Fixed #441

- Changed key derivation using sha512
- Removed signSchema
- Updated tests

Author: rg911

package-lock.json

@@ -64,6 +64,7 @@
     "js-joda": "^1.6.2",
     "js-sha256": "^0.9.0",
     "js-sha3": "^0.8.0",
+    "js-sha512": "^0.8.0",
     "long": "^4.0.0",
     "merkletreejs": "^0.1.7",
     "nem2-sdk-openapi-typescript-node-client": "0.8.2",
@@ -72,6 +73,7 @@
     "ripemd160": "^2.0.2",
     "rxjs": "^6.5.3",
     "rxjs-compat": "^6.5.3",
+    "tweetnacl": "^1.0.3",
     "utf8": "^2.1.2",
     "ws": "^5.2.0"
   },

package.json

@@ -17,7 +17,6 @@
 import { WalletAlgorithm } from '../../model/wallet/WalletAlgorithm';
 import { Convert as convert } from '../format/Convert';
 import { KeyPair } from './KeyPair';
-import { SignSchema } from './SignSchema';
 import * as utility from './Utilities';
 
 // tslint:disable-next-line: no-var-requires
@@ -221,20 +220,18 @@ export class Crypto {
      * @param {string} msg - A text message
      * @param {Uint8Array} iv - An initialization vector
      * @param {Uint8Array} salt - A salt
-     * @param {SignSchema} signSchema The Sign Schema. (KECCAK(NIS1) / SHA3(Catapult))
      * @return {string} - The encoded message
      */
     public static _encode = (senderPriv: string,
                              recipientPub: string,
                              msg: string,
-                             iv: Uint8Array,
-                             signSchema: SignSchema): string => {
+                             iv: Uint8Array): string => {
         // Errors
         if (!senderPriv || !recipientPub || !msg || !iv) { throw new Error('Missing argument !'); }
         // Processing
-        const keyPair = KeyPair.createKeyPairFromPrivateKeyString(senderPriv, signSchema);
+        const keyPair = KeyPair.createKeyPairFromPrivateKeyString(senderPriv);
         const pk = convert.hexToUint8(recipientPub);
-        const encKey = utility.ua2words(KeyPair.deriveSharedKey(keyPair, pk, signSchema), 32);
+        const encKey = utility.ua2words(utility.catapult_crypto.deriveSharedKey(keyPair.privateKey, pk), 32);
         const encIv = {
             iv: utility.ua2words(iv, 16),
         };
@@ -250,20 +247,18 @@ export class Crypto {
      * @param {string} senderPriv - A sender private key
      * @param {string} recipientPub - A recipient public key
      * @param {string} msg - A text message
-     * @param {SignSchema} signSchema The Sign Schema. (KECCAK(NIS1) / SHA3(Catapult))
      * @param {boolean} isHexString - Is payload string a hexadecimal string (default = false)
      * @return {string} - The encoded message
      */
     public static encode = (senderPriv: string,
                             recipientPub: string,
                             msg: string,
-                            signSchema: SignSchema,
                             isHexString: boolean = false): string => {
         // Errors
         if (!senderPriv || !recipientPub || !msg) { throw new Error('Missing argument !'); }
         // Processing
         const iv = Crypto.randomBytes(16);
-        const encoded = Crypto._encode(senderPriv, recipientPub, isHexString ? msg : convert.utf8ToHex(msg), iv, signSchema);
+        const encoded = Crypto._encode(senderPriv, recipientPub, isHexString ? msg : convert.utf8ToHex(msg), iv);
         // Result
         return encoded;
     }
@@ -275,20 +270,18 @@ export class Crypto {
      * @param {string} senderPublic - A sender public key
      * @param {Uint8Array} payload - An encrypted message payload in bytes
      * @param {Uint8Array} iv - 16-byte AES initialization vector
-     * @param {SignSchema} signSchema The Sign Schema. (KECCAK(NIS1) / SHA3(Catapult))
      * @return {string} - The decoded payload as hex
      */
     public static _decode = (recipientPrivate: string,
                              senderPublic: string,
                              payload: Uint8Array,
-                             iv: Uint8Array,
-                             signSchema: SignSchema): string => {
+                             iv: Uint8Array): string => {
         // Error
         if (!recipientPrivate || !senderPublic || !payload) { throw new Error('Missing argument !'); }
         // Processing
-        const keyPair = KeyPair.createKeyPairFromPrivateKeyString(recipientPrivate, signSchema);
+        const keyPair = KeyPair.createKeyPairFromPrivateKeyString(recipientPrivate);
         const pk = convert.hexToUint8(senderPublic);
-        const encKey = utility.ua2words(KeyPair.deriveSharedKey(keyPair, pk, signSchema), 32);
+        const encKey = utility.ua2words(utility.catapult_crypto.deriveSharedKey(keyPair.privateKey, pk), 32);
         const encIv = {
             iv: utility.ua2words(iv, 16),
         };
@@ -306,20 +299,18 @@ export class Crypto {
      * @param {string} recipientPrivate - A recipient private key
      * @param {string} senderPublic - A sender public key
      * @param {string} payload - An encrypted message payload
-     * @param {SignSchema} signSchema - The Sign Schema. (KECCAK(NIS1) / SHA3(Catapult))
      * @return {string} - The decoded payload as hex
      */
     public static decode = (recipientPrivate: string,
                             senderPublic: string,
-                            payload: string,
-                            signSchema: SignSchema): string => {
+                            payload: string): string => {
         // Error
         if (!recipientPrivate || !senderPublic || !payload) { throw new Error('Missing argument !'); }
         // Processing
         const binPayload = convert.hexToUint8(payload);
         const payloadBuffer = new Uint8Array(binPayload.buffer, 16);
         const iv = new Uint8Array(binPayload.buffer, 0, 16);
-        const decoded = Crypto._decode(recipientPrivate, senderPublic, payloadBuffer, iv, signSchema);
+        const decoded = Crypto._decode(recipientPrivate, senderPublic, payloadBuffer, iv);
         return decoded.toUpperCase();
     }
 

