UNPKG

@fireproof/database

Version:

Live database for the web

fireproof.storage

fireproof-storage/fireproof

130 lines (113 loc) 3.28 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
// from https://github.com/mikeal/encrypted-block import { Crypto } from '@peculiar/webcrypto' import { CID } from 'multiformats' import { Buffer } from 'buffer' import type { AnyLink } from './types' // const crypto = new Crypto() export function getCrypto() { try { return new Crypto() } catch (e) { return null } } const crypto = getCrypto() export function randomBytes(size: number) { const bytes = Buffer.allocUnsafe(size) if (size > 0) { crypto!.getRandomValues(bytes) } return bytes } const enc32 = (value: number) => { value = +value const buff = new Uint8Array(4) buff[3] = (value >>> 24) buff[2] = (value >>> 16) buff[1] = (value >>> 8) buff[0] = (value & 0xff) return buff } const readUInt32LE = (buffer: Uint8Array) => { const offset = buffer.byteLength - 4 return ((buffer[offset]) | (buffer[offset + 1] << 8) | (buffer[offset + 2] << 16)) + (buffer[offset + 3] * 0x1000000) } const concat = (buffers: Array<ArrayBuffer|Uint8Array>) => { const uint8Arrays = buffers.map(b => b instanceof ArrayBuffer ? new Uint8Array(b) : b) const totalLength = uint8Arrays.reduce((sum, arr) => sum + arr.length, 0) const result = new Uint8Array(totalLength) let offset = 0 for (const arr of uint8Arrays) { result.set(arr, offset) offset += arr.length } return result } const encode = ({ iv, bytes }: {iv: Uint8Array, bytes: Uint8Array}) => concat([iv, bytes]) const decode = (bytes: Uint8Array) => { const iv = bytes.subarray(0, 12) bytes = bytes.slice(12) return { iv, bytes } } const code = 0x300000 + 1337 async function subtleKey(key: ArrayBuffer) { return await crypto!.subtle.importKey( 'raw', // raw or jwk key, // raw data 'AES-GCM', false, // extractable ['encrypt', 'decrypt'] ) } const decrypt = async ({ key, value }: {key: ArrayBuffer, value: { bytes: Uint8Array, iv: Uint8Array} }): Promise<{ cid: AnyLink, bytes: Uint8Array }> => { let { bytes, iv } = value const cryKey = await subtleKey(key) const deBytes = await crypto!.subtle.decrypt( { name: 'AES-GCM', iv, tagLength: 128 }, cryKey, bytes ) bytes = new Uint8Array(deBytes) const len = readUInt32LE(bytes.subarray(0, 4)) const cid = CID.decode(bytes.subarray(4, 4 + len)) bytes = bytes.subarray(4 + len) return { cid, bytes } } const encrypt = async ({ key, cid, bytes }: { key: ArrayBuffer, cid: AnyLink, bytes: Uint8Array }) => { const len = enc32(cid.bytes.byteLength) const iv = randomBytes(12) const msg = concat([len, cid.bytes, bytes]) try { const cryKey = await subtleKey(key) const deBytes = await crypto!.subtle.encrypt( { name: 'AES-GCM', iv, tagLength: 128 }, cryKey, msg ) bytes = new Uint8Array(deBytes) } catch (e) { console.log('e', e) throw e } return { value: { bytes, iv } } } const cryptoFn = (key: Uint8Array) => { // @ts-ignore // eslint-disable-next-line @typescript-eslint/no-unsafe-argument return { encrypt: opts => encrypt({ key, ...opts }), decrypt: opts => decrypt({ key, ...opts }) } } const name = 'jchris@encrypted-block:aes-gcm' export { encode, decode, code, name, encrypt, decrypt, cryptoFn as crypto }