• This repository has been archived on 20/Jul/2020
  • Stars
    star
    545
  • Rank 81,554 (Top 2 %)
  • Language
    C++
  • License
    MIT License
  • Created about 9 years ago
  • Updated about 6 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

seifnode

Node.js Implementation of Seif Crypto Modules

Getting Started

From your project directory, run (see below for requirements):

$ npm install seifnode

Seifnode depends on the c++ library Seifrng which will be installed locally during pre-install; Seifrng uses the CMake build system which too will be installed locally if not found. The node module also depends of Crypto++ which will be locally installed by Seifrng if not found during pre-install.

On Linux systems the node module requires PatchELF utility which will be installed locally if not found during pre-install.

Alternatively, to use the latest development version from Github:

$ npm install https://github.com/paypal/seifnode.git

Test

Please refer to the "test" directory to view the "mocha" unit tests. To run the tests, please run the following command from the top-level directory.

$ npm test

Examples

Please refer to the "examples" directory to see examples of how to use the various modules.

Interface

The module exposes four different interfaces useful for different purposes.

1. RNG

This module exposes the ISAAC random number generator to node.js from the c++ library seifrng. We haven't made any changes to the random number generation process as such. The only enhancement is that we are accessing the random number generator state and encrypting it before persisting it to the disk.

Initialization:

let seifnode = require("seifnode");
let seifrng = seifnode.RNG();

Usage:

The functions exposed are as follows:

function isInitialized(key, filename, function callback(result){...})

Creates an async worker to check if the RNG has been initialized by checking if the state file exists and can be decrypted using the given key. Once the async work is complete, the RNG is initialized with the state on the disk if present or an appropriate error is given to the callback.

seifrng.isInitialized(key, filename, function(result) {

	console.log(result.code);
	console.log(result.message);

});
// 'key' is a buffer containing the disk encryption/decryption key
// 'filename' is the name of the RNG saved state file on disk
// 'result' is an object containing the code('code') and message('message')

function initialize(key, filename)

Initilizes the RNG by gathering entropy from the available sources (Please look at the "rng" repo for more details at <>). Once the entropy generation is complete, the RNG is initialized using the generated seed and it is ready to be used.

seifrng.initialize(key, filename);
// 'key' is a buffer containing the disk encryption/decryption key
// 'filename' is the name of the RNG saved state file on disk

function getBytes(n)

Gets the number of random bytes required and returns a buffer with the random output. If the RNG has not been initialized an error will be thrown.

let numbytes = 32;
let buffer = seifrng.getBytes(numBytes);
// 'numBytes' is the number of required random bytes
// 'buffer' is a node.js buffer

function saveState()

Encrypts and saves the RNG state to disk.

seifrng.saveState(function(result) {

	console.log(result.code);
	console.log(result.message);

});

function destroy()

Destroys the underlying RNG object thus saving the state to disk.

seifrng.destroy();

2. ECC

This module is responsible for exposing Crypto++ ECC functions using our implementation of isaac random number generator.

Initialization:

let seifnode = require("seifnode");
let seifecc = seifnode.ECC(diskKey, folder);
// 'diskKey' is the key used to encrypt the keys and rng state
// 'folder' is the folder where the keys and rng state are saved on disk

Usage:

The functions exposed are as follows:

function loadKeys()

Creates an async worker to load keys from the disk (encrypted using the key provided during initialization) and invokes the callback function with the error object (if applicable) and/or the object containing the keys.

seifecc.loadKeys(function(status, keys) {

	// 'status' (if applicable) is of the form: {code: [statusCode], message: [statusMessage]}
	console.log(status);
	// 'keys' (if available) is of the form: {enc: [publicKey], dec: [privateKey]}
	console.log(keys);

});

function generateKeys()

Initializes the isaac RNG and uses it to generate the public/private keys and return them to the caller. These keys are also encrypted and saved to the disk.

let keys = seifecc.generateKeys();
// 'keys' (if available) is of the form: {enc: [publicKey], dec: [privateKey]}

function encrypt(publicKey, message)

Encrypts the message buffer using the public key to return the cipher string (We are using Cryptopp ECIES for this purpose and the curve used is the NIST approved SECP521r1).

seifecc.loadKeys(function(status, keys) {

	if (status === undefined && keys !== undefined) {

		let cipher = obj.encrypt(keys.enc, message);
		// 'keys.enc' is the string containing the hex encoded ECC public key
		// 'message' is the buffer containing the message to be encrypted
		// 'cipher' is a buffer containing the encrypted cipher

	}

});

function decrypt(privateKey, cipher)

