Skip to content

uamanager/qcp

Repository files navigation

qcp - Quick Cryptico Protocol

Maintainability Test Coverage Build Status Commitizen friendly

QCP developed for those who use encryption in their apps. Basically it's class which can co-work with any kind of encryption library. But for examples we'll use cryptico

Installation

    # with yarn:
    yarn add qcp
    # with npm:
    npm i --save qcp

Usage

Import

    import {QuickCrypticoProtocol} from 'qcp';

or

    const QuickCrypticoProtocol = require('qcp').QuickCrypticoProtocol;

API

QCP goes through passed data, looking for private objects, takes them into hash map, replaces private objects to hash map id, serializes hash map and then encrypts it. And vice versa.

To mark object as private just add private: true property. Example:

    // this object won't be encrypted
    const example1 = {
        foo: 'bar'
    };

    // but this one will
    const example2 = {
        private: true,
        foo: 'bar'
    };

Main method for encryption of object by protocol. Examples:

Primitives:

const example = 'test string';
const encoded = qcp.encode(example); // {public: 'test string'}

Arrays:

Array without private fields:
const example = ['test string'];
const encoded = qcp.encode(example); // {public: ['test string']}
Array with private fields:
const example = [
 {
   foo: 'bar',
   test: 1,
   private: true
 },
 {
   foo: 'bar',
   test: 2,
   private: true
 },
 'test'
];
const encoded = qcp.encode(example);
// {
//     public: ['0[Bsnz2rSBvg]', '1[hqusXQO7hi]', 'test'],
//     private: "{\"0[Bsnz2rSBvg]\":{\"foo\":\"bar\",\"test\":1,\"private\":true},\"1[hqusXQO7hi]\":{\"foo\":\"bar\",\"test\":2,\"private\":true}}"
// }

Objects:

Objects without private fields:
 const example = {foo: 'bar'};
 const encoded = qcp.encode(example); // {public: {foo: 'bar'}}
Root objects with private fields:
 const example = {
   foo: 'bar',
   private: true
 };
 const encoded = qcp.encode(example);
// {
//     public: 'public[odwHIurT6p]',
//     private: "{\"public[odwHIurT6p]\":{\"foo\":\"bar\",\"private\":true}}"
// }
Objects with nested private fields:
 const example = {
      foo: 'bar',
      test1: {
        foo: 'bar',
        test: 1,
        private: true
      },
      test2: {
        foo: 'bar',
        test: 2,
        private: true
      }
    };
 const encoded = qcp.encode(example);
// {
//     public: {
//        "foo": "bar",
//        "test1": "test1[b0HcZPqCFz]",
//        "test2": "test2[5_ZGyNtUhD]",
//     },
//     private: "{\"test1[b0HcZPqCFz]\":{\"foo\":\"bar\",\"test\":1,\"private\":true},\"test2[5_ZGyNtUhD]\":{\"foo\":\"bar\",\"test\":2,\"private\":true}}"
// }

Main method for decryption of object by protocol. Works the same as encrypt method but in reverse order. Not throwing error if passed data is not by protocol.

Methods that should be overwritten to support encryption. Example:

import {QuickCrypticoProtocol} from 'qcp';
import * as cryptico from 'cryptico';

export class Protocol extends QuickCrypticoProtocol {
	constructor (private privateKey: string, private publicKey: string) {
		super();
	}

// `encryptor` - method for data encrypt.
// By default returns the same data as was passed.
	public encryptor (data: string) {
		return cryptico.encrypt(data, this.publicKey).cipher;
	}
// `decryptor` - method for data decrypt.
// By default returns the same data as was passed.
	public decryptor (data: string) {
		return cryptico.decrypt(data, this.privateKey).plaintext;
	}
}

Method that generates id for replaced object. For prevent ids collision, it adds random string. Interpolation can be enabled by specifying interpolationStart and interpolationEnd properties.

Methods which serialize/deserialize data before encryption. By default JSON.stringify/JSON.parse used.

Copyright 2019 I. Panarin

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program.  If not, see <https://www.gnu.org/licenses/>.