@wener/common 1.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +21 -0
- package/lib/index.js +3 -0
- package/lib/index.js.map +1 -0
- package/lib/jsonschema/JsonSchema.js +180 -0
- package/lib/jsonschema/JsonSchema.js.map +1 -0
- package/lib/jsonschema/index.js +2 -0
- package/lib/jsonschema/index.js.map +1 -0
- package/lib/jsonschema/types.d.js +3 -0
- package/lib/jsonschema/types.d.js.map +1 -0
- package/lib/meta/defineInit.js +42 -0
- package/lib/meta/defineInit.js.map +1 -0
- package/lib/meta/defineMetadata.js +30 -0
- package/lib/meta/defineMetadata.js.map +1 -0
- package/lib/meta/index.js +3 -0
- package/lib/meta/index.js.map +1 -0
- package/lib/normalizePagination.js +14 -0
- package/lib/normalizePagination.js.map +1 -0
- package/lib/parseSort.js +91 -0
- package/lib/parseSort.js.map +1 -0
- package/lib/password/PHC.js +200 -0
- package/lib/password/PHC.js.map +1 -0
- package/lib/password/Password.js +83 -0
- package/lib/password/Password.js.map +1 -0
- package/lib/password/createArgon2PasswordAlgorithm.js +53 -0
- package/lib/password/createArgon2PasswordAlgorithm.js.map +1 -0
- package/lib/password/createBase64PasswordAlgorithm.js +14 -0
- package/lib/password/createBase64PasswordAlgorithm.js.map +1 -0
- package/lib/password/createBcryptPasswordAlgorithm.js +20 -0
- package/lib/password/createBcryptPasswordAlgorithm.js.map +1 -0
- package/lib/password/createPBKDF2PasswordAlgorithm.js +54 -0
- package/lib/password/createPBKDF2PasswordAlgorithm.js.map +1 -0
- package/lib/password/createScryptPasswordAlgorithm.js +66 -0
- package/lib/password/createScryptPasswordAlgorithm.js.map +1 -0
- package/lib/password/index.js +6 -0
- package/lib/password/index.js.map +1 -0
- package/lib/password/server/index.js +2 -0
- package/lib/password/server/index.js.map +1 -0
- package/lib/tools/renderJsonSchemaToMarkdownDoc.js +85 -0
- package/lib/tools/renderJsonSchemaToMarkdownDoc.js.map +1 -0
- package/package.json +56 -0
- package/src/index.ts +2 -0
- package/src/jsonschema/JsonSchema.test.ts +27 -0
- package/src/jsonschema/JsonSchema.ts +197 -0
- package/src/jsonschema/index.ts +2 -0
- package/src/jsonschema/types.d.ts +173 -0
- package/src/meta/defineInit.ts +68 -0
- package/src/meta/defineMetadata.test.ts +15 -0
- package/src/meta/defineMetadata.ts +57 -0
- package/src/meta/index.ts +3 -0
- package/src/normalizePagination.ts +25 -0
- package/src/parseSort.test.ts +41 -0
- package/src/parseSort.ts +115 -0
- package/src/password/PHC.test.ts +317 -0
- package/src/password/PHC.ts +247 -0
- package/src/password/Password.test.ts +58 -0
- package/src/password/Password.ts +113 -0
- package/src/password/createArgon2PasswordAlgorithm.ts +80 -0
- package/src/password/createBase64PasswordAlgorithm.ts +14 -0
- package/src/password/createBcryptPasswordAlgorithm.ts +30 -0
- package/src/password/createPBKDF2PasswordAlgorithm.ts +73 -0
- package/src/password/createScryptPasswordAlgorithm.ts +72 -0
- package/src/password/index.ts +5 -0
- package/src/password/server/index.ts +1 -0
- package/src/tools/renderJsonSchemaToMarkdownDoc.ts +93 -0
|
@@ -0,0 +1,200 @@
|
|
|
1
|
+
import { ArrayBuffers } from "@wener/utils";
|
|
2
|
+
(function(PHC) {
|
|
3
|
+
// https://github.com/simonepri/phc-format/blob/master/index.js
|
|
4
|
+
const idRegex = /^[a-z0-9-]{1,32}$/;
|
|
5
|
+
const nameRegex = /^[a-z0-9-]{1,32}$/;
|
|
6
|
+
const valueRegex = /^[a-zA-Z0-9/+.-]+$/;
|
|
7
|
+
const b64Regex = /^([a-zA-Z0-9/+.-]+|)$/;
|
|
8
|
+
const decimalRegex = /^((-)?[1-9]\d*|0)$/;
|
|
9
|
+
const versionRegex = /^v=(\d+)$/;
|
|
10
|
+
const fromBase64 = ArrayBuffers.fromBase64;
|
|
11
|
+
const toBase64 = ArrayBuffers.toBase64;
|
|
12
|
+
const isBuffer = (v)=>{
|
|
13
|
+
return v instanceof Uint8Array;
|
|
14
|
+
};
|
|
15
|
+
function objToKeyVal(obj) {
|
|
16
|
+
return objectKeys(obj).map((k)=>[
|
|
17
|
+
k,
|
|
18
|
+
obj[k]
|
|
19
|
+
].join('=')).join(',');
|
|
20
|
+
}
|
|
21
|
+
function keyValtoObj(str) {
|
|
22
|
+
const obj = {};
|
|
23
|
+
str.split(',').forEach((ps)=>{
|
|
24
|
+
const pss = ps.split('=');
|
|
25
|
+
if (pss.length < 2) {
|
|
26
|
+
throw new TypeError(`params must be in the format name=value`);
|
|
27
|
+
}
|
|
28
|
+
const key = pss.shift();
|
|
29
|
+
if (key !== undefined) {
|
|
30
|
+
obj[key] = pss.join('=');
|
|
31
|
+
}
|
|
32
|
+
});
|
|
33
|
+
return obj;
|
|
34
|
+
}
|
|
35
|
+
function objectKeys(object) {
|
|
36
|
+
return Object.keys(object);
|
|
37
|
+
}
|
|
38
|
+
function objectValues(object) {
|
|
39
|
+
if (typeof Object.values === 'function') return Object.values(object);
|
|
40
|
+
return objectKeys(object).map((k)=>object[k]);
|
|
41
|
+
}
|
|
42
|
+
function serialize(opts) {
|
|
43
|
+
const fields = [
|
|
44
|
+
''
|
|
45
|
+
];
|
|
46
|
+
if (typeof opts !== 'object' || opts === null) {
|
|
47
|
+
throw new TypeError('opts must be an object');
|
|
48
|
+
}
|
|
49
|
+
// Identifier Validation
|
|
50
|
+
if (typeof opts.id !== 'string') {
|
|
51
|
+
throw new TypeError('id must be a string');
|
|
52
|
+
}
|
|
53
|
+
if (!idRegex.test(opts.id)) {
|
|
54
|
+
throw new TypeError(`id must satisfy ${idRegex}`);
|
|
55
|
+
}
|
|
56
|
+
fields.push(opts.id);
|
|
57
|
+
if (typeof opts.version !== 'undefined') {
|
|
58
|
+
if (typeof opts.version !== 'number' || opts.version < 0 || !Number.isInteger(opts.version)) {
|
|
59
|
+
throw new TypeError('version must be a positive integer number');
|
|
60
|
+
}
|
|
61
|
+
fields.push(`v=${opts.version}`);
|
|
62
|
+
}
|
|
63
|
+
// Parameters Validation
|
|
64
|
+
if (typeof opts.params !== 'undefined') {
|
|
65
|
+
if (typeof opts.params !== 'object' || opts.params === null) {
|
|
66
|
+
throw new TypeError('params must be an object');
|
|
67
|
+
}
|
|
68
|
+
const pk = objectKeys(opts.params);
|
|
69
|
+
if (!pk.every((p)=>nameRegex.test(p.toString()))) {
|
|
70
|
+
throw new TypeError(`params names must satisfy ${nameRegex}`);
|
|
71
|
+
}
|
|
72
|
+
// Convert Numbers into Numeric Strings and Buffers into B64 encoded strings.
|
|
73
|
+
pk.forEach((k)=>{
|
|
74
|
+
const value = opts.params[k];
|
|
75
|
+
if (typeof value === 'number') {
|
|
76
|
+
opts.params[k] = value.toString();
|
|
77
|
+
} else if (value instanceof Uint8Array) {
|
|
78
|
+
opts.params[k] = toBase64(value).split('=')[0];
|
|
79
|
+
}
|
|
80
|
+
});
|
|
81
|
+
const pv = objectValues(opts.params);
|
|
82
|
+
if (!pv.every((v)=>typeof v === 'string')) {
|
|
83
|
+
throw new TypeError('params values must be strings');
|
|
84
|
+
}
|
|
85
|
+
if (!pv.every((v)=>valueRegex.test(v))) {
|
|
86
|
+
throw new TypeError(`params values must satisfy ${valueRegex}`);
|
|
87
|
+
}
|
|
88
|
+
const strpar = objToKeyVal(opts.params);
|
|
89
|
+
fields.push(strpar);
|
|
90
|
+
}
|
|
91
|
+
if (typeof opts.salt !== 'undefined') {
|
|
92
|
+
// Salt Validation
|
|
93
|
+
if (!isBuffer(opts.salt)) {
|
|
94
|
+
throw new TypeError('salt must be a Buffer');
|
|
95
|
+
}
|
|
96
|
+
fields.push(toBase64(opts.salt).split('=')[0]);
|
|
97
|
+
if (typeof opts.hash !== 'undefined') {
|
|
98
|
+
// Hash Validation
|
|
99
|
+
if (!isBuffer(opts.hash)) {
|
|
100
|
+
throw new TypeError('hash must be a Buffer');
|
|
101
|
+
}
|
|
102
|
+
fields.push(toBase64(opts.hash).split('=')[0]);
|
|
103
|
+
}
|
|
104
|
+
}
|
|
105
|
+
// Create the PHC formatted string
|
|
106
|
+
const phcstr = fields.join('$');
|
|
107
|
+
return phcstr;
|
|
108
|
+
}
|
|
109
|
+
/**
|
|
110
|
+
* Generates a PHC string using the data provided.
|
|
111
|
+
* @param {SerializeOptions} opts Object that holds the data needed to generate the PHC string.
|
|
112
|
+
* @return {string} The hash string adhering to the PHC format.
