CHAI
/
chtech-anythingllm
4
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
22 Commits
1 Branch
0 Tags
235 MiB
Tree: cbbf5e2877
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'cbbf5e2877'
${ noResults }
chtech-anythingllm/server/utils/EncryptionManager/index.js

85 lines
2.8 KiB
Raw Normal View History

first commit
11 months ago
  1. const crypto = require("crypto");
  2. const { dumpENV } = require("../helpers/updateENV");
  4. // Class that is used to arbitrarily encrypt/decrypt string data via a persistent passphrase/salt that
  5. // is either user defined or is created and saved to the ENV on creation.
  6. class EncryptionManager {
  7. #keyENV = "SIG_KEY";
  8. #saltENV = "SIG_SALT";
  9. #encryptionKey;
  10. #encryptionSalt;
  12. constructor({ key = null, salt = null } = {}) {
  13. this.#loadOrCreateKeySalt(key, salt);
  14. this.key = crypto.scryptSync(this.#encryptionKey, this.#encryptionSalt, 32);
  15. this.algorithm = "aes-256-cbc";
  16. this.separator = ":";
  18. // Used to send key to collector process to be able to decrypt data since they do not share ENVs
  19. // this value should use the CommunicationKey.encrypt process before sending anywhere outside the
  20. // server process so it is never sent in its raw format.
  21. this.xPayload = this.key.toString("base64");
  22. }
  24. log(text, ...args) {
  25. console.log(`\x1b[36m[EncryptionManager]\x1b[0m ${text}`, ...args);
  26. }
  28. #loadOrCreateKeySalt(_key = null, _salt = null) {
  29. if (!!_key && !!_salt) {
  30. this.log(
  31. "Pre-assigned key & salt for encrypting arbitrary data was used."
  32. );
  33. this.#encryptionKey = _key;
  34. this.#encryptionSalt = _salt;
  35. return;
  36. }
  38. if (!process.env[this.#keyENV] || !process.env[this.#saltENV]) {
  39. this.log("Self-assigning key & salt for encrypting arbitrary data.");
  40. process.env[this.#keyENV] = crypto.randomBytes(32).toString("hex");
  41. process.env[this.#saltENV] = crypto.randomBytes(32).toString("hex");
  42. if (process.env.NODE_ENV === "production") dumpENV();
  43. } else
  44. this.log("Loaded existing key & salt for encrypting arbitrary data.");
  46. this.#encryptionKey = process.env[this.#keyENV];
  47. this.#encryptionSalt = process.env[this.#saltENV];
  48. return;
  49. }
  51. encrypt(plainTextString = null) {
  52. try {
  53. if (!plainTextString)
  54. throw new Error("Empty string is not valid for this method.");
  55. const iv = crypto.randomBytes(16);
  56. const cipher = crypto.createCipheriv(this.algorithm, this.key, iv);
  57. const encrypted = cipher.update(plainTextString, "utf8", "hex");
  58. return [
  59. encrypted + cipher.final("hex"),
  60. Buffer.from(iv).toString("hex"),
  61. ].join(this.separator);
  62. } catch (e) {
  63. this.log(e);
  64. return null;
  65. }
  66. }
  68. decrypt(encryptedString) {
  69. try {
  70. const [encrypted, iv] = encryptedString.split(this.separator);
  71. if (!iv) throw new Error("IV not found");
  72. const decipher = crypto.createDecipheriv(
  73. this.algorithm,
  74. this.key,
  75. Buffer.from(iv, "hex")
  76. );
  77. return decipher.update(encrypted, "hex", "utf8") + decipher.final("utf8");
  78. } catch (e) {
  79. this.log(e);
  80. return null;
  81. }
  82. }
  83. }
  85. module.exports = { EncryptionManager };