@stryke/crypto 0.5.43 → 0.6.0

package/dist/node.mjs

@@ -0,0 +1,654 @@
+import { Buffer as Buffer$1 } from "node:buffer";
+import { createCipheriv, createDecipheriv, createSecretKey, pbkdf2Sync, randomBytes } from "node:crypto";
+
+//#region ../type-checks/src/is-undefined.ts
+const isUndefined = (value) => {
+	return value === void 0;
+};
+
+//#endregion
+//#region ../type-checks/src/is-buffer.ts
+const isBufferExists = typeof Buffer !== "undefined";
+/**
+* Check if the provided value's type is `Buffer`
+*/
+const isBuffer = isBufferExists ? Buffer.isBuffer.bind(Buffer) : function isBuffer$1(value) {
+	return false;
+};
+
+//#endregion
+//#region ../type-checks/src/type-detect.ts
+const globalObject = ((Obj) => {
+	if (typeof globalThis === "object") return globalThis;
+	Object.defineProperty(Obj, "typeDetectGlobalObject", {
+		get() {
+			return this;
+		},
+		configurable: true
+	});
+	return globalThis;
+})(Object.prototype);
+
+//#endregion
+//#region ../type-checks/src/is-string.ts
+const isString = (value) => {
+	try {
+		return typeof value === "string";
+	} catch {
+		return false;
+	}
+};
+
+//#endregion
+//#region ../convert/src/string-to-uint8-array.ts
+/**
+* Convert a string to Uint8Array
+*
+* @param text - The text to convert
+* @returns The converted Uint8Array
+*/
+function stringToUint8Array(text) {
+	return Uint8Array.from([...encodeURIComponent(text)].map((letter) => letter.codePointAt(0)));
+}
+
+//#endregion
+//#region ../convert/src/string-to-utf8-array.ts
+const encoder = new TextEncoder();
+
+//#endregion
+//#region ../convert/src/utf8-array-to-string.ts
+const decoder = new TextDecoder();
+/**
+* Convert a utf-8 array to string
+*
+* @param input - Utf-8 Array
+* @returns The converted string
+*/
+function utf8ArrayToString(input) {
+	return decoder.decode(input);
+}
+
+//#endregion
+//#region src/base-64.ts
+const ENCODE_MAP = new Uint8Array([
+	65,
+	66,
+	67,
+	68,
+	69,
+	70,
+	71,
+	72,
+	73,
+	74,
+	75,
+	76,
+	77,
+	78,
+	79,
+	80,
+	81,
+	82,
+	83,
+	84,
+	85,
+	86,
+	87,
+	88,
+	89,
+	90,
+	97,
+	98,
+	99,
+	100,
+	101,
+	102,
+	103,
+	104,
+	105,
+	106,
+	107,
+	108,
+	109,
+	110,
+	111,
+	112,
+	113,
+	114,
+	115,
+	116,
+	117,
+	118,
+	119,
+	120,
+	121,
+	122,
+	48,
+	49,
+	50,
+	51,
+	52,
+	53,
+	54,
+	55,
+	56,
+	57,
+	43,
+	47
+]);
+const ENCODE_PAD = 61;
+const DECODE_MAP$1 = new Uint8Array([
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	62,
+	100,
+	100,
+	100,
+	63,
+	52,
+	53,
+	54,
+	55,
+	56,
+	57,
+	58,
+	59,
+	60,
+	61,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	0,
+	1,
+	2,
+	3,
+	4,
+	5,
+	6,
+	7,
+	8,
+	9,
+	10,
+	11,
+	12,
+	13,
+	14,
+	15,
+	16,
+	17,
+	18,
+	19,
+	20,
+	21,
+	22,
+	23,
+	24,
+	25,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	26,
+	27,
+	28,
+	29,
+	30,
+	31,
+	32,
+	33,
+	34,
+	35,
+	36,
+	37,
+	38,
+	39,
+	40,
+	41,
+	42,
+	43,
+	44,
+	45,
+	46,
+	47,
+	48,
+	49,
+	50,
+	51,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100,
+	100
+]);
+/**
+* Encodes a Uint8Array into a Base64 encoded Uint8Array.