|
|
113
|
+
*/ PHC.serialize = serialize;
|
|
114
|
+
function deserialize(phcstr) {
|
|
115
|
+
if (typeof phcstr !== 'string' || phcstr === '') {
|
|
116
|
+
throw new TypeError('pchstr must be a non-empty string');
|
|
117
|
+
}
|
|
118
|
+
if (phcstr[0] !== '$') {
|
|
119
|
+
throw new TypeError('pchstr must contain a $ as first char');
|
|
120
|
+
}
|
|
121
|
+
const fields = phcstr.split('$');
|
|
122
|
+
// Remove first empty $
|
|
123
|
+
fields.shift();
|
|
124
|
+
// Parse Fields
|
|
125
|
+
let maxf = 5;
|
|
126
|
+
if (!versionRegex.test(fields[1])) maxf--;
|
|
127
|
+
if (fields.length > maxf) {
|
|
128
|
+
throw new TypeError(`pchstr contains too many fileds: ${fields.length}/${maxf}`);
|
|
129
|
+
}
|
|
130
|
+
// Parse Identifier
|
|
131
|
+
const id = fields.shift();
|
|
132
|
+
if (!id || !idRegex.test(id)) {
|
|
133
|
+
throw new TypeError(`id must satisfy ${idRegex}`);
|
|
134
|
+
}
|
|
135
|
+
let version;
|
|
136
|
+
// Parse Version
|
|
137
|
+
if (fields[0] && versionRegex.test(fields[0])) {
|
|
138
|
+
const versionMatch = fields.shift()?.match(versionRegex);
|
|
139
|
+
version = versionMatch ? parseInt(versionMatch[1], 10) : undefined;
|
|
140
|
+
}
|
|
141
|
+
let hash;
|
|
142
|
+
let salt;
|
|
143
|
+
if (fields[fields.length - 1] && b64Regex.test(fields[fields.length - 1])) {
|
|
144
|
+
if (fields.length > 1 && b64Regex.test(fields[fields.length - 2])) {
|
|
145
|
+
// Parse Hash
|
|
146
|
+
const hashStr = fields.pop();
|
|
147
|
+
if (hashStr) hash = fromBase64(hashStr);
|
|
148
|
+
// Parse Salt
|
|
149
|
+
const saltStr = fields.pop();
|
|
150
|
+
if (saltStr !== undefined) salt = fromBase64(saltStr);
|
|
151
|
+
} else {
|
|
152
|
+
// Parse Salt
|
|
153
|
+
const saltStr = fields.pop();
|
|
154
|
+
if (saltStr !== undefined) salt = fromBase64(saltStr);
|
|
155
|
+
}
|
|
156
|
+
}
|
|
157
|
+
// Parse Parameters
|
|
158
|
+
let params;
|
|
159
|
+
if (fields.length > 0) {
|
|
160
|
+
const parstr = fields.pop();
|
|
161
|
+
if (parstr) {
|
|
162
|
+
params = keyValtoObj(parstr);
|
|
163
|
+
if (!Object.keys(params).every((p)=>nameRegex.test(p))) {
|
|
164
|
+
throw new TypeError(`params names must satisfy ${nameRegex}}`);
|
|
165
|
+
}
|
|
166
|
+
const pv = Object.values(params);
|
|
167
|
+
if (!pv.every((v)=>valueRegex.test(String(v)))) {
|
|
168
|
+
throw new TypeError(`params values must satisfy ${valueRegex}`);
|
|
169
|
+
}
|
|
170
|
+
// Convert Decimal Strings into Numbers
|
|
171
|
+
Object.keys(params).forEach((k)=>{
|
|
172
|
+
const value = params[k];
|
|
173
|
+
if (typeof value === 'string' && decimalRegex.test(value)) {
|
|
174
|
+
params[k] = parseInt(value, 10);
|
|
175
|
+
}
|
|
176
|
+
});
|
|
177
|
+
}
|
|
178
|
+
}
|
|
179
|
+
if (fields.length > 0) {
|
|
180
|
+
throw new TypeError(`pchstr contains unrecognized fileds: ${fields}`);
|
|
181
|
+
}
|
|
182
|
+
// Build the output object
|
|
183
|
+
const phcobj = {
|
|
184
|
+
id
|
|
185
|
+
};
|
|
186
|
+
if (version !== undefined) phcobj.version = version;
|
|
187
|
+
if (params) phcobj.params = params;
|
|
188
|
+
if (salt) phcobj.salt = salt;
|
|
189
|
+
if (hash) phcobj.hash = hash;
|
|
190
|
+
return phcobj;
|
|
191
|
+
}
|
|
192
|
+
/**
|
|
193
|
+
* Parses data from a PHC string.
|
|
194
|
+
* @param {string} phcstr A PHC string to parse.
|
|
195
|
+
* @return {DeserializeResult} The object containing the data parsed from the PHC string.
|
|
196
|
+
*/ PHC.deserialize = deserialize;
|
|
197
|
+
})(PHC || (PHC = {}));
|
|
198
|
+
export var PHC;
|
|
199
|
+
|
|
200
|
+
//# sourceMappingURL=PHC.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../src/password/PHC.ts"],"sourcesContent":["import { ArrayBuffers } from '@wener/utils';\n\nexport namespace PHC {\n // https://github.com/simonepri/phc-format/blob/master/index.js\n\n const idRegex = /^[a-z0-9-]{1,32}$/;\n const nameRegex = /^[a-z0-9-]{1,32}$/;\n const valueRegex = /^[a-zA-Z0-9/+.-]+$/;\n const b64Regex = /^([a-zA-Z0-9/+.-]+|)$/;\n const decimalRegex = /^((-)?[1-9]\\d*|0)$/;\n const versionRegex = /^v=(\\d+)$/;\n\n const fromBase64 = ArrayBuffers.fromBase64;\n const toBase64 = ArrayBuffers.toBase64;\n const isBuffer = (v: any): v is Uint8Array => {\n return v instanceof Uint8Array;\n };\n\n function objToKeyVal(obj: Record<string, any>): string {\n return objectKeys(obj)\n .map((k) => [k, obj[k]].join('='))\n .join(',');\n }\n\n function keyValtoObj(str: string): Record<string, string> {\n const obj: Record<string, string> = {};\n str.split(',').forEach((ps) => {\n const pss = ps.split('=');\n if (pss.length < 2) {\n throw new TypeError(`params must be in the format name=value`);\n }\n\n const key = pss.shift();\n if (key !== undefined) {\n obj[key] = pss.join('=');\n }\n });\n return obj;\n }\n\n function objectKeys<T extends object>(object: T): Array<keyof T> {\n return Object.keys(object) as Array<keyof T>;\n }\n\n function objectValues<T extends object>(object: T): Array<T[keyof T]> {\n if (typeof Object.values === 'function') return Object.values(object);\n return objectKeys(object).map((k) => object[k]);\n }\n\n interface SerializeOptions {\n id: string;\n version?: number;\n params?: Record<string, string | number | Uint8Array>;\n salt?: Uint8Array;\n hash?: Uint8Array;\n }\n\n /**\n * Generates a PHC string using the data provided.\n * @param {SerializeOptions} opts Object that holds the data needed to generate the PHC string.\n * @return {string} The hash string adhering to the PHC format.\n */\n export function serialize(opts: SerializeOptions): string {\n const fields: string[] = [''];\n\n if (typeof opts !== 'object' || opts === null) {\n throw new TypeError('opts must be an object');\n }\n\n // Identifier Validation\n if (typeof opts.id !== 'string') {\n throw new TypeError('id must be a string');\n }\n\n if (!idRegex.test(opts.id)) {\n throw new TypeError(`id must satisfy ${idRegex}`);\n }\n\n fields.push(opts.id);\n\n if (typeof opts.version !== 'undefined') {\n if (typeof opts.version !== 'number' || opts.version < 0 || !Number.isInteger(opts.version)) {\n throw new TypeError('version must be a positive integer number');\n }\n\n fields.push(`v=${opts.version}`);\n }\n\n // Parameters Validation\n if (typeof opts.params !== 'undefined') {\n if (typeof opts.params !== 'object' || opts.params === null) {\n throw new TypeError('params must be an object');\n }\n\n const pk = objectKeys(opts.params);\n if (!pk.every((p) => nameRegex.test(p.toString()))) {\n throw new TypeError(`params names must satisfy ${nameRegex}`);\n }\n\n // Convert Numbers into Numeric Strings and Buffers into B64 encoded strings.