Merge pull request #1 from linuxgemini/class-re

* Rewritten key generation script
* Rewritten class
* Cleaned up code
* Cleaned up readme

Author: linuxgemini

.eslintrc.json

@@ -0,0 +1,38 @@
+{
+    "env": {
+        "es6": true,
+        "node": true
+    },
+    "extends": "eslint:recommended",
+    "parserOptions": {
+        "ecmaVersion": 2017,
+        "sourceType": "module",
+        "impliedStrict": true,
+        "ecmaFeatures": {
+            "experimentalObjectRestSpread": true
+        }
+    },
+    "rules": {
+        "indent": [
+            "error",
+            4,
+            {
+                "SwitchCase": 1
+            }
+        ],
+        "linebreak-style": [
+            "error",
+            "unix"
+        ],
+        "quotes": [
+            "error",
+            "double"
+        ],
+        "semi": [
+            "error",
+            "always"
+        ],
+        "no-console": 0,
+        "no-unused-vars": "warn"
+    }
+}

.gitignore

@@ -0,0 +1,2 @@
+node_modules
+.basic256rc.js

.travis.yml

@@ -3,10 +3,7 @@ sudo: enabled
 group: edge
 node_js:
   - "node"
-  - "7"
-  - "6"
-  - "5"
-  - "4"
+  - "8"
 install:
   - npm install
 script:

DontRunMe.js

@@ -1,28 +1,60 @@
-'use strict';
+"use strict";
 
-let crypto = require('crypto'); // define crypto
-let fs = require('fs'); // define filesys
+const detectNewline = require("detect-newline");
+const crypto = require("crypto"); // define crypto
+const fs = require("fs"); // define filesys
+let projectRoot = require("path").dirname(require.main.filename);
+let fetchedKey, fetchedHMAC, convertedConfig = false;
 
-function randomValueHex (len) {
+const exit = (msg) => {
+    console.log(msg);
+    return setTimeout(() => {
+        process.exit(0);
+    }, 2000);
+};
+
+const randomValueHex = (len) => {
     return crypto.randomBytes(Math.ceil(len/2))
-        .toString('hex') // convert to hexadecimal format
+        .toString("hex") // convert to hexadecimal format
         .slice(0,len);   // return required number of characters
 };
 
-if (fs.existsSync("./config.js")) {
-    return setTimeout(function(){
-        process.exit(0); // exit script if config already exists
-    }, 833);
-}
+const main = () => {
+    if (fs.existsSync(`${projectRoot}/.gitignore`)) {
+        var file = fs.readFileSync(`${projectRoot}/.gitignore`).toString();
+        var newlineChar = detectNewline(file);
+        if (!file.includes(".basic256rc.js")) fs.appendFileSync(`${projectRoot}/.gitignore`, `${newlineChar}.basic256rc.js${newlineChar}`);
+    }
+
+    if (fs.existsSync(`${projectRoot}/.basic256rc.js`)) {
+        return exit("\n.basic256rc.js already exists, stopping setup.\n");
+    }
+
+    if (fs.existsSync("./config.js")) {
+        try {
+            var c = require("./config.js").k;
+            if (c.key) fetchedKey = c.key;
+            if (c.hmac_key) fetchedHMAC = c.hmac_key;
+            convertedConfig = true;
+        } catch (e) {
+            fetchedKey = null,
+            fetchedHMAC = null;
+            console.warn(`\nThere is an old config.js file in package.\nHowever, reading of the keys have failed:\n\n${e.stack}\n`);
+        }
+    }
 
-let key = randomValueHex(32); // create random hex val for enc key
-let hmac = randomValueHex(32); // create random hex val for hmac key
-let randFold = "./" + randomValueHex(32) + "/"; // create random hex val with filesys encoding for folder
-let randFile = randomValueHex(32) + ".json"; // create random hex val with .json ending for file
-let resSysop = randFold + randFile; // merge foldername and filename
+    const enduserconfig = {
+        key: fetchedKey || randomValueHex(32), // create random hex val for enc key
+        hmac_key: fetchedHMAC || randomValueHex(32) // create random hex val for hmac key
+    };
 
-fs.mkdirSync(randFold); // create folder
-fs.appendFileSync(resSysop, "{\n  \"key\": \"" + key + "\",\n  \"hmac_key\": \"" + hmac + "\"\n}\n"); // create file with keys necessary
-fs.appendFileSync("./config.js", "\'use strict\';\n\nvar k = require(\"" + resSysop + "\");\n\nmodule.exports = {\n  k\n};\n\n"); // generate config file with necessary info
+    fs.appendFileSync(`${projectRoot}/.basic256rc.js`, `"use strict";
+
+module.exports = ${JSON.stringify(enduserconfig, null, 4)}
+`); // generate config file with necessary info
+
+    if (convertedConfig) return exit("\nYour old configuration is saved to a file named .basic256rc.js has been created on the project root.\nDON'T FORGET TO BACK THIS UP.\n");
+    return exit("\nA file named .basic256rc.js has been created on the project root. DON'T FORGET TO BACK THIS UP.\n");
+};
 
-setTimeout(function(){process.exit(0);}, 2000); // exit script
+main();

LICENSE

@@ -176,7 +176,7 @@
    END OF TERMS AND CONDITIONS
 
    Copyright 2014 Levi Gross
-   Copyright 2016 linuxgemini. All Rights Reserved.
+   Copyright 2018 linuxgemini. All Rights Reserved.
 