+*
+* @credit https://github.com/hi-ogawa/js-utils
+*
+* @param input - The input Uint8Array or string to encode.
+* @returns The Base64 encoded Uint8Array.
+*/
+function encodeBase64(input) {
+	if (isString(input)) input = stringToUint8Array(input);
+	const xLen = input.length;
+	const result = new Uint8Array(Math.ceil(xLen / 3) * 4);
+	const chunkLen = Math.floor(xLen / 3);
+	for (let i$1 = 0; i$1 < chunkLen; i$1++) {
+		const chunk = input[3 * i$1 + 0] << 16 | input[3 * i$1 + 1] << 8 | input[3 * i$1 + 2];
+		result[4 * i$1 + 0] = ENCODE_MAP[chunk >> 18 & 63];
+		result[4 * i$1 + 1] = ENCODE_MAP[chunk >> 12 & 63];
+		result[4 * i$1 + 2] = ENCODE_MAP[chunk >> 6 & 63];
+		result[4 * i$1 + 3] = ENCODE_MAP[chunk >> 0 & 63];
+	}
+	const i = chunkLen;
+	switch (xLen % 3) {
+		case 1: {
+			const chunk = input[3 * i + 0] << 16;
+			result[4 * i + 0] = ENCODE_MAP[chunk >> 18 & 63];
+			result[4 * i + 1] = ENCODE_MAP[chunk >> 12 & 63];
+			result[4 * i + 2] = ENCODE_PAD;
+			result[4 * i + 3] = ENCODE_PAD;
+			break;
+		}
+		case 2: {
+			const chunk = input[3 * i + 0] << 16 | input[3 * i + 1] << 8;
+			result[4 * i + 0] = ENCODE_MAP[chunk >> 18 & 63];
+			result[4 * i + 1] = ENCODE_MAP[chunk >> 12 & 63];
+			result[4 * i + 2] = ENCODE_MAP[chunk >> 6 & 63];
+			result[4 * i + 3] = ENCODE_PAD;
+			break;
+		}
+	}
+	return utf8ArrayToString(result);
+}
+/**
+* Decodes a Base64 encoded Uint8Array into a Uint8Array.
+*
+* @credit https://github.com/hi-ogawa/js-utils
+*
+* @param input - The Base64 encoded Uint8Array or string to decode.
+* @returns The decoded Uint8Array.
+*/
+function decodeBase64(input) {
+	if (isString(input)) input = stringToUint8Array(input);
+	const yLen = input.length;
+	if (yLen % 4 !== 0) throw new Error("invalid length");
+	let padLen = 0;
+	while (padLen < 2 && padLen < input.length && input[input.length - 1 - padLen] === ENCODE_PAD) padLen++;
+	for (let i$1 = 0; i$1 < input.length - padLen; i$1++) if (isUndefined(input[i$1]) || isUndefined(DECODE_MAP$1[input[i$1]]) || DECODE_MAP$1[input[i$1]] >= 64) throw new Error("invalid data");
+	const chunkLen = Math.floor((yLen - padLen) / 4);
+	const xLen = 3 * chunkLen + (3 - padLen) % 3;
+	const result = new Uint8Array(xLen);
+	for (let i$1 = 0; i$1 < chunkLen; i$1++) {
+		const chunk = DECODE_MAP$1[input[4 * i$1 + 0]] << 18 | DECODE_MAP$1[input[4 * i$1 + 1]] << 12 | DECODE_MAP$1[input[4 * i$1 + 2]] << 6 | DECODE_MAP$1[input[4 * i$1 + 3]] << 0;
+		result[3 * i$1] = chunk >> 16 & 255;
+		result[3 * i$1 + 1] = chunk >> 8 & 255;
+		result[3 * i$1 + 2] = chunk >> 0 & 255;
+	}
+	const i = chunkLen;
+	switch (xLen % 3) {
+		case 1: {
+			const chunk = DECODE_MAP$1[input[4 * i + 0]] << 18 | DECODE_MAP$1[input[4 * i + 1]] << 12;
+			result[3 * i] = chunk >> 16 & 255;
+			break;
+		}
+		case 2: {
+			const chunk = DECODE_MAP$1[input[4 * i + 0]] << 18 | DECODE_MAP$1[input[4 * i + 1]] << 12 | DECODE_MAP$1[input[4 * i + 2]] << 6;
+			result[3 * i] = chunk >> 16 & 255;
+			result[3 * i + 1] = chunk >> 8 & 255;
+			break;
+		}
+	}
+	return result;
+}
+/**
+* Converts a Base64 encoded string to a [Base64url](https://datatracker.ietf.org/doc/html/rfc7515#appendix-C) encoded string.
