npm - @djangocfg/crypto - Versions diffs - 2.1.235 → 2.1.236 - Mend

@djangocfg/crypto 2.1.235 → 2.1.236

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@djangocfg/crypto",
-  "version": "2.1.235",
+  "version": "2.1.236",
   "description": "Client-side AES-256-GCM decryption for Django-CFG encrypted API responses using Web Crypto API",
   "keywords": [
     "crypto",
@@ -66,7 +66,7 @@
     }
   },
   "devDependencies": {
-    "@djangocfg/typescript-config": "^2.1.235",
+    "@djangocfg/typescript-config": "^2.1.236",
     "@types/node": "^24.7.2",
     "@types/react": "^19.1.0",
     "react": "^19.1.0",

package/dist/react.cjs DELETED Viewed

@@ -1,300 +0,0 @@
-"use client";
-"use strict";
-var __defProp = Object.defineProperty;
-var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
-var __getOwnPropNames = Object.getOwnPropertyNames;
-var __hasOwnProp = Object.prototype.hasOwnProperty;
-var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
-var __export = (target, all) => {
-  for (var name in all)
-    __defProp(target, name, { get: all[name], enumerable: true });
-};
-var __copyProps = (to, from, except, desc) => {
-  if (from && typeof from === "object" || typeof from === "function") {
-    for (let key of __getOwnPropNames(from))
-      if (!__hasOwnProp.call(to, key) && key !== except)
-        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
-  }
-  return to;
-};
-var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
-// src/react/index.ts
-var react_exports = {};
-__export(react_exports, {
-  useDecrypt: () => useDecrypt,
-  useDecryptionClient: () => useDecryptionClient,
-  useIsEncrypted: () => useIsEncrypted,
-  useLazyDecrypt: () => useLazyDecrypt
-});
-module.exports = __toCommonJS(react_exports);
-// src/react/hooks.ts
-var import_react = require("react");
-// src/key-derivation.ts
-async function deriveKey(password, salt, iterations = 1e5, keyLength = 32) {
-  const encoder = new TextEncoder();
-  const passwordBuffer = encoder.encode(password);
-  const keyMaterial = await crypto.subtle.importKey(
-    "raw",
-    passwordBuffer,
-    "PBKDF2",
-    false,
-    ["deriveBits", "deriveKey"]
-  );
-  return crypto.subtle.deriveKey(
-    {
-      name: "PBKDF2",
-      salt: salt.buffer,
-      iterations,
-      hash: "SHA-256"
-    },
-    keyMaterial,
-    { name: "AES-GCM", length: keyLength * 8 },
-    false,
-    ["decrypt"]
-  );
-}
-__name(deriveKey, "deriveKey");
-async function buildSalt(keyPrefix = "djangocfg_encryption", userId, sessionId) {
-  const parts = [keyPrefix];
-  if (sessionId) {
-    parts.push(`session:${sessionId}`);
-  } else if (userId !== void 0) {
-    parts.push(`user:${userId}`);
-  } else {
-    parts.push("global");
-  }
-  const saltInput = parts.join(":");
-  const encoder = new TextEncoder();
-  const inputBuffer = encoder.encode(saltInput);
-  const hashBuffer = await crypto.subtle.digest("SHA-256", inputBuffer);
-  return new Uint8Array(hashBuffer).slice(0, 16);
-}
-__name(buildSalt, "buildSalt");
-async function deriveKeyFromConfig(config) {
-  const {
-    secretKey,
-    userId,
-    sessionId,
-    iterations = 1e5,
-    keyPrefix = "djangocfg_encryption"
-  } = config;
-  const salt = await buildSalt(keyPrefix, userId, sessionId);
-  return deriveKey(secretKey, salt, iterations);
-}
-__name(deriveKeyFromConfig, "deriveKeyFromConfig");
-// src/types.ts
-function isEncryptedField(value) {
-  if (typeof value !== "object" || value === null) return false;
-  const obj = value;
-  return obj.encrypted === true && typeof obj.algorithm === "string" && typeof obj.iv === "string" && typeof obj.data === "string" && typeof obj.auth_tag === "string";
-}
-__name(isEncryptedField, "isEncryptedField");
-function isEncryptedResponse(value) {
-  if (typeof value !== "object" || value === null) return false;
-  const obj = value;
-  return obj.encrypted === true && typeof obj.algorithm === "string" && typeof obj.salt === "string" && typeof obj.iv === "string" && typeof obj.data === "string" && typeof obj.auth_tag === "string";
-}
-__name(isEncryptedResponse, "isEncryptedResponse");
-// src/decryption.ts
-function base64ToBytes(base64) {
-  const binary = atob(base64);
-  const bytes = new Uint8Array(binary.length);
-  for (let i = 0; i < binary.length; i++) {
-    bytes[i] = binary.charCodeAt(i);
-  }
-  return bytes;
-}
-__name(base64ToBytes, "base64ToBytes");
-async function decryptAES256GCM(ciphertext, key, iv, authTag) {
-  const combined = new Uint8Array(ciphertext.length + authTag.length);
-  combined.set(ciphertext);
-  combined.set(authTag, ciphertext.length);
-  const decrypted = await crypto.subtle.decrypt(
-    {
-      name: "AES-GCM",
-      iv: iv.buffer,
-      tagLength: 128
-      // 16 bytes = 128 bits
-    },
-    key,
-    combined
-  );
-  return new Uint8Array(decrypted);
-}
-__name(decryptAES256GCM, "decryptAES256GCM");
-async function decryptField(field, key) {
-  if (field.algorithm !== "AES-256-GCM") {
-    throw new Error(`Unsupported algorithm: ${field.algorithm}`);
-  }
-  const iv = base64ToBytes(field.iv);
-  const ciphertext = base64ToBytes(field.data);
-  const authTag = base64ToBytes(field.auth_tag);
-  const decrypted = await decryptAES256GCM(ciphertext, key, iv, authTag);
-  const text = new TextDecoder().decode(decrypted);
-  return JSON.parse(text);
-}
-__name(decryptField, "decryptField");
-async function decryptObject(data, key) {
-  if (data === null || data === void 0) {
-    return data;
-  }
-  if (isEncryptedField(data)) {
-    return decryptField(data, key);
-  }
-  if (Array.isArray(data)) {
-    const decrypted = await Promise.all(
-      data.map((item) => decryptObject(item, key))
-    );
-    return decrypted;
-  }
-  if (typeof data === "object") {
-    const result = {};
-    const entries = Object.entries(data);
-    for (const [objKey, value] of entries) {
-      result[objKey] = await decryptObject(value, key);
-    }
-    return result;
-  }
-  return data;
-}
-__name(decryptObject, "decryptObject");
-async function createDecryptionClient(config) {
-  const key = await deriveKeyFromConfig(config);
-  return {
-    /**
-     * Decrypt a single encrypted field.
-     */
-    decryptField: /* @__PURE__ */ __name((field) => decryptField(field, key), "decryptField"),
-    /**
-     * Recursively decrypt all encrypted fields in an object.
-     */
-    decryptObject: /* @__PURE__ */ __name((data) => decryptObject(data, key), "decryptObject"),
-    /**
-     * Check if a value is an encrypted field.
-     */
-    isEncryptedField,
-    /**
-     * Check if a value is an encrypted response.
-     */
-    isEncryptedResponse
-  };
-}
-__name(createDecryptionClient, "createDecryptionClient");
-// src/react/hooks.ts
-function useDecrypt(encryptedData, config) {
-  const [state, setState] = (0, import_react.useState)({
-    data: void 0,
-    isLoading: true,
-    error: void 0,
-    isDecrypted: false
-  });
-  const keyRef = (0, import_react.useRef)(null);
-  const configRef = (0, import_react.useRef)(config);
-  const configChanged = configRef.current.secretKey !== config.secretKey || configRef.current.userId !== config.userId || configRef.current.sessionId !== config.sessionId;
-  if (configChanged) {
-    configRef.current = config;
-    keyRef.current = null;
-  }
-  (0, import_react.useEffect)(() => {
-    let cancelled = false;
-    async function decrypt() {
-      try {
-        setState((s) => ({ ...s, isLoading: true, error: void 0 }));
-        if (!keyRef.current) {
-          keyRef.current = await deriveKeyFromConfig(config);
-        }
-        const decrypted = await decryptObject(encryptedData, keyRef.current);
-        if (!cancelled) {
-          setState({
-            data: decrypted,
-            isLoading: false,
-            error: void 0,
-            isDecrypted: true
-          });
-        }
-      } catch (err) {
-        if (!cancelled) {
-          setState({
-            data: void 0,
-            isLoading: false,
-            error: err instanceof Error ? err : new Error("Decryption failed"),
-            isDecrypted: false
-          });
-        }
-      }
-    }
-    __name(decrypt, "decrypt");
-    decrypt();
-    return () => {
-      cancelled = true;
-    };
-  }, [encryptedData, config.secretKey, config.userId, config.sessionId]);
-  return state;
-}
-__name(useDecrypt, "useDecrypt");
-function useDecryptionClient(config) {
-  const [client, setClient] = (0, import_react.useState)(null);
-  (0, import_react.useEffect)(() => {
-    createDecryptionClient(config).then(setClient);
-  }, [config.secretKey, config.userId, config.sessionId]);
-  return client;
-}
-__name(useDecryptionClient, "useDecryptionClient");
-function useLazyDecrypt(config) {
-  const [state, setState] = (0, import_react.useState)({
-    data: void 0,
-    isLoading: false,
-    error: void 0,
-    isDecrypted: false
-  });
-  const keyRef = (0, import_react.useRef)(null);
-  const decrypt = (0, import_react.useCallback)(
-    async (encryptedData) => {
-      try {
-        setState((s) => ({ ...s, isLoading: true, error: void 0 }));
-        if (!keyRef.current) {
-          keyRef.current = await deriveKeyFromConfig(config);
-        }
-        const decrypted = await decryptObject(encryptedData, keyRef.current);
-        setState({
-          data: decrypted,
-          isLoading: false,
-          error: void 0,
-          isDecrypted: true
-        });
-        return decrypted;
-      } catch (err) {
-        const error = err instanceof Error ? err : new Error("Decryption failed");
-        setState({
-          data: void 0,
-          isLoading: false,
-          error,
-          isDecrypted: false
-        });
-        return void 0;
-      }
-    },
-    [config.secretKey, config.userId, config.sessionId]
-  );
-  const reset = (0, import_react.useCallback)(() => {
-    setState({
-      data: void 0,
-      isLoading: false,
-      error: void 0,
-      isDecrypted: false
-    });
-  }, []);
-  return { ...state, decrypt, reset };
-}
-__name(useLazyDecrypt, "useLazyDecrypt");
-function useIsEncrypted(value) {
-  return (0, import_react.useMemo)(() => isEncryptedField(value), [value]);
-}
-__name(useIsEncrypted, "useIsEncrypted");
-//# sourceMappingURL=react.cjs.map

package/dist/react.mjs DELETED Viewed

@@ -1,279 +0,0 @@
-"use client";
-var __defProp = Object.defineProperty;
-var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
-// src/react/hooks.ts
-import { useCallback, useEffect, useMemo, useRef, useState } from "react";
-// src/key-derivation.ts
-async function deriveKey(password, salt, iterations = 1e5, keyLength = 32) {
-  const encoder = new TextEncoder();
-  const passwordBuffer = encoder.encode(password);
-  const keyMaterial = await crypto.subtle.importKey(
-    "raw",
-    passwordBuffer,
-    "PBKDF2",
-    false,
-    ["deriveBits", "deriveKey"]
-  );
-  return crypto.subtle.deriveKey(
-    {
-      name: "PBKDF2",
-      salt: salt.buffer,
-      iterations,
-      hash: "SHA-256"
-    },
-    keyMaterial,
-    { name: "AES-GCM", length: keyLength * 8 },
-    false,
-    ["decrypt"]
-  );
-}
-__name(deriveKey, "deriveKey");
-async function buildSalt(keyPrefix = "djangocfg_encryption", userId, sessionId) {
-  const parts = [keyPrefix];
-  if (sessionId) {
-    parts.push(`session:${sessionId}`);
-  } else if (userId !== void 0) {
-    parts.push(`user:${userId}`);
-  } else {
-    parts.push("global");
-  }
-  const saltInput = parts.join(":");
-  const encoder = new TextEncoder();
-  const inputBuffer = encoder.encode(saltInput);
-  const hashBuffer = await crypto.subtle.digest("SHA-256", inputBuffer);
-  return new Uint8Array(hashBuffer).slice(0, 16);
-}
-__name(buildSalt, "buildSalt");
-async function deriveKeyFromConfig(config) {
-  const {
-    secretKey,
-    userId,
-    sessionId,
-    iterations = 1e5,
-    keyPrefix = "djangocfg_encryption"
-  } = config;
-  const salt = await buildSalt(keyPrefix, userId, sessionId);
-  return deriveKey(secretKey, salt, iterations);
-}
-__name(deriveKeyFromConfig, "deriveKeyFromConfig");
-// src/types.ts
-function isEncryptedField(value) {
-  if (typeof value !== "object" || value === null) return false;
-  const obj = value;
-  return obj.encrypted === true && typeof obj.algorithm === "string" && typeof obj.iv === "string" && typeof obj.data === "string" && typeof obj.auth_tag === "string";
-}
-__name(isEncryptedField, "isEncryptedField");
-function isEncryptedResponse(value) {
-  if (typeof value !== "object" || value === null) return false;
-  const obj = value;
-  return obj.encrypted === true && typeof obj.algorithm === "string" && typeof obj.salt === "string" && typeof obj.iv === "string" && typeof obj.data === "string" && typeof obj.auth_tag === "string";
-}
-__name(isEncryptedResponse, "isEncryptedResponse");
-// src/decryption.ts
-function base64ToBytes(base64) {
-  const binary = atob(base64);
-  const bytes = new Uint8Array(binary.length);
-  for (let i = 0; i < binary.length; i++) {
-    bytes[i] = binary.charCodeAt(i);
-  }
-  return bytes;
-}
-__name(base64ToBytes, "base64ToBytes");
-async function decryptAES256GCM(ciphertext, key, iv, authTag) {
-  const combined = new Uint8Array(ciphertext.length + authTag.length);
-  combined.set(ciphertext);
-  combined.set(authTag, ciphertext.length);
-  const decrypted = await crypto.subtle.decrypt(
-    {
-      name: "AES-GCM",
-      iv: iv.buffer,
-      tagLength: 128
-      // 16 bytes = 128 bits
-    },
-    key,
-    combined
-  );
-  return new Uint8Array(decrypted);
-}
-__name(decryptAES256GCM, "decryptAES256GCM");
-async function decryptField(field, key) {
-  if (field.algorithm !== "AES-256-GCM") {
-    throw new Error(`Unsupported algorithm: ${field.algorithm}`);
-  }
-  const iv = base64ToBytes(field.iv);
-  const ciphertext = base64ToBytes(field.data);
-  const authTag = base64ToBytes(field.auth_tag);
-  const decrypted = await decryptAES256GCM(ciphertext, key, iv, authTag);
-  const text = new TextDecoder().decode(decrypted);
-  return JSON.parse(text);
-}
-__name(decryptField, "decryptField");
-async function decryptObject(data, key) {
-  if (data === null || data === void 0) {
-    return data;
-  }
-  if (isEncryptedField(data)) {
-    return decryptField(data, key);
-  }
-  if (Array.isArray(data)) {
-    const decrypted = await Promise.all(
-      data.map((item) => decryptObject(item, key))
-    );
-    return decrypted;
-  }
-  if (typeof data === "object") {
-    const result = {};
-    const entries = Object.entries(data);
-    for (const [objKey, value] of entries) {
-      result[objKey] = await decryptObject(value, key);
-    }
-    return result;
-  }
-  return data;
-}
-__name(decryptObject, "decryptObject");
-async function createDecryptionClient(config) {
-  const key = await deriveKeyFromConfig(config);
-  return {
-    /**
-     * Decrypt a single encrypted field.
