node-laravel-encryptor
Advanced tools
Comparing version 1.0.2 to 1.0.3
"use strict"; | ||
Object.defineProperty(exports, "__esModule", { value: true }); | ||
const LaravelEncryptor_1 = require("./LaravelEncryptor"); | ||
const http = require('http'); | ||
let laravelEncryptor = new LaravelEncryptor_1.LaravelEncryptor({ | ||
@@ -8,4 +9,19 @@ laravel_key: 'LQUcxdgHIEiBAixaJ8BInmXRHdKLOacDXMEBLU0Ci/o=', | ||
}); | ||
laravelEncryptor.encrypt('kokoa').then(enc => { | ||
let data; | ||
data = { foo: 1 }; | ||
if (process.argv[2]) | ||
data = JSON.parse(process.argv[2]); | ||
laravelEncryptor.encrypt(data).then(enc => { | ||
console.log(enc); | ||
const req = http.request(options(enc), res => { | ||
console.log(`statusCode: ${res.statusCode}`); | ||
res.on('data', d => { | ||
console.log('ON DATA'); | ||
process.stdout.write(d); | ||
}); | ||
}); | ||
req.on('error', error => { | ||
console.error(error); | ||
}); | ||
req.end(); | ||
laravelEncryptor.decrypt(enc).then(enc => { | ||
@@ -19,1 +35,13 @@ console.log(enc); | ||
}); | ||
const options = (enc) => { | ||
return { | ||
hostname: 'localhost', | ||
port: 8000, | ||
path: '/cookie', | ||
method: 'GET', | ||
headers: { | ||
'Content-Type': 'application/json', | ||
'Cookie': `echoserver=${enc}` | ||
} | ||
}; | ||
}; |
@@ -5,3 +5,2 @@ "use strict"; | ||
const crypto = require('crypto'); | ||
const debug = require('debug')('LaravelEncryptor'); | ||
class LaravelEncryptor { | ||
@@ -13,5 +12,3 @@ constructor(options) { | ||
this.errors = []; | ||
debug(`constructor options: ${JSON.stringify(this.options)}\n`); | ||
this.setAlgorithm(); | ||
debug('algorithm: ' + this.algorithm); | ||
this.secret = Buffer.from(this.options.laravel_key, 'base64'); | ||
@@ -29,14 +26,16 @@ } | ||
serialize = (serialize !== undefined) ? serialize : true; | ||
debug(`Encrypt, data to encrypt: ${data}, serialize: ${serialize}\n`); | ||
const payload = serialize ? this.serialize(data) : data; | ||
return new Promise((resolve, reject) => { | ||
this.encryptIt(payload).then(encrypted => { | ||
encrypted.mac = this.hashIt(encrypted); | ||
encrypted = JSON.stringify(encrypted); | ||
encrypted = this.toBase64(encrypted); | ||
debug(`EncryptIt data encrypted: ${JSON.stringify(encrypted)}\n`); | ||
return resolve(encrypted); | ||
}).catch(e => { | ||
reject(e); | ||
}); | ||
return this | ||
.encryptIt(payload) | ||
.then(this.stringifyAndBase64, this.throwError); | ||
} | ||
encryptIt(data) { | ||
return this.createCypher() | ||
.then(iv => { | ||
let encrypted = this.cipher.update(data, 'utf8', 'base64') + this.cipher.final('base64'); | ||
return { | ||
iv: iv, | ||
value: encrypted, | ||
mac: this.hashIt(iv, encrypted) | ||
}; | ||
}); | ||
@@ -47,42 +46,20 @@ } | ||
return Promise.reject(this.returnError()); | ||
return new Promise((resolve, reject) => { | ||
this.decryptIt(data, serialize).then(decrypted => { | ||
return resolve(decrypted); | ||
}).catch(e => { | ||
reject(e); | ||
}); | ||
}); | ||
return this.decryptIt(data, serialize); | ||
} | ||
decryptIt(payload, serialize) { | ||
serialize = (serialize !== undefined) ? serialize : true; | ||
debug(`decryptIt, data to decrypt: ${payload}, unserialize: ${serialize}\n`); | ||
