snowkidind/coder.js

## coder.js
const crypto = require('crypto')
const fs = require('fs')


// Higher number decreases the probability that n can be brute forced
// iterations is the number of steps to use to derive a new key. This is intended to scale over time based on the power of cpus
const pbkdf2iterations = 106667
const encryptionKey = 'blahblahblahttayakaewpleng'


const encryptfile = async (enc_key, plaintextbytes) => {

  // turn encryption key into an 8 bit byte array
  const passphrasebytes = new TextEncoder("utf-8").encode(enc_key)

  // create a salt of some "cryptographically strong random values"
  // the presence of the salt will cause each encryption of the same data to be different
  const pbkdf2salt = crypto.getRandomValues(new Uint8Array(8))

  // Interpret the provided keyData (passphrasebytes) to create a <CryptoKey> instance.
  // format of keyData: raw, pkcs8, spki, or jwk
  // algorithms:
  // -- symmetric algorithm means the private key is shared on both sides
  //    AES-CBC, AES-CTR, AES-GCM, AES-KW, HDKF, HMAC, PBKDF2,
  // -- asymmetric means the private key on one side and a public key on the other side
  //    RSA-OAEP, RSA-PSS, RSASSA-PKCS1-v1_5 ECDSA, Ed25519, Ed448, ECDH, X25519, X448,

  // extractable: When true, the <CryptoKey> can be extracted using either subtleCrypto.exportKey() or subtleCrypto.wrapKey()
  // keyUsages: validated based on the named algorithm and will vary from one key type to the next.
  //   encrypt - encrypt data
  //   decrypt - decrypt data
  //   sign - generate digital signatures
  //   verify - verify digital signatures
  //   deriveKey - derive a new key
  //   deriveBits - derive bits
  //   wrapKey - wrap another key
  //   unwrapKey - unwrap another key

  // Here, import a CryptoKey from passphrasebytes of raw data using PBKDF2 symmetric key for the usage of bit derivation
  const passphrasekey = await crypto.subtle.importKey('raw', passphrasebytes, { name: 'PBKDF2' }, false, ['deriveBits'])

  // subtle.deriveBits(algorithm, baseKey, length)
  // algorithm: <AlgorithmIdentifier> | <EcdhKeyDeriveParams> | <HkdfParams> | <Pbkdf2Params>
  // baseKey is what we generated above
  // length: Using the method and parameters specified in algorithm and the keying material provided by baseKey,
  // deriveBits attempts to generate length bits. must be multiple of 8
  // for the 'ECDH', 'X25519', and 'X448' algorithms, length = null the max bits for a given algorithm is generated

  // Here derive bits using the PBKDF2 alg, salt it, run for iterations using this passphrasekey and length
  // 384 is determined by the intended use of the derived key material:
  // 32 bytes for the key and 16 bytes for the IV, for a total of 48 bytes or 384 bits.
  let pbkdf2bytes = await crypto.subtle.deriveBits(
    { "name": 'PBKDF2', "salt": pbkdf2salt, "iterations": pbkdf2iterations, "hash": 'SHA-256' }, passphrasekey, 384)

  // schlop it into a byte array
  pbkdf2bytes = new Uint8Array(pbkdf2bytes)

  // split up into front and back
  const keybytes = pbkdf2bytes.slice(0, 32) // bytes to be used in key

  // An initialization vector is usedto ensure that the encryption of a message is not deterministic.
  const ivbytes = pbkdf2bytes.slice(32) // remaining bytes for initialization vector

  // now import a CryptoKey using only the keybytes and perform AES-CBC (Cipher Block Chaining) algorithm
  // on 256 bit blocks for the usage of encryption
  const key = await crypto.subtle.importKey('raw', keybytes, { name: 'AES-CBC', length: 256 }, false, ['encrypt'])

  // Using the method and parameters specified by algorithm and the keying material provided by key,
  // algorithms: <RsaOaepParams> | <AesCtrParams> | <AesCbcParams> | <AesGcmParams>
  // returns <ArrayBuffer> containing the encrypted result.
  let cipherbytes = await crypto.subtle.encrypt({ name: "AES-CBC", iv: ivbytes }, key, plaintextbytes)
  cipherbytes = new Uint8Array(cipherbytes)

  const resultbytes = new Uint8Array(cipherbytes.length + 16)

