUtil.decodeUTF8(plaintext);
-  const encrypted = nacl.secretbox(messageBytes, nonce, key);
-  if (!encrypted) throw new Error('Encryption failed');
-  // Combine nonce + ciphertext
-  const combined = new Uint8Array(nonce.length + encrypted.length);
-  combined.set(nonce);
-  combined.set(encrypted, nonce.length);
-  return Buffer.from(combined).toString('base64');
-}
-
-function decryptMessage(ciphertextB64, sessionKeyB64) {
-  const key = Buffer.from(sessionKeyB64, 'base64');
-  const combined = Buffer.from(ciphertextB64, 'base64');
-  const nonce = combined.slice(0, nacl.secretbox.nonceLength);
-  const ciphertext = combined.slice(nacl.secretbox.nonceLength);
-  const decrypted = nacl.secretbox.open(ciphertext, nonce, key);
-  if (!decrypted) throw new Error('Decryption failed');
-  return naclUtil.encodeUTF8(decrypted);
-}
-
-// ─── Fingerprint ───────────────────────────────────────────────────────
-
-function computeFingerprint(publicKeyHex) {
-  const publicKey = Buffer.from(publicKeyHex, 'hex');
-  const hash = nacl.hash(publicKey);
-  const hex = Buffer.from(hash).toString('hex');
-  return hex.match(/.{2}/g).join(':');
-}
-
-// ─── Password-based Encryption ─────────────────────────────────────────
-
-function encryptWithPassword(plaintext, password) {
-  const salt = nacl.randomBytes(nacl.pwhash.saltbytes);
-  const key = nacl.pwhash(plaintext.length + nacl.secretbox.overheadLength,
-    naclUtil.decodeUTF8(password), salt,
-    nacl.pwhash.opslimit.interactive,
-    nacl.pwhash.memlimit.interactive);
-  // Simplified: use secretbox with derived key
-  const nonce = nacl.randomBytes(nacl.secretbox.nonceLength);
-  const messageBytes = naclUtil.decodeUTF8(plaintext);
-  // Fallback: just use a hash-based key
-  const keyHash = nacl.hash(naclUtil.decodeUTF8(password + Buffer.from(salt).toString('base64')));
-  const encrypted = nacl.secretbox(messageBytes, nonce, keyHash.slice(0, 32));
-  if (!encrypted) throw new Error('Password encryption failed');
-  const result = new Uint8Array(salt.length + nonce.length + encrypted.length);
-  result.set(salt);
-  result.set(nonce, salt.length);
-  result.set(encrypted, salt.length + nonce.length);
-  return Buffer.from(result).toString('base64');
-}
-
-function decryptWithPassword(ciphertextB64, password) {
-  const combined = Buffer.from(ciphertextB64, 'base64');
-  const salt = combined.slice(0, nacl.pwhash.saltbytes);
-  const nonce = combined.slice(nacl.pwhash.saltbytes, nacl.pwhash.saltbytes + nacl.secretbox.nonceLength);
-  const ciphertext = combined.slice(nacl.pwhash.saltbytes + nacl.secretbox.nonceLength);
-  const keyHash = nacl.hash(naclUtil.decodeUTF8(password + Buffer.from(salt).toString('base64')));
-  const decrypted = nacl.secretbox.open(ciphertext, nonce, keyHash.slice(0, 32));
-  if (!decrypted) throw new Error('Password decryption failed');
-  return naclUtil.encodeUTF8(decrypted);
-}
-
-// ─── Convert Ed25519 to X25519 ─────────────────────────────────────────
-
-function convertEd25519ToX25519(ed25519PublicKeyB64) {
-  const edPk = Buffer.from(ed25519PublicKeyB64, 'base64');
-  // NaCl provides convert for this
-  try {
-    const xPk = nacl.sign.keyPair.fromSeed(edPk.slice(0, 32)).publicKey;
-    // This is approximate - in production use proper conversion
-    return Buffer.from(xPk).toString('base64');
-  } catch(e) {
-    // Fallback: derive from hash
-    const hash = nacl.hash(edPk);
-    return Buffer.from(hash.slice(0, 32)).toString('base64');
-  }
-}
-
-module.exports = {
