@oino-ts/hashid 0.1.1 → 0.1.3

package/dist/cjs/OINOHashid.js

@@ -5,13 +5,13 @@
  * file, You can obtain one at https://mozilla.org/MPL/2.0/.
  */
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.OINOHashid = void 0;
+exports.OINOHashid = exports.OINOHASHID_MAX_LENGTH = exports.OINOHASHID_MIN_LENGTH = void 0;
 const node_crypto_1 = require("node:crypto");
 const base_x_1 = require("base-x");
-const HASHID_MIN_LENGTH = 12;
-const HASHID_MAX_LENGTH = 40;
-const HASHID_ALPHABET = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
-const hashidEncoder = (0, base_x_1.default)(HASHID_ALPHABET);
+exports.OINOHASHID_MIN_LENGTH = 12;
+exports.OINOHASHID_MAX_LENGTH = 42;
+const OINOHASHID_ALPHABET = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
+const hashidEncoder = (0, base_x_1.default)(OINOHASHID_ALPHABET);
 /**
  * Hashid implementation for OINO API:s for the purpose of making it infeasible to scan
  * through numeric autoinc keys. It's not a solution to keeping the id secret in insecure
@@ -35,10 +35,10 @@ class OINOHashid {
      * @param staticIds whether hash values should remain static per row or random values
      *
      */
-    constructor(key, domainId, minLength = HASHID_MIN_LENGTH, staticIds = false) {
+    constructor(key, domainId, minLength = exports.OINOHASHID_MIN_LENGTH, staticIds = false) {
         this._domainId = domainId;
-        if ((minLength < HASHID_MIN_LENGTH) || (minLength > HASHID_MAX_LENGTH)) {
-            throw Error("OINOHashid minLength needs to be between " + HASHID_MIN_LENGTH + " and " + HASHID_MAX_LENGTH + "!");
+        if ((minLength < exports.OINOHASHID_MIN_LENGTH) || (minLength > exports.OINOHASHID_MAX_LENGTH)) {
+            throw Error("OINOHashid minLength (" + minLength + ")needs to be between " + exports.OINOHASHID_MIN_LENGTH + " and " + exports.OINOHASHID_MAX_LENGTH + "!");
         }
         this._minLength = Math.ceil(minLength / 2);
         if (key.length != 32) {
@@ -59,15 +59,15 @@ class OINOHashid {
         // if seed was given use it for pseudorandom chars, otherwise generate them
         let random_chars = "";
         if (this._staticIds) {
-            const hmac_seed = (0, node_crypto_1.createHmac)('sha1', this._key);
+            const hmac_seed = (0, node_crypto_1.createHmac)('sha256', this._key);
             hmac_seed.update(this._domainId + " " + cellSeed);
-            random_chars = hashidEncoder.encode(hmac_seed.digest()); // hmac_seed.digest('base64url')
+            random_chars = hashidEncoder.encode(hmac_seed.digest());
         }
         else {
             (0, node_crypto_1.randomFillSync)(this._iv, 0, 16);
-            random_chars = hashidEncoder.encode(this._iv); // this._iv.toString('base64url')
+            random_chars = hashidEncoder.encode(this._iv);
         }
-        const hmac = (0, node_crypto_1.createHmac)('sha1', this._key);
+        const hmac = (0, node_crypto_1.createHmac)('sha256', this._key);
         let iv_seed = random_chars.substring(0, this._minLength);
         hmac.update(this._domainId + " " + iv_seed);
         const iv_data = hmac.digest();
@@ -88,7 +88,7 @@ class OINOHashid {
      */
     decode(hashid) {
         // reproduce nonce from seed
-        const hmac = (0, node_crypto_1.createHmac)('sha1', this._key);
+        const hmac = (0, node_crypto_1.createHmac)('sha256', this._key);
         const iv_seed = hashid.substring(0, this._minLength);
         hmac.update(this._domainId + " " + iv_seed);
         const hash = hmac.digest();

package/dist/esm/OINOHashid.js

@@ -5,10 +5,10 @@
  */
 import { createCipheriv, createDecipheriv, createHmac, randomFillSync } from 'node:crypto';
 import basex from 'base-x';
-const HASHID_MIN_LENGTH = 12;
-const HASHID_MAX_LENGTH = 40;
-const HASHID_ALPHABET = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
-const hashidEncoder = basex(HASHID_ALPHABET);
+export const OINOHASHID_MIN_LENGTH = 12;
+export const OINOHASHID_MAX_LENGTH = 42;
+const OINOHASHID_ALPHABET = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
+const hashidEncoder = basex(OINOHASHID_ALPHABET);
 /**
  * Hashid implementation for OINO API:s for the purpose of making it infeasible to scan
  * through numeric autoinc keys. It's not a solution to keeping the id secret in insecure
@@ -32,10 +32,10 @@ export class OINOHashid {
      * @param staticIds whether hash values should remain static per row or random values
      *
      */
-    constructor(key, domainId, minLength = HASHID_MIN_LENGTH, staticIds = false) {
+    constructor(key, domainId, minLength = OINOHASHID_MIN_LENGTH, staticIds = false) {
         this._domainId = domainId;
-        if ((minLength < HASHID_MIN_LENGTH) || (minLength > HASHID_MAX_LENGTH)) {
-            throw Error("OINOHashid minLength needs to be between " + HASHID_MIN_LENGTH + " and " + HASHID_MAX_LENGTH + "!");
+        if ((minLength < OINOHASHID_MIN_LENGTH) || (minLength > OINOHASHID_MAX_LENGTH)) {
+            throw Error("OINOHashid minLength (" + minLength + ")needs to be between " + OINOHASHID_MIN_LENGTH + " and " + OINOHASHID_MAX_LENGTH + "!");
         }
         this._minLength = Math.ceil(minLength / 2);
         if (key.length != 32) {
@@ -56,15 +56,15 @@ export class OINOHashid {
         // if seed was given use it for pseudorandom chars, otherwise generate them
         let random_chars = "";
         if (this._staticIds) {
-            const hmac_seed = createHmac('sha1', this._key);
+            const hmac_seed = createHmac('sha256', this._key);
             hmac_seed.update(this._domainId + " " + cellSeed);
-            random_chars = hashidEncoder.encode(hmac_seed.digest()); // hmac_seed.digest('base64url')
+            random_chars = hashidEncoder.encode(hmac_seed.digest());
         }
         else {
             randomFillSync(this._iv, 0, 16);
-            random_chars = hashidEncoder.encode(this._iv); // this._iv.toString('base64url')
+            random_chars = hashidEncoder.encode(this._iv);
         }
-        const hmac = createHmac('sha1', this._key);
+        const hmac = createHmac('sha256', this._key);
         let iv_seed = random_chars.substring(0, this._minLength);
         hmac.update(this._domainId + " " + iv_seed);
         const iv_data = hmac.digest();
@@ -85,7 +85,7 @@ export class OINOHashid {
      */
     decode(hashid) {
         // reproduce nonce from seed
-        const hmac = createHmac('sha1', this._key);
+        const hmac = createHmac('sha256', this._key);
         const iv_seed = hashid.substring(0, this._minLength);
         hmac.update(this._domainId + " " + iv_seed);
         const hash = hmac.digest();

package/dist/types/OINOHashid.d.ts

@@ -0,0 +1,42 @@
+export declare const OINOHASHID_MIN_LENGTH: number;
+export declare const OINOHASHID_MAX_LENGTH: number;
+/**
+ * Hashid implementation for OINO API:s for the purpose of making it infeasible to scan
+ * through numeric autoinc keys. It's not a solution to keeping the id secret in insecure
+ * channels, just making it hard enough to not iterate through the entire key space. Half
+ * of the the hashid length is nonce and half cryptotext, i.e. 16 char hashid 8 chars of
+ * base64 encoded nonce ~ 6 bytes or 48 bits of entropy.
+ *
+ */
+export declare class OINOHashid {
+    private _key;
+    private _iv;
+    private _domainId;
+    private _minLength;
+    private _staticIds;
+    /**
+     * Hashid constructor
+     *
+     * @param key AES128 key (32 char hex-string)
+     * @param domainId a sufficiently unique domain ID in which row-Id's are unique
+     * @param minLength minimum length of nonce and crypto
+     * @param staticIds whether hash values should remain static per row or random values
+     *
+     */
+    constructor(key: string, domainId: string, minLength?: number, staticIds?: boolean);
+    /**
+     * Encode given id value as a hashid either using random data or given seed value for nonce.
+     *
+     * @param id numeric value
+     * @param cellSeed a sufficiently unique seed for the current cell to keep hashids unique but persistent (e.g. fieldname + primarykey values)
+     *
+     */
+    encode(id: string, cellSeed?: string): string;
+    /**
+     * Decode given hashid.
+     *
+     * @param hashid value
+     *
+     */
+    decode(hashid: string): string;
+}

package/dist/types/index.d.ts

@@ -0,0 +1 @@
+export { OINOHashid } from "./OINOHashid.js";

