Important: This documentation covers Yarn 1 (Classic).
For Yarn 2+ docs and migration guide, see yarnpkg.com.

Package detail

altruist-encrypt

Sir-Altruist200ISC1.0.4TypeScript support: included

RSA and Diffie-Hellman encryption library for Node.js

encrypt, decrypt, encryption, decryption, security, rsa, diffie-hellman, altruist-encrypt

readme

altruist-encrypt

This is a simple npm package for encryption and decryption of data. It can be used for encryption of UTF-8 data that needs to be decrypted at a later time. This package combines both diffiehellman and rsa encryption approach and you can choose any of them depending on your preference and requirements.

⚠️ Note: This package is only compatible with Node.js environments. It does not support frontend frameworks like React or Angular.

Below is a short feature:

  • RSA Encryption with signatures (for secure, verifiable messaging)
  • Diffie-Hellman key exchange (for secure shared secrets over public networks)

Built entirely on the Node.js crypto module — no file storage for keys (in-memory only).

Features

  • Generate RSA key pairs (in-memory)
  • Sign and verify messages with RSA
  • Encrypt and decrypt messages with RSA
  • Perform secure Diffie-Hellman key exchange
  • Encrypt and decrypt messages with shared Diffie-Hellman secrets
  • Class-based, simple API
  • No external dependencies
  • Typescript Support

Installation

npm install altruist-encrypt

Or 

yarn add altruist-encrypt

Quick Start

RSA Encryption

import { RSAEncryption } from "altruist-encrypt"

// Initialize
const rsa = new RSAEncryption()

// Generate key pair (public and private)
rsa.generateKeys()

const payload = "This is a sample test" or JSON.stringify({ name: "package" })

// Encrypt and sign (signature happens under the hood)
const encrypted: any = rsa.encrypt(JSON.stringify(payload))
console.log(encrypted) 

// Decrypt and verify (verification happens under the hood)
const decrypted: any = rsa.decrypt(encrypted.data, encrypted.signature)
console.log(decrypted)

Diffie-Hellman

import { DiffieHellman } from "altruist-encrypt"

// Initialize
const encryption = new DiffieHellman()

// Generate initiator (sender) keys
const initiatorKeys = await encryption.getInitiatorKeys()

const payload = "This is a sample test" or JSON.stringify({ name: "package" })

// Encrypt
const encrypted = await encryption.encrypt(initiatorKeys.publicKey, payload)
console.log(encrypted) 

// Decrypt
const decrypted: any = await encryption.decrypt(encrypted.pubKey, { payload: encrypted.payload, salt: encrypted.salt })
console.log(decrypted)

API Reference

RSA Encryption

new RSAEncryption()
Creates a new RSA handler instance

.generateKeys()
Generates an RSA public-private key pair in memory

  • Return void

.encrypt()
Encrypts and signs a message using RSA.

  • Parameters:
    • payload(string): Message to encrypt
  • Returns:
    • { data: string; signature: string }
      • data: Base64 encrypted payload
      • signature: Base64 signature of original message

.decrypt(encryptedData: string, signature: string)
Decrypts and verifies a message.

  • Parameters:
    • encryptedData(string): Base64-encoded encrypted message
    • signature(string): Base64-encoded signature.
  • Returns:
    • On success: Decrypted string
    • On failure: { error: string }

Diffie-Hellman

new DiffieHellmanEncryption()
Creates a new Diffie-Hellman encryption instance

.getInitiatorKeys()

  • Returns:
    • { publicKey: string, secretKey: string }
      • publicKey: Hexadecimal-encoded shared public key
      • secretKey: Hexadecimal-encoded shared secret key (should be ignored)

.encrypt(payload: string)
Encrypts a message using the shared secret key (e.g., AES derived from the secret)

  • Parameters:
    • payload(string): Plaintext to encrypt
  • Returns: { payload: string, salt: string, pubKey: string } | { error: string }
    • On success:
      • payload(string): Hexadecimal encrypted text
      • salt(string): Random string used for salting
      • pubKey: Base64-encoded sender's public key. Needed to get the secret key from memory
    • On failure:
      • error: String returned if public key cannot be found in memory

.decrypt(publicKey, { payload:string, salt: string }) Decrypts a ciphertext using the shared secret key

  • Parameters:
    • publicKey(string): Base64-encoded shared public key returned from encryption response
    • payload(string): Hexadecimal encrypted text returned from encryption response
    • salt: Random string returned from encryption response
  • Returns: string | { error: string }
    • On success: Decrypted string
    • On failure: { error: string }

Security Notes

  • RSA:

    • Ensures confidentiality via encryption
    • Ensures authenticity and integrity via signature verification

  • Diffie-Hellman:

    • Enables secure key exchange even over insecure networks
    • Does not provide authentication — you should combine with signatures if needed

Note

  • This package is designed for ephemeral communication — no keys are saved to files
  • RSA operations are synchronous, suitable for most short-lived, lightweight encryption tasks

Licesne

MIT License