@rog0x/mcp-crypto-tools 1.0.0

package/dist/tools/hash.js

@@ -0,0 +1,74 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.hashText = hashText;
+exports.hmacText = hmacText;
+exports.compareHashes = compareHashes;
+exports.hashMultiple = hashMultiple;
+const node_crypto_1 = __importDefault(require("node:crypto"));
+const SUPPORTED_ALGORITHMS = ["md5", "sha1", "sha256", "sha512"];
+function normalizeAlgorithm(input) {
+    const normalized = input.toLowerCase().replace(/-/g, "").replace("sha_", "sha");
+    const map = {
+        md5: "md5",
+        sha1: "sha1",
+        sha256: "sha256",
+        sha512: "sha512",
+    };
+    const result = map[normalized];
+    if (!result) {
+        throw new Error(`Unsupported algorithm: "${input}". Supported: ${SUPPORTED_ALGORITHMS.join(", ")}`);
+    }
+    return result;
+}
+function getCryptoName(algo) {
+    const map = {
+        md5: "md5",
+        sha1: "sha1",
+        sha256: "sha256",
+        sha512: "sha512",
+    };
+    return map[algo];
+}
+function hashText(text, algorithm, encoding = "hex") {
+    const algo = normalizeAlgorithm(algorithm);
+    const hash = node_crypto_1.default.createHash(getCryptoName(algo)).update(text, "utf-8").digest(encoding);
+    return {
+        algorithm: algo,
+        hash,
+        encoding,
+        input_length: text.length,
+    };
+}
+function hmacText(text, key, algorithm, encoding = "hex") {
+    const algo = normalizeAlgorithm(algorithm);
+    const hmac = node_crypto_1.default.createHmac(getCryptoName(algo), key).update(text, "utf-8").digest(encoding);
+    return {
+        algorithm: algo,
+        hmac,
+        encoding,
+        input_length: text.length,
+    };
+}
+function compareHashes(hash1, hash2) {
+    const a = hash1.toLowerCase().trim();
+    const b = hash2.toLowerCase().trim();
+    let match;
+    try {
+        match = node_crypto_1.default.timingSafeEqual(Buffer.from(a, "utf-8"), Buffer.from(b, "utf-8"));
+    }
+    catch {
+        match = false;
+    }
+    return { match, hash1: a, hash2: b };
+}
+function hashMultiple(text, encoding = "hex") {
+    const result = {};
+    for (const algo of SUPPORTED_ALGORITHMS) {
+        result[algo] = node_crypto_1.default.createHash(getCryptoName(algo)).update(text, "utf-8").digest(encoding);
+    }
+    return result;
+}
+//# sourceMappingURL=hash.js.map

package/dist/tools/jwt-tools.d.ts

@@ -0,0 +1,26 @@
+interface JWTDecodeResult {
+    header: Record<string, unknown>;
+    payload: Record<string, unknown>;
+    signature: string;
+    is_expired: boolean | null;
+    expires_at: string | null;
+    issued_at: string | null;
+    not_before: string | null;
+    time_until_expiry: string | null;
+    warnings: string[];
+}
+export declare function decodeJWT(token: string): JWTDecodeResult;
+export declare function checkJWTExpiry(token: string): {
+    is_expired: boolean | null;
+    expires_at: string | null;
+    time_until_expiry: string | null;
+    issued_at: string | null;
+};
+export declare function createUnsignedJWT(payload: Record<string, unknown>, expiresInSeconds?: number): {
+    token: string;
+    header: Record<string, unknown>;
+    payload: Record<string, unknown>;
+    warning: string;
+};
+export {};
+//# sourceMappingURL=jwt-tools.d.ts.map

