maxdeviant · jadok · Feb 21, 2019
diff --git a/src/AsyncCryptor.js b/src/AsyncCryptor.js
@@ -1,15 +1,12 @@
 import CryptoJSCore from 'crypto-js/core'
 import AES from 'crypto-js/aes'
 import Stream from 'readable-stream'
+import { makeConfig } from './helpers'
 
 export default class AsyncCryptor {
-  constructor(secretKey) {
-    const salt = CryptoJSCore.lib.WordArray.random(8)
-    const cipher = CryptoJSCore.kdf.OpenSSL.execute(secretKey, 8, 4, salt)
+  constructor(secretKey, configParam) {
     this.key = CryptoJSCore.enc.Utf8.parse(secretKey)
-    this.cryptorParams = {
-      iv: cipher.iv
-    }
+    this.cryptorParams = makeConfig(configParam)
   }
 
   encrypt(state) {

diff --git a/src/async.js b/src/async.js
@@ -1,6 +1,6 @@
 import { createTransform } from 'redux-persist'
 import CryptoJSCore from 'crypto-js/core'
-import { makeEncryptor, makeDecryptor } from './helpers'
+import { makeEncryptor, makeDecryptor, makeConfig } from './helpers'
 import AsyncCryptor from './AsyncCryptor'
 
 const makeAsyncEncryptor = cryptor =>
@@ -23,7 +23,9 @@ export default config => {
       'redux-persist-transform-encrypt: async support is still a work in progress.'
     )
   }
-  const asyncCryptor = new AsyncCryptor(config.secretKey)
+  config.cypher = true
+  const configParam = makeConfig(config)
+  const asyncCryptor = new AsyncCryptor(config.secretKey, configParam)
   const inbound = makeAsyncEncryptor(asyncCryptor)
   const outbound = makeAsyncDecryptor(asyncCryptor)
   return createTransform(inbound, outbound, config)

diff --git a/src/helpers.js b/src/helpers.js
@@ -1,4 +1,5 @@
 import stringify from 'json-stringify-safe'
+import CryptoJSCore from 'crypto-js'
 
 export const handleError = (handler, err) => {
   if (typeof handler === 'function') {
@@ -30,3 +31,21 @@ export const makeDecryptor = (transform, onError) => (state, key) => {
     return null
   }
 }
+
+export const makeConfig = config => {
+  if (config.cipher || config.mode || config.padding) {
+    const salt = CryptoJSCore.lib.WordArray.random(128 / 8)
+    const cipher = CryptoJSCore.kdf.OpenSSL.execute(
+      config.secretKey,
+      256 / 32,
+      128 / 32,
+      salt
+    )
+    return {
+      iv: cipher.iv,
+      mode: config.mode || CryptoJSCore.mode.ECB,
+      padding: config.padding || CryptoJSCore.pad.Pkcs7
+    }
+  }
+  return {}
+}
diff --git a/src/sync.js b/src/sync.js
@@ -1,15 +1,15 @@
 import { createTransform } from 'redux-persist'
 import CryptoJSCore from 'crypto-js/core'
 import AES from 'crypto-js/aes'
-import { makeEncryptor, makeDecryptor } from './helpers'
+import { makeEncryptor, makeDecryptor, makeConfig } from './helpers'
 
-const makeSyncEncryptor = secretKey =>
-  makeEncryptor(state => AES.encrypt(state, secretKey).toString())
+const makeSyncEncryptor = (secretKey, cfg) =>
+  makeEncryptor(state => AES.encrypt(state, secretKey, cfg).toString())
 
-const makeSyncDecryptor = (secretKey, onError) =>
+const makeSyncDecryptor = (secretKey, onError, cfg) =>
   makeDecryptor(state => {
     try {
-      const bytes = AES.decrypt(state, secretKey)
+      const bytes = AES.decrypt(state, secretKey, cfg)
       const decryptedString = bytes.toString(CryptoJSCore.enc.Utf8)
       return JSON.parse(decryptedString)
     } catch (err) {
@@ -20,7 +20,12 @@ const makeSyncDecryptor = (secretKey, onError) =>
   }, onError)
 
 export default config => {
-  const inbound = makeSyncEncryptor(config.secretKey)
-  const outbound = makeSyncDecryptor(config.secretKey, config.onError)
+  const configParam = makeConfig(config)
+  const inbound = makeSyncEncryptor(config.secretKey, configParam)
+  const outbound = makeSyncDecryptor(
+    config.secretKey,
+    config.onError,
+    configParam
+  )
   return createTransform(inbound, outbound, config)
 }