@alwatr/crypto 0.31.0

package/CHANGELOG.md

@@ -0,0 +1,109 @@
+# Change Log
+
+All notable changes to this project will be documented in this file.
+See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
+
+# [0.31.0](https://github.com/AliMD/alwatr/compare/v0.30.0...v0.31.0) (2023-05-08)
+
+### Bug Fixes
+
+- **crypto:** package ([866c5f4](https://github.com/AliMD/alwatr/commit/866c5f490ea2eaa75bf177f35b3f4711931e13d2))
+
+### Features
+
+- **crypto:** make prefix for userId ([5baa00a](https://github.com/AliMD/alwatr/commit/5baa00aafb16a4c6ed1d77913edddd090f732dad))
+
+# [0.30.0](https://github.com/AliMD/alwatr/compare/v0.29.0...v0.30.0) (2023-03-06)
+
+**Note:** Version bump only for package @alwatr/crypto
+
+# [0.29.0](https://github.com/AliMD/alwatr/compare/v0.28.0...v0.29.0) (2023-02-10)
+
+**Note:** Version bump only for package @alwatr/crypto
+
+# [0.28.0](https://github.com/AliMD/alwatr/compare/v0.27.0...v0.28.0) (2023-01-20)
+
+### Bug Fixes
+
+- **token:** types ([a7da60e](https://github.com/AliMD/alwatr/commit/a7da60e720ac83b8d2d2ed5c0b811dea1952a2b9))
+
+### Features
+
+- **token:** generate and verify token without expiration time ([6db78f0](https://github.com/AliMD/alwatr/commit/6db78f0644e076c3401a263173d7139838bbbf0c))
+- **type:** define math types ([8c19f40](https://github.com/AliMD/alwatr/commit/8c19f4058d4361b7d3f4f714595e34cb6fa21109))
+
+# [0.27.0](https://github.com/AliMD/alwatr/compare/v0.26.0...v0.27.0) (2022-12-29)
+
+**Note:** Version bump only for package @alwatr/crypto
+
+# [0.26.0](https://github.com/AliMD/alwatr/compare/v0.25.0...v0.26.0) (2022-12-22)
+
+### Bug Fixes
+
+- set correct path ([d01ce6f](https://github.com/AliMD/alwatr/commit/d01ce6ffa749a5e3e0e11e35b4ed61d75d61fec9))
+- tsconfig ([e96dcd3](https://github.com/AliMD/alwatr/commit/e96dcd30774a9f06f7d051e0504192cbbe019e35))
+
+# [0.25.0](https://github.com/AliMD/alwatr/compare/v0.24.1...v0.25.0) (2022-12-07)
+
+**Note:** Version bump only for package @alwatr/crypto
+
+## [0.24.1](https://github.com/AliMD/alwatr/compare/v0.24.0...v0.24.1) (2022-12-01)
+
+**Note:** Version bump only for package @alwatr/crypto
+
+# [0.24.0](https://github.com/AliMD/alwatr/compare/v0.23.0...v0.24.0) (2022-11-28)
+
+### Bug Fixes
+
+- use ~ for package version ([4e027ff](https://github.com/AliMD/alwatr/commit/4e027ff63875e03b088ebcdc1bdf2495f4494eec))
+
+# [0.23.0](https://github.com/AliMD/alwatr/compare/v0.22.1...v0.23.0) (2022-11-23)
+
+**Note:** Version bump only for package @alwatr/crypto
+
+## [0.22.1](https://github.com/AliMD/alwatr/compare/v0.22.0...v0.22.1) (2022-11-21)
+
+**Note:** Version bump only for package @alwatr/crypto
+
+# [0.22.0](https://github.com/AliMD/alwatr/compare/v0.21.0...v0.22.0) (2022-11-20)
+
+**Note:** Version bump only for package @alwatr/crypto
+
+# [0.21.0](https://github.com/AliMD/alwatr/compare/v0.20.0...v0.21.0) (2022-11-13)
+
+**Note:** Version bump only for package @alwatr/crypto
+
+# [0.20.0](https://github.com/AliMD/alwatr/compare/v0.19.0...v0.20.0) (2022-11-05)
+
+**Note:** Version bump only for package @alwatr/crypto
+
+# [0.19.0](https://github.com/AliMD/alwatr/compare/v0.18.0...v0.19.0) (2022-11-01)
+
+**Note:** Version bump only for package @alwatr/crypto
+
+# [0.18.0](https://github.com/AliMD/alwatr/compare/v0.17.0...v0.18.0) (2022-10-22)
+
+**Note:** Version bump only for package @alwatr/crypto
+
+# [0.17.0](https://github.com/AliMD/alwatr/compare/v0.16.1...v0.17.0) (2022-10-21)
+
+**Note:** Version bump only for package @alwatr/crypto
+
+# [0.16.0](https://github.com/AliMD/alwatr/compare/v0.15.0...v0.16.0) (2022-09-08)
+
+**Note:** Version bump only for package @alwatr/crypto
+
+# [0.15.0](https://github.com/AliMD/alwatr/compare/v0.14.0...v0.15.0) (2022-09-01)
+
+**Note:** Version bump only for package @alwatr/crypto
+
+# [0.14.0](https://github.com/AliMD/alwatr/compare/v0.13.0...v0.14.0) (2022-08-19)
+
+**Note:** Version bump only for package @alwatr/crypto
+
+# [0.13.0](https://github.com/AliMD/alwatr/compare/v0.12.0...v0.13.0) (2022-08-06)
+
+### Features
+
+- **token:** generate and verify HOTP tpkens ([d0372f8](https://github.com/AliMD/alwatr/commit/d0372f805a45d6fd6571b50821529068cec7d424))
+- **token:** new package files ([fe620e0](https://github.com/AliMD/alwatr/commit/fe620e0d9f84c4e6d8e0eed47d6b398e218429ad))

