From 8947ccc6eb454037276ca13a148bafa96bf9b64d Mon Sep 17 00:00:00 2001
From: b1ek <me@blek.codes>
Date: Sun, 19 Feb 2023 01:29:32 +1000
Subject: [PATCH] change app key length to 32 bytes

---
 scripts/generate_key.js |  2 +-
 startup.js              | 36 ++++++++++++++++++------------------
 test/genkey.js          |  4 ++--
 3 files changed, 21 insertions(+), 21 deletions(-)

diff --git a/scripts/generate_key.js b/scripts/generate_key.js
index c411632..d9b0629 100644
--- a/scripts/generate_key.js
+++ b/scripts/generate_key.js
@@ -4,7 +4,7 @@ const args = require('args-parser')(process.argv);
 const fs = require('fs');
 const base64 = require('js-base64');
 
-let key = crypto.randomBytes(256).toString('base64');
+let key = crypto.randomFillSync(Buffer.alloc(32)).toString('base64');
 let dotenv = path.resolve('.env');
 
 if (args['help']) {
diff --git a/startup.js b/startup.js
index f2b6555..d287c9c 100644
--- a/startup.js
+++ b/startup.js
@@ -13,30 +13,30 @@ const hrt = () => {
     return hr[0] + hr[1] / 1000000;
 }
 
+// load dotenv
+let dotpath = (process.env.APP_DEBUG == 'true') ? '.env.debug' : '.env.prod';
+if (!fs.existsSync(dotpath)) dotpath = '.env';
+require('dotenv').config({
+    path: dotpath
+});
+
+// load key
+if (!process.env.APP_KEY)
+    throw new Error('APP_KEY is not set.')
+
+// TODO: perhaps a better approach to storing it????
+//                                                               ↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓
+process.env.APP_KEY = Buffer.from(process.env.APP_KEY, 'base64').toString('ascii');
+
+console.log('Using a key with CRC32: ' + crc32.bstr(process.env.APP_KEY).toString(16));
+
 async function startup() {
     let t1 = hrt();
 
-    let dotpath = (process.env.APP_DEBUG == 'true') ? '.env.debug' : '.env.prod';
-    
-    if (!fs.existsSync(dotpath)) dotpath = '.env';
-
-    require('dotenv').config({
-        path: dotpath
-    });
-
-    if (!process.env.APP_KEY) {
-        throw new Error('APP_KEY is not set.')
-    }
-    process.env.APP_KEY = Base64.decode(process.env.APP_KEY);
-    if (process.env.APP_KEY.length !== 256) {
-        throw new Error('APP_KEY has to be a 256-byte base64 string.');
-    }
-    console.log('Using a key with CRC32: ' + crc32.bstr(process.env.APP_KEY.toString(16)));
-
     await require('./helpers').ViewLoader.preload();
     console.log('Views compiled in ' + (hrt() - t1) + ' ms');
 
     console.log('Finished in ' + (hrt() - t1) + " ms");
 }
 
-startup();
+module.exports = startup();
diff --git a/test/genkey.js b/test/genkey.js
index 69cead2..7f1006e 100644
--- a/test/genkey.js
+++ b/test/genkey.js
@@ -3,12 +3,12 @@ const execSync = require('child_process').execSync;
 const fs = require('fs');
 const path = require('path');
 
-describe('TestS generate key script', () => {
+describe('Test generate key script', () => {
 
     it('Check if key is generated properly', () => {
         const stdout = execSync('node ./scripts/generate_key.js --key-only').toString('utf-8');
         const key = Buffer.from(stdout, 'base64');
-        test.number(key.length).is(256);
+        test.number(key.length).is(32);
     });
     it('Check if file is edited properly', () => {
         const stdout = execSync('node ./scripts/generate_key.js -s').toString('utf-8');