cipher-kit 2.1.0 → 2.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/dist/{chunk-HMTHK2IY.cjs → chunk-56PVVFVM.cjs} +145 -145
- package/dist/chunk-56PVVFVM.cjs.map +1 -0
- package/dist/{chunk-RUTGDMVR.js → chunk-6C4NIWQ4.js} +9 -8
- package/dist/chunk-6C4NIWQ4.js.map +1 -0
- package/dist/{chunk-CRTOKS3Q.js → chunk-FSEA3UXJ.js} +7 -7
- package/dist/chunk-FSEA3UXJ.js.map +1 -0
- package/dist/{chunk-UVEMRK5F.cjs → chunk-LTVOIZP5.cjs} +150 -150
- package/dist/chunk-LTVOIZP5.cjs.map +1 -0
- package/dist/{chunk-RAEBT46G.js → chunk-PWTFVMW6.js} +7 -7
- package/dist/chunk-PWTFVMW6.js.map +1 -0
- package/dist/{chunk-BHG5RSUV.cjs → chunk-X4CS7UXE.cjs} +9 -8
- package/dist/chunk-X4CS7UXE.cjs.map +1 -0
- package/dist/{export-w8sBcKXw.d.ts → export-C4DbO5zM.d.ts} +7 -7
- package/dist/{export-DVERZibl.d.cts → export-CpZ7s25O.d.cts} +7 -7
- package/dist/{export-5hmOiU0J.d.cts → export-DO9n7Np-.d.cts} +7 -7
- package/dist/{export-BF9wW56f.d.ts → export-DUgIcobC.d.ts} +7 -7
- package/dist/index.cjs +11 -11
- package/dist/index.d.cts +3 -3
- package/dist/index.d.ts +3 -3
- package/dist/index.js +3 -3
- package/dist/node.cjs +32 -32
- package/dist/node.d.cts +2 -2
- package/dist/node.d.ts +2 -2
- package/dist/node.js +2 -2
- package/dist/{validate-B3uHoP8n.d.cts → validate-cJEdGlj1.d.cts} +34 -35
- package/dist/{validate-B3uHoP8n.d.ts → validate-cJEdGlj1.d.ts} +34 -35
- package/dist/web-api.cjs +32 -32
- package/dist/web-api.d.cts +2 -2
- package/dist/web-api.d.ts +2 -2
- package/dist/web-api.js +2 -2
- package/package.json +1 -1
- package/dist/chunk-BHG5RSUV.cjs.map +0 -1
- package/dist/chunk-CRTOKS3Q.js.map +0 -1
- package/dist/chunk-HMTHK2IY.cjs.map +0 -1
- package/dist/chunk-RAEBT46G.js.map +0 -1
- package/dist/chunk-RUTGDMVR.js.map +0 -1
- package/dist/chunk-UVEMRK5F.cjs.map +0 -1
package/README.md
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
'use strict';
|
|
2
2
|
|
|
3
|
-
var
|
|
3
|
+
var chunkX4CS7UXE_cjs = require('./chunk-X4CS7UXE.cjs');
|
|
4
4
|
var buffer = require('buffer');
|
|
5
5
|
var nodeCrypto = require('crypto');
|
|
6
6
|
|
|
@@ -10,7 +10,7 @@ var nodeCrypto__default = /*#__PURE__*/_interopDefault(nodeCrypto);
|
|
|
10
10
|
|
|
11
11
|
// src/node/kit.ts
|
|
12
12
|
var kit_exports = {};
|
|
13
|
-
|
|
13
|
+
chunkX4CS7UXE_cjs.__export(kit_exports, {
|
|
14
14
|
convertBytesToStr: () => convertBytesToStr,
|
|
15
15
|
convertEncoding: () => convertEncoding,
|
|
16
16
|
convertStrToBytes: () => convertStrToBytes,
|
|
@@ -37,112 +37,112 @@ chunkBHG5RSUV_cjs.__export(kit_exports, {
|
|
|
37
37
|
verifyPassword: () => verifyPassword
|
|
38
38
|
});
|
|
39
39
|
function $convertStrToBytes(data, inputEncoding = "utf8") {
|
|
40
|
-
if (!
|
|
41
|
-
return
|
|
40
|
+
if (!chunkX4CS7UXE_cjs.$isStr(data)) {
|
|
41
|
+
return chunkX4CS7UXE_cjs.$err({
|
|
42
42
|
msg: "Crypto NodeJS API - String to Bytes: Empty data",
|
|
43
43
|
desc: "Data must be a non-empty string"
|
|
44
44
|
});
|
|
45
45
|
}
|
|
46
|
-
if (!
|
|
47
|
-
return
|
|
46
|
+
if (!chunkX4CS7UXE_cjs.ENCODING.includes(inputEncoding)) {
|
|
47
|
+
return chunkX4CS7UXE_cjs.$err({
|
|
48
48
|
msg: `Crypto NodeJS API - String to Bytes: Unsupported encoding: ${inputEncoding}`,
|
|
49
49
|
desc: "Use base64, base64url, hex, utf8, or latin1"
|
|
50
50
|
});
|
|
51
51
|
}
|
|
52
52
|
try {
|
|
53
|
-
return
|
|
53
|
+
return chunkX4CS7UXE_cjs.$ok({ result: buffer.Buffer.from(data, inputEncoding) });
|
|
54
54
|
} catch (error) {
|
|
55
|
-
return
|
|
55
|
+
return chunkX4CS7UXE_cjs.$err({ msg: "Crypto NodeJS API - String to Bytes: Failed to convert data", desc: chunkX4CS7UXE_cjs.$fmtError(error) });
|
|
56
56
|
}
|
|
57
57
|
}
|
|
58
58
|
function $convertBytesToStr(data, outputEncoding = "utf8") {
|
|
59
59
|
if (!(data instanceof buffer.Buffer)) {
|
|
60
|
-
return
|
|
60
|
+
return chunkX4CS7UXE_cjs.$err({
|
|
61
61
|
msg: "Crypto NodeJS API - Bytes to String: Invalid data type",
|
|
62
62
|
desc: "Data must be a Buffer"
|
|
63
63
|
});
|
|
64
64
|
}
|
|
65
|
-
if (!