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2022 S. Ali Mihandoost
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,13 @@
+# Alwatr Crypto - `@alwatr/crypto`
+
+Secure authentication HOTP token generator (the HMAC-based One-Time Password algorithm) and crypto utils written in tiny TypeScript module.
+
+## References
+
+- [RFC 4226](http://tools.ietf.org/html/rfc4226). HMAC-Based One-Time Password Algorithm (HOTP)
+- [RFC 6238](http://tools.ietf.org/html/rfc6238). Time-Based One-Time Password Algorithm (TOTP)
+- [HMAC: Keyed-Hashing for Message Authentication](https://tools.ietf.org/html/rfc2104). (February 1997). Network Working Group.
+- [HMAC and Key Derivation](https://cryptobook.nakov.com/mac-and-key-derivation/hmac-and-key-derivation). Practical Cryptography for Developers.
+- [HMAC Generator/Tester Tool](https://www.freeformatter.com/hmac-generator.html). FreeFormatter.
+- [How API Request Signing Works (And How to Implement HMAC in NodeJS)](https://blog.andrewhoang.me/how-api-request-signing-works-and-how-to-implement-it-in-nodejs-2/). (2016). Andrew Hoang.
+- [Implement HMAC Authentication](https://support.google.com/admanager/answer/7637490?hl=en). Google Ad Manager Help.

package/hash.d.ts

@@ -0,0 +1,79 @@
+/// <reference types="node" resolution-mode="require"/>
+import { type BinaryLike } from 'node:crypto';
+import type { HashGeneratorConfig } from './type.js';
+/**
+ * Secure **self-validate** hash generator.
+ */
+export declare class AlwatrHashGenerator {
+    config: HashGeneratorConfig;
+    constructor(config?: HashGeneratorConfig);
+    /**
+     * Generate simple hash from random data.
+     *
+     * Example:
+     *
+     * ```js
+     * const clientId = hashGenerator.random();
+     * ```
+     */
+    random(): string;
+    /**
+     * Generate **self-validate** hash from random data.
+     *
+     * Example:
+     *
+     * ```ts
+     * const userId = hashGenerator.randomSelfValidate();
+     * ```
+     */
+    randomSelfValidate(): string;
+    /**
+     * Generate simple hash from data.
+     *
+     * Example:
+     *
+     * ```ts
+     * const crcHash = hashGenerator.generate(downloadedData);
+     * ```
+     */
+    generate(data: BinaryLike): string;
+    /**
+     * Generate crc hash.
+     */
+    _generateCrc(data: BinaryLike): string;
+    /**
+     * Generate **self-validate** hash from data.
+     *
+     * Example:
+     *
+     * ```js
+     * const userId = hashGenerator.generateSelfValidate(randomData);
+     * ```
+     */
+    generateSelfValidate(data: BinaryLike): string;
+    /**
+     * Verify `generate(data)` equals to `hash`.
+     *
+     * Example:
+     *
+     * ```ts
+     * if (!hashGenerator.verify(downloadedData, crcHash)) {
+     *   new Error('data_corrupted');
+     * }
+     * ```
+     */
+    verify(data: BinaryLike, hash: string): boolean;
+    /**
+     * Verify a **self-validate** hash to check its generated by this class (same options).
+     *
+     * Example:
+     *
+     * ```ts
+     * if (!hashGenerator.verifySelfValidate(user.id)) {
+     *   new Error('invalid_user');
+     * }
+     * ```
+     */
+    verifySelfValidate(hash: string): boolean;
+}
+//# sourceMappingURL=hash.d.ts.map

package/hash.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"hash.d.ts","sourceRoot":"","sources":["src/hash.ts"],"names":[],"mappings":";AAAA,OAAO,EAA0B,KAAK,UAAU,EAAC,MAAM,aAAa,CAAC;AAErE,OAAO,KAAK,EAAC,mBAAmB,EAAC,MAAM,WAAW,CAAC;AAEnD;;GAEG;AACH,qBAAa,mBAAmB;IACX,MAAM,EAAE,mBAAmB;gBAA3B,MAAM,GAAE,mBAA8E;IAEzG;;;;;;;;OAQG;IACH,MAAM,IAAI,MAAM;IAIhB;;;;;;;;OAQG;IACH,kBAAkB,IAAI,MAAM;IAI5B;;;;;;;;OAQG;IACH,QAAQ,CAAC,IAAI,EAAE,UAAU,GAAG,MAAM;IAIlC;;OAEG;IACH,YAAY,CAAC,IAAI,EAAE,UAAU,GAAG,MAAM;IAKtC;;;;;;;;OAQG;IACH,oBAAoB,CAAC,IAAI,EAAE,UAAU,GAAG,MAAM;IAM9C;;;;;;;;;;OAUG;IACH,MAAM,CAAC,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO;IAI/C;;;;;;;;;;OAUG;IACH,kBAAkB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO;CAS1C"}

