Socket
Socket
Sign inDemoInstall

node-laravel-encryptor

Package Overview
Dependencies
1
Maintainers
1
Versions
20
Alerts
File Explorer

Advanced tools

npm Scripts

Install Socket

Detect and block malicious and high-risk dependencies

Install

Comparing version 1.0.2 to 1.0.3

30

dist/call.js
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
const LaravelEncryptor_1 = require("./LaravelEncryptor");
const http = require('http');
let laravelEncryptor = new LaravelEncryptor_1.LaravelEncryptor({

@@ -8,4 +9,19 @@ laravel_key: 'LQUcxdgHIEiBAixaJ8BInmXRHdKLOacDXMEBLU0Ci/o=',

});
laravelEncryptor.encrypt('kokoa').then(enc => {
let data;
data = { foo: 1 };
if (process.argv[2])
data = JSON.parse(process.argv[2]);
laravelEncryptor.encrypt(data).then(enc => {
console.log(enc);
const req = http.request(options(enc), res => {
console.log(`statusCode: ${res.statusCode}`);
res.on('data', d => {
console.log('ON DATA');
process.stdout.write(d);
});
});
req.on('error', error => {
console.error(error);
});
req.end();
laravelEncryptor.decrypt(enc).then(enc => {

@@ -19,1 +35,13 @@ console.log(enc);

});
const options = (enc) => {
return {
hostname: 'localhost',
port: 8000,
path: '/cookie',
method: 'GET',
headers: {
'Content-Type': 'application/json',
'Cookie': `echoserver=${enc}`
}
};
};

90

dist/LaravelEncryptor.js

@@ -5,3 +5,2 @@ "use strict";

const crypto = require('crypto');
const debug = require('debug')('LaravelEncryptor');
class LaravelEncryptor {

@@ -13,5 +12,3 @@ constructor(options) {

this.errors = [];
debug(`constructor options: ${JSON.stringify(this.options)}\n`);
this.setAlgorithm();
debug('algorithm: ' + this.algorithm);
this.secret = Buffer.from(this.options.laravel_key, 'base64');

@@ -29,14 +26,16 @@ }

serialize = (serialize !== undefined) ? serialize : true;
debug(`Encrypt, data to encrypt: ${data}, serialize: ${serialize}\n`);
const payload = serialize ? this.serialize(data) : data;
return new Promise((resolve, reject) => {
this.encryptIt(payload).then(encrypted => {
encrypted.mac = this.hashIt(encrypted);
encrypted = JSON.stringify(encrypted);
encrypted = this.toBase64(encrypted);
debug(`EncryptIt data encrypted: ${JSON.stringify(encrypted)}\n`);
return resolve(encrypted);
}).catch(e => {
reject(e);
});
return this
.encryptIt(payload)
.then(this.stringifyAndBase64, this.throwError);
}
encryptIt(data) {
return this.createCypher()
.then(iv => {
let encrypted = this.cipher.update(data, 'utf8', 'base64') + this.cipher.final('base64');
return {
iv: iv,
value: encrypted,
mac: this.hashIt(iv, encrypted)
};
});

@@ -47,42 +46,20 @@ }

return Promise.reject(this.returnError());
return new Promise((resolve, reject) => {
this.decryptIt(data, serialize).then(decrypted => {
return resolve(decrypted);
}).catch(e => {
reject(e);
});
});
return this.decryptIt(data, serialize);
}
decryptIt(payload, serialize) {
serialize = (serialize !== undefined) ? serialize : true;
debug(`decryptIt, data to decrypt: ${payload}, unserialize: ${serialize}\n`);
return new Promise((resolve, reject) => {
payload = this.base64ToUtf8(payload);
try {
payload = JSON.parse(payload);
}
catch (e) {
return reject(e);
}
debug(`DecryptIt payload AFTER base64ToUtf8 and JSON.parse ${JSON.stringify(payload)}\n`);
this.createDecipheriv(payload.iv).then(_ => {
let decrypted = this.deCipher.update(payload.value, 'base64', 'utf8') + this.deCipher.final('utf8');
decrypted = serialize ? this.unSerialize(decrypted) : decrypted;
debug(`DecryptIt final payload: ${decrypted}`);
resolve(decrypted);
}).catch(e => {
return reject(e);
});
});
payload = this.base64ToUtf8(payload);
try {
payload = JSON.parse(payload);
}
catch (e) {
return Promise.reject(e);
}
return this
.createDecipheriv(payload.iv)
.then(() => {
const decrypted = this.deCipher.update(payload.value, 'base64', 'utf8') + this.deCipher.final('utf8');
return serialize ? this.unSerialize(decrypted) : decrypted;
}, this.throwError);
}
encryptIt(data) {
return new Promise((resolve, reject) => {
this.createCypher().then(iv => {
let encrypted = this.cipher.update(data, 'utf8', 'base64') + this.cipher.final('base64');
resolve({ iv: this.toBase64(iv), value: encrypted });
}).catch(e => {
return reject(e);
});
});
}
createCypher() {