src/core/crypto/Crypto.ts

@@ -13,65 +13,49 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
+import * as nacl from 'tweetnacl';
 import { Convert as convert } from '../format';
-import { SignSchema } from './SignSchema';
 import * as Utility from './Utilities';
 
 export class KeyPair {
     /**
      * Creates a key pair from a private key string.
      * @param {string} privateKeyString A hex encoded private key string.
-     * @param {SignSchema} signSchema The Sign Schema. (KECCAK(NIS1) / SHA3(Catapult))
      * @returns {module:crypto/keyPair~KeyPair} The key pair.
      */
-    public static createKeyPairFromPrivateKeyString = (privateKeyString: string, signSchema: SignSchema) => {
+    public static createKeyPairFromPrivateKeyString(privateKeyString: string) {
         const privateKey = convert.hexToUint8(privateKeyString);
         if (Utility.Key_Size !== privateKey.length) {
             throw Error(`private key has unexpected size: ${privateKey.length}`);
         }
-        const publicKey = Utility.catapult_crypto.extractPublicKey(privateKey, Utility.catapult_hash.func, signSchema);
+        const keyPair = nacl.sign.keyPair.fromSeed(privateKey);
         return {
             privateKey,
-            publicKey,
+            publicKey: keyPair.publicKey,
         };
     }
 
     /**
      * Signs a data buffer with a key pair.
      * @param {module:crypto/keyPair~KeyPair} keyPair The key pair to use for signing.
      * @param {Uint8Array} data The data to sign.
-     * @param {SignSchema} signSchema The Sign Schema. (KECCAK(NIS1) / SHA3(Catapult))
      * @returns {Uint8Array} The signature.
      */
-    public static sign = (keyPair, data: Uint8Array, signSchema: SignSchema): Uint8Array => {
-        return Utility.catapult_crypto.sign(data, keyPair.publicKey, keyPair.privateKey,
-                Utility.catapult_hash.createHasher(64, signSchema));
+    public static sign(keyPair, data: Uint8Array): Uint8Array {
+        const secretKey = new Uint8Array(64);
+        secretKey.set(keyPair.privateKey);
+        secretKey.set(keyPair.publicKey, 32);
+        return nacl.sign.detached(data, secretKey);
     }
 
     /**
      * Verifies a signature.
      * @param {Uint8Array} publicKey The public key to use for verification.
      * @param {Uint8Array} data The data to verify.
      * @param {Uint8Array} signature The signature to verify.
-     * @param {SignSchema} signSchema The Sign Schema. (KECCAK(NIS1) / SHA3(Catapult))
      * @returns {boolean} true if the signature is verifiable, false otherwise.
      */
-    public static verify = (publicKey: Uint8Array, data: Uint8Array, signature: Uint8Array, signSchema: SignSchema): boolean => {
-        return Utility.catapult_crypto.verify(publicKey, data, signature, Utility.catapult_hash.createHasher(64, signSchema));
-    }
-
-    /**
-     * Creates a shared key given a key pair and an arbitrary public key.
-     * The shared key can be used for encrypted message passing between the two.
-     * @param {module:crypto/keyPair~KeyPair} keyPair The key pair for which to create the shared key.
-     * @param {Uint8Array} publicKey The public key for which to create the shared key.
-     * @param {SignSchema} signSchema The Sign Schema. (KECCAK(NIS1) / SHA3(Catapult))
-     * @returns {Uint8Array} The shared key.
-     */
-    public static deriveSharedKey = (keyPair, publicKey: Uint8Array, signSchema: SignSchema) => {
-        if (Utility.Key_Size !== publicKey.length) {
-            throw Error(`public key has unexpected size: ${publicKey.length}`);
-        }
-        return Utility.catapult_crypto.deriveSharedKey(keyPair.privateKey, publicKey, Utility.catapult_hash.func, signSchema);
+    public static verify(publicKey: Uint8Array, data: Uint8Array, signature: Uint8Array): boolean {
+        return nacl.sign.detached.verify(data, signature, publicKey);
     }
 }

