UNPKG

yarle-evernote-to-md

Version:

Yet Another Rope Ladder from Evernote

github.com/akosbalasko/yarle

akosbalasko/yarle

76 lines (65 loc) 2.73 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
var CryptoJS = require("crypto-js"); import * as crypto from 'crypto'; import * as base64 from 'base64-js'; // PBKDF2 implementation (modified for SHA256 support) function pbkdf2(password: string, salt: Uint8Array, iterations: number, keyLength: number): Buffer { return crypto.pbkdf2Sync(password, salt, iterations, keyLength, 'sha256'); } // HMAC implementation function hmacSHA256(key: Buffer, data: Uint8Array): Buffer { const hmac = crypto.createHmac('sha256', key); hmac.update(data); return hmac.digest(); } // AES decryption function decryptAES(ciphertext: Uint8Array, key: Buffer, iv: Uint8Array): Buffer { const decipher = crypto.createDecipheriv('aes-128-cbc', key, iv); let decrypted = decipher.update(ciphertext); decrypted = Buffer.concat([decrypted, decipher.final()]); return decrypted; } interface EncryptedData { salt: Uint8Array, saltHmac: Uint8Array, iv: Uint8Array, cipherText: Uint8Array, body: Uint8Array, bodyHmac: Uint8Array } const extractDataFromEncryptedByteArray = (data: Uint8Array):EncryptedData => { const START_INDEX = 4; const TWO_BYTES = 16; const START_SALTHMAC = START_INDEX + TWO_BYTES; const START_IV = START_SALTHMAC + TWO_BYTES; const START_CIPHERTEXT = START_IV + TWO_BYTES; const FOUR_END_BYTES = -32 return { salt: data.subarray(START_INDEX, START_SALTHMAC), saltHmac: data.subarray(START_SALTHMAC, START_IV), iv: data.subarray(START_IV, START_CIPHERTEXT), cipherText: data.subarray(START_CIPHERTEXT, FOUR_END_BYTES), body: data.subarray(0, FOUR_END_BYTES), bodyHmac: data.subarray(FOUR_END_BYTES) } } export const performDecryption = (encryptedText: string, passwords: Array<string>): string => { try{ const encryptedDataByteArr = base64.toByteArray(encryptedText); const encryptedData = extractDataFromEncryptedByteArray(encryptedDataByteArr); // Use the password to generate a digest for the encrypted body // If it matches the existing digest, assume the password is correct for (const password of passwords){ const keyhmac = pbkdf2(password, encryptedData.saltHmac, 50000, 16); const testhmac = hmacSHA256(keyhmac, encryptedData.body); const matchHmac = crypto.timingSafeEqual(testhmac, encryptedData.bodyHmac); if (matchHmac) { const key = pbkdf2(password, encryptedData.salt, 50000, 16); const decrypted = decryptAES(encryptedData.cipherText, key, encryptedData.iv); return decrypted.toString() } } }catch(e: any){ console.log(e.message) } return encryptedText; }