npm - spd-lib - Versions diffs - 1.1.9 → 1.2.1 - Mend

spd-lib 1.1.9 → 1.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/index.js ADDED Viewed

@@ -0,0 +1 @@

+ const fs=require("fs"),zlib=require("zlib"),sodium=require("libsodium-wrappers"),crypto=require("crypto"),argon2=require("argon2");class SPD{constructor(){this.data=[],this.keyPair,this.userKey,this.salt,this.init()}async init(){await sodium.ready,this.keyPair=sodium.crypto_kx_keypair()}async setPassKey(a){await sodium.ready,this.init();const{pqcKey:t,salt:r}=await(new SPD).convertPasscodeToPQCKey(a),e=t.publicKey;this.userKey=e,this.salt=r}async migrateFromFile(a,t){const r=await SPD.loadFromFile(a,t);r.extractData_OLD=async()=>new Promise((async(a,t)=>{try{await sodium.ready;let r={};this.data.forEach((async a=>{try{const t=sodium.crypto_secretbox_open_easy(a.data,a.nonce,this.userKey),e=zlib.inflateSync(t,{level:9}).toString("utf8");r[a.dataName]=await this.CSTI(e,a.dataType)}catch{t()}})),a(r)}catch{t()}}));const e=await r.extractData_OLD(),i=new SPD;await i.setPassKey(t);for(let a in e)await i.addData(a,e[a]);i.saveToFile(a)}async migrateFromString(a,t){const r=await SPD.loadFromString(a,t);r.extractData_OLD=async()=>new Promise((async(a,t)=>{try{await sodium.ready;let r={};this.data.forEach((async a=>{try{const t=sodium.crypto_secretbox_open_easy(a.data,a.nonce,this.userKey),e=zlib.inflateSync(t,{level:9}).toString("utf8");r[a.dataName]=await this.CSTI(e,a.dataType)}catch{t()}})),a(r)}catch{t()}}));const e=await r.extractData_OLD(),i=new SPD;await i.setPassKey(t);for(let a in e)await i.addData(a,e[a]);return i.saveData()}async addData(a,t){const r=await this.CITS(t);await sodium.ready;const e=Buffer.from(r[0]),i=zlib.deflateSync(e,{level:9}),s=sodium.randombytes_buf(sodium.crypto_box_NONCEBYTES),n=sodium.crypto_aead_xchacha20poly1305_ietf_encrypt(i,null,null,s,this.userKey),o=crypto.createHash("sha3-512").update(n).digest("hex");this.data.push({dataName:a,nonce:Array.from(s),data:Array.from(n),hash:o,dataType:r[1]})}saveToFile(a){if(!(a&&"string"==typeof a&&a.trim()&&this.salt&&this.salt instanceof Uint8Array&&16===this.salt.length))throw new Error("Invalid output path or salt.");const t=JSON.stringify({data:this.data,salt:Array.from(this.salt)}),r=zlib.deflateSync(t,{level:9});fs.writeFileSync(a,r,{mode:384})}static async loadFromFile(a,t){return new Promise((async(r,e)=>{try{a&&"string"==typeof a&&a.trim()&&t&&"string"==typeof t&&t.trim()||e(new Error("Invalid SPD path or passcode.")),await sodium.ready;const i=fs.readFileSync(a),s=zlib.inflateSync(i,{level:9}).toString("utf8"),{data:n,salt:o}=JSON.parse(s),{pqcKey:y}=await(new SPD).convertPasscodeToPQCKeySalted(t,new Uint8Array(o)),c=y.publicKey,d=new SPD;d.userKey=c,d.keyPair={publicKey:c.publicKey},d.data=n.map((a=>({dataName:a.dataName,nonce:Buffer.from(a.nonce),data:Buffer.from(a.data),hash:a.hash,dataType:a.dataType}))),d.data.forEach((a=>{crypto.createHash("sha3-512").update(Buffer.from(a.data)).digest("hex")!==a.hash&&e(new Error(`Data integrity check failed for ${a.dataName}`))})),r(d)}catch{e()}}))}async extractData(){return new Promise((async(a,t)=>{try{await sodium.ready;let r={};this.data.forEach((async a=>{try{const t=sodium.crypto_aead_xchacha20poly1305_ietf_decrypt(null,a.data,null,a.nonce,this.userKey),e=zlib.inflateSync(t,{level:9}).toString("utf8");r[a.dataName]=await this.CSTI(e,a.dataType)}catch{t()}})),a(r)}catch{t()}}))}static async derivePBK(a,t){if(!