Virgil JavaScript Crypto Library is a high-level cryptographic library that allows you to perform all necessary operations for secure storing and transferring data and everything required to become HIPAA and GDPR compliant.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
examples
scripts
src
.editorconfig
.gitignore
.travis.yml
LICENSE
README.md
karma.conf.js
package.json
tsconfig.json
tslint.json
yarn.lock

README.md

Virgil Security JavaScript Crypto Library

Build Status npm GitHub license

Introduction | Library purposes | Usage examples | Installation | Docs | License | Contacts

Introduction

VirgilCrypto is a stack of security libraries (ECIES with Crypto Agility wrapped in Virgil Cryptogram) and an open-source high-level cryptographic library that allows you to perform all necessary operations for securely storing and transferring data in your digital solutions. Crypto Library is written in C++ and is suitable for mobile and server platforms.

Virgil Security, Inc., guides software developers into the forthcoming security world in which everything will be encrypted (and passwords will be eliminated). In this world, the days of developers having to raise millions of dollars to build a secure chat, secure email, secure file-sharing, or a secure anything have come to an end. Now developers can instead focus on building features that give them a competitive market advantage while end-users can enjoy the privacy and security they increasingly demand.

Library purposes

  • Asymmetric Key Generation
  • Encryption/Decryption of data
  • Generation/Verification of digital signatures

Usage examples

Generate a key pair

Generate a Private Key with the default algorithm (EC_X25519):

import { VirgilCrypto } from 'virgil-crypto';

const virgilCrypto = new VirgilCrypto();
const keyPair = virgilCrypto.generateKeys();

Generate and verify a signature

Generate signature and sign data with a private key:

import { VirgilCrypto } from 'virgil-crypto';

const virgilCrypto = new VirgilCrypto();
const signingKeypair = virgilCrypto.generateKeys();

// prepare a message
const messageToSign = 'Hello, Bob!';

// generate a signature
const signature = virgilCrypto.calculateSignature(messageToSign, signingKeypair.privateKey);
// signature is a NodeJS Buffer (or polyfill if in the browser)
console.log(signature.toString('base64'));

Verify a signature with a public key:

// verify a signature
const verified = virgilCrypto.verifySignature(messageToSign, signature, signingKeypair.publicKey);

Encrypt and decrypt data

Encrypt Data on a Public Key:

import { VirgilCrypto } from 'virgil-crypto';

const virgilCrypto = new VirgilCrypto();
const encryptionKeypair = virgilCrypto.generateKeys();

// prepare a message
const messageToEncrypt = 'Hello, Bob!';

// encrypt the message
const encryptedData = virgilCrypto.encrypt(messageToEncrypt, encryptionKeypair.publicKey);
// encryptedData is a NodeJS Buffer (or polyfill if in the browser)
console.log(encryptedData.toString('base64'));

Decrypt the encrypted data with a Private Key:

// decrypt the encrypted data using a private key
const decryptedData = virgilCrypto.decrypt(encryptedData, encryptionKeypair.privateKey);

// convert Buffer to string
const decryptedMessage = decryptedData.toString('utf8');

Need more examples? Visit our developer documentation.

Installation

NPM

The recommended way is to install from npm:

npm install virgil-crypto@next

Important! You will need Node.js version >= 4.5.0 < 5 or >= 6 to use virgil-crypto. If you have a different version, consider upgrading, or use nvm (or a similar tool) to install Node.js of supported version alongside your current installation.
If you only intend to use virgil-crypto in a browser environment, you can ignore this warning.

CDN

<script src="https://unpkg.com/virgil-crypto/dist/virgil-crypto.browser.umd.min.js"></script>
<script>
	// here you can use the global variable `VirgilCrypto` as a namespace object,
	// containing all of module exports as properties
	
	var virgilCrypto = new VirgilCrypto.VirgilCrypto();
	var keyPair = virgilCrypto.generateKeys();
	console.log(keyPair);
	
	// note that you cannot declare a variable named `crypto` in
	// global scope (i.e. outside of any function) in browsers that 
	// implement Web Crypto API
</script>

Pythia

Support for Pythia algorithms is considered experimental.

Usage

In Node.js:

const { VirgilPythiaCrypto } = require('virgil-crypto/dist/virgil-crypto-pythia.cjs');

const virgilPythiaCrypto = new VirgilPythiaCrypto();

const tweak = Buffer.from('my_tweak');
const { blindingSecret, blindedPassword } = virgilPythia.blind('pa$$w0rd');

const transformationKeyPair = virgilPythia.computeTransformationKeyPair({
	transformationKeyId: Buffer.from('my_transformation_key_id'),
	pythiaSecret: Buffer.from('my_pythia_secret'),
	pythiaScopeSecret: Buffer.from('my_pythia_scope_secret')
});

const { transformedPassword, transformedTweak } = virgilPythia.transform({
	blindedPassword,
	tweak,
	transformationPrivateKey: transformationKeyPair.privateKey
});

const { proofValueC, proofValueU } = virgilPythia.prove({
	transformedPassword,
	blindedPassword,
	transformedTweak,
	transformationKeyPair
});

const verified = virgilPythia.verify({
	transformedPassword,
	blindedPassword,
	tweak,
	transformationPublicKey: transformationKeyPair.publicKey,
	proofValueC,
	proofValueU
});

console.log(verified);

const deblinded = virgilPythia.deblind({
	transformedPassword,
	blindingSecret
});

console.log(deblinded);

For browser example, see examples/virgil-pythia.html.

Docs

License

This library is released under the 3-clause BSD License.

Support

Our developer support team is here to help you.

You can find us on Twitter or send us email support@VirgilSecurity.com.

Also, get extra help from our support team on Slack.