mirror
/
c9-core
kopia lustrzana https://github.com/c9/core
1
0
Forkuj 0
Kod Zgłoszenia Packages Projekty Wydania Wiki Aktywność

Merge pull request +14950 from c9/revert-14949-revert-14938-rotate-sso 

Revert "Revert "Rotate sso""
pull/378/head
Matthijs van Henten 2016-10-20 11:01:43 +02:00 zatwierdzone przez GitHub
rodzic 78c2231c6a 81392cb96e
commit a6060c30ec
2 zmienionych plików z 60 dodań i 19 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

25
node_modules/c9/crypt.js wygenerowano vendored
Wyświetl plik

@ -1,7 +1,11 @@
var crypto = require("crypto"); var crypto = require("crypto");
exports.crypt = function(sessionId, secret) { exports.crypt = function(sessionId, secret) {
secret = [].concat(secret);
secret = secret[1] || secret[0];
var cipher = crypto.createCipher("aes256", secret); var cipher = crypto.createCipher("aes256", secret);
return ( return (
cipher.update(sessionId, "ascii", "base64") + cipher.update(sessionId, "ascii", "base64") +
cipher.final("base64") cipher.final("base64")
@ -9,14 +13,23 @@ exports.crypt = function(sessionId, secret) {
}; };
exports.decrypt = function(encrypted, secret) { exports.decrypt = function(encrypted, secret) {
var cipher = crypto.createDecipher("aes256", secret); var secrets = [].concat(secret);
var data = [ var data;
cipher.update(encrypted, "base64", "ascii"),
cipher.final("ascii")
];
return data.join("").replace(/\=+$/, ""); for (var i = 0; i < secrets.length; i++) {
secret = secrets[i];
var cipher = crypto.createDecipher("aes256", secret);
try {
data = [
cipher.update(encrypted, "base64", "ascii"),
cipher.final("ascii")
];
}
catch (err) { /** ignore failed decrypt **/ }
if (data) return data.join("").replace(/\=+$/, "");
}
}; };
exports.uid = function(length) { exports.uid = function(length) {

46
node_modules/c9/crypt_test.js wygenerowano vendored
Wyświetl plik

@ -1,15 +1,13 @@
"use strict"; "use strict";
"use server"; "use server";
require("c9/inline-mocha")(module);
var assert = require("assert"); var assert = require("assert");
var crypt = require("./crypt"); var crypt = require("./crypt");
module.exports = { describe("c9/crypt", function() {
it("encrpyt and decrypt should return input", function() {
name: "cookie crypt",
"test encrpyt and decrypt should return input" : function() {
var sessionId = "vOcRVvhaBBauiYexVvWyJpPb.AqmabaXkhpmlR8AUkORJHu%2FB7WA57EsDqzled0VoKAg"; var sessionId = "vOcRVvhaBBauiYexVvWyJpPb.AqmabaXkhpmlR8AUkORJHu%2FB7WA57EsDqzled0VoKAg";
var secret = "geheim"; var secret = "geheim";
@ -19,7 +17,37 @@ module.exports = {
crypt.decrypt(crypt.crypt(sessionId, secret), secret), crypt.decrypt(crypt.crypt(sessionId, secret), secret),
sessionId sessionId
); );
} });
};
!module.parent && require("asyncjs").test.testcase(module.exports).exec();
it("Should accept an array for decrypt", function() {
var message = Math.random().toString(36);
var secret = "swordfish";
var crypted = crypt.crypt(message, secret);
var plaintext = crypt.decrypt(crypted, [Math.random().toString(36), Math.random().toString(36), secret]);
assert.equal(plaintext, message, "Got message back");
});
it("Should accept an array for crypt", function() {
var message = Math.random().toString(36);
var secret = ["letmein", "swordfish"];
var crypted = crypt.crypt(message, secret);
var plaintext = crypt.decrypt(crypted, secret);
assert.equal(plaintext, message, "Got message back");
});
it("Should prefer the #1st secret", function() {
var message = Math.random().toString(36);
var secret = ["letmein", "swordfish", "princess"];
var crypted = crypt.crypt(message, secret);
assert.ok(!crypt.decrypt(crypted, secret[0]), "String was not encrypted with the #1st secret");
assert.ok(!crypt.decrypt(crypted, secret[2]), "String was not encrypted with the #3rd secret");
assert.equal(crypt.decrypt(crypted, secret[1]), message, "Got message back");
});
});