(a&&"string"==typeof a&&a.trim()&&t&&t instanceof Uint8Array&&16===t.length))throw new Error("Invalid passcode or salt.");return new Promise((async(r,e)=>{argon2.hash(a,{salt:Buffer.from(t),type:argon2.argon2id}).then((a=>{r({pbk:a,salt:t})})).catch((a=>{e(a)}))}))}saveData(){const a=JSON.stringify({data:this.data,salt:Array.from(this.salt)});return zlib.deflateSync(a,{level:9})}static async loadFromString(a,t){return new Promise((async(r,e)=>{try{a&&"string"==typeof a&&a.trim()&&t&&"string"==typeof t&&t.trim()||e(new Error("Invalid SPD path or passcode.")),await sodium.ready;const i=Buffer.from(a,"base64"),s=zlib.inflateSync(i,{level:9}).toString("utf8"),{data:n,salt:o}=JSON.parse(s),{pqcKey:y}=await(new SPD).convertPasscodeToPQCKeySalted(t,new Uint8Array(o)),c=y.publicKey,d=new SPD;d.userKey=c,d.keyPair={publicKey:c.publicKey},d.data=n.map((a=>({dataName:a.dataName,nonce:Buffer.from(a.nonce),data:Buffer.from(a.data),hash:a.hash,dataType:a.dataType}))),d.data.forEach((a=>{crypto.createHash("sha3-512").update(Buffer.from(a.data)).digest("hex")!==a.hash&&e(new Error(`Data integrity check failed for ${a.dataName}`))})),r(d)}catch{e()}}))}async convertPasscodeToPQCKeySalted(a,t){if(!a||"string"!=typeof a||!a.trim()||a.length<8||!t||!(t instanceof Uint8Array)||16!==t.length)throw new Error("Invalid passcode or salt.");const{pbk:r}=await SPD.derivePBK(a,t);await sodium.ready;return{pqcKey:{publicKey:sodium.crypto_kx_seed_keypair(r.slice(0,sodium.crypto_kx_SEEDBYTES)).publicKey},salt:t}}async convertPasscodeToPQCKey(a){if(!a||"string"!=typeof a||!a.trim()||a.length<8)throw new Error("Invalid passcode.");const{pbk:t,salt:r}=await SPD.derivePBK(a,crypto.getRandomValues(new Uint8Array(16)));await sodium.ready;return{pqcKey:{publicKey:sodium.crypto_kx_seed_keypair(t.slice(0,sodium.crypto_kx_SEEDBYTES)).publicKey},salt:r}}async TDT(a){return{"[object Array]":"Array","[object Uint8Array]":"Uint8Array","[object Uint16Array]":"Uint16Array","[object Uint32Array]":"Uint32Array","[object BigInt64Array]":"BigInt64Array","[object BigUint64Array]":"BigUint64Array","[object Float32Array]":"Float32Array","[object Float64Array]":"Float64Array","[object Map]":"Map","[object Set]":"Set","[object Date]":"Date","[object RegExp]":"RegExp","[object Error]":"Error"}[Object.prototype.toString.call(a)]}async isNumArr(a){if("Uint8Array"===a||"Uint16Array"===a||"Uint32Array"===a||"BigInt64Array"===a||"BigUint64Array"===a||"Float32Array"===a||"Float64Array"===a)return 1}async isSWM(a){if("Map"===a||"Set"===a||"WeakMap"===a||"WeakSet"===a)return 1}async isDRE(a){if("Date"===a||"RegExp"===a||"Error"===a)return 1}async CITS(a){const t=typeof a;if("string"===t||"number"===t||"boolean"===t)return[a.toString(),t];if("object"==typeof a){const t=await this.TDT(a);return"Array"===t?[JSON.stringify(a),"Array"]:await this.isNumArr(t)?[JSON.stringify(Array.from(a)),t]:await this.isSWM(t)?[JSON.stringify([...a]),t]:await this.isDRE(t)?[a.toString(),t]:[JSON.stringify(a),typeof a]}}async CSTI(a,t){return"string"===t?a:"number"===t?parseFloat(a):"boolean"===t?"true"===a&&"false"!==a:"object"===t||"Array"===t?JSON.parse(a):"Uint8Array"===t?new Uint8Array(JSON.parse(a)):"Uint16Array"===t?new Uint16Array(JSON.parse(a)):"Uint32Array"===t?new Uint32Array(JSON.parse(a)):"BigInt64Array"===t?new BigInt64Array(JSON.parse(a)):"BigUint64Array"===t?new BigUint64Array(JSON.parse(a)):"Float32Array"===t?new Float32Array(JSON.parse(a)):"Float64Array"===t?new Float64Array(JSON.parse(a)):"Map"===t?new Map(JSON.parse(a)):"Set"===t?new Set(JSON.parse(a)):"WeakMap"===t?new WeakMap(JSON.parse(a)):"WeakSet"===t?new WeakSet(JSON.parse(a)):"Date"===t?new Date(a):"RegExp"===t?new RegExp(a):"Error"===t?new Error(a):void 0}}module.exports={SPD};

package/package.json CHANGED Viewed

@@ -1,8 +1,8 @@
 {
   "name": "spd-lib",
-  "version": "1.1.9",
+  "version": "1.2.1",
   "description": "SPD or Secure Packaged Data is a compress PQC protected file format to store sensitive data localy",
