miniLockLib

miniLockLib is a little miniLock library for ECMAScript. It supplies you with a set of functions to perform miniLock encryption operations in a web agent window or a Node.js environment.

The source code repository is hosted at GitHub where you might go to discuss issues and propose changes. Or you might read the annotated code and run the test suite if you are particularly interested in the details.

Checkout a few examples:

is it a miniLock ID?
Get source code
It is a miniLock ID
miniLock ID inspector
Get source code
Inspector with demonstration input
miniLock file format
Get source code
miniLock file format version 2

HTML Setup

Get miniLockLib.js and add it to your web page with a <script> tag: 

<head>
  <title>Untitled</title>
  <script src="miniLockLib.js" charset="UTF-8"></script>
  <link rel="stylesheet" href="stylesheet.css">
</head>

miniLockLib is defined on window when the script loads.

Node.js Setup

Run npm install minilocklib to add the package to your project. Once it is installed you can require the module in your program like so: 

miniLockLib = require("minilocklib")

Now you are all ready to perform miniLock encryption operations!

makeKeyPair

miniLockLib.makeKeyPair(secretPhrase, emailAddress, callback)

Generates a key pair from a secretPhrase and emailAddress. Returns a KeyPairOperation. Your callback should be prepared to receive a set of keys or an error. 

secretPhrase = document.querySelector("#secret_phrase_input").value
emailAddress = document.querySelector("#email_address_input").value

miniLockLib.makeKeyPair(secretPhrase, emailAddress, function(error, keys){
  if (keys) {
    keys.publicKey is a Uint8Array
    keys.secretKey is a Uint8Array
  } else {
    error is a String
  }
})

secretPhrase and emailAddress are both tested to ensure they meet miniLock’s input requirements. If either input is unacceptable your callback will receive one of the following error strings:

If all the input is OK your callback will receive a set of keys when the operation is complete. It typically takes two-to-three seconds to complete a key pair operation.

encrypt

miniLockLib.encrypt({data, name, keys, miniLockIDs, callback})

Make a miniLock file. Returns a EncryptOperation. 

miniLockLib.encrypt({
  data: new Blob(["Hello World"]),
  name: 'Secret Greeting.txt'
  keys: {publicKey: Uint8Array, secretKey: Uint8Array},
  miniLockIDs: [aliceID, bobbyID, ...]
  callback: function(error, encrypted) {
    if (encrypted) {
      encrypted.data is a Blob
      encrypted.data.name is 'Secret Greeting.txt.minilock'
      encrypted.data.type is 'application/minilock'
      encrypted.senderID identifies the owner of the encryption keys
    } else {
      error is a String
    }
  }
})

miniLockLib.encrypt accepts the following parameters:

Potential error strings are as follows:

decrypt

miniLockLib.decrypt({data, keys, callback})

Unlock a miniLock file. Returns a DecryptOperation. 

miniLockLib.decrypt({
  data: encrypted.data,
  keys: {publicKey: Uint8Array, secretKey: Uint8Array},
  callback: function(error, decrypted) {
    if (decrypted) {
      decrypted.data is a Blob
      decrypted.name is the filename as a String
      decrypted.senderID identifies the author of the encrypted file
    } else {
      error is a String
    }
  }
})

miniLockLib.decrypt accepts the following parameters:

Potential error strings are as follows:

SecretPhrase

The secret phrase module supplies an acceptance test to validate secret phrase input.

SecretPhrase.isAcceptable

miniLockLib.SecretPhrase.isAcceptable(secretPhrase)

Validates a secret phrase input String. Returns true or false. The secretPhrase must be at least 32 characters long and it must contain at least 100 bits of entropy.

EmailAddress

The email address module supplies an acceptance test to validate email address input.

EmailAddress.isAcceptable

miniLockLib.EmailAddress.isAcceptable(emailAddress)

Validates an email address input String. Returns true or false.

ID

The identification module provides functions for encoding (and decoding) miniLock IDs and it also includes an acceptance test to validate ID input.

ID.encode

miniLockLib.ID.encode(publicKey)

Encode a 32-bit public key to a miniLock ID.

ID.decode

miniLockLib.ID.decode(miniLockID)

Decode a miniLock ID to a 32-bit public key.

ID.isAcceptable

miniLockLib.ID.isAcceptable(miniLockID)

Validate a miniLock ID string, returns true or false.

EncryptOperation

new miniLockLib.EncryptOperation(params)

Encrypt operations make miniLock files.

The constructor accepts data, name, keys and miniLockIDs parameters or you can define them on the operation before you call start.

EncryptOperation::data

encryptOperation.data = blob

data is a Blob or File instance.

EncryptOperation::name

encryptOperation.name = "secret_filename.txt"

Defines the filename.

EncryptOperation::miniLockIDs

encryptOperation.miniLockIDs = [aliceID, bobbyID, ...]

Defines who is permitted to unlock this file.

EncryptOperation::keys

encryptOperation.keys = keys

Defines the key pair that will be used to lock this file.

