File-Manager/encryption.js at main · Johnnycrypto289/File-Manager · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
/**
 * Data Encryption Utility
 * Provides encryption and decryption functions for sensitive data
 */

const crypto = require('crypto');
const logger = require('./logger');

// Get encryption key from environment variables
const ENCRYPTION_KEY = process.env.ENCRYPTION_KEY;
if (!ENCRYPTION_KEY) {
  logger.warn('ENCRYPTION_KEY not set in environment variables. Using fallback key (not recommended for production)');
}

// Use environment variable or fallback (for development only)
const encryptionKey = ENCRYPTION_KEY || 'fallback_encryption_key_for_development_only';

// Encryption algorithm
const ALGORITHM = 'aes-256-gcm';

/**
 * Encrypt data
 * @param {string} text - Text to encrypt
 * @returns {Object} Encrypted data with iv and auth tag
 */
const encrypt = (text) => {
  try {
    if (!text) return null;

    // Create initialization vector
    const iv = crypto.randomBytes(16);

    // Create cipher
    const cipher = crypto.createCipheriv(
      ALGORITHM,
      crypto.scryptSync(encryptionKey, 'salt', 32),
      iv
    );

    // Encrypt data
    let encrypted = cipher.update(text, 'utf8', 'hex');
    encrypted += cipher.final('hex');

    // Get authentication tag
    const authTag = cipher.getAuthTag().toString('hex');

    return {
      iv: iv.toString('hex'),
      encrypted,
      authTag
    };
  } catch (error) {
    logger.error('Error encrypting data:', error);
    throw new Error('Encryption failed');
  }
};

/**
 * Decrypt data
 * @param {Object} encryptedData - Encrypted data object with iv, encrypted text, and auth tag
 * @returns {string} Decrypted text
 */
const decrypt = (encryptedData) => {
  try {
    if (!encryptedData || !encryptedData.iv || !encryptedData.encrypted || !encryptedData.authTag) {
      return null;
    }

    // Create decipher
    const decipher = crypto.createDecipheriv(
      ALGORITHM,
      crypto.scryptSync(encryptionKey, 'salt', 32),
      Buffer.from(encryptedData.iv, 'hex')
    );

    // Set auth tag
    decipher.setAuthTag(Buffer.from(encryptedData.authTag, 'hex'));

    // Decrypt data
    let decrypted = decipher.update(encryptedData.encrypted, 'hex', 'utf8');
    decrypted += decipher.final('utf8');

    return decrypted;
  } catch (error) {
    logger.error('Error decrypting data:', error);
    throw new Error('Decryption failed');
  }
};

/**
 * Hash data (one-way)
 * @param {string} text - Text to hash
 * @returns {string} Hashed text
 */
const hash = (text) => {
  try {
    if (!text) return null;

    return crypto
      .createHash('sha256')
      .update(text)
      .digest('hex');
  } catch (error) {
    logger.error('Error hashing data:', error);
    throw new Error('Hashing failed');
  }
};

module.exports = {
  encrypt,
  decrypt,
  hash
};