  // Pass the results into the "file"
  // The format here is compatible / similar to the open ssl enc
  resultbytes.set(new TextEncoder("utf-8").encode('Salted__'))
  resultbytes.set(pbkdf2salt, 8)
  resultbytes.set(cipherbytes, 16)

  return resultbytes

}

async function decryptFile(enc_key, cipherbytes) {

  const passphrasebytes = new TextEncoder("utf-8").encode(enc_key)
  const pbkdf2salt = cipherbytes.slice(8, 16)

  const passphrasekey = await crypto.subtle.importKey('raw', passphrasebytes, { name: 'PBKDF2' }, false, ['deriveBits'])

  let pbkdf2bytes = await crypto.subtle.deriveBits({ "name": 'PBKDF2', "salt": pbkdf2salt, "iterations": pbkdf2iterations, "hash": 'SHA-256' }, passphrasekey, 384)
  pbkdf2bytes = new Uint8Array(pbkdf2bytes)

  let keybytes = pbkdf2bytes.slice(0, 32)
  let ivbytes = pbkdf2bytes.slice(32)
  cipherbytes = cipherbytes.slice(16)

  const key = await crypto.subtle.importKey('raw', keybytes, { name: 'AES-CBC', length: 256 }, false, ['decrypt'])

  let plaintextbytes = await crypto.subtle.decrypt({ name: "AES-CBC", iv: ivbytes }, key, cipherbytes)
  plaintextbytes = new Uint8Array(plaintextbytes)

  return new Buffer.from(plaintextbytes).toString('ascii')

}


; (async () => {

  const v = process.version.slice(1, 3)
  if (Number(v) < 19) {
    console.log('This script was written in Node 19.3.0')
    process.exit(1)
  }

  try {

    const rawDataFile = __dirname + '/afile.txt'
    const encryptedFile = __dirname + '/encrypted.enc'
    const plaintextbytes = await fs.readFileSync(rawDataFile) // File arrives in an array buffer
    const bytes = await encryptfile(encryptionKey, plaintextbytes)

    await fs.writeFileSync(encryptedFile, bytes)
    const cipherbytes = await fs.readFileSync(encryptedFile)

    const decrypted = await decryptFile(encryptionKey, cipherbytes)

    console.log(decrypted)

  } catch (error) {
    console.log(error)
    process.exit(1)
  }

  process.exit(0)

})()
	const crypto = require('crypto')
	const fs = require('fs')


	// Higher number decreases the probability that n can be brute forced
	// iterations is the number of steps to use to derive a new key. This is intended to scale over time based on the power of cpus
	const pbkdf2iterations = 106667
	const encryptionKey = 'blahblahblahttayakaewpleng'


	const encryptfile = async (enc_key, plaintextbytes) => {

	// turn encryption key into an 8 bit byte array
	const passphrasebytes = new TextEncoder("utf-8").encode(enc_key)

	// create a salt of some "cryptographically strong random values"
	// the presence of the salt will cause each encryption of the same data to be different
	const pbkdf2salt = crypto.getRandomValues(new Uint8Array(8))

	// Interpret the provided keyData (passphrasebytes) to create a <CryptoKey> instance.
	// format of keyData: raw, pkcs8, spki, or jwk
	// algorithms:
	// -- symmetric algorithm means the private key is shared on both sides
	// AES-CBC, AES-CTR, AES-GCM, AES-KW, HDKF, HMAC, PBKDF2,
	// -- asymmetric means the private key on one side and a public key on the other side
	// RSA-OAEP, RSA-PSS, RSASSA-PKCS1-v1_5 ECDSA, Ed25519, Ed448, ECDH, X25519, X448,

	// extractable: When true, the <CryptoKey> can be extracted using either subtleCrypto.exportKey() or subtleCrypto.wrapKey()
	// keyUsages: validated based on the named algorithm and will vary from one key type to the next.
	// encrypt - encrypt data
	// decrypt - decrypt data
	// sign - generate digital signatures
	// verify - verify digital signatures
	// deriveKey - derive a new key
	// deriveBits - derive bits
	// wrapKey - wrap another key
	// unwrapKey - unwrap another key

	// Here, import a CryptoKey from passphrasebytes of raw data using PBKDF2 symmetric key for the usage of bit derivation
	const passphrasekey = await crypto.subtle.importKey('raw', passphrasebytes, { name: 'PBKDF2' }, false, ['deriveBits'])

