@oino-ts/hashid 0.1.0 → 0.1.2

package/dist/cjs/OINOHashid.js

@@ -5,13 +5,13 @@
  * file, You can obtain one at https://mozilla.org/MPL/2.0/.
  */
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.OINOHashid = void 0;
+exports.OINOHashid = exports.OINOHASHID_MAX_LENGTH = exports.OINOHASHID_MIN_LENGTH = void 0;
 const node_crypto_1 = require("node:crypto");
 const base_x_1 = require("base-x");
-const HASHID_MIN_LENGTH = 12;
-const HASHID_MAX_LENGTH = 40;
-const HASHID_ALPHABET = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
-const hashidEncoder = (0, base_x_1.default)(HASHID_ALPHABET);
+exports.OINOHASHID_MIN_LENGTH = 12;
+exports.OINOHASHID_MAX_LENGTH = 42;
+const OINOHASHID_ALPHABET = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
+const hashidEncoder = (0, base_x_1.default)(OINOHASHID_ALPHABET);
 /**
  * Hashid implementation for OINO API:s for the purpose of making it infeasible to scan
  * through numeric autoinc keys. It's not a solution to keeping the id secret in insecure
@@ -35,10 +35,10 @@ class OINOHashid {
      * @param staticIds whether hash values should remain static per row or random values
      *
      */
-    constructor(key, domainId, minLength = HASHID_MIN_LENGTH, staticIds = false) {
+    constructor(key, domainId, minLength = exports.OINOHASHID_MIN_LENGTH, staticIds = false) {
         this._domainId = domainId;
-        if ((minLength < HASHID_MIN_LENGTH) || (minLength > HASHID_MAX_LENGTH)) {
-            throw Error("OINOHashid minLength needs to be between " + HASHID_MIN_LENGTH + " and " + HASHID_MAX_LENGTH + "!");
+        if ((minLength < exports.OINOHASHID_MIN_LENGTH) || (minLength > exports.OINOHASHID_MAX_LENGTH)) {
+            throw Error("OINOHashid minLength (" + minLength + ")needs to be between " + exports.OINOHASHID_MIN_LENGTH + " and " + exports.OINOHASHID_MAX_LENGTH + "!");
         }
         this._minLength = Math.ceil(minLength / 2);
         if (key.length != 32) {
@@ -59,15 +59,15 @@ class OINOHashid {
         // if seed was given use it for pseudorandom chars, otherwise generate them
         let random_chars = "";
         if (this._staticIds) {
-            const hmac_seed = (0, node_crypto_1.createHmac)('sha1', this._key);
+            const hmac_seed = (0, node_crypto_1.createHmac)('sha256', this._key);
             hmac_seed.update(this._domainId + " " + cellSeed);
-            random_chars = hashidEncoder.encode(hmac_seed.digest()); // hmac_seed.digest('base64url')
+            random_chars = hashidEncoder.encode(hmac_seed.digest());
         }
         else {
             (0, node_crypto_1.randomFillSync)(this._iv, 0, 16);
-            random_chars = hashidEncoder.encode(this._iv); // this._iv.toString('base64url')
+            random_chars = hashidEncoder.encode(this._iv);
         }
-        const hmac = (0, node_crypto_1.createHmac)('sha1', this._key);
+        const hmac = (0, node_crypto_1.createHmac)('sha256', this._key);
         let iv_seed = random_chars.substring(0, this._minLength);
         hmac.update(this._domainId + " " + iv_seed);
         const iv_data = hmac.digest();
@@ -88,7 +88,7 @@ class OINOHashid {
      */
     decode(hashid) {
         // reproduce nonce from seed
-        const hmac = (0, node_crypto_1.createHmac)('sha1', this._key);
+        const hmac = (0, node_crypto_1.createHmac)('sha256', this._key);
         const iv_seed = hashid.substring(0, this._minLength);
         hmac.update(this._domainId + " " + iv_seed);
         const hash = hmac.digest();