-  "main": "index.js",
+  "main": "dist/index.js",
   "scripts": {
     "test": "echo \"Error: no test specified\" && exit 1"
   },
@@ -21,6 +21,11 @@
   "author": "ALS-OPSS",
   "license": "ISC",
   "dependencies": {
+    "argon2": "^0.41.1",
     "libsodium-wrappers": "^0.7.15"
+  },
+  "devDependencies": {
+    "javascript-obfuscator": "^4.1.1",
+    "terser": "^5.39.0"
   }
 }

package/index.js DELETED Viewed

@@ -1,321 +0,0 @@
-const fs = require('fs')
-const zlib = require('zlib');
-const sodium = require('libsodium-wrappers');
-const crypto = require('crypto');
-class SPD {
-    constructor() {
-        this.data = [];
-        this.keyPair; // Generate a key pair for encryption/decryption
-        this.userKey;
-        this.salt;
-        this.init();
-    }
-    async init() {
-        await sodium.ready;
-        this.keyPair = sodium.crypto_box_keypair()
-    }
-    async setPassKey(passcode){
-            await sodium.ready;
-            this.init()
-            const { pqcKey, salt } = await new SPD().convertPasscodeToPQCKey(passcode);
-const userKey = pqcKey.publicKey;
-this.userKey = userKey;
-this.salt = salt;
-    }
-    async addData(name, data) {
-        const dmap = await this.CITS(data)
-        await sodium.ready;
-        const dat = Buffer.from(dmap[0]);
-        const compressedData = zlib.deflateSync(dat,{
-            level:9
-        });
-        const nonce = sodium.randombytes_buf(sodium.crypto_box_NONCEBYTES);
-        const encryptedData = sodium.crypto_secretbox_easy(compressedData, nonce, this.userKey);
-        const hash = crypto.createHash('sha256').update(encryptedData).digest('hex');
-        this.data.push({ dataName: name, nonce: Array.from(nonce), data: Array.from(encryptedData), hash, dataType: dmap[1] });
-    }
-    saveToFile(outputPath) {
-        if (!outputPath || typeof outputPath !== 'string' || !outputPath.trim() || !this.salt || !(this.salt instanceof Uint8Array) || this.salt.length !== 16) {
-            throw new Error('Invalid output path or salt.');
-        }
-        const spdData = JSON.stringify({ data: this.data, salt: Array.from(this.salt) });
-        const compressedSpdData = zlib.deflateSync(spdData,{
-            level:9
-        });
-        fs.writeFileSync(outputPath, compressedSpdData, { mode: 0o600 });
-    }
-    static async loadFromFile(spdPath, passcode) {
-        return new Promise(async (res,rej)=>{
-            try{
-        if (!spdPath || typeof spdPath !== 'string' || !spdPath.trim() || !passcode || typeof passcode !== 'string' || !passcode.trim()) {
-            rej(new Error('Invalid SPD path or passcode.'));
-        }
-        await sodium.ready;
-        const compressedSpdData = fs.readFileSync(spdPath);
-        const spdData = zlib.inflateSync(compressedSpdData,{level:9}).toString('utf8');
-        const { data, salt } = JSON.parse(spdData);
-        const { pqcKey } = await new SPD().convertPasscodeToPQCKeySalted(passcode, new Uint8Array(salt));
-        const pbk = pqcKey.publicKey;
-        const spd = new SPD();
-        spd.userKey = pbk;
-        spd.keyPair = {
-            publicKey: pbk.publicKey
-        };
-        spd.data = data.map(dat => ({
-            dataName: dat.dataName,
-            nonce: Buffer.from(dat.nonce),
-            data: Buffer.from(dat.data),
-            hash: dat.hash,
-            dataType: dat.dataType
-        }));
-        spd.data.forEach(dat => {
-            const calculatedHash = crypto.createHash('sha256').update(Buffer.from(dat.data)).digest('hex');
-            if (calculatedHash !== dat.hash) {
-                rej(new Error(`Data integrity check failed for ${dat.dataName}`));
