-
Notifications
You must be signed in to change notification settings - Fork 2
/
authenticated-encryption.js
42 lines (32 loc) · 1.43 KB
/
authenticated-encryption.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
'use strict';
const crypto = require('crypto');
// The two keys gotten from Trustpilot
let encryptionKeyBase64 = 'XCxIAot+Tr6FVbU5fROwe2ckBEoFDcb6gwBT8022oVs=';
let authenticationKeyBase64 = 'wNh58yFZ58H+QPomgWkgPqM3JZegQqpg39k06Q4ZvrA=';
let domain = 'my-domain.com';
// Our order to encrypt
let order = {
"email":"[email protected]",
"name":"John Smith",
"ref":"1234",
"skus":["sku1","sku2","sku3"],
"tags":["tag1","tag2","tag3"]
};
let jsonSerializedOrder = JSON.stringify(order);
// When you get the keys from Trustpilot, they are base64 encoded, so first we need to decode them
let encryptionKey = Buffer.from(encryptionKeyBase64, 'base64');
let authenticationKey = Buffer.from(authenticationKeyBase64, 'base64');
// Generate a random initialization vector
let iv = crypto.randomBytes(16);
// Encrypt our order
let cipher = crypto.createCipheriv('aes-256-cbc', encryptionKey, iv);
let cipherText = Buffer.concat([cipher.update(jsonSerializedOrder, 'utf8'), cipher.final()]);
// Compute the HMAC
let hmac = crypto.createHmac('sha256', authenticationKey).update(Buffer.concat([iv, cipherText])).digest();
// Base64 encode the IV + cipherText + HMAC
let base64Payload = Buffer.concat([iv, cipherText, hmac]).toString("base64");
// URL encode to get the final payload
let payload = encodeURIComponent(base64Payload);
// The final url
let url = 'https://www.trustpilot.com/evaluate-bgl/' + domain + '?p=' + payload;
console.log(url);