@ashiteam/ashi-aes NPM

AshiTEAM AES

Helper classes for my use to encrypt/decrypt binary data and string data using a password.

Installing

Install using npm

npm i @ashiteam/ashi-aes --save

The password to use for encryption/decryption can be passed in the constructor or as an optional parameter to the encrypt/decrypt functions.

To use, first import, create a variable and use as follows

import AshiAesEncrypt from '@ashiteam/ashi-aes-encrypt';
import AshiAesDecrypt from '@ashiteam/ashi-aes-decrypt';

const aesEnc = new AshiAesEncrypt(somePasswordString);
const aesDec = new AshiAesDecrypt(somePasswordString);
const data = 'This is a test string to encrypt. This is a test string to encrypt. This is a test string to encrypt. This is a test string to encrypt';
const encData = await aesEnc.encryptTextAsync(data);
const decData = await aesDec.decryptTextAsync(encData);

console.log(encData);
console.log(data);
console.log(decData);
console.log(decData == data ? 'All good' : 'ERROR');

To encrypt binarry data, use the encryptDataAsync & decryptDataAsync functions. You can pass in a Buffer and get back a Buffer to and from these functions.

const encBinaryData = aesEnc.encryptDataAsync(binaryData);
const decBinaryData = aesDec.decryptDataAsync(encBinaryData);

To pass the password to the functions, do as follows

import AshiAesEncrypt from '@ashiteam/ashi-aes-encrypt';
import AshiAesDecrypt from '@ashiteam/ashi-aes-decrypt';

const aesEnc = new AshiAesEncrypt('');
const aesDec = new AshiAesDecrypt('');

const encData = await aesEnc.encryptTextAsync(data, somePasswordString);
const decData = await aesDec.decryptTextAsync(encData, somePasswordString);

Some Implementation Details

The key used for encryption/decryption is a 256 bit key generated using pbkdf2 using a random salt of 16 bytes long using 100 iterations. The 100 iterations is the default, this however can be changed to a different value by setting the iterations property.

When encrypting:

The random salt is stored as the firs 16 bytes of the output.
A randome iv of 16 bytes is generated and used and stored as the second 16 bytes of the output.
The encrypted data is stored starting from the 32nd byte

When decrypting:

The salt from the first 16 bytes are used to generate the key
The second 16 bytes are used as the initial vector (iv)

Note

Data encrypted using other tools or languages (such as Java, C#, ...) can be decrypted by this code (and vice versa) provided the salt & iv are stored as the first 32 bytes, and the key is generated as mentiond above.