@hackthedev/dsync-sign 1.0.8 → 1.0.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +112 -0
- package/index.mjs +21 -4
- package/package.json +1 -1
package/README.md
ADDED
|
@@ -0,0 +1,112 @@
|
|
|
1
|
+
# dSyncSign
|
|
2
|
+
|
|
3
|
+
dSyncSign is an additional package that comes with a few helper functions that can enhance the plain dSync package. dSyncSign comes with the following features:
|
|
4
|
+
|
|
5
|
+
- Creation of a private key file and public key
|
|
6
|
+
- Ability to sign strings or json objects, or even nested objects inside a json object
|
|
7
|
+
- Ability to verify signed strings/objects using a known public key
|
|
8
|
+
- Ability to encrypt and decrypt data with a private key or password
|
|
9
|
+
|
|
10
|
+
------
|
|
11
|
+
|
|
12
|
+
## Importing
|
|
13
|
+
|
|
14
|
+
You can import the package with the following line into your code and install it like below
|
|
15
|
+
|
|
16
|
+
```js
|
|
17
|
+
import { dSyncSign } from "@hackthedev/dsync-sign";
|
|
18
|
+
|
|
19
|
+
const signer = new dSyncSign("./mykeys.json"); // optional path for private key file
|
|
20
|
+
```
|
|
21
|
+
|
|
22
|
+
```sh
|
|
23
|
+
npm i @hackthedev/dsync-sign
|
|
24
|
+
```
|
|
25
|
+
|
|
26
|
+
------
|
|
27
|
+
|
|
28
|
+
## Signing & Verifying JSON Objects
|
|
29
|
+
|
|
30
|
+
You can also sign and very JSON objects pretty easily.
|
|
31
|
+
|
|
32
|
+
```js
|
|
33
|
+
const obj = { hello: "world" };
|
|
34
|
+
await signer.signJson(obj);
|
|
35
|
+
console.log("Object with sig", obj);
|
|
36
|
+
|
|
37
|
+
const verified = await signer.verifyJson(obj, await signer.getPublicKey());
|
|
38
|
+
console.log("JSON valid?", verified);
|
|
39
|
+
```
|
|
40
|
+
|
|
41
|
+
Output:
|
|
42
|
+
|
|
43
|
+
```sh
|
|
44
|
+
Object with sig {
|
|
45
|
+
hello: 'world',
|
|
46
|
+
sig: 'W3tGrkWdCT62Zc7eJKM2Pr13CgsQc65diH4N5d0pGasyKEpWQVZG5wz6WhlKoJmYqE8O4OSIcm/WVCBtnZM66zpic0PAtuGaTKt224AO/zDWrQhuCDflvR29OHzeKcnHXNVS924PXK24dA2MiILTYlSbGLguIw0bfIWN1hDeVHYWu3VeDmOSBFUlkaviJzxV/lALRSBySIDd5SFFQQWfk0hLv0Hy8MMHzGQetrs9/l5mBLGU8iSrA85alXFN+OKz0Qo57zgPV5cBCl19LB/ZL0oR+GsQv171Jn04UO8hFUsyJJqI2VnPAw11LgPqwXqHUDuQwdCS7zvTyDmlM7+rvA=='
|
|
47
|
+
}
|
|
48
|
+
JSON valid? true
|
|
49
|
+
```
|
|
50
|
+
|
|
51
|
+
------
|
|
52
|
+
|
|
53
|
+
## Verifying & Signing nested JSON Objects
|
|
54
|
+
|
|
55
|
+
Its also possible to sign nested or specific objects.