package/dist/tools/jwt-tools.js

@@ -0,0 +1,135 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.decodeJWT = decodeJWT;
+exports.checkJWTExpiry = checkJWTExpiry;
+exports.createUnsignedJWT = createUnsignedJWT;
+function base64UrlDecode(input) {
+    let base64 = input.replace(/-/g, "+").replace(/_/g, "/");
+    while (base64.length % 4 !== 0) {
+        base64 += "=";
+    }
+    return Buffer.from(base64, "base64").toString("utf-8");
+}
+function base64UrlEncode(input) {
+    return Buffer.from(input, "utf-8")
+        .toString("base64")
+        .replace(/\+/g, "-")
+        .replace(/\//g, "_")
+        .replace(/=+$/, "");
+}
+function decodeJWT(token) {
+    const parts = token.trim().split(".");
+    if (parts.length !== 3) {
+        throw new Error(`Invalid JWT: expected 3 parts separated by dots, got ${parts.length}`);
+    }
+    let header;
+    let payload;
+    try {
+        header = JSON.parse(base64UrlDecode(parts[0]));
+    }
+    catch {
+        throw new Error("Invalid JWT: could not decode header as JSON");
+    }
+    try {
+        payload = JSON.parse(base64UrlDecode(parts[1]));
+    }
+    catch {
+        throw new Error("Invalid JWT: could not decode payload as JSON");
+    }
+    const signature = parts[2];
+    const warnings = [];
+    // Check expiry
+    let isExpired = null;
+    let expiresAt = null;
+    let timeUntilExpiry = null;
+    if (typeof payload.exp === "number") {
+        const expDate = new Date(payload.exp * 1000);
+        expiresAt = expDate.toISOString();
+        const now = Date.now();
+        const diff = payload.exp * 1000 - now;
+        isExpired = diff < 0;
+        if (isExpired) {
+            const ago = Math.abs(diff);
+            timeUntilExpiry = `-${formatDuration(ago)} (expired)`;
+            warnings.push("Token is expired");
+        }
+        else {
+            timeUntilExpiry = formatDuration(diff);
+        }
+    }
+    else {
+        warnings.push("No expiration claim (exp) found");
+    }
+    let issuedAt = null;
+    if (typeof payload.iat === "number") {
+        issuedAt = new Date(payload.iat * 1000).toISOString();
+    }
+    let notBefore = null;
+    if (typeof payload.nbf === "number") {
+        const nbfDate = new Date(payload.nbf * 1000);
+        notBefore = nbfDate.toISOString();
+        if (nbfDate.getTime() > Date.now()) {
+            warnings.push("Token is not yet valid (nbf is in the future)");
+        }
+    }
+    if (header.alg === "none") {
+        warnings.push("Token uses 'none' algorithm - unsigned and insecure");
+    }
+    if (signature.length === 0) {
+        warnings.push("Token has an empty signature");
+    }
+    return {
+        header,
+        payload,
+        signature,
+        is_expired: isExpired,
+        expires_at: expiresAt,
+        issued_at: issuedAt,
+        not_before: notBefore,
+        time_until_expiry: timeUntilExpiry,
+        warnings,
+    };
+}
+function checkJWTExpiry(token) {
+    const decoded = decodeJWT(token);
+    return {
+        is_expired: decoded.is_expired,
+        expires_at: decoded.expires_at,
+        time_until_expiry: decoded.time_until_expiry,
+        issued_at: decoded.issued_at,
+    };
+}
+function createUnsignedJWT(payload, expiresInSeconds) {
+    const header = { alg: "none", typ: "JWT" };
+    const now = Math.floor(Date.now() / 1000);
+    const fullPayload = {
+        iat: now,
+        ...payload,
+    };
+    if (expiresInSeconds !== undefined && expiresInSeconds > 0) {
+        fullPayload.exp = now + expiresInSeconds;
+    }
+    const headerB64 = base64UrlEncode(JSON.stringify(header));
+    const payloadB64 = base64UrlEncode(JSON.stringify(fullPayload));
+    const token = `${headerB64}.${payloadB64}.`;
+    return {
+        token,
+        header,
+        payload: fullPayload,
+        warning: "This is an UNSIGNED token (alg: none). For testing/development only. Never use in production authentication.",
+    };
+}
+function formatDuration(ms) {
+    const seconds = Math.floor(ms / 1000);
+    if (seconds < 60)
+        return `${seconds}s`;
+    const minutes = Math.floor(seconds / 60);
+    if (minutes < 60)
+        return `${minutes}m ${seconds % 60}s`;
+    const hours = Math.floor(minutes / 60);
+    if (hours < 24)
+        return `${hours}h ${minutes % 60}m`;
+    const days = Math.floor(hours / 24);
+    return `${days}d ${hours % 24}h`;
+}
+//# sourceMappingURL=jwt-tools.js.map

package/dist/tools/password-tools.d.ts

@@ -0,0 +1,28 @@
+interface PasswordOptions {
+    length?: number;
+    uppercase?: boolean;
+    lowercase?: boolean;
+    digits?: boolean;
+    symbols?: boolean;
+    exclude_ambiguous?: boolean;
+    count?: number;
+}
+interface GeneratedPassword {
+    passwords: string[];
+    length: number;
+    charset_size: number;
+    entropy_bits: number;
+}
+export declare function generatePassword(options?: PasswordOptions): GeneratedPassword;
+interface StrengthResult {
+    password_length: number;
+    entropy_bits: number;
+    strength: "very_weak" | "weak" | "fair" | "strong" | "very_strong";
+    score: number;
+    warnings: string[];
+    crack_time_estimate: string;
+    charset_size: number;
+}
+export declare function checkPasswordStrength(password: string): StrengthResult;
+export {};
+//# sourceMappingURL=password-tools.d.ts.map

