1
0
mirror of https://github.com/node-red/node-red.git synced 2023-10-10 13:36:53 +02:00

Updated Design: Encryption of credentials (markdown)

Nick O'Leary 2016-09-23 11:41:26 +01:00
parent 9c1bf217bf
commit f73ab7da3b

@ -38,7 +38,21 @@ After encryption, it looks like this:
By keeping it a valid JSON object underlying storage implementations should not be affected by the change. By keeping it a valid JSON object underlying storage implementations should not be affected by the change.
---
### Encryption scheme
var encryptionKey = crypto.createHash('sha256').update(userKey).digest();
var initVector = crypto.randomBytes(16);
var cipher = crypto.createCipheriv("aes-256-ctr", encryptionKey, initVector);
var result = cipher.update(JSON.stringify(credentials), 'utf8', 'base64') + cipher.final('base64');
result = initVector.toString('hex') + result;
### Decryption scheme
var encryptionKey = crypto.createHash('sha256').update(userKey).digest();
var initVector = new Buffer(encryptedCredentials.substring(0, 32),'hex');
encryptedCredentials = encryptedCredentials.substring(32);
var decipher = crypto.createDecipheriv(encryptionAlgorithm, encryptionKey, initVector);
var decrypted = decipher.update(encryptedCredentials, 'base64', 'utf8') + decipher.final('utf8');
var result = JSON.parse(decrypted);