Spaces:

broadfield-dev
/

KeyLock-RSA-JS

Sleeping

App Files Files Community

broadfield-dev commited on Jun 7

Commit

9c5b643

verified ·

1 Parent(s): 705abae

Create decoder.js

Browse files

Files changed (1) hide show

server/decoder.js +114 -0

server/decoder.js ADDED Viewed

	@@ -0,0 +1,114 @@

+const sharp = require('sharp');
+const { webcrypto } = require('crypto');
+// --- Helper to convert PEM to a format Web Crypto API can use ---
+function pemToDer(pem) {
+  const b64 = pem
+    .replace(/-----BEGIN PRIVATE KEY-----/g, '')
+    .replace(/-----END PRIVATE KEY-----/g, '')
+    .replace(/\\n/g, '') // Handle escaped newlines from env vars
+    .replace(/\s/g, '');
+  const binaryDer = atob(b64);
+  const buffer = new ArrayBuffer(binaryDer.length);
+  const bytes = new Uint8Array(buffer);
+  for (let i = 0; i < binaryDer.length; i++) {
+    bytes[i] = binaryDer.charCodeAt(i);
+  }
+  return buffer;
+}
+// --- Extracts hidden data from an image buffer using Sharp ---
+async function extractDataFromImage(imageBuffer) {
+  const { data: pixelData, info } = await sharp(imageBuffer).raw().toBuffer({ resolveWithObject: true });
+  const HEADER_BITS = 32; // 4 bytes for the length header
+  const channels = info.channels; // Typically 3 (RGB) or 4 (RGBA)
+  if (pixelData.length < Math.ceil(HEADER_BITS / channels) * channels) {
+    throw new Error("Image is too small to contain a valid header.");
+  }
+  let headerBinaryString = '';
+  for (let i = 0; i < HEADER_BITS; i++) {
+    const pixelIndex = Math.floor(i / 3);
+    const channelIndex = i % 3;
+    headerBinaryString += pixelData[pixelIndex * channels + channelIndex] & 1;
+  }
+  const headerBytes = new Uint8Array(HEADER_BITS / 8);
+  for (let i = 0; i < HEADER_BITS / 8; i++) {
+    headerBytes[i] = parseInt(headerBinaryString.substring(i * 8, (i + 1) * 8), 2);
+  }
+  const dataView = new DataView(headerBytes.buffer);
+  const dataLengthInBytes = dataView.getUint32(0, false);
+  if (dataLengthInBytes === 0) return new Uint8Array(0);
+  const dataLengthInBits = dataLengthInBytes * 8;
+  const bitOffset = HEADER_BITS;
+  const totalBitsToRead = bitOffset + dataLengthInBits;
+  if (pixelData.length < Math.ceil(totalBitsToRead / 3) * channels) {
+      throw new Error("Image is too small for the data specified in the header. File may be corrupt.");
+  }
+  let dataBinaryString = '';
+  for (let i = 0; i < dataLengthInBits; i++) {
+    const bitPosition = bitOffset + i;
+    const pixelIndex = Math.floor(bitPosition / 3);
+    const channelIndex = bitPosition % 3;
+    dataBinaryString += pixelData[pixelIndex * channels + channelIndex] & 1;
+  }
+  const dataBytes = new Uint8Array(dataLengthInBytes);
+  for (let i = 0; i < dataLengthInBytes; i++) {
+    dataBytes[i] = parseInt(dataBinaryString.substring(i * 8, (i + 1) * 8), 2);
+  }
+  return dataBytes;
+}
+// --- Decrypts the payload using RSA and AES ---
+async function decryptHybridPayload(cryptoPayload, privateKeyPem) {
+  const ENCRYPTED_AES_KEY_LEN_SIZE = 4;
+  const AES_GCM_NONCE_SIZE = 12;
+  const privateKey = await webcrypto.subtle.importKey(
+    'pkcs8', pemToDer(privateKeyPem), { name: 'RSA-OAEP', hash: 'SHA-256' }, true, ['decrypt']
+  );
+  const encryptedAesKeyLen = new DataView(cryptoPayload.buffer, 0, ENCRYPTED_AES_KEY_LEN_SIZE).getUint32(0, false);
+  let offset = ENCRYPTED_AES_KEY_LEN_SIZE;
+  const encryptedAesKey = cryptoPayload.slice(offset, offset + encryptedAesKeyLen);
+  offset += encryptedAesKeyLen;
+  const nonce = cryptoPayload.slice(offset, offset + AES_GCM_NONCE_SIZE);
+  offset += AES_GCM_NONCE_SIZE;
+  const ciphertextWithTag = cryptoPayload.slice(offset);
+  const decryptedAesKeyBytes = await webcrypto.subtle.decrypt({ name: 'RSA-OAEP' }, privateKey, encryptedAesKey);
+  const aesKey = await webcrypto.subtle.importKey('raw', decryptedAesKeyBytes, { name: 'AES-GCM', length: 256 }, true, ['decrypt']);
+  const decryptedDataBuffer = await webcrypto.subtle.decrypt({ name: 'AES-GCM', iv: nonce }, aesKey, ciphertextWithTag);
+  const decryptedText = new TextDecoder().decode(decryptedDataBuffer);
+  return JSON.parse(decryptedText);
+}
+// --- Main export function ---
+async function decodeAuthFromImage(imageBuffer, privateKeyPem) {
+  try {
+    const cryptoPayload = await extractDataFromImage(imageBuffer);
+    if (cryptoPayload.length === 0) {
+      throw new Error("No data found in image.");
+    }
+    return await decryptHybridPayload(cryptoPayload, privateKeyPem);
+  } catch (error) {
+    console.error("Decoding failed:", error);
+    if (error.message.includes('decryption failed')) {
+      throw new Error("Decryption failed. The data may be corrupt or was not encrypted with the correct public key.");
+    }
+    throw error;
+  }
+}
+module.exports = { decodeAuthFromImage };