npm - @carecard/auth-util - Versions diffs - 1.0.0 - Mend

@carecard/auth-util 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (30) hide show

package/dist/cjs/cryptoUtilAuth.cjs +124 -0
package/dist/cjs/cryptoUtilAuth.d.ts +48 -0
package/dist/cjs/index.cjs +22 -0
package/dist/cjs/index.d.ts +6 -0
package/dist/cjs/jwtUtilAuth.cjs +110 -0
package/dist/cjs/jwtUtilAuth.d.ts +35 -0
package/dist/cjs/keyGen.cjs +16 -0
package/dist/cjs/keyGen.d.ts +11 -0
package/dist/cjs/pwdUtilAuth.cjs +97 -0
package/dist/cjs/pwdUtilAuth.d.ts +39 -0
package/dist/cjs/strEncryptUtil.cjs +138 -0
package/dist/cjs/strEncryptUtil.d.ts +46 -0
package/dist/cjs/stringUtilAuth.cjs +107 -0
package/dist/cjs/stringUtilAuth.d.ts +64 -0
package/dist/esm/cryptoUtilAuth.d.ts +48 -0
package/dist/esm/cryptoUtilAuth.js +82 -0
package/dist/esm/index.d.ts +6 -0
package/dist/esm/index.js +6 -0
package/dist/esm/jwtUtilAuth.d.ts +35 -0
package/dist/esm/jwtUtilAuth.js +69 -0
package/dist/esm/keyGen.d.ts +11 -0
package/dist/esm/keyGen.js +12 -0
package/dist/esm/pwdUtilAuth.d.ts +39 -0
package/dist/esm/pwdUtilAuth.js +56 -0
package/dist/esm/strEncryptUtil.d.ts +46 -0
package/dist/esm/strEncryptUtil.js +97 -0
package/dist/esm/stringUtilAuth.d.ts +64 -0
package/dist/esm/stringUtilAuth.js +96 -0
package/package.json +54 -0
package/readme.md +51 -0

package/dist/cjs/cryptoUtilAuth.cjs ADDED Viewed

@@ -0,0 +1,124 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.decryptStringBase64ToAscii = exports.encryptStringAsciiToBase64 = exports.createSaltBase64 = exports.createHmacBase64 = exports.verifyBase64SignatureOfToken = exports.createBase64SignatureOfToken = void 0;
+const crypto = __importStar(require("crypto"));
+/**
+ * Signs a token returns signature string
+ * @param token
+ * @param privateKey
+ * @param signingAlgorithm
+ * @returns {string}
+ */
+const createBase64SignatureOfToken = function (token = '', privateKey, signingAlgorithm) {
+    const sign = crypto.createSign(signingAlgorithm);
+    sign.write(token);
+    sign.end();
+    return sign.sign(privateKey, 'base64');
+};
+exports.createBase64SignatureOfToken = createBase64SignatureOfToken;
+/**
+ * Verifies the signature returns true or false
+ * @param token
+ * @param signature
+ * @param publicKey
+ * @param signingAlgorithm
+ * @returns {boolean}
+ */
+const verifyBase64SignatureOfToken = function (token = '', signature, publicKey, signingAlgorithm) {
+    const verify = crypto.createVerify(signingAlgorithm);
+    verify.update(token);
+    verify.end();
+    return verify.verify(publicKey, signature, 'base64');
+};
+exports.verifyBase64SignatureOfToken = verifyBase64SignatureOfToken;
+/**
+ * Creates the hash of given string
+ * @param string
+ * @param secret
+ * @param algorithm
+ * @returns {string}
+ */
+const createHmacBase64 = function (string = '', secret, algorithm) {
+    const hmac = crypto.createHmac(algorithm, secret);
+    hmac.update(string);
+    return hmac.digest('base64');
+};
+exports.createHmacBase64 = createHmacBase64;
+/**
+ * Create random salt
+ * @returns {string}
+ */
+const createSaltBase64 = () => {
+    const date = new Date().valueOf();
+    const hmac = crypto.createHmac('SHA256', date.toString());
+    hmac.update(date.toString());
+    return hmac.digest('base64');
+};
+exports.createSaltBase64 = createSaltBase64;
+/**
+ * Encrypt given string
+ * @param string
+ * @param salt
+ * @param secret
+ * @param algorithm
+ * @returns {string}
+ */
+const encryptStringAsciiToBase64 = (string, salt, secret, algorithm) => {
+    const key = crypto.scryptSync(secret, salt, 24);
+    const iv = Buffer.alloc(16, 0);
+    const cipher = crypto.createCipheriv(algorithm, key, iv);
+    let encrypted = cipher.update(string, 'ascii', 'base64');
+    encrypted += cipher.final('base64');
+    return encrypted;
+};
+exports.encryptStringAsciiToBase64 = encryptStringAsciiToBase64;
+/**
+ * Decrypts given string
+ * @param encryptedString
+ * @param salt
+ * @param secret
+ * @param algorithm
+ * @returns {string}
+ */
+const decryptStringBase64ToAscii = (encryptedString, salt, secret, algorithm) => {
+    const key = crypto.scryptSync(secret, salt, 24);
+    const iv = Buffer.alloc(16, 0);
+    const decipher = crypto.createDecipheriv(algorithm, key, iv);
+    let decrypted = decipher.update(encryptedString, 'base64', 'ascii');
+    decrypted += decipher.final('ascii');
+    return decrypted;
+};
+exports.decryptStringBase64ToAscii = decryptStringBase64ToAscii;

