Skip to content

Instantly share code, notes, and snippets.

@HamdaanAliQuatil

HamdaanAliQuatil/aa.controller.ts

Created March 11, 2024 08:50
Show Gist options
  • Save HamdaanAliQuatil/8e0942eddfe708aafd4f95b739802c0c to your computer and use it in GitHub Desktop.
Save HamdaanAliQuatil/8e0942eddfe708aafd4f95b739802c0c to your computer and use it in GitHub Desktop.
Download ZIP
hmac-diffie-hellman-merkle
Raw
aa.controller.ts
import { generateKeyPair, generateSharedSecret, generateHMAC, KeyPair } from '../utils/crypto.utils';
import axios from 'axios';
let sharedSecret: Buffer;
export async function sendAAPublicKey(): Promise<Buffer> {
try {
const response = await axios.get('http://localhost:3000/init');
const boostPublicKey: Buffer = Buffer.from(response.data.boostPublicKey, 'hex');
const boostGenerator: Buffer = Buffer.from(response.data.boostGenerator, 'hex');
const boostPrime: Buffer = Buffer.from(response.data.boostPrime, 'hex');
const AA: KeyPair = generateKeyPair(boostPrime, boostGenerator);
sharedSecret = generateSharedSecret(AA, boostPublicKey);
return AA.publicKey;
} catch (error) {
console.error('Error sending AA public key:', (error as Error).message);
throw error;
}
}
export async function verifyData(data: any, hmac: string): Promise<string> {
try {
const calculatedHMAC = generateHMAC(JSON.stringify(data), sharedSecret);
return calculatedHMAC === hmac ? "Integrity and authenticity verified" : "Integrity or authenticity compromised";
} catch (error) {
console.error('Error verifying data:', (error as Error).message);
throw error;
}
}
Raw
crypto.utils.ts
import { createHmac, createDiffieHellman, DiffieHellman, KeyObject, BinaryLike } from 'crypto';
export interface KeyPair {
publicKey: Buffer;
privateKey: Buffer;
generator: Buffer;
prime: Buffer;
diffieHellman: DiffieHellman;
}
export function generateKeyPair(prime?: any, generator?: any): KeyPair {
const diffieHellman = prime && generator ? createDiffieHellman(prime, 'hex', generator, 'hex') : createDiffieHellman(2048);
diffieHellman.generateKeys();
return {
publicKey: diffieHellman.getPublicKey(),
privateKey: diffieHellman.getPrivateKey(),
generator: diffieHellman.getGenerator(),
prime: diffieHellman.getPrime(),
diffieHellman,
};
}
export function getPrivateKey(keyPair: KeyPair): Buffer {
return keyPair.privateKey;
}
export function getPublicKey(keyPair: KeyPair): Buffer {
return keyPair.publicKey;
}
export function generateSharedSecret(keyPair: KeyPair, publicKey: Buffer): Buffer {
return keyPair.diffieHellman.computeSecret(publicKey);
}
export function generateHMAC(data: any, secretKey: KeyObject | BinaryLike): any {
const hmac = createHmac('sha256', secretKey);
hmac.update(data);
return hmac.digest('hex');
}
Raw
index.ts
import express, { Request, Response } from 'express';
import { hmacDigest, shareKeys } from '@boost/v1/controllers/verification.controller';
import { sendAAPublicKey, verifyData } from '@boost/v1/controllers/aa.controller';
import { KeyPair, generateSharedSecret } from '@boost/v1/utils/crypto.utils';
import { DiffieHellman } from 'crypto';
import axios from 'axios';
const appBoost = express();
const appAA = express();
const PORT_BOOST = 3000;
const PORT_AA = 3001;
let boostPublicKey: Buffer, boostPrivateKey: Buffer;
let boostGenerator: Buffer, boostPrime: Buffer;
let AAPublicKey: Buffer;
let sharedSecret: Buffer;
let boostKeyPair: KeyPair, boostDiffieHellman: DiffieHellman;
appBoost.get('/init', async (req: Request, res: Response) => {
({ boostPublicKey, boostPrivateKey, boostGenerator, boostPrime, boostDiffieHellman } = shareKeys());
res.send({ boostPublicKey, boostGenerator, boostPrime });
});
appAA.get('/fetchAAPublicKey', async (req: Request, res: Response) => {
AAPublicKey = await sendAAPublicKey();
res.send({ AAPublicKey: AAPublicKey.toString('hex') });
boostKeyPair = {
publicKey: boostPublicKey,
privateKey: boostPrivateKey,
generator: boostGenerator,
prime: boostPrime,
diffieHellman: boostDiffieHellman,
}
sharedSecret = generateSharedSecret(boostKeyPair, AAPublicKey);
});
// Simulated Data
const data = {
name: 'Boost User 1',
phone: '1234567890',
};
appBoost.get('/fetchData', async (req: Request, res: Response) => {
const hmac = hmacDigest(data, sharedSecret);
res.send({ data, hmac });
});
appAA.get('/verifyData', async (req: Request, res: Response) => {
const response = await axios.get('http://localhost:3000/fetchData');
const { data, hmac } = response.data;
const verified = await verifyData(data, hmac);
res.send({ verified });
});
// Start Boost and AA servers
appBoost.listen(PORT_BOOST, () => {
console.log(`Boost server is running on http://localhost:${PORT_BOOST}`);
});
appAA.listen(PORT_AA, () => {
console.log(`AA server is running on http://localhost:${PORT_AA}`);
});
Raw
verification.controller.ts
import { generateKeyPair, generateSharedSecret, generateHMAC, KeyPair } from '@boost/v1/utils/crypto.utils';
import { KeyObject, BinaryLike } from 'crypto';
const boostKeyPair: KeyPair = generateKeyPair();
export function shareKeys() {
const boostPublicKey: Buffer = boostKeyPair.publicKey;
const boostPrivateKey: Buffer = boostKeyPair.privateKey;
const boostGenerator: Buffer = boostKeyPair.generator;
const boostPrime: Buffer = boostKeyPair.prime;
const boostDiffieHellman = boostKeyPair.diffieHellman;
return {
boostPublicKey,
boostPrivateKey,
boostGenerator,
boostPrime,
boostDiffieHellman,
};
}
export function hmacDigest(data: any, secretKey: KeyObject | BinaryLike): any {
return generateHMAC(JSON.stringify(data), secretKey);
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment