first version using native crypto via WebCrypto, or alternatively

NodeRSA in non-browser contexts.

Author: sbazerque

src/crypto/ciphers.ts

@@ -1,5 +1,8 @@
-export { RSA } from './ciphers/RSA';
-export { JSEncryptRSA as RSAImpl } from './ciphers/JSEncryptRSA';
+export * from './ciphers/RSA';
+export * from './ciphers/NodeRSA';
+export * from './ciphers/WebCryptoRSA';
+
+//export { JSEncryptRSA as RSAImpl } from './ciphers/JSEncryptRSA';
 
 export { ChaCha20 } from './ciphers/ChaCha20';
 export { ChaCha20js as ChaCha20Impl } from './ciphers/ChaCha20js';

src/crypto/ciphers/DelegatingRSAImpl.ts

@@ -25,9 +25,7 @@ class DelegatingRSAImpl implements RSA {
 
     }
 
-    async loadKeyPair(format: string, publicKey: string, privateKey?: string): Promise<void> {
-        
-        format; // ignore
+    async loadKeyPair(publicKey: string, privateKey?: string): Promise<void> {
 
         if (this.initialized) {
             throw new Error('RSA key cannot be re-initialized.')

src/crypto/ciphers/JSEncryptRSA.ts

@@ -52,11 +52,7 @@ class JSEncryptRSA implements RSA {
         this.crypto.getKey();
     };
 
-    async loadKeyPair(format: string, publicKey: string, privateKey?: string) {
-
-        if (format !== JSEncryptRSA.PKCS8) {
-            throw new Error("Currently only pkcs8 encoded RSA keys are supported, sorry");
-        }
+    async loadKeyPair(publicKey: string, privateKey?: string) {
 
         this.crypto = new JSEncrypt();
         this.crypto.setPublicKey(publicKey);

src/crypto/ciphers/RSA.ts

@@ -6,7 +6,7 @@ interface RSA {
 
 
     generateKey(bits: number) : Promise<void>;
-    loadKeyPair(format: string, publicKey: string, privateKey?: string) : Promise<void>;
+    loadKeyPair(publicKey: string, privateKey?: string) : Promise<void>;
 
     getPublicKey()  : string;
     getPrivateKey() : string | undefined;

src/crypto/ciphers/WebCryptoRSAEncKP.ts

@@ -29,11 +29,7 @@ class WebCryptoRSAEncKP implements EncodingKeyPair {
             },
             true,
             ['encrypt', 'decrypt']
-          );
-
-        if (!(keyPair instanceof CryptoKeyPair)) {
-            throw new Error('Could not generate RSA key pair using WebCrypto, params: ' + params);
-        }
+        );
 
         this.privateKey = keyPair.privateKey;
 

src/crypto/sign/NodeRSASigKP.ts

@@ -11,8 +11,14 @@ class NodeRSASigKP implements SignatureKeyPair {
     keyPair?: any;
 
     async generateKey(params?: {b?: number}): Promise<void> {
-        
-        this.keyPair = new NodeRSA({b: params?.b || 2048});
+
+        this.keyPair = new NodeRSA();
+
+        this.keyPair.setOptions({
+            environment: 'browser'
+        });
+
+        this.keyPair.generateKeyPair(params?.b || 2048);
 
         this.publicKeyPEM  = this.keyPair.exportKey('pkcs8-public-pem');
         this.privateKeyPEM = this.keyPair.exportKey('pkcs8-private-pem');
@@ -24,6 +30,11 @@ class NodeRSASigKP implements SignatureKeyPair {
         if (privateKey !== undefined) {
 
             this.keyPair = new NodeRSA();
+
+            this.keyPair.setOptions({
+                environment: 'browser'
+            });
+    
             this.keyPair.importKey(privateKey, 'pkcs8-private-pem');
 
             this.privateKeyPEM = privateKey;
@@ -36,6 +47,11 @@ class NodeRSASigKP implements SignatureKeyPair {
 
         } else if (publicKey !== undefined) {
             this.keyPair = new NodeRSA();
+
+            this.keyPair.setOptions({
+                environment: 'browser'
+            });
+
             this.keyPair.importKey(publicKey, 'pkcs8-public-pem');
 
             this.publicKeyPEM  = publicKey;

src/crypto/sign/WebCryptoRSASigKP.ts

@@ -27,11 +27,7 @@ class WebCryptoRSASigKP implements SignatureKeyPair {
             },
             true,
             ['sign', 'verify']
-          );
-
-        if (!(keyPair instanceof CryptoKeyPair)) {
-            throw new Error('Could not generate RSA key pair using WebCrypto, params: ' + params);
-        }
+        );
 
         this.privateKey = keyPair.privateKey;
 

src/data/identity/Identity.ts

@@ -46,19 +46,21 @@ class Identity extends HashedObject {
     }
 
     verifySignature(text: string, signature: string) {
-        //text; signature; return true; // mock
-
+        
         if (this.publicKey === undefined) {
             throw new Error('Cannot verify signature, Identity is uninitialized')
         }
 