package/dist/cjs/cryptoUtilAuth.d.ts ADDED Viewed

@@ -0,0 +1,48 @@
+/**
+ * Signs a token returns signature string
+ * @param token
+ * @param privateKey
+ * @param signingAlgorithm
+ * @returns {string}
+ */
+export declare const createBase64SignatureOfToken: (token: string | undefined, privateKey: string, signingAlgorithm: string) => string;
+/**
+ * Verifies the signature returns true or false
+ * @param token
+ * @param signature
+ * @param publicKey
+ * @param signingAlgorithm
+ * @returns {boolean}
+ */
+export declare const verifyBase64SignatureOfToken: (token: string | undefined, signature: string, publicKey: string, signingAlgorithm: string) => boolean;
+/**
+ * Creates the hash of given string
+ * @param string
+ * @param secret
+ * @param algorithm
+ * @returns {string}
+ */
+export declare const createHmacBase64: (string: string | undefined, secret: string, algorithm: string) => string;
+/**
+ * Create random salt
+ * @returns {string}
+ */
+export declare const createSaltBase64: () => string;
+/**
+ * Encrypt given string
+ * @param string
+ * @param salt
+ * @param secret
+ * @param algorithm
+ * @returns {string}
+ */
+export declare const encryptStringAsciiToBase64: (string: string, salt: string, secret: string, algorithm: string) => string;
+/**
+ * Decrypts given string
+ * @param encryptedString
+ * @param salt
+ * @param secret
+ * @param algorithm
+ * @returns {string}
+ */
+export declare const decryptStringBase64ToAscii: (encryptedString: string, salt: string, secret: string, algorithm: string) => string;

package/dist/cjs/index.cjs ADDED Viewed

@@ -0,0 +1,22 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./cryptoUtilAuth"), exports);
+__exportStar(require("./jwtUtilAuth"), exports);
+__exportStar(require("./keyGen"), exports);
+__exportStar(require("./pwdUtilAuth"), exports);
+__exportStar(require("./strEncryptUtil"), exports);
+__exportStar(require("./stringUtilAuth"), exports);

package/dist/cjs/index.d.ts ADDED Viewed

@@ -0,0 +1,6 @@
+export * from './cryptoUtilAuth';
+export * from './jwtUtilAuth';
+export * from './keyGen';
+export * from './pwdUtilAuth';
+export * from './strEncryptUtil';
+export * from './stringUtilAuth';

package/dist/cjs/jwtUtilAuth.cjs ADDED Viewed

@@ -0,0 +1,110 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getHeaderPayloadFromJwt = exports.verifyJwtSignature = exports.createSignedJwtFromObject = exports._splitJwtInToHeaderPayloadSignature = exports._assembleJwt = void 0;
+const stringUtilAuth = __importStar(require("./stringUtilAuth"));
+const cryptoUtilAuth = __importStar(require("./cryptoUtilAuth"));
+/**
+ * User supplied header, payload and signature create jwt.
+ * @returns {string|null}
+ * @param headerBase64
+ * @param payloadBase64
+ * @param signatureBase64
+ */
+const _assembleJwt = (headerBase64, payloadBase64, signatureBase64) => {
+    return headerBase64 + '.' + payloadBase64 + '.' + signatureBase64;
+};
+exports._assembleJwt = _assembleJwt;
+/**
+ * User supplied header, payload and signature create jwt.
+ * @returns {{payload: *, signature: *, header: *}}
+ * @param jwt
+ */
+const _splitJwtInToHeaderPayloadSignature = (jwt) => {
+    return stringUtilAuth.dotConnectedStringToHeaderPayloadSignature(jwt);
+};
+exports._splitJwtInToHeaderPayloadSignature = _splitJwtInToHeaderPayloadSignature;
+/**
+ * Creates Url safe jwt
+ * @param headerObject
+ * @param payloadObject
+ * @param privateKey
+ * @return {string|null}
+ */
+const createSignedJwtFromObject = (headerObject, payloadObject, privateKey) => {
+    try {
+        const algorithm = headerObject.alg;
+        const headerBase64UrlSafe = stringUtilAuth.objectToBase64UrlSafeString(headerObject);
+        const payloadBase64UrlSafe = stringUtilAuth.objectToBase64UrlSafeString(payloadObject);
+        const token = headerBase64UrlSafe + '.' + payloadBase64UrlSafe;
+        const signature = cryptoUtilAuth.createBase64SignatureOfToken(token, privateKey, algorithm);
+        const urlSafeSignature = stringUtilAuth.makeStringUrlSafe(signature);
+        return (0, exports._assembleJwt)(headerBase64UrlSafe, payloadBase64UrlSafe, urlSafeSignature);
+    }
+    catch (error) {
+        return null;
+    }
+};
+exports.createSignedJwtFromObject = createSignedJwtFromObject;
+/**
+ * Verify signature of jwt
+ * @param jwt
+ * @param publicKey
+ * @return {boolean}
+ */
+const verifyJwtSignature = (jwt, publicKey) => {
+    try {
+        const { header, payload, signature } = (0, exports._splitJwtInToHeaderPayloadSignature)(jwt);
+        const token = header + '.' + payload;
+        const headerObject = stringUtilAuth.urlSafeBase64ToObject(header);
+        return cryptoUtilAuth.verifyBase64SignatureOfToken(token, signature, publicKey, headerObject.alg);
+    }
+    catch (error) {
+        return false;
+    }
+};
+exports.verifyJwtSignature = verifyJwtSignature;
+/**
+ * Returns header and payload object for jwt.
+ * @param jwt
+ * @return {{payload: any, header: any}}
+ */
+const getHeaderPayloadFromJwt = (jwt) => {
+    const { header, payload } = (0, exports._splitJwtInToHeaderPayloadSignature)(jwt);
+    let headerAscii = stringUtilAuth.base64ToAscii(header);
+    let payloadAscii = stringUtilAuth.base64ToAscii(payload);
+    return { header: JSON.parse(headerAscii), payload: JSON.parse(payloadAscii) };
+};
+exports.getHeaderPayloadFromJwt = getHeaderPayloadFromJwt;