|
|
66
|
-
return
|
|
65
|
+
if (!chunkX4CS7UXE_cjs.ENCODING.includes(outputEncoding)) {
|
|
66
|
+
return chunkX4CS7UXE_cjs.$err({
|
|
67
67
|
msg: `Crypto NodeJS API - Bytes to String: Unsupported encoding: ${outputEncoding}`,
|
|
68
68
|
desc: "Use base64, base64url, hex, utf8, or latin1"
|
|
69
69
|
});
|
|
70
70
|
}
|
|
71
71
|
try {
|
|
72
|
-
return
|
|
72
|
+
return chunkX4CS7UXE_cjs.$ok(buffer.Buffer.from(data).toString(outputEncoding));
|
|
73
73
|
} catch (error) {
|
|
74
|
-
return
|
|
74
|
+
return chunkX4CS7UXE_cjs.$err({ msg: "Crypto NodeJS API - Bytes to String: Failed to convert data", desc: chunkX4CS7UXE_cjs.$fmtError(error) });
|
|
75
75
|
}
|
|
76
76
|
}
|
|
77
77
|
function $convertEncoding(data, from, to) {
|
|
78
|
-
if (!
|
|
79
|
-
return
|
|
78
|
+
if (!chunkX4CS7UXE_cjs.$isStr(data)) {
|
|
79
|
+
return chunkX4CS7UXE_cjs.$err({
|
|
80
80
|
msg: "Crypto NodeJS API - Convert Format: Empty data",
|
|
81
81
|
desc: "Data must be a non-empty string"
|
|
82
82
|
});
|
|
83
83
|
}
|
|
84
|
-
if (!
|
|
85
|
-
return
|
|
84
|
+
if (!chunkX4CS7UXE_cjs.ENCODING.includes(from) || !chunkX4CS7UXE_cjs.ENCODING.includes(to)) {
|
|
85
|
+
return chunkX4CS7UXE_cjs.$err({
|
|
86
86
|
msg: `Crypto NodeJS API - Convert Format: Unsupported encoding: from ${from} to ${to}`,
|
|
87
87
|
desc: "Use base64, base64url, hex, utf8, or latin1"
|
|
88
88
|
});
|
|
89
89
|
}
|
|
90
90
|
const bytes = $convertStrToBytes(data, from);
|
|
91
|
-
if (bytes.error) return
|
|
91
|
+
if (bytes.error) return chunkX4CS7UXE_cjs.$err({ msg: bytes.error.message, desc: bytes.error.description });
|
|
92
92
|
const str = $convertBytesToStr(bytes.result, to);
|
|
93
|
-
if (str.error) return
|
|
94
|
-
return
|
|
93
|
+
if (str.error) return chunkX4CS7UXE_cjs.$err({ msg: str.error.message, desc: str.error.description });
|
|
94
|
+
return chunkX4CS7UXE_cjs.$ok({ result: str.result });
|
|
95
95
|
}
|
|
96
96
|
function $generateUuid() {
|
|
97
97
|
try {
|
|
98
|
-
return
|
|
98
|
+
return chunkX4CS7UXE_cjs.$ok(nodeCrypto__default.default.randomUUID());
|
|
99
99
|
} catch (error) {
|
|
100
|
-
return
|
|
100
|
+
return chunkX4CS7UXE_cjs.$err({ msg: `${chunkX4CS7UXE_cjs.title("node", "UUID Generation")}: Failed to generate UUID`, desc: chunkX4CS7UXE_cjs.$fmtError(error) });
|
|
101
101
|
}
|
|
102
102
|
}
|
|
103
103
|
function $createSecretKey(secret, options) {
|
|
104
|
-
if (!
|
|
105
|
-
return
|
|
106
|
-
msg: `${
|
|
104
|
+
if (!chunkX4CS7UXE_cjs.$isStr(secret, 8)) {
|
|
105
|
+
return chunkX4CS7UXE_cjs.$err({
|
|
106
|
+
msg: `${chunkX4CS7UXE_cjs.title("node", "Key Generation")}: Empty Secret`,
|
|
107
107
|
desc: "Secret must be a non-empty string with at least 8 characters"
|
|
108
108
|
});
|
|
109
109
|
}
|
|
110
|
-
if (!