package/dist/esm/OINOHashid.js

@@ -5,10 +5,10 @@
  */
 import { createCipheriv, createDecipheriv, createHmac, randomFillSync } from 'node:crypto';
 import basex from 'base-x';
-const HASHID_MIN_LENGTH = 12;
-const HASHID_MAX_LENGTH = 40;
-const HASHID_ALPHABET = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
-const hashidEncoder = basex(HASHID_ALPHABET);
+export const OINOHASHID_MIN_LENGTH = 12;
+export const OINOHASHID_MAX_LENGTH = 42;
+const OINOHASHID_ALPHABET = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
+const hashidEncoder = basex(OINOHASHID_ALPHABET);
 /**
  * Hashid implementation for OINO API:s for the purpose of making it infeasible to scan
  * through numeric autoinc keys. It's not a solution to keeping the id secret in insecure
@@ -32,10 +32,10 @@ export class OINOHashid {
      * @param staticIds whether hash values should remain static per row or random values
      *
      */
-    constructor(key, domainId, minLength = HASHID_MIN_LENGTH, staticIds = false) {
+    constructor(key, domainId, minLength = OINOHASHID_MIN_LENGTH, staticIds = false) {
         this._domainId = domainId;
-        if ((minLength < HASHID_MIN_LENGTH) || (minLength > HASHID_MAX_LENGTH)) {
-            throw Error("OINOHashid minLength needs to be between " + HASHID_MIN_LENGTH + " and " + HASHID_MAX_LENGTH + "!");
+        if ((minLength < OINOHASHID_MIN_LENGTH) || (minLength > OINOHASHID_MAX_LENGTH)) {
+            throw Error("OINOHashid minLength (" + minLength + ")needs to be between " + OINOHASHID_MIN_LENGTH + " and " + OINOHASHID_MAX_LENGTH + "!");
         }
         this._minLength = Math.ceil(minLength / 2);
         if (key.length != 32) {
@@ -56,15 +56,15 @@ export class OINOHashid {
         // if seed was given use it for pseudorandom chars, otherwise generate them
         let random_chars = "";
         if (this._staticIds) {
-            const hmac_seed = createHmac('sha1', this._key);
+            const hmac_seed = createHmac('sha256', this._key);
             hmac_seed.update(this._domainId + " " + cellSeed);
-            random_chars = hashidEncoder.encode(hmac_seed.digest()); // hmac_seed.digest('base64url')
+            random_chars = hashidEncoder.encode(hmac_seed.digest());
         }
         else {
             randomFillSync(this._iv, 0, 16);
-            random_chars = hashidEncoder.encode(this._iv); // this._iv.toString('base64url')
+            random_chars = hashidEncoder.encode(this._iv);
         }
-        const hmac = createHmac('sha1', this._key);
+        const hmac = createHmac('sha256', this._key);
         let iv_seed = random_chars.substring(0, this._minLength);
         hmac.update(this._domainId + " " + iv_seed);
         const iv_data = hmac.digest();
@@ -85,7 +85,7 @@ export class OINOHashid {
      */
     decode(hashid) {
         // reproduce nonce from seed
-        const hmac = createHmac('sha1', this._key);
+        const hmac = createHmac('sha256', this._key);
         const iv_seed = hashid.substring(0, this._minLength);
         hmac.update(this._domainId + " " + iv_seed);
         const hash = hmac.digest();

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@oino-ts/hashid",
-  "version": "0.1.0",
+  "version": "0.1.2",
   "description": "OINO TS package for hashid's.",
   "author": "Matias Kiviniemi (pragmatta)",
   "license": "MPL-2.0",
@@ -18,11 +18,11 @@
   "types": "./dist/types/index.d.ts",
   "dependencies": {
     "@types/node": "^20.12.7",
-    "@oino-ts/common": "0.1.0",
-    "base-x": "5.0.0"
+    "@oino-ts/common": "0.1.2",
+    "base-x": "^5.0.0"
   },
   "devDependencies": {
-    "@oino-ts/types": "0.1.0"
+    "@oino-ts/types": "0.1.2"
   },
   "files": [
     "src/*.ts",

package/src/OINOHashid.test.ts

@@ -6,43 +6,74 @@
 
 import { expect, test } from "bun:test";
 
-import { OINOHashid } from "./OINOHashid";
-import { OINOLog, OINOConsoleLog, OINOLogLevel } from "@oino-ts/log"
+import { OINOHASHID_MAX_LENGTH, OINOHashid } from "./OINOHashid";
+import { OINOLog, OINOConsoleLog, OINOLogLevel } from "@oino-ts/common"
 
 Math.random()
 
 OINOLog.setLogger(new OINOConsoleLog(OINOLogLevel.error))
 
