officecrypto-tool
Advanced tools
Comparing version 0.0.10 to 0.0.11
| { | ||
| "name": "officecrypto-tool", | ||
| "version": "0.0.10", | ||
| "version": "0.0.11", | ||
| "description": "officeCrypto is a library for node.js that can be used to decrypt and encrypt excel files.", | ||
| "keywords": [ | ||
| "encrypt", | ||
| "decrypt" , | ||
| "xls", | ||
| "encrypt", | ||
| "decrypt", | ||
| "xls", | ||
| "xlsx", | ||
@@ -13,3 +13,3 @@ "cfb", | ||
| "ole" | ||
| ], | ||
| ], | ||
| "private": false, | ||
@@ -32,2 +32,3 @@ "license": "MIT", | ||
| "cfb": "^1.2.2", | ||
| "crypto-js": "^4.2.0", | ||
| "xml2js": "^0.6.0" | ||
@@ -47,5 +48,5 @@ }, | ||
| "repository": { | ||
| "type": "git", | ||
| "url": "git@github.com:zurmokeeper/officecrypto-tool.git" | ||
| } | ||
| "type": "git", | ||
| "url": "git@github.com:zurmokeeper/officecrypto-tool.git" | ||
| } | ||
| } |
| /* eslint-disable valid-jsdoc */ | ||
| const crypto = require('crypto'); | ||
| const CryptoJS = require('crypto-js'); | ||
@@ -25,3 +26,3 @@ /** | ||
| /** | ||
| * @desc | ||
| * @desc Only node.js is supported. | ||
| */ | ||
@@ -41,2 +42,19 @@ exports.verifyPassword = function verifyPassword(password, salt, keySize, encryptedVerifier, encryptedVerifierHash, algId = 0x00006801, block = 0) { | ||
| /** | ||
| * @desc Because crypto's front-end compatibility library, crypto-browserify, does not support the rc4 algorithm, | ||
| * we have switched to crypto-js to handle the rc4 algorithm for both node.js and the browser side. | ||
| * @returns | ||
| */ | ||
| exports.verifyPassword = function verifyPassword(password, salt, keySize, encryptedVerifier, encryptedVerifierHash, algId = 0x00006801, block = 0) { | ||
| // https://learn.microsoft.com/en-us/openspecs/office_file_formats/ms-offcrypto/fbfe41db-ca02-413a-a3bb-609fa0b25cd3?redirectedfrom=MSDN | ||
| const key = convertPasswordToKey(password, salt, keySize, block); | ||
| const cipher = CryptoJS.algo.RC4.createDecryptor(CryptoJS.lib.WordArray.create(key)); | ||
| const verifier = cipher.finalize(CryptoJS.lib.WordArray.create(encryptedVerifier)); | ||
| const verifierHash = cipher.finalize(CryptoJS.lib.WordArray.create(encryptedVerifierHash)); | ||
| const hash = CryptoJS.SHA1(verifier); | ||
| // console.log([verifierHash, hash]); | ||
| return verifierHash.toString(CryptoJS.enc.Hex) === hash.toString(CryptoJS.enc.Hex); | ||
| }; | ||
| /** | ||
| * @desc | ||
@@ -58,5 +76,12 @@ */ | ||
| // Only node.js is supported. | ||
| // Encrypt/decrypt the chunk and add it to the array | ||
| const cipher = crypto.createDecipheriv('rc4', key, ''); | ||
| const outputChunk = Buffer.concat([cipher.update(inputChunk), cipher.final()]); | ||
| // const cipher = crypto.createDecipheriv('rc4', key, ''); | ||
| // const outputChunk = Buffer.concat([cipher.update(inputChunk), cipher.final()]); | ||
| // Supports both node.js and browsers. | ||
| const cipher = CryptoJS.algo.RC4.createDecryptor(CryptoJS.lib.WordArray.create(key)); | ||
| let outputChunk = cipher.finalize(CryptoJS.lib.WordArray.create(inputChunk)); | ||
| outputChunk = Buffer.from(outputChunk.toString(CryptoJS.enc.Hex), 'hex'); | ||
| outputChunks.push(outputChunk); | ||
@@ -63,0 +88,0 @@ |
@@ -5,2 +5,3 @@ /* eslint-disable valid-jsdoc */ | ||
| const crypto = require('crypto'); | ||
| const CryptoJS = require('crypto-js'); | ||
@@ -27,13 +28,36 @@ /** | ||
| /** | ||
| * @desc Only node.js is supported. | ||
| * @returns | ||
| */ | ||
| // exports.verifyPassword = function verifyPw(password, salt, encryptedVerifier, encryptedVerifierHash) { | ||
| // const block = 0; | ||
| // const key = convertPasswordToKey(password, salt, block); | ||
