This is a simple npm package for encryption and decryption of data. It can be used for encryption of UTF-8 data that needs to be decrypted at a later time. This package combines both diffiehellman and rsa encryption approach and you can choose any of them depending on your preference and requirements.
Below is a short feature:
- RSA Encryption with signatures (for secure, verifiable messaging)
- Diffie-Hellman key exchange (for secure shared secrets over public networks)
Built entirely on the Node.js crypto module — no file storage for keys (in-memory only).
- Generate RSA key pairs (in-memory)
- Sign and verify messages with RSA
- Encrypt and decrypt messages with RSA
- Perform secure Diffie-Hellman key exchange
- Encrypt and decrypt messages with shared Diffie-Hellman secrets
- Class-based, simple API
- No external dependencies
- Typescript Support
npm install altruist-encrypt
Or
yarn add altruist-encrypt
import { RSAEncryption } from "altruist-encrypt"
// Initialize
const rsa = new RSAEncryption()
// Generate key pair (public and private)
rsa.generateKeys()
const payload = "This is a sample test" or JSON.stringify({ name: "package" })
// Encrypt and sign (signature happens under the hood)
const encrypted: any = rsa.encrypt(JSON.stringify(payload))
console.log(encrypted)
// Decrypt and verify (verification happens under the hood)
const decrypted: any = rsa.decrypt(encrypted.data, encrypted.signature)
console.log(decrypted)
import { DiffieHellman } from "altruist-encrypt"
// Initialize
const encryption = new DiffieHellman()
// Generate initiator (sender) keys
const initiatorKeys = await encryption.getInitiatorKeys()
const payload = "This is a sample test" or JSON.stringify({ name: "package" })
// Encrypt
const encrypted = await encryption.encrypt(initiatorKeys.publicKey, payload)
console.log(encrypted)
// Decrypt
const decrypted: any = await encryption.decrypt(encrypted.pubKey, { payload: encrypted.payload, salt: encrypted.salt })
console.log(decrypted)
new RSAEncryption()
Creates a new RSA handler instance
.generateKeys()
Generates an RSA public-private key pair in memory
- Return void
.encrypt()
Encrypts and signs a message using RSA.
-
Parameters:
- payload(string): Message to encrypt
-
Returns:
- { data: string; signature: string }
-
data
: Base64 encrypted payload -
signature
: Base64 signature of original message
-
- { data: string; signature: string }
.decrypt(encryptedData: string, signature: string)
Decrypts and verifies a message.
-
Parameters:
-
encryptedData(string)
: Base64-encoded encrypted message -
signature(string)
: Base64-encoded signature.
-
-
Returns:
- On success: Decrypted string
- On failure:
{ error: string }
new DiffieHellmanEncryption()
Creates a new Diffie-Hellman encryption instance
.getInitiatorKeys()
-
Returns:
- { publicKey: string, secretKey: string }
-
publicKey
: Hexadecimal-encoded shared public key -
secretKey
: Hexadecimal-encoded shared secret key (should be ignored)
-
- { publicKey: string, secretKey: string }
.encrypt(payload: string)
Encrypts a message using the shared secret key (e.g., AES derived from the secret)
-
Parameters:
-
payload(string)
: Plaintext to encrypt
-
-
Returns: { payload: string, salt: string, pubKey: string } | { error: string }
-
On success:
-
payload(string)
: Hexadecimal encrypted text -
salt(string)
: Random string used for salting -
pubKey
: Base64-encoded sender's public key. Needed to get the secret key from memory
-
-
On failure:
-
error
: String returned if public key cannot be found in memory
-
-
On success:
.decrypt(publicKey, { payload:string, salt: string })
Decrypts a ciphertext using the shared secret key
-
Parameters:
-
publicKey(string)
: Base64-encoded shared public key returned from encryption response -
payload(string)
: Hexadecimal encrypted text returned from encryption response -
salt
: Random string returned from encryption response
-
-
Returns: string | { error: string }
- On success: Decrypted string
- On failure:
{ error: string }
-
RSA:
- Ensures confidentiality via encryption
- Ensures authenticity and integrity via signature verification
-
Diffie-Hellman:
- Enables secure key exchange even over insecure networks
- Does not provide authentication — you should combine with signatures if needed
- This package is designed for ephemeral communication — no keys are saved to files
- RSA operations are synchronous, suitable for most short-lived, lightweight encryption tasks
MIT License