Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remove CryptoJS salt and add docs for AES "encoding" #30

Merged
merged 4 commits into from
Aug 14, 2023
Merged

Remove CryptoJS salt and add docs for AES "encoding" #30

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
661f339
Remove annyoing CryptoJS salt
rifting Aug 14, 2023
50f76b5
Merge branch 'main' of https://github.com/Riftriot/Dynamic
rifting Aug 14, 2023
9d19d1c
docs
rifting Aug 14, 2023
1a02525
Merge branch 'NebulaServices:main' into main
rifting Aug 14, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 13 additions & 13 deletions docs/configuration/encoding.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ There's a few types of encodings that Dynamic currently supports.
### XOR
The XOR encryption algorithm is an example of symmetric encryption where the same key is used to both encrypt and decrypt a message. Symmetric Encryption: The same cryptographic key is used both to encrypt and decrypt messages

Okay, yes, XOR is a cypher not an encoding. But for the purpose of simplicity, we're going to refer to it as an encoding.
Okay, yes, XOR is a cipher not an encoding. But for the purpose of simplicity, we're going to refer to it as an encoding.

Example:
* `https://google.com`
Expand All @@ -18,28 +18,28 @@ Example:

Want to use XOR? Change your `encoding` value to `xor`

### Plain
In computing, plain encoding is a loose term for data (e.g. file contents) that represent *only characters* of readable material but not its graphical representation nor other objects (floating-point numbers, images, etc.). It may also include a limited number of "whitespace" characters that affect simple arrangement of text.
Note that this provides very little URL cloaking.
### AES
Similar to the XOR encoding, AES (Advanced Encryption Standard) encoding is a type of symmetric encryption where the same key is used to both encrypt and decrypt a message, however AES doesn't settle for a one-byte affair; it operates with much longer key lengths (up to 256 bits) compared to the 8 bits of XOR. Like XOR, it is also a cipher and not an encoding. If you're trying to hide your activity the best, AES is the way to go. While the URL may not be readable, it will be **very** difficult for a third party to decrypt the URL without the key.

Example:
* `https://google.com`
* `https%3A%2F%2Fgoogle.com`
* `88b1yAJnVf99jJZjWhNiho+l5CUg1PRDZGg0Dn005/MseDO3Sn2Mzs`
* `https://www.youtube.com`
* `https%3A%2F%2Fwww.youtube.com`
* `+Bu/h2WhD6UXm5YAYzOuiiPEmA5l/gEZC0CUtY4jb3h6f4Cgwzsm/i`

If this fits your need Change your `encoding` value to `plain`
If this fits your need, Change your `encoding` value to `aes`

### AES
Similar to the XOR encoding, AES (Advanced Encryption Standard) encoding is a type of symmetric encryption where the same key is used to both encrypt and decrypt a message, but different to the XOR encoding, AES doesn't settle for a one-byte affair; it operates with much logner key lengths. It is also a cipher and not an encoding. If you're trying to hide your activity the best, AES is the way to go. It's harder to decrypt than something than base64 and harder to read than the XOR encoded urls. This version of AES is also salted.
### Plain
In computing, plain encoding is a loose term for data (e.g. file contents) that represent *only characters* of readable material but not its graphical representation nor other objects (floating-point numbers, images, etc.). It may also include a limited number of "whitespace" characters that affect simple arrangement of text.
Note that this provides very little URL cloaking.

Example:
* `https://google.com`
* `U2FsdGVkX19vOrJhB+tKkRLOrTZyBrUGWHXptoNXkU9JY6st/tFfsW0Y7UzwAFUm`
* `https%3A%2F%2Fgoogle.com`
* `https://www.youtube.com`
* `U2FsdGVkX18eYibgsnuW2xQsNrAqIUpsYWXMLSLKJRNyrCmeoOJzq38VBWwBSzzY`
* `https%3A%2F%2Fwww.youtube.com`

If this fits your need Change your `encoding` value to `aes`
If this fits your need, Change your `encoding` value to `plain`

### Base64
Base64 is a encoding algorithm that allows you to transform any characters into an alphabet which consists of Latin letters, digits, plus, and slash. Thanks to it, Dynamic can hide URLs by turning the letters of the URL into numbers.
Expand All @@ -50,6 +50,6 @@ Example:
* `https://www.youtube.com`
* `aHR0cHM6Ly93d3cueW91dHViZS5jb20=`

If this fits your need Change your `encoding` value to `base64`
If this fits your need, Change your `encoding` value to `base64`


4 changes: 2 additions & 2 deletions lib/global/codec.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,12 +30,12 @@ const aes = {
encode: (str: string | undefined) => {
if (!str) return str;

return CryptoJS.AES.encrypt(str, 'dynamic').toString();;
return CryptoJS.AES.encrypt(str, 'dynamic').toString().substring(10);
},
decode: (str: string | undefined) => {
if (!str) return str;

return CryptoJS.AES.decrypt(str, 'dynamic').toString(CryptoJS.enc.Utf8);
return CryptoJS.AES.decrypt('U2FsdGVkX1' + str, 'dynamic').toString(CryptoJS.enc.Utf8);
}
}

Expand Down