-
Notifications
You must be signed in to change notification settings - Fork 5
/
crypt.js
55 lines (48 loc) · 1.46 KB
/
crypt.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
'use strict'
const crypto = require('crypto')
const nacl = require('tweetnacl')
const naclUtil = require('tweetnacl-util')
/* understand/
* This module contains crytography functions wrappers to make it easier
* to use `nacl`.
*/
module.exports = {
password2key: password2key,
createNonce: createNonce,
createSalt: createSalt,
encrypt: encrypt,
decrypt: decrypt,
}
/* outcome/
* We use the standard `pbkdf2()` function with the given salt to
* generate a password key.
*/
function password2key(salt, password, cb) {
crypto.pbkdf2(password, salt, 100000, nacl.secretbox.keyLength, 'sha512', cb)
}
function createNonce() {
return naclUtil.encodeBase64(nacl.randomBytes(nacl.secretbox.nonceLength))
}
function createSalt() {
return naclUtil.encodeBase64(nacl.randomBytes(32))
}
/* outcome/
* Encrypt the given string using the given nonce and return a
* javascript-safe string.
*/
function encrypt(str, nonce, password) {
let v = naclUtil.decodeUTF8(str)
let n = naclUtil.decodeBase64(nonce)
return naclUtil.encodeBase64(nacl.secretbox(v, n, password))
}
/* outcome/
* Decrypt the given string using the given password and nonce (return
* `false` if decoding fails).
*/
function decrypt(enc, nonce, password) {
let v = naclUtil.decodeBase64(enc)
let n = naclUtil.decodeBase64(nonce)
let dec = nacl.secretbox.open(v, n, password)
if(!dec) return false
else return naclUtil.encodeUTF8(dec)
}