exports.decryptJoin = function(packet, AppKey) {
var pktBufs = packet.getBuffers();
checkBuffer(pktBufs.MACPayloadWithMIC, "parsed packet");
checkBufferLength(AppKey, "AppKey", 16);
// TODO is there a better way to get cryptojs to ingest message/key?
var cipherstream = CryptoJS.AES.decrypt(
{ ciphertext: CryptoJS.enc.Hex.parse(pktBufs.MACPayloadWithMIC.toString('hex')) },
CryptoJS.enc.Hex.parse(AppKey.toString('hex')),
{
mode: CryptoJS.mode.ECB,
padding: CryptoJS.pad.NoPadding
}
);
return new Buffer(CryptoJS.enc.Hex.stringify(cipherstream), 'hex');
};
return new Promise(function (resolve, reject) {
try {
var decodedJWT = jwt.verify(token, 'qwerty098');
var bytes = cryptojs.AES.decrypt(decodedJWT.token, 'abc123!@#');
var tokenData = JSON.parse(bytes.toString(cryptojs.enc.Utf8));
User.findById(tokenData.id).then(function onSuccess(user) {
if (user) {
resolve(user);
}
}, function onError(error) {
reject();
});
} catch (error) {
reject();
}
});
generateToken: function(type) {
if(!_.isString(type)) {
return undefined;
}
try {
var stringData = JSON.stringify({id: this.get('id'), type: type});
var encryptedData = cryptojs.AES.encrypt(stringData, 'abc123!@#!').toString();
var token = jwt.sign({
token: encryptedData
}, 'qwerty098');
return token;
} catch (e) {
return undefined;
}
}
function serverResponse(req, res, status, obj) {
if (config.crypto.enabled) {
var CryptoJS = require('crypto-js');
var encrypted = CryptoJS.AES.encrypt(JSON.stringify(obj), config.crypto.secret);
obj = {data: String(encrypted)};
var result = ")]}',\n"+JSON.stringify(obj);
res.status(status).send(result);
}
else {
var result = ")]}',\n"+JSON.stringify(obj);
res.status(status).send(result);
}
}
return new Promise(function(resolve, reject) {
try{
var jwtGet = jwt.verify(token, 'newpassforjwt');
var decryptData = cryptojs.AES.decrypt(jwtGet.token, 'tokenpassword123321');
var tokenData = JSON.parse(decryptData.toString(cryptojs.enc.Utf8));
user.findById(tokenData.id)
.then(function (user) {
resolve(user);
}, function() {
reject();
});
}catch(e) {
reject();
}
});
mcryptDecrypt:function(value, iv)
{
try
{
switch(CryptMap.cipher[this.cipher]){
case 'crypto-js':
return (cryptojs.AES.decrypt(value, this.key, {iv:iv, mode:cryptojs.mode[this.mode.toUpperCase()], padding:cryptojs.pad.PKcs7}) || []).toString(cryptojs.enc.Utf8);
break;
case 'mcrypt-js':
return this.stripPKCS7Padding(mcryptjs.Decrypt(value, iv, this.key, this.cipher.toLowerCase().replace('mcrypt-', ''), this.mode));
break;
}
}
catch (e)
{
throw new CryptError(e.message);
}
},
generateToken: function (type) {
if (!_.isString(type)) {
return undefined;
}
try {
var stringData = JSON.stringify({id: this.get('id'), type: type}); // We declare this variable because AES.encrypt can only take a string.
var encryptedData = cryptojs.AES.encrypt(stringData, 'abc123').toString(); // Returns encrypted ID and secret as a string.
var token = jwt.sign({
token: encryptedData
}, 'qwerty098');
console.log(token);
return token;
} catch (e) {
return undefined;
}
}
return new Promise(function(resolve, reject) {
try {
var decodedJWT =jwt.verify(token, 'qwerty098')
var bytes = cryptojs.AES.decrypt(decodedJWT.token, 'abc123!@#!')
