Created
May 30, 2023 13:09
-
-
Save HugaidaS/ec78f3b7667291c1b7cf41894f37584c to your computer and use it in GitHub Desktop.
Encryption algorithm in Node js crypto module to secure the data
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const crypto = require("crypto"); | |
| const { scryptSync, createDecipheriv, createCipheriv } = crypto; | |
| const AES_ALGORITHM = process.env.AES_ALGORITHM || "aes-256-gcm"; | |
| const AES_PASSWORD = | |
| process.env.AES_PASSWORD || | |
| "2171eec6b212d5520d44480993d7d622a7c4c2da32f6efda0ffae5f79c5915c0"; | |
| const AES_SALT = process.env.AES_SALT || "0993d7d622a7c4c2da32f6efda0f4448"; | |
| const AES_IV = | |
| process.env.AES_IV || | |
| "6d6d6d6d6d6d62f6efda0f44480993c2da3d7d6c2da32f6efda0f44480993d7d"; | |
| class Crypto { | |
| #AES = { | |
| algorithm: null, | |
| password: null, | |
| salt: null, | |
| key: null, | |
| iv: null, | |
| isReady: false | |
| }; | |
| constructor() { | |
| this._init(); | |
| } | |
| isAESReady() { | |
| return this.#AES.isReady | |
| } | |
| async _init() { | |
| try { | |
| if (!this.#AESInitKeys()) { | |
| console.log(`failed to init [AES] keys`); | |
| return false; | |
| } | |
| } catch (e) { | |
| console.error(`#Crypto:_init ${e.message}`); | |
| } | |
| } | |
| #AESInitKeys() { | |
| try { | |
| this.#AES = { | |
| algorithm: AES_ALGORITHM, | |
| password: AES_PASSWORD, | |
| salt: AES_SALT, | |
| key: scryptSync(AES_PASSWORD, AES_SALT, 32), // l:24 if aes-192 | |
| iv: AES_IV, | |
| isReady: true | |
| }; | |
| return true; | |
| } catch (e) { | |
| console.error(`AESInitKeys: ${e.message}`); | |
| return false; | |
| } | |
| } | |
| async AESEncrypt(decData) { | |
| try { | |
| if (!this.isAESReady()) | |
| return { success: false, message: ["AES is not ready"] }; | |
| const { algorithm, key, iv } = this.#AES; | |
| console.log("Key:", key) | |
| const cipher = await createCipheriv(algorithm, key, iv); | |
| console.log("Cipher: ", JSON.stringify(cipher)) | |
| const encDataBuffer = await cipher.update(decData, "utf8"); | |
| const encData = encDataBuffer.toString("hex"); | |
| await cipher.final(); | |
| return { success: true, message: "success", data: encData }; | |
| } catch (e) { | |
| console.error(`#AES:encrypt: ${e.message}`); | |
| return { success: false, message: ["Failed to encrypt data"] }; | |
| } | |
| } | |
| hmacDigest(func = "sha256", key, data) { | |
| try { | |
| const hmac = crypto.createHmac(func, key); | |
| hmac.update(data); | |
| const hash = hmac.digest("hex"); | |
| return { success: true, message: "success", data: hash }; | |
| } catch (e) { | |
| console.error(`#AES:hmacDigest: ${e.message}`); | |
| return { success: false, message: ["Failed to hash data"] }; | |
| } | |
| } | |
| hmacVerify(func = "sha256", key, data, hash) { | |
| try { | |
| const hmac = crypto.createHmac(func, key); | |
| hmac.update(data); | |
| if (hmac.digest("hex") !== hash) | |
| return { success: false, message: "Invalid hash", data: {} }; | |
| return { success: true, message: "success" }; | |
| } catch (e) { | |
| console.error(`#AES:hmacDigest: ${e.message}`); | |
| return { success: false, message: ["Failed to verify hash data"] }; | |
| } | |
| } | |
| async AESDecrypt(encData) { | |
| try { | |
| if (!this.isAESReady()) | |
| return { success: false, message: ["AES is not ready"] }; | |
| const { algorithm, key, iv } = this.#AES; | |
| const decipher = createDecipheriv(algorithm, key, iv); | |
| const decData = await decipher.update(encData, "hex", "utf8"); | |
| return { success: true, message: "success", data: decData }; | |
| } catch (e) { | |
| console.error(`#AES:decrypt: ${e.message}`); | |
| return { success: false, message: ["Failed to decrypt data"] }; | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment