npm - @futdevpro/fsm-dynamo - Versions diffs - 1.10.50 → 1.10.51 - Mend

@futdevpro/fsm-dynamo 1.10.50 → 1.10.51

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (16) hide show

package/build/_modules/crypto/_collections/crypto-non-stable.util.d.ts ADDED Viewed

@@ -0,0 +1,80 @@
+/**
+ * Error codes for crypto operations
+ */
+/**
+ * Configuration options for encryption/decryption
+ */
+export interface CryptoConfig {
+    ivLength?: number;
+    saltLength?: number;
+    keyIterations?: number;
+    keySize?: number;
+}
+/**
+ * A utility class for secure encryption and decryption of data
+ * Uses AES-256-CBC with PBKDF2 key derivation
+ */
+export declare class DyFM_Crypto {
+    private static readonly DEFAULT_CONFIG;
+    private static readonly defaultErrorUserMsg;
+    /**
+     * Validates the input data and key
+     * @throws {DyFM_Error} if validation fails
+     */
+    private static validateInput;
+    /**
+     * Generates a deterministic IV based on the input data and key
+     */
+    private static generateIV;
+    /**
+     * Generates a deterministic salt based on the input data and key
+     */
+    private static generateSalt;
+    /**
+     * Derives a key using PBKDF2
+     */
+    private static deriveKey;
+    /**
+     * Safely serializes data to JSON
+     */
+    private static safeSerialize;
+    /**
+     * Safely deserializes JSON data
+     */
+    private static safeDeserialize;
+    /**
+     * Encrypts data using AES-256-CBC
+     * @param data The data to encrypt
+     * @param key The encryption key
+     * @param config Optional configuration
+     * @returns URL-safe encrypted string
+     * @throws {DyFM_Error} if encryption fails
+     */
+    static encrypt<T>(data: T, key: string, config?: CryptoConfig): string;
+    /**
+     * Decrypts data that was encrypted using encrypt()
+     * @param encryptedData The encrypted data
+     * @param key The decryption key
+     * @param config Optional configuration
+     * @returns The decrypted data
+     * @throws {DyFM_Error} if decryption fails
+     */
+    static decrypt<T>(encryptedData: string, key: string, config?: CryptoConfig): T;
+    /**
+     * Generates a secure random key
+     * @param length Length of the key in bytes (default: 32)
+     * @returns A secure random key
+     */
+    static generateKey(length?: number): string;
+    /**
+     * Validates if a string is a valid encrypted data
+     * @param encryptedData The data to validate
+     * @returns true if the data appears to be valid encrypted data
+     */
+    static isValidEncryptedData(encryptedData: string): boolean;
+    /**
+     * Gets default error settings
+     */
+    private static getDefaultErrorSettings;
+}
+//# sourceMappingURL=crypto-non-stable.util.d.ts.map

package/build/_modules/crypto/_collections/crypto-non-stable.util.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"crypto-non-stable.util.d.ts","sourceRoot":"","sources":["../../../../src/_modules/crypto/_collections/crypto-non-stable.util.ts"],"names":[],"mappings":"AAOA;;GAEG;AASH;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;;GAGG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,cAAc,CAKpC;IACF,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,mBAAmB,CAEY;IAMvD;;;OAGG;IACH,OAAO,CAAC,MAAM,CAAC,aAAa;IAkB5B;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,UAAU;IAKzB;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,YAAY;IAK3B;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,SAAS;IAOxB;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,aAAa;IAY5B;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,eAAe;IA6B9B;;;;;;;OAOG;IACH,MAAM,CAAC,OAAO,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,YAAY,GAAG,MAAM;IAsCtE;;;;;;;OAOG;IACH,MAAM,CAAC,OAAO,CAAC,CAAC,EAAE,aAAa,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,YAAY,GAAG,CAAC;IAwD/E;;;;OAIG;IACH,MAAM,CAAC,WAAW,CAAC,MAAM,GAAE,MAAW,GAAG,MAAM;IAI/C;;;;OAIG;IACH,MAAM,CAAC,oBAAoB,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO;IAO3D;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,uBAAuB;CAQvC"}

package/build/_modules/crypto/_collections/crypto-non-stable.util.js ADDED Viewed

@@ -0,0 +1,229 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DyFM_Crypto = void 0;
+const tslib_1 = require("tslib");
+const CryptoJS = tslib_1.__importStar(require("crypto-js"));
+const error_control_model_1 = require("../../../_models/control-models/error.control-model");
+/**
+ * A utility class for secure encryption and decryption of data
+ * Uses AES-256-CBC with PBKDF2 key derivation
+ */
+class DyFM_Crypto {
+    static DEFAULT_CONFIG = {
+        ivLength: 16, // 128 bits
+        saltLength: 16, // 128 bits
+        keyIterations: 10000,
+        keySize: 8 // 256 bits (8 * 32)
+    };
+    static defaultErrorUserMsg = `We encountered an unhandled Authentication Error, ` +
+        `\nplease contact the responsible development team.`;
+    // Tömör: kb. 60–80 karakteres token, nem 200+
+    // Nem szabványos: nehéz visszafejteni
+    // Használható cookie, header, URL-ben
+    /**
+     * Validates the input data and key
+     * @throws {DyFM_Error} if validation fails
+     */
+    static validateInput(data, key) {
+        if (!key || typeof key !== 'string' || key.trim().length === 0) {
+            throw new error_control_model_1.DyFM_Error({
+                ...this.getDefaultErrorSettings('validateInput'),
+                errorCode: 'DyFM-CRY-IKY',
+                message: 'Invalid encryption key'
+            });
+        }
+        if (data === undefined || data === null) {
+            throw new error_control_model_1.DyFM_Error({
+                ...this.getDefaultErrorSettings('validateInput'),
+                errorCode: 'DyFM-CRY-IDT',
+                message: 'Invalid data to encrypt/decrypt'
+            });
+        }
+    }
+    /**
+     * Generates a deterministic IV based on the input data and key
+     */
+    static generateIV(data, key, config) {
+        const hash = CryptoJS.SHA256(data + key);
+        return CryptoJS.lib.WordArray.create(hash.words.slice(0, config.ivLength / 4));
+    }
+    /**
+     * Generates a deterministic salt based on the input data and key
+     */
+    static generateSalt(data, key, config) {
+        const hash = CryptoJS.SHA256(key + data);
+        return CryptoJS.lib.WordArray.create(hash.words.slice(0, config.saltLength / 4));
+    }
+    /**
+     * Derives a key using PBKDF2
+     */
+    static deriveKey(key, salt, config) {
+        return CryptoJS.PBKDF2(key, salt, {
+            keySize: config.keySize,
+            iterations: config.keyIterations
+        });
+    }
+    /**
+     * Safely serializes data to JSON
+     */
+    static safeSerialize(data) {
+        try {
+            return JSON.stringify(data);
+        }
+        catch (error) {
+            throw new error_control_model_1.DyFM_Error({
+                ...this.getDefaultErrorSettings('safeSerialize', error),
+                errorCode: 'DyFM-CRY-SER',
+                message: 'Failed to serialize data'
+            });
+        }
+    }
+    /**
+     * Safely deserializes JSON data
+     */
+    static safeDeserialize(data) {
+        try {
+            let parsed = JSON.parse(data);
+            // Handle double-stringified JSON
+            if (typeof parsed === 'string') {
+                try {
+                    parsed = JSON.parse(parsed);
+                }
+                catch {
+                    // If second parse fails, return the string as is
+                    return parsed;
+                }
+            }
+            // Handle primitive values
+            if (typeof parsed === 'string' || typeof parsed === 'number' || typeof parsed === 'boolean') {
+                return parsed;
+            }
+            return parsed;
+        }
+        catch (error) {
+            throw new error_control_model_1.DyFM_Error({
+                ...this.getDefaultErrorSettings('safeDeserialize', error),
+                errorCode: 'DyFM-CRY-DES',
+                message: 'Failed to deserialize data'
+            });
+        }
+    }
+    /**
+     * Encrypts data using AES-256-CBC
+     * @param data The data to encrypt
+     * @param key The encryption key
+     * @param config Optional configuration
+     * @returns URL-safe encrypted string
+     * @throws {DyFM_Error} if encryption fails
+     */
+    static encrypt(data, key, config) {
+        try {
+            this.validateInput(data, key);
+            const finalConfig = { ...this.DEFAULT_CONFIG, ...config };
+            // Convert data to string
+            const dataStr = this.safeSerialize(data);
+            // Generate deterministic IV and salt based on data and key
+            const iv = this.generateIV(dataStr, key, finalConfig);
+            const salt = this.generateSalt(dataStr, key, finalConfig);
+            // Derive key using PBKDF2
+            const derivedKey = this.deriveKey(key, salt, finalConfig);
+            // Encrypt the data
+            const encrypted = CryptoJS.AES.encrypt(dataStr, derivedKey, {
+                iv: iv,
+                mode: CryptoJS.mode.CBC,
+                padding: CryptoJS.pad.Pkcs7
+            });
+            // Combine IV + Salt + Ciphertext
+            const combined = iv.concat(salt).concat(encrypted.ciphertext);
+            // Convert to URL-safe base64
+            return CryptoJS.enc.Base64.stringify(combined)
+                .replace(/\+/g, '-')
+                .replace(/\//g, '_')
+                .replace(/=+$/, '');
+        }
+        catch (error) {
+            throw new error_control_model_1.DyFM_Error({
+                ...this.getDefaultErrorSettings('encrypt', error),
+                errorCode: 'DyFM-CRY-ENC',
+            });
+        }
+    }
+    /**
+     * Decrypts data that was encrypted using encrypt()
+     * @param encryptedData The encrypted data
+     * @param key The decryption key
+     * @param config Optional configuration
+     * @returns The decrypted data
+     * @throws {DyFM_Error} if decryption fails
+     */
+    static decrypt(encryptedData, key, config) {
+        try {
+            this.validateInput(encryptedData, key);
+            const finalConfig = { ...this.DEFAULT_CONFIG, ...config };
+            // Convert from URL-safe base64
+            const base64 = encryptedData
+                .replace(/-/g, '+')
+                .replace(/_/g, '/');
+            // Parse the combined data
+            const combined = CryptoJS.enc.Base64.parse(base64);
+            // Validate minimum length (IV + Salt + minimum ciphertext)
+            const minLength = (finalConfig.ivLength + finalConfig.saltLength + 16) / 4; // 16 bytes minimum for ciphertext
+            if (combined.words.length < minLength) {
+                throw new Error('Invalid encrypted data length');
+            }
+            // Extract IV, salt, and ciphertext
+            const iv = CryptoJS.lib.WordArray.create(combined.words.slice(0, finalConfig.ivLength / 4));
+            const salt = CryptoJS.lib.WordArray.create(combined.words.slice(finalConfig.ivLength / 4, (finalConfig.ivLength + finalConfig.saltLength) / 4));
+            const ciphertext = CryptoJS.lib.WordArray.create(combined.words.slice((finalConfig.ivLength + finalConfig.saltLength) / 4));
+            // Derive key using PBKDF2
+            const derivedKey = this.deriveKey(key, salt, finalConfig);
+            // Decrypt the data
+            const decrypted = CryptoJS.AES.decrypt({ ciphertext: ciphertext }, derivedKey, {
+                iv: iv,
+                mode: CryptoJS.mode.CBC,
+                padding: CryptoJS.pad.Pkcs7
+            });
+            // Parse JSON
+            const decryptedStr = decrypted.toString(CryptoJS.enc.Utf8);
+            return this.safeDeserialize(decryptedStr);
+        }
+        catch (error) {
+            throw new error_control_model_1.DyFM_Error({
+                ...this.getDefaultErrorSettings('decrypt', error),
+                errorCode: 'DyFM-CRY-DRY',
+            });
+        }
+    }
+    /**
+     * Generates a secure random key
+     * @param length Length of the key in bytes (default: 32)
+     * @returns A secure random key
+     */
+    static generateKey(length = 32) {
+        return CryptoJS.lib.WordArray.random(length).toString();
+    }
+    /**
+     * Validates if a string is a valid encrypted data
+     * @param encryptedData The data to validate
+     * @returns true if the data appears to be valid encrypted data
+     */
+    static isValidEncryptedData(encryptedData) {
+        if (!encryptedData || typeof encryptedData !== 'string') {
+            return false;
+        }
+        return /^[A-Za-z0-9\-_]+$/.test(encryptedData);
+    }
+    /**
+     * Gets default error settings
+     */
+    static getDefaultErrorSettings(operation, error) {
+        return {
+            status: error?.___status ?? error?.status ?? 401,
+            message: `Crypto operation "${operation}" failed`,
+            error: error,
+            errorCode: 'DyFM-CRY-ERR'
+        };
+    }
+}
+exports.DyFM_Crypto = DyFM_Crypto;
+//# sourceMappingURL=crypto-non-stable.util.js.map