@@ -93,3 +70,3 @@ return new Promise((resolve, reject) => {

this.cipher = crypto.createCipheriv(this.algorithm, this.secret, iv);
resolve(iv);
resolve(this.toBase64(iv));
}

@@ -138,5 +115,5 @@ catch (e) {

}
hashIt(payload) {
hashIt(iv, encrypted) {
let hmac = crypto.createHmac("sha256", this.secret);
return hmac.update(Buffer.from(payload.iv + payload.value, 'utf-8')).digest("hex");
return hmac.update(Buffer.from(iv + encrypted, 'utf-8')).digest("hex");
}

@@ -149,3 +126,10 @@ is_there_any_errors() {

}
stringifyAndBase64(encrypted) {
encrypted = JSON.stringify(encrypted);
return Buffer.from(encrypted).toString('base64');
}
throwError(error) {
throw error;
}
}
exports.LaravelEncryptor = LaravelEncryptor;

4

package.json
{
"name": "node-laravel-encryptor",
"module": "dist/index.js",
"version": "1.0.2",
"version": "1.0.3",
"description": "node version Laravel encrypt",

@@ -25,3 +25,2 @@ "main": "dist/index.js",

"dependencies": {
"debug": "^4.1.1",
"php-serialize": "^3.0.0"

@@ -32,3 +31,2 @@ },

"chai": "^4.2.0",
"expect": "^24.9.0",
"mocha": "^6.2.0",

@@ -35,0 +33,0 @@ "typescript": "^2.9.2"

40

src/call.ts
import {LaravelEncryptor} from './LaravelEncryptor'
const http = require('http');

@@ -6,6 +7,26 @@ let laravelEncryptor = new LaravelEncryptor({

key_length: 64
})
});
laravelEncryptor.encrypt('kokoa').then(enc => {
let data;
data = {foo: 1};
if(process.argv[2]) data = JSON.parse(process.argv[2])
laravelEncryptor.encrypt(data).then(enc => {
console.log(enc)
const req = http.request( options(enc), res => {
console.log(`statusCode: ${res.statusCode}`)
res.on('data', d => {
console.log('ON DATA')
process.stdout.write(d)
})
})
req.on('error', error => {
console.error(error)
})
req.end()
laravelEncryptor.decrypt(enc).then(enc => {

@@ -18,4 +39,17 @@ console.log(enc)

console.error(e)
})
});
const options = (enc) => {
return {
hostname: 'localhost',
port: 8000,
path: '/cookie',
method: 'GET',
headers: {
'Content-Type': 'application/json',
'Cookie': `echoserver=${enc}`
}
}
}

134

src/LaravelEncryptor.ts
const Serialize = require('php-serialize');
const crypto = require('crypto');
const debug = require('debug')('LaravelEncryptor');

@@ -61,8 +60,4 @@ // Cipher steps:

debug(`constructor options: ${JSON.stringify(this.options)}\n`);
this.setAlgorithm();
debug('algorithm: ' + this.algorithm);
this.secret = Buffer.from(this.options.laravel_key, 'base64');

@@ -89,6 +84,7 @@ }

*
* @param data
* @param data string, Buffer, TypedArray, or DataView
*
* @param serialize
*/
public encrypt(data: any, serialize?: boolean): Promise<string> {
public encrypt(data: any, serialize?: boolean): Promise<any> {

