an easy-to-use cryptography library inspired by age by Filippo Valsorda (https://github.com/FiloSottile/age). For non-streaming usecases where authentication is desired. A wrapper around libsodium to support encrypting to multiple recipients
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
forest
b9e5accebf
|
2 years ago | |
---|---|---|
node_modules | 2 years ago | |
readme | 2 years ago | |
.gitignore | 2 years ago | |
ReadMe.md | 2 years ago | |
base58.d.ts | 2 years ago | |
index.ts | 2 years ago | |
package-lock.json | 2 years ago | |
package.json | 2 years ago | |
tsconfig.json | 2 years ago |
ReadMe.md
authentication-age
An easy-to-use cryptography library slightly inspired by age
by Filippo Valsorda (https://github.com/FiloSottile/age), but targeted at a different usecase:
For non-streaming encryption/decryption embedded inside an application. Usecases where the encrypted data is small, like less than a megabyte or so and it's not invoked directly on the command line by a user.
A wrapper around libsodium's functions:
crypto_pwhash
- memory-hard key derivation function to turn passwords into encryption key seeds
crypto_sign_seed_keypair
- turn encryption key seed into an ed25519 key-pair
crypto_box_easy
- A Diffie-Hellman primitive (a way of agreeing on a shared secret using public-private-key cryptography)
crypto_secretbox_easy
- A symmetric encryption primitive similar to AES
crypto_sign
- A Digital Signature primitive (a way to verify authenticity using public-private-key cryptography)
The purpose of this library: to support encrypting the same file to multiple recipients using public-private-key cryptography, while also supporting the verification of the sender's signature.
API
getKeyPairFromPassphrase(usersPassphrase: string): libsodium.KeyPair
publicKeyToString(publicKey: Uint8Array): string
parsePublicKeyString(publicKeyString: string): Uint8Array
publicKeyToIdentityString(publicKey: Uint8Array): string
createMessage(
plaintext: string,
senderCryptoSignKeyPair: libsodium.KeyPair,
recipientCryptoSignPublicKeys: Uint8Array[]
): EncryptedMessage
decryptMessage(
message: EncryptedMessage,
myKeyPair: libsodium.KeyPair,
addressBook: AddressBook
): DecryptResult
Usage example:
const aliceKeyPair = getKeyPairFromPassphrase("alice");
const bobKeyPair = getKeyPairFromPassphrase("bob");
const carolKeyPair = getKeyPairFromPassphrase("carol");
const secretMessage = ` Yayyyy!!!! `;
const encryptedMessage = createMessage(secretMessage, aliceKeyPair, [bobKeyPair.publicKey, carolKeyPair.publicKey]);
console.log(JSON.stringify(encryptedMessage, null, " "));
const addressBook = {
[publicKeyToIdentityString(aliceKeyPair.publicKey)]: aliceKeyPair.publicKey,
[publicKeyToIdentityString(bobKeyPair.publicKey)]: bobKeyPair.publicKey,
[publicKeyToIdentityString(carolKeyPair.publicKey)]: carolKeyPair.publicKey,
};
const bobsDecryptedMessage = decryptMessage(encryptedMessage, bobKeyPair, addressBook);
console.log("bob got: ", JSON.stringify(bobsDecryptedMessage, null, " "));
const carolsDecryptedMessage = decryptMessage(encryptedMessage, carolKeyPair, addressBook);
console.log("carol got: ", JSON.stringify(carolsDecryptedMessage, null, " "));
EncryptedMessage format
{
"type": "authenticationage v1",
"from": "identity_Fy8wD4wYU9mrTuoZKkL73d",
"to": {
"identity_L2qurUCyXj2QAnBxkWSKfq": {
"nonce": "2XNTAPKhukOnxYIOxjYz8_toJBxJVS0S",
"cryptoBox": "14IR-Qtt2p2IwVBK0rRAGdSrEVonpujo35sPvd9yUXy1RKJ5oB9plkib9mZKK76K"
},
"identity_3iSrKmbtm9j41mARd6aAVA": {
"nonce": "zr3iqJiAb9_u2WZIpRDXRC3OdOMu6YRN",
"cryptoBox": "DoQ1x0ZF9BmSsxqRERgNjnJPNhJjGD4xqvHVZGcA49yMxYD9kWxEiyY6pIcCM7RA"
}
},
"bodyNonce": "cUJZ1n3esN77cWSAjkZ6wNK9o-b2APt-",
"bodySecretBox": [
"ejqKlEVrgOn53_tlC2edIQ47DK0ckxtzedYuw1TOLlvqd-PVjlWykLG2rXT3EFruY4huwyUCe0ar1R",
"R3ekoKys5bWIapr_At53PDHlXDCjlWNtDY3BWQLQsuCURB5n0JRsg"
]
}