@deviantcode/crypt
v1.1.2
Published
Deviant Encryption, Decryption and JWT services
Downloads
5
Maintainers
hibberdkKeywords
Readme
Variantis
Npm Crypt Services Package
Variantis offers a single point of encryption and decrpytion in one complete service. This provides that one single certificate of control exists for all services. Normally each service would have its own encryption implementation. It is unknown if the developer has even implmented strong encryption or used encryption properly. By making encryption and web token generation into a single service, we can ensure taht all functions across the entire organization are of one single standard.
In the case where encryption certificates are used, it would be too difficult to secure all certificates, reissue new ones, know which ones were compromised and so forth. This also creates a state where there is only one command certificate, one point of security where we can focus all efforts upon and one failure point instead of many.
Features
- Encryption / Decrpytion
- Safe Password hashing using Bcrypt
- Json Web Tokens
- Certificate Signing for authenticity
Methods
encrypt( payload, headers, server_baseurl )
Description: Encrypt any string using AES and return the encrypted hash. This has can be decrypted
payload: (String, required) payload headers: (object, optional) optional axios headers server_baseurl: (String, optional) Alternate server
let encrypted_text = await CRYPT.encrypt('Some unsecured plain text')Returns: promise
U2FsdGVkX1/WQuCe3434OrqI8snp9MJ5zSg0ySPKIg6is78+mM64LxKE63+Uzg2Ddecrypt( payload, headers, server_baseurl )
payload: (String, required) payload headers: (object, optional) optional axios headers server_baseurl: (String, optional) Alternate server
let plain_text = await CRYPT.decrypt('U2FsdGVkX1/WQuCe3434OrqI8snp9MJ5zSg0ySPKIg6is78+mM64LxKE63+Uzg2D')Returns: promise
'Some unsecured plain text'hash( payload, headers, server_baseurl )
Description: returns an SHA384 hash of any text.
payload: (String, required) payload headers: (object, optional) optional axios headers server_baseurl: (String, optional) Alternate server
let SHA384Hash = await CRYPT.hash('plain text to hash')Returns: promise
3cb81d63d30e06c213d2e1dcc26dd8e93276057853b42f539a2d6fa5d3af46d7a106d8e81dcfeb3fa13b509c825af31fshash( payload, headers, server_baseurl )
Description: Same as above except this returns a signed Hash to ensure the hash is not tampered with.
payload: (String, required) payload headers: (object, optional) optional axios headers headers: (object, optional) optional axios headers server_baseurl: (String, optional) Alternate server
let SHA384Hash_signed = await CRYPT.shash('plain text to hash and sign')Returns: promise
eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJkYXRhIjoiOGYwNGY5YmQzYjY4ZTUzMDUwNWQyNGQ0ZWViY2YxMzE2NjIzOTkyZjZkMTIzOGFiODM0OTVhM2RhNjgyNTc1MTk4ODRlNjQwYjU0YzgyMWFiMmExZmVlNDdkM2QyYmM0IiwiaWF0IjoxNjE5OTY1ODQ2LCJhdWQiOiJJcm9uVG9rZW4iLCJpc3MiOiJJcm9uVG9rZW4gQERldk9wcyJ9.5eWyXNcsVrCYCIFXC-M6K87NHbK2jFyzu5gcndUbq7ExScKsatwDES--iYa7yVuyXtAxUemlS2y_k5F04307aAbcrypt( plaintext, headers, server_baseurl )
Description: Most commonly used for password hashing. This hash method will make any password safe to store in any database.
plaintext: (String, required) payload headers: (object, optional) optional axios headers server_baseurl: (String, optional) Alternate server
let encrypted_hash = await CRYPT.bcrypt('secretPassword24**')Returns: promise
$2b$12$lSF0hCFhnd0DA9twl0mSc.yVtF1DizU2ILjlISuij2xGtWAMS3H5ycompare( plaintext, hash, headers, server_baseurl )
Description: Given any plain text (such as a password) check that text against it's hash to see if it is correct.
