API Reference

Frostbite provides a comprehensive programmatic API for encrypting, decrypting, and managing encrypted files in your Node.js applications. This reference documents all available methods and options.

encrypt()

Encrypts a file or directory using AES-256-GCM encryption.

Syntax

const frostbite = require('frostbite');

const result = await frostbite.encrypt(targetPath, options);

Parameters

Parameter Type Description
targetPath string Path to the file or directory to encrypt
options object Encryption options
options.key string Encryption key
options.license string (Optional) License key for additional protection
options.dryRun boolean (Optional) If true, don't actually encrypt files (default: false)

Return Value

Returns a Promise that resolves to an object with the following properties:

Property Type Description
files string[] Array of file paths that were encrypted
skipped string[] Array of file paths that were skipped (ignored or already encrypted)

Example

const frostbite = require('frostbite');

async function encryptConfig() {
  try {
    const result = await frostbite.encrypt('./config', {
      key: 'my-secret-key',
      license: 'optional-license-key',
      dryRun: false
    });

    console.log(`Encrypted ${result.files.length} files`);
    console.log(`Skipped ${result.skipped.length} files`);
  } catch (error) {
    console.error('Encryption failed:', error);
  }
}

decrypt()

Decrypts a file or directory that was encrypted with Frostbite.

Syntax

const frostbite = require('frostbite');

const result = await frostbite.decrypt(targetPath, options);

Parameters

Parameter Type Description
targetPath string Path to the file or directory to decrypt
options object Decryption options
options.key string Decryption key
options.license string (Optional) License key for additional protection
options.dryRun boolean (Optional) If true, don't actually decrypt files (default: false)

Return Value

Returns a Promise that resolves to an object with the following properties:

Property Type Description
files string[] Array of file paths that were decrypted
skipped string[] Array of file paths that were skipped (not encrypted)

Example

const frostbite = require('frostbite');

async function decryptConfig() {
  try {
    const result = await frostbite.decrypt('./config', {
      key: 'my-secret-key',
      license: 'optional-license-key',
      dryRun: false
    });

    console.log(`Decrypted ${result.files.length} files`);
    console.log(`Skipped ${result.skipped.length} files`);
  } catch (error) {
    console.error('Decryption failed:', error);
  }
}

rekey()

Re-encrypts files with a new key, allowing for key rotation without decrypting to disk.

Syntax

const frostbite = require('frostbite');

const result = await frostbite.rekey(targetPath, options);

Parameters

Parameter Type Description
targetPath string Path to the file or directory to re-encrypt
options object Re-encryption options
options.oldKey string Old encryption key
options.newKey string New encryption key
options.oldLicense string (Optional) Old license key
options.newLicense string (Optional) New license key
options.dryRun boolean (Optional) If true, don't actually re-encrypt files (default: false)

Return Value

Returns a Promise that resolves to an object with the following properties:

Property Type Description
files string[] Array of file paths that were re-encrypted
skipped string[] Array of file paths that were skipped (not encrypted)
failed object[] Array of objects with information about files that failed to re-encrypt

Example

const frostbite = require('frostbite');

async function rekeyConfig() {
  try {
    const result = await frostbite.rekey('./config', {
      oldKey: 'old-secret-key',
      newKey: 'new-secret-key',
      oldLicense: 'old-license-key',
      newLicense: 'new-license-key',
      dryRun: false
    });

    console.log(`Re-encrypted ${result.files.length} files`);

    if (result.failed && result.failed.length > 0) {
      console.error(`Failed to re-encrypt ${result.failed.length} files`);
    }
  } catch (error) {
    console.error('Re-encryption failed:', error);
  }
}

encryptData()

Encrypts a buffer using AES-256-GCM encryption.

Syntax

const frostbite = require('frostbite');

const encryptedBuffer = await frostbite.encryptData(buffer, key, license);

Parameters

Parameter Type Description
buffer Buffer Data to encrypt
key string Encryption key
license string (Optional) License key for additional protection

Return Value

Returns a Promise that resolves to a Buffer containing the encrypted data.

