standard-ecies
Standard ECIES (ecc encryption) implemention for NodeJS based on crypto
module with no other dependencies.
Implementation
The implemention is followed by the description in https://en.wikipedia.org/wiki/Integrated_Encryption_Scheme .
Support all of curves listed in crypto.getCurves()
.
Usage
// option parameter is optional, all options are optional except iv,// when symmetric cipher is not in ecb mode, iv option must be offered. // default option const options = hashName: 'sha256' hashLength: 32 macName: 'sha256' macLength: 32 curveName: 'secp256k1' symmetricCypherName: 'aes-128-ecb' iv: null // iv is used in symmetric cipher, set null if the cipher does not need an // initialization vector (e.g. a cipher in ecb mode). Set undefined if you // want to use deprecated createCipheriv / createDecipher / EVP_BytesToKey keyFormat: 'uncompressed' s1: null // optional shared information1 s2: null // optional shared information2const ecdh = crypto;ecdh; const plainText = Buffer;const encryptedText = ecies;const decryptedText = ecies;;
Porting from 1.0.0 to 2.0.0
For the projects used this library with options.iv set to a valid iv buffer, no change is required to make compatible with 1.0.0. Other projects can set options.iv = undefined
to make compatible with an older version.
In the version 1.0.0, it is advised to use a null iv for ECB mode ciphers, which will use crypto.createCipher -> EVP_BytesToKey to derive a key. However, as noted in the latest manual of EVP_BytesToKey that "Newer applications should use a more modern algorithm such as PBKDF2 as defined in PKCS#5v2.1 and provided by PKCS5_PBKDF2_HMAC", crypto.createCipher is deprecated by nodejs. Therefore, to avoid this library to use deprecated nodejs API by default, the behavior of options.iv == null
now is to use crypto.createCipheriv with an empty iv to create the cipher which, however, is incompatible with the cipher created by crypto.createCipher.