@things-factory/shell 6.1.186 → 6.1.191
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/config/config.development.js +2 -0
- package/config/config.production.js +34 -33
- package/dist-server/index.d.ts +1 -0
- package/dist-server/index.js +1 -0
- package/dist-server/index.js.map +1 -1
- package/dist-server/tsconfig.tsbuildinfo +1 -1
- package/dist-server/typeorm/encrypt-transform.d.ts +2 -0
- package/dist-server/typeorm/encrypt-transform.js +39 -0
- package/dist-server/typeorm/encrypt-transform.js.map +1 -0
- package/dist-server/typeorm/get-data-encryption-key.d.ts +1 -0
- package/dist-server/typeorm/get-data-encryption-key.js +15 -0
- package/dist-server/typeorm/get-data-encryption-key.js.map +1 -0
- package/package.json +2 -2
- package/server/index.ts +1 -0
- package/server/typeorm/encrypt-transform.ts +44 -0
- package/server/typeorm/get-data-encryption-key.ts +13 -0
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.encryptTransformer = void 0;
|
|
4
|
+
const crypto_1 = require("crypto");
|
|
5
|
+
const get_data_encryption_key_1 = require("./get-data-encryption-key");
|
|
6
|
+
const ALGORITHM = 'aes-256-cbc';
|
|
7
|
+
const KEY_LENGTH = 32;
|
|
8
|
+
const SALT_LENGTH = 16;
|
|
9
|
+
const IV_LENGTH = 16;
|
|
10
|
+
exports.encryptTransformer = {
|
|
11
|
+
to: (entityValue) => encrypt(entityValue),
|
|
12
|
+
from: (databaseValue) => decrypt(databaseValue) // DB에서 값을 가져올 때 복호화
|
|
13
|
+
};
|
|
14
|
+
function encrypt(text) {
|
|
15
|
+
if (!text) {
|
|
16
|
+
return null;
|
|
17
|
+
}
|
|
18
|
+
const iv = (0, crypto_1.randomBytes)(IV_LENGTH);
|
|
19
|
+
const cipher = (0, crypto_1.createCipheriv)(ALGORITHM, get_data_encryption_key_1.dataEncryptionKey, iv);
|
|
20
|
+
const encrypted = Buffer.concat([cipher.update(text, 'utf8'), cipher.final()]);
|
|
21
|
+
return `${iv.toString('hex')}:${encrypted.toString('hex')}`;
|
|
22
|
+
}
|
|
23
|
+
function decrypt(text) {
|
|
24
|
+
if (!text) {
|
|
25
|
+
return null;
|
|
26
|
+
}
|
|
27
|
+
try {
|
|
28
|
+
const parts = text.split(':');
|
|
29
|
+
const iv = Buffer.from(parts.shift(), 'hex');
|
|
30
|
+
const encryptedText = Buffer.from(parts.join(':'), 'hex');
|
|
31
|
+
const decipher = (0, crypto_1.createDecipheriv)(ALGORITHM, get_data_encryption_key_1.dataEncryptionKey, iv);
|
|
32
|
+
return Buffer.concat([decipher.update(encryptedText), decipher.final()]).toString('utf8');
|
|
33
|
+
}
|
|
34
|
+
catch (err) {
|
|
35
|
+
console.error(`decryption for encrypted field failed in encryptTransformer`);
|
|
36
|
+
return null;
|
|
37
|
+
}
|
|
38
|
+
}
|
|
39
|
+
//# sourceMappingURL=encrypt-transform.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"encrypt-transform.js","sourceRoot":"","sources":["../../server/typeorm/encrypt-transform.ts"],"names":[],"mappings":";;;AACA,mCAAkF;AAElF,uEAA6D;AAE7D,MAAM,SAAS,GAAG,aAAa,CAAA;AAC/B,MAAM,UAAU,GAAG,EAAE,CAAA;AACrB,MAAM,WAAW,GAAG,EAAE,CAAA;AACtB,MAAM,SAAS,GAAG,EAAE,CAAA;AAEP,QAAA,kBAAkB,GAAqB;IAClD,EAAE,EAAE,CAAC,WAAmB,EAAE,EAAE,CAAC,OAAO,CAAC,WAAW,CAAC;IACjD,IAAI,EAAE,CAAC,aAAqB,EAAE,EAAE,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,oBAAoB;CAC7E,CAAA;AAED,SAAS,OAAO,CAAC,IAAY;IAC3B,IAAI,CAAC,IAAI,EAAE;QACT,OAAO,IAAI,CAAA;KACZ;IAED,MAAM,EAAE,GAAG,IAAA,oBAAW,EAAC,SAAS,CAAC,CAAA;IACjC,MAAM,MAAM,GAAG,IAAA,uBAAc,EAAC,SAAS,EAAE,2CAAiB,EAAE,EAAE,CAAC,CAAA;IAC/D,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,EAAE,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAA;IAE9E,OAAO,GAAG,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAA;AAC7D,CAAC;AAED,SAAS,OAAO,CAAC,IAAY;IAC3B,IAAI,CAAC,IAAI,EAAE;QACT,OAAO,IAAI,CAAA;KACZ;IAED,IAAI;QACF