gitspace 0.2.0-rc.1

package/src/lib/tmux-lite/crypto/identity.test.ts

@@ -0,0 +1,220 @@
+/**
+ * Tests for identity cryptography module
+ */
+
+import { describe, expect, test } from "bun:test";
+import {
+  generateSigningKeypair,
+  generateKeyExchangeKeypair,
+  generateIdentity,
+  deriveIdentityId,
+  sign,
+  verify,
+  serializeIdentity,
+  deserializeIdentity,
+  getPublicIdentity,
+} from "./identity";
+
+describe("Identity - Keypair Generation", () => {
+  test("generateSigningKeypair creates valid Ed25519 keypair", () => {
+    const keypair = generateSigningKeypair();
+    expect(keypair.publicKey).toBeInstanceOf(Uint8Array);
+    expect(keypair.publicKey.length).toBe(32);
+    expect(keypair.secretKey).toBeInstanceOf(Uint8Array);
+    expect(keypair.secretKey.length).toBe(64);
+  });
+
+  test("generateKeyExchangeKeypair creates valid X25519 keypair", () => {
+    const keypair = generateKeyExchangeKeypair();
+    expect(keypair.publicKey).toBeInstanceOf(Uint8Array);
+    expect(keypair.publicKey.length).toBe(32);
+    expect(keypair.privateKey).toBeInstanceOf(Uint8Array);
+    expect(keypair.privateKey.length).toBe(32);
+  });
+
+  test("generateIdentity creates complete identity", () => {
+    const identity = generateIdentity("Test Label");
+    expect(identity.id).toBeTruthy();
+    expect(identity.id.length).toBe(16);
+    expect(identity.label).toBe("Test Label");
+    expect(identity.createdAt).toBeGreaterThan(0);
+    expect(identity.signing.publicKey.length).toBe(32);
+    expect(identity.signing.secretKey.length).toBe(64);
+    expect(identity.keyExchange.publicKey.length).toBe(32);
+    expect(identity.keyExchange.privateKey.length).toBe(32);
+  });
+
+  test("generateIdentity creates identity without label", () => {
+    const identity = generateIdentity();
+    expect(identity.id).toBeTruthy();
+    expect(identity.label).toBeUndefined();
+  });
+});
+
+describe("Identity - ID Derivation", () => {
+  test("deriveIdentityId produces 16 character base64url string", () => {
+    const keypair = generateSigningKeypair();
+    const id = deriveIdentityId(keypair.publicKey);
+    expect(id.length).toBe(16);
+    expect(id).toMatch(/^[A-Za-z0-9_-]+$/); // base64url chars
+  });
+
+  test("deriveIdentityId is deterministic", () => {
+    const keypair = generateSigningKeypair();
+    const id1 = deriveIdentityId(keypair.publicKey);
+    const id2 = deriveIdentityId(keypair.publicKey);
+    expect(id1).toBe(id2);
+  });
+
+  test("deriveIdentityId throws on invalid key length", () => {
+    const invalidKey = new Uint8Array(31); // Wrong length
+    expect(() => deriveIdentityId(invalidKey)).toThrow();
+  });
+
+  test("identity ID matches derived ID", () => {
+    const identity = generateIdentity();
+    const derivedId = deriveIdentityId(identity.signing.publicKey);
+    expect(identity.id).toBe(derivedId);
+  });
+});
+
+describe("Identity - Signing and Verification", () => {
+  test("sign creates 64-byte signature", () => {
+    const keypair = generateSigningKeypair();
+    const message = new TextEncoder().encode("Hello, World!");
+    const signature = sign(message, keypair.secretKey);
+    expect(signature).toBeInstanceOf(Uint8Array);
+    expect(signature.length).toBe(64);
+  });
+
+  test("verify accepts valid signature", () => {
+    const keypair = generateSigningKeypair();
+    const message = new TextEncoder().encode("Test message");
+    const signature = sign(message, keypair.secretKey);
