aljaz/ditto
1
0
Fork 0
mirror of https://github.com/aljazceru/ditto.git synced 2026-01-16 11:54:28 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add encrypted captcha answer, move AES utils

Browse Source
This commit is contained in:
Alex Gleason
2024-10-03 19:36:44 -05:00
parent f83ad0dbce
commit 8d1b1b8abc
10 changed files with 75 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/utils/aes.bench.ts Normal file
View File

@@ -0,0 +1,18 @@
import { generateSecretKey } from 'nostr-tools';
import { aesDecrypt, aesEncrypt } from '@/utils/aes.ts';
Deno.bench('aesEncrypt', async (b) => {
const sk = generateSecretKey();
const decrypted = generateSecretKey();
b.start();
await aesEncrypt(sk, decrypted);
});
Deno.bench('aesDecrypt', async (b) => {
const sk = generateSecretKey();
const decrypted = generateSecretKey();
const encrypted = await aesEncrypt(sk, decrypted);
b.start();
await aesDecrypt(sk, encrypted);
});

15
src/utils/aes.test.ts Normal file
View File

@@ -0,0 +1,15 @@
import { assertEquals } from '@std/assert';
import { encodeHex } from '@std/encoding/hex';
import { generateSecretKey } from 'nostr-tools';
import { aesDecrypt, aesEncrypt } from '@/utils/aes.ts';
Deno.test('aesDecrypt & aesEncrypt', async () => {
const sk = generateSecretKey();
const data = generateSecretKey();
const encrypted = await aesEncrypt(sk, data);
const decrypted = await aesDecrypt(sk, encrypted);
assertEquals(encodeHex(decrypted), encodeHex(data));
});

17
src/utils/aes.ts Normal file
View File

@@ -0,0 +1,17 @@
/** Encrypt data with AES-GCM and a secret key. */
export async function aesEncrypt(sk: Uint8Array, plaintext: Uint8Array): Promise<Uint8Array> {
const secretKey = await crypto.subtle.importKey('raw', sk, { name: 'AES-GCM' }, false, ['encrypt']);
const iv = crypto.getRandomValues(new Uint8Array(12));
const buffer = await crypto.subtle.encrypt({ name: 'AES-GCM', iv }, secretKey, plaintext);
return new Uint8Array([...iv, ...new Uint8Array(buffer)]);
}
/** Decrypt data with AES-GCM and a secret key. */
export async function aesDecrypt(sk: Uint8Array, ciphertext: Uint8Array): Promise<Uint8Array> {
const secretKey = await crypto.subtle.importKey('raw', sk, { name: 'AES-GCM' }, false, ['decrypt']);
const iv = ciphertext.slice(0, 12);
const buffer = await crypto.subtle.decrypt({ name: 'AES-GCM', iv }, secretKey, ciphertext.slice(12));
return new Uint8Array(buffer);
}

19
src/utils/auth.bench.ts
View File

@@ -1,6 +1,4 @@
import { generateSecretKey } from 'nostr-tools';
import { decryptSecretKey, encryptSecretKey, generateToken, getTokenHash } from '@/utils/auth.ts';
import { generateToken, getTokenHash } from '@/utils/auth.ts';
Deno.bench('generateToken', async () => {
await generateToken();
@@ -11,18 +9,3 @@ Deno.bench('getTokenHash', async (b) => {
b.start();
await getTokenHash(token);
});
Deno.bench('encryptSecretKey', async (b) => {
const sk = generateSecretKey();
const decrypted = generateSecretKey();
b.start();
await encryptSecretKey(sk, decrypted);
});
Deno.bench('decryptSecretKey', async (b) => {
const sk = generateSecretKey();
const decrypted = generateSecretKey();
const encrypted = await encryptSecretKey(sk, decrypted);
b.start();
await decryptSecretKey(sk, encrypted);
});

13
src/utils/auth.test.ts
View File

@@ -1,8 +1,7 @@
import { assertEquals } from '@std/assert';
import { decodeHex, encodeHex } from '@std/encoding/hex';
import { generateSecretKey } from 'nostr-tools';
import { decryptSecretKey, encryptSecretKey, generateToken, getTokenHash } from '@/utils/auth.ts';
import { generateToken, getTokenHash } from '@/utils/auth.ts';
Deno.test('generateToken', async () => {
const sk = decodeHex('a0968751df8fd42f362213f08751911672f2a037113b392403bbb7dd31b71c95');
@@ -17,13 +16,3 @@ Deno.test('getTokenHash', async () => {
const hash = await getTokenHash('token15ztgw5wl3l2z7d3zz0cgw5v3zee09gphzyanjfqrhwma6vdhrj2sauwknd');
assertEquals(encodeHex(hash), 'ab4c4ead4d1c72a38fffd45b999937b7e3f25f867b19aaf252df858e77b66a8a');
});
Deno.test('encryptSecretKey & decryptSecretKey', async () => {
const sk = generateSecretKey();
const data = generateSecretKey();
const encrypted = await encryptSecretKey(sk, data);
const decrypted = await decryptSecretKey(sk, encrypted);
assertEquals(encodeHex(decrypted), encodeHex(data));
});

24
src/utils/auth.ts
View File

@@ -28,27 +28,3 @@ export async function getTokenHash(token: `token1${string}`): Promise<Uint8Array
return new Uint8Array(buffer);
}
/**
* Encrypt a secret key with AES-GCM.
* This function is used to store the secret key in the database.
*/
export async function encryptSecretKey(sk: Uint8Array, decrypted: Uint8Array): Promise<Uint8Array> {
const secretKey = await crypto.subtle.importKey('raw', sk, { name: 'AES-GCM' }, false, ['encrypt']);
const iv = crypto.getRandomValues(new Uint8Array(12));
const buffer = await crypto.subtle.encrypt({ name: 'AES-GCM', iv }, secretKey, decrypted);
return new Uint8Array([...iv, ...new Uint8Array(buffer)]);
}
/**
* Decrypt a secret key with AES-GCM.
* This function is used to retrieve the secret key from the database.
*/
export async function decryptSecretKey(sk: Uint8Array, encrypted: Uint8Array): Promise<Uint8Array> {
const secretKey = await crypto.subtle.importKey('raw', sk, { name: 'AES-GCM' }, false, ['decrypt']);
const iv = encrypted.slice(0, 12);
const buffer = await crypto.subtle.decrypt({ name: 'AES-GCM', iv }, secretKey, encrypted.slice(12));
return new Uint8Array(buffer);
}