|
|
111
|
-
return
|
|
112
|
-
msg: `${
|
|
110
|
+
if (!chunkX4CS7UXE_cjs.$isPlainObj(options)) {
|
|
111
|
+
return chunkX4CS7UXE_cjs.$err({
|
|
112
|
+
msg: `${chunkX4CS7UXE_cjs.title("node", "Key Generation")}: Invalid options`,
|
|
113
113
|
desc: "Options must be an object"
|
|
114
114
|
});
|
|
115
115
|
}
|
|
116
116
|
const algorithm = options.algorithm ?? "aes256gcm";
|
|
117
|
-
if (!(algorithm in
|
|
118
|
-
return
|
|
119
|
-
msg: `${
|
|
120
|
-
desc: `Supported algorithms are: ${Object.keys(
|
|
117
|
+
if (!(algorithm in chunkX4CS7UXE_cjs.ENCRYPTION_ALGORITHMS)) {
|
|
118
|
+
return chunkX4CS7UXE_cjs.$err({
|
|
119
|
+
msg: `${chunkX4CS7UXE_cjs.title("node", "Key Generation")}: Unsupported algorithm: ${algorithm}`,
|
|
120
|
+
desc: `Supported algorithms are: ${Object.keys(chunkX4CS7UXE_cjs.ENCRYPTION_ALGORITHMS).join(", ")}`
|
|
121
121
|
});
|
|
122
122
|
}
|
|
123
123
|
const digest = options.digest ?? "sha256";
|
|
124
|
-
if (!(digest in
|
|
125
|
-
return
|
|
126
|
-
msg: `${
|
|
127
|
-
desc: `Supported digests are: ${Object.keys(
|
|
124
|
+
if (!(digest in chunkX4CS7UXE_cjs.DIGEST_ALGORITHMS)) {
|
|
125
|
+
return chunkX4CS7UXE_cjs.$err({
|
|
126
|
+
msg: `${chunkX4CS7UXE_cjs.title("node", "Key Generation")}: Unsupported digest: ${digest}`,
|
|
127
|
+
desc: `Supported digests are: ${Object.keys(chunkX4CS7UXE_cjs.DIGEST_ALGORITHMS).join(", ")}`
|
|
128
128
|
});
|
|
129
129
|
}
|
|
130
130
|
const salt = options.salt ?? "cipher-kit-salt";
|
|
131
|
-
if (!
|
|
132
|
-
return
|
|
133
|
-
msg: `${
|
|
131
|
+
if (!chunkX4CS7UXE_cjs.$isStr(salt, 8)) {
|
|
132
|
+
return chunkX4CS7UXE_cjs.$err({
|
|
133
|
+
msg: `${chunkX4CS7UXE_cjs.title("node", "Key Generation")}: Weak salt`,
|
|
134
134
|
desc: "Salt must be a non-empty string with at least 8 characters"
|
|
135
135
|
});
|
|
136
136
|
}
|
|
137
137
|
const info = options.info ?? "cipher-kit";
|
|
138
|
-
if (!
|
|
139
|
-
return
|
|
140
|
-
msg: `${
|
|
138
|
+
if (!chunkX4CS7UXE_cjs.$isStr(info)) {
|
|
139
|
+
return chunkX4CS7UXE_cjs.$err({
|
|
140
|
+
msg: `${chunkX4CS7UXE_cjs.title("node", "Key Generation")}: Invalid info`,
|
|
141
141
|
desc: "Info must be a non-empty string"
|
|
142
142
|
});
|
|
143
143
|
}
|
|
144
|
-
const encryptAlgo =
|
|
145
|
-
const digestAlgo =
|
|
144
|
+
const encryptAlgo = chunkX4CS7UXE_cjs.ENCRYPTION_ALGORITHMS[algorithm];
|
|
145
|
+
const digestAlgo = chunkX4CS7UXE_cjs.DIGEST_ALGORITHMS[digest];
|
|
146
146
|
try {
|
|
147
147
|
const derivedKey = nodeCrypto__default.default.hkdfSync(
|
|
148
148
|
digestAlgo.node,
|
|
@@ -158,40 +158,40 @@ function $createSecretKey(secret, options) {
|
|
|
158
158
|
algorithm,
|
|
159
159
|
key
|
|
160
160
|
});
|
|
161
|
-
return
|
|
161
|
+
return chunkX4CS7UXE_cjs.$ok({ result: secretKey });
|
|
162
162
|
} catch (error) {
|
|
163
|
-
return
|
|
163
|
+
return chunkX4CS7UXE_cjs.$err({ msg: `${chunkX4CS7UXE_cjs.title("node", "Key Generation")}: Failed to create secret key`, desc: chunkX4CS7UXE_cjs.$fmtError(error) });
|
|
164
164
|
}
|
|
165
165
|
}
|
|
166
166
|
function $encrypt(data, secretKey, options) {
|
|
167
|
-
if (!
|
|
168
|
-
return
|
|
169
|
-
msg: `${
|
|
167
|
+
if (!chunkX4CS7UXE_cjs.$isStr(data)) {
|
|
168
|
+
return chunkX4CS7UXE_cjs.$err({
|
|
169
|
+
msg: `${chunkX4CS7UXE_cjs.title("node", "Encryption")}: Empty data for encryption`,
|
|
170
170
|
desc: "Data must be a non-empty string"
|
|
171
171
|
});
|
|
172
172
|
}
|
|
173
|
-
if (!
|
|
174
|
-
return
|
|
175
|
-
msg: `${
|
|
173
|
+
if (!chunkX4CS7UXE_cjs.$isPlainObj(options)) {
|
|
174
|
+
return chunkX4CS7UXE_cjs.$err({
|
|
175
|
+
msg: `${chunkX4CS7UXE_cjs.title("node", "Encryption")}: Invalid options`,
|
|
176
176
|
desc: "Options must be an object"
|
|
177
177
|
});
|
|
178
178
|
}
|
|
179
179
|
const outputEncoding = options.outputEncoding ?? "base64url";
|
|
180
|
-
if (!
