@lowerdeck/encryption 1.0.1 → 1.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (12) hide show
  1. package/.claude/settings.local.json +9 -0
  2. package/.turbo/turbo-build.log +8 -8
  3. package/CHANGELOG.md +13 -0
  4. package/dist/crypto.d.ts.map +1 -1
  5. package/dist/index.cjs +1 -1
  6. package/dist/index.cjs.map +1 -1
  7. package/dist/index.module.js +1 -1
  8. package/dist/index.module.js.map +1 -1
  9. package/dist/index.umd.js +1 -1
  10. package/dist/index.umd.js.map +1 -1
  11. package/package.json +2 -1
  12. package/src/crypto.ts +12 -8
package/.claude/settings.local.json ADDED
@@ -0,0 +1,9 @@
1
+ {
2
+ "permissions": {
3
+ "allow": [
4
+ "Bash(npm run build:*)"
5
+ ],
6
+ "deny": [],
7
+ "ask": []
8
+ }
9
+ }
package/.turbo/turbo-build.log CHANGED
@@ -3,11 +3,11 @@
3
3
  No name was provided for external module '@lowerdeck/id' in output.globals – guessing 'id'
4
4
  No name was provided for external module '@lowerdeck/base62' in output.globals – guessing 'base62'
5
5
  Build "@lowerdeck/encryption" to dist:
6
- 878 B: index.cjs.gz
7
- 788 B: index.cjs.br
8
- 730 B: index.module.js.gz
9
- 672 B: index.module.js.br
10
- 849 B: index.module.js.gz
11
- 767 B: index.module.js.br
12
- 964 B: index.umd.js.gz
13
- 862 B: index.umd.js.br
6
+ 911 B: index.cjs.gz
7
+ 829 B: index.cjs.br
8
+ 770 B: index.module.js.gz
9
+ 706 B: index.module.js.br
10
+ 882 B: index.module.js.gz
11
+ 821 B: index.module.js.br
12
+ 995 B: index.umd.js.gz
13
+ 896 B: index.umd.js.br
package/CHANGELOG.md ADDED
@@ -0,0 +1,13 @@
1
+ # @lowerdeck/encryption
2
+
3
+ ## 1.0.3
4
+
5
+ ### Patch Changes
6
+
7
+ - Fix deps
8
+
9
+ ## 1.0.2
10
+
11
+ ### Patch Changes
12
+
13
+ - Fix salts
package/dist/crypto.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"crypto.d.ts","sourceRoot":"","sources":["../src/crypto.ts"],"names":[],"mappings":"AAkEA,eAAO,IAAI,aAAa;0BA5Ca,MAAM,YAAY,MAAM;6BAqBrB,MAAM,YAAY,MAAM;mBAkBtC,MAAM;CAS/B,CAAC"}
1
+ {"version":3,"file":"crypto.d.ts","sourceRoot":"","sources":["../src/crypto.ts"],"names":[],"mappings":"AAsEA,eAAO,IAAI,aAAa;0BA/Ca,MAAM,YAAY,MAAM;6BAuBrB,MAAM,YAAY,MAAM;mBAmBtC,MAAM;CAS/B,CAAC"}
package/dist/index.cjs CHANGED
@@ -1,2 +1,2 @@
1
- var e=require("@lowerdeck/id"),r=require("@lowerdeck/base62");function t(e){return e&&"object"==typeof e&&"default"in e?e:{default:e}}var n=/*#__PURE__*/t(require("base-x")).default("!#$%()*+-.0123456789:;=?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_abcdefghijklmnopqrstuvwxyz{|}~§"),o=new TextEncoder,c=new TextDecoder,i=function(e){return crypto.subtle.importKey("raw",o.encode(e),"PBKDF2",!1,["deriveKey"])},s=function(e,r){return crypto.subtle.deriveKey({name:"PBKDF2",iterations:25e4,hash:"SHA-256"},e,{name:"AES-GCM",length:256},!1,r)},u={encrypt:function(e,r){try{var t=crypto.getRandomValues(new Uint8Array(12));return Promise.resolve(i(r)).then(function(r){return Promise.resolve(s(r,["encrypt"])).then(function(r){return Promise.resolve(crypto.subtle.encrypt({name:"AES-GCM",iv:t},r,o.encode(e))).then(function(e){var r,o=new Uint8Array(e),c=new Uint8Array(t.byteLength+o.byteLength);return c.set(t,0),c.set(o,t.byteLength),n.encode("string"==typeof(r=c)?(new TextEncoder).encode(r):r)})})})}catch(e){return Promise.reject(e)}},decrypt:function(e,r){try{var t=n.decode(e),o=t.slice(0,16),u=t.slice(16);return Promise.resolve(i(r)).then(function(e){return Promise.resolve(s(e,["decrypt"])).then(function(e){return Promise.resolve(crypto.subtle.decrypt({name:"AES-GCM",iv:o},e,u)).then(function(e){return c.decode(e)})})})}catch(e){return Promise.reject(e)}},sha512:function(e){try{return Promise.resolve(crypto.subtle.digest("SHA-512",o.encode(e))).then(function(e){return r.base62.encode(new Uint8Array(e))})}catch(e){return Promise.reject(e)}}};exports.Encryption=/*#__PURE__*/function(){function r(e){this.password=void 0,this.password=e}var t=r.prototype;return t.getPassword=function(e){try{return Promise.resolve(u.sha512(""+e+this.password)).then(function(e){return e.slice(0,50)})}catch(e){return Promise.reject(e)}},t.encrypt=function(r){try{var t=u.encrypt,n=JSON.stringify({id:e.generatePlainId(10),key:r.secret});return Promise.resolve(this.getPassword(r.entityId)).then(function(e){return Promise.resolve(t.call(u,n,e))})}catch(e){return Promise.reject(e)}},t.decrypt=function(e){try{var r=u.decrypt,t=e.encrypted;return Promise.resolve(this.getPassword(e.entityId)).then(function(e){return Promise.resolve(r.call(u,t,e)).then(function(e){return JSON.parse(e).key})})}catch(e){return Promise.reject(e)}},r}();
1
+ var e=require("@lowerdeck/id"),r=require("@lowerdeck/base62");function t(e){return e&&"object"==typeof e&&"default"in e?e:{default:e}}var n=/*#__PURE__*/t(require("base-x")).default("!#$%()*+-.0123456789:;=?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_abcdefghijklmnopqrstuvwxyz{|}~§"),o=new TextEncoder,c=new TextDecoder,i=function(e){return crypto.subtle.importKey("raw",o.encode(e),"PBKDF2",!1,["deriveKey"])},s=function(e,r,t){return crypto.subtle.deriveKey({name:"PBKDF2",salt:r,iterations:25e4,hash:"SHA-256"},e,{name:"AES-GCM",length:256},!1,t)},u={encrypt:function(e,r){try{var t=crypto.getRandomValues(new Uint8Array(16)),c=crypto.getRandomValues(new Uint8Array(12));return Promise.resolve(i(r)).then(function(r){return Promise.resolve(s(r,t,["encrypt"])).then(function(r){return Promise.resolve(crypto.subtle.encrypt({name:"AES-GCM",iv:c},r,o.encode(e))).then(function(e){var r,o=new Uint8Array(e),i=new Uint8Array(t.byteLength+c.byteLength+o.byteLength);return i.set(t,0),i.set(c,t.byteLength),i.set(o,t.byteLength+c.byteLength),n.encode("string"==typeof(r=i)?(new TextEncoder).encode(r):r)})})})}catch(e){return Promise.reject(e)}},decrypt:function(e,r){try{var t=n.decode(e),o=t.slice(0,16),u=t.slice(16,28),a=t.slice(28);return Promise.resolve(i(r)).then(function(e){return Promise.resolve(s(e,o,["decrypt"])).then(function(e){return Promise.resolve(crypto.subtle.decrypt({name:"AES-GCM",iv:u},e,a)).then(function(e){return c.decode(e)})})})}catch(e){return Promise.reject(e)}},sha512:function(e){try{return Promise.resolve(crypto.subtle.digest("SHA-512",o.encode(e))).then(function(e){return r.base62.encode(new Uint8Array(e))})}catch(e){return Promise.reject(e)}}};exports.Encryption=/*#__PURE__*/function(){function r(e){this.password=void 0,this.password=e}var t=r.prototype;return t.getPassword=function(e){try{return Promise.resolve(u.sha512(""+e+this.password)).then(function(e){return e.slice(0,50)})}catch(e){return Promise.reject(e)}},t.encrypt=function(r){try{var t=u.encrypt,n=JSON.stringify({id:e.generatePlainId(10),key:r.secret});return Promise.resolve(this.getPassword(r.entityId)).then(function(e){return Promise.resolve(t.call(u,n,e))})}catch(e){return Promise.reject(e)}},t.decrypt=function(e){try{var r=u.decrypt,t=e.encrypted;return Promise.resolve(this.getPassword(e.entityId)).then(function(e){return Promise.resolve(r.call(u,t,e)).then(function(e){return JSON.parse(e).key})})}catch(e){return Promise.reject(e)}},r}();
2
2
  //# sourceMappingURL=index.cjs.map
