bruno/remotely-save
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

use default enc

Browse Source
This commit is contained in:
fyears 2021-11-02 10:11:45 +08:00
parent da180fcc92
commit ab8805f272
2 changed files with 48 additions and 70 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

116
src/encrypt.ts
View File

@ -1,65 +1,53 @@
import * as CryptoJS from "crypto-js"; import * as crypto from "crypto";
import * as base32 from "hi-base32"; import * as base32 from "hi-base32";
import { import { bufferToArrayBuffer, arrayBufferToBuffer } from "./misc";
bufferToArrayBuffer,
arrayBufferToBuffer,
arrayBufferToBase64,
base64ToArrayBuffer,
} from "./misc";
const DEFAULT_ITER = 10000; const DEFAULT_ITER = 10000;
export const encryptWordArray = ( export const encryptBuffer = (
wa: CryptoJS.lib.WordArray, buf: Buffer,
password: string, password: string,
rounds: number = DEFAULT_ITER rounds: number = DEFAULT_ITER
) => { ) => {
const prefix = CryptoJS.enc.Utf8.parse("Salted__"); const salt = crypto.randomBytes(8);
const salt = CryptoJS.lib.WordArray.random(8); const derivedKey = crypto.pbkdf2Sync(
const derivedKey = CryptoJS.PBKDF2(password, salt, { password,
keySize: 32 + 16, salt,
iterations: rounds, rounds,
hasher: CryptoJS.algo.SHA256, 32 + 16,
}); "sha256"
const key = CryptoJS.lib.WordArray.create(derivedKey.words.slice(0, 32 / 4));
const iv = CryptoJS.lib.WordArray.create(
derivedKey.words.slice(32 / 4, (32 + 16) / 4)
); );
const encrypted = CryptoJS.AES.encrypt(wa, key, { iv: iv }).ciphertext; const key = derivedKey.slice(0, 32);
const res = CryptoJS.lib.WordArray.create() const iv = derivedKey.slice(32, 32 + 16);
.concat(prefix) const cipher = crypto.createCipheriv("aes-256-cbc", key, iv);
.concat(salt) cipher.write(buf);
.concat(encrypted); cipher.end();
const encrypted = cipher.read();
const res = Buffer.concat([Buffer.from("Salted__"), salt, encrypted]);
return res; return res;
}; };
export const decryptWordArray = ( export const decryptBuffer = (
wa: CryptoJS.lib.WordArray, buf: Buffer,
password: string, password: string,
rounds: number = DEFAULT_ITER rounds: number = DEFAULT_ITER
) => { ) => {
const prefix = CryptoJS.lib.WordArray.create(wa.words.slice(0, 8 / 4)); const prefix = buf.slice(0, 8);
const salt = buf.slice(8, 16);
const salt = CryptoJS.lib.WordArray.create( const derivedKey = crypto.pbkdf2Sync(
wa.words.slice(8 / 4, (8 + 8) / 4) password,
salt,
rounds,
32 + 16,
"sha256"
); );
const derivedKey = CryptoJS.PBKDF2(password, salt, { const key = derivedKey.slice(0, 32);
keySize: 32 + 16, const iv = derivedKey.slice(32, 32 + 16);
iterations: rounds, const decipher = crypto.createDecipheriv("aes-256-cbc", key, iv);
hasher: CryptoJS.algo.SHA256, decipher.write(buf.slice(16));
}); decipher.end();
const key = CryptoJS.lib.WordArray.create(derivedKey.words.slice(0, 32 / 4)); const decrypted = decipher.read();
const iv = CryptoJS.lib.WordArray.create( return decrypted as Buffer;
derivedKey.words.slice(32 / 4, 32 / 4 + 16 / 4)
);
const decrypted = CryptoJS.AES.decrypt(
CryptoJS.lib.CipherParams.create({
ciphertext: CryptoJS.lib.WordArray.create(wa.words.slice((8 + 8) / 4)),
}),
key,
{ iv: iv }
);
return decrypted;
}; };
export const encryptArrayBuffer = ( export const encryptArrayBuffer = (
@ -67,12 +55,9 @@ export const encryptArrayBuffer = (
password: string, password: string,
rounds: number = DEFAULT_ITER rounds: number = DEFAULT_ITER
) => { ) => {
const b64 = arrayBufferToBase64(arrBuf); return bufferToArrayBuffer(
const wa = CryptoJS.enc.Base64.parse(b64); encryptBuffer(arrayBufferToBuffer(arrBuf), password, rounds)
const enc = encryptWordArray(wa, password, rounds); );
const resb64 = CryptoJS.enc.Base64.stringify(enc);
const res = base64ToArrayBuffer(resb64);
return res;
}; };
export const decryptArrayBuffer = ( export const decryptArrayBuffer = (
@ -80,12 +65,9 @@ export const decryptArrayBuffer = (
password: string, password: string,
rounds: number = DEFAULT_ITER rounds: number = DEFAULT_ITER
) => { ) => {
const b64 = arrayBufferToBase64(arrBuf); return bufferToArrayBuffer(
const wa = CryptoJS.enc.Base64.parse(b64); decryptBuffer(arrayBufferToBuffer(arrBuf), password, rounds)
const dec = decryptWordArray(wa, password, rounds); );
const resb64 = CryptoJS.enc.Base64.stringify(dec);
const res = base64ToArrayBuffer(resb64);
return res;
}; };
export const encryptStringToBase32 = ( export const encryptStringToBase32 = (
@ -93,11 +75,7 @@ export const encryptStringToBase32 = (
password: string, password: string,
rounds: number = DEFAULT_ITER rounds: number = DEFAULT_ITER
) => { ) => {
const wa = CryptoJS.enc.Utf8.parse(text); return base32.encode(encryptBuffer(Buffer.from(text), password, rounds));
const enc = encryptWordArray(wa, password, rounds);
const enctext = CryptoJS.enc.Base64.stringify(enc);
const res = base32.encode(base64ToArrayBuffer(enctext));
return res;
}; };
export const decryptBase32ToString = ( export const decryptBase32ToString = (
@ -105,9 +83,9 @@ export const decryptBase32ToString = (
password: string, password: string,
rounds: number = DEFAULT_ITER rounds: number = DEFAULT_ITER
) => { ) => {
const enc = Buffer.from(base32.decode.asBytes(text)).toString("base64"); return decryptBuffer(
const wa = CryptoJS.enc.Base64.parse(enc); Buffer.from(base32.decode.asBytes(text)),
const dec = decryptWordArray(wa, password, rounds); password,
const dectext = CryptoJS.enc.Utf8.stringify(dec); rounds
return dectext; ).toString();
}; };

2
webpack.config.js
View File

@ -31,7 +31,7 @@ module.exports = {
}, },
resolve: { resolve: {
extensions: [".tsx", ".ts", ".js"], extensions: [".tsx", ".ts", ".js"],
mainFields: ["module", "main"], mainFields: ["browser", "module", "main"],
fallback: { fallback: {
assert: require.resolve("assert"), assert: require.resolve("assert"),
buffer: require.resolve("buffer/"), buffer: require.resolve("buffer/"),