npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@earthbucks/aescbc

v0.9.0

Published

EarthBucks library for AES+CBC encryption and decryption.

Downloads

8

Readme

AES+CBC Encryption/Decryption Library

This TypeScript library provides a simple interface for encrypting and decrypting data using AES (Advanced Encryption Standard) in Cipher Block Chaining (CBC) mode. It primarily exposes two methods: encrypt and decrypt, allowing users to securely handle arbitrary amounts of data.

⚠️ Important Security Note: This library does not verify the authenticity of the encrypted data. If the data is altered, it may still decrypt but result in corrupted or incorrect information. To ensure the integrity of your encrypted data, it is highly recommended that you apply a hash function (such as HMAC) to verify that the data has not been tampered with.

Installation

npm install @earthbucks/aescbc

Usage

encrypt Method

Encrypt data using AES with CBC mode. This method supports 128, 192, or 256-bit AES keys and a 128-bit initialization vector (IV). You can choose to prepend the IV to the encrypted data for easier storage and transmission.

import { WebBuf } from "webbuf";
import { encrypt } from '@earthbucks/aescbc';

/**
 * Encrypt data with AES + CBC mode.
 *
 * @param {WebBuf} messageBuf - The data to encrypt. Can be any size.
 * @param {WebBuf} aesKeyBuf - The AES key (128, 192, or 256 bits).
 * @param {WebBuf} ivBuf - The initialization vector (IV, 128 bits).
 * @param {boolean} concatIvBuf - If true, prepends the IV to the encrypted data.
 * @returns {WebBuf} - The encrypted data.
 */
const aesKey = WebBuf.from('your-32-byte-key-here', 'hex');
const iv = WebBuf.from('your-16-byte-iv-here', 'hex');
const message = WebBuf.from('Hello, World!');

const encrypted = encrypt(message, aesKey, iv);
console.log(encrypted);

Parameters

  • messageBuf: The data to encrypt. Can be any size.
  • aesKeyBuf: The AES key. Must be 128, 192, or 256 bits.
  • ivBuf: The initialization vector (IV). Must be 128 bits. If not provided, a random IV is generated.
  • concatIvBuf: If set to true, the IV will be prepended to the encrypted data (default: true).

Returns

  • A WebBuf containing the encrypted data. If concatIvBuf is true, the IV will be prepended to the output.

decrypt Method

Decrypt data that was encrypted with AES in CBC mode. If the IV was prepended to the encrypted data, you can omit the ivBuf parameter.

import { WebBuf } from "webbuf";
import { decrypt } from '@earthbucks/aescbc';

/**
 * Decrypt AES-encrypted data.
 *
 * @param {WebBuf} encBuf - The encrypted data.
 * @param {WebBuf} aesKeyBuf - The AES key (128, 192, or 256 bits).
 * @param {WebBuf} ivBuf - The initialization vector (optional if IV is included in `encBuf`).
 * @returns {WebBuf} - The decrypted data.
 */
const decrypted = decrypt(encrypted, aesKey, iv);
console.log(decrypted.toString());

Parameters

  • encBuf: The encrypted data. If the IV is prepended, pass the entire buffer here.
  • aesKeyBuf: The AES key. Must be 128, 192, or 256 bits.
  • ivBuf: The initialization vector (IV). Must be 128 bits. If omitted, the IV is assumed to be prepended to the encrypted data.

Returns

  • A WebBuf containing the decrypted data.

Security Notice

While this library implements AES encryption, it does not protect against data tampering. If an attacker modifies the encrypted data, it may decrypt incorrectly without raising an error. To ensure data authenticity, you should compute and verify a cryptographic hash (such as HMAC) alongside encryption to detect unauthorized modifications.

Example: Encrypting and Decrypting with a Prepend IV

const aesKey = WebBuf.from('your-32-byte-key-here', 'hex');
const message = WebBuf.from('Secret message here');
const encrypted = encrypt(message, aesKey);
console.log('Encrypted:', encrypted);

// Decrypt the data
const decrypted = decrypt(encrypted, aesKey);
console.log('Decrypted:', decrypted.toString());

License

This library is open-source and licensed under the MIT License.


Feel free to modify this README as needed, including the installation instructions, package name, and any additional sections you may want to include.