Authenticated Encryption with AES-CBC and HMAC-SHA2
For explanation see the draft.
Supported Algorithms:
algorithm | key length |
---|---|
aes-128-cbc-hmac-sha-256 | 32 |
aes-192-cbc-hmac-sha-384 | 48 |
aes-256-cbc-hmac-sha-512 | 56 |
aes-256-cbc-hmac-sha-384 | 64 |
Installation
$ npm install --save aes-cbc-hmac-sha2
Usage
Creating and using cipher/decipher is no different than createCipheriv and createDecipheriv methods of node's crypto module.
var aesHmac = ; //ciphervar cipher = aesHmac; //deciphervar decipher = aesHmac;
Cipher and Decipher objects are streams that both readable and writable.
You can also monkey-patch
node crypto module.
var crypto = ;; var cipher = crypto;//...
Encryption
var aesHmac = ;var fs = ; var key = 'AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8=' 'base64'; //128-bit keyvar iv = 'GvOMLcK5b/3YZpQJI0G8BA==' 'base64'; // 128-bit initialization vectorvar aad = 'VGhlIHNlY29uZCBwcmluY2lwbGUg' 'base64'; //additional authentication datavar plaintext = fs;var ciphertext = fs; var cipher = aesHmac;// additional authentication data must be set before encryptioncipher; // we can get authentication tag once the writable side of the stream ended.cipher; plaintext;cipher;
Decryption
Decryption operation have four inputs: key
, iv
, aad
, authTag
and of course ciphertext
.
var aesHmac = ;var fs = ; var key = 'AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8=' 'base64'; //128-bit keyvar iv = 'GvOMLcK5b/3YZpQJI0G8BA==' 'base64'; // 128-bit initialization vectorvar aad = 'VGhlIHNlY29uZCBwcmluY2lwbGUg' 'base64'; // additional authentication datavar ciphertext = fs;var decryptedtext = fs; var decipher = aesHmac;decipher; //decipher; ciphertext;decipher;
Running the tests
$ git clone https://github.com/glkz/aes-cbc-hmac-sha2.git$ cd aes-cbc-hmac-sha2$ npm install$ npm test