Crypto  Satelliteim/CorePWA Wiki
The Crypto class is a utility that allows performing cryptographic operations throughout the app.
In particular, the class can be used for AES symmetric encryption and for a more complex operations like data encryption/decryption between two EC25519 keypairs using ECDH.
Once the class has been instantiated you can:

encrypt data with a password;

decrypt data with a given password;

hash data using SHA256 algorithm;

initialize the encryption engine that performs cryptographic operations between 2 EC25519 keypairs.
Encryption engine
The encryption engine must be initialized using an EC25519 KeyPair. The given private key is then converted into an ED25519 key that is suitable for computing shared secrets using ECDH. The conversion is possible because there is a 1to1 correspondence between keys on both elliptic curves.
Once you have initialized the encryption engine, you can:

compute the ECDH shared secret between the current signing key and the given recipient public key;

encrypt data with the ECDH shared secret for a specific address;

decrypt data with the ECDH shared secret for a specific address.
How to encrypt data with a password
To encrypt data with a password, access the Crypto instance and call the encryptWithPassword
function with the plaintext and the password you chose:
const encryptedText = await $Crypto.encryptWithPassword(plaintext, password)
This will return the corresponding encryptedText string.
How to decrypt data with a given password
To decrypt data with a given password, access the Crypto instance and call the decryptWithPassword
function with the encryptedText and the password you chose for encryption:
const plainText = await $Crypto.decryptWithPassword(encryptedText, password)
This will return the corresponding plainText string.
How to hash data using SHA256 algorithm
To hash some information, access the Crypto instance and call the hash
function with data you want to hash:
const hash = await $Crypto.hash(data)
This will return the corresponding hex encoding of the computed hash.
How to initialize the encryption engine
To initialize the crypto engine, access the Crypto instance and call the init
function with the keyPair you'd like to use:
await $Crypto.init(keyPair)
This will set the ED25519 signinKey in the Crypto instance.
How to compute the ECDH shared secret between the current signing key and the given recipient public key
To compute the ECDH shared secret between the current signing key and the given recipient public key, call the computeSharedSecret
function with the recipient public key:
const sharedSecret = this.computeSharedSecret(recipientPublicKey)
This will return the corresponding shared secret.
How to initialize the encryption engine to decrypt messages from a specific recipient
It is possible to precompute the ECDH shared secret between the current signing key and the given recipient public key and to store it in memory for further use. To do this you have to call the initializeRecipient
function with the recipient public key. This initialization is needed if you want to use the encryptFor
and decryptFor
functions.
const encryptedtext = await $Crypto.initializeRecipient(recipientAddress)
How to encrypt data with the ECDH shared secret for a specific address
To encrypt data for a specific address, access the Crypto instance and call the encryptFor
function with the recipientAddress and the text you'd like to encrypt:
const encryptedtext = await $Crypto.encryptFor(recipientAddress, text)
This will return the corresponding encryptedText string.
The recipient must be previously initialized using the initializeRecipient
function described above.
How to decrypt data with the ECDH shared secret for a specific address
To decrypt data for a specific address, access the Crypto instance and call the decryptFrom
function with the recipientAddress and the encryptedtext you'd like to decrypt:
const plainText = await $Crypto.decryptFrom(recipientAddress, encryptedtext)
This will return the corresponding plainText string.
The recipient must be previously initialized using the initializeRecipient
function described above.