package/hash.js

@@ -0,0 +1,100 @@
+import { createHash, randomBytes } from 'node:crypto';
+/**
+ * Secure **self-validate** hash generator.
+ */
+export class AlwatrHashGenerator {
+    constructor(config = { algorithm: 'sha1', encoding: 'base64url', crcLength: 8 }) {
+        this.config = config;
+    }
+    /**
+     * Generate simple hash from random data.
+     *
+     * Example:
+     *
+     * ```js
+     * const clientId = hashGenerator.random();
+     * ```
+     */
+    random() {
+        return this.generate(randomBytes(16));
+    }
+    /**
+     * Generate **self-validate** hash from random data.
+     *
+     * Example:
+     *
+     * ```ts
+     * const userId = hashGenerator.randomSelfValidate();
+     * ```
+     */
+    randomSelfValidate() {
+        return this.generateSelfValidate(randomBytes(16));
+    }
+    /**
+     * Generate simple hash from data.
+     *
+     * Example:
+     *
+     * ```ts
+     * const crcHash = hashGenerator.generate(downloadedData);
+     * ```
+     */
+    generate(data) {
+        return createHash(this.config.algorithm).update(data).digest(this.config.encoding);
+    }
+    /**
+     * Generate crc hash.
+     */
+    _generateCrc(data) {
+        const crc = this.generate(data);
+        return this.config.crcLength == null || this.config.crcLength < 1 ? crc : crc.substring(0, this.config.crcLength);
+    }
+    /**
+     * Generate **self-validate** hash from data.
+     *
+     * Example:
+     *
+     * ```js
+     * const userId = hashGenerator.generateSelfValidate(randomData);
+     * ```
+     */
+    generateSelfValidate(data) {
+        const mainHash = this.generate(data);
+        const crcHash = this._generateCrc(mainHash);
+        return mainHash + crcHash;
+    }
+    /**
+     * Verify `generate(data)` equals to `hash`.
+     *
+     * Example:
+     *
+     * ```ts
+     * if (!hashGenerator.verify(downloadedData, crcHash)) {
+     *   new Error('data_corrupted');
+     * }
+     * ```
+     */
+    verify(data, hash) {
+        return hash === this.generate(data);
+    }
+    /**
+     * Verify a **self-validate** hash to check its generated by this class (same options).
+     *
+     * Example:
+     *
+     * ```ts
+     * if (!hashGenerator.verifySelfValidate(user.id)) {
+     *   new Error('invalid_user');
+     * }
+     * ```
+     */
+    verifySelfValidate(hash) {
+        const gapPos = this.config.crcLength == null || this.config.crcLength < 1
+            ? hash.length / 2
+            : hash.length - this.config.crcLength;
+        const mainHash = hash.substring(0, gapPos);
+        const crcHash = hash.substring(gapPos);
+        return crcHash === this._generateCrc(mainHash);
+    }
+}
+//# sourceMappingURL=hash.js.map