,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAC7B,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,EAAE,KAAK,CAAC,CAAA;QAC5C,MAAM,aAAa,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAA;QACzD,MAAM,QAAQ,GAAG,IAAA,yBAAgB,EAAC,SAAS,EAAE,2CAAiB,EAAE,EAAE,CAAC,CAAA;QAEnE,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,aAAa,CAAC,EAAE,QAAQ,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAA;KAC1F;IAAC,OAAO,GAAG,EAAE;QACZ,OAAO,CAAC,KAAK,CAAC,6DAA6D,CAAC,CAAA;QAC5E,OAAO,IAAI,CAAA;KACZ;AACH,CAAC","sourcesContent":["import { ValueTransformer } from 'typeorm'\nimport { createCipheriv, createDecipheriv, randomBytes, scryptSync } from 'crypto'\n\nimport { dataEncryptionKey } from './get-data-encryption-key'\n\nconst ALGORITHM = 'aes-256-cbc'\nconst KEY_LENGTH = 32\nconst SALT_LENGTH = 16\nconst IV_LENGTH = 16\n\nexport const encryptTransformer: ValueTransformer = {\n to: (entityValue: string) => encrypt(entityValue), // DB에 저장하기 전에 암호화\n from: (databaseValue: string) => decrypt(databaseValue) // DB에서 값을 가져올 때 복호화\n}\n\nfunction encrypt(text: string): string {\n if (!text) {\n return null\n }\n\n const iv = randomBytes(IV_LENGTH)\n const cipher = createCipheriv(ALGORITHM, dataEncryptionKey, iv)\n const encrypted = Buffer.concat([cipher.update(text, 'utf8'), cipher.final()])\n\n return `${iv.toString('hex')}:${encrypted.toString('hex')}`\n}\n\nfunction decrypt(text: string): string {\n if (!text) {\n return null\n }\n\n try {\n const parts = text.split(':')\n const iv = Buffer.from(parts.shift(), 'hex')\n const encryptedText = Buffer.from(parts.join(':'), 'hex')\n const decipher = createDecipheriv(ALGORITHM, dataEncryptionKey, iv)\n\n return Buffer.concat([decipher.update(encryptedText), decipher.final()]).toString('utf8')\n } catch (err) {\n console.error(`decryption for encrypted field failed in encryptTransformer`)\n return null\n }\n}\n"]}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export declare const dataEncryptionKey: any;
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.dataEncryptionKey = void 0;
|
|
4
|
+
const env_1 = require("@things-factory/env");
|
|
5
|
+
var _DATA_ENCRYPTION_KEY = env_1.config.get('dataEncryptionKey');
|
|
6
|
+
if (!_DATA_ENCRYPTION_KEY) {
|
|
7
|
+
if (process.env.NODE_ENV == 'production') {
|
|
8
|
+
throw new TypeError('dataEncryptionKey not configured.');
|
|
9
|
+
}
|
|
10
|
+
else {
|
|
11
|
+
_DATA_ENCRYPTION_KEY = 'V6g5oHJZb7KcYzIyL6cM95XvIDouon5b';
|
|
12
|
+
}
|
|
13
|
+
}
|
|
14
|
+
exports.dataEncryptionKey = _DATA_ENCRYPTION_KEY;
|
|
15
|
+
//# sourceMappingURL=get-data-encryption-key.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"get-data-encryption-key.js","sourceRoot":"","sources":["../../server/typeorm/get-data-encryption-key.ts"],"names":[],"mappings":";;;AAAA,6CAA4C;AAE5C,IAAI,oBAAoB,GAAG,YAAM,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAA;AAE1D,IAAI,CAAC,oBAAoB,EAAE;IACzB,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,IAAI,YAAY,EAAE;QACxC,MAAM,IAAI,SAAS,CAAC,mCAAmC,CAAC,CAAA;KACzD;SAAM;QACL,oBAAoB,GAAG,kCAAkC,CAAA;KAC1D;CACF;AAEY,QAAA,iBAAiB,GAAG,oBAAoB,CAAA","sourcesContent":["import { config } from '@things-factory/env'\n\nvar _DATA_ENCRYPTION_KEY = config.get('dataEncryptionKey')\n\nif (!_DATA_ENCRYPTION_KEY) {\n if (process.env.NODE_ENV == 'production') {\n throw new TypeError('dataEncryptionKey not configured.')\n } else {\n _DATA_ENCRYPTION_KEY = 'V6g5oHJZb7KcYzIyL6cM95XvIDouon5b'\n }\n}\n\nexport const dataEncryptionKey = _DATA_ENCRYPTION_KEY\n"]}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@things-factory/shell",
|
|
3
|
-
"version": "6.1.