package/dist/index.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.cjs","sources":["../src/base86.ts","../src/crypto.ts","../src/index.ts"],"sourcesContent":["import baseX from 'base-x';\n\nlet internal = baseX(\n '!#$%()*+-.0123456789:;=?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_abcdefghijklmnopqrstuvwxyz{|}~§'\n);\n\nexport let base86 = {\n encode: (input: string | Uint8Array) =>\n internal.encode(typeof input == 'string' ? new TextEncoder().encode(input) : input),\n decode: (input: string) => internal.decode(input)\n};\n","import { base62 } from '@lowerdeck/base62';\nimport { base86 } from './base86';\n\nlet enc = new TextEncoder();\nlet dec = new TextDecoder();\n\nlet getPasswordKey = (password: string) =>\n crypto.subtle.importKey('raw', enc.encode(password), 'PBKDF2', false, ['deriveKey']);\n\nlet deriveKey = (passwordKey: CryptoKey, keyUsage: ('encrypt' | 'decrypt')[]) =>\n crypto.subtle.deriveKey(\n {\n name: 'PBKDF2',\n iterations: 250000,\n hash: 'SHA-256'\n },\n passwordKey,\n { name: 'AES-GCM', length: 256 },\n false,\n keyUsage\n );\n\nlet encryptData = async (secretData: string, password: string) => {\n let iv = crypto.getRandomValues(new Uint8Array(12));\n let passwordKey = await getPasswordKey(password);\n let aesKey = await deriveKey(passwordKey, ['encrypt']);\n let encryptedContent = await crypto.subtle.encrypt(\n {\n name: 'AES-GCM',\n iv\n },\n aesKey,\n enc.encode(secretData)\n );\n\n let encryptedContentArr = new Uint8Array(encryptedContent);\n let buff = new Uint8Array(iv.byteLength + encryptedContentArr.byteLength);\n buff.set(iv, 0);\n buff.set(encryptedContentArr, iv.byteLength);\n\n return base86.encode(buff);\n};\n\nlet decryptData = async (encryptedData: string, password: string) => {\n let encryptedDataBuff = base86.decode(encryptedData);\n let iv = encryptedDataBuff.slice(0, 16);\n let data = encryptedDataBuff.slice(16);\n let passwordKey = await getPasswordKey(password);\n let aesKey = await deriveKey(passwordKey, ['decrypt']);\n let decryptedContent = await crypto.subtle.decrypt(\n {\n name: 'AES-GCM',\n iv\n },\n aesKey,\n data\n );\n\n return dec.decode(decryptedContent);\n};\n\nlet sha512 = async (data: string) => {\n let hashBuffer = await crypto.subtle.digest('SHA-512', enc.encode(data));\n return base62.encode(new Uint8Array(hashBuffer));\n};\n\nexport let secretsCrypto = {\n encrypt: encryptData,\n decrypt: decryptData,\n sha512\n};\n","import { generatePlainId } from '@lowerdeck/id';\nimport { secretsCrypto } from './crypto';\n\nexport class Encryption {\n constructor(private readonly password: string) {}\n\n private async getPassword(entityId: string) {\n return (await secretsCrypto.sha512(`${entityId}${this.password!}`)).slice(0, 50);\n }\n\n async encrypt(input: { secret: string; entityId: string }) {\n return await secretsCrypto.encrypt(\n JSON.stringify({\n id: generatePlainId(10),\n key: input.secret\n }),\n await this.getPassword(input.entityId)\n );\n }\n\n async decrypt(info: { encrypted: string; entityId: string }) {\n let content = JSON.parse(\n await secretsCrypto.decrypt(info.encrypted, await this.getPassword(info.entityId))\n );\n\n return content.key;\n }\n}\n"],"names":["internal","baseX","enc","TextEncoder","dec","TextDecoder","getPasswordKey","password","crypto","subtle","importKey","encode","deriveKey","passwordKey","keyUsage","name","iterations","hash","length","secretsCrypto","encrypt","secretData","iv","getRandomValues","Uint8Array","Promise","resolve","then","aesKey","encryptedContent","input","encryptedContentArr","buff","byteLength","set","e","reject","decrypt","encryptedData","encryptedDataBuff","decode","slice","data","decryptedContent","sha512","digest","hashBuffer","base62","Encryption","this","_proto","prototype","getPassword","entityId","_secretsCrypto$sha","_this2","_encrypt","_JSON$stringify","JSON","stringify","id","generatePlainId","key","secret","_this2$getPassword","call","info","_this3","_decrypt","_info$encrypted","encrypted","_this3$getPassword","_secretsCrypto$decryp","parse"],"mappings":"0IAEIA,oCAAWC,QACb,0FCAEC,EAAM,IAAIC,YACVC,EAAM,IAAIC,YAEVC,EAAiB,SAACC,GACpB,OAAAC,OAAOC,OAAOC,UAAU,MAAOR,EAAIS,OAAOJ,GAAW,UAAU,EAAO,CAAC,aAAa,EAElFK,EAAY,SAACC,EAAwBC,UACvCN,OAAOC,OAAOG,UACZ,CACEG,KAAM,SACNC,WAAY,KACZC,KAAM,WAERJ,EACA,CAAEE,KAAM,UAAWG,OAAQ,MAC3B,EACAJ,EACD,EA8CQK,EAAgB,CACzBC,QA7Ca,SAAUC,EAAoBd,GAAgB,IAC3D,IAAIe,EAAKd,OAAOe,gBAAgB,IAAIC,WAAW,KAAK,OAAAC,QAAAC,QAC5BpB,EAAeC,IAASoB,KAAA,SAA5Cd,GAAW,OAAAY,QAAAC,QACId,EAAUC,EAAa,CAAC,aAAWc,KAAA,SAAlDC,GAAM,OAAAH,QAAAC,QACmBlB,OAAOC,OAAOW,QACzC,CACEL,KAAM,UACNO,GAAAA,GAEFM,EACA1B,EAAIS,OAAOU,KACZM,KAAA,SAPGE,GASJ,ID5BSC,EC4BLC,EAAsB,IAAIP,WAAWK,GACrCG,EAAO,IAAIR,WAAWF,EAAGW,WAAaF,EAAoBE,YAI9D,OAHAD,EAAKE,IAAIZ,EAAI,GACbU,EAAKE,IAAIH,EAAqBT,EAAGW,YD9B/BjC,EAASW,OAAuB,iBADzBmB,ECiCYE,IDhCwB,IAAI7B,aAAcQ,OAAOmB,GAASA,ECgCpD,EAAA,EAAA,EAC7B,CAAC,MAAAK,GAAA,OAAAV,QAAAW,OAAAD,EAED,CAAA,EAyBEE,QAzBE,SAAqBC,EAAuB/B,GAAoB,IAClE,IAAIgC,EDnCuBvC,EAASwC,OCmCEF,GAClChB,EAAKiB,EAAkBE,MAAM,EAAG,IAChCC,EAAOH,EAAkBE,MAAM,IAAI,OAAAhB,QAAAC,QACfpB,EAAeC,IAASoB,KAAA,SAA5Cd,GAAW,OAAAY,QAAAC,QACId,EAAUC,EAAa,CAAC,aAAWc,KAAA,SAAlDC,GAAM,OAAAH,QAAAC,QACmBlB,OAAOC,OAAO4B,QACzC,CACEtB,KAAM,UACNO,GAAAA,GAEFM,EACAc,IACDf,KAAA,SAPGgB,GASJ,OAAOvC,EAAIoC,OAAOG,EAAkB,EAAA,EAAA,EACtC,CAAC,MAAAR,GAAA,OAAAV,QAAAW,OAAAD,EAAA,CAAA,EAUCS,OARE,SAAgBF,GAAY,IAAIjB,OAAAA,QAAAC,QACXlB,OAAOC,OAAOoC,OAAO,UAAW3C,EAAIS,OAAO+B,KAAMf,KAAA,SAApEmB,GACJ,OAAOC,EAAMA,OAACpC,OAAO,IAAIa,WAAWsB,GAAa,EACnD,CAAC,MAAAX,GAAA,OAAAV,QAAAW,OAAAD,EAAA,CAAA,mCC5DC,WAAA,SAAAa,EAA6BzC,GAAgB0C,KAAhB1C,cAAA,EAAA0C,KAAQ1C,SAARA,CAAmB,CAAC,IAAA2C,EAAAF,EAAAG,iBAAAD,EAEnCE,YAAA,SAAYC,GAAgB,IACa5B,OAAAA,QAAAC,QAAvCP,EAAcyB,OAAUS,GAAAA,EAAWJ,KAAK1C,WAAYoB,KAAA2B,SAAAA,GAAlE,OAAOA,EAA6Db,MAAM,EAAG,GAAI,EACnF,CAAC,MAAAN,GAAA,OAAAV,QAAAW,OAAAD,EAAA,CAAA,EAAAe,EAEK9B,QAAO,SAACU,GAA2C,IAAAyB,IAM3CC,EALCrC,EAAcC,QAAOqC,EAChCC,KAAKC,UAAU,CACbC,GAAIC,EAAeA,gBAAC,IACpBC,IAAKhC,EAAMiC,SACX,OAAAtC,QAAAC,QACIuB,KAAKG,YAAYtB,EAAMuB,WAAS1B,KAAAqC,SAAAA,GAAAvC,OAAAA,QAAAC,QAAA8B,EAAAS,KAL3B9C,EAAasC,EAAAO,GAO5B,EAAA,CAAC,MAAA7B,GAAAV,OAAAA,QAAAW,OAAAD,EAAAe,CAAAA,EAAAA,EAEKb,QAAA,SAAQ6B,GAA6C,IAAAC,IAEDC,EAAhDjD,EAAckB,QAAOgC,EAACH,EAAKI,UAAS,OAAA7C,QAAAC,QAAQuB,KAAKG,YAAYc,EAAKb,WAAS1B,KAAA4C,SAAAA,GAAA9C,OAAAA,QAAAC,QAAA0C,EAAAH,KAA3E9C,EAAakD,EAAAE,IAAA5C,KAAA,SAAA6C,GAGrB,OAJcd,KAAKe,MAAKD,GAITV,GAAI,EACrB,EAAA,CAAC,MAAA3B,GAAAV,OAAAA,QAAAW,OAAAD,KAAAa,CAAA,CAtBD"}
1
+ {"version":3,"file":"index.cjs","sources":["../src/base86.ts","../src/crypto.ts","../src/index.ts"],"sourcesContent":["import baseX from 'base-x';\n\nlet internal = baseX(\n '!#$%()*+-.0123456789:;=?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_abcdefghijklmnopqrstuvwxyz{|}~§'\n);\n\nexport let base86 = {\n encode: (input: string | Uint8Array) =>\n internal.encode(typeof input == 'string' ? new TextEncoder().encode(input) : input),\n decode: (input: string) => internal.decode(input)\n};\n","import { base62 } from '@lowerdeck/base62';\nimport { base86 } from './base86';\n\nlet enc = new TextEncoder();\nlet dec = new TextDecoder();\n\nlet getPasswordKey = (password: string) =>\n crypto.subtle.importKey('raw', enc.encode(password), 'PBKDF2', false, ['deriveKey']);\n\nlet deriveKey = (passwordKey: CryptoKey, salt: BufferSource, keyUsage: ('encrypt' | 'decrypt')[]) =>\n crypto.subtle.deriveKey(\n {\n name: 'PBKDF2',\n salt: salt,\n iterations: 250000,\n hash: 'SHA-256'\n },\n passwordKey,\n { name: 'AES-GCM', length: 256 },\n false,\n keyUsage\n );\n\nlet encryptData = async (secretData: string, password: string) => {\n let salt = crypto.getRandomValues(new Uint8Array(16));\n let iv = crypto.getRandomValues(new Uint8Array(12));\n let passwordKey = await getPasswordKey(password);\n let aesKey = await deriveKey(passwordKey, salt, ['encrypt']);\n let encryptedContent = await crypto.subtle.encrypt(\n {\n name: 'AES-GCM',\n iv\n },\n aesKey,\n enc.encode(secretData)\n );\n\n let encryptedContentArr = new Uint8Array(encryptedContent);\n let buff = new Uint8Array(salt.byteLength + iv.byteLength + encryptedContentArr.byteLength);\n buff.set(salt, 0);\n buff.set(iv, salt.byteLength);\n buff.set(encryptedContentArr, salt.byteLength + iv.byteLength);\n\n return base86.encode(buff);\n};\n\nlet decryptData = async (encryptedData: string, password: string) => {\n let encryptedDataBuff = base86.decode(encryptedData);\n let salt = encryptedDataBuff.slice(0, 16);\n let iv = encryptedDataBuff.slice(16, 28);\n let data = encryptedDataBuff.slice(28);\n let passwordKey = await getPasswordKey(password);\n let aesKey = await deriveKey(passwordKey, salt, ['decrypt']);\n let decryptedContent = await crypto.subtle.decrypt(\n {\n name: 'AES-GCM',\n iv\n },\n aesKey,\n data\n );\n\n return dec.decode(decryptedContent);\n};\n\nlet sha512 = async (data: string) => {\n let hashBuffer = await crypto.subtle.digest('SHA-512', enc.encode(data));\n return base62.encode(new Uint8Array(hashBuffer));\n};\n\nexport let secretsCrypto = {\n encrypt: encryptData,\n decrypt: decryptData,\n sha512\n};\n","import { generatePlainId } from '@lowerdeck/id';\nimport { secretsCrypto } from './crypto';\n\nexport class Encryption {\n constructor(private readonly password: string) {}\n\n private async getPassword(entityId: string) {\n return (await secretsCrypto.sha512(`${entityId}${this.password!}`)).slice(0, 50);\n }\n\n async encrypt(input: { secret: string; entityId: string }) {\n return await secretsCrypto.encrypt(\n JSON.stringify({\n id: generatePlainId(10),\n key: input.secret\n }),\n await this.getPassword(input.entityId)\n );\n }\n\n async decrypt(info: { encrypted: string; entityId: string }) {\n let content = JSON.parse(\n await secretsCrypto.decrypt(info.encrypted, await this.getPassword(info.entityId))\n );\n\n return content.key;\n }\n}\n"],"names":["internal","baseX","enc","TextEncoder","dec","TextDecoder","getPasswordKey","password","crypto","subtle","importKey","encode","deriveKey","passwordKey","salt","keyUsage","name","iterations","hash","length","secretsCrypto","encrypt","secretData","getRandomValues","Uint8Array","iv","Promise","resolve","then","aesKey","encryptedContent","input","encryptedContentArr","buff","byteLength","set","e","reject","decrypt","encryptedData","encryptedDataBuff","decode","slice","data","decryptedContent","sha512","digest","hashBuffer","base62","Encryption","this","_proto","prototype","getPassword","entityId","_secretsCrypto$sha","_this2","_encrypt","_JSON$stringify","JSON","stringify","id","generatePlainId","key","secret","_this2$getPassword","call","info","_this3","_decrypt","_info$encrypted","encrypted","_this3$getPassword","_secretsCrypto$decryp","parse"],"mappings":"0IAEIA,oCAAWC,QACb,0FCAEC,EAAM,IAAIC,YACVC,EAAM,IAAIC,YAEVC,EAAiB,SAACC,GAAgB,OACpCC,OAAOC,OAAOC,UAAU,MAAOR,EAAIS,OAAOJ,GAAW,UAAU,EAAO,CAAC,aAAa,EAElFK,EAAY,SAACC,EAAwBC,EAAoBC,GAAmC,OAC9FP,OAAOC,OAAOG,UACZ,CACEI,KAAM,SACNF,KAAMA,EACNG,WAAY,KACZC,KAAM,WAERL,EACA,CAAEG,KAAM,UAAWG,OAAQ,MAC3B,EACAJ,EACD,EAiDQK,EAAgB,CACzBC,QAhDa,SAAUC,EAAoBf,GAAoB,IAC/D,IAAIO,EAAON,OAAOe,gBAAgB,IAAIC,WAAW,KAC7CC,EAAKjB,OAAOe,gBAAgB,IAAIC,WAAW,KAAK,OAAAE,QAAAC,QAC5BrB,EAAeC,IAASqB,KAAA,SAA5Cf,GAAW,OAAAa,QAAAC,QACIf,EAAUC,EAAaC,EAAM,CAAC,aAAWc,KAAxDC,SAAAA,GAAMH,OAAAA,QAAAC,QACmBnB,OAAOC,OAAOY,QACzC,CACEL,KAAM,UACNS,GAAAA,GAEFI,EACA3B,EAAIS,OAAOW,KACZM,KAAA,SAPGE,GASJ,ID9BSC,EC8BLC,EAAsB,IAAIR,WAAWM,GACrCG,EAAO,IAAIT,WAAWV,EAAKoB,WAAaT,EAAGS,WAAaF,EAAoBE,YAKhF,OAJAD,EAAKE,IAAIrB,EAAM,GACfmB,EAAKE,IAAIV,EAAIX,EAAKoB,YAClBD,EAAKE,IAAIH,EAAqBlB,EAAKoB,WAAaT,EAAGS,YDjCjDlC,EAASW,OAAuB,iBADzBoB,ECoCYE,IDnCwB,IAAI9B,aAAcQ,OAAOoB,GAASA,ECmCpD,EAAA,EAAA,EAC7B,CAAC,MAAAK,GAAA,OAAAV,QAAAW,OAAAD,EAAA,CAAA,EA4BCE,QA1Ba,SAAUC,EAAuBhC,GAAoB,IAClE,IAAIiC,EDtCuBxC,EAASyC,OCsCEF,GAClCzB,EAAO0B,EAAkBE,MAAM,EAAG,IAClCjB,EAAKe,EAAkBE,MAAM,GAAI,IACjCC,EAAOH,EAAkBE,MAAM,IAAI,OAAAhB,QAAAC,QACfrB,EAAeC,IAASqB,KAA5Cf,SAAAA,GAAWa,OAAAA,QAAAC,QACIf,EAAUC,EAAaC,EAAM,CAAC,aAAWc,KAAxDC,SAAAA,GAAMH,OAAAA,QAAAC,QACmBnB,OAAOC,OAAO6B,QACzC,CACEtB,KAAM,UACNS,GAAAA,GAEFI,EACAc,IACDf,KAPGgB,SAAAA,GASJ,OAAOxC,EAAIqC,OAAOG,EAAkB,EAAA,EAAA,EACtC,CAAC,MAAAR,GAAAV,OAAAA,QAAAW,OAAAD,EAED,CAAA,EAQES,OARE,SAAgBF,GAAgB,IAAA,OAAAjB,QAAAC,QACXnB,OAAOC,OAAOqC,OAAO,UAAW5C,EAAIS,OAAOgC,KAAMf,KAAA,SAApEmB,GACJ,OAAOC,EAAMA,OAACrC,OAAO,IAAIa,WAAWuB,GAAa,EACnD,CAAC,MAAAX,GAAAV,OAAAA,QAAAW,OAAAD,sCChEC,WAAA,SAAAa,EAA6B1C,GAAgB2C,KAAhB3C,cAAA,EAAA2C,KAAQ3C,SAARA,CAAmB,CAAC,IAAA4C,EAAAF,EAAAG,iBAAAD,EAEnCE,YAAA,SAAYC,GAAgB,IACa5B,OAAAA,QAAAC,QAAvCP,EAAcyB,OAAUS,GAAAA,EAAWJ,KAAK3C,WAAYqB,KAAA2B,SAAAA,GAAlE,OAAOA,EAA6Db,MAAM,EAAG,GAAI,EACnF,CAAC,MAAAN,GAAA,OAAAV,QAAAW,OAAAD,EAAA,CAAA,EAAAe,EAEK9B,QAAO,SAACU,GAA2C,IAAAyB,IAM3CC,EALCrC,EAAcC,QAAOqC,EAChCC,KAAKC,UAAU,CACbC,GAAIC,EAAeA,gBAAC,IACpBC,IAAKhC,EAAMiC,SACX,OAAAtC,QAAAC,QACIuB,KAAKG,YAAYtB,EAAMuB,WAAS1B,KAAAqC,SAAAA,GAAAvC,OAAAA,QAAAC,QAAA8B,EAAAS,KAL3B9C,EAAasC,EAAAO,GAO5B,EAAA,CAAC,MAAA7B,GAAAV,OAAAA,QAAAW,OAAAD,EAAAe,CAAAA,EAAAA,EAEKb,QAAA,SAAQ6B,GAA6C,IAAAC,IAEDC,EAAhDjD,EAAckB,QAAOgC,EAACH,EAAKI,UAAS,OAAA7C,QAAAC,QAAQuB,KAAKG,YAAYc,EAAKb,WAAS1B,KAAA4C,SAAAA,GAAA9C,OAAAA,QAAAC,QAAA0C,EAAAH,KAA3E9C,EAAakD,EAAAE,IAAA5C,KAAA,SAAA6C,GAGrB,OAJcd,KAAKe,MAAKD,GAITV,GAAI,EACrB,EAAA,CAAC,MAAA3B,GAAAV,OAAAA,QAAAW,OAAAD,KAAAa,CAAA,CAtBD"}
package/dist/index.module.js CHANGED
@@ -1,2 +1,2 @@
1
- import{generatePlainId as e}from"@lowerdeck/id";import{base62 as r}from"@lowerdeck/base62";import t from"base-x";var n=t("!#$%()*+-.0123456789:;=?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_abcdefghijklmnopqrstuvwxyz{|}~§"),o=new TextEncoder,c=new TextDecoder,i=function(e){return crypto.subtle.importKey("raw",o.encode(e),"PBKDF2",!1,["deriveKey"])},s=function(e,r){return crypto.subtle.deriveKey({name:"PBKDF2",iterations:25e4,hash:"SHA-256"},e,{name:"AES-GCM",length:256},!1,r)},u={encrypt:function(e,r){try{var t=crypto.getRandomValues(new Uint8Array(12));return Promise.resolve(i(r)).then(function(r){return Promise.resolve(s(r,["encrypt"])).then(function(r){return Promise.resolve(crypto.subtle.encrypt({name:"AES-GCM",iv:t},r,o.encode(e))).then(function(e){var r,o=new Uint8Array(e),c=new Uint8Array(t.byteLength+o.byteLength);return c.set(t,0),c.set(o,t.byteLength),n.encode("string"==typeof(r=c)?(new TextEncoder).encode(r):r)})})})}catch(e){return Promise.reject(e)}},decrypt:function(e,r){try{var t=n.decode(e),o=t.slice(0,16),u=t.slice(16);return Promise.resolve(i(r)).then(function(e){return Promise.resolve(s(e,["decrypt"])).then(function(e){return Promise.resolve(crypto.subtle.decrypt({name:"AES-GCM",iv:o},e,u)).then(function(e){return c.decode(e)})})})}catch(e){return Promise.reject(e)}},sha512:function(e){try{return Promise.resolve(crypto.subtle.digest("SHA-512",o.encode(e))).then(function(e){return r.encode(new Uint8Array(e))})}catch(e){return Promise.reject(e)}}},y=/*#__PURE__*/function(){function r(e){this.password=void 0,this.password=e}var t=r.prototype;return t.getPassword=function(e){try{return Promise.resolve(u.sha512(""+e+this.password)).then(function(e){return e.slice(0,50)})}catch(e){return Promise.reject(e)}},t.encrypt=function(r){try{var t=u.encrypt,n=JSON.stringify({id:e(10),key:r.secret});return Promise.resolve(this.getPassword(r.entityId)).then(function(e){return Promise.resolve(t.call(u,n,e))})}catch(e){return Promise.reject(e)}},t.decrypt=function(e){try{var r=u.decrypt,t=e.encrypted;return Promise.resolve(this.getPassword(e.entityId)).then(function(e){return Promise.resolve(r.call(u,t,e)).then(function(e){return JSON.parse(e).key})})}catch(e){return Promise.reject(e)}},r}();export{y as Encryption};
