Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

easy crypto for javascript

branch: master

Fetching latest commit…

Octocat-spinner-32-eaf2f5

Cannot retrieve the latest commit at this time

Octocat-spinner-32 vendor
Octocat-spinner-32 .gitignore
Octocat-spinner-32 README.textile
Octocat-spinner-32 ezcrypto.js
Octocat-spinner-32 node-test.js
Octocat-spinner-32 test.html
README.textile

EzCrypto.js – Easy to use Crypto for JavaScript

This is a nice and usable DSL that wraps some JavaScript encryption libraries from some awesome folks:

I didn’t write any of the encryption libraries, I just wrapped them in a nice and easy to understand DSL that is inspired by the EzCrypto Ruby gem.

WARNING: JavaScript crytography is still more or less the wild west. See this article for a pretty decent explanation of what you are getting yourself into. Use at your own risk.

Usage

Loading the libraries

When you load ezcrypto.js it will include the JavaScript encryption libraries from vendor/. In the future this might turn into one big CommonJS style module.

  
    <script src="ezcrypto.js"></script>
  

Generating a key and encrypting data using that key

The most secure type of key is the randomly generated key:

  
    <script src="ezcrypto.js"></script>
    
    // generate an RSA keypair
    var key = ezcrypto.generateKey();
    => {"private": "3521df…", "public": "95d8cf…"}
    
    // encrypt a message with your key
    // under the hood, this AES encrypts your message using your RSA key
    // because AES works better with larger chunks of data than RSA
    var encryptedData = ezcrypto.encrypt('secrets', key);
    => {"key": "8170f7…", "message": "72308a…"}
    
    // decrypt the encrypted data with your key
    ezcrypto.decrypt(encryptedData, key));
    => 'secrets'
  

Generating a key with a password and encrypting data using that password

You can also use a password to encrypt data, in case you don’t want to store keys and instead want to remember passwords. This is obviously less secure since rememberable passwords are much much shorter than RSA keys. The generateKey method simply creates JavaScript Objects.

      
    // generate an RSA keypair and immediately encrypt the users password using the RSA key.
    var key = ezcrypto.generateKey('my_awesome_password');
    => {"private": "3521df…", "public": "95d8cf…", "encryptedPassword": "823jbv…"}
    
    // encrypting and decrypting messages works the same
    var encryptedData = ezcrypto.encrypt('secrets', key);
    => {"key": "2j9svs…", "message": "393bb3…"}
    
    ezcrypto.decrypt(encryptedData, key));
    => 'secrets'
  

Open test.html in a browser and check console output for a demo.

License

The MIT License

Copyright © 2010 Max Ogden and Tyler Gillies

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the “Software”), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.

Something went wrong with that request. Please try again.