@digitaldefiance/node-ecies-lib 1.0.1 → 1.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/README.md +266 -0
  2. package/package.json +1 -1
package/README.md ADDED
@@ -0,0 +1,266 @@
1
+ # @digitaldefiance/node-ecies-lib
2
+
3
+ A Node.js-specific implementation of the Digital Defiance ECIES (Elliptic Curve Integrated Encryption Scheme) library, providing secure encryption, decryption, and key management capabilities using Node.js crypto primitives.
4
+
5
+ ## Features
6
+
7
+ - **ECIES Encryption/Decryption**: Secure elliptic curve integrated encryption scheme
8
+ - **Multi-recipient Encryption**: Encrypt data for multiple recipients simultaneously
9
+ - **PBKDF2 Key Derivation**: Password-based key derivation with configurable profiles
10
+ - **Digital Signatures**: Sign and verify data using elliptic curve cryptography
11
+ - **Member Management**: Comprehensive user/member system with key management
12
+ - **Cross-platform Compatibility**: Works seamlessly with the browser-based `@digitaldefiance/ecies-lib`
13
+
14
+ ## Installation
15
+
16
+ ```bash
17
+ npm install @digitaldefiance/node-ecies-lib
18
+ ```
19
+
20
+ ## Quick Start
21
+
22
+ ```typescript
23
+ import { ECIESService, Member, MemberType, EmailString } from '@digitaldefiance/node-ecies-lib';
24
+ import { getEciesI18nEngine } from '@digitaldefiance/ecies-lib';
25
+
26
+ // Initialize the service
27
+ const eciesService = new ECIESService(getEciesI18nEngine());
28
+
29
+ // Create a new member
30
+ const { member, mnemonic } = Member.newMember(
31
+ eciesService,
32
+ MemberType.User,
33
+ 'Alice',
34
+ new EmailString('alice@example.com')
35
+ );
36
+
37
+ // Encrypt data
38
+ const message = 'Hello, secure world!';
39
+ const encrypted = member.encryptData(message);
40
+
41
+ // Decrypt data
42
+ const decrypted = member.decryptData(encrypted);
43
+ console.log(decrypted.toString()); // "Hello, secure world!"
44
+ ```
45
+
46
+ ## Core Components
47
+
48
+ ### ECIESService
49
+
50
+ The main service class providing encryption, decryption, and key management:
51
+
52
+ ```typescript
53
+ import { ECIESService } from '@digitaldefiance/node-ecies-lib';
54
+ import { getEciesI18nEngine } from '@digitaldefiance/ecies-lib';
55
+
56
+ const service = new ECIESService(getEciesI18nEngine());
57
+
58
+ // Generate mnemonic
59
+ const mnemonic = service.generateNewMnemonic();
60
+
61
+ // Single recipient encryption
62
+ const encrypted = service.encryptSimpleOrSingle(
63
+ false, // use single mode (not simple)
64
+ recipientPublicKey,
65
+ Buffer.from('message')
66
+ );
67
+
68
+ // Multi-recipient encryption
69
+ const multiEncrypted = service.encryptMultiple(
70
+ [member1, member2, member3],
71
+ Buffer.from('message')
72
+ );
73
+ ```
74
+
75
+ ### Member Class
76
+
77
+ Represents a user with cryptographic capabilities:
78
+
79
+ ```typescript
80
+ import { Member, MemberType, EmailString } from '@digitaldefiance/node-ecies-lib';
81
+
82
+ // Create from mnemonic
83
+ const member = Member.fromMnemonic(mnemonic, eciesService);
84
+
85
+ // Sign data
86
+ const signature = member.sign(Buffer.from('data to sign'));
87
+
88
+ // Verify signature
89
+ const isValid = member.verify(signature, Buffer.from('data to sign'));
90
+
91
+ // Encrypt for another member
92
+ const encrypted = member.encryptData('secret message', otherMember.publicKey);
93
+ ```
94
+
95
+ ### PBKDF2 Service
96
+
97
+ Password-based key derivation with multiple security profiles:
98
+
99
+ ```typescript
100
+ import { Pbkdf2Service, Pbkdf2ProfileEnum } from '@digitaldefiance/node-ecies-lib';
101
+
102
+ // Use predefined profile
103
+ const result = Pbkdf2Service.deriveKeyFromPasswordWithProfile(
104
+ Buffer.from('password'),
105
+ Pbkdf2ProfileEnum.USER_LOGIN
106
+ );
107
+
108
+ // Custom parameters
109
+ const customResult = Pbkdf2Service.deriveKeyFromPassword(
110
+ Buffer.from('password'),
111
+ salt,
112
+ 100000, // iterations
113
+ 32, // salt bytes
114
+ 32, // key bytes
115
+ 'sha256' // algorithm
116
+ );
117
+
118
+ // Async version
119
+ const asyncResult = await Pbkdf2Service.deriveKeyFromPasswordAsync(
120
+ Buffer.from('password')
121
+ );
122
+ ```
123
+
124
+ ## PBKDF2 Profiles
125
+
126
+ The library includes several predefined PBKDF2 profiles for different use cases:
127
+
128
+ | Profile | Salt Size | Iterations | Algorithm | Hash Size | Use Case |
129
+ |---------|-----------|------------|-----------|-----------|----------|
130
+ | `USER_LOGIN` | 32 bytes | 1,304,000 | SHA-256 | 32 bytes | User authentication |
131
+ | `KEY_WRAPPING` | 32 bytes | 100,000 | SHA-256 | 32 bytes | Key encryption |
132
+ | `BACKUP_CODES` | 32 bytes | 1,304,000 | SHA-256 | 32 bytes | Backup codes |
133
+ | `HIGH_SECURITY` | 64 bytes | 2,000,000 | SHA-512 | 64 bytes | Sensitive operations |
134
+ | `FAST_TEST` | 16 bytes | 1,000 | SHA-256 | 32 bytes | Testing/development |
135
+
136
+ ## Encryption Types
137
+
138
+ The library supports multiple encryption modes:
139
+
140
+ - **Simple**: Basic ECIES encryption for single recipients
141
+ - **Single**: Enhanced ECIES with additional metadata
142
+ - **Multiple**: Efficient encryption for multiple recipients
143
+
144
+ ```typescript
145
+ // Single recipient
146
+ const singleEncrypted = service.encryptSimpleOrSingle(
147
+ false, // single mode
148
+ recipientPublicKey,
149
+ message
150
+ );
151
+
152
+ // Multiple recipients
153
+ const multiEncrypted = service.encryptMultiple(
154
+ [member1, member2, member3],
155
+ message
156
+ );
157
+ ```
158
+
159
+ ## Cross-Platform Compatibility
160
+
161
+ This Node.js library is designed to work seamlessly with the browser-based `@digitaldefiance/ecies-lib`:
162
+
163
+ ```typescript
164
+ // Data encrypted in browser can be decrypted in Node.js
165
+ const browserEncrypted = /* data from browser */;
166
+ const nodeDecrypted = nodeMember.decryptData(browserEncrypted);
167
+
168
+ // Data encrypted in Node.js can be decrypted in browser
169
+ const nodeEncrypted = nodeMember.encryptData('message');
170
+ // Send nodeEncrypted to browser for decryption
171
+ ```
172
+
173
+ ## Security Features
174
+
175
+ - **Secure Memory Management**: Uses `SecureBuffer` and `SecureString` for sensitive data
176
+ - **Key Zeroization**: Automatic cleanup of cryptographic material
177
+ - **Configurable Security Levels**: Multiple PBKDF2 profiles for different security requirements
178
+ - **Input Validation**: Comprehensive validation of all cryptographic inputs
179
+ - **Error Handling**: Detailed error types for debugging and security analysis
180
+
181
+ ## API Reference
182
+
183
+ ### Constants
184
+
185
+ ```typescript
186
+ import { Constants, PBKDF2, PBKDF2_PROFILES } from '@digitaldefiance/node-ecies-lib';
187
+
188
+ // Access configuration constants
189
+ const saltSize = Constants.PBKDF2.SALT_BYTES; // 32
190
+ const iterations = Constants.PBKDF2.ITERATIONS_PER_SECOND; // 1,304,000
191
+ const keyWrappingProfile = Constants.PBKDF2_PROFILES.KEY_WRAPPING;
192
+ ```
193
+
194
+ ### Interfaces
195
+
196
+ Key interfaces for type safety:
197
+
198
+ - `IPbkdf2Result`: Result of key derivation operations
199
+ - `IMultiEncryptedMessage`: Multi-recipient encrypted data structure
200
+ - `IMemberOperational`: Member interface with operational methods
201
+ - `IWalletSeed`: Wallet and seed information
202
+
203
+ ## Testing
204
+
205
+ The library includes comprehensive test coverage:
206
+
207
+ ```bash
208
+ # Run all tests
209
+ npm test
210
+
211
+ # Run specific test suites
212
+ npm test -- pbkdf2.spec.ts
213
+ npm test -- ecies-compatibility.e2e.spec.ts
214
+ ```
215
+
216
+ Test categories:
217
+ - Unit tests for individual components
218
+ - Integration tests for cross-component functionality
219
+ - End-to-end tests for complete workflows
220
+ - Cross-platform compatibility tests
221
+
222
+ ## Error Handling
223
+
224
+ The library provides detailed error types for different failure scenarios:
225
+
226
+ ```typescript
227
+ import { Pbkdf2Error, Pbkdf2ErrorType, MemberError, MemberErrorType } from '@digitaldefiance/node-ecies-lib';
228
+
229
+ try {
230
+ const result = Pbkdf2Service.deriveKeyFromPassword(password, invalidSalt);
231
+ } catch (error) {
232
+ if (error instanceof Pbkdf2Error) {
233
+ if (error.type === Pbkdf2ErrorType.InvalidSaltLength) {
234
+ console.log('Salt length is invalid');
235
+ }
236
+ }
237
+ }
238
+ ```
239
+
240
+ ## Performance Considerations
241
+
242
+ - **Async Operations**: Use async versions of PBKDF2 operations to avoid blocking the event loop
243
+ - **Memory Management**: Dispose of members and secure buffers when no longer needed
244
+ - **Profile Selection**: Choose appropriate PBKDF2 profiles based on security vs. performance requirements
245
+
246
+ ```typescript
247
+ // Use async for better performance
248
+ const result = await Pbkdf2Service.deriveKeyFromPasswordAsync(password);
249
+
250
+ // Dispose of resources
251
+ member.dispose();
252
+ secureString.dispose();
253
+ ```
254
+
255
+ ## License
256
+
257
+ MIT
258
+
259
+ ## Contributing
260
+
261
+ Please read the contributing guidelines in the main repository.
262
+
263
+ ## Related Packages
264
+
265
+ - `@digitaldefiance/ecies-lib`: Browser-compatible ECIES library
266
+ - `@digitaldefiance/i18n-lib`: Internationalization support
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@digitaldefiance/node-ecies-lib",
3
- "version": "1.0.1",
3
+ "version": "1.0.2",
4
4
  "description": "Digital Defiance Node ECIES Library",
5
5
  "main": "dist/index.js",
6
6
  "types": "dist/index.d.ts",