src/core/crypto/KeyPair.ts

@@ -14,7 +14,6 @@
  * limitations under the License.
  */
 import { SHA3Hasher } from './SHA3Hasher';
-import { SignSchema } from './SignSchema';
 
 export class MerkleHashBuilder {
 
@@ -27,21 +26,14 @@ export class MerkleHashBuilder {
 
     /**
      * Constructor
-     * @param signSchema Sign schema
      * @param length Hash size
      */
     constructor(/**
                  * Length of produced merkle hash in bytes.
                  *
                  * @var {number}
                  */
-                public readonly length: number,
-                /**
-                 * Signature schema used (hash algorithm diff)
-                 *
-                 * @var {SignSchema}
-                 */
-                public readonly signSchema: SignSchema) {
+                public readonly length: number) {
     }
 
     /**
@@ -52,7 +44,7 @@ export class MerkleHashBuilder {
      * @return {Uint8Array}
      */
     protected hash(hashes: Uint8Array[]): Uint8Array {
-        const hasher = SHA3Hasher.createHasher(this.length, this.signSchema);
+        const hasher = SHA3Hasher.createHasher(this.length);
         hasher.reset();
 
         hashes.forEach((hashVal: Uint8Array) => {

src/core/crypto/MerkleHashBuilder.ts

@@ -14,36 +14,32 @@
  * limitations under the License.
  */
 
-import { keccak256, keccak512, sha3_256, sha3_512 } from 'js-sha3';
-import { NetworkType } from '../../model/blockchain/NetworkType';
+import { sha3_256, sha3_512 } from 'js-sha3';
 import { Convert as convert, RawArray as array } from '../format';
-import { SignSchema } from './SignSchema';
 
 export class SHA3Hasher {
     /**
      * Calculates the hash of data.
      * @param {Uint8Array} dest The computed hash destination.
      * @param {Uint8Array} data The data to hash.
      * @param {numeric} length The hash length in bytes.
-     * @param {SignSchema} signSchema The Sign Schema. (KECCAK(NIS1) / SHA3(Catapult))
      */
-    public static func = (dest, data, length, signSchema: SignSchema) => {
-        const hasher = SHA3Hasher.getHasher(length, signSchema);
+    public static func = (dest, data, length) => {
+        const hasher = SHA3Hasher.getHasher(length);
         const hash = hasher.arrayBuffer(data);
         array.copy(dest, array.uint8View(hash));
     }
 
     /**
      * Creates a hasher object.
      * @param {numeric} length The hash length in bytes.
-     * @param {SignSchema} signSchema The Sign Schema. (KECCAK(NIS1) / SHA3(Catapult))
      * @returns {object} The hasher.
      */
-    public static createHasher = (length = 64, signSchema: SignSchema) => {
+    public static createHasher = (length = 64) => {
         let hash;
         return {
             reset: () => {
-                hash = SHA3Hasher.getHasher(length, signSchema).create();
+                hash = SHA3Hasher.getHasher(length).create();
             },
             update: (data: any) => {
                 if (data instanceof Uint8Array) {
@@ -63,27 +59,12 @@ export class SHA3Hasher {
     /**
      * Get a hasher instance.
      * @param {numeric} length The hash length in bytes.
-     * @param {SignSchema} signSchema The Sign Schema. (KECCAK(NIS1) / SHA3(Catapult))
      * @returns {object} The hasher.
      */
-    public static getHasher = (length = 64, signSchema: SignSchema) => {
+    public static getHasher = (length = 64) => {
         return {
-            32: signSchema === SignSchema.SHA3 ? sha3_256 : keccak256,
-            64: signSchema === SignSchema.SHA3 ? sha3_512 : keccak512 ,
+            32: sha3_256,
+            64: sha3_512,
         } [length];
     }
-
-    /**
-     * Resolve signature schema from given network type
-     *
-     * @param {NetworkType} networkType - Network type
-     *
-     * @return {SignSchema}
-     */
-    public static resolveSignSchema(networkType: NetworkType): SignSchema {
-        if (networkType === NetworkType.MAIN_NET || networkType === NetworkType.TEST_NET) {
-            return SignSchema.KECCAK;
-        }
-        return SignSchema.SHA3;
-    }
 }