return new Promise((resolve, reject) => { | ||
payload = this.base64ToUtf8(payload); | ||
try { | ||
payload = JSON.parse(payload); | ||
} | ||
catch (e) { | ||
return reject(e); | ||
} | ||
debug(`DecryptIt payload AFTER base64ToUtf8 and JSON.parse ${JSON.stringify(payload)}\n`); | ||
this.createDecipheriv(payload.iv).then(_ => { | ||
let decrypted = this.deCipher.update(payload.value, 'base64', 'utf8') + this.deCipher.final('utf8'); | ||
decrypted = serialize ? this.unSerialize(decrypted) : decrypted; | ||
debug(`DecryptIt final payload: ${decrypted}`); | ||
resolve(decrypted); | ||
}).catch(e => { | ||
return reject(e); | ||
}); | ||
}); | ||
payload = this.base64ToUtf8(payload); | ||
try { | ||
payload = JSON.parse(payload); | ||
} | ||
catch (e) { | ||
return Promise.reject(e); | ||
} | ||
return this | ||
.createDecipheriv(payload.iv) | ||
.then(() => { | ||
const decrypted = this.deCipher.update(payload.value, 'base64', 'utf8') + this.deCipher.final('utf8'); | ||
return serialize ? this.unSerialize(decrypted) : decrypted; | ||
}, this.throwError); | ||
} | ||
encryptIt(data) { | ||
return new Promise((resolve, reject) => { | ||
this.createCypher().then(iv => { | ||
let encrypted = this.cipher.update(data, 'utf8', 'base64') + this.cipher.final('base64'); | ||
resolve({ iv: this.toBase64(iv), value: encrypted }); | ||
}).catch(e => { | ||
return reject(e); | ||
}); | ||
}); | ||
} | ||
createCypher() { | ||
@@ -93,3 +70,3 @@ return new Promise((resolve, reject) => { | ||
this.cipher = crypto.createCipheriv(this.algorithm, this.secret, iv); | ||
resolve(iv); | ||
resolve(this.toBase64(iv)); | ||
} | ||
@@ -138,5 +115,5 @@ catch (e) { | ||
} | ||
hashIt(payload) { | ||
hashIt(iv, encrypted) { | ||
let hmac = crypto.createHmac("sha256", this.secret); | ||
return hmac.update(Buffer.from(payload.iv + payload.value, 'utf-8')).digest("hex"); | ||
return hmac.update(Buffer.from(iv + encrypted, 'utf-8')).digest("hex"); | ||
} | ||
@@ -149,3 +126,10 @@ is_there_any_errors() { | ||
} | ||
stringifyAndBase64(encrypted) { | ||
encrypted = JSON.stringify(encrypted); | ||
return Buffer.from(encrypted).toString('base64'); | ||
} | ||
throwError(error) { | ||
throw error; | ||
} | ||
} | ||
exports.LaravelEncryptor = LaravelEncryptor; |
{ | ||
"name": "node-laravel-encryptor", | ||
"module": "dist/index.js", | ||
"version": "1.0.2", | ||
"version": "1.0.3", | ||
"description": "node version Laravel encrypt", | ||
@@ -25,3 +25,2 @@ "main": "dist/index.js", | ||
"dependencies": { | ||
"debug": "^4.1.1", | ||
"php-serialize": "^3.0.0" | ||
@@ -32,3 +31,2 @@ }, | ||
"chai": "^4.2.0", | ||
"expect": "^24.9.0", | ||
"mocha": "^6.2.0", | ||
@@ -35,0 +33,0 @@ "typescript": "^2.9.2" |
import {LaravelEncryptor} from './LaravelEncryptor' | ||
const http = require('http'); | ||
@@ -6,6 +7,26 @@ let laravelEncryptor = new LaravelEncryptor({ | ||
key_length: 64 | ||
}) | ||
}); | ||
laravelEncryptor.encrypt('kokoa').then(enc => { | ||
let data; | ||
data = {foo: 1}; | ||
if(process.argv[2]) data = JSON.parse(process.argv[2]) | ||
laravelEncryptor.encrypt(data).then(enc => { | ||
console.log(enc) | ||
const req = http.request( options(enc), res => { | ||
