This commit is contained in:
Timo Hocker 2020-03-04 15:35:04 +01:00
parent 850515cc42
commit 85e3303341
3 changed files with 4560 additions and 28 deletions

View File

@ -3,6 +3,7 @@
* Created by Timo Hocker <timo@scode.ovh>, March 2020 * Created by Timo Hocker <timo@scode.ovh>, March 2020
*/ */
// @ts-nocheck
/* eslint-disable no-magic-numbers */ /* eslint-disable no-magic-numbers */
'use strict'; 'use strict';
@ -13,7 +14,7 @@ const encryption = {
algorithm: 'aes-256-gcm', algorithm: 'aes-256-gcm',
nonce_size: 12, nonce_size: 12,
tag_size: 16, tag_size: 16,
key_size: 16, key_size: 32,
hash: 'sha256', hash: 'sha256',
salt_size: 16, salt_size: 16,
iterations: 32767 iterations: 32767
@ -181,8 +182,10 @@ function encrypt_aes (text, pass) {
* @returns {string} plaintext * @returns {string} plaintext
*/ */
function decrypt_aes (ciphertext, pass) { function decrypt_aes (ciphertext, pass) {
const buf = Buffer.from (ciphertext, 'base64'); try {
let buf = Buffer.from (ciphertext, 'base64');
const salt = buf.slice (0, encryption.salt_size); const salt = buf.slice (0, encryption.salt_size);
buf = buf.slice (encryption.salt_size);
// eslint-disable-next-line no-sync // eslint-disable-next-line no-sync
const key = crypto.pbkdf2Sync ( const key = crypto.pbkdf2Sync (
Buffer.from (pass, 'utf-8'), Buffer.from (pass, 'utf-8'),
@ -191,23 +194,23 @@ function decrypt_aes (ciphertext, pass) {
encryption.key_size, encryption.key_size,
encryption.hash encryption.hash
); );
const nonce = buf.slice (encryption.salt_size, encryption.nonce_size); const nonce = buf.slice (0, encryption.nonce_size);
const enc = buf.slice ( buf = buf.slice (encryption.nonce_size);
encryption.salt_size + encryption.nonce_size,
buf.length - encryption.salt_size - encryption.tag_size
);
const tag = buf.slice ( const tag = buf.slice (
encryption.salt_size buf.length - encryption.tag_size
+ encryption.nonce_size
+ enc.length
); );
buf = buf.slice (0, buf.length - encryption.tag_size);
const cipher = crypto.createDecipheriv (encryption.algorithm, key, nonce); const cipher = crypto.createDecipheriv (encryption.algorithm, key, nonce);
cipher.setAuthTag (tag); cipher.setAuthTag (tag);
return Buffer.concat ([ return Buffer.concat ([
cipher.update (enc), cipher.update (buf),
cipher.final () cipher.final ()
]) ])
.toString ('utf-8'); .toString ('utf-8');
}
catch (e) {
return null;
}
} }
module.exports = { module.exports = {

4512
package-lock.json generated Normal file

File diff suppressed because it is too large Load Diff

View File

@ -1,3 +1,5 @@
/* eslint-disable no-magic-numbers */
// @ts-nocheck
'use strict'; 'use strict';
const test = require ('ava'); const test = require ('ava');
@ -19,3 +21,18 @@ test ('fail decryption', (t) => {
const dec = crypto.decrypt_aes (enc, 'baz'); const dec = crypto.decrypt_aes (enc, 'baz');
t.is (dec, null); t.is (dec, null);
}); });
test ('unique crypto strings', (t) => {
const enc = [
crypto.encrypt_aes ('foo', 'bar'),
crypto.encrypt_aes ('foo', 'bar'),
crypto.encrypt_aes ('foo', 'bar'),
crypto.encrypt_aes ('foo', 'bar'),
crypto.encrypt_aes ('foo', 'bar'),
crypto.encrypt_aes ('foo', 'bar'),
crypto.encrypt_aes ('foo', 'bar'),
crypto.encrypt_aes ('foo', 'bar')
];
const unique = enc.filter ((v, i) => enc.indexOf (v) === i).length;
t.is (unique, 8);
});