Skip to content

Commit

Permalink
add nacl
Browse files Browse the repository at this point in the history
  • Loading branch information
@Flaque
Flaque committed Nov 21, 2024
1 parent d8d96c8 commit 301f652
Show file tree
Hide file tree
Showing 3 changed files with 21 additions and 4 deletions.
9 changes: 7 additions & 2 deletions src/lib/clusters/clusters.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -180,10 +180,15 @@ async function listClusterUsersAction({ returnJson, token }: { returnJson?: bool
if (item.object !== "k8s_credential") {
continue;
}
if (!item.encrypted_token) {
if (!item.encrypted_token || !item.nonce || !item.ephemeral_pubkey) {
continue;
}
const res = decryptSecret(item.encrypted_token, privateKey);
const res = decryptSecret({
encrypted: item.encrypted_token,
secretKey: privateKey,
nonce: item.nonce,
ephemeralPublicKey: item.ephemeral_pubkey,
});

if (!item.cluster) {
console.error("Cluster is undefined");
Expand Down
4 changes: 2 additions & 2 deletions src/lib/clusters/keys.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,13 +30,13 @@ function generateKeyPair() {
};
}

export function decryptSecret(props: { encrypted: string, secretKey: string, nonce: string, ephemeralKey: string }) {
export function decryptSecret(props: { encrypted: string, secretKey: string, nonce: string, ephemeralPublicKey: string }) {
// Generate nonce and message from encrypted secret
const decrypted = box.open(
decodeBase64(props.encrypted),
decodeBase64(props.nonce),
decodeBase64(props.secretKey),
decodeBase64(props.ephemeralKey)
decodeBase64(props.ephemeralPublicKey)
);

if (!decrypted) {
Expand Down
12 changes: 12 additions & 0 deletions src/schema.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1746,6 +1746,8 @@ export interface operations {
kubernetes_ca_cert?: string;
};
encrypted_token?: string;
nonce?: string;
ephemeral_pubkey?: string;
})[];
has_more: boolean;
/** @constant */
Expand Down Expand Up @@ -1774,6 +1776,8 @@ export interface operations {
kubernetes_ca_cert?: string;
};
encrypted_token?: string;
nonce?: string;
ephemeral_pubkey?: string;
})[];
has_more: boolean;
/** @constant */
Expand Down Expand Up @@ -1802,6 +1806,8 @@ export interface operations {
kubernetes_ca_cert?: string;
};
encrypted_token?: string;
nonce?: string;
ephemeral_pubkey?: string;
})[];
has_more: boolean;
/** @constant */
Expand Down Expand Up @@ -1954,6 +1960,8 @@ export interface operations {
kubernetes_ca_cert?: string;
};
encrypted_token?: string;
nonce?: string;
ephemeral_pubkey?: string;
};
"multipart/form-data": {
/** @constant */
Expand All @@ -1977,6 +1985,8 @@ export interface operations {
kubernetes_ca_cert?: string;
};
encrypted_token?: string;
nonce?: string;
ephemeral_pubkey?: string;
};
"text/plain": {
/** @constant */
Expand All @@ -2000,6 +2010,8 @@ export interface operations {
kubernetes_ca_cert?: string;
};
encrypted_token?: string;
nonce?: string;
ephemeral_pubkey?: string;
};
};
};
Expand Down

0 comments on commit 301f652

Please sign in to comment.