var tokenData = JSON.parse(bytes.toString(cryptojs.enc.Utf8))
user.findById(tokenData.id).then(function(user){
if(user) {
resolve(user)
} else {
reject()
}
}, function(e) {
reject()
})
} catch(e) {
reject()
}
})
exports.decrypt = function(packet, AppSKey, NwkSKey) {
var pktBufs = packet.getBuffers();
checkBuffer(pktBufs.PHYPayload, "parsed packet");
// calc number of (16-byte/128-bit) blocks
var blocks = Math.ceil(pktBufs.FRMPayload.length / 16);
// create what LoRaWAN calls "Sequence S"
// TODO this should be (at least) in a Uint8Array for ease of import to cryptojs
var plain_S = new Buffer(16 * blocks);
for (var block = 0; block < blocks; block++) {
var Ai = _metadataBlock_Ai(packet, block);
Ai.copy(plain_S, block * 16);
}
// encrypt "Sequence S" with key to create cipherstream
// #4.3.3 key depends on port
var key = packet.getFPort() === 0 ? NwkSKey : AppSKey;
checkBufferLength(key, "appropriate key", 16);
// TODO is there a better way to get cryptojs to ingest message/key?
var cipherstream_base64 = CryptoJS.AES.encrypt(
CryptoJS.enc.Hex.parse(plain_S.toString('hex')),
CryptoJS.enc.Hex.parse(key.toString('hex')), {
mode: CryptoJS.mode.ECB,
iv: LORA_IV,
padding: CryptoJS.pad.NoPadding
});
var cipherstream = new Buffer(cipherstream_base64.toString(), 'base64');
// create buffer for decrypted message
var plaintextPayload = new Buffer(pktBufs.FRMPayload.length);
// xor the cipherstream with payload to create plaintext
for (var i = 0; i < pktBufs.FRMPayload.length; i++) {
var Si = cipherstream.readUInt8(i);
plaintextPayload.writeUInt8(Si ^ pktBufs.FRMPayload.readUInt8(i), i);
}
// TODO? provide a convenience conversion to UTF-8
return plaintextPayload;
};
Subject.findOne({_id: req.body.subject}, function(err, subject){
if(!subject){
res.status(404).send('Subject not found selectsubject');
} else {
var blindedPseudonym = bigInt(req.body.blindedPseudonym);
console.log("Blinded pseudonym",blindedPseudonym);
var blindedSignedPs = blindedPseudonym.modPow(subject.d,subject.n);
console.log("blinded signed ps", blindedSignedPs);
var hash = CryptoJS.SHA1(blindedSignedPs.toString(10)).toString(),
identData = createId(),
keyMsg = createId(),
proofString = "SERVER" + "AAA" + identData + "AAA" + hash,
proofBigInt = bigInt(proofString.toString('hex'), 16),
proofOrg = keys.privateKey.encrypt(proofBigInt),
msgEncrypt = CryptoJS.AES.encrypt(blindedSignedPs.toString(10), keyMsg).toString(),
message = {
"identData": identData,
"data": msgEncrypt,
"PO": proofOrg,
"publicKey": keys.publicKey
};
var newMessageNR = new MessageNR({
source: "TTPServer",
destiny: req.body.blindedPseudonym,
dataC: msgEncrypt,
key: keyMsg,
dataCK: blindedSignedPs.toString(10),
identData: identData
});
newMessageNR.save(function (err) {
if (!err) {
res.status(200).send(message);
} else {
if (err.name == 'ValidationError') {
res.status(400).send('Validation error');
} else {
res.status(500).send('Server error');
}
}
});
}
});
generateToken = function(user,type){
if (!_.isString(type)){
return undefined;
}
try {
//Convert user data to a JSON string
var stringData = JSON.stringify({id: user._id, type: type});
var encryptedData = cryptojs.AES.encrypt(stringData, process.env.TOKEN_ENCRYPT.toString()).toString();
//Create JSON web token
var token = jwt.sign({
token: encryptedData
