cipher-kit 2.0.0-beta.1 → 2.0.0-beta.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/chunk-3XGARINH.cjs +480 -0
- package/dist/chunk-3XGARINH.cjs.map +1 -0
- package/dist/{chunk-I25C3WUZ.js → chunk-AEQNI5EZ.js} +167 -98
- package/dist/chunk-AEQNI5EZ.js.map +1 -0
- package/dist/{chunk-6HNTSQAP.js → chunk-LOJKJJX5.js} +4 -7
- package/dist/chunk-LOJKJJX5.js.map +1 -0
- package/dist/{chunk-ZIVTPFKN.cjs → chunk-RXXVBCWL.cjs} +4 -8
- package/dist/chunk-RXXVBCWL.cjs.map +1 -0
- package/dist/{chunk-SRGSVNQ2.js → chunk-SUGN4VDZ.js} +169 -96
- package/dist/chunk-SUGN4VDZ.js.map +1 -0
- package/dist/chunk-WIZT7AYM.cjs +584 -0
- package/dist/chunk-WIZT7AYM.cjs.map +1 -0
- package/dist/{export-oVEmcDLI.d.cts → export-Bq9tslUU.d.ts} +30 -42
- package/dist/{export-C2vQXrZa.d.cts → export-C0WDJZUy.d.ts} +30 -42
- package/dist/{export-DzNR1ht3.d.ts → export-LPOfeH2z.d.cts} +30 -42
- package/dist/{export-DEWwhS-S.d.ts → export-RD2Af4CJ.d.cts} +30 -42
- package/dist/index.cjs +12 -104
- package/dist/index.d.cts +3 -3
- package/dist/index.d.ts +3 -3
- package/dist/index.js +3 -3
- package/dist/node.cjs +34 -34
- package/dist/node.d.cts +2 -2
- package/dist/node.d.ts +2 -2
- package/dist/node.js +2 -2
- package/dist/{validate-TRx4DDtg.d.cts → validate-CS4PFmY1.d.cts} +39 -3
- package/dist/{validate-TRx4DDtg.d.ts → validate-CS4PFmY1.d.ts} +39 -3
- package/dist/web-api.cjs +34 -34
- package/dist/web-api.d.cts +2 -2
- package/dist/web-api.d.ts +2 -2
- package/dist/web-api.js +2 -2
- package/package.json +1 -1
- package/dist/chunk-6HNTSQAP.js.map +0 -1
- package/dist/chunk-DZLEO2JD.cjs +0 -511
- package/dist/chunk-DZLEO2JD.cjs.map +0 -1
- package/dist/chunk-I25C3WUZ.js.map +0 -1
- package/dist/chunk-SRGSVNQ2.js.map +0 -1
- package/dist/chunk-UR5HPMNF.cjs +0 -411
- package/dist/chunk-UR5HPMNF.cjs.map +0 -1
- package/dist/chunk-ZIVTPFKN.cjs.map +0 -1
|
@@ -13,7 +13,7 @@ var __export = (target, all) => {
|
|
|
13
13
|
};
|
|
14
14
|
|
|
15
15
|
// src/helpers/consts.ts
|
|
16
|
-
var
|
|
16
|
+
var ENCODINGS = Object.freeze(["base64", "base64url", "hex", "utf8", "latin1"]);
|
|
17
17
|
var DIGEST_ALGORITHMS = Object.freeze({
|
|
18
18
|
sha256: { node: "sha256", web: "SHA-256" },
|
|
19
19
|
sha384: { node: "sha384", web: "SHA-384" },
|
|
@@ -24,9 +24,6 @@ var ENCRYPTION_ALGORITHMS = Object.freeze({
|
|
|
24
24
|
aes192gcm: { name: "aes192gcm", keyBytes: 24, ivLength: 12, node: "aes-192-gcm", web: "AES-GCM" },
|
|
25
25
|
aes128gcm: { name: "aes128gcm", keyBytes: 16, ivLength: 12, node: "aes-128-gcm", web: "AES-GCM" }
|
|
26
26
|
});
|
|
27
|
-
var PASSWORD_HASHING = Object.freeze({
|
|
28
|
-
pbkdf2: { saltLength: 16, iterations: 32e4, keyLength: 64 }
|
|
29
|
-
});
|
|
30
27
|
|
|
31
28
|
// src/helpers/validate.ts
|
|
32
29
|
function $isStr(x, min = 1) {
|
|
@@ -148,10 +145,9 @@ exports.$ok = $ok;
|
|
|
148
145
|
exports.$parseToObj = $parseToObj;
|
|
149
146
|
exports.$stringifyObj = $stringifyObj;
|
|
150
147
|
exports.DIGEST_ALGORITHMS = DIGEST_ALGORITHMS;
|
|
151
|
-
exports.
|
|
148
|
+
exports.ENCODINGS = ENCODINGS;
|
|
152
149
|
exports.ENCRYPTED_REGEX = ENCRYPTED_REGEX;
|
|
153
150
|
exports.ENCRYPTION_ALGORITHMS = ENCRYPTION_ALGORITHMS;
|
|
154
|
-
exports.PASSWORD_HASHING = PASSWORD_HASHING;
|
|
155
151
|
exports.__export = __export;
|
|
156
152
|
exports.isSecretKey = isSecretKey;
|
|
157
153
|
exports.matchPattern = matchPattern;
|
|
@@ -159,5 +155,5 @@ exports.parseToObj = parseToObj;
|
|
|
159
155
|
exports.stringifyObj = stringifyObj;
|
|
160
156
|
exports.tryParseToObj = tryParseToObj;
|
|
161
157
|
exports.tryStringifyObj = tryStringifyObj;
|
|
162
|
-
//# sourceMappingURL=chunk-
|
|
163
|
-
//# sourceMappingURL=chunk-
|
|
158
|
+
//# sourceMappingURL=chunk-RXXVBCWL.cjs.map
|
|
159
|
+
//# sourceMappingURL=chunk-RXXVBCWL.cjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../src/helpers/consts.ts","../src/helpers/validate.ts","../src/helpers/error.ts","../src/helpers/object.ts"],"names":["nodeCrypto"],"mappings":";;;;;;;;;;;;;;;AAAO,IAAM,SAAA,GAAY,OAAO,MAAA,CAAO,CAAC,UAAU,WAAA,EAAa,KAAA,EAAO,MAAA,EAAQ,QAAQ,CAAU;AAEzF,IAAM,iBAAA,GAAoB,OAAO,MAAA,CAAO;AAAA,EAC7C,MAAA,EAAQ,EAAE,IAAA,EAAM,QAAA,EAAU,KAAK,SAAA,EAAU;AAAA,EACzC,MAAA,EAAQ,EAAE,IAAA,EAAM,QAAA,EAAU,KAAK,SAAA,EAAU;AAAA,EACzC,MAAA,EAAQ,EAAE,IAAA,EAAM,QAAA,EAAU,KAAK,SAAA;AACjC,CAAU;AAEH,IAAM,qBAAA,GAAwB,OAAO,MAAA,CAAO;AAAA,EACjD,SAAA,EAAW,EAAE,IAAA,EAAM,WAAA,EAAa,QAAA,EAAU,EAAA,EAAI,QAAA,EAAU,EAAA,EAAI,IAAA,EAAM,aAAA,EAAe,GAAA,EAAK,SAAA,EAAU;AAAA,EAChG,SAAA,EAAW,EAAE,IAAA,EAAM,WAAA,EAAa,QAAA,EAAU,EAAA,EAAI,QAAA,EAAU,EAAA,EAAI,IAAA,EAAM,aAAA,EAAe,GAAA,EAAK,SAAA,EAAU;AAAA,EAChG,SAAA,EAAW,EAAE,IAAA,EAAM,WAAA,EAAa,QAAA,EAAU,EAAA,EAAI,QAAA,EAAU,EAAA,EAAI,IAAA,EAAM,aAAA,EAAe,GAAA,EAAK,SAAA;AACxF,CAAU;;;ACRH,SAAS,MAAA,CAAO,CAAA,EAAY,GAAA,GAAM,CAAA,EAAgB;AACvD,EAAA,OAAO,CAAA,KAAM,IAAA,IAAQ,CAAA,KAAM,MAAA,IAAa,OAAO,MAAM,QAAA,IAAY,CAAA,CAAE,IAAA,EAAK,CAAE,MAAA,IAAU,GAAA;AACtF;AAEO,SAAS,OAAO,CAAA,EAA0C;AAC/D,EAAA,IAAI,OAAO,CAAA,KAAM,QAAA,IAAY,MAAM,IAAA,IAAQ,CAAA,KAAM,QAAW,OAAO,KAAA;AACnE,EAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