Package Exports

@bolttech/encryption
@bolttech/encryption/dist/index.js

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (@bolttech/encryption) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

Encryption Module by NodeJS

This library allows you to create key pairs, encrypt, and decrypt data with the same strategy of the Encryption Service.

Adding dependency

npm i @bolttech/encryption

Encryption Service V2

AES Algorithm

For all examples below, consider the encryption strategy object below.

import {
  AESCipherModeAllowed,
  HashBasedBufferEncodingAllowed,
  IAESStrategy,
  SHAHashBasedAlgorithmsAllowed,
} from '@bolttech/encryption';

const strategy: IAESStrategy = {
  key: {
    algorithm: SHAHashBasedAlgorithmsAllowed.SHA512,
    encoding: HashBasedBufferEncodingAllowed.HEX,
  },
  encryption: {
    mode: AESCipherModeAllowed.AES256CBC,
    iv: {
      size: 16,
    },
    authTag: {
      size: undefined,
    },
    encoding: HashBasedBufferEncodingAllowed.BASE64,
  },
};

Creating key

import { AESEncryption } from '@bolttech/encryption';

const passphrase = 'yourStrongPassphrase';

const encryption = new AESEncryption(strategy);
const { key } = await encryption.generateKeyPair(passphrase);

// Save key content in a file

Encrypting data

import { AESEncryption } from '@bolttech/encryption';
import { Readable } from 'stream';

const key = 'lK77i+eLK3(more ...)';
const passphrase = 'yourStrongPassphrase';
const data = Buffer.from('Confidential data.');
const stream = Readable.from(data);

const encryption = new AESEncryption(strategy);
const encryptedData = encryption.encryptData(stream, key, passphrase);

Decrypting data

import { AESEncryption } from '@bolttech/encryption';
import { Readable } from 'stream';

const key = 'lK77i+eLK3(more ...)';
const passphrase = 'yourStrongPassphrase';
const encryptedData = Buffer.from(
  'fYXibm78TQ6QVe2B8Gf86UP81onrT+scHgGVi2typP3stRf9S(more ...)',
);
const stream = Readable.from(encryptedData);

const encryption = new AESEncryption(strategy);
const decryptedData = encryption.decryptData(stream, key, passphrase);

OpenPGP Algorithm

For all examples below, consider the encryption strategy object below.

import {
  HashBasedBufferEncodingAllowed,
  IOpenPGPStrategy,
  OpenPGPTypesAllowed,
} from '@bolttech/encryption';

const strategy: IOpenPGPStrategy = {
  keyPair: {
    type: OpenPGPTypesAllowed.RSA,
    rsaBits: 2048,
    curve: undefined,
  },
  encryption: {
    encoding: HashBasedBufferEncodingAllowed.BASE64,
    chunkSizeToEncode: 256,
  },
};

Creating key pairs

import { OpenPGPEncryption } from '@bolttech/encryption';

const passphrase = 'yourStrongPassphrase';
const name = 'Joe Doe';
const email = 'joedoe@test.com';

const encryption = new OpenPGPEncryption(strategy);
const { publicKey, privateKey } = await encryption.generateKeyPair(
  passphrase,
  name,
  email,
);

// Save publicKey and privateKey content in a file with extension .pem

Encrypting data

import { OpenPGPEncryption } from '@bolttech/encryption';
import { Readable } from 'stream';

const publicKey = '-----BEGIN PGP PUBLIC KEY BLOCK-----\n(more ...)';
const data = Buffer.from('Confidential data.');
const stream = Readable.from(data);

const encryption = new OpenPGPEncryption(strategy);
const encryptedData = encryption.encryptData(stream, publicKey);

Decrypting data

import { OpenPGPEncryption } from '@bolttech/encryption';
import { Readable } from 'stream';

const privateKey = '-----BEGIN PGP PRIVATE KEY BLOCK-----\n(more ...)';
const passphrase = 'yourStrongPassphrase';
const encryptedData = Buffer.from(
  'fYXibm78TQ6QVe2B8Gf86UP81onrT+scHgGVi2typP3stRf9S(more ...)',
);
const stream = Readable.from(encryptedData);

const encryption = new OpenPGPEncryption(strategy);
const decryptedData = encryption.decryptData(stream, privateKey, passphrase);

RSA Algorithm

For all examples below, consider the encryption strategy object below.