|
|
181
|
-
return
|
|
182
|
-
msg: `${
|
|
180
|
+
if (!chunkX4CS7UXE_cjs.CIPHER_ENCODING.includes(outputEncoding)) {
|
|
181
|
+
return chunkX4CS7UXE_cjs.$err({
|
|
182
|
+
msg: `${chunkX4CS7UXE_cjs.title("node", "Encryption")}: Unsupported output encoding: ${outputEncoding}`,
|
|
183
183
|
desc: "Use base64, base64url, or hex"
|
|
184
184
|
});
|
|
185
185
|
}
|
|
186
|
-
const injectedKey =
|
|
186
|
+
const injectedKey = chunkX4CS7UXE_cjs.$isSecretKey(secretKey, "node");
|
|
187
187
|
if (!injectedKey) {
|
|
188
|
-
return
|
|
189
|
-
msg: `${
|
|
188
|
+
return chunkX4CS7UXE_cjs.$err({
|
|
189
|
+
msg: `${chunkX4CS7UXE_cjs.title("node", "Encryption")}: Invalid Secret Key`,
|
|
190
190
|
desc: "Expected a Node SecretKey"
|
|
191
191
|
});
|
|
192
192
|
}
|
|
193
193
|
const { result, error } = $convertStrToBytes(data, "utf8");
|
|
194
|
-
if (error) return
|
|
194
|
+
if (error) return chunkX4CS7UXE_cjs.$err(error);
|
|
195
195
|
try {
|
|
196
196
|
const iv = nodeCrypto__default.default.randomBytes(injectedKey.injected.ivLength);
|
|
197
197
|
const cipher = nodeCrypto__default.default.createCipheriv(injectedKey.injected.node, injectedKey.key, iv);
|
|
@@ -201,46 +201,46 @@ function $encrypt(data, secretKey, options) {
|
|
|
201
201
|
const cipherStr = $convertBytesToStr(encrypted, outputEncoding);
|
|
202
202
|
const tagStr = $convertBytesToStr(tag, outputEncoding);
|
|
203
203
|
if (ivStr.error || cipherStr.error || tagStr.error) {
|
|
204
|
-
return
|
|
204
|
+
return chunkX4CS7UXE_cjs.$err({
|
|
205
205
|
msg: "Crypto NodeJS API - Encryption: Failed to convert IV or encrypted data or tag",
|
|
206
|
-
desc: `Conversion error: ${
|
|
206
|
+
desc: `Conversion error: ${chunkX4CS7UXE_cjs.$fmtResultErr(ivStr.error || cipherStr.error || tagStr.error)}`
|
|
207
207
|
});
|
|
208
208
|
}
|
|
209
|
-
return
|
|
209
|
+
return chunkX4CS7UXE_cjs.$ok(`${ivStr.result}.${cipherStr.result}.${tagStr.result}.`);
|
|
210
210
|
} catch (error2) {
|
|
211
|
-
return
|
|
211
|
+
return chunkX4CS7UXE_cjs.$err({ msg: `${chunkX4CS7UXE_cjs.title("node", "Encryption")}: Failed to encrypt data`, desc: chunkX4CS7UXE_cjs.$fmtError(error2) });
|
|
212
212
|
}
|
|
213
213
|
}
|
|
214
214
|
function $decrypt(encrypted, secretKey, options) {
|
|
215
|
-
if (!
|
|
216
|
-
return
|
|
217
|
-
msg: `${
|
|
215
|
+
if (!chunkX4CS7UXE_cjs.matchEncryptedPattern(encrypted, "node")) {
|
|
216
|
+
return chunkX4CS7UXE_cjs.$err({
|
|
217
|
+
msg: `${chunkX4CS7UXE_cjs.title("node", "Decryption")}: Invalid encrypted data format`,
|
|
218
218
|
desc: 'Encrypted data must be in the format "iv.cipher.tag."'
|
|
219
219
|
});
|
|
220
220
|
}
|
|
221
|
-
if (!
|
|
222
|
-
return
|
|
223
|
-
msg: `${
|
|
221
|
+
if (!chunkX4CS7UXE_cjs.$isPlainObj(options)) {
|
|
222
|
+
return chunkX4CS7UXE_cjs.$err({
|
|
223
|
+
msg: `${chunkX4CS7UXE_cjs.title("node", "Decryption")}: Invalid options`,
|
|
224
224
|
desc: "Options must be an object"
|
|
225
225
|
});
|
|
226
226
|
}
|
|
227
227
|
const inputEncoding = options.inputEncoding ?? "base64url";
|
|
228
|
-
if (!
|
|
229
|
-
return
|
|
230
|
-
msg: `${
|
|
228
|
+
if (!chunkX4CS7UXE_cjs.CIPHER_ENCODING.includes(inputEncoding)) {
|
|
229
|
+
return chunkX4CS7UXE_cjs.$err({
|
|
230
|
+
msg: `${chunkX4CS7UXE_cjs.title("node", "Decryption")}: Unsupported input encoding: ${inputEncoding}`,
|
|
231
231
|
desc: "Use base64, base64url, or hex"
|
|
232
232
|
});
|
|
233
233
|
}
|
|
234
234
|
const [iv, cipher, tag] = encrypted.split(".", 4);
|
|
235
|
-
if (!