1
+ import{generatePlainId as e}from"@lowerdeck/id";import{base62 as r}from"@lowerdeck/base62";import t from"base-x";var n=t("!#$%()*+-.0123456789:;=?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_abcdefghijklmnopqrstuvwxyz{|}~§"),o=new TextEncoder,c=new TextDecoder,s=function(e){return crypto.subtle.importKey("raw",o.encode(e),"PBKDF2",!1,["deriveKey"])},i=function(e,r,t){return crypto.subtle.deriveKey({name:"PBKDF2",salt:r,iterations:25e4,hash:"SHA-256"},e,{name:"AES-GCM",length:256},!1,t)},u={encrypt:function(e,r){try{var t=crypto.getRandomValues(new Uint8Array(16)),c=crypto.getRandomValues(new Uint8Array(12));return Promise.resolve(s(r)).then(function(r){return Promise.resolve(i(r,t,["encrypt"])).then(function(r){return Promise.resolve(crypto.subtle.encrypt({name:"AES-GCM",iv:c},r,o.encode(e))).then(function(e){var r,o=new Uint8Array(e),s=new Uint8Array(t.byteLength+c.byteLength+o.byteLength);return s.set(t,0),s.set(c,t.byteLength),s.set(o,t.byteLength+c.byteLength),n.encode("string"==typeof(r=s)?(new TextEncoder).encode(r):r)})})})}catch(e){return Promise.reject(e)}},decrypt:function(e,r){try{var t=n.decode(e),o=t.slice(0,16),u=t.slice(16,28),y=t.slice(28);return Promise.resolve(s(r)).then(function(e){return Promise.resolve(i(e,o,["decrypt"])).then(function(e){return Promise.resolve(crypto.subtle.decrypt({name:"AES-GCM",iv:u},e,y)).then(function(e){return c.decode(e)})})})}catch(e){return Promise.reject(e)}},sha512:function(e){try{return Promise.resolve(crypto.subtle.digest("SHA-512",o.encode(e))).then(function(e){return r.encode(new Uint8Array(e))})}catch(e){return Promise.reject(e)}}},y=/*#__PURE__*/function(){function r(e){this.password=void 0,this.password=e}var t=r.prototype;return t.getPassword=function(e){try{return Promise.resolve(u.sha512(""+e+this.password)).then(function(e){return e.slice(0,50)})}catch(e){return Promise.reject(e)}},t.encrypt=function(r){try{var t=u.encrypt,n=JSON.stringify({id:e(10),key:r.secret});return Promise.resolve(this.getPassword(r.entityId)).then(function(e){return Promise.resolve(t.call(u,n,e))})}catch(e){return Promise.reject(e)}},t.decrypt=function(e){try{var r=u.decrypt,t=e.encrypted;return Promise.resolve(this.getPassword(e.entityId)).then(function(e){return Promise.resolve(r.call(u,t,e)).then(function(e){return JSON.parse(e).key})})}catch(e){return Promise.reject(e)}},r}();export{y as Encryption};
2
2
  //# sourceMappingURL=index.module.js.map
package/dist/index.module.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.module.js","sources":["../src/base86.ts","../src/crypto.ts","../src/index.ts"],"sourcesContent":["import baseX from 'base-x';\n\nlet internal = baseX(\n '!#$%()*+-.0123456789:;=?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_abcdefghijklmnopqrstuvwxyz{|}~§'\n);\n\nexport let base86 = {\n encode: (input: string | Uint8Array) =>\n internal.encode(typeof input == 'string' ? new TextEncoder().encode(input) : input),\n decode: (input: string) => internal.decode(input)\n};\n","import { base62 } from '@lowerdeck/base62';\nimport { base86 } from './base86';\n\nlet enc = new TextEncoder();\nlet dec = new TextDecoder();\n\nlet getPasswordKey = (password: string) =>\n crypto.subtle.importKey('raw', enc.encode(password), 'PBKDF2', false, ['deriveKey']);\n\nlet deriveKey = (passwordKey: CryptoKey, keyUsage: ('encrypt' | 'decrypt')[]) =>\n crypto.subtle.deriveKey(\n {\n name: 'PBKDF2',\n iterations: 250000,\n hash: 'SHA-256'\n },\n passwordKey,\n { name: 'AES-GCM', length: 256 },\n false,\n keyUsage\n );\n\nlet encryptData = async (secretData: string, password: string) => {\n let iv = crypto.getRandomValues(new Uint8Array(12));\n let passwordKey = await getPasswordKey(password);\n let aesKey = await deriveKey(passwordKey, ['encrypt']);\n let encryptedContent = await crypto.subtle.encrypt(\n {\n name: 'AES-GCM',\n iv\n },\n aesKey,\n enc.encode(secretData)\n );\n\n let encryptedContentArr = new Uint8Array(encryptedContent);\n let buff = new Uint8Array(iv.byteLength + encryptedContentArr.byteLength);\n buff.set(iv, 0);\n buff.set(encryptedContentArr, iv.byteLength);\n\n return base86.encode(buff);\n};\n\nlet decryptData = async (encryptedData: string, password: string) => {\n let encryptedDataBuff = base86.decode(encryptedData);\n let iv = encryptedDataBuff.slice(0, 16);\n let data = encryptedDataBuff.slice(16);\n let passwordKey = await getPasswordKey(password);\n let aesKey = await deriveKey(passwordKey, ['decrypt']);\n let decryptedContent = await crypto.subtle.decrypt(\n {\n name: 'AES-GCM',\n iv\n },\n aesKey,\n data\n );\n\n return dec.decode(decryptedContent);\n};\n\nlet sha512 = async (data: string) => {\n let hashBuffer = await crypto.subtle.digest('SHA-512', enc.encode(data));\n return base62.encode(new Uint8Array(hashBuffer));\n};\n\nexport let secretsCrypto = {\n encrypt: encryptData,\n decrypt: decryptData,\n sha512\n};\n","import { generatePlainId } from '@lowerdeck/id';\nimport { secretsCrypto } from './crypto';\n\nexport class Encryption {\n constructor(private readonly password: string) {}\n\n private async getPassword(entityId: string) {\n return (await secretsCrypto.sha512(`${entityId}${this.password!}`)).slice(0, 50);\n }\n\n async encrypt(input: { secret: string; entityId: string }) {\n return await secretsCrypto.encrypt(\n JSON.stringify({\n id: generatePlainId(10),\n key: input.secret\n }),\n await this.getPassword(input.entityId)\n );\n }\n\n async decrypt(info: { encrypted: string; entityId: string }) {\n let content = JSON.parse(\n await secretsCrypto.decrypt(info.encrypted, await this.getPassword(info.entityId))\n );\n\n return content.key;\n }\n}\n"],"names":["internal","baseX","enc","TextEncoder","dec","TextDecoder","getPasswordKey","password","crypto","subtle","importKey","encode","deriveKey","passwordKey","keyUsage","name","iterations","hash","length","secretsCrypto","encrypt","secretData","iv","getRandomValues","Uint8Array","Promise","resolve","then","aesKey","encryptedContent","input","encryptedContentArr","buff","byteLength","set","e","reject","decrypt","encryptedData","encryptedDataBuff","decode","slice","data","decryptedContent","sha512","digest","hashBuffer","base62","Encryption","this","_proto","prototype","getPassword","entityId","_secretsCrypto$sha","_this2","_encrypt","_JSON$stringify","JSON","stringify","id","generatePlainId","key","secret","_this2$getPassword","call","info","_this3","_decrypt","_info$encrypted","encrypted","_this3$getPassword","_secretsCrypto$decryp","parse"],"mappings":"iHAEA,IAAIA,EAAWC,EACb,0FCAEC,EAAM,IAAIC,YACVC,EAAM,IAAIC,YAEVC,EAAiB,SAACC,GACpB,OAAAC,OAAOC,OAAOC,UAAU,MAAOR,EAAIS,OAAOJ,GAAW,UAAU,EAAO,CAAC,aAAa,EAElFK,EAAY,SAACC,EAAwBC,UACvCN,OAAOC,OAAOG,UACZ,CACEG,KAAM,SACNC,WAAY,KACZC,KAAM,WAERJ,EACA,CAAEE,KAAM,UAAWG,OAAQ,MAC3B,EACAJ,EACD,EA8CQK,EAAgB,CACzBC,QA7Ca,SAAUC,EAAoBd,GAAgB,IAC3D,IAAIe,EAAKd,OAAOe,gBAAgB,IAAIC,WAAW,KAAK,OAAAC,QAAAC,QAC5BpB,EAAeC,IAASoB,KAAA,SAA5Cd,GAAW,OAAAY,QAAAC,QACId,EAAUC,EAAa,CAAC,aAAWc,KAAA,SAAlDC,GAAM,OAAAH,QAAAC,QACmBlB,OAAOC,OAAOW,QACzC,CACEL,KAAM,UACNO,GAAAA,GAEFM,EACA1B,EAAIS,OAAOU,KACZM,KAAA,SAPGE,GASJ,ID5BSC,EC4BLC,EAAsB,IAAIP,WAAWK,GACrCG,EAAO,IAAIR,WAAWF,EAAGW,WAAaF,EAAoBE,YAI9D,OAHAD,EAAKE,IAAIZ,EAAI,GACbU,EAAKE,IAAIH,EAAqBT,EAAGW,YD9B/BjC,EAASW,OAAuB,iBADzBmB,ECiCYE,IDhCwB,IAAI7B,aAAcQ,OAAOmB,GAASA,ECgCpD,EAAA,EAAA,EAC7B,CAAC,MAAAK,GAAA,OAAAV,QAAAW,OAAAD,EAED,CAAA,EAyBEE,QAzBE,SAAqBC,EAAuB/B,GAAoB,IAClE,IAAIgC,EDnCuBvC,EAASwC,OCmCEF,GAClChB,EAAKiB,EAAkBE,MAAM,EAAG,IAChCC,EAAOH,EAAkBE,MAAM,IAAI,OAAAhB,QAAAC,QACfpB,EAAeC,IAASoB,KAAA,SAA5Cd,GAAW,OAAAY,QAAAC,QACId,EAAUC,EAAa,CAAC,aAAWc,KAAA,SAAlDC,GAAM,OAAAH,QAAAC,QACmBlB,OAAOC,OAAO4B,QACzC,CACEtB,KAAM,UACNO,GAAAA,GAEFM,EACAc,IACDf,KAAA,SAPGgB,GASJ,OAAOvC,EAAIoC,OAAOG,EAAkB,EAAA,EAAA,EACtC,CAAC,MAAAR,GAAA,OAAAV,QAAAW,OAAAD,EAAA,CAAA,EAUCS,OARE,SAAgBF,GAAY,IAAIjB,OAAAA,QAAAC,QACXlB,OAAOC,OAAOoC,OAAO,UAAW3C,EAAIS,OAAO+B,KAAMf,KAAA,SAApEmB,GACJ,OAAOC,EAAOpC,OAAO,IAAIa,WAAWsB,GAAa,EACnD,CAAC,MAAAX,GAAA,OAAAV,QAAAW,OAAAD,EAAA,CAAA,GC7DYa,eACX,WAAA,SAAAA,EAA6BzC,GAAgB0C,KAAhB1C,cAAA,EAAA0C,KAAQ1C,SAARA,CAAmB,CAAC,IAAA2C,EAAAF,EAAAG,iBAAAD,EAEnCE,YAAA,SAAYC,GAAgB,IACa5B,OAAAA,QAAAC,QAAvCP,EAAcyB,OAAUS,GAAAA,EAAWJ,KAAK1C,WAAYoB,KAAA2B,SAAAA,GAAlE,OAAOA,EAA6Db,MAAM,EAAG,GAAI,EACnF,CAAC,MAAAN,GAAA,OAAAV,QAAAW,OAAAD,EAAA,CAAA,EAAAe,EAEK9B,QAAO,SAACU,GAA2C,IAAAyB,IAM3CC,EALCrC,EAAcC,QAAOqC,EAChCC,KAAKC,UAAU,CACbC,GAAIC,EAAgB,IACpBC,IAAKhC,EAAMiC,SACX,OAAAtC,QAAAC,QACIuB,KAAKG,YAAYtB,EAAMuB,WAAS1B,KAAAqC,SAAAA,GAAAvC,OAAAA,QAAAC,QAAA8B,EAAAS,KAL3B9C,EAAasC,EAAAO,GAO5B,EAAA,CAAC,MAAA7B,GAAAV,OAAAA,QAAAW,OAAAD,EAAAe,CAAAA,EAAAA,EAEKb,QAAA,SAAQ6B,GAA6C,IAAAC,IAEDC,EAAhDjD,EAAckB,QAAOgC,EAACH,EAAKI,UAAS,OAAA7C,QAAAC,QAAQuB,KAAKG,YAAYc,EAAKb,WAAS1B,KAAA4C,SAAAA,GAAA9C,OAAAA,QAAAC,QAAA0C,EAAAH,KAA3E9C,EAAakD,EAAAE,IAAA5C,KAAA,SAAA6C,GAGrB,OAJcd,KAAKe,MAAKD,GAITV,GAAI,EACrB,EAAA,CAAC,MAAA3B,GAAAV,OAAAA,QAAAW,OAAAD,KAAAa,CAAA,CAtBD"}
1
+ {"version":3,"file":"index.module.js","sources":["../src/base86.ts","../src/crypto.ts","../src/index.ts"],"sourcesContent":["import baseX from 'base-x';\n\nlet internal = baseX(\n '!#$%()*+-.0123456789:;=?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_abcdefghijklmnopqrstuvwxyz{|}~§'\n);\n\nexport let base86 = {\n encode: (input: string | Uint8Array) =>\n internal.encode(typeof input == 'string' ? new TextEncoder().encode(input) : input),\n decode: (input: string) => internal.decode(input)\n};\n","import { base62 } from '@lowerdeck/base62';\nimport { base86 } from './base86';\n\nlet enc = new TextEncoder();\nlet dec = new TextDecoder();\n\nlet getPasswordKey = (password: string) =>\n crypto.subtle.importKey('raw', enc.encode(password), 'PBKDF2', false, ['deriveKey']);\n\nlet deriveKey = (passwordKey: CryptoKey, salt: BufferSource, keyUsage: ('encrypt' | 'decrypt')[]) =>\n crypto.subtle.deriveKey(\n {\n name: 'PBKDF2',\n salt: salt,\n iterations: 250000,\n hash: 'SHA-256'\n },\n passwordKey,\n { name: 'AES-GCM', length: 256 },\n false,\n keyUsage\n );\n\nlet encryptData = async (secretData: string, password: string) => {\n let salt = crypto.getRandomValues(new Uint8Array(16));\n let iv = crypto.getRandomValues(new Uint8Array(12));\n let passwordKey = await getPasswordKey(password);\n let aesKey = await deriveKey(passwordKey, salt, ['encrypt']);\n let encryptedContent = await crypto.subtle.encrypt(\n {\n name: 'AES-GCM',\n iv\n },\n aesKey,\n enc.encode(secretData)\n );\n\n let encryptedContentArr = new Uint8Array(encryptedContent);\n let buff = new Uint8Array(salt.byteLength + iv.byteLength + encryptedContentArr.byteLength);\n buff.set(salt, 0);\n buff.set(iv, salt.byteLength);\n buff.set(encryptedContentArr, salt.byteLength + iv.byteLength);\n\n return base86.encode(buff);\n};\n\nlet decryptData = async (encryptedData: string, password: string) => {\n let encryptedDataBuff = base86.decode(encryptedData);\n let salt = encryptedDataBuff.slice(0, 16);\n let iv = encryptedDataBuff.slice(16, 28);\n let data = encryptedDataBuff.slice(28);\n let passwordKey = await getPasswordKey(password);\n let aesKey = await deriveKey(passwordKey, salt, ['decrypt']);\n let decryptedContent = await crypto.subtle.decrypt(\n {\n name: 'AES-GCM',\n iv\n },\n aesKey,\n data\n );\n\n return dec.decode(decryptedContent);\n};\n\nlet sha512 = async (data: string) => {\n let hashBuffer = await crypto.subtle.digest('SHA-512', enc.encode(data));\n return base62.encode(new Uint8Array(hashBuffer));\n};\n\nexport let secretsCrypto = {\n encrypt: encryptData,\n decrypt: decryptData,\n sha512\n};\n","import { generatePlainId } from '@lowerdeck/id';\nimport { secretsCrypto } from './crypto';\n\nexport class Encryption {\n constructor(private readonly password: string) {}\n\n private async getPassword(entityId: string) {\n return (await secretsCrypto.sha512(`${entityId}${this.password!}`)).slice(0, 50);\n }\n\n async encrypt(input: { secret: string; entityId: string }) {\n return await secretsCrypto.encrypt(\n JSON.stringify({\n id: generatePlainId(10),\n key: input.secret\n }),\n await this.getPassword(input.entityId)\n );\n }\n\n async decrypt(info: { encrypted: string; entityId: string }) {\n let content = JSON.parse(\n await secretsCrypto.decrypt(info.encrypted, await this.getPassword(info.entityId))\n );\n\n return content.key;\n }\n}\n"],"names":["internal","baseX","enc","TextEncoder","dec","TextDecoder","getPasswordKey","password","crypto","subtle","importKey","encode","deriveKey","passwordKey","salt","keyUsage","name","iterations","hash","length","secretsCrypto","encrypt","secretData","getRandomValues","Uint8Array","iv","Promise","resolve","then","aesKey","encryptedContent","input","encryptedContentArr","buff","byteLength","set","e","reject","decrypt","encryptedData","encryptedDataBuff","decode","slice","data","decryptedContent","sha512","digest","hashBuffer","base62","Encryption","this","_proto","prototype","getPassword","entityId","_secretsCrypto$sha","_this2","_encrypt","_JSON$stringify","JSON","stringify","id","generatePlainId","key","secret","_this2$getPassword","call","info","_this3","_decrypt","_info$encrypted","encrypted","_this3$getPassword","_secretsCrypto$decryp","parse"],"mappings":"iHAEA,IAAIA,EAAWC,EACb,0FCAEC,EAAM,IAAIC,YACVC,EAAM,IAAIC,YAEVC,EAAiB,SAACC,GAAgB,OACpCC,OAAOC,OAAOC,UAAU,MAAOR,EAAIS,OAAOJ,GAAW,UAAU,EAAO,CAAC,aAAa,EAElFK,EAAY,SAACC,EAAwBC,EAAoBC,GAAmC,OAC9FP,OAAOC,OAAOG,UACZ,CACEI,KAAM,SACNF,KAAMA,EACNG,WAAY,KACZC,KAAM,WAERL,EACA,CAAEG,KAAM,UAAWG,OAAQ,MAC3B,EACAJ,EACD,EAiDQK,EAAgB,CACzBC,QAhDa,SAAUC,EAAoBf,GAAoB,IAC/D,IAAIO,EAAON,OAAOe,gBAAgB,IAAIC,WAAW,KAC7CC,EAAKjB,OAAOe,gBAAgB,IAAIC,WAAW,KAAK,OAAAE,QAAAC,QAC5BrB,EAAeC,IAASqB,KAAA,SAA5Cf,GAAW,OAAAa,QAAAC,QACIf,EAAUC,EAAaC,EAAM,CAAC,aAAWc,KAAxDC,SAAAA,GAAMH,OAAAA,QAAAC,QACmBnB,OAAOC,OAAOY,QACzC,CACEL,KAAM,UACNS,GAAAA,GAEFI,EACA3B,EAAIS,OAAOW,KACZM,KAAA,SAPGE,GASJ,ID9BSC,EC8BLC,EAAsB,IAAIR,WAAWM,GACrCG,EAAO,IAAIT,WAAWV,EAAKoB,WAAaT,EAAGS,WAAaF,EAAoBE,YAKhF,OAJAD,EAAKE,IAAIrB,EAAM,GACfmB,EAAKE,IAAIV,EAAIX,EAAKoB,YAClBD,EAAKE,IAAIH,EAAqBlB,EAAKoB,WAAaT,EAAGS,YDjCjDlC,EAASW,OAAuB,iBADzBoB,ECoCYE,IDnCwB,IAAI9B,aAAcQ,OAAOoB,GAASA,ECmCpD,EAAA,EAAA,EAC7B,CAAC,MAAAK,GAAA,OAAAV,QAAAW,OAAAD,EAAA,CAAA,EA4BCE,QA1Ba,SAAUC,EAAuBhC,GAAoB,IAClE,IAAIiC,EDtCuBxC,EAASyC,OCsCEF,GAClCzB,EAAO0B,EAAkBE,MAAM,EAAG,IAClCjB,EAAKe,EAAkBE,MAAM,GAAI,IACjCC,EAAOH,EAAkBE,MAAM,IAAI,OAAAhB,QAAAC,QACfrB,EAAeC,IAASqB,KAA5Cf,SAAAA,GAAWa,OAAAA,QAAAC,QACIf,EAAUC,EAAaC,EAAM,CAAC,aAAWc,KAAxDC,SAAAA,GAAMH,OAAAA,QAAAC,QACmBnB,OAAOC,OAAO6B,QACzC,CACEtB,KAAM,UACNS,GAAAA,GAEFI,EACAc,IACDf,KAPGgB,SAAAA,GASJ,OAAOxC,EAAIqC,OAAOG,EAAkB,EAAA,EAAA,EACtC,CAAC,MAAAR,GAAAV,OAAAA,QAAAW,OAAAD,EAED,CAAA,EAQES,OARE,SAAgBF,GAAgB,IAAA,OAAAjB,QAAAC,QACXnB,OAAOC,OAAOqC,OAAO,UAAW5C,EAAIS,OAAOgC,KAAMf,KAAA,SAApEmB,GACJ,OAAOC,EAAOrC,OAAO,IAAIa,WAAWuB,GAAa,EACnD,CAAC,MAAAX,GAAAV,OAAAA,QAAAW,OAAAD,MCjEYa,eACX,WAAA,SAAAA,EAA6B1C,GAAgB2C,KAAhB3C,cAAA,EAAA2C,KAAQ3C,SAARA,CAAmB,CAAC,IAAA4C,EAAAF,EAAAG,iBAAAD,EAEnCE,YAAA,SAAYC,GAAgB,IACa5B,OAAAA,QAAAC,QAAvCP,EAAcyB,OAAUS,GAAAA,EAAWJ,KAAK3C,WAAYqB,KAAA2B,SAAAA,GAAlE,OAAOA,EAA6Db,MAAM,EAAG,GAAI,EACnF,CAAC,MAAAN,GAAA,OAAAV,QAAAW,OAAAD,EAAA,CAAA,EAAAe,EAEK9B,QAAO,SAACU,GAA2C,IAAAyB,IAM3CC,EALCrC,EAAcC,QAAOqC,EAChCC,KAAKC,UAAU,CACbC,GAAIC,EAAgB,IACpBC,IAAKhC,EAAMiC,SACX,OAAAtC,QAAAC,QACIuB,KAAKG,YAAYtB,EAAMuB,WAAS1B,KAAAqC,SAAAA,GAAAvC,OAAAA,QAAAC,QAAA8B,EAAAS,KAL3B9C,EAAasC,EAAAO,GAO5B,EAAA,CAAC,MAAA7B,GAAAV,OAAAA,QAAAW,OAAAD,EAAAe,CAAAA,EAAAA,EAEKb,QAAA,SAAQ6B,GAA6C,IAAAC,IAEDC,EAAhDjD,EAAckB,QAAOgC,EAACH,EAAKI,UAAS,OAAA7C,QAAAC,QAAQuB,KAAKG,YAAYc,EAAKb,WAAS1B,KAAA4C,SAAAA,GAAA9C,OAAAA,QAAAC,QAAA0C,EAAAH,KAA3E9C,EAAakD,EAAAE,IAAA5C,KAAA,SAAA6C,GAGrB,OAJcd,KAAKe,MAAKD,GAITV,GAAI,EACrB,EAAA,CAAC,MAAA3B,GAAAV,OAAAA,QAAAW,OAAAD,KAAAa,CAAA,CAtBD"}