console.log(`statusCode: ${res.statusCode}`) | ||
res.on('data', d => { | ||
console.log('ON DATA') | ||
process.stdout.write(d) | ||
}) | ||
}) | ||
req.on('error', error => { | ||
console.error(error) | ||
}) | ||
req.end() | ||
laravelEncryptor.decrypt(enc).then(enc => { | ||
@@ -18,4 +39,17 @@ console.log(enc) | ||
console.error(e) | ||
}) | ||
}); | ||
const options = (enc) => { | ||
return { | ||
hostname: 'localhost', | ||
port: 8000, | ||
path: '/cookie', | ||
method: 'GET', | ||
headers: { | ||
'Content-Type': 'application/json', | ||
'Cookie': `echoserver=${enc}` | ||
} | ||
} | ||
} | ||
const Serialize = require('php-serialize'); | ||
const crypto = require('crypto'); | ||
const debug = require('debug')('LaravelEncryptor'); | ||
@@ -61,8 +60,4 @@ // Cipher steps: | ||
debug(`constructor options: ${JSON.stringify(this.options)}\n`); | ||
this.setAlgorithm(); | ||
debug('algorithm: ' + this.algorithm); | ||
this.secret = Buffer.from(this.options.laravel_key, 'base64'); | ||
@@ -89,6 +84,7 @@ } | ||
* | ||
* @param data | ||
* @param data string, Buffer, TypedArray, or DataView | ||
* | ||
* @param serialize | ||
*/ | ||
public encrypt(data: any, serialize?: boolean): Promise<string> { | ||
public encrypt(data: any, serialize?: boolean): Promise<any> { | ||
@@ -99,20 +95,25 @@ if(this.is_there_any_errors()) return Promise.reject(this.returnError()); | ||
debug(`Encrypt, data to encrypt: ${data}, serialize: ${serialize}\n`); | ||
const payload = serialize ? this.serialize(data): data; | ||
return new Promise((resolve, reject) => { | ||
this.encryptIt(payload).then(encrypted => { | ||
encrypted.mac = this.hashIt(encrypted); | ||
return this | ||
.encryptIt(payload) | ||
.then(this.stringifyAndBase64, this.throwError) | ||
} | ||
encrypted = JSON.stringify(encrypted); | ||
encrypted = this.toBase64(encrypted); | ||
debug(`EncryptIt data encrypted: ${JSON.stringify(encrypted)}\n`); | ||
return resolve(encrypted) | ||
}).catch(e => { | ||
reject(e) | ||
/** | ||
* encryptIt | ||
* | ||
* @param data serialized | ||
* @return Promise object {iv, value, mac} | ||
*/ | ||
private encryptIt(data): Promise<any> { | ||
return this.createCypher() | ||
.then(iv => { | ||
let encrypted = this.cipher.update(data, 'utf8', 'base64') + this.cipher.final('base64'); | ||
return { | ||
iv: iv, | ||
value: encrypted, | ||
mac: this.hashIt(iv, encrypted) | ||
}; | ||
}) | ||
}) | ||
} | ||
@@ -130,9 +131,3 @@ | ||
return new Promise((resolve, reject) => { | ||
this.decryptIt(data, serialize).then(decrypted => { | ||
return resolve(decrypted) | ||
}).catch(e => { | ||
reject(e) | ||
}) | ||
}) | ||
return this.decryptIt(data, serialize) | ||
} | ||
@@ -151,52 +146,23 @@ | ||
debug(`decryptIt, data to decrypt: ${payload}, unserialize: ${serialize}\n`); | ||
payload = this.base64ToUtf8(payload); | ||
return new Promise((resolve, reject) => { | ||
try { | ||
payload = JSON.parse(payload); | ||
}catch (e) { | ||
return Promise.reject(e); | ||
} | ||
payload = this.base64ToUtf8(payload); | ||
return this | ||
.createDecipheriv(payload.iv) | ||
.then(() => { | ||
try { | ||
payload = JSON.parse(payload); | ||
}catch (e) { | ||
return reject(e); | ||
