@ixo/supamoto-bot-sdk
Version:
An SDK to easily interact with Supamoto bot db
50 lines (47 loc) • 2.06 kB
JavaScript
;
var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault");
Object.defineProperty(exports, "__esModule", {
value: true
});
exports.aadFor = aadFor;
exports.decryptData = decryptData;
exports.encryptData = encryptData;
exports.hkdfSha256 = hkdfSha256;
var _toConsumableArray2 = _interopRequireDefault(require("@babel/runtime/helpers/toConsumableArray"));
var _crypto = _interopRequireDefault(require("crypto"));
function hkdfSha256(ikm, info) {
var length = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : 32;
return Buffer.from(_crypto["default"].hkdfSync('sha256', ikm, /*salt*/Buffer.alloc(0), Buffer.from(info, 'utf8'), length));
}
function aadFor(parts, table) {
var v = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : 1;
// canonical: table|v|part1|part2|...
var s = [table, String(v)].concat((0, _toConsumableArray2["default"])(parts.map(String))).join('|');
return Buffer.from(s, 'utf8');
}
// AEAD encrypt/decrypt (AES-256-GCM)
function encryptData(_ref, key) {
var data = _ref.data,
aad = _ref.aad;
var nonce = _crypto["default"].randomBytes(12); // 96-bit nonce
var cipher = _crypto["default"].createCipheriv('aes-256-gcm', key, nonce);
if (aad) cipher.setAAD(aad);
var ct = Buffer.concat([cipher.update(data), cipher["final"]()]);
var tag = cipher.getAuthTag();
// Envelope: 1B version | 12B nonce | 16B tag | ciphertext
return Buffer.concat([Buffer.from([1]), nonce, tag, ct]);
}
function decryptData(_ref2, key) {
var data = _ref2.data,
aad = _ref2.aad;
if (data.length < 1 + 12 + 16) throw new Error('ciphertext too short');
var ver = data.readUInt8(0);
if (ver !== 1) throw new Error('unsupported version');
var nonce = data.subarray(1, 13);
var tag = data.subarray(13, 29);
var ct = data.subarray(29);
var decipher = _crypto["default"].createDecipheriv('aes-256-gcm', key, nonce);
if (aad) decipher.setAAD(aad);
decipher.setAuthTag(tag);
return Buffer.concat([decipher.update(ct), decipher["final"]()]);
}