node-cipher
Securely encrypt sensitive files for use in public source control. Find on NPM.
Why should I use node-cipher?
Let's say you have a file in your project name config.json
which contains sensitive information like private keys and database passwords. What should you do if you need to publicly host a repository containing this file? Certainly you wouldn't want to make the contents of config.json
visible to the outside world.
You could remove the file from source control and send the file to everyone in your team every time you update the file, but this approach is very cumbersome. Instead, you can use node-cipher to encrypt the file and add the encrypted version to source control. This can later be decrypted by each team member independently with a password that you provide. Every time you or one of your team members makes a change to config.json
, just re-encrypt the file and commit. It's that easy!
Don't forget to add the original config.json
file to .gitignore
!
:exclamation: If you're looking for the node-cipher command line tool, it has moved to node-cipher-cli.
Install
$ npm install node-cipher
Options
Name | Type | Description | Required | Default |
---|
input | string | The file that you wish to encrypt or decrypt. | ✓ | |
output | string | The file that you wish to save the encrypted or decrypted contents to. This file does not necessarily need to exist beforehand. | ✓ | |
password | string | The password to use when deriving the encryption key. | ✓ | |
salt | string | The salt to use when deriving the encryption key. | | "nodecipher" |
iterations | number | The number of iterations to use when deriving the key. The higher the number of iterations, the more secure the derived key will be, but will take a longer amount of time to complete. | | 1000 |
keylen | number | The desired byte length for the derived key. | | 512 |
digest | string | The HMAC digest algorithm with which to derive the key. | | "sha1" |
algorithm | string | The cipher algorithm to use when encrypting or decrypting the input file. Use list() to see a list of available cipher algorithms. | | "cast5-cbc" |
Methods
encrypt()
encrypt(options[, callback[, scope]])
Encrypts a file using the options provided. Returns undefined
.
Parameters
Parameter | Type | Description | Required |
---|
options | Object | See options. | ✓ |
callback | Function | The function to call when the encryption has completed. | |
scope | Object | The scope for the callback function parameter, if provided. | |
Example
Encrypts config.json
into config.json.cast5
using the password "passw0rd"
.
let nodecipher = require('node-cipher');
nodecipher.encrypt({
input: 'config.json',
output: 'config.json.cast5',
password: 'passw0rd'
}, function (err) {
if (err) throw err;
console.log('config.json encrypted.');
});
encryptSync()
encryptSync(options)
The synchronous version of encrypt()
. Returns undefined
.
Parameters
Parameter | Type | Description | Required |
---|
options | Object | See options. | ✓ |
Example
Synchronously encrypts config.json
into config.json.cast5
using the password "passw0rd"
.
let nodecipher = require('node-cipher');
nodecipher.encryptSync({
input: 'config.json',
output: 'config.json.cast5',
password: 'passw0rd'
});
decrypt()
decrypt(options[, callback[, scope]])
Decrypts a file using the options provided. Returns undefined
.
Parameters
Parameter | Type | Description | Required |
---|
options | Object | See options. | ✓ |
callback | Function | The function to call when the decryption has completed. | |
scope | Object | The scope for the callback function parameter, if provided. | |
Example
Decrypts config.json.cast5
back into config.json
using the password "passw0rd"
.
let nodecipher = require('node-cipher');
nodecipher.decrypt({
input: 'config.json.cast5',
output: 'config.json',
password: 'passw0rd'
}, function (err) {
if (err) throw err;
console.log('config.json.cast5 decrypted.');
});
decryptSync()
decryptSync(options)
The synchronous version of decrypt()
. Returns undefined
.
Parameters
Parameter | Type | Description | Required |
---|
options | Object | See options. | ✓ |
Example
Synchronously decrypts config.json.cast5
back into config.json
using the password "passw0rd"
.
let nodecipher = require('node-cipher');
nodecipher.decryptSync({
input: 'config.json.cast5',
output: 'config.json',
password: 'passw0rd'
});
list()
list():Array
Lists all available cipher algorithms as an Array. Returns Array
.
Example
let nodecipher = require('node-cipher');
console.log(nodecipher.list());
Debug
Node-cipher implements debug for development logging. To set up node-cipher with debug, set the following environment variables:
Mac OS:
$ export DEBUG=nodecipher:*
Windows:
$ set DEBUG=nodecipher:*
Authors
License
MIT