altruist-encrypt

This is a simple npm package for encryption and decryption of data. It can be used for encryption of UTF-8 data that needs to be decrypted at a later time. This package combines both diffiehellman and rsa encryption approach and you can choose any of them depending on your preference and requirements.

⚠️ Note: This package is only compatible with Node.js environments. It does not support frontend frameworks like React or Angular.

Below is a short feature:
- RSA Encryption with signatures (for secure, verifiable messaging)
- Diffie-Hellman key exchange (for secure shared secrets over public networks)

Built entirely on the Node.js crypto module — no file storage for keys (in-memory only).

Features

- Generate RSA key pairs (in-memory)
- Sign and verify messages with RSA
- Encrypt and decrypt messages with RSA
- Perform secure Diffie-Hellman key exchange
- Encrypt and decrypt messages with shared Diffie-Hellman secrets
- Class-based, simple API
- No external dependencies
- Typescript Support

Installation

``
npm install altruist-encrypt
`
Or

`
yarn add altruist-encrypt
`

Quick Start

$3

`
import { RSAEncryption } from "altruist-encrypt"

// Initialize
const rsa = new RSAEncryption()

// Generate key pair (public and private)
rsa.generateKeys()

const payload = "This is a sample test" or JSON.stringify({ name: "package" })

// Encrypt and sign (signature happens under the hood)
const encrypted: any = rsa.encrypt(JSON.stringify(payload))
console.log(encrypted)

// Decrypt and verify (verification happens under the hood)
const decrypted: any = rsa.decrypt(encrypted.data, encrypted.signature)
console.log(decrypted)
`

$3

`
import { DiffieHellman } from "altruist-encrypt"

// Initialize
const encryption = new DiffieHellman()

// Generate initiator (sender) keys
const initiatorKeys = await encryption.getInitiatorKeys()

const payload = "This is a sample test" or JSON.stringify({ name: "package" })

// Encrypt
const encrypted = await encryption.encrypt(initiatorKeys.publicKey, payload)
console.log(encrypted)

// Decrypt
const decrypted: any = await encryption.decrypt(encrypted.pubKey, { payload: encrypted.payload, salt: encrypted.salt })
console.log(decrypted)
`

API Reference

$3

new RSAEncryption()

Creates a new RSA handler instance

.generateKeys()

Generates an RSA public-private key pair in memory
- Return void

.encrypt()

Encrypts and signs a message using RSA.
- Parameters:
- payload(string): Message to encrypt
- Returns:
- { data: string; signature: string }
- data: Base64 encrypted payload
- signature: Base64 signature of original message

.decrypt(encryptedData: string, signature: string)

Decrypts and verifies a message.
- Parameters:
- encryptedData(string): Base64-encoded encrypted message
- signature(string): Base64-encoded signature.
- Returns:
- On success: Decrypted string
- On failure: { error: string }

$3

new DiffieHellmanEncryption()

Creates a new Diffie-Hellman encryption instance

.getInitiatorKeys()
- Returns:
- { publicKey: string, secretKey: string }
- publicKey: Hexadecimal-encoded shared public key
- secretKey: Hexadecimal-encoded shared secret key (should be ignored)

.encrypt(payload: string)

Encrypts a message using the shared secret key (e.g., AES derived from the secret)
- Parameters:
- payload(string): Plaintext to encrypt
- Returns: { payload: string, salt: string, pubKey: string } | { error: string }
- On success:
- payload(string): Hexadecimal encrypted text
- salt(string): Random string used for salting
- pubKey: Base64-encoded sender's public key. Needed to get the secret key from memory
- On failure:
- error: String returned if public key cannot be found in memory

.decrypt(publicKey, { payload:string, salt: string })
Decrypts a ciphertext using the shared secret key
- Parameters:
- publicKey(string): Base64-encoded shared public key returned from encryption response
- payload(string): Hexadecimal encrypted text returned from encryption response
- salt: Random string returned from encryption response
- Returns: string | { error: string }
- On success: Decrypted string
- On failure: { error: string }`

Security Notes

- RSA:
- Ensures confidentiality via encryption
- Ensures authenticity and integrity via signature verification

- Diffie-Hellman:
- Enables secure key exchange even over insecure networks
- Does not provide authentication — you should combine with signatures if needed

Note

- This package is designed for ephemeral communication — no keys are saved to files
- RSA operations are synchronous, suitable for most short-lived, lightweight encryption tasks

Licesne

MIT License