\n pk.forEach((k) => {\n const value = opts.params![k];\n if (typeof value === 'number') {\n opts.params![k] = value.toString();\n } else if (value instanceof Uint8Array) {\n opts.params![k] = toBase64(value).split('=')[0];\n }\n });\n const pv = objectValues(opts.params);\n if (!pv.every((v) => typeof v === 'string')) {\n throw new TypeError('params values must be strings');\n }\n\n if (!pv.every((v) => valueRegex.test(v))) {\n throw new TypeError(`params values must satisfy ${valueRegex}`);\n }\n\n const strpar = objToKeyVal(opts.params as Record<string, string>);\n fields.push(strpar);\n }\n\n if (typeof opts.salt !== 'undefined') {\n // Salt Validation\n if (!isBuffer(opts.salt)) {\n throw new TypeError('salt must be a Buffer');\n }\n\n fields.push(toBase64(opts.salt).split('=')[0]);\n\n if (typeof opts.hash !== 'undefined') {\n // Hash Validation\n if (!isBuffer(opts.hash)) {\n throw new TypeError('hash must be a Buffer');\n }\n\n fields.push(toBase64(opts.hash).split('=')[0]);\n }\n }\n\n // Create the PHC formatted string\n const phcstr = fields.join('$');\n\n return phcstr;\n }\n\n interface DeserializeResult {\n id: string;\n version?: number;\n params?: Record<string, string | number>;\n salt?: Uint8Array;\n hash?: Uint8Array;\n }\n\n /**\n * Parses data from a PHC string.\n * @param {string} phcstr A PHC string to parse.\n * @return {DeserializeResult} The object containing the data parsed from the PHC string.\n */\n export function deserialize(phcstr: string): DeserializeResult {\n if (typeof phcstr !== 'string' || phcstr === '') {\n throw new TypeError('pchstr must be a non-empty string');\n }\n\n if (phcstr[0] !== '$') {\n throw new TypeError('pchstr must contain a $ as first char');\n }\n\n const fields = phcstr.split('$');\n // Remove first empty $\n fields.shift();\n\n // Parse Fields\n let maxf = 5;\n if (!versionRegex.test(fields[1])) maxf--;\n if (fields.length > maxf) {\n throw new TypeError(`pchstr contains too many fileds: ${fields.length}/${maxf}`);\n }\n\n // Parse Identifier\n const id = fields.shift();\n if (!id || !idRegex.test(id)) {\n throw new TypeError(`id must satisfy ${idRegex}`);\n }\n\n let version: number | undefined;\n // Parse Version\n if (fields[0] && versionRegex.test(fields[0])) {\n const versionMatch = fields.shift()?.match(versionRegex);\n version = versionMatch ? parseInt(versionMatch[1], 10) : undefined;\n }\n\n let hash: Uint8Array | undefined;\n let salt: Uint8Array | undefined;\n if (fields[fields.length - 1] && b64Regex.test(fields[fields.length - 1])) {\n if (fields.length > 1 && b64Regex.test(fields[fields.length - 2])) {\n // Parse Hash\n const hashStr = fields.pop();\n if (hashStr) hash = fromBase64(hashStr);\n // Parse Salt\n const saltStr = fields.pop();\n if (saltStr !== undefined) salt = fromBase64(saltStr);\n } else {\n // Parse Salt\n const saltStr = fields.pop();\n if (saltStr !== undefined) salt = fromBase64(saltStr);\n }\n }\n\n // Parse Parameters\n let params: Record<string, string | number> | undefined;\n if (fields.length > 0) {\n const parstr = fields.pop();\n if (parstr) {\n params = keyValtoObj(parstr);\n if (!Object.keys(params).every((p) => nameRegex.test(p))) {\n throw new TypeError(`params names must satisfy ${nameRegex}}`);\n }\n\n const pv = Object.values(params);\n if (!pv.every((v) => valueRegex.test(String(v)))) {\n throw new TypeError(`params values must satisfy ${valueRegex}`);\n }\n\n // Convert Decimal Strings into Numbers\n Object.keys(params).forEach((k) => {\n const value = params![k];\n if (typeof value === 'string' && decimalRegex.test(value)) {\n params![k] = parseInt(value, 10);\n }\n });\n }\n }\n\n if (fields.length > 0) {\n throw new TypeError(`pchstr contains unrecognized fileds: ${fields}`);\n }\n\n // Build the output object\n const phcobj: DeserializeResult = { id };\n if (version !== undefined) phcobj.version = version;\n if (params) phcobj.params = params;\n if (salt) phcobj.salt = salt;\n if (hash) phcobj.hash = hash;\n\n return phcobj;\n }\n}\n"],"names":["ArrayBuffers","PHC","idRegex","nameRegex","valueRegex","b64Regex","decimalRegex","versionRegex","fromBase64","toBase64","isBuffer","v","Uint8Array","objToKeyVal","obj","objectKeys","map","k","join","keyValtoObj","str","split","forEach","ps","pss","length","TypeError","key","shift","undefined","object","Object","keys","objectValues","values","serialize","opts","fields","id","test","push","version","Number","isInteger","params","pk","every","p","toString","value","pv","strpar","salt","hash","phcstr","deserialize","maxf","versionMatch","match","parseInt","hashStr","pop","saltStr","parstr","String","phcobj"],"mappings":"AAAA,SAASA,YAAY,QAAQ,eAAe;UAE3BC;IACf,+DAA+D;IAE/D,MAAMC,UAAU;IAChB,MAAMC,YAAY;IAClB,MAAMC,aAAa;IACnB,MAAMC,WAAW;IACjB,MAAMC,eAAe;IACrB,MAAMC,eAAe;IAErB,MAAMC,aAAaR,aAAaQ,UAAU;IAC1C,MAAMC,WAAWT,aAAaS,QAAQ;IACtC,MAAMC,WAAW,CAACC;QAChB,OAAOA,aAAaC;IACtB;IAEA,SAASC,YAAYC,GAAwB;QAC3C,OAAOC,WAAWD,KACfE,GAAG,CAAC,CAACC,IAAM;gBAACA;gBAAGH,GAAG,CAACG,EAAE;aAAC,CAACC,IAAI,CAAC,MAC5BA,IAAI,CAAC;IACV;IAEA,SAASC,YAAYC,GAAW;QAC9B,MAAMN,MAA8B,CAAC;QACrCM,IAAIC,KAAK,CAAC,KAAKC,OAAO,CAAC,CAACC;YACtB,MAAMC,MAAMD,GAAGF,KAAK,CAAC;YACrB,IAAIG,IAAIC,MAAM,GAAG,GAAG;gBAClB,MAAM,IAAIC,UAAU,CAAC,uCAAuC,CAAC;YAC/D;YAEA,MAAMC,MAAMH,IAAII,KAAK;YACrB,IAAID,QAAQE,WAAW;gBACrBf,GAAG,CAACa,IAAI,GAAGH,IAAIN,IAAI,CAAC;YACtB;QACF;QACA,OAAOJ;IACT;IAEA,SAASC,WAA6Be,MAAS;QAC7C,OAAOC,OAAOC,IAAI,CAACF;IACrB;IAEA,SAASG,aAA+BH,MAAS;QAC/C,IAAI,OAAOC,OAAOG,MAAM,KAAK,YAAY,OAAOH,OAAOG,MAAM,CAACJ;QAC9D,OAAOf,WAAWe,QAAQd,GAAG,CAAC,CAACC,IAAMa,MAAM,CAACb,EAAE;IAChD;IAeO,SAASkB,UAAUC,IAAsB;QAC9C,MAAMC,SAAmB;YAAC;SAAG;QAE7B,IAAI,OAAOD,SAAS,YAAYA,SAAS,MAAM;YAC7C,MAAM,IAAIV,UAAU;QACtB;QAEA,wBAAwB;QACxB,IAAI,OAAOU,KAAKE,EAAE,KAAK,UAAU;YAC/B,MAAM,IAAIZ,UAAU;QACtB;QAEA,IAAI,CAACxB,QAAQqC,IAAI,CAACH,KAAKE,EAAE,GAAG;YAC1B,MAAM,IAAIZ,UAAU,CAAC,gBAAgB,EAAExB,SAAS;QAClD;QAEAmC,OAAOG,IAAI,CAACJ,KAAKE,EAAE;QAEnB,IAAI,OAAOF,KAAKK,OAAO,KAAK,aAAa;YACvC,IAAI,OAAOL,KAAKK,OAAO,KAAK,YAAYL,KAAKK,OAAO,GAAG,KAAK,CAACC,OAAOC,SAAS,CAACP,KAAKK,OAAO,GAAG;gBAC3F,MAAM,IAAIf,UAAU;YACtB;YAEAW,OAAOG,IAAI,CAAC,CAAC,EAAE,EAAEJ,KAAKK,OAAO,EAAE;QACjC;QAEA,wBAAwB;QACxB,IAAI,OAAOL,KAAKQ,MAAM,KAAK,aAAa;YACtC,IAAI,OAAOR,KAAKQ,MAAM,KAAK,YAAYR,KAAKQ,MAAM,KAAK,MAAM;gBAC3D,MAAM,IAAIlB,UAAU;YACtB;YAEA,MAAMmB,KAAK9B,WAAWqB,KAAKQ,MAAM;YACjC,IAAI,CAACC,GAAGC,KAAK,CAAC,CAACC,IAAM5C,UAAUoC,IAAI,CAACQ,EAAEC,QAAQ,MAAM;gBAClD,MAAM,IAAItB,UAAU,CAAC,0BAA0B,EAAEvB,WAAW;YAC9D;YAEA,6EAA6E;YAC7E0C,GAAGvB,OAAO,CAAC,CAACL;gBACV,MAAMgC,QAAQb,KAAKQ,MAAM,AAAC,CAAC3B,EAAE;gBAC7B,IAAI,OAAOgC,UAAU,UAAU;oBAC7Bb,KAAKQ,MAAM,AAAC,CAAC3B,EAAE,GAAGgC,MAAMD,QAAQ;gBAClC,OAAO,IAAIC,iBAAiBrC,YAAY;oBACtCwB,KAAKQ,MAAM,AAAC,CAAC3B,EAAE,GAAGR,SAASwC,OAAO5B,KAAK,CAAC,IAAI,CAAC,EAAE;gBACjD;YACF;YACA,MAAM6B,KAAKjB,aAAaG,KAAKQ,MAAM;YACnC,IAAI,CAACM,GAAGJ,KAAK,CAAC,CAACnC,IAAM,OAAOA,MAAM,WAAW;gBAC3C,MAAM,IAAIe,UAAU;YACtB;YAEA,IAAI,CAACwB,GAAGJ,KAAK,CAAC,CAACnC,IAAMP,WAAWmC,IAAI,CAAC5B,KAAK;gBACxC,MAAM,IAAIe,UAAU,CAAC,2BAA2B,EAAEtB,YAAY;YAChE;YAEA,MAAM+C,SAAStC,YAAYuB,KAAKQ,MAAM;YACtCP,OAAOG,IAAI,CAACW;QACd;QAEA,IAAI,OAAOf,KAAKgB,IAAI,KAAK,aAAa;YACpC,kBAAkB;YAClB,IAAI,CAAC1C,SAAS0B,KAAKgB,IAAI,GAAG;gBACxB,MAAM,IAAI1B,UAAU;YACtB;YAEAW,OAAOG,IAAI,CAAC/B,SAAS2B,KAAKgB,IAAI,EAAE/B,KAAK,CAAC,IAAI,CAAC,EAAE;YAE7C,IAAI,OAAOe,KAAKiB,IAAI,KAAK,aAAa;gBACpC,kBAAkB;gBAClB,IAAI,CAAC3C,SAAS0B,KAAKiB,IAAI,GAAG;oBACxB,MAAM,IAAI3B,UAAU;gBACtB;gBAEAW,OAAOG,IAAI,CAAC/B,SAAS2B,KAAKiB,IAAI,EAAEhC,KAAK,CAAC,IAAI,CAAC,EAAE;YAC/C;QACF;QAEA,kCAAkC;QAClC,MAAMiC,SAASjB,OAAOnB,IAAI,CAAC;QAE3B,OAAOoC;IACT;IAtFA;;;;GAIC,OACenB,YAAAA;IAgGT,SAASoB,YAAYD,MAAc;QACxC,IAAI,OAAOA,WAAW,YAAYA,WAAW,IAAI;YAC/C,MAAM,IAAI5B,UAAU;QACtB;QAEA,IAAI4B,MAAM,CAAC,EAAE,KAAK,KAAK;YACrB,MAAM,IAAI5B,UAAU;QACtB;QAEA,MAAMW,SAASiB,OAAOjC,KAAK,CAAC;QAC5B,uBAAuB;QACvBgB,OAAOT,KAAK;QAEZ,eAAe;QACf,IAAI4B,OAAO;QACX,IAAI,CAACjD,aAAagC,IAAI,CAACF,MAAM,CAAC,EAAE,GAAGmB;QACnC,IAAInB,OAAOZ,MAAM,GAAG+B,MAAM;YACxB,MAAM,IAAI9B,UAAU,CAAC,iCAAiC,EAAEW,OAAOZ,MAAM,CAAC,CAAC,EAAE+B,MAAM;QACjF;QAEA,mBAAmB;QACnB,MAAMlB,KAAKD,OAAOT,KAAK;QACvB,IAAI,CAACU,MAAM,CAACpC,QAAQqC,IAAI,CAACD,KAAK;YAC5B,MAAM,IAAIZ,UAAU,CAAC,gBAAgB,EAAExB,SAAS;QAClD;QAEA,IAAIuC;QACJ,gBAAgB;QAChB,IAAIJ,MAAM,CAAC,EAAE,IAAI9B,aAAagC,IAAI,CAACF,MAAM,CAAC,EAAE,GAAG;YAC7C,MAAMoB,eAAepB,OAAOT,KAAK,IAAI8B,MAAMnD;YAC3CkC,UAAUgB,eAAeE,SAASF,YAAY,CAAC,EAAE,EAAE,MAAM5B;QAC3D;QAEA,IAAIwB;QACJ,IAAID;QACJ,IAAIf,MAAM,CAACA,OAAOZ,MAAM,GAAG,EAAE,IAAIpB,SAASkC,IAAI,CAACF,MAAM,CAACA,OAAOZ,MAAM,GAAG,EAAE,GAAG;YACzE,IAAIY,OAAOZ,MAAM,GAAG,KAAKpB,SAASkC,IAAI,CAACF,MAAM,CAACA,OAAOZ,MAAM,GAAG,EAAE,GAAG;gBACjE,aAAa;gBACb,MAAMmC,UAAUvB,OAAOwB,GAAG;gBAC1B,IAAID,SAASP,OAAO7C,WAAWoD;gBAC/B,aAAa;gBACb,MAAME,UAAUzB,OAAOwB,GAAG;gBAC1B,IAAIC,YAAYjC,WAAWuB,OAAO5C,WAAWsD;YAC/C,OAAO;gBACL,aAAa;gBACb,MAAMA,UAAUzB,OAAOwB,GAAG;gBAC1B,IAAIC,YAAYjC,WAAWuB,OAAO5C,WAAWsD;YAC/C;QACF;QAEA,mBAAmB;QACnB,IAAIlB;QACJ,IAAIP,OAAOZ,MAAM,GAAG,GAAG;YACrB,MAAMsC,SAAS1B,OAAOwB,GAAG;YACzB,IAAIE,QAAQ;gBACVnB,SAASzB,YAAY4C;gBACrB,IAAI,CAAChC,OAAOC,IAAI,CAACY,QAAQE,KAAK,CAAC,CAACC,IAAM5C,UAAUoC,IAAI,CAACQ,KAAK;oBACxD,MAAM,IAAIrB,UAAU,CAAC,0BAA0B,EAAEvB,UAAU,CAAC,CAAC;gBAC/D;gBAEA,MAAM+C,KAAKnB,OAAOG,MAAM,CAACU;gBACzB,IAAI,CAACM,GAAGJ,KAAK,CAAC,CAACnC,IAAMP,WAAWmC,IAAI,CAACyB,OAAOrD,MAAM;oBAChD,MAAM,IAAIe,UAAU,CAAC,2BAA2B,EAAEtB,YAAY;gBAChE;gBAEA,uCAAuC;gBACvC2B,OAAOC,IAAI,CAACY,QAAQtB,OAAO,CAAC,CAACL;oBAC3B,MAAMgC,QAAQL,MAAO,CAAC3B,EAAE;oBACxB,IAAI,OAAOgC,UAAU,YAAY3C,aAAaiC,IAAI,CAACU,QAAQ;wBACzDL,MAAO,CAAC3B,EAAE,GAAG0C,SAASV,OAAO;oBAC/B;gBACF;YACF;QACF;QAEA,IAAIZ,OAAOZ,MAAM,GAAG,GAAG;YACrB,MAAM,IAAIC,UAAU,CAAC,qCAAqC,EAAEW,QAAQ;QACtE;QAEA,0BAA0B;QAC1B,MAAM4B,SAA4B;YAAE3B;QAAG;QACvC,IAAIG,YAAYZ,WAAWoC,OAAOxB,OAAO,GAAGA;QAC5C,IAAIG,QAAQqB,OAAOrB,MAAM,GAAGA;QAC5B,IAAIQ,MAAMa,OAAOb,IAAI,GAAGA;QACxB,IAAIC,MAAMY,OAAOZ,IAAI,GAAGA;QAExB,OAAOY;IACT;IA5FA;;;;GAIC,OACeV,cAAAA;AAwFlB,GApPiBtD,QAAAA"}
|
|
@@ -0,0 +1,83 @@
|
|
|
1
|
+
import { Errors } from "@wener/utils";
|
|
2
|
+
import { createPBKDF2PasswordAlgorithm } from "./createPBKDF2PasswordAlgorithm.js";
|
|
3
|
+
import { PHC } from "./PHC.js";
|
|
4
|
+
(function (Password) {
|
|
5
|
+
const Algorithms = {
|
|
6
|
+
1: "md5",
|
|
7
|
+
"2a": "bcrypt",
|
|
8
|
+
"2b": "bcrypt",
|
|
9
|
+
"2x": "bcrypt",
|
|
10
|
+
"2y": "bcrypt",
|
|
11
|
+
5: "sha256",
|
|
12
|
+
6: "sha512",
|
|
13
|
+
7: "scrypt"
|
|
14
|
+
};
|
|
15
|
+
let DefaultAlgorithm = "6";
|
|
16
|
+
function setDefaultAlgorithm(algorithm) {
|
|
17
|
+
Errors.BadRequest.check(Algorithms[algorithm], `Unknown algorithm ${algorithm}`);
|
|
18
|
+
DefaultAlgorithm = algorithm;
|
|
19
|
+
}
|
|
20
|
+
Password.setDefaultAlgorithm = setDefaultAlgorithm;
|
|
21
|
+
function getDefaultAlgorithm() {
|
|
22
|
+
return DefaultAlgorithm;
|
|
23
|
+
}
|
|
24
|
+
Password.getDefaultAlgorithm = getDefaultAlgorithm;
|
|
25
|
+
function addAlgorithm(algorithm) {
|
|
26
|
+
Algorithms[algorithm.name] = algorithm;
|
|
27
|
+
if (algorithm.ids) {
|
|
28
|
+
for (const id of algorithm.ids) {
|
|
29
|
+
Algorithms[id] = algorithm;
|
|
30
|
+
}
|
|
31
|
+
}
|
|
32
|
+
}
|
|
33
|
+
Password.addAlgorithm = addAlgorithm;
|
|
34
|
+
addAlgorithm(createPBKDF2PasswordAlgorithm({
|
|
35
|
+
id: "sha256",
|
|
36
|
+
digest: "SHA-256"
|
|
37
|
+
}));
|
|
38
|
+
addAlgorithm(createPBKDF2PasswordAlgorithm({
|
|
39
|
+
id: "sha512",
|
|
40
|
+
digest: "SHA-512"
|
|
41
|
+
}));
|
|
42
|
+
async function parse(hash) {
|
|
43
|
+
return PHC.deserialize(hash);
|
|
44
|
+
}
|
|
45
|
+
Password.parse = parse;
|
|
46
|
+
function resolveAlgorithm(id) {
|
|
47
|
+
let f = id;
|
|
48
|
+
while (typeof f === "string") {
|
|
49
|
+
f = Algorithms[f];
|
|
50
|
+
}
|
|
51
|
+
if (!f) {
|
|
52
|
+
throw new Error(`Unknown algorithm ${id}`);
|
|
53
|
+
}
|
|
54
|
+
return f;
|
|
55
|
+
}
|
|
56
|
+
async function check(password, hash) {
|
|
57
|
+
let res = await parse(hash);
|
|
58
|
+
let f = resolveAlgorithm(res.id);
|
|
59
|
+
return {
|
|
60
|
+
result: f.verify(password, hash, res),
|
|
61
|
+
parsed: res
|
|
62
|
+
};
|
|
63
|
+
}
|
|
64
|
+
Password.check = check;
|
|
65
|
+
async function verify(password, hash) {
|
|
66
|
+
let res = await parse(hash);
|
|
67
|
+
let f = resolveAlgorithm(res.id);
|
|
68
|
+
return f.verify(password, hash, res);
|
|
69
|
+
}
|
|
70
|
+
Password.verify = verify;
|
|
71
|
+
async function hash(password, { algorithm, ...opts } = {}) {
|
|
72
|
+
let f = resolveAlgorithm(algorithm ?? DefaultAlgorithm);
|
|
73
|
+
let id = algorithm ?? DefaultAlgorithm;
|
|
74
|
+
typeof id !== "string" && (id = f.name);
|
|
75
|
+
return f.hash(password, {
|
|
76
|
+
id,
|
|
77
|
+
...opts
|
|
78
|
+
});
|
|
79
|
+
}
|
|
80
|
+
Password.hash = hash;
|
|
81
|
+
})(Password || (Password = {}));
|
|
82
|
+
export var Password;
|
|
83
|
+
