@futdevpro/fsm-dynamo 1.10.49 → 1.10.51

package/build/_modules/crypto/_collections/crypto-non-stable.util.d.ts

@@ -0,0 +1,80 @@
+/**
+ * Error codes for crypto operations
+ */
+/**
+ * Configuration options for encryption/decryption
+ */
+export interface CryptoConfig {
+    ivLength?: number;
+    saltLength?: number;
+    keyIterations?: number;
+    keySize?: number;
+}
+/**
+ * A utility class for secure encryption and decryption of data
+ * Uses AES-256-CBC with PBKDF2 key derivation
+ */
+export declare class DyFM_Crypto {
+    private static readonly DEFAULT_CONFIG;
+    private static readonly defaultErrorUserMsg;
+    /**
+     * Validates the input data and key
+     * @throws {DyFM_Error} if validation fails
+     */
+    private static validateInput;
+    /**
+     * Generates a deterministic IV based on the input data and key
+     */
+    private static generateIV;
+    /**
+     * Generates a deterministic salt based on the input data and key
+     */
+    private static generateSalt;
+    /**
+     * Derives a key using PBKDF2
+     */
+    private static deriveKey;
+    /**
+     * Safely serializes data to JSON
+     */
+    private static safeSerialize;
+    /**
+     * Safely deserializes JSON data
+     */
+    private static safeDeserialize;
+    /**
+     * Encrypts data using AES-256-CBC
+     * @param data The data to encrypt
+     * @param key The encryption key
+     * @param config Optional configuration
+     * @returns URL-safe encrypted string
+     * @throws {DyFM_Error} if encryption fails
+     */
+    static encrypt<T>(data: T, key: string, config?: CryptoConfig): string;
+    /**
+     * Decrypts data that was encrypted using encrypt()
+     * @param encryptedData The encrypted data
+     * @param key The decryption key
+     * @param config Optional configuration
+     * @returns The decrypted data
+     * @throws {DyFM_Error} if decryption fails
+     */
+    static decrypt<T>(encryptedData: string, key: string, config?: CryptoConfig): T;
+    /**
+     * Generates a secure random key
+     * @param length Length of the key in bytes (default: 32)
+     * @returns A secure random key
+     */
+    static generateKey(length?: number): string;
+    /**
+     * Validates if a string is a valid encrypted data
+     * @param encryptedData The data to validate
+     * @returns true if the data appears to be valid encrypted data
+     */
+    static isValidEncryptedData(encryptedData: string): boolean;
+    /**
+     * Gets default error settings
+     */
+    private static getDefaultErrorSettings;
+}
+//# sourceMappingURL=crypto-non-stable.util.d.ts.map

package/build/_modules/crypto/_collections/crypto-non-stable.util.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"crypto-non-stable.util.d.ts","sourceRoot":"","sources":["../../../../src/_modules/crypto/_collections/crypto-non-stable.util.ts"],"names":[],"mappings":"AAOA;;GAEG;AASH;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;;GAGG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,cAAc,CAKpC;IACF,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,mBAAmB,CAEY;IAMvD;;;OAGG;IACH,OAAO,CAAC,MAAM,CAAC,aAAa;IAkB5B;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,UAAU;IAKzB;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,YAAY;IAK3B;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,SAAS;IAOxB;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,aAAa;IAY5B;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,eAAe;IA6B9B;;;;;;;OAOG;IACH,MAAM,CAAC,OAAO,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,YAAY,GAAG,MAAM;IAsCtE;;;;;;;OAOG;IACH,MAAM,CAAC,OAAO,CAAC,CAAC,EAAE,aAAa,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,YAAY,GAAG,CAAC;IAwD/E;;;;OAIG;IACH,MAAM,CAAC,WAAW,CAAC,MAAM,GAAE,MAAW,GAAG,MAAM;IAI/C;;;;OAIG;IACH,MAAM,CAAC,oBAAoB,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO;IAO3D;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,uBAAuB;CAQvC"}

package/build/_modules/crypto/_collections/crypto-non-stable.util.js

@@ -0,0 +1,229 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DyFM_Crypto = void 0;
+const tslib_1 = require("tslib");
+const CryptoJS = tslib_1.__importStar(require("crypto-js"));
+const error_control_model_1 = require("../../../_models/control-models/error.control-model");
+/**
+ * A utility class for secure encryption and decryption of data
+ * Uses AES-256-CBC with PBKDF2 key derivation