Decrypts the cipher buffer using the private key to return the original message buffer (We are using Cryptopp ECIES for this purpose and the curve used is the NIST approved SECP521r1).

seifecc.loadKeys(function(status, keys) {

	if (status === undefined && keys !== undefined) {

		let message = seifecc.decrypt(keys.dec, cipher);
		// 'keys.dec' is the string containing the hex encoded ECC private key
		// 'cipher' is the buffer containing the cipher to be decrypted
		// 'message' is the buffer containing the decrypted message

	}

});

3. AESXOR

This module is responsible for exposing our implementation of link encryption. We are exposing the Cryptopp AES implementation in the GCM mode with slight modifications to enhance security as explained below. Similary, after the cipher bytes have been decrypted they are XOR'd with XORShift+ random bytes to get the original message.

Initialization:

let seifnode = require("seifnode");
let seifaes = seifnode.AESXOR(seed);
// 'seed' is a buffer containing bytes representing the uint64 pcg seed

Usage:

The functions exposed are as follows:

function encrypt(key, message)

Encrypts the message using the given key to return the cipher. As part of this process, the message bytes are first XOR'd with equal number of random bytes generated using XORShift+ and then encrypted using the AES-GCM mode.

let cipher = seifaes.encrypt(key, message);
// 'key' is the buffer containing the AES key
// 'message' is the buffer containing the message to be encrypted
// 'cipher' is the buffer containing the encrypted cipher

function decrypt(key, cipher)

Decrypts the cipher to return the original message. As part of this process, after the cipher bytes have been decrypted using the AES-GCM mode, the decrypted buffer is XOR'd with as many XORShift+ random bytes to get the original message.

let message = seifaes.decrypt(key, cipher);
// 'key' is the buffer containing the AES key
// 'cipher' is the buffer containing the cipher to be decrypted
// 'message' is the buffer containing the decrypted message

4. SEIFSHA3

This module is responsible for exposing Crypto++ SHA3 function

Initialization:

let seifnode = require("seifnode");
let seifsha3 = seifnode.SEIFSHA3();

Usage:

The functions exposed are as follows:

function hash(data)

Gets the string data and returns the hash (using Cryptopp implementation of SHA3-256) of the given input as a buffer object.

let hash = seifsha3.hash(stringData);
// 'stringData' is the string data to be hashed
// 'hash' is the output buffer containing the SHA3-256 hash

Dependencies

1. Seifrng

For generating cryptographically secure random numbers.

License: https://github.com/paypal/seifrng/blob/master/LICENSE.md

2. CryptoPP/Crypto++

Used for all cryptographic functions. Library installed version 5.6.5

License: Crypto++ Library is copyrighted as a compilation and (as of version 5.6.5) licensed under the Boost Software License 1.0, while the individual files in the compilation are all public domain. https://www.cryptopp.com/License.txt

3. Node modules: nan

This is basically a header file containing macros and utilities to store all logic necessary to develop native Node.js addons without having to inspect NODE_MODULE_VERSION

License & copyright: https://github.com/nodejs/nan/blob/master/LICENSE.md

License

The MIT License (MIT)

Copyright (c) 2015, 2016, 2017 PayPal

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

More Repositories

1

glamorous

DEPRECATED: 💄 Maintainable CSS with React
JavaScript
3,640
star
2

junodb

JunoDB is PayPal's home-grown secure, consistent and highly available key-value store providing low, single digit millisecond, latency at any scale.
Go
2,565
star
3

accessible-html5-video-player

Accessible HTML5 Video Player
JavaScript
2,451
star
4

react-engine

a composite render engine for universal (isomorphic) express apps to render both plain react views and react-router views
JavaScript
1,449
star
5

squbs

Akka Streams & Akka HTTP for Large-Scale Production Deployments
Scala
1,433
star
6

PayPal-node-SDK

node.js SDK for PayPal RESTful APIs
JavaScript
1,279
star
7

paypal-checkout-components

please submit Issues about the PayPal JS SDK here: https://github.com/paypal/paypal-js/issues
JavaScript
1,270
star
8

gatt

Gatt is a Go package for building Bluetooth Low Energy peripherals
Go
1,135
star
9

PayPal-iOS-SDK

Accept credit cards and PayPal in your iOS app
Objective-C
974
star
10

gnomon

Utility to annotate console logging statements with timestamps and find slow processes
JavaScript
932
star
11

PayPal-Android-SDK

Accept PayPal and credit cards in your Android app
Java
824
star
12

bootstrap-accessibility-plugin

Accessibility Plugin for Bootstrap 3 and Bootstrap 3 as SubModule
HTML
789
star
13