}, process.env.TOKEN_DECRYPT.toString());
return token;
} catch (e) {
console.error(e);
return undefined;
}
};
generateToken : function (type){
console.log("hello");
if (!_.isString(type)){
return undefined;
}
try{
var stringData = JSON.stringify({id:this.get('id'),type:type});
//console.log(stringData);
var encryptedData = cryptojs.AES.encrypt(stringData,'abc123!@#').toString();
var token = jwt.sign({
token:encryptedData
}, 'azerty');
console.log(token);
return token;
}catch(e){
console.error(e);
return undefined;
}
}
function createAccount(account){
var accounts = storage.getItemSync('accounts');
if(typeof accounts === 'undefined')
{
accounts = [];
}else{
var bytes = crypto.AES.decrypt(accounts,account.masterPassword);
accounts = JSON.parse(bytes.toString(crypto.enc.Utf8));
}
accounts.push(account);
saveAccounts(accounts,account.masterPassword);
return account;
}
return new Promise(function(resolve, reject) {
try {
var decodedJwt = jwt.verify(token, 'qwerty098');
var bytes = cryptojs.AES.decrypt(decodedJwt.token, 'abc123');
var tokenData = JSON.parse(bytes.toString(cryptojs.enc.Utf8));
users.findById(tokenData.id).then(function(user) {
if (user)
resolve(user);
}, function(err) {
reject(500);
});
//takes the token and the secret key
} catch (err) {
reject();
}
});
export function decryptKey (sharekey, a) {
let x = []
for (var i = 0; i < a.length; i += 4) {
x = x.concat(CryptoJS.AES.decrypt(
CryptoJS.lib.CipherParams.create({
ciphertext: CryptoJS.lib.WordArray.create([a[i], a[i + 1], a[i + 2], a[i + 3]])
}),
CryptoJS.lib.WordArray.create(sharekey), {
iv: CryptoJS.lib.WordArray.create([0, 0, 0, 0]),
padding: {
pad: function () {},
unpad: function () {}
}
}).words)
}
return x
}
generateToken: function (type) {
if (!_.isString(type)) {
return undefined;
}
try {
var stringData = JSON.stringify({
id: this.get('id'),
type: type
})
var encryptedData = cryptjs.AES.encrypt(stringData, 'abc123!').toString();
var token = jwt.sign({
token: encryptedData
}, 'qwerty')
return token
} catch (e) {
// console.error(e)
return undefined
}
}
return new Promise(function(resolve, reject) {
try {
var decodedJWT = jwt.verify(token, 'whatebeas23f3');
var bytes = cryptojs.AES.decrypt(decodedJWT.token, 'abc123($#%');
var tokenData = JSON.parse(bytes.toString(cryptojs.enc.Utf8));
user.findById(tokenData.id).then(function(user) {
if (user) {
resolve(user);
} else {
reject();
}
}, function() {
reject();
})
} catch (e) {
reject();
}
});
return new Promise(function (resolve, reject) {
try {
var decodedJWT = jwt.verify(token, 'qwerty098'); // decodedJWT now has the value of token in the generateToken instance method after jwt.verify verifies it hasn't been modified.
var bytes = cryptojs.AES.decrypt(decodedJWT.token, 'abc123'); // bytes now has the value of encryptedData because we are accessing the token property of the token variable (see generateToken method). That data contains user id and the type.
var tokenData = JSON.parse(bytes.toString(cryptojs.enc.Utf8)); //JSON.parse takes string JSON and turns it into a javascript object, in generateToken the var stringData was passed to JSON.stringify(), so it must be converted back to an object.
user.findById(tokenData.id).then(function (user) { //Retrieves the user based on the id which was extracted from the decrypted token.