,cAAA,CAAe,CAAC,CAAA;AACrC,EAAA,OAAO,KAAA,KAAU,MAAA,CAAO,SAAA,IAAa,KAAA,KAAU,IAAA;AACjD;AAEO,SAAS,YAAY,CAAA,EAA0C;AACpE,EAAA,OAAO,OAAO,CAAA,KAAM,QAAA,IAAY,CAAA,KAAM,QAAQ,CAAA,KAAM,MAAA;AACtD;AAEA,IAAM,YAAA,uBAAmB,GAAA,CAAI,CAAC,YAAY,QAAA,EAAU,MAAA,EAAQ,KAAK,CAAC,CAAA;AAClE,IAAM,gBAAA,uBAAuB,GAAA,CAAI,CAAC,QAAQ,UAAA,EAAY,UAAA,EAAY,MAAA,EAAQ,KAAK,CAAC,CAAA;AAEzE,SAAS,WAAA,CAA6C,GAAY,QAAA,EAA8C;AACrH,EAAA,IAAI,CAAC,WAAA,CAAY,CAAC,CAAA,IAAM,QAAA,KAAa,MAAA,IAAU,QAAA,KAAa,KAAA,IAAU,CAAA,CAAE,QAAA,KAAa,QAAA,EAAU,OAAO,KAAA;AAEtG,EAAA,MAAM,IAAA,GAAO,MAAA,CAAO,IAAA,CAAK,CAAC,CAAA;AAC1B,EAAA,IAAI,IAAA,CAAK,MAAA,KAAW,YAAA,CAAa,IAAA,EAAM,OAAO,KAAA;AAC9C,EAAA,KAAA,MAAW,GAAA,IAAO,MAAM,IAAI,CAAC,aAAa,GAAA,CAAI,GAAG,GAAG,OAAO,KAAA;AAC3D,EAAA,KAAA,MAAW,GAAA,IAAO,cAAc,IAAI,CAAC,OAAO,MAAA,CAAO,CAAA,EAAG,GAAG,CAAA,EAAG,OAAO,KAAA;AAEnE,EAAA,IAAI,OAAO,EAAE,MAAA,KAAW,QAAA,IAAY,EAAE,CAAA,CAAE,MAAA,IAAU,oBAAoB,OAAO,KAAA;AAC7E,EAAA,IAAI,CAAC,WAAA,CAAY,CAAA,CAAE,IAAI,KAAK,OAAO,CAAA,CAAE,IAAA,CAAK,IAAA,KAAS,YAAY,EAAE,CAAA,CAAE,IAAA,CAAK,IAAA,IAAQ,wBAAwB,OAAO,KAAA;AAE/G,EAAA,MAAM,QAAA,GAAW,MAAA,CAAO,IAAA,CAAK,CAAA,CAAE,IAAI,CAAA;AACnC,EAAA,IAAI,QAAA,CAAS,MAAA,KAAW,gBAAA,CAAiB,IAAA,EAAM,OAAO,KAAA;AACtD,EAAA,KAAA,MAAW,GAAA,IAAO,UAAU,IAAI,CAAC,iBAAiB,GAAA,CAAI,GAAG,GAAG,OAAO,KAAA;AACnE,EAAA,KAAA,MAAW,GAAA,IAAO,gBAAA,EAAkB,IAAI,CAAC,MAAA,CAAO,OAAO,CAAA,CAAE,IAAA,EAAM,GAAG,CAAA,EAAG,OAAO,KAAA;AAE5E,EAAA,MAAM,IAAA,GAAO,qBAAA,CAAsB,CAAA,CAAE,IAAA,CAAK,IAA2B,CAAA;AACrE,EAAA,IACE,EAAE,IAAA,CAAK,QAAA,KAAa,KAAK,QAAA,IACzB,CAAA,CAAE,KAAK,QAAA,KAAa,IAAA,CAAK,YACzB,CAAA,CAAE,IAAA,CAAK,SAAS,IAAA,CAAK,IAAA,IACrB,EAAE,IAAA,CAAK,GAAA,KAAQ,KAAK,GAAA,EACpB;AACA,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,IAAI,CAAC,YAAY,CAAA,CAAE,GAAG,KAAK,CAAA,CAAE,GAAA,CAAI,IAAA,KAAS,QAAA,EAAU,OAAO,KAAA;AAE3D,EAAA,IAAI,aAAa,MAAA,EAAQ;AACvB,IAAA,IACE,EAAE,CAAA,CAAE,GAAA,YAAeA,2BAAA,CAAW,cAC7B,OAAO,CAAA,CAAE,GAAA,CAAI,gBAAA,KAAqB,QAAA,IAAY,CAAA,CAAE,GAAA,CAAI,gBAAA,KAAqB,KAAK,QAAA,EAC/E;AACA,MAAA,OAAO,KAAA;AAAA,IACT;AACA,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,IACE,CAAC,WAAA,CAAY,CAAA,CAAE,GAAA,CAAI,SAAS,KAC5B,CAAA,CAAE,GAAA,CAAI,SAAA,CAAU,IAAA,KAAS,IAAA,CAAK,GAAA,IAC7B,OAAO,CAAA,CAAE,GAAA,CAAI,SAAA,CAAU,MAAA,KAAW,QAAA,IAAY,CAAA,CAAE,GAAA,CAAI,SAAA,CAAU,MAAA,KAAW,IAAA,CAAK,QAAA,GAAW,CAAA,IAC1F,OAAO,CAAA,CAAE,IAAI,WAAA,KAAgB,SAAA,IAC7B,CAAC,KAAA,CAAM,OAAA,CAAQ,CAAA,CAAE,IAAI,MAAM,CAAA,IAC3B,CAAA,CAAE,GAAA,CAAI,MAAA,CAAO,MAAA,KAAW,KACxB,EAAE,CAAA,CAAE,GAAA,CAAI,MAAA,CAAO,QAAA,CAAS,SAAS,CAAA,IAAK,CAAA,CAAE,GAAA,CAAI,MAAA,CAAO,QAAA,CAAS,SAAS,CAAA,CAAA,EACrE;AACA,IAAA,OAAO,KAAA;AAAA,EACT;AACA,EAAA,OAAO,IAAA;AACT;AAGO,IAAM,eAAA,GAAkB,OAAO,MAAA,CAAO;AAAA,EAC3C,OAAA,EAAS,6DAAA;AAAA,EACT,IAAA,EAAM,0DAAA;AAAA,EACN,GAAA,EAAK;AACP,CAAC;AAGM,SAAS,YAAA,CAAa,MAAc,MAAA,EAA6C;AACtF,EAAA,IAAI,OAAO,IAAA,KAAS,QAAA,EAAU,OAAO,KAAA;AACrC,EAAA,IAAI,EAAE,UAAU,eAAA,CAAA,EAAkB,MAAM,IAAI,KAAA,CAAM,CAAA,gBAAA,EAAmB,MAAM,CAAA,CAAE,CAAA;AAC7E,EAAA,OAAO,eAAA,CAAgB,MAAM,CAAA,CAAE,IAAA,CAAK,IAAI,CAAA;AAC1C;;;ACtEO,SAAS,IAAO,MAAA,EAAuB;AAC5C,EAAA,IAAI,MAAA,CAAO,MAAM,CAAA,EAAG,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,GAAI,MAAA,EAAsB;AACtE,EAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,MAAA,EAAO;AACjC;AAIO,SAAS,KAAK,GAAA,EAA0E;AAC7F,EAAA,OAAO;AAAA,IACL,OAAA,EAAS,KAAA;AAAA,IACT,KAAA,EAAO;AAAA,MACL,OAAA,EAAS,KAAA,IAAS,GAAA,GAAM,GAAA,CAAI,MAAM,GAAA,CAAI,OAAA;AAAA,MACtC,WAAA,EAAa,MAAA,IAAU,GAAA,GAAM,GAAA,CAAI,OAAO,GAAA,CAAI;AAAA;AAC9C,GACF;AACF;AAEO,SAAS,UAAU,KAAA,EAAwB;AAChD,EAAA,IAAI,KAAA,YAAiB,KAAA,EAAO,OAAO,KAAA,CAAM,OAAA;AACzC,EAAA,IAAI,OAAO,KAAA,KAAU,QAAA,EAAU,OAAO,KAAA;AACtC,EAAA,OAAO,OAAO,KAAK,CAAA;AACrB;AAEO,SAAS,cAAc,GAAA,EAAwB;AACpD,EAAA,OAAO,CAAA,EAAG,GAAA,CAAI,OAAO,CAAA,GAAA,EAAM,IAAI,WAAW,CAAA,CAAA;AAC5C;;;ACrCO,SAAS,cAA0D,GAAA,EAAwB;AAChG,EAAA,IAAI;AACF,IAAA,IAAI,CAAC,MAAA,CAAO,GAAG,CAAA,EAAG,OAAO,IAAA,CAAK,EAAE,GAAA,EAAK,gBAAA,EAAkB,IAAA,EAAM,6BAAA,EAA+B,CAAA;AAC5F,IAAA,OAAO,GAAA,CAAI,IAAA,CAAK,SAAA,CAAU,GAAG,CAAC,CAAA;AAAA,EAChC,SAAS,KAAA,EAAO;AACd,IAAA,OAAO,IAAA,CAAK,EAAE,GAAA,EAAK,0BAAA,EAA4B,MAAM,SAAA,CAAU,KAAK,GAAG,CAAA;AAAA,EACzE;AACF;AASO,SAAS,aAAyD,GAAA,EAAgB;AACvF,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAI,cAAc,GAAG,CAAA;AAC3C,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT;AAQO,SAAS,gBAA4D,GAAA,EAAwB;AAClG,EAAA,OAAO,cAAc,GAAG,CAAA;AAC1B;AAEO,SAAS,YAAwD,GAAA,EAAoC;AAC1G,EAAA,IAAI;AACF,IAAA,IAAI,CAAC,MAAA,CAAO,GAAG,CAAA,EAAG,OAAO,IAAA,CAAK,EAAE,GAAA,EAAK,wBAAA,EAA0B,IAAA,EAAM,6BAAA,EAA+B,CAAA;AACpG,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,KAAA,CAAM,GAAG,CAAA;AAE1B,IAAA,IAAI,CAAC,MAAA,CAAO,GAAG,CAAA,EAAG,OAAO,IAAA,CAAK,EAAE,GAAA,EAAK,gCAAA,EAAkC,IAAA,EAAM,mCAAA,EAAqC,CAAA;AAClH,IAAA,OAAO,GAAA,CAAI,EAAE,MAAA,EAAQ,GAAA,EAAU,CAAA;AAAA,EACjC,SAAS,KAAA,EAAO;AACd,IAAA,OAAO,IAAA,CAAK,EAAE,GAAA,EAAK,yBAAA,EAA2B,MAAM,SAAA,CAAU,KAAK,GAAG,CAAA;AAAA,EACxE;AACF;AAQO,SAAS,cAA0D,GAAA,EAAoC;AAC5G,EAAA,OAAO,YAAe,GAAG,CAAA;AAC3B;AASO,SAAS,WAAuD,GAAA,EAAgB;AACrF,EAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAI,YAAe,GAAG,CAAA;AAC5C,EAAA,IAAI,OAAO,MAAM,IAAI,KAAA,CAAM,aAAA,CAAc,KAAK,CAAC,CAAA;AAC/C,EAAA,OAAO,MAAA;AACT","file":"chunk-RXXVBCWL.cjs","sourcesContent":["export