altcha-lib 0.1.0 → 0.1.2

package/README.md

@@ -37,8 +37,10 @@ Parameters:
 - `options: ChallengeOptions`:
   - `algorithm?: string`: Algorithm to use (`SHA-1`, `SHA-256`, `SHA-512`, default: `SHA-256`).
   - `hmacKey: string` (required): Signature HMAC key.
+  - `maxNumber?: number` Optional maximum number for the random number generator (defaults to 1,000,000).
   - `number?: number`: Optional number to use. If not provided, a random number will be generated.
   - `salt?: string`: Optional salt string. If not provided, a random salt will be generated.
+  - `saltLength?: number` Optional maximum lenght of the random salt (in bytes, defaults to 12).
 
 ### `verifySolution(payload, hmacKey)`
 

package/cjs/dist/helpers.d.ts

@@ -0,0 +1,6 @@
+import type { Algorithm } from './types.js';
+export declare function ab2hex(ab: ArrayBuffer | Uint8Array): string;
+export declare function hash(algorithm: Algorithm, str: string): Promise<string>;
+export declare function hmac(algorithm: Algorithm, str: string, secret: string): Promise<string>;
+export declare function randomBytes(length: number): Uint8Array;
+export declare function randomInt(max: number): number;

package/cjs/dist/helpers.js

@@ -0,0 +1,39 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.randomInt = exports.randomBytes = exports.hmac = exports.hash = exports.ab2hex = void 0;
+const encoder = new TextEncoder();
+if (!('crypto' in globalThis)) {
+    // eslint-disable-next-line @typescript-eslint/no-var-requires
+    globalThis.crypto = require('node:crypto').webcrypto;
+}
+function ab2hex(ab) {
+    return [...new Uint8Array(ab)]
+        .map((x) => x.toString(16).padStart(2, '0'))
+        .join('');
+}
+exports.ab2hex = ab2hex;
+async function hash(algorithm, str) {
+    return ab2hex(await crypto.subtle.digest(algorithm.toUpperCase(), encoder.encode(str)));
+}
+exports.hash = hash;
+async function hmac(algorithm, str, secret) {
+    const key = await crypto.subtle.importKey('raw', encoder.encode(secret), {
+        name: 'HMAC',
+        hash: algorithm,
+    }, false, ['sign', 'verify']);
+    return ab2hex(await crypto.subtle.sign('HMAC', key, encoder.encode(str)));
+}
+exports.hmac = hmac;
+function randomBytes(length) {
+    const ab = new Uint8Array(length);
+    crypto.getRandomValues(ab);
+    return ab;
+}
+exports.randomBytes = randomBytes;
+function randomInt(max) {
+    const ab = new Uint32Array(1);
+    crypto.getRandomValues(ab);
+    const randomNumber = ab[0] / (0xffffffff + 1);
+    return Math.floor(randomNumber * max + 1);
+}
+exports.randomInt = randomInt;

package/cjs/dist/index.d.ts

@@ -0,0 +1,3 @@
+import type { Challenge, ChallengeOptions, Payload } from './types.js';
+export declare function createChallenge(options: ChallengeOptions): Promise<Challenge>;
+export declare function verifySolution(payload: string | Payload, hmacKey: string): Promise<boolean>;

package/cjs/dist/index.js

@@ -0,0 +1,36 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.verifySolution = exports.createChallenge = void 0;
+const helpers_js_1 = require("./helpers.js");
+const DEFAULT_MAX_NUMBER = 1e6;
+const DEFAULT_SALT_LEN = 12;
+const DEFAULT_ALG = 'SHA-256';
+async function createChallenge(options) {
+    const algorithm = options.algorithm || DEFAULT_ALG;
+    const maxNumber = options.maxNumber || DEFAULT_MAX_NUMBER;
+    const saltLength = options.saltLength || DEFAULT_SALT_LEN;
+    const salt = options.salt || (0, helpers_js_1.ab2hex)((0, helpers_js_1.randomBytes)(saltLength));
+    const number = options.number === void 0 ? (0, helpers_js_1.randomInt)(maxNumber) : options.number;
+    const challenge = await (0, helpers_js_1.hash)(algorithm, salt + number);
+    return {
+        algorithm,
+        challenge,
+        salt,
+        signature: await (0, helpers_js_1.hmac)(algorithm, challenge, options.hmacKey),
+    };
+}
+exports.createChallenge = createChallenge;
+async function verifySolution(payload, hmacKey) {
+    if (typeof payload === 'string') {
+        payload = JSON.parse(atob(payload));
+    }
+    const check = await createChallenge({
+        algorithm: payload.algorithm,
+        hmacKey,
+        number: payload.number,
+        salt: payload.salt,
+    });
+    return (check.challenge === payload.challenge &&
+        check.signature === payload.signature);
+}
+exports.verifySolution = verifySolution;