package/dist/cjs/jwtUtilAuth.d.ts ADDED Viewed

@@ -0,0 +1,35 @@
+/**
+ * User supplied header, payload and signature create jwt.
+ * @returns {string|null}
+ * @param headerBase64
+ * @param payloadBase64
+ * @param signatureBase64
+ */
+export declare const _assembleJwt: (headerBase64: string, payloadBase64: string, signatureBase64: string) => string;
+/**
+ * User supplied header, payload and signature create jwt.
+ * @returns {{payload: *, signature: *, header: *}}
+ * @param jwt
+ */
+export declare const _splitJwtInToHeaderPayloadSignature: (jwt: string) => any;
+/**
+ * Creates Url safe jwt
+ * @param headerObject
+ * @param payloadObject
+ * @param privateKey
+ * @return {string|null}
+ */
+export declare const createSignedJwtFromObject: (headerObject: any, payloadObject: any, privateKey: string) => any;
+/**
+ * Verify signature of jwt
+ * @param jwt
+ * @param publicKey
+ * @return {boolean}
+ */
+export declare const verifyJwtSignature: (jwt: string, publicKey: string) => boolean;
+/**
+ * Returns header and payload object for jwt.
+ * @param jwt
+ * @return {{payload: any, header: any}}
+ */
+export declare const getHeaderPayloadFromJwt: (jwt: string) => any;

package/dist/cjs/keyGen.cjs ADDED Viewed

@@ -0,0 +1,16 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.generateKeyPair = void 0;
+const node_crypto_1 = require("node:crypto");
+const generateKeyPair = (modulusLength = 4096) => (0, node_crypto_1.generateKeyPairSync)('rsa', {
+    modulusLength: modulusLength,
+    publicKeyEncoding: {
+        type: 'spki',
+        format: 'pem',
+    },
+    privateKeyEncoding: {
+        type: 'pkcs8',
+        format: 'pem',
+    },
+});
+exports.generateKeyPair = generateKeyPair;

package/dist/cjs/keyGen.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+export declare const generateKeyPair: (modulusLength?: number) => import("node:crypto").KeyPairExportResult<{
+    modulusLength: number;
+    publicKeyEncoding: {
+        type: "spki";
+        format: "pem";
+    };
+    privateKeyEncoding: {
+        type: "pkcs8";
+        format: "pem";
+    };
+}>;

package/dist/cjs/pwdUtilAuth.cjs ADDED Viewed

@@ -0,0 +1,97 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createPasswordHashBasedOnSavedAlgorithmSalt = exports.createPasswordHashWithRandomSalt = exports._createPasswordHash = exports._disassemblePasswordHash = exports._assemblePasswordHash = void 0;
+const cryptoUtilAuth = __importStar(require("./cryptoUtilAuth"));
+const stringUtilAuth = __importStar(require("./stringUtilAuth"));
+/**
+ * Just assemble password together
+ * @param algorithmBase64
+ * @param hashBase64
+ * @param saltBase64
+ * @return {string}
+ */
+const _assemblePasswordHash = (algorithmBase64, hashBase64, saltBase64) => {
+    return '$1$' + algorithmBase64 + '$' + hashBase64 + '$' + saltBase64 + '$';
+};
+exports._assemblePasswordHash = _assemblePasswordHash;
+/**
+ * Break password into its parts does not reverse base64 encoding.
+ * @param passwordHashStored
+ * @return {{salt: *, version: *, alg: *, hash: *}}
+ */
+const _disassemblePasswordHash = (passwordHashStored) => {
+    return stringUtilAuth.dollarSignConnectedStringToAlgorithmHashSalt(passwordHashStored);
+};
+exports._disassemblePasswordHash = _disassemblePasswordHash;
+/**
+ * Creates password hash ready to be saved in database.
+ * @param password
+ * @param secret
+ * @param salt
+ * @param algorithm
+ * @return {string}
+ */
+const _createPasswordHash = (password, secret, salt, algorithm) => {
+    const algorithmBase64 = stringUtilAuth.asciiToBase64(algorithm);
+    const hashBase64 = cryptoUtilAuth.createHmacBase64(password, secret, algorithm);
+    return (0, exports._assemblePasswordHash)(algorithmBase64, hashBase64, salt);
+};
+exports._createPasswordHash = _createPasswordHash;
+/**
+ * Automatically adds random salt.
+ * @param password
+ * @param secret
+ * @param algorithm
+ * @return {string}
+ */
+const createPasswordHashWithRandomSalt = (password, secret, algorithm) => {
+    const salt = cryptoUtilAuth.createSaltBase64();
+    return (0, exports._createPasswordHash)(password, secret, salt, algorithm);
+};
+exports.createPasswordHashWithRandomSalt = createPasswordHashWithRandomSalt;
+/**
+ * Creates hash based on saved hash in database.
+ * @param password
+ * @param savedPasswordHash
+ * @param secret
+ * @return {string}
+ */
+const createPasswordHashBasedOnSavedAlgorithmSalt = (password, savedPasswordHash, secret) => {
+    const { alg, salt } = (0, exports._disassemblePasswordHash)(savedPasswordHash);
+    const algorithm = stringUtilAuth.base64ToAscii(alg);
+    return (0, exports._createPasswordHash)(password, secret, salt, algorithm);
+};
+exports.createPasswordHashBasedOnSavedAlgorithmSalt = createPasswordHashBasedOnSavedAlgorithmSalt;