package/dist/index.umd.js CHANGED
@@ -1,2 +1,2 @@
1
- !function(e,r){"object"==typeof exports&&"undefined"!=typeof module?r(exports,require("@lowerdeck/id"),require("@lowerdeck/base62"),require("base-x")):"function"==typeof define&&define.amd?define(["exports","@lowerdeck/id","@lowerdeck/base62","base-x"],r):r((e||self).encryption={},e.id,e.base62,e.baseX)}(this,function(e,r,t,n){function o(e){return e&&"object"==typeof e&&"default"in e?e:{default:e}}var i=/*#__PURE__*/o(n).default("!#$%()*+-.0123456789:;=?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_abcdefghijklmnopqrstuvwxyz{|}~§"),c=new TextEncoder,s=new TextDecoder,u=function(e){return crypto.subtle.importKey("raw",c.encode(e),"PBKDF2",!1,["deriveKey"])},d=function(e,r){return crypto.subtle.deriveKey({name:"PBKDF2",iterations:25e4,hash:"SHA-256"},e,{name:"AES-GCM",length:256},!1,r)},a={encrypt:function(e,r){try{var t=crypto.getRandomValues(new Uint8Array(12));return Promise.resolve(u(r)).then(function(r){return Promise.resolve(d(r,["encrypt"])).then(function(r){return Promise.resolve(crypto.subtle.encrypt({name:"AES-GCM",iv:t},r,c.encode(e))).then(function(e){var r,n=new Uint8Array(e),o=new Uint8Array(t.byteLength+n.byteLength);return o.set(t,0),o.set(n,t.byteLength),i.encode("string"==typeof(r=o)?(new TextEncoder).encode(r):r)})})})}catch(e){return Promise.reject(e)}},decrypt:function(e,r){try{var t=i.decode(e),n=t.slice(0,16),o=t.slice(16);return Promise.resolve(u(r)).then(function(e){return Promise.resolve(d(e,["decrypt"])).then(function(e){return Promise.resolve(crypto.subtle.decrypt({name:"AES-GCM",iv:n},e,o)).then(function(e){return s.decode(e)})})})}catch(e){return Promise.reject(e)}},sha512:function(e){try{return Promise.resolve(crypto.subtle.digest("SHA-512",c.encode(e))).then(function(e){return t.base62.encode(new Uint8Array(e))})}catch(e){return Promise.reject(e)}}};e.Encryption=/*#__PURE__*/function(){function e(e){this.password=void 0,this.password=e}var t=e.prototype;return t.getPassword=function(e){try{return Promise.resolve(a.sha512(""+e+this.password)).then(function(e){return e.slice(0,50)})}catch(e){return Promise.reject(e)}},t.encrypt=function(e){try{var t=a.encrypt,n=JSON.stringify({id:r.generatePlainId(10),key:e.secret});return Promise.resolve(this.getPassword(e.entityId)).then(function(e){return Promise.resolve(t.call(a,n,e))})}catch(e){return Promise.reject(e)}},t.decrypt=function(e){try{var r=a.decrypt,t=e.encrypted;return Promise.resolve(this.getPassword(e.entityId)).then(function(e){return Promise.resolve(r.call(a,t,e)).then(function(e){return JSON.parse(e).key})})}catch(e){return Promise.reject(e)}},e}()});
1
+ !function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports,require("@lowerdeck/id"),require("@lowerdeck/base62"),require("base-x")):"function"==typeof define&&define.amd?define(["exports","@lowerdeck/id","@lowerdeck/base62","base-x"],t):t((e||self).encryption={},e.id,e.base62,e.baseX)}(this,function(e,t,r,n){function o(e){return e&&"object"==typeof e&&"default"in e?e:{default:e}}var i=/*#__PURE__*/o(n).default("!#$%()*+-.0123456789:;=?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_abcdefghijklmnopqrstuvwxyz{|}~§"),c=new TextEncoder,s=new TextDecoder,u=function(e){return crypto.subtle.importKey("raw",c.encode(e),"PBKDF2",!1,["deriveKey"])},a=function(e,t,r){return crypto.subtle.deriveKey({name:"PBKDF2",salt:t,iterations:25e4,hash:"SHA-256"},e,{name:"AES-GCM",length:256},!1,r)},d={encrypt:function(e,t){try{var r=crypto.getRandomValues(new Uint8Array(16)),n=crypto.getRandomValues(new Uint8Array(12));return Promise.resolve(u(t)).then(function(t){return Promise.resolve(a(t,r,["encrypt"])).then(function(t){return Promise.resolve(crypto.subtle.encrypt({name:"AES-GCM",iv:n},t,c.encode(e))).then(function(e){var t,o=new Uint8Array(e),c=new Uint8Array(r.byteLength+n.byteLength+o.byteLength);return c.set(r,0),c.set(n,r.byteLength),c.set(o,r.byteLength+n.byteLength),i.encode("string"==typeof(t=c)?(new TextEncoder).encode(t):t)})})})}catch(e){return Promise.reject(e)}},decrypt:function(e,t){try{var r=i.decode(e),n=r.slice(0,16),o=r.slice(16,28),c=r.slice(28);return Promise.resolve(u(t)).then(function(e){return Promise.resolve(a(e,n,["decrypt"])).then(function(e){return Promise.resolve(crypto.subtle.decrypt({name:"AES-GCM",iv:o},e,c)).then(function(e){return s.decode(e)})})})}catch(e){return Promise.reject(e)}},sha512:function(e){try{return Promise.resolve(crypto.subtle.digest("SHA-512",c.encode(e))).then(function(e){return r.base62.encode(new Uint8Array(e))})}catch(e){return Promise.reject(e)}}};e.Encryption=/*#__PURE__*/function(){function e(e){this.password=void 0,this.password=e}var r=e.prototype;return r.getPassword=function(e){try{return Promise.resolve(d.sha512(""+e+this.password)).then(function(e){return e.slice(0,50)})}catch(e){return Promise.reject(e)}},r.encrypt=function(e){try{var r=d.encrypt,n=JSON.stringify({id:t.generatePlainId(10),key:e.secret});return Promise.resolve(this.getPassword(e.entityId)).then(function(e){return Promise.resolve(r.call(d,n,e))})}catch(e){return Promise.reject(e)}},r.decrypt=function(e){try{var t=d.decrypt,r=e.encrypted;return Promise.resolve(this.getPassword(e.entityId)).then(function(e){return Promise.resolve(t.call(d,r,e)).then(function(e){return JSON.parse(e).key})})}catch(e){return Promise.reject(e)}},e}()});
2
2
  //# sourceMappingURL=index.umd.js.map
package/dist/index.umd.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.umd.js","sources":["../src/base86.ts","../src/crypto.ts","../src/index.ts"],"sourcesContent":["import baseX from 'base-x';\n\nlet internal = baseX(\n '!#$%()*+-.0123456789:;=?