package/cjs/dist/types.d.ts

@@ -0,0 +1,22 @@
+export type Algorithm = 'SHA-1' | 'SHA-256' | 'SHA-512';
+export interface Challenge {
+    algorithm: Algorithm;
+    challenge: string;
+    salt: string;
+    signature: string;
+}
+export interface ChallengeOptions {
+    algorithm?: Algorithm;
+    hmacKey: string;
+    maxNumber?: number;
+    number?: number;
+    salt?: string;
+    saltLength?: number;
+}
+export interface Payload {
+    algorithm: Algorithm;
+    challenge: string;
+    number: number;
+    salt: string;
+    signature: string;
+}

package/cjs/dist/types.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/cjs/package.json

@@ -0,0 +1,3 @@
+{
+    "type": "commonjs"
+}

package/dist/helpers.js

@@ -1,7 +1,7 @@
 const encoder = new TextEncoder();
 if (!('crypto' in globalThis)) {
-    // @ts-ignore
-    globalThis.crypto = (await import('node:crypto')).webcrypto;
+    // eslint-disable-next-line @typescript-eslint/no-var-requires
+    globalThis.crypto = require('node:crypto').webcrypto;
 }
 export function ab2hex(ab) {
     return [...new Uint8Array(ab)]

package/dist/index.js

@@ -1,10 +1,13 @@
 import { ab2hex, hash, hmac, randomBytes, randomInt } from './helpers.js';
-const DEFAULT_MAX_NUMBER = 1e7;
+const DEFAULT_MAX_NUMBER = 1e6;
+const DEFAULT_SALT_LEN = 12;
 const DEFAULT_ALG = 'SHA-256';
 export async function createChallenge(options) {
     const algorithm = options.algorithm || DEFAULT_ALG;
-    const salt = options.salt || ab2hex(randomBytes(12));
-    const number = options.number === void 0 ? randomInt(DEFAULT_MAX_NUMBER) : options.number;
+    const maxNumber = options.maxNumber || DEFAULT_MAX_NUMBER;
+    const saltLength = options.saltLength || DEFAULT_SALT_LEN;
+    const salt = options.salt || ab2hex(randomBytes(saltLength));
+    const number = options.number === void 0 ? randomInt(maxNumber) : options.number;
     const challenge = await hash(algorithm, salt + number);
     return {
         algorithm,

package/dist/types.d.ts

@@ -8,8 +8,10 @@ export interface Challenge {
 export interface ChallengeOptions {
     algorithm?: Algorithm;
     hmacKey: string;
+    maxNumber?: number;
     number?: number;
     salt?: string;
+    saltLength?: number;
 }
 export interface Payload {
     algorithm: Algorithm;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "altcha-lib",
-  "version": "0.1.0",
+  "version": "0.1.2",
   "description": "A library for creating and verifying ALTCHA challenges for Node.js, Bun and Deno.",
   "author": "Daniel Regeci",
   "license": "MIT",
@@ -15,7 +15,7 @@
   "types": "./dist/index.d.ts",
   "type": "module",
   "scripts": {
-    "build": "rimraf dist && tsc -p tsconfig.build.json",
+    "build": "rimraf dist && rimraf cjs/dist && tsc -b tsconfig.build.json tsconfig.cjs.json",
     "denoify": "rimraf deno_dist && denoify && find deno_dist/. -type f -exec sed -i '' -e 's/node:node:/node:/g' {} +",
     "eslint": "eslint ./lib/**/*",
     "format": "prettier --write './(lib|tests)/**/*'",
@@ -23,12 +23,19 @@
     "test:deno": "deno test tests/deno.ts"
   },
   "files": [
+    "cjs",
     "dist"
   ],
   "exports": {
     ".": {
       "types": "./dist/index.d.ts",
-      "import": "./dist/index.js"
+      "import": "./dist/index.js",
+      "require": "./cjs/dist/index.js",
+      "default": "./dist/index.js"
+    },
+    "./types": {
+      "types": "./dist/types.d.ts",
+      "import": "./dist/types.js"
     }
   },
   "typesVersions": {