fix: encrypting secret when not necessary

push-protocol · Oct 20, 2023 · d6134e0 · d6134e0
1 parent 6729e14
commit d6134e0
Show file tree

Hide file tree

Showing 3 changed files with 33 additions and 25 deletions.
diff --git a/packages/restapi/src/lib/chat/approveRequest.ts b/packages/restapi/src/lib/chat/approveRequest.ts
@@ -64,11 +64,14 @@ export const approve = async (
 
   const connectedUser = await getConnectedUserV2(wallet, pgpPrivateKey, env);
 
-  let fromDID = await getUserDID(senderAddress, env);
-  let toDID = await getUserDID(address, env);
+  let fromDID: string;
+  let toDID: string;
   if (isGroup) {
     fromDID = await getUserDID(address, env);
     toDID = await getUserDID(senderAddress, env);
+  } else {
+    fromDID = await getUserDID(senderAddress, env);
+    toDID = await getUserDID(address, env);
   }
 
   const bodyToBeHashed = {

diff --git a/packages/restapi/src/lib/chat/helpers/crypto.ts b/packages/restapi/src/lib/chat/helpers/crypto.ts
@@ -1,3 +1,5 @@
+// eslint-disable-next-line @typescript-eslint/ban-ts-comment
+//@ts-nocheck
 import * as PGP from './pgp';
 import * as AES from './aes';
 import * as CryptoJS from 'crypto-js';
@@ -51,11 +53,13 @@ export const encryptAndSign = async ({
   keys,
   privateKeyArmored,
   secretKey,
+  encryptSecret = true
 }: {
   plainText: string;
   keys: Array<string>;
   privateKeyArmored: string;
   secretKey: string;
+  encryptSecret: boolean
 }): Promise<{
   cipherText: string;
   encryptedSecret: string;
@@ -64,10 +68,13 @@ export const encryptAndSign = async ({
   encType: string;
 }> => {
   const cipherText: string = AES.aesEncrypt({ plainText, secretKey });
-  const encryptedSecret = await PGP.pgpEncrypt({
-    plainText: secretKey,
-    keys: keys,
-  });
+  let encryptedSecret: string | null = null
+  if (encryptSecret) {
+    encryptedSecret = await PGP.pgpEncrypt({
+      plainText: secretKey,
+      keys: keys,
+    });
+  }
   const signature: string = await PGP.sign({
     message: cipherText,
     signingKey: privateKeyArmored,
@@ -284,6 +291,7 @@ export const getEncryptedRequest = async (
         keys: publicKeys,
         privateKeyArmored: senderCreatedUser.privateKey!,
         secretKey,
+        encryptSecret: false
       });
       let encryptionType: 'PlainText' | 'pgp' | 'group-v1';
       if (newGroupEncryption) encryptionType = 'group-v1';

diff --git a/packages/restapi/src/lib/chat/helpers/payloadHelper.ts b/packages/restapi/src/lib/chat/helpers/payloadHelper.ts
@@ -112,31 +112,28 @@ export const sendMessagePayload = async (
     secretKey = AES.generateRandomSecret(15);
   }
 
-  const { message: encryptedMessageContent, signature: deprecatedSignature } =
-    await getEncryptedRequest(
-      receiverAddress,
-      senderCreatedUser,
-      messageContent,
-      isGroup,
-      env,
-      group,
-      secretKey,
-      newGroupEncryption
-    );
-  const {
-    message: encryptedMessageObj,
-    encryptionType,
-    aesEncryptedSecret,
-  } = await getEncryptedRequest(
-    receiverAddress,
+  const promise1= getEncryptedRequest(receiverAddress,
+    senderCreatedUser,
+    messageContent,
+    isGroup,
+    env,
+    group,
+    secretKey,
+    newGroupEncryption)
+  const promise2= getEncryptedRequest(receiverAddress,
     senderCreatedUser,
     JSON.stringify(messageObj),
     isGroup,
     env,
     group,
     secretKey,
-    newGroupEncryption
-  );
+    newGroupEncryption)
+  const result = await Promise.all([promise1, promise2])
+  const encryptedMessageContent = result[0].message
+  const deprecatedSignature = result[0].signature
+  const encryptedMessageObj = result[1].message
+  const encryptionType = result[1].encryptionType
+  const aesEncryptedSecret = result[1].aesEncryptedSecret
 
   const body: ISendMessagePayload = {
     fromDID: walletToPCAIP10(senderCreatedUser.wallets.split(',')[0]),