Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
@kushki/pidcrypt
Advanced tools
Readme
This is a copy of the pidCrypt javascript crypto library with some modifications to make it compatible with node.js and browserify. Pidcrypt submodules are all accessible via require
, and will automatically pull in any other submodule dependencies if needed.
npm install --save pidcrypt
AES CBC is a relatively easy to use symmetric encryption method that has the added convenience of being compatible with openssl
(included on almost any *nix machine as well)
// Require seedrandom.js first to increase randomness for stronger encryption
require("pidcrypt/seedrandom")
var pidCrypt = require("pidcrypt")
require("pidcrypt/aes_cbc")
var aes = new pidCrypt.AES.CBC()
var pw = "some password";
var encrypted = aes.encryptText("some text", pw);
console.log("Encrypted text is: '%s'", encrypted);
// Encrypted text is: 'U2FsdGVkX19yGT01gBIBMJCEM7cBW6vc3ND06CyKu1w='
var decrypted = aes.decryptText(encrypted, pw);
console.log("Original text was: '%s'", decrypted);
// Original text was 'some text'
To perform the same encryption via openssl you'd use:
echo "some text" | openssl enc -aes-256-cbc -a -pass 'pass:some password'
// Require seedrandom.js first to increase randomness for stronger encryption
require("pidcrypt/seedrandom")
var pidCrypt = require("pidcrypt")
require("pidcrypt/aes_cbc")
var aes = new pidCrypt.AES.CBC()
var pw = "some password";
var encryptedText = 'U2FsdGVkX19yGT01gBIBMJCEM7cBW6vc3ND06CyKu1w=';
var decrypted = aes.decryptText(encryptedText, pw);
console.log("Decrypted text is: '%s'", decrypted);
// Decrypted text is: 'some text'
To decrypt this via openssl
you'd use:
echo U2FsdGVkX19yGT01gBIBMJCEM7cBW6vc3ND06CyKu1w= | openssl enc -aes-256-cbc -d -a -pass 'pass:some password'
You can load any of the modules included with pidcrypt in the same manner as the aes_cbc
module. For convenience here are all the included encryption/decryption modules:
aes_cbc
aes_ctr
asn1
jsbn
md5
prng4
rsa
sha1
sha256
sha512
You can use any module in the same manner as above:
// load pidcrypt
var pidCrypt = require("pidcrypt");
// grab your module
require("pidcrypt/<your module>");
// do stuff as per the pidcrypt documentation for that module...
See documentation on the pidcrypt site for more details.
FAQs
Node.js / browserify wrapper for the JS encryption libraries
The npm package @kushki/pidcrypt receives a total of 123 weekly downloads. As such, @kushki/pidcrypt popularity was classified as not popular.
We found that @kushki/pidcrypt demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.