search

brix / crypto-js

JavaScript library of crypto standards.
Other
15.82k stars 2.38k forks source link

Encrypt file. NodeJs implementation. #350

Open tiagope opened 3 years ago

tiagope commented 3 years ago

Hello.

First of all, I would like to thank everyone who collaborates with this project. I have a user case that I would like to share if this approach makes sense or if it has best practices I need to encrypt a PDF file, using AES-256 and PBKDF2

node code


const pass = CryptoJS.lib.WordArray.random(16),
 salt = CryptoJS.lib.WordArray.random(16),
 iv = CryptoJS.lib.WordArray.random(16),
 key = CryptoJS.PBKDF2(pass.toString(), salt, { keySize: 256/8, iterations: 100000, hasher: CryptoJS.algo.SHA512});

fs.readFile(file, function(err, data){
   let wordArray = CryptoJS.lib.WordArray.create(data);
   let encrypted = CryptoJS.AES.encrypt(wordArray, key, {iv: iv}).ciphertext;      
   const concatenned =  CryptoJS.lib.WordArray.create().concat(salt).concat(iv).concat(encrypted);

   fs.writeFile("./" + 'doc.pdf.enc', concatenned.toString(CryptoJS.enc.Base64))
})

The final file is a enconded base64, with SALT and IV concatened. And a random password to user, for later use. It's ok implementation? Or have any issue secutiry?

Thanks for help and time.

rupamking1 commented 3 years ago

Can you send full code?