Example

const frostbite = require('frostbite');
const fs = require('fs');

async function encryptConfigData() {
  try {
    // Read the data to encrypt
    const data = fs.readFileSync('./config.json');

    // Encrypt the data
    const encryptedData = await frostbite.encryptData(data, 'my-secret-key', 'optional-license-key');

    // Save the encrypted data
    fs.writeFileSync('./config.json.fbz', encryptedData);

    console.log('Data encrypted successfully');
  } catch (error) {
    console.error('Encryption failed:', error);
  }
}

decryptData()

Decrypts a buffer that was encrypted with Frostbite.

Syntax

const frostbite = require('frostbite');

const decryptedBuffer = await frostbite.decryptData(buffer, key, license);

Parameters

Parameter Type Description
buffer Buffer Encrypted data
key string Decryption key
license string (Optional) License key for additional protection

Return Value

Returns a Promise that resolves to a Buffer containing the decrypted data.

Example

const frostbite = require('frostbite');
const fs = require('fs');

async function decryptConfigData() {
  try {
    // Read the encrypted data
    const encryptedData = fs.readFileSync('./config.json.fbz');

    // Decrypt the data
    const decryptedData = await frostbite.decryptData(encryptedData, 'my-secret-key', 'optional-license-key');

    // Parse the decrypted data
    const config = JSON.parse(decryptedData.toString('utf8'));

    console.log('Config:', config);
  } catch (error) {
    console.error('Decryption failed:', error);
  }
}

rekeyData()

Re-encrypts a buffer with a new key.

Syntax

const frostbite = require('frostbite');

const reEncryptedBuffer = await frostbite.rekeyData(buffer, oldKey, newKey, oldLicense, newLicense);

Parameters

Parameter Type Description
buffer Buffer Encrypted data
oldKey string Old encryption key
newKey string New encryption key
oldLicense string (Optional) Old license key
newLicense string (Optional) New license key

Return Value

Returns a Promise that resolves to a Buffer containing the re-encrypted data.

Example

const frostbite = require('frostbite');
const fs = require('fs');

async function rekeyConfigData() {
  try {
    // Read the encrypted data
    const encryptedData = fs.readFileSync('./config.json.fbz');

    // Re-encrypt the data with a new key
    const reEncryptedData = await frostbite.rekeyData(
      encryptedData,
      'old-secret-key',
      'new-secret-key',
      'old-license-key',
      'new-license-key'
    );

    // Save the re-encrypted data
    fs.writeFileSync('./config.json.fbz', reEncryptedData);

    console.log('Data re-encrypted successfully');
  } catch (error) {
    console.error('Re-encryption failed:', error);
  }
}

createRuntime()

Creates a runtime instance for live project environments.

Syntax

const frostbite = require('frostbite');

const runtime = frostbite.createRuntime(options);

Parameters

Parameter Type Description
options object Runtime options
options.key string Encryption/decryption key
options.license string (Optional) License key for additional protection

Return Value

Returns a FrostbiteRuntime instance. See the Runtime API documentation for details on the available methods.

Example

const frostbite = require('frostbite');

async function main() {
  // Create a runtime instance
  const runtime = frostbite.createRuntime({
    key: process.env.FROSTBITE_KEY,
    license: process.env.FROSTBITE_LICENSE
  });

  // Initialize the runtime
  await runtime.initialize();

  try {
    // Decrypt a file without writing to disk
    const config = await runtime.requireJSON('./config.json.fbz');

    console.log('Config loaded:', config);

    // Watch files for changes
    await runtime.watch('./config', {
      autoDecrypt: true,
      autoEncrypt: false
    });

    console.log('Watching config directory for changes');
  } catch (error) {
    console.error('Error:', error);
  }
}