if (user) {
resolve(user);
} else {
reject();
}
}, function (e) {
reject();
})
} catch (e) {
reject();
}
});
o.decode = function(recipientPrivate, senderPublic, payload) {
var binPayload = convert.hex2ua(payload);
var salt = new Uint8Array(binPayload.buffer, 0, 32);
var iv = new Uint8Array(binPayload.buffer, 32, 16);
var payload = new Uint8Array(binPayload.buffer, 48);
var sk = convert.hex2ua_reversed(recipientPrivate);
var pk = convert.hex2ua(senderPublic);
var shared = new Uint8Array(32);
var r = key_derive(shared, salt, sk, pk);
var encKey = r;
var encIv = { iv: ua2words(iv, 16) };
var encrypted = {"ciphertext":ua2words(payload, payload.length)};
var plain = CryptoJS.AES.decrypt(encrypted, encKey, encIv);
var hexplain = CryptoJS.enc.Hex.stringify(plain);
return hexplain;
};
return new Promise(function(resolve, reject){
try {
var decodedJWT = jwt.verify(token, process.env.JWT_SIGNING_KEY);
var bytes = cryptojs.AES.decrypt(decodedJWT.token, process.env.TOKEN_ENCRYPTION_KEY);
var tokenData = JSON.parse(bytes.toString(cryptojs.enc.Utf8));
user.findById(tokenData.id).then(function(user) {
if(user) {
resolve(user);
} else {
reject();
}
}, function(e) {
reject(e);
});
} catch(e) {
reject(e);
}
});
return new Promise(function(resolve, reject) {
try {
var decodedJWT = jwt.verify(token, JWT_SECRET_KEY);
var bytes = cryptojs.AES.decrypt(decodedJWT.token, CJS_SECRET_KEY);
var tokenData = JSON.parse(bytes.toString(cryptojs.enc.Utf8));
user.findById(tokenData.id).then(function (user) {
if(user) {
resolve(user);
} else {
reject();
}
}).catch(function(e) {
reject();
});
} catch (e) {
reject();
}
});
function login(ws, req) {
console.log('登录信息',req);
console.log('login info', userinfo);
const secuser = req.u,
secpwd = req.p,
ki = req.i;
if(seckeys[ki]!==undefined) {
var kv = seckeys[ki];
}else{
// 非法登录
ws.send('登录错误');
return;
}
// 必须指定编码
const user = cryptojs.AES.decrypt(secuser, kv).toString(cryptojs.enc.Utf8);
let uo = userinfo[user];
if(uo === undefined){
ws.send('用户名错误');
return;
}
if(md5(uo.pwd+kv) !== secpwd){
ws.send('密码错误');
return;
}
crypto.randomBytes(16, (err, buf) => {
if (err) {
console.log('randomBytes err:',err);
}else{
let session = buf.toString('hex');
console.log(`${buf.length}bytes random str:${session}`);
console.log('delete seckey',ki);
delete seckeys[ki];
loginsessions[session] = {user, ws};
uo.ws = ws;
ws.send(['loginOK',session].join('\r\n'));
}
});
}
accountMethods.register = (req, res) => {
let { username, email, password, passwordConfirm } = req.body
if (!username || !email || !password || !passwordConfirm) {
return res.status(400).json({ message: res.__('ALL_REGISTRATION_DATA_REQUIRED') })
}
username = username.toLowerCase()
email = email.toLowerCase()
if (password !== passwordConfirm) {
return res.status(400).json({ message: res.__('PASSWORD_DID_NOT_MATCH') })
}
if (password.length < 6) {
return res.status(400).json({ message: res.__('PASSWORD_AT_LEAST_6_CHARS') })
}
password = CryptoJS.AES.encrypt(password, config.DATABASE.SECRET)
User.findOne({ $or: [{username}, {email}] })
.then(user => {
if (user) return res.status(400).json({ message: res.__('DATA_IN_USE') })
const account = new User({
username,
email,
password
})
account.save()
.then(() => {
