Giters

morajabi / tiny-crypto-node

🔑 Modern Encrypt / decrypt strings (access tokens, secret names, etc) with a key for node

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Non-authenticated

qgustavor opened this issue · comments

commented

Depending on how it's used it's not secure as there is not authentication:

const TinyCrypto = require('tiny-crypto')
tinyCrypto = new TinyCrypto('secretk3y!')

console.log(tinyCrypto.decrypt('ee793eb25f733578c6fc12320c27d6')) // admin:0
console.log(tinyCrypto.decrypt('ee793eb25f733578c6fc12320c27d7')) // admin:1