move some more crypto to taler-util package

5 files changed, 81 insertions, 9 deletions

diff --git a/packages/taler-util/src/index.ts b/packages/taler-util/src/index.ts
index ccb917f6e..4ad752954 100644
--- a/packages/taler-util/src/index.ts
+++ b/packages/taler-util/src/index.ts
@@ -22,4 +22,9 @@ export * from "./url.js";
 export { fnutil } from "./fnutils.js";
 export * from "./kdf.js";
 export * from "./talerCrypto.js";
-export { randomBytes, secretbox, secretbox_open } from "./nacl-fast.js";
+export {
+  randomBytes,
+  secretbox,
+  secretbox_open,
+  crypto_sign_keyPair_fromSeed,
+} from "./nacl-fast.js";
diff --git a/packages/taler-util/src/kdf.ts b/packages/taler-util/src/kdf.ts
index af4d05035..7710de90c 100644
--- a/packages/taler-util/src/kdf.ts
+++ b/packages/taler-util/src/kdf.ts
@@ -59,15 +59,30 @@ export function hmacSha256(key: Uint8Array, message: Uint8Array): Uint8Array {
   return hmac(sha256, 64, key, message);
 }
 
+/**
+ * HMAC-SHA512-SHA256 (see RFC 5869).
+ */
+export function kdfKw(args: {
+  outputLength: number;
+  ikm: Uint8Array;
+  salt?: Uint8Array;
+  info?: Uint8Array;
+}) {
+  return kdf(args.outputLength, args.ikm, args.salt, args.info);
+}
+
 export function kdf(
   outputLength: number,
   ikm: Uint8Array,
-  salt: Uint8Array,
-  info: Uint8Array,
+  salt?: Uint8Array,
+  info?: Uint8Array,
 ): Uint8Array {
+  salt = salt ?? new Uint8Array(64);
   // extract
   const prk = hmacSha512(salt, ikm);
 
+  info = info ?? new Uint8Array(0);
+
   // expand
   const N = Math.ceil(outputLength / 32);
   const output = new Uint8Array(N * 32);
diff --git a/packages/taler-util/src/nacl-fast.ts b/packages/taler-util/src/nacl-fast.ts
index 909c6a60a..6e721f32c 100644
--- a/packages/taler-util/src/nacl-fast.ts
+++ b/packages/taler-util/src/nacl-fast.ts
@@ -2894,7 +2894,6 @@ export function x25519_edwards_keyPair_fromSecretKey(
     throw new Error("bad secret key size");
   }
   d.set(secretKey, 0);
-  //crypto_hash(d, secretKey, 32);
 
   d[0] &= 248;
   d[31] &= 127;
@@ -2906,7 +2905,7 @@ export function x25519_edwards_keyPair_fromSecretKey(
   return pk;
 }
 
-export function sign_keyPair_fromSecretKey(
+export function crypto_sign_keyPair_fromSecretKey(
   secretKey: Uint8Array,
 ): {
   publicKey: Uint8Array;
@@ -2920,7 +2919,7 @@ export function sign_keyPair_fromSecretKey(
   return { publicKey: pk, secretKey: new Uint8Array(secretKey) };
 }
 
-export function sign_keyPair_fromSeed(
+export function crypto_sign_keyPair_fromSeed(
   seed: Uint8Array,
 ): {
   publicKey: Uint8Array;
diff --git a/packages/taler-util/src/talerCrypto.test.ts b/packages/taler-util/src/talerCrypto.test.ts
index ffd1d25cd..1e3ceef61 100644
--- a/packages/taler-util/src/talerCrypto.test.ts
+++ b/packages/taler-util/src/talerCrypto.test.ts
@@ -69,7 +69,7 @@ test("taler-exchange-tvg eddsa key", (t) => {
   const priv = "9TM70AKDTS57AWY9JK2J4TMBTMW6K62WHHGZWYDG0VM5ABPZKD40";
   const pub = "8GSJZ649T2PXMKZC01Y4ANNBE7MF14QVK9SQEC4E46ZHKCVG8AS0";
 
