X-Git-Url: http://git.squeep.com/?p=squeep-mystery-box;a=blobdiff_plain;f=lib%2Fmystery-box.js;h=cb85ebe698453a70f48f6af68bdad8d7cdeb9b08;hp=2343c5e164f79f9d04629a97c366a1fbd0f58595;hb=5c90dcd8088365a17f699dd683958536bc33c08c;hpb=5029da9845bcd89324e1e6ae95d94caa9febd9e8

diff --git a/lib/mystery-box.js b/lib/mystery-box.js
index 2343c5e..cb85ebe 100644
--- a/lib/mystery-box.js
+++ b/lib/mystery-box.js
@@ -63,15 +63,15 @@ class MysteryBox {
   /**
    * @param {Console} logger
    * @param {Object} options
-   * @param {String} options.encryptionSecret
+   * @param {String|String[]} options.encryptionSecret - if an array, will always encrypt with first secret, will attempt to decrypt with all; useful for rolling secrets
    * @param {Number=} options.defaultFlags
    */
   constructor(logger, options = {}) {
     this.logger = logger;
     this.options = options;
 
-    this.secret = options.encryptionSecret;
-    if (!this.secret) {
+    this.secrets = common.ensureArray(options.encryptionSecret);
+    if (!this.secrets.length) {
       throw new Error('missing encryption secret');
     }
     // TODO: support secret rolling
@@ -176,7 +176,9 @@ class MysteryBox {
     // Authenticate all this data
     const aadBuffer = Buffer.concat([versionBuffer, flagsBuffer, iv, salt]);
 
-    const key = await scryptAsync(this.secret, salt, v.keyBytes);
+    // Always encrypt with first secret
+    const secret = this.secrets[0];
+    const key = await scryptAsync(secret, salt, v.keyBytes);
     const cipher = crypto.createCipheriv(v.algorithm, key, iv, v.algOptions);
     cipher.setAAD(aadBuffer);
     const encrypted = cipher.update(payload);
@@ -248,12 +250,28 @@ class MysteryBox {
     const encrypted = raw.slice(offset);
 
     timingsMs.preCrypt = performance.now();
-    const key = await scryptAsync(this.secret, salt, v.keyBytes);
-    const decipher = crypto.createDecipheriv(v.algorithm, key, iv, v.algOptions);
-    decipher.setAAD(aad);
-    decipher.setAuthTag(tag);
 
-    const decrypted = Buffer.concat([decipher.update(encrypted), decipher.final()]);
+    let decrypted;
+    let err;
+    let success = false;
+    for await (const secret of this.secrets) {
+      const key = await scryptAsync(secret, salt, v.keyBytes);
+      const decipher = crypto.createDecipheriv(v.algorithm, key, iv, v.algOptions);
+      decipher.setAAD(aad);
+      decipher.setAuthTag(tag);
+
+      try {
+        decrypted = Buffer.concat([decipher.update(encrypted), decipher.final()]);
+        success = true;
+        break;
+      } catch (e) {
+        err = e;
+        continue;
+      }
+    }
+    if (!success) {
+      throw err;
+    }
 
     let payload;
     timingsMs.preCompress = timingsMs.postCrypt = performance.now();