relay: add todo for verification; simplify aes

harmony-one · Nov 12, 2023 · a2244a6 · a2244a6
1 parent 89bd463
commit a2244a6
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 10 deletions.
diff --git a/voice/relay/src/routes/soft.ts b/voice/relay/src/routes/soft.ts
@@ -50,6 +50,7 @@ router.get('/health', (req, res) => {
 })
 
 router.get('/key', parseDeviceToken, checkIpBan, deviceLimiter(), ipLimiter(), (req, res) => {
+  // TODO: validate the device token, https://developer.apple.com/documentation/devicecheck/accessing_and_modifying_per-device_data
   const deviceToken = req.deviceToken
   const numKeys = BigInt(OpenAIDistributedKeys.length)
   const h = hexString(sha256(stringToBytes(deviceToken)))

diff --git a/voice/relay/src/utils.ts b/voice/relay/src/utils.ts
@@ -1,5 +1,6 @@
 import crypto from 'crypto'
 import { SharedEncryptionIV, SharedEncryptionSecret } from './config/index.js'
+import { hash as sha256 } from 'fast-sha256'
 
 export const hexView = (bytes: Buffer | Uint8Array): string => {
   return bytes && Array.from(bytes).map(x => x.toString(16).padStart(2, '0')).join('')
@@ -24,16 +25,8 @@ export function chunkstr (str: string, size: number): string[] {
   return chunks
 }
 
-const aesKey = crypto
-  .createHash('sha512')
-  .update(SharedEncryptionSecret)
-  .digest('hex')
-  .substring(0, 32)
-const aesIv = crypto
-  .createHash('sha512')
-  .update(SharedEncryptionIV)
-  .digest('hex')
-  .substring(0, 16)
+const aesKey = sha256(stringToBytes(SharedEncryptionSecret)).slice(0, 32)
+const aesIv = sha256(stringToBytes(SharedEncryptionIV)).slice(0, 16)
 
 export function encrypt (s: string): Buffer {
   const cipher = crypto.createCipheriv('aes-256-gcm', aesKey, aesIv)