|
|
236
|
-
return
|
|
237
|
-
msg: `${
|
|
235
|
+
if (!chunkX4CS7UXE_cjs.$isStr(iv) || !chunkX4CS7UXE_cjs.$isStr(cipher) || !chunkX4CS7UXE_cjs.$isStr(tag)) {
|
|
236
|
+
return chunkX4CS7UXE_cjs.$err({
|
|
237
|
+
msg: `${chunkX4CS7UXE_cjs.title("node", "Decryption")}: Invalid encrypted data`,
|
|
238
238
|
desc: "Encrypted data must contain valid IV, encrypted data, and tag components"
|
|
239
239
|
});
|
|
240
240
|
}
|
|
241
|
-
const injectedKey =
|
|
241
|
+
const injectedKey = chunkX4CS7UXE_cjs.$isSecretKey(secretKey, "node");
|
|
242
242
|
if (!injectedKey) {
|
|
243
|
-
return
|
|
243
|
+
return chunkX4CS7UXE_cjs.$err({
|
|
244
244
|
msg: "Crypto NodeJS API - Decryption: Invalid Secret Key",
|
|
245
245
|
desc: "Expected a Node SecretKey"
|
|
246
246
|
});
|
|
@@ -249,9 +249,9 @@ function $decrypt(encrypted, secretKey, options) {
|
|
|
249
249
|
const cipherBytes = $convertStrToBytes(cipher, inputEncoding);
|
|
250
250
|
const tagBytes = $convertStrToBytes(tag, inputEncoding);
|
|
251
251
|
if (ivBytes.error || cipherBytes.error || tagBytes.error) {
|
|
252
|
-
return
|
|
253
|
-
msg: `${
|
|
254
|
-
desc: `Conversion error: ${
|
|
252
|
+
return chunkX4CS7UXE_cjs.$err({
|
|
253
|
+
msg: `${chunkX4CS7UXE_cjs.title("node", "Decryption")}: Failed to convert IV or encrypted data or tag`,
|
|
254
|
+
desc: `Conversion error: ${chunkX4CS7UXE_cjs.$fmtResultErr(ivBytes.error || cipherBytes.error || tagBytes.error)}`
|
|
255
255
|
});
|
|
256
256
|
}
|
|
257
257
|
try {
|
|
@@ -260,122 +260,122 @@ function $decrypt(encrypted, secretKey, options) {
|
|
|
260
260
|
const decrypted = buffer.Buffer.concat([decipher.update(cipherBytes.result), decipher.final()]);
|
|
261
261
|
return $convertBytesToStr(decrypted, "utf8");
|
|
262
262
|
} catch (error) {
|
|
263
|
-
return
|
|
263
|
+
return chunkX4CS7UXE_cjs.$err({ msg: `${chunkX4CS7UXE_cjs.title("node", "Decryption")}: Failed to decrypt data`, desc: chunkX4CS7UXE_cjs.$fmtError(error) });
|
|
264
264
|
}
|
|
265
265
|
}
|
|
266
266
|
function $encryptObj(data, secretKey, options) {
|
|
267
|
-
const { result, error } =
|
|
268
|
-
if (error) return
|
|
267
|
+
const { result, error } = chunkX4CS7UXE_cjs.$stringifyObj(data);
|
|
268
|
+
if (error) return chunkX4CS7UXE_cjs.$err(error);
|
|
269
269
|
return $encrypt(result, secretKey, options);
|
|
270
270
|
}
|
|
271
271
|
function $decryptObj(encrypted, secretKey, options) {
|
|
272
272
|
const { result, error } = $decrypt(encrypted, secretKey, options);
|
|
273
|
-
if (error) return
|
|
274
|
-
return
|
|
273
|
+
if (error) return chunkX4CS7UXE_cjs.$err(error);
|
|
274
|
+
return chunkX4CS7UXE_cjs.$parseToObj(result);
|
|
275
275
|
}
|
|
276
276
|
function $hash(data, options = {}) {
|
|
277
|
-
if (!
|
|
278
|
-
return
|
|
279
|
-
msg: `${
|
|
277
|
+
if (!chunkX4CS7UXE_cjs.$isStr(data)) {
|
|
278
|
+
return chunkX4CS7UXE_cjs.$err({
|
|
279
|
+
msg: `${chunkX4CS7UXE_cjs.title("node", "Hashing")}: Empty data for hashing`,
|
|
280
280
|
desc: "Data must be a non-empty string"
|
|
281
281
|
});
|
|
282
282
|
}
|
|
283
|
-
if (!
|
|
284
|
-
return
|
|
285
|
-
msg: `${
|
|
283
|
+
if (!chunkX4CS7UXE_cjs.$isPlainObj(options)) {
|
|
284
|
+
return chunkX4CS7UXE_cjs.$err({
|
|
285
|
+
msg: `${chunkX4CS7UXE_cjs.title("node", "Hashing")}: Invalid options`,
|
|
286
286
|
desc: "Options must be an object"
|
|
287
287
|
});
|
|
288
288
|
}
|
|
289
289
|
const outputEncoding = options.outputEncoding ?? "base64url";
|
|
290
|
-
if (!
