npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

hybrid-crypto-js

v0.2.4

Published

Hybrid (RSA+AES) encryption and decryption toolkit for JavaScript

Downloads

11,619

Readme

Hybrid Crypto JS

NPM

Introduction

Hybrid Crypto JS is a hybrid (RSA+AES) encryption and decryption toolkit for JavaScript. Hybrid Crypto JS combines RSA and AES encryption algorithms, making it possible to encrypt and decrypt large messages efficiently. This cross-platform library is based on Forge. Hybrid Crypto JS can be used in browsers, Node.js, or React Native.

Documentation

Getting started

Features

Installation

npm install hybrid-crypto-js

Importing

Node.js

var RSA = require('hybrid-crypto-js').RSA;
var Crypt = require('hybrid-crypto-js').Crypt;

React Native

import { Crypt, RSA } from 'hybrid-crypto-js';

Web

Download minified hybrid-crypto.min.js file here.

<script type="text/javascript" src="hybrid-crypto.min.js"></script>

Features

Initialization

// Basic initialization
var crypt = new Crypt();
var rsa = new RSA();

// Increase amount of entropy
var entropy = 'Random string, integer or float';
var crypt = new Crypt({ entropy: entropy });
var rsa = new RSA({ entropy: entropy });

// Select default message digest
var crypt = new Crypt({ md: 'sha512' });

// Select AES or RSA standard
var crypt = new Crypt({
    // Default AES standard is AES-CBC. Options are:
    // AES-ECB, AES-CBC, AES-CFB, AES-OFB, AES-CTR, AES-GCM, 3DES-ECB, 3DES-CBC, DES-ECB, DES-CBC
    aesStandard: 'AES-CBC',
    // Default RSA standard is RSA-OAEP. Options are:
    // RSA-OAEP, RSAES-PKCS1-V1_5
    rsaStandard: 'RSA-OAEP',
});

// Alternate AES keysize (some AES algorithms requires specific key size)
var crypt = new Crypt({
    aesKeySize: 192, // Defaults to 256
});

Encryption

Hybrid Crypto JS provides basic encryption function that also supports multiple RSA keys, with or without signature. An encrypted message is a JSON formatted string.

var message = 'Hello world!';

// Encryption with one public RSA key
var encrypted = crypt.encrypt(publicKey, message);

// Function also supports encryption with multiple RSA public keys
var encrypted = crypt.encrypt([publicKey1, publicKey2, publicKey3], message);

// Encryption with signature
var encrypted = crypt.encrypt(publicKey, message, signature);

Pretty-printed sample output

{
    "v": "hybrid-crypto-js_0.1.2",        // Current package version
    "iv": "CmtyaZTyzoAp1mTNUTztic0v1...", // Initialization vector
    "keys": {                             // Encrypted AES keys by RSA fingerprints
        "85:3d:10:e1:56...": "bHaTF9...",
        "d3:48:6a:e9:13...": "t9eds3..."
    },
    "cipher": "+iwVFsC2dECBQvwcm9DND..."  // Actual encrypted message
    "signature": "sdL93kfdm12feds3C2..."  // Signature (optional)
}

Decryption

Decrypting message with Hybrid Crypto JS is as easy as encrypting. Decrypt function can decrypt any message which has been encrypted with key pair's public key. The decrypted message is a JSON object containing a message and an optional signature.

var encrypted = '{"v":"hybrid-crypto-js_0.1.0","iv":"CmtyaZTyzoAp1mTN...';

// Decrypt encryped message with private RSA key
var decrypted = crypt.decrypt(privateKey, encrypted);

// Get decrypted message
var message = decrypted.message;

Sample output

{
    message: "Hello world!",            // Actual decrypted message
    signature: "sdL93kfdm12feds3C2..."  // Signature (optional)
}

Signatures

Hybrid Crypto JS provides simple message signing. The encrypted message can be signed with the issuer's private key.

var message = 'Hello world!';

// Create a signature with ISSUER's private RSA key
var signature = crypt.signature(issuerPrivateKey, message);

// Encrypt message with RECEIVERS public RSA key and attach the signature
var encrypted = crypt.encrypt(receiverPublicKey, message, signature);

// Select default message digest
var crypt = new Crypt({
    md: 'sha512', // Options: sha1, sha256, sha384, sha512, and md5
});

Verifying

The message receiver needs to have a message issuer's public RSA key in order to verify the message issuer.

// Encrypted message with signature
var encrypted = '{"v":"hybri... ..."signature":"sdL93kfd...';

// Decrypt message with own (RECEIVER) private key
var decrypted = crypt.decrypt(receiverPrivateKey, encrypted);

// Verify message with ISSUER's public key
var verified = crypt.verify(
    issuerPublicKey,
    decrypted.signature,
    decrypted.message,
);

Verification function returns true or false depending on whether the verification was successful.

RSA key pairs

Hybrid Crypto JS RSA key generation function is based in Forge key pair generation function. As a difference, Hybrid Crypto JS returns key pair in PEM format.

// Initialize RSA-class
var rsa = new RSA();

// Generate RSA key pair, default key size is 4096 bit
rsa.generateKeyPair(function(keyPair) {
    // Callback function receives new key pair as a first argument
    var publicKey = keyPair.publicKey;
    var privateKey = keyPair.privateKey;
});

// ... or:
rsa.generateKeyPairAsync().then(keyPair => {
    var publicKey = keyPair.publicKey;
    var privateKey = keyPair.privateKey;
});

// Generate 1024 bit RSA key pair
rsa.generateKeyPair(function(keyPair) {
    // Callback function receives new 1024 bit key pair as a first argument
    var publicKey = keyPair.publicKey;
    var privateKey = keyPair.privateKey;
}, 1024); // Key size

// RSA can be also initialized with options
var rsa = new RSA({
    keySize: 4096,
});