Fix swarm replies and interaction verification

This commit is contained in:
cyph3rasi
2026-03-07 22:18:16 -08:00
parent 1b0b3d8d52
commit 830c062fa1
7 changed files with 186 additions and 39 deletions
+18 -4
View File
@@ -9,28 +9,42 @@
import crypto from 'crypto';
import { db, users } from '@/db';
import { eq } from 'drizzle-orm';
import { canonicalize } from '@/lib/crypto/user-signing';
/**
* Sign a payload with the node's private key
*/
export function signPayload(payload: any, privateKey: string): string {
const canonicalPayload = JSON.stringify(payload, Object.keys(payload).sort());
const canonicalPayload = canonicalize(payload);
const sign = crypto.createSign('SHA256');
sign.update(canonicalPayload);
sign.end();
return sign.sign(privateKey, 'base64');
}
function normalizePublicKey(publicKey: string): crypto.KeyObject | string {
if (publicKey.includes('BEGIN PUBLIC KEY')) {
return publicKey;
}
const cleanKey = publicKey.replace(/[\s\n\r]/g, '');
return crypto.createPublicKey({
key: Buffer.from(cleanKey, 'base64'),
format: 'der',
type: 'spki',
});
}
/**
* Verify a signature using the sender's public key
*/
export function verifySignature(payload: any, signature: string, publicKey: string): boolean {
try {
const canonicalPayload = JSON.stringify(payload, Object.keys(payload).sort());
const canonicalPayload = canonicalize(payload);
const verify = crypto.createVerify('SHA256');
verify.update(canonicalPayload);
verify.end();
return verify.verify(publicKey, signature, 'base64');
return verify.verify(normalizePublicKey(publicKey), signature, 'base64');
} catch (error) {
console.error('[Signature] Verification failed:', error);
return false;
@@ -112,7 +126,7 @@ export async function verifyUserInteraction(
let publicKey: string | null = null;
if (user?.publicKey && user.publicKey.startsWith('-----BEGIN')) {
if (user?.publicKey) {
publicKey = user.publicKey;
} else {
// Fetch from remote node