+ */
+class DyFM_Crypto {
+    static DEFAULT_CONFIG = {
+        ivLength: 16, // 128 bits
+        saltLength: 16, // 128 bits
+        keyIterations: 10000,
+        keySize: 8 // 256 bits (8 * 32)
+    };
+    static defaultErrorUserMsg = `We encountered an unhandled Authentication Error, ` +
+        `\nplease contact the responsible development team.`;
+    // Tömör: kb. 60–80 karakteres token, nem 200+
+    // Nem szabványos: nehéz visszafejteni
+    // Használható cookie, header, URL-ben
+    /**
+     * Validates the input data and key
+     * @throws {DyFM_Error} if validation fails
+     */
+    static validateInput(data, key) {
+        if (!key || typeof key !== 'string' || key.trim().length === 0) {
+            throw new error_control_model_1.DyFM_Error({
+                ...this.getDefaultErrorSettings('validateInput'),
+                errorCode: 'DyFM-CRY-IKY',
+                message: 'Invalid encryption key'
+            });
+        }
+        if (data === undefined || data === null) {
+            throw new error_control_model_1.DyFM_Error({
+                ...this.getDefaultErrorSettings('validateInput'),
+                errorCode: 'DyFM-CRY-IDT',
+                message: 'Invalid data to encrypt/decrypt'
+            });
+        }
+    }
+    /**
+     * Generates a deterministic IV based on the input data and key
+     */
+    static generateIV(data, key, config) {
+        const hash = CryptoJS.SHA256(data + key);
+        return CryptoJS.lib.WordArray.create(hash.words.slice(0, config.ivLength / 4));
+    }
+    /**
+     * Generates a deterministic salt based on the input data and key
+     */
+    static generateSalt(data, key, config) {
+        const hash = CryptoJS.SHA256(key + data);
+        return CryptoJS.lib.WordArray.create(hash.words.slice(0, config.saltLength / 4));
+    }
+    /**
+     * Derives a key using PBKDF2
+     */
+    static deriveKey(key, salt, config) {
+        return CryptoJS.PBKDF2(key, salt, {
+            keySize: config.keySize,
+            iterations: config.keyIterations
+        });
+    }
+    /**
+     * Safely serializes data to JSON
+     */
+    static safeSerialize(data) {
+        try {
+            return JSON.stringify(data);
+        }
+        catch (error) {
+            throw new error_control_model_1.DyFM_Error({
+                ...this.getDefaultErrorSettings('safeSerialize', error),
+                errorCode: 'DyFM-CRY-SER',
+                message: 'Failed to serialize data'
+            });
+        }
+    }
+    /**
+     * Safely deserializes JSON data
+     */
+    static safeDeserialize(data) {
+        try {
+            let parsed = JSON.parse(data);
+            // Handle double-stringified JSON
+            if (typeof parsed === 'string') {
+                try {
+                    parsed = JSON.parse(parsed);
+                }
+                catch {
+                    // If second parse fails, return the string as is
+                    return parsed;
+                }
+            }
+            // Handle primitive values
+            if (typeof parsed === 'string' || typeof parsed === 'number' || typeof parsed === 'boolean') {
+                return parsed;
+            }
+            return parsed;
+        }
+        catch (error) {
+            throw new error_control_model_1.DyFM_Error({
+                ...this.getDefaultErrorSettings('safeDeserialize', error),
+                errorCode: 'DyFM-CRY-DES',
+                message: 'Failed to deserialize data'
+            });
+        }
+    }
+    /**
+     * Encrypts data using AES-256-CBC
+     * @param data The data to encrypt
+     * @param key The encryption key
+     * @param config Optional configuration
+     * @returns URL-safe encrypted string
+     * @throws {DyFM_Error} if encryption fails
+     */
+    static encrypt(data, key, config) {
+        try {
+            this.validateInput(data, key);
+            const finalConfig = { ...this.DEFAULT_CONFIG, ...config };
+            // Convert data to string
+            const dataStr = this.safeSerialize(data);
+            // Generate deterministic IV and salt based on data and key
+            const iv = this.generateIV(dataStr, key, finalConfig);
+            const salt = this.generateSalt(dataStr, key, finalConfig);
+            // Derive key using PBKDF2
+            const derivedKey = this.deriveKey(key, salt, finalConfig);
+            // Encrypt the data
+            const encrypted = CryptoJS.AES.encrypt(dataStr, derivedKey, {
+                iv: iv,
+                mode: CryptoJS.mode.CBC,
+                padding: CryptoJS.pad.Pkcs7
+            });
+            // Combine IV + Salt + Ciphertext
+            const combined = iv.concat(salt).concat(encrypted.ciphertext);
+            // Convert to URL-safe base64
+            return CryptoJS.enc.Base64.stringify(combined)
+                .replace(/\+/g, '-')
+                .replace(/\//g, '_')
+                .replace(/=+$/, '');
+        }
+        catch (error) {
+            throw new error_control_model_1.DyFM_Error({
+                ...this.getDefaultErrorSettings('encrypt', error),
+                errorCode: 'DyFM-CRY-ENC',
+            });
+        }
+    }
+    /**
+     * Decrypts data that was encrypted using encrypt()
+     * @param encryptedData The encrypted data
+     * @param key The decryption key
+     * @param config Optional configuration
+     * @returns The decrypted data
+     * @throws {DyFM_Error} if decryption fails
+     */
+    static decrypt(encryptedData, key, config) {
+        try {
+            this.validateInput(encryptedData, key);
+            const finalConfig = { ...this.DEFAULT_CONFIG, ...config };
+            // Convert from URL-safe base64
+            const base64 = encryptedData
+                .replace(/-/g, '+')
+                .replace(/_/g, '/');
+            // Parse the combined data
+            const combined = CryptoJS.enc.Base64.parse(base64);
+            // Validate minimum length (IV + Salt + minimum ciphertext)
+            const minLength = (finalConfig.ivLength + finalConfig.saltLength + 16) / 4; // 16 bytes minimum for ciphertext
+            if (combined.words.length < minLength) {
+                throw new Error('Invalid encrypted data length');
+            }
+            // Extract IV, salt, and ciphertext
+            const iv = CryptoJS.lib.WordArray.create(combined.words.slice(0, finalConfig.ivLength / 4));
+            const salt = CryptoJS.lib.WordArray.create(combined.words.slice(finalConfig.ivLength / 4, (finalConfig.ivLength + finalConfig.saltLength) / 4));
+            const ciphertext = CryptoJS.lib.WordArray.create(combined.words.slice((finalConfig.ivLength + finalConfig.saltLength) / 4));
+            // Derive key using PBKDF2
+            const derivedKey = this.deriveKey(key, salt, finalConfig);
+            // Decrypt the data
+            const decrypted = CryptoJS.AES.decrypt({ ciphertext: ciphertext }, derivedKey, {
+                iv: iv,
+                mode: CryptoJS.mode.CBC,
+                padding: CryptoJS.pad.Pkcs7
+            });
+            // Parse JSON
+            const decryptedStr = decrypted.toString(CryptoJS.enc.Utf8);
+            return this.safeDeserialize(decryptedStr);
+        }
+        catch (error) {
+            throw new error_control_model_1.DyFM_Error({
+                ...this.getDefaultErrorSettings('decrypt', error),
+                errorCode: 'DyFM-CRY-DRY',
+            });
+        }
+    }
+    /**
+     * Generates a secure random key
+     * @param length Length of the key in bytes (default: 32)
+     * @returns A secure random key
+     */
+    static generateKey(length = 32) {
+        return CryptoJS.lib.WordArray.random(length).toString();
+    }
+    /**
+     * Validates if a string is a valid encrypted data
+     * @param encryptedData The data to validate
+     * @returns true if the data appears to be valid encrypted data
+     */
+    static isValidEncryptedData(encryptedData) {
+        if (!encryptedData || typeof encryptedData !== 'string') {
+            return false;
+        }
+        return /^[A-Za-z0-9\-_]+$/.test(encryptedData);
+    }
+    /**
+     * Gets default error settings
+     */
+    static getDefaultErrorSettings(operation, error) {
+        return {
+            status: error?.___status ?? error?.status ?? 401,
+            message: `Crypto operation "${operation}" failed`,
+            error: error,
+            errorCode: 'DyFM-CRY-ERR'
+        };
+    }
+}
+exports.DyFM_Crypto = DyFM_Crypto;
+//# sourceMappingURL=crypto-non-stable.util.js.map

package/build/_modules/crypto/_collections/crypto-non-stable.util.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"crypto-non-stable.util.js","sourceRoot":"","sources":["../../../../src/_modules/crypto/_collections/crypto-non-stable.util.ts"],"names":[],"mappings":";;;;AAAA,4DAAsC;AACtC,6FAG6D;AAwB7D;;;GAGG;AACH,MAAa,WAAW;IACd,MAAM,CAAU,cAAc,GAA2B;QAC/D,QAAQ,EAAE,EAAE,EAAE,WAAW;QACzB,UAAU,EAAE,EAAE,EAAE,WAAW;QAC3B,aAAa,EAAE,KAAK;QACpB,OAAO,EAAE,CAAC,CAAC,oBAAoB;KAChC,CAAC;IACM,MAAM,CAAU,mBAAmB,GACzC,oDAAoD;QACpD,oDAAoD,CAAC;IAEvD,8CAA8C;IAC9C,sCAAsC;IACtC,sCAAsC;IAEtC;;;OAGG;IACK,MAAM,CAAC,aAAa,CAAC,IAAS,EAAE,GAAW;QACjD,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC/D,MAAM,IAAI,gCAAU,CAAC;gBACnB,GAAG,IAAI,CAAC,uBAAuB,CAAC,eAAe,CAAC;gBAChD,SAAS,EAAE,cAAc;gBACzB,OAAO,EAAE,wBAAwB;aAClC,CAAC,CAAC;QACL,CAAC;QAED,IAAI,IAAI,KAAK,SAAS,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;YACxC,MAAM,IAAI,gCAAU,CAAC;gBACnB,GAAG,IAAI,CAAC,uBAAuB,CAAC,eAAe,CAAC;gBAChD,SAAS,EAAE,cAAc;gBACzB,OAAO,EAAE,iCAAiC;aAC3C,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,UAAU,CAAC,IAAY,EAAE,GAAW,EAAE,MAA8B;QACjF,MAAM,IAAI,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,GAAG,GAAG,CAAC,CAAC;QACzC,OAAO,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,MAAM,CAAC,QAAQ,GAAG,CAAC,CAAC,CAAC,CAAC;IACjF,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,YAAY,CAAC,IAAY,EAAE,GAAW,EAAE,MAA8B;QACnF,MAAM,IAAI,GAAG,QAAQ,CAAC,MAAM,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC;QACzC,OAAO,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,MAAM,CAAC,UAAU,GAAG,CAAC,CAAC,CAAC,CAAC;IACnF,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,SAAS,CAAC,GAAW,EAAE,IAA4B,EAAE,MAA8B;QAChG,OAAO,QAAQ,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,EAAE;YAChC,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,UAAU,EAAE,MAAM,CAAC,aAAa;SACjC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,aAAa,CAAI,IAAO;QACrC,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QAC9B,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,IAAI,gCAAU,CAAC;gBACnB,GAAG,IAAI,CAAC,uBAAuB,CAAC,eAAe,EAAE,KAAK,CAAC;gBACvD,SAAS,EAAE,cAAc;gBACzB,OAAO,EAAE,0BAA0B;aACpC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,eAAe,CAAI,IAAY;QAC5C,IAAI,CAAC;YACH,IAAI,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAE9B,iCAAiC;YACjC,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;gBAC/B,IAAI,CAAC;oBACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;gBAC9B,CAAC;gBAAC,MAAM,CAAC;oBACP,iDAAiD;oBACjD,OAAO,MAAW,CAAC;gBACrB,CAAC;YACH,CAAC;YAED,0BAA0B;YAC1B,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,OAAO,MAAM,KAAK,SAAS,EAAE,CAAC;gBAC5F,OAAO,MAAW,CAAC;YACrB,CAAC;YAED,OAAO,MAAW,CAAC;QACrB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,IAAI,gCAAU,CAAC;gBACnB,GAAG,IAAI,CAAC,uBAAuB,CAAC,iBAAiB,EAAE,KAAK,CAAC;gBACzD,SAAS,EAAE,cAAc;gBACzB,OAAO,EAAE,4BAA4B;aACtC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED;;;;;;;OAOG;IACH,MAAM,CAAC,OAAO,CAAI,IAAO,EAAE,GAAW,EAAE,MAAqB;QAC3D,IAAI,CAAC;YACH,IAAI,CAAC,aAAa,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;YAC9B,MAAM,WAAW,GAAG,EAAE,GAAG,IAAI,CAAC,cAAc,EAAE,GAAG,MAAM,EAAE,CAAC;YAE1D,yBAAyB;YACzB,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;YAEzC,2DAA2D;YAC3D,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,GAAG,EAAE,WAAW,CAAC,CAAC;YACtD,MAAM,IAAI,GAAG,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,GAAG,EAAE,WAAW,CAAC,CAAC;YAE1D,0BAA0B;YAC1B,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC;YAE1D,mBAAmB;YACnB,MAAM,SAAS,GAAG,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,EAAE,UAAU,EAAE;gBAC1D,EAAE,EAAE,EAAE;gBACN,IAAI,EAAE,QAAQ,CAAC,IAAI,CAAC,GAAG;gBACvB,OAAO,EAAE,QAAQ,CAAC,GAAG,CAAC,KAAK;aAC5B,CAAC,CAAC;YAEH,iCAAiC;YACjC,MAAM,QAAQ,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;YAE9D,6BAA6B;YAC7B,OAAO,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC;iBAC3C,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;iBACnB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;iBACnB,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QACxB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,IAAI,gCAAU,CAAC;gBACnB,GAAG,IAAI,CAAC,uBAAuB,CAAC,SAAS,EAAE,KAAK,CAAC;gBACjD,SAAS,EAAE,cAAc;aAC1B,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED;;;;;;;OAOG;IACH,MAAM,CAAC,OAAO,CAAI,aAAqB,EAAE,GAAW,EAAE,MAAqB;QACzE,IAAI,CAAC;YACH,IAAI,CAAC,aAAa,CAAC,aAAa,EAAE,GAAG,CAAC,CAAC;YACvC,MAAM,WAAW,GAAG,EAAE,GAAG,IAAI,CAAC,cAAc,EAAE,GAAG,MAAM,EAAE,CAAC;YAE1D,+BAA+B;YAC/B,MAAM,MAAM,GAAG,aAAa;iBACzB,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC;iBAClB,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;YAEtB,0BAA0B;YAC1B,MAAM,QAAQ,GAAG,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;YAEnD,2DAA2D;YAC3D,MAAM,SAAS,GAAG,CAAC,WAAW,CAAC,QAAQ,GAAG,WAAW,CAAC,UAAU,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,kCAAkC;YAC9G,IAAI,QAAQ,CAAC,KAAK,CAAC,MAAM,GAAG,SAAS,EAAE,CAAC;gBACtC,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;YACnD,CAAC;YAED,mCAAmC;YACnC,MAAM,EAAE,GAAG,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,WAAW,CAAC,QAAQ,GAAG,CAAC,CAAC,CAAC,CAAC;YAC5F,MAAM,IAAI,GAAG,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,CACxC,QAAQ,CAAC,KAAK,CAAC,KAAK,CAClB,WAAW,CAAC,QAAQ,GAAG,CAAC,EACxB,CAAC,WAAW,CAAC,QAAQ,GAAG,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC,CACpD,CACF,CAAC;YACF,MAAM,UAAU,GAAG,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,CAC9C,QAAQ,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,WAAW,CAAC,QAAQ,GAAG,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAC1E,CAAC;YAEF,0BAA0B;YAC1B,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC;YAE1D,mBAAmB;YACnB,MAAM,SAAS,GAAG,QAAQ,CAAC,GAAG,CAAC,OAAO,CACpC,EAAE,UAAU,EAAE,UAAU,EAAE,EAC1B,UAAU,EACV;gBACE,EAAE,EAAE,EAAE;gBACN,IAAI,EAAE,QAAQ,CAAC,IAAI,CAAC,GAAG;gBACvB,OAAO,EAAE,QAAQ,CAAC,GAAG,CAAC,KAAK;aAC5B,CACF,CAAC;YAEF,aAAa;YACb,MAAM,YAAY,GAAG,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YAC3D,OAAO,IAAI,CAAC,eAAe,CAAI,YAAY,CAAC,CAAC;QAC/C,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,IAAI,gCAAU,CAAC;gBACnB,GAAG,IAAI,CAAC,uBAAuB,CAAC,SAAS,EAAE,KAAK,CAAC;gBACjD,SAAS,EAAE,cAAc;aAC1B,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED;;;;OAIG;IACH,MAAM,CAAC,WAAW,CAAC,SAAiB,EAAE;QACpC,OAAO,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,CAAC;IAC1D,CAAC;IAED;;;;OAIG;IACH,MAAM,CAAC,oBAAoB,CAAC,aAAqB;QAC/C,IAAI,CAAC,aAAa,IAAI,OAAO,aAAa,KAAK,QAAQ,EAAE,CAAC;YACxD,OAAO,KAAK,CAAC;QACf,CAAC;QACD,OAAO,mBAAmB,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;IACjD,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,uBAAuB,CAAC,SAAiB,EAAE,KAAW;QACnE,OAAO;YACL,MAAM,EAAG,KAAoB,EAAE,SAAS,IAAK,KAAa,EAAE,MAAM,IAAI,GAAG;YACzE,OAAO,EAAE,qBAAqB,SAAS,UAAU;YACjD,KAAK,EAAE,KAAK;YACZ,SAAS,EAAE,cAAc;SAC1B,CAAC;IACJ,CAAC;;AA3PH,kCA4PC"}

package/build/_modules/crypto/_collections/crypto.util.d.ts

@@ -1,77 +1,45 @@
-/**
- * Error codes for crypto operations
- */
-/**
- * Configuration options for encryption/decryption
- */
-export interface CryptoConfig {
-    ivLength?: number;
-    saltLength?: number;
-    keyIterations?: number;
-    keySize?: number;
-}
 /**
  * A utility class for secure encryption and decryption of data
- * Uses AES-256-CBC with PBKDF2 key derivation
+ * Uses AES-256-CBC with deterministic IV and salt for consistent results
  */
 export declare class DyFM_Crypto {
-    private static readonly DEFAULT_CONFIG;
     private static readonly defaultErrorUserMsg;
     /**
-     * Validates the input data and key
-     * @throws {DyFM_Error} if validation fails
+     * Validates the encryption key
      */
-    private static validateInput;
+    private static validateKey;
     /**
-     * Generates a deterministic IV based on the input data and key
+     * Safely serializes data to JSON
      */
-    private static generateIV;
+    private static safeSerialize;
     /**
-     * Generates a deterministic salt based on the input data and key
+     * Safely deserializes JSON data
      */
-    private static generateSalt;
+    private static safeDeserialize;
     /**
-     * Derives a key using PBKDF2
+     * Derives a 256-bit key from the passphrase using SHA256
      */
     private static deriveKey;
     /**
-     * Safely serializes data to JSON
+     * Creates a deterministic IV from the key only
      */
-    private static safeSerialize;
-    /**
-     * Safely deserializes JSON data
-     */
-    private static safeDeserialize;
+    private static createDeterministicIV;
     /**
-     * Encrypts data using AES-256-CBC
+     * Encrypts data using AES-256-CBC with deterministic key and IV
      * @param data The data to encrypt
      * @param key The encryption key
-     * @param config Optional configuration
      * @returns URL-safe encrypted string
      * @throws {DyFM_Error} if encryption fails
      */
-    static encrypt<T>(data: T, key: string, config?: CryptoConfig): string;
+    static encrypt<T>(data: T, key: string): string;
     /**
      * Decrypts data that was encrypted using encrypt()
      * @param encryptedData The encrypted data
      * @param key The decryption key
-     * @param config Optional configuration
      * @returns The decrypted data
      * @throws {DyFM_Error} if decryption fails
      */
-    static decrypt<T>(encryptedData: string, key: string, config?: CryptoConfig): T;
-    /**
-     * Generates a secure random key
-     * @param length Length of the key in bytes (default: 32)
-     * @returns A secure random key
-     */
-    static generateKey(length?: number): string;
-    /**
-     * Validates if a string is a valid encrypted data
-     * @param encryptedData The data to validate
-     * @returns true if the data appears to be valid encrypted data
-     */
-    static isValidEncryptedData(encryptedData: string): boolean;
+    static decrypt<T>(encryptedData: string, key: string): T;
     /**
      * Gets default error settings
      */

package/build/_modules/crypto/_collections/crypto.util.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"crypto.util.d.ts","sourceRoot":"","sources":["../../../../src/_modules/crypto/_collections/crypto.util.ts"],"names":[],"mappings":"AAOA;;GAEG;AASH;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;;GAGG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,cAAc,CAKpC;IACF,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,mBAAmB,CAEY;IAMvD;;;OAGG;IACH,OAAO,CAAC,MAAM,CAAC,aAAa;IAkB5B;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,UAAU;IAKzB;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,YAAY;IAK3B;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,SAAS;IAOxB;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,aAAa;IAY5B;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,eAAe;IA6B9B;;;;;;;OAOG;IACH,MAAM,CAAC,OAAO,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,YAAY,GAAG,MAAM;IAsCtE;;;;;;;OAOG;IACH,MAAM,CAAC,OAAO,CAAC,CAAC,EAAE,aAAa,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,YAAY,GAAG,CAAC;IAwD/E;;;;OAIG;IACH,MAAM,CAAC,WAAW,CAAC,MAAM,GAAE,MAAW,GAAG,MAAM;IAI/C;;;;OAIG;IACH,MAAM,CAAC,oBAAoB,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO;IAO3D;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,uBAAuB;CAQvC"}
+{"version":3,"file":"crypto.util.d.ts","sourceRoot":"","sources":["../../../../src/_modules/crypto/_collections/crypto.util.ts"],"names":[],"mappings":"AAOA;;;GAGG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,mBAAmB,CAEY;IAEvD;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,WAAW;IAkB1B;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,aAAa;IAY5B;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,eAAe;IA6B9B;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,SAAS;IAIxB;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,qBAAqB;IAKpC;;;;;;OAMG;IACH,MAAM,CAAC,OAAO,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,GAAG,EAAE,MAAM,GAAG,MAAM;IA0C/C;;;;;;OAMG;IACH,MAAM,CAAC,OAAO,CAAC,CAAC,EAAE,aAAa,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC;IAyDxD;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,uBAAuB;CAQvC"}

package/build/_modules/crypto/_collections/crypto.util.js

@@ -6,63 +6,30 @@ const CryptoJS = tslib_1.__importStar(require("crypto-js"));
 const error_control_model_1 = require("../../../_models/control-models/error.control-model");
 /**
  * A utility class for secure encryption and decryption of data
- * Uses AES-256-CBC with PBKDF2 key derivation
+ * Uses AES-256-CBC with deterministic IV and salt for consistent results
  */
 class DyFM_Crypto {
-    static DEFAULT_CONFIG = {
-        ivLength: 16, // 128 bits
-        saltLength: 16, // 128 bits
-        keyIterations: 10000,
-        keySize: 8 // 256 bits (8 * 32)
-    };
     static defaultErrorUserMsg = `We encountered an unhandled Authentication Error, ` +
         `\nplease contact the responsible development team.`;
-    // Tömör: kb. 60–80 karakteres token, nem 200+
-    // Nem szabványos: nehéz visszafejteni
-    // Használható cookie, header, URL-ben
     /**
-     * Validates the input data and key
-     * @throws {DyFM_Error} if validation fails
+     * Validates the encryption key
      */
-    static validateInput(data, key) {
-        if (!key || typeof key !== 'string' || key.trim().length === 0) {
+    static validateKey(key) {
+        if (!key || typeof key !== 'string') {
             throw new error_control_model_1.DyFM_Error({
-                ...this.getDefaultErrorSettings('validateInput'),
-                errorCode: 'DyFM-CRY-IKY',
-                message: 'Invalid encryption key'
+                status: 401,
+                message: 'Encryption key is required and must be a string',
+                errorCode: 'DyFM-CRY-KEY-REQ'
             });
         }
-        if (data === undefined || data === null) {
+        if (key.trim().length === 0) {
             throw new error_control_model_1.DyFM_Error({
-                ...this.getDefaultErrorSettings('validateInput'),
-                errorCode: 'DyFM-CRY-IDT',
-                message: 'Invalid data to encrypt/decrypt'
+                status: 401,
+                message: 'Encryption key cannot be empty or whitespace-only',
+                errorCode: 'DyFM-CRY-KEY-EMPTY'
             });
         }
     }
-    /**
-     * Generates a deterministic IV based on the input data and key
-     */
-    static generateIV(data, key, config) {
-        const hash = CryptoJS.SHA256(data + key);
-        return CryptoJS.lib.WordArray.create(hash.words.slice(0, config.ivLength / 4));
-    }
-    /**
-     * Generates a deterministic salt based on the input data and key
-     */
-    static generateSalt(data, key, config) {
-        const hash = CryptoJS.SHA256(key + data);
-        return CryptoJS.lib.WordArray.create(hash.words.slice(0, config.saltLength / 4));
-    }
-    /**
-     * Derives a key using PBKDF2
-     */
-    static deriveKey(key, salt, config) {
-        return CryptoJS.PBKDF2(key, salt, {
-            keySize: config.keySize,
-            iterations: config.keyIterations
-        });
-    }
     /**
      * Safely serializes data to JSON
      */
@@ -109,34 +76,51 @@ class DyFM_Crypto {
         }
     }
     /**
-     * Encrypts data using AES-256-CBC
+     * Derives a 256-bit key from the passphrase using SHA256
+     */
+    static deriveKey(key) {
+        return CryptoJS.SHA256(key);
+    }
+    /**
+     * Creates a deterministic IV from the key only
+     */
+    static createDeterministicIV(key) {
+        const hash = CryptoJS.SHA256(key + ':iv');
+        return CryptoJS.lib.WordArray.create(hash.words.slice(0, 4)); // Use first 16 bytes (128 bits)
+    }
+    /**
+     * Encrypts data using AES-256-CBC with deterministic key and IV
      * @param data The data to encrypt
      * @param key The encryption key
-     * @param config Optional configuration
      * @returns URL-safe encrypted string
      * @throws {DyFM_Error} if encryption fails
      */
-    static encrypt(data, key, config) {
+    static encrypt(data, key) {
         try {
-            this.validateInput(data, key);
-            const finalConfig = { ...this.DEFAULT_CONFIG, ...config };
+            // Validate key
+            this.validateKey(key);
+            // Validate data
+            if (data === undefined || data === null) {
+                throw new error_control_model_1.DyFM_Error({
+                    status: 401,
+                    message: 'Data cannot be undefined or null',
+                    errorCode: 'DyFM-CRY-DATA-NULL'
+                });
+            }
             // Convert data to string
             const dataStr = this.safeSerialize(data);
-            // Generate deterministic IV and salt based on data and key
-            const iv = this.generateIV(dataStr, key, finalConfig);
-            const salt = this.generateSalt(dataStr, key, finalConfig);
-            // Derive key using PBKDF2
-            const derivedKey = this.deriveKey(key, salt, finalConfig);
-            // Encrypt the data
-            const encrypted = CryptoJS.AES.encrypt(dataStr, derivedKey, {
+            // Derive key and IV
+            const aesKey = this.deriveKey(key);
+            const iv = this.createDeterministicIV(key);
+            // Encrypt the data with deterministic key and IV
+            const encrypted = CryptoJS.AES.encrypt(dataStr, aesKey, {
                 iv: iv,
                 mode: CryptoJS.mode.CBC,
                 padding: CryptoJS.pad.Pkcs7
             });
-            // Combine IV + Salt + Ciphertext
-            const combined = iv.concat(salt).concat(encrypted.ciphertext);
             // Convert to URL-safe base64
-            return CryptoJS.enc.Base64.stringify(combined)
+            const base64 = encrypted.ciphertext.toString(CryptoJS.enc.Base64);
