npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

cryptex-js

v1.0.6

Published

## Overview The **Secure Encryption SDK** provides an easy-to-use encryption and decryption system for securely storing and managing user data. This SDK ensures data confidentiality by using a **central key**, a **master key**, and automatically rotating

Downloads

12

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

onyemaponyemap

Keywords

encryptionaes-256-gcmsecurity

Readme

Encryption SDK

This SDK provides AES-256-GCM encryption and decryption with key rotation, HMAC integrity checks, and expiration handling.

Features

  • AES-256-GCM encryption
  • HMAC integrity protection
  • Key rotation support
  • Expiration-based encryption
  • Configurable storage
  • Cron-based automatic key rotation

Installation

npm install cryptex-js

Usage

Encryption

import { Encryption } from "cryptex-js";

const config = {
  defaultKey: { key: "master-secret-key", v: 1 },
  key2: { key: "rotated-secret-key", v: 2 },
  rotation: true,
  cron: false, // Set to true if you want automatic key rotation
  store: yourStorageImplementation,
};

const encryptedData = Encryption.encrypt({
  data: { message: "Hello, world!" },
  userKey: "user-secret",
  config,
});

Decryption

const decryptedData = Encryption.decrypt({ hash: encryptedData, userKey: "user-secret", config });
console.log(decryptedData); // { message: "Hello, world!" }

Configuration Options

GeneralConfig

interface GeneralConfig {
  defaultKey: { key: string; v: number };
  key2?: { key: string; v: number };
  rotation?: boolean;
  cron?: boolean;
  store?: StorageHandler;
}
  • defaultKey: Primary encryption key.
  • key2: Optional secondary key for rotation.
  • rotation: If true, enables key rotation.
  • cron: If true, enables automatic rotation at scheduled intervals.
  • store: Storage system for managing encrypted data.

Using the Store

The store method allows you to securely store and retrieve encrypted data. This functionality can be extended by creating a custom store that follows the Store interface. The MemoryStore class provided in the SDK is a simple in-memory implementation of this interface.

Example: Default Memory Store

You can use the built-in MemoryStore as a simple solution for in-memory storage of encrypted data.

import { MemoryStore } from "cryptex-js";

const store = new MemoryStore();

Example: Custom Store Implementation

If you want to persist the encrypted data in a custom storage solution (e.g., database), you can extend the MemoryStore class or implement your own Store class.


import { MemoryStore } from 'cryptex-js';

class CustomStore extends MemoryStore {
  store(data: { userKey: string; hash: string; version: number }): void {
    // Your custom logic to save data (e.g., in a database)
    console.log('Storing data:', data);
  }

  get(filter: Record<string, any>): { userKey: string; hash: string; version: number } | null {
    // Your custom logic to retrieve data
    return super.get(filter);
  }

  // Other methods can be implemented as needed
}

Configuring Your Store

Once you have a custom store class or wish to use the default store, you can configure it in your encryption setup.

const config = {
  defaultKey: { key: "master-secret-key", v: 1 },
  store: new CustomStore(), // Use the custom store here
};

Storing Encrypted Data

You can now store the encrypted data securely using your configured store:

const encryptedData = Encryption.encrypt({
  data: { message: "Sensitive Information" },
  userKey: "user-secret-key", // Important: DO NOT expose this key
  centralKey:"custom key to use"
  config,
});

// Store the encrypted data
config.store.store({ userKey: "user-secret-key", hash: encryptedData, version: 1 });

Retrieving Encrypted Data

To retrieve the stored encrypted data, use the get or find methods of your store:

const storedData = config.store.get({ userKey: "user-secret-key" });
if (storedData) {
  console.log("Retrieved Encrypted Data:", storedData);
}

Important: Never Expose the userKey or centralKey

  • Never Expose the userKey: The userKey is a sensitive value and should never be exposed in the client-side code, logs, or publicly accessible places. Store it securely in a safe environment like a secure server, environment variable, or a key management service.
  • Never Misplace the centralKey: The centralKey is critical for encryption and decryption processes. Losing access to this key will make it impossible to decrypt any stored data. Ensure you store it securely and in a location that is backed up and accessible only to authorized personnel.

Best Practices:

  • Store userKey and centralKey securely: Avoid hardcoding both keys directly into your source code. Instead, retrieve them securely from a trusted location like environment variables or key management services.
  • Keep keys in a vault: Consider using a secure key management vault (e.g., AWS KMS, Azure Key Vault) to store sensitive keys.

Key Rotation

The SDK supports automatic key rotation for added security. When rotation is enabled, the SDK will automatically use key2 if available. If cron is also enabled, keys will rotate automatically at defined intervals.

Checking Rotation Status

You can use the rotateKeys function to manage and check if key rotation has been performed:

function rotateKeys(config: GeneralConfig) {
  if (config.rotation && !config.cron) {
    // Rotate keys manually
    const currentKeyVersion = config.defaultKey.v;
    const newKeyVersion = currentKeyVersion + 1;
    const newKey = { key: "new-encryption-key", v: newKeyVersion };
    config.defaultKey = newKey; // Update to new key
    console.log(`Keys rotated to version ${newKeyVersion}`);
  }
}

Automating Key Rotation

When cron is enabled, key rotation will happen automatically at specified intervals. This reduces the manual effort needed to keep the keys secure.

if (config.cron) {
  // Automatically rotate keys based on a cron schedule
  setInterval(() => rotateKeys(config), 86400000); // Rotate every 24 hours
}

Manual Rotation

If you have key rotation enabled but prefer to manually rotate the keys at a specific time, you can trigger rotateKeys yourself.

rotateKeys(config);

This helps ensure that encryption keys are periodically rotated to prevent the risk of key exposure over time.

Security Considerations

  • Always verify HMAC integrity before decrypting any data.
  • Ensure that the defaultKey and key2 are securely stored and rotated periodically.
  • Keep your userKey and centralKey secure at all times, and never expose them in logs or publicly accessible places.
  • Use strong, unique encryption keys and rotate them regularly for added security.

Contributions

This project is open-source, and we welcome contributions from the community! If you have any suggestions, improvements, or bug fixes, feel free to:

  • Fork the repository and create a pull request.
  • Open an issue on GitHub if you encounter any bugs or need further clarification.

We value your input and encourage you to contribute to the development of this SDK.