logos-messaging/docs.waku.org
1
0
Fork 0
mirror of https://github.com/logos-messaging/docs.waku.org.git synced 2026-01-07 15:23:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

add Alice/Bob references for signing

Browse Source
This commit is contained in:
LordGhostX 2023-12-08 13:42:01 +01:00
parent 1b50902196
commit 0f4769fe37
No known key found for this signature in database
GPG Key ID: 520CC5DC4F94FCC7
1 changed files with 21 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
docs/guides/js-waku/message-encryption.md
View File

@ -135,32 +135,34 @@ Users can share their public key through broadcasting or [out-of-band methods](/
Message signing helps in proving the authenticity of received messages. By attaching a signature to a message, you can verify its origin and integrity with absolute certainty. Message signing helps in proving the authenticity of received messages. By attaching a signature to a message, you can verify its origin and integrity with absolute certainty.
:::info :::info
Signing messages is only possible when encrypted, but if your app does not require encryption, you can generate a symmetric key through hardcoded or deterministic methods using information available to all users. Signing messages is only possible when encrypted, but if your application does not require encryption, you can generate a symmetric key through hardcoded or deterministic methods using information available to all users.
::: :::
The `sigPrivKey` option allows the `Symmetric` and `ECIES` message `encoders` to sign the message before encryption using an `ECDSA` private key: The `sigPrivKey` option allows the `Symmetric` and `ECIES` message `encoders` to sign the message before encryption using an `ECDSA` private key:
```js ```js title="Alice (Sender) Client"
import { generatePrivateKey } from "@waku/message-encryption"; import { generatePrivateKey, getPublicKey } from "@waku/message-encryption";
import { createEncoder as createSymmetricEncoder } from "@waku/message-encryption/symmetric"; import { createEncoder as createSymmetricEncoder } from "@waku/message-encryption/symmetric";
import { createEncoder as createECIESEncoder } from "@waku/message-encryption/ecies"; import { createEncoder as createECIESEncoder } from "@waku/message-encryption/ecies";
// Generate a random ECDSA private key for signing messages // Generate a random ECDSA private key for signing messages
// ECIES encryption and message signing both use ECDSA keys // ECIES encryption and message signing both use ECDSA keys
const sigPrivKey = generatePrivateKey(); // For this example, we'll call the sender of the message Alice
const aliceSigPrivKey = generatePrivateKey();
const aliceSigPubKey = getPublicKey(aliceSigPrivKey);
// Create a symmetric encoder that signs messages // Create a symmetric encoder that signs messages
const symmetricEncoder = createSymmetricEncoder({ const symmetricEncoder = createSymmetricEncoder({
contentTopic: contentTopic, // message content topic contentTopic: contentTopic, // message content topic
symKey: symKey, // symmetric key for encrypting messages symKey: symKey, // symmetric key for encrypting messages
sigPrivKey: sigPrivKey, // private key for signing messages before encryption sigPrivKey: aliceSigPrivKey, // private key for signing messages before encryption
}); });
// Create an ECIES encoder that signs messages // Create an ECIES encoder that signs messages
const ECIESEncoder = createECIESEncoder({ const ECIESEncoder = createECIESEncoder({
contentTopic: contentTopic, // message content topic contentTopic: contentTopic, // message content topic
publicKey: publicKey, // ECIES public key for encrypting messages publicKey: publicKey, // ECIES public key for encrypting messages
sigPrivKey: sigPrivKey, // private key for signing messages before encryption sigPrivKey: aliceSigPrivKey, // private key for signing messages before encryption
}); });
// Send and receive your messages as usual with Light Push and Filter // Send and receive your messages as usual with Light Push and Filter
@ -173,20 +175,20 @@ await node.lightPush.send(ECIESEncoder, { payload });
You can extract the `signature` and its public key (`signaturePublicKey`) from the [DecodedMessage](https://js.waku.org/classes/_waku_message_encryption.DecodedMessage.html) and compare it with the expected public key to verify the message origin: You can extract the `signature` and its public key (`signaturePublicKey`) from the [DecodedMessage](https://js.waku.org/classes/_waku_message_encryption.DecodedMessage.html) and compare it with the expected public key to verify the message origin:
```js ```js title="Bob (Receiver) Client"
import { generatePrivateKey } from "@waku/message-encryption";
import { createEncoder } from "@waku/message-encryption/symmetric";
import { equals } from "uint8arrays/equals"; import { equals } from "uint8arrays/equals";
// Generate a random private key for signing messages // Generate a random private key for signing messages
const sigPrivKey = generatePrivateKey(); // For this example, we'll call the receiver of the message Bob
const bobSigPrivKey = generatePrivateKey();
// Generate a public key from the private key for verifying signatures
const sigPubKey = getPublicKey(sigPrivKey);
// Create an encoder that signs messages // Create an encoder that signs messages
const encoder = createEncoder({ const encoder = createEncoder({
contentTopic: contentTopic, contentTopic: contentTopic,
symKey: symKey, symKey: symKey,
sigPrivKey: sigPrivKey, sigPrivKey: bobSigPrivKey,
}); });
// Modify the callback function to verify message signature // Modify the callback function to verify message signature
@ -195,13 +197,16 @@ const callback = (wakuMessage) => {
const signature = wakuMessage.signature; const signature = wakuMessage.signature;
const signaturePublicKey = wakuMessage.signaturePublicKey; const signaturePublicKey = wakuMessage.signaturePublicKey;
// Compare the public key of the message signature with the sender's own // Compare the public key of the message signature with Alice's own
if (equals(signaturePublicKey, sigPubKey)) { // Alice's public key can be gotten from broadcasting or out-of-band methods
console.log("This message was correctly signed"); if (equals(signaturePublicKey, aliceSigPubKey)) {
console.log("This message was signed by Alice");
} else { } else {
console.log("This message has an incorrect signature"); console.log("This message was NOT signed by Alice");
} }
}; };
await subscription.subscribe([encoder], callback);
``` ```
## Restoring encryption keys ## Restoring encryption keys