+    const isValid = verify(message, signature, keypair.publicKey);
+    expect(isValid).toBe(true);
+  });
+
+  test("verify rejects invalid signature", () => {
+    const keypair = generateSigningKeypair();
+    const message = new TextEncoder().encode("Original message");
+    const signature = sign(message, keypair.secretKey);
+    
+    const wrongMessage = new TextEncoder().encode("Wrong message");
+    const isValid = verify(wrongMessage, signature, keypair.publicKey);
+    expect(isValid).toBe(false);
+  });
+
+  test("verify rejects signature from different keypair", () => {
+    const keypair1 = generateSigningKeypair();
+    const keypair2 = generateSigningKeypair();
+    const message = new TextEncoder().encode("Test");
+    const signature = sign(message, keypair1.secretKey);
+    const isValid = verify(message, signature, keypair2.publicKey);
+    expect(isValid).toBe(false);
+  });
+
+  test("sign throws on invalid secret key length", () => {
+    const message = new TextEncoder().encode("Test");
+    const invalidKey = new Uint8Array(63);
+    expect(() => sign(message, invalidKey)).toThrow();
+  });
+
+  test("verify throws on invalid signature length", () => {
+    const keypair = generateSigningKeypair();
+    const message = new TextEncoder().encode("Test");
+    const invalidSig = new Uint8Array(63);
+    expect(() => verify(message, invalidSig, keypair.publicKey)).toThrow();
+  });
+
+  test("verify throws on invalid public key length", () => {
+    const message = new TextEncoder().encode("Test");
+    const signature = new Uint8Array(64);
+    const invalidKey = new Uint8Array(31);
+    expect(() => verify(message, signature, invalidKey)).toThrow();
+  });
+});
+
+describe("Identity - Serialization", () => {
+  test("serializeIdentity converts to base64 strings", () => {
+    const identity = generateIdentity("Test");
+    const stored = serializeIdentity(identity);
+    
+    expect(stored.id).toBe(identity.id);
+    expect(stored.label).toBe(identity.label);
+    expect(stored.createdAt).toBe(identity.createdAt);
+    expect(typeof stored.signingPublicKey).toBe("string");
+    expect(typeof stored.signingSecretKey).toBe("string");
+    expect(typeof stored.keyExchangePublicKey).toBe("string");
+    expect(typeof stored.keyExchangePrivateKey).toBe("string");
+  });
+
+  test("deserializeIdentity restores identity", () => {
+    const original = generateIdentity("Original");
+    const stored = serializeIdentity(original);
+    const restored = deserializeIdentity(stored);
+    
+    expect(restored.id).toBe(original.id);
+    expect(restored.label).toBe(original.label);
+    expect(restored.createdAt).toBe(original.createdAt);
+    expect(restored.signing.publicKey).toEqual(original.signing.publicKey);
+    expect(restored.signing.secretKey).toEqual(original.signing.secretKey);
+    expect(restored.keyExchange.publicKey).toEqual(original.keyExchange.publicKey);
+    expect(restored.keyExchange.privateKey).toEqual(original.keyExchange.privateKey);
+  });
+
+  test("deserializeIdentity validates ID match", () => {
+    const identity = generateIdentity();
+    const stored = serializeIdentity(identity);
+    
+    // Tamper with ID
+    stored.id = "InvalidID1234567";
+    
+    expect(() => deserializeIdentity(stored)).toThrow(/Identity ID mismatch/);
+  });
+
+  test("serialization round-trip maintains signature validity", () => {
+    const original = generateIdentity();
+    const message = new TextEncoder().encode("Test");
