The easiest way to keep your sensitive information safe encrypted in your NodeJS apps.
I just packaged the Gist code by Vance Lucas from his blog post into a NPM package
Vance Lucas: If your encryption method produces the same encrypted result given the same original text input, your encryption is broken. Yet this is what I see in most other examples around the web on how to do encryption in Node.js. Strong encryption should always produce a different output, even given the same exact input. into a NPM package. Learn more about the solution
npm install crypto-simple
Generate and put your encryption key in the database or in the .env file like in this INIT example. After that you can use it for encrypting and decrypting sensitive text strings in your app.
// INIT
const ch = require('crypto-simple');
// the key must be 256 bits (32 characters) use it to encrypt and decrypt your strings
// for example: crypto.key = ch.crypto.randomBytes(32);
require('dotenv').config();
ch.key = process.env.ENCRYPTION_KEY;
// ENCRYPTING
var encrypted_string = ch.encrypt("Some serious stuff");
console.log( 'encrypted: ' + encrypted_string );
// DECRYPTING
var decrypted_string = ch.decrypt(encrypted_string);
console.log( 'decrypted: ' + decrypted_string );
The package uses the built-in NodeJS crypto library. You can use all methods of it with the crypto method in this package:
See above:
crypto.key = ch.crypto.randomBytes(32);