UNPKG

better-cipher

Version:

A secure encryption library with browser and Node.js support using AES-GCM

github.com/siddharthborderwala/better-cipher

siddharthborderwala/better-cipher

136 lines (93 loc) 3.12 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
# Better Cipher A secure encryption library with browser and Node.js support using AES-256-GCM. ## Features - 🔒 AES-256-GCM encryption - 🌐 Works in both Node.js and browser environments - 🔄 Key rotation support - 📦 Zero dependencies (uses platform native crypto APIs) - 🎯 TypeScript support - ✨ Simple API ## Installation ```bash npm install better-cipher # or yarn add better-cipher # or pnpm add better-cipher ``` ## Usage ### Node.js ```typescript import { Cipher } from "better-cipher"; // Create a cipher instance with a 32-byte (64 hex characters) key const cipher = new Cipher( "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef" ); // Encrypt const encrypted = await cipher.encrypt("Hello, World!"); // { // iv: '...', // 24 characters (12 bytes in hex) // content: '...', // encrypted data in hex // authTag: '...' // authentication tag in hex // } // Decrypt const decrypted = await cipher.decrypt(encrypted); // 'Hello, World!' ``` ### Browser ```typescript import { Cipher } from "better-cipher"; // Same API as Node.js! const cipher = new Cipher( "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef" ); const encrypted = await cipher.encrypt("Hello, World!"); const decrypted = await cipher.decrypt(encrypted); ``` ### Key Rotation ```typescript import { Cipher } from 'better-cipher'; const oldKey = '0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef'; const newKey = 'fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210'; // Create a rotator function const rotator = Cipher.createRotator(oldKey, newKey); // Re-encrypt data with new key const oldEncrypted = /* ... previously encrypted data ... */; const newEncrypted = await rotator(oldEncrypted); ``` ## API Documentation ### `class Cipher` #### Constructor ```typescript constructor(secretKeyHex: string) ``` Creates a new Cipher instance. - `secretKeyHex`: A 32-byte (64 hex characters) key in hexadecimal format. - Throws if key is invalid (wrong length or non-hex characters). #### Methods ##### `encrypt(text: string): Promise<Encrypted>` Encrypts a string using AES-256-GCM. - `text`: The string to encrypt (can be empty). - Returns: Promise resolving to an `Encrypted` object. ##### `decrypt(encrypted: Encrypted): Promise<string>` Decrypts previously encrypted data. - `encrypted`: An `Encrypted` object from the `encrypt` method. - Returns: Promise resolving to the original string. ##### `static createRotator(oldSecretKey: string, newSecretKey: string): (encrypted: Encrypted) => Promise<Encrypted>` Creates a key rotation function. - `oldSecretKey`: The current encryption key. - `newSecretKey`: The new encryption key. - Returns: A function that takes old encrypted data and returns newly encrypted data. ### Types ```typescript interface Encrypted { iv: string; // Initialization vector (hex) content: string; // Encrypted content (hex) authTag: string; // Authentication tag (hex, Node.js only) } ``` ## Requirements - Node.js >= 20.0.0 - Modern browsers with Web Crypto API support ## License MIT