Refactor chat encryption to use sodium, update API

Replaces legacy chat encryption modules with new sodium-based implementation. Adds and updates API routes for chat key management and debugging, introduces new hooks and scripts for sodium chat, and updates related database schema and configuration. Removes old crypto modules and updates dependencies accordingly.
This commit is contained in:
Christopher
2026-01-28 06:07:03 -08:00
parent 222f1c6d8a
commit a87977241c
28 changed files with 10701 additions and 2052 deletions
+7
View File
@@ -925,6 +925,7 @@ export const chatMessages = pgTable('chat_messages', {
senderDisplayName: text('sender_display_name'),
senderAvatarUrl: text('sender_avatar_url'),
senderNodeDomain: text('sender_node_domain'), // null if local
senderDid: text('sender_did'), // DID for Signal Protocol
// Message content (encrypted for recipient with their public key)
encryptedContent: text('encrypted_content').notNull(),
@@ -968,11 +969,17 @@ export const chatDeviceBundles = pgTable('chat_device_bundles', {
// The device identifier (UUID generated by client)
deviceId: text('device_id').notNull(),
// Signal Protocol fields
registrationId: integer('registration_id'),
// X25519 Identity Key (Base64)
identityKey: text('identity_key').notNull(),
// Signed PreKey (JSON: { id, key, sig })
signedPreKey: text('signed_pre_key').notNull(),
// Kyber PreKey for post-quantum security (JSON: { id, key, sig })
kyberPreKey: text('kyber_pre_key'),
// One-Time Keys (JSON array of { id, key }) - cached/uploaded batch
// Note: Individual keys are usually stored in a separate table for atomic consumption,