+*
+* @see https://datatracker.ietf.org/doc/html/rfc7515#appendix-C
+*
+* @param base64 - The Base64 encoded string to convert.
+* @returns The Base64url encoded string.
+*/
+function base64UrlEncode(base64) {
+	return btoa(String.fromCharCode(...base64)).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "");
+}
+/**
+* Converts a [Base64url](https://datatracker.ietf.org/doc/html/rfc7515#appendix-C) encoded string to a Base64 encoded string.
+*
+* @see https://datatracker.ietf.org/doc/html/rfc7515#appendix-C
+*
+* @param base64url - The Base64url encoded string to convert.
+* @returns The Base64 encoded string.
+*/
+function base64UrlDecode(base64url) {
+	const base64 = base64url.replace(/-/g, "+").replace(/_/g, "/");
+	return new Uint8Array([...atob(base64 + "=".repeat((4 - base64.length % 4) % 4))].map((c) => c.charCodeAt(0)));
+}
+
+//#endregion
+//#region src/encryption.node.ts
+const CIPHER_ALGORITHM = "chacha20-poly1305";
+const CIPHER_KEY_LENGTH = 32;
+const CIPHER_IV_LENGTH = 16;
+const CIPHER_TAG_LENGTH = 16;
+const CIPHER_SALT_LENGTH = 64;
+const PBKDF2_ITERATIONS = 1e5;
+/**
+* Creates and returns a new key object containing a secret key for symmetric encryption or \`Hmac\`.
+*
+* @param key - The key to use. If \`key\` is a \`Buffer\`, \`TypedArray\`, or \`DataView\`, the \`encoding\` argument is ignored.
+* @param encoding - The \`encoding\` of the \`key\` string. Must be one of \`'utf8'\`, \`'utf16le'\`, \`'latin1'\`, or \`'base64'\`. Default is \`'utf8'\`.
+* @returns The new \`KeyObject\`.
+*/
+function createKey(key, encoding) {
+	return typeof key === "string" ? createSecretKey(key, encoding) : createSecretKey(key);
+}
+/**
+* Symmetrically encrypts data using the [ChaCha20-Poly1305](https://en.wikipedia.org/wiki/ChaCha20-Poly1305) cipher.
+*
+* @see https://en.wikipedia.org/wiki/ChaCha20-Poly1305
+*
+* @param secret - The secret key used for encryption.
+* @param plaintext - The data to encrypt.
+* @returns The encrypted data.
+*/
+function encrypt(secret, plaintext) {
+	const key = pbkdf2Sync(secret, randomBytes(CIPHER_SALT_LENGTH), PBKDF2_ITERATIONS, CIPHER_KEY_LENGTH, "sha512");
+	const iv = randomBytes(CIPHER_IV_LENGTH);
+	const salt = randomBytes(CIPHER_SALT_LENGTH);
+	const cipher = createCipheriv(CIPHER_ALGORITHM, key, randomBytes(CIPHER_IV_LENGTH));
+	const encrypted = Buffer$1.concat([cipher.update(plaintext, "utf8"), cipher.final()]);
+	const tag = cipher.getAuthTag();
+	return Buffer$1.concat([
+		salt,
+		iv,
+		tag,
+		encrypted
+	]).toString("hex");
+}
+/**
+* Symmetrically decrypts data using the [ChaCha20-Poly1305](https://en.wikipedia.org/wiki/ChaCha20-Poly1305) cipher.
+*
+* @see https://en.wikipedia.org/wiki/ChaCha20-Poly1305
+*
+* @param secret - The secret key used for decryption.
+* @param encrypted - The encrypted data to decrypt.
+* @returns The decrypted data.
