GitHub - telkomdev/crypsi: Custom crypto utility that wraps the crypto node module to make life easier (Digest, Cipher, HMAC, RSA, RSA Digital Signature)

Custom crypto utility that wraps the crypto node module to make life easier

Install

Crypsi is compatible with each other with the following libraries

Golang https://github.com/telkomdev/go-crypsi
Python https://github.com/telkomdev/pycrypsi
C# (.NET) https://github.com/telkomdev/NetCrypsi
Java/JVM https://github.com/telkomdev/jcrypsi
Javascript (React and Browser) https://github.com/telkomdev/crypsi.js

Usage

Just open the unit test folder, all available there.

Features

Asymmetric encryption with RSA
Generate RSA private and public key
Digital Signature with RSA private and public key using PSS
Symmetric encryption with AES
Message authentication code with HMAC
Generate Hash with Common DIGEST Algorithm

Example Generate RSA Private and Public Key

Javascript

const { rsa, keyUtil } = require('crypsi');
const fs = require('fs');

rsa.generateRSAKeyPair(keyUtil.KEY_SIZE_4KB, '').then(pairs => {
    console.log(pairs.publicKey);
    console.log(pairs.privateKey);

    console.log('\n');
    console.log(rsa.loadPrivateKeyAsBase64(pairs.privateKey));
    console.log('\n');
    console.log(rsa.loadPublicKeyAsBase64(pairs.publicKey));

    const publicKeyWriter = fs.createWriteStream('public.key');
    publicKeyWriter.write(pairs.publicKey);
    
    const privateKeyWriter = fs.createWriteStream('private.key');
    privateKeyWriter.write(pairs.privateKey);

    publicKeyWriter.close();
    privateKeyWriter.close();
}).catch(err => {
    console.log(err);
});

Typescript

import { digest, rsa, rsaSign, keyUtil } from 'crypsi';
import fs from 'fs';

async function generate() {
    const pairs = await rsa.generateRSAKeyPair(keyUtil.KEY_SIZE_2KB);

    const publicKeyWriter = fs.createWriteStream('public.key');
    publicKeyWriter.write(pairs.publicKey);
    
    const privateKeyWriter = fs.createWriteStream('private.key');
    privateKeyWriter.write(pairs.privateKey);

    publicKeyWriter.close();
    privateKeyWriter.close();
}

generate();

Result RSA Public Key

Result RSA Private Key

Example Loading RSA Private and Public Key

const { rsa } = require('crypsi');
const fs = require('fs');

// loading RSA private key from file
const privateKeyData = fs.readFileSync('./testdata/private.key');
const privateKey = rsa.loadPrivateKey(privateKeyData);

console.log(privateKey);

// loading RSA public key from file
const publicKeyData = fs.readFileSync('./testdata/public.key');
const publicKey = rsa.loadPublicKey(publicKeyData);

console.log(publicKey);

Example Loading RSA Private and Public Key as Base64 String

const { rsa } = require('crypsi');
const fs = require('fs');

// loading RSA private key from file
const privateKeyData = fs.readFileSync('./testdata/private.key');
const privateKeyBase64 = rsa.loadPrivateKeyAsBase64(privateKeyData);

console.log(privateKeyBase64);

// loading RSA public key from file
const publicKeyData = fs.readFileSync('./testdata/public.key');
const publicKeyBase64 = rsa.loadPublicKeyAsBase64(publicKeyData);

console.log(publicKeyBase64);

Example Loading RSA Private and Public Key as Base64 String and load back as RSA private and public key

const { rsa } = require('crypsi');
const fs = require('fs');

// loading RSA private key from file
const privateKeyData = fs.readFileSync('./testdata/private.key');
const privateKeyBase64 = rsa.loadPrivateKeyAsBase64(privateKeyData);

// for example: save privateKeyBase64 to database
const privateKey = rsa.loadPrivateKeyFromBase64(privateKeyBase64);
console.log(privateKey);

// loading RSA public key from file
const publicKeyData = fs.readFileSync('./testdata/public.key');
const publicKeyBase64 = rsa.loadPublicKeyAsBase64(publicKeyData);

// for example: save publicKeyBase64 to database

const publicKey = rsa.loadPublicKeyFromBase64(publicKeyBase64);
console.log(publicKey);

Example Digital Signature with RSA Private and Public Key

const { rsa, rsaSign, keyUtil } = require('crypsi');
const { Buffer } = require('buffer');
const fs = require('fs');

rsa.generateRSAKeyPair(keyUtil.KEY_SIZE_4KB, '').then(pairs => {
    console.log(pairs.publicKey);
    console.log(pairs.privateKey);

    // data can be anything, from simple string or Buffer of file
    const fileData = fs.readFileSync('./testdata/myfile.txt');

