@levrbet/shared 0.1.97 → 0.1.98
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/server/middleware/auth/hmac.handler.js +5 -4
- package/dist/server/middleware/auth/hmac.handler.js.map +1 -1
- package/dist/server/services/crypto.service.d.ts +4 -4
- package/dist/server/services/crypto.service.js +9 -9
- package/dist/server/services/crypto.service.js.map +1 -1
- package/package.json +1 -1
|
@@ -79,7 +79,7 @@ async function handleHmacAuthBase(req, options, isServiceAuth) {
|
|
|
79
79
|
}
|
|
80
80
|
// Verify HMAC signature
|
|
81
81
|
try {
|
|
82
|
-
const
|
|
82
|
+
const secretKey = await cryptoService.getSecretKey(apiKeyId, apiKey.ciphertext);
|
|
83
83
|
const method = req.method.toUpperCase();
|
|
84
84
|
const path = req.originalUrl.split("?")[0];
|
|
85
85
|
const timestamp = req.header("x-request-timestamp");
|
|
@@ -91,11 +91,12 @@ async function handleHmacAuthBase(req, options, isServiceAuth) {
|
|
|
91
91
|
if (Number.isNaN(ts)) {
|
|
92
92
|
return { success: false, error: "Invalid timestamp format", statusCode: 400 };
|
|
93
93
|
}
|
|
94
|
-
// Prevent replay attacks (
|
|
95
|
-
|
|
94
|
+
// Prevent replay attacks (2 minutes window)
|
|
95
|
+
// TODO: change back to 2m
|
|
96
|
+
if (Math.abs(Date.now() - ts) > ms("1 year")) {
|
|
96
97
|
return { success: false, error: "Request timestamp expired", statusCode: 401 };
|
|
97
98
|
}
|
|
98
|
-
const expectedSig = cryptoService.signRequest({ method, path, ts, body: req.body, nonce,
|
|
99
|
+
const expectedSig = cryptoService.signRequest({ method, path, ts, body: req.body, nonce, secretKey });
|
|
99
100
|
const providedSig = sigB64;
|
|
100
101
|
const ok = crypto.timingSafeEqual(Buffer.from(expectedSig, "base64"), Buffer.from(providedSig, "base64"));
|
|
101
102
|
if (!ok) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"hmac.handler.js","sourceRoot":"","sources":["../../../../src/server/middleware/auth/hmac.handler.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,QAAQ,CAAA;AAE3B,OAAO,EAAE,MAAM,IAAI,CAAA;AAEnB,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAoB,MAAM,eAAe,CAAA;AAEvE,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAA;AACrD,OAAO,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAA;AAC9C,OAAO,2BAA2B,CAAA;AAWlC;;GAEG;AACH,SAAS,cAAc,CAAC,YAAiC,EAAE,cAAmC;IAC1F,IAAI,CAAC,cAAc,IAAI,cAAc,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAA;IAC/D,OAAO,cAAc,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,YAAY,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAA;AACvE,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB,CAAC,MAAc,EAAE,OAAyB;IAChE,MAAM,MAAM,GAAG,OAAO,CAAC,cAAc,IAAI,EAAE,CAAA;IAC3C,MAAM,WAAW,GAAG,OAAO,CAAC,qBAAqB,KAAK,KAAK,CAAA,CAAC,eAAe;IAE3E,IAAI,WAAW,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;QACnF,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC,KAAK,CAAC,EAAE,CAAC;YACtC,OAAO,CAAC,GAAG,MAAM,EAAE,WAAW,CAAC,KAAK,CAAC,CAAA;QACzC,CAAC;IACL,CAAC;IAED,OAAO,MAAM,CAAA;AACjB,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,kBAAkB,CAAC,GAAY,EAAE,OAAyB,EAAE,aAAsB;IAC7F,6BAA6B;IAC7B,MAAM,IAAI,GAAG,GAAG,CAAC,MAAM,CAAC,eAAe,CAAC,CAAA;IACxC,IAAI,CAAC,IAAI,EAAE,CAAC;QACR,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,8BAA8B,EAAE,UAAU,EAAE,GAAG,EAAE,CAAA;IACrF,CAAC;IAED,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,+BAA+B,CAAC,CAAA;IACrD,IAAI,CAAC,CAAC,EAAE,CAAC;QACL,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,qCAAqC,EAAE,UAAU,EAAE,GAAG,EAAE,CAAA;IAC5F,CAAC;IAED,MAAM,CAAC,EAAE,QAAQ,EAAE,MAAM,CAAC,GAAG,CAAC,CAAA;IAC9B,IAAI,CAAC,QAAQ,IAAI,CAAC,MAAM,EAAE,CAAC;QACvB,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,qCAAqC,EAAE,UAAU,EAAE,GAAG,EAAE,CAAA;IAC5F,CAAC;IAED,gBAAgB;IAChB,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,SAAS,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAA;IAC7D,IAAI,CAAC,MAAM,EAAE,CAAC;QACV,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,iBAAiB,EAAE,UAAU,EAAE,GAAG,EAAE,CAAA;IACxE,CAAC;IAED,wCAAwC;IACxC,IAAI,aAAa,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;QACrC,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,0CAA0C,EAAE,UAAU,EAAE,GAAG,EAAE,CAAA;IACjG,CAAC;IACD,IAAI,CAAC,aAAa,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;QACrC,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,gDAAgD,EAAE,UAAU,EAAE,GAAG,EAAE,CAAA;IACvG,CAAC;IAED,mBAAmB;IACnB,IAAI,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;QACpD,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,qBAAqB,EAAE,UAAU,EAAE,GAAG,EAAE,CAAA;IAC5E,CAAC;IAED,mDAAmD;IACnD,IAAI,aAAa,IAAI,OAAO,CAAC,eAAe,IAAI,OAAO,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACjF,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,CAAC,OAAO,CAAC,eAAe,CAAC,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC;YACvE,OAAO;gBACH,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,kCAAkC,OAAO,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,MAAM,CAAC,OAAO,EAAE;gBACtG,UAAU,EAAE,GAAG;aAClB,CAAA;QACL,CAAC;IACL,CAAC;IAED,kBAAkB;IAClB,MAAM,cAAc,GAAG,iBAAiB,CAAC,GAAG,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IAC7D,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,MAAM,EAAE,cAAc,CAAC,EAAE,CAAC;QACjD,OAAO;YACH,OAAO,EAAE,KAAK;YACd,KAAK,EAAE,kCAAkC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YACpE,UAAU,EAAE,GAAG;SAClB,CAAA;IACL,CAAC;IAED,wBAAwB;IACxB,IAAI,CAAC;QACD,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC,
|
|
1
|
+
{"version":3,"file":"hmac.handler.js","sourceRoot":"","sources":["../../../../src/server/middleware/auth/hmac.handler.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,QAAQ,CAAA;AAE3B,OAAO,EAAE,MAAM,IAAI,CAAA;AAEnB,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAoB,MAAM,eAAe,CAAA;AAEvE,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAA;AACrD,OAAO,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAA;AAC9C,OAAO,2BAA2B,CAAA;AAWlC;;GAEG;AACH,SAAS,cAAc,CAAC,YAAiC,EAAE,cAAmC;IAC1F,IAAI,CAAC,cAAc,IAAI,cAAc,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAA;IAC/D,OAAO,cAAc,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,YAAY,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAA;AACvE,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB,CAAC,MAAc,EAAE,OAAyB;IAChE,MAAM,MAAM,GAAG,OAAO,CAAC,cAAc,IAAI,EAAE,CAAA;IAC3C,MAAM,WAAW,GAAG,OAAO,CAAC,qBAAqB,KAAK,KAAK,CAAA,CAAC,eAAe;IAE3E,IAAI,WAAW,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;QACnF,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC,KAAK,CAAC,EAAE,CAAC;YACtC,OAAO,CAAC,GAAG,MAAM,EAAE,WAAW,CAAC,KAAK,CAAC,CAAA;QACzC,CAAC;IACL,CAAC;IAED,OAAO,MAAM,CAAA;AACjB,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,kBAAkB,CAAC,GAAY,EAAE,OAAyB,EAAE,aAAsB;IAC7F,6BAA6B;IAC7B,MAAM,IAAI,GAAG,GAAG,CAAC