|
|
291
|
-
return
|
|
292
|
-
msg: `${
|
|
290
|
+
if (!chunkX4CS7UXE_cjs.CIPHER_ENCODING.includes(outputEncoding)) {
|
|
291
|
+
return chunkX4CS7UXE_cjs.$err({
|
|
292
|
+
msg: `${chunkX4CS7UXE_cjs.title("node", "Hashing")}: Unsupported output encoding: ${outputEncoding}`,
|
|
293
293
|
desc: "Use base64, base64url, or hex"
|
|
294
294
|
});
|
|
295
295
|
}
|
|
296
296
|
const digest = options.digest ?? "sha256";
|
|
297
|
-
if (!(digest in
|
|
298
|
-
return
|
|
299
|
-
msg: `${
|
|
300
|
-
desc: `Supported digests are: ${Object.keys(
|
|
297
|
+
if (!(digest in chunkX4CS7UXE_cjs.DIGEST_ALGORITHMS)) {
|
|
298
|
+
return chunkX4CS7UXE_cjs.$err({
|
|
299
|
+
msg: `${chunkX4CS7UXE_cjs.title("node", "Hashing")}: Unsupported digest: ${digest}`,
|
|
300
|
+
desc: `Supported digests are: ${Object.keys(chunkX4CS7UXE_cjs.DIGEST_ALGORITHMS).join(", ")}`
|
|
301
301
|
});
|
|
302
302
|
}
|
|
303
|
-
const digestAlgo =
|
|
303
|
+
const digestAlgo = chunkX4CS7UXE_cjs.DIGEST_ALGORITHMS[digest];
|
|
304
304
|
const { result, error } = $convertStrToBytes(data, "utf8");
|
|
305
|
-
if (error) return
|
|
305
|
+
if (error) return chunkX4CS7UXE_cjs.$err(error);
|
|
306
306
|
try {
|
|
307
307
|
const hashed = nodeCrypto__default.default.createHash(digestAlgo.node).update(result).digest();
|
|
308
308
|
return $convertBytesToStr(hashed, outputEncoding);
|
|
309
309
|
} catch (error2) {
|
|
310
|
-
return
|
|
310
|
+
return chunkX4CS7UXE_cjs.$err({ msg: `${chunkX4CS7UXE_cjs.title("node", "Hashing")}: Failed to hash data with Crypto NodeJS`, desc: chunkX4CS7UXE_cjs.$fmtError(error2) });
|
|
311
311
|
}
|
|
312
312
|
}
|
|
313
313
|
function $hashPassword(password, options) {
|
|
314
|
-
if (!
|
|
315
|
-
return
|
|
316
|
-
msg: `${
|
|
314
|
+
if (!chunkX4CS7UXE_cjs.$isStr(password)) {
|
|
315
|
+
return chunkX4CS7UXE_cjs.$err({
|
|
316
|
+
msg: `${chunkX4CS7UXE_cjs.title("node", "Password Hashing")}: Empty password for hashing`,
|
|
317
317
|
desc: "Password must be a non-empty string"
|
|
318
318
|
});
|
|
319
319
|
}
|
|
320
|
-
if (!
|
|
321
|
-
return
|
|
322
|
-
msg: `${
|
|
320
|
+
if (!chunkX4CS7UXE_cjs.$isPlainObj(options)) {
|
|
321
|
+
return chunkX4CS7UXE_cjs.$err({
|
|
322
|
+
msg: `${chunkX4CS7UXE_cjs.title("node", "Password Hashing")}: Invalid options`,
|
|
323
323
|
desc: "Options must be an object"
|
|
324
324
|
});
|
|
325
325
|
}
|
|
326
326
|
const digest = options.digest ?? "sha512";
|
|
327
|
-
if (!(digest in
|
|
328
|
-
return
|
|
329
|
-
msg: `${
|
|
330
|
-
desc: `Supported digests are: ${Object.keys(
|
|
327
|
+
if (!(digest in chunkX4CS7UXE_cjs.DIGEST_ALGORITHMS)) {
|
|
328
|
+
return chunkX4CS7UXE_cjs.$err({
|
|
329
|
+
msg: `${chunkX4CS7UXE_cjs.title("node", "Password Hashing")}: Unsupported digest: ${digest}`,
|
|
330
|
+
desc: `Supported digests are: ${Object.keys(chunkX4CS7UXE_cjs.DIGEST_ALGORITHMS).join(", ")}`
|
|
331
331
|
});
|
|
332
332
|
}
|
|
333
|
-
const digestAlgo =
|
|
333
|
+
const digestAlgo = chunkX4CS7UXE_cjs.DIGEST_ALGORITHMS[digest];
|
|
334
334
|
const outputEncoding = options.outputEncoding ?? "base64url";
|
|
335
|
-
if (!