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@oino-ts/hashid",
-  "version": "0.1.1",
+  "version": "0.1.3",
   "description": "OINO TS package for hashid's.",
   "author": "Matias Kiviniemi (pragmatta)",
   "license": "MPL-2.0",
@@ -18,11 +18,11 @@
   "types": "./dist/types/index.d.ts",
   "dependencies": {
     "@types/node": "^20.12.7",
-    "@oino-ts/common": "0.1.1",
-    "base-x": "5.0.0"
+    "@oino-ts/common": "0.1.3",
+    "base-x": "^5.0.0"
   },
   "devDependencies": {
-    "@oino-ts/types": "0.1.1"
+    "@oino-ts/types": "0.1.3"
   },
   "files": [
     "src/*.ts",

package/src/OINOHashid.test.ts

@@ -6,43 +6,74 @@
 
 import { expect, test } from "bun:test";
 
-import { OINOHashid } from "./OINOHashid";
-import { OINOLog, OINOConsoleLog, OINOLogLevel } from "@oino-ts/log"
+import { OINOHASHID_MAX_LENGTH, OINOHashid } from "./OINOHashid";
+import { OINOLog, OINOConsoleLog, OINOLogLevel } from "@oino-ts/common"
 
 Math.random()
 
 OINOLog.setLogger(new OINOConsoleLog(OINOLogLevel.error))
 
-test("OINOHashId persistent", async () => {
-    for (let j=12; j<=40; j++) {
-        const hashid:OINOHashid = new OINOHashid('c7a87c6a5df870842eb6ef6d7937f0b4', 'OINOHashIdTestApp-persistent', j) 
+function benchmarkOINOHashId(hashid: OINOHashid, id: string, iterations: number = 1000): number {
+    const start = performance.now();
+
+    for (let i = 0; i < iterations; i++) {
+        const h = hashid.encode(id, '');
+        hashid.decode(h)
+    }
+
+    const end = performance.now();
+    const duration = end - start;
+    return Math.round(iterations / duration)
+}   
+
+await test("OINOHashId persistent", async () => {
+
+    let hps_min = Number.MAX_VALUE
+    let hps_max = 0
+    
+    for (let j=12; j<=OINOHASHID_MAX_LENGTH; j++) {
+        const hashid:OINOHashid = new OINOHashid('c7a87c6a5df870842eb6ef6d7937f0b4', 'OINOHashIdTestApp-persistent', j, true) 
         let i:number = 1
         let id:string = ''
         while (i <= j) {
             id += i % 10
             const hashed_id = hashid.encode(id, '')
             const id2 = hashid.decode(hashed_id)
-            // console.log("j: " + j + ", i: " + i + ", id: " + id + ", hashed_id: " + hashed_id + ", id2: " + id2)
+            // console.log("j: " + j + ", i: " + i + ", id: " + id + ", hashed_id: " + hashed_id)
             expect(id).toMatch(id2)
             i++
         }
+        const hps = benchmarkOINOHashId(hashid, id, 4000)
+        hps_min = Math.min(hps, hps_min)
+        hps_max = Math.max(hps, hps_max)
+        expect(hps_min).toBeGreaterThanOrEqual(15)
+        expect(hps_max).toBeLessThanOrEqual(25)
     }
-    
+    console.log("OINOHashId persistent performance: " + hps_min + "k - " + hps_max + "k hashes per second")
 })
     