} | ||
const decrypted = this.deCipher.update(payload.value, 'base64', 'utf8') + this.deCipher.final('utf8'); | ||
debug(`DecryptIt payload AFTER base64ToUtf8 and JSON.parse ${JSON.stringify(payload)}\n`); | ||
return serialize ? this.unSerialize(decrypted) : decrypted; | ||
this.createDecipheriv(payload.iv).then(_ => { | ||
let decrypted = this.deCipher.update(payload.value, 'base64', 'utf8') + this.deCipher.final('utf8'); | ||
decrypted = serialize ? this.unSerialize(decrypted) : decrypted; | ||
debug(`DecryptIt final payload: ${decrypted}`); | ||
resolve(decrypted) | ||
}).catch(e => { | ||
return reject(e); | ||
}) | ||
}); | ||
}, this.throwError) | ||
} | ||
/** | ||
* encryptIt | ||
* | ||
* @param data serialized | ||
* @return Promise object {iv, value} | ||
*/ | ||
private encryptIt(data): Promise<any> { | ||
return new Promise((resolve, reject) => { | ||
this.createCypher().then(iv => { | ||
let encrypted = this.cipher.update(data, 'utf8', 'base64') + this.cipher.final('base64'); | ||
resolve({iv: this.toBase64(iv), value: encrypted}) | ||
}).catch(e => { | ||
return reject(e); | ||
}) | ||
}); | ||
} | ||
/** | ||
@@ -212,3 +178,3 @@ * crypto createCipheriv | ||
this.cipher = crypto.createCipheriv(this.algorithm, this.secret, iv); | ||
resolve(iv) | ||
resolve(this.toBase64(iv)) | ||
} catch (e) { | ||
@@ -300,8 +266,9 @@ reject(e) | ||
* | ||
* @param payload {iv, encrypted} | ||
* @param iv | ||
* @param encrypted | ||
* @return hex string | ||
*/ | ||
private hashIt(payload): any { | ||
private hashIt(iv, encrypted): any { | ||
let hmac = crypto.createHmac("sha256", this.secret); | ||
return hmac.update(Buffer.from(payload.iv + payload.value, 'utf-8')).digest("hex"); | ||
return hmac.update(Buffer.from(iv + encrypted, 'utf-8')).digest("hex"); | ||
} | ||
@@ -326,2 +293,23 @@ | ||
} | ||
/** | ||
* stringifyAndBase64 | ||
* will json.stringify object {iv, value, mac} and base64 it | ||
* | ||
* @param encrypted {iv, value, mac} | ||
* @return string base64 | ||
*/ | ||
private stringifyAndBase64(encrypted){ | ||
encrypted = JSON.stringify(encrypted); | ||
return Buffer.from(encrypted).toString('base64'); | ||
} | ||
/** | ||
* Throw Error. | ||
* | ||
* @param error | ||
*/ | ||
throwError(error){ | ||
throw error; | ||
} | ||
} |
@@ -7,2 +7,3 @@ const {describe, before, after, it} = require("mocha"); | ||
const text ='resistance is futile'; | ||
const one_object = {foo: "bar"}; | ||
@@ -29,2 +30,18 @@ describe('node Laravel Encrypter', function () { | ||
it('should fail cipher and decipher object without serialize', done => { | ||
const laravelEncryptor = new LaravelEncryptor({ | ||
laravel_key, | ||
key_length: 64 | ||
}); | ||
laravelEncryptor | ||
.encrypt(one_object, false) | ||
.then() | ||
.catch(e => { | ||
expect(e.message).equals('The "data" argument must be one of type string, Buffer, TypedArray, or DataView. Received type object'); | ||
done() | ||
}) | ||
}); | ||
it('should cipher and decipher with no key_length defined', done => { | ||
@@ -31,0 +48,0 @@ |
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
30218
1
4
643
2
- Removeddebug@^4.1.1
- Removeddebug@4.3.4(transitive)
- Removedms@2.1.2(transitive)