search

StableLib / stablelib

A stable library of useful TypeScript/JavaScript code
https://www.stablelib.com
Other
173 stars 35 forks source link

Migrating from libsodium: How to compute shared key #52

Closed AndreasGassmann closed 2 years ago

AndreasGassmann commented 2 years ago

We're currently using libsodium in our library and we would like to switch to @stablelib. I found replacements for most methods that we use, but I'm having a hard time to compute the shared key to do encryption and decryption with box.

With libsodium, I have something like this now:

const kxSelfPrivateKey = crypto_sign_ed25519_sk_to_curve25519(Buffer.from(selfPrivateKey))
const kxSelfPublicKey = crypto_sign_ed25519_pk_to_curve25519(
      Buffer.from(selfPrivateKey).slice(32, 64))
const kxOtherPublicKey = crypto_sign_ed25519_pk_to_curve25519(
      Buffer.from(otherPublicKey, 'hex'))

const keys = [
      Buffer.from(kxSelfPublicKey),
      Buffer.from(kxSelfPrivateKey),
      Buffer.from(kxOtherPublicKey)
]

const server = crypto_kx_server_session_keys(...keys)
const client = crypto_kx_client_session_keys(...keys)

The server and client variables then each have a sharedRx and sharedTx property, I use sharedRx to decrypt and sharedTx to encrypt.

If I use those keys with the @stablelib methods (eg. const openBox = openSecretBox(sharedRx, nonce, ciphertext)), then it decrypts correctly.

So my question is how I can calculate those sharedRx and sharedTx values with @stablelib?

I tried to do the following:

const sharedKey = precomputeSharedKey(
  convertPublicKeyToX25519(Buffer.from(otherPublicKey, 'hex')),
  convertSecretKeyToX25519(selfPrivateKey)
)

But that key looks different than all other keys and it doesn't seem to decrypt the payload correctly.

To be more precise, if I update both sides with the precomputeSharedKey from @stablelib, then encryption and decryption works. But the encryption and decryption does not work if one side uses the shared key from @stablelib and the other side uses the shared key from libsodium.

How can I calculate a shared key with @stablelib that is equivalent to the one libsodium calculates?

Thanks a lot for your help.

dchest commented 2 years ago

StableLib doesn't have the equivalent of crypto_kx_server|client_session_keys, so you'll need to implement them yourself: https://github.com/jedisct1/libsodium/blob/6d566070b48efd2fa099bbe9822914455150aba9/src/libsodium/crypto_kx/crypto_kx.c#L75-L113

(libsodium's generic hash is BLAKE2b)

jevonearth commented 2 years ago

Hello @dchest,

This issue is marked as completed. Have equivalents of crypto_kx_server|client_session_keys actually been implemented? I don't see anything in this repo.

Thank you for a great library.

dchest commented 2 years ago

Sorry, there was no plan to implement them. I've marked it now differently.

e-asphyx commented 2 years ago

57

dchest commented 2 years ago

This feature is now available in @stablelib/x25519-session package. Thank you, @e-asphyx.

Docs: https://www.stablelib.com/modules/_stablelib_x25519_session.html