const ENCODINGS = Object.freeze(['base64', 'base64url', 'hex', 'utf8', 'latin1'] as const);\r\n\r\nexport const DIGEST_ALGORITHMS = Object.freeze({\r\n sha256: { node: 'sha256', web: 'SHA-256' },\r\n sha384: { node: 'sha384', web: 'SHA-384' },\r\n sha512: { node: 'sha512', web: 'SHA-512' },\r\n} as const);\r\n\r\nexport const ENCRYPTION_ALGORITHMS = Object.freeze({\r\n aes256gcm: { name: 'aes256gcm', keyBytes: 32, ivLength: 12, node: 'aes-256-gcm', web: 'AES-GCM' },\r\n aes192gcm: { name: 'aes192gcm', keyBytes: 24, ivLength: 12, node: 'aes-192-gcm', web: 'AES-GCM' },\r\n aes128gcm: { name: 'aes128gcm', keyBytes: 16, ivLength: 12, node: 'aes-128-gcm', web: 'AES-GCM' },\r\n} as const);\r\n","import nodeCrypto from 'node:crypto';\r\nimport type { EncryptionAlgorithm, SecretKey } from '~/helpers/types';\r\nimport { DIGEST_ALGORITHMS, ENCRYPTION_ALGORITHMS } from './consts';\r\n\r\nexport function $isStr(x: unknown, min = 1): x is string {\r\n return x !== null && x !== undefined && typeof x === 'string' && x.trim().length >= min;\r\n}\r\n\r\nexport function $isObj(x: unknown): x is Record<string, unknown> {\r\n if (typeof x !== 'object' || x === null || x === undefined) return false;\r\n const proto = Object.getPrototypeOf(x);\r\n return proto === Object.prototype || proto === null;\r\n}\r\n\r\nexport function $isLooseObj(x: unknown): x is Record<string, unknown> {\r\n return typeof x === 'object' && x !== null && x !== undefined;\r\n}\r\n\r\nconst expectedKeys = new Set(['platform', 'digest', 'algo', 'key']);\r\nconst expectedAlgoKeys = new Set(['name', 'keyBytes', 'ivLength', 'node', 'web']);\r\n\r\nexport function isSecretKey<Platform extends 'node' | 'web'>(x: unknown, platform: Platform): x is SecretKey<Platform> {\r\n if (!$isLooseObj(x) || (platform !== 'node' && platform !== 'web') || x.platform !== platform) return false;\r\n\r\n const keys = Object.keys(x);\r\n if (keys.length !== expectedKeys.size) return false;\r\n for (const key of keys) if (!expectedKeys.has(key)) return false;\r\n for (const key of expectedKeys) if (!Object.hasOwn(x, key)) return false;\r\n\r\n if (typeof x.digest !== 'string' || !(x.digest in DIGEST_ALGORITHMS)) return false;\r\n if (!$isLooseObj(x.algo) || typeof x.algo.name !== 'string' || !(x.algo.name in ENCRYPTION_ALGORITHMS)) return false;\r\n\r\n const algoKeys = Object.keys(x.algo);\r\n if (algoKeys.length !== expectedAlgoKeys.size) return false;\r\n for (const key of algoKeys) if (!expectedAlgoKeys.has(key)) return false;\r\n for (const key of expectedAlgoKeys) if (!Object.hasOwn(x.algo, key)) return false;\r\n\r\n const algo = ENCRYPTION_ALGORITHMS[x.algo.name as EncryptionAlgorithm];\r\n if (\r\n x.algo.keyBytes !== algo.keyBytes ||\r\n x.algo.ivLength !== algo.ivLength ||\r\n x.algo.node !== algo.node ||\r\n x.algo.web !== algo.web\r\n ) {\r\n return false;\r\n }\r\n\r\n if (!$isLooseObj(x.key) || x.key.type !== 'secret') return false;\r\n\r\n if (platform === 'node') {\r\n if (\r\n !(x.key instanceof nodeCrypto.KeyObject) ||\r\n (typeof x.key.symmetricKeySize === 'number' && x.key.symmetricKeySize !== algo.keyBytes)\r\n ) {\r\n return false;\r\n }\r\n return true;\r\n }\r\n\r\n if (\r\n !$isLooseObj(x.key.algorithm) ||\r\n x.key.algorithm.name !== algo.web ||\r\n (typeof x.key.algorithm.length === 'number' && x.key.algorithm.length !== algo.keyBytes * 8) ||\r\n typeof x.key.extractable !== 'boolean' ||\r\n !Array.isArray(x.key.usages) ||\r\n x.key.usages.length !== 2 ||\r\n !(x.key.usages.includes('encrypt') && x.key.usages.includes('decrypt'))\r\n ) {\r\n return false;\r\n }\r\n return true;\r\n}\r\n\r\n/** Regular expressions for encrypted data patterns */\r\nexport const ENCRYPTED_REGEX = Object.freeze({\r\n general: /^(?:[A-Za-z0-9_-]+\\.[A-Za-z0-9_-]+(?:\\.[A-Za-z0-9_-]+)?\\.)$/,\r\n node: /^([A-Za-z0-9_-]+)\\.([A-Za-z0-9_-]+)\\.([A-Za-z0-9_-]+)\\.$/,\r\n web: /^([A-Za-z0-9_-]+)\\.([A-Za-z0-9_-]+)\\.$/,\r\n});\r\n\r\n/** Checks if the input string matches the specified encrypted data pattern. */\r\nexport function matchPattern(data: string, format: 'general' | 'node' | 'web'): boolean {\r\n if (typeof data !== 'string') return false;\r\n if (!(format in ENCRYPTED_REGEX)) throw new Error(`Unknown format: ${format}`);\r\n return ENCRYPTED_REGEX[format].test(data);\r\n}\r\n","import { $isObj } from './validate';\r\n\r\nexport interface ResultErr {\r\n readonly message: string;\r\n readonly description: string;\r\n}\r\n\r\nexport type Result<T, E = ResultErr> = T extends object\r\n ?\r\n | ({ readonly [K in keyof T]: T[K] } & { readonly success: true; readonly error?: undefined })\r\n | ({ readonly [K in keyof T]?: undefined } & { readonly success: false; readonly error: E })\r\n :\r\n | { readonly success: true; readonly result: T; readonly error?: undefined }\r\n | { readonly success: false; readonly error: E; readonly result?: undefined };\r\n\r\nexport function $ok<T>(result?: T): Result<T> {\r\n if ($isObj(result)) return { success: true, ...