Pure javascript/typescript encryption without any depedencies
strong-cryptor is lightweight utility to manage strong encryption and decryption with aes-256-cbc algorithm, strong-cryptor not using any depedencies to process the encryption and decryption, with strong-cryptor you can simplify the process of encryption and decryption as simple as just calling encrypt()
and decrypt
function. This library is pure Javascript library built with Typescript targeting ECMAScript 5(ES5), so it's compatible with most Node.Js backend or Javascript frontend applications.
Idea behind this project is to avoid the same pattern of every encrypted data that can be learned by attacker and make it easy to decrypted by the attacker. with strong-cryptor every encryption process will have different result, even the data is same
What's New in 2.2.0
- File encryption support.
- Add new feature to write the result of encryption/decryption to a file.
- Change function base to class base.
For full changelog, please refers to Release Page.
The old encrypt()
and decrypt()
function are deprecated, and will be fully removed in version 3.0.0, please use class base instead.
Concept behind strong-cryptor is to create randomize IV(Initial Vector) in every encryption process, and embed the IV to the result of encryption process
Command | Result |
---|---|
encrypt('test') | a0aade621f5e00dd21.... |
encrypt('test') | d0dac814ee1f11be08.... |
Concept behind Encryption Count feature is to enable strong-cryptor to encrypt more than 1 times.
example if you want tou encrypt text Hello guys, i am just plain text
for 3 times
Encryption Count | Result |
---|---|
0 | Hello guys, i am just plain text |
1 | EiTvqlAtcXPhT5k+LZDhGQH1eAtUrczPsY... |
2 | zH2bXMRM3iYl6ZCRB2J3bgx8kXo9LaXy+iBJeJwOmTS7OWfGXBk/nIDR... |
3 | U2ghFawbO2VGhsk/l+bc/QYUzBLAXQJsrhkyzRK8s0GTGIuO+OUQMt3s57J2nPUD.... |
with this concept, the encryption result will more hard for the attacker to learn the pattern of the encryption process.
Note : size of encryption result depends on how many times the encryption run
To get this library included on your project, first, you can use package manager like npm or yarn command to get strong-cryptor.
npm i strong-cryptor
or
yarn add strong-cryptor
For full documentation please refers to Doc folder.
To use strong-cryptor encryption first import Encryptor
class from strong-cryptor
import { Encryptor } from 'strong-cryptor'
then create a key and new instance of Encryptor class with following parameters
- options - encryption options, see IEncryptionOptionsClassBase
import { Encryptor } from 'strong-cryptor'
const key = 'AHBSGTEUET125STSGBDHDJKXMPLKIU12' // store this key in secure place
const encryptor = new Encryptor({ key })
then encrypt your data with encrypt(data)
import { Encryptor } from 'strong-cryptor'
const data = 'your sensitive data'
const key = 'AHBSGTEUET125STSGBDHDJKXMPLKIU12' // store this key in secure place
const encryptor = new Encryptor({ key })
const encryptedData = encryptor.encrypt(data)
The code above will use aes-256-cbc
encryption algorithm and base64 encoding as default encoding.
And to use strong-cryptor decryption you need import Decryptor
class from strong-cryptor
import { Decryptor } from 'strong-cryptor'
Then create new instance of Encryptor class with following parameters
- options - encryption options, see IDecryptionOptionsClassBase
Full code :
import { Encryptor } from 'strong-cryptor'
const data = 'your sensitive data'
const key = 'AHBSGTEUET125STSGBDHDJKXMPLKIU12' // store this key in secure place
const encryptor = new Encryptor({ key })
const encryptedData = encryptor.encrypt(data)
const decryptor = new Decryptor({ key })
decryptor.decrypt(encryptedData)
To make sure your encrypted data is secure, strong-cryptor providing a new feature called Encryption Count
, this feature will encrypt your data as many as you want.
To use this feature you only need to fill up the encryption options.
import { Encryptor } from 'strong-cryptor'
const data = 'your sensitive data'
const key = 'AHBSGTEUET125STSGBDHDJKXMPLKIU12' // store this key in secure place
const encryptor = new Encryptor({ key, encryptionCount: 5 })
const encryptedData = encryptor.encrypt(data)
const decryptor = new Decryptor({ key, encryptionCount: 5 })
decryptor.decrypt(encryptedData)
Or
import { Encryptor } from 'strong-cryptor'
const data = 'your sensitive data'
const key = 'AHBSGTEUET125STSGBDHDJKXMPLKIU12' // store this key in secure place
const encryptor = new Encryptor({ key })
const encryptedData = encryptor.encrypt(data, { encryptionCount: 5 })
const decryptor = new Decryptor({ key })
decryptor.decrypt(encryptedData, { encryptionCount: 5 })
Make sure that you provide the encryptionCount at the decryption process too.
From version 2.2.0 strong-cryptor support for encrypting a file.
import { Encryptor } from 'strong-cryptor'
const key = 'AHBSGTEUET125STSGBDHDJKXMPLKIU12' // store this key in secure place
const encryptor = new Encryptor({ key })
const encryptedData = encryptor.encryptFile('path_to_your_file')
const decryptor = new Decryptor({ key })
decryptor.decryptFile(encryptedData, { toBuffer: true })
If you want to write your encryption/decryption result to some file, just fill up writeToFile
property in encryption/decryption options.
import { Encryptor } from 'strong-cryptor'
const data = 'your sensitive data'
const key = 'AHBSGTEUET125STSGBDHDJKXMPLKIU12' // store this key in secure place
const encryptor = new Encryptor({ key })
const encryptedData = encryptor.encrypt(data, { writeToFile: 'path_to_file' })
const decryptor = new Decryptor({ key })
decryptor.decrypt(encryptedData, { writeToFile: 'path_to_file' })
strong-cryptor can also generate a key for encryption/decryption process.
but we don't guarantee that the key is secure.
import { genKey } from 'strong-cryptor'
const key = genKey() // please store this key in the safe place
The genKey()
will return a 256bits / 32 characters string.
Written in TypeScript, built into ECMAScript 5 using the TypeScript compiler.
This project already using Travis for CI/CD purpose, and Codacy for code review and analytics. To contribute, simply fork this project, and issue a pull request.
This project using commitizen & cz-conventional-changelog for commit purpose, make sure when you commit a new change, you're using
yarn commit
instead ofgit commit
or your PR will be rejected.
We use SemVer for version management and semantic-release for automated release. For the versions available, see the releases on this repository.
- Rizky Arif Nur Choir - RizkyArifNur
See also the list of contributors who participated in this project. .