package/hash.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"hash.js","sourceRoot":"","sources":["src/hash.ts"],"names":[],"mappings":"AAAA,OAAO,EAAC,UAAU,EAAE,WAAW,EAAkB,MAAM,aAAa,CAAC;AAIrE;;GAEG;AACH,MAAM,OAAO,mBAAmB;IAC9B,YAAmB,SAA8B,EAAC,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,WAAW,EAAE,SAAS,EAAE,CAAC,EAAC;QAAtF,WAAM,GAAN,MAAM,CAAgF;IAAG,CAAC;IAE7G;;;;;;;;OAQG;IACH,MAAM;QACJ,OAAO,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IACxC,CAAC;IAED;;;;;;;;OAQG;IACH,kBAAkB;QAChB,OAAO,IAAI,CAAC,oBAAoB,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IACpD,CAAC;IAED;;;;;;;;OAQG;IACH,QAAQ,CAAC,IAAgB;QACvB,OAAO,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IACrF,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,IAAgB;QAC3B,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAChC,OAAO,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACpH,CAAC;IAED;;;;;;;;OAQG;IACH,oBAAoB,CAAC,IAAgB;QACnC,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QACrC,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC;QAC5C,OAAO,QAAQ,GAAG,OAAO,CAAC;IAC5B,CAAC;IAED;;;;;;;;;;OAUG;IACH,MAAM,CAAC,IAAgB,EAAE,IAAY;QACnC,OAAO,IAAI,KAAK,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IACtC,CAAC;IAED;;;;;;;;;;OAUG;IACH,kBAAkB,CAAC,IAAY;QAC7B,MAAM,MAAM,GACV,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,CAAC,SAAS,GAAG,CAAC;YACxD,CAAC,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC;YACjB,CAAC,CAAC,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC;QAC1C,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;QAC3C,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QACvC,OAAO,OAAO,KAAK,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC;IACjD,CAAC;CACF","sourcesContent":["import {createHash, randomBytes, type BinaryLike} from 'node:crypto';\n\nimport type {HashGeneratorConfig} from './type.js';\n\n/**\n * Secure **self-validate** hash generator.\n */\nexport class AlwatrHashGenerator {\n  constructor(public config: HashGeneratorConfig = {algorithm: 'sha1', encoding: 'base64url', crcLength: 8}) {}\n\n  /**\n   * Generate simple hash from random data.\n   *\n   * Example:\n   *\n   * ```js\n   * const clientId = hashGenerator.random();\n   * ```\n   */\n  random(): string {\n    return this.generate(randomBytes(16));\n  }\n\n  /**\n   * Generate **self-validate** hash from random data.\n   *\n   * Example:\n   *\n   * ```ts\n   * const userId = hashGenerator.randomSelfValidate();\n   * ```\n   */\n  randomSelfValidate(): string {\n    return this.generateSelfValidate(randomBytes(16));\n  }\n\n  /**\n   * Generate simple hash from data.\n   *\n   * Example:\n   *\n   * ```ts\n   * const crcHash = hashGenerator.generate(downloadedData);\n   * ```\n   */\n  generate(data: BinaryLike): string {\n    return createHash(this.config.algorithm).update(data).digest(this.config.encoding);\n  }\n\n  /**\n   * Generate crc hash.\n   */\n  _generateCrc(data: BinaryLike): string {\n    const crc = this.generate(data);\n    return this.config.crcLength == null || this.config.crcLength < 1 ? crc : crc.substring(0, this.config.crcLength);\n  }\n\n  /**\n   * Generate **self-validate** hash from data.\n   *\n   * Example:\n   *\n   * ```js\n   * const userId = hashGenerator.generateSelfValidate(randomData);\n   * ```\n   */\n  generateSelfValidate(data: BinaryLike): string {\n    const mainHash = this.generate(data);\n    const crcHash = this._generateCrc(mainHash);\n    return mainHash + crcHash;\n  }\n\n  /**\n   * Verify `generate(data)` equals to `hash`.\n   *\n   * Example:\n   *\n   * ```ts\n   * if (!hashGenerator.verify(downloadedData, crcHash)) {\n   *   new Error('data_corrupted');\n   * }\n   * ```\n   */\n  verify(data: BinaryLike, hash: string): boolean {\n    return hash === this.generate(data);\n  }\n\n  /**\n   * Verify a **self-validate** hash to check its generated by this class (same options).\n   *\n   * Example:\n   *\n   * ```ts\n   * if (!hashGenerator.verifySelfValidate(user.id)) {\n   *   new Error('invalid_user');\n   * }\n   * ```\n   */\n  verifySelfValidate(hash: string): boolean {\n    const gapPos =\n      this.config.crcLength == null || this.config.crcLength < 1\n        ? hash.length / 2\n        : hash.length - this.config.crcLength;\n    const mainHash = hash.substring(0, gapPos);\n    const crcHash = hash.substring(gapPos);\n    return crcHash === this._generateCrc(mainHash);\n  }\n}\n"]}

package/index.d.ts

@@ -0,0 +1,5 @@
+export * from './hash.js';
+export * from './token.js';
+export * from './user.js';
+export * from './type.js';
+//# sourceMappingURL=index.d.ts.map

package/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["src/index.ts"],"names":[],"mappings":"AAEA,cAAc,WAAW,CAAC;AAC1B,cAAc,YAAY,CAAC;AAC3B,cAAc,WAAW,CAAC;AAC1B,cAAc,WAAW,CAAC"}

package/index.js

@@ -0,0 +1,10 @@
+import { globalAlwatr } from '@alwatr/logger';
+export * from './hash.js';
+export * from './token.js';
+export * from './user.js';
+export * from './type.js';
+globalAlwatr.registeredList.push({
+    name: '@alwatr/crypto',
+    version: _ALWATR_VERSION_,
+});
+//# sourceMappingURL=index.js.map

package/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAC,YAAY,EAAC,MAAM,gBAAgB,CAAC;AAE5C,cAAc,WAAW,CAAC;AAC1B,cAAc,YAAY,CAAC;AAC3B,cAAc,WAAW,CAAC;AAC1B,cAAc,WAAW,CAAC;AAE1B,YAAY,CAAC,cAAc,CAAC,IAAI,CAAC;IAC/B,IAAI,EAAE,gBAAgB;IACtB,OAAO,EAAE,gBAAgB;CAC1B,CAAC,CAAC","sourcesContent":["import {globalAlwatr} from '@alwatr/logger';\n\nexport * from './hash.js';\nexport * from './token.js';\nexport * from './user.js';\nexport * from './type.js';\n\nglobalAlwatr.registeredList.push({\n  name: '@alwatr/crypto',\n  version: _ALWATR_VERSION_,\n});\n"]}

package/package.json

@@ -0,0 +1,48 @@
+{
+  "name": "@alwatr/crypto",
+  "version": "0.31.0",
+  "description": "Secure authentication HOTP token generator (the HMAC-based One-Time Password algorithm) and crypto utils written in tiny TypeScript module.",
+  "keywords": [
+    "crypto",
+    "hash",
+    "token",
+    "authentication",
+    "auth",
+    "access",
+    "token",
+    "hmac",
+    "time",
+    "otp",
+    "hotp",
+    "otp-token",
+    "typescript",
+    "esm",
+    "alwatr"
+  ],
+  "main": "index.js",
+  "type": "module",
+  "types": "index.d.ts",
+  "author": "S. Ali Mihandoost <ali.mihandoost@gmail.com>",
+  "license": "MIT",
+  "files": [
+    "**/*.{d.ts.map,d.ts,js.map,js,html,md}"
+  ],
+  "publishConfig": {
+    "access": "public"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/AliMD/alwatr",
+    "directory": "core/crypto"
+  },
+  "homepage": "https://github.com/AliMD/alwatr/tree/main/core/crypto#readme",
+  "bugs": {
+    "url": "https://github.com/AliMD/alwatr/issues"
+  },
+  "dependencies": {
+    "@alwatr/logger": "^0.31.0",
+    "@alwatr/math": "^0.31.0",
+    "tslib": "^2.5.0"
+  },
+  "gitHead": "896e64b58eed6e9048e870557ecf399d42705612"
+}

