Encrypt/decrypt objects using aes-256-cbc algorithm
npm i -SE @debitoor/cipher
const cipher = require('@debitoor/cipher')('secret');
try {
const encrypted = cipher.encrypt({userId: '123456'});
console.log(encrypted); // { iv: 'eb0911c423161f0488337e5007887581', data: 'fd9612df14729ec373214f151b62fab74f8d7c5756082e4d057632dc5ea8d088' }
const decrypted = cipher.decrypt(encrypted);
console.log(decrypted); // { userId: '123456' }
} catch (e) {
// Handle error during encrypting/decrypting
}
- cipher(secret) - return cipher instance with given secret key
-
cipherInstance.encrypt(json) - encrypt object with secret and random initialization vector. Returns
{iv, data}
where iv - initialization vector, data - encrypted object. Throws error if json is invalid. -
cipherInstance.decrypt({iv, data}) - decrypt previously encrypted object. Takes
{iv, data}
as argument where iv - initialization vector¹, data - encrypted object. Throws error if wrong secret key or incorrect data provided.
¹ (https://nodejs.org/api/crypto.html#crypto_crypto_createcipheriv_algorithm_key_iv_options): Initialization vectors should be unpredictable and unique; ideally, they will be cryptographically random. They do not have to be secret: IVs are typically just added to ciphertext messages unencrypted. It may sound contradictory that something has to be unpredictable and unique, but does not have to be secret; it is important to remember that an attacker must not be able to predict ahead of time what a given IV will be.