diff --git a/lib/crypto.js b/lib/crypto.js new file mode 100644 index 000000000..9219f7c5f --- /dev/null +++ b/lib/crypto.js @@ -0,0 +1,24 @@ +const Nacl = require('tweetnacl/nacl-fast'); +const CPCrypto = module.exports; +const plugins = require('./plugin-manager'); + +CPCrypto.init = (cb) => { + const crypto = {}; + crypto.open = (signedMsg, validateKey) => { + return Nacl.sign.open(signedMsg, validateKey); + }; + crypto.detachedVerify = (signedBuffer, signatureBuffer, validateKey) => { + return Nacl.sign.detached.verify(signedBuffer, signatureBuffer, pubBuffer); + }; + if (plugins.SODIUM && plugins.SODIUM.crypto) { + let c = plugins.SODIUM.crypto; + if (c.open) { crypto.open = c.open; } + if (c.detachedVerify) { crypto.detachedVerify = c.detachedVerify; } + } + + // Make async because we might need it later with libsodium's promise + // libsodium.ready.then(() => {}); + setTimeout(() => { + cb(void 0, crypto); + }); +}; diff --git a/lib/workers/db-worker.js b/lib/workers/db-worker.js index 45c04b6f2..bc3d3a088 100644 --- a/lib/workers/db-worker.js +++ b/lib/workers/db-worker.js @@ -17,6 +17,7 @@ const Tasks = require("../storage/tasks"); const Nacl = require('tweetnacl/nacl-fast'); const Eviction = require("../eviction"); const Monitoring = require('../monitoring'); +const CPCrypto = require('../crypto'); const Env = { Log: {}, @@ -109,6 +110,10 @@ const init = function (config, _cb) { } Env.tasks = tasks; })); + }).nThen(function (w) { + CPCrypto.init(w(function (err, crypto) { + Env.crypto = crypto; + })); }).nThen(function () { cb(); }); @@ -688,7 +693,8 @@ COMMANDS.INLINE = function (data, cb) { return void cb("E_BADKEY"); } // validate the message - const validated = Nacl.sign.open(signedMsg, validateKey); + //const validated = Nacl.sign.open(signedMsg, validateKey); + const validated = Env.crypto.open(signedMsg, validateKey); if (!validated) { return void cb("FAILED"); } @@ -728,7 +734,8 @@ const checkDetachedSignature = function (signedMsg, signature, publicKey) { throw new Error("INVALID_SIGNATURE_LENGTH"); } - if (Nacl.sign.detached.verify(signedBuffer, signatureBuffer, pubBuffer) !== true) { + //if (Nacl.sign.detached.verify(signedBuffer, signatureBuffer, pubBuffer) !== true) { + if (Env.crypto.detachedVerify(signedBuffer, signatureBuffer, pubBuffer) !== true) { throw new Error("FAILED"); } }; diff --git a/scripts/testcrypto.js b/scripts/testcrypto.js new file mode 100644 index 000000000..893ab6ec8 --- /dev/null +++ b/scripts/testcrypto.js @@ -0,0 +1,61 @@ +let SodiumNative = require('sodium-native'); +let Nacl = require('tweetnacl/nacl-fast'); +let LibSodium = require('libsodium-wrappers'); + + +let msgStr = "This is a test"; +let keys = Nacl.sign.keyPair(); +let pub = keys.publicKey; + +let msg = Nacl.util.decodeUTF8(msgStr); +let signedMsg = Nacl.sign(msg, keys.secretKey); +let sig = signedMsg.subarray(0, 64); + +LibSodium.ready.then(() => { + +/* +console.log('tweetnacl open'); +console.log(!!Nacl.sign.open(signedMsg, pub)); +console.log('tweetnacl detached'); +console.log(Nacl.sign.detached.verify(msg, sig, pub)); +console.log('sodium-native open'); +console.log(SodiumNative.crypto_sign_open(msg, signedMsg, pub)); +console.log('sodium-native detached'); +console.log(SodiumNative.crypto_sign_verify_detached(sig, msg, pub)); +LibSodium.ready.then(() => { +console.log('libsodium open'); +console.log(!!LibSodium.crypto_sign_open(signedMsg, pub)); +console.log('libsodium detached'); +console.log(LibSodium.crypto_sign_verify_detached(sig, msg, pub)); +}); +*/ + + const n = 10000; + let a; + + console.log('start sodium-native'); + a = +new Date(); + for (var i = 0; i < n; i++) { + SodiumNative.crypto_sign_open(msg, signedMsg, pub); + SodiumNative.crypto_sign_verify_detached(sig, msg, pub); + } + console.log('end sodium-native ', (+new Date() - a), ' ms'); + + console.log('start libsodium'); + a = +new Date(); + for (var i = 0; i < n; i++) { + LibSodium.crypto_sign_open(signedMsg, pub); + LibSodium.crypto_sign_verify_detached(sig, msg, pub); + } + console.log('end libsodium ', (+new Date() - a), ' ms'); + + console.log('start tweetnacl'); + a = +new Date(); + for (var i = 0; i < n; i++) { + Nacl.sign.open(signedMsg, pub); + Nacl.sign.detached.verify(msg, sig, pub); + } + + console.log('end tweetnacl ', (+new Date() - a), ' ms'); +}); +