badmfck-api-server 4.0.73 → 4.0.74

package/dist/apiServer/external/MicroserviceClient.js

@@ -13,6 +13,7 @@ exports.REQ_MICROSERVICE_CALL = new badmfck_signal_1.Req(undefined, "REQ_MICROSE
 class MicroserviceClient extends BaseService_1.BaseService {
     static #clients = new Map();
     static #listener = false;
+    static #nextID = 1;
     options;
     constructor(opt) {
         super("MicroserviceClient");
@@ -34,25 +35,28 @@ class MicroserviceClient extends BaseService_1.BaseService {
     }
     async requestMicroserviceCall(req) {
         const url = this.options.host + "/__ms_host_control/receiver";
-        const ts = (+new Date()).toString();
-        const nonce = crypto_1.default.randomBytes(16).toString("hex");
+        const ts = process.hrtime.bigint().toString();
+        const nonce = crypto_1.default.randomBytes(12).toString("hex");
         const headers = {
             "Content-Type": "application/json",
             "x-microservice-id": this.options.id,
             "x-microservice-ts": ts,
             "x-microservice-nonce": nonce
         };
-        const data = Buffer.from(JSON.stringify(req), "utf8");
         const secret = Buffer.from(this.options.securityKey, "base64");
-        const salt = crypto_1.default.createHash("sha256").update(nonce + ts).digest();
-        const key = crypto_1.default.pbkdf2Sync(secret, salt, 100, 32, "sha256");
-        const iv = crypto_1.default.pbkdf2Sync(secret, salt, 100, 16, "sha256");
-        const aad = Buffer.from(ts + "." + nonce + "." + this.options.id + "." + this.options.password, "utf8");
+        const hash = crypto_1.default.createHash("sha256").update(nonce + ts + this.options.securityKey).digest();
+        const key = secret;
+        const iv = hash.subarray(0, 12);
+        const aad = Buffer.from(`${ts}.${nonce}.${this.options.id}`, "utf8");
+        const data = Buffer.from(JSON.stringify(req), "utf8");
         const cipher = crypto_1.default.createCipheriv("aes-256-gcm", key, iv);
         cipher.setAAD(aad);
         const encrypted = Buffer.concat([cipher.update(data), cipher.final()]);
         const tag = cipher.getAuthTag();
-        const resp = await Http_1.Http.post(url, { tag: tag.toString("base64"), enc: encrypted.toString("base64") }, { headers });
+        const resp = await Http_1.Http.post(url, {
+            tag: tag.toString("base64"),
+            enc: encrypted.toString("base64")
+        }, { headers });
         if (!resp.ok)
             return { ...DefaultErrors_1.default.BAD_REQUEST, details: resp.details, stack: [resp.error] };
         const body = resp.data;

package/dist/apiServer/external/MicroserviceHost.js

@@ -1,34 +1,11 @@
 "use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || function (mod) {
-    if (mod && mod.__esModule) return mod;
-    var result = {};
-    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
-    __setModuleDefault(result, mod);
-    return result;
-};
 var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.MicroserviceHost = void 0;
 const BaseService_1 = require("../BaseService");
-const DefaultErrors_1 = __importStar(require("../structures/DefaultErrors"));
+const DefaultErrors_1 = __importDefault(require("../structures/DefaultErrors"));
 const crypto_1 = __importDefault(require("crypto"));
 class MicroserviceHost extends BaseService_1.BaseService {
     static #calls = new Set();
@@ -46,62 +23,47 @@ class MicroserviceHost extends BaseService_1.BaseService {
         return MicroserviceHost.#instances.get(id) || null;
     }
     async handleIncomingRequest(req) {
-        console.log("Handling incoming request for MicroserviceHost:", this.getName());
         const nonce = req.headers["x-microservice-nonce"];
         const ts = req.headers["x-microservice-ts"];
         if (!nonce || !ts)
             return { ...DefaultErrors_1.default.BAD_REQUEST, details: "missing headers" };
-        if (ts.length !== 13 || isNaN(+ts))
-            return { ...DefaultErrors_1.default.BAD_REQUEST, details: "invalid timestamp" };
-        if (+new Date() - (+ts) > 1000 * 60 * 2)
-            return { ...DefaultErrors_1.default.BAD_REQUEST, details: "timestamp too old" };
         const checkCall = MicroserviceHost.#calls.has(nonce + "|" + ts);
         if (checkCall)
             return { ...DefaultErrors_1.default.BAD_REQUEST, details: "replay attack detected" };
         MicroserviceHost.#calls.add(nonce + "|" + ts);
-        if (MicroserviceHost.#calls.size > 1000) {
-            const first = MicroserviceHost.#calls.values().next().value;
-            if (first)
-                MicroserviceHost.#calls.delete(first);
-        }
-        const secret = Buffer.from(this.options.securityKey, "base64");
-        const salt = crypto_1.default.createHash("sha256").update(nonce + ts).digest();
-        const key = crypto_1.default.pbkdf2Sync(secret, salt, 100, 32, "sha256");
-        const iv = crypto_1.default.pbkdf2Sync(secret, salt, 100, 16, "sha256");
-        const aad = Buffer.from(ts + "." + nonce + "." + this.options.id + "." + this.options.password, "utf8");
-        const tag = Buffer.from(req.data.tag, "base64");
-        const enc = Buffer.from(req.data.enc, "base64");
-        const decipher = crypto_1.default.createDecipheriv("aes-256-gcm", key, iv);
-        decipher.setAAD(aad);
-        decipher.setAuthTag(tag);
-        const decrypted = Buffer.concat([decipher.update(enc), decipher.final()]);
-        let request = null;
-        try {
-            request = JSON.parse(decrypted.toString("utf8"));
-        }
-        catch (e) {
-            return { ...DefaultErrors_1.default.BAD_REQUEST, details: "invalid json request" };
-        }
-        if (!request) {
-            return { ...DefaultErrors_1.default.BAD_REQUEST, details: "no request found" };
-        }
-        if (typeof request !== "object" || !request.requestName) {
-            return { ...DefaultErrors_1.default.BAD_REQUEST, details: "invalid request object" };
-        }
-        const reqCall = this.options.requests.find(r => r.name === request.requestName);
-        if (!reqCall) {
-            return { ...DefaultErrors_1.default.BAD_REQUEST, details: "request not found: " + request.requestName };
+        if (MicroserviceHost.#calls.size > 10000) {
+            const iterator = MicroserviceHost.#calls.values();
+            for (let i = 0; i < 100; i++) {
+                const val = iterator.next().value;
+                if (val)
+                    MicroserviceHost.#calls.delete(val);
+            }
         }
-        let response = null;
         try {
-            response = await reqCall.request(request.requestData);
+            const secret = Buffer.from(this.options.securityKey, "base64");
+            const hash = crypto_1.default.createHash("sha256").update(nonce + ts + this.options.securityKey).digest();
+            const key = secret;
+            const iv = hash.subarray(0, 12);
+            const aad = Buffer.from(`${ts}.${nonce}.${this.options.id}`, "utf8");
+            const tag = Buffer.from(req.data.tag, "base64");
+            const enc = Buffer.from(req.data.enc, "base64");
+            const decipher = crypto_1.default.createDecipheriv("aes-256-gcm", key, iv);
+            decipher.setAAD(aad);
+            decipher.setAuthTag(tag);
+            const decrypted = Buffer.concat([decipher.update(enc), decipher.final()]);
+            const request = JSON.parse(decrypted.toString("utf8"));
+            if (!request || !request.requestName) {
+                return { ...DefaultErrors_1.default.BAD_REQUEST, details: "invalid request object" };
+            }
+            const reqCall = this.options.requests.find(r => r.name === request.requestName);
+            if (!reqCall) {
+                return { ...DefaultErrors_1.default.BAD_REQUEST, details: "request not found: " + request.requestName };
+            }
+            return await reqCall.request(request.requestData);
         }
         catch (e) {
-            if (DefaultErrors_1.ErrorUtils.isError(e))
-                return e;
-            return { ...DefaultErrors_1.default.INTERNAL_SERVER_ERROR, details: "request execution error: " + e?.message };
+            return { ...DefaultErrors_1.default.BAD_REQUEST, details: "decryption failed or invalid json" };
         }
-        return response;
     }
 }
 exports.MicroserviceHost = MicroserviceHost;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "badmfck-api-server",
-  "version": "4.0.73",
+  "version": "4.0.74",
   "description": "Simple API http server based on express",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",