Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
ncrypt-js
Advanced tools
Readme
NcryptJs is a light weight javascript data encryption and decryption library. This library implements the nodejs default crypto functionality as a mid-channel cipher in addition to a simple and elegant custom data encoding and encryption algorithm.
This library is available through these javascript node package manager npm and yarn.
To use this library, first ensure you have a package manager initialized either with npm or yarn
# for npm use:
npm install --save ncrypt-js
# for yarn use:
yarn add ncrypt-js
To include ncrypt-js in your project. use one of these:
// ES6 and later
import ncrypt from "ncrypt-js";
// or import { ncrypt } from "ncrypt-js"
However, if you are using ECMAScript 5 and older, use the require statement:
// ES5 and older
var { ncrypt } = require("ncrypt-js");
NcryptJs is a simple library with only two two exposed functions. This is all intentional mainly to keep everything simple. This is a complete documentation of the library and how to use it in your project. All examples work on both ECMAScript 6 (and later) and ECMAScript 5 (and older).
Methods | Description | Parameters | Return |
---|---|---|---|
[static] randomString() | Random String. | size: number - An optional size of the generated randomBytes . enc: base64/hex - Encoding used for encoding the randomBytes defaults to base64 | encoded: string - encoded string. |
encrypt() | Encrypts data. | data: object/string/number/boolean - The data to be encrypted. | ciphered: string - encrypted data. |
decrypt() | Decrypts the encrypted or ciphered data | encodedData: string - The encrypted data: string to be decrypted. | data: string/object/number/boolean - The decrypted or original data (it might be string or object, depends on the initial input data type). |
The randomString()
static method can generate random bytes encoded into a hexadecimal
or base64
strings. This string can be useful in a variety of use cases e.g to generate database ids, to generate a unique string for a list, a unique serial strings etc.
var { ncrypt } = require('ncrypt-js'); // or import ncrypt from 'ncrypt-js'
var randomStr = ncrypt.randomString(8, 'base64');
console.log(randomStr) // t78WcmYAFOY=
// signature
ncrypt.randomString(size?: number, enc?: 'base64' | 'hex');
The encrypt()
and decrypt()
methods as of version 2.0.0 directly importing or invoking these methods is deprecated
, an object must first be created with a secret, before the methods can then be invoked on the created object.
To encrypt
and decrypt
data, simply use encrypt()
and decrypt()
methods respectively. This will use AES-256-CBC
encryption algorithm as the mid-channel cipher.
- var { encrypt, decrypt } = require("ncrypt-js");
+ var { ncrypt } = require("ncrypt-js");
var data = "Hello World!";
var _secretKey = "some-super-secret-key";
+ var { encrypt, decrypt } = new ncrypt(_secretKey);
// encrypting super sensitive data here
- var encryptedData = encrypt(data, _secretKey);
+ var encryptedData = encrypt(data);
console.log("Encryption process...");
console.log("Plain Text : " + data);
console.log("Cipher Text : " + encryptedData);
// decrypted super encrypted string here
var decryptedData = decrypt(encryptedData);
console.log("... and then decryption...");
console.log("Decipher Text : " + decryptedData);
console.log("...done.");
var { ncrypt } = require("ncrypt-js");
var data = "Hello World!";
var _secretKey = "some-super-secret-key";
var ncryptObject = new ncrypt(_secretKey);
// encrypting super sensitive data here
var encryptedData = ncryptObject.encrypt(data);
console.log("Encryption process...");
console.log("Plain Text : " + data);
console.log("Cipher Text : " + encryptedData);
// decrypted super encrypted data here
var decryptedData = ncryptObject.decrypt(encryptedData);
console.log("... and then decryption...");
console.log("Decipher Text : " + decryptedData);
console.log("...done.");
Encryption and decryption of JavaScript object literal has never been simpler than this.
To encrypt and decrypt JavaScript object literal, simply use encrypt()
and decrypt()
function from an instance. This will use AES-CBC encryption algorithm.
var { ncrypt } = require("ncrypt-js");
var _secretKey = "some-super-secret-key";
var object = {
NycryptJs: "is cool and fun.",
You: "should try it!"
}
var ncryptObject = new ncrypt('ncrypt-js');
// encrypting super sensitive data here
var encryptedObject = ncryptObject.encrypt(object);
console.log("Encryption process...");
console.log("Plain Object : ", object);
console.log("Encrypted Object : " + encryptedObject);
// decrypted super sensitive data here
var decryptedObject = ncryptObject.decrypt(encryptedObject);
console.log("... and then decryption...");
console.log("Decipher Text : ", decryptedObject);
console.log("...done.");
If you are using any sort of environmental key-value store, e.g .env
and for additional security, you can add the following to your environment.
# .env
# used internally to set the `key`
KEY='sshhhh this is a super secret key'
# used internally to set the `encoding` - ['base64' | 'binary' | 'hex' | 'ucs-2' | 'ucs2' | 'utf16le']
NCRPT_ENC='hex'
SECRET='this is our hashing secret'
When creating your object, you can use the SECRET
from your environment e.g:
var { ncrypt } = require('ncrypt-js');
var { encrypt, decrypt } = new ncrypt(process.env.SECRET);
...
NOTE: The secret is required to decrypt the encrypted data, if the secret used to encrypt a specific data is lost, then that data cannot be decripted.
Written in TypeScript, built into ECMAScript 5 using the TypeScript compiler.
To contribute, simply fork this project, and issue a pull request.
We use SemVer for version management. For the versions available, see the tags on this repository.
This project is licensed under the MIT License - see the LICENSE file for details
FAQs
a light weight javascript data encryption and decryption library
The npm package ncrypt-js receives a total of 1,411 weekly downloads. As such, ncrypt-js popularity was classified as popular.
We found that ncrypt-js demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.