|
|
336
|
-
return
|
|
337
|
-
msg: `${
|
|
335
|
+
if (!chunkX4CS7UXE_cjs.CIPHER_ENCODING.includes(outputEncoding)) {
|
|
336
|
+
return chunkX4CS7UXE_cjs.$err({
|
|
337
|
+
msg: `${chunkX4CS7UXE_cjs.title("node", "Password Hashing")}: Unsupported encoding: ${outputEncoding}`,
|
|
338
338
|
desc: "Use base64, base64url, or hex"
|
|
339
339
|
});
|
|
340
340
|
}
|
|
341
341
|
const saltLength = options.saltLength ?? 16;
|
|
342
342
|
if (typeof saltLength !== "number" || saltLength < 8) {
|
|
343
|
-
return
|
|
344
|
-
msg: `${
|
|
343
|
+
return chunkX4CS7UXE_cjs.$err({
|
|
344
|
+
msg: `${chunkX4CS7UXE_cjs.title("node", "Password Hashing")}: Weak salt length`,
|
|
345
345
|
desc: "Salt length must be a number and at least 8 bytes (recommended 16 or more)"
|
|
346
346
|
});
|
|
347
347
|
}
|
|
348
348
|
const iterations = options.iterations ?? 32e4;
|
|
349
349
|
if (typeof iterations !== "number" || iterations < 1e3) {
|
|
350
|
-
return
|
|
351
|
-
msg: `${
|
|
350
|
+
return chunkX4CS7UXE_cjs.$err({
|
|
351
|
+
msg: `${chunkX4CS7UXE_cjs.title("node", "Password Hashing")}: Weak iterations count`,
|
|
352
352
|
desc: "Iterations must be a number and at least 1000 (recommended 320,000 or more)"
|
|
353
353
|
});
|
|
354
354
|
}
|
|
355
355
|
const keyLength = options.keyLength ?? 64;
|
|
356
356
|
if (typeof keyLength !== "number" || keyLength < 16) {
|
|
357
|
-
return
|
|
358
|
-
msg: `${
|
|
357
|
+
return chunkX4CS7UXE_cjs.$err({
|
|
358
|
+
msg: `${chunkX4CS7UXE_cjs.title("node", "Password Hashing")}: Invalid key length`,
|
|
359
359
|
desc: "Key length must be a number and at least 16 bytes (recommended 64 or more)"
|
|
360
360
|
});
|
|
361
361
|
}
|
|
362
362
|
try {
|
|
363
363
|
const salt = nodeCrypto__default.default.randomBytes(saltLength);
|
|
364
364
|
const hash2 = nodeCrypto__default.default.pbkdf2Sync(password.normalize("NFKC"), salt, iterations, keyLength, digestAlgo.node);
|
|
365
|
-
return
|
|
365
|
+
return chunkX4CS7UXE_cjs.$ok({ result: hash2.toString(outputEncoding), salt: salt.toString(outputEncoding) });
|
|
366
366
|
} catch (error) {
|
|
367
|
-
return
|
|
367
|
+
return chunkX4CS7UXE_cjs.$err({ msg: `${chunkX4CS7UXE_cjs.title("node", "Password Hashing")}: Failed to hash password`, desc: chunkX4CS7UXE_cjs.$fmtError(error) });
|
|
368
368
|
}
|
|
369
369
|
}
|
|
370
370
|
function $verifyPassword(password, hashedPassword, salt, options) {
|
|
371
|
-
if (!
|
|
371
|
+
if (!chunkX4CS7UXE_cjs.$isStr(password) || !chunkX4CS7UXE_cjs.$isStr(hashedPassword) || !chunkX4CS7UXE_cjs.$isStr(salt) || !chunkX4CS7UXE_cjs.$isPlainObj(options)) {
|
|
372
372
|
return false;
|
|
373
373
|
}
|
|
374
374
|
const digest = options.digest ?? "sha512";
|
|
375
|
-
if (!(digest in
|
|
376
|
-
const digestAlgo =
|
|
375
|
+
if (!(digest in chunkX4CS7UXE_cjs.DIGEST_ALGORITHMS)) return false;
|
|
376
|
+
const digestAlgo = chunkX4CS7UXE_cjs.DIGEST_ALGORITHMS[digest];
|
|
377
377
|
const inputEncoding = options.inputEncoding ?? "base64url";
|
|
378
|
-
if (!
|
|
378
|
+
if (!chunkX4CS7UXE_cjs.CIPHER_ENCODING.includes(inputEncoding)) return false;
|
|
379
379
|
const iterations = options.iterations ?? 32e4;
|
|
380
380
|
if (typeof iterations !== "number" || iterations < 1e3) return false;
|
|
381
381
|
const keyLength = options.keyLength ?? 64;
|
|
@@ -396,14 +396,14 @@ function $verifyPassword(password, hashedPassword, salt, options) {
|
|
|
396
396
|
|
|
397
397
|
// src/node/kit.ts
|
|
398
398
|
function isNodeSecretKey(x) {
|
|
399
|
-
return
|
|
399
|
+
return chunkX4CS7UXE_cjs.$isSecretKey(x, "node") !== null;
|
|
400
400
|
}
|
|
401
401
|
function tryGenerateUuid() {
|
|
402
402
|
return $generateUuid();
|
|
403
403
|
}
|
|
404
404
|
function generateUuid() {
|
|
405
405
|
const { result, error } = $generateUuid();
|
|
406
|
-
if (error) throw new Error(
|
|
406
|
+
if (error) throw new Error(chunkX4CS7UXE_cjs.$fmtResultErr(error));
|
|
407
407
|
return result;
|
|
408
408
|
}
|
|
409
409
|
function tryCreateSecretKey(secret, options = {}) {
|
|
@@ -411,7 +411,7 @@ function tryCreateSecretKey(secret, options = {}) {
|
|
|
411
411
|
}
|
|
412
412
|
function createSecretKey(secret, options = {}) {
|
|
413
413
|
const { result, error } = $createSecretKey(secret, options);
|
|
414
|
-
if (error) throw new Error(
|
|
414
|
+
if (error) throw new Error(chunkX4CS7UXE_cjs.$fmtResultErr(error));
|
|
415
415
|
return result;
|
|
416
416
|
}
|
|
417
417
|
function tryEncrypt(data, secretKey, options = {}) {
|
|
@@ -419,7 +419,7 @@ function tryEncrypt(data, secretKey, options = {}) {
|
|
|
419
419
|
}
|
|
420
420
|
