1 | "use strict";
|
2 | Object.defineProperty(exports, "__esModule", { value: true });
|
3 | exports.serverSecure = exports.serverSecureHTTPHeader = void 0;
|
4 | var crypto = require("crypto");
|
5 | var debug_ = require("debug");
|
6 | var debug = debug_("r2:streamer#http/server-secure");
|
7 | var debugHttps = debug_("r2:https");
|
8 | var IS_DEV = (process.env.NODE_ENV === "development" || process.env.NODE_ENV === "dev");
|
9 | function serverSecureHTTPHeader(server, url) {
|
10 | var info = server.serverInfo();
|
11 | if (server.isSecured() &&
|
12 | info && info.trustKey && info.trustCheck && info.trustCheckIV) {
|
13 | var t1 = void 0;
|
14 | if (IS_DEV) {
|
15 | t1 = process.hrtime();
|
16 | }
|
17 | var encrypteds = [];
|
18 | var encryptStream = crypto.createCipheriv("aes-256-cbc", info.trustKey, info.trustCheckIV);
|
19 | encryptStream.setAutoPadding(true);
|
20 | var now = Date.now();
|
21 | var jsonStr = "{\"url\":\"" + url + "\",\"time\":" + now + "}";
|
22 | var buff1 = encryptStream.update(jsonStr, "utf8");
|
23 | if (buff1) {
|
24 | encrypteds.push(buff1);
|
25 | }
|
26 | var buff2 = encryptStream.final();
|
27 | if (buff2) {
|
28 | encrypteds.push(buff2);
|
29 | }
|
30 | var encrypted = Buffer.concat(encrypteds);
|
31 | var base64 = Buffer.from(encrypted).toString("base64");
|
32 | if (IS_DEV) {
|
33 | var t2 = process.hrtime(t1);
|
34 | var seconds = t2[0];
|
35 | var nanoseconds = t2[1];
|
36 | var milliseconds = nanoseconds / 1e6;
|
37 | debugHttps("< A > " + seconds + "s " + milliseconds + "ms [ " + url + " ]");
|
38 | }
|
39 | return { name: "X-" + info.trustCheck, value: base64 };
|
40 | }
|
41 | return undefined;
|
42 | }
|
43 | exports.serverSecureHTTPHeader = serverSecureHTTPHeader;
|
44 | function serverSecure(server, topRouter) {
|
45 | topRouter.use(function (req, res, next) {
|
46 | if (!server.isSecured()) {
|
47 | next();
|
48 | return;
|
49 | }
|
50 | if (req.method.toLowerCase() === "options") {
|
51 | next();
|
52 | return;
|
53 | }
|
54 | var doFail = true;
|
55 | var serverData = server.serverInfo();
|
56 | if (serverData && serverData.trustKey &&
|
57 | serverData.trustCheck && serverData.trustCheckIV) {
|
58 | var t1 = void 0;
|
59 | if (IS_DEV) {
|
60 | t1 = process.hrtime();
|
61 | }
|
62 | var delta = 0;
|
63 | var urlCheck = server.serverUrl() + req.url;
|
64 | var base64Val = req.get("X-" + serverData.trustCheck);
|
65 | if (base64Val) {
|
66 | var decodedVal = Buffer.from(base64Val, "base64");
|
67 | var encrypted = decodedVal;
|
68 | var decrypteds = [];
|
69 | var decryptStream = crypto.createDecipheriv("aes-256-cbc", serverData.trustKey, serverData.trustCheckIV);
|
70 | decryptStream.setAutoPadding(false);
|
71 | var buff1 = decryptStream.update(encrypted);
|
72 | if (buff1) {
|
73 | decrypteds.push(buff1);
|
74 | }
|
75 | var buff2 = decryptStream.final();
|
76 | if (buff2) {
|
77 | decrypteds.push(buff2);
|
78 | }
|
79 | var decrypted = Buffer.concat(decrypteds);
|
80 | var nPaddingBytes = decrypted[decrypted.length - 1];
|
81 | var size = encrypted.length - nPaddingBytes;
|
82 | var decryptedStr = decrypted.slice(0, size).toString("utf8");
|
83 | try {
|
84 | var decryptedJson = JSON.parse(decryptedStr);
|
85 | var url = decryptedJson.url;
|
86 | var time = decryptedJson.time;
|
87 | var now = Date.now();
|
88 | delta = now - time;
|
89 | if (delta <= 3000) {
|
90 | var i = url.lastIndexOf("#");
|
91 | if (i > 0) {
|
92 | url = url.substr(0, i);
|
93 | }
|
94 | if (url === urlCheck) {
|
95 | doFail = false;
|
96 | }
|
97 | }
|
98 | }
|
99 | catch (err) {
|
100 | debug(err);
|
101 | debug(decryptedStr);
|
102 | }
|
103 | }
|
104 | if (IS_DEV) {
|
105 | var t2 = process.hrtime(t1);
|
106 | var seconds = t2[0];
|
107 | var nanoseconds = t2[1];
|
108 | var milliseconds = nanoseconds / 1e6;
|
109 | debugHttps("< B > (" + delta + "ms) " + seconds + "s " + milliseconds + "ms [ " + urlCheck + " ]");
|
110 | }
|
111 | }
|
112 | if (doFail) {
|
113 | debug("############## X-Debug- FAIL ========================== ");
|
114 | debug(req.url);
|
115 | res.status(200);
|
116 | res.end();
|
117 | return;
|
118 | }
|
119 | next();
|
120 | });
|
121 | }
|
122 | exports.serverSecure = serverSecure;
|
123 |
|
\ | No newline at end of file |