A secure string for node.
npm install @xbaun/secure-string
For es6 modules:
import { SecureString } from '@xbaun/secure-string';
...
let encrypted = await SecureString.encrypt("secret text", "password", "salt");
// YrxsICumyhPx1Yh9DuYNVQ==
await encrypted.decrypt("password", "salt");
// secret text
For commonjs modules:
const SecureString = require('@xbaun/secure-string');
...
SecureString("secret text", "password", "salt").then((encrypted) => {
console.log(encrypted); // YrxsICumyhPx1Yh9DuYNVQ==
let dec = encrypted.decrypt("password", "salt").then((decrypted) => {
console.log(decrypted); // secret text
});
});
The SecurString.encrypt
and SecurString.decrypt
defaults to AES256
as encryption/decryption cipher.
Available ciphers are:
- AES192
- AES256
A cipher is defined as an object with the following properties:
- algorithm: string - The algorithm to use. Supported are all available OpenSSL cipher algorithms. See
crypto.createCipheriv
- keyLength: number - The required key length of the cipher algorithm. For AES256 its a length of 256 Bits = 32 Bytes.
- ivLength: number - The required iv length of the cipher algorithm. AES has a block size of 128 Bits = 16 Bytes.
- digest: string - The digest used by pbkdf2.
- iterations: number - The number of iterations used by pbkdf2.
import { SecureString, AES256 } from '@xbaun/secure-string';
...
let encrypted = await SecureString.encrypt("secret text", "password", "salt", AES256);
encrypt(plaintext: string, secret: string | Buffer, salt: string | Buffer, algorithm: algorithm = AES256): Promise
Encrypts a plaintext message with a given secret
and salt
. Returns a base64 encoded ciphertext.
- plaintext - The string to encrypt.
- secret - The secret to use for encryption.
- salt - A optional salt which will be combined with the secret.
- algorithm - Defaults to AES256.
SecureString.encrypt("secret text", "password", "salt");
decrypt(encrypted: string, secret: string | Buffer, salt: string | Buffer, algorithm: algorithm = AES256): Promise
Decrypts an encrypted base64 message with a given secret
and salt
. Returns the decoded plaintext message.
On an instance of SecureString
it can be called .decrypt("secret", "salt")
directly.
- encrypted - The base64 encrypted message.
- secret - The secret to use for decryption.
- salt - A optional salt which will be combined with the secret.
- algorithm - Defaults to AES256.
SecureString.decrypt("YrxsICumyhPx1Yh9DuYNVQ==", "password", "salt");
let encrypted = await SecureString.encrypt("secret text", "password", "salt");
await encrypted.decrypt("password", "salt");