package/dist/tools/password-tools.js

@@ -0,0 +1,175 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.generatePassword = generatePassword;
+exports.checkPasswordStrength = checkPasswordStrength;
+const node_crypto_1 = __importDefault(require("node:crypto"));
+const COMMON_PASSWORDS = new Set([
+    "password", "123456", "12345678", "qwerty", "abc123", "monkey", "1234567",
+    "letmein", "trustno1", "dragon", "baseball", "iloveyou", "master", "sunshine",
+    "ashley", "bailey", "shadow", "123123", "654321", "superman", "qazwsx",
+    "michael", "football", "password1", "password123", "admin", "welcome",
+    "hello", "charlie", "donald", "login", "princess", "starwars",
+]);
+const COMMON_PATTERNS = [
+    { name: "all_lowercase", pattern: /^[a-z]+$/ },
+    { name: "all_uppercase", pattern: /^[A-Z]+$/ },
+    { name: "all_digits", pattern: /^\d+$/ },
+    { name: "sequential_digits", pattern: /(?:012|123|234|345|456|567|678|789|890)/ },
+    { name: "repeated_chars", pattern: /(.)\1{2,}/ },
+    { name: "keyboard_pattern", pattern: /(?:qwert|asdf|zxcv|qazwsx|poiuy)/i },
+    { name: "date_pattern", pattern: /(?:19|20)\d{2}(?:0[1-9]|1[0-2])(?:0[1-9]|[12]\d|3[01])/ },
+];
+function generatePassword(options = {}) {
+    const { length = 16, uppercase = true, lowercase = true, digits = true, symbols = true, exclude_ambiguous = false, count = 1, } = options;
+    const len = Math.min(Math.max(4, length), 256);
+    const n = Math.min(Math.max(1, count), 100);
+    let chars = "";
+    const required = [];
+    const uppercaseChars = exclude_ambiguous ? "ABCDEFGHJKLMNPQRSTUVWXYZ" : "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
+    const lowercaseChars = exclude_ambiguous ? "abcdefghjkmnpqrstuvwxyz" : "abcdefghijklmnopqrstuvwxyz";
+    const digitChars = exclude_ambiguous ? "23456789" : "0123456789";
+    const symbolChars = "!@#$%^&*()_+-=[]{}|;:,.<>?";
+    if (uppercase) {
+        chars += uppercaseChars;
+        required.push(uppercaseChars);
+    }
+    if (lowercase) {
+        chars += lowercaseChars;
+        required.push(lowercaseChars);
+    }
+    if (digits) {
+        chars += digitChars;
+        required.push(digitChars);
+    }
+    if (symbols) {
+        chars += symbolChars;
+        required.push(symbolChars);
+    }
+    if (chars.length === 0) {
+        chars = lowercaseChars + uppercaseChars + digitChars;
+        required.push(lowercaseChars, uppercaseChars, digitChars);
+    }
+    const passwords = [];
+    for (let i = 0; i < n; i++) {
+        let password;
+        let attempts = 0;
+        do {
+            const bytes = node_crypto_1.default.randomBytes(len);
+            const arr = [];
+            for (let j = 0; j < len; j++) {
+                arr.push(chars[bytes[j] % chars.length]);
+            }
+            // Ensure at least one character from each required set
+            for (let r = 0; r < required.length && r < len; r++) {
+                const reqSet = required[r];
+                if (!arr.some((c) => reqSet.includes(c))) {
+                    const pos = node_crypto_1.default.randomInt(len);
+                    const randByte = node_crypto_1.default.randomBytes(1)[0];
+                    arr[pos] = reqSet[randByte % reqSet.length];
+                }
+            }
+            password = arr.join("");
+            attempts++;
+        } while (attempts < 10 && required.some((req) => !password.split("").some((c) => req.includes(c))));
+        passwords.push(password);
+    }
+    const charsetSize = chars.length;