(result as T & object) } as Result<T>;\r\n return { success: true, result } as Result<T>;\r\n}\r\n\r\nexport function $err(err: { msg: string; desc: string }): Result<never, ResultErr>;\r\nexport function $err(err: ResultErr): Result<never, ResultErr>;\r\nexport function $err(err: { msg: string; desc: string } | ResultErr): Result<never, ResultErr> {\r\n return {\r\n success: false,\r\n error: {\r\n message: 'msg' in err ? err.msg : err.message,\r\n description: 'desc' in err ? err.desc : err.description,\r\n },\r\n } as Result<never, ResultErr>;\r\n}\r\n\r\nexport function $fmtError(error: unknown): string {\r\n if (error instanceof Error) return error.message;\r\n if (typeof error === 'string') return error;\r\n return String(error);\r\n}\r\n\r\nexport function $fmtResultErr(err: ResultErr): string {\r\n return `${err.message} - ${err.description}`;\r\n}\r\n","import { $err, $fmtError, $fmtResultErr, $ok, type Result } from './error';\r\nimport { $isObj, $isStr } from './validate';\r\n\r\nexport function $stringifyObj<T extends object = Record<string, unknown>>(obj: T): Result<string> {\r\n try {\r\n if (!$isObj(obj)) return $err({ msg: 'Invalid object', desc: 'Input is not a plain object' });\r\n return $ok(JSON.stringify(obj));\r\n } catch (error) {\r\n return $err({ msg: 'Utility: Stringify error', desc: $fmtError(error) });\r\n }\r\n}\r\n\r\n/**\r\n * Stringify an object.\r\n *\r\n * @param obj - The object to stringify.\r\n * @returns An JSON string.\r\n * @throws {Error} If the object cannot be stringified.\r\n */\r\nexport function stringifyObj<T extends object = Record<string, unknown>>(obj: T): string {\r\n const { result, error } = $stringifyObj(obj);\r\n if (error) throw new Error($fmtResultErr(error));\r\n return result;\r\n}\r\n\r\n/**\r\n * Stringify an object.\r\n *\r\n * @param obj - The object to stringify.\r\n * @returns A Result containing the JSON string or an error.\r\n */\r\nexport function tryStringifyObj<T extends object = Record<string, unknown>>(obj: T): Result<string> {\r\n return $stringifyObj(obj);\r\n}\r\n\r\nexport function $parseToObj<T extends object = Record<string, unknown>>(str: string): Result<{ result: T }> {\r\n try {\r\n if (!$isStr(str)) return $err({ msg: 'Utility: Invalid input', desc: 'Input is not a valid string' });\r\n const obj = JSON.parse(str);\r\n\r\n if (!$isObj(obj)) return $err({ msg: 'Utility: Invalid object format', desc: 'Parsed data is not a plain object' });\r\n return $ok({ result: obj as T });\r\n } catch (error) {\r\n return $err({ msg: 'Utility: Invalid format', desc: $fmtError(error) });\r\n }\r\n}\r\n\r\n/**\r\n * Parse a string to an object.\r\n *\r\n * @param str - The JSON string to parse.\r\n * @returns A Result containing the parsed object or an error.\r\n */\r\nexport function tryParseToObj<T extends object = Record<string, unknown>>(str: string): Result<{ result: T }> {\r\n return $parseToObj<T>(str);\r\n}\r\n\r\n/**\r\n * Parse a string to an object.\r\n *\r\n * @param str - The JSON string to parse.\r\n * @returns A parsed object.\r\n * @throws {Error} If the string cannot be parsed or is not a valid object.\r\n */\r\nexport function parseToObj<T extends object = Record<string, unknown>>(str: string): T {\r\n const { result, error } = $parseToObj<T>(str);\r\n if (error) throw new Error($fmtResultErr(error));\r\n return result;\r\n}\r\n"]}
|
|
@@ -1,10 +1,10 @@
|
|
|
1
|
-
import { __export, $fmtResultErr, $ok, $err, $fmtError, $isStr, ENCRYPTION_ALGORITHMS, DIGEST_ALGORITHMS, isSecretKey, matchPattern, $stringifyObj, $parseToObj
|
|
1
|
+
import { __export, $fmtResultErr, $ok, $err, $fmtError, $isStr, ENCRYPTION_ALGORITHMS, DIGEST_ALGORITHMS, ENCODINGS, isSecretKey, matchPattern, $stringifyObj, $parseToObj } from './chunk-LOJKJJX5.js';
|
|
2
2
|
|
|
3
3
|
// src/web/kit.ts
|
|
4
4
|
var kit_exports = {};
|
|
5
5
|
__export(kit_exports, {
|
|
6
6
|
convertBytesToStr: () => convertBytesToStr,
|
|
7
|
-
|
|
7
|
+
convertEncoding: () => convertEncoding,
|
|
8
8
|
convertStrToBytes: () => convertStrToBytes,
|
|
9
9
|
createSecretKey: () => createSecretKey,
|
|
10
10
|
decrypt: () => decrypt,
|
|
@@ -15,7 +15,7 @@ __export(kit_exports, {
|
|
|
15
15
|
hash: () => hash,
|
|
16
16
|
hashPassword: () => hashPassword,
|
|
17
17
|
tryConvertBytesToStr: () => tryConvertBytesToStr,
|
|
18
|
-
|
|
18
|
+
tryConvertEncoding: () => tryConvertEncoding,
|
|
19
19
|
tryConvertStrToBytes: () => tryConvertStrToBytes,
|
|
20
20
|
tryCreateSecretKey: () => tryCreateSecretKey,
|
|
21
21
|
tryDecrypt: () => tryDecrypt,
|
|
@@ -31,57 +31,57 @@ __export(kit_exports, {
|
|
|
31
31
|
// src/web/web-encode.ts
|
|
32
32
|
var textEncoder = new TextEncoder();
|
|
33
33
|
var textDecoder = new TextDecoder();
|
|
34
|
-
function $convertStrToBytes(data,
|
|
34
|
+
function $convertStrToBytes(data, inputEncoding = "utf8") {
|
|
35
35
|
if (!$isStr(data)) {
|
|
36
36
|
return $err({
|
|
37
37
|
msg: "Crypto Web API - String to Bytes: Empty data",
|
|
38
38
|
desc: "Data must be a non-empty string"
|
|
39
39
|
});
|
|
40
40
|
}
|
|
41
|
-
if (!
