From 301f652129e629ba5cae3563330d64f22499ecce Mon Sep 17 00:00:00 2001 From: flaque Date: Thu, 21 Nov 2024 09:21:46 -0800 Subject: [PATCH] add nacl --- src/lib/clusters/clusters.tsx | 9 +++++++-- src/lib/clusters/keys.tsx | 4 ++-- src/schema.ts | 12 ++++++++++++ 3 files changed, 21 insertions(+), 4 deletions(-) diff --git a/src/lib/clusters/clusters.tsx b/src/lib/clusters/clusters.tsx index 64d317a..eb36e8f 100644 --- a/src/lib/clusters/clusters.tsx +++ b/src/lib/clusters/clusters.tsx @@ -180,10 +180,15 @@ async function listClusterUsersAction({ returnJson, token }: { returnJson?: bool if (item.object !== "k8s_credential") { continue; } - if (!item.encrypted_token) { + if (!item.encrypted_token || !item.nonce || !item.ephemeral_pubkey) { continue; } - const res = decryptSecret(item.encrypted_token, privateKey); + const res = decryptSecret({ + encrypted: item.encrypted_token, + secretKey: privateKey, + nonce: item.nonce, + ephemeralPublicKey: item.ephemeral_pubkey, + }); if (!item.cluster) { console.error("Cluster is undefined"); diff --git a/src/lib/clusters/keys.tsx b/src/lib/clusters/keys.tsx index 6fd4b7c..9cab5b5 100644 --- a/src/lib/clusters/keys.tsx +++ b/src/lib/clusters/keys.tsx @@ -30,13 +30,13 @@ function generateKeyPair() { }; } -export function decryptSecret(props: { encrypted: string, secretKey: string, nonce: string, ephemeralKey: string }) { +export function decryptSecret(props: { encrypted: string, secretKey: string, nonce: string, ephemeralPublicKey: string }) { // Generate nonce and message from encrypted secret const decrypted = box.open( decodeBase64(props.encrypted), decodeBase64(props.nonce), decodeBase64(props.secretKey), - decodeBase64(props.ephemeralKey) + decodeBase64(props.ephemeralPublicKey) ); if (!decrypted) { diff --git a/src/schema.ts b/src/schema.ts index 54e9498..0ac0e94 100644 --- a/src/schema.ts +++ b/src/schema.ts @@ -1746,6 +1746,8 @@ export interface operations { kubernetes_ca_cert?: string; }; encrypted_token?: string; + nonce?: string; + ephemeral_pubkey?: string; })[]; has_more: boolean; /** @constant */ @@ -1774,6 +1776,8 @@ export interface operations { kubernetes_ca_cert?: string; }; encrypted_token?: string; + nonce?: string; + ephemeral_pubkey?: string; })[]; has_more: boolean; /** @constant */ @@ -1802,6 +1806,8 @@ export interface operations { kubernetes_ca_cert?: string; }; encrypted_token?: string; + nonce?: string; + ephemeral_pubkey?: string; })[]; has_more: boolean; /** @constant */ @@ -1954,6 +1960,8 @@ export interface operations { kubernetes_ca_cert?: string; }; encrypted_token?: string; + nonce?: string; + ephemeral_pubkey?: string; }; "multipart/form-data": { /** @constant */ @@ -1977,6 +1985,8 @@ export interface operations { kubernetes_ca_cert?: string; }; encrypted_token?: string; + nonce?: string; + ephemeral_pubkey?: string; }; "text/plain": { /** @constant */ @@ -2000,6 +2010,8 @@ export interface operations { kubernetes_ca_cert?: string; }; encrypted_token?: string; + nonce?: string; + ephemeral_pubkey?: string; }; }; };