Skip to content
/ dpapi Public

Prebuilt native module (Node.JS) to encrypt data on Windows with DPAPI.

License

Notifications You must be signed in to change notification settings

primno/dpapi

Repository files navigation

DPAPI

npm npm build coverage

Native module to encrypt/decrypt data on Windows with DPAPI.

This native module is prebuilt for Node.JS running on Windows. It provides the x64 and the arm64 N-API modules for Windows.

This package indicates if the prebuilt module is supported on the current platform.

Based on the port to N-API made by Microsoft in @msal-node-extension from the work of Brad Hughes.

This package is part of the Primno framework.

Why this package?

Other similar packages require to build the native module on the target machine during the installation. This means that you must have Python and Visual C++ installed, production environment included.

This package is prebuilt, so you don't need to have build tools installed on the target machine.

Install

The prebuilt module will be installed with the following command.

npm install @primno/dpapi

Definition

class Dpapi {
    public protectData(
        userData: Uint8Array,
        optionalEntropy: Uint8Array | null,
        scope: "CurrentUser" | "LocalMachine"
    ): Uint8Array;

    public unprotectData(
        encryptedData: Uint8Array,
        optionalEntropy: Uint8Array | null,
        scope: "CurrentUser" | "LocalMachine"
    ): Uint8Array;
}

const isPlatformSupported: boolean;

Usage

ECMAScript Module

import { Dpapi, isPlatformSupported } from "@primno/dpapi";

if (isPlatformSupported) {
    const buffer = Buffer.from("Hello world", "utf-8");

    const encrypted = Dpapi.protectData(buffer, null, "CurrentUser");
    const decrypted = Dpapi.unprotectData(encrypted, null, "CurrentUser");
}
else {
    console.error("Platform not supported. Only Windows is supported (x64, ARM64)");
}

CommonJS

const { Dpapi, isPlatformSupported } = require("@primno/dpapi");

if (isPlatformSupported) {
    const buffer = Buffer.from("Hello world", "utf-8");

    const encrypted = Dpapi.protectData(buffer, null, "CurrentUser");
    const decrypted = Dpapi.unprotectData(encrypted, null, "CurrentUser");
}
else {
    console.error("Platform not supported. Only Windows is supported (x64, ARM64)");
}

Credits

  • Brad Hughes for the original code.
  • Microsoft for the N-API port in MSAL-Node-Extension.