Updates to backup infrastructure
This commit is contained in:
parent
47f834cf5c
commit
e4babdaef0
14 changed files with 599 additions and 710 deletions
|
@ -11,10 +11,14 @@ module.exports = {
|
|||
constantTimeEqual,
|
||||
decryptAesCtr,
|
||||
decryptDeviceName,
|
||||
decryptAttachment,
|
||||
decryptFile,
|
||||
decryptSymmetric,
|
||||
deriveAccessKey,
|
||||
encryptAesCtr,
|
||||
encryptDeviceName,
|
||||
encryptAttachment,
|
||||
encryptFile,
|
||||
encryptSymmetric,
|
||||
fromEncodedBinaryToArrayBuffer,
|
||||
getAccessKeyVerifier,
|
||||
|
@ -30,6 +34,24 @@ module.exports = {
|
|||
verifyAccessKey,
|
||||
};
|
||||
|
||||
function arrayBufferToBase64(arrayBuffer) {
|
||||
return dcodeIO.ByteBuffer.wrap(arrayBuffer).toString('base64');
|
||||
}
|
||||
function base64ToArrayBuffer(base64string) {
|
||||
return dcodeIO.ByteBuffer.wrap(base64string, 'base64').toArrayBuffer();
|
||||
}
|
||||
|
||||
function fromEncodedBinaryToArrayBuffer(key) {
|
||||
return dcodeIO.ByteBuffer.wrap(key, 'binary').toArrayBuffer();
|
||||
}
|
||||
|
||||
function bytesFromString(string) {
|
||||
return dcodeIO.ByteBuffer.wrap(string, 'utf8').toArrayBuffer();
|
||||
}
|
||||
function stringFromBytes(buffer) {
|
||||
return dcodeIO.ByteBuffer.wrap(buffer).toString('utf8');
|
||||
}
|
||||
|
||||
// High-level Operations
|
||||
|
||||
async function encryptDeviceName(deviceName, identityPublic) {
|
||||
|
@ -81,6 +103,48 @@ async function decryptDeviceName(
|
|||
return stringFromBytes(plaintext);
|
||||
}
|
||||
|
||||
// Path structure: 'fa/facdf99c22945b1c9393345599a276f4b36ad7ccdc8c2467f5441b742c2d11fa'
|
||||
function getAttachmentLabel(path) {
|
||||
const filename = path.slice(3);
|
||||
return base64ToArrayBuffer(filename);
|
||||
}
|
||||
|
||||
const PUB_KEY_LENGTH = 32;
|
||||
async function encryptAttachment(staticPublicKey, path, plaintext) {
|
||||
const uniqueId = getAttachmentLabel(path);
|
||||
return encryptFile(staticPublicKey, uniqueId, plaintext);
|
||||
}
|
||||
|
||||
async function decryptAttachment(staticPrivateKey, path, data) {
|
||||
const uniqueId = getAttachmentLabel(path);
|
||||
return decryptFile(staticPrivateKey, uniqueId, data);
|
||||
}
|
||||
|
||||
async function encryptFile(staticPublicKey, uniqueId, plaintext) {
|
||||
const ephemeralKeyPair = await libsignal.KeyHelper.generateIdentityKeyPair();
|
||||
const agreement = await libsignal.Curve.async.calculateAgreement(
|
||||
staticPublicKey,
|
||||
ephemeralKeyPair.privKey
|
||||
);
|
||||
const key = await hmacSha256(agreement, uniqueId);
|
||||
|
||||
const prefix = ephemeralKeyPair.pubKey.slice(1);
|
||||
return concatenateBytes(prefix, await encryptSymmetric(key, plaintext));
|
||||
}
|
||||
|
||||
async function decryptFile(staticPrivateKey, uniqueId, data) {
|
||||
const ephemeralPublicKey = _getFirstBytes(data, PUB_KEY_LENGTH);
|
||||
const ciphertext = _getBytes(data, PUB_KEY_LENGTH, data.byteLength);
|
||||
const agreement = await libsignal.Curve.async.calculateAgreement(
|
||||
ephemeralPublicKey,
|
||||
staticPrivateKey
|
||||
);
|
||||
|
||||
const key = await hmacSha256(agreement, uniqueId);
|
||||
|
||||
return decryptSymmetric(key, ciphertext);
|
||||
}
|
||||
|
||||
async function deriveAccessKey(profileKey) {
|
||||
const iv = getZeroes(12);
|
||||
const plaintext = getZeroes(16);
|
||||
|
@ -318,24 +382,6 @@ function trimBytes(buffer, length) {
|
|||
return _getFirstBytes(buffer, length);
|
||||
}
|
||||
|
||||
function arrayBufferToBase64(arrayBuffer) {
|
||||
return dcodeIO.ByteBuffer.wrap(arrayBuffer).toString('base64');
|
||||
}
|
||||
function base64ToArrayBuffer(base64string) {
|
||||
return dcodeIO.ByteBuffer.wrap(base64string, 'base64').toArrayBuffer();
|
||||
}
|
||||
|
||||
function fromEncodedBinaryToArrayBuffer(key) {
|
||||
return dcodeIO.ByteBuffer.wrap(key, 'binary').toArrayBuffer();
|
||||
}
|
||||
|
||||
function bytesFromString(string) {
|
||||
return dcodeIO.ByteBuffer.wrap(string, 'utf8').toArrayBuffer();
|
||||
}
|
||||
function stringFromBytes(buffer) {
|
||||
return dcodeIO.ByteBuffer.wrap(buffer).toString('utf8');
|
||||
}
|
||||
|
||||
function getViewOfArrayBuffer(buffer, start, finish) {
|
||||
const source = new Uint8Array(buffer);
|
||||
const result = source.slice(start, finish);
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue