@cryptforge/cryptography 0.2.0

package/dist/server.mjs

@@ -0,0 +1,174 @@
+// src/client/CryptoBrowser.ts
+var CryptoBrowser = class {
+  encryptionKey;
+  /**
+   * Creates a new CryptoBrowser instance.
+   * @param getEncryptionKey - Function that returns the encryption key for this instance
+   */
+  constructor() {
+  }
+  /**
+   * Sets the encryption key for the encrypt and decrypt operations.
+   * Validates that the key is AES-GCM with 256-bit length for cross-platform compatibility.
+   *
+   * @param key - The encryption key to set (must be AES-GCM 256-bit)
+   * @throws {Error} If key is not AES-GCM or not 256-bit
+   */
+  setEncryptionKey = (key) => {
+    if (key.algorithm.name !== "AES-GCM") {
+      throw new Error(
+        `Invalid key algorithm: ${key.algorithm.name}. Key must be AES-GCM for cross-platform compatibility with CryptoServer.`
+      );
+    }
+    const keyLength = key.algorithm.length;
+    if (keyLength !== 256) {
+      throw new Error(
+        `Invalid key length: ${keyLength} bits. Key must be 256-bit for cross-platform compatibility with CryptoServer (AES-256-GCM).`
+      );
+    }
+    this.encryptionKey = key;
+  };
+  /**
+   * Creates an encryption function that encrypts string data using AES-GCM encryption.
+   * Uses a random initialization vector (IV) for each encryption operation.
+   * The IV is prepended to the ciphertext and the result is base64-encoded.
+   * Uses the encryption key provided via the `setEncryptionKey` method.
+   *
+   * @returns A curried function that encrypts data
+   */
+  encrypt = () => async (data) => {
+    const key = this.encryptionKey;
+    if (!key) {
+      throw new Error(
+        "Encryption key not available. You must call `setEncryptionKey` before using this instance."
+      );
+    }
+    const iv = crypto.getRandomValues(new Uint8Array(12));
+    const encrypted = await crypto.subtle.encrypt(
+      { name: "AES-GCM", iv },
+      key,
+      new TextEncoder().encode(data)
+    );
+    const combined = new Uint8Array(iv.length + encrypted.byteLength);
+    combined.set(iv);
+    combined.set(new Uint8Array(encrypted), iv.length);
+    return btoa(String.fromCharCode(...combined));
+  };
+  /**
+   * Creates a decryption function that decrypts encrypted string data using AES-GCM decryption.
+   * Extracts the IV from the beginning of the encrypted data and uses it to decrypt the ciphertext.
+   * Uses the encryption key provided via the constructor.
+   *
+   * @returns A curried function that decrypts data
+   */
+  decrypt = () => async (encryptedData) => {
+    const key = this.encryptionKey;
+    if (!key) {
+      throw new Error(
+        "Encryption key not available. You must call `setEncryptionKey` before using this instance."
+      );
+    }
+    const combined = Uint8Array.from(
+      atob(encryptedData),
+      (c) => c.charCodeAt(0)
+    );
+    const iv = combined.slice(0, 12);
+    const ciphertext = combined.slice(12);
+    const decrypted = await crypto.subtle.decrypt(
+      { name: "AES-GCM", iv },
+      key,
+      ciphertext
+    );
+    return new TextDecoder().decode(decrypted);
+  };
+};
+
+// src/server/CryptoServer.ts
+import crypto2 from "crypto";
+var CryptoServer = class {
+  /**
+   * The encryption key for the encrypt and decrypt operations.
+   */
+  encryptionKey;
+  /**
+   * Creates a new CryptoServer instance.
+   */
+  constructor() {
+  }
+  /**
+   * Sets the encryption key for the encrypt and decrypt operations.
+   * Validates that the key is 32 bytes (256 bits) for AES-256-GCM.
+   *
+   * @param key - The encryption key to set (must be 32 bytes / 256 bits)
+   * @throws {Error} If key is not 32 bytes
+   */
+  setEncryptionKey = (key) => {
+    if (key.length !== 32) {
+      throw new Error(