|
|
41
|
+
if (!ENCODINGS.includes(inputEncoding)) {
|
|
42
42
|
return $err({
|
|
43
|
-
msg: `Crypto Web API - String to Bytes: Unsupported
|
|
43
|
+
msg: `Crypto Web API - String to Bytes: Unsupported encoding: ${inputEncoding}`,
|
|
44
44
|
desc: "Use base64, base64url, hex, utf8, or latin1"
|
|
45
45
|
});
|
|
46
46
|
}
|
|
47
47
|
try {
|
|
48
|
-
const bytes = strToBytes[
|
|
48
|
+
const bytes = strToBytes[inputEncoding](data);
|
|
49
49
|
return $ok({ result: bytes });
|
|
50
50
|
} catch (error) {
|
|
51
51
|
return $err({ msg: "Crypto Web API - String to Bytes: Failed to convert data", desc: $fmtError(error) });
|
|
52
52
|
}
|
|
53
53
|
}
|
|
54
|
-
function $convertBytesToStr(data,
|
|
54
|
+
function $convertBytesToStr(data, outputEncoding = "utf8") {
|
|
55
55
|
if (!(data instanceof ArrayBuffer || data instanceof Uint8Array)) {
|
|
56
56
|
return $err({
|
|
57
57
|
msg: "Crypto Web API - Bytes to String: Invalid data type",
|
|
58
58
|
desc: "Data must be an ArrayBuffer or Uint8Array"
|
|
59
59
|
});
|
|
60
60
|
}
|
|
61
|
-
if (!
|
|
61
|
+
if (!ENCODINGS.includes(outputEncoding)) {
|
|
62
62
|
return $err({
|
|
63
|
-
msg: `Crypto Web API - Bytes to String: Unsupported
|
|
63
|
+
msg: `Crypto Web API - Bytes to String: Unsupported encoding: ${outputEncoding}`,
|
|
64
64
|
desc: "Use base64, base64url, hex, utf8, or latin1"
|
|
65
65
|
});
|
|
66
66
|
}
|
|
67
67
|
try {
|
|
68
68
|
const bytes = data instanceof Uint8Array ? data : new Uint8Array(data);
|
|
69
|
-
const str = bytesToStr[
|
|
69
|
+
const str = bytesToStr[outputEncoding](bytes);
|
|
70
70
|
return $ok(str);
|
|
71
71
|
} catch (error) {
|
|
72
72
|
return $err({ msg: "Crypto Web API - Bytes to String: Failed to convert data", desc: $fmtError(error) });
|
|
73
73
|
}
|
|
74
74
|
}
|
|
75
|
-
function $
|
|
75
|
+
function $convertEncoding(data, from, to) {
|
|
76
76
|
if (!$isStr(data)) {
|
|
77
77
|
return $err({
|
|
78
78
|
msg: "Crypto Web API - Convert Format: Empty data",
|
|
79
79
|
desc: "Data must be a non-empty string"
|
|
80
80
|
});
|
|
81
81
|
}
|
|
82
|
-
if (!
|
|
82
|
+
if (!ENCODINGS.includes(from) || !ENCODINGS.includes(to)) {
|
|
83
83
|
return $err({
|
|
84
|
-
msg: `Crypto Web API - Convert Format: Unsupported
|
|
84
|
+
msg: `Crypto Web API - Convert Format: Unsupported encoding: from ${from} to ${to}`,
|
|
85
85
|
desc: "Use base64, base64url, hex, utf8, or latin1"
|
|
86
86
|
});
|
|
87
87
|
}
|
|
@@ -224,30 +224,34 @@ async function $createSecretKey(secret, options = {}) {
|
|
|
224
224
|
});
|
|
225
225
|
}
|
|
226
226
|
}
|
|
227
|
-
async function $encrypt(data, secretKey) {
|
|
227
|
+
async function $encrypt(data, secretKey, options = {}) {
|
|
228
228
|
if (!$isStr(data)) {
|
|
229
229
|
return $err({
|
|
230
230
|
msg: "Crypto Web API - Encryption: Empty data for encryption",
|
|
231
231
|
desc: "Data must be a non-empty string"
|
|
232
232
|
});
|
|
233
233
|
}
|
|
234
|
+
const inputEncoding = options.inputEncoding ?? "utf8";
|
|
235
|
+
const outputEncoding = options.outputEncoding ?? "base64url";
|
|
236
|
+
if (!ENCODINGS.includes(inputEncoding) || !ENCODINGS.includes(outputEncoding)) {
|
|
237
|
+
return $err({
|
|
238
|
+
msg: `Crypto Web API - Encryption: Unsupported encoding: input ${inputEncoding} or output ${outputEncoding}`,
|
|
239
|
+
desc: "Use base64, base64url, hex, utf8, or latin1"
|
|
240
|
+
});
|
|
241
|
+
}
|
|
234
242
|
if (!isSecretKey(secretKey, "web")) {
|
|
235
243
|
return $err({
|
|
236
244
|
msg: "Crypto Web API - Encryption: Invalid Secret Key",
|
|
237
245
|
desc: "Expected a Web SecretKey"
|
|
238
246
|
});
|
|
239
247
|
}
|
|
240
|
-
const
|
|
241
|
-
if (
|
|
248
|
+
const { result, error } = $convertStrToBytes(data, inputEncoding);
|
|
249
|
+
if (error) return $err(error);
|
|
242
250
|
try {
|
|
243
251
|
const iv = crypto.getRandomValues(new Uint8Array(secretKey.algo.ivLength));
|
|
244
|
-
const cipherWithTag = await crypto.subtle.encrypt(
|
|
245
|
-
|
|
246
|
-
|
|
247
|
-
bytes.result
|
|
248
|
-
);
|
|
249
|
-
const ivStr = $convertBytesToStr(iv, "base64url");
|
|
250
|
-
const cipherStr = $convertBytesToStr(cipherWithTag, "base64url");
|
|
252
|
+
const cipherWithTag = await crypto.subtle.encrypt({ name: secretKey.algo.web, iv }, secretKey.key, result);
|
|
253
|
+
const ivStr = $convertBytesToStr(iv, outputEncoding);
|
|
254
|
+
const cipherStr = $convertBytesToStr(cipherWithTag, outputEncoding);
|
|
251
255
|
if (ivStr.error || cipherStr.error) {
|
|
252
256
|
return $err({
|
|
253
257
|
msg: "Crypto Web API - Encryption: Failed to convert IV or encrypted data",
|
|
@@ -255,17 +259,25 @@ async function $encrypt(data, secretKey) {
|
|
|
255
259
|
});
|
|
256
260
|
}
|
|
257
261
|
return $ok(`${ivStr.result}.${cipherStr.result}.`);
|
|
258
|
-
} catch (
|
|
259
|
-
return $err({ msg: "Crypto Web API - Encryption: Failed to encrypt data", desc: $fmtError(
|
|
262
|
+
} catch (error2) {
|
|
263
|
+
return $err({ msg: "Crypto Web API - Encryption: Failed to encrypt data", desc: $fmtError(error2) });
|
|
260
264
|
}
|
|
261
265
|
}
|
|
262
|
-
async function $decrypt(encrypted, secretKey) {
|
|
266
|
+
async function $decrypt(encrypted, secretKey, options = {}) {
|
|
263
267
|
if (matchPattern(encrypted, "web") === false) {
|
|
264
268
|
return $err({
|
|
265
269
|
msg: "Crypto Web API - Decryption: Invalid encrypted data format",
|
|
266
270
|
desc: 'Encrypted data must be in the format "iv.cipherWithTag."'