function encrypt(data, secretKey, options = {}) {
|
|
421
421
|
const { result, error } = $encrypt(data, secretKey, options);
|
|
422
|
-
if (error) throw new Error(
|
|
422
|
+
if (error) throw new Error(chunkX4CS7UXE_cjs.$fmtResultErr(error));
|
|
423
423
|
return result;
|
|
424
424
|
}
|
|
425
425
|
function tryDecrypt(encrypted, secretKey, options = {}) {
|
|
@@ -427,15 +427,15 @@ function tryDecrypt(encrypted, secretKey, options = {}) {
|
|
|
427
427
|
}
|
|
428
428
|
function decrypt(encrypted, secretKey, options = {}) {
|
|
429
429
|
const { result, error } = $decrypt(encrypted, secretKey, options);
|
|
430
|
-
if (error) throw new Error(
|
|
430
|
+
if (error) throw new Error(chunkX4CS7UXE_cjs.$fmtResultErr(error));
|
|
431
431
|
return result;
|
|
432
432
|
}
|
|
433
|
-
function tryEncryptObj(
|
|
434
|
-
return $encryptObj(
|
|
433
|
+
function tryEncryptObj(obj, secretKey, options = {}) {
|
|
434
|
+
return $encryptObj(obj, secretKey, options);
|
|
435
435
|
}
|
|
436
|
-
function encryptObj(
|
|
437
|
-
const { result, error } = $encryptObj(
|
|
438
|
-
if (error) throw new Error(
|
|
436
|
+
function encryptObj(obj, secretKey, options = {}) {
|
|
437
|
+
const { result, error } = $encryptObj(obj, secretKey, options);
|
|
438
|
+
if (error) throw new Error(chunkX4CS7UXE_cjs.$fmtResultErr(error));
|
|
439
439
|
return result;
|
|
440
440
|
}
|
|
441
441
|
function tryDecryptObj(encrypted, secretKey, options = {}) {
|
|
@@ -443,7 +443,7 @@ function tryDecryptObj(encrypted, secretKey, options = {}) {
|
|
|
443
443
|
}
|
|
444
444
|
function decryptObj(encrypted, secretKey, options = {}) {
|
|
445
445
|
const { result, error } = $decryptObj(encrypted, secretKey, options);
|
|
446
|
-
if (error) throw new Error(
|
|
446
|
+
if (error) throw new Error(chunkX4CS7UXE_cjs.$fmtResultErr(error));
|
|
447
447
|
return result;
|
|
448
448
|
}
|
|
449
449
|
function tryHash(data, options = {}) {
|
|
@@ -451,7 +451,7 @@ function tryHash(data, options = {}) {
|
|
|
451
451
|
}
|
|
452
452
|
function hash(data, options = {}) {
|
|
453
453
|
const { result, error } = $hash(data, options);
|
|
454
|
-
if (error) throw new Error(
|
|
454
|
+
if (error) throw new Error(chunkX4CS7UXE_cjs.$fmtResultErr(error));
|
|
455
455
|
return result;
|
|
456
456
|
}
|
|
457
457
|
function tryHashPassword(password, options = {}) {
|
|
@@ -459,7 +459,7 @@ function tryHashPassword(password, options = {}) {
|
|
|
459
459
|
}
|
|
460
460
|
function hashPassword(password, options = {}) {
|
|
461
461
|
const { result, salt, error } = $hashPassword(password, options);
|
|
462
|
-
if (error) throw new Error(
|
|
462
|
+
if (error) throw new Error(chunkX4CS7UXE_cjs.$fmtResultErr(error));
|
|
463
463
|
return { result, salt };
|
|
464
464
|
}
|
|
465
465
|
function verifyPassword(password, hashedPassword, salt, options = {}) {
|
|
@@ -470,7 +470,7 @@ function tryConvertStrToBytes(data, inputEncoding = "utf8") {
|
|
|
470
470
|
}
|
|
471
471
|
function convertStrToBytes(data, inputEncoding = "utf8") {
|
|
472
472
|
const { result, error } = $convertStrToBytes(data, inputEncoding);
|
|
473
|
-
if (error) throw new Error(
|
|
473
|
+
if (error) throw new Error(chunkX4CS7UXE_cjs.$fmtResultErr(error));
|
|
474
474
|
return result;
|
|
475
475
|
}
|
|
476
476
|
function tryConvertBytesToStr(data, outputEncoding = "utf8") {
|
|
@@ -478,7 +478,7 @@ function tryConvertBytesToStr(data, outputEncoding = "utf8") {
|
|
|
478
478
|
}
|
|
479
479
|
function convertBytesToStr(data, outputEncoding = "utf8") {
|
|
480
480
|
const { result, error } = $convertBytesToStr(data, outputEncoding);
|
|
481
|
-
if (error) throw new Error(
|
|
481
|
+
if (error) throw new Error(chunkX4CS7UXE_cjs.$fmtResultErr(error));
|
|
482
482
|
return result;
|
|
483
483
|
}
|
|
484
484
|
function tryConvertEncoding(data, from, to) {
|
|
@@ -486,7 +486,7 @@ function tryConvertEncoding(data, from, to) {
|
|
|
486
486
|
}
|
|
487
487
|
function convertEncoding(data, from, to) {
|
|
488
488
|
const { result, error } = $convertEncoding(data, from, to);
|
|
489
|
-
if (error) throw new Error(
|
|
489
|
+
if (error) throw new Error(chunkX4CS7UXE_cjs.$fmtResultErr(error));
|
|
490
490
|
return result;
|
|
491
491
|
}
|
|
492
492
|
|
|
@@ -515,5 +515,5 @@ exports.tryGenerateUuid = tryGenerateUuid;
|
|
|
515
515
|
exports.tryHash = tryHash;
|
|
516
516
|
exports.tryHashPassword = tryHashPassword;
|
|
517
517
|
exports.verifyPassword = verifyPassword;
|
|
518
|
-
//# sourceMappingURL=chunk-
|
|
519
|
-
//# sourceMappingURL=chunk-
|
|
518
|
+
//# sourceMappingURL=chunk-56PVVFVM.cjs.map
|
|
519
|
+
//# sourceMappingURL=chunk-56PVVFVM.cjs.map
|