Important: This documentation covers Yarn 1 (Classic).
For Yarn 2+ docs and migration guide, see yarnpkg.com.

Package detail

simple-crypto-js

danang-id79.6kMIT3.0.1TypeScript support: included

Simplify AES encryption and decryption of any JavaScript objects, implementing crypto-js library.

readme

SimpleCrypto

GitHub Release Build Distribution Coverage Status Dependencies Status

NPM Version License Monthly Downloads

SimpleCrypto is a JavaScript library that simplify the process of encryption and decryption of JavaScript objects, as simple as just calling encrypt() and decrypt() function. This library implements brix's crypto-js library. This library is pure JavaScript library built with TypeScript targeting CommonJS ECMAScript 5 (ES5), so it is compatible with most NodeJS back-end applications or JavaScript front-end (client browser).

Breaking Changes

v2.3.0: New Algorithm

SimpleCrypto v2.3.0 onward will use a new algorithm, because the older one was vulnerable to chosen cipher attack. Any data that encrypted using v2.2.0 and earlier will NOT be able to be decrypted using v2.3.0 onward; vice versa: data encrypted using v2.3.0 onward will NOT be able to be decrypted using v2.2.0 and earlier.

v3.0.0: New Native Crypto Module

SimpleCrypto v3.0.0 onward will use new crypto-js dependency version ^4.0.0. This version of crypto-js replaces Math.random() method with native crypto module. Because of this, SimpleCrypto might not be able to run on some environments without native crypto module support, such as IE 10 (and earlier) or React Native.

Please read more here.

List of Contents

What's New?

What's New in 3.0.1 (latest current)

  • Upgrade crypto-js dependency to version 4.1.1.
  • Improving typings.

What's New in 2.5.1 (latest legacy)

  • Improving typings.

For full change-log, please refer to CHANGELOG file.

Getting Started

This library is available through jsDelivr CDN and package manager (like npm or yarn).

Vanilla JavaScript + HTML

To get started, add SimpleCrypto script to your HTML page. Only legacy version of SimpleCrypto is supported.

<head>
    <!-- Another line -->
    <script src="//cdn.jsdelivr.net/npm/simple-crypto-js@legacy/dist/SimpleCrypto.min.js"></script>
    <!-- Another line -->
</head>

Then, your script section, you may use SimpleCrypto as Class to create a new SimpleCrypto instance.

<body>
<!-- Another line -->
<script lang="js">
    var simpleCrypto = new SimpleCrypto("a very secret key")
    <!-- Do your cryptographic logic here  -->
</script>
<!-- Another line -->
</body>

NodeJS

If you are using NodeJS, add simple-crypto-js as your project dependency.

# If you're using NPM
npm install --save simple-crypto-js

# If you're using Yarn
yarn add simple-crypto-js

Then, include SimpleCrypto your project.

var SimpleCrypto = require("simple-crypto-js").default

If you are using Babel or TypeScript that support import statement, you could go that way.

import SimpleCrypto from "simple-crypto-js"

How to Use SimpleCrypto

Full documentation about SimpleCrypto API is available here.

Built With

Written in TypeScript, built into ECMAScript 5 using the TypeScript compiler and webpack bundler.

Contribution

To contribute, simply fork this project, and issue a pull request. However, before issuing a pull request, you have to make sure that your changes will not break current API, its parameter and its expected output.

You may test your changes by running the test script.

npm run test

If all tests were passed, you are good to go.

Version Management

We use Semantic Versioning for version management. For the versions available, see the tags on this repository.

Authors

  • Danang Galuh Tegar Prasetyo - Initial work - danang-id

See also the list of contributors who participated in this project.

License

This project is licensed under the MIT License - see the LICENSE file for details

Acknowledgments

  • This library was developed to support and simplify the Secure Cookies library.
  • Made available by open source and of course brix's crypto-js library

changelog

Changes Log (What's New)

Latest Current: Latest Version Latest Legacy: Legacy Version

What's New in 3.0.1 (latest current)

  • Upgrade crypto-js dependency to version 4.1.1.
  • Improving typings.
  • Add eslint and prettier for code cleaning.
  • Upgrade devDependencies.

What's New in 2.5.1 (latest legacy)

  • Improving typings.
  • Add eslint and prettier for code cleaning.
  • Upgrade devDependencies.

What's New in 3.0.0

  • Upgrade crypto-js dependency to version 4.0.0. This version of crypto-js replaces Math.random() method with native crypto module, and will cause breaking changes in some environments that does not support native crypto module, like IE 10 earlier and React Native. If you are affected by these changes, please use SimpleCrypto ^2.5.0.

What's New in 2.5.0

  • As the same with 2.4.1, but rollback crypto-js dependency to version 3.3.0 to maintain compatibility with environment that does not support native crypto module.

What's New in 2.4.2

  • Removed empty string check to allow decryption and encryption on empty string (as suggested by @TransmissionsDev on issue#21).

What's New in 2.4.1

  • Fix a bug on type detection mechanism where a string that begins with number detected as number when decryption, thus cutting the rest of the string result (thanks @TransmissionsDev).

What's New in 2.4.0

  • Added data type detection. Decryption process will now return data with its proper data type. For now, object, string, number and boolean are supported.
  • Added append() and update() functions, both to append and update the data buffer respectively.
  • Added overload functions for decrpyt() and encrypt().
  • Added initial support for encoding (see static variable SimpleCrypto.encoders). However, for now, it only supports UTF-8 even if you set another encoder.
  • Added chaining functions support. Functions that initially have no return, like append(), update(), setSecret(), setEncoder(), now will returning its instance.
  • Added static function SimpleCrypto.generateRandomString() and SimpleCrypto.generateRandomWordArray().

What's New in 2.3.1

  • Fix npm dependencies security audit.

What's New in 2.3.0

  • Fix chosen cipher text attacks vulnerability (thanks @paragonie-scott and @adi928).
  • Upgrade crypto-js to version 4.0.0.
  • Fix security risk in dev dependencies by upgrading them.

What's New in 2.2.0

  • Fix CDN release, setting webpack output as UMD with default library name of SimpleCrypto.
  • CDN now have two files you may use, the distribution file and minified distribution one.

What's New in 2.1.3

  • Fix jsDelivr link

What's New in 2.1.2

  • Update missing file in NPM release.

What's New in 2.1.0

  • Update dependency.
  • Fix missing web bundler as distribution build tool for the Web (using webpack).
  • Use of partial import instead of full import to minimise the size of distributed build file .

What's New in 2.0.2

  • Bugs fixed.
  • Remove gulp.

What's New in 2.0.1

  • Add coverage service.

What's New in 2.0.0

  • Using only these functions to encrypt or decrypt: encrypt() and decrypt() (accepts string, object, number, or boolean data type). Function encryptObject() and decryptObject() is in deprecation as these functions are enough.
  • Securing instance's properties from public access. Access to instance properties, like instance.secret, is not allowed anymore.
  • New TypeScript definition file of this library is now available.
  • Fixed documentation (typos, diction, etc).
  • For contributors: Using mocha, chai and coveralls to create full unit-testing of the library. You could see testing result on top of this README.
  • For contributors: Using gulp to compile the TypeScript source code into JavaScript ES5.

What's New in 1.0.0

  • Initial release