@drifted/raven 0.0.6 → 0.0.11

package/README.md

@@ -53,5 +53,17 @@
 
   theraven.txt decrypted
   secret: O9JorHTlz2Wk+oaGq1XpLZzYxwblzlYd3+No7l8eupQ=
+  
+  # if you use a password it will create a secret to use that is the same every time.
+  > raven conceal -f theraven.txt -p 'some clever password'  
+  
+  theraven.txt encrypted
+  secret: e6d71b7a7ddd3afbdc9e91007d2c1f63c8c4c563e64=
+
+  > raven expose -f theraven.txt -p 'some clever password'
+
+  theraven.txt decrypted
+  secret: e6d71b7a7ddd3afbdc9e91007d2c1f63c8c4c563e64=
+
 
 ```

package/bin/cli.js

@@ -8,10 +8,12 @@ const JSONDataFile = require(path.join(__dirname, '..'));
 
 
 var parser = new CarrierPigeon({strict: true});
-parser.commands('usage', 'show', 'secret', 'init', 'generate', 'expose', 'conceal', 'encrypt', 'decrypt');
+parser.commands('version', 'usage', 'show', 'secret', 'init', 'generate', 'expose', 'conceal', 'encrypt', 'decrypt');
 parser.option('file', {type: 'file'});
+parser.option('password', {});
 parser.option('secret', {});
 parser.option('data', {});
+parser.option('type', {default: 'text'});
 parser.option('json', {default: false});
 parser.option('location', {type: 'file', default: process.cwd()});
 parser.option('verbose', {default: false});
@@ -165,3 +167,11 @@ if (command == 'usage') {
 }
 
 
+
+if (command == 'version') {
+  var data = fs.readFileSync(path.join(__dirname, '..', 'package.json')).toString();
+  var json = JSON.parse(data);
+  console.log(json.version)
+}
+
+

package/bin/console.js

@@ -0,0 +1,26 @@
+#!/usr/bin/env node
+
+const path = require('path');
+const CarrierPigeon = require('carrier-pigeon');
+const repl = require('node:repl');
+
+var RavenDataFile = require(path.join(__dirname, '..'));
+
+
+var parser = new CarrierPigeon({strict: false});
+parser.option('env', { default: (process.env.NODE_ENV ? process.env.NODE_ENV : "development"), env: "NODE_ENV" })
+parser.option('verbose', { default: false, env: "VERBOSE" })
+
+var options = parser.parse(process.argv);
+//require('@drifted/qa/db');
+
+
+
+const r = repl.start('> ');
+Object.defineProperty(r.context, 'RavenDataFile', {
+  configurable: false,
+  enumerable: true,
+  value: RavenDataFile
+});
+
+

package/bufferable.js

@@ -0,0 +1,18 @@
+const { Writable } = require('node:stream');
+
+class Bufferable extends Writable {
+  constructor() {
+    super();
+    this.chunks = [];
+  }
+  _write(chunk, encoding, callback) {
+    this.chunks.push(chunk);
+    callback();
+  }
+  get buffer() {
+    return Buffer.concat(this.chunks);
+  }
+}
+
+
+module.exports = Bufferable;

package/index.js

@@ -1,12 +1,18 @@
 const path = require('path');
 const crypto = require('crypto');
 const fs = require('fs');
-
+const { fileTypeFromBuffer } = require('file-type');
 const ivLength = 16;
+const { Readable, pipeline, buffer } = require('stream');
+const Bufferable = require(path.join(__dirname, 'bufferable'));
+const { isUtf8, isAscii } = require('node:buffer');
 
 class RavenDataFile {
+
+
   constructor(options={}) {
     Object.assign(this, options)
+
     if (this.data != undefined && typeof this.data == 'string') {
       try {
         this.data = JSON.parse(this.data);
@@ -19,6 +25,10 @@ class RavenDataFile {
       this.algorithm = 'aes-256-gcm';
     }
 
+    if (this.password != undefined && this.secret == undefined) {
+      this.secret = RavenDataFile.hashPassword(this.password);
+    }
+
     if (this.secret == undefined && RavenDataFile.hasFile()) {
       this.populateSecretFromFile();
     } 
@@ -26,18 +36,10 @@ class RavenDataFile {
     if (this.secret == undefined) {
       this.secret = crypto.randomBytes(32).toString('base64');
     }
-  }
-  
-  populateSecretFromFile() {
-    var data = fs.readFileSync(RavenDataFile.secretFile()).toString();
-    var json = JSON.parse(data);
-    this.secret = json.secret;
-  }
 
-  shortPath() {
-    return this.file.replace(process.cwd()+"/", "")
   }
 
+
   static eval(options={}) {
     var iterations = 0;
 
@@ -63,7 +65,7 @@ class RavenDataFile {
       }
 
       try {
-        file.data = JSON.parse(file.data.trim());
+        file.data = JSON.parse(file.data.toString());
       } catch(error) {
         console.log(error);
       }
@@ -72,6 +74,7 @@ class RavenDataFile {
     })
   }
   
+
   static toEnv(options={}) {
     var self = this;
     
@@ -83,19 +86,23 @@ class RavenDataFile {
     })   
   }
 
+
   static show() {
     return fs.readFileSync(this.secretFile()).toString();
   }
 
+
   static secretFile() {
     return path.join(process.cwd(), 'config', 'secret.json');
   }
 
+
   static hasFile() {
     var exists = fs.existsSync(this.secretFile());
     return exists;
   }
 
+
   static generate() {
     var self = this;
     return new Promise((resolve) => {
@@ -107,6 +114,7 @@ class RavenDataFile {
     })
   }
 
+
   static init() {
     var self = this;
     return new Promise((resolve) => {
@@ -123,16 +131,45 @@ class RavenDataFile {
       });
     })
   }
+ 
 
   static secret() {
     return crypto.randomBytes(32).toString('base64');
+  } 
+
+  static hashPassword(password) {
+    return crypto.createHash('sha256').update(password).digest('hex').slice(0, 43)+"=";
   }
 
-  encrypt(text) {
+  populateSecretFromFile() {
+    var data = fs.readFileSync(RavenDataFile.secretFile()).toString();
+    var json = JSON.parse(data);
+    this.secret = json.secret;
+  }
+
+
+  shortPath() {
+    return this.file.replace(process.cwd()+"/", "")
+  }
+
+  cipher(options={}) {
+    //console.log(options);
+    return crypto.createCipheriv(options.algorithm, 
+      Buffer.from(options.secret, 'base64'), 
+      options.iv);
+  }
+
+  decipher(options={}) {
+    return crypto.createDecipheriv(options.algorithm, 
+      Buffer.from(options.secret, 'base64'), 
+      Buffer.from(options.iv, 'hex'));
+  }
+
+  encrypt(buffer) {
     const iv = crypto.randomBytes(ivLength);
-    const cipher = crypto.createCipheriv(this.algorithm, Buffer.from(this.secret, 'base64'), iv);
+    const cipher = this.cipher({iv: iv, secret: this.secret, algorithm: this.algorithm});  
 
-    let encrypted = cipher.update(text, 'utf8', 'hex');
+    var encrypted = cipher.update(buffer, 'utf8', 'hex');
     encrypted += cipher.final('hex');
 
     const authTag = cipher.getAuthTag().toString('hex');
@@ -141,20 +178,16 @@ class RavenDataFile {
     return `${iv.toString('hex')}:${authTag}:${encrypted}`;
   }
 
-  decrypt(encryptedData) {
-    const [ivHex, authTagHex, encryptedText] = encryptedData.split(':');
 
-    const decipher = crypto.createDecipheriv(
-      this.algorithm,
-      Buffer.from(this.secret, 'base64'),
-      Buffer.from(ivHex, 'hex')
-    );
+  decrypt(encryptedData) {
+    const [ivHex, authTagHex, encryptedText] = encryptedData.toString().split(':');
+    const decipher = this.decipher({iv: ivHex, secret: this.secret, algorithm: this.algorithm});
 
     decipher.setAuthTag(Buffer.from(authTagHex, 'hex'));
-
-    let decrypted = decipher.update(encryptedText, 'hex', 'utf8');
-    decrypted += decipher.final('utf8');
     
+    var decrypted = decipher.update(encryptedText, 'hex', 'utf8');
+    decrypted += decipher.final('utf8');
+
     return decrypted;
   }
 
@@ -162,8 +195,13 @@ class RavenDataFile {
   read() {
     var self = this;
 
-    return new Promise(async(resolve) => {
-      fs.readFile(self.file, 'utf8', async (err, data) => {
+    return new Promise(async(resolve, reject) => {
+      if (fs.existsSync(self.file) == false) {
+        return reject(new Error('file doesnt exist.'))
