Add a util that wraps all libsodium calls

2020-10-01 06:58:21 +05:30 · 2020-10-01 06:58:21 +05:30 · 212f8f2ccd
commit 212f8f2ccd
parent 07502e1bfc
1 changed files with 99 additions and 0 deletions
--- a/src/utils/crypto/libsodium.ts
+++ b/src/utils/crypto/libsodium.ts
@ -0,0 +1,99 @@
+import sodium from 'libsodium-wrappers';
+
+export async function encryptToB64(data: string, key: string) {
+    await sodium.ready;
+    var bKey: Uint8Array;
+    if (key == null) {
+        bKey = sodium.crypto_secretbox_keygen();
+    } else {
+        bKey = await fromB64(key)
+    }
+    const nonce = sodium.randombytes_buf(sodium.crypto_secretbox_NONCEBYTES);
+    const encryptedData = sodium.crypto_secretbox_easy(data, nonce, key);
+    return {
+        encryptedData: await toB64(encryptedData),
+        key: await toB64(bKey),
+        nonce: await toB64(nonce),
+    }
+}
+
+export async function decryptToB64(data: string, nonce: string, key: string) {
+    await sodium.ready;
+    const decrypted = await decrypt(await fromB64(data),
+        await fromB64(nonce),
+        await fromB64(key))
+    return await toB64(decrypted);
+}
+
+export async function encrypt(data: Uint8Array, key?: Uint8Array) {
+    await sodium.ready;
+    if (key == null) {
+        key = sodium.crypto_secretbox_keygen();
+    }
+    const nonce = sodium.randombytes_buf(sodium.crypto_secretbox_NONCEBYTES);
+    const encryptedData = sodium.crypto_secretbox_easy(data, nonce, key);
+    return {
+        encryptedData: encryptedData,
+        key: key,
+        nonce: nonce,
+    }
+}
+
+export async function decrypt(data: Uint8Array, nonce: Uint8Array, key: Uint8Array) {
+    await sodium.ready;
+    return sodium.crypto_secretbox_open_easy(data, nonce, key);
+}
+
+export async function verifyHash(hash: string, input: Uint8Array) {
+    // hash =
+    //     '$argon2id$v=19$m=262144,t=4,p=1$WxOZeKEfky2PulhotYHn2Q$JzOaXBmxDkAmFyK+HJZfgvEEHYE41Awk53In8BK2cCE<43>';
+    console.log(hash);
+    await sodium.ready;
+    return (sodium.crypto_pwhash_str_verify(hash, input) == 0);
+}
+
+export async function hash(input: string | Uint8Array) {
+    await sodium.ready;
+    return sodium.crypto_pwhash_str(
+        input,
+        sodium.crypto_pwhash_MEMLIMIT_SENSITIVE,
+        sodium.crypto_pwhash_MEMLIMIT_SENSITIVE,
+    );
+}
+
+export async function deriveKey(passphrase: Uint8Array, salt: Uint8Array) {
+    await sodium.ready;
+    return sodium.crypto_pwhash(
+        sodium.crypto_secretbox_KEYBYTES,
+        passphrase,
+        salt,
+        sodium.crypto_pwhash_OPSLIMIT_INTERACTIVE,
+        sodium.crypto_pwhash_MEMLIMIT_INTERACTIVE,
+        sodium.crypto_pwhash_ALG_DEFAULT,
+    );
+}
+
+export async function generateMasterKey() {
+    await sodium.ready;
+    return sodium.crypto_kdf_keygen();
+}
+
+export async function generateSaltToDeriveKey() {
+    await sodium.ready;
+    return sodium.randombytes_buf(sodium.crypto_pwhash_SALTBYTES);
+}
+
+export async function fromB64(input: string) {
+    await sodium.ready;
+    return sodium.from_base64(input, sodium.base64_variants.ORIGINAL);
+}
+
+export async function toB64(input: Uint8Array) {
+    await sodium.ready;
+    return sodium.to_base64(input, sodium.base64_variants.ORIGINAL);
+}
+
+export async function fromString(input: string) {
+    await sodium.ready;
+    return sodium.from_string(input);
+}