package/token.d.ts

@@ -0,0 +1,28 @@
+import type { TokenGeneratorConfig, TokenStatus } from './type.js';
+/**
+ * Secure authentication HOTP token generator (HMAC-based One-Time Password algorithm).
+ */
+export declare class AlwatrTokenGenerator {
+    config: TokenGeneratorConfig;
+    protected _duration: number | null;
+    get epoch(): number;
+    constructor(config: TokenGeneratorConfig);
+    protected _generate(data: string, epoch: number): string;
+    /**
+     * Generate HOTP token from data base on special duration.
+     *
+     * ```ts
+     * user.auth = tokenGenerator.generate(`${user.id}-${user.role}`);
+     * ```
+     */
+    generate(data: string): string;
+    /**
+     * Token verification.
+     *
+     * ```ts
+     * const validateStatus = tokenGenerator.verify(`${user.id}-${user.role}`, user.auth);
+     * ```
+     */
+    verify(data: string, token: string): TokenStatus;
+}
+//# sourceMappingURL=token.d.ts.map

package/token.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"token.d.ts","sourceRoot":"","sources":["src/token.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAC,oBAAoB,EAAE,WAAW,EAAC,MAAM,WAAW,CAAC;AAEjE;;GAEG;AACH,qBAAa,oBAAoB;IAOZ,MAAM,EAAE,oBAAoB;IAN/C,SAAS,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IAEnC,IAAI,KAAK,IAAI,MAAM,CAElB;gBAEkB,MAAM,EAAE,oBAAoB;IAI/C,SAAS,CAAC,SAAS,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,MAAM;IAMxD;;;;;;OAMG;IACH,QAAQ,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM;IAI9B;;;;;;OAMG;IACH,MAAM,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,WAAW;CAejD"}

package/token.js

@@ -0,0 +1,52 @@
+import { createHmac } from 'node:crypto';
+import { parseDuration } from '@alwatr/math';
+/**
+ * Secure authentication HOTP token generator (HMAC-based One-Time Password algorithm).
+ */
+export class AlwatrTokenGenerator {
+    get epoch() {
+        return this._duration == null ? 0 : Math.floor(Date.now() / this._duration);
+    }
+    constructor(config) {
+        this.config = config;
+        this._duration = config.duration == null ? null : parseDuration(config.duration);
+    }
+    _generate(data, epoch) {
+        return createHmac(this.config.algorithm, data)
+            .update(data + epoch)
+            .digest(this.config.encoding);
+    }
+    /**
+     * Generate HOTP token from data base on special duration.
+     *
+     * ```ts
+     * user.auth = tokenGenerator.generate(`${user.id}-${user.role}`);
+     * ```
+     */
+    generate(data) {
+        return this._generate(data, this.epoch);
+    }
+    /**
+     * Token verification.
+     *
+     * ```ts
+     * const validateStatus = tokenGenerator.verify(`${user.id}-${user.role}`, user.auth);
+     * ```
+     */
+    verify(data, token) {
+        const epoch = this.epoch;
+        if (token === this._generate(data, epoch)) {
+            return 'valid';
+        }
+        else if (this._duration == null) {
+            return 'invalid';
+        }
+        else if (token === this._generate(data, epoch - 1)) {
+            return 'expired';
+        }
+        else {
+            return 'invalid';
+        }
+    }
+}
+//# sourceMappingURL=token.js.map