-  generateSigningKeypair,
-  generateExchangeKeypair,
-  signMessage,
-  verifySignature,
-  deriveSessionKey,
-  encryptMessage,
-  decryptMessage,
-  computeFingerprint,
-  encryptWithPassword,
-  decryptWithPassword,
-  convertEd25519ToX25519,
-  randomBytes: (n) => Buffer.from(nacl.randomBytes(n)).toString('base64'),
-};
+/**
+ * AICQ Crypto Utilities
+ * NaCl-based E2EE: Ed25519 signing, X25519 key exchange, symmetric encryption
+ */
+const nacl = require('tweetnacl');
+const naclUtil = require('tweetnacl-util');
+
+// ─── Key Generation ────────────────────────────────────────────────────
+
+function generateSigningKeypair() {
+  const keyPair = nacl.sign.keyPair();
+  return {
+    publicKey: Buffer.from(keyPair.publicKey).toString('hex'),
+    secretKey: Buffer.from(keyPair.secretKey).toString('hex'),
+    publicKeyB64: Buffer.from(keyPair.publicKey).toString('base64'),
+    secretKeyB64: Buffer.from(keyPair.secretKey).toString('base64'),
+  };
+}
+
+function generateExchangeKeypair() {
+  const keyPair = nacl.box.keyPair();
+  return {
+    publicKey: Buffer.from(keyPair.publicKey).toString('hex'),
+    secretKey: Buffer.from(keyPair.secretKey).toString('hex'),
+    publicKeyB64: Buffer.from(keyPair.publicKey).toString('base64'),
+    secretKeyB64: Buffer.from(keyPair.secretKey).toString('base64'),
+  };
+}
+
+// ─── Signing ───────────────────────────────────────────────────────────
+
+function signMessage(message, secretKeyHex) {
+  const secretKey = Buffer.from(secretKeyHex, 'hex');
+  // If message looks like hex (64 chars), treat as raw bytes to match server's bytes.fromhex()
+  let messageBytes;
+  if (/^[0-9a-fA-F]{64}$/.test(message)) {
+    messageBytes = Buffer.from(message, 'hex');
+  } else {
+    messageBytes = naclUtil.decodeUTF8(message);
+  }
+  const signature = nacl.sign.detached(messageBytes, secretKey);
+  return Buffer.from(signature).toString('hex');
+}
+
+function verifySignature(message, signatureHex, publicKeyHex) {
+  try {
+    const publicKey = Buffer.from(publicKeyHex, 'hex');
+    // If message looks like hex (64 chars), treat as raw bytes to match server
+    let messageBytes;
+    if (/^[0-9a-fA-F]{64}$/.test(message)) {
+      messageBytes = Buffer.from(message, 'hex');
+    } else {
+      messageBytes = naclUtil.decodeUTF8(message);
+    }
+    const signature = Buffer.from(signatureHex, 'hex');
+    return nacl.sign.detached.verify(messageBytes, signature, publicKey);
+  } catch (e) {
+    return false;
+  }
+}
+
+// ─── Key Exchange & Session Key Derivation ─────────────────────────────
+
+function deriveSessionKey(ourSecretKeyHex, theirPublicKeyHex) {
+  const ourSecret = Buffer.from(ourSecretKeyHex, 'hex');
+  const theirPublic = Buffer.from(theirPublicKeyHex, 'hex');
+  const shared = nacl.box.before(theirPublic, ourSecret);
+  const hash = nacl.hash(shared);
+  return Buffer.from(hash).toString('hex');
+}
+
+// ─── Symmetric Encryption (NaCl SecretBox) ─────────────────────────────
+
+function encryptMessage(plaintext, sessionKeyB64) {
+  const key = Buffer.from(sessionKeyB64, 'base64');
+  const nonce = nacl.randomBytes(nacl.secretbox.nonceLength);
+  const messageBytes = naclUtil.decodeUTF8(plaintext);
+  const encrypted = nacl.secretbox(messageBytes, nonce, key);
+  if (!encrypted) throw new Error('Encryption failed');
+  // Combine nonce + ciphertext
+  const combined = new Uint8Array(nonce.length + encrypted.length);
+  combined.set(nonce);
+  combined.set(encrypted, nonce.length);