    // sign with private key
    const signature = rsaSign.signWithPSSSha256(pairs.privateKey, Buffer.from(fileData));

     // => for example: save signature to database

    // verifying digital signature with public key
    const signatureValid = rsaSign.verifyWithPSSSha256(pairs.publicKey, signature, Buffer.from(fileData));
    console.log(signatureValid);
}).catch(err => {
    console.log(err);
});

Example Encryption with RSA Private and Public Key

const { rsa, rsaEncryption, keyUtil } = require('crypsi');
const fs = require('fs');

rsa.generateRSAKeyPair(keyUtil.KEY_SIZE_4KB, '').then(pairs => {
    console.log(pairs.publicKey);
    console.log(pairs.privateKey);

    // data can be anything, from simple string or Buffer of file
    const fileData = fs.readFileSync('./testdata/myfile.txt');

    // encrypt with public key
    const encryptedData = rsaEncryption.encryptWithOaepSha256(pairs.publicKey, fileData);

    // decrypt with private key
    const decryptedData = rsaEncryption.decryptWithOaepSha256(pairs.privateKey, encryptedData);

    console.log(decryptedData);
}).catch(err => {
    console.log(err);
});

Example Generate Hash with common Digest Algorithm

const { digest } = require('crypsi');

const data = 'hello world';

// MD5
const generatedHashMd5 = digest.md5(data);
console.log(generatedHashMd5);

// SHA1
const generatedHashSha1 = digest.sha1(data);
console.log(generatedHashSha1);

// SHA256
const generatedHashSha256 = digest.sha256(data);
console.log(generatedHashSha256);

// SHA384
const generatedHashSha384 = digest.sha384(data);
console.log(generatedHashSha384);

// SHA512
const generatedHashSha512 = digest.sha512(data);
console.log(generatedHashSha512);

Example Generate Hash with HMAC

Keyed-Hash Message Authentication Code (HMAC) as defined in U.S. Federal Information Processing Standards Publication 198. An HMAC is a cryptographic hash that uses a key to sign a message (from Golang Documentation).

const { hmac } = require('crypsi');

const key = 'abc$#128djdyAgbjau&YAnmcbagryt5x';
const data = 'hello world';

// MD5
const generatedHmacMd5 = hmac.md5(key, data);
console.log(generatedHmacMd5);

// SHA1
const generatedHmacSha1 = hmac.sha1(key, data);
console.log(generatedHmacSha1);

// SHA256
const generatedHmacSha256 = hmac.sha256(key, data);
console.log(generatedHmacSha256);

// SHA384
const generatedHmacSha384 = hmac.sha384(key, data);
console.log(generatedHmacSha384);

// SHA512
const generatedHmacSha512 = hmac.sha512(key, data);
console.log(generatedHmacSha512);

Example Encryption with AES Algorithm

Expected key len:

AES 128: key length should be 16 bytes
AES 192: key length should be 24 bytes
AES 256: key length should be 32 bytes

Data encryption with AES 256 CBC

const { aesEncryption } = require('crypsi');

const key = 'abc$#128djdyAgbjau&YAnmcbagryt5x';
const data = 'hello world';

// encrypt data with AES 256 CBC
const encryptedData = aesEncryption.encryptWithAes256Cbc(key, data);
console.log(encryptedData);

// decrypt data with AES 256 CBC with the same key
const decryptedData = aesEncryption.decryptWithAes256Cbc(key, encryptedData);
console.log(decryptedData);

File encryption with AES 256 CBC

const fs = require('fs');
const { aesEncryption } = require('crypsi');

const key128 = 'abc$#128djdyAgbj';

fs.readFile('myfile.jpg', null, (err, data) => {
    if (err) {
        console.log(err);
    } else {
        
        const encrypted = aesEncryption.encryptWithAes128Cbc(key128, data);
        // store encrypted data and its nonce for example to the database or to the file system
        console.log(encrypted.encrypted);

        const decryptedData = aesEncryption.decryptWithAes128Cbc(key128, encrypted);
        
        // write decrypted data back to the file
        fs.writeFile('out.jpg', decryptedData, 'binary', (err) => {
            if (err) {
                console.log('error... ', err);
            }
        });
    }
});

File Decryption with AES 256 OCB

const fs = require('fs');
const { aesEncryption } = require('crypsi');

const key256 = 'abc$#128djdyAgbjau&YAnmcbagryt5x';

fs.readFile('./test/testdata/out.bin', null, (err, data) => {
    if (err) {
      throw err;
    }

    const decryptedData = aesEncryption.decryptWithAes256Ocb(key256, Buffer.from(data.toString(), 'hex'));

    fs.writeFileSync('out.png', decryptedData);
  });