-  const pair = nacl.sign_keyPair_fromSeed(decodeCrock(priv));
+  const pair = nacl.crypto_sign_keyPair_fromSeed(decodeCrock(priv));
   t.deepEqual(encodeCrock(pair.publicKey), pub);
 });
 
diff --git a/packages/taler-util/src/talerCrypto.ts b/packages/taler-util/src/talerCrypto.ts
index efa92a953..536c4dc48 100644
--- a/packages/taler-util/src/talerCrypto.ts
+++ b/packages/taler-util/src/talerCrypto.ts
@@ -126,7 +126,7 @@ export function decodeCrock(encoded: string): Uint8Array {
 }
 
 export function eddsaGetPublic(eddsaPriv: Uint8Array): Uint8Array {
-  const pair = nacl.sign_keyPair_fromSeed(eddsaPriv);
+  const pair = nacl.crypto_sign_keyPair_fromSeed(eddsaPriv);
   return pair.publicKey;
 }
 
@@ -353,7 +353,7 @@ export function hash(d: Uint8Array): Uint8Array {
 }
 
 export function eddsaSign(msg: Uint8Array, eddsaPriv: Uint8Array): Uint8Array {
-  const pair = nacl.sign_keyPair_fromSeed(eddsaPriv);
+  const pair = nacl.crypto_sign_keyPair_fromSeed(eddsaPriv);
   return nacl.sign_detached(msg, pair.secretKey);
 }
 
@@ -447,3 +447,56 @@ export function setupRefreshTransferPub(
     ecdhePub: ecdheGetPublic(out),
   };
 }
+
+export enum TalerSignaturePurpose {
+  MERCHANT_TRACK_TRANSACTION = 1103,
+  WALLET_RESERVE_WITHDRAW = 1200,
+  WALLET_COIN_DEPOSIT = 1201,
+  MASTER_DENOMINATION_KEY_VALIDITY = 1025,
+  MASTER_WIRE_FEES = 1028,
+  MASTER_WIRE_DETAILS = 1030,
+  WALLET_COIN_MELT = 1202,
+  TEST = 4242,
+  MERCHANT_PAYMENT_OK = 1104,
+  MERCHANT_CONTRACT = 1101,
+  WALLET_COIN_RECOUP = 1203,
+  WALLET_COIN_LINK = 1204,
+  EXCHANGE_CONFIRM_RECOUP = 1039,
+  EXCHANGE_CONFIRM_RECOUP_REFRESH = 1041,
+  ANASTASIS_POLICY_UPLOAD = 1400,
+  ANASTASIS_POLICY_DOWNLOAD = 1401,
+  SYNC_BACKUP_UPLOAD = 1450,
+}
+
+export class SignaturePurposeBuilder {
+  private chunks: Uint8Array[] = [];
+
+  constructor(private purposeNum: number) {}
+
+  put(bytes: Uint8Array): SignaturePurposeBuilder {
+    this.chunks.push(Uint8Array.from(bytes));
+    return this;
+  }
+
+  build(): Uint8Array {
+    let payloadLen = 0;
+    for (const c of this.chunks) {
+      payloadLen += c.byteLength;
+    }
+    const buf = new ArrayBuffer(4 + 4 + payloadLen);
+    const u8buf = new Uint8Array(buf);
+    let p = 8;
+    for (const c of this.chunks) {
+      u8buf.set(c, p);
+      p += c.byteLength;
+    }
+    const dvbuf = new DataView(buf);
+    dvbuf.setUint32(0, payloadLen + 4 + 4);
+    dvbuf.setUint32(4, this.purposeNum);
+    return u8buf;
+  }
+}
+
+export function buildSigPS(purposeNum: number): SignaturePurposeBuilder {
+  return new SignaturePurposeBuilder(purposeNum);
+}