Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

node-cipher

Package Overview
Dependencies
Maintainers
1
Versions
38
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

node-cipher - npm Package Compare versions

Comparing version 5.0.1 to 6.0.0

bin/actions/cipher.js
bin/cli.js

32

lib/node-cipher.js

@@ -21,2 +21,3 @@ /**

* @const {Array} ALL_CIPHERS
* @see {@link https://nodejs.org/api/crypto.html#crypto_crypto_getciphers}
*/

@@ -26,2 +27,8 @@ const ALL_CIPHERS = crypto.getCiphers();

/**
* @const {Array} ALL_HASHES
* @see {@link https://nodejs.org/api/crypto.html#crypto_crypto_gethashes}
*/
const ALL_HASHES = crypto.getHashes();
/**
* @const {string} DEFAULT_SALT

@@ -294,2 +301,10 @@ */

// Verify that the chosen digest is valid.
if (!_.includes(ALL_HASHES, options.digest)) {
errors.push({
path: 'digest',
message: `"${options.digest}" is not a valid HMAC hash digest.`
});
}
return errors;

@@ -322,3 +337,4 @@ }

* - decryptSync()
* - list():Array
* - listAlgorithms():Array
* - listHashes():Array
*/

@@ -380,3 +396,3 @@

*/
list() {
listAlgorithms() {
return ALL_CIPHERS;

@@ -386,2 +402,12 @@ }

/**
* Lists all valid HMAC hashes.
*
* @returns {Array}
* @access public
*/
listHashes() {
return ALL_HASHES;
}
/**
* Gets NodeCipher defaults.

@@ -463,4 +489,2 @@ *

NodeCipher.Defaults = {
input: undefined,
output: undefined,
password: undefined,

@@ -467,0 +491,0 @@ salt: DEFAULT_SALT, // 'nodecipher'

12

package.json
{
"name": "node-cipher",
"version": "5.0.1",
"version": "6.0.0",
"description": "Securely encrypt sensitive files for use in public source control.",

@@ -31,6 +31,10 @@ "main": "index.js",

"dependencies": {
"chalk": "^1.1.1",
"commander": "^2.9.0",
"debug": "^2.2.0",
"fs-extra": "^0.26.4",
"inquirer": "^0.11.2",
"lodash": "^4.0.0",
"validate": "^3.0.1"
"validate": "^3.0.1",
"yargs": "^3.32.0"
},

@@ -41,4 +45,8 @@ "devDependencies": {

"randomstring": "^1.1.3",
"shelljs": "^0.5.3",
"tmp": "0.0.28"
},
"bin": {
"nodecipher": "./bin/cli.js"
}
}

184

README.md

@@ -6,4 +6,10 @@ node-cipher [![Build Status](https://travis-ci.org/nathanbuchar/node-cipher.svg?branch=master)](https://travis-ci.org/nathanbuchar/node-cipher)

**Why should I use node-cipher?**
**What is node-cipher?**
Node-cipher is both a command line tool and a Node JS package which allows you to easily encrypt or decrypt files containing sensitive information. This way, you can safely add encrypted files to a public repository, even if they contain API keys and passwords.
**Why would I use node-cipher?**
Let's say you have a file in your project name `config.json` which contains sensitive information like private keys and database passwords. What should you do if you need to publicly host a repository containing this file? Certainly you wouldn't want to make the contents of `config.json` visible to the outside world.