-     */
-    decryptField: /* @__PURE__ */ __name((field) => decryptField(field, key), "decryptField"),
-    /**
-     * Recursively decrypt all encrypted fields in an object.
-     */
-    decryptObject: /* @__PURE__ */ __name((data) => decryptObject(data, key), "decryptObject"),
-    /**
-     * Check if a value is an encrypted field.
-     */
-    isEncryptedField,
-    /**
-     * Check if a value is an encrypted response.
-     */
-    isEncryptedResponse
-  };
-}
-__name(createDecryptionClient, "createDecryptionClient");
-// src/react/hooks.ts
-function useDecrypt(encryptedData, config) {
-  const [state, setState] = useState({
-    data: void 0,
-    isLoading: true,
-    error: void 0,
-    isDecrypted: false
-  });
-  const keyRef = useRef(null);
-  const configRef = useRef(config);
-  const configChanged = configRef.current.secretKey !== config.secretKey || configRef.current.userId !== config.userId || configRef.current.sessionId !== config.sessionId;
-  if (configChanged) {
-    configRef.current = config;
-    keyRef.current = null;
-  }
-  useEffect(() => {
-    let cancelled = false;
-    async function decrypt() {
-      try {
-        setState((s) => ({ ...s, isLoading: true, error: void 0 }));
-        if (!keyRef.current) {
-          keyRef.current = await deriveKeyFromConfig(config);
-        }
-        const decrypted = await decryptObject(encryptedData, keyRef.current);
-        if (!cancelled) {
-          setState({
-            data: decrypted,
-            isLoading: false,
-            error: void 0,
-            isDecrypted: true
-          });
-        }
-      } catch (err) {
-        if (!cancelled) {
-          setState({
-            data: void 0,
-            isLoading: false,
-            error: err instanceof Error ? err : new Error("Decryption failed"),
-            isDecrypted: false
-          });
-        }
-      }
-    }
-    __name(decrypt, "decrypt");
-    decrypt();
-    return () => {
-      cancelled = true;
-    };
-  }, [encryptedData, config.secretKey, config.userId, config.sessionId]);
-  return state;
-}
-__name(useDecrypt, "useDecrypt");
-function useDecryptionClient(config) {
-  const [client, setClient] = useState(null);
-  useEffect(() => {
-    createDecryptionClient(config).then(setClient);
-  }, [config.secretKey, config.userId, config.sessionId]);
-  return client;
-}
-__name(useDecryptionClient, "useDecryptionClient");
-function useLazyDecrypt(config) {
-  const [state, setState] = useState({
-    data: void 0,
-    isLoading: false,
-    error: void 0,
-    isDecrypted: false
-  });
-  const keyRef = useRef(null);
-  const decrypt = useCallback(
-    async (encryptedData) => {
-      try {
-        setState((s) => ({ ...s, isLoading: true, error: void 0 }));
-        if (!keyRef.current) {
-          keyRef.current = await deriveKeyFromConfig(config);
-        }
-        const decrypted = await decryptObject(encryptedData, keyRef.current);
-        setState({
-          data: decrypted,
-          isLoading: false,
-          error: void 0,
-          isDecrypted: true
-        });
-        return decrypted;
-      } catch (err) {
-        const error = err instanceof Error ? err : new Error("Decryption failed");
-        setState({
-          data: void 0,
-          isLoading: false,
-          error,
-          isDecrypted: false
-        });
-        return void 0;
-      }
-    },
-    [config.secretKey, config.userId, config.sessionId]
-  );
-  const reset = useCallback(() => {
-    setState({
-      data: void 0,
-      isLoading: false,
-      error: void 0,
-      isDecrypted: false
-    });
-  }, []);
-  return { ...state, decrypt, reset };
-}
-__name(useLazyDecrypt, "useLazyDecrypt");
-function useIsEncrypted(value) {
-  return useMemo(() => isEncryptedField(value), [value]);
-}
-__name(useIsEncrypted, "useIsEncrypted");
-export {
-  useDecrypt,
-  useDecryptionClient,
-  useIsEncrypted,
-  useLazyDecrypt
-};
-//# sourceMappingURL=react.mjs.map