cryptify
A dead simple file-based encyrption (FBE) utitily for Node.js.
Table of Contents
CLI
Installation
$ npm i -g cryptify
Usage
Adheres to http://docopt.org/ via commander.js
$ cryptify encrypt <file>... (-p <password>) [-c <cipher>] [-e <encoding>] [-s]
$ cryptify decrypt <file>... (-p <password>) [-c <cipher>] [-e <encoding>] [-s]
Commands
Command | Description |
---|---|
encrypt |
Encrypt file(s) |
decrypt |
Decrypt file(s) |
Command Arguments
Short | Long | Description | Default | Required |
---|---|---|---|---|
-p |
--password |
Cryptographic key | Yes | |
-c |
--cipher |
Cipher algorithm | aes-256-cbc |
No |
-e |
--encoding |
Character encoding of returned file(s) | utf8 |
No |
-s |
--silent |
Silence informational display | false |
No |
-o |
--loose |
Bypass password requirements | false |
No |
General Arguments
Short | Long | Description |
---|---|---|
-h |
--help |
Display help |
-v |
--version |
Show version |
-l |
--list |
List available ciphers |
Encrypt a file with a password
$ cryptify encrypt ./configuration.props -p mySecretKey
cipher
Encrypt some files with a custom$ cryptify encrypt ./foo.json ./bar.jpg -p mySecretKey -c aes-256-cbc-hmac-sha256
cipher
Decrypt some files with a custom$ cryptify decrypt ./foo.json ./bar.jpg -p mySecretKey -c aes-256-cbc-hmac-sha256
Show general help
$ cryptify help encrypt
Usage: cryptify [options] [command]
Options:
-v, --version Display the current version
-l, --list List available ciphers
-h, --help Display help for the command
Commands:
encrypt [options] <file...> Encrypt files(s)
decrypt [options] <file...> Decrypt files(s)
help <command> Display help for the command
Example:
$ cryptify encrypt file.txt -p 'Secret123!'
$ cryptify decrypt file.txt -p 'Secret123!'
Password Requirements:
1. Must contain at least 8 characters
2. Must contain at least 1 special character
3. Must contain at least 1 numeric character
4. Must contain a combination of uppercase and lowercase
Show command help
$ cryptify help encrypt
Usage: cryptify encrypt <file>... (-p <password>) [-c <cipher>] [-e <encoding>] [-s] [-o]
Encrypt files(s)
Options:
-p, --password <password> Cryptographic key
-c, --cipher <cipher> Cipher algorithm (default: "aes-256-cbc")
-e, --encoding <encoding> Character encoding (default: "utf8")
-s, --silent Silence informational display (default: false)
-o, --loose Bypass password requirements (default: false)
-h, --help Display help for the command
Module
Installation
$ npm i -S cryptify
CommonJS
const Cryptify = require('cryptify');
ES2015
import Cryptify from 'cryptify';
Constructor
new Cryptify(files, password[, cipher][, encoding][, silent][, loose])
Encrypt / Decrypt
import Cryptify from 'cryptify';
const filePath = './example.txt'; // This can also be an array of paths.
const password = process.env.ENV_SECRET_KEY;
const instance = new Cryptify(filePath, password);
instance
.encrypt()
.then((files) => {
/* Do stuff */
})
.then(() => instance.decrypt())
.then((files) => {
/* Do stuff */
})
.catch((e) => console.error(e));
Decrypt / Encrypt
import Cryptify from 'cryptify';
const filePath = './example.txt'; // This can also be an array of paths.
const password = process.env.ENV_SECRET_KEY;
const instance = new Cryptify(filePath, password);
instance
.decrypt()
.then((files) => {
/* Do stuff */
})
.then(() => instance.encrypt())
.then((files) => {
/* Do stuff */
})
.catch((e) => console.error(e));
Supported Ciphers
The following ciphers are supported by cryptify
:
Running cipher validation tests...