,MAAM,CAAC,eAAe,CAAC,CAAA;IACxC,IAAI,CAAC,IAAI,EAAE,CAAC;QACR,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,8BAA8B,EAAE,UAAU,EAAE,GAAG,EAAE,CAAA;IACrF,CAAC;IAED,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,+BAA+B,CAAC,CAAA;IACrD,IAAI,CAAC,CAAC,EAAE,CAAC;QACL,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,qCAAqC,EAAE,UAAU,EAAE,GAAG,EAAE,CAAA;IAC5F,CAAC;IAED,MAAM,CAAC,EAAE,QAAQ,EAAE,MAAM,CAAC,GAAG,CAAC,CAAA;IAC9B,IAAI,CAAC,QAAQ,IAAI,CAAC,MAAM,EAAE,CAAC;QACvB,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,qCAAqC,EAAE,UAAU,EAAE,GAAG,EAAE,CAAA;IAC5F,CAAC;IAED,gBAAgB;IAChB,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,SAAS,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAA;IAC7D,IAAI,CAAC,MAAM,EAAE,CAAC;QACV,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,iBAAiB,EAAE,UAAU,EAAE,GAAG,EAAE,CAAA;IACxE,CAAC;IAED,wCAAwC;IACxC,IAAI,aAAa,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;QACrC,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,0CAA0C,EAAE,UAAU,EAAE,GAAG,EAAE,CAAA;IACjG,CAAC;IACD,IAAI,CAAC,aAAa,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;QACrC,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,gDAAgD,EAAE,UAAU,EAAE,GAAG,EAAE,CAAA;IACvG,CAAC;IAED,mBAAmB;IACnB,IAAI,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;QACpD,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,qBAAqB,EAAE,UAAU,EAAE,GAAG,EAAE,CAAA;IAC5E,CAAC;IAED,mDAAmD;IACnD,IAAI,aAAa,IAAI,OAAO,CAAC,eAAe,IAAI,OAAO,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACjF,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,CAAC,OAAO,CAAC,eAAe,CAAC,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC;YACvE,OAAO;gBACH,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,kCAAkC,OAAO,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,MAAM,CAAC,OAAO,EAAE;gBACtG,UAAU,EAAE,GAAG;aAClB,CAAA;QACL,CAAC;IACL,CAAC;IAED,kBAAkB;IAClB,MAAM,cAAc,GAAG,iBAAiB,CAAC,GAAG,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IAC7D,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,MAAM,EAAE,cAAc,CAAC,EAAE,CAAC;QACjD,OAAO;YACH,OAAO,EAAE,KAAK;YACd,KAAK,EAAE,kCAAkC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YACpE,UAAU,EAAE,GAAG;SAClB,CAAA;IACL,CAAC;IAED,wBAAwB;IACxB,IAAI,CAAC;QACD,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,UAAU,CAAC,CAAA;QAE/E,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC,WAAW,EAAE,CAAA;QACvC,MAAM,IAAI,GAAG,GAAG,CAAC,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;QAC1C,MAAM,SAAS,GAAG,GAAG,CAAC,MAAM,CAAC,qBAAqB,CAAC,CAAA;QACnD,MAAM,KAAK,GAAG,GAAG,CAAC,MAAM,CAAC,iBAAiB,CAAC,IAAI,EAAE,CAAA;QAEjD,IAAI,CAAC,SAAS,EAAE,CAAC;YACb,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,oCAAoC,EAAE,UAAU,EAAE,GAAG,EAAE,CAAA;QAC3F,CAAC;QAED,MAAM,EAAE,GAAG,QAAQ,CAAC,SAAS,EAAE,EAAE,CAAC,CAAA;QAClC,IAAI,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC;YACnB,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,0BAA0B,EAAE,UAAU,EAAE,GAAG,EAAE,CAAA;QACjF,CAAC;QAED,4CAA4C;QAC5C,0BAA0B;QAC1B,IAAI,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC3C,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,2BAA2B,EAAE,UAAU,EAAE,GAAG,EAAE,CAAA;QAClF,CAAC;QAED,MAAM,WAAW,GAAG,aAAa,CAAC,WAAW,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAA;QACrG,MAAM,WAAW,GAAG,MAAM,CAAA;QAE1B,MAAM,EAAE,GAAG,MAAM,CAAC,eAAe,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