simple string encryption and hashing for Node
- for hiding small text strings
- helpful error messages
- Node only, wraps crypto functions
- demonstration and utility web application available
var Blind = require('blind');
var blind = new Blind(options);
// or to go straight to an instance
var blind = require('blind')(options);
- binaryEncoding - 'base64' or 'hex', encoding of random values, keys, salt, encrypted values and hashes
- encryptAlgorithm - 'aes-256-cfb', algorithm used in encrypt() and decrypt(); see crypto.getCiphers() for a list of valid values
- encryptKey - undefined, default key to use in encrypt() and decrypt(); must be a binary encoded string
- hashAlgorithm - 'sha256', algorithm used in hash(); see crypto.getHashes() for a list of valid values
- hashRounds - 10000, number of iterations to use in hash() to make it computationally expensive
- maxDataLength - 4096, maximum allowed length in characters of data to be encrypted or hashed
- maxRandomLength - 120, maximum allowed length value for random()
- randomLength - 24, default length to use in random()
- skipChecks - false, whether to skip property and argument checks in the functions; setting to true improves performance slightly but returns cryptic error messages when it fails (not recommended)
Generates a random value of the specified length in bytes (optional, defaults to randomLength). Returns the random value as a binary-encoded string. Use this to generate keys and salt for the functions below. Wraps crypto.randomBytes.
random = new Blind().random();
// example: '3EwDPmJtBzfxXcevaVaGBE9geAFhX0Y8'
random = new Blind().random(16);
// example: 'PZ3oXv2v6Pq5HAPFI9NFbQ=='
random = new Blind({ binaryEncoding: 'hex' }).random(16)
// example: '5dfc4556a70e95a9cfda08975187b165'
Encrypts plain text data using a binary-encoded key (optional if encryptKey is set). Returns the encrypted value as a binary-encoded string. Wraps crypto.Cipher.
encrypted = new Blind({ encryptKey: 'PZ3oXv2v6Pq5HAPFI9NFbQ==' }).encrypt('Blueberry pancakes');
assert.equal(encrypted, 'yg7scmfKvnvwAcSnDy1Z+Gzm');
encrypted = new Blind().encrypt('Blueberry pancakes', 'PZ3oXv2v6Pq5HAPFI9NFbQ==');
assert.equal(encrypted, 'yg7scmfKvnvwAcSnDy1Z+Gzm');
encrypted = new Blind({ encryptAlgorithm: 'blowfish' })
.encrypt('Blueberry pancakes', 'PZ3oXv2v6Pq5HAPFI9NFbQ==');
assert.equal(encrypted, 'ARCwwlkXGORgv46zgh4sX8DzqpcWf8pi');
Decrypts the string of encrypted data using the binary-encoded key (optional if encryptKey is set). Returns the plain text value. Wraps crypto.Decipher.
decrypted = new Blind({ encryptKey: 'PZ3oXv2v6Pq5HAPFI9NFbQ==' }).decrypt('yg7scmfKvnvwAcSnDy1Z+Gzm');
assert.equal(decrypted, 'Blueberry pancakes');
decrypted = new Blind().decrypt('yg7scmfKvnvwAcSnDy1Z+Gzm', 'PZ3oXv2v6Pq5HAPFI9NFbQ==');
assert.equal(decrypted, 'Blueberry pancakes');
decrypted = new Blind({ encryptAlgorithm: 'blowfish' })
.decrypt('ARCwwlkXGORgv46zgh4sX8DzqpcWf8pi', 'PZ3oXv2v6Pq5HAPFI9NFbQ==')
assert.equal(decrypted, 'Blueberry pancakes');
Hashes plain text data using an optional binary-encoded salt value. Returns the hashed value as a binary-encoded string. For asynchronous use (recommended), provide a callback function that takes two arguments, an error object and the hashed value. Wraps crypto.Hash.
// synchronous
hash = new Blind().hash('Banana nut muffin', 'PZ3oXv2v6Pq5HAPFI9NFbQ==');
assert.equal(hash, '+evxR+9+Gr0gktw1AIS7Uzyw0w+iM6sIWdNEdF1WF44=');
hash = new Blind({ hashAlgorithm: 'sha512' }).hash('Banana nut muffin', 'PZ3oXv2v6Pq5HAPFI9NFbQ==');
assert.equal(hash, '1zLMsFAaziPTQMSSp6RI6vj7veMabm5EXJOo5Z4QPhnb3XH4lOsoCqwTk0PBfK6sYb8ANcer67B9K1HP8NtYhA==');
// asynchronous
new Blind().hash('Banana nut muffin', 'PZ3oXv2v6Pq5HAPFI9NFbQ==', function (err, hash) {
assert.equal(hash, '+evxR+9+Gr0gktw1AIS7Uzyw0w+iM6sIWdNEdF1WF44=');
})