Open ivanscorral opened 1 year ago
Buffer encryption and decryption have been implemented in src/services/fileService.js.
Right now they use AES-256-CBC as default:
/**
* Encrypts a data buffer using AES-256 in CBC mode.
* @param {Buffer} data - The data buffer to encrypt.
* @returns {Promise<Object>} The iv, key, and encrypted buffers as a JSON object.
*/
async encrypt (data) {
const iv = crypto.randomBytes(16)
const key = crypto.randomBytes(32)
const cipher = crypto.createCipheriv('aes-256-cbc', key, iv)
const encrypted = Buffer.concat([cipher.update(data), cipher.final()])
return { iv, key, data: encrypted }
}
A CryptoService should be implemented to allow for more customization and control.
Issue: Implement Secure File Encryption Using AES within
CryptoService
Overview
To enhance the security of uploaded files, integrate AES encryption within a new
CryptoService
class. The encryption process should be triggered immediately after the file is temporarily stored on the server byFileService
.Objectives
Tasks
CryptoService
Class: This new class should handle all encryption-related activities, separate fromFileService
.encrypt
method.decrypt
method.CryptoService
: Make the encryption algorithm configurable through options or environment variables.CryptoService
, allowing for better key management.Future Enhancements