@sequencemedia/crypto

Encrypt and decrypt in Node and Bash

Node

The package main exports two functions, encrypt and decrypt

import {
  encrypt,
  decrypt
} from '@sequencemedia/crypto'

encrypt

function encrypt(
  buffer: Buffer,
  secret: string,
  bytes?: number,
  algorithm?: string
): Buffer

Only buffer and secret are required

• buffer is the data to encrypt
• secret is the secret key to use for encryption

Both bytes and algorithm are optional

• bytes is the number of random bytes to use for the encryption initialisation vector. The default is 16
• algorithm is the algorithm to use for encryption. The default is aes-256-ctr

decrypt

function decrypt(
  buffer: Buffer,
  secret: string,
  bytes?: number,
  algorithm?: string
): Buffer

Only buffer and secret are required

• buffer is the data to decrypt
• secret is the secret key to use for decryption

Both bytes and algorithm are optional

• bytes is the number of bytes to slice from the buffer for the decryption initialisation vector. The default is 16
• algorithm is the algorithm to use for decryption. The default is aes-256-ctr

Bash

The package contains three scripts

1. crypto.sh
2. encrypt.sh
3. decrypt.sh

Script crypto.sh exports four functions to consume in your own Bash scripts

source ./crypto.sh

1. encrypt
2. decrypt
3. encrypt_directory
4. decrypt_directory

Scripts encrypt.sh and decrypt.sh can be executed at the command line

Bash functions

encrypt

Requires CRYPTO_KEY as a variable in the Bash environment and a file path to encrypt

CRYPTO_KEY='secret'
encrypted_file_data=$(encrypt "./file.txt")

CRYPTO_KEY='secret'
encrypt "./file.txt" > "./encrypted.txt"

decrypt

Requires CRYPTO_KEY as a variable in the Bash environment and a file path to decrypt

CRYPTO_KEY='secret'
file_data=$(decrypt "./encrypted.txt")

CRYPTO_KEY='secret'
decrypt "./encrypted.txt" > "./file.txt"

encrypt_directory

Requires CRYPTO_KEY as a variable in the Bash environment and a directory path to encrypt

• The first argument is the origin directory of files to encrypt
• The second argument is the destination directory for the encrypted files

CRYPTO_KEY='secret'
encrypt_directory "./directory" "./encrypted"

decrypt_directory

Requires CRYPTO_KEY as a variable in the Bash environment and a directory path to decrypt

• The first argument is the origin directory of files to decrypt
• The second argument is the destination directory for the decrypted files

CRYPTO_KEY='secret'
decrypt_directory "./encrypted" "./directory"

Bash scripts

encrypt.sh

Requires CRYPTO_KEY as a variable in the Bash environment

• You can provide either file or directory paths
• You can provide --verbose or -v

File paths

• A file origin path to encrypt
• A file destination path for the encrypted file

CRYPTO_KEY='secret' ./encrypt.sh \
  --origin "./file.txt" \
  --destination "./encrypted.txt"

Directory paths

• A directory origin path to encrypt
• A directory destination path for encrypted files

CRYPTO_KEY='secret' ./encrypt.sh \
  --origin "./directory" \
  --destination "./encrypted"

decrypt.sh

Requires CRYPTO_KEY as a variable in the Bash environment

• You can provide either file or directory paths
• You can provide --verbose or -v

File paths

• A file origin path to decrypt
• A file destination path for the decrypted file

CRYPTO_KEY='secret' ./decrypt.sh \
  --origin "./encrypted.txt" \
  --destination "./file.txt"

Directory paths

• A directory origin path to decrypt
• A directory destination path for decrypted files

CRYPTO_KEY='secret' ./decrypt.sh \
  --origin "./encrypted" \
  --destination "./directory"