package/build/_modules/crypto/_collections/crypto-non-stable.util.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"crypto-non-stable.util.js","sourceRoot":"","sources":["../../../../src/_modules/crypto/_collections/crypto-non-stable.util.ts"],"names":[],"mappings":";;;;AAAA,4DAAsC;AACtC,6FAG6D;AAwB7D;;;GAGG;AACH,MAAa,WAAW;IACd,MAAM,CAAU,cAAc,GAA2B;QAC/D,QAAQ,EAAE,EAAE,EAAE,WAAW;QACzB,UAAU,EAAE,EAAE,EAAE,WAAW;QAC3B,aAAa,EAAE,KAAK;QACpB,OAAO,EAAE,CAAC,CAAC,oBAAoB;KAChC,CAAC;IACM,MAAM,CAAU,mBAAmB,GACzC,oDAAoD;QACpD,oDAAoD,CAAC;IAEvD,8CAA8C;IAC9C,sCAAsC;IACtC,sCAAsC;IAEtC;;;OAGG;IACK,MAAM,CAAC,aAAa,CAAC,IAAS,EAAE,GAAW;QACjD,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC/D,MAAM,IAAI,gCAAU,CAAC;gBACnB,GAAG,IAAI,CAAC,uBAAuB,CAAC,eAAe,CAAC;gBAChD,SAAS,EAAE,cAAc;gBACzB,OAAO,EAAE,wBAAwB;aAClC,CAAC,CAAC;QACL,CAAC;QAED,IAAI,IAAI,KAAK,SAAS,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;YACxC,MAAM,IAAI,gCAAU,CAAC;gBACnB,GAAG,IAAI,CAAC,uBAAuB,CAAC,eAAe,CAAC;gBAChD,SAAS,EAAE,cAAc;gBACzB,OAAO,EAAE,iCAAiC;aAC3C,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,UAAU,CAAC,IAAY,EAAE,GAAW,EAAE,MAA8B;QACjF,MAAM,IAAI,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,GAAG,GAAG,CAAC,CAAC;QACzC,OAAO,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,MAAM,CAAC,QAAQ,GAAG,CAAC,CAAC,CAAC,CAAC;IACjF,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,YAAY,CAAC,IAAY,EAAE,GAAW,EAAE,MAA8B;QACnF,MAAM,IAAI,GAAG,QAAQ,CAAC,MAAM,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC;QACzC,OAAO,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,MAAM,CAAC,UAAU,GAAG,CAAC,CAAC,CAAC,CAAC;IACnF,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,SAAS,CAAC,GAAW,EAAE,IAA4B,EAAE,MAA8B;QAChG,OAAO,QAAQ,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,EAAE;YAChC,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,UAAU,EAAE,MAAM,CAAC,aAAa;SACjC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,aAAa,CAAI,IAAO;QACrC,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QAC9B,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,IAAI,gCAAU,CAAC;gBACnB,GAAG,IAAI,CAAC,uBAAuB,CAAC,eAAe,EAAE,KAAK,CAAC;gBACvD,SAAS,EAAE,cAAc;gBACzB,OAAO,EAAE,0BAA0B;aACpC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,eAAe,CAAI,IAAY;QAC5C,IAAI,CAAC;YACH,IAAI,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAE9B,iCAAiC;YACjC,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;gBAC/B,IAAI,CAAC;oBACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;gBAC9B,CAAC;gBAAC,MAAM,CAAC;oBACP,iDAAiD;oBACjD,OAAO,MAAW,CAAC;gBACrB,CAAC;YACH,CAAC;YAED,0BAA0B;YAC1B,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,OAAO,MAAM,KAAK,SAAS,EAAE,CAAC;gBAC5F,OAAO,MAAW,CAAC;YACrB,CAAC;YAED,OAAO,MAAW,CAAC;QACrB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,IAAI,gCAAU,CAAC;gBACnB,GAAG,IAAI,CAAC,uBAAuB,CAAC,iBAAiB,EAAE,KAAK,CAAC;gBACzD,SAAS,EAAE,cAAc;gBACzB,OAAO,EAAE,4BAA4B;aACtC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED;;;;;;;OAOG;IACH,MAAM,CAAC,OAAO,CAAI,IAAO,EAAE,GAAW,EAAE,MAAqB;QAC3D,IAAI,CAAC;YACH,IAAI,CAAC,aAAa,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;YAC9B,MAAM,WAAW,GAAG,EAAE,GAAG,IAAI,CAAC,cAAc,EAAE,GAAG,MAAM,EAAE,CAAC;YAE1D,yBAAyB;YACzB,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;YAEzC,2DAA2D;YAC3D,MAAM,EAAE,GAAG,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,GAAG,EAAE,WAAW,CAAC,CAAC;YACtD,MAAM,IAAI,GAAG,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,GAAG,EAAE,WAAW,CAAC,CAAC;YAE1D,0BAA0B;YAC1B,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC;YAE1D,mBAAmB;YACnB,MAAM,SAAS,GAAG,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,EAAE,UAAU,EAAE;gBAC1D,EAAE,EAAE,EAAE;gBACN,IAAI,EAAE,QAAQ,CAAC,IAAI,CAAC,GAAG;gBACvB,OAAO,EAAE,QAAQ,CAAC,GAAG,CAAC,KAAK;aAC5B,CAAC,CAAC;YAEH,iCAAiC;YACjC,MAAM,QAAQ,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;YAE9D,6BAA6B;YAC7B,OAAO,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC;iBAC3C,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;iBACnB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;iBACnB,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QACxB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,IAAI,gCAAU,CAAC;gBACnB,GAAG,IAAI,CAAC,uBAAuB,CAAC,SAAS,EAAE,KAAK,CAAC;gBACjD,SAAS,EAAE,cAAc;aAC1B,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED;;;;;;;OAOG;IACH,MAAM,CAAC,OAAO,CAAI,aAAqB,EAAE,GAAW,EAAE,MAAqB;QACzE,IAAI,CAAC;YACH,IAAI,CAAC,aAAa,CAAC,aAAa,EAAE,GAAG,CAAC,CAAC;YACvC,MAAM,WAAW,GAAG,EAAE,GAAG,IAAI,CAAC,cAAc,EAAE,GAAG,MAAM,EAAE,CAAC;YAE1D,+BAA+B;YAC/B,MAAM,MAAM,GAAG,aAAa;iBACzB,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC;iBAClB,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;YAEtB,0BAA0B;YAC1B,MAAM,QAAQ,GAAG,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;YAEnD,2DAA2D;YAC3D,MAAM,SAAS,GAAG,CAAC,WAAW,CAAC,QAAQ,GAAG,WAAW,CAAC,UAAU,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,kCAAkC;YAC9G,IAAI,QAAQ,CAAC,KAAK,CAAC,MAAM,GAAG,SAAS,EAAE,CAAC;gBACtC,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;YACnD,CAAC;YAED,mCAAmC;YACnC,MAAM,EAAE,GAAG,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,WAAW,CAAC,QAAQ,GAAG,CAAC,CAAC,CAAC,CAAC;YAC5F,MAAM,IAAI,GAAG,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,CACxC,QAAQ,CAAC,KAAK,CAAC,KAAK,CAClB,WAAW,CAAC,QAAQ,GAAG,CAAC,EACxB,CAAC,WAAW,CAAC,QAAQ,GAAG,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC,CACpD,CACF,CAAC;YACF,MAAM,UAAU,GAAG,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,CAC9C,QAAQ,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,WAAW,CAAC,QAAQ,GAAG,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAC1E,CAAC;YAEF,0BAA0B;YAC1B,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC;YAE1D,mBAAmB;YACnB,MAAM,SAAS,GAAG,QAAQ,CAAC,GAAG,CAAC,OAAO,CACpC,EAAE,UAAU,EAAE,UAAU,EAAE,EAC1B,UAAU,EACV;gBACE,EAAE,EAAE,EAAE;gBACN,IAAI,EAAE,QAAQ,CAAC,IAAI,CAAC,GAAG;gBACvB,OAAO,EAAE,QAAQ,CAAC,GAAG,CAAC,KAAK;aAC5B,CACF,CAAC;YAEF,aAAa;YACb,MAAM,YAAY,GAAG,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YAC3D,OAAO,IAAI,CAAC,eAAe,CAAI,YAAY,CAAC,CAAC;QAC/C,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,IAAI,gCAAU,CAAC;gBACnB,GAAG,IAAI,CAAC,uBAAuB,CAAC,SAAS,EAAE,KAAK,CAAC;gBACjD,SAAS,EAAE,cAAc;aAC1B,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED;;;;OAIG;IACH,MAAM,CAAC,WAAW,CAAC,SAAiB,EAAE;QACpC,OAAO,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,CAAC;IAC1D,CAAC;IAED;;;;OAIG;IACH,MAAM,CAAC,oBAAoB,CAAC,aAAqB;QAC/C,IAAI,CAAC,aAAa,IAAI,OAAO,aAAa,KAAK,QAAQ,EAAE,CAAC;YACxD,OAAO,KAAK,CAAC;QACf,CAAC;QACD,OAAO,mBAAmB,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;IACjD,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,uBAAuB,CAAC,SAAiB,EAAE,KAAW;QACnE,OAAO;YACL,MAAM,EAAG,KAAoB,EAAE,SAAS,IAAK,KAAa,EAAE,MAAM,IAAI,GAAG;YACzE,OAAO,EAAE,qBAAqB,SAAS,UAAU;YACjD,KAAK,EAAE,KAAK;YACZ,SAAS,EAAE,cAAc;SAC1B,CAAC;IACJ,CAAC;;AA3PH,kCA4PC"}

package/build/_modules/crypto/_collections/crypto.util.d.ts CHANGED Viewed

@@ -1,77 +1,45 @@
-/**
- * Error codes for crypto operations
- */
-/**
- * Configuration options for encryption/decryption
- */
-export interface CryptoConfig {
-    ivLength?: number;
-    saltLength?: number;
-    keyIterations?: number;
-    keySize?: number;
-}
 /**
  * A utility class for secure encryption and decryption of data
- * Uses AES-256-CBC with PBKDF2 key derivation
+ * Uses AES-256-CBC with deterministic IV and salt for consistent results
  */
 export declare class DyFM_Crypto {
-    private static readonly DEFAULT_CONFIG;
     private static readonly defaultErrorUserMsg;
     /**
-     * Validates the input data and key
-     * @throws {DyFM_Error} if validation fails
+     * Validates the encryption key
      */
-    private static validateInput;
+    private static validateKey;
     /**
-     * Generates a deterministic IV based on the input data and key
+     * Safely serializes data to JSON
      */
-    private static generateIV;
+    private static safeSerialize;
     /**
-     * Generates a deterministic salt based on the input data and key
+     * Safely deserializes JSON data
      */
-    private static generateSalt;
+    private static safeDeserialize;
     /**
-     * Derives a key using PBKDF2
+     * Derives a 256-bit key from the passphrase using SHA256
      */
     private static deriveKey;
     /**
-     * Safely serializes data to JSON
+     * Creates a deterministic IV from the key only
      */
-    private static safeSerialize;
-    /**
-     * Safely deserializes JSON data
-     */
-    private static safeDeserialize;
+    private static createDeterministicIV;
     /**
-     * Encrypts data using AES-256-CBC
+     * Encrypts data using AES-256-CBC with deterministic key and IV
      * @param data The data to encrypt
      * @param key The encryption key
-     * @param config Optional configuration
      * @returns URL-safe encrypted string
      * @throws {DyFM_Error} if encryption fails
      */
-    static encrypt<T>(data: T, key: string, config?: CryptoConfig): string;
+    static encrypt<T>(data: T, key: string): string;
     /**
      * Decrypts data that was encrypted using encrypt()
      * @param encryptedData The encrypted data
      * @param key The decryption key
-     * @param config Optional configuration
      * @returns The decrypted data
      * @throws {DyFM_Error} if decryption fails
      */
-    static decrypt<T>(encryptedData: string, key: string, config?: CryptoConfig): T;
-    /**
-     * Generates a secure random key
-     * @param length Length of the key in bytes (default: 32)
-     * @returns A secure random key
-     */
-    static generateKey(length?: number): string;
-    /**
-     * Validates if a string is a valid encrypted data
-     * @param encryptedData The data to validate
-     * @returns true if the data appears to be valid encrypted data
-     */
-    static isValidEncryptedData(encryptedData: string): boolean;
+    static decrypt<T>(encryptedData: string, key: string): T;
     /**
      * Gets default error settings
      */

package/build/_modules/crypto/_collections/crypto.util.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"crypto.util.d.ts","sourceRoot":"","sources":["../../../../src/_modules/crypto/_collections/crypto.util.ts"],"names":[],"mappings":"AAOA~~;;GAEG;AASH;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED~~;;;GAGG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,~~cAAc,CAKpC;IACF,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,~~mBAAmB,CAEY;~~IAMvD;;;OAGG;IACH,OAAO,CAAC,MAAM,CAAC,aAAa;IAkB5B~~;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,~~UAAU~~;~~IAKzB~~;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,~~YAAY~~;~~IAK3B~~;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,~~SAAS~~;~~IAOxB~~;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,~~aAAa~~;~~IAY5B~~;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,~~eAAe~~;~~IA6B9B;;;;;;;OAOG~~;IACH,MAAM,CAAC,OAAO,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,GAAG,EAAE,MAAM,~~EAAE,MAAM,CAAC,EAAE,YAAY,~~GAAG,MAAM;~~IAsCtE;;;;;;;OAOG~~;IACH,MAAM,CAAC,OAAO,CAAC,CAAC,EAAE,aAAa,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,~~EAAE,MAAM,CAAC,EAAE,YAAY,~~GAAG,CAAC;~~IAwD/E;;;;OAIG;IACH,MAAM,CAAC,WAAW,CAAC,MAAM,GAAE,MAAW,GAAG,MAAM;IAI/C;;;;OAIG;IACH,MAAM,CAAC,oBAAoB,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO;IAO3D~~;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,uBAAuB;CAQvC"}
1	+ {"version":3,"file":"crypto.util.d.ts","sourceRoot":"","sources":["../../../../src/_modules/crypto/_collections/crypto.util.ts"],"names":[],"mappings":"AAOA;;;GAGG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,mBAAmB,CAEY;IAEvD;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,WAAW;IAkB1B;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,aAAa;IAY5B;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,eAAe;IA6B9B;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,SAAS;IAIxB;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,qBAAqB;IAKpC;;;;;;OAMG;IACH,MAAM,CAAC,OAAO,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,GAAG,EAAE,MAAM,GAAG,MAAM;IA0C/C;;;;;;OAMG;IACH,MAAM,CAAC,OAAO,CAAC,CAAC,EAAE,aAAa,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,CAAC;IAyDxD;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,uBAAuB;CAQvC"}

package/build/_modules/crypto/_collections/crypto.util.js CHANGED Viewed

@@ -6,63 +6,30 @@ const CryptoJS = tslib_1.__importStar(require("crypto-js"));
 const error_control_model_1 = require("../../../_models/control-models/error.control-model");
 /**
  * A utility class for secure encryption and decryption of data
- * Uses AES-256-CBC with PBKDF2 key derivation
+ * Uses AES-256-CBC with deterministic IV and salt for consistent results
  */
 class DyFM_Crypto {
-    static DEFAULT_CONFIG = {
-        ivLength: 16, // 128 bits
-        saltLength: 16, // 128 bits
-        keyIterations: 10000,
-        keySize: 8 // 256 bits (8 * 32)
-    };
     static defaultErrorUserMsg = `We encountered an unhandled Authentication Error, ` +
         `\nplease contact the responsible development team.`;
-    // Tömör: kb. 60–80 karakteres token, nem 200+
-    // Nem szabványos: nehéz visszafejteni
-    // Használható cookie, header, URL-ben
     /**
-     * Validates the input data and key
-     * @throws {DyFM_Error} if validation fails
+     * Validates the encryption key
      */
-    static validateInput(data, key) {
-        if (!key || typeof key !== 'string' || key.trim().length === 0) {
