npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

lockbox

v0.2.0

Published

Simple, strong encryption.

Downloads

4

Readme

Lockbox for Node.js

Simple, strong encryption.

Build Status Test Coverage Uses Semantic Versioning

Installation

What is Lockbox?

Lockbox is the simplest possible way to implement strong, two-way, public-key encryption for use in applications. Lockbox uses a combination of well-established technologies to ensure the safety of data. For more information, see the Lockbox website.

Usage

Generating keys

Generating of keys is handled by the openssl command line tool (not part of Lockbox). Generating a private 2048-bit RSA key in PEM format with no password can be done with this command:

openssl genrsa -out private.pem 2048

To create a key with a password, simply add the -des3 flag, which will prompt for password input before the key is created:

openssl genrsa -des3 -out private.pem 2048

This private key must be kept secret, and treated as sensitive data. Private keys are the only keys capable of decrypting data. Public keys, on the other hand, are not as sensitive, and can be given to any party that will be responsible for encrypting data.

Lockbox is capable of extracting public keys from private keys, there is no need to create matching public key files; but if for some reason a public key file is required, this command will create one (from an RSA key in this example):

openssl rsa -pubout -in private.pem -out public.pem

Encrypting data

var lockbox = require('lockbox');

var data = 'Super secret data.';

var key = lockbox.keyFactory.createPrivateKeyFromFileSync(
    '/path/to/key.pem',
    'password'
);
var encrypted = lockbox.encrypt(key, data);

Encrypting multiple data packets with the same key

Lockbox includes 'bound' ciphers that are locked to a particular key. These type of ciphers are convenient for encrypting multiple data packets.

var lockbox = require('lockbox');

var data = [
    'Super secret data.',
    'Extra secret data.',
    'Mega secret data.'
];

var key = lockbox.keyFactory.createPrivateKeyFromFileSync(
    '/path/to/key.pem',
    'password'
);
var cipher = new lockbox.BoundEncryptionCipher(key);

var encrypted = [];
for (var i = 0; i < data.length; ++i) {
    encrypted.push(cipher.encrypt(data[i]));
}

Decrypting data

var lockbox = require('lockbox');

var encrypted = '<some encrypted data>';

var key = lockbox.keyFactory.createPrivateKeyFromFileSync(
    '/path/to/key.pem',
    'password'
);

var data;
try {
    data = lockbox.decrypt(key, encrypted);
} catch (error) {
    // decryption failed
}

Decrypting multiple data packets with the same key

Lockbox includes 'bound' ciphers that are locked to a particular key. These type of ciphers are convenient for decrypting multiple data packets.

var lockbox = require('lockbox');

var encrypted = [
    '<some encrypted data>',
    '<more encrypted data>',
    '<other encrypted data>'
];

var key = lockbox.keyFactory.createPrivateKeyFromFileSync(
    '/path/to/key.pem',
    'password'
);
var cipher = new lockbox.BoundDecryptionCipher(key);

var decrypted = [];
for (var i = 0; i < encrypted.length; ++i) {
    try {
        decrypted.push(cipher.decrypt(encrypted[i]));
    } catch (error) {
        // decryption failed
    }
}

Module exports

Instances

Functions

  • lockbox.encrypt(key, data) - Encrypts data using a public key. Throws lockbox.exception.InvalidPublicKeyException if an invalid key is supplied.
  • lockbox.decrypt(key, data) - Decrypts data using a private key. Throws lockbox.exception.DecryptionFailedException on error.

Classes

lockbox.KeyFactory

A factory for creating private and public keys from various sources.

  • createPrivateKey(key, [password]) - Creates a private key from a string. Throws lockbox.exception.InvalidPrivateKeyException if an invalid key is supplied.
  • createPublicKey(key) - Creates a public key from a string. Throws lockbox.exception.InvalidPublicKeyException if an invalid key is supplied.
  • createPrivateKeyFromFile(path, [password], callback) - Creates a private key from a file asynchronously. Any errors will be returned as the first argument to the callback (see the synchronous version for possible errors). Otherwise, the second argument to the callback will be the newly created key.
  • createPrivateKeyFromFileSync(path, [password]) - Creates a private key from a file synchronously. Throws lockbox.exception.ReadException if the file cannot be read. Throws lockbox.exception.InvalidPrivateKeyException if the file is an invalid key.
  • createPublicKeyFromFile(path, callback) - Creates a public key from a file asynchronously. Any errors will be returned as the first argument to the callback (see the synchronous version for possible errors). Otherwise, the second argument to the callback will be the newly created key.
  • createPublicKeyFromFileSync(path) - Creates a public key from a file synchronously. Throws lockbox.exception.ReadException if the file cannot be read. Throws lockbox.exception.InvalidPublicKeyException if the file is an invalid key.

lockbox.EncryptionCipher

A cipher for encrypting data.

  • encrypt(key, data) - Encrypts data using a public key. Throws lockbox.exception.InvalidPublicKeyException if an invalid key is supplied.

lockbox.DecryptionCipher

A cipher for decrypting data.

  • decrypt(key, data) - Decrypts data using a private key. Throws lockbox.exception.DecryptionFailedException on error.

lockbox.Cipher

A cipher for encrypting and decrypting data.

  • encrypt(key, data) - Encrypts data using a public key. Throws lockbox.exception.InvalidPublicKeyException if an invalid key is supplied.
  • decrypt(key, data) - Decrypts data using a private key. Throws lockbox.exception.DecryptionFailedException on error.

lockbox.BoundEncryptionCipher

A cipher for encrypting data, with a bound key.

  • new lockbox.BoundEncryptionCipher(key) - Constructs a new bound encryption cipher. Throws lockbox.exception.InvalidPublicKeyException if an invalid key is supplied.
  • encrypt(data) - Encrypts data using the bound public key.

lockbox.BoundDecryptionCipher

A cipher for decrypting data, with a bound key.

  • new lockbox.BoundDecryptionCipher(key) - Constructs a new bound decryption cipher. Throws lockbox.exception.InvalidPrivateKeyException if an invalid key is supplied.
  • decrypt(data) - Decrypts data using the bound private key. Throws lockbox.exception.DecryptionFailedException on error.

lockbox.BoundCipher

A cipher for encrypting and decrypting data, with a bound key.

  • new lockbox.BoundCipher(key) - Constructs a new bound cipher. Throws lockbox.exception.InvalidPrivateKeyException if an invalid key is supplied.
  • encrypt(data) - Encrypts data using the public key derived from the bound private key.
  • decrypt(data) - Decrypts data using the bound private key. Throws lockbox.exception.DecryptionFailedException on error.

Exceptions

  • lockbox.exception.DecryptionFailedException - Decryption failed.
  • lockbox.exception.InvalidPrivateKeyException - The supplied key is not a valid PEM formatted private key.
  • lockbox.exception.InvalidPublicKeyException - The supplied key is not a valid PEM formatted public key.
  • lockbox.exception.ReadException - Unable to read from the specified path.