+*/
+function decrypt(secret, encrypted) {
+	const buffer = Buffer$1.from(encrypted, "hex");
+	const decipher = createDecipheriv(CIPHER_ALGORITHM, pbkdf2Sync(secret, buffer.slice(0, CIPHER_SALT_LENGTH), PBKDF2_ITERATIONS, CIPHER_KEY_LENGTH, "sha512"), buffer.slice(CIPHER_SALT_LENGTH, CIPHER_SALT_LENGTH + CIPHER_IV_LENGTH));
+	decipher.setAuthTag(buffer.slice(CIPHER_SALT_LENGTH + CIPHER_IV_LENGTH, CIPHER_SALT_LENGTH + CIPHER_IV_LENGTH + CIPHER_TAG_LENGTH));
+	return decipher.update(buffer.slice(CIPHER_SALT_LENGTH + CIPHER_IV_LENGTH + CIPHER_TAG_LENGTH)) + decipher.final("utf8");
+}
+
+//#endregion
+//#region src/hex.ts
+const ALPHABET = "0123456789ABCDEF";
+const DECODE_MAP = {
+	"0": 0,
+	"1": 1,
+	"2": 2,
+	"3": 3,
+	"4": 4,
+	"5": 5,
+	"6": 6,
+	"7": 7,
+	"8": 8,
+	"9": 9,
+	a: 10,
+	A: 10,
+	b: 11,
+	B: 11,
+	c: 12,
+	C: 12,
+	d: 13,
+	D: 13,
+	e: 14,
+	E: 14,
+	f: 15,
+	F: 15
+};
+/**
+* Encodes a Uint8Array into a hexadecimal string.
+*
+* @param input - The input Uint8Array.
+* @returns The hexadecimal string.
+*/
+function encodeHex(input) {
+	let result = "";
+	for (let i = 0; i < input.length; i++) {
+		result += ALPHABET[input[i] >> 4];
+		result += ALPHABET[input[i] & 15];
+	}
+	return result;
+}
+/**
+* Encodes a Uint8Array into an uppercase hexadecimal string.
+*
+* @param input - The input Uint8Array.
+* @returns The uppercase hexadecimal string.
+*/
+function decodeHex(input) {
+	if (input.length % 2 !== 0) throw new Error("Invalid hex string");
+	const result = new Uint8Array(input.length / 2);
+	for (let i = 0; i < input.length; i += 2) {
+		if (!(input[i] in DECODE_MAP)) throw new Error("Invalid character");
+		if (!(input[i + 1] in DECODE_MAP)) throw new Error("Invalid character");
+		result[i / 2] |= DECODE_MAP[input[i]] << 4;
+		result[i / 2] |= DECODE_MAP[input[i + 1]];
+	}
+	return result;
+}
+
+//#endregion
+//#region src/random.ts
+/**
+* Generate a random byte array of the specified length using the Web Crypto API.
+*
+* @param length - The length of the random byte array to generate (default is 32 bytes)
+* @returns A Uint8Array containing random bytes of the specified length
+*/
+function generateRandomBytes(length = 32) {
+	return crypto.getRandomValues(new Uint8Array(length));
+}
+/**
+* Generate a random string of the specified length using characters A-Z, a-z, and 0-9 for CSRF tokens, etc.
+*
+* @remarks
+* This function uses the Web Crypto API's `crypto.getRandomValues` to generate secure random bytes,
+* and then maps those bytes to characters in the specified character set. It uses rejection sampling
+* to ensure a uniform distribution of characters without modulo bias.
+*
+* @param length - The length of the random string to generate (default is 32 characters)
+* @returns A random string of the specified length
+*/
+function generateRandomString(length = 32) {
+	const chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
+	const charsLen = 62;
+	const maxValid = 256 - 256 % charsLen;
+	const result = [];
+	while (result.length < length) {
+		const bytes = generateRandomBytes(length - result.length);
+		for (const b of bytes) if (b < maxValid && result.length < length && chars[b % charsLen]) result.push(chars[b % charsLen]);
+	}
+	return result.join("");
+}
+
+//#endregion
+export { base64UrlDecode, base64UrlEncode, createKey, decodeBase64, decodeHex, decrypt, encodeBase64, encodeHex, encrypt, generateRandomBytes, generateRandomString };
+//# sourceMappingURL=node.mjs.map