aljaz/ditto
1
0
Fork 0
mirror of https://github.com/aljazceru/ditto.git synced 2026-01-24 15:54:23 +01:00
Code Issues Packages Projects Releases Wiki Activity

auth: add encryptSecretKey & decryptSecretKey functions

Browse Source
This commit is contained in:
Alex Gleason
2024-10-02 17:56:30 -05:00
parent 70f56af281
commit e73a8d71dc
3 changed files with 57 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
src/utils/auth.ts
View File

@@ -28,3 +28,27 @@ export async function getTokenHash(token: `token1${string}`): Promise<Uint8Array
return new Uint8Array(buffer);
}
/**
* Encrypt a secret key with AES-GCM.
* This function is used to store the secret key in the database.
*/
export async function encryptSecretKey(sk: Uint8Array, decrypted: Uint8Array): Promise<Uint8Array> {
const secretKey = await crypto.subtle.importKey('raw', sk, { name: 'AES-GCM' }, false, ['encrypt']);
const iv = crypto.getRandomValues(new Uint8Array(12));
const buffer = await crypto.subtle.encrypt({ name: 'AES-GCM', iv }, secretKey, decrypted);
return new Uint8Array([...iv, ...new Uint8Array(buffer)]);
}
/**
* Decrypt a secret key with AES-GCM.
* This function is used to retrieve the secret key from the database.
*/
export async function decryptSecretKey(sk: Uint8Array, encrypted: Uint8Array): Promise<Uint8Array> {
const secretKey = await crypto.subtle.importKey('raw', sk, { name: 'AES-GCM' }, false, ['decrypt']);
const iv = encrypted.slice(0, 12);
const buffer = await crypto.subtle.decrypt({ name: 'AES-GCM', iv }, secretKey, encrypted.slice(12));
return new Uint8Array(buffer);
}