I am trying to encrypt a file using crypto module in Node.js before uploading it to IPFS. I want to have the same result every time I encrypt the same file so I computed the hash of the file using crypto.createHash().
For encrypting the file, right now I'm using the crypto.createCipheriv(). I wanted to know if there are other ways to encrypt a file without the iv? I wanted to just use the hash I computed to encrypt the file to ensure that I get the same result every time.
I'm using Node.js v16.14.0
Related
I'm using node:crypto API, namely createCipheriv() and createDecipheriv() with aes-256-gcm cipher to encode/decode a stream of data. However, it looks like I need to call decipher.setAuthTag() in order to decode the stream correctly, otherwise it throws an authentication error in the end (however the data is decoded correctly).
Is there a way to avoid using the authentication checks with this cipher? I'm using streams of data and it's very inconvenient to store auth tag with the data (I'm using multiple storage options, one of which is a plain filesystem). The data consistency can be checked by other means.
Or maybe you could recommend a universal auth tag storage option that I could use with streams (which doesn't require random access and rewind)?
You need to use the auth tag if you are using GCM. GCM is CTR with authentication built in, you could look into using a CTR cipher Node Forge has this option.
Alternatively, you could append your tag to your ciphertext and store everything together? Not sure what the details of your storage system are that make that inconvenient.
I have a set of passwords which I have saved in git repo. But I want to keep the file always encrypted. But in my automation, I should be able to decrypt and read data from that file.
Any idea how its possible ?
I read some articles about how to protect files with encryption on the ipfs network. If i understand ipfs correctly, without knowing file hash you can not get file on ipfs network(maybe i am wrong).
My question
Is it possible to get a file without knowing file hash? If not why we need to encrypt files on the network(i assume that file hash is known by only file owner)?
If you do not encrypt the data, then whoever is in control of the IPFS node can very easily just look at the data. If you want to be reasonably sure that only the appropriate people can view a piece of data, you need to encrypt it in some way.
I'm building an electron app and want to secure the stored user settings
my idea is that the user chooses a password on first startup and that all his config values are stored encrypted on the disk
if he starts the app he has to enter the password, i decrypt the data and can forget the password. changes to the config will then be encrypted by a corresponding public key
is there a solution to build that with the native nodejs crypto module?
if yes, which is the right algorithm for this?
i thought it would be a "simple" rsa implementation but looking at the docs i cant find any key generation method which takes a password as input?
I'm trying to implement encrypt our documents in OpenKM. I used setEncryption method with some cipher text and OpenKM shows me with encrypted icon. I'm confused whether its really encrypted or not.
Im able to download without any cipher text from OpenKM front End and API
Im able to preview it in OpenKM front End
How does it work and How can I make sure its really encrypted or not.
I found the resolution for my problem. We don't have any option for encryption/decryption in OpenKM via API, though we have option via OpenKM front end tool.
So we should write our own mechanism for encryption/decryption and flag them as encrypted in OpenKM. I used Java Cryptographic Extension (JCE) framework and stored the encrypted file in OpenKM by flag it as encrypted and downloaded the file then did decryption