commit
cb4ad60800
@ -0,0 +1,69 @@ |
||||
const asmcrypto = require('asmcrypto.js') |
||||
const Unibabel = require('browserify-unibabel') |
||||
|
||||
class EdgeEncryptor { |
||||
|
||||
encrypt (password, dataObject) { |
||||
|
||||
var salt = this._generateSalt() |
||||
return this._keyFromPassword(password, salt) |
||||
.then(function (key) { |
||||
|
||||
var data = JSON.stringify(dataObject) |
||||
var dataBuffer = Unibabel.utf8ToBuffer(data) |
||||
var vector = global.crypto.getRandomValues(new Uint8Array(16)) |
||||
var resultbuffer = asmcrypto.AES_GCM.encrypt(dataBuffer, key, vector) |
||||
|
||||
var buffer = new Uint8Array(resultbuffer) |
||||
var vectorStr = Unibabel.bufferToBase64(vector) |
||||
var vaultStr = Unibabel.bufferToBase64(buffer) |
||||
return JSON.stringify({ |
||||
data: vaultStr, |
||||
iv: vectorStr, |
||||
salt: salt, |
||||
}) |
||||
}) |
||||
} |
||||
|
||||
decrypt (password, text) { |
||||
|
||||
const payload = JSON.parse(text) |
||||
const salt = payload.salt |
||||
return this._keyFromPassword(password, salt) |
||||
.then(function (key) { |
||||
const encryptedData = Unibabel.base64ToBuffer(payload.data) |
||||
const vector = Unibabel.base64ToBuffer(payload.iv) |
||||
return new Promise((resolve, reject) => { |
||||
var result |
||||
try { |
||||
result = asmcrypto.AES_GCM.decrypt(encryptedData, key, vector) |
||||
} catch (err) { |
||||
return reject(new Error('Incorrect password')) |
||||
} |
||||
const decryptedData = new Uint8Array(result) |
||||
const decryptedStr = Unibabel.bufferToUtf8(decryptedData) |
||||
const decryptedObj = JSON.parse(decryptedStr) |
||||
resolve(decryptedObj) |
||||
}) |
||||
}) |
||||
} |
||||
|
||||
_keyFromPassword (password, salt) { |
||||
|
||||
var passBuffer = Unibabel.utf8ToBuffer(password) |
||||
var saltBuffer = Unibabel.base64ToBuffer(salt) |
||||
return new Promise((resolve) => { |
||||
var key = asmcrypto.PBKDF2_HMAC_SHA256.bytes(passBuffer, saltBuffer, 10000) |
||||
resolve(key) |
||||
}) |
||||
} |
||||
|
||||
_generateSalt (byteCount = 32) { |
||||
var view = new Uint8Array(byteCount) |
||||
global.crypto.getRandomValues(view) |
||||
var b64encoded = btoa(String.fromCharCode.apply(null, view)) |
||||
return b64encoded |
||||
} |
||||
} |
||||
|
||||
module.exports = EdgeEncryptor |
@ -0,0 +1,101 @@ |
||||
const assert = require('assert') |
||||
|
||||
const EdgeEncryptor = require('../../app/scripts/edge-encryptor') |
||||
|
||||
var password = 'passw0rd1' |
||||
var data = 'some random data' |
||||
|
||||
global.crypto = global.crypto || { |
||||
getRandomValues: function (array) { |
||||
for (let i = 0; i < array.length; i++) { |
||||
array[i] = Math.random() * 100 |
||||
} |
||||
return array |
||||
} |
||||
} |
||||
|
||||
describe('EdgeEncryptor', function () { |
||||
|
||||
const edgeEncryptor = new EdgeEncryptor() |
||||
describe('encrypt', function () { |
||||
|
||||
it('should encrypt the data.', function (done) { |
||||
edgeEncryptor.encrypt(password, data) |
||||
.then(function (encryptedData) { |
||||
assert.notEqual(data, encryptedData) |
||||
assert.notEqual(encryptedData.length, 0) |
||||
done() |
||||
}).catch(function (err) { |
||||
done(err) |
||||
}) |
||||
}) |
||||
|
||||
it('should return proper format.', function (done) { |
||||
edgeEncryptor.encrypt(password, data) |
||||
.then(function (encryptedData) { |
||||
let encryptedObject = JSON.parse(encryptedData) |
||||
assert.ok(encryptedObject.data, 'there is no data') |
||||
assert.ok(encryptedObject.iv && encryptedObject.iv.length != 0, 'there is no iv') |
||||
assert.ok(encryptedObject.salt && encryptedObject.salt.length != 0, 'there is no salt') |
||||
done() |
||||
}).catch(function (err) { |
||||
done(err) |
||||
}) |
||||
}) |
||||
|
||||
it('should not return the same twice.', function (done) { |
||||
|
||||
const encryptPromises = [] |
||||
encryptPromises.push(edgeEncryptor.encrypt(password, data)) |
||||
encryptPromises.push(edgeEncryptor.encrypt(password, data)) |
||||
|
||||
Promise.all(encryptPromises).then((encryptedData) => { |
||||
assert.equal(encryptedData.length, 2) |
||||
assert.notEqual(encryptedData[0], encryptedData[1]) |
||||
assert.notEqual(encryptedData[0].length, 0) |
||||
assert.notEqual(encryptedData[1].length, 0) |
||||
done() |
||||
}) |
||||
})
|
||||
}) |
||||
|
||||
describe('decrypt', function () { |
||||
it('should be able to decrypt the encrypted data.', function (done) { |
||||
|
||||
edgeEncryptor.encrypt(password, data) |
||||
.then(function (encryptedData) { |
||||
edgeEncryptor.decrypt(password, encryptedData) |
||||
.then(function (decryptedData) { |
||||
assert.equal(decryptedData, data) |
||||
done() |
||||
}) |
||||
.catch(function (err) { |
||||
done(err) |
||||
}) |
||||
}) |
||||
.catch(function (err) { |
||||
done(err) |
||||
}) |
||||
}) |
||||
|
||||
it('cannot decrypt the encrypted data with wrong password.', function (done) { |
||||
|
||||
edgeEncryptor.encrypt(password, data) |
||||
.then(function (encryptedData) { |
||||
edgeEncryptor.decrypt('wrong password', encryptedData) |
||||
.then(function (decryptedData) { |
||||
assert.fail('could decrypt with wrong password') |
||||
done() |
||||
}) |
||||
.catch(function (err) { |
||||
assert.ok(err instanceof Error) |
||||
assert.equal(err.message, 'Incorrect password') |
||||
done() |
||||
}) |
||||
}) |
||||
.catch(function (err) { |
||||
done(err) |
||||
}) |
||||
}) |
||||
}) |
||||
}) |
Loading…
Reference in new issue