Compare commits

...

2 commits

Author SHA1 Message Date
55ee067141 Update package-lock.json 2023-05-24 17:31:58 +03:00
31e2b7346f
Encryption (#26)
* feat: note encryption

* fix: enc

* doc: update changelog
2023-05-24 17:28:00 +03:00
4 changed files with 35 additions and 14 deletions

View file

@ -1,3 +1,4 @@
PORT=80 # port to listen on
MONGO_URI="your mongo uri" # "mongodb+srv://xxxx:yyyy@domain/zzzz?retryWrites=true&w=majority"
MONGO_DB="anopaper" # database name
ENC_KEY="test" # encryption key

View file

@ -28,7 +28,7 @@
- [x] Migration notes storage to mongodb (#3)
- [ ] Settings for publish notes, such as: delete after reading, number of reads before deleting, adding your own data (name, picture, status in the settings) to the note.
- [x] Maintaining statistics on sent notes, the number of notes received, number of deleted notes (#8)
- [ ] Encrypting notes in the database
- [x] Encrypting notes in the database (#26)
- [x] Local notes ids is ~~incremental~~ `Date.now()` instead of uuidv4 (238af9ad6957f72439a1a39f32662145dd2bdce8)
# AnoPaper v1.0.0

20
core.js
View file

@ -15,6 +15,8 @@
const mongoClient = require("mongodb").MongoClient;
const sha3 = require("js-sha3").sha3_512;
const AES = require("crypto-js/aes");
const cryptojs = require("crypto-js");
class NotesCore {
constructor() {}
@ -33,6 +35,7 @@ class NotesCore {
try {
let note = await this.notes.findOne({ _id });
if (note !== null) await this.incStats("receivedNotes");
note = await this.decryptNote(note);
return note;
} catch {
return null;
@ -61,6 +64,7 @@ class NotesCore {
note._id = sha3(JSON.stringify(note));
note.time = Date.now();
note.pub = true;
note = await this.encryptNote(note);
await this.notes.updateOne(
{ _id: note._id },
{ $set: note },
@ -73,6 +77,22 @@ class NotesCore {
}
}
async encryptNote(note) {
note.name = AES.encrypt(note.name, process.env.ENC_KEY).toString();
note.text = AES.encrypt(note.text, process.env.ENC_KEY).toString();
return note;
}
async decryptNote(note) {
note.name = AES.decrypt(note.name, process.env.ENC_KEY).toString(
cryptojs.enc.Utf8
);
note.text = AES.decrypt(note.text, process.env.ENC_KEY).toString(
cryptojs.enc.Utf8
);
return note;
}
async incStats(_id) {
await this.stats.updateOne(
{ _id },

24
package-lock.json generated
View file

@ -2031,9 +2031,9 @@
}
},
"node_modules/engine.io": {
"version": "6.4.1",
"resolved": "https://registry.npmjs.org/engine.io/-/engine.io-6.4.1.tgz",
"integrity": "sha512-JFYQurD/nbsA5BSPmbaOSLa3tSVj8L6o4srSwXXY3NqE+gGUNmmPTbhn8tjzcCtSqhFgIeqef81ngny8JM25hw==",
"version": "6.4.2",
"resolved": "https://registry.npmjs.org/engine.io/-/engine.io-6.4.2.tgz",
"integrity": "sha512-FKn/3oMiJjrOEOeUub2WCox6JhxBXq/Zn3fZOMCBxKnNYtsdKjxhl7yR3fZhM9PV+rdE75SU5SYMc+2PGzo+Tg==",
"dependencies": {
"@types/cookie": "^0.4.1",
"@types/cors": "^2.8.12",
@ -6586,9 +6586,9 @@
}
},
"node_modules/socket.io-parser": {
"version": "4.2.2",
"resolved": "https://registry.npmjs.org/socket.io-parser/-/socket.io-parser-4.2.2.tgz",
"integrity": "sha512-DJtziuKypFkMMHCm2uIshOYC7QaylbtzQwiMYDuCKy3OPkjLzu4B2vAhTlqipRHHzrI0NJeBAizTK7X+6m1jVw==",
"version": "4.2.3",
"resolved": "https://registry.npmjs.org/socket.io-parser/-/socket.io-parser-4.2.3.tgz",
"integrity": "sha512-JMafRntWVO2DCJimKsRTh/wnqVvO4hrfwOqtO7f+uzwsQMuxO6VwImtYxaQ+ieoyshWOTJyV0fA21lccEXRPpQ==",
"dependencies": {
"@socket.io/component-emitter": "~3.1.0",
"debug": "~4.3.1"
@ -8973,9 +8973,9 @@
"integrity": "sha512-TPJXq8JqFaVYm2CWmPvnP2Iyo4ZSM7/QKcSmuMLDObfpH5fi7RUGmd/rTDf+rut/saiDiQEeVTNgAmJEdAOx0w=="
},
"engine.io": {
"version": "6.4.1",
"resolved": "https://registry.npmjs.org/engine.io/-/engine.io-6.4.1.tgz",
"integrity": "sha512-JFYQurD/nbsA5BSPmbaOSLa3tSVj8L6o4srSwXXY3NqE+gGUNmmPTbhn8tjzcCtSqhFgIeqef81ngny8JM25hw==",
"version": "6.4.2",
"resolved": "https://registry.npmjs.org/engine.io/-/engine.io-6.4.2.tgz",
"integrity": "sha512-FKn/3oMiJjrOEOeUub2WCox6JhxBXq/Zn3fZOMCBxKnNYtsdKjxhl7yR3fZhM9PV+rdE75SU5SYMc+2PGzo+Tg==",
"requires": {
"@types/cookie": "^0.4.1",
"@types/cors": "^2.8.12",
@ -12121,9 +12121,9 @@
}
},
"socket.io-parser": {
"version": "4.2.2",
"resolved": "https://registry.npmjs.org/socket.io-parser/-/socket.io-parser-4.2.2.tgz",
"integrity": "sha512-DJtziuKypFkMMHCm2uIshOYC7QaylbtzQwiMYDuCKy3OPkjLzu4B2vAhTlqipRHHzrI0NJeBAizTK7X+6m1jVw==",
"version": "4.2.3",
"resolved": "https://registry.npmjs.org/socket.io-parser/-/socket.io-parser-4.2.3.tgz",
"integrity": "sha512-JMafRntWVO2DCJimKsRTh/wnqVvO4hrfwOqtO7f+uzwsQMuxO6VwImtYxaQ+ieoyshWOTJyV0fA21lccEXRPpQ==",
"requires": {
"@socket.io/component-emitter": "~3.1.0",
"debug": "~4.3.1"