|
|
267
271
|
});
|
|
268
272
|
}
|
|
273
|
+
const inputEncoding = options.inputEncoding ?? "base64url";
|
|
274
|
+
const outputEncoding = options.outputEncoding ?? "utf8";
|
|
275
|
+
if (!ENCODINGS.includes(inputEncoding) || !ENCODINGS.includes(outputEncoding)) {
|
|
276
|
+
return $err({
|
|
277
|
+
msg: `Crypto Web API - Decryption: Unsupported encoding: input ${inputEncoding} or output ${outputEncoding}`,
|
|
278
|
+
desc: "Use base64, base64url, hex, utf8, or latin1"
|
|
279
|
+
});
|
|
280
|
+
}
|
|
269
281
|
const [iv, encryptedWithTag] = encrypted.split(".", 3);
|
|
270
282
|
if (!$isStr(iv) || !$isStr(encryptedWithTag)) {
|
|
271
283
|
return $err({
|
|
@@ -279,8 +291,8 @@ async function $decrypt(encrypted, secretKey) {
|
|
|
279
291
|
desc: "Expected a Web SecretKey"
|
|
280
292
|
});
|
|
281
293
|
}
|
|
282
|
-
const ivBytes = $convertStrToBytes(iv,
|
|
283
|
-
const cipherWithTagBytes = $convertStrToBytes(encryptedWithTag,
|
|
294
|
+
const ivBytes = $convertStrToBytes(iv, inputEncoding);
|
|
295
|
+
const cipherWithTagBytes = $convertStrToBytes(encryptedWithTag, inputEncoding);
|
|
284
296
|
if (ivBytes.error || cipherWithTagBytes.error) {
|
|
285
297
|
return $err({
|
|
286
298
|
msg: "Crypto Web API - Decryption: Failed to convert IV or encrypted data",
|
|
@@ -298,38 +310,90 @@ async function $decrypt(encrypted, secretKey) {
|
|
|
298
310
|
return $err({ msg: "Crypto Web API - Decryption: Failed to decrypt data", desc: $fmtError(error) });
|
|
299
311
|
}
|
|
300
312
|
}
|
|
301
|
-
async function $encryptObj(data, secretKey) {
|
|
313
|
+
async function $encryptObj(data, secretKey, options = {}) {
|
|
302
314
|
const { result, error } = $stringifyObj(data);
|
|
303
315
|
if (error) return $err(error);
|
|
304
|
-
return await $encrypt(result, secretKey);
|
|
316
|
+
return await $encrypt(result, secretKey, options);
|
|
305
317
|
}
|
|
306
|
-
async function $decryptObj(encrypted, secretKey) {
|
|
307
|
-
const { result, error } = await $decrypt(encrypted, secretKey);
|
|
318
|
+
async function $decryptObj(encrypted, secretKey, options = {}) {
|
|
319
|
+
const { result, error } = await $decrypt(encrypted, secretKey, options);
|
|
308
320
|
if (error) return $err(error);
|
|
309
321
|
return $parseToObj(result);
|
|
310
322
|
}
|
|
311
|
-
async function $hash(data) {
|
|
312
|
-
if (!$isStr(data
|
|
323
|
+
async function $hash(data, options = {}) {
|
|
324
|
+
if (!$isStr(data)) {
|
|
313
325
|
return $err({ msg: "Crypto Web API - Hashing: Empty data for hashing", desc: "Data must be a non-empty string" });
|
|
314
326
|
}
|
|
315
|
-
const
|
|
316
|
-
|
|
327
|
+
const inputEncoding = options.inputEncoding ?? "utf8";
|
|
328
|
+
const outputEncoding = options.outputEncoding ?? "base64url";
|
|
329
|
+
if (!ENCODINGS.includes(inputEncoding) || !ENCODINGS.includes(outputEncoding)) {
|
|
330
|
+
return $err({
|
|
331
|
+
msg: `Crypto Web API - Hashing: Unsupported input encoding: ${inputEncoding} or output encoding: ${outputEncoding}`,
|
|
332
|
+
desc: "Use base64, base64url, hex, utf8, or latin1"
|
|
333
|
+
});
|
|
334
|
+
}
|
|
335
|
+
const digest = options.digest ?? "sha256";
|
|
336
|
+
if (!(digest in DIGEST_ALGORITHMS)) {
|
|
337
|
+
return $err({
|
|
338
|
+
msg: `Crypto Web API - Hashing: Unsupported digest: ${digest}`,
|
|
339
|
+
desc: `Supported digests are: ${Object.keys(DIGEST_ALGORITHMS).join(", ")}`
|
|
340
|
+
});
|
|
341
|
+
}
|
|
342
|
+
const digestAlgo = DIGEST_ALGORITHMS[digest];
|
|
343
|
+
const { result, error } = $convertStrToBytes(data, inputEncoding);
|
|
344
|
+
if (error) return $err(error);
|
|
317
345
|
try {
|
|
318
|
-
const hashed = await crypto.subtle.digest(
|
|
319
|
-
return $convertBytesToStr(hashed,
|
|
320
|
-
} catch (
|
|
321
|
-
return $err({ msg: "Crypto Web API - Hashing: Failed to hash data", desc: $fmtError(
|
|
346
|
+
const hashed = await crypto.subtle.digest(digestAlgo.web, result);
|
|
347
|
+
return $convertBytesToStr(hashed, outputEncoding);
|
|
348
|
+
} catch (error2) {
|
|
349
|
+
return $err({ msg: "Crypto Web API - Hashing: Failed to hash data", desc: $fmtError(error2) });
|
|
322
350
|
}
|
|
323
351
|
}
|
|
324
|
-
async function $hashPassword(password) {
|
|
352
|
+
async function $hashPassword(password, options = {}) {
|
|
325
353
|
if (!$isStr(password)) {
|
|
326
354
|
return $err({
|
|
327
355
|
msg: "Crypto Web API - Password Hashing: Empty password",
|
|
328
356
|
desc: "Password must be a non-empty string"
|
|
329
357
|
});
|
|
330
358
|
}
|
|
359
|
+
const digest = options.digest ?? "sha512";
|
|
360
|
+
if (!(digest in DIGEST_ALGORITHMS)) {
|
|
361
|
+
return $err({
|
|
362
|
+
msg: `Crypto Web API - Password Hashing: Unsupported digest: ${digest}`,
|
|
363
|
+
desc: `Supported digests are: ${Object.keys(DIGEST_ALGORITHMS).join(", ")}`
|
|
364
|
+
});
|
|
365
|
+
}
|
|
366
|
+
const digestAlgo = DIGEST_ALGORITHMS[digest];
|
|
367
|
+
const outputEncoding = options.outputEncoding ?? "base64url";
|
|
368
|
+
if (!ENCODINGS.includes(outputEncoding)) {
|
|
369
|
+
return $err({
|
|
370
|
+
msg: `Crypto Web API - Password Hashing: Unsupported output encoding: ${outputEncoding}`,
|
|
371
|
+
desc: "Use base64, base64url, hex, utf8, or latin1"
|
|
372
|
+
});
|
|
373
|
+
}
|
|
374
|
+
const saltLength = options.saltLength ?? 16;
|
|
375
|
+
if (typeof saltLength !== "number" || saltLength < 8) {
|
|
376
|
+
return $err({
|
|
377
|
+
msg: "Crypto Web API - Password Hashing: Weak salt length",
