Amaretti.js

Amaretti.js is a library to encrypt and decrypt message into the browser. They use native implementation (WebCrypto APIs) when available, or SJCL library when not.

Getting started

Installation

This library can be installed with npm or bower, as you prefer:

bower install amaretti

npm install amaretti

How to use it

Just import the javascript file and require the library. Require system is included into amaretti library

<script src="public/vendor.js"></script>
<script src="public/amaretti.js"></script>
var Amaretti = require('amaretti').init();

Generate a salt

Salt are used into key generation and to randomize the encryption of a message. You can get a base64 salt using this Amaretti.getSalt()

Amaretti.getSalt().then(function(salt) {
	// Manipulate your salt
}, function (error) {
	// There was an error
});

Generate a key

To encrypt or decrypt messages, you need to use a key. You can generate a key usable with a passphrase (like a password). Key generated is returned as base64. To randomize the generation, you need to give a salt and a hash algorithm

Amaretti.generateKey(passphrase, salt, hash).then(function(key) {
	// Manipulate your key
}, function (error) {
	// There was an error
});

passphrase: is the passphrase used to encrypt or decrypt messages
salt: is the salt, base64 encoded, used to randomize the key generator
hash: is the name of algorithm used to hash the key. It could be SHA-1 or SHA-256

Encrypt a message

You can encrypt a message with your key. Amaretti use AES-GCM to encrypt data. To avoid brut-force attack agains the encrypted data, each data had to be encrypt with a different and random nonce. You can use a salt as nonce. Don't lose this nonce, you will need it to decrypt the message.

Amaretti.encrypt(key, message, nonce).then(function(encrypted) {
	// Manipulate your encrypted message
}, function (error) {
	// There was an error
});

key: is the base64 used to encrypt message
message: is the message to encrypt
nonce: is a random value, in base64 format, use to avoid attacks

Decrypt a message

Amaretti..decrypt(key, encrypted, nonce).then(function(decrypted) {
	// Manipulate your encrypted message
}, function (error) {
	// There was an error
});

key: is the base64 used to encrypt message
__encrypted: is the encrypted message to decrypt, in base64 format
nonce: is a random value, in base64 format, use to avoid attacks

License

MIT

How to contribute

Hum ... on github :)

To build library

npm install
bower install
brunch build

To run tests

npm run test

Ideas for a roadmap

Return key and crypted data with JOSE standard (JWE and JWT)
Check sha-256 for firefox and sha-1 for SJCL ito key generation

vincentcasse / amaretti.js Goto Github PK

amaretti.js's Introduction

Amaretti.js

Getting started

Installation

How to use it

Generate a salt

Generate a key

Encrypt a message

Decrypt a message

License

How to contribute

To build library

To run tests

Ideas for a roadmap

amaretti.js's People

Contributors

Stargazers

Watchers

Forkers

Recommend Projects

Recommend Topics

Recommend Org