Security News
NVD Quietly Sweeps 100K+ CVEs Into a “Deferred” Black Hole
NVD now marks all pre-2018 CVEs as "Deferred," signaling it will no longer enrich older vulnerabilities, further eroding trust in its data.
By Sarah Gooding - Apr 04, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
What is cryptr?
Cryptr is a simple encryption and decryption library for Node.js. It uses the AES-256-GCM algorithm to securely encrypt and decrypt strings.
What are cryptr's main functionalities?
Encryption
This feature allows you to encrypt a string using a secret key. The encrypted string can be safely stored or transmitted.
const Cryptr = require('cryptr');
const cryptr = new Cryptr('myTotallySecretKey');
const encryptedString = cryptr.encrypt('myString');
console.log(encryptedString);Decryption
This feature allows you to decrypt a previously encrypted string using the same secret key. The decrypted string is the original plaintext.
const Cryptr = require('cryptr');
const cryptr = new Cryptr('myTotallySecretKey');
const decryptedString = cryptr.decrypt(encryptedString);
console.log(decryptedString);Other packages similar to cryptr
crypto-js
CryptoJS is a widely-used library that provides a variety of cryptographic algorithms including AES, DES, and SHA. It offers more flexibility and options compared to Cryptr, but may require more configuration.
bcrypt
Bcrypt is a library specifically designed for hashing passwords. While it does not provide general-purpose encryption and decryption like Cryptr, it is highly effective for securely storing passwords.
node-forge
Node-forge is a comprehensive library that provides a wide range of cryptographic tools including encryption, decryption, hashing, and digital signatures. It is more feature-rich compared to Cryptr but also more complex to use.
cryptr
cryptr is a simple aes-256-gcm encrypt and decrypt module for node.js
It is for doing simple encryption of values UTF-8 strings that need to be decrypted at a later time.
If you require anything more than that you probably want to use something more advanced or crypto directly.
The Cryptr constructor takes 1 required argument, and an optional options object.
Cryptr(secret[, options])
- secret:
<string> - options:
<Object>- encoding:
<string>Defaults to 'hex' (see Node.js Buffer documentation for valid options) - pbkdf2Iterations:
<number>Defaults to 100000 - saltLength:
<number>Defaults to 64
- encoding:
The salt and iv are randomly generated and prepended to the result.
DO NOT USE THIS MODULE FOR ENCRYPTING PASSWORDS!
Passwords should be a one way hash. Use bcrypt for that.
Install
npm install cryptr
Usage
const Cryptr = require('cryptr');
const cryptr = new Cryptr('myTotallySecretKey');
const encryptedString = cryptr.encrypt('bacon');
const decryptedString = cryptr.decrypt(encryptedString);
console.log(encryptedString); // 2a3260f5ac4754b8ee3021ad413ddbc11f04138d01fe0c5889a0dd7b4a97e342a4f43bb43f3c83033626a76f7ace2479705ec7579e4c151f2e2196455be09b29bfc9055f82cdc92a1fe735825af1f75cfb9c94ad765c06a8abe9668fca5c42d45a7ec233f0
console.log(decryptedString); // bacon
With Options
const Cryptr = require('cryptr');
const cryptr = new Cryptr('myTotallySecretKey', { encoding: 'base64', pbkdf2Iterations: 10000, saltLength: 10 });
const encryptedString = cryptr.encrypt('bacon');
const decryptedString = cryptr.decrypt(encryptedString);
console.log(encryptedString); // CPbKO/FFLQ8lVKxV+jYJcLcpTU0ZvW3D+JVfUecmJmLYY10UxYEa/wf8PWDQqhw=
console.log(decryptedString); // bacon
FAQs
a simple encrypt and decrypt module for node.js
We found that cryptr demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 04 Sep 2023
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Security News
Lazarus Expands Malicious npm Campaign: 11 New Packages Add Malware Loaders and Bitbucket Payloads
Lazarus-linked threat actors expand their npm malware campaign with new RAT loaders, hex obfuscation, and over 5,600 downloads across 11 packages.
By Kirill Boychenko - Apr 04, 2025
Security News
Safari 18.4 Ships 3 New JavaScript Features from the TC39 Pipeline
Safari 18.4 adds support for Iterator Helpers and two other TC39 JavaScript features, bringing full cross-browser coverage to key parts of the ECMAScript spec.
By Sarah Gooding - Apr 03, 2025