Gathering detailed insights and metrics for node-crypto-js
Gathering detailed insights and metrics for node-crypto-js
Node (RSA+AES) encryption and decryption companion for hybrid-crypto-js
Installations
npm install node-crypto-jsDeveloper Guide
BETA
Typescript
No
Module System
CommonJS
Node Version
11.2.0
NPM Version
6.9.0
Releases
Unable to fetch releases
Languages
1
JavaScript
JavaScript (100%)
Developer
nunsie
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
4 Stars
164 Commits
2 Watchers
8 Branches
1 Contributors
Updated on May 09, 2023
Maintainers
1
Package Meta Information
Latest Version
1.0.3
Package Id
node-crypto-js@1.0.3
Unpacked Size
26.36 kB
Size
9.91 kB
File Count
9
NPM Version
6.9.0
Node Version
11.2.0
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
1
Node Crypto JS
Introduction
Node Crypto JS is a NodeJS (RSA+AES) encryption and decryption companion for hybrid-crypto-js. Node Crypto JS combines RSA and AES encryption algorithms making it possible to efficiently encrypt and decrypt large messages. This node library is based on hybrid-crypto-js.
Documentation
Getting started
Features
Installation
npm install node-crypto-js
Importing
Node.js
1var RSA = require('node-crypto-js').RSA; 2var Crypt = require('node-crypto-js').Crypt;
Features
Initialization
1// Basic initialization 2var crypt = new Crypt(); 3var rsa = new RSA(); 4 5// Increase amount of entropy 6var entropy = 'Random string, integer or float'; 7var crypt = new Crypt({ entropy: entropy }); 8var rsa = new RSA({ entropy: entropy });
Encryption
Node Crypto JS provides basic encryption function which supports also multiple RSA keys, with or without signature. Encrypted message is outputted as a JSON string.
1var message = 'Hello world!'; 2 3// Encryption with one public RSA key 4var encrypted = crypt.encrypt(publicKey, message); 5 6// Function also supports encryption with multiple RSA public keys 7var encrypted = crypt.encrypt([publicKey1, publicKey2, publicKey3], message); 8 9// Encryption with signature 10var encrypted = crypt.encrypt(publicKey, message, signature);
Pretty-printed sample output
1{ 2 "v": "node-crypto-js_0.1.2", // Current package version 3 "iv": "CmtyaZTyzoAp1mTNUTztic0v1...", // Initialization vector 4 "keys": { // Encrypted AES keys by RSA fingerprints 5 "85:3d:10:e1:56...": "bHaTF9...", 6 "d3:48:6a:e9:13...": "t9eds3..." 7 }, 8 "cipher": "+iwVFsC2dECBQvwcm9DND..." // Actual encrypted message 9 "signature": "sdL93kfdm12feds3C2..." // Signature (optional) 10} 11
Decryption
Decrypting message with Hybrid Crypto JS is as easy as encrypting. Decryption function can decrypt any message which has been encrypted with keypair's public key. Decrypted message is outputted as a JSON object.
1var encrypted = '{"v":"node-crypto-js_0.1.0","iv":"CmtyaZTyzoAp1mTN...'; 2 3// Decrypt encryped message with private RSA key 4var decrypted = crypt.decrypt(privateKey, encrypted); 5 6// Get decrypted message 7var message = decrypted.message;
Sample output
1{ 2 message: "Hello world!", // Actual decrypted message 3 signature: "sdL93kfdm12feds3C2..." // Signature (optional) 4}
Signatures
Hybrid Crypto JS provides simple message signing. When issuer signs a message, message receiver can be sure of the message issuer.
1var message = 'Hello world!'; 2 3// Create a signature with ISSUER's private RSA key 4var signature = crypt.signature(issuerPrivateKey, message); 5 6// Encrypt message with RECEIVERS public RSA key and attach the signature 7var encrypted = crypt.encrypt(receiverPublicKey, message, signature);
Verifying
Message receiver needs to have message issuer's public RSA key in order to verify message issuer.
1// Encrypted message with signature 2var encrypted = '{"v":"hybri... ..."signature":"sdL93kfd...'; 3 4// Decrypt message with own (RECEIVER) private key 5var decrypted = crypt.decrypt(receiverPrivateKey, encrypted); 6 7// Verify message with ISSUER's public key 8var verified = crypt.verify( 9 issuerPublicKey, 10 decrypted.signature, 11 decrypted.message 12);
Verification function return true or false depending on whether the verification was successfull.
RSA keypairs
Hybrid Crypto JS RSA key generation function is based in Forge key pair generation function. As a difference Hybrid Crypto JS returns keypair in PEM format.
1// Initialize RSA-class 2var rsa = new RSA(); 3 4// Generate RSA key pair, defaults on 4096 bit key 5rsa.generateKeypair(function(keypair) { 6 // Callback function receives new keypair as a first argument 7 var publicKey = keypair.publicKey; 8 var privateKey = keypair.privateKey; 9}); 10 11// Generate 1024 bit RSA key pair 12rsa.generateKeypair(function(keypair) { 13 // Callback function receives new 1024 bit keypair as an argument 14 var publicKey = keypair.publicKey; 15 var privateKey = keypair.privateKey; 16}, 1024); // Key size 17 18// RSA can be also initialized with options 19var rsa = new RSA({ 20 keySize: 4096, 21 rsaStandard: 'RSA-OAEP' // RSA-OAEP or RSAES-PKCS1-V1_5, 22});
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
no SAST tool detected
Details
- Warn: no pull requests merged into dev branch
Reason
Found 0/30 approved changesets -- score normalized to 0
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
license file not detected
Details
- Warn: project does not have a license file
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
22 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-h6ch-v84p-w6p9
- Warn: Project is vulnerable to: GHSA-4q6p-r6v2-jvc5
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-jf85-cpcp-j695
- Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
- Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m
- Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-92xj-mqp7-vmcj
- Warn: Project is vulnerable to: GHSA-wxgw-qj99-44c2
- Warn: Project is vulnerable to: GHSA-5rrq-pxf6-6jx5
- Warn: Project is vulnerable to: GHSA-8fr3-hfg3-gpgp
- Warn: Project is vulnerable to: GHSA-gf8q-jrpm-jvxq
- Warn: Project is vulnerable to: GHSA-2r2c-g63r-vccr
- Warn: Project is vulnerable to: GHSA-cfm4-qjh2-4765
- Warn: Project is vulnerable to: GHSA-x4jg-mjrx-434g
- Warn: Project is vulnerable to: GHSA-g6ww-v8xp-vmwg
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Score
1.3
/10
Last Scanned on 2025-07-07
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More