@allsecurex-quantum/crypto-shim 1.0.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 AllSecureX
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,261 @@
+# @quantumvault/crypto-shim
+
+<p align="center">
+  <strong>A Product of <a href="https://allsecurex.com">AllSecureX</a></strong><br>
+  Enterprise-Grade Post-Quantum Cryptography
+</p>
+
+<p align="center">
+  <a href="https://github.com/AllSecureX-Quantum/crypto-shim-nodejs/blob/main/LICENSE"><img src="https://img.shields.io/badge/license-MIT-blue.svg" alt="License"></a>
+  <a href="https://www.npmjs.com/package/@quantumvault/crypto-shim"><img src="https://img.shields.io/npm/v/@quantumvault/crypto-shim.svg" alt="npm version"></a>
+</p>
+
+---
+
+**Drop-in quantum-safe upgrade for Node.js applications - zero code changes required.**
+
+This package transparently upgrades your Node.js application's cryptographic operations to quantum-safe alternatives. Simply install and configure at application startup - all existing crypto code continues to work while being protected against quantum computer attacks.
+
+## Features
+
+- **Zero Code Changes**: Works with existing `crypto` module usage
+- **Automatic Upgrades**: RSA/ECDSA signatures upgraded to ML-DSA hybrids
+- **Multiple Modes**: Monitor, hybrid, or pure post-quantum
+- **Analytics**: Track all crypto operations via QuantumVault dashboard
+- **Gradual Rollout**: Start in monitor mode, then progressively upgrade
+- **Fallback Safety**: Automatic fallback to classical crypto on errors
+
+## Installation
+
+```bash
+npm install @quantumvault/crypto-shim
+```
+
+## Quick Start
+
+Add this at the **very top** of your application entry point (before any other imports):
+
+```javascript
+// Must be the FIRST line of your application
+require('@quantumvault/crypto-shim').install({
+  apiKey: process.env.QUANTUMVAULT_API_KEY,
+  mode: 'hybrid' // Start with 'monitor' to observe without changes
+});
+
+// Now all your existing code is quantum-safe!
+const crypto = require('crypto');
+
+// This RSA signature is automatically upgraded to ML-DSA-65 hybrid
+const sign = crypto.createSign('RSA-SHA256');
+sign.update('data to sign');
+const signature = sign.sign(privateKey);
+```
+
+## Configuration
+
+```javascript
+require('@quantumvault/crypto-shim').install({
+  // Required: Your QuantumVault API key
+  apiKey: 'qvp_...',
+
+  // Optional: Plugin ID for analytics (get from QuantumVault dashboard)
+  pluginId: 'plugin_abc123',
+
+  // Optional: API endpoint (defaults to production)
+  endpoint: 'https://api.quantumvault.io',
+
+  // Mode: 'monitor' | 'hybrid' | 'pq_only' | 'intercept'
+  // - monitor: Log only, no changes (safe to start with)
+  // - hybrid: Use classical + quantum-safe combined (recommended)
+  // - pq_only: Pure post-quantum (future-proof but may have compatibility issues)
+  // - intercept: Upgrade classical to PQ transparently
+  mode: 'hybrid',
+
+  // Fallback behavior on errors
+  fallback: {
+    onError: 'use_classical', // 'use_classical' | 'fail'
+    timeout_ms: 5000
+  },
+
+  // Logging
+  logging: {
+    enabled: true,
+    level: 'info' // 'debug' | 'info' | 'warn' | 'error'
+  }
+});
+```
+
+## Algorithm Mappings
+
+| Classical Algorithm | Quantum-Safe Upgrade | Hybrid Option |
+|---------------------|----------------------|---------------|
+| RSA-SHA256 | ML-DSA-65 | RSA-SHA256 + ML-DSA-65 |
+| RSA-SHA384 | ML-DSA-65 | RSA-SHA384 + ML-DSA-65 |
+| RSA-SHA512 | ML-DSA-87 | RSA-SHA512 + ML-DSA-87 |
+| ECDSA-P256 | ML-DSA-44 | ECDSA-P256 + ML-DSA-44 |
+| ECDSA-P384 | ML-DSA-65 | ECDSA-P384 + ML-DSA-65 |
+| Ed25519 | ML-DSA-44 | Ed25519 + ML-DSA-44 |
+| RSA (keygen) | ML-KEM-768 | RSA-2048 + ML-KEM-768 |
+| ECDH-P256 | ML-KEM-768 | ECDH-P256 + ML-KEM-768 |
+| X25519 | ML-KEM-768 | X25519 + ML-KEM-768 |
+
+## API Reference
+
+### `install(config)`
+
+Install the crypto shim. Must be called before any crypto operations.