-            }
-        });
-        res(spd);
-    }catch{
-        rej()
-    }
-    })
-    }
-    async extractData() {
-        return new Promise(async(res,rej)=>{
-            try{
-        await sodium.ready;
-        let extractedFiles = {};
-        this.data.forEach(async dat => {
-            try{
-            const decryptedData = sodium.crypto_secretbox_open_easy(dat.data, dat.nonce, this.userKey);
-            const decompressedData = zlib.inflateSync(decryptedData,{level:9});
-            const dt = decompressedData.toString('utf8');
-            extractedFiles[dat.dataName] = await this.CSTI(dt, dat.dataType);
-            }catch{
-                rej()
-            }
-        });
-        res(extractedFiles);
-    }catch{
-        rej()
-    }
-    })
-    }
-    static async derivePBK(passcode, salt) {
-        if (!passcode || typeof passcode !== 'string' || !passcode.trim() || !salt || !(salt instanceof Uint8Array) || salt.length !== 16) {
-            throw new Error('Invalid passcode or salt.');
-        }
-        return new Promise((resolve, reject) => {
-            crypto.pbkdf2(passcode, salt, 100000, 32, 'sha256', (err, derivedKey) => {
-                if (err) {
-                    reject(err);
-                } else {
-                    resolve({ pbk: derivedKey, salt: salt });
-                }
-            });
-        });
-    }
-    saveData() {
-        const spdData = JSON.stringify({ data: this.data, salt: Array.from(this.salt) });
-        const compressedSpdData = zlib.deflateSync(spdData,{level:9});
-        return compressedSpdData;
-    }
-    static async loadFromString(spdData, passcode) {
-        return new Promise(async (res,rej)=>{
-            try{
-        if (!spdData || typeof spdData !== 'string' || !spdData.trim() || !passcode || typeof passcode !== 'string' || !passcode.trim()) {
-            rej(new Error('Invalid SPD path or passcode.'));
-        }
-        await sodium.ready;
-        const spdDataBuffer = Buffer.from(spdData, 'base64');
-        const spdData2 = zlib.inflateSync(spdDataBuffer,{level:9}).toString('utf8');
-        const { data, salt } = JSON.parse(spdData2);
-        const { pqcKey } = await new SPD().convertPasscodeToPQCKeySalted(passcode, new Uint8Array(salt));
-        const pbk = pqcKey.publicKey;
-        const spd = new SPD();
-        spd.userKey = pbk;
-        spd.keyPair = {
-            publicKey: pbk.publicKey
-        };
-        spd.data = data.map(dat => ({
-            dataName: dat.dataName,
-            nonce: Buffer.from(dat.nonce),
-            data: Buffer.from(dat.data),
-            hash: dat.hash,
-            dataType: dat.dataType
-        }));
-        spd.data.forEach(dat => {
-            const calculatedHash = crypto.createHash('sha256').update(Buffer.from(dat.data)).digest('hex');
-            if (calculatedHash !== dat.hash) {
-                rej(new Error(`Data integrity check failed for ${dat.dataName}`));
-            }
-        });
-        res(spd);
-    }catch{
-        rej()
-    }
-    })
-      }
-    async convertPasscodeToPQCKeySalted(passcode, salt) {
-        if (!passcode || typeof passcode !== 'string' || !passcode.trim() || passcode.length < 8 || !salt || !(salt instanceof Uint8Array) || salt.length !== 16) {
-            throw new Error('Invalid passcode or salt.');
-        }
-        const { pbk } = await SPD.derivePBK(passcode, salt);
-        await sodium.ready;
-        const keyPair = sodium.crypto_kx_seed_keypair(pbk.slice(0, sodium.crypto_kx_SEEDBYTES));
-        return { pqcKey: { publicKey: keyPair.publicKey }, salt };
-    }
-    async convertPasscodeToPQCKey(passcode) {
