-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathencryption.js
More file actions
149 lines (140 loc) · 4.65 KB
/
Copy pathencryption.js
File metadata and controls
149 lines (140 loc) · 4.65 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
const crypto = require("crypto");
const { getSuperKey: getSecretKey, getIV } = require("./databases/vault");
function deterministicEncrypt(data, keyString, ivString) {
try {
const key = Buffer.from(keyString, "utf8");
const iv = Buffer.from(ivString, "utf8");
const cipher = crypto.createCipheriv("aes-256-cbc", key, iv);
let encrypted = cipher.update(data, "utf8", "hex");
encrypted += cipher.final("hex");
return encrypted;
} catch (error) {
console.error("Error in deterministic encryption:", error);
return null;
}
}
function deterministicDecrypt(encryptedData, keyString, ivString) {
try {
const key = Buffer.from(keyString, "utf8");
const iv = Buffer.from(ivString, "utf8");
const decipher = crypto.createDecipheriv("aes-256-cbc", key, iv);
let decrypted = decipher.update(encryptedData, "hex", "utf8");
decrypted += decipher.final("utf8");
return decrypted;
} catch (error) {
console.error("Error in deterministic decryption:", error);
return null;
}
}
function standardEncrypt(data, keyString) {
try {
const key = Buffer.from(keyString, "utf8");
const iv = crypto.randomBytes(16);
const cipher = crypto.createCipheriv("aes-256-cbc", key, iv);
let encrypted = cipher.update(data, "utf8", "hex");
encrypted += cipher.final("hex");
return iv.toString("hex") + encrypted;
} catch (error) {
console.error("Error in standard encryption:", error);
return null;
}
}
function standardDecrypt(data, keyString) {
try {
const key = Buffer.from(keyString, "utf8");
const iv = Buffer.from(data.slice(0, 32), "hex");
const encryptedText = data.slice(32);
const decipher = crypto.createDecipheriv("aes-256-cbc", key, iv);
let decrypted = decipher.update(encryptedText, "hex", "utf8");
decrypted += decipher.final("utf8");
return decrypted;
} catch (error) {
console.error("Error in decryption:", error);
return null;
}
}
async function savePseudonym(pseudonym, id, authId, dbClient) {
const secretKey = await getSecretKey();
const iv = await getIV();
const keyBuffer = Buffer.from(secretKey, "hex");
const ivBuffer = Buffer.from(iv, "base64");
const encryptedKey = deterministicEncrypt(pseudonym, keyBuffer, ivBuffer);
const encryptedId = standardEncrypt(id, keyBuffer);
const encryptedAuthId = deterministicEncrypt(authId, keyBuffer, ivBuffer);
const query = `INSERT INTO users_pseudonyms(pseudonym, id, auth_id) VALUES($1, $2, $3);`;
const values = [encryptedKey, encryptedId, encryptedAuthId];
try {
await dbClient.query(query, values);
} catch (err) {
console.log("Error:", err);
}
}
async function getIds(pseudonym, dbClient) {
const secretKey = await getSecretKey();
const iv = await getIV();
const keyBuffer = Buffer.from(secretKey, "hex");
const ivBuffer = Buffer.from(iv, "base64");
const searchKey = deterministicEncrypt(pseudonym, keyBuffer, ivBuffer);
const query = `SELECT id, auth_id FROM users_pseudonyms WHERE pseudonym = $1`;
const values = [searchKey];
try {
const result = await dbClient.query(query, values);
if (result.rows.length) {
return {
id: standardDecrypt(result.rows[0].id, keyBuffer),
authId: deterministicDecrypt(
result.rows[0].auth_id,
keyBuffer,
ivBuffer
),
};
}
} catch (err) {
console.log("Error:", err);
}
return null;
}
async function getPseudonymByAuthId(authId, dbClient) {
const secretKey = await getSecretKey();
const iv = await getIV();
const keyBuffer = Buffer.from(secretKey, "hex");
const ivBuffer = Buffer.from(iv, "base64");
const searchKey = deterministicEncrypt(authId, keyBuffer, ivBuffer);
const query = `SELECT pseudonym FROM users_pseudonyms WHERE auth_id = $1`;
const values = [searchKey];
try {
const result = await dbClient.query(query, values);
if (result.rows.length) {
return deterministicDecrypt(
result.rows[0].pseudonym,
keyBuffer,
ivBuffer
);
}
} catch (err) {
console.log("Error:", err);
}
return null;
}
async function deletePseudonym(pseudonym, dbClient) {
const secretKey = await getSecretKey();
const iv = await getIV();
const keyBuffer = Buffer.from(secretKey, "hex");
const ivBuffer = Buffer.from(iv, "base64");
const searchKey = deterministicEncrypt(pseudonym, keyBuffer, ivBuffer);
const query = `DELETE FROM users_pseudonyms WHERE pseudonym = $1`;
const values = [searchKey];
try {
await dbClient.query(query, values);
} catch (err) {
console.log("Error:", err);
}
}
module.exports = {
standardEncrypt,
standardDecrypt,
savePseudonym,
getIds,
getPseudonymByAuthId,
deletePseudonym,
};