crypsi
v1.0.8
Published
Custom crypto utility that wraps the crypto node module to make life easier
Downloads
2,223
Maintainers
Readme
crypsi (Node Crypto Utility)
Custom crypto utility that wraps the crypto
node module to make life easier
Install
$ npm i crypsi
Crypsi is compatible with each other with the following libraries
- Golang https://github.com/telkomdev/go-crypsi
- Python https://github.com/telkomdev/pycrypsi
- C# (.NET) https://github.com/telkomdev/NetCrypsi
- Java/JVM https://github.com/telkomdev/jcrypsi
- Javascript (React and Browser) https://github.com/telkomdev/crypsi.js
Usage
Just open the unit test
folder, all available there.
Features
- Asymmetric encryption with RSA
- Generate RSA private and public key
- Digital Signature with RSA private and public key using PSS
- Symmetric encryption with AES
- Message authentication code with HMAC
- Generate Hash with Common DIGEST Algorithm
Example Generate RSA Private and Public Key
Javascript
const { rsa, keyUtil } = require('crypsi');
const fs = require('fs');
rsa.generateRSAKeyPair(keyUtil.KEY_SIZE_4KB, '').then(pairs => {
console.log(pairs.publicKey);
console.log(pairs.privateKey);
console.log('\n');
console.log(rsa.loadPrivateKeyAsBase64(pairs.privateKey));
console.log('\n');
console.log(rsa.loadPublicKeyAsBase64(pairs.publicKey));
const publicKeyWriter = fs.createWriteStream('public.key');
publicKeyWriter.write(pairs.publicKey);
const privateKeyWriter = fs.createWriteStream('private.key');
privateKeyWriter.write(pairs.privateKey);
publicKeyWriter.close();
privateKeyWriter.close();
}).catch(err => {
console.log(err);
});
Typescript
import { digest, rsa, rsaSign, keyUtil } from 'crypsi';
import fs from 'fs';
async function generate() {
const pairs = await rsa.generateRSAKeyPair(keyUtil.KEY_SIZE_2KB);
const publicKeyWriter = fs.createWriteStream('public.key');
publicKeyWriter.write(pairs.publicKey);
const privateKeyWriter = fs.createWriteStream('private.key');
privateKeyWriter.write(pairs.privateKey);
publicKeyWriter.close();
privateKeyWriter.close();
}
generate();
Result RSA Public Key
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIrVMXSXC5vxh+0fJny0
5neOzrb3kqvGOzLBgza4Emxj+MRLqzn1MtcSFobjwqlWoof8/5ycV0L74fhOywcX
n61vHwik/8As0HkyWK8yRd98T1Q5Z8U+ZYrl959h96Bi6il6y4IN+t7A8lfV2Rvz
UMEl9agfg0xNqPhEUFHCyDYzM7dW9cmSHyUhl+rp9RA/udNkv/k4ak7C4YmQEZyg
b9uEVlFY5Bpod5rZGm6roWqwZ54neDREuI4E7fWTnDXbYqif6/lNcBDvKW9s5oqx
YecNjMsrNrXQHkndoFENouzirQSITbxmwMAE5sJsU0RcFFP0yjsMtfSPSN48ubFH
mQIDAQAB
-----END PUBLIC KEY-----
Result RSA Private Key
-----BEGIN PRIVATE KEY-----
MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDAitUxdJcLm/GH
7R8mfLTmd47OtveSq8Y7MsGDNrgSbGP4xEurOfUy1xIWhuPCqVaih/z/nJxXQvvh
+E7LBxefrW8fCKT/wCzQeTJYrzJF33xPVDlnxT5liuX3n2H3oGLqKXrLgg363sDy
V9XZG/NQwSX1qB+DTE2o+ERQUcLINjMzt1b1yZIfJSGX6un1ED+502S/+ThqTsLh
iZARnKBv24RWUVjkGmh3mtkabquharBnnid4NES4jgTt9ZOcNdtiqJ/r+U1wEO8p
b2zmirFh5w2Myys2tdAeSd2gUQ2i7OKtBIhNvGbAwATmwmxTRFwUU/TKOwy19I9I
3jy5sUeZAgMBAAECggEASf0Pr9F9uZhTWEhmkAOcAHQxDH6C5Hnd0yHN+v4r/ehp
Ak9sRIAhGUhMSxvKqiMoh4x6TD+CVIYJBOzGWn5/NX0QFnzb6uuOTQ5Fqo6oYvFe
c52J8bZ6I8scU+uLWfzoBdOqvEld1emDe50FMEjtVzrhu2S/t1S7AxNkLPk+QHDo
uw4tx7C1Vfq1qLXSo2ShaR1aKgS14m5HjIX6tqgic4IQPKVCv2PArsSBNp9mXD+x
kNnKKfwlZERqXV9eC70CFbU3liPxcRLF/kBuR1Gk1F2cXuSb5bEJ1lDnc1I2vJcd
Ux8yI81Ps/kOM+YXfJgrmQ/2Wp1/5NoZBCFgNwFQAQKBgQDmm/7VuXh5IVUimtMa
IYMJIkRl6hevsM785OkO/lfw/hV3MLoWe1F4qQwfAODTrsr2zEOjioyhzvT+53aa
O9TDIp0Suguv/dZOE388PxfrcB8mfTiYwGVn7JkINXyZap3MQLvznpVnLYYnETNI
AusAf/xXdSMt9v3qUbnA5aNhMQKBgQDVvd8fwLk4JqKpup4zwhMupTuwXdyn4SRE
QCYfhhC1q02oUkMEO4EMPmc0dPQDlI4E564qHG6OFwm/vtWL96//qdn5ExJLlfe2
DmQwk0gJivc5ZMmZMD8CTgtJLRcJDOe1YjwqnEqU3kcuX5lvbXczZOVIU0PW6kmd
LTJtRJZy6QKBgCu8/pJuwQjIZ6tOjidwn7fFxg9GXQO3lyqkCAgN+YP9zPh0R3co
IIWwGlpvAjVj+57fkxyblJzD8fe+0uHh4zK3h+8bVkgk7taUIBe/J7xB4cadDXT7
WMBjQYsrCdzXOeKZjIxiUZfmLIGQY5eO5h+MJsI3t1pqdDJTGdYaN+ihAoGAcrj+
0aQ3xhO2qzMnRtCcSyUU7Iz0qocFWDy2OaVTwq63d+jvX44wrcmwy08ayfEqaSeR
K7km/c0PxoM/S2keZjNcc3vxDfDojCcdT5U9zSFxoLSgIEDtEOei1xwEiS8MDycy
9Av/W/gSbKmTSWOP314AUtmeR/RonpxrvIpb1kECgYAiRqS7MDwPVsktnzuT9ZWx
HDfktrdWAHO5+S2zG9gbCOgnhiOyIq4GakHgbdVlj2xsisOMGULFXEJBP3v8SzgF
7V2kM7+ThdnmQJaQC561871hb9gh5hOkf/GO9Gxe0cBOF4HmHO+QiQvylLdx/w8X
n3LQsISpln3R7g8riWFeWg==
-----END PRIVATE KEY-----
Example Loading RSA Private and Public Key
const { rsa } = require('crypsi');
const fs = require('fs');
// loading RSA private key from file
const privateKeyData = fs.readFileSync('./testdata/private.key');
const privateKey = rsa.loadPrivateKey(privateKeyData);
console.log(privateKey);
// loading RSA public key from file
const publicKeyData = fs.readFileSync('./testdata/public.key');
const publicKey = rsa.loadPublicKey(publicKeyData);
console.log(publicKey);
Example Loading RSA Private and Public Key as Base64 String
const { rsa } = require('crypsi');
const fs = require('fs');
// loading RSA private key from file
const privateKeyData = fs.readFileSync('./testdata/private.key');
const privateKeyBase64 = rsa.loadPrivateKeyAsBase64(privateKeyData);
console.log(privateKeyBase64);
// loading RSA public key from file
const publicKeyData = fs.readFileSync('./testdata/public.key');
const publicKeyBase64 = rsa.loadPublicKeyAsBase64(publicKeyData);
console.log(publicKeyBase64);
Example Loading RSA Private and Public Key as Base64 String and load back as RSA private and public key
const { rsa } = require('crypsi');
const fs = require('fs');
// loading RSA private key from file
const privateKeyData = fs.readFileSync('./testdata/private.key');
const privateKeyBase64 = rsa.loadPrivateKeyAsBase64(privateKeyData);
// for example: save privateKeyBase64 to database
const privateKey = rsa.loadPrivateKeyFromBase64(privateKeyBase64);
console.log(privateKey);
// loading RSA public key from file
const publicKeyData = fs.readFileSync('./testdata/public.key');
const publicKeyBase64 = rsa.loadPublicKeyAsBase64(publicKeyData);
// for example: save publicKeyBase64 to database
const publicKey = rsa.loadPublicKeyFromBase64(publicKeyBase64);
console.log(publicKey);
Example Digital Signature with RSA Private and Public Key
const { rsa, rsaSign, keyUtil } = require('crypsi');
const { Buffer } = require('buffer');
const fs = require('fs');
rsa.generateRSAKeyPair(keyUtil.KEY_SIZE_4KB, '').then(pairs => {
console.log(pairs.publicKey);
console.log(pairs.privateKey);
// data can be anything, from simple string or Buffer of file
const fileData = fs.readFileSync('./testdata/myfile.txt');
// sign with private key
const signature = rsaSign.signWithPSSSha256(pairs.privateKey, Buffer.from(fileData));
// => for example: save signature to database
// verifying digital signature with public key
const signatureValid = rsaSign.verifyWithPSSSha256(pairs.publicKey, signature, Buffer.from(fileData));
console.log(signatureValid);
}).catch(err => {
console.log(err);
});
Example Encryption with RSA Private and Public Key
const { rsa, rsaEncryption, keyUtil } = require('crypsi');
const fs = require('fs');
rsa.generateRSAKeyPair(keyUtil.KEY_SIZE_4KB, '').then(pairs => {
