| 72 | } |
| 73 | |
| 74 | export function deriveContentKeyPair(secret: Uint8Array): { publicKey: Uint8Array; secretKey: Uint8Array } { |
| 75 | const seed = deriveKey(secret, 'Happy EnCoder', ['content']); |
| 76 | // libsodium's crypto_box_seed_keypair does SHA-512(seed)[0:32] internally |
| 77 | const hashedSeed = new Uint8Array(createHash('sha512').update(seed).digest()); |
| 78 | const boxSecretKey = hashedSeed.slice(0, 32); |
| 79 | const keyPair = tweetnacl.box.keyPair.fromSecretKey(boxSecretKey); |
| 80 | return { publicKey: keyPair.publicKey, secretKey: keyPair.secretKey }; |
| 81 | } |
| 82 | |
| 83 | // --- AES-256-GCM encryption --- |
| 84 | |