|
|
56
|
+
|
|
57
|
+
```js
|
|
58
|
+
const obj = {
|
|
59
|
+
hello: {
|
|
60
|
+
world: "hi"
|
|
61
|
+
},
|
|
62
|
+
bye: {
|
|
63
|
+
crazy: "indeed"
|
|
64
|
+
}
|
|
65
|
+
};
|
|
66
|
+
await signer.signJson(obj.hello);
|
|
67
|
+
console.log("Object with sig", obj);
|
|
68
|
+
|
|
69
|
+
const verified = await signer.verifyJson(obj.hello, await signer.getPublicKey());
|
|
70
|
+
console.log("JSON valid?", verified);
|
|
71
|
+
```
|
|
72
|
+
|
|
73
|
+
Output:
|
|
74
|
+
|
|
75
|
+
```sh
|
|
76
|
+
Object with sig {
|
|
77
|
+
hello: {
|
|
78
|
+
world: 'hi',
|
|
79
|
+
sig: 'qEsJ8O7HVohexEFpvjVljfvSXdPp93DHAcg1PiLxNA0TjE48FdHd11cS5vYJlLPmpPEG/80cqETsHwlCjTiOZI6xC90IxdGTKGttjv1gFYM5bOgQlgcLW83BtlWdC0PES3xU5nEUCiNfXNKSeUT8HJTEsggQ6c17WjMcunZENEWiRqCQNY3ZXzvrqGKrJ/mm9BrRsgaFZMRh5j0eUhT1eJ4pVp6fleTAYIumuagpwG41MR3CG57dImxCoeFAcCDMikJEQKBknmhaDsEa9UFHzl8+hTsroI30ktTK7kOPf4XKbkuNGX+lZZwZPlWkfh/sQLSD59psvJDVvEQTrX1/KQ=='
|
|
80
|
+
},
|
|
81
|
+
bye: { crazy: 'indeed' }
|
|
82
|
+
}
|
|
83
|
+
JSON valid? true
|
|
84
|
+
```
|
|
85
|
+
|
|
86
|
+
------
|
|
87
|
+
|
|
88
|
+
## Encryption & Decryption using password
|
|
89
|
+
|
|
90
|
+
```js
|
|
91
|
+
const secretMsg = "This is some secret text";
|
|
92
|
+
|
|
93
|
+
const envPwd = await signer.encrypt(secretMsg, "somepass1234");
|
|
94
|
+
console.log("Envelope (Password):", envPwd);
|
|
95
|
+
|
|
96
|
+
const decPwd = await signer.decrypt(envPwd, "somepass1234");
|
|
97
|
+
console.log("Decrypted (Password):", decPwd);
|
|
98
|
+
```
|
|
99
|
+
|
|
100
|
+
Output:
|
|
101
|
+
|
|
102
|
+
```sh
|
|
103
|
+
Envelope (Password): {
|
|
104
|
+
method: 'password',
|
|
105
|
+
salt: 'QxGLufg1lXn6boTVHme8+Q==',
|
|
106
|
+
iv: 'yum57MIAZc0hUBLXPd7hxQ==',
|
|
107
|
+
tag: 'jok95AmgKTj0okoLrFeL0A==',
|
|
108
|
+
ciphertext: 'cDz+F+z8i9emqTO5COKOYfnYWxTB4spC'
|
|
109
|
+
}
|
|
110
|
+
Decrypted (Password): This is some secret text
|
|
111
|
+
```
|
|
112
|
+
|
package/index.mjs
CHANGED
|
@@ -52,15 +52,32 @@ export class dSyncSign {
|
|
|
52
52
|
}
|
|
53
53
|
}
|
|
54
54
|
|
|
55
|
-
|
|
55
|
+
async signString(text) {
|
|
56
|
+
const priv = await this.getPrivateKey();
|
|
57
|
+
const signer = crypto.createSign("SHA256");
|
|
58
|
+
signer.update(text, "utf8");
|
|
59
|
+
signer.end();
|
|
60
|
+
return signer.sign(priv, "base64");
|
|
61
|
+
}
|
|
62
|
+
|
|
63
|
+
|
|
64
|
+
verifyString(text, signatureBase64, publicKeyPem) {
|
|
65
|
+
const verifier = crypto.createVerify("SHA256");
|
|
66
|
+
verifier.update(text, "utf8");
|
|
67
|
+
verifier.end();
|
|
68
|
+
return verifier.verify(publicKeyPem, signatureBase64, "base64");
|
|
69
|
+
}
|
|
70
|
+
|
|
71
|
+
|
|
72
|
+
generateGid(publicKey) {
|
|
56
73
|
if (publicKey.length >= 120) {
|
|
57
|
-
return this.
|
|
74
|
+
return this.encodeToBase64(publicKey.substring(80, 120)) // 40 chars
|
|
58
75
|
} else {
|
|
59
|
-
return this.
|
|
76
|
+
return this.encodeToBase64(publicKey.substring(0, publicKey.length))
|
|
60
77
|
}
|
|
61
78
|
}
|
|
62
79
|
|
|
63
|
-
|
|
80
|
+
encodeToBase64(str) {
|
|
64
81
|
return Buffer.from(str, "utf8").toString("base64")
|
|
65
82
|
}
|
|
66
83
|
|