@@ -99,20 +95,25 @@ if(this.is_there_any_errors()) return Promise.reject(this.returnError());

debug(`Encrypt, data to encrypt: ${data}, serialize: ${serialize}\n`);
const payload = serialize ? this.serialize(data): data;
return new Promise((resolve, reject) => {
this.encryptIt(payload).then(encrypted => {
encrypted.mac = this.hashIt(encrypted);
return this
.encryptIt(payload)
.then(this.stringifyAndBase64, this.throwError)
}
encrypted = JSON.stringify(encrypted);
encrypted = this.toBase64(encrypted);
debug(`EncryptIt data encrypted: ${JSON.stringify(encrypted)}\n`);
return resolve(encrypted)
}).catch(e => {
reject(e)
/**
* encryptIt
*
* @param data serialized
* @return Promise object {iv, value, mac}
*/
private encryptIt(data): Promise<any> {
return this.createCypher()
.then(iv => {
let encrypted = this.cipher.update(data, 'utf8', 'base64') + this.cipher.final('base64');
return {
iv: iv,
value: encrypted,
mac: this.hashIt(iv, encrypted)
};
})
})
}

@@ -130,9 +131,3 @@

return new Promise((resolve, reject) => {
this.decryptIt(data, serialize).then(decrypted => {
return resolve(decrypted)
}).catch(e => {
reject(e)
})
})
return this.decryptIt(data, serialize)
}

@@ -151,52 +146,23 @@

debug(`decryptIt, data to decrypt: ${payload}, unserialize: ${serialize}\n`);
payload = this.base64ToUtf8(payload);
return new Promise((resolve, reject) => {
try {
payload = JSON.parse(payload);
}catch (e) {
return Promise.reject(e);
}
payload = this.base64ToUtf8(payload);
return this
.createDecipheriv(payload.iv)
.then(() => {
try {
payload = JSON.parse(payload);
}catch (e) {
return reject(e);
}
const decrypted = this.deCipher.update(payload.value, 'base64', 'utf8') + this.deCipher.final('utf8');
debug(`DecryptIt payload AFTER base64ToUtf8 and JSON.parse ${JSON.stringify(payload)}\n`);
return serialize ? this.unSerialize(decrypted) : decrypted;
this.createDecipheriv(payload.iv).then(_ => {
let decrypted = this.deCipher.update(payload.value, 'base64', 'utf8') + this.deCipher.final('utf8');
decrypted = serialize ? this.unSerialize(decrypted) : decrypted;
debug(`DecryptIt final payload: ${decrypted}`);
resolve(decrypted)
}).catch(e => {
return reject(e);
})
});
}, this.throwError)
}
/**
* encryptIt
*
* @param data serialized
* @return Promise object {iv, value}
*/
private encryptIt(data): Promise<any> {
return new Promise((resolve, reject) => {
this.createCypher().then(iv => {
let encrypted = this.cipher.update(data, 'utf8', 'base64') + this.cipher.final('base64');
resolve({iv: this.toBase64(iv), value: encrypted})
}).catch(e => {
return reject(e);
})
});
}
/**

@@ -212,3 +178,3 @@ * crypto createCipheriv

this.cipher = crypto.createCipheriv(this.algorithm, this.secret, iv);
resolve(iv)
resolve(this.toBase64(iv))
} catch (e) {

@@ -300,8 +266,9 @@ reject(e)

*
* @param payload {iv, encrypted}
* @param iv
* @param encrypted
* @return hex string
*/
private hashIt(payload): any {
private hashIt(iv, encrypted): any {
let hmac = crypto.createHmac("sha256", this.secret);
return hmac.update(Buffer.from(payload.iv + payload.value, 'utf-8')).digest("hex");
return hmac.update(Buffer.from(iv + encrypted, 'utf-8')).digest("hex");
}

@@ -326,2 +293,23 @@

}
/**
* stringifyAndBase64
* will json.stringify object {iv, value, mac} and base64 it
*
* @param encrypted {iv, value, mac}
* @return string base64
*/
private stringifyAndBase64(encrypted){
encrypted = JSON.stringify(encrypted);
return Buffer.from(encrypted).toString('base64');
}
/**
* Throw Error.
*
* @param error
*/
throwError(error){
throw error;
}
}

17

tests/index.js

@@ -7,2 +7,3 @@ const {describe, before, after, it} = require("mocha");

const text ='resistance is futile';
const one_object = {foo: "bar"};

@@ -29,2 +30,18 @@ describe('node Laravel Encrypter', function () {

it('should fail cipher and decipher object without serialize', done => {
const laravelEncryptor = new LaravelEncryptor({
laravel_key,
key_length: 64
});
laravelEncryptor
.encrypt(one_object, false)
.then()
.catch(e => {
expect(e.message).equals('The "data" argument must be one of type string, Buffer, TypedArray, or DataView. Received type object');
done()
})
});
it('should cipher and decipher with no key_length defined', done => {

@@ -31,0 +48,0 @@

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

About

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc