Skip to content

Latest commit

 

History

History
41 lines (28 loc) · 2.18 KB

README.md

File metadata and controls

41 lines (28 loc) · 2.18 KB

cipher

Warning

Deprecated! This package has been deprecated. Please find details of the replacement package @sumup/cipher here

Build Status Coverage Status npm (scoped)

Encrypt/decrypt objects using aes-256-cbc algorithm

Install

npm i -SE @debitoor/cipher

Usage

const cipher = require('@debitoor/cipher')('secret');

try {
    const encrypted = cipher.encrypt({userId: '123456'});
    console.log(encrypted); // { iv: 'eb0911c423161f0488337e5007887581', data: 'fd9612df14729ec373214f151b62fab74f8d7c5756082e4d057632dc5ea8d088' }
    
    const decrypted = cipher.decrypt(encrypted);
    console.log(decrypted); // { userId: '123456' }

} catch (e) {
	// Handle error during encrypting/decrypting
}

API

  • cipher(secret) - return cipher instance with given secret key
  • cipherInstance.encrypt(json) - encrypt object with secret and random initialization vector. Returns {iv, data} where iv - initialization vector, data - encrypted object. Throws error if json is invalid.
  • cipherInstance.decrypt({iv, data}) - decrypt previously encrypted object. Takes {iv, data} as argument where iv - initialization vector¹, data - encrypted object. Throws error if wrong secret key or incorrect data provided.

¹ (https://nodejs.org/api/crypto.html#crypto_crypto_createcipheriv_algorithm_key_iv_options): Initialization vectors should be unpredictable and unique; ideally, they will be cryptographically random. They do not have to be secret: IVs are typically just added to ciphertext messages unencrypted. It may sound contradictory that something has to be unpredictable and unique, but does not have to be secret; it is important to remember that an attacker must not be able to predict ahead of time what a given IV will be.