Attempt to curb the combinatorial explosion
This commit is contained in:
Manav Rathi
@@ -142,7 +142,7 @@ export const encryptMetadataJSON = async (r: EncryptJSON) =>
|
||||
|
||||
/**
|
||||
* Decrypt arbitrary data, provided as a base64 string, using the given key and
|
||||
* the provided nonce.
|
||||
* the provided nonce, and return the base64
|
||||
*
|
||||
* This is the sibling of {@link encryptBoxB64}.
|
||||
*
|
||||
|
||||
@@ -12,10 +12,12 @@ import { mergeUint8Arrays } from "@/utils/array";
|
||||
import { CustomError } from "@ente/shared/error";
|
||||
import sodium, { type StateAddress } from "libsodium-wrappers";
|
||||
import type {
|
||||
BytesOrB64,
|
||||
DecryptBlobBytes,
|
||||
DecryptBoxBytes,
|
||||
EncryptBytes,
|
||||
EncryptedBlobBytes,
|
||||
EncryptedBox2,
|
||||
EncryptedBoxBytes,
|
||||
} from "./types";
|
||||
|
||||
@@ -342,6 +344,29 @@ export const decryptBox = async ({
|
||||
);
|
||||
};
|
||||
|
||||
/**
|
||||
* If the provided {@link bob} ("Bytes or B64 string") is already a
|
||||
* {@link Uint8Array}, return it unchanged, otherwise convert the base64 string
|
||||
* into bytes and return those.
|
||||
*/
|
||||
const bytes = async (bob: BytesOrB64) =>
|
||||
typeof bob == "string" ? fromB64(bob) : bob;
|
||||
|
||||
/**
|
||||
* Decrypt the result of {@link encryptBox}.
|
||||
*/
|
||||
export const decryptBox2 = async (
|
||||
{ encryptedData, nonce }: EncryptedBox2,
|
||||
key: BytesOrB64,
|
||||
): Promise<Uint8Array> => {
|
||||
await sodium.ready;
|
||||
return sodium.crypto_secretbox_open_easy(
|
||||
await bytes(encryptedData),
|
||||
await bytes(nonce),
|
||||
await bytes(key),
|
||||
);
|
||||
};
|
||||
|
||||
/**
|
||||
* Decrypt the result of {@link encryptBlob}.
|
||||
*/
|
||||
|
||||
@@ -149,6 +149,34 @@ export interface DecryptBoxBytes {
|
||||
keyB64: string;
|
||||
}
|
||||
|
||||
/**
|
||||
* Data provided either as bytes ({@link Uint8Array}) or their base64 string representation.
|
||||
*/
|
||||
export type BytesOrB64 = Uint8Array | string;
|
||||
|
||||
/**
|
||||
* A decryption request to decrypt data encrypted using the secretbox APIs.
|
||||
*
|
||||
* See: [Note: 3 forms of encryption (Box | Blob | Stream)].
|
||||
*/
|
||||
export interface EncryptedBox2 {
|
||||
/**
|
||||
* The data to decrypt.
|
||||
*/
|
||||
encryptedData: BytesOrB64;
|
||||
/**
|
||||
* The nonce that was used during encryption.
|
||||
*
|
||||
* The nonce is required to decrypt the data, but it does not need to be
|
||||
* kept secret.
|
||||
*/
|
||||
nonce: BytesOrB64;
|
||||
/**
|
||||
* The encryption key.
|
||||
*/
|
||||
key: BytesOrB64;
|
||||
}
|
||||
|
||||
/**
|
||||
* A variant of {@link DecryptBoxBytes} with the encrypted Blob's data as a
|
||||
* base64 encoded string.
|
||||
|
||||
Reference in New Issue
Block a user