plaintext: (String, required) payload hash: (String, required) hashed target to compare this plaitext to headers: (object, optional) optional axios headers server_baseurl: (String, optional) Alternate server
let match = await CRYPT.compare("secretPassword24**", "$2b$12$lSF0hCFhnd0DA9twl0mSc.yVtF1DizU2ILjlISuij2xGtWAMS3H5y")Returns: promise
true / falsegenerate( payload, ttl, headers, server_baseurl )
Description: Generate a JSON Web Token signed by our security certificates. These tokens can expire. They can not be tampered with and can contain any payload you like. Normal uses include User objects, role, scopes and more. Storing this as a cookie or localstorage is totally safe.
payload: (required) payload is the text/object/data you wish to be included in the JSON Web Token ttl: (required) string/integer representing the number of days until this JWT expires headers: (object, optional) optional axios headers server_baseurl: (String, optional) Alternate server
let jwt = await CRYPT.generate({"first_name": "John","last_name": "Doe"}, 5)Returns: promise
{
"token": "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJkYXRhIjp7InBheWxvYWQiOnsiZmlyc3RfbmFtZSI6IkpvaG4iLCJsYXN0X25hbWUiOiJEb2UifSwidHRsIjoiNSIsInRva2VuX2lkIjoiNXB2Mm4xbWNuZGtvN2E1ankzIn0sImlhdCI6MTYxOTk2NjM3NiwiZXhwIjoxNjIwMzk4Mzc2LCJhdWQiOiJJcm9uVG9rZW4iLCJpc3MiOiJJcm9uVG9rZW4gQERldk9wcyJ9.uhNAqQbOHb4rVMkWY-QTerjZCoceRl_L6T-ra4rbcB0auMr2odOUdxhqEBdgzJN1biFbk7yk6JXJRfOoVnusGw",
"created_at": "Sonntag, 2. Mai 2021",
"expires_at": "Freitag, 7. Mai 2021",
"issuedBy": "IronToken @DevOps"
}validate( payload, headers, server_baseurl )
Description: This will check that a token signature is correct, the token is not expired and will return the decoded payload of that token.
payload: (String, required) the JWT token you wish to check headers: (object, optional) optional axios headers server_baseurl: (String, optional) Alternate server
let data = await CRYPT.validate("eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJkYXRhIjp7InBheWxvYWQiOnsiZmlyc3RfbmFtZSI6IkpvaG4iLCJsYXN0X25hbWUiOiJEb2UifSwidHRsIjoiNSIsInRva2VuX2lkIjoiNXB2Mm4xbWNuZGtvN2E1ankzIn0sImlhdCI6MTYxOTk2NjM3NiwiZXhwIjoxNjIwMzk4Mzc2LCJhdWQiOiJJcm9uVG9rZW4iLCJpc3MiOiJJcm9uVG9rZW4gQERldk9wcyJ9.uhNAqQbOHb4rVMkWY-QTerjZCoceRl_L6T-ra4rbcB0auMr2odOUdxhqEBdgzJN1biFbk7yk6JXJRfOoVnusGw")Returns: promise
{
"decoded": {
"data": {
"payload": {
"first_name": "John",
"last_name": "Doe"
},
"ttl": "5",
"token_id": "5pv2n1mcndko7a5jy3"
},
"iat": 1619966376,
"exp": 1620398376,
"aud": "IronToken",
"iss": "IronToken @DevOps"
},
"created_at": "Sonntag, 2. Mai 2021",
"expires_at": "Freitag, 7. Mai 2021"
}sign( payload, headers, server_baseurl )
Description: SIgn any payload with our security certificate to prove it is a trusted resource. This returned apyload is a JSON Web TOken which can be decoded later, using the validation method above. Technicall the same as the generate function.
payload: (String, required) any text you wish to sign with this security certificate and be returned as a JWT headers: (object, optional) optional axios headers server_baseurl: (String, optional) Alternate server
let data = await CRYPT.sign("John Doe was here")Returns: promise
eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJkYXRhIjoiSm9obiBEb2Ugd2FzIGhlcmUiLCJpYXQiOjE2MTk5NjY1MjAsImF1ZCI6Iklyb25Ub2tlbiIsImlzcyI6Iklyb25Ub2tlbiBARGV2T3BzIn0.vyUsSttFyxiSZxoNy4cM-vanvGbfRnuK4ngZ24LBPAXwqjbQ51ynUoxAonXfzQt3dVGObKw1QeX_a7FjcndvWA