forked from MauriceButler/cryptr
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathindex.js
59 lines (42 loc) · 1.74 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
const crypto = require('crypto');
const algorithm = 'aes-256-gcm';
const ivLength = 16;
const saltLength = 64;
const tagLength = 16;
const tagPosition = saltLength + ivLength;
const encryptedPosition = tagPosition + tagLength;
function Cryptr(secret) {
if (!secret || typeof secret !== 'string') {
throw new Error('Cryptr: secret must be a non-0-length string');
}
function getKey(salt) {
return crypto.pbkdf2Sync(secret, salt, 100000, 32, 'sha512');
}
this.encrypt = function encrypt(value) {
if (value == null) {
throw new Error('value must not be null or undefined');
}
const iv = crypto.randomBytes(ivLength);
const salt = crypto.randomBytes(saltLength);
const key = getKey(salt);
const cipher = crypto.createCipheriv(algorithm, key, iv);
const encrypted = Buffer.concat([cipher.update(String(value), 'utf8'), cipher.final()]);
const tag = cipher.getAuthTag();
return Buffer.concat([salt, iv, tag, encrypted]).toString('hex');
};
this.decrypt = function decrypt(value) {
if (value == null) {
throw new Error('value must not be null or undefined');
}
const stringValue = Buffer.from(String(value), 'hex');
const salt = stringValue.slice(0, saltLength);
const iv = stringValue.slice(saltLength, tagPosition);
const tag = stringValue.slice(tagPosition, encryptedPosition);
const encrypted = stringValue.slice(encryptedPosition);
const key = getKey(salt);
const decipher = crypto.createDecipheriv(algorithm, key, iv);
decipher.setAuthTag(tag);
return decipher.update(encrypted) + decipher.final('utf8');
};
}
module.exports = Cryptr;