0.0.11 • Published 12 months ago
cryptaculous v0.0.11
A crypt utility with zero dependencies to encrypt and decrypt data ​​by abstracting the native crypto module.
Supported Algorithms
| Algorithm | Secure |
|---|---|
| AES_128_CBC | 🟢 Yes |
| AES_192_CBC | 🟢 Yes |
| AES_256_CBC | 🟢 Yes |
| AES_128_CFB | 🟢 Yes |
| AES_192_CFB | 🟢 Yes |
| AES_256_CFB | 🟢 Yes |
| AES_128_CTR | 🟢 Yes |
| AES_192_CTR | 🟢 Yes |
| AES_256_CTR | 🟢 Yes |
| AES_128_ECB | 🔴 No |
| AES_192_ECB | 🔴 No |
| AES_256_ECB | 🔴 No |
| AES_128_OFB | 🟢 Yes |
| AES_192_OFB | 🟢 Yes |
| AES_256_OFB | 🟢 Yes |
| CHACHA20_POLY_1305 | 🟢 Yes |
| RSA | 🟢 Yes |
Examples
Try to use secure algorythms but the most important is how you protect the keys.
Usage
Factory method
Using the factory method
import { EncryptionFactory, Algorithm } from 'cryptaculous';
const crypt = EncryptionFactory.createEncryption(Algorithm.AES_256_CBC, {
key: "1c5b2bc5789a0f9b0c576950aaf049b6",
iv: "704a59f3d523c765",
});
const cryptedSecret = crypt.encrypt("secret"); // -> EV2YEWJZcpLdBrkqdDij3Q==
const decryptedSecret = crypt.decrypt(cryptedSecret); // -> secretStrategy pattern
Using a strategies to change the strategy in execution time
import { Encryption, Aes256Cbc } from 'cryptaculous';
const crypt = new Encryption();
if (config.encryptionAlgorith === Algorithm.AES_256_CBC) {
crypt.setStrategy(new Aes256Cbc({
key: "1c5b2bc5789a0f9b0c576950aaf049b6",
iv: "704a59f3d523c765",
}))
}
const secret = "secret";
const crypted = crypt.encrypt(secret); // -> EV2YEWJZcpLdBrkqdDij3Q==
const decrypted = crypt.decrypt(crypted); // -> secretNote: If no strategy set throws MissingStrategyException
Random encryption is a secure way to use different key and initial vector without defining them each time.
It allows you to generate encryption by passing only the value to be encrypted, and it will generate the key and the vector, returning them as a keychain for future use.
The decrypt method receives that keychain and returns the original value.
RandomEncryption
Note: Only compatible with Symmetric algorythms
import { RandomEncryption, Algorithm } from 'cryptaculous';
const cryptedValue = RandomEncryption.encrypt(Algorithm.AES_256_CBC, "secret");
/*
cryptedValue {
payload: 'sSnpCXqFnB+Q1VIf4bL0Fw==',
algorithm: 'aes-256-cbc',
key: '3668f7a00c5b762c14f2792b0fa866e3',
iv: '5f5806eca2eceae3'
}
*/
const decryptedValue = RandomEncryption.decrypt(cryptedValue) // -> secretRSA
import { Encryption, RsaEncryption } from 'cryptaculous';
const encryption = new Encryption();
const rsaStrategy = new RsaEncryption();
const { privateKey, publicKey } = RsaEncryption.generateKeyPairSync('rsa', {
modulusLength: 2048,
publicKeyEncoding: { type: 'spki', format: 'pem' },
privateKeyEncoding: { type: 'pkcs8', format: 'pem' },
});
encryption.setStrategy(rsaStrategy);
rsaStrategy.setKeys({ privateKey, publicKey });
const secret = 'secret';
const crypted = encryption.encrypt(secret);
/*
cryped:
G8r816lSY0MVBcxq4EY14SeaoU4oIAK9I2PP8bksLt3KpVzkr7Ncnt4g9517noffn9P1dHbdwxvw9EIMjD4JtuR2okL4TK0BjgMlAoN07SikHmucmcoVF9IdFAK7FcT6LiEveVktSN+Wfu/nOQLH3t032Tk2aaS9vOVGo8j6LFSf5zZcJpgs4/mLh7Z25SUden47CFc2X18I+BUx6ufKfGulq3CLO4oyXGQ+Pw0BNLH5ZRr564kaJcrKx4Dr/ZxxdMVEj8N6K39MonVGebTlNCHbkJdFh0z/bklJXRaGeMke6homSD3yKvb7O45LOlz+fKme2MvCWl+8LLt4SB/cUQ==
*/
const decrypted = encryption.decrypt(crypted);
const decryptedValue = RandomEncryption.decrypt(cryptedValue) // -> secret
// You could use compare method
rsa.compare("secret", crypted) // -> trueExceptions
| name |
|---|
| UnsupportedAlgorithmException |
| MissingStrategyException |
| InvalidKeyLengthException |
| InvalidIVLengthException |
| DecryptionFailedException |
| EncryptionFailedException |
| MissingPrivateKeyException |
| MissingPublicKeyException |