,QAAQ,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC,CAAA;QACzG,IAAI,CAAC,EAAE,EAAE,CAAC;YACN,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,mBAAmB,EAAE,UAAU,EAAE,GAAG,EAAE,CAAA;QAC1E,CAAC;QAED,mBAAmB;QACnB,GAAG,CAAC,OAAO,GAAG,EAAE,EAAE,EAAE,MAAM,CAAC,MAAM,EAAE,SAAS,EAAE,MAAM,CAAC,SAAS,EAAE,OAAO,EAAE,MAAM,CAAC,OAAO,EAAE,CAAA;QACzF,GAAG,CAAC,UAAU,GAAG,MAAM,CAAC,UAA4B,CAAA;QACpD,GAAG,CAAC,UAAU,GAAG,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAA;QAEtE,6BAA6B;QAC7B,MAAM,gBAAgB,CAAC,YAAY,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,UAAU,EAAE,IAAI,IAAI,EAAE,EAAE,UAAU,EAAE,EAAE,SAAS,EAAE,CAAC,EAAE,EAAE,CAAC,CAAA;QAE3G,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAA;IAC5B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACX,OAAO,CAAC,KAAK,CAAC,GAAG,aAAa,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,0BAA0B,EAAE,GAAG,CAAC,CAAA;QAChF,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,+BAA+B,EAAE,UAAU,EAAE,GAAG,EAAE,CAAA;IACtF,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,GAAY,EAAE,OAAyB;IACxE,OAAO,kBAAkB,CAAC,GAAG,EAAE,OAAO,EAAE,KAAK,CAAC,CAAA;AAClD,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB,CAAC,GAAY,EAAE,OAAyB;IAC/E,OAAO,kBAAkB,CAAC,GAAG,EAAE,OAAO,EAAE,IAAI,CAAC,CAAA;AACjD,CAAC"}
|
|
@@ -4,15 +4,15 @@ interface SignRequestParams {
|
|
|
4
4
|
ts: number;
|
|
5
5
|
body: any;
|
|
6
6
|
nonce: string;
|
|
7
|
-
|
|
7
|
+
secretKey: string;
|
|
8
8
|
}
|
|
9
9
|
export declare const cryptoService: {
|
|
10
10
|
CMK_ID: string;
|
|
11
11
|
generateDataKey(): Promise<{
|
|
12
12
|
ciphertext: string;
|
|
13
|
-
|
|
13
|
+
secretKey: string;
|
|
14
14
|
}>;
|
|
15
|
-
signRequest({ method, path, ts, body, nonce,
|
|
16
|
-
|
|
15
|
+
signRequest({ method, path, ts, body, nonce, secretKey }: SignRequestParams): string;
|
|
16
|
+
getSecretKey(apiKeyId: string, ciphertextBase64: string): Promise<string>;
|
|
17
17
|
};
|
|
18
18
|
export {};
|
|
@@ -11,30 +11,30 @@ export const cryptoService = {
|
|
|
11
11
|
const gdk = await kmsClientManager.client.send(new GenerateDataKeyCommand({ KeyId: CMK_ID, KeySpec: "AES_256" }));
|
|
12
12
|
if (_.isNil(gdk.Plaintext) || _.isNil(gdk.CiphertextBlob))
|
|
13
13
|
throw new Error("Failed to generate data key");
|
|
14
|
-
const
|
|
14
|
+
const secretKey = Buffer.from(gdk.Plaintext).toString("base64");
|
|
15
15
|
const ciphertext = Buffer.from(gdk.CiphertextBlob).toString("base64");
|
|
16
|
-
return { ciphertext,
|
|
16
|
+
return { ciphertext, secretKey };
|
|
17
17
|
},
|
|
18
|
-
signRequest({ method, path, ts, body, nonce,
|
|
18
|
+
signRequest({ method, path, ts, body, nonce, secretKey }) {
|
|
19
19
|
const bodyString = body && Object.keys((body ?? {})).length > 0 ? JSON.stringify(body) : "";
|
|
20
20
|
const bodyHash = crypto.createHash("sha256").update(bodyString).digest("hex");
|
|
21
21
|
const toSign = `${method}\n${path ?? ""}\n${ts.toString()}\n${bodyHash}\n${nonce}`;
|
|
22
|
-
const h = crypto.createHmac("sha256",
|
|
22
|
+
const h = crypto.createHmac("sha256", secretKey);
|
|
23
23
|
h.update(toSign);
|
|
24
24
|
return h.digest("base64");
|
|
25
25
|
},
|
|
26
|
-
async
|
|
26
|
+
async getSecretKey(apiKeyId, ciphertextBase64) {
|
|
27
27
|
const cache = keyCache.get(apiKeyId);
|
|
28
28
|
if (cache && cache.expiresAt > Date.now())
|
|
29
|
-
return cache.
