@naturalcycles/nodejs-lib/dist/security/crypto.util.js

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.decryptRandomIVBuffer = exports.encryptRandomIVBuffer = void 0;
const crypto = require("crypto");
const hash_util_1 = require("./hash.util");
// const randomBytes = promisify(crypto.randomBytes)
function aes256Key(secretKeyBase64) {
    // md5 to match aes-256 key length of 32 bytes
    return (0, hash_util_1.md5)(Buffer.from(secretKeyBase64, 'base64'));
}
function encryptRandomIVBuffer(input, secretKeyBase64, algorithm = 'aes-256-cbc') {
    const key = aes256Key(secretKeyBase64);
    // Random iv to achieve non-deterministic encryption (but deterministic decryption)
    // const iv = await randomBytes(16)
    const iv = crypto.randomBytes(16); // use sync method here for speed
    const cipher = crypto.createCipheriv(algorithm, key, iv);
    return Buffer.concat([iv, cipher.update(input), cipher.final()]);
}
exports.encryptRandomIVBuffer = encryptRandomIVBuffer;
function decryptRandomIVBuffer(input, secretKeyBase64, algorithm = 'aes-256-cbc') {
    const key = aes256Key(secretKeyBase64);
    // iv is first 16 bytes of encrypted buffer, the rest is payload
    const iv = input.slice(0, 16);
    const payload = input.slice(16);
    const decipher = crypto.createDecipheriv(algorithm, key, iv);
    return Buffer.concat([decipher.update(payload), decipher.final()]);
}
exports.decryptRandomIVBuffer = decryptRandomIVBuffer;