+    static validateKey(key) {
+        if (!key || typeof key !== 'string') {
             throw new error_control_model_1.DyFM_Error({
-                ...this.getDefaultErrorSettings('validateInput'),
-                errorCode: 'DyFM-CRY-IKY',
-                message: 'Invalid encryption key'
+                status: 401,
+                message: 'Encryption key is required and must be a string',
+                errorCode: 'DyFM-CRY-KEY-REQ'
             });
         }
-        if (data === undefined || data === null) {
+        if (key.trim().length === 0) {
             throw new error_control_model_1.DyFM_Error({
-                ...this.getDefaultErrorSettings('validateInput'),
-                errorCode: 'DyFM-CRY-IDT',
-                message: 'Invalid data to encrypt/decrypt'
+                status: 401,
+                message: 'Encryption key cannot be empty or whitespace-only',
+                errorCode: 'DyFM-CRY-KEY-EMPTY'
             });
         }
     }
-    /**
-     * Generates a deterministic IV based on the input data and key
-     */
-    static generateIV(data, key, config) {
-        const hash = CryptoJS.SHA256(data + key);
-        return CryptoJS.lib.WordArray.create(hash.words.slice(0, config.ivLength / 4));
-    }
-    /**
-     * Generates a deterministic salt based on the input data and key
-     */
-    static generateSalt(data, key, config) {
-        const hash = CryptoJS.SHA256(key + data);
-        return CryptoJS.lib.WordArray.create(hash.words.slice(0, config.saltLength / 4));
-    }
-    /**
-     * Derives a key using PBKDF2
-     */
-    static deriveKey(key, salt, config) {
-        return CryptoJS.PBKDF2(key, salt, {
-            keySize: config.keySize,
-            iterations: config.keyIterations
-        });
-    }
     /**
      * Safely serializes data to JSON
      */
@@ -109,34 +76,51 @@ class DyFM_Crypto {
         }
     }
     /**
-     * Encrypts data using AES-256-CBC
+     * Derives a 256-bit key from the passphrase using SHA256
+     */
+    static deriveKey(key) {
+        return CryptoJS.SHA256(key);
+    }
+    /**
+     * Creates a deterministic IV from the key only
+     */
+    static createDeterministicIV(key) {
+        const hash = CryptoJS.SHA256(key + ':iv');
+        return CryptoJS.lib.WordArray.create(hash.words.slice(0, 4)); // Use first 16 bytes (128 bits)
+    }
+    /**
+     * Encrypts data using AES-256-CBC with deterministic key and IV
      * @param data The data to encrypt
      * @param key The encryption key
-     * @param config Optional configuration
      * @returns URL-safe encrypted string
      * @throws {DyFM_Error} if encryption fails
      */
-    static encrypt(data, key, config) {
+    static encrypt(data, key) {
         try {
-            this.validateInput(data, key);
-            const finalConfig = { ...this.DEFAULT_CONFIG, ...config };
+            // Validate key
+            this.validateKey(key);
+            // Validate data
+            if (data === undefined || data === null) {
+                throw new error_control_model_1.DyFM_Error({
+                    status: 401,
+                    message: 'Data cannot be undefined or null',
+                    errorCode: 'DyFM-CRY-DATA-NULL'
+                });
+            }
             // Convert data to string
             const dataStr = this.safeSerialize(data);
-            // Generate deterministic IV and salt based on data and key
-            const iv = this.generateIV(dataStr, key, finalConfig);
-            const salt = this.generateSalt(dataStr, key, finalConfig);
-            // Derive key using PBKDF2
-            const derivedKey = this.deriveKey(key, salt, finalConfig);
-            // Encrypt the data
-            const encrypted = CryptoJS.AES.encrypt(dataStr, derivedKey, {
+            // Derive key and IV
+            const aesKey = this.deriveKey(key);
+            const iv = this.createDeterministicIV(key);
+            // Encrypt the data with deterministic key and IV
+            const encrypted = CryptoJS.AES.encrypt(dataStr, aesKey, {
                 iv: iv,
                 mode: CryptoJS.mode.CBC,
                 padding: CryptoJS.pad.Pkcs7
             });
-            // Combine IV + Salt + Ciphertext
-            const combined = iv.concat(salt).concat(encrypted.ciphertext);
             // Convert to URL-safe base64
-            return CryptoJS.enc.Base64.stringify(combined)
