Refactor chat encryption to use sodium, update API
Replaces legacy chat encryption modules with new sodium-based implementation. Adds and updates API routes for chat key management and debugging, introduces new hooks and scripts for sodium chat, and updates related database schema and configuration. Removes old crypto modules and updates dependencies accordingly.
This commit is contained in:
@@ -925,6 +925,7 @@ export const chatMessages = pgTable('chat_messages', {
|
||||
senderDisplayName: text('sender_display_name'),
|
||||
senderAvatarUrl: text('sender_avatar_url'),
|
||||
senderNodeDomain: text('sender_node_domain'), // null if local
|
||||
senderDid: text('sender_did'), // DID for Signal Protocol
|
||||
|
||||
// Message content (encrypted for recipient with their public key)
|
||||
encryptedContent: text('encrypted_content').notNull(),
|
||||
@@ -968,11 +969,17 @@ export const chatDeviceBundles = pgTable('chat_device_bundles', {
|
||||
// The device identifier (UUID generated by client)
|
||||
deviceId: text('device_id').notNull(),
|
||||
|
||||
// Signal Protocol fields
|
||||
registrationId: integer('registration_id'),
|
||||
|
||||
// X25519 Identity Key (Base64)
|
||||
identityKey: text('identity_key').notNull(),
|
||||
|
||||
// Signed PreKey (JSON: { id, key, sig })
|
||||
signedPreKey: text('signed_pre_key').notNull(),
|
||||
|
||||
// Kyber PreKey for post-quantum security (JSON: { id, key, sig })
|
||||
kyberPreKey: text('kyber_pre_key'),
|
||||
|
||||
// One-Time Keys (JSON array of { id, key }) - cached/uploaded batch
|
||||
// Note: Individual keys are usually stored in a separate table for atomic consumption,
|
||||
|
||||
Reference in New Issue
Block a user