|
|
378
|
+
desc: "Salt length must be a number and at least 8 bytes (recommended 16)"
|
|
379
|
+
});
|
|
380
|
+
}
|
|
381
|
+
const iterations = options.iterations ?? 32e4;
|
|
382
|
+
if (typeof iterations !== "number" || iterations < 1e3) {
|
|
383
|
+
return $err({
|
|
384
|
+
msg: "Crypto Web API - Password Hashing: Weak iteration count",
|
|
385
|
+
desc: "Iterations must be a number and at least 1000 (recommended 320,000 or more)"
|
|
386
|
+
});
|
|
387
|
+
}
|
|
388
|
+
const keyLength = options.keyLength ?? 64;
|
|
389
|
+
if (typeof keyLength !== "number" || keyLength < 16) {
|
|
390
|
+
return $err({
|
|
391
|
+
msg: "Crypto Web API - Password Hashing: Weak key length",
|
|
392
|
+
desc: "Key length must be a number and at least 16 bytes (recommended 64)"
|
|
393
|
+
});
|
|
394
|
+
}
|
|
331
395
|
try {
|
|
332
|
-
const salt = crypto.getRandomValues(new Uint8Array(
|
|
396
|
+
const salt = crypto.getRandomValues(new Uint8Array(saltLength));
|
|
333
397
|
const baseKey = await crypto.subtle.importKey(
|
|
334
398
|
"raw",
|
|
335
399
|
textEncoder.encode(password.normalize("NFKC")),
|
|
@@ -338,25 +402,34 @@ async function $hashPassword(password) {
|
|
|
338
402
|
["deriveBits"]
|
|
339
403
|
);
|
|
340
404
|
const bits = await crypto.subtle.deriveBits(
|
|
341
|
-
{ name: "PBKDF2", salt, iterations
|
|
405
|
+
{ name: "PBKDF2", salt, iterations, hash: digestAlgo.web },
|
|
342
406
|
baseKey,
|
|
343
|
-
|
|
407
|
+
keyLength * 8
|
|
344
408
|
);
|
|
345
|
-
const saltStr = $convertBytesToStr(salt,
|
|
409
|
+
const saltStr = $convertBytesToStr(salt, outputEncoding);
|
|
346
410
|
if (saltStr.error) return $err(saltStr.error);
|
|
347
|
-
const hashedPasswordStr = $convertBytesToStr(bits,
|
|
411
|
+
const hashedPasswordStr = $convertBytesToStr(bits, outputEncoding);
|
|
348
412
|
if (hashedPasswordStr.error) return $err(hashedPasswordStr.error);
|
|
349
413
|
return $ok({ hash: hashedPasswordStr.result, salt: saltStr.result });
|
|
350
414
|
} catch (error) {
|
|
351
415
|
return $err({ msg: "Crypto Web API - Password Hashing: Failed to hash password", desc: $fmtError(error) });
|
|
352
416
|
}
|
|
353
417
|
}
|
|
354
|
-
async function $verifyPassword(password, hashedPassword, salt) {
|
|
418
|
+
async function $verifyPassword(password, hashedPassword, salt, options = {}) {
|
|
355
419
|
if (!$isStr(password) || !$isStr(hashedPassword) || !$isStr(salt)) return false;
|
|
420
|
+
const digest = options.digest ?? "sha512";
|
|
421
|
+
if (!(digest in DIGEST_ALGORITHMS)) return false;
|
|
422
|
+
const digestAlgo = DIGEST_ALGORITHMS[digest];
|
|
423
|
+
const inputEncoding = options.inputEncoding ?? "base64url";
|
|
424
|
+
if (!ENCODINGS.includes(inputEncoding)) return false;
|
|
425
|
+
const iterations = options.iterations ?? 32e4;
|
|
426
|
+
if (typeof iterations !== "number" || iterations < 1e3) return false;
|
|
427
|
+
const keyLength = options.keyLength ?? 64;
|
|
428
|
+
if (typeof keyLength !== "number" || keyLength < 16) return false;
|
|
356
429
|
const saltBytes = $convertStrToBytes(salt, "base64url");
|
|
357
430
|
if (saltBytes.error) return false;
|
|
358
|
-
const
|
|
359
|
-
if (
|
|
431
|
+
const hashedPasswordBytes = $convertStrToBytes(hashedPassword, "base64url");
|
|
432
|
+
if (hashedPasswordBytes.error) return false;
|
|
360
433
|
try {
|
|
361
434
|
const baseKey = await crypto.subtle.importKey(
|
|
362
435
|
"raw",
|
|
@@ -370,17 +443,17 @@ async function $verifyPassword(password, hashedPassword, salt) {
|
|
|
370
443
|
{
|
|
371
444
|
name: "PBKDF2",
|
|
372
445
|
salt: saltBytes.result,
|
|
373
|
-
iterations
|
|
374
|
-
hash:
|
|
446
|
+
iterations,
|
|
447
|
+
hash: digestAlgo.web
|
|
375
448
|
},
|
|
376
449
|
baseKey,
|
|
377
|
-
|
|
450
|
+
keyLength * 8
|
|
378
451
|
)
|
|
379
452
|
);
|
|
380
|
-
if (bits.length !== hashedPasswordBytes.length) return false;
|
|
453
|
+
if (bits.length !== hashedPasswordBytes.result.length) return false;
|
|
381
454
|
let isMatch = true;
|
|
382
455
|
for (let i = 0; i < bits.length; i++) {
|
|
383
|
-
if (bits[i] !== hashedPasswordBytes[i]) isMatch = false;
|
|
456
|
+
if (bits[i] !== hashedPasswordBytes.result[i]) isMatch = false;
|
|
384
457
|
}
|
|
385
458
|
return isMatch;
|
|
386
459
|
} catch {
|
|
@@ -405,82 +478,82 @@ async function createSecretKey(secret, options = {}) {
|
|
|
405
478
|
if (error) throw new Error($fmtResultErr(error));
|
|
406
479
|
return result;
|
|
407
480
|
}
|
|
408
|
-
async function tryEncrypt(data, secretKey) {
|
|
409
|
-
return await $encrypt(data, secretKey);
|
|
481
|
+
async function tryEncrypt(data, secretKey, options = {}) {
|
|
482
|
+
return await $encrypt(data, secretKey, options);
|
|
410
483
|
}
|
|
411
|
-
async function encrypt(data, secretKey) {
|
|
484
|
+
async function encrypt(data, secretKey, options = {}) {
|
|
412
485
|
const { result, error } = await $encrypt(data, secretKey);
|
|
413
486
|
if (error) throw new Error($fmtResultErr(error));
|
|
414
487
|
return result;
|
|
415
488
|
}
|
|
416
|
-
async function tryDecrypt(encrypted, secretKey) {
|
|
417
|
-
return await $decrypt(encrypted, secretKey);
|
|
489
|
+
async function tryDecrypt(encrypted, secretKey, options = {}) {
|
|
490
|
+
return await $decrypt(encrypted, secretKey, options);
|
|
418
491
|
}
|
|
419
|
-
async function decrypt(encrypted, secretKey) {
|
|
420
|
-
const { result, error } = await $decrypt(encrypted, secretKey);
|
|
492
|
+
