29 lines
1.1 KiB
JavaScript
29 lines
1.1 KiB
JavaScript
async function encryptFile(arrayBuffer) {
|
|
const key = await crypto.subtle.generateKey(
|
|
{ name: 'AES-GCM', length: 256 },
|
|
true,
|
|
['encrypt', 'decrypt']
|
|
);
|
|
|
|
const iv = crypto.getRandomValues(new Uint8Array(12));
|
|
|
|
const ciphertext = await crypto.subtle.encrypt({ name: 'AES-GCM', iv }, key, arrayBuffer);
|
|
|
|
// Payload: 12-byte IV prepended to ciphertext
|
|
const payload = new Uint8Array(12 + ciphertext.byteLength);
|
|
payload.set(iv, 0);
|
|
payload.set(new Uint8Array(ciphertext), 12);
|
|
|
|
// SHA-256(rawKey) → file identifier sent to server; server never sees the key itself
|
|
const rawKey = await crypto.subtle.exportKey('raw', key);
|
|
const hash = Array.from(new Uint8Array(await crypto.subtle.digest('SHA-256', rawKey)))
|
|
.map(b => b.toString(16).padStart(2, '0'))
|
|
.join('');
|
|
|
|
// Base64url-encode key for URL fragment
|
|
const base64urlKey = btoa(String.fromCharCode(...new Uint8Array(rawKey)))
|
|
.replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, '');
|
|
|
|
return { payload, hash, base64urlKey };
|
|
}
|