nobleCurves, serve file for cryptography in the browser

2025-02-19 20:48:16 +01:00 · 2025-02-19 20:48:16 +01:00 · da4f74b60c
commit da4f74b60c
parent 295513f83b
10 changed files with 90 additions and 86 deletions
--- a/.gitignore
+++ b/.gitignore
@ -4,3 +4,5 @@
 # node.js
 node_modules/
 package-lock.json
+# nobleCurves
+src/public/noble-curves.*
--- a/6
+++ b/6
@ -1,5 +1,5 @@

-run: test clean build
+run: ./src/public/noble-curves.js test clean build
 	podman pod create --name=e2ee -p 3333:3333
 	podman run -d --pod=e2ee -e POSTGRES_PASSWORD="password" -e POSTGRES_DB="e2ee" -e POSTGRES_USER="e2ee" -e POSTGRES_INITDB_ARGS="--encoding=UTF-8 --lc-collate=C --lc-ctype=C" --name=e2ee-db docker.io/library/postgres:15
 	podman run -d --pod=e2ee -e POSTGRES_PASSWORD="password" -e POSTGRES_DB="e2ee" -e POSTGRES_USER="e2ee" -e SHARED_SECRET="toto" --name=e2ee-app e2ee-messaging-service:latest
@ -9,3 +9,7 @@ test:
 	npm test
 clean:
 	podman pod rm -f e2ee
+./src/public/noble-curves.js:
+	$(eval URL := $(shell wget -q -O - https://api.github.com/repos/paulmillr/noble-curves/releases/latest | jq -r '.assets[] | select(.name | contains("noble-curves.js")) | .browser_download_url'))
+	wget -O ./src/public/noble-curves.js $(URL)
+
--- a/babel.config.js
+++ b/babel.config.js
@ -1 +1,11 @@
-module.exports = {presets: ['@babel/preset-env']}
+module.exports = {
+  presets: [
+    ['@babel/preset-env', {
+      targets: { node: 'current' },
+      modules: 'auto'
+    }]
+  ],
+    plugins: [
+    '@babel/plugin-syntax-bigint',
+  ]
+};
--- a/package.json
+++ b/package.json
@ -21,6 +21,7 @@
    "socket.io-client": "^4.8.1"
  },
  "devDependencies": {
+    "@babel/plugin-syntax-bigint": "^7.8.3",
    "@babel/preset-env": "^7.26.8",
    "jest": "^29.7.0"
  }
--- a/src/app.js
+++ b/src/app.js
@ -35,6 +35,8 @@ app.use(sessionMiddleware);
 app.use("/", routes);
 // bootstrap
 app.use('/css', express.static(__dirname + '/node_modules/bootstrap/dist/css'));
+// scripts
+app.use('/', express.static(__dirname + '/public'));

 // socket.io
 io.engine.use(sessionMiddleware);
--- a/src/controllers/main.js
+++ b/src/controllers/main.js
@ -7,33 +7,33 @@ const mainController = {
        let isLoggedIn = typeof pubKey !== 'undefined';
        res.render('index', {isLoggedIn, pubKey});
    },
-    style: (req, res) => {
-        res.sendFile(path.resolve(__dirname + '/../public/style.css'));
-    },
-    script: (req, res) => {
-        res.sendFile(path.resolve(__dirname + '/../public/script.js'));
-    },
-    ecc: (req, res) => {
-        res.sendFile(path.resolve(__dirname + '/../public/ecc.js'));
-    },
-    ecdh: (req, res) => {
-        res.sendFile(path.resolve(__dirname + '/../public/ecdh.js'));
-    },
-    popups: (req, res) => {
-        res.sendFile(path.resolve(__dirname + '/../public/popups.js'));
-    },
-    chat : (req, res) => {
-        res.sendFile(path.resolve(__dirname + '/../public/chat.js'));
-    },
-    register : (req, res) => {
-        res.sendFile(path.resolve(__dirname + '/../public/register.js'));
-    },
-    pubkey : (req, res) => {
-        res.sendFile(path.resolve(__dirname + '/../public/pubkey.js'));
-    },
-    registertext : (req, res) => {
-        res.sendFile(path.resolve(__dirname + '/../public/registertext.js'));
-    }
+    // style: (req, res) => {
+    //     res.sendFile(path.resolve(__dirname + '/../public/style.css'));
+    // },
+    // script: (req, res) => {
+    //     res.sendFile(path.resolve(__dirname + '/../public/script.js'));
+    // },
+    // ecc: (req, res) => {
+    //     res.sendFile(path.resolve(__dirname + '/../public/ecc.js'));
+    // },
+    // ecdh: (req, res) => {
+    //     res.sendFile(path.resolve(__dirname + '/../public/ecdh.js'));
+    // },
+    // popups: (req, res) => {
+    //     res.sendFile(path.resolve(__dirname + '/../public/popups.js'));
+    // },
+    // chat : (req, res) => {
+    //     res.sendFile(path.resolve(__dirname + '/../public/chat.js'));
+    // },
+    // register : (req, res) => {
+    //     res.sendFile(path.resolve(__dirname + '/../public/register.js'));
+    // },
+    // pubkey : (req, res) => {
+    //     res.sendFile(path.resolve(__dirname + '/../public/pubkey.js'));
+    // },
+    // registertext : (req, res) => {
+    //     res.sendFile(path.resolve(__dirname + '/../public/registertext.js'));
+    // }
 };

