diff --git a/src/core/api.js b/src/core/api.js index 8f6060fe..a439cddf 100644 --- a/src/core/api.js +++ b/src/core/api.js @@ -128,7 +128,7 @@ export function runAPI(express, app, gitCommit, gitBranch, __dirname) { const q = req.query; const checkQueries = q.t && q.e && q.h && q.s && q.i; const checkBaseLength = q.t.length === 21 && q.e.length === 13; - const checkSafeLength = q.h.length === 43 && q.s.length === 342 && q.i.length === 22; + const checkSafeLength = q.h.length === 43 && q.s.length === 43 && q.i.length === 22; if (checkQueries && checkBaseLength && checkSafeLength) { let streamInfo = verifyStream(q.t, q.h, q.e, q.s, q.i); diff --git a/src/modules/stream/manage.js b/src/modules/stream/manage.js index c8bcd979..120b6f00 100644 --- a/src/modules/stream/manage.js +++ b/src/modules/stream/manage.js @@ -20,7 +20,7 @@ const hmacSalt = randomBytes(64).toString('hex'); export function createStream(obj) { const streamID = nanoid(), iv = randomBytes(16).toString('base64url'), - secret = randomBytes(256).toString('base64url'), + secret = randomBytes(32).toString('base64url'), exp = new Date().getTime() + streamLifespan, hmac = generateHmac(`${streamID},${exp},${iv},${secret}`, hmacSalt), streamData = { diff --git a/src/modules/sub/crypto.js b/src/modules/sub/crypto.js index 2fba1efc..b3a0539b 100644 --- a/src/modules/sub/crypto.js +++ b/src/modules/sub/crypto.js @@ -1,25 +1,22 @@ import { createHmac, createCipheriv, createDecipheriv, scryptSync } from "crypto"; const algorithm = "aes256" -const keyLength = 32; export function generateHmac(str, salt) { return createHmac("sha256", salt).update(str).digest("base64url"); } export function encryptStream(plaintext, iv, secret) { - const buff = Buffer.from(JSON.stringify(plaintext), "utf-8"); - - const key = scryptSync(Buffer.from(secret, "base64url"), "salt", keyLength); + const buff = Buffer.from(JSON.stringify(plaintext)); + const key = Buffer.from(secret, "base64url"); const cipher = createCipheriv(algorithm, key, Buffer.from(iv, "base64url")); return Buffer.concat([ cipher.update(buff), cipher.final() ]) } export function decryptStream(ciphertext, iv, secret) { - const buff = Buffer.from(ciphertext, "binary"); - - const key = scryptSync(Buffer.from(secret, "base64url"), "salt", keyLength); + const buff = Buffer.from(ciphertext); + const key = Buffer.from(secret, "base64url"); const decipher = createDecipheriv(algorithm, key, Buffer.from(iv, "base64url")); return Buffer.concat([ decipher.update(buff), decipher.final() ])