Hybrid Crypto JS

Introduction

Hybrid Crypto JS is a hybrid (RSA+AES) encryption and decryption toolkit for JavaScript. Hybrid Crypto JS combines RSA and AES encryption algorithms, making it possible to encrypt and decrypt large messages efficiently. This cross-platform library is based on Forge. Hybrid Crypto JS can be used in browsers, Node.js, or React Native.

Documentation

Getting started

• Introduction
• Documentation
• Installation

Features

• Initialization
• Encryption
• Decryption
• Signatures
• Verifying
• RSA key pairs

Installation

npm install hybrid-crypto-js

Importing

Node.js

1var RSA = require('hybrid-crypto-js').RSA;
2var Crypt = require('hybrid-crypto-js').Crypt;

React Native

1import { Crypt, RSA } from 'hybrid-crypto-js';

Web

Download minified hybrid-crypto.min.js file here.

1<script type="text/javascript" src="hybrid-crypto.min.js"></script>

Features

Initialization

1// Basic initialization
2var crypt = new Crypt();
3var rsa = new RSA();
4
5// Increase amount of entropy
6var entropy = 'Random string, integer or float';
7var crypt = new Crypt({ entropy: entropy });
8var rsa = new RSA({ entropy: entropy });
9
10// Select default message digest
11var crypt = new Crypt({ md: 'sha512' });
12
13// Select AES or RSA standard
14var crypt = new Crypt({
15    // Default AES standard is AES-CBC. Options are:
16    // AES-ECB, AES-CBC, AES-CFB, AES-OFB, AES-CTR, AES-GCM, 3DES-ECB, 3DES-CBC, DES-ECB, DES-CBC
17    aesStandard: 'AES-CBC',
18    // Default RSA standard is RSA-OAEP. Options are:
19    // RSA-OAEP, RSAES-PKCS1-V1_5
20    rsaStandard: 'RSA-OAEP',
21});
22
23// Alternate AES keysize (some AES algorithms requires specific key size)
24var crypt = new Crypt({
25    aesKeySize: 192, // Defaults to 256
26});

Encryption

Hybrid Crypto JS provides basic encryption function that also supports multiple RSA keys, with or without signature. An encrypted message is a JSON formatted string.

1var message = 'Hello world!';
2
3// Encryption with one public RSA key
4var encrypted = crypt.encrypt(publicKey, message);
5
6// Function also supports encryption with multiple RSA public keys
7var encrypted = crypt.encrypt([publicKey1, publicKey2, publicKey3], message);
8
9// Encryption with signature
10var encrypted = crypt.encrypt(publicKey, message, signature);

Pretty-printed sample output

1{
2    "v": "hybrid-crypto-js_0.1.2",        // Current package version
3    "iv": "CmtyaZTyzoAp1mTNUTztic0v1...", // Initialization vector
4    "keys": {                             // Encrypted AES keys by RSA fingerprints
5        "85:3d:10:e1:56...": "bHaTF9...",
6        "d3:48:6a:e9:13...": "t9eds3..."
7    },
8    "cipher": "+iwVFsC2dECBQvwcm9DND..."  // Actual encrypted message
9    "signature": "sdL93kfdm12feds3C2..."  // Signature (optional)
10}
11

Decryption

Decrypting message with Hybrid Crypto JS is as easy as encrypting. Decrypt function can decrypt any message which has been encrypted with key pair's public key. The decrypted message is a JSON object containing a message and an optional signature.

1var encrypted = '{"v":"hybrid-crypto-js_0.1.0","iv":"CmtyaZTyzoAp1mTN...';
2
3// Decrypt encryped message with private RSA key
4var decrypted = crypt.decrypt(privateKey, encrypted);
5
6// Get decrypted message
7var message = decrypted.message;

Sample output

1{
2    message: "Hello world!",            // Actual decrypted message
3    signature: "sdL93kfdm12feds3C2..."  // Signature (optional)
4}

Signatures

Hybrid Crypto JS provides simple message signing. The encrypted message can be signed with the issuer's private key.

1var message = 'Hello world!';
2
3// Create a signature with ISSUER's private RSA key
4var signature = crypt.signature(issuerPrivateKey, message);
5
6// Encrypt message with RECEIVERS public RSA key and attach the signature
7var encrypted = crypt.encrypt(receiverPublicKey, message, signature);
8
9// Select default message digest
10var crypt = new Crypt({
11    md: 'sha512', // Options: sha1, sha256, sha384, sha512, and md5
12});

Verifying

The message receiver needs to have a message issuer's public RSA key in order to verify the message issuer.

1// Encrypted message with signature
2var encrypted = '{"v":"hybri... ..."signature":"sdL93kfd...';
3
4// Decrypt message with own (RECEIVER) private key
5var decrypted = crypt.decrypt(receiverPrivateKey, encrypted);
6
7// Verify message with ISSUER's public key
8var verified = crypt.verify(
9    issuerPublicKey,
10    decrypted.signature,
11    decrypted.message,
12);

Verification function returns true or false depending on whether the verification was successful.

RSA key pairs

Hybrid Crypto JS RSA key generation function is based in Forge key pair generation function. As a difference, Hybrid Crypto JS returns key pair in PEM format.

1// Initialize RSA-class
2var rsa = new RSA();
3
4// Generate RSA key pair, default key size is 4096 bit
5rsa.generateKeyPair(function(keyPair) {
6    // Callback function receives new key pair as a first argument
7    var publicKey = keyPair.publicKey;
8    var privateKey = keyPair.privateKey;
9});
10
11// ... or:
12rsa.generateKeyPairAsync().then(keyPair => {
13    var publicKey = keyPair.publicKey;
14    var privateKey = keyPair.privateKey;
15});
16
17// Generate 1024 bit RSA key pair
18rsa.generateKeyPair(function(keyPair) {
19    // Callback function receives new 1024 bit key pair as a first argument
20    var publicKey = keyPair.publicKey;
21    var privateKey = keyPair.privateKey;
22}, 1024); // Key size
23
24// RSA can be also initialized with options
25var rsa = new RSA({
26    keySize: 4096,
27});