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_abcdefghijklmnopqrstuvwxyz{|}~§'\n);\n\nexport let base86 = {\n encode: (input: string | Uint8Array) =>\n internal.encode(typeof input == 'string' ? new TextEncoder().encode(input) : input),\n decode: (input: string) => internal.decode(input)\n};\n","import { base62 } from '@lowerdeck/base62';\nimport { base86 } from './base86';\n\nlet enc = new TextEncoder();\nlet dec = new TextDecoder();\n\nlet getPasswordKey = (password: string) =>\n crypto.subtle.importKey('raw', enc.encode(password), 'PBKDF2', false, ['deriveKey']);\n\nlet deriveKey = (passwordKey: CryptoKey, keyUsage: ('encrypt' | 'decrypt')[]) =>\n crypto.subtle.deriveKey(\n {\n name: 'PBKDF2',\n iterations: 250000,\n hash: 'SHA-256'\n },\n passwordKey,\n { name: 'AES-GCM', length: 256 },\n false,\n keyUsage\n );\n\nlet encryptData = async (secretData: string, password: string) => {\n let iv = crypto.getRandomValues(new Uint8Array(12));\n let passwordKey = await getPasswordKey(password);\n let aesKey = await deriveKey(passwordKey, ['encrypt']);\n let encryptedContent = await crypto.subtle.encrypt(\n {\n name: 'AES-GCM',\n iv\n },\n aesKey,\n enc.encode(secretData)\n );\n\n let encryptedContentArr = new Uint8Array(encryptedContent);\n let buff = new Uint8Array(iv.byteLength + encryptedContentArr.byteLength);\n buff.set(iv, 0);\n buff.set(encryptedContentArr, iv.byteLength);\n\n return base86.encode(buff);\n};\n\nlet decryptData = async (encryptedData: string, password: string) => {\n let encryptedDataBuff = base86.decode(encryptedData);\n let iv = encryptedDataBuff.slice(0, 16);\n let data = encryptedDataBuff.slice(16);\n let passwordKey = await getPasswordKey(password);\n let aesKey = await deriveKey(passwordKey, ['decrypt']);\n let decryptedContent = await crypto.subtle.decrypt(\n {\n name: 'AES-GCM',\n iv\n },\n aesKey,\n data\n );\n\n return dec.decode(decryptedContent);\n};\n\nlet sha512 = async (data: string) => {\n let hashBuffer = await crypto.subtle.digest('SHA-512', enc.encode(data));\n return base62.encode(new Uint8Array(hashBuffer));\n};\n\nexport let secretsCrypto = {\n encrypt: encryptData,\n decrypt: decryptData,\n sha512\n};\n","import { generatePlainId } from '@lowerdeck/id';\nimport { secretsCrypto } from './crypto';\n\nexport class Encryption {\n constructor(private readonly password: string) {}\n\n private async getPassword(entityId: string) {\n return (await secretsCrypto.sha512(`${entityId}${this.password!}`)).slice(0, 50);\n }\n\n async encrypt(input: { secret: string; entityId: string }) {\n return await secretsCrypto.encrypt(\n JSON.stringify({\n id: generatePlainId(10),\n key: input.secret\n }),\n await this.getPassword(input.entityId)\n );\n }\n\n async decrypt(info: { encrypted: string; entityId: string }) {\n let content = JSON.parse(\n await secretsCrypto.decrypt(info.encrypted, await this.getPassword(info.entityId))\n );\n\n return content.key;\n }\n}\n"],"names":["internal","baseX","enc","TextEncoder","dec","TextDecoder","getPasswordKey","password","crypto","subtle","importKey","encode","deriveKey","passwordKey","keyUsage","name","iterations","hash","length","secretsCrypto","encrypt","secretData","iv","getRandomValues","Uint8Array","Promise","resolve","then","aesKey","encryptedContent","input","encryptedContentArr","buff","byteLength","set","e","reject","decrypt","encryptedData","encryptedDataBuff","decode","slice","data","decryptedContent","sha512","digest","hashBuffer","base62","Encryption","this","_proto","prototype","getPassword","entityId","_secretsCrypto$sha","_this2","_encrypt","_JSON$stringify","JSON","stringify","id","generatePlainId","key","secret","_this2$getPassword","call","info","_this3","_decrypt","_info$encrypted","encrypted","_this3$getPassword","_secretsCrypto$decryp","parse"],"mappings":"icAEIA,oBAAWC,QACb,0FCAEC,EAAM,IAAIC,YACVC,EAAM,IAAIC,YAEVC,EAAiB,SAACC,GACpB,OAAAC,OAAOC,OAAOC,UAAU,MAAOR,EAAIS,OAAOJ,GAAW,UAAU,EAAO,CAAC,aAAa,EAElFK,EAAY,SAACC,EAAwBC,UACvCN,OAAOC,OAAOG,UACZ,CACEG,KAAM,SACNC,WAAY,KACZC,KAAM,WAERJ,EACA,CAAEE,KAAM,UAAWG,OAAQ,MAC3B,EACAJ,EACD,EA8CQK,EAAgB,CACzBC,QA7Ca,SAAUC,EAAoBd,GAAgB,IAC3D,IAAIe,EAAKd,OAAOe,gBAAgB,IAAIC,WAAW,KAAK,OAAAC,QAAAC,QAC5BpB,EAAeC,IAASoB,KAAA,SAA5Cd,GAAW,OAAAY,QAAAC,QACId,EAAUC,EAAa,CAAC,aAAWc,KAAA,SAAlDC,GAAM,OAAAH,QAAAC,QACmBlB,OAAOC,OAAOW,QACzC,CACEL,KAAM,UACNO,GAAAA,GAEFM,EACA1B,EAAIS,OAAOU,KACZM,KAAA,SAPGE,GASJ,ID5BSC,EC4BLC,EAAsB,IAAIP,WAAWK,GACrCG,EAAO,IAAIR,WAAWF,EAAGW,WAAaF,EAAoBE,YAI9D,OAHAD,EAAKE,IAAIZ,EAAI,GACbU,EAAKE,IAAIH,EAAqBT,EAAGW,YD9B/BjC,EAASW,OAAuB,iBADzBmB,ECiCYE,IDhCwB,IAAI7B,aAAcQ,OAAOmB,GAASA,ECgCpD,EAAA,EAAA,EAC7B,CAAC,MAAAK,GAAA,OAAAV,QAAAW,OAAAD,EAED,CAAA,EAyBEE,QAzBE,SAAqBC,EAAuB/B,GAAoB,IAClE,IAAIgC,EDnCuBvC,EAASwC,OCmCEF,GAClChB,EAAKiB,EAAkBE,MAAM,EAAG,IAChCC,EAAOH,EAAkBE,MAAM,IAAI,OAAAhB,QAAAC,QACfpB,EAAeC,IAASoB,KAAA,SAA5Cd,GAAW,OAAAY,QAAAC,QACId,EAAUC,EAAa,CAAC,aAAWc,KAAA,SAAlDC,GAAM,OAAAH,QAAAC,QACmBlB,OAAOC,OAAO4B,QACzC,CACEtB,KAAM,UACNO,GAAAA,GAEFM,EACAc,IACDf,KAAA,SAPGgB,GASJ,OAAOvC,EAAIoC,OAAOG,EAAkB,EAAA,EAAA,EACtC,CAAC,MAAAR,GAAA,OAAAV,QAAAW,OAAAD,EAAA,CAAA,EAUCS,OARE,SAAgBF,GAAY,IAAIjB,OAAAA,QAAAC,QACXlB,OAAOC,OAAOoC,OAAO,UAAW3C,EAAIS,OAAO+B,KAAMf,KAAA,SAApEmB,GACJ,OAAOC,EAAMA,OAACpC,OAAO,IAAIa,WAAWsB,GAAa,EACnD,CAAC,MAAAX,GAAA,OAAAV,QAAAW,OAAAD,EAAA,CAAA,6BC5DC,WAAA,SAAAa,EAA6BzC,GAAgB0C,KAAhB1C,cAAA,EAAA0C,KAAQ1C,SAARA,CAAmB,CAAC,IAAA2C,EAAAF,EAAAG,iBAAAD,EAEnCE,YAAA,SAAYC,GAAgB,IACa5B,OAAAA,QAAAC,QAAvCP,EAAcyB,OAAUS,GAAAA,EAAWJ,KAAK1C,WAAYoB,KAAA2B,SAAAA,GAAlE,OAAOA,EAA6Db,MAAM,EAAG,GAAI,EACnF,CAAC,MAAAN,GAAA,OAAAV,QAAAW,OAAAD,EAAA,CAAA,EAAAe,EAEK9B,QAAO,SAACU,GAA2C,IAAAyB,IAM3CC,EALCrC,EAAcC,QAAOqC,EAChCC,KAAKC,UAAU,CACbC,GAAIC,EAAeA,gBAAC,IACpBC,IAAKhC,EAAMiC,SACX,OAAAtC,QAAAC,QACIuB,KAAKG,YAAYtB,EAAMuB,WAAS1B,KAAAqC,SAAAA,GAAAvC,OAAAA,QAAAC,QAAA8B,EAAAS,KAL3B9C,EAAasC,EAAAO,GAO5B,EAAA,CAAC,MAAA7B,GAAAV,OAAAA,QAAAW,OAAAD,EAAAe,CAAAA,EAAAA,EAEKb,QAAA,SAAQ6B,GAA6C,IAAAC,IAEDC,EAAhDjD,EAAckB,QAAOgC,EAACH,EAAKI,UAAS,OAAA7C,QAAAC,QAAQuB,KAAKG,YAAYc,EAAKb,WAAS1B,KAAA4C,SAAAA,GAAA9C,OAAAA,QAAAC,QAAA0C,EAAAH,KAA3E9C,EAAakD,EAAAE,IAAA5C,KAAA,SAAA6C,GAGrB,OAJcd,KAAKe,MAAKD,GAITV,GAAI,EACrB,EAAA,CAAC,MAAA3B,GAAAV,OAAAA,QAAAW,OAAAD,KAAAa,CAAA,CAtBD"}
1
+ {"version":3,"file":"index.umd.js","sources":["../src/base86.ts","../src/crypto.ts","../src/index.ts"],"sourcesContent":["import baseX from 'base-x';\n\nlet internal = baseX(\n '!#$%()*+-.0123456789:;=?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_abcdefghijklmnopqrstuvwxyz{|}~§'\n);\n\nexport let base86 = {\n encode: (input: string | Uint8Array) =>\n internal.encode(typeof input == 'string' ? new TextEncoder().encode(input) : input),\n decode: (input: string) => internal.decode(input)\n};\n","import { base62 } from '@lowerdeck/base62';\nimport { base86 } from './base86';\n\nlet enc = new TextEncoder();\nlet dec = new TextDecoder();\n\nlet getPasswordKey = (password: string) =>\n crypto.subtle.importKey('raw', enc.encode(password), 'PBKDF2', false, ['deriveKey']);\n\nlet deriveKey = (passwordKey: CryptoKey, salt: BufferSource, keyUsage: ('encrypt' | 'decrypt')[]) =>\n crypto.subtle.deriveKey(\n {\n name: 'PBKDF2',\n salt: salt,\n iterations: 250000,\n hash: 'SHA-256'\n },\n passwordKey,\n { name: 'AES-GCM', length: 256 },\n false,\n keyUsage\n );\n\nlet encryptData = async (secretData: string, password: string) => {\n let salt = crypto.getRandomValues(new Uint8Array(16));\n let iv = crypto.getRandomValues(new Uint8Array(12));\n let passwordKey = await getPasswordKey(password);\n let aesKey = await deriveKey(passwordKey, salt, ['encrypt']);\n let encryptedContent = await crypto.subtle.encrypt(\n {\n name: 'AES-GCM',\n iv\n },\n aesKey,\n enc.encode(secretData)\n );\n\n let encryptedContentArr = new Uint8Array(encryptedContent);\n let buff = new Uint8Array(salt.byteLength + iv.byteLength + encryptedContentArr.byteLength);\n buff.set(salt, 0);\n buff.set(iv, salt.byteLength);\n buff.set(encryptedContentArr, salt.byteLength + iv.byteLength);\n\n return base86.encode(buff);\n};\n\nlet decryptData = async (encryptedData: string, password: string) => {\n let encryptedDataBuff = base86.decode(encryptedData);\n let salt = encryptedDataBuff.slice(0, 16);\n let iv = encryptedDataBuff.slice(16, 28);\n let data = encryptedDataBuff.slice(28);\n let passwordKey = await getPasswordKey(password);\n let aesKey = await deriveKey(passwordKey, salt, ['decrypt']);\n let decryptedContent = await crypto.subtle.decrypt(\n {\n name: 'AES-GCM',\n iv\n },\n aesKey,\n data\n );\n\n return dec.decode(decryptedContent);\n};\n\nlet sha512 = async (data: string) => {\n let hashBuffer = await crypto.subtle.digest('SHA-512', enc.encode(data));\n return base62.encode(new Uint8Array(hashBuffer));\n};\n\nexport let secretsCrypto = {\n encrypt: encryptData,\n decrypt: decryptData,\n sha512\n};\n","import { generatePlainId } from '@lowerdeck/id';\nimport { secretsCrypto } from './crypto';\n\nexport class Encryption {\n constructor(private readonly password: string) {}\n\n private async getPassword(entityId: string) {\n return (await secretsCrypto.sha512(`${entityId}${this.password!