package/dist/cjs/pwdUtilAuth.d.ts ADDED Viewed

@@ -0,0 +1,39 @@
+/**
+ * Just assemble password together
+ * @param algorithmBase64
+ * @param hashBase64
+ * @param saltBase64
+ * @return {string}
+ */
+export declare const _assemblePasswordHash: (algorithmBase64: string, hashBase64: string, saltBase64: string) => string;
+/**
+ * Break password into its parts does not reverse base64 encoding.
+ * @param passwordHashStored
+ * @return {{salt: *, version: *, alg: *, hash: *}}
+ */
+export declare const _disassemblePasswordHash: (passwordHashStored: string) => any;
+/**
+ * Creates password hash ready to be saved in database.
+ * @param password
+ * @param secret
+ * @param salt
+ * @param algorithm
+ * @return {string}
+ */
+export declare const _createPasswordHash: (password: string, secret: string, salt: string, algorithm: string) => string;
+/**
+ * Automatically adds random salt.
+ * @param password
+ * @param secret
+ * @param algorithm
+ * @return {string}
+ */
+export declare const createPasswordHashWithRandomSalt: (password: string, secret: string, algorithm: string) => string;
+/**
+ * Creates hash based on saved hash in database.
+ * @param password
+ * @param savedPasswordHash
+ * @param secret
+ * @return {string}
+ */
+export declare const createPasswordHashBasedOnSavedAlgorithmSalt: (password: string, savedPasswordHash: string, secret: string) => string;

