Overview
The Enigma Node provides a suite of cryptographic utilities for encrypting, decrypting, signing, verifying, hashing, and generating random data. It supports multiple cryptographic algorithms including AES 256, ECC (ED25519), RSA, and hash functions (SHA-256, SHA-1). This node is useful in scenarios where secure data transformation is required within an automation workflow, such as encrypting sensitive information before storage or transmission, verifying digital signatures, generating cryptographic keys, or creating hashes for data integrity checks.
Practical examples:
- Encrypting user data with AES 256 before saving to a database.
- Generating RSA key pairs for secure communication setup.
- Creating SHA-256 hashes of files to verify integrity.
- Signing messages with ECC keys to ensure authenticity.
- Generating random strings for tokens or passwords.
Properties
| Name | Meaning |
|---|---|
| Cryptographic Utilities | Select the cryptographic function to perform: AES_256, ECC, HASH, RANDOM, RSA |
When "HASH" is selected:
| Name | Meaning |
|---|---|
| Algorithm | Hash algorithm to use: SHA 256 or SHA 1 |
| Encoding | Output encoding format: BASE64, BASE58, HEX |
| Message | The input text message to hash |
When "AES_256" is selected:
| Name | Meaning |
|---|---|
| Encrypt/Decrypt/Key Generation | Choose operation: encrypt, decrypt, or generate a new AES 256 key |
| Encryption/Decryption Key | Base64 encoded AES key used for encryption/decryption (required for encrypt/decrypt) |
| IV | Initialization vector in base64 (required for encryption) |
| Message | Text message to encrypt or decrypt |
| Use Binary File | Whether to process binary data instead of text |
| Binary Property Name | Name of the binary property to use when processing binary data (default "data") |
When "RSA" is selected:
| Name | Meaning |
|---|---|
| Encrypt/Decrypt/Key Generation | Choose operation: encrypt, decrypt, or generate a new RSA key pair |
| Public Key | Base64 encoded RSA public key (used for encrypt/decrypt) |
| Private Key | Base64 encoded RSA private key (used for encrypt/decrypt) |
| Message | Text message to encrypt or decrypt |
When "ECC" is selected:
| Name | Meaning |
|---|---|
| Sign/Verify/Key Generation | Choose operation: sign, verify, or generate a new ED25519 key pair |
| Public Key | Base64 encoded ECC public key (used for sign/verify) |
| Private Key | Base64 encoded ECC private key (used for signing) |
| Signature | Base64 encoded signature (used for verification) |
| Message | Text message to sign or verify |
When "RANDOM" is selected:
| Name | Meaning |
|---|---|
| Size | Byte size of the random string to generate (1 to 4096) |
Output
The node outputs JSON data containing the results of the selected cryptographic operation:
For AES 256:
- On key generation:
{ "key": "<base64 AES key>" } - On encryption:
- If binary output disabled:
{ "encrypted": "<base64 encrypted data>" , "key": "<base64 AES key>" } - If binary output enabled: binary data containing encrypted content, IV, and tag.
- If binary output disabled:
- On decryption:
- If binary output disabled:
{ "encrypted": "<decrypted plaintext>" } - If binary output enabled: binary data containing decrypted content.
- If binary output disabled:
- On key generation:
For ECC:
- On key generation:
{ "public_key": "<base64>", "private_key": "<base64>" } - On sign:
{ "encrypted": "<base64 signature>" } - On verify:
{ "valid": true|false }
- On key generation:
For HASH:
{ "hash": "<encoded hash string>" }
For RANDOM:
{ "random": "<base64 random string>" }
For RSA:
- On key generation:
{ "public_key": "<base64>", "private_key": "<base64>" } - On encryption:
{ "encrypted": "<base64 encrypted data>" } - On decryption:
{ "decrypted": "<decrypted plaintext>" }
- On key generation:
If binary output is enabled (only for AES 256 encryption/decryption), the node outputs the processed binary file data.
Dependencies
- Uses the
@cubbit/enigmalibrary for cryptographic operations. - No external API services are required.
- Requires proper configuration of input parameters such as keys and messages.
- No special environment variables or credentials are needed beyond providing valid cryptographic keys in base64 format.
Troubleshooting
- Missing or invalid keys: Encryption and decryption require valid base64-encoded keys. Errors will occur if keys are missing or malformed.
- Incorrect IV for AES encryption: The initialization vector must be provided for encryption; otherwise, encryption will fail.
- Invalid input format: For binary processing, ensure the binary property name matches the actual binary data property.
- Signature verification failure: If the signature or keys do not match the message, verification will return false.
- Unsupported operations: Selecting incompatible options or omitting required parameters will cause errors.
- Error messages typically include details about missing keys, invalid base64 data, or unsupported operations. To resolve, verify all inputs and their formats carefully.