}`)).slice(0, 50);\n }\n\n async encrypt(input: { secret: string; entityId: string }) {\n return await secretsCrypto.encrypt(\n JSON.stringify({\n id: generatePlainId(10),\n key: input.secret\n }),\n await this.getPassword(input.entityId)\n );\n }\n\n async decrypt(info: { encrypted: string; entityId: string }) {\n let content = JSON.parse(\n await secretsCrypto.decrypt(info.encrypted, await this.getPassword(info.entityId))\n );\n\n return content.key;\n }\n}\n"],"names":["internal","baseX","enc","TextEncoder","dec","TextDecoder","getPasswordKey","password","crypto","subtle","importKey","encode","deriveKey","passwordKey","salt","keyUsage","name","iterations","hash","length","secretsCrypto","encrypt","secretData","getRandomValues","Uint8Array","iv","Promise","resolve","then","aesKey","encryptedContent","input","encryptedContentArr","buff","byteLength","set","e","reject","decrypt","encryptedData","encryptedDataBuff","decode","slice","data","decryptedContent","sha512","digest","hashBuffer","base62","Encryption","this","_proto","prototype","getPassword","entityId","_secretsCrypto$sha","_this2","_encrypt","_JSON$stringify","JSON","stringify","id","generatePlainId","key","secret","_this2$getPassword","call","info","_this3","_decrypt","_info$encrypted","encrypted","_this3$getPassword","_secretsCrypto$decryp","parse"],"mappings":"icAEIA,oBAAWC,QACb,0FCAEC,EAAM,IAAIC,YACVC,EAAM,IAAIC,YAEVC,EAAiB,SAACC,GAAgB,OACpCC,OAAOC,OAAOC,UAAU,MAAOR,EAAIS,OAAOJ,GAAW,UAAU,EAAO,CAAC,aAAa,EAElFK,EAAY,SAACC,EAAwBC,EAAoBC,GAAmC,OAC9FP,OAAOC,OAAOG,UACZ,CACEI,KAAM,SACNF,KAAMA,EACNG,WAAY,KACZC,KAAM,WAERL,EACA,CAAEG,KAAM,UAAWG,OAAQ,MAC3B,EACAJ,EACD,EAiDQK,EAAgB,CACzBC,QAhDa,SAAUC,EAAoBf,GAAoB,IAC/D,IAAIO,EAAON,OAAOe,gBAAgB,IAAIC,WAAW,KAC7CC,EAAKjB,OAAOe,gBAAgB,IAAIC,WAAW,KAAK,OAAAE,QAAAC,QAC5BrB,EAAeC,IAASqB,KAAA,SAA5Cf,GAAW,OAAAa,QAAAC,QACIf,EAAUC,EAAaC,EAAM,CAAC,aAAWc,KAAxDC,SAAAA,GAAMH,OAAAA,QAAAC,QACmBnB,OAAOC,OAAOY,QACzC,CACEL,KAAM,UACNS,GAAAA,GAEFI,EACA3B,EAAIS,OAAOW,KACZM,KAAA,SAPGE,GASJ,ID9BSC,EC8BLC,EAAsB,IAAIR,WAAWM,GACrCG,EAAO,IAAIT,WAAWV,EAAKoB,WAAaT,EAAGS,WAAaF,EAAoBE,YAKhF,OAJAD,EAAKE,IAAIrB,EAAM,GACfmB,EAAKE,IAAIV,EAAIX,EAAKoB,YAClBD,EAAKE,IAAIH,EAAqBlB,EAAKoB,WAAaT,EAAGS,YDjCjDlC,EAASW,OAAuB,iBADzBoB,ECoCYE,IDnCwB,IAAI9B,aAAcQ,OAAOoB,GAASA,ECmCpD,EAAA,EAAA,EAC7B,CAAC,MAAAK,GAAA,OAAAV,QAAAW,OAAAD,EAAA,CAAA,EA4BCE,QA1Ba,SAAUC,EAAuBhC,GAAoB,IAClE,IAAIiC,EDtCuBxC,EAASyC,OCsCEF,GAClCzB,EAAO0B,EAAkBE,MAAM,EAAG,IAClCjB,EAAKe,EAAkBE,MAAM,GAAI,IACjCC,EAAOH,EAAkBE,MAAM,IAAI,OAAAhB,QAAAC,QACfrB,EAAeC,IAASqB,KAA5Cf,SAAAA,GAAWa,OAAAA,QAAAC,QACIf,EAAUC,EAAaC,EAAM,CAAC,aAAWc,KAAxDC,SAAAA,GAAMH,OAAAA,QAAAC,QACmBnB,OAAOC,OAAO6B,QACzC,CACEtB,KAAM,UACNS,GAAAA,GAEFI,EACAc,IACDf,KAPGgB,SAAAA,GASJ,OAAOxC,EAAIqC,OAAOG,EAAkB,EAAA,EAAA,EACtC,CAAC,MAAAR,GAAAV,OAAAA,QAAAW,OAAAD,EAED,CAAA,EAQES,OARE,SAAgBF,GAAgB,IAAA,OAAAjB,QAAAC,QACXnB,OAAOC,OAAOqC,OAAO,UAAW5C,EAAIS,OAAOgC,KAAMf,KAAA,SAApEmB,GACJ,OAAOC,EAAMA,OAACrC,OAAO,IAAIa,WAAWuB,GAAa,EACnD,CAAC,MAAAX,GAAAV,OAAAA,QAAAW,OAAAD,gCChEC,WAAA,SAAAa,EAA6B1C,GAAgB2C,KAAhB3C,cAAA,EAAA2C,KAAQ3C,SAARA,CAAmB,CAAC,IAAA4C,EAAAF,EAAAG,iBAAAD,EAEnCE,YAAA,SAAYC,GAAgB,IACa5B,OAAAA,QAAAC,QAAvCP,EAAcyB,OAAUS,GAAAA,EAAWJ,KAAK3C,WAAYqB,KAAA2B,SAAAA,GAAlE,OAAOA,EAA6Db,MAAM,EAAG,GAAI,EACnF,CAAC,MAAAN,GAAA,OAAAV,QAAAW,OAAAD,EAAA,CAAA,EAAAe,EAEK9B,QAAO,SAACU,GAA2C,IAAAyB,IAM3CC,EALCrC,EAAcC,QAAOqC,EAChCC,KAAKC,UAAU,CACbC,GAAIC,EAAeA,gBAAC,IACpBC,IAAKhC,EAAMiC,SACX,OAAAtC,QAAAC,QACIuB,KAAKG,YAAYtB,EAAMuB,WAAS1B,KAAAqC,SAAAA,GAAAvC,OAAAA,QAAAC,QAAA8B,EAAAS,KAL3B9C,EAAasC,EAAAO,GAO5B,EAAA,CAAC,MAAA7B,GAAAV,OAAAA,QAAAW,OAAAD,EAAAe,CAAAA,EAAAA,EAEKb,QAAA,SAAQ6B,GAA6C,IAAAC,IAEDC,EAAhDjD,EAAckB,QAAOgC,EAACH,EAAKI,UAAS,OAAA7C,QAAAC,QAAQuB,KAAKG,YAAYc,EAAKb,WAAS1B,KAAA4C,SAAAA,GAAA9C,OAAAA,QAAAC,QAAA0C,EAAAH,KAA3E9C,EAAakD,EAAAE,IAAA5C,KAAA,SAAA6C,GAGrB,OAJcd,KAAKe,MAAKD,GAITV,GAAI,EACrB,EAAA,CAAC,MAAA3B,GAAAV,OAAAA,QAAAW,OAAAD,KAAAa,CAAA,CAtBD"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@lowerdeck/encryption",
3
- "version": "1.0.1",
3
+ "version": "1.0.3",
4
4
  "publishConfig": {
5
5
  "access": "public"
6
6
  },
@@ -30,6 +30,7 @@
30
30
  },
31
31
  "devDependencies": {
32
32
  "@lowerdeck/tsconfig": "^1.0.0",
33
+ "microbundle": "^0.15.1",
33
34
  "typescript": "5.8.2",
34
35
  "vitest": "^3.1.2"
35
36
  }
package/src/crypto.ts CHANGED
@@ -7,10 +7,11 @@ let dec = new TextDecoder();
7
7
  let getPasswordKey = (password: string) =>
8
8
  crypto.subtle.importKey('raw', enc.encode(password), 'PBKDF2', false, ['deriveKey']);
9
9
 
10
- let deriveKey = (passwordKey: CryptoKey, keyUsage: ('encrypt' | 'decrypt')[]) =>
10
+ let deriveKey = (passwordKey: CryptoKey, salt: BufferSource, keyUsage: ('encrypt' | 'decrypt')[]) =>
11
11
  crypto.subtle.deriveKey(
12
12
  {
13
13
  name: 'PBKDF2',
14
+ salt: salt,
14
15
  iterations: 250000,
15
16
  hash: 'SHA-256'
16
17
  },
@@ -21,9 +22,10 @@ let deriveKey = (passwordKey: CryptoKey, keyUsage: ('encrypt' | 'decrypt')[]) =>
21
22
  );
22
23
 
23
24
  let encryptData = async (secretData: string, password: string) => {
25
+ let salt = crypto.getRandomValues(new Uint8Array(16));
24
26
  let iv = crypto.getRandomValues(new Uint8Array(12));
25
27
  let passwordKey = await getPasswordKey(password);
26
- let aesKey = await deriveKey(passwordKey, ['encrypt']);
28
+ let aesKey = await deriveKey(passwordKey, salt, ['encrypt']);
27
29
  let encryptedContent = await crypto.subtle.encrypt(
28
30
  {
29
31
  name: 'AES-GCM',
@@ -34,19 +36,21 @@ let encryptData = async (secretData: string, password: string) => {
34
36
  );
35
37
 
36
38
  let encryptedContentArr = new Uint8Array(encryptedContent);
37
- let buff = new Uint8Array(iv.byteLength + encryptedContentArr.byteLength);
38
- buff.set(iv, 0);
39
- buff.set(encryptedContentArr, iv.byteLength);
39
+ let buff = new Uint8Array(salt.byteLength + iv.byteLength + encryptedContentArr.byteLength);
40
+ buff.set(salt, 0);
41
+ buff.set(iv, salt.byteLength);
42
+ buff.set(encryptedContentArr, salt.byteLength + iv.byteLength);
40
43
 
41
44
  return base86.encode(buff);
42
45
  };
43
46
 
44
47
  let decryptData = async (encryptedData: string, password: string) => {
45
48
  let encryptedDataBuff = base86.decode(encryptedData);
46
- let iv = encryptedDataBuff.slice(0, 16);
47
- let data = encryptedDataBuff.slice(16);
49
+ let salt = encryptedDataBuff.slice(0, 16);
50
+ let iv = encryptedDataBuff.slice(16, 28);
51
+ let data = encryptedDataBuff.slice(28);
48
52
  let passwordKey = await getPasswordKey(password);
49
- let aesKey = await deriveKey(passwordKey, ['decrypt']);
53
+ let aesKey = await deriveKey(passwordKey, salt, ['decrypt']);
50
54
  let decryptedContent = await crypto.subtle.decrypt(
51
55
  {
52
56
  name: 'AES-GCM',