@@ -15,186 +21,40 @@

***
**:exclamation: If you're looking for the node-cipher command line tool, it has moved to [node-cipher-cli](http://github.com/nathanbuchar/node-cipher-cli).**
***
Installation
------------
Install
-------
**Command Line Interface**
```
$ npm install node-cipher
$ npm install -g node-cipher
```
Options
-------
|Name|Type|Description|Required|Default|
|:---|:--:|:----------|:------:|:-----:|
|`input`|`string`|The file that you wish to encrypt or decrypt.|✓||
|`output`|`string`|The file that you wish to save the encrypted or decrypted contents to. This file does not necessarily need to exist beforehand.|✓||
|`password`|`string`|The password to use when deriving the encryption key.|✓||
|`salt`|`string`|The salt to use when deriving the encryption key.||`"nodecipher"`|
|`iterations`|`number`|The number of iterations to use when deriving the key. The higher the number of iterations, the more secure the derived key will be, but will take a longer amount of time to complete.||`1000`|
|`keylen`|`number`|The desired byte length for the derived key.||`512`|
|`digest`|`string`|The HMAC digest algorithm with which to derive the key.||`"sha1"`|
|`algorithm`|`string`|The cipher algorithm to use when encrypting or decrypting the input file. Use [`list()`](#list) to see a list of available cipher algorithms.||`"cast5-cbc"`|
Methods
-------
* [`encrypt()`](#encrypt)
* [`encryptSync()`](#encryptsync)
* [`decrypt()`](#decrypt)
* [`decryptSync()`](#decryptsync)
* [`list()`](#list)
***
### encrypt()
##### `encrypt(options[, callback[, scope]])`
Encrypts a file using the [options](#options) provided. Returns `undefined`.
#### Parameters
|Parameter|Type|Description|Required|
|--------:|:--:|:----------|:------:|
|`options`|`Object`|See [options](#options).|✓|
|`callback`|`Function`|The function to call when the encryption has completed.||
|`scope`|`Object`|The scope for the `callback` function parameter, if provided.||
#### Example
Encrypts `config.json` into `config.json.cast5` using the password `"passw0rd"`.
```js
let nodecipher = require('node-cipher');
nodecipher.encrypt({
input: 'config.json',
output: 'config.json.cast5',
password: 'passw0rd'
}, function (err) {
if (err) throw err;
console.log('config.json encrypted.');
});
**Node JS**
```
***
### encryptSync()
##### `encryptSync(options)`
The synchronous version of [`encrypt()`](#encrypt). Returns `undefined`.
#### Parameters
|Parameter|Type|Description|Required|
|--------:|:--:|:----------|:------:|
|`options`|`Object`|See [options](#options).|✓|
#### Example
Synchronously encrypts `config.json` into `config.json.cast5` using the password `"passw0rd"`.
```js
let nodecipher = require('node-cipher');
nodecipher.encryptSync({
input: 'config.json',
output: 'config.json.cast5',
password: 'passw0rd'
});
$ npm install node-cipher
```
***
### decrypt()
##### `decrypt(options[, callback[, scope]])`
Decrypts a file using the [options](#options) provided. Returns `undefined`.
#### Parameters
|Parameter|Type|Description|Required|
|--------:|:--:|:----------|:------:|
|`options`|`Object`|See [options](#options).|✓|
|`callback`|`Function`|The function to call when the decryption has completed.||
|`scope`|`Object`|The scope for the `callback` function parameter, if provided.||
#### Example
Decrypts `config.json.cast5` back into `config.json` using the password `"passw0rd"`.
```js
let nodecipher = require('node-cipher');
nodecipher.decrypt({
input: 'config.json.cast5',
output: 'config.json',
password: 'passw0rd'
}, function (err) {
if (err) throw err;
console.log('config.json.cast5 decrypted.');
});
```
***
### decryptSync()
##### `decryptSync(options)`
Documentation
-------------
The synchronous version of [`decrypt()`](#decrypt). Returns `undefined`.
The documentation is pretty extensive, and it's split into two pieces.
#### Parameters
|Parameter|Type|Description|Required|
|--------:|:--:|:----------|:------:|
|`options`|`Object`|See [options](#options).|✓|
**How to use the Command Line Interface**
[Documentation](https://github.com/nathanbuchar/node-cipher-cli/blob/master/docs/cli.md)
#### Example
**Using the Node JS API**
[Documentation](https://github.com/nathanbuchar/node-cipher-cli/blob/master/docs/api.md)
Synchronously decrypts `config.json.cast5` back into `config.json` using the password `"passw0rd"`.
```js
let nodecipher = require('node-cipher');
nodecipher.decryptSync({
input: 'config.json.cast5',
output: 'config.json',
password: 'passw0rd'
});
```
***
### list()
##### `list():Array`
Debugging
---------
Lists all available cipher algorithms as an Array. Returns `Array`.
#### Example
```js
let nodecipher = require('node-cipher');
console.log(nodecipher.list());
// => ['CAST-cbc', 'aes-128-cbc', ..., 'seed-ofb']
```
***
Debug
-----
Node-cipher implements [debug](https://github.com/visionmedia/debug) for development logging. To set up node-cipher with debug, set the following environment variables:

@@ -201,0 +61,0 @@ 

.npmignore

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc