mirror of
https://github.com/fosrl/pangolin.git
synced 2026-01-28 22:00:51 +00:00
40 lines
1.2 KiB
TypeScript
40 lines
1.2 KiB
TypeScript
import crypto from "crypto";
|
|
|
|
export function encryptData(data: string, key: Buffer): string {
|
|
const algorithm = "aes-256-gcm";
|
|
const iv = crypto.randomBytes(16);
|
|
const cipher = crypto.createCipheriv(algorithm, key, iv);
|
|
|
|
let encrypted = cipher.update(data, "utf8", "hex");
|
|
encrypted += cipher.final("hex");
|
|
|
|
const authTag = cipher.getAuthTag();
|
|
|
|
// Combine IV, auth tag, and encrypted data
|
|
return iv.toString("hex") + ":" + authTag.toString("hex") + ":" + encrypted;
|
|
}
|
|
|
|
// Helper function to decrypt data (you'll need this to read certificates)
|
|
export function decryptData(encryptedData: string, key: Buffer): string {
|
|
const algorithm = "aes-256-gcm";
|
|
const parts = encryptedData.split(":");
|
|
|
|
if (parts.length !== 3) {
|
|
throw new Error("Invalid encrypted data format");
|
|
}
|
|
|
|
const iv = Buffer.from(parts[0], "hex");
|
|
const authTag = Buffer.from(parts[1], "hex");
|
|
const encrypted = parts[2];
|
|
|
|
const decipher = crypto.createDecipheriv(algorithm, key, iv);
|
|
decipher.setAuthTag(authTag);
|
|
|
|
let decrypted = decipher.update(encrypted, "hex", "utf8");
|
|
decrypted += decipher.final("utf8");
|
|
|
|
return decrypted;
|
|
}
|
|
|
|
// openssl rand -hex 32 > config/encryption.key
|