SASL ECDSA-NIST256P-CHALLENGE support was added in Tor Messenger starting with version 0.3.0b1. To generate a key pair, follow the following steps:
Paste the following code snippet in the Firefox (or Tor Browser) web console to generate a private key (logged as a hex string). This step will also generate the IRC command to execute to set the public key on the server (starting with /msg nickserv set)
- Start Firefox (or Tor Browser) and open the web console.
- Paste the following code:
crypto.subtle.generateKey({ name: "ECDSA", namedCurve: "P-256" }, true, ["sign"])
.then((kp) => {
let padStart = (s, l, c) => Array(l - s.length + 1).join(c || " ") + s;
let padEnd = (s, l, c) => s + Array(l - s.length + 1).join(c || " ");
crypto.subtle.exportKey("jwk", kp.privateKey).then((o) => {
// convert from base64url to hex string
let d = o.d;
let padLen = (4 - (d.length % 4)) % 4;
d = padEnd(d, d.length + padLen, "=")
.replace(/\-/g, "+")
.replace(/_/g, "/");
let str = atob(d);
let a = Array.prototype.map.call(str, (x) => x.charCodeAt(0));
let h = a.reduce((prev, next) => prev + padStart(next.toString(16), 2, "0"), "");
console.log(h);
});
crypto.subtle.exportKey("raw", kp.publicKey).then((ab) => {
let v = new Uint8Array(ab);
let u = v.slice(0, 33); // +1 here for the compressed point
u[0] = 2 + (v[v.length - 1] & 1);
let s = String.fromCharCode.apply(null, u);
console.log("/msg nickserv set property pubkey", btoa(s));
});
});You should see output like this:
Promise { <state>: "pending" }
<priv-key>
/msg nickserv set property pubkey <pub-key>Copy the command starting with /msg nickserv and run it on the server.
Then, copy the private key (middle line) to the preference messenger.account.accountN.ecdsa in the config editor in Tor Messenger, replacing N with the account number corresponding to the IRC account with which you want to use it.