    Licensed under the Apache License, Version 2.0 (the "License");
    you may not use this file except in compliance with the License.

README.md

@@ -3,53 +3,43 @@ basic256.js
 
 [![Build Status](https://travis-ci.org/linuxgemini/basic256.js.svg?branch=master)](https://travis-ci.org/linuxgemini/basic256.js)
 
+WARNING
+-------
+
+**THIS PACKAGE SAVES IMPORTANT KEYS ON YOUR PROJECT, DON'T LOSE IT.**
+
 A basic encryption/decryption script/API for resting data for Node.js users.
 
 *Slightly* modified the work of [Levi Gross](http://www.levigross.com/2014/03/30/how-to-write-an-encrypt-and-decrypt-api-for-data-at-rest-in-nodejs/).
 
-Usage with downloading from NPM
+Usage
 -----
 
 Open a terminal in your project folder and make sure that you have a package.json file.
 
 And do this on your terminal if you are not root:
 
-    npm install --save basic256.js
+`
+$ npm install --save basic256.js
+`
 
 If you are running as root, do this:
 
-    npm install --unsafe-perm --save basic256.js
+`
+$ npm install --unsafe-perm --save basic256.js
+`
 
 Then make your script connected. Example:
 
-    var crypter = require("basic256.js");
-    
-    var blob = crypter.encrypt("FOO").catch(console.error); // This encrypts the string "FOO".
-    console.log(blob); // This will show the encrypted string.
-    
-    var unblob = crypter.decrypt(blob).catch(console.error); // This decrypts the encrypted string.
-    console.log(unblob); // This will show the decrypted string. (Which in this case, it is "FOO")
-
-
-Usage without downloading from NPM
------
-
-Gather basic256.js first, copy all files inside to your project folder/direcory.
+```js
+const b256 = require("basic256.js");
+const basic256 = new b256();
 
-And do this on your terminal if you are not root:
-
-    npm install
-
-If you are running as root, do this:
-
-    npm install --unsafe-perm
+var blob = basic256.encrypt("FOO"); // This encrypts the string "FOO".
+console.log(blob);  // This will show the encrypted string.
 
-Then make your script connected. Example:
+var unblob = basic256.decrypt(blob); // This decrypts the encrypted string.
+console.log(unblob);    // This will show the decrypted string. (Which in this case, it is "FOO")
+```
 
-    var crypter = require("./basic256.js");
-    
-    var blob = crypter.encrypt("FOO").catch(console.error); // This encrypts the string "FOO".
-    console.log(blob); // This will show the encrypted string.
-    
-    var unblob = crypter.decrypt(blob).catch(console.error); // This decrypts the encrypted string.
-    console.log(unblob); // This will show the decrypted string. (Which in this case, it is "FOO")
+**Don't forget to back your .basic256rc.js file as it contains your keys to encrypt and decrypt strings.**

basic256.js

@@ -1,84 +1,93 @@
-'use strict';
-
-let crypto = require('crypto');
-
-try {
-    var savedKeys = require("./config.js").k;
-} catch (e) {
-    return Promise.reject('No Configuration Exists!');
-}
-
-var ALGORITHM, KEY, HMAC_ALGORITHM, HMAC_KEY;
-
-ALGORITHM = 'AES-256-CBC'; // CBC because CTR isn't possible with the current version of the Node.JS crypto library
-HMAC_ALGORITHM = 'SHA256';
-KEY = savedKeys.key; // Use the automated script.
-HMAC_KEY = savedKeys.hmac_key; // Use the automated script.
-
-function randomValueHex (len) {
-    return crypto.randomBytes(Math.ceil(len/2))
-        .toString('hex') // convert to hexadecimal format
-        .slice(0,len);   // return required number of characters
-};
-
-var constant_time_compare = function (val1, val2) {
-    var sentinel;
-
-    if (val1.length !== val2.length) {
-        return false;
-    }
-
+"use strict";
+
+let crypto = require("crypto");
+let projectRoot = require("path").dirname(require.main.filename);
+
+/**
+ * A basic encryption/decryption script/API for resting data for Node.js users.
+ * @class
+ */
+class basic256 {
+    constructor() {
+        try {
+            var savedKeys = require(`${projectRoot}/.basic256rc.js`);
+        } catch (e) {
+            throw new Error("An error happened while loading the key");
+        }
 
