admin/cobalt
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

crypto: use secret directly instead of deriving key

Browse Source
This commit is contained in:
dumbmoron
2024-03-05 16:49:00 +00:00
parent fc39ac76b6
commit 7fab5a37ff
3 changed files with 6 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/modules/stream/manage.js
View File

@@ -20,7 +20,7 @@ const hmacSalt = randomBytes(64).toString('hex');
export function createStream(obj) {
const streamID = nanoid(),
iv = randomBytes(16).toString('base64url'),
secret = randomBytes(256).toString('base64url'),
secret = randomBytes(32).toString('base64url'),
exp = new Date().getTime() + streamLifespan,
hmac = generateHmac(`${streamID},${exp},${iv},${secret}`, hmacSalt),
streamData = {

11
src/modules/sub/crypto.js
View File

@@ -1,25 +1,22 @@
import { createHmac, createCipheriv, createDecipheriv, scryptSync } from "crypto";
const algorithm = "aes256"
const keyLength = 32;
export function generateHmac(str, salt) {
return createHmac("sha256", salt).update(str).digest("base64url");
}
export function encryptStream(plaintext, iv, secret) {
const buff = Buffer.from(JSON.stringify(plaintext), "utf-8");
const key = scryptSync(Buffer.from(secret, "base64url"), "salt", keyLength);
const buff = Buffer.from(JSON.stringify(plaintext));
const key = Buffer.from(secret, "base64url");
const cipher = createCipheriv(algorithm, key, Buffer.from(iv, "base64url"));
return Buffer.concat([ cipher.update(buff), cipher.final() ])
}
export function decryptStream(ciphertext, iv, secret) {
const buff = Buffer.from(ciphertext, "binary");
const key = scryptSync(Buffer.from(secret, "base64url"), "salt", keyLength);
const buff = Buffer.from(ciphertext);
const key = Buffer.from(secret, "base64url");
const decipher = createDecipheriv(algorithm, key, Buffer.from(iv, "base64url"));
return Buffer.concat([ decipher.update(buff), decipher.final() ])