+
+### `uninstall()`
+
+Remove the shim and restore original crypto functions.
+
+### `isActive()`
+
+Returns `true` if the shim is currently installed.
+
+### `status()`
+
+Get current shim status and statistics:
+
+```javascript
+const { status } = require('@quantumvault/crypto-shim');
+
+console.log(status());
+// {
+//   installed: true,
+//   mode: 'hybrid',
+//   stats: {
+//     totalOperations: 150,
+//     upgradedOperations: 142,
+//     classicalOperations: 8,
+//     failedOperations: 0,
+//     byAlgorithm: Map { 'RSA-SHA256' => { upgraded: 100, classical: 0 }, ... }
+//   }
+// }
+```
+
+### `getMappings()`
+
+Get all algorithm mappings.
+
+### `addMapping(mapping)`
+
+Add a custom algorithm mapping:
+
+```javascript
+const { addMapping } = require('@quantumvault/crypto-shim');
+
+addMapping({
+  classical: 'CUSTOM-ALGO',
+  quantum_safe: 'ML-DSA-87',
+  hybrid_option: 'CUSTOM-ALGO + ML-DSA-87'
+});
+```
+
+## Migration Guide
+
+### Step 1: Monitor Mode (Week 1)
+
+Start with monitor mode to understand your crypto usage:
+
+```javascript
+require('@quantumvault/crypto-shim').install({
+  apiKey: process.env.QUANTUMVAULT_API_KEY,
+  mode: 'monitor',
+  logging: { enabled: true, level: 'info' }
+});
+```
+
+### Step 2: Review Analytics
+
+Check your QuantumVault dashboard to see:
+- Which algorithms are being used
+- Operation frequency and latency
+- Potential compatibility issues
+
+### Step 3: Enable Hybrid Mode (Week 2+)
+
+Once confident, switch to hybrid mode:
+
+```javascript
+require('@quantumvault/crypto-shim').install({
+  apiKey: process.env.QUANTUMVAULT_API_KEY,
+  mode: 'hybrid'
+});
+```
+
+### Step 4: Pure Post-Quantum (Optional)
+
+For maximum future-proofing:
+
+```javascript
+require('@quantumvault/crypto-shim').install({
+  apiKey: process.env.QUANTUMVAULT_API_KEY,
+  mode: 'pq_only'
+});
+```
+
+## Supported Operations
+
+| Operation | Supported | Notes |
+|-----------|-----------|-------|
+| `createSign()` | Yes | Signature algorithms upgraded |
+| `createVerify()` | Yes | Verification algorithms upgraded |
+| `generateKeyPair()` | Yes | Key types upgraded |
+| `generateKeyPairSync()` | Yes | Key types upgraded |
+| `publicEncrypt()` | Coming soon | Key encapsulation |
+| `privateDecrypt()` | Coming soon | Key decapsulation |
+| `createCipheriv()` | N/A | AES-256 already quantum-safe |
+| `createDecipheriv()` | N/A | AES-256 already quantum-safe |
+| `createHash()` | N/A | SHA-256+ already quantum-safe |
+
+## TypeScript Support
+
+Full TypeScript support with type definitions included:
+
+```typescript
+import { install, status, ShimConfig } from '@quantumvault/crypto-shim';
+
+const config: ShimConfig = {
+  apiKey: process.env.QUANTUMVAULT_API_KEY!,
+  mode: 'hybrid'
+};
+
+install(config);
+```
+
+## Troubleshooting
+
+### "Crypto shim is already installed"
+
+The shim can only be installed once. If you need to reconfigure, call `uninstall()` first.
+
+### Operations not being upgraded
+
+1. Check that `install()` is called before any crypto imports
+2. Verify the algorithm is in the mappings list
+3. Check that mode is set to 'hybrid' or 'pq_only'
+
+### Performance concerns
+
+The shim adds minimal overhead (~1-2ms per operation). For high-throughput applications, consider:
+- Using 'monitor' mode initially
+- Batching operations where possible
+- Caching signatures for repeated data
+
+## License
+
+MIT
+
+## Support
+
+- Documentation: https://docs.quantumvault.io
+- Issues: https://github.com/AllSecureX-Quantum/crypto-shim-nodejs/issues
+- Email: support@allsecurex.com
+
+## About AllSecureX
+
+AllSecureX provides enterprise-grade post-quantum cryptography solutions. QuantumVault is our flagship product for NIST-standardized quantum-resistant algorithms (FIPS 203, 204, 205).