package/token.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"token.js","sourceRoot":"","sources":["src/token.ts"],"names":[],"mappings":"AAAA,OAAO,EAAC,UAAU,EAAC,MAAM,aAAa,CAAC;AAEvC,OAAO,EAAC,aAAa,EAAC,MAAM,cAAc,CAAC;AAI3C;;GAEG;AACH,MAAM,OAAO,oBAAoB;IAG/B,IAAI,KAAK;QACP,OAAO,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC;IAC9E,CAAC;IAED,YAAmB,MAA4B;QAA5B,WAAM,GAAN,MAAM,CAAsB;QAC7C,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,QAAQ,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,aAAa,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IACnF,CAAC;IAES,SAAS,CAAC,IAAY,EAAE,KAAa;QAC7C,OAAO,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC;aACzC,MAAM,CAAC,IAAI,GAAG,KAAK,CAAC;aACpB,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IACpC,CAAC;IAED;;;;;;OAMG;IACH,QAAQ,CAAC,IAAY;QACnB,OAAO,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC;IAC1C,CAAC;IAED;;;;;;OAMG;IACH,MAAM,CAAC,IAAY,EAAE,KAAa;QAChC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;QACzB,IAAI,KAAK,KAAK,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,KAAK,CAAC,EAAE;YACzC,OAAO,OAAO,CAAC;SAChB;aACI,IAAI,IAAI,CAAC,SAAS,IAAI,IAAI,EAAE;YAC/B,OAAO,SAAS,CAAC;SAClB;aACI,IAAI,KAAK,KAAK,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,KAAK,GAAG,CAAC,CAAC,EAAE;YAClD,OAAO,SAAS,CAAC;SAClB;aACI;YACH,OAAO,SAAS,CAAC;SAClB;IACH,CAAC;CACF","sourcesContent":["import {createHmac} from 'node:crypto';\n\nimport {parseDuration} from '@alwatr/math';\n\nimport type {TokenGeneratorConfig, TokenStatus} from './type.js';\n\n/**\n * Secure authentication HOTP token generator (HMAC-based One-Time Password algorithm).\n */\nexport class AlwatrTokenGenerator {\n  protected _duration: number | null;\n\n  get epoch(): number {\n    return this._duration == null ? 0 : Math.floor(Date.now() / this._duration);\n  }\n\n  constructor(public config: TokenGeneratorConfig) {\n    this._duration = config.duration == null ? null : parseDuration(config.duration);\n  }\n\n  protected _generate(data: string, epoch: number): string {\n    return createHmac(this.config.algorithm, data)\n        .update(data + epoch)\n        .digest(this.config.encoding);\n  }\n\n  /**\n   * Generate HOTP token from data base on special duration.\n   *\n   * ```ts\n   * user.auth = tokenGenerator.generate(`${user.id}-${user.role}`);\n   * ```\n   */\n  generate(data: string): string {\n    return this._generate(data, this.epoch);\n  }\n\n  /**\n   * Token verification.\n   *\n   * ```ts\n   * const validateStatus = tokenGenerator.verify(`${user.id}-${user.role}`, user.auth);\n   * ```\n   */\n  verify(data: string, token: string): TokenStatus {\n    const epoch = this.epoch;\n    if (token === this._generate(data, epoch)) {\n      return 'valid';\n    }\n    else if (this._duration == null) {\n      return 'invalid';\n    }\n    else if (token === this._generate(data, epoch - 1)) {\n      return 'expired';\n    }\n    else {\n      return 'invalid';\n    }\n  }\n}\n"]}

package/type.d.ts

@@ -0,0 +1,44 @@
+import type { DurationString } from '@alwatr/math';
+export type CryptoAlgorithm = 'md5' | 'sha1' | 'sha224' | 'sha256' | 'sha384' | 'sha512';
+export type CryptoEncoding = 'base64' | 'base64url' | 'hex' | 'binary';
+export type TokenStatus = 'valid' | 'invalid' | 'expired';
+export type HashStatus = 'valid' | 'invalid';
+export interface TokenGeneratorConfig {
+    /**
+     * Secret string data to generate token.
+     */
+    secret: string;
+    /**
+     * Token expiration time.
+     *
+     * `null` mean without expiration time
+     */
+    duration: DurationString | null;
+    /**
+     * OpenSSl digest algorithm.
+     */
+    algorithm: CryptoAlgorithm;
+    /**
+     * Encoding of token.
+     */
+    encoding: CryptoEncoding;
+}
+export interface HashGeneratorConfig {
+    /**
+     * OpenSSl digest algorithm.
+     */
+    algorithm: CryptoAlgorithm;
+    /**
+     * Encoding of hash.
+     */
+    encoding: CryptoEncoding;
+    /**
+     * CRC hash max length.
+     */
+    crcLength?: number;
+}
+export interface UserFactoryConfig {
+    tokenConfig: TokenGeneratorConfig;
+    hashConfig: HashGeneratorConfig;
+}
+//# sourceMappingURL=type.d.ts.map

package/type.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"type.d.ts","sourceRoot":"","sources":["src/type.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAC,cAAc,EAAC,MAAM,cAAc,CAAC;AAEjD,MAAM,MAAM,eAAe,GAAG,KAAK,GAAG,MAAM,GAAG,QAAQ,GAAG,QAAQ,GAAG,QAAQ,GAAG,QAAQ,CAAC;AACzF,MAAM,MAAM,cAAc,GAAG,QAAQ,GAAG,WAAW,GAAG,KAAK,GAAG,QAAQ,CAAC;AAEvE,MAAM,MAAM,WAAW,GAAG,OAAO,GAAG,SAAS,GAAG,SAAS,CAAC;AAC1D,MAAM,MAAM,UAAU,GAAG,OAAO,GAAG,SAAS,CAAC;AAG7C,MAAM,WAAW,oBAAoB;IACnC;;OAEG;IACH,MAAM,EAAE,MAAM,CAAC;IAEf;;;;OAIG;IACH,QAAQ,EAAE,cAAc,GAAG,IAAI,CAAC;IAEhC;;OAEG;IACH,SAAS,EAAE,eAAe,CAAC;IAE3B;;OAEG;IACH,QAAQ,EAAE,cAAc,CAAC;CAC1B;AAED,MAAM,WAAW,mBAAmB;IAClC;;OAEG;IACH,SAAS,EAAE,eAAe,CAAC;IAE3B;;OAEG;IACH,QAAQ,EAAE,cAAc,CAAC;IAEzB;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,iBAAiB;IAChC,WAAW,EAAE,oBAAoB,CAAC;IAClC,UAAU,EAAE,mBAAmB,CAAC;CACjC"}

