shellphone.app/db/_encryption.ts

38 lines
1.4 KiB
TypeScript
Raw Normal View History

2021-07-31 14:33:18 +00:00
import crypto from "crypto"
import { getConfig } from "blitz"
const { serverRuntimeConfig } = getConfig()
const IV_LENGTH = 16
const ALGORITHM = "aes-256-cbc"
export function encrypt(text: string, encryptionKey: Buffer | string) {
const encryptionKeyAsBuffer = Buffer.isBuffer(encryptionKey)
? encryptionKey
: Buffer.from(encryptionKey, "hex")
const iv = crypto.randomBytes(IV_LENGTH)
const cipher = crypto.createCipheriv(ALGORITHM, encryptionKeyAsBuffer, iv)
const encrypted = cipher.update(text)
const encryptedBuffer = Buffer.concat([encrypted, cipher.final()])
return `${iv.toString("hex")}:${encryptedBuffer.toString("hex")}`
}
export function decrypt(encryptedHexText: string, encryptionKey: Buffer | string) {
const encryptionKeyAsBuffer = Buffer.isBuffer(encryptionKey)
? encryptionKey
: Buffer.from(encryptionKey, "hex")
const [hexIv, hexText] = encryptedHexText.split(":")
const iv = Buffer.from(hexIv!, "hex")
const encryptedText = Buffer.from(hexText!, "hex")
const decipher = crypto.createDecipheriv(ALGORITHM, encryptionKeyAsBuffer, iv)
const decrypted = decipher.update(encryptedText)
const decryptedBuffer = Buffer.concat([decrypted, decipher.final()])
return decryptedBuffer.toString()
}
export function computeEncryptionKey(userIdentifier: string) {
return crypto.scryptSync(userIdentifier, serverRuntimeConfig.masterEncryptionKey, 32)
}