Skip to main content
Version: 9.2605.x.x RR

Encrypter

The Encrypter class is intended for integrators without basic knowledge of cryptography.

Added features compared to Crypto class:

  • A basic KDF function is used to generate proper encryption keys based on arbitrary length passwords.
  • Randomized IVs are automatically used.
  • The ciphered data is Base64 encoded internally.

Class function

nevis.crypto.encrypter.new(password)

Instantiates a new encrypter object. Password length is arbitrary; longer passwords offer higher entropy. The password is interpreted as an ASCII string (1 byte per character), but is not limited to ASCII characters. For non-ASCII values, use \x01\xFF; the password must not contain \x00.

  • password: The encryption password.

Sample:

cryptoEngine = nevis.crypto.encrypter.new("12345678901234567890123456789012")

Object methods

cipher = encrypter:encrypt(data)

Encrypts the given data using AES-128 CBC. The input is interpreted as an ASCII string (1 byte per character), but is not limited to ASCII characters. For non-ASCII values, use \x00\xFF. The result is always text-based (Base64 encoded). The output of repeated encrypt calls may be different with the same input, as the random salt makes them highly likely to be different.

Sample:

cipher = encrypter:encrypt("hello world")

decoded, decryptStatus = encrypter:decrypt(data)

Decrypts the given data. Returns the decoded data and a status string: "ok" on success, "error" on failure.

Sample:

data, decryptStatus = encrypter:decrypt(cipher)

Example

local cryptoPass = "12345678901234567890123456789012"
local cryptoEngine = nevis.crypto.encrypter.new(cryptoPass)
local encryptedData = cryptoEngine:encrypt("SecretData100")
local plaintext, decryptStatus = cryptoEngine:decrypt(ciphertext)
if decryptStatus == "ok" then
--Decryption successful
else
--Decryption failed
end

You can find an example configuration in examples/various/LuaFilter_encrypt_store.example in the installed nevisProxy package.