✓ Passed: aes-128-cbc
✓ Passed: aes-128-cbc-hmac-sha1
✓ Passed: aes-128-cbc-hmac-sha256
✓ Passed: aes-128-cfb
✓ Passed: aes-128-cfb1
✓ Passed: aes-128-cfb8
✓ Passed: aes-128-ctr
✓ Passed: aes-128-ofb
✓ Passed: aes-192-cbc
✓ Passed: aes-192-cfb
✓ Passed: aes-192-cfb1
✓ Passed: aes-192-cfb8
✓ Passed: aes-192-ctr
✓ Passed: aes-192-ofb
✓ Passed: aes-256-cbc
✓ Passed: aes-256-cbc-hmac-sha1
✓ Passed: aes-256-cbc-hmac-sha256
✓ Passed: aes-256-cfb
✓ Passed: aes-256-cfb1
✓ Passed: aes-256-cfb8
✓ Passed: aes-256-ctr
✓ Passed: aes-256-ofb
✓ Passed: aes128
✓ Passed: aes192
✓ Passed: aes256
✓ Passed: aria-128-cbc
✓ Passed: aria-128-cfb
✓ Passed: aria-128-cfb1
✓ Passed: aria-128-cfb8
✓ Passed: aria-128-ctr
✓ Passed: aria-128-ofb
✓ Passed: aria-192-cbc
✓ Passed: aria-192-cfb
✓ Passed: aria-192-cfb1
✓ Passed: aria-192-cfb8
✓ Passed: aria-192-ctr
✓ Passed: aria-192-ofb
✓ Passed: aria-256-cbc
✓ Passed: aria-256-cfb
✓ Passed: aria-256-cfb1
✓ Passed: aria-256-cfb8
✓ Passed: aria-256-ctr
✓ Passed: aria-256-ofb
✓ Passed: aria128
✓ Passed: aria192
✓ Passed: aria256
✓ Passed: camellia-128-cbc
✓ Passed: camellia-128-cfb
✓ Passed: camellia-128-cfb1
✓ Passed: camellia-128-cfb8
✓ Passed: camellia-128-ctr
✓ Passed: camellia-128-ofb
✓ Passed: camellia-192-cbc
✓ Passed: camellia-192-cfb
✓ Passed: camellia-192-cfb1
✓ Passed: camellia-192-cfb8
✓ Passed: camellia-192-ctr
✓ Passed: camellia-192-ofb
✓ Passed: camellia-256-cbc
✓ Passed: camellia-256-cfb
✓ Passed: camellia-256-cfb1
✓ Passed: camellia-256-cfb8
✓ Passed: camellia-256-ctr
✓ Passed: camellia-256-ofb
✓ Passed: camellia128
✓ Passed: camellia192
✓ Passed: camellia256
✓ Passed: chacha20
✓ Results: 68 passed, 107 total
Recommendations
Strongly consider clearing your shell's session history of any sensitive information.
Bash
Bash writes the current session history to disk (~/.bash_history
) at the end of the session.
-
Tactical Approach: Clear a specific entry in the current session
$ history 666 cryptify --help 667 cryptify encrypt ./myfile.txt -p mySecretKey $ history -d 667 $ history -w
-
Blunt Approach: Clear the entire current session history (in memory)
$ history -c
-
Nuclear Approach: Clear current and existing session history (in memory, and on disk)
$ rm $HISTFILE $ history -c $ exit (open shell) $ cat $HISTFILE exit
Windows Command Prompt
Windows does not store history between command prompt sessions.
-
However, for safety, consider decreasing the
Buffer Size
andNumber of Buffers
in the Properties menu before use. -
Per this configuration, Windows will only store the last command in the buffer.
-
Once work with
cryptify
is complete, close the command prompt:C:\Users\[user]> cryptify encrypt ./myfile.txt -p mySecretKey C:\Users\[user]> exit
Windows PowerShell
-
PowerShell's
Clear-History
command doesn't seem to work as advertised, which is designed to clear the current session's history. -
However, deleting PowerShell's history file does do the trick.
PS C:\Users\[user]> cryptify encrypt ./myfile.txt -p mySecretKey PS C:\Users\[user]> del (Get-PSReadlineOption).HistorySavePath PS C:\Users\[user]> exit
Password Requirements
- Must contain at least 8 characters
- Must contain at least 1 special character
- Must contain at least 1 numeric character
- Must contain a combination of uppercase and lowercase