-
         return this.publicKey.verifySignature(text, signature);
     }
 
     encrypt(text: string) {
-        // return text; // mock
-        return this.publicKey?.encrypt(text);
+
+        if (this.publicKey === undefined) {
+            throw new Error('Cannot ecnrypt, Identity is uninitialized')
+        }
+
+        return this.publicKey.encrypt(text);
     }
 
     getPublicKey() {

src/data/identity/RSAKeyPair.ts

@@ -1,4 +1,4 @@
-import { RSA, RSAImpl } from 'crypto/ciphers';
+import { RSA, RSADefaults } from 'crypto/ciphers';
 import { HashedObject } from '../model/HashedObject';
 import { RSAPublicKey } from './RSAPublicKey';
 import { Hashing } from 'data/model/Hashing';
@@ -17,57 +17,52 @@ class RSAKeyPair extends HashedObject {
     static className = 'hhs/v0/RSAKeyPair';
 
     static async generate(bits: number) {
-        let rsa = new RSAImpl();
-        rsa.generateKey(bits);
+        let rsa = new RSADefaults.impl();
+        await rsa.generateKey(bits);
 
-        return RSAKeyPair.fromKeys(rsa.getFormat(), rsa.getPublicKey(), rsa.getPrivateKey());
+        return RSAKeyPair.fromKeys(rsa.getPublicKey(), rsa.getPrivateKey());
     }
 
-    static async fromKeys(format: string, publicKey: string, privateKey: string) {
+    static async fromKeys(publicKey: string, privateKey?: string) {
         let keyPair = new RSAKeyPair();
-        keyPair.format = format;
         keyPair.publicKey = publicKey;
         keyPair.privateKey = privateKey;
-        await keyPair.initRSA();
+        keyPair.init();
         await keyPair.selfSign();
         return keyPair;
     }
 
-    format?: string;
     publicKey?: string;
     privateKey?: string;
     privateKeySignature?: string;
 
-    _rsa?: RSA;
+    _rsaPromise?: Promise<RSA>;
 
     constructor() {
         super();
     }
 
-    async init() {
-        this.initRSA();
-        if (!this.checkSelfSignature()) {
-            throw new Error("Self signature check failed for private key");
-        }
+    init() {
+        this._rsaPromise = this.initRSA();
     }
 
     async validate() {
-        await this.initRSA();
         return this.checkSelfSignature();
     }
 
-    private async initRSA() {
-        this._rsa = new RSAImpl();
-        this._rsa.loadKeyPair(this.getFormat(), this.getPublicKey(), this.getPrivateKey());
+    private async initRSA(): Promise<RSA> {
+        const _rsa = new RSADefaults.impl();
+        await _rsa.loadKeyPair(this.getPublicKey(), this.getPrivateKey());
+        return _rsa;
     }
 
     private async selfSign() {
 
-        if (this._rsa === undefined) {
+        if (this._rsaPromise === undefined) {
             throw new Error('Attempting to self sign keypair, but RSA has not been initialized.');
         }
 
-        this.privateKeySignature = await this._rsa.sign(this.privateKey as string);
+        this.privateKeySignature = await (await this._rsaPromise).sign(this.privateKey as string);
     }
 
     private checkSelfSignature() {
@@ -79,11 +74,7 @@ class RSAKeyPair extends HashedObject {
     }
 
     customHash(seed?: string) {
-        return RSAKeyPair.hashPublicKeyPart(this.format as string, this.publicKey as string, seed);
-    }
-
-    getFormat(): string {
-        return this.format as string;
+        return RSAKeyPair.hashPublicKeyPart(this.publicKey as string, seed);
     }
 
     getPublicKey() {
@@ -95,42 +86,47 @@ class RSAKeyPair extends HashedObject {
     }
 
     makePublicKey() {
-        return RSAPublicKey.fromKeys(this.getFormat(), this.getPublicKey());
+        return RSAPublicKey.fromKeys(this.getPublicKey());
     }
 
-    sign(text: string) {
+    async sign(text: string) {
 
-        if (this._rsa === undefined) {
+        if (this._rsaPromise === undefined) {
             throw new Error('Attempting to create signature, but RSA has not been initialized.');
         }
 
-        return this._rsa.sign(text);
+        return (await this._rsaPromise).sign(text);
     }
 
-    verifySignature(text: string, signature: string) {
-        return this._rsa?.verify(text, signature);
+    async verifySignature(text: string, signature: string) {
+
+        if (this._rsaPromise === undefined) {
+            throw new Error('Attempting to verify signature, but RSA has not been initialized.');
+        }
+
+        return (await this._rsaPromise).verify(text, signature);
     }
 
-    encrypt(plainText: string) {
+    async encrypt(plainText: string) {
 
-        if (this._rsa === undefined) {
+        if (this._rsaPromise === undefined) {
             throw new Error('Attempting to encrypt, but RSA has not been initialized.');
         }
 
-        return this._rsa.encrypt(plainText);
+        return (await this._rsaPromise).encrypt(plainText);
     }
 
-    decrypt(cypherText : string) {
+    async decrypt(cypherText : string) {
 
-        if (this._rsa === undefined) {
+        if (this._rsaPromise === undefined) {
             throw new Error('Attempting to decrypt, but RSA has not been initialized.');
         }
 
-        return this._rsa?.decrypt(cypherText);
+        return (await this._rsaPromise).decrypt(cypherText);
     }
 
-    static hashPublicKeyPart(format: string, publicKey: string, seed?: string) {
-        return Hashing.forValue({'_type': 'custom_hashed_object', '_class': RSAKeyPair.className, '_contents': {'format' : format, 'publicKey': publicKey}}, seed);
+    static hashPublicKeyPart(publicKey: string, seed?: string) {
+        return Hashing.forValue({'_type': 'custom_hashed_object', '_class': RSAKeyPair.className, '_contents': {'publicKey': publicKey}}, seed);
     }
 }
 

src/data/identity/RSAPublicKey.ts

@@ -1,68 +1,73 @@
-import { RSA, RSAImpl } from 'crypto/ciphers';
+import { RSA, RSADefaults } from 'crypto/ciphers';
 import { HashedObject } from 'data/model/HashedObject';
 import { RSAKeyPair } from './RSAKeyPair';
 
 class RSAPublicKey extends HashedObject {
 
     static className = 'hhs/v0/RSAPublicKey';
 
-    static fromKeys(format: string, publicKey: string) : RSAPublicKey {
+    static fromKeys(publicKey: string) : RSAPublicKey {
 
         let pk = new RSAPublicKey();
 
-        pk.format = format;
         pk.publicKey = publicKey;
 
         pk.init();
 
         return pk;
     }
 
-    format?: string;
     publicKey?: string;
 
-    _rsa?: RSA;
+    _rsaPromise?: Promise<RSA>;
 
     constructor() {
         super();
     }
 
     init() {
-        this._rsa = new RSAImpl();
-        this._rsa.loadKeyPair(this.getFormat(), this.getPublicKey());
+        this._rsaPromise = this.initRSA();
+    }
+
+    private async initRSA(): Promise<RSA> {
+        const _rsa = new RSADefaults.impl();
+        await _rsa.loadKeyPair(this.getPublicKey());
+        return _rsa;
     }
 
     async validate() {
+        // TODO: self sign??
         return true;
     }
 
     getClassName() {
         return RSAPublicKey.className;
     }
 
-    getFormat() {
-        return this.format as string;
-    }
-
     getPublicKey() {
         return this.publicKey as string;
     }
 
     getKeyPairHash() {
-        return RSAKeyPair.hashPublicKeyPart(this.format as string, this.publicKey as string);
+        return RSAKeyPair.hashPublicKeyPart(this.publicKey as string);
     }
 
-    verifySignature(text: string, signature: string) {
+    async verifySignature(text: string, signature: string) {
 
-        if (this._rsa === undefined) {
+        if (this._rsaPromise === undefined) {
             throw new Error('RSA public key is empty, cannot verify signature');
         }
 
-        return this._rsa.verify(text, signature);
+        return (await this._rsaPromise).verify(text, signature);
     }
 
-    encrypt(plainText: string) {
-        return this._rsa?.encrypt(plainText);
+    async encrypt(plainText: string) {
+
+        if (this._rsaPromise === undefined) {
+            throw new Error('RSA public key is empty, cannot encrypt');
+        }
+
+        return (await this._rsaPromise).encrypt(plainText);
     }
 
 }