| // const cipher = crypto.createDecipheriv('rc4', key, ''); | ||
| // const verifier = Buffer.concat([cipher.update(encryptedVerifier)]); | ||
| // const hash = crypto.createHash('md5').update(verifier).digest(); | ||
| // const verifierHash = Buffer.concat([cipher.update(encryptedVerifierHash), cipher.final()]); | ||
| // return verifierHash.equals(hash); | ||
| // }; | ||
| /** | ||
| * @desc Because crypto's front-end compatibility library, crypto-browserify, does not support the rc4 algorithm, | ||
| * we have switched to crypto-js to handle the rc4 algorithm for both node.js and the browser side. | ||
| * @returns | ||
| */ | ||
| exports.verifyPassword = function verifyPw(password, salt, encryptedVerifier, encryptedVerifierHash) { | ||
| const block = 0; | ||
| const key = convertPasswordToKey(password, salt, block); | ||
| const cipher = crypto.createDecipheriv('rc4', key, ''); | ||
| const verifier = Buffer.concat([cipher.update(encryptedVerifier)]); | ||
| const hash = crypto.createHash('md5').update(verifier).digest(); | ||
| const cipher = CryptoJS.algo.RC4.createDecryptor(CryptoJS.lib.WordArray.create(key)); | ||
| const verifier = cipher.finalize(CryptoJS.lib.WordArray.create(encryptedVerifier)); | ||
| const verifierHash = Buffer.concat([cipher.update(encryptedVerifierHash), cipher.final()]); | ||
| const hash = CryptoJS.MD5(verifier); | ||
| return verifierHash.equals(hash); | ||
| const verifierHash = cipher.finalize(CryptoJS.lib.WordArray.create(encryptedVerifierHash)); | ||
| return verifierHash.toString(CryptoJS.enc.Hex) === hash.toString(CryptoJS.enc.Hex); | ||
| }; | ||
@@ -59,5 +83,12 @@ | ||
| // Only node.js is supported. | ||
| // Encrypt/decrypt the chunk and add it to the array | ||
| const cipher = crypto.createDecipheriv('rc4', key, ''); | ||
| const outputChunk = Buffer.concat([cipher.update(inputChunk), cipher.final()]); | ||
| // const cipher = crypto.createDecipheriv('rc4', key, ''); | ||
| // const outputChunk = Buffer.concat([cipher.update(inputChunk), cipher.final()]); | ||
| // Supports both node.js and browsers. | ||
| const cipher = CryptoJS.algo.RC4.createDecryptor(CryptoJS.lib.WordArray.create(key)); | ||
| let outputChunk = cipher.finalize(CryptoJS.lib.WordArray.create(inputChunk)); | ||
| outputChunk = Buffer.from(outputChunk.toString(CryptoJS.enc.Hex), 'hex'); | ||
| outputChunks.push(outputChunk); | ||
@@ -64,0 +95,0 @@ |
@@ -223,3 +223,7 @@ /* eslint-disable valid-jsdoc */ | ||
| const TableWorkbook = CFB.find(currCfb, tableName); | ||
| const tableBlob = TableWorkbook.content; | ||
| let tableBlob = TableWorkbook.content; | ||
| if (!Buffer.isBuffer(tableBlob)) { | ||
| tableBlob = Buffer.from(tableBlob); | ||
| CFB.utils.prep_blob(tableBlob, 0); | ||
| } | ||
| const vMajor = tableBlob.read_shift(2); | ||
@@ -226,0 +230,0 @@ const vMinor = tableBlob.read_shift(2); |
@@ -369,3 +369,6 @@ /* eslint-disable valid-jsdoc */ | ||
| let currentUserBlob = CurrentUser.content; | ||
| if (!Buffer.isBuffer(currentUserBlob)) currentUserBlob = Buffer.from(currentUserBlob); | ||
| if (!Buffer.isBuffer(currentUserBlob)) { | ||
| currentUserBlob = Buffer.from(currentUserBlob); | ||
| CFB.utils.prep_blob(currentUserBlob, 0); | ||
| } | ||
| const persistObjectDirectory = constructPersistObjectDirectory(currentUserBlob, powerPointBlob); | ||
@@ -372,0 +375,0 @@ |
No alert changes
Improved metrics
- Total package byte prevSize
- increased by0.37%
805468
- Lines of code
- increased by1.66%
3182
Worsened metrics
- Dependency count
- increased by50%
3
Dependency changes
+ Addedcrypto-js@^4.2.0
+ Addedcrypto-js@4.2.0(transitive)