 module.exports = mainController;
--- a/src/public/ecdh.js
+++ b/src/public/ecdh.js
@ -1,9 +1,9 @@
-// X25519 aka ECDH on Curve25519 from [RFC7748](https://www.rfc-editor.org/rfc/rfc7748)
-import { x25519 } from '@noble/curves/ed25519';
+// X25519
+// aka ECDH on Curve25519 from [RFC7748](https://www.rfc-editor.org/rfc/rfc7748)

 export function genKeys() {
-    const priv = x25519.utils.randomPrivateKey();
-    const pub = x25519.getPublicKey(priv);
+    const priv = nobleCurves.x25519.utils.randomPrivateKey();
+    const pub = nobleCurves.x25519.getPublicKey(priv);
    return {
        privkey: priv,
        pubkey: pub
@ -11,5 +11,5 @@ export function genKeys() {
 }

 export function sharedKey(priv, pub) {
-    return x25519.getSharedSecret(priv, pub);
+    return nobleCurves.x25519.getSharedSecret(priv, pub);
 }
--- a/src/routes/root.js
+++ b/src/routes/root.js
@ -6,40 +6,40 @@ router
  .route("/")
  .get(mainController.root);

-router
-  .route("/style.css")
-  .get(mainController.style);
-
-router
-  .route("/script.js")
-  .get(mainController.script);
-
-router
-  .route("/ecc.js")
-  .get(mainController.ecc);
-
-router
-  .route("/ecdh.js")
-  .get(mainController.ecdh);
-
-router
-  .route("/popups.js")
-  .get(mainController.popups);
-
-router
-  .route("/chat.js")
-  .get(mainController.chat);
-
-router
-  .route("/register.js")
-  .get(mainController.register);
-
-router
-  .route("/pubkey.js")
-  .get(mainController.pubkey);
-
-router
-  .route("/registertext.js")
-  .get(mainController.registertext);
+// router
+//   .route("/style.css")
+//   .get(mainController.style);
+//
+// router
+//   .route("/script.js")
+//   .get(mainController.script);
+//
+// router
+//   .route("/ecc.js")
+//   .get(mainController.ecc);
+//
+// router
+//   .route("/ecdh.js")
+//   .get(mainController.ecdh);
+//
+// router
+//   .route("/popups.js")
+//   .get(mainController.popups);
+//
+// router
+//   .route("/chat.js")
+//   .get(mainController.chat);
+//
+// router
+//   .route("/register.js")
+//   .get(mainController.register);
+//
+// router
+//   .route("/pubkey.js")
+//   .get(mainController.pubkey);
+//
+// router
+//   .route("/registertext.js")
+//   .get(mainController.registertext);

 module.exports = router;
--- a/src/views/index.pug
+++ b/src/views/index.pug
@ -10,8 +10,9 @@ html(lang="en-US")
    script(type="module", src="/ecc.js", defer)
    if isLoggedIn
      script(src="/chat.js", defer)
-      script(src="/ecdh.js", defer)
      script(src="/pubkey.js", defer)
+      script(src="/noble-curves.js", defer)
+      script(type="module", src="/ecdh.js", defer)
    else
       script(type="module", src="/popups.js", defer)
       script(type="module", src="/register.js", defer)
--- a/tests/ecdh.test.js
+++ b/tests/ecdh.test.js
@ -1,16 +0,0 @@
-import { genKeys, sharedKey } from '../src/public/ecdh.js';
-import { arrayToHex } from '../src/stringutils.js';
-
-describe('ecdh.js functions', () => {
-
-    it('key exchange test', () => {
-        const keysA= genKeys();
-        const keysB = genKeys();
-        const sharedA = sharedKey(keysA.privkey, keysB.pubkey);
-        const sharedB = sharedKey(keysB.privkey, keysA.pubkey);
-        const sharedAhex = arrayToHex(sharedA);
-        const sharedBhex = arrayToHex(sharedB);
-        expect(sharedAhex).toBe(sharedBhex);
-    });
-
-});