baumblatt / node-red-contrib-crypto-js Goto Github PK

Actually the Encode node receive only a word array as payload that is obtained easily decoding a string with Decode node.

But is a little bit tedious to decode a string just to encode it as Base64 for example.

This issue is to enhance the Encode and Decode node to do a combo of decode/encode in only one step without remove the ability to do just one of the actions.

Currently the secret key has to be stored as a node property, which is both undesure (it's not encrypted in the flows.json file) and not versatile, as for instance in order to generate a tweet the secure key must be generated on-the fly based on other input parameters.

It would be good to be able to set a msg.secret as input parameter

We are using CryptoJS 's PBKDF2 algorithm in our application for encrypt string and same thing we need in node-red flow. Request you to provide CryptoJS 's PBKDF2 algorithm. Thanks

Hello @baumblatt

I was testing this node module and played around with the sample flow. Here is my flow:

[{"id":"99d70efc.dbd86","type":"inject","z":"543e65ad.2f3a4c","name":"Hello World","topic":"","payload":"Hello World","payloadType":"str","repeat":"","crontab":"","once":false,"x":141.11109924316406,"y":751.111083984375,"wires":[["15e204d8.79ab8b"]]},{"id":"31132bff.f80c64","type":"debug","z":"543e65ad.2f3a4c","name":"","active":true,"console":"false","complete":"false","x":696.3332977294922,"y":746.5555515289307,"wires":[]},{"id":"15e204d8.79ab8b","type":"decode","z":"543e65ad.2f3a4c","name":"Dec: base64","encode":"Base64","x":340.4444351196289,"y":748.777774810791,"wires":[["2a8f2dcc.4cab02"]]},{"id":"2a8f2dcc.4cab02","type":"encode","z":"543e65ad.2f3a4c","name":"Enc: Base64","encode":"Base64","x":524.4444732666016,"y":745.5555648803711,"wires":[["31132bff.f80c64"]]}]

So I have a decode node in base64 mode, followed by an encoded node in base64 mode, the return msg is "HelloAWorlc=" instead of "Hello World".

I further checked with this flow in Hex mode, and it returns "00000000000d"

This flow seems working fine with other encode types.

My node-red is running @0.17.5, and [email protected].

Thanks!
Michael Qiu

Hi, I need AES128-CTR with IV.
Is there a way to implement that?

CryptoJS.AES.decrypt(cipherData, key, { iv: iv });

Thanks in advance. Regards, Maarten

Supported algorithms:
Digest Node
crypto-js/md5
crypto-js/sha1
crypto-js/sha3
crypto-js/sha224
crypto-js/sha256
crypto-js/sha384
crypto-js/sha512

But SHA1 is not available in the Algorithm node configuration page.

Won't work for pre-sign url because HmacSHA256 is not an algorithm selection option

The secret key field in both the encryption and decryption are currently not stored as credentials. They are visible in the flow code which can a security issue. For example:

[{"id":"3382580d.79f2d8","type":"encrypt","z":"543e65ad.2f3a4c","name":"","algorithm":"DES","key":"this is my secret key","x":421,"y":115,"wires":[[]]},{"id":"4690dfe7.7ca6c","type":"decrypt","z":"543e65ad.2f3a4c","name":"","algorithm":"AES","key":"this is my other secret key","x":568,"y":116,"wires":[[]]}]

and you can see my "key" content in the above flow code.
I also post on the node-red mailing list here, but I guess it's also a good idea to start an issue to track it.

Since the same key could be required for both the encryption and decryption node, would it be a good idea to have these two nodes share the same config node, which the config node will store the secret key as credential, and both the encryption and decryption node will be able to obtain the secret key from the config node?