function makeHeader(ids, senderInfo, fileInfo) { const ephemeral = nacl.box.keyPair() const header = { version: 1, ephemeral: nacl.util.encodeBase64(ephemeral.publicKey), decryptInfo: {} } debug(`Ephemeral public key is ${hex(ephemeral.publicKey)}`) debug(`Ephemeral secret key is ${hex(ephemeral.secretKey)}`) for (let id of ids) { debug(`Adding recipient ${id}`) const nonce = nacl.randomBytes(24) const publicKey = keyFromId(id) debug(`Using nonce ${hex(nonce)}`) let decryptInfo = { senderID: senderInfo.id, recipientID: id, fileInfo: fileInfo } decryptInfo.fileInfo = nacl.util.encodeBase64(nacl.box( nacl.util.decodeUTF8(JSON.stringify(decryptInfo.fileInfo)), nonce, publicKey, senderInfo.secretKey )) decryptInfo = nacl.util.encodeBase64(nacl.box( nacl.util.decodeUTF8(JSON.stringify(decryptInfo)), nonce, publicKey, ephemeral.secretKey )) header.decryptInfo[nacl.util.encodeBase64(nonce)] = decryptInfo } return JSON.stringify(header) }
.reduce(function(memo, publicKey) { var nonce = nacl.randomBytes(nacl.box.nonceLength) memo[nacl.util.encodeBase64(publicKey)] = { nonce: nacl.util.encodeBase64(nonce), encryptedKey: nacl.util.encodeBase64(nacl.box( key, nonce, publicKey, ephemeralKey.secretKey )) } return memo }, {})
permit.build = function() { var nonce = nacl.randomBytes(nacl.box.nonceLength) var ephemeralKey = nacl.box.keyPair() permit.nonce = nonce permit.ephemeral = ephemeralKey.publicKey permit.encryptedKey = nacl.box( permit.databaseKey.secretKey, nonce, sessionKey.publicKey, ephemeralKey.secretKey ) return permit }