npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

node-laravel-encryptor

v3.0.2

Published

node version Laravel Illuminate/Encryption/Encrypter.php

Downloads

2,836

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

adseguraadsegura

Keywords

laravelcryptonodejs

Readme

Build Status node version

node-laravel-encryptor

NodeJS version of Laravel's Encrypter Class, tested 5.4.30 to 6.X Illuminate/Encryption/Encrypter.php

With this module you can create the encrypted payload for a cookie from Node Js and be read by Laravel.

You can use it too as standalone module to encrypt and decrypt data with verified signature.

If you use this module as standalone, AKA without Laravel backend involve in your scenarios you can use native node JSON lib to serialize the data before ciphering it.

changes in version 3.0.*

options.key_length now is 128|256.

Prerequisites

  • NodeJs >=v8.10.0 (npm v5.6.0)

Laravel Compatibility

  • Laravel >=5.4.30

Install

$> npm i node-laravel-encryptor

Use

Async mode

const {Encryptor} = require('node-laravel-encryptor');

let encryptor = new Encryptor({
    key: 'Laravel APP_KEY without base64:',
});

encryptor
    .encrypt({foo: 'bar'})
    .then(enc => console.log(encryptor.decrypt(enc)));

Sync mode

const enc = encryptor.encryptSync({foo: 'bar'});

console.log(encryptor.decrypt(enc));

Decrypt is always in sync mode.

Serialize <php>|<json>|<custom>

Encryptor let you chose between php-serialize npm package or JSON node native implementation to serialize the data out of the box.

If you need to use other serialize library, like mspack or any other custom lib, Encryptor let you inject, at the constructor or at runtime with setSerializerDriver(your_lib), your custom Serializer Class.

If you use this module with the intend to be able to read and write ciphered data to/from Laravel you should instance Encryptor class without any serialize_mode option, just the defaults.

If you use this module without any Laravel Backend involve you should use json mode, instance Encryptor class with serialize_mode:'json'.

Encryptor will serialize only if data to cipher is an object.

You can force serialize if Encryptor class is using serialize_mode:'php' to be able to serialize data to send back to Laravel if needed

Use php-serialize to serialize data (Laravel integration)
const encryptor  = new Encryptor({key});
const encryptor1 = new Encryptor({key, serialize_mode: 'php'});

encryptor and encryptor1 just do the same, initialize Encryptor class with serialize mode to 'php'

Encryptor defaults serialize data with php-serialize driver to be compliant with Laravel

Force serialize only when serialize_mode:'php'

If data needs to be serialized but it's not an object (because Laravel is serializing everything) you can force Encryptor.encrypt() to serialize data.

const encryptor  = new Encryptor({key}); //serialize_mode = 'php'
encryptor.encrypt('foo', true) //foo now is encrypted and serialized
Use JSON to serialize data
const encryptor = new Encryptor({key, serialize_mode: 'json'});

Write your custom Serializer

Prerequisites

  • adhere to Serializer Interface contract

Your custom Serializer must implement this two methods:

export interface Serialize_Interface {
     serialize(data: any): string;
     unSerialize(data: string): any;
}

Encryptor Class

Constructor

  • arguments:
    • options: <object> {key, key_length}
      • key: <string> APP_KEY without base64:
      • key_length: <number> [optional] [default] <256> values 128|256 for aes-[128]-cbc aes-[256]-cbc
      • serialize_mode: <string> [optional] [default] <php> values <php>|<json>
    • serialize driver: class to serialize [optional]
  • throw EncryptorError
options.key_length

If you use aes-128-cbc value should be 128 If you use aes-256-cbc value should be 256 or you can omit, it's a default value.

Methods

encrypt(data, force_serialize)

Will encrypt data with MAC signature, and return a Promise with encrypted base64 string.

With force_serialize (only apply with serialize_mode:'php') you can force Encryptor to serialize data before cipher even if data is not an object.

force_serialize, will not take any effect if Encryptor is using other serializer driver than php-serialize module.

  • arguments:
    • data: <string>|<object>|<number>
    • force_serialize: <boolean> [optional]
  • return Promise <string> base64 json encoded object {iv, value, mac}
  • throw EncryptorError

decrypt(data)

Will decrypt data with MAC signature verification, and return original data.

  • arguments:
    • data: <string>|<object>|<number>
  • return <string>|<object>
  • throw EncryptorError

encryptSync(data, force_serialize)

Will encrypt data with MAC signature, and return encrypted base64 string.

With force_serialize (only apply with serialize_mode:'php') you can force Encryptor to serialize data before cipher even if data is not an object.

force_serialize, will not take any effect if Encryptor is using other serializer driver than php-serialize module.

  • arguments:
    • data: <string>|<object>|<number>
    • force_serialize: <boolean> [optional]
  • return <string> base64 json encoded object {iv, value, mac}
  • throw EncryptorError

Encrypt and Decrypt methods will serialize or unserialize data if needed.

setSerializerDriver(custom_Serializer_lib)

Will inject custom serializer driver to Encryptor Class

  • arguments:
    • custom_Serializer_lib: object class serialize module
  • return <void>
  • throw EncryptorError

Static generateRandomKey()

Will generate valid App_key a la Laravel

  • arguments:
    • length: <number> [optional], default 256, if you use aes-128-cbc use 128
  • return <string> base64
  • throw EncryptorError

Static static_decipher(key, data)

will decipher data

  • arguments:
    • key: <string> base64 encoded key
    • data: <string>|<object>|<number>
  • return <string> base64
  • throw EncryptorError

Static static_cipher(key, data, [cb])

will cipher data

  • arguments:
    • key: <string> base64 encoded key
    • data: <string>|<object>|<number>
    • cb: <function> optional callback
  • return <string> base64
  • throw EncryptorError

Binary node_modules/.bin/encryptor

➜ encryptor      
Usage
  encryptor --gen [128, 256]
  encryptor --enc --key <key> --value <value> [--serialize_mode json|php]
  encryptor --dec --key <key> --value <value> [--serialize_mode json|php]
Generate cipher key
➜ encryptor --gen 256             
qS+rK37YXXCYHXUhYaQtFGE+RMRQHiolxTilCre4/xQ=

➜ encryptor --gen 128             
qc5plfoS13rfJeQ9LcqNtg==
Cipher
➜ encryptor --enc --key '5mimovgZ4oxbEoktPRKpVlu8LUL6JZRJb1+Y5JzJkIc=' \
--value '{"foo": 1}' --serialize_mode json

[OPTIONS]
  [key] => 5mimovgZ4oxbEoktPRKpVlu8LUL6JZRJb1+Y5JzJkIc=
  [value] => {"foo": 1}
  [serialize_mode] => json

[OUTPUT]
  [ciphered] => eyJpdiI6Ill6UTJOakV5WWpOa1lXUTNNRFkyTnc9PSIsInZhbHVlIjoiYjVtTE9GeDZ2QWhIRkRrUjIwWGhlQT09IiwibWFjIjoiNjUzNDQzNzRmYzUwZmY4NTdjNGY4MDdiZjcwZmFjMzU1YzlmYzU4MTQ1NmQ2MmYxY2I3ZDdiYWIwYTFmZWExMiJ9
without serialize_mode (default php)
➜ encryptor --enc --key '5mimovgZ4oxbEoktPRKpVlu8LUL6JZRJb1+Y5JzJkIc=' \
--value '{"foo": 1}'                      

[OPTIONS]
  [key] => 5mimovgZ4oxbEoktPRKpVlu8LUL6JZRJb1+Y5JzJkIc=
  [value] => {"foo": 1}
  [serialize_mode] => php

[OUTPUT]
  [ciphered] => eyJpdiI6Ik5EWmlaR0ZpTjJabFpEZGxOVFJrTmc9PSIsInZhbHVlIjoiYmo3RXJPMnNOamljamJITDMxZTVzcWxlUnpzN0RJdnZ4RUVpNTVvWlVKWT0iLCJtYWMiOiI2YjY4OGRiYjc0ZTg4NzlhMWYxMzI1MmZiOGY3Y2Q4YzM1MGEzMWUyZWE3ZWM3NjRmZTkyZTAwNGZkZGUyMmY0In0=
Decipher
➜ encryptor --dec --key '5mimovgZ4oxbEoktPRKpVlu8LUL6JZRJb1+Y5JzJkIc=' \
 --value 'eyJpdiI6Ik1HWTFZbVkwWmpneE1EZGlZVEkyT1E9PSIsInZhbHVlIjoiTXNvZWQ3WXE2SlVuVkpkNTM5SHdiQT09IiwibWFjIjoiMTA5OTllYTQ3YjcwYTIxYWU1MmVkZDAyNzIwODg1ZGE0YWJhZWIwOWMyNjVmYmY1ZDI0NTJjMDRhYjE0ODg3YiJ9' \
 --serialize_mode json

[OPTIONS]
  [key] => 5mimovgZ4oxbEoktPRKpVlu8LUL6JZRJb1+Y5JzJkIc=
  [encrypted] => eyJpdiI6Ik1HWTFZbVkwWmpneE1EZGlZVEkyT1E9PSIsInZhbHVlIjoiTXNvZWQ3WXE2SlVuVkpkNTM5SHdiQT09IiwibWFjIjoiMTA5OTllYTQ3YjcwYTIxYWU1MmVkZDAyNzIwODg1ZGE0YWJhZWIwOWMyNjVmYmY1ZDI0NTJjMDRhYjE0ODg3YiJ9
  [serialize_mode] => json

[OUTPUT]
  [deciphered] => {"foo":1}
  [RAW deciphered] => j:{"foo":1}
without serialize_mode (default php)
➜ encryptor --dec --key '5mimovgZ4oxbEoktPRKpVlu8LUL6JZRJb1+Y5JzJkIc=' \
 --value 'eyJpdiI6Ik5EWmlaR0ZpTjJabFpEZGxOVFJrTmc9PSIsInZhbHVlIjoiYmo3RXJPMnNOamljamJITDMxZTVzcWxlUnpzN0RJdnZ4RUVpNTVvWlVKWT0iLCJtYWMiOiI2YjY4OGRiYjc0ZTg4NzlhMWYxMzI1MmZiOGY3Y2Q4YzM1MGEzMWUyZWE3ZWM3NjRmZTkyZTAwNGZkZGUyMmY0In0='

[OPTIONS]
  [key] => 5mimovgZ4oxbEoktPRKpVlu8LUL6JZRJb1+Y5JzJkIc=
  [encrypted] => eyJpdiI6Ik5EWmlaR0ZpTjJabFpEZGxOVFJrTmc9PSIsInZhbHVlIjoiYmo3RXJPMnNOamljamJITDMxZTVzcWxlUnpzN0RJdnZ4RUVpNTVvWlVKWT0iLCJtYWMiOiI2YjY4OGRiYjc0ZTg4NzlhMWYxMzI1MmZiOGY3Y2Q4YzM1MGEzMWUyZWE3ZWM3NjRmZTkyZTAwNGZkZGUyMmY0In0=
  [serialize_mode] => php

[OUTPUT]
  [deciphered] => {"foo":1}
  [RAW deciphered] => a:1:{s:3:"foo";i:1;}

Tests

To be able to run PHP test you should install:

  • PHP >= 7.1.3
  • OpenSSL PHP Extension
  • Mbstring PHP Extension
  • Tokenizer PHP Extension
  • Ctype PHP Extension
  • JSON PHP Extension
  • BCMath PHP Extension
$> npm run test

Artillery test

In order to run Artillery integration test and stress test with aSync|Sync mode we have

to install artillery and artillery expect plugin.

$> npm install -g artillery artillery-plugin-expect

Run Artillery expect test

start server running in async mode
$> npm run artillery_server_async
$> npm run artillery_expect
All virtual users finished
Summary report @ 11:28:45(+0200) 2019-09-21
  Scenarios launched:  110
  Scenarios completed: 110
  Requests completed:  1100
  RPS sent: 105.77
  Request latency:
    min: 0.8
    max: 14.4
    median: 1.2
    p95: 2
    p99: 3.5
  Scenario counts:
    Integration Test, parallel request: 110 (100%)
  Codes:
    200: 1100
start server running in sync mode
$> npm run artillery_server_sync
$> npm run artillery_expect
All virtual users finished
Summary report @ 11:31:09(+0200) 2019-09-21
  Scenarios launched:  110
  Scenarios completed: 110
  Requests completed:  1100
  RPS sent: 105.87
  Request latency:
    min: 1
    max: 27.3
    median: 1.4
    p95: 2.2
    p99: 3.9
  Scenario counts:
    Integration Test, parallel request: 110 (100%)
  Codes:
    200: 1100

Run Artillery stress test

start server running in async mode
$> npm run artillery_server_async
start server running in sync mode
$> npm run artillery_server_sync
run test
$> npm run artillery
Async Mode
All virtual users finished
Summary report @ 11:20:34(+0200) 2019-09-21
  Scenarios launched:  4220
  Scenarios completed: 4220
  Requests completed:  4220
  RPS sent: 17.52
  Request latency:
    min: 1.1
    max: 30.3
    median: 1.9
    p95: 3
    p99: 4.8
  Scenario counts:
    stress test: 4220 (100%)
  Codes:
    200: 4220
Sync Mode
All virtual users finished
Summary report @ 11:15:31(+0200) 2019-09-21
  Scenarios launched:  4220
  Scenarios completed: 4220
  Requests completed:  4220
  RPS sent: 17.52
  Request latency:
    min: 1.1
    max: 30.6
    median: 1.9
    p95: 2.9
    p99: 4.7
  Scenario counts:
    stress test: 4220 (100%)
  Codes:
    200: 4220

Laravel Encrypter format:

Laravel only allows AES-128-CBC AES-256-CBC. If no algorithm is defined default is AES-256-CBC

{
  "iv":  "iv in base64",
  "value":  "encrypted data",
  "mac":  "Hash HMAC signature"
}

Dependencies

Contributing

Pull requests are welcome.

License

MIT