//# sourceMappingURL=Password.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../src/password/Password.ts"],"sourcesContent":["import { Errors } from '@wener/utils';\nimport { createPBKDF2PasswordAlgorithm } from './createPBKDF2PasswordAlgorithm';\nimport { PHC } from './PHC';\n\nexport namespace Password {\n export interface ParsedPassword {\n id: string;\n version?: number;\n params?: Record<string, string | number>;\n salt?: Uint8Array;\n hash?: Uint8Array;\n }\n\n type PasswordAlgorithmHashOptions = {\n rounds?: number;\n salt?: Uint8Array;\n id?: string;\n };\n type PasswordAlgorithmVerifyOptions = ParsedPassword;\n export type PasswordAlgorithm = {\n readonly name: string;\n readonly ids?: string[];\n hash(password: string, opts?: PasswordAlgorithmHashOptions): Promise<string>;\n verify(password: string, hash: string, opts: PasswordAlgorithmVerifyOptions): Promise<boolean>;\n };\n\n const Algorithms: Record<string, string | PasswordAlgorithm> = {\n 1: 'md5',\n '2a': 'bcrypt', // original\n '2b': 'bcrypt', // February 2014\n '2x': 'bcrypt', // June 2011\n '2y': 'bcrypt', // June 2011\n 5: 'sha256',\n 6: 'sha512',\n 7: 'scrypt',\n };\n let DefaultAlgorithm: string = '6';\n\n export function setDefaultAlgorithm(algorithm: string) {\n Errors.BadRequest.check(Algorithms[algorithm], `Unknown algorithm ${algorithm}`);\n DefaultAlgorithm = algorithm;\n }\n\n export function getDefaultAlgorithm() {\n return DefaultAlgorithm;\n }\n\n export function addAlgorithm(algorithm: PasswordAlgorithm) {\n Algorithms[algorithm.name] = algorithm;\n if (algorithm.ids) {\n for (const id of algorithm.ids) {\n Algorithms[id] = algorithm;\n }\n }\n }\n\n addAlgorithm(\n createPBKDF2PasswordAlgorithm({\n id: 'sha256',\n digest: 'SHA-256',\n }),\n );\n addAlgorithm(\n createPBKDF2PasswordAlgorithm({\n id: 'sha512',\n digest: 'SHA-512',\n }),\n );\n\n export async function parse(hash: string) {\n return PHC.deserialize(hash);\n }\n\n function resolveAlgorithm(id: string | PasswordAlgorithm): PasswordAlgorithm {\n let f = id;\n while (typeof f === 'string') {\n f = Algorithms[f];\n }\n if (!f) {\n throw new Error(`Unknown algorithm ${id}`);\n }\n return f;\n }\n\n export async function check(password: string, hash: string) {\n let res = await parse(hash);\n let f = resolveAlgorithm(res.id);\n return {\n result: f.verify(password, hash, res),\n parsed: res,\n };\n }\n\n export async function verify(password: string, hash: string) {\n let res = await parse(hash);\n let f = resolveAlgorithm(res.id);\n return f.verify(password, hash, res);\n }\n\n export type PasswordHashOptions = PasswordAlgorithmHashOptions & {\n algorithm?: string | PasswordAlgorithm;\n };\n\n export async function hash(password: string, { algorithm, ...opts }: PasswordHashOptions = {}) {\n let f = resolveAlgorithm(algorithm ?? DefaultAlgorithm);\n let id = algorithm ?? DefaultAlgorithm;\n typeof id !== 'string' && (id = f.name);\n return f.hash(password, {\n id,\n ...opts,\n });\n }\n}\n"],"names":["Errors","createPBKDF2PasswordAlgorithm","PHC","Password","Algorithms","DefaultAlgorithm","setDefaultAlgorithm","algorithm","BadRequest","check","getDefaultAlgorithm","addAlgorithm","name","ids","id","digest","parse","hash","deserialize","resolveAlgorithm","f","Error","password","res","result","verify","parsed","opts"],"mappings":"AAAA,SAASA,MAAM,QAAQ,eAAe;AACtC,SAASC,6BAA6B,QAAQ,kCAAkC;AAChF,SAASC,GAAG,QAAQ,QAAQ;UAEXC;IAsBf,MAAMC,aAAyD;QAC7D,GAAG;QACH,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,GAAG;QACH,GAAG;QACH,GAAG;IACL;IACA,IAAIC,mBAA2B;IAExB,SAASC,oBAAoBC,SAAiB;QACnDP,OAAOQ,UAAU,CAACC,KAAK,CAACL,UAAU,CAACG,UAAU,EAAE,CAAC,kBAAkB,EAAEA,WAAW;QAC/EF,mBAAmBE;IACrB;aAHgBD,sBAAAA;IAKT,SAASI;QACd,OAAOL;IACT;aAFgBK,sBAAAA;IAIT,SAASC,aAAaJ,SAA4B;QACvDH,UAAU,CAACG,UAAUK,IAAI,CAAC,GAAGL;QAC7B,IAAIA,UAAUM,GAAG,EAAE;YACjB,KAAK,MAAMC,MAAMP,UAAUM,GAAG,CAAE;gBAC9BT,UAAU,CAACU,GAAG,GAAGP;YACnB;QACF;IACF;aAPgBI,eAAAA;IAShBA,aACEV,8BAA8B;QAC5Ba,IAAI;QACJC,QAAQ;IACV;IAEFJ,aACEV,8BAA8B;QAC5Ba,IAAI;QACJC,QAAQ;IACV;IAGK,eAAeC,MAAMC,IAAY;QACtC,OAAOf,IAAIgB,WAAW,CAACD;IACzB;aAFsBD,QAAAA;IAItB,SAASG,iBAAiBL,EAA8B;QACtD,IAAIM,IAAIN;QACR,MAAO,OAAOM,MAAM,SAAU;YAC5BA,IAAIhB,UAAU,CAACgB,EAAE;QACnB;QACA,IAAI,CAACA,GAAG;YACN,MAAM,IAAIC,MAAM,CAAC,kBAAkB,EAAEP,IAAI;QAC3C;QACA,OAAOM;IACT;IAEO,eAAeX,MAAMa,QAAgB,EAAEL,IAAY;QACxD,IAAIM,MAAM,MAAMP,MAAMC;QACtB,IAAIG,IAAID,iBAAiBI,IAAIT,EAAE;QAC/B,OAAO;YACLU,QAAQJ,EAAEK,MAAM,CAACH,UAAUL,MAAMM;YACjCG,QAAQH;QACV;IACF;aAPsBd,QAAAA;IASf,eAAegB,OAAOH,QAAgB,EAAEL,IAAY;QACzD,IAAIM,MAAM,MAAMP,MAAMC;QACtB,IAAIG,IAAID,iBAAiBI,IAAIT,EAAE;QAC/B,OAAOM,EAAEK,MAAM,CAACH,UAAUL,MAAMM;IAClC;aAJsBE,SAAAA;IAUf,eAAeR,KAAKK,QAAgB,EAAE,EAAEf,SAAS,EAAE,GAAGoB,MAA2B,GAAG,CAAC,CAAC;QAC3F,IAAIP,IAAID,iBAAiBZ,aAAaF;QACtC,IAAIS,KAAKP,aAAaF;QACtB,OAAOS,OAAO,YAAaA,CAAAA,KAAKM,EAAER,IAAI,AAAD;QACrC,OAAOQ,EAAEH,IAAI,CAACK,UAAU;YACtBR;YACA,GAAGa,IAAI;QACT;IACF;aARsBV,OAAAA;AASxB,GA5GiBd,aAAAA"}
|
|
@@ -0,0 +1,53 @@
|
|
|
1
|
+
import { maybeFunction } from "@wener/utils";
|
|
2
|
+
export function createArgon2PasswordAlgorithm({ type, provide = async ()=>{
|
|
3
|
+
throw new Error('Please provide argon2');
|
|
4
|
+
// const { default: wasm } = await import('argon2-browser/dist/argon2.wasm');
|
|
5
|
+
// const argon2 = await WebAssembly.instantiateStreaming(fetch(wasm), {
|
|
6
|
+
// env: {
|
|
7
|
+
// memoryBase: 0,
|
|
8
|
+
// tableBase: 0,
|
|
9
|
+
// memory: new WebAssembly.Memory({ initial: 256 }),
|
|
10
|
+
// table: new WebAssembly.Table({ initial: 0, element: 'anyfunc' }),
|
|
11
|
+
// __memory_base: 0,
|
|
12
|
+
// __table_base: 0,
|
|
13
|
+
// },
|
|
14
|
+
// });
|
|
15
|
+
// console.log(argon2.instance.exports);
|
|
16
|
+
// const { hash } = argon2.instance.exports as any as typeof import('argon2-browser');
|
|
17
|
+
} } = {}) {
|
|
18
|
+
// 0=Argon2d, 1=Argon2i, 2=Argon2id
|
|
19
|
+
const toType = {
|
|
20
|
+
argon2d: 0,
|
|
21
|
+
argon2i: 1,
|
|
22
|
+
argon2id: 2
|
|
23
|
+
};
|
|
24
|
+
let mod;
|
|
25
|
+
const resolve = ()=>{
|
|
26
|
+
if (mod) return mod;
|
|
27
|
+
return Promise.resolve(maybeFunction(provide)).then((v)=>mod = v);
|
|
28
|
+
};
|
|
29
|
+
return {
|
|
30
|
+
name: 'argon2',
|
|
31
|
+
ids: [
|
|
32
|
+
'argon2i',
|
|
33
|
+
'argon2d',
|
|
34
|
+
'argon2id'
|
|
35
|
+
],
|
|
36
|
+
async hash (password, opts) {
|
|
37
|
+
// const { hash } = await import('argon2');
|
|
38
|
+
const { hash } = await resolve();
|
|
39
|
+
const id = opts?.id;
|
|
40
|
+
return hash(password, {
|
|
41
|
+
salt: opts?.salt ? Buffer.from(opts.salt) : undefined,
|
|
42
|
+
raw: false,
|
|
43
|
+
type: toType[id || ''] ?? toType[type || '']
|
|
44
|
+
});
|
|
45
|
+
},
|
|
46
|
+
async verify (password, hash) {
|
|
47
|
+
const { verify } = await resolve();
|
|
48
|
+
return verify(hash, password);
|
|
49
|
+
}
|
|
50
|
+
};
|
|
51
|
+
}
|
|
52
|
+
|
|
53
|
+