+            return base64
                 .replace(/\+/g, '-')
                 .replace(/\//g, '_')
                 .replace(/=+$/, '');
@@ -152,39 +136,49 @@ class DyFM_Crypto {
      * Decrypts data that was encrypted using encrypt()
      * @param encryptedData The encrypted data
      * @param key The decryption key
-     * @param config Optional configuration
      * @returns The decrypted data
      * @throws {DyFM_Error} if decryption fails
      */
-    static decrypt(encryptedData, key, config) {
+    static decrypt(encryptedData, key) {
         try {
-            this.validateInput(encryptedData, key);
-            const finalConfig = { ...this.DEFAULT_CONFIG, ...config };
+            // Validate key
+            this.validateKey(key);
+            // Validate encrypted data
+            if (!encryptedData || typeof encryptedData !== 'string') {
+                throw new error_control_model_1.DyFM_Error({
+                    status: 401,
+                    message: 'Encrypted data is required and must be a string',
+                    errorCode: 'DyFM-CRY-DATA-REQ'
+                });
+            }
             // Convert from URL-safe base64
-            const base64 = encryptedData
+            let base64 = encryptedData
                 .replace(/-/g, '+')
                 .replace(/_/g, '/');
-            // Parse the combined data
-            const combined = CryptoJS.enc.Base64.parse(base64);
-            // Validate minimum length (IV + Salt + minimum ciphertext)
-            const minLength = (finalConfig.ivLength + finalConfig.saltLength + 16) / 4; // 16 bytes minimum for ciphertext
-            if (combined.words.length < minLength) {
-                throw new Error('Invalid encrypted data length');
+            // Add padding if needed
+            const padLength = 4 - (base64.length % 4);
+            if (padLength < 4) {
+                base64 += '='.repeat(padLength);
             }
-            // Extract IV, salt, and ciphertext
-            const iv = CryptoJS.lib.WordArray.create(combined.words.slice(0, finalConfig.ivLength / 4));
-            const salt = CryptoJS.lib.WordArray.create(combined.words.slice(finalConfig.ivLength / 4, (finalConfig.ivLength + finalConfig.saltLength) / 4));
-            const ciphertext = CryptoJS.lib.WordArray.create(combined.words.slice((finalConfig.ivLength + finalConfig.saltLength) / 4));
-            // Derive key using PBKDF2
-            const derivedKey = this.deriveKey(key, salt, finalConfig);
+            // Derive key and IV
+            const aesKey = this.deriveKey(key);
+            const iv = this.createDeterministicIV(key);
             // Decrypt the data
-            const decrypted = CryptoJS.AES.decrypt({ ciphertext: ciphertext }, derivedKey, {
+            const encryptedWA = CryptoJS.enc.Base64.parse(base64);
+            const decrypted = CryptoJS.AES.decrypt({ ciphertext: encryptedWA }, aesKey, {
                 iv: iv,
                 mode: CryptoJS.mode.CBC,
                 padding: CryptoJS.pad.Pkcs7
             });
             // Parse JSON
             const decryptedStr = decrypted.toString(CryptoJS.enc.Utf8);
+            if (!decryptedStr) {
+                throw new error_control_model_1.DyFM_Error({
+                    status: 401,
+                    message: 'Failed to decrypt data - invalid key or corrupted data',
+                    errorCode: 'DyFM-CRY-DEC-FAIL'
+                });
+            }
             return this.safeDeserialize(decryptedStr);
         }
         catch (error) {
@@ -194,25 +188,6 @@ class DyFM_Crypto {
             });
         }
     }
-    /**
-     * Generates a secure random key
-     * @param length Length of the key in bytes (default: 32)
-     * @returns A secure random key
-     */
-    static generateKey(length = 32) {
-        return CryptoJS.lib.WordArray.random(length).toString();
-    }
-    /**
-     * Validates if a string is a valid encrypted data
-     * @param encryptedData The data to validate
-     * @returns true if the data appears to be valid encrypted data
-     */
-    static isValidEncryptedData(encryptedData) {
-        if (!encryptedData || typeof encryptedData !== 'string') {
-            return false;
-        }
-        return /^[A-Za-z0-9\-_]+$/.test(encryptedData);
-    }
     /**
      * Gets default error settings
      */