Store iv and salt as buffers instead of strings.

author Chris Duncan <chris@zoso.dev>

Mon, 21 Jul 2025 05:15:22 +0000 (22:15 -0700)

committer Chris Duncan <chris@zoso.dev>

Mon, 21 Jul 2025 05:15:22 +0000 (22:15 -0700)
author Chris Duncan <chris@zoso.dev>
Mon, 21 Jul 2025 05:15:22 +0000 (22:15 -0700)
committer Chris Duncan <chris@zoso.dev>
Mon, 21 Jul 2025 05:15:22 +0000 (22:15 -0700)
diff --git a/src/lib/workers/safe.ts b/src/lib/workers/safe.ts

index acbe06cdc58e84de0c7df8071215da7d5b2dca80..1ebcc065dab483739bc3dd1cd3824cffb8166fcb 100644 (file)
--- a/src/lib/workers/safe.ts
+++ b/src/lib/workers/safe.ts
@@ -92,8 +92,8 @@ export class Safe extends WorkerInterface {
                                 const iv = await Entropy.create()
                                 const encrypted = await globalThis.crypto.subtle.encrypt({ name: 'AES-GCM', iv: iv.buffer }, encryptionKey, data[label])
                                 const record: SafeRecord = {
-                                       iv: iv.hex,
-                                       salt: salt.hex,
+                                       iv: iv.buffer,
+                                       salt: salt.buffer,
                                         label,
                                         encrypted
                                 }
@@ -131,9 +131,10 @@ export class Safe extends WorkerInterface {
                         }
                         const decryptionKeys: { [salt: string]: CryptoKey } = {}
                         for (const record of records) {
-                               decryptionKeys[record.salt] ??= await this.#createAesKey('decrypt', password, (await Entropy.import(record.salt)).buffer)
+                               const salt = bytes.toHex(new Uint8Array(record.salt))
+                               decryptionKeys[salt] ??= await this.#createAesKey('decrypt', password, record.salt)
                                 const iv = await Entropy.import(record.iv)
-                               const decrypted = await globalThis.crypto.subtle.decrypt({ name: 'AES-GCM', iv: iv.buffer }, decryptionKeys[record.salt], record.encrypted)
+                               const decrypted = await globalThis.crypto.subtle.decrypt({ name: 'AES-GCM', iv: iv.buffer }, decryptionKeys[salt], record.encrypted)
                                 results[record.label] = decrypted
                         }
                         return results
diff --git a/src/types.d.ts b/src/types.d.ts

index d3a73b7893381da3deceaa7d75d82d26f92faebe..8bc350aefcd0674155393af76a490db8323135e7 100644 (file)
--- a/src/types.d.ts
+++ b/src/types.d.ts
@@ -337,9 +337,9 @@ export declare class Rpc {
  }
  
  export type SafeRecord = {
-       iv: string
-       salt: string
         label: string
+       iv: ArrayBuffer
+       salt: ArrayBuffer
         encrypted: ArrayBuffer
  }
author	Chris Duncan <chris@zoso.dev>
	Mon, 21 Jul 2025 05:15:22 +0000 (22:15 -0700)
committer	Chris Duncan <chris@zoso.dev>
	Mon, 21 Jul 2025 05:15:22 +0000 (22:15 -0700)
src/lib/workers/safe.ts		patch \| blob \| history
src/types.d.ts		patch \| blob \| history