+      }
+      fs.readFile(self.file, {}, async (err, data) => {
+        //self.type = isAscii(data);
+        //console.log('type', self.type);
         self.data = data;      
         
         resolve(data);
@@ -171,6 +209,7 @@ class RavenDataFile {
     })
   }
 
+
   save() {
     var self = this;
     return new Promise(async(resolve) => {
@@ -187,32 +226,66 @@ class RavenDataFile {
     })
   }
 
+
   conceal() {
     var self = this;
     return new Promise(async(resolve) => {
-      self.read().then((data) => {
-        self.data = self.encrypt(data);
+      const iv = crypto.randomBytes(ivLength);
+      const cipher = self.cipher({iv: iv, secret: self.secret, algorithm: self.algorithm});
+
+      //console.log(self);
+
+     self.read().then(async (buffer) => {
+        var readable = Readable.from(buffer)
+        const output = new Bufferable();
+        readable.pipe(cipher).pipe(output);
 
-        self.save().then((response) => {
-          resolve(response);
-        })
-      }) 
+        output.on('finish', async() => {
+          const authTag = cipher.getAuthTag().toString('hex');    
+          var encrypted = output.buffer;
+
+
+          fs.truncate(self.file, 0, () => {
+            const stream = fs.createWriteStream(self.file, { flags: 'a' });
+            stream.write(`${iv.toString('hex')}:${authTag}:`);
+            stream.write(encrypted.toString('base64'));
+            stream.end(); 
+
+            stream.on('finish', () => {
+              resolve({success: true});
+            });
+          })
+        });
+     }) 
     })
   }
 
+
   expose() {
     var self = this;
     return new Promise(async(resolve) => {
-      self.read().then((data) => {
-        self.data = self.decrypt(data);
-        
-        self.save().then((response) => {
-          resolve(response);
-        })
+      self.read().then((buffer) => {
+        const [ivHex, authTagHex, encryptedText] = buffer.toString().split(':');
+      
+        var readable = Readable.from(Buffer.from(encryptedText, 'base64'))
+        const output = new Bufferable();
+        const decipher = self.decipher({iv:ivHex, secret: self.secret, algorithm: self.algorithm});
+        decipher.setAuthTag(Buffer.from(authTagHex, 'hex'));
+
+        readable.pipe(decipher).pipe(output);
+
+        output.on('finish', () => {
+          self.data = output.buffer;
+
+          self.save().then(() => {
+            resolve({success: true});
+          })
+        });
       })
     })
   }
 
+
 }
 
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@drifted/raven",
-  "version": "0.0.6",
+  "version": "0.0.11",
   "description": "",
   "homepage": "https://github.com/driftless-group/raven",
   "bin": {
@@ -15,14 +15,14 @@
   "type": "commonjs",
   "main": "index.js",
   "scripts": {
-    "test": "mocha -w",
-    "encrypt": "./bin/file.js encrypt",
-    "decrypt": "./bin/file.js decrypt"
+    "test": "mocha -w"
   },
   "devDependencies": {
     "@drifted/qa": "^0.0.5"
   },
   "dependencies": {
-    "carrier-pigeon": "^0.1.11"
+    "carrier-pigeon": "^0.1.11",
+    "file-type": "^22.0.0",
+    "read-chunk": "^5.0.0"
   }
 }

package/test/cli.test.js

@@ -10,7 +10,7 @@ const {
 } = require('@drifted/qa');
 
 const {
-  run, ensure, remove
+  compare, run, ensure, remove, copy
 } = require(path.join(__dirname, 'helpers'));
 
 var defaults = {
@@ -19,6 +19,25 @@ var defaults = {
 
 describe('raven', function() {
 
+  before(async() => {
+    var file = path.join(__dirname, 'data', '1984.pdf');
+    var encrypted = path.join(__dirname, 'data','1984.pdf.encrypted');
+
+    if (fs.existsSync(encrypted)) {
+      await remove(encrypted)
+    }
+
+    await copy(file, encrypted); 
+  })
+
+  after(async() => {