//# sourceMappingURL=createArgon2PasswordAlgorithm.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../src/password/createArgon2PasswordAlgorithm.ts"],"sourcesContent":["import { maybeFunction, type MaybeFunction, type MaybePromise } from '@wener/utils';\nimport { Password } from './Password';\n\ntype Provide = {\n hash: (password: string, options: { salt?: Buffer; raw?: boolean; type?: 0 | 1 | 2 }) => Promise<string>;\n verify: (hash: string, password: string) => Promise<boolean>;\n};\n\nexport function createArgon2PasswordAlgorithm({\n type,\n provide = async () => {\n throw new Error('Please provide argon2');\n // const { default: wasm } = await import('argon2-browser/dist/argon2.wasm');\n // const argon2 = await WebAssembly.instantiateStreaming(fetch(wasm), {\n // env: {\n // memoryBase: 0,\n // tableBase: 0,\n // memory: new WebAssembly.Memory({ initial: 256 }),\n // table: new WebAssembly.Table({ initial: 0, element: 'anyfunc' }),\n // __memory_base: 0,\n // __table_base: 0,\n // },\n // });\n // console.log(argon2.instance.exports);\n // const { hash } = argon2.instance.exports as any as typeof import('argon2-browser');\n },\n // argon2-browser/dist/argon2-bundled.min.js\n // import('argon2-browser').then(({ default: { hash, verify } }) => {\n // return {\n // hash(password, options) {\n // return hash({\n // pass: password,\n // });\n // },\n // verify(hash, password) {\n // return verify({\n // pass: password,\n // hash: hash,\n // })\n // .then(() => true)\n // .catch(() => false);\n // },\n // };\n // }),\n // provide = () => import('argon2'),\n}: {\n type?: 'argon2d' | 'argon2i' | 'argon2id';\n provide?: MaybeFunction<MaybePromise<Provide>>;\n} = {}): Password.PasswordAlgorithm {\n // 0=Argon2d, 1=Argon2i, 2=Argon2id\n const toType: Record<string, 0 | 1 | 2 | undefined> = {\n argon2d: 0,\n argon2i: 1,\n argon2id: 2,\n } as const;\n\n let mod: Provide;\n const resolve = () => {\n if (mod) return mod;\n return Promise.resolve(maybeFunction(provide)).then((v) => (mod = v));\n };\n return {\n name: 'argon2',\n ids: ['argon2i', 'argon2d', 'argon2id'],\n async hash(password: string, opts) {\n // const { hash } = await import('argon2');\n const { hash } = await resolve();\n const id = opts?.id;\n return hash(password, {\n salt: opts?.salt ? Buffer.from(opts.salt) : undefined,\n raw: false,\n type: toType[id || ''] ?? toType[type || ''],\n });\n },\n async verify(password: string, hash: string) {\n const { verify } = await resolve();\n return verify(hash, password);\n },\n };\n}\n"],"names":["maybeFunction","createArgon2PasswordAlgorithm","type","provide","Error","toType","argon2d","argon2i","argon2id","mod","resolve","Promise","then","v","name","ids","hash","password","opts","id","salt","Buffer","from","undefined","raw","verify"],"mappings":"AAAA,SAASA,aAAa,QAA+C,eAAe;AAQpF,OAAO,SAASC,8BAA8B,EAC5CC,IAAI,EACJC,UAAU;IACR,MAAM,IAAIC,MAAM;AAChB,6EAA6E;AAC7E,uEAAuE;AACvE,WAAW;AACX,qBAAqB;AACrB,oBAAoB;AACpB,wDAAwD;AACxD,wEAAwE;AACxE,wBAAwB;AACxB,uBAAuB;AACvB,OAAO;AACP,MAAM;AACN,wCAAwC;AACxC,sFAAsF;AACxF,CAAC,EAuBF,GAAG,CAAC,CAAC;IACJ,mCAAmC;IACnC,MAAMC,SAAgD;QACpDC,SAAS;QACTC,SAAS;QACTC,UAAU;IACZ;IAEA,IAAIC;IACJ,MAAMC,UAAU;QACd,IAAID,KAAK,OAAOA;QAChB,OAAOE,QAAQD,OAAO,CAACV,cAAcG,UAAUS,IAAI,CAAC,CAACC,IAAOJ,MAAMI;IACpE;IACA,OAAO;QACLC,MAAM;QACNC,KAAK;YAAC;YAAW;YAAW;SAAW;QACvC,MAAMC,MAAKC,QAAgB,EAAEC,IAAI;YAC/B,2CAA2C;YAC3C,MAAM,EAAEF,IAAI,EAAE,GAAG,MAAMN;YACvB,MAAMS,KAAKD,MAAMC;YACjB,OAAOH,KAAKC,UAAU;gBACpBG,MAAMF,MAAME,OAAOC,OAAOC,IAAI,CAACJ,KAAKE,IAAI,IAAIG;gBAC5CC,KAAK;gBACLtB,MAAMG,MAAM,CAACc,MAAM,GAAG,IAAId,MAAM,CAACH,QAAQ,GAAG;YAC9C;QACF;QACA,MAAMuB,QAAOR,QAAgB,EAAED,IAAY;YACzC,MAAM,EAAES,MAAM,EAAE,GAAG,MAAMf;YACzB,OAAOe,OAAOT,MAAMC;QACtB;IACF;AACF"}
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
import { ArrayBuffers } from "@wener/utils";
|
|
2
|
+
export function createBase64PasswordAlgorithm({ id = 'base64' } = {}) {
|
|
3
|
+
return {
|
|
4
|
+
name: id,
|
|
5
|
+
async hash (password) {
|
|
6
|
+
return `$${id}$$${ArrayBuffers.toBase64(password).replace(/=/g, '')}`;
|
|
7
|
+
},
|
|
8
|
+
async verify (password, hash, opts) {
|
|
9
|
+
return Boolean(opts.hash) && ArrayBuffers.toString(opts.hash) === password;
|
|
10
|
+
}
|
|
11
|
+
};
|
|
12
|
+
}
|
|
13
|
+
|
|
14
|
+
//# sourceMappingURL=createBase64PasswordAlgorithm.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../src/password/createBase64PasswordAlgorithm.ts"],"sourcesContent":["import { ArrayBuffers } from '@wener/utils';\nimport { Password } from './Password';\n\nexport function createBase64PasswordAlgorithm({ id = 'base64' }: { id?: string } = {}): Password.PasswordAlgorithm {\n return {\n name: id,\n async hash(password: string) {\n return `$${id}$$${ArrayBuffers.toBase64(password).replace(/=/g, '')}`;\n },\n async verify(password: string, hash: string, opts) {\n return Boolean(opts.hash) && ArrayBuffers.toString(opts.hash!) === password;\n },\n };\n}\n"],"names":["ArrayBuffers","createBase64PasswordAlgorithm","id","name","hash","password","toBase64","replace","verify","opts","Boolean","toString"],"mappings":"AAAA,SAASA,YAAY,QAAQ,eAAe;AAG5C,OAAO,SAASC,8BAA8B,EAAEC,KAAK,QAAQ,EAAmB,GAAG,CAAC,CAAC;IACnF,OAAO;QACLC,MAAMD;QACN,MAAME,MAAKC,QAAgB;YACzB,OAAO,CAAC,CAAC,EAAEH,GAAG,EAAE,EAAEF,aAAaM,QAAQ,CAACD,UAAUE,OAAO,CAAC,MAAM,KAAK;QACvE;QACA,MAAMC,QAAOH,QAAgB,EAAED,IAAY,EAAEK,IAAI;YAC/C,OAAOC,QAAQD,KAAKL,IAAI,KAAKJ,aAAaW,QAAQ,CAACF,KAAKL,IAAI,MAAOC;QACrE;IACF;AACF"}
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
export function createBcryptPasswordAlgorithm({ // provider = () => import('bcrypt').then((v) => v.default),
|
|
2
|
+
provider = ()=>import("bcryptjs").then((v)=>v.default) } = {}) {
|
|
3
|
+
// bcrypt or bcryptjs
|
|
4
|
+
return {
|
|
5
|
+
name: 'bcrypt',
|
|
6
|
+
async hash (password, opts) {
|
|
7
|
+
const { hash } = await provider();
|
|
8
|
+
return hash(password, opts?.rounds ?? 10);
|
|
9
|
+
},
|
|
10
|
+
async verify (password, hash) {
|
|
11
|
+
const { compare } = await provider();
|
|
12
|
+
if (hash.startsWith('$2y$')) {
|
|
13
|
+
hash = hash.replace(/^\$2y\$/, '$2a$');
|
|
14
|
+
}
|
|
15
|
+
return compare(password, hash);
|
|
16
|
+
}
|
|
17
|
+
};
|
|
18
|
+
}
|
|
19
|
+
|
|
20
|
+
//# sourceMappingURL=createBcryptPasswordAlgorithm.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../src/password/createBcryptPasswordAlgorithm.ts"],"sourcesContent":["import type { MaybePromise } from '@wener/utils';\nimport { Password } from './Password';\n\ntype ProviderType = () => MaybePromise<{\n hash: (password: string, rounds: number | string) => Promise<string>;\n compare: (password: string, hash: string) => Promise<boolean>;\n}>;\n\nexport function createBcryptPasswordAlgorithm({\n // provider = () => import('bcrypt').then((v) => v.default),\n provider = () => import('bcryptjs').then((v) => v.default),\n}: {\n provider?: ProviderType;\n} = {}): Password.PasswordAlgorithm {\n // bcrypt or bcryptjs\n return {\n name: 'bcrypt',\n async hash(password: string, opts) {\n const { hash } = await provider();\n return hash(password, opts?.rounds ?? 10);\n },\n async verify(password: string, hash: string) {\n const { compare } = await provider();\n if (hash.startsWith('$2y$')) {\n hash = hash.replace(/^\\$2y\\$/, '$2a$');\n }\n return compare(password, hash);\n },\n };\n}\n"],"names":["createBcryptPasswordAlgorithm","provider","then","v","default","name","hash","password","opts","rounds","verify","compare","startsWith","replace"],"mappings":"AAQA,OAAO,SAASA,8BAA8B,EAC5C,4DAA4D;AAC5DC,WAAW,IAAM,MAAM,CAAC,YAAYC,IAAI,CAAC,CAACC,IAAMA,EAAEC,OAAO,CAAC,EAG3D,GAAG,CAAC,CAAC;IACJ,qBAAqB;IACrB,OAAO;QACLC,MAAM;QACN,MAAMC,MAAKC,QAAgB,EAAEC,IAAI;YAC/B,MAAM,EAAEF,IAAI,EAAE,GAAG,MAAML;YACvB,OAAOK,KAAKC,UAAUC,MAAMC,UAAU;QACxC;QACA,MAAMC,QAAOH,QAAgB,EAAED,IAAY;YACzC,MAAM,EAAEK,OAAO,EAAE,GAAG,MAAMV;YAC1B,IAAIK,KAAKM,UAAU,CAAC,SAAS;gBAC3BN,OAAOA,KAAKO,OAAO,CAAC,WAAW;YACjC;YACA,OAAOF,QAAQJ,UAAUD;QAC3B;IACF;AACF"}