package/dist/cjs/strEncryptUtil.cjs ADDED Viewed

@@ -0,0 +1,138 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.decryptByKey = exports.encryptByKey = exports.decryptByPublicKey = exports.encryptByPrivateKey = void 0;
+exports.createKey = createKey;
+// src/strEncryptUtil.ts
+const crypto = __importStar(require("crypto"));
+/**
+ * Derive a key using scrypt.
+ */
+function createKey(key, keyLength = 32) {
+    // scryptSync returns a Buffer
+    return crypto.scryptSync(key, key, keyLength);
+}
+/* --------------------------------------------------
+ * Helpers
+ * -------------------------------------------------- */
+function getErrorCodeOrFallback(error) {
+    // Safely narrow 'unknown' to read 'code' when available
+    if (typeof error === 'object' &&
+        error !== null &&
+        'code' in error &&
+        typeof error.code === 'string') {
+        return error.code;
+    }
+    if (error instanceof Error) {
+        // You can return message or name; using name keeps it short
+        return `ERROR:${error.name}`;
+    }
+    return 'UNKNOWN_ERROR';
+}
+/* --------------------------------------------------
+ * Asymmetric Encryption (RSA or similar)
+ * -------------------------------------------------- */
+/**
+ * Encrypts text using a private key, returning an encoded cipher text string.
+ * On error, returns a code string if present, otherwise a fallback.
+ */
+const encryptByPrivateKey = (encryptionConfigObj, textToEncrypt) => {
+    try {
+        const encrypted = crypto.privateEncrypt(encryptionConfigObj.privateKey, Buffer.from(textToEncrypt, 'utf8'));
+        return encrypted.toString(encryptionConfigObj.encryptedTextEncoding);
+    }
+    catch (error) {
+        return getErrorCodeOrFallback(error);
+    }
+};
+exports.encryptByPrivateKey = encryptByPrivateKey;
+/**
+ * Decrypts text using a public key, returning a plain text string.
+ * On error, returns a code string if present, otherwise a fallback.
+ */
+const decryptByPublicKey = (decryptionConfigObj, textToDecrypt) => {
+    try {
+        const decrypted = crypto.publicDecrypt(decryptionConfigObj.publicKey, Buffer.from(textToDecrypt, decryptionConfigObj.encryptedTextEncoding));
+        return decrypted.toString(decryptionConfigObj.plainTextEncoding);
+    }
+    catch (error) {
+        return getErrorCodeOrFallback(error);
+    }
+};
+exports.decryptByPublicKey = decryptByPublicKey;
+/* --------------------------------------------------
+ * Symmetric Encryption (AES or similar)
+ * -------------------------------------------------- */
+/**
+ * Encrypts text using a symmetric algorithm and derived key, returning an encoded cipher string.
+ * On error, returns a code string if present, otherwise a fallback.
+ *
+ * NOTE: This uses a zero IV (Buffer.alloc(16, 0)) which is generally **not recommended** for production.
+ * Prefer a random IV per encryption and prepend/append it to the output for decryption.
+ */
+const encryptByKey = (encryptConfigObj, textToEncrypt) => {
+    try {
+        const iv = Buffer.alloc(16, 0); // ⚠️ consider using a random IV for security
+        const key = createKey(encryptConfigObj.encryptionKey, encryptConfigObj.keyLength);
+        const cipher = crypto.createCipheriv(encryptConfigObj.cipherAlgorithm, key, iv);
+        let encrypted = cipher.update(textToEncrypt, encryptConfigObj.plainTextEncoding, encryptConfigObj.encryptedTextEncoding);
+        encrypted += cipher.final(encryptConfigObj.encryptedTextEncoding);
+        return encrypted;
+    }
+    catch (error) {
+        return getErrorCodeOrFallback(error);
+    }
+};
+exports.encryptByKey = encryptByKey;
+/**
+ * Decrypts a cipher string using a symmetric algorithm and derived key,
+ * returning the plain text string. On error, returns a code string or fallback.
+ *
+ * NOTE: Must use the same IV that was used during encryption. Here it assumes a zero IV.
+ */
+const decryptByKey = (encryptConfigObj, textToDecrypt) => {
+    try {
+        const iv = Buffer.alloc(16, 0); // ⚠️ must match the IV used in encryptByKey
+        const key = createKey(encryptConfigObj.encryptionKey, encryptConfigObj.keyLength);
+        const decipher = crypto.createDecipheriv(encryptConfigObj.cipherAlgorithm, key, iv);
+        let decrypted = decipher.update(textToDecrypt, encryptConfigObj.encryptedTextEncoding, encryptConfigObj.plainTextEncoding);
+        decrypted += decipher.final(encryptConfigObj.plainTextEncoding);
+        return decrypted;
+    }
+    catch (error) {
+        return getErrorCodeOrFallback(error);
+    }
+};
+exports.decryptByKey = decryptByKey;