+    const signature = sign(message, original.signing.secretKey);
+    
+    const stored = serializeIdentity(original);
+    const restored = deserializeIdentity(stored);
+    
+    const isValid = verify(message, signature, restored.signing.publicKey);
+    expect(isValid).toBe(true);
+  });
+});
+
+describe("Identity - Public Identity Extraction", () => {
+  test("getPublicIdentity returns only public information", () => {
+    const identity = generateIdentity("Public Test");
+    const publicIdentity = getPublicIdentity(identity);
+    
+    expect(publicIdentity.id).toBe(identity.id);
+    expect(publicIdentity.label).toBe(identity.label);
+    expect(typeof publicIdentity.signingPublicKey).toBe("string");
+    expect(typeof publicIdentity.keyExchangePublicKey).toBe("string");
+    
+    // Ensure no secret keys are present
+    expect(publicIdentity).not.toHaveProperty("signing");
+    expect(publicIdentity).not.toHaveProperty("keyExchange");
+    expect(publicIdentity).not.toHaveProperty("createdAt");
+  });
+
+  test("public identity can be used for verification", () => {
+    const identity = generateIdentity();
+    const publicIdentity = getPublicIdentity(identity);
+    
+    const message = new TextEncoder().encode("Verify me");
+    const signature = sign(message, identity.signing.secretKey);
+    
+    // Decode public key from base64
+    const publicKey = new Uint8Array(
+      Buffer.from(publicIdentity.signingPublicKey, "base64")
+    );
+    
+    const isValid = verify(message, signature, publicKey);
+    expect(isValid).toBe(true);
+  });
+});

package/src/lib/tmux-lite/crypto/identity.ts

@@ -0,0 +1,286 @@
+/**
+ * Identity management using Ed25519 signing and X25519 key exchange
+ *
+ * This module provides cryptographic identity generation and management:
+ * - Ed25519 for digital signatures (authentication)
+ * - X25519 for Diffie-Hellman key exchange (encryption)
+ *
+ * @module identity
+ */
+
+import { ed25519, x25519 } from "@noble/curves/ed25519.js";
+import type {
+  SigningKeypair,
+  KeyExchangeKeypair,
+  Identity,
+  StoredIdentity,
+  PublicIdentity,
+} from "../../../types/identity.js";
+
+// ============================================================================
+// Constants
+// ============================================================================
+
+/** Length of identity ID (first 16 chars of base64url encoded public key) */
+const IDENTITY_ID_LENGTH = 16;
+
+// ============================================================================
+// Keypair Generation
+// ============================================================================
+
+/**
+ * Generate a new Ed25519 signing keypair
+ *
+ * Ed25519 is used for digital signatures to authenticate messages and identities.
+ * The secret key is 64 bytes (32-byte seed + 32-byte public key).
+ *
+ * @returns New signing keypair
+ */
+export function generateSigningKeypair(): SigningKeypair {
+  const privateKey = ed25519.utils.randomSecretKey();
+  const publicKey = ed25519.getPublicKey(privateKey);
+
+  // Ed25519 convention: secretKey = privateKey (32 bytes) + publicKey (32 bytes)
+  const secretKey = new Uint8Array(64);
+  secretKey.set(privateKey, 0);
+  secretKey.set(publicKey, 32);
+
+  return {
+    publicKey,
+    secretKey,
+  };
+}
+
+/**
+ * Generate a new X25519 key exchange keypair
+ *
+ * X25519 is used for Diffie-Hellman key exchange to establish shared secrets
+ * for encryption.