EncryptOperation::start

encryptOperation.start(callback)

Start the operation and define a callback that will receive encrypted.data when the operation is complete or an error when there is a failure. 

encryptOperation.start(function(error, decrypted){
  if (decrypted) {
    encrypted.data is a Blob
    encrypted.name is the filename as a String
    encrypted.senderID identifies the author of the encrypted file.
  } else {
    console.error(error)
  }
})

If the operation fails your callback will receive one of the following error strings:

DecryptOperation

new miniLockLib.DecryptOperation(params)

Decrypt operations unlock miniLock files.

The constructor accepts data and keys parameters or you can define them on the operation before you call start. 

decryptOperation = new miniLockLib.DecryptOperation({
  data: new Blob
  keys: {publicKey:, secretKey:}
})

DecryptOperation::data

decryptOperation.data = blob

Defines the data that should be decrypted.

DecryptOperation::keys

decryptOperation.keys = keys

Defines the public–secret key pair that should be used to unlock this file.

DecryptOperation::start

decryptOperation.start(callback)

Start the operation and define a callback that will receive decrypted.data when the operation is complete or an error when there is a failure. 

decryptOperation.start(function(error, decrypted){
  if (decrypted) {
    decrypted.data is a Blob
    decrypted.name is the filename as a String
    decrypted.senderID identifies the author of the encrypted file.
  } else {
    console.error(error)
  }
})

If the operation fails your callback will receive one of the following error strings:

KeyPairOperation

new miniLockLib.KeyPairOperation(params)

Key pair operations generate a set of keys from a secret phrase and email address.

The constructor accepts secretPhrase and emailAddress input parameters. 

keyPairOperation = new miniLockLib.KeyPairOperation({
  secretPhrase: "lions and tigers are not the only ones i am worried about"
  emailAddress: "alice@example.com"
})

Or you may define them on the instance before calling start. 

keyPairOperation = new miniLockLib.KeyPairOperation
keyPairOperation.secretPhrase = "lions and tigers are not the only ones i am worried about"
keyPairOperation.emailAddress = "alice@example.com"
keyPairOperation.start(...)

KeyPairOperation::secretPhrase

keyPairOperation.secretPhrase = secretPhrase

Should be a String. Becomes the secret that is used to derive a set of keys. The phrase must be at least 32 characters long and it must contain at least 100 bits of entropy.

KeyPairOperation::emailAddress

keyPairOperation.emailAddress = emailAddress

Should be a String. Becomes the salt that is used to derive a set of keys.

KeyPairOperation::start

keyPairOperation.start(callback)

Start the operation and define a callback that will receive a set of keys when the operation is complete or an error when there is a failure. 

keyPairOperation.start(function(error, keys){
  if (keys) {
    keys.publicKey is a Uint8Array
    keys.secretKey is a Uint8Array
  } else {
    error is a String
  }
})

The secretPhrase and emailAddress inputs are both tested at startup to ensure they meet miniLock’s requirements. If either input is unacceptable your callback will receive one of the following error strings:

If boths inputs are OK your callback will receive a set of keys when the operation is complete. It typically takes two-to-three seconds to complete a key pair operation.

Special Extras

miniLockLib is composed of code from several dandy projects. All of these fine modules are exposed so that you can easily apply their functions in your own computer programs.

Base58

miniLockLib.Base58 is a copy of undefined’s Base58 package which is a derivative of cryptocoinjs’s bs58. Base58 is used to encode and decode miniLock IDs.

BLAKE2s

miniLockLib.BLAKE2s is a wrapper around Dmitry Chestnykh’s BLAKE2s cryptographic hash function. miniLockLib extends the original constructor to expose a modestly more convenient interface for its purposes. The interface is identical to Dmitry’s version, with two exceptions:

  1. miniLockLib’s BLAKE2s constructor accepts a params object instead of two distinct arguments. Construct a new BLAKE2s instance of with code in this form: hash = new miniLockLib.BLAKE2s({length:Number, key:Uint8Array}). The length parameter should be a Number between 1 and 32. The key parameter is an optional Uint8Array of bytes.
  2. Update the instance with hash.update(data) where data is a Uint8Array of bytes. miniLockLib’s version of update returns the hash instance to facilitate method chaining. (Dmitry’s version returns undefined).

Entropizer

miniLockLib.Entropizer is Jonathan Rees’s tiny password entropy calculator. miniLockLib relies on Entropizer to measure entropy in secret phrases.

NaCl

miniLockLib.NaCl is the tweetnacl-js crypto library written by Dmitry Chestnykh & Devi Mandiri. This instance of NaCl is extended with Dmitry’s streaming encryption library which is defined at NaCl.stream. miniLockLib relies on NaCl for a host of cryptographic and encoding functions.

scrypt

miniLockLib.scrypt is a copy of scrypt-async.js from the scrypt-async-js project written by Mr. Chestnykh once again. scrypt derives a key pair from a secret and a salt with the curve25519 encryption scheme. miniLockLib relies on scrypt to make key pairs.

Friendly Giants

We send magic seahorses to Dmitry Chestnykh & Nadim Kobeissi everyday. Their ongoing work on tweetnacl-js & miniLock form the core of this library and we are gracious for their heavy lifting.

Other miniLock Projects

miniLock for Google Chrome
File encryption software that does more with less.
From minilock.io miniLock icon

OnionLock for Google Android
Encrypted address book, file transfers and more.
From The Barracks OnionLock icon

Deadlock
miniLock encryption for the Python programming language.
From Cathal Garvey DeadLock icon