+    const entropyBits = Math.round(len * Math.log2(charsetSize) * 100) / 100;
+    return { passwords, length: len, charset_size: charsetSize, entropy_bits: entropyBits };
+}
+function checkPasswordStrength(password) {
+    const warnings = [];
+    let charsetSize = 0;
+    if (/[a-z]/.test(password))
+        charsetSize += 26;
+    if (/[A-Z]/.test(password))
+        charsetSize += 26;
+    if (/\d/.test(password))
+        charsetSize += 10;
+    if (/[^a-zA-Z0-9]/.test(password))
+        charsetSize += 32;
+    if (charsetSize === 0)
+        charsetSize = 1;
+    const entropyBits = Math.round(password.length * Math.log2(charsetSize) * 100) / 100;
+    // Check common passwords
+    if (COMMON_PASSWORDS.has(password.toLowerCase())) {
+        warnings.push("This is a commonly used password");
+    }
+    // Check patterns
+    for (const { name, pattern } of COMMON_PATTERNS) {
+        if (pattern.test(password)) {
+            warnings.push(`Contains ${name.replace(/_/g, " ")} pattern`);
+        }
+    }
+    if (password.length < 8)
+        warnings.push("Password is shorter than 8 characters");
+    if (password.length < 12)
+        warnings.push("Consider using 12+ characters");
+    // Unique characters ratio
+    const uniqueRatio = new Set(password).size / password.length;
+    if (uniqueRatio < 0.5)
+        warnings.push("Low character diversity");
+    // Score calculation (0-100)
+    let score = 0;
+    score += Math.min(30, password.length * 2);
+    score += Math.min(20, entropyBits / 4);
+    if (/[a-z]/.test(password) && /[A-Z]/.test(password))
+        score += 10;
+    if (/\d/.test(password))
+        score += 10;
+    if (/[^a-zA-Z0-9]/.test(password))
+        score += 15;
+    score += Math.min(15, uniqueRatio * 15);
+    score -= warnings.length * 5;
+    score = Math.max(0, Math.min(100, Math.round(score)));
+    let strength;
+    if (score < 20)
+        strength = "very_weak";
+    else if (score < 40)
+        strength = "weak";
+    else if (score < 60)
+        strength = "fair";
+    else if (score < 80)
+        strength = "strong";
+    else
+        strength = "very_strong";
+    const crackTime = estimateCrackTime(entropyBits);
+    return {
+        password_length: password.length,
+        entropy_bits: entropyBits,
+        strength,
+        score,
+        warnings,
+        crack_time_estimate: crackTime,
+        charset_size: charsetSize,
+    };
+}
+function estimateCrackTime(entropyBits) {
+    // Assume 10 billion guesses per second (modern GPU)
+    const guessesPerSecond = 1e10;
+    const totalGuesses = Math.pow(2, entropyBits);
+    const seconds = totalGuesses / guessesPerSecond / 2; // average case
+    if (seconds < 0.001)
+        return "instant";
+    if (seconds < 1)
+        return "less than a second";
+    if (seconds < 60)
+        return `${Math.round(seconds)} seconds`;
+    if (seconds < 3600)
+        return `${Math.round(seconds / 60)} minutes`;
+    if (seconds < 86400)
+        return `${Math.round(seconds / 3600)} hours`;
+    if (seconds < 31536000)
+        return `${Math.round(seconds / 86400)} days`;
+    if (seconds < 31536000 * 1000)
+        return `${Math.round(seconds / 31536000)} years`;
+    if (seconds < 31536000 * 1e6)
+        return `${Math.round(seconds / 31536000 / 1000)}k years`;
+    if (seconds < 31536000 * 1e9)
+        return `${Math.round(seconds / 31536000 / 1e6)}M years`;
+    return "billions of years+";
+}
+//# sourceMappingURL=password-tools.js.map

