diff options
| author |   简律纯 <hsiangnianian@outlook.com> | 2023-04-18 03:02:17 +0800 |
|---|---|---|
| committer | 简律纯 <hsiangnianian@outlook.com> | 2023-04-18 03:02:17 +0800 |
| commit | 4919f028c884a041da7ff098abb02389b4eac598 (patch) | |
| tree | b0f482568c4b8c8a680ce6e2e70a7b7ca87dc190 /envshare/pkg/encryption.ts | |
| parent | b135aac8531c1e1488147ad8c6f98eddbdbe0c99 (diff) | |
| download | HydroRoll-4919f028c884a041da7ff098abb02389b4eac598.tar.gz HydroRoll-4919f028c884a041da7ff098abb02389b4eac598.zip | |
✨add envshare docs
Diffstat (limited to 'envshare/pkg/encryption.ts')
| -rw-r--r-- | envshare/pkg/encryption.ts | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/envshare/pkg/encryption.ts b/envshare/pkg/encryption.ts new file mode 100644 index 0000000..c9f0e9d --- /dev/null +++ b/envshare/pkg/encryption.ts @@ -0,0 +1,51 @@ +import { fromBase58 } from "../util/base58"; + +export async function generateKey() { + return await crypto.subtle.generateKey( + { + name: "AES-GCM", + length: 128, + }, + true, + ["encrypt", "decrypt"], + ); +} + +export async function encrypt(text: string): Promise<{ encrypted: Uint8Array; iv: Uint8Array; key: Uint8Array }> { + const key = await generateKey(); + + const iv = crypto.getRandomValues(new Uint8Array(16)); + + const encryptedBuffer = await crypto.subtle.encrypt( + { + name: "AES-GCM", + iv, + }, + key, + new TextEncoder().encode(text), + ); + + const exportedKey = await crypto.subtle.exportKey("raw", key); + return { + encrypted: new Uint8Array(encryptedBuffer), + key: new Uint8Array(exportedKey), + iv, + }; +} + +export async function decrypt(encrypted: string, keyData: Uint8Array, iv: string, keyVersion: number): Promise<string> { + const algorithm = keyVersion === 1 ? "AES-CBC" : "AES-GCM"; + + const key = await crypto.subtle.importKey("raw", keyData, { name: algorithm, length: 128 }, false, ["decrypt"]); + + const decrypted = await crypto.subtle.decrypt( + { + name: algorithm, + iv: fromBase58(iv), + }, + key, + fromBase58(encrypted), + ); + + return new TextDecoder().decode(decrypted); +} |