errors-crypto
v1.0.6
Published
Security for everyone, and everything.
Downloads
8
Readme
errors-crypto
Security for everyone, and everything.
The crypto module is an implementation of AES-256-CBC
. It simplifies the case of using random Cipher IVs for the user. Now all that's needed is a key, and the result will yet be random. The tools used to perform these cryptographic actions are native in Node.js, meaning they're written in C-lang, therefore it is fast and reliable.
Security
The method used in this module to achieve is a theoretical idea; given a KEY
, HMAC(KEY, KEY)
, PSUEDORANDOM_BYTES(16)
we get all the factors needed to do two things, randomize and secure. Here's a brief functional view of how the method works:
-- User defined.
MESSAGE = 'abc'
KEY = 'password'
-- Gather IVs
IV1 = PSUEDORANDOM_BYTES(16)
IV2 = HMAC(KEY, KEY)
-- Encryption
RESULT1 = ENCRYPT( MESSAGE, IV1, KEY )
RESULT2 = ENCRYPT( IV1 + RESULT1, IV2, KEY )
-- Done
return RESULT2
Note that the HMAC
(hashing) algorithm can be any algorithm returning a 16 byte string. MD5
is used here. MD5
is considered safe enough because the hash alone is not enough to decrypt RESULT 2
, that is because no MD5
dictionary can possibly have the result of a hash signed with it's own value. If a dictionary has a result, it will never be the same as the unhashed value. The only true way to be able to decrypt this is by knowing the KEY
value. Knowing the key value gives you access to both IV1
and IV2
values. Meaning you can decrypt RESULT 2
and RESULT 1
.
Usage
In use with Node.js and TypeScript you simple just import the module's default export.
import Crypto from "errors-crypto";
However, if you're only using CommonJS (the require
function) then you must manually select the default export.
const Crypto = require("errors-crypto").default;
The module comes with two exported functions, encrypt
and decrypt
.
Crypto.encrypt
Crypto.encrypt(data: string, key: string): string
Encrypt data (text) into obfuscated non-readable data.
Params
| Type | Name | Description | | :----: | :--: | :------------------------------------------------------------- | | String | data | This is the data you want to encrypt. | | String | key | This is the key that you want to use when encrypting the data. |
Returns
Crypto.decrypt
Crypto.decrypt(data: string, key: string): string
Decrypt data (non-readable text) into readable-text.
Params:
| Type | Name | Description | | :----: | :--: | :------------------------------------------------------------- | | String | data | This is the data you want to decrypt. | | String | key | This is the key that you want to use when decrypting the data. |
Returns