crypto-wrapper v1.0.1
crypto-wrapper
Wrapper module for demonstrating and simplifying Crypto implementation in Node.js
Version 1.0.0 implements scrypt for the following methods:
- Cipher100()and- Decipher100()
- Hash100()and- VerifyHash100()with message authentication
Version 0.2.0 implements bcrypt and PBKDF2 for the following methods:
- GenerateSalt020()
- Hash020()and- VerifyHash020()
- Cipher020()and- Decipher020()with no message authentication
Dependencies:
Configuration:
When no configuration is passed to the CryptoWrapper() construtor method, the following hard-coded options will be used:
var default_options = {
   format: 'hex',
   autopadding: true,
   iv_size: 16,
   key_size: 16,
   key_iterations: 100000,
   mac_key_size: 64,
   salt_rounds: 12,
   seed_length: 40,
   cipher_algorithm: 'aes-128-cbc',
   mac_algorithm: 'sha512',
   hash_algorithm: 'sha512',
   signer_algorithm: 'sha1',
   private_key_file: './examples/keyfiles/sample-privkey.pem',
   public_key_file: './examples/keyfiles/sample-key.pub',
	// scrypt.params()
	// { N: 16, r: 1, p: 1 }		// test vector 1
	// { N: 1024, r: 8, p: 16 }	// test vector 2
	// { N: 16384, r: 8, p: 1 }	// test vector 3
	// { N: 1048576, r: 8, p: 1 }	// test vector 4 (experimental)
	scrypt_params: { N: 16384, r: 8, p: 1 },
	scrypt_kdf_config: {
		saltEncoding: 'buffer',
		keyEncoding: 'ascii',
		outputEncoding: 'buffer',
		defaultSaltSize: 256,
		outputLength: 80 // key_size + mac_key_size
	},
};Generating a public/private keypair for signing:
$ openssl genrsa -out examples/keyfiles/sample-privkey.pem 1024
$ openssl rsa -in examples/keyfiles/sample-privkey.pem -pubout > examples/keyfiles/sample-key.pubGetting Started
To get started, take a look at the examples included.
References
Before using this library, it is highly recommended that you read through the following resources to help establish a more solid understanding of crypto methodologies and best practices.
- Crypto Implementation (DRAFT)
- What Are The Essential Properties For Storing Passwords
- How to Safely Store a Password
- Stronger Key Derivation via Sequential Memory-Hard Functions
- Bcrypt Evaluation
- The Scrypt Key Derivation Function and Encryption Utility
Disclaimer
Use of the service is at your own risk.
THE SERVICE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL I BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SERVICE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.