Easily encrypt/decrypt using the TweetNACL cryptographic library.
JavaScript
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
.gitignore
.travis.yml
LICENSE
README.md
index.js
package.json
test.js

README.md

Secure client-to-server messaging

Secure messaging between a client and a server using a shared secret key. This uses a 32 bit key and a random 20 bit nonce for encryping and signing the payload.

Uses the tweetnacl library.

Install

npm install https://github.com/peermusic/secure-client-server-messaging
var messaging = require('secure-client-server-messaging')

For reference see the Browserify Handbook.

Usage

var messaging = require('secure-client-server-messaging')

// Sign and encrypt the request payload with the given 32 bit key
var request = messaging.encrypt(payload, key);
// "request" is now an object {message: encryptedMessage, nonce: randomNonce}

// Get the decrypted and signature verified payload of a request object
var payload = messaging.decrypt(request, key);
// "payload" is now the original payload

Tests

npm test

Encryption & authentication flow

  1. Generate the message to the server
  2. Encrypt the message using secretbox with a random nonce and the private key and generate an object {message: encrypted-object-a, nonce: xxx}
  3. Send this object to the server
  4. The server decrypts object with the given nonce and the saved private key (this automatically verifies the signature)
  5. If the decryption and the signature check are valid, the request is continued as normal
  6. The server answers the same way a user would generate it's object and the user decrypts and verifies the signature before running like the server would before continuing as normal