PayPal-Python-SDK

Python SDK for PayPal RESTful APIs
Python
702
star
14

AATT

Automated Accessibility Testing Tool
JavaScript
601
star
15

PayPal-Ruby-SDK

Ruby SDK for PayPal RESTful APIs
Ruby
593
star
16

ipn-code-samples

PHP
561
star
17

PayPal-NET-SDK

.NET SDK for PayPal's RESTful APIs
C#
535
star
18

PayPal-Java-SDK

Java SDK for PayPal RESTful APIs
Java
535
star
19

data-contract-template

Template for a data contract used in a data mesh.
460
star
20

Checkout-PHP-SDK

PHP SDK for Checkout RESTful APIs
PHP
418
star
21

hera

High Efficiency Reliable Access to data stores
Go
289
star
22

SeLion

Enabling Test Automation in Java
Java
281
star
23

nemo-core

Selenium-webdriver based automation in node.js
JavaScript
261
star
24

support

An evented server framework designed for building scalable and introspectable services, built at PayPal.
Python
261
star
25

PayPal-Cordova-Plugin

PayPal SDK Cordova/Phonegap Plugin
Objective-C
248
star
26

gimel

Big Data Processing Framework - Unified Data API or SQL on Any Storage
Scala
245
star
27

scala-style-guide

Style Guidelines for PayPal Scala Applications
240
star
28

merchant-sdk-php

PHP SDK for integrating with PayPal's Express Checkout / MassPay / Web Payments Pro APIs
PHP
230
star
29

paypal-js

Loading wrapper and TypeScript types for the PayPal JS SDK
TypeScript
229
star
30

paypal-rest-api-specifications

This repository contains the specification files for PayPal REST APIs.
192
star
31

resteasy-spring-boot

RESTEasy Spring Boot Starter
Java
188
star
32

Checkout-Java-SDK

PayPal Checkout Java SDK
Java
182
star
33

autosklearn-zeroconf

autosklearn-zeroconf is a fully automated binary classifier. It is based on the AutoML challenge winner auto-sklearn. Give it a dataset with known outcomes (labels) and it returns a list of predicted outcomes for your new data. It even estimates the precision for you! The engine is tuning massively parallel ensemble of machine learning pipelines for best precision/recall.
Python
171
star
34

skipto

SkipTo is a replacement for your old classic "Skipnav" link. Once installed on a site, the script dynamically determines the most important places on the page and presents them to the user in a drop-down menu.
HTML
152
star
35

TLS-update

Documentation & tools for the upcoming TLSv1.2 required update
Java
148
star
36

Checkout-NET-SDK

.NET SDK for Checkout RESTful APIs
C#
139
star
37

cascade

Common Libraries & Patterns for Scala Apps @ PayPal
Scala
129
star
38

merchant-sdk-ruby

Ruby
110
star
39

heap-dump-tool

Tool to sanitize data from Java heap dumps.
Java
110
star
40

NNAnalytics

NameNodeAnalytics is a self-help utility for scouting and maintaining the namespace of an HDFS instance.
Java
110
star
41

paypal-smart-payment-buttons

Smart Payment Buttons
JavaScript
108
star
42

yurita

Anomaly detection framework @ PayPal
Scala
106
star
43

InnerSourceCommons

DEPRECATED - old repo for InnerSourceCommons website. Moved to https://github.com/InnerSourceCommons/innersourcecommons.org
JavaScript
105
star
44

adaptivepayments-sdk-php

PHP SDK for integrating with PayPal's AdaptivePayments API
PHP
101
star
45

fullstack-phone

A dual-module phone number system with dynamic regional metadata ☎️
JavaScript
90
star
46

sdk-core-php

for classic PHP SDKs.
PHP
87
star
47

paypal-here-sdk-android-distribution

Add credit card (swipe & key-in) capabilities to your Android app
Java
84
star
48

merchant-sdk-dotnet

C#
83
star
49

paypal-here-sdk-ios-distribution

Add credit card (tap, insert, swipe & key-in) capabilities to your iOS app
Objective-C
82
star
50

payflow-gateway

Repository to store the Payflow Gateway and PayPal Payments Pro SDKs.
C#
80
star
51

sdk-packages

Binary packages for deprecated SDKs.
77
star
52

android-checkout-sdk

Kotlin
77
star
53

Iguanas

Iguanas is a fast, flexible and modular Python package for generating a Rules-Based System (RBS) for binary classification use cases.
Jupyter Notebook
74
star
54