package/type.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=type.js.map

package/type.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"type.js","sourceRoot":"","sources":["src/type.ts"],"names":[],"mappings":"","sourcesContent":["import type {DurationString} from '@alwatr/math';\n\nexport type CryptoAlgorithm = 'md5' | 'sha1' | 'sha224' | 'sha256' | 'sha384' | 'sha512';\nexport type CryptoEncoding = 'base64' | 'base64url' | 'hex' | 'binary';\n\nexport type TokenStatus = 'valid' | 'invalid' | 'expired';\nexport type HashStatus = 'valid' | 'invalid';\n\n\nexport interface TokenGeneratorConfig {\n  /**\n   * Secret string data to generate token.\n   */\n  secret: string;\n\n  /**\n   * Token expiration time.\n   *\n   * `null` mean without expiration time\n   */\n  duration: DurationString | null;\n\n  /**\n   * OpenSSl digest algorithm.\n   */\n  algorithm: CryptoAlgorithm;\n\n  /**\n   * Encoding of token.\n   */\n  encoding: CryptoEncoding;\n}\n\nexport interface HashGeneratorConfig {\n  /**\n   * OpenSSl digest algorithm.\n   */\n  algorithm: CryptoAlgorithm;\n\n  /**\n   * Encoding of hash.\n   */\n  encoding: CryptoEncoding;\n\n  /**\n   * CRC hash max length.\n   */\n  crcLength?: number;\n}\n\nexport interface UserFactoryConfig {\n  tokenConfig: TokenGeneratorConfig;\n  hashConfig: HashGeneratorConfig;\n}\n"]}

package/user.d.ts

@@ -0,0 +1,59 @@
+import { AlwatrHashGenerator } from './hash.js';
+import { AlwatrTokenGenerator } from './token.js';
+import type { HashGeneratorConfig, TokenGeneratorConfig, TokenStatus } from './type.js';
+/**
+ * Secure User ID/Token Factory (generate and validate authentication process).
+ */
+export declare class AlwatrUserFactory {
+    protected _tokenGenerator: AlwatrTokenGenerator;
+    protected _hashGenerator: AlwatrHashGenerator;
+    constructor(tokenConfig: TokenGeneratorConfig, hashConfig?: HashGeneratorConfig);
+    /**
+     * Generate new self-verifiable user-id.
+     *
+     * Example:
+     *
+     * ```ts
+     * const newUser = {
+     *   id: userFactory.generateId(),
+     *   ...
+     * }
+     * ```
+     */
+    generateId(): string;
+    /**
+     * Validate user-id without token.
+     *
+     * Example:
+     *
+     * ```ts
+     * if (!userFactory.verifyId(user.id)) {
+     *   new Error('invalid_user');
+     * }
+     * ```
+     */
+    verifyId(id: string): boolean;
+    /**
+     * Generate user auth token.
+     *
+     * Example:
+     *
+     * ```ts
+     * const userToken = userFactory.generateToken([user.id, user.lpe]);
+     * ```
+     */
+    generateToken(uniquelyList: Array<string | number | boolean>): string;
+    /**
+     * Verify user auth token.
+     *
+     * Example:
+     *
+     * ```ts
+     * if (!userFactory.verifyToken([user.id, user.lpe], userToken)) {
+     *   new error('invalid_token');
+     * }
+     * ```
+     */
+    verifyToken(uniquelyList: Array<string | number | boolean>, token: string): TokenStatus;
+}
+//# sourceMappingURL=user.d.ts.map

package/user.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"user.d.ts","sourceRoot":"","sources":["src/user.ts"],"names":[],"mappings":"AAAA,OAAO,EAAC,mBAAmB,EAAC,MAAM,WAAW,CAAC;AAC9C,OAAO,EAAC,oBAAoB,EAAC,MAAM,YAAY,CAAC;AAEhD,OAAO,KAAK,EAAC,mBAAmB,EAAE,oBAAoB,EAAE,WAAW,EAAC,MAAM,WAAW,CAAC;AAEtF;;GAEG;AACH,qBAAa,iBAAiB;IAC5B,SAAS,CAAC,eAAe,uBAAC;IAC1B,SAAS,CAAC,cAAc,sBAAC;gBAGrB,WAAW,EAAE,oBAAoB,EACjC,UAAU,CAAC,EAAE,mBAAmB;IAMpC;;;;;;;;;;;OAWG;IACH,UAAU,IAAI,MAAM;IAIpB;;;;;;;;;;OAUG;IACH,QAAQ,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO;IAI7B;;;;;;;;OAQG;IACH,aAAa,CAAC,YAAY,EAAE,KAAK,CAAC,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC,GAAG,MAAM;IAIrE;;;;;;;;;;OAUG;IACH,WAAW,CAAC,YAAY,EAAE,KAAK,CAAC,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC,EAAE,KAAK,EAAE,MAAM,GAAG,WAAW;CAGxF"}

