From 15f3b1148269c7038455797e986f56aed89ed7c9 Mon Sep 17 00:00:00 2001 From: EresDev Date: Fri, 6 Dec 2024 22:31:12 +0500 Subject: [PATCH] feat: add GH_PAT decryption mechanism --- package.json | 2 ++ src/helpers/keys.ts | 40 ++++++++++++++++++++++++++++++++++++++++ yarn.lock | 17 +++++++++++++++++ 3 files changed, 59 insertions(+) create mode 100644 src/helpers/keys.ts diff --git a/package.json b/package.json index be1d8b91..ff6e5932 100644 --- a/package.json +++ b/package.json @@ -38,6 +38,7 @@ "@sinclair/typebox": "0.32.33", "@ubiquity-dao/ubiquibot-logger": "^1.3.0", "dotenv": "16.4.5", + "libsodium-wrappers": "^0.7.15", "typebox-validators": "0.3.5" }, "devDependencies": { @@ -50,6 +51,7 @@ "@jest/globals": "29.7.0", "@mswjs/data": "0.16.1", "@types/jest": "^29.5.12", + "@types/libsodium-wrappers": "^0.7.14", "@types/node": "20.14.5", "cspell": "8.14.4", "eslint": "9.12.0", diff --git a/src/helpers/keys.ts b/src/helpers/keys.ts new file mode 100644 index 00000000..1fff1a8d --- /dev/null +++ b/src/helpers/keys.ts @@ -0,0 +1,40 @@ +import sodium from "libsodium-wrappers"; +import { Logs } from "@ubiquity-dao/ubiquibot-logger"; + +const KEY_PREFIX = "HSK_"; + +export async function decryptKeys( + cipherText: string, + x25519PrivateKey: string, + logger: Logs +): Promise<{ privateKey: string; publicKey: string } | { privateKey: null; publicKey: null }> { + await sodium.ready; + + let _public: null | string = null; + let _private: null | string = null; + + _public = await getScalarKey(x25519PrivateKey); + if (!_public) { + logger.error("Public key is null"); + return { privateKey: null, publicKey: null }; + } + if (!cipherText?.length) { + logger.error("No cipherText was provided"); + return { privateKey: null, publicKey: null }; + } + const binaryPublic = sodium.from_base64(_public, sodium.base64_variants.URLSAFE_NO_PADDING); + const binaryPrivate = sodium.from_base64(x25519PrivateKey, sodium.base64_variants.URLSAFE_NO_PADDING); + + const binaryCipher = sodium.from_base64(cipherText, sodium.base64_variants.URLSAFE_NO_PADDING); + + const walletPrivateKey: string | null = sodium.crypto_box_seal_open(binaryCipher, binaryPublic, binaryPrivate, "text"); + _private = walletPrivateKey?.replace(KEY_PREFIX, ""); + + return { privateKey: _private, publicKey: _public }; +} + +async function getScalarKey(x25519PrivateKey: string) { + await sodium.ready; + const binPriv = sodium.from_base64(x25519PrivateKey, sodium.base64_variants.URLSAFE_NO_PADDING); + return sodium.crypto_scalarmult_base(binPriv, "base64"); +} diff --git a/yarn.lock b/yarn.lock index 02ef2336..8d3e9676 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1910,6 +1910,11 @@ resolved "https://registry.yarnpkg.com/@types/json-schema/-/json-schema-7.0.15.tgz#596a1747233694d50f6ad8a7869fcb6f56cf5841" integrity sha512-5+fP8P8MFNC+AyZCDxrB2pkZFPGzqQWUzpSeuuVLvm8VMcorNYavBqoFcxK8bQz4Qsbn4oUEEem4wDLfcysGHA== +"@types/libsodium-wrappers@^0.7.14": + version "0.7.14" + resolved "https://registry.yarnpkg.com/@types/libsodium-wrappers/-/libsodium-wrappers-0.7.14.tgz#f688f8d44e46ed61c401f82ff757581655fbcc42" + integrity sha512-5Kv68fXuXK0iDuUir1WPGw2R9fOZUlYlSAa0ztMcL0s0BfIDTqg9GXz8K30VJpPP3sxWhbolnQma2x+/TfkzDQ== + "@types/lodash@^4.14.172": version "4.17.4" resolved "https://registry.yarnpkg.com/@types/lodash/-/lodash-4.17.4.tgz#0303b64958ee070059e3a7184048a55159fe20b7" @@ -4613,6 +4618,18 @@ levn@^0.4.1: prelude-ls "^1.2.1" type-check "~0.4.0" +libsodium-wrappers@^0.7.15: + version "0.7.15" + resolved "https://registry.yarnpkg.com/libsodium-wrappers/-/libsodium-wrappers-0.7.15.tgz#53f13e483820272a3d55b23be2e34402ac988055" + integrity sha512-E4anqJQwcfiC6+Yrl01C1m8p99wEhLmJSs0VQqST66SbQXXBoaJY0pF4BNjRYa/sOQAxx6lXAaAFIlx+15tXJQ== + dependencies: + libsodium "^0.7.15" + +libsodium@^0.7.15: + version "0.7.15" + resolved "https://registry.yarnpkg.com/libsodium/-/libsodium-0.7.15.tgz#ac284e3dcb1c29ae9526c5581cdada6a072f6d20" + integrity sha512-sZwRknt/tUpE2AwzHq3jEyUU5uvIZHtSssktXq7owd++3CSgn8RGrv6UZJJBpP7+iBghBqe7Z06/2M31rI2NKw== + lilconfig@~3.1.1: version "3.1.1" resolved "https://registry.yarnpkg.com/lilconfig/-/lilconfig-3.1.1.tgz#9d8a246fa753106cfc205fd2d77042faca56e5e3"