paypal-android

One merchant integration point for all of PayPal's services
Kotlin
72
star
55

legalize.js

JavaScript object validation for browsers + node
JavaScript
70
star
56

paypalcheckout-ios

Need to add Native Checkout to your iOS Application? We can help!
Ruby
70
star
57

paypal-sdk-client

Shared config for PayPal/Braintree client SDKs
JavaScript
65
star
58

load-watcher

Load watcher is a cluster-wide aggregator of metrics, developed for Trimaran: Real Load Aware Scheduler in Kubernetes.
Go
63
star
59

dce-go

Docker Compose Executor to launch pod of docker containers in Apache Mesos.
Go
63
star
60

merchant-sdk-java

Java SDK for integrating with PayPal's Express Checkout / MassPay / Web Payments Pro APIs
Java
62
star
61

sdk-core-java

for classic Java SDKs.
Java
61
star
62

paypal-ios

One merchant integration point for all of PayPal's services
Swift
59
star
63

gorealis

Version 1 of a Go library for interacting with the Aurora Scheduler
Go
58
star
64

scorebot

CSS
57
star
65

PPExtensions

Set of iPython and Jupyter extensions to improve user experience
Python
50
star
66

paypal-checkout-demo

Demo app for paypal-checkout
JavaScript
49
star
67

dione

Dione - a Spark and HDFS indexing library
Scala
49
star
68

Payouts-PHP-SDK

PHP SDK for Payouts RESTful APIs
PHP
49
star
69

pdt-code-samples

Visual Basic
48
star
70

butterfly

Application transformation tool
Java
47
star
71

Payouts-NodeJS-SDK

NodeJS SDK for Payouts RESTful APIs
JavaScript
47
star
72

digraph-parser

Java parser for digraph DSL (Graphviz DOT language)
Java
44
star
73

paypalhttp_php

PHP
43
star
74

tech-talks

Place for all PayPalX presentations, tech talks, and tutorials, and the sample code and apps used in those.
ColdFusion
38
star
75

Illuminator

iOS Automator
Swift
38
star
76

paypal-sdk-release

Unified SDK wrapper module for tests, shared build config, and deploy
JavaScript
37
star
77

PayPal-REST-API-issues

Issue tracking for REST API bugs, features, and documentation requests.
37
star
78

paypal-messaging-components

PayPal JavaScript SDK - messaging components
JavaScript
37
star
79

ionet

ionet is a bridge between the Go stdlib's net and io packages
Go
37
star
80

paypal-access

Examples and code for PayPal Access
Python
36
star
81

horizon

An SBT plugin to help with building, testing, analyzing and releasing Scala
Scala
35
star
82

Payouts-Java-SDK

Java SDK for Payouts RESTful APIs
Java
35
star
83

genio

Genio is an extensible tool that can generate code to consume APIs in multiple programming languages based on different API specification formats.
Ruby
35
star
84

mirakl-hyperwallet-connector

The Hyperwallet Mirakl Connector (HMC) is a self-hosted solution that mediates between a Mirakl marketplace solution and the Hyperwallet (PayPal) payout platform.
Java
34
star
85

openapilint

Node.js linter for OpenAPI specs
JavaScript
31
star
86

paypal-sdk-constants

JavaScript
27
star
87

sdk-core-ruby

Core Library for PayPal Ruby SDKs
Ruby
27
star
88

go.crypto

Go crypto packages
Go
26
star
89

PayPal-PHP-SDK

PHP SDK for PayPal RESTful APIs
PHP
26
star
90

nemo-view

View interface for the Nemo automation framework
JavaScript
26
star
91

Gibberish-Detector-Java

A small program to detect gibberish using a Markov Chain
Java
26
star
92

nemo-accessibility

Automate Accessibility testing within your environment (Localhost)
JavaScript
25
star
93

Payouts-Python-SDK

Python SDK for Payouts RESTful APIs
Python
25
star
94

here-sideloader-api-samples

Sideloader API samples that enable to integrate PayPal Here into other apps
Objective-C
24
star
95

couchbasekafka

Couchbase Kafka Adapter
Java
24
star
96

baler

Bundle assets into iOS static libraries
Python
22
star
97

invoice-sdk-php

PHP SDK for integrating with PayPal's Invoicing API
PHP
21
star
98

Payouts-DotNet-SDK

DotNet SDK for Payouts RESTful APIs
C#
20
star
99

paypal-funding-components

PayPal JavaScript SDK Funding Components
JavaScript
20
star
100

squbs-scala-seed.g8

Scala giter8 Template for Squbs
Scala
20
star