-        if (!passcode || typeof passcode !== 'string' || !passcode.trim() || passcode.length < 8) {
-            throw new Error('Invalid passcode.');
-        }
-        const { pbk, salt } = await SPD.derivePBK(passcode, crypto.getRandomValues(new Uint8Array(16)));
-        await sodium.ready;
-        const keyPair = sodium.crypto_kx_seed_keypair(pbk.slice(0, sodium.crypto_kx_SEEDBYTES));
-        return { pqcKey: { publicKey: keyPair.publicKey }, salt };
-    }
-    async TDT(data) {
-        const classTypeMap = {
-            '[object Array]': 'Array',
-            '[object Uint8Array]': 'Uint8Array',
-            '[object Uint16Array]': 'Uint16Array',
-            '[object Uint32Array]': 'Uint32Array',
-            '[object BigInt64Array]': 'BigInt64Array',
-            '[object BigUint64Array]': 'BigUint64Array',
-            '[object Float32Array]': 'Float32Array',
-            '[object Float64Array]': 'Float64Array',
-            '[object Map]': 'Map',
-            '[object Set]': 'Set',
-            '[object Date]': 'Date',
-            '[object RegExp]': 'RegExp',
-            '[object Error]': 'Error'
-        };
-        const objectType = Object.prototype.toString.call(data);
-        const mappedType = classTypeMap[objectType];
-        return mappedType;
-    }
-    async isNumArr(dataType) {
-        if(dataType === 'Uint8Array' || dataType === 'Uint16Array' || dataType === 'Uint32Array' || dataType === 'BigInt64Array' || dataType === 'BigUint64Array' || dataType === 'Float32Array' || dataType === 'Float64Array'){
-            return true;
-        }
-    }
-    async isSWM(dataType) {
-        if(dataType === 'Map' || dataType === 'Set' || dataType === 'WeakMap' || dataType === 'WeakSet'){
-            return true;
-        }
-    }
-    async isDRE(dataType) {
-        if(dataType === 'Date' || dataType === 'RegExp' || dataType === 'Error'){
-            return true;
-        }
-    }
-    async CITS(data) {
-        const dataType = typeof data;
-        if (dataType === 'string' || dataType === 'number' || dataType === 'boolean') {
-            return [data.toString(), dataType];
-        }
-        if(typeof data === 'object'){
-            const type = await this.TDT(data)
-            if(type === 'Array'){
-                return [JSON.stringify(data),'Array'];
-            }
-            if(await this.isNumArr(type)){
-                return [JSON.stringify(Array.from(data)),type];
-            }
-            if(await this.isSWM(type)){
-                return [JSON.stringify([...data]),type];
-            }
-            if(await this.isDRE(type)){
-                return [data.toString(),type];
-            }
-            return [JSON.stringify(data), typeof data];
-        }
-    }
-    async CSTI(data,type) {
-        if(type === 'string') {
-            return data
-        }
-        if(type === 'number'){
-            return parseFloat(data);
-        }
-        if(type === 'boolean'){
-            return (data === 'true')&&(data !== 'false');
-        }
-        if(type === 'object' || type === 'Array'){
-            return JSON.parse(data);
-        }
-        if(type === 'Uint8Array'){
-            return new Uint8Array(JSON.parse(data));
-        }
-        if(type === 'Uint16Array'){
-            return new Uint16Array(JSON.parse(data));
-        }
-        if(type === 'Uint32Array'){
-            return new Uint32Array(JSON.parse(data));
-        }
-        if(type === 'BigInt64Array'){
-            return new BigInt64Array(JSON.parse(data));
-        }
-        if(type === 'BigUint64Array'){
-            return new BigUint64Array(JSON.parse(data));
-        }
-        if(type === 'Float32Array'){
-            return new Float32Array(JSON.parse(data));