+ *
+ * @returns New key exchange keypair
+ */
+export function generateKeyExchangeKeypair(): KeyExchangeKeypair {
+  const privateKey = x25519.utils.randomSecretKey();
+  const publicKey = x25519.getPublicKey(privateKey);
+
+  return {
+    publicKey,
+    privateKey,
+  };
+}
+
+/**
+ * Generate a complete identity with both signing and key exchange keypairs
+ *
+ * Creates a new identity with:
+ * - Unique ID derived from signing public key
+ * - Ed25519 signing keypair
+ * - X25519 key exchange keypair
+ * - Optional human-readable label
+ * - Creation timestamp
+ *
+ * @param label - Optional human-readable label for this identity
+ * @returns Complete identity
+ */
+export function generateIdentity(label?: string): Identity {
+  const signing = generateSigningKeypair();
+  const keyExchange = generateKeyExchangeKeypair();
+  const id = deriveIdentityId(signing.publicKey);
+
+  return {
+    id,
+    signing,
+    keyExchange,
+    label,
+    createdAt: Date.now(),
+  };
+}
+
+// ============================================================================
+// Identity ID Derivation
+// ============================================================================
+
+/**
+ * Derive a short identity ID from a signing public key
+ *
+ * Takes the first 16 characters of the base64url-encoded public key.
+ * This provides a compact, URL-safe identifier while maintaining uniqueness
+ * (collision probability ~1 in 2^96).
+ *
+ * @param signingPublicKey - Ed25519 public key (32 bytes)
+ * @returns Identity ID (16 character base64url string)
+ */
+export function deriveIdentityId(signingPublicKey: Uint8Array): string {
+  if (signingPublicKey.length !== 32) {
+    throw new Error(
+      `Invalid signing public key length: ${signingPublicKey.length}, expected 32`
+    );
+  }
+
+  const base64url = Buffer.from(signingPublicKey).toString("base64url");
+  return base64url.slice(0, IDENTITY_ID_LENGTH);
+}
+
+// ============================================================================
+// Signing and Verification
+// ============================================================================
+
+/**
+ * Sign a message using Ed25519
+ *
+ * Creates a detached signature that can be verified with the corresponding
+ * public key. Signatures are deterministic (same message + key = same signature).
+ *
+ * @param message - Message to sign
+ * @param secretKey - Ed25519 secret key (64 bytes)
+ * @returns Signature (64 bytes)
+ */
+export function sign(message: Uint8Array, secretKey: Uint8Array): Uint8Array {
+  if (secretKey.length !== 64) {
+    throw new Error(
+      `Invalid secret key length: ${secretKey.length}, expected 64`
+    );
+  }
+
+  // Extract the 32-byte private key from the 64-byte secret key
+  const privateKey = secretKey.slice(0, 32);
+  return ed25519.sign(message, privateKey);
+}
+
+/**
+ * Verify an Ed25519 signature
+ *
+ * Verifies that a signature was created by the holder of the secret key
+ * corresponding to the given public key.
+ *
+ * @param message - Original message that was signed
+ * @param signature - Signature to verify (64 bytes)
+ * @param publicKey - Ed25519 public key (32 bytes)
+ * @returns True if signature is valid, false otherwise
+ */
+export function verify(
+  message: Uint8Array,
+  signature: Uint8Array,
+  publicKey: Uint8Array
+): boolean {
+  if (signature.length !== 64) {
+    throw new Error(
+      `Invalid signature length: ${signature.length}, expected 64`
+    );
+  }
+  if (publicKey.length !== 32) {
+    throw new Error(
+      `Invalid public key length: ${publicKey.length}, expected 32`
+    );
+  }
+
+  try {
+    return ed25519.verify(signature, message, publicKey);
+  } catch {
+    // Invalid signature format or verification failed
+    return false;
+  }
+}
+
+// ============================================================================
+// Serialization
+// ============================================================================
+
+/**
+ * Serialize an identity for storage
+ *
+ * Converts binary keys to base64 strings for JSON serialization.
+ * WARNING: This does NOT encrypt the secret keys. Use appropriate
+ * encryption before storing to disk.
