UNPKG

zero-sight-protocol

Version:

A secure, zero-knowledge, PIN-based encryption protocol for custodial Web3 wallets.

github.com/dejaguarkyng/zsp

dejaguarkyng/zsp

46 lines (37 loc) 1.39 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
import crypto from "crypto" import { generateIV } from "../key/entropy.js" /** * Encrypts plaintext data using AES-256-GCM. * @param {Buffer} key - A 32-byte encryption key. * @param {string|Buffer} data - Plaintext to encrypt. * @returns {{ iv: string, ciphertext: string, tag: string }} */ export function encrypt(key, data) { const iv = generateIV() const cipher = crypto.createCipheriv("aes-256-gcm", key, iv) const ciphertext = Buffer.concat([cipher.update(data, "utf8"), cipher.final()]) const tag = cipher.getAuthTag() return { iv: iv.toString("hex"), ciphertext: ciphertext.toString("hex"), tag: tag.toString("hex"), } } /** * Encrypts data using a client secret (hashed to 32-byte key). * @param {string} clientSecret - The client secret to hash for encryption. * @param {string|Buffer} plaintext - Data to encrypt. * @returns {{ iv: string, ciphertext: string, tag: string }} */ export function encryptWithSecret(clientSecret, plaintext) { const key = crypto.createHash("sha256").update(clientSecret).digest() const iv = generateIV() const cipher = crypto.createCipheriv("aes-256-gcm", key, iv) const ciphertext = Buffer.concat([cipher.update(plaintext, "utf8"), cipher.final()]) const tag = cipher.getAuthTag() return { iv: iv.toString("hex"), ciphertext: ciphertext.toString("hex"), tag: tag.toString("hex"), } }