diff options
| author | Pinapelz <yukais@pinapelz.com> | 2026-06-03 15:26:26 -0700 |
|---|---|---|
| committer | Pinapelz <yukais@pinapelz.com> | 2026-06-03 15:26:26 -0700 |
| commit | 818db3ef4aadf489dba5ba8ba4f3bb4e150f0b22 (patch) | |
| tree | 0a79f0d61a8738e5083a3ad72f5c3242a6869829 /src | |
| parent | 495ecca361a7422e7c42dea04a08946cfceef29a (diff) | |
change from aes-gcm to xor shift obfuscation
encryption was pain in the ass on cross platform
Diffstat (limited to 'src')
| -rw-r--r-- | src/helpers/fetchSolution.ts | 46 |
1 files changed, 15 insertions, 31 deletions
diff --git a/src/helpers/fetchSolution.ts b/src/helpers/fetchSolution.ts index dd623a0..2ca2e68 100644 --- a/src/helpers/fetchSolution.ts +++ b/src/helpers/fetchSolution.ts @@ -1,7 +1,7 @@ import { Song } from "../types/song"; const SALT = import.meta.env.VITE_HEARDLE_SALT ?? 'changeme'; -const API_URL = import.meta.env.VITE_HEARDLE_API_URL ?? 'https://127.0.0.1:3001'; +const API_URL = import.meta.env.VITE_HEARDLE_API_URL ?? 'http://localhost:3001'; function hexToBytes(hex: string): Uint8Array { const bytes = new Uint8Array(hex.length / 2); @@ -12,23 +12,17 @@ return bytes; } -async function getDailyKey(): Promise<CryptoKey> { - const enc = new TextEncoder(); +function xor(data: Uint8Array, key: Uint8Array): Uint8Array { + const output = new Uint8Array(data.length); + for (let i = 0; i < data.length; i++) { + output[i] = data[i] ^ key[i % key.length]; + } + return output; +} + +function getObfuscationKey(): Uint8Array { const date = new Date().toISOString().split('T')[0]; - const keyMaterial = await crypto.subtle.importKey( - 'raw', - enc.encode(date), - 'PBKDF2', - false, - ['deriveKey'], - ); - return crypto.subtle.deriveKey( - { name: 'PBKDF2', salt: enc.encode(SALT), iterations: 100_000, hash: 'SHA-256' }, - keyMaterial, - { name: 'AES-GCM', length: 256 }, - false, - ['decrypt'], - ); + return new TextEncoder().encode(SALT + date); } export async function getDailySolution(): Promise<Song> { @@ -36,19 +30,9 @@ export async function getDailySolution(): Promise<Song> { if (!solutionData.ok) { throw new Error(`Failed to fetch solution: ${solutionData.statusText}`); } - const { iv, tag, data } = await solutionData.json(); - const key = await getDailyKey(); - const ciphertext = hexToBytes(data); - const authTag = hexToBytes(tag); - const combined = new Uint8Array(ciphertext.length + authTag.length); - combined.set(ciphertext); - combined.set(authTag, ciphertext.length); - console.log(key.algorithm); - console.log(key.usages); - const decrypted = await crypto.subtle.decrypt( - { name: 'AES-GCM', iv: hexToBytes(iv) }, - key, - combined, - ); + const { data } = await solutionData.json(); + const obfuscationKey = getObfuscationKey(); + const obfuscatedBytes = hexToBytes(data); + const decrypted = xor(obfuscatedBytes, obfuscationKey); return JSON.parse(new TextDecoder().decode(decrypted)) as Song; } |