From 9c58da4f5ddfb88d6b3b6b5087d68bfe79a28524 Mon Sep 17 00:00:00 2001 From: Chris Duncan Date: Sun, 20 Jul 2025 22:15:22 -0700 Subject: [PATCH] Store iv and salt as buffers instead of strings. --- src/lib/workers/safe.ts | 9 +++++---- src/types.d.ts | 4 ++-- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/src/lib/workers/safe.ts b/src/lib/workers/safe.ts index acbe06c..1ebcc06 100644 --- a/src/lib/workers/safe.ts +++ b/src/lib/workers/safe.ts @@ -92,8 +92,8 @@ export class Safe extends WorkerInterface { const iv = await Entropy.create() const encrypted = await globalThis.crypto.subtle.encrypt({ name: 'AES-GCM', iv: iv.buffer }, encryptionKey, data[label]) const record: SafeRecord = { - iv: iv.hex, - salt: salt.hex, + iv: iv.buffer, + salt: salt.buffer, label, encrypted } @@ -131,9 +131,10 @@ export class Safe extends WorkerInterface { } const decryptionKeys: { [salt: string]: CryptoKey } = {} for (const record of records) { - decryptionKeys[record.salt] ??= await this.#createAesKey('decrypt', password, (await Entropy.import(record.salt)).buffer) + const salt = bytes.toHex(new Uint8Array(record.salt)) + decryptionKeys[salt] ??= await this.#createAesKey('decrypt', password, record.salt) const iv = await Entropy.import(record.iv) - const decrypted = await globalThis.crypto.subtle.decrypt({ name: 'AES-GCM', iv: iv.buffer }, decryptionKeys[record.salt], record.encrypted) + const decrypted = await globalThis.crypto.subtle.decrypt({ name: 'AES-GCM', iv: iv.buffer }, decryptionKeys[salt], record.encrypted) results[record.label] = decrypted } return results diff --git a/src/types.d.ts b/src/types.d.ts index d3a73b7..8bc350a 100644 --- a/src/types.d.ts +++ b/src/types.d.ts @@ -337,9 +337,9 @@ export declare class Rpc { } export type SafeRecord = { - iv: string - salt: string label: string + iv: ArrayBuffer + salt: ArrayBuffer encrypted: ArrayBuffer } -- 2.47.3