return res.status(201).json({ message: res.__('ACCOUNT_CREATED') })
})
.catch(error => {
if (error) return res.status(400).json({ message: error })
})
})
.catch(error => {
if (error) return res.status(400).json({ message: error })
})
}
generateToken: function (type) {
var encryptedData,
stringData = JSON.stringify({id: this.get('id'), type: type}),
token;
if (!_.isString(type)) {
return undefined;
}
try {
encryptedData = cryptojs.AES.encrypt(stringData, 'token').toString();
token = jwt.sign({
token: encryptedData
}, 'encrypt');
return token;
} catch(e) {
console.log('Failure to create token', e);
return undefined;
}
}
generateToken: function (type) {
// if type doesn't exist
if (!_.isString(type)) {
return undefined;
}
// if everything goes well, try & catch
try {
var stringData = JSON.stringify({ id: this.get('id'), type: type }),
encryptedData = CryptoJS.AES.encrypt(stringData, 'abc123!@#!').toString(),
token = jwt.sign({ // jwt.sign takes 2 arguments:
token: encryptedData // the body
}, 'qwerty098'); // the jwt password
return token;
} catch (err) {
console.error(err);
return undefined;
}
}
return new Promise(function(resolve, reject) {
try {
//take the jwt and get back the original data
var decodedJWT = jwt.verify(token ,'qwerty098');
var bytes = cryptojs.AES.decrypt(decodedJWT.token, 'abc123!@#!');
var tokenData = JSON.parse(bytes.toString(cryptojs.enc.Utf8));
user.findById(tokenData.id).then(function(user){
if(user){
resolve(user);
} else {
reject();
}
}, function (e){
reject();
});
} catch (e) {
reject();
}
});
generateToken: function(type) {
if (!_.isString(type)) {
return undefined;
}
try {
var stringData = JSON.stringify({
id: this.get('id'),
type: type
});
var encryptedData = cryptojs.AES.encrypt(stringData, 'abc123!').toString();
// now create json web token
var token = jwt.sign({
token: encryptedData
}, 'password1');
console.log(token);
return token;
} catch (e) {
return undefined;
}
}
return new Promise(function(resolve, reject) {
// do opposite of geenrate token
try {
var decodedJWT = jwt.verify(token, 'password1');
//decryt the data
var bytes = cryptojs.AES.decrypt(decodedJWT.token, 'abc123!');
var tokenData = JSON.parse(bytes.toString(cryptojs.enc.Utf8));
user.findById(tokenData.id).then(function(user) {
if (user) {
resolve(user);
} else {
reject();
}
}, function(e) {
reject();
});
} catch (e) {
reject(e);
}
});
padAndMcrypt:function(value, iv)
{
value = this.addPadding(phpjs.serialize(value));
try
{
switch(CryptMap.cipher[this.cipher]){
case 'crypto-js':
return (cryptojs.AES.encrypt(value, this.key, {iv:iv, mode:cryptojs.mode[this.mode.toUpperCase()]}) || []).toString();
break;
case 'mcrypt-js':
return mcryptjs.Encrypt(value, iv, this.key, this.cipher.toLowerCase().replace('mcrypt-', ''), this.mode);
break;
}
}
catch (e)
{
throw new CryptError(e.message);
}
},
return new Promise(function(resolve, reject) {
try {
var decodedJWT = jwt.verify(token, 'zxcvb012');
var bytes = cryptojs.AES.decrypt(decodedJWT.token, 'xyz987!@#!');
var tokenData = JSON.parse(bytes.toString(cryptojs.enc.Utf8));
deliveryman.findById(tokenData.id).then(function(deliveryman) {
if (deliveryman) {
resolve(deliveryman);
} else {
reject();
}
}, function(e) {
reject();
});
} catch (e) {
reject();
}
});