+    var encrypted = path.join(__dirname, 'data','1984.pdf.encrypted');
+
+    if (fs.existsSync(encrypted)) {
+      await remove(encrypted)
+    }
+  })
+
   describe('human', function() {
     it('secret', function(done) {
       run('secret').then((stdout) => {
@@ -28,7 +47,7 @@ describe('raven', function() {
         assert.notEqual(secret, undefined);
         
         done();
-      }).catch(console.log)
+      }).catch(doneMessage(done))
     })
     
     it('init', function(done) {
@@ -100,6 +119,8 @@ describe('raven', function() {
       }).catch(doneMessage(done));
     })
 
+
+
     it('repeatedly concealing/exposing', function(done) {
       var secret = RavenDataFile.secret();
       var file = path.join(__dirname, 'theraven.txt');
@@ -125,6 +146,31 @@ describe('raven', function() {
         }).catch(doneMessage(done));
       }).catch(doneMessage(done));
     })
+
+
+
+    it('conceal/expose a pdf', function(done) {
+      var secret = RavenDataFile.secret();
+      var original = path.join(__dirname, 'data', '1984.pdf');
+      var encrypted = path.join(__dirname, 'data', '1984.pdf.encrypted');
+
+      run('conceal', '-f', encrypted, '-s', secret).then(() => {
+        compare(original, encrypted).then((response) => {
+          assert.equal(response.equal, false);
+
+          run('expose', '-f', encrypted, '-s', secret).then(() => {
+            compare(original, encrypted).then((response) => {
+              //console.log(response)
+              assert.equal(response.equal, true);
+              done();
+
+            }).catch(doneMessage(done));
+          }).catch(doneMessage(done));
+        }).catch(doneMessage(done));
+      }).catch(doneMessage(done));
+    })
+
   })
 
+
 })

package/test/helpers.js

@@ -3,6 +3,8 @@ const assert = require('assert');
 var { exec } = require('child_process');
 var { mkdir } = require('fs');
 const fs = require('fs');
+const crypto = require('crypto');
+
 
 
 function run(...specifics) {
@@ -47,3 +49,48 @@ function remove(pathname) {
   })
 }
 module.exports.remove = remove;
+
+
+
+function copy(original, newfile) {
+  return new Promise((resolve, reject) => {
+    fs.copyFile(original, newfile, (err) => {
+      if (err) {
+        return reject(err);
+      }
+      resolve();
+
+    });
+  })
+}
+module.exports.copy = copy;
+
+
+
+
+function compare(file1, file2) {
+  var response = {equal: false};
+
+  return new Promise((resolve, reject) => {
+    if (fs.statSync(file1).size !== fs.statSync(file2).size) {
+      response.equal = true;
+      return resolve(response)
+    } else {
+      const hash1 = crypto.createHash('sha256').update(fs.readFileSync(file1)).digest('hex');
+      const hash2 = crypto.createHash('sha256').update(fs.readFileSync(file2)).digest('hex');
+      
+      if (hash1 !== hash2) {
+        response.equal = false;
+        resolve(response);
+      } else {
+        response.equal = true;
+        resolve(response);
+      }
+    }
+  })
+}
+module.exports.compare = compare;
+
+
+
+

package/test/raven.test.js

@@ -16,16 +16,9 @@ const {
   run, ensure, remove
 } = require(path.join(__dirname, 'helpers'));
 
-
-
 process.chdir(path.join(__dirname, 'workspace'));
 
-console.log(__dirname);
-
-//console.log(process.env)
-
 describe('raven', function() {
-  
 
   it('eval', function(done) {
 
@@ -40,19 +33,6 @@ describe('raven', function() {
 
   })
 
-  it('write', function(done) {
-    done();
-  })
-
-  it('encrypt/decrypt', function(done) {
-    var jdf = new RavenDataFile({secret: defaults.secret, data: {test: true}});
-    var result = jdf.encrypt(JSON.stringify(jdf.data));
-    result = JSON.parse(jdf.decrypt(result));
-    assert.equal(result.test, true);
-    
-    done();
-  })
-