🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@ecies/ciphers

Package Overview
Dependencies
Maintainers
0
Versions
5
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@ecies/ciphers

Node/Pure JavaScript symmetric ciphers adapter

0.2.3
latest
Source
npm
Version published
Maintainers
0
Created
Source

@ecies/ciphers

License NPM Package NPM Downloads Install size CI Codecov

Node/Pure JavaScript symmetric ciphers adapter.

If native implementations are available on some platforms (e.g. node, deno, bun), it'll use node:crypto for efficiency.

Otherwise (e.g. browser, react native), it'll use @noble/ciphers for compatibility.

aeschacha
Nodenode:cryptonode:crypto
Bunnode:crypto@noble/ciphers
Denonode:crypto@noble/ciphers
Browser@noble/ciphers@noble/ciphers
React Native@noble/ciphers@noble/ciphers

[!NOTE] You may need to polyfill crypto.getRandomValues for React Native.

There are some limitations, see Known limitations below.

This library is tree-shakeable, unused code will be excluded by bundlers.

Check the example folder for bun/deno usage.

Quick start

import { aes256gcm } from "@ecies/ciphers/aes";
import { randomBytes } from "@noble/ciphers/webcrypto";

const TEXT = "hello world🌍!";
const encoder = new TextEncoder();
const decoder = new TextDecoder();
const msg = encoder.encode(TEXT);

const key = randomBytes();
const nonce = randomBytes(16);
const cipher = aes256gcm(key, nonce);
console.log("decrypted:", decoder.decode(cipher.decrypt(cipher.encrypt(msg))));

The API follows @noble/ciphers's API for ease of use, you can check their examples as well.

Supported ciphers

  • aes-256-gcm
    • Both 16 bytes and 12 bytes nonce are supported.
  • aes-256-cbc
    • Only for legacy applications. You should use xchacha20-poly1305 or aes-256-gcm as possible.
    • Nonce is always 16 bytes.
  • chacha20-poly1305
    • Nonce is always 12 bytes.
  • xchacha20-poly1305
    • Nonce is always 24 bytes.

If key is fixed and nonce is less than 16 bytes, avoid randomly generated nonce.

Known limitations

  • xchacha20-poly1305 is implemented with pure JS hchacha20 function and node:crypto's chacha20-poly1305 on node.
  • Currently (Mar 2025), node:crypto's chacha20-poly1305 is not supported on deno and bun, @noble/ciphers's implementation is used on both platforms instead.
  • Some old versions of deno do not support indirect conditional exports. If you use this library to build another library, client code of your library may fall back to the node:crypto implementation and not work properly, specifically aes-256-gcm (16 bytes nonce) and chacha20-poly1305. If you found such a problem, upgrade deno to the latest version.

Keywords

cryptography
cipher
aes
chacha
chacha20
chacha20poly1305

FAQs

Package last updated on 06 Mar 2025

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Malicious Koishi Chatbot Plugin Exfiltrates Messages Triggered by 8-Character Hex Strings

Research

Security News

Malicious Koishi Chatbot Plugin Exfiltrates Messages Triggered by 8-Character Hex Strings

Malicious Koishi plugin silently exfiltrates messages with hex strings to a hardcoded QQ account, exposing secrets in chatbots across platforms.

By Kirill Boychenko  -  May 19, 2025