-    for (var i = 0; i <= (val1.length - 1); i++) {
-        sentinel |= val1.charCodeAt(i) ^ val2.charCodeAt(i);
+        this.ALGORITHM = "AES-256-CBC";
+        this.HMAC_ALGORITHM = "SHA256";
+        this.KEY = savedKeys.key;           // Use the automated script.
+        this.HMAC_KEY = savedKeys.hmac_key; // Use the automated script.
     }
 
-    return sentinel === 0
-};
-
-module.exports = {
-
-    "encrypt": function (plain_text) {
-        if (!plain_text || typeof(plain_text) !== "string") return Promise.reject("Plain text was not found.");
+    encrypt(plain_text) {
+        if (!plain_text || typeof (plain_text) !== "string") throw new Error("Plain text was not found.");
 
-        var IV = Buffer.from(randomValueHex(16)); // ensure that the IV (initialization vector) is random
+        var IV = Buffer.from(tools.randomValueHex(16)); // ensure that the IV (initialization vector) is random
         var encryptor, cipher_text, hmac;
 
-        encryptor = crypto.createCipheriv(ALGORITHM, KEY, IV);
-        encryptor.setEncoding('hex');
+        encryptor = crypto.createCipheriv(this.ALGORITHM, this.KEY, IV);
+        encryptor.setEncoding("hex");
         encryptor.write(plain_text);
         encryptor.end();
 
         cipher_text = encryptor.read();
 
-        hmac = crypto.createHmac(HMAC_ALGORITHM, HMAC_KEY);
+        hmac = crypto.createHmac(this.HMAC_ALGORITHM, this.HMAC_KEY);
         hmac.update(cipher_text);
-        hmac.update(IV.toString('hex')); // ensure that both the IV and the cipher-text is protected by the HMAC
+        hmac.update(IV.toString("hex")); // ensure that both the IV and the cipher-text is protected by the HMAC
 
         // The IV isn't a secret so it can be stored along side everything else
-        return cipher_text + "$" + IV.toString('hex') + "$" + hmac.digest('hex') 
-    },
+        return cipher_text + "$" + IV.toString("hex") + "$" + hmac.digest("hex");
+    }
 
-    "decrypt": function (cipher_text) {
-        if (!cipher_text || typeof(cipher_text) !== "string" || !cipher_text.match(/\$/g)) return Promise.reject("A valid cipher text was not found.");
+    decrypt(cipher_text) {
+        if (!cipher_text || typeof (cipher_text) !== "string" || !cipher_text.match(/\$/g)) throw new Error("A valid cipher text was not found.");
 
         var cipher_blob = cipher_text.split("$");
+
+        if (cipher_blob.length !== 3) throw new Error("Cipher text is broken.");
+
         var ct = cipher_blob[0];
-        var IV = Buffer.from(cipher_blob[1], 'hex');
+        var IV = Buffer.from(cipher_blob[1], "hex");
         var hmac = cipher_blob[2];
         var chmac, decryptor;
 
-        chmac = crypto.createHmac(HMAC_ALGORITHM, HMAC_KEY);
+        chmac = crypto.createHmac(this.HMAC_ALGORITHM, this.HMAC_KEY);
         chmac.update(ct);
-        chmac.update(IV.toString('hex'));
+        chmac.update(IV.toString("hex"));
 
-        if (!constant_time_compare(chmac.digest('hex'), hmac)) {
-            return Promise.reject("Encrypted Blob has been tampered with.");
+        if (!tools.constant_time_compare(chmac.digest("hex"), hmac)) {
+            throw new Error("Encrypted Blob has been tampered with.");
         }
 
-        decryptor = crypto.createDecipheriv(ALGORITHM, KEY, IV);
-        var decryptedText = decryptor.update(ct, 'hex', 'utf-8');
-        return decryptedText + decryptor.final('utf-8');
+        decryptor = crypto.createDecipheriv(this.ALGORITHM, this.KEY, IV);
+        var decryptedText = decryptor.update(ct, "hex", "utf-8");
+        return decryptedText + decryptor.final("utf-8");
     }
 
 }
+
+class tools {
+    static constant_time_compare(val1, val2) {
+        var sentinel;
+
+        if (val1.length !== val2.length) {
+            return false;
+        }
+
+        for (var i = 0; i <= (val1.length - 1); i++) {
+            sentinel |= val1.charCodeAt(i) ^ val2.charCodeAt(i);
+        }
+
+        return sentinel === 0;
+    }
+    static randomValueHex(len) {
+        return crypto.randomBytes(Math.ceil(len / 2))
+            .toString("hex") // convert to hexadecimal format
+            .slice(0, len);  // return required number of characters
+    }
+}
+
+module.exports = basic256;