mohiit1502/Automata
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix(core): Upgrade crypto-js to address CVE-2023-46233 (#7519)

Browse Source 
[GH Advisory](https://github.com/advisories/GHSA-xwcq-pm8m-c4vf)
This commit is contained in:
कारतोफ्फेलस्क्रिप्ट™
2023-10-26 11:21:53 +02:00
committed by GitHub
parent df89685e15
commit 65e5593233
7 changed files with 49 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
packages/core/jest.config.js
View File

@@ -2,4 +2,5 @@
module.exports = {
...require('../../jest.config'),
globalSetup: '<rootDir>/test/setup.ts',
setupFilesAfterEnv: ['<rootDir>/test/setup-mocks.ts'],
};

2
packages/core/package.json
View File

@@ -54,7 +54,7 @@
"axios": "^0.21.1",
"concat-stream": "^2.0.0",
"cron": "~1.7.2",
"crypto-js": "^4.1.1",
"crypto-js": "^4.2.0",
"fast-glob": "^3.2.5",
"file-type": "^16.5.4",
"flatted": "^3.2.4",

6
packages/core/src/Cipher.ts
View File

@@ -7,13 +7,15 @@ export class Cipher {
constructor(private readonly instanceSettings: InstanceSettings) {}
encrypt(data: string | object) {
const { encryptionKey } = this.instanceSettings;
return AES.encrypt(
typeof data === 'string' ? data : JSON.stringify(data),
this.instanceSettings.encryptionKey,
encryptionKey,
).toString();
}
decrypt(data: string) {
return AES.decrypt(data, this.instanceSettings.encryptionKey).toString(enc.Utf8);
const { encryptionKey } = this.instanceSettings;
return AES.decrypt(data, encryptionKey).toString(enc.Utf8);
}
}

30
packages/core/test/Cipher.test.ts Normal file
View File

@@ -0,0 +1,30 @@
import Container from 'typedi';
import { InstanceSettings } from '@/InstanceSettings';
import { Cipher } from '@/Cipher';
import { mockInstance } from './utils';
describe('Cipher', () => {
mockInstance(InstanceSettings, { encryptionKey: 'test_key' });
const cipher = Container.get(Cipher);
describe('encrypt', () => {
it('should encrypt strings', () => {
const encrypted = cipher.encrypt('random-string');
const decrypted = cipher.decrypt(encrypted);
expect(decrypted).toEqual('random-string');
});
it('should encrypt objects', () => {
const encrypted = cipher.encrypt({ key: 'value' });
const decrypted = cipher.decrypt(encrypted);
expect(decrypted).toEqual('{"key":"value"}');
});
});
describe('decrypt', () => {
it('should decrypt string', () => {
const decrypted = cipher.decrypt('U2FsdGVkX194VEoX27o3+y5jUd1JTTmVwkOKjVhB6Jg=');
expect(decrypted).toEqual('random-string');
});
});
});

1
packages/core/test/setup-mocks.ts Normal file
View File

@@ -0,0 +1 @@
import 'reflect-metadata';