|
|
@@ -0,0 +1,54 @@
|
|
|
1
|
+
import { Errors } from "@wener/utils";
|
|
2
|
+
import { PHC } from "./PHC.js";
|
|
3
|
+
export function createPBKDF2PasswordAlgorithm({ id, digest, iterations = 100000, saltlen = 16, keylen = digest === "SHA-256" ? 32 : 64 }) {
|
|
4
|
+
return {
|
|
5
|
+
name: id,
|
|
6
|
+
async hash(password, opts) {
|
|
7
|
+
let salt;
|
|
8
|
+
if (opts?.salt) {
|
|
9
|
+
salt = opts.salt;
|
|
10
|
+
}
|
|
11
|
+
else {
|
|
12
|
+
salt = new Uint8Array(saltlen);
|
|
13
|
+
crypto.getRandomValues(salt);
|
|
14
|
+
}
|
|
15
|
+
const rounds = opts?.rounds ?? iterations;
|
|
16
|
+
let key = await crypto.subtle.importKey("raw", new TextEncoder().encode(password), "PBKDF2", false, [
|
|
17
|
+
"deriveBits"
|
|
18
|
+
]);
|
|
19
|
+
let hash = await crypto.subtle.deriveBits({
|
|
20
|
+
name: "PBKDF2",
|
|
21
|
+
iterations: rounds,
|
|
22
|
+
salt,
|
|
23
|
+
hash: digest
|
|
24
|
+
}, key, keylen * 8);
|
|
25
|
+
return PHC.serialize({
|
|
26
|
+
id: opts?.id ?? id,
|
|
27
|
+
params: {
|
|
28
|
+
rounds
|
|
29
|
+
},
|
|
30
|
+
salt,
|
|
31
|
+
hash: new Uint8Array(hash)
|
|
32
|
+
});
|
|
33
|
+
},
|
|
34
|
+
async verify(password, _, opts) {
|
|
35
|
+
const rounds = opts?.params?.rounds ?? iterations;
|
|
36
|
+
const salt = opts.salt;
|
|
37
|
+
const storedHash = opts.hash;
|
|
38
|
+
Errors.BadRequest.check(typeof rounds === "number", "Invalid rounds");
|
|
39
|
+
Errors.BadRequest.check(salt instanceof Uint8Array, "Invalid salt");
|
|
40
|
+
Errors.BadRequest.check(storedHash instanceof Uint8Array, "Invalid hash");
|
|
41
|
+
let key = await crypto.subtle.importKey("raw", new TextEncoder().encode(password), "PBKDF2", false, [
|
|
42
|
+
"deriveBits"
|
|
43
|
+
]);
|
|
44
|
+
let hash = await crypto.subtle.deriveBits({
|
|
45
|
+
name: "PBKDF2",
|
|
46
|
+
iterations: rounds,
|
|
47
|
+
salt,
|
|
48
|
+
hash: digest
|
|
49
|
+
}, key, storedHash.length * 8);
|
|
50
|
+
return new Uint8Array(hash).every((v, i) => v === storedHash[i]);
|
|
51
|
+
}
|
|
52
|
+
};
|
|
53
|
+
}
|
|
54
|
+
//# sourceMappingURL=createPBKDF2PasswordAlgorithm.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../src/password/createPBKDF2PasswordAlgorithm.ts"],"sourcesContent":["import { Errors } from '@wener/utils';\nimport { Password } from './Password';\nimport { PHC } from './PHC';\n\nexport function createPBKDF2PasswordAlgorithm({\n id,\n digest,\n iterations = 100000,\n saltlen = 16,\n keylen = digest === 'SHA-256' ? 32 : 64,\n}: {\n id: string;\n digest: 'SHA-256' | 'SHA-512';\n iterations?: number;\n keylen?: number;\n saltlen?: number;\n}): Password.PasswordAlgorithm {\n return {\n name: id,\n async hash(password: string, opts) {\n let salt: Uint8Array;\n\n if (opts?.salt) {\n salt = opts.salt;\n } else {\n salt = new Uint8Array(saltlen);\n crypto.getRandomValues(salt);\n }\n\n const rounds = opts?.rounds ?? iterations;\n\n let key = await crypto.subtle.importKey('raw', new TextEncoder().encode(password), 'PBKDF2', false, [\n 'deriveBits',\n ]);\n let hash = await crypto.subtle.deriveBits(\n { name: 'PBKDF2', iterations: rounds, salt, hash: digest },\n key,\n keylen * 8,\n );\n return PHC.serialize({\n id: opts?.id ?? id,\n params: {\n rounds,\n },\n salt,\n hash: new Uint8Array(hash),\n });\n },\n async verify(password: string, _: string, opts) {\n const rounds = opts?.params?.rounds ?? iterations;\n const salt = opts.salt;\n const storedHash = opts.hash;\n Errors.BadRequest.check(typeof rounds === 'number', 'Invalid rounds');\n Errors.BadRequest.check(salt instanceof Uint8Array, 'Invalid salt');\n Errors.BadRequest.check(storedHash instanceof Uint8Array, 'Invalid hash');\n\n let key = await crypto.subtle.importKey('raw', new TextEncoder().encode(password), 'PBKDF2', false, [\n 'deriveBits',\n ]);\n let hash = await crypto.subtle.deriveBits(\n {\n name: 'PBKDF2',\n iterations: rounds,\n salt,\n hash: digest,\n },\n key,\n storedHash.length * 8,\n );\n return new Uint8Array(hash).every((v, i) => v === storedHash![i]);\n },\n };\n}\n"],"names":["Errors","PHC","createPBKDF2PasswordAlgorithm","id","digest","iterations","saltlen","keylen","name","hash","password","opts","salt","Uint8Array","crypto","getRandomValues","rounds","key","subtle","importKey","TextEncoder","encode","deriveBits","serialize","params","verify","_","storedHash","BadRequest","check","length","every","v","i"],"mappings":"AAAA,SAASA,MAAM,QAAQ,eAAe;AAEtC,SAASC,GAAG,QAAQ,QAAQ;AAE5B,OAAO,SAASC,8BAA8B,EAC5CC,EAAE,EACFC,MAAM,EACNC,aAAa,MAAM,EACnBC,UAAU,EAAE,EACZC,SAASH,WAAW,YAAY,KAAK,EAAE,EAOxC;IACC,OAAO;QACLI,MAAML;QACN,MAAMM,MAAKC,QAAgB,EAAEC,IAAI;YAC/B,IAAIC;YAEJ,IAAID,MAAMC,MAAM;gBACdA,OAAOD,KAAKC,IAAI;YAClB,OAAO;gBACLA,OAAO,IAAIC,WAAWP;gBACtBQ,OAAOC,eAAe,CAACH;YACzB;YAEA,MAAMI,SAASL,MAAMK,UAAUX;YAE/B,IAAIY,MAAM,MAAMH,OAAOI,MAAM,CAACC,SAAS,CAAC,OAAO,IAAIC,cAAcC,MAAM,CAACX,WAAW,UAAU,OAAO;gBAClG;aACD;YACD,IAAID,OAAO,MAAMK,OAAOI,MAAM,CAACI,UAAU,CACvC;gBAAEd,MAAM;gBAAUH,YAAYW;gBAAQJ;gBAAMH,MAAML;YAAO,GACzDa,KACAV,SAAS;YAEX,OAAON,IAAIsB,SAAS,CAAC;gBACnBpB,IAAIQ,MAAMR,MAAMA;gBAChBqB,QAAQ;oBACNR;gBACF;gBACAJ;gBACAH,MAAM,IAAII,WAAWJ;YACvB;QACF;QACA,MAAMgB,QAAOf,QAAgB,EAAEgB,CAAS,EAAEf,IAAI;YAC5C,MAAMK,SAASL,MAAMa,QAAQR,UAAUX;YACvC,MAAMO,OAAOD,KAAKC,IAAI;YACtB,MAAMe,aAAahB,KAAKF,IAAI;YAC5BT,OAAO4B,UAAU,CAACC,KAAK,CAAC,OAAOb,WAAW,UAAU;YACpDhB,OAAO4B,UAAU,CAACC,KAAK,CAACjB,gBAAgBC,YAAY;YACpDb,OAAO4B,UAAU,CAACC,KAAK,CAACF,sBAAsBd,YAAY;YAE1D,IAAII,MAAM,MAAMH,OAAOI,MAAM,CAACC,SAAS,CAAC,OAAO,IAAIC,cAAcC,MAAM,CAACX,WAAW,UAAU,OAAO;gBAClG;aACD;YACD,IAAID,OAAO,MAAMK,OAAOI,MAAM,CAACI,UAAU,CACvC;gBACEd,MAAM;gBACNH,YAAYW;gBACZJ;gBACAH,MAAML;YACR,GACAa,KACAU,WAAWG,MAAM,GAAG;YAEtB,OAAO,IAAIjB,WAAWJ,MAAMsB,KAAK,CAAC,CAACC,GAAGC,IAAMD,MAAML,UAAW,CAACM,EAAE;QAClE;IACF;AACF"}
|
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
import { randomBytes, scrypt, timingSafeEqual } from "node:crypto";
|
|
2
|
+
import { Errors } from "@wener/utils";
|
|
3
|
+
import { PHC } from "./PHC.js";
|
|
4
|
+
export function createScryptPasswordAlgorithm(options = {}) {
|
|
5
|
+
let id = options.id || "scrypt";
|
|
6
|
+
options.cost ||= Math.pow(2, 14);
|
|
7
|
+
options.blocksize ||= 8;
|
|
8
|
+
options.parallelism ||= 1;
|
|
9
|
+
options.saltlen ||= 16;
|
|
10
|
+
options.keylen ||= 32;
|
|
11
|
+
return {
|
|
12
|
+
name: id,
|
|
13
|
+
async hash(password, opts) {
|
|
14
|
+
const salt = opts?.salt || randomBytes(options.saltlen);