package/user.js

@@ -0,0 +1,67 @@
+import { AlwatrHashGenerator } from './hash.js';
+import { AlwatrTokenGenerator } from './token.js';
+/**
+ * Secure User ID/Token Factory (generate and validate authentication process).
+ */
+export class AlwatrUserFactory {
+    constructor(tokenConfig, hashConfig) {
+        this._tokenGenerator = new AlwatrTokenGenerator(tokenConfig);
+        this._hashGenerator = new AlwatrHashGenerator(hashConfig);
+    }
+    /**
+     * Generate new self-verifiable user-id.
+     *
+     * Example:
+     *
+     * ```ts
+     * const newUser = {
+     *   id: userFactory.generateId(),
+     *   ...
+     * }
+     * ```
+     */
+    generateId() {
+        return 'U' + this._hashGenerator.randomSelfValidate();
+    }
+    /**
+     * Validate user-id without token.
+     *
+     * Example:
+     *
+     * ```ts
+     * if (!userFactory.verifyId(user.id)) {
+     *   new Error('invalid_user');
+     * }
+     * ```
+     */
+    verifyId(id) {
+        return this._hashGenerator.verifySelfValidate(id.substring(1));
+    }
+    /**
+     * Generate user auth token.
+     *
+     * Example:
+     *
+     * ```ts
+     * const userToken = userFactory.generateToken([user.id, user.lpe]);
+     * ```
+     */
+    generateToken(uniquelyList) {
+        return this._tokenGenerator.generate(uniquelyList.join());
+    }
+    /**
+     * Verify user auth token.
+     *
+     * Example:
+     *
+     * ```ts
+     * if (!userFactory.verifyToken([user.id, user.lpe], userToken)) {
+     *   new error('invalid_token');
+     * }
+     * ```
+     */
+    verifyToken(uniquelyList, token) {
+        return this._tokenGenerator.verify(uniquelyList.join(), token);
+    }
+}
+//# sourceMappingURL=user.js.map

package/user.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"user.js","sourceRoot":"","sources":["src/user.ts"],"names":[],"mappings":"AAAA,OAAO,EAAC,mBAAmB,EAAC,MAAM,WAAW,CAAC;AAC9C,OAAO,EAAC,oBAAoB,EAAC,MAAM,YAAY,CAAC;AAIhD;;GAEG;AACH,MAAM,OAAO,iBAAiB;IAI5B,YACI,WAAiC,EACjC,UAAgC;QAElC,IAAI,CAAC,eAAe,GAAG,IAAI,oBAAoB,CAAC,WAAW,CAAC,CAAC;QAC7D,IAAI,CAAC,cAAc,GAAG,IAAI,mBAAmB,CAAC,UAAU,CAAC,CAAC;IAC5D,CAAC;IAED;;;;;;;;;;;OAWG;IACH,UAAU;QACR,OAAO,GAAG,GAAG,IAAI,CAAC,cAAc,CAAC,kBAAkB,EAAE,CAAC;IACxD,CAAC;IAED;;;;;;;;;;OAUG;IACH,QAAQ,CAAC,EAAU;QACjB,OAAO,IAAI,CAAC,cAAc,CAAC,kBAAkB,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;IACjE,CAAC;IAED;;;;;;;;OAQG;IACH,aAAa,CAAC,YAA8C;QAC1D,OAAO,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC,CAAC;IAC5D,CAAC;IAED;;;;;;;;;;OAUG;IACH,WAAW,CAAC,YAA8C,EAAE,KAAa;QACvE,OAAO,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,YAAY,CAAC,IAAI,EAAE,EAAE,KAAK,CAAC,CAAC;IACjE,CAAC;CACF","sourcesContent":["import {AlwatrHashGenerator} from './hash.js';\nimport {AlwatrTokenGenerator} from './token.js';\n\nimport type {HashGeneratorConfig, TokenGeneratorConfig, TokenStatus} from './type.js';\n\n/**\n * Secure User ID/Token Factory (generate and validate authentication process).\n */\nexport class AlwatrUserFactory {\n  protected _tokenGenerator;\n  protected _hashGenerator;\n\n  constructor(\n      tokenConfig: TokenGeneratorConfig,\n      hashConfig?: HashGeneratorConfig,\n  ) {\n    this._tokenGenerator = new AlwatrTokenGenerator(tokenConfig);\n    this._hashGenerator = new AlwatrHashGenerator(hashConfig);\n  }\n\n  /**\n   * Generate new self-verifiable user-id.\n   *\n   * Example:\n   *\n   * ```ts\n   * const newUser = {\n   *   id: userFactory.generateId(),\n   *   ...\n   * }\n   * ```\n   */\n  generateId(): string {\n    return 'U' + this._hashGenerator.randomSelfValidate();\n  }\n\n  /**\n   * Validate user-id without token.\n   *\n   * Example:\n   *\n   * ```ts\n   * if (!userFactory.verifyId(user.id)) {\n   *   new Error('invalid_user');\n   * }\n   * ```\n   */\n  verifyId(id: string): boolean {\n    return this._hashGenerator.verifySelfValidate(id.substring(1));\n  }\n\n  /**\n   * Generate user auth token.\n   *\n   * Example:\n   *\n   * ```ts\n   * const userToken = userFactory.generateToken([user.id, user.lpe]);\n   * ```\n   */\n  generateToken(uniquelyList: Array<string | number | boolean>): string {\n    return this._tokenGenerator.generate(uniquelyList.join());\n  }\n\n  /**\n   * Verify user auth token.\n   *\n   * Example:\n   *\n   * ```ts\n   * if (!userFactory.verifyToken([user.id, user.lpe], userToken)) {\n   *   new error('invalid_token');\n   * }\n   * ```\n   */\n  verifyToken(uniquelyList: Array<string | number | boolean>, token: string): TokenStatus {\n    return this._tokenGenerator.verify(uniquelyList.join(), token);\n  }\n}\n"]}