1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
|
import sodium from 'libsodium-wrappers';
export default class EncryptionService {
constructor() {
}
/**
* Encrypt the message with the given key and return a hex encoded string
*
* @param {String} message
* @param {String} key
* @returns {String}
* @private
*/
encrypt(message, passphrase) {
let {key, salt} = this._passwordToKey(passphrase);
let encrypted = this._encrypt(message, key);
return sodium.to_hex(new Uint8Array([...salt, ...encrypted]));
}
/**
* Decrypt the hex or base64 encoded message with the given key
*
* @param {String} encodedString
* @param {Uint8Array} key
* @returns {String}
* @private
*/
_decryptString(encodedString, passphrase) {
let salt = encodedString.slice(0, sodium.crypto_pwhash_SALTBYTES),
text = encodedString.slice(sodium.crypto_pwhash_SALTBYTES),
key = this._passwordToKey(passphrase, salt);
return sodium.to_string(this._decrypt(text, key));
}
/**
* Encrypt the message with the given key
*
* @param {String} message
* @param {String} key
* @returns {Uint8Array}
* @private
*/
_encrypt(message, key) {
let nonce = sodium.randombytes_buf(sodium.crypto_secretbox_NONCEBYTES);
return new Uint8Array([...nonce, ...sodium.crypto_secretbox_easy(message, nonce, key)]);
}
/**
* Decrypt the message with the given key
*
* @param {Uint8Array} encrypted
* @param {Uint8Array} key
* @returns {Uint8Array}
* @private
*/
_decrypt(encrypted, key) {
if(encrypted.length < sodium.crypto_secretbox_NONCEBYTES + sodium.crypto_secretbox_MACBYTES) throw new Error('Invalid encrypted text length');
let nonce = encrypted.slice(0, sodium.crypto_secretbox_NONCEBYTES),
ciphertext = encrypted.slice(sodium.crypto_secretbox_NONCEBYTES);
return sodium.crypto_secretbox_open_easy(ciphertext, nonce, key);
}
// noinspection JSMethodCanBeStatic
/**
*
* @param password
* @param salt
* @returns {Uint8Array}
* @private
*/
_passwordToKey(password) {
let salt = sodium.randombytes_buf(sodium.crypto_pwhash_SALTBYTES);
let key = sodium.crypto_pwhash(
sodium.crypto_box_SEEDBYTES,
password,
salt,
sodium.crypto_pwhash_OPSLIMIT_INTERACTIVE,
sodium.crypto_pwhash_MEMLIMIT_INTERACTIVE,
sodium.crypto_pwhash_ALG_DEFAULT
);
return {key, salt};
}
}
|