Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@tsmx/string-crypto

Package Overview
Dependencies
Maintainers
1
Versions
7
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@tsmx/string-crypto

Encrypt and decrypt strings.

  • 1.0.6
  • latest
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
757
increased by5.43%
Maintainers
1
Weekly downloads
 
Created
Source

@tsmx/string-crypto

License: MIT npm (scoped) node-current (scoped) Build Status Coverage Status

Encrypt and decrypt strings.

Usage

Key passed via environment variable

const sc = require('@tsmx/string-crypto');

let mySecret = 'My secret string';

let encrypted = sc.encrypt(mySecret);
// '28bedae6f6497f68abe403fb88df340e|2071d6458...'

let decrypted = sc.decrypt(encrypted); 
// 'My secret string'

Key passed directly via options

const sc = require('@tsmx/string-crypto');

let mySecret = 'My secret string';

let encrypted = sc.encrypt(mySecret, { key: '0123456789qwertzuiopasdfghjklyxc' });
// 'ba7bbb57674a198ad6cb7ff65801f9c9|a49cff4c9...'

let decrypted = sc.decrypt(encrypted, { key: '0123456789qwertzuiopasdfghjklyxc' }); 
// 'My secret string'

API

encrypt(value, options = null)

Encrypts value and returns the encrypted string. The key for encryption is taken from options.key or the environment variable ENCRYPTION_KEY if no options are present.

value

Type: String

The string that should be encrypted.

options

Type: Object Default: null

Object containing the supported options for encryption. Please also refer to the notes.

options = {
    key: 'YOUR KEY HERE',
    passNull: false
};
options.key

Type: String Default: null

The key used for encryption. If not present, the key is retrieved from the environment variable ENCRYPTION_KEY.

options.passNull

Type: Boolean Default: false

Sometimes it is helpful to let a value of null pass the encryption though null can't be encrypted either. If set to true the decrypt function will return null if value is null. Defaults to false, then an exception is thrown if the passed value is null.

sc.encrypt(null); // throwing Error
sc.encrypt(null,  { passNull: true }); // null

decrypt(value, options = null)

Decrypts value and returns the decrypted string. The key for decryption is taken from options.key or the environment variable ENCRYPTION_KEY if no options are present.

value

Type: String

The string that should be decrypted. Must be in the form that encrypt puts out.

options

Type: Object Default: null

Object containing the supported options for decryption. Please also refer to the notes.

options = {
    key: 'YOUR KEY HERE',
    passNull: false
};
options.key

Type: String Default: null

The key used for decryption. If not present, the key is retrieved from the environment variable ENCRYPTION_KEY.

options.passNull

Type: Boolean Default: false

Sometimes it is helpful to let a value of null pass the decryption though null can't be decrypted either. If set to true the decrypt function will return null if value is null. Defaults to false, then an exception is thrown if the passed value is null.

sc.decrypt(null); // throwing Error
sc.decrypt(null,  { passNull: true }); // null

Notes

Simple helper package to encrypt and decrypt string based on standard NodeJS Crypto functions.

  • Used cipher: AES-256-CBC with initialization vector (crypto.createCipheriv)
  • IV generation with crypto.randomBytes
  • Key length must be 32 bytes. The key can be provided as
    • a string of 32 characters length, or
    • a hexadecimal value of 64 characters length (= 32 bytes)
  • If no key is directly passed via options.key it is retrieved from the environment variable ENCRYPTION_KEY.
  • Result: string containing the initialization vector and the encrypted value separated by '|'

Keywords

FAQs

Package last updated on 18 Jun 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc