npm install als-crypt
als-crypt
provides a straightforward API for encrypting and decrypting data with support for predefined cryptographic standards. During initialization, if a secret key does not already exist, it is generated and stored in a specified file, or by default in a file named secret
located in the package directory.
You can customize the initialization by passing an options object. This object can include settings for the algorithm, IV length, and the path to the secret key file. The key length is predefined based on the chosen algorithm to ensure security compliance.
const Crypt = require('als-crypt');
const options = {
algorithm: 'aes-256-cbc', // Default is 'aes-256-cbc'
ivLength: 16, // Default is 16, suitable for most AES modes
secretFilePath: '/path/to/your/secret' // Default is './secret' within the package directory
};
Crypt(options);
For default settings just use Crypt (initialization will occur on first ecnrypt/decrypt), or :
const Crypt = require('als-crypt');
Crypt();
You can access the current settings through Crypt.options
, which returns the current configuration without the possibility of modification. This provides a safe way to inspect the used encryption parameters.
const secretMessage = 'Hello world!';
const encryptedData = Crypt.encrypt(secretMessage);
console.log(encryptedData); // Outputs encrypted data in hex format
const decryptedMessage = Crypt.decrypt(encryptedData);
console.log(decryptedMessage); // Output: 'Hello world!'
Both the encrypt
and decrypt
methods can throw exceptions if an error occurs during the encryption or decryption process, such as invalid input or issues with the encryption key. It is recommended to handle these exceptions to prevent application crashes.
try {
const encryptedData = Crypt.encrypt('Some sensitive data');
const decryptedData = Crypt.decrypt(encryptedData);
console.log(decryptedData);
} catch (error) {
console.error('Encryption/Decryption failed:', error);
}
The reset
method can be used to delete the current secret file and clear all settings, allowing for reinitialization with new settings. This method might throw an error if there are issues with deleting the file.
try {
Crypt.reset();
// Reinitialize with new settings if needed
Crypt({
algorithm: 'aes-192-cbc',
ivLength: 16
});
} catch (error) {
console.error('Failed to reset Crypt settings:', error);
}
The security of the encryption depends significantly on the secrecy and integrity of the key file. Ensure this file is stored in a secure location and access is strictly controlled. For environments requiring enhanced security measures, consider integrating more robust key management solutions or storing the key in a hardware security module (HSM).