npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

ciffer

v1.0.0

Published

CipherJS is a comprehensive cryptographic library for Node.js, providing functionalities such as hashing, encryption, decryption, JWT creation and validation, and RSA key pair generation.

Downloads

71

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

pramshpramsh

Keywords

cryptographyhashingencryptiondecryptionJWTRSAAES-256securitydigital-signature

Readme

Cipher Class

This Cipher class provides various cryptographic functionalities using Node.js's built-in crypto module. It supports hashing, JWT creation and validation, RSA key pair generation, and AES-256 encryption and decryption.

Installation

To use this class, ensure you have Node.js installed.

Usage

Importing the Class

const { Cipher } = require('./path/to/cipher');

Initialization

Create an instance of the Cipher class by providing the necessary keys and tokens.

const cipher = new Cipher(aes256Key, aes256Iv, appKey, appToken);

Methods

hash(input, [algorithm='sha256'])

Generates a hash of the input using the specified algorithm.

const hash = cipher.hash('your-input-string', 'sha256');

CheckClientHeaders(clientAppKey, clientAppToken)

Checks the validity of client headers.

cipher.CheckClientHeaders(clientAppKey, clientAppToken)
    .then(isValid => console.log(isValid))
    .catch(error => console.error(error));

createJWT(payload, jwtPrivateKey, [validationInputPromise])

Creates a JWT with the given payload and private key. Optionally, a validation promise can be provided.

cipher.createJWT(payload, jwtPrivateKey, validationInputPromise)
    .then(token => console.log(token))
    .catch(error => console.error(error));

getSessionData(JWTtoken)

Gets session data from a JWT.

cipher.getSessionData(JWTtoken)
    .then(sessionData => console.log(sessionData))
    .catch(error => console.error(error));

validateJWT(ip, jwt, jwtpublickey)

Validates a JWT with the given IP and public key.

cipher.validateJWT(ip, jwt, jwtpublickey, validationInputPromise)
    .then(isValid => console.log(isValid))
    .catch(error => console.error(error));

RSAGenerateKeyPair([encodingPrivateKeyType], [encodingFormatBoth], [encodingPublicKeyType], [bitLength])

Generates an RSA key pair.

cipher.RSAGenerateKeyPair()
    .then(([publicKey, privateKey]) => console.log(publicKey, privateKey))
    .catch(error => console.error(error));

RSAsignDocument(privateKey, dataToSign, [encodingFormat], [encodingType])

Signs data using RSA.

cipher.RSAsignDocument(privateKey, dataToSign)
    .then(signature => console.log(signature))
    .catch(error => console.error(error));

RSAverifySignature(publicKey, dataToVerify, signature, [encodingFormat], [publicKeyType])

Verifies an RSA signature.

cipher.RSAverifySignature(publicKey, dataToVerify, signature)
    .then(isValid => console.log(isValid))
    .catch(error => console.error(error));

AES256encrypt(text, salt)

Encrypts text using AES-256-CBC.

cipher.AES256encrypt('your-text', 'your-salt')
    .then(encryptedText => console.log(encryptedText))
    .catch(error => console.error(error));

AES256decrypt(cryptedText, salt)

Decrypts text using AES-256-CBC.

cipher.AES256decrypt(encryptedText, 'your-salt')
    .then(decryptedText => console.log(decryptedText))
    .catch(error => console.error(error));

Detailed Explanation of Salt Usage in AES256encrypt

The AES256encrypt method uses a salt to derive the key and IV for AES-256 encryption, ensuring unique and secure encryption for each salt value.

Key and IV Derivation

The key and IV are derived using the pbkdf2Sync function from the crypto module with the following parameters:

  • this.#aes256Key: AES-256 key.
  • this.#aes256Iv: AES-256 IV.
  • salt: Salt value.
  • 100000: Iterations for PBKDF2.
  • 32: Key length in bytes.
  • 16: IV length in bytes.
  • 'sha512': Hash function.

Encryption Process

The AES256encrypt method uses the derived key and IV to perform AES-256-CBC encryption:

  • text: Text to encrypt.
  • salt: Salt value.
  • createCipheriv('aes-256-cbc', key, iv): Creates a cipher object.
  • cipher.update(text, 'utf-8', 'hex') + cipher.final('hex'): Encrypts the text.

Example Usage

const aes256Key = 'your-aes256-key';
const aes256Iv = 'your-aes256-iv';
const cipher = new Cipher(aes256Key, aes256Iv);

const textToEncrypt = 'Hello, World!';
const salt = 'random_salt';

cipher.AES256encrypt(textToEncrypt, salt)
    .then(encryptedText => console.log(encryptedText))
    .catch(error => console.error(error));

Using a unique salt for each encryption ensures different derived keys and IVs, enhancing security.

License

This project is licensed under the MIT License.