-        }
-        if(type === 'Float64Array'){
-            return new Float64Array(JSON.parse(data));
-        }
-        if(type === 'Map'){
-            return new Map(JSON.parse(data));
-        }
-        if(type === 'Set'){
-            return new Set(JSON.parse(data));
-        }
-        if(type === 'WeakMap'){
-            return new WeakMap(JSON.parse(data));
-        }
-        if(type === 'WeakSet'){
-            return new WeakSet(JSON.parse(data));
-        }
-        if(type === 'Date'){
-            return new Date(data);
-        }
-        if(type === 'RegExp'){
-            return new RegExp(data);
-        }
-        if(type === 'Error'){
-            return new Error(data);
-        }
-    }
-}
-module.exports = {
-    SPD,
-};

package/readme.md DELETED Viewed

@@ -1,137 +0,0 @@
-# Secure Packaged Data (SPD)
-The Secure Packaged Data (SPD) module provides functionality to securely store and retrieve data using encryption, compression, and hashing. This README explains how to use the SPD class and its methods.
-## Installation
-First, ensure you have Node.js installed. Then, install the required packages:
-```sh
-npm install spd-lib
-```
-## Usage
-Below are the primary functionalities of the SPD class.
-### Initialization
-Create an instance of the SPD class:
-```javascript
-const { SPD } = require('spd-lib');
-const spd = new SPD();
-```
-### Setting Passcode
-Set a passcode for encrypting the data:
-```javascript
-await spd.setPassKey('your-passcode');
-```
-### Adding Data
-Add data to the SPD instance:
-```javascript
-await spd.addData('dataName', yourData);
-```
-### Saving Data to File
-Save the encrypted and compressed data to a file:
-```javascript
-spd.saveToFile('path/to/output.spd');
-```
-### Loading Data from File
-Load the data from an SPD file:
-```javascript
-const loadedSPD = await SPD.loadFromFile('path/to/output.spd', 'your-passcode');
-```
-### Extracting Data
-Extract and decrypt the data from the SPD instance:
-```javascript
-const extractedData = await loadedSPD.extractData();
-console.log(extractedData);
-```
-## Example
-Here is a complete example of how to use the SPD module:
-```javascript
-const { SPD } = require('./path/to/spd.js');
-(async () => {
-    const spd = new SPD();
-    await spd.setPassKey('your-passcode');
-    const myData = {
-        name: "Alice",
-        age: 30,
-        isMember: true,
-        preferences: ["reading", "gaming"]
-    };
-    await spd.addData('userData', myData);
-    spd.saveToFile('path/to/output.spd');
-    const loadedSPD = await SPD.loadFromFile('path/to/output.spd', 'your-passcode');
-    const extractedData = await loadedSPD.extractData();
-    console.log(extractedData);
-})();
-```
-## Methods
-### `async setPassKey(passcode)`
-Sets the passcode for encrypting and decrypting data.
-- **Parameters**: `passcode` (string) - The passcode to be used.
-### `async addData(name, data)`
-Adds data to the SPD instance.
-- **Parameters**:
-  - `name` (string) - The name of the data.
-  - `data` (any) - The data to be stored.
-### `saveToFile(outputPath)`
-Saves the encrypted and compressed data to a file.
-- **Parameters**: `outputPath` (string) - The path to save the file.
-### `static async loadFromFile(spdPath, passcode)`
-Loads the SPD data from a file.
-- **Parameters**:
-  - `spdPath` (string) - The path to the SPD file.
-  - `passcode` (string) - The passcode to decrypt the data.
-- **Returns**: An instance of SPD with the loaded data.
-### `async extractData()`
-Extracts and decrypts the data from the SPD instance.
-- **Returns**: An object with the decrypted data.
-## License
-This project is licensed under the MIT License.