-test("OINOHashId persistent", async () => {
-    for (let j=12; j<=40; j++) {
-        const hashid:OINOHashid = new OINOHashid('c7a87c6a5df870842eb6ef6d7937f0b4', 'OINOHashIdTestApp-persistent', j) 
+function benchmarkOINOHashId(hashid: OINOHashid, id: string, iterations: number = 1000): number {
+    const start = performance.now();
+
+    for (let i = 0; i < iterations; i++) {
+        const h = hashid.encode(id, '');
+        hashid.decode(h)
+    }
+
+    const end = performance.now();
+    const duration = end - start;
+    return Math.round(iterations / duration)
+}   
+
+await test("OINOHashId persistent", async () => {
+
+    let hps_min = Number.MAX_VALUE
+    let hps_max = 0
+    
+    for (let j=12; j<=OINOHASHID_MAX_LENGTH; j++) {
+        const hashid:OINOHashid = new OINOHashid('c7a87c6a5df870842eb6ef6d7937f0b4', 'OINOHashIdTestApp-persistent', j, true) 
         let i:number = 1
         let id:string = ''
         while (i <= j) {
             id += i % 10
             const hashed_id = hashid.encode(id, '')
             const id2 = hashid.decode(hashed_id)
-            // console.log("j: " + j + ", i: " + i + ", id: " + id + ", hashed_id: " + hashed_id + ", id2: " + id2)
+            // console.log("j: " + j + ", i: " + i + ", id: " + id + ", hashed_id: " + hashed_id)
             expect(id).toMatch(id2)
             i++
         }
+        const hps = benchmarkOINOHashId(hashid, id, 4000)
+        hps_min = Math.min(hps, hps_min)
+        hps_max = Math.max(hps, hps_max)
+        expect(hps_min).toBeGreaterThanOrEqual(15)
+        expect(hps_max).toBeLessThanOrEqual(25)
     }
-    
+    console.log("OINOHashId persistent performance: " + hps_min + "k - " + hps_max + "k hashes per second")
 })
     
-test("OINOHashId random", async () => {
-    for (let j=12; j<=40; j++) {
-        const hashid:OINOHashid = new OINOHashid('c7a87c6a5df870842eb6ef6d7937f0b4', 'OINOHashIdTestApp-random', j, true) 
+await test("OINOHashId random", async () => {
+
+    let hps_min = Number.MAX_VALUE
+    let hps_max = 0
+    
+    for (let j=12; j<=OINOHASHID_MAX_LENGTH; j++) {
+        const hashid:OINOHashid = new OINOHashid('c7a87c6a5df870842eb6ef6d7937f0b4', 'OINOHashIdTestApp-random', j, false) 
         let i:number = 1
         let id:string = ''
         while (i <= j) {
             id += i % 10
             const hashed_id = hashid.encode(id, '')
             const id2 = hashid.decode(hashed_id)
-            // console.log("j: " + j + ", i: " + i + ", id: " + id + ", hashed_id: " + hashed_id + ", id2: " + id2)
+            // console.log("j: " + j + ", i: " + i + ", id: " + id + ", hashed_id: " + hashed_id)
             expect(id).toMatch(id2)
             i++
         }
+        const hps = benchmarkOINOHashId(hashid, id, 4000)
+        hps_min = Math.min(hps, hps_min)
+        hps_max = Math.max(hps, hps_max)
     }
-    
+    console.log("OINOHashId random performance: " + hps_min + "k - " + hps_max + "k hashes per second")
 })
+
+

package/src/OINOHashid.ts

@@ -4,13 +4,13 @@
  * file, You can obtain one at https://mozilla.org/MPL/2.0/.
  */
 
-import { createCipheriv, createDecipheriv, createHmac, randomFillSync } from 'node:crypto';
+import { BinaryLike, createCipheriv, createDecipheriv, createHmac, randomFillSync } from 'node:crypto';
 import basex from 'base-x'
 
-const HASHID_MIN_LENGTH:number = 12
-const HASHID_MAX_LENGTH:number = 40
-const HASHID_ALPHABET:string = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'
-const hashidEncoder = basex(HASHID_ALPHABET)
+export const OINOHASHID_MIN_LENGTH:number = 12
+export const OINOHASHID_MAX_LENGTH:number = 42
+const OINOHASHID_ALPHABET:string = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'
+const hashidEncoder = basex(OINOHASHID_ALPHABET)
 
