pwd-encrypt v1.0.0

pwd-encrypt

Encrypt sensitive data on disk, protected by a password. Useful for private keys etc, to avoid storing them in plaintext.

Install

npm i pwd-encrypt

Usage

See example.js

API

{ encryptedData, id } = encrypt(data, pwd, opts)

Encrypt data with a password.

data is a buffer containing the secret you want to encrypt

pwd is a buffer containing the password with which the data will be encrypted.

opts include:

• id to specify the 8-byte id (defaults to a random id)
• (advanced) kdfParams: an object { opsLimit, memLimit } specifying the parameters to be used for the password hash calculation. Defaults to sodium.crypto_pwhash_scryptsalsa208sha256_OPSLIMIT_SENSITIVE and sodium.crypto_pwhash_scryptsalsa208sha256_MEMLIMIT_SENSITIVE }

Returns an object including entries:

• encryptedData: a buffer with the encrypted version of data, which can be stored on disk
• id: an 8-byte buffer containing the id corresponding to this encrypted data

{ data, id } = decrypt(encryptedData, pwd)

Decrypt previously encrypted data.

encryptedData is a buffer containing the encryptedData buffer of a previous encrypt operation.

pwd is a buffer containing the password with which the data was originally encrypted.

Returns an object including entries:

• data: a buffer with the decrypted data
• id: an 8-byte buffer containing the id corresponding to this encrypted data