From 61c23ec9a77b27cb59140bdbe341db516d437cc2 Mon Sep 17 00:00:00 2001
From: m5r <mokht@rmi.al>
Date: Thu, 3 Jun 2021 00:42:51 +0200
Subject: [PATCH] encrypt message content

---
 api/src/controller/_encryption.ts | 31 +++++++++++++++++++++++++++++++
 api/src/controller/sms.ts         | 12 +++++++++---
 2 files changed, 40 insertions(+), 3 deletions(-)
 create mode 100644 api/src/controller/_encryption.ts

diff --git a/api/src/controller/_encryption.ts b/api/src/controller/_encryption.ts
new file mode 100644
index 0000000..278119d
--- /dev/null
+++ b/api/src/controller/_encryption.ts
@@ -0,0 +1,31 @@
+import crypto from "crypto";
+
+import config from "../config";
+
+const ENCRYPTION_KEY = computeEncryptionKey(config.twilio.accountSid);
+const IV_LENGTH = 16;
+const ALGORITHM = "aes-256-cbc";
+
+export function encrypt(text: string) {
+	const iv = crypto.randomBytes(IV_LENGTH);
+	const cipher = crypto.createCipheriv(ALGORITHM, ENCRYPTION_KEY, iv);
+	const encrypted = cipher.update(text);
+	const encryptedBuffer = Buffer.concat([encrypted, cipher.final()]);
+
+	return `${iv.toString("hex")}:${encryptedBuffer.toString("hex")}`;
+}
+
+export function decrypt(encryptedHexText: string) {
+	const [hexIv, hexText] = encryptedHexText.split(":");
+	const iv = Buffer.from(hexIv, "hex");
+	const encryptedText = Buffer.from(hexText, "hex");
+	const decipher = crypto.createDecipheriv(ALGORITHM, ENCRYPTION_KEY, iv);
+	const decrypted = decipher.update(encryptedText);
+	const decryptedBuffer = Buffer.concat([decrypted, decipher.final()]);
+
+	return decryptedBuffer.toString();
+}
+
+function computeEncryptionKey(userIdentifier: string) {
+	return crypto.scryptSync(userIdentifier, crypto.randomBytes(16), 32);
+}
diff --git a/api/src/controller/sms.ts b/api/src/controller/sms.ts
index dca54ab..e2d1f59 100644
--- a/api/src/controller/sms.ts
+++ b/api/src/controller/sms.ts
@@ -4,6 +4,7 @@ import { getManager } from "typeorm";
 
 import config from "../config";
 import { Sms, SmsType } from "../entity/sms";
+import { decrypt, encrypt } from "./_encryption";
 
 const client = new Twilio(config.twilio.accountSid, config.twilio.authToken);
 const phoneNumber = "+33757592025";
@@ -33,7 +34,10 @@ export default class SmsController {
 				acc[recipient] = [];
 			}
 
-			acc[recipient].push(message);
+			acc[recipient].push({
+				...message,
+				content: decrypt(message.content), // TODO: should probably decrypt on the phone
+			});
 
 			return acc;
 		}, {});
@@ -49,7 +53,7 @@ export default class SmsController {
 		const sms = new Sms();
 		sms.type = SmsType.SENT;
 		sms.sentAt = new Date();
-		sms.content = content;
+		sms.content = encrypt(content); // TODO: should probably encrypt on the phone
 		sms.to = to;
 		sms.from = phoneNumber;
 		await smsRepository.save(sms);
@@ -67,11 +71,13 @@ export default class SmsController {
 		const sms = new Sms();
 		sms.type = SmsType.RECEIVED;
 		sms.sentAt = new Date();
-		sms.content = body.Body;
+		sms.content = encrypt(body.Body);
 		sms.to = body.To;
 		sms.from = body.From;
 		await smsRepository.save(sms);
 
+		// TODO: send notification to `body.To` and let him know he received an SMS
+
 		ctx.status = 200;
 		ctx.body = undefined;
 	};