diff options
Diffstat (limited to 'node_modules/evp_bytestokey')
| -rw-r--r-- | node_modules/evp_bytestokey/LICENSE | 21 | ||||
| -rw-r--r-- | node_modules/evp_bytestokey/README.md | 51 | ||||
| -rw-r--r-- | node_modules/evp_bytestokey/index.js | 45 | ||||
| -rw-r--r-- | node_modules/evp_bytestokey/package.json | 78 |
4 files changed, 195 insertions, 0 deletions
diff --git a/node_modules/evp_bytestokey/LICENSE b/node_modules/evp_bytestokey/LICENSE new file mode 100644 index 0000000..f06007a --- /dev/null +++ b/node_modules/evp_bytestokey/LICENSE @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) 2017 crypto-browserify contributors + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/node_modules/evp_bytestokey/README.md b/node_modules/evp_bytestokey/README.md new file mode 100644 index 0000000..36da238 --- /dev/null +++ b/node_modules/evp_bytestokey/README.md @@ -0,0 +1,51 @@ +# EVP\_BytesToKey +[](https://www.npmjs.org/package/evp_bytestokey) +[](https://travis-ci.org/crypto-browserify/EVP_BytesToKey) +[](https://david-dm.org/crypto-browserify/EVP_BytesToKey#info=dependencies) + +[](https://github.com/feross/standard) + +The insecure [key derivation algorithm from OpenSSL.][1] + +**WARNING: DO NOT USE, except for compatibility reasons.** + +MD5 is insecure. + +Use at least `scrypt` or `pbkdf2-hmac-sha256` instead. + + +## API +`EVP_BytesToKey(password, salt, keyLen, ivLen)` + +* `password` - `Buffer`, password used to derive the key data. +* `salt` - 8 byte `Buffer` or `null`, salt is used as a salt in the derivation. +* `keyBits` - `number`, key length in **bits**. +* `ivLen` - `number`, iv length in bytes. + +*Returns*: `{ key: Buffer, iv: Buffer }` + + +## Examples +MD5 with `aes-256-cbc`: + +```js +const crypto = require('crypto') +const EVP_BytesToKey = require('evp_bytestokey') + +const result = EVP_BytesToKey( + 'my-secret-password', + null, + 32, + 16 +) +// => +// { key: <Buffer e3 4f 96 f3 86 24 82 7c c2 5d ff 23 18 6f 77 72 54 45 7f 49 d4 be 4b dd 4f 6e 1b cc 92 a4 27 33>, +// iv: <Buffer 85 71 9a bf ae f4 1e 74 dd 46 b6 13 79 56 f5 5b> } + +const cipher = crypto.createCipheriv('aes-256-cbc', result.key, result.iv) +``` + +## LICENSE [MIT](LICENSE) + +[1]: https://wiki.openssl.org/index.php/Manual:EVP_BytesToKey(3) +[2]: https://nodejs.org/api/crypto.html#crypto_class_hash diff --git a/node_modules/evp_bytestokey/index.js b/node_modules/evp_bytestokey/index.js new file mode 100644 index 0000000..f9d4757 --- /dev/null +++ b/node_modules/evp_bytestokey/index.js @@ -0,0 +1,45 @@ +var Buffer = require('safe-buffer').Buffer +var MD5 = require('md5.js') + +/* eslint-disable camelcase */ +function EVP_BytesToKey (password, salt, keyBits, ivLen) { + if (!Buffer.isBuffer(password)) password = Buffer.from(password, 'binary') + if (salt) { + if (!Buffer.isBuffer(salt)) salt = Buffer.from(salt, 'binary') + if (salt.length !== 8) throw new RangeError('salt should be Buffer with 8 byte length') + } + + var keyLen = keyBits / 8 + var key = Buffer.alloc(keyLen) + var iv = Buffer.alloc(ivLen || 0) + var tmp = Buffer.alloc(0) + + while (keyLen > 0 || ivLen > 0) { + var hash = new MD5() + hash.update(tmp) + hash.update(password) + if (salt) hash.update(salt) + tmp = hash.digest() + + var used = 0 + + if (keyLen > 0) { + var keyStart = key.length - keyLen + used = Math.min(keyLen, tmp.length) + tmp.copy(key, keyStart, 0, used) + keyLen -= used + } + + if (used < tmp.length && ivLen > 0) { + var ivStart = iv.length - ivLen + var length = Math.min(ivLen, tmp.length - used) + tmp.copy(iv, ivStart, used, used + length) + ivLen -= length + } + } + + tmp.fill(0) + return { key: key, iv: iv } +} + +module.exports = EVP_BytesToKey diff --git a/node_modules/evp_bytestokey/package.json b/node_modules/evp_bytestokey/package.json new file mode 100644 index 0000000..316521a --- /dev/null +++ b/node_modules/evp_bytestokey/package.json @@ -0,0 +1,78 @@ +{ + "_from": "evp_bytestokey@^1.0.0", + "_id": "evp_bytestokey@1.0.3", + "_inBundle": false, + "_integrity": "sha512-/f2Go4TognH/KvCISP7OUsHn85hT9nUkxxA9BEWxFn+Oj9o8ZNLm/40hdlgSLyuOimsrTKLUMEorQexp/aPQeA==", + "_location": "/evp_bytestokey", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "evp_bytestokey@^1.0.0", + "name": "evp_bytestokey", + "escapedName": "evp_bytestokey", + "rawSpec": "^1.0.0", + "saveSpec": null, + "fetchSpec": "^1.0.0" + }, + "_requiredBy": [ + "/browserify-aes", + "/browserify-cipher", + "/parse-asn1" + ], + "_resolved": "https://registry.npmjs.org/evp_bytestokey/-/evp_bytestokey-1.0.3.tgz", + "_shasum": "7fcbdb198dc71959432efe13842684e0525acb02", + "_spec": "evp_bytestokey@^1.0.0", + "_where": "/home/pruss/Dev/3-minute-website/node_modules/browserify-cipher", + "author": { + "name": "Calvin Metcalf", + "email": "calvin.metcalf@gmail.com" + }, + "bugs": { + "url": "https://github.com/crypto-browserify/EVP_BytesToKey/issues" + }, + "bundleDependencies": false, + "contributors": [ + { + "name": "Kirill Fomichev", + "email": "fanatid@ya.ru" + } + ], + "dependencies": { + "md5.js": "^1.3.4", + "safe-buffer": "^5.1.1" + }, + "deprecated": false, + "description": "The insecure key derivation algorithm from OpenSSL", + "devDependencies": { + "bindings": "^1.2.1", + "nan": "^2.4.0", + "nyc": "^8.1.0", + "standard": "^8.0.0", + "tape": "^4.6.0" + }, + "files": [ + "index.js" + ], + "gypfile": false, + "homepage": "https://github.com/crypto-browserify/EVP_BytesToKey", + "keywords": [ + "crypto", + "openssl" + ], + "license": "MIT", + "main": "index.js", + "name": "evp_bytestokey", + "repository": { + "type": "git", + "url": "git+https://github.com/crypto-browserify/EVP_BytesToKey.git" + }, + "scripts": { + "coverage": "nyc tape test/*.js", + "lint": "standard", + "test": "npm run lint && npm run unit", + "test:prepare": "node-gyp rebuild", + "unit": "tape test/*.js" + }, + "version": "1.0.3" +} |