+
+- Website: https://allsecurex.com
+- GitHub: https://github.com/AllSecureX-Quantum

package/dist/index.d.ts

@@ -0,0 +1,76 @@
+/**
+ * @quantumvault/crypto-shim
+ * Drop-in quantum-safe upgrade for Node.js crypto module
+ *
+ * Usage:
+ *   // At the VERY TOP of your application entry point
+ *   require('@quantumvault/crypto-shim').install({
+ *     apiKey: process.env.QUANTUMVAULT_API_KEY,
+ *     mode: 'hybrid' // 'hybrid' | 'pq_only' | 'monitor'
+ *   });
+ *
+ *   // Now all crypto operations are automatically upgraded
+ *   const crypto = require('crypto');
+ *   crypto.createSign('RSA-SHA256') // Uses ML-DSA-65 hybrid
+ */
+export type ShimMode = 'hybrid' | 'pq_only' | 'intercept' | 'monitor';
+export interface ShimConfig {
+    apiKey: string;
+    pluginId?: string;
+    endpoint?: string;
+    mode?: ShimMode;
+    fallback?: {
+        onError: 'use_classical' | 'fail';
+        timeout_ms?: number;
+    };
+    logging?: {
+        enabled?: boolean;
+        level?: 'debug' | 'info' | 'warn' | 'error';
+    };
+}
+export interface AlgorithmMapping {
+    classical: string;
+    quantum_safe: string;
+    hybrid_option?: string;
+}
+declare const stats: {
+    totalOperations: number;
+    upgradedOperations: number;
+    classicalOperations: number;
+    failedOperations: number;
+    byAlgorithm: Map<string, {
+        upgraded: number;
+        classical: number;
+    }>;
+};
+/**
+ * Install the QuantumVault crypto shim
+ * Call this at the very top of your application entry point
+ */
+export declare function install(config: ShimConfig): void;
+/**
+ * Uninstall the crypto shim and restore original functions
+ */
+export declare function uninstall(): void;
+/**
+ * Check if the shim is currently installed
+ */
+export declare function isActive(): boolean;
+/**
+ * Get current shim status
+ */
+export declare function status(): {
+    installed: boolean;
+    mode: ShimMode | null;
+    stats: typeof stats;
+};
+/**
+ * Get algorithm mappings
+ */
+export declare function getMappings(): AlgorithmMapping[];
+/**
+ * Add custom algorithm mapping
+ */
+export declare function addMapping(mapping: AlgorithmMapping): void;
+export {};
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AASH,MAAM,MAAM,QAAQ,GAAG,QAAQ,GAAG,SAAS,GAAG,WAAW,GAAG,SAAS,CAAC;AAEtE,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,IAAI,CAAC,EAAE,QAAQ,CAAC;IAChB,QAAQ,CAAC,EAAE;QACT,OAAO,EAAE,eAAe,GAAG,MAAM,CAAC;QAClC,UAAU,CAAC,EAAE,MAAM,CAAC;KACrB,CAAC;IACF,OAAO,CAAC,EAAE;QACR,OAAO,CAAC,EAAE,OAAO,CAAC;QAClB,KAAK,CAAC,EAAE,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC;KAC7C,CAAC;CACH;AAED,MAAM,WAAW,gBAAgB;IAC/B,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAuDD,QAAA,MAAM,KAAK;;;;;;kBAKgC,MAAM;mBAAa,MAAM;;CACnE,CAAC;AA8PF;;;GAGG;AACH,wBAAgB,OAAO,CAAC,MAAM,EAAE,UAAU,GAAG,IAAI,CA6ChD;AAED;;GAEG;AACH,wBAAgB,SAAS,IAAI,IAAI,CAiBhC;AAED;;GAEG;AACH,wBAAgB,QAAQ,IAAI,OAAO,CAElC;AAED;;GAEG;AACH,wBAAgB,MAAM,IAAI;IACxB,SAAS,EAAE,OAAO,CAAC;IACnB,IAAI,EAAE,QAAQ,GAAG,IAAI,CAAC;IACtB,KAAK,EAAE,OAAO,KAAK,CAAC;CACrB,CAYA;AAED;;GAEG;AACH,wBAAgB,WAAW,IAAI,gBAAgB,EAAE,CAEhD;AAED;;GAEG;AACH,wBAAgB,UAAU,CAAC,OAAO,EAAE,gBAAgB,GAAG,IAAI,CAG1D"}