session-desktop/ts/util/crypto/profileEncrypter.ts

import { getSodiumRenderer } from '../../session/crypto';

const PROFILE_IV_LENGTH = 12; // bytes
const PROFILE_KEY_LENGTH = 32; // bytes
const PROFILE_TAG_LENGTH = 128; // bits

export async function decryptProfile(data: ArrayBuffer, key: ArrayBuffer): Promise<ArrayBuffer> {
  if (data.byteLength < 12 + 16 + 1) {
    throw new Error(`Got too short input: ${data.byteLength}`);
  }
  const iv = data.slice(0, PROFILE_IV_LENGTH);
  const ciphertext = data.slice(PROFILE_IV_LENGTH, data.byteLength);
  if (key.byteLength !== PROFILE_KEY_LENGTH) {
    throw new Error('Got invalid length profile key');
  }
  if (iv.byteLength !== PROFILE_IV_LENGTH) {
    throw new Error('Got invalid length profile iv');
  }
  const error = new Error(); // save stack
  return crypto.subtle
    .importKey('raw', key, { name: 'AES-GCM' }, false, ['decrypt'])
    .then(keyForEncryption =>
      crypto.subtle
        .decrypt(
          { name: 'AES-GCM', iv, tagLength: PROFILE_TAG_LENGTH },
          keyForEncryption,
          ciphertext
        )
        .catch(e => {
          if (e.name === 'OperationError') {
            // bad mac, basically.
            error.message =
              'Failed to decrypt profile data. Most likely the profile key has changed.';
            error.name = 'ProfileDecryptError';
            throw error;
          }
        })
    );
}

async function getRandomBytesFromLength(n: number) {
  return (await getSodiumRenderer()).randombytes_buf(n);
}

export async function encryptProfile(data: ArrayBuffer, key: ArrayBuffer): Promise<ArrayBuffer> {
  const iv = await getRandomBytesFromLength(PROFILE_IV_LENGTH);
  if (key.byteLength !== PROFILE_KEY_LENGTH) {
    throw new Error('Got invalid length profile key');
  }
  if (iv.byteLength !== PROFILE_IV_LENGTH) {
    throw new Error('Got invalid length profile iv');
  }
  return crypto.subtle
    .importKey('raw', key, { name: 'AES-GCM' }, false, ['encrypt'])
    .then(keyForEncryption =>
      crypto.subtle
        .encrypt({ name: 'AES-GCM', iv, tagLength: PROFILE_TAG_LENGTH }, keyForEncryption, data)
        .then(ciphertext => {
          // tslint:disable-next-line: restrict-plus-operands
          const ivAndCiphertext = new Uint8Array(PROFILE_IV_LENGTH + ciphertext.byteLength);
          ivAndCiphertext.set(new Uint8Array(iv));
          ivAndCiphertext.set(new Uint8Array(ciphertext), PROFILE_IV_LENGTH);
          return ivAndCiphertext.buffer;
        })
    );
}
split attachmnent logic between what is used on main and renderer 4 years ago			`import { getSodiumRenderer } from '../../session/crypto';`
move libtextsecure/crypto.js to ts used mostly for attachments encrypting before upload/decrypt and profile encrypt/derypt 4 years ago
			`const PROFILE_IV_LENGTH = 12; // bytes`
			`const PROFILE_KEY_LENGTH = 32; // bytes`
			`const PROFILE_TAG_LENGTH = 128; // bits`

			`export async function decryptProfile(data: ArrayBuffer, key: ArrayBuffer): Promise<ArrayBuffer> {`
			`if (data.byteLength < 12 + 16 + 1) {`
			throw new Error(`Got too short input: ${data.byteLength}`);
			`}`
			`const iv = data.slice(0, PROFILE_IV_LENGTH);`
			`const ciphertext = data.slice(PROFILE_IV_LENGTH, data.byteLength);`
			`if (key.byteLength !== PROFILE_KEY_LENGTH) {`
			`throw new Error('Got invalid length profile key');`
			`}`
			`if (iv.byteLength !== PROFILE_IV_LENGTH) {`
			`throw new Error('Got invalid length profile iv');`
			`}`
			`const error = new Error(); // save stack`
			`return crypto.subtle`
			`.importKey('raw', key, { name: 'AES-GCM' }, false, ['decrypt'])`
			`.then(keyForEncryption =>`
			`crypto.subtle`
			`.decrypt(`
			`{ name: 'AES-GCM', iv, tagLength: PROFILE_TAG_LENGTH },`
			`keyForEncryption,`
			`ciphertext`
			`)`
			`.catch(e => {`
			`if (e.name === 'OperationError') {`
			`// bad mac, basically.`
			`error.message =`
			`'Failed to decrypt profile data. Most likely the profile key has changed.';`
			`error.name = 'ProfileDecryptError';`
			`throw error;`
			`}`
			`})`
			`);`
			`}`

			`async function getRandomBytesFromLength(n: number) {`
split attachmnent logic between what is used on main and renderer 4 years ago			`return (await getSodiumRenderer()).randombytes_buf(n);`
move libtextsecure/crypto.js to ts used mostly for attachments encrypting before upload/decrypt and profile encrypt/derypt 4 years ago			`}`

			`export async function encryptProfile(data: ArrayBuffer, key: ArrayBuffer): Promise<ArrayBuffer> {`
			`const iv = await getRandomBytesFromLength(PROFILE_IV_LENGTH);`
			`if (key.byteLength !== PROFILE_KEY_LENGTH) {`
			`throw new Error('Got invalid length profile key');`
			`}`
			`if (iv.byteLength !== PROFILE_IV_LENGTH) {`
			`throw new Error('Got invalid length profile iv');`
			`}`
			`return crypto.subtle`
			`.importKey('raw', key, { name: 'AES-GCM' }, false, ['encrypt'])`
			`.then(keyForEncryption =>`
			`crypto.subtle`
			`.encrypt({ name: 'AES-GCM', iv, tagLength: PROFILE_TAG_LENGTH }, keyForEncryption, data)`
			`.then(ciphertext => {`
			`// tslint:disable-next-line: restrict-plus-operands`
			`const ivAndCiphertext = new Uint8Array(PROFILE_IV_LENGTH + ciphertext.byteLength);`
			`ivAndCiphertext.set(new Uint8Array(iv));`
			`ivAndCiphertext.set(new Uint8Array(ciphertext), PROFILE_IV_LENGTH);`
			`return ivAndCiphertext.buffer;`
			`})`
			`);`
			`}`