kopia lustrzana https://github.com/robinmoisson/staticrypt
56 wiersze
1.8 KiB
JavaScript
56 wiersze
1.8 KiB
JavaScript
/**
|
|
* Initialize the codec with the provided cryptoEngine - this return functions to encode and decode messages.
|
|
*
|
|
* @param cryptoEngine - the engine to use for encryption / decryption
|
|
*/
|
|
function init(cryptoEngine) {
|
|
const exports = {};
|
|
/**
|
|
* Top-level function for encoding a message.
|
|
* Includes passphrase hashing, encryption, and signing.
|
|
*
|
|
* @param {string} msg
|
|
* @param {string} passphrase
|
|
* @param {string} salt
|
|
*
|
|
* @returns {string} The encoded text
|
|
*/
|
|
function encode(msg, passphrase, salt) {
|
|
const hashedPassphrase = cryptoEngine.hashPassphrase(passphrase, salt);
|
|
const encrypted = cryptoEngine.encrypt(msg, hashedPassphrase);
|
|
// we use the hashed passphrase in the HMAC because this is effectively what will be used a passphrase (so we can store
|
|
// it in localStorage safely, we don't use the clear text passphrase)
|
|
const hmac = cryptoEngine.signMessage(hashedPassphrase, encrypted);
|
|
|
|
return hmac + encrypted;
|
|
}
|
|
exports.encode = encode;
|
|
|
|
/**
|
|
* Top-level function for decoding a message.
|
|
* Includes signature check, an decryption.
|
|
*
|
|
* @param {string} signedMsg
|
|
* @param {string} hashedPassphrase
|
|
*
|
|
* @returns {Object} {success: true, decoded: string} | {success: false, message: string}
|
|
*/
|
|
function decode(signedMsg, hashedPassphrase) {
|
|
const encryptedHMAC = signedMsg.substring(0, 64);
|
|
const encryptedMsg = signedMsg.substring(64);
|
|
const decryptedHMAC = cryptoEngine.signMessage(hashedPassphrase, encryptedMsg);
|
|
|
|
if (decryptedHMAC !== encryptedHMAC) {
|
|
return { success: false, message: "Signature mismatch" };
|
|
}
|
|
return {
|
|
success: true,
|
|
decoded: cryptoEngine.decrypt(encryptedMsg, hashedPassphrase),
|
|
};
|
|
}
|
|
exports.decode = decode;
|
|
|
|
return exports;
|
|
}
|
|
exports.init = init;
|