+        `Invalid key length: ${key.length} bytes (${key.length * 8} bits). Key must be 32 bytes (256 bits) for AES-256-GCM cross-platform compatibility with CryptoBrowser.`
+      );
+    }
+    this.encryptionKey = key;
+  };
+  /**
+   * Creates an encryption function that encrypts string data using AES-GCM encryption.
+   * Uses a random initialization vector (IV) for each encryption operation.
+   * The IV is prepended to the ciphertext and the result is base64-encoded.
+   * Uses the encryption key provided via the `setEncryptionKey` method.
+   *
+   * Format matches CryptoBrowser: [IV (12 bytes)][Ciphertext + AuthTag (16 bytes)] -> base64
+   *
+   * @returns A curried function that encrypts data
+   */
+  encrypt = () => async (data) => {
+    const key = this.encryptionKey;
+    if (!key) {
+      throw new Error(
+        "Encryption key not available. You must call `setEncryptionKey` before using this instance."
+      );
+    }
+    const iv = crypto2.randomBytes(12);
+    const cipher = crypto2.createCipheriv("aes-256-gcm", key, iv);
+    let encrypted = cipher.update(data, "utf8");
+    encrypted = Buffer.concat([encrypted, cipher.final()]);
+    const authTag = cipher.getAuthTag();
+    const ciphertextWithAuthTag = Buffer.concat([encrypted, authTag]);
+    const combined = Buffer.concat([iv, ciphertextWithAuthTag]);
+    return combined.toString("base64");
+  };
+  /**
+   * Creates a decryption function that decrypts encrypted string data using AES-GCM decryption.
+   * Extracts the IV from the beginning of the encrypted data and uses it to decrypt the ciphertext.
+   * Uses the encryption key provided via the constructor.
+   *
+   * Format matches CryptoBrowser: base64 -> [IV (12 bytes)][Ciphertext + AuthTag (16 bytes)]
+   *
+   * @returns A curried function that decrypts data
+   */
+  decrypt = () => async (encryptedData) => {
+    const key = this.encryptionKey;
+    if (!key) {
+      throw new Error(
+        "Encryption key not available. You must call `setEncryptionKey` before using this instance."
+      );
+    }
+    const combined = Buffer.from(encryptedData, "base64");
+    const iv = combined.slice(0, 12);
+    const ciphertextWithAuthTag = combined.slice(12);
+    const authTag = ciphertextWithAuthTag.slice(-16);
+    const ciphertext = ciphertextWithAuthTag.slice(0, -16);
+    const decipher = crypto2.createDecipheriv("aes-256-gcm", key, iv);
+    decipher.setAuthTag(authTag);
+    let decrypted = decipher.update(ciphertext);
+    decrypted = Buffer.concat([decrypted, decipher.final()]);
+    return decrypted.toString("utf8");
+  };
+};
+
+// src/server.ts
+var version = "0.1.0-server";
+export {
+  CryptoBrowser,
+  CryptoServer,
+  version
+};

package/package.json

@@ -0,0 +1,50 @@
+{
+  "name": "@cryptforge/cryptography",
+  "version": "0.2.0",
+  "description": "Cryptographic operations for CryptForge applications - supports both client and server environments",
+  "main": "./dist/index.js",
+  "module": "./dist/index.mjs",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.mjs",
+      "require": "./dist/index.js"
+    },
+    "./server": {
+      "types": "./dist/server.d.ts",
+      "import": "./dist/server.mjs",
+      "require": "./dist/server.js"
+    }
+  },
+  "keywords": [
+    "cryptforge",
+    "cryptography",
+    "encryption",
+    "decryption",
+    "security",
+    "crypto"
+  ],
+  "author": "Viktor Albus",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/viktor-albus/cryptforge-sdk.git",
+    "directory": "packages/cryptography"
+  },
+  "homepage": "https://github.com/viktor-albus/cryptforge-sdk#readme",
+  "bugs": {
+    "url": "https://github.com/viktor-albus/cryptforge-sdk/issues"
+  },
+  "files": [
+    "dist",
+    "README.md"
+  ],
+  "scripts": {
+    "build": "tsup",
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "dependencies": {
+    "@cryptforge/core": "workspace:*"
+  }
+}