Easy to use data encryption/decryption utilities.

Both Counter (CTR) mode and Galois/Counter mode (GCM) are supported. When only secrecy of data is required, use CTR mode. If you need not only secrecy but also data integrity, use GCM.

Deriving an AES key from given password

The functions defined in this module accept arbitrary binary as password. To make an AES key (which is 128bit length) from a given password, the functions by default use MD5 hash algorithm. If you need to increase computational cost of key derivation and make attacks such as dictionary attacks more difficult, you may pass your own key derivation function. To implement your key derivation function you can use :crypto module.

Transparent handling of initialization vector

When encrypting given data, the encrypt function generates a random initialization vector and prepends it to the encrypted data. The decrypt function extracts the initialization vector and use it to decrypt the rest.

Associated Authenticated Data (AAD) for GCM

For GCM you may pass AAD (arbitrary binary) as an additional argument. AAD is used only for generating/validating authentication tag; it doesn't affect resulting cipher text.

AAD can be used to provide contextual information for the authentication of cipher text. For example, you could pass "login user ID" as AAD when encrypting/decrypting each user's data, This way, even when a malicious user who somehow copied another user's encrypted data and secret key into his own account, you could prevent him from decrypting the data because of the difference in AAD.

If you don't have any suitable data for AAD you can pass an empty string (which is the default value).