MCPcopy
hub / github.com/di-sukharev/opencommit / decrypt

Function decrypt

out/cli.cjs:2100–2126  ·  view source on GitHub ↗
(encrypted, keyStr)

Source from the content-addressed store, hash-verified

2098 return DotenvModule._configVault(options);
2099 }
2100 function decrypt(encrypted, keyStr) {
2101 const key = Buffer.from(keyStr.slice(-64), "hex");
2102 let ciphertext = Buffer.from(encrypted, "base64");
2103 const nonce = ciphertext.subarray(0, 12);
2104 const authTag = ciphertext.subarray(-16);
2105 ciphertext = ciphertext.subarray(12, -16);
2106 try {
2107 const aesgcm = crypto3.createDecipheriv("aes-256-gcm", key, nonce);
2108 aesgcm.setAuthTag(authTag);
2109 return `${aesgcm.update(ciphertext)}${aesgcm.final()}`;
2110 } catch (error) {
2111 const isRange = error instanceof RangeError;
2112 const invalidKeyLength = error.message === "Invalid key length";
2113 const decryptionFailed = error.message === "Unsupported state or unable to authenticate data";
2114 if (isRange || invalidKeyLength) {
2115 const err = new Error("INVALID_DOTENV_KEY: It must be 64 characters long (or more)");
2116 err.code = "INVALID_DOTENV_KEY";
2117 throw err;
2118 } else if (decryptionFailed) {
2119 const err = new Error("DECRYPTION_FAILED: Please check your DOTENV_KEY");
2120 err.code = "DECRYPTION_FAILED";
2121 throw err;
2122 } else {
2123 throw error;
2124 }
2125 }
2126 }
2127 function populate(processEnv, parsed, options = {}) {
2128 const debug5 = Boolean(options && options.debug);
2129 const override = Boolean(options && options.override);

Callers

nothing calls this directly

Calls 3

updateMethod · 0.80
fromMethod · 0.45
sliceMethod · 0.45

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…