	// subtle.deriveBits(algorithm, baseKey, length)
	// algorithm: <AlgorithmIdentifier> \| <EcdhKeyDeriveParams> \| <HkdfParams> \| <Pbkdf2Params>
	// baseKey is what we generated above
	// length: Using the method and parameters specified in algorithm and the keying material provided by baseKey,
	// deriveBits attempts to generate length bits. must be multiple of 8
	// for the 'ECDH', 'X25519', and 'X448' algorithms, length = null the max bits for a given algorithm is generated

	// Here derive bits using the PBKDF2 alg, salt it, run for iterations using this passphrasekey and length
	// 384 is determined by the intended use of the derived key material:
	// 32 bytes for the key and 16 bytes for the IV, for a total of 48 bytes or 384 bits.
	let pbkdf2bytes = await crypto.subtle.deriveBits(
	{ "name": 'PBKDF2', "salt": pbkdf2salt, "iterations": pbkdf2iterations, "hash": 'SHA-256' }, passphrasekey, 384)

	// schlop it into a byte array
	pbkdf2bytes = new Uint8Array(pbkdf2bytes)

	// split up into front and back
	const keybytes = pbkdf2bytes.slice(0, 32) // bytes to be used in key

	// An initialization vector is usedto ensure that the encryption of a message is not deterministic.
	const ivbytes = pbkdf2bytes.slice(32) // remaining bytes for initialization vector

	// now import a CryptoKey using only the keybytes and perform AES-CBC (Cipher Block Chaining) algorithm
	// on 256 bit blocks for the usage of encryption
	const key = await crypto.subtle.importKey('raw', keybytes, { name: 'AES-CBC', length: 256 }, false, ['encrypt'])

	// Using the method and parameters specified by algorithm and the keying material provided by key,
	// algorithms: <RsaOaepParams> \| <AesCtrParams> \| <AesCbcParams> \| <AesGcmParams>
	// returns <ArrayBuffer> containing the encrypted result.
	let cipherbytes = await crypto.subtle.encrypt({ name: "AES-CBC", iv: ivbytes }, key, plaintextbytes)
	cipherbytes = new Uint8Array(cipherbytes)

	const resultbytes = new Uint8Array(cipherbytes.length + 16)

	// Pass the results into the "file"
	// The format here is compatible / similar to the open ssl enc
	resultbytes.set(new TextEncoder("utf-8").encode('Salted__'))
	resultbytes.set(pbkdf2salt, 8)
	resultbytes.set(cipherbytes, 16)

	return resultbytes

	}

	async function decryptFile(enc_key, cipherbytes) {

	const passphrasebytes = new TextEncoder("utf-8").encode(enc_key)
	const pbkdf2salt = cipherbytes.slice(8, 16)

	const passphrasekey = await crypto.subtle.importKey('raw', passphrasebytes, { name: 'PBKDF2' }, false, ['deriveBits'])

	let pbkdf2bytes = await crypto.subtle.deriveBits({ "name": 'PBKDF2', "salt": pbkdf2salt, "iterations": pbkdf2iterations, "hash": 'SHA-256' }, passphrasekey, 384)
	pbkdf2bytes = new Uint8Array(pbkdf2bytes)

	let keybytes = pbkdf2bytes.slice(0, 32)
	let ivbytes = pbkdf2bytes.slice(32)
	cipherbytes = cipherbytes.slice(16)

	const key = await crypto.subtle.importKey('raw', keybytes, { name: 'AES-CBC', length: 256 }, false, ['decrypt'])

	let plaintextbytes = await crypto.subtle.decrypt({ name: "AES-CBC", iv: ivbytes }, key, cipherbytes)
	plaintextbytes = new Uint8Array(plaintextbytes)

	return new Buffer.from(plaintextbytes).toString('ascii')

	}


	; (async () => {

	const v = process.version.slice(1, 3)
	if (Number(v) < 19) {
	console.log('This script was written in Node 19.3.0')
	process.exit(1)
	}

	try {

	const rawDataFile = __dirname + '/afile.txt'
	const encryptedFile = __dirname + '/encrypted.enc'
	const plaintextbytes = await fs.readFileSync(rawDataFile) // File arrives in an array buffer
	const bytes = await encryptfile(encryptionKey, plaintextbytes)

	await fs.writeFileSync(encryptedFile, bytes)
	const cipherbytes = await fs.readFileSync(encryptedFile)

	const decrypted = await decryptFile(encryptionKey, cipherbytes)

	console.log(decrypted)

	} catch (error) {
	console.log(error)
	process.exit(1)
	}

	process.exit(0)

	})()