mokhtar/shellphone.app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

encrypt message content

Browse Source
This commit is contained in:
m5r 2021-06-03 00:42:51 +02:00
parent 4c9b1ea9b1
commit 61c23ec9a7
2 changed files with 40 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
api/src/controller/_encryption.ts Normal file
View File

@ -0,0 +1,31 @@
import crypto from "crypto";
import config from "../config";
const ENCRYPTION_KEY = computeEncryptionKey(config.twilio.accountSid);
const IV_LENGTH = 16;
const ALGORITHM = "aes-256-cbc";
export function encrypt(text: string) {
const iv = crypto.randomBytes(IV_LENGTH);
const cipher = crypto.createCipheriv(ALGORITHM, ENCRYPTION_KEY, iv);
const encrypted = cipher.update(text);
const encryptedBuffer = Buffer.concat([encrypted, cipher.final()]);
return `${iv.toString("hex")}:${encryptedBuffer.toString("hex")}`;
}
export function decrypt(encryptedHexText: string) {
const [hexIv, hexText] = encryptedHexText.split(":");
const iv = Buffer.from(hexIv, "hex");
const encryptedText = Buffer.from(hexText, "hex");
const decipher = crypto.createDecipheriv(ALGORITHM, ENCRYPTION_KEY, iv);
const decrypted = decipher.update(encryptedText);
const decryptedBuffer = Buffer.concat([decrypted, decipher.final()]);
return decryptedBuffer.toString();
}
function computeEncryptionKey(userIdentifier: string) {
return crypto.scryptSync(userIdentifier, crypto.randomBytes(16), 32);
}

12
api/src/controller/sms.ts
View File

@ -4,6 +4,7 @@ import { getManager } from "typeorm";
import config from "../config"; import config from "../config";
import { Sms, SmsType } from "../entity/sms"; import { Sms, SmsType } from "../entity/sms";
import { decrypt, encrypt } from "./_encryption";
const client = new Twilio(config.twilio.accountSid, config.twilio.authToken); const client = new Twilio(config.twilio.accountSid, config.twilio.authToken);
const phoneNumber = "+33757592025"; const phoneNumber = "+33757592025";
@ -33,7 +34,10 @@ export default class SmsController {
acc[recipient] = []; acc[recipient] = [];
} }
acc[recipient].push(message); acc[recipient].push({
...message,
content: decrypt(message.content), // TODO: should probably decrypt on the phone
});
return acc; return acc;
}, {}); }, {});
@ -49,7 +53,7 @@ export default class SmsController {
const sms = new Sms(); const sms = new Sms();
sms.type = SmsType.SENT; sms.type = SmsType.SENT;
sms.sentAt = new Date(); sms.sentAt = new Date();
sms.content = content; sms.content = encrypt(content); // TODO: should probably encrypt on the phone
sms.to = to; sms.to = to;
sms.from = phoneNumber; sms.from = phoneNumber;
await smsRepository.save(sms); await smsRepository.save(sms);
@ -67,11 +71,13 @@ export default class SmsController {
const sms = new Sms(); const sms = new Sms();
sms.type = SmsType.RECEIVED; sms.type = SmsType.RECEIVED;
sms.sentAt = new Date(); sms.sentAt = new Date();
sms.content = body.Body; sms.content = encrypt(body.Body);
sms.to = body.To; sms.to = body.To;
sms.from = body.From; sms.from = body.From;
await smsRepository.save(sms); await smsRepository.save(sms);
// TODO: send notification to `body.To` and let him know he received an SMS
ctx.status = 200; ctx.status = 200;
ctx.body = undefined; ctx.body = undefined;
}; };