console.log(pairs.publicKey);
console.log(pairs.privateKey);
// data can be anything, from simple string or Buffer of file
const fileData = fs.readFileSync('./testdata/myfile.txt');
// encrypt with public key
const encryptedData = rsaEncryption.encryptWithOaepSha256(pairs.publicKey, fileData);
// decrypt with private key
const decryptedData = rsaEncryption.decryptWithOaepSha256(pairs.privateKey, encryptedData);
console.log(decryptedData);
}).catch(err => {
console.log(err);
});
Example Generate Hash with common Digest Algorithm
const { digest } = require('crypsi');
const data = 'hello world';
// MD5
const generatedHashMd5 = digest.md5(data);
console.log(generatedHashMd5);
// SHA1
const generatedHashSha1 = digest.sha1(data);
console.log(generatedHashSha1);
// SHA256
const generatedHashSha256 = digest.sha256(data);
console.log(generatedHashSha256);
// SHA384
const generatedHashSha384 = digest.sha384(data);
console.log(generatedHashSha384);
// SHA512
const generatedHashSha512 = digest.sha512(data);
console.log(generatedHashSha512);
Example Generate Hash with HMAC
Keyed-Hash Message Authentication Code (HMAC) as defined in U.S. Federal Information Processing Standards Publication 198. An HMAC is a cryptographic hash that uses a key to sign a message (from Golang Documentation).
const { hmac } = require('crypsi');
const key = 'abc$#128djdyAgbjau&YAnmcbagryt5x';
const data = 'hello world';
// MD5
const generatedHmacMd5 = hmac.md5(key, data);
console.log(generatedHmacMd5);
// SHA1
const generatedHmacSha1 = hmac.sha1(key, data);
console.log(generatedHmacSha1);
// SHA256
const generatedHmacSha256 = hmac.sha256(key, data);
console.log(generatedHmacSha256);
// SHA384
const generatedHmacSha384 = hmac.sha384(key, data);
console.log(generatedHmacSha384);
// SHA512
const generatedHmacSha512 = hmac.sha512(key, data);
console.log(generatedHmacSha512);
Example Encryption with AES Algorithm
Expected key len:
- AES 128: key length should be 16 bytes
- AES 192: key length should be 24 bytes
- AES 256: key length should be 32 bytes
Data encryption with AES 256 CBC
const { aesEncryption } = require('crypsi');
const key = 'abc$#128djdyAgbjau&YAnmcbagryt5x';
const data = 'hello world';
// encrypt data with AES 256 CBC
const encryptedData = aesEncryption.encryptWithAes256Cbc(key, data);
console.log(encryptedData);
// decrypt data with AES 256 CBC with the same key
const decryptedData = aesEncryption.decryptWithAes256Cbc(key, encryptedData);
console.log(decryptedData);
File encryption with AES 256 CBC
const fs = require('fs');
const { aesEncryption } = require('crypsi');
const key128 = 'abc$#128djdyAgbj';
fs.readFile('myfile.jpg', null, (err, data) => {
if (err) {
console.log(err);
} else {
const encrypted = aesEncryption.encryptWithAes128Cbc(key128, data);
// store encrypted data and its nonce for example to the database or to the file system
console.log(encrypted.encrypted);
const decryptedData = aesEncryption.decryptWithAes128Cbc(key128, encrypted);
// write decrypted data back to the file
fs.writeFile('out.jpg', decryptedData, 'binary', (err) => {
if (err) {
console.log('error... ', err);
}
});
}
});
File Decryption with AES 256 OCB
const fs = require('fs');
const { aesEncryption } = require('crypsi');
const key256 = 'abc$#128djdyAgbjau&YAnmcbagryt5x';
fs.readFile('./test/testdata/out.bin', null, (err, data) => {
if (err) {
throw err;
}
const decryptedData = aesEncryption.decryptWithAes256Ocb(key256, Buffer.from(data.toString(), 'hex'));
fs.writeFileSync('out.png', decryptedData);
});