encrypt-decrypt-file

Simple file encryption and decryption using AES-256-GCM with password-based key derivation (scrypt).

Features

- Strong Encryption: Uses AES-256-GCM for authenticated encryption
- Secure Key Derivation: Implements scrypt for password-based key derivation
- Simple API: Easy-to-use functions for encrypting and decrypting files
- CLI Support: Can be used as a command-line tool
- Node.js Native: Built with Node.js crypto module (Node 18+)

Installation

``bash
npm install @codegeekdevs/encrypt-decrypt-file
`

Usage

$3

`javascript
const { encryptFile, decryptFile } = require('encrypt-decrypt-file');

// Encrypt a file
encryptFile('./myfile.txt', 'my-secret-password', './myfile.txt.enc');

// Decrypt a file
decryptFile('./myfile.txt.enc', 'my-secret-password', './myfile-decrypted.txt');
`

$3

`bash


Encrypt a file

node encrypt-decrypt-file.js encrypt ./myfile.txt "my-secret-password"

Decrypt a file

node encrypt-decrypt-file.js decrypt ./myfile.txt.enc "my-secret-password"

Specify custom output path

node encrypt-decrypt-file.js encrypt ./myfile.txt "my-secret-password" ./custom-output.enc
`

API

$3

Encrypts a file using AES-256-GCM.

Parameters:
- inputPath (string): Path to the file to encrypt
- password (string): Password for encryption
- outputPath (string, optional): Output path for encrypted file. Defaults to ${inputPath}.enc

Returns: String - Path to the encrypted file

Example:
`javascript
const outputPath = encryptFile('./document.pdf', 'super-secret-password');
console.log(File encrypted at: ${outputPath});
`

$3

Decrypts a file that was encrypted with encryptFile.

Parameters:
- inputPath (string): Path to the encrypted file
- password (string): Password used for encryption
- outputPath (string, optional): Output path for decrypted file. Auto-generated if not provided

Returns: String - Path to the decrypted file

Example:
`javascript
const outputPath = decryptFile('./document.pdf.enc', 'super-secret-password');
console.log(File decrypted at: ${outputPath});
`

Technical Details

$3

- Algorithm: AES-256-GCM (Galois/Counter Mode)
- Key Length: 256 bits (32 bytes)
- IV Length: 96 bits (12 bytes)
- Auth Tag: 128 bits (16 bytes)

$3

- Function: scrypt
- Parameters:
- N: 16384
- r: 8
- p: 1
- Salt: 128 bits (16 bytes, randomly generated)

$3

Encrypted files have the following structure:
`
[ "ENC1" (4 bytes) | SALT (16 bytes) | IV (12 bytes) | CIPHERTEXT | AUTH TAG (16 bytes) ]
``

The "ENC1" magic bytes allow for format versioning.

Requirements

- Node.js 18.0.0 or higher

Security Considerations

- Always use strong, unique passwords
- Keep your passwords secure and never commit them to version control
- The security of the encrypted data depends entirely on the strength of your password
- Use environment variables or secure vaults for password management in production

License

MIT

Contributing

Issues and pull requests are welcome!

Author

David Faltermier, CodeGeek