Only include tweetnacl functions we need

2019-05-01 14:27:18 +02:00 · 2019-05-01 14:27:18 +02:00 · ffa8344809
commit ffa8344809
parent caa712c337
5 changed files with 11 additions and 13 deletions
--- a/npm-shrinkwrap.json
+++ b/npm-shrinkwrap.json
@ -7235,9 +7235,8 @@
      }
    },
    "tweetnacl": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-1.0.1.tgz",
-      "integrity": "sha512-kcoMoKTPYnoeS50tzoqjPY3Uv9axeuuFAZY9M/9zFnhoVvRfxz9K29IMPD7jGmt2c8SW7i3gT9WqDl2+nV7p4A==",
+      "version": "github:openpgpjs/tweetnacl-js#1ef755f2b252a3e328ac739848d00e0dad76be2d",
+      "from": "github:openpgpjs/tweetnacl-js#1ef755f2b252a3e328ac739848d00e0dad76be2d",
      "dev": true
    },
    "type-check": {
--- a/package.json
+++ b/package.json
@ -80,7 +80,7 @@
    "hash.js": "^1.1.3",
    "pako": "^1.0.6",
    "seek-bzip": "github:openpgpjs/seek-bzip#3aca608ffedc055a1da1d898ecb244804ef32209",
-    "tweetnacl": "^1.0.1",
+    "tweetnacl": "github:openpgpjs/tweetnacl-js#1ef755f2b252a3e328ac739848d00e0dad76be2d",
    "web-stream-tools": "github:openpgpjs/web-stream-tools#84a497715c9df271a673f8616318264ab42ab3cc"
  },
  "dependencies": {
--- a/src/crypto/public_key/elliptic/ecdh.js
+++ b/src/crypto/public_key/elliptic/ecdh.js
@ -30,7 +30,7 @@
 */

 import BN from 'bn.js';
-import nacl from 'tweetnacl';
+import nacl from 'tweetnacl/nacl-fast-light.js';
 import Curve from './curves';
 import aes_kw from '../../aes_kw';
 import cipher from '../../cipher';
@ -133,7 +133,7 @@ async function encrypt(oid, cipher_algo, hash_algo, m, Q, fingerprint) {
 */
 async function genPrivateEphemeralKey(curve, V, d) {
  if (curve.name === 'curve25519') {
-    const one = curve.curve.curve.one;
+    const one = new BN(1);
    const mask = one.ushln(255 - 3).sub(one).ushln(3);
    let secretKey = new BN(d);
    secretKey = secretKey.or(one.ushln(255 - 1));
--- a/src/crypto/public_key/elliptic/eddsa.js
+++ b/src/crypto/public_key/elliptic/eddsa.js
@ -17,16 +17,19 @@

 /**
 * @fileoverview Implementation of EdDSA following RFC4880bis-03 for OpenPGP
+ * @requires hash.js
 * @requires tweetnacl
 * @requires crypto/public_key/elliptic/curve
 * @requires util
 * @module crypto/public_key/elliptic/eddsa
 */

-import nacl from 'tweetnacl';
-import Curve from './curves';
+import sha512 from 'hash.js/lib/hash/sha/512';
+import nacl from 'tweetnacl/nacl-fast-light.js';
 import util from '../../../util';

+nacl.hash = bytes => new Uint8Array(sha512().update(bytes).digest());
+
 /**
 * Sign a message using the provided key
 * @param  {module:type/oid}   oid       Elliptic curve object identifier
@ -63,10 +66,6 @@ async function sign(oid, hash_algo, m, d, hashed) {
 async function verify(oid, hash_algo, { R, S }, m, publicKey, hashed) {
  const signature = util.concatUint8Array([R, S]);
  return nacl.sign.detached.verify(hashed, signature, publicKey.subarray(1));
-
-  const curve = new Curve(oid);
-  const key = curve.keyFromPublic(Q);
-  return key.verify(m, signature, hash_algo, hashed);
 }

 export default { sign, verify };
--- a/src/crypto/public_key/index.js
+++ b/src/crypto/public_key/index.js
@ -8,7 +8,7 @@
 * @module crypto/public_key
 */

-import nacl from 'tweetnacl';
+import nacl from 'tweetnacl/nacl-fast-light.js';
 import rsa from './rsa';
 import elgamal from './elgamal';
 import elliptic from './elliptic';