chore: gitignore web/public/config.js; fix netHash to use WebCrypto

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Fredrik Johansson
2026-06-25 13:21:12 +02:00
parent f7047b7bfe
commit cb80040ddb
2 changed files with 62 additions and 27 deletions

1
.gitignore vendored
View File

@@ -14,3 +14,4 @@ launch-tui.sh
*.swp
/tui
launch-web.sh
web/public/config.js

View File

@@ -25,8 +25,24 @@ function concat(...arrs: Uint8Array[]): Uint8Array {
return out
}
function netHash(name: string): string {
return sodium.to_hex(sodium.crypto_hash_sha256(enc('yaw2-net:' + name)))
function toHex(bytes: Uint8Array): string {
return Array.from(bytes).map(b => b.toString(16).padStart(2, '0')).join('')
}
async function netHash(name: string): Promise<string> {
const input = enc('yaw2-net:' + name)
// Use native SHA-256 for protocol-compatible network IDs.
if (globalThis.crypto?.subtle) {
const digest = await globalThis.crypto.subtle.digest('SHA-256', input)
return toHex(new Uint8Array(digest))
}
// Fallback for environments where subtle crypto is unavailable.
const sha256 = (sodium as unknown as { crypto_hash_sha256?: (m: Uint8Array) => Uint8Array }).crypto_hash_sha256
if (sha256) return sodium.to_hex(sha256(input))
throw new Error('SHA-256 not available in this browser runtime')
}
// ── Identity ─────────────────────────────────────────────────────────────────
@@ -97,8 +113,10 @@ class Identity {
)
const nonce = sodium.randombytes_buf(sodium.crypto_secretbox_NONCEBYTES)
const ct = sodium.crypto_secretbox_easy(seed, nonce, key)
return { yaw: 'yaw-key-backup-1', id: this.id, alg: 'argon2id-secretbox',
ops: BK_OPS, mem: BK_MEM, salt: b64(salt), nonce: b64(nonce), ct: b64(ct) }
return {
yaw: 'yaw-key-backup-1', id: this.id, alg: 'argon2id-secretbox',
ops: BK_OPS, mem: BK_MEM, salt: b64(salt), nonce: b64(nonce), ct: b64(ct)
}
}
static importBackup(b: Record<string, unknown>, passphrase: string): Identity {
@@ -118,8 +136,10 @@ class Identity {
}
toPeerInfo(networkId = ''): PeerInfo {
return { id: this.id, alias: this.nick || this.short, public_key: this.id,
created_at: new Date().toISOString(), network_id: networkId } as PeerInfo & { network_id?: string }
return {
id: this.id, alias: this.nick || this.short, public_key: this.id,
created_at: new Date().toISOString(), network_id: networkId
} as PeerInfo & { network_id?: string }
}
}
@@ -266,8 +286,10 @@ class PeerConn {
this._ekeySent = true
const signed = concat(enc(EKEY_PREFIX), sodium.from_hex(this.identity.id),
sodium.from_hex(this.peerId), this._epk)
const msg = { kind: 'ekey', v: 'yaw/2.1', epk: sodium.to_hex(this._epk),
sig: sodium.to_hex(this.identity.sign(signed)) }
const msg = {
kind: 'ekey', v: 'yaw/2.1', epk: sodium.to_hex(this._epk),
sig: sodium.to_hex(this.identity.sign(signed))
}
const [box] = this._seal(msg, false)
this.sig.sendTo(this.peerId, box)
}
@@ -335,8 +357,10 @@ class PeerConn {
private _sendHello() {
const bind = enc(BIND_PREFIX)
const caps: string[] = []
this._dc({ type: 'hello', id: this.identity.id, nick: this.nick, caps,
sig: sodium.to_hex(this.identity.sign(bind)) })
this._dc({
type: 'hello', id: this.identity.id, nick: this.nick, caps,
sig: sodium.to_hex(this.identity.sign(bind))
})
}
private _onControl(data: string) {
@@ -348,11 +372,15 @@ class PeerConn {
if (m['id'] !== this.peerId) reason = 'id mismatch'
else if (!this.peerAuthed) reason = 'unauthenticated signaling'
this.verified = !reason
this.on('connected', { peer: this.peerId, verified: this.verified,
nick: m['nick'] as string || '', caps: m['caps'] || [] })
this.on('connected', {
peer: this.peerId, verified: this.verified,
nick: m['nick'] as string || '', caps: m['caps'] || []
})
} else if (m['type'] === 'chat') {
this.on('chat', { peer: this.peerId, room: m['room'] as string || 'general',
text: m['text'] as string, ts: m['ts'] as number || Date.now() })
this.on('chat', {
peer: this.peerId, room: m['room'] as string || 'general',
text: m['text'] as string, ts: m['ts'] as number || Date.now()
})
} else if (m['type'] === 'pm') {
this.on('pm', { peer: this.peerId, text: m['text'] as string, ts: m['ts'] as number || Date.now() })
}
@@ -464,7 +492,7 @@ export class BrowserAdapter {
async joinNetwork(anchorUrl: string, nameOrHash: string, isHash = false) {
if (!this.identity) return
const hash = isHash ? nameOrHash : netHash(nameOrHash)
const hash = isHash ? nameOrHash : await netHash(nameOrHash)
this.networkId = hash.slice(0, 16)
this.networkName = isHash ? hash.slice(0, 16) : nameOrHash
@@ -547,8 +575,10 @@ export class BrowserAdapter {
const nick = (data['nick'] as string) || (data['peer'] as string).slice(0, 16)
this.emit({
type: 'peer_connected',
peer: { id: data['peer'] as string, alias: nick || (data['peer'] as string).slice(0, 8),
public_key: data['peer'] as string, created_at: new Date().toISOString() },
peer: {
id: data['peer'] as string, alias: nick || (data['peer'] as string).slice(0, 8),
public_key: data['peer'] as string, created_at: new Date().toISOString()
},
})
} else if (event === 'chat') {
const ts = (data['ts'] as number) || Date.now()
@@ -609,8 +639,10 @@ export class BrowserAdapter {
this.emit({
type: 'message_received',
network_id: this.networkId,
message: { mid, from: this.identity.id as unknown as import('../types').PeerID,
to: msg.to, room: `dm:${pid.slice(0, 8)}`, text, ts },
message: {
mid, from: this.identity.id as unknown as import('../types').PeerID,
to: msg.to, room: `dm:${pid.slice(0, 8)}`, text, ts
},
})
} else {
// Broadcast
@@ -618,8 +650,10 @@ export class BrowserAdapter {
this.emit({
type: 'message_received',
network_id: this.networkId,
message: { mid, from: this.identity.id as unknown as import('../types').PeerID,
room, text, ts },
message: {
mid, from: this.identity.id as unknown as import('../types').PeerID,
room, text, ts
},
})
}
return