Spaces:
Sleeping
Sleeping
| import crypto from "node:crypto"; | |
| function normalizeSecret(secret) { | |
| const text = String(secret || "").trim(); | |
| if (!text) { | |
| throw new Error("POOL_CRYPTO_KEY is required."); | |
| } | |
| return crypto.createHash("sha256").update(text).digest(); | |
| } | |
| export function encryptJson(value, secret) { | |
| const key = normalizeSecret(secret); | |
| const iv = crypto.randomBytes(12); | |
| const cipher = crypto.createCipheriv("aes-256-gcm", key, iv); | |
| const payload = Buffer.from(JSON.stringify(value), "utf8"); | |
| const ciphertext = Buffer.concat([cipher.update(payload), cipher.final()]); | |
| const tag = cipher.getAuthTag(); | |
| return JSON.stringify( | |
| { | |
| version: 1, | |
| iv: iv.toString("base64"), | |
| tag: tag.toString("base64"), | |
| ciphertext: ciphertext.toString("base64"), | |
| }, | |
| null, | |
| 2, | |
| ); | |
| } | |
| export function decryptJson(serialized, secret) { | |
| const key = normalizeSecret(secret); | |
| const parsed = typeof serialized === "string" ? JSON.parse(serialized) : serialized; | |
| if (parsed?.version !== 1) { | |
| throw new Error("Unsupported encrypted pool payload version."); | |
| } | |
| const decipher = crypto.createDecipheriv( | |
| "aes-256-gcm", | |
| key, | |
| Buffer.from(parsed.iv, "base64"), | |
| ); | |
| decipher.setAuthTag(Buffer.from(parsed.tag, "base64")); | |
| const plaintext = Buffer.concat([ | |
| decipher.update(Buffer.from(parsed.ciphertext, "base64")), | |
| decipher.final(), | |
| ]); | |
| return JSON.parse(plaintext.toString("utf8")); | |
| } | |