 /**
  * Hashid implementation for OINO API:s for the purpose of making it infeasible to scan 
@@ -37,10 +37,10 @@ export class OINOHashid {
      * @param staticIds whether hash values should remain static per row or random values 
      * 
      */
-    constructor (key: string, domainId:string, minLength:number = HASHID_MIN_LENGTH, staticIds:boolean = false) {
+    constructor (key: string, domainId:string, minLength:number = OINOHASHID_MIN_LENGTH, staticIds:boolean = false) {
         this._domainId = domainId
-        if ((minLength < HASHID_MIN_LENGTH) || (minLength > HASHID_MAX_LENGTH)) {
-            throw Error("OINOHashid minLength needs to be between " + HASHID_MIN_LENGTH + " and " + HASHID_MAX_LENGTH + "!")
+        if ((minLength < OINOHASHID_MIN_LENGTH) || (minLength > OINOHASHID_MAX_LENGTH)) {
+            throw Error("OINOHashid minLength (" + minLength + ")needs to be between " + OINOHASHID_MIN_LENGTH + " and " + OINOHASHID_MAX_LENGTH + "!")
         }
         this._minLength = Math.ceil(minLength/2)
         if (key.length != 32) {
@@ -63,27 +63,27 @@ export class OINOHashid {
         // if seed was given use it for pseudorandom chars, otherwise generate them
         let random_chars:string = ""
         if (this._staticIds) {
-            const hmac_seed = createHmac('sha1', this._key)
+            const hmac_seed = createHmac('sha256', this._key as BinaryLike)
             hmac_seed.update(this._domainId + " " + cellSeed)
-            random_chars = hashidEncoder.encode(hmac_seed.digest()) // hmac_seed.digest('base64url')
+            random_chars = hashidEncoder.encode(hmac_seed.digest() as Uint8Array) 
             
         } else {
-            randomFillSync(this._iv, 0, 16)
-            random_chars = hashidEncoder.encode(this._iv) // this._iv.toString('base64url')
+            randomFillSync(this._iv as Uint8Array, 0, 16)
+            random_chars = hashidEncoder.encode(this._iv as Uint8Array) 
         }
-        const hmac = createHmac('sha1', this._key)
+        const hmac = createHmac('sha256', this._key as Uint8Array)
         let iv_seed:string = random_chars.substring(0, this._minLength)
         hmac.update(this._domainId + " " + iv_seed)
         const iv_data:Buffer = hmac.digest()
-        iv_data.copy(this._iv, 0, 0, 16) 
+        iv_data.copy(this._iv as Uint8Array, 0, 0, 16) 
 
         let plaintext = id.toString()
         if (plaintext.length < this._minLength) {
             plaintext += " " + random_chars.substring(random_chars.length - (this._minLength - plaintext.length - 1))
         }
 
-        const cipher = createCipheriv('aes-128-gcm', this._key, this._iv)
-        const cryptotext = hashidEncoder.encode(cipher.update(plaintext, 'utf8')) + hashidEncoder.encode(cipher.final())
+        const cipher = createCipheriv('aes-128-gcm', this._key as Uint8Array, this._iv as Uint8Array)
+        const cryptotext = hashidEncoder.encode(cipher.update(plaintext, 'utf8') as Uint8Array) + hashidEncoder.encode(cipher.final() as Uint8Array)
         return iv_seed + cryptotext
     }
 
@@ -95,16 +95,16 @@ export class OINOHashid {
      */
     decode(hashid:string):string {
         // reproduce nonce from seed
-        const hmac = createHmac('sha1', this._key)
+        const hmac = createHmac('sha256', this._key as Uint8Array)
         const iv_seed = hashid.substring(0, this._minLength)
         hmac.update(this._domainId + " " + iv_seed)
         const hash:Buffer = hmac.digest()
-        hash.copy(this._iv, 0, 0, 16)
+        hash.copy(this._iv as Uint8Array, 0, 0, 16)
 
         const cryptotext:string = hashid.substring(this._minLength)
         const cryptobytes:Buffer = Buffer.from(hashidEncoder.decode(cryptotext))
-        const decipher = createDecipheriv('aes-128-gcm', this._key, this._iv)
-        const plaintext = decipher.update(cryptobytes, undefined, 'utf8') //, cryptotext, 'base64url', 'utf8') 
+        const decipher = createDecipheriv('aes-128-gcm', this._key as Uint8Array, this._iv as Uint8Array)
+        const plaintext = decipher.update(cryptobytes as Uint8Array, undefined, 'utf8') //, cryptotext, 'base64url', 'utf8') 
         
         return plaintext.split(" ")[0]
     }