package/dist/tools/uuid-generator.d.ts

@@ -0,0 +1,20 @@
+export declare function generateUUIDv4(count?: number): {
+    uuids: string[];
+};
+export declare function generateNanoid(length?: number, count?: number): {
+    ids: string[];
+    length: number;
+    alphabet: string;
+};
+export declare function generateULID(count?: number): {
+    ulids: string[];
+};
+export declare function generateCUID(count?: number): {
+    cuids: string[];
+};
+export declare function generateRandomString(length?: number, charset?: string, count?: number): {
+    strings: string[];
+    length: number;
+    charset_used: string;
+};
+//# sourceMappingURL=uuid-generator.d.ts.map

package/dist/tools/uuid-generator.js

@@ -0,0 +1,109 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.generateUUIDv4 = generateUUIDv4;
+exports.generateNanoid = generateNanoid;
+exports.generateULID = generateULID;
+exports.generateCUID = generateCUID;
+exports.generateRandomString = generateRandomString;
+const node_crypto_1 = __importDefault(require("node:crypto"));
+function generateUUIDv4(count = 1) {
+    const n = Math.min(Math.max(1, count), 100);
+    const uuids = [];
+    for (let i = 0; i < n; i++) {
+        uuids.push(node_crypto_1.default.randomUUID());
+    }
+    return { uuids };
+}
+function generateNanoid(length = 21, count = 1) {
+    const alphabet = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz_-";
+    const n = Math.min(Math.max(1, count), 100);
+    const len = Math.min(Math.max(1, length), 256);
+    const ids = [];
+    for (let i = 0; i < n; i++) {
+        const bytes = node_crypto_1.default.randomBytes(len);
+        let id = "";
+        for (let j = 0; j < len; j++) {
+            id += alphabet[bytes[j] % alphabet.length];
+        }
+        ids.push(id);
+    }
+    return { ids, length: len, alphabet };
+}
+function generateULID(count = 1) {
+    const ENCODING = "0123456789ABCDEFGHJKMNPQRSTVWXYZ";
+    const n = Math.min(Math.max(1, count), 100);
+    const ulids = [];
+    for (let i = 0; i < n; i++) {
+        const now = Date.now();
+        let timeStr = "";
+        let t = now;
+        for (let j = 0; j < 10; j++) {
+            timeStr = ENCODING[t % 32] + timeStr;
+            t = Math.floor(t / 32);
+        }
+        const randomBytes = node_crypto_1.default.randomBytes(10);
+        let randomStr = "";
+        for (let j = 0; j < 16; j++) {
+            const byteIdx = Math.floor((j * 10) / 16);
+            const bitOffset = (j * 5) % 8;
+            const val = ((randomBytes[byteIdx] >> bitOffset) |
+                ((byteIdx + 1 < 10 ? randomBytes[byteIdx + 1] : 0) << (8 - bitOffset))) &
+                0x1f;
+            randomStr += ENCODING[val];
+        }
+        ulids.push(timeStr + randomStr);
+    }
+    return { ulids };
+}
+function generateCUID(count = 1) {
+    const n = Math.min(Math.max(1, count), 100);
+    const cuids = [];
+    const BASE36 = "0123456789abcdefghijklmnopqrstuvwxyz";
+    function toBase36(num, pad) {
+        let result = "";
+        let v = Math.abs(Math.floor(num));
+        do {
+            result = BASE36[v % 36] + result;
+            v = Math.floor(v / 36);
+        } while (v > 0);
+        return result.padStart(pad, "0").slice(-pad);
+    }
+    for (let i = 0; i < n; i++) {
+        const timestamp = toBase36(Date.now(), 8);
+        const randomBlock1 = toBase36(parseInt(node_crypto_1.default.randomBytes(4).toString("hex"), 16), 8);
+        const randomBlock2 = toBase36(parseInt(node_crypto_1.default.randomBytes(4).toString("hex"), 16), 8);
+        cuids.push("c" + timestamp + randomBlock1 + randomBlock2);
+    }
+    return { cuids };
+}
+function generateRandomString(length = 16, charset = "alphanumeric", count = 1) {
+    const charsets = {
+        alphanumeric: "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz",
+        alpha: "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz",
+        numeric: "0123456789",
+        hex: "0123456789abcdef",
+        lowercase: "abcdefghijklmnopqrstuvwxyz",
+        uppercase: "ABCDEFGHIJKLMNOPQRSTUVWXYZ",
+        symbols: "!@#$%^&*()_+-=[]{}|;:,.<>?",
+        all: "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz!@#$%^&*()_+-=[]{}|;:,.<>?",
+    };
+    const chars = charsets[charset] || charset;
+    if (chars.length === 0)
+        throw new Error("Charset must not be empty");
+    const len = Math.min(Math.max(1, length), 1024);
+    const n = Math.min(Math.max(1, count), 100);
+    const strings = [];
+    for (let i = 0; i < n; i++) {
+        const bytes = node_crypto_1.default.randomBytes(len);
+        let result = "";
+        for (let j = 0; j < len; j++) {
+            result += chars[bytes[j] % chars.length];
+        }
+        strings.push(result);
+    }
+    return { strings, length: len, charset_used: charset in charsets ? charset : "custom" };
+}
+//# sourceMappingURL=uuid-generator.js.map

package/package.json

@@ -0,0 +1,19 @@
+{
+  "name": "@rog0x/mcp-crypto-tools",
+  "version": "1.0.0",
+  "description": "Cryptography and encoding tools for AI agents via MCP",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "scripts": {
+    "build": "tsc",
+    "start": "node dist/index.js"
+  },
+  "dependencies": {
+    "@modelcontextprotocol/sdk": "^1.12.1"
+  },
+  "devDependencies": {
+    "typescript": "^5.7.3",
+    "@types/node": "^22.15.3"
+  },
+  "license": "MIT"
+}