import {
  AESCipherModeAllowed,
  EncryptionPaddingAllowed,
  HashBasedBufferEncodingAllowed,
  IRSAStrategy,
  KeyFormatAllowed,
  RSAPrivateKeyEncodingTypeAllowed,
  RSAPublicKeyEncodingTypeAllowed,
  SHAHashBasedAlgorithmsAllowed,
} from '@bolttech/encryption';

const strategy: IRSAStrategy = {
  keyPair: {
    modulusLength: 2048,
    publicExponent: undefined,
    publicKeyEncoding: {
      type: RSAPublicKeyEncodingTypeAllowed.SPKI,
      format: KeyFormatAllowed.PEM,
    },
    privateKeyEncoding: {
      type: RSAPrivateKeyEncodingTypeAllowed.PKCS8,
      format: KeyFormatAllowed.PEM,
      cipher: AESCipherModeAllowed.AES256CBC,
    },
  },
  encryption: {
    oaepHash: SHAHashBasedAlgorithmsAllowed.SHA256,
    padding: EncryptionPaddingAllowed.RSA_PKCS1_OAEP_PADDING,
    encoding: HashBasedBufferEncodingAllowed.BASE64,
  },
};

Creating key pairs

import { RSAEncryption } from '@bolttech/encryption';

const passphrase = 'yourStrongPassphrase';

const encryption = new RSAEncryption(strategy);
const { publicKey, privateKey } = await encryption.generateKeyPair(passphrase);

// Save publicKey and privateKey content in a file with extension .pem

Encrypting data

import { RSAEncryption } from '@bolttech/encryption';
import { Readable } from 'stream';

const publicKey = '-----BEGIN PUBLIC KEY-----\n(more ...)';
const data = Buffer.from('Confidential data.');
const stream = Readable.from(data);

const encryption = new RSAEncryption(strategy);
const encryptedData = encryption.encryptData(stream, publicKey);

Decrypting data

import { RSAEncryption } from '@bolttech/encryption';
import { Readable } from 'stream';

const privateKey = '-----BEGIN ENCRYPTED PRIVATE KEY-----\n(more ...)';
const passphrase = 'yourStrongPassphrase';
const encryptedData = Buffer.from(
  'fYXibm78TQ6QVe2B8Gf86UP81onrT+scHgGVi2typP3stRf9S(more ...)',
);
const stream = Readable.from(encryptedData);

const encryption = new RSAEncryption(strategy);
const decryptedData = encryption.decryptData(stream, privateKey, passphrase);

Encryption Service V1

AES Algorithm

Creating key pairs

import {
  AESCipherModeAllowed,
  HashBasedBufferEncodingAllowed,
  SHAHashBasedAlgorithmsAllowed,
  V1AESEncryption,
} from '@bolttech/encryption';

const passphrase = 'yourStrongPassphrase';

const encryption = new V1AESEncryption(
  AESCipherModeAllowed.AES256CBC,
  SHAHashBasedAlgorithmsAllowed.SHA512,
  HashBasedBufferEncodingAllowed.HEX,
);
const { key } = await encryption.generateKey(passphrase);

// Save key content in a file

Encrypting data

import {
  AESCipherModeAllowed,
  HashBasedBufferEncodingAllowed,
  SHAHashBasedAlgorithmsAllowed,
  V1AESEncryption,
} from '@bolttech/encryption';

const key = 'lK77i+eLK3(more ...)';
const passphrase = 'yourStrongPassphrase';
const data = Buffer.from('Confidential data.');

const encryption = new V1AESEncryption(
  AESCipherModeAllowed.AES256CBC,
  SHAHashBasedAlgorithmsAllowed.SHA512,
  HashBasedBufferEncodingAllowed.HEX,
);
const encryptedData = encryption.encryptData(data, key, passphrase);

Note: Encryption Service v1 does not support manipulation of binary data.

Decrypting data

import {
  AESCipherModeAllowed,
  HashBasedBufferEncodingAllowed,
  SHAHashBasedAlgorithmsAllowed,
  V1AESEncryption,
} from '@bolttech/encryption';

const key = 'lK77i+eLK3(more ...)';
const passphrase = 'yourStrongPassphrase';
const encryptedData = Buffer.from(
  'fYXibm78TQ6QVe2B8Gf86UP81onrT+scHgGVi2typP3stRf9S(more ...)',
);

const encryption = new V1AESEncryption(
  AESCipherModeAllowed.AES256CBC,
  SHAHashBasedAlgorithmsAllowed.SHA512,
  HashBasedBufferEncodingAllowed.HEX,
);
const decryptedData = encryption.decryptData(
  encryptedData,
  privateKey,
  passphrase,
);

Note: Encryption Service v1 does not support manipulation of binary data.

OpenPGP Algorithm

import { V1OpenPGPEncryption } from '@bolttech/encryption';

const passphrase = 'yourStrongPassphrase';
const name = 'Joe Doe';
const email = 'joedoe@test.com';

const encryption = new V1OpenPGPEncryption(2048);
const { publicKey, privateKey } = await encryption.generateKeyPair(
  passphrase,
  name,
  email,
);

// Save publicKey and privateKey content in a file with extension .pem

Encrypting data

import { V1OpenPGPEncryption } from '@bolttech/encryption';

const publicKey = '-----BEGIN PUBLIC KEY-----\n(more ...)';
const data = Buffer.from('Confidential data.');

const encryption = new V1OpenPGPEncryption(2048);
const encryptedData = encryption.encryptData(data, publicKey);

Note: Encryption Service v1 does not support manipulation of binary data.

Decrypting data

import { V1OpenPGPEncryption } from '@bolttech/encryption';

const privateKey = '-----BEGIN ENCRYPTED PRIVATE KEY-----\n(more ...)';
const passphrase = 'yourStrongPassphrase';
const encryptedData = Buffer.from(
  'fYXibm78TQ6QVe2B8Gf86UP81onrT+scHgGVi2typP3stRf9S(more ...)',
);

const encryption = new V1OpenPGPEncryption(2048);
const decryptedData = encryption.decryptData(
  encryptedData,
  privateKey,
  passphrase,
);

Note: Encryption Service v1 does not support manipulation of binary data.

RSA Algorithm

Creating key pairs

import { V1RSAEncryption } from '@bolttech/encryption';

const passphrase = 'yourStrongPassphrase';

const encryption = new V1RSAEncryption(2048);
const { publicKey, privateKey } = await encryption.generateKeyPair(passphrase);

// Save publicKey and privateKey content in a file with extension .pem

Encrypting data

import { V1RSAEncryption } from '@bolttech/encryption';

const publicKey = '-----BEGIN PUBLIC KEY-----\n(more ...)';
const data = Buffer.from('Confidential data.');

const encryption = new V1RSAEncryption(2048);
const encryptedData = encryption.encryptData(data, publicKey);

Note: Encryption Service v1 does not support manipulation of binary data.

Decrypting data

import { V1RSAEncryption } from '@bolttech/encryption';

const privateKey = '-----BEGIN ENCRYPTED PRIVATE KEY-----\n(more ...)';
const passphrase = 'yourStrongPassphrase';
const encryptedData = Buffer.from(
  'fYXibm78TQ6QVe2B8Gf86UP81onrT+scHgGVi2typP3stRf9S(more ...)',
);

const encryption = new V1RSAEncryption(2048);
const decryptedData = encryption.decryptData(
  encryptedData,
  privateKey,
  passphrase,
);

Note: Encryption Service v1 does not support manipulation of binary data.

Common

OpenPGP

Generating your key pair with command line

# Pending

Checking your key pair with command line

# Pending

RSA

Generating your key pair with command line

# Generating the private key
openssl genpkey -algorithm RSA -out private_key.pem -aes-256-cbc -pass pass:"yourStrongPassphrase" -pkeyopt rsa_keygen_bits:4096 -outform PEM

# Generating the public key for the private key
openssl pkey -in private_key.pem -passin pass:"yourStrongPassphrase" -pubout -out public_key.pem

Checking your key pair with command line

If you generated your key pairs another way, you can check if it is compatible with the commands below.

# Checking if the algorithm used was RSA
openssl rsa -in private_key.pem -passin pass:"yourStrongPassphrase" -check

# Checking private key size in bits and the format is in PKCS#8
openssl pkey -in private_key.pem -passin pass:"yourStrongPassphrase" -text -noout

# Checking public key size in bits and the format is in SPKI
openssl pkey -in public_key.pem -pubin -text -noout

# Checking private key compatibility with public key (Note: It will be fully compatible if there is no output in the result of this command)
openssl pkey -in private_key.pem -passin pass:"yourStrongPassphrase" -pubout -out public_key_from_private.pem && diff public_key.pem public_key_from_private.pem && rm public_key_from_private.pem

TO DO

Encryption Service v1
- Support for RSA encryption;
- Support for RSA signature;
- Support for OpenPGP encryption;
- Support for OpenPGP signature;
- Support for AES encryption;
- Support for AES signature;
Encryption Service v2
- Support for RSA encryption;
- Support for RSA signature;
- Support for OpenPGP encryption;
- Support for OpenPGP signature;
- Support for AES encryption;
- Support for AES signature;