|
|
3
|
+
"version": "6.1.191",
|
|
4
4
|
"description": "Core module for framework",
|
|
5
5
|
"bin": {
|
|
6
6
|
"things-factory": "bin/things-factory",
|
|
@@ -132,5 +132,5 @@
|
|
|
132
132
|
"pg": "^8.7.3",
|
|
133
133
|
"sqlite3": "^5.0.8"
|
|
134
134
|
},
|
|
135
|
-
"gitHead": "
|
|
135
|
+
"gitHead": "b6dfc909644710c546e38bfc0c49c3d72d528de1"
|
|
136
136
|
}
|
package/server/index.ts
CHANGED
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
import { ValueTransformer } from 'typeorm'
|
|
2
|
+
import { createCipheriv, createDecipheriv, randomBytes, scryptSync } from 'crypto'
|
|
3
|
+
|
|
4
|
+
import { dataEncryptionKey } from './get-data-encryption-key'
|
|
5
|
+
|
|
6
|
+
const ALGORITHM = 'aes-256-cbc'
|
|
7
|
+
const KEY_LENGTH = 32
|
|
8
|
+
const SALT_LENGTH = 16
|
|
9
|
+
const IV_LENGTH = 16
|
|
10
|
+
|
|
11
|
+
export const encryptTransformer: ValueTransformer = {
|
|
12
|
+
to: (entityValue: string) => encrypt(entityValue), // DB에 저장하기 전에 암호화
|
|
13
|
+
from: (databaseValue: string) => decrypt(databaseValue) // DB에서 값을 가져올 때 복호화
|
|
14
|
+
}
|
|
15
|
+
|
|
16
|
+
function encrypt(text: string): string {
|
|
17
|
+
if (!text) {
|
|
18
|
+
return null
|
|
19
|
+
}
|
|
20
|
+
|
|
21
|
+
const iv = randomBytes(IV_LENGTH)
|
|
22
|
+
const cipher = createCipheriv(ALGORITHM, dataEncryptionKey, iv)
|
|
23
|
+
const encrypted = Buffer.concat([cipher.update(text, 'utf8'), cipher.final()])
|
|
24
|
+
|
|
25
|
+
return `${iv.toString('hex')}:${encrypted.toString('hex')}`
|
|
26
|
+
}
|
|
27
|
+
|
|
28
|
+
function decrypt(text: string): string {
|
|
29
|
+
if (!text) {
|
|
30
|
+
return null
|
|
31
|
+
}
|
|
32
|
+
|
|
33
|
+
try {
|
|
34
|
+
const parts = text.split(':')
|
|
35
|
+
const iv = Buffer.from(parts.shift(), 'hex')
|
|
36
|
+
const encryptedText = Buffer.from(parts.join(':'), 'hex')
|
|
37
|
+
const decipher = createDecipheriv(ALGORITHM, dataEncryptionKey, iv)
|
|
38
|
+
|
|
39
|
+
return Buffer.concat([decipher.update(encryptedText), decipher.final()]).toString('utf8')
|
|
40
|
+
} catch (err) {
|
|
41
|
+
console.error(`decryption for encrypted field failed in encryptTransformer`)
|
|
42
|
+
return null
|
|
43
|
+
}
|
|
44
|
+
}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
import { config } from '@things-factory/env'
|
|
2
|
+
|
|
3
|
+
var _DATA_ENCRYPTION_KEY = config.get('dataEncryptionKey')
|
|
4
|
+
|
|
5
|
+
if (!_DATA_ENCRYPTION_KEY) {
|
|
6
|
+
if (process.env.NODE_ENV == 'production') {
|
|
7
|
+
throw new TypeError('dataEncryptionKey not configured.')
|
|
8
|
+
} else {
|
|
9
|
+
_DATA_ENCRYPTION_KEY = 'V6g5oHJZb7KcYzIyL6cM95XvIDouon5b'
|
|
10
|
+
}
|
|
11
|
+
}
|
|
12
|
+
|
|
13
|
+
export const dataEncryptionKey = _DATA_ENCRYPTION_KEY
|