-test("OINOHashId random", async () => {
-    for (let j=12; j<=40; j++) {
-        const hashid:OINOHashid = new OINOHashid('c7a87c6a5df870842eb6ef6d7937f0b4', 'OINOHashIdTestApp-random', j, true) 
+await test("OINOHashId random", async () => {
+
+    let hps_min = Number.MAX_VALUE
+    let hps_max = 0
+    
+    for (let j=12; j<=OINOHASHID_MAX_LENGTH; j++) {
+        const hashid:OINOHashid = new OINOHashid('c7a87c6a5df870842eb6ef6d7937f0b4', 'OINOHashIdTestApp-random', j, false) 
         let i:number = 1
         let id:string = ''
         while (i <= j) {
             id += i % 10
             const hashed_id = hashid.encode(id, '')
             const id2 = hashid.decode(hashed_id)
-            // console.log("j: " + j + ", i: " + i + ", id: " + id + ", hashed_id: " + hashed_id + ", id2: " + id2)
+            // console.log("j: " + j + ", i: " + i + ", id: " + id + ", hashed_id: " + hashed_id)
             expect(id).toMatch(id2)
             i++
         }
+        const hps = benchmarkOINOHashId(hashid, id, 4000)
+        hps_min = Math.min(hps, hps_min)
+        hps_max = Math.max(hps, hps_max)
     }
-    
+    console.log("OINOHashId random performance: " + hps_min + "k - " + hps_max + "k hashes per second")
 })
+
+

package/src/OINOHashid.ts

@@ -7,10 +7,10 @@
 import { BinaryLike, createCipheriv, createDecipheriv, createHmac, randomFillSync } from 'node:crypto';
 import basex from 'base-x'
 
-const HASHID_MIN_LENGTH:number = 12
-const HASHID_MAX_LENGTH:number = 40
-const HASHID_ALPHABET:string = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'
-const hashidEncoder = basex(HASHID_ALPHABET)
+export const OINOHASHID_MIN_LENGTH:number = 12
+export const OINOHASHID_MAX_LENGTH:number = 42
+const OINOHASHID_ALPHABET:string = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'
+const hashidEncoder = basex(OINOHASHID_ALPHABET)
 
 /**
  * Hashid implementation for OINO API:s for the purpose of making it infeasible to scan 
@@ -37,10 +37,10 @@ export class OINOHashid {
      * @param staticIds whether hash values should remain static per row or random values 
      * 
      */
-    constructor (key: string, domainId:string, minLength:number = HASHID_MIN_LENGTH, staticIds:boolean = false) {
+    constructor (key: string, domainId:string, minLength:number = OINOHASHID_MIN_LENGTH, staticIds:boolean = false) {
         this._domainId = domainId
-        if ((minLength < HASHID_MIN_LENGTH) || (minLength > HASHID_MAX_LENGTH)) {
-            throw Error("OINOHashid minLength needs to be between " + HASHID_MIN_LENGTH + " and " + HASHID_MAX_LENGTH + "!")
+        if ((minLength < OINOHASHID_MIN_LENGTH) || (minLength > OINOHASHID_MAX_LENGTH)) {
+            throw Error("OINOHashid minLength (" + minLength + ")needs to be between " + OINOHASHID_MIN_LENGTH + " and " + OINOHASHID_MAX_LENGTH + "!")
         }
         this._minLength = Math.ceil(minLength/2)
         if (key.length != 32) {
@@ -63,15 +63,15 @@ export class OINOHashid {
         // if seed was given use it for pseudorandom chars, otherwise generate them
         let random_chars:string = ""
         if (this._staticIds) {
-            const hmac_seed = createHmac('sha1', this._key as BinaryLike)
+            const hmac_seed = createHmac('sha256', this._key as BinaryLike)
             hmac_seed.update(this._domainId + " " + cellSeed)
-            random_chars = hashidEncoder.encode(hmac_seed.digest() as Uint8Array) // hmac_seed.digest('base64url')
+            random_chars = hashidEncoder.encode(hmac_seed.digest() as Uint8Array) 
             
         } else {
             randomFillSync(this._iv as Uint8Array, 0, 16)
-            random_chars = hashidEncoder.encode(this._iv as Uint8Array) // this._iv.toString('base64url')
+            random_chars = hashidEncoder.encode(this._iv as Uint8Array) 
         }
-        const hmac = createHmac('sha1', this._key as Uint8Array)
+        const hmac = createHmac('sha256', this._key as Uint8Array)
         let iv_seed:string = random_chars.substring(0, this._minLength)
         hmac.update(this._domainId + " " + iv_seed)
         const iv_data:Buffer = hmac.digest()
@@ -95,7 +95,7 @@ export class OINOHashid {
      */
     decode(hashid:string):string {
         // reproduce nonce from seed
-        const hmac = createHmac('sha1', this._key as Uint8Array)
+        const hmac = createHmac('sha256', this._key as Uint8Array)
         const iv_seed = hashid.substring(0, this._minLength)
         hmac.update(this._domainId + " " + iv_seed)
         const hash:Buffer = hmac.digest()