|
|
15
|
+
return new Promise((resolve, reject) => {
|
|
16
|
+
let N = options.cost;
|
|
17
|
+
let r = options.blocksize;
|
|
18
|
+
let p = options.parallelism;
|
|
19
|
+
scrypt(password, salt, options.keylen, {
|
|
20
|
+
N,
|
|
21
|
+
r,
|
|
22
|
+
p
|
|
23
|
+
}, (err, derivedKey) => {
|
|
24
|
+
if (err)
|
|
25
|
+
return reject(err);
|
|
26
|
+
resolve(PHC.serialize({
|
|
27
|
+
id: opts?.id ?? id,
|
|
28
|
+
params: {
|
|
29
|
+
ln: N,
|
|
30
|
+
r: r,
|
|
31
|
+
p: p
|
|
32
|
+
},
|
|
33
|
+
salt,
|
|
34
|
+
hash: derivedKey
|
|
35
|
+
}));
|
|
36
|
+
});
|
|
37
|
+
});
|
|
38
|
+
},
|
|
39
|
+
async verify(password, hash, opts) {
|
|
40
|
+
try {
|
|
41
|
+
const salt = Errors.BadRequest.require(opts.salt);
|
|
42
|
+
const storedHash = Errors.BadRequest.require(opts.hash);
|
|
43
|
+
const N = parseInt(opts.params?.ln, 10);
|
|
44
|
+
const r = parseInt(opts.params?.r, 10);
|
|
45
|
+
const p = parseInt(opts.params?.p, 10);
|
|
46
|
+
const keylen = storedHash.length;
|
|
47
|
+
return new Promise((resolve, reject) => {
|
|
48
|
+
scrypt(password, salt, keylen, {
|
|
49
|
+
N,
|
|
50
|
+
r,
|
|
51
|
+
p
|
|
52
|
+
}, (err, derivedKey) => {
|
|
53
|
+
if (err)
|
|
54
|
+
return reject(err);
|
|
55
|
+
const isMatch = timingSafeEqual(derivedKey, storedHash);
|
|
56
|
+
resolve(isMatch);
|
|
57
|
+
});
|
|
58
|
+
});
|
|
59
|
+
}
|
|
60
|
+
catch (error) {
|
|
61
|
+
return Promise.resolve(false);
|
|
62
|
+
}
|
|
63
|
+
}
|
|
64
|
+
};
|
|
65
|
+
}
|
|
66
|
+
//# sourceMappingURL=createScryptPasswordAlgorithm.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../src/password/createScryptPasswordAlgorithm.ts"],"sourcesContent":["import { randomBytes, scrypt, timingSafeEqual } from 'node:crypto';\nimport { Errors } from '@wener/utils';\nimport { Password } from './Password';\nimport { PHC } from './PHC';\n\nexport function createScryptPasswordAlgorithm(\n options: {\n id?: string;\n cost?: number;\n blocksize?: number;\n parallelism?: number;\n saltlen?: number;\n keylen?: number;\n } = {},\n): Password.PasswordAlgorithm {\n let id = options.id || 'scrypt';\n options.cost ||= Math.pow(2, 14);\n options.blocksize ||= 8;\n options.parallelism ||= 1;\n options.saltlen ||= 16;\n options.keylen ||= 32;\n return {\n name: id,\n async hash(password: string, opts): Promise<string> {\n const salt = opts?.salt || randomBytes(options.saltlen!);\n return new Promise((resolve, reject) => {\n let N = options.cost!;\n let r = options.blocksize!;\n let p = options.parallelism!;\n scrypt(password, salt, options.keylen!, { N, r, p }, (err, derivedKey) => {\n if (err) return reject(err);\n\n resolve(\n PHC.serialize({\n id: opts?.id ?? id,\n params: {\n ln: N!,\n r: r!,\n p: p!,\n },\n salt,\n hash: derivedKey,\n }),\n );\n });\n });\n },\n\n async verify(password: string, hash: string, opts): Promise<boolean> {\n try {\n const salt = Errors.BadRequest.require(opts.salt);\n const storedHash = Errors.BadRequest.require(opts.hash);\n\n const N = parseInt(opts.params?.ln as string, 10);\n const r = parseInt(opts.params?.r as string, 10);\n const p = parseInt(opts.params?.p as string, 10);\n const keylen = storedHash.length;\n\n return new Promise((resolve, reject) => {\n scrypt(password, salt, keylen, { N, r, p }, (err, derivedKey) => {\n if (err) return reject(err);\n\n const isMatch = timingSafeEqual(derivedKey, storedHash);\n resolve(isMatch);\n });\n });\n } catch (error) {\n return Promise.resolve(false);\n }\n },\n };\n}\n"],"names":["randomBytes","scrypt","timingSafeEqual","Errors","PHC","createScryptPasswordAlgorithm","options","id","cost","Math","pow","blocksize","parallelism","saltlen","keylen","name","hash","password","opts","salt","Promise","resolve","reject","N","r","p","err","derivedKey","serialize","params","ln","verify","BadRequest","require","storedHash","parseInt","length","isMatch","error"],"mappings":"AAAA,SAASA,WAAW,EAAEC,MAAM,EAAEC,eAAe,QAAQ,cAAc;AACnE,SAASC,MAAM,QAAQ,eAAe;AAEtC,SAASC,GAAG,QAAQ,QAAQ;AAE5B,OAAO,SAASC,8BACdC,UAOI,CAAC,CAAC;IAEN,IAAIC,KAAKD,QAAQC,EAAE,IAAI;IACvBD,QAAQE,IAAI,KAAKC,KAAKC,GAAG,CAAC,GAAG;IAC7BJ,QAAQK,SAAS,KAAK;IACtBL,QAAQM,WAAW,KAAK;IACxBN,QAAQO,OAAO,KAAK;IACpBP,QAAQQ,MAAM,KAAK;IACnB,OAAO;QACLC,MAAMR;QACN,MAAMS,MAAKC,QAAgB,EAAEC,IAAI;YAC/B,MAAMC,OAAOD,MAAMC,QAAQnB,YAAYM,QAAQO,OAAO;YACtD,OAAO,IAAIO,QAAQ,CAACC,SAASC;gBAC3B,IAAIC,IAAIjB,QAAQE,IAAI;gBACpB,IAAIgB,IAAIlB,QAAQK,SAAS;gBACzB,IAAIc,IAAInB,QAAQM,WAAW;gBAC3BX,OAAOgB,UAAUE,MAAMb,QAAQQ,MAAM,EAAG;oBAAES;oBAAGC;oBAAGC;gBAAE,GAAG,CAACC,KAAKC;oBACzD,IAAID,KAAK,OAAOJ,OAAOI;oBAEvBL,QACEjB,IAAIwB,SAAS,CAAC;wBACZrB,IAAIW,MAAMX,MAAMA;wBAChBsB,QAAQ;4BACNC,IAAIP;4BACJC,GAAGA;4BACHC,GAAGA;wBACL;wBACAN;wBACAH,MAAMW;oBACR;gBAEJ;YACF;QACF;QAEA,MAAMI,QAAOd,QAAgB,EAAED,IAAY,EAAEE,IAAI;YAC/C,IAAI;gBACF,MAAMC,OAAOhB,OAAO6B,UAAU,CAACC,OAAO,CAACf,KAAKC,IAAI;gBAChD,MAAMe,aAAa/B,OAAO6B,UAAU,CAACC,OAAO,CAACf,KAAKF,IAAI;gBAEtD,MAAMO,IAAIY,SAASjB,KAAKW,MAAM,EAAEC,IAAc;gBAC9C,MAAMN,IAAIW,SAASjB,KAAKW,MAAM,EAAEL,GAAa;gBAC7C,MAAMC,IAAIU,SAASjB,KAAKW,MAAM,EAAEJ,GAAa;gBAC7C,MAAMX,SAASoB,WAAWE,MAAM;gBAEhC,OAAO,IAAIhB,QAAQ,CAACC,SAASC;oBAC3BrB,OAAOgB,UAAUE,MAAML,QAAQ;wBAAES;wBAAGC;wBAAGC;oBAAE,GAAG,CAACC,KAAKC;wBAChD,IAAID,KAAK,OAAOJ,OAAOI;wBAEvB,MAAMW,UAAUnC,gBAAgByB,YAAYO;wBAC5Cb,QAAQgB;oBACV;gBACF;YACF,EAAE,OAAOC,OAAO;gBACd,OAAOlB,QAAQC,OAAO,CAAC;YACzB;QACF;IACF;AACF"}
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
export { PHC } from "./PHC.js";
|
|
2
|
+
export { Password } from "./Password.js";
|
|
3
|
+
export { createArgon2PasswordAlgorithm } from "./createArgon2PasswordAlgorithm.js";
|
|
4
|
+
export { createBase64PasswordAlgorithm } from "./createBase64PasswordAlgorithm.js";
|
|
5
|
+
export { createBcryptPasswordAlgorithm } from "./createBcryptPasswordAlgorithm.js";
|
|
6
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../src/password/index.ts"],"sourcesContent":["export { PHC } from './PHC';\nexport { Password } from './Password';\nexport { createArgon2PasswordAlgorithm } from './createArgon2PasswordAlgorithm';\nexport { createBase64PasswordAlgorithm } from './createBase64PasswordAlgorithm';\nexport { createBcryptPasswordAlgorithm } from './createBcryptPasswordAlgorithm';\n"],"names":["PHC","Password","createArgon2PasswordAlgorithm","createBase64PasswordAlgorithm","createBcryptPasswordAlgorithm"],"mappings":"AAAA,SAASA,GAAG,QAAQ,QAAQ;AAC5B,SAASC,QAAQ,QAAQ,aAAa;AACtC,SAASC,6BAA6B,QAAQ,kCAAkC;AAChF,SAASC,6BAA6B,QAAQ,kCAAkC;AAChF,SAASC,6BAA6B,QAAQ,kCAAkC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../../src/password/server/index.ts"],"sourcesContent":["export { createScryptPasswordAlgorithm } from '../createScryptPasswordAlgorithm';\n"],"names":["createScryptPasswordAlgorithm"],"mappings":"AAAA,SAASA,6BAA6B,QAAQ,mCAAmC"}
|