reduce unneccessary data copy

2026-02-06 09:56:05 +00:00 · 2025-01-09 13:26:44 +01:00 · 2025-01-09 13:26:44 +01:00 · d31d10e3f7
commit d31d10e3f7
parent 4d383a4346
5 changed files with 18 additions and 25 deletions
--- a/backend/src/graphql/resolver/UserResolver.test.ts
+++ b/backend/src/graphql/resolver/UserResolver.test.ts
@ -97,6 +97,8 @@ jest.mock('@/apis/KlicktippController', () => {
  }
 })

+CONFIG.EMAIL_CODE_REQUEST_TIME = 10
+
 let admin: User
 let user: User
 let mutate: ApolloServerTestClient['mutate'],
@ -1548,11 +1550,9 @@ describe('UserResolver', () => {

        expect(bibi).toEqual(
          expect.objectContaining({
-            password: Buffer.from(
-              (await SecretKeyCryptographyCreateKey(bibi.gradidoID.toString(), 'Aa12345_'))[0],
-            )
-              .readBigUInt64LE()
-              .toString(),
+            password: (
+              await SecretKeyCryptographyCreateKey(bibi.gradidoID.toString(), 'Aa12345_')
+            ).toString(),
            passwordEncryptionType: PasswordEncryptionType.GRADIDO_ID,
          }),
        )
@ -1574,9 +1574,7 @@ describe('UserResolver', () => {
        })
        bibi = usercontact.user
        bibi.passwordEncryptionType = PasswordEncryptionType.EMAIL
-        bibi.password = Buffer.from(
-          (await SecretKeyCryptographyCreateKey('bibi@bloxberg.de', 'Aa12345_'))[0],
-        ).readBigUInt64LE()
+        bibi.password = await SecretKeyCryptographyCreateKey('bibi@bloxberg.de', 'Aa12345_')

        await bibi.save()
      })
@ -1593,11 +1591,9 @@ describe('UserResolver', () => {
        expect(bibi).toEqual(
          expect.objectContaining({
            firstName: 'Bibi',
-            password: Buffer.from(
-              (await SecretKeyCryptographyCreateKey(bibi.gradidoID.toString(), 'Aa12345_'))[0],
-            )
-              .readBigUInt64LE()
-              .toString(),
+            password: (
+              await SecretKeyCryptographyCreateKey(bibi.gradidoID.toString(), 'Aa12345_')
+            ).toString(),
            passwordEncryptionType: PasswordEncryptionType.GRADIDO_ID,
          }),
        )
--- a/backend/src/password/EncryptionWorker.ts
+++ b/backend/src/password/EncryptionWorker.ts
@ -20,7 +20,7 @@ export const SecretKeyCryptographyCreateKey = (
  password: string,
  configLoginAppSecret: Buffer,
  configLoginServerKey: Buffer,
-): Uint8Array[] => {
+): bigint => {
  const state = Buffer.alloc(crypto_hash_sha512_STATEBYTES)
  crypto_hash_sha512_init(state)
  crypto_hash_sha512_update(state, Buffer.from(salt))
@ -43,8 +43,7 @@ export const SecretKeyCryptographyCreateKey = (

  const encryptionKeyHash = Buffer.alloc(crypto_shorthash_BYTES)
  crypto_shorthash(encryptionKeyHash, encryptionKey, configLoginServerKey)
-
-  return [new Uint8Array(encryptionKeyHash), new Uint8Array(encryptionKey)]
+  return encryptionKeyHash.readBigUInt64LE()
 }

 if (CONFIG.USE_CRYPTO_WORKER) {
--- a/backend/src/password/EncryptorUtils.ts
+++ b/backend/src/password/EncryptorUtils.ts
@ -46,7 +46,7 @@ export const isValidPassword = (password: string): boolean => {
 export const SecretKeyCryptographyCreateKey = async (
  salt: string,
  password: string,
-): Promise<Uint8Array[]> => {
+): Promise<bigint> => {
  try {
    logger.trace('call worker for: SecretKeyCryptographyCreateKey')
    if (configLoginServerKey.length !== crypto_shorthash_KEYBYTES) {
@ -56,14 +56,14 @@ export const SecretKeyCryptographyCreateKey = async (
        crypto_shorthash_KEYBYTES,
      )
    }
-    let result: Promise<Uint8Array[]>
+    let result: Promise<bigint>
    if (encryptionWorkerPool) {
      result = (await encryptionWorkerPool.exec('SecretKeyCryptographyCreateKey', [
        salt,
        password,
        configLoginAppSecret,
        configLoginServerKey,
-      ])) as Promise<Uint8Array[]>
+      ])) as Promise<bigint>
    } else {
      result = Promise.resolve(
        SecretKeyCryptographyCreateKeySync(
--- a/backend/src/password/PasswordEncryptor.ts
+++ b/backend/src/password/PasswordEncryptor.ts
@ -5,9 +5,7 @@ import { getUserCryptographicSalt, SecretKeyCryptographyCreateKey } from './Encr

 export const encryptPassword = async (dbUser: User, password: string): Promise<bigint> => {
  const salt = getUserCryptographicSalt(dbUser)
-  const keyBuffer: Uint8Array[] = await SecretKeyCryptographyCreateKey(salt, password) // returns Uint8Array[short hash, long hash]
-  const passwordHash = Buffer.from(keyBuffer[0]).readBigUInt64LE()
-  return passwordHash
+  return SecretKeyCryptographyCreateKey(salt, password)
 }

 export const verifyPassword = async (dbUser: User, password: string): Promise<boolean> => {
--- a/backend/src/password/mocks/EncryptorUtils.ts
+++ b/backend/src/password/mocks/EncryptorUtils.ts
@ -29,7 +29,7 @@ const SecretKeyCryptographyCreateKeyMock = (
  password: string,
  configLoginAppSecret: Buffer,
  configLoginServerKey: Buffer,
-): Uint8Array[] => {
+): bigint => {
  const state = Buffer.alloc(crypto_hash_sha512_STATEBYTES)
  crypto_hash_sha512_init(state)
  crypto_hash_sha512_update(state, Buffer.from(salt))
@ -53,7 +53,7 @@ const SecretKeyCryptographyCreateKeyMock = (
  const encryptionKeyHash = Buffer.alloc(crypto_shorthash_BYTES)
  crypto_shorthash(encryptionKeyHash, encryptionKey, configLoginServerKey)

-  return [new Uint8Array(encryptionKeyHash), new Uint8Array(encryptionKey)]
+  return encryptionKeyHash.readBigUInt64LE()
 }

 const configLoginAppSecret = Buffer.from(CONFIG.LOGIN_APP_SECRET, 'hex')
@ -72,7 +72,7 @@ export const isValidPassword = (password: string): boolean => {
 export const SecretKeyCryptographyCreateKey = async (
  salt: string,
  password: string,
-): Promise<Uint8Array[]> => {
+): Promise<bigint> => {
  try {
    logger.trace('call worker for: SecretKeyCryptographyCreateKey')
    if (configLoginServerKey.length !== crypto_shorthash_KEYBYTES) {