From 2d6d406f4834ffe0f44a38e743468e4a4017c12d Mon Sep 17 00:00:00 2001 From: jj Date: Thu, 31 Oct 2024 22:42:46 +0000 Subject: [PATCH] api/crypto: use buffers for salt directly instead of hex strings --- api/src/misc/crypto.js | 2 +- api/src/stream/manage.js | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/api/src/misc/crypto.js b/api/src/misc/crypto.js index 3a520156..70903d30 100644 --- a/api/src/misc/crypto.js +++ b/api/src/misc/crypto.js @@ -3,7 +3,7 @@ import { createHmac, createCipheriv, createDecipheriv, randomBytes } from "crypt const algorithm = "aes256"; export function generateSalt() { - return randomBytes(64).toString('hex'); + return randomBytes(64); } export function generateHmac(str, salt) { diff --git a/api/src/stream/manage.js b/api/src/stream/manage.js index 12acf959..50badce6 100644 --- a/api/src/stream/manage.js +++ b/api/src/stream/manage.js @@ -7,7 +7,7 @@ import { setMaxListeners } from "node:events"; import { env, tunnelPort } from "../config.js"; import { closeRequest } from "./shared.js"; -import { decryptStream, encryptStream, generateHmac } from "../misc/crypto.js"; +import { decryptStream, encryptStream, generateHmac, generateSalt } from "../misc/crypto.js"; // optional dependency const freebind = env.freebindCIDR && await import('freebind').catch(() => {}); @@ -15,7 +15,7 @@ const freebind = env.freebindCIDR && await import('freebind').catch(() => {}); const streamCache = new Store('streams'); const internalStreamCache = new Map(); -const hmacSalt = randomBytes(64).toString('hex'); +const hmacSalt = generateSalt(); export function createStream(obj) { const streamID = nanoid(),