Skip to content

Commit 85d4ead

Browse files
MarceloRGoncMarceloRGonc
committed
Test
1 parent 07c88c4 commit 85d4ead

2 files changed

Lines changed: 17 additions & 40 deletions

File tree

packages/server/shared/src/lib/security/encryption-key-initializer.ts

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,7 @@
1-
import { AppSystemProp, QueueMode, system } from '../system';
21
import { encryptUtils } from './encryption';
32

43
export async function encryptionKeyInitializer(): Promise<void> {
5-
const queueMode = system.getOrThrow<QueueMode>(AppSystemProp.QUEUE_MODE);
6-
const encryptionKey = await encryptUtils.loadEncryptionKey(queueMode);
4+
const encryptionKey = encryptUtils.loadEncryptionKey();
75
const isValidHexKey =
86
encryptionKey && /^[A-Fa-z0-9]{32}$/.test(encryptionKey);
97

packages/server/shared/src/lib/security/encryption.ts

Lines changed: 16 additions & 37 deletions
Original file line numberDiff line numberDiff line change
@@ -1,44 +1,22 @@
1-
import {
2-
assertNotNullOrUndefined,
3-
EncryptedObject,
4-
isNil,
5-
} from '@openops/shared';
1+
import { EncryptedObject, isNil } from '@openops/shared';
62
import * as crypto from 'crypto';
7-
import { randomBytes } from 'node:crypto';
8-
import { promisify } from 'util';
9-
import { AppSystemProp, QueueMode, system } from '../system';
10-
import { localFileStore } from './local-store';
3+
import { AppSystemProp, system } from '../system';
114

12-
let secret: string | null;
5+
let encryptionKey: string | null;
136
const algorithm = 'aes-256-cbc';
147
const ivLength = 16;
158

16-
const loadEncryptionKey = async (
17-
queueMode: QueueMode,
18-
): Promise<string | null> => {
19-
secret = system.get(AppSystemProp.ENCRYPTION_KEY) ?? null;
20-
if (queueMode === QueueMode.MEMORY) {
21-
if (isNil(secret)) {
22-
secret = await localFileStore.load(AppSystemProp.ENCRYPTION_KEY);
23-
}
24-
if (isNil(secret)) {
25-
secret = await generateAndStoreSecret();
26-
}
9+
const loadEncryptionKey = (): string => {
10+
if (isNil(encryptionKey)) {
11+
encryptionKey = system.getOrThrow(AppSystemProp.ENCRYPTION_KEY);
2712
}
28-
return secret;
29-
};
3013

31-
const generateAndStoreSecret = async (): Promise<string> => {
32-
const secretLengthInBytes = 16;
33-
const secretBuffer = await promisify(randomBytes)(secretLengthInBytes);
34-
const secret = secretBuffer.toString('hex'); // Convert to hexadecimal
35-
await localFileStore.save(AppSystemProp.ENCRYPTION_KEY, secret);
36-
return secret;
14+
return encryptionKey;
3715
};
3816

3917
function encryptString(inputString: string): EncryptedObject {
18+
const secret = loadEncryptionKey();
4019
const iv = crypto.randomBytes(ivLength); // Generate a random initialization vector
41-
assertNotNullOrUndefined(secret, 'secret');
4220
const key = Buffer.from(secret, 'binary');
4321
const cipher = crypto.createCipheriv(algorithm, key, iv); // Create a cipher with the key and initialization vector
4422
let encrypted = cipher.update(inputString, 'utf8', 'hex');
@@ -55,8 +33,8 @@ function encryptObject(object: unknown): EncryptedObject {
5533
}
5634

5735
function encryptBuffer(inputBuffer: Buffer): EncryptedObject {
36+
const secret = loadEncryptionKey();
5837
const iv = crypto.randomBytes(ivLength);
59-
assertNotNullOrUndefined(secret, 'secret');
6038
const key = Buffer.from(secret, 'binary');
6139
const cipher = crypto.createCipheriv(algorithm, key, iv);
6240
let encrypted = cipher.update(inputBuffer).toString('hex');
@@ -68,8 +46,8 @@ function encryptBuffer(inputBuffer: Buffer): EncryptedObject {
6846
}
6947

7048
function decryptObject<T>(encryptedObject: EncryptedObject): T {
49+
const secret = loadEncryptionKey();
7150
const iv = Buffer.from(encryptedObject.iv, 'hex');
72-
assertNotNullOrUndefined(secret, 'secret');
7351
const key = Buffer.from(secret, 'binary');
7452
const decipher = crypto.createDecipheriv(algorithm, key, iv);
7553
let decrypted = decipher.update(encryptedObject.data, 'hex', 'utf8');
@@ -78,8 +56,8 @@ function decryptObject<T>(encryptedObject: EncryptedObject): T {
7856
}
7957

8058
function decryptBuffer(encryptedObject: EncryptedObject): Buffer {
59+
const secret = loadEncryptionKey();
8160
const iv = Buffer.from(encryptedObject.iv, 'hex');
82-
assertNotNullOrUndefined(secret, 'secret');
8361
const key = Buffer.from(secret, 'binary');
8462
const decipher = crypto.createDecipheriv(algorithm, key, iv);
8563
return Buffer.concat([
@@ -88,9 +66,11 @@ function decryptBuffer(encryptedObject: EncryptedObject): Buffer {
8866
]);
8967
}
9068

91-
function decryptString(encryptedObject: EncryptedObject): string {
69+
function decryptString(
70+
encryptedObject: EncryptedObject,
71+
): string {
72+
const secret = loadEncryptionKey();
9273
const iv = Buffer.from(encryptedObject.iv, 'hex');
93-
assertNotNullOrUndefined(secret, 'secret');
9474
const key = Buffer.from(secret, 'binary');
9575
const decipher = crypto.createDecipheriv(algorithm, key, iv);
9676
let decrypted = decipher.update(encryptedObject.data, 'hex', 'utf8');
@@ -99,8 +79,7 @@ function decryptString(encryptedObject: EncryptedObject): string {
9979
}
10080

10181
function get16ByteKey(): string {
102-
assertNotNullOrUndefined(secret, 'secret is not defined');
103-
return secret;
82+
return loadEncryptionKey();
10483
}
10584

10685
export const encryptUtils = {

0 commit comments

Comments
 (0)