+  return Buffer.from(combined).toString('base64');
+}
+
+function decryptMessage(ciphertextB64, sessionKeyB64) {
+  const key = Buffer.from(sessionKeyB64, 'base64');
+  const combined = Buffer.from(ciphertextB64, 'base64');
+  const nonce = combined.slice(0, nacl.secretbox.nonceLength);
+  const ciphertext = combined.slice(nacl.secretbox.nonceLength);
+  const decrypted = nacl.secretbox.open(ciphertext, nonce, key);
+  if (!decrypted) throw new Error('Decryption failed');
+  return naclUtil.encodeUTF8(decrypted);
+}
+
+// ─── Fingerprint ───────────────────────────────────────────────────────
+
+function computeFingerprint(publicKeyHex) {
+  const publicKey = Buffer.from(publicKeyHex, 'hex');
+  const hash = nacl.hash(publicKey);
+  const hex = Buffer.from(hash).toString('hex');
+  return hex.match(/.{2}/g).join(':');
+}
+
+// ─── Password-based Encryption ─────────────────────────────────────────
+
+function encryptWithPassword(plaintext, password) {
+  const salt = nacl.randomBytes(nacl.pwhash.saltbytes);
+  const key = nacl.pwhash(plaintext.length + nacl.secretbox.overheadLength,
+    naclUtil.decodeUTF8(password), salt,
+    nacl.pwhash.opslimit.interactive,
+    nacl.pwhash.memlimit.interactive);
+  // Simplified: use secretbox with derived key
+  const nonce = nacl.randomBytes(nacl.secretbox.nonceLength);
+  const messageBytes = naclUtil.decodeUTF8(plaintext);
+  // Fallback: just use a hash-based key
+  const keyHash = nacl.hash(naclUtil.decodeUTF8(password + Buffer.from(salt).toString('base64')));
+  const encrypted = nacl.secretbox(messageBytes, nonce, keyHash.slice(0, 32));
+  if (!encrypted) throw new Error('Password encryption failed');
+  const result = new Uint8Array(salt.length + nonce.length + encrypted.length);
+  result.set(salt);
+  result.set(nonce, salt.length);
+  result.set(encrypted, salt.length + nonce.length);
+  return Buffer.from(result).toString('base64');
+}
+
+function decryptWithPassword(ciphertextB64, password) {
+  const combined = Buffer.from(ciphertextB64, 'base64');
+  const salt = combined.slice(0, nacl.pwhash.saltbytes);
+  const nonce = combined.slice(nacl.pwhash.saltbytes, nacl.pwhash.saltbytes + nacl.secretbox.nonceLength);
+  const ciphertext = combined.slice(nacl.pwhash.saltbytes + nacl.secretbox.nonceLength);
+  const keyHash = nacl.hash(naclUtil.decodeUTF8(password + Buffer.from(salt).toString('base64')));
+  const decrypted = nacl.secretbox.open(ciphertext, nonce, keyHash.slice(0, 32));
+  if (!decrypted) throw new Error('Password decryption failed');
+  return naclUtil.encodeUTF8(decrypted);
+}
+
+// ─── Convert Ed25519 to X25519 ─────────────────────────────────────────
+
+function convertEd25519ToX25519(ed25519PublicKeyB64) {
+  const edPk = Buffer.from(ed25519PublicKeyB64, 'base64');
+  // NaCl provides convert for this
+  try {
+    const xPk = nacl.sign.keyPair.fromSeed(edPk.slice(0, 32)).publicKey;
+    // This is approximate - in production use proper conversion
+    return Buffer.from(xPk).toString('base64');
+  } catch(e) {
+    // Fallback: derive from hash
+    const hash = nacl.hash(edPk);
+    return Buffer.from(hash.slice(0, 32)).toString('base64');
+  }
+}
+
+module.exports = {
+  generateSigningKeypair,
+  generateExchangeKeypair,
+  signMessage,
+  verifySignature,
+  deriveSessionKey,
+  encryptMessage,
+  decryptMessage,
+  computeFingerprint,
+  encryptWithPassword,
+  decryptWithPassword,
+  convertEd25519ToX25519,
+  randomBytes: (n) => Buffer.from(nacl.randomBytes(n)).toString('base64'),
+};