+            const base64 = encrypted.ciphertext.toString(CryptoJS.enc.Base64);
+            return base64
                 .replace(/\+/g, '-')
                 .replace(/\//g, '_')
                 .replace(/=+$/, '');
@@ -152,39 +136,49 @@ class DyFM_Crypto {
      * Decrypts data that was encrypted using encrypt()
      * @param encryptedData The encrypted data
      * @param key The decryption key
-     * @param config Optional configuration
      * @returns The decrypted data
      * @throws {DyFM_Error} if decryption fails
      */
-    static decrypt(encryptedData, key, config) {
+    static decrypt(encryptedData, key) {
         try {
-            this.validateInput(encryptedData, key);
-            const finalConfig = { ...this.DEFAULT_CONFIG, ...config };
+            // Validate key
+            this.validateKey(key);
+            // Validate encrypted data
+            if (!encryptedData || typeof encryptedData !== 'string') {
+                throw new error_control_model_1.DyFM_Error({
+                    status: 401,
+                    message: 'Encrypted data is required and must be a string',
+                    errorCode: 'DyFM-CRY-DATA-REQ'
+                });
+            }
             // Convert from URL-safe base64
-            const base64 = encryptedData
+            let base64 = encryptedData
                 .replace(/-/g, '+')
                 .replace(/_/g, '/');
-            // Parse the combined data
-            const combined = CryptoJS.enc.Base64.parse(base64);
-            // Validate minimum length (IV + Salt + minimum ciphertext)
-            const minLength = (finalConfig.ivLength + finalConfig.saltLength + 16) / 4; // 16 bytes minimum for ciphertext
-            if (combined.words.length < minLength) {
-                throw new Error('Invalid encrypted data length');
+            // Add padding if needed
+            const padLength = 4 - (base64.length % 4);
+            if (padLength < 4) {
+                base64 += '='.repeat(padLength);
             }
-            // Extract IV, salt, and ciphertext
-            const iv = CryptoJS.lib.WordArray.create(combined.words.slice(0, finalConfig.ivLength / 4));
-            const salt = CryptoJS.lib.WordArray.create(combined.words.slice(finalConfig.ivLength / 4, (finalConfig.ivLength + finalConfig.saltLength) / 4));
-            const ciphertext = CryptoJS.lib.WordArray.create(combined.words.slice((finalConfig.ivLength + finalConfig.saltLength) / 4));
-            // Derive key using PBKDF2
-            const derivedKey = this.deriveKey(key, salt, finalConfig);
+            // Derive key and IV
+            const aesKey = this.deriveKey(key);
+            const iv = this.createDeterministicIV(key);
             // Decrypt the data
-            const decrypted = CryptoJS.AES.decrypt({ ciphertext: ciphertext }, derivedKey, {
+            const encryptedWA = CryptoJS.enc.Base64.parse(base64);
+            const decrypted = CryptoJS.AES.decrypt({ ciphertext: encryptedWA }, aesKey, {
                 iv: iv,
                 mode: CryptoJS.mode.CBC,
                 padding: CryptoJS.pad.Pkcs7
             });
             // Parse JSON
             const decryptedStr = decrypted.toString(CryptoJS.enc.Utf8);
+            if (!decryptedStr) {
+                throw new error_control_model_1.DyFM_Error({
+                    status: 401,
+                    message: 'Failed to decrypt data - invalid key or corrupted data',
+                    errorCode: 'DyFM-CRY-DEC-FAIL'
+                });
+            }
             return this.safeDeserialize(decryptedStr);
         }
         catch (error) {
@@ -194,25 +188,6 @@ class DyFM_Crypto {
             });
         }
     }
-    /**
-     * Generates a secure random key
-     * @param length Length of the key in bytes (default: 32)
-     * @returns A secure random key
-     */
-    static generateKey(length = 32) {
-        return CryptoJS.lib.WordArray.random(length).toString();
-    }
-    /**
-     * Validates if a string is a valid encrypted data
-     * @param encryptedData The data to validate
-     * @returns true if the data appears to be valid encrypted data
-     */
-    static isValidEncryptedData(encryptedData) {
-        if (!encryptedData || typeof encryptedData !== 'string') {
-            return false;
-        }
-        return /^[A-Za-z0-9\-_]+$/.test(encryptedData);
-    }
     /**
      * Gets default error settings
      */