+ *
+ * @param identity - Identity to serialize
+ * @returns Serializable identity with base64-encoded keys
+ */
+export function serializeIdentity(identity: Identity): StoredIdentity {
+  return {
+    id: identity.id,
+    signingPublicKey: Buffer.from(identity.signing.publicKey).toString(
+      "base64"
+    ),
+    signingSecretKey: Buffer.from(identity.signing.secretKey).toString(
+      "base64"
+    ),
+    keyExchangePublicKey: Buffer.from(
+      identity.keyExchange.publicKey
+    ).toString("base64"),
+    keyExchangePrivateKey: Buffer.from(
+      identity.keyExchange.privateKey
+    ).toString("base64"),
+    label: identity.label,
+    createdAt: identity.createdAt,
+  };
+}
+
+/**
+ * Deserialize a stored identity
+ *
+ * Converts base64 strings back to binary Uint8Arrays.
+ * Verifies that the identity ID matches the signing public key.
+ *
+ * @param stored - Stored identity with base64-encoded keys
+ * @returns Identity with binary keys
+ * @throws {Error} If identity ID doesn't match signing public key
+ */
+export function deserializeIdentity(stored: StoredIdentity): Identity {
+  const signingPublicKey = new Uint8Array(
+    Buffer.from(stored.signingPublicKey, "base64")
+  );
+  const signingSecretKey = new Uint8Array(
+    Buffer.from(stored.signingSecretKey, "base64")
+  );
+  const keyExchangePublicKey = new Uint8Array(
+    Buffer.from(stored.keyExchangePublicKey, "base64")
+  );
+  const keyExchangePrivateKey = new Uint8Array(
+    Buffer.from(stored.keyExchangePrivateKey, "base64")
+  );
+
+  // Verify identity ID matches signing public key
+  const derivedId = deriveIdentityId(signingPublicKey);
+  if (derivedId !== stored.id) {
+    throw new Error(
+      `Identity ID mismatch: stored=${stored.id}, derived=${derivedId}`
+    );
+  }
+
+  return {
+    id: stored.id,
+    signing: {
+      publicKey: signingPublicKey,
+      secretKey: signingSecretKey,
+    },
+    keyExchange: {
+      publicKey: keyExchangePublicKey,
+      privateKey: keyExchangePrivateKey,
+    },
+    label: stored.label,
+    createdAt: stored.createdAt,
+  };
+}
+
+/**
+ * Extract public identity information
+ *
+ * Returns only the public parts of an identity that are safe to share.
+ * This includes public keys but NOT secret/private keys.
+ *
+ * @param identity - Complete identity
+ * @returns Public identity info (safe to share)
+ */
+export function getPublicIdentity(identity: Identity): PublicIdentity {
+  return {
+    id: identity.id,
+    signingPublicKey: Buffer.from(identity.signing.publicKey).toString(
+      "base64"
+    ),
+    keyExchangePublicKey: Buffer.from(identity.keyExchange.publicKey).toString(
+      "base64"
+    ),
+    label: identity.label,
+  };
+}

package/src/lib/tmux-lite/crypto/index.ts

@@ -0,0 +1,51 @@
+/**
+ * E2E encryption module exports
+ */
+
+export {
+  generateSalt,
+  deriveKey,
+  SALT_LENGTH,
+  KEY_LENGTH,
+} from "./keys";
+
+export {
+  encrypt,
+  decrypt,
+  seal,
+  open,
+  generateNonce,
+  NONCE_LENGTH,
+  AUTH_TAG_LENGTH,
+} from "./secretbox";
+
+export {
+  encodeFrame,
+  decodeFrame,
+  peekStreamId,
+  createFrame,
+  openFrame,
+  MASTER_STREAM_ID,
+  STREAM_ID_LENGTH,
+  MIN_FRAME_LENGTH,
+  type EncryptedFrame,
+} from "./frames";
+
+export {
+  generateSigningKeypair,
+  generateKeyExchangeKeypair,
+  generateIdentity,
+  deriveIdentityId,
+  sign,
+  verify,
+  serializeIdentity,
+  deserializeIdentity,
+  getPublicIdentity,
+} from "./identity";
+
+export {
+  createInviteToken,
+  parseInviteToken,
+  getPublicIdentityFromInvite,
+  isInviteExpired,
+} from "./invites";