@xen-orchestra/fs 4.3.0 → 4.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/_encryptor.js +6 -3
- package/dist/_encryptor.js.map +1 -1
- package/package.json +1 -1
package/dist/_encryptor.js
CHANGED
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
Object.defineProperty(exports, "__esModule", {
|
|
4
4
|
value: true
|
|
5
5
|
});
|
|
6
|
-
exports.UNENCRYPTED_ALGORITHM = exports.DEFAULT_ENCRYPTION_ALGORITHM = void 0;
|
|
6
|
+
exports.UNENCRYPTED_ALGORITHM = exports.SUPPORTED_ALGORITHM = exports.DEFAULT_ENCRYPTION_ALGORITHM = void 0;
|
|
7
7
|
exports.isLegacyEncryptionAlgorithm = isLegacyEncryptionAlgorithm;
|
|
8
8
|
const {
|
|
9
9
|
pipeline
|
|
@@ -12,8 +12,11 @@ const {
|
|
|
12
12
|
readChunk
|
|
13
13
|
} = require('@vates/read-chunk');
|
|
14
14
|
const crypto = require('crypto');
|
|
15
|
-
const
|
|
15
|
+
const CHACHA20 = 'chacha20-poly1305';
|
|
16
|
+
const AES256 = 'aes-256-gcm';
|
|
17
|
+
const DEFAULT_ENCRYPTION_ALGORITHM = exports.DEFAULT_ENCRYPTION_ALGORITHM = CHACHA20;
|
|
16
18
|
const UNENCRYPTED_ALGORITHM = exports.UNENCRYPTED_ALGORITHM = 'none';
|
|
19
|
+
const SUPPORTED_ALGORITHM = exports.SUPPORTED_ALGORITHM = new Set([UNENCRYPTED_ALGORITHM, AES256, CHACHA20, DEFAULT_ENCRYPTION_ALGORITHM]);
|
|
17
20
|
function isLegacyEncryptionAlgorithm(algorithm) {
|
|
18
21
|
return algorithm !== UNENCRYPTED_ALGORITHM && algorithm !== DEFAULT_ENCRYPTION_ALGORITHM;
|
|
19
22
|
}
|
|
@@ -42,7 +45,7 @@ function getEncryptor(algorithm = DEFAULT_ENCRYPTION_ALGORITHM, key) {
|
|
|
42
45
|
ivLength,
|
|
43
46
|
mode
|
|
44
47
|
} = info;
|
|
45
|
-
const authTagLength = ['gcm', 'ccm', 'ocb'].includes(mode) ? 16 : 0;
|
|
48
|
+
const authTagLength = ['gcm', 'ccm', 'ocb'].includes(mode) || algorithm === CHACHA20 ? 16 : 0;
|
|
46
49
|
function encryptStream(input) {
|
|
47
50
|
return pipeline(input, async function* (source) {
|
|
48
51
|
const iv = crypto.randomBytes(ivLength);
|
package/dist/_encryptor.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"_encryptor.js","names":["pipeline","require","readChunk","crypto","DEFAULT_ENCRYPTION_ALGORITHM","exports","UNENCRYPTED_ALGORITHM","isLegacyEncryptionAlgorithm","algorithm","getEncryptor","key","undefined","id","ivLength","encryptData","buffer","encryptStream","stream","decryptData","decryptStream","info","getCipherInfo","keyLength","length","error","Error","getCiphers","code","mode","authTagLength","includes","input","source","iv","randomBytes","cipher","createCipheriv","Buffer","from","data","update","final","getAuthTag","encryptedStream","createDecipheriv","authTag","alloc","slice","fullData","concat","fullDataLength","setAuthTag","encrypted","decipher","decrypted","_getEncryptor"],"sources":["../src/_encryptor.js"],"sourcesContent":["const { pipeline } = require('node:stream')\nconst { readChunk } = require('@vates/read-chunk')\nconst crypto = require('crypto')\n\
|
|
1
|
+
{"version":3,"file":"_encryptor.js","names":["pipeline","require","readChunk","crypto","CHACHA20","AES256","DEFAULT_ENCRYPTION_ALGORITHM","exports","UNENCRYPTED_ALGORITHM","SUPPORTED_ALGORITHM","Set","isLegacyEncryptionAlgorithm","algorithm","getEncryptor","key","undefined","id","ivLength","encryptData","buffer","encryptStream","stream","decryptData","decryptStream","info","getCipherInfo","keyLength","length","error","Error","getCiphers","code","mode","authTagLength","includes","input","source","iv","randomBytes","cipher","createCipheriv","Buffer","from","data","update","final","getAuthTag","encryptedStream","createDecipheriv","authTag","alloc","slice","fullData","concat","fullDataLength","setAuthTag","encrypted","decipher","decrypted","_getEncryptor"],"sources":["../src/_encryptor.js"],"sourcesContent":["const { pipeline } = require('node:stream')\nconst { readChunk } = require('@vates/read-chunk')\nconst crypto = require('crypto')\n\nconst CHACHA20 = 'chacha20-poly1305'\nconst AES256 = 'aes-256-gcm'\nexport const DEFAULT_ENCRYPTION_ALGORITHM = CHACHA20\nexport const UNENCRYPTED_ALGORITHM = 'none'\nexport const SUPPORTED_ALGORITHM = new Set([UNENCRYPTED_ALGORITHM, AES256, CHACHA20, DEFAULT_ENCRYPTION_ALGORITHM])\n\nexport function isLegacyEncryptionAlgorithm(algorithm) {\n return algorithm !== UNENCRYPTED_ALGORITHM && algorithm !== DEFAULT_ENCRYPTION_ALGORITHM\n}\n\nfunction getEncryptor(algorithm = DEFAULT_ENCRYPTION_ALGORITHM, key) {\n if (key === undefined) {\n return {\n id: 'NULL_ENCRYPTOR',\n algorithm: 'none',\n key: 'none',\n ivLength: 0,\n encryptData: buffer => buffer,\n encryptStream: stream => stream,\n decryptData: buffer => buffer,\n decryptStream: stream => stream,\n }\n }\n const info = crypto.getCipherInfo(algorithm, { keyLength: key.length })\n if (info === undefined) {\n const error = new Error(\n `Either the algorithm ${algorithm} is not available, or the key length ${\n key.length\n } is incorrect. Supported algorithm are ${crypto.getCiphers()}`\n )\n error.code = 'BAD_ALGORITHM'\n throw error\n }\n const { ivLength, mode } = info\n const authTagLength = ['gcm', 'ccm', 'ocb'].includes(mode) || algorithm === CHACHA20 ? 16 : 0\n\n function encryptStream(input) {\n return pipeline(\n input,\n async function* (source) {\n const iv = crypto.randomBytes(ivLength)\n const cipher = crypto.createCipheriv(algorithm, Buffer.from(key), iv)\n yield iv\n for await (const data of source) {\n yield cipher.update(data)\n }\n yield cipher.final()\n // must write the auth tag at the end of the encryption stream\n if (authTagLength > 0) {\n yield cipher.getAuthTag()\n }\n },\n () => {}\n )\n }\n\n function decryptStream(encryptedStream) {\n return pipeline(\n encryptedStream,\n async function* (source) {\n /**\n * WARNING\n *\n * the crypted size has an initializtion vector + eventually an auth tag + a padding at the end\n * whe can't predict the decrypted size from the start of the encrypted size\n * thus, we can't set decrypted.length reliably\n *\n */\n\n const iv = await readChunk(source, ivLength)\n const cipher = crypto.createDecipheriv(algorithm, Buffer.from(key), iv)\n let authTag = Buffer.alloc(0)\n for await (const data of source) {\n if (data.length >= authTagLength) {\n // fast path, no buffer concat\n yield cipher.update(authTag)\n authTag = data.slice(data.length - authTagLength)\n yield cipher.update(data.slice(0, data.length - authTagLength))\n } else {\n // slower since there is a concat\n const fullData = Buffer.concat([authTag, data])\n const fullDataLength = fullData.length\n if (fullDataLength > authTagLength) {\n authTag = fullData.slice(fullDataLength - authTagLength)\n yield cipher.update(fullData.slice(0, fullDataLength - authTagLength))\n } else {\n authTag = fullData\n }\n }\n }\n if (authTagLength > 0) {\n cipher.setAuthTag(authTag)\n }\n yield cipher.final()\n },\n () => {}\n )\n }\n\n function encryptData(buffer) {\n const iv = crypto.randomBytes(ivLength)\n const cipher = crypto.createCipheriv(algorithm, Buffer.from(key), iv)\n const encrypted = cipher.update(buffer)\n return Buffer.concat([iv, encrypted, cipher.final(), authTagLength > 0 ? cipher.getAuthTag() : Buffer.alloc(0)])\n }\n\n function decryptData(buffer) {\n const iv = buffer.slice(0, ivLength)\n const decipher = crypto.createDecipheriv(algorithm, Buffer.from(key), iv)\n let encrypted\n if (authTagLength > 0) {\n const authTag = buffer.slice(buffer.length - authTagLength)\n decipher.setAuthTag(authTag)\n encrypted = buffer.slice(ivLength, buffer.length - authTagLength)\n } else {\n encrypted = buffer.slice(ivLength)\n }\n const decrypted = decipher.update(encrypted)\n return Buffer.concat([decrypted, decipher.final()])\n }\n\n return {\n id: algorithm,\n algorithm,\n key,\n ivLength,\n encryptData,\n encryptStream,\n decryptData,\n decryptStream,\n }\n}\n\nexports._getEncryptor = getEncryptor\n"],"mappings":";;;;;;;AAAA,MAAM;EAAEA;AAAS,CAAC,GAAGC,OAAO,CAAC,aAAa,CAAC;AAC3C,MAAM;EAAEC;AAAU,CAAC,GAAGD,OAAO,CAAC,mBAAmB,CAAC;AAClD,MAAME,MAAM,GAAGF,OAAO,CAAC,QAAQ,CAAC;AAEhC,MAAMG,QAAQ,GAAG,mBAAmB;AACpC,MAAMC,MAAM,GAAG,aAAa;AACrB,MAAMC,4BAA4B,GAAAC,OAAA,CAAAD,4BAAA,GAAGF,QAAQ;AAC7C,MAAMI,qBAAqB,GAAAD,OAAA,CAAAC,qBAAA,GAAG,MAAM;AACpC,MAAMC,mBAAmB,GAAAF,OAAA,CAAAE,mBAAA,GAAG,IAAIC,GAAG,CAAC,CAACF,qBAAqB,EAAEH,MAAM,EAAED,QAAQ,EAAEE,4BAA4B,CAAC,CAAC;AAE5G,SAASK,2BAA2BA,CAACC,SAAS,EAAE;EACrD,OAAOA,SAAS,KAAKJ,qBAAqB,IAAII,SAAS,KAAKN,4BAA4B;AAC1F;AAEA,SAASO,YAAYA,CAACD,SAAS,GAAGN,4BAA4B,EAAEQ,GAAG,EAAE;EACnE,IAAIA,GAAG,KAAKC,SAAS,EAAE;IACrB,OAAO;MACLC,EAAE,EAAE,gBAAgB;MACpBJ,SAAS,EAAE,MAAM;MACjBE,GAAG,EAAE,MAAM;MACXG,QAAQ,EAAE,CAAC;MACXC,WAAW,EAAEC,MAAM,IAAIA,MAAM;MAC7BC,aAAa,EAAEC,MAAM,IAAIA,MAAM;MAC/BC,WAAW,EAAEH,MAAM,IAAIA,MAAM;MAC7BI,aAAa,EAAEF,MAAM,IAAIA;IAC3B,CAAC;EACH;EACA,MAAMG,IAAI,GAAGrB,MAAM,CAACsB,aAAa,CAACb,SAAS,EAAE;IAAEc,SAAS,EAAEZ,GAAG,CAACa;EAAO,CAAC,CAAC;EACvE,IAAIH,IAAI,KAAKT,SAAS,EAAE;IACtB,MAAMa,KAAK,GAAG,IAAIC,KAAK,CACrB,wBAAwBjB,SAAS,wCAC/BE,GAAG,CAACa,MAAM,0CAC8BxB,MAAM,CAAC2B,UAAU,CAAC,CAAC,EAC/D,CAAC;IACDF,KAAK,CAACG,IAAI,GAAG,eAAe;IAC5B,MAAMH,KAAK;EACb;EACA,MAAM;IAAEX,QAAQ;IAAEe;EAAK,CAAC,GAAGR,IAAI;EAC/B,MAAMS,aAAa,GAAG,CAAC,KAAK,EAAE,KAAK,EAAE,KAAK,CAAC,CAACC,QAAQ,CAACF,IAAI,CAAC,IAAIpB,SAAS,KAAKR,QAAQ,GAAG,EAAE,GAAG,CAAC;EAE7F,SAASgB,aAAaA,CAACe,KAAK,EAAE;IAC5B,OAAOnC,QAAQ,CACbmC,KAAK,EACL,iBAAiBC,MAAM,EAAE;MACvB,MAAMC,EAAE,GAAGlC,MAAM,CAACmC,WAAW,CAACrB,QAAQ,CAAC;MACvC,MAAMsB,MAAM,GAAGpC,MAAM,CAACqC,cAAc,CAAC5B,SAAS,EAAE6B,MAAM,CAACC,IAAI,CAAC5B,GAAG,CAAC,EAAEuB,EAAE,CAAC;MACrE,MAAMA,EAAE;MACR,WAAW,MAAMM,IAAI,IAAIP,MAAM,EAAE;QAC/B,MAAMG,MAAM,CAACK,MAAM,CAACD,IAAI,CAAC;MAC3B;MACA,MAAMJ,MAAM,CAACM,KAAK,CAAC,CAAC;MAEpB,IAAIZ,aAAa,GAAG,CAAC,EAAE;QACrB,MAAMM,MAAM,CAACO,UAAU,CAAC,CAAC;MAC3B;IACF,CAAC,EACD,MAAM,CAAC,CACT,CAAC;EACH;EAEA,SAASvB,aAAaA,CAACwB,eAAe,EAAE;IACtC,OAAO/C,QAAQ,CACb+C,eAAe,EACf,iBAAiBX,MAAM,EAAE;MAUvB,MAAMC,EAAE,GAAG,MAAMnC,SAAS,CAACkC,MAAM,EAAEnB,QAAQ,CAAC;MAC5C,MAAMsB,MAAM,GAAGpC,MAAM,CAAC6C,gBAAgB,CAACpC,SAAS,EAAE6B,MAAM,CAACC,IAAI,CAAC5B,GAAG,CAAC,EAAEuB,EAAE,CAAC;MACvE,IAAIY,OAAO,GAAGR,MAAM,CAACS,KAAK,CAAC,CAAC,CAAC;MAC7B,WAAW,MAAMP,IAAI,IAAIP,MAAM,EAAE;QAC/B,IAAIO,IAAI,CAAChB,MAAM,IAAIM,aAAa,EAAE;UAEhC,MAAMM,MAAM,CAACK,MAAM,CAACK,OAAO,CAAC;UAC5BA,OAAO,GAAGN,IAAI,CAACQ,KAAK,CAACR,IAAI,CAAChB,MAAM,GAAGM,aAAa,CAAC;UACjD,MAAMM,MAAM,CAACK,MAAM,CAACD,IAAI,CAACQ,KAAK,CAAC,CAAC,EAAER,IAAI,CAAChB,MAAM,GAAGM,aAAa,CAAC,CAAC;QACjE,CAAC,MAAM;UAEL,MAAMmB,QAAQ,GAAGX,MAAM,CAACY,MAAM,CAAC,CAACJ,OAAO,EAAEN,IAAI,CAAC,CAAC;UAC/C,MAAMW,cAAc,GAAGF,QAAQ,CAACzB,MAAM;UACtC,IAAI2B,cAAc,GAAGrB,aAAa,EAAE;YAClCgB,OAAO,GAAGG,QAAQ,CAACD,KAAK,CAACG,cAAc,GAAGrB,aAAa,CAAC;YACxD,MAAMM,MAAM,CAACK,MAAM,CAACQ,QAAQ,CAACD,KAAK,CAAC,CAAC,EAAEG,cAAc,GAAGrB,aAAa,CAAC,CAAC;UACxE,CAAC,MAAM;YACLgB,OAAO,GAAGG,QAAQ;UACpB;QACF;MACF;MACA,IAAInB,aAAa,GAAG,CAAC,EAAE;QACrBM,MAAM,CAACgB,UAAU,CAACN,OAAO,CAAC;MAC5B;MACA,MAAMV,MAAM,CAACM,KAAK,CAAC,CAAC;IACtB,CAAC,EACD,MAAM,CAAC,CACT,CAAC;EACH;EAEA,SAAS3B,WAAWA,CAACC,MAAM,EAAE;IAC3B,MAAMkB,EAAE,GAAGlC,MAAM,CAACmC,WAAW,CAACrB,QAAQ,CAAC;IACvC,MAAMsB,MAAM,GAAGpC,MAAM,CAACqC,cAAc,CAAC5B,SAAS,EAAE6B,MAAM,CAACC,IAAI,CAAC5B,GAAG,CAAC,EAAEuB,EAAE,CAAC;IACrE,MAAMmB,SAAS,GAAGjB,MAAM,CAACK,MAAM,CAACzB,MAAM,CAAC;IACvC,OAAOsB,MAAM,CAACY,MAAM,CAAC,CAAChB,EAAE,EAAEmB,SAAS,EAAEjB,MAAM,CAACM,KAAK,CAAC,CAAC,EAAEZ,aAAa,GAAG,CAAC,GAAGM,MAAM,CAACO,UAAU,CAAC,CAAC,GAAGL,MAAM,CAACS,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;EAClH;EAEA,SAAS5B,WAAWA,CAACH,MAAM,EAAE;IAC3B,MAAMkB,EAAE,GAAGlB,MAAM,CAACgC,KAAK,CAAC,CAAC,EAAElC,QAAQ,CAAC;IACpC,MAAMwC,QAAQ,GAAGtD,MAAM,CAAC6C,gBAAgB,CAACpC,SAAS,EAAE6B,MAAM,CAACC,IAAI,CAAC5B,GAAG,CAAC,EAAEuB,EAAE,CAAC;IACzE,IAAImB,SAAS;IACb,IAAIvB,aAAa,GAAG,CAAC,EAAE;MACrB,MAAMgB,OAAO,GAAG9B,MAAM,CAACgC,KAAK,CAAChC,MAAM,CAACQ,MAAM,GAAGM,aAAa,CAAC;MAC3DwB,QAAQ,CAACF,UAAU,CAACN,OAAO,CAAC;MAC5BO,SAAS,GAAGrC,MAAM,CAACgC,KAAK,CAAClC,QAAQ,EAAEE,MAAM,CAACQ,MAAM,GAAGM,aAAa,CAAC;IACnE,CAAC,MAAM;MACLuB,SAAS,GAAGrC,MAAM,CAACgC,KAAK,CAAClC,QAAQ,CAAC;IACpC;IACA,MAAMyC,SAAS,GAAGD,QAAQ,CAACb,MAAM,CAACY,SAAS,CAAC;IAC5C,OAAOf,MAAM,CAACY,MAAM,CAAC,CAACK,SAAS,EAAED,QAAQ,CAACZ,KAAK,CAAC,CAAC,CAAC,CAAC;EACrD;EAEA,OAAO;IACL7B,EAAE,EAAEJ,SAAS;IACbA,SAAS;IACTE,GAAG;IACHG,QAAQ;IACRC,WAAW;IACXE,aAAa;IACbE,WAAW;IACXC;EACF,CAAC;AACH;AAEAhB,OAAO,CAACoD,aAAa,GAAG9C,YAAY","ignoreList":[]}
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"private": false,
|
|
3
3
|
"name": "@xen-orchestra/fs",
|
|
4
|
-
"version": "4.
|
|
4
|
+
"version": "4.4.0",
|
|
5
5
|
"license": "AGPL-3.0-or-later",
|
|
6
6
|
"description": "The File System for Xen Orchestra backups.",
|
|
7
7
|
"homepage": "https://github.com/vatesfr/xen-orchestra/tree/master/@xen-orchestra/fs",
|