async function decrypt(encrypted, secretKey, options = {}) {
|
|
493
|
+
const { result, error } = await $decrypt(encrypted, secretKey, options);
|
|
421
494
|
if (error) throw new Error($fmtResultErr(error));
|
|
422
495
|
return result;
|
|
423
496
|
}
|
|
424
|
-
async function tryEncryptObj(data, secretKey) {
|
|
425
|
-
return await $encryptObj(data, secretKey);
|
|
497
|
+
async function tryEncryptObj(data, secretKey, options = {}) {
|
|
498
|
+
return await $encryptObj(data, secretKey, options);
|
|
426
499
|
}
|
|
427
|
-
async function encryptObj(data, secretKey) {
|
|
428
|
-
const { result, error } = await $encryptObj(data, secretKey);
|
|
500
|
+
async function encryptObj(data, secretKey, options = {}) {
|
|
501
|
+
const { result, error } = await $encryptObj(data, secretKey, options);
|
|
429
502
|
if (error) throw new Error($fmtResultErr(error));
|
|
430
503
|
return result;
|
|
431
504
|
}
|
|
432
|
-
async function tryDecryptObj(encrypted, secretKey) {
|
|
433
|
-
return await $decryptObj(encrypted, secretKey);
|
|
505
|
+
async function tryDecryptObj(encrypted, secretKey, options = {}) {
|
|
506
|
+
return await $decryptObj(encrypted, secretKey, options);
|
|
434
507
|
}
|
|
435
|
-
async function decryptObj(encrypted, secretKey) {
|
|
436
|
-
const { result, error } = await $decryptObj(encrypted, secretKey);
|
|
508
|
+
async function decryptObj(encrypted, secretKey, options = {}) {
|
|
509
|
+
const { result, error } = await $decryptObj(encrypted, secretKey, options);
|
|
437
510
|
if (error) throw new Error($fmtResultErr(error));
|
|
438
|
-
return
|
|
511
|
+
return result;
|
|
439
512
|
}
|
|
440
|
-
async function tryHash(data) {
|
|
441
|
-
return await $hash(data);
|
|
513
|
+
async function tryHash(data, options = {}) {
|
|
514
|
+
return await $hash(data, options);
|
|
442
515
|
}
|
|
443
|
-
async function hash(data) {
|
|
444
|
-
const { result, error } = await $hash(data);
|
|
516
|
+
async function hash(data, options = {}) {
|
|
517
|
+
const { result, error } = await $hash(data, options);
|
|
445
518
|
if (error) throw new Error($fmtResultErr(error));
|
|
446
519
|
return result;
|
|
447
520
|
}
|
|
448
|
-
async function tryHashPassword(password) {
|
|
449
|
-
return await $hashPassword(password);
|
|
521
|
+
async function tryHashPassword(password, options = {}) {
|
|
522
|
+
return await $hashPassword(password, options);
|
|
450
523
|
}
|
|
451
|
-
async function hashPassword(password) {
|
|
452
|
-
const { hash: hash2, salt, error } = await $hashPassword(password);
|
|
524
|
+
async function hashPassword(password, options = {}) {
|
|
525
|
+
const { hash: hash2, salt, error } = await $hashPassword(password, options);
|
|
453
526
|
if (error) throw new Error($fmtResultErr(error));
|
|
454
527
|
return { hash: hash2, salt };
|
|
455
528
|
}
|
|
456
|
-
async function verifyPassword(password, hashedPassword, salt) {
|
|
457
|
-
return await $verifyPassword(password, hashedPassword, salt);
|
|
529
|
+
async function verifyPassword(password, hashedPassword, salt, options = {}) {
|
|
530
|
+
return await $verifyPassword(password, hashedPassword, salt, options);
|
|
458
531
|
}
|
|
459
|
-
function tryConvertStrToBytes(data,
|
|
460
|
-
return $convertStrToBytes(data,
|
|
532
|
+
function tryConvertStrToBytes(data, inputEncoding = "utf8") {
|
|
533
|
+
return $convertStrToBytes(data, inputEncoding);
|
|
461
534
|
}
|
|
462
|
-
function convertStrToBytes(data,
|
|
463
|
-
const { result, error } = $convertStrToBytes(data,
|
|
535
|
+
function convertStrToBytes(data, inputEncoding = "utf8") {
|
|
536
|
+
const { result, error } = $convertStrToBytes(data, inputEncoding);
|
|
464
537
|
if (error) throw new Error($fmtResultErr(error));
|
|
465
538
|
return result;
|
|
466
539
|
}
|
|
467
|
-
function tryConvertBytesToStr(data,
|
|
468
|
-
return $convertBytesToStr(data,
|
|
540
|
+
function tryConvertBytesToStr(data, outputEncoding = "utf8") {
|
|
541
|
+
return $convertBytesToStr(data, outputEncoding);
|
|
469
542
|
}
|
|
470
|
-
function convertBytesToStr(data,
|
|
471
|
-
const { result, error } = $convertBytesToStr(data,
|
|
543
|
+
function convertBytesToStr(data, outputEncoding = "utf8") {
|
|
544
|
+
const { result, error } = $convertBytesToStr(data, outputEncoding);
|
|
472
545
|
if (error) throw new Error($fmtResultErr(error));
|
|
473
546
|
return result;
|
|
474
547
|
}
|
|
475
|
-
function
|
|
476
|
-
return $
|
|
548
|
+
function tryConvertEncoding(data, from, to) {
|
|
549
|
+
return $convertEncoding(data, from, to);
|
|
477
550
|
}
|
|
478
|
-
function
|
|
479
|
-
const { result, error } = $
|
|
551
|
+
function convertEncoding(data, from, to) {
|
|
552
|
+
const { result, error } = $convertEncoding(data, from, to);
|
|
480
553
|
if (error) throw new Error($fmtResultErr(error));
|
|
481
554
|
return result;
|
|
482
555
|
}
|
|
483
556
|
|
|
484
|
-
export { convertBytesToStr,
|
|
485
|
-
//# sourceMappingURL=chunk-
|
|
486
|
-
//# sourceMappingURL=chunk-
|
|
557
|
+
export { convertBytesToStr, convertEncoding, convertStrToBytes, createSecretKey, decrypt, decryptObj, encrypt, encryptObj, generateUuid, hash, hashPassword, kit_exports, tryConvertBytesToStr, tryConvertEncoding, tryConvertStrToBytes, tryCreateSecretKey, tryDecrypt, tryDecryptObj, tryEncrypt, tryEncryptObj, tryGenerateUuid, tryHash, tryHashPassword, verifyPassword };
|
|
558
|
+
//# sourceMappingURL=chunk-SUGN4VDZ.js.map
|
|
559
|
+
//# sourceMappingURL=chunk-SUGN4VDZ.js.map
|