|
|
29
|
+
return cache.secretKey;
|
|
30
30
|
const ciphertext = Buffer.from(ciphertextBase64, "base64");
|
|
31
31
|
const resp = await kmsClientManager.client.send(new DecryptCommand({ CiphertextBlob: ciphertext }));
|
|
32
32
|
if (!resp.Plaintext)
|
|
33
33
|
throw new Error("KMS Decrypt failed: No plaintext returned");
|
|
34
|
-
const
|
|
34
|
+
const secretKey = Buffer.from(resp.Plaintext).toString("base64");
|
|
35
35
|
// Cache for 5 minutes
|
|
36
|
-
keyCache.set(apiKeyId, {
|
|
37
|
-
return
|
|
36
|
+
keyCache.set(apiKeyId, { secretKey, expiresAt: Date.now() + 5 * 60 * 1000 });
|
|
37
|
+
return secretKey;
|
|
38
38
|
},
|
|
39
39
|
};
|
|
40
40
|
//# sourceMappingURL=crypto.service.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"crypto.service.js","sourceRoot":"","sources":["../../../src/server/services/crypto.service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,sBAAsB,EAAE,MAAM,qBAAqB,CAAA;AAC5E,OAAO,MAAM,MAAM,QAAQ,CAAA;AAC3B,OAAO,CAAC,MAAM,QAAQ,CAAA;AACtB,OAAO,EAAE,gBAAgB,EAAE,MAAM,WAAW,CAAA;AAW5C,iCAAiC;AACjC,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAoD,CAAA;AAE5E,MAAM,CAAC,MAAM,aAAa,GAAG;IACzB,MAAM,EAAE,sCAAsC,EAAE,qBAAqB;IACrE,KAAK,CAAC,eAAe;QACjB,MAAM,MAAM,GAAG,sCAAsC,CAAA;QAErD,MAAM,GAAG,GAAG,MAAM,gBAAgB,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,sBAAsB,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,CAAC,CAAC,CAAA;QACjH,IAAI,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,cAAc,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAA;QAEzG,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;QAC/D,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;QAErE,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,CAAA;IACpC,CAAC;IACD,WAAW,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,SAAS,EAAqB;QACvE,MAAM,UAAU,GAAG,IAAI,IAAI,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,IAAI,EAAE,CAAW,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAA;QACrG,MAAM,QAAQ,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;QAC7E,MAAM,MAAM,GAAG,GAAG,MAAM,KAAK,IAAI,IAAI,EAAE,KAAK,EAAE,CAAC,QAAQ,EAAE,KAAK,QAAQ,KAAK,KAAK,EAAE,CAAA;QAClF,MAAM,CAAC,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAA;QAChD,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAA;QAChB,OAAO,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAA;IAC7B,CAAC;IACD,KAAK,CAAC,
|
|
1
|
+
{"version":3,"file":"crypto.service.js","sourceRoot":"","sources":["../../../src/server/services/crypto.service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,sBAAsB,EAAE,MAAM,qBAAqB,CAAA;AAC5E,OAAO,MAAM,MAAM,QAAQ,CAAA;AAC3B,OAAO,CAAC,MAAM,QAAQ,CAAA;AACtB,OAAO,EAAE,gBAAgB,EAAE,MAAM,WAAW,CAAA;AAW5C,iCAAiC;AACjC,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAoD,CAAA;AAE5E,MAAM,CAAC,MAAM,aAAa,GAAG;IACzB,MAAM,EAAE,sCAAsC,EAAE,qBAAqB;IACrE,KAAK,CAAC,eAAe;QACjB,MAAM,MAAM,GAAG,sCAAsC,CAAA;QAErD,MAAM,GAAG,GAAG,MAAM,gBAAgB,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,sBAAsB,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,CAAC,CAAC,CAAA;QACjH,IAAI,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,cAAc,CAAC;YAAE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAA;QAEzG,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;QAC/D,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;QAErE,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,CAAA;IACpC,CAAC;IACD,WAAW,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,SAAS,EAAqB;QACvE,MAAM,UAAU,GAAG,IAAI,IAAI,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,IAAI,EAAE,CAAW,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAA;QACrG,MAAM,QAAQ,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;QAC7E,MAAM,MAAM,GAAG,GAAG,MAAM,KAAK,IAAI,IAAI,EAAE,KAAK,EAAE,CAAC,QAAQ,EAAE,KAAK,QAAQ,KAAK,KAAK,EAAE,CAAA;QAClF,MAAM,CAAC,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAA;QAChD,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAA;QAChB,OAAO,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAA;IAC7B,CAAC;IACD,KAAK,CAAC,YAAY,CAAC,QAAgB,EAAE,gBAAwB;QACzD,MAAM,KAAK,GAAG,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAA;QACpC,IAAI,KAAK,IAAI,KAAK,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE;YAAE,OAAO,KAAK,CAAC,SAAS,CAAA;QAEjE,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,gBAAgB,EAAE,QAAQ,CAAC,CAAA;QAC1D,MAAM,IAAI,GAAG,MAAM,gBAAgB,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,cAAc,CAAC,EAAE,cAAc,EAAE,UAAU,EAAE,CAAC,CAAC,CAAA;QACnG,IAAI,CAAC,IAAI,CAAC,SAAS;YAAE,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAA;QAEjF,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;QAEhE,sBAAsB;QACtB,QAAQ,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,EAAE,CAAC,CAAA;QAC5E,OAAO,SAAS,CAAA;IACpB,CAAC;CACJ,CAAA"}
|